Avoiding HSRP Configuration Errors

Avoiding HSRP Configuration ErrorsWhy is this important?

Cisco’s Hot Standby Routing Protocol (HSRP) is designed to provide router redundancy by allowing two or more routers to backup each other on an important subnet. If one router or its interface dies, a backup router takes over the group’s virtual address.

Internally, the Cisco router will allocate an HSRP group as soon as the first configuration command has been entered.

The problem occurs when a partial configuration is entered or a configuration is not completely deleted.

The HSRP group remains active, consuming some (hopefully minimal) level of internal resources. These groups are identified as being in initial state that is they are not yet operational and are waiting further configuration information to become active.

Manual determination

Use the Cisco privileged EXEC command show standby init to show HSRP groups in initial state. The default command, show standby will not display any group in initial state. An alternative is to examine the router’s configuration file.

For example the following configuration will create HSRP group 0 and assign it an IP address of 0.0.0.0, based on the input of one fragment of an HSRP configuration (shown in bold).

interface Vlan110
description { Exchange Servers }
ip address 192.168.1.2 255.255.255.240
standby priority 90
standby 1 ip 192.168.1.1
standby 1 priority 105
standby 1 preempt

Depending on the specific statements that are entered, a group number or IP address may exist in the HSRP group that is in the initial state.

More recently, we have found that some recent IOS releases will learn HSRP configuration information from the HSRP hello packets sent by neighboring routers and will create a new HSRP group that is in initial state as was the Linksys router review.

The potential problem is whether one of the affected HSRP groups should have been configured differently and redundancy that was designed into the network does not exist.

HSRP In Initial State

Automatic determination

The SNMP data used by NetMRI shows the state of all HSRP groups, providing the visibility into partially configured groups that is not available via the Cisco CLI. NetMRI checks this data and reports an issue for any group that is in initial state.

The configuration of the device identified by the IP Address and Device Name field of the issue details should be examined to identify any partial HSRP configuration statements.

Look for ip standby statements that are missing the group number (if the group number in the issue is zero) or missing an IP address (if the Virtual IP is 0.0.0.0).

Further reference:

Use the Cisco search engine to search for the following named documents:

Syntax for the show standby command for seeing HSRP groups in the initial state.
Understanding and Troubleshooting HSRP Problems in Catalyst Switch Networks
How HSRP works and the state transitions.
HSRP Support for ICMP Redirects

Leave a Reply

Your email address will not be published. Required fields are marked *