Introduction to vro redundancy protocol (VRRP)

Article Title: Describes vro redundancy protocol (VRRP ). Linux is a technology channel of the IT lab in China. Includes basic categories such as desktop applications, Linux system management, kernel research, embedded systems, and open source. Virtual Router Redundancy Protocol (VRRP)
Summary:
Vrouter Redundancy Protocol (VRRP). VRRP ensures that the access to some resources is not interrupted, that is, multiple routers form a gateway set. If one of the routers fails, the other instance is automatically enabled. Two or more vrouters establish a dynamic virtual set. Each vro can process data. The set cannot exceed 255 virtual routers (refer to the vro protocol ). Generally, current routers support this protocol.
Specification
Feature package required: system
Software grade: Level1
Operation path:/ip vrrp
Protocols and standards: VRRP, AH, HMAC-MD5-96 within ESP and AH
Attribute
Vro redundancy protocol is a high-efficiency Routing selection protocol. One or more IP addresses can be allocated to one vro. A vro node must be in the following status:
• MASTER Status. One node answers all requests to the IP address of the corresponding request. Only one MASTER router is in the vro. The master node sends VRRP broadcast packets to all backup routers at intervals.
• BACKUP status. The VRRP router monitors the status of the Master router. It does not answer any requests sent to the corresponding IP address. When the MASTER router fails to work (assuming at least three VRRP data connections are lost), the selection process occurs and the new MASTER will be generated based on the priority.
VRRP Routers
Operation path:/ip vrrp
Attribute description
Name (name )? VRRP name
Interface (name )? Select the interface to run on VRRP.
Vrid (INTEGER: 0-255; default: 1 )? ID number of the vro (it must be unique on the interface)
Priority (INTEGER: 1-255; default: 100 )? Priority of the current node (a high value indicates a high priority)
Interval (INTEGER: 1-255; default: 1 )? VRRP Update Interval (in seconds. Defines how long the MASTER has not broadcast data to the VRRP collection node.
Preemption-mode (yes | no; default value: yes )? Whether to enable the priority mode.
No? A backup node does not select the master node before the current master node fails, even if the backup node takes precedence over the current master level.
Yes? This node always has the highest priority.
Authentication (none | simple | ah; default value: none )? Verification of broadcast data packets using VRRP
None? Not verified
Simple? Text Verification
Ah? Verify title using HMAC-MD5-96 Algorithm
Password (text; default :"")? Password to be verified, which can be ignored if verification is not used. 8-character long text string (for plain text verification); 16-character long text string (for AH verification requiring 128-bit key)
On-backup (name; default :"")? Steps when the node is in the backup status
On-master (name; default: "")-steps when the node is in master state
Note:
All nodes in the same set must have the same vrid, interval, preemption-mode, authentication, and password.
The priority of 255th is reserved as the host IP address of the real virtual route.
Add a VRRP instance on the Interface of ether1. Set the vrid of a vro to 1. Because it is the host of the vro, the priority is 255:
[Admin @ MikroTik] ip vrrp> add interface = ether1 vrid = 1 priority = 255
[Admin @ MikroTik] ip vrrp> print
Flags: X-disabled, I-invalid, M-master, B-backup
0 I name = "vr1" interface = ether1 vrid = 1 priority = 255 interval = 1
Preemption-mode = yes authentication = none password = "" on-backup = ""
On-master = ""
[Admin @ MikroTik] ip vrrp>
Virtual IP Address
Operation path:/ip vrrp address
Attribute description
Address (IP address )? The IP address is applicable to virtual routers (vrouters ).
Network (IP address )? Subnet Mask address of the network
Broadcast (IP address )? IP address broadcast segment
Virtual-router (name)-VRRP route name
Notes
The virtual IP address should be the same as the virtual router of each node.
Add the virtual address 192.168.1.1/24 to the vr1 VRRP router:
Admin @ MikroTik] ip vrrp> address add address = 192.168.1.1/24 \
\... Virtual-router = vr1
[Admin @ MikroTik] ip vrrp> address print
Flags: X-disabled, A-active
# Address network broadcast VIRUAL-ROUTER
0 192.168.1.1/24 192.168.1.0 192.168.1.255 vr1
[Admin @ MikroTik] ip vrrp>
A simple VRRP example

Let's assume that we have a network of 192.168.1.0/24 and we need to provide efficient Internet connections for it. This network serves as NAT. We connect two different ISPs, and one of them is preferred (for example, the fastest speed ).
This example shows how to configure VRRP with two routers. these two routers are initialized to the following: the interface is enabled, each interface is configured with the corresponding IP address; the route table is set correctly (there should be at least one default route); The SRC-NAT or disguise should be configured. For more information about how to set these configurations, see the instruction manual.
We will assume that the IP address range of this interface is 192.168.1.0/24, connected, and named as local on the vrrp router.
Configure the Master VRRP Router
First, we will create a VRRP item. We will set this vro as a priority and use 255 as the priority.
[Admin @ MikroTik] ip vrrp> add interface = local priority = 255
[Admin @ MikroTik] ip vrrp> print
Flags: X-disabled, I-invalid, M-master, B-backup
0 M name = "vr1" interface = local vrid = 1 priority = 255 interval = 1
Preemption-mode = yes authentication = none password = "" on-backup = ""
On-master = ""
[Admin @ MikroTik] ip vrrp>
Next, add the virtual IP address to this VRRP project.
[Admin @ MikroTik] ip vrrp> address add address = 192.168.1.1/24 \
\... Virtual-router = vr1
[Admin @ MikroTik] ip vrrp> address print
Flags: X-disabled, A-active
# Address network broadcast VIRTUAL-ROUTER
0 192.168.1.1/24 192.168.1.0 192.168.1.255 vr1
[Admin @ MikroTik] ip vrrp>


The current address will appear in the/ip address list:
[Admin @ MikroTik] ip address> print
Flags: X-disabled, I-invalid, D-dynamic
# ADDRESS NETWORK BROADCAST INTERFACE
0 10.0.0. 1/24 10.0.0. 0 10.0.0. 255 public
1 192.168.1.2/24 192.168.1.0 192.168.1.255 local
2 D 192.168.1.1/24 192.168.1.0 192.168.1.255 local
[Admin @ MikroTik] ip address>

Configure the Backup VRRP Router
Now we will create a VRRP project for a low-priority router (we can use the default value of 100), so this router will give priority to a backup:
[Admin @ MikroTik] ip vrrp> add interface = local
[Admin @ MikroTik] ip vrrp> print
Flags: X-disabled, I-invalid, M-master, B-backup
0 B name = "vr1" interface = local vrid = 1 priority = 100 interval = 1
Preemption-mode = yes authentication = none password = "" on-backup = ""
On-master = ""
[Admin @ MikroTik] ip vrrp>

Now we will add the same virtual address, which is the same as that of the master node:
This node will not appear in the/ip address list:
[Admin @ MikroTik] ip address> print
Flags: X-disabled, I-invalid, D-dynamic
# ADDRESS NETWORK BROADCAST INTERFACE
0 10.1.0. 1/24 10.0.0. 0 10.0.0. 255 public
1 192.168.1.3/24 192.168.1.0 192.168.1.255 local
[Admin @ MikroTik] ip address>
Test:
Now, when the master router is disconnected, the backup will select the master Status:
[Admin @ MikroTik] ip vrrp> print
Flags: X-disabled, I-invalid, M-master, B-backup
0 M name = "vr1" interface = local vrid = 1 priority = 100 interval = 1
Preemption-mode = yes authentication = none password = "" on-backup = ""
On-master = ""

[Admin @ MikroTik] ip vrrp>/ip address print
Flags: X-disabled, I-invalid, D-dynamic
# ADDRESS NETWORK BROADCAST INTERFACE
0 10.1.0. 1/24 10.0.0. 0 10.0.0. 255 public
1 192.168.1.3/24 192.168.1.0 192.168.1.255 local
2 D 192.168.1.1/24 192.168.1.0 192.168.1.255 local
[Admin @ MikroTik] ip vrrp>