Reference Guide
When the routing table across DCs is not symmetrical, there is a possibility of a routing miss by a DC that do not have the route
for the L3 traffic. Since routing protocols will enabled and both the DC’s comes in same subnet there will not be route
asymmetry dynamically. But if static route is configured on one DC and not on the other, it will result is asymmetry. Proxy
routing can still be achieved locally by configuring a static route or default gateway.
Guidelines for Configuring a VLT Proxy Gateway
Keep the following points in mind when you configure this functionality:
1. Proxy gateway is supported only for VLT i.e. across VLT domain.
2. The current design will not handle the asymmetric VLAN configuration scenarios such as same VLAN configured with L2
mode on one VLT domain and L3 mode on the other VLT domain. It is always required to configure same mode for the VLAN’s
across the VLT domain.
3. VLAN symmetry within a VLT domain is also to be maintained.
4. The connection between DC’s can only be a VLT.
5. Trace route across DC’s may possibly show extra hops.
6. Route symmetry has to be maintained across the VLT domains to ensure no traffic drops.
7. If the port-channel specified in the proxy-gateway command is not a VLT LAG then the configuration is rejected by CLI. The
VLT LAG cannot be changed to a legacy LAG when it is part of proxy-gateway.
8. LLDP port channel interface can’t be changed to legacy lag when proxy gateway is enabled.
9.“vlt-peer-mac transmit” is recommended only for square VLT without any diagonal links.
10. VRRP and IPv6 routing is not supported now.
11. With the existing hardware capabilities, only 512 my_station_tcam entries can be supported.
12. PVLAN not supported
13. After VM Motion, it’s expected that VM Host will send GARP in term, host previous VLT Domain will have mac movement
points to newer VLT Domain
14. After station move, it is expected that if host send TTL1 packet destined to its gateway i.e previous Vlt Node, the packet
may get dropped.
15. After station move, it’s expected that if host first PING its gateway (i.e previous VLT node) it would results in 40 to 60%
success rate considering it take long path
Configuring a VLT Proxy Gateway
The VLT proxy gateway feature can be configured in a VLT domain context using the cli command proxy-gateway LLDP.
You enter the proxy-gateway Configuration mode when you enter this command. The port-channel interface of the square VLT
link on which LLDP packets are to be sent is specified by peer-domain-link port-channel command.
On a proxy gateway interface configuration corresponding to LLDP, LLDP sets TLV flags on the interfaces for receiving and
transmitting private TLV packets. After defining these organizational TLV settings, LLDP encodes the proxy gateway TLVs
based on the organizational TLVs for transmitting to the peer. If you specify the no proxy gateway LLDP interface
command, LLDP stops transmitting and receiving proxy gateway TLV packets on the specified interfaces. However, other TLVs
are not affected. Because of the timing defined in the LLDP configuration and the operational state, LLDP periodically sends or
receives packets. However, the local DA updates may not be able to reach the destination on time. From the interfaces on
which proxy gateway LLDP is enabled, LLDP decodes TLV packets from the remote LLDP by using the new organizational TLV.
The following requirements must be satisfied for LLDP proxy gateway to function correctly:
● As LLDP is direct link protocol, Data Centers must be directly connected.
● LLDP has a limited TLV size. As a result, information that is carried by this new TLV is limited to only one or two MACs.
● Proper configuration and physical setup must be ensured on all related systems.
LLDP organizational TLV for proxy gateway
A new organizational TLV is defined for this purpose:
● LLDP will define an organizationally specific TLV (type 127) with organizationally unique identifier (0x0001E8) and
organizationally defined subtype (0x01) for sending or receiving this information.
● LLDP will use existing infrastructure but just adding this new TLV, and send and receive only on configured ports
832
VLT Proxy Gateway