Monday, February 23, 2015

VRRP (Virtual Router Redundancy Protocol)

VRRP stands for Virtual Router Redundancy Protocol.

It is a FHRP: First Hop Redundancy Protocol, which means they allow you to configure more than one physical router but it can still be seen as a single router.
First Hop means that any packet traveling out the network has its gateway as its first hop. It is protocol used for Gateway redundancy.

-         It is similar to the HSRP protocol by Cisco
-         It is an open standard redundancy protocol i.e. can be used between different vendors
-         Was created by the IETF in 1999 and became industry standard
-         Faster than HSRP
-         The hello time is of 1 second
-         The Dead timer or Hold timer is of 3 seconds
-         The Active / Standby of HSRP are known as Master / Backup in VRRP
-         The Standby Group of HSRP is known as VRRP Group
-         If we use the real IP address then that router becomes the master
-         In case a Virtual IP address is used, the router with the highest priority is considered Master
-         VRRP messages are used to inform group members its status by the VRRP master
-         The virtual MAC address by default is 0000.5e00.01xx, where  xx means the hexadecimal group number
-         The Hellos in VRRP are sent to 224.0.0.18 multicast address
-         Default priority used is 100
-         The VRRP group number range is from 0 to 255
-         In VRRP the priorities range is from 1 to 254 ( 100 is default)
-         In VRRP the routers are configured to preempt the current master router by default if the priority is greater.
-         Advertisements in VRRP are sent to the multicast destination address 224.0.0.18 (VRRP), using IP protocol 112.
-         In VRRP , router Role, we can have one Master router and one or more Backup routers
-         By default preempt is on in VRRP which means that if a router that was master goes down, it loses mastership but if it comes up again, it becomes master without any config changes or intervention.
-          Does not support IPv6
Consider the following diagram, we have Router0 and Router1 configured with the VRRP configuration.


The Virtual IP (VIP) to be used is 10.10.10.10

VRRP Configuration
VRRP is almost similar to HSRP with very minor changes. Mainly being the timer duration (hello and hold timer) being shorter than HSRP.
Router0#conf t
Router0(config)# int fa0/0
Router0(config-if)# ip address 10.10.10.30 255.255.255.0
Router0(config-if)# vrrp 1 priority 200
Router0(config-if)# vrrp 1 authentication text vrrp_lab
Router0(config-if)# vrrp 1 timers advertise 3
Router0(config-if)# vrrp 1 timers learn
Router0(config-if)# vrrp 1 ip 10.10.10.10
Router0(config-if)# no shutdown


We configure the interface with the IP address and then do the VRRP configuration. ‘VRRP 1’, where 1 is the VRRP group. The priority is set to 200 using the ‘priority’ command. Authentication has been configured and should be same between both the routers. The Virtual IP is assigned with the config line ‘vrrp 1 ip 10.10.10.10’.
Router 1 will be backup thus we have configured Priority (100) lower than Router 0

Router1#conf t
Router1(config)# int fa0/0
Router1(config-if)# ip address 10.10.10.40 255.255.255.0
Router1(config-if)# vrrp 1 priority 100
Router1(config-if)# vrrp 1 authentication text vrrp_lab
Router1(config-if)# vrrp 1 timers advertise 3
Router1(config-if)# vrrp 1 timers learn
Router1(config-if)# vrrp 1 ip 10.10.10.10
Router1(config-if)# no shutdown


We configure the interface with the IP address and then do the VRRP configuration. ‘VRRP 1’, where 1 is the VRRP group. The priority is set to 100 using the ‘priority’ command. Authentication has been configured and should be same between both the routers. The Virtual IP is assigned with the config line ‘vrrp 1 ip 10.10.10.10’. 



If we bring down the interface connecting to Router0, then the Router1 will take mastership.


In VRRP, if the previous master is restored again, it will pull back the mastership from the Backup. This happens because of the priority. The router having the highest priority wins and is the MASTER.

The commands used to verify VRRP:
show vrrp brief
show vrrp interface < interface name>
show vrrp

# Reference: certiology.com

1 comment: