Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
7484
Views
0
Helpful
3
Replies

Single MAC address used to resolve multiple IP address's within the same Bridge Domain

Go to solution
cooperb01
Level 1
Level 1

‎11-10-2014 05:40 AM - edited ‎03-01-2019 04:47 AM

Hi

Each application tier within my DC is allocated a VLAN and subnet. The servers deployed in this VLAN use a firewall (Juniper) for their default gateway.

On the firewall I have a single physical interface that has multiple sub-interfaces associated to each of the tier vlans and an IP in the subnet used for the D/G.

The firewall uses the SAME MAC address for each of the sub-interfaces. 

I plan to remove the sub-interface off the firewall and create the IP under the bridge domain. But before I do this I would like to migrate everything onto the fabric and use the fabric as a layer 2 environment. Therefore I plan to create a single private network (vrf) on the fabric and a single BD. 

My question is, is it possible to have a single MAC address in the bridge domain that resolves to multiple IP addresses?

 

Thanks

Ben

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
dpita
Cisco Employee
Cisco Employee

‎11-10-2014 05:53 AM

Hello Ben,

Yes it is possible to have a single BD, single MAC resolve to a multiple IP. That said, there is a scale limit for now of 8 IPs to single MAC. This limit is overcome by having different BDs. How many IPs to single MAC are you looking at on your existing environment? I believe the next release on CCO (sometime between now and December) will include an update for up to 256 IPs to a single MAC if I'm not mistaken. 

Hope this helps Ben. Have a nice day

View solution in original post

0 Helpful
3 Replies 3

Go to solution
dpita
Cisco Employee
Cisco Employee

‎11-10-2014 05:53 AM

Hello Ben,

Yes it is possible to have a single BD, single MAC resolve to a multiple IP. That said, there is a scale limit for now of 8 IPs to single MAC. This limit is overcome by having different BDs. How many IPs to single MAC are you looking at on your existing environment? I believe the next release on CCO (sometime between now and December) will include an update for up to 256 IPs to a single MAC if I'm not mistaken. 

Hope this helps Ben. Have a nice day

0 Helpful

Go to solution
cooperb01
Level 1
Level 1
In response to dpita

‎11-10-2014 06:17 AM

Hi Daniel

Thanks for the quick response. 

We have approximatly 350 sub-interfaces currently deployed on the firewall, but it is good to know that the limit will change to 256 in December.

On a simular subject I have just deployed a service graph used for load balancing on a Netscaler Cluster. The deployment is based on inline. Does this limit the number of vservers used to 8? The Netscaler uses the same MAC address for all VIP's.

You can see from the file attached that vlan 65 (Netscalers external epg interface) has mac 00e0.ed0e.de84 with 4 VIP's - 10.221.79.112,40.40.40.98,40.40.40.101,1.1.1.1 forwarding via eth1/5. 

Thanks

Ben

 

 

Preview file
95 KB
0 Helpful

Go to solution
dpita
Cisco Employee
Cisco Employee
In response to cooperb01

‎11-10-2014 06:42 AM

Hello again, 

Here is the Bug in case you wanted to take a look: https://tools.cisco.com/bugsearch/bug/CSCuq37947

I am also tracking down a possible work around for the limit. Considering you will be using the Fabric as purely L2 and with a higher requirement than 256. I will reply to the thread when i confirm.

I am not sure on the Netscaler but i would assume it will have the same limit since some mac address and IP address is still being learned in hardware even if there is a logical entity (service graph) provided by the fabric to attach to an external device (Netscaler). 

0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card

Save 25% on Day-2 Operations Add-On License