HSRP Question

Bl8ckr0uterBl8ckr0uter Inactive Imported Users Posts: 5,031 ■■■■■■■■□□
in CCNP
Got a question about HRSP:

So I am looking at this:
interface GigabitEthernet0/0
 ip address XXXXXXX
 ip nat outside
 ip virtual-reassembly
 duplex auto
 speed auto
 standby 1 ip XXXX
 standby 1 priority 120
 standby 1 preempt
 standby 1 name VPNHA
 standby 1 track 1 decrement 20
 standby 1 track 2 decrement 20
 crypto map XXXXXX redundancy XXXXX stateful
 !
My question is under standby 1 track 1, is there a way to see what tracked object this is? I mean, I know you could put a interface in there (which is what I want/probably will do) but I just want to know what command displays the tracked objects.

Also does anyone have any experience with HA IPSEC VPN tunnels, specifically if it can be done without the use of a routing protocol?
· Share on FacebookShare on Twitter

Comments

  • shodownshodown Member Posts: 2,271
    I was sending the you to the HSRP configuration guide in IOS 12.4 but the link sends you to cisco's web page.
    Currently Reading

    CUCM SRND 9x/10, UCCX SRND 10x, QOS SRND, SIP Trunking Guide, anything contact center related
    · Share on FacebookShare on Twitter
  • jason_lundejason_lunde Member Posts: 567
    Try just 'show track [num]'.
    Edit:nvrmind...didnt read your post entirely.
    · Share on FacebookShare on Twitter
  • Bl8ckr0uterBl8ckr0uter Inactive Imported Users Posts: 5,031 ■■■■■■■■□□
    shodown wrote: »
    Cisco.com Login Page

    I was reading this earlier and just reread it. It still doesn't answer my question (or I am missing it). Where are the tracknumber to track object mappings displayed? I have looked all over the running config and I just can't find it.
    · Share on FacebookShare on Twitter
  • jason_lundejason_lunde Member Posts: 567
    so if you do a 'show run | i track' you get no output? Or am I totally missing what you are trying to find?
    · Share on FacebookShare on Twitter
  • networker050184networker050184 Mod Posts: 11,962 Mod
    Its for use with the ip sla/rtr feature. So use show ip sla or rtr depending on IOS.
    An expert is a man who has made all the mistakes which can be made.
    · Share on FacebookShare on Twitter
  • Bl8ckr0uterBl8ckr0uter Inactive Imported Users Posts: 5,031 ■■■■■■■■□□
    jason_lunde wrote: »
    so if you do a 'show run | i track' you get no output? Or am I totally missing what you are trying to find?


    Ok I am a id10t. This does give me what I was looking for:
    track 1 interface GigabitEthernet0/0 line-protocol
track 2 interface GigabitEthernet0/1 line-protocol
 standby 1 track 1 decrement 20
 standby 1 track 2 decrement 20
 standby 1 track 1 decrement 20
 standby 1 track 2 decrement 20
    I was doing sh run | in track, | in standby and some other stuff. This config is literally 15 pages long. Thanks guys!

    Now about my second question:

    Also does anyone have any experience with HA IPSEC VPN tunnels, specifically if it can be done without the use of a routing protocol?
    I am starting to think this isn't possible because the "failover" would happen when the routing tables are updated and that would have to happen dynamically. The SR is against using any routing protocols (only a ton of static routes) for some reason. I am thinking the only way we are going to be able to do this is with a routing protocol. I could be very wrong....


    If any of you have set up IPSEC HA on multiple routers, what did you use to "failover". Basically in a situation like this:
    Internet 
          IPSEC/GRE-----------------------
                                            Router 1 ---------------------
                                                                 InternalRouter
                                            Router 2 -----------------------
         IPSEC/GRE-----------------------
Internet
    How could you fail over the tunnels to using one pipe instead of the other in the event of a failure? GLBP with ipsec or something like that?
    · Share on FacebookShare on Twitter
Sign In or Register to comment.