confguring multiple hot standby router protocol groups.pdf

1 Boson NetSim Lab Manual

SWITCH Lab: Con guring Multiple Hot Standby

Router Protocol Groups

ObjectiveCon gure two Hot Standby Router Protocol (HSRP) groups, and verify the con guration.

Lab TopologyFor this lab, your network design will include four switches, ASW1, ASW2, DSW1, and DSW2. Each switch is

connected to one another by an Ethernet link. ASW1 and ASW2 are access layer switches, and DSW1 and DSW2

are distribution layer switches. Two PCs named Client1 and Client2 are connected to the access layer switches

on FastEthernet port 0/3. Even though there are only two access layer switches in the network design, think of

each client as representing a group of workstations. Since each group of workstations generates a signi cant

amount of traf c, you want to route each group through a different switch but still provide a redundant default

gateway for them in the unlikely event one of the switches fails. Upon the initial loading of the lab, all devices

will be con gured with the IP addresses, virtual LANs (VLANs), and Spanning Tree commands needed for

connectivity.

The Topology diagram below represents the NetMap in the Simulator:

ASW2

Client2

Client1

DSW2

ASW1 Router1

Router2

DSW1

Command Summary

Command Description

interface type number changes from global con guration mode to interface

con guration mode

ip default-gateway ip-address con gures a default gateway IP address to which traf c

destined to remote networks will be forwarded

ipcon g /dg ip-address used in NetSim to assign a default gateway IP address to a

workstation interface

ping ip-address sends an Internet Control Message Protocol (ICMP) echo

request to the speci ed address

Lab ID: 8.8K312A143.SWP.1


Command Description

show ip interface brief displays a brief summary of interface status and con guration

show running-con g displays the active con guration le

show standby displays HSRP information

standby [group-number] ip [ip-address] creates or enables the HSRP group with a group number and

virtual IP address

standby [group-number] priority priority sets the priority value used in choosing the active router; the

default value is 100, and the con gurable priority value range is

from 1 through 255, with 255 being the highest priority

standby [group-number] preempt enables preemption for HSRP on a device

The IP addresses and subnet masks used in this lab are shown in the table below:

IP Addresses

Device Interface IP Address Subnet Mask Default Gateway

Router1 FastEthernet 0/0

FastEthernet 0/1

172.16.253.2

172.16.253.14

255.255.255.252

255.255.255.252

-

-

Router2 FastEthernet 0/0

FastEthernet 0/1

172.16.253.18

172.16.253.6

255.255.255.252

255.255.255.252

-

-

ASW1 VLAN 1 172.16.3.10 255.255.255.0 -

ASW2 VLAN 1 172.16.3.20 255.255.255.0 -

DSW1 VLAN 1

FastEthernet 0/3

FastEthernet 0/4

FastEthernet 0/5

HSRP Group 10

HSRP Group 20

172.16.3.3

172.16.253.9

172.16.253.5

172.16.253.1

172.16.3.252

172.16.3.254

255.255.255.0

255.255.255.252

255.255.255.252

255.255.255.252

-

-

-

-

-

-

-

-

DSW2 VLAN 1

FastEthernet 0/3

FastEthernet 0/4

FastEthernet 0/5

HSRP Group 10

HSRP Group 20

172.16.3.2

172.16.253.10

172.16.253.17

172.16.253.13

172.16.3.252

172.16.3.254

255.255.255.0

255.255.255.252

255.255.255.252

255.255.255.252

-

-

-

-

-

-

-

-

Client1 - 172.16.3.30 255.255.255.0 172.16.3.3

Client2 - 172.16.3.40 255.255.255.0 172.16.3.2


Lab Tasks

Task 1: Verify Basic Connectivity, and Con gure HSRP

This task involves con guring HSRP on distribution layer switches.

1. Verify all non-HSRP IP addresses on each device by using the proper show commands and the IP

Addresses table above.

2. Verify that Client1 and Client2 can ping their default gateway, which for Client1 is the VLAN 1 interface on

DSW1 (172.16.3.3) and for Client2 is the VLAN 1 interface on DSW2 (172.16.3.2).

3. Verify that Client1 and Client2 can ping Router1’s FastEthernet 0/0 interface (172.16.253.2).

4. How can you set up the network so that all computers represented by Client1 use an IP address on DSW1

as the primary switch for their default gateway but fail over to the same IP address on DSW2 for their

default gateway in the event that DSW1 fails? _______________________________________________

____________________________________________________________________________________

5. On DSW1 and DSW2, create an HSRP group with a group number of 10 and an IP address of

172.16.3.252; use an HSRP priority of 120 on DSW1 and an HSRP priority of 90 on DSW2.

6. Which devices need their default gateways changed in order to take advantage of the new HSRP group

10? _________________________________________________________________________________

____________________________________________________________________________________

7. Change the default gateway on the devices you noted in the previous question to 172.16.3.252.

8. How can you set up the network so that all computers represented by Client2 use an IP address on DSW2

as the primary switch for their default gateway but fail over to the same IP address on DSW1 for their

default gateway in the event that DSW2 fails? _______________________________________________

9. On DSW1 and DSW2, create an HSRP group with a group number of 20 and an IP address of

172.16.3.254; use an HSRP priority of 90 on DSW1 and priority of 120 on DSW2.

10. Which devices need their default gateways changed in order to take advantage of the new HSRP group

20? _________________________________________________________________________________

____________________________________________________________________________________

11. Change the default gateway on the devices you noted in the previous question to 172.16.3.254.


Task 2: Verify HSRP Con guration

This task involves verifying HSRP on distribution layer switches.

1. On DSW1 and DSW2, issue the proper show command to view HSRP con guration. You will use this

output for the next three questions.

2. What device is the Master for HSRP group 10? ______________________________________________

3. How can you determine the answer to the previous question? ___________________________________

____________________________________________________________________________________

4. Which device has the higher priority for HSRP group 10? ______________________________________

5. Why are both HSRP groups on separate devices assigned the same IP address? ___________________

6. Is a group number required in order for HSRP to be con gured? _________________________________

7. What is the default HSRP group number? ___________________________________________________

8. What device is the Master for HSRP group 20? ______________________________________________

9. How can you determine the answer to the previous question? ___________________________________

____________________________________________________________________________________

10. Which device has the higher priority for HSRP group 20? ______________________________________

11. Verify that Client1 can still ping Router1’s FastEthernet 0/0 interface (172.16.253.2).

Task 3: Assign HSRP Preempt

This task involves con guring DSW1 to be the HSRP Master for HSRP group 10 and DSW2 to be the HSRP

Master for HSRP group 20.

1. How can you guarantee that a speci c switch becomes the Master in an HSRP group? _______________

2. What is the default priority for HSRP groups? ________________________________________________

3. Has DSW1 become the Master for HSRP group 10? If not, why? ________________________________

____________________________________________________________________________________

4. Enable preempt on HSRP group 10 for DSW1 and DSW2.


5. Has DSW2 become the master for HSRP group 20? If not, why? ________________________________

____________________________________________________________________________________

6. Enable preempt on HSRP group 20 for DSW1 and DSW2.

7. Verify the con guration with the proper show command. Has DSW2 now become the HSRP Master for

group 20? ____________________________________________________________________________

8. Verify that connectivity still exists on Client1 and Client2 by issuing ping to Router1’s FastEthernet 0/0

interface (172.16.253.2).

Lab Solutions

Task 1: Verify Basic Connectivity, and Con gure HSRP

When devices are assigned to an HSRP group, the group functions as a single gateway for clients. An HSRP

group has one Master device and one Backup device. The highest priority is determined by the device in the

group with the highest IP address on the interface con gured for HSRP or, if preempt is enabled, the priority

setting that is con gured on the devices. All other routers in the HSRP group transition to the Listen state and

remain in that state until either the Master or Backup device fail. In accordance with RFC 2281, the IP address

assigned to an HSRP group must differ from the IP addresses assigned to all routers and hosts on the LAN

including those assigned to other HSRP groups and this IP address should belong to the primary subnet on

the LAN. In this task, you will con gure an IP address for HSRP that is not used on a physical interface of any

device. A virtual Media Access Control (MAC) address is used to identify the HSRP group to clients. The virtual

MAC address for HSRP groups is in the form of 0000.00c7.acxx, where xx is a hexadecimal value identifying the

HSRP group number. This MAC address will also be used on all HSRP interfaces in the HSRP group.

1. You should issue the show ip interface brief command on each device to verify all non-HSRP IP

addresses on each device by using the IP Addresses table above. Sample output is shown below:

��

��

�� !��"#��

�� !��"#��

$��#�� %&'�('&)*'&��"#��

$��#�� %&'�('&)*'�+��"#��

��&��

��

�� !��"#��

�� !��"#��

$��#�� %&'�('&)*'�,��"#��

$��#�� %&'�('&)*'(��"#��


� ��-��

��

.��%&'�('*'��"#��

$��#�� !��"#��

$��#�� &�� !��"#��

$��#�� *�� !��"#��

/��0 ��1

��-&��

��

.��%&'�('*'&��"#��

$��#�� !��"#��

$��#�� &�� !��"#��

$��#�� *�� !��"#��

/��0 ��1

2�-��

��

.��%&'�('*'*��"#��

$��#�� !��"#��

$��#�� &�� !��"#��

$��#�� *��%&'�('&)*'3��"#��

$��#�� +��%&'�('&)*')��"#��

$��#�� )��%&'�('&)*'��"#��

/��0 ��1

2�-&��

��

.��%&'�('*'&��"#��

$��#�� !��"#��

$��#�� &�� !��"#��

$��#�� *��%&'�('&)*'��"#��

$��#�� +��%&'�('&)*'�%��"#��

$��#�� )��%&'�('&)*'�*��"#��

/��0 ��1

2. You should issue the following commands on Client1 and Client2 to verify connectivity on each workstation

with their default gateway, which for Client1 is the VLAN 1 interface on DSW1 (172.16.3.3) and for Client2

is the VLAN 1 interface on DSW2 (172.16.3.2). Both pings should be successful.

4� ��5�451� �!��%&'�('*'*

4� ��&5�451� �!��%&'�('*'&

3. You should issue the following command on Client1 and Client2 to verify connectivity to Router1’s

FastEthernet 0/0 interface (172.16.253.2). Both pings should be successful.

451� �!��%&'�('&)*'&


4. You can use HSRP to set up the network so that all computers represented by Client1 use an IP address

on DSW1 as the primary switch for their default gateway but fail over to the same IP address on DSW2 as

the secondary switch for their default gateway in the event that DSW1 fails.

5. You should issue the following commands on DSW1 and DSW2 to create an HSRP group with the

appropriate group number, IP address, and priorities:

2�-�6�� !7� ��8��

2�-�6�� !� �7��9�� %&'�('*'&)&

2�-�6�� !� �7��9�� 9��&�

2�-&6�� !7� ��8��

2�-&6�� !� �7��9�� %&'�('*'&)&

2�-&6�� !� �7��9�� 9�3�

6. ASW1 and Client1 need to have their default gateways changed in order for them to take advantage of

HSRP group 10.

7. You should issue the following commands on ASW1 and Client1 to con gure the default gateway to be

172.16.3.252. When DSW1 and DSW2 are con gured to act as an HSRP group, the two switches will work

together to present the illusion of a single default gateway to the workstations on the LAN. If the Master

virtual router fails, the backup virtual router with the highest priority will assume the role of the Master

virtual router, thereby providing uninterrupted service for the network. When the original Master virtual

router comes back online, it re-establishes its role as the Master virtual router.

��-�6�� !7� ��!��9��%&'�('*'&)&

4� ��5�451 �� !� �!��%&'�('*'&)&

8. You can use HSRP to set up the network so that all computers represented by Client2 use an IP address

on DSW2 as the primary switch for their default gateway but fail over to the same IP address on DSW1 as

the secondary switch for their default gateway in the event that DSW2 fails.

9. You should issue the following commands on DSW1 and DSW2 to con gure the appropriate HSRP group,

IP address, and priorities:

2�-�6�� !7� ��8��

2�-�6�� !� �7��9�&�� %&'�('*'&)+

2�-�6�� !� �7��9�&�� 9�3�

2�-&6�� !7� ��8��

2�-&6�� !� �7��9�&�� %&'�('*'&)+

2�-&6�� !� �7��9�&�� 9��&�

10. ASW2 and Client2 need to have their default gateways changed in order for them to take advantage of

HSRP group 20.


11. You should issue the following commands on ASW2 and Client2 to con gure the default gateway to be

172.16.3.254:

��-&6�� !7� ��!��9��%&'�('*'&)+

4� ��&5�451 �� !� �!��%&'�('*'&)+

Task 2: Verify HSRP Con guration

1. You should issue the show standby command on DSW1 and DSW2 to view the HSRP con guration. The

output will be used for the next three questions. Sample output is shown below:

2�-��9�

.��:��

��;�� 8�

��. �� %&'�('*'&)&�� !��

�� 8��8 ��4�� '��%'��

��<�� 0��*��=�� 0��

��>�?�� '(&3

��0��

�� 8��

��9�� %&'�('*'&

�� 9��&�

.��:��&�

��;�� 8�

��. �� %&'�('*'&)+�� !��

�� 8��8 ��4�� '��%'��&�

��<�� 0��*��=�� 0��

��>�?�� '3(�

��0��

�� 8��

��9�� %&'�('*'&

�� 9�3�

2�-&��9

.��:��

��;�� @��A��

��. �� %&'�('*'&)&�� !��

�� 8��8 ��4�� '��%'��

��<�� 0��*��=�� 0��

��>�?�� '(,&

��0��

�� 8�� %&'�('*'*

��9��

�� 9�3�


� .��:��&�

��;�� @��A��

��. �� %&'�('*'&)+�� !��

�� 8��8 ��4�� '��%'��&�

��<�� 0��*��=�� 0��

��>�?�� '%)*

��0��

�� 8�� %&'�('*'*

��9��

�� 9��&�

2. DSW1 is the Master device for HSRP group 10.

3. You determine the answer to the previous question by observing in the above output that the DSW1 local

state is �� 8�, which indicates that it is the Master. The output from DSW2 shows that the local state is

@��A��, which indicates that it is the Backup device.

4. DSW1 has the higher priority (120) for group 10. DSW2 has a priority of 90.

5. HSRP group 10 on both DSW1 and DSW2 are assigned the same IP address because one device

performs as the backup default gateway for the other device.

6. A group number is not required in order for HSRP to be con gured.

7. If no group number is speci ed when an HSRP group is created, a default HSRP group number of 0 is

used.

8. DSW2 is the Master device for HSRP group 20.

9. You can determine the answer to the previous question by observing in the above output that the DSW1

local state is @��A��, which indicates that it is the backup device. The output from DSW2 shows that the

local state is �� 8�, which indicates that it is the Master.

10. DSW2 has a higher priority of 120 for group 20. DSW1 has a priority of 90.

11. You should issue the following command to verify that Client1 can still ping Router1’s FastEthernet 0/0

interface (172.16.253.2). The ping should be successful.

451� �!��%&'�('&)*'&

Task 3: Assign HSRP Preempt

1. In order to guarantee that a speci c switch becomes the Master in an HSRP group, you should con gure

priorities.


2. The default priority for HSRP groups is 100. HSRP is a Cisco-proprietary protocol that enables multiple

routers to act as a single gateway for the network. Each router should be con gured with a priority value

that ranges from 0 through 255, with 100 being the default priority value and 255 being the highest priority

value. To ensure that a router becomes the active router for an HSRP group, you can assign the router a

high priority value, such as 255, and enable preemption on the routers in the group.

3. Yes, DSW1 has become the Master for HSRP group 10.

4. Unlike in a Virtual Router Redundancy Protocol (VRRP) con guration, preempt is not enabled by default

in an HSRP con guration. The HSRP preemption feature enables a router to become the active router

when its priority value becomes higher than the priority of all other routers in the HSRP group. Therefore,

if a router in an HSRP group that has preemption enabled is con gured with a higher priority value than

the other routers in the HSRP group, the router will preempt the active router and become the new active

router. You should issue the following commands to enable preempt on DSW1 and DSW2:

2�-�6�� !7� ��8��

2�-�6�� !� �7��9��0��

2�-&6�� !7� ��8��

2�-&6�� !� �7��9��0��

5. DSW2 has not become the Master for HSRP group 20, because preempt has not been enabled on HSRP

group 20. You should issue the show standby command on DSW2 to view the HSRP con guration. Sample

output is shown below:

