[c-nsp] HSRP and routing asymmetry

Michael Jager mj at 204.net.nz
Thu Nov 20 17:35:05 EST 2008 

Hi all,

I'm in the process of building a data-centre aggregation layer using a 
pair of 6500s with a single Sup32 in each. I intend to run HSRP for 
customer VLANs south of the agg pair, and announce the data-centre 
prefixes into our iBGP towards the core (which are also 
route-reflectors). A picture is worth a thousand words and all that, so 
ASCII art time:

                         +--------------------+
                         |  to core (each agg |
                        /|   box connects to  |\     announce data-centre
                       / |   both core boxes  | \    prefixes from agg to
                      /  +--------------------+  \           core
                     /  /                      \  \           ^
                    /  /                        \  \          |
                  +------+                    +------+        |
Layer 3          |      |                    |      |        |
- - - - - - - - -| agg1 | - - - - - - - - - -| agg2 | - - - - - - - - -
Layer 2          |      |....etherchannel....|      |
                  +------+  <---- HSRP ---->  +------+
                          \                  /
                           \                /
			   +--------------+
                            | to L2 access |
                            |   switches   |
                            +--------------+

To keep things simple, let's assume that I'm using 10.1.1.0/24 and 
10.1.2.0/24 as data-centre prefixes, agg1 is the HSRP active router for 
10.1.1.254, and the HSRP standby router for 10.1.2.254, and agg2 is the 
HSRP standby router for 10.1.1.254, and the HSRP active router for 
10.1.2.254.

I need to inject both 10.1.1.0/24 and 10.1.2.0/24 into my iBGP. At 
steady state, agg1 will forward packets from 10.1.1.0/24 into the core, 
and agg2 will forward packets from 10.1.2.0/24 into the core.

To simplify troubleshooting, I'd like traffic flow between the access 
layer and the core to be as symmetric as possible. So, at steady state, 
the core will forward packets to 10.1.1.0/24 via agg1, and packet to 
10.1.2.0/24 via agg2.

However, the purpose of HSRP is obviously to take care of things at 
other-than steady state! This is where I'm running into trouble. I 
either need to:

1. announce both prefixes into the core from both agg devices, and have 
the core prefer the announcement from the agg device that is currently 
the HSRP active router for a given prefix, or:

2. announce the prefix only from the agg device that is currently the 
HSRP active router for that prefix.

The latter option seems easy enough to do with conditional 
announcements, but that will track a route received from somewhere else 
(presumably the core). I could announce a dummy prefix from one agg 
device to the other; but I'd really like to inextricably link the 
announcement to the HSRP state somehow.

This seems like it should be a not-uncommon scenario. I've scoured a 
couple of Cisco documents - the Data Center Infrastructure Design Guide 
looked promising, but its solution was to get a CSM to inject static 
routes into the MSFC, and then redistribute those routes into the IGP. 
This seems overkill (seems a bit of a waste of a CSM), and I'd like to 
avoid this option if at all possible.

The other option I can see is to just not care about asymmetry from the 
core to the aggregation layer - but I'd also like to avoid this. Has 
anyone come across this before, and found a solution (or not!) similar 
to what I've described?

-Mike

More information about the cisco-nsp mailing list