Example: Configuring VRRP for Load Sharing
date_range17-Feb-21
Product and Release Support
If you do not want to dedicate a switch to be a VRRP backup (and therefore leave it idle unless the primary fails), you can create a load-sharing configuration in which each participating switch simultaneously acts as a primary and a backup.
One reason to use a load-sharing (active-active) configuration is that you are more likely to actively monitor and maintain both switches and notice if a problem occurs on either of them. If you use a configuration in which one switch is only a backup (an active-backup configuration), you might be less likely to pay attention to the backup switch while it is idle. In the worst case, this could lead to the backup switch developing an undetected problem and not being able to perform adequately when a failover occurs.
Requirements
This example uses the following hardware and software components:
- Two switches
- Junos OS Release 11.3 or later
- Static routing or a dynamic routing protocol enabled on both switches.
Overview and Topology
This example uses two VRRP groups, each of which has its own virtual IP address. Devices on the LAN use one of these virtual IP addresses as their default gateway. If one of the switches fails, the other switch takes over for it. In the topology shown in Figure 1, for example, Switch A is the primary for VRRP group 100. If Switch A fails, Switch B takes over and forwards traffic that the end devices send to the default gateway address 10.1.1.1.
Figure 1: VRRP Load-Sharing Configuration
This example shows a simple configuration to illustrate the basic steps for configuring two switches running VRRP to back each other up.Table 1 lists VRRP settings for each switch.
Topology
Table 1: Settings for VRRP Load-Sharing ExampleSwitch ASwitch B
VRRP Group 100:
|
VRRP Group 100:
|
VRRP Group 200:
|
VRRP Group 200:
|
In addition to configuring the two switches as shown, you must configure your end devices so that some of them use one of the virtual IP addresses as their default gateway and the remaining end devices use the other virtual IP address as their default gateway.
Note that if a failover occurs, the remaining switch might be unable to handle all of the traffic, depending on the demand.
Configuring VRRP on Both Switches
Procedure
CLI Quick Configuration
Enter the following on Switch A:
content_copy zoom_out_map
[edit] set interfaces xe-0/0/0 unit 0 family inet address 10.1.1.251/24 vrrp-group 100 virtual-address 10.1.1.1 set interfaces xe-0/0/0 unit 0 family inet address 10.1.1.251/24 vrrp-group 100 priority 250 set interfaces xe-0/0/0 unit 0 family inet address 10.1.1.251/24 vrrp-group 200 virtual-address 10.1.1.2 set interfaces xe-0/0/0 unit 0 family inet address 10.1.1.251/24 vrrp-group 200 priority 200
Enter the following on Switch B:
content_copy zoom_out_map
[edit] set interfaces xe-0/0/0 unit 0 family inet address 10.1.1.252/24 vrrp-group 100 virtual-address 10.1.1.1 set interfaces xe-0/0/0 unit 0 family inet address 10.1.1.252/24 vrrp-group 100 priority 200 set interfaces xe-0/0/0 unit 0 family inet address 10.1.1.252/24 vrrp-group 200 virtual-address 10.1.1.2 set interfaces xe-0/0/0 unit 0 family inet address 10.1.1.252/24 vrrp-group 200 priority 250
Step-by-Step Procedure
Configure the VRRP groups and priorities on Switch A:
- Create VRRP group 100 on Switch A and configure the virtual IP address for the group:
- content_copy zoom_out_map
- [edit] user@switch# set interfaces xe-0/0/0 unit 0 family inet address 10.1.1.252/24 vrrp-group 100 virtual-address 10.1.1.1
- Assign the VRRP priority for this interface in this group:
- content_copy zoom_out_map
- [edit] user@switch# set interfaces xe-0/0/0 unit 0 family inet address 10.1.1.251/24 vrrp-group 100 priority 250
- Create VRRP group 200 on Switch A and configure the virtual IP address for the group:
- content_copy zoom_out_map
- [edit] user@switch# set interfaces xe-0/0/0 unit 0 family inet address 10.1.1.251/24 vrrp-group 200 virtual-address 10.1.1.2
- Assign the VRRP priority for this interface in this group:
- content_copy zoom_out_map
- [edit] user@switch# set interfaces xe-0/0/0 unit 0 family inet address 10.1.1.251/24 vrrp-group 100 priority 200
Step-by-Step Procedure
Configure the VRRP groups and priorities on Switch B:
- Create VRRP group 100 on Switch B and configure the virtual IP address for the group:
- content_copy zoom_out_map
- [edit] user@switch# set interfaces xe-0/0/0 unit 0 family inet address 10.1.1.252/24 vrrp-group 100 virtual-address 10.1.1.1
- Assign the VRRP priority for this interface in this group:Switch A remains the primary for group 100 because it has the highest priority for this group.
- content_copy zoom_out_map
- [edit] user@switch# set interfaces xe-0/0/0 unit 0 family inet address 10.1.1.252/24 vrrp-group 100 priority 200
- Create VRRP group 200 on Switch A and configure the virtual IP address for the group:
- content_copy zoom_out_map
- [edit] user@switch# set interfaces xe-0/0/0 unit 0 family inet address 10.1.1.252/24 vrrp-group 200 virtual-address 10.1.1.2
- Assign the VRRP priority for this interface in this group:Switch B becomes the primary for group 200 because it has the highest priority for this group.
- content_copy zoom_out_map
- [edit] user@switch# set interfaces xe-0/0/0 unit 0 family inet address 10.1.1.251/24 vrrp-group 100 priority 250
Results
Display the results of the configuration on Switch A:
content_copy zoom_out_map
user@switch> show configuration interfaces { xe-0/0/0 { unit 0 { family inet { address 10.1.1.251 { vrrp-group 100 { virtual address 10.1.1.1 priority 250 } vrrp-group 200 { virtual address 10.1.1.2 priority 200 } } } } } }
Display the results of the configuration on Switch B:
content_copy zoom_out_map
user@switch> show configuration interfaces { xe-0/0/0 { unit 0 { family inet { address 10.1.1.252 { vrrp-group 100 { virtual address 10.1.1.1 priority 200 } vrrp-group 200 { virtual address 10.1.1.2 priority 250 } } } } } }
Verification
Verifying that VRRP Is Working on Switch A
Purpose
Verify that VRRP is active on Switch A and that the primary and backup roles are correct.
Action
Use the following command to verify that VRRP is active on Switch A and that the switch is primary for group 100 and backup for group 200.
content_copy zoom_out_map
user@switch> show vrrp Interface State Group VR state Timer Type Address xe-0/0/0.0 up 100 master A .0327 lcl 10.1.1.251 vip 10.1.1.1 xe-0/0/0.0 up 200 backup A .0327 lcl 10.1.1.251 vip 10.1.1.2
Meaning
The show vrrp command displays fundamental information about the VRRP configuration. This output shows that both VRRP groups are active and that this switch has assumed the correct primary and backup roles. The lcl address is the physical address of the interface and the vip address is the virtual address shared by both switches. The Timer value (A .0327) indicates the remaining time (in seconds) in which this switch expects to receive a VRRP advertisement from the other switch. If an advertisement for group 200 does not arrive before the timer expires, Switch A asserts itself as the primary for this group.
Verifying that VRRP Is Working on Switch B
Purpose
Verify that VRRP is active on Switch B and that the primary and backup roles are correct.
Action
Use the following command to verify that VRRP is active on Switch B and that the switch is backup for group 100 and primary for group 200.
content_copy zoom_out_map
user@switch> show vrrp Interface State Group VR state Timer Type Address xe-0/0/0.0 up 100 backup A .0327 lcl 10.1.1.252 vip 10.1.1.1 xe-0/0/0.0 up 200 master A .0327 lcl 10.1.1.252 vip 10.1.1.2
Meaning
The show vrrp command displays fundamental information about the VRRP configuration. This output shows that both VRRP groups are active and that this switch has assumed the correct primary and backup roles. The lcl address is the physical address of the interface and the vip address is the virtual address shared by both switches. The Timer value (A .0327) indicates the remaining time (in seconds) in which this switch expects to receive a VRRP advertisement from the other switch. If an advertisement for group 100 does not arrive before the timer expires, Switch B asserts itself as the primary for this group.
'업무이야기 > Network' 카테고리의 다른 글
Juniper Switch Virtual-Chassis (STACK) (0) | 2023.05.02 |
---|---|
Juniper RestAPI Sample (0) | 2021.08.06 |
Juniper show command (RSI : request support information) (0) | 2021.03.29 |
Juniper Troubleshooting Commands (0) | 2021.03.29 |
Juniper request chassis cluster failover redundancy-group (0) | 2021.03.16 |