FHRP eliminates single-gateway failure
Use VRRP on distribution switches so that a router failure does not isolate an entire production cell.
5.6 FHRP
NAT solves the address exhaustion problem, but it does not solve the gateway redundancy problem. If the default gateway fails, all devices on the subnet lose connectivity. FHRP addresses this.
FHRP — First Hop Redundancy Protocols
Section titled “FHRP — First Hop Redundancy Protocols”A subnet has one default gateway. If that gateway fails, every device on the subnet loses access to other networks. FHRP (First Hop Redundancy Protocol) provides gateway redundancy by allowing two or more routers to share a single virtual IP (VIP) address.
How FHRP Works
Section titled “How FHRP Works”Two routers share a VIP. One router is active (forwards traffic), the other is standby (monitors the active router). Clients use the VIP as their default gateway. If the active router fails, the standby takes over the VIP within seconds.
HSRP vs VRRP
Section titled “HSRP vs VRRP”| Feature | HSRP (Cisco) | VRRP (Open Standard) |
|---|---|---|
| Standard | Cisco proprietary | RFC 5798 |
| Active/Standby terms | Active / Standby | Master / Backup |
| Virtual MAC | 0000.0c07.acXX | 0000.5e00.01XX |
| Multicast address | 224.0.0.2 (v1), 224.0.0.102 (v2) | 224.0.0.18 |
| Preemption | Disabled by default | Enabled by default |
| Timer default | 3s hello, 10s hold | 1s advertisement |
VRRP (Virtual Router Redundancy Protocol) is the open standard. Hirschmann switches support VRRP. Use VRRP in OT networks for gateway redundancy at the distribution layer.
Why FHRP Matters for OT
Section titled “Why FHRP Matters for OT”In OT networks, a gateway failure isolates an entire production cell. PLCs cannot reach the SCADA server. HMIs cannot reach the historian. FHRP ensures the gateway is always available, even during a router failure or maintenance window. Configure VRRP on the two distribution switches serving each cell, with the VIP as the cell’s default gateway.
Key Takeaways
Section titled “Key Takeaways”VRRP is the open standard
Hirschmann supports VRRP. HSRP is Cisco-only. Use VRRP for multi-vendor OT environments.
Preemption restores the primary automatically
Enable preemption so the primary router reclaims the VIP after recovery, preventing the backup from staying active indefinitely.
What Comes Next
Section titled “What Comes Next”Network services keep devices configured and monitored, but they do not protect the network from unauthorized traffic or balance load across servers. The next chapter introduces network appliances: firewalls, IDS/IPS, and load balancers.
References
Section titled “References”- RFC 5798 — Virtual Router Redundancy Protocol Version 3 (IETF, 2010)