Hotel case study - HSRP Configuration
Explanation Although we have redundant distribution layer devices, our PCs do not have the ability to support multiple gateways. That forces us to configure a single gateway address on the PC and in the even that gateway fails, the PC will lose connectivity.
The solution is to configure the two distribution layer routers for HSRP (Hot Standby Routing Protocol). HSRP creates a virtual router whose functionality is provided bythe physical routers. If a physical router fails, the standby router will take its place in providing the services of the virtual router. As the virtual router has a consistent IP and MAC address, any change in the availability of the physical routers is invisible to the PC.
It is important to understand that the HSRP region extends between the distribution layer devices and the host PC. All of these devices will be in the same subnet and VLAN. The distribution layer devices perform interVLAN routing and so the router interfaces are VLAN interfaces (not physical port numbers). When you configure HSRP you must apply it to the VLAN interfaces on the distribution layer device. This is a subtle but important difference between the lab (where we used dedicated routers) and the case study where we are using layer 3 switches with SVI (Switch Virtual Interfaces).
Routing Requirements
You must provide intervlan routing, such that all devices can ping one another.
Configure intervlan routing on all DL switches. Users on level one should make use of DL1 as their default gateway. Users on level two should make use of DL2 as their default gateway. Use HSRP with the active router for each guest floor being on a different router.
What you need to do?
Once inter vlan routing is configured on the distribution layer, you vlan interfaces should look something like this (PerDL shown as an example):
interface Vlan10 no shutdown description Perth Staff ip address 10.1.128.2 255.255.255.0
We activate and configure HSRP with the standby command. The standby ip command defines the IP address of the virtual router. The identical command should be applied under the matching VLAN interfaces on both distribution routers in an region (Perth/Sydney).
interface Vlan10 standby 10 ip 10.1.128.1
Once this has been applied, the two DL routers on VLAN10 will negotiate so that one of the DL routers will be the HSRP active router and provide services for the virtual router. The other router will be the standby router and will take over the role of the active router should it fail.
By using setting the gateway on our hosts to the IP address of the virtual router (10.1.128.1) we provide the host with a more reliable and consistent gateway.
Even though we have a virtual router you should be conscious of the fact that actual traffic moves via the active router. And the physical path taken to get to the gateway is governed by the path defined by the spanning tree protocol. (There's a lot going on here, take your time to think through this).
Creating a network that functions is one thing. Optimising the traffic paths is an additional and often overlooked stage. The general rule is that the distribution switch/router that acts as the active HSRP router should also be the STP root bridge.
You can choose which router becomes active for HSRP
How you will know it is configured correctly?
What questions could I see on the practical exam?