Virtual Router Redundancy Protocol (VRRP) is a gateway redundancy networking protocol used to create a virtual gateway similar to HSRP. VRRP enhances the availability of default gateway for devices on a LAN.
VRRP is an IEEE standard gateway redundancy protocol. VRRP
uses the multicast group IP address 224.0.0.18 and transport port number UDP 112.
VRRP does not provide load balancing like GLBP does. VRRP advertise timer is 1
second and master down time is 3 advertisements. yes, we can change the timer and priority, if both router priorities
are the same then the highest IP address is a tiebreaker. One router becomes the master
and the rest of the routers are for backup in case of failover of the master. If the
master router is back on, it will automatically become a master router. By default,
pre-empt is on in VRRP.
(Please take a look at HSRP and GLBP click here)
Let's see the configuration for a better understanding:-
Topology:-
Goal:
- configure the topology as per the diagram
- assign the IP address as per the topology
- assign the IP addresses on PCs and default gateway 100.1.1.100
- configure a default route on router 1 and router 2
- configure router 3 to act as ISP router and assign IP on loopbacks
- configure static routing on router 3
- configure VRRP on router 1 and make this router master
- configure VRRP authentication MD5 internet
- configure VRRP on router 2 and make this router backup
- make sure LAN traffic can access the internet routes
- make the event failover and ensure router 2 which is for the back, becomes the master.
VRRP-PRIME-R1-(config)#interface serial 4/0
VRRP-PRIME-R1-(config-if)#ip address 13.1.1.1 255.0.0.0
VRRP-PRIME-R1-(config-if)#no shutdown
VRRP-PRIME-R1-(config-if)#exit
VRRP-PRIME-R1-(config-if)#ip address 13.1.1.1 255.0.0.0
VRRP-PRIME-R1-(config-if)#no shutdown
VRRP-PRIME-R1-(config-if)#exit
VRRP-PRIME-R1-(config)#interface fastethernet 1/1
VRRP-PRIME-R1-(config-if)#ip address 100.1.1.10 255.255
VRRP-PRIME-R1-(config-if)#ip address 100.1.1.10 255.255.255.0
VRRP-PRIME-R1-(config-if)#no shutdown
VRRP-PRIME-R1-(config-if)#exit
VRRP-SEC-R2-(config-if)#ip address 23.2.2.1 255.0.0.0
VRRP-SEC-R2-(config-if)#no shutdown
VRRP-SEC-R2-(config-if)#exit
VRRP-SEC-R2-(config)#interface fastethernet 0/0
VRRP-SEC-R2-(config-if)#ip address 100.1.1.20 255.255.255.0
VRRP-SEC-R2-(config-if)#no shutdown
VRRP-SEC-R2-(config-if)#exit
ISP-R3-(config)#interface serial 4/1
ISP-R3-(config-if)#ip address 23.2.2.2 255.0.0.0
ISP-R3-(config-if)#no shutdown
ISP-R3-(config-if)#exit
ISP-R3-(config)#interface serial 4/0
ISP-R3-(config-if)#ip address 13.1.1.2 255.0.0.0
ISP-R3-(config-if)#no shutdown
ISP-R3-(config-if)#exit
ISP-R3-(config-if)#ip address 33.1.1.1 255.255.255.0
ISP-R3-(config-if)#exit
ISP-R3-(config)#interface loopback 1
ISP-R3-(config-if)#ip address 33.1.1.1 255.255.255.0
ISP-R3-(config-if)#exit
ISP-R3-(config)#interface loopback 2
ISP-R3-(config-if)#ip address 33.1.2.1 255.255.255.0
ISP-R3-(config-if)#exit
Checking for duplicate address...
PC1 : 100.1.1.2 255.255.255.0 gateway 100.1.1.100
IP/MASK : 100.1.1.2/24
GATEWAY : 100.1.1.100
DNS :
MAC : 00:50:79:66:68:00
LPORT : 10031
RHOST:PORT : 127.0.0.1:10032
MTU: : 1500
Checking for duplicate address...
PC1 : 100.1.1.3 255.255.255.0 gateway 100.1.1.100
IP/MASK : 100.1.1.3/24
GATEWAY : 100.1.1.100
DNS :
MAC : 00:50:79:66:68:01
LPORT : 10033
RHOST:PORT : 127.0.0.1:10034
MTU: : 1500
Checking for duplicate address...
PC1 : 100.1.1.4 255.255.255.0 gateway 100.1.1.100
IP/MASK : 100.1.1.4/24
GATEWAY : 100.1.1.100
DNS :
MAC : 00:50:79:66:68:02
LPORT : 10035
RHOST:PORT : 127.0.0.1:10036
MTU: : 1500
Checking for duplicate address...
PC1 : 100.1.1.5 255.255.255.0 gateway 100.1.1.100
IP/MASK : 100.1.1.5/24
GATEWAY : 100.1.1.100
DNS :
MAC : 00:50:79:66:68:03
LPORT : 10037
RHOST:PORT : 127.0.0.1:10038
MTU: : 1500
VRRP-PRIME-R1-(config)#ip route 0.0.0.0 0.0.0.0 serial 4/0
VRRP-PRIME-R1-(config)#exit
VRRP-SEC-R2-(config)#ip route 0.0.0.0 0.0.0.0 serial 4/1
VRRP-SEC-R2-(config)#exit
VRRP-PRIME-R1-(config)#interface fastethernet 1/1
VRRP-PRIME-R1-(config-if)#vrrp 100 ip 100.1.1.100
VRRP-PRIME-R1-(config)#exit
VRRP-SEC-R2-(config)#exit
VRRP-PRIME-R1-(config-if)#vrrp 100 ip 100.1.1.100
VRRP-PRIME-R1-(config-if)#vrrp 100 priority 120
VRRP-PRIME-R1-(config-if)#vrrp 100 authentication md5 key-string internet
VRRP-PRIME-R1-(config-if)#vrrp 100 track 1
VRRP-PRIME-R1-(config-if)#exit
*Mar 21 22:54:11.779: %VRRP-6-STATECHANGE: Fa1/1 Grp 100 state Init -> Backup
*Mar 21 22:54:15.391: %VRRP-6-STATECHANGE: Fa1/1 Grp 100 state Backup -> Master
*Mar 21 22:54:15.391: %VRRP-6-STATECHANGE: Fa1/1 Grp 100 state Backup -> Master
VRRP-PRIME-R1-(config)#track 1 interface serial 4/0 line-protocol
VRRP-PRIME-R1-(config-track)#interface fastethernet 1/1
VRRP-PRIME-R1-(config-if)#vrrp 100 track 1 decrement 30
VRRP-PRIME-R1-(config-if)#exit
VRRP-SEC-R2-(config-if)#vrrp 100 ip 100.1.1.100
VRRP-SEC-R2-(config-if)#vrrp 100 authentication md5
key-string internet
VRRP-SEC-R2-(config-if)#end
VRRP-SEC-R2-(config-if)#end
*Mar 21 23:01:31.883: %VRRP-6-STATECHANGE: Fa0/0 Grp 100 state Backup -> Master
ISP-R3-(config)#ip route 100.1.1.0 255.255.255.0 serial 4/0
ISP-R3-(config)#exit
VRRP-PRIME-R1-#show vrrp interface fastEthernet 1/1
FastEthernet1/1 - Group 100
State is Master
Virtual IP address is 100.1.1.100
Virtual MAC address is 0000.5e00.0164
Advertisement interval is 1.000 sec
Preemption enabled
Priority is 120
Track object 1 state Up decrement 30
Authentication MD5, key-string
Master Router is 100.1.1.10 (local), priority is 120
Master Advertisement interval is 1.000 sec
Master Down interval is 3.531 sec
VRRP-PRIME-R1-#show vrrp brief
Interface Grp Pri Time Own Pre State Master addr Group addr
Fa1/1 100 120 3531 Y Master 100.1.1.10 100.1.1.100
VRRP-SEC-R2-#show vrrp
FastEthernet0/0 - Group 100
State is Backup
Virtual IP address is 100.1.1.100
Virtual MAC address is 0000.5e00.0164
Advertisement interval is 1.000 sec
Preemption enabled
Priority is 100
Authentication MD5, key-string
Master Router is 100.1.1.10, priority is 120
Master Advertisement interval is 1.000 sec
Master Down interval is 3.609 sec (expires in 2.989 sec)
VRRP-SEC-R2-#show vrrp brief
Interface Grp Pri Time Own Pre State Master addr Group addr
Fa0/0 100 100 3609 Y Backup 100.1.1.10 100.1.1.100
PC1> ping 33.1.1.1
84 bytes from 33.1.1.1 icmp_seq=1 ttl=254 time=49.541 ms
84 bytes from 33.1.1.1 icmp_seq=2 ttl=254 time=47.846 ms
84 bytes from 33.1.1.1 icmp_seq=3 ttl=254 time=46.660 ms
84 bytes from 33.1.1.1 icmp_seq=4 ttl=254 time=47.615 ms
84 bytes from 33.1.1.1 icmp_seq=5 ttl=254 time=48.413 ms
PC3> ping 33.1.2.1
84 bytes from 33.1.2.1 icmp_seq=1 ttl=254 time=47.187 ms
84 bytes from 33.1.2.1 icmp_seq=2 ttl=254 time=47.018 ms
84 bytes from 33.1.2.1 icmp_seq=3 ttl=254 time=46.555 ms
84 bytes from 33.1.2.1 icmp_seq=4 ttl=254 time=32.160 ms
84 bytes from 33.1.2.1 icmp_seq=5 ttl=254 time=48.195 ms
PC4> ping 33.1.3.1
84 bytes from 33.1.3.1 icmp_seq=1 ttl=254 time=46.460 ms
84 bytes from 33.1.3.1 icmp_seq=2 ttl=254 time=46.906 ms
84 bytes from 33.1.3.1 icmp_seq=3 ttl=254 time=47.081 ms
84 bytes from 33.1.3.1 icmp_seq=4 ttl=254 time=47.244 ms
84 bytes from 33.1.3.1 icmp_seq=5 ttl=254 time=47.286 ms
VRRP-PRIME-R1-(config)#interface fastEthernet 1/1
VRRP-PRIME-R1-(config-if)#shutdown
ISP-R3-(config)#exit
FastEthernet1/1 - Group 100
State is Master
Virtual IP address is 100.1.1.100
Virtual MAC address is 0000.5e00.0164
Advertisement interval is 1.000 sec
Preemption enabled
Priority is 120
Track object 1 state Up decrement 30
Authentication MD5, key-string
Master Router is 100.1.1.10 (local), priority is 120
Master Advertisement interval is 1.000 sec
Master Down interval is 3.531 sec
Interface Grp Pri Time Own Pre State Master addr Group addr
Fa1/1 100 120 3531 Y Master 100.1.1.10 100.1.1.100
FastEthernet0/0 - Group 100
State is Backup
Virtual IP address is 100.1.1.100
Virtual MAC address is 0000.5e00.0164
Advertisement interval is 1.000 sec
Preemption enabled
Priority is 100
Authentication MD5, key-string
Master Router is 100.1.1.10, priority is 120
Master Advertisement interval is 1.000 sec
Master Down interval is 3.609 sec (expires in 2.989 sec)
Interface Grp Pri Time Own Pre State Master addr Group addr
Fa0/0 100 100 3609 Y Backup 100.1.1.10 100.1.1.100
84 bytes from 33.1.1.1 icmp_seq=1 ttl=254 time=49.541 ms
84 bytes from 33.1.1.1 icmp_seq=2 ttl=254 time=47.846 ms
84 bytes from 33.1.1.1 icmp_seq=3 ttl=254 time=46.660 ms
84 bytes from 33.1.1.1 icmp_seq=4 ttl=254 time=47.615 ms
84 bytes from 33.1.1.1 icmp_seq=5 ttl=254 time=48.413 ms
84 bytes from 33.1.2.1 icmp_seq=1 ttl=254 time=47.187 ms
84 bytes from 33.1.2.1 icmp_seq=2 ttl=254 time=47.018 ms
84 bytes from 33.1.2.1 icmp_seq=3 ttl=254 time=46.555 ms
84 bytes from 33.1.2.1 icmp_seq=4 ttl=254 time=32.160 ms
84 bytes from 33.1.2.1 icmp_seq=5 ttl=254 time=48.195 ms
84 bytes from 33.1.3.1 icmp_seq=1 ttl=254 time=46.460 ms
84 bytes from 33.1.3.1 icmp_seq=2 ttl=254 time=46.906 ms
84 bytes from 33.1.3.1 icmp_seq=3 ttl=254 time=47.081 ms
84 bytes from 33.1.3.1 icmp_seq=4 ttl=254 time=47.244 ms
84 bytes from 33.1.3.1 icmp_seq=5 ttl=254 time=47.286 ms
VRRP-PRIME-R1-(config-if)#shutdown
*Mar 21 23:25:48.295: %VRRP-6-STATECHANGE: Fa1/1 Grp 100 state Master -> Init
FastEthernet0/0 - Group 100
State is Master
Virtual IP address is 100.1.1.100
Virtual MAC address is 0000.5e00.0164
Advertisement interval is 1.000 sec
Preemption enabled
Priority is 100
Authentication MD5, key-string
Master Router is 100.1.1.20 (local), priority is 100
Master Advertisement interval is 1.000 sec
Master Down interval is 3.609 sec
No comments:
Post a Comment