ntphong2702@gmail.

com

HOT STANDBY ROUTING PROTOCOL PART I: SUMMARY

Hot Standby Router Protocol (HSRP) is a Cisco proprietary redundancy protocol for establishing a fault-tolerant default gateway, and has been described in detail in RFC 2281. The primary router with the highest configured priority will act as a virtual router with a pre-defined gateway IP address and will respond to the ARP request from machines connected to the LAN with the MAC address 0000.0c07.acXX where XX is the group ID in hex. If the primary router should fail, the router with the next-highest priority would take over the gateway IP address and answer ARP requests with the same mac address, thus achieving transparent default gateway fail-over. AHSRP Basics Simulation visualizes Active/Standby election and link failover with Hello, Coup, ARP Reply packets and timers. HSRP is not a routing protocol as it does not advertise IP routes or affect the routing table in any way. HSRP has the ability to trigger a failover if one or more interfaces on the router go down. This can be useful for dual branch routers each with a single serial link back to the head end. If the serial link of the primary router goes down, the backup router would take over the primary functionality and thus retain connectivity to the head end. HSRP uses the exchange of multicast messages to communicate a configured priority with other routers in the same standby group. The priority defines which router will be the primary and which router(s) will be secondary in the group. The default priority is 100; the router with the highest priority will be the primary for the group. If the priorities are the same, the first router up becomes the primary. Any prioritization is then based on the IP address. If a new router (at the same priority) joins, it doesn't bump the current primary router, even if its IP address is higher; however, it can bump the current standby router.

Page 1

www.nitropdf.com

ntphong2702@gmail.com

If priorities are different, a new router joining with a higher priority becomes active, even if preemption is not configured; however, if the router is already up and its priority changes (because of tracking or reconfiguration), it won't bump the primary without preemption configured. HSRP uses three types of multicast messages to exchange standby group information: Hello The hello message contains the sending router's priority and state

information. Hellos are exchanged every three seconds. If a router fails to send a hello in a specified amount of time, the receiving router, if priority dictates, becomes the primary router for the group. Coup When a secondary router becomes the primary router, it sends a

coup message to the routers in the group. Resign When the primary router is about to shut down, or when it has

received a hello message with a higher priority than its own, it forfeits the primary position with a resign message. Packet formats The standby protocol run on top of UDP, and uses port number 1985. Packets are sent to multicast address 224.0.0.2 with TTL 1. Routers use their actual IP address as the source address for protocol packets, not the virtual IP address. This is necessary so that the HSRP router can identify each other. The format of the data portion of the UDP datagram is: 1 2 3

0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
Page 2

www.nitropdf.com

ntphong2702@gmail.com

Version Holdtime

Op Code Priority

State Group

Hellotime Reserved

Authentication Data Authentication Data Virtual IP Address

States in HSRP: An HSRP router can be in one of six states: Initial Learn Listen Speak Standby Active

There are three types of timer is used in the HSRP protocol is active, standby, hello. Without a hello packet received from a Active HSRP router in active time, the router switch to a new HSRP state. Active timer: used to monitor the Active Router. Timer will reset at any time when a router in the HSRP group received hello packet is sent out from the Active Router. Timer expire values in accordance with the hold time value is being set corresponding to the field in HSRP hello messages.
Page 3

www.nitropdf.com

ntphong2702@gmail.com

Standby timer: used to monitor the standby router. Timer will reset at any time when a router in the HSRP group received hello packet is sent out from Standby Router. Timer expire values in accordance with the hold time value is being set corresponding to the field in HSRP hello messages. Hello timer: hello packet time. All HSRP router in any state of HSRP are created out hello packet that hello timer expire.

In the standby state, because the router at this time as a candidate to become the next active router. It periodically sends hello packets. It also listen to the hello message from the active router. In a HSRP network, only a standby router.

Page 4

www.nitropdf.com

ntphong2702@gmail.com

In Active State, router can forward packets tasks. It sends virtual MAC address of group. It is also tasked to respond to the ARP request packets directed to the virtual IP. Active router also periodically send hello message. In an HSRP group has only one Active Router.

