You are currently viewing Investigating HSRP

Investigating HSRP

Hot Standby Router Protocol (HSRP) is a Cisco propitiatory router protocol that provides first-hop redundancy for IP hosts on a LAN. It enables a set of router interfaces once configured to present a single virtual default gateway for IP hosts on the LAN.

HSRP has two modes:

  • ACTIVE – Physical router acts as the main router, by default the highest IP Address is elected the active router
  • STANDBY – The second physical router that participates in HSRP and becomes the active router when the elected active router fails
  • HSRP priorities can be used to determine the active router. The default priority is 100

HSRP versions:

  • The default version used for Cisco IOS 15 is Version 1
  • Version 2 expands the number of supported groups from 0-255 in version 1 to 0-4095
  • Version 2 also supports IPv6
  • HSRPv1 uses Multicast address 224.0.0.2
  • HSRPv2 uses Multicat address 224.0.0.102 for IPv4 and FF02::66 for IPv6
  • HSRPv2 adds support for MD5 authentication

HSRP virtual MAC addresses:

Along with virtual IP addresses, HSRP also uses virtual mac addresses.

  • HSRPv1 virtual mac address range – 0000.0c07.ac00 to 0000.0c07.acff – The highlighted hex digits represent the HSRP group number
  • HSRPv2 virtual mac addresses follow the same method as version 1, the only difference is that v2 uses 3 hex digits to represent the HSRP group as shown the this example: 0000.0c9f.f000 – 0000.0c9f.ffff (IPv4 range)
  • The IPv6 virtual mac address range for HSRPv2 groups is the following: 0005.73A0.0000 – 0005.73A0.0fff

HSRP timers:

  • Active and Standby routers exchange HELLO packets (multicast) between one another every 3 seconds
  • If the Standby router doesn’t receive an HELLO message from the Active router for 10 seconds, the Standby router will take over the Active role

Please watch the video below to see most of what we just talked about in action.

iwiizkiid

Kelvin is a Cyber Security professional with years and experience working with organisations in different verticals, both large and small. He enjoys contributing to the Network Wizkid knowledge base and he also creates technical content. Kelvin enjoys learning new things and often does this by working on achieving new technical certifications. He holds many professional certifications and academically, he has achieved a Bachelors and Master's degree in both Computer Networks and Cyber Security.

This Post Has 2 Comments

    1. iwiizkiid

      Thank you, please subscribe to receive more content as it is published.

Leave a Reply