Cisco Nexus EIGRP and HSRP Configuration Guide Part 2
This is Part 2 of the Cisco Nexus Data Center Configuration series. In this guide, you will configure SVIs, EIGRP routing, HSRP redundancy, access VLANs, end-device connectivity, and inter-VLAN communication between Nexus switches.
Table of Contents
- Introduction
- Understanding SVIs
- Understanding EIGRP on Nexus
- Understanding HSRP
- Task 1 - Configure SVIs
- Task 2 - Configure EIGRP
- Task 3 - Configure HSRP VLAN 12
- Task 4 - Verify HSRP
- Task 5 - Configure HSRP VLAN 34
- Task 6 - Verify HSRP
- Task 7 - Configure Access Switches
- Task 8 - Configure PCs
- Verification Commands
- Modern Nexus Enhancements
- Troubleshooting
- Related Articles
Introduction to Nexus Layer 3 Services
In Part 1, you configured Cisco Nexus vPC and LACP EtherChannels to build a highly available Layer 2 data center topology.
In Part 2, you move into Layer 3 networking by enabling:
- SVIs (Switched Virtual Interfaces)
- EIGRP dynamic routing
- HSRP gateway redundancy
- End-device communication
- Inter-VLAN routing
These technologies transform the Nexus switches from pure Layer 2 devices into intelligent Layer 3 routing platforms.
Understanding SVIs on Cisco Nexus
SVI stands for Switched Virtual Interface.
Instead of assigning IP addresses directly to physical switchports, Cisco switches typically assign Layer 3 addresses to VLAN interfaces.
Example
Physical Hosts:
$$ Host_1 \\rightarrow VLAN12 $$
Gateway:
$$ 10.10.12.254 $$
SVI Interface:
$$ Interface\\ VLAN12 $$
This SVI becomes the default gateway for all hosts inside the VLAN.
Why SVIs Matter
- Provide Layer 3 gateway functionality
- Enable inter-VLAN routing
- Support dynamic routing protocols
- Simplify network design
- Improve scalability
Understanding EIGRP on Cisco Nexus
EIGRP stands for Enhanced Interior Gateway Routing Protocol.
EIGRP is an advanced distance-vector routing protocol developed by Cisco.
EIGRP Features
- Fast convergence
- Low CPU utilization
- DUAL algorithm
- Unequal-cost load balancing
- Incremental updates
- Reliable neighbor relationships
EIGRP Metric Formula
Simplified EIGRP metric:
$$ Metric = 256 \\times \\left(\\frac{10^7}{Bandwidth} + Delay\\right) $$
Where:
- Bandwidth = slowest link
- Delay = cumulative path delay
Why EIGRP Is Efficient
Unlike RIP, EIGRP does not send full routing tables every 30 seconds. Instead, it sends partial triggered updates.
This dramatically reduces bandwidth consumption.
Understanding HSRP
HSRP stands for Hot Standby Router Protocol.
HSRP provides gateway redundancy.
Without HSRP, if the default gateway fails, hosts lose connectivity.
HSRP Operation
- One router becomes Active
- One router becomes Standby
- Hosts use a virtual IP address
- If Active fails, Standby takes over
HSRP Priority Logic
Higher priority wins:
$$ 105 > 100 $$
Therefore:
$$ NX\\text{-}01 = Active $$
HSRP Version 2 Benefits
- Supports larger group numbers
- Improved scalability
- Enhanced multicast support
- Better IPv6 compatibility
Task 1 - Configure SVIs on Nexus Switches
You enabled Layer 3 VLAN interfaces using the feature interface-vlan command.
NX-01 Configuration
feature interface-vlan
vlan 10,12
interface vlan10
ip address 10.10.10.1/24
no shutdown
interface vlan12
ip address 10.10.12.1/24
no shutdown
NX-02 Configuration
feature interface-vlan
vlan 10,12
interface vlan10
ip address 10.10.10.2/24
no shutdown
interface vlan12
ip address 10.10.12.2/24
no shutdown
NX-03 Configuration
feature interface-vlan
vlan 10,34
interface vlan10
ip address 10.10.10.3/24
no shutdown
interface vlan34
ip address 10.10.34.3/24
no shutdown
NX-04 Configuration
feature interface-vlan
vlan 10,34
interface vlan10
ip address 10.10.10.4/24
no shutdown
interface vlan34
ip address 10.10.34.4/24
no shutdown
Why VLAN 10 Exists Everywhere
VLAN 10 acts as the transit network between all Nexus devices.
