Configure HSRP on cisco 9300 switch

Math Tec
Math Tec used Ask the Experts™
on
Hi,

I have two Cisco switches 9300 and I want to configure HSRP. I have 10 VLAN's

192.168.0.0
192.168.1.0
....192.168.10.0


Thanks
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Sr.Net.Eng
Top Expert 2011
Commented:
Basic config would look like below. The only difference between the switches is the priority and the actual ip address of their vlan interface. Do this for each vlan subnet you have listed.

**NOTE** My presumption is that all else is kosher. For example VPC Peerlink

Primary Switch:

interface Vlan20
  no ip redirects
  ip address 192.168.20.253/24
  no ipv6 redirects
  hsrp version 2
  hsrp 20
    preempt
    priority 110
    ip 192.168.20.254

Open in new window

Secondary switch:
interface Vlan20
  no ip redirects
  ip address 192.168.20.252/24
  no ipv6 redirects
  hsrp version 2
  hsrp 20
    preempt
    ip 192.168.20.254

Open in new window

Distinguished Expert 2018

Commented:
Example  above is missing
feature hsrp
hsrp version 2 command is just  hsrp 2

But, anyway, Nexus 9300 or Catalyst 9300?
:)

Author

Commented:
Thank you for your reply.

Then to make each VLAN connect the other VLAN's we have to use RIP on the core switch (Cisco 9300). Is that correct?

Also, my DHCP server is in windows server 2016. The scenario will be like this. I have two LAN's in the server. I configured Multi DHCP in the server. The Ethernet cables from both LAN's will connected to intermediate switch then from that switch I will have two Ethernet cables each one connected to one core switch (Cisco 9300). Is that correct?

Also, I will need to configure IP helping address on each access switch (Cisco 3750) that are connected to core switch (Cisco 9300) to make all computers that are connected to (Cisco 3750 switch) get IP address. Is that correct?

Do I need to configure routing in the server?

Also, the core switches will connected to ASA 5520 with inside interface IP address 192.168.0.1. So, Also, I will need to connect ASA to both switches. Is that correct? How do I configure ASA to handle all VLAN's

Thanks
Istvan KalmarHead of IT Security Division
Top Expert 2010

Commented:
Hi,

Do you have stack cable for 2 CORE 9300 switch? Do you have topology plan?
If you use stack you don't need HSRP. Which sw run on ASA?

Best regards,
Istvan
SouljaSr.Net.Eng
Top Expert 2011

Commented:
Then to make each VLAN connect the other VLAN's we have to use RIP on the core switch (Cisco 9300). Is that correct?

No routing protocol is needed between the two cores for hsrp. You just need to ensure you have a trunk between the two core switches tagging the vlans.

Also, my DHCP server is in windows server 2016. The scenario will be like this. I have two LAN's in the server. I configured Multi DHCP in the server. The Ethernet cables from both LAN's will connected to intermediate switch then from that switch I will have two Ethernet cables each one connected to one core switch (Cisco 9300). Is that correct?

I don't quite understand what you are trying to accomplish here. If just simple dhcp for multiple networks, you don't need multiple nic's on separate networks. Just create the necessary scopes for each vlan on the dhcp server. The ip helpers on the core will do the rest.

Also, I will need to configure IP helping address on each access switch (Cisco 3750) that are connected to core switch (Cisco 9300) to make all computers that are connected to (Cisco 3750 switch) get IP address. Is that correct?

You do not configure the ip helper on each access switch. The only place the ip helper will be configured is under each hsrp vlan interface except the vlan where the dhcp server resides.

Do I need to configure routing in the server?

No routing is needed on the server cause you will be only connecting one nic.

Also, the core switches will connected to ASA 5520 with inside interface IP address 192.168.0.1. So, Also, I will need to connect ASA to both switches. Is that correct? How do I configure ASA to handle all VLAN's

You will only be able to connect the asa to one switch is only using that one inside interface. If you have an ASA cluster, your secondary ASA could connect to the second core. The ASA I assume is just an edge device between your internet and internal network. If you are looking to filter between vlan, then this design will need to change as the ASA will need to be routing for the vlans or transparent and bridging the VLANS which is a headache on ASA's because of their need to VLAN stitch.

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial