Hot Standby Router Protocol
Hot Standby Router Protocol (HSRP) is a Cisco proprietary protocol.
With HSRP, two or more devices support a virtual router with a fictitious MAC address and unique IP address. Hosts use
this IP address as their default gateway and the MAC address for the Layer 2 header. The virtual router’s MAC address is
0000.0c07.ACxx, in which xxis the HSRP group. Multiple groups (virtual routers) are allowed.
The Activerouter forwards traffic. The Standbyis backup. The standby monitors periodic hellos (multicast to 224.0.0.2,
UDP port 1985) to detect a failure of the active router. On failure, the standby device starts answering messages sent to
the IP and MAC addresses of the virtual router.
The active router is chosen because it has the highest HSRP priority (default priority is 100). In case of a tie, the router
with the highest configured IP address wins the election. A new router with a higher priority does not cause an election
unless it is configured to preempt—that is, take over from a lower priority router. Configuring a router to preempt also
ensures that the highest priority router regains its active status if it goes down but then comes back online again.
Interface tracking reduces the active router’s priority if a specified circuit is down. This enables the standby router to take
over even though the active router is still up.
HSRP States
HSRP devices move between these states:
To begin configuring HSRP, use the standby group-number ip virtual-IP-address command in interface configuration mode.
Router(config-if)# standby 39 ip 10.0.0.1
HSRP authentication helps prevent unauthorized routers from seeing user traffic:
Router(config-if)# stand 2 authentication md5 key-string cisco
Tune HSRP with four options: Priority, Preempt, Timers, and Interface Tracking.
Manually select the active router by configuring its priority higher than the default of 100:
Router(config-if)# standby 39 priority 150
Along with configuring priority, configure preempt to enable a router to take over if the active router has lower priority, as shown in the following commands. This helps lead to a predictable data path through the network.
Time how long it takes to boot and add 50 percent to get the delay value in seconds:
Router(config-if)# standby 39 preempt
Router(config-if)# standby 39 preempt delay minimum 90
Speed convergence by changing the hello and hold times. The following sets the hello interval to 1 second and the hold time to 3 seconds.
Router(config-if)# standby 39 timers 1 3
The following sample configuration shows how to add tracking an IP SLA session number 5 to an existing HSRP interface configuration.
Router(config)#ip sla 5
Router(config-ip-sla)# udp-jitter 172.17.1.2 16000
Router(config)#track 10 rtr 5
Router(config-if)# int fa 1/0/15
Router(config-if)# stand 2 track 10 decrement 50
Hot Standby Router Protocol (HSRP) is a Cisco proprietary protocol.
With HSRP, two or more devices support a virtual router with a fictitious MAC address and unique IP address. Hosts use
this IP address as their default gateway and the MAC address for the Layer 2 header. The virtual router’s MAC address is
0000.0c07.ACxx, in which xxis the HSRP group. Multiple groups (virtual routers) are allowed.
The Activerouter forwards traffic. The Standbyis backup. The standby monitors periodic hellos (multicast to 224.0.0.2,
UDP port 1985) to detect a failure of the active router. On failure, the standby device starts answering messages sent to
the IP and MAC addresses of the virtual router.
The active router is chosen because it has the highest HSRP priority (default priority is 100). In case of a tie, the router
with the highest configured IP address wins the election. A new router with a higher priority does not cause an election
unless it is configured to preempt—that is, take over from a lower priority router. Configuring a router to preempt also
ensures that the highest priority router regains its active status if it goes down but then comes back online again.
Interface tracking reduces the active router’s priority if a specified circuit is down. This enables the standby router to take
over even though the active router is still up.
HSRP States
HSRP devices move between these states:
- Initial:HSRP is not running.
- Learn:The router does not know the virtual IP address and is waiting to hear from the active router.
- Listen:The router knows the IP and MAC of the virtual router, but it is not the active or standby router.
- Speak:Router sends periodic HSRP hellos and participates in the election of the active router.
- Standby:Router monitors hellos from active router and assumes responsibility if active router fails.
- Active:Router forwards packets on behalf of the virtual router.
Configuring HSRP
To begin configuring HSRP, use the standby group-number ip virtual-IP-address command in interface configuration mode.
Routers in the same HSRP group must belong to the same subnet/virtual LAN (VLAN.) Give this command under the interface connecting to that subnet or VLAN.
For instance, use the following to configure the router as a member of HSRP group 39 with virtual router IP address 10.0.0.1:
Router(config-if)# standby 39 ip 10.0.0.1
HSRP authentication helps prevent unauthorized routers from seeing user traffic:
Router(config-if)# stand 2 authentication md5 key-string cisco
Tune HSRP with four options: Priority, Preempt, Timers, and Interface Tracking.
Manually select the active router by configuring its priority higher than the default of 100:
Router(config-if)# standby 39 priority 150
Along with configuring priority, configure preempt to enable a router to take over if the active router has lower priority, as shown in the following commands. This helps lead to a predictable data path through the network.
The second command shown delays preemption until the router or switch has fully booted and the routing protocol has converged.
Time how long it takes to boot and add 50 percent to get the delay value in seconds:
Router(config-if)# standby 39 preempt
Router(config-if)# standby 39 preempt delay minimum 90
Speed convergence by changing the hello and hold times. The following sets the hello interval to 1 second and the hold time to 3 seconds.
They can be set between 1–255 seconds (the default hello is 3 seconds and hold time is 10 seconds):
Router(config-if)# standby 39 timers 1 3
Tracking:
Tracking an interface can trigger an election if the active router is still up but a critical interface (such as the one to the Internet) is down. In the following, if serial 1/0/0 is down, the router’s HSRP priority is decremented by 100 (the default value to decrement is 10):
Router(config-if)# standby 39 track s1/0/0 100
Another way to track an indirect connection is to use IP SLA (described in Chapter 5). With IP SLA tracking, HSRP can failover to the standby router if any connection on the path to a remote location fails or exceeds link-quality thresholds.
The following sample configuration shows how to add tracking an IP SLA session number 5 to an existing HSRP interface configuration.
Router(config)#ip sla 5
Router(config-ip-sla)# udp-jitter 172.17.1.2 16000
Router(config)#track 10 rtr 5
Router(config-if)# int fa 1/0/15
Router(config-if)# stand 2 track 10 decrement 50
Multiple HSRP standby groups can be configured, and the same router can be active for some groups and standby for others by adjusting priorities. You can have a maximum of 255 groups. When using Layer 3 switches, configure the same switch as the primary HSRP router and the Spanning Tree root.
No comments:
Post a Comment