HSRP basics

- In this chapter, we are going to discuss the Hot Standby Routing Protocol, or HSRP. HSRP is a member of a group of protocols known as First Hop Redundancy Protocols. Now these protocols are meant to provide redundancy at the router level. Routers are often overlooked in network topology when it comes to adding backup paths. FHRPs provide an easy way to back up the first hop out of the local area network.

Let's take a look at this diagram to see what I'm talking about. Now, here is a traditional infrastructure for a local area network. You can see that the router is a single point of failure in this configuration. Once the router goes down, the entire local area network loses the ability to leave the network or subnet. Now this is the very issue that First Hop Redundancy Protocols intend to solve. Now the major problem here is we can't just add another physical router to this infrastructure.

The reason is all the computers along the bottom are configured with the IP address of that first physical router. If that first physical router goes down, it does not matter that we have a second router in this configuration because all those computers are configured to use the first physical router's IP address. And now you can see the problem with having redundancy at layer three. Now even though we are going to focus on HSRP, that is not the only protocol that can provide redundancy at the routing level.

So let's go through a quick rundown of the FHRPs that are usable on our Cisco devices. Now the very first one we'll talk about here is VRRP, or Virtual Router Redundancy Protocol. This is an open standard, meaning this was not made by a specific vendor, and is available to all equipment manufacturers. This also uses virtual routers, a term we're going to talk about more, but it's also a term that is important in HSRP.

So it is important to note here that VRRP is incredibly similar to HSRP. Some would say that VRRP borrowed directly from HSRP in its creation. Next we have GLBP, also known as Gateway Load Balancing Protocol. Now this is a Cisco proprietary protocol, meaning that this is on Cisco equipment only, or a manufacturer who has licensed with Cisco to carry this particular protocol.

Now this uses load balancing and failover to provide redundancy at layer three. Lastly is what we are going to focus on for our course, and this is a Cisco proprietary protocol known as Hot Standby Router Protocol, or HSRP. So what exactly are we going to do with HSRP? Well, the protocol is going to allow us to use multiple routers to provide a redundant default gateway for a local area network or subnet.

What is the point of having multiple switches in our environments to ensure up time if we just plan on a single router failure, or a single point of failure at the router level to bring everything crashing down? HSRP allows us to create redundancy at that router level, helping us to further protect our local area networks and our up time as an administrator. So before we get too deep into the weeds on how HSRP functions, let's take some time and look at the terms you'll be seeing.

First off, virtual router. Now this is often used to describe the virtual IP address and MAC address used by HSRP. Now this is not a true virtual machine. All you VM ware guys out there, don't flip out. This is not a true virtual machine or appliance, but it's simply a reference to the virtual IP address and MAC address that are passed between the active and passive routers. So what is the virtual MAC and IP address? Now these are individual addresses.

These are not the physical interfaces of the router or layer three switch, but an IP address that we configure to virtually exist on the router. Note that the physical interface of the router or layer three switch, will have a completely different IP and MAC address that are physically moving traffic. The virtual addresses are used so computers can be configured to an ethereal address, one that can be quickly moved from one router to another instead of a hard physical interface address that can't be moved.

Active and standby routers refer to the current role of the routers. The active router is currently housing the virtual router, or the virtual MAC address and IP address, so that it is currently moving traffic for the entire local area network or subnet. The active router will respond to Address Resolution Protocols or ARP requests. The standby router is waiting and sending hello packets to the active router, waiting to take over if the dead timer triggers.

Multiple HSRP can be used to create different groups within the same VLAN. This is especially useful when dealing with VLANs in an environment, allowing different VLANs in a physical environment to use different physical gateways, but also use other physical gateways as a backup. This would effectively allow you to split which router is active per VLAN. This would allow you to utilize all physical links to actively move traffic instead of keeping a single link solely as a backup.

It's important to note that HSRP can be configured on routers or layer three switches. Also, hello messages are sent every three seconds, and they will try over three attempts. If no response is given to the hello packet being sent, the dead timer, which is 10 seconds in length, kicks in, and the standby router takes over. So here is a diagram of what our end product would look like. We have an active router.

The active router will move traffic for an entire local area network or subnet, while it remains active. In actuality, the router is moving traffic for a virtual IP address and a virtual MAC address that can be taken over by the standby router at any time. Remember, the virtual IP address is what is configured on those computers as the default gateway. Now the virtual IP and MAC address is controlled by the active router for now, but if a failure is detected, the standby router takes control of that virtual address and begins to route the traffic for the VLAN.

We now have a backup in case of failure, providing for another level of redundancy in this LAN topology. Now HSRP follows a specific process to get up and running, and as we move through this lesson, I would like you to keep this process in mind. First an active router is selected. Now this is based on a priority configuration. Next, the chosen active router will control the virtual IP and MAC address. The active router will now respond to ARP requests for the virtual IP address.

Now if there is an active router failure, the hello packets being sent will time out. The standby router will then take over the active router status. And lastly, if we have more than two routers participating in this HSRP process, we may see a new standby router chosen.