Hot Standby Router Protocol HSRP Tutorial
In this tutorial we will learn what is HSRP and the need of HSRP in a network.
Most of the company in the world has a connection to the Internet. The picture below shows a most simple topology of such a company:
To make above topology work we need to:
+ Configure IP addresses on two interfaces of the Router. Suppose the IP address of Fa0/0 interface (the interface connecting to the switch) is 192.168.1.1.
+ Assign the IP addresses, default gateways and DNS servers on all PCs. In this case we have to set the default gateways to Fa0/0 interface (with the IP address 192.168.1.1) of the router. This can be done manually or automatically via DHCP.
After some time, your boss wants to implement some redundant methods so that even the Router fails, all PCs can still access the Internet without any manual configuration at that time. So we need one more router to connect to the Internet as the topology below:
But now we have a problem: There is only one default gateway on each host, so if Router1 is down and we want to access the Internet via Router2, we have to change the default gateway (to 192.168.1.2). Also, when Router1 comes back we have to manually change back to the IP address on Router1. And no one can access to the Internet in the time of changing the default gateway. HSRP can solve all these problems!
HSRP Operation
With HSRP, two routers Router1 and Router2 in this case will be seen as only one router. HSRP uses a virtual MAC and IP address for the two routers to represent with hosts as a single default gateway. For example, the virtual IP address is 192.168.1.254 and the virtual MAC is 0000.0c07.AC0A. All the hosts will point their default gateway to this IP address.
One router, through the election process, is designated as active router while the other router is designated as standby router. Both active and standby router listen but only the active router proceeds and forwards packets. Standby router is backup when active router fails by monitoring periodic hellos sent by the active router (multicast to 224.0.0.2, UDP port 1985) to detect a failure of the active router.
When a failure on the active router detected, the standby router assumes the role of the forwarding router. Because the new forwarding router uses the same (virtual) IP and MAC addresses, the hosts see no disruption in communication. A new standby router is also elected at that time (in the case of there are more than two routers in a HSRP group).
Note: All routers in a HSRP group send hello packets. By default, the hello timer is set to 3 seconds.
Note: The virtual MAC address of HSRP version 1 is 0000.0C07.ACxx, where xx is the HSRP group number in hexadecimal based on the respective interface. For example, HSRP group 10 uses the HSRP virtual MAC address of 0000.0C07.AC0A. HSRP version 2 uses a virtual MAC address of 0000.0C9F.FXXX (XXX: HSRP group in hexadecimal). But please notice that the virtual MAC address can be configured manually.
HSRP version 1 hello packets are sent to multicast address 224.0.0.2 while HSRP version 2 hello packets are sent to multicast address 224.0.0.102. Currently HSRPv1 is the default version when running HSRP on Cisco devices.
By default, a hello packet is sent between the HSRP standby group devices every 3 seconds, and the standby device becomes active when a hello packet has not been received for 10 seconds (called hold time).
HSRP States
HSRP consists of 5 states:
| State | Description |
| Initial | This is the beginning state. It indicates HSRP is not running. It happens when the configuration changes or the interface is first turned on |
| Listen | The router knows both IP and MAC address of the virtual router but it is not the active or standby router. For example, if there are 3 routers in HSRP group, the router which is not in active or standby state will remain in listen state. |
| Speak | The router sends periodic HSRP hellos and participates in the election of the active or standby router. |
| Standby | In this state, the router monitors hellos from the active router and it will take the active state when the current active router fails (no packets heard from active router) |
| Active | The router forwards packets that are sent to the HSRP group. The router also sends periodic hello messages |
Please notice that not all routers in a HSRP group go through all states above. In a HSRP group, only one router reaches active state and one router reaches standby state. Other routers will stop at listen state.
Now let’s take an example of a router passing through these states. Suppose there are 2 routers A and B in the network; router A is turned on first. It enters the initial state. Then it moves to listen state in which it tries to hear if there are already active or standby routers for this group. After learning no one take the active or standby state, it determines to take part in the election by moving to speak state. Now it starts sending hello messages containing its priority. These messages are sent to the multicast address 224.0.0.2 (which can be heard by all members in that group). When it does not hear a hello message with a higher priority it assumes the role of active router and moves to active state. In this state, it continues sending out periodic hello messages.
Now router B is turned on. It also goes through initial and listen state. In listen state, it learns that router A has been already the active router and no other router is taking standby role so it enters speak state to compete for the standby router -> it promotes itself as standby router.
Suppose router A is in active state while router B is in standby state. If router B does not hear hello messages from router A within the holdtime (10 seconds by default), router B goes into speak state to announce its priority to all HSRP members and compete for the active state. But if at some time it receives a message from the active router that has a lower priority than its priority (because the administrator change the priority in either router), it can take over the active role by sending out a hello packet with parameters indicating it wants to take over the active router. This is called a coup hello message.
Quick summarization:
+ HSRP is Cisco proprietary which allows several routers or multilayer switches to appear as a single gateway IP address.
+ HSRP has 5 states: Initial, listen, speak, standby and active.
+ HSRP allows multiple routers to share a virtual IP and MAC address so that the end-user hosts do not realize when a failure occurs.
+ The active (or Master) router uses the virtual IP and MAC addresses.
+ Standby routers listen for Hellos from the Active router. A hello packet is sent every 3 seconds by default. The hold time (dead interval) is 10 seconds.
+ Virtual MAC of 0000.0C07.ACxx , where xx is the hexadecimal number of HSRP group.
+ The group numbers of HSRP version 1 range from 0 to 255. HSRP does support group number of 0 (we do check it and in fact, it is the default group number if you don’t enter group number in the configuration) so HSRP version 1 supports up to 256 group numbers. HSRP version 2 supports 4096 group numbers.
(Reference and good resource: http://www.cisco.com/en/US/tech/tk648/tk362/technologies_tech_note09186a0080094a91.shtml)
We wrote a GNS3 lab of HSRP and you can read it here: http://www.networktut.com/hsrp-ip-route-tracking.
mucho graçias
Really great explanation
HI can any one explain how router 1 and router 2 are sending hello packet without any physical connection between routers
@durgeh good question even i too had same doubt
@durgeh and @moger if you see the pictures, the routers are connected by a Switch, they send the multicast message each other by sending it to the switch.
which is very useful. thanks
thanks…its usefull
is questions from 9tut is enough to clear ccna exam ????
Hi frnds, a year ago I failed to pass ccna version 1 due to time management was not there. Now iam going to take the version 2 exam with full confident. Should I apply with my old cisco registration I’d or I have to go with new registration? Pls revert.
Thank you to everyone who has contributed to this subject. The last 3 hours have been suprisingly painless!
its really detailed and useful
absolutely straight forward!
Hi,
I think you also need to cover off things such as priority, and preempt. Why is a CPE active or standby, is it random or a config setting? Other features such as preempt which are very much real world and could be in the exam. Great starting article, I am doing my CCNA again, not held it since 2004.
wooow nice explanation!!!!!!!!!!!!!!! I got the all points >>>>>>> thank you 9 tut
Right way to explain.very easy to understand
Great job !
If the switch caches the virtual mac in it’s mac address table, how does it know which port to forward it out of to get the the active router? The switch will have two macs identical with different ports numbers, one being the active router and one the standby.
Thanks for the explanation,but the question is how does the router identify that the second router wan port is working or not.The two routers are connected to switch through Fa0 port hence they can identify the hello packets but what about the wan connectivity.Lan port is fine but If the wan port of router 1 is not working then?????How does the router identify the condition.
great explanation , thanks
Really great explanation. Many thanks!
My comment was not an explanation, but a question. How does the switch know which port to forward to the active router if it has two identical vrtual macs pointing to two different ports in the mac address table?
Sanjay, you also bring up a good point. How does the standby router know when the active router WAN port is down if it still gets hellos from the active router?
If the Wan interface is down how router 1 will inform others that the wan link is down? there to add this command :
router1(config)#interface fastethernet 0/0
router1(config-if)#standby [standby group number] track [interface Serial number]
for exemple: #standby 1 track s0/0/0
if the serial 0/0/0 is down the router 1 will inform other router that it wan interface is down and give the hand to other router.
GRACIAS POR LA INFORMACIÓN, EXCELENTE PAGINA WEB
@9tut ……thanks 9tut for your explanation. I have question though.
What’s the criteria of electing the active router? or how does a router become an active router. in the given example why not the router 2 is the active router
@9tut. never mind. I have already figured it out. based on the example below. thanks
what should be the priority to be active router. higher or lower priority?
Explanation very simple and easy to understand
@mark: Higher priority wins the election.
@Mixu
Switch will send the frame to both routers, the standby one will drop it.
To have this topology works we have to also assign IPs to interfaces on both routers (without it they will not communicate and both will be active from theur perspective).
Example:
Router1:
interface GigabitEthernet0/0
ip address 192.168.1.253 255.255.255.0
duplex auto
speed auto
standby version 2
standby 111 ip 192.168.1.1
standby 111 priority 50
standby 111 track GigabitEthernet0/1
standby preempt
!
Router2:
interface GigabitEthernet0/0
ip address 192.168.1.254 255.255.255.0
duplex auto
speed auto
standby version 2
standby 111 ip 192.168.1.1
standby 111 track GigabitEthernet0/1
standby preempt
!
Hope it’s more clear now.
really good explanation and interesting
Router2 is Missing the Priority
Router2:
interface GigabitEthernet0/0
ip address 192.168.1.254 255.255.255.0
duplex auto
speed auto
standby version 2
standby 111 ip 192.168.1.1
standby 111 priority 49
standby 111 track GigabitEthernet0/1
standby preempt
Higher priority will become the Active one
Explained in a very easy way that clear all concept related to the topic. Request you to share the same explanation for VRRP.
Thanks again for the documents
Hari
good explanation..
Just curious about NAT/PAT Settings , I assume you can put the same settings on both routers? Any changes to this idea?
please can someone send me latest dumps asap i will really appreciate it i have exam on 15th my email id is govi2323@gmail.com
How does work nat/pet
Great one
Since router 2 didn’t have a priority configured it becomes the active router since the default priority is 100 which is higher than that of router 1
Hi, there is also a good article about HSRP is in this website.enjoy ;)
http://ipcisco.com/redundancy-protocols-%E2%80%93-part-1/
hi…i have a doubt..is there any questions will come based on HSRP,GLBP & VRRP in ccna(200-120) exam? let me know..thnkz in advnc:)
thanks ! good explanation….
dears, i have a question,,,are there more questions and labs that just if i register and pay the amount i can see them or these are all of the questions????????????????????
@bita: There are no more questions to show. Become a Premium Member allows you to interact with all the questions and labs.
Superb…..!
Thanks for this explanation wow better than cbt actually
loud and clear, thanks!!
Thanks a million 9Tut. Now I am confident to do the exam end of this month.
Really helpful…a big applause
thanx
Amazingly easy to understand. Why can’t Cisco write their instruction and explanation like this.