VRRP(Virtual Router Redundancy Protocol)
a standards-based,defined in IETF standard RFC 2338
VRRP is so similar to HSRP<\/p>\n\n\n\n
VRRP group<\/strong> virtual router MAC address<\/strong> no tracking interfaces<\/strong> VRRP advertisements<\/strong> VRRP Holdtime<\/strong> Different between VRRP and HSRP<\/strong> ……………………………………………………………………………………………………………….<\/p>\n\n\n\n Assign a VRRP router priority ……….<\/p>\n\n\n\n \u5176\u4ed6\u8a2d\u5b9a<\/p>\n\n\n\n preempt<\/strong> Disable preempting (default is to preempt). …<\/p>\n\n\n\n Alter the advertisement timer …<\/p>\n\n\n\n Use authentication for advertisements. VRRP loadbalance<\/strong> …………………………………..<\/p>\n\n\n\n display information about VRRP status VRRP(Virtual Router Redundancy …<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"","fifu_image_alt":"","_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":false,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2}},"categories":[33],"tags":[],"class_list":["post-938","post","type-post","status-publish","format-standard","hentry","category-cisco-layer3"],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/systw.net\/note\/wp-json\/wp\/v2\/posts\/938","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/systw.net\/note\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/systw.net\/note\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/systw.net\/note\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/systw.net\/note\/wp-json\/wp\/v2\/comments?post=938"}],"version-history":[{"count":0,"href":"https:\/\/systw.net\/note\/wp-json\/wp\/v2\/posts\/938\/revisions"}],"wp:attachment":[{"href":"https:\/\/systw.net\/note\/wp-json\/wp\/v2\/media?parent=938"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/systw.net\/note\/wp-json\/wp\/v2\/categories?post=938"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/systw.net\/note\/wp-json\/wp\/v2\/tags?post=938"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}
\u3000group numbers range=HSRP
VRRP role<\/strong>
\u3000master router:\u7b49\u540c\u65bcHSRP active router
\u3000backup state:\u7b49\u540c\u65bcHSRP all others
VRRP priority<\/strong>
\u3000default priority\u548cHSRP\u76f8\u7b49,\u90fd\u662f100
\u3000The one with the highest router priority VRRP group
\u3000priority=0,\u8868\u793a\u56fa\u5b9a\u70baBackup status<\/p>\n\n\n\n
\u6982\u5ff5\u985e\u4f3cHSRP virtual MAC address,\u683c\u5f0f\u70ba0000.5e00.01xx,
ps:where xx is a two-digithex VRRP group number.<\/p>\n\n\n\n
VRRP has no mechanism for tracking interfaces to allow more capable routers to take over
the master role.
ps:
\u53ef\u900f\u904e\u5efa\u7acbTrack\u7684Profile\u4f86\u9054\u6210<\/p>\n\n\n\n
VRRP advertisements are sent at 1-second<\/strong> intervals.
\u53ea\u6709Master Router\u6703\u9001advertisements
Backup routers optionally can learn the advertisement interval from the master router
ps:
VRRP sends its advertisements to the multicast destination address 224.0.0.18<\/strong> , using IP protocol 112<\/strong><\/p>\n\n\n\n
Down Interval = 3* Advertisement Timer + Skew time
ps:Skew Time = 256-priority\/256<\/p>\n\n\n\n
hollotime:VRRP is 1-second, HSRP is 3-second
VirtualIP: VRRP support, HSRP don’t support<\/p>\n\n\n\n
(config-if)#vrrp < group> priority<\/strong>
Assign a virtual IP address.
(config-if)#vrrp < group> ip < ip-address> [secondary]<\/strong>
ex:
l3device_a\u7684\u8a2d\u5b9a\u5982\u4e0b
l3device_a(config)# interface vlan 50
l3device_a(config-if)# ip address 192.168.1.10 255.255.255.0
l3device_a(config-if)# vrrp 1 priority 200
l3device_a(config-if)# vrrp 1 ip 192.168.1.1
l3device_b\u7684\u8a2d\u5b9a\u5982\u4e0b
l3device_b(config)# interface vlan 50
l3device_b(config-if)# ip address 192.168.1.11 255.255.255.0
l3device_b(config-if)# vrrp 1 priority 100
l3device_b(config-if)# vrrp 1 ip 192.168.1.1<\/p>\n\n\n\n
By default, all VRRP routers are configured to preempt the current master router if their priorities are greater<\/p>\n\n\n\n
(config-if)#no vrrp < group> preempt<\/strong>
Change the preempt delay (default 0 seconds).
(config-if)# vrrp < group> preempt [delay < seconds>]<\/strong><\/p>\n\n\n\n
(config-if)#vrrp < group> timers advertise [msec] < interval><\/strong>
Learn the advertisement interval from the master router.
(config-if)#vrrp < group> timers learn<\/strong><\/p>\n\n\n\n
(config-if)#vrrp < group> authentication < string><\/strong>
\u8a8d\u8b49\u65b9\u6cd5\u6709\u4ee5\u4e0b\u5e7e\u7a2e
Plain-text
MD5 key-string
MD5 Key-chain<\/p>\n\n\n\n
……………………………….<\/p>\n\n\n\n
\u6982\u5ff5\u540cHSRP
ex:
\u5047\u8a2d\u67091\u500bswitch\u9023\u63a5l3device_a\u548cl3device_b,\u4e26\u8b93\u7db2\u8def\u53ef\u4ee5loadbalance\uff0c\u8a2d\u5b9aVRRP\u8a2d\u5b9a\u5982\u4e0bl3device_a\u7684\u8a2d\u5b9a\u5982\u4e0b
l3device_a(config)# interface vlan 50
l3device_a(config-if)# ip address 192.168.1.10 255.255.255.0
l3device_a(config-if)# vrrp 1 priority 200
l3device_a(config-if)# vrrp 1 ip 192.168.1.1
l3device_a(config-if)# vrrp 2 priority 100
l3device_a(config-if)# vrrp 2 ip 192.168.1.2
l3device_a(config-if)# no vrrp 2 preempt
l3device_b\u7684\u8a2d\u5b9a\u5982\u4e0b
l3device_b(config)# interface vlan 50
l3device_b(config-if)# ip address 192.168.1.11 255.255.255.0
l3device_b(config-if)# vrrp 1 priority 100
l3device_b(config-if)# vrrp 1 ip 192.168.1.1
l3device_b(config-if)# no vrrp 1 preempt
l3device_b(config-if)# vrrp 2 priority 200
l3device_b(config-if)# vrrp 2 ip 192.168.1.2
clients\u8a2d\u5b9a\u5982\u4e0b
\u5c07\u4e00\u90e8\u4efdpc\u7684gateway\u8a2d\u6210vrrp group1\u7684ip(192.168.1.1)
\u548c\u53e6\u4e00\u90e8\u4efdpc\u8a2d\u6210vrrp group2\u7684ip(192.168.1.2)<\/p>\n\n\n\n
#show vrrp [brief]<\/strong>
ps
l3device_a# show vrrp brief \u70ba\u4f8b,\u756b\u9762\u5927\u81f4\u5982\u4e0b
Interface Grp Pri Time Own Pre State Master addr Group addr
Vlan50 1 200 3218 Y Master 192.168.1.10 192.168.1.1
Vlan50 2 100 3609 Backup 192.168.1.11 192.168.1.2
ps:
l3device_b# show vrrp brief \u70ba\u4f8b,\u756b\u9762\u5927\u81f4\u5982\u4e0b
Interface Grp Pri Time Own Pre State Master addr Group addr
Vlan50 1 100 3609 Backup 192.168.1.10 192.168.1.1
Vlan50 2 200 3218 Y Master 192.168.1.11 192.168.1.2
ps
l3device_a# show vrrp \u70ba\u4f8b,\u756b\u9762\u5927\u81f4\u5982\u4e0b
Vlan50 – Group 1
\u3000State is Master
\u3000Virtual IP address is 192.168.1.1<\/strong>
\u3000Virtual MAC address is 0000.5e00.0101
\u3000Advertisement interval is 1.000 sec
\u3000Preemption is enabled
\u3000\u3000min delay is 0.000 sec
\u3000Priority is 200<\/strong>
\u3000Authentication is enabled
\u3000Master Router is 192.168.1.10 (local), priority is 200<\/strong>
\u3000Master Advertisement interval is 1.000 sec
\u3000Master Down interval is 3.218 sec
Vlan50 – Group 2
\u3000State is Backup
\u3000Virtual IP address is 192.168.1.2<\/strong>
\u3000Virtual MAC address is 0000.5e00.0102
\u3000Advertisement interval is 1.000 sec
\u3000Preemption is disabled<\/strong>
\u3000Priority is 100
\u3000Authentication is enabled
\u3000Master Router is 192.168.1.11, priority is 200<\/strong>
\u3000Master Advertisement interval is 1.000 sec
\u3000Master Down interval is 3.609 sec
(expires in 2.977 sec)
ps:
l3device_b# show vrrp \u70ba\u4f8b,\u756b\u9762\u5927\u81f4\u5982\u4e0b
Vlan50 – Group 1
\u3000State is Backup
\u3000Virtual IP address is 192.168.1.1
\u3000Virtual MAC address is 0000.5e00.0101
\u3000Advertisement interval is 1.000 sec
\u3000Preemption is disabled
\u3000Priority is 100
\u3000Authentication is enabled
\u3000Master Router is 192.168.1.10, priority is 200
\u3000Master Advertisement interval is 1.000 sec
\u3000Master Down interval is 3.609 sec
\u3000(expires in 2.833 sec)
Vlan50 – Group 2
\u3000State is Master
\u3000Virtual IP address is 192.168.1.2\u3000
\u3000Virtual MAC address is 0000.5e00.0102
\u3000Advertisement interval is 1.000 sec
\u3000Preemption is enabled
\u3000\u3000min delay is 0.000 sec
\u3000Priority is 200
\u3000Authentication is enabled
\u3000Master Router is 192.168.1.11 (local),priority is 200
\u3000Master Advertisement interval is 1.000 sec
\u3000Master Down interval is 3.218 sec<\/p>\n","protected":false},"excerpt":{"rendered":"