As part of my internship/thesis, I am looking to implement HSRP in a network.
The network has 2 separate locations that are connected with a fibre cable (layer 3 to layer 3).
Each layer 3 (Cisco 3560-x) is connected to an HP-router that is managed by our ISP.
I was thinking about setting up HSRP on one interface of both switches, but I imagine an IP route to the virtual IP address won't work because it is on the same switch.
Would I be correct to think that in my current configuration, HSRP is only possible on the routers?
Any other input regarding the issue is welcome.
EDIT
extra info:
Router 1 IP address is 10.10.255.251
and Router 2 IP address is 10.10.255.252
.
Switch1 :
interface FastEthernet0/1
no switchport
ip address 10.10.255.253 255.255.255.248
standby 1 ip 10.10.255.250
standby priority 110
exit
Switch2:
interface FastEthernet0/1
no switchport
ip address 10.10.255.254 255.255.255.248
standby 1 ip 10.10.255.250
standby priority 110
exit
The reason why I want to do this on the switches is that I can't configure the routers as they are managed by our ISP.
The virtual IP address would be 10.10.255.250
, but when this is configured on the switch interfaces, I cannot add an IP route to this virtual IP address because the next hop would be on the same switch.
I also don't see how the Internet traffic would reach the routers in this configuration.
So, to repeat the question: am I right in thinking this won't work, or is this possible in a way that I did not try yet?
Best Answer
What you seem to be proposing is running HSRP toward the ISP routers in attempt to fool your own routers, but HSRP is a protocol designed to fool LAN hosts, e.g. PCs.
On your layer-3 switches, you will have one or more VLANs configured in SVIs. For example:
Those are the interfaces on which you would configure HSRP to give a redundant gateway to your LAN hosts.
If you want redundancy to the ISP routers, you need to do that with routing. You probably have a static default route. For example, assume the ISP routers are
10.10.255.249
(primary) and10.10.255.250
(backup):This establishes two static default routes. A lower AD will be in the routing table unless it goes down, at which point it is removed from the routing table, and the backup route is put into the routing table.
This is invisible to the hosts because the hosts use the layer-3 switches for their gateways. Hosts don't know or care about the routing; all they care about is that they have a configured gateway, and the gateway is supposed to know how to route traffic toward the destination.