L3 Switching: HSRP Configuration

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

well let's dive into configuring H SRP first off a little groundwork your gateways whether they be distribution layer switches like this or routers connecting to the Internet are going to be organized into standby groups keyword standby everything you do when H SRP has the word standby so when you configure the virtual IP it'll be standby IP when you show to verify it'll be show standby debug debug standby so standby standby standby you'll see it again it again one of the gateways you're going to configure as your active or think of it like your primary write the one that's servicing the request for the virtual IP address and MAC address that you create the other ones will be standby so whether you have one backup or five different backups they'll all be considered standby and there will be one active or one primary well I wish you'd get in the word habit of using the key word active write by default if you don't tune in anything which we actually will tune it in here it will say hello once every 3 seconds both of these guys and say you are dead or have a hold down timer of once every 10 seconds so worst case scenario you've got 10 seconds when this guy goes down before the other one takes over by default final noteworthy item before we move on is the virtual MAC address that H SRP generates is well known so cisco when they run HSR p of course bought a whole clump of mac addresses that they use for their devices and own the first six hexadecimal characters zero zero zero zero zero c right that designates cisco and then you can see right here zero seven AC that tells you that you are running HSR p version one that is the well-known and version one is the most popular one out there right and then the last two digits has accidental characters represent the standby group number that you use you remember that you can actually use 0 through 255 or have 256 HSR P groups and you'll be able to tell which one you're using based on that number so you'll want to be able to pick that HSR P MAC address out of a lineup right very useful for the real world and of course the third exam so this is going to be what where you can figure actually have this configuration set up right now to layer 3 switches I've got the VLAN 1 sv I switched virtual interface configured on both of them with 2 & 3 we're going to set up a virtual IP for this I have a server sitting here at dot 25 which is going to be our little test subject to ping up here let's make it happen right so I'm going to go up here - lets go CBT switch 1 that's the one on the left do a show IP interface brief you can see that I've got VLAN 1 oh just went past it right there 172 30 72 which matches my left-hand side do a quick show run interface vlan1 can see not much action going on there ok here's what we do global config mode type in interface VLAN 1 and we're going to use the keyword standby standby and then you can see you can just go at it and start setting up HSR P parameters at which point it assumes standby group 0 or you can type in a group number just out of habit I think I always use VLAN or VLAN but group number 1 but I usually will match the group number to whatever VLAN interface I'm configuring this for if I'm doing it on SV eyes so stand by one now I'm going to type in my next man which is always at least I always do first the IP address what is the virtual IP address this is this line right here VIP I'm going to say 1 72.37 2.1 and you can see when i hit the question mark there's no subnet mask needed because it assumes the one from the interface whatever you have configured as the real interface IP address believe or not I've actually already configured HSR P if I do a show standby uh right there you can see it's waiting to come online it's currently in this listen state where it's listening for other hello messages from the other HSR P routers it's not going to hear any but it's waiting to promote itself to essentially the master router and you can see right here or I should say active I don't want to cross terms with vrrp you can see 0 0 0 C does that look familiar right just from the last slide zero seven AC it just went active by the way zero seven AC and then there's the group number zero one that's what I'm talking about when I'm saying how it generates that virtual MAC address and if I look right now you can see it's online matter of fact I can come over here to my server this is it I can even ping it 170 2.30 know that yes 30 that's 70.1 yep responding to ping I can do an ARP - a and right there is 70.1 there's the MAC address just like I see it should be on the screen right there that's that's why it's so useful to be able to recognize that MAC address out of a lineup for HS RP version 1 alright let's get fancy I'm going to go into global config back into the interface vlan1 I'm going to type in standby group 1 priority 1 10 now what's that all about well you can see the default priority for standby routers are 100 that controls who becomes the active and who whoa my my Benz running out of ink who becomes the active and who becomes this I have no idea why it's doing hang on I just yeah there we go who becomes the standby router by time it's end done so the one with the highest priority does become the active