Target environment
- Check Point Gaia OS R81 Gateway
Check the status of VRRP
There is show vrrp interfaces as a command to check the status of VRRP.
The following is an example of the output content.
Output at gateway in Master state
CP81-GW01> show vrrp interfaces
VRRP Interfaces
Interface eth0
Number of virtual routers: 1
Flags: MonitoredCircuitMode
Authentication: NoAuthentication
VRID 10
State: Master Time since transition: 1204
BasePriority: 100 Effective Priority: 100
Master transitions: 1 Flags:
Advertisement interval: 1 Router Dead Interval: 3
VMAC Mode: VRRP VMAC: 00:00:5e:00:01:0a
Primary address: 10.1.10.11
Number of Addresses: 1
10.1.10.13
Monitored circuits
eth2 (priority 10)
Interface eth2
Number of virtual routers: 1
Flags: MonitoredCircuitMode
Authentication: NoAuthentication
VRID 20
State: Master Time since transition: 1204
BasePriority: 100 Effective Priority: 100
Master transitions: 1 Flags:
Advertisement interval: 1 Router Dead Interval: 3
VMAC Mode: VRRP VMAC: 00:00:5e:00:01:14
Primary address: 192.168.200.11
Number of Addresses: 1
192.168.200.13
Monitored circuits
eth0 (priority 10)output at gateway in Backup state
CP81-GW02> show vrrp interfaces
VRRP Interfaces
Interface eth0
Number of virtual routers: 1
Flags: MonitoredCircuitMode
Authentication: NoAuthentication
VRID 10
State: Backup Time since transition: 971
Master: 10.1.10.11
BasePriority: 95 Effective Priority: 95
Master transitions: 1 Flags:
Advertisement interval: 1 Router Dead Interval: 3
VMAC Mode: VRRP VMAC: 00:00:5e:00:01:0a
Primary address: 10.1.10.12
Master expire: 3
Number of Addresses: 1
10.1.10.13
Monitored circuits
eth2 (priority 10)
Interface eth2
Number of virtual routers: 1
Flags: MonitoredCircuitMode
Authentication: NoAuthentication
VRID 20
State: Backup Time since transition: 971
Master: 192.168.200.11
BasePriority: 95 Effective Priority: 95
Master transitions: 1 Flags:
Advertisement interval: 1 Router Dead Interval: 3
VMAC Mode: VRRP VMAC: 00:00:5e:00:01:14
Primary address: 192.168.200.12
Master expire: 2
Number of Addresses: 1
192.168.200.13
Monitored circuits
eth0 (priority 10)What is the Master expire of the Backup Gateway?
If you look at the command output above, you can see that only that of the Backup gateway has an item called Master expire.
This item means a countdown until a VRRP failover occurs. This number is decremented by 1 each time a VRRP Hello is not received from the Master gateway.
When this value reaches 0, a failover occurs and the Backup gateway transitions to the Master state.
Upon receiving a VRRP Hello from the Master gateway, the Master expire value is reset to 4.
Comments