Users Guide
• Synchronizing the neighbor entries learned on VLT VLAN interfaces between VLT primary and secondary node.
• Synchronizing the IP address of VLT VLAN interfaces between the VLT primary node and secondary node.
• Performing routing on behalf of peer VLT nodes for a configured time period when a peer VLT node goes down.
When you configure Layer 3 VLT peer routing by using the peer-routing command in VLT DOMAIN mode, it applies for both IPv4 and IPv6
traffic in VLT domains. Layer 3 VLT provides a higher resiliency at the Layer 3 forwarding level. Routed VLT enables you to replace VRRP
with routed VLT to route the traffic from Layer 2 access nodes. With neighbor discovery (ND) synchronization, both the VLT nodes will
perform Layer 3 forwarding on behalf of each other.
The neighbor entries are typically learned by a node using neighbor solicitation (NS) and ND messages. These NS or neighbor
advertisement (NA) messages can be either destined to the VLT node or to any nodes on the same network as the VLT interface. These
learned neighbor entries are propagated to another VLT node so that the peer does not need to relearn the entries.
Working of IPv6 Peer Routing
When peer routing is enabled on VLT nodes, the MAC address of the peer VLT node is stored in the ternary content addressable memory
(TCAM) space table of a station. If the data traffic destined to a VLT node, node1, reaches the other VLT node, node2, owing to LAG-
level hashing in the ToR switch, it is routed instead of forwarding the packet to node1. This processing occurs because of the match or hit
for the entry in the TCAM of the VLT node2. This section contains the following topics that describe the operations and benefits of IPv6
peer routing in VLT domains:
Synchronization of IPv6 ND Entries in a VLT Domain
Because the VLT nodes appear as a single unit, the ND entries learned via the VLT interface are expected to be the same on both the VLT
nodes. VLT V6 VLAN and neighbor discovery protocol monitor (NDPM) entries synchronization between VLT nodes is performed.
The VLT-v6 VLAN information needs to be synchronized with peer VLT node. Therefore, both the VLT nodes are aware of the VLT VLAN
information associated with the peers. The CLI configuration and dynamic state changes of VLT v6 VLANs are notified to peer VLT node.
The ND entries are generally learned by a node from Neighbor Advertisements (NA). ND entries synchronization should be happening on
the following two scenarios:
When VLT has been configured and enabled on both VLT node1 and node2, any dynamically learned ND entry in VLT node1 should be
synchronized instantaneously to VLT node2 and vice-versa. The link-local address will also be synchronized if learned on VLT VLAN
interface
During failure cases, when a VLT node goes down and comes back up all the ND entries learned via VLT interface must be synchronized
to the peer VLT node
Synchronization of IPv6 ND Entries in a Non-VLT Domain
L3 VLT provides a higher resiliency at the Layer 3 forwarding level. Routed VLT enables you to replace VRRP with routed VLT to route the
traffic from L2 access nodes. With ND synchronization, both the VLT nodes perform Layer 3 forwarding on behalf of each other.
Synchronization of NDPM entries learned on non-VLT interfaces between the non-VLT nodes.
In the present design the NDPM entries learned on non-VLT interfaces are synchronized with the peer VLT nodes in case the ND entries
are learned on spanned VLANs so that each node can do L3 forwarding on behalf of each other. Whenever a VLAN is configured on VLT
node, this information is communicated to the peer VLT node regardless of whether the VLAN configured is a VLT or a non-VLT interface.
If the VLAN operational state (OSTATE) is up, dynamically learned ND entry in VLT node1 is synchronized to VLT node2.
Tunneling of IPv6 ND in a VLT Domain
Tunneling an NA packet from one VLT node to its peer is required because an NA may reach the wrong VLT node instead of arriving at
the destined VLT node. This may occur because of LAG hashing at the top of the rack (ToR) switch. The tunneled NA will carry some
control information along with it so that the appropriate VLT node can mimic the ingress port as the VLT interface rather than pointing to
VLT node’s interconnecting link (ICL link).
The overall tunneling process involves the VLT nodes that are connected from TOR through a LAG. The picture below is a basic VLT
setup, which describes the communication between VLT nodes to tunnel the NA from one VLT node to its peer.
NA messages can be sent in two types of scenarios:
• Sometimes NA messages are sent by a node when its link-layer address is changed. This NA message is sent as an unsolicited NA to
advertise its new address and the destination address field is set to the link-local scope of all-nodes multicast address. This unsolicited
NA packet need not be tunneled.
Virtual Link Trunking (VLT)
787