cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1121
Views
0
Helpful
8
Replies

vrrp setup

carl_townshend
Spotlight
Spotlight

Hi all, when setting up vrrp ports, do I need to put in a key of some sort? On the Nortel switches you have to make sure the key is the same on the ports in the group.

8 Replies 8

jjchen978
Level 1
Level 1

hi,

when you say key, are you referring to authentication key? vrrp can support authentication (i.e. text or md5).

If you have multiple LACP groups on the same switch, how does it distinguish between them ?

crow930us
Level 3
Level 3

Yes, there is an option for an authentication password. If you set it on one system it should be the same on every other device in the VRRP group.

The command for it is vrrp group-number authentication {md5 keyname spi index | text password}

how many vrrp groups can you have on the cat 6500 ?

cheers

Carl

You can configure up to 255 virtual routers on a router physical interface. The actual number of virtual routers that a router interface can support depends on the following factors:

•Router processing capability

•Router memory capability

•Router interface support of multiple MAC addresses

I think the memory and interface have a bigger limitation on the number of groups than anything else.

In a topology where multiple virtual routers are configured on a router interface, the interface can act as a master for one virtual router and as a backup for one or more virtual routers.

http://www.cisco.com/en/US/docs/ios/ipapp/configuration/guide/ipapp_vrrp.html

when you say routers, do you mean groups ?

So I could have say 300 vlans but in the same group ? or do you mean 255 virtual ip's ?

Resurrecting an old thread here.... Always use MD5 authentication for your VRRP deployment. A demonstration of VRRP being attacked/compromised can be downloaded from the location below. In addition, it shows how plain-text authentication can be simply viewed using a sniffer. As the biased author of the document, I believe its a good read :-)

Download the demonstration from here:

http://www.og150.com/tutorials.php

Go to: "VRRP (Virtual Router Redundancy Protocol) Attack"

InayathUlla Sharieff
Cisco Employee
Cisco Employee

Hi Carl,

Kindly find the below link on VRRP which explains complete infomration inregards to it:

http://www.cisco.com/en/US/docs/ios/ios_xe/ipapp/configuration/guide/ipapp_vrrp_xe.pdf

HTH

Regards

Inayath

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: