Virtual Router Redundancy Protocol¶
Virtual Router Redundancy Protocol (VRRP) is a protocol which allows routers to coordinate control of IP addresses between multiple nodes acting as a single “virtual” router cluster. Multiple nodes coordinating control in this way allows for redundancy, where a single node failing does not adversely affect traffic passing through the virtual router.
The specific version of VRRP used by TNSR is VRRPv3 as defined in RFC 5798, but will be referred to as “VRRP” throughout this document.
With VRRP, one router acts as the primary master node and additional routers act as backup nodes. Commonly there are only two routers in a cluster: A primary node and a secondary node. VRRP supports additional nodes if a use case calls for increased redundancy.
Addresses configured on the primary node are defined as virtual router (VR) addresses on all participating nodes, including the primary node which is considered the owner of the VR addresses. The VR addresses are then used as next hop gateways by peers, rather than traditional addresses. This includes delivery of routed subnets from upstream sources as well as acting as a gateway for local clients. Since peers communicate with the shared virtual addresses, when a failure occurs communications will continue through whichever node is elected master of the VR addresses. This allows traffic to flow with little to no interruption when a node fails.
The current master of VR addresses is determined by an election process. The
election process considers the priority value for the VR address on each node
first, among other factors. The owner of the VR addresses has the highest
255, and additional nodes will have a lower priority from
Participating nodes advertise their state to peers and listen for these
advertisements from peers. Typically only the current master will transmit
advertisements. If other nodes fail to see advertisements from a higher priority
node in a timely manner defined by the settings, control of the virtual address
is assumed by the backup node with the next highest priority. This state
information is transmitted via multicast on a local segment, to a multicast
220.127.116.11 for IPv4 and
ff02::12 for IPv6.
Switches (physical or virtual) must allow the multicast advertisements to flow freely. Ensure switch features such as storm control or rate limiting are relaxed or disabled on ports participating in VRRP.
At layer 2, VRRP works by enabling the nodes to essentially share a single MAC
address. This MAC address is derived from the ID of the associated VR address,
with the form of
<id> is the VR ID (
in hexadecimal. The multicast advertisements from the current master allow
compatible switches to direct traffic to the correct port, so that the current
master receives traffic destined for the MAC address associated with the VR
address being advertised.
In virtual environments, special switch and VM configuration settings may be required to allow VRRP to function. This settings may include, but are not limited to: vSwitch or VM port promiscuous mode, allowing forged transmits, and allowing MAC address changes. These are necessary for TNSR to properly send and receive not only the VRRP advertisements, but also for traffic using the shared VRRP MAC address.