Home > Hot Standby Router Protocol HSRP Tutorial

Hot Standby Router Protocol HSRP Tutorial

November 7th, 2013 Go to comments

In this tutorial we will learn what is HSRP and the need of HSRP in a network.

Most of the company in the world has a connection to the Internet. The picture below shows a most simple topology of such a company:

Simple_company_topology.jpg

To make above topology work we need to:

+ Configure IP addresses on two interfaces of the Router. Suppose the IP address of Fa0/0 interface (the interface connecting to the switch) is 192.168.1.1.
+ Assign the IP addresses, default gateways and DNS servers on all PCs. In this case we have to set the default gateways to Fa0/0 interface (with the IP address 192.168.1.1) of the router. This can be done manually or automatically via DHCP.

After some time, your boss wants to implement some redundant methods so that even the Router fails, all PCs can still access the Internet without any manual configuration at that time. So we need one more router to connect to the Internet as the topology below:

HSRP_company_topology.jpg

But now we have a problem: There is only one default gateway on each host, so if Router1 is down and we want to access the Internet via Router2, we have to change the default gateway (to 192.168.1.2). Also, when Router1 comes back we have to manually change back to the IP address on Router1. And no one can access to the Internet in the time of changing the default gateway. HSRP can solve all these problems!

HSRP Operation

With HSRP, two routers Router1 and Router2 in this case will be seen as only one router. HSRP uses a virtual MAC and IP address for the two routers to represent with hosts as a single default gateway. For example, the virtual IP address is 192.168.1.254 and the virtual MAC is 0000.0c07.AC0A. All the hosts will point their default gateway to this IP address.

HSRP_virtual_router.jpg

One router, through the election process, is designated as active router while the other router is designated as standby router. Both active and standby router listen but only the active router proceeds and forwards packets. Standby router is backup when active router fails by monitoring periodic hellos sent by the active router (multicast to 224.0.0.2, UDP port 1985) to detect a failure of the active router.

HSRP_active_standby_router.jpgWhen a failure on the active router detected, the standby router assumes the role of the forwarding router. Because the new forwarding router uses the same (virtual) IP and MAC addresses, the hosts see no disruption in communication. A new standby router is also elected at that time (in the case of there are more than two routers in a HSRP group).

Note: All routers in a HSRP group send hello packets. By default, the hello timer is set to 3 seconds and the dead timer is set to 10 seconds. It means that a hello packet is sent between the HSRP standby group devices every 3 seconds, and the standby device becomes active when a hello packet has not been received for 10 seconds

HSRP_active_fail.jpg

Note: The virtual MAC address of HSRP version 1 is 0000.0C07.ACxx, where xx is the HSRP group number in hexadecimal based on the respective interface. For example, HSRP group 10 uses the HSRP virtual MAC address of 0000.0C07.AC0A. HSRP version 2 uses a virtual MAC address of 0000.0C9F.FXXX (XXX: HSRP group in hexadecimal). But please notice that the virtual MAC address can be configured manually.

HSRP version 1 hello packets are sent to multicast address 224.0.0.2 while HSRP version 2 hello packets are sent to multicast address 224.0.0.102. Currently HSRPv1 is the default version when running HSRP on Cisco devices.

HSRP States

HSRP consists of 6 states:

State Description
Initial This is the beginning state. It indicates HSRP is not running. It happens when the configuration changes or the interface is first turned on
Learn The router has not determined the virtual IP address and has not yet seen an authenticated hello message from the active router. In this state, the router still waits to hear from the active router.
Listen The router knows both IP and MAC address of the virtual router but it is not the active or standby router. For example, if there are 3 routers in HSRP group, the router which is not in active or standby state will remain in listen state.
Speak The router sends periodic HSRP hellos and participates in the election of the active or standby router.
Standby In this state, the router monitors hellos from the active router and it will take the active state when the current active router fails (no packets heard from active router)
Active The router forwards packets that are sent to the HSRP group. The router also sends periodic hello messages

Please notice that not all routers in a HSRP group go through all states above. In a HSRP group, only one router reaches active state and one router reaches standby state. Other routers will stop at listen state.

Now let’s take an example of a router passing through these states. Suppose there are 2 routers A and B in the network; router A is turned on first. It enters the initial state. Then it moves to listen state in which it tries to hear if there are already active or standby routers for this group. After learning no one take the active or standby state, it determines to take part in the election by moving to speak state. Now it starts sending hello messages containing its priority. These messages are sent to the multicast address 224.0.0.2 (which can be heard by all members in that group). When it does not hear a hello message with a higher priority it assumes the role of active router and moves to active state. In this state, it continues sending out periodic hello messages.

Now router B is turned on. It also goes through initial and listen state. In listen state, it learns that router A has been already the active router and no other router is taking standby role so it enters speak state to compete for the standby router -> it promotes itself as standby router.

Suppose router A is in active state while router B is in standby state. If router B does not hear hello messages from router A within the holdtime (10 seconds by default), router B goes into speak state to announce its priority to all HSRP members and compete for the active state. But if at some time it receives a message from the active router that has a lower priority than its priority (because the administrator change the priority in either router), it can take over the active role by sending out a hello packet with parameters indicating it wants to take over the active router. This is called a coup hello message.

