Skip to Content

HSRP vs. VRRP vs. GLBP

This last week, I ended up doing a basic deployment over at the AT&T NOC here in Mesa, Arizona. There's nothing like the feeling of walking into a NOC, complete with full hand scanners that also check for a pulse equipping each door, hundreds of racks of equipment, the fan whir so loud that you can't hear yourself think. Ah, I'm slipping back into it just thinking about it.
Back to the topic at hand.

This redundant topology just begged to use one of the redundancy protocols: HSRP, VRRP, or GLBP. The big question is...which one? ...and why? Well, me being a Cisco spud, I immediately gravitated to HSRP since that's all I know very well. But before I left, I decided to check out the competition, here's what I found:

Cisco Hot-Standby Router Protocol (HSRP):

  • Created by Cisco, for Cisco in 1994
  • Uses a default hello timer of 3 seconds with a hold timer of 10 seconds

Virtual Router Redundancy Protocol (VRRP)

  • Created by the IETF in 1999
  • Works between multiple vendors
  • Has faster timers than HSRP by default - hello of 1 second, hold timer of 3 seconds

Gateway Load Balancing Protocol (GLBP)

  • Created by Cisco, for Cisco in 2005
  • Identical features to HSRP, but allows an active-active connection that adds load-balancing features

Since this client had no need for load balancing, I decided to go with the VRRP option. The configuration was a piece of cake:
Router1(config-if)#vrrp 1 ip 10.1.6.1 (they obviously used a real IP address)
Router1(config-if)#vrrp 1 preempt
Router1(config-if)#vrrp 1 priority 100
Router2(config-if)#vrrp 1 ip 10.1.6.1
Router2(config-if)#vrrp 1 preempt
Router2(config-if)#vrrp 1 priority 120 

Your rating: None Average: 4.8 (4 votes)

Comments

There are a few more

There are a few more differences between HSRP and VRRP... In VRRP the standby speaker doesn't send out hellos, while they do in HSRP. Threw me for a loop the first time I ran into it (Nokia IPSO hardware). I'm not so sure it's supported on all the hardware that HSRP is, either.
Sean

Wow - that's one I didn't

Wow - that's one I didn't know! When I was testing this with AT&T, I also found out that if the VRRP failover occurs, the IP address of the VRRP group is not ping-able. You can still ping THROUGH the VRRP connection, but just not TO the VRRP IP address. Only if the active router is active will the VRRP group IP address be ping-able. I haven't quite figured out why that is yet...Any ideas?

Under IPSO it's a setting

Under IPSO it's a setting under VRRP configuration, though I don't recall any differentiation between the primary and a backup... You just tell each individual node whether or not it will respond to requests on the VRRP address. I took a look through the 12.4 docs for VRRP and didn't see anything. Are you sure it wasn't an L2 problem?
Sean

If I setup HSRP between 2

If I setup HSRP between 2 routers with a virtual IP shared between them on say the LAN side, would I need to set this up on the WAN side also? This refers to an ISP I used to work for but still help every now and then. They have a multi-link frame relay connection provided/owned by Sprint w/2800 router, ge uplinks into 3640 fe0/0 port owned by ISP, fe0/1 uplinks into a static ospf network. Would HSRP need to be setup on both sides of the 3640?

I suppose I didn't look at

I suppose I didn't look at the picture long enough. I was distracted by the NAT translation out to the left of the pix. Anyways I now see the virtual IP is on both sides of the routers.

I think you can also make

I think you can also make some load-balancing with HSRP. This is a little bit "tricky" but still : You can use two HSRP groups, the first assigns an active router, the second a standby one.
cheers

This looks like the setup we

This looks like the setup we are looking for. However, after testing it appeared there may be an issue with outgoing traffic appearing from the non-virtual ip address of the router. Is that correct? Could it be a nat issue? Any help would be greatly appreciated.

Why not use GLBP? You sated

Why not use GLBP? You sated that the client didn't need load balancing.
Anyway, it's always better to let the standby gateway do some stuff instead of doing nothing (load balancing). The only case I go against load balancing is:
1) the standby gateway is very unstable
2) the standby gateway is very slow

For load balencing VRRP sends

For load balencing VRRP sends more hellos which means these packets are shooting every second and may congest a network with alot of users, but may be good for smaller networks. anything flowing through the network takes bandwidth. EIGRP pretty much takes care of the all the routing really well even if you make mistakes. Anyways so why use HSRP?

You can edit HSRP's timers

You can edit HSRP's timers lower than VRRP and obviously if your devices don't support VRRP.

Can any one explain me that

Can any one explain me that GLBP provides Load balancing but what about VRRP, does it provides Load balancing or not

Good Document... I found it

Good Document...
I found it very useful while implementing VRRP feature for router

HSRP permit a 'static' load

HSRP permit a 'static' load balancing (not like GLBP). An example could be found on http://www.ciscozine.com/2008/11/01/how-to-optimize-hsrp/

Introduced in the Cisco IOS

Introduced in the Cisco IOS Release 12.2(15), Gateway Load Balancing Protocol (GLBP) is supported by Cisco 1700, 2600, 3620, 3631, 3640, 3660, 3725, 3745, 7100, 7200, 7400, 7500 series. GLBP is a Cisco proprietary protocol that attempts to overcome the limitations of existing redundant router protocols (HSRP, VRRP, …) by adding basic load balancing functionality.
GLBP provides load balancing over multiple routers (gateways) using a single virtual IP address and multiple virtual MAC addresses.
More info on http://www.ciscozine.com/2008/11/18/configuring-redundancy-with-glbp/

GLBP provides load balancing

GLBP provides load balancing over multiple routers (gateways) using a single virtual IP address and multiple virtual MAC addresses. Each host is configured with the same virtual IP address, and all routers in the virtual router group participate in forwarding packets. GLBP members communicate between each other through hello messages sent every 3 seconds to the multicast address 224.0.0.102, User Datagram Protocol (UDP) port 3222 (source and destination).
Info on http://www.ciscozine.com/2008/11/18/configuring-redundancy-with-glbp/

VRRP, not being a cisco

VRRP, not being a cisco proprietary protocol, has any shortfall over HSRP and GLBP ???
so among all three protocols, which is the best protocol and why ?

FYI, according to

FYI, according to packetlife's VRRP Cheat Sheet ( http://packetlife.net/blog/2008/sep/15/hsrp-vrrp-glbp-cheat-sheet/ )
"VRRP does not support IPv6, as IPv6 can provide more robust router discovery through its Neighbor Discovery Protocol."

Hi, this is very

Hi, this is very helpful.
What am wondering is...is there a solution where I can have an automatic fail-over to the same ISP. Scenario is, one router, two gateways (IPs and physical ports) due to two different connections (one is on fiber the other on broadband).
Cisco ip sla works up to the point where the main link goes down (fiber) and takes up the backup (broadband), but the traffic from the data center does not return to the the backup connection. Kindly advise what I need add...maybe a router at the data center to re-direct traffic to the backup...etc, how can I go about it.
PS: The broadband and fibre routers at the data center are different, I think thats why the traffic does not know where to go when the back up link is on. Any suggestions???

i got one task to..heres the

i got one task to..heres the details:
one of my site is having 2 routers having 2 links each..one router is 1800 series having 2 links and other one is cisco 2800 having 2 links..
the task is to configure another L3 3750 switch in this way by which if any of the 3 links goes down then the network load must be terminated on the remaining one link without affecting any of the services..currently i m having default routing on the routers and L3 is currently without configuration...please let me know the solution soon.

I have some expirience with

I have some expirience with VRRP and you can do load sharing but not on the same interface. What /i do to have load sharing scenario is to devide the interfaces mastership between the 2 rounters.
That way I don´t end up with 1 CPU doing all the work. It works perfectly.

You can do load balancing

You can do load balancing with all the protocols. For HSRP and VRRP, two groups (2 gateway ip addresses) are needed and half of the clients point to gateway 1 and the rest point to gateway 2 even they are belonging to the same VLAN.
With GLBP, only one gateway is needed. Router with higher priority takes up all the ARP request from clients and reply with different virtual MAC address (using Round Robin by default) from the GLBP group
HSRP and GLBP support interface tracking, if one of the wan interface having problems, the priority of the internal interface will get deducted and causing alternative interface takes care of the traffic
VRRP can assign same ip address to the interface as the gateway address, so it saves one ip address but HSRP cannot
HSRP
Router1#
int f0/0
ip address 192.168.1.11 255.255.255.0
standby 1 ip 192.168.1.1
standby 1 priority 120
standby 1 preempt
standby 2 ip 192.168.1.2
standby 2 preempt
standby 1 track s1/1 30
no shut
Router2#
int f0/0
ip address 192.168.1.12 255.255.255.0
standby 2 ip 192.168.1.2
standby 2 priority 120
standby 2 preempt
standby 1 ip 192.168.1.1
standby 1 preempt
standby 2 track s1/2 30
no shut
GLBP
Router1#
int f0/0
ip address 192.168.1.11 255.255.255.0
glbp 1 ip 192.168.1.1
glbp 1 priority 200
glbp 1 preempt
no shut
Router2#
int f0/0
ip address 192.168.1.12 255.255.255.0
glbp 1 ip 192.168.1.1
no shut

hi, i faced a question in an

hi,
i faced a question in an interview ,
that is hsrp supports for how many routers?
can anybody help me?
It's possible to use GLBP with one router and two switches?

Yes you can but it shoud be

Yes you can but it shoud be L3 swithes . and hsrp up to 0-255 router will supports.

Holy cow! Its incredible what

Holy cow! Its incredible what you able to do with a fast internet connection.

HSRP router supports up to

HSRP router supports up to 255

We have 2 router 1800 and 2

We have 2 router 1800 and 2 link of 2Mbps each from different ISP. Is it possible to do load sharing and load balancing using these routers.
Tajender Singh
9560595094

Loadbalancing

Better you use GLBP if you wish to do true loadbalancing....!!!!!



Dr. Radut | blog