The present invention relates generally to network systems using redundant or standby devices working together in a redundancy group to provide a virtual router service. More particularly, the present invention relates to methods and apparatus for assuring that the physical gateway device responsible for forwarding packets for such a redundancy group (that is, the “active” or primary router or other gateway device) is the gateway device possessing the optimal route to a destination (for example, a remote network).
Local area networks (LANs) are commonly connected with one another through one or more routers so that a host (a PC or other arbitrary LAN entity) on one LAN can communicate with other hosts on different LANs. Typically, the host is able to communicate directly only with the entities on its local LAN segment. When it receives a request to send a data packet to an address that it does not recognize as being local, it communicates through a router (or other layer-3 device) which determines how to direct the packet between the host and the destination address in a remote network. Unfortunately, a router may, for a variety of reasons, become inoperative (e.g., a power failure, rebooting, scheduled maintenance, etc.) creating a trigger event. Such potential router failure has led to the development and use of redundant systems, which have more than one router to provide a back up in the event of primary router failure. When a router fails, the host communicating through the inoperative router may still remain connected to other LANs if it can send packets to another router connected to its LAN.
Various protocols have been devised to allow a host to choose a router from among a group of routers in a network. Two of these, Routing Information Protocol (or RIP) and ICMP Router Discovery Protocol (IRDP) are examples of protocols that involve dynamic participation by the host. However, because both RIP and IRDP require that the host be dynamically involved in the router selection, performance may be reduced and special host modifications and management may be required.
In a widely used and somewhat simpler approach, the host recognizes only a single “default” router. In this approach, the host is configured to send data packets to the default router when it needs to send packets to addresses outside its own LAN. It does not keep track of available routers or make decisions to switch to different routers. This requires very little effort on the host's part, but has a serious danger. If the default router fails, the host cannot send packets outside of its LAN. This may be true even though there may be a redundant router able to take over, because the host does not know about the backup. Unfortunately, such systems have been used in mission critical applications such as stock trading.
The shortcomings of these early systems led to the development and implementation of a hot standby router protocol (HSRP) by Cisco Systems, Inc. of San Jose, Calif. A more detailed discussion of the earlier systems and of an HSRP type of system can be found in U.S. Pat. No. 5,473,599 (referred to herein as “the '599 patent”), entitled STANDBY ROUTER PROTOCOL, issued Dec. 5, 1995 to Cisco Systems, Inc., which is incorporated herein by reference in its entirety for all purposes. Also, HSRP is described in detail in RFC 2281, entitled “Cisco Hot Standby Router Protocol (HSRP)”, by T. Li, B. Cole, P. Morton and D. Li, which is incorporated herein by reference in its entirety for all purposes.
HSRP is widely used to back up primary routers for a network segment. In HSRP, a “standby” or “secondary” router is designated as the back-up to an “active” or “primary” router. The standby router is linked to the network segment or segments serviced by the active router. The active and standby routers share a “virtual IP address” and possibly a “virtual Media Access Control (MAC) address.” All internet communication to and from the relevant sub-network employs the virtual IP and MAC addresses. At any given time, the active router is the only router adopting the virtual addresses. Then, if the active router should cease operation for any reason, the standby router immediately takes over its load (by adopting the virtual addresses). This allows the host to always direct data packets to an operational router without monitoring the routers of the network.
A Cisco HSRP system is shown in FIGS. 1-2. As seen in FIG. 1, four gateways 110A-D (for example, routers) operate in a normal mode, providing redundant default gateway services in an active/standby configuration for a common IP subnet. In FIG. 1, the multiple routers 110 (layer-3 switches) form a redundancy group 108 (RG) and share a virtual MAC address 118 and a virtual IP address 116. Hosts 120A-C on a common subnet 130 set their default gateway IP address 126 and MAC address 128 to the virtual addresses 116, 118 within RG 108 for their subnet. In an RG 108 of a prior HSRP system, a “primary” RG member 110A (for example, an “active router”) is elected based on pre-configured priorities.
The active router 110A of the RG 108 responds to all address resolution protocol (“ARP”) requests for the virtual IP address 116, thus providing default gateway services for all hosts 120 of the common subnet 130 during normal operation. During normal operation, a secondary RG member 110B of the RG 108 remains in a “standby” mode. If the primary member 110A of the RG 108 should fail, as shown in FIG. 2, the standby router 110B will assume the virtual MAC and IP addresses 118, 116, effectively becoming the primary member (or “active router”) and thereby providing uninterrupted gateway services to the hosts 120 of common subnet 130 without the need for additional ARP discovery/resolution. This configuration provides a reliable fail-over function for the gateway devices.
As noted above, election to the status of active router in a router group such as the one shown in FIGS. 1 and 2 presently is based on pre-configured priorities in each router. While this is useful and practical in some situations, it does not ensure that the active router for a given group is the router with the best route to a particular destination network. Current networks must rely on ICMP redirects to direct hosts to the router with an optimal route. This is not always possible, or desirable, when a virtual router protocol is used. If ICMP redirects are not possible, then traffic sent to remote networks may traverse the local subnet twice as they are forwarded to the optimal router.
In view of the foregoing, it would be desirable to provide redundant gateway services similar to Cisco's HSRP while ensuring that the active router in a redundant gateway services group is the router with the optimal route to a destination network.