Header
Home | Set as homepage | Add to favorites
  Search the Site     » Advanced Search
Sections
Syndication


Blogroll:

||||| ALL Cisco-Network ARTICLES |||||  
CCIE Journey,
The CCIE Journey,

Home : Cisco IOS : Load-Balancing with HSRP

Load-Balancing with HSRP

Jul 21,2008 by admin

small font medium font large font
image

Load-Balancing with HSRP

Problem

You want to load-balance your traffic between two (or more) HSRP routers.

Solution

You can configure HSRP so that both routers are always in use if they are available. This allows you to use your network resources more efficiently, but it is slightly more complicated to configure.

Configure the first router as follows, with two HSRP groups:

Router1#configure terminal 
Enter configuration commands, one per line.  End with CNTL/Z.
Router1(config)#interface FastEthernet0/1
Router1(config-if)#ip address 172.22.1.3 255.255.255.0
Router1(config-if)#standby 1 ip 172.22.1.1
Router1(config-if)#standby 1 priority 120
Router1(config-if)#standby 1 preempt
Router1(config-if)#standby 2 ip 172.22.1.2
Router1(config-if)#standby 2 priority 110
Router1(config-if)#standby 2 preempt
Router1(config-if)#exit
Router1(config)#end
Router1#

Then, on the second router, you create the same two HSRP groups, but change the priority levels from those of the first router so that Router1 is active for group 1 and Router2 is active for group 2:

Router2#configure terminal 
Enter configuration commands, one per line.  End with CNTL/Z.
Router2(config)#interface FastEthernet1/0
Router2(config-if)#ip address 172.22.1.4 255.255.255.0
Router2(config-if)#standby 1 ip 172.22.1.1
Router2(config-if)#standby 1 priority 110
Router2(config-if)#standby 1 preempt
Router2(config-if)#standby 2 ip 172.22.1.2
Router2(config-if)#standby 2 priority 120
Router2(config-if)#standby 2 preempt
Router2(config-if)#exit
Router2(config)#end
Router2#

This ensures that both router back up one another simultaneously. You must then configure half of your end devices on this segment to use the address 172.22.1.1 for their default gateway, and the other half to use 172.22.1.2.

Discussion

By default, when you use HSRP on a LAN segment, all of the traffic goes through whichever router is currently active. This means that the second router and its links are generally idle. If this is a remote site, and both routers have WAN links, then you will need to pay for an expensive WAN connection that is almost always unused. So this recipe shows you a way to use both routers.

This method only affects the outgoing traffic from the workstations to the routers and out to the WAN. If you want to balance the traffic going from the WAN to the LAN as well, you will need to look at your routing protocol, which determines which WAN connection is the best path to this LAN segment.

The recipe is actually very simple. It just creates two separate HSRP groups on the same segment. When everything is working normally, Router1 is the active router for one of the groups and Router2 is active for the other. Then, if either of these routers fails, the other takes over and becomes the active router for both groups.

This feature uses Multigroup HSRP (MHSRP). Not all routers support MHSRP. In particular, it does not work on Cisco 1600, 2500, 4000, or 5200/5300 devices. For Token Ring LANs, you can use MHSRP, but there are only three available HSRP groups for Token Rings. Other LAN media, such as Ethernet, FDDI, ATM, and various VLAN encapsulations (including LANE, ISL, 802.10, 802.1Q, and EtherChannel) will support 256 groups. Note that you can actually configure more HSRP groups for Token Ring if you use the use-bia option. But this means that every group will use the same MAC address. We will discuss this option and its benefits and restrictions in Recipe 22.7.

Once you have configured the routers this way so that they both back one another up, you need to configure the end devices. Half of these devices need to have a default gateway address of 172.22.1.1, and the other half must use 172.22.1.2. Deciding which devices use which address is the key to balancing the load between your routers. If you configure all of your busiest devices to use the same address, and consequently the same router, then you won't have a very well-balanced network load. This is also where the administration starts to become a little bit more complicated because you must decide which gateway each new device will use.

Of course, in a situation where both routers support two or more LAN segments, you could simply make one router primary for one segment and the other one primary for the other segment, instead of configuring two HSRP groups on the same interface. This is considerably simpler to administer, and it works well in larger networks.

The show standby command output includes information about both groups. For the first router in the example, you get the following output:

Router1#show standby
FastEthernet0/1 - Group 1
  Local state is Active, priority 120, may preempt
  Hellotime 3 sec, holdtime 10 sec
  Next hello sent in 1.184
  Virtual IP address is 172.22.1.1 configured
  Active router is local
  Standby router is 172.22.1.4 expires in 9.164
  Virtual mac address is 0000.0c07.ac01
  17 state changes, last state change 01:14:06
FastEthernet0/1 - Group 2
  Local state is Standby, priority 110, may preempt
  Hellotime 3 sec, holdtime 10 sec
  Next hello sent in 2.394
  Virtual IP address is 172.22.1.2 configured
  Active router is 172.22.1.4, priority 120 expires in 8.892
  Standby router is local
  4 state changes, last state change 00:32:22
Router1#

You can see that this router is active for group 1 and in standby for group 2. The same command on the second router shows the converse:

Router2#show standby
FastEthernet1/0 - Group 1
  Local state is Standby, priority 110, may preempt
  Hellotime 3 sec, holdtime 10 sec
  Next hello sent in 0.274
  Virtual IP address is 172.22.1.1 configured
  Active router is 172.22.1.3, priority 120 expires in 9.312
  Standby router is local
  4 state changes, last state change 01:23:46
  IP redundancy name is "hsrp-Fa1/0-1" (default)
FastEthernet1/0 - Group 2
  Local state is Active, priority 120, may preempt
  Hellotime 3 sec, holdtime 10 sec
  Next hello sent in 2.536
  Virtual IP address is 172.22.1.2 configured
  Active router is local
  Standby router is 172.22.1.3 expires in 8.936
  Virtual mac address is 0000.0c07.ac02
  1 state changes, last state change 01:21:49
Router2#

Cisco has recently developed a new solution to this same problem, called Gateway Load-Balancing Protocol (GLBP), which allows you to load-balance between several HSRP routers without having to reconfigure the end devieces. Please refer to Recipe 22.14 for more information on this technique.

See Also


408 times read

Related news
» Showing HSRP State Information
by admin posted on Jul 21,2008
» Configuring HSRP
by alperen posted on Dec 25,2008
» Using HSRP Preempt
by admin posted on Jul 21,2008
» Using HSRP on Token Ring
by admin posted on Jul 21,2008
» Increasing HSRP Security
by admin posted on Jul 21,2008
Did you enjoy this article?
1 2 3 4 5
(total 0 votes)

comment Comments (0 posted) 

More Top News
CCSP-Cisco Certified Security Professional
arrow Cisco SAFE Implementation
arrow Preparation Documents
arrow Exam Topics
arrow Skills Required for the Exam
arrow Cisco SAFE Implementation Questions and Answers
arrow Access Control Lists Cisco
arrow Access List Basics
arrow Standard Access Lists
arrow Verifying ACLs
arrow Extended Access Lists
arrow TCP Access Lists
arrow UDP Access Lists
arrow ICMP Access Lists
arrow Named Access Lists
arrow Signature and Alarm Management Review
arrow Signature and Alarm Management Review Questions and Answers
arrow Event Viewer
arrow Managing Alarms
arrow Event Viewer Customization
arrow Preference Settings
arrow Sensor Installation
arrow Connecting to Your Network Sensor Appliance
arrow Sensor Bootstrap
arrow Sensor Installation and Configuration Review
arrow Sensor Installation and Configuration Questions and Answers
arrow Signature and Alarm Management
arrow CIDS Signatures
arrow Signature Series
arrow Signature Implementations
arrow Signature Classes
arrow Signature Types
arrow Signature Severity
Most Popular
Most Commented
Featured Author

admin

image
<| Cisco Articles | Maximum Learning | All Cisco-Network Study Notes | Privacy Policy |>
If you think you own the material being used without permission, contact alperenmad[at]hotmail.com. material will be removed from the site.