In order to guarantee network resilience, First Hop Redundancy Protocols (FHRP) eliminates single points of failure at the default gateway level.
First Hop Redundancy Protocols
A set of protocols known as First Hop Redundancy Protocols provide redundancy for the operation of the default router in any subnet. Adding some kind of default gateway redundancy to a network is its main goal. This implies that end devices can continue to connect to the network even if a router serving as the default gateway fails and is replaced by another router. The phrase “First Hop” describes how the default router is the first router or the first router hop that a packet must go through in order to connect to distant networks.
How FHRP Works
Multiple physical routers can appear to client devices as a single logical router with First Hop Redundancy Protocols. The actions listed below are used to do this:
Virtual Router: All of the clients on the subnet are shown a virtual router by First Hop Redundancy Protocols.
Virtual IP Address: Every end device has its default gateway set to the virtual router, which is given a virtual IP address. In contrast to the physical IP addresses of the individual routers, this IP address is unique within the subnet. Because of this design, hosts can utilize a single default router option that is always in effect.
Virtual MAC Address: Additionally, the virtual router has a virtual MAC address that hosts receive back when they issue an ARP request for their default gateway.
Router Roles and Protocol Messages: The First Hop Redundancy Protocols group’s routers communicate with one another via protocol messages, such as welcome messages, to decide which router takes over as the active router for traffic forwarding and which ones stay in standby mode, ready to take over in the event that the active router fails.
Failover Process: When the router that is currently in use fails:
- The active forwarding router’s welcome messages are no longer sent to the backup router.
- The forwarding router function is subsequently taken up by the standby router.
- Both the virtual IP and MAC addresses of the virtual router are transferred to the new forwarding router.
- End devices do not experience a service interruption as a result of this change because their default gateway IP and MAC addresses do not change.
History of FHRP
With the introduction of several protocols over time, the development of First Hop Redundancy Protocols took place chronologically:
Hot Standby Router Protocol (HSRP): This proprietary protocol was first offered by Cisco, and many of its clients found it to be successful.
Virtual Router Redundancy Protocol (VRRP): Later, VRRP was created as an open standard by the Internet Engineering Task Force (IETF) and specified in RFC 5798. It has features that are comparable to those of HSRP.
Gateway Load Balancing Protocol (GLBP): Then, as a more sophisticated and reliable solution, Cisco created GLBP.
Types of FHRPs
There are three main choices for First Hop Redundancy Protocols:
Hot Standby Router Protocol (HSRP)
Origin: Cisco-proprietary.
Redundancy Approach: just one router actively forwards traffic for a certain group at a time when it operates in an active/standby manner, sometimes referred to as active/passive. The backup router swiftly takes over in the event that the active router fails after keeping an eye on its condition.
IPv6 Support: For IPv6, HSRP is accessible.
Virtual MAC Address: HSRPv1 uses 0000.0C07.ACxx (where xx is the hexadecimal group number), while HSRPv2 uses 0000.0C9F.F000 to 0000.0C9F.FFFF.
Messages: HSRPv1 sends Hello packets to multicast IP 224.0.0.2 on UDP port 1985. HSRPv2 uses 224.0.0.102 on UDP port 1985.
Group Numbers: Group numbers for HSRPv1 range from 0 to 255, but HSRPv2 expands this range to 0 to 4095.
Preemption: A feature that can be changed to enable a higher-priority router to take over as the active router in the event that it recovers or goes online.
Interface Tracking: In order to modify its priority, HSRP can monitor upstream interfaces. In order to prevent inefficient traffic pathways, the router’s priority can be decreased in the event that a tracked interface goes down. This forces a failover to a standby router that still has upstream connectivity.
Virtual Router Redundancy Protocol (VRRP)
Origin: An IETF standard (RFC 5798).
Redundancy Approach: Like HSRP, it dynamically delegated virtual router responsibilities to VRRP routers on an IPv4 LAN, which are also usually active/standby.
IPv6 Support: Both IPv4 and IPv6 are supported by VRRPv3.
Gateway Load Balancing Protocol (GLBP)
Origin: Cisco-proprietary.
Redundancy Approach: In contrast to HSRP and VRRP, GLBP enables multiple gateways within the same GLBP group to actively forward network traffic at the same time, hence providing genuine load balancing (also known as load sharing) among a group of redundant routers.
IPv6 Support: GLBP is compatible with IPv6.
Operation: It permits each forwarding group to contain a maximum of four routers. The active router can use a round-robin algorithm to route traffic from hosts to the routers in the group that come after it.
Advantages of FHRP
High Availability and Network Resiliency: For networks to be robust to device or link failures (such as router power supply failure, cable breaks, switch power loss, or WAN link difficulties), First Hop Redundancy Protocols are necessary. By offering a fallback default gateway, they guarantee uninterrupted operation.
Transparent Failover: End devices are fully aware of the transfer of forwarding responsibilities from a failed active router to a standby router. This is due to the fact that the end devices do not interrupt service by sending traffic to the same virtual IP and MAC addresses.
Simplified Client Configuration: In the event of a router failure, end hosts only need to be set up with a single default gateway address (the virtual IP address), which is constant and does not require manual reconfiguration.
Load Balancing: Multiple active routers can experience complete load balancing with GLBP. By making multiple routers active for different VLANs (for example, by employing “router on a stick” configurations with trunking), HSRP can be set up to do a type of load sharing, which helps spread traffic and enhances network resilience even if its primary function is active/standby.
Disadvantages of FHRP
HSRP Inefficiency: By default, only one router actively forwards traffic while the other configured routers sit idle in standby mode due to HSRP’s active/standby paradigm. The underutilisation of resources on standby routers, until a failure occurs, might be viewed as wasteful and not cost-effective.
Limited HSRP Load Balancing (by default): Out of the box, HSRP does not offer proper load balancing. It takes more intricate configurations with numerous VLANs and rigorous design considerations to achieve load sharing.
Proprietary Protocols: Cisco owns the rights to GLBP and HSRP. As a result, they are mostly utilised in Cisco-only settings, however VRRP is an open standard that may be implemented in networks with several vendors.
FHRP Applications
First Hop Redundancy Protocols are frequently used in network architectures that demand constant connectivity and high availability for end devices:
Default Gateway Redundancy: In the event of a router failure, their primary duty is to guarantee that end devices in any subnet always have a working default gateway to access distant networks.
Redundant Network Topologies: They are essential for making the most of redundancy and avoiding problems in networks that have redundant switches, routers, LAN lines, and WAN links.
Distribution Layer in Campus Networks: The distribution layer’s Layer 3 switches frequently act as hosts’ default gateways and use HSRP for increased availability in conventional three-layer network topologies (core, distribution, and access).
VLAN Gateway Redundancy: First Hop Redundancy Protocols give certain VLANs gateway redundancy. This is especially helpful in designs that allow load balancing through the designation of distinct routers as active for distinct VLANs, frequently through trunking.
More Details
Proxy ARP as an Alternative: Prior to First Hop Redundancy Protocols being widely used, Proxy ARP was a less effective means to manage default gateway redundancy. A router that uses Proxy ARP would reply to ARP queries for distant hosts. Service interruption during the failover period would result from hosts continuing to transmit packets to that router’s MAC address until the ARP cache entry timed out. First Hop Redundancy Protocols provide a more reliable option with transparent, smooth failover.