RFC 3768 section 6.4.3 states:
"MUST accept packets addressed to the IP address(es) associated with the virtual router if it is the IP address owner."
Which MAC address must be used to reply these packets? The real MAC address of the interface or the virtual one?
Best regards
In article , ghiggia wrote: :RFC 3768 section 6.4.3 states:
:"MUST accept packets addressed to the IP address(es) associated with the virtual :router if it is the IP address owner."
:Which MAC address must be used to reply these packets? The real MAC address of :the interface or the virtual one?
Section 8.2
When a host sends an ARP request for one of the virtual router IP addresses, the Master virtual router MUST respond to the ARP request with the virtual MAC address for the virtual router. The Master virtual router MUST NOT respond with its physical MAC address. This allows the client to always use the same MAC address regardless of the current Master router.
Section 8.3
If Proxy ARP is to be used on a VRRP router, then the VRRP router must advertise the Virtual Router MAC address in the Proxy ARP message. Doing otherwise could cause hosts to learn the real MAC address of the VRRP router.
If I have a Virtual Router with VRID=1 and virtual and real IP address=10.1.1.254, this is the owner. If an host ping the address 10.1.1.254 when the owner is active and master the ping reply must have the source MAC address
00-00-5E-00-01-01. Is it correct? The other MAC that can me used is the real MAC address of the interface, but this seems not compliant with VRRP RFC.Regards
In article , ghiggia wrote: :If I have a Virtual Router with VRID=1 and virtual and real IP :address=10.1.1.254, this is the owner. :If an host ping the address 10.1.1.254 when the owner is active and :master the ping reply must have the source MAC address :00-00-5E-00-01-01. Is it correct?
That's what the RFC says. 00-00-5E-00-01-VRID .
:The other MAC that can me used is the real MAC address of the :interface, but this seems not compliant with VRRP RFC.
Hey, I only know what the RFC tells us. But you've read the RFC, so I'm not sure why you are asking this question. Is there something particular about using the virtual MAC that is troubling you? Some aspect of it that you do not understand the RFC on? Or were you looking for a way to impliment VRRP -without- using the correct virtual MAC, such as for use in a setup where you could generate fairly arbitrary IP packets but were not able to control the source MAC ?
I'm implementing VRRP and during tests with another router I have seen that this reply to ping with the real MAC address of the interface. For me this is incorrect but I wonder if i am true.
Regards
Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.