Posted on July 6, 2016 1:56 pm
 |  Asked by David
Print Friendly, PDF & Email

I’m curious if Arista has any published guidance on moving default gateways from HSRP/HSRPv3 to VARP with the least amount of disruption?  We’re obviously looking to retire some Cisco equipment in favor of Arista equipment for next hop from thousands of systems (mostly VM’s but some physical, none directly connected to the core).  Of course we move the actual gateway IP to the Arista side, but I’m trying to find a best practice for ensuring all hosts begin seeing it and have minimal downtime.  The client OS is all linux.

I’ve seen suggestions that switching the HSRP IP to something new would leave the old virtual MAC in place, so anything downstream that didn’t update, would at least retain connectivity via the old devices until it does get the new mac.

Was also curious if there’s any interaction between nodes in VARP, or if they’re all truly standalone,  hence, no point in having any type of authentication between gateways to play ball, and we just worry about the normal arp poisoning attacks downstream?


Posted by Mark Berly
Answered on July 6, 2016 5:15 pm

Assign the VARP and HSRP MAC address to the same value, gratuitous ARP(s) will be sent out to update everyones ARP cache, after that takes place which ever gateway gets data will route it. Between the VARP first hop routers there is no interaction so no need for authentication.

Post your Answer

You must be logged in to post an answer.