Many a times network implementers/administrators will track Service provider DNS or some other globally available Global IP (via IP SLA monitor or RTR feature set using ICMP protocol ). Some of tracked IPs I remember may be 8.8.8.8 or 4.2.2.2. Though I may not be referring to these IPs, however let’s not forget that tracked Global IPs may block ICMP ping to mitigate security threats like DOS/DDOS attacks. In this case, HSRP track protocol dependence on Global IP tracking may fail.
To address this situation, we may use Default Route hsrp tracking.
Below is one lab scenario created to help understand the setup and requisite configuration –
Note –
- BGP timers have been manipulated in lab setup for faster convergence. This may be different from real life scenario.“
R1
!
interface FastEthernet0/0
ip address 192.168.123.1 255.255.255.0
!
ip route 0.0.0.0 0.0.0.0 192.168.123.4
R2
interface FastEthernet0/0
ip address 192.168.123.2 255.255.255.0
standby 1 ip 192.168.123.4
standby 1 priority 110
standby 1 preempt
standby 1 track 1 decrement 20>>>>>>> Decrement by 20 when tracked route is not available
!
interface FastEthernet0/1
ip address 192.168.24.2 255.255.255.0
!
router bgp 2
network 192.168.24.0
timers bgp 10 30 20 >>>> Timers updated for faster convergence
redistribute static metric 50
neighbor 192.168.24.4 remote-as 4
neighbor 192.168.24.4 soft-reconfiguration inbound
!
ip route 1.1.1.0 255.255.255.0 192.168.123.1
R3
standby 1 ip 192.168.123.4
standby 1 preempt
!
interface FastEthernet0/1
ip address 192.168.34.3 255.255.255.0
!
router bgp 2
no synchronization
network 192.168.34.0
timers bgp 10 30 20
redistribute static metric 100
neighbor 192.168.34.4 remote-as 4
neighbor 192.168.34.4 soft-reconfiguration inbound
no auto-summary
!
ip route 1.1.1.0 255.255.255.0 192.168.123.1
R4
!
interface FastEthernet0/0
ip address 192.168.24.4 255.255.255.0
!
interface FastEthernet0/1
ip address 192.168.34.4 255.255.255.0
!
router bgp 4
no synchronization
bgp log-neighbor-changes
network 0.0.0.0
network 4.4.4.0 mask 255.255.255.0
network 192.168.24.0
network 192.168.34.0
timers bgp 10 30 20
neighbor 192.168.24.2 remote-as 2
neighbor 192.168.24.2 soft-reconfiguration inbound
neighbor 192.168.34.3 remote-as 2
no auto-summary
!
ip route 0.0.0.0 0.0.0.0 Null0
Next , time to verify the configuration as below –
R2
Interface Grp Prio P State Active Standby Virtual IP Fa0/0 1 110 P Active local 192.168.123.3 192.168.123.4 >>>>>> Local Router is HSRP Master R2#sh ip route 0.0.0.0 Routing entry for 0.0.0.0/0, supernet >>>>>>> Default Route entry in Routing table Known via “bgp 2”, distance 20, metric 0, candidate default path Tag 4, type external Last update from 192.168.24.4 00:01:55 ago Routing Descriptor Blocks:f * 192.168.24.4, from 192.168.24.4, 00:01:55 ago Route metric is 0, traffic share count is 1 AS Hops 1 Route tag 4 R2#show track 1 Track 1 IP route 0.0.0.0 0.0.0.0 reachability Reachability is Up (BGP) >>>>>>>> Default Route is being learnt via BGP 10 changes, last change 00:01:56 First-hop interface is FastEthernet0/1 Tracked by: HSRP FastEthernet0/0 1 R1 Tracing the route to 4.4.4.4 1 192.168.123.2 52 msec 56 msec 60 msec >>>>>> Traceroute takes path via R2 (HSRP Active) path to reach R4 loopback 2 192.168.24.4 124 msec 120 msec 88 msec Next , we will shut interface “Fa0/0” of R4 as per below diagram – R4 – R4(config-if)#shut Below configuration shows that R2 is HSRP standby while R3 becomes HSRP active. R2 – | Interface Grp Prio P State Active Standby Virtual IP Fa0/0 1 90 P Standby 192.168.123.3 local 192.168.123.4 R2#sh ip route 0.0.0.0 % Network not in table R2#sh track 1 Track 1 IP route 0.0.0.0 0.0.0.0 reachability Reachability is Down (no route) 9 changes, last change 00:01:14 First-hop interface is unknown Tracked by: HSRP FastEthernet0/0 1 R3 – Interface Grp Prio P State Active Standby Virtual IP Fa0/0 1 100 P Active local 192.168.123.2 192.168.123.4 Once R3 becomes the HSRP master (Active) , Traceroute from R1 Loopback to R4 Loopback should take path via R3 as below – R1 – Tracing the route to 4.4.4.4 1 192.168.123.3 64 msec 60 msec 60 msec 2 192.168.34.4 120 msec 116 msec 124 msec
