In networking, ensuring both high availability and Internet connectivity are paramount. One of the key technologies used to achieve high availability in Cisco Network is the Hot Standby Router Protocol (HSRP).
Hot Standby Router Protocol (HSRP) is a Cisco proprietary redundancy protocol that provides high network availability by allowing two or more router to serve as a default gateway for a particular host device. This enables an automatic failover to a standby router in the event failure of the primary router.
HSRP works by allowing two or more routers to work together in a group, with one router acting as the active router and the others as standby routers. The active router forwards packets sent to the virtual IP address associated with the HSRP group, while the standby routers monitor the health of the active router and take over if it becomes unavailable.
By configuring HSRP on Cisco routers, network administrators can ensure continuous access to critical resources and services even in the event of hardware or link failures.
This blog post will guide you through the configuration steps to achieve these goals using Cisco routers and switches. We’ll set up redundant internet connections, configure HSRP for router failover, and enable Port Address Translation (PAT) to allow internal hosts access to the internet.
Network Topology
The network topology we are going to be making use of is shown in the image below. As you can see, it consists of two routers(R1 & R2). One of the routers will be active at a time, while the other will be acting as a failover. Also, there is a cloud symbol serving as the internet and one Router serving as the host device(PC).
In this demonstration, we will configure HSRP on the two routers so that the hosts residing on the 172.16.0.0/24 subnetwork can use the two routers as their redundant default gateway.
How to Configure HSRP on Cisco Router
Here are steps to configure HSRP on network shown in the topology above;
Step 1: Configure Default Route on the Routers
The first configuration to do is to configure default route. A default route that a Router forward traffic to, if the route to the destination of the traffic does not exist in the routing table. If a packet is received on a routing device, the device first checks to see if path to the destination of traffic is on the routing table. If it’s not, then the device will forward using the default route configured on the network device.
Here are commands to configure default route.
Router 1
R1(config)#interface ethernet0/0
R1(config-if)#ip address 192.168.0.12 255.255.255.0
R1(config-if)#no shutdown
R1(config-if)#exit
R1(config)#ip route 0.0.0.0 0.0.0.0 192.168.0.1
R1#ping 8.8.8.8
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 8.8.8.8, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 23/23/23 ms
Router 2
R2(config)#interface ethernet0/0
R2(config-if)#ip address 192.168.0.21 255.255.255.0
R2(config-if)#no shutdown
R2(config-if)#exit
R2(config)#ip route 0.0.0.0 0.0.0.0 192.168.0.1
R2#ping 1.1.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 1.1.1.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 2/2/3 ms
Step 3: Configure HSRP and Preemption on the routers
Router 1
R1(config)#interface ethernet0/1
R1(config-if)#ip address 172.16.0.1 255.255.255.0
R1(config-if)#no shutdown
R1(config-if)#standby 1 ip 172.16.0.254
R1(config-if)#standby 1 preempt
standby 1 ip 172.16.0.254
: This command configures the HSRP group number (in this case, group 1) and assigns a virtual IP address to the group. In the given example, the virtual IP address 172.16.0.254 is assigned to HSRP group 1. This virtual IP address is used as the default gateway for hosts in the network. If the router with the active role fails, another router in the standby state will take over the virtual IP address and continue forwarding traffic.standby 1 preempt
: This command enables preemption for HSRP group 1. Preemption allows a router with a higher priority to take over the active role in the HSRP group if it becomes available again after being unavailable. In this context, if R1, with a higher priority, becomes available again after being down, it will preempt R2 and take back the active role in the HSRP group, ensuring that the network traffic is always routed through the most preferred router.
Router 2
R2(config)#interface ethernet0/1
R2(config-if)#ip address 172.16.0.2 255.255.255.0
R2(config-if)#no shutdown
R2(config-if)#standby 1 ip 172.16.0.254
R2(config-if)#standby 1 priority 150 <-- The router with the highest priority value becomes the active router. The priority value can range from 0 to 255, with 100 as the default value.
R2(config-if)#standby 1 preempt
Step 3: Confirm The HSRP configuration
Router 1
R1#show standby
Ethernet0/1 - Group 1
State is Standby <-- R1 is Standy
4 state changes, last state change 00:02:48
Virtual IP address is 172.16.0.254 <-- IP Address Virtual Router
Active virtual MAC address is 0000.0c07.ac01
Local virtual MAC address is 0000.0c07.ac01 (v1 default)
Hello time 3 sec, hold time 10 sec
Next hello sent in 2.448 secs
Preemption enabled <-- HSRP preemption is a feature that enables a standby router with a higher priority to become the active router in an HSRP group. By default, when the active router goes down, the standby router with the highest priority takes over as the active router.
Active router is 172.16.0.2, priority 150 (expires in 9.072 sec)
Standby router is local
Priority 100 (default 100) <-- 100 as the default priority value
Group name is "hsrp-Et0/1-1" (def
Router 2
R2#show standby
Ethernet0/1 - Group 1
State is Active <-- R2 is Active
2 state changes, last state change 00:03:25
Virtual IP address is 172.16.0.254 <-- IP Address Virtual Router
Active virtual MAC address is 0000.0c07.ac01
Local virtual MAC address is 0000.0c07.ac01 (v1 default)
Hello time 3 sec, hold time 10 sec
Next hello sent in 0.736 secs
Preemption enabled <-- HSRP preemption is a feature that enables a standby router with a higher priority to become the active router in an HSRP group. By default, when the active router goes down, the standby router with the highest priority takes over as the active router.
Active router is local
Standby router is 172.16.0.1, priority 100 (expires in 9.136 sec)
Priority 150 (configured 150) <-- Set the priority value to 150 to make R2 become Active.
Group name is "hsrp-Et0/1-1" (default)
Note: Router 2 is the active router because it is configured with a priority value of 150, which is higher than the default priority value of 100.
Step 4: Configure PAT on The routers
Port Address Translation needs to be configured on the two routers to allow the host PC to access the Internet.
Router 1
R1(config)#access-list 1 permit 172.16.0.0 /24
R1(config)#ip nat inside source list 1 interface ethernet0/0 overload
R1(config)#interface ethernet0/0
R1(config-if)#ip nat outside
R1(config-if)#exit
R1(config)#interface ethernet0/1
R1(config-if)#ip nat inside
R1(config-if)#exit
Router 2
R2(config)#access-list 1 permit 172.16.0.0 /24
R2(config)#ip nat inside source list 1 interface ethernet0/0 overload
R2(config)#interface ethernet0/0
R2(config-if)#ip nat outside
R2(config-if)#exit
R2(config)#interface ether0/1
R2(config-if)#ip nat inside
R2(config-if)#exit
Step 5: Configure the Host Device
Disable the routing table, configure the IP address, and set the virtual gateway on the PC.
PC(config)#no ip routing
PC(config)#interface ethernet0/0
PC(config-if)#ip address 172.16.0.100 255.255.255.0
PC(config-if)#no shutdown
PC(config-if)#exit
PC(config)#ip default-gateway 172.16.0.254 <-- IP Address Virtual Router
PC(config)#exit
Step 6: Test the Configuration
From the PC, ping the IP address to 1.1.1.1 to see if the routers can utilize the virtual IP address to forward packets to the internet.
PC#ping 1.1.1.1 repeat 150
Type escape sequence to abort.
Sending 150, 100-byte ICMP Echos to 1.1.1.1, timeout is 2 seconds:
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!
Success rate is 100 percent (150/150), round-trip min/avg/max = 2/2/4 ms
Related:
How To Configure HSRP on Layer 3 Switch In Packet Tracer
Reference: https://github.com/misterkrittin/CCNA-Labs
I am a passionate Networking Associate specializing in Telecommunications.
With a degree in Electronic engineering, I possess a strong understanding of electronic systems and the intricacies of telecommunications networks. I gained practical experience and valuable insights working for a prominent telecommunications company.
Additionally, I hold certifications in networking, which have solidified my expertise in network architecture, protocols, and optimization.
Through my writing skills, I aim to provide accurate and valuable knowledge in the networking field.
Connect with me on social media using the links below for more insights.
You can contact me using [email protected] or connect with me using any of the social media account linked below