Guest

Support

Implementing VRRP

Hierarchical Navigation

  • Viewing Options

  • PDF (652.6 KB)
  • Feedback
Implementing VRRP

Contents

Implementing VRRP

The Virtual Router Redundancy Protocol (VRRP) feature allows for transparent failover at the first-hop IP router, enabling a group of routers to form a single virtual router.

Feature History for Implementing VRRP

Release

Modification

Release 2.0

This feature was introduced.

Release 3.4.0

This feature was updated to support the minimum and reload delay options.

Release 3.5.0

VRRP supports Ethernet link bundles.

Release 3.7.0

The clear vrrp statistics command was introduced

Release 3.9.0


  • BFD for VRRP feature was added.

  • MIB support for VRRP feature was added.

  • Hot Restartability for VRRP feature was added.

Release 4.1.0

VRRP over IPv6 feature was added.

Prerequisites for Implementing VRRP on Cisco IOS XR Software

You must be in a user group associated with a task group that includes the proper task IDs. The command reference guides include the task IDs required for each command. If you suspect user group assignment is preventing you from using a command, contact your AAA administrator for assistance.

Information About Implementing VRRP

To implement VRRP on Cisco IOS XR software , you need to understand the following concepts:

VRRP Overview

A LAN client can use a dynamic process or static configuration to determine which router should be the first hop to a particular remote destination. The client examples of dynamic router discovery are as follows:


  • Proxy ARP—The client uses Address Resolution Protocol (ARP) to get the destination it wants to reach, and a router responds to the ARP request with its own MAC address.

  • Routing protocol—The client listens to dynamic routing protocol updates (for example, from Routing Information Protocol [RIP]) and forms its own routing table.

  • IRDP (ICMP Router Discovery Protocol) client—The client runs an Internet Control Message Protocol (ICMP) router discovery client.

The drawback to dynamic discovery protocols is that they incur some configuration and processing overhead on the LAN client. Also, in the event of a router failure, the process of switching to another router can be slow.

An alternative to dynamic discovery protocols is to statically configure a default router on the client. This approach simplifies client configuration and processing, but creates a single point of failure. If the default gateway fails, the LAN client is limited to communicating only on the local IP network segment and is cut off from the rest of the network.

The Virtual Router Redundancy Protocol (VRRP) feature can solve the static configuration problem. VRRP is an IP routing redundancy protocol designed to allow for transparent failover at the first-hop IP router. VRRP enables a group of routers to form a single virtual router . The LAN clients can then be configured with the virtual router as their default gateway. The virtual router, representing a group of routers, is also known as a VRRP group.

For example, Figure 1 shows a LAN topology in which VRRP is configured. In this example, Routers A, B, and C are VRRP routers (routers running VRRP) that compose a virtual router. The IP address of the virtual router is the same as that configured for the interface of Router A (10.0.0.1).

Figure 1. Basic VRRP Topology

Basic VRRP Topology

Because the virtual router uses the IP address of the physical interface of Router A, Router A assumes the role of the master virtual router and is also known as the IP address owner. As the master virtual router, Router A controls the IP address of the virtual router and is responsible for forwarding packets sent to this IP address. Clients 1 through 3 are configured with the default gateway IP address of 10.0.0.1.

Routers B and C function as backup virtual routers. If the master virtual router fails, the router configured with the higher priority becomes the master virtual router and provides uninterrupted service for the LAN hosts. When Router A recovers, it becomes the master virtual router again.

Multiple Virtual Router Support

You can configure up to 255 virtual routers on a router physical interface. The actual number of virtual routers that a router interface can support depends on the following factors:


  • Router processing capability

  • Router memory capability

  • Router interface support of multiple MAC addresses

In a topology where multiple virtual routers are configured on a router interface, the interface can act as a master for one or more virtual routers and as a backup for one or more virtual routers.

VRRP Router Priority

An important aspect of the VRRP redundancy scheme is VRRP router priority. Priority determines the role that each VRRP router plays and what happens if the master virtual router fails.

If a VRRP router owns the IP address of the virtual router and the IP address of the physical interface, this router functions as a master virtual router.

Priority also determines if a VRRP router functions as a backup virtual router and determines the order of ascendancy to becoming a master virtual router if the master virtual router fails. You can configure the priority of each backup virtual router with a value of 1 through 254, using the vrrp priority command.

For example, if Router A, the master virtual router in a LAN topology, fails, an election process takes place to determine if backup virtual Routers B or C should take over. If Routers B and C are configured with the priorities of 101 and 100, respectively, Router B is elected to become master virtual router because it has the higher priority. If Routers B and C are both configured with the priority of 100, the backup virtual router with the higher IP address is elected to become the master virtual router.

By default, a preemptive scheme is enabled whereby a higher-priority backup virtual router that becomes available takes over for the backup virtual router that was elected to become master virtual router. You can disable this preemptive scheme using the no vrrp preempt command. If preemption is disabled, the backup virtual router that is elected to become master virtual router remains the master until the original master virtual router recovers and becomes master again.

VRRP Advertisements

The master virtual router sends VRRP advertisements to other VRRP routers in the same group. The advertisements communicate the priority and state of the master virtual router. The VRRP advertisements are encapsulated in IP packets and sent to the IP Version 4 multicast address assigned to the VRRP group. The advertisements are sent every second by default; the interval is configurable.

Benefits of VRRP

The benefits of VRRP are as follows:


  • Redundancy— VRRP enables you to configure multiple routers as the default gateway router, which reduces the possibility of a single point of failure in a network.

  • Load Sharing—You can configure VRRP in such a way that traffic to and from LAN clients can be shared by multiple routers, thereby sharing the traffic load more equitably among available routers.

