[Webinar] Streamline your web hosting managementRegister Today

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 630
  • Last Modified:

HSRP question

Hi, I have a design question for failover.
We have 2 routers at a site, 1 managed by Vz, 1 unmanaged by our team.
The main router is the 7200 vxr, which has a ds-3, and provides both internet and mpls vpn.
the backup router is an 1841, with IPSec Crypto tunnels, and is 3 Megs.
The 7200 router is connected to a PacketShaper, and that Packetshaper is connected to a Proxy SG.
we have 3 switches as well (all 3560). There are about 30 users at this site.

The 7200 from the CE to the PE runs BGP
The 7200 to the 3560 runs EIGRP.
The 1841, directly connected into that same 3560, also runs EIGRP.

If need be, I can attach a diagram.

Basically, I want to implement failover (i.e. if the 7200 WAN dies, if the 7200 itself dies, if the 7200 LAN dies, etc., then the 1841 should kick in.

I was thinking of running HSRP but am uncertain of the implications with the PS and the Proxy SG inline, and also, am unsure if SLA is recommended in this case, or needed.

Also, I would need to know where the HSRP would go--this is because we are not sure if we should just use it on the SVIs on the 3560s, and the 1841, and the 7200, or what?

                                                              3560
                                                               |    
WAN---7200-------PS----Proxy SG---3560----------------------1841------Internet (IPSec backup)
                                                              |
                                                            3560

That is the current setup.

I was thinking of doing this:

                           WAN                                                                   WAN
                             I                                                                        I
                       7200 -----------(x-over between fe0/1) / 30------1841
                       |                                                                              |
                    PS                                                                            |
                       |                                                                             |
                   Proxy SG                                                                  |
                          |                                                                           |
                   3560 ----------------L3 Etherchannel------------------3560
                       |  L3 Etherchannel                                                     |
                        |-------------------------------3560-----------------------                                
So basically, the 7200 and the 1841 should be on teh same subnet, which they currently are not.
The 3560s, though....not sure what to do with them (SVIs on both, or all 3?)....



Please advise!
0
sbempong
Asked:
sbempong
  • 2
1 Solution
 
mikebernhardtCommented:
I think the only thing you need to do is to let the 1841 advertise a default route into EIGRP, but with a higher metric than what comes from the 7200. Also make sure that EIGRP on the 7200 is learning its default route from BGP.

This is what you'll have going for you:
1. If BGP dies, default goes away and the 1841 takes over
2. If the 7200 dies, same thing happens.
3. If the 7200 LAN connection dies, it's no longer a neighbor to the 3560 and same thing happens.

Regardless of how you want to change your topology, running dynamic routing protocols make it all very easy.

0
 
sbempongAuthor Commented:
hi, we are still planning on testing failover--hence, i cannot ensure this will work or not...
0
 
sbempongAuthor Commented:
just cannot test at this point
0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now