Basically vPC doesn't like if the traffic passes by the vPC peer-link. By default, this kind of traffic might be dropped as a loop avoidance mechanism in NX-OS. Loop avoidance does not enable traffic received on a vPC peer-link to be forwarded out a vPC interface.
vPC peer-gateway allows the active router to forward packets destined for a destination MAC address of the peer router, instead of passing it through the peer-link to the non active router.
Some load balancers do not always follow the routing table, for example, F5, upon checking F5 website and looks like it's called "Auto Last Hop" feature. Taken from F5 website
(http://support.f5.com/kb/en-us/solutions/public/13000/800/sol13876.html):
Auto Last Hop is a setting that allows the BIG-IP system to track the source MAC address of incoming connections and return traffic from pools to the source MAC address, regardless of the routing table.
So in layman terms, it would seem that F5 simply swap source and destination MAC address with this feature enabled.
Apparently other vendor is using similar technology (with different names), eg EMC though I don't use EMC in my day work.
Configuration:
NX-DC1(config)#vpc domain 1
NX-DC1(config-vpc-domain)# peer-gateway
No comments:
Post a Comment