draft-ietf-vrrp-spec-v2-05.txt

VRRP双机热备份协议源吗

INTERNET-DRAFT                                                 S. Knight
January 5, 2000                                                D. Weaver
                                             Ascend Communications, Inc.
                                                              D. Whipple
                                                         Microsoft, Inc.
                                                               R. Hinden
                                                               D. Mitzel
                                                                 P. Hunt
                                                                   Nokia
                                                            P. Higginson
                                                                M. Shand
                                                 Digital Equipment Corp.
                                                               A. Lindem
                                                         IBM Corporation


                   Virtual Router Redundancy Protocol

                    <draft-ietf-vrrp-spec-v2-05.txt>



Status of this Memo

   This document is an Internet-Draft and is in full conformance with
   all provisions of Section 10 of [RFC2026].

   Internet-Drafts are working documents of the Internet Engineering
   Task Force (IETF), its areas, and its working groups.  Note that
   other groups may also distribute working documents as Internet-
   Drafts.

   Internet-Drafts are draft documents valid for a maximum of six months
   and may be updated, replaced, or obsoleted by other documents at any
   time.  It is inappropriate to use Internet-Drafts as reference
   material or to cite them other than as "work in progress."

     The list of current Internet-Drafts can be accessed at
     http://www.ietf.org/ietf/1id-abstracts.txt

     The list of Internet-Draft Shadow Directories can be accessed at
     http://www.ietf.org/shadow.html.

   This internet draft expires on July 5, 2000.

Abstract

   This memo defines the Virtual Router Redundancy Protocol (VRRP).
   VRRP specifies an election protocol that dynamically assigns
   responsibility for a virtual router to one of the VRRP routers on a
   LAN.  The VRRP router controlling the IP address(es) associated with



draft-ietf-vrrp-spec-v2-05.txt                                  [Page 1]


INTERNET-DRAFT     Virtual Router Redundancy Protocol    January 5, 2000


   a virtual router is called the Master, and forwards packets sent to
   these IP addresses.  The election process provides dynamic fail over
   in the forwarding responsibility should the Master become
   unavailable.  This allows any of the virtual router IP addresses on
   the LAN to be used as the default first hop router by end-hosts.  The
   advantage gained from using VRRP is a higher availability default
   path without requiring configuration of dynamic routing or router
   discovery protocols on every end-host.


Table of Contents

   1.  Introduction...............................................3
   2.  Required Features..........................................5
   3.  VRRP Overview..............................................7
   4.  Sample Configurations......................................8
   5.  Protocol..................................................11
      5.1  VRRP Packet Format....................................11
      5.2  IP Field Descriptions.................................11
      5.3  VRRP Field Descriptions...............................12
   6.  Protocol State Machine....................................15
      6.1  Parameters per Virtual Router.........................15
      6.2  Timers................................................16
      6.3  State Transition Diagram..............................16
      6.4  State Descriptions....................................16
   7.  Sending and Receiving VRRP Packets........................20
      7.1  Receiving VRRP Packets................................20
      7.2  Transmitting Packets..................................20
      7.3  Virtual MAC Address...................................21
   8.  Operational Issues........................................22
      8.1  ICMP Redirects........................................22
      8.2  Host ARP Requests.....................................22
      8.3  Proxy ARP.............................................22
      8.4  Potential Forwarding Loop.............................23
   9.  Operation over FDDI, Token Ring, and ATM LANE.............23
      9.1  Operation over FDDI...................................23
      9.2  Operation over Token Ring.............................23
      9.3  Operation over ATM LANE...............................25
   10. Security Considerations...................................26
      10.1  No Authentication....................................26
      10.2  Simple Text Password.................................26
      10.3  IP Authentication Header.............................27
   11. Intellectual Property.....................................28
   12. Acknowledgments...........................................28
   13. References................................................28
   14. Authors' Addresses........................................29
   15. Changes from RFC2338......................................32




draft-ietf-vrrp-spec-v2-05.txt                                  [Page 2]


INTERNET-DRAFT     Virtual Router Redundancy Protocol    January 5, 2000


1.  Introduction

   There are a number of methods that an end-host can use to determine
   its first hop router towards a particular IP destination.  These
   include running (or snooping) a dynamic routing protocol such as
   Routing Information Protocol [RIP] or OSPF version 2 [OSPF], running
   an ICMP router discovery client [DISC] or using a statically
   configured default route.

