HSRP & VRRP Questions
If you are not sure about HSRP, please read our HSRP tutorial.
Quick VRRP overview: + is IETF RFC 3768 standard |
Question 1
Explanation
When you change the HSRP version, Cisco NX-OS reinitializes the group because it now has a new virtual MAC address. HSRP version 1 uses the MAC address range 0000.0C07.ACxx while HSRP version 2 uses the MAC address range 0000.0C9F.F0xx.
HSRP supports interface tracking which allows to specify another interface on the router for the HSRP process to monitor in order to alter the HSRP priority for a given group.
Question 2
Explanation
If you change the version for existing groups, Cisco NX-OS reinitializes HSRP for those groups because the virtual MAC address changes.
Question 3
Question 4
Explanation
The main disadvantage of HSRP and VRRP is that only one gateway is elected to be the active gateway and used to forward traffic whilst the rest are unused until the active one fails. Gateway Load Balancing Protocol (GLBP) is a Cisco proprietary protocol and performs the similar function to HSRP and VRRP but it supports load balancing among members in a GLBP group.
Note: Although GLBP is not a topic for this exam but not sure why we still have this question!
Question 5
Explanation
HSRP consists of 6 states:
State | Description |
Initial | This is the beginning state. It indicates HSRP is not running. It happens when the configuration changes or the interface is first turned on |
Learn | The router has not determined the virtual IP address and has not yet seen an authenticated hello message from the active router. In this state, the router still waits to hear from the active router. |
Listen | The router knows both IP and MAC address of the virtual router but it is not the active or standby router. For example, if there are 3 routers in HSRP group, the router which is not in active or standby state will remain in listen state. |
Speak | The router sends periodic HSRP hellos and participates in the election of the active or standby router. |
Standby | In this state, the router monitors hellos from the active router and it will take the active state when the current active router fails (no packets heard from active router) |
Active | The router forwards packets that are sent to the HSRP group. The router also sends periodic hello messages |
Please notice that not all routers in a HSRP group go through all states above. In a HSRP group, only one router reaches active state and one router reaches standby state. Other routers will stop at listen state.
Question 6
Explanation
A VRRP router receiving a packet with the TTL not equal to 255 must discard the packet (only one possible hop) -> B is correct.
Currently there are three VRRP versions which are versions 1, 2 and 3 -> E is correct.
VRRP uses multicast address 224.0.0.18 and supports plaintext or MD5 authentication.
Question 7
Question 8
Explanation
The main disadvantage of HSRP and VRRP is that only one gateway is elected to be the active gateway and used to forward traffic whilst the rest are unused until the active one fails. Gateway Load Balancing Protocol (GLBP) is a Cisco proprietary protocol and performs the similar function to HSRP and VRRP but it supports load balancing among members in a GLBP group.
Question 9
Explanation
SSO HSRP alters the behavior of HSRP when a device with redundant Route Processors (RPs) is configured for stateful switchover (SSO) redundancy mode. When an RP is active and the other RP is standby, SSO enables the standby RP to take over if the active RP fails.
The SSO HSRP feature enables the Cisco IOS HSRP subsystem software to detect that a standby RP is installed and the system is configured in SSO redundancy mode. Further, if the active RP fails, no change occurs to the HSRP group itself and traffic continues to be forwarded through the current active gateway device.
Question 10
Explanation
In fact, VRRP has the preemption enabled by default so we don’t need the “vrrp 10 preempt” command. The default priority is 100 so we don’t need to configure it either. But notice that the correct command to configure the virtual IP address for the group is “vrrp 10 ip {ip-address}” (not “vrrp group 10 ip …”) and this command does not include a subnet mask.
Question 11
Explanation
The “preempt” command enables the HSRP router with the highest priority to immediately become the active router.
Question 12
Question 2
Which behavior can be expected when the HSRP versions is changed from 1 to 2?
A. Each HSRP group reinitializes because the virtual MAC address has changed
B. No changes occur because version 1 and 2 use the same virtual MAC OUI
C. Each HSRP group reinitializes because the multicast address has changed
D. No changes occur because the standby router is upgraded before the active router
Answer: C
Explanation
When you change the HSRP version, Cisco NX-OS reinitializes the group because it now has a new virtual MAC address. HSRP version 1 uses the MAC address range 0000.0C07.ACxx while HSRP version 2 uses the MAC address range address range 0000.0C9F.F0xx.
Shouldn’t the answer be “A” as the MAC is changing?
@that one dude i would agree the answer might be A
224.0.0.2
HSRP version 1 uses the multicast address 224.0. 0.2. HSRP version 2 uses multicast address 224.0. 0.102 for its communication.Sep
Question answer should be A
When you change the HSRP version, Cisco NX-OS reinitializes the group because it now has a new
virtual MAC address.
https://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus3548/sw/unicast/503_A1_1/l3_nx-os/l3_hsrp.pdf
Question 2 is 100% A. The Mac address changes when you change versions:
“When the HSRP version is changed, each group will reinitialize because it now has a new virtual MAC address.”
source: https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/ipapp_fhrp/configuration/15-mt/fhp-15-mt-book/fhp-hsrp-v2.html
@Digitaltut,
Q6 is not added in the composite i believe
Question 6.
VRRP Limitations
The switch supports either HSRP or VRRP, but not both. The switch cannot join a stack that has both HSRP and VRRP configured.
The VRRP implementation on the switch does not support the MIB specified in RFC 2787.
The VRRP implementation on the switch supports only text -based authentication.
The switch supports VRRP only for IPv4.
Which statement about VRRP is true?
A. It supports load balancing
B. It can be configured with HSRP on a switch or switch stack
C. It supports IPv4 and IPv6
D. It supports encrypted authentication
Answer is D
?
vrrp group authentication md5 key-string [0 | 7] key-string [timeout seconds]
Specifying 7 means the key will be encrypted. The key-string authentication key will automatically be encrypted if the service password-encryption global configuration command is enabled.
anyone can confirm ?
VRRP Limitations
The switch supports either HSRP or VRRP, but not both. The switch cannot join a stack that has both HSRP and VRRP configured.
The VRRP implementation on the switch does not support the MIB specified in RFC 2787.
The VRRP implementation on the switch supports only text -based authentication.
The switch supports VRRP only for IPv4.
what would be the correct answer ?
Hi Digital Tut, Can you please explain Qn.6 please ? as to how B is the answer.
QN 6 please update
Why is the corret answer ?
Which statement about VRRP is true?
A. It supports load balancing
B. It can be configured with HSRP on a switch or switch stack
C. It supports IPv4 and IPv6
D. It supports encrypted authentication
Answer is D
Question 6a ;)
Which statement about VRRP is true?
A. It supports load balancing
B. It can be configured with HSRP on a switch or switch stack
C. It supports IPv4 and IPv6
D. It supports encrypted authentication
B is correct on all routing devices, D is correct only on routers, not on Multilayer-Switches.
result: B is correct
Question 5 (HSRP states)
IMO correct answers are: A,E,F (INIT, listen, speak)
See example debug (standby router)
debug output (standby router):
*Jan 8 19:20:10.095: HSRP: Et0/1 Grp 1 Disabled -> Init
*Jan 8 19:20:11.101: HSRP: Et0/1 Grp 1 Init -> Listen
*Jan 8 19:20:23.013: HSRP: Et0/1 Grp 1 Listen -> Speak
*Jan 8 19:20:33.672: HSRP: Et0/1 Grp 1 Speak -> Standby
Even though some cisco documentation lists Learning state – it is not present in ENCOR Student Learnig Guide.
Question 7:
C. It supports IPv4 and IPv6
Virtual Router Redundancy Protocol (VRRP) Version 3 for IPv4 and IPv6
https://tools.ietf.org/html/rfc5798
@Anonymous: This question does not mention which VRRP version so B is still the better answer.
digitaltut – Yes, Question 7, Answer B still the best answer :)