Let’s talk about the Vrrp protocol?

[[374759]]

This article is reprinted from the WeChat public account "Java Geek Technology". You can follow it through the following QR code. To reprint this article, please contact the Java Geek Technology public account.

keepalived is a high-availability service solution based on the VRRP protocol, which can avoid IP single point failure.

Generally works with other load balancing technologies, such as LVS, Nginx, etc. to achieve high availability of the cluster.

Today, I will talk about VRRP protocol

Introduction to VRRP (Forwarding Mechanism)

1. VRRP (Virtual Router Redundancy Protocol) adds the router that can take on the gateway function to the backup group to form a virtual router. The VRRP election mechanism determines which router takes on the forwarding task. The hosts in the LAN only need to configure the virtual router as the default gateway.
2. VRRP is a selection protocol that dynamically assigns the responsibility of a virtual router to one of the VRRP routers on the LAN. The VRRP router that controls the IP address of the virtual router is called the master router, and it is responsible for forwarding packets to these virtual IP addresses. Once the master router is unavailable, this selection process provides a dynamic failover mechanism, which allows the IP address of the virtual router to be used as the default first-hop router for the terminal host. 3. VRRP is a fault-tolerant protocol that simplifies host configuration while improving reliability. In a LAN with multicast or broadcast capabilities (such as Ethernet), VRRP can provide a highly reliable default link when a device fails, effectively avoiding the problem of network interruption after a single link fails, without modifying the configuration information of dynamic routing protocols, routing discovery protocols, etc.
3. VRRP protocol has two versions: VRRPv2 and VRRPv3. VRRPv2 is based on IPv4, and VRRPv3 is based on IPv6.
4. VRRP router: All routers running the VRRP protocol are called VRRP routers.
5. VRRP backup group: Multiple routers are divided into a group, in which a master router is elected and the others serve as backup routers. Normally, the master router is the only one working and the backup routers are idle. When the master router fails, one of the multiple backup routers is elected to replace the failed master router. The routers in this group constitute a backup group.
6. Virtual router: A virtual router is a collection of all routers in a VRRP backup group. It is a logical concept and does not really exist. When you look at the routers in the backup group from outside the backup group, it feels like all the routers in the group are just one. You can understand it as: main router + all backup routers = virtual router in a group. A virtual router has a virtual IP address and MAC address. If the virtual IP is the same as the IP of a router in the backup group, then this router is called the IP address owner and serves as the main router in the backup group.

VRRP Status

VRRP routers have three states during operation:

• Initialize state: The system enters Initialize state after startup. In this state, the router does not process any VRRP message. It can be understood as initialization.
• Master state: The router will send VRRP announcements and gratuitous ARP packets.
• Backup state: accept VRRP notifications.

Generally, the main router is in the Master state and the backup router is in the Backup state.

The VRRP working process is as follows:

1. After the router uses the VRRP function, it will determine its role in the backup group according to the priority. The router with a higher priority becomes the Master router, and the router with a lower priority becomes the Backup router. The Master router regularly sends VRRP announcement messages to notify other devices in the backup group that it is working normally; the Backup router starts the timer to wait for the arrival of the announcement message.
2. In preemptive mode, when the backup router receives a VRRP announcement message, it will compare its own priority with the priority in the announcement message. If it is greater than the priority in the announcement message, it will become the master router; otherwise, it will remain in the backup state.
3. In non-preemptive mode, as long as the Master router does not fail, the routers in the backup group always remain in the Master or Backup state. Even if the Backup router is subsequently configured with a higher priority, it will not become the Master router.
4. If the backup router does not receive the VRRP notification message from the master router after the timer times out, it is considered that the master router is no longer working properly. At this time, the backup router will consider itself the master router and send VRRP notification messages to the outside. The routers in the backup group elect the master router according to the priority and assume the function of forwarding messages.

Reflection in the project

As shown in the figure, we can see that when the front-end requests the back-end, we do not let it directly send the request to the actual server, but request the virtual IP. At this time, if the master server is not faulty, it will send the front-end request to the real server.

If the master fails to work, the backup server will forward the front-end request to the real server (Afen uses dotted lines in the figure to indicate that when the master fails, the backup is responsible for forwarding requests), thus achieving high availability of the service.

That’s all. Thank you for reading.