HSRP configuration on Cisco: from Basic to Advanced – RouterFreak

fork in the road Hot Standby Routing Protocol or HSRP, is a Cisco proprietary protocol that allows two or more routers to work together to represent a unmarried IP address for a particular network. HSRP, a well as Virtual Route Redundancy Protocol ( VRRP ) are considered high-availability network services that allow for about immediate fail over to a secondary interface when the primary coil interface becomes unavailable. The HSRP shape can be tricky at times, so this article will cover the fundamental points besides presenting a GNS3 lab .
HSRP is one of the thus call FHRP or “ First Hop Redundancy Protocols ”. You can read more about FHRP in this new article .
HSRP is a fairly dim-witted concept that works by having one router within an HSRP group be selected as the primary, or active router. That primary will handle all routing requests while the other routers within the HSRP group simply wait in a standby state. These understudy routers remain ready to take on all of the dealings lode if the primary router becomes unavailable. In this scenario, HSRP provides high network handiness since it routes IP dealings without depending on a single router .

To truly dig into the Nitty Gritty of HSRP, check out RFC 2281 for full details on the inner workings of this widely used protocol.

The hosts that use the HSRP address as a gateway never know the actual forcible IP or MAC address of the routers in the group. merely the virtual IP address that was created within the HSRP configuration along with a virtual MAC address is known to other hosts on the network .

Basic HSRP Configuration

Before we discuss more advance HSRP concepts, let ’ s create a basic HSRP shape to get an idea of how all this works. For this scenario we will use the topology shown below :
HSRP lab setup
The GNS3 topology apparatus looks like this :
HSRP lab setup
It consists of barely two routers ( R1 and R2 ) acting as the default gateway for the 192.168.1.0/24 network. only one of these routers will be active at a finical clock with a virtual IP address of 192.168.1.1. These means that all devices on the 192.168.1.0/24 segment ( e.g. PC1 ) will be configured with this virtual IP address .
Note : Keep in mind that one or both of these routers could be multilayer switches such as a Cisco 6509 or 3750 as well. But for this discussion let ’ s just refer them as routers .
To achieve basic HSRP shape, you need to do the surveil :

  • Configure normal IP address on interface (cannot be the same as HSRP virtual IP)
  • Bring interface up (no shutdown)
  • Configure HSRP group and virtual IP address using the standby command

therefore, the shape to enable HSRP on R1 is as follows :
interface fa0/0
ip address 192.168.1.11 255.255.255.0
no shutdown
standby 1 ip 192.168.1.1

The shape on R2 is similar as follows :
interface fa0/0
ip address 192.168.1.12 255.255.255.0
no shutdown
standby 1 ip 192.168.1.1

In this exemplar, we have configured an HSRP group “ 1 ”. This group act can be any numeral between 0 and 255 ( HSRP interpretation 1 ) and the only prerequisite is that you must use the lapp number across devices in the same HSRP group .
We can use the show standby command to see the status of our HSRP configuration.
R1#show standby
FastEthernet0/0 - Group 1
State is Active
2 state changes, last state change 00:23:53
Virtual IP address is 192.168.1.1
Active virtual MAC address is 0000.0c07.ac01
Local virtual MAC address is 0000.0c07.ac01 (v1 default)
Hello time 3 sec, hold time 10 sec
Next hello sent in 0.852 secs
Preemption disabled
Active router is local
Standby router is 192.168.1.12, priority 100 (expires in 7.452 sec)
Priority 100 (default 100)
Group name is "hsrp-Fa0/0-1" (default)
R1#

R2#show standby
FastEthernet0/0 - Group 1
State is Standby
1 state change, last state change 00:23:59
Virtual IP address is 192.168.1.1
Active virtual MAC address is 0000.0c07.ac01
Local virtual MAC address is 0000.0c07.ac01 (v1 default)
Hello time 3 sec, hold time 10 sec
Next hello sent in 0.340 secs
Preemption disabled
Active router is 192.168.1.11, priority 100 (expires in 7.920 sec)
Standby router is local
Priority 100 (default 100)
Group name is "hsrp-Fa0/0-1" (default)

Notice that R1 is the active router while R2 is on standby. Ideally, with the same priority, the router with the highest IP address will be elected the active router. however, I configured R1 first and it became active before R2 came on board. Since R2 has the lapp priority as R1, R2 will not become active even though it has a higher IP address ( 192.168.1.12 > 192.168.1.11 ) .
We will talk about priority and preemption subsequently in this article .
now let ’ s test. We will perform a traceroute to 8.8.8.8 from PC1. Since R1 is the active router, this traffic should flow through R1 to the EXT_RTR.
PC1> trace 8.8.8.8
trace to 8.8.8.8, 8 hops max, press Ctrl+C to stop
1 192.168.1.11 33.260 ms 22.408 ms 11.530 ms
2 *192.0.2.1 23.903 ms (ICMP type:3, code:3, Destination port unreachable)

