
When deploying a [FHRP](/fhrp-protocols) such as [Hot Standby Router Protocol (HSRP)](/hot-standby-router-protocol-hsrp) or [Virtual Router Redundancy Protocol (VRRP)](/virtual-router-redundancy-protocol-vrrp), along with routing protocols such as [OSPF](/ospf) or [EIGRP](/eigrp), there are some best practices that should be kept in mind.

It’s important to realize that FHRPs typically deliver a default gateway **to subnets that contain end user hosts**. So the actual virtual gateway that is created should only be facing the subnet where the end users are. Those end users should be using that virtual gateway as their default gateway.

Any routing protocols that FHRP devices participate in should take place on other interfaces and not those of the virtual router.

**In other words, the virtual default gateway and the SVIs or routed interfaces associated with it should not be used to create OSPF neighbor adjacencies.**

Indeed, those interfaces should **ideally be configured as passive interfaces** for the [routing protocol](/routing-dynamic-routing-protocols) being used.

Take a look at the following FHRP topology:
![fhrp-lab-topology-switches.png](/attachments/fhrp-lab-topology-switches.png)

In such a topology, the Gi0/1 interfaces of the switches as well as any host-facing [SVI](/svi)s should be configured as [passive](/passive-interface) for whatever routing protocol may be employed.  The Gi0/2 interfaces of the switches as well as those of R3 can be used to create routing protocol peerings for the exchange of routing information.

Links:

https://forum.networklessons.com/t/hsrp-hot-standby-routing-protocol/1150/176?u=lagapides

FHRP - interaction with routing protocols

EIGRP - how metrics are sent in updates

EIGRP - metric computation method

EIGRP - metric equation

EIGRP - network command with no wildcard mask

EIGRP - stub site function

EIGRP Create and advertise a default route

EIGRP Feasibility condition

EIGRP Header

EIGRP IP bandwidth-percent example

EIGRP LFA FRR

EIGRP Refining the behavior of load balancing with traffic-share

EIGRP SIA timers

EIGRP authentication

EIGRP auto-summary

EIGRP change rib scale

EIGRP establishing remote neighbors

EIGRP header - ACK field

EIGRP named mode

EIGRP on the Nexus Platform

EIGRP redistributing named mode

EIGRP rib-scale

EIGRP seed metrics when redistributing

EIGRP split horizon verification

EIGRP split-horizon vs poison reverse

EIGRP unequal cost load balancing

EIGRP what happens when a feasible successor fails

EIGRP

EPC - Cisco Embedded Packet Capture

ERSPAN

EVE-NG supported Cisco and other vendor images

Equal-cost Multi-path routing

EtherChannel - applying configurations to the interface

EtherChannel - implementing over 802.1Q tunneling

EtherChannel - load balancing algorithms

EtherChannel - max-bundle

EtherChannel - prerequisites for bundling

EtherChannel

Etherchannel - fast-switchover

Ethernet - role of FCS field

Ethernet - speed and duplex mismatches

Ethernet - speed and duplex settings on an ISR4431

Ethernet CSMA-CD

Ethernet VPN (EVPN)

Ethernet administrative and operational encapsulation

Ethernet administrative operational mode

Ethernet frame types

Ethernet header

Ethernet over IP (EoIP)

Ethernet

FHRP Communication Between Redundant Routers

FHRP Load Balancing Behavior

FHRP Protocols

FHRP communication path of keepalives

Fiber optic types

Fiber optics - Multi mode fiber optics characteristics

Fiber optics - Single mode fiber optics characteristics

Fiber optics - color coding

Fiber optics - connectors

FlexVPN Hub and Spoke backup routes

FlexVPN redundant hub with dual cloud

FlexVPN spoke to spoke communication fails with IPSec tunnel

FlexVPN

Frame Relay - is it a relevant technology anymore

Frame-Relay - emulating a Frame-Relay switch

Frame-Relay DLCI values

GNS3 how to obtain Cisco IOS images

GRE - Recursive routing error - AD solution

GRE - Recursive routing error - filtering solution

GRE - Recursive routing error

GRE - Tunnel Addressing

GRE MTU settings

GRE and IPSec

GRE tunnel and multicast

GRE tunnel key operation with only one tunnel key configured

GRE tunnel key

GRE tunnels and how they transmit multicast packets

HSRP - standby group numbers

HTTP - viewing HTTP messages in Wireshark

Hardware - Application Specific Integrated Circuit (ASIC)

High-Level Data Link Control (HDLC)

Home lab computer requirements

Hot Standby Router Protocol (HSRP)

How to practice labbing - best practices

How to prepare for Cisco DNA

IANA

ICANN

ICMP - Mitigating Vulnerabilities

ICMP - Vulnerabilities

ICMP - response to a ping that is blocked by an ACL

ICMP codes and types

ICMP

IEEE

IETF

IGMP - Snooping Querier Election

IGMP - Snooping Querier

IGMP - access group

IGMP - fast leave