THE SCHOOL OF CISCO NETWORKING (SCN): FIRST HOP REDUNDANCY PROTOCOLS (FHRP) - HSRP, VRRP AND GLBP:
Contact No:   ### / ###/ ###
Welcome To The IT Knowledge Base Sharing Freeway "Study With The Zero Fees / Zero Money" Web - If We Believe, That If We Have Knowledge, Let Others Light Their Candles With It. - Our Motivation Has Brought Us Together To Offer Our Helping Hands To The Needy Ones Please. "Student Expectations And Satisfaction Is Always Our Highest Priority")

'Love All, Serve All, Help Ever Hurt Never'

Please Welcome To The "Zero Fees And Zero Money SCN Community Study Page"

We Like To Share Our Stuff With Everyone And Hope You Will Find Something Useful Here. Enjoy Our Collection And Come Back Again And Again, We'll Do Our Best To Make It Always Interesting For You. All Our Stuff Always Available May Be 100% Totally Freely. Use Only For Non-Commercial Purposes Only!

THE SCHOOL OF CISCO NETWORKING (SCN) Is A IT Support Community – Based, Non - Profit Volunteer Organizations, Offering Our Assistance And Support To Developmental Our Services Dedicated To All.

Because Large Section Of Our Students In This World, Especially In Villages, Who Are Under Privileged Expecting For Equal Opportunity In Terms Of Money And Education. We Feel The Sufferings Of Talented Students Losing Their Opportunity To Shine Because Of Their Poor Financial Status. So We Thought That Professional Education Will Be Providing Them Freely.

Our Web Site Is To Give An Easy Way To Understand Each And Every Student Who Are Going To Start CISCO Lab Practice Without Any Doubts And Our ARTICLES STUFF Are Always 100% Totally Free For Everyone, Which Is Belongings To THE SCHOOL OF CISCO NETWORKING (SCN).

Also This Guide Provides Technical Guidance Intended To Help All Network Students, Network Administrators And Security Officers Improve Of Their Demonstrated Ability To Achieve Specific objectives Within Set Timeframes.

Hands - On Experience Is An Invaluable Part Of Preparing For The Lab Exam And Never Pass Up An Opportunity To Configure Or Troubleshoot A Router ( If You Have Access To Lab Facilities, Take Full Advantage Of Them) There Is No Replacement For The Experience You Can Gain From Working In A Lab, Where You Can Configure Whatever You Want To Configure And Introduce Whatever Problems You Want To Introduce, Without Risk Of Disrupting A Production Network.

For Better View Of Our Web Page - Please Use Any Latest Web Browser, Such As (Mozilla Firefox, Google Chrome, Opera, Safari, Internet Explorer, Torch, Maxthon, Sea Monkey, Avant Browser, Deepnet Explorer, And Etc ), Because Some Elements Or Scripts Are Not Work In The Old Web Browser (It Might Not Be Displayed Properly Or Are Not Appearing properly!). Thank You For Your Time And Best Of Luck!

Your Sincerely – Premakumar Thevathasan.
"Our Motivation Has Brought Us Together To Offer Our Helping Hands To The Needy Once Please,Thank You."

FIRST HOP REDUNDANCY PROTOCOLS (FHRP) - HSRP, VRRP AND GLBP:

HSRP, VRRP AND GLBP PROTOCOLS COMPARISON:

Dear Web User:

For Better View Of This Web Page, Please Use Any Latest Web Browser, Because Some Elements Are Not Work In The Old Web Browser (Might Not Be Displayed Properly Or Are Not Appearing properly!).

Plz Note:

Some Topics That You Might Want To Pursue On Your Own That We Did Not Cover In This Article Are Listed Here. This Page Discusses “HSRP, VRRP AND GLBP PROTOCOLS COMPARISON”, And Also We Request To The Students, Please Go Through All The Articles That Are We Posted In This Web Site And Also Identify All The CISCO IOS Commands In The Lab Practice Before Going To Access This Page. And Also We Hope All These Configurations Can Help You To Prepare For The CCNP TSHOOT (642-832) Exam. Thank You!

SWITCHING NOTES FOR MORE REFERENCES:

1. ◙ - ➤  DESCRIPTION OF EACH PROTOCOLS:

2. ◙ - ➤  BASIC COLLECTION OF NETWORKING CONCEPTS:

3. ◙ - ➤  BASIC NETWORKING QUESTIONS AND ANSWER:

4. ◙ - ➤  ADDRESS RESOLUTION PROTOCOL (ARP):

5. ◙ - ➤  LAN SWITCHING:

6. ◙ - ➤  ETHERNET TECHNICAL OVERVIEW:

7. ◙ - ➤  VLAN TRUNKING PROTOCOL (VTP):

8. ◙ - ➤  VLAN TRUNKS WITH IEEE 802.1Q:

9. ◙ - ➤  VLAN TRUNKS WITH INTERSWITCH LINK (ISL):

10. ◙ - ➤  NATIVE VLAN CONFIGURATION:

11. ◙ - ➤  PRIVATE VLANS CONFIGURATION:

12. ◙ - ➤  CISCO - ISL Vs 802.1Q:

13. ◙ - ➤  VLANS NOTES

14. ◙ - ➤  VLAN QUICK REFERENCE:

15. ◙ - ➤  VLAN CREATION STEP BY STEP EXAMPLES:

16. ◙ - ➤  TSHOOT (642-832):

17. ◙ - ➤  LAYER 2, LAYER 3AND LAYER 4 SWITCH COMPARISON:

18. ◙ - ➤  PAgP (Port Aggregation Protocol) VS LACP (Link Aggregation Control Protocol):

19. ◙ - ➤  HSRP, VRRP AND GLBP PROTOCOLS COMPARISON:


LAYER 3 SWITCHING IN OSI MODEL


WHAT IS LAYER 3 IN OSI MODEL:

In The Seven-Layer OSI Model Of Computer Networking, The Network Layer Is Layer 3. The Network Layer Is Responsible For Packet Forwarding Including Routing Through Intermediate Routers, Whereas The Data Link Layer Is Responsible For Media Access Control, Flow Control And Error Checking.

