Network Working Group H. Zhai, Ed. Internet-Draft X. Gong Expires: April 19, 2011 ZTE Corporation October 16, 2010 Extensions to VRRP for Fast Transition of Failed Master draft-zhai-vrrp-extension-ft-fm-00 Abstract This document extends VRRP mechanism to support fast transition of non-master router to master when the original master router (is not functioning or) becomes unavailable. Through introducing another state of router, named alternate state, when the failure of master router is detected by alternate router with fast detection technology, such as BFD, it will transmit to master immediately. Then the new master will inform other routers in its VRRP group to elect a new alternate router, and a fast detection session will be established between alternate and master routers, through which the availability of the master can be detected by alternate router. Status of this Memo This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet- Drafts is at http://datatracker.ietf.org/drafts/current/. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." This Internet-Draft will expire on April 19, 2011. Copyright Notice Copyright (c) 2010 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents Zhai & Gong Expires April 19, 2011 [Page 1] Internet-Draft vrrp-extension-ft-fm October 2010 carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License. Table of Contents 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3 2. Conventions used in this document . . . . . . . . . . . . . . 6 3. Abbreviations . . . . . . . . . . . . . . . . . . . . . . . . 7 4. Definition . . . . . . . . . . . . . . . . . . . . . . . . . . 8 5. Extensions to VRRP . . . . . . . . . . . . . . . . . . . . . . 9 5.1. Extended VRRP Packet Format . . . . . . . . . . . . . . . 9 5.1.1. Extended VRRP Packet Header . . . . . . . . . . . . . 10 5.1.2. Extended VRRP Packet Body . . . . . . . . . . . . . . 12 6. Extended State Machine . . . . . . . . . . . . . . . . . . . . 17 6.1. Extended Parameters per Virtual Router . . . . . . . . . . 17 6.2. Extended Timers . . . . . . . . . . . . . . . . . . . . . 17 6.3. Extended State Transition Diagram . . . . . . . . . . . . 17 6.4. State Description . . . . . . . . . . . . . . . . . . . . 18 6.4.1. Initialize . . . . . . . . . . . . . . . . . . . . . . 18 6.4.2. Backup . . . . . . . . . . . . . . . . . . . . . . . . 19 6.4.3. Alternate . . . . . . . . . . . . . . . . . . . . . . 21 6.4.4. Master . . . . . . . . . . . . . . . . . . . . . . . . 25 7. Sending and Receiving Extended VRRP Packets . . . . . . . . . 31 7.1. Receiving Packets . . . . . . . . . . . . . . . . . . . . 31 7.2. Transmitting Packets . . . . . . . . . . . . . . . . . . . 31 8. Security Considerations . . . . . . . . . . . . . . . . . . . 33 9. References . . . . . . . . . . . . . . . . . . . . . . . . . . 34 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 35 Zhai & Gong Expires April 19, 2011 [Page 2] Internet-Draft vrrp-extension-ft-fm October 2010 1. Introduction As a device redundancy protocol, Virtual Router Redundancy Protocol (VRRP) provides a mechanism to eliminate single point of failure in the static default routed environment. According to the VRRP, two or more routers constitute a virtual router which provides a uniform virtual Internet Protocol (IP) address and a virtual Media Access Control (MAC) address. In this way, an internal end-host needs only to set one gateway, i.e., the virtual IP, to access external network. As long as any one of the routers constituting the virtual router operates normally, the router may transmit packets from the internal network to the external network as an inter-network device; thus the normal operation of the network is guaranteed. At any time, in a virtual router, only one physical router is responsible for transmitting packets between networks, and is named Master router. The other routers just standby to monitor Master's keepalive packets (or named advertisement packets). These routers are called Backup routers. Master router sends an advertisement packet in intervals of integer seconds to inform Backup routers of its functioning. If Backup routers have not received that packet for a predefined number of consecutive intervals, e.g., three intervals in default, they will consider Master router unavailable and compete to be a new master. Therefore, the traditional VRRP cannot support sub-second switching between backup and master routers after the master router failed, which is unacceptable for some real-time applications, such as voice-over packet applications. In recent years, fast fault detection techniques, e.g. BFD, are employed by VRRP to reduce the fault detection and switching time to sub-seconds. With help of fast fault detection sessions, configured between Master router and each Backup router, Backup routers can find failure of Master within sub-second and compete to be a new master router. However, after another router is elected as a new Master, fast fault detection sessions must be reconfigured between the new master and each backup router to guarantee fast detection and switching between routers, which increases the maintenance difficulty of VRRP routers. Further more, fast fault sessions cannot always guarantee fast switching between routers to meet the needs of real-time applications. Zhai & Gong Expires April 19, 2011 [Page 3] Internet-Draft vrrp-extension-ft-fm October 2010 ++++++++++++++++++ + External + + network/Internet + ++++++++++++++++++ | | | ***********|***|******|*************** * +-------+ | +----+ * * |Master/100 |Baxkup/90 |Backup/80 * * ========= ========= ========= * * ||RTR A|| ||RTR B|| ||RTR C|| * * ========= ========= ========= * * | : :.......: | : | * ........ BFD Session * | :...........|........: | * ++++++++ Network Cloud * | | | * ======== Network Device ****|*************|***************|*** ******** Virtual Router +------+ | +----+ -------- Network Connection Port A | | Port B | Port C ========================= || Switch || ========================= | | | | | | ====== ====== ====== ||H1|| ||H2|| ||H3|| ====== ====== ====== As shown in above figure, four hosts and three routers connect together with a switch to compose a LAN, where Router A, Router B and Router C constitute a virtual router, and have a same virtual IP address 10.100.10.1 and virtual MAC address 00-00-5E-00-01. Hosts in the LAN set the virtual IP address as their default gateway, then they can access external network through the virtual router. At the beginning, Router A is master of the virtual router, and a responding entry destined 00-00-5E-00-01 from Port A exists in the MAC address table of switch. BFD sessions are also used by Router B and Router C to monitor the status of Router A. For some reason, if failure occurs in Router A at one moment, both Router B and Router C will find the event almost at the same time and compete for new master role. Assume that Router B sends out an advertisement packet to the LAN, and the switch updates the out port of MAC address entry to 00-00-5E-00-01 from Port A to Port B by learning the frame information encapsulated in that packet. Before receiving Router B's packet, Router C has put its advertisement packet into the sending buffer of its interface connected to the LAN. Then Router C receives Router B's packet, and knows that Router B has a higher priority than its own and should be the new master, but it's too late to withdraw the advertisement packet from the sending Zhai & Gong Expires April 19, 2011 [Page 4] Internet-Draft vrrp-extension-ft-fm October 2010 buffer. A moment later, Router C's advertisement packet is sent out to the LAN, and is received by the switch. Then the out port of MAC address entry to 00-00-5E-00-01 is updated from Port B to Port C by switch. Therefore, frames encapsulating IP packets towards external network will be sent to Router C by switch, and be discarded because Router C is not master router and not in charge of transmitting IP packets. The mistake cannot be corrected until the next advertisement packet is sent to the LAN by Router B at the next adverting interval arriving, i.e., one second later at least. In the above sample, BFD cannot guarantee fast switching between routers satisfying the needs of real-time applications. In order to solve the above problems, this document describes extensions to VRRP for dynamically establishing single fast fault detection between physical routers constituting a VRRP router. Zhai & Gong Expires April 19, 2011 [Page 5] Internet-Draft vrrp-extension-ft-fm October 2010 2. Conventions used in this document The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in RFC-2119. Zhai & Gong Expires April 19, 2011 [Page 6] Internet-Draft vrrp-extension-ft-fm October 2010 3. Abbreviations VRRP: Virtual Router Redundancy Protocol BFD: Bidirectional Forwarding Detection Zhai & Gong Expires April 19, 2011 [Page 7] Internet-Draft vrrp-extension-ft-fm October 2010 4. Definition VRRP Router: A router running the Virtual Router Redundancy Protocol. It may participate in one or more virtual routers. Virtual Router: An abstract object managed by VRRP that acts as a default router for hosts on a shared LAN. It consists of a Virtual Router Identifier and a set of associated IP address(es) across a common LAN. A VRRP Router may backup one or more virtual routers. Virtual Router Master: The VRRP router that is assuming the responsibility of forwarding packets sent to the IP address(es) associated with the virtual router, and answering ARP requests for these IP addresses. Note that if the IP address owner is available, then it will always become the Master. Virtual Router Backup: The set of VRRP routers available to assume forwarding responsibility for a virtual router should the current Master fail. Virtual Router Alternate: The VRRP router that is the router with the highest priority in backup routers and is assuming the responsibility of monitoring the state of Master with fast fault detection session between the router and Master. Once the failure of Master is detected, the Alternate router will become Master and takeover the original Master's responsibility immediately. Zhai & Gong Expires April 19, 2011 [Page 8] Internet-Draft vrrp-extension-ft-fm October 2010 5. Extensions to VRRP In addition to the three standardized states of VRRP router defined in RFC3768, i.e., Initialize state, Backup state and Master state, a new state, named Alternate state, is introduced for VRRP router in this document. A VRRP router in Alternate state is called an Alternate router. In this specification, there is only one fast fault detection between VRRP routers, dynamically established between Alternate router and Master router by negotiation. With help of the fast fault detection session, Alternate router can monitor the Master's state in a fast mode, and the failure of Master router will be found by Alternate router within sub-seconds, usually in milliseconds order. Once the failure of Master is found, the Alternate router will become a new master to take the responsibility of transmitting packets between internal network and external network. Once a VRRP router becomes Master, it will multicast an ALTERNATE- ELECT, a type of extended VRRP packets, to trigger an Alternate router selecting process between other VRRP routers constituting a virtual router. Once receiving such a packet, each no-master router will multicast back a new ALTERNATE-ELECT. With the information encapsulated in the above type of extended VRRP packet, an Alternate router will be selected from the no-master routers. After Alternate router is selected, a fast fault detection session will be established between Master and Alternate routers by negotiation. During the negotiation process, two types of extended VRRP packets, introduced in this document, will be exchanged between Master and Alternate routers, named Session Type Negotiation packets and Session Parameters Negotiation packets. 5.1. Extended VRRP Packet Format This section defines the format of the extended VRRP packets. Each VRRP extended packet consists of a fixed-length message header followed by a variable length message body, where the length of the body is depending on the packet type. Zhai & Gong Expires April 19, 2011 [Page 9] Internet-Draft vrrp-extension-ft-fm October 2010 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | + Message Header (8 Octets) + | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | | Message Body (Variable Octets) | | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 5.1.1. Extended VRRP Packet Header Message Header has a fixed-length of 8 octets, and has the following layout of fields: 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |Version| Type | Vritual Rtr ID| Priority | Subtype | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Length | Checksum | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ This header contains the basic information necessary to determine whether the packet should be accepted for further processing. This determination is described in Section 5 of this document. Version: The version field specifies the VRRP protocol version of this packet. This document defines version 2. Type: The type field specifies the type of this VRRP packet. Three types of VRRP packet defined in this document: 1 ADVERTISEMENT 2 ALTERNATE-ELECTT 3 SESSION-NEGO Zhai & Gong Expires April 19, 2011 [Page 10] Internet-Draft vrrp-extension-ft-fm October 2010 The ADVERTISEMENT packet is defined in [RFC3768] and not described in this document. The format of ALTERNATE-ELECT will be specified in Section 5.1.2.1, and SESSION-NEGO in Section 5.1.2.2 and 3.1.4. A packet with unknown type MUST be discarded. Virtual Rtr ID (VRID): The Virtual Router Identifier (VRID) field identifies the virtual router this packet is reporting status for. Configurable item in the range 1-255 (decimal). There is no default. Priority: The priority field specifies the sending VRRP router's priority for the virtual router. Higher values equal higher priority. This field is an 8 bit unsigned integer field. Subtype: The subtype provides more specific information about type of VRRP extended packet. Each type of VRRP extended packet may have none, one or more subtypes associated it. If no appropriate Subtype is defined, then a zero (Unspecific) value is used for the Subtype field.In current, only the SESSION-NEGO has subtypes: 1 Session type negotiation 2 Session parameters negotiation Checksum: The checksum field is used to detect data corruption in the VRRP message. The checksum is the 16-bit one's complement of the one's complement sum of the entire VRRP message starting with the version field. For computing the checksum, the checksum field is set to zero. See RFC 1071 for more detail [CKSM]. Length: This 2-octet unsigned integer indicates the total length of the message, including the header in octets. The value of the Length field MUST always be at least 8. Zhai & Gong Expires April 19, 2011 [Page 11] Internet-Draft vrrp-extension-ft-fm October 2010 5.1.2. Extended VRRP Packet Body Message body is encoded in TLV (Type-Length-Value) format, i.e., as the following format: No. of octets +------------------------+ | Type | 2 +------------------------+ | Length | 2 +------------------------+ | Value | Length +------------------------+ 5.1.2.1. Alternate Elect Packet Body Alternate elect packet, or named ALTERNATE-ELECT, is a multicast packet and is employed to select one of Backup Router as Alternate Router. The IP multicast address used for ALTERNATE-ELECT packet is the same as that for ADVERTISEMENT, i.e., 224.0.0.18, assigned by the IANA for VRRP. The message body of ALTERNATE-ELECT has only one TLV: o VRRP State -- The VRRP state of sender Type - 1 Length - total length of the value field (one octet per state) Value - one octet, = 1 Master = 2 Backup No. of octets +------------------------+ | VRRP Rtr State | 1 +------------------------+ The value of this TLV MUST be set 1 when Master Router multicasts a ALTERNATE-ELECT, and it MUST be set to 2 for the ALTERNATE-ELECT multicast by Backup Routers. For an ALTERNATE-ELECT, if the value of TLV is not 1 or 2, this packet MUST be discarded. Zhai & Gong Expires April 19, 2011 [Page 12] Internet-Draft vrrp-extension-ft-fm October 2010 5.1.2.2. Session Type Negotiation Packet Body Session type negotiation packet, or called SESSION-TYPE-NEGO, is used by Master and Alternate Routers to negotiate the type of fast fault detection session to be established. It is a unicast packet. The destination address of such a packet is the primary IP address of peer, and source address is primary IP address of the interface the packet is being sent from. The message body of SESSION-TYPE-NEGO has the following TLV: o Suggested Session Type -- All the types of fast fault detection session supported by local VRRP router. The value of this TLV can only be filled in by Alternate Router when sending such a packet. Type - 2 Length - total length of the value field (one octet per type) Value - = 1 BFD = others, reserved for future use, or private expand. No. of octets +------------------------+ | Suggested Session Type | 1 +------------------------+ : : : : +------------------------+ | Suggested Session Type | 1 +------------------------+ o Accepted Session Type -- One type of fast fault detection session picked out by local VRRP Router from the list of the suggested session type. The value of this TLV can only be filled in by Master Router when sending back such a packet. Type - 3 Length - total length of the value field (one octet per type) Value - Zhai & Gong Expires April 19, 2011 [Page 13] Internet-Draft vrrp-extension-ft-fm October 2010 = 1 BFD = others, reserved for future use, or private expand. No. of octets +------------------------+ | Accepted Session Type | 1 +------------------------+ 5.1.2.3. Session Parameters Negotiation Packet Body Session Parameters Negotiation packet, or named SESSION-PARA-NEGO, is used to negotiate parameters needed to establish one detection session of negotiated type. The message body of SESSION-PARA-NEGO has the following TLV: o Negotiated Session Type -- The session type which has been determined by process of session type negotiation between Master and Alternate Routers. Type - 4 Length - total length of the value field (one octet per type) Value - = 1 BFD = others, reserved for future use, or private expand. No. of octets +------------------------+ |Negotiated Session Type | 1 +------------------------+ o Local Session Parameters -- Local parameters needed by remote VRRP router as the remote parameters to establish a negotiated type of session with local router. Type - 5 Length - total length of the value field of each every session parameter Zhai & Gong Expires April 19, 2011 [Page 14] Internet-Draft vrrp-extension-ft-fm October 2010 Value - variable in number of parameters and length of each parameter, depending on the negotiated type of session No. of octets +------------------------+ | Local Parameters 1 | variable +------------------------+ : : : : +------------------------+ | Local Parameters 1 | variable +------------------------+ Each parameter has the following format: No. of octets +------------------------+ | Length of Parameter n | 1 +------------------------+ | Value of Parameter n | length of parameter n +------------------------+ Length of Parm n - Octets of parameter n Value of Parm n - The value of parameter n o Remote Session Parameters -- Remote parameters needed by local VRRP router to establish a negotiated type of session with remote router. Type - 6 Length - total length of the value field of each every session parameter Value - the format of value field is similar to value field of Local Session Parameters For example, if the negotiated type of session is BFD, then the message body of a SESSION-PARA-NEGO packet has the following format: Zhai & Gong Expires April 19, 2011 [Page 15] Internet-Draft vrrp-extension-ft-fm