How to configure Cisco routers with HSRP.
Fault-Tolerant IP routing
Backup and virtual gateways
Hot Standby Router Protocol (HSRP)
If you haven’t read, here is the part 1 of the guide where we can see how to set up OSPF, BGP and Multicast in the network. [Link to PART 1]
Here we will focus only on how to provide fault tolerance IP routing from both the server and the host networks. Each subnet will connect physically to the two routers, one being the active and the other being stand-by.
Three are the protocols mostly used for fault tolerance:
- Gateway Load Balancing Protocol (GLBP)
- Hot Standby Router Protocol (HSRP)
- Virtual Router Redundancy Protocol (VRRP)
Having a backup path is extremely important in order to satisfy SLA and avoid any downtime to whole networks due to a single link failure. HSRP provides a quick way to recover a faulty link or router malfunctioning and allows other nodes to be quickly and transparently redirected to the standby router which immediately will become the active one.
HSRP allows multiple routers on a single LAN to share a virtual IP and MAC address which is configured as the default gateway on the hosts. By sharing an IP address and a MAC (Layer 2) address, two or more routers can act as a single “virtual” router. They answer to ARP requests for the virtual IP.
More here Cisco - Configuring HSRP
Network Equipment (virtual)
- 4 Cisco 7301 routers
- 2 HP2524 switches (one is for server network and one for client network)
- Virtual Machines (both on server and client network)
The network topology we are going to recreate is described as follow:
Client and Server network availability
RTC and RTD are responsible of providing a backup link for both the client and server networks in case of failure. Hot Standby Router Protocol or HSRP is used in both networks.
HSRP is simpler than Gateway Load Balancing Protocol (GLBP) which runs on layer 3 and only has an active router to answer ARP requests for the standby IP with a virtual MAC address. GLBP works on layer 2 and provides multiple virtual MAC addresses which could provide load balancing for huge networks. This is not needed here.
We will have for servers subnet network (10.5.10.0/24)
- RTC with 10.5.10.1 being the Active Router
- RTD with 10.5.10.2 being the Stand-By Router
- The VIRTUAL gateway has the 10.5.10.3 IP address.
We will have for clients subnet network (10.5.15.0/24)
- RTD with 10.5.15.1 being the Active Router
- RTC with 10.5.15.2 being the StandBy Router
- the VIRTUAL gateway has the 10.5.15.3 IP address.
HSRP provides high network availability by providing redundancy for IP traffic from hosts on networks.
When a router is down, the other quickly become active and start routing traffic on the behalf of the virtual IP. The two routers periodically send control messages to check “health” status, if one fails, the other assumes control. How?
Devices running HSRP send and receive multicast UDP-based hello packets to detect router failure and to designate active and standby routers.
- hellotime: between routers the hellotime interval is 3 seconds by default. That means the time before other routers declare the active router to be down.
- holdtime: the time before the active or standby router is declared to be down, default is 10 seconds.
interface gigabitEthernet 0/0 ip address 10.5.10.1 255.255.255.0 standby version 2 standby 10 ip 10.5.10.3 standby 10 priority 200 standby 10 preempt no shut interface fastEthernet 1/0 ip address 10.5.15.2 255.255.255.0 standby version 2 standby 15 ip 10.5.15.3 no shut
interface gigabitEthernet 0/0 ip address 10.5.15.1 255.255.255.0 standby version 2 standby 15 ip 10.5.15.3 standby 15 priority 200 standby 15 preempt no shut interface fastEthernet 1/0 ip address 10.5.10.2 255.255.255.0 standby version 2 standby 10 ip 10.5.10.3 no shut
On Hosts the VIRTUAL IP must be set as default gateway.
This configuration will allow IP fault tolerance. For more detailed explanation look at the cisco documentation here.
Please feel free to make any comment! If anything is unclear, just write in the comment and I will update the post! Thanks for reading!