No Next Item No Next Conference Can't Favor Can't Forget Item List Conference Home Entrance    Help
View Responses

Grex Systems Item 75: Equal-weight routes vs HSRP
Entered by maus on Sun May 20 00:49:23 UTC 2007: 

I have a question which stumped and impressed the network engineers
where I used to work, and I hope we have someone more clever here who
can answer. What is value of using HSRP/VRRP/Carp over setting two
gateways with equal weight routes? HSRP and other schemes make one
router active and the other passive, with quick failover. This means you
can't take advantage of the aggregate throughput, and there is a brief
window during which there is *NO* active link. Linux, Solaris, [F,O]BSD,
Windows (2000,2003,2008,XP and presumabl Vista), IOS, PIXOS all support
multiple equal-weight routes (even for default routes). Is there any
compelling reason to use a hot-cold pair, rather than simply using two
hot routers and sending traffic equally to both? 

Thanks

6 responses total.


#1 of 6 by mcnally on Sun May 20 01:26:42 2007: 

 Unless the client machines update their routing tables or metrics
 when the router goes down, it is my believe that they will still
 attempt to use the route even though it has now become non-functional,
 which may result in sub-optimal network performance (e.g. every other
 packet dropped if it alternates between equi-valued routes.)

#2 of 6 by maus on Sun May 20 06:08:05 2007: 

My understanding is that when the dropping is noticed, the hosts will
simply expire that route. I could be wrong.

#3 of 6 by nharmon on Sun May 20 12:36:37 2007: 

> Is there any compelling reason to use a hot-cold pair, rather than 
> simply using two hot routers and sending traffic equally to both?

Well, I may be wrong about this, but I do not recall there being a way
in DHCP to create equal weight routes. You can specify multiple default
gateway addresses, but they are according to preference. So in order to
implement this you would need to program those equal weight routes into
each host as static permanent routes. The problem with this is you lose
the mobility you are supposed to have with DHCP. You can't just unplug
and move your computer to another part of the network without going in
and deleting those static routes and adding new ones. This is enough to
cause my end-users to moan to my boss... :-P

Also, things like printers, copiers, and IP phones that are on your
network may not be capable of storing complex routing tables.

#4 of 6 by maus on Sun May 20 22:35:46 2007: 

Resp: #3
I was thinking more along the lines of servers and scientific
workstations, which do not move often. That said, good points, both the
DHCP case and the "Uninteligent devices" case.

#5 of 6 by nharmon on Mon May 21 12:27:20 2007: 

There are some other things you can do in order to distribute the load.
Say you have two layer 3 switches, and you're using HSRP across them
such that one is the default gateway for your LAN and the other is the
backup. You could divide the network into two VLANs, and make each
switch the default gateway for one of the two VLANs, with the other
being the HSRP backup. That is kinda like what we have set up at work
(except ours is a bit larger in scale).

#6 of 6 by gull on Wed Aug 22 16:46:11 2007: 

One issue I've run into with multiple routes, at least when combined
with NAT, is websites that require authentication.  Some of these sites
tie a session to an IP address.  At once place I worked we had a
Sonicwall that supported both failover and multiple routes.  If I
allowed it to use both routes equally, people in the office continually
got kicked out of online banking websites as their apparent IP changed
from one HTTP transaction to another.

Response not possible - You must register and login before posting.

No Next Item No Next Conference Can't Favor Can't Forget Item List Conference Home Entrance    Help

- Backtalk version 1.3.30 - Copyright 1996-2006, Jan Wolter and Steve Weiss