5.3.6.3 IP Authentication Header   The use of this authentication type means the VRRP protocol exchanges   are authenticated using the mechanisms defined by the IPdraft-ietf-vrrp-spec-v2-05.txt                                 [Page 13]INTERNET-DRAFT     Virtual Router Redundancy Protocol    January 5, 2000   Authentication Header [AUTH] using "The Use of HMAC-MD5-96 within ESP   and AH" [HMAC].  Keys may be either configured manually or via a key   distribution protocol.   If a packet is received that does not pass the authentication check   due to a missing authentication header or incorrect message digest,   then the packet MUST be discarded.  The contents of the   Authentication Data field should be set to zero on transmission and   ignored on reception.5.3.7 Advertisement Interval (Adver Int)   The Advertisement interval indicates the time interval (in seconds)   between ADVERTISEMENTS.  The default is 1 second.  This field is used   for troubleshooting misconfigured routers.5.3.8 Checksum   The checksum field is used to detect data corruption in the VRRP   message.   The checksum is the 16-bit one's complement of the one's complement   sum of the entire VRRP message starting with the version field.  For   computing the checksum, the checksum field is set to zero.  See   RFC1071 for more detail [CKSM].5.3.9  IP Address(es)   One or more IP addresses that are associated with the virtual router.   The number of addresses included is specified in the "Count IP Addrs"   field.  These fields are used for troubleshooting misconfigured   routers.5.3.10  Authentication Data   The authentication string is currently only utilized for simple text   authentication, similar to the simple text authentication found in   the Open Shortest Path First routing protocol [OSPF].  It is up to 8   characters of plain text.  If the configured authentication string is   shorter than 8 bytes, the remaining space MUST be zero-filled.  Any   VRRP packet received with an authentication string that does not   match the locally configured authentication string MUST be discarded.   The authentication string is unique on a per interface basis.   There is no default value for this field.draft-ietf-vrrp-spec-v2-05.txt                                 [Page 14]INTERNET-DRAFT     Virtual Router Redundancy Protocol    January 5, 20006.  Protocol State Machine6.1 Parameters per Virtual Router    VRID                    Virtual Router Identifier.  Configured item                            in the range 1-255 (decimal).  There is no                            default.    Priority                Priority value to be used by this VRRP                            router in Master election for this virtual                            router.  The value of 255 (decimal) is                            reserved for the router that owns the IP                            addresses associated with the virtual                            router.  The value of 0 (zero) is reserved                            for Master router to indicate it is                            releasing responsibility for the virtual                            router.  The range 1-254 (decimal) is                            available for VRRP routers backing up the                            virtual router.  The default value is 100                            (decimal).    IP_Addresses            One or more IP addresses associated with                            this virtual router.  Configured item.  No                            default.    Advertisement_Interval  Time interval between ADVERTISEMENTS                            (seconds).  Default is 1 second.    Skew_Time               Time to skew Master_Down_Interval in                            seconds.  Calculated as:                               ( (256 - Priority) / 256 )    Master_Down_Interval    Time interval for Backup to declare Master                            down (seconds).  Calculated as:                               (3 * Advertisement_Interval) + Skew_time    Preempt_Mode            Controls whether a higher priority Backup                            router preempts a lower priority Master.                            Values are True to allow preemption and                            False to prohibit preemption.  Default is                            True.                            Note: Exception is that the router that owns                            the IP address(es) associated with the                            virtual router always pre-empts independent                            of the setting of this flag.draft-ietf-vrrp-spec-v2-05.txt                                 [Page 15]INTERNET-DRAFT     Virtual Router Redundancy Protocol    January 5, 2000    Authentication_Type     Type of authentication being used.  Values                            are defined in section 5.3.6.    Authentication_Data     Authentication data specific to the                            Authentication_Type being used.6.2 Timers    Master_Down_Timer       Timer that fires when ADVERTISEMENT has not                            been heard for Master_Down_Interval.    