cancel
Showing results for 
Search instead for 
Did you mean: 

VRRP over Metro

 
royhog
Occasional Visitor

VRRP over Metro

I have 2 sites connected over Metro Ethernet at layer 2.  The intervlan routing is done at the main site and the remote site only does layer 2 switching, sending routed traffic back to tha main site's switch SVI . I need to configure failover, so that if the Metro link goes down, the devices at the remote site can still find the same gateway address as the main site (mainly for the phones to be able to find the VOIP server and still work).  I tried installing VRRP per HP's how to doc.  But it didn't work and it caused a lot of problems (traffic was being dropped similar to a switching loop) . I had to remove the config.  My question is, is this a valid solution for my network?  Will VRRP work this way?  The VRRP setup is pretty straight forward. But when i tested it, the remote network didn't find the remote switch as the backup VRRP gateway. The main site core switch is a E5412zl running software revision K.15.08.0013 and the remote site is a 8212zl software revision K.15.12.0015. 

6 REPLIES
Ian Vaughan
Honored Contributor

Re: VRRP over Metro

Hello,

I may have missed something but if the Metro Ethernet goes down how does having a local L3 gateway help a phone find the VOIP server?

Is the VOIP server at a third site, is there a VOIP server on each site just in a different VLAN to the phones?

If the VOIP server only exists at "site A" do you have another external circuit out of "site B" so that you could stand up a VPN link over the internet so it can still get some connectivity back to base?

Both of your switches are more than capable of running dynamic routing protocols so it wouldn't take too much planning and configuration to route over that inter-site link. That gives you the opportunity to utilise a secondary (say VPN)  link in case of primary failure.

What other services would you perhaps need a local instance of if you had a sustained outage? DHCP? AD services? Internet access? Would it be worth having some cloud based AD services hosted in Azure as well as your main site so that all users would need is an internet connection to carry on working?

So - you certainly could do a VRRP pair of addresses and a VIP on each vlan so that you had local inter-vlan routing even if the link failed but would this on its own give users access to the services that they need?

Happy to help -  I hope that gives you a few things to think about.

Thanks

Ian

 

Hope that helps - please click "Thumbs up" for Kudos if it does
## ---------------------------------------------------------------------------##
Which is the only cheese that is made backwards?
Edam!
Tweets: @2techie4me
Vince-Whirlwind
Honored Contributor

Re: VRRP over Metro

 

For VRRP to work, you need:
 - all VLANs trunked between the two switches.
 - VRRP enabled on each VLAN
 - the virtual IP address is set correctly on each VLAN's VRRP
 - the phones have a local backup controller in their config that they can failover to.

royhog
Occasional Visitor

Re: VRRP over Metro

thanks for the replies. I got it straight. I had to enable igmp and ip pim-dense mode and it started working.

Ian Vaughan
Honored Contributor

Re: VRRP over Metro

Hello,

I'm a little confused...

I'm glad that you got it working but what you describe as the solution (you've enabled some of the multicast functionality) doesn't really match up against the stated requirement which I understood to be some kind of HA or resilience in case of losing the Metro Ethernet link. 

Was the multicast configuration done (on site B switch)  in addition to the VRRP piece of work in which case that sort of makes sense. 

As long as it makes sense to you that's the important thing :-) 

Cheers

Ian

Hope that helps - please click "Thumbs up" for Kudos if it does
## ---------------------------------------------------------------------------##
Which is the only cheese that is made backwards?
Edam!
Tweets: @2techie4me
Vince-Whirlwind
Honored Contributor

Re: VRRP over Metro

Yes, I am confused about what relation Layer3 multicast config could have to VRRP, which occurs at Layer2.

16again
Respected Contributor

Re: VRRP over Metro

Without TS , we're at the guessing game, here's my 2 cents:
Seems like the L2 metro ethernet didn't pass multicast previously,  enabling igmp and  pim-dense mode solved this, and made VRRP work.

Why should all VLANs have VRRP? imho only the VLAN that needs backup functionality requires this.  Seems like the branch site has a fall-back connection to outside world, which can be used for part of the functionality , like VOIP only