Today we look more in detail about the secured extension of Real time Transport protocol (RTP) known as Secure Real-Time Transport Protocol, its packet structure, how it works, its advantages and use cases.

SRT or Secure Real-Time Transport Protocol 

Voice over IP (VoIP) has taken over traditional PSTN networks over years and more and more voice calls are shifting from PSTN to VoIP where most people are not aware that security vulnerabilities introduced by VoIP are susceptible to denial of service (DDoS) attacks and VoIP traffic can be mislead or corrupted using DNS hijacking. 

It was published in 2004 by IETF (Internet Engineering Task Force) under RFC 3711. SRTP or Secure RTP is a security profile for RTP which adds confidentiality, integrity, message authentication, and replay protection to RTP protocol. SRTP provides protection for voice over IP traffic as it has minimal impact during usage on voice quality and payload overhead. Its secure variants provide support for authentication algorithms such as HMAC-SHA1 and MD5 and key definition schemes such as PSK, MKI and FT.

Secure RTP is the profile of RTP and not a different protocol but when security is used and packet payload is encrypted it is Secure RTP. RTP is designed to handle play out requirements of real time media streams using time stamps and jitter buffering. Due to the real time nature of data streams, transmissions requests could be a costly affair, it is used in conjunction with UDP to provide lower overhead communication between two systems or endpoints. 

Pros and Cons of Secure RTP 

PROS

• Wider acceptance to new encryption algorithms
• Secure for unicast and multicast RTP applications
• High throughput and low packet expansions
• Lower bandwidth and computational costs
• Higher tolerance for packet loss and packet recording 
• Advanced Encryption Standard (AES) used as default cipher for encryption / decryption by Secure RTP
• Works independently of transport, network and physical layers used by RTP

CONS

• Only encrypts the payload of RTP packets and not for RTP extension headers
• Only available for business applications not meant for individual consumers
• Usage of selective forwarding mixer to optimize RTP parameters results in disruption of end-to-end security between peer-peer systems 

How does SRTP (Secure Real-Time Transport Protocol or Secure RTP) work?

Secure RTP uses TLS for encryption, using a handshake (which is depicted in figure below). 

The client and server exchange the keys which are unique for each session, and used to encrypt and decrypt data for data getting transferred between them. SRTP uses AES-CTM – VoIP standard and AES-f8 – used in 3g data networks.

Continue Reading:

12 Most Important Network Protocols Explained

GLBP: Gateway Load Balancing Protocol

Load balancing is one of the key requirements in networks and it can be achieved in several ways such as round robin, host dependent and weighted. Protocols supporting load balancing have the capability to use multiple physical gateways in simultaneous manner based on which packet forwarding takes place. These load balancing protocols provide first hop gateway redundancy in LAN. In LAN users are configured with default IP gateway, local router IP address configured as proxy to communicate to remote users. 

LAN uses MAC address of the gateway router with a proxy ARP method. If the gateway router has failed it will impact LAN users as a single point of connection. First hop redundancy protocols have two or more routes to support shared MAC address and advertise ARP queries to LAN users so if the primary router fails the backup router will take up control of traffic going to that MAC.

Today we look more in detail about GLBP (Gateway Load Balancing Protocol) which provides first hop gateway redundancy, its working, how to configure GLBP? etc.

What is Gateway Load Balancing Protocol?

GLBP provides two basic functions as a virtual gateway protocol quite similar to HSRP and VRRP. It provides redundancy like first hop redundancy and also provides load balancing functionality. It is a Cisco proprietary protocol and unlike its counterparts HSRP and VRRP protocols which work in standby/ redundancy mode for packet forwarding , it uses multiple physical gateways simultaneously. Load balancing is achieved by utilizing a single virtual IP address and multiple virtual MAC addresses across multiple routers. Let’s look at some of the terms associated with GLBP to understand its working in a better manner. 

Actual virtual gateway (AVG) is elected within each group and all other members of the group act as elected AVG backups. Hello and Holdtime timers are used to monitor its state. Hello value is ‘3’ and Holdtime value is ‘10’ seconds by default. GLBP routers use local multicast address 224.0.0.102 to send Hello packets every ‘3’ seconds to its peers over UDP 3222. 