◙ - ➤  For More About - > FUNCTION OF OSI LAYERS:

◙ - ➤  For More About - > ARP Vs ICMP:

WHAT IS LAYER 3 SWITCHING:

A Layer 3 Switch, Makes Forwarding Decisions Based On Layer 3 IP Addresses. Layer 3 Switches Are Enhanced Layer 2 Switches And, Hence, Have The Same High Port Densities That Layer 2 Switches Have. Routers On The Other Hand Typically Have A Much Lower Port Density. Layer 3 Switches Allow You To Mix And Match Layer 2 And Layer 3 Switching, Meaning You Can Configure A Layer 3 Switch To Operate As A Normal Layer 2 Switch, Or Enable Layer 3 Switching As Required.

It Is Support Inter-VLAN Routing. Inter-VLAN Routing As A Process Of Forwarding Network Traffic From One VLAN To Another VLAN Using A Router Or Layer 3 Device. As We Know That Each VLAN Is A Unique Broadcast Domain, So, Computers On Separate VLANs Are, By Default, Not Able To Communicate. There Is A Way To Permit These Computers To Communicate; It Is Called Inter-VLAN Routing. One Of The Ways Of The Ways To Carry Out Inter-VLAN Routing Is By Connecting A Router To The Switch Infrastructure.

It Is A Process Of Forwarding Network Traffic From One VLAN To Another Using A Router The Subnets Of Your Network Facilitate The Routing Process. On A Router We Configure The IP Address On The Physical Interface, However On A Switch The Physical Interfaces Are Running At Layer 2.

◙ - ➤  For More About - > LAYER 2, LAYER 3AND LAYER 4 SWITCH COMPARISON:


REDUNDANCY IN COMPUTER NETWORKING


FIRST UNDERSTAND WHAT IS REDUNDANCY IN COMPUTER NETWORKING?

In Computing, The Term Is Used More Specifically And Refers To Duplicate Devices That Are Used For Backup Purposes. The Goal Of Redundancy Is To Prevent Or Recover From The Failure Of A Specific Component Or System. From Local Area Networks To Internet Backbone Connections, It Is Common To Have Redundant Data Paths. This Means If One System Goes Down, The Connection Between Other Systems Will Not Be Broken.

NETWORK REDUNDANCY Is A Process Through Which Additional Or Alternate Instances Of Network Devices, Equipment And Communication Mediums Are Installed Within Network Infrastructure. It Is A Method For Ensuring Network Availability In Case Of A Network Device Or Path Failure And Unavailability. As Such, It Provides A Means Of Network Failover. It Serves As A Backup Mechanism For Quickly Swapping Network Operations Onto Redundant Infrastructure In The Event Of Unplanned Network Outages.

◙ - ➤  For More About - > BASIC COLLECTION OF NETWORKING CONCEPTS:

◙ - ➤  For More About - > BASIC NETWORKING QUESTIONS AND ANSWER:

NOTE: THE USE OF A VIRTUAL IP ADDRESS, Two LAYER 3 Devices Can Share The Default Gateway Responsibility And That Provide LAYER 3 Redundancy.


UNDERSTANDING FIRST HOP REDUNDANCY PROTOCOLS (FHRP)


UNDERSTANDING FIRST HOP REDUNDANCY PROTOCOL (FHRP):

FIRST HOP REDUNDANCY PROTOCOL (FHRP) Are A Group Of Protocols That Allow A Router On A LAN Segment To Automatically Take Over If Another One Fails. The Purpose Of A FIRST HOP REDUNDANCY PROTOCOL (FHRP) Is To Provide IP Routing Redundancy By Allowing Transparent Fail-Over At The First-Hop IP Router. The Ability Of A Network To Dynamically Recover From The Failure Of A Device Acting As A Default Gateway Is Known As FIRST-HOP REDUNDANCY (FHRP).

The Devices On This Shared Network Segment Are Usually Configured With A Single Default Gateway Address That Points To The Router That Connects To The Rest Of The Network. Layer 1 And Layer 2 Redundancies, A High-Availability Network. It Also Implement LAYER 3 REDUNDANCY By Sharing The Default Gateway Responsibility Across Multiple Devices.

FHRP CONFIGURATION EXAMPLES

FIRST HOP REDUNDANCY PROTOCOLS (FHRP), Such As HSRP, VRRP, And GLBP Provide Alternate Default Gateways For Hosts In The Switched Environment.


THREE MAIN FIRST HOP REDUNDANCY PROTOCOLS (FHRP) ARE - HSRP, VRRP, AND GLBP


◙ - ➤  HOT STANDBY ROUTER PROTOCOL (HSRP):

Is A Cisco-Proprietary Redundancy Protocol For Establishing A Fault-Tolerant Default Gateway. It Is Described In RFC 2281. HSRP Provides A Transparent Failover Mechanism To The End Stations On The Network. This Provides Users At The Access Layer With Uninterrupted Service To The Network If The Primary Gateway Becomes Inaccessible.

HSRP Provides The Mechanism For Determining Which Router Should Take The Active Role In Forwarding Traffic. HSRP Also Has A Mechanism To Determine When That Active Role Must Be Taken Over By A Standby Router. The Transition From One Forwarding Router To Another Is Transparent To The End Devices. The Router Forwarding Packets Is Known As The Active Router. A Standby Router Is Selected To Replace The Active Router Should It Fail. When Active Router Or Links Between Routers Fail, The Standby Router Stops Seeing Hello Messages From Active Router. Standby Router Then Assumes Role Of Forwarding Router (Active Router).

The Protocol Provides A Mechanism For Determining Active And Standby Routers, Using The IP Addresses On The Participating Routers. If An Active Router Fails A Standby Router Can Take Over Without A Major Interruption In The Host's Connectivity. Participating Routers Talk To Each Other And Agree On A Virtual Router With A Virtual IP Address Which End Systems Use As A Default Gateway.

◙ - ➤  GATEWAY LOAD BALANCING PROTOCOL (GLBP):

No RFC (Cisco Proprietary) - Used With Cisco Routers - This Is An Enhancement Over HSRP, In That It Offers Load Sharing By Default. GLBP Protects Data Traffic From A Failed Router Or Circuit, Like Hot Standby Router Protocol (HSRP) And Virtual Router Redundancy Protocol (VRRP), While Allowing Packet Load Sharing Between A Group Of Redundant Routers. GLBP Supports Up To 1024 Virtual Routers (GLBP Groups) On Each Physical Interface Of A Router, And Up To 4 Virtual Forwarders Per Group. You Can Configure GLBP In Such A Way That Traffic From LAN Clients Can Be Shared By Multiple Routers, Thereby Sharing The Traffic Load More Equitably Among Available Routers.

