EdgeRouter - Virtual Router Redundancy Protocol (VRRP)
Overview
Readers will learn how to configure VRRP (Virtual Router Redundancy Protocol) on an EdgeRouter.
Table of Contents
Basic VRRP Configuration
The VRRP Virtual IP address (VIP) that is shared between the routers is 10.0.0.254/24.
Follow the steps below to configure the VRRP functionality on ER-1:
1. Enter configuration mode.
configure
2. Define the VRRP group and the virtual IP address.
set interfaces ethernet eth1 vrrp vrrp-group 10 virtual-address 10.0.0.254/24
3. Set the VRRP priority to ensure that ER-1 becomes the master (active) router.
set interfaces ethernet eth1 vrrp vrrp-group 10 priority 200
4. Commit the changes and save the configuration.
commit ; save
Repeat the the VRRP configuration steps on ER-2:
1. Enter configuration mode.
configure
2. Define the VRRP group and the virtual IP address.
set interfaces ethernet eth1 vrrp vrrp-group 10 virtual-address 10.0.0.254/24
3. Set the VRRP priority to ensure that ER-2 becomes the backup (passive) router.
set interfaces ethernet eth1 vrrp vrrp-group 10 priority 100
4. Commit the changes and save the configuration.
commit ; save
You can verify the VRRP configuration with the following operational mode commands:
show vrrp
show vrrp summary
Optional VRRP Additions
In addition to setting the priority, VRRP supports the following optional additions:
Authentication
Preemption
Transition Scripts
Sync Groups
The VRRP authentication feature will protect the VRRP hello messages with a plain-text password or AH (Authentication Header) encryption. To enable authentication, run the following commands:
configure
set interfaces ethernet eth1 vrrp vrrp-group 10 authentication type < ah | plaintext-password >
set interfaces ethernet eth1 vrrp vrrp-group 10 authentication password < password >
commit ; save
The VRRP preemption feature determines whether the VRRP backup router can preempt the master router and is enabled by default. VRRP preemption is enabled by default. To modify the preemption, run the following commands:
configure
set interfaces ethernet eth1 vrrp vrrp-group preempt < true | false >
commit ; save
Sync groups are used to link VRRP groups together in order to propagate transition changes from one group to another group. To configure a VRRP sync group, run the following commands:
configure
set interfaces ethernet eth1 vrrp vrrp-group 10 sync-group < group-name >
set interfaces ethernet eth2 vrrp vrrp-group 20 sync-group < group-name >
commit ; save
Transition scripts are used to run a script whenever the state of the VRRP router changes. The available state changes are:
-
master
Run a script when the EdgeRouter transitions to the VRRP master router. -
backup
Run a script when the EdgeRouter transitions to the VRRP backup router. -
fault
Run a script when the underlying Ethernet interface goes down.
To add a custom transition script to VRRP, run the following commands:
configure
set interfaces ethernet eth1 vrrp vrrp-group 10 run-transition-scripts < master | backup | fault > < script-location >
commit ; save
Related Articles
Intro to Networking - How to Establish a Connection Using SSH