[c-nsp] FHRP selection within Nexus
Phil Mayers
p.mayers at imperial.ac.uk
Wed Nov 13 14:55:51 EST 2013
On 13/11/2013 19:03, Gert Doering wrote:
>> If an ARP request coming from a server arrives on the secondary HSRP
>> device, it is forwarded to the active HSRP
>> device through the peer link.
>
> "forwarding to the active HSRP device" and "only the active HSRP interface
> answers ARP request" doesn't particularily sound "active-active" to me :-)
>
> *This* is what happens on any 6500 that does HSRP on a SVI...
Dual-active HSRP on Nexus is where both devices will forward traffic
destined to the HSRP vMAC. To actually make traffic for one vMAC reach
both devices, it needs to come in via a vPC - what normal people call
multi-chassis link-agg.
IIRC (rather weirdly) the master still does the all the ARP replies...
So yes, Nexus will do dual-active HSRP, but only with vPC I think, and
as per my original email, vPC comes with a list of caveats that may, or
may not, be acceptable in any given environment.
[For myself, the Nexus vPC implementation seems a bit fragile and
hyper-specific about matching a lot parameters at both ends *just*
right. If that's necessary, the box should do it for you, not make you
do yet more typing]
It might be worth noting that, AIUI, Nexus will also do "local"
forwarding of the HSRP vMAC on OTV (which seems to be VPLS with all the
config hidden) using a similar mechanisms but OTV has even more caveats,
and I know of people for whom it's gone rather wrong...
Local forwarding of FHRP is really not magic - just make all routers
process IP traffic to the vMAC. I don't see why it fundamentally has to
rely on vPC - and maybe it doesn't - since you could jiggle STP costs to
make one Nexus forwarding for 1/2 switches and one for the other 1/2.
More information about the cisco-nsp
mailing list