<CHAPTEROBJECTIVE>Configuring HSRP with multiple groups</CHAPTEROBJECTIVE></CHAPTEROBJECTIVEBLOCK>
<PARA><DROPCAP>L</DROPCAP>AN segments are very reliable when compared to their wide area counterparts. However, failure occurs on these segments as well, making fault tolerance an important issue. The most well-known fault-tolerance mechanism on a LAN consists of the dual rings encountered in Fiber Distributed Data Interface (FDDI) networks. This FDDI technique occurs at the Physical layer of the OSI model.</PARA>
<PARA>In this chapter, you will learn about fault-tolerance methods that occur beyond the Physical layer-in particular, fault tolerance that occurs at the Data Link and Network layers of the OSI model. The types of fault tolerance covered here include Proxy Address Resolution Protocol (ARP), Internet Control Message Protocol (ICMP), ICMP Router Discovery Protocol (IRDP), dynamic routing protocols, and the Hot Standby Routing Protocol (HSRP).</PARA>
<PARA>The <KEYTERM>Hot Standby Routing Protocol (HSRP)</KEYTERM> is a proprietary protocol developed by Cisco to support fault tolerance on multi-access media. This protocol provides high network availability and transparent network topology changes. </PARA>
<PARA>The specifications for HSRP were published in March 1998 as RFC 2281. A month later, the open standards implementation, called the Virtual Router Redundancy Protocol (VRRP), was published in RFC 2338. VRRP and HSRP perform the same essential function.</PARA>
<PARA>The purpose of HSRP is to allow hosts to appear to use a single router and still maintain connectivity, even if the actual next hop router (default gateway) they are using fails. This is accomplished by creating a virtual router and having the physical routers communicate in such a way that the virtual router is always available. </PARA>
<PARA><DROPCAP>T</DROPCAP>he problem with IP routing is the default gateway configuration on a workstation. When a host is configured with a default gateway, it will always use that address to send packets out of the local network. If the router that is assigned to the default gateway goes down, the host is down to the outside world until the default gateway is fixed. </PARA>
<PARA>There are a few solutions, one being HSRP, of course. However, let's take a look at the other options: </PARA>
<LIST MARK="bullet">
<LISTITEM><PARA>Proxy ARP</PARA></LISTITEM>
<LISTITEM><PARA>Enabling dynamic routing protocols on the hosts</PARA></LISTITEM>
<PARA><KEYTERM>Proxy Address Resolution Protocol (Proxy ARP)</KEYTERM> is a variation of the ARP protocol in which an intermediate device, such as a router, sends an ARP response on behalf of an end node to the requesting host. Proxy ARP has been defined and referenced in many RFCs. </PARA>
<PARA>This technology once had a strong following, and one benefit is that it can lessen bandwidth use on slow-speed WAN links. As networks grew, however, Proxy ARP did not scale with them. </PARA>
<PARA>In this section, you will learn about the origin, implementation, and advantages and disadvantages of Proxy ARP.</PARA>
<SECTION ID="8.1.1.1"><TITLE>The Origin of Proxy ARP</TITLE>
<!-- <PARA>Originally, Proxy ARP was designed for dial-up connections, such as the example shown in Figure 8.1. You could give the dial-in machine an address taken from the subnet of the local LAN without having to create a new subnet. This conserved a substantial amount of address space.</PARA> -->
<SLUG NUM="8.1">Figure 8.1: Proxy ARP for dial-up connections [f0801.eps]</SLUG>
<!-- <PARA>First, you should review how Proxy ARP typically functions in dial-up environments. In the example shown in Figure 8.1, when Host C wants to send a packet to Host A, it assumes that Host A is on the same segment. When Host C sends a broadcast ARP for 200.1.1.4, Host B will reply with its own MAC address. Host C will send packets that are destined for Host A to Host B's MAC address. Host B will then forward them to A. This style of Proxy ARP is still prevalent in dial-up environments.</PARA> -->
</SECTION>
<SECTION ID="8.1.1.2"><TITLE>Implementing Proxy ARP with Routers</TITLE>
<!-- <PARA>Proxy ARP with routers works similarly to the example in Figure 8.1, but it can be configured to provide some fault tolerance. Let's consider Figure 8.2 and how Proxy ARP could be used in this example.</PARA> -->
<SLUG NUM="8.2">Figure 8.2: Proxy ARP with routers [f0802.eps]</SLUG>
<!-- <PARA>Host C has an IP address of 10.1.0.99 and a default gateway of 10.1.0.99. Note that the IP address and default gateway should be the same when clients are configured in a Proxy ARP environment. Host C will use ARP for every single IP address to which it wants to connect, regardless of whether it is on the local segment.</PARA> -->
</SECTION>
<SECTION ID="8.1.1.3"><TITLE>Enabling Proxy ARP on Cisco Routers</TITLE>
<PARA>Proxy ARP is enabled on Cisco routers by default, as displayed in the results of the following <INLINECODE>show ip interface</INLINECODE> command:</PARA>
<CODESNIPPET><CODELINE>RouterA#<EMPHASIS FORMAT="bold">show ip interface ethernet 0</EMPHASIS></CODELINE>
<CODELINE>Ethernet0 is up, line protocol is up</CODELINE>
<CODELINE> Internet address is 10.1.0.1/16</CODELINE>
<CODELINE> Broadcast address is 255.255.255.255</CODELINE>
<CODELINE> Address determined by setup command</CODELINE>
<CODELINE> MTU is 1500 bytes</CODELINE>
<CODELINE> Helper address is not set</CODELINE>
<CODELINE> Directed broadcast forwarding is disabled</CODELINE>
<CODELINE> Multicast reserved groups joined: 224.0.0.9</CODELINE>
<CODELINE> Outgoing access list is not set</CODELINE>
<CODELINE> Inbound access list is not set</CODELINE>
<CODELINE><EMPHASIS FORMAT="bold"> Proxy ARP is enabled</EMPHASIS></CODELINE>
<CODELINE> Security level is default</CODELINE>
<CODELINE> Split horizon is enabled</CODELINE>
<CODELINE> ICMP redirects are always sent</CODELINE>
<CODELINE> ICMP unreachables are always sent</CODELINE>
<CODELINE> ICMP mask replies are never sent</CODELINE>
<CODELINE> IP fast switching is enabled</CODELINE>
<CODELINE> IP fast switching on the same interface is disabled</CODELINE>
<CODELINE> IP Null turbo vector</CODELINE>
<CODELINE> IP multicast fast switching is disabled</CODELINE>
<CODELINE> IP multicast distributed fast switching is disabled</CODELINE>
<CODELINE> Router Discovery is disabled</CODELINE>
<CODELINE> IP output packet accounting is disabled</CODELINE>
<CODELINE> IP access violation accounting is disabled</CODELINE>
<CODELINE> TCP/IP header compression is disabled</CODELINE>
<CODELINE> Probe proxy name replies are disabled</CODELINE>
<CODELINE> Policy routing is disabled</CODELINE>
<CODELINE> Network address translation is disabled</CODELINE>
<CODELINE> Web Cache Redirect is disabled</CODELINE>
<CODELINE> BGP Policy Mapping is disabled</CODELINE>
<CODELINE>RouterA# </CODELINE></CODESNIPPET>
<PARA>If you need to enable Proxy ARP on an interface because you had disabled it, use the <INLINECODE>ip proxy arp</INLINECODE> command at interface level: </PARA>
<PARA>Going back to the example in Figure 8.2, when Host C tries to connect to any IP address, it sends out an ARP request. Both Router A and Router B reply to this broadcast with their own MAC addresses. Host C accepts the first response that it receives and places an entry into the local ARP table. The entry will stay in the ARP table until it expires, which can be from minutes to hours, depending on the operating system. </PARA>
<NOTE>Cisco routers default to four-hour ARP time-out.</NOTE>
<PARA>In this example, when Host C tries to ping 14.4.4.4, it gets the following results:</PARA>
<PARACONTINUED>Notice that the MAC address for 10.1.0.2 and 14.4.4.4 are the same. Router A and Router B both replied; however, Router B's packet arrived first.</PARACONTINUED>
