I’m now revisiting the IOS Services as part of my CCIE study, so yesterday I discovered HSRP version 2. The default version is 1, and without the standby version 2 command, we can’t really see the new parameters using the “?”.
So, we have some exciting new features, as stated here:
- In HSRP version 1, millisecond timer values are not advertised or learned. HSRP version 2 advertises and learns millisecond timer values. This change ensures stability of the HSRP groups in all cases. – This means, we can archive sub sec. convergence:
003056: .Feb 13 09:58:24.623: HSRP: Fa0/0.146 Grp 1024 Hello out 188.8.131.52 Standby pri 110 vIP 184.108.40.206
003057: .Feb 13 09:58:24.815: HSRP: Fa0/0.146 Grp 1024 Hello in 220.127.116.11 Active pri 200 vIP 18.104.22.168
003058: .Feb 13 09:58:25.427: HSRP: Fa0/0.146 Grp 1024 Hello out 22.214.171.124 Standby pri 110 vIP 126.96.36.199
003059: .Feb 13 09:58:25.607: HSRP: Fa0/0.146 Grp 1024 Hello in 188.8.131.52 Active pri 200 vIP 184.108.40.206
- In HSRP version 1, group numbers are restricted to the range from 0 to 255. HSRP version 2 expands the group number range from 0 to 4095. – I always wanted to map the VLAN IDs to the standby group IDs. Well, here we go.
- HSRP version 2 provides improved management and troubleshooting. With HSRP version 1, you cannot use HSRP active hello messages to identify which physical router sent the message because the source MAC address is the HSRP virtual MAC address. The HSRP version 2 packet format includes a 6-byte identifier field that is used to uniquely identify the sender of the message. Typically, this field is populated with the interface MAC address.
- The multicast address 220.127.116.11 is used to send HSRP hello messages. This address can conflict with Cisco Group Management Protocol (CGMP) leave processing.
- There is also a cool feature regarding Router-on-the-stick implementations. With the HSRP follow feature we can configure groups to follow a master group. This sound great if you have a lot of sub interfaces on the upstream routers, operated in HA environment.
- An example configuration:
no ip address
encapsulation dot1Q 67
ip address 18.104.22.168 255.255.255.0
ntp multicast 22.214.171.124
standby version 2
standby 2048 ip 126.96.36.199
standby 2048 follow TEST
standby 2048 preempt
encapsulation dot1Q 146
ip address 188.8.131.52 255.255.255.0
standby version 2
standby 1024 ip 184.108.40.206
standby 1024 timers msec 800 3
standby 1024 priority 110
standby 1024 preempt
standby 1024 authentication md5 key-string CISCO123
standby 1024 name TEST
Rack1R6#sh standby fastEthernet 0/0.67 all
FastEthernet0/0.67 – Group 2048 (version 2)
State is Active (following "TEST")
4 state changes, last state change 00:13:02
Virtual IP address is 220.127.116.11
Active virtual MAC address is unknown
Local virtual MAC address is 0000.0c9f.f800 (v2 default)
MAC refresh 10 secs (next refresh 3.104 secs)
Active router is local
Standby router is unknown
Priority 100 (default 100)
Group name is "hsrp-Fa0/0.67-2048" (default)
Rack1R6#sh standby brief
P indicates configured to preempt.
Interface Grp Pri P State Active Standby Virtual IP
Fa0/0.146 1024 110 P Active local 18.104.22.168 22.214.171.124