HP 6125G HP 6125G & 6125G/XG Blade Switches High Availability Command - Page 108

Examples # Map the virtual IP address of a VRRP group to the real MAC address of the interface. system-view [Sysname] vrrp method real-mac vrrp un-check ttl Syntax vrrp un-check ttl View undo vrrp un-check ttl Interface view Default level 2: System level Parameters None Description Use vrrp un-check ttl to disable TTL check on VRRP packets. Use undo vrrp un-check ttl to enable TTL check on VRRP packets. By default, TTL check on VRRP packets is enabled. The master of a VRRP group periodically sends VRRP advertisements to indicate its existence. The VRRP advertisements are multicast onto the local network segment and not forwarded by a router, and therefore the packet TTL value will not be changed. When the master of a VRRP group advertises VRRP packets, it sets the packet TTL to 255. After you configure to check the VRRP packet TTL, when the backups of the VRRP group receive VRRP packets, they check the packet TTL and drop the VRRP packets whose TTL is smaller than 255 to prevent attacks from other network segments. Because devices of different vendors might implement VRRP in a different way, when the device is interoperating with devices of other vendors, VRRP packet TTL check might result in dropping packets that should not be dropped. In this case, use the vrrp un-check ttl command to disable TTL check on VRRP packets. Examples # Disable TTL check on VRRP packets. system-view [Sysname] interface vlan-interface 2 [Sysname-Vlan-interface2] vrrp un-check ttl vrrp vrid authentication-mode Syntax vrrp vrid virtual-router-id authentication-mode { md5 | simple } [ cipher ] key undo vrrp vrid virtual-router-id authentication-mode 103