+ Post New Thread
Results 1 to 10 of 10
Wired Networks Thread, VRRP Setup in Technical; Hi, I'm looking at setting up VRRP. I have an existing, older switch/router that supports this so was thinking about ...
  1. #1

    Join Date
    Apr 2007
    Location
    Sutton Coldfield
    Posts
    207
    Thank Post
    29
    Thanked 34 Times in 28 Posts
    Rep Power
    20

    VRRP Setup

    Hi,

    I'm looking at setting up VRRP. I have an existing, older switch/router that supports this so was thinking about using it as a backup for our core router.

    My understanding is this:
    - Each Router has all of the VLANs & Routing tables etc setup, each with its own unique IP for each VLAN/Subnet defined.
    - VRRP is enabled and is associated with a Virtual VRRP IP Address for each VLAN/subnet - this is the address that clients use as the default gateway.
    - I specify a master router (i.e. our current core router by specifying a value, such as 255 - highest priority) and enable this.
    - I will then setup the secondary router.
    - All our satellite/edge switches must be connected to both switches. STP will be enabled to disable the uplink to the backup router until the main link goes off.
    - If the core router goes offline then within a few seconds the backup router assumes the role as the router for the school and STP will allow the backup link to be used
    - If a fibre transceiver goes down on a edge switch then STP will allow data to be transmitted to the backup switch which transmit it to the core switch.

    Is my understanding correct?

    So in my case, I will need to rename IPs used on the current core router, such as 172.16.0.1 becoming 172.16.0.2, setup the backup router to have 172.16.0.3 and then also setup VRRP to then re-use 172.16.0.1 (as clients already point to this as the default gateway).

    Any thoughts appreciated. I should add I have Dell PowerConnect Switches - using a 8000 (Master) and 7000 (Backup) series router

    Cheers,

    Rob
    Last edited by robknowles; 29th April 2013 at 09:33 PM.

  2. #2

    Join Date
    Jan 2009
    Posts
    109
    Thank Post
    3
    Thanked 21 Times in 16 Posts
    Rep Power
    15
    You're on track with the exception of the STP part. STP plays no role in VRRP operation. You do not want to disable the link to the backup router. Your layer 2 devices (switches) are forwarding traffic to a virtual MAC address (the layer 2 address of the virtual IP or default gateway), so absolutely nothing changes from a switching perspective if the primary router fails. The secondary router simply 'becomes' that L2 address. Your switches simply learn that MAC is on a different port and forward traffic accordingly.

    Some more info:

    RFC 3768 - Virtual Router Redundancy Protocol (VRRP)
    http://www.dell.com/downloads/global...pp_note_32.pdf

  3. #3

    Join Date
    Mar 2013
    Location
    west sussex
    Posts
    519
    Thank Post
    74
    Thanked 26 Times in 26 Posts
    Rep Power
    14
    anyone blocking the vrrp broadcasts ? not between the two routers but across the vlan.

  4. #4

    Join Date
    Jan 2009
    Posts
    109
    Thank Post
    3
    Thanked 21 Times in 16 Posts
    Rep Power
    15
    Quote Originally Posted by ConradJones View Post
    anyone blocking the vrrp broadcasts ? not between the two routers but across the vlan.
    VRRP doesn't use broadcast except for the initialization phase during which it sends a gratuitous ARP request containing the virtual router MAC address. Otherwise multicast is used between VRRP routers to multicast address 224.0.0.18 using IP protocol 112.

  5. #5

    Join Date
    Mar 2013
    Location
    west sussex
    Posts
    519
    Thank Post
    74
    Thanked 26 Times in 26 Posts
    Rep Power
    14
    Quote Originally Posted by Destinova View Post
    VRRP doesn't use broadcast except for the initialization phase during which it sends a gratuitous ARP request containing the virtual router MAC address. Otherwise multicast is used between VRRP routers to multicast address 224.0.0.18 using IP protocol 112.
    apologies i mean the multicast, i was pretty tired last night.

    I'm seeing the multicast on all my machines?

  6. #6

    Join Date
    Jan 2009
    Posts
    109
    Thank Post
    3
    Thanked 21 Times in 16 Posts
    Rep Power
    15
    Quote Originally Posted by ConradJones View Post
    apologies i mean the multicast, i was pretty tired last night.

    I'm seeing the multicast on all my machines?
    From what source?

    Unless you are seeing it specifically to 224.0.0.18 using IP protocol 112, it isn't your VRRP devices.

  7. #7

    Join Date
    Mar 2013
    Location
    west sussex
    Posts
    519
    Thank Post
    74
    Thanked 26 Times in 26 Posts
    Rep Power
    14
    from the real ip of one of the routers.

    i'm just going to block it everyone, it makes these switches go active/active if you block it between them
    Last edited by ConradJones; 1st May 2013 at 05:52 AM.

  8. #8

    Join Date
    Jan 2009
    Posts
    109
    Thank Post
    3
    Thanked 21 Times in 16 Posts
    Rep Power
    15
    Yes, but what destination? There are several reasons for multicast traffic, you need to find out the destination address before you can determine what it is being used for. Multicast addressing in many cases is reserved, so you can look up what service or protocol is using it.

    IPv4 Multicast Address Space Registry

    Blocking it with respect to VRRP is bad. You'll just cause all VRRP gateways to constantly believe they should be the active device because they will not be able to communicate with each other.

    Also, you can ping the multicast address and see what responds. A ping to 224.0.0.18 should return replies from any VRRP device.

  9. #9

    Join Date
    Mar 2013
    Location
    west sussex
    Posts
    519
    Thank Post
    74
    Thanked 26 Times in 26 Posts
    Rep Power
    14
    yes that destination, wireshark flags it as vrrp.

    read the second to last post of the first page

    ESRP vs VRRP - ExtremeXOS - EtherNation

  10. #10

    Join Date
    Jan 2009
    Posts
    109
    Thank Post
    3
    Thanked 21 Times in 16 Posts
    Rep Power
    15
    Quote Originally Posted by ConradJones View Post
    yes that destination, wireshark flags it as vrrp.

    read the second to last post of the first page

    ESRP vs VRRP - ExtremeXOS - EtherNation
    Ok so you've got a non-standards based iteration of VRRP that doesn't follow the protocol. Fair enough. In that case you might want to block it then, or use a standards-based L3 redundancy protocol that doesn't flood your network with multicast traffic.

SHARE:
+ Post New Thread

Similar Threads

  1. Annoying LimitLogin Setup Error
    By Gatt in forum Windows
    Replies: 5
    Last Post: 28th July 2007, 01:08 PM
  2. Exam day setup
    By ITWombat in forum How do you do....it?
    Replies: 5
    Last Post: 8th May 2006, 08:40 AM
  3. IE6 trys to run an ISP setup on startup
    By pmassingham in forum Windows
    Replies: 1
    Last Post: 23rd March 2006, 10:20 AM
  4. Replies: 5
    Last Post: 23rd February 2006, 09:23 PM
  5. Thin Client Network Setups
    By Pear in forum Thin Client and Virtual Machines
    Replies: 26
    Last Post: 24th January 2006, 03:22 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •