Configuration of HSRP® Protocol on the sample network topology

  1. Introduction
  2. Configuration of HSRP® Protocol
1. Introduction

1.1. How did it happen?

This HowTo was developed within laboratories of Wide Area Networks Technologies course. Hopefully some people will find some valuable information and examples here, which will simply make their life easier. Our goal was not to explain the whole theory which stands behind certain topics, but to provide a quick example of configurations which could be used to achieve those objectives. The most important thing for us was to give you a quick, clear and simple example which would help you to understand the problem and develop your own much more complex configuration.

1.2. Legal notice and Copyrights

This manual is free: you can redistribute it and/or modify it under the terms of the GNU General Public License as
published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.

This manual is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY;
without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
See the GNU General Public License for more details.

You should have received a copy of the GNU General Public License
along with this program. If not, see this web page for details.

Copyrights ©: 1.3. By who?

This Howto was developed by : and was supervised and leaded by lecturer of Wide Area Networks Technologies course MSc Eng. Dawid Mentel

2. Configuration of HSRP® Protocol

2.1. What is HSRP®

First we would like to explain that HSRP® protocol is registered CISCO® Property and as such can only be implemented on CISCO® devices. An abbreviation HSRP® stands for Hot Standby Routing Protocol. The HSRP® protocol provides necessary redundancy solution wherever it is required for the network to keep the connection at all costs. With HSRP® it is possible to configure one of the provided routers as a HSRP® default active router and the other as a standby router. To configure a router as the active router, it is necessary to assign to it a priority that is higher than the priority of the standby router. The default priority is 100. If the active router fails its functions will be taken over by the standby router with the highest priority.
The important thing is that all the network traffic runs through one router previously configured as an active router
2.1.1. How does it work?

To initiate HSRP® it is required to provide at least two routers connected to the same network. The next step is to make the basic routers configuration and then to run and configure HSRP® protocol on both routers. The details will be shown in the following sections

2.2. Sample of topology the project is to be implemented on

To show the operation of the HSRP® protocol a sample network topology was made

Sample network with assigned routers interfaces
Figure 1. Sample network with assigned routers interfaces
Source: own study

2.3. Implementation

2.3.1. Configuring HSRP® on router RTB to set it as an active router

Password:
RTB>enable
Password:
RTB#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
RTB(config)#interface f0/0
RTB(config-if)#standby 1 ip 192.168.1.4
RTB(config-if)#standby 1 preempt
RTB(config-if)#standby 1 priority 105
RTB(config-if)#standby 1 authentication 6cz
RTB(config-if)#standby 1 track s1/0

The explanation of above configuration steps is as follows:

standby 1 ip 192.168.1.4
This command enables HSRP and sets 192.168.1.4 ip address of the virtual router.

standby 1 preempt
This command lets the router with higher priority to become an active router, should there be situation when the priority of the router is decreased it will become standby router, but when the priority returns to its previous level preemption will occur and router will become the active router again, without that configuration step the active router that priority was decreased and became standby router because of some failure would never become active router again even after its priority was increased. Exception to this is manual restart of the device which would return router to the previous state.

standby 1 priority 105
This command sets the priority of the router to 105 (default is 100) so it is more than default, what follows that router will become active if there is no configuration of this step on other router.

standby 1 authentication 6cz
This command sets an authentication string "6cz" for group 1 on RTB router. All routers from this group (in this case router RTD) must use the same string to be able to authenticate the source of the HSRP messages that it receives. This command is optional.

standby 1 track s1/0
This command forces the router to track state interface s1/0 and decreases the priority of the router by 10 (default value) if it fails. It is possible to change that default value by putting the wanted number at the end of the command.
example: standby 1 track s1/0 25 changes the decrement value to 25

2.3.2. Configuring HSRP® on router RTD to set it as a standby router

Password:
RTD>enable
Password:
RTD#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
RTD(config)#interface f0/0
RTD(config-if)#standby 1 ip 192.168.1.4
RTD(config-if)#standby 1 preempt
RTD(config-if)#standby 1 authentication 6cz
RTD(config-if)#standby 1 track s1/0

The explanation of above configuration steps is as follows:

standby 1 ip 192.168.1.4
This command enables HSRP and sets 192.168.1.4 ip address of the virtual router.

standby 1 preempt
This command lets the router with higher priority to become an active router, should there be situation when the priority of the router is decreased it will become standby router, but when the priority returns to its previous level preemption will occur and router will become the active router again, without that configuration step the active router that priority was decreased and became standby router because of some failure would never become active router again even after its priority was increased. Exception to this is manual restart of the device which would return router to the previous state.

