CCNA 200-301 Day 29

First Hop Redundancy Protocols

 Things we’ll cover

●
The purpose of FHRPs

●
HSRP (Hot Standby Router Protocol)
●
VRRP (Virtual Router Redundancy Protocol)
●
GLBP (Gateway Load Balancing Protocol)

●
Basic HSRP Configuration
First Hop Redundancy Protocols
First Hop Redundancy Protocols

x
First Hop Redundancy Protocols
PC4
R2 SW2 SW4
.4
.253

.3
PC3
172.16.0.0/24
PC2

x
.2

.254
R1 SW1 SW3 .1
PC1
First Hop Redundancy Protocols
PC4
R2 SW2 SW4 DG:
.4 .254
.253

DG:
.3 .254
PC3
172.16.0.0/24
PC2

x
.2 DG:
.254
.254
DG:
R1 SW1 SW3 .1 .254
PC1
default gateway
 First Hop Redundancy Protocols
PC4
R2 SW2 SW4 DG:
.4 .254
.253

DG:
.3 .254
A first hop redundancy protocol (FHRP) is a computer networking protocol which
is designed to protect the default gateway used on a subnetwork by allowing two PC3
172.16.0.0/24
or more routers to provide backup for that address; in the event of failure of an
active router, the backup router will take over the address, usually within a few
seconds. PC2

x
.2 DG:
.254
.254
DG:
R1 SW1 SW3 .1 .254
PC1
First Hop Redundancy Protocols
PC4
R2 SW2 SW4 DG:
.4 .252
.253

DG:
Hello (multicast) .3 .252
PC3
VIP: .252 172.16.0.0/24
PC2
.2 DG:
.252
.254
DG:
R1 SW1 SW3 .1 .252
Hello (multicast) PC1
 First Hop Redundancy Protocols
PC4
R2 SW2 SW4 DG:
.4 .252
I need to send traffic to .253
a destination in another network.
My default gateway is 172.16.0.252, but I don’t know the MAC address yet.
I will send an ARP request to learn the MAC address of 172.16.0.252. DG:
STANDBY .3 .252
PC3
VIP: .252 172.16.0.0/24
PC2
ACTIVE
.2 DG:
.252
.254
DG:
R1 SW1 SW3 .1 .252
PC1
First Hop Redundancy Protocols
PC4
R2 SW2 SW4 DG:
.4 .252
.253

DG:
STANDBY .3 .252
PC3
VIP: .252 172.16.0.0/24
PC2
ACTIVE
.2 DG:
.252
.254
DG:
R1 SW1 SW3 .1
ARP Request (broadcast) .252
Hi 172.16.0.252. PC1
This is 172.16.0.1.
What’s your MAC address?
First Hop Redundancy Protocols
PC4
R2 SW2 SW4 DG:
.4 .252
.253

DG:
STANDBY .3 .252
PC3
VIP: .252 172.16.0.0/24
PC2
ACTIVE
.2 DG:
.252
.254
DG:
R1 ARP Reply SW1
(unicast) SW3 .1 .252
Hi 172.16.0.1.
This is 172.16.0.252. PC1
My MAC is: (virtual MAC)
First Hop Redundancy Protocols
PC4
R2 SW2 SW4 DG:
.4 .252
.253

DG:
STANDBY .3 .252
PC3
VIP: .252 172.16.0.0/24
PC2
ACTIVE
.2 DG:
.252
.254
DG:
R1 SW1
Src IP: 172.16.0.1 SW3 .1 .252
Dst IP: 8.8.8.8
Src MAC: PC1’s MAC PC1
Dst MAC: Virtual MAC
First Hop Redundancy Protocols
PC4
R2 SW2 SW4 DG:
.4 .252
.253

DG:
STANDBY .3 .252
PC3
VIP: .252 172.16.0.0/24
I haven’t received any ‘Hello’ messages from
PC2
R1 recently...I will become the Active router!

x
.2 DG:
.252
.254
DG:
R1 SW1 SW3 .1 .252
PC1
First Hop Redundancy Protocols
PC4
R2 SW2 SW4 DG:
.4 .252
.253

DG:
ACTIVE .3 .252
PC3
VIP: .252 172.16.0.0/24
PC2

x
.2 DG:
.252
.254
DG:
R1 SW1 SW3 .1 .252
PC1 ARP Table PC1
IP: 172.16.0.252 MAC: Virtual MAC
...
 First Hop Redundancy Protocols
PC4
R2 SW2 SW4 DG:
.4 .252
.253

