Hi Clarke, Even though you have vrrp-inherit-from enabled, the interfaces are still participating in VRRP, albeit at a much slower rate (just enough to keep downstream ARP refreshed) so the MX is still allocating a specific VRRP MAC per group and thus the 255 limit still applies per interface.
See http://www.juniper.net/techpubs/en_US/junos11.4/topics/task/configuration/vrrp-inheritance-for-a-group-configuring.html And in particular: "the groups that are inheriting the state do send out VRRP advertisements once every 2 to 3 minutes so as to facilitate MAC address learning on the switches placed between the VRRP routers." Cheers, Ben On 23/07/2013, at 7:18 AM, Clarke Morledge <chm...@wm.edu> wrote: > It looks like there is a limitation as to the number of times you can inherit > settings from a particular vrrp-group on a single interface, but is this > correct? > > Assume you have a single vlan with multiple IP subnets configured. However, > all you need is to have a single vrrp-group where all of the other IP subnets > can inherit vrrp config information from, let's say, the vrrp group with the > preferred address. For example: > > [edit interfaces irb unit 100] > MX# show > family inet { > address 192.168.37.3/25 { > preferred; > vrrp-group 100 { > priority 125; > accept-data; > virtual-address 192.168.37.1; > } > } > address 192.168.38.3/25 { > vrrp-group 101 { > virtual-address 192.168.38.1; > vrrp-inherit-from { > active-interface irb.100; > active-group 100; > } > } > } > address 192.168.39.3/25 { > vrrp-group 102 { > virtual-address 192.168.39.1; > vrrp-inherit-from { > active-interface irb.100; > active-group 100; > } > } > } > } > > > For each IP address configured on the IRB interface (associated with one > particular vlan), you must have a DIFFERENT vrrp-group configured, even > though the "inheriting" addresses are only effectively using the vrrp-group > number as unique identifiers and place holders. > > If you try to use the SAME vrrp-group number for each address; e.g. "100", > you get a configuration error upon commit: > > "Duplicate interface: irb unit: 100 vrrp-group: 100 for address:....." > > Vrrp has a limitation as to the nunmber of groups available per vlan, 255. > Granted, having more than 255 addresses per interface is a lot, but it seems > arbitrary that the MX limits you to only having 255 IP subnets per vlan that > can use VRRP. > > Having a maximum of 255 VRRP active groups per vlan makes sense, as this is > what the VRRP standard specifies, but when you have a bunch of basically > "inactive" groups that inherit from one active group, it seems bizarre that > Junos says, "NOPE, you can only have a maximum of 254 placeholders for > inactive vrrp groups per interface." > > Am I misunderstanding something here? > > Clarke Morledge > College of William and Mary > Information Technology - Network Engineering > Jones Hall (Room 18) > Williamsburg VA 23187 > _______________________________________________ > juniper-nsp mailing list juniper-nsp@puck.nether.net > https://puck.nether.net/mailman/listinfo/juniper-nsp > _______________________________________________ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