This enables routing adjacency formation.
Task 2 - Configure EIGRP
NX-01 EIGRP Configuration
feature eigrp
router eigrp NEXUS
address-family ipv4 unicast autonomous-system 100
interface vlan10
ip router eigrp NEXUS
interface vlan12
ip router eigrp NEXUS
NX-02 EIGRP Configuration
feature eigrp
router eigrp NEXUS
address-family ipv4 unicast autonomous-system 100
interface vlan10
ip router eigrp NEXUS
interface vlan12
ip router eigrp NEXUS
NX-03 EIGRP Configuration
feature eigrp
router eigrp NEXUS
address-family ipv4 unicast autonomous-system 100
interface vlan10
ip router eigrp NEXUS
interface vlan34
ip router eigrp NEXUS
NX-04 EIGRP Configuration
feature eigrp
router eigrp NEXUS
address-family ipv4 unicast autonomous-system 100
interface vlan10
ip router eigrp NEXUS
interface vlan34
ip router eigrp NEXUS
Modern NX-OS EIGRP vs Traditional IOS
| Traditional IOS | Nexus NX-OS |
|---|---|
| network command | interface-based enablement |
| Classic mode | Address-family mode |
| Less granular | More scalable |
Important Difference
NX-OS uses interface-based EIGRP activation instead of traditional network statements.
Task 3 - Configure HSRP VLAN 12
NX-01 Configuration
feature hsrp
interface vlan12
hsrp version 2
hsrp 12
authentication md5 key-string Kbits@123
preempt
priority 105
ip 10.10.12.254
NX-02 Configuration
feature hsrp
interface vlan12
hsrp version 2
hsrp 12
authentication md5 key-string Kbits@123
preempt
ip 10.10.12.254
Why Use Authentication?
HSRP authentication prevents unauthorized devices from joining the HSRP group.
Authentication logic:
$$ CorrectKey = GroupMembership $$
$$ IncorrectKey \\neq GroupMembership $$
Why Preemption Matters
Preemption allows the higher-priority router to retake Active status after recovery.
Task 4 - Verify HSRP
NX-01# show hsrp brief
Vlan12 - Group 12
State is Active
Virtual IP address is 10.10.12.254
Active router is local
Standby router is 10.10.12.2
Priority 105
Preemption enabled
NX-02# show hsrp brief
Vlan12 - Group 12
State is Standby
Virtual IP address is 10.10.12.254
Active router is 10.10.12.1
Standby router is local
Priority 100
Preemption enabled
Task 5 - Configure HSRP VLAN 34
NX-03 Configuration
feature hsrp
interface vlan34
hsrp version 2
hsrp 34
authentication md5 key-string Cisco@123
preempt
priority 105
ip 10.10.34.254
NX-04 Configuration
feature hsrp
interface vlan34
hsrp version 2
hsrp 34
authentication md5 key-string Cisco@123
preempt
ip 10.10.34.254
Task 6 - Verify HSRP VLAN 34
NX-03# show hsrp brief
Vlan34 - Group 34
State is Active
Virtual IP address is 10.10.34.254
Active router is local
Standby router is 10.10.34.4
Priority 105
NX-04# show hsrp brief
Vlan34 - Group 34
State is Standby
Virtual IP address is 10.10.34.254
Active router is 10.10.34.3
Standby router is local
Priority 100
Task 7 - Configure Access Switches
SW5 Configuration
interface ethernet0/2
switchport mode access
switchport access vlan 12
SW6 Configuration
interface ethernet0/2
switchport mode access
switchport access vlan 34
Why Access Ports Are Important
Access ports assign a single VLAN to end devices.
Unlike trunk ports, access ports do not tag frames with 802.1Q VLAN tags.
Task 8 - Configure Test PCs
Test-PC-1
| Parameter | Value |
|---|---|
| IP Address | 10.10.12.101 |
| Subnet Mask | 255.255.255.0 |
| Gateway | 10.10.12.254 |
Test-PC-2
| Parameter | Value |
|---|---|
| IP Address | 10.10.34.101 |
| Subnet Mask | 255.255.255.0 |
| Gateway | 10.10.34.254 |
Traffic Flow Explanation
Traffic path:
$$ PC1 \\rightarrow HSRP\\ Gateway \\rightarrow EIGRP\\ Routed\\ Network \\rightarrow PC2 $$
EIGRP provides routing information between VLAN 12 and VLAN 34.
Verification Commands
show ip eigrp neighbors
show ip route eigrp
show hsrp brief
show hsrp
show ip interface brief
show vlan brief
show interface vlan
ping
traceroute
EIGRP Neighbor Verification
NX-01# show ip eigrp neighbors
IP-EIGRP neighbors for process 100
H Address Interface Hold Uptime SRTT RTO Q Seq
0 10.10.10.2 Vl10 12 1:23:10 10 1000 0 15
EIGRP Route Verification
NX-01# show ip route eigrp
D 10.10.34.0/24
via 10.10.10.3, Vlan10
Modern Nexus Enhancements
Traditional Design vs Modern Design
| Old Method | Modern Method |
|---|---|
| STP Heavy Design | vPC Active-Active |
| HSRP Only | Anycast Gateway with VXLAN |
| Classic VLAN Architecture | EVPN VXLAN Fabric |
| Manual Provisioning | Automation and APIs |
Modern Data Center Evolution
Modern Nexus deployments increasingly use:
- VXLAN EVPN
- BGP EVPN
- Anycast Gateway
- Fabric Automation
- Programmable APIs
- Streaming telemetry
Why HSRP Still Matters
Even though VXLAN EVPN Anycast Gateway is modern, HSRP remains extremely important for enterprise environments, certifications, labs, and hybrid deployments.
Advanced Troubleshooting
HSRP Not Forming
- Check VLAN existence
- Verify authentication key
- Ensure same group number
- Check multicast communication
- Verify interface status
EIGRP Neighbor Failure
- AS number mismatch
- K-value mismatch
- ACL blocking packets
- Interface down
- Incorrect subnet
PC Cannot Ping Remote Network
- Default gateway issue
- VLAN mismatch
- HSRP inactive
- EIGRP routes missing
- Trunk VLAN not allowed
Useful Debug Commands
debug hsrp packets
debug eigrp packets
show logging logfile
show system internal hsrp info
show ip arp
show mac address-table
High Availability Mathematics
Availability Formula
If one gateway availability is:
$$ 99.9\\% $$
Then redundant gateway availability improves significantly:
$$ Availability = 1 - (Failure_1 \\times Failure_2) $$
Example:
$$ 1 - (0.001 \\times 0.001) $$
$$ 99.9999\\% $$
EIGRP Feasible Distance
EIGRP path selection:
$$ FD = Lowest\\ Total\\ Metric $$
Successor route:
$$ Successor = Minimum(FD) $$
Educational Summary
What You Learned
- How SVIs provide Layer 3 services
- How EIGRP forms neighbor adjacencies
- How HSRP provides gateway redundancy
- How hosts communicate across VLANs
- How modern Nexus routing works
- How to troubleshoot HSRP and EIGRP
- How redundancy improves availability
Related Articles
- Cisco Nexus vPC and LACP Configuration Guide Part 1
- Cisco Nexus VRRP Configuration Guide Part 3 | NX-OS Gateway Redundancy Lab
Final Conclusion
This lab completes a highly available Cisco Nexus enterprise and data center architecture using:
- vPC redundancy
- LACP EtherChannels
- SVI Layer 3 interfaces
- EIGRP dynamic routing
- HSRP gateway redundancy
- End-host VLAN segmentation
Together, these technologies create scalable, resilient, and production-ready network infrastructures suitable for enterprise and modern data center deployments.
Understanding these technologies deeply is essential for network engineers, data center architects, and certification candidates working with Cisco Nexus platforms.
No comments:
Post a Comment