WEBVTT 00:00:00.000 --> 00:00:05.000 align:middle line:84% In the previous video, we made switch 1 00:00:05.000 --> 00:00:09.000 align:middle line:84% the Spanning Tree root for VLAN 10 and VLAN 1 00:00:09.000 --> 00:00:14.000 align:middle line:84% as well as making switch 2 the Spanning Tree root for VLAN 20 00:00:14.000 --> 00:00:18.000 align:middle line:84% we can see that as an example by going into switch 1 00:00:18.000 --> 00:00:21.000 align:middle line:84% and typing show spanning-tree vlan 10 00:00:21.000 --> 00:00:27.000 align:middle line:84% Notice this switch or this bridge is the Spanning Tree root for VLAN 10 00:00:27.000 --> 00:00:33.000 align:middle line:84% as well as the Spanning Tree root for VLAN 1 00:00:33.000 --> 00:00:35.000 align:middle line:84% here's switch 2 00:00:35.000 --> 00:00:40.000 align:middle line:84% so show spanning-tree vlan 20 00:00:40.000 --> 00:00:43.000 align:middle line:84% this switch or bridge is the root for VLAN 20. 00:00:43.000 --> 00:00:46.000 align:middle line:84% Once again, the reason why we use terms bridge 00:00:46.000 --> 00:00:48.000 align:middle line:84% rather than switch in Spanning Tree 00:00:48.000 --> 00:00:51.000 align:middle line:84% is that Spanning Tree has been around for a long time 00:00:51.000 --> 00:00:54.000 align:middle line:84% so we talk about bridges rather than switches 00:00:54.000 --> 00:00:56.000 align:middle line:84% in some of the Spanning Tree terminology. 00:00:56.000 --> 00:01:01.000 align:middle line:84% Spanning Tree was developed when bridges were used instead of switches. 00:01:01.000 --> 00:01:05.000 align:middle line:84% So we’ve got the roots configured in Spanning Tree. 00:01:05.000 --> 00:01:11.000 align:middle line:84% We have enabled in previous videos redundancy between these switches. 00:01:11.000 --> 00:01:16.000 align:middle line:84% So as an example, switch 3 has 2 uplinks to the core and so the switch 4 00:01:16.000 --> 00:01:19.000 align:middle line:84% so we have redundancy at layer 1 and layer 2 00:01:19.000 --> 00:01:23.000 align:middle line:84% but now we need to implement redundancy at layer 3. 00:01:23.000 --> 00:01:25.000 align:middle line:84% Here’s the problem 00:01:25.000 --> 00:01:30.000 align:middle line:84% root 1 which is acting as PC 1 in this topology is in VLAN 10. 00:01:30.000 --> 00:01:34.000 align:middle line:84% It needs to be configured with the default gateway 00:01:34.000 --> 00:01:37.000 align:middle line:84% so which switch will become its default gateway 00:01:37.000 --> 00:01:42.000 align:middle line:84% switch 1 or switch 2? Both switches have IP addresses in VLAN 10. 00:01:42.000 --> 00:01:47.000 align:middle line:84% Switch 1 is 10.1.10.1 and switch 2 is 10.1.10.2 00:01:47.000 --> 00:01:51.000 align:middle line:84% so which switch will be configured as the default gateway 00:01:51.000 --> 00:01:55.000 align:middle line:84% and what will happen when that switch goes down 00:01:55.000 --> 00:02:00.000 align:middle line:84% as an example, you probably wanna make a switch 1 the default gateway 00:02:00.000 --> 00:02:03.000 align:middle line:84% for router 1 because switch 1 is the Spanning Tree root 00:02:03.000 --> 00:02:07.000 align:middle line:84% which should mean that traffic at both layer 2 and layer 3 00:02:07.000 --> 00:02:09.000 align:middle line:84% will traverse this link and get to switch 1 00:02:09.000 --> 00:02:15.000 align:middle line:84% the problem is, if you make switch 1 the default gateway for PCs 00:02:15.000 --> 00:02:17.000 align:middle line:84% in VLAN 10 and switch 1 goes down 00:02:17.000 --> 00:02:21.000 align:middle line:84% where will those PCs send their traffic? 00:02:21.000 --> 00:02:23.000 align:middle line:84% they won’t be able to reach their default gateway 00:02:23.000 --> 00:02:28.000 align:middle line:84% which means that they won’t be able to send traffic off VLAN 10. 00:02:28.000 --> 00:02:30.000 align:middle line:84% in other words, they won’t be able to access the Internet 00:02:30.000 --> 00:02:33.000 align:middle line:84% or other service and devices in a separate VLAN 00:02:33.000 --> 00:02:36.000 align:middle line:84% the same is true for devices in VLAN 20 00:02:36.000 --> 00:02:40.000 align:middle line:84% if VLAN 20 devices have switch 2 as the default gateway 00:02:40.000 --> 00:02:45.000 align:middle line:84% in other words, we configured the default gateway as 10.1.20.2 00:02:45.000 --> 00:02:47.000 align:middle line:84% and switch 2 goes down, what happens then? 00:02:47.000 --> 00:02:49.000 align:middle line:84% the default gateway is down 00:02:49.000 --> 00:02:54.000 align:middle line:84% which means that they won’t be able to for example ping devices in VLAN 10 00:02:54.000 --> 00:02:57.000 align:middle line:84% or access devices on the Internet. 00:02:57.000 --> 00:03:00.000 align:middle line:84% So this is where first hop redundancy protocols 00:03:00.000 --> 00:03:05.000 align:middle line:84% such as Hot Standby router Protocol or HSRP are used. 00:03:05.000 --> 00:03:08.000 align:middle line:84% HSRP is a Cisco propriety protocol 00:03:08.000 --> 00:03:11.000 align:middle line:84% that allows you to implement first hop redundancy. 00:03:11.000 --> 00:03:14.000 align:middle line:84% The industry standard version of the protocol 00:03:14.000 --> 00:03:17.000 align:middle line:84% is VRRP or Virtual router Redundancy Protocol. 00:03:17.000 --> 00:03:21.000 align:middle line:84% The idea here is that you configure your 2 switches 00:03:21.000 --> 00:03:24.000 align:middle line:84% with a virtual IP address 00:03:24.000 --> 00:03:27.000 align:middle line:84% these 2 switches will have an election 00:03:27.000 --> 00:03:31.000 align:middle line:84% and choose who is in charge of forwarding traffic 00:03:31.000 --> 00:03:34.000 align:middle line:84% on behalf of a virtual router 00:03:34.000 --> 00:03:39.000 align:middle line:84% In this topology, we'll have 2 physical switches configured 00:03:39.000 --> 00:03:43.000 align:middle line:84% with IP addresses in say VLAN 10 but a virtual switch 00:03:43.000 --> 00:03:47.000 align:middle line:84% or a virtual router is created through the configuration 00:03:47.000 --> 00:03:50.000 align:middle line:84% and that virtual router or virtual switch 00:03:50.000 --> 00:03:53.000 align:middle line:84% becomes the default gateway for your devices. 00:03:53.000 --> 00:03:56.000 align:middle line:84% I’ll talk about virtualrouters rather than virtual switches 00:03:56.000 --> 00:03:59.000 align:middle line:84% or layer 3 switches for most of this discussion 00:03:59.000 --> 00:04:02.000 align:middle line:84% because that’s how HSRP is written and describe 00:04:02.000 --> 00:04:06.000 align:middle line:84% but essentially what you do on your PC is you configure 00:04:06.000 --> 00:04:09.000 align:middle line:84% a default gateway of a virtual switch. 00:04:09.000 --> 00:04:19.000 align:middle line:84% Logically a router is created through HSRP 00:04:19.000 --> 00:04:24.000 align:middle line:84% now this router is not a physical router or real router 00:04:24.000 --> 00:04:26.000 align:middle line:84% that’s going to exist in our topology. 