Contents

7  VRRP

7.1  Introduction to VRRP

7.2  References

7.3  Key Concepts

7.3.1  Master/Backup Mode

7.3.2  VRRP Load Balancing

7.3.3  VRRP Tracking Interface Status

7.3.4  VRRP Fast Switchover

7.3.5  Pinging the Virtual IP Address

7.3.6  VRRP Security

7.3.7  VRRP Smooth Switching

7.3.8  mVRRP

7.4  Applications

7.4.1  VRRP Tracking Interface Status

7.4.2  VRRP Fast Switchover

7.4.3  mVRRP

7.5  Terms and Abbreviations

7  VRRP

7.1  Introduction to VRRP

Purpose

The Virtual Router Redundancy Protocol (VRRP) is a fault tolerant protocol that groups several switches into a virtual router. If the next hop switch of a host fails, VRRP switches traffic to another switch, ensuring continuous and reliable communication.

The basic concepts related to VRRP are as follows:

  • VRRP Router: a router running VRRP, which may belong to one or multiple virtual routers.

  • Virtual router: an abstract device managed by VRRP, also called a VRRP backup group. A virtual router functions as a default gateway on a shared local area network (LAN). A virtual router is identified by a virtual router identifier and has a set of virtual IP addresses.

  • Virtual IP address: IP address of a virtual router. A virtual router is manually assigned one or multiple virtual IP addresses.

  • IP address owner: a VRRP router that uses a virtual router's IP address as an actual interface address. When working normally, the VRRP router responds to packets destined for the virtual IP address, such as ping packets and TCP packets.

  • Virtual MAC address: a MAC address that is generated according to a virtual router ID. A VRRP virtual router has a virtual MAC address in the format of 00-00-5E-00-01-{VRID}, and a VRRP6 virtual router has a virtual MAC address in the format of 00-00-5E-00-02-{VRID}. A virtual router responds to Address Resolution Protocol (ARP) requests using the virtual MAC address but not the interface's actual MAC address.

  • Primary IP address: an IP address selected from one of the physical interfaces' IP addresses. It is usually the first configured IP address. The primary IP address functions as the source IP address in VRRP broadcast packets.

  • Master Router (virtual router master): a VRRP router that forwards packets to the virtual IP address and responds to ARP requests. When an IP address owner is available, it usually functions as the master router.

  • Backup Router (virtual router backup): a set of VRRP routers that do not forward packets. If the master router fails, the backup routers will compete to be the new master router.

  • Preemption mode: a mode in which a backup router becomes the master router if the backup router has a higher priority than the current master router.

Description

As the Internet grows quickly, higher network reliability is required. It is important for LAN users to be in contact with external networks at any time.

Generally, all hosts in an internal network are configured with one default route destined for an egress gateway, through which they communicate with external networks. If the egress gateway fails, communication between these hosts and external networks will be interrupted.

Configuring multiple egress gateways is a common method to improve system reliability. However, route selection between the gateways becomes an issue because most hosts on a LAN do not support dynamic routing protocols.

The Internet Engineering Task Force (IETF) developed VRRP to enable hosts on a LAN to reliably access external networks. VRRP provides the following functions:

  • Master/backup mode: A virtual router is set up, with a master router and multiple backup routers forming a backup group. The master router transmits all services. When the master router fails, a backup router takes over the services.

  • VRRP load balancing: Multiple virtual routers transmit service at the same time. Load balancing is performed on at least two backup groups on multiple routers, rather than on a single VRRP backup group. In load balancing mode, each backup group has a master device and transmits some of service traffic.

  • VRRP tracking interface status: Each VRRP backup group can track the status of all interfaces bound to it. If an interface fails, the router with the highest priority will be re-selected as the master router.

  • Virtual IP address ping: Ping to the virtual IP address of a VRRP backup group can be enabled using commands.

  • VRRP security: Different authentication modes and authentication keys can be set in VRRP packet headers in networks requiring different security levels.

  • VRRP smooth switching: VRRP master/backup mode must be enabled on customer edge (CE) routers that function as gateways of a service system. During an Active Main Board (AMB)/Standby Main Board (SMB) switchover on a CE, VRRP status will not be switched on local and peer CEs. This prevents packet loss during the switchover.

  • VRRP fast switchover: VRRP tracks BFD session status to perform a fast switchover in milliseconds.

7.2  References

The following table lists the references of this document.

