VRRP (Virtual Router Redundancy Protocol)
Definition
VRRP (Virtual Router Redundancy Protocol, RFC 5798) is a networking protocol that provides automatic assignment of available routers to participating hosts. It increases router availability and reliability by allowing multiple routers to act as a single virtual router.
VRRP is the foundation of high-availability gateway configurations — if the primary router fails, a backup router seamlessly takes over the virtual IP address.
How VRRP Works
Virtual IP: 192.168.1.254 (shared by all VRRP routers)
Router A (Master, priority 200) → Handles traffic for 192.168.1.254
Router B (Backup, priority 100) → Standby, monitors Router A
Router C (Backup, priority 150) → Second standby
If Router A fails:
Router C (highest priority among backups) → Takes over 192.168.1.254
Clients continue using 192.168.1.254 without reconfiguration
Key Concepts
- Virtual Router: The logical router (IP + MAC) that clients use as their default gateway
- Master Router: The router currently handling traffic for the virtual router
- Backup Routers: Routers ready to take over if the master fails
- Priority: 1-254 (higher = more likely to be master); 255 = IP address owner
- Preemption: Higher priority backup can take over from lower priority master
- Advert Interval: How often master sends VRRP advertisements (default 1s)
- VRRP Version: VRRPv2 (IPv4, RFC 3768), VRRPv3 (IPv4/IPv6, RFC 5798)
VRRP vs HSRP vs GLBP
| Feature | VRRP | HSRP | GLBP |
|---|---|---|---|
| Standard | IETF RFC 5798 | Cisco proprietary | Cisco proprietary |
| Load balancing | No (one active) | No (one active) | Yes (AVF) |
| Open standard | Yes | No | No |
| Convergence | Fast (1-3s) | Fast (1-3s) | Fast |
| Use case | Multi-vendor | Cisco-only | Cisco load balancing |
VRRP Configuration Example (Linux/iproute2)
# On Master router
vrrpd -f /etc/vrrpd.conf
# /etc/vrrpd.conf:
# vrrp_instance VI_1 {
# state MASTER
# interface eth0
# virtual_router_id 51
# priority 200
# advert_int 1
# authentication {
# auth_type pass
# auth_pass secret
# }
# virtual_ipaddress {
# 192.168.1.254
# }
# }
# On Backup router (same config, state BACKUP, priority 100)
VRRP in Infrastructure
| Use Case | Description |
|---|---|
| Gateway HA | Redundant default gateways for LAN |
| Firewall HA | Active-passive firewall pairs |
| Load balancer HA | Keepalived manages VIP for HAProxy/NGINX |
| Data center | VRRP between core switches |
Related Terms
- Keepalived — Linux implementation of VRRP
- Ha — VRRP for redundant firewall pairs
- Load Balancer