[f-nsp] Cannot ping VRRP IP when backup active
Tamas Csillag
tcsillag at interware.hu
Mon May 14 18:11:20 EDT 2012
Personally, I don't think it's actually useful, but here's an
explanation from the RFC: (I'm not sure I understand it... :)
8.4. Potential Forwarding Loop
A VRRP router SHOULD not forward packets addressed to the IP
Address(es) it becomes Master for if it is not the owner. Forwarding
these packets would result in unnecessary traffic. Also in the case
of LANs that receive packets they transmit (e.g., token ring) this
can result in a forwarding loop that is only terminated when the IP
TTL expires.
One such mechanism for VRRP routers is to add/delete a reject host
route for each adopted IP address when transitioning to/from MASTER
state.
My guess would be that while the basic concept of VRRP is great,
actually it's a pretty simple protocol. So the IETF had to add/change
something, anything, to make it more different from HSRP, and avoid
copyright issues. But that's just me.
Tamas
On 05/14/2012 11:52 PM, Steven Raymond wrote:
>
> On May 14, 2012, at 2:31 PM, Niels Bakker wrote:
>
>> Add 'ip address 10.99.99.1/22 secondary' to the backup router's ve205
>> for that.
>>
>>
>> -- Niels.
>
> Good suggestion, but they outfoxed me:
>
> telnet at router(config-vif-205)#ip address 10.99.99.1 255.255.252.0 secondary
> IP/Port: Errno(13) Backup VRRP router already uses this IP address
>
> I am "okay" with the other suggestions that the ping problem is
> according to RFC standards. Just wonder why that would be considered
> useful, if indeed required by spec.
>
>
> Thank you!!
>
>
>
>
>
> _______________________________________________
> foundry-nsp mailing list
> foundry-nsp at puck.nether.net
> http://puck.nether.net/mailman/listinfo/foundry-nsp
More information about the foundry-nsp
mailing list