ws_brrp_en
bintec Workshop
Automatic Router Backup (Redundancy) with
BRRP
Copyright © February 20, 2006 Funkwerk Enterprise Communications GmbH
Version 1.0
Purpose
This document is part of the user’s guide to the installation and configuration of bintec gateways running software release 7.1.4 or later. For up-to-the-minute information and instructions concerning the
latest software release, you should always read our Release Notes, especially when carrying out a
software update to a later release level. The latest Release Notes can be found at www.funkwerkec.com.
Liability
While every effort has been made to ensure the accuracy of all information in this manual, Funkwerk
Enterprise Communications GmbH cannot assume liability to any party for any loss or damage caused
by errors or omissions or by statements of any kind in this document and is only liable within the scope
of its terms of sale and delivery.
The information in this manual is subject to change without notice. Additional information, changes and
Release Notes for bintec gateways can be found at www.funkwerk-ec.com.
As multiprotocol gateways, bintec gateways set up WAN connections in accordance with the system
configuration. To prevent unintentional charges accumulating, the operation of the product should be
carefully monitored. Funkwerk Enterprise Communications GmbH accepts no liability for loss of data,
unintentional connection costs and damages resulting from unsupervised operation of the product.
Trademarks
bintec and the bintec logo are registered trademarks of Funkwerk Enterprise Communications GmbH.
Other product names and trademarks mentioned are usually the property of the respective companies
and manufacturers.
Copyright
Guidelines and standards
All rights are reserved. No part of this publication may be reproduced or transmitted in any form or by
any means – graphic, electronic, or mechanical – including photocopying, recording in any medium,
taping, or storage in information retrieval systems, without the prior written permission of Funkwerk Enterprise Communications GmbH. Adaptation and especially translation of the document is inadmissible
without the prior consent of Funkwerk Enterprise Communications GmbH.
bintec gateways comply with the following guidelines and standards:
R&TTE Directive 1999/5/EG
CE marking for all EU countries and Switzerland
You will find detailed information in the Declarations of Conformity at www.funkwerk-ec.com.
How to reach Funkwerk
Enterprise Communications
GmbH
Funkwerk Enterprise Communications GmbH
Suedwestpark 94
D-90449 Nuremberg
Germany
Bintec France
6/8 Avenue de la Grande Lande
F-33174 Gradignan
France
Telephone: +49 180 300 9191 0
Fax: +49 180 300 9193 0
Internet: www.funkwerk-ec.com
Telephone: +33 5 57 35 63 00
Fax: +33 5 56 89 14 05
Internet: www.bintec.fr
1
2
Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
1.1
Scenario . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
1.2
Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4
Configuration of Physical and Virtual IP and MAC Addresses . . . 5
2.1
2.2
3
2.1.1
Configuring IP Address on LAN Interface ETH1 . . . . . . . . . . . . . . 5
2.1.2
Configuring Virtual IP Address on LAN Interface ETH1 (Virtual Interface Submenu) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6
2.1.3
Configuring IP Address on Interface ETH3 . . . . . . . . . . . . . . . . . . 7
2.1.4
Configuring Virtual IP Address on Interface ETH3 (Virtual Interface
Submenu) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8
Configuration of Gateway 2 to Backup Gateway . . . . . . . . . . . . . . . . . . . . 9
2.2.1
Configuring IP Address on LAN Interface ETH1 . . . . . . . . . . . . . . 9
2.2.2
Configuring Virtual IP Address on LAN Interface ETH1 (Virtual Interface Submenu) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10
2.2.3
Configuring IP Address on Interface ETH3 . . . . . . . . . . . . . . . . . 12
2.2.4
Configuring Virtual IP Address on Interface ETH3 (Virtual Interface
Submenu) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13
Configuration of Virtual Gateways . . . . . . . . . . . . . . . . . . . . . . . . . 15
3.1
3.2
4
Configuration of Gateway 1 to Master Gateway . . . . . . . . . . . . . . . . . . . . . 5
Configuration of Gateway 1 to Master Gateway . . . . . . . . . . . . . . . . . . . . 15
3.1.1
Settings for Virtual Gateway 1 ETH1 . . . . . . . . . . . . . . . . . . . . . . 15
3.1.2
Settings for Virtual Gateway 1 ETH3 . . . . . . . . . . . . . . . . . . . . . . 16
Configuration of Gateway 2 to Backup Gateway . . . . . . . . . . . . . . . . . . . 18
3.2.1
Settings for Virtual Gateway 2 ETH1 . . . . . . . . . . . . . . . . . . . . . . 18
3.2.2
Settings for Virtual Gateway 2 ETH3 . . . . . . . . . . . . . . . . . . . . . . 19
Configuring State Transitions . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21
4.1
Settings for Gateway 1 and Gateway 2 . . . . . . . . . . . . . . . . . . . . . . . . . . 21
Automatic Router Backup (Redundancy) with BRRP
Bintec Workshop
1
2
4.1.1
Tasks at Gateway 1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .22
4.1.2
Tasks at Gateway 2 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .23
5
BRRP Gateway State . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .25
6
Result . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .27
6.1
Test . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .27
6.2
Overview of Configuration Steps . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .29
Bintec Workshop
Automatic Router Backup (Redundancy) with BRRP
1
Introduction
1
Introduction
The configuration of BRRP (Bintec Router Redundancy Protocol) is described in the following chapters using two Bintec VPN Access 25 gateways.
