2019 International Multi-Conference on Industrial Engineering and Modern Technologies (FarEastCon)

Performance Evaluation of First Hop Redundancy

Protocols for a Computer Networks of an Industrial
Enterprise

Zemtsov A.
Department of Computers and Systems
Volgograd State Technical University
Volgograd, Russian Federation
E-mail: ecmsys@yandex.ru

Abstract—First Hop Redundancy Protocols are an important FHRPs provide redundancy of the default gateway for IP
part of high availability network design. The common ones are hot hosts at OSI layer 3 [[3]]. Two or more routers can share the
standby redundancy protocol, gateway load balancing protocol, same virtual IP address. This virtual IP address is configured in
and virtual router redundancy protocol. This paper compares the the end devices as the default gateway. The group consists of an
performance of the three protocols by measuring the time the active router and one or more standby routers. In the event that
network of an industrial enterprise takes to recover from a fault. A the active router fails, the standby device takes over after a period
simple network topology is presented using GNS3 network of time known as the convergence time [[4]].
emulator. After the tests are concluded, suggestions are given to
improve the performance of these protocols. A virtual router is an abstract representation of the active
router as well as one or more redundant routers operating in the
Keywords—FHRP; HSRP; VRRP; GLBP; GNS3; router; hot standby mode. One such solution is Cisco's proprietary
network redundancy; failover; availability; gateway protocol; network protocol HSRP, version 1 of the protocol was described in RFC
convergence. 2281 [[5]]. There is no RFC for version 2 of the HSRP. The
active router is responsible for forwarding packets sent to the
I. INTRODUCTION
virtual IP address of the group.
The growing influence of information and communication
technologies in all areas of human activity forms more stringent End devices use the ARP address resolution protocol to
requirements for the reliability indicators of modern resolve the MAC address associated with the default gateway IP
communication networks. For large industrial enterprise address. The active router responds to ARP requests with a
networks, a network downtime of just a few minutes a year can group's virtual MAC address. Frames that are sent to the virtual
lead to extremely large losses [[1]], which makes it relevant to MAC address are processed by the active router at OSI layer 1
study the resiliency of the network, including the network and 2.
recovery after faults and failures [[1], [2]]. Faults and failures of Active and standby routers are selected during the election
important infrastructure network elements can significantly affect process. An election process takes place on the basis of a
the productivity of various industrial enterprises. preconfigured priority value. The router with the highest priority
Link failures are a major threat that occurs within the network becomes the active router. If all routers have the same priority,
topology. Redundancy is an effective and widely used method for the router with the highest IP address becomes the active router.
a drastic increase in reliability indicators in technical systems. Since the HSRP process starts, the router goes through a series of
One way to achieve this is to use equipment in cold standby states before it becomes an active router. Priority may be
mode. However, this approach does not provide business different for different VLAN to implement load balancing [[6]].
continuity. Devices that are members of the HSRP group exchange hello
messages to detect router failure. The virtual IP address has to be
To ensure fault tolerance of routing, including reducing the in the same subnet as the physical interface.
convergence time, modern technological solutions can be used,
which are based on router virtualization, which consists of GLBP is also a Cisco proprietary default gateway redundancy
combining a group of routers into a virtual router acting as a protocol [[7]]. It is specifically designed for load balancing. The
default gateway. router with the highest priority becomes the Active Virtual
Gateway (AVG). The AVG responds to ARP requests sent by

978-1-7281-0061-6/19/$31.00 ©2019 IEEE

 2019 International Multi-Conference on Industrial Engineering and Modern Technologies (FarEastCon)
hosts to the virtual IP address. In order to implement load link failure. For simplicity, routing information protocol RIPv2
balancing, the AVG responds to ARP requests with different has used since it a very small topology.
MAC addresses belonging to different routers in the group. The
routers forwarding packets are called Active Virtual Forwarders
(AVF). Both the AVFs and AVG have backups in a similar way
to HSRP active router. [3]
The major difference between the first two protocols and
VRRP is that VRRP is an open IETF standard RFC5798 [[8]].
VRRP is also very similar to HSRP in that it assigns the
responsibility of a single virtual IP address to multiple VRRP
configured routers on a LAN. Subsequent paragraphs, however,
are indented. Configuration options of these protocols are
described in [[9]].
II. METHODOLOGY
To study the network recovery processes in case of failures, a
testbed network was designed with dual routers as shown by Fig.
1. The redundancy protocols are compared in terms of their
failover times. Various simulators can be used to configure
FHRPs the common ones being Cisco Packet Tracer, Cisco
VIRL, and GNS3. GNS3 is used by many large companies
including U.S. Navy, Intel, IBM, Huawei, Juniper, Citrix, HSBC,
HP, Alcatel-Lucent, Walmart, Exxon, AT&T, NASA, etc.
GNS3 was selected because GNS3 has a feature called
Dynamips which allows to install and run real OS images. Real
Cisco IOS images are used thus it more closely mimics the
behavior of real routers.
In the testbed network topology, three Cisco routers are used Fig. 1. Base testbed network topology.
and they are connected together using Fast Ethernet interfaces.
Both the active and the standby router reside on the The end device is running a very small Linux distribution
192.168.1.0/24 network. A NAT cloud is used to provide called Alpine Linux and it has been configured a default gateway
connectivity to the Internet. of virtual IP address is 192.168.1.1. Proper configuration of the
network is verified by pinging Google DNS address 8.8.8.8 as
Communication between routers is specified using routing shown by Fig. 2.
protocols. These protocols enable routers to select routes between
two nodes in a network. Routing protocols are responsible for
distributing routing information between routers enabling them to
gain knowledge of paths to networks that are not directly Fig. 2. Verifying internet connectivity.
connected.
Several articles have been published that outline the various Fig. 3 shows performing a tracing route on the end device to
configuration options for HSRP, VRRP and GLBP [[3], [4], [10]- ensure that packets are being forwarded by the active router
[13]]. Ibrahimi et al. [[12]] and Rahman et al. [[13]] show an 192.168.1.3.
approach using a continuous stream of Internet Control Message
Protocol echo requests to show the duration of a link failure.
Pavlik et al. [[14]] demonstrate a more accurate method to
Fig. 3. The output of traceroute on PC.
determine the interval between missing and restored replies using
timestamps from a packet sniffer. None of the studies investigate To get a close approximation of the failover time for each
the time taken to restore a link after the primary link recovers. protocol, a continuous stream of ICMP packets is sent from the
A router running routing protocols store multiple paths to a end device. Link failure is simulated by shutting down the
network. Each protocol implements an algorithm for selecting the interface FastEthernet 1/0 on R2. The ping packets are captured
best path for forwarding packets. Dynamic routing protocols can using Wireshark and the timestamps are used to measure the
automatically adjust to changes in the topology or a device or failover time. For example for HSRP ICMP capture showing
HSRP failover of approximately 10.889 seconds as shown by
Fig. 4.

978-1-7281-0061-6/19/$31.00 ©2019 IEEE

 2019 International Multi-Conference on Industrial Engineering and Modern Technologies (FarEastCon)
‫ݐ‬
‫ݐ‬ ‫ ݌݀ ݐ‬ሺ‫ݐ‬ሻ
‫ߣ Ͳ׬‬ሺ‫ݐ‬ሻ݀‫ ݐ‬ൌ െ ‫Ͳ׬‬ ൌ െ Ž ‫݌‬ሺ‫ݐ‬ሻ ȁ ൌ െ Ž ‫݌‬ሺ‫ݐ‬ሻ (3)
‫݌‬ሺ‫ݐ‬ሻ
Ͳ
Potentiating, we get that the probability ‫݌‬ሺ‫ݐ‬ሻ is equal to
‫ݐ‬
Fig. 4. Wireshark captured ICMP traffic. ‫݌‬ሺ‫ݐ‬ሻ ൌ ‡š’ ቂെ ‫ߣ Ͳ׬‬ሺ‫ݐ‬ሻ݀‫ݐ‬ቃ (4)

