Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
306
Views
1
Helpful
1
Replies

Query on vpc peer-gateway feature

Go to solution
mukundhm
Level 1
Level 1

‎10-02-2023 10:54 AM - edited ‎10-02-2023 12:37 PM

I have a query on vpn "peer-gateway" based on the best practices guide :

https://www.cisco.com/c/dam/en/us/td/docs/switches/datacenter/sw/design/vpc_design/vpc_best_practices_design_guide.pdf

The guide says "By enabling vPC Peer-Gateway functionality, each vPC peer device will replicate locally MAC address of interface  VLAN defined on the other vPC peer device with the G flag (Gateway flag)."

So based on my understanding, this feature will be useful , only when the two VPC peers have their own interface MAC address to be used as the default gateway MAC.

In my setup, I am using the "fabric forwarding mode anycast-gateway" under the interface which acts as default gateway on both the VPC peers. This means that on both VPC peers, the MAC address for default gateway interface is the same. So does "peer-gateway" actually help/applicable here?

Please let me know if additional info is needed if query isn't clear.

Thanks

Mukundh

 

 

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
f00z
Level 3
Level 3

‎10-04-2023 09:43 PM

I believe I posted something about this a while back but I can't find it.

  Peer gateway is a workaround and only useful to optimize traffic patterns if certain devices are used on the network that don't properly send traffic to the MAC address specified in the ARP.  Some older F5 and some SAN devices send traffic to the source MAC address instead of the ARP address. For example if switch 1 has macad 001 and switch 2 has macad 002  , both switches in mlag/vpc will have a virtual macaddr 0ABC and this virtual mac addr is what the devices are SUPPOSED to send traffic to, but some devices are broken and will send to the 001 002.  This peer-gateway tweak installs 002 macaddr in 001 and installs 001 in 002 so that they will both do layer3 lookups for traffic received with either one of the mac addrs. 

TLDR: It's a workaround and normally not used, as all traffic is directed to the virtual mac addr (hsrp/vrrp/varp/whatever). Unless you need it and know you need it , don't enable it.

 

 

View solution in original post

1 Reply 1

Go to solution
f00z
Level 3
Level 3

‎10-04-2023 09:43 PM

I believe I posted something about this a while back but I can't find it.

  Peer gateway is a workaround and only useful to optimize traffic patterns if certain devices are used on the network that don't properly send traffic to the MAC address specified in the ARP.  Some older F5 and some SAN devices send traffic to the source MAC address instead of the ARP address. For example if switch 1 has macad 001 and switch 2 has macad 002  , both switches in mlag/vpc will have a virtual macaddr 0ABC and this virtual mac addr is what the devices are SUPPOSED to send traffic to, but some devices are broken and will send to the 001 002.  This peer-gateway tweak installs 002 macaddr in 001 and installs 001 in 002 so that they will both do layer3 lookups for traffic received with either one of the mac addrs. 

TLDR: It's a workaround and normally not used, as all traffic is directed to the virtual mac addr (hsrp/vrrp/varp/whatever). Unless you need it and know you need it , don't enable it.

 

 

Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card