[c-nsp] HSRP vs VRRP
Gert Doering
gert at greenie.muc.de
Tue Oct 18 17:44:50 EDT 2005
Hi,
On Tue, Oct 18, 2005 at 02:07:29PM -0400, Tim Durack wrote:
> That's why it's preferable to design things so R1 is connected to SW1 and
> SW2, same for R2.
> This will avoid partitioning the network under various failure modes.
How do you do that? Etherchannel is only going to work when going
from a router to the same switch (counting 3750 stacks as "single switch"
here, for the purpose of the argument), and BVI'ing two ethernets on
the router will usually end up in abysmal performance.
So how to connect R1 (and R2) to SW1 and SW2 into the same VLAN?
[..]
> The assymetric situation has caught us out when running urpf filtering on
> interfaces that are also running HSRP.
Yep, another thing to watch out for.
> It basically means you can't always ping the interface addresses. Only
> affects monitoring though, not transit.
Think "reflexive access lists" and/or "ip inspect"...
gert
--
USENET is *not* the non-clickable part of WWW!
//www.muc.de/~gert/
Gert Doering - Munich, Germany gert at greenie.muc.de
fax: +49-89-35655025 gert at net.informatik.tu-muenchen.de
More information about the cisco-nsp
mailing list