HSRP Tutorial

HSRP Tutorial

Today’s topic is HSRP (Hot Standby Routing Protocol). HSRP is a Cisco proprietary “First Hop Redundancy Protocol”. It is typically used for redundancy at the first hop from a client segment. It is used with two or more routers in a group who share a virtual IP address. One router is active at a given time and will reply to ARP requests. In this example, we have R1 and R2 in standby group 100 with a virtual IP of 192.168.100.1. This IP will be the default gateway for all hosts in VLAN 100. Here is the topology:


This is a basic topology, both R1 and R2 have connections to the internet. They are running HSRP on their FastEthernet 0/0 interfaces. Here’s the basic HSRP config:

R1(config)#interface fa0/0
R1(config-if)#ip address 192.168.100.2 255.255.255.0
R1(config-if)#standby 100 ip 192.168.100.1
 
R2(config)#interface fa0/0
R2(config-if)#ip address 192.168.100.3 255.255.255.0
R2(config-if)#standby 100 ip 192.168.100.1

Very simple so far. We use the “standby [0-255] ip [virtual ip address]” command.
Let’s verify the config:
 
R1#sh standby
FastEthernet0/0 - Group 100
  State is Active
    2 state changes, last state change 00:20:19
  Virtual IP address is 192.168.100.1
  Active virtual MAC address is 0000.0c07.ac64
    Local virtual MAC address is 0000.0c07.ac64 (v1 default)
  Hello time 3 sec, hold time 10 sec
    Next hello sent in 1.696 secs
  Preemption disabled
  Active router is local
  Standby router is 192.168.100.3, priority 100 (expires in 8.980 sec)
  Priority 100 (default 100)
  Group name is "hsrp-Fa0/0-100" (default)
 
R2#sh standby
FastEthernet0/0 - Group 100
  State is Standby
    1 state change, last state change 00:19:40
  Virtual IP address is 192.168.100.1
  Active virtual MAC address is 0000.0c07.ac64
    Local virtual MAC address is 0000.0c07.ac64 (v1 default)
  Hello time 3 sec, hold time 10 sec
    Next hello sent in 2.836 secs
  Preemption disabled
  Active router is 192.168.100.2, priority 100 (expires in 9.544 sec)
  Standby router is local
  Priority 100 (default 100)
  Group name is "hsrp-Fa0/0-100" (default)

The main command we’ll use with HSRP is “show standby”. It gives us quite a bit of information, we see the group number (100), we see that R1 is the active router in the group, we also see information about state changes, the VIP, timers, other useful details, and priority, which we’ll talk about next.
HSRP routers use “priority” to determine which router should be active, the default is 100. We’ll set R1′s priority to 110, forcing it to be the active router. We will also use interface tracking, which tells the router to decrement its priority if the tracked interface goes down. Here we’ll track both routers’ Fa0/1 interfaces, which connect them to the internet. We will also enable preemption, which will cause the router with the highest priority to become active.
Here’s the config:
 
R1(config)#int fa0/0
R1(config-if)#standby 100 priority 110
R1(config-if)#standby 100 preempt
R1(config-if)#standby 100 track fa0/1 20
 
R2(config)#int fa0/0
R2(config-if)#standby 100 preempt
R2(config-if)#standby 100 track fa0/1 20

We’ve configured R1 to decrement its priority by 20 if its fa0/1 interface goes down, this will cause R2 to become active for the group.
Now we’ll test the config:


R1(config)#int fa0/1
R1(config-if)#shut
R1(config-if)#
*Mar  1 00:38:29.495: %TRACKING-5-STATE: 1 interface Fa0/1 line-protocol Up->Down
R1(config-if)#
*Mar  1 00:39:51.747: %HSRP-5-STATECHANGE: FastEthernet0/0 Grp 100 state Active -> Speak
R1(config-if)#
*Mar  1 00:40:01.747: %HSRP-5-STATECHANGE: FastEthernet0/0 Grp 100 state Speak -> Standby
R1(config-if)#^Z
R1#sh standby
FastEthernet0/0 - Group 100
  State is Standby
    4 state changes, last state change 00:00:45
  Virtual IP address is 192.168.100.1
  Active virtual MAC address is 0000.0c07.ac64
    Local virtual MAC address is 0000.0c07.ac64 (v1 default)
  Hello time 3 sec, hold time 10 sec
    Next hello sent in 2.568 secs
  Preemption enabled
  Active router is 192.168.100.3, priority 100 (expires in 8.556 sec)
  Standby router is local
  Priority 90 (configured 110)
    Track interface FastEthernet0/1 state Down decrement 20
  Group name is "hsrp-Fa0/0-100" (default)
 
It worked as expected. R2 transitioned to active for the group. When we no shut R1′s fa0/1 interface, we should see it regain its active status for the group.

Let’s verify:
 
R1(config)#int fa0/1
R1(config-if)#no shut
R1(config-if)#
*Mar  1 00:43:23.251: %TRACKING-5-STATE: 1 interface Fa0/1 line-protocol Down->Up
R1(config-if)#
*Mar  1 00:43:24.759: %HSRP-5-STATECHANGE: FastEthernet0/0 Grp 100 state Standby -> Active
R1(config-if)#^Z
R1#sh s
*Mar  1 00:44:03.479: %SYS-5-CONFIG_I: Configured from console by console
R1#sh standby
FastEthernet0/0 - Group 100
  State is Active
    5 state changes, last state change 00:00:41
  Virtual IP address is 192.168.100.1
  Active virtual MAC address is 0000.0c07.ac64
    Local virtual MAC address is 0000.0c07.ac64 (v1 default)
  Hello time 3 sec, hold time 10 sec
    Next hello sent in 0.360 secs
  Preemption enabled
  Active router is local
  Standby router is 192.168.100.3, priority 100 (expires in 8.376 sec)
  Priority 110 (configured 110)
    Track interface FastEthernet0/1 state Up decrement 20
  Group name is "hsrp-Fa0/0-100" (default)
 
No surprise here, it’s back being the active router for standby group 100.
In my experience, HSRP is very, very common. I’ve seen it used in nearly every medium to large company I’ve worked with. I hope this post has been helpful. :)
 

0 comments:

About US

Network Bulls is Best Institute for Cisco CCNA, CCNA Security, CCNA Voice, CCNP, CCNP Security, CCNP Voice, CCIP, CCIE RS, CCIE Security Version 4 and CCIE Voice Certification courses in India. Network Bulls is a complete Cisco Certification Training and Course Coaching Institute in Gurgaon/Delhi NCR region in India. Network Bulls has Biggest Cisco Training labs in India. Network Bulls offers all Cisco courses on Real Cisco Devices. Network Bulls has Biggest Team of CCIE Trainers in North India, with more than 90% of passing rate in First Attempt for CCIE Security Version 4 candidates.
  • Biggest Cisco Training Labs in India
  • More than 90% Passing Rate in First Attempt
  • CCIE Certified Trainers for All courses
  • 24x7 Lab Facility
  • 100% Job Guaranteed Courses
  • Awarded as Best Network Security Institute in 2011 by Times
  • Only Institute in India, to provide CCIE Security Version 4.0 Training
  • CCIE Security Version 4 Training available
  • Latest equipments available for CCIE Security Version 4

Network Bulls Institute Gurgaon

Network Bulls Institute in Gurgaon is one of the best Cisco Certifications Training Centers in India. Network Bulls has Biggest Networking Training and Networking courses labs in North India. Network Bulls is offering Cisco Training courses on real Cisco Routers and Switches. Labs of Network Bulls Institute are 24x7 Available. There are many coaching Centers in Delhi, Gurgaon, Chandigarh, Jaipur, Surat, Mumbai, Bangalore, Hyderabad and Chennai, who are offering Cisco courses, but very few institutes out of that big list are offering Cisco Networking Training on real Cisco devices, with Live Projects. Network Bulls is not just an institute. Network Bulls is a Networking and Network Security Training and consultancy company, which is offering Cisco certifications Training as well support too. NB is awarded in January 2012, by Times, as Best Network Security and Cisco Training Institute for the year 2011. Network Bulls is also offering Summer Training in Gurgaon and Delhi. Network Bulls has collaboration with IT companies, from which Network Bulls is offering Networking courses in Summer Training and Industrial Training of Btech BE BCA MCA students on real Live projects. Job Oriented Training and Industrial Training on Live projects is also offered by network bulls in Gurgaon and Delhi NCR region. Network Bulls is also providing Cisco Networking Trainings to Corporates of Delhi, Gurgaon, bangalore, Jaipur, Nigeria, Chandigarh, Mohali, Haryana, Punjab, Bhiwani, Ambala, Chennai, Hyderabad.
Cisco Certification Exams are also conducted by Network Bulls in its Gurgaon Branch.
Network Bulls don't provide any Cisco CCNA, CCNP simulations for practice. They Provide High End Trainings on Real topologies for high tech troubleshooting on real Networks. There is a list of Top and best Training Institutes in India, which are providing CCNA and CCNP courses, but NB has a different image from market. Many students has given me their feedbacks and reviews about Network bulls Institute, but there were no complaints about any fraud from this institute. Network Bulls is such a wonderful place to get trained from Industry expert Trainers, under guidance of CCIE Certified Engineers.

About Blog

This Blog Contains Links shared by sites: Cisco Guides, Dumps collection, Exam collection, Career Cert, Ketam Mehta, GodsComp.co.cc.

NB

NB
Cisco Networking Certifications Training

Cisco Training in Delhi

ccna training in gurgaon. ccnp course institute in gurgaon, ccie coaching and bootcamp training near gurgaon and delhi. best institute of ccna course in delhi gurgaon india. network bulls provides ccna,ccnp,ccsp,ccie course training in gurgaon, new delhi and india. ccsp training new delhi, ccie security bootcamp in delhi.

Testimonials : Network Bulls

My Name is Rohit Sharma and i Have done CCNA and CCNP Training in Gurgaon Center of Network Bulls and it was a great experience for me to study in Network Bulls.

Cisco Networking Certifications

Myself Komal Verma and i took CCSP Training from Network Bulls in Gurgaon. The day i joined Network Bulls, the day i get addicted with Networking Technologies and I thank Mr. Vikas Sheokand for this wonderful session of Networking. :)
I must say that Network Bulls is Best Institute of CCNA CCNP CCSP CCIE Course Training in Gurgaon, New Delhi and in India too.
Komal Verma

About a wonderfull CCIE Training Institute in Gurgaon

I am Kiran shah from New Delhi. I have recently completed my CCNA CCNP & CCIE Training in Gurgaon from Network Bulls and i recommend Network Bulls for Cisco Training in India.

Kiran Shah

Cisco Coaching and Learning Center

Disclaimer: This site does not store any files on its server. I only index and link to content provided by other sites. If you see any file on server that is against copy right you can inform me at (sidd12341 [at] gmail.com). I will delete that materials within two days. This Website is not official Website of any Institute like INE, Network Bulls, IP Expert. Thanks

CCIE Security Version 4

Cisco Finally updated CCIE Security Lab exam blueprint. WSA Ironport and ISE devices are added in CCIE Security Version 4 Lab Exam Syllabus Blueprint. In Updated CCIE Security Version 4 Syllabus blueprint, new technologies like Mobile Security, VoIP Security and IPV6 Security along with Network Security, are added. As in CCIE Security Version 3 blueprint, Cisco had focused on Network Security only, but now as per market demand, Cisco is looking forward to produce Internet gear Security Engineer, not only Network Security engineers.
In CCIE Security Version 4 Bluerpint, Lab Exam is going to be more interested than before. What is Difference in CCIE Security Version 3 and Version 4? Just go through the CCIE Security Version 4 Lab Equipment and Lab Exam Syllabus Blueprints and find out!