Versions Compared

Old Version 7

changes.mady.by.user Artūrs C.

Saved on

compared with

New Version 8

changes.mady.by.user Artūrs C.

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: add VRRP parameter table

...

Routers' main task is to receive advertisement packets and check if the master node is available.

The backup router will transit transmit itself to the master state in two cases:

...

Connection tracking entries are synchronized only from Master to Backup device. Preemption-mode and sync-connection - tracking are  are mutually exclusive.

Configuring VRRP

...

Before VRRP can operate correctly correct IP address is required on ether1. In this example, it is 192.168.1.2/24

IPV6

To make VRRP work in IPv6 networks, several additional options must be enabled - v3 support is required and protocol type should be set to IPv6:

...

No additional address configuration is required as it is in the IPv4 case. IPv6 uses link-local addresses to communicate between nodes.

Parameters

PropertyDescription
arp (disabled | enabled | proxy-arp | reply-only; Default: enabled)ARP resolution protocol mode
arp-timeout (integer; Default: auto)
authentication (ah | none | simple; Default: none)Authentication method to use for VRRP advertisement packets.
  • none - should be used only in low-security networks (e.g., two VRRP nodes on LAN).
  • ah - IP Authentication Header. This algorithm provides strong protection against configuration errors, replay attacks, and packet corruption/modification. Recommended when there is limited control over the administration of nodes on a LAN.
  • simple - uses a clear text password. Protects against accidental misconfiguration of routers on a local network.
interface (string; Default: )Interface name on which VRRP instance will be running
interval (time [10ms..4m15s]; Default: 1s)VRRP update interval in seconds. Defines how often the master sends advertisement packets.
mtu (integer; Default: 1500)Layer3 MTU size
name (string; Default: )VRRP interface name
on-backup (string; Default: )Script to execute when the node is switched to the backup state
on-master (string; Default: )Script to execute when the node is switched to master state
on-fail (string; Default: )Script to execute when the node fails
password (string; Default: )Password required for authentication. Can be ignored if authentication is not used.
preemption-mode (yes | no; Default: yes)Whether master node always has the priority. When set to 'no' the backup node will not be elected to be a master until the current master fails, even if the backup node has higher priority than the current master. This setting is ignored if owner router becomes available
priority (integer: 1..254; Default: 100)Priority of VRRP node used in Master election algorithm. A higher number means higher priority. '255' is reserved for the router that owns VR IP and '0' is reserved for the Master router to indicate that it is releasing responsibility.
v3-protocol (ipv4 | ipv6; Default: ipv4)A protocol that will be used by VRRPv3. Valid only if the version is 3.
version (integer [2, 3]; Default: 3)Which VRRP version to use.
vrid (integer: 1..255; Default: 1)Virtual Router identifier. Each Virtual router must have a unique id number
sync-connection-tracking (string; Default: no)Synchronize connection tracking entries from Master to Backup device. Does not work together with preemption-mode.