R0106-HP MSR Router Series High Availability Command Reference(V7)
22
Syntax
vrrp check-ttl enable
undo vrrp check-ttl enable
Default
TTL check for IPv4 VRRP packets is enabled.
Views
Interface view
Predefined user roles
network-admin
Usage guidelines
The master in an IPv4 VRRP group periodically sends VRRP advertisements to declare its presence. The
VRRP advertisements are multicast in the local subnet and cannot be forwarded by routers, so the TTL
value is not changed. When the master sends VRRP advertisements, it sets the TTL value to 255. If you
enable TTL check, the backups drop the VRRP advertisements with TTL other than 255, preventing attacks
from other subnets.
Devices from different vendors might implement VRRP differently. When the device is interoperating with
devices of other vendors, TTL check on VRRP packets might result in unexpected dropping of packets. In
this scenario, use the undo vrrp check-ttl enable command to disable TTL check on VRRP packets.
Examples
# Disable TTL check for IPv4 VRRP packets.
<Sysname> system-view
[Sysname] interface gigabitethernet 2/0/1
[Sysname-GigabitEthernet2/0/1] undo vrrp check-ttl enable
vrrp dot1q
Use vrrp dot1q to specify an IPv4 VRRP control VLAN for the subinterface configured with VLAN
termination.
Use undo vrrp dot1q to restore the default.
Syntax
vrrp dot1q vid vlan-id [ secondary-dot1q secondary-vlan-id ]
undo vrrp dot1q
Default
No VRRP control VLAN is specified. After you enable a subinterface that is configured with ambiguous
termination to transmit broadcast/multicast packets, the master sends VRRP advertisements within all
VLANs whose VLAN packets are configured to be terminated by the subinterface.
Views
Layer 3 Ethernet subinterface view, Layer 3 aggregate subinterface view
Predefined user roles
network-admin