FHRP mitigates negative consequences the failures of switches or routers, provides redundancy, load balancing and even simple traffic shaping. Last one of them, GLBP has been invented around 10 years ago, HSRP and VRRP in 90s. FHRPs are strongly linked with STP protocols. That pair of protocols can be troublesome to implement. How Spanning Tree and FHRP influence on each other ?
In this article I am going to focus on Distribution layer and using of FHRP on the switches. We will be working within Layer 2 environment (Layer 2 links between Access and Distribution switches).
HSRP – Hot Standby Routing Protocol
VRRP – Virtual Router Redundancy Protocol
GLBP – Gateway Load Balancing Protocol
HSRP, VRRP, GLBP overview
HSRP and VRRP work very similar, the differences are slight. We’ve got 2 switches (routers), one of them works as a master the second as backup in case of VRRP and active and standby if we use HSRP. VRRP is an open standard HSRP has been invented by Cisco. Two switches share one virtual IP address and one virtual MAC address. They both are listening but only the one is responding to gateway ARP query. One single switch may works as a primary for one group and secondary for another, so we don’t have to worry that one of switches will become useless and all traffic will be going through only one switch. Below is the picture which presents principles of work. If we have implemented FHRP on the edge of our network, on routers then we may trace the state of external (ISP) ports (by pinging them periodically).
GLBP is more sophisticated compared with HSRP and VRRP. We have a few virtual MAC addresses (up to 4, this is the maximum number of switches in the single group) and one virtual IP address. Thanks to that we may provide load balancing and traffic shaping. For example we may set up that group of 3 routers will be responding for hosts ARP request to 20%, 50% and 30% of queries. Of course we may choose round and robin and give addresses away equally. Only one switch responds for queries (AVG) and handing out addresses, the remained switches (AVFs) with AVG take part as gateways. This is how it works.
VLANs, FHRP and what Spanning Tree Protocol has got to do with this ?
Usually (we should !) we use local VLANs instead of site to site VLANs and implement L3 link between distribution switches. Then we don’t have to bother with spanning tree loops and broadcast storms. This is how STP flows in well-designed network. Broadcasts from VLAN 10 will not be sent to the switch with VLAN 20 , further than L3 Distribution switches interfaces that VLAN 10 switch is connected to.
Now, let’s consider below example. We’ve got a host in VLAN 10, but there is a discrepancy on Distribution layer between Switch 1 and Switch 2. Switch 2 is a Root Switch for PVST instance for Vlan 10, but Switch 1 has been choosen as a primary for HSRP. The RED line shows the actual way of the packet if we would like to send something outside our domain. This way is inefficient, because firstly the packet has to reach Root Bridge and then is redirected to the appropriate gateway (Switch1). The BLUE line shows required way of packet. In order to achieve this way of the packet we have to set up the Root bridge and HSRP Primary on the same switch !