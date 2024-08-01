On This Page
VRRP
The Virtual Router Redundancy Protocol (VRRP) is a computer networking protocol that provides for automatic assignment of available IP routers to participating hosts. This increases the availability and reliability of routing paths via automatic default gateway selections on an IP subnetwork.
The protocol achieves this by creating virtual routers, which are an abstract representation of multiple routers (that is, a master and backup routers, acting as a group). The default gateway of a participating host is assigned to the virtual router instead of a physical router. If the physical router that is routing packets on behalf of the virtual router fails, another physical router is selected to automatically replace it. The physical router that is forwarding packets at any given time is called the master router.
VRRP provides information on the state of a router, not the routes processed and exchanged by that router. Each VRRP instance is limited, in scope, to a single subnet. It does not advertise IP routes beyond that subnet or affect the routing table in any way.
Routers have a priority of between 1-255 and the router with the highest priority becomes the master. The configurable priority value ranges from 1-254, the router which owns the interface IP address as one of its associated IP addresses has the priority value 255. When a planned withdrawal of a master router is to take place, its priority can be lowered, which means a backup router will preempt the master router status rather than having to wait for the hold time to expire.NVIDIA Onyx supports IPv4 in VRRP version 2, and IPv6 in VRRP version 3.
To create load balancing between routers participating in the same VR, it is recommended to create 2 (or more) VRs. Each router will be a master in one of the VRs, and a backup to the other VR(s). A group of hosts should be configured with Router 1’s virtual address as the default gateway, while the second group should be configured with Router 2’s virtual address.
Preconditions
Enable IP routing functionality. Run:
switch(config)# ip routing
Enable the desired VLAN. Run:
switch(config)# vlan
20Note
The VLAN cannot be the same one configured for the MLAG IPL, if MLAG is used.
Add this VLAN to the desired interface. Run:
switch(config)#
interfaceethernet
1/
1
switch(config
interfaceethernet
1/
1)# switchport access vlan
20
Create a VLAN interface. Run:
switch(config)#
interfacevlan
20
Apply IP address to the VLAN interface.
For IPv4, do the following.
On one of the switches, run:
switch(config
interfacevlan
20)# ip address
20.20.
20.20/
24
On the other switch, run:
switch(config
interfacevlan
20)# ip address
20.20.
20.30/
24
For IPv6, apply IPv6 address to the VLAN interface.
On one of the switches, run:
switch(config
interfacevlan
20) # ipv6 address
2001::
20/
64
On the other switch, run:
switch(config
interfacevlan
20) # ipv6 address
2001::
30/
64
Enable the interface. Run:
switch(config
interfacevlan
20)# no shutdown
Configuring VRRP
Enable VRRP protocol globally. Run:
switch(config)# protocol vrrp
Create a virtual router group for an IP interface. Up to 255 VRRP IDs are supported. Run:
switch(config
interfacevlan
20)# vrrp
100
Set the VIP address.
For IPv4, run:
switch(config
interfacevlan
20vrrp
100)# address
20.20.
20.40
For IPv6, run:
switch(config
interfacevlan
20vrrp
100) # address
2001::
40
Influence the election of the master in the VR cluster make sure that the priority of the desired master is the highest. Note that the higher IP address is selected in case the priority of the routers in the VR are the same. Select the priority. Run:
switch(config
interfacevlan
20vrrp
100)# priority
200
The advertisement interval should be the same for all the routers within the VR. Modify the interval. Run:
switch(config
interfacevlan
20vrrp
100)# advertisement-interval
2
The authentication text should be the same for all the routers within the VR. Configure the authentication text. Run:
switch(config
interfacevlan
20vrrp
100)# authentication text my-passwordNote
This option is not supported in VRRP IPv6.
Use the preempt command to enable a high-priority backup virtual router to preempt the low-priority master virtual router. Run:
switch(config
interfacevlan
20vrrp
100)# preempt
Disable VRRP. Run:
switch(config
interfacevlan
20vrrp
100)# shutdownNote
The configuration will not be deleted, only the VRRP state machine will be stopped.
