NetRef

Search

SearchSearch

First Hop Redundancy Protocols (FHRPs)

4 min read

First Hop Redundancy Protocol (FHRP)

A computer networking protocol which is designed to protect the default gateway used on a subnetwork by allowing two or more routers to provide backup for that address; in the event of failure of an active router, the backup router will take over the address, usually within a few seconds. Credit: Wikipedia

”First Hop” refers to the fact that the default gateway in any network is the first hop, i.e. the first router to whatever destination outside the network a given host is sending traffic to.

First Hop Redundancy Protocols (FHRPs),

Link to original

The two (or however many) routers will share a Virtual IP address (VIP). Hosts in the network are configured with the VIP as their default gateway. The routers must negotiate which of them is active and which is standby (These terms are not consistent across all FHRPs). They will do this via a series of multicast ‘Hello’ messages to each other.

The active router will handle all traffic directed to the VIP, including ARP requests. ARP Replies will be unicast normally, but will include a Virtual MAC Address instead of the device’s actual MAC.

If the active router goes down (for whatever reason) the standby will become the active router after some number of missed Hello messages. Because all hosts in the network know to forward traffic to the VIP, they do not need to update their IP routes or MAC address tables. However, it will be necessary for switches to update their MAC address tables to forward traffic through the correct interfaces. To ensure that this happens, the new active router will send gratuitous ARP replies.

  • A Virtual IP (VIP) is configured on the routers, and a virtual MAC is generated for the virtual IP (each FHRP uses a different format for the virtual MAC)
  • An active router and a standby router are elected (different FHRPs use different terminology)
  • End hosts are configured to use the virtual IP as their default gateway
  • The active router replies to ARP requests using the virtual MAC, so traffic destined for other networks will be sent to it
  • If the active router fails, the standby becomes the next active router. The new active router sends gratuitous ARP messages so that switches will update their MAC address tables. It now functions as the default gateway
  • If the old active router comes back online, (by default) it won’t take back its role as the active router — it will become standby
    • You can configure ‘preemption’ so that the old active router does take back its old role

Specific Protocols

FHRPTerminologyMulticast IPVirtual MACCisco Proprietary
HSRPActive/Standbyv1: 224.0.0.2
v2: 224.0.0.102		v1: 0000.0c07.acXX
v2: 0000.0c9f.fXXX		yes
VRRPMaster/Backup224.0.0.1800005e00.01XXno
GLBPAVG/AVF224.0.0.1020007.b400.XXYYyes

HSRP

Hot Standby Router Protocol

  • Cisco proprietary
  • An active and standby router are elected
    • Elected by:
      • Highest priority (default 100)
      • Highest IP address
  • Two versions: version 1 and version 2
    • Version 2 adds IPv6 support and increases the number of groups that can be configured
  • Multicast IPv4 addresses:
    • v1: 224.0.0.2
    • v2: 224.0.0.102
  • Virtual MAC address:
    • v1: 0000.0c07.acXX (XX = HSRP group number)
    • v2: 0000.0c9f.fXXX (XXX = HSRP group number)
  • In situations with multiple subnets/VLANS, you can configure a different active router in each subnet/VLAN to load balance

Configuration

  • (config-if)#standby <group-number> [OPTIONS]
    • Group number v1: <0-255>; v2: <0-4095>
    • Group number must match for routers to form redundancy
  • (config-if)#standby version <1,2>
    • Select version
  • (config-if)#standby <group-number> ip <a.b.c.d>
    • Set the VIP - will be used by network as default gateway
  • (config-if)#standby <group-number> priority <number>
    • Set the router’s priority - used to manually determine the active & standby routers
  • (config-if)#standby <group-number> preempt
    • Router will take active role, even if another router already has it (assuming it has higher priority/IP)
    • If the active router goes down, then comes back up later it will reassume the active role

VRRP

Virtual Router Redundancy Protocol

  • Open standard
  • A master and backup router are elected - same functions as active and standby
  • Multicast IPv4 address: 224.0.0.18
  • Virtual MAC address: 0000.5e00.01XX (XX = VRRP group number)
  • In a situation with multiple subnets/VLANs, you can configure a different master router in each subnet/VLAN to load balance

GLBP

Gateway Load Balancing Protocol

  • Cisco proprietary
  • Load balances among multiple routers within a single subnet
  • An AVG (Active Virtual Gateway) is elected
  • Up to four AVFs (Active Virtual Forwarders) are assigned by the AVG (the AVG itself can be an AVF, too)
  • Multicast IPv4 address: 224.0.0.102
  • Virtual MAC address: 0007.b400.XXYY (XX = GLBP group number, YY = AVF number)

Graph View

Backlinks