What is FHRP in Networking?

By /

Listen to this Post

FHRP stands for First Hop Redundancy Protocol, a group of protocols designed to ensure high availability of the default gateway in a network. In a typical setup, hosts on a LAN are configured with a single default gateway. If that gateway fails, all traffic leaving the subnet fails too. FHRPs solve this by providing automatic failover between multiple routers.

Common FHRP Protocols:

  • HSRP (Hot Standby Router Protocol): Cisco proprietary; allows one active router and one or more standby routers.
  • VRRP (Virtual Router Redundancy Protocol): Open standard; similar to HSRP but allows the master router to be any router.
  • GLBP (Gateway Load Balancing Protocol): Cisco proprietary; provides redundancy and load balancing across multiple gateways.

How FHRP Works:

  1. Virtual IP Address is shared among multiple routers.
  2. One router is elected as active (or master).
  3. Other routers are in standby or backup state.
  4. If the active router fails, another router automatically takes over the virtual IP and continues forwarding traffic.

Why Use FHRP?

  • Minimizes downtime
  • Ensures uninterrupted network access
  • Provides seamless failover
  • Supports load balancing (GLBP only)

You Should Know:

1. Configuring HSRP on Cisco Routers

To set up HSRP on a Cisco router, use the following commands: 

interface GigabitEthernet0/0 
ip address 192.168.1.1 255.255.255.0 
standby version 2 
standby 1 ip 192.168.1.254 
standby 1 priority 110 
standby 1 preempt 
standby 1 track GigabitEthernet0/1 20

– `standby 1 ip 192.168.1.254` sets the virtual IP.
– `standby 1 priority 110` assigns a priority (higher = preferred active).
– `standby 1 preempt` allows the router to reclaim active status if it comes back online.
– `standby 1 track` monitors another interface and adjusts priority if it fails.

2. VRRP Configuration on Linux (Keepalived)

For Linux-based redundancy, use `keepalived` for VRRP:

sudo apt install keepalived -y

Edit `/etc/keepalived/keepalived.conf`:

vrrp_instance VI_1 { 
state MASTER 
interface eth0 
virtual_router_id 51 
priority 100 
advert_int 1 
authentication { 
auth_type PASS 
auth_pass secret 
} 
virtual_ipaddress { 
192.168.1.254/24 
} 
}

Restart the service:

sudo systemctl restart keepalived

3. Verifying FHRP Status

  • Cisco HSRP Verification: 
    show standby brief
  • VRRP Verification (Linux): 
    ip addr show eth0 
journalctl -u keepalived -f

4. Simulating Failover for Testing

  • Shut down the active router’s interface: 
    interface GigabitEthernet0/0 
shutdown
  • Check standby takeover: 
    show standby

5. GLBP Load Balancing

Configure GLBP for redundancy + load balancing:

interface GigabitEthernet0/0 
glbp 1 ip 192.168.1.254 
glbp 1 priority 150 
glbp 1 preempt 
glbp 1 load-balancing round-robin

What Undercode Say

FHRP is essential for maintaining network resilience. Whether using HSRP, VRRP, or GLBP, these protocols ensure minimal downtime. For Linux admins, Keepalived offers a robust VRRP implementation, while Cisco environments rely on HSRP/GLBP. Always test failover scenarios and monitor logs (show standby, journalctl). Load balancing with GLBP optimizes traffic distribution, making it ideal for high-availability setups.

Expected Output:

  • A functional FHRP setup with automatic failover.
  • Verified logs confirming active/standby transitions.
  • Successful load balancing (if using GLBP).
  • Reduced downtime during gateway failures.

References:

Reported By: Ahmed Bawkar – Hackers Feeds
Extra Hub: Undercode MoN
Basic Verification: Pass ✅

Join Our Cyber World:

💬 Whatsapp | 💬 TelegramFeatured Image

Related Posts: