- Virtual Router Redundancy Protocol
Virtual Router Redundancy Protocol (VRRP) is a non-proprietary redundancy protocol described in RFC 3768 designed to increase the availability of the
default gatewayservicing hosts on the same subnet. This increased reliability is achieved by advertising a "virtual router" (an abstract representation of master and backup routers acting as a group) as a default gatewayto the host(s) instead of one physical router. Two or more physical routers are then configured to stand for the virtual router, with only one doing the actual routing at any given time. If the current physical router that is routingthe data on behalf of the virtual router fails, an arrangement is made for another physical router to automatically replace it. The physical router that is currently forwarding data on behalf of the virtual router is called the master router. Physical routers standing by to take over from the master router in case something goes wrong are called backup routers.
VRRP can be used over
Ethernet, MPLSand token ringnetworks. Implementations for IPv6are in development, but not yet available. VRRP provides information on the state of a rout"er", not the routes processed and exchanged by that router. Each VRRP instance is limited, in scope, to a single subnet. It does not advertise IP routes beyond that subnet or affect the routingtable in any way.
A virtual router must use 00-00-5E-00-01-XX as its
Media Access Control(MAC) address. The last byte of the address (XX) is the Virtual Router IDentifier (VRID), which is different for each virtual router in the network. This address is used by only one physical router at a time, and is the only way that other physical routers can identify the master router within a virtual router. Physical routers acting as virtual routers must communicate within themselves using packets with multicast IP address 184.108.40.206 and IP protocol number 112.
Master routers have a priority of 255 and backup router(s) can have priority between 1-254. When a planned withdrawal of a master router is to take place, it changes its priority to zero which forces a backup router to take up the master router status more quickly. This is in order to reduce the black hole period.
Elections of master routers
A failure to receive a multicast packet from the master router for a period longer than three times the advertisement timer causes the backup routers to assume that the master router is dead. The virtual router then transitions into an unsteady state and an election process is initiated to select the next master router from the backup routers. This is fulfilled through the use of multicast packets.
It should be noted that backup router(s) are only supposed to send multicast packets during an election process. One exception to this rule is when a physical router is configured to always overthrow the current master after it has been introduced into the virtual router. This allows a system administrator to force a physical router to the master state immediately after
booting, for example when that particular router is more powerful than others within the virtual router or when that particular router uses the least expensive bandwidth. The backup router with the highest priority becomes the master router by raising its priority to 255 and sending Address Resolution Protocolpackets with the virtual MAC address and its physical IP address. This redirects the hosts' packets from the fallen master router to the current master router. In cases where backup routers all have the same priority, the backup router with the highest IP address becomes the master router.
All physical routers acting as a virtual router must be within one hop of each other. Communication within the virtual router takes place periodically. This period can be adjusted by changing advertisement interval timers. The shorter the advertisement interval, the shorter the black hole period, though at the expense of more traffic in the network. Security is achieved by responding only to first hop packets, though other mechanisms are provided to reinforce this, particularly against local attacks. Some details have been omitted to improve readability. Notable among these is the use of
skew time, derived from a router's priority and used to reduce the chance of the thundering herd problemoccurring during election.
Backup router utilization can be improved by load sharing. For more on this, see RFC 3768.
VRRP is based on Cisco's proprietary HSRP concepts. VRRP is actually a standardized version of Cisco's HSRP. Those protocols, while similar in concept, are not compatible. Therefore, on newer installations it is recommended to implement VRRP, because it is the standard.
Common Address Redundancy Protocol(CARP) - non-proprietary patent-free and unrestricted alternative to HSRP and VRRP
Ethernet Automatic Protection Switching
Gateway Load Balancing Protocol- Cisco proprietary router redundancy contraption providing load balancing
Hot Standby Routing Protocol- Cisco proprietary router redundancy contraption
R-SMLT(Routed Split Multilink Trunking) - Nortel Networksproprietary router redundancy contraption.
* [http://www.redbooks.ibm.com/redpapers/pdfs/redp3657.pdf A detailed VRRP article]
* RFC 3768 - RFC concerning VRRP
* [http://kerneltrap.org/comment/reply/477/1567 Controversy involving VRRP and Cisco patents]
* [ftp://ftp.ietf.org/ietf-mail-archive/vrrp/ Mailing list]
** [http://sourceforge.net/projects/vrrpd/ A GPL licensed implementation of VRRP designed for Linux operating systems]
** [http://sourceforge.net/projects/svrrpd/ A BSD licensed implementation of VRRP for Unix-like operating systems] (described as "not functional yet")
** [http://www.keepalived.org A GPL licensed implementation of VRRPv2 for Linux operating systems]
** [http://www.cisco.com/en/US/docs/ios/ipapp/configuration/guide/ipapp_vrrp.html Configuring VRRP on Cisco IOS]
** [http://support.3com.com/infodeli/tools/bridrout/u_guides/html/nb111/family/features/vrrp.htm Configuring VRRP on 3com NETBuilder]
** Vyatta, a commercial open-source router / firewall with VRRP functionality.
Wikimedia Foundation. 2010.