HSRP検証

ActiveルータのWAN側がダウンした場合

State Active
IP Src:192.168.1.253 Dst: 224.0.0.2 HSRP Hello (Active)
MAC Src: 00:00:00:07:ac:01 Dst: 01:00:5e:00:00:02

↓ ルータ切り替わり

Src 192.168.1.250 Dst: Broadcast 255.255.255.255 ARP
MAC Src: 00:00:00:07:ac:01 Dst: 01:00:00:cd:cd:cd


Helloパケットが3秒間隔でActiveルータのLAN側が落ちた場合

(ActiveルータからのHSRPパケットがStandbyに届かない場合)

Active (Active)→ Standby
 ActiveのLAN側ダウン
0秒
 Active ←(Standby) Standby 
 
3秒
 Active ←(Standby) Standby

6秒
 Active ←(Standby) Standby

9秒
 Active ←(Standby) Standby

10秒
 Active ←(Active) Standby=Active
 ←(ARP) Active  自身のMACアドレスの周知

HSRPの動作について

Packets are sent to multicast address 224.0.0.2 with TTL 1.


Hellotime: 1 octet
a default value of 3 seconds is RECOMMENDED.


Holdtime

最低でもhelloの3倍
設定がなければ、activeルータから学ぶ
a default value of 10 seconds is RECOMMENDED.

Priority: 1 octet
In the case of routers with
equal priority the router with the higher IP address wins.

Group: 1 octet
For other media value between 0 and 255 inclusive are valid.

Authentication Data: 8 octets
This field contains a clear-text 8 character reused password.
If no authentication data is configured, the RECOMMENDED default
value is 0x63 0x69 0x73 0x63 0x6F 0x00 0x00 0x00.

Virtual IP Address: 4 octets
The virtual IP address used by this group.
If the virtual IP address is not configured on a router, then it
MAY be learned from the Hello message from the active router. An
address SHOULD only be learned if no address was configured and
the Hello message is authenticated.


Preemption capability

If a router has higher priority than the active router and
preemption is configured, it MAY take over as the active router
using a Coup message.



1. Initial
This is the starting state and indicates that HSRP is not running.
This state is entered via a configuration change or when an
interface first comes up.

2. Learn
The router has not determined the virtual IP address, and not yet
seen an authenticated Hello message from the active router. In
this state the router is still waiting to hear from the active
router.

3. Listen
The router knows the virtual IP address, but is neither the active
router nor the standby router. It listens for Hello messages from
those routers.

4. Speak
The router sends periodic Hello messages and is actively
participating in the election of the active and/or standby router.
A router cannot enter Speak state unless it has the virtual IP
address.

5. Standby
The router is a candidate to become the next active router and
sends periodic Hello messages. Excluding transient conditions,
there MUST be at most one router in the group in Standby state.

6. Active
The router is currently forwarding packets that are sent to the
group's virtual MAC address. The router sends periodic Hello
messages. Excluding transient conditions, there MUST be at most
one router in Active state in the group.


the virtual MAC addresses are 0x00 0x00 0x0C 0x07
0xAC XX where XX represents the HSRP group number

HSRP有効時のリダイレクトの設定

以前のルータではHSRPが有効なインタフェースではデフォルトでリダイレクトの機能がOFFとなっていた。
現在では、HSRPが有効なインタフェースでもリダイレクト機能はONとなっている。
しかし、このリダイレクション機能では、スタンバイルータへのリダイレクションを禁止している。

ICMPリダイレクション

ICMPリダイレクションの機能とは、ホストのデフォルトGWとなっているルータがあて先への近道を知っている場合、それをホストに通知し、そちらの経路を使うように指示する機能。
 ICMP タイプ5   
 ゲートウェイ: リダイレクトするGWのアドレス