Posted on September 21, 2021 6:11 pm
 |  Asked by Michael Witte
 |  93 views
RESOLVED
0
0
Print Friendly, PDF & Email

trying to put together a best practices guide for the field. Let me know if i am wrong with these as they have been found in different sources

VRRP should be used with non MLAG configurations

VRRP or VARP(using the “ip virtual-router address” and “ip virtual-router mac-address”)  should be used with MLAG. Whats the subnet option used ofr and should it always be used for MLAG installs?

anycast IP address (using the “in address virtual” and “ip virtual-router mac-address) should be used with VXLAN EVPN Direct Routing (Asymetrical IRB). However it also appears you can use the “ip virtual-router address” command you just need secondary IPs in the SVI’s

anycast IP address (using the “in address virtual” and “ip virtual-router mac-address) should be used with VXLAN EVPN INDirect Routing (symmetrical IRB).

0
Posted by Vijai Gopal
Answered on September 22, 2021 12:57 am

Hello Michael,

Thank you for posting your query on the EOSC forum. Please find my responses as follows:

1. VRRP is best suited for non-MLAG setups.

2. VARP is recommended (best suited) for MLAG setups. Since VRRP is "Active/Standby", it does not provide balanced data traffic distribution over Multi Chassis Link Aggregated topologies. Whereas, VARP is "Active/Active" provides better data traffic balancing and faster redundancy convergence, implementing active-active First Hop Router Redundancy to provide active/active unicast IP routing.

The primary benefit of this design is that all configured routers are active and are able to perform routing. L3 Anycast     Gateway also provides rapid failover in the event of a link or switch failure, while enabling the sharing of IP forwarding load between both switches.

You can refer to the following articles, that talk about VARP & its use cases.

https://eos.arista.com/active-active-router-redundancy-using-varp/

https://www.arista.com/en/um-eos/eos-varp

3. The subnet option (also called as Source ARP with virtual IP)  is a special feature of VARP. The purpose of this feature is to change the ARP request header’s source IP and source MAC address to the virtual IP and virtual MAC addresses.

This change occurs for all the ARP request packets originating from the router that match a configured virtual subnet. The VARP MAC address is used as the source MAC address, while the virtual IP address is based on the interface on which the packet goes out.

The subnet option is associated with VARP and is usually used with MLAG. Please refer to the following articles, that explains in detail about the feature.

https://eos.arista.com/eos-4-15-0f/source-arp-with-virtual-ip/

https://eos.arista.com/eos-4-24-2f/connected-routes-for-varp-subnets/

 

4. With respect to virtual IP configurations, we have two types :

# ip virtual-router address <x.x.x.x>

# ip address virtual <x.x.x.x/x>

Both needs a virtual Mac to be configured using the command "ip virtual-router mac-address <aaaa.bbbb.cccc>"

The difference between them is that "ip address virtual" does not need a physical IP to be configured under the interface and hence we can conserve IP address space. In a configuration model using VARP with "ip virtual-router address", it would result in each leaf node consuming an IP address within the overlay subnet in addition to the shared Anycast gateway IP address.

When an interface is configured with the ‘ip address virtual’ option, a virtual IP address is assigned without the need to configure a physical IP address on the interface.  With the “ip address virtual” representing the default gateway for the subnet and shared across all leafs,  only a single IP address is consumed for each subnet, rather than an IP address per leaf node.

5. For your questions regarding the usage of Virtual IPs in VxLAN & EVPN scenarios, "ip virtual-router address" is generally recommended for non-VxLAN / EVPN scenarios , while "ip address virtual" is specific to a VXLAN / EVPN routing deployment and is used to conserve IP address space.

https://eos.arista.com/eos-4-20-1f/evpn-irb/

Apart from the IP address con consumption, there is no harm in using "ip virtual-router address" for small scale VxLAN scenarios, but with EVPN as control plane, the supported anycast gateway option is “ip address virtual”.

For supporting multicast, PIM adjacency needs real IP on the SVI. So, overlay anycast would have to be with VARP (ip virtual-router address).

https://eos.arista.com/eos-4-20-5f/multicast-in-vxlan-using-underlay/

 

You can also refer to the following articles / forum link for understanding the difference between the virtual IPs and the need for vVTEP IP in a Vxlan environment.

https://eos.arista.com/forum/what-is-different-between-ip-virtual-router-address-and-ip-address-virtual-command/

https://eos.arista.com/a-comparison-of-virtual-ip-commands/

https://eos.arista.com/virtual-ips-in-vxlan-and-need-for-vvtep/

 

I hope the above information helps. Please feel free to reach out to support@arista.com for troubleshooting any issues and alternatively you can reach out to your Arista Accounts team for design related recommendations.

 

Regards,

Vijai Gopal

 

 

0
Posted by Michael Witte
Answered on September 22, 2021 3:06 pm

Thank you that exactly what i expected so im on the right track.

Post your Answer

You must be logged in to post an answer.