Imagine that you are a device in a local network (LAN), let's call it PC1 with an IP address of 192.168.10.101.
To communicate with devices outside your network, such as accessing websites, sending emails, or using online services, you need a default gateway.
This default gateway is typically a router that connects your network to the outside world.
Figure 1 – Default Gateway in a Local Network
In this example, R1 is the router acting as your default gateway.
You can verify this configuration using the ipconfig command on your PC:
C:\> ipconfig Ethernet adapter Ethernet: IPv4 Address. . . . . . . . . . . : 192.168.10.101 Subnet Mask . . . . . . . . . . . : 255.255.255.0 Default Gateway . . . . . . . . . : 192.168.10.1The default gateway (192.168.10.1) allows your PC to communicate beyond your local network.
Your device relies entirely on this default gateway to access external networks.
Figure 2 – Internet Access Through the Default Gateway
You successfully access the internet via the default gateway (192.168.10.1). Life is good—you can browse the web, send emails, and access external networks seamlessly.
What Happens If the Default Gateway Fails?
Now, imagine that R1 fails due to a hardware issue or power outage. Without a backup mechanism, your PC immediately loses connectivity to the internet and other external networks.
Figure 3 – Default Gateway Fails
At this point, you would need to manually configure your PC to use another router (if available) as the default gateway. This process is not only inconvenient but also impractical for large networks with many devices.
This is where First Hop Redundancy Protocols (FHRP) come into play. They ensure that even if one router fails, your network remains operational without requiring any manual intervention.
Answer the question below
FHRP (First Hop Redundancy Protocol) is a family of protocols designed to address the issue of default gateway redundancy. It allows multiple routers to work together as a group to provide a Single Virtual Default Gateway for all devices in the network. This ensures that if one router fails, another can seamlessly take over.
Figure 4 – How FHRP Works with Active and Standby Routers
Take a look at picture to see how these roles are distributed:
Roles in an FHRP Group
Active Router (R1)
Handles all traffic sent to the default gateway (192.168.10.3).
Responds to ARP requests for the VIP.
Standby Router (R2)
Monitors the Active Router.
Takes over the role of the Active Router if a failure is detected.
How It Works
Here’s how it works in practice:
Your PC is configured to use the VIP (192.168.10.3) as its default gateway.
The Active Router (R1) processes all traffic for devices on the network.
If R1 becomes unavailable, the Standby Router (R2) takes over the role of active router.
This redundancy means devices never lose access to the default gateway even during a failure.
Answer the question below
What does FHRP stand for?
You might be wondering:
"This sounds great but how does FHRP actually work behind the scenes?"
FHRP operates using virtual addresses, which include:
Virtual IP (VIP): The shared IP address (example 192.168.10.3) that devices use as their default gateway.
Virtual MAC: A MAC address linked to the VIP, allowing the Active Router to handle traffic.
Step 1 - ARP Request
Your PC sends an ARP request to resolve the VIP (192.168.10.3) to a MAC address.
40 % Complete: you’re making great progress
Unlock the rest of this lesson
If you’d like to continue your CCNA journey, create your free account now.
Access all free CCNA lessons
Practice with quizzes and level test
Progress tracking in your dashboard
Made by network engineers - CCNP certified
Create your Free Account1151 learners continued their CCNA journey this month