The AVG is responsible for assignment of virtual MAC addresses to all routers operating within the GLBP of the group thus enabling Active virtual forwarders (AVFs). AVFs take on the responsibility of forwarding packets sent to their virtual MAC address. 

If AVG fails, AVF having highest priority is designated as AVG and hence becomes responsible for providing MAC addresses of AVFs. If one AVF fails, another AVF in the same group will become responsible for packet forwarding. In a GLBP group maximum four routers are there. 

Algorithm Types: Gateway Load Balancing Protocol

GLBP uses three types of algorithm for load balancing as described below.

• Round-Robin: Serial wise assignment of virtual MAC address by AVG to AVFs such as AVF1, AVF 2 and so on. 
• Host-dependent: AVG assigns specific AVF to a particular host if it needs a specific virtual MAC address every time.
• Weighted: Load distribution will happen according to requirement by assignment of virtual MAC address in proportions; so, weight is changed if there is a need for some AVFs to handle more traffic than their other counterparts.

Features of Gateway Load Balancing Protocol

• Load balancing over multiple paths. 
• Supports up to 1024 virtual routers on each physical interface of router with GLBP groups and 4 virtual forwarders within a group. 
• Traffic from LAN users can be shared by multiple routers. 
• Authentication methods supported are clear text and MD5.

Sample Configuration: Gateway Load Balancing Protocol

In the topology above, routers – Router 1 and Router 2 are there. Router 1 is connected via f0/0 IP address – 10.1.1.1/24 and Router 2 is connected via fa0/0 IP address 10.1.1.2/24.

Step 1 : IP address assignment to Router 1

Router1(config)# int fa0/0

Router1(config)# ip add 10.1.1.1 255.255.255.0 

Step 2: IP address assignment to Router 2

Router2(config)# int fa0/0

Router2(config)# ip add 10.1.1.2 255.255.255.0 

Step 3: Configure virtual IP , GLBP load balancing type, priority, and pre-emption for Router1

Router1(config-if)# glbp 1 ip 10.1.1.100

Router1(config-if)# glbp 1 priority 120

Router1(config-if)# glbp 1 preempt

Router1(config-if)# glbp 1 load-balancing round-robin

Step 4: Configure virtual IP , GLBP load balancing type, priority, and pre-emption for Router2

Router2(config-if)# glbp 1 ip 10.1.1.100

Router2(config-if)# glbp 1 priority 100

Router2(config-if)# glbp 1 preempt

Router2(config-if)# glbp 1 load-balancing round-robin

Continue Reading:

12 Most Important Network Protocols Explained

What is VLAN Trunking Protocol (VTP)?

In today’s lesson we will cover in detail about twelve most important networking protocols, their features, purposes they are meant for and so on.

List of 12 Most Important Network Protocols

The very first important protocol in this list is ARP. 

Address Resolution protocol (ARP) –

It is a communication layer protocol used for identification of Media access control (MAC) address given the IP address basically mapping between data link layer and network layer. ARP translates IP address into MAC address, this is required because IP address and MAC address have different lengths. IPv4 addresses are 32 bit long and IPv6 addresses are 128 bit long whereas MAC address is a device physical hardware number which is 12 hexadecimal digits split into six pairs. The translated address is stored in the ARP cache table when a new device joins the network. Below figure depicts the ARP packet structure. 

Border Gateway Protocol (BGP) –

BGP is an intern domain protocol which uses path vector routing for communication. It is a gateway protocol which is used to exchange routing information between autonomous systems on the Internet. It is an open standard protocol which can run on any window device. It is the only protocol which operates on the Internet backbone and it is an application layer protocol which uses TCP for communication. 

Domain Name System (DNS) –

DNS is an application layer protocol which defines how an application processes runs on different systems and passes messages to each other. It is a directory service which provides mapping between the network host and its numerical address. It is required to enable Internet functioning. Each node in a tree is a domain name, and full domain name is a sequence of symbols specified by dots (.). This service performs translation of domain name into an IP address. 

