First Hop Redundancy Protocols Configuration Guide, Cisco IOS XE Release 3S
VRRPv3 Protocol Support
Download this chapter
VRRPv3 Protocol SupportVRRPv3 Protocol Support
Download the complete book
First Hop Redundancy Protocols Configuration Guide, Cisco IOS XE Release 3SFirst Hop Redundancy Protocols Configuration Guide, Cisco IOS XE Release 3S (PDF - 1 MB)
 Feedback

Contents

VRRPv3 Protocol Support

Last Updated: December 2, 2012

Virtual Router Redundancy Protocol (VRRP) enables a group of routers to form a single virtual router to provide redundancy. The LAN clients can then be configured with the virtual router as their default gateway. The virtual router, representing a group of routers, is also known as a VRRP group. The VRRP version 3 (v3) Protocol Support feature provides the capability to support IPv4 and IPv6 addresses while VRRP version 2 (v2) only supports IPv4 addresses. This module explains concepts related to VRRPv3 and describes how to create and customize a VRRP group in a network. Benefits of using VRRPv3 Protocol Support include the following:
  • Interoperability in multi-vendor environments.
  • VRRPv3 supports usage of IPv4 and IPv6 addresses while VRRPv2 only supports IPv4 addresses
  • Improved scalability through the use of VRRS Pathways.

Note
In this module, VRRP and VRRPv3 are used interchangeably.

Finding Feature Information

Your software release may not support all the features documented in this module. For the latest caveats and feature information, see Bug Search Tool and the release notes for your platform and software release. To find information about the features documented in this module, and to see a list of the releases in which each feature is supported, see the feature information table at the end of this module.

Use Cisco Feature Navigator to find information about platform support and Cisco software image support. To access Cisco Feature Navigator, go to www.cisco.com/go/cfn. An account on Cisco.com is not required.

Restrictions for VRRPv3 Protocol Support

  • VRRPv3 is not intended as a replacement for existing dynamic protocols. VRRPv3 is designed for use over multi-access, multicast, or broadcast capable Ethernet LANs.
  • VRRPv3 is supported on Ethernet, Fast Ethernet, Bridge Group Virtual Interface (BVI), and Gigabit Ethernet interfaces, and on Multiprotocol Label Switching (MPLS) Virtual Private Networks (VPNs), VRF-aware MPLS VPNs, and VLANs.
  • Because of the forwarding delay that is associated with the initialization of a BVI interface, you must not configure the VRRPv3 advertise timer to a value lesser than the forwarding delay on the BVI interface. If you configure the VRRPv3 advertise timer to a value equal to or greater than the forwarding delay on the BVI interface, the setting prevents a VRRP router on a recently initialized BVI interface from unconditionally taking over the master role. Use the bridge forward-time command to set the forwarding delay on the BVI interface. Use the vrrp timers advertise command to set the VRRP advertisement timer.
  • VRRPv3 does not support Stateful Switchover (SSO).
  • Full network redundancy can only be achieved if VRRP operates over the same network path as the VRRS Pathway redundant interfaces. For full redundancy, the following restrictions apply:
    • VRRS pathways should not share a different physical interface as the parent VRRP group or be configured on a sub-interface having a different physical interface as the parent VRRP group.
    • VRRS pathways should not be configured on Switch Virtual Interface (SVI) interfaces as long as the associated VLAN does not share the same trunk as the VLAN on which the parent VRRP group is configured.

Information About VRRPv3 Protocol Support

VRRPv3 Benefits

Support for IPv4 and IPv6

VRRPv3 supports IPv4 and IPv6 address families while VRRPv2 only supports IPv4 addresses.

Note
When VRRPv3 is in use, VRRPv2 is unavailable. For VRRPv3 to be configurable, the fhrp version vrrp v3 command must be used in global configuration mode

Redundancy

VRRP enables you to configure multiple routers as the default gateway router, which reduces the possibility of a single point of failure in a network.

Load Sharing

You can configure VRRP in such a way that traffic to and from LAN clients can be shared by multiple routers, thereby sharing the traffic load more equitably between available routers.

Multiple Virtual Routers

VRRP supports up to 255 virtual routers (VRRP groups) on a router physical interface, subject to restrictions in scaling. Multiple virtual router support enables you to implement redundancy and load sharing in your LAN topology. In scaled environments, VRRS Pathways should be used in combination with VRRP control groups.

Multiple IP Addresses

The virtual router can manage multiple IP addresses, including secondary IP addresses. Therefore, if you have multiple subnets configured on an Ethernet interface, you can configure VRRP on each subnet.

Note
To utilize secondary IP addresses in a VRRP group, a primary address must be configured on the same group.

Preemption

The redundancy scheme of VRRP enables you to preempt a virtual router backup that has taken over for a failing virtual router master with a higher priority virtual router backup that has become available.

Note
Preemption of a lower priority master router is enabled with an optional delay.

Advertisement Protocol

VRRP uses a dedicated Internet Assigned Numbers Authority (IANA) standard multicast address for VRRP advertisements. For IPv4, the multicast address is 224.0.0.18. For IPv6, the multicast address is FF02:0:0:0:0:0:0:12. This addressing scheme minimizes the number of routers that must service the multicasts and allows test equipment to accurately identify VRRP packets on a segment. The IANA has assigned VRRP the IP protocol number 112.

VRRP Router Priority and Preemption

An important aspect of the VRRP redundancy scheme is VRRP router priority. Priority determines the role that each VRRP router plays and what happens if the virtual router master fails.

If a VRRP router owns the IP address of the virtual router and the IP address of the physical interface, this router will function as a virtual router master.

Priority also determines if a VRRP router functions as a virtual router backup and the order of ascendancy to becoming a virtual router master if the virtual router master fails. You can configure the priority of each virtual router backup with a value of 1 through 254 using the priority command (use the vrrp address-family command to enter the VRRP configuration mode and access the priority option).

For example, if router A, the virtual router master in a LAN topology, fails, an election process takes place to determine if virtual router backups B or C should take over. If routers B and C are configured with the priorities of 101 and 100, respectively, router B is elected to become virtual router master because it has the higher priority. If routers B and C are both configured with the priority of 100, the virtual router backup with the higher IP address is elected to become the virtual router master.

By default, a preemptive scheme is enabled whereby a higher priority virtual router backup that becomes available takes over from the virtual router backup that was elected to become virtual router master. You can disable this preemptive scheme using the no preempt command (use the vrrp address-family command to enter the VRRP configuration mode, and enter the no preempt command). If preemption is disabled, the virtual router backup that is elected to become virtual router master remains the master until the original virtual router master recovers and becomes master again.


Note
Preemption of a lower priority master router is enabled with an optional delay.

VRRP Advertisements

The virtual router master sends VRRP advertisements to other VRRP routers in the same group. The advertisements communicate the priority and state of the virtual router master. The VRRP advertisements are encapsulated into either IPv4 or IPv6 packets (based on the VRRP group configuration) and sent to the appropriate multicast address assigned to the VRRP group. For IPv4, the multicast address is 224.0.0.18. For IPv6, the multicast address is FF02:0:0:0:0:0:0:12. The advertisements are sent every second by default and the interval is configurable.

Cisco routers allow you to configure millisecond timers, which is a change from VRRPv2. You need to manually configure the millisecond timer values on both the primary and the backup routers. The master advertisement value displayed in the show vrrp command output on the backup routers is always 1 second because the packets on the backup routers do not accept millisecond values.

You must use millisecond timers where absolutely necessary and with careful consideration and testing. Millisecond values work only under favorable circumstances. The use of the millisecond timer values is compatible with third party vendors, as long as they also support VRRPv3. You can specify a timer value between 100 milliseconds and 40000 milliseconds.

How to Configure VRRPv3 Protocol Support

Enabling VRRPv3 on a Router

To enable VRRPv3 on a router, perform the following task:

SUMMARY STEPS

1.    enable

2.    configure terminal

3.    fhrp version vrrp v3

4.    end


DETAILED STEPS
 Command or ActionPurpose
Step 1
enable


Example:

Router> enable

 

Enables privileged EXEC mode.

  • Enter your password if prompted.
 
Step 2
configure terminal


Example:

Router# configure terminal

 

Enters global configuration mode.

 
Step 3
fhrp version vrrp v3


Example:

Router(config)# fhrp version vrrp v3

 

Enables the ability to configure VRRPv3 and VRRS.

Note   When VRRPv3 is in use, VRRPv2 is unavailable.
 
Step 4
end


Example:

Router(config)# end

 

Returns to privileged EXEC mode.

 

Creating and Customizing a VRRP Group

To create a VRRP group, perform the following task. Steps 6 to 14 denote customizing options for the group, and they are optional:

SUMMARY STEPS

1.    enable

2.    configure terminal

3.    fhrp version vrrp v3

4.    interface type number

5.    vrrp group-id address-family {ipv4 | ipv6}

6.    address ip-address [primary | secondary]

7.    description group-description

8.    match-address

9.    preempt delay minimum seconds

10.    priority priority-level

11.    timers advertise interval

12.    vrrpv2

13.    vrrs leader vrrs-leader-name

14.    shutdown

15.    end


DETAILED STEPS
 Command or ActionPurpose
Step 1
enable


Example:

Router> enable

 

Enables privileged EXEC mode.

  • Enter your password if prompted.
 
Step 2
configure terminal


Example:

Router# configure terminal

 

Enters global configuration mode.

 
Step 3
fhrp version vrrp v3


Example:

Router(config)# fhrp version vrrp v3

 

Enables the ability to configure VRRPv3 and VRRS.

Note   When VRRPv3 is in use, VRRPv2 is unavailable.
 
Step 4
interface type number


Example:

Router(config)# interface GigabitEthernet 0/0/0

 

Enters interface configuration mode.

 
Step 5
vrrp group-id address-family {ipv4 | ipv6}


Example:

Router(config-if)# vrrp 3 address-family ipv4

 

Creates a VRRP group and enters VRRP configuration mode.

 
Step 6
address ip-address [primary | secondary]


Example:

Router(config-if-vrrp)# address 100.0.1.10 primary

 

(Optional) Specifies a primary or secondary address for the VRRP group.

 
Step 7
description group-description


Example:

Router(config-if-vrrp)# description group 3

 

(Optional) Specifies a description for the VRRP group.

 
Step 8
match-address


Example:

Router(config-if-vrrp)# match-address

 

(Optional) Matches secondary address in the advertisement packet against the configured address.

  • Secondary address matching is enabled by default.
 
Step 9
preempt delay minimum seconds


Example:

Router(config-if-vrrp)# preempt delay minimum 30

 

(Optional) Enables preemption of lower priority master router with an optional delay.

  • Preemption is enabled by default.
 
Step 10
priority priority-level


Example:

Router(config-if-vrrp)# priority 3

 

(Optional) Specifies the priority value of the VRRP group.

  • The priority of a VRRP group is 100 by default.
 
Step 11
timers advertise interval


Example:

Router(config-if-vrrp)# timers advertise 1000

 

(Optional) Sets the advertisement timer in milliseconds.

  • The advertisement timer is set to 1000 milliseconds by default.
 
Step 12
vrrpv2


Example:

Router(config-if-vrrp)# vrrpv2

 

(Optional) Enables support for VRRPv2 simultaneously, so as to interoperate with routers which only support VRRP v2.

  • VRRPv2 is disabled by default.
 
Step 13
vrrs leader vrrs-leader-name


Example:

Router(config-if-vrrp)# vrrs leader leader-1

 

(Optional) Specifies a leader's name to be registered with VRRS and to be used by followers.

  • A registered VRRS name is unavailable by default.
 
Step 14
shutdown


Example:

Router(config-if-vrrp)# shutdown

 

(Optional) Disables VRRP configuration for the VRRP group.

  • VRRP configuration is enabled for a VRRP group by default.
 
Step 15
end


Example:

Router(config)# end

 

Returns to privileged EXEC mode.

 

Configuring the Delay Period Before FHRP Client Initialization

To configure the delay period before the initialization of all FHRP clients on an interface, perform the following task:

SUMMARY STEPS

1.    enable

2.    configure terminal

3.    fhrp version vrrp v3

4.    interface type number

5.    fhrp delay {[minimum] [reload] seconds}

6.    end


DETAILED STEPS
 Command or ActionPurpose
Step 1
enable


Example:

Router> enable

 

Enables privileged EXEC mode.

  • Enter your password if prompted.
 
Step 2
configure terminal


Example:

Router# configure terminal

 

Enters global configuration mode.

 
Step 3
fhrp version vrrp v3


Example:

Router(config)# fhrp version vrrp v3

 

Enables the ability to configure VRRPv3 and VRRS.

Note   When VRRPv3 is in use, VRRPv2 is unavailable.
 
Step 4
interface type number


Example:

Router(config)# interface GigabitEthernet 0/0/0

 

Enters interface configuration mode.

 
Step 5
fhrp delay {[minimum] [reload] seconds}


Example:

Router(config-if)# fhrp delay minimum 5

 

Specifies the delay period for the initialization of FHRP clients after an interface comes up.

  • The range is 0-3600 seconds.
 
Step 6
end


Example:

Router(config)# end

 

Returns to privileged EXEC mode.

 

Configuration Examples for VRRPv3 Protocol Support

Example: Enabling VRRPv3 on a Router

The following example shows how to enable VRRPv3 on a router: 

Device> enable
Device# configure terminal
Device(config)# fhrp version vrrp v3
Device(config-if-vrrp)# end

Example: Creating and Customizing a VRRP Group

The following example shows how to create and customize a VRRP group: 

Device> enable
Device# configure terminal
Device(config)# fhrp version vrrp v3
Device(config)# interface gigabitethernet0/0
Device(config-if)# vrrp 3 address-family ipv4
Device(config-if-vrrp)# address 100.0.1.10 primary
Device(config-if-vrrp)# description group 3
Device(config-if-vrrp)# match-address  
Device(config-if-vrrp)# preempt delay minimum 30
Device(config-if-vrrp)# end

Note
In the above example, the fhrp version vrrp v3 command is used in the global configuration mode.

