Virtual IP address, also known as a VIP. Routers in a VRRP cluster share a VIP.

This allows hosts to use alternate paths through the network without the need to configure those paths explicitly. It also creates redundancy, as an individual router need not be a 'single point of failure' in the network. This redundancy is particularly important for default routes, where failure of a router might otherwise be a catastrophic event on a network.

A virtual router is an abstract object, managed by the VRRP process. It is defined by its virtual router ID (the group identifier of the set of routers that forms the virtual router).

The virtual router presents its VIP to the network. Hosts on the network are configured with a route to direct packets to the VIP rather than to the IP addresses of the real interfaces.

The virtual router uses the group identifier to construct a virtual MAC address from a standard MAC prefix (specified in the VRRP standard) plus the group identifier. ARP or Neighbor Discovery requests for the VIP are resolved to the virtual MAC address, which 'floats' between physical routers, depending on which router is acting as the master router for the virtual router. If the master router fails, the backup router is brought into service by using the virtual MAC address and VIP of the virtual router. In this way, service can continue around a failed gateway to hosts on the LAN — which means that the host default route does not change.

The master router forwards packets for local hosts and responds to ARP requests, neighbor solicitations, ICMP pings, and IP datagrams that are directed to the VIP.

Backup routers remain idle, even if they are healthy.

Where ARP requests, pings, and datagrams are made to the real IP address of an interface, the interface responds in the normal way.