one which is going to be 110 in this case right this one is going to become the standby at 100 now why do you care well first off you typically care because you have kind of a primary switch that you want to use but also it really comes in big when you use something called interface tracking interface tracking allows this HSR P router to essentially watch an interface and if it goes down decrement or subtract the value from its priority like for instance this is fastethernet 0/1 right now that I have connected down here to this this server if this goes down I mean think about it from a switching perspective the traffic from this server will now go up here actually it won't go up there it'll go right here right here and then cross this link and then go out this the switch what I'm like yeah I don't want that if that interface goes down I'm like dude you're gone you're no longer the active device but the only way I can do that is make it lose some priority like drop that down below what the secondary is going to be here's how you do it I mean if I've been standby one track and now I can say what interface I want to track well in this case it's fastethernet 0/1 and I'm going to say here's how bad it's going to affect your priority should that interface go down 20 it's just enough right that's going to take it down 20 points to 90 which will put it less than this then the second area the standby device right and then this guy will take over did you follow that if this interface comes back up then the priority goes back up to it and now now we're back at 110 and we can take over now all this takeover business is always I need to emphasize this command right along with that tracking it is the preempt preempt which you should type in on both the active and the the standby switch says if somebody's priority goes below yours take over if you don't type this in essentially at boot time they make the decision or as soon as that group goes active it says so you're higher than me you can you can have the active but if it goes lower real time and you don't have this preamp typed in the other ones like yeah okay you know what next reboot will kind of figure it out and you know well well well yeah I'll be the primary then but I'm not going to be aggressive I'm not going to push you down but preempt is like be aggressive be mean knock the other guy down and that's what we want in this case now one of the dangers of preempt is you could have a rapidly rebooting router you ever have that like a device that where hardware is starting to go bad and it starts rebooting again and again and again again well that's not good essentially it comes up if preamps configure it's like I'm taking over right and then it crashes and then it reboots and it takes over and it crashes and it reboots and every single time it does that it's causing an outage well what we can do is we can actually say standby one preempt well let's add a little delay to that now I don't want to always delay I don't want to do like a minimum because that affects my convergence time right I want to say if we're reloading meaning the router has rebooted because something crashed then I want to wait this amount of time this number of seconds I want to hear Cisco's advice Cisco's best practice says if you want to figure out an accurate amount here take the router boot time let's just say this router or layer 3 switch takes two minutes to boot which would be 120 seconds right take the boot time of the device divide it by 2 and that should be the amount that you configure for that reload timer so in this case it would be 60 seconds so essentially that means this layer 3 switch must be alive and healthy and well for 60 seconds before it fails over now why do they give that advice well because remember the router booting isn't like woohoo everything's good right the router booting means like the routers booted it still has to converge on OSPF get all of its routes start forwarding packets I mean give it some time to breathe man it's like the basketball player just came on the court don't throw him the ball yet just let him run down to the other side first and get warmed up anyway that's that's the idea of delay reload preempt all those kind of things okay try and think if there's anyone at anything else I wanna show you I think I think at least initially that's that's good let me move my console cable down to switch number two and let's let's review those commands in a flyby cutaway let me just do a show run interface vlan1 you can see that's this guy's not doing much at all either so we'll go interface vlan1 stand by one and we will do IP address one 78230 70.1 again they're both agreeing on that same IP address same way we don't have to type in the priority because the default is 100 right we'll do the same track command will do standby one track fastethernet 0/1 and just get and i'm just doing this because we're consistent by the way in the real world if you did this you'd probably have it all a notepad and just bam blow it in there we want to have standby one preempt and we want to make sure that we put the delay on there for reload to sixty seconds as well again just mirroring the other side and also so it takes over should something go down let's do a show standby you can see from the Status Messages some stuff