DG:
ACTIVE .3 .252
PC3
VIP: .252 172.16.0.0/24
PC2

x
.2 DG:
.252
.254
DG:
Gratuitous ARP: ARP repliesR1 SW1requested
sent without being SW3 .1 .252
(no ARP request message was received). PC1
*the frames are broadcast to FFFF.FFFF.FFFF (normal ARP replies are unicast)
 First Hop Redundancy Protocols
PC4
R2 SW2 SW4 DG:
Gratuitous ARP: .4 .252
Hello! .253
I’m 172.16.0.252!
My MAC is (Virtual MAC)! DG:
ACTIVE .3 .252
I can reach (Virtual MAC)
via this interface PC3
VIP: .252 172.16.0.0/24
I can reach (Virtual MAC)
via this interface
PC2

x
.2 DG:
.252
.254
DG:
R1(Virtual MAC)
I can reach SW1 SW3 .1 .252
via this interface
I can reach (Virtual MAC) PC1
via this interface
First Hop Redundancy Protocols
PC4
R2 SW2 SW4 DG:
.4 .252
.253

DG:
ACTIVE .3 .252
PC3
VIP: .252 172.16.0.0/24
PC2

x
.2 DG:
.252
.254
DG:
R1 SW1
Src IP: 172.16.0.1 SW3 .1 .252
Dst IP: 8.8.8.8
Src MAC: PC1’s MAC PC1
Dst MAC: Virtual MAC
 First Hop Redundancy Protocols
PC4
R2 SW2 SW4 DG:
.4 .252
.253

DG:
ACTIVE .3 .252
PC3
VIP: .252 172.16.0.0/24
PC2
STANDBY DG:
.2
.252
.254
FHRPs are ‘non-preemptive’. The current active router will not automatically DG:
R1 SW1 SW3 .1
give up its role, even if the former active router returns. .252
PC1
*you can change this setting to make R1 ‘preempt’ R2 and take back its active
role automatically
 First Hop Redundancy Protocols
●
A virtual IP is configured on the two routers, and a virtual MAC is generated for the virtual
IP (each FHRP uses a different format for the virtual MAC)
●
An active router and a standby router are elected. (different FHRPs use different terms)
●
End hosts in the network are configured to use the virtual IP as their default gateway.
●
The active router replies to ARP requests using the virtual MAC address, so traffic destined
for other networks will be sent to it.
●
If the active router fails, the standby becomes the next active router.
The new active router will send gratuitous ARP messages so that switches will update their
MAC address tables. It now functions as the default gateway.
●
If the old active router comes back online, by default it won’t take back its role as the active
router. It will become the standby router.
●
You can configure ‘preemption’, so that the old active router does take back its old role.
 HSRP (Hot Standby Router Protocol)
●
Cisco proprietary.
●
An active and standby router are elected.
●
There are two versions: version 1 and version 2.
Version 2 adds IPv6 support and increases the number of groups that can be configured.
●
Multicast IPv4 address: v1 = 224.0.0.2
v2 = 224.0.0.102
●
Virtual MAC address: v1 = 0000.0c07.acXX (XX = HSRP group number)
v2 = 0000.0c9f.fXXX (XXX = HSRP group number)

●
In a situation with multiple subnets/VLANs, you can configure a different active router in each
subnet/VLAN to load balance.
HSRP (Hot Standby Router Protocol)
PC4
R2 .253 SW2 SW4 DG:
.2 .252
.253

DG:
STANDBY .2 .252
ACTIVE VLAN 2
PC3
VIP: .252 172.16.2.0/24
VIP: .252 172.16.1.0/24
VLAN 1 PC2
.1 DG:
.252
.254
R1 .254 SW1 DG:
SW3 .1 .252
ACTIVE
STANDBY PC1
 HSRP (Hot Standby Router Protocol)
●
Cisco proprietary.
●
An active and standby router are elected.
●
There are two versions: version 1 and version 2.
Version 2 adds IPv6 support and increases the number of groups that can be configured.
●
Multicast IPv4 address: v1 = 224.0.0.2
v2 = 224.0.0.102
●
Virtual MAC address: v1 = 0000.0c07.acXX (XX = HSRP group number)
v2 = 0000.0c9f.fXXX (XXX = HSRP group number)

●
In a situation with multiple subnets/VLANs, you can configure a different active router in each
subnet/VLAN to load balance.
 VRRP (Virtual Router Redundancy Protocol)
●
Open standard
●
A master and backup router are elected.
●
Multicast IPv4 address: 224.0.0.18
●
Virtual MAC address: 0000.5e00.01XX (XX = VRRP group number)

(0xc8 = 200)

●
In a situation with multiple subnets/VLANs, you can configure a different master router in
each subnet/VLAN to load balance.
VRRP (Virtual Router Redundancy Protocol)
PC4
R2 .253 SW2 SW4 DG:
.2 .252
.253

DG:
BACKUP .2 .252
MASTER VLAN 2
PC3
VIP: .252 172.16.2.0/24
VIP: .252 172.16.1.0/24
VLAN 1 PC2
.1 DG:
.252
.254
R1 .254 SW1 DG:
SW3 .1 .252
MASTER
BACKUP PC1
 Comparing FHRPs

Cisco
FHRP Terminology Multicast IP Virtual MAC
proprietary?

v1:
v1: 224.0.0.2 0000.0c07.acXX
HSRP Active/Standby Yes
v2: 224.0.0.102 v2:
0000.0c9f.fXXX

VRRP Master/Backup 224.0.0.18 0000.5e00.01XX No

GLBP
 GLBP (Gateway Load Balancing Protocol)
●
Cisco proprietary
●
Load balances among multiple routers within a single subnet
●
An AVG (Active Virtual Gateway) is elected.
●
Up to four AVFs (Active Virtual Forwarders) are assigned by the AVG (the AVG itself can
be an AVF, too)
●
Each AVF acts as the default gateway for a portion of the hosts in the subnet.
●
Multicast IPv4 address: 224.0.0.102
●
Virtual MAC address: 0007.b400.XXYY (XX = GLBP group number, YY = AVF number)
 Comparing FHRPs

Cisco
FHRP Terminology Multicast IP Virtual MAC
proprietary?

v1:
v1: 224.0.0.2 0000.0c07.acXX
HSRP Active/Standby Yes
v2: 224.0.0.102 v2:
0000.0c9f.fXXX

VRRP Master/Backup 224.0.0.18 0000.5e00.01XX No

GLBP AVG / AVF 224.0.0.102 0007.b400.XXYY Yes

 Configuring HSRP

.2 .6
203.0.113.0/30 203.0.113.4/30

G1/0 G1/0
.1 .5
R1 R2
VIP: .254
G0/0 .253 .252 G0/0

172.16.0.0/24

.1 .2

PC1 PC2
 Configuring HSRP
The active router is
determined in this order:
1 – Highest priority
(default 100)
.2 .6
2 – Highest IP address
203.0.113.0/30 203.0.113.4/30

G1/0 G1/0 Preempt causes the router to

.1 .5 take the role of active router,
R1 R2 even if another router already
VIP: .254
Only necessary on the router has the role.
G0/0 .253 .252 G0/0 you want to become active
172.16.0.0/24
HSRP version 1 and version 2
are not compatible.
If R1 uses version 2, R2 must
.1 .2 use version 2 also.

PC1 PC2
 Configuring HSRP

.2 .6
203.0.113.0/30 203.0.113.4/30

G1/0 G1/0
.1 .5
R1 R2
VIP: .254
G0/0 .253 .252 G0/0

172.16.0.0/24

.1 .2

PC1 PC2
 Things we covered
●
The purpose of FHRPs
●
HSRP (Hot Standby Router Protocol)
●
VRRP (Virtual Router Redundancy Protocol)
●
GLBP (Gateway Load Balancing Protocol)
●
Basic HSRP Configuration
R1(config-if)# standby version 2
R1(config-if)# standby group-number ip virtual-ip
R1(config-if)# standby group-number priority priority
R1(config-if)# standby group-number preempt
 Quiz 1

Which of the following is an HSRP version 1 virtual MAC address?

a) 0000.0c9f.fa01

b) 0000.0c07.0101

c) 0000.0c9f.f001

d) 0000.0c07.acab 0xAB = 171

HSRP v1 virtual MAC format: 0000.0c07.acXX

 Quiz 2

Which of the following is a VRRP virtual MAC address?

a) 0000.5e00.010a 0x0A = 10

b) 0007.b400.0101

c) 0000.0c9f.ffff

d) 0001.5e00.5e01

VRRP virtual MAC format: 0000.5e00.01XX

 Quiz 3

Which of the following are valid VRRP router roles? (select two)

a) active
b) backup
c) active virtual gateway
d) master
e) standby

f) active virtual forwarder

 Quiz 4

When the HSRP standby router becomes the new active router, what kind of messages
does it send? (select the best answer)

a) HSRP Hello

b) Gratuitous ARP

c) ARP Request

d) ARP Reply
 Quiz 5

Which of the following statements accurately describes HSRP? (select the best answer)

a) It allows you to configure a different default gateway address on each end host.

b) It allows multiple routers to load-balance traffic for hosts in a subnet.

c) It provides a redundant default gateway address for hosts in a subnet.

d) Each router selects a unique virtual IP and MAC address.

 Supplementary Materials

●
Review flash cards
(link in the description)

●
Packet Tracer lab
 JCNP-Level Channel Members

*as of September 21st, 2020