Operating and Configuring VRRP on Cisco Routers – A Cheat Sheet Guide

A Virtual Router Redundancy Protocol (VRRP) may be just the solution for you if you require router backups on the same LAN network. A VRRP is an election protocol that dynamically assigns the responsibility for one or more virtual routers to the VRRP routers on a LAN. This allows for several routers on a multi-access link to utilize the same virtual IP address. One router is elected as the master virtual router, with the other routers acting as backups if a master virtual router fails due to a malfunction or power loss.

In this article, we will walk through the operation of the VRRP, as well as look at the benefits of having a VRRP on your LAN network. Lastly, we provide a full VRRP configuration guide to get you set up in record time!

How Does a VRRP Operate?

Two main options exist for a LAN client to determine which router should be prioritized, using a dynamic process or a static configuration. Both options have their pros and cons. A major con of using a dynamic process is that it incurs additional configuration and processing overhead on the LAN client and router switching (router switches are far slower).

Alternatively, a static configuration can be adopted, which simplifies the process. However, if the default gateway fails, the LAN client is limited to communicating only on the local IP network. This creates a single point of failure and is not ideal for when you require a highly efficient, automated LAN network with multiple backups.

This is where VRRP comes in to save the day! VRRP solves the static configuration problem by enabling a group of routers to form a single virtual router. The LAN clients can then be configured with the virtual router as their default gateway.

The figure below shows a LAN topology in which VRRP is configured. In this example, Routers R1, R2, and R3 are VRRP routers that comprise a virtual router. The IP address of the virtual router is the same as that configured for the Ethernet interface of Router R1 (i.e., the master router).

Router R1 is responsible for forwarding packets sent to this IP address. Clients 1 through 3 are configured with the default gateway IP address of 192.168.1.1. If the master virtual router fails, the router configured with the higher priority will become the new master virtual router and provide uninterrupted service for the LAN hosts. When Router R1 recovers, it becomes the master virtual router again.

The Main Benefits of VRRP

The main benefits of VRRP are highlighted in the image below.

A Deeper Dive into VRRP

Since an important aspect of the VRRP redundancy scheme revolves around router priority, object tracking, and pre-emption, let’s touch on it a bit more.

Router Priority

The priority of a VRRP system determines how each router responds when the master router fails. The label of “master virtual router” is when the VRRP router owns the IP address and the IP address of the physical interface.

The priority of a router is set using values 1 through 254. The higher the value, the higher priority to be next in line to become a master virtual router if the main router fails. If several routers are configured with the same priority value, the backup virtual router with the higher IP address is chosen to become the master virtual router.

Pre-emptive Scheme

By default, a pre-emptive scheme is enabled whereby a higher priority backup virtual router becomes the master virtual router if the main router fails. If the pre-emptive scheme is disabled, the master virtual router will remain the master until it comes back online. However, disabling this feature would mean that your network is down for the time the master is out of business.

Object Tracking

Object tracking is an independent process that manages creating, monitoring, and removing tracked objects such as the state of the line protocol of an interface. Clients register their interest with specific tracked objects, which act when the state of the object changes. A unique number is associated with each tracked object. VRRP uses this number to track a specific object. The tracking process involves periodically polling the tracked objects and noting if any changes to the value have occurred.

The tracking process allows you to track individual objects such as the state of an interface line protocol, state of an IP route, or the reachability of a route. VRRP provides an interface to the tracking process. Each VRRP group can track multiple objects that may affect the priority of the VRRP device. VRRP increments (or decrements) the priority of the virtual device based on the state of the object being tracked.

Quick Start VRRP Configuration Commands

Now, how does everything discussed thus far get put into practice? We cover that in this section by providing a list of commands for configuring VRRP, setting the priority of virtual routers, and other configuration specifics.

Configuring VRRP

You should globally enable VRRP before configuring and enabling any VRRP groups.

Group Configuration

When configuring a VRRP group, you must explicitly enable the group before it becomes active. Before configuration, configure an IP address on the interface.

Priority Configuration

The priority of a virtual router is measured from 1 through 254 in which 1 is the lowest priority and 254 is the highest priority. The default priority for reinforcements is 100. For devices, whose interface IP address is equivalent to the essential virtual IP address, the default value is 255.

Enable VRRP and configure it with the following steps:

Authentication Configuration

We can configure simple text authentication for a VRRP group using the command below:

Time Interval Configuration (Advertisement Packets)

The time intervals for advertisement packets can be configured using the commands below:

Interface State Tracking Configuration

The steps below configure the interface state tracking:

Ultimate Convenience With VRRP

The benefits of setting up a VRRP within your network have been highlighted. By having a backup router that can automatically hop online when a master router fails, your network's uptime increases, and, as a result, you keep your clients happy. Contact PivIT for further advice on configuring a Virtual Router Redundancy Protocol. Our focus is to examine your CAPEX/OPEX limitations and present you with options to free up your budget, achieve your goals and Do IT Better.