HSRP 1
#HSRP solves one of many design issues by avoiding a single point of failure in a network by having two or more routers share the role of default gateway in a subnet. This lab takes a look at a basic HSRP config, for the usual reason: to get some reps in for practicing basic CCNA configs.
Requirements
Configure HSRP on R1 and R2 for a typical case of HSRP, providing a redundant default gateway for PC1 in the figure. The lab begins with all interfaces shown in Figure 1 working, and with IPv4 addresses configured. You can use the design in Figure 1 or Figure 2; on the LAN, just make sure both routers and both hosts are in the same VLAN and can ping each other. For this lab, you will focus on the router configurations, not the switch configurations.
Your job is to add the HSRP configuration per the following rules:
- Use the lowest available IP address in the shared subnet for the HSRP virtual IP address
- Use the HSRP group number 10
- Make R2 act as HSRP active under normal conditions
- Use only the required commands
Figure 1: HSRP Design, One LAN Switch
Figure 2: HSRP Design, Two LAN Switches
Initial Configuration
Example 1 and 2 show the beginning configuration state of R1 and R2.
Example 1: R1 Config
|
1 2 3 4 5 6 7 |
interface GigabitEthernet0/1 no shutdown ip address 192.168.100.253 255.255.255.0 ! interface GigabitEthernet0/2 no shutdown ip address 10.10.10.254 255.255.255.252 |
Example 2: R2 Config
|
1 2 3 4 5 6 7 |
interface GigabitEthernet0/1 no shutdown ip address 192.168.100.254 255.255.255.0 ! interface GigabitEthernet0/2 no shutdown ip address 10.10.10.253 255.255.255.252 |
Additionally, note that the switches need to create a working VLAN so that both routers’ G0/1 interfaces and both PCs can communicate over that VLAN. If you built the lab like Figure 1, with a single switch, the switch could have all default configuration, with all devices in VLAN 1. With two switches, if you use VLAN 1, you should be fine with default configuration regardless. Examples 3 and 4 provide some initial configuration in case you need to use another VLAN (VLAN 2) instead of VLAN 1, and you need to ensure that VLAN trunking is used.
Example 3: SW1 Config
|
1 2 3 4 5 6 7 8 9 10 11 12 13 |
hostname SW1 ! interface FastEthernet 0/1 no shutdown switchport access vlan 2 ! interface FastEthernet 0/2 no shutdown switchport access vlan 2 ! interface GigabitEthernet 0/1 no shutdown switchport mode trunk |
Example 4: SW2 Config
|
1 2 3 4 5 6 7 8 9 10 11 12 13 |
hostname SW2 ! interface FastEthernet 0/1 no shutdown switchport access vlan 2 ! interface FastEthernet 0/2 no shutdown switchport access vlan 2 ! interface GigabitEthernet 0/1 no shutdown switchport mode trunk |
Answer on Paper, or Maybe Test in Lab
Next, write your answer on paper. Or if you have some real gear or other tools, configure the lab using them.
Verifying HSRP can be done with a command and a little testing. To verify, use the show standby brief command on both routers. One router should be in a state of “Active”, the other as “Standby”. Both should list the same virtual IP address.
For testing, if you have a host, change its default gateway to the HSRP IP address. Then start a long-running ping command on your host for one of the IP addresses on the link between the two routers that sits in another subnet (10.10.10.1 or 10.10.10.2). This ping should work no matter which router acts as HSRP active. Start the ping, go to the router that is currently active, and shutdown the G0/1 interface. HSRP should failover to the other router, your ping command should have a brief interruption, and then the ping should start working again.
To create a long-running ping, on Windows, add a –t to the end of the ping command. On OSX and Linux, the ping command needs no extra parameters – it should run until you stop it (Ctrl-c).
Do this Lab with Cisco’s CML (Formerly VIRL)
You can do these labs on paper and still get a lot out of the lab. As an extra help, we have added files for Cisco Modeling Lab – Personal (CML-P). CML-P replaces Cisco Virtual Internet Routing Lab (VIRL) software, in effect serving as VIRL Version 2.
