è
HSRP is cisco proprietary protocol developed RFC
2281 to allow several router or multilayer switches to appear as a single
gateway ip address.
è
Each and every routers to participate in HSRP
assigned to a common HSRP group (0 to 255).
è
One router is elected as the primary or active
HSRP router and another is elect as the standby HSRP router and all others are
listen HSRP state. Primary or active router elected based on highest priority
value (0 to 255) by default all router have HSRP priority 100.
If the all router’s priority is equal, then
it elected HSRP active router based on highest IP address on the HSRP
interface.
è
HSRP sends its hello message to the multicast
destination 224.0.0.2 using UDP port 1985.
è
When HSRP is configured on an interface, the
router progress through a series of states before becoming active. This forces
a router to listen for others in a group and see where it fits into the pecking
order. Device participating in HSRP must progress their interfaces through the
following state sequence:
1.
Disabled
2.
Init
3.
Listen
4.
Speak
5.
Standby
6.
Active
è
Only the standby (second highest priority)
router monitors the hello messages from the active router. By default, are sent
every 3 second. If hellos are missed for the duration of the hold-down timer
(default 10 second) the active router is presumed to be down. The standby
router is then clear to assume the active role.
We can change hello timer (1 to 254 second
or 15 to 999 milisecond) and hold down timer (1 to 255 second or 50 to 3000
millisecond).
Switch(config-if)# standby <group>
timers msec <millisecond for hello timer> msec <millisecond for holdtime>
è
Each router has a common gateway IP address, the
virtual router address. For the virtual router address, HSRP defines a special
MAC address of the form 0000.0c07.acXX ,Where 0000.0c is CISCO vendor ID and
07.ac is HSRP ID and XX represent HSRP group no.
è
We can also configure a router to preempt or
immediately take over the active role if its priority is the highest at any time.
Switch(config-if)# standby <group> preempt
è
Plaint-text HSRP Authentication
HSRP message are sent with a plain-text key
string (up to eight characters) as a simple method to authenticate HSRP peers.
If the key string in a message matches the key configured on an HSRP peer, the
message is accepted.
Cisco device use default key string.
We
can configure a plain text authentication key for an HSRP group with the
following interface configuration command:
Switch(config-if)# standby <group>
authentication <string>
Note : we can also use MD5 authentication for
HSRP message, for using key-chain and key-string value.
No comments:
Post a Comment