The failover time would be calculated by subtracting the ‫݌‬ሺ‫ݐ‬ሻ is the probability that a router that has worked in the
circled timestamps. interval of time ሾͲǡ ‫ݐ‬ሿ without failure, fails in the interval
ሾ‫ݐ‬ǡ ‫ ݐ‬൅ ݀‫ݐ‬ሿ.
III. NETWORK AVAILABILITY CALCULATION
For the presented testbench, the survival function of the
Network availability can be defined as the period of time that FHRP group for general redundancy of equally reliable routers
the network is delivering services divided by the amount of time R2 and R3 with a hot standby will be written as:
it is expected to deliver services. Availability is often expressed ʹ
as a percentage. An availability of 99.999 is generally regarded as ܵሺ‫ݐ‬ሻ ൌ ͳ െ ൫ͳ െ ‫݌‬ሺ‫ݐ‬ሻ൯ (5)
the target availability for most networks. When designing a
network before it is possible to calculate the actual availability, it The MTBF is provided by the manufacturer, which for this
is necessary to calculate the theoretical availability. Before the popular model of router is 442,000 hours. It is easy to find that
theoretical availability can be calculated, the network is divided the availability after 1 year, 2 years and 3 years will be 0.980376,
into units and the availability of each unit is calculated. 0.961137 and 0.942276, respectively, and the availability of the
Manufacturers are expected to supply mean time before failure FHRP group is 0.999615, 0.998489 and 0.996534.
MTBF values for calculating the availability but if not provided IV. RESULTS AND ANALYSIS
estimations have to be used. Estimations also have to be made for
the meantime to repair MTTR, which is the time expected to Convergence refers to a state in which all the routers in a
repair a faulty unit. Once these values have been determined, the network have the same topology information that represents the
theoretical availability ‫ ܣ‬is calculated as [[15]]: real state of the network [[16]]. The time is taken by a network
to converge after a fault or topology change is called the
‫ܨܤܶܯ‬
‫ ܣ‬ൌ (1) convergence time. Convergence time is a major performance
‫ ܨܤܶܯ‬൅‫ܴܶܶܯ‬
metric for routing protocols and fast convergence is an important
The total availability for the network is then determined by design goal for network engineers as it affects the time it takes a
combining the availabilities of the individual components. network to recover from a fault. The convergence time depends
Theoretically, the availability of a redundant network should on the number of routers in the network, the distance of routes
be higher than a serially connected one. However, the time taken from the point of change, the bandwidth and traffic load on the
to fail-over to the standby device should also be considered in the communication links, the load on the routers and the type of
redundancy calculations. routing protocol used.

