Manual:Interface/VRRP: Difference between revisions
No edit summary |
No edit summary |
||
| Line 11: | Line 11: | ||
<p><var>interface</var> (<em>string</em>; Default: <b></b>) - interface name on which VRRP instance will be running run.</p> | <p><var>interface</var> (<em>string</em>; Default: <b></b>) - interface name on which VRRP instance will be running run.</p> | ||
<p><var>vrid</var> (<em>integer: 1..255</em>; Default: <b>1</b>) - Virtual Router identifier. Each Virtual router must have unique id number.</p> | <p><var>vrid</var> (<em>integer: 1..255</em>; Default: <b>1</b>) - Virtual Router identifier. Each Virtual router must have unique id number.</p> | ||
<p><var>priority</var> (<em>integer: 1..254</em>; Default: <b>100</b>) - priority of VRRP node used in Master election algorithm . '255' is reserved to Router that owns IP and '0' is reserved for Master router to indicate that it is releasing responsibility.</p> | <p><var>priority</var> (<em>integer: 1..254</em>; Default: <b>100</b>) - priority of VRRP node used in Master election algorithm. Higher number i higher priority. '255' is reserved to Router that owns IP and '0' is reserved for Master router to indicate that it is releasing responsibility.</p> | ||
<p><var>interval</var> (<em>string</em>; Default: <b>1</b>) - VRRP update interval in seconds. Defines how often master sends advertisement packets | <p><var>interval</var> (<em>string</em>; Default: <b>1</b>) - VRRP update interval in seconds. Defines how often master sends advertisement packets.</p> | ||
.</p> | <p><var>preemption-mode</var> (<em>yes,no</em>; Default: <b>yes</b>) - whether master node always has the priority. When set to 'no' backup node will not be elected to be a master until the current master fail even if the backup node has higher priority than the current master. </p> | ||
<p><var>authentication</var> (<em>ah,none,simple</em>; Default: <b>none</b>) - authentication method to use for VRRP advertisement packets. | |||
<table class="styled_table"> | |||
<tr> | |||
<th width="150">Type</th> | |||
<th >Description</th> | |||
</tr> | |||
<tr> | |||
<td ><b><var>none</var></b></td> | |||
<td >should be used only in low security networks (e.g., two VRRP nodes on LAN).</td> | |||
</tr> | |||
<tr> | |||
<td ><b><var>ah</var></b></td> | |||
<td >IP Authentication Header. This algorithm provides strong protection against configuration errors, replay attacks, and and packet corruption/modification. Recommended when there is limited control over the administration of nodes on a LAN.</td> | |||
</tr> | |||
<tr> | |||
<td ><b><var>simple</var></b></td> | |||
<td >uses clear text password. Protects against accidental misconfiguration of routers on local network.</td> | |||
</tr> | |||
</table> | |||
</p> | |||
</div> | </div> | ||
Revision as of 13:48, 1 October 2008
VRRP official article
Sub-menu level: /interface vrrp
/interface vrrp
interface (string; Default: ) - interface name on which VRRP instance will be running run.
vrid (integer: 1..255; Default: 1) - Virtual Router identifier. Each Virtual router must have unique id number.
priority (integer: 1..254; Default: 100) - priority of VRRP node used in Master election algorithm. Higher number i higher priority. '255' is reserved to Router that owns IP and '0' is reserved for Master router to indicate that it is releasing responsibility.
interval (string; Default: 1) - VRRP update interval in seconds. Defines how often master sends advertisement packets.
preemption-mode (yes,no; Default: yes) - whether master node always has the priority. When set to 'no' backup node will not be elected to be a master until the current master fail even if the backup node has higher priority than the current master.
authentication (ah,none,simple; Default: none) - authentication method to use for VRRP advertisement packets.
| Type | Description |
|---|---|
| none | should be used only in low security networks (e.g., two VRRP nodes on LAN). |
| ah | IP Authentication Header. This algorithm provides strong protection against configuration errors, replay attacks, and and packet corruption/modification. Recommended when there is limited control over the administration of nodes on a LAN. |
| simple | uses clear text password. Protects against accidental misconfiguration of routers on local network. |