Skip to content
  • There are no suggestions because the search field is empty.

Understanding FHRP

Because end devices depend on using a default gateway, and no mechanism exists to update it dynamically when a topology change occurs, an additional feature must be implemented. The solution comes from a concept called the First Hop Redundancy Protocol (FHRP). 

FHRP provides an effective way to improve network availability, performance, and scalability and is a valuable tool for ensuring that networks remain operational and reliable in the case of a failure of the default gateway. It allows two or more Layer 3 devices grouped together to share virtual parameters such as IP and MAC addresses, acting as a single default gateway for network devices.

The image below shows a set of Layer 3 devices where two routers, R1 and R2, work together in a group as one unit to present the illusion of a single "virtual" device (the default gateway) to endpoints in the local network. 

Routers working together in a group as a single unit to present the illusion of a single "virtual" device to the endpoints

The key point is that the "virtual device" is assigned a virtual IP address, and PC1 uses that one as a default gateway instead of any of the physical IPs of the routers. As a result, when PC1 sends data to the default gateway (the virtual IP address), only the device operating as an active unit (R1) processes the received data. 

With this approach, one of the routers is always active, while another device functions as a backup and takes over the primary role when the active one fails.

Router R2 taking over the role of the active (forwarding) router when R1 fails

Since routers within the group are constantly communicating with each other regarding its availability, when the active device fails, the backup one learns about that failure and takes over the active role transparently to other network devices and endpoints. 

Hence, endpoints see no disruption in service, even though a different device continues to operate as a default gateway for them. This is illustrated in the image above, which shows R2 taking over the role of the active (forwarding) router when R1 fails.

Also, the active device in the group is not just responsible for processing the data from the end devices that it receives but also for replying to the Address Resolution Protocol (ARP) request messages sent by endpoints asking for the MAC address of the default gateway. In such a case, the virtual MAC address is included in the ARP reply message instead of any of the physical MAC addresses of the routers.