A brief introduction to the application of VRRP in Enterprise network

VRRP (Virtual Router Redundancy protocol) is a choice protocol, which can dynamically assign the responsibility of a virtual router to one of the VRRP routers on the local area network. The VRRP router that controls the IP address of a virtual router is called the primary router, which is responsible for forwarding packets to these virtual IP addresses. Once the primary router is unavailable, the selection process provides a dynamic failover mechanism that allows the IP address of the virtual router to act as the default first-hop router for the terminal host. The advantage of using VRRP is the availability of a higher default path without the need to configure dynamic routing or Routing discovery protocols on each terminal host.

There are three state models defined in VRRP, initial state initialize, Active state master and backup State backup, in which only active switches can be serviced for forwarding requests to virtual IP addresses.

The virtual switch selects the primary switch based on the size of the configured priority. The largest priority as the main switch, the state is master, if the priority is the same (if the switch is not configured priority, the default value of 100), then compare the primary IP address of the interface, the primary IP address large becomes the main switch, It provides the actual routing service. Other switches, as backup switches, monitor the status of the main switch at any time. When the main switch is working properly, it sends a VRRP group broadcast every once in a while to notify the backup switch within the group that the primary switch is in normal working condition. If the backup switch within the group has not received a VRRP group broadcast from the main switch for a long time, convert its state to master. When there are multiple backup switches within a group, it is possible to generate multiple master switches. At this point, each primary switch compares the priority in the VRRP packet to its own local priority, and if the local priority is less than the priority in VRRP, it converts its state to backup, otherwise keeping its state unchanged. With such a process, the highest priority switch is selected as the new main switch to complete the VRRP backup function.

The working mechanism of the VRRP protocol has much in common with Cisco's HSRP (Hot Standby Routing Protocol). But the main difference is that in Cisco's HSRP, a separate IP address should be configured as the external address of the virtual router, which cannot be the interface address of any member of the group.

Let's take this example and compare it with the previous HSRP:

One company has two routers that want to do load balancing, let the company's two VLAN go to different paths to the Internet, (two VLAN communication also take different paths), such as Vlan10 from the left route to the Internet, vlan20 to the right of the Internet, when a router is broken, two VLAN can also normal internet, Its simple topology diagram is as follows: