HSRP Overview

HSRP (Hot Standby Router Protocol) is Cisco’s proprietary default gateway redundancy protocol. Multiple routers are grouped together to form a single virtual router. A virtual router has an IP address and a MAC address just like a real router. The IP address and MAC address of a virtual router are as follows

As mentioned in other articles, a “virtual router” does not mean that the entire router is grouped together. Only the interface that is acting as the default gateway is grouped as a virtual router.

IP address of the virtual router: Specify by configuration
MAC address of the virtual router : 00-00-0c-07-ac-XX (XX:HSRP group number)

The grouped real routers assign the roles of active router and standby router. An active router is a router that routes packets destined to the virtual router. If the active router goes down, the standby router becomes the active router and routes packets to the virtual router.

If you configure the IP address of the virtual router as the default gateway for your PC or server, even if the existing active router goes down, the new active router will route the packets so that you can continue to communicate with other networks.

HSRP IP address and port number

When HSRP is enabled, HSRP messages are exchanged. HSRP is located at the application layer of the hierarchy and uses UDP as the transport layer; HSRP messages are encapsulated in UDP port 1985. Also, the destination IP address of HSRP messages is a multicast address of 224.0.0.2. This multicast address represents all the routers in the same network.

Figure HSRP Encapsulation
Figure HSRP Encapsulation
It is further encapsulated in an Ethernet header, which is omitted in the figure.

How the HSRP works

By exchanging HSRP Hello, multiple routers can recognize the IP address of the virtual router and determine the active router. The active router is determined by the HSRP priority. The router with the higher priority is the active router. The default value of priority is 100. If the priority is the same, the router with the larger IP address is the active router.

In the following figure, HSRP is enabled on Fa0/0 on R1 and R2. R1 and R2 exchange HSRP Hello messages on Fa0/0 to recognize the IP address 192.168.1.3 of the virtual router. Also, the HSRP Hello message contains a priority value, and R1 with the higher priority becomes the active router.

 Figure  How the HSRP works  Part1
Figure How the HSRP works Part1

The active router is responsible for routing packets destined to the virtual router. Specifically, it performs the following actions.

  • Send GARP when becoming an active router to update the ARP cache and MAC address table.
  • Returns an ARP reply to an ARP request for a virtual IP address, which includes the virtual MAC address.
  • Receives a packet with destination MAC address of virtual MAC address
  • Use virtual MAC address as source MAC address for HSRP Hello packets

In simple terms, the active router has the IP address/MAC address of the virtual router in addition to the real IP address/MAC address. In the previous network configuration, R1 is the active router. Then, besides the real IP address 192.168.1.1, R1 also has the IP address of the virtual router. Furthermore, R1 has not only the MAC address of Fa0/0, but also the MAC address of the virtual router. For example, if the HSRP group number is 1, R1 also has a virtual MAC address of “00-00-0c-07-ac-01”.

 Figure  How the HSRP works  Part2
Figure How the HSRP works Part2

If you have redundant default gateways with HSRP, configure the default gateway of the PC with the IP address of the virtual router. When sending packets from a PC to other networks, ARP is performed to find the MAC address for the IP address of the default gateway. Then, the ARP request for the IP address of the virtual router is answered by R1, the active router. R1 returns the virtual MAC address as the MAC address for the IP address of the virtual router in the ARP reply.

Since the PC knows the MAC address of the default gateway through ARP replies, it forwards packets destined for other networks to the default gateway by specifying the virtual MAC address as the destination MAC address in the Ethernet header. Then, the Ethernet frame with the destination MAC address as the virtual MAC address will be forwarded to R1. And R1 will route the packet.

 Figure  How the HSRP works  Part3
Figure How the HSRP works Part3
The behavior in the figure assumes that there is no ARP cache for the virtual IP address in the PC.

The active router and standby router each send HSRP Hello messages periodically. The default interval is 3 seconds. When the active router goes down, the periodic Hello messages from the active router will stop arriving and the standby router will become the new active router. When the current active router, R1, goes down, the standby router, R2, becomes the new active router. R2 takes over the virtual IP address and MAC address. This switchover takes about 10 seconds by default.

  Figure  How the HSRP works  Part4
Figure How the HSRP works Part4
Although omitted in the figure, when R2 becomes a new active router, it sends GARP to update the information in the ARP cache of the PC and the MAC address table of the Layer 2 switch.

The PC is not particularly aware that the router that serves as the default gateway has been switched. When sending packets to other networks, specify the resolved virtual MAC address as the destination MAC address, and the packets will be forwarded to the new active router, R2, for routing by R2.

  Figure  How the HSRP works  Part5
Figure How the HSRP works Part5