   Running a dynamic routing protocol on every end-host may be
   infeasible for a number of reasons, including administrative
   overhead, processing overhead, security issues, or lack of a protocol
   implementation for some platforms.  Neighbor or router discovery
   protocols may require active participation by all hosts on a network,
   leading to large timer values to reduce protocol overhead in the face
   of large numbers of hosts.  This can result in a significant delay in
   the detection of a lost (i.e., dead) neighbor, that may introduce
   unacceptably long "black hole" periods.

   The use of a statically configured default route is quite popular; it
   minimizes configuration and processing overhead on the end-host and
   is supported by virtually every IP implementation.  This mode of
   operation is likely to persist as dynamic host configuration
   protocols [DHCP] are deployed, which typically provide configuration
   for an end-host IP address and default gateway.  However, this
   creates a single point of failure.  Loss of the default router
   results in a catastrophic event, isolating all end-hosts that are
   unable to detect any alternate path that may be available.

   The Virtual Router Redundancy Protocol (VRRP) is designed to
   eliminate the single point of failure inherent in the static default
   routed environment.  VRRP specifies an election protocol that
   dynamically assigns responsibility for a virtual router to one of the
   VRRP routers on a LAN.  The VRRP router controlling the IP
   address(es) associated with a virtual router is called the Master,
   and forwards packets sent to these IP addresses.  The election
   process provides dynamic fail-over in the forwarding responsibility
   should the Master become unavailable.  Any of the virtual router's IP
   addresses on a LAN can then be used as the default first hop router
   by end-hosts.  The advantage gained from using VRRP is a higher
   availability default path without requiring configuration of dynamic
   routing or router discovery protocols on every end-host.

   VRRP provides a function similar to a Cisco Systems, Inc. proprietary
   protocol named Hot Standby Router Protocol (HSRP) [HSRP] and to a
   Digital Equipment Corporation, Inc. proprietary protocol named IP
   Standby Protocol [IPSTB].




draft-ietf-vrrp-spec-v2-05.txt                                  [Page 3]


INTERNET-DRAFT     Virtual Router Redundancy Protocol    January 5, 2000


   The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
   "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
   document are to be interpreted as described in [RFC 2119].

   The IESG/IETF take no position regarding the validity or scope of any
   intellectual property right or other rights that might be claimed to
   pertain to the implementation or use of the technology, or the extent
   to which any license under such rights might or might not be
   available.  See the IETF IPR web page at http://www.ietf.org/ipr.html
   for additional information.


1.1  Scope

   The remainder of this document describes the features, design goals,
   and theory of operation of VRRP.  The message formats, protocol
   processing rules and state machine that guarantee convergence to a
   single Virtual Router Master are presented.  Finally, operational
   issues related to MAC address mapping, handling of ARP requests,
   generation of ICMP redirect messages, and security issues are
   addressed.

   This protocol is intended for use with IPv4 routers only.  A separate
   specification will be produced if it is decided that similar
   functionality is desirable in an IPv6 environment.


1.2  Definitions

   VRRP Router            A router running the Virtual Router Redundancy
                          Protocol.  It may participate in one or more
                          virtual routers.

   Virtual Router         An abstract object managed by VRRP that acts
                          as a default router for hosts on a shared LAN.
                          It consists of a Virtual Router Identifier and
                          a set of associated IP address(es) across a
                          common LAN.  A VRRP Router may backup one or
                          more virtual routers.

   IP Address Owner       The VRRP router that has the virtual router's
                          IP address(es) as real interface address(es).
                          This is the router that, when up, will respond
                          to packets addressed to one of these IP
                          addresses for ICMP pings, TCP connections,
                          etc.

   Primary IP Address     An IP address selected from the set of real



draft-ietf-vrrp-spec-v2-05.txt                                  [Page 4]


INTERNET-DRAFT     Virtual Router Redundancy Protocol    January 5, 2000


                          interface addresses.  One possible selection
                          algorithm is to always select the first
                          address.  VRRP advertisements are always sent
                          using the primary IP address as the source of
                          the IP packet.

   Virtual Router Master  The VRRP router that is assuming the
                          responsibility of forwarding packets sent to
                          the IP address(es) associated with the virtual
                          router, and answering ARP requests for these
                          IP addresses.  Note that if the IP address
                          owner is available, then it will always become
                          the Master.

   Virtual Router Backup  The set of VRRP routers available to assume
                          forwarding responsibility for a virtual router
                          should the current Master fail.


2.0 Required Features

   This section outlines the set of features that were considered
   mandatory and that guided the design of VRRP.


2.1 IP Address Backup

   Backup of IP addresses is the primary function of the Virtual Router
   Redundancy Protocol.  While providing election of a Virtual Router
   Master and the additional functionality described below, the protocol
   should strive to:

    - Minimize the duration of black holes.
    - Minimize the steady state bandwidth overhead and processing
      complexity.
    - Function over a wide variety of multiaccess LAN technologies
      capable of supporting IP traffic.
    - Provide for election of multiple virtual routers on a network for
      load balancing
    - Support of multiple logical IP subnets on a single LAN segment.


2.2 Preferred Path Indication

   A simple model of Master election among a set of redundant routers is
   to treat each router with equal preference and claim victory after
   converging to any router as Master.  However, there are likely to be
   many environments where there is a distinct preference (or range of



draft-ietf-vrrp-spec-v2-05.txt                                  [Page 5]


INTERNET-DRAFT     Virtual Router Redundancy Protocol    January 5, 2000


   preferences) among the set of redundant routers.  For example, this
   preference may be based upon access link cost or speed, router
   performance or reliability, or other policy considerations.  The
   protocol should allow the expression of this relative path preference
   in an intuitive manner, and guarantee Master convergence to the most
   preferential router currently available.


2.3 Minimization of Unnecessary Service Disruptions

   Once Master election has been performed then any unnecessary
   transitions between Master and Backup routers can result in a
   disruption in service.  The protocol should ensure after Master
   election that no state transition is triggered by any Backup router
   of equal or lower preference as long as the Master continues to
   function properly.

   Some environments may find it beneficial to avoid the state
   transition triggered when a router becomes available that is more
   preferential than the current Master.  It may be useful to support an
   override of the immediate convergence to the preferred path.


2.4 Extensible Security

   The virtual router functionality is applicable to a wide range of
   internetworking environments that may employ different security
   policies.  The protocol should require minimal configuration and
   overhead in the insecure operation, provide for strong authentication
   when increased security is required, and allow integration of new
   security mechanisms without breaking backwards compatible operation.


2.5 Efficient Operation over Extended LANs

   Sending IP packets on a multiaccess LAN requires mapping from an IP
   address to a MAC address.  The use of the virtual router MAC address
   in an extended LAN employing learning bridges can have a significant
   effect on the bandwidth overhead of packets sent to the virtual
   router.  If the virtual router MAC address is never used as the
   source address in a link level frame then the station location is
   never learned, resulting in flooding of all packets sent to the
   virtual router.  To improve the efficiency in this environment the
   protocol should: 1) use the virtual router MAC as the source in a
   packet sent by the Master to trigger station learning; 2) trigger a
   message immediately after transitioning to Master to update the
   station learning; and 3) trigger periodic messages from the Master to
   maintain the station learning cache.



draft-ietf-vrrp-spec-v2-05.txt                                  [Page 6]


INTERNET-DRAFT     Virtual Router Redundancy Protocol    January 5, 2000


3.0 VRRP Overview

   VRRP specifies an election protocol to provide the virtual router
   function described earlier.  All protocol messaging is performed
   using IP multicast datagrams, thus the protocol can operate over a
   variety of multiaccess LAN technologies supporting IP multicast.
   Each VRRP virtual router has a single well-known MAC address
   allocated to it.  This document currently only details the mapping to
   networks using the IEEE 802 48-bit MAC address.  The virtual router
   MAC address is used as the source in all periodic VRRP messages sent
   by the Master router to enable bridge learning in an extended LAN.

   A virtual router is defined by its virtual router identifier (VRID)
   and a set of IP addresses.  A VRRP router may associate a virtual
   router with its real addresses on an interface, and may also be
   configured with additional virtual router mappings and priority for
   virtual routers it is willing to backup.  The mapping between VRID
   and addresses must be coordinated among all VRRP routers on a LAN.
   However, there is no restriction against reusing a VRID with a
   different address mapping on different LANs.  The scope of each