In my previous Junos Basics post I covered aggregating ethernet interfaces using LACP on a Juniper switch. In this post I’ll cover a simple VRRP configuration in Junos that provides first hop router redundancy for clients on a local LAN segment.
Here’s our network:
Note – all routers are running OSPF, with both interfaces on the Core router, and interface e1 on R1 and e1 on R2 all in OSPF area 0.
- first hop redundancy for clients on LAN 192.168.1.0/24 out to the core router
- clients on 192.168.1.0/24 use a default gateway of 192.168.1.3
- R1 is the master router
- R1 tracks the IP route to 10.0.0.4/30
- R1’s priority drops below 100 if there is a loss of the route 10.0.0.4/30 causing R2 to take over forwarding packets for clients on the LAN
- R1 becomes the master router again if it’s route to 10.0.0.4/30 comes back up
First of all lets just confirm that our OSPF is working and that R1 has learnt the route to 10.0.0.4/30:
root@R1# run show route protocol ospf inet.0: 6 destinations, 6 routes (6 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both 10.0.0.4/30 *[OSPF/10] 00:48:20, metric 2 > to 10.0.0.1 via em1.0
We’ll start the config on R1, by creating the VRRP group and virtual address on the LAN interface:
[edit interfaces em0 unit 0 family inet address 192.168.1.1/24] root@R1# set vrrp-group 10 virtual-address 192.168.1.3
To make sure that R1 is the master router we’ll set it’s priority to 200:
set vrrp-group 10 priority 200
Next, we tell R1 to track the route to 10.0.0.4/30, and to decrease its priority to 99 if the route drops out of R1’s routing table:
set vrrp-group 10 track route 10.0.0.4/30 routing-instance default priority-cost 101
Then we use the preempt command to make sure R1 resumes the master role once the route reappears in the routing table:
set vrrp-group 10 preempt
Now, onto R2. As this router is not the Master, the configuration is very simple – all we need to do is create the VRRP group and set the virtual address on the LAN interface. We don’t even need to set the priority to 100 to make the route tracking mechanism on R1 cause a fail over, as 100 is the default value:
[edit interfaces em0 unit 0 family inet address 192.168.1.2/24] root@R2# show | display set set interfaces em0 unit 0 family inet address 192.168.1.2/24 vrrp-group 10 virtual-address 192.168.1.3
That’s it for our simple VRRP config, and now clients on the local LAN have a redundant default gateway to get traffic out to the core router, with automatic fail over from R1 to R2 in the event of R1 losing it’s route to the core.
I hope this has been a useful explanation. In my next Junos Basics post I’ll cover single area OSPF routing.
Thanks for reading.
Follow Rich on Twitter
Can we enabled preempt in both the router with same delay….
Why track the route to R2’s link to the core router and not interface tracking of e1 on R1?
Couldn’t the route to that network segment be lost by other causes and cause a failover when it isn’t needed?
The route to the core router has been learned by direct route. This should be confirmed that the route to the backup router is still reachable so that both master and backup routers can communicate each others.
For me when the route comes up, the Priority hold time doesn’t run and the priority still remains lowered keeping R1 as backup.
Thank you for your job
I have enabled vrrp on IRB interfaces on two switches but the state is down ? How can solve that .