[j-nsp] limitation to vrrp-group inheritance on MX?

Clarke Morledge chmorl at wm.edu
Mon Jul 22 17:18:14 EDT 2013 

It looks like there is a limitation as to the number of times you can 
inherit settings from a particular vrrp-group on a single interface, but 
is this correct?

Assume you have a single vlan with multiple IP subnets configured. 
However, all you need is to have a single vrrp-group where all of the 
other IP subnets can inherit vrrp config information from, let's say, the 
vrrp group with the preferred address.  For example:

[edit interfaces irb unit 100]
MX# show
family inet {
     address 192.168.37.3/25 {
         preferred;
         vrrp-group 100 {
             priority 125;
             accept-data;
             virtual-address 192.168.37.1;
         }
     }
     address 192.168.38.3/25 {
         vrrp-group 101 {
             virtual-address 192.168.38.1;
             vrrp-inherit-from {
                 active-interface irb.100;
                 active-group 100;
             }
         }
     }
     address 192.168.39.3/25 {
         vrrp-group 102 {
             virtual-address 192.168.39.1;
             vrrp-inherit-from {
                 active-interface irb.100;
                 active-group 100;
             }
         }
     }
}


For each IP address configured on the IRB interface (associated with one 
particular vlan), you must have a DIFFERENT vrrp-group configured, even 
though the "inheriting" addresses are only effectively using the 
vrrp-group number as unique identifiers and place holders.

If you try to use the SAME vrrp-group number for each address; e.g. "100", 
you get a configuration error upon commit:

"Duplicate interface: irb unit: 100 vrrp-group: 100 for address:....."

Vrrp has a limitation as to the nunmber of groups available per vlan, 255. 
Granted, having more than 255 addresses per interface is a lot, but it 
seems arbitrary that the MX limits you to only having 255 IP subnets per 
vlan that can use VRRP.

Having a maximum of 255 VRRP active groups per vlan makes sense, as this 
is what the VRRP standard specifies, but when you have a bunch of 
basically "inactive" groups that inherit from one active group, it seems 
bizarre that Junos says, "NOPE, you can only have a maximum of 254 
placeholders for inactive vrrp groups per interface."

Am I misunderstanding something here?

Clarke Morledge
College of William and Mary
Information Technology - Network Engineering
Jones Hall (Room 18)
Williamsburg VA 23187

More information about the juniper-nsp mailing list