First Hop Redundancy Protocols Configuration Guide, Cisco IOS XE Release 3S
Virtual Router Redundancy Service
Downloads: This chapterpdf (PDF - 1.35MB) The complete bookPDF (PDF - 3.92MB) | The complete bookePub (ePub - 590.0KB) | Feedback

Virtual Router Redundancy Service

Virtual Router Redundancy Service

Virtual Router Redundancy Service (VRRS) provides a multiclient information abstraction and management service between the Virtual Router Redundancy Protocol (VRRP), VRRS pathways and optional VRRS clients. The VRRS multiclient service provides a consistent interface with VRRP by abstracting over several First Hop Redundancy Protocols (FHRPs) and providing an idealized view of their state. VRRS manages data updates, allowing interested clients to register in one place and receive updates for named VRRP groups.

VRRP acts as a server that pushes VRRP status information out to VRRS pathways, and all registered VRRS clients. Pathways and clients obtain status on all essential information provided by VRRP, including current and previous redundancy states, active and inactive Layer 2 and Layer 3 addresses, and, in some cases, information about other redundant gateways in the network. Pathways use this information in order to provide scaled first-hop gateway redundancy across scaled interface environments. VRRS clients will also use this information to provide stateless and stateful redundancy information to clients and protocols.


Note


In this module, VRRP and VRRPv3 are used interchangeably.


Finding Feature Information

Your software release may not support all the features documented in this module. For the latest caveats and feature information, see Bug Search Tool and the release notes for your platform and software release. To find information about the features documented in this module, and to see a list of the releases in which each feature is supported, see the feature information table at the end of this module.

Use Cisco Feature Navigator to find information about platform support and Cisco software image support. To access Cisco Feature Navigator, go to www.cisco.com/​go/​cfn. An account on Cisco.com is not required.

Restrictions for VRRS

  • VRRS plug-ins must be configured on subinterfaces that are not configured with VRRP, but which share a physical interface with a VRRP group it is following.

  • VRRP Version 2 (VRRPv2) is configurable only on Gigabit Ethernet interfaces.

  • VRRS is currently only available for use with VRRP Version 3 (VRRPv3).

Information About VRRS

VRRS Overview

VRRS improves the scalability of VRRP. VRRS provides a stateless redundancy service to VRRS pathways and applications (VRRS clients) by monitoring VRRP. VRRS provides a database of the current VRRP state and provides a “push” data service to the VRRS pathways and clients with which it communicates. VRRP acts as a VRRS server. VRRS clients are other Cisco processes or applications that use VRRP to provide or withhold a service or resource dependent upon the state of the group. VRRS pathways are special VRRS clients that use the VRRS database information in order to provide scaled first–hop gateway redundancy across scaled interface environments.

The VRRS by itself is limited to maintaining its own state. Linking a VRRS client to a VRRP group provides a mechanism that allows VRRS to provide a service to client applications so that they can implement stateless or stateful failover. Stateless failover is failover without syncing of state. Stateful failover requires communication with a nominated backup before failure so that operational data is not lost when failover occurs.

VRRS pathways operate in a similar way to clients, but are integrated with the VRRS architecture. They provide a means to scale first–hop gateway redundancy by allowing the user the opportunity to configure a virtual address across hundreds of interfaces. The “virtual gateway” state of a VRRS pathway follows the state of an FHRP VRRS server.

Using VRRS with VRRP

VRRP provides server support for VRRS. The VRRP server pushes state and status information to VRRS when an internal update occurs. VRRS updates its internal database upon receiving a server update, and then sends push notifications to each of the VRRS clients associated with the shared name. Clients are interested in the protocol state, virtual MAC (vMAC) address, and virtual IP address information associated with a group. The association name between a client and a VRRP group is a character name string. The information provided by VRRS allows clients to perform various activities that are dependent on the state of the associated VRRP group.

VRRP notifies VRRS of its current state (master, backup, or nonoperational initial state [INIT]). The VRRP state is then passed on to pathways or clients. A VRRP group should be configured with a name to activate VRRS. Pathways or clients should be configured with the same name to bind them with VRRS.

The VRRP group name associates the VRRP group with any clients that are configured as part of VRRS with the same name.

VRRS Servers and Clients

VRRP acts as the VRRS server. Pathways and clients act on the VRRP server state. When a VRRP group changes state, VRRS pathways and clients act by altering their behaviour (performing tasks such as shutting down interfaces or appending accounting logs) depending on the state received from VRRS.

VRRS Pathways and Pathway Manager

VRRS Pathways

A VRRS pathway is defined as an entity that will provide IPv4 or IPv6 traffic forwarding duties using the following features on an Ethernet interface (such as a physical interface, subinterface, or a Switch Virtual Interface [SVI]):
  • vMAC address insertion and removal into the hardware driver using MACdb.

  • Virtual IP (vIP) insertion and removal using the IPv4 and IPv6 APIs.

  • Provision to associate the vIP with the interface burned-in address (BIA) MAC.

  • Provision to associate the vMAC address with the interface–owned vIP.

  • Maintain the association of a vMAC with a vIP on a LAN using the Address Resolution Protocol (ARP) or Neighbor Discovery Protocol.

  • Maintain the switching cache (content-addressable memory or [CAM]) of connected Layer 2 devices on the LAN.

  • Checkpoints all data and the pathway state with a High Availability module.

A Pathway will provide some of the above features using its association with either the VRRS Pathway L2 Controller or the VRRS Pathway L3 Controller.

VRRS Pathway Manager

The VRRS Pathway Manager provides the following features:

  • Creates an association between one or more VRRS pathway instances and a single VRRS database name entry.

  • Pushes configuration and state information to associated registered pathways in response to a push from VRRS.

  • Provides debugging and show output to the user. The output is related to the state and configuration of the VRRS pathway manager.

  • Is Online Insertion and Removal (OIR)–aware and manages pathways that may be affected by OIR events.

  • Is Virtual Routing and Forwarding (VRF)–aware and manages pathways that may be affected by VRF events.

How to Configure VRRS

Configuring VRRPv3 Control Groups

Perform the following task to configure a VRRP control group.

SUMMARY STEPS

    1.    enable

    2.    configure terminal

    3.    fhrp version vrrp v3

    4.    interface type number

    5.    ip address ip-address mask

    6.    vrrp group-id address-family {ipv4 | ipv6}

    7.    address ip-address [primary | secondary]

    8.    vrrs leader vrrs-leader-name

    9.    end


DETAILED STEPS
     Command or ActionPurpose
    Step 1 enable


    Example:
    Device> enable
     

    Enables privileged EXEC mode.

    • Enter your password if prompted.

     
    Step 2 configure terminal


    Example:
    Device# configure terminal
     

    Enters global configuration mode.

     
    Step 3 fhrp version vrrp v3


    Example:
    Device(config)# fhrp version vrrp v3
     

    Enables the ability to configure VRRPv3 and VRRS.

    Note   

    When VRRPv3 is in use, VRRPv2 is unavailable.

     
    Step 4 interface type number


    Example:
    Device(config)# interface vlan 40
     

    Enters interface configuration mode.

     
    Step 5 ip address ip-address mask


    Example:
    Device(config-if)# ip address 209.165.200.230 255.255.255.224
     
     

    Configures the IP address on the interface.

     
    Step 6 vrrp group-id address-family {ipv4 | ipv6}


    Example:
    Device(config-if)# vrrp 1 address-family ipv4 
     

    Creates a VRRP group and enters VRRP configuration mode.

     
    Step 7 address ip-address [primary | secondary]


    Example:
    Device(config-if-vrrp)# address 209.165.202.141
     
     

    Specifies a primary or secondary address for the VRRP group.

     
    Step 8 vrrs leader vrrs-leader-name


    Example:
    Device(config-if-vrrp)# vrrs leader group1
     

    Specifies a leader’s name to be registered with VRRS and enables a VRRP group to control a VRRS pathway.

    • It is possible for a single VRRP instance to control more than one VRRS group. A registered VRRS name is unavailable by default.

     
    Step 9 end


    Example:
    Device(config-if-vrrp)# end
     

    Returns to privileged EXEC mode.

     

    Configuring VRRS Pathways

    Perform the following task to configure a VRRP pathway.

    SUMMARY STEPS

      1.    enable

      2.    configure terminal

      3.    fhrp version vrrp v3

      4.    interface type number

      5.    ip address ip-address mask

      6.    vrrs pathway vrrs-leader-name

      7.    mac address mac-address

      8.    address ip-address

      9.    end


    DETAILED STEPS
       Command or ActionPurpose
      Step 1 enable


      Example:
      Device> enable
       

      Enables privileged EXEC mode.

      • Enter your password if prompted.

       
      Step 2 configure terminal


      Example:
      Device# configure terminal
       

      Enters global configuration mode.

       
      Step 3 fhrp version vrrp v3


      Example:
      Device(config)# fhrp version vrrp v3
       

      Enables the ability to configure VRRPv3 and VRRS.

      Note   

      When VRRPv3 is in use, VRRPv2 is unavailable.

       
      Step 4 interface type number


      Example:
      Device(config)# interface vlan 42
       

      Enters interface configuration mode.

       
      Step 5 ip address ip-address mask


      Example:
      Device(config-if)# ip address 209.165.201.25 255.255.255.224
       
       

      Configures the IP address on the interface.

       
      Step 6 vrrs pathway vrrs-leader-name


      Example:
      Device(config-if)# vrrs pathway group1
       

      Defines the VRRS pathway for a VRRS group and enters VRRS pathway configuration mode.

       
      Step 7 mac address mac-address


      Example:
      Device(config-if-vrrs-pw)# mac address fe24.fe24.fe24 
       

      Specifies a MAC address used by a pathway.

       
      Step 8 address ip-address


      Example:
      Device(config-if-vrrs-pw)# address 209.165.201.10
       
       

      Defines the virtual IP for a pathway.

      • Note   

        A VRRP group is capable of controlling more than one pathway.

       
      Step 9 end


      Example:
      Device(config-if-vrrs-pw)# end
       

      Returns to privileged EXEC mode.

      • Note   

        Repeat steps 1 to 9 to configure more pathways.

       

      Verifying VRRS

      Perform this task to verify VRRS functions.


      Note


      The show commands are not in any specific order. The show vrrs pathway command for different pathway states (active, inactive, and “not ready”) is displayed below.


      SUMMARY STEPS

        1.    enable

        2.    show vrrs pathway

        3.    show vrrs pathway

        4.    show vrrs pathway

        5.    show vrrs server


      DETAILED STEPS
        Step 1   enable

        Enables privileged EXEC mode.



        Example:
        Device> enable
                  
        Step 2   show vrrs pathway

        Displays VRRS pathway information for an active pathway with the tag name “group1” and VRRP in master state on the VLAN interface.



        Example:
          Device# show vrrs pathway
        
          Pathway ["group1"@Vlan42]
          State is ACTIVE [VRRS push "ACTIVE"]
          Virtual MAC is fe24.fe24.fe24 [Active] (0)
          Address-family is v4
          Options: Default Pathway=0, Owner Mode=0, Accept-Mode=1, Configured vMAC=1
          Evaluation: No Shut=1, Connected=1, OIR=1, L2 Ready=1, L3 Ready=1, vMAC Ready=1, 
          vIP Ready=1
          Virtual Address List: 209.165.201.10
              
        Step 3   show vrrs pathway

        Displays VRRS pathway information for an inactive pathway with the tag name “group1” and VRRP in backup state on the Ethernet 0/1 interface.



        Example:
          Device# show vrrs pathway
        
          Pathway ["group1"@Et0/1]
          State is INACTIVE [VRRS push "BACKUP"]
          Virtual MAC is 0101.0101.0101 [Reserved] (0)
          Address-family is v4
          Options: Default Pathway=0, Owner Mode=0, Accept-Mode=1, Configured vMAC=1
          Evaluation: No Shut=1, Connected=1, OIR=1, L2 Ready=1, L3 Ready=1, vMAC Ready=1, 
          vIP Ready=1
          Virtual Address List: 209.165.201.10
              
        Step 4   show vrrs pathway

        Displays VRRS pathway information for a “not ready” pathway with the tag name “group1” and VRRP in backup state on the Ethernet 0/1 interface.



        Example:
          Device# show vrrs pathway
        
          Pathway ["group1"@Et0/1]
          State is NOT READY [VRRS push "INIT"]
          Virtual MAC is 0101.0101.0101 [Reserved] (0)
          Address-family is v4
          Options: Default Pathway=0, Owner Mode=0, Accept-Mode=1, Configured vMAC=1
          Evaluation: No Shut=1, Connected=1, OIR=1, L2 Ready=1, L3 Ready=1, vMAC Ready=1, 
          vIP Ready=1
          Virtual Address List: 209.165.201.10
              
        Step 5   show vrrs server

        Displays VRRS server information.



        Example:
          Device# show vrrs pathway
        
          Pathway ["group1"@Et0/1]
          State is INACTIVE [VRRS push "BACKUP"]
          Virtual MAC is 0101.0101.0101 [Reserved] (0)
          Address-family is v4
          Options: Default Pathway=0, Owner Mode=0, Accept-Mode=1, Configured vMAC=1
          Evaluation: No Shut=1, Connected=1, OIR=1, L2 Ready=1, L3 Ready=1, vMAC Ready=1, 
          vIP Ready=1
          Virtual Address List: 209.165.201.10
              
        The table below describes significant fields in the sample output:

        Field

        Description

        State

        Current state of VRRS on an interface. The values displayed are “ACTIVE”, “INACTIVE”, “NOT READY”, or “BACKUP”.

        Virtual MAC

        Virtual MAC address that is reserved for an interface.

        Address-family

        IPv4 or IPv6 address family.

        Default Pathway

        Indicates that the pathway has been implicitly created from a VRRP group, if the value is 1. If the value is 0, it indicates that the pathway has been explicitly created using the vrrs pathway command.

        Owner Mode

        Indicates that the interface IP address is specified if the value is 1.

        Accept-Mode

        Indicates that traffic to a particular virtual IP address is accepted if the value is 1.

        Configured vMAC

        Indicates that a virtual MAC address is configured if the value is 1.

        No Shut

        Indicates that the interface has been set to no shutdown mode if the value is 1.

        Connected

        Indicates that the VRRS pathway is connected to a VRRS group, if the value is 1.

        OIR

        Indicates online insertion and removal (OIR) of interface line cards on a device is complete if the value is 1.

        L2 Ready

        Indicates that the Layer 2 interface is up if the value is 1.

        L3 Ready

        Indicates that the Layer 3 interface is up if the value is 1.

        vMAC Ready

        Indicates that the virtual MAC address has been assigned to an interface if the value is 1.

        vIP Ready

        Indicates that the virtual IP address has been assigned to an interface if the value is 1.

        Virtual Address List

        Address list of the virtual IPv4 or IPv6 addresses.

        Interface

        Name of the interface where the pathway is defined.

        vMAC

        Virtual MAC address that is assigned to an interface.

        vIP Address

        Virtual IP address that is assigned to an interface.

        Tags Connected

        The specific tag name that is currently connected to a pathway on an interface.


        Configuration Examples for VRRS

        Example: Configuring VRRPv3 Control Groups

        The following example shows how to configure a VRRPv3 control group:

        Device> enable
        Device# configure terminal
        Device(config)# fhrp version vrrp v3
        Device(config)# interface vlan 40
        Device(config-if)# ip address 209.165.200.230 255.255.255.224
        Device(config-if)# vrrp 1 address-family ipv4
        Device(config-if-vrrp)# address 209.165.202.141
        Device(config-if-vrrp)# vrrs leader group1
        Device(config-if-vrrp)# end
              

        Note


        In the above example, the fhrp version vrrp v3 command is used in global configuration mode.


        Example: Configuring VRRS pathways

        The following example shows how to configure a VRRS pathway:

        Device> enable
        Device# configure terminal
        Device(config)# fhrp version vrrp v3
        Device(config)# interface vlan 42
        Device(config-if)# ip address 209.165.201.25 255.255.255.224
        Device(config-if)# vrrs pathway group1
        Device(config-if-vrrs-pw)# mac address fe24.fe24.fe24
        Device(config-if-vrrs-pw)# address 209.165.201.10
        Device(config-if-vrrs-pw)# end
              

        Note


        In the above example, the fhrp version vrrp v3 command is used in global configuration mode.


        Additional References

        Related Documents

        Related Topic

        Document Title

        Cisco IOS commands

        Master Command List, All Releases

        FHRP commands

        First Hop Redundancy Protocols Command Reference

        Configuring VRRPv2

        “Configuring VRRP” module in the First Hop Redundancy Protocols Configuration Guide

        VRRPv3 Protocol Support

        “VRRPv3 Protocol Support” module in the First Hop Redundancy Protocols Configuration Guide

        Standards and RFCs

        Standard/RFC

        Title

        RFC5798

        Virtual Router Redundancy Protocol

        Technical Assistance

        Description

        Link

        The Cisco Support and Documentation website provides online resources to download documentation, software, and tools. Use these resources to install and configure the software and to troubleshoot and resolve technical issues with Cisco products and technologies. Access to most tools on the Cisco Support and Documentation website requires a Cisco.com user ID and password.

        http:/​/​www.cisco.com/​cisco/​web/​support/​index.html

        Feature Information for Virtual Router Redundancy Service

        The following table provides release information about the feature or features described in this module. This table lists only the software release that introduced support for a given feature in a given software release train. Unless noted otherwise, subsequent releases of that software release train also support that feature.

        Use Cisco Feature Navigator to find information about platform support and Cisco software image support. To access Cisco Feature Navigator, go to www.cisco.com/​go/​cfn. An account on Cisco.com is not required.

        Table 1 Feature Information for Virtual Router Redundancy Service

        Feature Name

        Releases

        Feature Information

        Virtual Router Redundancy Service

        Cisco IOS XE Release 3.8S

        The VRRS feature provides a multiclient information abstraction and management service between VRRP, VRRS pathways, and optional VRRS clients

        The following commands were introduced or modified: debug vrrs all, debug vrrs database, debug vrrs log, debug vrrs pathway, and show vrrs.