What is VRRP (Virtual Router Redundancy Protocol)?

Several protocols are required to keep the gears turning on any LAN (Local Area Network), such as OSPF, DHCP, and TCP. However, an often overlooked but equally important protocol is VRRP or Virtual Router Redundancy Protocol. While VRRP will certainly show up on the Network+ Exam, it’s also vital to understand VRRP for troubleshooting, maintaining, and establishing a network.

What is VRRP? 

Virtual Router Redundancy Protocol is a networking protocol that provides high availability and fault tolerance for routers on a LAN. It gives multiple routers the ability to work together as a virtual router, sharing a common IP address and ensuring that if one router fails, another can seamlessly take over, minimizing disruptions in network connectivity.

To understand VRRP, think of the following scenario. A basic LAN will have a computer connected to a switch, which is connected to a router, and the router connects to the internet. This basic LAN works great unless the router goes down.

No router. No internet!

This is the problem VRRP seeks to solve. VRRP allows multiple LANs to operate redundantly, so if one goes down, another can seamlessly take its place.

If we retool this scenario, imagine we have three routers instead of just having one. According to VRRP, one router is labeled “primary,” and the rest are labeled “backup.” Now, if the primary goes down, it will simply switch to a backup router, thus increasing network resilience.

So far so good, right? Well, not so fast. If you have three routers serving as gateways to the internet, each one must have a unique IP address. However, nodes can only add ONE IP address as its gateway. VRRP fixes this issue by creating a virtual router from the nest of physical routers available. Now, that virtual IP address can be the gateway instead of the IP address of the physical router. 

How Does VRRP Work?

Now that we understand what VRRP is, let’s delve into the nuts and bolts of how it works. The gist of VRRP is to provide a single IP address to a group of routers to increase redundancy and provide virtualization. This is accomplished in five steps:

1. Router Choice

A group of routers are configured and prioritized. The router with the highest priority number is the primary router, while the rest are the backup routers. The router choice is entirely automated based on predefined criteria.

2. Virtual Router Identifier (VRID)

Each group of routers is assigned a VRID. The VRID is used by routers to identify other routers in the same cluster. Think of it like how an area code can identify people living in the same region as you.

3. Virtual IP Address

The virtual IP address is the actual IP address used to identify the cluster of routers. This will be the IP address entered into the node to identify the router as a gateway.

4. Hello Messaging

Communication between the routers is a critical component to ensure VRRP works as intended. Periodically, the routers send “hello” messages to each other to ensure they function properly. Specifically, they are multicasts sent to the IP address 224.0.0.18. If a backup router does not receive “hello” messages from the primary router, then the next prioritized backup router takes its place. 

5. Preemption

Optionally, the original primary router can take over again once it is up in order. Otherwise, the backup router will continue performing the primary router’s duty. 

How to Configure VRRP?

The precise steps used to configure VRRP varies from router to router. For instance, a Cisco router will have a slightly different configuration process than Meraki or Aruba. Let’s go over a high-level overview of how VRRP is configured on a router.

Global Configuration

Connect to your router. The directions on how to do this are in your router’s instruction manual. Once you have access to the router, enter the following command:

configure
router vrrp

Define the VRRP Group

Next, determine which routers need to be in the virtually redundant group. Assign this group a VRID. Additionally, assign the Virtual IP address. This can be done with the following command:

vrrp vrid virtual-router-id virtual-ip virtual-address

Enable VRRP

Lastly, enable VRRP on the given interfaces. 

__interface __type interface-path-id

Example:

RP/0/RP0/CPU0:router(config-vrrp)# interface TenGigE 0/2/0/1

VRRP will need to be enabled for each router on the cluster.

As always, referring to your specific hardware manual for instructions is best. For example, configuring VRRP on a Cisco router can be found here. 

What are the Best Practices for VRRP Implementation?

Several measures can be taken to ensure the VRRP is set up safely and effectively. Let’s review a few tips that will make your VRRP deployment experience smoother.

Unique VRID

Verify that each VRID is unique to avoid collisions or latency. The VRID range is from 1 to 255.

Consistent Configuration

If you have multiple VRRP groups, make sure the configurations between them are all consistent. This will reduce complexity and increase the VRRP's effectiveness. 

Methodical Priority Assignment

Assign priorities carefully. The router with the highest priority becomes the primary router. Adjust priorities based on the desired failover behavior. Be aware that if all routers have the same priority, the router with the highest IP address becomes the primary.

Final Thoughts

VRRP plays a crucial role in safeguarding the resilience and redundancy of a LAN. Its significance is underscored by its inclusion in questions on the Network+ Exam, making its configuration a mandatory skill for LAN administrators.

This is the key takeaway: VRRP is a protocol that bundles routers into one virtual router. This increases redundancy and allows for a seamless failover in case the primary router fails. Configuring VRRP is similar across proprietary routers, but make sure to check the instruction manual before applying VRRP changes to a LAN.

Get ready for the Network+ Exam with CBT Nuggets courses.