The Setup Tool is used for the configuration.
1.1
Scenario
If the master gateway fails, e.g. due to a hardware fault, the backup gateway
takes over the functionality of the master gateway. The backup gateway remains in hot standby mode as long as the master gateway is active. How the
gateways behave in the event of a failure can be defined with a configurable set
of rules.
If BRRP is used, virtual IP and MAC addresses must be configured so that
these IP and MAC addresses can be passed to the backup gateway if a failure
occurs. The first step is to define the physical IP addresses on the Ethernet interface, then set additional virtual IP and MAC addresses. As the virtual addresses are the actual gateway addresses and are used for data traffic, they
must be entered in internal host and router systems. If you use a syslog server,
for example, the physical IP address can be used for management.
Automatic Router Backup (Redundancy) with BRRP
Bintec Workshop
3
1
Introduction
1.2
Requirements
■
Two Bintec VPN Access 25 gateways.
■
Internet access with static public IP address, see Bintec FAQ: Internet
leased line with fixed IP address.
■
Connect your LAN via a switch to the Ethernet interface ETH1 of the two
gateways.
■
Connect your Internet access via a switch to the Ethernet interface ETH3
of the two gateways.
You are urgently advised to read Release Notes 6.3.4 to obtain a basic understanding of the BRRP configuration.
Note
4
Bintec Workshop
Automatic Router Backup (Redundancy) with BRRP
2
Configuration of Physical and Virtual IP and MAC Addresses
2
Configuration of Physical and Virtual IP and MAC Addresses
2.1
Configuration of Gateway 1 to Master
Gateway
2.1.1
Configuring IP Address on LAN Interface ETH1
■
Go to ETHERNET UNIT 1.
VPN Access 25 Setup Tool
Bintec Access Networks GmbH
[SLOT 0 UNIT 1 ETH]: Configure Ethernet Interface
Gateway1
IP Configuration
local IP Number
local Netmask
Second Local IP Number
Second Local Netmask
Encapsulation
Mode
MAC Address
Manual
10.0.10.1
255.255.255.0
Bridging
Advanced Settings >
Virtual Interfaces >
disabled
Ethernet II
Auto
SAVE
CANCEL
Use <Space> to select
The following fields are relevant:
Field
Meaning
local IP Number
Local IP address.
local Netmask
Local netmask.
Table 2-1:
Relevant fields in ETHERNET UNIT 1
Automatic Router Backup (Redundancy) with BRRP
Bintec Workshop
5
2
Configuration of Physical and Virtual IP and MAC Addresses
Proceed as follows to define the necessary settings:
■
Enter your local IP address under LOCAL IP NUMBER, e.g. 10.0.10.1.
■
Enter your associated netmask under LOCAL NETMASK, e.g. 255.255.255.0.
■
Leave all the other settings as they are.
■
Press SAVE to confirm your settings.
2.1.2
■
Configuring Virtual IP Address on LAN Interface ETH1 (Virtual Interface Submenu)
Go to ETHERNET UNIT 1 ➜ VIRTUAL INTERFACE ➜ ADD.
VPN Access 25 Setup Tool
Bintec Access Networks GmbH
[SLOT 0 UNIT 1 ETH]..[ADD]: Configure Virtual
Gateway1
LAN Interface # 1
IP Configuration
Local IP Number
Local Netmask
BRRP
10.0.1.254
255.255.255.0
MAC Address
00005e000101
Advanced Settings >
SAVE
CANCEL
Use <Space> to select
The following fields are relevant:
Field
Meaning
IP Configuration
Type of protocol.
Local IP Number
Virtual IP address.
Local Netmask
Netmask for the virtual IP address.
MAC Address
Virtual MAC address. The first 5 bytes are
entered automatically.
Table 2-2:
6
Bintec Workshop
Relevant fields in ETHERNET UNIT 1 ➜ VIRTUAL INTERFACE ➜ ADD
Automatic Router Backup (Redundancy) with BRRP
2
Configuration of Physical and Virtual IP and MAC Addresses
Proceed as follows to define the necessary settings:
■
Set IP CONFIGURATION to BRRP.
■
Enter your virtual IP address under LOCAL IP NUMBER, e.g. 10.0.1.254.
■
Enter your associated
255.255.255.0.
■
Enter 00005e000101 under MAC ADDRESS.
■
Press SAVE to confirm your settings.
2.1.3
■
virtual
netmask
under
LOCAL
NETMASK,
Configuring IP Address on Interface ETH3
Go to ETHERNET UNIT 3.
VPN Access 25 Setup Tool
Bintec Access Networks GmbH
[SLOT 0 UNIT 3 ETH]: Configure Ethernet Interface
Gateway1
IP Configuration
local IP Number
local Netmask
Second Local IP Number
Second Local Netmask
Encapsulation
Mode
MAC Address
Manual
10.0.20.1
255.255.255.0
Bridging
Advanced Settings >
Virtual Interfaces >
disabled
Ethernet II
Auto
SAVE
CANCEL
Use <Space> to select
The following fields are relevant:
Field
Meaning
local IP Number
Local IP address.
local Netmask
Local netmask.
Table 2-3:
Relevant fields in ETHERNET UNIT 3
Automatic Router Backup (Redundancy) with BRRP
Bintec Workshop
7
2
Configuration of Physical and Virtual IP and MAC Addresses
Proceed as follows to define the necessary settings:
■
Enter your local IP address under LOCAL IP NUMBER, e.g. 10.0.20.1.
■
Enter your associated netmask under LOCAL NETMASK, e.g. 255.255.255.0.
■
Leave all the other settings as they are.
■
Press SAVE to confirm your settings.
2.1.4
■
Configuring Virtual IP Address on Interface
ETH3 (Virtual Interface Submenu)
Go to ETHERNET UNIT 3 ➜ VIRTUAL INTERFACE ➜ ADD.
VPN Access 25 Setup Tool
Bintec Access Networks GmbH
[SLOT 0 UNIT 3 ETH]..[EDIT]: Configure Virtual
Gateway1
LAN Interface # 1
IP Configuration
Local IP Number
Local Netmask
BRRP
62.155.115.11
255.255.255.0
Second Local IP Number
Second Local Netmask
MAC Address
00005e000102
Advanced Settings >
SAVE
CANCEL
Use <Space> to select
The following fields are relevant:
8
Bintec Workshop
Field
Meaning
IP Configuration
Type of protocol.
Local IP Number
Static public IP address.
Local Netmask
The associated netmask.
Automatic Router Backup (Redundancy) with BRRP
2
Configuration of Physical and Virtual IP and MAC Addresses
Field
Meaning
MAC Address
Virtual MAC address. The first 5 bytes are
entered automatically.
Table 2-4:
Relevant fields in ETHERNET UNIT 3 ➜ VIRTUAL INTERFACE ➜ ADD
Proceed as follows to define the necessary settings:
■
Set IP CONFIGURATION to BRRP.
■
Enter your static public IP address under LOCAL IP NUMBER, 62.155.115.11.
■
Enter the associated netmask under LOCAL NETMASK, e.g. 255.255.255.0.
■
Enter 00005e000102 under MAC ADDRESS.
■
Press SAVE to confirm your settings.
2.2
Configuration of Gateway 2 to Backup
Gateway
2.2.1
Configuring IP Address on LAN Interface ETH1
■
Go to ETHERNET UNIT 1.
Automatic Router Backup (Redundancy) with BRRP
Bintec Workshop
9
2
Configuration of Physical and Virtual IP and MAC Addresses
VPN Access 25 Setup Tool
Bintec Access Networks GmbH
[SLOT 0 UNIT 1 ETH]: Configure Ethernet Interface
Gateway2
IP Configuration
local IP Number
local Netmask
Second Local IP Number
Second Local Netmask
Encapsulation
Mode
MAC Address
Manual
10.0.10.2
255.255.255.0
Bridging
Advanced Settings >
Virtual Interfaces >
disabled
Ethernet II
Auto
SAVE
CANCEL
Use <Space> to select
The following fields are relevant:
Field
Meaning
local IP Number
Local IP address.
local Netmask
Local netmask.
Table 2-5:
Relevant fields in ETHERNET UNIT 1
Proceed as follows to define the necessary settings:
■
Enter your local IP address under LOCAL IP NUMBER, e.g. 10.0.10.2.
■
Enter your associated netmask under LOCAL NETMASK, 255.255.255.0.
■
Leave all the other settings as they are.
■
Press SAVE to confirm your settings.
2.2.2
■
10
Bintec Workshop
Configuring Virtual IP Address on LAN Interface ETH1 (Virtual Interface Submenu)
Go to ETHERNET UNIT 1 ➜ VIRTUAL INTERFACE ➜ ADD.
Automatic Router Backup (Redundancy) with BRRP
Configuration of Physical and Virtual IP and MAC Addresses
2
VPN Access 25 Setup Tool
Bintec Access Networks GmbH
[SLOT 0 UNIT 1 ETH]..[ADD]: Configure Virtual
Gateway2
LAN Interface # 1
IP Configuration
Local IP Number
Local Netmask
BRRP
10.0.1.254
255.255.255.0
MAC Address
00005e000101
Advanced Settings >
SAVE
CANCEL
Use <Space> to select
The following fields are relevant:
Field
Meaning
IP Configuration
Type of protocol.
local IP Number
Static public IP address.
local Netmask
The associated netmask.
