HSRP: virtual IPs without real IPs?

Discussion in 'Cisco' started by Martijn Lievaart, Feb 9, 2012.

  1. Hi group,

    I googled this but did not find a definitive answer.

    Is it possible to have HSRP on an interface of a Cisco, with just the
    virtual IP address, not a "real" IP address?

    I'm asking because a consultant is setting up a new network for us,
    insisting on many /24 segments. Each of these segments will be routed
    through a collapsed backbone setup and will probably use HSRP.

    Although loosing two addresses in a /24 is not a big deal, I want to know
    if it is possible, and if it is, is it a good idea.

    (Actually due to DHCP redundancy, only half of the addresses can be used,
    which would mean 125 instead of 126 possible addresses. Whatever)

    As far as I can tell, it is simply not possible. IOS simply does not
    allow it. The 'standby ip' command does not allow a netmask so is tied to
    the 'ip address' command.

    Any thoughts?

    Regards,
    M4
    Martijn Lievaart, Feb 9, 2012
    #1
    1. Advertising

  2. Hi There

    Nope, the "Virtual-Address" is bound to the "Physical Address", so you will have to sacrifice 3 address for a redundant HDRP fail-over solution. 1 for SW1, 1 for SW2, 1 for VirtIP. I typically use .254 for Route, and .253/.252 for SW1 and SW2 respectively.

    Hope this helps.

    Obviously if you have more switches part of the HSRP group, you will require more "physical addresses".
    Richard Westby-Nunn, Feb 10, 2012
    #2
    1. Advertising

  3. On 10/02/2012 09:29, Richard Westby-Nunn wrote:
    > Hi There
    >
    > Nope, the "Virtual-Address" is bound to the "Physical Address", so you will have to sacrifice 3 address for a redundant HDRP fail-over solution. 1 for SW1, 1 for SW2, 1 for VirtIP.


    Hi,
    you could use VRRP instead of HSRP.
    This way you need two ip address only if you are using two router.
    In vrrp physical address and virtual address can be the same on the
    master virtual router, e.g. with two router you can get this:


    Router A Fasteth0/0 192.168.1.1

    Router B Fasteth0/0 192.168.1.2

    Virtual IP Address 192.168.1.1


    Router A reply to ARP request with virtual mac address.
    If router A fails, then Router B will become master virtual router.



    Regards,
    Marco
    Marco Giuliani, Feb 14, 2012
    #3
  4. Martijn Lievaart

    Stephen Guest

    On Tue, 14 Feb 2012 14:42:56 +0100, Marco Giuliani
    <> wrote:

    >On 10/02/2012 09:29, Richard Westby-Nunn wrote:
    >> Hi There
    >>
    >> Nope, the "Virtual-Address" is bound to the "Physical Address", so you will have to sacrifice 3 address for a redundant HDRP fail-over solution. 1 for SW1, 1 for SW2, 1 for VirtIP.

    >

    You can use addresses from different subnets - work use this to
    minimise the "burn" of registered IP addresses.

    >Hi,
    >you could use VRRP instead of HSRP.
    >This way you need two ip address only if you are using two router.
    >In vrrp physical address and virtual address can be the same on the
    >master virtual router, e.g. with two router you can get this:
    >
    >
    >Router A Fasteth0/0 192.168.1.1
    >
    >Router B Fasteth0/0 192.168.1.2
    >
    >Virtual IP Address 192.168.1.1
    >
    >
    >Router A reply to ARP request with virtual mac address.
    >If router A fails, then Router B will become master virtual router.
    >
    >
    >
    >Regards,
    > Marco


    Hi

    I think if you use the "real" address for VRRP, there is some
    wierdness with the MAC addresses - but it is over 10 years since i
    went thru the standards on this.

    We had some major issues with Nortel switches and VRRP - the fix was
    to not use a physical IP address for the virtual gateway.
    --
    Regards

    - replace xyz with ntl
    Stephen, Feb 14, 2012
    #4
  5. On Tue, 14 Feb 2012 20:09:49 +0000, Stephen wrote:

    > I think if you use the "real" address for VRRP, there is some wierdness
    > with the MAC addresses - but it is over 10 years since i went thru the
    > standards on this.
    >
    > We had some major issues with Nortel switches and VRRP - the fix was to
    > not use a physical IP address for the virtual gateway.


    Thanks all for the answers. I got independent confirmation it cannot be
    done.

    VRRP is not an option, I'll just have to reserve the extra addresses in
    the segment template, where VSS isn't used.

    Regards,
    Martijn
    Martijn Lievaart, Feb 15, 2012
    #5
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Woife
    Replies:
    0
    Views:
    609
    Woife
    Jul 29, 2004
  2. Woife
    Replies:
    3
    Views:
    2,811
    Woife
    Jul 30, 2004
  3. Replies:
    2
    Views:
    1,108
  4. sadek

    efficient use of real ips

    sadek, Feb 2, 2006, in forum: Cisco
    Replies:
    1
    Views:
    382
    Bryan Martin
    Feb 2, 2006
  5. Mr_Huang

    HSRP Virtual MAC

    Mr_Huang, Nov 12, 2007, in forum: Cisco
    Replies:
    5
    Views:
    3,398
    Mr_Huang
    Nov 13, 2007
Loading...

Share This Page