Configuring VRF Aware Static ARP
Netvisor ONE offers static ARP support for VRF subnets configured with VXLAN. To have the static ARP entries functional, you must have an active VRF with subnets and a corresponding Layer 3 entry in the system. You must also create a subnet anycast gateway IP on the switch to send ARP requests. As in the case of static ARP on vRouters where ARP-reply is sent to the vRouter interface alone, the ARP-reply in this case is sent only to the subnet anycast gateway IP. For VRF configuration details, refer to the VRF section in the VXLAN chapter.
To create a static ARP entry on VXLAN enabled VRF, use the command static-arp-create. For example:
CLI (network-admin@switch1) > static-arp-create scope cluster mac 00:2d:01:00:00:02 ip 30.1.2.200 vxlan 3012
To view the configuration details for static ARP and VRF, use the following commands:
CLI (network-admin@switch1) > static-arp-show
scope ip vxlan vlan mac
------- ---------- ----- ---- -----------------
cluster 30.1.2.200 3012 0 00:2d:01:00:00:02
CLI (network-admin@switch1) > vrf-show layout vertical
name: vrf1
vnet: 0:0
scope: local
anycast-mac: 64:0e:94:40:00:02
vrf-gw: ::
vrf-gw2: ::
vrf-gw-ipv6: ::
vrf-gw2-ipv6: ::
active: yes
hw-router-mac hw-vrid
enable yes
CLI (network-admin@switch1) > subnet-show layout vertical
name: sub2
scope: local
vlan: 3012
vxlan: 3012
vrf: vrf1
network: 30.1.2.0/24
anycast-gw-ip 30.1.2.1
packet-realy: disable
forward-proto: dhcp
state: ok
enable: yes
To view the L3 table when the host is actively sending ARP replies, use the command l3-table-show.
CLI (network-admin@switch1) > l3-table-show vxlan 3012 state active layout vertical
switch: switch1
mac: 00:2d:01:00:00:02
ip: 30.1.2.200
vlan: 3012
vxlan: 3012
rt-if:
state: active, static
egress-id:
tunnel:
switch: switch2
mac: 00:2d:01:00:00:02
ip: 30.1.2.200
vlan: 3012
vxlan: 3012
rt-if: sub2
state: active, static, vxlan-loopback
egress-id: 100064
tunnel: auto-tunnel-10.30.0.1_10.30.1.1
After the static entry is removed, the L3 table output does not show the 'static' state. This can be seen from the example below:
CLI (network-admin@switch1) > l3-table-show vxlan 3012 state active layout vertical
switch: switch1
mac: 00:2d:01:00:00:02
ip: 30.1.2.200
vlan: 3012
vxlan: 3012
rt-if:
state: active
egress-id:
tunnel:
switch: switch2
mac: 00:2d:01:00:00:02
ip: 30.1.2.200
vlan: 3012
vxlan: 3012
rt-if: sub2
state: active, vxlan-loopback
egress-id: 100064
tunnel: auto-tunnel-10.30.0.1_10.30.1.1