MAC Address
Virtual MAC address. The first 5 bytes are
entered automatically.
Table 2-6:
Relevant fields in ETHERNET UNIT 1 ➜ VIRTUAL INTERFACE ➜ ADD
Proceed as follows to define the necessary settings:
■
Set IP CONFIGURATION to BRRP.
■
Enter your local IP address under LOCAL IP NUMBER, e.g. 10.0.1.254.
■
Enter your associated netmask under LOCAL NETMASK, e.g. 255.255.255.0.
■
Enter 00005e000101 under MAC ADDRESS.
■
Press SAVE to confirm your settings.
Automatic Router Backup (Redundancy) with BRRP
Bintec Workshop
11
2
Configuration of Physical and Virtual IP and MAC Addresses
2.2.3
■
Configuring IP Address on Interface ETH3
Go to ETHERNET UNIT 3.
VPN Access 25 Setup Tool
Bintec Access Networks GmbH
[SLOT 0 UNIT 3 ETH]: Configure Ethernet Interface
Gateway2
IP Configuration
local IP Number
local Netmask
Second Local IP Number
Second Local Netmask
Encapsulation
Mode
MAC Address
Manual
10.0.20.2
255.255.255.0
Bridging
Advanced Settings >
Virtual Interfaces >
disabled
Ethernet II
Auto
SAVE
CANCEL
Use <Space> to select
The following fields are relevant:
Field
Meaning
local IP Number
Local IP address.
local Netmask
Local netmask.
Table 2-7:
Relevant fields in ETHERNET UNIT 3
Proceed as follows to define the necessary settings:
12
Bintec Workshop
■
Enter your local IP address under LOCAL IP NUMBER, e.g. 10.0.20.2.
■
Enter your associated netmask under LOCAL NETMASK, 255.255.255.0.
■
Leave all the other settings as they are.
■
Press SAVE to confirm your settings.
Automatic Router Backup (Redundancy) with BRRP
Configuration of Physical and Virtual IP and MAC Addresses
2.2.4
■
2
Configuring Virtual IP Address on Interface
ETH3 (Virtual Interface Submenu)
Go to ETHERNET UNIT 3 ➜ VIRTUAL INTERFACE ➜ ADD.
VPN Access 25 Setup Tool
Bintec Access Networks GmbH
[SLOT 0 UNIT 3 ETH]..[EDIT]: Configure Virtual
Gateway2
LAN Interface # 1
IP Configuration
Local IP Number
Local Netmask
BRRP
62.155.115.11
255.255.255.0
Second Local IP Number
Second Local Netmask
MAC Address
00005e000102
Advanced Settings >
SAVE
CANCEL
Use <Space> to select
The following fields are relevant:
Field
Meaning
IP Configuration
Type of protocol.
Local IP Number
Static public IP address.
Local Netmask
The associated netmask.
MAC Address
Virtual MAC address. The first 5 bytes are
entered automatically.
Table 2-8:
Relevant fields in ETHERNET UNIT 3 ➜ VIRTUAL INTERFACE ➜ ADD
Proceed as follows to define the necessary settings:
■
Set IP CONFIGURATION to BRRP.
■
Enter your static public IP address under LOCAL IP NUMBER, e.g.
62.155.115.11.
Automatic Router Backup (Redundancy) with BRRP
Bintec Workshop
13
2
14
Configuration of Physical and Virtual IP and MAC Addresses
Bintec Workshop
■
Enter the associated netmask under LOCAL NETMASK, e.g. 255.255.255.0.
■
Enter 00005e000102 under MAC ADDRESS.
■
Press SAVE to confirm your settings.
Automatic Router Backup (Redundancy) with BRRP
Configuration of Virtual Gateways
3
Note
3
Configuration of Virtual Gateways
■
The right interface is selected automatically when the Virtual Router ID (VR
ID) is selected.
■
PRIORITY 255 means that the gateway always has the master function.
■
If you select optional authentication, the password is transferred in clear
text and would be readable with a sniffer.
3.1
Configuration of Gateway 1 to Master
Gateway
The configuration is made in the Setup Tool in the BRRP menu.
3.1.1
■
Settings for Virtual Gateway 1 ETH1
Go to BRRP ➜ CONFIGURATION ➜ ADD.
VPN Access 25 Setup Tool
Bintec Access Networks GmbH
[BRRP][DAEMON][ADD]: Configure Virtual Router
Gateway1
Virtual Router ID
Virtual Router State
1
up
Priority
254
Interface
Master IP Address
MAC Address
en0-1-1
10.0.1.254
00005e000101
Advertisement Interval
Master Down Interval
Pre-empt Mode
Authentication Type
1
3
false
No Authentication
SAVE
Automatic Router Backup (Redundancy) with BRRP
CANCEL
Bintec Workshop
15
3
Configuration of Virtual Gateways
The following fields are relevant:
Field
Meaning
Virtual Router ID
The ID of the virtual gateway.
