The hot backup routing protocol provides fault tolerance and enhanced routing selection for IP networks. It is a unique technology of the cisco platform and ensures that when the network edge or access link fails, user communication can be quickly and transparently restored, and redundancy is provided for this IP network.
How HSRP works:
HSRP allows you to quickly switch between default gateways when a vro fails. By providing an IP address and a MAC address, two or more vrouters can be used as one vro, when a router fails, other routers can take over the router seamlessly.
Active router: RA is used to forward data packets to vrouters. Another vro in the group is selected as a backup router. An active router sends a Hello message to assume and maintain its active role.
The RB function is used to monitor the running status of the HSRP group. When an active router fails, it quickly assumes the responsibility for packet forwarding.
Virtual router: it is a gateway on a LAN and serves to represent a router that can work continuously to the user. The router RA and RB jointly maintain this virtual router.
Three HSRP messages:
Hello Message ------ this message indicates that the vro is running and can become an active vro and a backup vro. By default, the system sends a HELLO message every 3 seconds.
Coup message -------- it means that when an active router fails, the backup router sends a Coup message to the active router.
Resign resignation message ------- it means that I don't want to send a resignation message when I want to quit the HSRP backup group when I do not want to be an active router or a backup router.
Six statuses of HSRP:
1. Initial status (all vrouters start from the initial status, for example, when the vro is started)
2. Learning status (vro waits for messages from active vrouters)
3. Listener status (the vro knows the virtual IP address, but it is neither an active router nor a backup router to listen for Hello messages from active and backup vrouters)
4. Speech status (the vro receives a Hello message and participates in active and backup vro election)
5. Backup status (the vro becomes a backup vro and a candidate for the next active vro)
6. Active (in active state, the router is responsible for forwarding packets sent to the virtual MAC address of the backup group)
TIPS: to learn HSRP well, you should have a good understanding of three messages and six statuses.
There is so much theoretical knowledge. Let's write down the experiment configuration command in the topology diagram above.
Only the commands of the routers RA and RB are configured. If the switch is enabled, no configuration is required.
RA configuration: active router
Route (config) # int s0/0
Route (config-if) # ip add 219.37.1.2 255.255.255.255.248 (simulate the public IP address of China Telecom)
Route (config-if) # no sh
Route (config) # int f0/0
Route (config-if) # ip add 172.16.10.1 255.255.255.0
Route (config-if) # no sh
Route (config-if) # standby 172 ip 172.16.10.254 (set the HSRP group name to 172 and the virtual IP address to 172.16.10.254)
Route (config-if) # standby 172 priority 120 (set priority of HSRP group 172 to 120)
Route (config-if) # standby 172 preempt (set the authorization of the HSRP router, that is, when the active router RA fails, the backup router RB becomes an active router. RA is configured when it is repaired and working. RA sends a coup message when it can work normally. It is important to take the lead in configuration)
Router RB configuration: Back up the router
Route (config) # int s0/0
Route (config-if) # ip add 219.37.1.1 255.255.255.255.248 (simulate the public IP address of China Netcom)
Route (config-if) # no sh
Route (config) # int f0/0
Route (config-if) # ip add 172.16.10.2 255.255.255.0
Route (config-if) # no sh
Route (config-if) # standby 172 ip 172.16.10.254 (set the HSRP group name to 172 and the virtual IP address to 172.16.10.254)
Route (config-if) # standby 172 priority 110 (set priority of HSRP group 172 to 110)
The configuration command is just like this. The external network of my topology is not well drawn. We should use a router to replace the HSRP result, when you use a simulator to perform this experiment, you can use a vro to verify the test results. If you can PING a vro through the Internet, you can also PING the Internet Router when you drop the RA interface. If yes, the HSRP is switched over. I did it through a simulated public network,
If it is a public network, default routing and NAT address translation must be performed on routers (RA) and RB to meet the requirements of the Internet on the Intranet.
View the HSRP (SHOW) command: show standby 172 brief (view the HSRP configuration)
Tip: The HSRP protocol is a proprietary protocol of Cisco. It can only be implemented on a CISCO router. vrouters of other manufacturers can use VRRP protocol for hot backup routing. VRRP and HSRP are similar, the working principle is the same, but VRRP is a public protocol.