Below, find two files: a file useful with CML-P and another useful with VIRL. (Note that the CML-P file has a .yaml filetype, while the older VIRL file has a VIRL filetype.) Once the file is loaded, CML-P or VIRL will create a lab topology similar to this lab’s topology, with the initial configuration shown in the lab as well.
Note that while many Cisco switches no longer support ISL as a trunking protocol, the layer 2 switch image in CML/VIRL does, so it needs to be configured to know whether to use ISL or 802.1Q. The lab exercise does not mention this fact. So, FYI, the .YAML/.VIRL file includes this command (already configured) so trunking will work:
|
1 |
switchport trunk encapsulation dot1q |
Network Device Info
This table lists the interfaces changed in this lab to work well in CML/VIRL.
| Device | Lab Port | CML/VIRL Port |
| SW1 | F0/2 | G0/2 |
| SW1 | F0/1 | G0/3 |
| SW2 | F0/2 | G0/2 |
| SW2 | F0/1 | G0/3 |
Host device info:
This table lists host information pre-configured in CML/VIRL, information that might not be required by the lab but may be useful to you.
| Device | IP Address | Mac Address | User/password |
| PC1 | 192.168.100.101/24 | 02:00:11:11:11:11 | cisco/cisco |
| PC2 | 192.168.100.102/24 | 02:00:22:22:22:22 | cisco/cisco |
Handy Host Commands:
To see PC IP address: ifconfig eth1
Ping example: ping -c 4 10.1.1.1
Trace example: tracepath 10.1.1.1
To connect to another node within the topology: telnet 10.1.1.1
Hi Wendell
I tried this lab in CML and had some issues.
After a little searching I found the problem…
the netmask of interface Gi0/1 on R2 isn’t correctly configured in the CML file:
192.168.100.254 255.255.255.252 instead of 192.168.100.254 255.255.255.0
Markus
Hey Markus,
I agree! I’ve moved the task to effect the fix into Trello; should be fixed in a few days. Thanks much for letting us know!
Wendell
Hi Wendel,
These labs are from 2015. Im studying for the 200-301 verison of the CCNA. In Chapter 12 there is no mention of you configuring HSRP, just concepts.
Do we need to learn how to configure HSRP for the 200-301 exam? If so i can create these labs in packet tracer.
Please let me know.
Thank you,
Hi Denis,
When thinking about the scope of the current CCNA exam, trust the book, not the sum total of the blog content. As you noticed, some blog content pre-dates the release of current exams. That content was built based on older editions of the exams. Some of those posts can be useful, so I leave the useful content here for a while. But no, the exam topic that implies HSRP, about FHRPs, does not mention config/verify.
Wendell
Can I ask a question about qos? There’s no mention of it in the last section.
Sure, Chris, go for it. (PS – last section of what?)
I meant the qos section. In book 2, Ch.11, Q.3 asks about diffserv but I can’t find where the 3 answers are given in the chapter.
Chris,
Got it. Sorry about my confusion.
Anyway, I think I had answered you here already in an earlier comment on May 16th. Here’s the paragraph about where to find more info about those answers:
Look at the material just before Figure 11-4, and following for about 3 pages for the related content. EG, under heading “Classification on Routers with ACLs and NBAR” discusses a couple of the answers. Admittedly, the discussion of matching (aka classifying) based on DSCP is brief, just before Figure 11-4, and maybe alluded to in later examples. That might be an expert blindspot that you revealed, where I assumed it was obvious (but it wouldn’t necessarily be for someone new to the topic.) Feel free to let me know if that’s what you found confusing.
Indeed, feel free to follow up, but that’s where the chapter covers those answers.
Thanks Wendell. That’s what I found confusing and because it specifically mentioned Diffserv.
Chris,
Hope that at least cleared it up a bit. Thanks for the input on that confusing sequence. I’ve noted it as something to improve.
On connecting the terminology dots, in DSCP, “Differentiated Services Code Point”, the first two words are the two words that compress to DiffServ. I probably didn’t overtly connect those ideas in the text.