Virtual Router State
The state of the virtual gateway.
Priority
The priority of the gateway.
Pre-empt Mode
Mode in case of a failure.
Table 3-1:
Relevant fields in BRRP ➜ CONFIGURATION ➜ ADD
Proceed as follows to define the necessary settings:
■
Set VIRTUAL ROUTER ID to 1.
■
Set VIRTUAL ROUTER STATE to up.
■
Enter 254 under PRIORITY.
■
Set PRE-EMPT MODE to false.
■
Leave all the other settings as they are.
■
Press SAVE to confirm your settings.
3.1.2
■
16
Bintec Workshop
Settings for Virtual Gateway 1 ETH3
Go to BRRP ➜ CONFIGURATION ➜ ADD.
Automatic Router Backup (Redundancy) with BRRP
Configuration of Virtual Gateways
3
VPN Access 25 Setup Tool
Bintec Access Networks GmbH
[BRRP][DAEMON][ADD]: Configure Virtual Router
Gateway1
Virtual Router ID
Virtual Router State
2
up
Priority
254
Interface
Master IP Address
MAC Address
en0-3-1
62.155.115.11
00005e000102
Advertisement Interval
Master Down Interval
Pre-empt Mode
Authentication Type
1
3
false
No Authentication
SAVE
CANCEL
The following fields are relevant:
Field
Meaning
Virtual Router ID
The ID of the virtual gateway.
Virtual Router State
The state of the virtual gateway.
Priority
The priority of the gateway.
Pre-empt Mode
Mode in case of a failure.
Table 3-2:
Relevant fields in BRRP ➜ CONFIGURATION ➜ ADD
Proceed as follows to define the necessary settings:
■
Set VIRTUAL ROUTER ID to 2.
■
Set VIRTUAL ROUTER STATE to up.
■
Enter 254 under PRIORITY.
■
Set PRE-EMPT MODE to false.
■
Leave all the other settings as they are.
■
Press SAVE to confirm your settings.
Automatic Router Backup (Redundancy) with BRRP
Bintec Workshop
17
3
Configuration of Virtual Gateways
3.2
Configuration of Gateway 2 to Backup
Gateway
The configuration is made in the Setup Tool in the BRRP menu.
3.2.1
■
Settings for Virtual Gateway 2 ETH1
Go to BRRP ➜ CONFIGURATION ➜ ADD
.
VPN Access 25 Setup Tool
Bintec Access Networks GmbH
[BRRP][DAEMON][ADD]: Configure Virtual Router
Gateway2
Virtual Router ID
Virtual Router State
1
up
Priority
100
Interface
Master IP Address
MAC Address
en0-1-1
10.0.1.254
00005e000101
Advertisement Interval
Master Down Interval
Pre-empt Mode
Authentication Type
1
3
false
No Authentication
SAVE
CANCEL
The following fields are relevant:
Field
Meaning
Virtual Router ID
The ID of the virtual gateway.
Virtual Router State
The state of the virtual gateway.
Priority
The priority of the gateway.
Pre-empt Mode
Mode in case of a failure.
Table 3-3:
18
Bintec Workshop
Relevant fields in BRRP ➜ CONFIGURATION ➜ ADD
Automatic Router Backup (Redundancy) with BRRP
Configuration of Virtual Gateways
3
Proceed as follows to define the necessary settings:
■
Set VIRTUAL ROUTER ID to 1.
■
Set VIRTUAL ROUTER STATE to up.
■
Enter the priority under PRIORITY, e.g. 100.
■
Set PRE-EMPT MODE to false.
■
Leave all the other settings as they are.
■
Press SAVE to confirm your settings.
3.2.2
■
Settings for Virtual Gateway 2 ETH3
Go to BRRP ➜ CONFIGURATION ➜ ADD
VPN Access 25 Setup Tool
Bintec Access Networks GmbH
[BRRP][DAEMON][ADD]: Configure Virtual Router
Gateway2
Virtual Router ID
Virtual Router State
2
up
Priority
100
Interface
Master IP Address
MAC Address
en0-3-1
62.155.115.11
00005e000102
Advertisement Interval
Master Down Interval
Pre-empt Mode
Authentication Type
1
3
false
No Authentication
SAVE
CANCEL
The following fields are relevant:
Field
Meaning
Virtual Router ID
The ID of the virtual gateway.
Virtual Router State
The state of the virtual gateway.
Automatic Router Backup (Redundancy) with BRRP
Bintec Workshop
19
3
Configuration of Virtual Gateways
Field
Meaning
Priority
The priority of the gateway.
Pre-empt Mode
Mode in case of a failure.
