FHRP Hop Redundancy Routing Protocol
Default Gateway Limitations
End devices are typically configured with a single default gateway IPv4 address.
- If the default gateway router interface fails, LAN hosts lose outside LAN connectivity.
- This occurs even if a redundant router or Layer 3 switch that could serve as a default gateway exists.
First hop redundancy protocols (FHRPs) are mechanisms that provide alternate default gateways in switched networks where two or more routers are connected to the same VLANs.
Router Redundancy
One way to prevent a single point of failure at the default gateway is to implement a virtual router. To implement this type of router redundancy, multiple routers are configured to work together to present the illusion of a single router to the hosts on the LAN. By sharing an IP address and a MAC address, two or more routers can act as a single virtual router.
- The IPv4 address of the virtual router is configured as the default gateway for the workstations on a specific IPv4 segment.
- When frames are sent from host devices to the default gateway, the hosts use ARP to resolve the MAC address that is associated with the IPv4 address of the default gateway. The ARP resolution returns the MAC address of the virtual router. Frames that are sent to the MAC address of the virtual router can then be physically processed by the currently active router within the virtual router group.
- A protocol is used to identify two or more routers as the devices that are responsible for processing frames that are sent to the MAC or IP address of a single virtual router. Host devices send traffic to the address of the virtual router. The physical router that forwards this traffic is transparent to the host devices.
- A redundancy protocol provides the mechanism for determining which router should take the active role in forwarding traffic. It also determines when the forwarding role must be taken over by a standby router. The transition from one forwarding router to another is transparent to the end devices.
- The ability of a network to dynamically recover from the failure of a device acting as a default gateway is known as first-hop redundancy.
Steps for Router Failover
When the active router fails, the redundancy protocol transitions the standby router to the new active router role, as shown in the figure. These are the steps that take place when the active router fails:
1.The standby router stops seeing Hello messages from the forwarding router.
2.The standby router assumes the role of the forwarding router.
3.Because the new forwarding router assumes both the IPv4 and MAC addresses of the virtual router, the host devices see no disruption in service.
HSRP Overview ( Hot Standby Routing Protocol )
Cisco provides HSRP and HSRP for IPv6 as a way to avoid losing outside network access if your default router fails. HSRP is a Cisco-proprietary FHRP that is designed to allow for transparent failover of a first-hop IP device.
HSRP ensures high network availability by providing first-hop routing redundancy for IP hosts on networks configured with an IP default gateway address. HSRP is used in a group of routers for selecting an active device and a standby device. In a group of device interfaces, the active device is the device that is used for routing packets; the standby device is the device that takes over when the active device fails, or when pre-set conditions are met. The function of the HSRP standby router is to monitor the operational status of the HSRP group and to quickly assume packet-forwarding responsibility if the active router fails.
HSRP Priority and Preemption
The role of the active and standby routers is determined during the HSRP election process. By default, the router with the numerically highest IPv4 address is elected as the active router. However, it is always better to control how your network will operate under normal conditions rather than leaving it to chance.
- HSRP priority can be used to determine the active router.
- The router with the highest HSRP priority will become the active router.
- By default, the HSRP priority is 100.
- If the priorities are equal, the router with the numerically highest IPv4 address is elected as the active router.
- To configure a router to be the active router, use the standby priorityinterface command. The range of the HSRP priority is 0 to 255
HSRP Priority and Preemption
By default, after a router becomes the active router, it will remain the active router even if another router comes online with a higher HSRP priority.
- To force a new HSRP election process to take place when a higher priority router comes online, preemption must be enabled using the standby preemptinterface command. Preemption is the ability of an HSRP router to trigger the re-election process. With preemption enabled, a router that comes online with a higher HSRP priority will assume the role of the active router.
- Preemption only allows a router to become the active router if it has a higher priority. A router enabled for preemption, with equal priority but a higher IPv4 address will not preempt an active router. Refer to the topology in the figure.
Note: With preemption disabled, the router that boots up first will become the active router if there are no other routers online during the election process.
HSRP States and Times
The active and standby HSRP routers send hello packets to the HSRP group multicast address every 3 seconds by default. The standby router will become active if it does not receive a hello message from the active router after 10 seconds.
Configure HSRP on R1
R1(config)#
interface g0/1
standby version 2
standby 1 ip 192.168.1.254
standby 1 priority 150
standby 1 preempt
exit
exit
#show standby
#show standby brief
shutdown interface g0/1 and verify from R3 if it becomes Active router
activate interface g0/1 again and check R1 take the role of active router or not
Configure HSRP on R3
R3(config)#
interface g0/0
standby version 2
standby 1 ip 192.168.1.254
standby 1 preempt
exit
exit
#show standby
#show standby brief
change the priority from default value to 160
and check if R3 became Active router
ping from PC-B or PC-A
ping 209.165.200.226
tracert 209.165.200.226
ACC1(confg)#
vlan 10
name IT
vlan 20
name HR
interface f0/1
switchport mode access
switchport access vlan 10
interface f0/2
switchport mode access
switchport access vlan 20
ACC2(confg)#
vlan 10
name IT
vlan 20
name HR
interface f0/1
switchport mode access
switchport access vlan 10
interface f0/2
switchport mode access
switchport access vlan 20
ACC3(confg)#
vlan 10
name IT
vlan 20
name HR
interface f0/1
switchport mode access
switchport access vlan 10
interface f0/2
switchport mode access
switchport access vlan 20
ACC4(confg)#
vlan 10
name IT
vlan 20
name HR
interface f0/1
switchport mode access
switchport access vlan 10
interface f0/2
switchport mode access
switchport access vlan 20
MLS1(config)#
vlan 10
name IT
vlan 20
name HR
interface range g1/0/1-4 , g1/0/23-24
switchport mode trunk
ip routing
spanning-tree vlan 1,10,20 root primary
interface range g1/0/23-24
channel-group 1 mode on
interface Vlan10
ip address 192.168.10.100 255.255.255.0
!
interface Vlan20
ip address 192.168.20.100 255.255.255.0
MLS2(config)#
vlan 10
name IT
vlan 20
name HR
interface range g1/0/1-4 , g1/0/23-24
switchport mode trunk
ip routing
spanning-tree vlan 1,10,20 root secondary
interface range g1/0/23-24
channel-group 1 mode on
interface Vlan10
ip address 192.168.10.101 255.255.255.0
!
interface Vlan20
ip address 192.168.20.101 255.255.255.0