VRRP Failover Speed

‎08-11-2020 09:42 AM

Hello, I was recently informed by a customer of ours that during a VRRP test they were seeing up to 45 seconds for the VRRP failover to complete.  I believe he was doing simple ping testing to determine this.  With this information I used a pair of ports on our EX4550's on the same devices in the same setup to verify this.  To my surprise, I did have similar results.  The first failover from master to backup was around 1-2 seconds nearly every time.  But the fail back from the new master VRRP back to the new backup when the interface is brought back up usually took between 15 seconds and up to 1 minute 10 seconds for a ping to come back.  These times are to the end device not the VRRP interfaces.  The VRRP backup interface itself took about 20 seconds to come back up which is still way to long. 

I've read about improving convergence of VRRP with removing the skew timer and delegrate process change.  Before I take a maintenance to change these I wonder if anyone else has changed these and what improvements were seen.  Based on the speeds I'm seeing I don't see how it can dramatically improve the failback speed.

Things I have tried is changing the interface to fast-interval 100ms with 3 misses before it fails over. 

Testing is just running set inter xx disable and enable on the master and running a ping every 1 second to the VIP, backup VRRP IP, and customer WAN IP. 


Devices in the setup 2 EX4550's connected to a L2 switch which has a Sonicwall firewall attached to the L2 switch as the customer IP. 

VRRP setup with 1 IP on the master and VIP is the same as that IP then the backup VRRP has its own IP. 

Attached are a few screenshots of the pings I was doing during the failback.  .142 is the VRRP backup IP and .130 is the WAN IP of the firewall. 


Were looking to do a hardware refresh in the future and I'm looking at QFX switches so I can provide active active connections.