Most router and switch administrators are familiar with the Hot Standby Router Protocol a.k.a. HSRP, which, like VRRP, the Virtual Router Redundancy Protocol, is used to allow two routers on the same access-subnet to provide fault-tolerance for users or servers on that network. If you're not familiar with it, HSRP is configured on each router to provide a virtual IP address, which is given to the users and server administrators as their "default gateway". Each of the routers are given a priority and one router assumes an active role, responding to ARPs for the virtual IP address with its own MAC address. The other router or routers act as "standby" routers and poll the active router. When the active router becomes unavailable (e.g. in a failure, or if it is offline for maintenance), then the other router takes over so the clients see no disruption.
The downside to this configuration is that all the traffic from users and servers will go to the active router and none of the traffic will go to the standby router. If these routers are gigabit connected to the rest of your campus, that's probably not a big deal. But if they're connected by a pair of T1s to your WAN, it most likely means you're only going to use half the bandwidth you're paying for.
Although there are more complex ways of dealing with the challenge of load-balancing across circuits terminated in separate routers for redundancy, a simple and fairly effective approach to this problem is Multi-group
For example, if your first group is router A and router B and their addresses are 192.168.1.3 and 192.168.1.4 /24, then you might assign the virtual IP address of 192.168.1.1 and configure the priority of router A so that it is active. You can also create a second group with a virtual IP of 192.168.1.2 using the same two routers, A and B.
The trick here is to make router B the preferred and active router for the second virtual IP address of 192.168.1.2. Now, when you configure your DHCP for your users on this subnet, create two pools and give the first pool a default gateway of 192.168.1.1 and the second pool a default gateway of 192.168.1.2. By doing this, half your users will send their packets to router A and the other half will send their traffic to router B. Assuming all your people use the same applications, statistically, you will have a good chance of a fairly even distribution of traffic across your circuits.
Tom Lancaster, CCIE# 8829 CNX# 1105, is a consultant with 15 years experience in the networking industry, and co-author of several books on networking, most recently, CCSPTM: Secure PIX and Secure VPN Study Guide published by Sybex.
This was first published in March 2004