Task
Configure basic VRRP functionality.
Topology
Configuration
Configuration on Junos3 router:
lab@Junos3# show unit 0 { family inet { address 23.0.0.3/24 { vrrp-group 23 { virtual-address 23.0.0.23; priority 150; accept-data; } } } }
Configuration on a Cisco router R2:
R2# ! interface Vlan23 ip address 23.0.0.2 255.255.255.0 vrrp 23 ip 23.0.0.23 ! vrrp 23 priority 100 ! Default Priority, not shown in the config end
Verification
Verification on the Juniper router:
lab@Junos3> show vrrp summary Interface State Group VR state VR Mode Type Address ge-1/0/1.0 up 23 master Active lcl 23.0.0.3 vip 23.0.0.23 lab@Junos3> show vrrp detail Physical interface: ge-1/0/1, Unit: 0, Address: 23.0.0.3/24 Index: 70, SNMP ifIndex: 527, VRRP-Traps: disabled Interface state: up, Group: 23, State: master, VRRP Mode: Active Priority: 150, Advertisement interval: 1, Authentication type: none Delay threshold: 100, Computed send rate: 0 Preempt: yes, Accept-data mode: yes, VIP count: 1, VIP: 23.0.0.23 Advertisement Timer: 0.563s, Master router: 23.0.0.3 Virtual router uptime: 00:15:11, Master router uptime: 00:10:48 Virtual Mac: 00:00:5e:00:01:17 Tracking: disabled lab@Junos3> show vrrp extensive Interface: ge-1/0/1.0, Interface index :70, Groups: 1, Active :1 Interface VRRP PDU statistics Advertisement sent :956 Advertisement received :82 Packets received :82 No group match received :0 Interface VRRP PDU error statistics Invalid IPAH next type received :0 Invalid VRRP TTL value received :0 Invalid VRRP version received :0 Invalid VRRP PDU type received :0 Invalid VRRP authentication type received:0 Invalid VRRP IP count received :0 Invalid VRRP checksum received :0 Physical interface: ge-1/0/1, Unit: 0, Address: 23.0.0.3/24 Index: 70, SNMP ifIndex: 527, VRRP-Traps: disabled Interface state: up, Group: 23, State: master, VRRP Mode: Active Priority: 150, Advertisement interval: 1, Authentication type: none Delay threshold: 100, Computed send rate: 0 Preempt: yes, Accept-data mode: yes, VIP count: 1, VIP: 23.0.0.23 Advertisement Timer: 0.404s, Master router: 23.0.0.3 Virtual router uptime: 00:15:14, Master router uptime: 00:10:51 Virtual Mac: 00:00:5e:00:01:17 Tracking: disabled Group VRRP PDU statistics Advertisement sent :956 Advertisement received :82 Group VRRP PDU error statistics Bad authentication Type received :0 Bad password received :0 Bad MD5 digest received :0 Bad advertisement timer received :0 Bad VIP count received :0 Bad VIPADDR received :0 Group state transition statistics Idle to master transitions :0 Idle to backup transitions :2 Backup to master transitions :3 Master to backup transitions :1
Verification on the Cisco router:
R2#show vrrp Vlan23 - Group 23 State is Backup Virtual IP address is 23.0.0.23 Virtual MAC address is 0000.5e00.0117 Advertisement interval is 1.000 sec Preemption enabled Priority is 100 Master Router is 23.0.0.3, priority is 150 Master Advertisement interval is 1.000 sec Master Down interval is 3.609 sec (expires in 3.477 sec) R1>ping 23.0.0.23 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 23.0.0.23, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/4 ms
Using Traceoptions (debugging) for VRRP
Set the tracing options:
lab@Junos3# show protocols vrrp traceoptions { file vrrp; flag state; flag general; }
Alternatively, if we want to Copy & Paste from Notepad:
lab@Junos3# delete protocols vrrp [edit] lab@Junos3# load merge terminal [Type ^D at a new line to end input] protocols vrrp traceoptions { file vrrp; flag state; flag general; } load complete [edit] # Other trace options: [edit protocols vrrp] lab@Junos3# set traceoptions flag ? Possible completions: all Trace all events database Trace database general Trace general events interfaces Trace interface messages normal Trace normal events packets Trace packets ppm VRRP PPM related messages state Trace state transitions timer Trace timer events [edit] lab@Junos3# commit commit complete lab@Junos3> monitor start vrrp
Trigger VRRP state change by setting a higher priority for R2, making it the new Master:
R2#conf t Enter configuration commands, one per line. End with CNTL/Z. R2(config)#int vlan 23 R2(config-if)#vrrp 23 priority 200 R2(config-if)# 6w4d: %VRRP-6-STATECHANGE: Vl23 Grp 23 state Backup -> Master
Debugging messages as seen on Junos3
lab@Junos3> *** vrrp *** Aug 18 14:50:18 vrrp_fsm_update IFD: ge-1/0/1.000.000.000.0000:0000:0000:0000:0000:0000:1700:0003.023 event: backup Aug 18 14:50:18 vrrp_fsm_backup: ge-1/0/1.000.000.000.0000:0000:0000:0000:0000:0000:1700:0003.023 state from: master Aug 18 14:50:18 vrrp_fsm_update_for_inherit IFD: ge-1/0/1.000.000.000.0000:0000:0000:0000:0000:0000:1700:0003.023 event: backup Aug 18 14:50:18 Signalled dcd (PID 1008) to reconfig Aug 18 14:50:18 vrrpd_rts_async_ifd_msg, Received Async message for: ge-1/0/1 Aug 18 14:50:18 vrrpd_rts_async_ifa_msg, Received Async message for: (null) index: 70, family 0x2 op: 0x3 Aug 18 14:50:19 vrrpd_rtsock_query_timer_expiry for ge-1/0/1.000.000.000.0000:0000:0000:0000:0000:0000:1700:0003.023 Aug 18 14:50:19 vrrpd_rts_get_ifd_state for ge-1/0/1.000.000.000.0000:0000:0000:0000:0000:0000:1700:0003.023 Aug 18 14:50:19 Interface ge-1/0/1 ifindex: 143 flags 0xc000 Aug 18 14:50:19 Interface ge-1/0/1 ifl ifindex: 70 flags 0x8000 Aug 18 14:50:19 ifd_fsm_update IFD: ge-1/0/1.000.000.000.0000:0000:0000:0000:0000:0000:1700:0003.023 event: up
Note
- VRRP relies on Multicast (address 224.0.0.18). The multicast is not supported on Olive running on VMWare. As the result, this lab need to be tested on a real Juniper router.
- Without “accept-data” option, the Master VRRP Juniper router does not respond to any traffic address to that IP. If we try to ping from R1, to the virtual router 23.0.0.23, it will fail ! We need to have that option enabled.
- Default behaviour for traffic addressed to the VRRP virtual IP is different on Cisco and on Juniper platform. By default Cisco allow the Master router to respond to that traffic.