FHRP - First Hop Redundancy Protocol

HSRP - Hot Standby Router Protocol

  1. Connect two Cisco 1600 Series routers to one Ethernet switch. Connect to this switch at least one computer.
  2. Connect to a console-port of each router and assign IP addresses to Ethernet0 interfaces with the help of ip address * 255.255.255.0 command, where «*» is an IP address specified by the tutor, which should be set in interface configuration mode.
  3. In global configuration mode for each router set a name using hostname name command. For example, Router_1 and Router_2.
  4. For each router assign a virtual address to a standby-group with the help of standby 1 ip * interface command, where «*» is a virtual IP address. We would like to mention right away that configuration of the first standby-group will be performed.
  5. For each router set that it can become active, using standby 1 preempt interface command.
  6. For each router set its priority in the group with the help of standby 1 priority * command, where «*» is a number corresponding to the priority. For one router it’s necessary to set the priority equal to 100 (standard) and for another one – 110.
  7. Configure mutual authentication of the routers within the standby-group with the help of interface command standby 1 authentication *, where «*» is a common key (password).
  8. For each router set time intervals for the role of the an active device in the group using interface command standby 1 timers 5 15, where 5 means that hello packets are sent every five seconds, and 15 is a time interval (15seconds) after which the second router takes on the role of an active one.
  9. Go to privileged mode and save configuration using write command.
  10. Study standby-state of the devices issuing show standby command.
  11. Make sure of the availability of each router of the group from the computer using ICMP echo-requests (ping).
  12. Make sure of the availability of the standby-group virtual IP address as shown above.
  13. Via telnet go to the active device using standby-group IP-address. Check its name. End telnet session.
  14. Start endless ICMP poll of the active router with the help of ping -t command.
  15. Disconnect the active router from the switch.
  16. Make sure that replies on several ICMP packets are not received.
  17. After you start receiving replies on ICMP echo-requests again, via telnet go to the active router in the standby-group using the virtual IP-address and check its name against the previous one.
  18. Count the number of missed ICMP-requests before the virtual router became available again. Estimate time of unavailability in seconds. How does it compare with the numbers set in standby 1 timers command? Explain why you watched the difference between configured values and the real time of “switching”.
  19. For each router set the interface which state will be tracked by HSRP. To do this one should use interface command standby 1 track interface interface-priority, where interface is a name of the interface, interface-priority is a value of a decrement/increment on which the router’s priority will decrease if the state of the chosen interface changes to down state and increase in the case of returning this state to up. The value of interface-priority is equal to 10 by default.
  20. *Think in which cases using track interface option may be not enough. Propose a scheme of the network in which the described option will not solve the problem of availability of the remote service. With the help of configuration mode command track 1 ip route ip_subnet/mask reachability create a tracking routing object. Use interface command standby 1 track 1 decrement 15 to decrease the priority of the interface of a troubled/problem router. Make sure of normal operating of the scheme.

GLBP - Gateway Load Balancing Protocol

  1. Connect two Cisco 3600 Series routers to one Ethernet switch. Connect to this switch at least one computer.
  2. Connect to a console-port of each router and assign IP addresses to chosen Fast Ethernet */* interfaces with the help of ip address * 255.255.255.0 command, where «*» is an IP address which should be set in interface configuration mode.
  3. Set a name using hostname name command. For example, Router_1 and Router_2. From now on all commands should be applied to each router from the glbp-group in interface configuration mode (points 3 - 9).
  4. Assign the same shared virtual IP address to Fast Ethernet */* interfaces with the help of glbp group ip * command, where «*» is a shared IP address which should belong to the same subnet as addresses of the interfaces assigned above, group is a number of the glbp-group.
  5. Set the router’s priority by using glbp group priority * command, where «*» is a number corresponding to the priority. For example, one should set the priority equal to 150 for one router and 250 for another one (for glbp the priority can vary in the interval 1-255).
  6. With the help of glbp group preempt command allow AVF-router (active virtual forwarder) to become active AVG (active virtual gateway) if its priority is higher than the current AVG has. (Correspondingly, without this command, changing of AVG takes place only in case of AVG’s failure because of some reason (also based on priority)).
  7. Using glbp group preempt delay minimum seconds command, seconds = 60, set the number of seconds for a delay of changing a standby router to an active one.
  8. Select the mode of load balancing with the help of glbp group load-balancing [host-dependent | round-robin | weighted] command.
  9. *Command glbp group timers hellotime holdtime sets values of timers, where hellotime is a time between hello-packets to a glbp-group, and holdtime (seconds) is a time before other routers declare the active router to be down. Timers’ default values are 3 seconds (hellotime) and 10 seconds (holdtimer). Valid timers’ interval is 1-60 seconds for hellotime and 19-180 seconds for holdtime. To return timers’ values to default, use command no glbp group timers. It’s recommended to use default values.
  10. Go to privileged mode and save configuration using write.
  11. Study glbp-state of the devices using show glbp or show glbp brief command.
  12. One can enable displaying glbp debug messages using commands debug condition glbp (state messages), debug glbp errors (messages about errors), debug glbp packets (information about sent and received packets), debug glbp terse (displays the limited amount of debug data). One can disable debugging by the corresponding command with prefix no. To redirect debug messages to a console one should use logging console debugging command, and to display these data to an administrative telnet-session - terminal monitor command.
  13. Make sure of the availability of each router of the group from the computer with the help of ICMP echo-requests (ping).
  14. Make sure of the availability of the glbp-group shared virtual IP-address using ICMP echo-requests (ping).
  15. After viewing the state of the glbp-group, make sure that the router with the highest priority is marked as Active.
  16. Send a couple of pings to the AVF router and check ARP table after it. Find MAC address for the AVF.
  17. Determine which router is used as AVF for the client in question. Use command show glbp brief to find IP addresses of the AVF router.
  18. Start endless ICMP poll of the AVF router using ping –t * command, where «*» is the shared virtual address set before.
  19. Disconnect the AVF router from the switch.
  20. Make sure that replies on several ICMP packets are not received.
  21. After you start receiving replies on ICMP-requests again, view the state of the glbp-group and make sure that another router took the second AVF role.

VRRP - Virtual Router Redundancy Protocol

  1. Connect two Cisco 3600 Series routers to one Ethernet switch. Connect to this switch at least one computer.
  2. Connect to a console-port of each router and assign IP addresses to chosen Fast Ethernet */* interfaces with the help of ip address * 255.255.255.0 command, where «*» is an IP address which should be set in interface configuration mode.
  3. Set a name with the help of hostname name command. For example, Router_1 and Router_2. From now on all commands should be applied to each router from the vrrp-group in interface configuration mode (points 3 - 10).
  4. Assign the same shared virtual IP address to Fast Ethernet */* interfaces using vrrp group * command, where «*» is a shared IP address which should belong to the same subnet as addresses of the interfaces assigned above, group is a number of the vrrp-group.
  5. Set the router’s priority in the group with the help of vrrp group priority * command, where «*» is a number corresponding to the priority. It is necessary to specify the priority equal to 150 for one router and 250 for another one.
  6. Using vrrp group preempt command allow virtual router backup to become virtual router master (active) if its priority is higher than the current master has. Correspondingly, without this command, changing of a virtual router master takes place only in case of disconnecting of the last one (based on the priority).
  7. With the help of vrrp group preempt delay minimum seconds command set the number of seconds for the delay of changing of a backup-router to an active one (master).
  8. Configure timers of sending advertisement-messages by the virtual router master using interface command vrrp group timers advertise seconds, the range of values is 1-255 seconds. One can leave the default value equal to 1 second.
  9. Using vrrp group timers learn command allow the backup-router to know advertise-seconds parameter of the master-router.
  10. Consistently apply commands vrrp group shutdown and no vrrp group shutdown.
  11. In privileged mode save changes of configuration using write command.
  12. To view the state of configured vrrp-group use commands show vrrp, show vrrp group, show vrrp interface [Fast Ethernet */*].
  13. One can enable vrrp debugging using debug vrrp all, debug vrrp error, debug vrrp events, debug vrrp packets commands. One can disable debugging by a corresponding command with prefix no.
  14. Make sure of the availability of each router of the group from the computer with the help of ICMP echo-requests (ping).
  15. Make sure of the availability of the shared virtual IP address of the vrrp-group with the help of ICMP echo-requests (ping).
  16. After viewing the state of vrrp-group make sure that the router with the highest priority is set as Master Router.
  17. Start endless ICMP poll of the active router with the help of ping –t * command, where «*» is the shared virtual address specified before.
  18. Disconnect the active router from the switch.
  19. Make sure that replies on several ICMP packets are not received.
  20. Check the number of missed ICMP-requests before the virtual router became available again. Estimate time of unavailability in seconds. How does it compare with the configured vrrp timers?
  21. After you start receiving replies on ICMP-requests again, view the state of the vrrp-group and make sure that another router with the priority lower than the disconnected master had is set as the Master Router.
  22. Connect the first router back to the switch, estimate the time before it is marked as Master Router again tracking the state of the vrrp-group.
  23. Make sure that after switching off the backup router replies on ICMP packets are invariably received (in contrast to GLBP).

Add comment


Security code
Refresh

Found a typo? Please select it and press Ctrl + Enter.