Unicast VRRP
Context
Common VRRP is multicast VRRP and only allows VRRP Advertisement packets to be multicast. Multicast VRRP Advertisement packets, however, can be forwarded within only one broadcast domain (for example, one VLAN or VSI). Therefore, common VRRP groups apply only to Layer 2 networks. However, in some special networking scenarios, network devices need to be deployed on a Layer 3 network and work in master/backup mode. The limitation of common VRRP means that it does not apply to devices on a Layer 3 network that need to negotiate their master/backup status using VRRP.
To address this issue, Huawei develops unicast VRRP based on VRRPv2, which allows VRRP Advertisement packets to pass through a Layer 3 network. After a unicast VRRP group is configured on two devices on a Layer 3 network, the master device in this group sends unicast VRRP Advertisement packets to the backup device through the Layer 3 network, implementing master/backup status negotiation between the two devices.
Implementation
The implementation of unicast VRRP is similar to that of common VRRP.
- Security authentication: MD5 and HMAC-SHA256 authentication can be configured for unicast VRRP groups. To improve network security, configuring HMAC-SHA256 authentication is recommended.
- Delayed preemption: prevents the master/backup status of devices in a unicast VRRP group from changing frequently, thereby ensuring network stability.
- Association with an uplink interface or BFD. When the master device or the master link fails, a master/backup unicast VRRP switchover is triggered to ensure network reliability.
- Association with an interface monitoring group: When the link failure rate on the access or network side reaches a specified threshold, the unicast VRRP group performs a master/backup switchover to ensure network reliability.
As an extension to association between VRRP and a VRRP-disabled interface, association between a unicast VRRP group and an interface monitoring group reduces configuration workload and implements uplink and downlink monitoring.
Application Scenarios
Unicast VRRP applies when two devices on a Layer 3 network need to use VRRP to negotiate their master/backup status.
Unlike common VRRP, unicast VRRP does not provide redundancy protection for gateways that uses virtual IP addresses and does not periodically send gratuitous ARP packets.
Benefits
Unicast VRRP allows two devices on a Layer 3 network to use VRRP to negotiate their master/backup status. Unicast VRRP can be associated with a VRRP-disabled interface or BFD, if the master device in a unicast VRRP group fails, the backup device rapidly detects the fault and becomes the new master device.