Link to home
Start Free TrialLog in
Avatar of Ken H.
Ken H.

asked on

How do I do HSRP between two nexus switch groups?

Here is the situation: Datacenter provides redundant ethernet handoff via hsrp on their nexus switches .... we have multiple firewalls and devices that are on the internet side so we want the hsrp links to go into a non routed vlan on our nexus, but I can't get both links to come up. Is there a solution that will allow both links on the network so i have redundancy?

Avatar of Craig Beck
Craig Beck
Flag of United Kingdom of Great Britain and Northern Ireland image
we have multiple firewalls and devices that are on the internet side so we want the hsrp links to go into a non routed vlan on our nexus
HSRP is L3 so what do you mean exactly by "non routed vlan"?
Avatar of Ken H.
Ken H.

ASKER

I'm saying this wrong..... ultimately I want to plug two ethernet links configured with HSRP into my nexus without using HSRP on my end.
Avatar of Ken H.
Ken H.

ASKER

Look at my horrible diagram … I have several devices getting redundant internet links off my nexus but right now I only have one link from my nexus to the other nexus that is configured with hsrp. What is the config I need to allow both links to be plugged in because right now when I plug both in it takes the circuit down. User generated image
Avatar of Craig Beck
Craig Beck
Flag of United Kingdom of Great Britain and Northern Ireland image
Ok got it. From what I can see...

  • N5K1 and N5K2 need a L2 link between them on the VLAN that HSRP runs on. I assume you have that already?
  • N5KA and N5KB need a L2 link between them on the HSRP VLAN also, unless they each connect to both N5K1 and N5K2 directly. From the diagram they only link to one N5K each, so link N5KA and N5KB together at L2 on the HSRP VLAN.
  • STP should be configured with N5K1 and N5K2 as the root primary and secondary. This will help the correct links to block which will stop a loop occurring.
Avatar of Ken H.
Ken H.

ASKER

I'm more of a virtualization/storage engineer. Networking is not my strong suit so if I could get a little more clarification from you that would be great.

Are you saying on N5K1 and N5K2 vpc I need :>spanning tree port type network ?

How would I need to configure the ports on N5KA and N5KB to make this work? Would they be a vpc with the same spanning tree?

This question needs an answer!
Become an EE member today
7 DAY FREE TRIAL
Members can start a 7-Day Free trial then enjoy unlimited access to the platform.
View membership options
or
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.