CirrostratusHello,
Currently we are running version 11.5.1 with no Self IPs defined in the vIP VLANs/subnets. Traffic is flowing through the vIPs without any problems. During a failover, some vIPs are not available.
While reading , the article mentions as if there are no gARPs possible when we do not have any Self IPs defined in the vIP range and not have MAC Masquerading.
How is it possble that the failover (mostly) works?
AltostratusDear,
Failover is mostly working because the Virtual server address will be in a traffic group (floating). You can check this either by navigating to Local Traffic >> Virtual Servers >> Virtual Server List and click on the virtual server IP. Or
Navigate to Device Management >> Traffic Groups >> Click on Traffic Group and click on Failover Objects, there you should see the VIPs...
Regards,
Mohammed Shiraz
NimbostratusI had always attributed that to timing and traffic patterns. Possibly the upstream device's ARP cache expired (or was very close) for those VIPs prior to failover, so that newly-initiated traffic caused the upstream device to catch the correct MAC post-failover. If a VIP was configured to maintain sessions during a failover (such as connection mirroring), 'return' traffic would prompt the upstream device to catch the new MAC as well.
In the end I'd recommend MAC masquerading, as Kai Wilke did in your post on that subject. We had some failover issues that we suspect was the upstream device not receiving or not able to process the GARPs correctly. Masquerading effectively resolved that.