Configure VRRP Using CLI

Virtual Router Redundancy Protocol (VRRP) eliminates the single point of failure that can occur after the single static default gateway router for an end station is lost. VRRP introduces the concept of a virtual IP address shared between two or more routers connecting the common subnet to the enterprise network.

One active master switch exists for each IP subnet. All other VRRP interfaces in a network are in backup mode.

The first virtual IP configured on a VRRP interface is the primary virtual IP. This primary address is the equivalent of IPv6 VRRP link-local address and must be in the same subnet as the primary IP of the interface. The address owner of a VRRP interface is determined by the primary virtual IP. If the primary virtual IP matches the primary IP address, than this VRRP interface is set as address owner and VRRP priority for it is set to 255. All other VRRP interfaces in a network are in backup mode. If you have VRRP and IP routing protocols configured on the same IP physical interface, you cannot select the interface address as the VRRP virtual IP address (logical IP address). You must use a separate dedicated IP address for VRRP.

After you create a VRRP interface, you can add Secondary IP Interfaces, which are the equivalent of IPv6 VRRP global addresses.

Note

Note

Secondary virtual IP addresses must be in the same subnet as a Secondary IP Interface on the VLAN.

You can replace a primary virtual IP only if no secondary virtual IPs exist on the VRRP interface.

To modify the behavior of the VRRP failover mechanism, use the hold-down timer to enable the router enough time to detect and update routes. The timer delays the preemption of the primary over the backup, when the primary becomes available. Configure all routers to the identical number of seconds for the hold-down timer. You can manually force the preemption of the primary over the backup before the delay timer expires.

Important

Important

The switch, when it acts as a VRRP master, does not reply to Simple Network Management Protocol (SNMP) Get requests to the VRRP virtual interface address. However, if the switch acts as a VRRP master, and receives SNMP Get requests to its physical IP address, then it does respond.

The Simple Network Management Protocol (SNMP) provides facilities to manage and monitor network resources. An SNMP manager and agent communicate through the SNMP protocol. The manager sends queries and the agent responds. An SNMP Get request is a message that requests the values of one or more objects.

Note

Note

The VRRP IP address responds only to ICMP-based traceroute requests. It does not respond to UDP-based traceroute requests.

When you use the fast advertisement interval option to configure a master and backup device, you must enable the fast advertisement interval option on both systems for VRRP to work correctly. If you configure one device with the regular advertisement interval, and the other device with the fast advertisement interval, it causes an unstable state and drops advertisements.

Before you begin

  • Assign an IP address to the interface.

  • Enable VRRP globally.