  • Multiple Virtual Routers—VRRP supports up to 255 virtual routers (VRRP groups) on a router physical interface, subject to the platform supporting multiple MAC addresses. Multiple virtual router support enables you to implement redundancy and load sharing in your LAN topology.

  • Multiple IP Addresses—The virtual router can manage multiple IP addresses, including secondary IP addresses. Therefore, if you have multiple subnets configured on an Ethernet interface, you can configure VRRP on each subnet.

  • Preemption—The redundancy scheme of VRRP enables you to preempt a backup virtual router that has taken over for a failing master virtual router with a higher-priority backup virtual router that has become available.

  • Text Authentication—You can ensure that VRRP messages received from VRRP routers that comprise a virtual router are authenticated by configuring a simple text password.

  • Advertisement Protocol—VRRP uses a dedicated Internet Assigned Numbers Authority (IANA) standard multicast address (224.0.0.18) for VRRP advertisements. This addressing scheme minimizes the number of routers that must service the multicasts and allows test equipment to accurately identify VRRP packets on a segment. The IANA assigns VRRP the IP protocol number 112.

How to Implement VRRP on Cisco IOS XR Software

This section contains instructions for the following tasks:

Customizing VRRP

Customizing the behavior of VRRP is optional. Be aware that as soon as you enable a VRRP group, that group is operating. It is possible that if you first enable a VRRP group before customizing VRRP, the router could take over control of the group and become the master virtual router before you have finished customizing the feature. Therefore, if you plan to customize VRRP, it is a good idea to do so before enabling VRRP.

The sections that follow describe how to customize your VRRP configuration.

SUMMARY STEPS

1.    configure

2.    router vrrp

3.    interface type interface-path-id

4.    address-family {ipv4 | ipv6}

5.    vrrp vrid version { 2 | 3 }

6.    text-authentication

7.    accept-mode{disable}

8.    priority priority

9.    preempt [delay seconds] [disable]

10.    timer [msec] interval [force]

11.    track interface type instance interface-path-id [priority-decrement]

12.    delay [minimum seconds] [ reload seconds]

13.    Use one of the following commands:

  • end
  • commit


DETAILED STEPS
  Command or Action Purpose
Step 1 configure


Example:
RP/0/RP0/CPU0:router# configure
 

Enters global configuration mode.

 
Step 2 router vrrp


Example:

RP/0/RP0/CPU0:router(config)# router vrrp

 

Enables VRRP configuration mode.

 
Step 3 interface type interface-path-id


Example:

RP/0/RP0/CPU0:router(config-vrrp)# interface TenGigE 0/2/0/1

 

Enables VRRP interface configuration mode on a specific interface.

 
Step 4 address-family {ipv4 | ipv6}


Example:

RP/0/RP0/CPU0:routerconfig-vrrp-if)# address-family ipv6

 

Enters the IPv4 or IPv6 address family submode.

 
Step 5 vrrp vrid version { 2 | 3 }


Example:

RP/0/RP0/CPU0:router(config-vrrp-virtual-router)# vrrp 3 version 3
RP/0/RP0/CPU0:router(config-vrrp-virtual-router)# 

 

Enters the virtual router configuration submode.

 
Step 6 text-authentication


Example:

RP/0/RP0/CPU0:router(config-vrrp-virtual-router)# text-authentication x30dn78k

 

(Optional) Configures the simple text authentication used for Virtual Router Redundancy Protocol (VRRP) packets received from other routers running VRRP.


  • When a VRRP packet arrives from another router in the VRRP group, its authentication string is compared to the string configured on the local system. If the strings match, the message is accepted. If they do not match, the packet is discarded.

  • All routers within the group must be configured with the same authentication string.

  • To disable VRRP authentication, use the no command.

Note   

Plain text authentication is not meant to be used for security. It simply provides a way to prevent a misconfigured router from participating in VRRP.

 
Step 7 accept-mode{disable}


Example:

RP/0/RP0/CPU0:router# (config-vrrp-virtual-router)# accept-mode disable

 

Enters the IPv4 or IPv6 address family submode.

 
Step 8 priority priority


Example:

RP/0/RP0/CPU0:router# (config-vrrp-virtual-router)# priority 254

 

(Optional) Sets the priority of the virtual router.


  • Use the priority command to control which router becomes the master router.

  • The priority command is ignored while the router is the virtual IP address owner.

  • To remove the priority of the virtual router, use the no priority command.

 
Step 9 preempt [delay seconds] [disable]


Example:

RP/0/RP0/CPU0:router# (config-vrrp-virtual-router)# preempt delay 15

 

(Optional) Sets the priority of the virtual router.


  • Use the preempt command to control which router becomes the master router.

  • The preempt command is ignored while the router is the virtual IP address owner.

  • To disable preemption, use the no preempt command.

 
Step 10 timer [msec] interval [force]


Example:

RP/0/RP0/CPU0:router# (config-vrrp-virtual-router)# timer 4

 

(Optional) Configures the interval between successive advertisements by the master router in a Virtual Router Redundancy Protocol (VRRP) virtual router.


  • To restore the default value, use the no timer command.

Note   

We recommend configuring the same VRRPv3 timers on all VRRP routers when interoperating with other vendors.

 
Step 11 track interface type instance interface-path-id [priority-decrement]


Example:

RP/0/RP0/CPU0:router# (config-vrrp-virtual-router)# track interface TenGigE 0/0/CPU0/1 30

 

(Optional) Configures the Virtual Router Redundancy Protocol (VRRP) to track an interface.


  • Enter the no track interface type instance interface-path-id [priority-decrement] command to disable tracking.

  • Only IP interfaces are tracked.

  • A tracked interface is up if IP on that interface is up. Otherwise, the tracked interface is down.

  • You can configure VRRP to track an interface that can alter the priority level of a virtual router for a VRRP virtual router. When the IP protocol state of an interface goes down or the interface has been removed from the router, the priority of the backup virtual router is decremented by the value specified in the priority-decrement argument. When the IP protocol state on the interface returns to the up state, the priority is restored.

 
Step 12 delay [minimum seconds] [ reload seconds]


Example:

RP/0/RP0/CPU0:router# (config-vrrp-virtual-router) # delay minimum 2 reload 10

 

(Optional) Delays the startup of the state machine when an interface comes up, so that the network has time to settle and there are no unnecessary state changes early after the link comes up. The reload delay is the delay applied after the first interface up event. The minimum delay is the delay that is applied after any subsequent interface up event (if the interface flaps).

 
Step 13 Use one of the following commands:
  • end
  • commit


Example:
RP/0/RP0/CPU0:router(config)# end

or

RP/0/RP0/CPU0:router(config)# commit
 

Saves configuration changes.


  • When you issue the end command, the system prompts you to commit changes:

    Uncommitted changes found, commit them
    before exiting(yes/no/cancel)? [cancel]:
    

    • Entering yes saves configuration changes to the running configuration file, exits the configuration session, and returns the router to EXEC mode.

    • Entering no exits the configuration session and returns the router to EXEC mode without committing the configuration changes.

    • Entering cancel leaves the router in the current configuration session without exiting or committing the configuration changes.

  • Use the commit command to save the configuration changes to the running configuration file and remain within the configuration session.

 

Enabling VRRP

Use the address command to enable VRRP on an interface, as described in the sections that follow.

SUMMARY STEPS

1.    configure

2.    router vrrp

3.    interface type interface-path-id

4.    address-family {ipv4 | ipv6}

5.    vrrp vrid version { 2 | 3 }

6.    address address

7.    Use one of the following commands:

  • end
  • commit


DETAILED STEPS
  Command or Action Purpose
Step 1 configure


Example:
RP/0/RP0/CPU0:router# configure
 

Enters global configuration mode.

 
Step 2 router vrrp


Example:

RP/0/RP0/CPU0:router(config)# router vrrp

 

Enables VRRP configuration mode.

 
Step 3 interface type interface-path-id


Example:

RP/0/RP0/CPU0:router(config-vrrp)# interface TenGigE 0/2/0/1
RP/0/RP0/CPU0:router(config-vrrp-if)#

 

Enables VRRP interface configuration mode on a specific interface.

 
Step 4 address-family {ipv4 | ipv6}


Example:

RP/0/RP0/CPU0:routerconfig-vrrp-if)# address-family ipv6

 

Enters the IPv4 or IPv6 address family submode.

 
Step 5 vrrp vrid version { 2 | 3 }


Example:

RP/0/RP0/CPU0:router(config-vrrp-virtual-router)# vrrp 3 version 3
RP/0/RP0/CPU0:router(config-vrrp-virtual-router)# 

 

Enters the virtual router configuration submode.

 
Step 6 address address


Example:

RP/0/RP0/CPU0:router(config-vrrp-virtual-router)# address 10.1.0.100

 

Enables the Virtual Router Redundancy Protocol (VRRP) on an interface and specifies the IP address of the virtual router.


  • We recommend that you do not remove the VRRP configuration from the IP address owner and leave the IP address of the interface active, because duplicate IP addresses on the LAN will result.

  • To disable VRRP on the interface and remove the IP address of the virtual router, use the no address address command.

 
Step 7 Use one of the following commands:
  • end
  • commit


Example:
RP/0/RP0/CPU0:router(config)# end

or

RP/0/RP0/CPU0:router(config)# commit
 

Saves configuration changes.


  • When you issue the end command, the system prompts you to commit changes:

    Uncommitted changes found, commit them
    before exiting(yes/no/cancel)? [cancel]:
    

    • Entering yes saves configuration changes to the running configuration file, exits the configuration session, and returns the router to EXEC mode.

    • Entering no exits the configuration session and returns the router to EXEC mode without committing the configuration changes.

    • Entering cancel leaves the router in the current configuration session without exiting or committing the configuration changes.

  • Use the commit command to save the configuration changes to the running configuration file and remain within the configuration session.

 

Verifying VRRP

Use the show vrrp command to display a brief or detailed status of one or all VRRP virtual routers.

SUMMARY STEPS

1.    show vrrp [ ipv4 | ipv6 ] [ interface type instance interface-path-id [vrid]] [brief | detail | statistics [all]]


DETAILED STEPS
  Command or Action Purpose
Step 1 show vrrp [ ipv4 | ipv6 ] [ interface type instance interface-path-id [vrid]] [brief | detail | statistics [all]]


Example:

RP/0/RP0/CPU0:router # show vrrp 

 

Displays a brief or detailed status of one or all Virtual Router Redundancy Protocol (VRRP) virtual routers.


  • If no interface is specified, all virtual routers are displayed.

 

Clearing VRRP Statistics

Use the clear vrrp statistics command to clear all the software counters for the specified virtual router.

SUMMARY STEPS

1.    clear vrrp statistics [ ipv4 | ipv6 ] [interfacetype interface-path-id [vrid]]


DETAILED STEPS
  Command or Action Purpose
Step 1 clear vrrp statistics [ ipv4 | ipv6 ] [interfacetype interface-path-id [vrid]]


Example:

RP/0/RP0/CPU0:router# clear vrrp statistics 

 

Clears all software counters for the specified virtual router.


  • If no interface is specified, statistics of all virtual routers are removed.

 

Configuring accept-mode

Perform this task to disable the installation of routes for the VRRP virtual addresses.

SUMMARY STEPS

1.    configure

2.    router vrrp

3.    interface type interface-path-id

4.    address-family {ipv4 | ipv6}

5.    vrrp vrid version { 2 | 3 }

6.    accept-mode disable

7.    Use one of the following commands:

  • end
  • commit


DETAILED STEPS
  Command or Action Purpose
Step 1 configure


Example:
RP/0/RP0/CPU0:router# configure
 

Enters global configuration mode.

 
Step 2 router vrrp


Example:

RP/0/RP0/CPU0:router(config)# router vrrp

 

Enables the VRRP configuration mode.

 
Step 3 interface type interface-path-id


Example:

RP/0/RP0/CPU0:router(config-vrrp)# interface TenGigE 0/2/0/1
RP/0/RP0/CPU0:router

 

Enables the VRRP interface configuration mode on a specific interface.

 
Step 4 address-family {ipv4 | ipv6}


Example:

RP/0/RP0/CPU0:routerconfig-vrrp-if)# address-family ipv6
RP/0/RP0/CPU0:router(config-vrrp-virtual-router)#

 

Enters the IPv4 or IPv6 address family submode.

 
Step 5 vrrp vrid version { 2 | 3 }


Example:

RP/0/RP0/CPU0:router(config-vrrp-virtual-router)# vrrp 3 version 3
RP/0/RP0/CPU0:router(config-vrrp-virtual-router)# 

 

Enters the virtual router configuration submode.

 
Step 6 accept-mode disable


Example:

RP/0/RP0/CPU0:router(config-vrrp-virtual-router)# accept-mode disable

 

Disables the installation of routes for the VRRP virtual addresses.

 
Step 7 Use one of the following commands:
  • end
  • commit


Example:
RP/0/RP0/CPU0:router(config)# end

or

RP/0/RP0/CPU0:router(config)# commit
 

Saves configuration changes.


  • When you issue the end command, the system prompts you to commit changes:

    Uncommitted changes found, commit them
    before exiting(yes/no/cancel)? [cancel]:
    

    • Entering yes saves configuration changes to the running configuration file, exits the configuration session, and returns the router to EXEC mode.

    • Entering no exits the configuration session and returns the router to EXEC mode without committing the configuration changes.

    • Entering cancel leaves the router in the current configuration session without exiting or committing the configuration changes.

  • Use the commit command to save the configuration changes to the running configuration file and remain within the configuration session.

 

Configuring a Global Virtual IPv6 Address

Perform this task to configure the global virtual IPv6 address for a virtual router.

SUMMARY STEPS

1.    configure

2.    router vrrp

3.    interface type interface-path-id

4.    address-family ipv6

5.    vrrp vrid version 3

6.    address global address

7.    Use one of the following commands:

  • end
  • commit


DETAILED STEPS
  Command or Action Purpose
Step 1 configure


Example:
RP/0/RP0/CPU0:router# configure
 

Enters global configuration mode.

 
Step 2 router vrrp


Example:

RP/0/RP0/CPU0:router(config)# router vrrp

 

Enables the VRRP configuration mode.

 
Step 3 interface type interface-path-id


Example:

RP/0/RP0/CPU0:router(config-vrrp)# interface TenGigE 0/2/0/1

 

Enables the VRRP interface configuration mode on a specific interface.

 
Step 4 address-family ipv6


Example:

RP/0/RP0/CPU0:routerconfig-vrrp-if)# address-family ipv6

 

Enters the IPv4 or IPv6 address family submode.

 
Step 5 vrrp vrid version 3


Example:

RP/0/RP0/CPU0:router(config-vrrp-address-family)# vrrp 3 version 3

 

Enters the virtual router configuration submode.

 
Step 6 address global address


Example:

RP/0/RP0/CPU0:routerconfig-vrrp-virtual-router)# address global FE80::260:3EFF:FE11:6770

 

Configures the global virtual IPv6 address for a virtual router.

Note   

VRRP packet sizes are limited by the corresponding interface's Maximum Transmission Unit (MTU). This limits the maximum number of global virtual IPv6 addresses that can be supported in a single VRRP session. For example, the default MTU on gigabitEthernet interfaces would allow for a maximum of 90 VRRP global virtual IPv6 addresses in a single session. In order to have more such addresses, you need to increase the interface's MTU accordingly.

 
Step 7 Use one of the following commands:
  • end
  • commit


Example:
RP/0/RP0/CPU0:router(config)# end

or

RP/0/RP0/CPU0:router(config)# commit
 

Saves configuration changes.


  • When you issue the end command, the system prompts you to commit changes:

    Uncommitted changes found, commit them
    before exiting(yes/no/cancel)? [cancel]:
    

    • Entering yes saves configuration changes to the running configuration file, exits the configuration session, and returns the router to EXEC mode.

    • Entering no exits the configuration session and returns the router to EXEC mode without committing the configuration changes.

    • Entering cancel leaves the router in the current configuration session without exiting or committing the configuration changes.

  • Use the commit command to save the configuration changes to the running configuration file and remain within the configuration session.

 

Configuring a Primary Virtual IPv4 Address

Perform this task to configure the primary virtual IPv4 address for a virtual router.

SUMMARY STEPS

1.    configure

2.    router vrrp

3.    interface type interface-path-id

4.    address-family ipv4

5.    vrrp vrid version { 2 | 3 }

6.    address address

7.    Use one of the following commands:

  • end
  • commit


DETAILED STEPS
  Command or Action Purpose
Step 1 configure


Example:
RP/0/RP0/CPU0:router# configure
 

Enters global configuration mode.

 
Step 2 router vrrp


Example:

RP/0/RP0/CPU0:router(config)# router vrrp

 

Enables the VRRP configuration mode.

 
Step 3 interface type interface-path-id


Example:

RP/0/RP0/CPU0:router(config-vrrp)# interface TenGigE 0/2/0/1
RP/0/RP0/CPU0:router

 

Enables the VRRP interface configuration mode on a specific interface.

 
Step 4 address-family ipv4


Example:

RP/0/RP0/CPU0:routerconfig-vrrp-if)# address-family ipv4
RP/0/RP0/CPU0:router(config-vrrp-address-family)#

 

Enters the IPv4 address family submode.

 
Step 5 vrrp vrid version { 2 | 3 }


Example:

RP/0/RP0/CPU0:router(config-vrrp-address-family)# vrrp 3 version 2
RP/0/RP0/CPU0:router(config-vrrp-virtual-router)

 

Enters the virtual router configuration submode.

 
Step 6 address address


Example:

RP/0/RP0/CPU0:router(config-vrrp-virtual-router)# address 10.20.30.1

 

Configures the primary virtual IPv4 address for a virtual router.

 
Step 7 Use one of the following commands:
  • end
  • commit


Example:
RP/0/RP0/CPU0:router(config)# end

or

RP/0/RP0/CPU0:router(config)# commit
 

Saves configuration changes.


  • When you issue the end command, the system prompts you to commit changes:

    Uncommitted changes found, commit them
    before exiting(yes/no/cancel)? [cancel]:
    

    • Entering yes saves configuration changes to the running configuration file, exits the configuration session, and returns the router to EXEC mode.

    • Entering no exits the configuration session and returns the router to EXEC mode without committing the configuration changes.

    • Entering cancel leaves the router in the current configuration session without exiting or committing the configuration changes.

  • Use the commit command to save the configuration changes to the running configuration file and remain within the configuration session.

 

Configuring a Secondary Virtual IPv4 Address

Perform this task to configure the secondary virtual IPv4 address for a virtual router.

SUMMARY STEPS

1.    configure

2.    router vrrp

3.    interface type interface-path-id

4.    address-family ipv4

5.    vrrp vrid version { 2 | 3 }

6.    address address secondary

7.    Use one of the following commands:

  • end
  • commit


DETAILED STEPS
  Command or Action Purpose
Step 1 configure


Example:
RP/0/RP0/CPU0:router# configure
 

Enters global configuration mode.

 
Step 2 router vrrp


Example:

RP/0/RP0/CPU0:router(config)# router vrrp

 

Enables the VRRP configuration mode.

 
Step 3 interface type interface-path-id


Example:

RP/0/RP0/CPU0:router(config-vrrp)# interface TenGigE 0/2/0/1
RP/0/RP0/CPU0:router

 

Enables the VRRP interface configuration mode on a specific interface.

 
Step 4 address-family ipv4


Example:

RP/0/RP0/CPU0:routerconfig-vrrp-if)# address-family ipv4
RP/0/RP0/CPU0:router(config-vrrp-virtual-router)#

 

Enters the IPv4 address family submode.

 
Step 5 vrrp vrid version { 2 | 3 }


Example:

RP/0/RP0/CPU0:router(config-vrrp-virtual-router)# vrrp 3 version 3
RP/0/RP0/CPU0:router(config-vrrp-virtual-router)# 

 

Enters the virtual router configuration submode.

 
Step 6 address address secondary


Example:

RP/0/RP0/CPU0:router(config-vrrp-virtual-router)# address 10.20.30.1 secondary

 

Configures the secondary virtual IPv4 address for a virtual router.

 
Step 7 Use one of the following commands:
  • end
  • commit


Example:
RP/0/RP0/CPU0:router(config)# end

or

RP/0/RP0/CPU0:router(config)# commit
 

Saves configuration changes.


  • When you issue the end command, the system prompts you to commit changes:

    Uncommitted changes found, commit them
    before exiting(yes/no/cancel)? [cancel]:
    

    • Entering yes saves configuration changes to the running configuration file, exits the configuration session, and returns the router to EXEC mode.

    • Entering no exits the configuration session and returns the router to EXEC mode without committing the configuration changes.

    • Entering cancel leaves the router in the current configuration session without exiting or committing the configuration changes.

  • Use the commit command to save the configuration changes to the running configuration file and remain within the configuration session.

 

Configuring a Virtual Link-Local IPv6 Address

Perform this task to either configure the virtual link-local IPv6 address for a virtual router or to specify that the virtual link-local IPv6 address should be enabled and calculated automatically from the virtual router virtual Media Access Control (MAC) address.

SUMMARY STEPS

1.    configure

2.    router vrrp

3.    interface type interface-path-id

4.    address-family ipv6

5.    vrrp vrid version 3 address linklocal {address | autoconfigure}

6.    Use one of the following commands:

  • end
  • commit


DETAILED STEPS
  Command or Action Purpose
Step 1 configure


Example:
RP/0/RP0/CPU0:router# configure
 

Enters global configuration mode.

 
Step 2 router vrrp


Example:
RP/0/RP0/CPU0:router(config)# router vrrp
 

Enables the VRRP configuration mode.

 
Step 3 interface type interface-path-id


Example:

RP/0/RP0/CPU0:router(config-vrrp)# interface TenGigE 0/2/0/1

 

Enables the VRRP interface configuration mode on a specific interface.

 
Step 4 address-family ipv6


Example:

RP/0/RP0/CPU0:routerconfig-vrrp-if)# address-family ipv6

 

Enters the IPv6 address family submode.

 
Step 5 vrrp vrid version 3 address linklocal {address | autoconfigure}


Example:
RP/0/RP0/CPU0:routerconfig-vrrp-address-family)# vrrp 1 version 3 address linklocal FE80::260:3EFF:FE11:6770
RP/0/RP0/CPU0:router(config-vrrp-virtual-router)#

RP/0/RP0/CPU0:router(config-vrrp-address-family)# vrrp 1 version 3 address linklocal autoconfigure
RP/0/RP0/CPU0:router(config-vrrp-virtual-router)#
 

  • Configures the virtual link-local IPv6 address for the virtual router.

  • Specifies that the virtual link-local IPv6 address should be enabled and calculated automatically from the virtual router virtual MAC address.