00:04:26.000 --> 00:04:31.000 align:middle line:84% It’s simply created through the HSRP commands configured on the switches. 00:04:31.000 --> 00:04:38.000 align:middle line:84% PCs such as the PC in VLAN 10 will be configured 00:04:38.000 --> 00:04:43.000 align:middle line:84% with a default gateway in our example of 10.0.254 00:04:43.000 --> 00:04:47.000 align:middle line:84% so rather than the PC being configured 00:04:47.000 --> 00:04:51.000 align:middle line:84% with the default gateway of switch 1 or switch 2 00:04:51.000 --> 00:04:56.000 align:middle line:84% the default gateway is this virtual HSRP router 00:04:56.000 --> 00:05:01.000 align:middle line:84% this HSRP router will have its own IP address as shown here for VLAN 10 00:05:01.000 --> 00:05:08.000 align:middle line:84% we'll also configure another virtual router for VLAN 20. 00:05:08.000 --> 00:05:12.000 align:middle line:84% In addition, this router has its own MAC address 00:05:12.000 --> 00:05:16.000 align:middle line:84% based on a group number configured in the HSRP. 00:05:16.000 --> 00:05:21.000 align:middle line:84% The PC's are unaware that they are talking to a virtual device 00:05:21.000 --> 00:05:24.000 align:middle line:84% they think they’re talking to a physical router 00:05:24.000 --> 00:05:27.000 align:middle line:84% but in actual fact, they're talking to the switches 00:05:27.000 --> 00:05:30.000 align:middle line:84% which are pretending to be this virtual router 00:05:30.000 --> 00:05:33.000 align:middle line:84% We can manipulate which physical switch 00:05:33.000 --> 00:05:37.000 align:middle line:84% is going to be forwarding traffic on behalf of the virtual router 00:05:37.000 --> 00:05:41.000 align:middle line:84% by changing a priority, the default priority in HSRP is 100 00:05:41.000 --> 00:05:44.000 align:middle line:84% and the highest priority 1's 00:05:44.000 --> 00:05:48.000 align:middle line:84% so we'll influence HSRP so that switch 1 00:05:48.000 --> 00:05:52.000 align:middle line:84% becomes what’s called the active router for VLAN 10 00:05:52.000 --> 00:05:56.000 align:middle line:84% and switch 2 will be the standby router for VLAN 20 00:05:56.000 --> 00:05:58.000 align:middle line:84% switch 2 will be the active router 00:05:58.000 --> 00:06:01.000 align:middle line:84% and switch 1 will be the standby router 00:06:01.000 --> 00:06:05.000 align:middle line:84% and that’s because switch 1 is the root in Spanning Tree for VLAN 10 00:06:05.000 --> 00:06:10.000 align:middle line:84% and switch 2 is the root in Spanning Tree for VLAN 20. 00:06:10.000 --> 00:06:14.000 align:middle line:84% We want to ensure that traffic from this host in VLAN 20 is forwarded 00:06:14.000 --> 00:06:17.000 align:middle line:84% to its default gateway here 00:06:17.000 --> 00:06:20.000 align:middle line:84% which is the same device that’s a Spanning Tree root. 00:06:20.000 --> 00:06:22.000 align:middle line:84% In other words, traffic will take this path 00:06:22.000 --> 00:06:26.000 align:middle line:84% rather than the traffic having to go across multiple links 00:06:26.000 --> 00:06:28.000 align:middle line:84% to get to the default gateway by the same token 00:06:28.000 --> 00:06:35.000 align:middle line:84% this switch will be the active router or active forwarder for VLAN 10 00:06:35.000 --> 00:06:39.000 align:middle line:84% so that VLAN 10 traffic uses this uplink 00:06:39.000 --> 00:06:44.000 align:middle line:84% to get to the Spanning Tree root as well as the default gateway.