Vrrp principles, Vrrp tracking – H3C Technologies H3C SecBlade LB Cards User Manual
Page 16
8
•
Auth Type—Authentication type. 0 means no authentication, 1 means simple text authentication,
and 2 means MD5 authentication. VRRPv3 does not support MD5 authentication.
•
Adver Int—Interval for sending advertisement packets. For VRRPv2, the interval is in seconds and
defaults to 1. For VRRPv3, the interval is in centiseconds and defaults to 100.
•
Checksum—16-bit checksum for validating the data in VRRP packets.
•
IP Address/IPv6 Address—Virtual IPv4 or IPv6 address entry of the VRRP group. The Count IP
Addrs or Count IPv6 Addrs field defines the number of virtual IPv4 or IPv6 addresses.
•
Authentication Data—Authentication key. This field is used only for simple authentication and is 0
for any other authentication mode.
VRRP principles
•
Routers in a VRRP group determine their roles by priority. The router with the highest priority is the
master, and the others are the backups. The master periodically sends VRRP advertisements to notify
the backups that it is working properly, and each of the backups starts a timer to wait for
advertisements from the master.
•
In preemptive mode, when a backup receives a VRRP advertisement, it compares the priority in the
packet with its own priority. If the priority of the backup is higher, the backup becomes the master.
Otherwise, it remains as a backup. In preemptive mode, a VRRP group always has the router with
the highest priority as the master for forwarding packets.
•
In non-preemptive mode, a backup with higher priority than the master does not preempt the master
if the master is correctly working. The non-preemptive mode avoids frequent switchover between the
master and backups.
•
If the timer of a backup expires but the backup still does not receive any VRRP advertisement, it
considers that the master failed. In this case, the backup considers itself as the master and sends
VRRP advertisements to start a new master election.
•
When multiple routers in a VRRP group declare that they are the master because of inconsistent
configuration or network problems, the one with the highest priority becomes the master. If two
routers have the same priority, the one with the highest IP address becomes the master.
•
When a backup router receives an advertisement, it compares its priority with the advertised priority.
If its priority is higher, it takes over the master.
VRRP tracking
To enable VRRP tracking, first configure the routers in the VRRP group to operate in preemptive mode, so
that the router with the highest priority always operates as the master for forwarding packets.
1.
Tracking a specified interface
The interface tracking function expands the backup functionality of VRRP. It provides backup not
only when the interface to which a VRRP group is assigned fails, but also when other interfaces
(such as uplink interfaces) on the router become unavailable.
If the uplink interface of a router in a VRRP group fails, usually the VRRP group cannot be aware of
the uplink interface failure. If the router is the master of the VRRP group, hosts on the LAN are not
able to access external networks because of the uplink failure. This problem can be solved by
tracking a specified uplink interface. If the tracked uplink Layer 3 interface (with an IP address
configured) is down or removed, the priority of the master is automatically decreased by a
specified value and a higher priority router in the VRRP group becomes the master.
2.
Tracking a track entry
By monitoring a track entry, you can do the following:
{
Monitor an uplink and change the priority of the router according to the uplink state.