Cisco HSRP track interfaces.

Note: HSRP is Cisco proprietary, however VRRP also contains similar functionality.

By design all networks should incorporate redundancy throughout, for maximum uptime all equipment within the network should have a redundant replica (or similar hardware) to ensure the network services can still operate after a failure. However this replication would only protect the physical hardware (or medium) from a failure, what about the traffic/software/configuration?

Routing protocols are fairly good when it comes to re-converging a network after a change (failure), as this is what they are designed for, depending on the routing protocol used there will be some inherited limitations such as speed, however in general the network should re-converge around the failure. Protocols such as ether-channel can also be used on the physical (Layer 1/2) links to mitigate any failures there; you may start to see congestion on the network after a failure however the network should still be operational.

HSRP Example

So let’s look at the example image given (to the right), you can see the network is fairly redundant and failure of almost any hardware or physical link should not cause any issues (other than the access ports for the clients).

Now look at the image again and we will say the bottom right PC has a gateway configured for the to right router (B) and the bottom left PC uses the top left (A) router for it’s gateway. So instantly there is an issue, if either of the routers fail one of our PC’s is not going to be able to access any devices out of it’s local network, as there is no ‘route’ out. This is where we use protocols such as HSRP or VRRP to provide what’s called ‘first hop redundancy’, this time there is a virtual address on router A that both of the PC’s will use, if A fails this address will simply come online at router B.

Let’s say that the virtual address is currently on Router A, at once all of the WAN links on this router fail leaving no route out of the network for traffic arriving at that router. However HSRP will still be active on the router as the LAN is correctly working, we are now left with a network that is null routing all traffic. We could use routing protocols to internally sort this out, however that would lead to inefficiently bouncing traffic around the network, and also requiring the timely convergence process to complete.

What we need to do here is track the interfaces; by tracking an interface you can decrement the priority of a HSRP instance by a preconfigured amount. In the most simple example imagine that router A has a priority of 50 and router B has a priority of 49. We will track the WAN interfaces on each router and decrement the HSRP by 20 if the interface fails. Now should the interface fail the layer2 traffic will automatically be failed over to the alternative router – sorted!

Examples coming soon

Technology enthusiastic with many ongoing online projects one of which is this personal blog PingBin. While also working full time within a data center designing and maintaining the network infrastructure.

Leave a reply:

Your email address will not be published.