User Tools

Site Tools


hsrp_vrrp

show standby

show standby brief

show track

show hsrp detail

Introduction

Hot Standby Router Protocol (HSRP) provides redundancy for IP networks, ensuring that user traffic immediately and transparently recovers from first hop router failures. HSRP allows multiple routers on a single LAN to share a virtual IP and MAC address which is configured as the default gateway on the hosts. From the group of routers configured in an HSRP group, there is one router elected as the active router and another as a standby router. The active router assumes the role of forwarding packets sent to the virtual IP address. If the active router fails, the standby router takes over as the new active router.

HSRP Configuration Overview:

1) Decide a virtual address to use for the HSRP address. This address must be in the same subnet that is assigned to the LAN interface where you want to run HSRP.This address is also referred to as the standby IP address. Each router in this group must define with the same virtual IP address using the standby [group-number] ip [Virtual ip-address] command.

The standby group number= The default is 0. The group number range is from 0 to 255 for HSRP version 1 and from 0 to 4095 for HSRP version 2.

If you are configuring HSRP on VLAN trunks, each VLAN or Ethernet sub interface must be in a different standby group.

2) Decide which router is to be the primary router. This can be accomplished with the standby [group-number] priority [priority] commands.

Priority=this range is from 1 to 255, where 1 denotes the lowest priority and 255 denotes the highest priority. The default priority value is 100. The router in the HSRP group with the highest priority value becomes the active router.

3) Optionally you can also enable preemption on the router using below command

Standby [group-number] preempt delay{ minimum   = Delay at least this long 
                                                             Reload      = Delay after reload 
                                                             Sync        = Wait for IP redundancy clients} 

HSRP-enabled router with preempt configured attempts to assume control as the primary router when its priority is higher than the current active router. The standby preempt command is needed in situations when you want an occurring state change of a tracked interface to cause a standby router to take over from the active router. For example, an active router tracks another interface and decrements its priority when that interface goes down. The standby router priority is now higher and it sees the state change in the hello packet priority field. If preempt is not configured, it cannot take over and failover does not occur.

4) Configure tracking, authentication, and timers on the primary router using the following commands:

A) Tracking: Optionally you can also enable tracking on the router using below command:

standby group_number track interface_name [cost]

When HSRP tracks an interface and the state of a tracked interface changes to down, the primary router decrements its priority. The standby router reads this value from the hello packet priority field, and becomes primary if this value is lower than its own priority and the standby preempt command is configured. You can configure by how much the router must decrement the priority. By default, it decrements its priority by 10

B) HSRP Authentication: The below command establishes authentication messages to be included in the HSRP multicast. This ensures that only authorized routers can become part of the HSRP group. The string must match all routers in the HSRP group.

standby [group-number] authentication { WORD=Plain text authentication string

                                                           md5=Use MD5 authentication 
                                                           text=Plain text authentication} 

C) HSRP timers: you can configure the time between hello packets and the time before other routers declare the active Hot Standby or standby router to be down using following command:

standby [group-number] timers [msec] hellotime [msec] holdtime

The default hello interval is 3 seconds and hold time is 10 seconds. If the msec option is specified, hello interval is in milliseconds.

Basic configuration Example:

In this scenario, on site A multiple clients reside on the fast Ethernet segment of 198.168.1.0/24. All the clients need access to Servers on Site B

HSRP will provide the clients with uninterrupted access to servers of site B. To accomplish this, R1 is selected as the primary router, and R2 is the secondary router. You need to use 192.168.1.1 as the virtual IP address between the two routers. To provide redundancy, you also need to track the serial interfaces. By tracking on the serial interface, you can force R2 to become the primary if the R1's link to ISP fail.

When tracking is used, two potential situations can cause R2 to become the primary router.

1) The loss of the connection to R1, such as physical loss to the Fast Ethernet port on R1.

2) The loss of physical connectivity between R1 and ISP

Topology Diagram: HSRP.jpg

HSRP Configuration on R1 and R2:

R1R2

R1#sh run int fa0/0 Building configuration…

Current configuration : 192 bytes ! interface FastEthernet0/0 ip address 192.168.1.2 255.255.255.0 duplex auto speed auto standby 1 ip 192.168.1.1 standby 1 priority 105 standby 1 preempt standby 1 track Serial0/0 end

R2#sh run int fa0/0 Building configuration…

Current configuration : 168 bytes ! interface FastEthernet0/0 ip address 192.168.1.3 255.255.255.0 duplex auto speed auto standby 1 ip 192.168.1.1 standby 1 preempt standby 1 track Serial0/0 end

Verification:

