Documente Academic
Documente Profesional
Documente Cultură
HSRP overview
HSRP state transitions
Aligning HSRP with STP topology
Configuring and tuning HSRP
Load sharing with HSRP
Options for HSRP
Configuring HSRP interface tracking
Configuring object tracking in combination with
HSRP
Configuring HSRP authentication
Tuning HSRP timers
The differences between HSRPv1 and HSRPv2
First-Hop Redundancy
Overview
HSRP Overview
Virtual router
Active router
Standby router
Other routers
After R2 Recovers
HSRP Authentication
HSRP authentication prevents rogue Layer
3 devices on the network from joining the
HSRP group
A rogue device may claim the active role
and can prevent the hosts from
communicating with the rest of the network
creating a denial-of-service (DoS) attack.
HSRP provides two types of authentication:
Plain text (Eight characters)
MD5
HSRP Timers
A hello message contains the priority
of the router, the hello time, and
hold-time parameters.
Hello time 3s default
Hold-time 10s default
Can be configured sub-seconds with
msec keyword
HSRP Versions
There are two versions available on most
Cisco routers and layer 3 multilayer switches
HSRPv1 - 224.0.0.2 - udp/1985
HSRPv2 = 224.0.0.102 udp/1985
HSRP version 2 has a different packet format
that includes 6-bytes identifier field that
uniquely identifies the sender.
Versions should be changed on all devices in
the same group. Otherwise, you might get
duplicate IP address messages
VLAN 99:
172.16.99.1
DLS
Fa0/
6
Po
2
Fa0/
11
Fa0/
12
Payr
VLAN 10
oll
172.16.10.100/24
Fa0/
6
Fa0/
11
Fa0/
ALS
12
1VLAN 99:
172.16.99.3
Fa
0/7
Fa
0/8
Fa
0/8
Fa
0/7
Po
1
Hos
tA
VLAN 99:
172.16.99.2
DLS
Fa0/
6
SQL
Fa
0/7
Fa
0/8
VLAN 99
172.16.99.100/24
Fa0/
11
Fa0/
12
Fa
0/8
Fa
0/7
Server
Po
3
Po
3
Fa0/
11
Fa0/
12
Po
1
VLAN 40
Server
172.16.40.100/24
Hos
tB
Fa0/
6
ALS
Engineeri
VLAN
99:
VLAN 20
2
ng
172.16.99.4 172.16.20.100/24
Lo0
2001:db8:cafe:201::1/64
Lo0
S0/0/0
.2
R2
.2
S0/0/1
2001:db8:cafe:12::/64
S0/0/0
DCE
Lo0
2001:db8:cafe:101::1/64
2001:db8:cafe:23::/64
EIGRP 1
(Routers and
L3 switches)
.1
Lo0
S0/0/1
.3
R3
R3
R1
.1 G0/1
2001:db8:cafe:11::/64
F0/5
DLS1 IPs: 2001:DB8:CAFE:x::D1::/64
X=99,100,110,120,200
.D1
.3 G0/1
2001:db8:cafe:32::/64
802.1Q
DLS1 F0/12
F0/6
F0/11
F0/8
Po10
F0/12
Po1
802.1Q
DLS2
DLS2 IPs: IPs: 2001:DB8:CAFE:x::D2/64
X=99,100,110,120,200
F0/11
F0/9
F0/7
VLAN 99
.D2 F0/5
F0/10
F0/8
F0/7
F0/9
ALS1
F0/10
Po2
802.1Q
VRRP Overview
VRRP Authentication
GLBP
GLBP Configuration
Topology
Lo0:
10.1.202.1/32
Lo0
R2
S0/0/0
.2
S0/0/1
.5
DCE
10.1.1.0/30
Layer 3
S0/0/0
EIGRP 1
Routers
GLBP AVG
AVF1
10.1.1.4/30
.1
.6
S0/0/1 GLBP
AVF2
R3
R1
R1
F0/1
SRV1
F0/5
VLAN 10
F0/1
Router on a stick
DLS1
F0/6
VLAN 10
IP: 10.1.10.100/24
DGW: 10.1.10.254
R3
F0/12
802.1Q F0/12
F0/11
F0/8
DLS2
Router on a stick
F0/5
F0/18
F0/11
F09
Po10
F0/10
F0/7
F0/8
Po1
802.1Q
F0/7
F0/9
ALS1
F0/18
Po2
802.1Q
F0/10
VLAN 10
PC-B
VLAN 10
PC-C