Vrrp technology achieves network routing redundancy and load balancing

1. Question proposal

With the continuous development of network applications, users' demands for network reliability are getting higher and higher. Vrouters in the network run dynamic routing protocols such as Rip and OSPF to implement redundant backup of network routes. When a master route fails, the network can automatically switch to its backup route to achieve network connection. However, it is not feasible to run a dynamic routing protocol on the host of the network edge end user to achieve reliability. Generally, an enterprise LAN is connected to the Internet through a router, and the user host in the LAN is configured with a default gateway to connect to the external network

Access.

Figure 1 configure the Default Gateway

1. All hosts in the internal network are configured with a default gateway (GW: 192.168.1.1), which is the E thernet0 interface address of the router. In this way, packets sent from the Intranet host whose destination address is not in this segment will be sent to routethrough the default gateway, thus achieving communication between the host and the external network. Vrorouis a key device in the network. When a router fails, the LAN will interrupt Communication with the Internet. Applications for enterprises that rely on frequent network and external business exchanges, as well as the company's branches and headquarters, and the connection between banking outlets and bank data centers will be greatly affected.. To improve network reliability, A vro is usually added when the network is built. However, if you only set multiple routers on the network without special configuration, the host can only send packets to the default gateway that is pre-configured for the target address as packets from other networks, however, the router cannot be automatically switched in case of a fault. Vrrp vro redundancy protocol is designed to address the preceding backup problems and eliminate the inherent defects in the static default routing environment. It does not change the networking situation. You only need to configure a few commands on the relevant vro. In the case of network equipment failure, you do not need to make any configuration changes on the host, the next hop gateway can be backed up without any burden on the host.

2 vrrp Technical Analysis

Vrrp (virtual router redundancy protocol) is a fault tolerance protocol for LAN access devices) it is organized into a vro, which is called a backup group, as shown in figure 2.

Figure 2 vro

Vrrp organizes a vro group of routers in the LAN, and rourouters and routerb in the No. 2 router group into a virtual router. The vro has its own IP address 192.168.1.3, which is called the virtual IP address of the vro. At the same time, physical routers, routerb, and routerb also have their own IP addresses (for example, routerb's IP address is 192.168.1.1 and routerb's IP address is 192.168.1.2 ). The host in the LAN only knows the IP address of the vro 192.168.1.3, but does not know the IP address of the specific vro in the backup group. During configuration, set the default gateway of the LAN host to the IP address 192.168.1.3 of the vro. As a result, the host in the Network communicates with other networks through this virtual router, and the actual data processing is performed by the master router in the backup group. If the master router in the backup group fails, other backup routers in the backup group will replace the new master and continue to provide routing services to the hosts in the network. In this way, the hosts in the network can communicate with the external network continuously.

Vrrp achieves redundancy through multiple routers. At any time, only one vro is used as the primary router, while the others are backup routers. The switchover between routers is completely transparent to users. users do not have to worry about the specific process. You only need to set the default router as the IP address of the virtual router. The process of switching between Routers:

(1) vrrp uses the election method to select the primary router. Compare the priority of each vro. The master vro with the highest priority changes to the master status. If the router has the same priority, the primary IP address of the network interface is compared. If the primary IP address is large, the primary router provides the actual routing service.

(2) After the primary router is selected, other routers act as the backup router and monitor the status of the primary router through the vrrp packets sent by the primary router. When the primary router works normally, it will send a vrrp group broadcast message at intervals to notify the backup router that the primary router is working normally. If the backup router in the group does not receive messages from the vro for a long time, the vro status is changed to master. When there are multiple backup routers in the group, repeat the 1st step election process. In this process, the router with the highest priority is selected as the new primary router to implement the vrrp backup function.

3 vrrp Technology Applied to large-scale Campus Networks

Vrrp technology is not only used for the backup of vrouters connected to the Internet over the LAN, but also widely used for redundancy backup of layer-3 switches in the core layer of a large campus network. In a large campus network, the core layer is in the center of the network, and a large amount of data is exchanged between the networks through the core layer devices, and the routing functions between different VLANs are also undertaken. Once a device in the core layer goes down, the entire network is paralyzed. Therefore, in campus network design, the selection of core equipment requires strong data exchange capability and high reliability. Generally, the selection of high-end core layer-3 switches is required. At the same time, to further improve the reliability of the core layer and prevent the entire network from being paralyzed due to device downtime at the core layer, a device is usually placed at the core layer as a backup for another device, once the master device fails, switch to the slave device immediately to ensure high reliability of the network core layer.

Vrrp technology is required for switching layer-3 switches in the core layer. 3 (for simplicity, a two-layer network is used as an example). To improve network reliability, two three-layer switches (S1 and S2) are placed on the network core layer ), access layer L2 switches (SW1, sw2 ,... And swn) connect two core switches respectively. In a large campus network, to suppress broadcast signals, improve network performance, and achieve secure access control of the network, the entire network is generally divided into multiple VLANs according to the specific situation, the default gateway of the host in the v lan is set to the interface address of the VLAN on the layer-3 switch.

Figure 3 vrrp application in Campus Network

Vrrp combines two L3 switches (S1 and S2) in the network into a vrrp backup group. For each VLAN Interface in the network, the backup group has a virtual default gateway address. Vlan3 is used as an example. The vrrp backup group sets vlan3 virtual IP addresses (for example, 192.168.3.1). S1 and S2 in the backup group have their own vlan3 interface IP addresses (for example, 192.168.3.2, 192.168.3.3), the default gateway of the host in vlan3 is set as the virtual IP address (192.168.3.1) of vlan3 ). Hosts in vlan3 access network resources outside vlan3 through this virtual IP address, but the actual data processing is performed by the active (master) switch in the backup group. If the active switch fails, the vrrp will be automatically replaced by the backup switch. The vrrp virtual gateway address is configured on the terminal in the network. When a fault occurs, the virtual switch remains unchanged and the host remains connected. The network will not be affected by single point of failure, in this way, the core switch switching problem in the network is well solved.

4 vrrp for Server Load balancer

In vrrp, A vro is allowed to join multiple backup groups, and load balancing can be achieved through multiple backup group settings.

As shown in figure 2, the router is used as the master router of the backup group 1 and the backup router of the backup group 2. Vrorourouterb, on the contrary, serves as the master of backup group 2 and backs up the vrobackup for backup group 1. Some hosts use the virtual IP address of backup group 1 as the gateway, while others use the virtual IP address of backup group 2 as the gateway. In this way, both data stream sharing and mutual backup are achieved.

Router configuration (actual IP address, routerbandwidth: 192.168.1.1/24, routerb: 192.168.1.2/24)

	Backup Group 1	Backup Group 2
Virtual IP Address	192.168.1.3	192.168.1.4
Backup group members	MASTER: routerb, backup: routerb	MASTER: routerb, backup: routerb

Lan host configuration (if the network has 100 hosts)

	PC1-- Pc50	Pc51-- Pc100
IP address	192.168.1.x/24	192.168.1.x/24
Gateway	192.168.1.3	192.168.1.4

The two routers are mutually backed up. When the router is normal, the two routers share a portion of the data traffic. When one router fails, the other router automatically shares all the data traffic, data transmission is not affected. In this way, load balancing and mutual backup are achieved.

5 conclusion

For a network that uses a fixed gateway, when the gateway fails, vrrp is undoubtedly the lowest price to minimize the impact of the failure on the user. Vrrp can be used in networks that use multiple gateways for mutual backup between different gateways, so that no network device is added and hot backup is achieved, minimize the loss caused by network faults. Vrrp is a standard RFC protocol that allows devices from different manufacturers to communicate with each other conveniently. Vrrp has these advantages, making it a powerful tool needed to build a stable and reliable network.