HSRP with switches(Redundancy)
- Purpose: HSRP is a Cisco proprietary redundancy protocol used to provide high availability and fault tolerance for routing on networks. It ensures that if one router fails, another router can seamlessly take over routing responsibilities.
- Operation: HSRP works by creating a virtual IP address and MAC address that is shared among a group of routers. One router within the group is elected as the active router, handling traffic for the virtual IP address. The other routers in the group remain in standby mode, ready to take over if the active router fails.
- Virtual IP Address: The virtual IP address is configured on all routers in the HSRP group. It serves as the default gateway for devices on the network. When a router becomes the active router, it responds to ARP requests for the virtual IP address.
- Virtual MAC Address: The virtual MAC address is derived from a well-known MAC address range assigned to HSRP. It is associated with the virtual IP address and is shared among all routers in the HSRP group.
- Priority: Each router in the HSRP group is assigned a priority value. The router with the highest priority becomes the active router. Priority values can be manually configured, with the default being 100. If priorities are equal, the router with the highest IP address on the HSRP interface becomes active.
- Preemption: Preemption allows a router with a higher priority to take over as the active router if it becomes available or if its priority is increased. This feature ensures that the router with the highest priority always becomes the active router.
- Hello Messages: Routers in the HSRP group communicate using hello messages to indicate their status. These messages are sent at regular intervals to ensure that routers are still operational. If a router stops receiving hello messages from the active router, it assumes the active role.
- Versions: There are different versions of HSRP, including HSRPv1 and HSRPv2. HSRPv2 provides improvements over HSRPv1, including support for IPv6 and multiple HSRP groups per interface.
- Security: HSRP messages are sent in clear text, which can be a security concern. It's important to protect against unauthorized access to HSRP messages by using features like authentication.
Overall, HSRP is a widely used protocol in Cisco networks to ensure high availability and reliability of routing services.
HSRP with switches(Redundancy)
Step 1: Access Switch Configuration Mode
- Access the configuration mode of each Cisco switch:
Step 2: Enter Interface Configuration Mode
- Enter the configuration mode for the interface corresponding to the VLAN you want to configure HSRP on. For example, let's configure VLAN 10:
Step 3: Assign IP Address to VLAN Interface
- Assign an IP address to the VLAN interface. This IP address serves as the default gateway for devices in the VLAN.
Step 4: Configure HSRP on Switch A
- Configure HSRP on Switch A. Set the virtual IP address, priority, and enable preemption. Let's configure HSRP group 1 with the virtual IP address 10.0.0.1:
Step 5: Repeat on Switch B
- Repeat steps 2-4 on Switch B, ensuring that the virtual IP address is the same on both switches. Here's an example for Switch B:
Step 6: Verify Configuration
- Once configuration is done on both switches, verify that HSRP is configured correctly by checking the status of the HSRP group and the active:
- This command will display details such as the virtual IP address, status, and active vlan.
Testing
Finally, test the HSRP configuration by simulating a failover scenario. You can do this by shutting down the active switch interface or disconnecting it from the network and ensuring that the standby switch takes over seamlessly.
Initial Status Check:
- Log in to both switches and check the status of HSRP using the command:
- Ensure that one switch is the active router and the other is in standby mode.
Ping Test:
- From a device connected to the network, initiate continuous ping to an external IP address (e.g., a public DNS server) or an internal IP address.
- Observe the ping responses to ensure that traffic is flowing through the active switch.
Simulate Failover:
- On the active router (Switch A), simulate a failure by shutting down its VLAN interface. For example:
- Alternatively, you can physically disconnect the cable from the active router's interface.
- Monitor the ping test. You should observe a brief interruption in the ping responses as the standby router (Switch B) takes over.
Verify the new active router using the command:
- Restore the configuration of the initially active router to bring it back online. For example, on
Switch A:
- Monitor the ping test to ensure that traffic flows through the restored active router.
- Verify the status of HSRP to ensure that both switches are operational and one is the active router.
- Verification:
- Once testing is complete, verify the overall HSRP configuration, including the status of the routers and the stability of the failover process.