[c-nsp] HSRP and Standby router

Peter Rathlev peter at rathlev.dk
Wed Jun 10 07:26:31 EDT 2009 

On Wed, 2009-06-10 at 11:30 +0300, Ibrahim Abo Zaid wrote:
> I was studying some HSRP senario which is little bit different than
> what used to work on , we have 2 routers connected with access ports
> to internal box which has 2 direct physical layer-2 links to both
> routers and HSRP is running between VLAN SVIs on both routers across
> L2 ether-channel between them
> 
> if physical link to active router fail , the client will ARP stanby
> router for MAC of HSRP group IP , my question here is stanby router
> will answer ARP requests while it still detect that active router is
> still alive from HSRP over etherchannel between them ? and if yes ,
> what MAC address it will answer with ? the active router owns group
> vmac address so if standby reply it will reply with bia address and
> L2-switch the traffic to active router ?

Assuming that the routers bridge the access connection and the
connection between them, thus forming a triangular bridge domain, then
if only one physical access link fails and the connection between the
routers is still active the HSRP role will not move between the two
routers. As long as they can see each other somehow the HSRP is stable.

This is effectively a ring topology where any one link may fail without
impacting the forwarding ability. The spanning tree might need to be
recalculated, so it might introduce a short-ish pause.

Traffic from access towards the HSRP standby IP might be switched
through the inactive HSRP member, and this might not be the most
effective way of switching, maybe introducing congestion, but traffic
would still end up in the right place.

OTOH if the two routers lose L2 contact they will both go active.
(Though if the router has no active ports in the VLAN the SVI should go
"line protocol down" and not try to participate in HSRP.) You can expect
loss of connectivity towards the gateway for a full HSRP hold-time
interval, default 10 seconds. AFAIK the standby HSRP unit will not
answer ARP queries in this period.

ARP entries need not be updated since the MAC address of the standby IP
address stays the same.

A topology change notification, sent out when there are changes in the
physical topology, will flush all MAC address tables, helping this part
of the convergence.

I may not have understood your question completely though. :-)

-- 
Peter Rathlev

More information about the cisco-nsp mailing list