[c-nsp] HSRP vs VRRP
Gert Doering
gert at greenie.muc.de
Mon Oct 17 17:22:35 EDT 2005
Hi,
On Mon, Oct 17, 2005 at 09:45:06PM +0100, jean wrote:
> I haven't had good experiences with HSRP its only worked ONCE out of the
> 5 times it should have. I have been told by others that VRRP is more
> reliable. I would like to know about any experiences anyone might have
> had good or bad with HSRP and VRRP
HSRP works for us, for certain values of "work" - one of the problems
that neither HSRP nor VRRP is ever going to solve is "split switches",
like
R1 R2
| |
sw1 ------ sw2
| |
H1 H2
if the link between sw1 and sw2 breaks, both R1 and R2 assume they are
"master", but for packets coming in from "the world", only one of the
routers will be able to deliver, and that's not something you can control
via HSRP/VRRP.
Furthermore, HSRP will necessarily lead to asymmetric traffic (packets
entering the HSRP slave from "other" interfaces will always be sent to
the link, even if it knows that the traffic is asymmetric) - which might
be a problem, or might be not. I find that unelegant, something like
"if HSRP slave, make interface invisible for IP processing" (withdraw
static and connected routes) would be much nicer in the face of stateful
packet filtering, and so on.
gert
--
USENET is *not* the non-clickable part of WWW!
//www.muc.de/~gert/
Gert Doering - Munich, Germany gert at greenie.muc.de
fax: +49-89-35655025 gert at net.informatik.tu-muenchen.de
More information about the cisco-nsp
mailing list