VRRP - First Hop Redundancy Protocol

VRRP enables hosts on a LAN to make use of redundant routing platforms on that LAN without requiring more than the static configuration of a single default route on the hosts

The VRRP routing platforms share the IP address corresponding to the default route configured on the hosts. At any time, one of the VRRP routing platforms is the master (active) and the others are backups

 

Implementation

A virtual router must use 00-00-5E-00-01-XX as its Media Access Control (MAC) address. The last byte of the address (XX) is the Virtual Router IDentifier (VRID), which is different for each virtual router in the network. This address is used by only one physical router at a time, and it will reply with this MAC address when an ARP request is sent for the virtual router's IP address.

Physical routers within the virtual router must communicate within themselves using packets with multicast IP address 224.0.0.18 and IP protocol number 112.

Routers have a priority of between 1-255 and the router with the highest priority will become the master. The default priority is 100, for address owner the priority is always 255.

Lab

Below is given a simple lab that anyone can try at home with GNS3 to effectively understand the working of VRRP. 

The configurations and outputs after configs on the Routers are as below:

Configs and Outputs when VIP is set to nonphysical interface IP

Configs When VIP is owner IP

One more thing to remember is that VRRP uses Gratious ARP packets to advertise itself as master initially inorder to populate the host arp entries. 

Also GARP packets are used by backup when it transitions from Backup to master. 

The packet format is as below. 

Also to understand Better , have a look at the packet captures from the lab. 

VRRP Control Packet

VRRP Data Packet 

BGP Notification Message

NOTIFICATION messages are sent when there is a fatal error condition. If a NOTIFICATION message is sent, the BGP peer session is torn down and reset.

Below is Notification message packet capture

Details of the Error codes are documented in the table below.

BGP Update Message

UPDATE messages are used to exchange routes between peers.

Below is a packet capture showing Update Message

BGP KEEPALIVE messages

BGP Keepalive Packet Capture

KEEPALIVE messages are sent periodically (every 60 seconds by default) to ensure that the remote peer is still available. If a router does not receive a KEEPALIVE from a peer for a Hold-time period (by default, 180 seconds), the router declares that peer dead.

BGP Open Message

BGP Open Message Packet Capture

BGP forms its peer relationships through a series of messages. First, an

OPEN message is sent between peers to initiate the session. The OPEN

message contains several parameters:

• BGP Version – must be the same between BGP peers

• Local AS Number

• BGP Router ID

What is Implicit-Null and Explicit-Null label

Implicit-Null vs. Explicit-Null label

The purpose of null label assignment on Egress PE is to avoid unnecessary MPLS encapsulation on the P LSR connected to the Egress PE, and also to avoid unnecessary MPLS decapsulation on the Egress PE.

Both implicit and explicit null labels are generated by last hop router to its neighbors.

Implicit null is by default which means penultimate router should only send IP packet thus it pops the label (popping the label known as PHP and this is done to reduce the load on last hop router). The one disadvantage in implicit null approach is if the network is configured for QoS based on MPLS EXP bits, then QoS is lost between penultimate router and last hop router.

In this case, we can make use of Explicit null which means penultimate hop router does not pop the label. It sends with label value of 0 but with other fileds including EXP bits intact. This way QoS treatment is preserved between penultimate router and last hop router. Explicit null should be configured manually in last hop router.

Configure "mpls ldp explicit-null" in the last hop router. Options of specifying to which FEC explicit null are generated and to which LDP neighbors it is advertised can be controlled with keywords "for" and "to".

PE7 (config)#mpls ldp explicit-null ?

  for  Access-list specifying controls on destination prefixes

  to   Access-list specifying controls on LDP peers

Why MPLS backbone uses ISIS or OSPF as an IGP protocol?

Service Provider backbones run Traffic Engineering for its benefits of redundancy, congestion avoidance etc in the core network.

You need a link state protocol if you want to run MPLS TE

MPLS TE requires an IGP capable of sending all the topology information to all routers in the area in which TE has been enabled. Only link state protocols can do this. MPLS TE uses the capabilities of IGP (LSA in case of OSPF and TLVs in case of ISIS).