Show standby Command Output for the R1 and R2:

This command shows

A) Router R1:

1) Active router

2) Virtual IP: 192.168.1.1

3) Virtual MAC address: 0000.0c07.ac01

4) Priority: 105

5) Preemption is on

6) Tracking Serial0/0, If interface S0/0 state goes down Priority will decrease by 10 i.e. 95

B) Router R2:

1) Standby router

2) Virtual IP: 192.168.1.1

3) Virtual MAC address: 0000.0c07.ac01

4) Priority: 100

5) Preemption is on

6) Tracking Serial0/0, if interface S0/0 state goes down Priority will decrease by 10 i.e. 90

R1#sh standby

FastEthernet0/0 - Group 1

State is Active 
  2 state changes, last state change 00:02:43 
Virtual IP address is 192.168.1.1 
Active virtual MAC address is 0000.0c07.ac01 
  Local virtual MAC address is 0000.0c07.ac01 (v1 default) 
Hello time 3 sec, hold time 10 sec 
  Next hello sent in 2.052 secs 
Preemption enabled 
Active router is local 
Standby router is 192.168.1.3, priority 100 (expires in 7.452 sec) 
Priority 105 (configured 105) 
  Track interface Serial0/0 state Up decrement 10 
Group name is "hsrp-Fa0/0-1" (default) 

R2#sh standby

FastEthernet0/0 - Group 1

State is Standby 
  1 state change, last state change 00:01:34 
Virtual IP address is 192.168.1.1 
Active virtual MAC address is 0000.0c07.ac01 
  Local virtual MAC address is 0000.0c07.ac01 (v1 default) 
Hello time 3 sec, hold time 10 sec 
  Next hello sent in 1.408 secs 
Preemption enabled 
Active router is 192.168.1.2, priority 105 (expires in 7.068 sec) 
Standby router is local 
Priority 100 (default 100) 
  Track interface Serial0/0 state Up decrement 10 
Group name is "hsrp-Fa0/0-1" (default) 

Shutting down R1's WAN interface S0/0:

R1#conf t

Enter configuration commands, one per line. End with CNTL/Z.

R1(config)#int s0/0

R1(config-if)#sh

R1(config-if)#

*Mar 1 00:11:55.811: %TRACKING-5-STATE: 1 interface Se0/0 line-protocol Up→Down

*Mar 1 00:11:56.507: %HSRP-5-STATECHANGE: FastEthernet0/0 Grp 1 state Active → Speak

R1(config-if)#

*Mar 1 00:11:57.811: %LINK-5-CHANGED: Interface Serial0/0, changed state to administratively down

*Mar 1 00:11:58.811: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/0, changed state to down

R1(config-if)#

*Mar 1 00:12:06.507: %HSRP-5-STATECHANGE: FastEthernet0/0 Grp 1 state Speak → Standby

R1#sh standby

FastEthernet0/0 - Group 1

State is Standby 
  4 state changes, last state change 00:00:41 
Virtual IP address is 192.168.1.1 
Active virtual MAC address is 0000.0c07.ac01 
  Local virtual MAC address is 0000.0c07.ac01 (v1 default) 
Hello time 3 sec, hold time 10 sec 
  Next hello sent in 0.132 secs 
Preemption enabled 
Active router is 192.168.1.3, priority 100 (expires in 9.088 sec) 
Standby router is local 
Priority 95 (configured 105) 
  Track interface Serial0/0 state Down decrement 10 
Group name is "hsrp-Fa0/0-1" (default) 

R2#

*Mar 1 00:11:55.059: %HSRP-5-STATECHANGE: FastEthernet0/0 Grp 1 state Standby → Active

R2#sh standby

FastEthernet0/0 - Group 1

State is Active 
  2 state changes, last state change 00:00:35 
Virtual IP address is 192.168.1.1 
Active virtual MAC address is 0000.0c07.ac01 
  Local virtual MAC address is 0000.0c07.ac01 (v1 default) 
Hello time 3 sec, hold time 10 sec 
  Next hello sent in 0.712 secs 
Preemption enabled 
Active router is local 
Standby router is 192.168.1.2, priority 95 (expires in 8.804 sec) 
Priority 100 (default 100) 
  Track interface Serial0/0 state Up decrement 10 
Group name is "hsrp-Fa0/0-1" (default) 

As soon as R1's interface S0/0 goes down,it's group 1 priority reduce by 10 number i.e.to 95.R2 reads this value from the priority field of hello packet and becomes active router as its own priority is higher than R1 i.e.100.

hsrp_vrrp.txt · Last modified: 2023/04/29 13:13 by andyb

Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki