Hot Standby Router Protocol

HSRP allows networks with more than one gateway to provide redundancy in case of interface or router failure on any given router.

HSRP allows router redundancy in a network. It is a Cisco proprietary solution from before the IETF defined Virtual Router Redundancy Protocol (VRRP). To illustrate HSRP, Figure 2-12 displays a six-router network with clients on segments on Ethernet networks, Sydney and San Jose.

NOTE Cisco exams typically test Cisco proprietary protocols more heavily than industry standard protocols, such as VRRP. To my knowledge, VRRP is not listed (or tested) as an objective on the Cisco website.

Figure 2-12 HSRP Example

Router A #

interface Ethernet 0

ip address 131.108.1.1 255.225.255.0

standby priority 110 preempt standby authentication cisco standby ip 131.108.2.100

standby track Serial0

Router C #

interface Ethernet 0

ip address 131.108.1.2 255.225.255.0

standby priority 110 preempt standby authentication cisco standby ip 131.108.1.100

standby track Serial0

Network Sydney a.

IP Address 131.108.2.1/24

Gateway Address 131.108.2.100/24

131.108.2.2/24

131.108.1.2/24

Router A

Serial 0

Router B

Serial 0

Router C

Standby IP add 131.108.2.100 Standby IP add 131.108.1.100

Router F

Router E

Router D

131.108.2.2/24

Serial 0

Serial 0

131.108.1.2/24

Network San Jose n

IP Address 131.108.1.1/24

Gateway Address 131.108.1.100/24

Router F #

interface Ethernet 0

ip address 131.108.2.2 255.225.255.0

standby authentication cisco standby ip 131.108.2.100

!default not shown standby priority 100

Router D #

interface Ethernet 0

ip address 131.108.1.3 255.225.255.0

standby authentication cisco standby ip 131.108.2.100

!default not shown standby priority 100

PCs are typically configured with only one gateway address. (Windows 2000/XP clients can take more than one but this still leaves a problem in that all devices must be configured for multiple gateways; the most scalable solution is to configure a single gateway on all devices and allow an intelligent network to provide redundancy where only a few devices require configuration.) Assume that PC1 is configured with a gateway address of 131.108.1.100. Two routers on the Ethernet share the segment labeled San Jose network. To take advantage of the two routers, HSRP will allow only Routers C and D to bid for a virtual IP address, and if any one router (Router C or D, in this example) fails, the operational router assumes the HSRP gateway address. Host devices typically have only a brief 100 to -200-millisecond interruption when a network failure occurs.

To illustrate how HSRP provides default gateway support, refer to Figure 2-12. In Figure 2-12, you can see a network with two local routers configured with an Ethernet interface address of 131.108.1.2/24 for Router C and 131.108.1.3/24 for Router D. Notice that both routers share a common Ethernet network. Assume that PC1 has been configured with a default gateway pointing to Router C. If Router C goes down or the Ethernet interface becomes faulty, all the devices must be manually reconfigured to use the second default gateway (Router D, 131.108.1.3/24). HSRP enables the network administrator to elect one of the two routers to act as the default gateway. If the elected router goes down, the second router assumes the IP default gateway. The IOS command standby track interface-of-wan under the Ethernet interface allows the router to monitor the WAN link. If the WAN link continuously fails past a threshold, the HSRP default router will decrease its priority to allow a more reliable WAN connection to provide a gateway. For example, in Figure 2-12, if the link between Routers C and B fails past a threshold, Router D can be configured to assume the HSRP address to provide a faster connection to the IP backbone network.

The steps to enable HSRP are as follows:

Step 1 Enable HSRP (required).

Step 2 Configure HSRP group attributes (optional).

Step 3 Change the HSRP MAC refresh interval (optional).