Document

Description

Remarks

RFC 2281

Hot Standby Router Protocol (HSRP)

-

RFC 2338

Virtual Router Redundancy Protocol (version number One 1998)

-

RFC 2787

Definitions of Managed Objects for the Virtual Router Redundancy Protocol

-

RFC 3768

Virtual Router Redundancy Protocol (version number Two 2004)

-

RFC 5798

Virtual Router Redundancy Protocol Version 3 for IPv4 and IPv6

-

7.3  Key Concepts

VRRP combines a group of routing devices on a LAN into a backup group that functions as a virtual router. Hosts on the LAN only need to obtain the IP address of the virtual router rather than the IP address of a specific device in the backup group. When the IP address of the virtual router is configured as the default gateway for the hosts, the hosts can communicate with an external network through the virtual gateway.

VRRP dynamically associates the virtual router with a physical device that transmits services. When the device fails, another device is selected to transmit services. The switchover is transparent to users, allowing the internal and external networks to communicate without interruption.

Figure 7-1  Virtual router

As shown in Figure 7-1, the virtual router is implemented as follows:

  • Switch A, Switch B, and Switch C form a VRRP backup group that functions as a virtual router. The IP address of the virtual router is 10.110.10.1. The virtual IP address can be specified or borrowed from an interface of a device in this VRRP backup group.

  • The actual IP addresses of Switch A, Switch B, and Switch C are 10.110.10.5, 10.110.10.6, and 10.110.10.7, respectively.

  • Hosts on a LAN only need to set the default route to 10.111.10.1 rather than a physical interface address of a specific device.

Hosts communicate with external networks through this virtual gateway. The virtual router functions as follows:

  • The master device is selected according to device priorities:
    • The device with a higher priority is selected as the master device.

    • If two devices have the same priority and one of them is the master device, the backup device will remain in the backup state. If the two devices with the same priority compete for becoming the master device, the device with a larger interface IP address will be selected as the master device.

  • Other devices function as backup devices and track the status of the master device.

    • The master device sends a VRRP multicast packet at intervals of Advertisement_Interval to notify backup devices in the backup group that the master device is working normally.

    • In a VRRP group with one backup device, when the backup device does not receive packets from the master device within the period of Master_Down_Interval, the backup device transitions itself to become the master device. In a VRRP group with multiple backup devices, when the backup devices do not receive packets from the master device within the period of Master_Down_Interval, multiple backup devices may become the master devices in a short period. The devices then compare the priorities in the received VRRP packets with their local priorities, and the device with the highest priority is selected as the master device. After a backup device becomes the master device, it sends gratuitous ARP packets to update MAC entries on the switches. User traffic is then switched to the master device. The entire process is transparent to users.

The preceding analysis demonstrates that when using VRRP, hosts do not need to perform additional operations and can communicate with external networks even when a device fails.

VRRP Packet Format

VRRP packets notify all VRRP routers associated with the same virtual router ID of the priority and status of the master device.

VRRP packets are encapsulated in IP packets and sent to the IPv4 multicast address assigned to VRRP. In the IP packet header, the source address is the primary IP address of the interface sending the packet, but not the virtual address or secondary address. The destination multicast address is 224.0.0.18. The TTL value is 255, and the protocol number is 112. Figure 7-2 shows the VRRP packet format.

Figure 7-2  VRRP packet format

The descriptions of each field are as follows:
  • Version: indicates the version number of the protocol. The VRRP protocol number is 2.

  • Type: indicates the type of VRRP Advertisement packets. The value is fixed at 1.

  • Virtual Rtr ID: indicates the virtual router identifier. The value ranges from 1 to 255.

  • Priority: specifies the priority of the VRRP router that sends a VRRP packet in a VRRP backup group. The value ranges from 0 to 255, and the valid range for users is 1 to 254. The priority value 0 indicates that the router leaves the VRRP backup group. This enables a backup router to quickly become the master before the timer expires. The priority value 255 is reserved for the IP address owner. By default, the priority value is 100.

  • Count IP Addrs: indicates the number of virtual IP addresses contained in a VRRP advertisement packet.

  • Authentication Type: indicates the authentication type in use. The authentication types defined in the protocol are as follows:
    • 0: Non Authentication

    • 1: Simple Text Password

    • 2: IP Authentication Header

    NOTE:
    Currently, the S7700 supports the following authentication modes:
    • Simple Text Password: Plain text authentication
    • IP Authentication Header: MD5 authentication
  • Advertisement interval: indicates the interval at which advertisement packets are sent. The default value is 1 second.

  • Checksum: indicates the packet checksum.

  • IP Address: indicates the virtual addresses of the virtual router. The number of addresses is specified in the Count IP Addrs field.

  • Authentication data indicates the authentication key. Currently, this field is used only in plain text authentication mode and MD5 authentication mode. In other authentication modes, this field is 0.

State Machine

VRRP defines three states: Initialize, Master, and Backup. Only the device in the Master state can forward packets destined for the virtual IP address.

Figure 7-3 shows the VRRP state transition.

Figure 7-3  VRRP state transition

Initialize: A switch is in the Initialize state when started. If a Startup message is received, the switch changes to the Backup state or the Master state. If theswitch is the IP address owner, it changes to the Master state directly. In this state, the switch does not process VRRP packets.

Master: In the Master state, a switch performs the following:
  • Sends the VRRP packets periodically.

  • Sends the virtual MAC address in respond to ARP requests with the virtual IP address.

  • Forwards IP packets in which the destination MAC address is the virtual MAC address.

  • If the switch is the virtual IP address owner, it accepts IP packets of which the destination IP address is the virtual IP address. If the switch is the not virtual IP address owner, it discards these IP packets.

  • Transitions to the Backup state if the priority in the received packet is greater than the local priority.

  • Transitions to the Initialize state when the interface is shut down.

Backup: In the Backup state, a switch performs the following:
  • Accepts VRRP packets sent by the master and check determine the master is working properly.

  • Does not respond to ARP requests with the virtual IP address.

  • Discards IP packets in which the destination MAC address is the virtual MAC address.

  • Discards IP packets in which destination IP address is the virtual IP address.

  • When receiving a packet of lower priority, the switch discards the packet and does not reset the timer. When receiving a packet of the same priority, the switch resets the timer and does not compare the IP address in the packet with the local IP address.

  • Transitions to the master device when receiving the event that MASTER_DOWN_TIMER times out.

  • Transitions to the Initialize state when receiving an interface shutdown event.

7.3.1  Master/Backup Mode

In master/backup mode, VRRP provides the IP address backup features. A virtual router must be set up with a master device and multiple backup devices, forming a backup group.

  • Normally, the master device transmits all services.

  • When the master device fails, a backup device takes over the services.

7.3.2  VRRP Load Balancing

A device can function as a backup device in multiple VRRP backup groups. Load balancing is performed among multiple virtual routers. In load balancing mode, multiple virtual routers transmit services simultaneously; therefore, two or more backup groups must be set up.

The load balancing mode has the following characteristics:

  • Each backup group consists of a master device and multiple backup devices.

  • The master devices of backup groups can be different.

  • A device can join multiple backup groups and obtain different priorities in each group.

Figure 7-4  VRRP in load balancing mode

As shown in Figure 7-4, two backup groups are configured, that is, Backup group 1 and Backup group 2.

  • Switch A is the master in Backup group 1 and the backup in Backup group 2.

  • Switch B is the Backup in both Backup group 1 and Backup group 2.

  • Switch C is the master in Backup group 2 and the backup in Backup group 1.

  • Backup groups 1 and 2 are gateways for different hosts.

In this mode, backup groups load balance data traffic and back up each other.

7.3.3  VRRP Tracking Interface Status

VRRP can track the status of all interfaces. When a tracked interface goes Up or Down, the device's priority automatically increases or decreases by a specified value. The order of device priorities in the backup group changes, and the VRRP devices compete with each other to become the master device.

A VRRP backup group can track a maximum of eight interfaces in Increase mode or Reduce mode.

  • In Increase mode, when a tracked interface goes Down, the priority of the VRRP backup group increases by a specified value.

  • In Reduce mode, when a tracked interface goes Down, the priority of the VRRP backup group decreases by a specified value.

    The Reduce mode takes effect on both master and backup devices.

For information about the typical application environment, see the section "VRRP Applications."

7.3.4  VRRP Fast Switchover

Bidirectional forwarding detection (BFD) quickly detects connectivity of network links or IP routes. VRRP tracks BFD session status to perform master/backup switchover within 1 second.

BFD can notify the interface board of faults to speed up VRRP master/backup switchover in the following cases:

  • Faults occur on the interfaces where VRRP backup groups are created.

  • The master device and the backup device are not directly connected.

  • The master device and the backup device are directly connected; however, other transmission devices exist on the link between them.

The BFD session detects connectivity between the backup device and the master device according to the actual IP address. If the communications are abnormal, the backup device considers that the master device is Down and becomes the master device. This occurs in the following cases:

  • When the back-to-back connection of two devices is terminated, the backup device becomes the master device to transmit upstream traffic.

  • When the connection of two devices is terminated, the backup device becomes the master device and then transmits upstream traffic in the following cases:

    • The master device is restarted.
    • The link between the master device and the switch is disconnected.
    • The switch that is connected to the master device is restarted.

VRRP fast switchover requires the following:

  • On the backup devices, the interfaces associated with BFD sessions must be connected to the master device.

  • When the master device is faulty, the priority of a backup device increases and becomes greater than the priority of the master device. In this way, the backup device can quickly transition to the master state.

7.3.5  Pinging the Virtual IP Address

Pinging the virtual IP addresses of VRRP backup groups facilitates monitoring of virtual routers. However, this function may result in Internet Control Message Protocol (ICMP) attacks. A command is provided for you to determine whether to enable or disable ping to a virtual IP address.

7.3.6  VRRP Security

Different authentication modes and authentication keys can be set in VRRP packet headers based on network security.

In a secure network, the default setting can be used. That is, the device does not authenticate the sent or received VRRP packets. All received VRRP packets are considered as valid. In this case, no authentication key needs to be set.

VRRP provides simple text authentication and MD5 authentication for networks that are vulnerable to attacks.

7.3.7  VRRP Smooth Switching

After an active/standby switchover occurs on the master device, there is a period of time before the new active main board (AMB) will work normally. This period of time varies according to device and configuration. During this period, the master device cannot process VRRP packets normally, and so the backup devices cannot receive VRRP broadcast packets. As a result, a backup device preempts to become the master device. Then the new master device sends a gratuitous ARP packet to the virtual IP address of each virtual router to notify the related bound modules of the status change. In preemption mode, if the original master device has a higher priority, it can preempt to become the master device again after the switchover. This causes the VRRP status to change twice, affecting service traffic.

To prevent service traffic forwarding from being affected during an AMB/SMB switchover, VRRP devices must support VRRP smooth switching.

When the AMB and SMB on a device are working properly, the master device in a VRRP backup group sends VRRP broadcast packets at intervals of Advertisement_Interval. The backup device determines whether the master device works properly based on the broadcast packets it receives.

During VRRP smooth switching, the master device cooperates with backup devices to ensure smooth transmission of services.

  • To perform VRRP smooth switching, the master device and backup devices must be enabled to learn the interval at which VRRP packets are sent. After this function is enabled:

    • The master device does not learn the interval at which VRRP packets are sent or check consistency of the intervals.

    • When a backup device receives a VRRP packet from the master device, it checks the interval in the VRRP packets. If the interval in the packet is different from the interval configured on the device, the backup device changes its own interval to the interval specified in the packet.

  • Switch A is configured with VRRP smooth switching. After an AMB/SMB switchover occurs and the new AMB starts, VRRP saves the currently configured interval, changes the interval of the master VRRP backup group, and sends a VRRP switching packet carrying the new interval to Switch B at the currently configured intervals.

  • After receiving the VRRP packet, Switch B finds that the interval carried in the VRRP packet is different the locally configured interval. Switch B then changes the local interval to the interval carried in the received VRRP packet.

  • After smooth switching is complete, Switch A sends a VRRP Recovery packet carrying the interval set before the AMB/SMB switchover. Switch B then learns the interval again.

When performing VRRP smooth switching, note the following:

  • During VRRP smooth switching, the interval learning function takes precedence over the preemption function. That is, when the interval carried in the received packet is different from the current interval and the priority carried in the received packet is lower than the current priority, VRRP first learns the interval and resets the timeout timer, and then determines whether to preempt to become the master.

  • VRRP smooth switching also depends on the system performance. If the system is very busy after a AMB/SMB switchover occurs and cannot schedule operations of the VRRP module, VRRP smooth switching cannot take effect.

7.3.8  mVRRP

A Management Virtual Router Redundancy Protocol (mVRRP) group has all functions of an ordinary VRRP backup group, with the addition of the following unique features:

An mVRRP backup group can be bound to other service VRRP backup groups and determine the status of related service VRRP backup groups.

After ordinary VRRP backup groups are added to an mVRRP backup group, they do not need to send VRRP packets to determine the status. The mVRRP backup group sends VRRP packets to determine its status and the status of all its bound service VRRP backup groups. This reduces the bandwidth that VRRP packets occupy.

Although an mVRRP backup group can be bound to multiple service VRRP backup groups, it cannot be bound to any other mVRRP backup group.

In a VPLS network, after PWs or service interfaces are bound to an mVRRP backup group, the mVRRP backup group can be associated with an mVSI.

7.4  Applications

7.4.1  VRRP Tracking Interface Status

Figure 7-5  VRRP tracking interface status

Problem: VRRP cannot detect status changes on non-VRRP interfaces. When the outbound interface is faulty, VRRP cannot detect the fault, which causes service interruption.

To solve this problem, enable VRRP to track specified interfaces. A VRRP backup group can track a maximum of eight interfaces in Increase mode or Reduce mode. When the status of a tracked interface changes, the VRRP backup group is notified of the change, and then it increases or decreases the VRRP priority to trigger VRRP switchover.

As shown in Figure 7-5, Switch A and Switch B are enabled with VRRP. The priority of the VRRP backup group on Switch B is higher than the priority of the VRRP group on Switch A. Switch B tracks interfaces in Reduce mode. Switch B functions as the master device and transmits user traffic, as shown in Figure 7-5. When GE 1/0/0 of Switch B connected to the Internet is faulty, the VRRP backup group that tracks this interface in Reduce mode decreases the priority. Then, Switch A preempts to become the master device and forwards user traffic to the Internet.

7.4.2  VRRP Fast Switchover

Figure 7-6  VRRP fast switchover

Problem: Traffic loss lasts a long time after a VRRP backup group detects a link fault.

To solve this problem, enable BFD and configure VRRP to track BFD session status.

  • BFD can detect faults in milliseconds. When a fault occurs on the link between Switch A and Switch B or a remote host, the BFD session can quickly detect the fault.

  • After VRRP is configured to track the BFD session status, the BFD session can notify VRRP of link faults.

  • VRRP changes priorities of VRRP backup groups according to the status reported by the BFD session, or performs fast switchover to start the preemption process.

  • A VRRP backup group can track a maximum of eight BFD sessions.

  • A VRRP master/backup switchover can be performed within 200 ms by tracking BFD session status.

As shown in Figure 7-6, VRRP is enabled on Switch A and Switch B. In the VRRP backup group, Switch A functions as the master device and forwards user traffic, and Switch B functions as the backup device. A BFD session is established between Switch A and Switch B. The VRRP backup group tracks the BFD session status to implement fast VRRP switchover. When the BFD session detects a link fault between Switch A and Switch, a Down event is sent to VRRP. Then the priority of Switch B is increased and becomes higher than the priority of Switch A. As a result, a VRRP master/backup switchover occurs. Switch B becomes the master device and subsequent user traffic is forwarded through Switch B.

7.4.3  mVRRP

Figure 7-7  Typical mVRRP networking diagram

Problem: A large number of VRRP packets are transmitted, wasting bandwidth and CPU resources.

To solve this problem, configure mVRRP.

  • An mVRRP backup group and multiple ordinary VRRP backup groups are set up on NPE 1 and NPE 2. The ordinary VRRP backup groups are bound to the mVRRP backup group and function as service VRRP backup groups.

  • The UPE does not sense the mVRRP backup group and service VRRP backup groups.

As shown in Figure 7-7, when an mVRRP backup group on NPE 1 changes from the Master state to the Backup or Initialize state, the mVRRP backup group requests all its bound service VRRP backup groups to change their state to Backup. In this case, the mVRRP backup group on NPE 2 changes from the Backup state to the Master state, and all service VRRP backup groups bound to it also change their status to Master. When the mVRRP backup group and the service backup groups change to the Master state, they broadcast gratuitous ARP packets to switch user traffic to the new master backup groups.

7.5  Terms and Abbreviations

Abbreviations

Abbreviation

Full Spelling

VRRP

Virtual Router Redundancy Protocol

ARP

Address Resolution Protocol

BFD

Bidirectional Forwarding Detection

L2VPN

Layer 2 virtual private network

PW

Pseudo Wire

VSI

Virtual Switching Instance

QinQ

802.1Q in 802.1Q

ME

Metro Ethernet

mVRRP

Management Virtual Router Redundancy Protocol

mVPLS

Management Virtual Private LAN Service

mVSI

Management Virtual Switching Instance