HSRP load balancing regarding VLANs.

I know that you have to create Vlans in order for one vlan to use one router and the other vlan to use the other router for load balancing per subnet. My question is why do we have to create VLAN's can't we just create 2 Hsrp groups with 2 different virtual IP addresses and set a virtual IP address on half of the hosts and the other virtual IP address on the other half without having to use VLAN's and just letting it be one subnet.
Why must we use VLAN's?

Find more posts tagged with

Comments

hurricane1091

So, we're talking layer 3 switches here.

If we create the vlans (let us just say VLAN 10 and VLAN 20) and then the two SVIs (switched virtual interfaces), the HSRP config goes under the SVI.

Example:

SWITCH 1
interface Vlan10
description user VLAN
ip address 192.168.10.2 255.255.255.0
standby 10 ip 192.168.10.1 255.255.0
standby 10 priority 115
standby 10 preempt

SWITCH 2
interface Vlan10
description user VLAN
ip address 192.168.10.3 255.255.255.0
standby 10 ip 192.168.10.1 255.255.0
standby 10 priority 95
standby 10 preempt

You would port channel the two switches together, and switch 1 would be the default gateway (unless it goes down) for VLAN 10. This is useful because VLAN 20 could have the opposite priorities, and switch 2 could be the default gateway for than VLAN. Let's just say VLAN 20 is phones. All users should be on the same VLAN, and they will all go to switch 1 when they need to route somewhere, and the phones will all be on the same VLAN and go to switch 2 when they need to route somewhere. Even if a phone is plugged into switch 1, it will traverse the port channel and go to switch 2, which probably has an upstream link to a router. Controls traffic flow and provides some load balancing. You can't just create a standby group, it has to be attached to something.

Legacy User

@hurracain Think we hit send at the same time lol

@LLukman
I am not sure how deep does the HSRP section go into for the CCNA exam but have you got to the configuration portion yet?

HSRP groups are assigned on a SVI. To get a SVI to come online you have to have a vlan configured and assigned to a trunk or an access port for the SVI to come online.

ex:
switch A
interface vlan 20
ip add 10.1.1.2 255.255.255.0
standby 20 ip 10.1.1.1

switch B
interface vlan 20
ip add 10.1.1.3 255.255.255.0
standby 20 ip 10.1.1.1
standby 20 priority 150

You don't just create any vlans and assign the hsrp groups under those SVI's. Generally the vlans that you would use would be ones already in place for production for example vlan 10 for sales and vlan 20 for marketing.

You design hsrp based on STP as well to take the forwarding path. If SWITCH A will be the gateway for vlan 10 then you have to tune spanning tree with a lower priority to take that pathway. Also, if SWITCH B is the gateway for vlan 20 then you lower the priority for spanning tree to take make SWITCH B more desirable.

tunerX

Llukman1 wrote: »

I know that you have to create Vlans in order for one vlan to use one router and the other vlan to use the other router for load balancing per subnet. My question is why do we have to create VLAN's can't we just create 2 Hsrp groups with 2 different virtual IP addresses and set a virtual IP address on half of the hosts and the other virtual IP address on the other half without having to use VLAN's and just letting it be one subnet.
Why must we use VLAN's?

You can do that if you want, but it is no longer best practice to use HSRP groups as a means to achieve load balancing/sharing. Today we use GLBP to accomplish the same thing that we would do with HSRP groups back in the day. GLBP would be the better option because you get redundancy with failover, and automated load balancing in a simpler configuration and do not have to mess with static default gateways on each device.

The only reason you would want to use different VLANs is to isolate broadcast domains per subnet on the same logical segment. Without VLANS the broadcasts, multicasts, and unknown unicasts will hit every single device even though they are using different subnets. The known unicasts will have to use their designated routing device or utilize proxy

Welly_59

The simple answer is the different vlan will mean it has a different default gateway

tunerX

If we expand on hurricanes's example. Switch 1 and switch 2 both have a connection out of the network. We can have two different virtual IP addresses and manually configure the default gateway. Half of the devices will be manually configured for 192.168.10.10 and the other half would use 192.168.10.20. Again this is manual configuration and completely doable but you don't get auto-magic load sharing with redundancy.

Different VLANs are not required

SWITCH 1
interface Vlan10
description user VLAN
ip address 192.168.10.2 255.255.255.0
standby 10 ip 192.168.10.10 255.255.0
standby 10 priority 115
standby 10 preempt
standby 20 ip 192.168.10.20 255.255.0
standby 20 priority 95
standby 20 preempt

SWITCH 2
interface Vlan10
description user VLAN
ip address 192.168.10.3 255.255.255.0
standby 10 ip 192.168.10.10 255.255.0
standby 10 priority 95
standby 10 preempt
standby 20 ip 192.168.10.20 255.255.0
standby 20 priority 115
standby 20 preempt

It would be easier to use GLBP.

hurricane1091

dmarcisco wrote: »

@hurracain Think we hit send at the same time lol

@LLukman
I am not sure how deep does the HSRP section go into for the CCNA exam but have you got to the configuration portion yet?

HSRP groups are assigned on a SVI. To get a SVI to come online you have to have a vlan configured and assigned to a trunk or an access port for the SVI to come online.

ex:
switch A
interface vlan 20
ip add 10.1.1.2 255.255.255.0
standby 20 ip 10.1.1.1

switch B
interface vlan 20
ip add 10.1.1.3 255.255.255.0
standby 20 ip 10.1.1.1
standby 20 priority 150

You don't just create any vlans and assign the hsrp groups under those SVI's. Generally the vlans that you would use would be ones already in place for production for example vlan 10 for sales and vlan 20 for marketing.

You design hsrp based on STP as well to take the forwarding path. If SWITCH A will be the gateway for vlan 10 then you have to tune spanning tree with a lower priority to take that pathway. Also, if SWITCH B is the gateway for vlan 20 then you lower the priority for spanning tree to take make SWITCH B more desirable.

LOL very nice

Llukman1

Thank you for your responses and I think tunerX is the closest to understanding what I talking about.
So if I were to use 2 router's for HSRP for load balancing can I use 1 subnet and create 2 groups. GroupA and GroupB. I assign groupA half the hosts and I assign groupB the other half. Of course the hosts on the same subnet have different virtual IP addresses assigned since they are in different HSRP groups.
So would what I just explain work because I know what VLANs are useful for but I just wanted to know if it's possible to do it on the same subnet using 2 routers and 2 HSRP groups?

tunerX

It is absolutely doable. I added a snippet above that has a configuration that would work as you described.

Again... GLBP would be the better option

dontstop

Having two different default gateways for the same subnet would also lead to painful (see: confusing) troubleshooting and wouldn't be very manageable for DHCP. I could imagine over time this configuration would become fragmented as hosts get reconfigured onto the wrong default gateway.