CISCO IE3400 Heavy Duty and Series Switches User Guide

: June 15, 2024
: Cisco

Table of Contents

CISCO IE3400 Heavy Duty and Series Switches
Product Information
Product Usage Instructions
Frequently Asked Questions
High-Availability Seamless Redundancy
DETAILED STEPS
HSRP Overview
Configuring HSRP
Media Redundancy Protocol
Guidelines and Limitations
Read User Manual Online (PDF format)
Download This Manual (PDF format)

CISCO IE3400 Heavy Duty and Series Switches

CISCO-IE3400-Heavy-Duty-and-Series-Switches-image

Product Information

Redundancy Protocol Configuration Guide, Cisco Catalyst IE3x00 and IE3100 Rugged, IE3400 Heavy Duty, and ESS3300 Series Switches

First Published: 2020-08-10

Last Modified: 2023-11-02

Americas Headquarters:

Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134-1706 USA

http://www.cisco.com

Tel: 408 526-4000

800 553-NETS (6387)

Fax: 408 527-0883

Specifications

The specifications and information regarding the products in this manual are subject to change without notice. All statements, information, and recommendations in this manual are believed to be accurate but are presented without warranty of any kind, express or implied. Users must take full responsibility for their application of any products.

The software license and limited warranty for the accompanying product are set forth in the information packet that shipped with the product and are incorporated herein by this reference. If you are unable to locate the software license or limited warranty, contact your Cisco representative for a copy.

Notwithstanding any other warranty herein, all document files and software of these suppliers are provided as is with all faults. Cisco and the above-named suppliers disclaim all warranties, expressed or implied, including, without limitation, those of merchantability, fitness for a particular purpose, and noninfringement or arising from a course of dealing, usage, or trade practice.

In no event shall Cisco or its suppliers be liable for any indirect, special, consequential, or incidental damages, including, without limitation, lost profits or loss or damage to data arising out of the use or inability to use this manual, even if Cisco or its suppliers have been advised of the possibility of such damages.

Any Internet Protocol (IP) addresses and phone numbers used in this document are not intended to be actual addresses and phone numbers. Any examples, command display output, network topology diagrams, and other figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses or phone numbers in illustrative content is unintentional and coincidental.

All printed copies and duplicate soft copies of this document are considered uncontrolled. See the current online version for the latest version.

Cisco has more than 200 offices worldwide. Addresses and phone numbers are listed on the Cisco website at www.cisco.com/go/offices.

Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. To view a list of Cisco trademarks, go to this URL: https://www.cisco.com/c/en/us/about/legal/trademarks.html.
Third-party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (1721R)

Product Usage Instructions

Chapter 1: Full Cisco Trademarks with Software License

Refer to Chapter 1 of the Redundancy Protocol Configuration Guide for detailed information on full Cisco trademarks and software license.

Chapter 2: Media Redundancy Protocol (MRP)

Chapter 2 of the Redundancy Protocol Configuration Guide provides information about Media Redundancy Protocol (MRP), including MRP modes, protocol operation, and Media Redundancy Automanager (MRA).

Information About MRP

Chapter 2 covers detailed information about MRP, including its features, benefits, and supported platforms.

MRP Modes

This section explains the different MRP modes available and how to configure them based on your network requirements.

Protocol Operation

Understand the protocol operation of MRP, including how it detects and recovers from network failures.

Media Redundancy Automanager (MRA)

Learn about Media Redundancy Automanager (MRA) and its role in managing MRP instances.

Chapter 3: Additional Sections

Chapter 3 of the Redundancy Protocol Configuration Guide contains additional sections that provide further guidance on configuring and troubleshooting the Cisco Catalyst IE3x00 and IE3100 Rugged, IE3400 Heavy Duty, and ESS3300 Series Switches.

Frequently Asked Questions

Q: Can I use actual IP addresses or phone numbers mentioned in the document?

A: No, the IP addresses and phone numbers mentioned in the document are not intended to be actual addresses and phone numbers.
They are provided for illustrative purposes only.

Q: Where can I find the latest version of the document?

A: The latest version of the document can be found on the current online version available on the Cisco website.

Q: Are there any warranties for the products mentioned in the manual?

A: The specifications and information regarding the products in this manual are presented without warranty of any kind. Users must take full responsibility for their application of any products.

Q: What is Media Redundancy Protocol (MRP) and how does it work?

A: Media Redundancy Protocol (MRP) is a network protocol that provides redundancy and fault tolerance for Ethernet networks. It allows network devices to detect and recover from network failures, ensuring uninterrupted communication.

Redundancy Protocol Configuration Guide, Cisco Catalyst IE3x00 and IE3100 Rugged, IE3400 Heavy Duty, and ESS3300 Series Switches
First Published: 2020-08-10 Last Modified: 2023-11-02
Americas Headquarters
Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134-1706 USA http://www.cisco.com Tel: 408 526-4000
800 553-NETS (6387) Fax: 408 527-0883

THE SPECIFICATIONS AND INFORMATION REGARDING THE PRODUCTS IN THIS MANUAL ARE SUBJECT TO CHANGE WITHOUT NOTICE. ALL STATEMENTS, INFORMATION, AND RECOMMENDATIONS IN THIS MANUAL ARE BELIEVED TO BE ACCURATE BUT ARE PRESENTED WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED. USERS MUST TAKE FULL RESPONSIBILITY FOR THEIR APPLICATION OF ANY PRODUCTS.
THE SOFTWARE LICENSE AND LIMITED WARRANTY FOR THE ACCOMPANYING PRODUCT ARE SET FORTH IN THE INFORMATION PACKET THAT SHIPPED WITH THE PRODUCT AND ARE INCORPORATED HEREIN BY THIS REFERENCE. IF YOU ARE UNABLE TO LOCATE THE SOFTWARE LICENSE OR LIMITED WARRANTY, CONTACT YOUR CISCO REPRESENTATIVE FOR A COPY.
The Cisco implementation of TCP header compression is an adaptation of a program developed by the University of California, Berkeley (UCB) as part of UCB’s public domain version of the UNIX operating system. All rights reserved. Copyright © 1981, Regents of the University of California.
NOTWITHSTANDING ANY OTHER WARRANTY HEREIN, ALL DOCUMENT FILES AND SOFTWARE OF THESE SUPPLIERS ARE PROVIDED “AS IS” WITH ALL FAULTS. CISCO AND THE ABOVE- NAMED SUPPLIERS DISCLAIM ALL WARRANTIES, EXPRESSED OR IMPLIED, INCLUDING, WITHOUT LIMITATION, THOSE OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OR ARISING FROM A COURSE OF DEALING, USAGE, OR TRADE PRACTICE.
IN NO EVENT SHALL CISCO OR ITS SUPPLIERS BE LIABLE FOR ANY INDIRECT, SPECIAL, CONSEQUENTIAL, OR INCIDENTAL DAMAGES, INCLUDING, WITHOUT LIMITATION, LOST PROFITS OR LOSS OR DAMAGE TO DATA ARISING OUT OF THE USE OR INABILITY TO USE THIS MANUAL, EVEN IF CISCO OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
Any Internet Protocol (IP) addresses and phone numbers used in this document are not intended to be actual addresses and phone numbers. Any examples, command display output, network topology diagrams, and other figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses or phone numbers in illustrative content is unintentional and coincidental.
All printed copies and duplicate soft copies of this document are considered uncontrolled. See the current online version for the latest version.
Cisco has more than 200 offices worldwide. Addresses and phone numbers are listed on the Cisco website at www.cisco.com/go/offices.
Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. To view a list of Cisco trademarks, go to this URL: https://www.cisco.com/c/en/us/about/legal/trademarks.html. Third-party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (1721R)
© 20202023 Cisco Systems, Inc. All rights reserved.

CONTENTS

CHAPTER 1

Full Cisco Trademarks with Software License ?
ix
High-Availability Seamless Redundancy (HSR) 1 Information About HSR 1 Loop Avoidance 2 HSR RedBox Modes of Operation 3 HSR-SAN Mode 3 HSR-SAN Interfaces 3 CDP and LLDP for HSR 4 PTP over HSR 4 Supported PTP Profiles and Modes 4 HSR RedBox as Doubly Attached BC (DABC) with P2P 5 HSR RedBox as Doubly Attached TC (DATC) with P2P 8 HSR Alarms 11 HSR Uplink Redundancy Enhancement 12 Guidelines and Limitations 15 Default Settings 17 Configuring an HSR Ring 18 Enabling HSR Alarms 19 Clearing All Node Table and VDAN Table Dynamic Entries 20 Verifying Configuration 21 Configuration Example 21 Related Documents 24 Feature History 25

Redundancy Protocol Configuration Guide, Cisco Catalyst IE3x00 and IE3100 Rugged, IE3400 Heavy Duty, and ESS3300 Series Switches iii

Contents

CHAPTER 2 CHAPTER 3

Configuring HSRP 27 Configuring HSRP 27 Information About Configuring HSRP 27 HSRP Overview 27 HSRP Versions 29 Multiple HSRP 29 HSRP and Switch Stacks 30 Configuring HSRP for IPv6 30 HSRP IPv6 Virtual MAC Address Range 30 HSRP IPv6 UDP Port Number 30 How to Configure HSRP 31 Default HSRP Configuration 31 HSRP Configuration Guidelines 31 Enabling HSRP 31 Enabling and Verifying an HSRP Group for IPv6 Operation 33 Configuring HSRP Priority 35 Configuring MHSRP 37 Configuring HSRP Authentication and Timers 44 Enabling HSRP Support for ICMP Redirect Messages 45 Verifying HSRP 45 Verifying HSRP Configurations 45 Configuration Examples for Configuring HSRP 46 Enabling HSRP: Example 46 Example: Configuration and Verification for an HSRP Group 46 Configuring HSRP Priority: Example 48 Configuring MHSRP: Example 48 Configuring HSRP Authentication and Timer: Example 49
Media Redundancy Protocol (MRP) 51 Information About MRP 51 MRP Modes 52 Protocol Operation 52 Media Redundancy Automanager (MRA) 54

Redundancy Protocol Configuration Guide, Cisco Catalyst IE3x00 and IE3100 Rugged, IE3400 Heavy Duty, and ESS3300 Series Switches iv

CHAPTER 4

License Levels 55 Multiple MRP Rings 56 MRP-STP Interoperability 56 Prerequisites 56 Guidelines and Limitations 57 Default Settings 59 Activating the MRP License 59
Device Directly Connected to CSSM 60 Device Connected to CSSM through CSLU 61 Device Not Connected to CSSM or CSLU 63 Device in CSLU Mode and Not Connected to CSSM 67 Configuring PROFINET MRP Mode Using TIA 15 or STEP7 68 Installing the PROFINET GSD File 68 Bringing Up PROFINET MRP 68 Managing PROFINET Using Simatic Step 7 or TIA 15 Portal 69 Configuring MRP CLI Mode 74 Configuring MRP Manager 75 Configuring MRP Client 79 Re-enabling PROFINET MRP 81 Verifying Configuration 82 Configuration Example 83 Feature History 86
Configuring PRP 87 Information About PRP 87 Role of the Switch 88 PRP Channels 89 Mixed Traffic and Supervision Frames 89 VLAN Tag in Supervision Frame 90 PTP over PRP 91 Supported PTP Profiles and Clock Modes 93 PRP RedBox Types 94 LAN-A and LAN-B Failure Detection and Handling 99 TrustSec Configuration on PRP Interface 99

Contents

Redundancy Protocol Configuration Guide, Cisco Catalyst IE3x00 and IE3100 Rugged, IE3400 Heavy Duty, and ESS3300 Series Switches v

Contents

CHAPTER 5

Prerequisites 101 Guidelines and Limitations 101 Default Settings 104 Creating a PRP Channel and Group 104
Examples 106 Configuring PRP Channel with Supervision Frame VLAN Tagging 107 Adding Static Entries to the Node and VDAN Tables 109
Example 110 Clearing All Node Table and VDAN Table Dynamic Entries 110 Disabling the PRP Channel and Group 111 Verifying Configuration 111 Configuration Examples 113 Related Documents 125 Feature History 125
Configuring Resilient Ethernet Protocol 127 Finding Feature Information 127 Resilient Ethernet Protocol Overview 127 Link Integrity 129 Fast Convergence 130 VLAN Load Balancing 130 Spanning Tree Interaction 132 Resilient Ethernet Protocol (REP) Negotiated 132 REP Ports 133 REP Fast Overview 133 REP Zero Touch Provisioning 134 REP and Day Zero 134 REP ZTP Overview 137 REP Segment- ID Autodiscovery 138 REP Segment-ID Autodiscovery Deployment 138 REP Segment- ID Autodiscovery Limitations 139 How to Configure Resilient Ethernet Protocol 140 Default REP Configuration 140 REP Configuration Guidelines 140

Redundancy Protocol Configuration Guide, Cisco Catalyst IE3x00 and IE3100 Rugged, IE3400 Heavy Duty, and ESS3300 Series Switches vi

Contents

CHAPTER 6

Configuring REP Administrative VLAN 142 Configuring a REP Interface 143 Setting Manual Preemption for VLAN Load Balancing 147 Configuring SNMP Traps for REP 147 Configuring REP Fast 148 Configuring REP ZTP 149 Configuring REP Segment-ID Autodiscovery 150
Enable REP Segment-ID Autodiscovery 150 Configure the Interfaces 150 View Feature Status 151 Monitoring Resilient Ethernet Protocol Configurations 152 Displaying REP Fast Beacon Information 153 Displaying REP ZTP Status 154 Additional References for Resilient Ethernet Protocol 157 Feature History 157
VRRPv3 Protocol Support 159 VRRPv3 Protocol Support 159 Finding Feature Information 159 Restrictions for VRRPv3 Protocol Support 160 Information About VRRPv3 Protocol Support 160 VRRPv3 Benefits 160 VRRP Device Priority and Preemption 161 VRRP Advertisements 162 How to Configure VRRPv3 Protocol Support 162 Creating and Customizing a VRRP Group 162 Configuring the Delay Period Before FHRP Client Initialization 164 Configuration Examples for VRRPv3 Protocol Support 165 Example: Enabling VRRPv3 on a Device 165 Example: Creating and Customizing a VRRP Group 165 Example: Configuring the Delay Period Before FHRP Client Initialization 166 Example: VRRP Status, Configuration, and Statistics Details 166 Additional References 167 Glossary 167

Redundancy Protocol Configuration Guide, Cisco Catalyst IE3x00 and IE3100 Rugged, IE3400 Heavy Duty, and ESS3300 Series Switches vii

Contents

CHAPTER 7

Device Level Ring 169 Device Level Ring 169 Components of DLR 170 DLR Topology 170 Redundant Gateways 172 Cisco IE Switch Support for DLR 174 DLR Feature Interactions 176 Guidelines and Limitations 177 Configuring DLR 178 Configure a Ring Supervisor 178 Configure a Beacon-Based Ring Node 180 Configure a Redundant Gateway 180 Configure VLAN Trunking 183 Enabling CIP 184 Enable CIP on the Layer 3 Interface 184 Enable CIP on the SVI Interface 185 Feature History 186

Redundancy Protocol Configuration Guide, Cisco Catalyst IE3x00 and IE3100 Rugged, IE3400 Heavy Duty, and ESS3300 Series Switches viii

Note: The documentation set for this product strives to use bias-free language. For purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product.
Redundancy Protocol Configuration Guide, Cisco Catalyst IE3x00 and IE3100 Rugged, IE3400 Heavy Duty, and ESS3300 Series Switches ix