Adver_Timer             Timer that fires to trigger sending of                            ADVERTISEMENT based on                            Advertisement_Interval.6.3  State Transition Diagram                          +---------------+               +--------->|               |<-------------+               |          |  Initialize   |              |               |   +------|               |----------+   |               |   |      +---------------+          |   |               |   |                                 |   |               |   V                                 V   |       +---------------+                       +---------------+       |               |---------------------->|               |       |    Master     |                       |    Backup     |       |               |<----------------------|               |       +---------------+                       +---------------+6.4  State Descriptions   In the state descriptions below, the state names are identified by   {state-name}, and the packets are identified by all upper case   characters.   A VRRP router implements an instance of the state machine for each   virtual router election it is participating in.6.4.1   Initialize   The purpose of this state is to wait for a Startup event.  If a   Startup event is received, then:draft-ietf-vrrp-spec-v2-05.txt                                 [Page 16]INTERNET-DRAFT     Virtual Router Redundancy Protocol    January 5, 2000    - If the Priority = 255 (i.e., the router owns the IP address(es)      associated with the virtual router)       o Send an ADVERTISEMENT       o Broadcast a gratuitous ARP request containing the virtual         router MAC address for each IP address associated with the         virtual router.       o Set the Adver_Timer to Advertisement_Interval       o Transition to the {Master} state      else       o Set the Master_Down_Timer to Master_Down_Interval       o Transition to the {Backup} state      endif6.4.2   Backup   The purpose of the {Backup} state is to monitor the availability and   state of the Master Router.   While in this state, a VRRP router MUST do the following:    - MUST NOT respond to ARP requests for the IP address(s) associated      with the virtual router.    - MUST discard packets with a destination link layer MAC address      equal to the virtual router MAC address.    - MUST NOT accept packets addressed to the IP address(es) associated      with the virtual router.    - If a Shutdown event is received, then:       o Cancel the Master_Down_Timer       o Transition to the {Initialize} state      endif    - If the Master_Down_Timer fires, then:       o Send an ADVERTISEMENT       o Broadcast a gratuitous ARP request containing the virtual         router MAC address for each IP address associated with the         virtual router       o Set the Adver_Timer to Advertisement_Interval       o Transition to the {Master} statedraft-ietf-vrrp-spec-v2-05.txt                                 [Page 17]INTERNET-DRAFT     Virtual Router Redundancy Protocol    January 5, 2000      endif    - If an ADVERTISEMENT is received, then:         If the Priority in the ADVERTISEMENT is Zero, then:          o Set the Master_Down_Timer to Skew_Time         else:            If Preempt_Mode is False, or If the Priority in the            ADVERTISEMENT is greater than or equal to the local            Priority, then:             o Reset the Master_Down_Timer to Master_Down_Interval            else:             o Discard the ADVERTISEMENT            endif         endif      endif6.4.3   Master   While in the {Master} state the router functions as the forwarding   router for the IP address(es) associated with the virtual router.   While in this state, a VRRP router MUST do the following:    - MUST respond to ARP requests for the IP address(es) associated      with the virtual router.    - MUST forward packets with a destination link layer MAC address      equal to the virtual router MAC address.    - MUST NOT accept packets addressed to the IP address(es) associated      with the virtual router if it is not the IP address owner.    - MUST accept packets addressed to the IP address(es) associated      with the virtual router if it is the IP address owner.    - If a Shutdown event is received, then:       o Cancel the Adver_Timer       o Send an ADVERTISEMENT with Priority = 0       o Transition to the {Initialize} statedraft-ietf-vrrp-spec-v2-05.txt                                 [Page 18]INTERNET-DRAFT     Virtual Router Redundancy Protocol    January 5, 2000      endif    - If the Adver_Timer fires, then:       o Send an ADVERTISEMENT       o Reset the Adver_Timer to Advertisement_Interval      endif    - If an ADVERTISEMENT is received, then:         If the Priority in the ADVERTISEMENT is Zero, then:          o Send an ADVERTISEMENT          o Reset the Adver_Timer to Advertisement_Interval         else:            If the Priority in the ADVERTISEMENT is greater than the            local Priority,            or            If the Priority in the ADVERTISEMENT is equal to the local            Priority and the primary IP Address of the sender is greater            than the local primary IP Address, then:             o Cancel Adver_Timer             o Set Master_Down_Timer to Master_Down_Interval             o Transition to the {Backup} state            else:             o Discard ADVERTISEMENT            endif         endif      endifdraft-ietf-vrrp-spec-v2-05.txt                                 [Page 19]INTERNET-DRAFT     Virtual Router Redundancy Protocol    January 5, 20007.  Sending and Receiving VRRP Packets7.1  Receiving VRRP Packets   Performed the following functions when a VRRP packet is received:      - MUST verify that the IP TTL is 255.      - MUST verify the VRRP version is 2      - MUST verify that the received packet contains the complete VRRP