...answer your cell phone.
It's the manager of the branch office. "I'm so sorry to bother you on the first day of your vacation, but we've just lost the network to the main office."
"No problem," you lie, sighing. You walk her through a few initial troubleshooting steps -- pings, traceroutes and such -- and confirm that the branch office router is off-line. You ask her to go to the wire closet and look for a power light on the front of the router. It takes a few tries to help her find the correct device, but soon enough, she has located it, and as you suspected, it is powered off. She cycles the power switch to no avail, so you have her check the circuit breakers in the wall. Sure enough, the breaker has tripped, so you have her reset it, and she tells you that she now sees "blinky lights" on the front of the router. By the time she has returned to her desk, the router has booted and she verifies that she can now reach the main office network again.
"Thanks again for the help," she tells you, as she hangs up, while you silently vow to camp tomorrow night in a remote valley farther back in the mountains where there is no cell service.
The rest of the week passes with no more interruptions, and you return to the office the following Monday morning with a plan to buy a second router and configure HSRP so that a failure of a router will cause the network to route all traffic through a standby router, reducing the number of after-hours calls you receive and providing better uptime to your users.
But mostly to reduce the number of after-hours calls you receive... :)
When the new router arrives, you copy the config from the existing router, then change the hostname on the new router and change the IP address of the serial line back to the main office. Once you've verified that the serial line to the main office is working, you configure HSRP on both routers. On the old router, you delete the IP address on the Fa0/0 port, then add these lines:
lab3640rtra(config)#interface FastEthernet0/0
lab3640rtra(config-if)#ip address 192.168.2.2 255.255.255.0
lab3640rtra(config-if)#standby 42 ip 192.168.2.1
lab3640rtra(config-if)#standby 42 priority 64
lab3640rtra(config-if)#standby 42 name Branch_Office_HSRP_Group
...and on the new router:
lab3640rtrb(config)#interface FastEthernet0/0
lab3640rtrb(config-if)#ip address 192.168.2.3 255.255.255.0
lab3640rtrb(config-if)#standby 42 ip 192.168.2.1
lab3640rtrb(config-if)#standby 42 priority 128
lab3640rtrb(config-if)#standby 42 name Branch_Office_HSRP_Group
A couple of things are important in this configuration. First, the old router (3640a) used to have the IP address 192.168.2.1./24 assigned to fa0/0, but I have now assigned that IP address to the standby group ("standby 42 ip 192.168.2.1"). Next, both the old router and the new router have new IP addresses in the same subnet as the IP address for the standby group (192.168.2.2, 192.168.2.3 and 192.168.2.1, respectively). The two routers will be negotiating responsibility for forwarding LAN traffic to the WAN port over their new IP addresses, and will be listening for traffic from the LAN on 192.168.2.1 (which the LAN hosts will use as the default gateway address). If the active router goes off-line for some reason, the standby router will notice that it is no longer receiving keep-alive messages, and will assume the role of the default gateway. Finally, notice that all of the lines that activate HSRP begin, "standby 42..." The number 42 is the standby group number, and can be anything that you desire (well, within the bounds of 0 and 255, anyway). I picked 42 because it is "a completely ordinary number, a number not just divisible by two but also six and seven. In fact it's the sort of number that you could without any fear introduce to your parents." Or something like that, anyway, lol.
<...shoots the rabbit, gets off of the bunny trail and gets back on topic...>
After setting up HSRP, you tap out a few more commands on the keyboard to make sure the routers really are providing fail-over protection:
lab3640artr#sho standby brief
P indicates configured to preempt.
|
Interface Grp Prio P State Active addr Standby addr Group addr
Fa0/0 42 64 Standby 192.168.2.3 local 192.168.2.1
lab3640artr#
...and...:
lab3640brtr#sho standby brief
P indicates configured to preempt.
|
Interface Grp Prio P State Active Standby Virtual IP
Fa0/0 42 128 Active local 192.168.2.2 192.168.2.1
lab3640brtr#
Yep, looks good! You hook up a laptop to an unused switchport, then start pinging the main office router. Since 3640b is the active and 3640a is the standby, you decide to pull the Ethernet cable to 3640b to verify that the failover occurs as expected, and to see how many pings you drop during the switch:
64 bytes from 192.168.2.1: icmp_req=8 ttl=255 time=1.35ms
64 bytes from 192.168.2.1: icmp_req=9 ttl=255 time=1.38ms
64 bytes from 192.168.2.1: icmp_req=18 ttl=255 time=1.17ms
64 bytes from 192.168.2.1: icmp_req=19 ttl=255 time=1.14ms
Hmmm...about 9 seconds to fail over. Users will probably notice the drop, if they are paying attention, but the network will be back up before they can dial your cell phone. You check the HSRP status on the two routers again:
lab3640artr#sho standby brief
P indicates configured to preempt.
|
Interface Grp Prio P State Active addr Standby addr Group addr
Fa0/0 42 64 Active local unknown 192.168.2.1
lab3640artr#
...and...:
lab3640brtr#sho standby brief
P indicates configured to preempt.
|
Interface Grp Prio P State Active Standby Virtual IP
Fa0/0 42 128 Init unknown unknown 192.168.2.1
lab3640brtr#
Looks good. The output shows that the routers have switched roles, due to the disconnected network cable on the 3640b. Unless the WAN link on the active router is flapping, that should provide some redundancy between the main office and branch office networks for the users in the branch office. You pat yourself on the back and call it a day.
No comments:
Post a Comment