VRRP
Router Configuration Guide 377
• Greater than the virtual router in-use priority value
• Equal to the in-use priority value and the source IP address (primary IP address) is
greater than the virtual router instance primary IP address
A backup router will only attempt to become the master router if the preempt mode is true
and the received VRRP advertisement priority field is less than the virtual router in-use
priority value.
VRRP Message Authentication
The authentication type parameter defines the type of authentication used by the virtual router
in VRRP advertisement message authentication. VRRP message authentication is applicable
to IPv4 only. The current master uses the configured authentication type to indicate any
egress message manipulation that must be performed in conjunction with any supporting
authentication parameters before transmitting a VRRP advertisement message. The
configured authentication type value is transmitted in the message authentication type field
with the appropriate authentication data field filled in. Backup routers use the authentication
type message field value in interpreting the contained authentication data field within
received VRRP advertisement messages.
VRRP supports three message authentication methods which provide varying degrees of
security. The supported authentication types are:
• 0 – No Authentication
• 1 – Simple Text Password
• 2 – IP Authentication Header
Authentication Type 0 – No Authentication
The use of type 0 indicates that VRRP advertisement messages are not authenticated
(provides no authentication). The master transmitting VRRP advertisement messages will
transmit the value 0 in the egress messages authentication type field and the authentication
data field. Backup virtual routers receiving VRRP advertisement messages with the
authentication type field equal to 0 will ignore the authentication data field in the message.
All compliant VRRP advertisement messages are accepted. The following fields within the
received VRRP advertisement message are checked for compliance (the VRRP specification
may require additional checks).
• IP header checks specific to VRRP
→ IP header destination IP address – Must be 224.0.0.18
To Next Page
Loading...
