Virtual router redundancy protocol

Virtual Router Redundancy Protocol (VRRP) is a widely used protocol that provides device redundancy to eliminate the single point of failure inherent in the static default-routed environment. VRRP allows you to configure two or more routers to form a group. This group appears as a single default gateway with one virtual IP address and one virtual MAC address.

Citrix SD-WAN supports VRRP version 2 and version 3 to inter-operate with any third party routers. The SD-WAN appliance acts as a master router and direct the traffic to use Virtual Path Service between sites. You can configure the SD-WAN appliance as the VRRP master by configuring the Virtual Interface IP as the VRRP IP and by manually setting the priority to a higher value than the peer routers. You can configure the advertisement interval and the preempt options.

To configure VRRP, in the Site configuration page, navigate to Configuration > Advanced Settings > select VRRP tab > click + Add VRRP

Vrrp

You can edit the following member path parameters:

  • VRRP group ID: The VRRP group ID. The group ID must be a value range is 1–255. The same group ID must be configured on the back-up routers too.

  • Version: The VRRP protocol version. You can choose between VRRP protocol V2 and V3.

  • Priority: The priority of the Citrix SD-WAN appliance for the VRRP group. The priority range is 1–254. Set this value to maximum (254) to make the SD-WAN appliance the master.

    Note

    If the router is the owner of the VRRP IP address, the priority is set to 255 by default.

  • Advertisement Interval: The frequency in milliseconds, with which the VRRP advertisements are sent when the SD-WAN appliance is the master. The default advertisement interval is one second.

  • Authentication Type: You can choose Plain Text to enter an authentication string. The authentication string is sent as a plain text without any encryption in the VRRP Advertisements. Choose None, if you do not want to set up authentication.

  • Authentication Text: The authentication string to be sent in the VRRP Advertisement. This option is enabled if the Authentication Type is Plain Text.

    Note

    The Authentication Type and Authentication Text parameters are enabled only for VRRP protocol version 2.

  • Use V2 Checksum: Enables compatibility with third party network devices for VRRPv3. By default, VRRPv3 uses v3 checksum computation method. Certain third party devices might only support VRRPv2 checksum computation. In such cases, enable this option.

  • Virtual Interface: The virtual interface to be used for VRRP. Choose one of the configured virtual interfaces.

  • Virtual IP Address: The virtual IP address assigned to the virtual interface. Choose one of the configured virtual IP addresses for the virtual interface.

  • VRRP Router IP: The virtual router IP address for the VRRP group. By default, the Virtual IP address of the SD-WAN appliance is assigned as the virtual router IP address.

Virtual router redundancy protocol