HSRP is a first-hop redundancy protocol (FHRP) that allows a transparent failover of the first-hop IP router. HSRP provides
first-hop routing redundancy for IP hosts on Ethernet networks configured with a default router IP address. You use HSRP in
a group of routers for selecting an active router and a standby router. In a group of routers, the active router is the router
that routes packets, and the standby router is the router that takes over when the active router fails or when preset conditions
Many host implementations do not support any dynamic router discovery mechanisms but can be configured with a default router.
Running a dynamic router discovery mechanism on every host is not practical for many reasons, including administrative overhead,
processing overhead, and security issues. HSRP provides failover services to such hosts.
When you use HSRP, you configure the HSRP virtual IP address as the default router of the host (instead of the IP address
of the actual router). The virtual IP address is an IPv4 or IPv6 address that is shared among a group of routers that run
When you configure HSRP on a network segment, you provide a virtual MAC address and a virtual IP address for the HSRP group.
You configure the same virtual address on each HSRP-enabled interface in the group. You also configure a unique IP address
and MAC address on each interface that acts as the real address. HSRP selects one of these interfaces to be the active router.
The active router receives and routes packets destined for the virtual MAC address of the group.
HSRP detects when the designated active router fails. At that point, a selected standby router assumes control of the virtual
MAC and IP addresses of the HSRP group. HSRP also selects a new standby router at that time.
HSRP uses a priority designator to determine which HSRP-configured interface becomes the default active router. To configure
an interface as the active router, you assign it with a priority that is higher than the priority of all the other HSRP-configured
interfaces in the group. The default priority is 100, so if you configure just one interface with a higher priority, that
interface becomes the default active router.
Interfaces that run HSRP send and receive multicast User Datagram Protocol (UDP)-based hello messages to detect a failure
and to designate active and standby routers. When the active router fails to send a hello message within a configurable period
of time, the standby router with the highest priority becomes the active router. The transition of packet forwarding functions
between the active and standby router is completely transparent to all hosts on the network.
You can configure multiple HSRP groups on an interface. The virtual router does not physically exist but represents the common
default router for interfaces that are configured to provide backup to each other. You do not need to configure the hosts
on the LAN with the IP address of the active router. Instead, you configure them with the IP address of the virtual router
(virtual IP address) as their default router. If the active router fails to send a hello message within the configurable period
of time, the standby router takes over, responds to the virtual addresses, and becomes the active router, assuming the active
router duties. From the host perspective, the virtual router remains the same.
Packets received on a routed port destined for the HSRP virtual IP address terminate on the local router, regardless of whether
that router is the active HSRP router or the standby HSRP router. This process includes ping and Telnet traffic. Packets received
on a Layer 2 (VLAN) interface destined for the HSRP virtual IP address terminate on the active router.