Dynamic Host Configuration Protocol (DHCP)-

DHCP works on IP networks and assigns them IP addresses. It allows hosts to communicate effectively with each other. DHCP also assigns subnet mask in addition to IP address, default gateway address, the domain name server address and pertinent configuration parameters. DHCP allows systems to request IP addresses and other network parameters automatically from Internet service providers. The TCP/IP protocol supports DHCP for automatic assignment of a unique IP address to each connected device and keeping a track of them.

File Transfer Protocol (FTP)-

Is a network protocol based on client / server architecture model. It is an Internet protocol provided by TCP/IP and used to transfer files from one host system to another host system. It is majorly used to transfer web page files and also used to download files from other servers.

Hypertext Transfer Protocol (HTTP) –

HTTP is used to access data on the World Wide Web (WWW). It is used to transfer data in the form of plain text, hypertext, audio, video formats. It is quite similar to FTP as it also transfers files from one host to another host but it is simpler as it uses only one connection i.e., no control connection for files transfer. 

Internet Protocol (IP) –

Internet protocol is used for sending packets from source location to destination location. The main task of IP is to deliver the packets from source to destination based on IP addresses available in the packet header. It defines the packet structure which hides data which is to be delivered as well as the addressing method which labels the datagram with information on source and destination.

Open Shortest Path First (OSPF) –

OSPF is widely used and supported routing protocol as an interdomain protocol and used within an area or a network. It is an interior gateway protocol which is designed within a single autonomous system. It is based on a link state routing algorithm in which each router contains information of every other domain based on which shortest path is determined and its goal is to learn paths.

Simple Mail Transfer Protocol (SMTP) –

SNTP is an electronic mail transmission network protocol. It is used to send messages to other systems based on email address. It provides mail exchange between users on the same or different systems and it also supports sending a single message to multiple recipients, messages which include video, audio, and graphics, and also send messages outside the network.

Telnet –

Telnet is an application protocol used on Internet which provides bi-directional interactive session which uses a virtual terminal connection. It establishes connection between remote endpoint and host machine to enable a remote session. Telnet lacks security protections however to secure communication.

Transmission Control Protocol (TCP) –

TCP is a transport layer protocol which facilitates transmission of packets from source to destination. It is a connection-oriented protocol which establishes connection prior to communication. It takes data from the application layer and divides it into several packets and numbers them before transmission. 

User Datagram Program (UDP) –

UDP is also a transport layer network protocol but it is unreliable as it is a connectionless state and does not provide an acknowledgement mechanism unlike its counterpart TCP. It works by encapsulating the data into a packet and providing its own header then it is encapsulated to the IP packet and sent to destination.

Continue Reading:

Enabling and Configuring Network Configuration Protocol in a Managed Device

Understand and Configure the UDLD Protocol

In today’s lesson we will cover in detail about Cisco proprietary protocol unidirectional link detection (UDLD), how it works and how to configure UDLD. 

UDLD Protocol 

UDLD is a Cisco proprietary protocol which enables switches to auto detect when a bi-directional link fails due to improper port connection, hardware failure and becomes unidirectional. Usually switches forward and receive data packets between source and destination , links required to be bi-direction to send / receive both. This ensures dual communication. Usually, fiber optics connections are prone to have undetected unidirectional link failures because they do not depend on loop paths to transmit data unlike Ethernet etc.

In electrical medium like twisted pair cables unidirectional link failures can occur and go unnoticed in endpoints. The presence of unidirectional links lead to magnitudes of problems which include forwarding and spanning tree loops that could lead to network outage / breakdown. Cisco UDLD needs to be configured on all switches and interfaces. A UDLD configured switch will send advertisements and expects to receive ‘hello’ response from its neighbours in designated hold time (by default it is 15 minutes), if no response is received in stipulated time, then unresponsive interface is disabled by UDLD. 

Configure UDLD Protocol 

Switches by default do not come enabled with UDLD so we have to configure them manually. The very first step is to set up the network. 

We assume switch A has two interfaces – GigabitEthernet0/0/0 and GigabitEthernet0/0/1 

Connect GigabitEthernet0/0/1 to GigabitEthernet0/0/0 switch B

Connect GigabitEthernet0/0/2 to GigabitEthernet0/0/0 switch C

Turn on UDLD in normal mode – udld port 

Turn on UDLD in aggressive mode – udld aggressive 

Switch A 

SwitchA> enable

SwitchA# configure terminal

In global configuration mode 

SwitchA(config)# interface gigabitethernet0/0/1

SwitchA(config-if)# udld port

SwitchA(config-if)# end

Now repeat same steps for interface gigabitethernet0/0/2

SwitchA(config)# interface gigabitethernet0/0/2

SwitchA(config-if)# udld port

SwitchA(config-if)# end

UDLD is now set for SwitchA 

Switch B

SwitchB> enable

SwitchB# configure terminal

In global configuration mode 

SwitchB(config)# interface gigabitethernet0/0/0

SwitchB(config-if)# udld port

SwitchB(config-if)# end

Switch C

SwitchC> enable

SwitchC# configure terminal

In global configuration mode 

SwitchC(config)# interface gigabitethernet0/0/0

SwitchC(config-if)# udld port

SwitchC(config-if)# end

To verify configuration state type below command

SwitchA# show udld gigabitethernet0/0/1

…

Port enable administrative configuration setting: Enabled

Port enable operational state: Enabled

Current bidirectional state: Bidirectional

Current operational state: Advertisement – Single neighbor detected

Message interval: 15

Time out interval: 5

This indicates UDLD protocol is enabled on switch interface but in normal mode it will mark it only as ‘undetermined’ with a notification and other network layers can still try to interface with it so solution to this problem is using aggressive mode. Let us see how to setup switch interface in aggressive mode. 

For SwitchA GigabitEthernet1/0/1 interface enter below command 

SwitchA> enable

SwitchA# configure terminal

SwitchA(config)# interface gigabitethernet0/0/1

SwitchA(config-if)# udld port aggressive

SwitchA(config-if)# end

Now UDLD is set up in aggressive mode so when a unidirectional link is encountered the protocol will mark it as ‘error disabled’ instead of ‘undetermined’ and that will stop all traffic to it.

Continue Reading:

What is VLAN Trunking Protocol (VTP)?

What is HSRP (Hot Standby Router Protocol) ?

• connection establishment,
• data transfer phase and
• connection termination.

TCP connection is managed by the operating system through a resource which represents the local end point for communications. The lifetime of a TCP connection goes through various stages. 

Today we look more in detail about 11 states of TCP connection, how it works, and its diagrammatic presentation for ease of understanding. 

TCP Transition

A TCP connection is full duplex and established using a three-way handshake.

A connection in TCP passes through a series of states during its timespan. These states are namely –

• LISTEN,
• SYN-SENT,
• SYN-RECEIVED,
• ESTABLISHED,
• FIN-WAIT-1,
• FIN-WAIT-2,
• CLOSE-WAIT,
• CLOSING,
• LAST-ACK,
• TIME-WAIT and
• Fictional state CLOSED.

11 States of TCP

Let’s look more in detail about each of the connection states. 

A TCP connection moves from one state to another in response to events. 

Continue Reading:

TCP/IP MODEL vs OSI MODEL: Detailed Comparison

HTTP vs TCP : Detailed Comparison

With the earlier versions, only stateful configuration was possible which involved the necessity of an intermediate presence of a DHCP (Dynamic Host Configuration Protocol) server. But, with the advent of IPv6, there is no such need of this support for connecting the network devices over the internet. The devices are able to automatically generate a local IP address and carry on with their tasks.

This feature became an absolute necessity because of the increased number of devices over the internet in these times. Therefore, with the IPv6, the need of having a DHCP server for IP address allocation is snapped out and instead easing out the process for the network devices.

Heading back to the name, “stateless” means that the DHCP server need not recognize the presence of a network device for allotting it an IP address.

