A comparison of virtual ip commands

The ‘ip virtual-router’ command Switch1:   Switch1(config)#interface vlan 10   Switch1(config-if-Vl10)#ip address 10.0.0.2/24   Switch1(config-if-Vl10)#ip virtual-router address 10.0.0.1   Switch1(config)#ip virtual-router mac-address 00:1c:73:00:00:99 Switch2:   Switch2(config)#interface vlan 10   Switch2(config-if-Vl10)#ip address 10.0.0.3/24   Switch2(config-if-Vl10)#ip virtual-router address 10.0.0.1   Switch2(config)#ip virtual-router mac-address 00:1c:73:00:00:99 The ‘ip virtual-router address’ command requires an IP address to be configured on the SVI where it is applied. How does the host resolve ARP for the default gateway/vIP? Gratuitous ARPs: Gratuitous ARPs are periodically sent from both switches which have VARP configured. In the gratuitous ARPs the configured vMAC is used as the Ethernet Source MAC. The ARP message  informs the host that Virtual IP...
Continue reading →

VARP – IP router not configured with MLAG peer MAC address

Hi forum, I have configured VARP on four 7050QX with 4.16.6M using the following config: <pre>ip virtual-router mac-address 00:1c:73:00:00:99 interface vlan 999 ip address 192.168.99.2/24 ip virtual-router address 192.168.99.1</pre> The virtual IP is pingable, but what does “IP router is not configured with Mlag peer MAC address” means in the output below? <pre>spine1(config)#sh ip virtual-router IP virtual router is configured with MAC address: 001c.7300.0099 IP router is not configured with Mlag peer MAC address MAC address advertisement interval: 30 seconds Protocol: U – Up, D – Down, T – Testing, UN – Unknown NP – Not Present, LLD – Lower...
Continue reading →

VARP not working on a VRF VLAN interface

I am running vEOS (4.14.5F) in a Lab environment and have set up a simple config of two switches connected via a single virtual hypervisor interface as an MLAG peer link. Each switch has 3 VLAN interfaces and I have configured VARP on them which works fine (show ip virtual-router displays all VARP links). When I place the VLAN interfaces into a VRF and add the ip address and ip virtual-router address back to the interface, VARP no longer works (show ip virtual-router displays an empty list). Below is a copy of the simple config for each switch I am...
Continue reading →

VARP Issue duplicate packets

I am trying to setup VARP in a test LAB and I am getting some weird results when I initiate a ping.  Currently I have MLAG configured between switches Spine-1 and Spine-2. Both interfaces on Switch1 are part of the MLAG on Spine-1 and Spine-2. On Spine-1 and Spine-2 I have SVI Vlan100 configured with VARP. The issue is when send a ping from Switch1 towards the virtual-router address which is 111.111.111.4 I get a replies back but with duplicate packets. I understand that from VARP perspective both switches reply but how can I stop the duplicate packets? Below is...
Continue reading →

Active-active router redundancy using VARP

In most of Leaf-Spine deployments, redundancy in Spine layer is required to achieve high availability and to prevent network service disruption. Modern layer 2 networks adopted loop-free and balanced path networks using Multi Chassis Link Aggregation topologies with LACP port channels, leaving loop control methods (STP) as second protection layer. Spines also supports layer 3 networks, using ECMP in a scalable network topology. For unicast redundancy in layer 3, a common method is use First Hop Router Redundancy (FHRR) to provide a simple and unique gateway for Leaf level. VRRP and HRSP are popular FHRR protocols and supported in most...
Continue reading →