cancel
Showing results for 
Search instead for 
Did you mean: 

VRRP Backup-master feature

VRRP Backup-master feature

bfaltys
Contributor II
Can anyone explain how this feature works? It is my understanding that it allows VRRP to essentially run in an active-active status. What I'm wondering is how the backup router forwards traffic. Does it somehow sniff traffic destined to the virtual IP/MAC?
1 ACCEPTED SOLUTION

bfaltys
Contributor II
From official documentation I was just given, it looks like the feature allows the backup routers to also act on traffic destined to the virtual IP/MAC. Makes sense.

"An IP router will only IP route a packet if the packet was sent to its MAC address (or any
other MAC address it has been programmed to “own”). By letting both VRRP routers
“own” the VRRP MAC address, both routers are able to perform IP routing for it in an
active/active fashion."

View solution in original post

2 REPLIES 2

bfaltys
Contributor II
From official documentation I was just given, it looks like the feature allows the backup routers to also act on traffic destined to the virtual IP/MAC. Makes sense.

"An IP router will only IP route a packet if the packet was sent to its MAC address (or any
other MAC address it has been programmed to “own”). By letting both VRRP routers
“own” the VRRP MAC address, both routers are able to perform IP routing for it in an
active/active fashion."

bar
Contributor
Hi bfaltys,

you are correct that it allows VRRP to essentially run in an active-active status.

In a simple triangle scenario (one access switch connected to 2 core switches), the 2 core switches appear to the access switch as one. 
With a multi-link trunk between the core and access.  (Say two ports at the access switch end and one each to the core switches.)

Traffic from the access layer to the core could go up either link, so in a traditional VRRP set up half of this traffic would have to be forwarded accross the link between the two core switches.  

With backup-master activated there is no need for the backup switch to 'sniff' traffic, it is already sharing the virtual IP/MAC so will forward as if it is the master.  (To keep arp / mac forwarding tables up to date it will also send newly learnt MACs to its partner.)

With Fabric links between access and core this is not so useful because only one core switch owns the backbone MAC of the virtual router.

regards,
GTM-P2G8KFN