[c-nsp] FHRP's and STP

Phil Mayers p.mayers at imperial.ac.uk
Tue Nov 18 10:52:35 EST 2008 

Tim Durack wrote:
> That's an interesting idea - tying FHRP state to STP state. Would reduce
> config complexity, as FHRP would "inherit" state from STP, and could reduce
> FHRP load (which I'm most interested in.)

Variations on the STP/FHRP problem have been discussed a number of times 
on this list.

It ought to be reasonably trivial to make FHRP follow STP - make the 
standby group follow a numbered track object:

track 10 stub-object
int VlanXX
   standby prio [100 for slave | 101 for master]
   standby track 10 10
   standby preempt

...the write a pretty simple EEM applet triggered on the relevant STP 
syslog messages, to parse the root/not-root status from:

sh spanning-tree vlan XX summary | inc ^Root

...and down/up the stub track object.

The problem is that STP is a deeply sub-optimal solution to many of the 
cases where this matters.

Other vendors (Extreme, Foundry) have other proprietary protocols (ESRP, 
FSRP) which use ethernet-level hellos to put an entire SVI into a 
forwarding (master) or non-forwarding (slave) status, at both layer2 and 
layer3. These are arguably "easier" to use for these cases.

That kind of protocol is basically impossible to emulate on a Cisco 
platform - it really does require some way of shutting down layer2 
forwarding.

> 
> Cisco have introduced HSRP group follow:
> 
> int g1/1.10
>  encapsulation dot1q 10
>  ...
>  standby 10 name VLAN10
>  ...
> int g1/1.20
>  encapsulation dot1q 20
>  ...
>  standby 20 name VLAN20
>  standby 20 follow VLAN10
> end
> 
> Not what you are asking for, but potentially useful. Unfortunately it
> doesn't seem to work on VLAN interfaces on a 6500.

Yeah:

core-spare(config)#int vl2
core-spare(config-if)#standby name foo
core-spare(config)#int vl3
core-spare(config-if)#standby follow foo
% Warning: Named group "foo" is on a different major interface.

"Different major interface" - well, duh, it's a switch.

The follow groups would be useful, especially for those of us wanting to 
run fast hellos on many similar interfaces, but it looks like BFD all 
over again... "SVIs? Who uses *those* on a 6500!?!"

More information about the cisco-nsp mailing list