First Hop Redundancy Protocols Configuration Guide, Cisco IOS XE Release 3S
FHRP - HSRP Group Shutdown
Downloads: This chapterpdf (PDF - 1.22MB) The complete bookPDF (PDF - 1.06MB) | The complete bookePub (ePub - 0.97MB) | Feedback

FHRP - HSRP Group Shutdown

FHRP - HSRP Group Shutdown

Finding Feature Information

Your software release may not support all the features documented in this module. For the latest caveats and feature information, see Bug Search Tool and the release notes for your platform and software release. To find information about the features documented in this module, and to see a list of the releases in which each feature is supported, see the feature information table at the end of this module.

Use Cisco Feature Navigator to find information about platform support and Cisco software image support. To access Cisco Feature Navigator, go to www.cisco.com/​go/​cfn. An account on Cisco.com is not required.

Information About FHRP - HSRP Group Shutdown

How Object Tracking Affects the Priority of an HSRP Device

The priority of a device can change dynamically if it has been configured for object tracking and the object that is being tracked goes down. The tracking process periodically polls the tracked objects and notes any change of value. The changes in the tracked object are communicated to HSRP, either immediately or after a specified delay. The object values are reported as either up or down. Examples of objects that can be tracked are the line protocol state of an interface or the reachability of an IP route. If the specified object goes down, the HSRP priority is reduced. The HSRP device with the higher priority can become the active device if it has the standby preempt command configured.

HSRP Object Tracking

Object tracking separates the tracking mechanism from HSRP and creates a separate standalone tracking process that can be used by any other process as well as HSRP. The priority of a device can change dynamically when it has been configured for object tracking and the object that is being tracked goes down. Examples of objects that can be tracked are the line protocol state of an interface or the reachability of an IP route. If the specified object goes down, the HSRP priority is reduced.

A client process such as HSRP, Virtual Router Redundancy Protocol (VRRP), or Gateway Load Balancing Protocol (GLBP) can register its interest in tracking objects and then be notified when the tracked object changes state.

For more information about object tracking, see the "Configuring Enhanced Object Tracking" document.

HSRP Group Shutdown

The FHRP—HSRP Group Shutdown feature enables you to configure an HSRP group to become disabled (its state changed to Init) instead of having its priority decremented when a tracked object goes down. Use the standby track command with the shutdown keyword to configure HSRP group shutdown.

If an object is already being tracked by an HSRP group, you cannot change the configuration to use the HSRP Group Shutdown feature. You must first remove the tracking configuration using the no standby track command and then reconfigure it using the standby track command with the shutdown keyword.

How to Configure FHRP - HSRP Group Shutdown

Configuring HSRP Object Tracking

Perform this task to configure HSRP to track an object and change the HSRP priority based on the state of the object.

Each tracked object is identified by a unique number that is specified on the tracking CLI. Client processes use this number to track a specific object.

SUMMARY STEPS

    1.    enable

    2.    configure terminal

    3.    track object-number interface type number {line-protocol | ip routing}

    4.    exit

    5.    interface type number

    6.    standby [group-number] track object-number [decrement priority-decrement] [shutdown]

    7.    standby [group-number] ip [ip-address [secondary]]

    8.    end

    9.    show track [object-number | brief] [interface [brief] | ip route [brief] | resolution | timers]


DETAILED STEPS
      Command or Action Purpose
    Step 1 enable


    Example:
    Device> enable
     

    Enables privileged EXEC mode.

    • Enter your password if prompted.
     
    Step 2 configure terminal


    Example:
    Device# configure terminal
     

    Enters global configuration mode.

     
    Step 3 track object-number interface type number {line-protocol | ip routing}


    Example:
    Device(config)# track 100 interface GigabitEthernet 0/0/0 line-protocol
     

    Configures an interface to be tracked and enters tracking configuration mode.

     
    Step 4 exit


    Example:
    Device(config-track)# exit
     

    Returns to global configuration mode.

     
    Step 5 interface type number


    Example:
    Device(config)# interface GigabitEthernet 0/0/0
     

    Configures an interface type and enters interface configuration mode.

     
    Step 6 standby [group-number] track object-number [decrement priority-decrement] [shutdown]


    Example:
    Device(config-if)# standby 1 track 100 decrement 20
     

    Configures HSRP to track an object and change the Hot Standby priority on the basis of the state of the object.

    • By default, the priority of the device is decreased by 10 if a tracked object goes down. Use the decrement priority-decrement keyword and argument combination to change the default behavior.
    • When multiple tracked objects are down and priority-decrement values have been configured, these configured priority decrements are cumulative. If tracked objects are down, but none of them were configured with priority decrements, the default decrement is 10 and it is cumulative.
    • Use the shutdown keyword to disable the HRSP group on the device when the tracked object goes down.
    Note   

    If an object is already being tracked by an HSRP group, you cannot change the configuration to use the HSRP Group Shutdown feature. You must first remove the tracking configuration using the no standby track command and then reconfigure it using the standby track command with the shutdown keyword.

     
    Step 7 standby [group-number] ip [ip-address [secondary]]


    Example:
    Device(config-if)# standby 1 ip 10.10.10.0
     
    Activates HSRP.
    • The default group number is 0. The group number range is from 0 to 255 for HSRP version 1 and from 0 to 4095 for HSRP version 2.
     
    Step 8 end


    Example:
    Device(config-if)# end
     

    Returns to privileged EXEC mode.

     
    Step 9 show track [object-number | brief] [interface [brief] | ip route [brief] | resolution | timers]


    Example:
    Device# show track 100 interface
     

    Displays tracking information.

     

    Configuring HSRP MD5 Authentication Using a Key String


    Note


    Text authentication cannot be combined with MD5 authentication for an HSRP group at any one time. When MD5 authentication is configured, the text authentication field in HSRP hello messages is set to all zeroes on transmit and ignored on receipt, provided the receiving device also has MD5 authentication enabled.



    Note


    If you are changing a key string in a group of devices, change the active device last to prevent any HSRP state change. The active device should have its key string changed no later than one hold-time period, specified by the standy timers interface configuration command, after the nonactive devices. This procedure ensures that the nonactive devices do not time out the active device.


    SUMMARY STEPS

      1.    enable

      2.    configure terminal

      3.    terminal interface type number

      4.    ip address ip-address mask [secondary]

      5.    standby [group-number] priority priority

      6.    standby [group-number] preempt [delay {minimum | reload | sync} seconds]

      7.    standby [group-number] authentication md5 key-string [0 | 7] key [timeout seconds]

      8.    standby [group-number] ip [ip-address] [secondary]]

      9.    Repeat Steps 1 through 8 on each device that will communicate.

      10.    end

      11.    show standby


    DETAILED STEPS
        Command or Action Purpose
      Step 1 enable


      Example:
      Device> enable
       

      Enables privileged EXEC mode.

      • Enter your password if prompted.
       
      Step 2 configure terminal


      Example:
      Device# configure terminal
       

      Enters global configuration mode.

       
      Step 3 terminal interface type number


      Example:
      Device(config)# interface GigabitEthernet 0/0/0
       

      Configures an interface type and enters interface configuration mode.

       
      Step 4 ip address ip-address mask [secondary]


      Example:
      Device(config-if)# ip address 10.0.0.1 255.255.255.0
       

      Specifies a primary or secondary IP address for an interface.

       
      Step 5 standby [group-number] priority priority


      Example:
      Device(config-if)# standby 1 priority 110
       

      Configures HSRP priority.

       
      Step 6 standby [group-number] preempt [delay {minimum | reload | sync} seconds]


      Example:
      Device(config-if)# standby 1 preempt 
       

      Configures HSRP preemption.

       
      Step 7 standby [group-number] authentication md5 key-string [0 | 7] key [timeout seconds]


      Example:
      Device(config-if)# standby 1 authentication md5 key-string d00b4r987654321a timeout 30
       

      Configures an authentication string for HSRP MD5 authentication.

      • The key argument can be up to 64 characters in length. We recommended that at least 16 characters be used.
      • No prefix to the key argument or specifying 0 means the key will be unencrypted.
      • Specifying 7 means the key will be encrypted. The key-string authentication key will automatically be encrypted if the service password-encryption global configuration command is enabled.
      • The timeout value is the period of time that the old key string will be accepted to allow configuration of all routers in a group with a new key.
       
      Step 8 standby [group-number] ip [ip-address] [secondary]]


      Example:
      Device(config-if)# standby 1 ip 10.0.0.3
       

      Activates HSRP.

       
      Step 9 Repeat Steps 1 through 8 on each device that will communicate.  

       
      Step 10 end


      Example:
      Device(config-if)# end 
       

      Returns to privileged EXEC mode.

       
      Step 11 show standby


      Example:
      Device# show standby
       

      (Optional) Displays HSRP information.

      • Use this command to verify your configuration. The key string or key chain will be displayed if configured.
       

      Configuration Examples for FHRP - HSRP Group Shutdown

      Example: Configuring HSRP Object Tracking

      In the following example, the tracking process is configured to track the IP-routing capability of serial interface 1/0. HSRP on Gigabit Ethernet interface 0/0/0 then registers with the tracking process to be informed of any changes to the IP-routing state of serial interface 1/0. If the IP state on serial interface 1/0 goes down, the priority of the HSRP group is reduced by 10.

      If both serial interfaces are operational, Device A will be the HSRP active device because it has the higher priority. However, if IP routing on serial interface 1/0 in Device A fails, the HSRP group priority will be reduced and Device B will take over as the active device, thus maintaining a default virtual gateway service to hosts on the 10.1.0.0 subnet.

      Device A Configuration

      Device(config)# track 100 interface serial 1/0/0 ip routing
      !
      Device(config)# interface GigabitEthernet 0/0/0
      Device(config-if)# ip address 10.1.0.21 255.255.0.0
      Device(config-if)# standby 1 preempt
      Device(config-if)# standby 1 priority 110
      Device(config-if)# standby 1 track 100 decrement 10
      Device(config-if)# standby 1 ip 10.1.0.1
      

      Device B Configuration

      Device(config)# track 100 interface serial 1/0/0 ip routing
      !
      Device(config)# interface GigabitEthernet 0/0/0
      Device(config-if)# ip address 10.1.0.22 255.255.0.0
      Device(config-if)# standby 1 preempt
      Device(config-if)# standby 1 priority 105
      Device(config-if)# standby 1 track 100 decrement 10
      Device(config-if)# standby 1 ip 10.1.0.1
      

      Example: Configuring HSRP Group Shutdown

      In the following example, the tracking process is configured to track the IP-routing capability of Gigabit Ethernet interface 0/0/0. HSRP on Gigabit Ethernet interface 0/0/1 then registers with the tracking process to be informed of any changes to the IP-routing state of Gigabit Ethernet interface 0/0/0. If the IP state on Gigabit Ethernet interface 0/0/0 goes down, the HSRP group is disabled.

      If both Gigabit Ethernet interfaces are operational, Device A will be the HSRP active device because it has the higher priority. However, if IP routing on Gigabit Ethernet interface 0/0/0 in Device A fails, the HSRP group will be disabled and Device B will take over as the active device, thus maintaining a default virtual gateway service to hosts on the 10.1.0.0 subnet.

      Device A Configuration

      Device(config)# track 100 interface GigabitEthernet 0/0/0 ip routing 
      !
      Device(config)# interface GigabitEthernet 0/0/1
      Device(config-if)# ip address 10.1.0.21 255.255.0.0
      Device(config-if)# standby 1 ip 10.1.0.1
      Device(config-if)# standby 1 preempt
      Device(config-if)# standby 1 priority 110
      Device(config-if)# standby 1 track 100 shutdown
      

      Device B Configuration

      Device(config)# track 100 interface GigabitEthernet 0/0/0 ip routing 
      !
      Device(config)# interface GigabitEthernet 0/0/1
      Device(config-if)# ip address 10.1.0.22 255.255.0.0
      Device(config-if)# standby 1 ip 10.1.0.1
      Device(config-if)# standby 1 preempt
      Device(config-if)# standby 1 priority 105
      Device(config-if)# standby 1 track 100 shutdown
      

      If an object is already being tracked by an HSRP group, you cannot change the configuration to use the HSRP Group Shutdown feature. You must first remove the tracking configuration using the no standby track command and then reconfigure it using the standby track command with the shutdown keyword.

      The following example shows how to change the configuration of a tracked object to include the HSRP Group Shutdown feature:

      Device(config)# no standby 1 track 100 decrement 10
      Device(config)# standby 1 track 100 shutdown
      

      Additional References

      Related Documents

      Related Topic

      Document Title

      Cisco IOS commands

      Cisco IOS Master Commands List, All Releases

      HSRP commands: complete command syntax, command mode, command history, defaults, usage guidelines, and examples

      Cisco IOS First Hop redundancy Protocols Command Reference

      HSRP for IPv6

      “HSRP for IPv6” module

      Troubleshooting HSRP

      Hot Standby Router Protocol: Frequently Asked Questions

      Standards

      Standards

      Title

      No new or modified standards are supported by this feature, and support for existing standards has not been modified by this feature.

      --

      MIBs

      MIBs

      MIBs Link

      CISCO-HSRP-MIB CISCO-HSRP-EXT-MIB

      To locate and download MIBs for selected platforms, Cisco software releases, and feature sets, use Cisco MIB Locator found at the following URL:

      http:/​/​www.cisco.com/​go/​mibs

      RFCs

      RFCs

      Title

      RFC 792

      Internet Control Message Protocol

      RFC 1828

      IP Authentication Using Keyed MD5

      RFC 2281

      Cisco Hot Standby Router Protocol

      Technical Assistance

      Description

      Link

      The Cisco Support and Documentation website provides online resources to download documentation, software, and tools. Use these resources to install and configure the software and to troubleshoot and resolve technical issues with Cisco products and technologies. Access to most tools on the Cisco Support and Documentation website requires a Cisco.com user ID and password.

      http:/​/​www.cisco.com/​cisco/​web/​support/​index.html

      Feature Information for FHRP - HSRP Group Shutdown

      The following table provides release information about the feature or features described in this module. This table lists only the software release that introduced support for a given feature in a given software release train. Unless noted otherwise, subsequent releases of that software release train also support that feature.

      Use Cisco Feature Navigator to find information about platform support and Cisco software image support. To access Cisco Feature Navigator, go to www.cisco.com/​go/​cfn. An account on Cisco.com is not required.

      Table 1 Feature Information for FHRP—HSRP Group Shutdown

      Feature Name

      Releases

      Feature Information

      FHRP—HSRP Group Shutdown

      12.4(9)T

      12.2(33)SRC

      12.2(33)SXI

      12.2(50)SY

      15.0(1)S

      15.0(1)SY

      Cisco IOS XE Release 2.1

      The FHRP—HSRP Group Shutdown feature enables you to configure an HSRP group to become disabled (its state changed to Init) instead of having its priority decremented when a tracked object goes down.

      The following commands were modified by this feature:standby track, show standby.