VRRP and sub-optimal routing
STP and FHRP Protocols such as VRRP are completely different protocols. STP creates L2 loop-free topologies while VRRP (or other FHRP protocols) create a virtual default gateway for hosts.
Something to keep in mind is that you can have sub-optimal routing when the L2 topology has blocked the interface that is the shortest path to the VRRP master.
Topology
Here is an example:
SW1 and SW2 use VRRP to create a virtual default gateway.
- SW1 is the STP root bridge.
- SW2 is the VRRP master.
When H1 wants to reach the virtual default gateway, traffic will go from SW3 > SW1 > SW2.
Configuration
SW1
hostname SW1 ! ip cef ! spanning-tree mode pvst ! interface GigabitEthernet0/0 ! interface GigabitEthernet0/1 ! interface GigabitEthernet0/2 ! interface Vlan1 ip address 192.168.1.1 255.255.255.0 vrrp 1 ip 192.168.1.254 ! end
SW2
hostname SW2 ! ip cef ! spanning-tree mode pvst ! interface GigabitEthernet0/0 ! interface GigabitEthernet0/1 ! interface GigabitEthernet0/2 ! interface Vlan1 ip address 192.168.1.2 255.255.255.0 vrrp 1 ip 192.168.1.254 ! end
SW3
hostname SW3 ! spanning-tree mode pvst ! interface GigabitEthernet0/0 ! interface GigabitEthernet0/1 ! interface GigabitEthernet0/2 ! interface GigabitEthernet0/3 ! ip http server ip http secure-server ! end
H1
hostname H1 ! no ip routing ! no ip cef ! interface GigabitEthernet0/0 ip address 192.168.1.100 255.255.255.0 ! ip default-gateway 192.168.1.254 ! end
Verification
Spanning Tree
Here is the spanning tree topology for VLAN 1:
SW1#show spanning-tree vlan 1 VLAN0001 Spanning tree enabled protocol ieee Root ID Priority 32769 Address 5254.0001.8590 This bridge is the root Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Bridge ID Priority 32769 (priority 32768 sys-id-ext 1) Address 5254.0001.8590 Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Aging Time 300 sec Interface Role Sts Cost Prio.Nbr Type ------------------- ---- --- --------- -------- -------------------------------- Gi0/0 Desg FWD 4 128.1 P2p Gi0/1 Desg FWD 4 128.2 P2p
SW2#show spanning-tree vlan 1 VLAN0001 Spanning tree enabled protocol ieee Root ID Priority 32769 Address 5254.0001.8590 Cost 4 Port 2 (GigabitEthernet0/1) Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Bridge ID Priority 32769 (priority 32768 sys-id-ext 1) Address 5254.0009.c349 Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Aging Time 300 sec Interface Role Sts Cost Prio.Nbr Type ------------------- ---- --- --------- -------- -------------------------------- Gi0/0 Desg FWD 4 128.1 P2p Gi0/1 Root FWD 4 128.2 P2p
SW3#show spanning-tree vlan 1 VLAN0001 Spanning tree enabled protocol ieee Root ID Priority 32769 Address 5254.0001.8590 Cost 4 Port 1 (GigabitEthernet0/0) Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Bridge ID Priority 32769 (priority 32768 sys-id-ext 1) Address 5254.0018.c10d Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Aging Time 300 sec Interface Role Sts Cost Prio.Nbr Type ------------------- ---- --- --------- -------- -------------------------------- Gi0/0 Root FWD 4 128.1 P2p Gi0/1 Altn BLK 4 128.2 P2p Gi0/2 Desg FWD 4 128.3 P2p
SW1 is the root bridge and SW3 has blocked its interface to SW2.
VRRP
Here is the current state of our VRRP group:
SW1#show vrrp Vlan1 - Group 1 State is Backup Virtual IP address is 192.168.1.254 Virtual MAC address is 0000.5e00.0101 Advertisement interval is 1.000 sec Preemption enabled Priority is 100 Master Router is 192.168.1.2, priority is 100 Master Advertisement interval is 1.000 sec Master Down interval is 3.609 sec (expires in 3.043 sec)
SW2#show vrrp Vlan1 - Group 1 State is Master Virtual IP address is 192.168.1.254 Virtual MAC address is 0000.5e00.0101 Advertisement interval is 1.000 sec Preemption enabled Priority is 100 Master Router is 192.168.1.2 (local), priority is 100 Master Advertisement interval is 1.000 sec Master Down interval is 3.609 sec
SW1 is the backup, SW2 is the master.
Conclusion
Although this will work without issues, you have to realize how STP might affect your topology and could introduce sub-optimal routing.