Tuesday, August 16, 2011

Configuring FHRP - VRRP

Both FHRPs (HSRP & GLBP) are Cisco proprietary so what do you when you have to support a Cisco and a non-Cisco device in a redundant setup? Well you turn to the industry standard Virtual Router Redundancy Protocol (VRRP) RFC 2338. One of the biggest advantages of using VRRP is that you do not need an additional IP for the "Virtual IP". It can be the IP of the actual interface. For example in both HSRP and GLBP blogtorial you can see how my virtual IP was set to 192.168.1.254, however on this blogtorial notice that my virtual IP is the same as R1's interface IP (192.168.1.1). 

Consider the topology and let's get started. 



Objectives: 
  • Configure R1 and R2 with VRRP and authentication
  • R1 should be the master router and R2 should be the backup router. 
Relevant configurations are posted below. 



R1 and R4 configurations are below. 



Now configure R1 as a dhcp server so R2 and R3 can get dhcp. 

R1#sh run | sec dhcp
ip dhcp pool DEFAULT_DHCP
   network 192.168.1.0 255.255.255.0
   default-router 192.168.1.1
   dns-server 192.168.1.1
R1#

Let's verify our settings. 


Notice R1 has assumed the master role and R4 has assumed the backup role. 
0000.5e00.01yy is a well known VRRP mac address. yy represents a 2 digit hex VRRP group number. 
Take note that the default hello timer is 1 second compared to HSRP & GLBP (3 seconds) 

Now let's shut down R1's g1/0 interface and see how R4 takes over the virtual IP.



As you can see R4 has take over 192.168.1.1 and now is the master router. 

Since we have preempt enabled on R1 when I re-enable R1's gig1/0 interface comes back up it will then become the master and R4 will assume the backup role. 


VRRP also supports tracking, and timers. 

Many more articles to come so stay tuned and "Join this site" on the right.