Community Groups Rewards Enterprise

Communication between VRRP Management groups

mhkabir1952
mhkabir1952  Diamond  (1)
7 years 10 months ago  View: 1571  Reply: 3
1F

The VRRP management groups on the master and the backup exchange information about the operation states of the firewalls through VGMP packets. In this way, the firewalls can maintain stability of their states and perform switchover between them when necessary.

VGMP packets are evolved from VRRP packets. VGMP packets mainly include Hello messages, state switchover request messages, response messages allowing state switchover, and response messages denying state switchover.

  • Hello message

    Similar to VRRP groups, the VGMP group on the master regularly sends hello messages to the backup to inform the backup of the masters operation state, including the priority of the master and the states of the VRRP backup groups. When the backup receives a hello message, it returns an acknowledgement (ACK) message, which contains the priority of the backup and the states of the VRRP groups on the backup. The two firewalls exchange their state information through Hello messages.

    By default, the interval for sending VGMP hello messages is 1 second. When the backup fails to receive a hello message from the master after three hello messages periods, it deems that the master fails, and then becomes the master.

  • State switchover message

    When a member in the backup group on the master fails, the VRRP management group can immediately sense the failure. In this case, the VRRP management group adjusts its own priority and sends a state switchover message to the peer. When the peer receives the message, it compares the priority in the message and its own priority. If its own priority is higher than that in the message, the peer returns an ACK message to allow switchover and at the same time becomes the master. When the faulty firewall receives the ACK message, it immediately becomes the backup. When the state of the VRRP management group is switched, the states of all VRRP backup groups in the VGMP group are switched accordingly.

    If the priority of the peer is lower than that in the message, a NACK message is returned to deny state switchover. Then, the states of bothfirewalls do not change.

    The VGMP group can proactively send a state switchover message immediately after it senses the fault on the interface. State switchover does not rely on timeout of three Hello messages. Therefore, the response to faults is much quicker.

Comment| Reply
Favorite Favorite (0) | Like |Report
Armetta
Armetta  Diamond 
7 years 10 months ago
2F
This document is very well done

Comment| Reply
|Report
foisal
foisal  Gold 
7 years 10 months ago
3F
Excellent Post
Comment| Reply
|Report
user_2837311
user_2837311  Diamond 
4 years 4 days ago
4F
useful document, thanks
Comment| Reply
|Report
Reply
Return New post Share

Hot Group

Fixed Network Info Community
Members:9595   Posts:9360
Wireless Network Info Community
Members:2501   Posts:11275
Support HedEx User Group
Members:14004   Posts:4898
Core Network Info Community
Members:1125   Posts:14720
Network OSS Club
Members:4641   Posts:1596
Information For
Consumers
Enterprises
Carriers
Journalist
Suppliers
Job Seekers
About HUAWEI
Corporate Information
Corporate Governance
Executives
Bond Investor Relations
Sustainability
Cyber Security
Publications
Annual Report
News & Events
Latest News
Media Kit
Media Contact
Security Bulletins
Events
Huawei| Huawei Connect| Support| Privacy| Terms of Use
Contact Us:hworld@huawei.com
Follow Huawei Connect :
Copyright © 2022 Huawei Technologies Co., Ltd. All rights reserved.