RFC Errata


Errata Search
 
Source of RFC  
Summary Table Full Records

RFC 9568, "Virtual Router Redundancy Protocol (VRRP) Version 3 for IPv4 and IPv6", April 2024

Source of RFC: rtgwg (rtg)
See Also: RFC 9568 w/ inline errata

Errata ID: 8298
Status: Verified
Type: Technical
Publication Format(s) : TEXT, PDF, HTML
Reported By: Quentin Armitage
Date Reported: 2025-02-17
Verifier Name: Jim Guichard
Date Verified: 2025-03-06

Section 7.1 says: 

    It MUST verify that the VRID is configured on the receiving
    interface and the local router is not the IPvX address owner
    (Priority = 255 (decimal)).

If any one of the above checks fails, the receiver MUST discard the
packet, SHOULD log the event (subject to rate-limiting), and MAY
indicate via network management that an error occurred.

It should say:

    It MUST verify that the VRID is configured on the receiving
    interface.

If any one of the above checks fails, the receiver MUST discard the
packet, SHOULD log the event (subject to rate-limiting), and MAY
indicate via network management that an error occurred.

It SHOULD verify that the local router is not the IPvX address owner
(Priority = 255 (decimal)) and log the event (subject to
rate-limiting) and MAY indicate via network management that a
misconfiguration was detected.

Notes:

Although it is clearly a configuration error, if two (or more) VRRP routers are configured as the address owner for the same VRID, if received VRRP packets are just dropped (as specified in section 7.1), all such routers will remain in Active state, will continue sending VRRP adverts, and will respond to ARP/ND requests. This will make communication with any VIP unachievable, or at best unreliable.

If the VRRP packets are not dropped, but processed in the normal way, in section 6.4.3 - "Active", following "If an ADVERTISEMENT is received", then:
. If the Priority in the ADVERTISEMENT is greater than the
local Priority or the Priority in the ADVERTISEMENT is equal
to the local Priority and the primary IPvX address of the
sender is greater than the local primary IPvX address (based
on an unsigned integer comparison of the IPvX addresses in
network byte order), then:
...
Transition to the {Backup} state

will cause all except one of the VRRP routers to revert to Backup state, and the VRRP instance will be stable.

Report New Errata



Advanced Search