Successfully pass the free certification exam at IW Academy and become an Infinet Certified Engineer.
Description
VRRP server is able to keep the network alive in case if main router becomes unavailable, by giving it's "responsibilities" to a backup router. When VRRP server is used additional router automatically comes onto operation, that allows significantly reduce the system administrator duty.
Each backup router should be a part of virtual router (VR). VR has an IP addresses list. At time a router becomes the main, it starts to serve each IP addresses from this list (i.e. replys on ARP requests and takes the host functions with these IP addresses). VR is referred by its identifier in range 1…255 (VRID).
The VRRP server operations logic is following:
- VR is operated on several VRRP routers, each of them has identical VRID and identical IP addresses list.
- The main router should be selected from the list of VRRP routers (MASTER mode). Other ones get the status of slave routers (BACKUP mode). The main router periodically sends special packets (sweeping). By receiving these packets, BACKUP routers make a decision about MASTER’s availability.
- In case of the main router failure (there are no keep-alive-messages from MASTER for a long time) one of a slave routers becomes the main router and starts to process packets addressed to VR.
The main virtual router selecting is implemented automatically: this status gets the router with the highest priority or (in the case their equality) – with the biggest "primary" network interface IP address.
NOTE
Interfaces included in one VRRP router should be able to exchange service information via real IP addresses from the same network. The virtual IP address and real addresses of the interfaces must belong to different subnets. The virtual IP address should be set to all devices.
Syntax:
Virtual Router Redundancy Protocol (VRRPv2) daemon with Virtual Host Support Extension V2.0. Usage: vrrp start|stop|dump vrrp dump IFNAME:VRID vrrp IFNAME:VRID [start|stop|clean|flush] vrrp IFNAME:VRID [add]|delete IPADDRESS[/(MASK|MASKLEN)] vrrp IFNAME:VRID [-priority=[PRIO|own]] [-interval=AINT] [-(password|key)=[PASSWORD]] [-preempt=(on|off)] [-owner=[on|off]] [-learn=(on|off)] [-track=(off|default|IPADDRESS/MASKLEN)]
Parameters
Parameter | Description |
---|---|
start | stop | Starts/stops VRRP server. |
dump (IFNAME:VRID) | Displays a VRRP server current state. If the "IFNAME:VRID" is specified displays the information for chosen VR, overwise for all routers. A VRRP server state is displayed in a table consisting of following columns:
|
IFNAME:VRID | The argument determines VR on the network interface to which the parameter should be applied. Consists of the following elements:
|
[add]| IPADDRESS[/(MASK|MASKLEN) | Creates Virtual Router.
|
delete IPADDRESS | Deletes an address from VR IP address list. |
start|stop | Starts/stops this router in a specified VR. |
clean | Deletes specified IP address from VR list. |
flush | Deletes all IP addresses from VR list. |
-priority=[PRIO|own] | Sets the specified router priority in VR.
|
-owner=[on|off] | Enables/disables an "owner" mode. In owner mode the router owns all VR’s IP addresses regardless its priority. I.e. even if this router is a slave at the moment, VR’s IP addresses are in the lists of network interface on which VR is created. At the same time these addresses stay in a "passive" mode. I.e. the router will not reply on these addresses until it takes main router functions. "Owner" mode is enabled by default. |
-preempt=(on|off) | Enables/disables an inheritance mode. If inheritance mode is disabled, the router (regardless its priority) would never take the functions of the main router while there are other operating routers in VR. Inheritance mode is enabled by default. |
-interval=AINT | Allows set the required keep-alive messaging interval for the main route. Parameter’s value is set in seconds. Default parameter value is 1 second. If you set another value, keep in mind it has to be equal for all routers of specified VR. |
-learn=(on|off) | Allows router to collect the list of VR’s IP addresses while it acts as a BACKUP router. This mode is used to simplify VRRP server configuration. Administrator can make a list of VR’s IP addresses only for one router – the owner of IP addresses (with the priority of 255). For other routers it is enough to create VR with an empty IP addresses list and set up a self-learning mode. |
-track=(off|default|IPADDRESS/MASKLEN) | If "Network Prefix Monitoring" mode is enabled the VRRP module checks the availability of a route to the specified network, or the default route. If the routing entries disappear from the system tables the device enters the "BACKUP" mode. |
-(password|key)=[PASSWORD] | Sets authorization for additional VR security. The VRRP server supports two authorization modes:
|
Examples
Use the "dump" parameter to display a VRRP server current state. vrrp dump VRRP interface:ID Prio AInterval Master IP STATE Time Stop reason ================== ==== ========= =============== ======= =============== =========== eth0:010 200o 001 192.168.15.50 BACKUP 0/0:0:3:000 |
Create VR with "10" VRID on the "eth0" interface and add the "9.8.7.6/24" IP address in VR address list. vrrp eth0:10 add 9.8.7.6/24 |
Set 250 priority for VR "eth0:10". vrrp eth0:10 –priority=250 |
Configure the VRRP router with a VRID: 10, where the IW device 1 will operate in the "MASTER" mode and the IW device 2 in the "BACKUP" mode. IW device 1 ifc eth0 10.10.10.1/24 vrrp eth0:10 add 192.168.100.2/24 vrrp eth0:10 -priority=200 vrrp eth0:10 start IW device 2 ifc eth0 10.10.10.2/24 vrrp eth0:10 add 192.168.100.2/24 vrrp eth0:10 -priority=100 vrrp eth0:10 start If the 192.168.100.2/24 IP address set on the PC1 as the default gateway, the IW device 1 will perform a router functions. In case of its failure, IW device 2 will take over the routing functions without the intervention of a network administrator. |