Configuration of HSRP® Protocol on the

sample network topology

1. Introduction
 1.1. How did it happen?
 1.2. Legal notice and Copyrights
 1.3. By who?
2. Configuration of HSRP® Protocol
 2.1. What is HSRP®
 2.1.1. How does it work?
 2.2. Sample of topology the project is to be implemented on
 2.3. Implementation
 2.3.1. Configuring HSRP® on router RTB to set it as an active router
 2.3.2. Configuring HSRP® on router RTD to set it as a standby router
 2.3.3. Show HSRP® configuration on an active router RTB
 2.3.4. Show HSRP® configuration on a standby router RTD
 2.4. Testing the HSRP® configuration
 2.4.1. Failure of the Serial1/0 Interface on router RTB
 2.4.2. Turning off the RTB router
 2.4.2.1. Testing the time necessary for the standby router to become an
active router after active router crush down
 2.5. Listing of the HSRP® routers configuration
 2.5.1. Listing of the configuration of router RTB
 2.5.2. Listing of the configuration of router RTD
1. Introduction

1.1. How did it happen?

This HowTo was developed within laboratories of Wide Area Networks Technologies course.
Hopefully some people will find some valuable information and examples here, which will simply
make their life easier. Our goal was not to explain the whole theory which stands behind certain
topics, but to provide a quick example of configurations which could be used to achieve those
objectives. The most important thing for us was to give you a quick, clear and simple example
which would help you to understand the problem and develop your own much more complex
configuration.

1.2. Legal notice and Copyrights

This manual is free: you can redistribute it and/or modify it under the terms of the GNU General
Public License as
published by the Free Software Foundation, either version 3 of the License, or (at your option) any
later version.

This manual is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY;
without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
PURPOSE.
See the GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see this web page for details.

Copyrights ©:
• Katarzyna Gruszczyk e-mail: kgruszczyk@gmail.com
• Krzysztof Szukała e-mail: krzysztofszukala@gmail.com

1.3. By who?

This Howto was developed by :

• Katarzyna Gruszczyk e-mail: kgruszczyk@gmail.com
• Krzysztof Szukała e-mail: krzysztofszukala@gmail.com
and was supervised and leaded by lecturer of Wide Area Networks Technologies course MSc Eng.
Dawid Mentel

2. Configuration of HSRP® Protocol

2.1. What is HSRP®

First we would like to explain that HSRP® protocol is registered CISCO® Property and as such can
only be implemented on CISCO® devices. An abbreviation HSRP® stands for Hot Standby
Routing Protocol. The HSRP® protocol provides necessary redundancy solution wherever it is
required for the network to keep the connection at all costs. With HSRP® it is possible to configure
one of the provided routers as a HSRP® default active router and the other as a standby router. To
configure a router as the active router, it is necessary to assign to it a priority that is higher than the
priority of the standby router. The default priority is 100. If the active router fails its functions will
be taken over by the standby router with the highest priority.
The important thing is that all the network traffic runs through one router previously configured as
an active router
2.1.1. How does it work?

To initiate HSRP® it is required to provide at least two routers connected to the same network. The
next step is to make the basic routers configuration and then to run and configure HSRP® protocol
on both routers. The details will be shown in the following sections

2.2. Sample of topology the project is to be implemented on

To show the operation of the HSRP® protocol a sample network topology was made
Figure 1. Sample network with assigned routers interfaces
Source: own study

2.3. Implementation

2.3.1. Configuring HSRP® on router RTB to set it as an active router

Password:
RTB>enable
Password:
RTB#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
RTB(config)#interface f0/0
RTB(config-if)#standby 1 ip 192.168.1.4
RTB(config-if)#standby 1 preempt
RTB(config-if)#standby 1 priority 105
RTB(config-if)#standby 1 authentication 6cz
RTB(config-if)#standby 1 track s1/0

The explanation of above configuration steps is as follows:

standby 1 ip 192.168.1.4
This command enables HSRP and sets 192.168.1.4 ip address of the virtual router.

standby 1 preempt
This command lets the router with higher priority to become an active router, should there be
situation when the priority of the router is decreased it will become standby router, but when the
priority returns to its previous level preemption will occur and router will become the active router
again, without that configuration step the active router that priority was decreased and became
standby router because of some failure would never become active router again even after its
priority was increased. Exception to this is manual restart of the device which would return router to
the previous state.

standby 1 priority 105

This command sets the priority of the router to 105 (default is 100) so it is more than default, what
follows that router will become active if there is no configuration of this step on other router.

standby 1 authentication 6cz

This command sets an authentication string "6cz" for group 1 on RTB router. All routers from this
group (in this case router RTD) must use the same string to be able to authenticate the source of the
HSRP messages that it receives. This command is optional.

standby 1 track s1/0

This command forces the router to track state interface s1/0 and decreases the priority of the router
by 10 (default value) if it fails. It is possible to change that default value by putting the wanted
number at the end of the command.
example: standby 1 track s1/0 25 changes the decrement value to 25

2.3.2. Configuring HSRP® on router RTD to set it as a standby router

Password:
RTD>enable
Password:
RTD#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
RTD(config)#interface f0/0
RTD(config-if)#standby 1 ip 192.168.1.4
RTD(config-if)#standby 1 preempt
RTD(config-if)#standby 1 authentication 6cz
RTD(config-if)#standby 1 track s1/0

The explanation of above configuration steps is as follows:

standby 1 ip 192.168.1.4
This command enables HSRP and sets 192.168.1.4 ip address of the virtual router.

standby 1 preempt
This command lets the router with higher priority to become an active router, should there be
situation when the priority of the router is decreased it will become standby router, but when the
priority returns to its previous level preemption will occur and router will become the active router
again, without that configuration step the active router that priority was decreased and became
standby router because of some failure would never become active router again even after its
priority was increased. Exception to this is manual restart of the device which would return router to
the previous state.

The main difference between RTD and RTB configuration are two matters:
1. The first is the lack of standby 1 priority for it is unnecessary as we want RTD to have
priority at default level 100 but should it require any other number this command should be
used.
2. The second is the standby 1 ip 192.168.1.4 as it was set before on RTB it is possible to omit
the ip number and leave only: standby 1 ip.
2.3.3. Show HSRP® configuration on an active router RTB
RTB#show standby
FastEthernet0/0 - Group 1
State is Active
2 state changes, last state change 00:19:16
Virtual IP address is 192.168.1.4
Active virtual MAC address is 0000.0c07.ac01
Local virtual MAC address is 0000.0c07.ac01 (v1 default)
Hello time 5 sec, hold time 15 sec
Next hello sent in 2.064 secs
Authentication text "6cz"
Preemption enabled
Active router is local
Standby router is 192.168.1.3, priority 100 (expires in 12.120 sec)
Priority 105 (configured 105)
Track interface Serial1/0 state Up decrement 10
IP redundancy name is "hsrp-Fa0/0-1" (default)

From the listing of the router RTB (after using command show standby) it is possible to tell some
things:
1. Router RTB is an active router
2. Its virtual ip address is 192.168.1.4
3. HSRP® authentication text is "6CZ"
4. Router RTD is a standby router with priority 100 and ip address 192.168.1.3
5. In case of problems with router or its serial interface the priority will be subtracted by 10
and the router state will change from active to standby router
2.3.4. Show HSRP® configuration on a standby router RTD
RTD#show standby
FastEthernet0/0 - Group 1
State is Standby
4 state changes, last state change 00:11:10
Virtual IP address is 192.168.1.4
Active virtual MAC address is 0000.0c07.ac01
Local virtual MAC address is 0000.0c07.ac01 (v1 default)
Hello time 5 sec, hold time 15 sec
Next hello sent in 4.820 secs
Authentication text "6cz"
Preemption enabled
Active router is 192.168.1.2, priority 105 (expires in 14.780 sec)
Standby router is local
Priority 100 (default 100)
Track interface Serial1/0 state Up decrement 10
IP redundancy name is "hsrp-Fa0/0-1" (default)

From the listing of the router RTD (after using command show standby) it is possible to tell some
things:
1. Router RTD is standby router
2. Its virtual ip address is 192.168.1.4
3. HSRP® authentication text is "6CZ"
 4. Router RTB is an active router with priority 105 and ip address 192.168.1.2
5. Should the priority of the RTB router was decremented the RTD router will become active
router

2.4. Testing the HSRP® configuration

There are generally two situations in which router RTD being a standby router should take over the
functions of an active router RTB. These two cases are:
1. Failure of the Serial1/0 Interface on router RTB
2. Turning off the RTB router or its failure/crash

2.4.1. Failure of the Serial1/0 Interface on router RTB

The first of the potential threats for the network traffic is the failure of the interface Serial1/0 on
router RTB.
If this happens router RTD will take over all the network traffic.
The below figure 2 shows the sample network with failure of the Serial1/0 Interface.

Figure 2. Failure of the Serial1/0 Interface on router RTB

Source: own study

This situation will be simulated by switching off the Serial1/0 interface.

On router RTB s1/0 is shutdown:

RTB(config)#interface s1/0
RTB(config-if)#shutdown
RTB(config-if)#
*Jun 13 20:25:19.499: %HSRP-6-STATECHANGE: FastEthernet0/0 Grp 1 state Active ->
Speak
*Jun 13 20:25:20.975: %LINK-5-CHANGED: Interface Serial1/0, changed state to adm
inistratively down
*Jun 13 20:25:20.979: %ENTITY_ALARM-6-INFO: ASSERT INFO Se1/0 Physical Port Admi
nistrative State Down
*Jun 13 20:25:21.991: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial1/0,
changed state to down

On router RTD we get message:

RTD#
*Jun 13 20:25:19.691: %HSRP-6-STATECHANGE: FastEthernet0/0 Grp 1 state Standby -
>Active

To get confirmation it is necessary to type show standby on routers RTB and RTD.

After typing show standby on RTB we get the message:

RTB#show standby
FastEthernet0/0 - Group 1
State is Standby
7 state changes, last state change 00:04:40
Virtual IP address is 192.168.1.4
Active virtual MAC address is 0000.0c07.ac01
Local virtual MAC address is 0000.0c07.ac01 (v1 default)
Hello time 5 sec, hold time 15 sec
Next hello sent in 4.524 secs
Authentication text "6cz"
Preemption enabled
Active router is 192.168.1.3, priority 100 (expires in 14.564 sec)
Standby router is local
Priority 95 (configured 105)
Track interface Serial1/0 state Down decrement 10
Track interface FastEthernet0/0 state Up decrement 10
IP redundancy name is "hsrp-Fa0/0-1" (default)

After typing show standby on RTD we get the message:

RTD#show standby
FastEthernet0/0 - Group 1
State is Active
11 state changes, last state change 00:05:04
Virtual IP address is 192.168.1.4
Active virtual MAC address is 0000.0c07.ac01
Local virtual MAC address is 0000.0c07.ac01 (v1 default)
Hello time 5 sec, hold time 15 sec
Next hello sent in 0.868 secs
Authentication text "6cz"
Preemption enabled
Active router is local
Standby router is 192.168.1.2, priority 95 (expires in 10.856 sec)
Priority 100 (default 100)
Track interface Serial1/0 state Up decrement 10
IP redundancy name is "hsrp-Fa0/0-1" (default)

This shows that router RTD became an active taking over all the traffic from router RTB
which is now standby router. The main purpose was achieved.

2.4.2. Turning off the RTB router

The second of the potential threats for the network traffic is the failure caused by turning off/failure
of the RTB router. If this happens router RTD will take over all the network traffic. The below
figure 3 shows the sample network with shutting down/failure of the RTB router.

Figure 3. Failure caused by shutting down/failure the RTB router

Source: own study

This situation will be simulated by switching off the RTB router.

After switching off the RTB router we get the following message on RTD router:
*Jun 13 20:41:45.039: %HSRP-6-STATECHANGE: FastEthernet0/0 Grp 1 state Standby -
> Active

This means that the router RTD is now active and routing the traffic in the network.

After switching on the RTB router everything backs to its previous state - RTB is active router and
RTD is standby router.

On router RTB the shown message is:

*Jun 13 21:04:05.459: %HSRP-6-STATECHANGE: FastEthernet0/0 Grp 1 state Listen ->
Active

On router RTD the shown message is:

*Jun 13 21:04:05.539: %HSRP-6-STATECHANGE: FastEthernet0/0 Grp 1 state Active ->
Speak

The above listings show that after fixing the problems with the RTB router (no matter if it is
Interface or Shutdown problem) the router again becomes the active. This proves that the
HSRP® was properly configured on both RTB and RTD routers and it runs correctly.

2.4.2.1. Testing the time necessary for the standby router to become an active router after
active router crush down

There is one more thing that should be explained and tested. After an active router is down or
crushed there is some time that is needed for the standby router to become the active router. How
much time is needed for the router to become an active? To answer to that question I will have to
explain two more terms. The firs is hello time and the second is hold time
• The 'hello time' is the time interval between next hello messages (the messages that check if
the active router is up). The default value of 'hello time' is 3 seconds.
• The 'hold time' is the time after standby router will declare the active router to be down and
take its functions. The default value of 'hold time' is 10 seconds.
If you want to change these default values you can do it using timers command
For example, in discussed case we set the 'hello time' to 5 seconds and 'hold time' to 15 seconds
using command: standby 1 timers 5 15
Where 5 is 'hello time' and 15 is 'hold time' in seconds.
Note that this command must be set up on all HSRP® group routers otherwise it will not work

To check if this configuration really works we decided to run a test. Once more we turned off the
RTB an active router and checked how much time did the standby router RTD need to become an
active router. The results are showed below.

