Cisco CCNA 200-301 – HSRP – Hot Standby Router Protocol Part 2

4. HSRP Hot Standby Router Protocol

This lecture you’ll learn about HSRP Cisco’s hot spare router protocol. HSRP uses a virtual IP and Mac address to allow for automated gateway failover. So you see in the example here, we’ve got R One and R Two which are going to be redundant default gateways for our PCs. In the ten 1010 subnet, R One and R Two have both got interface gigabit ethernet one facing the PCs and HSRP is configured at the interface level. R One has got physical IP address 1010 two and R Two has got physical IP address 1010 Three. We configure a virtual IP address of ten 1010 One.

In the example, the two routers will negotiate for HSRP. One will become active and one will be the standby. The active router will be active for the virtual IP address of 1010 One and the associated virtual Mac address they send keep alive to each other both routers. If R Two stops receiving those hellos, it will realize that R One has gone down and it will then take over ownership of the 1010 One virtual IP address and the Mac address. So on the PCs we just configure them to use 1010 One as their default gateway.

They’re completely unaware about HSRP. It’s transparent to them as far as they’re concerned. They just have one gateway at 1010 One. They don’t know that there’s redundant gateways there, they don’t know if there’s a failover and refillover all happens automatically. Both routers have a normal physical IP address and Mac address on their HSRP interface. Unique addresses are used for the physical addresses on both routers. If you wanted to check that, you could do a show interface. On the interface, you’ll see the IP address and the Mac address is going to be different on both.

They both also have the HSRP virtual IP and Mac address configured on that interface. The same addresses are used on both routers here when they come online, one is elected the HSRP active router, the other is the standby. So HSRP does not do load balancing for PCs that are in the same IP subnet. The active router owns the virtual IP and Mac address and responds to ARP requests coming from the PCs. So all traffic for the virtual IP address goes through the active router.

The router send hello messages to each other over HSRP interface. So going back to our example, when we’re sending those hello messages to each other, it’s keeping lives. When R One sends it to R Two, it uses ten 1010 Two as the source address. Ten Three is the destination address and vice versa for the hello packets coming from R Two to R One. And if the standby router stops receiving those hellos from the active, it realizes that it’s gone down and it will transition to be the new active router.

And it will then take ownership of the virtual IP and Mac address and it will now respond to the ARP requests from the PCs. So looking at the configuration, it’s very simple on R one. For our example, we say Interface Gigabit ethernet zero one. The physical IP address 1010 2255-255-2550, no shutdown. So that’s the standard interface configuration for HSRP. We just want to enter one additional command which is standby one IP ten 10101 HSRP uses this standby command. We do a matching configuration over on R two. It’s also an interface.

Gigabit. Ethernet one. Here the IP address is 1010 three, no shutdown and standby one IP 1010 one. So a different physical IP address on both routers, the same standby address on both routers. So that is the configuration. To verify it, we do a show standby. I’ll come out of full screen mode so I can highlight some of these entries that you see under the show standby command. So Show Standby will show what the virtual IP address is. You can see that the state is currently active. You can also see what the virtual Mac address is here as well.

Remember, if you wanted to see the actual physical Mac address, you would do a show interface. The physical Mac and the virtual IP address are going to be different IP addresses. And here I can see I’m on R one. R One is currently the active router. The standby router is R Two at 1010 three. Okay, so that’s the theory and the configuration and verification. Let’s actually do the configuration in the lab. It’s the same example that I used in the slides there. So let’s jump on to R One first. And if I do a show IP interface brief, you’ll see that there’s no configuration on the Gigabit ethernet zero one port yet I’ve done the rest of the upstream configuration thought, so I’ll go to Global Config and on Interface Gig zero slash one. The physical IP address is 1010 two with a subnet mask of 255-255-2550 and no shuts. In my standard interface configuration for HSRP, I say standby one and it was IP 1010 one.

So that’s r one configured. I need to do a matching configuration on R two. So I’ll go to global config and interface gig one. IP address is 1010 three here. So the physical IP addresses have to be different. A slash 24 subnet mask, again, no shut. And then the same command for HSRP, which was standby instance one, IP one zero ten one. So that’s all my configuration done. It does take a little while for HSRP to come up, up to about a minute when you’ve got the default timers. So rather than waffling on for a minute, I will pause the video. Oh, I don’t need to pause the video. It just came up. Okay, that was convenient. So let’s go back to the enable prompt and do a show standby. And I can see that HSRP group one is active and the active router is local.

So it came up as active in R Two. That’s because the higher IP address will be preferred by default. The standby router is R one at 1010 two. If I go on to one of my PCs, so I have to go to Packet tracer for this, and I’ll go on to PC One and go with desktop and open up a command prompt, and I can ping 1010 one, and that is successful. And if I do an ARPA to see the Mac address, the Mac address being used for the default gateway ends in AC zero one. Let’s go back onto R two, and I can see that that is the HSRP Mac address. If I do a show interface gig zero slash one, you’ll see that the physical Mac address is different. Okay, so that was HSRP. How to do the configuration, how to verify it. See you in the next lecture, where we’ll cover some more advanced HSRP topics.

5. HSRP Advanced Topics

This lecture you’ll learn some HSRP advanced topics including priority and preemption, and a way that we can get load balancing with HSRP. So I’ll start off with priority and preemption. You can choose which router will be the active by setting priority on the routers. When you do the configuration, the router with the higher priority will be preferred. If you don’t set a priority, it will default to 100. In the event of a tie, the highest IP address wins. If preemption is also enabled when a higher priority router comes back online after a failure, it will transition back to active.

So say for example, we’ve got our HSRP routers, R One and R Two, and we give R One a higher priority and we also enable preemption on there. Well, if R One fails, R Two will take over and become active when R One comes back up again. If we’ve enabled preemption, then R One will transition back to active if we haven’t enabled preemption. So maybe we’ve just enabled Prodigy, but we haven’t enabled Preemption. In that case, then R Two will remain the active router. R One will not come back online as active again. And if you don’t enable preemption, that can be more stable because say that R One has got some kind of intermittent issue where it’s flapping up and down.

So it’s coming up, going down, coming up, going down. Well, if you’ve enabled priority and preemption, the Active is going to go to R One, then R Two, then R One, then R Two. There’s going to be a short outage each time that happens. So often it’s a better idea not to enable preemption for configuring this. So on R One, this is going to be our preferred router. We do our normal HSRP configuration first. So an interface? Gigabit. Ethernet one. We’ve got the standard interface configuration with the IP address 1010 Two and no shutdown. We then have our HSRP command standby One, IP 1010 One and then the additional commands for priority and preemption. Stand by one, priority 110 and stand by One. Preempt. On R Two we have the normal interface configuration where we’re giving an IP address 1010 Three and no shutdown. Standbyone IP 1010 one.

The same virtual IP address that we have on R One. And in R Two we’ve said Standby one, priority 90. The default priority is 100. So here R One will be preferred because the higher value is better. We have enabled preemption here if we hadn’t put in that command on R One, standby One preempt, then R One would be preferred when both routers come up at the same time. But if R one fails over to R two when R one comes back again, it would remain R two being active. Okay, so that’s priority and preemption. Another thing that we can configure is the version HSRP version two introduced a few minor improvements. So real world, you’ll often see people still running on version one and the default is version one. Both routers must be running the same version.

So if you do enable version two, make sure that you enable it on both routers. The configuration for the version is just one additional command standby version two. Now, for verifying these commands, it’s the normal command to verify HSRP show standby. I’ll come out of full screen mode again to highlight some of these for you. Okay, so we can see that group one is active, virtual IP is ten 1010 one. We can see the Mac address, the virtual Mac address there as well. So we covered all that in the last lecture. The new settings here I can see that preemption is enabled and the active router is local because on here the priority is 110 on the standby router, which is an R two. At 1010 three, the priority is 90. So whenever R One is up, it will be the active router. Okay, so I do have one other slide to show you here. So this is about how we can get active active HSRP.

Now for the same IP subnet, it’s always going to be active standby. But if you’ve got different IP subnets on the inside, going to have different viewances there as well. Then for your say, our two directors are R One and R two. You can have R One active for one IP subnet and R Two active for a different IP subnet. But if you had four IP subnets, you could have two on each. So the example here, let’s say that our engineering PCs are in the ten 1010 subnet and our sales PCs are in the 1010 24 subnet. So here I’m going to have my engineering PCs are going to be sending their traffic through R One. My sales PCs are going to be sending their traffic through R Two. This also shows you an example of where you would want to use priority and preemption. So on R One, I configure it on interface gig zero one with IP address 1010 two, no shutdown standby one, IP 1010 one and I give it product 110 and preempt on R Two.

For the 1010 subnet, it’s got physical address 1010 three, no shutdown standby one, IP ten one and standby one, product A 90. So R One is going to be the preferred default gateway at 1010 one for my engineering PCs. For my sales PCs, I flip it around. So on R two I give an IP address 10 10 23. On the physical interface, the virtual IP is 1010 21 and R Two gets a higher priority 110 in preemption. On R One. It’s got priority 90. So you can see here that R One will be active for my engineering PCs, r Two will be active for my sales PCs. So that’s a way that you can get load balancing through both gateways when you’re using HSRP. But it’s only going to work when you do it across different IP subnets for the same IP subnet. It’s going to be active. Standby. Okay, so that was everything for HSRP for the CCNA. See you in the next section.