◙ - ➤  THE VIRTUAL ROUTER REDUNDANCY PROTOCOL (VRRP):

VIRTUAL ROUTER REDUNDANCY PROTOCOL (VRRP), Which Is Defined In RFC 2338. VRRP Is Currently Supported By Many Vendors, But Has Not Yet Become An Official IETF Standard. However, Because Cisco Had Already Developed HSRP When VRRP Was Announced, Most Cisco Devices Do Not Implement VRRP. We Say Most Because Cisco Does Have Some VLAN Switches That Support VRRP. This Leads Us To Suspect That Cisco May Eventually Provide VRRP On Other Products. However, Because They Continue To Add Useful Features To HSRP, It Seems Unlikely That VRRP Will Ever Completely Replace HSRP On Cisco Equipment.

You Can Configure The VRRP For IPv6. VRRP Enables Hosts On A LAN To Make Use Of Redundant Routing Platforms On That LAN Without Requiring More Than The Static Configuration Of A Single Default Route On The Hosts. The VRRP Routing Platforms Share The IP Address Corresponding To The Default Route Configured On The Hosts.

At Any Time, One Of The VRRP Routing Platforms Is The Master (Active) And The Others Are Backups. If The Master Fails, One Of The Backup Routers Or Switches Becomes The New Master Router, Providing A Virtual Default Routing Platform And Enabling Traffic On The LAN To Be Routed Without Relying On A Single Routing Platform. Using VRRP, A Backup Router Can Take Over A Failed Default Router Within A Few Seconds. This Is Done With Minimum VRRP Traffic And Without Any Interaction With The Hosts.

Routers Or Running VRRP Dynamically Elect Master And Backup Routers. You Can Also Force Assignment Of Master And Backup Routers Using Priorities From 1 Through 255, With 255 Being The Highest Priority. In VRRP Operation, The Default Master Router Sends Advertisements To Backup Routers At Regular Intervals. The Default Interval Is 1 Second. If A Backup Router Does Not Receive An Advertisement For A Set Period, The Backup Router With The Next Highest Priority Takes Over As Master And Begins Forwarding Packets.

NOTE: To Minimize Network Traffic, VRRP Is Designed In Such A Way That Only The Router That Is Acting As The Master Sends Out VRRP Advertisements At Any Given Point In Time. The Backup Routers Do Not Send Any Advertisement Until And Unless They Take Over Mastership.

Both HSRP And VRRP Enable Two Or More Devices To Work Together In A Group, Sharing A Single IP Address, The Virtual IP Address. The Virtual IP Address Is Configured In Each End User's Workstation As A Default Gateway Address And Is Cached In The Host's Address Resolution Protocol (ARP) Cache.

FOR CCNP TSHOOT (642-832) EXAMS REFERENCES:

◙ - ➤  LIST OF SHOW COMMANDS REFERENCES:

◙ - ➤  TSHOOT DEMO PAGE:

◙ - ➤  TSHOOT TIPS:

◙ - ➤  TSHOOT STRATEGY:

◙ - ➤  LAYER 2, LAYER 3AND LAYER 4 SWITCH COMPARISON:

◙ - ➤  TSHOOT (642-832):


HSRP / GLBP/ VRRP INTERFACE STATES


◙ - ➤  HSRP/GLBP INTERFACE STATES:

  SPEAK: - > Gateway Election In Progress.
  ACTIVE: - > Active Router/VG.
  STANDBY: - > Backup Router/VG.
  LISTEN: - > Not The Active Router/VG.

◙ - ➤  VRRP INTERFACE STATES:

  MASTER: - > Acting As The Virtual Router.
  BACKUP: - > All Non-Master Routers.


HSRP,GLBP,VRRP - ROUTERS ARE HAVING SPECIFIC ROLES


IN AN HSRP GROUP ALL THE ROUTERS HAVE SPECIFIC ROLES AND INTERACT IN SPECIFIC WAYS:

  VIRTUAL ROUTER.
  ACTIVE ROUTER.
  STANDBY ROUTER.
  OTHER ROUTERS.

ROUTER A STARTS, As It Is The FIRST ROUTER FOR STANDBY GROUP 1 In The Subnet, It Transits Through The LISTEN And SPEAK States And Then Becomes The ACTIVE ROUTER. ROUTER B STARTS After ROUTER A. While ROUTER B Is In Listen State, ROUTER A Is Already Assuming The Standby And Then The ACTIVE ROLE. As There Is Already An Existing Active Router, ROUTER B Assumes The STANDBY ROLE.

◙ - ➤  VIRTUAL ROUTER:

An IP And MAC Address Pair That End Devices Have Configured As Their Default Gateway. The Active Router Processes All Packets And Frames Sent To The Virtual Router Address. The Virtual Router Processes No Physical Frames. There Is One Virtual Router In An HSRP Group.

◙ - ➤  ACTIVE ROUTER:

The Router Is Currently Forwarding Packets That Are Sent To The Group's Virtual MAC Address. The Router Sends Periodic Hello Messages. Excluding Transient Conditions, There MUST Be At Most One Router In Active State In The Group.

◙ - ➤  OTHER ROUTERS:

There Can Be More Than Two Routers In A HSRP Group But Only One Active And One Standby Router Is Possible. The Other Routers Remain In The Initial State And If Both The Active And Standby Routers Fail, All Routers In The Group Contend For The Active And Standby Router Roles.

◙ - ➤  STANDBY GROUP:

The Set Of Routers Participating In HSRP That Jointly Emulate A Virtual Router.


DIFFERENCE BETWEEN HSRP, VRRP AND GLBP PROTOCOLS



In An HSRP Or VRRP Group, One Router Is Elected To Handle All Requests Sent To The Virtual IP Address. With HSRP, This Is The Active Router. An HSRP Group Has One Active Router, At Least One Standby Router, And Perhaps Many Listening Routers. A VRRP Group Has One Master Router And One Or More Backup Routers. In HSRP And VRRP, Only The Primary Router Is Used To Forward Traffic, Others Routers Must Wait For The Primary One Down Before They Are Used. Also, The Bandwidth Of The Standby (And Other) Routers Are Not Used.


