HSRP Interview Question and Answer :-
Ques. What do mean by HSRP (Hot standby Router Protocol) or What is the Use of HSRP ?
Ans. Normally we use a single gateway to reach the destination network.
but if something goes wrong in gateway we will be completely isolated from the destination network.
this is lack of redundancy
To overcome this issue and single point of failure we use the HSRP.
Actually “HSRP is used to provide default gateway redundancy”.
Ques. What is the default HSRP hello and hold down timers ?
Ans. Default Hello timer – 3 sec and Hold down timer – 10 sec.
The default hold time is 10 seconds for both versions of HSRP (v1 and v2), which is roughly three times the default hello time.
Ques. Will the standby router take over if the active router LAN interface state is up and line protocol down?
Ans. Yes, the standby router takes over once the hold time expires.
By default, this is equivalent to three hello packets from the active router having been missed.
Ques. What is the maximum number of HSRP groups can be created in the router ?
Ans. Maximum 16 groups.
Ques. Can I configure more than one standby group with the same group number ?
Ans. Yes. However, Cisco does not recommend it on lower-end platforms such as the 4×00 series and earlier. If the same group number is assigned to multiple standby groups, it creates a non-unique MAC address. This is seen as the MAC address of the router, and it is filtered out if more than one router in a LAN becomes active.
This behavior can change in future releases of Cisco IOS®.
Note: 4×00 series and earlier do not have the hardware required to support more than one MAC address at a time on Ethernet interfaces. However, the Cisco 2600 and Cisco 3600 do support multiple MAC addresses on all Ethernet and Fast Ethernet interfaces.
Ques. What is the HSRP virtual MAC address
Where- xx is group no
For example we used group no 3 then virtual MAC adress will be 0000.0c07.ac03
Ques. When an active router tracks serial 0 and the serial line goes down, how does the standby router know to become active?
Ans. When the state of a tracked interface changes to down, the active router decrements its priority. The standby router reads this value from the hello packet priority field and becomes active if this value is lower than its own priority and the standby preempt is configured. You can configure by how much the router must decrements the priority.
Note- By default, it decrements its priority by ten.
Ques. If no priority is configured, What default priority used by HSRP ?
Ans. If no priority is configured, it uses the default priority 100.
Ques. If there is no priority configured for a standby group, how to determines which router is active ?
Ans. The priority field is used to elect the active router and the standby router for the specific group. In the case of an equal priority, the router with the highest IP address for the respective group is elected as active router.
Ques. What are the limiting factors that determine how many standby groups can be assigned to a router?
Ans. Ethernet: 256 per router. FDDI: 256 per router. Token Ring: 3 per router.
Ques. Does HSRP support DDR (Dial-on-Demand Routing) ?
Ans. No, HSRP does not support Dial-on-Demand Routing (DDR) directly. However, you can configure it to track a serial interface and swap from the active to the standby router in case of a WAN link failure.
Ques. Is it possible to use HSRP to track the GRE tunnel interface ?
Ans. It is not possible to use the HSRP configuration to track the GRE tunnel interface.
However, the tunnel interface never goes down and the track never triggers failover.
Ques. Can we use HSRP to achieve load-balancing across two serial links. Is this true?
Ques. Which IP address must be seen when a reply is received for trace-route (In case of HSRP is configured)?
Ans. When a reply for trace-route is received from a hop that runs HSRP, the reply must contain the active physical IP address and not the virtual ip address.
If there is an asymmetric routing in the network due to which standby router IP address is seen in the reply for the trace-route.
Ques. Is it possible to run HSRP on an interface configured for 802.1q trunking ?
Ans. Yes it is possible to run HSRP on the interfaces configured for 802.1q. Make sure to verify that both sides of the trunk are configured to use the same native VLAN and verify that VLANs are not pruned and in the STP state for router-connected ports.
Ques. How do I perform a forced fail over of an HSRP active router without a shutdown on an interface ?
Ans. The only way to make a fail-over without an interface shut down is to manually change the priority in the HSRP configuration.
