VRRP Principle

Objectives

 Grasp VRRP conception and terminology

 Understand the working principle of VRRP
 Grasp the configuration and application of VRRP

2
Contents

 Basic Concept & Function of VRRP

 Working Principle of VRRP
 Actual Networking Application of VRRP

3
 The Problems

Internet

R1
10.0.0.1/16

Default Gateway = 10.0.0.1/16

© ZTE All rights reserved 4

 The Solution - VRRP

Internet

R1 VIP: R2
10.0.0.1/16 10.0.0.3/16
10.0.0.2/16

Default Gateway = 10.0.0.3/16

© ZTE All rights reserved 5

 VRRP Introduction
 VRRP ： Virtual Router Redundancy Protocol
 Problems ：
 End host systems on a LAN are often configured to send packets to a
statically configured default router.
 If this default router becomes unavailable, all the hosts that use it as
their first hop router become isolated on the network
 Solution ：
 VRRP groups several physical routers into a VRRP virtual router, and
assigns a virtual IP and a MAC addresses to the virtual router,
 The end devices use the VRRP virtual router address as their default
gateway.

© ZTE All rights reserved 6

Contents

 Basic Concept & Function of VRRP

 Working Principle of VRRP
 Actual Networking Application of VRRP

7
 VRRP Terminology

 Primary router (master) ： Responsible for forwarding data

packets that sent to the virtual router and respond ARP request.
If one router is the IP address owner then it is the primary router.
 Backup router (slave) ： In VRRP, other virtual router that
participate in will be slave router. It will take over the work when
primary router is disabled.

© ZTE All rights reserved 8

 VRRP Working Process – Choosing the Primary
Router (1)

I have not received the

master packets for a
long period. Choose me. Source IP Target IP master
10.1.1.1 224.0.0.18 10.1.1.1 IP:10.1.1.2
VRID ： 6
PRI ： 100
VIP ：
VRRP (multi-cast) 10.1.1.254

VRRP (multi-cast)
IP:10.1.1.1
VRID ： 6
PRI ：
I have not received
100 Source IP Target IP the master
VIP ： master 10.1.1.2 packets for a long
10.1.1.254 224.0.0.18 10.1.1.2 period. Choose
me.

© ZTE All rights reserved 9

 VRRP Working Process – Choosing the Primary
Router (2)
We have the same
priority. Let’s check
the IP address. His IP Source IP Target IP master
address is greater than
10.1.1.1 224.0.0.18 10.1.1.2 IP:10.1.1.2
mine, so let’s choose
his. VRID: 6
PRI: 100
VIP:
VRRP (multi-cast) 10.1.1.254

VRRP (multi-cast)
IP:10.1.1.1
VRID: 6
PRI: 100 We have the same
VIP:10.1.1.254 Source IP Target IP master priority. Let’s check the
10.1.1.2 224.0.0.18 IP address. My IP
10.1.1.2 address is greater than
his, so let’s choose
mine.

© ZTE All rights reserved 10

 VRRP Working Process – Choosing the Primary
Router (3)

Master is
IP:10.1.1.2
10.1.1.2.
Source IP Target IP master VRID: 6
10.1.1.1 PRI: 100
224.0.0.18 10.1.1.2 VIP:
10.1.1.254
VMAC:00
VRRP (multi-cast) 005E000
106

VRRP (multi-cast)
IP:10.1.1.1
VRID: 6
PRI: 100 Hi, I am master.
VIP: Source IP Target IP master I have the
virtual MAC.
10.1.1.254 10.1.1.2 224.0.0.18 10.1.1.2

© ZTE All rights reserved 11

 VRRP Working Process – Choosing the Primary
Router (4)

IP:10.1.1.2
VRID: 6
PRI: 100
VIP:
10.1.1.254
VMAC:00
005E000
106

ARP (broadcast)

I am master.
Source MAC Target MAC Please record
00005E000106 FFFFFFFFFFFF down my MAC.

© ZTE All rights reserved 12

 VRRP Working Process – IP Owner

I am the IP
owner, so I must
be master.
Source IP Target IP master
10.1.1.1 224.0.0.18 IP:10.1.1.2
10.1.1.1 VRID: 6
PRI: 100
VIP:
VRRP (multi-cast) 10.1.1.1

VRRP (multi-cast)
IP:10.1.1.1
VRID: 6
PRI: 255 It is the IP owner,
VIP: Source IP Target IP master and it has higher
10.1.1.1 10.1.1.2 224.0.0.18 interface priority,
10.1.1.1 so it is the master.

© ZTE All rights reserved 13

 VRRP Working Process – Fault of Primary Router
(1)

I have not received the

master packets for a Source IP Target IP master
long period. There
might be some problem. 10.1.1.1 224.0.0.18 10.1.1.1
Choose me.

VRRP (multi-cast)

IP:10.1.1.1
VRID: 6
PRI: 100
VIP:
10.1.1.254
VMAC:
00005E0
00106

© ZTE All rights reserved 14

VRRP Working Process – Fault of Primary Router (2)

IP:10.1.1.1
VRID ： 6
PRI ： 100
VIP ：
10.1.1.254
VMAC:00005E
000106

ARP (broadcast)

Source MAC Target MAC I am master.

00005E000106 FFFFFFFFFFFF Please record
down my MAC.

© ZTE All rights reserved 15

 VRRP Packet

© ZTE All rights reserved 16

 Summary of Primary Router Selection
 The VRRP router selects the master through the protocol packet.
 During the selection of master, compare the interface priority pri
(0~255). The higher the value of pri, the higher the priority. By
default, the priority of IP owner is 255.
 If the priority is the same, check the IP address.
 If the master owns the virtual MAC, it can transfer the data
packets.
 If the backup router has not received the protocol packets from
the master with a period, it performs the reselection.
 According to the preempt mode of the equipment, decide with
the master can be seized.

© ZTE All rights reserved 17

 VRRP Working Process – Forwarding Data
Packets

40.1.1.0/24

30.1.1.0/24 20.1.1.0/24

R1 R2

IP: 10.1.1.1 IP: 10.1.1.2

Target MAC Target VIP: 10.1.1.254
VIP: 10.1.1.254 00005E000106 00005E000106
MAC
backup Master
Target Target
IP:40.1.1.1 IP:40.1.1.1 VMAC: 00005e000106

Target MAC
00005E000106
Target IP ：
40.1.1.1

G:10.1.1.254

© ZTE All rights reserved

00005e0006
18
 VRRP Working Process – Network Fault

40.1.1.0/24 Route Table

Dest Next-
40.1.1.0/24 hop
10.1.1.1
30.1.1.0/24
When receiving the 20.1.1.0/24
packet lookup route
table, send it to the
R1
next-hop R1. R2
IP: 10.1.1.1 IP: 10.1.1.2
Target MAC MAC1 Target
Mac: MAC1 Target IP: 40.1.1.1 MAC: MAC2
00005E000106
MAC
VIP: 10.1.1.254 VIP: 10.1.1.254
Target IP: 40.1.1.1
backup Master
VMAC:
00005E00010
Target MAC
00005E000106 6
Target
IP:40.1.1.1

G:10.1.1.254

00005e0006

© ZTE All rights reserved 19

 Summary of VRRP Working Mechanism

 Choose the master according to the interface priority.

 Send the protocol packet (224.0.0.18) periodically.
 The Master generates the virtual Mac address 00005e0001xx
according to vrid.
 The Master forwards the data packet and the backup does not
forward it.