With GLBP, Up To Four Gateways Can Be Used Simultaneously.
There Is Still One Virtual IP Address In A Group, But GLBP Can Automatically Select Which Router In The Group To Forward Traffic By Sending The Virtual MAC Address Of A Selected Router To That Host. GLBP Is Similar In That It Provides Load Balancing Over Multiple Routers (Gateways) - But It Can Do This Using Only ONE Virtual IP Address! Underneath That One Virtual IP Address Is Multiple Virtual MAC Addresses, And This Is How The Load Is Balanced Between The Routers. Instead Of The Hassle Of Configuring All The Hosts With A Static Default Gateway, You Can Let Them Use ARP's To Find Their Own. Multiple Gateways In A "GLBP Redundancy Group" Respond To Client Address Resolution Protocol (ARP) Requests In A Shared And Ordered Fashion, Each With Their Own Unique Virtual MAC Addresses. As Such, Workstation Traffic Is Divided Across All Possible Gateways. Each Host Is Configured With The Same Virtual IP Address, And All Routers In The Virtual Router Group Participate In Forwarding Packets.

In GLBP, There Are 3 States In A Group: Active, Standby, Or Listen. Members Of A GLBP Group Elect One Gateway To Be The Active Virtual Gateway (AVG) For That Group. It Also Elects One Member As Standby Virtual Gateway (SVG). If There Are More Than Two Members, Then The Members That Remain Are In The Listen State.

NOTE: That The MAC Address Of The AVF Is Not The Physical MAC Address Of Router 1 Or Router 2. It Is A Virtual MAC Address Used In GLBP And Is Used By Hosts To Send Traffic To These Routers.

GLBP Provides Load Balancing Over Multiple Routers (Gateways) Using A Single Virtual IP Address And Multiple Virtual MAC Addresses. Members Of The GLBP Group Select One Of Them To Become The Active Virtual Gateway For The Group. With HSRP In A Single Router (Gateway), One Interface Is Used As The Active Interface And The Other Interface Is In Standby. The Active Interface Is Used For All The Traffic And The Standby Interface Just Waits For The Active Interface To Fail Without Any Traffic.

DIFFERENCE BETWEEN HSRP, VRRP AND GLBP PROTOCOLS:

PROTOCOL FEATURES HSRP VRRP GLBP
SCOPE Cisco Proprietary IEEE Standard Cisco Proprietary
STANDARD RFC2281 RFC3768 None
OSI LAYER Layer-3 Layer-3 Layer-2
LOAD BALANCING No No Yes
MULTICAST GROUP IP ADDRESS 224.0.0.2 in version 1224.0.0.102 In Version 2 224.0.0.18 224.0.0.102
TRANSPORT PORT NUMBER UDP 1985 UDP 112 UDP 3222
TIMERS Hello – 3 Sec Advertisement – 1 sec Hello – 3sec
Hold – 10 sec Master down time = 3*Advertisement Time + Skew TimeSkew Time = (256-            Priority)/256 Hold – 10sec
ELECTION Active Router:1.Highest Priority2. Highest IP Address (Tiebreaker) Master Router: (*)
1-Highest Priority
2-Highest IP (Tiebreaker)
Active Virtual Gateway:
1-Highest Priority
2-Highest IP (Tiebreaker)
ROUTER ROLE -One Active Router, one Standby Router-One Or More Listening Routers - One Active Router- One or More Backup Routers - One AVG (Active Virtual Gateway)- Up To 4 AVF Routers On The Group (Active Virtual Forwarder) Passing Traffic.- Up To 1024 Virtual Routers (Glbp Groups) Per Physical Interface.
PREEMPT If Active Router(Highest Priority) Is Down And Up Again, Preempt Should Be Configured To Become A Active Router Again  By Default Preempt is ON in VRRP, If Active Router Is Down And Up Again, It Will Automatically Become A Master Router If Active Router(Highest Priority) Is Down And Up Again, Preempt Should Be Configured To Become A Active Router Again.
GROUP VIRTUAL MAC ADDRESS 0000.0c07.acxx 0000.5e00.01xx 0007.b4xx.xxxx
IPv6 SUPPORT Yes To VRRPv2 RFC 3768 (IPv4) And VRRPv3 RFC 5798 (IPv6) - To Make VRRP Work In IPv6 Networks, Several Additional Options Must Be Enabled - V3 Support Is Required And Protocol Type Should Be Set To IPv6. Yes



HOT STANDBY ROUTING PROTOCOL (HSRP) – RFC2281


◙ - ►  HOT-STANDBY ROUTING PROTOCOL (HSRP) - RFC 2281: It Is A Well-Known Feature Of Cisco IOS. HSRP Provides Redundancy For IP Networks, Ensuring That User Traffic Immediately And Transparently Recovers From First Hop Router Failures. HSRP Allows Multiple Routers On A Single LAN To Share A Virtual IP And MAC Address Which Is Configured As The Default Gateway On The Hosts. From The Group Of Routers Configured In An HSRP Group, There Is One Router Elected As The Active Router And Another As A Standby Router. The Active Router Assumes The Role Of Forwarding Packets Sent To The Virtual IP Address. If The Active Router Fails, The Standby Router Takes Over As The New Active Router.

Using HSRP Terminology, Both Building Routers Together Are Referred To As A Standby Group And Appear To The Subnet As A Single Default Gateway. Through An Election Process, One Router Is Designated As Active And The Other Router Is Designated As Standby. Both The Active And Standby Router Listen To Routing Updates From The Core Router, But Only The Active Router Processes IP Packets As The Default Gateway For The Subnet. The Active And Standby Routers Are Constantly Sending "Hello" Packets. If The Active Router Fails, As Soon As A Predetermined Number Of "Hello" Packets From The Standby Router To The Active Router Go Unanswered, The Standby Router Becomes The Active Router And Starts Processing IP Packets For The Subnet. (To Minimize Network Traffic, Only The Active And The Standby Routers Send Periodic HSRP Messages Once The Protocol Has Completed The Election Process. If The Active Router Fails, The Standby Router Takes Over As The Active Router. If The Standby Router Fails Or Becomes The Active Router, Another Router Is Elected As The Standby Router).

