Identical VRRP IDs Cause a VRRP Negotiation Failure

Publication Date:  2012-07-16 Views:  297 Downloads:  0
Issue Description
Two USG5300 devices and two S9300 switches form a square-shaped network (for the network diagram, see the attachment). VRRP are implemented from the two USG5300 devices to the two S9300 switches and from the two S9300 switches to the two USG5300 devices.
After the display hrp state command is executed on a USG5300, the VRRP port connecting to a S9300 is in the peer down state (for the screen, see the attachment). The VRRP implementation fails. The USG5300 displays an error message, stating "System detected a vrrp config error of VIRTUAL IP ADDRESS ERROR, Virtual Router: 2."
Alarm Information
Handling Process
The ID of the VRRP of the two USG5300 devices is 2, and that of the VRRP of the two switches is also 2.
Because devices at both ends use the same network segment for VRRP negotiation, a problem occurs when the two VRRP groups perform negotiation, causing the previous phenomenon.
Root Cause
According to the error message, the failure is caused by the incorrect configuration of VRRP 2. Specifically, the VRRP virtual addresses of two identical devices, VRRP addresses, or VRRP IDs do not match.
Assign different VRRP IDs to different VRRPs on one device. VRRP IDs of two connected VRRP ports must not be the same; otherwise, VRRP negotiation fails.