Operation Manual – Reliability
H3C S9500 Series Routing Switches
Chapter 1 VRRP Configuration
1-6
is higher than that of the current Master switch. Accordingly, the former Master switch
will become the Backup switch.
Together with preemption settings, a delay can also be set. In this way, a Backup will
wait for a period of time before becoming a Master. In an unstable network if the Backup
switch has not received the packets from the Master switch punctually, it will become
the Master switch. However, the failure of Backup to receive the packets may be due to
network congestion, instead of the malfunction of the Master switch. In this case, the
Backup will receive the packet after a while. The delay settings can thereby avoid the
frequent status changing.
Perform the following configuration in VLAN interface view.
Table 1-6
Configure preemption and delay for a switch within a virtual router
Operation
Command
Enable the preemption mode and
configure a period of delay.
vrrp vrid virtual
-
router
-
ID
preempt-mode
[
timer
delay
delay
-
value
]
Disable the preemption mode.
undo vrrp vrid
virtual
-
router
-
ID
preempt-mode
The delay ranges from 0 to 255, measured in seconds. By default, the preemption
mode is preemption with a delay of 0 second.
Note:
If preemption mode is cancelled, the delay time will automatically become 0 second.
1.2.7 Configuring Authentication Type and Authentication Key
VRRP provides following authentication types:
z
simple
: Simple character authentication
z
md5
: MD5 authentication
In a network under possible security threat, the authentication type can be set to
simple
. Then the switch will add the authentication key into the VRRP packets before
transmitting it. The receiver will compare the authentication key of the packet with the
locally configured one. If they are the same, the packet will be taken as a true and legal
one. Otherwise it will be regarded as an illegal packet to be discarded. In this case, an
authentication key not exceeding 8 characters should be configured.
In a totally unsafe network, the authentication type can be set to
md5
. The switch will
use the authentication type and MD5 algorithm provided by the Authentication Header