Both Routers Are Configured With Standard IP Addresses On Their Interface Into The Subnet. Each Router Also Has A Special Virtual IP Address Which Is The Same On Both Routers, Configured Via Standby Commands Under The Specific Interfaces.

MHSRP" (Multi Group HSRP): HSRP Does Not Inherently Support Load Sharing (There Is Nothing In The RFC That Talks Of Load Sharing). However, Cisco Has Since Come Up With "MHSRP" (MULTI GROUP HSRP) So That It Can Be Used For Load Sharing. The Switch Supports MULTIPLE HSRP (MHSRP), An Extension Of HSRP That Allows Load Sharing Between Two Or More HSRP Groups. You Can Configure MHSRP To Achieve Load Balancing And To Use Two Or More Standby Groups (And Paths) From A Host Network To A Server Network. For MHSRP, You Need To Enter The “STANDBY PREEMPT” Interface Configuration Command On The HSRP Interfaces So That If A Router Fails And Then Comes Back UP, PREEMPTION Restores LOAD SHARING.

On A Particular LAN, MULTIPLE HOT STANDBY GROUPS May Coexist And Overlap. Each Standby Group Emulates A Single Virtual Router. For Each Standby Group, A Single Well-Known MAC Address Is Allocated To The Group, As Well As An IP Address. The IP Address SHOULD Belong To The Primary Subnet In Use On The LAN, But MUST Differ From The Addresses Allocated As Interface Addresses On All Routers And Hosts On The LAN, Including Virtual IP Addresses Assigned To Other HSRP Groups.

If Multiple Groups Are Used On A Single LAN, Load Splitting Can Be Achieved By Distributing Hosts Among Different Standby Groups. The Remainder Of This Specification Discusses The Operation Of A Single Standby Group. In The Case Of Multiple Groups, Each Group Operates Independently Of Other Groups On The LAN And According To This Specification. Note That Individual Routers May Participate In Multiple Groups. In This Case, The Router Maintains Separate State And Timers For Each Group.

HSRP OPERATION:

◙ - ➤  HSRP Active And Standby Routers Send Hello Messages To Multicast Address 224.0.0.2 UDP Port 1985. The Standby Protocol Runs On Top Of UDP, And Uses Port Number 1985. Packets Are Sent To Multicast Address 224.0.0.2 With TTL 1.

◙ - ➤  Hello Messages Used To Communicated Between Routers Within HSRP Group.

Within A Standby Group, The Routers Periodically Advertise State Information Using Various Messages.

◙ - ➤  All Routers In HSRP Group Need To Be L2-Adjacent.

◙ - ➤  MESSAGE TYPES ARE;

HELLO - > Indicts Router Is Running HSRP And Can Become Active Or Standby.
COUP - > Sent When Router Wants To Become The Active Router.
RESIGN - > Sent When The Router No Longer Wants To Be The Active Router. (Shutting Down)

  HELLO TIME: The Interval Between Successive HSRP Hello Messages From A Given Router.
  HOLD TIME: The Interval Between The Receipt Of A Hello Message And The Presumption That The Sending Router Has Failed.


HSRP INTERFACE STATES - (INITIAL, LISTEN, SPEAK, STANDBY, OR ACTIVE)


THE LIST OF HSRP INTERFACE STATES:

Internally, Each Router In The Standby Group Implements A State Machine. The State Field Describes The Current State Of The Router Sending The Message. Details On The Individual States Are Described Below.

POSSIBLE VALUES ARE:

  0 – Initial
  1 - Learn
  2 - Listen
  4 - Speak
  8 - Standby
  16 – Active

ALL ROUTERS BEGIN IN THE INITIAL STATE. FOR SPECIFIC DETAILS ON THE ACTIONS TAKEN IN EACH STATE.

◙ - ►  1. INITIAL STATE: The Beginning State. This Is The Starting State And Indicates That HSRP Does Not Run. This State Is Entered Via A Configuration Change Or When An Interface First Comes Up. All Routers Begin In The INITIAL STATE, Which Is The Starting State And Indicates That HSRP Is Not Running. This State Is Entered Via A Configuration Change, Such As When HSRP Is Enabled On An Interface, Or When An HSRP-Enabled Interface Is First Brought Up, Such As When The No Shutdown Command Is Issued.

◙ - ►  2. LEARN STATE: The Router Has Not Determined The Virtual IP Address, And Not Yet Seen An Authenticated Hello Message From The Active Router. In This State The Router Is Still Waiting To Hear From The Active Router.

◙ - ►  3. LISTEN STATE: The Router Knows The Virtual IP Address, But Is Neither The Active Router Nor The Standby Router. It Listens For Hello Messages From Those Routers. The Purpose Of The LISTEN STATE Is To Determine If There Are Already ACTIVE Or STANDBY Routers For The Group.

◙ - ►  4. SPEAK: The Router Sends Periodic Hello Messages And Is Actively Participating In The Election Of The Active And / Or Standby Router. A Router Cannot Enter Speak State Unless It Has The Virtual IP Address. HSRP Uses The Hello And Hold Time To Determine When It Moves To Different States. When Two Routers Participate In An Election Process, A PRIORITY Can Be Configured To Determine Which Router Should Be Active. Without Specific Priority Configuration, Each Router Has A DEFAULT PRIORITY OF 100, And The Router With The Highest IP Address Is Elected As The ACTIVE ROUTER.

◙ - ►  5. STANDBY: The Router Is A Candidate To Become The Next Active Router And Sends Periodic Hello Messages. Excluding Transient Conditions, There MUST Be At Most One Router In The Group In Standby State. Listens For Periodic Hello Messages. When The Active Router Fails, The Other HSRP Routers Stop Seeing Hello Messages From The Active Router. The Standby Router Then Assumes The Role Of The Active Router. There Is One Standby Router In An HSRP Group (The Primary Backup Router).

◙ - ►  6. ACTIVE: Within An HSRP Group, One Router Is Elected To Be The Active Router. The Active Router Currently Forwards Packets That Are Sent To The Group Virtual MAC Address. The Router Sends Periodic Hello Messages. With The Exclusion Of Transient Conditions, There Must Be, At The Most, One Router In The Active State In The Group. The Active Router Responds To Traffic For The Virtual Router. If An End Station Sends A Packet To The Virtual Router MAC Address, The Active Router Receives And Processes That Packet. If An End Station Sends An ARP Request With The Virtual Router IP Address, The Active Router Replies With The Virtual Router MAC Address.


HSRP DEFAULT CONFIGURATION STATUS


THE LIST OF HSRP INTERFACE STATES:

HSRP INTERFACE STATES.

HSRP DEFAULT CONFIGURATION:

  HSRP VERSION - > Version 1
  HSRP GROUPS - > None Configured
  STANDBY GROUP NUMBER - > 0
  STANDBY MAC ADDRESS - > System assigned as: 0000.0c07.acXX, where XX is the HSRP Group Number
  STANDBY PRIORITY - > 100
  STANDBY DELAY - > 0 (NO DELAY)
  STANDBY TRACK INTERFACE PRIORITY - > 10
  STANDBY HELLO TIME - > 3 Seconds
  STANDBY HOLDTIME - > 10 Seconds

HSRP CONFIGURATION OVERVIEW:

◙ - ➤  1) Decide A VIRTUAL ADDRESS To Use For The HSRP Address. This Address Must Be In The Same Subnet That Is Assigned To The LAN Interface Where You Want To Run HSRP.This Address Is Also Referred To As The Standby IP Address. Each Router In This Group Must Define With The Same Virtual IP Address Using The Standby [Group-Number] IP [Virtual Ip-Address] Command.

The Standby Group Number= The Default Is 0. The Group Number Range Is From 0 To 255 For HSRP Version 1 And From 0 To 4095 For HSRP Version 2. If You Are Configuring HSRP On VLAN Trunks, Each VLAN Or Ethernet Sub Interface Must Be In A Different Standby Group.

◙ - ➤  2) Decide Which Router Is To Be The Primary Router. This Can Be Accomplished With The Standby [Group-Number] Priority [Priority] Commands.

Priority=This Range Is From 1 To 255, Where 1 Denotes The Lowest Priority And 255 Denotes The Highest Priority. The Default Priority Value Is 100. The Router In The HSRP Group With The Highest Priority Value Becomes The Active Router.

◙ - ➤  3) Optionally You Can Also Enable Preemption On The Router Using Below Command Standby [Group-Number] Preempt Delay{ Minimum = Delay At Least This Long

Reload = Delay After Reload
Sync = Wait For IP Redundancy Clients}

HSRP-Enabled Router With Preempt Configured Attempts To Assume Control As The Primary Router When Its Priority Is Higher Than The Current Active Router. The Standby Preempt Command Is Needed In Situations When You Want An Occurring State Change Of A Tracked Interface To Cause A Standby Router To Take Over From The Active Router.

For Example, An Active Router Tracks Another Interface And Decrements Its Priority When That Interface Goes Down. The Standby Router Priority Is Now Higher And It Sees The State Change In The Hello Packet Priority Field. If Preempt Is Not Configured, It Cannot Take Over And Failover Does Not Occur.

◙ - ➤  4) CONFIGURE TRACKING, AUTHENTICATION, AND TIMERS ON THE PRIMARY ROUTER USING THE FOLLOWING COMMANDS:

A) TRACKING: Optionally You Can Also Enable Tracking On The Router Using Below Command:

Standby Group_Number Track Interface_Name [Cost]

When HSRP Tracks An Interface And The State Of A Tracked Interface Changes To Down, The Primary Router Decrements Its Priority. The Standby Router Reads This Value From The Hello Packet Priority Field, And Becomes Primary If This Value Is Lower Than Its Own Priority And The Standby Preempt Command Is Configured. You Can Configure By How Much The Router Must Decrement The Priority. By Default, It Decrements Its Priority By 10

B) HSRP AUTHENTICATION: The Below Command Establishes Authentication Messages To Be Included In The HSRP Multicast. This Ensures That Only Authorized Routers Can Become Part Of The HSRP Group. The String Must Match All Routers In The HSRP Group.

Standby [Group-Number] Authentication { WORD=Plain Text Authentication String

MD5=Use MD5 Authentication
Text=Plain Text Authentication}

C) HSRP TIMERS: You Can Configure The Time Between Hello Packets And The Time Before Other Routers Declare The Active Hot Standby Or Standby Router To Be Down Using Following Command:

Standby [Group-Number] Timers [Msec] Hellotime [Msec] Holdtime

The Default Hello Interval Is 3 Seconds And Hold Time Is 10 Seconds. If The Msec Option Is Specified, Hello Interval Is In Milliseconds.


HSRP STEP BY STEP CONFIGURATION GUIDELINE


ALL THESE STEPS ARE CREATE OR ENABLE HSRP ON A LAYER 3 INTERFACE (Beginning In Privileged EXEC Mode):

  Step 1: Configure Terminal - > Enter Global Configuration Mode.
  Step 2: Interface Interface-ID - > Enter Interface Configuration Mode, And Enter The Layer 3 Interface On Which You Want To Enable HSRP.
  Step 3: No Shutdown - > Enable The Port, If Necessary. By Default, User Network Interfaces (UNIS) And Enhanced Network Interfaces (ENIS) Are Disabled, And Network Node Interfaces (NNIS) Are Enabled.
  Step 4: No Switchport - > If Necessary, Disable Layer 2 Switching On The Port To Enable The Layer 3 Interface.
  Step 5: Standby Version {1 | 2} - > (Optional) Configure The HSRP Version On The Interface.

• 1— > Select HSRPv1.
• 2— > Select HSRPv2.

If You Do Not Enter This Command Or Do Not Specify A Keyword, The Interface Runs The Default HSRP Version, HSRP V1.

  Step 6: Standby [Group-Number] IP [Ip-Address [Secondary]] - > Create (Or Enable) The HSRP Group Using Its Number And Virtual IPAddress.

• (OPTIONAL) GROUP-NUMBER— > The Group Number On The Interface For Which HSRP Is Being Enabled. The Range Is 0 To 255; The Default Is 0. If There Is Only One HSRP Group, You Do Not Need To Enter A Group Number.

• (OPTIONAL ON ALL BUT ONE INTERFACE) IP-ADDRESS — > The Virtual IP Address Of The Hot Standby Router Interface. You Must Enter The Virtual IP Address For At Least One Of The Interfaces; It Can Be Learned On The Other Interfaces.

• (OPTIONAL) SECONDARY — > The IP Address Is A Secondary Hot Standby Router Interface. If Neither Router Is Designated As A Secondary Or Standby Router And No Priorities Are Set, The Primary IP Addresses Are Compared And The Higher IP Address Is The Active Router, With The Next Highest As The Standby Router.

  Step 7: End - > Return To Privileged EXEC Mode.
  Step 8: Show Standby - > [Interface-Id [Group]] Verify The Configuration.
  Step 9: Copy Running-Config Startup-Config - > (Optional) Save Your Entries In The Configuration File.

Use The No Standby [Group-Number] IP [Ip-Address] Interface Configuration Command To Disable HSRP.

HSRP VERSION 2 CONFIGURATION EXAMPLE (Summary Steps):

1. Enable - > Device> Enable
2. Configure Terminal - > Device# Configure Terminal
3. Interface Type Number - > Device(Config)# Interface VLAN 400
4. IP Address IP-Address Mask - > Device(Config-If)# IP Address 10.10.28.1 255.255.255.0
5. Standby Version {1 | 2} - > Device(Config-If)# Standby Version 2
6. Standby [Group-Number] IP [Ip-Address [Secondary]] - > Device(Config-if)# Standby 400 IP 10.10.28.5
7. End - > Device(Config-If)# End
8. Show Standby - > Device# Show Standby

HSRP DIAGNOSTIC COMMANDS:

Switch# Show Standby
Switch # Show Standby [Brief]
Switch# Show Track
Switch#Show Standby VLAN 1
Router2#show standby FastEthernet 1/0

HSRP DEBUGGING COMMAND:

Router2#Debug Standby Errors - > To Debug All HSRP Error Events, Use The Following Command.
Router2#Debug Standby Events - > The Events Keyword Will Display Information About HSRP Events.
Router2#Debug Standby Packets - > With The Packets Keyword, You Can Look At The Contents Of All HSRP Packets.
Router2#Debug Standby Terse - > You Can Use The Terse Keyword To See A Short Form Of All HSRP Errors, Events, And Packets.
Router2#Debug Standby Events Track - > Displays All HSRP Tracking Events.
Router2#Debug Standby Events Terse - > Displays All HSRP Events Except For Hellos And Advertisements.


BASIC HSRP CONFIGURATION STEPS BY STEPS EXAMPLES


◙ - ➤  HSRP CONFIGURATION STEPS BY STEPS EXAMPLES:

When We Enable HSRP, We Only Need Two Commands To Do It, And 2 Additional Commands To Customize It. What's More, It's Configured At The Interface That You Want To Participate In The Standby Group. First Off, On The Router That You Want To Be The Active Router, Go To The Interface You Want HSRP To Run On, Think Up A Group Number, All Routers Participating In This Scheme Must Use The Same Group Number, So You Must Select An IP Address You Want The HSRP Group To Share.

◙ - ➤  FIRST WE WILL CONFIGURE THE “ACTIVE ROUTER” ON ROUTER1:

Enabling HSRP On A Cisco Router Interface Automatically Disables ICMP Redirects On That Interface. After The Standby IP Command Is Issued, The Interface Changes To The Appropriate State. When The Command Is Successfully Executed, The Router Issues An HSRP Message.

Switch(Config-If)# Standby Group-Number IP Ip-Address

Router1(Config-If)#Standby 1 IP Address 10.1.1.254
Router1(Config-If)#Standby 1 Priority 100

This Defines A Standby Group Number Of 1, An IP Address Of 10.1.1.254 That The Routers Are Going To Share, Now Let's Configure The “Standby Router” On Router2:

◙ - ➤  2nd CONFIGURE THE “STANDBY ROUTER” ON ROUTER2:

To Set The HSRP Priority Value Of A Router, Enter This Command In Interface Configuration Mode:

Standby Group-Number Priority Priority-Value

Router2(Config-If)#Standby 1 IP Address 10.1.1.254
Router2 (Config-If)#Standby 1 Priority 90

The Only Thing Different On The Standby Router Is The Priority. The Router With The Highest Priority Becomes The Active Router. The Priority Value Can Be From 0 To 255. The Default Value Is 100. During The Election Process, The Router With The Highest Priority In An HSRP Group Becomes The Active Router. If A Tie Occurs, The Router With The Highest Configured IP Address Becomes Active.

Note: The Only Thing Different On The Standby Router Is The Priority. The Router With The Highest Priority Becomes The Active Router.

◙ - ➤  PREEMPTION:

An HSRP-Enabled Router With Preempt Configured Attempts To Assume Control As The Active Router When Its Hot Standby Priority Is Higher Than The Current Active Router. The Standby Preempt Command Is Needed In Situations When You Want An Occurring State Change Of A Tracked Interface To Cause A Standby Router To Take Over From The Active Router.

Use The “Preempt” Option To Make Sure The Active Router Can Re-Establish Itself - In This Configuration, If The Active Router, With The Priority Of 100 Goes Down And Comes Back Up, Even Though It Has The Higher Priority, It Will NOT Become The Active Router Again? You Can Easily Change That By Adding The Keyword Preempt To The Priority Command:

TO ENABLE A ROUTER TO RESUME THE FORWARDING ROUTER ROLE, ENTER THIS COMMAND IN INTERFACE CONFIGURATION MODE:

Router1(Config-If)#Standby 1 Priority 100
Router1(Config-If)#Standby 1 Priority 100 Preempt

Preemption Capability; If A Router Has Higher Priority Than The Active Router And Preemption Is Configured, It MAY Take Over As The Active Router Using A Coup Message.

◙ - ➤  TRACKING THE HSRP ROUTERS INTERFACE:

If The Routers Are Connected To A WAN Link, And The Routers Are Running Fine, But The WAN Link Goes Down,( The Standby Track Configuration Command Reduces The Priority Of An Active HSRP Router Into A Standby Mode When One Of Its Interfaces Becomes Unavailable. If The Priority Drops Far Enough, Another Router Will Take Over).

