Module 9: FHRP Concepts •Instructor Materials Switching, Routing and Wireless Essentials v7.0 (SRWE) Cisco Networking Academy Program Switching, Routing and Wireless Essentials v7.0 (SRWE) Module 9: FHRP Concepts Feature Description Animations Expose learners to new skills and concepts. Videos Expose learners to new skills and concepts. Check Your Understanding(CYU) Per topic online quiz to help learners gauge content understanding. Interactive Activities A variety of formats to help learners gauge content understanding. Syntax Checker Small simulations that expose learners to Cisco command line to practice configuration skills. PT Activity Simulation and modeling activities designed to explore, acquire, reinforce, and expand skills. Module Objectives •Module Title: FHRP Concepts • •Module Objective: Explain how FHRPs provide default gateway services in a redundant network. Topic Title Topic Objective First Hop Redundancy Protocols Explain the purpose and operation of first hop redundancy protocols. HSRP Explain how HSRP operates. 9- Introduction 9.0.2 - What will I learn to do in this module? 9.1 First Hop Redundancy Protocols 9 – FHRP Concepts 9.1 – First Hop Redundancy Protocols Default Gateway Limitations •End devices are typically configured with a single default gateway IPv4 address. •If the default gateway router interface fails, LAN hosts lose outside LAN connectivity. •This occurs even if a redundant router or Layer 3 switch that could serve as a default gateway exists. • •First hop redundancy protocols (FHRPs) are mechanisms that provide alternate default gateways in switched networks where two or more routers are connected to the same VLANs. • 9 – FHRP Concepts 9.1 – First Hop Redundancy Protocols 9.1.1 – Default Gateway Limitations Router Redundancy •One way to prevent a single point of failure at the default gateway is to implement a virtual router. To implement this type of router redundancy, multiple routers are configured to work together to present the illusion of a single router to the hosts on the LAN. By sharing an IP address and a MAC address, two or more routers can act as a single virtual router. •The IPv4 address of the virtual router is configured as the default gateway for the workstations on a specific IPv4 segment. •When frames are sent from host devices to the default gateway, the hosts use ARP to resolve the MAC address that is associated with the IPv4 address of the default gateway. The ARP resolution returns the MAC address of the virtual router. Frames that are sent to the MAC address of the virtual router can then be physically processed by the currently active router within the virtual router group. •A protocol is used to identify two or more routers as the devices that are responsible for processing frames that are sent to the MAC or IP address of a single virtual router. Host devices send traffic to the address of the virtual router. The physical router that forwards this traffic is transparent to the host devices. • 9 – FHRP Concepts 9.1 – First Hop Redundancy Protocols 9.1.2 – Router Redundancy Router Redundancy (Cont.) •A redundancy protocol provides the mechanism for determining which router should take the active role in forwarding traffic. It also determines when the forwarding role must be taken over by a standby router. The transition from one forwarding router to another is transparent to the end devices. •The ability of a network to dynamically recover from the failure of a device acting as a default gateway is known as first-hop redundancy. • 9 – FHRP Concepts 9.1 – First Hop Redundancy Protocols 9.1.2 – Router Redundancy (Cont.) Steps for Router Failover •When the active router fails, the redundancy protocol transitions the standby router to the new active router role, as shown in the figure. These are the steps that take place when the active router fails: 1.The standby router stops seeing Hello messages from the forwarding router. 2.The standby router assumes the role of the forwarding router. 3.Because the new forwarding router assumes both the IPv4 and MAC addresses of the virtual router, the host devices see no disruption in service. • 9 – FHRP Concepts 9.1 – First Hop Redundancy Protocols 9.1.3 – Steps for Router Failover First Hop Redundancy Protocols FHRP Options FHRP Options Description Hot Standby Router Protocol (HSRP) HRSP is a Cisco-proprietary FHRP that is designed to allow for transparent failover of a first-hop IPv4 device. HSRP is used in a group of routers for selecting an active device and a standby device. The active device is the device that is used for routing packets; the standby device is the device that takes over when the active device fails, or when pre-set conditions are met. HSRP for IPv6 This is a Cisco-proprietary FHRP that provides the same functionality of HSRP, but in an IPv6 environment. An HSRP IPv6 group has a virtual MAC address derived from the HSRP group number and a virtual IPv6 link-local address derived from the HSRP virtual MAC address. Periodic router advertisements (RAs) are sent for the HSRP virtual IPv6 link-local address when the HSRP group is active. When the group becomes inactive, these RAs stop after a final RA is sent. Virtual Router Redundancy Protocol version 2 (VRRPv2) This is a non-proprietary election protocol that dynamically assigns responsibility for one or more virtual routers to the VRRP routers on an IPv4 LAN. This allows several routers on a multiaccess link to use the same virtual IPv4 address. In a VRRP configuration, one router is elected as the virtual router master, with the other routers acting as backups, in case the virtual router master fails. VRRPv3 This provides the capability to support IPv4 and IPv6 addresses. VRRPv3 works in multi-vendor environments and is more scalable than VRRPv2. Gateway Load Balancing Protocol (GLBP) This is a Cisco-proprietary FHRP that protects data traffic from a failed router or circuit, like HSRP and VRRP, while also allowing load balancing (also called load sharing) between a group of redundant routers. GLBP for IPv6 This is a Cisco-proprietary FHRP that provides the same functionality of GLBP, but in an IPv6 environment. GLBP for IPv6 provides automatic router backup for IPv6 hosts configured with a single default gateway on a LAN. Multiple first-hop routers on the LAN combine to offer a single virtual first-hop IPv6 router while sharing the IPv6 packet forwarding load. ICMP Router Discovery Protocol (IRDP) Specified in RFC 1256, IRDP is a legacy FHRP solution. IRDP allows IPv4 hosts to locate routers that provide IPv4 connectivity to other (nonlocal) IP networks. 9 – FHRP Concepts 9.1 – First Hop Redundancy Protocols 9.1.4 – FHRP Options 9.1.5 – Check Your Understanding – First Hop Redundancy Protocols 9.2 HSRP 9 – FHRP Concepts 9.2 – HSRP HSRP Overview •Cisco provides HSRP and HSRP for IPv6 as a way to avoid losing outside network access if your default router fails. HSRP is a Cisco-proprietary FHRP that is designed to allow for transparent failover of a first-hop IP device. • •HSRP ensures high network availability by providing first-hop routing redundancy for IP hosts on networks configured with an IP default gateway address. HSRP is used in a group of routers for selecting an active device and a standby device. In a group of device interfaces, the active device is the device that is used for routing packets; the standby device is the device that takes over when the active device fails, or when pre-set conditions are met. The function of the HSRP standby router is to monitor the operational status of the HSRP group and to quickly assume packet-forwarding responsibility if the active router fails. • 9 – FHRP Concepts 9.2 – HSRP 9.2.1 – HSRP Overview HSRP Priority and Preemption •The role of the active and standby routers is determined during the HSRP election process. By default, the router with the numerically highest IPv4 address is elected as the active router. However, it is always better to control how your network will operate under normal conditions rather than leaving it to chance. •HSRP priority can be used to determine the active router. •The router with the highest HSRP priority will become the active router. •By default, the HSRP priority is 100. •If the priorities are equal, the router with the numerically highest IPv4 address is elected as the active router. •To configure a router to be the active router, use the standby priority interface command. The range of the HSRP priority is 0 to 255. • 9 – FHRP Concepts 9.2 – HSRP 9.2.2 – HSRP Priority and Preemption HSRP Priority and Preemption (Cont.) •By default, after a router becomes the active router, it will remain the active router even if another router comes online with a higher HSRP priority. •To force a new HSRP election process to take place when a higher priority router comes online, preemption (předběžné opatření) must be enabled using the standby preempt interface command. Preemption is the ability of an HSRP router to trigger (spouštět) the re-election process. With preemption enabled, a router that comes online with a higher HSRP priority will assume the role of the active router. •Preemption only allows a router to become the active router if it has a higher priority. A router enabled for preemption, with equal priority but a higher IPv4 address will not preempt an active router. Refer to the topology in the figure. •Note: With preemption disabled, the router that boots up first will become the active router if there are no other routers online during the election process. • 9 – FHRP Concepts 9.2 – HSRP 9.2.2 – HSRP Priority and Preemption (Cont.) HSRP States and Times HSRP State Description Initial This state is entered through a configuration change or when an interface first becomes available. Learn The router has not determined the virtual IP address and has not yet seen a hello message from the active router. In this state, the router waits to hear from the active router. Listen The router knows the virtual IP address, but the router is neither the active router nor the standby router. It listens for hello messages (UDP multicast) from those routers. Speak The router sends periodic hello messages and actively participates in the election of the active and/or standby router. Standby The router is a candidate to become the next active router and sends periodic hello messages. The active and standby HSRP routers send hello packets to the HSRP group multicast address every 3 seconds by default. The standby router will become active if it does not receive a hello message from the active router after 10 seconds. You can lower these timer settings to speed up the failover or preemption. However, to avoid increased CPU usage and unnecessary standby state changes, do not set the hello timer below 1 second or the hold timer below 4 seconds. 9 – FHRP Concepts 9.2 – HSRP 9.2.3 – HSRP States and Timers 9.2.4 – Check Your Understanding - HSRP Sledování objektu ‹#› © 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Sledování rozhraní Load Balancing R2: interface FastEthernet0/0 ip address 192.168.1.12 255.255.255.0 standby 1 ip 192.168.1.1 standby 1 name network-one standby 2 ip 192.168.1.2 standby 2 priority 200 standby 2 preempt standby 2 name network-two R1: interface FastEthernet0/0 ip address 192.168.1.11 255.255.255.0 standby 1 ip 192.168.1.1 standby 1 priority 200 standby 1 preempt standby 1 name network-one standby 2 ip 192.168.1.2 standby 2 name network-two PC1 používá 192.168.1.1 jako svoji default gateway (network-one) PC2 používá 192.168.1.2 jako svoji default gateway (network-two) ‹#› © 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Verze a parametry 9.3 Module Practice and Quiz 9 – FHRP Concepts 9.3 – Module Practice and Quiz Module 9: Best Practices •Topic 9.1 •What happens if the default gateway of your host went down? •What would happen if there were two possible default gateways, but the one your host connected to went down? •Topic 9.2 •How do you think two routers could provide a consistent default gateway to LAN hosts? •How does HSRP operate? • • § • • § § What Did I Learn In This Module? •FHRP provides alternate default gateways in switched networks where two or more routers are connected to the same VLANs. •One way to prevent a single point of failure at the default gateway, is to implement a virtual router. With a virtual router, multiple routers are configured to work together to present the illusion of a single router to the hosts on the LAN. •When the active router fails, the redundancy protocol transitions the standby router to the new active router role. These are the steps that take place when the active router fails: •The standby router stops seeing Hello messages from the forwarding router. •The standby router assumes the role of the forwarding router. •Because the new forwarding router assumes both the IPv4 and MAC addresses of the virtual router, the host devices see no disruption in service. •The FHRP used in a production environment largely depends on the equipment and needs of the network. These are the options available for FHRPs: •HSRP and HSRP for IPv6 •VRRPv2 and VRRPv3 •GLBP and GLBP for IPv6 •IRDP § 9 – FHRP Concepts 9.3 – Module Practice and Quiz 9.3.1 – What Did I Learn In This Module? Module Practice and Quiz What Did I Learn In This Module? (Cont.) •HSRP is a Cisco-proprietary FHRP designed to allow for transparent failover of a first-hop IP device. HSRP is used in a group of routers for selecting an active device and a standby device. • •In a group of device interfaces, the active device is the device that is used for routing packets; the standby device is the device that takes over when the active device fails, or when pre-set conditions are met. The function of the HSRP standby router is to monitor the operational status of the HSRP group and to quickly assume packet-forwarding responsibility if the active router fails. • •The router with the highest HSRP priority will become the active router. Preemption is the ability of an HSRP router to trigger the re-election process. With preemption enabled, a router that comes online with a higher HSRP priority will assume the role of the active router. HSRP states include initial, learn, listen, speak, and standby § 9 – FHRP Concepts 9.3 – Module Practice and Quiz 9.3.1 – What Did I Learn In This Module? (Cont.) 9.3.2 – Module Quiz – FHRP Concepts Module Practice and Quiz Packet Tracer – HSRP Configuration Guide •In this Packet Tracer activity, you will learn how to configure Hot Standby Router Protocol (HSRP) to provide redundant default gateway devices to hosts on LANs. After configuring HSRP, you will test the configuration to verify that hosts are able to use the redundant default gateway if the current gateway device becomes unavailable. •Configure an HSRP active router. •Configure an HSRP standby router. •Verify HSRP operation. 9 – FHRP Concepts 9.3 – Module Practice and Quiz 9.3.3 – Packet Tracer – HSRP Configuration Guide Module 9: FHRP Concepts New Terms and Commands •First Hop Redundancy Protocol (FHRP) •Router Redundancy •Virtual Router •Active Router •Standby Router •Hot Standby Routing Protocol (HSRP) •Virtual Router Redundancy Protocol (VRRP) •Gateway Load Balancing Protocol (GLBP) •ICMP Router Discovery Protocol (IRDP) •Virtual Router Master •standby priority •standby preempt §