[c-nsp] securing a vrrp setup

bangky mailinglist at bangky.net
Fri Dec 28 04:13:55 EST 2007


Hi all,

I am looking into how to secure a VRRP setup.
Could someone please let me know whether it's possible to prevent a 
rouge router from taking over as the VRRP master?

As far as I am aware, VRRP has an option for MD5 hash authentication.
However, apart from notifying the administrator of the presence of a 
router with incorrect authentication information, there seems to be 
little that the actual VRRP router can do to prevent traffic from 
flowing to the rogue router.

Is there anyway that I can automatically block the rouge router from 
participating in the VRRP group?

Thanks in advance and Happy Holidays.
--
bangky


More information about the cisco-nsp mailing list