Article Directory
foreword
VRRP (Virtual Router Redundancy Protocol, Virtual Routing Redundancy Protocol) is a fault-tolerant protocol. VRRP determines the role of each router in the backup group (Master router or Backup router) based on priority. The higher the priority, the more likely it is to become the Master router. The default priority is 100
One, vrrp state machine
(1) Initialize (initial state)
(2) Master (active state)
(3) Backup (preparation state)
2. The working principle and case of active/standby mode
1. Working principle
(1) Elect the Master: The devices in the VRRP backup group elect the Master according to the priority. The master device sends gratuitous ARP packets
(2) The Master device periodically sends VRRP notification messages to announce its configuration information (priority, etc.) and working status in the VRRP backup group. The Backup device judges whether the Master device is working normally through the received VRRP packets.
2. Configuration case
1. Networking requirements
(1) pc1 and pc2 need to access sw1 and sw2, the gateway of sw1 and sw2 is 192.168.0.254;
(2) When SW 1 fails, data forwarding is performed by SW2.
vrrp configuration command:
vrrp vrid x virtual-ip xxxx //virtual gateway
vrrp vrid x preempt-mode time delay 120 //preemption time
vrrp vrid x priority 120 //set priority default 100
vrrp vrid x track interface eth0/0/1 reduced 30 Monitor upper layer interface tuning
View configuration commands:
display vrrp verbose
3. Working principle and case of load mode
1. Working principle
2. Configuration case
(1) Switch A, Switch B, and Switch C belong to backup group 1 whose virtual IP address is 10.1.1.1/24;
(2) The default gateway of the hosts in the 10.1.1.0/24 network segment is 10.1.1.1/24. Use the VRRP backup group to ensure that when a gateway device (Switch A, Switch B, or Switch C) fails, the hosts in the LAN The external network can still be accessed through the gateway;
(3) The backup group 1 works in load balancing mode, realizes load sharing through a backup group, and makes full use of gateway resources;
(4) Configure virtual forwarders on Switch A, Switch B, and Switch C to monitor the status of the uplink interface (VLAN interface 3) through the Track item. When the uplink interface fails, reduce the weight of the virtual forwarder on Switch A, Switch B, or Switch C so that other devices can take over its forwarding tasks.
(1) Configure Switch A
# Configure VLAN 2.
<SwitchA> system-view
[SwitchA] vlan 2
[SwitchA-vlan2] port ten-gigabitethernet 1/0/5
[SwitchA-vlan2] quit
# Configure VRRP to work in load balancing mode.
[SwitchA] vrrp mode load-balance
# Create backup group 1 and set the virtual IP address of backup group 1 to 10.1.1.1.
[SwitchA] interface vlan-interface 2
[SwitchA-Vlan-interface2] ip address 10.1.1.2 24
[SwitchA-Vlan-interface2] vrrp vrid 1 virtual-ip 10.1.1.1
# Set the priority of Switch A in backup group 1 to 120, which is higher than the priority of Switch B (110) and Switch C (100), so that Switch A becomes the master.
[SwitchA-Vlan-interface2] vrrp vrid 1 priority 120
# Configure Switch A to work in the preemption mode to ensure that Switch A can preempt to become the master again after the fault recovers. That is, as long as Switch A works normally, Switch A will become the master. To avoid frequent state switching, configure the preemption delay to 5000 centiseconds.
[SwitchA-Vlan-interface2] vrrp vrid 1 preempt-mode delay 5000
[SwitchA-Vlan-interface2] quit
# Create track entry 1 associated with the physical status of VLAN interface 3. If the status of the Track item is Negative, it indicates that the uplink interface of Switch A is faulty.
[SwitchA] track 1 interface vlan-interface 3
# Configure the virtual forwarder to monitor track item 1. When the status of the Track item is Negative, reduce the weight of the virtual forwarder on Switch A to lower than the failure lower limit of 10, that is, the weight reduction amount is greater than 245, so that other devices can take over the forwarding task of Switch A. In this example, configure the weight reduction amount of the virtual forwarder as 250.
[SwitchA] interface vlan-interface 2
[SwitchA-Vlan-interface2] vrrp vrid 1 track 1 weight reduced 250
Other configurations are the same as above and not configured
The load sharing mode is consistent with the configuration idea of the active/standby backup mode. Taking a single VRRP backup group as an example,
Master device configuration:
vrrp vrid 1 virtual-ip 10.0.0.10 //Configure the virtual IP address in vrid1.
vrrp vrid 1 priority 120 //The priority configured in vrid1 is 120, the priority of other devices is not manually specified, the default is 100, then this device is the Master.
vrrp vrid 1 preempt-mode timer delay 20 //Configure the preemption delay of the Master device to 20 seconds.
vrrp vrid 1 track interface GigabitEthernet0/0/0 reduce 30 //Track the status of the uplink interface G0/0/0. If the port fails, the VRRP priority of the master device will be reduced by 30.
Backup device configuration:
vrrp vrid 1 virtual-ip 10.0.0.10 //Configure the virtual IP address in vrid1.
Summarize
This article describes the role and working principle of vrrp. vrrp is mainly used to back up the egress gateway to ensure the high availability of the egress gateway. In the settings, the interface priority of the main router and the backup router must be set correctly to work normally.
If there are dual active devices in the configuration, there are the following situations:
1. The configuration parameters on the VRRP master and backup devices are asymmetrical, such as authentication type (including type and authentication word), backup group ID, virtual address list, version, etc.
2. The link passed by the heartbeat message is disconnected or unstable.
3. The port is incorrectly blocked by STP, RRPP and other loop-breaking protocols.
4. The CPU usage of the device is too high.The most critical thing is to check whether the two devices are directly interoperable, resulting in a high probability of dual masters.