CCNP RouƟng and Switching v2.

0 Official Cert Guide Library

By Kevin Wallace, David Hucaby, Raymond Lacoste

 Print + Share This  Discuss Page 1 of 1
$127.99

CCNP RouƟng and Switching TSHOOT 300-135 Official Cert

From the author of Guide

In this arƟcle networking consultant Sean Wilkins By Raymond Lacoste, Kevin Wallace
takes the concepts covered in “IntroducƟon to CCNA RouƟng and Switching 200-120 Network $55.99
Simulator
VRRP” and discusses how those concepts can be
applied onto real devices. CCNP RouƟng and Switching ROUTE 300-101 Official Cert
Learn More
Buy
Guide

The configuraƟon of a basic Virtual Router Redundancy By Kevin Wallace

Protocol (VRRP) implementaƟon is not all that complex, and $47.99

resembles a lot the configuraƟon of Cisco’s Hot Standby
Router Protocol (HSRP) if the reader is more familiar with that protocol. This secƟon first covers the configuraƟon process steps and commands
See All Related Store Items
that are used to perform a basic VRRP configuraƟon. An example is then given on how these steps can be used to configure VRRP in a sample
networking topology.

VRRP Simple ConfiguraƟon Steps

Only a few commands are required to get VRRP up and working. Table 1 features these commands and a few other common commands that are
used to modify the default behavior of VRRP.

Table 1 - VRRP ConfiguraƟon Commands

Enter privileged EXEC mode. router>enable

1

2 Enter global configuraƟon mode. router#configure terminal

3 Enter interface configuraƟon mode. router(config)#interface interface

4 Configure an IP address on the interface. router(config-if)#ip address address netmask

5 Configure a VRRP virtual IP address. router(config-if)#vrrp group-number ip ip-address

Note: This address must be in the same subnet as the interface

IP address (primary or secondary).

6 Configure the VRRP priority (opƟonal). router(config-if)#vrrp group-number priority priority

Note: The valid values for the priority are from 1 through 254.

7 Configure VRRP preempƟon (opƟonal). router(config-if)#vrrp group-number preempt

Note: VRRP preempƟon is enabled by default.

VRRP Simple Example

Because oŌen it is easier to see the complete applicaƟon of a subject, this secƟon goes over the configuraƟon of VRRP between two devices in a
sample network. Figure 1 displays the topology that will be used; Table 2 and 3 will then display the commands required on both R1 and R2.
 Figure 1 VRRP example topology

The configuraƟon will perform the following:

Configure the IP addresses 10.10.20.1/30 (R1) and 10.10.20.2/30(R2) on their Fa0/1 interfaces.
Configure the IP addresses 172.16.1.1/24 (R1) and 172.16.2.1 (R2) on their Fa0/0 interfaces.
Configure VRRP between R1 and R2 using the IP addresses 10.10.10.1/24 (R1) and 10.10.10.2/24(R2) and a virtual IP address of 10.10.10.5
on their Fa1/0 interfaces.
Configure R1 with a VRRP priority of 140.

Table 2 - R1 Simple Example ConfiguraƟon

Enter privileged EXEC mode. R1>enable

1

2 Enter global configuraƟon mode. R1#configure terminal

3 Enter interface configuraƟon mode. R1(config)#interface fa0/0

4 Configure an IP address on the interface. R1(config-if)#ip address 172.16.1.1 255.255.255.0

5 Enter interface configuraƟon mode. R1(config)#interface fa0/1

6 Configure an IP address on the interface. R1(config-if)#ip address 10.10.20.1 255.255.255.252

7 Enter interface configuraƟon mode. R1(config)#interface fa1/0

8 Configure an IP address on the interface. R1(config-if)#ip address 10.10.10.1 255.255.255.0

From the author of

9 Configure VRRP using a virtual IP address of 10.10.10.5 using R1(config-if)#vrrp 1 ip 10.10.10.5
group 1.
CCNA RouƟng and Switching 200-120 Network
Simulator

Learn More
Buy

 10 Configure the VRRP priority to 140. R1(config-if)#vrrp 1 priority 140

Table 3 - R2 Simple Example ConfiguraƟon

Enter privileged EXEC mode. R2>enable

1

2 Enter global configuraƟon mode. R2#configure terminal

3 Enter interface configuraƟon mode. R2(config)#interface fa0/0

4 Configure an IP address on the interface. R2(config-if)#ip address 172.16.2.1 255.255.255.0

5 Enter interface configuraƟon mode. R2(config)#interface fa0/1

6 Configure an IP address on the interface. R2(config-if)#ip address 10.10.20.2 255.255.255.252

7 Enter interface configuraƟon mode. R2(config)#interface fa1/0

8 Configure an IP address on the interface. R2(config-if)#ip address 10.10.10.2 255.255.255.0

9 Configure VRRP using a virtual IP address of 10.10.10.5 using R2(config-if)#vrrp 1 ip 10.10.10.5

group 1.

VRRP Complex ConfiguraƟon Steps

As with most features, a number of different opƟonal features may or may not be useful depending on the specific implementaƟon situaƟon.
This secƟon reviews the addiƟonal commands that can be configured to take advantage of these addiƟonal features (Table 4), and then covers
another example using these features.

Table 4 - VRRP Complex ConfiguraƟon Commands

Configure VRRP AuthenƟcaƟon router(config-if)#vrrp group-number authentication

1
{plain-text-string | text plain-text-string | md5

{key-string keystring | key-chain key-chain-name}}

If a key-chain is configured with the command above, follow

these next few steps to create the key-chain.

2 Create and enter into key chain configuraƟon mode. router(config)#key chain chain-name

3 Create and enter into key chain – key configuraƟon mode. router(config-keychain)#key key-number

Note: The key-numbercan be any number between 0-2147483647.

4 Enter the key string that will be used to authenƟcate with router(config-keychain-key)#key-string keystring
neighboring devices.

1 Configure VRRP Object tracking. router(config-if)#vrrp group-number track object-number

[decrement priority]
Note: The default priority decrement value is 10.

2 Create a tracked object router(config)#track object-number interface interface

{line-protocol | ip routing}
Notes:
From the author of
The object-numbercan be any number between 1 and 1000.
CCNA RouƟng and Switching 200-120 Network
The line-protocolparameter will track the protocol state of the Simulator
configured interface. The ip routingparameter will track the IP
Learn More
Buy
 rouƟng capability of an interface (is it configured with an IP
address and operaƟonal?).

VRRP Complex Example

This secƟon covers an example using both VRRP MD5 authenƟcaƟon (using a basic key-string) and VRRP object tracking. For the object tracking
configuraƟon, R1 will be configured to monitor the line protocol state of its own fa0/0 interface. If it goes down, then its VRRP priority will be
lowered by 50; R2 will be configured the same using its fa0/0 interface. The examples in Tables 5 and 6 build upon the simple VRRP example
shown earlier in Table 4.

Table 5 - R1 Complex Example ConfiguraƟon AddiƟon

Enter privileged EXEC mode. R1>enable

1

2 Enter global configuraƟon mode. R1#configure terminal

3 Create a tracked object that will monitor the line protocol status R1(config)#track 1 interface fa0/0 line-protocol
of the fa0/0 interface using an object number of 1.

4 Enter interface configuraƟon mode. R1(config)#interface fa1/0

5 Configure VRRP to use the tracked object to influence its R1(config-if)#vrrp 1 track 1 decrement 50
priority..

6 Configure the use of an MD5 keystring of abc123. R1(config-if)#vrrp 1 authentication md5 key-string

abc123

Table 6 - R2 Complex Example ConfiguraƟon AddiƟon

Enter privileged EXEC mode. R2>enable

1

2 Enter global configuraƟon mode. R2#configure terminal

3 Create a tracked object that will monitor the line protocol status R2(config)#track 1 interface fa0/0 line-protocol
of the fa0/0 interface using an object number of 1.

4 Enter interface configuraƟon mode. R2(config)#interface fa1/0

5 Configure VRRP to use the tracked object to influence its R2(config-if)#vrrp 1 track 1 decrement 50
priority.

6 Configure the use of an MD5 key string of abc123. R2(config-if)#vrrp 1 authentication md5 key-string
abc123

Summary
One thing that has been rather consistent over the last 20 years is that most LAN segments all include a single gateway that is used by everyone
on that segment. While in past, this may not have been that big of a deal, but in modern networks, almost everyone is acƟvely using the
network to do normal tasks and oŌen this involves access to parts of the network that are not local to a host’s machine. Because of this, the
implementaƟon of FHRPs has become more common in these types of network environments.

Knowledge of these opƟons is an important part of the educaƟon of any LAN administrator or engineer, and should be known as part of all Cisco
rouƟng and switching cerƟficaƟon tracks. I hope that this arƟcle enables you to have a beƩer understanding of how the different configuraƟon
commands can be put together to obtain an expected, well thought-out soluƟon to this common design issue.

+ Share This  Save To Your Account Page 1 of 1

From the author of

CCNA RouƟng and Switching 200-120 Network

Simulator
 Discussions
Learn More
Buy
1 Comment

Django •

Nice comprehensive overview of VRRP. Is it possible to extend it with vlans and

dual connection of the internal routers to R1 and R2 ?
• •

Fair Warning: ISACA CRISC Updates Phase 1 IKE Policy | Configuring the
Coming in 2015 Cisco ASA IPSec VPN
• •
— For such a "respected" — Thank you :)
certification I found it to have very poor
availability of study materials 

Cisco Intrusion Protection | Cisco Exam Profile: Cisco CCNP ROUTE

Intrusion Protection 300-101 | Exam Details
• •
— Hi Earl, it's really a great — Dear,I passed CCNP
source you have provided. I got stuck Route V2 300-101 exam today.82
in IP addressing; Can you  question dumps are 

From the author of

CCNA RouƟng and Switching 200-120 Network

Simulator

Learn More
Buy