IOS 15.4(3)M8. I found out the hard way that as soon as any vrrp3 IPv6 group is enabled on an interface (and so a link-local VIP is created), router immediately stops sending out RAs from the physical link-local address and starts sending them from the VIP for any VRRP3 IPv6 group configured, and when it becomes BACKUP for that group, it immediately stops sending RAs. In my configuration, the Cisco is the designated backup.
This works absolutely fine if you run VRRP between routers, only the VRRP master sends RAs and that's great for failover, however this scenario is slightly different. VRRP is between Cisco and another device, and the purpose of this VRRP group is not routing, but serving an IPv6 fallback VIP for another purpose.
The Cisco router is a last-resort DNS server for the LAN. VRRP interop works fine. This is a remote office / CPE type setup, 890 series. The 890 can function as DNS forwarder / resolver, but it's notoriously slow at doing that, so there is a separate caching name server on the network. DNS is strictly controlled, so giving out public DNS servers is not an option. VRRP was set up so that when the caching name server is down, Cisco temporarily takes over.
Bit of a long shot and I appreciate that this is somewhat of an "exotic" configuration, but is anyone aware of an option to force RA transmission independently of VRRP, or at least disabling RA for certain VRRP groups?
I have put a workaround in place, which is defining a dummy extra vrrp3 IPv6 group where Cisco is always the master, but that is a hack: When the DNS server is offline, I have double RAs.
To participate in this event, please use the button to ask your questions
* Note: The link to join the discussion will be activated on March 8
All the knowledge of these four experts at your disposal!
Cisco Software-Defined Wide Area Network (SD-WAN...
Community Live- ISR1100X-4G and ISR1100X-6G Platform Overview and Architecture
(Live event - Tuesday, 23 March, 2021 at 10:00 am Pacific/ 1:00 pm Eastern / 7:00 pm Paris)-
This event will have place on Tuesday 23rd, March 2021 at 10:00 hrs PDT&...
Cisco Secure Network Access is helping IT to bridge the gap between what is essential to the business and what the network delivers and to build the next-generation campus network for an unplugged and uninterrupted experience.
Learn more about how these w...
(view in My Videos)
Community Live- New Additions to the Catalyst 8000 Family
(Live event - Tuesday, 23 February, 2021 at 10:00 am Pacific/ 1:00 pm Eastern / 7:00 pm Paris)-
This event had place on Tuesday 23rd, February 2021 at 10:00 hrs PDT...
This event had place on Tuesday 23rd, February 2021 at 10hrs PDT
Designed for an intent-based network, the Cisco Catalyst 8000 Edge Platforms family offers best-in-class networking and security combined. The platforms, available in b...