Home > Articles > Networking

  • Print
  • + Share This
This chapter is from the book

5.3 VRRP over FDDI

Unlike Ethernet, VRRP's behavior over Fiber Distributed Data Interface (FDDI) is a bit tricky. Unlike Ethernet interfaces, FDDI interfaces will remove from the ring any frames with a MAC address that is one of their own.

In Figure 5-5, assume that R1 is the master. R1 sends out a VRRP advertisement with the VRRP MAC(V1) as the source MAC address and the VRRP multicast MAC address as the destination MAC address. If R1 sees this packet again on the ring, it will immediately remove the frame from the ring. Under certain fault conditions such as ring failure, protocol transitions, or loss of connectivity, VRRP may cause a situation in which there is more than one master. In the case of Ethernet, it is normal for both R1 and R2 to register for the VRRP MAC address MAC(V1); generally, if one sees the other's advertisements, a quick resolution is reached to remove one of the masters. However, in the case of FDDI, if routers R1 and R2 have both registered for the VRRP MAC address MAC(V1) and installed the virtual router MAC address MAC(V1) as the hardware address of their FDDI interfaces, then any advertisement sent by R1 using MAC address MAC(V1) as a source will be removed by R2 and vice versa during convergence of the VRRP protocol; also, convergence will fail, leaving two masters in the network. In other words, they strip each other's advertisement from the network and therefore never see each other.

Figure 5-5Figure 5-5. VRRP over FDDI

To avoid this problem, unlike Ethernet, the virtual router MAC address MAC (V1) must be configured not by changing the hardware FDDI MAC address but instead by adding a unicast MAC filter in the FDDI interface of R1 and R2 for the virtual MAC address MAC(V1). This action allows the FDDI interfaces of R1 and R2 to collect and process MAC(V1) in addition to their own FDDI MAC address. However, because MAC (V1) is a special FDDI filter and no longer the actual hardware FDDI address, the FDDI interface won't automatically remove the packet from the ring and destroy it.

If a specific FDDI implementation does not support MAC filters on the FDDI interface, then the routers R1 and R2 have no choice but to use their physical MAC address MAC(R1) or MAC(R2) as source address to exchange the actual VRRP advertisements if both of them ever come up as masters. However, to make sure that bridges and switches learn the VRRP MAC address in case a host ever sends a packet to the virtual router across a bridged network, R1 and R2 would also periodically have to send some type of packet or traffic with the VRRP MAC address as a source when one of them becomes master.

  • + Share This
  • 🔖 Save To Your Account