HSRP (Hot Standby Router Protocol) enables us to cut out a single point of failure for LAN hosts by effectively having a backup default gateway. Particularly in small networks, the default gateway will normally be a single router which all the hosts rely on for routing traffic to and from remote networks such as the Public Internet. HSRP operates using an active router and at least 1 standby router, which are sometimes referred to as Active and Passive routers. A single router supports the hosts on the LAN at any one time, which is backed up by 1 or a number of standby routers which assume responsibility for routing traffic to and from the LAN when the first (Active) router fails.
The LAN interfaces on the routers have a valid IP Address configured in the normal manner, but within the router configuration, an identical virtual IP Address is configured on all routers that take part in the HSRP process. When the routers are configured with the virtual IP Address, they automatically configure a virtual MAC Address, sometimes referred to as VMAC1. The hosts on the LAN are configured with the virtual IP Address as the default gateway address.
Part of the HSRP configuration entails configuring each router with an HSRP priority (default 100), which the routers use to decide which should become the active router. The router with the highest priority number will automatically become the active router, with the standby router being configured with a lower priority. When the standby router detects that the highest priority router has failed, then it will assume the responsibility of the active router. If the active router with the higher priority later reappears then the roles of Active and Standby router will once again be reversed..
Both routers send periodic short messages to each other to negotiate who should be the Active router and who should be the Standby router by means of a configured priority, the active router being the router with the highest priority. The messages continue so that the standby router knows when it stops receiving messages that it must take over. When the active router fails, it is detected by the standby router and it then assumes the role of the active router. The VMAC1 is a virtual MAC Address which is assumed by the Active Router.
In order that the new active router receives traffic from the hosts, the switches must know which routing device to send the frames to. Up until now the switches had the original active router as VMAC1. Once another router assumes the role of the active router it must send an Ethernet frame to its connected switch with a MAC Address of VMAC1. The Ethernet frame contains an ARP Reply known as a Gratuitous ARP because it never received an ARP request. The switch then amends its MAC Address Table to reflect the new valid port for the active router.
Where multiple VLANs are in use on the LAN infrastructure, HSRP can be used to load balance traffic between a number of routers, whereby one router is the active router for 1 or a number of VLANs and a second router can be the active router for the remaining VLANs. When using two routers and one router fails then the standby router will act as the active router for all VLANs until the failed router returns. HSRP is mentioned in a number of training courses delivered by Network Systems Training (UK) Ltd.