Solved

HSRP with RPVST

Posted on 2010-09-18
13
1,379 Views
Last Modified: 2012-08-13
Hi

At present we are using PVST and HSRP in our network

Core 1 is configured as Root bridge   primary for all Vlans and core 2 is configured as root secondary.

and my HSRP configuration is like this

interface Vlan171
 ip address 10.71.5.2 255.255.255.0
 ip helper-address 10.71.10.102
 ip route-cache flow
 standby 171 ip 10.71.5.1
 standby 171 priority 120
 standby 171 preempt
 standby 171 name Vlan171

i would like to Use Rapid PVST for fast convergence

what all are things will effect with this and what is the configuration i have to do to enable RPVST

thanks in advance



Drawing1.jpg
0
Comment
Question by:amitabhg
  • 6
  • 6
13 Comments
 
LVL 17

Expert Comment

by:Kvistofta
ID: 33707602
This document describes what you want to accomplish and how to do it:

http://www.cisco.com/en/US/products/hw/switches/ps708/products_configuration_example09186a00807b0670.shtml

Your HSRP-configuration is irrellevant and will be untouched since stp is purely l2.

Good luck!
/Kvistofta
0
 
LVL 24

Accepted Solution

by:
rfc1180 earned 500 total points
ID: 33707781
>i would like to Use Rapid PVST for fast convergence

yup, good choice

>what all are things will effect with this and what is the configuration i have to do to enable RPVST
typically, nothing. Rapid-PVST is backward compatible with PVST. Do not expect fast convergence during the migration. During the migration, do expect up to 30 seconds of downtime during each configuration change on the "D" switches and in some cases 50 seconds. Migrating to RPVST one the core switches will only have an expected outage of around 200-300ms.


Migration will be straight forward really:

Migration:
Open a maintenance window of some sort(Good to have one and notify all your users)
Backup all your configs

take a snapshot of your current topology of PVST (show spanning summary)

migrate to Rapid-PVST:

Make the change on D1 (wait for network stability).
D1#conf t
D1(config)#spanning-tree mode rapid-pvst
D1#wr mem
D1#show span summary
D1#show span incon

Make the change on D2 (wait for network stability).
D2#conf t
D2(config)#spanning-tree mode rapid-pvst
D2#wr mem
D2#show span summary
D2#show span incon

Make the change on D3 (wait for network stability).
D3#conf t
D3(config)#spanning-tree mode rapid-pvst
D3#wr mem
D3#show span summary
D3#show span incon

Make the change on D4 (wait for network stability).
D4#conf t
D4(config)#spanning-tree mode rapid-pvst
D4#wr mem
D4#show span summary
D4#show span incon

Make the change on core1 (wait for network stability).
Core1#conf t
Core1(config)#spanning-tree mode rapid-pvst
Core1#wr mem
Core1#show span summary
Core1#show span incon

Make the change on core2 (wait for network stability).
Core2#conf t
Core2(config)#spanning-tree mode rapid-pvst
Corr2#wr mem
Core2#show span summary
Core2#show span incon

Complete


Billy

0
 

Author Comment

by:amitabhg
ID: 33714294
Hi

TanQ for your reply

we have couple of 2950 switches some or directly connected to Distribution switches and some are connected to core is this same procedure i have to fallow for those switches also.

Durga
0
 
LVL 24

Expert Comment

by:rfc1180
ID: 33715628
start from the bottom and work to the top.
0
 

Author Comment

by:amitabhg
ID: 33716697
Hi

TanQ for your reply

today we tested this with test setup with two 3750's are as core and one 2950 as access

we configured RPVST as per above commands.

When we switch off core 1 its taking 10 sec to converge is it possible to reduce this....???

 
0
 
LVL 24

Expert Comment

by:rfc1180
ID: 33718204
>When we switch off core 1 its taking 10 sec to converge is it possible to reduce this....???
something is not configured correctly if it is taking 10 seconds.
Your test setup, do you have a network diagram and configs

Billy
0
Do You Know the 4 Main Threat Actor Types?

Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

 

Author Comment

by:amitabhg
ID: 33723038
0
 

Author Comment

by:amitabhg
ID: 33723039
Hi Billy

Please find attached configs
0
 
LVL 24

Expert Comment

by:rfc1180
ID: 33724807
can you please describe what it is that you are doing and how you are noticing the 10 second downtime; I suspect that what you are seeing is Layer 3 causing your 10 second outage (HSRP failover) when you switch off core 1.


Billy
0
 

Author Comment

by:amitabhg
ID: 33725972
Hi Billy,

we kept continues ping from one vlan server to another vlan server and switch off  core 1

and we measured time between stopped ping and start ping.
0
 
LVL 24

Expert Comment

by:rfc1180
ID: 33727123
yeah, so your issue is related to HSRP failover, you can try and adjust HSRP timers, but HSRP is old school and will more than likely be better off with VRRP or better yet, GLBP.

Billy
0
 

Author Comment

by:amitabhg
ID: 33743293
Hi Billy,

I just configured GLBP and tested the same its also taking 10 sec.

are there any setting required to reduce this time.

Thanks
Durga

0
 
LVL 24

Expert Comment

by:rfc1180
ID: 33743439
please read:

http://www.cisco.com/en/US/docs/ios/12_2t/12_2t15/feature/guide/ft_glbp.html#wp1044247

Most protocols have default timers, and the defaults are useless in my opinion:


try adjusting the timers (Please change to the interface you are using)

interface gigabitethernet0/0
glbp 10 timers 2 5

Billy



0

Featured Post

Threat Intelligence Starter Resources

Integrating threat intelligence can be challenging, and not all companies are ready. These resources can help you build awareness and prepare for defense.

Join & Write a Comment

Introduction This article explores the design of a cache system that can improve the performance of a web site or web application.  The assumption is that the web site has many more “read” operations than “write” operations (this is commonly the ca…
Security is one of the biggest concerns when moving and migrating your data from your on-premise location to the Public Cloud.  Where is your data? Who can access it? Will it be safe from accidental deletion?  All of these questions and more are imp…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now