KB ID 0000946
Problem
Cisco HSRP: Normally your client machines have one route off the network, (their default gateway). But what if that goes down? HSRP aims to solve this problem by assigning a ‘Virtual IP address’ to your default gateway (or default route). So that IP can be shared amongst two or more possible devices (routers, or layer 3 switches).
Above, we have a client 192.168.1.10 that has two possible routes off the network, (.254 and .253). We will setup a virtual IP of .250 and both routers can use that IP, (if they are the active gateway). Below is a brief overview of how to set it up.
Deploy Cisco HSRP
Setting up Cisco HSRP
1. On the first router (Router0), add the standby IP address (192.168.1.250) the ‘1’ denotes the standby group (a number from 0 to 4096). It comes up as standby, then after it has checked (via multicast address 224.0.0.2 on UDP port 1985). It finds no other live HSRP devices using that IP address so it becomes ‘Active’.
[box]
Router0>enable Router0#configure terminal Enter configuration commands, one per line. End with CNTL/Z. Router0(config)#interface GigabitEthernet0/0 Router0(config-if)#standby 1 ip 192.168.1.250 Router0(config-if)# %HSRP-6-STATECHANGE: GigabitEthernet0/0 Grp 1 state Speak -> Standby %HSRP-6-STATECHANGE: GigabitEthernet0/0 Grp 1 state Standby -> Active Router0(config-if)#
[/box]
2. Repeat this on the second Router, this one discovers the ‘Active’ router and sets itself up as ‘Standby’.
[box]
Router1> Router1>enable Router1#configure terminal Enter configuration commands, one per line. End with CNTL/Z. Router1(config)#interface GigabitEthernet0/0 Router1(config-if)#standby 1 ip 192.168.1.250 Router1(config-if)# %HSRP-6-STATECHANGE: GigabitEthernet0/0 Grp 1 state Speak -> Standby Router1(config-if)#
[/box]
3. You can prove this by running show standby (or do show standby in configure terminal mode).
[box]
Router0 Router0#show standby GigabitEthernet0/0 - Group 1 (version 2) State is Active 8 state changes, last state change 00:02:02 Virtual IP address is 192.168.1.250 Active virtual MAC address is 0000.0C9F.F001 Local virtual MAC address is 0000.0C9F.F001 (v2 default) Hello time 3 sec, hold time 10 sec Next hello sent in 0.055 secs Preemption disabled Active router is local Standby router is 192.168.1.253 Priority 100 (default 100) Group name is hsrp-Gig0/0-1 (default) Router0# Router1 Router1#show standby GigabitEthernet0/0 - Group 1 (version 2) State is Standby 3 state changes, last state change 00:10:44 Virtual IP address is 192.168.1.250 Active virtual MAC address is unknown Local virtual MAC address is 0000.0C9F.F001 (v2 default) Hello time 3 sec, hold time 10 sec Next hello sent in 2.125 secs Preemption disabled Active router is 192.168.1.254 Standby router is local Priority 100 (default 100) Group name is hsrp-Gig0/0-1 (default) Router1#
[/box]
4. That is HSRP configured! However there are a few changes you might want to make, for example, what if one router had a 100MB leased line, and the other was a 2MB ADSL line, you would want the fastest one to be in use, (as long as it was up). To achieve that, give the router with the fastest connection a higher priority (you may notice above, that by default the priority is 100). Be aware, even if a router has the highest priority, it wont ‘seize’ the virtual IP, it just sits and waits until it’s available. For our 100MB and 2MB example that’s not good. We would want Router1 to seize the virtual IP as soon as it can. To do that we need to set it to preempt. (Note: This process is called ‘launching a coup’).
[box]
Router1(config)#interface GigabitEthernet0/0 Router1(config-if)#standby 1 priority 105 Router1(config-if)#standby 1 preempt
[/box]
5. At this point it’s important to say, that in our scenario we would also need to setup a virtual IP for the ‘other side’ of the routers (i.e their GigabitEthernet 0/1 interfaces), or the remote client (172.16.1.10) would not be able to return our ‘pings’ or get any traffic back to us. So lets setup a virtual HSRP address on that side as well. Notice I just use another standby group number.
Note: To work the remote host 172.16.1.10 will need its default gateway changing to the HSRP Virtual IP of 172.16.1.250.
[box]
Router0 Router0(config)#interface GigabitEthernet0/1 Router0(config-if)#standby 2 ip 172.16.1.250 Router0(config-if)# Router1 Router1(config)#interface GigabitEthernet0/1 Router1(config-if)#standby 2 ip 172.16.1.250 Router1(config-if)#
[/box]
6. Finally we have set Router0 with the highest priority and set it to seize the virtual IP as soon as it can. But what if another interface on Router1 goes down? e.g. If the GigabitEthernet 0/1 interface were to go down, HSRP would not do anything because it’s tracking both the GigabitEthernet 0/0 interfaces, so communications would fail.
To solve the problem we need to tell it which interfaces to ‘Track’. In our example we need to track GigabitEthernet 0/1, if that goes down we need to give the virtual IP address to the standby ‘router’. This works because once we tell it to ‘track’ the GigabitEthernet 0/1 interface, if that were to fail it will DECREMEMT the routers priority by 10. So for Router0 its priority would drop to 95, this is five less than the default value of 100 (on Router1). But Remember, at the moment that fail-over would still fail, unless you allow Router1 to preempt and launch a coup.
[box]
Router0 Router0(config)#interface GigabitEthernet0/0 Router0(config-if)#standby 1 track GigabitEthernet0/1 Router0(config-if)# Router1 Router1(config)#interface GigabitEthernet0/0 Router1(config-if)#standby 1 preempt Router1(config-if)#
[/box]
7. We can see that by running a ‘show standby’ on Router0.
[box]
Router0#show standby
GigabitEthernet0/0 - Group 1 (version 2)
State is Active
7 state changes, last state change 00:00:31
Virtual IP address is 192.168.1.250
Active virtual MAC address is 0000.0C9F.F001
Local virtual MAC address is 0000.0C9F.F001 (v2 default)
Hello time 3 sec, hold time 10 sec
Next hello sent in 2.81 secs
Preemption enabled
Active router is local
Standby router is 192.168.1.253, priority 115 (expires in 7 sec)
Priority 115 (configured 115)
Track interface GigabitEthernet0/1 state Up decrement 10
Group name is hsrp-Gig0/0-1 (default)
GigabitEthernet0/1 - Group 2 (version 2)
State is Active
6 state changes, last state change 00:00:28
Virtual IP address is 172.16.1.250
Active virtual MAC address is 0000.0C9F.F002
Local virtual MAC address is 0000.0C9F.F002 (v2 default)
Hello time 3 sec, hold time 10 sec
Next hello sent in 0.81 secs
Preemption disabled
Active router is local
Standby router is 172.16.1.253
Priority 100 (default 100)
Group name is hsrp-Gig0/1-2 (default)
Router0#
[/box]
Related Articles, References, Credits, or External Links
NA