HomeNetworkingHuaweiAssociation between VRRP and BFD Implementation on Huawei routers.

Association between VRRP and BFD Implementation on Huawei routers.

Association between VRRP and BFD Implementation on Huawei routers.

  • January 26, 2025
  • Posted by: James Majani
  • Categories: Huawei, Networking
405 Comments

VRRP basic concepts.

VRRP groups several routers into a virtual router. If one of routers fails, traffic can be switched to another router, ensuring service continuity and reliability.

After a VRRP group is configured, VRRP devices negotiate the master/backup state through VRRP Advertisement packets. If an interface or a link fails, or the network topology changes, devices in the VRRP group cannot immediately detect the failure or change. Consequently, the master/backup VRRP switchover is delayed. Additionally, after a master/backup VRRP switchover is complete, route switching fails to be performed because no route is associated with the VRRP group, interrupting the normal forwarding of traffic.

To resolve these problems, configure VRRP association. If an object associated with a VRRP group fails, the VRRP group is notified and performs a primary/secondary link switchover. In addition, when a master/backup VRRP switchover is performed, the VRRP group instructs its associated object to perform a switchover accordingly. VRRP association ensures proper traffic forwarding and improves link reliability.

BFD is used to rapidly detect faults in links or IP routes. BFD for VRRP enables a master/backup VRRP switchover to be completed within 1 second, thereby preventing traffic loss. A BFD session is established between the master and backup devices in a VRRP group and is bound to the VRRP group. BFD immediately detects communication faults in the VRRP group and instructs the VRRP group to perform a master/backup switchover, minimizing service interruptions.

Networking description.

An enterprise LAN has two egress Core switches . Users are connected to access switches and access switches aggregate to the Core. Gateway of LAN services as well as DHCP server for the campus network is on the Core switches. VRRP is implemented to enhance gateway reliability, multiple gateways are deployed to prevent a single point of failure. Implement BFD for VRRP. Bidirectional Forwarding Detection (BFD) for Virtual Router Redundancy Protocol (VRRP) is a mechanism that detects link or IP route failures and quickly switches between master and backup devices. This helps to minimize service interruptions and prevent traffic loss.

Step 1: Configure Basic parameters on devices.

*******************************************ACC-01
system-view
sysname ACC-01
#
vlan batch 10
#
interface Ethernet0/0/1
 port link-type access
 port default vlan 10
#
interface Ethernet0/0/2
 port link-type access
 port default vlan 10
#
int
interface GigabitEthernet0/0/1
 port link-type trunk
 undo port trunk allow-pass vlan 1
 port trunk allow-pass vlan 10
#
interface GigabitEthernet0/0/2
 port link-type trunk
 undo port trunk allow-pass vlan 1
 port trunk allow-pass vlan 10
#
return


*******************************************CORE-01
system-view
sysname CORE-01
#
vlan batch 10
#
dhcp enable
#
ip pool rd
 gateway-list 192.168.10.3
 network 192.168.10.0 mask 255.255.255.0
 excluded-ip-address 192.168.10.1 192.168.10.2
#
interface Vlanif10
 ip address 192.168.10.1 255.255.255.0
 dhcp select global
#
interface GigabitEthernet0/0/1
 port link-type trunk
 undo port trunk allow-pass vlan 1
 port trunk allow-pass vlan 10 
#
return


*******************************************CORE-02
system-view
sysname CORE-02
#
vlan batch 10
#
dhcp enable
#
interface Vlanif10
 ip address 192.168.10.2 255.255.255.0
 dhcp select global
#
interface GigabitEthernet0/0/2
 port link-type trunk
 undo port trunk allow-pass vlan 1
 port trunk allow-pass vlan 10
#
return

Step 2: Configure BFD session between CORE-01 and CORE-02.

*******************************************CORE-01
system-view
#
bfd
#
bfd trackvrrp bind peer-ip 192.168.10.2 interface Vlanif10
 discriminator local 1
 discriminator remote 2
 commit

*******************************************CORE-01
system-view
#
bfd

bfd trackvrrp bind peer-ip 192.168.10.1 interface Vlanif10
 discriminator local 2
 discriminator remote 1
 commit
#
return

Step 3: Check BFD session.

Step 4. Configure VRRP.

*******************************************CORE-01
system-view
#
interface Vlanif10
 vrrp vrid 1 virtual-ip 192.168.10.3
 vrrp vrid 1 priority 150
 vrrp vrid 1 preempt-mode timer delay 10
#
return

*******************************************CORE-02
system-view
#
interface Vlanif10
 vrrp vrid 1 virtual-ip 192.168.10.3
#
return

Step 5: Check VRRP status.

The command outputs show that the VRRP status of CORE-01 is Master and that of CORE-02 is Backup.

Step 6: Configure association between VRRP and BFD on CORE-02.

*******************************************CORE-02
system-view
#
interface Vlanif10
 vrrp vrid 1 track bfd-session 2 increased 100
#
return

Step 7. Check VRRP status and association with BFD.

The output shows that association between VRRP and BFD differs from VRRP. Specifically, after a VRRP group is associated with a BFD session and a fault occurs, the backup device immediately preempts the master role by increasing its VRRP priority, and it does not wait for a period three times the interval at which VRRP Advertisement packets are sent. This means that a master/backup VRRP switchover can be performed in milliseconds.

Step 8: Simulate failure on CORE-01 to trigger switchover.

*******************************************CORE-01
system-view
#
interface Vlanif10
 shutdown
#
return

Step 9: Check VRRP status.

If BFD detects a fault, the BFD session goes down. CORE-02 increases its VRRP priority to 200 (100 + 100 = 200), making it higher than CORE-01’s VRRP priority. CORE-02 then immediately preempts the master role and sends gratuitous ARP packets to allow hosts to update ARP entries.



405 Comments

Leave a Reply

This website uses cookies and asks your personal data to enhance your browsing experience.
Ok, I agree Privacy Policy

Privacy Policy