How to Configure HSRP on Cisco Router

In networking, ensuring both high availability and Internet connectivity are paramount. One of the key technologies used to achieve high availability in Cisco Network is the Hot Standby Router Protocol (HSRP).

Hot Standby Router Protocol (HSRP) is a Cisco proprietary redundancy protocol that provides high network availability by allowing two or more router to serve as a default gateway for a particular host device. This enables an automatic failover to a standby router in the event failure of the primary router.

HSRP works by allowing two or more routers to work together in a group, with one router acting as the active router and the others as standby routers. The active router forwards packets sent to the virtual IP address associated with the HSRP group, while the standby routers monitor the health of the active router and take over if it becomes unavailable.

By configuring HSRP on Cisco routers, network administrators can ensure continuous access to critical resources and services even in the event of hardware or link failures.

This blog post will guide you through the configuration steps to achieve these goals using Cisco routers and switches. We’ll set up redundant internet connections, configure HSRP for router failover, and enable Port Address Translation (PAT) to allow internal hosts access to the internet.

Network Topology

The network topology we are going to be making use of is shown in the image below. As you can see, it consists of two routers(R1 & R2). One of the routers will be active at a time, while the other will be acting as a failover. Also, there is a cloud symbol serving as the internet and one Router serving as the host device(PC).
In this demonstration, we will configure HSRP on the two routers so that the hosts residing on the 172.16.0.0/24 subnetwork can use the two routers as their redundant default gateway.

Hsrp network topology

How to Configure HSRP on Cisco Router

Here are steps to configure HSRP on network shown in the topology above;

Step 1: Configure Default Route on the Routers

The first configuration to do is to configure default route. A default route that a Router forward traffic to, if the route to the destination of the traffic does not exist in the routing table. If a packet is received on a routing device, the device first checks to see if path to the destination of traffic is on the routing table. If it’s not, then the device will forward using the default route configured on the network device.

Here are commands to configure default route.

Router 1

R1(config)#interface ethernet0/0
R1(config-if)#ip address 192.168.0.12 255.255.255.0
R1(config-if)#no shutdown 
R1(config-if)#exit
R1(config)#ip route 0.0.0.0 0.0.0.0 192.168.0.1
R1#ping 8.8.8.8
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 8.8.8.8, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 23/23/23 ms

Router 2

R2(config)#interface ethernet0/0
R2(config-if)#ip address 192.168.0.21 255.255.255.0
R2(config-if)#no shutdown 
R2(config-if)#exit
R2(config)#ip route 0.0.0.0 0.0.0.0 192.168.0.1
R2#ping 1.1.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 1.1.1.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 2/2/3 ms

Step 3: Configure HSRP and Preemption on the routers

Router 1

R1(config)#interface ethernet0/1
R1(config-if)#ip address 172.16.0.1 255.255.255.0
R1(config-if)#no shutdown 
R1(config-if)#standby 1 ip 172.16.0.254
R1(config-if)#standby 1 preempt
  1. standby 1 ip 172.16.0.254: This command configures the HSRP group number (in this case, group 1) and assigns a virtual IP address to the group. In the given example, the virtual IP address 172.16.0.254 is assigned to HSRP group 1. This virtual IP address is used as the default gateway for hosts in the network. If the router with the active role fails, another router in the standby state will take over the virtual IP address and continue forwarding traffic.
  2. standby 1 preempt: This command enables preemption for HSRP group 1. Preemption allows a router with a higher priority to take over the active role in the HSRP group if it becomes available again after being unavailable. In this context, if R1, with a higher priority, becomes available again after being down, it will preempt R2 and take back the active role in the HSRP group, ensuring that the network traffic is always routed through the most preferred router.