2�-&��9�

.��:��

��;�� @��A��

��. �� %&'�('*'&)&�� !��

�� 8��8 ��4�� '��%'��

��<�� 0��*��=�� 0��

��>�?�� ',�*

��0�� =�0 ��9�)��=�9��9�+��

�� 8�� %&'�('*'*

��9��

�� 9�3�

.��:��&�

��;�� @��A��

��. �� %&'�('*'&)+�� !��

�� 8��8 ��4�� '��%'��&�

��<�� 0��*��=�� 0��

��>�?�� ',%(

��0��

�� 8�� %&'�('*'*

��9��

�� 9��&�


6. You should issue the following commands to enable preempt on DSW1 and DSW2:

2�-�6�� !7� ��8��

2�-�6�� !� �7��9�&��0��

2�-&6�� !7� ��8��

2�-&6�� !� �7��9�&��0��

7. You should issue the show standby command on DSW2 to verify that the HSRP priorities are con gured

correctly. DSW2 has now become the HSRP Master for group 20. Sample output is shown below:

2�-&��9�

.��:��

��;�� @��A��

��. �� %&'�('*'&)&�� !��

�� 8��8 ��4�� '��%'��

��<�� 0��*��=�� 0��

��>�?�� '(,+

��0��

�� 8�� %&'�('*'*

��9��

�� 9�3�

.��:��&�

��;�� 8�

��. �� %&'�('*'&)+�� !��

�� 8��8 ��4�� '��%'��&�

��<�� 0��*��=�� 0��

��>�?�� '(%�

��0�� =�0 ��9�)��=�9��9�+��

�� 8��

��9�� %&'�('*'*

�� 9��&�

8. You should issue the following command to verify that connectivity still exists from both Client1 and Client2

to Router1’s FastEthernet 0/0 interface (172.16.253.2):

451� �!��%&'�('&)*'&


Sample Con guration Scripts

DSW1 DSW1 (continued)

DSW1#show running-con g

!

Version 12.3

service timestamps debug uptime

service timestamps log uptime

no service password-encryption

!

hostname DSW1

ip cef

!

ip subnet-zero

!

no ip domain-lookup

spanning-tree mode pvst

ip routing

spanning-tree extend system-id

!

interface FastEthernet0/1

switchport trunk encapsulation dot1q

switchport mode trunk

switchport trunk allowed vlan 1-1000

!





!


no switchport

ip address 172.16.253.9 255.255.255.252

!


no switchport

ip address 172.16.253.5 255.255.255.252

!


no switchport

ip address 172.16.253.1 255.255.255.252

!


!


!


!


!


!


!


!

interface GigabitEthernet0/1

!


!

interface Vlan 1

ip address 172.16.3.3 255.255.255.0

no ip route-cache

standby 10 ip 172.16.3.252

standby 10 priority 120

standby 10 preempt

standby 20 ip 172.16.3.254


standby 20 preempt

!

router eigrp 10

network 172.16.0.0

no auto-summary

!

ip classless

no ip http server

!

line con 0

line aux 0

line vty 0 4

!

no scheduler allocate

end


Sample Con guration Scripts

DSW2 DSW2 (continued)

DSW2#show running-con g

!

Version 12.3

service timestamps debug uptime

service timestamps log uptime

no service password-encryption

!

hostname DSW2

ip cef

!

ip subnet-zero

!

no ip domain-lookup

spanning-tree mode pvst

ip routing

spanning-tree extend system-id

!





!





!


no switchport

ip address 172.16.253.10 255.255.255.252

!


no switchport

ip address 172.16.253.17 255.255.255.252

!


no switchport

ip address 172.16.253.13 255.255.255.252

!


!


!


!


!


!


!


!


!


!

interface Vlan 1

ip address 172.16.3.2 255.255.255.0

no ip route-cache

standby 10 ip 172.16.3.252


standby 10 preempt

standby 20 ip 172.16.3.254


standby 20 preempt

!

router eigrp 10

network 172.16.0.0

no auto-summary

!

ip classless

no ip http server

!

line con 0

line aux 0

line vty 0 4

!

no scheduler allocate

end

Copyright © 1996–2012 Boson Software, LLC. All rights reserved. NetSim software and documentation are protected by copyright law.

confguring multiple hot standby router protocol groups.pdf

Documents