Making HSRP React to Problems on Other Interfaces

Problem

You want HSRP to switch to the backup router when another port on the primary router becomes unavailable.

Solution

The standby track configuration command reduces the priority of an active HSRP router into a standby mode when one of its interfaces becomes unavailable. If the priority drops far enough, another router will take over:

Router1#configure terminal 
Enter configuration commands, one per line. End with CNTL/Z.
Router1(config)#interface FastEthernet0/1
Router1(config-if)#standby 1 ip 172.22.1.1
Router1(config-if)#standby 1 priority 120
Router1(config-if)#standby 1 preempt
Router1(config-if)#standby 1 track Serial0/0 20
Router1(config-if)#exit
Router1(config)#end
Router1#

Beginning with IOS Version 12.2(15)T, Cisco enhanced functionality by allowing you to track objects other than line-protocol state:

Router1#configure terminal 
Enter configuration commands, one per line. End with CNTL/Z.
Router1(config)#track 11 interface Serial1/1 ip routing 
Router1(config-track)#exit  
Router1(config)#interface FastEthernet0/0
Router1(config-if)#standby 1 ip 172.22.1.1
Router1(config-if)#standby 1 priority 120 
Router1(config-if)#standby 1 preempt
Router1(config-if)#standby 1 track 11 decrement 50
Router1(config-if)#end
Router1#

 

Discussion

This configuration option is particularly useful when you have two identically configured WAN access routers using HSRP on their LAN ports. In this case, if you are using a dynamic routing protocol, then losing the WAN connection to one of the routers isn't actually a disaster. The routing protocol will tell the active router to forward all of its outbound traffic to the standby router, which will still have a good connection. However, this is obviously inefficient. It would be better if the active router simply resigned its active status and let the standby router take over.

HSRP does this by decreasing the priority for this router. By default, it decreases the priority by 10 points. But you can configure this amount. In the example, the router drops its HSRP priority by 20 points when the interface Serial0/0 becomes unavailable:

Router1(config-if)#standby 1 track Serial0/0 20

In all of our examples so far, we have configured the priorities of the two HSRP routers to have a difference of 10 priority points. So if we used the default priority drop in this standby track command, a failure of the tracked interface would give the two routers equal priority. So the router with the higher IP address will become the active router when this interface fails. This might not be the right choice. We have specified a value of 20 priority points in this command to ensure that the other router will take over appropriately.

You can use the standby track command to track any router interface, or even multiple interfaces. To track several interfaces, you just specify all of the interfaces in separate standby track commands:

Router1#configure terminal 
Enter configuration commands, one per line. End with CNTL/Z.
Router1(config)#interface FastEthernet0/1
Router1(config-if)#standby 1 ip 172.22.1.1
Router1(config-if)#standby 1 priority 120
Router1(config-if)#standby 1 preempt
Router1(config-if)#standby 1 track Serial0/0 20
Router1(config-if)#standby 1 track Serial0/1 20
Router1(config-if)#exit
Router1(config)#end
Router1#

In this example, we have explicitly configured HSRP to decrement the priority by 20 if either of the tracked interfaces fails. So, if both interfaces fail, the priority will drop by 40 points.

For the standby track command to work properly, you must also configure standby preempt, as in Recipe 22.2. This is because you want to allow the router that now has the higher priority to send an HSRP Coup message and take over control.

When you use tracking like this, the show standby command includes information about the interface that is being tracked, as well as what will happen to the priority when that interface goes down:

Router1#show standby 
FastEthernet0/1 - Group 1
 Local state is Active, priority 120, may preempt
 Hellotime 3 sec, holdtime 10 sec
 Next hello sent in 0.564
 Virtual IP address is 172.22.1.1 configured
 Active router is local
 Standby router is 172.22.1.2 expires in 9.848
 Virtual mac address is 0000.0c07.ac01
 5 state changes, last state change 12:47:08
 Priority tracking 1 interface, 1 up:
 Interface Decrement State
 Serial0/0 20 Up 
Router1#

When this interface goes down, causing an HSRP priority change, the router will send several messages to the log buffer:

Jun 24 23:24:58: %STANDBY-6-STATECHANGE: FastEthernet0/1 Group 1 state Active -> Speak
Jun 24 23:25:00: %LINK-3-UPDOWN: Interface Serial0/0, changed state to down
Jun 24 23:25:01: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/0, changed state to down

Notice that the HSRP change happens so quickly that the message actually precedes the Serial interface change. This is because the Serial interface doesn't send its message immediately when it loses control signals, but the HSRP change does react immediately. Upon repairing the Serial interface problem, the router will send several more messages to the log:

Jun 24 23:25:07: %STANDBY-6-STATECHANGE: FastEthernet0/1 Group 1 state Standby -> Active
Jun 24 23:25:08: %LINK-3-UPDOWN: Interface Serial0/0, changed state to up
Jun 24 23:25:09: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/0, changed state to up

Again, the Serial interface takes a few seconds to react, but the HSRP change is immediate. This underscores the need for the preempt delay command discussed in Recipe 22.2.

The standby track command has one other interesting application on routers that run IOS level 12.2(8)T and higher. In these versions you can use the keepalive command with GRE tunnels, as discussed in Chapter 12. With this option, GRE tunnels will mimic the behavior of physical interfaces, going into a down state if the far end of the tunnel becomes unavailable. This means that you can use standby track on a tunnel interface, which in turn means that you can now make your HSRP priority change in response to problems elsewhere in the network.

There were two important bugs with HSRP interface tracking prior to IOS level 12.1. The first happens when you track multiple interfaces. If you do not explicitly configure the priority decrement, the router will only drop the priority by a total of 10 points, no matter how many tracked interfaces fail. And the second is that if the tracked interface is down at boot time, and remains down, HSRP treats it as if it were up. Both of these bugs were fixed in IOS level 12.1.

The following example shows three different methods to track objects using the new method of object tracking. Object 11 tracks the IP routing protocol on interface Serial1/1, object 12 tracks the line-protocol on Serial1/1 and object 13 tracks the reachability of route 172.26.1.0/24:

Router1#configure terminal 
Enter configuration commands, one per line. End with CNTL/Z.
Router1(config)#track 11 interface Serial1/1 ip routing 
Router1(config-track)#exit  
Router1(config)#track 12 interface Serial1/1 line-protocol 
Router1(config-track)#exit
Router1(config)#track 13 ip route 172.26.1.0/24 reachability 
Router1(config-track)#exit
Router1(config)#interface FastEthernet0/0
Router1(config-if)#standby 1 ip 172.22.1.1
Router1(config-if)#standby 1 priority 120 
Router1(config-if)#standby 1 preempt
Router1(config-if)#standby 1 track 11 decrement 50
Router1(config-if)#standby 1 track 12 decrement 50
Router1(config-if)#standby 1 track 13 decrement 50
Router1(config-if)#end
Router1#

By tracking the IP routing protocol on an interface, you react to situations in which line-protocol remains up, but you lose routing neighbors or adjacencies. This can be useful on interfaces that may never go into a down/down state, such as ATM subinterfaces or LAN Extension type interfaces.

Tracking a particular IP route within the router is another useful way of reacting to situations that may occur away from the router itself. This gives you the flexibility to make HSRP react locally to remote problems and to provide optimal routing even in some rather complex failure scenarios.

To view the current status of your tracked objects, use the show track command:

Router1#show track 
Track 11 
 Interface Serial1/1 ip routing
 IP routing is Down (hw admin-down, ip disabled)
 1 change, last change 00:12:48
 Tracked by:
 HSRP FastEthernet0/0 1
Track 12 
 Interface Serial1/1 line-protocol
 Line protocol is Down (hw admin-down)
 1 change, last change 00:10:12
 Tracked by:
 HSRP FastEthernet0/0 1
Track 13
 IP route 172.26.1.0 255.255.255.0 reachability
 Reachability is Up (static)
 2 changes, last change 00:09:05
 First-hop interface is Serial1/0
 Tracked by:
 HSRP FastEthernet0/0 1
Router1#

Notice that object 11 is currently down because IP routing has been disabled. Also, notice that object 12 is down because the tracked interface is in an administrative down state. Finally, object 13 is currently up because the tracked route is currently reachable.

To view the effect of the track objects on HSRP, use the show standby command:

Router1#show standby
FastEthernet0/0 - Group 1
 State is Active
 2 state changes, last state change 01:28:50
 Virtual IP address is 172.22.1.1
 Active virtual MAC address is 0000.0c07.ac01
 Local virtual MAC address is 0000.0c07.ac01 (v1 default)
 Hello time 3 sec, hold time 10 sec
 Next hello sent in 0.936 secs
 Authentication MD5, key-string "OREILLY"
 Preemption enabled
 Active router is local
 Standby router is unknown
 Priority 20 (configured 120)
 Track object 11 state Down decrement 50
 Track object 12 state Down decrement 50
 Track object 13 state Up decrement 50
 IP redundancy name is "hsrp-Fa0/0-1" (default)
Router1#

Notice the currently priority of this HSRP instance is 20. The initial priority level was set to 120. However, because tracked objects 11 and 12 are down, they have each decreased the priority level by 50. You will also notice that, if all three of the tracked objects go down, the total decrement will be 150, which is greater than the initial priority of 120. In this case, the HSRP priority bec omes zero and will not drop any further.

See Also

Recipe 22.2; Chapter 12

Router Configuration and File Management

Router Management

User Access and Privilege Levels

TACACS+

IP Routing

RIP

EIGRP

OSPF

BGP

Frame Relay

Handling Queuing and Congestion

Tunnels and VPNs

Dial Backup

NTP and Time

DLSw

Router Interfaces and Media

Simple Network Management Protocol

Logging

Access-Lists

DHCP

NAT

First Hop Redundancy Protocols

IP Multicast

IP Mobility

IPv6

MPLS

Security

Appendix 1. External Software Packages

Appendix 2. IP Precedence, TOS, and DSCP Classifications

Index



Cisco IOS Cookbook
Cisco IOS Cookbook (Cookbooks (OReilly))
ISBN: 0596527225
EAN: 2147483647
Year: 2004
Pages: 505

Flylib.com © 2008-2020.
If you may any questions please contact us: flylib@qtcs.net