The use of authentication type 0 indicates that VRRP advertisement messages are not authenticated (provides no authentication). The master transmitting VRRP advertisement messages transmits the value 0 in the egress messages authentication type field and the authentication data field. Backup virtual routers receiving VRRP advertisement messages with the authentication type field equal to 0 ignores the authentication data field in the message.
All compliant VRRP advertisement messages are accepted. The following fields within the received VRRP advertisement message are checked for compliance (the VRRP specification may require additional checks):
IP header checks specific to VRRP
IP header destination IP address – Must be 224.0.0.18
IP header TTL field – Must be equal to 255; the packet must not have traversed any IP routed hops
IP header protocol field – must be 112 (decimal)
VRRP message checks
Version field – Must be set to the value of 2
Type field – Must be set to the value of 1 (advertisement)
Virtual router ID field – Must match one of the configured VRIDs on the ingress IP interface (all other fields are dependent on matching the virtual router ID field to one of the interfaces configured VRIDparameters)
Priority field – Must be equal to or greater than the VRIDin-use priority or be equal to 0 (if equal to the VRIDin-use priority and 0, requires further processing regarding master/backup and senders IP address to determine validity of the message)
Authentication type field – Must be equal to 0
Advertisement interval field – Must be equal to the VRIDconfigured advertisement interval
Checksum field – Must be valid
Authentication data fields – Must be ignored
VRRP messages not meeting the criteria are silently discarded.