[c-nsp] doing HSRP on a 3550 with out it being a ip hog?

Marko Milivojevic markom at pangalactic.net
Tue Oct 12 07:47:48 EDT 2004 

    OK, granted, I had some time and a persuasive friend wanting me to test 
this :-). This is just preliminary test, I have to run one more afterwards 
(it's lunch time and I have to find 3rd unused switch).

    I have arranged the following lab setup:

    [3750]{ge1/0/1}---{ge1/0/1}[3750]
       |{ge1/0/2}...Vlan1
       |
       |{fa0}
    [1721]

    In words, I have two 3750's, connected to each other with interfaces in 
Vlan1. There is also small 1721 router connected to the Vlan1, via one of 
the switches (ideally, this should be 3rd switch connected to both of 
distribution switches).

    The configurations are below:


3750 - Left:
------------
ip routing
interface GigabitEthernet1/0/1
 switchport mode access
 switchport nonegotiate
end
interface GigabitEthernet1/0/2
 switchport mode access
 switchport nonegotiate
end
interface Vlan1
 ip address 10.0.0.1 255.255.255.0
 standby ip 192.168.1.1
end
ip route 192.168.1.0 255.255.255.0 Vlan1 !!! <-- this is *crucial*

3750 - Right:
-------------
ip routing
interface GigabitEthernet1/0/1
 switchport mode access
 switchport nonegotiate
end
interface Vlan1
 ip address 10.0.0.2 255.255.255.0
 standby ip 192.168.1.1
end
ip route 192.168.1.0 255.255.255.0 Vlan1 !!! <-- this is *crucial*


1721:
-----
interface FastEthernet0
 ip address 192.168.1.2 255.255.255.0
 speed auto
end
ip route 0.0.0.0 0.0.0.0 192.168.1.1


    And now some basic tests:

1721#ping 10.0.0.1

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.0.0.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/4 ms
1721#ping 10.0.0.2

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.0.0.2, timeout is 2 seconds:
.!!!!
Success rate is 80 percent (4/5), round-trip min/avg/max = 1/1/4 ms
1721#ping 192.168.1.1

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.1.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/4 ms


Left#sh standby
Vlan1 - Group 0
  Local state is Active, priority 100
  Hellotime 3 sec, holdtime 10 sec
  Next hello sent in 1.878
  Virtual IP address is 192.168.1.1 configured
  Active router is local
  Standby router is 10.0.0.2 expires in 8.071 ! <--- We can see the HSRP 
working here
  Virtual mac address is 0000.0c07.ac00
  5 state changes, last state change 00:25:56
  IP redundancy name is "hsrp-Vl1-0" (default)


    It seems to me it works. So, you can use private IP's as real addresses 
in HSRP setup. Only thing you have to have is that static route pointing to 
the interface. Theoretically, you will have some performance impact (in 
regard to ARP lookups) when you point the route to the broadcast interface 
like that, but I believe that's minimal for smaller subnets.


Marko. // off for lunch :-)

----- Original Message ----- 
From: <MailingLists at unix-scripts.com>
To: <cisco-nsp at puck.nether.net>
Sent: Tuesday, October 12, 2004 4:27 AM
Subject: [c-nsp] doing HSRP on a 3550 with out it being a ip hog?


> Before I begin let me warn you that I'm semi new to this stuff, especially
> any thing other than a flat network so let me know if I'm out in left 
> field.
>
> A few months back I bought a 3550-24-EI and a few 2950-48-EI and planned 
> to
> segregate our customers to there own vlan and subnets.  What I have setup
> right now in a test network is VTP domain on the 3550, 2950 VTP client, 
> 3550
> trunks to the 2950's.  I create each customer there own vlan, and assign
> their subnet to it.  I then assign there vlan to there switch port on the
> 2950's.
>
> I quickly realized that if our main 3550 ever took a dump I would not have 
> a
> switch capable to handling our current configuration.  I decided to buy
> another 3550 and the plan was to run HSRP.  Now I have the second 3550 but
> after talking to some guys in the Cisco channels I was told that I would
> have to give each vlan 2 more ips totaling in 5 ips used for each customer
> just to begin with (switchA ip, switchB ip, Virtual ip, network, 
> broadcast)
> and that doesn't count any usable ips on for there machine(s).  Using that
> many ips seams like a waste considering most of our customers only have a
> need for a small amount of ips.  I'm looking for suggestions now on if 
> there
> is another way for me to have redundancy but also to not have to give a
> customer 2 extra ips (with out manually swapping the switch..)
>
> So, is there any other way for me to implement redundancy with this
> equipment?  Thanks in Advance!

More information about the cisco-nsp mailing list