What is Virtual Router Redundancy Protocol (VRRP)?

Home Blog Articles What is Virtual Router Redundancy Protocol (VRRP)?

What is Virtual Router Redundancy Protocol (VRRP)?

Virtual Router Redundancy Protocol

Virtual Router Redundancy Protocol (VRRP)  allows for a group or routers to appear as a single default gateway to end devices.  All the routers must have interfaces that belong in the same subnet.   The end devices point their default gateways to a Virtual Router IP (VIP) address. VRRP is an open standard, RFC 5798, allowing interoperability between network vendors, i.e. Cisco, HP, Brocade, etc….

VRRP provides gateway redundancy by continuing forwarding of end device data traffic even if only of the routers in the VRRP group is available.  This forwarding action is accomplished by the routers in the VRRP group sharing ownership of the VIP address and its associated MAC Address.  The actual forwarder of traffic is known as the Master and is chosen by priority.  If the priorities of all the router interfaces acting in the VRRP group are the same the tie-breaker is the router with the highest IP address.

An election occurs to determine which router interface will become Master for the VRRP group.  All the routers exchange VRRP packets on the local subnet using multicast address IPv4 224.0.0.18 and IPv6 FF02::12.  The election is based on highest interface VRRP priority, 1-255, becoming Master and all remaining routers becoming Backup. A router added to the group can become Master through pre-emption if it’s priority is higher or there is a tie between all the routers interface priorities and it has the highest IP address.

A “skew time” is used to allow an orderly election versus all the Backup routers stating they are Master at the exact same time causing a “thundering herd problem.”  The failure of the Master VRRP router causes the remaining Backup routers in the VRRP group to determine who is the replacement Master.

VRRP uses Time to Live (TTL) of 255 to keep the protocol traffic to the local subnet and stop malicious attacks from remote subnets.  Simple Authentication is available to further define which routers can join a specified VRRP group.

All the routers of a VRRP group are identified by a Virtual Router ID, VRID.  The VRID is used to define the virtual MAC Address (0000-5e00-01XX) for the VIP.

In the example above,  Router B has taken on the master role and is forwarding traffic for end devices in subnet 10.1.1.0 /24 because it has the highest IP address, 10.1.1.3, of the two routers and the VRRP priority is at default for both, 100.  The virtual MAC address is chosen from the VRID 1, thus it is 0000-5e00-0001.

 VRRP is not a routing protocol and does not pass routing information between routers.  It is only used to define VIP and traffic forwarder for end devices.  VRRP is used to ensure traffic forwarding of end points by having multiple routers coordinate the forwarding based on which one is Master.  The end devices need only be configured to use the VIP address as their default gateway.

/ Articles, Redundancy, VRRP / Tags: , , ,

About the Author

Praveen Bahethi

Chief Technical Officer, Shilpa Systems
Washington D.C. Metro Area
Information Technology and Services
Driven leader looking to reduce costs and enhance revenues through the efficient and productive use of Technology Specialties: Managing Technology Teams Developing and Teaching Courseware Using a Comprehensive approach to Converged Infrastructure with insight into Technology, Costs, and People.

Related Posts

What is DHCP Relay/ IP-Helper-Address?
Why switch trunk/ tagged ports are used?
What is Ethernet?
What are Cisco ASA firewall security levels?
What are VTP Modes and how is it advertised?
What is Routing?
What is Dynamic Host Configuration Protocol, DHCP?
How do you configure MSTP on HP Comware via CLI?

Comments

No comment yet.

Leave a Reply

Your email address will not be published. Required fields are marked *