NetworkingCCNA

First Hop Redundancy Protocols (HSRP, VRRP, GLBP) Explained for CCNA

Devices on a network are configured with one default gateway address. The moment that gateway router fails, every device on the segment loses its internet connection, even if a backup router is sitting right there on the same LAN ready to help. First Hop Redundancy Protocols solve this by making two or more routers share a single virtual IP and MAC address. Devices talk to the virtual gateway and never need to know which physical router is currently handling traffic. On CCNA, HSRP is tested most heavily: you need to understand the election, the preemption behavior, and why the default settings can surprise you.

7 min

3 sections · 6 exam key points

The problem FHRPs solve

End hosts are configured with one default gateway IP. They do not monitor whether that gateway is alive. If the router with that IP fails, packets pile up with nowhere to go. Reconfiguring every host with a new gateway address is not a realistic option in a production network.

FHRPs solve this by presenting a virtual IP address that is never tied to any physical router. Two or more routers share this virtual identity. One is active and handles traffic. The other watches and waits. If the active router fails, the standby takes over and begins responding to ARP for the virtual IP. From the hosts' perspective, the gateway never changed.

HSRP, VRRP, and GLBP

HSRP (Hot Standby Router Protocol) is Cisco-proprietary. Routers exchange Hello messages every 3 seconds. If a standby router does not hear from the active router for 10 seconds (the hold timer), it takes over. The router with the highest HSRP priority becomes active. Default priority is 100. Ties break on the highest interface IP address.

Preemption is disabled by default in HSRP, and this catches many engineers off guard. If the active router fails and the standby takes over, then the original active router recovers with higher priority, it will NOT reclaim the active role unless standby preempt is configured. Without preemption, the current active router stays active regardless of priority.

VRRP (Virtual Router Redundancy Protocol) is the open standard equivalent. It uses the same active/standby concept (called Master and Backup) but preemption is enabled by default, the opposite of HSRP. VRRP works across different vendors.

GLBP (Gateway Load Balancing Protocol) is Cisco-proprietary and adds load balancing to the concept. All GLBP routers share the same virtual IP but each is assigned a different virtual MAC address. The AVG (Active Virtual Gateway) assigns MACs to forwarding routers called AVFs (Active Virtual Forwarders). Different hosts get different virtual MACs, so traffic distributes across all routers simultaneously instead of one active and the rest idle.

How to choose the correct answer

HSRP preemption: disabled by default. A returning high-priority router will NOT retake active without standby preempt configured. This is frequently tested as a troubleshooting scenario.

Protocol selection: Cisco-only, basic redundancy = HSRP. Open standard, multi-vendor = VRRP. Load balancing across multiple gateways simultaneously = GLBP.

HSRP election: highest priority wins. Default 100. Tie = highest IP on the HSRP interface.

Virtual MAC addresses: HSRP v1 = 0000.0C07.ACxx where xx is the group number. HSRP v2 = 0000.0C9F.Fxxx. VRRP = 0000.5E00.01xx.

FHRP comparison

Protocol	Standard	Roles	Preemption default	Load balancing?
HSRP v1/v2	Cisco proprietary	Active / Standby	Disabled	No
VRRP	Open standard (RFC 5798)	Master / Backup	Enabled	No
GLBP	Cisco proprietary	AVG / AVF	Enabled	Yes

Key exam facts — CCNA

FHRPs present a virtual IP and MAC so hosts always have a reachable gateway.
HSRP: Active/Standby. Highest priority wins (default 100). Tie = highest IP.
HSRP preemption: DISABLED by default. Configure standby preempt to re-enable active role on recovery.
VRRP: open standard. Master/Backup. Preemption enabled by default.
GLBP: load balances across all routers simultaneously using different virtual MACs per router.
HSRP Hello = 3 seconds. Hold timer = 10 seconds (3x Hello).

Common exam traps

HSRP preemption is enabled by default.

HSRP preemption is disabled by default. A higher-priority router that comes online after a lower-priority router has already become active will NOT take over the active role. You must explicitly configure standby preempt on the higher-priority router.

VRRP is Cisco-proprietary like HSRP.

VRRP (RFC 5798) is an open standard that works across multiple vendors. HSRP and GLBP are both Cisco-proprietary. VRRP is the correct choice when your network includes routers from different manufacturers.

HSRP provides load balancing by distributing traffic across active and standby routers.

HSRP has exactly one active router at a time. The standby router handles zero production traffic. GLBP provides actual simultaneous load balancing by making all participating routers active forwarders with different virtual MACs.

Practice this topic

CCNApractice questions

Test yourself on FHRP / HSRP

JT Exams routes you to questions in your exact weak areas — automatically, after every session.

Free practice test Start 7-Day Free Trial

No credit card · Cancel anytime