Meraki

Community
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

About jcPOLO

Re: Constant failover issues

by in Security & SD-WAN
‎Sep 9 2021 2:02 AM
‎Sep 9 2021 2:02 AM
We are dealing with the same problem in a three different customers. All MX are one arm vpn concentrator and all of them are in version 15.43 from 8th Aug.   It seems both MX are replying to frames cause both physical ports where they are connected to are added to the MAC address table as a source of the same VRRP Virtual MAC address. That should be a bug. Only the one with the master role (VRRP priority 255) should be replying frames with that destination MAC on it, and only that MAC address should be dynamically learned by that unique port.   Another thing that is strange...even in Meraki documentation says that VRRP message are correct as they are being sent. https://documentation.meraki.com/MX/Networks_and_Routing/Routed_HA_Failover_Behavior   RFC stays that IP header is wrong. IP source from IP header should be the uplink IP, not the virtual one, for the advertisment sent. You can see meraki sends the VRRP advertismen with the IP header IP source as the virtual one. https://datatracker.ietf.org/doc/html/rfc3768 Any thoughts? ... View more
© 2024 Cisco Systems, Inc.