cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
661
Views
6
Helpful
6
Replies

Mac Mobility in VxLAN

Hello Community,

Hope this all finds you well. I have a scenario which I have attached with this discussion.
So, I have hosts connected to the vtep' s as per the topology and I can ping from host A to B and vice-versa.
Now if my host due to V-motion moves from vtep1 to vtep 2. How does host B knows that host A is no longer present of on vtep 1.
Does, the VEP2 where the host A has been moved send's a BGP update message for that? And what if my host A is not able to send any kind of discover messages like arp, garp, DHCP. What in that scenario?
Also, what is the aging timer for the mac entries for the local learned mac and remote learned mac on the VTEP's?

3 Accepted Solutions

Accepted Solutions

Dawei
Cisco Employee
Cisco Employee

Dear Suprit,

  • When Host A moves from VTEP1 to VTEP2, VTEP2 will learn the MAC address of Host A on its local interface(Most require GARP to trigger MAC learn on VTEP2).
  • VTEP2 will then send a BGP EVPN Route Type 2 (MAC/IP Advertisement) message to the BGP EVPN control plane, advertising that it is now the new location for Host A’s MAC address.
  • This advertisement includes a MAC mobility sequence number, which is incremented each time the host moves. This helps other VTEPs determine the most current location of the MAC address.
  • If host A is unable to send any kind of discovery messages such as ARP, GARP, or DHCP after move to VTEP2, traffic will still be sent to VTEP1, which will cause a traffic blackhole. If there is an ARP request for Host A in the Layer 2 network, and Host A replies to the request, this may trigger network recovery, because VTEP2 will know that Host A is directly connected. Otherwise, the reachability to HostA will be restored only when ARP/MAC times out on VTEP1.

View solution in original post

Dawei
Cisco Employee
Cisco Employee

1. The default MAC address aging time is 1800 seconds, while the default ARP timeout is 1500 seconds.
2. This means that the ARP will timeout first, causing VTEP1 to withdraw the host route for Host A.
3. During this time, if there is any traffic going to Host A, it will trigger an ARP request.
4. If Host A is still active, it will respond to the ARP request, allowing VTEP2 to learn the IP and MAC address of Host A. VTEP2 will then advertise the host route to other VTEPs.

In the worst case scenario, the network should be restored within 25 minutes.

View solution in original post

1. Yes, GARP needs to be broadcasted within the L2 domain in order to update other hosts in the same VXLAN segment. 

2.  The `ARP request` is flooded to other VTEPs or not, depending on the ARP suppression. You can refer to this document:
https://www.cisco.com/c/en/us/products/collateral/switches/nexus-9000-series-switches/guide-c07-734107.html

3. Not sure, but in most cases ARP can trigger MAC learn. However, please note that GARP can only update ARP but cannot trigger ARP learning as a new entry.

View solution in original post

6 Replies 6

Dawei
Cisco Employee
Cisco Employee

Dear Suprit,

  • When Host A moves from VTEP1 to VTEP2, VTEP2 will learn the MAC address of Host A on its local interface(Most require GARP to trigger MAC learn on VTEP2).
  • VTEP2 will then send a BGP EVPN Route Type 2 (MAC/IP Advertisement) message to the BGP EVPN control plane, advertising that it is now the new location for Host A’s MAC address.
  • This advertisement includes a MAC mobility sequence number, which is incremented each time the host moves. This helps other VTEPs determine the most current location of the MAC address.
  • If host A is unable to send any kind of discovery messages such as ARP, GARP, or DHCP after move to VTEP2, traffic will still be sent to VTEP1, which will cause a traffic blackhole. If there is an ARP request for Host A in the Layer 2 network, and Host A replies to the request, this may trigger network recovery, because VTEP2 will know that Host A is directly connected. Otherwise, the reachability to HostA will be restored only when ARP/MAC times out on VTEP1.

@Dawei, Thanks for clearing out my doubt. Also, do you  know what's the mac aging timer in this case? If host A moves from VTEP1 to VTEP2, how long VTEP1 will keep the entry of host A?

Dawei
Cisco Employee
Cisco Employee

1. The default MAC address aging time is 1800 seconds, while the default ARP timeout is 1500 seconds.
2. This means that the ARP will timeout first, causing VTEP1 to withdraw the host route for Host A.
3. During this time, if there is any traffic going to Host A, it will trigger an ARP request.
4. If Host A is still active, it will respond to the ARP request, allowing VTEP2 to learn the IP and MAC address of Host A. VTEP2 will then advertise the host route to other VTEPs.

In the worst case scenario, the network should be restored within 25 minutes.

@Dawei, So, just a follow up question as GARP came into picture.
I was trying one more scenario where I have two hosts connected on same VTEP and both the host (host A and host B) are in same vlan.
Now each host is sending the GARP and that is getting encapsulated in the VXLAN segment? Does that supposed to happen? Also, when I try to ping from host A to host B the initial arp is also getting encapsulated in the VXLAN segment. It should not happen right? As the traffic is local to the VTEP. Also, what I found is that when the GARP is being sent by both the host. It reaches the VTEP, but VTEP does not make the entry of the mac address of the host which is being sent in garp. Is that a bug as I am using nexus 9K virtual images. 

1. Yes, GARP needs to be broadcasted within the L2 domain in order to update other hosts in the same VXLAN segment. 

2.  The `ARP request` is flooded to other VTEPs or not, depending on the ARP suppression. You can refer to this document:
https://www.cisco.com/c/en/us/products/collateral/switches/nexus-9000-series-switches/guide-c07-734107.html

3. Not sure, but in most cases ARP can trigger MAC learn. However, please note that GARP can only update ARP but cannot trigger ARP learning as a new entry.

Thanks for clearing all the doubts @Dawei 

Review Cisco Networking for a $25 gift card