MAC Masquerade

As of release 16.3.2, Avi Vantage supports MAC masquerade, for use in conjunction with Avi SE IP routing, to accelerate legacy HA SE failover in Linux server clouds. The delay in failover that otherwise may occur is attributed to back-end servers clinging to the MAC address of the interface of the previously active SE while they wait to learn the new MAC address from the newly active SE.

For such cases, MAC masquerade facilitates the use of a virtual MAC. Back-end servers are made to learn the virtual MAC for reachability of SE through the floating IP. Upon failover, just as the floating interface IP moves from the failed SE to the new active SE, so does the virtual MAC, enabling back-end servers to reach the correct SE as soon as the floating IP is moved to the new active SE.

Since the feature is applicable only when IP-routing is enabled, all constraints applicable to IP routing are applicable here. Additionally, the feature is only supported for DPDK-based bare-metal deployments.

CLI Interface

Following command-line interface enables the feature under serviceenginegroup configuration:

[admin:10-140-1-4]: > configure serviceenginegroup Default-Group
[admin:10-140-1-4]: serviceenginegroup> enable_vmac
Overwriting the previously entered value for enable_vmac
[admin:10-140-1-4]: serviceenginegroup> save
[admin:10-140-1-4]: >

To disable the feature, use the no-form of the CLI:

[admin:10-140-1-4]: > configure serviceenginegroup Default-Group
[admin:10-140-1-4]: serviceenginegroup> no enable_vmac
[admin:10-140-1-4]: serviceenginegroup> save
[admin:10-140-1-4]: >