We turned off the RTB router at exactly: 10:45:00.

It took about 16 seconds for RTD router to become an active router:
RTD#
*Jun 24 10:45:16.291: %HSRP-6-STATECHANGE: FastEthernet0/0 Grp 1 state Standby -
> Active

Why did router RTD need more than 16 second to become an active if it its 'hold time' was set up to
15 seconds? The answer to this is the 'hello time' we don't know exactly in which second of 'hello
time' we run our test. So the time after which router RTD will become active should be from the
interval 15 to 20 seconds(15 seconds of 'hold time' plus remain seconds from 'hold time')

2.5. Listing of the HSRP® routers configuration

If you were following the entire given configuration steps then you should have the HSRP®
configured correctly.
But if you have any doubts with how the configuration file should look like you can compare it with
these routers configuration files.
The listings are given below

2.5.1. Listing of the configuration of router RTB:

Listing of the router configuration after typing 'show running-config' on router RTB
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
hostname RTB
boot-start-marker
boot-end-marker

enable secret 5 $1$wkT0$EEgo0bAja99jfxdh7RFp1/

no aaa new-model
resource policy
ip subnet-zero
ip cef

ip host RTA 192.168.0.1 192.168.1.1

ip host RTB 192.168.1.2 192.168.1.9
ip host RTC 192.168.1.10 192.168.1.17
ip host RTD 192.168.1.3 192.168.1.18

interface FastEthernet0/0
ip address 192.168.1.2 255.255.255.248
duplex full
speed auto
standby 1 ip 192.168.1.4
standby 1 timers 5 15
standby 1 priority 105
standby 1 preempt
standby 1 authentication 6cz
standby 1 track Serial1/0

interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
interface Serial1/0
ip address 192.168.1.9 255.255.255.248
serial restart-delay 0
no fair-queue
interface Serial1/1
no ip address
shutdown
serial restart-delay 0
interface Serial1/2
no ip address
shutdown
serial restart-delay 0
interface Serial1/3
no ip address
shutdown
serial restart-delay 0
interface Serial1/4
no ip address
shutdown
serial restart-delay 0
interface Serial1/5
no ip address
shutdown
serial restart-delay 0
interface Serial1/6
no ip address
shutdown
serial restart-delay 0
interface Serial1/7
no ip address
shutdown
serial restart-delay 0
router rip
version 2
network 192.168.1.0
ip classless
no ip http server
no ip http secure-server
control-plane
gatekeeper
shutdown
line con 0
exec-timeout 0 0
password class
login
stopbits 1
line aux 0
stopbits 1
line vty 0 4
password class
login
end

2.5.2. Listing of the configuration of router RTD:

Listing of the router configuration after typing 'show running-config' on router RTD:
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
hostname RTD
boot-start-marker
boot-end-marker

enable secret 5 $1$jawk$FPJDu2aL/VIimC57YAVVj1

no aaa new-model
resource policy
ip subnet-zero
ip cef

ip host RTA 192.168.0.1 192.168.1.1

ip host RTB 192.168.1.2 192.168.1.9
ip host RTC 192.168.1.17 192.168.1.10
ip host RTD 192.168.1.3 192.168.1.18

interface FastEthernet0/0
ip address 192.168.1.3 255.255.255.248
duplex full
speed auto
standby 1 ip 192.168.1.4
standby 1 timers 5 15
standby 1 preempt
standby 1 authentication 6cz
standby 1 track Serial1/0

interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
interface Serial1/0
ip address 192.168.1.18 255.255.255.248
serial restart-delay 0
no fair-queue
interface Serial1/1
no ip address
shutdown
serial restart-delay 0
interface Serial1/2
no ip address
shutdown
serial restart-delay 0
interface Serial1/3
no ip address
shutdown
serial restart-delay 0
interface Serial1/4
no ip address
shutdown
serial restart-delay 0
interface Serial1/5
no ip address
shutdown
serial restart-delay 0
interface Serial1/6
no ip address
shutdown
serial restart-delay 0
interface Serial1/7
no ip address
shutdown
serial restart-delay 0
router rip
version 2
network 192.168.1.0
ip classless
no ip http server
no ip http secure-server
control-plane
gatekeeper
shutdown
line con 0
password class
login
stopbits 1
line aux 0
stopbits 1
line vty 0 4
password class
login
end