MicroNugget: How to Use "HSRP" for High Availability

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

using HS RP for high availability imagine having a car that always worked for example you went out to the garage you turn it on the car always works and imagine further that if it didn't work that some magical elf behind the scenes would have verified that it didn't work and swapped it out with a different car so that when you did go out to the garage the car worked no matter what as an end user on a customer network we need default gateways to get off of the local area networks and H SRP is one of several mechanisms that we can use to do exactly that in a fault-tolerant manner how important is a default gateway for a customer let's start there before we talk about fault tolerance a customer is a happy happy customer if that PC can get off of the local area network and normally here's how it goes from the PC or the Mac or the Linux or what have you we have a patch cable that goes to a switch and from the switch it goes to a router that looks like one of those with the arrows going in four directions that has connections to additional networks so if the PC ever wants to get out to a remote network something that's not local different subnets it needs to use this default gateway for that reason a default gateway is a critical resource for every device on the network so what happens if this default gateway fails the customers out of luck unless you and I deploy some fault tolerance for this layer three default gateway functionality there are several options we can use for fault tolerance for this customer as far as this default gateway is concerned one option is H SRP which I'll be demoing today another option would be the gateway load balancing protocol and another one it's an open standard is the common address resolution protocol all three of these options provide layer three fault tolerance for our customers and here's how we can pull it off first of all we start off with two routers that's the key so we start off with two routers and I put all of these interfaces here into a common VLAN a common broadcast domain and that subnet is the tenth 1200s last 24 network and I've also put other interfaces of those same routers and a connection out to a server in this VLAN over here and that network is for example the 172 16.1 23.0 / 24 and so our routers have connections to both sides and we have two routers what we're going to do is this the clients going to get an IP address now how does a client normally get an IP address if I had if we had 200 clients that all needed IP addresses probably the way we would do it is use DHCP to dynamically assign an IP address to this guy additionally besides an IP address we'd also assign a default gateway so let's say that the routers interfaces are dot one and two on the 10.12 0/0 Network the default gateway that we hand out to customers however is going to be a virtual address let's say 10.12 dot let's use 0 dot 100 so the client believes that maybe it got the address of 10.12 0.50 for its own IP and the default gateway is 1012 0 100 now the game we're going to play on these two routers router 1 router 2 is that they both are going to provide services for this default gateway address meaning if the client ever does an ARP request or sends packets destined to that address and the corresponding layer 2 address below it at layer 2 the one of these routers is going to respond and take care of the customer so it is sorted out with HSR P they use an active and a standby router the active router actively supports this virtual address that was handed out as a default gateway to the clients the standby oh my goodness the standby just sits there all day says yep actives good he's going he's happy I don't have to do anything the standby only has to kick into gear if he stops hearing the active router and he says oh my goodness it's been three seconds it's been nine seconds the active router must be dead and then he can convert his role over to active and then hopefully the other guy will come back later so hot standby routing protocol provides a virtual default gateway address for our customers to use it looks and feels absolutely real to our customers so let's put this in motion let me bring in a client and he's a happy client because he can get out to the network so if we want to take a look at the details of the client and by the way this is a client on this network segment he's wired he's on the 10.12 subnet and if we take a look at his information we can use some common tools that were probably familiar with such as IP config and IP config says my IP address is 1012 0 51 my default gateway is 10.12 dot 0 dot 100 if we do a show ARP that's too much iOS on the brain a show ARP would be a great command at the CLI of an iOS router we want to do ARP - a on this Windows box there's no ARP in trees found it has no layer 2 mappings or if it had them they timed out which is perfectly fine let's bring in the routers here's router 1 and router to bring them in and if we do a show interface FA 1 slash 0 on this guy here's the actual address that I have configured the layer 2 address so that's the layer 2 address for router 1 and the layer 2 address for router 2 is this so you just have to focus on the first four digits 0 0 - 2 is the layer 2 address for our 2 and 0 0 1 1 is the address for a glare to address router 1 and check this out we do a show standby it says how you check this out the active address is this one right here which is 10.12 0 dot 100 that's the address you're supporting and look at this layer to address this fake MAC address for hot standby routing protocol whichever router is acting as the active router is going to respond to requests for the gloss the default gateway and this is the MAC address they're going to use so whoever's active which happens to this guy is going to be doing 2 MAC addresses 1 MAC address for his IP address on his interface and another MAC address he'll be playing with on behalf of the hot standby routing group that he's active for and this just shows us who's active at the moment so the active router is local and the standby router is my good friend r2 at 10.12 dot zero dot - so let's go ahead and test this out real quick fact let's capture the traffic so I'm going to go over here to my blink I'm going to do a capture starting capture as speak right now it's capturing and now let's go to a ping of three two three two three two three that's a remote resource that should cause an ARP request for the default gateway and then we're going to forward some ping packets so there it goes so I'm going to stop the capture and let's take a look at it and under this in real-time so you can get a sense for what's really happening so let me bring up the capture and here it is this is a capture I just created hopefully it's going to work out and okay there's there's HS RP messages going back and forth so router one maybe this out-of-the-way router one and router two or talking to each other are you okay yeah I'm good I'm there I'm there and that's going on frequently here and what we're looking for is our ARP request there it is right there so here's our ARP request is coming from the Intel interface on my PC and it's being sent out as a broadcast and if we take a look at the contents of this is saying I'm looking I'm looking for the IP address of 1012 0 100 whoever has that please respond with the layer 2 address for that and here's the response and check this out the reply is coming back from 0 0 0 0 0 C 0 7 AC 0 0 and that's that special HS RP address in fact we can see it right here that's being managed by the active router so if we look at the ARP cache now that we got the results back if we look at the ARP cache on the PC bring them back in now we have this MAC address 10.12 dot 0 dot 100 and we believe that layer 2 address is this and the person is going to respond to that is the active router so now we can do some pings 2 3 3 3 3 and it works no problem now case in point what happens if one of the routers fails so instead of just shutting down the router let me go ahead and actually turn off the interfaces both of them on our router and that way they'll we have be guaranteed not to be able to a support for anyone to a show IP interface brief and let's go ahead and do a interface FA 1 slash 0 will shut it down interface FA 1 / 1 well shut it down and so basically I've got I've got a virtual interface open but the two physical interfaces are shut down so this router is no longer able to help or support anyone else now the background what's happening is our two is losing some AI GRP routing neighbor ships it's also gone active for H SRP because it's not seeing those hellos anymore from the primary router so from the PCs perspective if we do a ARP - a it still has that information cached and then we do a ping still works now our - is doing the work if r1 comes back into play and if we have preemption setup our one will take back over the takeaway from this is that hot standby router protocol sets up a virtual IP address supported by at least two routers it could be more to provide layer 3 fault tolerance for customers using a default gateway I hope this has been informative for you and I'd like to thank you for viewing

Info

Channel: CBT Nuggets

Views: 55,881

Rating: 4.9009523 out of 5

Keywords: how to, cbt nuggets, virtual machine, virtual machine windows 10, virtual machine mac, computer based training, virtual machine windows 7, computer based training ppt, computer based training software, computer based training examples, computer based training programs, computer based training software free, how to make computer based training, gns3 video training

Id: kxhdPI1jh6I

Channel Id: undefined

Length: 9min 56sec (596 seconds)

Published: Sun Aug 26 2012