Forum Discussion

Hadrien's avatar
Hadrien
Icon for Nimbostratus rankNimbostratus
Feb 02, 2015

Signaling Traffic Groups MAC Masquerade Addresses on every vlans

Hi,

 

I've yet to find an efficient way to do this.

 

I'm running on an active-active config (multiple traffic-groups) with multiple vlans, selfs and virtual servers listening on the box. In the particular case of a traffic flow hitting a vip of the viprion, the device will choose to respond using the mac-address of the vlan instead of the mac masquerade address of the traffic-group. This causes problems due to the lack of virtual mac advertisement. When the entry for the virtual mac in the mac address table on the connected switch/router expires, I am faced with all traffic from the router being broadcasted to all devices on the vlan.

 

Why isn't the virtual MAC address (mac masquerade) regularly advertised on the vlan in the same way that HSRP does with its multicasted hello packets ? In this way, all mac address tables of all the switches in all the connected vlans would have knowledge of the path to the viprion.

 

TMOS

2 Replies

Sort By
  • JRahm's avatar
    JRahm
    Icon for Admin rankAdmin
    Feb 02, 2015
    if the vip in question belongs to a traffic group with mac masquerade configured, other than a very narrow use case with etherIP tunnel packets it should work as expected. I'd recommend opening a case. Can you post back the resolution when your case concludes?
  • Hadrien's avatar
    Hadrien
    Icon for Nimbostratus rankNimbostratus
    Feb 03, 2015
    Hi, As per active-active function, the virtual address is in traffic-group-local-only. I think I'll open a case yes.