VRRP Configuration Example

For setup, refer to Figure VRRP - Topology 2.

Hosts are used to verify the data that they are forwarded byiS5Com. Port 1 of Switch 1, Port 1 of Switch 2, and the Host 1 are connected through a hub. Similarly, Port 2 of Switch 1, Port 2 of Switch 2 and Host 2 are connected through another hub. In this topology, Switch 1 and Switch 2 act as a virtual router in vlan1 and vlan2.

Let the virtual IP be 12.0.0.3 for vlan1 and 20.0.0.3 for vlan2. Configure the priority of both instances in Switch 1 as 150 and that in Switch 2 as 125. Initially, Switch 1 will forward the data traffic between Host 1 and Host 2. If the Switch 1 fails to operate for some reasons, then the Switch 2 will start forwarding the packets.

  1. Execute the following commands in Switch 1 to configure vlan1 and vlan2 and assign the member ports and IP address.

    Type the following:

    • Enter the Global Configuration Mode.
    iS5comm# configure terminal
    • Disable spanning tree and GVRP (GARP VLAN Registration Protocol or Generic VLAN Registration Protocol) if they are running in the switch. Execute the following commands.
    iS5comm(config)# no spanning-tree
    iS5comm(config)# set gvrp disable
    iS5comm(config)# vlan 2
    iS5comm(config-vlan)# ports gigabitethernet 0/1 untagged gigabitethernet 0/1
    iS5comm(config-vlan)# exit
    iS5comm(config)# interface gigabitethernet 0/1
    iS5comm(config-if)# switchport pvid 1
    iS5comm(config-if)# exit
    iS5comm(config)# interface vlan 2
    iS5comm(config-if)# shutdown
    iS5comm(config-if)# ip address 12.0.0.1 255.0.0.0
    iS5comm(config-if)# no shutdown
    iS5comm(config-if)# exit
    iS5comm(config)# vlan 3
    iS5comm(config-vlan)# ports gigabitethernet 0/2 untagged gigabitethernet 0/2
    iS5comm(config-vlan)# exit
    iS5comm(config)# interface gigabitethernet 0/2
    iS5comm(config-if)# switchport pvid 2
    iS5comm(config-if)# no shutdown
    iS5comm(config-if)# exit
    iS5comm(config)# interface vlan 3
    iS5comm(config-if)# shutdown
    iS5comm(config-if)# ip address 20.0.0.1 255.0.0.0
    iS5comm(config-if)# no shutdown
    • Enter the VRRP Interface Configuration Mode.
    iS5comm(config-vrrp-if)# end
  2. View the authentication key configured in Switch 1 by using the following command.

    Type the following:

    iS5comm# show ip interface
    vlan2 is up, line protocol is up
    Internet Address is 12.0.0.1/8
    Broadcast Address  12.255.255.255
    Vlan counters disabled
    

    vlan3 is up, line protocol is up
    

    Internet Address is 20.0.0.1/8
    

    Broadcast Address  20.255.255.255
    

    Vlan counters disabled
    

    iS5comm# show vlan brief
    Vlan database
    

    -------------
    

    Vlan ID             : 2
    

    Member Ports        : Gi0/1
    

    Untagged Ports      : Gi0/1
    

    Forbidden Ports     : None
    

    Name                :
    

    Status              : Permanent
    

    Egress Ethertype    : 0x8100
    

    ----------------------------------------------------
    

    Vlan ID             : 3
    

    Member Ports        : Gi0/2
    

    Untagged Ports      : Gi0/2
    

    Forbidden Ports     : None
    

    Name                :
    

    Status              : Permanent
    

    Egress Ethertype    : 0x8100
    

    ----------------------------------------------------
    

    3. 

  3. Execute the following commands in Switch 2 to configure
vlan1 and vlan2 and assign the member ports and IP address.

    Type the following:
    

    • Enter the Global Configuration
Mode.
      • 

    

    iS5comm# configure terminal
      

    • Disable spanning tree and GVRP if
they are running in the switch. Execute the following commands.
      • 

    

    iS5comm(config)#no spanning-tree
    iS5comm(config)# set gvrp disable
    iS5comm(config)# vlan 2
    iS5comm(config-vlan)# ports gigabitethernet 0/1 untagged gigabitethernet 0/1
    iS5comm(config-vlan)# exit
    iS5comm(config)# interface gigabitethernet 0/1
    iS5comm(config-if)# switchport pvid 1
    iS5comm(config-if)# exit
    iS5comm(config)# interface vlan 2
    iS5comm(config-if)# shutdown
    iS5comm(config-if)# ip address 12.0.0.2 255.0.0.0
    iS5comm(config-if)# no shutdown
    iS5comm(config-if)# exitiS5comm(config)# vlan 3
    iS5comm(config-vlan)# ports gigabitethernet 0/2 untagged gigabitethernet 0/2
    iS5comm(config-vlan)# exit
    iS5comm(config)# interface gigabitethernet 0/2
    iS5comm(config-if)# switchport pvid 2
    iS5comm(config-if)# no shutdown
    iS5comm(config-if)# exit
    iS5comm(config)# interface vlan 3
    iS5comm(config-if)# shutdown
    iS5comm(config-if)# ip address 20.0.0.2 255.0.0.0
    iS5comm(config-if)# no shutdown
      

    • Enter the VRRP Interface Configuration Mode.
      • 

    

    iS5comm(config-vrrp-if)# end
    4. 

  4. View the authentication key configured in Switch 1 by
using the following command.

    Type the following:
    

    iS5comm# show ip interface
    Vlan database
    

    -------------
    

    vlan2 is up, line protocol is up
    

    Internet Address is 12.0.0.2/8
    

    Broadcast Address  12.255.255.255
    

    Vlan counters disabled
    

    

    vlan3 is up, line protocol is up
    

    Internet Address is 20.0.0.2/8
    

    Broadcast Address  20.255.255.255
    

    Vlan counters disabled
    

    

    iS5comm# show vlan brief
    Vlan ID             : 2
    

    Member Ports        : Gi0/1
    

    Untagged Ports      : Gi0/1
    

    Forbidden Ports     : None
    

    Name                :
    

    Status              : Permanent
    

    Egress Ethertype    : 0x8100
    

    ----------------------------------------------------
    

    Vlan ID             : 3
    

    Member Ports        : Gi0/2
    

    Untagged Ports      : Gi0/2
    

    Forbidden Ports     : None
    

    Name                :
    

    Status              : Permanent
    

    Egress Ethertype    : 0x8100
    

    ----------------------------------------------------
    

    5. 

  5. Execute the following command in Switch 1 to verify the
connectivity between Switch 1 and Switch 2.

    Type the following:
    

    iS5comm# ping 12.0.0.2
    Reply Received From :20.0.0.2, Time Taken : 50 msecs
    

    Reply Received From :20.0.0.2, Time Taken : 40 msecs
    

    Reply Received From :20.0.0.2, Time Taken : 40 msecs
    

    iS5comm# ping 20.0.0.2
    Reply Received From :20.0.0.2, Time Taken : 50 msecs
    

    Reply Received From :20.0.0.2, Time Taken : 30 msecs
    

    Reply Received From :20.0.0.2, Time Taken : 30 msecs
    

    6. 

  6. Enable VRRP instances
(groups) over VLAN2 and VLAN3 in Switch 1. Configure IP address
as 12.0.0.3 and 20.0.0.3 and priority as 150.

    Type the following:
    

    • Enter the Global Configuration
Mode.
      • 

    

    iS5comm# configure terminal
      

    • Enable VRRP and enter the VRRP Configuration Mode.
      • 

    

    iS5comm(config)# router vrrp
      

    • Select an interface to configure VRRP and
enter the VRRP Interface Configuration
Mode.
      • 

    

    iS5comm(config-vrrp)# interface vlan 2
      

    • Create a VRRP instance (group)
and specify a primary IP address. This IP address should be same
IP address of interface. This is used as source IP Address for VRRP advertisement packets.
      • 

    

    iS5comm(config-vrrp-if)# vrrp 1 ipv4 12.0.0.3
      

    • Configure priority as 150.
      • 

    

    iS5comm(config-vrrp-if)# vrrp 1 priority 150
      

    • Exit the VRRP Interface Configuration
Mode.
      • 

    

    iS5comm(config-vrrp-if)# exit
      

    • Select an interface to configure VRRP and
enter the VRRP Interface Configuration
Mode.
      • 

    

    iS5comm(config-vrrp)# interface vlan 3
      

    • Create a VRRP instance (group)
and specify a primary IP address. This IP address should be same
IP address of interface. This is used as source IP Address for VRRP advertisement packets.
      • 

    

    iS5comm(config-vrrp-if)# vrrp 2 ipv4 20.0.0.3
      

    • Configure priority as 150.
      • 

    

    iS5comm(config-vrrp-if)# vrrp 2 priority 150
      

    • Exit Global Configuration Mode.
      • 

    

    iS5comm(config-vrrp-if)# end
    7. 

  7. Enable VRRP instances
(groups) over VLAN2 and VLAN3 in Switch 2. Configure IP address
as 12.0.0.3 and 20.0.0.3.

    Type the following:
    

    • Enter the Global Configuration
Mode.
      • 

    

    iS5comm# configure terminal
      

    • Enable VRRP and enter the VRRP Configuration Mode.
      • 

    

    iS5comm(config)# router vrrp
      

    • Select an interface to configure VRRP and
enter the VRRP Interface Configuration
Mode.
      • 

    

    iS5comm(config-vrrp)# interface vlan 2
      

    • Create a VRRP instance (group)
and specify a primary IP address. This IP address should be same
IP address of interface. This is used as source IP Address for VRRP advertisement packets.
      • 

    

    iS5comm(config-vrrp-if)# vrrp 1 ipv4 12.0.0.3
      

    • Configure priority as 150.
      • 

    

    iS5comm(config-vrrp-if)# vrrp 1 priority 25
      

    • Exit the VRRP Interface Configuration
Mode.
      • 

    

    iS5comm(config-vrrp-if)# exit
      

    • Select an interface to configure VRRP and
enter the VRRP Interface Configuration
Mode.
      • 

    

    iS5comm(config-vrrp)# interface vlan 3
      

    • Create a VRRP instance (group)
and specify a primary IP address. This IP address should be same
IP address of interface. This is used as source IP Address for VRRP advertisement packets.
      • 

    

    iS5comm(config-vrrp-if)# vrrp 2 ipv4 20.0.0.3
      

    • Configure priority as 25.
      • 

    

    iS5comm(config-vrrp-if)# vrrp 2 priority 25
      

    • Exit Global Configuration Mode.
      • 

    

    iS5comm(config-vrrp-if)# end
    Note: 
    The
configuration for switch 2 is the same as for Switch 2 with the
exception of the priority value. The Priority value for Switch 2
in this configuration example is 125.
    

    

    8. 

  8. Verify the VRRP configurations
in Switch 1.

    Type the following:
    

    iS5comm# show vrrp
    

    P indicates configured to preempt
    

    Interface vrID Priority P  State   Master Address      VRouter Address
    

    --------- ---- ----     -  -----   --------------      -------------
    

    vlan1     1    150      P  Master  12.0.0.1            12.0.0.3
    

    vlan2     2    150      P  Master  20.0.0.1            20.0.0.3
    

    9. 

  9. Verify the VRRP configurations
in Switch 2.

    Type the following:
    

    iS5comm# show vrrp
    

    P indicates configured to preempt
    

    Interface vrID Priority  P   State    Master Address     VRouter Address
    

    --------- ---- ----      -   -----    --------------     -------------
    

    vlan1     1    25        P   Backup   12.0.0.1           12.0.0.3
    

    vlan2     2    25        P   Backup   20.0.0.1           20.0.0.3
    

    10. 

  10. In Host 1, perform the following:

    -
    To access Internet Protocol Version 4 (TCP/IPv4))
Properties screen, go to Control Panel > Network and Internet > Network Connections
    

    

    Figure 1. Network Connections

    

    


    

    Double-click Ethernet icon.
The Ethernet Status screen appears.
    

    

    Figure 2. Ethernet Status

    

    


    

    Double-click Properties icon.
The Ethernet Properties screen appears. Click to highlight Internet Protocol
Version 4 (TCP/IPv4)and double-click Properties.Internet
Protocol Version 4 (TCP/IPv4)) Properties screen appears.
    
Enter
12.0.0.100 as Host 1 IP address and click OK.
    

    Figure 3. Internet Protocol Version 4 (TCP/IPv4)) Properties

    

    


    

    • Add a route to Host 2’s network
through 12.0.0.3.
      • 

    

    C:\Users>route ADD 20.0.0.0 MASK 255.0.0.0 12.0.0.3 METRIC 1 
    where:          destination^    ^mask          ^gateway metric^
    

    11. 

  11. In Host 1, go to Command Prompt and verify the configuration
using the following commands.

    enter the following commands
    

    • To show IP address
configuration, execute the following command.
      • 

    

    C:\Users\ipconfig
    

    Windows IP Configuration
    

    Ethernet adapter Ethernet:
    

    Connection-specific DNS Suffix  . :
    

    Link-local IPv6 Address . . . . . : 00:10:B5:66:A7:28
    

    IPv4 Address. . . . . . . . . . . : 20.0.0.100
    

    Bcast. . . . . . . . . . . :20.255.255.255 
    

    Subnet Mask . . . . . . . . . . . : 255.255.255.0
    

    Default Gateway . . . . . . . . . :
    

    To
show the routing table, execute the following command.
    

    C:\Users>route
print -4
    

    IPv4 Route Table
    

    ========================================================================
    

    Active Routes:
    

    Network   Destination    Netmask     Gateway Interface  Metric
    

    12.0.0.0  0.0.0.0        255.0.0.0   eth0 0
    

    20.0.0.0  12.0.0.3       255.0.0.0   eth 0
    

    12. 

  12. In Host 2, perform the following:

    -
    To access Internet Protocol Version 4 (TCP/IPv4))
Properties screens, go to Control Panel > Network and Internet > Network Connections
    

    Figure 4. Network Connections

    

    


    

    Double-click Ethernet icon.
The Ethernet Status screen appears.
    

    Figure 5. Ethernet
Status
    

    


    

    Double-click Properties icon.
The Ethernet Properties screen appears. Click to highlight Internet Protocol
Version 4 (TCP/IPv4) and double-click Properties.Internet
Protocol Version 4 (TCP/IPv4)) Properties screen appears.
    
Enter
20.0.0.100 as Host 2 IP address and click OK.
    

    Figure 6. Internet Protocol Version 4 (TCP/IPv4)) Properties

    

    


    • Add a route to Host 1’s network through 20.0.0.3.
      • 

    

    C:\Users>route ADD 12.0.0.0 MASK 255.0.0.0 20.0.0.3 METRIC 1 
    where:          destination^    ^mask          ^gateway metric^
    

    13. 

  13. In Host 2, go to Command Prompt and verify the configuration
using the following commands.

    enter the following commands
    

    • To show IP address
configuration, execute the following command.
      • 

    

    To show
IP address configuration, execute the following command.
    

    C:\Users\ipconfig
    Windows IP Configuration
    

    Ethernet adapter Ethernet:
    

    Connection-specific DNS Suffix  . :
    

    Link-local IPv6 Address . . . . . : 00:10:B5:66:A7:28
    

    IPv4 Address. . . . . . . . . . . : 20.0.0.100
    

    Bcast. . . . . . . . . . . :20.255.255.255 
    

    Subnet Mask . . . . . . . . . . . : 255.255.255.0
    

    Default Gateway . . . . . . . . . :
    

    UP BROADCAST RUNNING MULTICAST 
    

    MTU:1500 
    

    Metric:1
    

    RX packets:35 errors:0 dropped:0 overruns:0 frame:0
    

    TX packets:80 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:100
    

    RX bytes:2974 (2.9 Kb)  TX bytes:6092 (5.9 Kb)
    

    Interrupt:15 Base address:0xbd00
    

    

    To
show the routing table, execute the following command.
    

    C:\Users>route print -4
    IPv4 Route Table
    

    ========================================================================
    

    Active Routes:
    

    Network    Destination  Netmask    Gateway Interface  Metric
    

    20.0.0.0   0.0.0.0      255.0.0.0  eth0 0
    

    12.0.0.0   20.0.0.3     255.0.0.0  eth 0
    

    14. 

  14. In Host 1, go to Command Prompt and send 25 ping packets
to Host 2.

    enter the following commands
    

    • To ping Host
2, execute the following command.
      • 

    

    C:\Users\ping 20.0.0.100 /n 25
    Pinging 20.0.0.100 with 32 bytes of data:
    

    Reply from 20.0.0.100 bytes=32 time=5ms TTL=64
    

    Reply from 20.0.0.100 bytes=32 time=2ms TTL=64
    

    Reply from 20.0.0.100 bytes=32 time=2ms TTL=64
    

    15. 

  15. During the ping session, shutdown vlan1 and vlan2 in
Switch 1.

    enter the following commands
    

    iS5comm# configure terminal
    iS5comm(config)# interface vlan 2
    iS5comm(config-if)# shutdown
    iS5comm(config-if )#exit
    iS5comm(config)# interface vlan 3
    iS5comm(config-if)# shutdown
    iS5comm(config-if)# end
    16. 

  16. Observe if the ping is still successful after a small
black hole period (some connectivity loss between the hosts). Note
that by the shutdown of the LANs,
we can see a packet drop or significant difference in ping time.
The drop or significant difference in ping time is because of changing VRRP Master from Switch1 to Switch2.

    • See below for the evidence of packet drop.
      • 

    

    Reply from 20.0.0.100: bytes=32 time=3ms TTL=64
    

    Reply from 20.0.0.100: bytes=32 time=2ms TTL=64
    

    Reply from 20.0.0.100: bytes=32 time=2ms TTL=64
    

    Reply from 20.0.0.100: bytes=32 time=2ms TTL=64
    

    Reply from 20.0.0.100: bytes=32 time=2ms TTL=64
    

    Reply from 20.0.0.100: bytes=32 time=3ms TTL=64
    

    Reply from 20.0.0.100: bytes=32 time=3ms TTL=64
    

    Reply from 20.0.0.100: bytes=32 time=3ms TTL=64
    

    Reply from 20.0.0.100: bytes=32 time=3ms TTL=64
    

    Reply from 20.0.0.100: bytes=32 time=3ms TTL=64
    

    Reply from 20.0.0.100: bytes=32 time=2ms TTL=64
    

    Reply from 20.0.0.100: bytes=32 time=2ms TTL=64
    

    Reply from 20.0.0.100: bytes=32 time=3ms TTL=64
    

    Reply from 20.0.0.100: bytes=32 time=3ms TTL=64
    

    Reply from 20.0.0.100: bytes=32 time=2ms TTL=64
    

    Reply from 20.0.0.100: bytes=32 time=18ms TTL=64
    

    Reply from 20.0.0.100: bytes=32 time=3ms TTL=64
    

    Reply from 20.0.0.100: bytes=32 time=3ms TTL=64
    

    Reply from 20.0.0.100: bytes=32 time=1ms TTL=64
    

    Reply from 20.0.0.100: bytes=32 time=2ms TTL=64
    

    Reply from 20.0.0.100: bytes=32 time=2ms TTL=64
    

    Reply from 20.0.0.1001: bytes=32 time=4ms TTL=64
    

    

    Ping statistics for 20.0.0.100:
    

     Packets: Sent = 25, Received = 18, Lost = 7 (28% loss),
    

    Approximate round trip times in milli-seconds:
    

     Minimum = 1ms, Maximum = 18msms, Average = 2ms
    

      

    • See below for the evidence of significant difference in ping
time.
      • 

    

    Reply from 20.0.0.100: bytes=32 time=5ms TTL=64
    

    Reply from 20.0.0.100: bytes=32 time=6ms TTL=64
    

    Reply from 20.0.0.100: bytes=32 time=86ms TTL=64
    

    Reply from 20.0.0.100: bytes=32 time=6ms TTL=64
    

    

    Ping statistics for 20.0.0.100:
    

     Packets: Sent = 25, Received = 25, Lost = 0 (0% loss),
    

    Approximate round trip times in milli-seconds:
    

     Minimum = 1ms, Maximum = 86msms, Average = 2ms
    

    17. 

  17. Verify that the ARP table
in Host 1 for 12.0.0.3 is resolved with a VRRP MAC address. This is performed to
verify that the Host 1 has learned a new MAC address
for the gateway.

    enter the following commands
    

    • Enter to display
the current ARP cache tables for all interfaces.
      • 

    

    C:\Users\arp /a
    Internet Address      Physical Address      Type
    

    12.0.0.3              00:00:5E:00:01:01     Dynamic
    

    

    18. 

  18. Verify that the ARP table
in Host 2 for 20.0.0.3 is resolved with a VRRP MAC address. This is performed to
verify that the Host 2 has learned a new MAC address
for the gateway.

    enter the following commands
    

    • Enter to display
the current ARP cache tables for all interfaces.
      • 

    

    C:\Users\arp /a
    Internet Address      Physical Address      Type
    

    12.0.0.3              00:00:5E:00:01:01     Dynamic
    

    19. 









Parent topic: VRRP Configuration