Posted on March 17, 2016 1:37 pm
 |  Asked by Thananchai Panyatavahirun
 |  11034 views
4
0
Print Friendly, PDF & Email

what is different between “ip virtual-router address” and “ip address virtual” command?

3
Posted by Alex
Answered on May 17, 2016 3:31 pm

Hi Thananchai,  the ”ip address virtual” command is specific to a VXLAN routing deployment and is used to conserve IP address space.

In a VXLAN direct routing model, where each leaf switch will provide an Anycast gateway for all overlay subnets in the DC, there will  be a requirement to configure an IP interface on each leaf for every subnet. In a configuration model using VARP or VRRP, this would result in each leaf node consuming an IP address within the overlay subnet in addition to the shared Anycast gateway IP address. For example; with a /24 subnet mask and 252 leaf nodes, all 253 IP addresses of the subnet would be consumed just by the leaf switches and the Anycast IP address.

To conserve IP address space the “ip address virtual” concept is introduced. When a VLAN interface is configured with the ‘ip address virtual’ option, a virtual IP address is assigned without the need to configure a physical IP address on the interface.  With the “ip address virtual” representing the default gateway for the subnet and shared across all leafs,  only a single IP address is consumed for each subnet, rather than an IP address per leaf node

Further consideration when using the ”ip address virtual”  option

  • A Routing adjacency cannot be formed over an vlan interface configured with the ‘ip address virtual’.
  • In an MLAG configuration, ARP responses to the “virtual ip address” are synchronised with the MLAG peer, to ensure consistency between the MLAG peers.
  • NOTE: The synchronisation of ARP responses between MLAG peers is achieved via the VXLAN agent, hence the “virtual ip address” feature is only supported with a VXLAN configuration.

 

 

0
Posted by Philippe Bureau
Answered on May 17, 2016 4:03 pm

To add to Alex’s post.

ip virtual-router address is meant for non-VxLAN implementation of switches in MLAG.  It is an improvement of classic FHRP protocol.  Standard FHRP is based on active/standby model where traffic sent to standby peer will be forwarded to the active peer through the peer-link to be sent northbound.

Screen Shot 2016-05-17 at 11.59.48 AM

 

Arista vARP using ip virtual-router enables active/active  model for the top of rack switches peer in an MLAG pair.

With this configuration, the switch that receives traffic directly send it northbound.  Both switches present the same configured MAC address to the LACP neighbor.

Screen Shot 2016-05-17 at 12.01.42 PM

 

Hope this helps

Thanks

0
Posted by Kishan Patel
Answered on November 1, 2018 10:21 am

If I have an MLAG pair performing all L3 services (have all the SVIs using VARP) in each of my two datacenters and some of these vlans are VXLAN’d (all 4 of these switches have a vVTEP configured), should I be using “ip virtual-router address” or “ip address virtual”?
I currently have “ip virtual-router address”, are there any disadvantages in doing so?

I have read “https://eos.arista.com/virtual-ips-in-vxlan-and-need-for-vvtep/” but it does not make clear which I should be using.

As I only have 4 SVIs per vlan, IP space consumption is not much of an issue.

0
Answered on November 1, 2018 5:54 pm

Barring IP consumption, there's no disadvantage to using “ip virtual-router address” for the anycast gateway. Note that with EVPN as the control plane for VxLAN, currently the only supported anycast gateway option is “ip address virtual”.

Hi Naveen,

I think today vARP is supported in EVPN, at least for multicast over vxlan need (EVPN with Asymetric IRB / Gateways defined in the underlay). Hence, who can do more can do less, it should also work without multicast in an asymetric IRB setup. Are you only referring to an Symetric IRB setup (eg. with SVIs inside a VRF) ?

Could you confirmed ?

Thanks in advance.

(Alex Misbah at January 13, 2019 11:44 am)
0
Answered on January 15, 2019 8:18 am

Hi Alex,

Historically, EVPN IRB is supported only with “ip address virtual” anycast gateway as you can see under the limitations here:

https://eos.arista.com/eos-4-20-1f/evpn-irb/#Limitation

For supporting multicast, PIM adjacency needs real IP on the SVI. So, overlay anycast would have to be with vARP as you mentioned. There were some recent changes to support vARP with EVPN. You might want to contact your SE to know the specifics.

Note that the current Multicast + VxLAN solution is not supported with Symmetric IRB as you can see under the limitations.

https://eos.arista.com/eos-4-20-5f/multicast-in-vxlan-using-underlay/#Limitations

Overlay VRFs are mandatory today for S-IRB but the Multicast + VxLAN solution needs both underlay and overlay in default VRF.

Cheers
Naveen

Post your Answer

You must be logged in to post an answer.