Redundancy Protocol Configuration Guide, Cisco Catalyst IE3x00 and IE3100 Rugged, IE3400 Heavy Duty, and ESS3300 Series Switches x

1 C H A P T E R

High-Availability Seamless Redundancy

· Information About HSR, on page 1 · Guidelines and Limitations, on page 15 · Default Settings, on page 17 · Configuring an HSR Ring, on page 18 · Enabling HSR Alarms, on page 19 · Clearing All Node Table and VDAN Table Dynamic Entries , on page 20 · Verifying Configuration, on page 21 · Configuration Example, on page 21 · Related Documents, on page 24 · Feature History, on page 25
Information About HSR
High-availability Seamless Redundancy (HSR) is defined in International Standard IEC 62439-3-2016 clause 5. HSR is similar to Parallel Redundancy Protocol (PRP) but is designed to work in a ring topology. Instead of two parallel independent networks of any topology (LAN-A and LAN-B), HSR defines a ring with traffic in opposite directions. Port-A sends traffic counter clockwise in the ring, and Port-B sends traffic clockwise in the ring. The HSR packet format is also different from PRP. To allow the switch to determine and discard duplicate packets, additional protocol specific information is sent with the data frame. For PRP, this is sent as part of a trailer called the redundancy control trailer (RCT), whereas for HSR this is sent as part of the header called the HSR header. Both the RCT and HSR header contain a sequence number, which is the primary data used to determine if the received frame is the first instance or a duplicate instance.
Note HSR is supported on IE3400 Rugged and IE3400 Heavy Duty Series Switches (see Guidelines and Limitations, on page 15 for supported SKUs). The term switch in this document refers to the IE3400 Rugged and IE3400 Heavy Duty Series Switches unless otherwise noted.
In this release, the switch supports only HSR-SAN mode and only one HSR instance. In addition, you can create only one HSR or one PRP instance. If you have created a PRP instance, no HSR instance can be created. The non-switching nodes with two interfaces attached to the HSR ring are referred to as Doubly Attached Nodes implementing HSR (DANHs). Similar to PRP, Singly Attached Nodes (SANs) are attached to the HSR
Redundancy Protocol Configuration Guide, Cisco Catalyst IE3x00 and IE3100 Rugged, IE3400 Heavy Duty, and ESS3300 Series Switches 1

Loop Avoidance

High-Availability Seamless Redundancy (HSR)

ring through a device called a RedBox (Redundancy Box). The RedBox acts as a DANH for all traffic for which it is the source or the destination. The switch implements RedBox functionality using Gigabit Ethernet port connections to the HSR ring.
The following figure shows an example of an HSR ring as described in IEC 62439-3. In this example, the RedBox is an IE 3400.
Figure 1: Example of HSR Ring Carrying Unicast Traffic

Devices that do not support HSR out of the box (for example, laptops and printers) cannot be attached to the HSR ring directly because all HSR capable devices must be able to process the HSR header on packets received from the ring and add the HSR header to all packets sent into the ring. These nodes are attached to the HSR ring through a RedBox. As shown in the figure above, the RedBox has two ports on the DANH side. Non-HSR SAN devices are attached to the upstream switch ports. The RedBox generates the supervision frames on behalf of these devices so that they are seen as DANH devices on the ring. Because the RedBox emulates these as DANH, they are called Virtual Doubly Attached Nodes (VDAN).
Loop Avoidance
Each node in the HSR ring forwards frames received from one port to the other port of the HSR pair. To avoid loops and use network bandwidth effectively, the RedBox does not transmit frames that are already transmitted in same direction. When a node injects a packet into the ring, the packet is handled as follows to avoid loops:
· Unicast packet with destination inside the ring: When the unicast packet reaches the destination node, the packet is consumed by the respective node and is not forwarded.
Redundancy Protocol Configuration Guide, Cisco Catalyst IE3x00 and IE3100 Rugged, IE3400 Heavy Duty, and ESS3300 Series Switches 2

High-Availability Seamless Redundancy (HSR)

HSR RedBox Modes of Operation

· Unicast packet with destination not inside the ring: Because this packet does not have a destination node in the ring, it is forwarded by every node in the ring until it reaches the originating node. Because every node has a record of the packet it sent, along with the direction in which it was sent, the originating node detects that packet has completed the loop and drops the packet.
· Multicast packet: A multicast packet is forwarded by each node because there can be more than one consumer of this packet. For this reason a multicast packet always reaches the originating node. However, every node will check whether it has already forwarded the received packet through its outgoing interface. Once the packet reaches the originating node, the originating node determines that it already forwarded this packet and drops the packet instead of forwarding it again.
HSR RedBox Modes of Operation
The most basic mode of operation is HSR-SAN mode (single RedBox mode). In this mode, the RedBox is used to connect SAN devices to the HSR ring. The Redbox’s responsibility in this mode is to represent SAN devices as VDANs on the ring.
Note In this release, the switch supports HSR-SAN mode only.
HSR-SAN Mode
In HSR-SAN mode, the RedBox inserts the HSR tag on behalf of the host and forwards the ring traffic, except for frames sent by the node itself, duplicate frames, and frames for which the node is the unique destination. In this mode, packets are handled as follows:
· A source DANH sends a frame passed from its upper layers (“C” frame), prefixes it with an HSR tag to identify frame duplicates, and sends the frame over each port (“A” frame and “B” frame).
· A destination DANH receives two identical frames from each port within a certain interval. The destination DANH removes the HSR tag of the first frame before passing it to its upper layers and discards any duplicate.
· Each node in the HSR ring forwards frames received from one port to the other port of the HSR pair. A node will not forward frames received on one port to the other under the following conditions: · The received frame returns to the originating node in the ring.
· The frame is a unicast frame with a destination MAC address of a node upstream of the receiving node.
· The node had already sent the same frame in the same direction. This rule prevents a frame from spinning in the ring in an infinite loop.
HSR-SAN Interfaces
HSR-SAN mode is supported on interfaces GigabitEthernet 1/1-4. HSR ring 1 is configured as a pair of ports: G1/1 and G1/2 or G1/3 and G1/4.

Redundancy Protocol Configuration Guide, Cisco Catalyst IE3x00 and IE3100 Rugged, IE3400 Heavy Duty, and ESS3300 Series Switches 3

CDP and LLDP for HSR

High-Availability Seamless Redundancy (HSR)

CDP and LLDP for HSR
HSR supports the Cisco Discovery Protocol (CDP) and Link Layer Discovery Protocol (LLDP). CDP and LLDP are Layer 2 neighbor discovery protocols. Both CDP and LLDP can provide information about nodes directly connected to the device. They also provide additional information such as the local and remote interface and device names.
When CDP or LLDP is enabled, you can use the CDP or LLDP information to find the adjacent nodes on an HSR ring and their status. You can then use the neighbor information from each node to determine the complete HSR network topology and debug and locate ring faults.
CDP and LLDP are configured on physical interfaces only.
For more information, see Configuring an HSR Ring, on page 18 and Verifying Configuration, on page 21.
PTP over HSR
Precision Time Protocol (PTP) is supported on the IE3400 Rugged and IE3400 Heavy Duty Series Switches for the PTP Power Profile only.
Because the PTP 1588 standard does not currently account for clocks synchronized over redundant, simultaneously active paths, HSR must handle PTP packets differently that other packet types. To provide high availability for PTP through redundancy, the HSR duplicate/discard logic is not used for PTP packets.
To understand how PTP clock syncronization works in an HSR network, suppose that a VDAN/SAN is the PTP grandmaster clock (GMC). Dually attached devices receive PTP synchronization information over both their HSR ports. However, only one of the ports (referred to as time recipient) is used to synchronize the local clock. The other HSR port (referred to as PASSIVE) continues to receive synchronization information, but is not used to synchronize the local clock. Suppose that RedBox 2 has its port-A as time recipient and port-B as PASSIVE. When port-A goes down, the port-B port takes over as the time recipient and is used to continue synchronizing the local clock on RedBox 2.
Note Cisco is moving from the traditional Master/Slave nomenclature. In this document, the terms Grandmaster clock (GMC) or time source and time recipient are used instead.
The PTP grandmaster in an HSR network can be a RedBox, a VDAN/SAN, or a DANH.
To use PTP over HSR, configure HSR and PTP separately. PTP over HSR works without any additional configuration. Note that in most cases, you do not need to perform any PTP configuration on the interfaces because PTP is enabled by default on all physical ethernet interfaces.
Supported PTP Profiles and Modes
PTP over HSR is supported only for the for the PTP Power Profile. For unsupported PTP profiles, PTP traffic flows over HSR port-A only.
The following table shows the HSR support for PTP profiles, clock modes and RedBox types.

Redundancy Protocol Configuration Guide, Cisco Catalyst IE3x00 and IE3100 Rugged, IE3400 Heavy Duty, and ESS3300 Series Switches 4

High-Availability Seamless Redundancy (HSR)

HSR RedBox as Doubly Attached BC (DABC) with P2P

PTP Profile Power Profile
Default Profile

Clock Mode BC
P2P TC
GMC-BC Forward BC E2E TC

Supported? Yes
Yes
No No No No

HSR Redbox Type as per IEC 62439-3
HSR RedBox as doubly attached BC (DABC) with P2P
HSR RedBox as doubly attached TC (DATC) with P2P
Not applicable
Not applicable
Not applicable
Not applicable

HSR RedBox as Doubly Attached BC (DABC) with P2P
This section describes the operation of PTP over HSR using an example where RedBox M and RedBox S are configured to run in Power Profile as Boundary Clocks that use the Peer-to-Peer delay measurement mechanism.

Assume for this example that SAN-1 is the GMC. All the clocks are configured to run Peer-to-Peer Delay measurement and the peer delay is regularly calculated and maintained on every link shown in the figure. The BMCA on RedBox M determines the port to SAN-1 to be connected to the time source. The PTP protocol running on RedBox M will forward Sync and Follow_up messages on ports A and B. On RedBox S, the regular BMCA operation determines port A to be time recipient and port B to be PASSIVE. However, with the knowledge that ports A and B are part of the same HSR ring, port B is forced into PASSIVE_SLAVE state and port A becomes active for PTP. Port A works as a regular time recipient port. It uses the Sync and Follow_Up messages along with their correction field to calculate the delay and offset from time source and synchronize the local clock. (Unlike
Redundancy Protocol Configuration Guide, Cisco Catalyst IE3x00 and IE3100 Rugged, IE3400 Heavy Duty, and ESS3300 Series Switches 5

HSR RedBox as Doubly Attached BC (DABC) with P2P

High-Availability Seamless Redundancy (HSR)

an E2E BC, it does not need to generate Delay_Req messages since all the link delays and residence times along the PTP path are accumulated in the correction field of the Follow_Up messages.)
Port B, which is in PASSIVE_SLAVE state operates as follows: Just like port A, it maintains the delay and offset from time source, but does not perform any operation on the local clock. Having all the synchronization information available enables it to seamlessly take over as the new time recipient in case port A loses communication with the GMC. Note that on IE switch platforms we currently do not support PTP profile conversion. For example, if RedBox S in the figure above were an IE switch, it would not support the Delay_Req/Delay_Resp message exchange. It would only support the Peer-to-Peer delay measurement mechanism using PDelay messages.

Configuration Example

SAN-1#conf t Enter configuration commands, one per line. SAN-1(config)#ptp profile power SAN-1(config)#ptp mode boundary pdelay-req SAN-1(config)#ptp priority1 1 SAN-1(config)#end

End with CNTL/Z.

SAN-2#conf t Enter configuration commands, one per line. SAN-2(config)#ptp profile power SAN-2(config)#ptp mode boundary pdelay-req SAN-2(config)#end

End with CNTL/Z.

REDBOX-M#conf t Enter configuration commands, one per line. End with CNTL/Z. REDBOX-M(config)#ptp profile power REDBOX-M(config)#ptp mode boundary pdelay- req REDBOX-M(config)#end

REDBOX-S#conf t Enter configuration commands, one per line. End with CNTL/Z. REDBOX-S(config)#ptp profile power REDBOX-S(config)#ptp mode boundary pdelay- req REDBOX-S(config)#end

DANH-TOP#conf t Enter configuration commands, one per line. DANH- TOP(config)#ptp profile power DANH-TOP(config)#ptp mode p2ptransparent DANH- TOP(config)#end

End with CNTL/Z.

DANH-BOTTOM#conf t Enter configuration commands, one per line. DANH- BOTTOM(config)#ptp profile power DANH-BOTTOM(config)#ptp mode p2ptransparent DANH-BOTTOM(config)#end

End with CNTL/Z.

SAN-1#sh ptp parent PTP PARENT PROPERTIES Parent Clock: Parent Clock Identity: 0x0:35:1A:FF:FE:94:4F:0 Parent Port Number: 0 Observed Parent Offset (log variance): N/A Observed Parent Clock Phase Change Rate: N/A

Grandmaster Clock: Grandmaster Clock Identity: 0x0:35:1A:FF:FE:94:4F:0 Grandmaster Clock Quality: Class: 248

Redundancy Protocol Configuration Guide, Cisco Catalyst IE3x00 and IE3100 Rugged, IE3400 Heavy Duty, and ESS3300 Series Switches 6

High-Availability Seamless Redundancy (HSR)

HSR RedBox as Doubly Attached BC (DABC) with P2P

Accuracy: Unknown Offset (log variance): N/A Priority1: 1 Priority2: 128
SAN-2#sh ptp parent PTP PARENT PROPERTIES Parent Clock: Parent Clock Identity: 0x0:29:C2:FF:FE:3C:6A:C0 Parent Port Number: 9 Observed Parent Offset (log variance): N/A Observed Parent Clock Phase Change Rate: N/A
Grandmaster Clock: Grandmaster Clock Identity: 0x0:35:1A:FF:FE:94:4F:0 Grandmaster Clock Quality: Class: 248 Accuracy: Unknown Offset (log variance): N/A Priority1: 1 Priority2: 128
REDBOX-M#sh ptp parent PTP PARENT PROPERTIES Parent Clock: Parent Clock Identity: 0x0:35:1A:FF:FE:94:4F:0 Parent Port Number: 3 Observed Parent Offset (log variance): N/A Observed Parent Clock Phase Change Rate: N/A
Grandmaster Clock: Grandmaster Clock Identity: 0x0:35:1A:FF:FE:94:4F:0 Grandmaster Clock Quality: Class: 248 Accuracy: Unknown Offset (log variance): N/A Priority1: 1 Priority2: 128
REDBOX-S#sh ptp parent PTP PARENT PROPERTIES Parent Clock: Parent Clock Identity: 0x0:29:C2:FF:FE:3C:5D:80 Parent Port Number: 3 Observed Parent Offset (log variance): N/A Observed Parent Clock Phase Change Rate: N/A
Grandmaster Clock: Grandmaster Clock Identity: 0x0:35:1A:FF:FE:94:4F:0 Grandmaster Clock Quality: Class: 248 Accuracy: Unknown Offset (log variance): N/A Priority1: 1 Priority2: 128
DANH-TOP#sh ptp parent PTP PARENT PROPERTIES Parent Clock: Parent Clock Identity: 0x0:29:C2:FF:FE:3C:5D:80 Parent Port Number: 3 Observed Parent Offset (log variance): N/A Observed Parent Clock Phase Change Rate: N/A

Redundancy Protocol Configuration Guide, Cisco Catalyst IE3x00 and IE3100 Rugged, IE3400 Heavy Duty, and ESS3300 Series Switches 7

HSR RedBox as Doubly Attached TC (DATC) with P2P

High-Availability Seamless Redundancy (HSR)

Grandmaster Clock: Grandmaster Clock Identity: 0x0:35:1A:FF:FE:94:4F:0 Grandmaster Clock Quality: Class: 248 Accuracy: Unknown Offset (log variance): N/A Priority1: 1 Priority2: 128
DANH-BOTTOM#sh ptp parent PTP PARENT PROPERTIES Parent Clock: Parent Clock Identity: 0x0:29:C2:FF:FE:3C:5D:80 Parent Port Number: 4 Observed Parent Offset (log variance): N/A Observed Parent Clock Phase Change Rate: N/A
Grandmaster Clock: Grandmaster Clock Identity: 0x0:35:1A:FF:FE:94:4F:0 Grandmaster Clock Quality: Class: 248 Accuracy: Unknown Offset (log variance): N/A Priority1: 1 Priority2: 128
HSR RedBox as Doubly Attached TC (DATC) with P2P
This section describes the operation of PTP over HSR using an example where RedBox M and RedBox S are configured to run in Power Profile as Transparent Clocks.

Assume for this example that SAN-1 is the GMC. All the clocks are configured to run Peer-to-Peer Delay measurement and the peer delay is regularly calculated and maintained on every link shown in the figure. RedBox M and RedBox S run BMCA even though it is not mandatory for a P2P TC to run BMCA. On RedBox M, the BMCA on redbox M determines the port to SAN-1 to be connected to the time source. RedBox M forwards all Sync and Follow_Up messages received on port C out of ports A and B.
Redundancy Protocol Configuration Guide, Cisco Catalyst IE3x00 and IE3100 Rugged, IE3400 Heavy Duty, and ESS3300 Series Switches 8

High-Availability Seamless Redundancy (HSR)

HSR RedBox as Doubly Attached TC (DATC) with P2P

On RedBox S, port A is determined to be time recipient and port B to be PASSIVE_SLAVE as described earlier.
Port A operates as follows: It uses the Sync and Follow_Up messages along with their correction field to calculate the delay and offset from time source and synchronize the local clock. (Unlike a E2E BC, it does not need to generate Delay_Req messages since all the link delays and residence times along the PTP path are accumulated in the correction field of the Follow_Up messages.) It also forwards the Sync and Follow_Up messages out of port C.
Port B operates as follows: Just like port A, it maintains the delay and offset from time source, but does not perform any operation on the local clock. Having all the synchronization information available enables it to seamlessly take over as the new time recipient in case port A loses communication with the GMC. Post-processing, it drops the Sync/Follow_Up messages since the copy of Sync/Follow_Up that arrives on port A is forwarded out of port C.
Configuration Example
SAN-1#conf t Enter configuration commands, one per line. End with CNTL/Z. SAN-1(config)#ptp profile power SAN-1(config)#ptp mode boundary pdelay-req SAN-1(config)#ptp priority1 1 SAN-1(config)#end SAN-2#conf t Enter configuration commands, one per line. End with CNTL/Z. SAN-2(config)#ptp profile power SAN-2(config)#ptp mode boundary pdelay-req SAN-2(config)#end REDBOX-M#conf t Enter configuration commands, one per line. End with CNTL/Z. REDBOX-M(config)#ptp profile power REDBOX-M(config)# ptp mode p2ptransparent REDBOX-M(config)#end REDBOX-S#conf t Enter configuration commands, one per line. End with CNTL/Z. REDBOX-S(config)#ptp profile power REDBOX-S(config)# ptp mode p2ptransparent REDBOX-S(config)#end DANH-TOP#conf t Enter configuration commands, one per line. End with CNTL/Z. DANH-TOP(config)#ptp profile power DANH-TOP(config)#ptp mode p2ptransparent DANH-TOP(config)#end DANH-BOTTOM#conf t Enter configuration commands, one per line. End with CNTL/Z. DANH-BOTTOM(config)#ptp profile power DANH-BOTTOM(config)#ptp mode p2ptransparent DANH-BOTTOM(config)#end SAN-1#sh ptp parent
PTP PARENT PROPERTIES Parent Clock: Parent Clock Identity: 0x0:35:1A:FF:FE:94:4F:0 Parent Port Number: 0 Observed Parent Offset (log variance): N/A Observed Parent Clock Phase Change Rate: N/A
Grandmaster Clock: Grandmaster Clock Identity: 0x0:35:1A:FF:FE:94:4F:0 Grandmaster Clock Quality: Class: 248 Accuracy: Unknown Offset (log variance): N/A

Redundancy Protocol Configuration Guide, Cisco Catalyst IE3x00 and IE3100 Rugged, IE3400 Heavy Duty, and ESS3300 Series Switches 9

HSR RedBox as Doubly Attached TC (DATC) with P2P

High-Availability Seamless Redundancy (HSR)

Priority1: 1 Priority2: 128 SAN-2#sh ptp parent PTP PARENT PROPERTIES
Parent Clock: Parent Clock Identity: 0x0:35:1A:FF:FE:94:4F:0 Parent Port Number: 3 Observed Parent Offset (log variance): N/A Observed Parent Clock Phase Change Rate: N/A
Grandmaster Clock: Grandmaster Clock Identity: 0x0:35:1A:FF:FE:94:4F:0 Grandmaster Clock Quality: Class: 248 Accuracy: Unknown Offset (log variance): N/A Priority1: 1 Priority2: 128 REDBOX-M#sh ptp parent PTP PARENT PROPERTIES Parent Clock: Parent Clock Identity: 0x0:35:1A:FF:FE:94:4F:0 Parent Port Number: 3 Observed Parent Offset (log variance): N/A Observed Parent Clock Phase Change Rate: N/A
Grandmaster Clock: Grandmaster Clock Identity: 0x0:35:1A:FF:FE:94:4F:0 Grandmaster Clock Quality: Class: 248 Accuracy: Unknown Offset (log variance): N/A Priority1: 1 Priority2: 128 REDBOX-S#sh ptp parent PTP PARENT PROPERTIES Parent Clock: Parent Clock Identity: 0x0:35:1A:FF:FE:94:4F:0 Parent Port Number: 3 Observed Parent Offset (log variance): N/A Observed Parent Clock Phase Change Rate: N/A
Grandmaster Clock: Grandmaster Clock Identity: 0x0:35:1A:FF:FE:94:4F:0 Grandmaster Clock Quality: Class: 248 Accuracy: Unknown Offset (log variance): N/A Priority1: 1 Priority2: 128 DANH-TOP#sh ptp parent PTP PARENT PROPERTIES Parent Clock: Parent Clock Identity: 0x0:35:1A:FF:FE:94:4F:0 Parent Port Number: 3 Observed Parent Offset (log variance): N/A Observed Parent Clock Phase Change Rate: N/A
Grandmaster Clock: Grandmaster Clock Identity: 0x0:35:1A:FF:FE:94:4F:0 Grandmaster Clock Quality: Class: 248 Accuracy: Unknown Offset (log variance): N/A

Redundancy Protocol Configuration Guide, Cisco Catalyst IE3x00 and IE3100 Rugged, IE3400 Heavy Duty, and ESS3300 Series Switches 10

High-Availability Seamless Redundancy (HSR)

HSR Alarms

Priority1: 1 Priority2: 128 DANH-BOTTOM#sh ptp parent PTP PARENT PROPERTIES
Parent Clock: Parent Clock Identity: 0x0:35:1A:FF:FE:94:4F:0 Parent Port Number: 3 Observed Parent Offset (log variance): N/A Observed Parent Clock Phase Change Rate: N/A
Grandmaster Clock: Grandmaster Clock Identity: 0x0:35:1A:FF:FE:94:4F:0 Grandmaster Clock Quality: Class: 248 Accuracy: Unknown Offset (log variance): N/A Priority1: 1 Priority2: 128

HSR Alarms
An HSR ring can generate the following two alarms:
· Partial Ring Fault: This fault is generated by an HSR RedBox when one of its physical ring ports/links is down. Because the packets can be sent using the redundant path, this is considered as a partial fault. However, this fault still requires user intervention to restore the ring. This is a minor fault and cannot be associated with an external hardware alarm relay.
· Full Ring Fault: This fault is generated by an HSR RedBox when both of its physical ring ports/links are down. This is a catastrophic failure and needs immediate attention. This is a major fault and can be associated with an external hardware alarm relay.

When an event that raises an alarm is generated, it can be associated with one or more of the following actions to notify the user:
· Syslog: A syslog is generated when the Alarm is raised/cleared.
· SNMP Notification: SNMP notification is sent when the alarm is raised/cleared.
· Relay output: External relay contacts can be asserted/de-asserted in response to the alarm. Relays are activated by major faults only.

See Enabling HSR Alarms, on page 19 for steps to configure HSR alarms. The following table lists the HSR events and their representations.

Event Number

Event Description System Log (Level) Alert/Alarm Log

Ring goes from UP 2

to DOWN state.

Ring goes from 6

DOWN to UP state.

Alarm LED and Output relay Major Alarm/Assert
De-assert

Redundancy Protocol Configuration Guide, Cisco Catalyst IE3x00 and IE3100 Rugged, IE3400 Heavy Duty, and ESS3300 Series Switches 11

HSR Uplink Redundancy Enhancement

High-Availability Seamless Redundancy (HSR)

Event Number 3
4

Event Description System Log (Level) Alert/Alarm Log

One ring port goes 3

DOWN, the other

ring port and the

ring itself is UP.

Both ring ports are 6

UP again.

Alarm LED and Output relay

You can view currently active alarms using the show facility alarm status command. The following example shows alarm status for minor and major HSR alarms:

Switch#show facility-alarm status

Source

Severity Description

Switch

MINOR 34 HSR ring is partially down

Relay Time MAJ Oct 24 2017 10:16:10

——-

Switch# show facility-alarm status

Source

Severity Description

Switch

MAJOR 33 HSR ring is down

Relay MAJ

Time Oct 24 2017 10:17:07

The following examples show the syslog entries that are generated for each HSR alarm event assertion and clear event (if configured):
· Syslog generated on occurrence of Partial fault:
Oct 24 11:07:13.952 IST: %HSR_ALARM-3-HSR_PARTIALFAULT: The HSR ring in now in PARTIAL FAULT state
· Syslog generated when the Partial fault is cleared:
Oct 24 11:07:38.032 IST: %HSR_ALARM-3-HSR_PARTIALFAULT: The HSR ring in now in PARTIAL FAULT state – event cleared
· Syslog generated on occurrence of Full fault:
Oct 24 11:07:38.036 IST: %HSR_ALARM-2-HSR_RINGFAULT: The HSR ring in now in FAULT state
· Syslog generated when the Full fault is cleared:
Oct 24 11:08:19.082 IST: %HSR_ALARM-2-HSR_RINGFAULT: The HSR ring in now in FAULT state – event cleared

HSR Uplink Redundancy Enhancement
The HSR Uplink Redundancy Enhancement feature allows for flexible designs that enable two separate interfaces to connect upstream from the HSR ring through two separate HSR RedBoxes. This ensures there is no single point of failure exiting the HSR ring. Examples of protocols that can leverage this feature to improve high availability include HSRP, VRRP and REP. Prior to this enhancement, if these protocols were utilized on redundant uplinks, undesirable results could occur, such as next-hop split-brain conditions or slow REP failover times.
The following diagram shows an example network with HSR and HSRP that allows uplink next-hop gateway redundancy out of the HSR ring.

Redundancy Protocol Configuration Guide, Cisco Catalyst IE3x00 and IE3100 Rugged, IE3400 Heavy Duty, and ESS3300 Series Switches 12

High-Availability Seamless Redundancy (HSR)

HSR Uplink Redundancy Enhancement

To implement HSR Uplink Redundancy, ensure that the fpgamode- DualUplinkEnhancement feature is not disabled. This feature is required to support the connectivity to a dual router (HSRP in this case) on the distribution layer:
Switch#show hsr ring 1 detail | include fpgamode fpgamode- DualUplinkEnhancement: Enabled
If the output shows fpgamode-DualUplinkEnhancement,:Disabled issue the following command:
Redundancy Protocol Configuration Guide, Cisco Catalyst IE3x00 and IE3100 Rugged, IE3400 Heavy Duty, and ESS3300 Series Switches 13

HSR Uplink Redundancy Enhancement

High-Availability Seamless Redundancy (HSR)

Switch# conf t Enter configuration commands, one per line. End with CNTL/Z. Switch(config)# hsr-ring 1 fpgamode-DualUplinkEnhancement Switch(config)# end

HSRP Configuration
The following example HSRP configuration applies to the two distribution switches Active & Standby in the above figure. In the following configuration, HSRP is configured in a Switch Virtual Interface (SVI).
Active# conf t Enter configuration commands, one per line. End with CNTL/Z. Active(config)# interface vlan 10 Active(config-if)# ip address 30.30.30.2 255.255.255.0 Active(config-if)# standby 1 ip 30.30.30.1 Active(config-if)# standby 1 priority 120 Active(config-if)# end

Standby# conf t Enter configuration commands, one per line. End with CNTL/Z. Standby(config)# interface Vlan10 Standby(config-if)# ip address 30.30.30.4 255.255.255.0 Standby(config-if)# standby 1 ip 30.30.30.1 Standby(config-if)# end

Active# show standby

Vlan10 – Group 1

State is Active

8 state changes, last state change 00:03:55

Track object 1 (unknown)

Virtual IP address is 30.30.30.1

Active virtual MAC address is 0000.0c07.ac01 (MAC In Use)

Local virtual MAC address is 0000.0c07.ac01 (v1 default)

Hello time 200 msec, hold time 750 msec

Next hello sent in 0.176 secs

Preemption enabled, delay min 5 secs, reload 5 secs, sync 5 secs

Active router is local

Standby router is 30.30.30.4, priority 100 (expires in 0.656 sec)

Priority 120 (configured 120)

Group name is “hsrp-Vl10-1” (default)

FLAGS: 0/1

Active# show standby brief

P indicates configured to preempt.

Interface Grp Pri P State Active

Standby

Virtual IP

Vl10

1 120 P Active local

30.30.30.4

30.30.30.1

Standby# show standby Vlan10 – Group 1
State is Standby 13 state changes, last state change 00:04:17 Track object 1 (unknown)
Virtual IP address is 30.30.30.1 Active virtual MAC address is 0000.0c07.ac01 (MAC Not In Use)
Local virtual MAC address is 0000.0c07.ac01 (v1 default) Hello time 200 msec, hold time 750 msec
Next hello sent in 0.064 secs Preemption enabled, delay min 5 secs, reload 5 secs, sync 5 secs Active router is 30.30.30.2, priority 120 (expires in 0.816 sec) Standby router is local Priority 100 (default 100) Group name is “hsrp- Vl10-1” (default)

Redundancy Protocol Configuration Guide, Cisco Catalyst IE3x00 and IE3100 Rugged, IE3400 Heavy Duty, and ESS3300 Series Switches 14

High-Availability Seamless Redundancy (HSR)

Guidelines and Limitations

FLAGS: 0/1

Standby# show standby brief

P indicates configured to preempt.

Interface Grp Pri P State Active

Standby

Vl10

1 100 P Standby 30.30.30.2

local

Virtual IP 30.30.30.1

Guidelines and Limitations
· HSR-SAN is supported only on the following IE 3400 and IE 3400H Series switches: · Advanced System IE-3400-8P2S · Advanced System IE-3400-8T2S · All IE 3400H Series SKUs
· HSR-SAN (Single RedBox mode) is the only HSR mode supported in this release. · Only 1 HSR instance is supported. Note that the switch supports only 1 HSR or 1 PRP instance, so if a
PRP instance has been created, no HSR instance can be created. · HSR ring 1 can only be configured as a pair of ports: G1/1 and G1/2 or G1/3 and G1/4. Using these port
pairs, you can configure 1 HSR ring. · The HSR feature requires the Network Essential license. · The HSR feature is not enabled by default and you must explicitly configure the HSR rings. · HSR is disabled automatically if the required firmware image is not available on the system. · The recommended maximum number of nodes in the node table is 512. Nodes are all the DANH and
VDAN devices that can be connected to the ring at same time. This number is not an absolute limit, but higher numbers of entries may increase the number of duplicate packets received by the end devices. · The maximum number of nodes in the HSR ring is 50. · HSR ring ports can only be configured in L2 mode. · HSR is supported on following port types:
· 100 mbps, Full Duplex. Half duplex is not supported. · 1000 mbps, Full Duplex. Half duplex is not supported. · Both ports of one ring must be of same speed and type (that is, both can be SFPs or both can be
copper)
· The following protocols and features are are mutually exclusive with HSR on the same port: · PRP · EtherChannels · Link Aggregation Control Protocol (LACP) · Port Aggregation Protocol (PAgP) · Resilient Ethernet Protocol (REP)

Redundancy Protocol Configuration Guide, Cisco Catalyst IE3x00 and IE3100 Rugged, IE3400 Heavy Duty, and ESS3300 Series Switches 15

Guidelines and Limitations

High-Availability Seamless Redundancy (HSR)

· The HSR feature does not work together with L2NAT.
· MACsec, HSR, and PRP are not allowed together.
· HSR supports an MTU size of up to 1998 bytes of Ethernet payload.
· STP is not supported on the HSR ring. By default, all modes of Spanning Tree Protocol (STP) will be disabled on the ring ports.
· PTP over HSR-SAN is supported on IE3400 Advanced FPGA SKUs and IE 3400H. PTP over HSR-SAN is not supported on IE3200 or IE3300.
· Switched Port Analyzer (SPAN) and Remote SPAN (RSPAN) are not supported on HSR. That is, SPAN and RSPAN should not be used to monitor the traffic on an HSR ring. In addition, traffic that has been monitored using RSPAN should not be transferred over an HSR ring.
· It is important for all interfaces in an HSR ring to have the same speed and duplex settings. It is recommended to apply those settings before configuring ring membership.
· Once a port is part of ring, the port cannot be shut down.
For example, if G1/3 and G1/4 are part of an HSR ring and you try to shut down G1/3 or G1/4, the operation will not be permitted:
Switch(config)# interface range g1/3 Switch(config-if-range)#shutdown
%Interface GigabitEthernet1/3 is configured in a HSR ring shutdown not permitted! Switch(config-if-range)#
You can perform a shutdown of the HSR ring. For example:
Switch# conf t Switch(config)#int hs1 Switch(config-if-range)#shut
· VLAN configuration such as trunk and access mode must be the same on both the ports participating in the ring. For example, if G1/4 and G1/3 in an HSR ring are in trunk mode and you attempt to change the mode of one port to access, the ports in the ring will not be bundled:
Switch(config)# interface range g1/3 Switch(config-if-range)# switchport mode access Jul 27 22:00:27.809 IST: %EC-5-CANNOT_BUNDLE2: Gi1/3 is not compatible with Gi1/4 and will be suspended (trunk mode of Gi1/3 is access, Gi1/4 is dynamic)
· After an interface is added in the HSR ring, only the primary interface counters are updated. You should not need to configure and check the status of individual physical interfaces after they are added to the HSR ring.
· As soon as you configure an HSR ring on two ports of a switch, MAC flaps will be observed on other switches where the HSR configuration is yet to be applied. We recommend that you shut down the newly created HSR ring on the switch before configuring the ring on all switches, and then reenable them one by one as shown below. For example, if there are four switches in the ring, disable the HSR ring interfaces on each switch:
Switch1(config)# interface range g1/1-2 Switch1(config-if-range)# shutdown Switch1(config-if-range)# hsr-ring hs1 Creating a HSR-ring interface hs1 Switch1(config-if-range)# int hs1 Switch1(config-if-range)# shutdown Switch1 (config-if-range)# end

Redundancy Protocol Configuration Guide, Cisco Catalyst IE3x00 and IE3100 Rugged, IE3400 Heavy Duty, and ESS3300 Series Switches 16

High-Availability Seamless Redundancy (HSR)

Default Settings

After all four switches are configured with the ring, reenable the HSR ports on each switch:
Switch1# conf t Enter configuration commands, one per line. End with CNTL/Z. Switch1(config)# int hs1 Switch1(config-if-range)# no shutdown Switch1(config- if-range)# end Switch1#
This prevents interim MAC flapping during HSR ring configuration in member switches.

Default Settings

Table 1: HSR Ring Parameters

Parameter

Description

Range

Default Value

entryForgetTime

Time for clearing an inactive entry from duplicate discard table.

0-65535

400 ms

fpgamode-DualUplinkEnhancement Set FPGA register for source mac filtering.

enable or disable

enable

nodeForgetTime

Time to clear an inactive 0-65535 entry from the node table.

6000 ms

nodeRebootInterval

Time after which the RedBox must start sending supervision frames after bootup.

0-65535

500 ms

pauseFrameTime

Time interval between 0-65535 HSR pause frames.

25 ms

proxyNodeTableForgetTime Time to clear an inactive 0-65535 entry from the proxy node table or vdan table.

6000 ms

supervisionFrameLifeCheckInterval Life check interval value 0-65535 for supervision frames.

2000 ms

supervisionFrameOption

mac-da

The last bytes of the

1-255 MAC DA last eight No default

destination MAC address bits option value

of supervision frames

(01:15:4E:00:01:00). The

last 00 is replaced by the

value of this parameter.

Redundancy Protocol Configuration Guide, Cisco Catalyst IE3x00 and IE3100 Rugged, IE3400 Heavy Duty, and ESS3300 Series Switches 17

Configuring an HSR Ring

High-Availability Seamless Redundancy (HSR)

Parameter

Description

Range

vlan-cfi

Enable Canonical Format enable or disable Indicator (CFI) for the VLAN tagged frame.

vlan-cos

Class of Service (COS) 0-7 value to be set in the VLAN tag of the Supervision frame.

vlan-id

The VLAN tag of the supervision frame.

0-4095

vlan-tagged

Set VLAN tagging option. enable or disable

supervisionFrameRedboxMacaddress The RedBox MAC

48-bit RedBox MAC

address in the supervision address

frames.

supervisionFrameTime Time interval between 0-65535 supervision frames.

Default Value disable
0
0 disable The interface HSR ring MAC address 3 ms

Configuring an HSR Ring
Follow these steps to configure an HSR ring:
Before you begin · See Guidelines and Limitations, on page 15. · Ensure that the member interfaces of a HSR ring are not participating in any redundancy protocols such as FlexLinks, EtherChannel, REP, and so on before configuring a HSR ring.

Step 1 Step 2 Step 3 Step 4 Step 5

Enter global configuration mode:
Switch# configure terminal
(Optional) Globally enable CDP to provide information about HSR ring nodes:
Switch(config)# cdp run
(Optional) Globally enable LLDP to provide information about HSR ring nodes:
Switch(config)# lldp run
Enter interface configuration mode and disable PTP on the ports to be assigned to the HSR ring:
Switch(config)# interface range gigabitEthernet 1/1-2 Switch(config-if-range)# no ptp enable
(Optional) Enable CDP on the ports to be assigned to the HSR ring:
Switch(config-if-range)#cdp enable

Redundancy Protocol Configuration Guide, Cisco Catalyst IE3x00 and IE3100 Rugged, IE3400 Heavy Duty, and ESS3300 Series Switches 18

High-Availability Seamless Redundancy (HSR)

Enabling HSR Alarms

Step 6 Step 7 Step 8 Step 9
Step 10

(Optional) Enable LLDP on the ports to be assigned to the HSR ring:
Switch(config-if-range)#lldp transmit Switch(config-if-range)#lldp receive
Shut down the ports before configuring the HSR ring:
Switch(config-if-range)# shutdown
Create the HSR ring interface and assign the ports to the HSR ring:
Switch(config)# interface range gigabitEthernet 1/1-2 Switch(config-if-range)# hsr-ring 1
(Optional) If required, configure HSR ring optional parameters. See Default Settings, on page 17 for the parameter descriptions, ranges and default values.
Switch(config-if-range)# hsr 1 supervisionFrameLifeCheckInterval 10000
Turn on the HSR interface:
Switch(config-if-range)# no shutdown Switch(config-if)# end

Example
Switch# conf t Enter configuration commands, one per line. End with CNTL/Z. Switch(config)# interface range gigabitEthernet 1/1-2 Switch(config-if-range)# no ptp enable Switch(config-if-range)# shutdown Switch(config-if-range)# hsr- ring 1 Switch(config-if-range)# hsr-ring 1 supervisionFrameLifeCheckInterval 10000 Switch(config-if-range)# no shutdown Switch(config-if-range)# end

Enabling HSR Alarms
To enable alarms for HSR, follow these steps:

Before you begin
Alarms and actions can be enabled/disabled at the facility level only. You cannot enable only partial faults or full faults; either all alarms for given facility are enabled or all are disabled.
See HSR Alarms, on page 11 for details about HSR alarms.

SUMMARY STEPS

1. Enter global configuration mode: 2. Enable the HSR alarm facility: 3. (Optional) Enable SNMP notification for HSR alarms: 4. (Optional) Associate HSR alarms with the Major Relay:

Redundancy Protocol Configuration Guide, Cisco Catalyst IE3x00 and IE3100 Rugged, IE3400 Heavy Duty, and ESS3300 Series Switches 19

Clearing All Node Table and VDAN Table Dynamic Entries

High-Availability Seamless Redundancy (HSR)

DETAILED STEPS

5. (Optional) Send HSR alarms to a syslog server: 6. (Optional) Enable logging of informational HSR alarm messages: 7. Exit global configuration mode: 8. Verify the configuration:

Step 1 Step 2
Step 3 Step 4 Step 5 Step 6 Step 7 Step 8

Enter global configuration mode:
Switch# configure terminal
Enable the HSR alarm facility:
Switch(config)# alarm facility hsr enable
To disable HSR alarms, enter no alarm facility hsr enable. (Optional) Enable SNMP notification for HSR alarms:
Switch(config)# alarm facility hsr notifies
(Optional) Associate HSR alarms with the Major Relay:
Switch(config)# alarm facility hsr relay major
(Optional) Send HSR alarms to a syslog server:
Switch(config)# alarm facility hsr syslog
(Optional) Enable logging of informational HSR alarm messages:
Switch(config)# logging alarm informational
Exit global configuration mode:
Switch(config)# end
Verify the configuration:
Switch# show facility-alarm status

Clearing All Node Table and VDAN Table Dynamic Entries
To clear all dynamic entries in the node table, enter clear hsr node-table To clear all dynamic entries in the VDAN table, enter clear hsr vdan-table

Redundancy Protocol Configuration Guide, Cisco Catalyst IE3x00 and IE3100 Rugged, IE3400 Heavy Duty, and ESS3300 Series Switches 20

High-Availability Seamless Redundancy (HSR)

Verifying Configuration

Verifying Configuration
Command show hsr ring 1 [detail ] show hsr statistics {egressPacketStatistics | ingressPacketStatistics | nodeTableStatistics | pauseFrameStatistics}
show hsr node-table show hsr vdan-table
show cdp neighbors show lldp neighbors show alarm settings | begin hsr show alarm facility status

Purpose

Displays configuration details for the specified HSR ring.

Displays statistics for HSR components.

Note

To clear HSR statistics information,

enter the command clear hsr statistics.

Displays HSR node table.

Displays HSR Virtual Doubly Attached Node (VDAN) table.

Note

The VDAN table and Proxy node table

are the same.

Displays CDP neighbor information for an HSR ring.
Displays LLDP neighbor information for an HSR ring.
Display HSR alarm configuration.
Display HSR alarms, including partial or full ring faults.

Configuration Example
HSR-SAN This example shows the configuration of an HSR ring (Ring 1) using G1/3 and G1/4 ports between four devices.

Redundancy Protocol Configuration Guide, Cisco Catalyst IE3x00 and IE3100 Rugged, IE3400 Heavy Duty, and ESS3300 Series Switches 21

Configuration Example

High-Availability Seamless Redundancy (HSR)

IE3400-1# conf t

Enter configuration commands, one per line.

IE3400-1(config)# interface range g1/3-4

IE3400-1(config-if-range)# shutdown

IE3400-1(config-if-range)# hsr-ring 1

IE3400-1(config-if-range)# no shutdown

IE3400-1(config-if-range)# end

IE3400-1#

IE3400-2# conf t

Enter configuration commands, one per line.

IE3400-2(config)# interface range g1/3-4

IE3400-2(config-if-range)# shutdown

IE3400-2(config-if-range)# hsr-ring 1

IE3400-2(config-if-range)# no shutdown

IE3400-2(config-if-range)# end

IE3400-2#

IE3400-3# conf t

Enter configuration commands, one per line.

IE3400-3(config)# interface range g1/3-4

IE3400-3(config-if-range)# shutdown

IE3400-3(config-if-range)# hsr-ring 1

IE3400-3(config-if-range)# no shutdown

IE3400-3(config-if-range)# end

IE3400-3#

IE3400-4# conf t

Enter configuration commands, one per line.

IE3400-4(config)# interface range g1/3-4

IE3400-4(config-if-range)# shutdown

IE3400-4(config-if-range)# hsr-ring 1

IE3400-4(config-if-range)# no shutdown

IE3400-4(config-if-range)# end

IE3400-4#

IE3400-1# sh hsr ring 1 detail

HSR-ring: HS1

————

Layer type = L2

Operation Mode = mode-H

Ports: 2

Maxports = 2

Port state = hsr-ring is Inuse

Protocol = Enabled Redbox Mode = hsr-san

End with CNTL/Z. End with CNTL/Z. End with CNTL/Z. End with CNTL/Z.

Redundancy Protocol Configuration Guide, Cisco Catalyst IE3x00 and IE3100 Rugged, IE3400 Heavy Duty, and ESS3300 Series Switches 22

High-Availability Seamless Redundancy (HSR)

Ports in the ring: 1) Port: Gi1/3 Logical slot/port = 1/3 Protocol = Enabled 2) Port: Gi1/4 Logical slot/port = 1/4 Protocol = Enabled

Port state = Inuse Port state = Inuse

Ring Parameters: Redbox MacAddr: f454.3365.8a84 Node Forget Time: 60000 ms Node Reboot Interval: 500 ms Entry Forget Time: 400 ms Proxy Node Forget Time: 60000 ms Supervision Frame COS option: 0 Supervision Frame CFI option: 0 Supervision Frame VLAN Tag option: Disabled Supervision Frame MacDa: 0x00 Supervision Frame VLAN id: 0 Supervision Frame Time: 3 ms Life Check Interval: 2000 ms Pause Time: 25 ms

IE3400-2# show hsr ring 1 detail

HSR-ring: HS1

————

Layer type = L2

Operation Mode = mode-H

Ports: 2

Maxports = 2

Port state = hsr-ring is Inuse

Protocol = Enabled Redbox Mode = hsr-san

Ports in the ring:

Port: Gi1/3

Logical slot/port = 1/3

Port state = Inuse

Protocol = Enabled

Port: Gi1/4

Logical slot/port = 1/4

Port state = Inuse

Protocol = Enabled

Ring Parameters: Redbox MacAddr: 34c0.f958.ee83 Node Forget Time: 60000 ms Node Reboot Interval: 500 ms Entry Forget Time: 400 ms Proxy Node Forget Time: 60000 ms Supervision Frame COS option: 0 Supervision Frame CFI option: 0 Supervision Frame VLAN Tag option: Disabled Supervision Frame MacDa: 0x00 Supervision Frame VLAN id: 0 Supervision Frame Time: 3 ms Life Check Interval: 2000 ms Pause Time: 25 ms

IE3400-4# sh hsr ring 1 de

HSR-ring: HS1

————

Layer type = L2

Operation Mode = mode-H

Ports: 2

Maxports = 2

Port state = hsr-ring is Inuse

Protocol = Enabled Redbox Mode = hsr-san

Ports in the ring:

Port: Gi1/3

Configuration Example

Redundancy Protocol Configuration Guide, Cisco Catalyst IE3x00 and IE3100 Rugged, IE3400 Heavy Duty, and ESS3300 Series Switches 23

HSRP Overview

Configuring HSRP

a virtual MAC address and an IP address that is shared among router interfaces in a group of router interfaces running HSRP. The router selected by the protocol to be the active router receives and routes packets destined for the group’s MAC address. For n routers running HSRP, there are n +1 IP and MAC addresses assigned.
HSRP detects when the designated active router fails, and a selected standby router assumes control of the Hot Standby group’s MAC and IP addresses. A new standby router is also selected at that time. Devices running HSRP send and receive multicast UDP-based hello packets to detect router failure and to designate active and standby routers. When HSRP is configured on an interface, Internet Control Message Protocol (ICMP) redirect messages are automatically enabled for the interface.
You can configure multiple Hot Standby groups among switches and switch stacks that are operating in Layer 3 to make more use of the redundant routers.
To do so, specify a group number for each Hot Standby command group you configure for an interface. For example, you might configure an interface on switch 1 as an active router and one on switch 2 as a standby router and also configure another interface on switch 2 as an active router with another interface on switch 1 as its standby router.
The following figure shows a segment of a network configured for HSRP. Each router is configured with the MAC address and IP network address of the virtual router. Instead of configuring hosts on the network with the IP address of Router A, you configure them with the IP address of the virtual router as their default router. When Host C sends packets to Host B, it sends them to the MAC address of the virtual router. If for any reason, Router A stops transferring packets, Router B responds to the virtual IP address and virtual MAC address and becomes the active router, assuming the active router duties. Host C continues to use the IP address of the virtual router to address packets destined for Host B, which Router B now receives and sends to Host B. Until Router A resumes operation, HSRP allows Router B to provide uninterrupted service to users on Host C’s segment that need to communicate with users on Host B’s segment and also continues to perform its normal function of handling packets between the Host A segment and Host B.
Figure 2: Typical HSRP Configuration

Redundancy Protocol Configuration Guide, Cisco Catalyst IE3x00 and IE3100 Rugged, IE3400 Heavy Duty, and ESS3300 Series Switches 28

Configuring HSRP

HSRP Versions

HSRP Versions
The switch supports these HSRP versions: · HSRPv1- Version 1 of the HSRP, the default version of HSRP. It has these features: · The HSRP group number can be from 0 to 255.
· HSRPv1 uses the multicast address 224.0.0.2 to send hello packets, which can conflict with Cisco Group Management Protocol (CGMP) leave processing. You cannot enable HSRPv1 and CGMP at the same time; they are mutually exclusive.
· HSRPv2- Version 2 of the HSRP has these features: · HSRPv2 uses the multicast address 224.0.0.102 to send hello packets. HSRPv2 and CGMP leave processing are no longer mutually exclusive, and both can be enabled at the same time.
· HSRPv2 has a different packet format than HRSPv1.

A switch running HSRPv1 cannot identify the physical router that sent a hello packet because the source MAC address of the router is the virtual MAC address.
HSRPv2 has a different packet format than HSRPv1. A HSRPv2 packet uses the type-length-value (TLV) format and has a 6-byte identifier field with the MAC address of the physical router that sent the packet.
If an interface running HSRPv1 gets an HSRPv2 packet, the type field is ignored.

Multiple HSRP

The switch supports Multiple HSRP (MHSRP), an extension of HSRP that allows load sharing between two or more HSRP groups. You can configure MHSRP to achieve load-balancing and to use two or more standby groups (and paths) from a host network to a server network.
In the figure below, half the clients are configured for Router A, and half the clients are configured for Router B. Together, the configuration for Routers A and B establishes two HSRP groups. For group 1, Router A is the default active router because it has the assigned highest priority, and Router B is the standby router. For group 2, Router B is the default active router because it has the assigned highest priority, and Router A is the standby router. During normal operation, the two routers share the IP traffic load. When either router becomes unavailable, the other router becomes active and assumes the packet-transfer functions of the router that is unavailable.

Note For MHSRP, you need to enter the standby preempt interface configuration command on the HSRP interfaces so that if a router fails and then comes back up, preemption restores load sharing.

Redundancy Protocol Configuration Guide, Cisco Catalyst IE3x00 and IE3100 Rugged, IE3400 Heavy Duty, and ESS3300 Series Switches 29

HSRP and Switch Stacks Figure 3: MHSRP Load Sharing

Configuring HSRP

HSRP and Switch Stacks
HSRP hello messages are generated by the stack master. If an HSRP-active stack master fails, a flap in the HSRP active state might occur. This is because HSRP hello messages are not generated while a new stack master is elected and initialized, and the standby router might become active after the stack master fails.
Configuring HSRP for IPv6
Switches running the support the Hot Standby Router Protocol (HSRP) for IPv6. HSRP provides routing redundancy for routing IPv6 traffic not dependent on the availability of any single router. IPv6 hosts learn of available routers through IPv6 neighbor discovery router advertisement messages. These messages are multicast periodically or are solicited by hosts. An HSRP IPv6 group has a virtual MAC address that is derived from the HSRP group number and a virtual IPv6 link-local address that is, by default, derived from the HSRP virtual MAC address. Periodic messages are sent for the HSRP virtual IPv6 link-local address when the HSRP group is active. These messages stop after a final one is sent when the group leaves the active state.
Note When configuring HSRP for IPv6, you must enable HSRP version 2 (HSRPv2) on the interface.
HSRP IPv6 Virtual MAC Address Range
HSRP IPv6 uses a different virtual MAC address block than does HSRP for IP: 0005.73A0.0000 through 0005.73A0.0FFF (4096 addresses)
HSRP IPv6 UDP Port Number
Port number 2029 has been assigned to HSRP IPv6.
Redundancy Protocol Configuration Guide, Cisco Catalyst IE3x00 and IE3100 Rugged, IE3400 Heavy Duty, and ESS3300 Series Switches 30

Configuring HSRP

How to Configure HSRP

Default HSRP Configuration

Table 2: Default HSRP Configuration

Feature HSRP version HSRP groups Standby group number Standby MAC address Standby priority Standby delay Standby track interface priority Standby hello time Standby holdtime

Default Setting Version 1 None configured 0 System assigned as: 0000.0c07.acXX, where XX is the HSRP group number 100 0 (no delay) 10
3 seconds 10 seconds

HSRP Configuration Guidelines
· HSRPv2 and HSRPv1 are mutually exclusive. HSRPv2 is not interoperable with HSRPv1 on an interface and the reverse.
· In the procedures, the specified interface must be one of these Layer 3 interfaces: · Routed port: A physical port configured as a Layer 3 port by entering the no switchport command in interface configuration mode.
· SVI: A VLAN interface created by using the interface vlan vlan_id in global configuration mode, and by default a Layer 3 interface.
· Etherchannel port channel in Layer 3 mode: A port-channel logical interface created by using the interface port-channel port-channel-number in global configuration mode, and binding the Ethernet interface into the channel group.
· You can configure a maximum of 32 HSRP groups.
· All Layer 3 interfaces must have IP addresses assigned to them.
· HSRP millisecond timers are not supported.

Enabling HSRP
The standby ip interface configuration command activates HSRP on the configured interface. If an IP address is specified, that address is used as the designated address for the Hot Standby group. If no IP address is specified, the address is learned through the standby function. You must configure at least one Layer 3 port

Redundancy Protocol Configuration Guide, Cisco Catalyst IE3x00 and IE3100 Rugged, IE3400 Heavy Duty, and ESS3300 Series Switches 31

Enabling HSRP

Configuring HSRP

on the LAN with the designated address. Configuring an IP address always overrides another designated address currently in use.
When the standby ip command is enabled on an interface and proxy ARP is enabled, if the interface’s Hot Standby state is active, proxy ARP requests are answered using the Hot Standby group MAC address. If the interface is in a different state, proxy ARP responses are suppressed.

SUMMARY STEPS

1. configure terminal 2. interface interface-id 3. standby version { 1 | 2 } 4. standby [group-number] ip [ip-address [secondary]] 5. end 6. show standby [interface-id [group]] 7. copy running-config startup-config

DETAILED STEPS

Step 1

Command or Action configure terminal Example:
Switch(config)# configure terminal

Step 2

interface interface-id Example:
Switch(config)# interface gigabitethernet1/0/1

Step 3

standby version { 1 | 2 } Example:
Switch(config-if)# standby version 1

Purpose Enters global configuration mode.
Enters interface configuration mode, and enter the Layer 3 interface on which you want to enable HSRP.
(Optional) Configures the HSRP version on the interface. · 1- Selects HSRPv1. · 2- Selects HSRPv2.

Step 4

If you do not enter this command or do not specify a keyword, the interface runs the default HSRP version, HSRP v1.

standby [group-number] ip [ip-address [secondary]] Creates (or enable) the HSRP group using its number and

Example:

virtual IP address.

Switch(config-if)# standby 1 ip

· (Optional) group-number- The group number on the interface for which HSRP is being enabled. The range

is 0 to 255; the default is 0. If there is only one HSRP

group, you do not need to enter a group number.

· (Optional on all but one interface) ip-address- The virtual IP address of the hot standby router interface. You must enter the virtual IP address for at least one of the interfaces; it can be learned on the other interfaces.

Redundancy Protocol Configuration Guide, Cisco Catalyst IE3x00 and IE3100 Rugged, IE3400 Heavy Duty, and ESS3300 Series Switches 32

Configuring HSRP

Enabling and Verifying an HSRP Group for IPv6 Operation

Command or Action

Step 5 Step 6 Step 7

end Example:
Switch(config-if)# end
show standby [interface-id [group]] Example:
Switch # show standby
copy running-config startup-config Example:
Switch# copy running-config startup-config

Purpose · (Optional) secondary- The IP address is a secondary hot standby router interface. If neither router is designated as a secondary or standby router and no priorities are set, the primary IP addresses are compared and the higher IP address is the active router, with the next highest as the standby router.
Returns to privileged EXEC mode
Verifies the configuration of the standby groups.
(Optional) Saves your entries in the configuration file.

Enabling and Verifying an HSRP Group for IPv6 Operation
In this task, when you enter the standby ipv6 command, a link-local address is generated from the link-local prefix, and a modified EUI-64 format interface identifier is generated in which the EUI-64 interface identifier is created from the relevant HSRP virtual MAC address.
A link-local address is an IPv6 unicast address that can be automatically configured on any interface using the link-local prefix FE80::/10 (1111 1110 10) and the interface identifier in the modified EUI-64 format. Link-local addresses are used in the stateless autoconfiguration process. Nodes on a local link can use link-local addresses to communicate; the nodes do not need site-local or globally unique addresses to communicate.
In IPv6, a device on the link advertises in RA messages any site-local and global prefixes, and its willingness to function as a default device for the link. RA messages are sent periodically and in response to router solicitation messages, which are sent by hosts at system startup.
A node on the link can automatically configure site-local and global IPv6 addresses by appending its interface identifier (64 bits) to the prefixes (64 bits) included in the RA messages. The resulting 128-bit IPv6 addresses configured by the node are then subjected to duplicate address detection to ensure their uniqueness on the link. If the prefixes advertised in the RA messages are globally unique, then the IPv6 addresses configured by the node are also guaranteed to be globally unique. Router solicitation messages, which have a value of 133 in the Type field of the ICMP packet header, are sent by hosts at system startup so that the host can immediately autoconfigure without needing to wait for the next scheduled RA message.
To enabling and verifying an HSRP group for IPv6, perform this procedure:

Redundancy Protocol Configuration Guide, Cisco Catalyst IE3x00 and IE3100 Rugged, IE3400 Heavy Duty, and ESS3300 Series Switches 33

Enabling and Verifying an HSRP Group for IPv6 Operation

Configuring HSRP

Step 1 Step 2 Step 3 Step 4 Step 5 Step 6 Step 7 Step 8 Step 9

Procedure Command or Action enable Example:
Device> enable
configure terminal Example:
Device# configure terminal
ipv6 unicast-routing Example:
Device(config)# ipv6 unicast-routing
interface type number Example:

Purpose Enables privileged EXEC mode.
· Enter your password if prompted.
Enters global configuration mode.
Enables the forwarding of IPv6 unicast datagrams. · The ipv6 unicast-routing command must be enabled for HSRP for IPv6 to work.
Specifies an interface type and number, and places the device in interface configuration mode.

Device(config)# interface GigabitEthernet 0/0/0

standby [group-number] ipv6 {link-local-address | autoconfig}
Example:

Activates the HSRP in IPv6.

Device(config-if)# standby 1 ipv6 autoconfig
standby [group-number] preempt [delay minimum seconds | reload seconds | sync seconds] Example:

Configures HSRP preemption and preemption delay.

Device(config-if)# standby 1 preempt
standby [group-number] priority priority Example:

Configures HSRP priority.

Device(config-if)# standby 1 priority 110
exit Example:

Returns the device to privileged EXEC mode.

Device(config-if)# exit
show standby [type number [group]] [all | brief] Example:

Displays HSRP information.

Device# show standby

Redundancy Protocol Configuration Guide, Cisco Catalyst IE3x00 and IE3100 Rugged, IE3400 Heavy Duty, and ESS3300 Series Switches 34

Configuring HSRP

Configuring HSRP Priority

Step 10

Command or Action
show ipv6 interface [brief] [interface-type interface-number] [prefix] Example:

Purpose
Displays the usability status of interfaces configured for IPv6.

Device# show ipv6 interface GigabitEthernet 0/0/0

Configuring HSRP Priority
The standby priority, standby preempt, and standby track interface configuration commands are all used to set characteristics for finding active and standby routers and behavior regarding when a new active router takes over.
When configuring HSRP priority, follow these guidelines:
· Assigning a priority allows you to select the active and standby routers. If preemption is enabled, the router with the highest priority becomes the active router. If priorities are equal, the current active router does not change.
· The highest number (1 to 255) represents the highest priority (most likely to become the active router).
· When setting the priority, preempt, or both, you must specify at least one keyword (priority, preempt, or both)
· The priority of the device can change dynamically if an interface is configured with the standby track command and another interface on the router goes down.
· The standby track interface configuration command ties the router hot standby priority to the availability of its interfaces and is useful for tracking interfaces that are not configured for HSRP. When a tracked interface fails, the hot standby priority on the device on which tracking has been configured decreases by 10. If an interface is not tracked, its state changes do not affect the hot standby priority of the configured device. For each interface configured for hot standby, you can configure a separate list of interfaces to be tracked.
· The standby track interface-priority interface configuration command specifies how much to decrement the hot standby priority when a tracked interface goes down. When the interface comes back up, the priority is incremented by the same amount.
· When multiple tracked interfaces are down and interface-priority values have been configured, the configured priority decrements are cumulative. If tracked interfaces that were not configured with priority values fail, the default decrement is 10, and it is noncumulative.
· When routing is first enabled for the interface, it does not have a complete routing table. If it is configured to preempt, it becomes the active router, even though it is unable to provide adequate routing services. To solve this problem, configure a delay time to allow the router to update its routing table.
Beginning in privileged EXEC mode, use one or more of these steps to configure HSRP priority characteristics on an interface:

SUMMARY STEPS

1. configure terminal 2. interface interface-id

Redundancy Protocol Configuration Guide, Cisco Catalyst IE3x00 and IE3100 Rugged, IE3400 Heavy Duty, and ESS3300 Series Switches 35

Configuring HSRP Priority

Configuring HSRP

3. standby [group-number] prioritypriority 4. standby [group-number] preempt [delay [minimumseconds] [reloadseconds] [syncseconds]] 5. standby [group- number] track type number [interface-priority] 6. end 7. show running-config 8. copy running-config startup-config

DETAILED STEPS

Step 1 Step 2 Step 3

Command or Action configure terminal Example:
Switch # configure terminal
interface interface-id Example:
Switch(config)# interface gigabitethernet1/0/1
standby [group-number] prioritypriority Example:
Switch(config-if)# standby 120 priority 50

Purpose Enters global configuration mode.
Enters interface configuration mode, and enter the HSRP interface on which you want to set priority.
Sets a priority value used in choosing the active router. The range is 1 to 255; the default priority is 100. The highest number represents the highest priority.
· (Optional) group-number–The group number to which the command applies.

Step 4

Use the no form of the command to restore the default values.

standby [group-number] preempt [delay

Configures the router to preempt, which means that when

[minimumseconds] [reloadseconds] [syncseconds]] the local router has a higher priority than the active router,

Example:

it becomes the active router.

Switch(config-if)# standby 1 preempt delay 300

· (Optional) group-number-The group number to which the command applies.

· (Optional) delay minimum–Set to cause the local router to postpone taking over the active role for the number of seconds shown. The range is 0 to 3600 seconds (1 hour); the default is 0 (no delay before taking over).

· (Optional) delay reload–Set to cause the local router to postpone taking over the active role after a reload for the number of seconds shown. The range is 0 to 3600 seconds (1 hour); the default is 0 (no delay before taking over after a reload).

· (Optional) delay sync–Set to cause the local router to postpone taking over the active role so that IP redundancy clients can reply (either with an ok or wait reply) for the number of seconds shown. The range is

Redundancy Protocol Configuration Guide, Cisco Catalyst IE3x00 and IE3100 Rugged, IE3400 Heavy Duty, and ESS3300 Series Switches 36

Configuring HSRP

Configuring MHSRP

Command or Action

Step 5

standby [group-number] track type number [interface-priority] Example:
Switch(config-if)# standby track interface gigabitethernet1/1/1

Step 6

end Example:
Switch(config-if)# end

Purpose 0 to 3600 seconds (1 hour); the default is 0 (no delay before taking over).
Use the no form of the command to restore the default values.
Configures an interface to track other interfaces so that if one of the other interfaces goes down, the device’s Hot Standby priority is lowered.
· (Optional) group-number- The group number to which the command applies.
· type- Enter the interface type (combined with interface number) that is tracked.
· number- Enter the interface number (combined with interface type) that is tracked.
· (Optional) interface-priority- Enter the amount by which the hot standby priority for the router is decremented or incremented when the interface goes down or comes back up. The default value is 10.
Returns to privileged EXEC mode.

Step 7 Step 8

show running-config copy running-config startup-config

Verifies the configuration of the standby groups. (Optional) Saves your entries in the configuration file.

Configuring MHSRP
To enable MHSRP and load-balancing, you configure two routers as active routers for their groups, with virtual routers as standby routers as shown in the MHSRP Load Sharing figure in the Multiple HSRP section. You need to enter the standby preempt interface configuration command on each HSRP interface so that if a router fails and comes back up, the preemption occurs and restores load-balancing.
Router A is configured as the active router for group 1, and Router B is configured as the active router for group 2. The HSRP interface for Router A has an IP address of 10.0.0.1 with a group 1 standby priority of 110 (the default is 100). The HSRP interface for Router B has an IP address of 10.0.0.2 with a group 2 standby priority of 110.
Group 1 uses a virtual IP address of 10.0.0.3 and group 2 uses a virtual IP address of 10.0.0.4.
Configuring Router A

SUMMARY STEPS

1. configure terminal

Redundancy Protocol Configuration Guide, Cisco Catalyst IE3x00 and IE3100 Rugged, IE3400 Heavy Duty, and ESS3300 Series Switches 37

Configuring Router A

Configuring HSRP

2. interface type number 3. no switchport 4. ip address ip-address mask 5. standby [group-number] ip [ip-address [secondary]] 6. standby [group-number] priority priority 7. standby [group-number] preempt [delay [minimum seconds] [reload seconds] [sync seconds]] 8. standby [group-number] ip [ip-address [secondary]] 9. standby [group-number] preempt [delay [minimum seconds] [reload seconds] [sync seconds]] 10. end 11. show running-config 12. copy running-config startup-config

DETAILED STEPS

Step 1

Command or Action configure terminal Example:
Switch # configure terminal

Purpose Enters global configuration mode.

Step 2

interface type number Example:

Configures an interface type and enters interface configuration mode.

Switch (config)# interface gigabitethernet1/0/1

Step 3

no switchport Example:
Switch (config)# no switchport

Switches an interface that is in Layer 2 mode into Layer 3 mode for Layer 3 configuration.

Step 4

ip address ip-address mask
Example:
Switch (config-if)# ip address 10.0.0.1 255.255.255.0

Specifies an IP address for an interface.

Step 5

standby [group-number] ip [ip-address [secondary]] Creates the HSRP group using its number and virtual IP

Example:

address.

Switch (config-if)# standby 1 ip 10.0.0.3

· (Optional) group-number- The group number on the interface for which HSRP is being enabled. The range

is 0 to 255; the default is 0. If there is only one HSRP

group, you do not need to enter a group number.

· (Optional) secondary- The IP address is a secondary hot standby router interface. If neither router is designated as a secondary or standby router and no

Redundancy Protocol Configuration Guide, Cisco Catalyst IE3x00 and IE3100 Rugged, IE3400 Heavy Duty, and ESS3300 Series Switches 38

Configuring HSRP

Configuring Router A

Step 6 Step 7
Step 8

Command or Action

Purpose
priorities are set, the primary IP addresses are compared and the higher IP address is the active router, with the next highest as the standby router.

standby [group-number] priority priority Example:
Switch(config-if)# standby 1 priority 110

Sets a priority value used in choosing the active router. The range is 1 to 255; the default priority is 100. The highest number represents the highest priority.
· (Optional) group-number–The group number to which the command applies.

Use the no form of the command to restore the default values.

standby [group-number] preempt [delay [minimum Configures the router to preempt, which means that when

seconds] [reload seconds] [sync seconds]]

the local router has a higher priority than the active router,

Example:

it becomes the active router.

Switch(config-if)# standby 1 preempt delay 300

· (Optional) group-number-The group number to which the command applies.

.
· (Optional) delay sync–Set to cause the local router to postpone taking over the active role so that IP redundancy clients can reply (either with an ok or wait reply) for the number of seconds shown. The range is 0 to 3600 seconds (1 hour); the default is 0 (no delay before taking over).

Use the no form of the command to restore the default values.

standby [group-number] ip [ip-address [secondary]] Creates the HSRP group using its number and virtual IP

Example:

address.

Switch (config-if)# standby 2 ip 10.0.0.4

· (Optional) group-number- The group number on the interface for which HSRP is being enabled. The range

is 0 to 255; the default is 0. If there is only one HSRP

group, you do not need to enter a group number.

Redundancy Protocol Configuration Guide, Cisco Catalyst IE3x00 and IE3100 Rugged, IE3400 Heavy Duty, and ESS3300 Series Switches 39

Configuring Router B

Configuring HSRP

Step 9
Step 10 Step 11 Step 12

Command or Action

Purpose
· (Optional on all but one interface) ip-address- The virtual IP address of the hot standby router interface. You must enter the virtual IP address for at least one of the interfaces; it can be learned on the other interfaces.
· (Optional) secondary- The IP address is a secondary hot standby router interface. If neither router is designated as a secondary or standby router and no priorities are set, the primary IP addresses are compared and the higher IP address is the active router, with the next highest as the standby router.

standby [group-number] preempt [delay [minimum Configures the router to preempt, which means that when

seconds] [reload seconds] [sync seconds]]

the local router has a higher priority than the active router,

Example:

it becomes the active router.

Switch(config-if)# standby 2 preempt delay 300

· (Optional) group-number-The group number to which the command applies.

· (Optional) delay minimum–Set to cause the local

router to postpone taking over the active role for the

number of seconds shown. The range is 0 to 3600

seconds (1 hour); the default is 0 (no delay before

taking over).

· (Optional) delay reload–Set to cause the local router

to postpone taking over the active role after a reload

for the number of seconds shown. The range is 0 to

3600 seconds (1 hour); the default is 0 (no delay

before taking over after a reload).

· (Optional) delay sync–Set to cause the local router

to postpone taking over the active role so that IP redundancy clients can reply (either with an ok or wait reply) for the number of seconds shown. The range is 0 to 3600 seconds (1 hour); the default is 0 (no delay before taking over).

Use the no form of the command to restore the default values.

end Example:
Switch(config-if)# end

Returns to privileged EXEC mode.

show running-config copy running-config startup-config

Verifies the configuration of the standby groups. (Optional) Saves your entries in the configuration file.

Configuring Router B

SUMMARY STEPS

1. configure terminal

Redundancy Protocol Configuration Guide, Cisco Catalyst IE3x00 and IE3100 Rugged, IE3400 Heavy Duty, and ESS3300 Series Switches 40

Configuring HSRP

Configuring Router B

DETAILED STEPS

Step 1

Command or Action configure terminal Example:
Switch # configure terminal

Purpose Enters global configuration mode.

Step 2

interface type number Example:

Configures an interface type and enters interface configuration mode.

Switch (config)# interface gigabitethernet1/0/1

Step 3

no switchport Example:
Switch (config)# no switchport

Switches an interface that is in Layer 2 mode into Layer 3 mode for Layer 3 configuration.

Step 4

ip address ip-address mask
Example:
Switch (config-if)# ip address 10.0.0.2 255.255.255.0

Specifies an IP address for an interface.

Step 5

standby [group-number] ip [ip-address [secondary]] Creates the HSRP group using its number and virtual IP

Example:

address.

Switch (config-if)# standby 1 ip 10.0.0.3

· (Optional) group-number- The group number on the interface for which HSRP is being enabled. The range

is 0 to 255; the default is 0. If there is only one HSRP

group, you do not need to enter a group number.

· (Optional) secondary- The IP address is a secondary hot standby router interface. If neither router is designated as a secondary or standby router and no

Redundancy Protocol Configuration Guide, Cisco Catalyst IE3x00 and IE3100 Rugged, IE3400 Heavy Duty, and ESS3300 Series Switches 41

Configuring Router B

Configuring HSRP

Step 6 Step 7
Step 8

Command or Action

Purpose
priorities are set, the primary IP addresses are compared and the higher IP address is the active router, with the next highest as the standby router.

standby [group-number] priority priority Example:
Switch(config-if)# standby 2 priority 110

Use the no form of the command to restore the default values.

standby [group-number] preempt [delay [minimum Configures the router to preempt, which means that when

seconds] [reload seconds] [sync seconds]]

the local router has a higher priority than the active router,

Example:

it becomes the active router.

Switch(config-if)# standby 1 preempt delay 300

· (Optional) group-number-The group number to which the command applies.

Use the no form of the command to restore the default values.

standby [group-number] ip [ip-address [secondary]] Creates the HSRP group using its number and virtual IP

Example:

address.

Switch (config-if)# standby 2 ip 10.0.0.4

· (Optional) group-number- The group number on the interface for which HSRP is being enabled. The range

is 0 to 255; the default is 0. If there is only one HSRP

group, you do not need to enter a group number.

· (Optional on all but one interface) ip-address- The virtual IP address of the hot standby router interface.

Redundancy Protocol Configuration Guide, Cisco Catalyst IE3x00 and IE3100 Rugged, IE3400 Heavy Duty, and ESS3300 Series Switches 42

Configuring HSRP

Configuring Router B

Step 9
Step 10 Step 11 Step 12

Command or Action

Purpose
You must enter the virtual IP address for at least one of the interfaces; it can be learned on the other interfaces.
· (Optional) secondary- The IP address is a secondary hot standby router interface. If neither router is designated as a secondary or standby router and no priorities are set, the primary IP addresses are compared and the higher IP address is the active router, with the next highest as the standby router.

standby [group-number] preempt [delay [minimum Configures the router to preempt, which means that when

seconds] [reload seconds] [sync seconds]]

the local router has a higher priority than the active router,

Example:

it becomes the active router.

Switch(config-if)# standby 2 preempt delay 300

· (Optional) group-number-The group number to which the command applies.

.
· (Optional) delay reload–Set to cause the local router to postpone taking over the active role after a reload for the number of seconds shown. The range is 0 to 3600 seconds (1 hour); the default is 0 (no delay before taking over after a reload).

end Example:
Switch(config-if)# end
show running-config copy running-config startup-config

Use the no form of the command to restore the default values. Returns to privileged EXEC mode.
Verifies the configuration of the standby groups. (Optional) Saves your entries in the configuration file.

Redundancy Protocol Configuration Guide, Cisco Catalyst IE3x00 and IE3100 Rugged, IE3400 Heavy Duty, and ESS3300 Series Switches 43

Configuring HSRP Authentication and Timers

Configuring HSRP

Configuring HSRP Authentication and Timers
You can optionally configure an HSRP authentication string or change the hello-time interval and holdtime.
When configuring these attributes, follow these guidelines:
· The authentication string is sent unencrypted in all HSRP messages. You must configure the same authentication string on all routers and access servers on a cable to ensure interoperation. Authentication mismatch prevents a device from learning the designated Hot Standby IP address and timer values from other routers configured with HSRP.
· Routers or access servers on which standby timer values are not configured can learn timer values from the active or standby router. The timers configured on an active router always override any other timer settings.
· All routers in a Hot Standby group should use the same timer values. Normally, the holdtime is greater than or equal to 3 times the hellotime.
Beginning in privileged EXEC mode, use one or more of these steps to configure HSRP authentication and timers on an interface:

SUMMARY STEPS

1. configure terminal 2. interface interface-id 3. standby [group-number] authentication string 4. end 5. show running-config 6. copy running-config startup-config

DETAILED STEPS

Step 1

Command or Action configure terminal Example:
Switch # configure terminal

Purpose Enters global configuration mode.

Step 2

interface interface-id Example:
Switch(config) # interface gigabitethernet1/0/1

Enters interface configuration mode, and enter the HSRP interface on which you want to set priority.

Step 3

standby [group-number] authentication string

(Optional) authentication string–Enter a string to be

Example:

carried in all HSRP messages. The authentication string can be up to eight characters in length; the default string is cisco.

Switch(config-if) # standby 1 authentication word

(Optional) group-number–The group number to which the

command applies.

Step 4

end Example:

Returns to privileged EXEC mode.

Redundancy Protocol Configuration Guide, Cisco Catalyst IE3x00 and IE3100 Rugged, IE3400 Heavy Duty, and ESS3300 Series Switches 44

Configuring HSRP

Enabling HSRP Support for ICMP Redirect Messages

Command or Action
Switch(config-if) # end

Purpose

Step 5 Step 6

show running-config copy running-config startup-config

Verifies the configuration of the standby groups. (Optional) Saves your entries in the configuration file.

Enabling HSRP Support for ICMP Redirect Messages

SUMMARY STEPS

1. ICMP redirect messages are automatically enabled on interfaces configured with HSRP. ICMP is a network layer Internet protocol that provides message packets to report errors and other information relevant to IP processing. ICMP provides diagnostic functions, such as sending and directing error packets to the host. This feature filters outgoing ICMP redirect messages through HSRP, in which the next hop IP address might be changed to an HSRP virtual IP address.

DETAILED STEPS

Step 1

Command or Action

Purpose

ICMP redirect messages are automatically enabled on interfaces configured with HSRP. ICMP is a network layer Internet protocol that provides message packets to report errors and other information relevant to IP processing. ICMP provides diagnostic functions, such as sending and directing error packets to the host. This feature filters outgoing ICMP redirect messages through HSRP, in which the next hop IP address might be changed to an HSRP virtual IP address.

Verifying HSRP
Verifying HSRP Configurations
From privileged EXEC mode, use this command to display HSRP settings: show standby [interface-id [group]] [brief] [detail] You can display HSRP information for the whole switch, for a specific interface, for an HSRP group, or for an HSRP group on an interface. You can also specify whether to display a concise overview of HSRP information or detailed HSRP information. The default display is detail. If there are a large number of HSRP groups, using the show standby command without qualifiers can result in an unwieldy display.

Example
Switch #show standby VLAN1 – Group 1 Local state is Standby, priority 105, may preempt Hellotime 3 holdtime 10

Redundancy Protocol Configuration Guide, Cisco Catalyst IE3x00 and IE3100 Rugged, IE3400 Heavy Duty, and ESS3300 Series Switches 45

Configuration Examples for Configuring HSRP

Configuring HSRP

Next hello sent in 00:00:02.182 Hot standby IP address is 172.20.128.3 configured Active router is 172.20.128.1 expires in 00:00:09 Standby router is local Standby virtual mac address is 0000.0c07.ac01 Name is bbb
VLAN1 – Group 100 Local state is Standby, priority 105, may preempt Hellotime 3 holdtime 10 Next hello sent in 00:00:02.262 Hot standby IP address is 172.20.138.51 configured Active router is 172.20.128.1 expires in 00:00:09 Active router is local Standby router is unknown expired Standby virtual mac address is 0000.0c07.ac64 Name is test
Configuration Examples for Configuring HSRP
Enabling HSRP: Example
This example shows how to activate HSRP for group 1 on an interface. The IP address used by the hot standby group is learned by using HSRP.
Note This procedure is the minimum number of steps required to enable HSRP. Other configurations are optional.
Switch # configure terminal Switch(config) # interface gigabitethernet1/0/1 Switch(config-if)# no switchport Switch(config-if)# standby 1 ip Switch (config-if)# end Switch # show standby
Example: Configuration and Verification for an HSRP Group
The following example shows configuration and verification for an HSRP group for IPv6 that consists of Device1 and Device2. The show standby command is issued for each device to verify the device’s configuration:
Device 1 configuration
interface FastEthernet0/0.100 description DATA VLAN for PCs encapsulation dot1Q 100 ipv6 address 2001:DB8:CAFE:2100::BAD1:1010/64 standby version 2 standby 101 priority 120 standby 101 preempt delay minimum 30 standby 101 authentication ese standby 101 track Serial0/1/0.17 90 standby 201 ipv6 autoconfig standby 201 priority 120 standby 201 preempt delay minimum 30

Redundancy Protocol Configuration Guide, Cisco Catalyst IE3x00 and IE3100 Rugged, IE3400 Heavy Duty, and ESS3300 Series Switches 46

Configuring HSRP

Example: Configuration and Verification for an HSRP Group

standby 201 authentication ese standby 201 track Serial0/1/0.17 90 Device1# show standby FastEthernet0/0.100 – Group 101 (version 2) State is Active 2 state changes, last state change 5w5d Active virtual MAC address is 0000.0c9f.f065 Local virtual MAC address is 0000.0c9f.f065 (v2 default) Hello time 3 sec, hold time 10 sec Next hello sent in 2.296 secs Authentication text “ese” Preemption enabled, delay min 30 secs Active router is local Priority 120 (configured 120) Track interface Serial0/1/0.17 state Up decrement 90 IP redundancy name is “hsrp-Fa0/0.100-101” (default) FastEthernet0/0.100 – Group 201 (version 2) State is Active 2 state changes, last state change 5w5d Virtual IP address is FE80::5:73FF:FEA0:C9 Active virtual MAC address is 0005.73a0.00c9 Local virtual MAC address is 0005.73a0.00c9 (v2 IPv6 default) Hello time 3 sec, hold time 10 sec Next hello sent in 2.428 secs Authentication text “ese” Preemption enabled, delay min 30 secs Active router is local Standby router is FE80::20F:8FFF:FE37:3B70, priority 100 (expires in 7.856 sec) Priority 120 (configured 120) Track interface Serial0/1/0.17 state Up decrement 90 IP redundancy name is “hsrp-Fa0/0.100-201” (default)
Device 2 configuration
interface FastEthernet0/0.100 description DATA VLAN for Computers encapsulation dot1Q 100 ipv6 address 2001:DB8:CAFE:2100::BAD1:1020/64 standby version 2 standby 101 preempt standby 101 authentication ese standby 201 ipv6 autoconfig standby 201 preempt standby 201 authentication ese Device2# show standby FastEthernet0/0.100 – Group 101 (version 2) State is Standby 7 state changes, last state change 5w5d Active virtual MAC address is 0000.0c9f.f065 Local virtual MAC address is 0000.0c9f.f065 (v2 default) Hello time 3 sec, hold time 10 sec Next hello sent in 0.936 secs Authentication text “ese” Preemption enabled MAC address is 0012.7fc6.8f0c Standby router is local Priority 100 (default 100) IP redundancy name is “hsrp-Fa0/0.100-101” (default) FastEthernet0/0.100 – Group 201 (version 2) State is Standby 7 state changes, last state change 5w5d Virtual IP address is FE80::5:73FF:FEA0:C9 Active virtual MAC address is 0005.73a0.00c9 Local virtual MAC address is 0005.73a0.00c9 (v2 IPv6 default) Hello time 3 sec, hold time 10 sec

Redundancy Protocol Configuration Guide, Cisco Catalyst IE3x00 and IE3100 Rugged, IE3400 Heavy Duty, and ESS3300 Series Switches 47

Configuring HSRP Priority: Example

Configuring HSRP

Next hello sent in 0.936 secs Authentication text “ese” Preemption enabled Active router is FE80::212:7FFF:FEC6:8F0C, priority 120 (expires in 7.548 sec) MAC address is 0012.7fc6.8f0c Standby router is local Priority 100 (default 100) IP redundancy name is “hsrp-Fa0/0.100-201” (default)
Configuring HSRP Priority: Example
This example activates a port, sets an IP address and a priority of 120 (higher than the default value), and waits for 300 seconds (5 minutes) before attempting to become the active router:
Switch # configure terminal Switch(config) # interface gigabitethernet1/0/1 Switch(config-if)# no switchport Switch(config-if)# standby ip 172.20.128.3 Switch(config-if)# standby priority 120 preempt delay 300 Switch(config-if)# end Switch # show standby
Configuring MHSRP: Example
This example shows how to enable the MHSRP configuration shown in the figure MHSRP Load Sharing
Router A Configuration
Switch # configure terminal Switch(config) # interface gigabitethernet1/0/1 Switch(config-if)# no switchport Switch(config-if)# ip address 10.0.0.1 255.255.255.0 Switch(config-if)# standby ip 10.0.0.3 Switch(config-if)# standby 1 priority 110 Switch(config-if)# standby 1 preempt Switch(config-if)# standby 2 ip 10.0.0.4 Switch(config-if)# standby 2 preempt Switch(config-if)# end
Router B Configuration
Switch # configure terminal Switch(config) # interface gigabitethernet1/0/1 Switch(config-if)# no switchport Switch(config-if)# ip address 10.0.0.2 255.255.255.0 Switch(config-if)# standby ip 10.0.0.3 Switch(config-if)# standby 1 preempt Switch(config-if)# standby 2 ip 10.0.0.4 Switch(config-if)# standby 2 priority 110 Switch(config-if)# standby 2 preempt Switch(config-if)# end

Redundancy Protocol Configuration Guide, Cisco Catalyst IE3x00 and IE3100 Rugged, IE3400 Heavy Duty, and ESS3300 Series Switches 48

Configuring HSRP

Configuring HSRP Authentication and Timer: Example

Configuring HSRP Authentication and Timer: Example
This example shows how to configure word as the authentication string required to allow Hot Standby routers in group 1 to interoperate:
Switch # configure terminal Switch(config) # interface gigabitethernet1/0/1 Switch(config-if)# no switchport Switch(config-if)# standby 1 authentication word Switch(config-if)# end
This example shows how to set the timers on standby group 1 with the time between hello packets at 5 seconds and the time after which a router is considered down to be 15 seconds:
Switch # configure terminal Switch(config) # interface gigabitethernet1/0/1 Switch(config-if)# no switchport Switch(config-if)# standby 1 ip Switch (config-if)# standby 1 timers 5 15 Switch(config-if)# end

Redundancy Protocol Configuration Guide, Cisco Catalyst IE3x00 and IE3100 Rugged, IE3400 Heavy Duty, and ESS3300 Series Switches 49

Configuring HSRP Authentication and Timer: Example

Configuring HSRP

Redundancy Protocol Configuration Guide, Cisco Catalyst IE3x00 and IE3100 Rugged, IE3400 Heavy Duty, and ESS3300 Series Switches 50

3 C H A P T E R

Media Redundancy Protocol

· Information About MRP, on page 51 · MRP Modes, on page 52 · Protocol Operation, on page 52 · Media Redundancy Automanager (MRA), on page 54 · License Levels, on page 55 · Multiple MRP Rings, on page 56 · MRP-STP Interoperability, on page 56 · Prerequisites, on page 56 · Guidelines and Limitations, on page 57 · Default Settings, on page 59 · Activating the MRP License, on page 59 · Configuring PROFINET MRP Mode Using TIA 15 or STEP7, on page 68 · Configuring MRP CLI Mode, on page 74 · Re-enabling PROFINET MRP, on page 81 · Verifying Configuration, on page 82 · Configuration Example, on page 83 · Feature History, on page 86
Information About MRP
Media Redundancy Protocol (MRP), defined in International Electrotechnical Commission (IEC) standard 62439-2, provides fast convergence in a ring network topology for Industrial Automation networks. MRP Media Redundancy Manager (MRM) defines its maximum recovery times for a ring in the following range: 10 ms, 30 ms, 200 ms and 500 ms.
Note The default maximum recovery time on the Cisco IE switch is 200 ms for a ring composed of up to 50 nodes. You can configure the switch to use the 30 ms or the 500 ms recovery time profile as described in Configuring MRP Manager. The 10 ms recovery time profile is not supported.
MRP is supported on the following switches: · Cisco Catalyst IE3x00 Rugged Series Switches (IE3200, IE3300, and IE3400)
Redundancy Protocol Configuration Guide, Cisco Catalyst IE3x00 and IE3100 Rugged, IE3400 Heavy Duty, and ESS3300 Series Switches 51

MRP Modes

Media Redundancy Protocol (MRP)

· Cisco Catalyst IE3400 Heavy Duty Series Switches · Cisco Catalyst IE3100 Rugged Series Switches (IE3100 and IE3105)
Note MRP is not supported on Cisco Catalyst ESS3300 Switches.
MRP operates at the MAC layer and is commonly used in conjunction with the PROFINET standard for industrial networking in manufacturing.
MRP Modes
There are two modes of MRP supported on the switch; however, only one mode can be enabled to operate on the switch at any given time:
· PROFINET MRP mode–Deployed in a PROFINET environment, the switch is added and managed by Siemens Totally Integrated Automation (TIA) Framework. This is the default MRP mode if the MRP manager or client license is activated through the web interface or command line.
Note When managing the switch with TIA, do not use the CLI or WebUI to configure MRP.
· MRP Command-line interface (CLI) mode–This mode is managed by the Cisco IOS CLI and WebUI, a web-based user interface (UI).
Note When managing the switch in MRP CLI mode, you cannot download the MRP configuration from Siemens STEP7/TIA.
Protocol Operation
In an MRP ring, the MRM serves as the ring manager, while the Media Redundancy Clients (MRCs) act as member nodes of the ring. Each node (MRM or MRC) has a pair of ports to participate in the ring. The MRM initiates and controls the ring topology to react to network faults by sending control frames on one ring port over the ring and receiving them from the ring over its other ring port, and conversely in the other direction. An MRC reacts to received reconfiguration frames from the MRM and can detect and signal link changes on its ring ports. On Cisco Catalyst IE3x00 and IE3100 Rugged Series and IE3400 Heavy-Duty Switches, certain nodes or all nodes in the ring can also be configured to start as a Media Redundancy Automanager (MRA). MRAs select one MRM among each other by using a voting protocol and a configured priority value. The remaining MRAs transition to the MRC role. All MRM and MRC ring ports support the following states:
· Disabled: Ring ports drop all received frames.

Redundancy Protocol Configuration Guide, Cisco Catalyst IE3x00 and IE3100 Rugged, IE3400 Heavy Duty, and ESS3300 Series Switches 52

Media Redundancy Protocol (MRP)

Protocol Operation

· Blocked: Ring ports drop all received frames except MRP control frames and some standard frames, for example, LLDP.
· Forwarding: Ring ports forward all received frames.
· Not Connected: The link is physically down or disconnected. (This state differs from the Disabled state, in which the MRP Port is manually disabled through software.)
During normal operation, the network operates in the Ring-Closed state (see figure below). To prevent a loop, one of the MRM ring ports is blocked, while the other port is forwarding. Most of the time, both ring ports of all MRCs are in the forwarding state. With this loop avoidance, the physical ring topology becomes a logical stub topology.
In the figure, note the following details about the two rings, left and right:
· Left Ring: The connection (small blue square, top) on the MRM is in a blocked state (as shown by the two parallel lines) because no ports are disconnected.
· Right Ring: Two MRC connections (left and center small white squares) are in the disabled state because the link between them is broken, as marked by a red “x”.
Figure 4: MRP Ring States

If a network failure occurs: · The network shifts into the Ring-Open state. · In the case of failure of a link connecting two MRCs, both ring ports of the MRM change to the forwarding state, the MRCs adjacent to the failure have a disabled and a forwarding ring port, and the other MRCs have both ring ports forwarding.
Redundancy Protocol Configuration Guide, Cisco Catalyst IE3x00 and IE3100 Rugged, IE3400 Heavy Duty, and ESS3300 Series Switches 53

Media Redundancy Automanager (MRA)

Media Redundancy Protocol (MRP)

In the Ring-Open state, the network logical topology becomes a stub. Layer 2 Ethernet frames will be lost during the time required for the transition between these two ring states. The MRP protocol defines the procedures to automatically manage the switchover to minimize the switchover time. A recovery time profile, composed of various parameters, drives the MRP topology convergence performance. The 200 ms profile supports a maximum recovery time of 200 ms. MRP uses three types of control frames:
· To monitor the ring status, MRM regularly sends test frames on both ring ports.
· When MRM detects failure or recovery, it sends TopoChange frames on both ring ports.
· When MRC detects failure or recovery on a local port, it sends LinkChange subtype frames, Linkdown and Linkup, to the MRM.
Media Redundancy Automanager (MRA)
Note MRA can be activated through the CLI or through PROFINET.
If configured to start as a Media Redundancy Automanager (MRA), the node or nodes select an MRM using a voting protocol and configured priority value. The remaining MRAs transition to the MRC role. All nodes must be configured as MRA or MRC. A manually configured MRM and MRA in the same ring is not supported. The MRA role is not an operational MRP role like MRM or MRC. It is only an administrative, temporary role at device startup, and a node must transition to the MRM role or the MRC role after startup and the MRM is selected though the manager voting process. MRA functions as follows: 1. At power on, all MRAs begin the manager voting process. Each MRA begins to send MRP_Test frames
on both ring ports. The MRP_Test frame contains the MRA’s priority value. The remote manager’s priority value contained in the received MRP_Test frames are compared with the MRA’s own priority. If its own priority is higher than the received priority, the MRA sends a negative test manager acknowledgement (MRP_TestMgrNAck) frame, along with the remote manager’s MAC address.
2. If the receiving MRA receives an MRP_TestMgrNAck with its own MAC address, the receiving MRA initiates the transition into the client (MRC) role.
3. The MRP_TestPropagate frame informs other MRA devices in the client role about the role change and the new higher priority manager. The clients receiving this frame update their higher priority manager information accordingly. This ensures that clients remain in the client role if the monitored higher priority manager role changes.

Redundancy Protocol Configuration Guide, Cisco Catalyst IE3x00 and IE3100 Rugged, IE3400 Heavy Duty, and ESS3300 Series Switches 54

Media Redundancy Protocol (MRP)

License Levels

License Levels
Note Information about the MRP feature license described below applies only to Cisco IOS XE releases earlier than 17.7.1. Use of MRP in Cisco IOS XE 17.7.1 and later does not require a feature license, only the Network Essentials Base license. Information below about Base Licenses and Add-On Licenses applies to all Cisco IOS XE releases.
In Cisco IOS XE releases prior to 17.7.1, use of the MRP feature requires a feature license. The feature license is enforced and must be authorized by Cisco before the feature can be enabled. To use the MRP feature, you buy an MRP feature license and Cisco installs an authorization code on your device at the time the device is purchased, or you can install the authorization code on your device using the license smart authorization request add local command. In online mode, the device requests the license from the Cisco Smart Software Manager (CSSM) directly or through the Cisco Smart Licensing Utility (CSLU). The CSSM returns a smart license authorization code (SLAC) to the Product Instance (PI) directly or through the CSLU. If a device receives the authorization code, the smart agent on the device stores this authorization code in the tamper-proof trusted store and you can enable the feature. If you install the authorization code and do not enable the feature, when you boot the device the smart agent on the device will honor the auth- code that was stored in trusted store. The device does not need to request the authorization code from the CSSM again and you can enable the feature. The software features available on Cisco Catalyst IE3x00 Rugged and IE3400H switches fall under these base or add-on license levels.
Base Licenses
· Network Essentials
· Network Advantage–Includes features available with the Network Essentials license and more.
Add-On Licenses
Add-On Licenses require a Network Essentials or Network Advantage as a pre- requisite. The features available with add-on license levels provide Cisco innovations on the switch, as well as on the Cisco Digital Network Architecture Center (Cisco DNA Center).
· DNA Essentials
· DNA Advantage– Includes features available with the DNA Essentials license and more.
To find information about platform support and to know which license levels a feature is available with, use Cisco Feature Navigator. To access Cisco Feature Navigator, go to https://www.cisco.com/go/cfn. An account on cisco.com is not required.
Feature Licenses
Feature Licenses are bound to a specific feature or set of features. Feature licenses can be enabled regardless of Base License (Network Advantage or Network Essential). Feature licenses are Smart Licenses as well and require a Smart Account to be activated.

Redundancy Protocol Configuration Guide, Cisco Catalyst IE3x00 and IE3100 Rugged, IE3400 Heavy Duty, and ESS3300 Series Switches 55

Multiple MRP Rings

Media Redundancy Protocol (MRP)

Note The MRP feature license requirement is removed in Cisco IOS XE 17.7.1 and later. The MRP feature is available as a part of Network Essentials Licensing. In releases prior to Cisco IOS XE 17.7.1, use of MRP requires a feature license and the following information applies only to those earlier releases. There are 2 MRP licenses available for IE3x00:
· LIC-MRP-MGR-XE= MRP Ring Manager license. · LIC-MRP-CLIENT-XE= MRP Ring Client license.
See Activating the MRP License, on page 59 for procedures to activate the MRP license. For more information about Smart Licensing, see Smart Licensing Using Policy for Cisco Enterprise Routing Platforms.
Multiple MRP Rings
In an Industrial Ethernet network, an MRP ring in a cell/area is a sub-ring of the access layer. You can connect multiple MRP rings, which you can then aggregate into the distribution layer.
Note The MRP feature license requirement is removed in Cisco IOS XE 17.7.1 and later.
You can configure up to three rings, and you can configure the switch as either automanager or client.
MRP-STP Interoperability
MRP works with Spanning Tree Protocol (STP) to prevent unwanted broadcast loops in the event that a user accidentally connects a device that does not participate in the MRP ring. In a network operating with MRP and STP, spanning tree BPDUs are not sent on MRP-enabled ports. If ports are unconfigured from an MRP ring, then the ports are added to the spanning tree. MRP-STP interoperability is supported for both PROFINET MRP mode and MRP CLI mode, and functions without additional CLI configuration.
Prerequisites
· Before configuring a ring, in Cisco IOS XE releases 17.6.x and earlier, ensure that you have enabled MRP Manager/Client licenses. These can be obtained from Smart licensing account, and by following the SL or SLR process to activate the feature licenses.
· Use of MRP in Cisco IOS XE 17.7.1 and later is available with the Networking Essentials license. · Because MRP is deployed in a physical Ring topology, before configuring or unconfiguring the MRP
feature, it is advised to leave one physical connection between two nodes in each ring open by either issuing a shut command on the connecting interfaces or physically removing the cable to avoid any
Redundancy Protocol Configuration Guide, Cisco Catalyst IE3x00 and IE3100 Rugged, IE3400 Heavy Duty, and ESS3300 Series Switches 56

Media Redundancy Protocol (MRP)

Guidelines and Limitations

network storms. After you have properly configured all MRCs and MRMs, issue a no shut command on the port or re-connect the cable between the nodes. · In Cisco IOS XE releases 17.6.x and earlier, activate the MRP License before you configure the MRP protocol. · Determine the MRP configuration on the switch: MRA, or MRC. · When the network is managed by SIMATIC TIA or STEP7, ensure that the basic PROFINET connection is on. · The MRP default VLAN is 1. To use a non-default VLAN, you must configure the PROFINET VLAN ID before assigning it to the MRP configuration.
Guidelines and Limitations
· MRP is supported on Cisco Catalyst IE3x00 and IE3100 Rugged Series and IE3400 Heavy Duty Series Switches. MRP is not supported on ESS3300 Switches.
· In Cisco IOS XE 17.7.1 and later, the MRP feature is available as a part of Network Essentials Licensing. In releases prior to Cisco IOS XE 17.7.1, use of MRP requires a feature license that must be activated using the Cisco switch CLI.
· By default, Profinet MRP mode is enabled on Cisco Catalyst IE3x00 switches. You can configure MRP, including the MRP role, using the Cisco switch CLI only after you disable the PROFINET MRP function using the Cisco switch CLI.
Note Profinet MRP mode is not supported by default on Cisco Catalyst IE3x00 switches. You must use the Cisco switch CLI for configuration.
When PROFINET MRP is enabled, use STEP7 and TIA to configure MRP, including the MRP role. · To avoid Smart License registration failure, ensure that the NTP configuration and the device clock are
in sync. · With the MRP manager license (Cisco IOS XE 17.6.x and earlier), you can configure up to three rings
on a device (each MRP instance can be manager or client), with a manager instance for each ring. · Support for multiple MRP rings is available only through the CLI or WebUI. · The switch supports up to 50 MRCs per ring. · MRP cannot run on the same interface (port) as Resilient Ethernet Protocol (REP), Spanning Tree Protocol
(STP), Flex Links, macsec, or Dot1x. · STP does not run on MRP segments. MRP interfaces drop all STP BPDUs. · For access ports, you must specifically configure switchport mode access and switchport access vlan
x commands in the MRP interface.
· MRP interfaces come up in a forwarding state and remain in a forwarding state until notified that it is safe to block. The MRP ring state changes to Ring-Closed.

Redundancy Protocol Configuration Guide, Cisco Catalyst IE3x00 and IE3100 Rugged, IE3400 Heavy Duty, and ESS3300 Series Switches 57

Guidelines and Limitations

Media Redundancy Protocol (MRP)

· MRP ports cannot be configured as any of these port types: SPAN destination port, Private VLAN port, or Tunnel port. Additionally, when operating in PROFINET mode, you cannot configure MRP ports as Trunk ports.
· MRP is not supported on EtherChannels or on an individual port that belongs to an EtherChannel.
· Each MRP ring can have one MRP VLAN. The VLAN must be different for each ring in a device to avoid traffic flooding.
PROFINET MRP Mode Only
· PROFINET MRP mode is supported on IE3x00 Series Switches; it is not supported on IE3100 Rugged Series Switches.
· Ensure that you configure the correct ring ID on client and manager. Ring ID configuration is not automatically validated by the switch.
· You can configure only one MRP ring in PROFINET MRP mode.
Note The number of MRP rings displayed in the show profinet status command output indicates the maximum number of rings allowed for configuration through the CLI and not through PROFINET.
· In PROFINET MRP, which is managed by STEP7 and TIA, only Layer 2 access ports are supported because PROFINET does not have the concept of VLAN tagging.
· The 10 ms profile is not supported.
· When using PROFINET MRP mode, we recommend setting the LLDP timer to 5 ms or 10 ms to ensure PROFINET can see neighbor devices and to avoid a Siemens PLC timeout.
· When a new pluggable module GSD file is installed in TIA/ STEP7, you must recreate the project in TIA/Step7. The existing project, which was created using the old GSD file, will display an error when you attempt to select the new GSD file for the same device. This occurs because the combo ports in the pluggable module SKUs were previously defined as fixed ports.
· You cannot change the role of any node from MRA to MRC after all nodes come up in MRA mode, either by breaking the ring (by shutting the port or physically removing the cable) or manually configuring the role change. If you want an MRP ring configuration with MRA and MRCs, you need to initially configure only one node as MRA and the rest as MRCs.
MRP CLI Mode Only
· After using the CLI to configure the MRP ring, you must attach the MRP ring to a pair of ports that support MRP.
· Both MRP ports must have the same interface mode (access or trunk).
· To change an existing MRP ring’s configuration (mode), or to change the interface mode of the ring ports between access and trunk, you must first delete the ring and then recreate it with the new configuration.
· When both MRP ports are in access mode, the access VLANs should match. If the configured MRP VLAN does not match the ports’ access VLAN, the MRP VLAN is automatically changed to the MRP ports’ access VLAN.

Redundancy Protocol Configuration Guide, Cisco Catalyst IE3x00 and IE3100 Rugged, IE3400 Heavy Duty, and ESS3300 Series Switches 58

Media Redundancy Protocol (MRP)

Default Settings

· In an MRP ring with two access ports, if the ports do not belong to the same access VLAN when you create the MRP ring or you change the access VLAN for only one of the ports after the MRP ring is created, the MRP ring operation is suspended and a message similar to the following is displayed:
ERROR% The ring 1 ports don’t belong to the same access VLAN. The MRP ring will not function until the issue has been fixed
Resolve the issue by configuring the access VLAN to be the same for the two ring ports. · The 200 ms standard profile, 500 ms profile, and 30 ms profile are supported. The 10 ms profile is not
supported. · MRA can be activated through CLI and PROFINET.
Default Settings
· In Cisco IOS XE 17.6.x and earlier, MRM and MRC licenses are not installed by default. Starting with 17.7.1 a feature license is no longer required for MRP.
· (Cisco IOS XE 17.6.x and earlier) PROFINET MRP mode is enabled by default when MRM or MRC licenses are enabled.
· MRP is disabled by default. · The default VLAN is 1. · Create the non- default VLAN before you assign it to MRP ring 1.
Activating the MRP License
Note Activating the MRP license applies to Cisco IOS XE 17.6.x and earlier. The MRP feature license requirement is removed in Cisco IOS XE 17.7.1 and later.
The procedure to activate the MRP license depends on whether you are using Smart Licensing in online mode or offline mode. Each mode has two scenarios:
· Online mode: · The device is connected directly to the Cisco Smart Software Manager (CSSM). · The device is connected to the CSSM through the CSLU.
· Offine mode: · The device is not connected to the CSSM or the CSLU. · The device is in CSLU mode and not connected to the CSSM.
Perform one of the following procedures to activate the MRP license, based on your Smart Licensing mode.

Redundancy Protocol Configuration Guide, Cisco Catalyst IE3x00 and IE3100 Rugged, IE3400 Heavy Duty, and ESS3300 Series Switches 59

Device Directly Connected to CSSM

Media Redundancy Protocol (MRP)

Note The following procedures show examples of activating both the MRP Manager and Client licenses. When activating the MRP license on your switch, enter the commands for your license type: mrp-manager or mrp-client.

Device Directly Connected to CSSM
To activate the MRP license when the device is directly connected to the CSSM, follow these steps.

Step 1 Step 2
Step 3 Step 4 Step 5
Step 6

Enter configuration mode:
configure terminal
Configure the transport mode:
license smart transport smart
license smart url smart
Example:
conf t (config)#license smart transport smart (config)# license smart url smart https://smartreceiver.cisco.com/licservice/license (config)#end wr
Check the transport mode configuration:
show license all
Example:
Switch#show license all Transport:
Type: Smart URL: license smart url smart https://smartreceiver.cisco.com/licservice/license
Establish trust with the CSSM:
license smart trust idtoken local force
A syslog message indicates if trust is established.
Verify that trust got established:
show license tech sup | i INSTALL
Example:
Switch#show licence tech sup | i INSTALL Reservation status: NOT INSTALLED
Local Device: P:IE-3300-8T2X,S:FCW24160H8C, state[2], Trust Data INSTALLED Overall Trust: INSTALLED (2) Switch#
Request and install the Smart License Authorization Code (SLAC) to allow usage of MRP licenses:
license smart authorization request add mrp_manager local

Redundancy Protocol Configuration Guide, Cisco Catalyst IE3x00 and IE3100 Rugged, IE3400 Heavy Duty, and ESS3300 Series Switches 60

Media Redundancy Protocol (MRP)

Device Connected to CSSM through CSLU

Step 7

or
license smart authorization request add mrp_client local
Example:
Switch#license smart authorization request add mrp_manager local Switch#license smart authorization request add mrp_client local Switch#show licence summary

License Usage:

License

Entitlement tag

Count Status

—————————————————————————–

network-advantage

(IE3400H_Network_Advantage)

1 IN USE

dna-essentials

(IE3400H_DNA_Essentials)

1 IN USE

MRP ring manager lic… (IE3x00_LIC_MRP_Manager)

0 NOT IN USE

MRP ring client lice… (IE3x00_LIC_MRP_Client)

0 NOT IN USE

Switch #

Read User Manual Online (PDF format)

Loading......

Download This Manual (PDF format)

Download this manual >>

CISCO IE3400 Heavy Duty and Series Switches User Guide

CISCO IE3400 Heavy Duty and Series Switches

Product Information

Product Usage Instructions

Frequently Asked Questions

High-Availability Seamless Redundancy

DETAILED STEPS

HSRP Overview

Configuring HSRP

Media Redundancy Protocol

Guidelines and Limitations

Read User Manual Online (PDF format)

Download This Manual (PDF format)

Cisco User Manuals

Related Manuals