NVIDIA Onyx User Manual v3.10.3004

VRRP

The Virtual Router Redundancy Protocol (VRRP) is a computer networking protocol that provides for automatic assignment of available IP routers to participating hosts. This increases the availability and reliability of routing paths via automatic default gateway selections on an IP subnetwork.

The protocol achieves this by creating virtual routers, which are an abstract representation of multiple routers (that is, a master and backup routers, acting as a group). The default gateway of a participating host is assigned to the virtual router instead of a physical router. If the physical router that is routing packets on behalf of the virtual router fails, another physical router is selected to automatically replace it. The physical router that is forwarding packets at any given time is called the master router.

VRRP provides information on the state of a router, not the routes processed and exchanged by that router. Each VRRP instance is limited, in scope, to a single subnet. It does not advertise IP routes beyond that subnet or affect the routing table in any way.

Routers have a priority of between 1-255 and the router with the highest priority becomes the master. The configurable priority value ranges from 1-254, the router which owns the interface IP address as one of its associated IP addresses has the priority value 255. When a planned withdrawal of a master router is to take place, its priority can be lowered, which means a backup router will preempt the master router status rather than having to wait for the hold time to expire.NVIDIA Onyx supports IPv4 in VRRP version 2, and IPv6 in VRRP version 3.

To create load balancing between routers participating in the same VR, it is recommended to create 2 (or more) VRs. Each router will be a master in one of the VRs, and a backup to the other VR(s). A group of hosts should be configured with Router 1’s virtual address as the default gateway, while the second group should be configured with Router 2’s virtual address.

The Virtual Router Redundancy Protocol (VRRP) is a computer networking protocol that provides for automatic assignment of available IP routers to participating hosts. This increases the availability and reliability of routing paths via automatic default gateway selections on an IP subnetwork.The protocol achieves this by creating virtual routers, which are an abstract representation of multiple routers (that is, a master and backup routers, acting as a group). The default gateway of a participating host is assigned to the virtual router instead of a physical router. If the physical router that is routing packets on behalf of the virtual router fails, another physical router is selected to automatically replace it. The physical router that is forwarding packets at any given time is called the master router.VRRP provides information on the state of a router, not the routes processed and exchanged by that router. Each VRRP instance is limited, in scope, to a single subnet. It does not advertise IP routes beyond that subnet or affect the routing table in any way.Routers have a priority of between 1-255 and the router with the highest priority becomes the master. The configurable priority value ranges from 1-254, the router which owns the interface IP address as one of its associated IP addresses has the priority value 255. When a planned withdrawal of a master router is to take place, its priority can be lowered, which means a backup router will preempt the master router status rather than having to wait for the hold time to expire.

Preconditions

  1. Enable IP routing functionality. Run:

    Copy
    Copied!
                

    switch (config)# ip routing

  2. Enable the desired VLAN. Run:

    Copy
    Copied!
                

    switch (config)# vlan 20

    Warning

    The VLAN cannot be the same one configured for the MLAG IPL, if MLAG is used.

  3. Add this VLAN to the desired interface. Run:

    Copy
    Copied!
                

    switch (config)# interface ethernet 1/1 switch (config interface ethernet 1/1)# switchport access vlan 20

  4. Create a VLAN interface. Run:

    Copy
    Copied!
                

    switch (config)# interface vlan 20

  5. Apply IP address to the VLAN interface.

    1. For IPv4, do the following.

      On one of the switches, run:

      Copy
      Copied!
                  

      switch (config interface vlan 20)# ip address 20.20.20.20 /24

      On the other switch, run:

      Copy
      Copied!
                  

      switch (config interface vlan 20)# ip address 20.20.20.30 /24

    2. For IPv6, apply IPv6 address to the VLAN interface.

      On one of the switches, run:

      Copy
      Copied!
                  

      switch (config interface vlan 20) # ipv6 address 2001::20 /64

      On the other switch, run:

      Copy
      Copied!
                  

      switch (config interface vlan 20) # ipv6 address 2001::30 /64

  6. Enable the interface. Run:

    Copy
    Copied!
                

    switch (config interface vlan 20)# no shutdown

Configuring VRRP

  1. Enable VRRP protocol globally. Run:

    Copy
    Copied!
                

    switch (config)# protocol vrrp

  2. Create a virtual router group for an IP interface. Up to 255 VRRP IDs are supported. Run:

    Copy
    Copied!
                

    switch (config interface vlan 20)# vrrp 100

  3. Set the VIP address.

    1. For IPv4, run:

      Copy
      Copied!
                  

      switch (config interface vlan 20 vrrp 100)# address 20.20.20.40

    2. For IPv6, run:

      Copy
      Copied!
                  

       switch (config interface vlan 20 vrrp 100) # address 2001::40

  4. Influence the election of the master in the VR cluster make sure that the priority of the desired master is the highest. Note that the higher IP address is selected in case the priority of the routers in the VR are the same. Select the priority. Run:

    Copy
    Copied!
                

    switch (config interface vlan 20 vrrp 100)# priority 200

  5. The advertisement interval should be the same for all the routers within the VR. Modify the interval. Run:

    Copy
    Copied!
                

    switch (config interface vlan 20 vrrp 100)# advertisement-interval 2

  6. The authentication text should be the same for all the routers within the VR. Configure the authentication text. Run:

    Copy
    Copied!
                

    switch (config interface vlan 20 vrrp 100)# authentication text my-password

    Warning

    This option is not supported in VRRP IPv6.

  7. Use the preempt command to enable a high-priority backup virtual router to preempt the low-priority master virtual router. Run:

    Copy
    Copied!
                

    switch (config interface vlan 20 vrrp 100)# preempt

  8. Disable VRRP. Run:

    Copy
    Copied!
                

    switch (config interface vlan 20 vrrp 100)# shutdown

    Warning

    The configuration will not be deleted, only the VRRP state machine will be stopped.

Verifying VRRP

  1. Display VRRP brief status. Run:

    Copy
    Copied!
                

    switch (config) # show vrrp Interface VR Admin State Priority Adv-Intvl Preempt State VR IP addr ----------------------------------------------------------------------------------------------------------- Vlan20 100 Enabled 100 1 Enabled Master 20.20.20.40 Vlan20 100 Enabled 100 1 Enabled Master 2001::40

  2. Display VRRP detailed status. Run:

    Copy
    Copied!
                

    switch (config) # show vrrp detail VRRP Admin State: Enabled   Vlan20 - Vrrp 100: Instance Admin State : Enabled State : Master State v6 : Master Virtual IP Address : 20.20.20.40 Virtual IPv6 Address : 2001::40 Priority : 100 Advertisement interval(sec) : 1 Preemption : Enabled Virtual MAC Address : 00:00:5e:00:01:64 Primary IP Address : 20.20.20.20 Master router : 20.20.20.20 Virtual MAC Address v6 : 00:00:5e:00:02:64 Primary IP Address v6 : :: Master router v6 : 2001::20 Master priority : 100 Master advertisement interval: 1

  3. Display VRRP statistic counters. Run:

    Copy
    Copied!
                

    switch (config) # show vrrp statistics Invalid packets: 0 Too short: 0 Transitions to Master: 1 Total received: 0 Bad TTL: 0 Failed authentication: 0 Unknown authentication: 0 Conflicting authentication: 0 Conflicting Advertise time: 0 Conflicting Addresses: 0 Received with zero priority: 0 Sent with zero priority: 0 Invalid packets v6: 0 Too short v6: 0 Transitions to Master v6: 1 Total received v6: 0 Bad TTL v6: 0 Conflicting Advertise time v6: 0 Conflicting Addresses v6: 0 Received with zero priority v6: 0 Sent with zero priority v6: 0

For more information about this feature and its potential applications, please refer to the following community post:

protocol vrrp

protocol vrrp
no protocol vrrp

Enables VRRP globally and unhides VRRP related commands.
The no form of the command deletes all the VRRP configuration and hides VRRP related commands.

Syntax Description

N/A

Default

no protocol vrrp

Configuration Mode

config

History

3.3.4500

Example

switch (config)# protocol vrrp

Related Commands

Notes

clear vrrp statistics

clear vrrp statistics

Clears VRRP statistics.

Syntax Description

N/A

Default

N/A

Configuration Mode

config

History

3.3.4500

Example

switch (config)# clear vrrp statistics

Related Commands

Notes

vrrp

vrrp <number>
no vrrp <number>

Creates a virtual router group on this interface and enters a new configuration mode.
The no form of the command deletes the VRRP instance and the related configuration.

Syntax Description

number

A VRRP instance number
Range: 1-255

Default

N/A

Configuration Mode

config interface vlan

History

3.3.4500

3.6.8100

Updated parameter range

3.7.1100

Updated Syntax and notes

Example

switch (config interface vlan 10)#
switch (config interface vlan 10 vrrp 10)#

Related Commands

Notes

A maximum total of 64 VRRP instances are supported per switch system.

address

address <ip-address> [secondary]
no address [<ip-address> [secondary]]

Sets virtual router IP address (primary and secondary).
The no form of the command deletes the IP address from the VRRP interface.

Syntax Description

ip-address

The virtual IP address

secondary

A secondary IP address for the virtual router

Default

N/A

Configuration Mode

config vrrp interface

History

3.3.4500

3.9.1000

Added support IPv6 address

Example

switch (config vrrp 100)# address 10.10.10.10
switch (config vrrp 100)# address 10.10.10.11 secondary
switch (config vrrp 100)# address 10.10.10.12 secondary

switch (config vrrp 100)# address 2001::40
switch (config vrrp 100)# address 2001::41 secondary

Related Commands

Notes

  • The virtual address can be either from the interface’s primary or secondary subnet

  • This command is the enabler of the protocol. Therefore, set all the protocol parameters initially and only then set the ip-address.

  • There are up to 20 IP addresses associated with the VRRP instance. One primary and up to 19 secondary ip-addresses.

  • If the configured IP address is the same as the interface IP address, this switch automatically owns the IP address (priority 255)

  • For IPv6, the OS will auto-generate link-local virtual IP. Up to 19 IPv6 addresses are allowed to be associated with the VRRP instance—one primary address and up to 18 secondary addresses. IPv4 and IPv6 addresses are allowed to be configured on the same VRRP instance.

shutdown

shutdown
no shutdown

Disables the virtual router.
The no form of the command enables the virtual router (stops the VRRP state machine).

Syntax Description

N/A

Default

Enabled (no shutdown)

Configuration Mode

config vrrp interface

History

3.3.4500

Example

switch (config vrrp 100)# shutdown

Related Commands

Notes

priority

priority <level>
no priority

Sets the priority of the virtual router.
The no form of the command resets the priority to its default.

Syntax Description

level

The virtual router priority level
Range: 1-254

Default

100

Configuration Mode

config vrrp interface

History

3.3.4500

Example

switch (config vrrp 100)# priority 200

Related Commands

Notes

  • The higher IP address is selected as master if the priority of the routers in the VR are the same

  • To influence the election of the master in the VR cluster make sure that the priority of the desired master is the higher

preempt

preempt
no preempt

Sets virtual router preemption mode.
The no form of the command disables the virtual router preemption.

Syntax Description

N/A

Default

Enabled (preempt)

Configuration Mode

config vrrp interface

History

3.3.4500

Example

switch (config vrrp 100)# preempt

Related Commands

Notes

To set this router as backup for the current virtual router master, preempt must be enabled.

authentication text

authentication text <password>
no authentication text

Sets virtual router authentication password and enables authentication.
The no form of the command disables the authentication mechanism.