Note   

You must disable IPv6 Duplicate Address Detection (DAD) on an interface when the VRRP router's virtual link-local address is the same as the interface's link-local address. When DAD is disabled, duplicate packets are not flagged as duplicates.

 
Step 6 Use one of the following commands:
  • end
  • commit


Example:
RP/0/RP0/CPU0:router(config)# end

or

RP/0/RP0/CPU0:router(config)# commit
 

Saves configuration changes.


  • When you issue the end command, the system prompts you to commit changes:

    Uncommitted changes found, commit them
    before exiting(yes/no/cancel)? [cancel]:
    

    • Entering yes saves configuration changes to the running configuration file, exits the configuration session, and returns the router to EXEC mode.

    • Entering no exits the configuration session and returns the router to EXEC mode without committing the configuration changes.

    • Entering cancel leaves the router in the current configuration session without exiting or committing the configuration changes.

  • Use the commit command to save the configuration changes to the running configuration file and remain within the configuration session.

 

Disabling State Change Logging

Perform this task to disable the task of logging the VRRP state change events via syslog.

SUMMARY STEPS

1.    configure

2.    router vrrp

3.    message state disable

4.    Use one of the following commands:

  • end
  • commit


DETAILED STEPS
  Command or Action Purpose
Step 1 configure


Example:
RP/0/RP0/CPU0:router# configure
 

Enters global configuration mode.

 
Step 2 router vrrp


Example:

RP/0/RP0/CPU0:router(config)# router vrrp

 

Enables the VRRP configuration mode.

 
Step 3 message state disable


Example:

RP/0/RP0/CPU0:router(config-vrrp)# message state disable
RP/0/RP0/CPU0:router(config-vrrp)# 

 

Disables the task of logging the VRRP state change events via syslog.

 
Step 4 Use one of the following commands:
  • end
  • commit


Example:
RP/0/RP0/CPU0:router(config)# end

or

RP/0/RP0/CPU0:router(config)# commit
 

Saves configuration changes.


  • When you issue the end command, the system prompts you to commit changes:

    Uncommitted changes found, commit them
    before exiting(yes/no/cancel)? [cancel]:
    

    • Entering yes saves configuration changes to the running configuration file, exits the configuration session, and returns the router to EXEC mode.

    • Entering no exits the configuration session and returns the router to EXEC mode without committing the configuration changes.

    • Entering cancel leaves the router in the current configuration session without exiting or committing the configuration changes.

  • Use the commit command to save the configuration changes to the running configuration file and remain within the configuration session.

 

BFD for VRRP

Bidirectional Forwarding Detection (BFD) is a network protocol used to detect faults between two forwarding engines. BFD sessions can operate in one of the two modes, namely, asynchronous mode or demand mode. In asynchronous mode, both endpoints periodically send hello packets to each other. If a number of those packets are not received, the session is considered down. In demand mode, it is not mandatory to exchange hello packets; either of the hosts can send hello messages, if needed. Cisco supports the BFD asynchronous mode.

Advantages of BFD


  • BFD provides failure detection in less than one second.

  • BFD supports all types of encapsulation.

  • BFD is not tied to any particular routing protocol, supports almost all routing protocols.

BFD Process

VRRP uses BFD to detect link failure and facilitate fast failover times without excessive control packet overhead.

The VRRP process creates BFD sessions as required. When a BFD session goes down, each backup group monitoring the session transitions to Master state.

VRRP does not participate in any state elections for 10 seconds after a transition to Master state triggered by a BFD session going down.

Configuring BFD

For VRRP, configuration is applied under the existing VRRP-interface sub-mode, with BFD fast failure configurable per VRRP vrouter and the timers (minimum-interface and multiplier) configurable per interface. BFD fast failure detection is disabled by default.

Enabling Bidirectional Forward Detection

SUMMARY STEPS

1.    configure

2.    router vrrp

3.    interface type interface-path-id

4.    address-family {ipv4 | ipv6}

5.    vrrp vrid version { 2 | 3 }bfd fast-detect peer {ipv4 | ipv6} address

6.    Use one of the following commands:

  • end
  • commit


DETAILED STEPS
  Command or Action Purpose
Step 1 configure


Example:
RP/0/RP0/CPU0:router# configure
 

Enters global configuration mode.

 
Step 2 router vrrp


Example:

RP/0/RP0/CPU0:router(config)# router vrrp

 

Enables the VRRP configuration mode.

 
Step 3 interface type interface-path-id


Example:

RP/0/RP0/CPU0:router(config-vrrp)# interface TenGigE 0/2/0/1 

 

Enables the VRRP interface configuration mode on a specific interface.

 
Step 4 address-family {ipv4 | ipv6}


Example:

RP/0/RP0/CPU0:router(config-vrrp-if)# address-family ipv4

 

(Optional) Enables the address-family configuration mode on a specific interface.

 
Step 5 vrrp vrid version { 2 | 3 }bfd fast-detect peer {ipv4 | ipv6} address


Example:

RP/0/RP0/CPU0:router(config-vrrp-if)# vrrp 100 version 3 bfd fast-detect peer ipv6 10:20::10

 

Enables BFD fast detection on the VRRP interface.

Note   

BFD is suitable only for a two-router redundant system.

 
Step 6 Use one of the following commands:
  • end
  • commit


Example:
RP/0/RP0/CPU0:router(config)# end

or

RP/0/RP0/CPU0:router(config)# commit
 

Saves configuration changes.


  • When you issue the end command, the system prompts you to commit changes:

    Uncommitted changes found, commit them
    before exiting(yes/no/cancel)? [cancel]:
    

    • Entering yes saves configuration changes to the running configuration file, exits the configuration session, and returns the router to EXEC mode.

    • Entering no exits the configuration session and returns the router to EXEC mode without committing the configuration changes.

    • Entering cancel leaves the router in the current configuration session without exiting or committing the configuration changes.

