Router reservation using VRRP protocol

We launched a new service: redundancy of the router using the VRRP protocol (abroad it is known as failover IP. As far as we know, nobody in Russia has done anything like this before. The service will be interesting first of all for those who would like to ensure constant availability of business -significant Internet resources, but it does not have sufficient technical capabilities for this: it has neither its own autonomous system, nor a block of IP addresses, nor connections to providers via BGP protocol.
On the features of its technical implementation, we describe in detail in this article.

Choosing a reservation scheme

Let us imagine that we have an Internet resource, which is critically important for a business, and which should always be accessible to a large number of users. This resource www.mysite.ru has an IP address 12.34.56.78, issued by the provider in the block 12.34.56.72/29.
The network resource settings (address, mask, and default gateway) look like this:

  ifconfig eth0 address 12.34.56.78 mask 255.255.255.248 gw 12.34.56.73

If .78 is the address of the host, then .73 is the default gateway address. This address is the responsibility zone of the operator, and if the host is located in the data center, then the data center responsibility zone. Graphically, this scheme can be represented as follows:
')


On the destination host, the address is 12.34.56.78, on the router - .73, and between them a single L2-domain is organized (as a rule, this is a separate VLAN):



To increase the availability of the end host, network infrastructure reservations are required.
For redundancy at the L2 level, in the simplest case, Virtual Chassis / Fabric / MC-LAG is used. Then the end host connects to the data center network using a LAG (Etherchannel):



Possible points of failure are the end host itself and the router.

Reservation of the final host is the responsibility of the customer. It is very desirable that the final and backup host be located in different data centers. This will avoid many problems (with the network structure, with the availability of a specific physical server, with power supply and cooling at individual sites).
You can organize the transfer of an IP address between the main and backup hosts in different ways. Within the same L2 segment, this can be done using the CARP / HSRP / VRRP protocols and their analogues:



A full reservation at the data center level can only be discussed if all service components are reserved and they do not have a single point of failure.

The ideal backup scheme can be represented as follows:



The final and backup customer hosts are located in different data centers. Routers owned by the operator are also located in different data centers. Data centers can be connected by several communication channels.
If a malfunction occurs in one of the data centers, the end host will still be available. The described approach can be used for redundancy in both L2 and L3 schemes.

Router Backup

An example of redundancy at the L3 level is anycast routing and the use of BGP with a higher-level operator. Each of the hosts announces a 12.34.56.72/29 network with a different priority to the routers of the carrier. In this case, each host connects to the routers of the carrier by a separate subnet, a separate VLAN:



This scheme has the following advantages:

• It is widely used on the Internet (BGP);
• scaling is carried out not on two, but on several data centers;

It is not without flaws, among which should be called:

• low speed (default BGP convergence rate - from 1.5 minutes);
• complexity of setting;
• the need to allocate separate subnets for connection in each data center.

The speed of switching to the backup host can be accelerated if you use not BGP, but another protocol - OSPF or IS-IS . The difficulty here lies in the fact that not every telecom operator will make it possible to use these protocols: they usually transfer service data (for example, MPLS tags or service addresses), and there are no full-fledged possibilities for limiting it.

When using L2-scheme, the operator organizes a single L2-domain between the primary and backup hosts. A VXLAN or MPLS tunnel is established between routers:



VXLAN / MPLS helps to organize redundancy using multiple communication channels between the provider's routers.

The final and backup hosts among themselves use VRRP or its analogs. Thus, the IP address 12.34.56.78 is on the currently active host (if both hosts are active, then on the configured master host). The destination host receives an IP address from this network - 12.34.56.77, the backup host receives an address from the same network - 12.34.56.76. If the hosts are running Windows, then instead of VRRP, you can use NLB clustering.



A similar scheme is built by the operator. Both routers participate in the same VRRP domain and share the default gateway address — 12.34.56.73 / 29. Router 1 is a pre-configured master with a physical IP address of 12.34.56.73, and router 2 is a backup router with a physical address of 12.34.56.74; The address 12.34.56.73 for it is virtual and active only when the router 1 is unavailable.



The undoubted advantages of such a scheme are:

• use of standard protocols (VRRP);
• simplicity of setup, both from the customer, and from the operator;
• high speed;

There is only one drawback: it is inconvenient to scale the scheme into more than two data centers.

If a malfunction happens: how it works

In a normal situation, both routers and both customer's hosts work. One of the routers at the stage of constructing the circuit is assigned as the master (master) and responds to the address 12.34.56.73. The situation is similar with hosts: one of them is the main one and responds to requests to the address 12.34.56.78. The second router and the second host are redundant.

Requests from the Internet go through router 1 and go to the primary end host. On the routers, there is an ARP entry of 12.34.56.78 with the MAC address 0000: 5E00: 01xx pointing towards the main host. The primary host responds to hosts on the Internet by routing through Router 1 (default gateway 12.34.56.73 is specified for hosts). To reduce network latency, the main router is located in the same data center as the main host.

What happens when one of the hosts is unavailable? VRRP on the backup host determines that the primary host stops responding to keep-alive requests, and the backup host is set to the IP address 12.34.56.78:



requests from the Internet go to router 1; in its ARP table, it sees the MAC address corresponding to the IP address 12.34.56.78 from the side of Router 2 and sends traffic to the backup host. The backup host sends return traffic to the default gateway 12.34.56.73, i.e. through the router 1. With this scheme, the network delay increases between the hosts on the Internet and the reserved host.
After troubleshooting, the IP address 12.34.56.78 becomes available again on the primary host, and the circuit is operating normally.

Similarly, this scheme works in case of a failure of the network infrastructure between the router and the end host:



When the intermediate switch fails, the primary host is still the carrier of the 12.34.56.78 address, but it does not have a network connection to the router and it does not participate in processing requests from the Internet. The backup host, having lost connectivity with the primary one, becomes responsible for the address 12.34.56.78.

If router 1 or the entire data center 1 as a whole becomes unavailable, then the scheme works exclusively through router 2 and the backup host:



After the restoration of infrastructure, the scheme goes into operation in normal mode. Virtually no faults in the data center 2 do not affect the availability of the end host.

This solution allows the installation and maintenance of high-available resources, their full reservation and separation into separate data centers.

Conclusion

In this article, we looked at network connection reservation technologies using VRRP. The corresponding service can be ordered in our control panel .
If you have questions, welcome to comments. Readers who for one reason or another cannot post comments here are invited to our blog .