""Kevin Cullimore"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > A useful notion to keep in mind is that hsrp and its un-patented > counterparts (you'd think that during the past century, people would learn > from IBM's example, but apparently that isn't the case) are profoundly > asymmetric in scope: > > they are concerned with the host->default gateway portion of the > conversation, not the return path (although implementational specifics might > force them to address the return path in some circumstances). >
CL: good point. in my experience, in the quest for 100% up time, the process still depends upon routers at either end to determine the reachability and account for that in the routing protocol. for example, I have my HSRP pair, and each has a WAN link to different carriers. Those links terminate into some central network somnewhere. CL: so when the remote site HSSRP primary fails, two things have to happen. 1) the failover router has to take over and 2) the routers at the far end of the links have to note the link failure to the primary, mark that route as down, and start using the secondary path. CL: seems to me this is the flaw in the system. Might be fine if you are using HSRP merely as failover connectivity to the internet. May not be so fine if you are using HSRP as failover from a branch office to HQ. Depending on the aplication. Depending upon the time it takes to get the new routes in place. CL: as an aside, I just had a convcersation along these lines with a customer, to whom I had to explain at length what HSRP was, what it did, how it behaved, and therefore why what he was thinking was probably not a good idea. Not that we couldn't have done it. But that in the end what the customer wanted me to do wuld have put him at more risk than if he left things as they were. Not to mention the loss of bandwidth that HSRP would have created for him. > > > ----- Original Message ----- > From: "LongTrip" > To: > Sent: 23 June 2002 2:22 pm > Subject: Re: Re: HSRP [7:47177] > > > > hmmm maybe there was a misunderstanding on my part of an earlier post that > > mentioned "The only time you see the virtual MAC address is on the > original > > request from the host. Forwarded requests and replies don't use it. ". > > > > I understood this to mean that after the initial set up of communications > > that the virtual mac address was not used in subsequent data > transmissions. > > > > This will be one for a lab experiment on my part. Until I see it the > result > > with my own eyes it will be a question. > > > > > > Kim > > > > > > > > > > > > From: "Thomas E. Lawrence" > > > Date: 2002/06/23 Sun PM 01:08:17 EDT > > > To: [EMAIL PROTECTED] > > > Subject: Re: Re: HSRP [7:47177] > > > > > > Perhaps this will help explain > > > > > > > > > http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121cgcr/ip_c > > > /ipcprt1/1cdip.htm#xtocid23 > > > > > > Yes, HSRP creates a single "virtual" IP and MAC pair. Yes, when one > router > > > fails, the standby router "assumes" control of this virtual IP and MAC > > pair. > > > > > > From an end station standpoint, nothing has changed. The end station > knows > > > the virtual IP, as configured in it's own settings, or as received as > part > > > of its DHCP configuration. In either case, no end station knows all of > the > > > IP's of all of the members of the HSRP group. Unless things have changed > > > recently, there is no way to configure multiple default gateways on a > > > Windows machine, at least. This is the reason HSRP, and now VRRP, were > > > developed. If the end station does not already know the MAC of the > default > > > gateway, it sends an ARP request, as is standard operating procedure for > > any > > > host seeking the MAC of an IP. The active router replies with the > virtual > > > MAC. > > > > > > You may also want to refer to the VRRP RFC. VRRP is the open standard > > > intended to replace the several proprietary methods that now exist. The > > > first couple of pages provide a good explanation and a good background > of > > > the problem to be solved. > > > > > > ftp://ftp.isi.edu/in-notes/rfc2338.txt > > > > > > Tom > > > > > > > > > > > > ""LongTrip"" wrote in message > > > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > > > So you are saying the client never sees the MAC address of RouterA? > It > > > only > > > > sees the MAC address of the "Virtual Router"? > > > > > > > > Kim > > > > > > > > > > > > > > From: "Michael L. Williams" > > > > > Date: 2002/06/23 Sun AM 11:29:24 EDT > > > > > To: [EMAIL PROTECTED] > > > > > Subject: Re: HSRP [7:47177] > > > > > > > > > > This isn't quite right. See comments below. > > > > > > > > > > "Kim Graham" wrote in message > > > > > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > > > > > This brings up a question. I understand that after the initial > "hi I > > > > will > > > > > > be handling your requests please use me as your destination mac > > > address". > > > > > > (Router talking to client). > > > > > > > > > > > > But what happens when the initial router fails and HSRP kicks in? > > > After > > > > an > > > > > > unreachable, would ClientA send out an arp or would RouterB > initiate > > > the > > > > > > arping to re-establish connections to any client that was using > > > RouterA > > > > > > after it noticed that RouterA was not responding? > > > > > > > > > > > > Scenario: > > > > > > > > > > > > > > > > > > ClientA ----- RouterA/B(HSRP) ------ ClientB > > > > > > > > > > > > ClientA sends a packet to ClientB > > > > > > ClientA talks to the Virtual RouterA/B -- RouterA/B sends to > ClientB > > > > > > RouterA/B tells ClientA -- RouterA will be handling your requests. > > > > > > > > > > Router A never tells Client A that "Router A will be handling your > > > > > requests". As you mentioned, Client A talks to the Virtual Router > via > > > the > > > > > Virtual IP address which it ARPs to find the Virtual MAC. Client A > > > never > > > > > knows which of the HSRP routers is "intercepting" and processing > it's > > > > > requests.... When Client A sends a frame to the Virtual MAC to go > out > > > of > > > > > it's gateway, both Router A and Router B "hear" the packet, but only > > the > > > > > HSRP Active router will process it. So if, the janitor steps in and > > > > unplugs > > > > > Router A, then after Router B misses enough Hello packets from > Router > > A, > > > it > > > > > declares itself the Active HSRP router for that HSRP group, and at > that > > > > > point it starts to process the information sent to the Virtual > > > IP/Virtual > > > > > MAC. This is all transparent to the end clients, Client A in this > > > example. > > > > > So as far as Client A knows, it's still sending traffic to the > Virtual > > > IP > > > > > via the Virtual MAC address it has in its ARP cache..... > > > > > > > > > > HTH, > > > > > Mike W. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=47249&t=47177 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