just happen it's like hey my state is currently standby well why because he's the secondary right who's the active router it's this guy switch number one over there 172 30 70.2 isn't that awesome so so we've got now H SRP going on now we also this is this is me we've got priority 100 default when it we're tracking interface such-and-such that says stayed up decrement 20 right so we will decrement 20 20 priority values if that interface ever goes down this is cool okay you want you want to test it with me let's do it I brought up my command prompt on the server and I actually downloaded a cool tool I tried this with ping I was like it's too slow I want to show some some convergence time so I download this tool called eff ping it's a it's a free one you can actually just go online type and I actually found it using I just typed fast ping in Google and found this one so I'm going to do an F ping too to me 2.30 71 and I'm going to change the time between two pings I'll put - T 10 milliseconds so we can just get some really fast pink so we can see how long this takes to fail over when something bad happens now again the topology that I've got is exactly like this I've got an access layer switch actually I guess realistically I actually have a server connected to an access layer switch which is connected to both of the HS RP routers like this so we've got you know primary one primary two so we can actually see when I unplug this how long it takes to to takeover right so I'm going to have a - T 10 I'm going to put - C which is the continuous paying right there and we should just see a little flood going on yeah yeah baby alright so we've got this this ping attack going on the HS our P address watching the lights blink like mad on my router okay let's um let's see what do I want to do I'm I've got the pink oh I'm like okay let's make something out okay I'm gonna I'm going to pull the the connection right here to this this guy I'm going to sever the connection to switch number one and let's watch what happens BAM it's down okay so this guy I've got show standby it's still doing the hellos I've got request timed out you know hello is being sent it's like alright next hellos going on Oh BAM there it went it to go not bad not bad Roy right okay good good good I'm going to plug it back in which and by the way this this only happened because we had some preempt configured right preemption is enabled took over so I'm going to now plug the primary back in and it should take over as show samba this guy's still active okay oh did you see it you see the little pause right there you can rewind if so it's now gone back to speak it's like okay I just got smacked down active routers back in place okay last command I want to show you on this pretty cool I'm going to go over to the primary again because we're using the default hello timers right now which is three seconds in ten seconds so I move my console cable back over I'm going to do a show well actually I will just go in there interface vlan1 I'm going to do a standby group one the timers but this time I'm going to go and Seck right I'm going to put my hello timers in em second so I'm going to say the timers you can go low you can go really low on this but check it out I'm going to do em SEC so I'm going to say hello once every 200 seconds you might be like well let's go all out let's go 15 milliseconds on there well the problem with that is they're like yeah well we can only specify a dead timer of the lowest you can go with 600 so if you go 15 on your hello timer you're just like Hello you're like totally hammering the other side but it still has to wait you know 600 milliseconds before it fails over let's let matter of fact let's give it 650 come on that's still a really good convergence time I'll jump down to the secondary switch do the same command config T interface vlan1 let's just paste that bad boy in so now that they should have Mir so we saw how fast it went before right let's oh I can't tell you how excited I get doing this guy said alright alright I'm back on the primary alright good good good alright let's I don't know why I went to the prime I'm back on the secondary okay here we go I'm going to unplug the primary ready 1 2 3 pull oh oh that was awesome Han show standby like oh ok so hello there once every 200 million look at look how fast it's setting is hell okay I'm gonna plug the primary back in come on tell me imagine went in your environment this kind of failover happening did you see it it just went back okay okay major failure catastrophic switch somebody somebody's pulled the plug on the primary BAM it's down oh it's back up nobody even noticed a voice over IP conversation they're like oh sorry what'd you say it was kind of a go not even realizing a major $10,000 switch in your network just went down and nobody noticed the thing that's that's that's cool so that's that's tuning HSR P to the max with adjusting those hello timers and that is configuring HSR P in all its glory I hope this has been informative for you and I'd like to thank you for viewing

Info

Channel: CBT Nuggets

Views: 110,756

Rating: undefined out of 5

Keywords: hot standby router protocol, hot standby router protocol configuration

Id: Db0VfCnULxM

Channel Id: undefined

Length: 15min 27sec (927 seconds)

Published: Wed Jan 14 2015