01-08-2014 01:32 AM
Hi gyus.
I have a doubt with IP Adresses in BVI interfaces:
Thanks!
Solved! Go to Solution.
01-08-2014 08:00 AM
Hi David,
If you will not define an IP address on BVI, ACE won't get enabled and pass traffic. To initiate traffic, such as ARP requests, from the ACE or for management traffic, a bridge group requires an interface with an IP address on the same subnet. From user guide:
A BVI is associated with a corresponding bridge group to routed interfaces within the router but acts as a routed interface that does not support bridging. The BVI is assigned with the number of the associated bridge group. Only one BVI is supported for each bridge group. The MAC address of the BVI is the same as the addresses of the associated bridge-group interfaces. You must enable the BVI and the associated bridge-group interfaces to forward traffic.
You don't need an alias IP in HA deployment since ACE is not the DG of the servers.
Regards,
Kanwal
01-08-2014 08:00 AM
Hi David,
If you will not define an IP address on BVI, ACE won't get enabled and pass traffic. To initiate traffic, such as ARP requests, from the ACE or for management traffic, a bridge group requires an interface with an IP address on the same subnet. From user guide:
A BVI is associated with a corresponding bridge group to routed interfaces within the router but acts as a routed interface that does not support bridging. The BVI is assigned with the number of the associated bridge group. Only one BVI is supported for each bridge group. The MAC address of the BVI is the same as the addresses of the associated bridge-group interfaces. You must enable the BVI and the associated bridge-group interfaces to forward traffic.
You don't need an alias IP in HA deployment since ACE is not the DG of the servers.
Regards,
Kanwal
01-08-2014 09:05 AM
Ok!
Thank you so much Kanwal.
01-08-2014 09:11 AM
Hi David,
You do it on client side vlan. If you enable mac-sticky ACE will send the traffic back to device from where it received the traffic(used mostly in active-active FW SCENAIRO). You don't need it on server side since ACE will refer to connection table or sticky etc to send the traffic to same server. It doesn't make any difference to server if MAC-sticky is enabled on ACE.
Regards,
Kanwal
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide