" When my Gateway is went down in USG5300 when VRRP Service was Running "

Publication Date:  2013-01-10 Views:  257 Downloads:  0
Issue Description
Usually, each host on an intranet is configured with a default route to the next hop that is to the IP address of the egress router, that is, 10.100.10.1/24, as shown


The interactive packets between intranet users and Internet users all pass the router. When the router fails, all hosts (whose next hops are the router by default) on the intranet fail to communicate with the Internet. In this case, communication is unreliable in default route mode
Alarm Information
Customer Can't access the internet
Handling Process
To Configure VRRP you must know this Commands :-

1- Run:
<USG5300> system-view
The system view is displayed.

2- Run:
[USG5300] interface interface-type interface-number
The interface view is displayed.

3- Run:
[USG5300] ip address ip-address net-mask [ sub ]
The IP address is set for the interface.

4- Run:
[USG5300] vrrp vrid virtual-router-id virtual-ip virtual-address [ ip-mask | ip-mask-length ] { master | slave }
The VRRP group is configured.

5- (Optional) Run:
[USG5300] vrrp authentication-mode simple key
The authentication mode and key are set for the VRRP group.


 

Root Cause
The Virtual Router Redundancy Protocol (VRRP) can solve such a problem.

VRRP organizes several routers on a LAN into a virtual router, named a VRRP group. In a VRRP group, only one device is in active state, which is named master. Others are in standby state and are ready to take over the tasks at any time based on the priority, and these inactive devices are named slave.





As shown in this Figure :-
  1. Routers A, B, and C make up a VRRP group (serves as a virtual router), whose virtual IP address is 10.100.10.1.
  2. Router A is the master with the IP address 10.100.10.2.
  3. Routers B and C are slave with IP addresses 10.100.10.3 and 10.100.10.4 respectively.

In VRRP, only the active router can forward the packet that takes the virtual IP address as the next hop.

All hosts on the intranet are aware of the virtual IP address 10.100.10.1, instead of the IP address of the master or slave. Therefore, the default route of each host is configured to the virtual IP address. Thus, all hosts on the intranet can communicate with the Internet through this VRRP group.

The VRRP module on the master router monitors the state of the communication interface and sends notification packets to the slave routers in multicast mode.

When the master router fails, for example, an interface or link fails, the VRRP notification packets are not be sent out as usual.

When the slave router does not receive any VRRP notification packet in a specified interval, the slave router with the highest priority changes its VRRP state to the active state. In this way, the services running on the master router can continue to run on the slave router.

If the master router of the VRRP group fails, other slave routers of the group select a new slave router according to their priorities. So the selected router works in active state and provides routing services to the hosts on the network.

With the VRRP technology, the hosts on the intranet can communicate with the Internet continuously. Thus, reliability is guaranteed.

 

Suggestions
VRRP Summary :-

The USG5300 supports the Virtual Router Redundancy Protocol (VRRP) and formation of VRRP groups based on virtual IP addresses. The hosts on a network continuously communicate with other networks through a virtual router.

END