Virtual Router Redundancy Service

Virtual Router Redundancy Service (VRRS) provides a multiclient information abstraction and management service between the Virtual Router Redundancy Protocol (VRRP), VRRS pathways and optional VRRS clients. The VRRS multiclient service provides a consistent interface with VRRP by abstracting over several First Hop Redundancy Protocols (FHRPs) and providing an idealized view of their state. VRRS manages data updates, allowing interested clients to register in one place and receive updates for named VRRP groups.

VRRP acts as a server that pushes VRRP status information out to VRRS pathways, and all registered VRRS clients. Pathways and clients obtain status on all essential information provided by VRRP, including current and previous redundancy states, active and inactive Layer 2 and Layer 3 addresses, and, in some cases, information about other redundant gateways in the network. Pathways use this information in order to provide scaled first-hop gateway redundancy across scaled interface environments. VRRS clients will also use this information to provide stateless and stateful redundancy information to clients and protocols.


Note

In this module, VRRP and VRRPv3 are used interchangeably.

Finding Feature Information

Your software release may not support all the features documented in this module. For the latest caveats and feature information, see Bug Search Tool and the release notes for your platform and software release. To find information about the features documented in this module, and to see a list of the releases in which each feature is supported, see the feature information table.

Use Cisco Feature Navigator to find information about platform support and Cisco software image support. To access Cisco Feature Navigator, go to https://cfnng.cisco.com/. An account on Cisco.com is not required.

Restrictions for VRRS

  • VRRS plug-ins must be configured on subinterfaces that are not configured with VRRP, but which share a physical interface with a VRRP group it is following.

  • VRRP Version 2 (VRRPv2) is configurable only on Gigabit Ethernet interfaces.

  • VRRS is currently only available for use with VRRP Version 3 (VRRPv3).

Information About VRRS

VRRS Overview

VRRS improves the scalability of VRRP. VRRS provides a stateless redundancy service to VRRS pathways and applications (VRRS clients) by monitoring VRRP. VRRS provides a database of the current VRRP state and provides a “push” data service to the VRRS pathways and clients with which it communicates. VRRP acts as a VRRS server. VRRS clients are other Cisco processes or applications that use VRRP to provide or withhold a service or resource dependent upon the state of the group. VRRS pathways are special VRRS clients that use the VRRS database information in order to provide scaled first–hop gateway redundancy across scaled interface environments.

The VRRS by itself is limited to maintaining its own state. Linking a VRRS client to a VRRP group provides a mechanism that allows VRRS to provide a service to client applications so that they can implement stateless or stateful failover. Stateless failover is failover without syncing of state. Stateful failover requires communication with a nominated backup before failure so that operational data is not lost when failover occurs.

VRRS pathways operate in a similar way to clients, but are integrated with the VRRS architecture. They provide a means to scale first–hop gateway redundancy by allowing the user the opportunity to configure a virtual address across hundreds of interfaces. The “virtual gateway” state of a VRRS pathway follows the state of an FHRP VRRS server.

Using VRRS with VRRP

VRRP provides server support for VRRS. The VRRP server pushes state and status information to VRRS when an internal update occurs. VRRS updates its internal database upon receiving a server update, and then sends push notifications to each of the VRRS clients associated with the shared name. Clients are interested in the protocol state, virtual MAC (vMAC) address, and virtual IP address information associated with a group. The association name between a client and a VRRP group is a character name string. The information provided by VRRS allows clients to perform various activities that are dependent on the state of the associated VRRP group.

VRRP notifies VRRS of its current state (primary, backup, or nonoperational initial state [INIT]). The VRRP state is then passed on to pathways or clients. A VRRP group should be configured with a name to activate VRRS. Pathways or clients should be configured with the same name to bind them with VRRS.

The VRRP group name associates the VRRP group with any clients that are configured as part of VRRS with the same name.

VRRS Servers and Clients

VRRP acts as the VRRS server. Pathways and clients act on the VRRP server state. When a VRRP group changes state, VRRS pathways and clients act by altering their behaviour (performing tasks such as shutting down interfaces or appending accounting logs) depending on the state received from VRRS.

VRRS Pathways and Pathway Manager

VRRS Pathways

A VRRS pathway is defined as an entity that will provide IPv4 or IPv6 traffic forwarding duties using the following features on an Ethernet interface (such as a physical interface, subinterface, or a Switch Virtual Interface [SVI]):

  • vMAC address insertion and removal into the hardware driver using MACdb.

  • Virtual IP (vIP) insertion and removal using the IPv4 and IPv6 APIs.

  • Provision to associate the vIP with the interface burned-in address (BIA) MAC.

  • Provision to associate the vMAC address with the interface–owned vIP.

  • Maintain the association of a vMAC with a vIP on a LAN using the Address Resolution Protocol (ARP) or Neighbor Discovery Protocol.

  • Maintain the switching cache (content-addressable memory or [CAM]) of connected Layer 2 devices on the LAN.

  • Checkpoints all data and the pathway state with a High Availability module.

A Pathway will provide some of the above features using its association with either the VRRS Pathway L2 Controller or the VRRS Pathway L3 Controller.

VRRS Pathway Manager

The VRRS Pathway Manager provides the following features:

  • Creates an association between one or more VRRS pathway instances and a single VRRS database name entry.

  • Pushes configuration and state information to associated registered pathways in response to a push from VRRS.

  • Provides debugging and show output to the user. The output is related to the state and configuration of the VRRS pathway manager.

  • Is Online Insertion and Removal (OIR)–aware and manages pathways that may be affected by OIR events.

  • Is Virtual Routing and Forwarding (VRF)–aware and manages pathways that may be affected by VRF events.

How to Configure VRRS

Configuring VRRPv3 Control Groups

Perform the following task to configure a VRRP control group.

SUMMARY STEPS

  1. enable
  2. configure terminal
  3. fhrp version vrrp v3
  4. interface type number
  5. ip address ip-address mask
  6. vrrp group-id address-family {ipv4 | ipv6}
  7. address ip-address [primary | secondary]
  8. vrrs leader vrrs-leader-name
  9. end

DETAILED STEPS

  Command or Action Purpose
Step 1

enable

Example:


Device> enable

Enables privileged EXEC mode.

  • Enter your password if prompted.

Step 2

configure terminal

Example:


Device# configure terminal

Enters global configuration mode.

Step 3

fhrp version vrrp v3

Example:


Device(config)# fhrp version vrrp v3

Enables the ability to configure VRRPv3 and VRRS.

Note 

When VRRPv3 is in use, VRRPv2 is unavailable.

Step 4

interface type number

Example:


Device(config)# interface vlan 40

Enters interface configuration mode.

Step 5

ip address ip-address mask

Example:


Device(config-if)# ip address 209.165.200.230 255.255.255.224

Configures the IP address on the interface.

Step 6

vrrp group-id address-family {ipv4 | ipv6}

Example:


Device(config-if)# vrrp 1 address-family ipv4

Creates a VRRP group and enters VRRP configuration mode.

Step 7

address ip-address [primary | secondary]

Example:


Device(config-if-vrrp)# address 209.165.202.141

Specifies a primary or secondary address for the VRRP group.

Step 8

vrrs leader vrrs-leader-name

Example:


Device(config-if-vrrp)# vrrs leader group1

Specifies a leader’s name to be registered with VRRS and enables a VRRP group to control a VRRS pathway.

  • It is possible for a single VRRP instance to control more than one VRRS group. A registered VRRS name is unavailable by default.

Step 9

end

Example:


Device(config-if-vrrp)# end

Returns to privileged EXEC mode.

Configuring VRRS Pathways

Perform the following task to configure a VRRP pathway.

SUMMARY STEPS

  1. enable
  2. configure terminal
  3. fhrp version vrrp v3
  4. interface type number
  5. ip address ip-address mask
  6. vrrs pathway vrrs-leader-name
  7. mac address mac-address
  8. address ip-address
  9. end

DETAILED STEPS

  Command or Action Purpose
Step 1

enable

Example:


Device> enable

Enables privileged EXEC mode.

  • Enter your password if prompted.

Step 2

configure terminal

Example:


Device# configure terminal

Enters global configuration mode.

Step 3

fhrp version vrrp v3

Example:


Device(config)# fhrp version vrrp v3

Enables the ability to configure VRRPv3 and VRRS.

Note 

When VRRPv3 is in use, VRRPv2 is unavailable.