 Router 2

R2(config)#interface ethernet0/1
R2(config-if)#ip address 172.16.0.2 255.255.255.0
R2(config-if)#no shutdown
R2(config-if)#standby 1 ip 172.16.0.254
R2(config-if)#standby 1 priority 150	<-- The router with the highest priority value becomes the active router. The priority value can range from 0 to 255, with 100 as the default value.
R2(config-if)#standby 1 preempt

Step 3: Confirm The HSRP configuration

Router 1

R1#show standby 
Ethernet0/1 - Group 1
  State is Standby							<-- R1 is Standy
    4 state changes, last state change 00:02:48
  Virtual IP address is 172.16.0.254					<-- IP Address Virtual Router
  Active virtual MAC address is 0000.0c07.ac01
    Local virtual MAC address is 0000.0c07.ac01 (v1 default)
  Hello time 3 sec, hold time 10 sec
    Next hello sent in 2.448 secs
  Preemption enabled							<-- HSRP preemption is a feature that enables a standby router with a higher priority to become the active router in an HSRP group. By default, when the active router goes down, the standby router with the highest priority takes over as the active router.
  Active router is 172.16.0.2, priority 150 (expires in 9.072 sec)
  Standby router is local
  Priority 100 (default 100)						<-- 100 as the default priority value
  Group name is "hsrp-Et0/1-1" (def

Router 2

R2#show standby 
Ethernet0/1 - Group 1
  State is Active							<-- R2 is Active
    2 state changes, last state change 00:03:25
  Virtual IP address is 172.16.0.254					<-- IP Address Virtual Router
  Active virtual MAC address is 0000.0c07.ac01
    Local virtual MAC address is 0000.0c07.ac01 (v1 default)
  Hello time 3 sec, hold time 10 sec
    Next hello sent in 0.736 secs
  Preemption enabled							<-- HSRP preemption is a feature that enables a standby router with a higher priority to become the active router in an HSRP group. By default, when the active router goes down, the standby router with the highest priority takes over as the active router.
  Active router is local
  Standby router is 172.16.0.1, priority 100 (expires in 9.136 sec)
  Priority 150 (configured 150)						<-- Set the priority value to 150 to make R2 become Active.
  Group name is "hsrp-Et0/1-1" (default)

Note: Router 2 is the active router because it is configured with a priority value of 150, which is higher than the default priority value of 100.

Step 4: Configure PAT on The routers

Port Address Translation needs to be configured on the two routers to allow the host PC to access the Internet.

Router 1

R1(config)#access-list 1 permit 172.16.0.0 /24
R1(config)#ip nat inside source list 1 interface ethernet0/0 overload 
R1(config)#interface ethernet0/0
R1(config-if)#ip nat outside 
R1(config-if)#exit
R1(config)#interface ethernet0/1 
R1(config-if)#ip nat inside 
R1(config-if)#exit

Router 2

R2(config)#access-list 1 permit 172.16.0.0 /24 
R2(config)#ip nat inside source list 1 interface ethernet0/0 overload 
R2(config)#interface ethernet0/0
R2(config-if)#ip nat outside 
R2(config-if)#exit
R2(config)#interface ether0/1
R2(config-if)#ip nat inside 
R2(config-if)#exit

Step 5: Configure the Host Device

Disable the routing table, configure the IP address, and set the virtual gateway on the PC.

PC(config)#no ip routing
PC(config)#interface ethernet0/0
PC(config-if)#ip address 172.16.0.100 255.255.255.0
PC(config-if)#no shutdown 
PC(config-if)#exit
PC(config)#ip default-gateway 172.16.0.254 <-- IP Address Virtual Router
PC(config)#exit

 Step 6: Test the Configuration

From the PC, ping the IP address to 1.1.1.1 to see if the routers can utilize the virtual IP address to forward packets to the internet.

PC#ping 1.1.1.1 repeat 150
Type escape sequence to abort.
Sending 150, 100-byte ICMP Echos to 1.1.1.1, timeout is 2 seconds:
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!
Success rate is 100 percent (150/150), round-trip min/avg/max = 2/2/4 ms

Related:

How To Configure HSRP on Layer 3 Switch In Packet Tracer

Reference: https://github.com/misterkrittin/CCNA-Labs

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top