Hot Standby Router Protocol HSRP Tutorial
In this tutorial we will learn what is HSRP and the need of HSRP in a network.
Most of the company in the world has a connection to the Internet. The picture below shows a most simple topology of such a company:
To make above topology work we need to:
+ Configure IP addresses on two interfaces of the Router. Suppose the IP address of Fa0/0 interface (the interface connecting to the switch) is 192.168.1.1.
+ Assign the IP addresses, default gateways and DNS servers on all PCs. In this case we have to set the default gateways to Fa0/0 interface (with the IP address 192.168.1.1) of the router. This can be done manually or automatically via DHCP.
After some time, your boss wants to implement some redundant methods so that even the Router fails, all PCs can still access the Internet without any manual configuration at that time. So we need one more router to connect to the Internet as the topology below:
But now we have a problem: There is only one default gateway on each host, so if Router1 is down and we want to access the Internet via Router2, we have to change the default gateway (to 192.168.1.2). Also, when Router1 comes back we have to manually change back to the IP address on Router1. And no one can access to the Internet in the time of changing the default gateway. HSRP can solve all these problems!
HSRP Operation
With HSRP, two routers Router1 and Router2 in this case will be seen as only one router. HSRP uses a virtual MAC and IP address for the two routers to represent with hosts as a single default gateway. For example, the virtual IP address is 192.168.1.254 and the virtual MAC is 0000.0c07.AC0A. All the hosts will point their default gateway to this IP address.
One router, through the election process, is designated as active router while the other router is designated as standby router. Both active and standby router listen but only the active router proceeds and forwards packets. Standby router is backup when active router fails by monitoring periodic hellos sent by the active router (multicast to 224.0.0.2, UDP port 1985) to detect a failure of the active router.
When a failure on the active router detected, the standby router assumes the role of the forwarding router. Because the new forwarding router uses the same (virtual) IP and MAC addresses, the hosts see no disruption in communication. A new standby router is also elected at that time (in the case of there are more than two routers in a HSRP group).
Note: All routers in a HSRP group send hello packets. By default, the hello timer is set to 3 seconds.
Note: The virtual MAC address of HSRP version 1 is 0000.0C07.ACxx, where xx is the HSRP group number in hexadecimal based on the respective interface. For example, HSRP group 10 uses the HSRP virtual MAC address of 0000.0C07.AC0A. HSRP version 2 uses a virtual MAC address of 0000.0C9F.FXXX (XXX: HSRP group in hexadecimal). But please notice that the virtual MAC address can be configured manually.
HSRP version 1 hello packets are sent to multicast address 224.0.0.2 while HSRP version 2 hello packets are sent to multicast address 224.0.0.102. Currently HSRPv1 is the default version when running HSRP on Cisco devices.
By default, a hello packet is sent between the HSRP standby group devices every 3 seconds, and the standby device becomes active when a hello packet has not been received for 10 seconds (called hold time).
HSRP States
HSRP consists of 5 states:
| State | Description |
| Initial | This is the beginning state. It indicates HSRP is not running. It happens when the configuration changes or the interface is first turned on |
| Listen | The router knows both IP and MAC address of the virtual router but it is not the active or standby router. For example, if there are 3 routers in HSRP group, the router which is not in active or standby state will remain in listen state. |
| Speak | The router sends periodic HSRP hellos and participates in the election of the active or standby router. |
| Standby | In this state, the router monitors hellos from the active router and it will take the active state when the current active router fails (no packets heard from active router) |
| Active | The router forwards packets that are sent to the HSRP group. The router also sends periodic hello messages |
Please notice that not all routers in a HSRP group go through all states above. In a HSRP group, only one router reaches active state and one router reaches standby state. Other routers will stop at listen state.
Now let’s take an example of a router passing through these states. Suppose there are 2 routers A and B in the network; router A is turned on first. It enters the initial state. Then it moves to listen state in which it tries to hear if there are already active or standby routers for this group. After learning no one take the active or standby state, it determines to take part in the election by moving to speak state. Now it starts sending hello messages containing its priority. These messages are sent to the multicast address 224.0.0.2 (which can be heard by all members in that group). When it does not hear a hello message with a higher priority it assumes the role of active router and moves to active state. In this state, it continues sending out periodic hello messages.
Now router B is turned on. It also goes through initial and listen state. In listen state, it learns that router A has been already the active router and no other router is taking standby role so it enters speak state to compete for the standby router -> it promotes itself as standby router.
Suppose router A is in active state while router B is in standby state. If router B does not hear hello messages from router A within the holdtime (10 seconds by default), router B goes into speak state to announce its priority to all HSRP members and compete for the active state. But if at some time it receives a message from the active router that has a lower priority than its priority (because the administrator change the priority in either router), it can take over the active role by sending out a hello packet with parameters indicating it wants to take over the active router. This is called a coup hello message.
Quick summarization:
+ HSRP is Cisco proprietary which allows several routers or multilayer switches to appear as a single gateway IP address.
+ HSRP has 5 states: Initial, listen, speak, standby and active.
+ HSRP allows multiple routers to share a virtual IP and MAC address so that the end-user hosts do not realize when a failure occurs.
