1 of 1 people found this helpful
Thank you for asking this question in the Support Community. The network design you mentioned is fairly common for multiple site failover and redundancy. The way you have described configuring the NetVanta 1544s for VRRP priority is correct (based on how you said you'd like the network to function). As you mentioned, you would have the most preferred NV1544 have the highest VRRP priority, the next preferred lower, and the least preferred lowest, because the VRRP router with the highest actual priority level is the virtual router master. Note: It is possible for VRRP to operate based on default priority level settings. However, it is important to understand and verify the election process to ensure the desired VRRP router is ultimately selected as the master.
There are multiple ways to route traffic out the backup Internet connection if the primary fails. One method would be similar to example 3 in the Configuring VRRP for AOS document. This would be to use Network Monitor and object tracking for the VRRP priority. The concept is as follows:
Object tracking is used to monitor failure of the network connections to the Internet. An ICMP echo probe is established from each router across their respective WAN connection to the Internet. This probe is associated with a track that is used by VRRP to decrement the configured priority level of the router on which object-tracking has been set up. As long as the probe is successful, the track will remain in a passing state and the router’s configured priority level will remain unchanged. However, if the network path goes down, the ICMP echo will stop; causing the track associated with the probe to fail. When the track fails, the configured priority level of the router will be decremented by a specified amount. By decrementing the configured priority level of the master router, the backup router (whose WAN connection should still be viable) will take over routing all traffic between corporate headquarters and the DR site.
I hope this makes sense, but this is just a suggestion. However, there are multiple ways to achieve this, and you have to determine how much configuration, failover, redundancy, and scalability you desire and chose the proper design based on those requirements. Please, do not hesitate to reply with any questions or additional information. I will be happy to assist you in any way I can.
Good to know I was on the right track. I just discovered another question.
I have four VLANs to route. Call them 1, 10, 20, 30. On each of the three 1544s I believe I would have a different IP for the VLAN interface.
Core 1 Core 2 Core 3
VLAN 1 - x.x.1.1 x.x.1.2 x.x.1.3
VLAN 10 - x.x.10.1 x.x.10.2 x.x.10.3
VLAN 20 - x.x.20.1 x.x.20.2 x.x.20.3
VLAN 30 - x.x.30.1 x.x.30.2 x.x.30.3
In the VRRP example it shows assigning a port an IP address and then making that port part of the VRRP. The document says that VRRP can be done on VLAN or Ethernet interfaces. So would I end up with 4 VRRP groups?
jamie-et - Yes, you are correct. Since you have 4 VLANs that the 1544 will be routing, you will need to configure VRRP on each of those VLAN interfaces which are participating. However, you can use the same VRID across all the VLANs. The example, below, shows how 2 VLANs would be configured for VRRP on a single router:
VLAN 1 - 192.168.1.0 /24
VLAN 10 - 10.10.10.0 /24
int vlan 1
ip address 192.168.1.3 255.255.255.0
vrrp 1 ip 192.168.1.1
int vlan 10
ip address 10.10.10.3 255.255.255.0
vrrp 1 ip 10.10.10.1
Please do not hesitate to let us know if you have any further questions.
Good to know I can combine the in one group!