VRRP
The Virtual Router Redundancy Protocol (VRRP) is a computer networking protocol that provides for automatic assignment of available IP routers to participating hosts. This increases the availability and reliability of routing paths via automatic default gateway selections on an IP subnetwork.
The protocol achieves this by creating virtual routers, which are an abstract representation of multiple routers (that is, a master and backup routers, acting as a group). The default gateway of a participating host is assigned to the virtual router instead of a physical router. If the physical router that is routing packets on behalf of the virtual router fails, another physical router is selected to automatically replace it. The physical router that is forwarding packets at any given time is called the master router.
VRRP provides information on the state of a router, not the routes processed and exchanged by that router. Each VRRP instance is limited, in scope, to a single subnet. It does not advertise IP routes beyond that subnet or affect the routing table in any way.
Routers have a priority of between 1-255 and the router with the highest priority becomes the master. The configurable priority value ranges from 1-254, the router which owns the interface IP address as one of its associated IP addresses has the priority value 255. When a planned withdrawal of a master router is to take place, its priority can be lowered, which means a backup router will preempt the master router status rather than having to wait for the hold time to expire.NVIDIA Onyx supports IPv4 in VRRP version 2, and IPv6 in VRRP version 3.
To create load balancing between routers participating in the same VR, it is recommended to create 2 (or more) VRs. Each router will be a master in one of the VRs, and a backup to the other VR(s). A group of hosts should be configured with Router 1’s virtual address as the default gateway, while the second group should be configured with Router 2’s virtual address.
The Virtual Router Redundancy Protocol (VRRP) is a computer networking protocol that provides for automatic assignment of available IP routers to participating hosts. This increases the availability and reliability of routing paths via automatic default gateway selections on an IP subnetwork.The protocol achieves this by creating virtual routers, which are an abstract representation of multiple routers (that is, a master and backup routers, acting as a group). The default gateway of a participating host is assigned to the virtual router instead of a physical router. If the physical router that is routing packets on behalf of the virtual router fails, another physical router is selected to automatically replace it. The physical router that is forwarding packets at any given time is called the master router.VRRP provides information on the state of a router, not the routes processed and exchanged by that router. Each VRRP instance is limited, in scope, to a single subnet. It does not advertise IP routes beyond that subnet or affect the routing table in any way.Routers have a priority of between 1-255 and the router with the highest priority becomes the master. The configurable priority value ranges from 1-254, the router which owns the interface IP address as one of its associated IP addresses has the priority value 255. When a planned withdrawal of a master router is to take place, its priority can be lowered, which means a backup router will preempt the master router status rather than having to wait for the hold time to expire.
Preconditions
Enable IP routing functionality. Run:
switch(config)# ip routingEnable the desired VLAN. Run:
switch(config)# vlan20WarningThe VLAN cannot be the same one configured for the MLAG IPL, if MLAG is used.
Add this VLAN to the desired interface. Run:
switch(config)#interfaceethernet1/1switch(configinterfaceethernet1/1)# switchport access vlan20Create a VLAN interface. Run:
switch(config)#interfacevlan20Apply IP address to the VLAN interface.
For IPv4, do the following.
On one of the switches, run:
switch(configinterfacevlan20)# ip address20.20.20.20/24On the other switch, run:
switch(configinterfacevlan20)# ip address20.20.20.30/24For IPv6, apply IPv6 address to the VLAN interface.
On one of the switches, run:
switch(configinterfacevlan20) # ipv6 address2001::20/64On the other switch, run:
switch(configinterfacevlan20) # ipv6 address2001::30/64
Enable the interface. Run:
switch(configinterfacevlan20)# no shutdown
Configuring VRRP
Enable VRRP protocol globally. Run:
switch(config)# protocol vrrpCreate a virtual router group for an IP interface. Up to 255 VRRP IDs are supported. Run:
switch(configinterfacevlan20)# vrrp100Set the VIP address.
For IPv4, run:
switch(configinterfacevlan20vrrp100)# address20.20.20.40For IPv6, run:
switch(configinterfacevlan20vrrp100) # address2001::40
Influence the election of the master in the VR cluster make sure that the priority of the desired master is the highest. Note that the higher IP address is selected in case the priority of the routers in the VR are the same. Select the priority. Run:
switch(configinterfacevlan20vrrp100)# priority200The advertisement interval should be the same for all the routers within the VR. Modify the interval. Run:
switch(configinterfacevlan20vrrp100)# advertisement-interval2The authentication text should be the same for all the routers within the VR. Configure the authentication text. Run:
switch(configinterfacevlan20vrrp100)# authentication text my-passwordWarningThis option is not supported in VRRP IPv6.
Use the preempt command to enable a high-priority backup virtual router to preempt the low-priority master virtual router. Run:
switch(configinterfacevlan20vrrp100)# preemptDisable VRRP. Run:
switch(configinterfacevlan20vrrp100)# shutdownWarningThe configuration will not be deleted, only the VRRP state machine will be stopped.
Verifying VRRP
Display VRRP brief status. Run:
switch(config) # show vrrp Interface VR Admin State Priority Adv-Intvl Preempt State VR IP addr ----------------------------------------------------------------------------------------------------------- Vlan20100Enabled1001Enabled Master20.20.20.40Vlan20100Enabled1001Enabled Master2001::40Display VRRP detailed status. Run:
switch(config) # show vrrp detail VRRP Admin State: Enabled Vlan20 - Vrrp100: Instance Admin State : Enabled State : Master State v6 : Master Virtual IP Address :20.20.20.40Virtual IPv6 Address :2001::40Priority :100Advertisement interval(sec) :1Preemption : Enabled Virtual MAC Address :00:00:5e:00:01:64Primary IP Address :20.20.20.20Master router :20.20.20.20Virtual MAC Address v6 :00:00:5e:00:02:64Primary IP Address v6 : :: Master router v6 :2001::20Master priority :100Master advertisement interval:1Display VRRP statistic counters. Run:
switch(config) # show vrrp statistics Invalid packets:0Tooshort:0Transitions to Master:1Total received:0Bad TTL:0Failed authentication:0Unknown authentication:0Conflicting authentication:0Conflicting Advertise time:0Conflicting Addresses:0Received with zero priority:0Sent with zero priority:0Invalid packets v6:0Tooshortv6:0Transitions to Master v6:1Total received v6:0Bad TTL v6:0Conflicting Advertise time v6:0Conflicting Addresses v6:0Received with zero priority v6:0Sent with zero priority v6:0
For more information about this feature and its potential applications, please refer to the following community post:
protocol vrrp
|
protocol vrrp no protocol vrrp Enables VRRP globally and unhides VRRP related commands. The no form of the command deletes all the VRRP configuration and hides VRRP related commands. |
||
|
Syntax Description |
N/A |
|
|
Default |
no protocol vrrp |
|
|
Configuration Mode |
config |
|
|
History |
3.3.4500 |
|
|
Example |
switch (config)# protocol vrrp |
|
|
Related Commands |
||
|
Notes |
||
clear vrrp statistics
|
clear vrrp statistics Clears VRRP statistics. |
||
|
Syntax Description |
N/A |
|
|
Default |
N/A |
|
|
Configuration Mode |
config |
|
|
History |
3.3.4500 |
|
|
Example |
switch (config)# clear vrrp statistics |
|
|
Related Commands |
||
|
Notes |
||
vrrp
|
vrrp <number> no vrrp <number> Creates a virtual router group on this interface and enters a new configuration mode. The no form of the command deletes the VRRP instance and the related configuration. |
||
|
Syntax Description |
number |
A VRRP instance number Range: 1-255 |
|
Default |
N/A |
|
|
Configuration Mode |
config interface vlan |
|
|
History |
3.3.4500 |
|
|
3.6.8100 |
Updated parameter range |
|
|
3.7.1100 |
Updated Syntax and notes |
|
|
Example |
switch (config interface vlan 10)# |
|
|
Related Commands |
||
|
Notes |
A maximum total of 64 VRRP instances are supported per switch system. |
|
address
|
address <ip-address> [secondary] no address [<ip-address> [secondary]] Sets virtual router IP address (primary and secondary). The no form of the command deletes the IP address from the VRRP interface. |
||
|
Syntax Description |
ip-address |
The virtual IP address |
|
secondary |
A secondary IP address for the virtual router |
|
|
Default |
N/A |
|
|
Configuration Mode |
config vrrp interface |
|
|
History |
3.3.4500 |
|
|
3.9.1000 |
Added support IPv6 address |
|
|
Example |
switch (config vrrp 100)# address 10.10.10.10 switch (config vrrp 100)# address 2001::40 |
|
|
Related Commands |
||
|
Notes |
|
|
shutdown
|
shutdown no shutdown Disables the virtual router. The no form of the command enables the virtual router (stops the VRRP state machine). |
