Switching - Virtual Router Redundancy Protocol

Download

Virtual Router Redundancy Protocol

Virtual Router Redundancy Protocol (VRRP) is a network protocol designed to enhance the availability and reliability of routers in a local area network (LAN). VRRP enables multiple routers to work together in a virtual router group, presenting a single virtual IP address as the default gateway to the hosts in the network. Among the routers in the group, one is elected as the master, actively forwarding traffic, while the others function as backups. If the master router fails, VRRP facilitates a seamless transition, with one of the backups automatically assuming the role of the master to maintain continuous connectivity. VRRP ensures high availability by minimizing network downtime in the event of a router failure. This protocol is commonly used in scenarios where uninterrupted network access is critical, such as in enterprise networks, data centers, or environments with stringent reliability requirements. Configuration parameters, including priority levels and tracking mechanisms, can be customized to tailor VRRP behavior to specific network needs.

Lab:

VRRP Topology

Task 1: Configure VRRP for IPv4

Step 1: Configure VRRP Basic Configuration

R1:
interface f0/0
ip address 10.0.0.1 255.255.255.0
no shutdown
exit
ip route 100.0.0.0 255.0.0.0 10.0.0.5 

R2:
interface f0/0
ip address 10.0.0.2 255.255.255.0
no shutdown
exit

interface serial 1/0
ip address 20.0.0.2 255.255.255.0
no shutdown
exit

ip route 100.0.0.0 255.0.0.0 20.0.0.4

interface f0/0
vrrp 1 ip 10.0.0.5
vrrp 1 priority 100
vrrp 1 timers advertise 5
exit 

R3:
interface f0/0
ip address 10.0.0.3 255.255.255.0
no shutdown
exit
interface serial 1/0
ip address 30.0.0.3 255.255.255.0
no shutdown
exit

ip route 100.0.0.0 255.0.0.0 30.0.0.4

interface f0/0
vrrp 1 ip 10.0.0.5
vrrp 1 priority 110
vrrp 1 timers advertise 5
exit 

R4:
interface serial 1/0
ip address 20.0.0.4 255.255.255.0
no shutdown
exit

interface serial 1/2
ip address 30.0.0.4 255.255.255.0
no shutdown
exit
interface loopback 1
ip address 100.100.100.100 255.255.255.0
exit

ip route 0.0.0.0 0.0.0.0 20.0.0.2
ip route 0.0.0.0 0.0.0.0 30.0.0.3

Task 2: Verification

Step 1: Verify Active and Standby State in VRRP

R2:

R2(config)#do sh vrrp br
Interface Grp Pri Time Own Pre State Master addr Group addr
Fa0/0 1 100 15609 Y Backup 10.0.0.3 10.0.0.5 

R3:
R3(config)#do sh vrrp br
Interface Grp Pri Time Own Pre State Master addr Group addr
Fa0/0 1 110 15570 Y Master 10.0.0.3 10.0.0.5 

R3:
R3#sh vrrp int f0/0
FastEthernet0/0 - Group 1
 State is Master
 Virtual IP address is 10.0.0.5
 Virtual MAC address is 0000.5e00.0101
 Advertisement interval is 5.000 sec
 Preemption enabled
 Priority is 110
 Master Router is 10.0.0.3 (local), priority is 110
 Master Advertisement interval is 5.000 sec
 Master Down interval is 15.570 sec 

R2:
R2(config)#do sh vrrp int f0/0
FastEthernet0/0 - Group 1
 State is Backup
 Virtual IP address is 10.0.0.5
 Virtual MAC address is 0000.5e00.0101
 Advertisement interval is 5.000 sec
 Preemption enabled
 Priority is 100
 Master Router is 10.0.0.3, priority is 110
 Master Advertisement interval is 5.000 sec
 Master Down interval is 15.609 sec (expires in 13.037 sec)

Task 3: Verify VRRP Automatic Gateway Selection

Step 1: Shutdown the Active router

R3:
interface f0/0
shutdown

Step 2: Verify VRRP Automatic Gateway selection to Router 3 form Backup state to Master state

R2:
*Mar 1 00:47:35.287: %VRRP-6-STATECHANGE: Fa0/0 Grp 1 state Backup -> Master

R3:
*Mar 1 00:47:33.199: %VRRP-6-STATECHANGE: Fa0/0 Grp 1 state Master -> Init

R3:
R3(config)#do sh vrrp int f0/0
FastEthernet0/0 - Group 1
 State is Init
 Virtual IP address is 10.0.0.5
 Virtual MAC address is 0000.5e00.0101
 Advertisement interval is 5.000 sec
 Preemption enabled
 Priority is 110
 Master Router is unknown, priority is unknown
 Master Advertisement interval is unknown
 Master Down interval is unknown 

R2:
R2#sh vrrp int f0/0
FastEthernet0/0 - Group 1
 State is Master
 Virtual IP address is 10.0.0.5
 Virtual MAC address is 0000.5e00.0101
 Advertisement interval is 5.000 sec
 Preemption enabled
 Priority is 100
 Master Router is 10.0.0.2 (local), priority is 100
 Master Advertisement interval is 5.000 sec
 Master Down interval is 15.609 sec

R3:
Int f0/0
No shut

R3:
*Mar 1 00:54:43.259: %VRRP-6-STATECHANGE: Fa0/0 Grp 1 state Init -> Backup
R3(config-if)#ex
R3(config)#
R3(config)#
*Mar 1 00:54:45.231: %LINK-3-UPDOWN: Interface FastEthernet0/0, changed state to
up
*Mar 1 00:54:46.231: %LINEPROTO-5-UPDOWN: Line protocol on Interface
FastEthernet0/0, changed state to up
R3(config)#
*Mar 1 00:54:58.827: %VRRP-6-STATECHANGE: Fa0/0 Grp 1 state Backup -> Master

R2:
*Mar 1 00:54:58.983: VRRP: Grp 1 sending Advertisement checksum 70F3
*Mar 1 00:55:00.395: VRRP: Grp 1 Advertisement priority 110, ipaddr 10.0.0.3
*Mar 1 00:55:00.395: VRRP: Grp 1 Event - Advert higher or equal priority 

R1:
R1#ping 100.100.100.0

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 100.100.100.0, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 140/184/236 ms

Step 3: Increase the Priority for current Backup Router

R2:
Int f0/0
Vrrp 1 priority 150

Step 4: Verify VRRP Automatic Gateway selection to Router 2 form Backup to Master state

R2:
*Mar 1 02:05:56.167: %VRRP-6-STATECHANGE: Fa0/0 Grp 1 state Backup -> Master 

R3:
Debug vrrp
*Mar 1 02:05:54.763: %VRRP-6-STATECHANGE: Fa0/0 Grp 1 state Master -> Backup

*Mar 1 02:07:58.139: VRRP: Grp 1 Advertisement priority 150, ipaddr 10.0.0.2
*Mar 1 02:07:58.143: VRRP: Grp 1 Event - Advert higher or equal priority
*Mar 1 02:08:02.823: VRRP: Grp 1 Advertisement priority 150, ipaddr 10.0.0.2
*Mar 1 02:08:02.827: VRRP: Grp 1 Event - Advert higher or equal priority

R2(config)#do sh vrrp
FastEthernet0/0 - Group 1
 State is Master
 Virtual IP address is 10.0.0.5
 Virtual MAC address is 0000.5e00.0101
 Advertisement interval is 5.000 sec
 Preemption enabled
 Priority is 150
 Master Router is 10.0.0.2 (local), priority is 150
 Master Advertisement interval is 5.000 sec 
 Master Down interval is 15.414 sec 

R3#sh vrrp
FastEthernet0/0 - Group 1
 State is Backup
 Virtual IP address is 10.0.0.5
 Virtual MAC address is 0000.5e00.0101
 Advertisement interval is 5.000 sec
 Preemption enabled
 Priority is 110
 Master Router is 10.0.0.2, priority is 150
 Master Advertisement interval is 5.000 sec
 Master Down interval is 15.570 sec (expires in 15.418 sec) 

R1#ping 100.100.100.100

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 100.100.100.100, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 140/168/188 ms

Task 4: Verify VRRP Automatic Gateway Selection when Serial link is down

Step 1: Shutdown the serial interface

R2:
interface serial 1/0
shutdown 

R2#show vrrp
State is Master
 Virtual IP address is 10.0.0.5
 Virtual MAC address is 0000.5e00.0101
 Advertisement interval is 5.000 sec
 Preemption enabled
 Priority is 150
 Master Router is 10.0.0.2 (local), priority is 150 
 Master Advertisement interval is 5.000 sec
 Master Down interval is 15.414 sec

R3#show vrrp
FastEthernet0/0 - Group 1
 State is Backup
 Virtual IP address is 10.0.0.5
 Virtual MAC address is 0000.5e00.0101
 Advertisement interval is 5.000 sec
 Preemption enabled
 Priority is 110
 Master Router is 10.0.0.2, priority is 150
 Master Advertisement interval is 5.000 sec
 Master Down interval is 15.570 sec (expires in 12.970 sec) 

R1:
R1#ping 100.100.100.100

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 100.100.100.100, timeout is 2 seconds:
UUUUU
Success rate is 0 percent (0/5)

Step 2: Configure VRRP Track to track serial interface

R2:
track 5 int s1/0 ip routing

 int f0/0
 vrrp 1 track 5 decrement 50
exit

interface serial 1/0
shutdown

*Mar 1 03:26:12.855: %TRACKING-5-STATE: 5 interface Se1/0 ip routing Up->Down
R2(config-if)#ex
*Mar 1 03:26:14.831: %LINK-5-CHANGED: Interface Serial1/0, changed state to
administratively down 
*Mar 1 03:26:15.831: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial1/0,
changed state to down
R2(config-if)#ex

R2(config)#
*Mar 1 03:26:27.387: %VRRP-6-STATECHANGE: Fa0/0 Grp 1 state Master -> Backup

Step 5: Verify VRRP Automatic Gateway selection to Router 3 form Standby state to Active state

R3:
R3#show vrrp
*Mar 1 03:26:25.699: %VRRP-6-STATECHANGE: Fa0/0 Grp 1 state Backup -> Master 

R3#sh vrrp
FastEthernet0/0 - Group 1
 State is Master
 Virtual IP address is 10.0.0.5
 Virtual MAC address is 0000.5e00.0101
 Advertisement interval is 5.000 sec
 Preemption enabled
 Priority is 110
 Master Router is 10.0.0.3 (local), priority is 110
 Master Advertisement interval is 5.000 sec
 Master Down interval is 15.570 sec

R2:
R2#show vrrp
FastEthernet0/0 - Group 1
 State is Backup
 Virtual IP address is 10.0.0.5
 Virtual MAC address is 0000.5e00.0101
 Advertisement interval is 5.000 sec
 Preemption enabled
 Priority is 100 (cfgd 150)
 Track object 5 state Down decrement 50
 Master Router is 10.0.0.3, priority is 110
 Master Advertisement interval is 5.000 sec
 Master Down interval is 15.414 sec (expires in 14.490 sec) 

R1:
R1#ping 100.100.100.100

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 100.100.100.100, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 120/166/196 ms

R2:
Int s1/0
No shut 

*Mar 1 03:36:54.283: %VRRP-6-STATECHANGE: Fa0/0 Grp 1 state Backup -> Master

R2(config)#do sh vrrp
FastEthernet0/0 - Group 1
 State is Master
 Virtual IP address is 10.0.0.5
 Virtual MAC address is 0000.5e00.0101
 Advertisement interval is 5.000 sec
 Preemption enabled
 Priority is 150
 Track object 5 state Up decrement 50
 Master Router is 10.0.0.2 (local), priority is 150
 Master Advertisement interval is 5.000 sec
 Master Down interval is 15.414 sec 

R3:
*Mar 1 03:36:52.755: %VRRP-6-STATECHANGE: Fa0/0 Grp 1 state Master -> Backup
R3(config)#do sh vrrp
FastEthernet0/0 - Group 1
 State is Backup
 Virtual IP address is 10.0.0.5
 Virtual MAC address is 0000.5e00.0101
 Advertisement interval is 5.000 sec
 Preemption enabled
 Priority is 110
 Master Router is 10.0.0.2, priority is 150
 Master Advertisement interval is 5.000 sec
 Master Down interval is 15.570 sec (expires in 14.162 sec)

Task 5: VRRP Authentication

Step 1: Configure VRRP Authentication

R2:
int f0/0
 vrrp 1 authentication md5 key-string cisco
 ex

R3:
int f0/0
 vrrp 1 authentication md5 key-string cisco
 ex

R2:
R2(config)#do sh vrrp
FastEthernet0/0 - Group 1
 State is Master
 Virtual IP address is 10.0.0.5
 Virtual MAC address is 0000.5e00.0101
 Advertisement interval is 5.000 sec
 Preemption enabled
 Priority is 150
 Track object 5 state Up decrement 50
 Authentication MD5, key-string "cisco"
 Master Router is 10.0.0.2 (local), priority is 150
 Master Advertisement interval is 5.000 sec
 Master Down interval is 15.414 sec

R3:
R3(config)#do sh vrrp
FastEthernet0/0 - Group 1
 State is Backup
 Virtual IP address is 10.0.0.5
 Virtual MAC address is 0000.5e00.0101
 Advertisement interval is 5.000 sec
 Preemption enabled
 Priority is 110
 Authentication MD5, key-string "cisco"
 Master Router is 10.0.0.2, priority is 150
 Master Advertisement interval is 5.000 sec
 Master Down interval is 15.570 sec (expires in 11.298 sec)