The main difference between RTD and RTB configuration are two matters:
  1. The first is the lack of standby 1 priority for it is unnecessary as we want RTD to have priority at default level 100 but should it require any other number this command should be used.
  2. The second is the standby 1 ip 192.168.1.4 as it was set before on RTB it is possible to omit the ip number and leave only: standby 1 ip.
2.3.3. Show HSRP® configuration on an active router RTB

RTB#show standby
FastEthernet0/0 - Group 1
State is Active
2 state changes, last state change 00:19:16
Virtual IP address is 192.168.1.4
Active virtual MAC address is 0000.0c07.ac01
Local virtual MAC address is 0000.0c07.ac01 (v1 default)
Hello time 5 sec, hold time 15 sec
Next hello sent in 2.064 secs
Authentication text "6cz"
Preemption enabled
Active router is local
Standby router is 192.168.1.3, priority 100 (expires in 12.120 sec)
Priority 105 (configured 105)
Track interface Serial1/0 state Up decrement 10

IP redundancy name is "hsrp-Fa0/0-1" (default)


From the listing of the router RTB (after using command show standby) it is possible to tell some things:
  1. Router RTB is an active router
  2. Its virtual ip address is 192.168.1.4
  3. HSRP® authentication text is "6CZ"
  4. Router RTD is a standby router with priority 100 and ip address 192.168.1.3
  5. In case of problems with router or its serial interface the priority will be subtracted by 10 and the router state will change from active to standby router
2.3.4. Show HSRP® configuration on a standby router RTD

RTD#show standby
FastEthernet0/0 - Group 1
State is Standby
4 state changes, last state change 00:11:10
Virtual IP address is 192.168.1.4
Active virtual MAC address is 0000.0c07.ac01
Local virtual MAC address is 0000.0c07.ac01 (v1 default)
Hello time 5 sec, hold time 15 sec
Next hello sent in 4.820 secs
Authentication text "6cz"
Preemption enabled
Active router is 192.168.1.2, priority 105 (expires in 14.780 sec)
Standby router is local
Priority 100 (default 100)
Track interface Serial1/0 state Up decrement 10

IP redundancy name is "hsrp-Fa0/0-1" (default)


From the listing of the router RTD (after using command show standby) it is possible to tell some things:
  1. Router RTD is standby router
  2. Its virtual ip address is 192.168.1.4
  3. HSRP® authentication text is "6CZ"
  4. Router RTB is an active router with priority 105 and ip address 192.168.1.2
  5. Should the priority of the RTB router was decremented the RTD router will become active router



2.4. Testing the HSRP® configuration

There are generally two situations in which router RTD being a standby router should take over the functions of an active router RTB. These two cases are:
  1. Failure of the Serial1/0 Interface on router RTB
  2. Turning off the RTB router or its failure/crash

2.4.1. Failure of the Serial1/0 Interface on router RTB
The first of the potential threats for the network traffic is the failure of the interface Serial1/0 on router RTB.
If this happens router RTD will take over all the network traffic.
The below figure 2 shows the sample network with failure of the Serial1/0 Interface.

Failure of the Serial1/0 Interface on router RTB
Figure 2. Failure of the Serial1/0 Interface on router RTB
Source: own study
This situation will be simulated by switching off the Serial1/0 interface.

On router RTB s1/0 is shutdown:
RTB(config)#interface s1/0
RTB(config-if)#shutdown
RTB(config-if)#
*Jun 13 20:25:19.499: %HSRP-6-STATECHANGE: FastEthernet0/0 Grp 1 state Active ->
Speak
*Jun 13 20:25:20.975: %LINK-5-CHANGED: Interface Serial1/0, changed state to adm
inistratively down
*Jun 13 20:25:20.979: %ENTITY_ALARM-6-INFO: ASSERT INFO Se1/0 Physical Port Admi
nistrative State Down
*Jun 13 20:25:21.991: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial1/0,
changed state to down


On router RTD we get message:

RTD#
*Jun 13 20:25:19.691: %HSRP-6-STATECHANGE: FastEthernet0/0 Grp 1 state Standby -
>Active


To get confirmation it is necessary to type show standby on routers RTB and RTD.

