rfc2338.txt
来自「RFC 的详细文档!」· 文本 代码 · 共 1,516 行 · 第 1/4 页
TXT
1,516 行
Network Working Group S. Knight
Request for Comments: 2338 D. Weaver
Category: Standards Track Ascend Communications, Inc.
D. Whipple
Microsoft, Inc.
R. Hinden
D. Mitzel
P. Hunt
Nokia
P. Higginson
M. Shand
Digital Equipment Corp.
A. Lindem
IBM Corporation
April 1998
Virtual Router Redundancy Protocol
Status of this Memo
This document specifies an Internet standards track protocol for the
Internet community, and requests discussion and suggestions for
improvements. Please refer to the current edition of the "Internet
Official Protocol Standards" (STD 1) for the standardization state
and status of this protocol. Distribution of this memo is unlimited.
Copyright Notice
Copyright (C) The Internet Society (1998). All Rights Reserved.
Abstract
This memo defines the Virtual Router Redundancy Protocol (VRRP).
VRRP specifies an election protocol that dynamically assigns
responsibility for a virtual router to one of the VRRP routers on a
LAN. The VRRP router controlling the IP address(es) associated with
a virtual router is called the Master, and forwards packets sent to
these IP addresses. The election process provides dynamic fail over
in the forwarding responsibility should the Master become
unavailable. This allows any of the virtual router IP addresses on
the LAN to be used as the default first hop router by end-hosts. The
advantage gained from using VRRP is a higher availability default
path without requiring configuration of dynamic routing or router
discovery protocols on every end-host.
Knight, et. al. Standards Track [Page 1]
RFC 2338 VRRP April 1998
Table of Contents
1. Introduction...............................................2
2. Required Features..........................................5
3. VRRP Overview..............................................6
4. Sample Configurations......................................8
5. Protocol...................................................9
5.1 VRRP Packet Format....................................10
5.2 IP Field Descriptions.................................10
5.3 VRRP Field Descriptions...............................11
6. Protocol State Machine....................................13
6.1 Parameters............................................13
6.2 Timers................................................15
6.3 State Transition Diagram..............................15
6.4 State Descriptions....................................15
7. Sending and Receiving VRRP Packets........................18
7.1 Receiving VRRP Packets................................18
7.2 Transmitting Packets..................................19
7.3 Virtual MAC Address...................................19
8. Operational Issues........................................20
8.1 ICMP Redirects........................................20
8.2 Host ARP Requests.....................................20
8.3 Proxy ARP.............................................20
9. Operation over FDDI and Token Ring........................21
9.1 Operation over FDDI...................................21
9.2 Operation over Token Ring.............................21
10. Security Considerations...................................23
10.1 No Authentication....................................23
10.2 Simple Text Password.................................23
10.3 IP Authentication Header.............................24
11. Acknowledgments...........................................24
12. References................................................24
13. Authors' Addresses........................................25
14. Full Copyright Statement..................................27
1. Introduction
There are a number of methods that an end-host can use to determine
its first hop router towards a particular IP destination. These
include running (or snooping) a dynamic routing protocol such as
Routing Information Protocol [RIP] or OSPF version 2 [OSPF], running
an ICMP router discovery client [DISC] or using a statically
configured default route.
Running a dynamic routing protocol on every end-host may be
infeasible for a number of reasons, including administrative
overhead, processing overhead, security issues, or lack of a protocol
implementation for some platforms. Neighbor or router discovery
Knight, et. al. Standards Track [Page 2]
RFC 2338 VRRP April 1998
protocols may require active participation by all hosts on a network,
leading to large timer values to reduce protocol overhead in the face
of large numbers of hosts. This can result in a significant delay in
the detection of a lost (i.e., dead) neighbor, which may introduce
unacceptably long "black hole" periods.
The use of a statically configured default route is quite popular; it
minimizes configuration and processing overhead on the end-host and
is supported by virtually every IP implementation. This mode of
operation is likely to persist as dynamic host configuration
protocols [DHCP] are deployed, which typically provide configuration
for an end-host IP address and default gateway. However, this
creates a single point of failure. Loss of the default router
results in a catastrophic event, isolating all end-hosts that are
unable to detect any alternate path that may be available.
