Hi, On Sun, Jul 24, 2011 at 04:06:03PM -0500, Dan Letkeman wrote: > I'm working on a test configuration for hsrp between two switches > where i'm running eigrp, and I'm wondering if its best practice to > leave the added successors in the route list?
We usually run HSRP/VRRP on "customer-facing" interfaces, and consequently,
running EIGRP there is a complete no-go for us. No benefit, and interesting
attack vectors...
So we run all interfaces with "passive-interface default", and selectively
enable EIGRP on backbone interfaces (which do not have HSRP/VRRP anyway).
For different topologies, of course YMMV.
gert
--
USENET is *not* the non-clickable part of WWW!
//www.muc.de/~gert/
Gert Doering - Munich, Germany g...@greenie.muc.de
fax: +49-89-35655025 g...@net.informatik.tu-muenchen.de
pgpLmIK8j8dfx.pgp
Description: PGP signature
_______________________________________________ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
