VRRP
7750 SR OS Router Configuration Guide Page 229
Parameters password — Specifies VRRP Authentication Type 1 is used.
Type 1 requires the definition of an eight octet long string. All transmitted VRRP advertisement
messages must have the authentication type field set to 1 and the authentication data fields must
contain the authentication-key password.
All received VRRP advertisement messages must contain a value of 1 in the authentication type
field and the authentication data fields must match the defined authentication-key. All other
received messages are discarded.
backup
Syntax [no] backup ip-address
Context config>router>if>vrrp
Description This command associates router IP addresses with the parental IP interface IP addresses.
The backup command has two distinct functions when used in an owner or a non-owner context of
the virtual router instance.
Non-owner virtual router instances actually create a routable IP interface address that is operationally
dependent on the virtual router instance mode (master or backup). The backup command in owner
virtual router instances does not create a routable IP interface address; it simply defines the existing
parental IP interface IP addresses that are advertised by the virtual router instance.
For owner virtual router instances, the backup command defines the IP addresses that are advertised
within VRRP advertisement messages. This communicates the IP addresses that the master is
representing to backup virtual routers receiving the messages. It is possible (as an RFC sanctioned
option) for recipients to discard any advertisement that has an IP address list that does not match the
list of addresses it would advertise. Advertising a correct list is important. The specified ip-addr must
be equal to one of the existing parental IP interface IP addresses (primary or secondary) or the
backup command will fail. Multiple owner virtual router instances on the same parental IP interface
may backup the same IP address.
For non-owner virtual router instances, the backup command actually creates an IP interface IP
address used for routing IP packets and communicating with the system when the access commands
are defined (ping-reply, telnet-reply, and ssh-reply). The specified ip-addr must be an IP address
that is within one of the parental IP interface local subnets created with the address or secondary
commands. If a local subnet does not exist that includes the specified ip-addr or if ip-addr is the same
IP address as the parental IP interface IP address, the backup command will fail.
The new interface IP address created with the backup command assumes the mask and parameters of
the corresponding parent IP interface IP address. The ip-addr is only active when the virtual router
instance is operating in the master state. When not operating as master, the virtual router instance acts
as if it is operationally down. It will not respond to ARP requests to ip-addr, nor will it route packets
received with its vrid derived source MAC address. A non-master virtual router instance always
silently discards packets destined to ip-addr. A single virtual router instance may only have a single
virtual router IP address from a given parental local subnet. Multiple virtual router instances can
define a virtual router IP address from the same local subnet as long as each is a different IP address.
Up to sixteen backup ip-addr commands can be executed within the same virtual router instance.
Executing backup multiple times with the same ip-addr results in no operation performed and no