VRRP
The Virtual Router Redundancy Protocol (VRRP) is a computer networking protocol that provides for automatic assignment of available IP routers to participating hosts. This increases the availability and reliability of routing paths via automatic default gateway selections on an IP subnetwork.
The protocol achieves this by creating virtual routers, which are an abstract representation of multiple routers (that is, a master and backup routers, acting as a group). The default gateway of a participating host is assigned to the virtual router instead of a physical router. If the physical router that is routing packets on behalf of the virtual router fails, another physical router is selected to automatically replace it. The physical router that is forwarding packets at any given time is called the master router.
VRRP provides information on the state of a router, not the routes processed and exchanged by that router. Each VRRP instance is limited, in scope, to a single subnet. It does not advertise IP routes beyond that subnet or affect the routing table in any way.
Routers have a priority of between 1-255 and the router with the highest priority becomes the master. The configurable priority value ranges from 1-254, the router which owns the interface IP address as one of its associated IP addresses has the priority value 255. When a planned withdrawal of a master router is to take place, its priority can be lowered, which means a backup router will preempt the master router status rather than having to wait for the hold time to expire.NVIDIA Onyx supports IPv4 in VRRP version 2, and IPv6 in VRRP version 3.
To create load balancing between routers participating in the same VR, it is recommended to create 2 (or more) VRs. Each router will be a master in one of the VRs, and a backup to the other VR(s). A group of hosts should be configured with Router 1’s virtual address as the default gateway, while the second group should be configured with Router 2’s virtual address.
The Virtual Router Redundancy Protocol (VRRP) is a computer networking protocol that provides for automatic assignment of available IP routers to participating hosts. This increases the availability and reliability of routing paths via automatic default gateway selections on an IP subnetwork.The protocol achieves this by creating virtual routers, which are an abstract representation of multiple routers (that is, a master and backup routers, acting as a group). The default gateway of a participating host is assigned to the virtual router instead of a physical router. If the physical router that is routing packets on behalf of the virtual router fails, another physical router is selected to automatically replace it. The physical router that is forwarding packets at any given time is called the master router.VRRP provides information on the state of a router, not the routes processed and exchanged by that router. Each VRRP instance is limited, in scope, to a single subnet. It does not advertise IP routes beyond that subnet or affect the routing table in any way.Routers have a priority of between 1-255 and the router with the highest priority becomes the master. The configurable priority value ranges from 1-254, the router which owns the interface IP address as one of its associated IP addresses has the priority value 255. When a planned withdrawal of a master router is to take place, its priority can be lowered, which means a backup router will preempt the master router status rather than having to wait for the hold time to expire.
Preconditions
Enable IP routing functionality. Run:
switch
(config)# ip routingEnable the desired VLAN. Run:
switch
(config)# vlan20
WarningThe VLAN cannot be the same one configured for the MLAG IPL, if MLAG is used.
Add this VLAN to the desired interface. Run:
switch
(config)#interface
ethernet1
/1
switch
(configinterface
ethernet1
/1
)# switchport access vlan20
Create a VLAN interface. Run:
switch
(config)#interface
vlan20
Apply IP address to the VLAN interface.
For IPv4, do the following.
On one of the switches, run:
switch
(configinterface
vlan20
)# ip address20.20
.20.20
/24
On the other switch, run:
switch
(configinterface
vlan20
)# ip address20.20
.20.30
/24
For IPv6, apply IPv6 address to the VLAN interface.
On one of the switches, run:
switch
(configinterface
vlan20
) # ipv6 address2001
::20
/64
On the other switch, run:
switch
(configinterface
vlan20
) # ipv6 address2001
::30
/64
Enable the interface. Run:
switch
(configinterface
vlan20
)# no shutdown
Configuring VRRP
Enable VRRP protocol globally. Run:
switch
(config)# protocol vrrpCreate a virtual router group for an IP interface. Up to 255 VRRP IDs are supported. Run:
switch
(configinterface
vlan20
)# vrrp100
Set the VIP address.
For IPv4, run:
switch
(configinterface
vlan20
vrrp100
)# address20.20
.20.40
For IPv6, run:
switch
(configinterface
vlan20
vrrp100
) # address2001
::40
Influence the election of the master in the VR cluster make sure that the priority of the desired master is the highest. Note that the higher IP address is selected in case the priority of the routers in the VR are the same. Select the priority. Run:
switch
(configinterface
vlan20
vrrp100
)# priority200
The advertisement interval should be the same for all the routers within the VR. Modify the interval. Run:
switch
(configinterface
vlan20
vrrp100
)# advertisement-interval2
The authentication text should be the same for all the routers within the VR. Configure the authentication text. Run:
switch
(configinterface
vlan20
vrrp100
)# authentication text my-passwordWarningThis option is not supported in VRRP IPv6.
Use the preempt command to enable a high-priority backup virtual router to preempt the low-priority master virtual router. Run:
switch
(configinterface
vlan20
vrrp100
)# preemptDisable VRRP. Run:
switch
(configinterface
vlan20
vrrp100
)# shutdownWarningThe configuration will not be deleted, only the VRRP state machine will be stopped.
Verifying VRRP
Display VRRP brief status. Run:
switch
(config) # show vrrp Interface VR Admin State Priority Adv-Intvl Preempt State VR IP addr ----------------------------------------------------------------------------------------------------------- Vlan20100
Enabled100
1
Enabled Master20.20
.20.40
Vlan20100
Enabled100
1
Enabled Master2001
::40
Display VRRP detailed status. Run:
switch
(config) # show vrrp detail VRRP Admin State: Enabled Vlan20 - Vrrp100
: Instance Admin State : Enabled State : Master State v6 : Master Virtual IP Address :20.20
.20.40
Virtual IPv6 Address :2001
::40
Priority :100
Advertisement interval(sec) :1
Preemption : Enabled Virtual MAC Address :00
:00
:5e:00
:01
:64
Primary IP Address :20.20
.20.20
Master router :20.20
.20.20
Virtual MAC Address v6 :00
:00
:5e:00
:02
:64
Primary IP Address v6 : :: Master router v6 :2001
::20
Master priority :100
Master advertisement interval:1
Display VRRP statistic counters. Run:
switch
(config) # show vrrp statistics Invalid packets:0
Tooshort
:0
Transitions to Master:1
Total received:0
Bad TTL:0
Failed authentication:0
Unknown authentication:0
Conflicting authentication:0
Conflicting Advertise time:0
Conflicting Addresses:0
Received with zero priority:0
Sent with zero priority:0
Invalid packets v6:0
Tooshort
v6:0
Transitions to Master v6:1
Total received v6:0
Bad TTL v6:0
Conflicting Advertise time v6:0
Conflicting Addresses v6:0
Received with zero priority v6:0
Sent with zero priority v6:0
For more information about this feature and its potential applications, please refer to the following community post:
protocol vrrp
protocol vrrp no protocol vrrp Enables VRRP globally and unhides VRRP related commands. The no form of the command deletes all the VRRP configuration and hides VRRP related commands. |
||
Syntax Description |
N/A |
|
Default |
no protocol vrrp |
|
Configuration Mode |
config |
|
History |
3.3.4500 |
|
Example |
switch (config)# protocol vrrp |
|
Related Commands |
||
Notes |
clear vrrp statistics
clear vrrp statistics Clears VRRP statistics. |
||
Syntax Description |
N/A |
|
Default |
N/A |
|
Configuration Mode |
config |
|
History |
3.3.4500 |
|
Example |
switch (config)# clear vrrp statistics |
|
Related Commands |
||
Notes |
vrrp
vrrp <number> no vrrp <number> Creates a virtual router group on this interface and enters a new configuration mode. The no form of the command deletes the VRRP instance and the related configuration. |
||
Syntax Description |
number |
A VRRP instance number Range: 1-255 |
Default |
N/A |
|
Configuration Mode |
config interface vlan |
|
History |
3.3.4500 |
|
3.6.8100 |
Updated parameter range |
|
3.7.1100 |
Updated Syntax and notes |
|
Example |
switch (config interface vlan 10)# |
|
Related Commands |
||
Notes |
A maximum total of 64 VRRP instances are supported per switch system. |
address
address <ip-address> [secondary] no address [<ip-address> [secondary]] Sets virtual router IP address (primary and secondary). The no form of the command deletes the IP address from the VRRP interface. |
||