Ngun (http://forum.technet.com.vn, http://www.informit.com)

Page 5

www.nitropdf.com

ntphong2702@gmail.com

PART II:
2.1 GOAL

LAB

All IP addresses have been preconfigured as following: NewYork: F0/0: 192.168.1.1 /24 NewYork: F1/0: 192.168.2.1 /24 NewJersey: F0/0: 192.168.1.2 /24 NewJersey F1/0: 192.168.2.2 /24 L.A.: F0/0: 192.168.1.3 /24 L.A.: F1/0: 192.168.2.3 /24 HOST: F0/0: 192.168.1.200 /24 ISP: F0/0: 192.168.2.254 /24

The ISP router has the following loopback interfaces, these are used to simulate the Internet. Loopback0: 172.16.1.1 /24 Loopback1: 172.16.2.1 /24 Loopback2: 172.16.3.1 /24

The host router has been configured with "no ip routing" which will turn it into an ordinary host. OSPF has been configured on all routers except the host router for full connectivity. Configure NewYork, Newjersey and L.A. for HSRP, use the standby group number "1".

Page 6

www.nitropdf.com

ntphong2702@gmail.com

The virtual IP Address should be 192.168.1.254 /24 . The virtual mac address should be 1234.5678.9abc. Newjersey should be the Active router, when it fails L.A. should take over. Hello packets should be sent every 7 seconds. Make sure the router with highest priority will always be the active router. Configure authentication for HSRP, use password "hutech". When the HSRP active router's F1/0 interface goes down, make sure it's no longer the active HSRP router. Configure the virtual IP address of HSRP as default gateway on the Host Router. Ensure you can ping the loopbacks of the ISP router from the Host router. Ensure that whenever 2 out of 3 routers are down, the Host router still has connectivity to the ISP.

2.2 MODEL

Page 7

www.nitropdf.com

ntphong2702@gmail.com

2.3 SOLUTION NewJersey(config)#int f0/0 NewJersey(config-if)#standby 1 ip 192.168.1.254 NewJersey(config-if)#standby 1 mac-address 1234.5678.9abc NewJersey(config-if)#standby 1 priority 200( priority value from 0 -> 255) NewJersey(config-if)#standby 1 timers 7 21( value to 1 -> 254) NewJersey(config-if)#standby 1 preempt NewJersey(config-if)#standby 1 authentication hutech NewJersey(config-if)#standby 1 track 1 decrement 11(decrement value from 1-255, tracked object value from 1-500) NewJersey(config)#track 1 interface fastEthernet 1/0 line-protocol

NewYork(config)#int f0/0 NewYork(config-if)#standby 1 ip 192.168.1.254 NewYork(config-if)#standby 1 mac-address 1234.5678.9abc NewYork(config-if)#standby 1 priority 180 NewYork(config-if)#standby 1 timers 7 21 NewYork(config-if)# standby 1 preempt NewYork(config-if)#standby 1 authentication hutech

LA(config)#int f0/0 LA(config-if)#standby 1 ip 192.168.1.254 LA(config-if)#standby 1 mac-address 1234.5678.9abc LA(config-if)#standby 1 priority 190
Page 8

www.nitropdf.com

ntphong2702@gmail.com

LA(config-if)#standby 1 timers 7 21 LA(config-if)#standby 1 preempt LA(config-if)#standby 1 authentication hutech LA(config)#track 1 interface fastEthernet 1/0 line-protocol

Host(config)#no ip routing Host(config)ip default-gateway 192.168.1.254

After shutdown interface f1/0 on router LA:

Page 9

www.nitropdf.com

ntphong2702@gmail.com

Turn on interface f1/0 on router LA then shutdown interface f1/0 on router NewJersey

Ping Host to ISP:

Page 10

www.nitropdf.com

ntphong2702@gmail.com

After turn of any two routers

Page 11

www.nitropdf.com

ntphong2702@gmail.com

Wireshark capture:

Page 12

www.nitropdf.com

ntphong2702@gmail.com

Page 13

www.nitropdf.com