YOU CAN TRACK THAT (FOR THIS EXAMPLE WE WILL TRACK VIA THE SERIAL PORT 0/0),

Router1(Config-If)#Standby 1 Track S0 Priority 11

The Reason For Adding “PRIORITY 11”, Is To Decrease The Router’s Priority If It’s WAN Interface Goes Down. In This Case, 11 Is The Number To Subtract From The Router's Own Original Priority Number, Which Will Give It An Adjusted Priority Number If The Interface To It's Tracking Goes Down. So In This Case, If The Serial 0 Interface Of Router1 Goes Down, Its Priority Goes From 100 To 89 Which Will Cause The Standby Router, Whose Priority Is Set To 90 - To Become The Active Router.

◙ - ➤  FOLLOWS EXAMPLE SHOWS HOW TO CONFIGURE HSRP USING TWO ROUTERS:

CONFIGURATION STEPS ON ROUTER 1:

Router> Enable - > Moves To Privileged Mode
Router# Configure Terminal - > Moves To Global Configuration Mode.
Router(Config)# Hostname Router1 - > Sets Router Name To Router1

Router1(Config)# Interface Fastethernet 0/0 - > Moves To Interface Config Mode
Router1(Config-If)# IP Address 172.16.16.5 255.255.255.0 - > Assigns IP Address And Netmask
Router1(Config-If)# Standby 1 IP 172.16.16.254 - > Activates HSRP Group 1 On The Interface And Creates A Virtual IP Address Of 172.16.6.254
Router1(Config-If)# Standby 1 Priority 105 - > Assigns A Priority Value Of 105 To Standby Group 1
Router1(Config-If)# Standby 1 Preempt - > This Router Will Preempt, Or Take Control Of, The Active Router If The Local Priority Is Higher Than The Active Router.

Router1(Config-If)# Standby 1 Track Serial 0/0 - > HSRP Will Track The Availability Of Interface Serial 0/0. If Serial 0/0 Goes Down, The Router Priority Will Be Decremented By The Default 10.
Router1(Config-If)# No Shutdown - > Enables The Interface

Router1(Config-If)# Interface Serial 0/0 - > Moves To Interface Config Mode.
Router1(Config-If)# IP Address 198.133.219.1 255.255.255.252 - > Assigns IP Address And Netmask
Router1(Config-If)# No Shutdown - > Enables The Interface
Router1(Config-If)# Exit - > Returns To Global Config Mode
Router1(Config)# Exit - > Returns To Privileged Mode
Router1# Copy Running-Config Startup-Config - > Saves The Configuration To NVRAM

CONFIGURATION STEPS ON ROUTER 2:

Router> Enable - > Moves To Privileged Mode
Router# Configure Terminal - > Moves To Global Config Mode
Router(Config)# Hostname Router2 - > Sets Router Name To Router2

Router2(Config)# Interface Fastethernet 0/0 - > Moves To Interface Config Mode
Router2(Config-If)# IP Address 172.16.16.6 255.255.255.0 - > Assigns IP Address And Netmask
Router2(Config-If)# Standby 1 IP 171.16.16.254 - > Activates HSRP Group 1 On The Interface And Creates A Virtual IP Address Of 172.16.6.254
Router2(Config-If)# Standby 1 Priority 100 - > Assigns A Priority Value Of 100 To Standby Group 1
Router2(Config-If)# Standby 1 Preempt - > This Router Will Preempt, Or Take Control Of, The Active Router If The Local Priority Is Higher Than The Active Router

Router2(Config-If)# Standby 1 Track Serial 0/1 - > HSRP Will Track The Availability Of Interface Serial 0/1. If S0/1 Goes Down, The Router Priority Will Be Decremented By The Default 10.
Router2(Config-If)# No Shutdown - > Enables The Interface

Router2(Config-If)# Interface Serial 0/1 - > Moves To Interface Config Mode
Router2(Config-If)# IP Address 198.133.219.5 255.255.255.252 -> Assigns IP Address And Netmask
Router2(Config-If)# No Shutdown - > Enables The Interface
Router2(Config-If)# Exit - > Returns To Global Config Mode
Router2(Config)# Exit - > Returns To Privileged Mode
Router2# Copy Running-Config Startup-Config - > Saves The Configuration To NVRAM

HSRP BASIC CONFIGURATION EXAMPLES.



CONCLUSION:

The Goal Of This Article Is To Give An Easy Way To Understand The “HSRP, VRRP AND GLBP PROTOCOLS COMPARISON " And Also We Hope This Guide Will Help Every Beginner Who Are Going To Start Cisco Lab Practice Without Any Doubts. Some Topics That You Might Want To Pursue On Your Own That We Did Not Cover In This Article Are Listed Here!

Hands - On Experience Is An Invaluable Part Of Preparing For The Lab Exam And Never Pass Up An Opportunity To Configure Or Troubleshoot A Router ( If You Have Access To Lab Facilities, Take Full Advantage Of Them) There Is No Replacement For The Experience You Can Gain From Working In A Lab, Where You Can Configure Whatever You Want To Configure And Introduce Whatever Problems You Want To Introduce, Without Risk Of Disrupting A Production Network. Thank You And Best Of Luck

This Article Written Author By: Mr. Premakumar Thevathasan - CCNA And CCNP (Routing & Switching), MCSE, MCSA, MCSA - MSG, CIW Security Analyst, CompTIA Certified A+ And Etc.

WARNING AND DISCLAIMER:

Routers Direct And Control Much Of The Data Flowing Across Computer Networks. This Guide Provides Technical Guidance Intended To Help All Network Students, Network Administrators And Security Officers Improve Of Their Demonstrated Ability To Achieve Specific objectives Within Set Timeframes.

This Document Carries No Explicit Or Implied Warranty. Nor Is There Any Guarantee That The Information Contained In This Document Is Accurate. Every Effort Has Been Made To Make All Articles As Complete And As Accurate As Possible, But No Warranty Or Fitness Is Implied.

It Is Offered In The Hopes Of Helping Others, But You Use It At Your Own Risk. The Author Will Not Be Liable For Any Special, Incidental, Consequential Or Indirect Any Damages Due To Loss Of Data Or Any Other Reason That Occur As A Result Of Using This Document. But No Warranty Or Fitness Is Implied. The Information Provided Is On An "As Is" Basic. All Use Is Completely At Your Own Risk.

Home Page Of - > The School Of Cisco Networking (SCN)

Page Of - > SCN InF4 TECH

Contact Details / About Us Page

To Send Email


Window Minimize / Window Maximize

No comments: