CCNP experiment: implement multiple groups of HSRP Hot Backup protocols for load sharing

[Lab environment]

C3640-IK9O3S-M Version 12.4 (10) + NM-16ESW Module

[PURPOSE]

Multiple groups of HSRP are used to automatically switch the gateway and share the load. Normally, R1 serves as the gateway for VLAN 100, and R2 serves as the gateway for VLAN 200. When the uplink or downlink goes Down, it automatically switches to the backup gateway, if the previous link is restored, the original gateway is automatically restored.

[Experiment topology]

[Experiment description]

1. SW1 uses the 3640 + NM-16ESW module to simulate the switch and disable the routing function. It is only used as a layer-2 switch and adds f0/3 and f0/4 to VLAN 100 and VLAN 200 respectively, ports f0/1 and f0/2 are configured as trunk ports.

2. PC1 uses the virtual gateway 192.168.1.254 and PC2 uses the virtual gateway 192.168.2.254.

3. To ensure inter-VLAN communication, the single-arm routing technology is used on R1 and R2.

4. To ensure that the experiment results are not affected by IGP, The NAPT technology is used on R1 and R2 to convert private IP addresses to public IP addresses. IGP is not configured on all routers. Configure the default route on R1 and R2.

5. Configure the HSRP Hot Backup Protocol on R1 and R2

Lab procedure]

1. Use VPCS to configure PC1 and PC2

PC1: ip 192.168.1.100/24 192.168.1.254

PC2: ip 192.168.2.200/24 192.168.2.254

2. Configure SW1

When using GNS3 to create a VLAN, you must use the VLAN database mode. Remember to "exit" the application configuration.

SW1 # vlan database
SW1 (vlan) # vlan 100
VLAN 500 added:
Name: VLAN0100
SW1 (vlan) # vlan 200
VLAN 600 added:
Name: VLAN0200
SW1 (vlan) # exit
APPLY completed.
Exiting ....
SW1 #

Route the port to the corresponding VLAN

!
Interface FastEthernet0/1
Switchport mode trunk
!
Interface FastEthernet0/2
Switchport mode trunk
!
Interface FastEthernet0/3
Switchport access vlan 100
!
Interface FastEthernet0/4
Switchport access vlan 200
!

3. Configure R3

!
Interface Loopback0
Ip address 3.3.3.3 255.255.255.255
!
Interface FastEthernet0/0
Ip address 13.1.1.3 255.255.255.0
!
Interface FastEthernet1/0
Ip address 23.1.1.3 255.255.255.0
!

4. Configure the R1 port and single-arm route

R1 (config) # interface FastEthernet0/0
R1 (config-if) # no shutdown
R1 (config-if) # interface FastEthernet0/0.1
R1 (config-if) # encapsulation dot1Q 100
R1 (config-if) # ip address 192.168.1.1 255.255.255.0
R1 (config-if) # interface FastEthernet0/0.2
R1 (config-if) # encapsulation dot1Q 200
R1 (config-if) # ip address 192.168.2.1 255.255.255.0
R1 (config-if) # interface FastEthernet1/0
R1 (config-if) # ip address 13.1.1.1 255.255.255.0
R1 (config-if) # no shutdown

5. Configure the R2 port and single-arm route

R2 (config) # interface FastEthernet0/0
R2 (config-if) # no shutdown
R2 (config-if) # interface FastEthernet0/0.1
R2 (config-if) # encapsulation dot1Q 100
R2 (config-if) # ip address 192.168.1.2 255.255.255.0
R2 (config-if) # interface FastEthernet0/0.2
R2 (config-if) # encapsulation dot1Q 200
R2 (config-if) # ip address 192.168.2.2 255.255.255.0
R2 (config-if) # interface FastEthernet1/0
R2 (config-if) # ip address 23.1.1.2 255.255.255.0
R2 (config-if) # no shutdown

6. Configure NAPT and default route on R1

R1 (config) # access-list 11 permit 192.168.1.0 0.0.255
R1 (config) # access-list 11 permit 192.168.2.0 0.0.255
R1 (config) # ip nat inside source list 11 interface FastEthernet1/0 overload
R1 (config) # interface FastEthernet0/0.1
R1 (config-if) # ip nat inside
R1 (config-if) # interface FastEthernet0/0.2
R1 (config-if) # ip nat inside
R1 (config-if) # interface FastEthernet1/0
R1 (config-if) # ip nat outside
R1 (config-if) # exit
R1 (config) # ip route 0.0.0.0 0.0.0.0 13.1.1.3

7. Configure NAPT and default route on R2

R2 (config) # access-list 22 permit 192.168.1.0 0.0.255
R2 (config) # access-list 22 permit 192.168.2.0 0.0.255
R2 (config) # ip nat inside source list 22 interface FastEthernet1/0 overload
R2 (config) # interface FastEthernet0/0.1
R2 (config-if) # ip nat inside
R2 (config-if) # interface FastEthernet0/0.2
R2 (config-if) # ip nat inside
R2 (config-if) # interface FastEthernet1/0
R2 (config-if) # ip nat outside
R2 (config-if) # exit
R2 (config) # ip route 0.0.0.0 0.0.0.0 23.1.1.3

8. Configure HSRP on R1 so that VLAN 100 takes priority over R1

R1 (config) # interface FastEthernet0/0.1
R1 (config-if) # standby 1 ip address 192.168.1.254 // Configuration group 1, virtual gateway 192.168.1.254
R1 (config-if) # standby 1 priority 105 // raise the priority from the default 100 to 105
R1 (config-if) # standby 1 preempt // configure the preemption Mode
R1 (config-if) # standby 1 track FastEthernet1/0 // configure the uplink trace. if it is down, the priority is reduced by 10 by default, which can be customized with numbers.
R1 (config-if) # interface FastEthernet0/0.2
R1 (config-if) # standby 2 ip 192.168.2.254 // Configuration group 2, virtual gateway 192.168.2.254
R1 (config-if) # standby 2 preempt // configure the preemption Mode

// No priority and trace are configured for group 2. Because group 2 is only used as a backup, the default priority is 100. Even if the uplink is not down, the priority of Group 2 is lower than that of group 2 on R2, therefore, track is not required.

9. Configure HSRP on R2 so that VLAN 200 takes precedence over R2

R2 (config) # interface FastEthernet0/0.1
R2 (config-if) # standby 1 ip address 192.168.1.254
R2 (config-if) # standby 1 preempt
R2 (config-if) # interface FastEthernet0/0.2
R2 (config-if) # standby priority 105
R2 (config-if) # standby 2 ip 192.168.2.254
R2 (config-if) # standby 2 priority 105
R2 (config-if) # standby 2 preempt
R2 (config-if) # standby 2 track FastEthernet1/0

// The reason is the same as that of R1. Group 1 has a high priority on R1 and group 2 has a high priority on R2. as long as their respective links are up, they can ensure that they are Active.

10. Check HSRP on R1 and find that group 1 is Active and group 2 is Standby, which is correct.

R1 # sh standby brief

Interface Grp Prio P State Active Standby Virtual IP
Fa0/0.1 1 105 P Active local 192.168.1.2 192.168.1.254
Fa0/0.2 2 100 P Standby 192.168.2.2 local 192.168.2.254

11. Check HSRP on R2 and find that group 1 is Standby and group 2 is Active. Correct

R2 # sh standby brief

Interface Grp Prio P State Active Standby Virtual IP
Fa0/0.1 1 100 P Standby 192.168.1.1 local 192.168.1.254
Fa0/0.2 2 105 P Active local 192.168.2.1 192.168.2.254

12. Verify tracert when the link is not down on PC1

VPCS [1]> tracert 3.3.3.3
1 192.168.1.1 20.000 MS 11.000 MS 11.000 MS
2*13.1.1.3 77.000 MS (ICMP type: 3, code: 3, Destination port unreachable)

We can see that R1 is selected.

13. Verify tracert when the link is not down on PC2

VPCS [2]> tracert 3.3.3.3
1 192.168.2.2 29.000 MS 29.000 MS 9.000 MS
2*23.1.1.3 84.000 MS (ICMP type: 3, code: 3, Destination port unreachable)

We can see that R2 is selected to achieve load balancing.

14. On PC1, observe the Hot Backup switching when the downstream link of R1 is down (here, the f0/0.1 interface of R1 is down)

The result is not read. Continuous ping does not stop at all, and a packet does not drop. The smoothness is too high to R2...

15. On PC1, observe the Hot Backup switching when the R1 uplink is down (here, the f1/0 interface of R1 is down)

VPCS [1]> ping 3.3.3.3-t
3.3.3.3 icmp_seq = 1 ttl = 254 time = 56.000 MS
3.3.3.3 icmp_seq = 2 ttl = 254 time = 68.000 MS
3.3.3.3 icmp_seq = 3 timeout // after shutdown
3.3.3.3 icmp_seq = 4 ttl = 254 time = 136.000 MS
3.3.3.3 icmp_seq = 5 ttl = 254 time = 52.000 MS
3.3.3.3 icmp_seq = 6 ttl = 254 time = 51.000 MS
3.3.3.3 icmp_seq = 7 timeout // After no shutdown
3.3.3.3 icmp_seq = 8 ttl = 254 time = 59.000 MS
3.3.3.3 icmp_seq = 9 ttl = 254 time = 50.000 MS

We can see that one package is dropped between the down and up respectively, and the effect is very good. During Hot Backup, The HSRP status on R1 and R2 is as follows. The priority of R1 is reduced by 10, and the Standby status is changed. R2 is Active. When the link of R1 is restored, it will be preemptible again.

R1 # sh stan bri
Interface Grp Prio P State Active Standby Virtual IP
Fa0/0/0.1 1 95 P Standby 192.168.1.2 local 192.168.1.254
Fa0/0.2 2 100 P Standby 192.168.2.2 local 192.168.2.254

R2 # sh stan bri
Interface Grp Prio P State Active Standby Virtual IP
Fa0/0.1 1 100 P Active local unknown 192.168.1.254
Fa0/0.2 2 105 P Active local 192.168.2.1 192.168.2.254

Now the experiment is complete.