1. Field of the Invention
The present invention relates to communication networks and, more particularly, to a method and apparatus for learning the identity of VRRP backup router(s) for a VRRP master router.
2. Description of the Related Art
Data communication networks may include various computers, servers, nodes, routers, switches, hubs, proxies, and other network devices coupled to and configured to pass data to one another. These various devices will be referred to herein as “network elements.” Data is communicated through the data communication network by passing data packets (or data cells or segments) between the network elements by utilizing one or more communication links interconnecting the network elements. A particular packet may be handled by multiple network elements and cross multiple communication links as it travels between its source and its destination over the network.
FIG. 1 illustrates an example network 10, including a Local Area Network (LAN) 12 that is connected to an external network such as the Internet 14 by two network elements 16. Although an example will be provided in which a LAN is connected to the Internet, the LAN may also be connected to another type of network. For convenience, the network elements will be referred to as routers, although other types of network elements may be used to implement the network elements 16. The routers 16 may be separate physical entities or may be virtual routers implemented as separate processes or separate threads in a process that provide the illusion that a dedicated router is available to satisfy the needs of the network(s) to which it is connected
Hosts 18 connect to the LAN 12 and are able to access the external network 14 via one or more of the routers 16. However, since there is more than one router 16 interconnecting the LAN with the external network, the host will need to learn which router 16 should be used to access a particular destination or set of destinations. For example, each of the routers 16 may be established to handle traffic for a particular Virtual Private Network or for a particular group of hosts. Thus, the host will need to know the IP address (or MAC address) of the router 16 that it is required to use to communicate with a particular destination.
There are several ways in which the routers may be assigned to handle traffic for a particular host or set of hosts. For example, an Internet Control Messaging Protocol (ICMP) router discover client may be used to discover routes through the network to an IP address, or a statically configured default route may be used from the host to one of the routing entities. However, the static default routes have the disadvantage of needing to be reestablished if the routing entity goes down or in the event of another fault on the network.
Another way to assign routers to handle traffic for particular groups of hosts is to run a dynamic routing protocol on the LAN 12, such that if a particular router or routing entity goes down, a substitute routing entity may take over for that routing entity. Dynamic routing protocols generally enable the network elements to establish connectivity and allow the network elements to determine paths through the network. A few examples of dynamic routing protocols include Open Shortest Path First (OSPF), Routing Information Protocol (RIP), Intermediate System to Intermediate System (IS-IS), although other dynamic routing protocols may exist as well. When a dynamic routing protocol is in use on the network, and one of the routing entities goes down, the dynamic routing protocol will automatically reconfigure routes through the network so that a new route to the IP address (via a different routing entity) may be used by the host.
Unfortunately, there are situations where it may not be optimal to run a dynamic routing protocol on the network. For example, dynamic routing protocols introduce security concerns and may take time to converge after a change in network topography. In a network that is frequently changing, for example where virtual routers are constantly being added or deleted from the network elements, it may be difficult to run a dynamic routing protocol.
One way to avoid using a dynamic routing protocol is to cause the hosts to address data intended to be transmitted to the external network to a virtual IP address, and then allow the routers to dynamically assume responsibility for the virtual IP addresses on the LAN. By allowing the routers to dynamically assume responsibility, an available router may assume responsibility for a virtual IP address and, if that router becomes unavailable for some reason, another router may take over responsibility without requiring the failover to be coordinated with the host.
One protocol that enables the routers to assume responsibility for IP addresses in this manner is commonly referred to as Virtual Router Redundancy Protocol (VRRP). VRRP was defined to enable hosts to transmit data to a virtual IP address, and to enable routers to dynamically assume responsibility for the virtual IP address. In this scenario, the host will transmit data onto the LAN, and routers will look for data addressed to the virtual IP address or virtual MAC address for which they are responsible. VRRP is defined in greater detail for IPv4 in IETF RFC 3768 and for IPv6 in IETF Internet Draft draft-ietf-vrrp-ipv6-spec-07.txt, the content of each of which is hereby incorporated herein by reference.
