This chapter is from the book
This chapter is from the book
This chapter is from the book
2.2 Basic Concepts and Configurations
Now that we have a context for the relevance of VRRP as well as the specific problem it is designed to solve, let us look at some basic elements VRRP uses to create the required redundancy or switchover mechanism. To do that, we revisit the LAN of the branch office discussed in Figure 2-2. On this LAN N1 network resides a series of hosts—H1, H2, H3, and H4—and two routers—R1 and R2—both positioned as potential first hop routers. As depicted in Figure 2-3, we assign R1 as the default router to all the hosts on N1 network.
){kind=link}
)
FIGURE
2-3. Single default router
This configuration requires that any message originating from H1, H2, H3, and H4 addressed to a destination outside N1 network be sent to R1. VRRP specifies a mechanism using which R2 starts acting as the default router when R1 fails, so that the hosts on N1 network do not become isolated. This section introduces basic concepts required for the high-level understanding of this switchover mechanism.
To establish the VRRP switchover mechanism, first of all, we need to run VRRP in R1 and R2. We refer to the routers running VRRP as VRRP routers. Using the mechanism specified by VRRP, we designate the VRRP routers R1 and R2 as the members of a VRRP virtual router. A VRRP virtual router consists of a group of VRRP routers that collaborate with each other to reduce the risk of having a single point of failure for a network service, in this specific case the function of a default first hop routing. Figure 2-4 depicts the simplest configuration for a virtual router. To refer to a virtual router, to be able to express the membership of VRRP routers to a specific virtual router, we need a label for identifying the group. VRRP calls this label Virtual Router Identifier or VRID. In our drawing, we use V1, V2,...Vn for VRIDs. For the sake of illustration, we use V1 to refer to the virtual router in Figure 2-4. In our specific example, we assign the role of master to R1 and the role of backup to R2 in the V1 virtual router using the mechanisms specified by VRRP.
)
FIGURE
2-4. One-sided protection
Another point to emphasize is the object of protection. Since the IP addresses identify the connection of routers, of layer 3 elements to the network, we emphasize that VRRP protects the interfaces of a router providing default first hop services.
Figure 2-4 graphically depicts all the considerations described so far. The oval shape in the drawing labeled with VRID V1 (or 37 as an illustration that VRID is an integer) indicates that R1 and R2 are members of the VRRP virtual router V1. By overlaying the oval shape on the lines originating from interfaces, we highlight that the objects of protection are the interfaces rather than routers. By putting the legend master(V1) under R1 and backup(V1) under R2, we indicate that R1 is the master in virtual router V1 and R2 is the backup.
According to this configuration, as long as the master, R1, is functional, all traffic destined to the external network gets directed to R1. But as soon as R1 fails, R2 takes over as the master and starts handling packets forwarded to the interface associated with IP(R1).
Figure 2-4 represents this situation. In this configuration, if R1 fails, R2 takes over the master responsibility and all external traffic gets directed now to R2.