What is VRRP? Unlock the Secret to Network Redundancy

Introduction

What is VRRP? VRRP or virtual router redundancy protocol is an essential high-availability protocol like HSRP, which is used in computer networking to ensure continuous and seamless network operation. It provides backup routers in the event when there is any failure in gateways. Network engineers designing and maintaining VRRP for reliable communication and resilient networks.

Moreover, it uses the virtual router that represents a group of physical routers. This virtual router is assigned an IP address that is used by the hosts as their default gateway.

What is VRRP?

VRRP is a standard protocol that is defined in RFC 3718, while it uses IP protocol 112. The main purpose of it is to provide availability of the default gateway in a local area network. To understand what is VRRP in practical terms, It allows multiple routers to work together in the form of a group to provide redundancy. When we configure VRRP on our routers, they create a virtual IP address as the default gateway for the internal network. 224.0.0.18 is the virtual IP address of the VRRP and it was introduced in 1998.

In terms of functionality, when asking what is VRRP, it involves both master and backup routers. The master router will act as an active router which will forward the traffic. While the backup router will constantly monitor the traffic, if the master router becomes fails to forward the traffic.

VRRP Operational Workflow

Here’s how VRRP operates in a typical LAN environment

  • Initial Setup: When we configure VRRP in our network environment, the routers elect one router as master based on the priority and the IP address.
  • Steady State: The master router forwards the traffic while the backup router constantly monitors the master router through period advertisements.
  • Failure Detection: If the master router fails to forward traffic, then backup routers hold an election, and the router with 2nd highest priority becomes the master router.
  • Recovery: When the former master router restored its operation, depending on the configuration, then it will either act as a master router, or a backup router based on its configuration.

Lab Topology for GNS3

Here is the lab topology, which consists of four routers, 4 PCs, and one switch. Configure all the IP addresses on all the devices and then run EIGRP on all the routers.

Configure VRRP on R1 and R2:

Check on “R1 and R2” to check master and backup routers;

Ping the default-gateway 192.168.10.254 from PC1;

Shutdown R1’s fast ethernet 0/1 and check the result on PC1 by ping the default gateway. For this, start to ping the gateway with a continuous ping before interface shutdown.

Now, check ping on PC1;

There is a little breakout, but after that, it resumes its operation by making R2 (Backup router) as Master.

Run the below command on R1 and R2;

Again, “no shutdown” R1 interface fast ethernet 0/0;

How to Configure Authentication on VRRP

Authentication is the most crucial part of computer networking. It helps to recognize only legitimate devices to make a relationship with it. Here’s we will configure VRRP authentication first on R1 and then R2.

Now check the master and backup routers;

Both the routers claim for Master routers, and both are correct. Why? Because R1 is using authentication, while R2 is not using authentication. Moreover, actually they are not communicating at this due to authentication. Here’s is a confusion that LAN PCs will prefer R1 or R2. Let’s check it on PC1 via Trace command. PC1 will trace R4 IP address.

PC1 is tracing R4 via R2. It means that all the LAN PCs will prefer R2 path.

Now configure authentication on R2 as well.

R2 is now using authentication with R1 and elects itself as a Backup Router.

Run the show command on R1 to check the master router. Moreover, also checks authentication.

Trace the R4 via R4 to check the path.

How to Disable VRRP on Cisco Routers?

If you are going to disable VRRP on routers, you must disable it on that interface, on which we enable it earlier. As we enable VRRP on R1’s fast ethernet 0/1, now go to this interface and run the command “no vrrp [group-number]” or as “no vrrp 1”. 1 is the group number in our configuration.

We disable VRRP on R1 fast ethernet 0/1 and then we ran the command, which shows that the R1 is not Master router now! It has transferred its control to the R2. R2 is now acting as a backup router.

Similar Posts

Leave a Reply

Your email address will not be published. Required fields are marked *