Network redundancy is a procedure that involves including The tests were repeated several times for each protocol and
additional instances of network devices and equipment in a the average failover times for redundancy protocols were
network as a way of ensuring network availability in the event included in Ошибка! Источник ссылки не найден. and
that a network device or network path fails. Redundancy can be shown as Fig. 5.
implemented at layer 2 using spanning tree protocol but this
TABLE I. FAILOVER TIMES FOR FIRST HOP REDUNDANCY PROTOCOLS
paper looks at redundancy options at the network layer using first
hop redundancy protocol. Hot Standby Router Protocol
Test Num. 1 2 3 4 5 6 7 8
The relationship between the survival function ‫݌‬ሺ‫ݐ‬ሻ and the Time(s) 9.818 10.132 9.092 9.902 10.737 9.346 9.290 10.413
instantaneous value of the failure rate ߣሺ‫ݐ‬ሻ is determined by the Virtual Router Redundancy Protocol
expression: Test Num. 1 2 3 4 5 6 7 8
Time(s) 4.914 4.303 5.071 4.976 5.618 4.718 4.621 4.796
ͳ ݀‫ ݌‬ሺ‫ݐ‬ሻ
ߣሺ‫ݐ‬ሻ ൌ െ ‫ڄ‬ (2) Gateway Load Balancing Protocol
‫݌‬ሺ‫ݐ‬ሻ ݀‫ݐ‬ Test Num. 1 2 3 4 5 6 7 8
where ‫݌‬ሺ‫ݐ‬ሻ is the probability of router uptime or failure-free Time(s) 12.744 13.750 12.619 12.530 12.047 12.828 13.967 12.222
router operation during the time ‫ݐ‬. Integrating both sides of the
equation in time in the interval ሾͲǡ ‫ݐ‬ሿ, taking into account that From the obtained results it can be seen that there is a rather
when ‫ ݐ‬ൌ Ͳ, ‫݌‬ሺ‫ݐ‬ሻ ൌ ͳ, we get: significant difference in performance between the protocols
studied. It should be noted that in different configurations the
failover times may also vary significantly.

978-1-7281-0061-6/19/$31.00 ©2019 IEEE

 2019 International Multi-Conference on Industrial Engineering and Modern Technologies (FarEastCon)
interval on the alpine Linux host to increase the accuracy. Being
16
an open standard also makes VRRP a more attractive option as it
14 allows the use of network devices from different vendors. For
12 purposes of these tests, load balancing was disabled on GLBP.
Time (sec)

