3.5 Describe the purpose of first hop redundancy protocol

3.5 Describe the purpose of first hop redundancy protocol

The First Hop Redundancy Protocol, or FHRP, allows us to use redundant links to keep a network functional in the event of a failure. 

If our network was connected to a WAN or internet via a single router, and the router failed, we would lose all connectivity.  This is known as a single point of failure.  A good design – a redundant design – avoids single points of failure.

What happens when two routers are connected to the same LAN subnet?  We have a redundant connection, but external routers will have two routes to the subnet and can’t decide which one to use.

In this diagram, our router on the left side is connected to the internet via a WAN link, which is a single point of failure.  On the right side, our enterprise routers each have a connection to the internet, but they also have a connection between themselves, thus there is no single point of failure.  Each enterprise router also has a redundant connection to the switches on the far right.

The problem with a redundant network is that it is expensive.  The cost of purchasing and configurating additional routers or WAN connections may be more than the cost of downtime resulting from the failure of the existing equipment.

In our network, we have two redundant routers.  How do hosts know which router to use?  They have three choices

• Everybody can use Router 1 as their default router and configure their gateway for 10.0.0.1.  If Router 1 fails, everybody can manually switch to Router 2 and configure their gateway for 10.0.0.2.
• Everybody can use Router 2 as their default router and configure their gateway for 10.0.0.2.  If Router 2 fails, everybody can manually switch to Router 1 and configure their gateway for 10.0.0.1.
• Half the hosts use Router 1 as their default router and half use Router 2.  If Router 1 fails, the hosts that used Router 1 change to Router 2.  If Router 2 fails, the hosts that used Router 2 change to Router 1.

None of these options are good because they are not “seamless”.  We must wait until the router stops working and then manually change our settings.  With FHRP, we create a virtual default router that everybody connects to.  The two physical routers pretend like they’re part of the same virtual router.  If one router fails, the other router takes over.

FHRP is a framework, but the underlying protocol can depend on the network.  There are three main protocols

• HSRP or Hot Standby Router.  This was the original Cisco protocol.
• GLBP or Gateway Load Balancing Protocol.  This is a newer Cisco Protocol.
• VRRP or Virtual Router Redundancy Protocol.  This is an open source protocol.

In HSRP, one router is active, and the remaining routers are standby.  The active router assumes a virtual IP address and a virtual MAC address, which we create through the HSRP configuration.  The virtual IP address must be in the same subnet as the router’s local interface.

The hosts on our local network use the virtual IP address as their default gateway.  The standby routers are aware of the virtual IP address and MAC address.  The routers use HSRP messages to communicate with each other and to decide which router is the active one and which router is on standby.

When a router fails, the other router takes over and assumes the virtual IP and MAC address.  IP address configuration and ARP entries on the hosts do not change. 

But remember that a switch forwards packets based on the MAC address of each connected device. Since a new router is assuming the virtual MAC address, the switch port pointing to the active router will have changed.  The new router sends a frame to the switch that its connected to using the virtual MAC address that it just assumed.  Now the switch updates the MAC address table to reflect the port connected to the newly active router.

When we have a network with multiple VLANs, we can keep both routers active, but use one router for some VLANs and the other router for the other VLANs.  We can configure FHRP on a set of Layer 3 switches as well as on a router.

For the purposes of the CCNA, we do not need to learn how to configure FHRP.  FHRP can function with a combination of interfaces on the same router or interfaces across multiple routers.  On any interface that is a member of a FHRP group, we would configure the following commands.  We must first choose a group number for our FHRP protocol. 

• standby <group number> priority <priority> – this command sets the priority for the interface.  The router will use the interface with the highest priority
  
  
• standby <group number> pre-empt – this tells the router that this interface must be used as the primary router when it is available.  If I have a primary router and a standby router, and the primary router fails, the standby router will take over.
  
  When pre-empt is set, as soon as the primary router is available, it becomes the primary router again.  This can be bad in a large network because routes might take time to converge.  If the primary router takes over immediately, it will cause some downtime. 
  
  To avoid this, we create a delay by typing standby <group number> pre-empt delay minimum <time in seconds> reload < time in seconds>.  This gives the new primary router time to build its routing table before it takes over.
  
  The minimum time is the amount of time the router waits before taking over.  The reload time is the amount of time the router waits before taking over if the router had been reloaded.  The reload timer starts when the first interface is up.
  
  
• standby <group number> ip <IP address> secondary – this allows us to configure the virtual IP address that the group will use