Table 3-4:
Relevant fields in BRRP ➜ CONFIGURATION ➜ ADD
Proceed as follows to define the necessary settings:
20
Bintec Workshop
■
Set VIRTUAL ROUTER ID to 2.
■
Set VIRTUAL ROUTER STATE to up.
■
Enter the priority under PRIORITY, e.g. 100.
■
Set PRE-EMPT MODE to false.
■
Leave all the other settings as they are.
■
Press SAVE to confirm your settings.
Automatic Router Backup (Redundancy) with BRRP
Configuring State Transitions
4
4
Configuring State Transitions
Up to now you have configured a LAN-side gateway (VR ID 1) ETH1 and a
WAN-side gateway (VR ID 2) ETH3. Now an adjustment must be made between these two gateways. For example, if the ETH1 interface fails, no external
to internal routing would take place. The ETH3 interface must therefore be deactivated as well. The resulting state changes are described below.
4.1
■
Settings for Gateway 1 and Gateway 2
Go to BRRP ➜ TASK DEFINITION ➜ ADD.
VPN Access 25 Setup Tool
Bintec Access Networks GmbH
[BRRP][TASKS][ADD]: Redundancy Task Definition
Gateway1
Task ID
1
Master Interface Protocol
Master Action
Virtual Router ID
BRRP
any
1
Slave Interface Protocol
Slave Admin Action
Virtual Router ID
BRRP
sync
2
SAVE
CANCELs
The following fields are relevant:
Field
Meaning
Master Interface Protocol
The protocol used.
Master Action
The state of the virtual gateway.
Virtual Router ID
The virtual router ID used.
Slave Interface Protocol
The protocol used.
Slave Admin Action
The state of the virtual gateway.
Automatic Router Backup (Redundancy) with BRRP
Bintec Workshop
21
4
Configuring State Transitions
Field
Meaning
Virtual Router ID
The virtual router ID used.
Table 4-1:
Relevant fields in BRRP ➜ TASK DEFINITION ➜ ADD
Proceed as follows to define the necessary settings:
■
Set MASTER INTERFACE PROTOCOL to BRRP.
■
Set MASTER ACTION to any.
■
Set VIRTUAL ROUTER ID to 1.
■
Set SLAVE INTERFACE PROTOCOL to BRRP.
■
Set SLAVE ADMIN ACTION to sync.
■
Set VIRTUAL ROUTER ID to 2.
■
Press SAVE to confirm your settings.
Use the settings for all tasks as shown in the two tables below.
Note
4.1.1
■
22
Bintec Workshop
Tasks at Gateway 1
Go to BRRP ➜ TASK DEFINITION.
Automatic Router Backup (Redundancy) with BRRP
Configuring State Transitions
VPN Access 25 Setup Tool
[BRRP][TASKS]: Task List
Task
ID
Master
Trigger
BRRP
BRRP
any
any
ADD
VR_ID/IFC
1
2
Protocol
BRRP
BRRP
DELETE
4.1.2
■
Bintec Access Networks GmbH
Gateway1
Protocol
1
2
4
Slave
Action
sync
sync
VR_ID/IFC
2
1
EXIT
Tasks at Gateway 2
Go to BRRP ➜ TASK DEFINITION
.
VPN Access 25 Setup Tool
[BRRP][TASKS]: Task List
Task
ID
Bintec Access Networks GmbH
Gateway2
Master
Trigger
BRRP
BRRP
any
any
1
2
Protocol
ADD
VR_ID/IFC
1
2
DELETE
Protocol
BRRP
BRRP
Slave
Action
sync
sync
VR_ID/IFC
2
1
EXIT
The figure for the Task ID is used to improve sorting the entries, but has no effect on the function of the rules. The list is sorted numerically by Task ID.
Note
Automatic Router Backup (Redundancy) with BRRP
Bintec Workshop
23
4
Configuring State Transitions
Explanation of rules:
Each virtual gateway has an OPERADMINSTATE (up or down) and an OPERSTATE
(Init, backup or master). If the OPERADMINSTATE is down, the virtual gateway is
deactivated and the OPERSTATE is init. If the OPERADMINSTATE is up, the gateway assumes the OPERSTATE master or backup, depending on the advertisement packets received from other routers and its own priority.
1st rule:
IF VR1 is in the OPERSTATE Init, the VR2 is set to the ADMINSTATE Down internally (= OPERSTATE Init), to have the backup router handle the entire traffic.
If VR1 is in the OPERSTATE Backup, the VR2 is forced to the OPERSTATE
Backup. If this is not possible, both VRs are set to the STATE Init or Master (according to the state previously active).
If the VR1 is in the OPERSTATE Master, the VR2, too, tries to get OPERSTATE
Master. This is reached most easily by having the backup router quit its master
role "voluntarily".
2nd rule:
This is the same behavior as for rule 1, but conversely! If VR 2 changes its
OPERSTATE, the state at VR 1 must be changed accordingly.
24
Bintec Workshop
Automatic Router Backup (Redundancy) with BRRP
BRRP Gateway State
5
5
BRRP Gateway State
The respective state is shown under CONFIGURATION in BRRP.
As can be seen, both virtual interfaces of gateway 1 are in the master state and
both virtual interfaces of gateway 2 in the backup state.
■
Go to BRRP ➜ CONFIGURATION.
VPN Access 25 Setup Tool
[BRRP][DAEMON]: Virtual Router List
Bintec Access Networks GmbH
Gateway1
VrID
Prio
State
Interface
IP Address
MAC Address
1
2
254
254
master
master
en0-1-1
en0-3-1
10.0.1.254
62.155.115.11
00005e000101
00005e000102
ADD
DELETE
VPN Access 25 Setup Tool
[BRRP][DAEMON]: Virtual Router List
EXIT
Bintec Access Networks GmbH
Gateway2
VrID
Prio
State
Interface
IP Address
MAC Address
1
2
100
100
backup
backup
en0-1-1
en0-3-1
10.0.1.254
62.155.115.11
00005e000101
00005e000102
ADD
DELETE
EXIT
Return to the main menu and finally save your new configuration in the flash
memory with EXIT and SAVE AS BOOT CONFIGURATION AND EXIT.
Automatic Router Backup (Redundancy) with BRRP
Bintec Workshop
25
5
BRRP Gateway State
26
Bintec Workshop
Automatic Router Backup (Redundancy) with BRRP
Result
6
6
Result
You have now created a redundant system. If a gateway fails, the other gateway
takes over its function. This ensures a virtually uninterrupted connection.
6.1
Test
You can trace what happens in the event of a failure by entering debug all in
the command line of gateway 2. This is done by disconnecting the cable from
the Ethernet interface ETH1.
Automatic Router Backup (Redundancy) with BRRP
Bintec Workshop
27
6
Result
Gateway2:> debug all
00:29:47 INFO/ETHER: en0-1: link down
00:29:47 DEBUG/ETHER: slot 0/1: rmv multicast 01:00:5e:00:00:12
00:29:47 NOTICE/INET: BRRP: vr # 1 - disable ifc 104
00:29:47 NOTICE/INET: BRRP: vr # 1 stopped
00:29:47 INFO/INET: BRRP: wd_action: vr # 2 ==> stop vr
00:29:47 NOTICE/INET: BRRP: vr # 2 - disable ifc 304
00:29:47 DEBUG/ETHER: slot 0/3: rmv multicast 01:00:5e:00:00:12
00:29:47 NOTICE/INET: BRRP: vr # 2 stopped
00:30:12 INFO/ETHER: en0-1: (100BaseTx/halfdup) link up
00:30:12 INFO/INET: BRRP:
00:30:12 INFO/INET: BRRP: VRouter PRIO
: 100
00:30:12 INFO/INET: BRRP: VRouter MAC_ADDR
: 00005e000101
00:30:12 INFO/INET: BRRP: VRouter IF_INDEX
: 100
00:30:12 INFO/INET: BRRP: VRouter IP
: 10.0.10.2
00:30:12 INFO/INET: BRRP: VRouter ADV_INT
: 1000
00:30:12 INFO/INET: BRRP: VRouter MASTER_DOWN: 3609
00:30:12 INFO/INET: BRRP: VRouter SKEW_TIME : 609
00:30:12 INFO/INET: BRRP: VRouter State
: 0
00:30:12 INFO/INET: BRRP: Server IF_INDEX
: 104
00:30:12 INFO/INET: BRRP: Server NB_IP
00:30:12 INFO/INET: BRRP: Server NB_IP
00:30:12 INFO/INET: BRRP: Server MAC_ADDR
: 00005e000101
00:30:12 DEBUG/ETHER: slot 0/1: add multicast 01:00:5e:00:00:12
00:30:12 NOTICE/INET: BRRP: vr # 1 now in backup state
00:30:12 NOTICE/INET: BRRP: vr # 1 started on ifc 104 ip 10.0.1.0 mac
00005e000101
00:30:12 INFO/INET: BRRP: wd_action: vr # 2 ==> start vr
00:30:12 INFO/INET: BRRP: VRouter VR_ID
: 2
00:30:12 INFO/INET: BRRP: VRouter PRIO
: 100
00:30:12 INFO/INET: BRRP: VRouter MAC_ADDR
: 00005e000102
00:30:12 INFO/INET: BRRP: VRouter IF_INDEX
: 300
00:30:12 INFO/INET: BRRP: VRouter IP
: 10.0.20.2
00:30:12 INFO/INET: BRRP: VRouter ADV_INT
: 1000
00:30:12 INFO/INET: BRRP: VRouter MASTER_DOWN: 3609
00:30:12 INFO/INET: BRRP: VRouter SKEW_TIME : 609
00:30:12 INFO/INET: BRRP: VRouter State
: 0
00:30:12 INFO/INET: BRRP: Server IF_INDEX
: 304
00:30:12 INFO/INET: BRRP: Server NB_IP
: 1
00:30:12 INFO/INET: BRRP: Server IPs
: 62.155.115.0
00:30:12 INFO/INET: BRRP: Server MAC_ADDR
: 00005e000102
00:30:12 DEBUG/ETHER: slot 0/3: add multicast 01:00:5e:00:00:12
00:30:12 NOTICE/INET: BRRP: vr # 2 now in backup state
00:30:12 NOTICE/INET: BRRP: vr # 2 started on ifc 304 ip 62.155.115.0
mac 00005e000102
28
Bintec Workshop
Automatic Router Backup (Redundancy) with BRRP
Result
6.2
6
Overview of Configuration Steps
Field
Menu
Description
Compulsory field
local IP Number
ETHERNET UNIT 1
e.g. 10.0.10.1
Yes
local Netmask
ETHERNET UNIT 1
e.g. 255.255.255.0
Yes
IP Configuration
ETH UNIT 1 ➜ VIRTUAL INTERFACE ➜ ADD
BRRP
Yes
Local IP Number
ETH UNIT 1 ➜ VIRTUAL INTERFACE ➜ ADD
e.g. 10.0.1.254 (LAN)
Yes
Local Netmask
ETH UNIT 1 ➜ VIRTUAL INTERFACE ➜ ADD
e.g. 255.255.255.0
Yes
MAC Address
ETH UNIT 1 ➜ VIRTUAL INTERFACE ➜ ADD
00005e000101
Yes
local IP Number
ETHERNET UNIT 3
e.g. 10.0.20.1
Yes
local Netmask
ETHERNET UNIT 3
e.g. 255.255.255.0
Yes
IP Configuration
ETH UNIT 3 ➜ VIRTUAL INTERFACE ➜ ADD
BRRP
Yes
Local IP Number
ETH UNIT 3 ➜ VIRTUAL INTERFACE ➜ ADD
e.g.
62.155.115.11(WAN)
Yes
Local Netmask
ETH UNIT 3 ➜ VIRTUAL INTERFACE ➜ ADD
e.g. 255.255.255.0
Yes
MAC Address
ETH UNIT 3 ➜ VIRTUAL INTERFACE ➜ ADD
00005e000102
Yes
Virtual Router ID
BRRP ➜ CONFIGURATION ➜ ADD
1
Yes
Virtual Router State
BRRP ➜ CONFIGURATION ➜ ADD
up
Yes
Priority
BRRP ➜ CONFIGURATION ➜ ADD
e.g. 254 (Master)
Yes
Pre-empt Mode
BRRP ➜ CONFIGURATION ➜ ADD
e.g. false
Yes
Virtual Router ID
BRRP ➜ CONFIGURATION ➜ ADD
1
Yes
Virtual Router State
BRRP ➜ CONFIGURATION ➜ ADD
up
Yes
Priority
BRRP ➜ CONFIGURATION ➜ ADD
e.g. 100 (Backup)
Yes
Pre-empt Mode
BRRP ➜ CONFIGURATION ➜ ADD
e.g. false
Yes
Task ID
BRRP ➜ TASK DEFINITION ➜ ADD
1
Yes
Automatic Router Backup (Redundancy) with BRRP
Bintec Workshop
29
6
30
Result
Field
Menu
Description
Compulsory field
Master Interface Protocol
BRRP ➜ TASK DEFINITION ➜ ADD
BRRP
Yes
Master Action
BRRP ➜ TASK DEFINITION ➜ ADD
any
Yes
Virtual Router ID
BRRP ➜ TASK DEFINITION ➜ ADD
1
Yes
Slave Interface Protocol
BRRP ➜ TASK DEFINITION ➜ ADD
BRRP
Yes
Slave Admin Action
BRRP ➜ TASK DEFINITION ➜ ADD
sync
Yes
Virtual Router ID
BRRP ➜ TASK DEFINITION ➜ ADD
2
Yes
Task ID
BRRP ➜ TASK DEFINITION ➜ ADD
2
Yes
Master Interface Protocol
BRRP ➜ TASK DEFINITION ➜ ADD
BRRP
Yes
Master Action
BRRP ➜ TASK DEFINITION ➜ ADD
any
Yes
Virtual Router ID
BRRP ➜ TASK DEFINITION ➜ ADD
2
Yes
Slave Interface Protocol
BRRP ➜ TASK DEFINITION ➜ ADD
BRRP
Yes
Slave Admin Action
BRRP ➜ TASK DEFINITION ➜ ADD
sync
Yes
Virtual Router ID
BRRP ➜ TASK DEFINITION ➜ ADD
1
Yes
Bintec Workshop
Automatic Router Backup (Redundancy) with BRRP
Was this manual useful for you? yes no
Thank you for your participation!

* Your assessment is very important for improving the work of artificial intelligence, which forms the content of this project

Download PDF

advertising