Multilayer Switching: HSRP Interface Tracking + Troubleshooting + Intro to VRRP

HSRP Interface Tracking

The default decrement in the priority when the tracked interface goes down is 10.

‘show standby’ will show the interface being tracked, the state and the decrement value.

A state change can be caused by either a Layer 1 or Layer 2 failure on the tracked interface.

You can change the default decrement at the end of the standby interface command.

You can track more than 1 interface, be aware of combined decrement values when doing this.

If you see HSRP states regularly transitioning, particularly between Speak and Standby, check your cabling – you’d be surprised how often that happens, especially in labs.

Frankly, most HSRP issues you run into fall into these categories:

  1. The secondary router didn’t become the Active router when it should have.
  2. The former Active router didn’t take back over when it came back online.

If either of those happens to you, check these values:

  1. Is the preempt command properly configured?
  2. What are the priority values of each HSRP speaker?
  3. Watch your decrement values with HSRP interface tracking. Don’t get cute with these. If you’re having a problem with interface tracking and you see decrements that don’t end in 0 or 5, I can practically guarantee they’re misconfigured.

Virtual Router Redundancy Protocol

Defined in RFC 2338, VRRP is the open-standard equivalent of the Cisco proprietary HSRP. VRRP works very much like HSRP, and is suited to a multivendor environment.

Very similar operation to HSRP.

There are some differences, a few of which are:

  • VRRP’s equivalent to HSRP’s Active router is the Master router. (Some VRRP documentation refers to this router as the IP Address Owner.) This is the router that has the virtual router’s IP address as a real IP address on the interface it will receive packets on.
  • The physical routers in a VRRP Group combine to form a Virtual Router. Note that the VRRP Virtual Router uses an IP address already configured on a router in its group, as opposed to how the HSRP router is assigned a separate virtual IP address.
  • VRRP Advertisements are multicast to 224.0.0.18.
  • VRRP’s equivalent to HSRP’s Standby router state is the Backup state.
  • The MAC address of VRRP virtual routers is 00-00-5e-00-01-xx, xx is the group number in hexadecimal.
  • “preempt” is a default setting for VRRP routers.
  • As of IOS Version 12.3(2)T, VRRP now has an Object Tracking feature. Similar to HSRP’s Interface Tracking feature, a WAN interface can be tracked and a router’s VRRP priority dropped when that interface goes down.

Multilayer Switching: HSRP Fundamentals, Priorities, Defaults and Load Balancing

HSRP

*This is something I work with a lot and as this is a recap exercise, I am not going to overkill this concept. Just hit the high points and additional bonus stuff..

Defined in RFC 2281, HSRP is a Cisco-proprietary protocol.

The hosts using HSRP as a gateway don’t know the actual IP or MAC addresses of the routers in the group. They’re communicating with a pseudorouter, a “virtual router” created by the HSRP configuration.

The standby routers aren’t just going to be sitting there, by configuring multiple HSRP groups on a single interface, HSRP load balancing can be achieved.

How did the HSRP process arrive at a MAC of 00-00-0c-07-ac-05?

Well, most of the work is already done before the configuration is even begun. The MAC address 00-00-0c-07-ac-xx is HSRP’s well-known virtual MAC address, and xx is the group number in hexadecimal.

In this example, the group number is 5, which is expressed as 05 with a two-bit hex character. If the group number had been 17, we’d see 11 at the end of the MAC address – one unit of 16, one unit of 1.

HSRP speakers are sending Hellos every 3 seconds, with a 10-second holdtime.

Default priority is 100 and the highest priority wins. If there is a tie in priority then the highest IP Address on a HSRP enabled interface becomes the Active router in the group.

When the priority is changed in a group of routers, then will be no change until the Active router goes down or preemption is enabled.

standby GROUP preempt

or…

at the end of the priority command (IOS specific)

Best practice is the put the preempt command on the Active and intended router. You never have to down either router to change Active or Standby, just use the preempt command on the STANDBY router to manually ‘failover’.

You can change the virtual mac address if required: standby GROUP mac-address aaaa.bbbb.cccc

HSRP Load Balancing

Setup a HSRP group on each router, with the Active and Standbys distributed, set the default gateway for your to each VIP address! 50/50 load balancing and this way you are using both of your routers instead of having one in Standby.

If you’re configuring HSRP on a multilayer switch, you can configure HSRP on routed ports, SVIs, and L3 Etherchannels. HSRP requires the Enhanced Multilayer Software Image (EMI) to run on an L3 switch. Gig Ethernet switches will have that image, but Fast Ethernet switches will have either the EMI or Standard Multilayer Image (SMI). Check your documentation. The SMI can be upgraded to the EMI.

HSRP States *Taken straight from Chris Bryant SWITCH study guide

Disabled – Some HSRP documentation lists this as a state, others do not. I don’t consider it one, but Cisco may. Disabled means that the interface isn’t running HSRP yet.

Initial (Init) — The router goes into this state when an HSRP-enabled interface first comes up. HSRP is not yet running on a router in Initial state.

Learn — At this point, the router has a lot to learn! A router in this state has not yet heard from the active router, does not yet know which router is the active router, and it doesn’t know the IP address of that router, either. Other than that, it’s pretty bright. 😉

Listen — The router now knows the virtual IP address, but is not the primary or the standby router. It’s listening for hello packets from those routers.

Speak — The router is now sending Hello messages and is active in the election of the primary and standby routers.

Standby — The router is now a candidate to become the active router, and sends Hello messages.

Active — The router is now forwarding packets sent to the group’s virtual IP address.

Note that an HSRP router doesn’t send Hellos until it reaches the Speak state. It will continue to send Hellos in the Standby and Active states as well.

HSRP Interface Tracking

The default decrement in the priority when the tracked interface goes down is 10.