Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
668
Views
0
Helpful
3
Replies

BRIDGE IP address on ACE

Go to solution
David Martinez Garcia
Level 1
Level 1

‎01-08-2014 01:32 AM

Hi gyus.

I have a doubt with IP Adresses in BVI interfaces:

  • Why we need IP addresses? I have configures MAC STICKY on client VLAN.
  • I need alias in BVI in a HA deploy?

Thanks!

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Kanwaljeet Singh
Cisco Employee
Cisco Employee

‎01-08-2014 08:00 AM

Hi David,

If you will not define an IP address on BVI, ACE won't get enabled and pass traffic. To initiate traffic, such as ARP requests, from the ACE or for management traffic, a bridge group requires an interface with an IP address on the same subnet. From user guide:

A BVI is associated with a corresponding bridge group to routed interfaces within the router but acts as a routed interface that does not support bridging. The BVI is assigned with the number of the associated bridge group. Only one BVI is supported for each bridge group. The MAC address of the BVI is the same as the addresses of the associated bridge-group interfaces. You must enable the BVI and the associated bridge-group interfaces to forward traffic.

You don't need an alias IP in HA deployment since ACE is not the DG of the servers.

Regards,

Kanwal

View solution in original post

0 Helpful
3 Replies 3

Go to solution
Kanwaljeet Singh
Cisco Employee
Cisco Employee

‎01-08-2014 08:00 AM

Hi David,

If you will not define an IP address on BVI, ACE won't get enabled and pass traffic. To initiate traffic, such as ARP requests, from the ACE or for management traffic, a bridge group requires an interface with an IP address on the same subnet. From user guide:

A BVI is associated with a corresponding bridge group to routed interfaces within the router but acts as a routed interface that does not support bridging. The BVI is assigned with the number of the associated bridge group. Only one BVI is supported for each bridge group. The MAC address of the BVI is the same as the addresses of the associated bridge-group interfaces. You must enable the BVI and the associated bridge-group interfaces to forward traffic.

You don't need an alias IP in HA deployment since ACE is not the DG of the servers.

Regards,

Kanwal

0 Helpful

Go to solution
David Martinez Garcia
Level 1
Level 1
In response to Kanwaljeet Singh

‎01-08-2014 09:05 AM

Ok!

Thank you so much Kanwal.

0 Helpful

Go to solution
Kanwaljeet Singh
Cisco Employee
Cisco Employee
In response to David Martinez Garcia

‎01-08-2014 09:11 AM

Hi David,

You do it on client side vlan. If you enable mac-sticky ACE will send the traffic back to device from where it received the traffic(used mostly in active-active FW SCENAIRO). You don't need it on server side since ACE will refer to connection table or sticky etc to send the traffic to same server. It doesn't make any difference to server if MAC-sticky is enabled on ACE.

Regards,

Kanwal

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents