LAN Switching Layer 3 Redundancy Protocols

HSRP

Hot Standby Routing Protocol, or HSRP, is a Cisco proprietary redundancy routing protocol. It’s typically used in the distribution layer of a LAN. It works is by having two or more layer three devices that communicate with each other via multicast address 224.0.0.2 to UDP port 1985. In a typical configuration there will be a active router and a standby router. Each router has it’s own physical IP Address and they share a virtual IP Address, which hosts on the LAN use as their default gateway. If the standby router detects that the active router is unavailable, then it will assume the active router role by assigning itself the virtual IP Address. There can only be a single active router in an HSRP group, but there can be multiple standby routers.

HSRP has an election process to determine which router is used as the active router. The router configured with the highest HSRP priority is determined to be the active router. In the event of multiple routers with identical priorities, then the router with the highest IP Address wins the active router election.

The preempt option in HSRP enables a router to resume the forwarding router role.

The hello default is 3 seconds and the hold time default is 10 seconds. When changing the default hello and hold times, the hold time would be at least three times the value of the hello timer.

HSRP is defined by RFC 2281.

Active Router Interface Config

Active Router show output

Standby Router Interface Config

Standby Router show output

Output from sh ip arp

In some instances, your routers participating in an HSRP group connect to different devices on their uplinks. If HSRP doesn’t have any method of tracking when there is an uplink failure, then HSRP doesn’t do a very good job of maintaining an active connection to external resources. In those cases, you should implement interface tracking in HSRP. This is done using the “standby 1 track

” command on the HSRP interface.

The “

” is the interface on your router that you want HSRP to monitor it’s status. This interface would connect to the upstream device and probably isn’t participating in HSRP directly. It’s important to want to track the status of the interface so that HSRP can fail over to the other router in the event of a uplink failure.

The “

” is how much HSRP should automatically decrement it’s priority to make the interface go into standby. This value should lower the value enough to no longer be the highest priority in the HSRP group.

Here is the debug output from the standby router going into active mode, as the primary active router becomes unavailable (via the “shut” command on the interface) and then becomes the standby router again.

VRRP

Virtual Routing Redundancy Protocol, or VRRP, serves the same purpose as HSRP, with many of the same features, but is an IEEE standard.

VRRP is defined by RFC 2338.

Master VRRP Router Interface Config

Master VRRP Router sh output

Backup VRRP Router Interface config

Backup VRRP Router sh output

Here is the output of the backup vrrp router turning into a master and then backup again.

It doesn’t appear that VRRP has the ability to perform interface tracking, but could be an option to use in multi-vendor networks.

GLBP

Gateway Load Balancing Protocol, or GLBP, is another Cisco proprietary protocol. It was created with the idea of better utilizing the network resources while still performing the same functionality as HSSRP and VRRP. GLBP performs automatic selection and simultaneous use of multiple available gateways as well as automatic failover in the event of a failure. With HSRP and VRRP, the load balancing and attempt to fully utilize available network resources is a manual process and be burdensome on the network administrator.

GLBP communicates via multicast address 224.0.0.102 to UDP 3222.

Active Router Interface Config

Active Router sh output

Active Router sh ip arp output

Standby Router Interface Config

Standby Router sh output

Standby Router sh ip arp output

Here is the output from a debug from the standby router. As you can see GLBP load balances by continuously moving the virutal IP Address from one router to the other. You can also see where the standby router becomes active in a failure, then becomes standby again.

August 8, 2010

Posted In: CCNP Study Notes, GLBP, High Availability, HSRP, LAN Switching, Layer 3 Switching, VRRP

Virtual LAN’s and Trunks

Virtual LAN, also known as VLAN, is exactly as it sounds. It’s a method of having several virtual LAN’s on a single switch or even on an enterprise campus LAN. It’s completely driven by software and is strictly layer 2. Just as physical LAN’s, you can connect VLAN’s together with layer 3 devices, either routers or switches capable of providing layer three services.

A switch port can operate in three modes. Those modes are access, trunk and hybrid.

An access port is typically how ports are setup that connect to workstations, printers, etc. They can only be apart of a single vlan, with one exception. Hosts connected to access ports are oblivious to what vlan that they are on. Hosts can communicate with other hosts on the same vlan, but are not able to communicate with hosts on other vlan’s with out passing through a layer three device, such as a router.

Now the one exception to an access port only being able to pass traffic for a single vlan is when an access port is configured with a voice vlan, as well as a data vlan. In this configuration an IP phone is plugged into the switch port and the PC is plugged into the phone. The switch port then puts voice traffic on one vlan and data on another vlan. This allows for better security as well as quality of service for the voice traffic.

Trunk ports generally are the connections between switches. They allow switches to pass multiple vlan’s through them to other switches. That way you can have multiple vlan’s that span many switches within a enterprise LAN. Trunks can also connect switches to routers, known as router on a stick. This allows a router to connect to multiple vlan’s to route traffic through a single connection. Beware though, using a router on a stick configuration can significantly hinder your network performance as it will be the bottleneck of the network. The only instance where a router on a stick gains much use is for low traffic, small branch sites. Nowadays, layer 3 switches are used to route traffic internally on an enterprise.

There are a few different trunking protocols. In the Ethernet world, there are two methods; ISL and 802.1q. ISL stands for Inter-Switch Link and is a Cisco proprietary trunking protocol.

ISL:

  • Only carries 1000 VLANs
  • Encapsulates the frame, which add overhead
  • Must be point-to-point
  • does not have a separate QoS field

Since ISL encapsulates the entire frame it can support other protocols besides Ethernet. It can support Token Ring, FDDI, and ATM.

802.1q is an open standard trunking protocol. Since it’s open, it can be used with multiple vendors. Rather than encapsulating the entire frame, 802.1q adds a tag to the existing Ethernet header. 802.1q had a priority field for better QoS support and has a rich protocol support. It can support:

  • Ethernet
  • Token Ring
  • 4095 VLANs
  • Common Spanning Tree
  • Multiple Spanning Tree
  • Rapid Spanning Tree

The native vlan is not tagged on the trunk.

Command Sets:

Interface Configuration mode:

August 4, 2010

Posted In: CCNA Study Notes, CCNP Study Notes, LAN Switching, VLAN, VLAN Trunking