[Docs] [txt|pdf] [Tracker] [Email] [Nits]

Versions: 00

INTERNET-DRAFT                                                 S. Knight
March 25, 1997                               Ascend Communications, Inc.
                                                               D. Weaver
                                             Ascend Communications, Inc.
                                                              D. Whipple
                                                         Microsoft, Inc.
                                                               R. Hinden
                                                  Ipsilon Networks, Inc.





                   Virtual Router Redundancy Protocol

                       <draft-hinden-vrrp-00.txt>



Status of this Memo

   This document is an Internet-Draft.  Internet-Drafts are working
   documents of the Internet Engineering Task Force (IETF), its areas,
   and its working groups.  Note that other groups may also distribute
   working documents as Internet-Drafts.

   Internet-Drafts are draft documents valid for a maximum of six months
   and may be updated, replaced, or obsoleted by other documents at any
   time.  It is inappropriate to use Internet- Drafts as reference
   material or to cite them other than as ``work in progress.''

   To learn the current status of any Internet-Draft, please check the
   ``1id-abstracts.txt'' listing contained in the Internet- Drafts
   Shadow Directories on ds.internic.net (US East Coast), nic.nordu.net
   (Europe), ftp.isi.edu (US West Coast), or munnari.oz.au (Pacific
   Rim).

   This draft originally published March 1997.  It expires in October
   1997.

Abstract

   The memo documents the Virtual Router Redundancy Protocol.  This is a
   protocol which allows several routers to utilize the same virtual IP
   address.  One router will be elected as a master, with X routers
   acting as backups in case of failure of the master router.  The
   primary advantage to utilizing this protocol, is that host systems
   may be configured with a single default gateway, rather than running



draft-hinden-vrrp-01.txt                                        [Page 1]


INTERNET-DRAFT     Virtual Router Redundancy Protocol        25 March 97


   an active routing protocol.  Each interface on each router within a
   VRRP cluster, will be configured with a real IP address, and the
   virtual IP address for the particular cluster.  Overall, this
   protocol adds to the options for providing fault redundancy for
   router networks.

TABLE OF CONTENTS

      1  Introduction                                               3
      2  Scope                                                      3
         2.1   Terminology                                          4
      3  Definitions                                                4
      4  Sample Configurations                                      5
         4.1   Sample Configuration 1                               5
         4.2   Sample Configuration 2                               6
      5  Protocol                                                   6
         5.1   VRRP Packet Format                                   7
         5.2   IP Field Descriptions                                7
         5.3   VRRP Field Descriptions                              8
      6  Protocol State Machine                                    10
         6.1 Parameters                                            10
         6.2 Timers                                                10
         6.3  State Transition Diagram                             10
         6.4  State Descriptions                                   10
         6.5  State Table                                          10
      7  Sending and Receiving VRRP Packets                        14
         7.1  Receiving VRRP Packets                               14
         7.2 Transmitting Packets                                  14
         7.3 Virtual MAC Address                                   14
      8  Client Interaction                                        15
         8.1   Client ARP Requests                                 15
      9  References                                                15
      10 Security Considerations                                   15
      11 Authors' Addresses                                        15
      12 Acknowledgments                                           16
















draft-hinden-vrrp-01.txt                                        [Page 2]


INTERNET-DRAFT     Virtual Router Redundancy Protocol        25 March 97


1  Introduction

   The reason for the development of VRRP is to create a standard
   protocol, with multi-vendor support to resolve the problem of router
   failure.  Specifically, when a single router is utilized as a default
   gateway, and all hosts are statically configured to this default
   gateway, a failure is catastrophic.  VRRP resolves this problem by
   creating virtual clusters, where each cluster is configured with a
   set of member routers.  Each member router is either a master router
   for the cluster or a backup router for the cluster, but not both
   simultaneously. In addition, there MUST only be a single master
   router per cluster, at any given time. All member routers are
   configured to be part of a cluster, with a given virtual IP address.
   This virtual IP address is utilized as the default gateway on all of
   the host systems.  Given a failure on the current master router, the
   next appropriate backup router will become the master router for the
   given cluster.

   Of course this problem could be solved by running a standard routing
   protocol such as OSPF, RIP, or RIPv2 on the hosts.  However, this is
   not always feasible due to either security issues, when hosts are
   multihomed, or in some cases implementations of these routing
   protocols simply do not exist.

2  Scope

   This memo describes the Master Router Redundancy Protocol.

   This protocol is intended for IPv4 only, with extensions for IPv6 to
   be added at a later time.

   Within the scope of this memo are:

      1.  Packet format and header contents.

      2.  State Diagrams and Descriptions

      3.  Network Design Samples

   Outside of the scope are

      1.  Network management

      2.  Host internal optimizations







draft-hinden-vrrp-01.txt                                        [Page 3]


INTERNET-DRAFT     Virtual Router Redundancy Protocol        25 March 97


2.1  Terminology

   The following language conventions are used in the items of
   specification in this document:

      "Must," "Shall," or "Mandatory"--the item is an absolute
      requirement of the specification.

      "Should" or "Recommended"--the item should generally be followed
      for all but exceptional circumstances.

      "May" or "Optional"--the item is truly optional and may be
      followed or ignored according to the needs of the implementor.

3  Definitions

   Cluster

      Used to describe a set of routers who all have membership to the
      set of routers S, where S contains all routers configured with
      the same virtual IP address.

   Master Router

      Used to describe the currently active router, for a particular
      cluster, with a particular virtual IP address.  Their can only be
      one master router in a particular cluster.

   Backup Router

      Used to describe a router which is configured to act as a backup
      for a particular cluster.  There can be several backup routers in
      a single cluster.


















draft-hinden-vrrp-01.txt                                        [Page 4]


INTERNET-DRAFT     Virtual Router Redundancy Protocol        25 March 97


4  Sample Configurations

4.1  Sample Configuration 1

   The following figure shows a simple VRRP network.

                       +--------------------------+
                       |        Cluster X         |
                       |                          |
                       |   +-----+      +-----+   |
                       |   | MRX |      | BRX |   |
                       |   +-----+      +-----+   |
         Real IP 1 ---------->*            *<---------- Real IP 2
                       |      |      *     |      |
                       +-------------^------------+
                              |      |     |
           -------------------+------|-----+-----+-------------+------
                                     |           ^             ^
                 Virtual IP --(VIPX)-+         (VIPX)        (VIPX)
                                                 |             |
                                              +--+--+       +--+--+
                                              |  H1 |       |  H2 |
                                              +-----+       +-----+

   The above configuration shows the most likely utilization of the VRRP
   protocol. In this configuration, the hosts simply point their default
   routes at the virtual IP address X (VIPX), and the routers run VRRP
   between themselves.  The router on the left is the default master
   router (MRX), and the router on the right is the backup router (BRX).

      Legend:  ---+---+---+--  =  802 network, Ethernet or FDDI
                            H  =  Host computer
                           MR  =  Master Router
                           BR  =  Backup Router
                            *  =  IP Address
                          VIP  =  default gateway for hosts (Virtual IP)















draft-hinden-vrrp-01.txt                                        [Page 5]


INTERNET-DRAFT     Virtual Router Redundancy Protocol        25 March 97


4.2  Sample Configuration 2

   The following figure shows a more interesting VRRP network.

                  +--------------------------+
                  | Cluster X and Cluster Y  |
                  |                          |
                  |   +-----+      +-----+   |
                  |   | MRX |      | BRX |   |
                  |   |  &  |      |  &  |   |
                  |   | BRY |      | MRY |   |
                  |   +-----+      +-----+   |
    Real IP 1 ---------->*            *<---------- Real IP 2
                  |      |  *      *  |      |
                  +---------^------^---------+
                         |  |      |  |
       ------------------+--|------|--+-----+--------+--------+--------+--
                            |      |        ^        ^        ^        ^
        Virtual IP --(VIPX)-+      |      (VIPX)   (VIPY)   (VIPX)   (VIPY)
                                   |        |        |        |        |
        Virtual IP --(VIPY)--------+     +--+--+  +--+--+  +--+--+  +--+--+
                                         |  H1 |  |  H2 |  |  H3 |  |  H4 |
                                         +-----+  +-----+  +--+--+  +--+--+

   In the above configuration, half of the hosts point their default
   gateway at cluster X's virtual IP address (VIPX), and half the hosts
   point their default gateway at cluster Y's virtual IP address (VIPY).
   This has the effect of load balancing the outgoing traffic, while
   also providing full redundancy.

      Legend:  ---+---+---+--  =  802 network, Ethernet or FDDI
                            H  =  Host computer
                           MR  =  Master Router
                           BR  =  Backup Router
                            *  =  IP Address
                          VIP  =  default gateway for hosts (Virtual IP)

5  Protocol

   The purpose of the VRRP packet is to communicate to all other VRRP
   routers both the priority and the state of the master's associated
   interface.

   VRRP packets are sent encapsulated in IP packets.  They are sent to
   an IPv4 multicast address assigned for VRRP.






draft-hinden-vrrp-01.txt                                        [Page 6]


INTERNET-DRAFT     Virtual Router Redundancy Protocol        25 March 97


5.1  VRRP Packet Format

   This section defines the format of the VRRP packet and the relevant
   fields in the IP header.

       0                   1                   2                   3
       0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
    0 |    Version    | VRRP Cluster  |   Priority    |     Type      |
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
    1 |   Auth Type   |    (zero)     |          Checksum             |
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
    2 |                      Virtual IP address                       |
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
    3 |                      Authentication Data                      |
      +---------------------------------------------------------------+
    4 |                                                               |
      +---------------------------------------------------------------+


5.2  IP Field Descriptions

5.2.1  Source Address

   The IP address of the interface that the packet is being sent from.

5.2.2  Destination Address

   The IP multicast address assigned to VRRP by the IANA.  It is defined
   to be:

       224.0.0.(TBD)

   Routers should not forward a datagram with this destination addresses
   regardless of its TTL.

5.2.3  TTL

   The TTL should be set to 255.  A node receiving a VRRP packet with
   the TTL not equal to 255 MUST discard the packet.

5.2.4  Protocol

   The protocol field should be set to (TBD) which has been assigned by
   the IANA to VRRP.






draft-hinden-vrrp-01.txt                                        [Page 7]


INTERNET-DRAFT     Virtual Router Redundancy Protocol        25 March 97


5.3 VRRP Field Descriptions

5.3.1  Version

   The version field specifies the version of this VRRP protocol packet.
   The initial version described in this paper is version 1.

5.3.2  VRRP Cluster

   The VRRP Cluster field specifies the cluster for which this interface
   is in the reported state, with the reported priority.  Note:  The
   interface may be in more than one VRRP cluster simultaneously,
   perhaps serving as master in one cluster, while simultaneously
   serving as backup in other clusters.

5.3.3  Priority

   The priority field specifies the currently configured VRRP priority
   value for this interface and cluster.  Higher values equal higher
   priority.  This field is an 8 bit unsigned field, giving 1 as the
   minimum priority, and 255 as the maximum priority.  The default
   priority is 100.

   Priority value of zero (0) has a special meaning.  It means that the
   current master had decided to stop running VRRP.  This is used to
   cause other backup routers to quickly become master with out having
   to timeout the current master.

   In the event that two or more routers within a cluster have equal
   priority, and that priority is the highest priority in the cluster,
   the router with the higher real interface IP address (interpreted as
   a 32 bit unsigned integer) will become master.

5.3.4  Type

   The type field specifies the type of this VRRP packet.  The only
   packet type defined in this version of the protocol is:

       1 (00000001): ADVERTISEMENT

   All other values are currently unknown, and if a packet is received
   with a value not listed, it should be discarded.

5.3.5  Authentication Type

   The authentication type field identifies the authentication method
   being utilized.  The current supported authentications are listed
   below:



draft-hinden-vrrp-01.txt                                        [Page 8]


INTERNET-DRAFT     Virtual Router Redundancy Protocol        25 March 97


      0 - No authentication
      1 - Simple text authentication
      2 - IP Security Option Authentication

   For simple text authentication any VRRP packet with an authentication
   string that does not match its configured authentication string
   should be discarded.

   The authentication type field is an 8 bit number and must be one of
   the above listed values.

5.3.5.1 IP Security Option Authentication

   When authentication is performed by using the IP Authentication
   Header as specified in [1], the Authentication type should be set to
   "2".  If packet is received with the Authentication type set to "2"
   indicating IP security option authentication and no authentication
   header is present in the packet, the packet should be discarded.

5.3.6 Checksum

   The checksum field is used to detect data corruption in the VRRP
   message.

   The checksum is the 16-bit one's complement of the one's complement
   sum of the entire VRRP message starting with the version field.  For
   computing the checksum, the checksum field is set to zero.


5.3.7  Virtual IP address

   The virtual IP address field specifies the Virtual IP (VIP) address
   associated with the particular cluster. This field is particularly
   useful for troubleshooting misconfigured routers.

   The VIP should be an IP address assigned from the subnet that the
   interface is attached.

5.3.8  Authentication Data

   The authentication string is currently utilized for simple text
   authentication, similar to the simple text authentication found in
   OSPF.  It is up to 8 characters of plain text.  If the configured
   authentication string is shorter than 8 bytes, the remaining space
   MUST be zero-filled. Any VRRP packet with an authentication string
   that does not match its configured authentication string should be
   discarded. The authentication string is unique on a per cluster
   basis.



draft-hinden-vrrp-01.txt                                        [Page 9]


INTERNET-DRAFT     Virtual Router Redundancy Protocol        25 March 97


6  Protocol State Machine

6.1 Parameters


    Cluster_ID              Cluster identifier.  Configured item.

    Priority                Priority value for this cluster.  Configured
                            item.  Default is 100.

    Virtual_IP              Virtual IP Address for this cluster.
                            Configured item.

    Advertisement_Interval  Time interval for Master to Send
                            ADVERTISEMENTS.  Default is 1 second.

    Master_Down_Interval    Time interval for Backup to declare Master
                            down.  Defined to be (3 *
                            Advertisement_Interval) + ( (256 - Priority)
                            / 256 ) seconds.

6.2 Timers

    Master_Down_Timer       Timer which fires when Master has not been
                            heard for Master_Down_Interval.

    Adver_Timer             Timer which fires when time to send next
                            ADVERTISEMENT based on
                            Advertisement_Interval.



6.3  State Transition Diagram

                          +---------------+
                          |               |<-------------+
               +--------->|  Initialize   |              |
               |          |               |----------+   |
               |          +---------------+          |   |
               |                                     |   |
               |                                     V   |
       +---------------+                       +---------------+
       |               |---------------------->|               |
       |    Master     |                       |    Backup     |
       |               |<----------------------|               |
       +---------------+                       +---------------+





draft-hinden-vrrp-01.txt                                       [Page 10]


INTERNET-DRAFT     Virtual Router Redundancy Protocol        25 March 97


6.4  State Descriptions

   In the below state descriptions, the state names will be identified
   as follows {state-name}, and the packets will be identified by
   utilizing all upper case characters.

6.4.1   Initialize

   {Initialize} is the initial state an interface takes after when VRRP
   is enabled or disabled.  The basic function of the state is to wait
   for a startup event.  When that is received it:

      - Set the Master_Down_Timer to Master_Down_Interval

      - Set state to {Backup} state.

6.4.2   Backup

   The main purpose of {Backup} state is for an interface to wait for
   the current master to stop sending ADVERTISEMENT packets.

   While in this state, an interface should do the following:

      - Should not respond to ARP request for the interface VIP router
        address

      - Should discard packets with destination link layer MAC address
        equal to virtual router MAC.

      - Should discard packets addressed to the interface VIP address.

      - If Master_Down_Timer fires, Send ADVERTISEMENT, set Adver_Timer
        to Advertisement_Interval, and set state to {Master} state

      - If ADVERTISEMENT received,

            If Priority of the received ADVERTISEMENT is Zero, then
            cancel Master_Down_Timer, set Adver_Timer, and set state to
            {Master}.

            If Priority of the received ADVERTISEMENT is higher than
            this interfaces Priority, then reset Master_Down_Timer.

