Cisco NX-OS/IOS HSRP Comparison
From DocWiki
Objective
This tech note outlines the main differences in Hot Standby Routing Protocol (HSRP) (IPv4) support between Cisco® NX-OS Software and Cisco IOS® Software. Sample configurations are included for Cisco NX-OS and Cisco IOS Software for some common features to demonstrate the similarities and differences. Please refer to the NX-OS documentation on Cisco.com for a complete list of supported features.
HSRP Overview
HSRP is a Cisco proprietary First Hop Redundancy Protocol (FHRP) designed to allow transparent failover for an IP client’s default gateway (first-hop router).
Important Cisco NX-OS and Cisco IOS Software Differences
In Cisco NX-OS:
- HSRP command-line interface (CLI) configuration and verification commands are not available until you enable the HSRP feature with the feature hsrp command.
- HSRP is hierarchical. All related commands for an HSRP group are configured under the group number.
- The HSRP configuration commands use the format hsrp <option> instead of standby <option>.
- The HSRP verification commands use the format show hsrp <option> instead of show standby <option>.
- HSRP supports stateful process restarts, and switchovers if two supervisor modules are present.
- The hello and hold-time timer ranges for the millisecond options are different. In Cisco NX-OS, hello = 250 to 999 milliseconds, and hold time = 750 to 3000 milliseconds. In Cisco IOS Software, hello = 15 to 999 milliseconds, and hold time = 50 to 3000 milliseconds.
- Proxy-ARP is not supported when configuring multiple HSRP groups on a physical or logical interface. Cisco IOS Software supports proxy-ARP when configuring multiple HSRP groups on an interface.
- HSRP supports Bidirectional Forwarding Detection (BFD). Cisco IOS Software does not support BFD for HSRP.
Things You Should Know
The following list provides some additional facts about Cisco NX-OS that should be helpful when designing, configuring, and maintaining HSRP-enabled networks.
- If you remove the feature hsrp command, all relevant HSRP configuration information is also removed.
- HSRPv1 is enabled by default (HSRPv2 can be enabled per interface).
- HSRPv1 supports 256 group numbers (0 to 255). HSRPv2 supports 4096 group numbers (0 to 4095).
- HSRPv1 and HSRPv2 are not compatible. However, a device can be configured to run a different version on different interfaces.
- The show running-config hsrp command displays the current HSRP configuration.
- Configuration of more than one FHRP on an interface is not recommended.
- Object tracking is supported. Tracking can be configured for an interface’s line protocol state, IP address state, and for IP route reachability (determining whether a route is available in the routing table).
- An interface can track multiple objects.
- Secondary IP addresses are supported in the same or a different group as the interface’s primary IP address.
- Load sharing can be accomplished by using multiple HSRP groups per interface
- HSRP has been enhanced for vPC environments, so both the active and standby router can forward data traffic. The primary router (higher priority) responds to ARP requests.
- Extended hold timers can be configured globally (hsrp timers extended-hold) to temporarily extend timeout values during an In Service Software Upgrade (ISSU). This prevents unnecessary HSRP switch-overs in environments that use aggressive hello/hold timers.
Configuration Comparison
The following sample code shows configuration similarities and differences between the Cisco NX-OS and Cisco IOS Software CLIs. There are two significant differences: Cisco NX-OS uses a hierarchical configuration, and it uses the hsrp keyword instead of the standby keyword for configuration and verification commands. The enhancements make the configuration easier to read and work with.
| Cisco IOS CLI | Cisco NX-OS CLI |
|---|---|
| Enabling the HSRP Feature |
| Cisco IOS Software does not have the ability to enable or disable HSRP. | feature hsrp |
|---|
| Configuring HSRP on an Interface |
| interface Ethernet2/1
ip address 192.168.10.2 255.255.255.0 standby 0 ip 192.168.10.1 | interface Ethernet2/1
ip address 192.168.10.2/24 hsrp 0 ip 192.168.10.1 |
|---|
| Configuring the priority and preempt Options |
| interface Ethernet2/1
ip address 192.168.10.2 255.255.255.0 standby 0 ip 192.168.10.1 standby 0 priority 110 standby 0 preempt | interface Ethernet2/1
ip address 192.168.10.2/24 hsrp 0 preempt priority 110 ip 192.168.10.1 |
|---|
| Modifying the Hello and Holdtime Timers (Seconds) |
| interface Ethernet2/1
ip address 192.168.10.2 255.255.255.0 standby 0 ip 192.168.10.1 standby 0 timers 1 3 | interface Ethernet2/1
ip address 192.168.10.2/24 hsrp 0 timers 1 3 ip 192.168.10.1 |
|---|
| Modifying the Hello and Holdtime Timers (Milliseconds) |
| interface Ethernet2/1
ip address 192.168.10.2 255.255.255.0 standby 0 ip 192.168.10.1 standby 0 timers msec 250 msec 750 | interface Ethernet2/1
ip address 192.168.10.2/24 hsrp 0 timers msec 250 msec 750 ip 192.168.10.1 |
|---|
| Configuring MD5 Authentication |
| interface Ethernet2/1
ip address 192.168.10.2 255.255.255.0 standby 0 ip 192.168.10.1 standby 0 authentication md5 key-string cisco123 | interface Ethernet2/1
ip address 192.168.10.2/24 hsrp 0 authentication md5 key-string cisco123 ip 192.168.10.1 |
|---|
| Configuring HSRP Version 2 on an Interface |
| interface Ethernet2/1
ip address 192.168.10.2 255.255.255.0 standby version 2 | interface Ethernet2/1
ip address 192.168.10.2/24 hsrp version 2 |
|---|
| Configuring Minimum and Reload Initialization Delay |
| interface Ethernet2/1
ip address 192.168.10.2 255.255.255.0 standby delay minimum 5 reload 10 | interface Ethernet2/1
ip address 192.168.10.2/24 hsrp delay minimum 5 reload 10 |
|---|
| Configuring Object Tracking (Interface Line-Protocol) |
| track 1 interface Ethernet2/2 line-protocol
ip address 192.168.10.2 255.255.255.0 standby 0 ip 192.168.10.1 standby 0 track 1 decrement 20 | track 1 interface ethernet 2/2 line-protocol
ip address 192.168.10.2/24 hsrp 0 track 1 decrement 20 ip 192.168.10.1 |
|---|
Verification Command Comparison
The following table compares some useful show commands for verifying and troubleshooting an HSRP configuration.
| Cisco NX-OS HSRP | Cisco IOS Software HSRP | Command Description |
|---|---|---|
| show hsrp | show standby | Displays detailed information for all HSRP groups |
| show hsrp active | - | Displays all of the groups in the “active” state |
| show hsrp all | show standby all | Displays all of the groups including groups in the disabled state |
| show hsrp bfd-sessions | - | Displays all BFD sessions |
| show hsrp brief | show standby brief | Displays a summary of all the HSRP groups |
| show hsrp delay | show standby delay | Displays minimum and maximum delay times for preempting |
| show hsrp detail | - | Displays detailed information |
| show hsrp group <#> | - | Displays detailed information for a specified group |
| show hsrp init | - | Displays all the groups in the "init" state |
| show hsrp interface | show standby int-type | Displays detailed information for a specific interface |
| show hsrp learn | - | Displays all the groups in the "learn" state |
| show hsrp listen | - | Displays all the groups in the "listen" state |
| show hsrp speak | - | Displays all the groups in the "speak" state |
| show hsrp standby | - | Displays all the groups in the "standby" state |
| show hsrp summary | - | Displays summary information for HSRP groups |
| - | - | - |
| show track | show track | Displays the configured tracked objects |
| show track brief | show track brief | Displays a brief list of tracked objects |
| show track interface | show track interface | Displays the status of tracked interfaces |
| show track ip | show track ip | Displays the IP protocol objects that are tracked |