+ The active (or Master) router uses the virtual IP and MAC addresses.
+ Standby routers listen for Hellos from the Active router. A hello packet is sent every 3 seconds by default. The hold time (dead interval) is 10 seconds.
+ Virtual MAC of 0000.0C07.ACxx , where xx is the hexadecimal number of HSRP group.
+ The group numbers of HSRP version 1 range from 0 to 255. HSRP does support group number of 0 (we do check it and in fact, it is the default group number if you don’t enter group number in the configuration) so HSRP version 1 supports up to 256 group numbers. HSRP version 2 supports 4096 group numbers.
(Reference and good resource: http://www.cisco.com/en/US/tech/tk648/tk362/technologies_tech_note09186a0080094a91.shtml)
We wrote a GNS3 lab of HSRP and you can read it here: http://www.networktut.com/hsrp-ip-route-tracking.
Thank you so much! Well explained. :)
thz u so much
Thanks 9tut! Very well explained!
A very well thought out explanation and to the point.
The best I’ve seen on the whole internet for people new to HSRP.
Well done!
Thank you ,,,for this information.
Thank very mutch 9tut and all participants for all explanation.
HSRP has 5 states: Initial, listen, speak, standby and active, “learn” no going in the summary
Thank’s 9tut.simple understanding of all questions.thank you very much 9tut
not cleared in 5th pictures
Thanks. Worth the premium membership I paid for right here.
What happens if you just directly connect the routers via a spare port ? Will that work?
Thanks , very useful :)
Thanks
I am looking for new dumps and i dont know from where i can get. Pass4sure and testking are very expensive. Anyone used http://www.ccnapass4sure.com ? Is it site of pass4sure company and providing real question answers. I will appreciate your help in finding cheap PDF download or free one.
Thank u So much 9tut.its very usefull….
thx u very much realy very well ans
Thanks a lot 9tut. Very good tutorial.
In the Note below I suggest a little change.
Note: The virtual MAC address of HSRP version 1 is 0000.0C07.ACxx, where xx is the HSRP group number in hexadecimal based on the respective interface. For example, HSRP group 10 uses the HSRP virtual MAC address of 0000.0C07.AC0A. HSRP uses a MAC address range of 0000.0C9F.F000 to 0000.0C9F.FFFF. But please notice that the virtual MAC address can be configured manually.
I suggest to say : HSRP version 2 uses a MAC address range of 0000.0C9F.F000 to 0000.0C9F.FFFF. instead of HSRP uses a MAC address range of 0000.0C9F.F000 to 0000.0C9F.FFFF.
Also could say the ranges of HSRP group in version 1 (0-255) and in version2(0-4096)
hello i really need new dump cos i will take exam next weekend. so pls sent me mail: kroemsok@yahoo.com, or by https://www.facebook.com/tha.non.10. thank q
@9tut
“The virtual MAC address of HSRP version 1 is 0000.0C07.ACxx, where xx is the HSRP group number in hexadecimal based on the respective interface. For example, HSRP group 10 uses the HSRP virtual MAC address of 0000.0C07.AC0A. HSRP uses a MAC address range of 0000.0C9F.F000 to 0000.0C9F.FFFF.”
I have looked up in the suggested resource by Cisco and it also says 0000.0C07.ACxx there. Is this some misunderstanding or is this range in the second sentence used for something else?
@9tut , just red the comment left by Roberto. Please confirm if this is the situation.
@Roberto, @Martina: Yes, we forgot to mention that the MAC range of range of 0000.0C9F.F000 to 0000.0C9F.FFFF belongs to HSRPv2. Thanks for your detection, we updated it!
thank u 9tut ,I got it well about hsrp
hi guyz am taking my exams this sunday can somebody help me with the latest dumps pliz..
superb explanation. Short and exact ..thank u so much…
Good job
so good!!!
Thank you very much
Very good explained! Clear, quick and easy.
Thank you.
Muito boa explicação!
That will be nice if you add the commands which work with HSRP. and please mention is load balancing is possible with HSRP.
@9tut, awesome work :-).
In your summary you have a state of learn
+ HSRP has 5 states: Initial, learn, listen, speak, standby and active
but there is no learn state in HSRP
thanks a lot ..
@Helper: Thanks for your detection. We have just fixed it!
hi.. thank you 9tut, this is really helpful.
could you suggest a site for free dumps ?
@9tut it still hasnt updated the learn state yet.
@Faizan: We removed learning state. Where do you see it in this tutorial?
Thank you for best explanation
Thank you so much for this perfect summarization HSRP protocol :)
Great, thank you. Really added that extra level to CBT Nugget videos that i was lost with.
Better than Academy….
Thanks a lot much appreciated
thanks a lot for kind and neat explanation!
9tut, the best!! thanks!
pass ccna today finallllllllllllllllllllllllllllllllly
835
thanks 9tut
Wow,, Great,, Well explained..start to read every single characters in this whole website.
thanks alot
Thanks for the Topic, it would be great if you can discuss more about router priority.
Goooood
Really good to know the concept…thanks very much…
plz explain the differents between version1 and 2