Layer 3 switch stack default route to HSRP address

I have a customer who is using their ISP to provide their on premise routers as part of their MPLS, which has a firewall service on their internet breakout.  The routers onsite are in a HSRP configuration.

I want to add layer 3 switch functionality, so to do this we have a pair of HP Procurve (now Aruba) 2920 stacked switches.

So the layer 3 switches will become the default gateway, with the ISP's routers remaining.  I have asked for the ISP routers to have their IP range changed as I want to retain the subnet for the customer and I don't want to change their servers IP addresses etc.

ISP router 1 - 172.16.10.13/28
ISP Router 2 - 172.16.10.14/28
HSRP address 171.16.10.1/28

The Core switch stack IP is 172.16.10.2/28
The core switch will carry on running the existing subnet 10.1.1.0/24, with the core switch stack now having the default gateway that used to belong to the ISP HSRP.
The default route 0.0.0.0 0.0.0.0 172.16.1.1 will be set on the core switch stack
I have requested that the ISP add the routes to forward all traffic to the 10.1.1.0 network to the core switch stack
The ISP router 1 will be in the top core switch and ISP router 2 will be in the second core switch

- Can I use the HSRP address as the default route in this instance?
- Any other foreseeable issues?
-
LVL 12
DLeaverAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

atlas_shudderedSr. Network EngineerCommented:
DLeaver -

I'm trying to get my head wrapped around what you are trying to do.  How are you routing the 10.1.1.0/24 today?
0
buckethead34Commented:
Yes you should be able to use the HSRP address to route to. All you are really doing is adding the local routing to your L3 switches. If you split the uplinks to the two routers between the stack you should be good to go.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
DLeaverAuthor Commented:
@Atlas  - It is currently assigned to the inside interface of the ISP's router onsite - this goes into their layer 2 switches

@Buckethead - Thanks for confirming - I can only see one presentation from the ISP at the moment, which looks odd (cable goes from main ISP router into the 800 series backup router and from the 800 series into their switch - shouldn't I see a link from both?...
0
Choose an Exciting Career in Cybersecurity

Help prevent cyber-threats and provide solutions to safeguard our global digital economy. Earn your MS in Cybersecurity. WGU’s MSCSIA degree program was designed in collaboration with national intelligence organizations and IT industry leaders.

buckethead34Commented:
So do they have two routers that are running hsrp? I would have a link from R1->S1 and R2->S2.
0
atlas_shudderedSr. Network EngineerCommented:
Okay, based on the information above, I would say that I would do one of two things.

A. Keep the HSRP between the routers for the 172. network and place their uplinks to your switch inside its own VLAN - ex. VLAN 172.  Create an SVI on the switch so that it will participate in the routing of that network and then route the 10.x from the core itself.  You would then create a default route to the .1 HSRP address on the routers.  This is quick and low labor but will limit future flexibility.

B. And I would prefer this over A if possible.  Have the ISP change their uplinks to two /30's in a different scope (e.g. 192.168.x.x/30).  I would then create two layer three interfaces on the core switch and pin these to the /30's of the ISP.  Bring the 172.16 totally inside, recovering two IP's for future use.  
Establish OSPF with the ISP routers and have them install default-information originate in their OSPF context
On the switch, create an SVI with the 172.16.10.1 HSRP address assigned to it  
Create a second SVI for your 10. network.  
Allow OSPF to make your routing/failover decisions based on ECLB inside OSPF.
This would be a little more time and effort to set up but will provide flexibility moving forward.  It also provides the benefits of being more easily manipulated if you want and, with the default-info orig, if an ISP router loses its DFG, OSPF will failover fully to the one that is still advertising.
0
DLeaverAuthor Commented:
Thanks both.

Carried out the change, with routing to the HSRP working as expected and straightening out the ISP's bodge setup by connecting each router to a different switch within the stack.
0
atlas_shudderedSr. Network EngineerCommented:
Excellent.  Cheers
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Routers

From novice to tech pro — start learning today.