====== Simple VRRP lab  ======


===== Network Diagram =====

{{:documentation:examples:bsdrp-simple-vrrp-lab.png|}}

===== Starting the lab =====

More information on these BSDRP lab scripts available on [[documentation:examples:How to build a BSDRP router lab]].

Example with the bhyve lab script:

<code>
# ./BSDRP-lab-bhyve.sh -i /usr/obj/BSDRP.amd64/BSDRP-1.61-full-amd64-vga.img -n 4 -l 2
vmm module not loaded. Loading it...
nmdm module not loaded. Loading it...
if_tap module not loaded. Loading it...
BSD Router Project (http://bsdrp.net) - bhyve full-meshed lab script
Setting-up a virtual lab with 4 VM(s):
- Working directory: /tmp/BSDRP
- Each VM have 1 core(s) and 256M RAM
- Switch mode: bridge + tap
- 2 LAN(s) between all VM
- Full mesh Ethernet links between each VM
VM 1 have the following NIC:
- vtnet0 connected to VM 2.
- vtnet1 connected to VM 3.
- vtnet2 connected to VM 4.
- vtnet3 connected to LAN number 1
- vtnet4 connected to LAN number 2
VM 2 have the following NIC:
- vtnet0 connected to VM 1.
- vtnet1 connected to VM 3.
- vtnet2 connected to VM 4.
- vtnet3 connected to LAN number 1
- vtnet4 connected to LAN number 2
VM 3 have the following NIC:
- vtnet0 connected to VM 1.
- vtnet1 connected to VM 2.
- vtnet2 connected to VM 4.
- vtnet3 connected to LAN number 1
- vtnet4 connected to LAN number 2
VM 4 have the following NIC:
- vtnet0 connected to VM 1.
- vtnet1 connected to VM 2.
- vtnet2 connected to VM 3.
- vtnet3 connected to LAN number 1
- vtnet4 connected to LAN number 2
For connecting to VM'serial console, you can use:
- VM 1 : cu -l /dev/nmdm1B
- VM 2 : cu -l /dev/nmdm2B
- VM 3 : cu -l /dev/nmdm3B
- VM 4 : cu -l /dev/nmdm4B
</code>

===== Special notes for VLAN user =====

Do not uses the default interface vlan name assignment (like "igb0.10"), because the underlying tool (netgraph) doesn't support interface name that includes a dot.

===== Configuring Routers =====

==== Router 1 (R1) ====

<code>
sysrc hostname=R1 \
  ifconfig_vtnet3="inet 192.168.1.1/24" \
  ifconfig_vtnet4="inet 192.168.2.1/24" \
  freevrrpd_enable=YES
cat <<EOF > /usr/local/etc/freevrrpd.conf 
[VRID]
serverid = 1
interface = vtnet3
# This router is the master
priority = 101
addr = 192.168.1.254/24
# We want that this state is dependant with the state of vrid 2
vridsdep = 2
password = vrid1

[VRID]
serverid = 2
interface = vtnet4
# This router is the master
priority = 101
addr = 192.168.2.254/24
password = vrid2
# We want that this state is dependant with the state of vrid 1
vridsdep = 1
EOF
service netif restart
service freevrrpd start
config save
</code>

==== Router 2 (R2) ====

<code>
sysrc hostname=R2 \
  ifconfig_vtnet3="inet 192.168.1.2/24" \
  ifconfig_vtnet4="inet 192.168.2.2/24" \
  freevrrpd_enable=YES
cat <<EOF > /usr/local/etc/freevrrpd.conf 
[VRID]
serverid = 1
interface = vtnet3
# This router is the backup
priority = 100
addr = 192.168.1.254/24
# We want that this state is dependant with the state of vrid 2
vridsdep = 2
password = vrid1

[VRID]
serverid = 2
interface = vtnet4
# This router is the backup
priority = 100
addr = 192.168.2.254/24
password = vrid2
# We want that this state is dependant with the state of vrid 1
vridsdep = 1
EOF
service netif restart
service freevrrpd start
config save
</code>

==== Router 3 (R3) ====

<code>
sysrc hostname=R3 \
  ifconfig_vtnet3="inet 192.168.1.3/24" \
  defaultrouter="192.168.1.254" \
  gateway_enable=NO \
  ipv6_gateway_enable=NO
service netif restart
service routing restart
config save
</code>

==== Router 4 (R4) ====

<code>
sysrc hostname=R4 \
  ifconfig_vtnet4="inet 192.168.2.4/24" \
  defaultrouter="192.168.2.254" \
  gateway_enable=NO \
  ipv6_gateway_enable=NO
service netif restart
service routing restart
config save
</code>

===== Checking configuration =====

==== VRRP state ====

On R1:

<code>
[root@R1]~# grep vrrp /var/log/messages
Nov  5 11:37:15 R1 freevrrpd[1177]: launching daemon in background mode
Nov  5 11:37:15 R1 freevrrpd[1178]: initializing threads and all VRID
Nov  5 11:37:15 R1 freevrrpd[1178]: reading configuration file /usr/local/etc/freevrrpd.conf
Nov  5 11:37:15 R1 freevrrpd[1178]: monitored circuits engine initialized
Nov  5 11:37:16 R1 freevrrpd[1178]: server state vrid 1: backup
Nov  5 11:37:17 R1 freevrrpd[1178]: server state vrid 2: backup
Nov  5 11:37:20 R1 freevrrpd[1178]: server state vrid 1: master
Nov  5 11:37:21 R1 freevrrpd[1178]: server state vrid 2: master
</code>

//R1 is VRRP master for vrid 1 and 2.//

On R2:

<code>
[root@R2]~#  grep vrrp /var/log/messages
Nov  5 11:41:37 R2 freevrrpd[2091]: launching daemon in background mode
Nov  5 11:41:37 R2 freevrrpd[2092]: initializing threads and all VRID
Nov  5 11:41:37 R2 freevrrpd[2092]: reading configuration file /usr/local/etc/freevrrpd.conf
Nov  5 11:41:37 R2 freevrrpd[2092]: monitored circuits engine initialized
Nov  5 11:41:38 R2 freevrrpd[2092]: server state vrid 1: backup
Nov  5 11:41:39 R2 freevrrpd[2092]: server state vrid 2: backup
</code>

//R2 is the VRRP backup for vrid 1 and 2.//

==== Forwarding and ARP entry ====

Pinging R4 from R3:
<code>
[root@R3]~# ping 192.168.2.4
PING 192.168.2.4 (192.168.2.4): 56 data bytes
64 bytes from 192.168.2.4: icmp_seq=0 ttl=63 time=0.669 ms
64 bytes from 192.168.2.4: icmp_seq=1 ttl=63 time=0.749 ms
64 bytes from 192.168.2.4: icmp_seq=2 ttl=63 time=0.718 ms
</code>
And checking ARP cache for a VRRP MAC address (00:00:5e:00:01:xx)

<code>
[root@R3]~#arp -na | grep 192.168.1.254
? (192.168.1.254) at 00:00:5e:00:01:01 on vtnet3 expires in 709 seconds [ethernet]

</code>

==== Testing VRRP swap ====

Disable one interface on R1 for changing the VRRP states:
<code>

[root@R1]~# ifconfig vtnet3 down
Nov  5 11:48:40 R1 freevrrpd[1178]: can't write to socket: Network is down
Nov  5 11:48:40 R1 freevrrpd[1178]: There is a big problem here !
Nov  5 11:48:42 R1 freevrrpd[1178]: interface vtnet3 is faulty, deactivated from VRRP VRIDs
Nov  5 11:48:42 R1 freevrrpd[1178]: VRID 2 (interface vtnet4) has been deactivated due to dependance
</code>

And check that R2 became the master:

<code>
[root@R2]~#tail -f /var/log/messages
Nov  5 11:48:45 R2 freevrrpd[2092]: server state vrid 1: master
Nov  5 11:48:48 R2 freevrrpd[2092]: server state vrid 2: master
</code>

And check that R3 still can reach R4:

<code>
[root@R3]~#ping 192.168.2.4
PING 192.168.2.4 (192.168.2.4): 56 data bytes
64 bytes from 192.168.2.4: icmp_seq=0 ttl=63 time=0.571 ms
64 bytes from 192.168.2.4: icmp_seq=1 ttl=63 time=0.795 ms
</code>