Transcription
CHAPTER 5High AvailabilityThis chapter provides information and commands concerning the following topics: Hot Standby Routing Protocol (HSRP)— Configuring HSRP— Verifying HSRP— HSRP optimization options— Debugging HSRP Virtual Router Redundancy Protocol (VRRP)— Configuring VRRP— Verifying VRRP— Debugging VRRP Gateway Load Balancing Protocol (GLBP)— Configuring GLBP— Verifying GLBP— Debugging GLBPHot Standby Routing ProtocolThe Hot Standby Router Protocol (HSRP) provides network redundancy for IPnetworks, ensuring that user traffic immediately and transparently recovers from firsthop failures in network edge devices or access circuits.Configuring HSRPinterfaceRouter(config)#ifastethernet 0/0Moves to interface configuration modeipRouter(config-if)#iaddress 172.16.0.10255.255.255.0Assigns IP address and netmaskstandbyRouter(config-if)#s1 ip 172.16.0.1Activates HSRP group 1 on the interface and createsa virtual IP address of 172.16.0.1 for use in HSRPNOTE: The group number can be from 0 to 255.The default is 0.standbyRouter(config-if)#s1 priority 120Assigns a priority value of 120 to standby group 1
60Hot Standby Routing ProtocolNOTE: The priority value can be from 1 to 255. Thedefault is 100. A higher priority will result in thatrouter being elected the active router. If the prioritiesof all routers in the group are equal, the router withthe highest IP address becomes the active router.Verifying HSRPshow running-configRouter#sDisplays what is currently running onthe routershow standbyRouter#sDisplays HSRP informationshow standby briefRouter#sDisplays a single-line output summaryof each standby groupshow standby 1Router#sDisplays HSRP group 1 informationshow standby fastethernet 0/0Router#sDisplays HSRP information for thespecified interfaceshow standby fastethernet 0/0Router#sbriefDisplays a summary of HSRP for thespecified interfaceshow standby fastethernet 0/0Router#s1Displays HSRP group 1 informationfor the specified interfaceHSRP Optimization OptionsThere are options available that make it possible to optimize HSRP operation in the campusnetwork. The next three sections explain three of these options: standby preempt, messagetimers, and interface net 0/0Moves to interface configuration modestandby 1Router(config-if)#spreemptThis router will preempt, or take control of, theactive router if the local priority is higher thanthe active router
Hot Standby Routing Protocolstandby 1Router(config-if)#spreempt delay minimum 180Causes the local router to postpone taking overas the active router for 180 seconds since thatrouter was last restartedstandby 1Router(config-if)#spreempt delay reloadAllows for preemption to occur only after arouter reloadsno standbyRouter(config-if)#n1 preempt delay reloadDisables the preemption delay, but preemptionitself is still enabled. Use the no standby xpreempt command to eliminate preemption61NOTE: If the preempt argument is notconfigured, the local router assumes control asthe active router only if the local router receivesinformation indicating that there is no routercurrently in the active state.HSRP Message TimersinterfaceRouter(config)#ifastethernet 0/0Moves to interface config modestandby 1Router(config-if)#stimers 5 15Sets the hello timer to 5 seconds and sets thehold timer to 15 secondsNOTE: The hold timer is normally set to begreater than or equal to 3 times the hello timer.NOTE: The hello timer can be from 1 to 254;the default is 3. The hold timer can be from 1 to255; the default is 10. The default unit of time isseconds.standby 1Router(config-if)#stimers msec 200 msec 600Sets the hello timer to 200 milliseconds and setsthe hold timer to 600 millisecondsNOTE: If the msec argument is used, thetimers can be an integer from 15 to 999.
62Virtual Router Redundancy ProtocolInterface TrackinginterfaceRouter(config)#ifastethernet 0/0Moves to interface configuration modestandby 1Router(config-if)#strack serial 0/0 25HSRP will track the availability of interfaceserial 0/0. If serial 0/0 goes down, the priority ofthe router in group 1 will be decremented by 25.NOTE: The default value of the track argumentis 10.TIP: The track argument does not assign a newpriority if the tracked interface goes down. Thetrack argument assigns a value that the prioritywill be decreased if the tracked interface goesdown. Therefore, if you are tracking serial 0/0with a track value of 25—standby 1 track serial0/0 25—and serial 0/0 goes down, the prioritywill be decreased by 25; assuming a defaultpriority of 100, the new priority will now be 75.Debugging HSRPdebug standbyRouter#dDisplays all HSRP debugging information,including state changes and transmission/reception of HSRP packetsdebug standby errorsRouter#dDisplays HSRP error messagesdebug standby eventsRouter#dDisplays HSRP event messagesdebug standby eventsRouter#dterseDisplays all HSRP events except for hellos andadvertisementsdebug standby eventsRouter#dtrackDisplays all HSRP tracking eventsdebug standby packetsRouter#dDisplays HSRP packet messagesdebug standby terseRouter#dDisplays all HSRP errors, events, and packets,except for hellos and advertisementsVirtual Router Redundancy ProtocolNOTE: HSRP is Cisco proprietary. The Virtual Router Redundancy Protocol(VRRP) is an IEEE standard.
Virtual Router Redundancy Protocol63VRRP is an election protocol that dynamically assigns responsibility for one or more virtualrouters to the VRRP routers on a LAN, allowing several routers on a multiaccess link to usethe same virtual IP address. A VRRP router is configured to run VRRP in conjunction withone or more other routers attached.Configuring VRRPinterfaceRouter(config)#ifastethernet 0/0Moves to interface config modeipRouter(config-if)#iaddress 172.16.100.5255.255.255.0Assigns IP address and netmaskvrrp 10Router(config-if)#vip 172.16.100.1Enables VRRP for group 10 on this interface witha virtual address of 172.16.100.1.The group number can be from 1 to 255.vrrp 10Router(config-if)#vdescription EngineeringGroupAssigns a text description to the groupvrrp 10Router(config-if)#vpriority 110Sets the priority level for this router. The range isfrom 1 to 254. The default is 100.vrrp 10Router(config-if)#vpreemptThis router will preempt, or take over, as thevirtual router master for group 10 if it has a higherpriority than the current virtual router mastervrrp 10Router(config-if)#vpreempt delay minimum 60This router will preempt, but only after a delay of60 secondsNOTE: The default delay period is 0 seconds.vrrp 10Router(config-if)#vtimers advertise 15Configures the interval between successfuladvertisements by the virtual router masterNOTE: The default interval value is 1 second.NOTE: All routers in a VRRP group must use thesame timer values. If routers have different timervalues set, the VRRP group will not communicatewith each other.NOTE: The range of the advertisement timer is 1to 255 seconds. If you use the msec argument, youchange the timer to measure in milliseconds. Therange in milliseconds is 50 to 999.
64Virtual Router Redundancy Protocolvrrp 10Router(config-if)#vtimers learnConfigures the router, when acting as a virtualrouter backup, to learn the advertisement intervalused by the virtual router mastervrrp 10Router(config-if)#vshutdownDisables VRRP on the interface, but configurationis still retainedno vrrpRouter(config-if)#n10 shutdownReenables the VRRP group using the previousconfigurationVerifying VRRPshow running-configRouter#sDisplays contents of dynamic RAMshow vrrpRouter#sDisplays VRRP informationshow vrrp briefRouter#sDisplays a brief status of all VRRP groupsshow vrrp 10Router#sDisplays detailed information about VRRP group10show vrrp interfaceRouter#sfastethernet 0/0Displays information about VRRP as enabled oninterface fastethernet 0/0show vrrp interfaceRouter#sfastethernet 0/0 briefDisplays a brief summary about VRRP on interfacefastethernet 0/0Debugging VRRPdebug vrrp allRouter#dDisplays all VRRP messagesdebug vrrp errorRouter#dDisplays all VRRP error messagesdebug vrrp eventsRouter#dDisplays all VRRP event messagesdebug vrrp packetsRouter#dDisplays messages about packets sent and receiveddebug vrrp stateRouter#dDisplays messages about state transitions
Gateway Load Balancing Protocol65Gateway Load Balancing ProtocolGateway Load Balancing Protocol (GLBP) protects data traffic from a failed router orcircuit, like HSRP and VRRP, while allowing packet load sharing between a group ofredundant routers.Configuring GLBPinterface fastethernetRouter(config)#i0/0Moves to interface config modeip addressRouter(config-if)#i172.16.100.5 255.255.255.0Assigns IP address and netmaskglbp 10 ipRouter(config-if)#g172.16.100.1Enables GLBP for group 10 on thisinterface with a virtual address of172.16.100.1. The range of groupnumbers is from 0 to 1023.glbp 10 preemptRouter(config-if)#gConfigures the router to preempt, ortake over, as the active virtualgateway (AVG) for group 10 if thisrouter has a higher priority than thecurrent AVGglbp 10 preemptRouter(config-if)#gdelay minimum 60Configures the router to preempt, ortake over, as AVG for group 10 ifthis router has a higher priority thanthe current active virtual forwarder(AVF) after a delay of 60 secondsglbp 10 forwarderRouter(config-if)#gpreemptConfigures the router to preempt, ortake over, as AVF for group 10 if thisrouter has a higher priority than thecurrent AVF. This command isenabled by default with a delay of 30seconds.glbp 10 forwarderRouter(config-if)#gpreempt delay minimum 60Configures the router to preempt, ortake over, as AVF for group 10 if thisrouter has a higher priority than thecurrent AVF after a delay of 60seconds
66Gateway Load Balancing ProtocolNOTE: Members of a GLBP groupelect one gateway to be the AVG forthat group. Other group membersprovide backup for the AVG in theevent that the AVG becomesunavailable. The AVG assigns avirtual MAC address to eachmember of the GLBP group. Eachgateway assumes responsibility forforwarding packets sent to thevirtual MAC address assigned to itby the AVG. These gateways areknown as AVFs for their virtualMAC address.Virtual forwarder redundancy issimilar to virtual gatewayredundancy with an AVF. If the AVFfails, one of the secondary virtualforwarders in the listen stateassumes responsibility for the virtualMAC address.glbp 10 priority 150Router(config-if)#gSets the priority level of the routerNOTE: The range of the priorityargument is 1 to 255. The defaultpriority of GLBP is 100. A higherpriority number is preferred.glbp 10 timers 5 15Router(config-if)#gConfigures the hello timer to be setto 5 seconds and the hold timer to be15 secondsglbp 10 timers msecRouter(config-if)#g20200 msec 60600Configures the hello timer to be20,200 milliseconds and the holdtimer to be 60,600 milliseconds.NOTE: The default hello timer is 3seconds. The range of the hello timerinterval is 1 to 60 seconds. If themsec argument is used, the timerwill be measured in milliseconds,with a range of 50 to 60000.
Gateway Load Balancing Protocol67NOTE: The default hold timer is 10seconds. The range of the hold timeris 19 to 180 seconds. If the msecargument is used, the timer will bemeasured in milliseconds, with arange of 18020 to 180000.The hello timer measures theinterval between successive hellopackets sent by the AVG in a GLBPgroup. The holdtime argumentspecifies the interval before thevirtual gateway and the virtualforwarder information in the hellopacket is considered invalid. It isrecommended that unless you areextremely familiar with yournetwork design and with themechanisms of GLBP that you donot change the timers. To reset thetimers back to their default values,use the no glbp x timers command,where x is the GLBP group number.glbp 10 loadRouter(config-if)#gbalancing host-dependentSpecifies that GLBP will loadbalance using the host-dependentmethodglbp 10 loadRouter(config-if)#gbalancing weightedSpecifies that GLBP will loadbalance using the weighted methodglbp 10 weighting 80Router(config-if)#gAssigns a maximum weighting valuefor this interface for load-balancingpurposes. The value can be from 1 to254.glbp 10 loadRouter(config-if)#gbalancing round robinSpecifies that GLBP will loadbalance using the round-robinmethodNOTE:There are three different types of load balancing in GLBP: Host-dependent uses the MAC address of a host to determine which VF MACaddress the host is directed toward. This is used with stateful Network AddressTranslation (NAT) because NAT requires each host to be returned to the samevirtual MAC address each time it sends an ARP request for the virtual IPaddress. It is not recommended for situations where there are a small numberof end hosts (fewer than 20).
68Gateway Load Balancing Protocol Weighted allows for GLBP to place a weight on each device when calculatingthe amount of load sharing. For example, if there are two routers in the group,and router A has twice the forwarding capacity of router B, the weighting valueshould be configured to be double the amount of router B. To assign a weighting value, use the glbp x weighting y interface configuration command, wherex is the GLBP group number, and y is the weighting value, a number from 1 to254. Round-robin load balancing occurs when each VF MAC address is usedsequentially in ARP replies for the virtual IP address. Round robin is suitablefor any number of end hosts.If no load balancing is used with GLBP, GLBP will operate in an identical manner toHSRP, where the AVG will only respond to ARP requests with its own VF MAC address,and all traffic will be directed to the AVG.Verifying GLBPshow running-configRouter#sDisplays contents of dynamic RAMshow glbpRouter#sDisplays GLBP informationshow glbp briefRouter#sDisplays a brief status of all GLBPgroupsshow glbp 10Router#sDisplays information about GLBPgroup 10show glbp fastethernet 0/0Router#sDisplays GLBP information oninterface fastethernet 0/0show glbp fastethernet 0/0 10Router#sDisplays GLBP group 10information on interface fastethernet0/0Debugging GLBPdebug condition glbpRouter#dDisplays GLBP condition messagesdebug glbp errorsRouter#dDisplays all GLBP error messagesdebug glbp eventsRouter#dDisplays all GLBP event messagesdebug glbp packetsRouter#dDisplays messages about packets sent andreceiveddebug glbp terseRouter#dDisplays a limited range of debugging messages
Configuration Example: HSRP69Configuration Example: HSRPFigure 5-1 shows the network topology for the configuration that follows, which shows howto configure HSRP using the commands covered in this chapter. Note that only thecommands specific to HSRP are shown in this example.Figure 5-1Network Topology for HSRP Configuration .16.3/24Active RouterPriority 105Preempt is onfa 0/0172.16.16.5/24s 0/0198.133.219.1/30Virtual IPR1172.16.16.254/24s 0/0 DCE198.133.219.2/30Fa0/0 is trackingserial 0/0R3Fa0/0 is trackingserial 0/1s 0/0 DCEVirtual IP198.133.219.6/30172.16.16.254/24s 0/0198.133.219.5/30R2fa 0/0172.16.16.6/24Standby RouterPriority 100Preempt is onS1S2Router 1enableRouter eMoves to privileged modeconfigure terminalRouter#cMoves to global configuration modehostname R1Router(config)#hSets router name to R1interface fastethernet 0/0R1(config)#iMoves to interface config modeip address 172.16.16.5R1(config-if)#i255.255.255.0Assigns IP address and netmaskstandby 1 ipR1(config-if)#s172.16.16.254Activates HSRP group 1 on theinterface and creates a virtual IPaddress of 172.16.6.254standby 1 priority 105R1(config-if)#sAssigns a priority value of 105 tostandby group 1standby 1 preemptR1(config-if)#sThis router will preempt, or takecontrol of, the active router if the localpriority is higher than the active router
70Configuration Example: HSRPstandby 1 track serialR1(config-if)#s0/0HSRP will track the availability ofinterface serial 0/0. If serial 0/0 goesdown, the router priority will bedecremented by the default 10.no shutdownR1(config-if)#nEnables the interfaceinterface serial 0/0R1(config-if)#iMoves to interface config modeip addressR1(config-if)#i198.133.219.1 255.255.255.252Assigns IP address and netmaskno shutdownR1(config-if)#nEnables the interfaceexitR1(config-if)#eReturns to global config modeexitR1(config)#eReturns to privileged modecopy running-config startup-configR1#cSaves the configuration to NVRAMRouter 2enableRouter eMoves to privileged modeconfigure terminalRouter#cMoves to global config modehostname R2Router(config)#hSets router name to R2interface fastethernet 0/0R2(config)#iMoves to interface config modeip address 172.16.16.6R2(config-if)#i255.255.255.0Assigns IP address and netmaskstandby 1 ipR2(config-if)#s171.16.16.254Activates HSRP group 1 on theinterface and creates a virtual IPaddress of 172.16.6.254standby 1 priority 100R2(config-if)#sAssigns a priority value of 100 tostandby group 1standby 1 preemptR2(config-if)#sThis router will preempt, or takecontrol of, the active router if the localpriority is higher than the active routerstandby 1 track serialR2(config-if)#s0/1HSRP will track the availability ofinterface serial 0/1. If S0/1 goes down,the router priority will be decrementedby the default 10.
