Software and hardware redundancy

Software Redundancy:

  • Multilayer switches act as gateway for end users. First Hop Redundancy protocols (FHRP) are available to provide redundancy to end users.
  • FHRP includes;
    • Hot Standby Router Protocol (HSRP)
    • Virtual Router Redundancy Protocol (VRRP)
    • Gateway Load Balancing Protocol (GLBP)

HSRP:

  • HSRP is Cisco proprietary allows several routers to appear as single IP gateway address.
  • Among the group of routers, one router is selected as ‘active’ and another is selected as ‘standby’ and all others are selected as ‘listen’
  • All HSRP routers send Hello packets destined to 224.0.0.2 using UDP port 1985.
  • A group number can be assigned to HSRP. Values from 0 to 255 (default being 0)
  • HSRP groups are local significant to the interface.
  • Router election:
    • Priority values (0 to 255) can be assigned to HSRP routers. Default value is 100. Highest: 255
    • Router with highest Priority will be ‘active’ for that group. If there is tie, router with highest interface IP address will win the election.
    • HSRP Devices progress their interface states as disabled, init, listen, speak, standby, active.
    • Only standby monitors hello message from active router.
    • Default hello and hold down timers are 3 and 10 respectively. Use same timers in all routers.
    • By default, preempt is disabled.
  • Authentication:
    • Plain-text:
      • HSRP messages are sent with plain-text key. Default key being ‘cisco’
      • ‘(config-if)#standby 1 authentication cisco1’
    • MD5:
      • Can use either ‘key-string’ or ‘key-chain’ option.
      • ‘(config-if)#standby 1 authentication md5 {key-string | key-chain}’
  • We can track uplink interface so that when the interface goes down, the priority is reduced by a value, 10 being default. “(config-if)#standby 1 track <interface> <decrement value>’
    • For successful takeover of master;
      • Another router should have highest priority.
      • ‘preempt’ should be configured on another router.
  • HSRP address: Configure via ‘(config-if)#standby  <group> ip <address>”. Assign this IP address as default gateway to host. Virtual MAC address used for a specific group would be 00:00:0c:07:ac:xx where ‘xx’ is the HSRP group number.
  • For load balance, configure two groups on an interface. Make the local router active for one group and standby for another group. Assign 2 configured IP address as default gateway to hosts.
  • Configuration:
    • ‘(config-if)#standby  <group>  priority <>’
    • ‘(config-if)#standby  <group>  timers <hello> <hold>’
    • ‘(config-if)#standby 1 preempt delay { minimum | reload} ‘
      • Minimum <sec> : to force router to preempt after <sec> once the router is ready for active role.
      • Reload <sec> : to force router to wait for <sec> after it is reloaded.
    • “show standby” command to view the HSRP status.

VRRP:

  • VRRP is standard based defined in RFC-2338. Same concept as HSRP.
  • Active router is called as ‘master’ and all other routers are in ‘backup’ state.
  • Priority values (1 to 254) can be assigned to VRRP routers. Default value is 100. Highest: 254
  • VRRP group numbers: 0 to 255.
  • Virtual Mac address is = 00: 00: 5e:00:01:xx where ‘xx’ is VRRP group number.
  • VRRP sends hello message every 1 second destined to 224.0.0.18 using IP protocol: 112
  • Backup router can learn advertisement interval from master. ‘vrrp <x> timers learn’
  • Preempt enabled by default.
  • Configuration:
    • ‘vrrp <group> priority’
    • ‘vrrp <group> ip <add>’
    • ‘vrrp <group> authentication <>’
    • ‘vrrp <group> preempt delay <>’
    • Show vrrp

GLBP:

