Detailed description of hot backup routing protocol (HSRP)

Overview of HSRP

HSRP (hot backup routing protocol): a proprietary Cisco technology that ensures that user communication can be restored quickly and transparently when the network edge device or access link fails, this provides redundancy for IP networks. The hot backup routing protocol provides fault tolerance and enhanced routing selection for IP networks. By using a virtual IP address and a virtual MAC address, two or more routers in the lan cidr block can serve as one virtual router.

Familiar with HSRP group members

HSRP backup has an active router, a backup router, a virtual router, and other routers.

Active router: The main function is to forward data packets to the virtual router. Another vro in the group is selected as the backup vro. An active router assumes and maintains its active role by sending a Hello message.

Backup router: as long as the function is to monitor the running status of the HSRP group, and the active router cannot run, quickly assume the responsibility for packet forwarding. The backup router also sends a Hello message to notify all vrouters in the group of the role and status changes of the backup router.

Virtual router: The main function is to provide end users with a router that can work continuously. The vro configuration has its own IP address and MAC address, but does not actually forward packets.

Other Routers: these routers monitor Hello messages but do not respond. These routers forward any data packets that pass through them, but do not forward data packets that pass through the vro.

Understanding the HSRP Principle

Each vro In the HSRP group has a specified priority, which is used to measure the priority of the vro in the active vro selection. The default priority is 100 (The configurable range is 0-255). The highest priority router in the group will be an active router, followed by a backup router. When the priorities are the same, the LAN port IP address of the vro is compared and the IP address of the vro。 is larger.

When an end user submits data to a vro, it will be processed by the active router. When the active router fails, the backup router will be responsible for the active router within several seconds, at this time, because the backup becomes an active router, and the location of the backup router is vacant, other routers in the group will be promoted to the backup router, and the backup router will be selected in the next comparison priority.

HSRP configuration and application

The HSRP configuration command syntax is as follows:

1. Configure HSRP members

Switch (cofnig-if) # standby group-number ip virtual-ip-address

Group-number: indicates the HSRP group to which the port belongs. Multiple HSRP groups can be created by specifying a unique group number in the BACKUP command. Virtual-ip-address: the ip address of the virtual HSRP router, that is, the ip address of the network segment.

2. Configure HSRP priority

Switch (cofnig-if) # standby group-number priority-value

Priority-value: the value range is 0-255. The default value is 100.

3. Configure authorization for HSRP

Switch (cofnig-if) # standby group-number preempt

Preemptible explanation: during regular maintenance of Active Routers with a higher priority in HSRP, The HSRP backup router will become an active router. However, when an active router with a higher priority is added to HSRP after it is repaired, if it is not configured with preemptible permissions, it will not obtain the active router location from the backup router, even if its priority is higher than that of the backup router, if it is configured, it will take the position of the active router from the low-priority router.

4. Configure HSRP port tracking

Switch (cofnig-if) # standby group-number track interface-type mod/num interface-priority

Group-number: group number of the port using the tracking function

Interface-type: Specifies the port type of the tracking port.

Mod/num: Port Number of the tracking Port

Interface-priority: the value of the router's Hot Backup priority is reduced when the port fails. When the port becomes available, this value is added to the router's priority. The default value is 10.

Port tracing explanation: If Port tracing is not set, when a port of the vro is unavailable, but it still sends a hello message to other vrouters, The vro is available, in fact, data cannot be transmitted. After a port tracing is configured for an active vro, when the tracked port is unavailable, the priority of the active vro decreases accordingly. When the tracked port is available, the corresponding value is increased. In this way, the Failover effect is flexible.

5. Configure the timer for the Hello Message

Switch (cofnig-if) # standby group-number times hellotime holdtime

Hellotime: interval of the hello message. The default value is 3 s, and the value range is 1-255.

Holdtime: The retention time of the hello message. The default value is 10 s. It is generally set to three times the hello interval.

6. Check the HSRP status

Switch # show standby [interface-type mod/num] [group-number] brief

Interface-type mod/num: Port type and serial number to be displayed

Group-number: The specific HSRP to be displayed.

Brief: Displays summary information, and each backup group summary displays a row of output.

Application Example of HSRP

Configure the company's two core layer-3 switches to achieve vro backup + load balancing.

Shows the experiment topology:

650) this. length = 650; "src =" http://www.bkjia.com/uploads/allimg/131227/005H32V8-0.jpg "title =" 5.jpg" width = "600" height = "390" border = "0" hspace = "0" vspace = "0" style = "width: 600px; height: 390px; "/>

The lab requirements are as follows:

1. process data of vlan 10 and vlan 30 by SW2.

2. Enable SW1 to process packets of vlan 20.

3. When a port of any vro is unavailable or the vro is unavailable, data can be processed from the backup vro.

Configure the VTP server on SW1 and create a vlan. The configuration is as follows:

# Set interfaces with all vswitches as link interfaces (trunk) and configure the IP addresses and default routes of the wan Interfaces

Sw1 (config) # int range f0/1-3

Sw1 (config-if-range) # switchport mode trunk

Sw1 (config-if-range) # no sh

Sw1 (config-if-range) # exit

Sw1 (config) # int f0/0

Sw1 (config-if) # ip add 202.106.123.1 255.255.255.0

Sw1 (config-if) # no switchport

Sw1 (config-if) # no sh

Sw1 (config-if) # exit

Sw1 (config) # ip route 0.0.0.0 0.0.0.0 f0/0

# Configuring VTP and creating VLANs

Sw1 # vlan database

Sw1 (vlan) # vtp domain test

Sw1 (vlan) # vtp server

Sw1 (vlan) # vtp password 123

Sw1 (vlan) # vtp pruning

Sw1 (vlan) # exit

Sw1 # vlan database

Sw1 (vlan) # vlan 10

Sw1 (vlan) # vlan 20

Sw1 (vlan) # vlan 30

# Configure HSRP and the backup router with SW1 as vlan 10

Sw1 (config) # int vlan 10

Sw1 (config-if) # ip add 192.168.1.1 255.255.255.0

Sw1 (config-if) # standby 10 ip address 192.168.1.254

Sw1 (config-if) # standby 10 priority 150

Sw1 (config-if) # standby 10 preempt

Sw1 (config-if) # no sh

# Configure HSRP and an active vro with SW1 as vlan 20

Sw1 (config) # int vlan 20

Sw1 (config-if) # ip add 192.168.2.1 255.255.255.0

Sw1 (config-if) # standby 20 ip address 192.168.2.254

Sw1 (config-if) # standby 20 priority 200

Sw1 (config-if) # standby 20 preempt

Sw1 (config-if) # standby 20 track f0/0 100

Sw1 (config-if) # standby 20 track f0/1 100

Sw1 (config-if) # standby 20 track f0/2 100

Sw1 (config-if) # no sh

# Configure HSRP and the backup router with SW1 as vlan 30

Sw1 (config) # int vlan 30

Sw1 (config-if) # ip add 192.168.3.1 255.255.255.0

Sw1 (config-if) # standby 30 ip 192.168.3.254

Sw1 (config-if) # standby 30 priority 150

Sw1 (config-if) # standby 30 preempt

Sw1 (config-if) # no sh

Configure the VTP client on SW2 and learn the vlan created by SW1.

# Set interfaces with all vswitches as link interfaces (trunk) and configure the IP addresses and default routes of the wan Interfaces

Sw2 (config) # int range f0/1-3

Sw2 (config-if-range) # switchport mode trunk

Sw2 (config-if-range) # no sh

Sw2 (config-if-range) # exit

Sw2 (config) # int f0/0

Sw2 (config-if) # ip add 202.106.123.2 255.255.255.0

Sw1 (config-if) # no switchport

Sw1 (config-if) # no sh

Sw2 (config-if) # exit

Sw2 (config) # ip route 0.0.0.0 0.0.0.0 f0/0

# Configuring VTP and creating VLANs

Sw2 # vlan database

Sw2 (vlan) # vtp domain test

Sw2 (vlan) # vtp client

Sw2 (vlan) # vtp password 123

Sw2 (vlan) # vtp pruning

# Configure HSRP and an active vro with SW2 as vlan 10

Sw2 (config) # int vlan 10

Sw2 (config-if) # ip add 192.168.1.2 255.255.255.0

Sw2 (config-if) # standby 10 ip address 192.168.1.254

Sw2 (config-if) # standby 10 priority 200

Sw2 (config-if) # standby 10 preempt

Sw2 (config-if) # standby 10 track f0/0 100

Sw2 (config-if) # standby 10 track f0/1 100

Sw2 (config-if) # standby 10 track f0/2 100

Sw2 (config-if) # no sh

# Configure HSRP and the backup router with SW2 as vlan 20

Sw2 (config) # int vlan 20

Sw2 (config-if) # ip add 192.168.2.2 255.255.255.0

Sw2 (config-if) # standby 20 ip address 192.168.2.254

Sw2 (config-if) # standby 20 priority 150

Sw2 (config-if) # standby 20 preempt

Sw2 (config-if) # no sh

# Configure HSRP and an active vro with SW2 as vlan 30

Sw2 (config) # int vlan 30

Sw2 (config-if) # ip add 192.168.3.2 255.255.255.0

Sw2 (config-if) # standby 30 ip 192.168.3.254

Sw2 (config-if) # standby 30 priority 200

Sw2 (config-if) # standby 30 preempt

Sw2 (config-if) # standby 30 track f0/0 100

Sw2 (config-if) # standby 30 track f0/1 100

Sw2 (config-if) # standby 30 track f0/2 100

Sw2 (config-if) # no sh

Configure the VTP client on SW3 and learn the vlan created by SW1.

# Set interfaces with all vswitches as link interfaces (trunk)

Sw3 (config) # int range f0/0-1

Sw3 (config-if-range) # switchport mode trunk

Sw3 (config-if-range) # no sh

# Configuring VTP and creating VLANs

Sw3 # vlan database

Sw3 (vlan) # vtp domain test

Sw3 (vlan) # vtp client

Sw3 (vlan) # vtp password 123

Sw3 (vlan) # vtp pruning

# Add the specified interface to the corresponding vlan

Sw3 (config) # int f0/2

Sw3 (config-if) # switchport access vlan 10

Sw3 (config-if) # no sh

Sw3 (config-if) # exit

Sw3 (config) # int f0/3

Sw3 (config-if) # switchport access vlan 20

Sw3 (config-if) # no sh

Configure the VTP client on SW4 and learn the vlan created by SW1.

# Set interfaces with all vswitches as link interfaces (trunk)

Sw4 (config) # int range f0/0-1

Sw4 (config-if-range) # switchport mode trunk

Sw4 (config-if-range) # no sh

# Configuring VTP and creating VLANs

Sw4 # vlan database

Sw4 (vlan) # vtp domain test

Sw4 (vlan) # vtp client

Sw4 (vlan) # vtp password 123

Sw4 (vlan) # vtp pruning

# Add the specified interface to the corresponding vlan

Sw4 (config) # int f0/2

Sw4 (config-if) # switchport access vlan 20

Sw4 (config-if) # no sh

Sw4 (config-if) # exit

Sw4 (config) # int f0/3

Sw4 (config-if) # switchport access vlan 30

Sw4 (config-if) # no sh

At this time, even if the two core switches in the company are configured with HSRP, whether the core switch is broken or the data interface on the switch is unavailable, user access to the Internet is not affected. Because the two core switches are configured with HSRP, the routing backup and load balancing are realized, while the router backup and load are transparent to users.

This article is from the "initialize" blog, please be sure to keep this source http://cshbk.blog.51cto.com/5685776/1253916