VRRP Principle

Objectives

 Grasp VRRP concept and terminology

 Understand the working principle of VRRP
 Grasp the configuration and application of VRRP

© ZTE Corporation. All rights reserved

Contents

 Basic Concept & Function of VRRP

 Working Principle of VRRP
 Actual Networking Application of VRRP
 The Problems

Internet

R1
10.0.0.1/16

Default Gateway = 10.0.0.1/16

© ZTE Corporation. All rights reserved

 The Solution - VRRP

Internet

R1 VIP: R2
10.0.0.1/16 10.0.0.3/16
10.0.0.2/16

Default Gateway = 10.0.0.3/16

© ZTE Corporation. All rights reserved

 VRRP Introduction
 VRRP ： Virtual Router Redundancy Protocol

 Problems ：
 End host systems on a LAN are often configured to send packets to a
statically configured default router.
 If this default router becomes unavailable, all the hosts that use it as
their first hop router become isolated on the network

 Solution ：
 VRRP groups several physical routers into a VRRP virtual router, and
assigns a virtual IP and a MAC addresses to the virtual router,
 The end devices use the VRRP virtual router address as their default
gateway.

© ZTE Corporation. All rights reserved

Contents

 Basic Concept & Function of VRRP

 Working Principle of VRRP
 Actual Networking Application of VRRP
 VRRP Terminology

 Primary Router (Master) ： Responsible for forwarding data

packets that sent to the virtual router and respond ARP request.
If one router is the IP address owner then it is the primary router.

 Backup Router (Slave) ： In VRRP, other virtual router that

participate in will be slave router. It will take over the work when
primary router is disabled.

© ZTE Corporation. All rights reserved

 VRRP Working Process – Choosing the Primary
Router (1)
I have not received the
master packets for a
long period. Choose
me.
Source IP Target IP Master IP:10.1.1.2
10.1.1.1 224.0.0.18 10.1.1.1 VRID ： 6
PRI ： 100
VIP ： 10.1.1.254

VRRP (Multicast)

VRRP (Multicast)
IP:10.1.1.1
VRID ： 6
PRI ： 100 I have not
VIP ： 10.1.1.254 Source IP Target IP Master received the
10.1.1.2 224.0.0.18 10.1.1.2 master packets
for a long period.
Choose me.

© ZTE Corporation. All rights reserved

 VRRP Working Process – Choosing the Primary
Router (2)
We have the same
priority. Let’s check the
IP address. Your IP Source IP Target IP Master
address is greater than 10.1.1.1 224.0.0.18 10.1.1.2 IP:10.1.1.2
mine, so let’s choose VRID: 6
you.
PRI: 100
VIP: 10.1.1.254
VRRP (Multicast)

VRRP (Multicast)
IP:10.1.1.1
VRID: 6
PRI: 100
VIP:10.1.1.254 Source IP Target IP Master
10.1.1.2 224.0.0.18 10.1.1.2 We have the same priority.
Let’s check the IP address.
My IP address is greater
than yours, so choose me.

© ZTE Corporation. All rights reserved

 VRRP Working Process – Choosing the Primary
Router (3)

Master is IP:10.1.1.2
10.1.1.2. Source IP Target IP Master VRID: 6
10.1.1.1 224.0.0.18 10.1.1.2 PRI: 100
VIP: 10.1.1.254
VMAC:00005E000106
VRRP (Multicast)

IP:10.1.1.1 VRRP (Multicast)

VRID: 6
PRI: 100 Hi, I am master.
Source IP Target IP Master I have the
VIP: 10.1.1.254
10.1.1.2 224.0.0.18 10.1.1.2 virtual MAC.

© ZTE Corporation. All rights reserved

 VRRP Working Process – Choosing the Primary
Router (4)

IP:10.1.1.2
VRID: 6
PRI: 100
VIP: 10.1.1.254
VMAC:00005E000106

ARP
(Broadcast)
I am master.
Source MAC Target MAC Please record
00005E000106 FFFFFFFFFFFF down my MAC.

© ZTE Corporation. All rights reserved

 VRRP Working Process – IP Owner

I am the IP
owner, so I must
be master. Source IP Target IP Master
10.1.1.1 224.0.0.18 10.1.1.1 IP:10.1.1.2
VRID: 6
PRI: 100
VIP: 10.1.1.1
VRRP (Multicast)

IP:10.1.1.1 VRRP (Multicast)

VRID: 6
PRI: 255 It is the IP owner,
VIP: 10.1.1.1 Source IP Target IP Master and it has higher
10.1.1.2 224.0.0.18 10.1.1.1 interface priority, so
it is the master.

© ZTE Corporation. All rights reserved

 VRRP Working Process – Fault of Primary Router
(1)
I have not received the
master packets for a
long period. There
might be some problem.
Choose me. Source IP Target IP Master
10.1.1.2 224.0.0.18 10.1.1.1

VRRP (Multicast)

IP:10.1.1.2
VRID: 6
PRI: 100
VIP: 10.1.1.254
VMAC: 00005E000106

© ZTE Corporation. All rights reserved

 VRRP Working Process – Fault of Primary Router
(2)

IP:10.1.1.2
VRID ： 6
PRI ： 100
VIP ： 10.1.1.254
VMAC:00005E000106

ARP
(Broadcast)

Source MAC Target MAC I am master.

00005E000106 FFFFFFFFFFFF Please record
down my MAC.

© ZTE Corporation. All rights reserved

 VRRP Packet

© ZTE Corporation. All rights reserved

 Summary of Primary Router Selection
 The VRRP router selects the master through the protocol packet.

 During the selection of master, compare the interface priority (0~255).

The higher the value, the higher the priority. By default, the priority of
IP owner is 255.

 If the priority is the same, check the IP address.

 If the master owns the virtual MAC, it can transfer the data packets.

 If the backup router has not received the protocol packets from the
master with a period, it performs the re-election.

 According to the preempt mode of the equipment, decide with the

master can be seized.

© ZTE Corporation. All rights reserved

 VRRP Working Process – Forwarding Data
Packets

40.1.1.0/24

30.1.1.0/24 20.1.1.0/24

R1 R2

IP: 10.1.1.1 IP: 10.1.1.2

Target MAC Target MAC VIP: 10.1.1.254
VIP: 10.1.1.254 00005E000106 00005E000106
backup Master
Target IP:40.1.1.1 Target IP:40.1.1.1
VMAC: 00005e000106

Target MAC
00005E000106
Target IP ： 40.1.1.1

G:10.1.1.254
00005e0006
© ZTE Corporation. All rights reserved
 VRRP Working Process – Network Fault

Route Table
40.1.1.0/24
Dest Next-hop
40.1.1.0/24 10.1.1.1

When receiving the 20.1.1.0/24

30.1.1.0/24 packet lookup route
table, send it to the
R1 next-hop R1. R2
IP: 10.1.1.1 IP: 10.1.1.2
Target MAC MAC1 Target MAC
Mac: MAC1 Target IP: 40.1.1.1 MAC: MAC2
00005E000106
VIP: 10.1.1.254 VIP: 10.1.1.254
Target IP: 40.1.1.1
backup Master
VMAC: 00005E000106
Target MAC
00005E000106
Target IP:40.1.1.1

G:10.1.1.254
00005e0006

© ZTE Corporation. All rights reserved

 Summary of VRRP Working Mechanism

 Choose the master according to the interface priority.

 Send the protocol packet (224.0.0.18) periodically.

 The Master generates the virtual Mac address 00005e0001xx

according to VRID. Remember that MAC address representation
is Hexadecimal.

 The Master forwards the data packet and the backup does not
forward it.

© ZTE Corporation. All rights reserved

Contents

 Basic Concept & Function of VRRP

 Working Principle of VRRP
 Actual Networking Application of VRRP
 Actual Networking Application of VRRP

VRRP Load
VRRP Monitoring Balancing
Interface Status

Actual Networking
Application of VRRP

VRRP Heartbeat Line VRRP Tracing BFD

Setting Setting

© ZTE Corporation. All rights reserved

 VRRP Monitoring Interface Status (1)

 Except for the status of directly-connected interface, VRRP can

also be used to monitor the status of non-directly connected
interface.

 If the monitoring interface is in Down status, the priority of this

router in the backup group automatically decreases or adds
one quota, so that the priority of other routers in the backup
group is higher or lower than that of this router.

 The router with the highest priority becomes Master. Until now
the switchover between the master and backup router is
completed.
© ZTE Corporation. All rights reserved
 VRRP Monitoring Interface Status (2)

Virtual IP ： 10.0.0.1
VRRP Group1
Router A
Network
Switc Router C
h
Router B

 VRRP group 1 monitors the port with red indicator on Router A. If the port is normal, Router A is
Master. If the port is in Down status, it decreases the priority of Router A, so that the priority of
Router A is lower than that of Router B, to perform the switchover between master and backup.

© ZTE Corporation. All rights reserved

 VRRP Load Balancing (1)

 The load balancing mode indicates that several

routers bear the services at the same time, and the
routers can balance the load by setting several virtual
routers.
 The load balancing mode has the following features:
 Each backup group includes one Master equipment and
several Backup equipments.
 The Master router in each backup group can be different.
 The same router can be added into several backup groups,
and has different priorities in different backup groups.

© ZTE Corporation. All rights reserved

VRRP Load Balancing (2) Both share the data
stream and act as
mutual backup

Virtual IP: 10.0.0.100

Virtual IP: 10.0.0.1

VRRP group 1
VRRP group 2
Router A
Network
Switch Router C

Router B

 RouterA is the Master in backup group 1, and is the Backup in backup group 2.
 RouterB is the Master in backup group 2, and is the Backup in backup group 1.

© ZTE Corporation. All rights reserved

 VRRP Heartbeat Line Setting

 The VRRP protocol packet can be forwarded by the heartbeat line, instead of the interface
that configures the VRRP group.
 If the VRRP group has configured the heartbeat line, configure the outgoing interface that
sends the packet as the heartbeat line interface. If the heartbeat line is not configured,
configure the outgoing interface as the interface that configures the VRRP group.

IP bearer
network

PE A PE B
Heartbeat line

Master Backup
link link

© ZTE Corporation. All rights reserved

Application of VRRP Tracing BFD
 There are two applications of VRRP tracing BFD:
 VRRP tracing the normal BFD
No matter the master or the backup, when the BFD link is in down status, only
its priority is decreased but the status is not changed. Switch over the status
by VRRP packet negotiation.
 VRRP fast switchover tracing: The priority is not changed, and only the status
is switched over.
VRRP group 1 fei-0/1/0/1
Virtual 10.0.0.1/24
IP:10.0.0.3

Router A
BFD

Switch Router C
fei-0/1/0/1
10.0.0.2/24 Router B

© ZTE Corporation. All rights reserved

 Review

 Concept and function of VRRP: VRRP provides us with a

mechanism of automatic backup.

 The VRRP virtual router is composed of a group of routers. In this

group of routers, one is master, and the others are backup.

 In the VRRP router group, the master router is selected according

to the selection principle.

 If the master router has faulty, it will be automatically replaced by

the backup router.

© ZTE Corporation. All rights reserved

 Questions

 Is the IP address of virtual router the same as one router in the VRRP
router group?

 Is the IP address owner the same as the master router? When are they
the same router, and when are they different routers?

 After the IP address owner is down, which backup router will take over
its job of master router? At this time, if the master router is down again,
who will take charge of the new master router? If the IP address owner is
up again, will it take back its identity of master router? If the router in up
status is not the IP address owner, will it take back its identity of master
router?

© ZTE Corporation. All rights reserved