VRRP, Virtual Router Redundancy Protocol

Virtual Router Redundancy Protocol (VRRP)

VRRP Introduction

There are a number of methods that an end-host can use to determine its first hop router towards a particular IP destination. These include running (or snooping) a dynamic routing protocol such as RIP or OSPF, running an ICMP router discovery client or using a statically configured default route. Running a dynamic routing protocol on every end-host may be infeasible for a number of reasons. Neighbor or router discovery protocols may require active participation by all hosts on a network. The use of a statically configured default route is quite popular; it minimizes configuration and processing overhead on the end-host and is supported by virtually every IP implementation. The Virtual Router Redundancy Protocol (VRRP) is designed to eliminate the single point of failure inherent in the static default routed environment.

VRRP Operation

The usage of default gateway route configuration on hosts (either static or through DHCP) is very common. But this creates a single point of failure. If the default router is down, all end-hosts will be isolated. VRRP is designed to overcome this. The default gateway IP address is owned by one or more "virtual" routers implementing this protocol; only one will be the Master. When Master router goes down, the Backup router takes over as Master and forwards packets from the hosts. The Master virtual router sends periodic VRRP Advertisement messages which are monitored by the Backup routers. As the MAC address associated with an IP address need to be unique, VRRP routers use a special MAC address - Virtual Router MAC address (00-00-5E-00-01-x, where x is the last octet with value between 1 and 255). When a virtual router becomes Master it will broadcast a gratuitous ARP request containing the virtual router MAC address for the associated IP address to "trick" the hosts.

Maintained by Anil Edathara

VRRP - Commonly used values and terms

VRRP IP Multicast Address 224.0.0.18

VRRP IP protocol number 112 (decimal)

VRRP MAC Address 00-00-5E-00-01-{VRID} (in hex in internet standard bit-order)

VRRP Router A router running the Virtual Router Redundancy Protocol. It may participate in one or more virtual routers.

Virtual Router An abstract object managed by VRRP that acts as a default router for hosts on a shared LAN. It consists of a Virtual Router Identifier and a set of associated IP address(es) across a common LAN. A VRRP Router may backup one or more virtual routers.

IP Address Owner The VRRP router that has the virtual router's IP address(es) as real interface address(es). This is the router that, when up, will respond to packets addressed to one of these IP addresses for ICMP pings, TCP connections, etc.

Primary IP Address An IP address selected from the set of real interface addresses. One possible selection algorithm is to always select the first address. VRRP advertisements are always sent using the primary IP address as the source of the IP packet.

Virtual Router Master The VRRP router that is assuming the responsibility of forwarding packets sent to the IP address(es) associated with the virtual router, and answering ARP requests for these IP addresses. Note that if the IP address owner is available, then it will always become the Master.

Virtual Router Backup The set of VRRP routers available to assume forwarding responsibility for a virtual router should the current Master fail.

Virtual Router ID (VRID) The Virtual Router Identifier (VRID) field of the VRRP packet identifies the virtual router this packet is reporting status for. Configurable item in the range 1-255 (decimal).

Priority The priority field of the VRRP packet specifies the sending VRRP router's priority for the virtual router. Higher values equal higher priority. This field is an 8 bit unsigned integer field. The priority value for the VRRP router that owns the IP address(es) associated with the virtual router MUST be 255 (decimal).VRRP routers backing up a virtual router MUST use priority values between 1-254 (decimal). The default priority value for VRRP routers backing up a virtual router is 100 (decimal).