Authentication, Vrrp alongside rip, ospf, and bgp4 – Brocade BigIron RX Series Configuration Guide User Manual
Page 537
BigIron RX Series Configuration Guide
459
53-1002484-04
Overview of VRRP
17
on page 457, Router1’s priority changes from 255 to 20. One of the parameters
contained in the Hello messages the Master router sends to its Backups is the Master router’s
priority. If the track port feature results in a change in the Master router’s priority, the Backup
routers quickly become aware of the change and initiate a negotiation for Master router.
In
on page 457, the track priority results in Router1’s VRRP priority becoming lower than
Router2’s VRRP priority. As a result, when Router2 learns that it now has a higher priority than
Router1, Router2 initiates negotiation for Master router and becomes the new Master router, thus
providing an open path for Host1’s traffic. To take advantage of the track port feature, make sure
the track priorities are always lower than the VRRP priorities. The default track priority for the router
that owns the VRID IP address(es) is 2. The default track priority for Backup routers is 1. If you
change the track port priorities, make sure you assign a higher track priority to the Owner of the IP
address(es) than the track priority you assign on the Backup routers.
Suppression of RIP advertisements for backed up interfaces
The Brocade implementation also enhances VRRP by allowing you to configure the protocol to
suppress RIP advertisements for the backed up paths from Backup routers. Normally, a VRRP
Backup router includes route information for the interface it is backing up in RIP advertisements.
As a result, other routers receive multiple paths for the interface and might sometimes
unsuccessfully use the path to the Backup rather than the path to the Master. If you enable the
Brocade implementation of VRRP to suppress the VRRP Backup routers from advertising the
backed up interface in RIP, other routers learn only the path to the Master router for the backed up
interface.
Authentication
For backward compatibility with RFC 2338, implementation of VRRP can use simple passwords to
authenticate VRRP packets. The VRRP authentication type is not a parameter specific to the VRID.
Instead, VRRP uses the authentication type associated with the interfaces on which you define the
VRID. For example, if you configure your router interfaces to use a simple password to authenticate
traffic, VRRP uses the same simple password and VRRP packets that do not contain the password
are dropped. If your interfaces do not use authentication, neither does VRRP.
NOTE
The MD5 authentication type is not supported for VRRP.
Forcing a master router to abdicate to a standby router
You can force a VRRP Master to abdicate (give away control) of a virtual router to a Backup by
temporarily changing the Master’s priority to a value less than the Backup’s. When you change a
VRRP Owner’s priority, the change takes effect only for the current power cycle. The change is not
saved to the startup configuration file when you save the configuration and is not retained across a
reload or reboot. Following a reload or reboot, the VRRP Owner again has priority 255.
VRRP alongside RIP, OSPF, and BGP4
VRRP operation is independent of the RIP, OSPF, and BGP4 protocols. Their operation is
unaffected when VRRP is enabled on a RIP, OSPF, or BGP4 interface.