Example: Configuring the Delay Period Before FHRP Client Initialization

The following example shows how to configure the delay period before FHRP client initialization : 

Device> enable
Device# configure terminal
Device(config)# fhrp version vrrp v3
Device(config)# interface gigabitethernet0/0
Device(config-if)# fhrp delay minimum 5
Device(config-if-vrrp)# end

Note
In the above example, a five-second delay period is specified for the initialization of FHRP clients after the interface comes up. You can specify a delay period between 0 and 3600 seconds.

Example: VRRP Status, Configuration, and Statistics Details

The following is a sample output of the status, configuration and statistics details for a VRRP group: 

Device> enable
Device# show vrrp detail

 Ethernet0/0 - Group 1 - Address-Family IPv4

 State is MASTER
 State duration 3.707 secs
 Virtual IP address is 1.0.0.10
 Virtual MAC address is 0000.5E00.0101
 Advertisement interval is 1000 msec
 Preemption enabled
 Priority is 100
 Master Router is 1.0.0.1 (local), priority is 100
 Master Advertisement interval is 1000 msec (expires in 686 msec)
 Master Down interval is unknown
 State is MASTER
 State duration 3.707 secs
 VRRPv3 Advertisements: sent 5 (errors 0) - rcvd 0
 VRRPv2 Advertisements: sent 0 (errors 0) - rcvd 0
 Group Discarded Packets: 0
   VRRPv2 incompatibility: 0
   IP Address Owner conflicts: 0
   Invalid address count: 0
   IP address configuration mismatch : 0
   Invalid Advert Interval: 0
   Adverts received in Init state: 0
   Invalid group other reason: 0
 Group State transition:
   Init to master: 0
   Init to backup: 1 (Last change Mon Jul 30 16:42:01.856)
   Backup to master: 1 (Last change Mon Jul 30 16:42:05.469)
   Master to backup: 0
   Master to init: 0
   Backup to init: 0

Device# exit

Additional References

Related Documents

Related Topic Document Title

Cisco IOS commands

Master Commands List, All Releases

FHRP commands

First Hop Redundancy Protocols Command Reference

Configuring VRRPv2

Configuring VRRP

Standards and RFCs

Standard/RFC Title

RFC5798

Virtual Router Redundancy Protocol

Technical Assistance

Description Link

The Cisco Support and Documentation website provides online resources to download documentation, software, and tools. Use these resources to install and configure the software and to troubleshoot and resolve technical issues with Cisco products and technologies. Access to most tools on the Cisco Support and Documentation website requires a Cisco.com user ID and password.

http://www.cisco.com/cisco/web/support/index.html

Feature Information for VRRPv3 Protocol Support

The following table provides release information about the feature or features described in this module. This table lists only the software release that introduced support for a given feature in a given software release train. Unless noted otherwise, subsequent releases of that software release train also support that feature.

Use Cisco Feature Navigator to find information about platform support and Cisco software image support. To access Cisco Feature Navigator, go to www.cisco.com/go/cfn. An account on Cisco.com is not required.

Table 1Feature Information for VRRPv3 Protocol Support
Feature Name Releases Feature Information

VRRPv3 Protocol Support

Cisco IOS XE Release 3.8S

VRRP enables a group of routers to form a single virtual router to provide redundancy. The LAN clients can then be configured with the virtual router as their default gateway. The virtual router, representing a group of routers, is also known as a VRRP group. The VRRPv3 Protocol Support feature provides the capability to support IPv4 and IPv6 addresses.

The following commands were introduced or modified: fhrp delay, show vrrp, vrrp address-family.

Glossary

Virtual IP address owner--The VRRP router that owns the IP address of the virtual router. The owner is the router that has the virtual router address as its physical interface address.

Virtual router--One or more VRRP routers that form a group. The virtual router acts as the default gateway router for LAN clients. The virtual router is also known as a VRRP group.

Virtual router backup--One or more VRRP routers that are available to assume the role of forwarding packets if the virtual router master fails.

Virtual router master--The VRRP router that is currently responsible for forwarding packets sent to the IP addresses of the virtual router. Usually, the virtual router master also functions as the IP address owner.

VRRP router--A router that is running VRRP.

© 2012 Cisco Systems, Inc. All rights reserved.