Example: a deep understanding of the HSRP Protocol

Bkjia.com exclusive Article: HSRP (Hot Standby Router Protocol) Hot Backup Router Protocol, that is, multiple routers form a "Hot backup group" and simulate a virtual Router, the virtual router has a virtual IP address and a virtual MAC address. In a hot backup group, only one vro forwards data packets as the active router. Only when the active router fails will a backup router be selected as the active router. However, for hosts in the network, the vro has not changed and will not interrupt the host communication.

The following example introduces the configuration and operation process of HSRP to better understand the role of HSRP.

I. Network Topology

Figure 1 shows the network topology. The two core switches are Cisco Catalyst ipv7r, each of which uses two engines, as shown in two engines 2 on Cisco Catalyst ipv7r. The names of the two engines on ipv7a are ipv7a-r1 and ipv7a-r2, and ipv7b-r1 and ipv7b-r2 respectively. Ipv7a and ipv7b are connected through the Trunk port, and between ipv7a and 3750A, ipv7b and 3750B are also connected through the Trunk port. The VTP protocol is run on all the four vswitches. The VTP running mode in ipv7a is server mode, and The VTP running mode in the other three vswitches is client mode, in addition, VLAN 100 and VLAN 200 are created in ipv7a.

Figure 1 Network Structure

Figure 2 two engines on the ipv7r Switch

Eight PCs are connected to the two 3750 vswitches, and four of VLAN 100 and VLAN 200 are allocated. Eight computers automatically obtain IP addresses, default gateways, and DNS server addresses. These addresses are automatically allocated through the DHCP server. The IP address of the DHCP server is 10.10.1.1/24. The network architecture fully considers the redundancy of the core switch. If ipv7b fails, the data on 3750B can first reach 3750A, and then reach the core switch ipv7a. Similarly, if ipv7a fails, data on 3750A is not affected to reach the core switch ipv7b.

Ii. DHCP server configuration

The configuration of the DHCP server is shown in figure 3 and figure 4. Note that the default gateway of VLAN 100 must point to 10.10.100.254 instead of 10.10.100.253 or 10.10.100.252. Similarly, the default gateway of VLAN 200 also points to 10.10.200.254.

Figure 3 DHCP configuration for VLAN 100

Figure 4 DHCP configurations for VLAN 200

Iii. Detailed descriptions of HSRP Configuration

The HSRP configuration on Engine 1 of 4507A is as follows:

 
 

  
  
4507A-R1  
  
  
interface Vlan100  
  
  
 ip address 10.10.100.253  255.255.255.0  
  
  
 ip helper-address 10.10.1.1         
  
  
 standby 100 priority 150 preempt  
  
  
 standby 100 ip 10.10.100.254  
  
  
!  
  
  
interface Vlan200  
  
  
 ip address 10.10.200.253  255.255.255.0  
  
  
ip helper-address 10.10.1.1  
  
  
 standby 200 priority 150 preempt  
  
  
 standby 200 ip 10.10.200.254 
 
 

The command "ip address 10.10.100.253 255.255.255.0" is used to configure an ip address for the specified VLAN.

The "ip helper-address 10.10.1.1" command ensures that all hosts on the two 3750 switches obtain ip addresses, default gateways, and DNS server addresses, it is automatically obtained from the DHCP server 10.10.1.1.

In the "standby 100 priority 150 preempt" command, "priority" indicates the priority of HSRP configuration. "100" indicates the group sequence number. The value range is 0 ~ 255,150 indicates the priority value. The value ranges from 0 ~ 255. The greater the value, the higher the priority.

Priority will determine the status of a router in the HSRP backup group. The router with the highest priority will become an active router, and the router with the lowest priority will become a Standby Router. When the active router fails, the Standby Router replaces it with the active router. When both the active and standby vrouters fail, other vrouters will participate in the election of the active and standby vrouters. When the priorities are the same, the high IP address of the interface will become the active router.

"Preempt" indicates that HSRP is configured as the preemption mode. Configure this command if you want a high-priority router to take the initiative to become an active router. After preempt is configured, the router with a higher priority can always become an active router after it is restored. When the active router fails, the Standby Router with the highest priority will be active. If the preempt technology is not used, the active router can only be in the standby status after it is restored, the role of the Standby Router is active.

The command "standby 100 ip 10.10.100.254" is used to start HSRP. If the virtual ip address is not specified, the router will not participate in the backup. The virtual IP address must be the address in the network segment where the interface is located and cannot be the IP address on the interface.

The HSRP configuration on engine 7A is as follows:

 
 

  
  
4507A-R2  
  
  
interface Vlan100  
  
  
 ip address 10.10.100.252  255.255.255.0  
  
  
 ip helper-address 10.10.1.1  
  
  
 standby 100 priority 140 preempt  
  
  
 standby 100 ip 10.10.100.254  
  
  
!  
  
  
interface Vlan200  
  
  
 ip address 10.10.200.252  255.255.255.0  
  
  
ip helper-address 10.10.1.1  
  
  
 standby 200 priority 140 preempt  
  
  
 standby 200 ip 10.10.200.254 
 
 

The preceding commands show that engine 1 is in the active state and engine 2 is in the STANDBY state when both Engine 1 and engine 2 are running on the network, because the priority of Engine 1 is 150 higher than that of Engine 2. Of course, if Engine 1 fails, Engine 2 immediately replaces Engine 1 without interrupting the network.

The HSRP configurations on engine 7b 1 and engine 2 are as follows:

 
 

  
  
4507B-R1  
  
  
interface Vlan100  
  
  
 ip address 10.10.100.251  255.255.255.0  
  
  
 ip helper-address 10.10.1.1  
  
  
 standby 100 priority 130 preempt  
  
  
 standby 100 ip 10.10.100.254  
  
  
!  
  
  
interface Vlan200  
  
  
 ip address 10.10.200.251  255.255.255.0  
  
  
ip helper-address 10.10.1.1  
  
  
 standby 200 priority 130 preempt  
  
  
 standby 200 ip 10.10.200.254 
 
 

 
 

  
  
4507B-R1  
  
  
interface Vlan100  
  
  
 ip address 10.10.100.251  255.255.255.0  
  
  
 ip helper-address 10.10.1.1  
  
  
 standby 100 priority 130 preempt  
  
  
 standby 100 ip 10.10.100.254  
  
  
!  
  
  
interface Vlan200  
  
  
 ip address 10.10.200.251  255.255.255.0  
  
  
ip helper-address 10.10.1.1  
  
  
 standby 200 priority 130 preempt  
  
  
 standby 200 ip 10.10.200.254 
 
 

From the above configuration, we can see that if the four engines on both 4507 are in the running status, Engine 1 on ipv7a is in the active status, because Engine 1 has the highest priority among the four engines, the other three engines are in standby status. If Engine 1 of ipv7a fails, other engines with higher priority will immediately change from the standby status to the active status, thus ensuring that the network will not be interrupted.

The two vswitches ipv7a and ipv7b use four engines, which greatly improves the stability and redundancy of the core vswitches in the network. If one engine fails on the same server 4507, another engine on the same server 4507 will be activated immediately and replace the faulty engine. If both engine boards of the same server fail, the routing function of the core switch will not be affected, because the engine on the other 4507 is activated immediately and takes on the routing task.

Iv. Summary

The HSRP technology is applied to the Layer 3 of the OSI reference model, that is, the Layer 2 or Layer 2 switch does not have the HSRP technology.

1. HSRP Technology ensures the high reliability of vro running in the network. There are three types of routers in the HSRP routing system: one is the active router, which is responsible for forwarding and sending data to the virtual router. It sends a HELLO message based on the UDP port number 1985 to notify it of its active status. The second is the Standby Router, which monitors the running status in the HSRP group, in addition, when the current active vro is unavailable, it quickly takes on the task of data forwarding. The slave router also sends a HELLO message to notify other routers in the group, which backs up the role of the router. The third is a virtual router. for end users, it represents a router device that can continue to work. It has its own MAC address and IP address. But in fact, it does not forward data packets. Its function is only to represent an available routing device.

The HSRP priority is broadcast between Routers configured with the HSRP protocol, and the current active router is selected by the HSRP protocol. When an active router cannot send a hello message within a preset period of time, the Standby Router with the highest priority becomes an active router. To reduce the data traffic of the network, only the active router and the Standby Router send HSRP packets regularly after the active router and the Standby Router are configured.

2. When using HSRP technology, some commands for viewing and debugging are also very important. For example, the "show standby brief" command displays some brief HSRP information on the router. There are also many Debugging commands, such as the "debug standby events detail" command to display HSRP events, and the "debug standby error" command to display HSRP errors.

Bkjia.com exclusive, not reprinted without authorization! For reprinted by the partner media, please indicate the author and source of the original article !]