You want to load balance your traffic between two (or more) HSRP routers.
You can configure HSRP so that both routers are always in use if they are available. This allows you to use your network resources more efficiently, but it is slightly more complicated to configure.
Configure the first router as follows, with two HSRP groups:
Router1#configure terminal Enter configuration commands, one per line. End with CNTL/Z. Router1(config)#interface FastEthernet0/1 Router1(config-if)#ip address 172.22.1.3 255.255.255.0 Router1(config-if)#standby 1 ip 172.22.1.1 Router1(config-if)#standby 1 priority 120 Router1(config-if)#standby 1 preempt Router1(config-if)#standby 2 ip 172.22.1.2 Router1(config-if)#standby 2 priority 110 Router1(config-if)#standby 2 preempt Router1(config-if)#end Router1#
Create the same two HSRP groups on the second router, but change the priority levels from those of the first router so that Router1 is active for group 1 and Router2 is active for group 2:
Router2#configure terminal Enter configuration commands, one per line. End with CNTL/Z. Router2(config)#interface FastEthernet1/0 Router2(config-if)#ip address 172.22.1.4 255.255.255.0 Router2(config-if)#standby 1 ip 172.22.1.1 Router2(config-if)#standby 1 priority 110 Router2(config-if)#standby 1 preempt Router2(config-if)#standby 2 ip 172.22.1.2 Router2(config-if)#standby 2 priority 120 Router2(config-if)#standby 2 preempt Router2(config-if)#end Router2#
This ensures that both routers back up one another simultaneously. You must then configure half of your end devices on this segment to use the address 172.22.1.1 for their default gateway, while the other half would use 172.22.1.2.
By default, when you use HSRP on a LAN segment, all of the traffic goes through whichever router is currently active. This means that the second router and its links are generally idle. If this is a remote site and both routers have WAN links, then you will need to pay for an expensive WAN connection that is almost always unused. So this recipe shows you a way to use both routers.
This method affects only the outgoing traffic from the workstations to the routers and out to the WAN. If you also want to balance the traffic going from the WAN to the LAN, you will need to look at your routing protocol, which determines which WAN connection is the best path to this LAN segment.
The recipe is actually very simple—it simply creates two separate HSRP groups on the same segment. When everything is working normally, Router1 is the active router for one of the groups and Router2 is active for the other. Then, if either of these routers fails, the other takes over and becomes the active router for both groups.
This feature uses Multigroup HSRP (MHSRP). Not all routers support MHSRP. In particular, it does not work on Cisco 1600, 2500, 4000, or 5200/5300 devices. For Token Ring LANs, you can use MHSRP, but there are only three available HSRP groups for Token Rings. Other LAN media such as Ethernet, FDDI, ATM, 802.10, EtherChannel, and various VLAN encapsulations (including LANE, ISL, and 802.1Q) will support 256 groups. Note that you can actually configure more HSRP groups for Token Ring if you use the use-bia option, but every group will use the same MAC address. We discuss this option and its benefits and restrictions in Recipe 22.7.
Once you have configured the routers this way so that they both back one another up, you need to configure the end devices. Half of these devices need to have a default gateway address of 172.22.1.1, and the other half must use 172.22.1.2. Deciding which devices use which address is the key to balancing the load between your routers. If you configure all of your busiest devices to use the same address (and consequently, the same router), then you won't have a very well-balanced network load. This is also where the administration starts to become a little bit more complicated, because you must decide which gateway each new device will use.
Of course, if you have a situation in which both routers support two or more LAN segments, you could simply make one router primary for one segment and the other one primary for the other segment (instead of configuring two HSRP groups on the same interface). This is considerably simpler to administer and works well in larger networks.
The show standby command output includes information about both groups. For the first router in the example you get the following output:
Router1#show standby FastEthernet0/1 - Group 1 Local state is Active, priority 120, may preempt Hellotime 3 sec, holdtime 10 sec Next hello sent in 1.184 Virtual IP address is 172.22.1.1 configured Active router is local Standby router is 172.22.1.4 expires in 9.164 Virtual mac address is 0000.0c07.ac01 17 state changes, last state change 01:14:06 FastEthernet0/1 - Group 2 Local state is Standby, priority 110, may preempt Hellotime 3 sec, holdtime 10 sec Next hello sent in 2.394 Virtual IP address is 172.22.1.2 configured Active router is 172.22.1.4, priority 120 expires in 8.892 Standby router is local 4 state changes, last state change 00:32:22 Router1#
You can see that this router is active for group 1 and in standby for group 2. The same command on the second router shows the converse:
Router2#show standby FastEthernet1/0 - Group 1 Local state is Standby, priority 110, may preempt Hellotime 3 sec, holdtime 10 sec Next hello sent in 0.274 Virtual IP address is 172.22.1.1 configured Active router is 172.22.1.3, priority 120 expires in 9.312 Standby router is local 4 state changes, last state change 01:23:46 IP redundancy name is "hsrp-Fa1/0-1" (default) FastEthernet1/0 - Group 2 Local state is Active, priority 120, may preempt Hellotime 3 sec, holdtime 10 sec Next hello sent in 2.536 Virtual IP address is 172.22.1.2 configured Active router is local Standby router is 172.22.1.3 expires in 8.936 Virtual mac address is 0000.0c07.ac02 1 state changes, last state change 01:21:49 Router2#
Recipe 22.1; Recipe 22.2; Recipe 22.7
|
|
|
| Top |