HSRP (Hot Standby Router Protocol) is the Cisco proprietary protocol for providing redundancy in router networks. The standard router redundancy protocol which is used by other vendors is VRRP (Virtual Router Redundancy Protocol), however Cisco has created its own proprietary protocol (HSRP) which works very well on Cisco routers.
In a Local Area Network (LAN), all hosts (PC, Servers etc) have a single default gateway address configured which is used to route packets outside the LAN. If that single default gateway fails, then communication outside the LAN is not possible. With HSRP we can have two gateway routers, one active and one standby, which will provide resiliency regarding the default gateway address. Using HSRP, the two routers will have a physical IP address configured on their LAN-facing interface, but they will have also a Virtual (HSRP address) which will be used as the default gateway address for hosts on the LAN. No matter which router gateway is up and running (either the primary or the secondary), the virtual HSRP address will stay the same.
Let’s see a diagram below to explain this functionality.
First of all, HSRP must be configured between interfaces that have Layer2 connectivity between them. From the diagram above, HSRP will be running between interfaces FE0/1 on the two LAN routers. Interface FE0/1 on RTR-A will have a physical IP address 10.10.10.1 and interface FE0/1 on RTR-B will have a physical IP address 10.10.10.2. An HSRP address 10.10.10.3 will be also configured on both routers. This address will serve as the default gateway address for all hosts on the LAN. RTR-A will be configured as the Active HSRP router by setting a higher hsrp priority.
With HSRP, we can also track a specific interface. This means that if the tracked interface of the active router fails, then HSRP will trigger a failover to the standby router.
Let’s see an actual configuration below:
Configuration
Router RTR-A
RTR-A(config)# int fa0/1
RTR-A(config-if)# ip address 10.10.10.1 255.255.255.0
! enable HSRP group 1 and set the virtual address to 10.10.10.3
RTR-A(config-if)# standby 1 ip 10.10.10.3
! preempt allows the router to become the active router when its priority is higher
RTR-A(config-if)# standby 1 preempt
! increase its priority to 110 to make it active (default priority is 100)
RTR-A(config-if)# standby 1 priority 110
! track the WAN interface FE0/0
RTR-A(config-if)# standby 1 track fa0/0
Router RTR-B
RTR-B(config)# int fa0/1
RTR-B(config-if)# ip address 10.10.10.2 255.255.255.0
! enable HSRP group 1 and set the virtual address to 10.10.10.3
RTR-B(config-if)# standby 1 ip 10.10.10.3
! preempt allows the router to become the active router when its priority is higher
RTR-B(config-if)# standby 1 preempt
! set priority to 100 to make it the standby router (this is the default value)
RTR-B(config-if)# standby 1 priority 100
! track the WAN interface FE0/0
RTR-B(config-if)# standby 1 track fa0/0
That’s it. Now configure a default gateway address of 10.10.10.3 for your LAN hosts.
Related posts:
- VPN with HSRP High Availability
- Cisco Router 851 – 871 Interfaces and Basic Configuration
- Basic Cisco Router Configuration Steps
- ASA Firewall Active-Standby interface configuration
- Configuring Cisco Router Interfaces
- How to Configure DHCP on Cisco 851 or 871 Router
- Basic Cisco 800 Router Configuration for Internet Access
8 Responses to 'Cisco Router HSRP Configuration'
Leave a Reply
Configuration Tutorial For Cisco ASA 5500 Firewalls
With FREE ASA 5505 Configuration Tutorial Bonus
CLICK HERE TO DOWNLOAD EBOOKS
Hi,
You don’t need to configure a tracking interface on the second router. In fact, as soon as the first router comes back, this last comes primary again (because it has the higher HSRP priority and the preempt is configured on both ones). You can configure a delay for the preempt to be sure your L2 network is stable before the HSRP changes.
For example:
preempt delay min 120 (Wait 2 minutes before coming back primary)
Regards,
Lionel
Hello
You can also configure the timers for HSRP for setting interval of hello packets & hold down timers.
#standby 1 timers 5 10
(This means that hello packets will be sent every 5 seconds and the router will wait for 10 seconds before declaring one of the router dead)
Regards,
Sumit Bakshi
Is it possible to connect the 2 routers via ethernet cross-over cable and eliminate the L2 device?
Greg,
The whole point with HSRP is to “supply” a single virtual IP address to the LAN network for all LAN computers to use as default gateway. If you take the two internal interfaces of the routers (FE0/1) and connect them together with a cross-over cable, how are you going to connect the two routers to the internal LAN? So the answer is no. You must have a LAN switch.
Does the server side router pair to be configure HSRP also? And so server’s default gateway IP address will use their VIP?
Jack,
Yes sure. You can configure the 10.20.20.x network to work as hsrp on the routers, so the server will see the HSRP VIP address as default gateway.
I am working on a specific situation and in a lab if I shut down the switch port connecting R2 and turn it back on. R2 is not becoming part of that “standby 1″ group. I in fact can’t even ping it any more. debug standby shows this message:
HSRP: Fa4 Grp 1 Hello Received when interface down
Now if I either reboot it or clear the arp on R2 it starts to work. Any ideas on what could be happening?
Ali,
Can you post the relevant configuration to check it out?