Table 2-5 illustrates the various required and optional commands to enable HSRP. Table 2-5 HSRP Commands

IOS Command

Purpose

standby [group-number] timers [msec] hellotime [msec] holdtime

These required commands configure the time between hello packets and the hold time before other routers declare the active router to be down.

standby [group-number] priority priority [preempt [delay [minimum 1 sync] delay]]

or standby [group-number] [priority priority] preempt [delay [minimum 1 sync] delay]

Sets the Hot Standby priority used in choosing the active router. The priority value range is from 1 to 255, where 1 denotes the lowest priority and 255 denotes the highest priority. Specifies that if the local router has priority over the current active router, the local router should attempt to take its place as the active router. Configures a preemption delay, after which the Hot Standby router preempts and becomes the active router. These commands are optional.

continues continues

Table 2-5 HSRP Commands (Continued)

IOS Command

Purpose

standby [group-number] track type number [interface-priority]

This optional command configures the interface to track other interfaces so that if one of the other interfaces goes down, the device's Hot Standby priority is lowered.

standby [group-number] authentication string

Selects an authentication string to be carried in all HSRP messages. Optional authenticator field allows only authenticated routers to offer HSRP.

standby use-bia [scope interface]

Configures HSRP to use the burned-in address of an interface as its virtual MAC address instead of the preassigned MAC address (on Ethernet and FDDI), or the functional address (on Token Ring).

Now configure Routers C and D in Figure 2-12 for HSRP, and ensure that Router C is the primary gateway address and that the PC is configured with a gateway address of 131.108.1.100. Router C is configured with a higher priority (standby priority 110 preempt) than the default 100 to ensure Router C becomes the default gateway for the hosts on the San Jose network; authentication is also enabled between the two gateway routers.

Example 2-5 displays the sample IOS configuration for Router C.

Example 2-5 HSRP Configuration on Router C

interface Ethernet0 ip address 131.108.1.2 255.255.255.0 standby priority 110 preempt standby authentication cisco standby ip 131.108.1.100 standby track Serial0

Example 2-5 displays Router C configured with a virtual IP address of 131.108.1.100 and preempt, which allows Router C to assume the role if a failure occurs. The track command ensures that SerialO, or the WAN link to Router B, is monitored to make sure a flapping link does not cause bandwidth delays for users, such as PC1. For every tracked interface failure, the priority is reduced by 10 by default. The Cisco IOS default priority is set to 100. In this configuration, two failures must occur for Router D to assume the HSRP address (110-10-10=90<100).

Example 2-6 displays the sample IOS configuration for Router D. Configure Router D with an HSRP priority of 105 so that any one (1 not 2) failure on Router C will mean that Router D priority is higher than Router C. (Router C is set to 105; one failure and then it is set to 105-10=95<100.)

Example 2-6 HSRP Configuration on Router D

interface Ethernet0 ip address 131.108.1.3 255.255.255.0 standby authentication cisco standby ip 131.108.1.100

To view the status of HSRP, the IOS command is show standby. Example 2-7 displays the sample output when the IOS command show standby is entered in Router C.

Example 2-7 show standby on Router C

Router-C#show standby Ethernet - Group 0

Local state is Active, priority 105, may preempt

Hellotime 3 holdtime 10

Next hello sent in 00:00:01.967

Hot standby IP address is 131.108.1.100 configured Active router is local Standby router is unknown expired Standby virtual mac address is 0000.0c07.ac00 2 state changes, last state change 00:03:59 Tracking interface states for 1 interface, 0 up: up Serial0

Router C is currently the configured gateway and is tracking Serial 0 for failures; every WAN failure decrements the priority value by 10. If a single failure occurs, the priority on Router C will drop to 95 (105-10=95), and Router D will immediately remain the default gateway until the interface on Router C has fully recovered. After the priority on Router C increments back to 105, Router C assumes the gateway function because preempt is enabled, as displayed in Example 2-54.

Example 2-8 displays the output of the show standby command on Router D. Example 2-8 show standby on Router D

Router-D#show standby Ethernet - Group 0

Local state is Standby, priority 100,

Hellotime 3 holdtime 10

Next hello sent in 00:00:01.967

Hot standby IP address is 131.108.1.100 configured

Active router is local

Standby router is unknown expired

Standby virtual mac address is 0000.0c07.ac00

2 state changes, last state change 00:03:59

Was this article helpful?

0 0

Post a comment