<PARA>You can observe the exchange on the router as shown in this output:</PARA>
<PARA>Now let's assume that Router B's Ethernet0 fails and Host C attempts to ping 14.4.4.4 again. Host C still has Router B's MAC address in the ARP table for getting to 14.4.4.4. The ping will fail. Now when Host C tries to ping 14.4.4.4, it gets the following results:</PARA>
<CODELINE>Pinging 14.4.4.4 with 32 bytes of data:</CODELINE>
<CODELINE></CODELINE>
<CODELINE>Request timed out.</CODELINE>
<CODELINE>Request timed out.</CODELINE>
<CODELINE>Request timed out.</CODELINE>
<CODELINE>Request timed out.</CODELINE>
<CODELINE>C:\></CODELINE></CODESNIPPET>
<PARACONTINUED>In this example, Host C's ARP time-out value is set to 6 minutes. After the time expires, Host C will again be able to reach 14.4.4.4. However, Host C has immediate access via Router A to any IP address it has not yet cached.</PARACONTINUED>
</SECTION>
<SECTION ID="8.1.1.5"><TITLE>Advantages and Disadvantages of Proxy ARP</TITLE>
<PARA>Proxy ARP offers a number of advantages and disadvantages. Among the benefits are the following:</PARA>
<LIST MARK="bullet">
<LISTITEM><PARA>No need to configure clients with a gateway</PARA></LISTITEM>
<LISTITEM><PARA>Load balancing, although this is somewhat random</PARA></LISTITEM>
<LISTITEM><PARA>Immediate fault tolerance for addresses not recently contacted</PARA></LISTITEM>
</LIST>
<PARA>There are also several drawbacks to Proxy ARP:</PARA>
<LIST MARK="bullet">
<LISTITEM><PARA>A lot of broadcast traffic</PARA></LISTITEM>
<LISTITEM><PARA>Must wait for ARP cache to time out in the event of failure</PARA></LISTITEM>
<LISTITEM><PARA>No control over which router is primary and secondary</PARA></LISTITEM>
</LIST>
<PARA>Proxy ARP does provide some fault tolerance on a multi-access segment, but it does not give the control administrators desire. A more robust and flexible method is needed. In response to this need, Cisco developed the Hot Standby Routing Protocol (HSRP).</PARA>
<PARA>Another solution to the IP default gateway problem is to run dynamic routing protocols on all the hosts. The end-station host will then maintain a table of which routers have a path to the remote network they need. Of course, all your hosts on a network must be able to support dynamic routing. Both Unix workstations and Windows NT workstations support IP RIP, for example. However, the workstations will be slow to converge and have a tremendous overhead of processing and memory. </PARA>
<PARA>A third solution to the IP default gateway problem is <KEYTERM>ICMP Router Discovery Protocol (IRDP)</KEYTERM>. This will allow hosts to use the <KEYTERM>Internet Control Message Protocol (ICMP)</KEYTERM> to find a new path when the primary router becomes unavailable.</PARA>
<PARA>IRDP is an extension of the ICMP protocol and not a dynamic routing protocol. This ICMP extension allows routers to advertise default routes to end stations. This saves processing on the end stations because they don't need to run routing protocols and no configuration of hosts by an administrator is required. However, they need to run the IRDP daemon. You can find an IRDP daemon on the Cisco FTP site (<INLINEURL>ftp.cisco.com</INLINEURL>).</PARA>
<PARA>Hosts running the IRDP daemon listen for the IRDP hello messages, which are sent out from a router as multicast packets. The hello messages are sent out every 7 to 10 minutes, with a holdtime of 30 minutes.</PARA>
<PARA>The problem with this topology is that it is very broadcast intensive. IRDP is not as broadcast intensive as routing protocols running on the workstations, but it still uses broadcasts to communicate to the router. </PARA>
</SECTION>
</SECTION>
<SECTION ID="8.2"><TITLE>HSRP </TITLE>
<PARA><DROPCAP>H</DROPCAP>ot Standby Routing Protocol (HSRP) can solve the default gateway problems we listed earlier. HSRP will enable end stations to continue to communicate through the network if a router fails without placing excessive broadcasts on a network. </PARA>
<PARA>HSRP works by creating a single virtual standby router that really is a set of at least two routers or more. To the workstations, it appears that the virtual router is just one router interface. If a router fails in the group, another router will automatically assume the function of the default router. There is a drawback to all this, and maybe you have already figured it out. You need more than one router to run HSRP. So, although it doesn't have the broadcast problems the solutions we mentioned earlier in this chapter have, it does cost money. </PARA>
<!-- <PARA>What HSRP does is create a Hot Standby router group with a lead router that services all packets that are sent to the Hot Standby address. All of the other routers in the group monitor the lead router, and if the lead router fails, then a standby router inherits both the lead position and the Hot Standby group address.</PARA>
<PARA>HSRP defines six states in which an HSRP router may run:</PARA>
<RUNINBLOCK><RUNINHEAD>Initial</RUNINHEAD>
<RUNINPARA>All routers begin in this state when configured with HSRP. HSRP is not running on the router yet because the interface configured with HSRP is not up and active yet. </RUNINPARA></RUNINBLOCK>
<RUNINBLOCK><RUNINHEAD>Learn</RUNINHEAD>
<RUNINPARA>The router is in the learn state when it has not heard from the active router. It does not know the active router and does not know the IP address of the virtual router</RUNINPARA></RUNINBLOCK>
<RUNINBLOCK><RUNINHEAD>Listen</RUNINHEAD>
<RUNINPARA>The router enters the listen state after it hears from the active router and knows the IP virtual address. This router is not the active or standby router. </RUNINPARA></RUNINBLOCK>
<RUNINBLOCK><RUNINHEAD>Speak</RUNINHEAD>
<RUNINPARA>After a router learns the IP address of the virtual router, the router will enter the speak state. It will actively participate in the election of the active and standby router. It sends hello messages to the active router.</RUNINPARA></RUNINBLOCK>
<RUNINBLOCK><RUNINHEAD>Standby</RUNINHEAD>
<RUNINPARA>This state means the router will become the active router if the active router fails. There must one active router in the HSRP group. </RUNINPARA></RUNINBLOCK>
<RUNINBLOCK><RUNINHEAD>Active</RUNINHEAD>
<RUNINPARA>This state tells the router to forward packets, which are sent to the virtual IP address. There must be one active router in the HSRP group.</RUNINPARA></RUNINBLOCK> -->
<PARA>Configuring HSRP is pretty simple. We'll show you more difficult configurations of HSRP that you can use in larger internetworks later in this chapter. But for now, let's consider the simple example shown in Figure 8.3. Here there is a virtual router with the IP address of 10.1.0.200. All clients on that Ethernet segment configure that IP address as their default gateway.</PARA>
<SLUG NUM="8.3">Figure 8.3: HSRP with two routers [f0803.eps]</SLUG>
<PARA>Enabling HSRP on the router requires minimal configuration. In the example shown in Figures 8.3, we want Routers A and B to create a virtual router with the IP address of 10.1.0.200. </PARA>
<PARA>To do this, use the following commands:</PARA>
<CODELINE>RouterB(config-if)#standby 1 ip 10.1.0.200</CODELINE>
<CODELINE>RouterB(config-if)#^Z</CODELINE>
<CODELINE>00:03:31: %STANDBY-6-STATECHANGE: Standby: 1: FastEthernet0/0 state Speak-> Standby</CODELINE>
<CODELINE>00:03:31: %STANDBY-6-STATECHANGE: Standby: 1: FastEthernet0/0 state Standby-> Active</CODELINE></CODESNIPPET>
<PARA>When workstations ARP for the hardware address of 10.1.0.200, the virtual address will be given. All routers will use this virtual address to give to workstations. You verify the HSRP configuration with the <INLINECODE>show standby</INLINECODE> command: </PARA>
<CODELINE> Local state is Standby, priority 100</CODELINE>
<CODELINE> Hellotime 3 holdtime 10</CODELINE>
