Redundancy Protocols VRRP HSRP GLBP First Hop Redundancy Protocols

Redundancy Protocols VRRP HSRP First Hop Redundancy Protocols

Complete details on the purpose and operation of the Redundancy Protocols VRRP HSRP First Hop Redundancy Protocols are described. As well as the different varieties of first hop redundancy protocols. Here you will learn the different types of Redundancy Protocols and how to use Cisco IOS commands to configure HSRP and GLBP on routers with practical examples.

Default Gateway Limitations

Expansion tree protocols allow physical redundancy in a switched network. However, hosts in the access layer of a hierarchical network also benefit from alternative default gateways.
If a router or router interface (which functions as a default gateway) fails, hosts configured with that default gateway are isolated from external networks. A mechanism is needed to provide alternate default gateways in switched networks where two or more routers are connected to the same VLANs.
Note : For the purpose of analyzing the redundancy of the routers, there is no functional difference between a multilayer switch and a router in the distribution layer. In practice, it is common for a multilayer switch to function as a default gateway for each VLAN in a switched network.
In a switched network, each client receives only a default gateway. There is no way to configure a secondary gateway, even if there is a second route that transports packets outside the local segment.

In above figure, R1 is responsible for routing packets from PC1. If R1 is no longer available, routing protocols can converge dynamically. Now, R2 routes packets from external networks that would have gone through R1. However, internal network traffic associated with R1, including workstation, server and printer traffic that was configured with R1 as the default gateway, is still sent to R1 and discarded.
Typically, the terminals are configured with a single IP address for the default gateway. This address is not modified when the network topology changes. If that default gateway IP address cannot be reached, the local device cannot send packets outside the local network segment, which disconnects it completely from the rest of the network.

 Router redundancy

One way to avoid a single point of failure in the default gateway is to implement a virtual router . As shown in following figure, to implement this type of router redundancy, several routers are configured to work together and thus give the feeling that there is a single router to the hosts on the LAN. By sharing an IP address and a MAC address, two or more routers can function as a single virtual router.
The virtual router's IP address is configured as the default gateway for workstations of a specific IP segment. When frames are sent from host devices to the default gateway, hosts use ARP to resolve the MAC address associated with the IP address of the default gateway. The ARP resolution returns the MAC address of the virtual router.

The router currently active within the group of virtual routers can physically process the frames that are sent to the MAC address of the virtual router. The protocols are used to identify two or more routers as the devices responsible for processing frames that are sent to the MAC or IP address of a single virtual router. Host devices send traffic to the virtual router address. The physical router that forwards this traffic is transparent to host devices .
A redundancy protocol provides the mechanism to determine which router should fulfill the active function in traffic forwarding . In addition, it determines when a backup router must assume the forwarding function. The transition between forwarding routers is transparent to end devices.
The ability of a network to dynamically recover from the failure of a device that functions as a default gateway is known as " first hop redundancy ."

Steps To configure Router failover

When the active router fails, the redundancy protocol causes the backup router to assume the new active router role. These are the steps that are taken when the active router fails:

1. The backup router stops receiving greeting messages from the forwarding router.
2. The backup router assumes the role of the forwarding router.
3. Because the new forwarding router assumes both the IP address and the MAC address of the virtual router, the host devices do not perceive any interruption in the service.

Type of Redundancy Protocols

In the following list, the options available to defined protocols first - hop redundancy (FHRP - First Hop Redundancy Protocol), as shown in Figure.

Hot Standby Routing Protocol (HSRP)

It is an exclusive Cisco protocol designed to allow transparent failover of a first-hop IPv4 device.
Hot Standby Routing Protocol HSRP provides high network availability, as it provides first hop routing redundancy for IPv4 hosts on networks configured with a default gateway IPv4 address. HSRP is used in a group of routers to select an active device and a backup device.
In a group of device interfaces, the active device is one that is used to route packets, and the backup device is the one that takes control when the active device fails or when previously established conditions are met. The function of the HSRP backup router is to control the operational status of the Hot Standby Routing Protocol HSRP group and quickly assume responsibility for packet forwarding if the active router fails.

Hot Standby Routing Protocol HSRP for IPv6

Cisco exclusive FHRP that provides the same HSRP functionality but in an IPv6 environment. An IPv6 HSRP group has a virtual MAC address derived from the HSRP group number and a virtual link-local IPv6 address derived from the HSRP virtual MAC address.
When the HSRP group is active, periodic router (RA) ads are sent for the HSRP virtual link-local IPv6 address. When the group is no longer active, these RAs end after a last RA is sent.

Virtual Router Redundancy Protocol Version 2 (VRRPv2)

It is a non-exclusive protocol of choice that dynamically assigns the responsibility of one or more virtual routers to the VRRP routers on an IPv4 LAN. This allows several routers in a multiple access link to use the same virtual IPv4 address.

VRRP routers are configured to run the VRRP protocol in conjunction with one or more routers connected to a LAN. In a VRRP configuration, a router is chosen as the virtual master router, while the rest works as a backup in the event that the virtual master router fails.

VRRPv3

It provides the ability to support IPv4 and IPv6 addresses. VRRPv3 works in multi-vendor environments and is more scalable than VRRPv2.

Gateway Load Balancing Protocol (GLBP)

Cisco exclusive FHRP that protects data traffic against a router or circuit failure, such as HSRP and VRRP, while allowing load balancing (also called " load sharing ") between a group of redundant routers.

GLBP for IPv6

Cisco exclusive FHRP that provides the same GLBP functionality but in an IPv6 environment . GLBP for IPv6 provides automatic router backup for IPv6 hosts configured with a single default gateway on a LAN.

Several first hop routers on the LAN are combined to offer a single virtual first hop IPv6 router and, at the same time, share the IPv6 packet forwarding load.

ICMP router discovery protocol (IRDP)

It is specified in RFC 1256; It is an old FHRP solution. IRDP allows IPv4 hosts to locate routers that provide IPv4 connectivity to other (non-local) IP networks.

HSRP Verification

• An active HSRP router has the following characteristics:
• Respond to ARP requests from the default gateway with the MAC of the virtual router.
• It assumes active packet forwarding for the virtual router.
• Send greeting messages.
• Know the IP address of the virtual router.

A backup HSRP router has the following characteristics:

• Listen to periodic greeting messages.
• It assumes active packet forwarding if it does not perceive active router activity.
• HSRP Verification

Use the show standby command to verify the status of HSRP. In Image 5, the result shows that the router is in active state.

GLBP Verification

Although HSRP and VRRP provide recoverability to the gateway, for backup members of the redundancy group, upstream bandwidth is not used while the device is in backup mode.
Only the active router of the HSRP and VRRP groups sends traffic to the virtual MAC address. Resources that are not associated with the backup router are not fully utilized. It is possible to achieve load balancing with these protocols by creating several groups and assigning several default gateways, but this configuration generates an administrative burden.
GLBP is a Cisco proprietary solution that allows automatic selection and simultaneous use of several available gateways, in addition to automatic failover between those gateways.

In figure, several routers share the load of the frames that, from the client's perspective, are sent to a single default gateway address.
With GLBP, you can make maximum use of resources without the administrative burden of configuring multiple groups and managing various default gateway configurations. GLBP has the following characteristics:

• It allows full use of resources on all devices, without the administrative burden of creating several groups.
• It provides a single virtual IP address and several virtual MAC addresses.
• Route the traffic to the only gateway distributed through the routers.
• Allows you to reroute automatically in case of failure.
• Use the show glbp command to verify the status of GLBP. In Image 8, it is shown that the GLBP group 1 is in active state with the virtual IP address 192.168.2.100.