< Home

vrrp virtual-mac enable

Function

The vrrp virtual-mac enable command enables the virtual MAC address function on the interface.

The undo vrrp virtual-mac enable command disables the virtual MAC address function on the interface.

Format

vrrp virtual-mac enable [ virtual-router-ID ]

undo vrrp virtual-mac enable

Parameters

Parameter Description Value
virtual-router-ID Specifies the ID of a VRRP group. The value is an integer ranging from 1 to 255.

Views

Ethernet interface view, Ethernet sub-interface view, Eth-Trunk interface view, Eth-Trunk sub-interface view, VLANIF interface view

Default Level

2: Configuration level

Usage Guidelines

By default, the virtual MAC address function is disabled.

After the virtual IP address of the VRRP group is specified, the device generates a virtual MAC address based on the VRID. The format of the MAC address is 00-00-5E-00-01-{ virtual-router-ID }. Each virtual-router-ID corresponds to one virtual MAC address only.

Usage Scenario

By default, the FW encapsulates service packets using the actual MAC address of the interface for Layer-3 service packet forwarding. Because the FW uses the actual MAC address for packet encapsulation, problems may occur in certain scenarios. For example, if the upstream or downstream device of the FW is a Layer-4 switch that establishes a connection status table similar to the session table, the source MAC address of the packet sent from the FW is recorded in the connection status table. When sending a packet, the Layer-4 switch directly fills in the destination MAC address of the packet with the MAC address recorded in the connection status table, which is the actual MAC address of the interface on the FW, and then sends the packet. When the master/slave switchover occurs, the Layer-4 switch does not automatically update the MAC address in the connection status table, and packets are still sent to the original master device, causing service interruption.

In the previous scenario, you can enable the virtual MAC address function on the interface. In so doing, all packets sent by the interface of the FW are encapsulated with the virtual MAC address and the Layer-4 switch also records the virtual MAC address. When the master/slave switchover occurs, the source MAC address of service packets does not change, and packets sent from the Layer-4 switch are also correctly forwarded to the new master device, without service interruption.

Precautions

  • Heartbeat interfaces cannot have the virtual MAC address function enabled.

  • IPv6 capability cannot be set for interfaces on which this command is executed. Similarly, this command cannot be executed on interfaces with IPv6 capability.

  • The configuration methods of parameter virtual-router-ID differ in the mirroring and non-mirroring modes:

    • In non-mirroring mode, parameter virtual-router-ID is unavailable. If this parameter is specified, the command fails to be delivered. After the vrrp virtual-mac enable command is executed, the FW automatically selects the VRRP ID of the first active VRRP group on the interface and generates a virtual MAC address for the interface based on the VRRP ID.
    • In mirroring mode, parameter virtual-router-ID is mandatory. The FW generates a virtual MAC address based on the virtual-router-ID value for the interface.

Example

# Enable the virtual MAC address function on GigabitEthernet 0/0/1.

<sysname> system-view
[sysname] interface GigabitEthernet 0/0/1
[sysname-GigabitEthernet0/0/1] vrrp virtual-mac enable
Parent Topic: Hot Standby Configuration Commands
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
< Previous topic Next topic >