October 2010 No. of octets +------------------------+ |Negotiated Session Type | 1 +------------------------+ | Len of Local Pram | 1 +------------------------+ | Local Ip Address | 4 +------------------------+ | Len of Remote Pram | 1 +------------------------+ | Remote Ip Address | 4 +------------------------+ Zhai & Gong Expires April 19, 2011 [Page 16] Internet-Draft vrrp-extension-ft-fm October 2010 6. Extended State Machine 6.1. Extended Parameters per Virtual Router In addition to the Advertisement_Interval and Master_Down_Interval, defined in [RFC3768], the three new intervals are introduced as following: Alter_Elect_Timer Timer that fires when ALTERNATE-REQUEST or ALTERNATE-REPLY has not been received for Alternate_Elect_Interval. Session_Nego_Timer Timer that fires to trigger sending of SESSION-TYPE-NEGO or SESSION-PARA-NEGO based on Session_Nego_Interval. Session_Nego_Failed_Timer Timer that fires when SESSION-TYPE-NEGO or SESSION-PARA-NEGO has not been heared for Session_Nego_Failed_Interval. 6.2. Extended Timers In addition to the Advertisement_Timer and Master_Down_Timer, defined in [RFC3768], the three new timers are introduced as following: Alternate_Elect_Interval Time interval for Master or Backup Routers to elect Alternate Router (seconds). Default is 3 seconds. Session_Nego_Interval Time interval for Alternate Router to periodically send SESSION-TYPE_NEGO or SESSION-PARA-NEGO. Default is 1 second. Session_Nego_Failed_Interval Timer interval for Master or Alternate Routers to negotiate type and parameters of fast fault detection session. Default is 5 seconds. 6.3. Extended State Transition Diagram Zhai & Gong Expires April 19, 2011 [Page 17] Internet-Draft vrrp-extension-ft-fm October 2010 +-----------+ | | | Master | <------------+ | | | +-----------+ | | ^ | | | | V | | +-----------+ | +----------- | | | | |Initialize | | | +-----> | | <-------+ | | | +-----------+ | | | | | | V | | | +-----------+ +-----------+ | | <------------------- | | | Backup | | Alternate | | | -------------------> | | +----------- +-----------+ 6.4. State Description In the state descriptions below, the state names are identified by {state-name}, and the packets are identified by all upper case characters. A VRRP router implements an instance of the state machine for each virtual router election it is participating in. 6.4.1. Initialize The purpose of this state is to wait for a Startup event. If a Startup event is received, then: - If the Priority = 255 (i.e., the router owns the IP address(es) associated with the virtual router) * Send an ADVERTISEMENT * Broadcast a gratuitous ARP request containing the virtual router MAC address for each IP address associated with the virtual router * Set the Adver_Timer to Advertisement_Interval * Transition to the {Master} state Zhai & Gong Expires April 19, 2011 [Page 18] Internet-Draft vrrp-extension-ft-fm October 2010 else: * Set the Master_Down_Timer to Master_Down_Interval * Transition to the {Backup} state endif 6.4.2. Backup The purpose of the {Backup} state is to participate in Alternate Router election and to monitor the availability and state of the Master Router. While in this state, a VRRP router MUST do the following: - MUST NOT respond to ARP requests for the IP address(s) associated with the virtual router. - MUST discard packets with a destination link layer MAC address equal to the virtual router MAC address. MUST NOT accept packets addressed to the IP address(es) associated with the virtual router. - If a Shutdown event is received, then: * Cancel the Master_Down_Timer * Cancel the Alter_Elect_Timer, if such a timer is still running * Transition to the {Initialize} state endif - If the Master_Down_Timer fires, then: * Send an ADVERTISEMENT * Broadcast a gratuitous ARP request containing the virtual outer MAC address for each IP address associated with the virtual router * Set the Adver_Timer to Advertisement_Interval * Send an ALTERNATE-ELECT, where the value of "VRRP Rtr State" is set to 1 Zhai & Gong Expires April 19, 2011 [Page 19] Internet-Draft vrrp-extension-ft-fm October 2010 * Start and set the Alter_Elect_Timer to Alternate_Elect_Interval * Transition to the {Master} state endif - If the Alter_Elect_Timer fires, then: * Cancel Alter_Elect_Timer * Start and Set the Session_Nego_Timer to Session_Negotiation_Interval * Start and Set the Session_Nego_Failed_Timer to Session_Nego_Failed_Interval * Transition to the {Alternate} state endif - If an ADVERTISEMENT is received, then: If the Priority in the ADVERTISEMENT is Zero, then: * Set the Master_Down_Timer to Skew_Time else: If Preempt_Mode is False, or If the Priority in the ADVERTISEMENT is greater than or equal to the local Priority, then: + Reset the Master_Down_Timer to Master_Down_Interva else: + Discard the ADVERTISEMENT endif endif endif - If an ALTERNATE-ELECT is received, then: If the value of "VRRP Rtr State" in this packet set to 1, then: Zhai & Gong Expires April 19, 2011 [Page 20] Internet-Draft vrrp-extension-ft-fm October 2010 * Start and set the Alter_Elect_Timer to Alternate_Elect_Interval + Multicast an ALETENATE-ELECT with "VRRP Rtr State" set to 2, containing local router's priority and primary IP address of sending interface else: If the value of "VRRP Rtr State" in this packet set to 2, then: If the Priority in the ALTERNATE-ELECT is greater than the local Priority, or If the Priority in the ALTERNATE-ELECT is equal to the local Priority and the primary IP Address of the sender is greater than the local primary IP Address, then: - Cancel the Alter_Elect_Timer else: - Reset Alter_Elect_Timer to Alternate_Elect_Interval endif else: + Discard the ALTERNATE-ELECT endif endif endif 6.4.3. Alternate The purpose of the {Alternate} state is to establish a fast fault detection session with the Master Router by negotiation, and to monitor the availability of the Master Router with help of the session. While in this state, a VRRP router MUST do the following: - MUST NOT respond to ARP requests for the IP address(s) associated Zhai & Gong Expires April 19, 2011 [Page 21] Internet-Draft vrrp-extension-ft-fm October 2010 with the virtual router. - MUST discard packets with a destination link layer MAC address equal to the virtual router MAC address. - MUST NOT accept packets addressed to the IP address(es) associated with the virtual router. - If a Shutdown event is received, then: * Cancel the Master_Down_Timer * Cancel the Session_Nego_Timer, if the timer is still running * Tear the fast fault detection session established between Alternate Router and Master Router, if such a session exists * Transition to the {Initialize} state endif - If a Masterdown or SessionEstablishFailed event is received from the module of responding fast fault detection session, or if the Master_Down_Timer fires, then: * Send an ADVERTISEMENT * Broadcast a gratuitous ARP request containing the virtual outer MAC address for each IP address associated with the virtual router * Tear the fast fault detection session, if such a session has been established between it and Master Router * Set the Adver_Timer to Advertisement_Interval * Send an ALTERNATE-REQUEST * Start and set the Alter_Elect_Timer to Alternate_Elect_Interval * Transition to the {Master} state endif - If the Session_Nego_Timer fires, then: If the type of fast fault detection session has not been determined by negotiation, then: Zhai & Gong Expires April 19, 2011 [Page 22] Internet-Draft vrrp-extension-ft-fm October 2010 * Unicast to the Master Router a SESSION-TYPE-NEGO containing all the types of fast fault detection sessions supported by this Alternate Router else: * Unicast to the Master Router a SESSION-PARA-NEGO containing local parameters establish a fast fault detection session with the negotiated type. endif endif - If the Session_Nego_Failed_Timer fires, then: * Cancel the Session_Nego_Timer, if the timer is still running * Transition to the {Backup} state endif If an ADVERTISEMENT is received, then: If the Priority in the ADVERTISEMENT is Zero, then: * Send an ADVERTISEMENT * Broadcast a gratuitous ARP request containing the virtual outer MAC address for each IP address associated with the virtual router * Tear the fast fault detection session, if such a session has been established between Alternate Router and Master Router * Cancel the Session_Nego_Timer, if the timer is still running * Set the Adver_Timer to Advertisement_Interval * Transition to the {Master} state else: If Preempt_Mode is True, and (If the Priority in the ADVERTISEMENT is greater than the current Master's Priority, Zhai & Gong Expires April 19, 2011 [Page 23] Internet-Draft vrrp-extension-ft-fm October 2010 or If the Priority in the ADVERTISEMENT is equal to the current Master's Priority and the primary IP Address of the sender is greater than the current Master's primary IP Address), then: + Reset the Master_Down_Timer to Master_Down_Interval + Cancel the Session_Nego_Timer, if such a timer is still running + Tear down the fast fault detection session, if such a session has been established between Alternate Router and Master Router + Transition to the {Backup} state endif If Preempt_Mode is False, or If the Priority in the ADVERTISEMENT is greater than or equal to the local Priority, then: + Reset the Master_Down_Timer to Master_Down_Interval else + Discard the ADVERTISEMENT endif endif endif - If a SESSEION-TYPE-NEGO is received, then: o Check the value field of Accepted Session Type in received packet. If the field has a valid session type, i.e., one type of sessions supported by Alternate Router itself and listed in the fields of Suggested Session Type, then: * Reset the Session_Nego_Timer to Session_Negotiation_Interval * Reset the Session_Nego_Failed_Timer to Session_Nego_Failed_Interval Zhai & Gong Expires April 19, 2011 [Page 24] Internet-Draft vrrp-extension-ft-fm October 2010 * Unicast to the Master Router a SESSION-PARA-NEGO containing local parameters to establish a fast fault detection session with the negotiated type. How to get the local parameters used to establish such a session is out of the scope of this document and is left to a specific implement. else: * Discard the SESSION-TYPE-NEGO packet * Reset the Session_Nego_Timer to Session_Negotiation_Interval endif endif - If an a SESSEION-PARA-NEGO is received, then: o Check the values of Session Type and Local and Remote Parameters in the received packet. If the Session Type is the negotiated type and Session Parameters is are right, then: * Invoke the underline responding session functional entity (or module) to establish a fast fault detection session with the negotiated type and session parameters * Cancel the Session_Nego_Timer, if such a timer is still running * Cancel the Session_Nego_Failed_Timer, if such a timer is still running else: * Discard the SESSION-PARA-NEGO packet endif endif 6.4.4. Master While in the {Master} state the router functions as the forwarding router for the IP address(es) associated with the virtual router. While in this state, a VRRP router MUST do the following: - MUST respond to ARP requests for the IP address(es) associated with Zhai & Gong Expires April 19, 2011 [Page 25] Internet-Draft vrrp-extension-ft-fm October 2010 the virtual router. - MUST forward packets with a destination link layer MAC address equal to the virtual router MAC address. - MUST NOT accept packets addressed to the IP address(es) associated with the virtual router if it is not the IP address owner. - MUST accept packets addressed to the IP address(es) associated with the virtual router if it is the IP address owner. - If a Shutdown event is received, then: * Cancel the Adver_Timer * Cancel the Alter_Elect_Timer, if the timer is still running * Cancel the Session_Nego_Timer, if the timer is still running * Cancel the Session_Nego_Failed_Timer, if the timer is still running * ear down the fast fault detection session, if such a session has been established between Master Router and Alternate Router * Send an ADVERTISEMENT with Priority = 0 * Transition to the {Initialize} state endif - If an Alternatedown event is received from the module of responding fast fault detection session, then: * Send an ALTERNATE-ELECT, where the value of "VRRP Rtr State" is set to 1 * Start and set the Alter_Elect_Timer to Alternate_Elect_Interval * Tear down the fast fault detection session, if such a session has been established between Master Router and Alternate Router endif - If a SessionEstablishFailed event is received from the module of responding fast fault detection session, then: Zhai & Gong Expires April 19, 2011 [Page 26] Internet-Draft vrrp-extension-ft-fm October 2010 * Log the information of the failure and cancel the event endif - If the Adver_Timer fires, then: * Send an ADVERTISEMENT * Reset the Adver_Timer to Advertisement_Interval endif - If Alter_Elect_Timer fires, then: If ALTERNATE-ELECT packets, where the value of"VRRP Rtr State" is set to 2 and, have been received in this process of Alternate Router election, then: * Select the sender of locally-saved ALTERNATE-ELECT as the Alternate Router else: * Select the sender of locally-saved ALTERNATE-ELECT as the Alternate Router endif endif - If Session_Nego_Timer fires, then: If both the Session Type and Parameters negotiation are successful, then: * Invoke the responding the functioning module of fast fault detection session to establish such a type of session with the negotiated parameters + Cancel the Session_Nego_Timer else * Log the information of failing in session negotiation + Cancel the Session_Nego_Timer Zhai & Gong Expires April 19, 2011 [Page 27] Internet-Draft vrrp-extension-ft-fm October 2010 endif endif - If an ADVERTISEMENT is received, then: If the Priority in the ADVERTISEMENT is Zero, then: * Send an ADVERTISEMENT + Reset the Adver_Timer to Advertisement_Interval else: If the Priority in the ADVERTISEMENT is greater than the local Priority, of If the Priority in the ADVERTISEMENT is equal to the local Priority and the primary IP Address of the sender is greater than the local primary IP Address, then: + Cancel Adver_Timer - Cancel the Alter_Elect_Timer, if such a timer is still running - Cancel the Session_Nego_Timer, if the timer is still running - Cancel the Session_Nego_Failed_Timer, if the timer is still running - Tear down the fast fault detection session, if such a session has been established between Master Router and Alternate Router - Set Master_Down_Timer to Master_Down_Interval - Transition to the {Backup} state else: + Discard ADVERTISEMENT Zhai & Gong Expires April 19, 2011 [Page 28] Internet-Draft vrrp-extension-ft-fm October 2010 endif endif endif - If an ALTERNATE-ELECT is received, where value of "VRRP Rtr State" is set to 2, then: If there is no ALTERNATE-ELECT saved in local, or If the Priority in the ALTERNATE-ELECT is greater than the Priority in the locally-saved ALTERNATE-ELECT, or If the Priorities are same but the primary IP Address