No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

S2700, S3700, S5700, S6700, S7700, and S9700 Series Switches Interoperation and Replacement Guide

This document provides typical configuration examples for interoperation between Huawei switches and mainstream IP phones, firewalls, routers, Microsoft NLB servers, multi-NIC servers, Cisco switches, and SolarWinds.
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Overview of VRRP

Overview of VRRP

Background

As networks rapidly develop and applications become more diversified, various value-added services (VASs) such as Internet Protocol television (IPTV) and video conferencing have become increasingly widespread. However, to ensure these services are not affected by network disconnections, users require a more reliable network infrastructure.

Generally, all hosts on one network segment are configured with the same default route, which has the gateway address as the next hop address. The hosts use the default route to send packets to the gateway, which forwards the packets to other network segments. When the gateway fails, all hosts on this network segment cannot communicate with external networks. A common method to improve network reliability is to configure multiple egress gateways. However, route selection between the gateways becomes an issue.

VRRP resolves this issue by virtualizing multiple routing devices into a virtual router without changing the networking. The virtual router IP address is configured as the default gateway address. When the gateway fails, VRRP selects a new gateway to transmit service traffic to ensure reliable communication.

VRRP Principle

VRRP is a fault-tolerant protocol. It integrates multiple devices into a virtual router and uses certain mechanisms to switch services to other devices when the next-hop device fails, ensuring continuous and reliable communication.

Two or more VRRP-enabled devices form a VRRP group, which functions as a virtual router.

VRRP determines the virtual router master based on the priority of each device. You can manually configure the priority of a device in the VRRP group.

VRRP determines the device role in the virtual router based on device priorities. The device with a higher priority is more likely to become the master. The VRRP-enabled device in a VRRP group initially works in Initialize state. After receiving an interface Up message, the VRRP-enabled device with priority 255 directly becomes the master. The VRRP-enabled device with the priority less than 255 switches to the Backup state, and then reverts to the Master state after the Master_Down_Interval timer expires. The device that first switches to the Master state obtains the priorities of other devices in the group by exchanging VRRP Advertisement packets.

As shown in Figure 5-29, HostA is dual-homed to SwitchA and SwitchB through the switch. SwitchA and SwitchB constitute a VRRP group to implement link redundancy.
Figure 5-29  Working mechanism of VRRP

Basic Concepts

  • VRRP router: device running VRRP. It may belong to one or more virtual routers. SwitchA and SwitchB are VRRP routers.

  • Virtual router: VRRP group consisting of one master and multiple backups. The VRRP group's virtual IP address is used as the default gateway address on a LAN. SwitchA and SwitchB combine to form a virtual router.

  • Virtual router master: VRRP device that forwards packets. SwitchA is the virtual router master.

  • Virtual router backup: a group of VRRP devices that do not forward packets. When the master is faulty, a backup with the highest priority becomes the master. SwitchB is the virtual router backup.

  • VRID: virtual router ID. The VRID of the virtual router composed of SwitchA and SwitchB is 1.

  • Virtual IP address: IP address of a virtual router. A virtual router can be assigned one or more virtual IP addresses that are configurable. The virtual IP address of the virtual router composed of SwitchA and SwitchB is 10.1.1.10/24.

  • IP address owner: VRRP device that uses an IP address of a virtual router as the actual interface address. If an IP address owner is available, it usually functions as the virtual router master. The interface address of SwitchA and the IP address of the virtual router are both 10.1.1.10/24, making SwitchA the IP address owner.

  • Virtual MAC address: MAC address that is generated by the virtual router based on the VRID. A virtual router has one virtual MAC address and is in the format of 00-00-5E-00-01-{VRID} (VRRP for IPv4). The virtual router sends ARP Reply packets carrying the virtual MAC address but not the interface MAC address. The VRID of the virtual router composed of SwitchA and SwitchB is 1, so the MAC address of the VRRP group is 00-00-5E-00-01-01.

VRRP State Machine

VRRP defines three states: Initialize, Master, and Backup. Only the device in Master state can forward packets destined for the virtual IP address.

Table 5-16  VRRP states

State

Description

Initialize

VRRP is unavailable. The device in Initialize state cannot process VRRP Advertisement packets.

When VRRP is configured on the device or the device detects a fault, it enters the Initialize state.

After receiving an interface Up message, the VRRP-enabled device whose priority is 255 becomes the master. The VRRP-enabled device whose priority is less than 255 switches to the Backup state.

Master

The VRRP device in Master state performs the following operations:
  • Periodically sends VRRP Advertisement packets.
  • Uses the virtual MAC address to respond to ARP Request packets destined for the virtual IP address.
  • Forwards IP packets destined for the virtual MAC address.
  • Processes the IP packets destined for the virtual IP address if the device is the IP address owner, and discards them if it is not.
  • Becomes the backup if the device receives a VRRP Advertisement packet with a higher priority than its VRRP priority.
  • Becomes the backup if the device receives a VRRP Advertisement packet with the same priority as its VRRP priority and the IP address of the local interface is smaller than that of the connected interface on the remote device.

Backup

The VRRP device in Backup state performs the following operations:
  • Receives VRRP Advertisement packets from the master and determines whether the master is working properly.
  • Does not respond to ARP Request packets destined for the virtual IP address.
  • Processes the IP packets destined for the virtual IP address based on the Layer 2 forwarding process.
  • When receiving a packet of a lower priority, it immediately switches to the Master state by default. If non-preemption is configured, the device resets the timer. If a preemption delay is configured, the device resets the timer and switches to the Master state after the preemption delay expires. When receiving a packet of a higher priority, the device resets the timer. When receiving a packet of equal priority, the device resets the timer but does not compare IP addresses.

    Master_Down_Interval timer: If the backup does not receive Advertisement packets after the timer expires, the backup becomes the master. The calculation formula is as follows:
    • Master_Down_Interval = 3 x Advertisement_Interval + Skew_time (offset time)
    • Skew_Time = (256 - Priority)/256
  • If the device receives a VRRP Advertisement packet whose priority is not 0 and lower than its own VRRP priority, the device discards the packet and becomes the master immediately. If the device receives a VRRP Advertisement packet whose priority is 0, the device sets the Skew_time (offset time).

VRRP Working Process

The VRRP working process is as follows:

  1. Devices in a VRRP group select the master based on their priorities. The master sends gratuitous ARP packets to notify the connected network devices or hosts of the virtual MAC address of the VRRP group.
  2. The master periodically sends VRRP Advertisement packets to all backups in the VRRP group to advertise its configuration (for example, priority) and running status.
  3. If the master fails, the backup with the highest priority becomes the new master.
  4. If the original master is replaced by another device in the group, the new master sends gratuitous ARP packets carrying the virtual MAC address and virtual IP address of the virtual router. The new master uses these packets to update the MAC address entry on the connected network devices or hosts. User traffic is then switched to the new master. This process is transparent to users.
  5. When the original master recovers and is the IP address owner (with priority 255), the original master reverts to the Master state. If the priority of the original master is smaller than 255, the device switches to the Backup state. The priority of the device is then restored to its original value before the failure.
  6. If the backup has a higher priority than the master, the working mode of the backup (preemption or non-preemption) determines whether the master is re-selected.

    • Preemption mode: If the priority of a backup is higher than the priority of the current master, the backup automatically becomes the master.

    • Non-preemption mode: As long as the master is working properly, the backup with a higher priority cannot become the master.

Translation
Download
Updated: 2019-05-15

Document ID: EDOC1000114005

Views: 177637

Downloads: 8152

Average rating:
This Document Applies to these Products
Related Version
Related Documents
Share
Previous Next