Illustrated network: what is virtual router redundancy protocol VRRP?

Hello , This is the network technology alliance station .

VRRP It is a kind of commonly used Fault tolerance agreement , It can improve the reliability of the network , Today, Ruige will introduce to you in detail VRRP agreement .

Let's go straight to ！

What is? VRRP？

• English full name ：Virtual Router Redundancy Protocol
• Chinese name ： Virtual router redundancy protocol
• agreement ：IETF – RFC 3768
• Multicast address ：224.0.0.18
• Network layer protocol
• Agreement No ：112

VRRP The term

• VRRP Router ： function VRRP The router , May belong to one or more virtual routers .
• fictitious IP Address ：IP The address is assigned as a virtual from the local subnet IP Address .
• fictitious MAC Address ： At the end of hexadecimal 8 Bytes as VRRP Group number , Automatically generate a virtual MAC Address .
• Main router ： The main router is selected according to priority , If VRRP One group member of the group has higher priority than other group members , Then it will be selected as the main router .
• Backup router ： VRRP Only one member of the group becomes the master router , Other members will become backup routers , If the main router fails , Then one of the standby routers will become the main router .

VRRP working principle

VRRP Use virtual routers to control which physical routers are assigned to the access network , One VRRP The group consists of one Lord Router and one or more shared virtual IP Address of the Backup Router composition , If the primary router fails ,VRRP One of the standby routers will be automatically assigned , Without affecting network traffic . When the faulty router runs again , It will become the main router again .VRRP This redundancy can be provided without user intervention or additional configuration of any device on the network .

VRRP The primary router sends... To the backup router VRRP notification message , When VRRP When the main router fails to send the notification message , The backup router with the highest priority takes over as the main router .

As shown in the figure below , There are two virtual devices , Above is the main router , The following is the backup router , Now, under normal circumstances, the traffic goes through the main router ：

When the main router fails down On the plane ：

At this time, the original backup route quickly becomes the main router , And the traffic is also switched to the backup router , This is it. VRRP The power of ！

VRRP Three states

VRRP There are three states ：

Initialize The initial state

• Initialize Status representative VRRP Unavailable , be in Initialize The device in status cannot handle VRRP Notification message .
• When VRRP When the process is started or the device is in the active and standby state and a fault is detected , Enter the initialization state .

Master Activity status

• The router gets the virtual address .
• Undertake traffic forwarding .

Backup Backup status

• The router is starting up or ready to get the virtual address , In case of main equipment failure .
• Will not undertake traffic forwarding .

VRRP The election mechanism

Pictured , The most difficult technology , Just draw a picture , It's very clear ！

The main thing is to choose the main router according to priority ： priority The high router is selected as the main router .

If the priority of two routers is the same , Compare the interface IP Address , It has a large interface IP The router of the address will be selected as the main router .

Other routers act as backup routers , Monitoring all the time Master The state of the router .

If the backup router in the group is Master_Down_Interval I didn't get it in time Master Router's message , Then switch to the main router , There are multiple backup routers VRRP In the group , Multiple... May be generated in a short time Master Router , And then it will receive VRRP Compare the priority in the message with the local priority , Select the router with the highest priority as Master Router .

Case study

Pictured , Router R1、R2、R3 Form a virtual router VRRP,VRRP The virtual IP The address is 192.168.1.1, because R1 The priority of 100, higher than R2 Of 80 and R3 Of 60, therefore R1 by Master Router , The main router ,IP Address is 192.168.1.11,R2 and R3 As a backup router , Its IP The addresses are 192.168.1.12 and 192.168.1.13.

Host in LAN PC1、PC2、PC3 The default gateway for is set to VRRP fictitious IP Address 192.168.1.1, Under normal circumstances ,R1 As the main router , Be responsible for forwarding the messages in the LAN to the external network , When routers A In case of shutdown or failure , Router B Or routers C（ By priority ） As Backup The router will become the master router , Forward the LAN message to the external network , So as to maintain the communication between LAN and external network , Improve network reliability .

There are several situations ：

R1 fault ,R2、R3 Different priorities

Pictured , because R1 fault , Its link has been grayed , At this time due to R2 The priority of 80, higher than R3 Of 60, therefore R2 Main router ,R3 Or back up the router .

R1 fault ,R2、R3 Same priority

Pictured ,R2 and R3 The priority of is 80, At this time, the comparison is IP The size of the address , because R3 Of Ip The address is 192.168.1.13 higher than Ip The address is 192.168.1.12 Of R2, therefore R3 Main router ,R2 For backup router .

Be careful ：VRRP In any of the following cases, the packet will be rejected ： 1. The authentication scheme of router and incoming packets is different . 2. Routers and incoming packets MD5 The summary is different . 3. The authentication characters on the router and the incoming packet are different .

VRRP Other little ones

VRRP preemption

VRRP Seize in Enabled by default , This enables higher priority virtual router backup , This backup can be taken over from the backup of the virtual router selected as the master of the virtual router , If preemption is disabled , Then the backup of the virtual router selected as the master of the virtual router remains in the master state , Until the original virtual router master is restored and becomes master again .

VRRP edition

VRRP There are two versions ： edition 2、 edition 3.

Of which version 2 Widely used .

• VRRPv2： Support IPv4
• VRRPv3： Support IPv4 and IPv6

VRRP authentication

VRRP A lot of authentication is provided to ensure operation VRRP Our infrastructure is protected from malicious attacks , There are two kinds of general authentication ：

Authentication is not enabled by default .

As shown in the picture , Authentication is not turned on .

VRRP advantage

• VRRP Provide failover at the network gateway / redundancy .
• No single point of failure , Because the standby equipment is configured to take over when the main equipment fails .
• Failover happens quickly （ Usually in seconds ）.
• VRRP For active - passive （ Lord - Backup ） To configure , It can also be configured with load balancing Active-Active To configure .
• VRRP yes IETF Open standards agreement , therefore , Multiple suppliers / Many types of devices can be VRRP Part of a group .
• The main gateway device can have multiple standby devices .

summary

Virtual router redundancy protocol (VRRP) Provide a virtual for a group of routers IP Address ,VRRP It can be used with routers from different manufacturers , also VRRP Support message summary 5 (MD5) Authentication .

VRRP It is an open standard IEEE agreement , It enables a group of routers to form a single virtual router , Use VRRP, Several routers are combined , It looks like a default gateway of the network . Provide redundancy in the network , Eliminates the single point of failure inherent in the static default routing environment .

VRRP It's a network layer protocol , The agreement number is 112, The number of routers in the group acts as virtual logical routers , Act as the default gateway for all local hosts , If any router fails , Other group members can assume the responsibility of forwarding traffic .

This article mainly introduces ：

• What is? VRRP？
• VRRP The term
• VRRP working principle
• VRRP Three states
  • Initialize The initial state
  • Master Activity status
  • Backup Backup status
• VRRP The election mechanism
  • Case study
• VRRP Other little ones
  • VRRP preemption
  • VRRP edition
  • VRRP authentication
• VRRP advantage

Thank you for reading , Any questions , Welcome to discuss with me in the comment area below ！！！