<CODELINE> Next hello sent in 00:00:01.628</CODELINE>
<CODELINE> Hot standby IP address is 10.1.0.200 configured</CODELINE>
<CODELINE> Active router is 10.1.0.1 expires in 00:00:09</CODELINE>
<CODELINE> Standby router is local</CODELINE>
<CODELINE> Standby virtual mac address is 0000.0c07.ac01</CODELINE>
<CODELINE>RouterB#</CODELINE></CODESNIPPET>
<PARA>You can also see the virtual router address by looking at the ARP table on a router. Remember that the Address Resolution Protocol (ARP) is used to find a hardware (MAC) address from a known IP address. Once the ARP protocol has resolved an IP address to a hardware address, the hardware address is placed in the ARP cache for four hours. The next time the router needs to communicate to a device connected on a LAN that is connected to a router interface, the router will look in the ARP cache for the hardware address. This makes the resolution faster than it would be if a broadcast were sent every time. The command to see the ARP table is <INLINECODE>show ip arp</INLINECODE>. Here is an example:</PARA>
<CODESNIPPET><CODELINE>Router#<EMPHASIS FORMAT="bold">sh ip arp</EMPHASIS></CODELINE>
<CODELINE>Protocol Address Age (min) Hardware Addr Type Interface</CODELINE>
<PARA>Notice that the address 10.1.0.200 is in the ARP table and is resolved to a hardware address. The router's F0/0 interface is configured with the IP address, hence the dash (-) in the minute column. The 0000.0c is the Cisco vendor code. The 07.ac is the HSRP Well-Known Virtual MAC Address. The 01 is the HSRP group number. </PARA>
<PARA>After both routers have been configured, they begin transmitting hello packets every three seconds to the multicast address 224.0.0.2. This is shown in the output below:</PARA>
<CODESNIPPET><CODELINE>SB1:Ethernet0 Hello out 10.1.0.2 Standby pri 100 hel 3 hol 10 ip 10.1.0.200</CODELINE>
<CODELINE>SB1:Ethernet0 Hello in 10.1.0.1 Active pri 100 hel 3 hol 10 ip 10.1.0.200 </CODELINE></CODESNIPPET>
<PARA>If the standby router stops receiving hellos from the active router, it will then start answering for the virtual IP address, thinking the active router is down. </PARA>
<PARA>The first router configured will become the active router. The active router is the router currently forwarding packets for the virtual router. The standby router is the primary backup router. </PARA>
<PARA>The Priority option set on the router controls which router will be the active router when the election occurs. The default priority on a router is 100, and the router with the highest priority wins the election. However, if a router with a lower priority is the active router and a router with a higher priority joins the group, an election will not occur unless the Preempt option is set. If the Preempt option is set, then the new router will force an election. If the new router wins, it becomes the active router. This process is called a <EMPHASIS FORMAT="italic">coup</EMPHASIS>.</PARA>
<PARA>The router output below shows this process:</PARA>
<CODELINE> Local state is Active, priority 110, may preempt</CODELINE>
<CODELINE> Hellotime 3 holdtime 10</CODELINE>
<CODELINE> Next hello sent in 00:00:01.288</CODELINE>
<CODELINE> Hot standby IP address is 10.1.0.200 configured</CODELINE>
<CODELINE> Active router is local</CODELINE>
<CODELINE> Standby router is 10.1.0.1 expires in 00:00:09</CODELINE>
<CODELINE> Standby virtual mac address is 0000.0c07.ac01</CODELINE>
<CODELINE>RouterB#</CODELINE></CODESNIPPET>
<PARA>Additional properties can be set to control the virtual address of the router: the Hello interval, which is 3 seconds by default, and the Hold interval, which is 10 seconds by default. If Router B did not transmit any hellos for 10 seconds, Router A would become the active router.</PARA>
</SECTION>
<SECTION ID="8.2.3"><TITLE>HSRP Tracking</TITLE>
<PARA>The next problem addressed by HSRP is the failing of other interfaces besides the one running HSRP. In the example shown in Figure 8.3, for instance, if Router B's WAN connection should fail, you would want Router A to become the active router. You can accomplish this by HSRP tracking. </PARA>
<PARA>You can configure Router B so that if the WAN interface fails, Router B will reduce its priority by a set amount. The default amount is 10. Take a look at this sample to see how it is done:</PARA>
<CODELINE>%LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0, changed state to down </CODELINE>
<CODELINE>SB1: Ethernet0 Priority was 110 now 60, configured as 110</CODELINE>
<CODELINE>SB1:Ethernet0 Hello out 10.1.0.2 Active pri 60 hel 3 hol 10 ip 10.1.0.200</CODELINE>
<CODELINE>SB1:Ethernet0 Coup in 10.1.0.1 Standby pri 100 hel 3 hol 10 ip 10.1.0.200</CODELINE>
<CODELINE>18:01:37: %STANDBY-6-STATECHANGE: Standby: 1: Ethernet0 state Active -> Speak</CODELINE>
<CODELINE>SB1:Ethernet0 Resign out 10.1.0.2 Speak pri 60 hel 3 hol 10 ip 10.1.0.200</CODELINE>
<CODELINE>SB1:Ethernet0 Hello out 10.1.0.2 Speak pri 60 hel 3 hol 10 ip 10.1.0.200</CODELINE>
<CODELINE>SB1:Ethernet0 Hello in 10.1.0.1 Active pri 100 hel 3 hol 10 ip 10.1.0.200</CODELINE></CODESNIPPET>
<PARA>Let's consider what happened in the preceding sample. Router B was configured to track interface serial 0. If interface serial 0 goes down, then Router B should reduce the standby priority by 50. When serial 0 is shut down, the priority drops from 110 to 60. Router A, which must be configured to Preempt, becomes the active router (a coup) because it has a priority of 100. As you can see in the following output, Router B is now the standby router:</PARA>
<CODELINE> Local state is Standby, priority 60, may preempt</CODELINE>
<CODELINE> Hellotime 3 holdtime 10</CODELINE>
<CODELINE> Next hello sent in 00:00:01.172</CODELINE>
<CODELINE> Hot standby IP address is 10.1.0.200 configured</CODELINE>
<CODELINE> Active router is 10.1.0.1 expires in 00:00:08</CODELINE>
<CODELINE> Standby router is local</CODELINE>
<CODELINE> Standby virtual mac address is 0000.0c07.ac01</CODELINE>
<CODELINE> Tracking interface states for 1 interface, 0 up:</CODELINE>
<CODELINE> Down Serial0 Priority decrement: 50</CODELINE>
<CODELINE>RouterB#</CODELINE></CODESNIPPET>
</SECTION>
</SECTION>
<SECTION ID="8.3"><TITLE>HSRP with Multiple Destinations</TITLE>
<!-- <PARA><DROPCAP>H</DROPCAP>SRP has provisions for more complex scenarios involving multiple routers and multiple destinations. Consider three routers on a LAN segment providing connectivity to two different locations, as shown in Figure 8.4.</PARA> -->
<SLUG NUM="8.4">Figure 8.4: HSRP with multiple destinations [f0804.eps]</SLUG>
<!-- <PARA>As you can see in this figure, Router A is directly connected and the primary link to the 22.2.0.0/16 network, and Router C is directly connected and the primary link to the 33.3.0.0/16 network. In the event that Router A fails, Router E can establish a link to the 22.2.0.0/16 network. In the event that Router C fails, Router E can establish a link to the 33.3.0.0/16 network. Notice that the gateway addresses are virtual so that the workstation is not stuck using one default gateway address. This stops the administrators from having to reconfigure the workstation's IP configuration if a router fails.</PARA> -->
<SECTION ID="8.3.1" POS="1"><TITLE>HSRP with Multiple Groups</TITLE>
<!-- <PARA>HSRP uses the concept of groups to allow for just about any combination of router and backup topologies that you can imagine. Generally, you will create one HSRP group per destination. In this example (as shown in Figure 8.5), you will create two HSRP groups.</PARA> -->
<SLUG NUM="8.5">Figure 8.5: HSRP with multiple groups [f0805.eps]</SLUG>
<!-- <PARA>This shows the process of creating two HSRP groups: </PARA>
<PARACONTINUED>Router E is made a member of both Group 1 and Group 2. The lower priority of 90 ensures that Routers A and C will be the primary routers. The authentication key is not really for security because it is transmitted in the packet. The key helps prevent against incorrect configuration.</PARACONTINUED>
<PARA>HSRP also provides support protocols other than IP, including AppleTalk, Banyan Vines, Novell IPX, DECnet, and XNS. This provides a complete solution to providing fault tolerance on multi-access media.</PARA>
<PARA>Once you have HSRP configured, you can troubleshoot and monitor HSRP with the <INLINECODE>show standby</INLINECODE> and <INLINECODE>debug standby</INLINECODE> commands. Because we have already looked at the <INLINECODE>show standby</INLINECODE> command, we'll demonstrate only the <INLINECODE>debug standby</INLINECODE> command:</PARA>
<CODELINE>Hot standby protocol debugging is on</CODELINE>
<CODELINE>Router#</CODELINE>
<CODELINE>00:15:32: SB1:FastEthernet0/0 Hello out 10.1.0.200 Active pri 100 hel 3 hol 10 ip 10.1.0.200</CODELINE>
<CODELINE>00:15:35: SB1:FastEthernet0/0 Hello out 10.1.0.200 Active pri 100 hel 3 hol 10 ip 10.1.0.200</CODELINE>
<CODELINE>00:15:38: SB1:FastEthernet0/0 Hello out 10.1.0.200 Active pri 100 hel 3 hol 10 ip 10.1.0.200</CODELINE></CODESNIPPET>
<PARACONTINUED>Notice that the hello is sent out 10.1.0.200 and is the active router with a priority of 100. The hello time is shown as 3 seconds with a holdtime of 10 seconds.</PARACONTINUED> -->
</SECTION>
</SECTION>
<SECTION ID="8.4"><TITLE>Summary</TITLE>
<PARA><DROPCAP>I</DROPCAP>n this chapter, we discussed the different ways you can configure your network to support redundant connections-specifically, default gateways. </PARA>
<PARA>The types of fault tolerance that we covered included Proxy Address Resolution Protocol (Proxy ARP), Internet Control Message Protocol (ICMP), ICMP Router Discovery Protocol (IRDP), dynamic routing protocols, and the Hot Standby Routing Protocol (HSRP).</PARA>
<PARA>We showed you how to configure HSRP and implement it in an internetwork using Cisco routers. </PARA>
<TABULARENTRY><INLINECODE>show ip interface ethernet 0</INLINECODE></TABULARENTRY>
<TABULARENTRY>Shows the IP configuration of Ethernet 0, including whether Proxy ARP is configured and if access lists are set on the interface </TABULARENTRY>
<TABULARENTRY>Sets the interface to force an election if a router joins the HSRP group with a higher priority than the other routers in the group</TABULARENTRY>
</TABULARROW>
<TABULARROW>
<TABULARENTRY><INLINECODE>standby 1 track serial 0 50</INLINECODE></TABULARENTRY>
<TABULARENTRY>Tells HSRP to monitor a connected serial link that is not running HSRP</TABULARENTRY>
<TABULARENTRY>Allows you to monitor and verify the HSRP group</TABULARENTRY>
</TABULARROW>
</TABULARBODY>
</TABULARDATA>
</SECTION>
</SECTION>
<TESTSECTION ID="8.5"><TITLE>Written Lab</TITLE>
<!-- <PARA>Complete this lab by writing out the answers to the following questions:</PARA>
<TESTDATA>
<TESTBLOCK><QUESTIONBLOCK><QUESTION>Write the command that will allow you to view the table that holds the IP-to-MAC addresses resolved on a router.</QUESTION></QUESTIONBLOCK></TESTBLOCK>
<TESTBLOCK><QUESTIONBLOCK><QUESTION>Write the command to enable HSRP on an FE0/0 interface using a group number of 2, IP address of 1.1.1.1.</QUESTION></QUESTIONBLOCK></TESTBLOCK>
<TESTBLOCK><QUESTIONBLOCK><QUESTION>Write the command that will force an election if a new router joins the HSRP group 2 with a higher priority than the active router. </QUESTION></QUESTIONBLOCK></TESTBLOCK>
<TESTBLOCK><QUESTIONBLOCK><QUESTION>Write the command to change the priority to 110.</QUESTION></QUESTIONBLOCK></TESTBLOCK>
<TESTBLOCK><QUESTIONBLOCK><QUESTION>Write the command to set the router to track serial 0 and set the router priority to decrement by 50 if it fails. </QUESTION></QUESTIONBLOCK></TESTBLOCK>
<TESTBLOCK><QUESTIONBLOCK><QUESTION>Write the command to view the virtual address of an HSRP group.</QUESTION></QUESTIONBLOCK></TESTBLOCK>
<TESTBLOCK><QUESTIONBLOCK><QUESTION>What command can you type on the router to view the hellos being sent and received on an HSRP interface?</QUESTION></QUESTIONBLOCK></TESTBLOCK>
<TESTBLOCK><QUESTIONBLOCK><QUESTION>The router enters the ___________________ state after it hears from the active router and knows the virtual IP address.</QUESTION></QUESTIONBLOCK></TESTBLOCK>
<TESTBLOCK><QUESTIONBLOCK><QUESTION>This state means the router will become the active router if the active router fails.</QUESTION></QUESTIONBLOCK></TESTBLOCK>
<TESTBLOCK><QUESTIONBLOCK><QUESTION>The default priority on a router is ___________________ .</QUESTION></QUESTIONBLOCK></TESTBLOCK>
</TESTDATA> -->
<SLUG NONUM="w1"/>
</TESTSECTION>
<SECTION ID="8.6"><TITLE>Hands-On Lab</TITLE>
<PARA>In this lab, you'll use Figure 8.6 as a network diagram to configure HSRP. Notice that we have added another router to the network. This will allow you to run the HSRP protocol as a redundancy method. </PARA>
<LISTITEM><PARA>Notice that the 2621A router is the active router (local) and that 2501A is the standby. This is because the 2621A router was configured first. Both have a priority of 100, hello time of 3 seconds, and holdtime of 10 seconds. </PARA></LISTITEM>
<LISTITEM><PARA>Type the <INLINECODE>debug standby</INLINECODE> command on the 2621A router to view the hello messages being sent and received on the router's F0/0 interface. </PARA>
<LISTITEM><PARA>Notice that the hello is from 172.16.10.5 and is announcing itself as a standby router with a priority of 100, a hello time of 3 seconds, and a holdtime of 10 seconds. Also notice that the 2621A router is sending out the same information, except that it is advertising itself as the active router.</PARA></LISTITEM>
<LISTITEM><PARA>Run the <INLINECODE>debug standby</INLINECODE> command on the 2501A router and view the information. </PARA>
<CODELINE>Hot standby protocol debugging is on</CODELINE>
<CODELINE>RouterC#</CODELINE>
<CODELINE>00:06:06: SB1:Ethernet0 Hello out 172.16.10.5 Standby pri 100 hel 3 hol 10 ip 17</CODELINE>
<CODELINE>2.16.10.50</CODELINE>
<CODELINE>00:06:07: %STANDBY-6-STATECHANGE: Standby: 1: Ethernet0 state Standby -> Active</CODELINE>
<CODELINE>00:06:07: SB1:Ethernet0 Hello out 172.16.10.5 Active pri 100 hel 3 hol 10 ip 172</CODELINE>
<CODELINE>.16.10.50</CODELINE>
<CODELINE>00:06:07: SB1: Ethernet0 changing MAC address to 0000.0c07.ac01</CODELINE></CODESNIPPET></LISTITEM>
<LISTITEM><PARA>Notice that when the cable to the 2621A router was unplugged, the state change took place. The 2501A router is now the active router. Notice that the Ethernet MAC address is changed to the virtual MAC address. </PARA></LISTITEM>
<LISTITEM><PARA>Plug the cable to the 2621A router back in and notice that the 2621A router does not become the active router. Run <INLINECODE>debug stand</INLINECODE> on the 2501A router to see this. </PARA>
<CODESNIPPET><CODELINE>00:06:54: SB1:Ethernet0 Hello out 172.16.10.5 Active pri 100 hel 3 hol 10 ip 172</CODELINE>
<CODELINE>.16.10.50</CODELINE>
<CODELINE>00:06:57: SB1:Ethernet0 Hello in 172.16.10.1 Speak pri 100 hel 3 hol 10 ip 172.1</CODELINE>
<CODELINE>6.10.50</CODELINE>
<CODELINE>00:06:57: SB1:Ethernet0 Hello out 172.16.10.5 Active pri 100 hel 3 ho</CODELINE></CODESNIPPET></LISTITEM>
<LISTITEM><PARA>Even though the 2621A router has sent and received a hello, it is in speak state and did not cause a reelection because the priorities are the same. You want the 2621A to be the active router because it is running FastEthernet, so change the priority of the router so it's higher and make it force an election. In addition, to make an HSRP router force an election, you must also add the <INLINECODE>preempt</INLINECODE> command or it won't work. </PARA>
<LISTITEM><PARA>Type the <INLINECODE>show standby</INLINECODE> command to view the HSRP configuration. Notice that the priority is 150 and it may preempt. </PARA>
