Vrrp features, Multiple virtual ip addresses per vr, Multiple vrs per router – Enterasys Networks Security Router X-PeditionTM User Manual

IP Routing Protocols

5-30 Configuring IP

•

Broadcasts an ARP message with the VR’s MAC address to all the IP addresses associated
with the VR’s IP address,

•

Starts the advertisement timer,

•

And transitions to the master state.

•

If an advertisement is received that has a higher priority, or a higher IP address (if the priority
is the same), then the VRRP router discards the advertisement and remains as the master VR.

In the master state, a VRRP router performs as follows:

•

Responds to ARP requests or accepts packets for the IP address(es) associated with the VR,

•

Does not accept packets address to the IP address associated with the VR if it is not the owner
of the IP address,

•

Forwards packets destined for the VR’s MAC address.

If a shutdown event is received, the VRRP router advertises a 0 priority.

If an advertisement with a greater priority or higher IP address (if the priority is the same) is
received by the virtual master, it experiences the following:

•

Transitions to a backup state

•

Cancels the advertisement timer

If an advertisement is received with the priority lower than local priority, or with a lower IP
address if the priority is the same, then the VRRP router discards the advertisement.

VRRP Features

Multiple Virtual IP Addresses per VR

The XSR permits specifying multiple virtual IP addresses on the VR (up to 11) to support multiple
logical IP subnets on a LAN segment. Functionality is set by the

vrrp <group>

ip

command.

The primary physical IP address in that interface will be selected as a VRRP primary IP address,
which is used for the VRRP advertisement. The advertisement timer is set using the

vrrp <group>

adver-int

command.

If one of the virtual IP addresses of a VR is the real physical address of the interface, then all other
virtual IP addresses of that VR must also be the real physical addresses of that interface.
Obversely, if any of the virtual IP addresses is not the real physical address of that interface, then
all of the virtual IP address of that VR cannot be the real physical address of that interface.

Multiple VRs Per Router

The XSR supports multiples VRs per router as follows:

•

A maximum of four VRs are supported per router.

•

The scope of a VR is limited to a single LAN segment.

•

The VR ID can be reused in a different scope.

Authentication

The XSR supports one type of authentication - simple password authentication - which is meant to
avoid careless misconfiguration, not provide security. It is invoked with the

vrrp <group>

authentication

command. Authentication is set per VR.