Syntax Description |
ip-address |
The virtual IP address |
secondary |
A secondary IP address for the virtual router |
|
Default |
N/A |
|
Configuration Mode |
config vrrp interface |
|
History |
3.3.4500 |
|
3.9.1000 |
Added support IPv6 address |
|
Example |
switch (config vrrp 100)# address 10.10.10.10 switch (config vrrp 100)# address 2001::40 |
|
Related Commands |
||
Notes |
|
shutdown
shutdown no shutdown Disables the virtual router. The no form of the command enables the virtual router (stops the VRRP state machine). |
||
Syntax Description |
N/A |
|
Default |
Enabled (no shutdown) |
|
Configuration Mode |
config vrrp interface |
|
History |
3.3.4500 |
|
Example |
switch (config vrrp 100)# shutdown |
|
Related Commands |
||
Notes |
priority
priority <level> no priority Sets the priority of the virtual router. The no form of the command resets the priority to its default. |
||
Syntax Description |
level |
The virtual router priority level Range: 1-254 |
Default |
100 |
|
Configuration Mode |
config vrrp interface |
|
History |
3.3.4500 |
|
Example |
switch (config vrrp 100)# priority 200 |
|
Related Commands |
||
Notes |
|
preempt
preempt no preempt Sets virtual router preemption mode. The no form of the command disables the virtual router preemption. |
||
Syntax Description |
N/A |
|
Default |
Enabled (preempt) |
|
Configuration Mode |
config vrrp interface |
|
History |
3.3.4500 |
|
Example |
switch (config vrrp 100)# preempt |
|
Related Commands |
||
Notes |
To set this router as backup for the current virtual router master, preempt must be enabled. |
authentication text
authentication text <password> no authentication text Sets virtual router authentication password and enables authentication. The no form of the command disables the authentication mechanism. |
||
Syntax Description |
password |
The virtual router authentication password |
Default |
Disabled |
|
Configuration Mode |
config vrrp interface |
|
History |
3.3.4500 |
|
3.9.1000 |
Updated notes |
|
Example |
switch (config vrrp 100)# authentication text mypassword |
|
Related Commands |
||
Notes |
|
advertisement-interval
advertisement-interval <seconds> no advertisement-interval Sets the virtual router advertisement-interval. The no form of the command resets the parameter to its default. |
||
Syntax Description |
seconds |
The virtual router advertisement-interval in seconds Range: 1-255 |
Default |
1 |
|
Configuration Mode |
config vrrp interface |
|
History |
3.3.4500 |
|
Example |
switch (config vrrp 100)# advertisement-interval 10 |
|
Related Commands |
||
Notes |
show vrrp
show vrrp [interface <type> <number>] [vr <id>] Displays VRRP brief configuration and status. |
||
Syntax Description |
interface <type> <number> |
Filters the output to a specific interface type and number |
vr <id> |
Filters the output to a specific virtual router Range: 1-10 |
|
Default |
N/A |
|
Configuration Mode |
Any command mode |
|
History |
3.3.4500 |
|
3.9.1000 |
Added support for VRRP IPv6 instance |
|
Example |
switch (config) # show vrrp |
|
Related Commands |
||
Notes |
show vrrp detail
show vrrp detail [interface <type> <number>] [vr <id>] Displays detailed VRRP configuration and status. |
||
Syntax Description |
interface <type> <number> |
Filters the output to a specific interface type and number |
vr <id> |
Filters the output to a specific virtual router Range: 1-255 |
|
Default |
N/A |
|
Configuration Mode |
Any command mode |
|
History |
3.3.4500 |
|
3.6.5000 |
Updated example |
|
3.6.8008 |
Updated example |
|
3.9.1000 |
Added support for VRRP IPv6 instance |
|
Example |
switch (config) # show vrrp detail Vlan20 - Vrrp 100: Associated IP Addresses: Associated IPv6 Addresses: |
|
Related Commands |
||
Notes |
show vrrp statistics
show vrrp statistics [interface <type <number>] [vr <id>] [all] Displays VRRP counters. |
||
Syntax Description |
interface <type> <number> |
Filters the output to a specific interface type and number |
vr <id> |
Filters the output to a specific virtual router Range: 1-255 |
|
Default |
N/A |
|
Configuration Mode |
Any command mode |
|
History |
3.3.4500 |
|
3.6.5000 |
Updated example |
|
3.9.1000 |
Updated example |
|
Example |
switch (config) # show vrrp statistics |
|
Related Commands |
||
Notes |