Ques. Are HSRP messages TCP or UDP ?
Ans. UDP, since HSRP runs on UDP port 1985.
Ques. HSRP does not work when an Access Control List (ACL) is applied. How can I permit HSRP through an ACL ?
Ans. HSRP hello packets are sent to multicast address 220.127.116.11 with UDP port 1985. Whenever an ACL is applied to an HSRP interface, ensure that packets destined to 18.104.22.168 on UDP port 1985 are permitted.
Ques. What are the IP source address and destination address of HSRP hello packets?
Ans. Source IP address = IP address of the Primary Interface
and Destination IP address = 22.214.171.124
Ques. Can we run NAT and HSRP together?
Ans. You can configure network address translation (NAT) and HSRP on the same router. However, a router that runs NAT holds state information for traffic that is translated through it. If this is the active HSRP router and the HSRP standby takes over, the state information is lost.
Ques. If I use a switch, what do I see on the CAM tables for the HSRP?
Ans. The content-addressable memory (CAM) tables provide a map for the HSRP MAC address to the port on which the active roster is located. In this way, you can determine what the switch perceives the HSRP status to be.
Ques. What is the default group number for HSRP?
Ans. Default Group number: 0
Ques. We are using HSRP and all hosts use the active router to forward traffic to the rest of my network. I have noticed that the return traffic comes back through the standby router. Will this cause problems with HSRP or something else ?
Ans. No, normally this is transparent to all hosts and/or servers on the LAN and can be desirable if a router experiences high traffic. In order to change this, configure a more desirable cost for the link you want the distant router to use.
Ques. What is the difference between HSRP version 1 and HSRP version 2 ?
- HSRP version 1 supports 256 groups ranging from 0 to 255, HSRP version 2 supports 4096 groups ranging from 0 to 4095.
- HSRP vesion 1 uses multicast address for sending hello messages is 126.96.36.199, HSRP version 2 uses multicast address for sending hello messages is 188.8.131.52.
- HSRP version 1 and Version 2 are having different virtual mac addresses.
- HSRP version 2 allows support for IPV6 whereas HSRP version 1 does not support.
Ques. How many states present in HSRP ? described in brief ?
Ans. 6 states present in HSRP
- 1- Initial or Disabled
- 2- Learn
- 3- Listen
- 4- Speak
- 5- Standby
- 6- Active
1- Init or Disabled – This is the state of a device that is not yet ready or able to participate in HSRP.
2- Learn – This is the state of a device that has not yet determined the virtual IP address and has not yet seen a hello message from an active device.
3- Listen – This is the state of a device that is receiving hello messages.
4- Speak – This is the state of a device that is sending and receiving hello messages.
5- Standby – This is the state of a device that is prepared to take over the traffic forwarding duties from the active device.
6- Active – This is the state of the device that is actively forwarding traffic.
Ques. What message are used in HSRP Communications ?
Ans. In HSRP, three types of multicast messages are sent between the devices:
Hello – The hello message is sent between the active and standby devices (by default, every 3 seconds). If the standby device does not hear from the active device (via a hello message) in about 10 seconds, it will take over the active role.
Resign – The resign message is sent by the active HSRP device when it is getting ready to go offline or relinquish the active role for some other reason. This message tells the standby router to be ready and take over the active role.
Coup – The coup message is used when a standby router wants to assume the active role (preemption).
Ques. How does TACACS/RADIUS accounting work with HA routers with HSRP?
Ans. If routers are configured in HA mode (that run HSRP in-between them), then the active and standby routers act as one logical unit and share the same IP and MAC address.
Only the active router generates the accounting record with a particular virtual IP address and updates the TACACS/RADIUS server.
If the standby generates the accounting record with the same address, there is duplicate data in the backend RADIUS/TACACS server.
Therefore, in order to avoid duplication of data, the standby router does not generate accounting records.
Ques. Is it possible to run HSRP between two routers on two different interfaces?
Ans. Yes, it is possible to run HSRP on two interfaces on two different routers. In order to have HSRP on two interfaces on two different routers, two HSRP groups are needed .