Need Quick Help With VRRP

Answered Question
Jun 19th, 2009

With VRRP, like HSRP or GLBP, you must have a L2 adjacency for the vlan you want to configure VRRP redundancy between the switches, right?

Now, you can configure vrrp to provide redundancy for vlan interfaces, but you can also do the same for a physica interface, right?

As in....

router 1:

int gi1/0

ip x.x.x.3

vrrp 1 ip x.x.x.1

router 2:

int gi 1/0

ip address x.x.x.2

vrrp 1 ip x.x.x.1

...the users will be on that x.x.x.x/24 subnet. But for this to work, too, you need to have a L2 adjacency between the switches, right?

I have a config that uses physical interfaces, not vlan interfaces, similar to above, but there is only a routed connection between the two switches - a /30 point to point.

Thanks!

I have this problem too.
0 votes
Correct Answer by Jon Marshall about 7 years 5 months ago

Joe

"Does this config make any earthy sense to you??"

No it doesn't but then again i'm not familiar with JUNOS. There might be some "show" commands you can use to see if they even see each other. If there is no L2 connection i can't see how they would.

"BUT, the only connection I have between the two routers is a L3 ethernet connection between gi1/0 on each router, will vrrp work?"

As far as i know you need L2 adjacency so no it won't work.

You are correct in what you say about providing L2 adjacency ie. the router interfaces would need to be in the same vlan on each switch and that vlan would need to be allowed on the L2 trunk link between the switches.

Jon

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (2 ratings)
Loading.
Jon Marshall Fri, 06/19/2009 - 07:55

Joe

"With VRRP, like HSRP or GLBP, you must have a L2 adjacency for the vlan you want to configure VRRP redundancy between the switches, right?"

Yes, VRRP uses multicast address 224.0.0.18 which is a multicast address that is not routed so the router interfaces need to be on the same subnet.

"Now, you can configure vrrp to provide redundancy for vlan interfaces, but you can also do the same for a physical interface, right?"

Yes you can use vlan or physical interfaces but as discussed they must have L2 adjacency.

"I have a config that uses physical interfaces, not vlan interfaces, similar to above, but there is only a routed connection between the two switches - a /30 point to point."

Pass :-). Are you sure there is not another path between the switches or a different set of switches that provides L2 adjacency ?. If not can't see how that would work.

Jon

ex-engineer Fri, 06/19/2009 - 08:07

Jon, I agree with your concern regarding the last point. I dont see how its going to work either.

Its very strange.

What my engineer is doing is trying to migrate a JUNOS config intio Cisco IOS.

What he sees are physical interfaces in a point o poin /30 connection with the peer router. Then, underneath the interface, they have a vrrp1 ip but that vip is on a /24 subnet.

This is the JUNOS config:

interface TenGigabitEthernet9/2

description To7609-2

ip address 71.22.7.129 255.255.255.252

vrrp 1 ip 71.22.7.1 255.255.255.0

vrrp 1 priority 120

Personally, I dont get the subnet mask requirement on the vrrp 1 ip command line. Wit Cico, its intuitive that the vip is on the same subnet as the interface IP address.

Does this config make any earthy sense to you??

AND JUST to reiterate, if I have this config in a Cisco router:

int gi1/0

ip address 10.10.10.1 255.255.255.0

vrrp 1 ip 10.10.10.250

int gi1/0

ip address 10.10.10.2 255.255.255.0

vrrp 1 ip 10.10.10.250

BUT, the only connection I have between the two routers is a L3 ethernet connection between gi1/0 on each router, will vrrp work?

My answer is NO. You would need to associate the /24 subnet with a vlan and allow that vlan across a trunk between the two switches. Is that correct? if not, how else do you provide the L2 adjacency?

Thanks!

Correct Answer
Jon Marshall Fri, 06/19/2009 - 08:20

Joe

"Does this config make any earthy sense to you??"

No it doesn't but then again i'm not familiar with JUNOS. There might be some "show" commands you can use to see if they even see each other. If there is no L2 connection i can't see how they would.

"BUT, the only connection I have between the two routers is a L3 ethernet connection between gi1/0 on each router, will vrrp work?"

As far as i know you need L2 adjacency so no it won't work.

You are correct in what you say about providing L2 adjacency ie. the router interfaces would need to be in the same vlan on each switch and that vlan would need to be allowed on the L2 trunk link between the switches.

Jon

ex-engineer Sat, 06/20/2009 - 07:56

Jon:

Here is the final configuration for VRRP that the engineer says he finally got to work.

Now, this makes more sense than the really weird stuff I have been posting from him.

But something is still wrong. Notice the duplicate IP addresses on the actual vlan interfaces and the fact that the vrrp VIPs are different. Also notice the output of the 'sho vrrp br' comand on router 3.

This is all normally straightforward to me. VRRP is almost exactly like HSRP with some minor differences, but the configuration is almost identical in its execution and logic.

I do know that VRRP does allow you to configure one of the routers with the VIP address (router interface and VIP are the same)- and in the event of a failure, the standby takes over that address. Its a feature you can use, but it doesnt apply to what this engineer has configured here anyway.

7609-4#sh run

interface Vlan11

ip address 71.22.16.2 255.255.252.0

vrrp 1 ip 71.23.64.3

vrrp 2 ip 71.22.16.3

!

interface Vlan21

ip address 10.36.144.2 255.255.255.0

vrrp 3 ip 10.36.144.3

!

interface Vlan22

ip address 10.36.145.2 255.255.255.0

vrrp 4 ip 10.36.145.3

!

interface Vlan23

ip address 10.36.146.2 255.255.255.0

shutdown

vrrp 5 ip 10.36.146.3

7609-3#sh run

interface Vlan11

ip address 71.22.16.2 255.255.252.0

vrrp 1 ip 71.23.64.1

vrrp 1 priority 200

vrrp 2 ip 71.22.16.1

vrrp 2 priority 200

!

interface Vlan21

ip address 10.36.144.2 255.255.255.0

vrrp 3 ip 10.36.144.1

vrrp 3 priority 200

!

interface Vlan22

ip address 10.36.145.2 255.255.255.0

vrrp 4 ip 10.36.145.1

vrrp 4 priority 200

!

interface Vlan23

ip address 10.36.146.2 255.255.255.0

vrrp 5 ip 10.36.146.1

vrrp 5 priority 200

!

NC-CLT1-7609-3#sh vrrp brief

Interface Grp Pri Time Own Pre State Master addr Group addr

Vl11 1 200 3218 Y Init 0.0.0.0 71.23.64.1

Vl11 2 200 3218 Y Init 0.0.0.0 71.22.16.1

Vl21 3 200 3218 Y Init 0.0.0.0 10.36.144.1

Vl22 4 200 3218 Y Init 0.0.0.0 10.36.145.1

Vl23 5 200 3218 Y Init 0.0.0.0 10.36.146.1

=============================

Actions

This Discussion