Using HSRP Preempt

Using HSRP Preempt

Problem

You want to ensure that a particular router is always selected as the "active" HSRP router, whenever it is up and functioning.

Solution

You can ensure that a particular router is always selected as the HSRP active router if it is available. On the router that you wish to make your primary active HSRP router, you need to set a higher priority level and use the standby preempt command:

Router1#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Router1(config)#interface FastEthernet 0/1
Router1(config-if)#standby 1 ip 172.22.1.1
Router1(config-if)#standby 1 priority 120
Router1(config-if)#standby 1 preempt
Router1(config-if)#exit
Router1(config)#end
Router1#

The only difference on the second router is the HSRP priority level. The lower priority in conjunction with the standby preempt command forces the second HSRP router to remain in a standby state unless the primary router becomes unreachable. Then, when the primary router becomes available again, the secondary router will relinquish its role and allow the primary router to take over as the active HSRP router:

Router2#configure terminal 
Enter configuration commands, one per line. End with CNTL/Z.
Router2(config)#interface FastEthernet 1/0
Router2(config-if)#standby 1 ip 172.22.1.1
Router2(config-if)#standby 1 priority 110
Router2(config-if)#standby 1 preempt
Router2(config-if)#exit
Router2(config)#end
Router2#

You can also configure this feature by specifying the preempt keyword on the standby priority configuration command. Both methods produce exactly the same results:

Router2#configure terminal 
Enter configuration commands, one per line. End with CNTL/Z.
Router2(config)#interface FastEthernet 1/0
Router2(config-if)#standby 1 ip 172.22.1.1
Router2(config-if)#standby 1 priority 110 preempt
Router2(config-if)#exit
Router2(config)#end
Router2#

Discussion

The standby preempt feature means that the router with the higher priority is always the active router if it is available. If two routers have the same priority, then the interface with the highest physical IP address becomes active. However, as we mentioned in Recipe 22.1, it is a good practice to always set the priorities so that one router is the clear winner. This avoids any confusion.

In Recipe 22.3 we will describe another extremely useful HSRP feature, called interface tracking, which allows HSRP to react to problems on other interfaces on the router. In this case, it becomes much more important to ensure that the right router carries traffic in the default situation. We strongly advocate using the standby preempt feature whenever you use HSRP.

The protocol handles this feature by allowing routers to send HSRP Coup packets. If another router receives a coup message or even an HSRP Hello message from a router with higher priority, it will immediately send an HSRP Resign message in return, and give up its active state. Because one router will always have either higher priority or a higher IP address than any of the others, there is always one router that can unambiguously claim precedence, ensuring that all HSRP coups are bloodless.

In IOS 12.0(9) and higher, you can alter this behavior slightly, making the active router wait before relinquishing its active state. This is sometimes helpful when the newly active router needs a little bit of time to bring up slow WAN interfaces and populate routing tables. Frame Relay interfaces in particular can take as long as a minute to synchronize LMI (see Chapter 10 for more discussion of Frame Relay). However, by default, HSRP preempt will make the router become the active default gateway for the LAN within seconds of bringing up the LAN interface.

The following command will make a router wait 60 seconds before becoming the active HSRP router:

Router2(config-if)#standby 1 preempt delay 60

You can set this delay to any value between 0 and 3,600 seconds. You can also combine this command with the priority command:

Router2(config-if)#standby 1 priority 110 preempt delay 60

The show standby command shows additional information when the preempt option is configured:

Router1#show standby
FastEthernet0/1 - Group 1
Local state is Active, priority 120, may preempt
Preemption delayed for at least 60 secs
Hellotime 3 sec, holdtime 10 sec
Next hello sent in 2.236
Virtual IP address is 172.22.1.1 configured
Active router is local
Standby router is 172.22.1.2 expires in 9.304
Virtual mac address is 0000.0c07.ac01
5 state changes, last state change 12:41:53
Router1#

In this case, the router is configured to wait 60 seconds before preempting. If you don't define a delay, the router omits this line from the output.

See Also