in the ALTERNATE-ELECT is greater than that in the locally-saved ALTERNATE-ELECT, then: * Over-write the locally saved ALTERNATE-ELECT with the received ALTERNATE-ELECT + Reset Alter_Elect_Timer to Alternate_Elect_Interval else: * Reset Alter_Elect_Timer to Alternate_Elect_Interval + Discard the received ALTERNATE-ELECT endif endif - If a SESSION-TYPE-NEGO is received, then: * Check the sender of received SESSION-TYPE-NEGO. If the sender is the selected Alternate Router, then: * Walk through all the suggested session types listed in the received SESSION-TYPE-NEGO, and pick up session types can be supported by itself Zhai & Gong Expires April 19, 2011 [Page 29] Internet-Draft vrrp-extension-ft-fm October 2010 If none session type is picked up, then: + Log the error and discard the SESSION-TYPE-NEGO else: + Fill the field of Accepted Session Type with the picked up session type, and send the modified SESSION-TYPE-NEGO back to the Alternate Router - Start and set Session_Nego_Timer to Session_Negotiation_Interval endif else: * Discard the SESSION-TYPE-NEGO endif endif - If a SESSION-PARA-NEGO is received, then: * Check the session type contained in the received SESSION-PARA- NEGO.. If the session type is the accepted type picked up in process of Session Type Negotiation, then: * Reset Session_Nego_Timer to Session_Negotiation_Interval + Copy the information in field of Local Parameters to field of Remote Parameters in the received SESSION-PARA-NEGO, and fill the field of Local Parameters with local parameters needed by Alternate Router to establish a negotiated session as remote parameters + Send the modified SESSION-PARA-NEGO back to Alternate Router else: * Log the error and discard the SESSION-TYPE-NEGO endif endif Zhai & Gong Expires April 19, 2011 [Page 30] Internet-Draft vrrp-extension-ft-fm October 2010 7. Sending and Receiving Extended VRRP Packets 7.1. Receiving Packets Performed the following functions when an extended VRRP packet is received: - MUST verify that the IP TTL is 255. - MUST verify the VRRP version is 2. - MUST verify that the received packet contains the complete extended VRRP packet (including fixed-length message header and the message body). - MUST verify the VRRP checksum. - MUST verify that the VRID is configured on the receiving interface and the local router is not the IP Address owner (Priority equals 255 (decimal)). - MUST verify the type and/or subtype including message header is valid (defined in this specification or extended privately). - MUST verify Type field of message body has a defined value. If any one of the above checks fails, the receiver MUST discard the packet, SHOULD log the event and MAY indicate via network management that an error occurred. Then the packet is received and the TLV contained in message body is decapsulated according the length and type of message body. If any error is found, the packet MUST be discarded, SHOULD log the event and MAY indicate via network management that an error occurred. 7.2. Transmitting Packets The following operations MUST be performed when transmitting an extended VRRP packet. - Fill in the extended VRRP packet fields with the appropriate virtual router configuration state - Compute the VRRP checksum - Set the source MAC address to Virtual Router MAC Address - Set the source IP address to interface primary IP address Zhai & Gong Expires April 19, 2011 [Page 31] Internet-Draft vrrp-extension-ft-fm October 2010 - Set the IP protocol to VRRP - Send the Alternate Elect packet to the VRRP IP multicast group - Send the Session Type/Parameters Negotiation packet to the Master Router, if local router is Alternate Router - Send the Session Type/Parameters Negotiation packet to the Alternate Router, if local router is Master Router Note: extended VRRP packets are transmitted with the virtual router MAC address of the sending interface (not the virtual router MAC address) as the source MAC address to ensure that learning bridges don't refresh virtual MAC address entry. Zhai & Gong Expires April 19, 2011 [Page 32] Internet-Draft vrrp-extension-ft-fm October 2010 8. Security Considerations This document adds no additional security risks to VRRP, nor does it provide any additional security for VRRP. Zhai & Gong Expires April 19, 2011 [Page 33] Internet-Draft vrrp-extension-ft-fm October 2010 9. References [RFC3768] Hinden, R. and M. Fanto, "Virtual Router Redundancy Protocol(VRRP)", April 2004. [RFC5880] Katz, D. and D. Ward, "Bidirectional Forwarding Detection (BFD)", June 2010. Zhai & Gong Expires April 19, 2011 [Page 34] Internet-Draft vrrp-extension-ft-fm October 2010 Authors' Addresses Hongjun Zhai (editor) ZTE Corporation No. 68, Zijinghua Road, Yuhuatai District Nanjing, Jiangsu 210012 China Phone: +86 25 52877345 Email: zhai.hongjun@zte.com.cn Xiefeng Gong ZTE Corporation No. 68, Zijinghua Road, Yuhuatai District Nanjing, Jiangsu 210012 China Phone: +86 25 52877345 Email: gong.xiefeng@zte.com.cn Zhai & Gong Expires April 19, 2011 [Page 35]