Syntax Description

password

The virtual router authentication password

Default

Disabled

Configuration Mode

config vrrp interface

History

3.3.4500

3.9.1000

Updated notes

Example

switch (config vrrp 100)# authentication text mypassword

Related Commands

Notes

  • The password string must be up to 8 alphanumeric characters

  • This option is not supported in VRRP IPv6 instance

advertisement-interval

advertisement-interval <seconds>
no advertisement-interval

Sets the virtual router advertisement-interval.
The no form of the command resets the parameter to its default.

Syntax Description

seconds

The virtual router advertisement-interval in seconds
Range: 1-255

Default

1

Configuration Mode

config vrrp interface

History

3.3.4500

Example

switch (config vrrp 100)# advertisement-interval 10

Related Commands

Notes

show vrrp

show vrrp [interface <type> <number>] [vr <id>]

Displays VRRP brief configuration and status.

Syntax Description

interface <type> <number>

Filters the output to a specific interface type and number

vr <id>

Filters the output to a specific virtual router
Range: 1-10

Default

N/A

Configuration Mode

Any command mode

History

3.3.4500

3.9.1000

Added support for VRRP IPv6 instance

Example

switch (config) # show vrrp
Interface VR Admin State Priority Adv-Intvl Preempt State VR IP addr
------------------------------------------------------------------------------
Vlan20 100 Enabled 100 1 Enabled Master 20.20.20.40
Vlan20 100 Enabled 100 1 Enabled Master 2001::40

Related Commands

Notes

show vrrp detail

show vrrp detail [interface <type> <number>] [vr <id>]

Displays detailed VRRP configuration and status.

Syntax Description

interface <type> <number>

Filters the output to a specific interface type and number

vr <id>

Filters the output to a specific virtual router
Range: 1-255

Default

N/A

Configuration Mode

Any command mode

History

3.3.4500

3.6.5000

Updated example

3.6.8008

Updated example

3.9.1000

Added support for VRRP IPv6 instance

Example

switch (config) # show vrrp detail
VRRP Admin State: Enabled
Vlan20 - Vrrp 100:
Instance Admin State : Enabled
State : Master
State v6 : Master
Virtual IP Address : 20.20.20.40
Virtual IPv6 Address : 2001::40
Priority : 100
Advertisement interval(sec) : 1
Preemption : Enabled
Virtual MAC Address : 00:00:5e:00:01:64
Primary IP Address : 20.20.20.20
Master router : 20.20.20.20
Virtual MAC Address v6 : 00:00:5e:00:02:64
Primary IP Address v6 : ::
Master router v6 : fe80::ba59:9fff:fea6:6988
Master priority : 100
Master advertisement interval: 1
 Associated IP Addresses:
20.20.20.41
 Associated IPv6 Addresses:
2001::41

Related Commands

Notes

show vrrp statistics

show vrrp statistics [interface <type <number>] [vr <id>] [all]

Displays VRRP counters.

Syntax Description

interface <type> <number>

Filters the output to a specific interface type and number

vr <id>

Filters the output to a specific virtual router
Range: 1-255

Default

N/A

Configuration Mode

Any command mode

History

3.3.4500

3.6.5000

Updated example

3.9.1000

Updated example

Example

switch (config) # show  vrrp statistics 
Invalid packets: 0
Too short: 0
Transitions to Master: 0
Total received: 0
Bad TTL: 0
Failed authentication: 0
Unknown authentication: 0
Conflicting authentication: 0
Conflicting Advertise time: 0
Conflicting Addresses: 0
Received with zero priority: 0
Sent with zero priority: 0
Invalid packets v6: 0
Too short v6: 0
Transitions to Master v6: 0
Total received v6: 0
Bad TTL v6: 0
Conflicting Advertise time v6: 0
Conflicting Addresses v6: 0
Received with zero priority v6: 0
Sent with zero priority v6: 0

Related Commands

Notes

© Copyright 2023, NVIDIA. Last updated on Sep 8, 2023.