Virtual Router Redundancy Protocol

Cisco released its proprietary HSRP in 1994, which greatly enhanced the options available to designers in regards to redundancy. With the added tracking feature, which adjusts the HSRP priorities based on the status of another interface, HSRP was capable of addressing router and link failures in specific scenarios. While HSRP was not without limitations—not the least of which was its proprietary nature—many Cisco-centric designs made use of this service.

As of this writing, a number of vendors are adding the non-proprietary Virtual Router Redundancy Protocol, or VRRP, to their products. Cisco has agreed to support this protocol alongside HSRP, which should provide many options for the network architect. As defined in RFC 2338, VRRP provides similar functions to HSRP.

One of the primary benefits availed by VRRP, in addition to its multi-vendor support, is ICMP (Internet Control Message Protocol) redirect. The ICMP redirect feature allows a default gateway to teach a workstation about an alternative router that is better suited to send packets to the destination. While Cisco has announced that this feature will be added to HSRP, its absence has led to a number of limitations for designers in asymmetric routing configurations—instances where the two routers servicing the segment have widely diverse remote paths.

Layer 2 versus Layer 3 Design

The issue of Layer 2 versus Layer 3 design appeared in a few sections of this text; however, the majority of the CID material and exam objectives view Layer 2 solutions as the only ones available. This attitude will be changed with the next revision of the course materials and exam.

For years, vendors pushed customers to leave the slow, difficult-to-configure, routed world in favor of flat, switched networks. This trend has effectively reversed itself—primarily as a result of “wire–speed” Layer 3 awareness.

As a result, switches with Layer 3, 4, and 5 awareness are becoming quite functional and necessary in order to facilitate the designs that are now in vogue. Typically, networks are required to address a high volume of off-network traffic. Specialty segments for databases, Web servers, and e-mail delivery demand an understanding of the session, presentation, and application layers of the OSI model.

The availability of Layer 3 awareness in a switch has also permitted a migration from the old, flat model. This migration addresses some of the limitations that resulted from the vendor and Layer 2 industry push—shared media control and spanning-tree control both failed to scale beyond a few hundred devices in most networks due to the lack of broadcast control. The general guideline still holds for fewer than 1,000 devices to be placed in a single broadcast domain, and all of those devices should be well-tuned, IP-only workstations without a reliance on NetBIOS.

Black Holes

One of the dangers poised by the removal of Layer 2 connections is defined by the concept of a black hole. A black hole in space is a former star that has collapsed upon itself and become so dense that its gravity consumes most matter, including light. The theory is that nothing can escape this attraction, although Professor Hawking and others have shown that some matter does escape. The simplified image of a black hole is that all things entering the black hole are lost.

A black hole in networking is substantially simpler, but the net impact on a data packet is the same—the packet will be lost forever. Figure 13.4 illustrates the typical Layer 2 design model. As shown, any single physical layer failure can be resolved at Layer 2—no black hole exists.

FIGURE 13 .4  Layer 2 network with HSRP

At Layer 2, a single link failure will require a recalculation of the spanning tree. However, since all connectivity at Layer 2 remains, the impact of this failure is nominal.

The argument could be made that since Layer 2 is so simple, it should be used under all circumstances. The reason that another solution is desirable is that the spanning tree was never intended to address the complex bridging environments of modern networks. As a result, many administrators have found the need to use additional features, including portfast, to accommodate their systems—even so, the ability for the Spanning-Tree Protocol to protect against loops in the topology is limited. In the case of a spanning-tree failure, a single broadcast packet in a looped Layer 2 topology can saturate a 100Mbps link and consume over 10 percent of the Supervisor II’s processor. The Supervisor II is a processing engine on the Catalyst 5000/5500 product line. Portfast is a Cisco feature that eliminates the normal listening and learning phases of a port in a spanning tree—the port will enter forwarding immediately. This feature requires that the port be terminated with a single connection—portfast ports cannot be connected to another switch, for example.

While disabling the Spanning-Tree Protocol altogether is probably not a good idea, it may be prudent to remove any physical layer loops. The immediate concern with this idea is that a layer of redundancy will be removed. An example of this topology is shown in Figure 13.5.

FIGURE 13.5  Layer 3 network with HSRP

In Figure 13.5, the link between the two core switches shown in Figure 13.4 has been removed. Ignoring the link failure for a moment, note that a physical loop is impossible with this configuration. Host 1 has only one path to each of the routers on its subnet (via HSRP). Server 1 is the problem—its traffic must traverse the access-layer switch (shown at the top of the diagram) in order to reach the core switch on the left side. This lack of an alternate physical layer path leads to the black-hole scenario—the packet destined for the server has a 50-50 chance of getting there. The packet may be forwarded to the workstation segment never received by the server. The packet ultimately goes nowhere from a data-flow perspective. This scenario is shown in Figures 13.5 and 13.6; however, the flow of the packets is omitted. Note that there are a number of variations on black holes in terms of data flow, but the context is the same.

Another difference between Figures 13.5 and 13.6 is the lack of multiple access-layer switches. This lack leads to one of the disadvantages of the Layer 3 design. As noted before, this configuration creates the potential for a black-holed segment with the loss of a single link. This potential is shown in Figure 13.6.

FIGURE 13.6  Black-holed Layer 3 network with HSRP

The solution for the designer is somewhat limiting, although implementation is simplified and the negatives of the Spanning-Tree Protocol in large-scale switched networks are negated. By not allowing any intra-VLAN connections except the feed links and the access-layer switch, the designer may use HSRP or VRRP to provide redundancy and a loop-free configuration. This design admittedly removes some of the advantages of VLANs—the network is again highly reliant upon Layer 3, but that is acceptable in modern design. With Layer 3 awareness at wire speeds, any performance disadvantages are virtually negated and the benefits of broadcast control are added.