Voyager Reference Guide 461assume failure if they have not received an Advertisement within three HelloIntervals. They then elect a new master of the Virtual router, based on theirrelative priorities.Authentication MethodsVRRP is designed for a range of internetworking environments that mayemploy different security policies. The protocol includes severalauthentication methods to protect against attacks from remote and localnetworks.Independent of any authentication type, VRRP includes a mechanism (settingTTL=255, checking on receipt) that protects against remote networksinjecting VRRP packets. This limits vulnerability to local attacks.The supported authentication methods include the following:! No AuthenticationThis authentication type means that VRRP protocol exchanges are notauthenticated. This method should be used only in environments where thereis minimal security risk and little chance for configuration errors (e.g., twoVRRP routers on a LAN).! Simple Text PasswordThis authentication type means that VRRP protocol exchanges areauthenticated by a simple clear-text password.This method is useful to protect against accidental misconfiguration of routerson a LAN. It also protects against routers inadvertently backing up anotherrouter. A new router must first be configured with the correct password beforeit can run VRRP with another router. This type of authentication does notprotect against hostile attacks where the password can be learned by a nodesnooping VRRP packets on the LAN. The Simple Text Authenticationcombined with the TTL check makes it difficult for a VRRP packet beingfrom another LAN to disrupt VRRP operation.This type of authentication is recommended when there is minimal risk ofnodes on a LAN actively disrupting VRRP operation.
