Showing posts with label Gateway Redundancy. Show all posts
Showing posts with label Gateway Redundancy. Show all posts

Tuesday, 4 November 2025

HSRP v1 vs v2, Preempt and Tracking Explained, HSRP Vs VRRP - (Cisco Interview Guide)


Introduction

In enterprise networks, default gateway redundancy is critical to ensure uninterrupted connectivity. If the gateway fails, users lose access to external networks.

Cisco provides HSRP (Hot Standby Router Protocol) to eliminate this single point of failure by enabling multiple routers to act as a single virtual gateway.

This blog covers:

  • HSRP fundamentals
  • HSRP v1 vs v2
  • HSRP preempt (with best practices)
  • HSRP preempt with tracking (real-world design)
  • HSRP vs VRRP comparison

What is HSRP

HSRP is a Cisco proprietary First Hop Redundancy Protocol (FHRP).

How It Works

  • One router becomes Active → forwards traffic
  • One router becomes Standby → backup
  • Both share a Virtual IP
  • Hosts use the virtual IP as default gateway

Key Parameters

  • Default Hello Timer: 3 sec
  • Default Hold Timer: 10 sec
  • Election based on priority + highest IP

HSRP Version 1 vs Version 2

FeatureHSRP v1HSRP v2
Group Range0–2550–4095
Multicast Address224.0.0.2224.0.0.102
IPv6 SupportNoYes
MAC Address0000.0c07.acXX0000.0c9f.fXXX
ScalabilityLimitedHigh

Recommendation

Always use HSRP v2 in modern networks.

HSRP Preempt Explained

By default, if Active router fails and recovers, it does not reclaim Active role.

Preempt Solves This

  • Allows higher priority router to regain Active role
  • Ensures traffic flows as per design

Basic Configuration

standby 10 priority 110
standby 10 preempt

Where Should Preempt Be Configured

Best Practice

  • Configure preempt only on Primary Router

Why

  • Prevents unnecessary flapping
  • Ensures stable failover
  • Maintains deterministic behavior

Optional Delay

standby 10 preempt delay minimum 60

This allows routing protocols to converge before taking over.

HSRP Preempt with Tracking (Real-World Scenario)

Why Tracking is Needed

HSRP only checks router status, not network reachability.

Problem

  • R1 (Primary) has ISP uplink
  • Uplink fails → R1 still Active
  • Traffic gets blackholed

Solution: Preempt + Tracking

Topology

  • R1 → Primary (priority 110) → ISP uplink
  • R2 → Secondary (priority 100)

Configuration

R1 (Primary Router)

interface Vlan10
 ip address 10.1.10.2 255.255.255.0
 standby version 2
 standby 10 ip 10.1.10.1
 standby 10 priority 110
 standby 10 preempt
 standby 10 preempt delay minimum 60
 standby 10 track GigabitEthernet0/0 20

R2 (Secondary Router)

interface Vlan10
 ip address 10.1.10.3 255.255.255.0
 standby version 2
 standby 10 ip 10.1.10.1
 standby 10 priority 100

How It Works

Normal Condition

  • R1 priority = 110 → Active
  • R2 priority = 100 → Standby

Failure (R1 uplink down)

  • Tracking reduces R1 priority → 90
  • R2 becomes Active
  • Traffic continues normally

Recovery

  • R1 priority restored → 110
  • Preempt enabled → R1 becomes Active again

Why Preempt is Critical Here

Without preempt:

  • R1 returns but stays Standby
  • Traffic follows suboptimal path

With preempt:

  • Network returns to optimal design state

Advanced Tracking Using IP SLA (Recommended)

Instead of interface tracking, use real reachability:

ip sla 1
 icmp-echo 8.8.8.8 source-interface GigabitEthernet0/0
 frequency 5
ip sla schedule 1 life forever start-time now

track 1 ip sla 1 reachability

Apply:

standby 10 track 1 decrement 20

HSRP vs VRRP

FeatureHSRPVRRP
TypeCisco ProprietaryOpen Standard
Active RouterActiveMaster
Backup RouterStandbyBackup
PreemptDisabled by defaultEnabled by default
Multicast224.0.0.2/102224.0.0.18
Vendor SupportCisco onlyMulti-vendor

When to Use HSRP vs VRRP

Use HSRP

  • Cisco environments
  • ACI / Data Center
  • Advanced tracking required

Use VRRP

  • Multi-vendor networks
  • Simpler deployment

Interview Questions

Q1: Why use tracking in HSRP?
To detect upstream failures and trigger failover.

Q2: Why combine tracking with preempt?
Tracking handles failover, preempt ensures recovery to primary router.

Q3: Where should preempt be configured?
On the higher priority router only.

Design Best Practices

  • Use HSRP v2 always
  • Configure preempt only on primary
  • Combine preempt + tracking
  • Use IP SLA for accurate failover
  • Avoid equal priorities
  • Use preempt delay

Key Takeaways

  • HSRP prevents gateway failure
  • Preempt ensures correct Active router
  • Tracking prevents traffic blackhole
  • IP SLA improves decision accuracy
  • VRRP is better for multi-vendor setups

Conclusion

HSRP remains a cornerstone for high availability in enterprise networks. However, combining preempt with tracking is what makes the design truly resilient and production-ready.

In modern networks, always ensure:

  • Correct use of HSRP v2
  • Intelligent failover using tracking
  • Proper role restoration using preempt

This guarantees both high availability and optimal traffic flow.

Posted by at 4 comments:
Labels: , , , , , , , ,
Subscribe to: Posts (Atom)