  • Use the commit command to save the configuration changes to the running configuration file and remain within the configuration session.

 

Modifying BFD timers (minimum interval)

Minimum interval determines the frequency of sending BFD packets to BFD peers (in milliseconds). The default minimum interval is 15ms.

SUMMARY STEPS

1.    configure

2.    router vrrp

3.    interface type interface-path-id

4.    address-family {ipv4 | ipv6}

5.    vrrp vrid version { 2 | 3 }

6.    bfd minimum-interval interval

7.    Use one of the following commands:

  • end
  • commit


DETAILED STEPS
  Command or Action Purpose
Step 1 configure


Example:
RP/0/RP0/CPU0:router# configure
 

Enters global configuration mode.

 
Step 2 router vrrp


Example:

RP/0/RP0/CPU0:router(config)# router vrrp

 

Enables VRRP configuration mode.

 
Step 3 interface type interface-path-id


Example:

RP/0/RP0/CPU0:router(config-vrrp)# interface TenGigE 0/2/0/1 

 

Enables VRRP interface configuration mode on a specific interface.

 
Step 4 address-family {ipv4 | ipv6}


Example:

RP/0/RP0/CPU0:routerconfig-vrrp-if)# address-family ipv6

 

Enters the IPv4 or IPv6 address family submode.

 
Step 5 vrrp vrid version { 2 | 3 }


Example:

RP/0/RP0/CPU0:router(config-vrrp-virtual-router)# vrrp 3 version 3
RP/0/RP0/CPU0:router(config-vrrp-virtual-router)# 

 

Enters the virtual router configuration submode.

 
Step 6 bfd minimum-interval interval


Example:

RP/0/RP0/CPU0:router(config-vrrp-virtual-router)# bfd minimum-interval

 

Sets the minimum interval to the specified period. The interval is in milliseconds; range is 15 to 30000 milliseconds.

 
Step 7 Use one of the following commands:
  • end
  • commit


Example:
RP/0/RP0/CPU0:router(config)# end

or

RP/0/RP0/CPU0:router(config)# commit
 

Saves configuration changes.


  • When you issue the end command, the system prompts you to commit changes:

    Uncommitted changes found, commit them
    before exiting(yes/no/cancel)? [cancel]:
    

    • Entering yes saves configuration changes to the running configuration file, exits the configuration session, and returns the router to EXEC mode.

    • Entering no exits the configuration session and returns the router to EXEC mode without committing the configuration changes.

    • Entering cancel leaves the router in the current configuration session without exiting or committing the configuration changes.

  • Use the commit command to save the configuration changes to the running configuration file and remain within the configuration session.

 

Modifying BFD timers (multiplier)

Multiplier is the number of consecutive BFD packets which must be missed from a BFD peer before declaring that peer unavailable. The default multiplier is 3.

SUMMARY STEPS

1.    configure

2.    router vrrp

3.    interface type interface-path-id

4.    address-family {ipv4 | ipv6}

5.    vrrp vrid version { 2 | 3 }

6.    bfd multiplier multiplier

7.    Use one of the following commands:

  • end
  • commit


DETAILED STEPS
  Command or Action Purpose
Step 1 configure


Example:
RP/0/RP0/CPU0:router# configure
 

Enters global configuration mode.

 
Step 2 router vrrp


Example:

RP/0/RP0/CPU0:router(config)# router vrrp

 

Enables VRRP configuration mode.

 
Step 3 interface type interface-path-id


Example:

RP/0/RP0/CPU0:router(config-vrrp)# interface TenGigE 0/2/0/1 

 

Enables VRRP interface configuration mode on a specific interface.

 
Step 4 address-family {ipv4 | ipv6}


Example:

RP/0/RP0/CPU0:routerconfig-vrrp-if)# address-family ipv6

 

Enters the IPv4 or IPv6 address family submode.

 
Step 5 vrrp vrid version { 2 | 3 }


Example:

RP/0/RP0/CPU0:router(config-vrrp-virtual-router)# vrrp 3 version 3
RP/0/RP0/CPU0:router(config-vrrp-virtual-router)# 

 

Enters the virtual router configuration submode.

 
Step 6 bfd multiplier multiplier


Example:

RP/0/RP0/CPU0:router(config-vrrp-if)# bfd multiplier

 

Sets the multiplier to the value. Range is 2 to 50.

 
Step 7 Use one of the following commands:
  • end
  • commit


Example:
RP/0/RP0/CPU0:router(config)# end

or

RP/0/RP0/CPU0:router(config)# commit
 

Saves configuration changes.


  • When you issue the end command, the system prompts you to commit changes:

    Uncommitted changes found, commit them
    before exiting(yes/no/cancel)? [cancel]:
    

    • Entering yes saves configuration changes to the running configuration file, exits the configuration session, and returns the router to EXEC mode.

    • Entering no exits the configuration session and returns the router to EXEC mode without committing the configuration changes.

    • Entering cancel leaves the router in the current configuration session without exiting or committing the configuration changes.

  • Use the commit command to save the configuration changes to the running configuration file and remain within the configuration session.

 

MIB support for VRRP

VRRP enables one or more IP addresses to be assumed by a router when a failure occurs. For example, when IP traffic from a host reaches a failed router because the failed router is the default gateway, the traffic is transparently forwarded by the VRRP router that has assumed control. VRRP does not require configuration of dynamic routing or router discovery protocols on every end host. The VRRP router controlling the IP address(es) associated with a virtual router is called the master, and forwards packets sent to these IP addresses. The election process provides dynamic fail over(standby) in the forwarding responsibility should the master become unavailable. This allows any of the virtual router IP addresses on the LAN to be used as the default first hop router by end-hosts.The advantage gained from using VRRP is a higher availability default path without requiring configuration of dynamic routing or router discovery protocols on every end-host. SNMP traps provide information of the state changes, when the virtual routers(in standby) are moved to master state or if the standby router is made master.

