man vrrpd (Administration système) - Virtual Router Redundancy Protocol Deamon

NAME

vrrpd - Virtual Router Redundancy Protocol Deamon

SYNOPSIS

vrrpd -i ifname -v vrid [-f piddir] [-s] [-a auth] [-p prio] [-m ifname] [-c delta] [-nhD] ipaddr

DESCRIPTION

vrrpd is an implementation of VRRPv2 as specified in rfc2338. It run in userspace for linux. In short, VRRP is a protocol which elects a master server on a LAN and the master answers to a 'virtual ip address'. If it fails, a backup server takes over the ip address.

A longer answer in the rfc2338 abstract : "This memo defines the Virtual Router Redundancy Protocol (VRRP). VRRP specifies an election protocol that dynamically assigns responsibility for a virtual router to one of the VRRP routers on a LAN. The VRRP router controlling the IP address(es) associated with a virtual router is called the Master, and forwards packets sent to these IP addresses. The election process provides dynamic fail over in the forwarding responsibility should the Master become unavailable. This allows any of the virtual router IP addresses on the LAN to be used as the default first hop router by end-hosts. The advantage gained from using VRRP is a higher availability default path without requiring configuration of dynamic routing or router discovery protocols on every end-host." Copyright (C) The Internet Society (1998). All Rights Reserved.

Monitored interface functionality is useful on high availability router or firewall platforms, where single interface failure can cause asymmetrical routing issues.

Ideally, what is required is a method for a vrrpd process to detect a failure of the 'other' network interface, and lower it's own VRRP priority below that of the 'backup' vrrpd process. This allows failover to occur normally.

OPTIONS

-h
display this short inlined help
-n
Don't handle the virtual mac address
-D
Go into background mode, daemonize
-i ifname
the interface name to run on. More than one interface can be monitored by the one vrrpd process, a list like "eth1 eth2 eth3 eth4 eth5" is acceptable. Losing link-beat on any of these will cause the priority of that vrrpd process to be decreased by the specified value, or a default of 100. Note that as MII calls are used, this implementation is limited to Fast and Gigabit Ethernet chipsets only - 10Mbps Ethernet cards will not work.
-v vrid
the id of the virtual server [1-255]
-s
iqxSwitch the preemption mode (Enabled by default)
-a auth
set the authentification type auth=(none|pw/hexkey|ah/hexkey) hexkey=0x[0-9a-fA-F]+ Password is a symbolic security, anybody with a sniffer can break it. AH is a bit stronger.
-p prio
Set the priority of this host in the virtual server (dfl: 100)
-f piddir
specify the directory where the pid file is stored (dfl: /var/run)
-d delay
Set the advertisement interval (in sec) (dfl: 1) -m ifname Interface(s) to monitor for failure. Use " " for multiple interfaces
-c delta
Set the delta to decrease priority by (dfl: 50)
ipaddr
the ip address(es) of the virtual server

EXAMPLES

vrrpd -i eth0 -v 50 10.0.0.1

run vrrp on the interface eth0 with the virtual id 50 and 10.0.0.1 as virtual ip address

AUTHOR

vrrpd was written by Jerome Etienne <jetienne@arobas.net>, it was later improved by Alexandre Cassert <acassen@linux-vs.org> and David Hunter <david.hunter@gen-i.co.nz>

BUGS

Suggestions, bugs or questions should be directed to the Sourceforge project at http://sourceforge.net/projects/vrrpd/

Bug reports regarding this package should be submitted to Debian using the reportbug or bug tool.

MORE INFO

For more information please read the documents under /usr/share/doc/vrrpd/ : README, README.Debian FAQ and TODO.