Notice that this packet went through R1 ( 192.168.1.11 ) .
Note : When replying traceroute, the IP address of the physical interface is used, not the virtual IP address. Check this yoke for more information .
I will now shut down the fa0/0 interface of R1 and try this traceroute again.
R1(config)#int fa0/0
R1(config-if)#shutdown
R1(config-if)#
*Mar 1 01:00:27.015: %HSRP-5-STATECHANGE: FastEthernet0/0 Grp 1 state Active -> Init
R1(config-if)#
*Mar 1 01:00:29.027: %LINK-5-CHANGED: Interface FastEthernet0/0, changed state to administratively down
*Mar 1 01:00:30.027: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0, changed state to down
R1(config-if)#

PC1> trace 8.8.8.8
trace to 8.8.8.8, 8 hops max, press Ctrl+C to stop
1 192.168.1.12 5.763 ms 10.462 ms 11.703 ms
2 *192.0.2.1 45.594 ms (ICMP type:3, code:3, Destination port unreachable)

Notice how the traffic flows through R2 ( 192.168.1.12 ). When we check the show understudy command again, we see that R2 is nowadays the active router :
R2#show standby
FastEthernet0/0 - Group 1
State is Active
2 state changes, last state change 00:04:33
Virtual IP address is 192.168.1.1
Active virtual MAC address is 0000.0c07.ac01
Local virtual MAC address is 0000.0c07.ac01 (v1 default)
Hello time 3 sec, hold time 10 sec
Next hello sent in 2.152 secs
Preemption disabled
Active router is local
Standby router is unknown
Priority 100 (default 100)
Group name is "hsrp-Fa0/0-1" (default)

Routing with HSRP

I decided to take a short detour to talk about routing when HSRP is configured. There are a couple of things to note :

  1. Routes are not replicated between HSRP routers. This means that R1 and R2 must (individually) know how to reach the 8.8.8.8 network used in our example. In our case, we achieve this by configuring a default route to 192.0.2.1 (EXT_RTR) on both R1 and R2.
  2. Even though traffic from PC1 to 8.8.8.8 will flow through the active HSRP router, return traffic will be an issue. Since routing is done based on destination (by default), EXT_RTR will consult its routing table for how to forward the reply from 8.8.8.8 to PC1 (192.168.1.100). Depending on how you configure this, EXT_RTR will always use R1, always use R2 or use both R1 and R2. This can lead to asymmetric routing and/or traffic blackholing. One way around this issue is to configure NAT but that is beyond the scope of this article. For this article, I configured two static routes for the 192.168.1.0/24 network on EXT_RTR: one pointing to R1 and the other pointing to R2. This means that EXT_RTR load balances between R1 and R2.

hsrp basicHSRP Priority: Controlling the Active Router

There are more HSRP values that you ’ ll need to change from prison term to clock time to ensure complete control over your net traffic. For case, what if we wanted R1 to be the Active router alternatively of R2 ? To force a finical router to be the active router in an HSRP group you will need to use the priority command .
The default priority is 100. The higher priority will determine which router is active. If both routers are set to the like precedence, the first router to come up will be the active router .
For exemplar, in our sample scenario, if we bring the fa0/0 of R1 back up, R1 will become the understudy router – it will not replace R2 as the active router :
R1(config-if)#no shutdown
R1(config-if)#
*Mar 1 01:19:07.095: %LINK-3-UPDOWN: Interface FastEthernet0/0, changed state to up
*Mar 1 01:19:08.095: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0, changed state to up
R1(config-if)#
*Mar 1 01:19:26.111: %HSRP-5-STATECHANGE: FastEthernet0/0 Grp 1 state Speak -> Standby

If we wanted R1 to always be active when an election takes position, then we can increase its priority.
interface fa0/0
standby 1 priority 200

Note : even though we have increased the priority of R1, it will remain in the standby mode because preemption is disabled. We will talk about preemption next .

HSRP Preempt: Avoid Fail-Back

In our scenario above, if R1 fails, R2 will become active as we have seen. This is perfect ! But, if R1 comes second up and returns to service, R2 will continue to stay active. This may not be a prefer behavior. There are times when you may constantly want R1 to be in an active department of state in the HSRP group. Cisco provides a way for use to control this by using the preempt command. Preempt forces a router to be active after recovering from a failure .
consequently, if we want R1 to take over the active function when it recovers from a failure, we can change our shape on R1 to include the standby 1 preempt command.
R1(config-if)#standby 1 preempt
R1(config-if)#
*Mar 1 01:38:18.307: %HSRP-5-STATECHANGE: FastEthernet0/0 Grp 1 state Standby -> Active
R1(config-if)#

Advanced HSRP Configuration – Load Balancing

so now you can see how great HSRP is and how it allows us to have high handiness between multiple routers for a individual network. But our standby routers aren ’ thyroxine doing anything and are good sitting there ! Depending on the router exemplar you are using, this can be a lot money merely sitting baseless .
Note : It is besides crucial to keep in mind that if something happens to one of the devices in a high Availability copulate, then the early device should be able to handle the network burden.

To solve this trouble, we can configure HSRP to be load balanced between routers. This doesn ’ t serve us with a individual HSRP group, but for multiple HSRP groups we can spread the load and have each HSRP group be active on unlike routers .
By configuring multiple HSRP groups on a single interface, HSRP load balance can be achieved .
For our case, let ’ s lend PC2 to the lab frame-up. For explanation sake, we will call HSRP group 1 “ network-one ” and HSRP group 2 “ network-two ”. R1 will be active for network-one while R2 will be active for network-two. This means that R1 will be standby for network-two while R2 will be standby for network-one .
HSRP lab upgraded
The wax shape on R1 is as follows :
interface FastEthernet0/0
ip address 192.168.1.11 255.255.255.0
standby 1 ip 192.168.1.1
standby 1 priority 200
standby 1 preempt
standby 1 name network-one
standby 2 ip 192.168.1.2
standby 2 name network-two

The full configuration on R2 is as follows :
interface FastEthernet0/0
ip address 192.168.1.12 255.255.255.0
standby 1 ip 192.168.1.1
standby 1 name network-one
standby 2 ip 192.168.1.2
standby 2 priority 200
standby 2 preempt
standby 2 name network-two

This configuration allows us to have each router working for us and forwarding packets to best utilize our investment in our network equipment. We ’ ve besides added the HSRP group name command to help better describe each HSRP group. This can be a life rescuer when you have several HSRP groups that you need to track .
To test this configuration, we will perform a traceroute to 8.8.8.8 from both PC1 and PC2. PC1 uses 192.168.1.1 as its default gateway ( network-one ) while PC2 uses 192.168.1.2 as its default gateway ( network-two ).
PC1> trace 8.8.8.8
trace to 8.8.8.8, 8 hops max, press Ctrl+C to stop
1 192.168.1.11 23.570 ms 10.141 ms 10.915 ms
2 *192.0.2.1 51.527 ms (ICMP type:3, code:3, Destination port unreachable)

PC2> trace 8.8.8.8
trace to 8.8.8.8, 8 hops max, press Ctrl+C to stop
1 *192.168.1.12 26.753 ms 10.339 ms
2 **192.0.2.1 41.634 ms (ICMP type:3, code:3, Destination port unreachable)

Notice that PC1 uses R1 while PC2 uses R2. Load balancing achieved !
One last eminence on HSRP standby groups. You can have multiple interfaces and networks configured using the same understudy group issue if the failover behavior needed is the same .
however if you need to have a unlike behavior, meaning different priority, preempt, etc., ( as seen in our load balanced scenario above ) then a separate group is needed .

Common problems with HSRP

To wrap up this article about HSRP, let ’ s quickly highlight some park problems with HSRP. This can serve as a sort of checklist when troubleshooting HSRP. The problems include :

  • HSRP routers not being on the same network segment.
  • HSRP routers not configured with IP addresses from the same subnet.
  • HSRP configuration issues like standby groups and virtual IPs not matching on the HSRP routers.

Conclusion

There is much more to HSRP then this article covers including :
For now, we wanted to give you a adept basis for the configuration of HSRP on a Cisco router .
Do you calm have questions about this config or another question about HSRP ? Leave a gloss below and let ’ s work on it !

4.7/5 – ( 19 votes )

reference : https://thefartiste.com
Category : Tech

About admin

I am the owner of the website thefartiste.com, my purpose is to bring all the most useful information to users.

Check Also

articlewriting1

Manage participants in a zoom meeting webinar

Call the people who attend the meet as follows Alternate host host Who scheduled the …

Leave a Reply

Your email address will not be published.