Wednesday, August 27, 2014

Configuring Arista - VARP aka Virtual ARP

Traditional FHRP (First Hop Redundancy Protocol) such as VRRP or HSRP allows only one gateway to forward at any given point in time. There is an 'Active' forwarder while the other forwarder stays in standby mode monitoring and only to become 'Active' when there is a failure on the 'Active' node. VARP or Virtual ARP (Arista's proprietary) solves this issue elegantly by allowing all configured nodes to be forwarding traffic rather the one of the node sitting idle. In this blogtorial we will configure and verify VARP and since there is not really much to the configuration, this 'how-to' should be a quick one. If you need a primer on FHRP such HSRP/VRRP/GLBP/IRDP please see my other blogtorials here.

Consider this topology with a traditional FHRP deployed such as VRRP.


As you can see even though traffic might end up on MLAG-2 switch the traffic still needs to traverse the port-channel and get routed by MLAG-1 since that's the FHRP primary/active switch. Now consider the same topology with VARP enabled.


Let's get into the configuration.

 mlag-1#   
  interface vlan 101  
   ip address 172.20.101.252    
   ip virtual-router address 172.20.101.254  
  interface vlan 102  
   ip address 172.20.102.252    
   ip virtual-router address 172.20.102.254  

  ip virtual-router mac-address 00:1c:73:01:01:01  

 mlag-2#  
  interface vlan 101  
   ip address 172.20.101.253    
   ip virtual-router address 172.20.101.254  
  interface vlan 102  
   ip address 172.20.102.253    
   ip virtual-router address 172.20.102.254  

  ip virtual-router mac-address 00:1c:73:01:01:01  

ip virtual-router address under the interface config enables VARP mode for that VLAN interface.

ip virtual-router mac-address sets the mac-address to be used for GARP (Gratuitous ARP). No packets will ever be sourced from this mac-address.

 mlag-1#show ip virtual-router  
 IP virtual router is configured with MAC address: 001c.7301.0101  
 MAC address advertisement interval: 30 seconds  
 Interface   IP Address       Virtual IP Address   Status   Protocol  
 Vlan101  172.20.101.252/24    172.20.101.254      up        up  
 Vlan102  172.20.102.252/24    172.20.102.254      up        up 
 
 mlag-2#show ip virtual-router  
 IP virtual router is configured with MAC address: 001c.7301.0101  
 MAC address advertisement interval: 30 seconds  
 Interface   IP Address       Virtual IP Address   Status   Protocol  
 Vlan101  172.20.101.253/24    172.20.101.254      up        up  
 Vlan102  172.20.102.253/24    172.20.102.254      up        up  

Notice the significant advantages of VARP. All routers are forwarding and there is one less extra hop for some of the packets.

What are your thoughts on VARP?

Many more articles to come so ....

Please subscribe/comment/+1 if you like my posts as it keeps me motivated to write more and spread the knowledge.

2 comments:

  1. Have you put this in a Live network with high traffic rate? I'm wondering of the implication of this set-up on packet arriving out of sync and tcp-retransmission rate in the network..

    Normally, MLAG with FHRP always cause issues when a node fails due to MAC/ARP table blackhole. This VARP does solve that issue.

    ReplyDelete
    Replies
    1. Yes I have put this to test in a Live network pushing 100Gbps+. TCP and other protocols should take care of ordering of packets. I am not sure how tcp-re-transmission would come into place.

      Delete