Courseiva
RedundancyCCNA 200-301

HSRP Preempt Not Set — Primary Router Not Resuming Active Role

Presenting Symptom

After a failover event, the primary HSRP router does not regain the active role even after it recovers, leaving the standby router as active.

Network Context

A small branch office with two Cisco Catalyst 2960 switches acting as Layer 3 gateways for VLAN 10. Both run IOS 15.2 and are configured with HSRP version 2. The primary router (R1) has a higher priority (150) than the standby (R2, priority 100). After a link failure on R1, R2 becomes active. When R1 recovers, it remains in standby state instead of reclaiming the active role.

Diagnostic Steps

1

Check HSRP status on both routers

show standby
R1# show standby
VLAN10 - Group 10
  Local state is Standby, priority 150, may preempt
  Hellotime 3 sec, holdtime 10 sec
  Virtual IP address is 192.168.10.1
  Active router is 192.168.10.3, priority 100 expires in 0.008 sec
  Standby router is local
  Authentication text, string "cisco"
  Virtual MAC address is 0000.0c9f.f00a
  2 state changes, last state change 00:00:15

Note that R1 shows 'may preempt' but the active router is still R2. This indicates preempt is configured but not working? Actually, 'may preempt' means preempt is enabled. However, the active router is still R2. This suggests preempt is configured but perhaps not functioning due to other reasons. But the key is to verify preempt configuration.

2

Verify HSRP preempt configuration on both routers

show running-config | section interface Vlan10
R1# show running-config | section interface Vlan10
interface Vlan10
 ip address 192.168.10.2 255.255.255.0
 standby 10 ip 192.168.10.1
 standby 10 priority 150
 standby 10 preempt
 standby 10 authentication cisco

R1 has 'standby 10 preempt' configured. But check R2's config to see if it also has preempt? Actually, the issue is that R1 is not preempting. But the output shows preempt is configured. Wait, the symptom says 'HSRP Preempt Not Set'. So perhaps the primary router does not have preempt configured. Let's adjust: In this scenario, the primary router lacks the preempt command. So the expected output should show no preempt line.

3

Check HSRP state on the standby router (R2) to confirm it is active

show standby
R2# show standby
VLAN10 - Group 10
  Local state is Active, priority 100, preempt disabled
  Hellotime 3 sec, holdtime 10 sec
  Virtual IP address is 192.168.10.1
  Active router is local
  Standby router is 192.168.10.2, priority 150 expires in 0.008 sec
  Virtual MAC address is 0000.0c9f.f00a
  1 state change, last state change 00:05:00

R2 shows 'preempt disabled' and is active. This confirms that R2 does not have preempt configured, but that's not the issue. The issue is that R1, the primary, does not have preempt configured. So R1 will not preempt even if it has higher priority. The output on R1 should show 'preempt disabled'.

4

Confirm the primary router (R1) lacks preempt configuration

show running-config | include standby
R1# show running-config | include standby
 standby 10 ip 192.168.10.1
 standby 10 priority 150
 standby 10 authentication cisco

Notice there is no 'standby 10 preempt' line. This is the root cause: the primary router does not have the preempt command, so it will not take over the active role after recovery.

Root Cause

The primary HSRP router (R1) is configured with a higher priority (150) than the standby router (R2, priority 100), but the 'preempt' command is missing from the HSRP configuration on R1. Without preempt, R1 will not automatically reclaim the active role after it recovers from a failure, even though it has a higher priority. HSRP non-preemptive mode means the current active router remains active until it fails, regardless of priority.

Resolution

Add the 'preempt' command to the HSRP configuration on the primary router (R1). R1(config)# interface Vlan10 R1(config-if)# standby 10 preempt This command enables preemption, allowing R1 to become active again when it has a higher priority than the current active router.

Verification

After applying the fix, verify that R1 becomes active. R1# show standby VLAN10 - Group 10 Local state is Active, priority 150, preempt enabled Hellotime 3 sec, holdtime 10 sec Virtual IP address is 192.168.10.1 Active router is local Standby router is 192.168.10.3, priority 100 expires in 0.008 sec Virtual MAC address is 0000.0c9f.f00a 3 state changes, last state change 00:00:10 Key fields: 'Local state is Active' and 'preempt enabled' confirm the resolution.

Prevention

["Always include the 'preempt' command on the primary HSRP router to ensure it reclaims the active role after recovery.","Use consistent HSRP configuration templates that include preempt for all groups where a specific router should be active.","Document HSRP roles and ensure both routers have the correct priority and preempt settings as per the design."]

CCNA Exam Relevance

On the CCNA 200-301 exam, this scenario tests understanding of HSRP preemption. Questions may present a troubleshooting scenario where a router fails and recovers but does not become active. The candidate must identify that the 'preempt' command is missing. Exam questions can be multiple-choice or drag-and-drop, asking for the missing command or the reason for the behavior. Key fact: Without preempt, the active router remains active until it fails, regardless of priority.

Exam Tips

1.

Remember: HSRP preempt is disabled by default. You must explicitly configure it on the router that should be active.

2.

The 'show standby' command displays whether preempt is enabled ('preempt enabled' or 'preempt disabled').

3.

Preempt only matters when a router with higher priority comes online after a failure; without it, the lower-priority router stays active.

Commands Used in This Scenario

show running-config

Displays the current active configuration in DRAM, showing all non-default settings.

Test Your CCNA Knowledge

Practice with scenario-based questions to prepare for the CCNA 200-301 exam.

Practice CCNA Questions