Step 4

interface type number

Example:


Device(config)# interface vlan 42

Enters interface configuration mode.

Step 5

ip address ip-address mask

Example:


Device(config-if)# ip address 209.165.201.25 255.255.255.224

Configures the IP address on the interface.

Step 6

vrrs pathway vrrs-leader-name

Example:


Device(config-if)# vrrs pathway group1

Defines the VRRS pathway for a VRRS group and enters VRRS pathway configuration mode.

Step 7

mac address mac-address

Example:


Device(config-if-vrrs-pw)# mac address fe24.fe24.fe24

Specifies a MAC address used by a pathway.

Step 8

address ip-address

Example:


Device(config-if-vrrs-pw)# address 209.165.201.10

Defines the virtual IP for a pathway.

  • Note 

    A VRRP group is capable of controlling more than one pathway.

Step 9

end

Example:


Device(config-if-vrrs-pw)# end

Returns to privileged EXEC mode.

  • Note 

    Repeat steps 1 to 9 to configure more pathways.

Verifying VRRS

Perform this task to verify VRRS functions.


Note

The show commands are not in any specific order. The show vrrs pathway command for different pathway states (active, inactive, and “not ready”) is displayed below.

SUMMARY STEPS

  1. enable
  2. show vrrs pathway
  3. show vrrs pathway
  4. show vrrs pathway
  5. show vrrs server

DETAILED STEPS

Step 1

enable

Enables privileged EXEC mode.

Example:

Device> enable
Step 2

show vrrs pathway

Displays VRRS pathway information for an active pathway with the tag name “group1” and VRRP in primary state on the VLAN interface.

Example:


  Device# show vrrs pathway

  Pathway ["group1"@Vlan42]
  State is ACTIVE [VRRS push "ACTIVE"]
  Virtual MAC is fe24.fe24.fe24 [Active] (0)
  Address-family is v4
  Options: Default Pathway=0, Owner Mode=0, Accept-Mode=1, Configured vMAC=1
  Evaluation: No Shut=1, Connected=1, OIR=1, L2 Ready=1, L3 Ready=1, vMAC Ready=1, 
  vIP Ready=1
  Virtual Address List: 209.165.201.10
Step 3

show vrrs pathway

Displays VRRS pathway information for an inactive pathway with the tag name “group1” and VRRP in backup state on the Ethernet 0/1 interface.

Example:


  Device# show vrrs pathway

  Pathway ["group1"@Et0/1]
  State is INACTIVE [VRRS push "BACKUP"]
  Virtual MAC is 0101.0101.0101 [Reserved] (0)
  Address-family is v4
  Options: Default Pathway=0, Owner Mode=0, Accept-Mode=1, Configured vMAC=1
  Evaluation: No Shut=1, Connected=1, OIR=1, L2 Ready=1, L3 Ready=1, vMAC Ready=1, 
  vIP Ready=1
  Virtual Address List: 209.165.201.10
Step 4

show vrrs pathway

Displays VRRS pathway information for a “not ready” pathway with the tag name “group1” and VRRP in backup state on the Ethernet 0/1 interface.

Example:


  Device# show vrrs pathway

  Pathway ["group1"@Et0/1]
  State is NOT READY [VRRS push "INIT"]
  Virtual MAC is 0101.0101.0101 [Reserved] (0)
  Address-family is v4
  Options: Default Pathway=0, Owner Mode=0, Accept-Mode=1, Configured vMAC=1
  Evaluation: No Shut=1, Connected=1, OIR=1, L2 Ready=1, L3 Ready=1, vMAC Ready=1, 
  vIP Ready=1
  Virtual Address List: 209.165.201.10
Step 5

show vrrs server

Displays VRRS server information.

Example:


  Device# show vrrs pathway

  Pathway ["group1"@Et0/1]
  State is INACTIVE [VRRS push "BACKUP"]
  Virtual MAC is 0101.0101.0101 [Reserved] (0)
  Address-family is v4
  Options: Default Pathway=0, Owner Mode=0, Accept-Mode=1, Configured vMAC=1
  Evaluation: No Shut=1, Connected=1, OIR=1, L2 Ready=1, L3 Ready=1, vMAC Ready=1, 
  vIP Ready=1
  Virtual Address List: 209.165.201.10
The table below describes significant fields in the sample output:

Field

Description

State

Current state of VRRS on an interface. The values displayed are “ACTIVE”, “INACTIVE”, “NOT READY”, or “BACKUP”.

Virtual MAC

Virtual MAC address that is reserved for an interface.

Address-family

IPv4 or IPv6 address family.

Default Pathway

Indicates that the pathway has been implicitly created from a VRRP group, if the value is 1. If the value is 0, it indicates that the pathway has been explicitly created using the vrrs pathway command.

Owner Mode

Indicates that the interface IP address is specified if the value is 1.

Accept-Mode

Indicates that traffic to a particular virtual IP address is accepted if the value is 1.

Configured vMAC

Indicates that a virtual MAC address is configured if the value is 1.

No Shut

Indicates that the interface has been set to no shutdown mode if the value is 1.

Connected

Indicates that the VRRS pathway is connected to a VRRS group, if the value is 1.

OIR

Indicates online insertion and removal (OIR) of interface line cards on a device is complete if the value is 1.

L2 Ready

Indicates that the Layer 2 interface is up if the value is 1.

L3 Ready

Indicates that the Layer 3 interface is up if the value is 1.

vMAC Ready

Indicates that the virtual MAC address has been assigned to an interface if the value is 1.

vIP Ready

Indicates that the virtual IP address has been assigned to an interface if the value is 1.

Virtual Address List

Address list of the virtual IPv4 or IPv6 addresses.

Interface

Name of the interface where the pathway is defined.

vMAC

Virtual MAC address that is assigned to an interface.

vIP Address

Virtual IP address that is assigned to an interface.

Tags Connected

The specific tag name that is currently connected to a pathway on an interface.

Configuration Examples for VRRS

Example: Configuring VRRPv3 Control Groups

The following example shows how to configure a VRRPv3 control group: 

Device> enable
Device# configure terminal
Device(config)# fhrp version vrrp v3
Device(config)# interface vlan 40
Device(config-if)# ip address 209.165.200.230 255.255.255.224
Device(config-if)# vrrp 1 address-family ipv4
Device(config-if-vrrp)# address 209.165.202.141
Device(config-if-vrrp)# vrrs leader group1
Device(config-if-vrrp)# end

Note

In the above example, the fhrp version vrrp v3 command is used in global configuration mode.

Example: Configuring VRRS pathways

The following example shows how to configure a VRRS pathway: 

Device> enable
Device# configure terminal
Device(config)# fhrp version vrrp v3
Device(config)# interface vlan 42
Device(config-if)# ip address 209.165.201.25 255.255.255.224
Device(config-if)# vrrs pathway group1
Device(config-if-vrrs-pw)# mac address fe24.fe24.fe24
Device(config-if-vrrs-pw)# address 209.165.201.10
Device(config-if-vrrs-pw)# end

Note

In the above example, the fhrp version vrrp v3 command is used in global configuration mode.

Additional References

Related Documents

Related Topic

Document Title

Cisco IOS commands

Master Command List, All Releases

FHRP commands

First Hop Redundancy Protocols Command Reference

Configuring VRRPv2

“Configuring VRRP” module in the First Hop Redundancy Protocols Configuration Guide

VRRPv3 Protocol Support

“VRRPv3 Protocol Support” module in the First Hop Redundancy Protocols Configuration Guide

Standards and RFCs

Standard/RFC

Title

RFC5798

Virtual Router Redundancy Protocol

Technical Assistance

Description

Link

The Cisco Support and Documentation website provides online resources to download documentation, software, and tools. Use these resources to install and configure the software and to troubleshoot and resolve technical issues with Cisco products and technologies. Access to most tools on the Cisco Support and Documentation website requires a Cisco.com user ID and password.

http://www.cisco.com/cisco/web/support/index.html

Feature Information for Virtual Router Redundancy Service

The following table provides release information about the feature or features described in this module. This table lists only the software release that introduced support for a given feature in a given software release train. Unless noted otherwise, subsequent releases of that software release train also support that feature.

Use Cisco Feature Navigator to find information about platform support and Cisco software image support. To access Cisco Feature Navigator, go to www.cisco.com/go/cfn. An account on Cisco.com is not required.