Steps:

The steps that are followed by a device to auto generate the IP address are as listed below:-

1. Generation of local link address: A local address is allotted to the device that joins the internet. The address contains 10 bits going as 1111111010 and then follows 54 zeroes and an interface identifier of 64 bits.
2. The Uniqueness test: To check the uniqueness of the address, a uniqueness test of the device address is undertaken.
3. Address Assignment: Link local address is allotted to the IP interface after clearing the uniqueness test. This link is not usable for internet, but, only for the local network.
4. Contact with Router: A local router is contacted by the network device for moving ahead in the process of auto configuration.
5. Directions from Router: For the further steps in the configuration process, the device receives the directions from the local router.
6. Global Internet Address: A unique global internet address is generated by the device. The router assigns the address which includes the device identifier and network prefix.

 Merits of IPv6 Stateless Auto Configuration:

The advantages of stateless auto configuration are as follows:-

• The presence of a Dynamic Host Configuration Protocol (DHCP) is not required for the IP address assignment.
• No manual configuration of network devices is required on the network. The devices can immediately connect and auto configures IP addresses on the network.
• The stateless auto configuration is economical as the need of a proxy server or a DHCP server is evicted.
• It facilitates high speed communication and data transportation over the internet.
• It is compatible with wireless networks.

 Demerits of Stateless Auto Configuration:

• For the host to check whether the address is already in use or unique, more bandwidth use is needed.
• To prevent the auto configuration from happening, a DOS attack can be made by any unethical user or attacker.
• Until a dynamic DNS is used, the auto-configured address cannot be name served.

 Application:

Due to the influx of network devices over the internet, the advent of stateless auto configuration was bound to be made. It not only eases out the process of connection of network devices over the internet, but, also enables usage of wireless networks and permits multiple other network devices to access the internet from any hotspots of the world.

This feature of IPv6 has a variety of applications in communication and networking of digital devices like refrigerators, televisions, microwaves, washing machines and many more such devices with the internet. The plugging of the device to the internet has just become a matter of time taken in blinking of an eye and with this feature has also escorted a brand new era of Internet of Things wherein almost all of the electronic devices would be able to connect through the internet.

Related – Features of IPv6 Addressing

In this article we will learn more about FTP and how it works, setting up FTP access on systems, its features, functions and limitations in this article.   

About – FTP (File Transfer Protocol)  

File transfer protocol (FTP) is a standard network protocol used for transferring computer files between a client and a server across a computer network. Users can use FTP via a command line interface such as DOS in Windows and Terminal in UNIX systems or MacOS.

To login to FTP server a user name and password is required and the port number (When logging from command line interface). The FTP protocol uses port 20 and 21 by default. FTP can also work anonymously where the default user name can be ‘anonymous’ or email address as the password. 

File Transfer Types

FTP supports two kinds of file transfers: Binary and ASCII

• ASCII is a 7-bit character set which contains 128 characters. Any file which is text based such as HTML, TXT, PostScript etc are ASCII files. 
• Binary files have a different structure and require different transfer types which includes images, applications, algorithm generated packages such as .ZIP, and much more. 

Use of Browser FTP let you offer limited functionality to download files. Some examples of FTP Servers and its clients are FileZilla server and FileZilla, SolarWinds and WinSCP, Serv-U and SmartFTP. 

Features of FTP Access   

• FTP is one of the fastest ways to transfer files from one computer to another computer.
• FTP is very efficient as we do not need to complete all the operations to get the entire file.
• FTP access is secure as we need to login with username and password
• FTP allows you to transfer the files back and forth. 

How to set up FTP Server?

FTP works in the Client – Server model. The server hosts the files to be shared and the client provides the interface to access, download or upload files to the file server. The systems transferring files can be within the same network where FTP is configured or could be outside the network (Over the Internet). FTP uses two ports, one for connection and one for sending data.

FTP runs in two modes – Active and Passive.

It uses two channels: command and data channel.

• Command channel is used for sending commands and responses and
• Data channel is meant for sending data.
• In Active mode client launches command channel and
• In passive mode both command and data channels are established by client. 

Open channel on FTP client and server

Data and other communications from clients should be able to reach FTP server to allow outgoing data and other communications from the client to FTP server. 

