Learn packet analysis with challenging Wireshark labs (+25 advanced PCAP case-studies) !
Info·

Layer 2 and 3 Changes in First Hop Redundancy Protocols: Failover and Active-Active Mechanisms

First Hop Redundancy Protocols (FHRPs) are designed to ensure network reliability by managing changes at both Layer 2 (Data Link) and Layer 3 (Network) during failover and active-active situations. In this article, we will delve into how FHRPs handle these changes and the mechanisms behind their operation.

Also check the introduction article Basics of First Hop Redundancy Protocols: Analysis and Troubleshooting with Wireshark

Hot Standby Router Protocol (HSRP) and Multigroup HSRP (MHSRP)

Layer 2: HSRP uses a virtual MAC address shared among routers in an HSRP group. The active router assumes the virtual MAC and forwards traffic, while standby routers keep track of the active router's state. In a failover, the new active router assumes the virtual MAC, ensuring a seamless transition.

Layer 3: HSRP routers share a virtual IP address that acts as the default gateway for hosts in the subnet. The active router responds to ARP requests for the virtual IP, and in case of a failover, the new active router takes over.

MHSRP works similarly but allows multiple active routers, each handling specific VLANs. This results in an active-active or active-active configuration where all routers forward traffic simultaneously.

Virtual Router Redundancy Protocol (VRRP)

Layer 2: VRRP routers share a virtual MAC address based on the VRRP group number. The active router assumes the virtual MAC, forwarding traffic, while backup routers monitor the active's state. During a failover, the new active router assumes the virtual MAC, ensuring uninterrupted traffic flow.

Layer 3: VRRP routers share a virtual IP address that is used by hosts as the default gateway. The active router responds to ARP requests for the virtual IP, and if it fails, one of the backup routers takes over as the new active.

Gateway Load Balancing Protocol (GLBP)

Layer 2: Unlike other FHRPs, GLBP uses multiple virtual MAC addresses, one for each router in the GLBP group. These addresses are distributed among hosts, allowing for load balancing. In a failover or active-active scenario, traffic is redistributed among the remaining routers.

Layer 3: GLBP routers share a virtual IP address that serves as the default gateway. The Active Virtual Gateway (AVG) responds to ARP requests with different virtual MAC addresses, distributing traffic among Active Virtual Forwarders (AVFs).

Common Address Redundancy Protocol (CARP)

Layer 2: CARP participants share a virtual MAC address, with the active host assuming the virtual MAC and forwarding traffic. In a failover or active-active scenario, backup hosts will take over the virtual MAC, ensuring traffic continuity.

Layer 3: CARP hosts share a virtual IP address that serves as the default gateway for hosts in the subnet. The active host responds to ARP requests for the virtual IP, and in case of a failover, a backup host becomes the new active.

NetScreen Redundancy Protocol (NSRP)

Layer 2: NSRP devices share a virtual MAC address for each redundancy group. The active device assumes the virtual MAC and forwards traffic. During a failover, the new active device takes over the virtual MAC, ensuring seamless traffic flow.

Layer 3: NSRP devices share a virtual IP address for each redundancy group. The active device responds to ARP requests for the virtual IP, and if it fails, one of the backup devices takes over as the new active.

In conclusion, understanding how FHRPs manage Layer 2 and Layer 3 changes during failover and active-active situations is critical for maintaining network reliability. To deepen your expertise in packet analysis and troubleshooting, consider enrolling in our WIRED for Packet Analysis course at https://oripka.de/en/wired/.