            If Priority of the received ADVERTISEMENT is lower than this
            interfaces Priority, then discard ADVERTISEMENT.






draft-hinden-vrrp-01.txt                                       [Page 11]


INTERNET-DRAFT     Virtual Router Redundancy Protocol        25 March 97


6.4.3   Master

   In {Master} state an interface is functioning as the actual physical
   router for the virtual router IP and MAC address.

   While in this state, an interface should do the following:

   - Accept and forward traffic for the virtual router MAC address.

   - Respond to ARP requests for the VIP address with the virtual router
     MAC address.

   - Respond to packets addressed to the VIP address.

   - If Adver_Timer fires, send a ADVERTISEMENT and reset Adver_Timer.

   - If ADVERTISEMENT received,

         If Priority of the received ADVERTISEMENT is higher than this
         interfaces Priority, then cancel Adver_Timer, Set
         Master_Down_Timer, and set state to {Backup}.

         If Priority of the received ADVERTISEMENT is lower than this
         interfaces Priority, then send ADVERTISEMENT.



























draft-hinden-vrrp-01.txt                                       [Page 12]


INTERNET-DRAFT     Virtual Router Redundancy Protocol        25 March 97


6.5  State Table

   +---------------+---------------+---------------+---------------+
   |Current State->| {Initialize}  |   {Backup}    |   {Master}    |
   |               |               |               |               |
   |    Event      |               |               |               |
   |      |        |               |               |               |
   |      V        |               |               |               |
   +---------------+---------------+---------------+---------------+
   |               | Set Master_   |               |               |
   | Startup       |  Down_Timer   |               |               |
   |               | State =       |               |               |
   |               |  Backup       |               |               |
   +---------------+---------------+---------------+---------------+
   |               |               | Cancel Master_| Cancel Adver_ |
   | Shutdown      | Ignore        |  Down_Timer   |  Timer        |
   |               | Event         | State =       | Send ADVER w/ |
   |               |               |  Initialize   |  Priority=0   |
   |               |               |               | State = Init. |
   +---------------+---------------+---------------+---------------+
   |               | Cancel        | Send          | Cancel        |
   | Master_Down_  | Master_Down_  |  ADVERTISEMENT| Master_Down_  |
   | Timer fires   | Timer         | Set Adver_    | Timer         |
   |               |               |  Timer        |               |
   |               |               | State = Master|               |
   +---------------+---------------+---------------+---------------+
   | Adver_Timer   | Cancel        | Cancel        | Send ADVER.   |
   | fires         | Adver_Timer   | Adver_Timer   | Reset Adver_  |
   |               |               |               |  Timer        |
   +---------------+---------------+---------------+---------------+
   | Receive VRRP  |               | Cancel Master_| Send ADVER.   |
   | ADVERTISEMENT | Discard       |  Down_Timer   | Reset Adver_  |
   | with Priority | Packet        | Send ADVER.   |  Timer        |
   | equal Zero    |               | Set Adver_    |               |
   |               |               |  Timer        |               |
   |               |               | State = Master|               |
   +---------------+---------------+---------------+---------------+
   | Receive VRRP  |               |               | Cancel Adver_ |
   | ADVERTISEMENT | Discard       | Reset         |  Timer        |
   | with Higher   | Packet        | Master_Down_  | Set Master__  |
   | Priority      |               | Timer         |  Down_Timer   |
   |               |               |               | State = Backup|
   +---------------+---------------+---------------+---------------+
   | Receive VRRP  |               |               | Send          |
   | ADVERTISEMENT | Discard       | Discard       |  ADVERTISEMENT|
   | with Lower    | Packet        | Packet        | Reset Adver_  |
   | Priority      |               |               |  Timer        |




draft-hinden-vrrp-01.txt                                       [Page 13]


INTERNET-DRAFT     Virtual Router Redundancy Protocol        25 March 97


   +---------------+---------------+---------------+---------------+
   | Receive ARP   |               |               |  Send ARP     |
   | Request for   | Discard       | Discard       |  Reply w/     |
   | VIP address   | Packet        | Packet        |  VMAC         |
   +---------------+---------------+---------------+---------------+
   | Receive IP    |               |               |  Process as   |
   | packet w/     | Discard       | Discard       |  Normal IP    |
   | Destination   | Packet        | Packet        |  Packet sent  |
   | = VIP         |               |               |  to Router    |
   +---------------+---------------+---------------+---------------+
   | Receive IP    |               |               |  Process and  |
   | packet w/     | Discard       | Discard       |  Forward as   |
   | Dest. MAC     | Packet        | Packet        |  Normal IP    |
   | = VMAC        |               |               |  Packet       |
   +---------------+---------------+---------------+---------------+
   | Unknown VRRP  | Discard       | Discard       |  Discard      |
   | packet        | Packet        | Packet        |  Packet       |
   +---------------+---------------+---------------+---------------+


7  Sending and Receiving VRRP Packets


7.1  Receiving VRRP Packets
   The following rules must be performed when a VRRP packet is received:

     - Verify TTL = 255.
     - Check if received packet length is greater or equal to VRRP
       header length.
     - Verify checksum in packet
     - Verify version
     - If IP Source address equals interface IP address, discard packet.
     - Check if Cluster identifier valid on received interface
     - Perform indicated authentication
     - Check if VIP in packet is same as configured VIP for this
       cluster.

7.2 Transmitting Packets

   The following operations must be performed prior to transmitting a
   VRRP packet.

     - Fill in packet fields with appropriate interface and cluster
       information
     - Compute Checksum
     - Send to IP VRRP Multicast Group





draft-hinden-vrrp-01.txt                                       [Page 14]


INTERNET-DRAFT     Virtual Router Redundancy Protocol        25 March 97


7.3 Virtual MAC Address

   The virtual MAC address associated with the virtual IP address is a
   IEEE 802 MAC Address of the following format:

   02-00-5E-00-00-{cluster id} (in hex in internet standard bit-order)

   The initial 02: of the address sets the local flag (the 02: bit), and
   clears the Multicast flag (the 01: bit) in the IEEE MAC address.  The
   remainder of the first three bytes is the IANA's OUI.  {cluster id}
   is the VRRP cluster identifier.  This mapping allows for up to 255
   VRRP clusters per interface.

8  Client Interaction

8.1  Client ARP Requests

   When a client sends a ARP request for the virtual IP address, the
   appropriate master router should respond to the ARP request with the
   above reserved MAC address for the appropriate cluster.  This allows
   the client to always use the same MAC address regardless of the
   current master router.  The request should be handled as a standard
   ARP reply.


9  References

   [1]  Atkinson, R., "IP Authentication Header", RFC 1826, Naval
        Research Laboratory, August 1995.


10 Security Considerations

   The protocol design supports no authentication, simple text
   authentication, and integrity/authentication/integrity using the IP
   Security options.

11 Author's Addresses

   Steven Knight
   Ascend Communications
   High Performance Network Division
   10250 Valley View Road, Suite 113
   Eden Prairie, MN USA 55344
   Phone: (612) 943-8990
   EMail: Steven.Knight@ascend.com

   Douglas Weaver



draft-hinden-vrrp-01.txt                                       [Page 15]


INTERNET-DRAFT     Virtual Router Redundancy Protocol        25 March 97


   Ascend Communications
   High Performance Network Division
   10250 Valley View Road, Suite 113
   Eden Prairie, MN USA 55344
   Phone: (612) 943-8990
   EMail: Doug.Weaver@ascend.com

   David Whipple
   Microsoft Corporation
   One Microsoft Way
   Redmond, WA USA 98052-6399
   Phone: (206) 703-3876
   EMail: dwhipple@microsoft.com

   Robert M. Hinden
   Ipsilon Networks, Inc.
   232 Java Drive
   Sunnyvale, CA 94089
   Phone: 1 408 990-2004
   EMail: hinden@ipsilon.com


12 Acknowledgments

   The authors would like to thank Glen Zorn (Microsoft), and Michael
   Lane (Microsoft), Clark Bremer (Ascend), Hal Peterson (Ascend), Danny
   Mitzel (Ipsilon), and Peter Hunt (Ipsilon).
























draft-hinden-vrrp-01.txt                                       [Page 16]


Html markup produced by rfcmarkup 1.129b, available from https://tools.ietf.org/tools/rfcmarkup/