The Virtual Router Redundancy Protocol (VRRP) is designed to
eliminate the single point of failure inherent in the static default
routed environment. VRRP specifies an election protocol that
dynamically assigns responsibility for a virtual router to one of the
VRRP routers on a LAN. The VRRP router controlling the IP
address(es) associated with a virtual router is called the Master,
and forwards packets sent to these IP addresses. The election
process provides dynamic fail-over in the forwarding responsibility
should the Master become unavailable. Any of the virtual router's IP
addresses on a LAN can then be used as the default first hop router
by end-hosts. The advantage gained from using VRRP is a higher
availability default path without requiring configuration of dynamic
routing or router discovery protocols on every end-host.
VRRP provides a function similar to a Cisco Systems, Inc. proprietary
protocol named Hot Standby Router Protocol (HSRP) [HSRP] and to a
Digital Equipment Corporation, Inc. proprietary protocol named IP
Standby Protocol [IPSTB].
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in [RFC 2119].
The IESG/IETF take no position regarding the validity or scope of any
intellectual property right or other rights that might be claimed to
pertain to the implementation or use of the technology, or the extent
to which any license under such rights might or might not be
available. See the IETF IPR web page at http://www.ietf.org/ipr.html
for additional information.
Knight, et. al. Standards Track [Page 3]
RFC 2338 VRRP April 1998
1.1 Scope
The remainder of this document describes the features, design goals,
and theory of operation of VRRP. The message formats, protocol
processing rules and state machine that guarantee convergence to a
single Virtual Router Master are presented. Finally, operational
issues related to MAC address mapping, handling of ARP requests,
generation of ICMP redirect messages, and security issues are
addressed.
This protocol is intended for use with IPv4 routers only. A separate
specification will be produced if it is decided that similar
functionality is desirable in an IPv6 environment.
1.2 Definitions
VRRP Router A router running the Virtual Router Redundancy
Protocol. It may participate in one or more
virtual routers.
Virtual Router An abstract object managed by VRRP that acts
as a default router for hosts on a shared LAN.
It consists of a Virtual Router Identifier and
a set of associated IP address(es) across a
common LAN. A VRRP Router may backup one or
more virtual routers.
IP Address Owner The VRRP router that has the virtual router's
IP address(es) as real interface address(es).
This is the router that, when up, will respond
to packets addressed to one of these IP
addresses for ICMP pings, TCP connections,
etc.
Primary IP Address An IP address selected from the set of real
interface addresses. One possible selection
algorithm is to always select the first
address. VRRP advertisements are always sent
using the primary IP address as the source of
the IP packet.
Virtual Router Master The VRRP router that is assuming the
responsibility of forwarding packets sent to
the IP address(es) associated with the virtual
router, and answering ARP requests for these
IP addresses. Note that if the IP address
owner is available, then it will always become
the Master.
Knight, et. al. Standards Track [Page 4]
RFC 2338 VRRP April 1998
Virtual Router Backup The set of VRRP routers available to assume
forwarding responsibility for a virtual router
should the current Master fail.
2.0 Required Features
This section outlines the set of features that were considered
mandatory and that guided the design of VRRP.
2.1 IP Address Backup
Backup of IP addresses is the primary function of the Virtual Router
Redundancy Protocol. While providing election of a Virtual Router
Master and the additional functionality described below, the protocol
should strive to:
- Minimize the duration of black holes.
- Minimize the steady state bandwidth overhead and processing
complexity.
- Function over a wide variety of multiaccess LAN technologies
capable of supporting IP traffic.
- Provide for election of multiple virtual routers on a network for
load balancing
- Support of multiple logical IP subnets on a single LAN segment.
2.2 Preferred Path Indication
A simple model of Master election among a set of redundant routers is
to treat each router with equal preference and claim victory after
converging to any router as Master. However, there are likely to be
many environments where there is a distinct preference (or range of
preferences) among the set of redundant routers. For example, this
preference may be based upon access link cost or speed, router
performance or reliability, or other policy considerations. The
protocol should allow the expression of this relative path preference
in an intuitive manner, and guarantee Master convergence to the most
preferential router currently available.
