VRRP Configuration Guide

introduction introduction with the rapid popularization of networks and the deepening of related applications, various value added services (such as iptv, video conferencing, etc ) have begun to be widely deployed the reliability of the underlying network has become an increasing concern for users, and ensuring uninterrupted network transmission is crucial for end users typically, on all hosts within the same subnet, a default route is set, which is the same and points to the gateway as the next hop packets from hosts to other subnets will be forwarded to the gateway via the default route, and then forwarded by the gateway to achieve communication between hosts and external networks when the gateway fails, all hosts in the subnet that use the gateway as the default route will be unable to communicate with external networks the emergence of vrrp effectively solves this problem vrrp combines several router devices to form a virtual router device, and the ip address of the virtual router device is used as the default gateway for users to communicate with external networks when a gateway device fails, the vrrp mechanism can elect a new gateway device to handle data traffic, thus ensuring reliable network communication explanation of principles explanation of principles the vrrp protocol defines three state machines initialize, master, and backup only devices in the master state can forward packets sent to the virtual ip address initialize initialize this state is the initialization state and is not available in this state, the device does not process any vrrp advertisement messages typically, devices enter the initialize state when they are just starting up or when they detect a fault master master when a vrrp device is in the master state, it assumes all forwarding work of the virtual router device and periodically sends vrrp advertisement messages to the entire virtual network backup backup when a vrrp device is in the backup state, it does not assume the forwarding work of the virtual router device and periodically receives vrrp advertisement messages from the master device to determine if the master is working properly after the vrrp backup group is established, each device will elect the master device based on the configured priority detailed operation process of vrrp devices in the vrrp backup group elect a master based on priority the master device notifies other devices or hosts connected to it of the virtual mac address by sending gratuitous arp packets, thereby assuming the task of packet forwarding the master device periodically sends vrrp advertisement messages to all backup devices in the backup group to announce its configuration information (such as priority) and operational status if the master device fails, the backup devices in the vrrp backup group will re elect a new master based on priority when the vrrp backup group state changes, the master device switches from one device to another the new master device immediately sends gratuitous arp packets carrying the virtual router's virtual mac address and virtual ip address information to refresh the mac table entries in hosts or devices connected to it, redirecting user traffic to the new master device the entire process is completely transparent to users when the priority of a backup device is higher than that of the master device, whether to re elect the master is determined by the operating mode of the backup device (preemptive mode or non preemptive mode) vrrp configuration vrrp configuration operation command description enter the interface configuration view interface ethernet|vlan id create vrrp vrrp \<id> configure vrrp priority vrrp \<id> priority \<value> value interface priority, default is 100 range is 1 254 configure vrrp advertisement message interval vrrp \<id> advertisement interval advertisement interval range is 10 40950ms, default is 1000ms configure vrrp virtual ip address vrrp \<id> ip a b c d note vrrp virtual ip address must be in the same subnet as the actual ip address display and maintenance display and maintenance operation command view basic vrrp information show vrrp summary view detailed vrrp information show vrrp interface vlan id configuration example configuration example network requirements host a is dual homed to device a and device b to ensure uninterrupted network transmission for various user services, vrrp master/backup functionality needs to be configured on device a and device b under normal circumstances, hosts access the internet using device a as the default gateway when device a fails, device b takes over as the gateway to continue working, providing gateway backup procedure 1 assign each interface of the devices to vlans and configure ip addresses \# device a sonic(config)# vlan 10 sonic(config)# interface ethernet 13 sonic(config if 13)# switchport access vlan 10 sonic(config)# interface ethernet 14 sonic(config if 14)# switchport access vlan 10 \#device b sonic(config)# vlan 10 sonic(config)# vlan 20 sonic(config)# interface ethernet 1 sonic(config if 1)# switchport access vlan 20 sonic(config)# interface ethernet 2 sonic(config if 2)# switchport access vlan 10 sonic(config)# interface vlan 10 sonic(config vlanif 10)# ip address 10 1 1 1/24 sonic(config)# interface vlan 20 sonic(config vlanif 20)# ip address 192 168 1 1/24 sonic(config)# ip route 172 16 1 0/24 192 168 1 2 \# device a sonic(config)# vlan 10 sonic(config)# vlan 30 sonic(config)# interface ethernet 1 sonic(config if 1)# switchport access vlan 10 sonic(config)# interface ethernet 2 sonic(config if 2)# switchport access vlan 30 sonic(config)# interface vlan 10 sonic(config vlanif 10)# ip address 10 1 1 2/24 sonic(config)# interface vlan 30 sonic(config vlanif 30)# ip address 192 168 2 1/24 sonic(config)# ip route 172 16 1 0/24 192 168 2 2 \# device c sonic(config)# vlan 20 sonic(config)# vlan 30 sonic(config)# vlan 40 sonic(config)# interface ethernet 3 sonic(config if 3)# switchport access vlan 30 sonic(config)# interface ethernet 2 sonic(config if 2)# switchport access vlan 20 sonic(config)# interface ethernet 5 sonic(config if 2)# switchport access vlan 40 sonic(config)# interface vlan 20 sonic(config vlanif 20)# ip address 192 168 1 2/24 sonic(config)# interface vlan 30 sonic(config vlanif 30)# ip address 192 168 2 2/24 sonic(config)# interface vlan 40 sonic(config vlanif 40)# ip address 172 16 1 1/24 sonic(config)# ip route 10 1 1 0/24 192 168 1 1 sonic(config)# ip route 10 1 1 0/24 192 168 2 1 2 configuring vrrp \# device a sonic(config)# interface vlan 10 sonic(config vlanif 10)# vrrp 1 sonic(config vlanif 10)# vrrp 1 priority 150 sonic(config vlanif 10)# vrrp 1 advertisement interval 1500 sonic(config vlanif 10)# vrrp 1 ip 10 1 1 11 \# device b sonic(config)# interface vlan 10 sonic(config vlanif 10)# vrrp 1 sonic(config vlanif 10)# vrrp 1 advertisement interval 1500 sonic(config vlanif 10)# vrrp 1 ip 10 1 1 11 verify configuration 1 ensure that the vrrp status shows device a as the master device and device b as the backup device devicea(config)# show vrrp summary interface vrid priority ipv4 ipv6 state (v4) state (v6) \ vlan10 1 150 1 0 master backup 2 to simulate device a failure, you can administratively shut down its interfaces or power off the device after device a is down, verify the vrrp status on device b to ensure it becomes the master device deviceb(config)# show vrrp summary interface vrid priority ipv4 ipv6 state (v4) state (v6) \ vlan10 1 100 1 0 master backup ensure that device b is now the master device also, monitor the traffic flow from host a to the internet to ensure it continues uninterrupted if the vrrp failover is successful, host a should seamlessly communicate with the internet via device b acting as the new master device