RE: HSRP / VRRP

From: Rajagopal S (raj_ccie@yahoo.com)
Date: Wed Aug 13 2003 - 14:40:58 GMT-3

• Next message: emad: "what is existing in the lab"
• Previous message: kurt: "Re: Virus Alert - W32.Blaster.Worm"
• Maybe in reply to: Rajagopal S: "HSRP / VRRP"
• Next in thread: Todd Veillette: "Re: HSRP / VRRP"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Thanks dcopleston.
 
That was really a useful tip..
 
How do we change the failover in HSRP ? Can we bring down the downtime of the LAN to something like 2 secs if the primary router fails ? Will this work if we change the hello timer in HSRP ?
 
Cheers
Raj

dcopleston@manfinancial.com wrote:
The main advantage of VRRP over HSRP (i.e. a feature that HSRP cannot do) is
secure authentication Hellos and other VRRP traffic. HSRP does allow
authentication but this is transmitted in plaintext and is best to avoid
configuration errors with clashing groups causing immediate issues whereas
VRRP uses MD5 hashes and so the authentication text cannot easily be sniffed
from the multicasts. The wider support of VRRP also means that you could
potentially use multiple vendors products in the same VRRP vrid.

VRRP does have a simpler state machine and so may be by default faster at
failing over but as Chuck mentions timers can be tweaked and so this is
perhaps not a key difference for most environments.

Daniel

-----Original Message-----
From: Charles Church [mailto:cchurch@wamnet.com]
Sent: 13 August 2003 16:17
To: Rajagopal S; ccielab@groupstudy.com
Subject: RE: HSRP / VRRP

Raj,

HSRP has hello and dead timers that can be changed to decrease the
fail-over time. Lowering the keepalive interval on a tracked interface can
speed that up as well. So I wouldn't necessarily say that VRRP has a speed
advantage over HSRP.

Chuck Church
CCIE #8776, MCNE, MCSE
Wam!Net Government Services
13665 Dulles Technology Dr. Ste 250
Herndon, VA 20171
Office: 703-480-2569
Cell: 703-819-3495
cchurch@wamnet.com
PGP key: http://pgp.mit.edu:11371/pks/lookup?search=chuck+church&op=index

-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com]On Behalf Of
Rajagopal S
Sent: Wednesday, August 13, 2003 10:31 AM
To: ccielab@groupstudy.com
Subject: HSRP / VRRP

Hi ,

As far as LAN redundancy is concerned, we had been using HSRP between
two routers. By this, In case the first router fails, it takes around
10-15 secs for the LAN to come up on the standby router.

I have studied in Cisco documents that VRRP can almost instantaneously
bring up the LAN on the standby router (in case the primary router
fails !! ) . Has anybody tested this ?

Is there any other difference (other than command sets) between HSRP
and VRRP ?

Cheers
Raj

---------------------------------
Do you Yahoo!?
Yahoo! SiteBuilder - Free, easy-to-use web site design software

• Next message: emad: "what is existing in the lab"
• Previous message: kurt: "Re: Virus Alert - W32.Blaster.Worm"
• Maybe in reply to: Rajagopal S: "HSRP / VRRP"
• Next in thread: Todd Veillette: "Re: HSRP / VRRP"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Tue Sep 02 2003 - 18:53:58 GMT-3