[c-nsp] Rate limiting questions

Tassos Chatzithomaoglou achatz at forthnet.gr
Sat Oct 27 11:02:19 EDT 2007 

One ugly way to do it would be to create an eem applet on both routers which would do the following:

1) watch for syslog messages "STANDBY ....Active->xxx" and then "decrease" the metric of these 
redistributed connected routes through configuring the local router
2) watch for syslog messages "STANDBY ....xxx->Active" and then "increase" the metric of these 
redistributed connected routes through configuring the local router

I guess if eem can watch the hsrp state, it would be even easier.

Of course if you have a lot of hsrp groups, that is going to be a long config, but it might do the job.


One nice way (if your network design allows it) is to track (through hsrp) the upstream 
interface/connection of the hsrp primary router and if it loses connectivity (you can use ip sla/rtr 
to check non-direct connectivity), then switch over to the standby hsrp router, which should always 
announce the same networks as the primary router, but using a smaller metric.

I personally use such a design and it works very well, especially after tuning the ospf timers.


--
Tassos


Phil Mayers wrote on 27/10/2007 4:55 μμ:
> On Fri, 2007-10-26 at 14:37 -0700, Ian Cox wrote:
>> At 08:33 PM 10/26/2007 +0100, Phil Mayers wrote:
>>> On Fri, 2007-10-26 at 13:08 -0500, Justin Shore wrote:
>>>> Phil Mayers wrote:
>>>>>> Is there a HSRP option to tell the standby router to only route traffic
>>>>>> when it's active?  VRRP and GLBP would have the same problem I imagine.
>> What exactly do you mean by not route traffic? HSRP on the standby 
> 
> Return path traffic.
> 
> Basically, the HSRP standby still has a connected route, which it will
> export via it's routing protocol (if configured) to neighbours, and even
> if you suppress the export the box itself will route packets via the
> connected route. Take for example the following topology:
> 
> 
> borderA ---- gigE ---- borderB
>    |                      |
>  gigE                   gigE
>    |                      |
> routerA ---- gigE ---- routerB
>    |                      |
> hsrp master          hsrp standby
>  gigE                   100meg
>    |                      |
> 
> ...it is desirable for routerB to both 
> 
>  a. not export the route, and
>  b. not pass packets via the 100meg standby link
> 
> There are lots of other topologies where forcing the out/return traffic
> paths to be symmetric is desirable. Stateful firewalls is one that
> springs to mind.
> 
> 
> 
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>

More information about the cisco-nsp mailing list