Chapter 37: Vrrp Enhancements - Avaya 1000 Series Configuration Manual

Chapter 37: VRRP enhancements

The Secure Router 1000 Series and 3120 provide support for multiple VRRP enhancements. By design,
VRRP eliminates a common point of failure present in static routing environments by specifying an election
protocol to dynamically assign routing responsibility to a VRRP router on a LAN. VRRP is used to maintain
availability at the IP address level. In a VRRP setup, one router is elected the master. When the master
goes down, backup routers hold an election for a replacement. VRRP is applicable only to primary ethernet
interfaces and VLAN enabled subinterfaces, with a maximum of 10 VRRP groups per router.
The nature of VRRP has several routers performing as one virtual router that has a Virtual Router ID and
virtual IP addresses. Any of these routers could act as master at any given time, provided it wins the
election. The master sends advertisements to backup routers informing them of its state. If advertisements
fail to be received, an election is called. The backup with the highest priority value wins and assumes
position as master. As of this release, the interval at which these advertisements are sent is configurable
via CLI.
The Secure Router supports VRRP authentication types "no authentication" and "clear text password
authentication" for VLAN enabled subinterfaces. Using the "no authentication" type, VRRP exchanges
are not authenticated, while with "clear text password authentication", the receiver checks to make sure
VRRP authentication packet data matches the configured authentication string. If there is no match, the
exchange is discarded.
In addition to this, VRRP interface monitoring on VLAN enabled subinterfaces functionality has been
included. VRRP groups can be configured to monitor external interfaces in case they go down. The reason
for this is to calculate VRRP priority based on a router's tracking priority. When a router's external interface
goes down, the number value given to tracking priority is subtracted from the VRRP priority value, giving it
as new priority and ultimately affecting its chances in an election.
Finally, several VRRP load-balancing mode types are present so users can choose which mode best suits
their needs. Full load-balancing is supported, and users can further choose from one of the following
options:
• Mode 0: Gratuitous ARP Mode
Relies on gratuitous ARP to redirect traffic in the event of a failover. This mode uses the MAC address
of a physical ethernet port as a virtual MAC.
• Mode 1: Active/Standby Mode
Applicable to primary ethernet interfaces only, this mode allows a VRRP interface to participate in a
single VRRP group at any given time using a virtual MAC address. If Active/Standby Mode is used,
only 1 VRRP group can be configured.
• Mode 2: Promiscuous Mode
Avaya Secure Router 1000 Series Configuration Guide December 2010 245