10 In situations where load balancing is a requirement, GLBP

8 would be a more favorable option. Especially in smaller
6 businesses where it would be costly to have one device lying
4
idle.
2
0 While it may be attractive to lower the timer values for faster
1 2 3 4 5 6 7 8 9 10 convergence, such is not advised on large industrial enterprise
networks due to the risk of network instability and flapping.
HSRP VRRP GLBP
REFERENCES
Fig. 5. Comparison of FHRP failover times. [1] W. Ahmed et al., “Reliability modeling and analysis of communication
networks”, Journal of Network and Computer Applications, 78, 191-215,
2017.
First hop redundant protocols mean failover times and
[2] W. Zobel, L. Khansa, “Quantifying Cyberinfrastructure Resilience against
default timer values are included in Ошибка! Источник MultiǦEvent Attacks”, Decision Sciences Journal 43(4), 687-710, 2012.
ссылки не найден.. By default HSRP and GLBP sets the time
[3] CCNA Routing and Switching Practice and Study Guide: LAN
between hello messages to 3 s and the hold time to be 10 s [[17]- Redundancy, http://www.
[19]]. HSRP and GLBP timers can be set with millisecond ciscopress.com/articles/article.asp?p=2204384&seqNum=4, last accessed
accuracy [20]. It should be noted that shorter timer values make 2019/08/01.
the backup group too sensitive, which may decrease its [4] P. Oppenheimer, “Top-Down Network Design”, 3rd edn. Cisco Press,
effectiveness [[4], [16]]. Indianapolis, 2011.
[5] Cisco Hot Standby Router Protocol (HSRP),
TABLE II. FHRPS MEANS FAILOVER TIMES AND DEFAULT TIMER VALUES https://tools.ietf.org/html/rfc2281, last accessed 2019/08/01.
[6] Hot Standby Router Protocol Features and Functionality,
Protocol Hello interval Hold timer Convergence time https://www.cisco.com/c/en/us/ support/docs/ip/hot-standby-router-
HSRP 3 10 9.823 protocol-hsrp/9281-3.html, last accessed 2019/08/01.
VRRP 1 3 4.849
[7] GLBP - Gateway Load Balancing Protocol,
GLBP 3 10 12.795
https://www.cisco.com/en/US/docs/ios/12_2t/12_2t15/feature/guide/ft_glb
p.html, last accessed 2019/08/01.
Results show a large difference in the speed of the three [8] Virtual Router Redundancy Protocol (VRRP) Version 3 for IPv4 and IPv6,
protocols. The tests were conducted using default timer values. https://tools.ietf.org/html/rfc5798, last accessed 2019/08/01.
VRRP is the fastest to converge followed by HSRP and then [9] Cisco: First Hop Redundancy Protocols Configuration Guide, Cisco IOS
GLBP. GLBP’s slow convergence can be attributed to large Release 12.2SX, Cisco, San Jose, 2011.
default preemption delay time. VRRP and HSRP are very [10] First Hop Redundancy Protocols Configuration Guide, Cisco IOS Release
similar in implementation and the time difference can be 15SY, https:// www.cisco.com/c/en/us/td/docs/ios-
attributed to a smaller default. Using similar timer values should xml/ios/ipapp_fhrp/configuration/15-sy/fhp-15-sy-book/ fhp-vrrp.html, last
accessed 2019/08/01.
reduce the time difference significantly.
[11] Configuring VRRP, https://www.cisco.com/c/en/us/td/docs/ios-
V. CONCLUSIONS xml/ios/ipapp_fhrp/configuration/xe-3s/fhp-xe-3s-book/fhp-vrrp.html, last
accessed 2019/08/01.
The results show that link failure is closely related to [12] M. Ibrahimi et al., “Deploy redundancy of internet using first hop
convergence time. In modern networks of industrial enterprises, redundancy protocol and monitoring it using IP service level agreements”,
generally, link failures have a potential loss of too many small International Journal of Engineering Science and Computing, 7(10),
15320-15322, 2017.
packets such as network control messages. Both the R2 and R3
routers are used for packet forwarding, i.e. provide load [13] Z. Rahman et al., “Performance evaluation of first HOP redundancy
protocols (HSRP, VRRP & GLBP)”, Journal of Applied Environmental
balancing. The operation of the redundant devices in the cold and Biological Sciences, 7(3), 268-278, 2017.
standby mode allows to achieve the best availability compared [14] J. Pavlik et al., “Gateway redundancy protocols”, In: 15th IEEE
to the hot standby, as well as reduce the consumption of energy International Symposium on Computational Intelligence and Informatics,
consumed. However, it must be borne in mind that the operation pp. 459-464, IEEE, Budapest, 2014.
of redundant devices in the cold standby does not provide a [15] K.S. Trivedi, “Probability and Statistics with Reliability, Queuing and
reasonable convergence time. Computer Science Applications, John Wile, 2016.
[16] C. Carthern et al., Cisco Networks: Engineers' Handbook of Routing,
The results indicate that VRRP is the fastest redundancy Switching, and Security with IOS, NX-OS, and ASA, Apress, 2015.
protocol using default timers and has more flexibility in its [17] Hot Standby Router Protocol (HSRP): Frequently Asked Questions,
configuration. This is consistent with similar tests performed by https://www.cisco.com/ c/en/us/support/docs/ip/hot-standby-router-
This experiment could be further improved by reducing the ping protocol-hsrp/9281-3.html, last accessed 2019/08/01.

978-1-7281-0061-6/19/$31.00 ©2019 IEEE

 2019 International Multi-Conference on Industrial Engineering and Modern Technologies (FarEastCon)
[18] Standby-hold-timer, [19] Timers (GLBP),
https://www.ibm.com/support/knowledgecenter/SS9H2Y_7.5.0/com. https://www.cisco.com/c/m/en_us/techdoc/dc/reference/cli/n5k/commands/
ibm.dp.doc/standby-hold-timer_interface.html, last accessed 2019/08/01. timers-glbp.html, last accessed 2019/08/01.
[20] R. Froom, B. Sivasubramanian, E. Frahim, “Implementing Cisco Switched
Networks”, Indianapolis, Cisco, 2010.

978-1-7281-0061-6/19/$31.00 ©2019 IEEE