Todays enterprise network is heavily focused on providing as near to 100% uptime as possible. Newer technologies such as virtualization and server clusters have been a focal point in achieving this level of service for some time now. However, an often missed opportunity to provide that level of service exists in the core of your infrastructure. Many medium size organizations will implement a server monitoring resource to measure and track the uptime on their core applications and infrastructure servers such as DHCP, DNS, SharePoint, Active Directory, and so on. Often times this monitoring server is located within the data center, and likely on the same subnets as the servers themselves. This can quickly skew your uptime numbers in the sense of “can my users reach the servers?”. While true, the uptime of the servers may be near 100% from the standpoint of the monitoring system, that does not indicate the ability for your users to reach the servers, or in the same concept, your servers to reach your users. Enter default gateway redundancy.
The concept is to provide a redundant default gateway for both your server farm as well as your end user workstations. This provides the ability for a server, cluster, or workstation to be set with a default gateway that is unlikely to be impacted by an interface, cable, or router failure. One example of this is Cisco’s proprietary HSRP. Eventually developed into a standard in VRRP. The high level concept looks like this.
In your server’s distribution block, or your workstations distribution layer, you provide redundant default gateways. This is achievable utilizing either physical routers, or layer three switches. The concept lies in having a minimum of two layer 3 devices attached to the same subnet. IP addressing rules indicate that each of these devices having an interface in the same layer 3 subnet must have unique IP address and MAC addresses. This is where HSRP comes in. With Ciscos HSRP in place, it allows you to create a single virtual IP address and MAC address to be shared between layer three devices intended to serve as a default gateway. This solution allows an end node, whether workstation or server, to be configured with the virtual IP address as a default gateway, and allow one of the routers to respond to requests for MAC address to ultimately forward packets on towards their destination. The moment an interface, cable, or layer 3 device in the subnet fails, the other can very quickly and efficiently take over. This provides redundancy in a very common single point of failure, that of your single IP address on a default gateway. An example of an HSRP configuration is displayed below utilizing Cisco routers.
In the following example Routers 1 and 2 are configured with interfaces in the same 192.168.1.0/24 subnet. These address are 192.168.1.2/24 and 192.168.1.3/24 respectively. An HSRP configuration is added to both routers to provide a virtual IP address of 192.168.1.1/24 which is configured as the default gateway on the client computer. The configuration also sets up R1 as the initial responder to the 192.168.1.1/24 address with R2 as the fallback router by utilizing priority values (higher is better). Included in the configuration is preemption which allows R1 if it comes back on to forcefully take back over the active role with its higher priority. The timers have been tuned to provide a shorter convergence in the case preemption isn’t available.
hostname R1 ! ! interface Serial0/0 ip address 10.0.0.1 255.255.255.252 shutdown serial restart-delay 0 ! interface FastEthernet1/0 ip address 192.168.1.2 255.255.255.0 duplex auto speed auto standby 1 ip 192.168.1.1 standby 1 timers 1 4 standby 1 priority 150 standby 1 preempt ! end
hostname R2 ! interface Serial0/0 ip address 10.0.0.2 255.255.255.252 serial restart-delay 0 ! interface FastEthernet1/0 ip address 192.168.1.3 255.255.255.0 duplex auto speed auto standby 1 ip 192.168.1.1 standby 1 preempt ! end