HSRP with cisco routers

Posted on 2004-04-27
Last Modified: 2010-04-17
I would like to know if HSRP can be used with 2 different ISP's Router A will link to ISP A with IP Address 198.x.x.x (example) while Router B will link to ISP B  with IP Address 10.x.x.x So my question is can I use HSRP for inbound traffic only as a fault tolerent protocol? With out any kind of setup from the ISP's.
Question by:wuzzzy
  • 3
LVL 28

Expert Comment

ID: 10934252
Yes... but...

HSRP can only be set up on a LAN such as ethernet, not on a point-to-point serial link. if ISP A is only connected to router A, what's the point of HSRP on router B? Assuming you had ethernet connectivity to both of them, you could do what you're asking by setting up a switch with 2 vlans and connecting both routers to both VLANs and setting up your HSRP across the VLANs.

But when you have 2 ISPs, routing to your network becomes a big issue: Who decides which ISP gets the traffic bound for your network, and how is that decided? You pretty much have to use BGP if you want any control over it. And if you don't have control over it, you may have problems. But the above answers your question.

Author Comment

ID: 10939483
Thank you for the answer Mike. I thought HSRP will desinate one router as the main router where traffic will go over hence the issue of which ISP get's the traffic shouldn't be a problem until the router A goes down because of a down line or any other issues connected to router A. Then router B will kick in and take care of the traffic. I  wrote the wrong thing when I said I was worried about inbound traffic. I am only worried about keeping connectivity to the internet our users using the web for work and items like that. So it's outbound not in.
As for setting up a switch it's not too much of a issue. That's something I can do easily. The issue right now for BGP is it will cost us close to $10,000 a year to setup. it's either that or a router aggregator. such as fatpipe's. Thank you for your help
LVL 28

Expert Comment

ID: 10941377
Well for outbound traffic the 2 routers should coordinate the default routes that they generate into your network. Or if its a very small network, you can use HSRP on the LAN side of the routers to provide a single default gateway. I don't know your design.

As far as BGP, I don't know why it would cost you $10,000 per year. It's just a routing protocol. What you do need is some address space that you own, whatever that is- even a fraction of a class C. You can get your own BGP AS number for not much money, or you may be able to coordinate using the same private AS number with both ISPs. You don't need big beefy equipment or anything- 2600s would be fine. You can tell the ISPs what routes you want- probably just a default route, and maybe the main ones that they each own. No one in their right mind would take the whole internet routing table.
LVL 11

Expert Comment

ID: 10944493
HSRP lets clients the *next* hop fail over from one router to another.  So on a LAN, it can fail over the default gateway from one to another for outbound traffic.

But on the inbound side, failing over from one ISP to another (without BGP, etc) means a change of destination IP address that needs to propagate back all the way to the remote host(s) involved in current conversations.  That won't work.

LVL 28

Accepted Solution

mikebernhardt earned 250 total points
ID: 10944599
Isn't that what I said about HSRP ?  :-)

Changing ISPs and their destination address on his network has nothing to do with the remote hosts and their conversations with users. It's just another hop along the way. The routers handle it, whether it's a static route or BGP. That's not to say that the connectivity glitch this would cause might not cause some sensitive applications to reset their connections. But in most cases it's transparent to the end users.


Featured Post

Manage your data center from practically anywhere

The KN8164V features HD resolution of 1920 x 1200, FIPS 140-2 with level 1 security standards and virtual media transmissions at twice the speed. Built for reliability, the KN series provides local console and remote over IP access, ensuring 24/7 availability to all servers.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Can Cisco resolve internet address internally 4 53
Add Mac address reservation to Sonicwall TZ 210 router 1 62
Expanding Subnet Mask 20 157
Router Question 12 55
Creating an OSPF network that automatically (dynamically) reroutes network traffic over other connections to prevent network downtime.
How to set-up an On Demand, IPSec, Site to SIte, VPN from a Draytek Vigor Router to a Cyberoam UTM Appliance. A concise guide to the settings required on both devices
After creating this article (, I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (, I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

828 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question