Service Manual
Neighbor Solicitation from VLT Hosts
Consider a case in which NS for VLT node1 IP reaches VLT node1 on the VLT interface and NS for VLT node1 IP reaches VLT
node2 due to LAG level hashing in the ToR. When VLT node1 receives NS from VLT VLAN interface, it unicasts the NA packet
on the VLT interface. When NS reaches VLT node2, it is flooded on all interfaces including ICL. When VLT node 1 receives NS
on ICL, it floods the NA packet on the VLAN. If NS is unicast and if it reaches the wrong VLT peer, it is lifted to the CPU using
ACL entry. Then wrong peer adds a tunnel header and forwards the packet over ICL.
Neighbor Advertisement from VLT Hosts
Consider an example in which NA for VLT node1 reaches VLT node1 on the VLT interface and NA for VLT node1 reaches VLT
node2 due to LAG level hashing in ToR. When VLT node1 receives NA on VLT interface, it learns the Host MAC address on VLT
interface. This learned neighbor entry is synchronized to VLT node2 as it is learned on VLT interface of Node2. If VLT node2
receives a NA packet on VLT interface which is destined to VLT node1, node 2 lifts the NA packet to CPU using an ACL entry
then it adds a tunnel header to the received NA and forwards the packet to VLT node1 over ICL. When VLT node1 receives NA
over ICL with tunnel header it learns the Host MAC address on VLT port channel interface. This learned neighbor entry is
synchronized to VLT node2 as it is learned on VLT interface of Node2.
If NA is intended for a VLT peer and DIP is LLA of the peer, it is lifted to the CPU and tunneled to the peer. VLT nodes drop the
NA packet if the NA is received over ICL without a tunneling header.
Neighbor Solicitation from Non-VLT Hosts
Consider a sample scenario in which NS for VLT node1 IP reaches VLT node1 on a non-VLT interface and NS for VLT node1 IP
reaches VLT node2 on a non-VLT interface. When VLT node1 receives NS from a non-VLT interface, it unicasts the NA packet
on the received interface. When NS reaches VLT node2, it floods on all interfaces including ICL. When VLT node 1 receives NS
on the ICL, it floods the NA packet on the VLAN. If NS is unicast and if it reaches the wrong VLT peer, it is lifted to the CPU
using the ACL entry. Then the wrong peer adds a tunnel header and forwards the packet over the ICL.
Neighbor Advertisement from Non-VLT Hosts
Consider a situation in which NA for VLT node1 reaches VLT node1 on a non-VLT interface and NA for VLT node1 reaches VLT
node2 on a non-VLT interface. When VLT node1 receives NA on a VLT interface, it learns the Host MAC address on the
received interface. This learned neighbor entry is synchronized to VLT node2 as it is learned on ICL. If VLT node2 receives a NA
packet on non-VLT interface which is destined to VLT node1, node 2 lifts the NA packet to CPU using an ACL entry then it adds
a tunnel header to the received NA and forwards the packet to VLT node1 over ICL. When VLT node1 received NA over ICL with
tunnel header it learns the Host MAC address on the ICL. Host entries learned on ICL will not be synchronized to the VLT peer.
If NA is intended for VLT peer and DIP is LLA of peer, it is lifted to CPU and tunneled to the peer. VLT nodes will drop NA
packet, If NA is received over ICL without tunneling header.
Traffic Destined to VLT Nodes
Hosts can send traffic to one of the VLT nodes using a global IP or Link-Local address. When the host communicates with the
VLT node using LLA and traffic reaches the wrong peer due to LAG level hashing in the ToR, the wrong peer routes the packet
to correct the VLT node though the destination IP is LLA. Consider a case in which traffic destined for VLT node1 reaches VLT
node1 on the VLT interface and traffic destined for VLT node1 reaches VLT node2 due to LAG level hashing in the ToR.
When VLT node1 receives traffic on VLT interface, it consumes the packets and process them based on the packet type. If VLT
node2 receives a packet on a VLT interface which is destined to VLT node1, it routes the packet to VLT node1 instead of
switching the packet because the match that occurs for the neighbor entry in the TCAM table.
If the destination IP address is peers' link-local advertisement (LLA), the wrong VLT peer switches the traffic over ICL. This is
achieved using switching egress object for peers LLA.
VLT host to North Bound traffic flow
One of the VLT peer is configured as the default gateway router on VLT hosts. If the VLT node receives Layer 3 traffic intended
for the other VLT peer, it routes the traffic to next hop instead of forwarding the traffic to the VLT peer. If the neighbor entry
is not present, the VLT node resolves the next hop. There may be traffic loss during the neighbor resolution period.
North-Bound to VLT host traffic flow
When a VLT node receives traffic from the north intended for the VLT host, it completes neighbor entry lookup and routes
traffic to the VLT interface. If the VLT interface is not operationally up, the VLT node routes the traffic over ICL. If the neighbor
entry is not present, the VLT node resolves the destination. There may be traffic loss during the neighbor resolution period.
VLT host to Non-VLT host traffic flow
When VLT node receives traffic intended to non-VLT host, it routes the traffic over non-VLT interface. If the traffic intended to
non-VLT host reaches wrong VLT peer due to LAG hashing in ToR, the wrong VLT node will resolve the destination over ICL and
routes the traffic over ICL. When Correct VLT node receives this routed traffic over ICL it will switch traffic to non-VLT
interface.
Non-VLT host to VLT host traffic flow
Virtual Link Trunking (VLT)
1001