Versions Compared

Old Version 9

changes.mady.by.user Artūrs C.

Saved on

compared with

New Version 10

changes.mady.by.user Artūrs C.

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Connection tracking entries are synchronized only from Master to Backup device. Preemption-mode and sync-connection tracking are mutually exclusive.

Tip

If multiple VRRP interfaces are configured between two units, then it is enough to enable sync-connection-tracking=yes on one (preferably master) VRRP interface.


Configuring VRRP

IPv4

Setting up Virtual Router is quite easy, only two actions are required - create VRRP interface and set Virtual Routers IP address.

...

No additional address configuration is required as it is in the IPv4 case. IPv6 uses link-local addresses to communicate between nodes.

Parameters

PropertyDescription
arp (disabled | enabled | proxy-arp | reply-only; Default: enabled)ARP resolution protocol mode
arp-timeout(integer; Default: auto)
authentication (ah | none | simple; Default: none)Authentication method to use for VRRP advertisement packets.
  • none - should be used only in low-security networks (e.g., two VRRP nodes on LAN).
  • ah - IP Authentication Header. This algorithm provides strong protection against configuration errors, replay attacks, and packet corruption/modification. Recommended when there is limited control over the administration of nodes on a LAN.
  • simple - uses a clear text password. Protects against accidental misconfiguration of routers on a local network.
interface (string; Default: )Interface name on which VRRP instance will be running
interval (time [10ms..4m15s]; Default: 1s)VRRP update interval in seconds. Defines how often the master sends advertisement packets.
mtu (integer; Default: 1500)Layer3 MTU size
name (string; Default: )VRRP interface name
on-backup (string; Default: )Script to execute when the node is switched to the backup state
on-master (string; Default: )Script to execute when the node is switched to master state
on-fail (string; Default: )Script to execute when the node fails
password (string; Default: )Password required for authentication. Can be ignored if authentication is not used.
preemption-mode (yes | no; Default: yes)Whether master node always has the priority. When set to 'no' the backup node will not be elected to be a master until the current master fails, even if the backup node has higher priority than the current master. This setting is ignored if owner router becomes available
priority (integer: 1..254; Default: 100)Priority of VRRP node used in Master election algorithm. A higher number means higher priority. '255' is reserved for the router that owns VR IP and '0' is reserved for the Master router to indicate that it is releasing responsibility.
v3-protocol (ipv4 | ipv6; Default: ipv4)A protocol that will be used by VRRPv3. Valid only if the version is 3.
version (integer [2, 3]; Default: 3)Which VRRP version to use.
vrid (integer: 1..255; Default: 1)Virtual Router identifier. Each Virtual router must have a unique id number
sync-connection-tracking(string; Default: no)Synchronize connection tracking entries from Master to Backup device. Does not work together with preemption-mode.