The Virtual Router Redundancy Protocol (VRRP) is a networking protocol that provides automatic assignment of available Internet Protocol (IP) routers to participating hosts. This increases the availability and reliability of routing paths via automatic default gateway selections on an IP sub-network.

IPs hosted by VRRP protocol are called Virtual IP or VIP. These are the IPs that are going to host the services passing through the load balancer.

VRRP is the protocol that the ALOHA load balancer use to ensure Virtual IP high availability:

  • VRRP daemon listens to the network to learn the status of its cluster peers

  • VRRP daemon can modulate its priority based on running services and network interfaces

Glossary

The following terms are frequently used when working with VRRP:

Master

Active node in a VRRP cluster. It handles traffic.

Slave

Node in standby; listens to VRRP heartbeats packets emitted by the Master

Cluster

At least 2 nodes configured to operate together

Priority or Weight

Number modulated by current node state and whose main purpose is to decide who is the Master. The higher wins.

VRID

Cluster unique ID on the network segment

Peer or Node

One device participating in a cluster

VRRP heartbeat

Packets emitted by the Master node every second which includes the VRRP instance VRID and current Master priority

VIP or Virtual IP

IP address hosted by VRRP which can move to any node

How VRRP works

VRRP works as follows:

  • The node with the highest priority is the Master

  • The other nodes are Slaves

  • The Master hosts the Virtual IPs

  • The Master notifies the switches and the servers on the LAN through ARP gratuitous packets: Virtual IPs

  • The Master emits a heartbeat packet every second. This packet contains the VRRP instance VRID and its priority and is emitted on a multicast IP address (224.0.0.18).

  • Each node changes its priority based on its status.

  • If the Master's priority decreases too much, then Slave takes over the traffic.

  • If the Master does not send any more heartbeats, the Slave takes over the traffic.

Note

To know how failovers work, refer to the section about VRRP priority.

Check if VRRP is used in your network

Warning

Perform this check before you configure VRRP.

  1. Browse the ALOHA WUI.

  2. Open the DiagTools tab.

  3. On the list, locate the capture tool.

  4. Complete the Diagnostic tool option fields as shown below:

    • field 1: interface name where VRRP will be configured

    • field 2: enter vrrp

    //cdn.haproxy.com/documentation/aloha/12-0/_assets/images/diagtools_form_vrrp_463x55.png

  5. Click on run.

Depending on the result:

  • If there is no packet captured, it means that there is no VRRP running on the network. It is safe to configure VRRP on the ALOHA.

  • If there are packets listed, then it is important to watch the VRID in use in your network, so as to avoid using the same ones. In the example below, there are at least 4 different VRIDs in use: 123, 254, 200, 1.

# /usr/sbin/tcpdump -vvvenns0 -c 5 -i eth0 vrrp
tcpdump: WARNING: eth0: no IPv4 address assigned
tcpdump: listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes
#<snip># 10.0.0.1 > 224.0.0.18: VRRPv2, Advertisement, vrid 123, prio 211, authtype none, intvl 1s, length 16, addrs:
#<snip># 10.0.0.2 > 224.0.0.18: VRRPv2, Advertisement, vrid 254, prio 12, authtype none, intvl 1s, length 20, addrs:
#<snip># 10.0.0.3 > 224.0.0.18: VRRPv2, Advertisement, vrid 200, prio 111, authtype none, intvl 1s, length 20, addrs:
#<snip># 10.0.0.4 > 224.0.0.18: VRRPv2, Advertisement, vrid 1, prio 101, authtype none, intvl 1s, length 24, addrs:
#<snip># 10.0.0.1 > 224.0.0.18: VRRPv2, Advertisement, vrid 123, prio 211, authtype none, intvl 1s, length 20, addrs:
5 packets captured
0 packets received by filter
0 packets dropped by kernel