Forum Discussion

dragonflymr's avatar
dragonflymr
Icon for Cirrostratus rankCirrostratus
May 19, 2015

VRRP/HSRP and auto last hop tunning - why necessary?

Hi,   I have to be missing something important here as I can not at all understand why actions described in SOL9487: BIG-IP support for neighboring VRRP/HSRP routers are required.   My understa...
application delivery
availability
deployment
design
LTM
TMOS
Alexander_Keup1's avatar
Alexander_Keup1
Icon for Nimbostratus rankNimbostratus
Dec 28, 2015

Hi Piotr,

 

yes your assumption 2 is not correct. HSRP e.g. uses it's physical router MAC as source not the virtual MAC associated with the VIP. It gets even worse when using Cisco's vPC. In this case you will see all physical MACs as source depending which physical device forwards the packet. They behave like active/active for sending packets regardless which one is active for the group an owns the VIP.

 

IMHO the default setting using auto last hop is kind of dangereous as it is not compatible with HSRP, VRRP, ClusterXL which are used in many environments. Why not just use the routing table which will allways forward return traffic to the VIPs MAC? It's not as smart but won't lead to problems where admins don't know the details about redundancy protocols...

 

Cheers

 

Alex

 

  • dragonflymr's avatar
    dragonflymr
    Icon for Cirrostratus rankCirrostratus
    Dec 28, 2015
    Hi, Thanks a lot. Very valuable info. To be on safe side I do disable global Auto Last Hop for installations when this technologies are involved. Piotr