  • Cisco proprietary protocol that overcomes the limitation of load balancing in VRRP and HSRP.
  • Multiple routers participate in forwarding packets from host to default gateway address.
  • When client sends ARP request for default-gateway, GLBP replies with virtual MAC address of selected router in the group.
  • All clients use same Virtual address but different MAC address.
  • Active virtual Gateway: (AVG):
    • One router in the group is selected as AVG by election. Highest Priority or highest interface IP address.
    • AVG answers all ARP request for default-gateway from clients. Selection of a routers’ virtual MAC depends on load-balancing algorithm in use.
    • Upto four virtual MAC address (4 routers) can be used in a group at any time. Routers involved in forwarding the traffic is referred as ‘active virtual forwarder’ (AVF).
    • Other routers than 4 serve as backup AVF routers.
  • GLBP group numbers can be from 0 to 1023. Priority can be 1 to 255. Highest: 255 and default:100
  • Preempt disabled by default as in HSRP.
  • AVG sends hello message to all GLBP routers and expects hello from each routers.
  • Default: hello 3 seconds and holds 10 seconds. Other routers can learn these times from AVG.
  • Active virtual forwarder: (AVF)
    • AVG assigns four routers as AVF along with their virtual MAC address.
    • Mac address will be in the form of 00:07:b4:xx:xx:yy
      • ‘xx:xx’ denotes six zero bits followed by 10-bit GLBP group number.
      • ‘yy’ denotes virtual forwarder number.
    • All AVF routers exchange hello packets with each other. If AVG fails to receive hello within hold timer, it assumes that AVF as failed and assigns the failed AVF function to another AVF router.  This router act as forwarding router for 2 MAC address (its own+failed routers’ mac)
    • AVG uses two timers to resolve this condition – single router handles 2 MAC addresses.
      • Redirect timer: Time when AVG will stop using the failed routers mac address in ARP reply. Default is 10 minutes
      • Timeout time: Time when AVG flushes the old mac address and the failed AVF ID from all GLBP peer. Clients which used old virtual mac address need to refresh its arp to lean new mac address for the default-gateway. Default is 4 Hours.
      • Can be changed by ‘glbp <group> timers redirect <redirect> <timeout>’
    • GLBP uses weighting function to determine which routers to become AVF. Each participating router will have 100 as maximum weight. When a specified interface goes down, the weight value is decremented by specified value (default: 10)
    • GLBP uses threshold to determine when a router can be AVF. If weight < lower threshold, the router should give up its AVF role. When weight> upper threshold, it can resume its  role
    • Create a track object as assign it to GLBP weighting configuration.
      • ‘(config)# track <number> interface <id> {line-protocol | ip-routing}’
      • ‘(config-if)# glbp <group> weighting <max value> lower <x> upper <x>’
      • ‘(config-if)# glbp <group> weighting track <number> decrement <value>’
    • Higher weight router cannot preempt the current AVF even if it has lower weight.
  • Load-balancing:
    • AVG assigns the four virtual MAC address to the ARP request in following manner;
      • Round-robin: Default method. AVG uses mac addresses in round robin fashion in ARP reply. All AVF is expected to receive fairly equal amount of traffic.
      • Weighted: AVG uses a particular router depending on its interface weight function.
      • Host dependent: Each client receives the same virtual mac address in ARP reply.
    • ‘(config-if)# glbp <group> load-balancing { round-robin | weighted | host-dependent }’
  • Configuration:
    • ‘(config-if)#glbp <group> priority <level>’
    • ‘(config-if)#glbp <group> preempt [delay]’
    • ‘(config-if)#glbp <group> timers [msec] <hello> [msec] <hold>’
    • ‘(config-if)#glbp <group> ip <address> [secondary]’
    • Show glbp [brief]

Hardware redundancy:

  • Cat 4500, 6500 can accept two Supervisor modules, one acting as active and other remains in standby state. Standby supervisor boot up and initialize only to certain level depending on mode.
  • Redundancy modes: Route Processor Redundancy (RPR);
    • When primary fails, standby reload every other modules and then initialize supervisor fn.
  • Route Processor Redundancy plus (RPR+):
    • Standby initialize L2 and L3 fn without reloading other modules. Port status remains same.
  • Stateful Switchover (SSO):
    • Standby is fully booted and initialized. Both startup and running config are synced
  • Single-router Mode (SRM): Two route processors are being used buy only one active at a time.
  • Dual-router Mode (DRM): Both route processors are active at a time.
  • Commands:
    • (config)# redundancy
    • (config-red)#mode {rpr | rpr-plus | sso}
    • Show redundancy status
  • Supervisor synchronization:
    • By default, the active supervisor synch both startup config and configuration register values with standby supervisor.
    • (config)# redundancy
    • (config-red)#main-cpu
    • (config-r-mc)# auto-sync { startup-config | config-register | bootvar}
    • To return to default, use “auto-sync standard”
  • Nonstop Forwarding: (NSF)
    • Used along with SOO feature to quickly rebuild the RIB table from nsf-aware neighbor router
    • “bgp graceful-restart” under BGP configuration. “nsf” under eigrp, ospf and isis config mode.
Advertisements
This entry was posted in IOS, L2 switch and tagged , , , , , . Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s