Re: [VRRP] question about the primary IP address

[Cathy Zhou <Cathy.Zhou at Sun.COM>]

Don,

Thanks very much for your reply. See more inline:

> ARP packets involving the VR IP address should always, always map
> it to the VR MAC address, never ever to the physical MAC address.
> My implementation went out of its way to avoid any ARP packets
> mapping it to the physical MAC during system initialization before
> VRRP was started because such errant mappings caused us so much
> trouble.
>
> The VR IP address owner can use the address normally. It turns out
> that it can (and I would say should) use its physical MAC address as
> the source in all ethernet packets *except* the VRRP advertisements.
> In VR advertisements, it must use the VR MAC address as the source.
>
> Bridges will learn about both MAC addresses, but all IP traffic will
> be sent to the VR MAC address.
I see.

> By the way, personally, when I deployed VRRP, I found that an "owner"
> was more trouble than it was worth, so I always invented a new VR IP
> address that no one used except when they were the VR master, i.e.,
> an address that *wasn't* a real interface address anywhere.
... and the only purpose of this IP Address is being used as the source IP 
address in the VR advertisement?

What exactly problem did you see when you use one of the "owned" addresses 
to send the advertisement?

One more question regarding the read of section 7.4. In the IPv6 case, the 
primary link local IPv6 address used as the VR advertisement source 
address should be formed by the physical MAC addresses, is this correct? 
Also, it sounds like that the first protected IPv6 address embedded in the 
advertisement can be formed by the virtual MAC address?

Thanks
- Cathy

> -don
>
> -----Original Message-----
> From: vrrp-bounces at ietf.org [mailto:vrrp-bounces at ietf.org] On Behalf Of
> Cathy Zhou
> Sent: Thursday, April 16, 2009 2:22 PM
> To: vrrp at ietf.org
> Subject: [VRRP] question about the primary IP address
>
> Hi,
>
> I am trying to understand how this primary IP address works. In the
> draft 
> (vrrp-unified-spec-02), it says this IP address is "selected from the
> set 
> of real interface addresses". But this IP address is also used as the 
> source IP address for the VRRP protocol advertisement packets
> (multicast) 
> in which the mac address is set to the virtual MAC address.
>
> I don't understand how this would work without causing any confusion. If
>
> this is a real interface address, can it be used by any other
> application 
> other than the VRRP protocol? Do we suppose to respond to an ARP for
> this 
> IP address using the real physical MAC address? But the neighbor bridges
>
> would already learnt that this IP maps to the virtual MAC address from
> the 
> VRRP advertisement packet...
>
> Thanks
> - Cathy
> _______________________________________________
> vrrp mailing list
> vrrp at ietf.org
> https://www.ietf.org/mailman/listinfo/vrrp