Overview:
This lab explores two different basic routing topics, Weighted Static Routes and HSRP.With weighted static routes, we can have two different static routes to one destination, but they have different weights, or preferences. The first route is weighed less, and is the preferred route. If the primary route goes away (switch/link failure) then the secondary route, with the larger weight is used.
With Hot Standby Routing Protocol, or HSRP, we create a single ip that is shared between routers on a shared segment (broadcast domain). One router is assigned a higher priority and thus gets to accept traffic for that shared ip. If that router or routers interface goes down, then the other router takes over, and accepts traffic destined for that address.
Network Layout:
In the general layout, we are sending icmp from router D to the backside interface on router C.
The preferred static route to RouterC is only through routerA (2A23). On the return trip, traffic from routerC goes to the HSRP shared ip (2A12-17), which is managed by router A, thus the return trip only goes through RouterA as well.
If there is a link failure on routerA's interface connected to vlan2 (10.1.2.2), then traffic to router C will go through routerB first via the higher weighed static route (2A24). On the return trip, router B will be managing the shared hsrp ip (2B12-17) thus traffic will flow through B as well on the return trip.
Wiring Diagram
This is the wiring diagram for the network. The green numbers are the mac addresses for the interfaces (used below in sniffing data), and the red IP is the HSRP shared IP.
System Configs
The following are the configs on the four cisco routers. The red text are configs that are directly related to HSRP or static routes.
| Router A |
Router B |
2A01 ! --
2A02 hostname routerA
2A03 logging on
2A04 logging buffered
2A05 !
2A06 int fa0/0
2A07 no shut
2A08 !
2A09 int fa0/0.2
2A10 encapsulation dot1Q 2
2A11 ip address 10.1.2.2 255.255.255.0
2A12 standby 1 ip 10.1.2.1
2A13 standby 1 timers 1 4
2A14 standby 1 priority 200
2A15 standby 1 preempt
2A16 standby 1 authentication BLABLA
2A17 standby 1 track fa0/0.3 75
2A18 !
2A19 int fa0/0.3
2A20 encapsulation dot1Q 3
2A21 ip address 10.1.3.1 255.255.255.0
2A22 !
2A23 int fa0/0.4
2A24 encapsulation dot1Q 4
2A25 ip address 10.1.4.254 255.255.255.0
2A26 !
2A27 ip route 10.1.5.0 255.255.255.0 10.1.2.254
2A28 ip route 10.1.5.0 255.255.255.0 10.1.3.254 2
2A29 !
|
2B01 ! --
2B02 hostname routerB
2B03 logging on
2B04 logging buffered
2B05 !
2B06 int fa0/0
2B07 no shut
2B08 !
2B09 int fa0/0.2
2B10 encapsulation dot1Q 2
2B11 ip address 10.1.2.3 255.255.255.0
2B12 standby 1 ip 10.1.2.1
2B13 standby 1 timers 1 4
2B14 standby 1 priority 150
2B15 standby 1 preempt
2B16 standby 1 authentication BLABLA
2B17 standby 1 track fa0/0.3 75
2B18 !
2B19 int fa0/0.3
2B20 encapsulation dot1Q 3
2B21 ip address 10.1.3.254 255.255.255.0
2B22 !
2B23 ip route 10.1.5.0 255.255.255.0 10.1.2.254
2B24 ip route 10.1.5.0 255.255.255.0 10.1.3.1 2
2B25 ip route 0.0.0.0 0.0.0.0 10.1.3.1
2B26 !
|
| Router C |
Router D |
2C01 ! --
2C02 hostname routerC
2C03 !
2C04 int fa0/0
2C05 no shut
2C06 !
2C07 int fa0/0.2
2C08 encapsulation dot1Q 2
2C09 ip address 10.1.2.254 255.255.255.0
2C10 !
2C11 int fa0/0.5
2C12 encapsulation dot1Q 5
2C13 ip address 10.1.5.1 255.255.255.0
2C14 !
2C15 ip route 0.0.0.0 0.0.0.0 10.1.2.1
2C16 !
|
2D01 ! --
2D02 hostname routerD
2D03 !
2D04 int fa0/0
2D05 no shut
2D06 !
2D07 int fa0/0.4
2D08 encapsulation dot1Q 4
2D09 ip address 10.1.4.1 255.255.255.0
2D10 !
2D11 ip route 0.0.0.0 0.0.0.0 10.1.4.254
2D12 !
|
Test Results
Expected Traffic Flows
As mentioned above, the traffic from D to C will go through A if there are no problems with the network (as shown in the Green Line). The static route on routerA (2A27) to router C has a default weight is 1, and thus is higher then the static route to routerB (2A28).
The return route from C to D only goes though RouterA also, because RouterA "owns" the HSRP ip 10.1.2.1, since it has a higher HSRP standby priority (2A14) then the priority on routerB (2B14)
If the vlan2 interface goes down on RouterA, then traffic will follow the red line, and use the higher weighed static route (2A28) to routerC.
On the return trip, router B will "own" the HSRP ip 10.1.2.1, and thus traffic will flow up through routerB to get to D.
Examining Traffic
The following data was recorded from vlan2 as traffic was traveling between RouterD (10.1.4.1) and routerC (10.1.5.1). Lines 3A01 - 3A05 show the traffic flowing through routerA (green MAC) to routerC. When RouterA's vlan2 interface is shutdown, traffic then must travel through RouterB (red MAC) before it gets to C, as show in lines 3A07 - 3A12.
Note that since the static routes are not evenly weighted, traffic is NOT load balanced between them, rather it is sent to one route or the other.
| Sniff output from VLAN2 |
3A01 ! -- Before RouterAs .2 interface went down
3A02 14:56:56.842076 0:3:6b:ec:a3:c0 0:3:6b:e9:d3:40 ip 114: 10.1.4.1 > 10.1.5.1: icmp: echo request
3A03 14:56:56.843061 0:3:6b:e9:d3:40 0:0:c:7:ac:1 ip 114: 10.1.5.1 > 10.1.4.1: icmp: echo reply
3A04 14:56:56.845513 0:3:6b:ec:a3:c0 0:3:6b:e9:d3:40 ip 114: 10.1.4.1 > 10.1.5.1: icmp: echo request
3A05 14:57:02.724762 0:3:6b:ec:a3:c0 0:3:e3:c4:db:0 ip 114: 10.1.4.1 > 10.1.5.1: icmp: echo request
3A06 ! -- After RouterAs .2 interface went down
3A07 14:57:02.726425 0:3:e3:c4:db:0 0:3:6b:e9:d3:40 ip 114: 10.1.4.1 > 10.1.5.1: icmp: echo request
3A08 14:57:02.727448 0:3:6b:e9:d3:40 0:0:c:7:ac:1 ip 114: 10.1.5.1 > 10.1.4.1: icmp: echo reply
3A09 14:57:02.732694 0:3:e3:c4:db:0 0:3:6b:e9:d3:40 ip 114: 10.1.4.1 > 10.1.5.1: icmp: echo request
3A10 14:57:02.733621 0:3:6b:e9:d3:40 0:0:c:7:ac:1 ip 114: 10.1.5.1 > 10.1.4.1: icmp: echo reply
3A11 14:57:02.737789 0:3:e3:c4:db:0 0:3:6b:e9:d3:40 ip 114: 10.1.4.1 > 10.1.5.1: icmp: echo request
3A12 14:57:02.738751 0:3:6b:e9:d3:40 0:0:c:7:ac:1 ip 114: 10.1.5.1 > 10.1.4.1: icmp: echo reply
|
Lab Setup
HSRP, or Hot Standby Routing Protocol, is a protocol enabled on a router that allows two routers to work in a failover mode. Thus, if one router breaks down, then the second can take over, preventing a traffic outage.
In the most simple example, two routers share a single IP and MAC, and when the primary router breaks, the second router assumes the role of the primary.
Cisco's website discusses this very well, so I will refrain from a more detailed discussion, and instead refer you to their site "http://www.cisco.com/univercd/cc/td/doc/cisintwk/ics/cs009.htm".
Rather than going into details of how HSRP works and how to use it, we will instead, discuss how it was setup in a lab, and what it did.
|
Bunson
|
Beaker
|
hostname Beaker
!
interface FastEthernet0/0
description trunk to wayne
no ip address
duplex auto
speed auto
!
interface FastEthernet0/0.160
encapsulation isl 160
ip address 10.7.160.253 255.255.255.0
no ip redirects
standby 1 timers 1 4
standby 1 priority 150 preempt
standby 1 authentication chuck
standby 1 ip 10.7.160.254
standby 1 track Fa0/1.164 100
!
interface FastEthernet0/0.161
encapsulation isl 161
ip address 10.7.161.254 255.255.255.0
no ip redirects
no cdp enable
!
interface FastEthernet0/1
description trunk to wanda
no ip address
duplex auto
speed auto
!
interface FastEthernet0/1.163
encapsulation isl 163
ip address 10.7.163.254 255.255.255.0
no ip redirects
!
interface FastEthernet0/1.164
encapsulation isl 164
ip address 10.7.164.253 255.255.255.0
no ip redirects
standby 1 timers 1 4
standby 1 priority 150 preempt
standby 1 authentication chuck
standby 1 ip 10.7.164.254
standby 1 track Fa0/0.160 100
!
interface Ethernet1/0
description router-router link
ip address 10.7.255.254 255.255.255.0
!
ip route 0.0.0.0 0.0.0.0 10.7.160.1
ip route 0.0.0.0 0.0.0.0 10.7.255.1 150
!
|
hostname Bunson
!
interface FastEthernet0/0
description link to wayne
no ip address
duplex auto
speed auto
!
interface FastEthernet0/0.160
encapsulation isl 160
ip address 10.7.160.252 255.255.255.0
no ip redirects
standby 1 timers 1 4
standby 1 priority 140 preempt
standby 1 authentication chuck
standby 1 ip 10.7.160.254
standby 1 track Fa0/1.164 100
!
interface FastEthernet0/0.161
description outside test network
encapsulation isl 161
ip address 10.7.161.252 255.255.255.0
no ip redirects
!
interface FastEthernet0/1
description link to wanda
no ip address
duplex auto
speed auto
!
interface FastEthernet0/1.163
encapsulation isl 163
ip address 10.7.163.252 255.255.255.0
no ip redirects
!
interface FastEthernet0/1.164
encapsulation isl 164
ip address 10.7.164.252 255.255.255.0
no ip redirects
standby 1 timers 1 4
standby 1 priority 140 preempt
standby 1 authentication chuck
standby 1 ip 10.7.164.254
standby 1 track Fa0/0.160 100
!
interface Ethernet1/0
description router-router link
ip address 10.7.255.1 255.255.255.0
!
ip route 0.0.0.0 0.0.0.0 10.7.160.1
ip route 0.0.0.0 0.0.0.0 10.7.255.254 150
|
References:
