A Cisco proprietary protocol, Hot Standby Router Protocol (HSRP), provides transparent failover of a gateway device in a network.
A minimum of two devices are required to enable Hot Standby Router Protocol.
One of the devices acts as the active gateway in the network whilst the other remains in a standby position ready to take over in the event of a failure.
Both devices are configured with a virtual IP address and a group number. The virtual IP address acts as the gateway for that subnet. All devices sharing that virtual IP address must also be configured with the same group number.
A device configured with a virtual IP address and group number will also utilise a virtual MAC address.
HSRP will elect an active router when there are multiple devices sharing a group number and the same virtual IP address. The router with the highest group priority, a default of 100, will succeed as the active router. If there is a tie, then the router with the highest IP address on the subnet (the non-virtual IP address) will be chosen as the preferred active router.
If a new router with a higher priority joins the group, there will not be an automatic re-election of the active router – pre-emption is disabled by default.
For HSRP to function, the router must have a separate IP address in the same subnet that the router will have a virtual IP address configured in.
Interfaces configured with HSRP send hello messages to detect failure and designate the role (active/standby) routers.
If a standby device does receive a hello message from an active device, the second highest priority detected device will change its role from standby to active. This is transparent to other hosts on the network as the virtual MAC address will move from one gateway to the other.
There are two versions of HSRP, HSRPv1 and HSRPv2.
HSRP version 1 can support group numbers between 0 to 255, and utilises second timer values for sending Hello messages to peers.
184.108.40.206 is the multicast address that HSRPv1 utilises to communicate with other HSRPv1 enabled devices.
A router running HSRPv1 can be identified by it’s virtual MAC address utilising a range of 0000.0c07.acXX. XX will be a hex value that identifies the group number being utilised.
HSRP version 2 improves on version 1 in several factors. There can be group numbers between 0 and 4095.
220.127.116.11 is the multicast address that HSRPv2 utilises to communicate with other HSRPv2 enabled devices.
Lastly, HSRPv2 uses another virtual MAC address – this time with 0000.0c9f.fXXX