Verifying VRRP
Display VRRP brief status. Run:
switch(config) # show vrrp Interface VR Admin State Priority Adv-Intvl Preempt State VR IP addr ----------------------------------------------------------------------------------------------------------- Vlan20
100Enabled
100
1Enabled Master
20.20.
20.40Vlan20
100Enabled
100
1Enabled Master
2001::
40
Display VRRP detailed status. Run:
switch(config) # show vrrp detail VRRP Admin State: Enabled Vlan20 - Vrrp
100: Instance Admin State : Enabled State : Master State v6 : Master Virtual IP Address :
20.20.
20.40Virtual IPv6 Address :
2001::
40Priority :
100Advertisement interval(sec) :
1Preemption : Enabled Virtual MAC Address :
00:
00:5e:
00:
01:
64Primary IP Address :
20.20.
20.20Master router :
20.20.
20.20Virtual MAC Address v6 :
00:
00:5e:
00:
02:
64Primary IP Address v6 : :: Master router v6 :
2001::
20Master priority :
100Master advertisement interval:
1
Display VRRP statistic counters. Run:
switch(config) # show vrrp statistics Invalid packets:
0Too
short:
0Transitions to Master:
1Total received:
0Bad TTL:
0Failed authentication:
0Unknown authentication:
0Conflicting authentication:
0Conflicting Advertise time:
0Conflicting Addresses:
0Received with zero priority:
0Sent with zero priority:
0Invalid packets v6:
0Too
shortv6:
0Transitions to Master v6:
1Total received v6:
0Bad TTL v6:
0Conflicting Advertise time v6:
0Conflicting Addresses v6:
0Received with zero priority v6:
0Sent with zero priority v6:
0
protocol vrrp
|
protocol vrrp
no protocol vrrp
Enables VRRP globally and unhides VRRP related commands.
The no form of the command deletes all the VRRP configuration and hides VRRP related commands.
|
Syntax Description
|
N/A
|
Default
|
no protocol vrrp
|
Configuration Mode
|
config
|
History
|
3.3.4500
|
Example
|
switch (config)# protocol vrrp
|
Related Commands
|
Notes
clear vrrp statistics
|
clear vrrp statistics
Clears VRRP statistics.
|
Syntax Description
|
N/A
|
Default
|
N/A
|
Configuration Mode
|
config
|
History
|
3.3.4500
|
Example
|
switch (config)# clear vrrp statistics
|
Related Commands
|
Notes
vrrp
|
vrrp <number>
no vrrp <number>
Creates a virtual router group on this interface and enters a new configuration mode.
The no form of the command deletes the VRRP instance and the related configuration.
|
Syntax Description
|
number
|
A VRRP instance number
Range: 1-255
|
Default
|
N/A
|
Configuration Mode
|
config interface vlan
|
History
|
3.3.4500
|
3.6.8100
|
Updated parameter range
|
3.7.1100
|
Updated Syntax and notes
|
Example
|
switch (config interface vlan 10)#
|
Related Commands
|
Notes
|
A maximum total of 64 VRRP instances are supported per switch system.
address
|
address <ip-address> [secondary]
no address [<ip-address> [secondary]]
Sets virtual router IP address (primary and secondary).
The no form of the command deletes the IP address from the VRRP interface.
|
Syntax Description
|
ip-address
|
The virtual IP address
|
secondary
|
A secondary IP address for the virtual router
|
Default
|
N/A
|
Configuration Mode
|
config vrrp interface
|
History
|
3.3.4500
|
3.9.1000
|
Added support IPv6 address
|
Example
|
switch (config vrrp 100)# address 10.10.10.10
switch (config vrrp 100)# address 2001::40
|
Related Commands
|
Notes
|
shutdown
|
shutdown
no shutdown
Disables the virtual router.
The no form of the command enables the virtual router (stops the VRRP state machine).
|
Syntax Description
|
N/A
|
Default
|
Enabled (no shutdown)
|
Configuration Mode
|
config vrrp interface
|
History
|
3.3.4500
|
Example
|
switch (config vrrp 100)# shutdown
|
Related Commands
|
Notes
priority
|
priority <level>
no priority
Sets the priority of the virtual router.
The no form of the command resets the priority to its default.
|
Syntax Description
|
level
|
The virtual router priority level
Range: 1-254
|
Default
|
100
|
Configuration Mode
|
config vrrp interface
|
History
|
3.3.4500
|
Example
|
switch (config vrrp 100)# priority 200
|
Related Commands
|
Notes
|
preempt
|
preempt
no preempt
Sets virtual router preemption mode.
The no form of the command disables the virtual router preemption.
|
Syntax Description
|
N/A
|
Default
|
Enabled (preempt)
|
Configuration Mode
|
config vrrp interface
|
History
|
3.3.4500
|
Example
|
switch (config vrrp 100)# preempt
|
Related Commands
|
Notes
|
To set this router as backup for the current virtual router master, preempt must be enabled.
authentication text
|
authentication text <password>
no authentication text
Sets virtual router authentication password and enables authentication.
The no form of the command disables the authentication mechanism.
|
Syntax Description
|
password
|
The virtual router authentication password
|
Default
|
Disabled
|
Configuration Mode
|
config vrrp interface
|
History
|
3.3.4500
|
3.9.1000
|
Updated notes
|
Example
|
switch (config vrrp 100)# authentication text mypassword
|
Related Commands
|
Notes
|
advertisement-interval
|
advertisement-interval <seconds>
no advertisement-interval
Sets the virtual router advertisement-interval.
The no form of the command resets the parameter to its default.
|
Syntax Description
|
seconds
|
The virtual router advertisement-interval in seconds
Range: 1-255
|
Default
|
1
|
Configuration Mode
|
config vrrp interface
|
History
|
3.3.4500
|
Example
|
switch (config vrrp 100)# advertisement-interval 10
|
Related Commands
|
Notes
show vrrp
|
show vrrp [interface <type> <number>] [vr <id>]
Displays VRRP brief configuration and status.
|
Syntax Description
|
interface <type> <number>
|
Filters the output to a specific interface type and number
|
vr <id>
|
Filters the output to a specific virtual router
Range: 1-10
|
Default
|
N/A
|
Configuration Mode
|
Any command mode
|
History
|
3.3.4500
|
3.9.1000
|
Added support for VRRP IPv6 instance
|
Example
|
switch (config) # show vrrp
|
Related Commands
|
Notes
show vrrp detail
|
show vrrp detail [interface <type> <number>] [vr <id>]
Displays detailed VRRP configuration and status.
|
Syntax Description
|
interface <type> <number>
|
Filters the output to a specific interface type and number
|
vr <id>
|
Filters the output to a specific virtual router
Range: 1-255
|
Default
|
N/A
|
Configuration Mode
|
Any command mode
|
History
|
3.3.4500
|
3.6.5000
|
Updated example
|
3.6.8008
|
Updated example
|
3.9.1000
|
Added support for VRRP IPv6 instance
|
Example
|
switch (config) # show vrrp detail
Vlan20 - Vrrp 100:
Associated IP Addresses:
Associated IPv6 Addresses:
|
Related Commands
|
Notes
show vrrp statistics
|
show vrrp statistics [interface <type <number>] [vr <id>] [all]
Displays VRRP counters.
|
Syntax Description
|
interface <type> <number>
|
Filters the output to a specific interface type and number
|
vr <id>
|
Filters the output to a specific virtual router
Range: 1-255
|
Default
|
N/A
|
Configuration Mode
|
Any command mode
|
History
|
3.3.4500
|
3.6.5000
|
Updated example
|
3.9.1000
|
Updated example
|
Example
|
switch (config) # show vrrp statistics
|
Related Commands
|
Notes