First Hop Redundancy Protocols

In any network, the default gateway is a single point of failure. If a host's gateway router fails, that host loses its connection to the rest of the world, even if alternate paths exist. First Hop Redundancy Protocols (FHRPs) solve this critical problem by allowing a group of routers to work together to present the illusion of a single, highly available default gateway to the hosts on a local subnet. Mastering HSRP, VRRP, and GLBP is essential for designing resilient access layer networks and is a cornerstone of the CCNA certification.

The Need for Gateway Redundancy

Hosts are typically configured with a single static default gateway IP address. This design is simple but fragile; the failure of that one router renders the host isolated. While dynamic routing protocols like OSPF or EIGRP provide redundancy for router-to-router communication, they do not help the end hosts. The host itself has no mechanism to dynamically learn a new gateway if its current one fails. FHRPs create a virtual router with its own virtual IP (VIP) and virtual MAC address. Hosts are configured to use this VIP as their default gateway. The physical routers within the FHRP group then negotiate amongst themselves which one will actively forward traffic destined for the VIP. If that active router fails, a backup router seamlessly takes over the VIP, providing uninterrupted service to the hosts with no reconfiguration required on their part.

Hot Standby Router Protocol (HSRP)

Hot Standby Router Protocol (HSRP) is a Cisco-proprietary protocol designed to provide default gateway redundancy. An HSRP group consists of at least two routers. One is elected as the Active router, which actively forwards traffic sent to the virtual IP address. The other router assumes the Standby role, monitoring the Active router and preparing to take over if it fails.

The election is determined by priority (default 100). The router with the highest priority becomes Active. In a tie, the router with the highest configured IP address on the HSRP interface wins. A critical feature is preemption, which, when enabled, allows a router with a higher priority to forcibly take over the Active role when it comes online or recovers, ensuring the most capable router is always in charge. Interface tracking is another vital component. It allows the HSRP priority of a router to be dynamically reduced if a critical interface (like an uplink to the core) goes down, triggering a failover to the Standby router even if the HSRP router itself is still online.

To configure and verify HSRP on a Cisco router, you would use commands like:

interface GigabitEthernet0/1
  standby 10 ip 192.168.1.1
  standby 10 priority 110
  standby 10 preempt
  standby 10 track GigabitEthernet0/2 20

Verification is done with show standby brief, which clearly lists the group, virtual IP, local state (Active/Standby), priority, and tracked interfaces.

Virtual Router Redundancy Protocol (VRRP)

Virtual Router Redundancy Protocol (VRRP) is an open standard (RFC 5798) that operates very similarly to HSRP, providing the same fundamental redundancy service. The terminology differs slightly: the active router is called the Master, and the backups are called Backup routers. VRRP's primary advantage is multivendor interoperability; you can have a Cisco router and a Juniper router in the same VRRP group. Its election process also uses priority, with a default of 100. A key operational difference is that the physical interface IP address on the Master router can be used as the virtual IP, which is not allowed in HSRP. VRRP also supports preemption, which is enabled by default, and interface tracking (often called object tracking). While the configuration syntax differs between vendors, the core concepts of VIP, priority, master election, and failover are consistent with HSRP.

Gateway Load Balancing Protocol (GLBP)

While HSRP and VRRP provide redundancy, only one forwarder is active at a time, leaving the standby router's bandwidth unused for outbound traffic from hosts. Gateway Load Balancing Protocol (GLBP) is a Cisco-proprietary protocol that solves this by providing both redundancy and load balancing across multiple upstream routers.

GLBP achieves this by introducing two key roles. One router in a GLBP group is elected as the Active Virtual Gateway (AVG). This router's job is to assign a different Virtual Forwarder (VF) MAC address to each host that sends an ARP request for the virtual IP. Other routers in the group become Active Virtual Forwarders (AVFs) for these assigned MACs. For example, when Host A ARPs for the VIP, the AVG might reply with the virtual MAC for Router 1. When Host B ARPs, the AVG replies with the virtual MAC for Router 2. Traffic is now load-balanced per-host across all available forwarders. The AVG also manages the redundancy. If an AVF fails, the AVG reassigns its load to the remaining forwarders, and a new AVG is elected if the original fails. This makes GLBP a more efficient use of resources while maintaining high availability.

Common Pitfalls

Misconfigured Priorities and Preemption: Without preemption, a router that recovers from a failure will not reclaim the Active role, potentially leaving a less optimal path in charge. Conversely, improperly high priorities without tracking can lead to a "flapping" gateway if an interface with a tracked link that is unstable causes constant priority changes and role elections.

Ignoring Interface Tracking: Configuring HSRP/VRRP without tracking a critical uplink interface is a major oversight. If the uplink on the Active router fails, the router remains Active because its HSRP interface is still up. Hosts can still send traffic to it, but that traffic will be dropped, creating a black hole. Tracking is essential for a true failover based on reachability, not just router liveness.

Forgetting About Timers: The default hello and hold timers define failover speed. Very aggressive timers can cause instability, while very slow timers mean prolonged outages before failover occurs. Adjust these carefully based on network design and tolerance for packet loss during convergence.

ARP Cache Confusion (Especially with GLBP): After a failover, hosts may have stale ARP caches mapping the VIP to an old MAC address. While most modern systems handle this gracefully, it can cause temporary connectivity issues. Understanding that the virtual MAC address can change after a failover in HSRP/VRRP (but is managed dynamically in GLBP) is important for troubleshooting.

Summary

• FHRPs like HSRP, VRRP, and GLBP provide seamless default gateway redundancy by creating a virtual router that multiple physical routers support.
• HSRP (Cisco) uses an Active/Standby model with priority-based election, preemption, and critical interface tracking to trigger failover.
• VRRP (Standards-based) operates similarly with a Master/Backup model and is key for multivendor environments.
• GLBP (Cisco) advances beyond simple redundancy by providing per-host load balancing across multiple active gateways using the roles of Active Virtual Gateway (AVG) and Active Virtual Forwarder (AVF).
• Proper configuration requires careful attention to priority, preemption, and interface tracking to avoid common failure scenarios like black holes or unstable failovers.