VRRP principle and configuration Huawei, China three switches, routers

Virtual Routing Redundancy Protocol (Vsan Router Redundancy Protocol, abbreviated VRRP), is an IP protocol family, we know that the IP protocol family has ICMP, OSPF,VRRP is also a member of the IP protocol family, the protocol number is 112. In VRRP, the device has two roles (Master,backup), where Master is responsible for running traffic, and backup is responsible for backing up, and when master hangs, Backup automatically grabs to master, then all the data goes from master. VRRP is mainly used to do redundant backup of the export link, you can have multiple gateway devices to join a backup group, but only one master device, when the master device is hung, the other backup devices automatically preempt the master device, to ensure the reliability of the network.

VRRP has three state machines, INIT, backup, Master, and when the master is elected, each device sends its own priority to the neighboring device, and when the other device is received, the priority of that coming over is greater than its own, and the master automatically becomes backup. When the backup device has not received the priority information from the master device within a certain period of time after the election is completed, the backup becomes the master device. VRRP is the priority of the election of master, the priority by 0--254, for 0 is not to participate in the election, when 254, expressed as master, when the priority is the same, compare IP address, IP address large for the master. VRRP has a check mechanism, when the master device's line is broken, the inspection mechanism after the line is broken, the priority is automatically lowered to the highest priority backup, so that the master device can be prevented from hanging, the traffic is discarded by the master device.

VRRP uses a fixed multicast address of 224.0.0.18, we know that the multicast address used by OSPF is 224.0.0.5, 6 (DR, BDR sends Dd,lsa request or LSA to Drother) The target address at update is allspfrouter224.0.0.5,,,224.0.0.6 instead), while RIP uses a multicast address of 224.0.0.9.

In the enterprise, most of the network is divided into a number of VLANs, many people will think that these vlanif VRRP master device will be the same device, another device to do backup, completely do not run data. Not really, experienced engineers will make these devices work, that is, choose one of the devices as part of the VLAN VRRP master, other devices as the remaining VLAN of the VRRP master. This will not allow one of the devices to load very high, while the other device is in a state of inactivity.

Don't talk much, let's do an experiment.

In ENSP, we take a vlan2 to do the experiment and create the VRRP on the Vlanif interface. SW1, SW2, SW3, SW4 create Vlan2, and then with the interface information, SW1 and SW2 E/0/1, E0/0/2 interface for trunk, allow VLAN2 through, SW3 and SW4 E0/0/1, E0/0/2 interface for the trunk interface, Allow Vlan2 to pass, the E0/0/3 interface is an Access interface, and the default VLAN is 2. Where SW1 's interface VLAN 2 has an IP address of 192.168.1.1 24, SW2 interface vlan 2de Ipdiz Wei 192.168.1.2 24. Virtual-ip is 192.168.1.254.

As:

Once configured, let's look at the configuration:

SW1:

#
Interface Vlanif2
IP address 192.168.1.1 255.255.255.0
VRRP Vrid 1 Virtual-ip 192.168.1.254
#
Interface METH0/0/1
#
Interface ETHERNET0/0/1
Port Link-type Trunk
Port Trunk Allow-pass VLAN 2
#
Interface ETHERNET0/0/2
Port Link-type Trunk
Port Trunk Allow-pass VLAN 2
#

SW2:

#
Interface Vlanif2
IP address 192.168.1.2 255.255.255.0
VRRP Vrid 1 Virtual-ip 192.168.1.254
#
Interface METH0/0/1
#
Interface ETHERNET0/0/1
Port Link-type Trunk
Port Trunk Allow-pass VLAN 2
#
Interface ETHERNET0/0/2
Port Link-type Trunk
Port Trunk Allow-pass VLAN 2
#

SW3:

#
Interface ETHERNET0/0/1
Port Link-type Trunk
Port Trunk Allow-pass VLAN 2
#
Interface ETHERNET0/0/2
Port Link-type Trunk
Port Trunk Allow-pass VLAN 2
#
Interface ETHERNET0/0/3
Port Link-type Access
Port default VLAN 2
#

SW4:

#
Interface ETHERNET0/0/1
Port Link-type Trunk
Port Trunk Allow-pass VLAN 2
#
Interface ETHERNET0/0/2
Port Link-type Trunk
Port Trunk Allow-pass VLAN 2
#
Interface ETHERNET0/0/3
Port Link-type Access
Port default VLAN 2
#

After configuring the IP address on Host 1 and host 2, the Gateway (virtual-ip192.168.1.254 for VRRP), we configured the IP address on host 1 to 192.168.1.21, and the IP address configured on Host 2 is 192.168.1.8.

Then we ping host 2 on Host 1, as shown, can pass.

Then we look at the information on SW1 and SW2, and we can see SW1 as backup for MASTER,SW2.

We can see that traffic is master,backup only VRRP messages (SW1 on the left and SW2 on the right).

Then we SW1 the link, and then grab the bag (on the left is SW1, the right is SW2), you can see SW1 traffic has stopped, SW2 began to run traffic, careful readers can find that there is no VRRP message interaction between them, because there is only one device left (another device equivalent to hang off), So there is no interaction of VRRP messages.

Then we put the interface open again, you can see SW1 and preemption as master.

The experiment ends, this is the simplest and most basic VRRP principle and configuration, VRRP still have a lot of advanced configuration, but with less, here is no longer elaborated (actually I do not know-cover face-).