Priscilla Oppenheimer wrote: > > Daniel Cotts wrote: > > > > standby track (interface) might do the trick. > > http://www.cisco.com/warp/public/619/6.html > > I've never seen HSRP on both sides of a router. Maybe each > side > > could track > > the ethernet interface on the other side. If the far side goes > > down then the > > monitoring side decrements its priority and allows the other > > router to take > > over. > > That doesn't help the traffic coming back, though, which could > still be using the router whose cable was pulled.
Never mind. My comment didn't make sense. I think it could work. It's worth a try anyway. Though a different design might be the real answer! :-) Priscilla > > Priscilla > > > > > > > -----Original Message----- > > > From: Priscilla Oppenheimer [mailto:[EMAIL PROTECTED] > > > Sent: Thursday, March 06, 2003 6:52 PM > > > To: [EMAIL PROTECTED] > > > Subject: Re: it started out as a really good idea ... > > [7:64638] > > > > > > > > > Larry Letterman wrote: > > > > > > > > that was my answer as well...the broken connection will > > black > > > > hole the path on > > > > one side or the other... > > > > > > > > Larry Letterman > > > > Network Engineer > > > > Cisco Systems > > > > > > Whew! I wasn't losing it. :-) > > > > > > For this to work, you would need a way to tell Router 1 (as > > > well as Router > > > 2), "if my E0 interface goes down, make sure I'm not the > > > default gateway on > > > my E1 interface." (And vice versa.) > > > > > > Maybe you can do that with HSRP? I don't know how though. > > > > > > HSRP does have an advanced feature to avoid LAN users using > a > > default > > > gateway that has lost its access to the "rest of the > network" > > > on its other > > > interface. I can't remember how to do that, but it's > > > supported somehow, from > > > what I understand. But I don't think that helps. It's not > the > > > same as no > > > longer being the default gateway for the LAN that reaches > the > > > "rest of the > > > network" because you're no longer the default gateway on > the > > > local LAN. > > > > > > Sorry if that's convoluted. I can't think of a better way > of > > > saying it! ;-) > > > > > > I think a routing protocol solves the problem too, but there > > are some > > > gotchas. > > > > > > Assuming I understand his topology correctly, with a > > > distance-vector routing > > > protocol, Router 2 would not send via its E0 interface a > > > route that tells > > > Router 1 that Router 2 can get to network 10.3.0.0, due to > > > split horizon. > > > That's fine. > > > > > > However, Router 2 would tell Router 1 this information via > > > its E1 interface. > > > > > > When there's no problem, Router 1 would ingore this > > > information because > > > Router 1 can get to network 10.3.0.0 directly already. > > > > > > Now Router 1's E0 goes down. After the route comes out of > > > holdown (could be > > > a long time for some routing protocols) Router 1 will > accept > > > Router 2's > > > offer to send to network 10.3.0.0. > > > > > > Now, it gets a little hairy..... > > > > > > Packet comes in on Router 1's E1 interface destinated to > > > 10.3.x.x. (That's > > > the ping reply from PC 2 to PC1.) Router 1 should send the > > > packet back out > > > E1 and let Router 2 pick it up. Router 1 may send an ICMP > > > redirect too, > > > which would avoid the extra hop in the future, except that > > > ICMP redirects > > > are often disabled with HSRP. > > > > > > I think that would work? It's not too pretty, but that's > OK, > > > he said it was > > > a lab network. :-) > > > > > > I think the general-purpose answer is that the original > > > poster did sort of > > > misunderstand HSRP's purpose. In a hierarchical network > > > design, you probably > > > wouldn't have a router that was a default gateway on both > > sides of it. > > > > > > Instead, you might have two routers on a LAN acting > together > > > (with HSRP) as > > > the default gateway. Both these routers can also get out to > > > the rest of the > > > network, for example the rest of the enterprise network or > > > the Internet, so > > > it doesn't matter which one gets used. > > > > > > Priscilla > > > > > > > > > > > > > > > ----- Original Message ----- > > > > From: Priscilla Oppenheimer > > > > To: [EMAIL PROTECTED] > > > > Sent: Thursday, March 06, 2003 3:23 PM > > > > Subject: Re: it started out as a really good idea ... > > > > [7:64638] > > > > > > > > > > > > Um, he already has both the E0s in the same subnet and > > both > > > > the E1s in the > > > > same subnet, according to his config. > > > > > > > > His drawing is confusing but I think he's got PC1 and > both > > > > E0s in subnet > > > > 10.3.0.0/16, say on a hub or a switch. > > > > > > > > He's got PC2 and both E1s in subnet 10.4.0.0, on another > > hub > > > > or switch. > > > > > > > > If the problem isn't related to misconfiguration of the > > > > default gateway on > > > > the PCs, I do have another theory. :-) > > > > > > > > Say he pulls the E0 cable on Router 1. No problem, PC1 > > will > > > > start using > > > > Router2. > > > > > > > > Then he pings from PC1 to PC2. The ping will probably > get > > > > there but what > > > > about the reply coming back? > > > > > > > > What happens if PC2 is using Router 1 and Router 1 has > no > > way > > > > to send PC2's > > > > packet from itself to Router 2 due to the missing cable, > > not > > > > to mention > > > > lack > > > > of any routing protocol configured. > > > > > > > > Think about it! :-) > > > > > > > > Priscilla > > > > > > > > The Long and Winding Road wrote: > > > > > > > > > > ""garrett allen"" wrote in message > > > > > news:[EMAIL PROTECTED] > > > > > > i have a need for a high availability solution for a > > > > default > > > > > gateway > > > > > > configuration. just finished the ccdp and thought > it > > > > might be > > > > > > interesting to try hsrp on a pair of 2514's. put > > some of > > > > > that theory > > > > > > to work. instead of highly resiliant i've managed > to > > > > > configure it for > > > > > > mass failure. arg.., not exactly what i had in > mind. > > > > now, > > > > > any time i > > > > > > take down 1 of the 4 links, the connect between 2 > > remote > > > > > hosts dies. > > > > > > this is in a lab (production is not a lab, > production > > is > > > > not > > > > > a lab...) > > > > > > so it is a mystery i would like to solve, but it is > > not > > > > > critical. > > > > > > > > > > > > here is the basic config (hope it makes it): > > > > > > > > > > > > pc host 1 -----+----- e0 router 1, e1 > > ----+--------- pc > > > > > host 2 > > > > > > | | > > > > > > |----- e0 router 2, e1 ----| > > > > > > > > > > > > the routers act as a default gateway between the > > internal > > > > > network > > > > > > (represented by pc host 1) and the external world > > > > > (represented by pc > > > > > > host 2). i have used 10.3 and 10.4 /16 as the > > addresses > > > > for > > > > > each side > > > > > > of the divide. i want to run hsrp on both sets of > > router > > > > > interfaces so > > > > > > that in the event a router or an interface fails, > the > > > > traffic > > > > > impact is > > > > > > minimized. in the real world pc host 2 will be a > > firewall > > > > > and there > > > > > > will be other hosts off that segment as well > > > > > > > > > > > > looks easy. sounds plausible. read the cisco > docs. > > > > looks > > > > > like it > > > > > > should work. minimal incantations before tickling > the > > > > > keyboard. key > > > > > > in the configs and it fires up nicely. do the show > > standby > > > > > thingee and > > > > > > all looks cool. can ping the 2 stations end to > end. > > most > > > > > excellent. > > > > > > put a router in debug mode. when i pull one of the > 4 > > > > router > > > > > cables the > > > > > > router goes through a state change but no bits make > > it to > > > > the > > > > > far end. > > > > > > not even the shiney ones. bitstream courtesy of > ping. > > > > > > > > > > > > maybe i misunderstood what hsrp was suppose to do. > > the > > > > > configs are > > > > > > below, along with the show standby results. both > are > > > > 2514's > > > > > (2 aui's) > > > > > > and both are running 12.2(1d). probably forgot to > > put the > > > > > interface in > > > > > > mumble mode or something equally easy. no laughter, > > > > please. > > > > > > > > > > > > > > > HSRP assumes the ehternet interfaces to be on the same > > > > subnet. > > > > > your ehternet > > > > > side is on two different subnets. hence - no failover. > > > > > > > > > > to get this to work using 2514's: > > > > > > > > > > > > > > > E0----------2514_1-----------E1 > > > > > > > > > > E0----------2514_2-----------E1 > > > > > > > > > > > > > > > the e0's on the same subnet, the e1's on the same > subnet > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > thanks in advance. > > > > > > > > > > > > router 1 > > > > > > interface Ethernet0 > > > > > > ip address 10.3.255.2 255.255.0.0 > > > > > > no ip route-cache > > > > > > no ip mroute-cache > > > > > > standby 1 priority 200 preempt > > > > > > standby 1 ip 10.3.0.2 > > > > > > ! > > > > > > interface Ethernet1 > > > > > > ip address 10.4.254.2 255.255.0.0 > > > > > > no ip route-cache > > > > > > no ip mroute-cache > > > > > > standby 2 priority 200 preempt > > > > > > standby 2 ip 10.4.254.10 > > > > > > > > > > > > > > > > > > router 2 > > > > > > interface Ethernet0 > > > > > > ip address 10.3.255.1 255.255.0.0 > > > > > > no ip route-cache > > > > > > no ip mroute-cache > > > > > > standby 1 priority 225 preempt > > > > > > standby 1 ip 10.3.0.2 > > > > > > ! > > > > > > interface Ethernet1 > > > > > > ip address 10.4.254.1 255.255.0.0 > > > > > > no ip route-cache > > > > > > no ip mroute-cache > > > > > > standby 2 priority 150 preempt > > > > > > standby 2 ip 10.4.254.10 > > > > > > > > > > > > results of show standby > > > > > > Router1#show standby > > > > > > Ethernet0 - Group 1 > > > > > > Local state is Standby, priority 200, may preempt > > > > > > Hellotime 3 holdtime 10 > > > > > > Next hello sent in 00:00:00.940 > > > > > > Hot standby IP address is 10.3.0.2 configured > > > > > > Active router is 10.3.255.1 expires in 00:00:09, > > > > priority > > > > > 225 > > > > > > Standby router is local > > > > > > 20 state changes, last state change 00:22:34 > > > > > > Ethernet1 - Group 2 > > > > > > Local state is Active, priority 200, may preempt > > > > > > Hellotime 3 holdtime 10 > > > > > > Next hello sent in 00:00:01.676 > > > > > > Hot standby IP address is 10.4.254.10 configured > > > > > > Active router is local > > > > > > Standby router is 10.4.254.1 expires in 00:00:08 > > > > > > Standby virtual mac address is 0000.0c07.ac02 > > > > > > 17 state changes, last state change 00:23:26 > > > > > > Router1# > > > > > > > > > > > > Router2#show standby > > > > > > Ethernet0 - Group 1 > > > > > > Local state is Active, priority 225, may preempt > > > > > > Hellotime 3 holdtime 10 > > > > > > Next hello sent in 00:00:01.010 > > > > > > Hot standby IP address is 10.3.0.2 configured > > > > > > Active router is local > > > > > > Standby router is 10.3.255.2 expires in 00:00:09 > > > > > > Standby virtual mac address is 0000.0c07.ac01 > > > > > > 24 state changes, last state change 00:22:04 > > > > > > Ethernet1 - Group 2 > > > > > > Local state is Standby, priority 150, may preempt > > > > > > Hellotime 3 holdtime 10 > > > > > > Next hello sent in 00:00:01.272 > > > > > > Hot standby IP address is 10.4.254.10 configured > > > > > > Active router is 10.4.254.2 expires in 00:00:09, > > > > priority > > > > > 200 > > > > > > Standby router is local > > > > > > 32 state changes, last state change 00:22:25 > > > > > > Router2# > > > > > > Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=64690&t=64638 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