2.3 Minimization of Unnecessary Service Disruptions
Once Master election has been performed then any unnecessary
transitions between Master and Backup routers can result in a
disruption in service. The protocol should ensure after Master
election that no state transition is triggered by any Backup router
of equal or lower preference as long as the Master continues to
function properly.
Knight, et. al. Standards Track [Page 5]
RFC 2338 VRRP April 1998
Some environments may find it beneficial to avoid the state
transition triggered when a router becomes available that is more
preferential than the current Master. It may be useful to support an
override of the immediate convergence to the preferred path.
2.4 Extensible Security
The virtual router functionality is applicable to a wide range of
internetworking environments that may employ different security
policies. The protocol should require minimal configuration and
overhead in the insecure operation, provide for strong authentication
when increased security is required, and allow integration of new
security mechanisms without breaking backwards compatible operation.
2.5 Efficient Operation over Extended LANs
Sending IP packets on a multiaccess LAN requires mapping from an IP
address to a MAC address. The use of the virtual router MAC address
in an extended LAN employing learning bridges can have a significant
effect on the bandwidth overhead of packets sent to the virtual
router. If the virtual router MAC address is never used as the
source address in a link level frame then the station location is
never learned, resulting in flooding of all packets sent to the
virtual router. To improve the efficiency in this environment the
protocol should: 1) use the virtual router MAC as the source in a
packet sent by the Master to trigger station learning; 2) trigger a
message immediately after transitioning to Master to update the
station learning; and 3) trigger periodic messages from the Master to
maintain the station learning cache.
3.0 VRRP Overview
VRRP specifies an election protocol to provide the virtual router
function described earlier. All protocol messaging is performed
using IP multicast datagrams, thus the protocol can operate over a
variety of multiaccess LAN technologies supporting IP multicast.
Each VRRP virtual router has a single well-known MAC address
allocated to it. This document currently only details the mapping to
networks using the IEEE 802 48-bit MAC address. The virtual router
MAC address is used as the source in all periodic VRRP messages sent
by the Master router to enable bridge learning in an extended LAN.
A virtual router is defined by its virtual router identifier (VRID)
and a set of IP addresses. A VRRP router may associate a virtual
router with its real addresses on an interface, and may also be
configured with additional virtual router mappings and priority for
virtual routers it is willing to backup. The mapping between VRID
and addresses must be coordinated among all VRRP routers on a LAN.
Knight, et. al. Standards Track [Page 6]
RFC 2338 VRRP April 1998
However, there is no restriction against reusing a VRID with a
different address mapping on different LANs. The scope of each
virtual router is restricted to a single LAN.
To minimize network traffic, only the Master for each virtual router
sends periodic VRRP Advertisement messages. A Backup router will not
attempt to pre-empt the Master unless it has higher priority. This
eliminates service disruption unless a more preferred path becomes
available. It's also possible to administratively prohibit all pre-
emption attempts. The only exception is that a VRRP router will
always become Master of any virtual router associated with addresses
it owns. If the Master becomes unavailable then the highest priority
Backup will transition to Master after a short delay, providing a
controlled transition of the virtual router responsibility with
minimal service interruption.
VRRP defines three types of authentication providing simple
deployment in insecure environments, added protection against
misconfiguration, and strong sender authentication in security
conscious environments. Analysis of the protection provided and
vulnerability of each mechanism is deferred to Section 10.0 Security
Considerations. In addition new authentication types and data can be
defined in the future without affecting the format of the fixed
portion of the protocol packet, thus preserving backward compatible
operation.
The VRRP protocol design provides rapid transition from Backup to
Master to minimize service interruption, and incorporates
optimizations that reduce protocol complexity while guaranteeing
controlled Master transition for typical operational scenarios. The
optimizations result in an election protocol with minimal runtime
state requirements, minimal active protocol states, and a single
message type and sender. The typical operational scenarios are
defined to be two redundant routers and/or distinct path preferences
among each router. A side effect when these assumptions are violated
(i.e., more than two redundant paths all with equal preference) is
that duplicate packets may be forwarded for a brief period during
⌨️ 快捷键说明
复制代码Ctrl + C
搜索代码Ctrl + F
全屏模式F11
增大字号Ctrl + =
减小字号Ctrl + -
显示快捷键?