Configuration Example: GLBPno shutdownR2(config-if)#nEnables the interfaceinterface serial 0/1R2(config-if)#iMoves to interface config modeip addressR2(config-if)#i198.133.219.5 255.255.255.252Assigns IP address and netmaskno shutdownR2(config-if)#nEnables the interfaceexitR2(config-if)#eReturns to global config modeexitR2(config)#eReturns to privileged modecopy running-config startup-configR2#cSaves the configuration to NVRAM71Configuration Example: GLBPFigure 5-2 shows the network topology for the configuration that follows, which shows howto configure GLBP using commands covered in this chapter. Note that only the commandsspecific to GLBP are shown in this example.Figure 5-2Network Topology for GLBP Configuration ExampleWS1Default Gateway:172.16.16.254Gateway MAC:0007:b400:0101Default Gateway:172.16.16.254Gateway MAC:0007:b400:0102WS2Active VirtualRouter 1Active VirtualForwarder 1.1Fa 0/0172.16.16.5/24GLBP Priority 250Virtual IPR1172.16.16.254/24Virtual MAC0007.b400.0101GLBPGroup 10WANVirtual MAC0007.b400.0102GLBP Priority 100R2Fa 0/0172.16.16.6/24Active VirtualForwarder 1.2R1 is the AVG for a GLBP group and is responsible for the virtual IP address 10.21.8.10.R1 is also an AVF for the virtual MAC address 0007.b400.0101. R1 is a member of the sameGLBP group and is designated as the AVF for the virtual MAC address 0007.b400.0102.
72Configuration Example: GLBPWS1 has a default gateway IP address of 10.21.8.10 and a gateway MAC address of0007.b400.0101.WS2 shares the same default gateway IP address but receives the gateway MAC address0007.b400.0102 because R2 is sharing the traffic load with R1.Router 1enableRouter eMoves to privileged modeconfigure terminalRouter#cMoves to global config modehostname R1Router(config)#hAssigns router nameinterface fastethernetR1(config)#i0/0Moves to interface config modeip addressR1(config-if)#i172.16.16.5 255.255.255.0Assigns IP address and netmaskglbp 10 ipR1(config-if)#g172.16.16.254Enables GLBP for group 10 on thisinterface with a virtual address of172.16.16.254glbp 10 preemptR1(config-if)#gConfigures the router to preempt, or takeover, as AVG for group 10 if this router hasa higher priority than the current AVGglbp 10 priorityR1(config-if)#g250Sets the priority level of the routerglbp 10 timers 5 18R1(config-if)#gConfigures the hello timer to be set to 5seconds and the hold timer to be 18secondsglbp 10 loadR1(config-if)#gbalancing host-dependentSpecifies that GLBP will load balanceusing the host-dependent methodno shutdownR1(config-if)#nEnables the interfaceexitR1(config-if)#eReturns to global config modeexitR1(config)#eReturns to privileged modecopy running-config startupR1#cconfigSaves the configuration to NVRAM
Configuration Example: GLBP73Router 2enableRouter eMoves to privileged modeconfigure terminalR
Gateway Load Balancing Protocol 65 Gateway Load Balancing Protocol Gateway Load Balancing Protocol (GLBP) protects data traffic from a failed router or circuit, like HSRP and VRRP, while allowing packet load sharing between a group of redundant routers. Configuring GLBP Router(config)
