HSRP Vs VRRP

Hemakumar Sampath · ‎12-21-2012

Hi All,

Can you please give me the operational differeance between HSRP and VRRP

Jeff Van Houten · ‎12-21-2012

There are none other than the transport protocol used for the keepalive messages. Hsrp is proprietary to Cisco products. Vrrp is an industry adopted standard that is an alternative to hsrp.

Sent from Cisco Technical Support iPad App

cadet alain · ‎12-21-2012

Hi,

HSRP is cisco proprietary and VRRP is open standard

HSRP has premption disabled by default and VRRP has preemption enabled by default

HSRP version 1 vMAC is 0000.0c07.acxx where xx is hexadecimal representation of the standby group number

VRRP uses vMAC 0000.5e00.01xx where xx is hex representation of vrrp group number

HSRP uses UDP port 1985 and 224.0.0.2( all link-local routers)

VRRP uses protocol 112 and 224.0.0.18

you can set the physical IP as VIP for VRRP( priority will be set to 254), not for HSRP

VRRP supports msec hellos natively as HSRPv2

both support authentication

both support tracking with enhanced object tracking

Regards.

Alain

Don't forget to rate helpful posts.

Joseph W. Doherty · ‎12-21-2012

Disclaimer

The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.

Liability Disclaimer

In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.

Posting

One possible issue you might see, although I don't know if it applies to Cisco's implementation of VRRP, and depending on the VRRP configuration, if gateway fails over from master to a backup the gateway won't respond to pings. Traffic will still forward correctly, though.

Although VRRP is the industry standard, some vendors have enhanced versions. Such enhancements often will not work with other vendor implementations.

Unsure it's an operational issue, but some vendor implementations of VRRP (including Cisco's ?) don't always require an interface and virtual IP, i.e. you use the master's native IP.

In a master and backup(s) configuration, recovery of master will always (?) preempt backup.

milan.kulik · ‎12-21-2012

Hi Joseph,

funny thing:

A year ago I met the same behaviour in Cisco HSRP: if gateway fails over from master to a backup the gateway won't respond to pings sent to the virtual IP address.

As those were our provider devices with some special config, the provider made the investigation and the conclusion was: an IOS bug. Not fixed yet.

BR,

Milan

Joseph W. Doherty · ‎12-21-2012

Disclaimer

The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.

Liability Disclaimer

In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.

Posting

Milan, that is interesting.

With VRRP, it might be a design "feature" for when VRRP is configured as "master" with "backup(s)".

HSRP has a virtual IP potentially shared by multiple interfaces. VRRP supports a "master" and "backup(s)" so there is a conceptual difference for the latter, which is why, I assume a backup covering for a failed master doesn't respond to pings to the virtual IP since it doesn't really own the IP.

I recall (?) at one time, using brand-X equipment and VRRP, we didn't configure a "master", all routers were configured as a backup, to obtain consistent behavior for pings to the gateway IP. Don't recall if they did, or didn't, respond to pings.

Of course, you might want the master/backup(s) behavior as it can alert a simple network monitoring tool (using pings) that your master router's gateway has failed.