Home > HSRP Questions 2

HSRP Questions 2

November 15th, 2019 Go to comments

Question 1

Explanation

ICMP (Internet Control Message Protocol) redirect messages are automatically enabled on interfaces configured with HSRP (therefore answer A is not correct). This feature filters outgoing ICMP redirect messages through HSRP, in which the next hop IP address might be changed to an HSRP virtual IP address. ICMP is a network layer Internet protocol that provides message packets to report errors and other information relevant to IP processing. ICMP provides diagnostic functions, such as sending and directing error packets to the host. When the switch is running HSRP, make sure hosts do not discover the interface (or real) MAC addresses of routers in the HSRP group. If a host is redirected by ICMP to the real MAC address of a router and that router later fails, packets from the host are lost.

Routers in an HSRP group can be any router interface that supports HSRP, including routed ports and switch virtual interfaces (SVIs) on the switch -> Answer B is correct.

In a group of router interfaces, the active router is the router of choice for routing packets; the standby router is the router that takes over the routing duties when an active router fails or when preset conditions are met -> Answer C is not correct.

When HSRP is configured on a network or segment, it provides a virtual MAC address and an IP address that is shared among a group of configured routers. HSRP allows two or more HSRP-configured routers to use the MAC address and IP network address of a virtual router -> Answer D is correct.

HSRP can be configured on a maximum of 32 VLAN or routing interfaces. So its support depends on VLAN or interface only, it does not depend on the number of router/switch.

Reference: https://www.cisco.com/c/en/us/td/docs/switches/metro/me3600x_3800x/software/release/12-2_52_ey/configuration/guide/3800x3600xscg/swhsrp.pdf

Question 2

Explanation

The hello and hold time are currently in use as shown -> A is correct.
The standby router has to wait 10 seconds (holdtime) before taking the active HSRP -> B is not correct while E is correct
The priority value of this router is 255 -> C is not correct.
Here HSRPv1 is in use (v1 default)

Question 3

Question 4

Question 5

Explanation

The configuration of many hundreds of subinterfaces on the same physical interface, with each subinterface having its own HSRP group, can cause the processes of negotiation and maintenance of multiple HSRP groups to have a detrimental impact on network traffic and CPU utilization.

Only one HSRP group is required on a physical interface for the purposes of electing active and standby devices. This group is known as the master group. Other HSRP groups may be created on each subinterface and linked to the master group via the group name. These linked HSRP groups are known as client or slave groups.

The HSRP group state of the client groups follows that of the master group. Client groups do not participate in any sort of device election mechanism.

Client groups send periodic messages in order to refresh their virtual MAC addresses in switches and learning bridges. The refresh message may be sent at a much lower frequency compared with the protocol election messages sent by the master group.

Perform this task to configure multiple HSRP client groups.

+ The standby follow command configures an HSRP group to become a slave of another HSRP group.
+ HSRP client groups follow the master HSRP with a slight, random delay so that all client groups do not change at the same time.
+ Use the standby mac-refresh seconds command to directly change the HSRP client group refresh interval. The default interval is 10 seconds and can be configured to as much as 255 seconds.

Note: A client group takes its state from the group it is following. Therefore, the client group does not use its timer, priority, or preemption settings.

Reference: https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/ipapp_fhrp/configuration/15-mt/fhp-15-mt-book/fhp-hsrp-mgo.html

For example:

Device(config)# interface GigabitEthernet 0/0/0
Device(config-if)# ip address 10.0.0.1 255.255.255.0
Device(config-if)# standby mac-refresh 30
Device(config-if)# standby 1 follow HSRP1

Question 6

Explanation

With HSRP, members of the virtual router group continually exchange status messages. One router can assume the routing responsibility of another if a router goes out of commission for either planned or unplanned reasons.

+ Hello messages are sent to indicate that a router runs HSRP and is able to become the active router.
+ Coup messages are sent when a router wishes to become the active router.
+ Resign messages are sent when a router no longer wishes to be the active router.

Reference: https://www.cisco.com/c/en/us/support/docs/ip/hot-standby-router-protocol-hsrp/10583-62.html

Question 7

Explanation

HSRP has two authentication schemes:

+ Plain text authentication
+ MD5 authentication

HSRP authentication protects against false HSRP hello packets causing a denial-of-service attack. For example, Device A has a priority of 120 and is the active device. If a host sends spoof HSRP hello packets with a priority of 130, then Device A stops being the active device. If Device A has authentication configured such that the spoof HSRP hello packets are ignored, Device A will remain the active device.

Reference: https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/ipapp_fhrp/configuration/xe-3s/fhp-xe-3s-book/fhp-hsrp-md5.html

Question 8

Explanation

You can configure a tracked list of objects with a Boolean expression, a weight threshold, or a percentage threshold.

The example configures track list 1 to track by weight threshold.

Switch(config)# track 1 list threshold weight
Switch(config-track)# object 1 weight 15
Switch(config-track)# object 2 weight 20
Switch(config-track)# object 3 weight 30
Switch(config-track)# threshold weight up 30 down 10

If object 1, and object 2 are down, then track list 1 is up, because object 3 satisfies the up threshold value of up 30. But, if object 3 is down, both objects 1 and 2 must be up in order to satisfy the threshold weight.

This configuration can be useful if object 1 and object 2 represent two small bandwidth connections and object 3 represents one large bandwidth connection. The configured down 10 value means that once the tracked object is up, it will not go down until the threshold value is equal to or lower than 10, which in this example means that all connections are down.

The below example configures tracked list 2 with three objects and a specified percentages to measure the state of the list with an up threshold of 70 percent and a down threshold of 30 percent:

Switch(config)# track 2 list threshold percentage
Switch(config-track)# object 1
Switch(config-track)# object 2
Switch(config-track)# object 3
Switch(config-track)# threshold percentage up 51 down 10

This means as long as 51% or more of the objects are up, the list will be considered “up”. So in this case if two objects are up, track 2 is considered “up”.

Reference: http://www.cisco.com/c/en/us/td/docs/switches/blades/3020/software/release/12-2_58_se/configuration/guide/3020_scg/swhsrp.pdf

Question 9

Explanation

In order to utilize both paths from the host network to the server network, you can configure Multigroup HSRP (MHSRP) between R1 and R2. Essentially, R1 is configured with two HSRP groups (for example, group 1 and group 2) and R2 is also configured with the same HSRP groups. For group 1, R1 is the active router and R2 is the standby router. For group 2, R2 is the active router and R1 is the standby router. Then you configure half of the hosts’ default gateways with the HSRP group 1 virtual IP address, and the other half of the hosts’ default gateways with the HSRP group 2 virtual IP address.

Reference: https://www.cisco.com/c/en/us/support/docs/ip/hot-standby-router-protocol-hsrp/13781-7.html

In general, unlike GLBP (which supports load-balancing), HSRP can only use a “trick” to share traffic loads by configuring multiple HSRP groups.

Question 10

Explanation

The Preemption is disabled so R2 cannot become the master router in any situation -> Answer A is not correct.

From the line “Track interface FastEthernet0/0 state Up decrement 10″ we learn that it is tracking Fa0/0 interface (current state is Up) and if it goes down the priority will be deduced by 10” -> Answer B is correct.

The default Hello and hold time of HSRP is 3 and 10 seconds, respectively so R2 is using the default values -> Answer D is correct.

Although the current master router is 10.10.1.3 but it has lower priority than R2 (85) -> Answer E is not correct.

Question 11

Explanation

HSRP is a Cisco-proprietary protocol developed to allow several routers or multilayer switches to appear as a single gateway IP address. This protocol is described in RFC 2281.

Question 12

Explanation

Switch_A is not configured standby track priority value so it will use the default track priority of 10 -> When Switch_A goes down, its priority is 200 – 10 = 190 so Switch_B must be configured with a priority higher than 190. Also Switch_B must have the “preempt” command configured to take over the active state -> C is correct.

Note: Answer A is not correct because Switch_B has the same priority value of Switch_A, but the Switch_B’s ip address on the HSRP interface is higher (10.10.10.2 is higher than 10.10.10.1) so Switch_B will take over the active state of Switch_A even when Switch_A is still operational.

Comments
  1. bierrrr
    January 13th, 2020

    @John2020 If the active router goes down and comes back up but there’s no preempt configured it will not attempt to become active again.

  2. Yr
    January 16th, 2020

    Q12 Answer “A” cold be correct too. Because
    Switch_B(config-if)#standby 1 track interface fa 1/1
    this Fa 1/1 is interface swith B not A and may be up when interface Fa 1/1 of swith A is down. So A will take ower.
    But answer “C” correct in any reason – it take ower in any case when Fa 1/1 sw A went down.

  1. No trackbacks yet.