HSRP stands for Hot Standby Routing Protocol. HSRP is a Cisco proprietary protocol that offers router redundancy. Here one router is elected as active router, and another router is elected as standby router. All other routers are put in listen HSRP state. HSRP messages are exchanges using multicast destination address 244.0.0.2 to keep a router aware of all others in the group.
Members of HSRP group
1. Virtual router: virtual router is what is seen by the end user device. The virtual router has its own IP and MAC addresses.
2. Active router: Forwards packets sent to the virtual router. An active router assumes the IP and MAC addresses of the virtual router.
3. Standby router: Standby router monitors the state of HSRP by using Hello massages. It assumes the role of Active router, should the current Active router fail.
When an Active router fails in HSRP environment, Standby router assumes the Active router role. This new Active router will remain as Active router even if the failed Active router comeback to service, irrespective of the priority levels.
To enable the previous Active router to resume its activity as Active router by taking over the role from a lower priority Active router, use the command
Rtr(config-if)#standby <group-number> preempt
The hosts served by HSRP router use the IP address of virtual router as the default IP address.
Each router in a standby group can be assigned a priority value. The range of priority values is between 0 and 255 (including 0 and 255). The default priority assigned to a router in a standby group is 100. The router with numerically higher priority value will become Active router in the HSRP standby group.
The command used to set the router's priority in standby group is:
R(config-if)#standby <group-number> priority <priority-value>
HSRP Features:
1. Within the standby group of routers, the router with the highest standby priority in the group becomes the active router. For example, a router with a priority of 100 will become active router over a router with a priority of 50. The active router forwards packets sent to the virtual router. It maintains its active state by using Hello messages.
2. The default HSRP standby priority is100. If the standby priorities of routers participating in HSRP are same, the router with the highest IP address becomes the Active router.
3. HSRP authentication is carried out in clear text.
4. An HSRP router status can be displayed by using the command :
RouterA# show standby
The above command displays the router priority, state (active/standby), group number among other things.
5. To enable HSRP debugging, use the command :
RouterA#debug standby
6. To disable debugging, use the command :
RouterA# no debug standby
In HSRP, the MAC address used by virtual router is made up of the following three components:
In the choices given, only 00.00.07.0c.ac.1e has 4th and 5th bytes 07.0c and hence a valid HSRP MAC address.
All routers in an HSRP standby group can send and/or receive HSRP message. Also, HSRP protocol packets are addressed to all-router address (224.0.0.2) with a TTL of 1. Note that the HSRP messages are encapsulated in the data portion of UDP packets.
The correct command syntax for configuring a router as a member of an HSRP standby group is:
R(config-if)#standby <group-number> ip <virtual-ip-address>
For group number 45 and virtual IP address of 192.32.16.5, the command is:
R(config-if)#standby 45 ip 192.32.16.5
The command : "standby <group-number> preempt" is used to force an interface to resume Active router state. Note that the priority of the router should be higher than the current Active router.
HSRP uses multicast address 224.0.0.3 UDP port 1985 for sending its hello messages.
In HSRP, each of the routers of the participating routers is assigned to a common HSRP group. One router is elected as the primary, or active HSRP router. One router is elected as the standby HSRP router, and all the others remain in the listen HSRP state. The routers exchange HSRP hello messages at regular intervals so that they can remain aware of each other's existence and that of the active router. HSRP sends its hello messages to the multicast destination 224.0.0.2 (all routers) using UDP port 1985.
The following statements are true about HSRP routers:
1. The priority value of a HSRP group router can have values between 0 and 255
2. The router with highest priority value will be elected as the primary. The highest value possible is 255. Higher priority value corresponds to higher priority in HSRP. You need to be careful in interpreting the priority value with priority. Both are different.
3. There can be only one router in active state and one in the standby state at any given time.
4. HSRP uses unicast messages to exchange Hello packets
5. If all router priorities are equal or set to the default value, the router with the highest IP address on the HSRP interface becomes the active router.
