Vrrp Router Type - Brocade Communications Systems FastIron SX 800 Configuration Manual
Hide thumbs
Also See for FastIron SX 800:
- Diagnostic manual (220 pages) ,
- Hardware installation manual (216 pages) ,
- Software update (128 pages)
Table of Contents
Advertisement
Additional VRRP and VRRP-E parameter configuration
The key variable is the MD5 encryption key, which can be up to 64 characters long. The optional 0 or1 parameters configure whether the
MD5 password is encrypted, as follows:
•
If you do not enter this parameter and enter the key as clear text, the key appears encrypted in the device configuration and
command outputs.
•
If you enter 0 and enter the key as clear text, the key appears as clear text in the device configuration and command outputs.
•
If you enter 1 and enter the key in encrypted format, the key appears in encrypted format in the device configuration and
command outputs.
Syslog messages for VRRP-E HMAC-MD5-96 authentication
If an interface is configured with HMAC-MD5-96 authentication, all VRRP-E packets received on this interface are authenticated with the
HMAC-MD5-96 algorithm using the shared secret key configured on the interface.
If a packet is received that fails this HMAC-MD5-96 authentication check, the packet gets dropped. Additionally, if syslog is enabled, a
syslog message is generated to notify the administrator about an authentication failure. The message includes the VRID received in the
packet's VRRP message and the interface on which the packet was received. These syslog messages will be rate limited to 20 log
messages within a span of 5 minutes, starting from the first packet received that fails the HMAC-MD5-96 authentication check.
For Example:
SYSLOG: <13>Apr 30 14:14:57 ICX6610 VRRP: VRRPE authentication failure, intf v555, vrid 55, auth_type MD5
authentication
SYSLOG: <13>Apr 30 14:14:58 ICX6610 VRRP: VRRPE authentication failure, intf v555, vrid 55, auth_type MD5
authentication
SYSLOG: <13>Apr 30 14:14:59 ICX6610 VRRP: VRRPE authentication failure, intf v555, vrid 55, auth_type MD5
authentication
VRRP router type
A VRRP interface is either an Owner or a Backup router for a given VRID. By default, the Owner becomes the Master. A Backup router
becomes the Master only if the Master becomes unavailable.
A VRRP-E interface is always a Backup router for its VRID. The Backup router with the highest VRRP priority becomes the Master.
This section describes how to specify the interface type, how to change the type for VRRP, and how to set or change the interface VRRP
or VRRP-E priority and track priority for the VRID.
NOTE
You can force a VRRP Master router to abdicate (give away control) of the VRID to a Backup router by temporarily changing the
Master VRRP priority to a value less than the Backup.
NOTE
The Owner type is not applicable to VRRP-E.
NOTE
For VRRP, the IP address you associate with the Owner must be real IP address on the interface where the VRIS is configured.
To configure a Backup router, the interface must have a real IP address that is in the same subnet the Owner. The address must
be unique.
530
FastIron Ethernet Switch Layer 3 Routing
53-1003627-04
Hide quick links:
Advertisement
Table of Contents
