HSRP: virtual IPs without real IPs?

Discussion in 'Cisco' started by Martijn Lievaart, Feb 9, 2012.

  1. Hi group,

    I googled this but did not find a definitive answer.

    Is it possible to have HSRP on an interface of a Cisco, with just the
    virtual IP address, not a "real" IP address?

    I'm asking because a consultant is setting up a new network for us,
    insisting on many /24 segments. Each of these segments will be routed
    through a collapsed backbone setup and will probably use HSRP.

    Although loosing two addresses in a /24 is not a big deal, I want to know
    if it is possible, and if it is, is it a good idea.

    (Actually due to DHCP redundancy, only half of the addresses can be used,
    which would mean 125 instead of 126 possible addresses. Whatever)

    As far as I can tell, it is simply not possible. IOS simply does not
    allow it. The 'standby ip' command does not allow a netmask so is tied to
    the 'ip address' command.

    Any thoughts?

    Martijn Lievaart, Feb 9, 2012
    1. Advertisements

  2. Hi There

    Nope, the "Virtual-Address" is bound to the "Physical Address", so you will have to sacrifice 3 address for a redundant HDRP fail-over solution. 1 for SW1, 1 for SW2, 1 for VirtIP. I typically use .254 for Route, and .253/.252 for SW1 and SW2 respectively.

    Hope this helps.

    Obviously if you have more switches part of the HSRP group, you will require more "physical addresses".
    Richard Westby-Nunn, Feb 10, 2012
    1. Advertisements

  3. Hi,
    you could use VRRP instead of HSRP.
    This way you need two ip address only if you are using two router.
    In vrrp physical address and virtual address can be the same on the
    master virtual router, e.g. with two router you can get this:

    Router A Fasteth0/0

    Router B Fasteth0/0

    Virtual IP Address

    Router A reply to ARP request with virtual mac address.
    If router A fails, then Router B will become master virtual router.

    Marco Giuliani, Feb 14, 2012
  4. Martijn Lievaart

    Stephen Guest

    You can use addresses from different subnets - work use this to
    minimise the "burn" of registered IP addresses.

    I think if you use the "real" address for VRRP, there is some
    wierdness with the MAC addresses - but it is over 10 years since i
    went thru the standards on this.

    We had some major issues with Nortel switches and VRRP - the fix was
    to not use a physical IP address for the virtual gateway.
    Stephen, Feb 14, 2012
  5. Thanks all for the answers. I got independent confirmation it cannot be

    VRRP is not an option, I'll just have to reserve the extra addresses in
    the segment template, where VSS isn't used.

    Martijn Lievaart, Feb 15, 2012
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.