© ZTE All rights reserved 20

Contents

 Basic Concept & Function of VRRP

 Working Principle of VRRP
 Actual Networking Application of VRRP

21
 Actual Networking Application of VRRP

VRRP Load
VRRP Monitoring
Interface Balancing
Status

Actual Networking
Application of VRRP

VRRP Heartbeat VRRP Tracing

Line Setting BFD
Setting

© ZTE All rights reserved 22

 VRRP Monitoring Interface Status (1)

 Except for the status of directly-connected interface, VRRP can

also be used to monitor the status of non-directly connected
interface.
 If the monitoring interface is in Down status, the priority of this
router in the backup group automatically decreases or adds
one quota, so that the priority of other routers in the backup
group is higher or lower than that of this router.
 The router with the highest priority becomes Master. Until now
the switchover between the master and backup router is
completed.

© ZTE All rights reserved 23

 VRRP Monitoring Interface Status (2)

VRRP Group1
Virtual IP ：
Router A

10.0.0.1
Network
Switch Router C

Router B

 VRRP group 1 monitors the port with red indicator on Router A.

If the port is normal, Router A is Master. If the port is in Down
status, it decreases the priority of Router A, so that the priority of
Router A is lower than that of Router B, to perform the
switchover between master and backup.

© ZTE All rights reserved 24

 VRRP Load Balancing (1)

 The load balancing mode indicates that several

routers bear the services at the same time, and the
routers can balance the load by setting several virtual
routers.
 The load balancing mode has the following features:
 Each backup group includes one Master equipment and
several Backup equipments.
 The Master router in each backup group can be
different.
 The same router can be added into several backup groups,
and has different priorities in different backup groups.

© ZTE All rights reserved 25

VRRP Load Balancing (2) Both share the
data stream
and act as
m ut ua l
backup

Virtual IP: 10.0.0.100

Virtual IP: 10.0.0.1

VRRP group 1
VRRP group 2
Router A
Network
Switch Router C

Router B

 RouterA is the Master in backup group 1, and is the Backup in

backup group 2.
 RouterB is the Master in backup group 2, and is the Backup in
backup group 1.

© ZTE All rights reserved 26

 VRRP Heartbeat Line Setting

 The VRRP protocol packet can be forwarded by the heartbeat line, instead of the
interface that configures the VRRP group.
 If the VRRP group has configured the heartbeat line, configure the outgoing
interface that sends the packet as the heartbeat line interface. If the heartbeat
line is not configured, configure the outgoing interface as the interface that
configures the VRRP group.
IP bearer
network

PEA PEB
Heartbeat line

Master Backup
link link

© ZTE All rights reserved 27

Application of VRRP Tracing BFD
 There are two applications of VRRP tracing BFD:
 VRRP tracing the normal BFD
No matter the master or the backup, when the BFD link is in down status,
only its priority is decreased but the status is not changed. Switch over the
status by VRRP packet negotiation.
 VRRP fast switchover tracing: The priority is not changed, and only the status
is switched over.
VRRP group 1 fei-0/1/0/1
Virtual IP:10.0.0.3
10.0.0.1/24
Router A
BFD

Switc Router C
h fei-0/1/0/1

10.0.0.2/24 Router B

© ZTE All rights reserved 28

 Review

 Concept and function of VRRP: VRRP provides us with a

mechanism of automatic backup.
 The VRRP virtual router is composed of a group of routers. In this
group of routers, one is master, and the others are backup.
 In the VRRP router group, the master router is selected according
to the selection principle.
 If the master router has faulty, it will be automatically replaced by
the backup router.

© ZTE All rights reserved 29

 Questions

 Is the IP address of virtual router the same as one router in the VRRP
router group?
 Is the IP address owner the same as the master router? When are they
the same router, and when are they different routers?
 After the IP address owner is down, which backup router will take over
its job of master router? At this time, if the master router is down again,
who will take charge of the new master router? If the IP address owner is
up again, will it take back its identity of master router? If the router in
up status is not the IP address owner, will it take back its identity of
master router?

© ZTE All rights reserved 30

Thank you