Introduction to Gateway Redundancy

In this lesson we’ll take a look at different protocols for gateway redundancy. So what is gateway redundancy and why do we need it? Let’s start with an example!

In this lesson we’ll take a look at different protocols for gateway redundancy. So what is gateway redundancy and why do we need it? Let’s start with an example! https://vimeo.com/121896181 The network in the picture above is fairly simple. I have one computer connected to a switch. In the middle yo

gateway redundancy scenario

The network in the picture above is fairly simple. I have one computer connected to a switch. In the middle you’ll find two multilayer switches (SW1 and SW2) that both have an IP address that could be used as the default gateway for the computer. Behind SW1 and SW2 there’s a router that is connected to the Internet.

Which gateway should we configure on the computer? SW1 or SW2? You can only configure a one gateway after all…

gateway redundancy crashed switch

If we pick SW1 and it crashes, the computer won’t be able to get out of its own subnet because it only knows about one default gateway. To solve this problem we will create a virtual gateway:

virtual gateway

Between SW1 and SW2 we’ll create a virtual gateway with its own IP address, in my example this is 192.168.1.3.

The computer will use 192.168.1.3 as its default gateway. One of the switches will be the active gateway and in case it fails the other one will take over.

There are three different protocols than can create a virtual gateway:

In the next lessons I will explain each of these protocols and show you how to configure them. For now, I hope this lesson has helped to understand why we need a virtual gateway in the network.

Tags: , ,


Forum Replies

  1. Hi Yevgeniy,

    Good question and there’s a long answer…

    Originally on the 3550 and some of the 6500 supervisors only 16 HSRP groups were allowed but this limitation applied only to a single interface. You could use the same group number on different interfaces without any issues. On newer platforms this 16 limit doesn’t apply anymore…the 3750 supports 32 groups I think and my 2800 router supports 255.

    About authentication…originally the RFC 2338 standard described authentication but it was removed in RFC 3678 since it wasn’t secure. Not sure which RFC the Cisco i

    ... Continue reading in our forum

  2. Hi Ivaylo,
    The short answer to your question is that you will need a separate VRRP instance for each vlan that you want to have a highly available gateway.

    I have attached a new topology to discuss this. In it, you will see that Computers A and B are in different VLANs (A and B). Switch A and Switch B are both connected to the access-layer Switch C. Note: These connections must be configured as trunks, let’s say the modern 802.1Q standard with both VLAN A and VLAN B allowed. Additionally, it would be a good idea to have Switch A and Switch B directly connec

    ... Continue reading in our forum

  3. Hi,

    thank you for confirming. It’s clear now.

    Rgds,
    Oliver

  4. Hi Andrew,

    Just tested this, when the backup VRRP becomes the master, it uses its own timer values. Not the ones from the failed master.

    Rene

  5. Hello NetworkLessons team,

    Maybe there is a little typo in the text below:
    “VRRP uses different terminology than HSRP. SW1 has the best priority and will become the master router. SW2 will become a backup router (instead standby).”

34 more replies! Ask a question or join the discussion by visiting our Community Forum