Cisco 7 HSRP lecture

1
Cisco 7 HSRP lecture
2
How does a workstation get a default gateway (IP
address of router)?

• 1. DHCP gives the workstation the default gateway

• 2. IRDP (ICMP Router Discovery Protocol)
  extension to ICM that allows an end-station to
  automatically discover a default gateway. RPs
  (Route Processors) periodically generate special
  multicast packets that announce the routers
  existence to the clients every 5 to 10 minutes.
  Multicast packet has the RPs address and a
  life-time value. Could take up to 30 minutes.

3

• 3. Proxy ARPPC dynamically discovers default IP
  address and MAC of the default gateway. When
  default gateway fails, traffic is dropped. After
  a lengthy period of time, PC will re-perform the
  Proxy ARP, but in most situations, PC will
  continue using same failed default gateway.

4
What happens to the workstation when router fails?

• PC cant communicate with other networks

5
Solution is HSRP (Hot Standby Routing Protocol)

• Cisco-proprietaryprotocol
• Provides Layer 3redundancy
• Transparent to end stations
• RP (Route Processor) monitors the status of other
  RPs and provides a quick failover when primary
  default gateway fails.

6
HSRP
7
HSRP
8
HSRP Group

• A group of 2 or more RPs that represent a single
  default gateway. It has a virtual IP address and
  a virtual MAC address. If the primary RP fails,
  another RP takes over.
• One RP can be the backup for multiple primary
  default gateways
• Only one RP forwards data for a LAN.

9
HSRP Group

• Group has the following type of RPs
• Virtual RP
• Active RP
• Standby RP
• Other RPs
• Virtual RP
• Provides a single RP that is available to end
  stations.
• Not a real RPthe IP and MAC addresses are not
  physically assigned to any one interface on any
  of the RPs in the broadcast domain

10
HSRP Group

• Active RP
• Responsible for forwarding all traffic destined
  for the Virtual RPs MAC address.
• Elected in an election processRP with highest
  priority is active. If priorities are same,
  highest IP address wins. Default priority is 100.
• Only one active RP per network/subnetwork/VLAN

11
HSRP Group

• Standby RP
• Elected in an election process
• Keeps tabs on Active RP by looking for HSRP
  multicast messages (HSRP hellos). Hellos are sent
  by active RP every 3 seconds. If standby doesnt
  hear any hellos for 10 seconds, it promotes
  itself and becomes the active RP.
• Sends out its own hellos every 3 seconds so that
  if it fails, one of the other possible HSRP RPs
  in the standby group will become the standby.
• Only one standby RP per network/subnetwork/VLAN

12
HSRP Group
13
HSRP Group

• Other HSRP RPs
• Listen for hellos from standby and active RPs.
• If any end-station uses a REAL MAC address of one
  of the RPs in the broadcast domain, that specific
  RP (whether active, standby or other RP) will
  process and forward the frame.
• Each standby group must have a unique virtual IP
  address and a virtual MAC address.
• These addresses are unique across different
  VLANs.
• MAC address is 000.0c07.acxx (000.0c is Ciscos
  vendor code 07.ac is HSRPs well-known address
  xx is the HSRP group number.
• End stations perform an ARP request with the
  virtual IP address and get the virtual MAC
  address of the default gateway RP.

14
HSRP Group
15
Configuration for HSRP

• Only one command is needed to enable
  HSRPstandbyon an interface or subinterface.
• (config)interface xxxxx
• (config-if)standby group_no. ip ip_address
• note that group_no. is optional. If you dont put
  it in, it defaults to 0. It is required if you
  have multiple standby groups. IP address is the
  virtual IP address.
• To ensure the end-stations do not discover a RPs
  real MAC address on the interface, HSRP disables
  ICMP redirects.

16
Configuration for HSRP
17
Active Standby Election and Priorities

• The priority number on an interface influences
  whether or not a RP becomes the active or standby
  router.
• Default priority is 100
• Highest priority becomes active router
• Can assign a number for 0 to 255
• Interface command standby group_no. priority
  priority_no.

18
Active Standby Election and Priorities
19
Active Standby Election and Priorities
20
PREEMPTION

• Allows an RP to preempt the current standby or
  active RP when the RP comes on line.
• Interface command standby group_no. priority
  priority_no. preempt delay time where time is
  how long the RP waits to begin the preemption
  process. Default is 0 secs. Can use 0 to 3,600
  seconds (one hour).

21
Interface Tracking

• Allows a RP to track specific interfaces and it
  decrements its priority value if the interface
  has problems.
• Interface command standby group_no. track
  interface_type interface_no. decrement_value
  where the interface_type and interface_no. is the
  interface you want the RP to track. The optional
  decrement_value is a priority number and the
  default is 10. This means whatever its priority
  value is currently will be reduced by 10.

22
Interface Tracking
23
Verifying HSRP

• Global configuration command show standby
• Brief description show standby interface brief
• Debug debug standby

24
Verifying HSRP
25
Verifying HSRP
26
HSRP Config
27
HSRP Config
Router-A is initially the active router, with a
priority of 150, while Router-B is the standby
router, with a priority of 100. However, because
we are tracking interface FastEthernet 0/1, when
it goes down you can see that the priority of
Router-A goes down to 95. At that point, Router-B
becomes the active router and Router-A becomes
the standby router.
28
HSRP HINT
Enable PORTFAST when using HSRP. Why?