Hot Standby Router Protocol

1 Introduction

1.1 What is HSRP?

HSRP is a Cisco proprietary redundancy protocol created in 1994 that allows an administrator to group gateway routers into something called a "standby group". Such a group will have one active gateway that will be forwarding traffic with a destination outside of the local network, and a number of gateways that will be in a standby state, ready to take over in case the current active gateway fails.

1.2 Features

  • Redundancy - it was built for this and it accomplishes this goal in a little over 10 seconds without any tweaking. It can be tweaked to converge in milliseconds on newer equipment
  • Interface tracking - it can track whether an interface goes down and switch to the other gateway if necessary
  • Provides some form of path control through prioritizing one gateway over another

2 Pieces of HSRP

2.1 HSRP Messages

  • Hello Message - the keepalive mechanism used by HSRP. Similar to all other Hello messages
  • Coup Message - a multicast message sent by the active router to all routers in the HSRP group to let them know that it has become the primary gateway
  • Resign Message - this happens after the active router comes back up from a failure. The secondary router will send this message to announce the others that it is no longer the active router because the primary router is back up

2.2 The Active HSRP Router

For every standby group, an election takes place and the active router is chosen. Its role is to do the routing and forwarding duties for the group. The active router is the one that takes the identity of the HSRP group and responds to the virtual IP and virtual MAC addresses.

2.3 The Standby HSRP Router

The standby routers do not do anything, but they are ready to take over the routing/forwarding duties for the virtual IP and virtual MAC addresses in case the active router fails.

2.4 The Virtual IP and MAC Addresses

The virtual IP address is configured by the administrator and it is the IP address that identifies the group. A host machine will have its default gateway set as this IP address and the active router will be the one to respond to it.
The virtual MAC address is built according to a template:


0000.0C is the OUI for Cisco, 07.AC is the ID assigned for HSRP and ## is the HSRP standby group ID configured by the administrator.

The MAC address is necessary because of ARP. If the MAC address weren't shared between the routers, waiting for the ARP cache to time out would be necessary. They all know these two addresses, but only the active router will respond to them.

3 Active/Standby Election and Preemption

3.1 Priority

The election depends on a priority that is configurable by the administrator. The default priority is 100.

The router with the higher priority is elected as the active router. In case the priority is equal, then the higher IP address breaks the tie.

3.2 Preemption

By default, preemption is disabled, which means that in case the active router fails and comes back up, it will not become the active router again until the one who took the role fails.

With preemption, if a router with higher priority comes online, it will immediately become the active router and the router that was active will become a standby. Preemption does not happen with IP addresses, only with priority.

4 Configuration

