Ensuring high availability with VRRP

Kaspersky SD-WAN supports the Virtual Router Redundancy Protocol (VRRP) for combining network interfaces of multiple CPE devices into virtual routers. When network interfaces are combined into a virtual router, they share a virtual IP address. One network interface is primary and the others are secondary. A virtual IP address is assigned to the primary network interface.

Network interfaces in a virtual router exchange control packets to determine which network interfaces have failed. If a primary network interface fails, a new primary network interface is elected and the virtual IP address is assigned to that network interface. Traffic that was relayed to the virtual IP address through the failed network interface is automatically taken over by the new primary network interface.

You can create VRRP instances to combine network interfaces into virtual routers. When creating a VRRP instance, you must select a network interface and specify the Virtual Router ID (VRID) and virtual IP address. Network interfaces are combined into a virtual router if the same virtual router ID and virtual IP address are specified in the VRRP instances created for them.

If you need to synchronously change the primary network interface in multiple virtual routers, you can create groups of VRRP instances. If the primary network interface changes in one of the instances in the group, in all other instances in the group this change also occurs.