Configuring SNMP server notifications for VRRP events

The snmp-server traps vrrp events command enables the Simple Network Management Protocol (SNMP) server notifications (traps) for VRRP.

SUMMARY STEPS

1.    configure

2.    snmp-server traps vrrp events

3.    Use one of the following commands:

  • end
  • commit


DETAILED STEPS
  Command or Action Purpose
Step 1 configure


Example:
RP/0/RP0/CPU0:router# configure
 

Enters global configuration mode.

 
Step 2 snmp-server traps vrrp events


Example:

RP/0/RP0/CPU0:router(config)snmp-server traps vrrp events 

 

Enables the SNMP server notifications for VRRP.

 
Step 3 Use one of the following commands:
  • end
  • commit


Example:
RP/0/RP0/CPU0:router(config)# end

or

RP/0/RP0/CPU0:router(config)# commit
 

Saves configuration changes.


  • When you issue the end command, the system prompts you to commit changes:

    Uncommitted changes found, commit them
    before exiting(yes/no/cancel)? [cancel]:
    

    • Entering yes saves configuration changes to the running configuration file, exits the configuration session, and returns the router to EXEC mode.

    • Entering no exits the configuration session and returns the router to EXEC mode without committing the configuration changes.

    • Entering cancel leaves the router in the current configuration session without exiting or committing the configuration changes.

  • Use the commit command to save the configuration changes to the running configuration file and remain within the configuration session.

 

Hot Restartability for VRRP

In the event of failure of a VRRP process in one group, forced failovers in peer VRRP master router groups should be prevented. Hot restartability supports warm RP failover without incurring forced failovers to peer VRRP routers.

Configuration Examples for VRRP Implementation on Cisco IOS XR Software

This section provides the following VRRP configuration examples:

Configuring a VRRP Group: Example

This section provides the following configuration example of Router A and Router B, each belonging to three VRRP groups:

Router A:


config
interface tenGigE 0/4/0/4
ipv4 address 10.1.0.1/24
exit
router vrrp
interface tenGigE 0/4/0/4
address-family ipv4
vrrp 1 version 2
priority 120
text-authentication cisco
timer 3
address 10.0.0.100
vrrp 5 version 2
timer 30
address 10.0.0.105
vrrp 5 version 2
preempt disable
address 10.0.0.200
commit

Router B:


config
interface tenGigE 0/4/0/4
ipv4 address 10.1.0.2/24
exit
router vrrp
interface tenGigE 0/4/0/4
address-family ipv4
vrrp 1 version 2
priority 100
text-authentication cisco
timer 3
address 10.0.0.100
vrrp 5 version 2
priority 200
timer 30
address 10.0.0.105
vrrp 5 version 2
preempt disable
address 10.0.0.200
commit

In the configuration example, each group has the following properties:


  • Virtual Router 1:
    • Virtual IP address is 10. 0.0. 100.

    • Router A will become the master for this group with priority 120.

    • Advertising interval is 3 seconds.

    • Preemption is enabled.

    • Authentication is enabled.

  • Virtual Router 5:
    • Virtual IP address is 10.0.0.105.

    • Whichever router comes up first will become master (as preemption is disabled).

    • Advertising interval is 30 seconds.

    • Preemption is disabled.

    • Authentication is disabled.

  • Virtual Router 100:
    • Virtual IP address is 10.0.0.200.

    • Router B will become master for this group first, because it has a higher interface IP address (10.0.0.2).

    • Advertising interval is the default 1 second.

    • Preemption is enabled.

    • Authentication is disabled.

Clearing VRRP Statistics: Example

The clear vrrp statistics command produces no output of its own. The command modifies the statistics given by show vrrp statistics command so that all the statistics are reset to zero.

The following section provides examples of the output of the show vrrp statistics command followed by the clear vrrp statistics command:

Additional References

The following sections provide references related to VRRP.

Related Documents

Related Topic

Document Title

QoS commands: complete command syntax, command modes, command history, defaults, usage guidelines, and examples

Quality of Service Commands on Cisco IOS XR Modular Quality of Service Command Reference for the Cisco CRS Router

Class-based traffic shaping, traffic policing, low-latency queuing, and Modified Deficit Round Robin (MDRR)

Configuring Modular Quality of Service Congestion Management on Cisco IOS XR Modular Quality of Service Configuration Guide for the Cisco CRS Router

WRED, RED, and tail drop

Configuring Modular QoS Congestion Avoidance on Cisco IOS XR Modular Quality of Service Configuration Guide for the Cisco CRS Router

VRRP commands

VRRP Commands on Cisco IOS XR IP Addresses and Services Command Reference for the Cisco CRS Router

master command reference

Cisco IOS XR Commands Master List for the Cisco CRS Router

getting started material

Cisco IOS XR Getting Started Guide for the Cisco CRS Router

Information about user groups and task IDs

Configuring AAA Services on Cisco IOS XR System Security Configuration Guide for the Cisco CRS Router

Standards

Standards

Title

No new or modified standards are supported by this feature, and support for existing standards has not been modified by this feature.

MIBs

MIBs

MIBs Link

To locate and download MIBs, use the Cisco MIB Locator found at the following URL and choose a platform under the Cisco Access Products menu: http://cisco.com/public/sw-center/netmgmt/cmtk/mibs.shtml

RFCs

RFCs

Title

No new or modified RFCs are supported by this feature, and support for existing RFCs has not been modified by this feature.

Technical Assistance

Description

Link

The Cisco Technical Support website contains thousands of pages of searchable technical content, including links to products, technologies, solutions, technical tips, and tools. Registered Cisco.com users can log in from this page to access even more content.

http://www.cisco.com/techsupport