After typing show standby on RTB we get the message:

RTB#show standby
FastEthernet0/0 - Group 1
State is Standby
7 state changes, last state change 00:04:40
Virtual IP address is 192.168.1.4
Active virtual MAC address is 0000.0c07.ac01
Local virtual MAC address is 0000.0c07.ac01 (v1 default)
Hello time 5 sec, hold time 15 sec
Next hello sent in 4.524 secs
Authentication text "6cz"
Preemption enabled
Active router is 192.168.1.3, priority 100 (expires in 14.564 sec)
Standby router is local
Priority 95 (configured 105)

Track interface Serial1/0 state Down decrement 10
Track interface FastEthernet0/0 state Up decrement 10
IP redundancy name is "hsrp-Fa0/0-1" (default)


After typing show standby on RTD we get the message:

RTD#show standby
FastEthernet0/0 - Group 1
State is Active
11 state changes, last state change 00:05:04
Virtual IP address is 192.168.1.4
Active virtual MAC address is 0000.0c07.ac01
Local virtual MAC address is 0000.0c07.ac01 (v1 default)
Hello time 5 sec, hold time 15 sec
Next hello sent in 0.868 secs
Authentication text "6cz"
Preemption enabled
Active router is local
Standby router is 192.168.1.2, priority 95 (expires in 10.856 sec)
Priority 100 (default 100)

Track interface Serial1/0 state Up decrement 10
IP redundancy name is "hsrp-Fa0/0-1" (default)


This shows that router RTD became an active taking over all the traffic from router RTB which is now standby router. The main purpose was achieved.

2.4.2. Turning off the RTB router

The second of the potential threats for the network traffic is the failure caused by turning off/failure of the RTB router. If this happens router RTD will take over all the network traffic. The below figure 3 shows the sample network with shutting down/failure of the RTB router.
Failure caused by shutting down/failure the RTB router
Figure 3. Failure caused by shutting down/failure the RTB router
Source: own study

This situation will be simulated by switching off the RTB router.

After switching off the RTB router we get the following message on RTD router:

*Jun 13 20:41:45.039: %HSRP-6-STATECHANGE: FastEthernet0/0 Grp 1 state Standby -
> Active


This means that the router RTD is now active and routing the traffic in the network.

After switching on the RTB router everything backs to its previous state - RTB is active router and RTD is standby router.


On router RTB the shown message is:

*Jun 13 21:04:05.459: %HSRP-6-STATECHANGE: FastEthernet0/0 Grp 1 state Listen ->
Active

On router RTD the shown message is:

*Jun 13 21:04:05.539: %HSRP-6-STATECHANGE: FastEthernet0/0 Grp 1 state Active ->
Speak


The above listings show that after fixing the problems with the RTB router (no matter if it is Interface or Shutdown problem) the router again becomes the active. This proves that the HSRP® was properly configured on both RTB and RTD routers and it runs correctly.

2.4.2.1. Testing the time necessary for the standby router to become an active router after active router crush down

There is one more thing that should be explained and tested. After an active router is down or crushed there is some time that is needed for the standby router to become the active router. How much time is needed for the router to become an active? To answer to that question I will have to explain two more terms. The firs is hello time and the second is hold time

If you want to change these default values you can do it using timers command
For example, in discussed case we set the 'hello time' to 5 seconds and 'hold time' to 15 seconds using command: standby 1 timers 5 15
Where 5 is 'hello time' and 15 is 'hold time' in seconds.
Note that this command must be set up on all HSRP® group routers otherwise it will not work

To check if this configuration really works we decided to run a test. Once more we turned off the RTB an active router and checked how much time did the standby router RTD need to become an active router. The results are showed below.

We turned off the RTB router at exactly: 10:45:00.
It took about 16 seconds for RTD router to become an active router:

RTD#
*Jun 24 10:45:16.291: %HSRP-6-STATECHANGE: FastEthernet0/0 Grp 1 state Standby -
> Active


Why did router RTD need more than 16 second to become an active if it its 'hold time' was set up to 15 seconds? The answer to this is the 'hello time' we don't know exactly in which second of 'hello time' we run our test. So the time after which router RTD will become active should be from the interval 15 to 20 seconds(15 seconds of 'hold time' plus remain seconds from 'hold time')

2.5. Listing of the HSRP® routers configuration

If you were following the entire given configuration steps then you should have the HSRP® configured correctly.
But if you have any doubts with how the configuration file should look like you can compare it with these routers configuration files.
The listings are given below

2.5.1. Listing of the configuration of router RTB:

Listing of the router configuration after typing 'show running-config' on router RTB

version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
hostname RTB
boot-start-marker
boot-end-marker

enable secret 5 $1$wkT0$EEgo0bAja99jfxdh7RFp1/

no aaa new-model
resource policy
ip subnet-zero
ip cef

ip host RTA 192.168.0.1 192.168.1.1
ip host RTB 192.168.1.2 192.168.1.9
ip host RTC 192.168.1.10 192.168.1.17
ip host RTD 192.168.1.3 192.168.1.18

interface FastEthernet0/0
ip address 192.168.1.2 255.255.255.248
duplex full
speed auto
standby 1 ip 192.168.1.4
standby 1 timers 5 15
standby 1 priority 105
standby 1 preempt
standby 1 authentication 6cz
standby 1 track Serial1/0

interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
interface Serial1/0
ip address 192.168.1.9 255.255.255.248
serial restart-delay 0
no fair-queue
interface Serial1/1
no ip address
shutdown
serial restart-delay 0
interface Serial1/2
no ip address
shutdown
serial restart-delay 0
interface Serial1/3
no ip address
shutdown
serial restart-delay 0
interface Serial1/4
no ip address
shutdown
serial restart-delay 0
interface Serial1/5
no ip address
shutdown
serial restart-delay 0
interface Serial1/6
no ip address
shutdown
serial restart-delay 0
interface Serial1/7
no ip address
shutdown
serial restart-delay 0
router rip
version 2
network 192.168.1.0
ip classless
no ip http server
no ip http secure-server
control-plane
gatekeeper
shutdown
line con 0
exec-timeout 0 0
password class
login
stopbits 1
line aux 0
stopbits 1
line vty 0 4
password class
login
end


2.5.2. Listing of the configuration of router RTD:

Listing of the router configuration after typing 'show running-config' on router RTD:

version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
hostname RTD
boot-start-marker
boot-end-marker

enable secret 5 $1$jawk$FPJDu2aL/VIimC57YAVVj1

no aaa new-model
resource policy
ip subnet-zero
ip cef

ip host RTA 192.168.0.1 192.168.1.1
ip host RTB 192.168.1.2 192.168.1.9
ip host RTC 192.168.1.17 192.168.1.10
ip host RTD 192.168.1.3 192.168.1.18

interface FastEthernet0/0
ip address 192.168.1.3 255.255.255.248
duplex full
speed auto
standby 1 ip 192.168.1.4
standby 1 timers 5 15
standby 1 preempt
standby 1 authentication 6cz
standby 1 track Serial1/0

interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
interface Serial1/0
ip address 192.168.1.18 255.255.255.248
serial restart-delay 0
no fair-queue
interface Serial1/1
no ip address
shutdown
serial restart-delay 0
interface Serial1/2
no ip address
shutdown
serial restart-delay 0
interface Serial1/3
no ip address
shutdown
serial restart-delay 0
interface Serial1/4
no ip address
shutdown
serial restart-delay 0
interface Serial1/5
no ip address
shutdown
serial restart-delay 0
interface Serial1/6
no ip address
shutdown
serial restart-delay 0
interface Serial1/7
no ip address
shutdown
serial restart-delay 0
router rip
version 2
network 192.168.1.0
ip classless
no ip http server
no ip http secure-server
control-plane
gatekeeper
shutdown
line con 0
password class
login
stopbits 1
line aux 0
stopbits 1
line vty 0 4
password class
login
end


Visit Counter:
Sympatia