Table of Contents Link to heading
- First Hop Redundancy Protocols - FHRPs
- Hot Standby Router Protocol - HSRP
- Load Sharing
- HSRP Roles
- HSRP States
- Pre-emption
- Cisco IOS Configuration
- Guidelines and Limitations for HSRP
First Hop Redundancy Protocols - FHRPs Link to heading
Hot Standby Router Protocol - HSRP Link to heading
- Cisco Proprietary (1994)
- It has two versions (v1 & v2)
- Hello interval 3 sec
- Hold interval 10 sec
- It uses UDP port number 1985
- It sends multicast hellos via 224.0.0.2 (v1) and 224.0.0.102 (v2)
- It support groups numbers from 0 to 255 (v1) and 0 to 4095 (v2)
- HSRP virtual MAC 0000.0c07.acxx (XX is group ID) (v1) and 0000.0C9F.Fxxx (v2)
- Default Priority is 100
- Default Preempt Disable
- Default decrement in priority using track 10
- It supports two types of authentication (MD-5 & Txt).
- It has built in track command
The active router sources hello packets from its configured IP address and the HSRP virtual MAC address while the standby router sources hellos from its configured IP address and the interface MAC address (BIA).
The routers send hello messages to each over their HSRP interface.
Load Sharing Link to heading
Two routers A and B and two HSRP groups. Router A is the active router for group A but is the standby router for group B. Similarly, router B is the active router for group B and the standby router for group A.
If both routers remain active, HSRP load balances the traffic from the hosts across both routers. If either router fails, the remaining router continues to process traffic for both hosts
HSRP Roles Link to heading
The active router handles routing packets, and the standby router takes over if the active router fails or meets preset conditions.
- Active - A router which handles routing packets and gives the reply of
ARP request of clients for gateway with the virtual MAC address.
- Active Requirements:
- Higher Priority
- Higher IP
- Active Requirements:
- Stand by - Backup to active.
- If the standby router no longer receives hellos from the active, it will transition to be the active router.
HSRP States Link to heading
- Disabled
- Init
- Listening
- Speaking
- Stand by
Pre-emption Link to heading
- If pre-emption is enabled, when a higher priority router comes back online after a failure it will transition back to active.
- If pre-emption is not enabled (default), the lower priority router will remain active when the failed router comes back online.
Cisco IOS Configuration Link to heading
Load Sharing Configuration Link to heading
Single Subnet Link to heading
In the following example:
- R1 is HSRP Active for 10.10.10.1, R2 is Active for 10.10.10.254
- 50% of PCs use 10.10.10.1 as default gateway, other 50% use 10.10.10.254
R1(config)# interface g0/1
R1(config-if)# ip address 10.10.10.2 255.255.255.0
R1(config-if)# no shutdown
R1(config-if)# standby 1 ip 10.10.10.1
R1(config-if)# standby 1 priority 110
R1(config-if)# standby 1 pre-empt
R1(config-if)# standby 2 ip 10.10.10.1
R1(config-if)# standby 2 priority 90
R2(config)# interface g0/1
R2(config-if)# ip address 10.10.10.3 255.255.255.0
R2(config-if)# no shutdown
R2(config-if)# standby 1 ip 10.10.10.1
R2(config-if)# standby 1 priority 90
R2(config-if)# standby 2 ip 10.10.10.254
R2(config-if)# standby 2 priority 110
R2(config-if)# standby 2 pre-empt
Multiple Subnets Link to heading
In the following example:
- R1 is HSRP Active for 10.10.10.1, R2 is Active for 10.10.20.1
R1(config)# interface g0/1
R1(config-if)# ip address 10.10.10.2 255.255.255.0
R1(config-if)# no shutdown
R1(config-if)# standby 1 ip 10.10.10.1
R1(config-if)# standby 1 priority 110
R1(config-if)# standby 1 pre-empt
R1(config)# interface g0/2
R1(config-if)# ip address 10.10.20.2 255.255.255.0
R1(config-if)# no shutdown
R1(config-if)# standby 2 ip 10.10.20.1
R1(config-if)# standby 2 priority 90
R2(config)# interface g0/1
R2(config-if)# ip address 10.10.10.3 255.255.255.0
R2(config-if)# no shutdown
R2(config-if)# standby 1 ip 10.10.10.1
R2(config-if)# standby 1 priority 90
R2(config)# interface g0/2
R2(config-if)# ip address 10.10.20.3 255.255.255.0
R2(config-if)# no shutdown
R2(config-if)# standby 2 ip 10.10.20.1
R2(config-if)# standby 2 priority 110
R2(config-if)# standby 2 pre-empt
Verification Link to heading
To view HSRP information for all interfaces:
To view HSRP information for a specific interface (e.g., FastEthernet 1/0):
For a brief overview of HSRP information:
Guidelines and Limitations for HSRP Link to heading
- You must configure an IP address for the interface that you configure HSRP on and enable that interface before HSRP becomes active.
- You must configure HSRP version 2 when you configure an IPv6 interface for HSRP. For IPv4, the virtual IP address must be in the same subnet as the interface IP address.
- We recommend that you do not configure more than one FHRP on the same interface.
- HSRP version 2 does not interoperate with HSRP version 1. An interface cannot operate both version 1 and version 2 because both versions are mutually exclusive. However, the different versions can be run on different physical interfaces of the same router.
- You cannot change from version 2 to version 1 if you have configured groups above the group number range allowed for version 1 (0 to 255).
- HSRP for IPv4 is supported with BFD. HSRP for IPv6 is not supported with BFD.
- Cisco NX-OS removes all Layer 3 configurations on an interface when you change the interface VRF membership, port channel membership, or when you change the port mode to Layer 2.
- If you configure virtual MAC addresses with vPC, you must configure the same virtual MAC address on both vPC peers.
- For mixed-chassis configurations where the vPC peer link is configured on an F-series module, configure the vPC peer gateway exclude option to exclude the Layer 3 backup route that traverses the vPC peer link.
- You cannot use the HSRP MAC address burned-in option on a VLAN interface that is a vPC member.
- If you have not configured authentication, the show hsrp command displays the following string: Authentication text “cisco”