Server-side Port 21 to be opened for initiating connection. The port used by the server to respond to clients can be between Port 21 to 1022. 

Perquisites

• FTP requires IIS. Both IIS and FTP should be installed for the configuration of FTP server
• A ‘root’ folder to publish FTP

%SystemDrive%\ftp\ftproot

• Set permissions to allow anonymous access to the folder

“ICACLS “%SystemDrive%\ftp\ftproot” /Grant IUSR:R /T”

“%SystemDrive%\ ftp \ftproot”

• The root folder should be set as the path for your FTP site. The software firewall (like Windows firewall or Symantec) should allow connections to the FTP server

Step 1 : Enabling FTP in Windows if IIS is not installed

If IIS is not installed:

• Go to Start > Control Panel > Administrative Tools > Server Manager in Windows Server Manager.
• Go to Roles node. Right-click on Roles and click Add Roles
• In the Add Roles window, open Server Roles and check Web Server (IIS).
• Proceed through the setup wizard and click Install. Let installation to be completed 

Step 2 : Transferring files

To transfer files, add an FTP site. Post FTP site is enabled, clients can transfer to and from the site using the FTP protocol.

Step 3 : Setting up FTP site

Go to Start > Control Panel > Administrative Tools > Internet Information Services (IIS) Manager

Expand Local server in IIS console

Right click on sites , Add FTP site type the FTP server name and the content directory path, and click Next. The directory path should be the same as the one we set permissions to allow anonymous access. Above, we used:

%SystemDrive%\ ftp \ftproot

In  ‘Binding and SSL Settings’ type the IP address of the server

Check the Start FTP Site Automatically option. Choose SSL Based on Constraint. Click Next.

Select Basic for authentication and Click Finish to complete FTP site creation 

Step 4: Accessing files on the FTP server

To access files on the FTP server, open a file explorer and type ftp://serverIP. The FTP server asks for a username and password. Enter the username and password (Windows or Active Directory credentials) and click Logon. The files and folders display under the FTP server.

Continue Reading:

Difference between File Level Storage and Block Level Storage

HTTP vs TCP : Detailed Comparison

In this article, we will discuss on HSRP protocol, related terminologies, its operation and configuration. We will cover following points:-

Topic Content

1. Understanding FHRP
2. Definition of HSRP
3. HSRP Packet
4. Key Points
5. Operation and Configuration of HSRP
6. Conclusion

Understanding FHRP

Network resiliency is key component of network design. Modern network requires an important consideration to deal with the network failure. With this understanding, First Hop Redundancy Protocols was developed and employed in majority of network to provide resiliency, availability and redundancy. From the client’s perspective if the gateway goes down, then access to an entire network will go down. First Hop Redundancy protocols (FHRP) will allow default gateway redundancy, it means provision of having more than one default gateway.

In the event of a router failure, there’s a backup device that will kick in and transparent to their users, continue to forward traffic to remote networks, thus avoiding the situation of isolation. We implement a first hop redundancy protocol to deal with gateway redundancy. Below are the 3 types of FHRP technology:-

1. Hot Standby Router Protocol (HSRP)
2. Virtual Router Redundancy Protocol (VRRP)
3. Gateway Load Balancing Protocol (GLBP)

Related – HSRP vs VRRP

Definition of HSRP

Hot Standby Router Protocol (HSRP) is a CISCO proprietary protocol, provides a mechanism which is designed to support non-disruptive failover of IP traffic in certain circumstances. UDP port is 1985. In this case, two or more routers give an illusion of a virtual router. HSRP allows you to configure routers as standby and only a single router as active at a time. All the routers in a HSRP group share a single MAC address and IP address, which acts as a default gateway to the local network. The Active router forwards the traffic. If active router fails, the Standby router takes up all the responsibilities of the active router and forwards the traffic.

Hot Standby Router Protocol (HSRP) Packet

Version Number is 8 bit HSRP version. Whether it is version 1 or 2.

Opcode is 8 bit.

• Op Code 0 – Hello. The HSRP is running and is capable of becoming the active or standby router.
• Op Code 1 – Coup. The router become the active router.
• Op Code 2 – Resign. The router is no longer the active router.

HSRP States is 8 bit.

1. Active – This is the state of the device that is actively forwarding traffic.

2. Init or Disabled – This is the state of a device that is not yet ready or able to participate in HSRP.

3. Learn – This is the state of a device that has not yet determined the virtual IP address and has not yet seen a hello message from an active device.

4. Listen – This is the state of a device that is receiving hello messages.

5. Speak – This is the state of a device that is sending and receiving hello messages.

6. Standby –  This is the state of a device that is prepared to take over the traffic forwarding duties from the active device.

Hello time is 8 bits. The interval between successive HSRP hello messages from a given router is a 3 sec.

Hold time the interval between the receipt of a hello message and the presumption that the sending router has failed after 10 sec.

Priority is 8 bits.
Default priority is 100. Router with a higher priority wins. Priority field is used in election process the active and standby routers. In tie breaking situation, highest IP address wins.

Group is 8 bit.
This field identifies the standby group between 0 to 255.

Reserved is 8 bit.

Authentication Data is a 64 bit.
This field contains a clear text of 8 character reused password. If no authentication data is configured, the RECOMMENDED default value is 0x63 0x69 0x73 0x63 0x6F 0x00 0x00 0x00.

Virtual IP Address is 32 bits.
The virtual IP address used by this group. If the virtual IP address is not configured on a router, then it may be learned from the Hello message from the active router. An address should only be learned if no address was configured and the Hello message is authenticated.

 Key terminologies

• Active router: Primary router.
• Standby router: Backup router.
• Standby group: Set of routers that participate in HSRP.
• Virtual MAC address:MAC address is created by HSRP internal mechanism. The first 24 bits will be default i.e. 0000.0c. 16 bits are HSRP IDe. 07.ac. 8 bits is the group number.
• Virtual IP: This IP used by group virtual IP to forward traffic from LAN.
• Priority: Default priority is 100. Router with a higher priority wins. Priority field is used in election process of active and standby routers. In tie breaking situation highest IP address wins.
• Version 1: Multicast address is0.0.2 and uses the UDP port 1985.Group number range from0–255.
• Version 2: Multicast address is0.0.102 and uses the UDP port 1985. Group number range from 0 – 4095.
• Preemption: HSRP Preemption enables the router with the highest priority to immediately become the Active router.
• Interface Tracking: We can choose an interface tracking and if the link goes down it decrements the priority of active router in order for standby router to take over role of active router.
• Load Balancing: Multiple HSRP groups for multiple subnets have both routers in active state for different subnets and passive for the other subnets. This way it is able to utilize all available resource.

Related – HSRP vs VRRP vs GLBP

Operation and Configuration of HSRP

• User generates traffic from LAN towards WAN router.
• It uses virtual IP and MAC as a default gateway, the virtual IP address is chosen by the administrator, and the MAC address is auto generated. For version 1, a MAC address is 0000.0c07.acXX where XX is the group number in hex format. For Version 2 MAC address is 0000.0c9f.fXXX, with the last 3 digits again representing group number in hex format.
• HSRP configured in groups. In HSRP group consists of an active router and a standby router. Active router is responsible for ARP requests and handling packet forwarding. Hello messages are sent every 3 seconds to the standby router. HSRP multicast addresses are 224.0.0.2 for v1 and 224.0.0.102 for v2.

Configuring HSRP

Conclusion

In summary, HSRP provides layer 3 redundancy in network via virtual IP and MAC, interface tracking, and load balancing. A group of physical routers, acting as a single virtual router, advertise a single IP address and MAC address into network.

It communicates on TCP or UDP on port numbers 5060 or 5061. SIP  has got a range of different messages with each having lot of additional data, thus making it a heavier protocol.

SIP requires registration including a username and password. It is generally used with non-cisco IP PBX like Asterisk etc. It is used for modifying, establishing and terminating IP communication sessions with one or more participants.

The main drawback of SIP is that it supports less features and SIP supported phones work more on manual mode (not automatic).

Related – SIP vs PRI