Press "Enter" to skip to content

Is Fortigate implementation of VRRP RFC compliant?

Last updated on December 26, 2018

        By looking at <a href="https://www.ietf.org/rfc/rfc3768.txt%20RFC3768" rel="nofollow">RFC 3768</a>, section 5.3.9 seems to indicate that indeed you should be able to configure more than one virtual IP in a single instance:
5.3.9.  IP Address(es)

   One or more IP addresses that are associated with the virtual router.
   The number of addresses included is specified in the "Count IP Addrs"
   field.  These fields are used for troubleshooting misconfigured
   routers.
What would you call a manufacturer that allows you to define secondary IPs on an interface/VLAN, but not in a VRRP instance on that interface? Instead, they say you should just create another instance. While that would work, interoperability with other gear may be at stake. We're talking about Fortinet, and all I ever hear from them is "our gear just works that way".

Be First to Comment

Leave a Reply

%d bloggers like this: