Posted on July 6, 2016 1:56 pm
 |  Asked by Lukas Hubschmid
 |  8982 views
RESOLVED
0
0
Print Friendly, PDF & Email

Hi forum,

I have configured VARP on four 7050QX with 4.16.6M using the following config:

<pre>ip virtual-router mac-address 00:1c:73:00:00:99
interface vlan 999
ip address 192.168.99.2/24
ip virtual-router address 192.168.99.1</pre>

The virtual IP is pingable, but what does “IP router is not configured with Mlag peer MAC address” means in the output below?

<pre>spine1(config)#sh ip virtual-router
IP virtual router is configured with MAC address: 001c.7300.0099
IP router is not configured with Mlag peer MAC address
MAC address advertisement interval: 30 seconds

Protocol: U – Up, D – Down, T – Testing, UN – Unknown
NP – Not Present, LLD – Lower Layer Down

Interface       Vrf           Virtual IP Address       Protocol       State
————— ————- ———————— ————– ——
Vlan999         default       192.168.99.1             U              active</pre>

KR & Thanks,

Lukas

0
Posted by Lokesh Charora
Answered on July 6, 2016 2:29 pm
This is peer mac gateway feature.This feature is allowing the both router in MLAG setup to answer to both mac (Mac from router A and mac from router B) and the vARP one.
This is used in case of some appliance (F5 and NetApp by example) are not taking care about ARP request in their session table, but use the source mac they did receive in the request.
This is causing our vARP to be not optimised in case of failover as flows are sent back by appliance to physical mac address.
TOI 4.15.2F
Marked as spam
2
Posted by Pradeep
Answered on July 6, 2016 2:40 pm

In an MLAG setup, routing on a switch (MLAG peer) is possible using its own bridge/system MAC, VARP MAC or VRRP MAC. When a peer receives an IP packet with destination MAC set to one of the aforementioned MACs, the packet gets routed if the hardware has enough information to route the packet.

Before EOS 4.15.0F, the following behavior was observed if the destination MAC is peer’s bridge MAC -

the packet is L2 bridged on the peer-link and the routing takes place on the peer. This behavior to use the peer-link to bridge the L3 traffic to the peer is undesirable especially when the MLAG peers can route the packets themselves.

This Arista EOS feature is particularly useful to optimize traffic path with some other vendors dual-homing to an Arista MLAG pair. Some 3rd party vendors send traffic to an Arista MLAG peer’s physical MAC instead of a virtual MAC shared by both MLAG peer. If either Arista Peer1 or Peer2 receive traffic destined to the virtual MAC address, any of the two can route traffic. However, if the traffic is destined to physical MAC (e.g. Arista Peer1 MAC), and traffic arrives on Peer2 first, then Peer2 would previously not be able to route it, but instead bridge it across the MLAG peer-link towards Peer1.

With this Arista EOS feature, 3rd party vendors can continue sending the traffic to the physical MAC cached in their session table and the MLAG peers (Arista Peer1 and Arista Peer2) will be able to route the traffic if they receive packets with either peer’s physical MAC.

 

This feature can be enabled by using the following CLI in the configuration mode.

Switch(config)# ip virtual-router mac-address mlag-peer

If this feature is enables you will see IP router configured with MLAG peer mac-address.

0
Posted by Alexandru
Answered on July 6, 2016 2:51 pm

Hi Lukas,

The VARP configuration looks good and it should be working as expected.

The ” IP router is not configured with Mlag peer MAC address”  message is a result of the MLAG peer gateway check. The feature allows the MLAG peers to route the IP packets themselves if they see that the frame is addressed to its peer, thus avoiding sub-optimal path and having traffic pass through the peer-link.

You can read more about this feature using the following link: https://eos.arista.com/eos-4-15-2f/mlag-peer-gateway/

Post your Answer

You must be logged in to post an answer.