VRRP Compatibility

Currently, VRRP is only compatible with routed deployments.

VRRP Hardware Compatibility

VRRP requires network interface hardware on which DPDK PMDs support programming an additional MAC address. Without this capability, the interface cannot receive traffic addressed to the VRRP MAC address.

The following DPDK PMDs are supported:

  • em

  • fm10k

  • i40e

  • iavf

  • ice

  • igb

  • ixgbe

  • mlx4

  • mlx5

  • virtio

VRRP and Dataplane NAT

VRRP may not be used on interfaces involved in outbound NAT handled by the dataplane when the VR priority is 255. Currently, there is an interaction between dataplane NAT and VRRP in this case which leads to both nodes failing to receive and process VRRP advertisements from peers. When dataplane NAT is present on outbound NAT interfaces, use a lower priority value. Conflicting configurations will be rejected by input validation.

VPF NAT is not affected by this limitation.

See also

See the recipe VRRP with VPF Filtering and Outside NAT for a compatible example configuration.

VRRP and Reflect ACLs

As there is not yet a method for VRRP cluster nodes to share state data, using reflect type ACLs may result in active connections being dropped when control is transferred between cluster nodes. New connections may be made immediately.

VRRP and AWS/Azure

Currently, VRRP does not support unicast peers for routed environments such as AWS and Azure. This functionality will be added in a future release.