[c-nsp] HSRP to VRRP migration
Nick Hilliard
nick at foobar.org
Wed Mar 11 19:51:48 EDT 2015
On 11/03/2015 23:41, Cydon Satyr wrote:
> I understand a proper maintenance window should be ordered, but, could
> this be done with no downtime (or at least near 0, just so hosts update arp
> table)? Any ideas?
Have you labbed this up?
You haven't, because you haven't yet run into the problem that you cannot
send a gratuitous ARP using e.g. ping on the VRRP virtual IP address. The
reason you can't do this is that the virtual IP address is not defined as
an interface address, and ping on IOS can only use a real interface address
as the source IP address.
There are two workarounds for this:
1. use gratuitous arp spoofing from another host on the same LAN
2. define the vrrp IP address in test vrf. This fools ping into thinking
that the vrrf ip address is a real interface ip address, so it will allow
you to use it as a source IP address (yes, you're depending on a bug here).
I'd recommend labbing this up, doing the migration in a maintenance window
and announcing that there will be a small amount of downtime.
Nick
More information about the cisco-nsp
mailing list