Hot Standby Router Protocol (HSRP)
- HSRP is Cisco proprietary, but defined in RFC 2281.
- HSRP routers multicast to the all-routers address 224.0.0.2 on UDP port 1985.
- HSRP group numbers (0 – 255) are only significant to an interface.
- HSRP virtual MAC in the range 0000.0c07.acXX where the last 8 bits represent the standby group.
- HSRP priority ranges from 0 to 255; default is 100.
- The default hello timer is 3 seconds; holddown timer is 10 seconds.
- preempt is not enabled by default
- HSRP interface states: Disabled Init Listen Speak Standby Active
- Cisco devices by default use the plaintext string "cisco" for authentication.
- Plaintext or MD5 authentication can be used
- Active router election :The highest priority wins; highest IP wins a tie.
- The router’s priority will be decremented by the associated value (default 10) if the tracked interface fails.
HSRP group configuration:
standby 1 ip [virtual_ip]
Timers can be adjusted:
standby 1 timers [hello] [dead]
By default a router with higher priority cannot preempt the current active router; this can be allowed:
standby 1 priority [priority]
standby 1 preempt
Minimum defines the time the router must wait after it becomes HSRP-capable for the interface. Reload defines the time it must wait after reloading.
Conceding the Election
A router can be configured to withdraw from active status if one or more of its other interfaces fail:
standby 1 track [interface][value]
The router’s priority will be decremented by the associated value (default 10) if the tracked interface fails.
If another router now has a higher priority and has been configured to preempt, it will take over as the active router for the group.
Enabling Authentication
standby 1 authentication md5 key-string [password]
Verification
show standby [brief] [interface]