Hi Andrey In my case, what you said happened, as I modified the arp suppression configuration of evpn-vxlan, since this was silently dropping mac's and dropping VRRPv4 only, in IPv6 this did not happen.
set protocols evpn duplicate-mac-detection detection-threshold 20 set protocols evpn duplicate-mac-detection detection-window 5 set protocols evpn duplicate-mac-detection auto-recovery-time 5 With the above configurations, I never had a problem with VRRPv4 crashing in my environment. Environment with VRRP is already working since the email that responds in 2021 without any drop or problems. kind regards, Cristian Cardoso Em qua., 14 de dez. de 2022 às 12:26, Andrey Kostin <ank...@podolsk.ru> escreveu: > Cristian Cardoso писал(а) 2021-07-26 21:37: > > Hi Andrey > > > > My idea was to keep only with VRRP to be something simpler for the > > team to manage. > > I set the config that Nitzan Tzelniker suggested and so far I haven't > > seen more occurrences of arp suppression problems in VXLAN. > > Of course, the last time this happened it took about 2 weeks to end up > > happening. > > I did several reboots between one MX80 and another and so far there > > was no problem with the gateway dying for the network that is in VRRP. > > > > Hi Cristian, > > Late reply, you probably already solved your problem, but I faced the > same issue and I remembered that before I saw that connecting VXLAN > switches to a traditional switches with connected VRRP hosts broke VRRP > for them. > The issue is with VRRPv4 MAC that is by default used as virtual-gateway > MAC in EVPN/VXLAN. Looks like Broadcom switches process it even if L3 > gateway isn't configured. In my case the symptoms were exactly like > yours, some intermittent connectivity issues. I suspect that VRRP MAC is > processed by switches in some cases, probably when packets are sent > between switches via VXLAN tunnel. For now I just disabled VRRPv4 and > seems it helped. Going to test using manually configured MAC for VRRPv4. > > Kind regards, > Andrey > _______________________________________________ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
