Explains VRRP interface tracking concepts, providing an overview of functionality, operational mechanisms, and the network scenarios enhanced by interface tracking.
A Virtual Router Redundancy Protocol (VRRP) is a LAN-side protocol that
-
provides redundant gateway service for switches and IP end stations,
-
allows configuration on interfaces and subinterfaces using templates, and
-
supports failover and election of a new primary router based on interface state, OMP session, or remote prefix reachability.
In Cisco Catalyst SD-WAN, VRRP is configured on service-side VPN interfaces or subinterfaces (excluding reserved VPNs 0 and 512), with each group identified by a unique number and assigned an IP address.
The protocol enables up to 512 groups per router, with priority values determining primary router election. Failover can be triggered by interface status, three consecutive advertisements missed, OMP session loss, or loss of prefix reachability, ensuring continuous gateway service.
For VRRP to function with IEEE 802.1Q tagging, MTU adjustments may be necessary.
This is not applicable from Cisco IOS XE Catalyst SD-WAN Release 17.4.1a and later, where physical and subinterfaces can share the same MTU.
-
If the primary VRRP goes down, traffic is redirected to the secondary VRRP, which then becomes the primary gateway.
-
VRRP is configured per interface or subinterface within a service-side VPN; reserved VPNs (0, 512) are not supported except for physical interface configuration.
-
Each VRRP group requires a unique group number and IP address, with a maximum of 512 groups per router.
-
Routers in the same VRRP group act as a single virtual router; the router with the highest priority (1–254, default 100) becomes primary.
-
Advertisement messages are sent by the primary every 1–3600 seconds (default: every second).
-
The x710 NIC must have the
t->system-> vrrp-advt-with-phymaccommand configured, for VRRP to function.