||
|
Syntax Description |
N/A |
|
|
Default |
Enabled (no shutdown) |
|
|
Configuration Mode |
config vrrp interface |
|
|
History |
3.3.4500 |
|
|
Example |
switch (config vrrp 100)# shutdown |
|
|
Related Commands |
||
|
Notes |
||
priority
|
priority <level> no priority Sets the priority of the virtual router. The no form of the command resets the priority to its default. |
||
|
Syntax Description |
level |
The virtual router priority level Range: 1-254 |
|
Default |
100 |
|
|
Configuration Mode |
config vrrp interface |
|
|
History |
3.3.4500 |
|
|
Example |
switch (config vrrp 100)# priority 200 |
|
|
Related Commands |
||
|
Notes |
|
|
preempt
|
preempt no preempt Sets virtual router preemption mode. The no form of the command disables the virtual router preemption. |
||
|
Syntax Description |
N/A |
|
|
Default |
Enabled (preempt) |
|
|
Configuration Mode |
config vrrp interface |
|
|
History |
3.3.4500 |
|
|
Example |
switch (config vrrp 100)# preempt |
|
|
Related Commands |
||
|
Notes |
To set this router as backup for the current virtual router master, preempt must be enabled. |
|
authentication text
|
authentication text <password> no authentication text Sets virtual router authentication password and enables authentication. The no form of the command disables the authentication mechanism. |
||
|
Syntax Description |
password |
The virtual router authentication password |
|
Default |
Disabled |
|
|
Configuration Mode |
config vrrp interface |
|
|
History |
3.3.4500 |
|
|
3.9.1000 |
Updated notes |
|
|
Example |
switch (config vrrp 100)# authentication text mypassword |
|
|
Related Commands |
||
|
Notes |
|
|
advertisement-interval
|
advertisement-interval <seconds> no advertisement-interval Sets the virtual router advertisement-interval. The no form of the command resets the parameter to its default. |
||
|
Syntax Description |
seconds |
The virtual router advertisement-interval in seconds Range: 1-255 |
|
Default |
1 |
|
|
Configuration Mode |
config vrrp interface |
|
|
History |
3.3.4500 |
|
|
Example |
switch (config vrrp 100)# advertisement-interval 10 |
|
|
Related Commands |
||
|
Notes |
||
show vrrp
|
show vrrp [interface <type> <number>] [vr <id>] Displays VRRP brief configuration and status. |
||
|
Syntax Description |
interface <type> <number> |
Filters the output to a specific interface type and number |
|
vr <id> |
Filters the output to a specific virtual router Range: 1-10 |
|
|
Default |
N/A |
|
|
Configuration Mode |
Any command mode |
|
|
History |
3.3.4500 |
|
|
3.9.1000 |
Added support for VRRP IPv6 instance |
|
|
Example |
switch (config) # show vrrp |
|
|
Related Commands |
||
|
Notes |
||
show vrrp detail
|
show vrrp detail [interface <type> <number>] [vr <id>] Displays detailed VRRP configuration and status. |
||
|
Syntax Description |
interface <type> <number> |
Filters the output to a specific interface type and number |
|
vr <id> |
Filters the output to a specific virtual router Range: 1-255 |
|
|
Default |
N/A |
|
|
Configuration Mode |
Any command mode |
|
|
History |
3.3.4500 |
|
|
3.6.5000 |
Updated example |
|
|
3.6.8008 |
Updated example |
|
|
3.9.1000 |
Added support for VRRP IPv6 instance |
|
|
Example |
switch (config) # show vrrp detail Vlan20 - Vrrp 100: Associated IP Addresses: Associated IPv6 Addresses: |
|
|
Related Commands |
||
|
Notes |
||
show vrrp statistics
|
show vrrp statistics [interface <type <number>] [vr <id>] [all] Displays VRRP counters. |
||
|
Syntax Description |
interface <type> <number> |
Filters the output to a specific interface type and number |
|
vr <id> |
Filters the output to a specific virtual router Range: 1-255 |
|
|
Default |
N/A |
|
|
Configuration Mode |
Any command mode |
|
|
History |
3.3.4500 |
|
|
3.6.5000 |
Updated example |
|
|
3.9.1000 |
Updated example |
|
|
Example |
switch (config) # show vrrp statistics |
|
|
Related Commands |
||
|
Notes |
||