In VRRP, one router will be elected as the master router for a particular address, and other routers will become backup routers for that address. Generally, there is at least one backup router for each master, although multiple backup routers may exist for a given master router. The master router periodically advertises mastership of the set of addresses that it is master over, to enable the backup routers to determine that the master is still functioning. When the backup routers do not receive an advertisement from the master for a period of time, the backup routers will presume that the master has failed and will take over responsibility for the associated IP address. Once the backup has taken over for the master, it will forward traffic addressed to the associated virtual “IP address and respond to ARP requests for that virtual IP address.
FIG. 2 shows a configuration with three routers running VRRP to provide a redundant gateway for the hosts on the LAN. In this example, routers A and B are backed up by router C. The hosts 18 on the LAN are splitting their traffic between the routers A and B. According to this example, half of the hosts have been configured to have router A as their default gateway and the other half have been configured to have router B as their default gateway. Two virtual routers have been configured with VRID 27 and 28. VRRP router with VRID 27 is backing up IP address 192.168.1.20, and VRRP router with VRID 28 is backing up IP address 192.168.1.24. The addresses being backed up are called the virtual IP addresses. In this case, since router A owns 192.168.1.20 (that is its physical interface address) it will assert itself as master for VRID=27 and router B will assert itself as master for VRID 28 for the same reason.
As described in greater detail in the VRRP specifications, once a group of routers has been established for a given IP address, one of the routers will assume the role of master for that IP address and the other routers will be backups. The master router will advertise a virtual MAC address associated with the IP address so that traffic to the IP address will be learned on ports leading to the master router. In this way, traffic may be routed through the network to cause traffic addressed to the IP address to pass through the master router.
The master router will also advertise mastership of the virtual IP address by broadcasting an advertisement on the network. Backup routers on the network will listen for the VRRP advertisements from the master, which enable the VRRP master to advertise the priority and the state of the master router associated with the virtual router ID. When the backup routers notice an absence of advertisements from the master for a certain period of time, the backup routers elect a new master based on an election process defined in the RFC. Once the election process has completed, the winning backup router will automatically assume responsibility for the Virtual Router ID so that a failover from the master to the backup may be performed automatically, simply by causing the backup router to become the master router and assume responsibility for forwarding traffic addressed to the virtual IP address.
Since the IP address has not changed, the hosts will not be affected by the change in responsibility occasioned by the failover, and accordingly the failover from master to backup is transparent to the hosts.
VRRP may be used as shown in FIG. 2 to enable routers to be backed up on a network. Additionally, within a network element, a given network element may implement hundreds or thousands of virtual routers. VRRP may thus be run within the network element itself to determine which of the routers should be masters and which should be backups, so that backup and virtual routers may be established for the master virtual routers without requiring complicated interdependencies from a control/management standpoint to be established. Rather, the virtual routers on the network element may simply run VRRP and determine automatically which of the virtual routers will be the master for a given virtual IP address and which will back up the master router.
Since the VRRP protocol specifies that master routers are to transmit advertisement messages periodically to maintain mastership over their IP addresses, it is easy from a control/management standpoint to determine which router is the master of a particular IP address by simply listening for VRRP advertisements on the LAN. However, the backup routers do not transmit any information of this nature and, accordingly, determining which routers are backups for a particular master or determining whether there are any backups for a particular master is more complicated. Where there are only a few routers and the master/backup relationship has been explicitly defined, this is probably not an issue. However, as the number of routers increases and as the routers begin to self-assign responsibility for backing up the master routers on the network, the task of identifying the backup routers may become increasingly more difficult.
Since the standard does not provide for the standby routers to send out any messages while the master router is alive, the master router does not have any information about the existence of backup router(s) and cannot provide the identity of the VRRP backup routers. If the system administrator of the master router wants to take down the connection to the LAN for some reason, for example to perform regular maintenance, upgrade, or trouble shooting, the system administrator may have difficulty identifying which routers are VRRP backup routers for a particular VRRP master router. For example, the network administrator may need to access the other routers using a network management system to determine which routers are backing up the VRRP master router. This can be a tedious, laborious, time consuming and error prone activity.