ネットワーク備忘録

アラフォーエンジニアのネットワーク系の備忘録。twitter:@deigo25374582

JUNOS_VRRP

cisco juniper

JUNOSのVRRP
vSRXで検証

 

IF Trackingも合わせて追加

<R1 Config>

 admin@R1# show interfaces | display set
set interfaces ge-0/0/0 unit 0 family inet address 172.16.1.1/24 vrrp-group 1 virtual-address 172.16.1.10
set interfaces ge-0/0/0 unit 0 family inet address 172.16.1.1/24 vrrp-group 1 priority 150
set interfaces ge-0/0/0 unit 0 family inet address 172.16.1.1/24 vrrp-group 1 preempt hold-time 10
set interfaces ge-0/0/0 unit 0 family inet address 172.16.1.1/24 vrrp-group 1 accept-data
set interfaces ge-0/0/0 unit 0 family inet address 172.16.1.1/24 vrrp-group 1 authentication-type simple
set interfaces ge-0/0/0 unit 0 family inet address 172.16.1.1/24 vrrp-group 1 authentication-key "$9$.fQntu1ylMuOxd"
set interfaces ge-0/0/0 unit 0 family inet address 172.16.1.1/24 vrrp-group 1 track priority-hold-time 100
set interfaces ge-0/0/0 unit 0 family inet address 172.16.1.1/24 vrrp-group 1 track interface ge-0/0/1 priority-cost 60

 

<R2 Config>

admin@R2# show interfaces | display set
set interfaces ge-0/0/0 unit 0 family inet address 172.16.1.2/24 vrrp-group 1 virtual-address 172.16.1.10
set interfaces ge-0/0/0 unit 0 family inet address 172.16.1.2/24 vrrp-group 1 priority 100
set interfaces ge-0/0/0 unit 0 family inet address 172.16.1.2/24 vrrp-group 1 accept-data
set interfaces ge-0/0/0 unit 0 family inet address 172.16.1.2/24 vrrp-group 1 authentication-type simple
set interfaces ge-0/0/0 unit 0 family inet address 172.16.1.2/24 vrrp-group 1 authentication-key "$9$SgglvLdb2GDkbsfz" 

 

CiscoのHSRPとほとんど同じだけど、忘れそうなのが以下

・accept-date ・・・VRRPのVIPへのPing応答を許可。

・priority-hold-time ・・IF trackingを設定した場合のPriorityが実際に変わるまでの時間。

track priority-hold timeの確認
ge-0/0/1 をDisabled後にshow vrrp で確認

 

 [edit]
admin@R1# run show vrrp detail
Physical interface: ge-0/0/0, Unit: 0, Address: 172.16.1.1/24
  Index: 68, SNMP ifIndex: 521, VRRP-Traps: disabled, VRRP-Version: 2
  Interface state: up, Group: 1, State: master, VRRP Mode: Active
  Priority: 150, Advertisement interval: 1, Authentication type: simple
  Advertisement threshold: 3, Computed send rate: 0
  Preempt: yes, Preempt hold time: 10
  Accept-data mode: yes, VIP count: 1, VIP: 172.16.1.10
  Advertisement Timer: 0.391s, Master router: 172.16.1.1
  Virtual router uptime: 00:51:39, Master router uptime: 00:09:28
  Virtual Mac: 00:00:5e:00:01:01
  Preferred: yes
  Tracking: enabled
  Current priority: 150, Configured priority: 150
  Priority hold time: 100, Remaining: 41.827, Pending priority: 90
  Interface tracking: enabled, Interface count: 1
  Interface Int state Int speed Incurred priority cost
  ge-0/0/1.0 down 0 60
  Route tracking: disabled

 →Remainningの値が0になるまでかかる。

ただし、Ciscoのpreempt delayのような「切り替わりは即時だけど、切り戻りはXX秒経過後」というのをやりたいんだけど、「vrrp-group 1 preempt hold-time」では出来ないので要調査。