virtual router is restricted to a single LAN.   To minimize network traffic, only the Master for each virtual router   sends periodic VRRP Advertisement messages.  A Backup router will not   attempt to pre-empt the Master unless it has higher priority.  This   eliminates service disruption unless a more preferred path becomes   available.  It's also possible to administratively prohibit all pre-   emption attempts.  The only exception is that a VRRP router will   always become Master of any virtual router associated with addresses   it owns.  If the Master becomes unavailable then the highest priority   Backup will transition to Master after a short delay, providing a   controlled transition of the virtual router responsibility with   minimal service interruption.   VRRP defines three types of authentication providing simple   deployment in insecure environments, added protection against   misconfiguration, and strong sender authentication in security   conscious environments.  Analysis of the protection provided and   vulnerability of each mechanism is deferred to Section 10.0 Security   Considerations.  In addition new authentication types and data can be   defined in the future without affecting the format of the fixed   portion of the protocol packet, thus preserving backward compatible   operation.   The VRRP protocol design provides rapid transition from Backup to   Master to minimize service interruption, and incorporates   optimizations that reduce protocol complexity while guaranteeing   controlled Master transition for typical operational scenarios.  Thedraft-ietf-vrrp-spec-v2-05.txt                                  [Page 7]INTERNET-DRAFT     Virtual Router Redundancy Protocol    January 5, 2000   optimizations result in an election protocol with minimal runtime   state requirements, minimal active protocol states, and a single   message type and sender.  The typical operational scenarios are   defined to be two redundant routers and/or distinct path preferences   among each router.  A side effect when these assumptions are violated   (i.e., more than two redundant paths all with equal preference) is   that duplicate packets may be forwarded for a brief period during   Master election.  However, the typical scenario assumptions are   likely to cover the vast majority of deployments, loss of the Master   router is infrequent, and the expected duration in Master election   convergence is quite small ( << 1 second ).  Thus the VRRP   optimizations represent significant simplifications in the protocol   design while incurring an insignificant probability of brief network   degradation.4.  Sample Configurations4.1  Sample Configuration 1   The following figure shows a simple network with two VRRP routers   implementing one virtual router.  Note that this example is provided   to help understand the protocol, but is not expected to occur in   actual practice.             +-----------+      +-----------+             |   Rtr1    |      |   Rtr2    |             |(MR VRID=1)|      |(BR VRID=1)|             |           |      |           |     VRID=1  +-----------+      +-----------+     IP A ---------->*            *<--------- IP B                     |            |                     |            |   ------------------+------------+-----+--------+--------+--------+--                                        ^        ^        ^        ^                                        |        |        |        |                                      (IP A)   (IP A)   (IP A)   (IP A)                                        |        |        |        |                                     +--+--+  +--+--+  +--+--+  +--+--+                                     |  H1 |  |  H2 |  |  H3 |  |  H4 |                                     +-----+  +-----+  +--+--+  +--+--+      Legend:               ---+---+---+--  =  Ethernet, Token Ring, or FDDI                            H  =  Host computer                           MR  =  Master Router                           BR  =  Backup Router                            *  =  IP Address                         (IP)  =  default router for hostsdraft-ietf-vrrp-spec-v2-05.txt                                  [Page 8]INTERNET-DRAFT     Virtual Router Redundancy Protocol    January 5, 2000   Eliminating all mention of VRRP (VRID=1) from the figure above leaves   it as a typical IP deployment.  Each router is permanently assigned   an IP address on the LAN interface (Rtr1 is assigned IP A and Rtr2 is   assigned IP B), and each host installs a static default route through   one of the routers (in this example they all use Rtr1's IP A).   Moving to the VRRP environment, each router has the exact same   permanently assigned IP address.  Rtr1 is said to be the IP address   owner of IP A, and Rtr2 is the IP address owner of IP B.  A virtual   router is then defined by associating a unique identifier (the   virtual router ID) with the address owned by a router.  Finally, the   VRRP protocol manages virtual router failover to a backup router.   The example above shows a virtual router configured to cover the IP   address owned by Rtr1 (VRID=1,IP_Address=A).  When VRRP is enabled on   Rtr1 for VRID=1 it will assert itself as Master, with priority=255,   since it is the IP address owner for the virtual router IP address.   When VRRP is enabled on Rtr2 for VRID=1 it will transition to Backup,   with priority=100, since it is not the IP address owner.  If Rtr1   should fail then the VRRP protocol will transition Rtr2 to Master,   temporarily taking over forwarding responsibility for IP A to provide   uninterrupted service to the hosts.   Note that in this example IP B is not backed up, it is only used by   Rtr2 as its interface address.  In order to backup IP B, a second   virtual router must be configured.  This is shown in the next   section.draft-ietf-vrrp-spec-v2-05.txt                                  [Page 9]INTERNET-DRAFT     Virtual Router Redundancy Protocol    January 5, 20004.2  Sample Configuration 2   The following figure shows a configuration with two virtual routers   with the hosts spitting their traffic between them.  This example is   expected to be very common in actual practice.             +-----------+      +-----------+             |   Rtr1    |      |   Rtr2    |             |(MR VRID=1)|      |(BR VRID=1)|             |(BR VRID=2)|      |(MR VRID=2)|     VRID=1  +-----------+      +-----------+  VRID=2     IP A ---------->*            *<---------- IP B                     |            |                     |            |   ------------------+------------+-----+--------+--------+--------+--                                        ^        ^        ^        ^                                        |        |        |        |                                      (IP A)   (IP A)   (IP B)   (IP B)                                        |        |        |        |                                     +--+--+  +--+--+  +--+--+  +--+--+                                     |  H1 |  |  H2 |  |  H3 |  |  H4 |                                     +-----+  +-----+  +--+--+  +--+--+      Legend:               ---+---+---+--  =  Ethernet, Token Ring, or FDDI                            H  =  Host computer                           MR  =  Master Router                           BR  =  Backup Router                            *  =  IP Address                         (IP)  =  default router for hosts   In the example above, half of the hosts have configured a static   route through Rtr1's IP A and half are using Rtr2's IP B.  The   configuration of virtual router VRID=1 is exactly the same as in the   first example (see section 4.1), and a second virtual router has been   added to cover the IP address owned by Rtr2 (VRID=2, IP_Address=B).   In this case Rtr2 will assert itself as Master for VRID=2 while Rtr1   will act as a backup.  This scenario demonstrates a deployment   providing load splitting when both routers are available while   providing full redundancy for robustness.draft-ietf-vrrp-spec-v2-05.txt                                 [Page 10]INTERNET-DRAFT     Virtual Router Redundancy Protocol    January 5, 20005.0  Protocol   The purpose of the VRRP packet is to communicate to all VRRP routers   the priority and the state of the Master router associated with the   Virtual Router ID.   VRRP packets are sent encapsulated in IP packets.  They are sent to   the IPv4 multicast address assigned to VRRP.5.1  VRRP Packet Format   This section defines the format of the VRRP packet and the relevant   fields in the IP header.       0                   1                   2                   3       0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+      |Version| Type  | Virtual Rtr ID|   Priority    | Count IP Addrs|      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+      |   Auth Type   |   Adver Int   |          Checksum             |      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+      |                         IP Address (1)                        |      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+      |                            .                                  |      |                            .                                  |      |                            .                                  |      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+      |                         IP Address (n)                        |      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+      |                     Authentication Data (1)                   |      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+      |                     Authentication Data (2)                   |      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+5.2  IP Field Descriptions5.2.1  Source Address   The primary IP address of the interface the packet is being sent   from.5.2.2  Destination Address   The IP multicast address as assigned by the IANA for VRRP is:       224.0.0.18draft-ietf-vrrp-spec-v2-05.txt                                 [Page 11]INTERNET-DRAFT     Virtual Router Redundancy Protocol    January 5, 2000   This is a link local scope multicast address.  Routers MUST NOT   forward a datagram with this destination address regardless of its   TTL.5.2.3  TTL   The TTL MUST be set to 255.  A VRRP router receiving a packet with   the TTL not equal to 255 MUST discard the packet.5.2.4  Protocol   The IP protocol number assigned by the IANA for VRRP is 112   (decimal).5.3 VRRP Field Descriptions5.3.1  Version   The version field specifies the VRRP protocol version of this packet.   This document defines version 2.5.3.2  Type   The type field specifies the type of this VRRP packet.  The only   packet type defined in this version of the protocol is:       1      ADVERTISEMENT   A packet with unknown type MUST be discarded.5.3.3  Virtual Rtr ID (VRID)   The Virtual Router Identifier (VRID) field identifies the virtual   router this packet is reporting status for.5.3.4  Priority   The priority field specifies the sending VRRP router's priority for   the virtual router.  Higher values equal higher priority.  This field   is an 8 bit unsigned integer field.   The priority value for the VRRP router that owns the IP address(es)   associated with the virtual router MUST be 255 (decimal).   VRRP routers backing up a virtual router MUST use priority values   between 1-254 (decimal).  The default priority value for VRRP routers   backing up a virtual router is 100 (decimal).draft-ietf-vrrp-spec-v2-05.txt                                 [Page 12]INTERNET-DRAFT     Virtual Router Redundancy Protocol    January 5, 2000   The priority value zero (0) has special meaning indicating that the   current Master has stopped participating in VRRP.  This is used to   trigger Backup routers to quickly transition to Master without having   to wait for the current Master to timeout.5.3.5  Count IP Addrs   The number of IP addresses contained in this VRRP advertisement.5.3.6  Authentication Type   The authentication type field identifies the authentication method   being utilized.  Authentication type is unique on a Virtual Router   basis.  The authentication type field is an 8 bit unsigned integer.   A packet with unknown authentication type or that does not match the   locally configured authentication method MUST be discarded.   The authentication methods currently defined are:      0 - No Authentication      1 - Simple Text Password      2 - IP Authentication Header5.3.6.1 No Authentication   The use of this authentication type means that VRRP protocol   exchanges are not authenticated.  The contents of the Authentication   Data field should be set to zero on transmission and ignored on   reception.5.3.6.2 Simple Text Password   The use of this authentication type means that VRRP protocol   exchanges are authenticated by a clear text password.  The contents   of the Authentication Data field should be set to the locally   configured password on transmission.  There is no default password.   The receiver MUST check that the Authentication Data in the packet   matches its configured authentication string.  Packets that do not   match MUST be discarded.   Note that there are security implications to using Simple Text   password authentication, and one should see the Security   Consideration section of this document.