Why VRRP technology?

We know that in order to realize device communication between different subnets, we need to configure routing. At present, there are two commonly used routing methods:

The first is dynamic learning through routing protocols: RIP and OSPF.
The second is through static routing: configure static routing for the terminal PC.

Both routes have their own advantages and disadvantages:

The first route can automatically find the best path, and the neighbor route can also learn to obtain the routing table, but the dynamic route takes up the line bandwidth and CPU processing time.
The second route does not require CPU processing time and does not occupy the line bandwidth, but this route needs to configure the gateway on the PC of the terminal, and the workload is relatively large.

The above two routes are widely used now.

Now we will only analyze the disadvantages of static routing because VRRP technology is used on static routing, not dynamic routing.

For static routing, configure the default gateway for the terminal PC. If the router as the default gateway fails, the communication of all hosts using this gateway as the next hop will be interrupted. As shown in the figure below;

In the figure above, hosts A-D are all configured with a default gateway: 10.1.1.1. The next hop of the gateway route points to a router RouterA in the network segment where the host is located. RouterA sends the message to the external network, but if RouterA is broken now, all hosts will be unable to communicate with other network segments.

To solve the above problems, we can add a router RouterB, as shown in the following figure:

When RouterA goes down, all PCs switch the gateway to the gateway on RouterB. Thus, the backup of the router is realized. This technology is VRRP technology-virtual router redundancy protocol.

Introduction to VRRP (forwarding mechanism)

1. VRRP (Virtual Router Redundancy Protocol) adds the routers that can take on the gateway function into the backup group to form a virtual router. The election mechanism of VRRP determines which router takes on the forwarding task, and hosts in LAN only need to configure the virtual router as the default gateway.

2. VRRP is a fault-tolerant protocol, which improves reliability and simplifies the host configuration. In a local area network (such as Ethernet) with multicast or broadcast capability, VRRP can still provide a highly reliable default link when a certain device fails, effectively avoiding the problem of network interruption after a single link fails, without modifying configuration information such as dynamic routing protocol and route discovery protocol.

3. The VRRP protocol is implemented in two versions: VRRPv2 and VRRPv3. VRRPv2 is based on IPv4 and VRRPv3 is based on IPv6.

4. VRRP router: All routers running the VRRP protocol are called VRRP routers.

5. VRRP Backup Group: Multiple routers are divided into groups, in which one main router is selected and the others are used as backup routers. Usually, one of the main routers works, and the backup router is idle. When the main router fails, one of the backup routers is selected to replace the failed main router. Routers in this group form a backup group.

As shown in the figure below, there are two routers and two gateways. One of the two routers is selected as the primary router, and the others are backup routers. The primary router is responsible for forwarding datagrams, while the backup router is in an idle state. When the primary router fails, the backup router will become the primary router, replacing the primary router to realize the forwarding function.

6. Virtual router: A virtual router is a collection of all routers in a VRRP backup group. It is a logical concept and does not really exist. Looking at the routers in the backup group from the outside of the backup group, I feel that all the routers in the group are just like one. You can understand that they are in a group: master router+all backup routers = virtual routers. The virtual router has a virtual IP address and MAC address. If the virtual IP is the same as the IP of a router in the backup group, then this router is called the IP address owner and acts as the main router in the backup group.

As shown in the figure below: RA, RB and RC are VRRP routers, which form a VRRP backup group. RA is the main router, while RB and RC are backup routers. These three routers look like one from the outside, thus forming a virtual router Router Group. The virtual router has a virtual IP address of 10.1.1.1 (the IP of the main router of RA). RA is the owner of the IP address and the main router.

7. Virtual IP address and MAC address: the virtual router in the VRRP group (backup group) appears as the unique virtual MAC address, with the address format of 00–00–5e-00–01-[VRID], and the VRID is the number of the VRRP group, ranging from 0 to 255.

In the above figure, three routers are in a group, which can be numbered from 0 to 255.

Note:

1. The virtual router has an IP address. The hosts in the LAN only need to know the IP address of this virtual router and set it as the next hop address of the default route.

2. The IP address of the virtual router can be the unassigned IP address in the network segment where the backup group is located, or it can be the same as the interface IP address of a router in the backup group.

3. Routers with the same IP address as the virtual IP address are called IP address owners. Only one IP address owner can be configured in the same VRRP backup group.