Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

Configuring a Backup to Accept Packets Destined for the Virtual IP Address

By default, a switch configured to be a VRRP backup but acting as the primary does not process packets sent to the virtual IP address—that is, packets in which the destination address is the virtual IP address. To configure a backup switch to process packets sent to the virtual IP address while it is acting as the primary, include the accept-data statement on the backup:

You can include this statement at the following hierarchy level:

  • [edit interfaces interface-name unit logical-unit-number family inet address address vrrp-group] group-id

To explicitly prohibit the backup from accepting packets destined for the virtual IP address while acting as primary, include the no-accept-data statement:

If you include the accept-data statement, configure the connected hosts so that they:

  • Process gratuitous ARP requests.

  • Do not use packets other than ARP replies to update their ARP cache.

This statement is disabled by default. If you enable it, your configuration does not comply with RFC 3768.

To restrict incoming IP packets to ICMP only, you must configure firewall filters to accept only ICMP packets.