[c-nsp] Rate limiting questions
Phil Mayers
p.mayers at imperial.ac.uk
Sat Oct 27 09:55:38 EDT 2007
On Fri, 2007-10-26 at 14:37 -0700, Ian Cox wrote:
> At 08:33 PM 10/26/2007 +0100, Phil Mayers wrote:
> >On Fri, 2007-10-26 at 13:08 -0500, Justin Shore wrote:
> > > Phil Mayers wrote:
> > > >> Is there a HSRP option to tell the standby router to only route traffic
> > > >> when it's active? VRRP and GLBP would have the same problem I imagine.
> > > >
>
> What exactly do you mean by not route traffic? HSRP on the standby
Return path traffic.
Basically, the HSRP standby still has a connected route, which it will
export via it's routing protocol (if configured) to neighbours, and even
if you suppress the export the box itself will route packets via the
connected route. Take for example the following topology:
borderA ---- gigE ---- borderB
| |
gigE gigE
| |
routerA ---- gigE ---- routerB
| |
hsrp master hsrp standby
gigE 100meg
| |
...it is desirable for routerB to both
a. not export the route, and
b. not pass packets via the 100meg standby link
There are lots of other topologies where forcing the out/return traffic
paths to be symmetric is desirable. Stateful firewalls is one that
springs to mind.
More information about the cisco-nsp
mailing list