How to configure VRRP on Omada L3 Switches through Omada SDN Controller
Apply to: Omada SDN Controller v5.13.30.8 and above; Omada L3 Switches.
This article will introduce how to configure VRRP on Omada L3 switches through Omada SDN Controller.
1. What is VRRP?
VRRP (Virtual Router Redundancy Protocol) is a fault-tolerant protocol that organizes a group of LAN routers (including a Master, the active router, and a number of Backup, the backup router) into a virtual router. When the Master router in the backup group breaks down, the other backup routers in the backup group will elect a new Master router through the election policy and continue to provide routing services to the hosts in the network.
Definitions:
- VRRP Router (VRRP Router): a device running the VRRP protocol, it may belongs to one or more virtual routers, such as SwitchA and SwitchB.
- Virtual Router: Also known as a VRRP backup group, it consists of a Master device and multiple Backup devices, and is used as a default gateway for hosts on a shared LAN. For example, SwitchA and SwitchB together form a virtual router.
- Master Router (Virtual Router Master): a VRRP device that takes on the task of forwarding messages, such as SwitchA.
- Backup Router (Virtual Router Backup): a group of VRRP devices that do not take on the task of forwarding and that will campaign to become the new Master device when the Master device fails, such as SwitchB.
2. Configure VRRP through Omada SDN Controller.
Please adopt the switches in the controller first.
2.1 Goal of configuration
As shown in the following figure, there are two L3 Switches and one L2+ Switch, the PC is in VLAN 101, configure VRRP on the two L3 Switches with a virtual IP of 172.16.1.254, and configure this virtual address on the PC as the gateway.
2.2 Steps of configuration
Create new VLAN
Go to Settings – Wired Network – LAN – Networks, click “Create New LAN” and add VLAN 101.
Configure VLAN Interface on Switch
Go to Devices – Device List, click on “L3 Switch 1” (Referring to the previous diagram) ,go to Config – VLAN Interface in the pop-up page, turn on the Enable switch to the right of VLAN 101 and click the Apply button to create VLAN interface 101.
Click the edit button of VLAN 101, configure the IP address and subnet mask as followed.
After finished configuring the VLAN 101 and interface on L3 Switch 1, follow the same previous step and configure VLAN 101 and interface on L3 Switch 2.
Configure VRRP Rules
Go to Settings – Transmission – VRRP, click “Create VRRP Rules”.
In the pop-up VRRP Rules Config page, select L3 Switch 1 and L3 Switch 2 from the device list and click next.
Then, configure the VRRP priority of the two L3 switches and choose the corresponding VLAN interface (here we choose the VLAN 101 we just created), then the switch with higher priority will become the Master Router.
If necessary, you can configure the Tracked Interface and Reduced Priority in the Master Router. Generally, the Tracked Interface is the uplink routing egress port of this L3 Switch, and after configuring the Tracked Interface, when this port is down, the VRRP priority of this L3 switch will be lowered, which will change the VRRP election result.
Then, configure the VRRP Name, VRID and Virtual IP, click Apply to finish the configuration of VRRP.
Optional parameters of VRRP
It’s recommended not to change these configurations if not necessary.
- Advertise Timer: This is the period of time that VRRP messages are sent, the default is 1 second per period. The smaller the value, the shorter the actual time required for VRRP state switching.
- Preempt Mode:The default is preempt mode, in which the backup router will preempt to be the new master router if it has a higher priority; in non-preempt mode, if there is already a master router, the backup router will not preempt to be the new master router even if it has a higher priority, unless the master router fails.
- Delay Time: In preempt mode, a high-priority VRRP router will wait for a period of Delay time before sending a VRRP message to announce that it has a higher priority and becomes the master. The default value is 0, which means a high-priority VRRP router will immediately send a VRRP message to announce that it has a higher priority and becomes the master.
- Authentication Type: By default it is None and no authentication will be performed. “Simple” refers to using a text password for authentication, and “MD5” refers to using a text password to perform the authentication of MD5, which has a higher security than Simple mode.
Check the current status of VRRP entries
After configuration, go back to Create VRRP Rules page and check the current status of VRRP entries.
MASTER DEVICE: The VRRP Master of current VRRP backup group.
STATUS: The running status of this VRRP entry.
Configure the downlink port of L2+ switch
Go to the private configuration page of L2+ switch, go to Ports and click the edit button on the downlink port, change its profile to VLAN 101.
Configure Static Routes
If you need to configure static routes for L3 swithes, do as followed.
Go to the private configuration page of L3 switch, then Config – Static Route, click Add.
Then, tick Enable on Status, enter the destination subnet in Destination IP/Subnet, enter the next hop IP of this static route in Next Hop, enter the distance and click Apply.
For more detailed information on features and CLIs, check the CLI Guide and User Guide.