Michael Jager wrote:
To simplify troubleshooting, I'd like traffic flow between the access
layer and the core to be as symmetric as possible. So, at steady state,
the core will forward packets to 10.1.1.0/24 via agg1, and packet to
10.1.2.0/24 via agg2.
You can achieve this to a limited degree, but I'd think very carefully -
is the minimal gain worth the hassle?
We run a similar topology, and we just ignore it - let the traffic
return via either path.
However, the purpose of HSRP is obviously to take care of things at
other-than steady state! This is where I'm running into trouble. I
either need to:
1. announce both prefixes into the core from both agg devices, and have
the core prefer the announcement from the agg device that is currently
the HSRP active router for a given prefix, or:
2. announce the prefix only from the agg device that is currently the
HSRP active router for that prefix.
The latter option seems easy enough to do with conditional
announcements, but that will track a route received from somewhere else
(presumably the core). I could announce a dummy prefix from one agg
device to the other; but I'd really like to inextricably link the
announcement to the HSRP state somehow.
You'd need to use something like an EEM applet; have the applet run when
HSRP state changes (syslog match probably) and have it modify a prefix
list (referenced from a route-map) and then run "clear ip bgp * out"
This seems like it should be a not-uncommon scenario. I've scoured a
It's very common. Most people either ignore it, or statically set route
costs (since the HSRP active will, normally, be in the same place)
couple of Cisco documents - the Data Center Infrastructure Design Guide
looked promising, but its solution was to get a CSM to inject static
routes into the MSFC, and then redistribute those routes into the IGP.
This seems overkill (seems a bit of a waste of a CSM), and I'd like to
avoid this option if at all possible.
The other option I can see is to just not care about asymmetry from the
I would advise that personally. The symmetry is nice to have but there
are all kinds of failure modes involved in tweaking the advertisements.
The most obvious - if the link from agg1->core goes down.
Also, bear in mind that if *any* traffic hits agg2, it *will* be routed
out via agg2 because the local "connected" route always wins - for
example if a client on 10.1.2.0/24 talks to a server on 10.1.1.0/24 the
path will be:
client
into agg2
out of agg2
server
into agg1
out of agg1
client
core to the aggregation layer - but I'd also like to avoid this. Has
anyone come across this before, and found a solution (or not!) similar
to what I've described?
Buy an Extreme or Foundry and use ERSP or FSRP ;o)
Seriously - HSRP can't really do this. You can force it to "sort of" do
it, but there are non-obvious failure modes to most of the solutions.
Cisco could solve the problem for us with just a little work by
providing an option to remove the local connected route on HSRP slaves.
_______________________________________________
cisco-nsp mailing list cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
