Table of Contents
HSRP (Hot Standby Router Protocol) is Cisco’s proprietary default gateway redundancy protocol. Multiple routers are grouped together to form a single virtual router. A virtual router has an IP address and a MAC address just like a real router. The IP address and MAC address of a virtual router are as follows
IP address of the virtual router: Specify by configuration
MAC address of the virtual router : 00-00-0c-07-ac-XX (XX:HSRP group number)
The grouped real routers assign the roles of active router and standby router. An active router is a router that routes packets destined to the virtual router. If the active router goes down, the standby router becomes the active router and routes packets to the virtual router.
If you configure the IP address of the virtual router as the default gateway for your PC or server, even if the existing active router goes down, the new active router will route the packets so that you can continue to communicate with other networks.
HSRP IP address and port number
When HSRP is enabled, HSRP messages are exchanged. HSRP is located at the application layer of the hierarchy and uses UDP as the transport layer; HSRP messages are encapsulated in UDP port 1985. Also, the destination IP address of HSRP messages is a multicast address of 22.214.171.124. This multicast address represents all the routers in the same network.
How the HSRP works
By exchanging HSRP Hello, multiple routers can recognize the IP address of the virtual router and determine the active router. The active router is determined by the HSRP priority. The router with the higher priority is the active router. The default value of priority is 100. If the priority is the same, the router with the larger IP address is the active router.
In the following figure, HSRP is enabled on Fa0/0 on R1 and R2. R1 and R2 exchange HSRP Hello messages on Fa0/0 to recognize the IP address 192.168.1.3 of the virtual router. Also, the HSRP Hello message contains a priority value, and R1 with the higher priority becomes the active router.
The active router is responsible for routing packets destined to the virtual router. Specifically, it performs the following actions.
- Send GARP when becoming an active router to update the ARP cache and MAC address table.
- Returns an ARP reply to an ARP request for a virtual IP address, which includes the virtual MAC address.
- Receives a packet with destination MAC address of virtual MAC address
- Use virtual MAC address as source MAC address for HSRP Hello packets
In simple terms, the active router has the IP address/MAC address of the virtual router in addition to the real IP address/MAC address. In the previous network configuration, R1 is the active router. Then, besides the real IP address 192.168.1.1, R1 also has the IP address of the virtual router. Furthermore, R1 has not only the MAC address of Fa0/0, but also the MAC address of the virtual router. For example, if the HSRP group number is 1, R1 also has a virtual MAC address of “00-00-0c-07-ac-01”.
If you have redundant default gateways with HSRP, configure the default gateway of the PC with the IP address of the virtual router. When sending packets from a PC to other networks, ARP is performed to find the MAC address for the IP address of the default gateway. Then, the ARP request for the IP address of the virtual router is answered by R1, the active router. R1 returns the virtual MAC address as the MAC address for the IP address of the virtual router in the ARP reply.
Since the PC knows the MAC address of the default gateway through ARP replies, it forwards packets destined for other networks to the default gateway by specifying the virtual MAC address as the destination MAC address in the Ethernet header. Then, the Ethernet frame with the destination MAC address as the virtual MAC address will be forwarded to R1. And R1 will route the packet.
The active router and standby router each send HSRP Hello messages periodically. The default interval is 3 seconds. When the active router goes down, the periodic Hello messages from the active router will stop arriving and the standby router will become the new active router. When the current active router, R1, goes down, the standby router, R2, becomes the new active router. R2 takes over the virtual IP address and MAC address. This switchover takes about 10 seconds by default.
The PC is not particularly aware that the router that serves as the default gateway has been switched. When sending packets to other networks, specify the resolved virtual MAC address as the destination MAC address, and the packets will be forwarded to the new active router, R2, for routing by R2.
HSRP configuration and verification commands, and configuration examples are summarized in the following articles.
- Router – The central device that performs routing
- Dividing Network with router
- Layer3 Switch Overview
- Measuring the distance to the destination network -Administrative Distance and Metric
- Equal Cost Multi Path Load Balancing
- Cisco Static Route Configuration
- Example of Cisco Static Route Configuration Step by Step
- RIP Split horizon
- RIP Timers
- RIP Route Poisoning – Quickly remove unnecessary route information
- Cisco RIP Basic Configuration and Verification Commands
- Cisco RIP Configuration Example
- Generating a default route in RIP – Redistribution of static route
- Passive-Interface ~Stops Routing Protocols from Sending Packets
- Default Gateway Redundancy Overview
- How the Cisco HSRP works
- Configuring and Verifying Cisco HSRP
- How VRRP works