VRRP with GNS3

Looking for practising VRRP with Packet tracer is impossible and I have tried with GNS3 as follow to understand more about VRRP.

Download completed lab file https://docs.google.com/viewer?a=v&pid=explorer&chrome=true&srcid=0B889ogd4ltI2YTcxODhkMzktNWRmYS00M2JlLTg2ZjQtYmVmODExNjI2MzRh&hl=en_US

If you want to know more about VRRP for CCNP switching exam, follow the post. Here is lab diagram.

R1 will be master and R2 will act as backup VRRP. MD5 authenication setup using key-string "test" and R1 will track preconfigured loopback lo0 with priority 200. When loopback lo0 down, it will decrease the value to 101 and configured value will be 99 left. Then, R2 will be acting as Master.

R3 will be working as PC and trying to achieve the testing by ping R4's loopback IP (4.4.4.4).

R1, R2 , R4 will be configure as 172.16.1.0/24, 172.16.2.0/24 networks and configure EIGRP for routing. Configure routing for all network including loopback using "network 0.0.0.0"

Configure R1 and R2 as follow.

In R1,

 vrrp 1 ip 192.168.1.10

 vrrp 1 priority 200

 vrrp 1 authentication md5 key-string test

 vrrp 1 track 1 decrement 101

In R2,

 vrrp 1 ip 192.168.1.10

 vrrp 1 authentication md5 key-string test

-----------------------------------------

In  R3, configure as PC follow;

interface FastEthernet0/0

ip address 192.168.1.3 255.255.255.0

In global config mode,  add two extra line for default gateway to VRRP IP and turn off ip routing as follow.

no ip routing

ip default-gateway 192.168.1.10

----------------------------------------

After all configured, check in R1's configuration using "sh vrrp" command and confirmed that R1 is Master.

Important note is that in VRRP, "preemption" is already enabled. So, the coup process is already enabled and no manually configuration is needed like in HSRP and GLBP.

R1#sh vrrp

FastEthernet0/0 - Group 1

  State is Master

  Virtual IP address is 192.168.1.10

  Virtual MAC address is 0000.5e00.0101

  Advertisement interval is 1.000 sec

  Preemption enabled

  Priority is 200

    Track object 1 state Up decrement 101

  Authentication MD5, key-string "test"

  Master Router is 192.168.1.1 (local), priority is 200

  Master Advertisement interval is 1.000 sec

  Master Down interval is 3.218 sec

-----------------

In R2,

R2#sh vrrp

FastEthernet0/0 - Group 1

  State is Backup

  Virtual IP address is 192.168.1.10

  Virtual MAC address is 0000.5e00.0101

  Advertisement interval is 1.000 sec

  Preemption enabled

  Priority is 100

  Authentication MD5, key-string "test"

  Master Router is 192.168.1.1, priority is 200

  Master Advertisement interval is 1.000 sec

  Master Down interval is 3.609 sec (expires in 2.657 sec)

-----------------------

Let's check in R1's log using "debug vrrp packets". Checking logs are important as you need to interpret the status of VRRP in exam. As you see that, Master VRRP is doing only advertising. 

R1#

*Mar  1 01:12:09.079: VRRP: Grp 1 sending Advertisement checksum C4E2

*Mar  1 01:12:10.075: VRRP: Grp 1 sending Advertisement checksum C4E2

R1#

*Mar  1 01:12:10.887: VRRP: Grp 1 sending Advertisement checksum C4E2

*Mar  1 01:12:11.739: VRRP: Grp 1 sending Advertisement checksum C4E2

Let's check in R2's log. R2 's backup VRRP and it's getting advertisement from R1's with priority 200

R2#

*Mar  1 01:17:09.039: VRRP: Grp 1 Advertisement priority 200, ipaddr 192.168.1.1

*Mar  1 01:17:09.039: VRRP: Grp 1 Event - Advert higher or equal priority

*Mar  1 01:17:09.987: VRRP: Grp 1 Advertisement priority 200, ipaddr 192.168.1.1

*Mar  1 01:17:09.987: VRRP: Grp 1 Event - Advert higher or equal priority

-----------------------

OK, now let's do traceroute from PC (R3) to R4's loopback 4.4.4.4. Route will use R1 to reach to 4.4.4.4

PC#traceroute 4.4.4.4

Type escape sequence to abort.

Tracing the route to 4.4.4.4

  1 192.168.1.1 132 msec 60 msec 16 msec

  2 172.16.1.4 88 msec *  140 msec

Check which MAC address is using for 192.168.1.10 in PC. It's using 0000.5e00.0101.

PC#sh arp

Protocol  Address          Age (min)  Hardware Addr   Type   Interface

Internet  192.168.1.2            51   c201.0ff0.0000  ARPA   FastEthernet0/0

Internet  192.168.1.3             -   c202.0ff0.0000  ARPA   FastEthernet0/0

Internet  192.168.1.10            4   0000.5e00.0101  ARPA   FastEthernet0/0

----------------

Clear arp cache in PC and let's change the status of R1's loopback to lower down the priority of R1 to 99.

Before to do that, it's need to create track object in R1. Interface tracking in VRRP is different with HSRP and GLBP. In GLBP and HSRP, you have to configure in interface mode.

Actually, there is no direct interface tracking system in VRRP to allow more capable routers as master role.

In global config mode, configure as follow in R1.

track 1 interface Loopback0 line-protocol

Make sure to include "track 1" in vrrp config in Interface fa0/1 as follow.

vrrp 1 track 1 decrement 101

--------------------------------

Ok, let's shutdown loopback 0 from R1.

R1(config-if)#

*Mar  1 01:25:10.631: %TRACKING-5-STATE: 1 interface Lo0 line-protocol Up->Down

---------------------

R1(config-if)#

*Mar  1 01:25:14.079: %VRRP-6-STATECHANGE: Fa0/0 Grp 1 state Master -> Backup

------------------------------

In R2, you will notice the following console message appear that it's change to Master VRRP

R2#

*Mar  1 01:25:10.055: %VRRP-6-STATECHANGE: Fa0/0 Grp 1 state Backup -> Master

--------------------------------

Let's check traceroute again from PC to 4.4.4.4. As you seen in below, this time, PC is using R2 as next hop to reach R4.

PC#traceroute 4.4.4.4

Type escape sequence to abort.

Tracing the route to 4.4.4.4

  1 192.168.1.2 64 msec 36 msec 12 msec

  2 172.16.2.4 36 msec *  116 msec

-------------------------------------

Interesting , checking MAC address of 192.168.1.10 in PC is the same as before as VRRP is using the same IP with same MAC address (0000.5e00.0101) for master and backup where ((0000.5e00.01) is for VRRP's address and (01) is for VRRP group number.

PC#sh arp

Protocol  Address          Age (min)  Hardware Addr   Type   Interface

Internet  192.168.1.2             1   c201.0ff0.0000  ARPA   FastEthernet0/0

Internet  192.168.1.3             -   c202.0ff0.0000  ARPA   FastEthernet0/0

Internet  192.168.1.10            1   0000.5e00.0101  ARPA   FastEthernet0/0