cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2755
Views
0
Helpful
0
Replies

vrrp3 IPv6 + ND RA / IOS

smashtheblob
Level 1
Level 1

IOS 15.4(3)M8. I found out the hard way that as soon as any vrrp3 IPv6 group is enabled on an interface (and so a link-local VIP is created), router immediately stops sending out RAs from the physical link-local address and starts sending them from the VIP for any VRRP3 IPv6 group configured, and when it becomes BACKUP for that group, it immediately stops sending RAs. In my configuration, the Cisco is the designated backup.

 

This works absolutely fine if you run VRRP between routers, only the VRRP master sends RAs and that's great for failover, however this scenario is slightly different. VRRP is between Cisco and another device, and the purpose of this VRRP group is not routing, but serving an IPv6 fallback VIP for another purpose.

 

Background:

 

The Cisco router is a last-resort DNS server for the LAN. VRRP interop works fine. This is a remote office / CPE type setup, 890 series. The 890 can function as DNS forwarder / resolver, but it's notoriously slow at doing that, so there is a separate caching name server on the network. DNS is strictly controlled, so giving out public DNS servers is not an option. VRRP was set up so that when the caching name server is down, Cisco temporarily takes over.

 

Bit of a long shot and I appreciate that this is somewhat of an "exotic" configuration, but is anyone aware of an option to force RA transmission independently of VRRP, or at least disabling RA for certain VRRP groups?

 

I have put a workaround in place, which is defining a dummy extra vrrp3 IPv6 group where Cisco is always the master, but that is a hack: When the DNS server is offline, I have double RAs.

 

Thanks,

Chris

0 Replies 0
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco