Module 9: FHRP Concepts

Switching, Routing and Wireless

Essentials v7.0 (SRWE)
Module Objectives
Module Title: FHRP Concepts

Module Objective: Explain how FHRPs provide default gateway services in a redundant network.

Topic Title Topic Objective

Explain the purpose and operation of first hop
First Hop Redundancy Protocols
redundancy protocols.
HSRP Explain how HSRP operates.

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 2
9.1 First Hop Redundancy
Protocols

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 3
First Hop Redundancy Protocols
Default Gateway Limitations
End devices are typically configured with a single
default gateway IPv4 address.
• If the default gateway router interface fails, LAN
hosts lose outside LAN connectivity.
• This occurs even if a redundant router or Layer 3
switch that could serve as a default gateway
exists.

First hop redundancy protocols (FHRPs) are

mechanisms that provide alternate default gateways
in switched networks where two or more routers are
connected to the same VLANs.

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 4
First Hop Redundancy Protocols
Router Redundancy
One way to prevent a single point of failure at the default gateway is to implement a virtual router. To
implement this type of router redundancy, multiple routers are configured to work together to present
the illusion of a single router to the hosts on the LAN. By sharing an IP address and a MAC address,
two or more routers can act as a single virtual router.

• The IPv4 address of the virtual router is configured as the default gateway for the workstations on
a specific IPv4 segment.

• When frames are sent from host devices to the default gateway, the hosts use ARP to resolve the
MAC address that is associated with the IPv4 address of the default gateway. The ARP resolution
returns the MAC address of the virtual router. Frames that are sent to the MAC address of the
virtual router can then be physically processed by the currently active router within the virtual
router group.

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 5
First Hop Redundancy Protocols
Router Redundancy (Cont.)
• A protocol is used to identify two or more routers as the devices that are responsible
for processing frames that are sent to the MAC or IP address of a single virtual router.
Host devices send traffic to the address of the virtual router. The physical router that
forwards this traffic is transparent to the host devices.

• A redundancy protocol provides:

✓ the mechanism for determining which router should take the active role in forwarding
traffic.

✓ It also determines when the forwarding role must be taken over by a standby router.

✓ The transition from one forwarding router to another is transparent to the end devices.

• The ability of a network to dynamically recover from the failure of a device acting as a
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 6
default gateway is known as first-hop redundancy.
First Hop Redundancy Protocols
Steps for Router Failover
When the active router fails, the
redundancy protocol transitions the
standby router to the new active router
role, as shown in the figure. These are
the steps that take place when the active
router fails:
1. The standby router stops seeing
Hello messages from the forwarding
router.
2. The standby router assumes the
role of the forwarding router.
3. Because the new forwarding router
assumes both the IPv4 and MAC
addresses of the virtual router, the
host devices see no disruption in
service.
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 7
First Hop Redundancy Protocols
FHRP Options
FHRP Options Description

HRSP is a Cisco-proprietary FHRP that is designed to allow for transparent failover of a

Hot Standby first-hop IPv4 device. HSRP is used in a group of routers for selecting an active device and
Router Protocol a standby device. The active device is the device that is used for routing packets; the
(HSRP) standby device is the device that takes over when the active device fails, or when pre-set
conditions are met.
This is a Cisco-proprietary FHRP that provides the same functionality of HSRP, but in an
IPv6 environment. An HSRP IPv6 group has a virtual MAC address derived from the HSRP
group number and a virtual IPv6 link-local address derived from the HSRP virtual MAC
HSRP for IPv6
address. Periodic router advertisements (RAs) are sent for the HSRP virtual IPv6 link-local
address when the HSRP group is active. When the group becomes inactive, these RAs
stop after a final RA is sent.
This is a non-proprietary election protocol that dynamically assigns responsibility for one or
Virtual Router
more virtual routers to the VRRP routers on an IPv4 LAN. This allows several routers on a
Redundancy
multiaccess link to use the same virtual IPv4 address. In a VRRP configuration, one router
Protocol version
is elected as the virtual router master, with the other routers acting as backups, in case the
2 (VRRPv2)
virtual router master fails.
This provides the capability to support IPv4 and IPv6 addresses. VRRPv3 works in multi- 8
VRRPv3 © 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential

vendor environments and is more scalable than VRRPv2.

First Hop Redundancy Protocols
FHRP Options
FHRP Options Description

Gateway Load This is a Cisco-proprietary FHRP that protects data traffic from a failed router or circuit, like
Balancing HSRP and VRRP, while also allowing load balancing (also called load sharing) between a
Protocol (GLBP) group of redundant routers.
This is a Cisco-proprietary FHRP that provides the same functionality of GLBP, but in an
IPv6 environment. GLBP for IPv6 provides automatic router backup for IPv6 hosts
GLBP for IPv6 configured with a single default gateway on a LAN. Multiple first-hop routers on the LAN
combine to offer a single virtual first-hop IPv6 router while sharing the IPv6 packet
forwarding load.

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 9
9.2 HSRP

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 10
HSRP
HSRP Overview
• Cisco provides HSRP and HSRP for IPv6 as a way to avoid losing outside network access if your
default router fails. HSRP is a Cisco-proprietary FHRP that is designed to allow for transparent
failover of a first-hop IP device.

• HSRP ensures high network availability by providing first-hop routing redundancy for IP hosts on
networks configured with an IP default gateway address.

• HSRP is used in a group of routers for selecting an active device and a standby device. In a group
of device interfaces, the active device is the device that is used for routing packets; the standby
device is the device that takes over when the active device fails, or when pre-set conditions are
met. The function of the HSRP standby router is to monitor the operational status of the HSRP
group and to quickly assume packet-forwarding responsibility if the active router fails.

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 11
HSRP
HSRP Priority and Preemption
The role of the active and standby routers is determined
during the HSRP election process. By default, the router
with the numerically highest IPv4 address is elected as
the active router. However, it is always better to control
how your network will operate under normal conditions
rather than leaving it to chance.
• HSRP priority can be used to determine the active
router.
• The router with the highest HSRP priority will
become the active router.
• By default, the HSRP priority is 100.
• If the priorities are equal, the router with the
numerically highest IPv4 address is elected as the
active router.
• To configure a router to be the active router, use
the standby priority interface command. The range
of the HSRP priority is 0 to 255.
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 12
HSRP
HSRP Priority and Preemption (Cont.)
By default, after a router becomes the active router, it will
remain the active router even if another router comes online
with a higher HSRP priority.
• To force a new HSRP election process to take place
when a higher priority router comes online, preemption
must be enabled using the standby preempt interface
command. Preemption is the ability of an HSRP router
to trigger the re-election process. With preemption
enabled, a router that comes online with a higher
HSRP priority will assume the role of the active router.
• Preemption only allows a router to become the active
router if it has a higher priority. A router enabled for
preemption, with equal priority but a higher IPv4
address will not preempt an active router. Refer to the
topology in the figure.
Note: With preemption disabled, the router that boots up first will
become the active router if there are no other routers online during
the election process.
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 13
HSRP
HSRP Priority and Preemption (Cont.)

• The standby preempt command enables the Hot Standby Router Protocol (HSRP) router with the
highest priority to immediately become the active router.

• Priority is determined first by the configured priority value, and then by the IP address. In each
case, a higher value is of greater priority. When a higher priority router preempts a lower priority
router, the router sends a Coup message. When a lower priority active router receives a Coup
message or a Hello message from an active, higher priority router, the router changes to the Speak
state and sends a resign message.

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 14
HSRP
HSRP Priority and Preemption (Cont.)

• The standby track command allows you to specify another interface on the router for the HSRP
process to monitor in order to alter the HSRP priority for a given group.

• If the line protocol of the specified interface goes down, the HSRP priority is reduced. This means
that another HSRP router with higher priority can become the active router if that router has
the standby preempt enabled.

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 15
HSRP
HSRP Priority and Preemption (Cont.)
Configuration Examples
In the network diagram , HSRP is configured in
this manner:
• R1 is the active router and tracks the R1 Serial
0 interface state. When R1 is the active router
all the traffic from the hosts (Host 1, 2, 3) to
the servers is routed through R1.
• R2 is the standby router and tracks the R2
Serial 1 interface state.
• If the R1 Serial 0 interface goes down, the R1
HSRP priority is decreased by 10. At this point
the R2 HSRP priority is higher than R1, and
R2 takes over as the active router.
• When R2 becomes the active router all the
traffic from the hosts to the servers is routed
through R2.
The default gateway for Hosts 1, 2, and 3 is configured
with the HSRP virtual IP address (172.16.6.100, in this16
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential

case)
HSRP
HSRP Priority and Preemption (Cont.)

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 17
HSRP
HSRP Load Sharing

The following example shows Router A

configured as the active router for group
1 with a priority of 110 and Router B
configured as the active router for group
2 with a priority of 110. The default
priority level is 100. Group 1 uses a
virtual IP address of 10.0.0.3 and Group
2 uses a virtual IP address of 10.0.0.4.

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 18
HSRP
HSRP Load Sharing

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 19
HSRP
HSRP States and Times
HSRP State Description

Initial This state is entered through a configuration change or when an interface first becomes available.

The router has not determined the virtual IP address and has not yet seen a hello message from the
Learn
active router. In this state, the router waits to hear from the active router.
The router knows the virtual IP address, but the router is neither the active router nor the standby
Listen
router. It listens for hello messages from those routers.
The router sends periodic hello messages and actively participates in the election of the active and/or
Speak
standby router.

Standby The router is a candidate to become the next active router and sends periodic hello messages.

The active and standby HSRP routers send hello packets to the HSRP group multicast address
every 3 seconds by default. The standby router will become active if it does not receive a hello
message from the active router after 10 seconds. You can lower these timer settings to speed
up the failover or preemption. However, to avoid increased CPU usage and unnecessary
standby state changes, do not set the hello timer below 1 second or the hold timer below 4
seconds.
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 20