The Solution
HSRP is a Cisco proprietary protocol developed for redundancy. It defines a group of routers working as one virtual router. It enables host interfaces to continue communicating outside the local segment even if a host interface’s default route fails or the link is down. Basically, HSRP is a group of routers working together as a unit to provide fault tolerance.
HSRP works by assigning a group of routers a virtual IP address and a virtual MAC address. The routers in this group route packets to a virtual IP address so packets are still routed through the network even when their destination router is pushed off a shelf in the wiring closet. (Routers can fail for many reasons, most of which relate to electrical and component issues.)
HSRP also uses a priority scheme to determine which HSRP−configured router is the default active router. When you assign the standby interface a default priority that is higher than the priority of all other HSRP−configured route processor interfaces, that router is set as the active router. Once this active router is configured, multicast messages and advertising priorities are exchanged among HSRP−configured route processor interfaces. Now, if an active router fails to send a hello message (covered later in this chapter) within the configurable period of time, the standby router with the highest priority will be forced to become an active router.
HSRP is one of the best solutions when host interfaces on a local LAN segment require continuous access to the network resources. As shown in Figure 12.1, when a failure does occur, HSRP automatically lets the elected standby route processor assume the role and function of the offline router.
Figure 12.1: Two routers between various types of servers and clients. The standby route processor assumes the failed default route processor’s position in the network.
HSRP classifies the route processors on the network into standby groups. More than one standby group can be assigned to each route processor. The number of standby groups that can be assigned is limited by the physical topology being used. Table 12.1 shows the number of standby groups that can be configured on each type of physical LAN topology. Each group contains a route processor in each of the following roles:
Table 12.1: The maximum number of standby groups that can be assigned to a routeprocessor based on the physical topology.
Topology |
Standby Groups |
Ethernet |
255 |
FDDI |
255 |
Token Ring |
3 |
245
∙Active route processor
∙Standby route processor
∙Virtual route processor
All other route processors fall into the “other route processor” category.
Warning |
By increasing the number of standby groups on a route processor, you decrease the route |
|
processor’s performance and increase latency. You’ll increase the number of standby |
|
groups primarily to facilitate load sharing. |
In the Immediate Solutions section, you will learn how to configure the standby priority. If it is not manually assigned, the priority is 100. But what if none of the route processors has been assigned a group priority? If multiple route processors in the group have equal priority, the route processor with the highest IP address for the respective group will be elected as the active route processor. The route processor with the second highest IP address will become the standby route processor. All the other route processors will be placed in a Listen state (see “The HSRP States”).
The standby router will take over once the route processor that is currently active for the group does not receive three hello messages. The actual convergence time is contingent upon the HSRP timers for the group. The HSRP hellotime timer defaults to 3, and the holdtime timer defaults to 10. Interestingly, with HSRP, the standby route processor will take over even if the active router’s LAN interface state is displaying the message interface up line protocol down.
Once the standby route processor becomes active, it will respond to any end station sending packets to the virtual MAC address. When an IP host interface sends an ARP request with the virtual route processor’s address, HSRP will respond with the virtual route processor’s MAC address—not its own. This virtual MAC address is the well−known MAC address of 0000.0c07.ac11, where 11 is the HSRP group identifier.
To find the current IP address of the virtual router, use the show ip arp command and look for the virtual route processor IP and hardware MAC address. You can also use the show standby command.
Route processors using HSRP can provide redundancy for a default gateway as well as load−balance traffic across VLANs and IP subnets (if multiple VLANs are being used, a separate HSRP standby group must be in place for each VLAN). Because route processors can be assigned as members of multiple HSRP standby groups, each standby group can have its own priority and its own active route processor. As shown in Figure 12.2, the active route processor for group 1 assigned to VLAN 1 uses route processor 2. VLAN 2 using standby group 2 will use route processor 2. In the event of a failure, the standby group will begin to use the other route processor. In this situation, load sharing will take place until a failure occurs.
Figure 12.2: VLAN 1 and VLAN 2 utilize load balancing across the multiple route processors.
246
Each standby group contains an IP address and a well−known MAC address assigned to the group. The IP address for the standby group is within the range of IP addresses belonging to the subnet or VLAN to which the route processor is providing services. The IP address cannot be assigned to any other device in the network except the standby group interfaces operating in the standby group.
Inter−Switch Link (ISL) links are used to transport VLAN information across the links to the different route processors used in each standby group. In order to pass HSRP standby group information between links for multiple VLANs, the interfaces in the group must be configured with ISL. The encapsulation format must be defined, and an IP address must be assigned to an interface.
Note |
Refer to Chapter 5 for information on configuring ISL encapsulation and assigning an IP |
|
address to an interface. |
HSRP Message Format
All route processors in the HSRP standby group send and receive HSRP messages to one another. The messages are used to determine the roles of each route processor in the group. User Datagram Protocol (UDP) utilizing TCP port 17 encapsulates the data in the data portion of the UDP packet. The packet is then sent to an all−router multicast address with a time to live (TTL) of one hop.
The fields contained in an HSRP message are:
∙Version—Indicates the HSRP version.
∙Op Code—Describes the type of message contained in the packet. The three types of messages are as follows:
♦Hello—The first and most common message, which is sent to indicate that a route processor in the standby group is functioning in the group.
♦Coup—Indicates that a route processor wants to become the active route processor.
♦Resign—Notifies the other standby group members that a route processor no longer can or will participate as the active route processor.
♦State—Indicates the current state of the route processor sending the message.
♦Hellotime—Indicates the time period in seconds between hello messages that the sending route processor sends. The default is three seconds.
♦Holdtime—Used when sending hello messages. This field indicates the length of time in seconds that the message should be considered valid. The holdtime should be at least three times the value assigned to hellotime. The default time is 10 seconds.
♦Priority—Used to elect the active and standby route processors. The route processor with the highest priority in the HSRP group wins the election and becomes the active route processor.
♦Group—Indicates the standby group number. The valid numbers are 0 to 255; 255 groups can be configured as valid HSRP groups.
♦Authentication data—Contains an eight−character clear text password that is continuously reused.
♦Virtual address—Contains the IP address of the router that is used by the HSRP group.
Just as in Spanning−Tree Protocol (STP), a route processor goes through different states before it becomes fully functional. In the next section, we’ll look at these different states and how skipping one or more of the states affects HSRP.
The HSRP States
A route processor such as a router can transition through six HSRP states. The definitions of the states are included here:
∙Initial state—All route processors begin in this state. In this starting state, HSRP is not running. The route processor can be found in this state after the power cycles or if a configuration change is applied
247