Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

BRIDGE IP address on ACE

Hi gyus.

I have a doubt with IP Adresses in BVI interfaces:

  • Why we need IP addresses? I have configures MAC STICKY on client VLAN.
  • I need alias in BVI in a HA deploy?

Thanks!

1 ACCEPTED SOLUTION

Accepted Solutions
Cisco Employee

BRIDGE IP address on ACE

Hi David,

If you will not define an IP address on BVI, ACE won't get enabled and pass traffic. To initiate traffic, such as ARP requests, from the ACE or for management traffic, a bridge group requires an interface with an IP address on the same subnet. From user guide:

A BVI is associated with a corresponding bridge group to routed interfaces within the router but acts as a routed interface that does not support bridging. The BVI is assigned with the number of the associated bridge group. Only one BVI is supported for each bridge group. The MAC address of the BVI is the same as the addresses of the associated bridge-group interfaces. You must enable the BVI and the associated bridge-group interfaces to forward traffic.

You don't need an alias IP in HA deployment since ACE is not the DG of the servers.

Regards,

Kanwal

3 REPLIES
Cisco Employee

BRIDGE IP address on ACE

Hi David,

If you will not define an IP address on BVI, ACE won't get enabled and pass traffic. To initiate traffic, such as ARP requests, from the ACE or for management traffic, a bridge group requires an interface with an IP address on the same subnet. From user guide:

A BVI is associated with a corresponding bridge group to routed interfaces within the router but acts as a routed interface that does not support bridging. The BVI is assigned with the number of the associated bridge group. Only one BVI is supported for each bridge group. The MAC address of the BVI is the same as the addresses of the associated bridge-group interfaces. You must enable the BVI and the associated bridge-group interfaces to forward traffic.

You don't need an alias IP in HA deployment since ACE is not the DG of the servers.

Regards,

Kanwal

BRIDGE IP address on ACE

Ok!

Thank you so much Kanwal.

Cisco Employee

BRIDGE IP address on ACE

Hi David,

You do it on client side vlan. If you enable mac-sticky ACE will send the traffic back to device from where it received the traffic(used mostly in active-active FW SCENAIRO). You don't need it on server side since ACE will refer to connection table or sticky etc to send the traffic to same server. It doesn't make any difference to server if MAC-sticky is enabled on ACE.

Regards,

Kanwal

223
Views
0
Helpful
3
Replies
CreatePlease to create content