Quick summarization:

+ HSRP is Cisco proprietary which allows several routers or multilayer switches to appear as a single gateway IP address.
+ HSRP has 5 states: Initial, listen, speak, standby and active.
+ HSRP allows multiple routers to share a virtual IP and MAC address so that the end-user hosts do not realize when a failure occurs.
+ The active (or Master) router uses the virtual IP and MAC addresses.
+ Standby routers listen for Hellos from the Active router. A hello packet is sent every 3 seconds by default. The hold time (dead interval) is 10 seconds.
+ Virtual MAC of 0000.0C07.ACxx , where xx is the hexadecimal number of HSRP group.
+ The group numbers of HSRP version 1 range from 0 to 255. HSRP does support group number of 0 (we do check it and in fact, it is the default group number if you don’t enter group number in the configuration) so HSRP version 1 supports up to 256 group numbers. HSRP version 2 supports 4096 group numbers.

(Reference and good resource: http://www.cisco.com/en/US/tech/tk648/tk362/technologies_tech_note09186a0080094a91.shtml)

We wrote a GNS3 lab of HSRP and you can read it here: http://www.networktut.com/hsrp-ip-route-tracking.

Comments (31) Comments
Comment pages
1 2 3 4 1997
  1. Anonymous
    March 2nd, 2016

    very well explained

  2. Anil royal
    March 17th, 2016

    nice explanation

  3. Popong
    March 29th, 2016

    hi every i need help.. is there anyone has the latest dump for the CCNA EXAMINATION.. thanks a lot

  4. Unstoppable
    March 30th, 2016

    @popong send me a mail to {email not allowed} for CCNA dumps

  5. Alviso
    April 20th, 2016

    @Unstoppable: Can you please some lateste CCNA dumps?

  6. ccna
    April 29th, 2016

    @Unstoppable or anyone who has them: please can you send latest CCNA dumbs to {email not allowed}

  7. DUREXXX65
    May 3rd, 2016

    are the dumps valid?????

  8. Jim
    May 12th, 2016

    Everyone stop asking for dumps and looking for shortcuts, just try learning it!!

  9. dooma
    May 17th, 2016

    hi guys {email not allowed} send me the latest dump

  10. dooma
    May 17th, 2016

    i’m taking my exam this month which sim should i focus on …

  11. Amy
    July 1st, 2016

    Hi.. Does anyone have latest cc a dump questions

  12. good explain but not configuration command
    July 7th, 2016

    good explain but not configuration command

  13. Yograj Singh
    July 7th, 2016

    good explain but not configuration command

  14. Anonymous
    July 19th, 2016
  15. Anonymous
    August 14th, 2016

    Great explanation, i got it to understand the basis of hsrp

  16. Anonymous
    August 18th, 2016

    I m taking my exam tomorrow morning In Botswana…I believe I read here will truly help me pass my ICND1

  17. Deli
    September 21st, 2016

    Learn the states:

    ILLSSA!
    Init
    Listen
    Learn
    Speak
    Standby
    Active

    voila!

  18. Deli
    September 21st, 2016

    VPN memorization
    CADA!
    Confidentiality
    Authenticity
    Data Integrity
    Anti-reply

  19. Deli
    September 21st, 2016

    And one more, OSPF states
    DAI2EELF(Die to ELF?)
    Down
    Atttempt
    Init
    2-Way ( neighbor relation forming )
    Exstart
    Exchange
    Load
    Full

    Enjoy

  20. Anonymous
    September 24th, 2016

    A very heartfelt and special thanks to all who manage this website
    I finally passed my CCNA and I could not have done it
    without the help of this website for clarifying and making
    concepts easier to grasp.I wish you continued success and
    many more fruitful years of coaching network newbies…
    To everyone who wants to get your CCNA :
    Study the concepts, know your facts and use 9Tut as a
    Reference cos for me 70% of questions featured here came out
    Mostly from RSTP STP Routing Scenario and Drag n Drop

  21. Shimul
    October 25th, 2016

    can anyone give me the latest question of ccna plz @ {email not allowed}

  22. test
    October 26th, 2016

    abcd (at) gmail (dot) com

  23. Anonymous
    October 29th, 2016

    Let me know, if my Ccna expired ,Do I need to retake the Ccna exam or Just keep on taking CCNP ( switch /route/t-shoot)??

  24. Nickname
    November 9th, 2016

    if your ccna expires, you need to re-take ccna
    to extend your ccna validity, take ccnp

  25. Junior T
    November 11th, 2016

    Hi Guys someone kindly send me the newest dumps for CCNA R&S on tonykarera @ gmail .com

    Please remove space.

  26. Higgs boson
    November 26th, 2016

    Hi Sir,

    In the Quick summarisation you wrote that HSRP has 5 states and then you didn’t mention the Learning state.
    Is there any reason for that?
    Thank you.

    Kind Regards

    Didier from France

  27. Milos
    November 29th, 2016

    Hello,
    Firstly I want to say thank You Guys for this amasing webpage.

    I plan to take the exam in 30 days.

    The big PLEASE to anyone who can send me newest dumps for CCNA 200-125 on
    g r i z l i @ b l i c . n e t – without spaces

    Thank You in advance,

    :) :) :)

  28. Anonymous
    December 5th, 2016

    excellent

  29. Anonymous
    December 7th, 2016

    Hello,
    I plan to take the exam in 30 days.
    The big PLEASE to anyone who can send me newest dumps for CCNA 200-125 on
    {email not allowed}
    Thank You in advance,

  30. Anonymous
    December 13th, 2016

    well written

  31. potato
    December 13th, 2016

    i can understand now

Comment pages
1 2 3 4 1997