6. By default, hellos are sent every 3 seconds, and only the standby router. If hellos are missed for the duration of the holdtime timer (default 10 seconds, or three times the hello timer), the active router is presumed to be down.
In HSRP, one router with highest priority is elected as the active router, and one with next highest priority will become the standby router. All other routers in the HSRP group will be put in Listen state.
You can configure a router to immediately take over (assuming that the router had been previously taken out of the group due to some reason) the active role if its priority is the highest at any time. Use the following interface configuration command to allow preemption:
Switch(config-if)# standby <group> preempt [delay [minimum <seconds>] [reload <seconds>]]
By default, the local router immediately can preempt another router that has the active role. To delay the preemption, use the delay keyword followed by one or both of the following parameters:
The key chain has been named as hsrp10. However, on the interface, the association is wrong. Key-chain name has wrongly been associated with hsrp1 instead of hsrp10.
HSRP will track the availability of interface serial 0/0. If serial 0/0 goes down, the priority of the router in group 1 will be decremented by 25. The default value of the track argument is 10.
Consider the following HSRP configurations
catalystA(config)#interface vlan
100
catalystA(config-if)#ip address 192.168.1.16 255.255.255.0
catalystA(config-if)#standby 1 priority
175
catalystA(config-if)#standby 1
preempt
catalystA(config-if)#standby 1
ip 192.168.1.1
In the example given, 192.168.1.1 is the gateway address that is used to reach the gateway in the HSRP group of routers. It is a virtual IP address, and tied to a virtual MAC address. All the routers in the HSRP group use the same virtual IP address and MAC address pair. This way, even if active HSRP router goes down, the new active router will still have the same IP address and MAC address for the gateway, and the client computers need not worry about changing the default gateway.
In HSRP, higher the priority value (range is 0 to 255), higher the priority of the router. The router with highest priority value will become the Active HSRP router. Default priority of a HSRP router is 100. Further, an HSRP group can be assigned an arbitrary group number, from 0 to 255
For the virtual router address, HSRP defines a special MAC address of the form 0000.0c07.acxx, where xx represents the HSRP group number as a two-digit hex value.
For example, HSRP Group 1 appears as 0000.0c07.ac01, HSRP Group 16 appears as 0000.0c07.ac10, and so on.
Examples for loadbalancing in HSRP
Load balancing traffic across two uplinks to two HSRP routers with a single HSRP group is not possible. However, we can load balance between two HSRP routers using VLANs and creating two HSRP groups.
For example, you can make HSRP RourterA as Active for one VLAN (say VLAN1) in HSRP group1 and RouterB as Active for the second VLAN (say VLAN2) in HSRP group2. RouterB will be the Standby for VLAN1 (HSRP group 1) and RouterA will be the Standby for VLAN2 (HSRP group 2). This can be done by adjusting the HSRP router priorities for respective VLANs as below:
RouterA(config)# interface vlan
100
RouterA (config-if)# ip address 192.168.1.15 255.255.255.0
RouterA (config-if)# standby 1 priority
200
RouterA (config-if)# standby 1
preempt
RouterA (config-if)# standby 1
ip 192.168.1.1
RouterA (config-if)# standby 1
authentication MyKey
RouterA (config-if)# standby 2 priority
100
RouterA (config-if)# standby 2 ip
192.168.1.2
RouterA (config-if)# standby 2
authentication MyKey
RouterB(config)# interface vlan 50
RouterB(config-if)#ip address 192.168.1.16 255.255.255.0
RouterB(config-if)#standby 1
priority 100
RouterB(config-if)#standby 1
ip 192.168.1.1
RouterB(config-if)#standby 1
authentication MyKey
RouterB(config-if)#standby 1
priority 200
RouterB(config-if)#standby 2
preempt
Router(config-if)#standby 2
ip 192.168.1.2
RoutertB(config-if)#standby 2
authentication MyKey
Note that in the above example, RouterA will be the active router in HSRP group 1 as the priority has been set higher (200). On the otherhand, RouterB will be the Active router in HSRP group 2 as the priority has been set higher (200).
