08-14-2009 08:32 AM - edited 03-06-2019 07:15 AM
We had a requirement that to upgrade a server to a new hardware in production environment.
The server's IP cannot be changed due to upstream service constraints. We are not allowed to do "hard" cut-over as well because a lot of configurations can only be done when new server is put online.
I need to bring up the new server with the same IP address on the same switch. Ideally, I need a way to control incoming traffic to be sent to the new server during maintenance window and switch back to the old one when window is over.
I do not want to do it in hard way by switching the cable or disabling switch ports. Is there a way to manipulate or control the ARP table and tell the switch which port to send traffic? That way, two servers with same IP co-exist on the LAN and I can control which one is active by configuring the LAN switch.
We are using Cat6500 on IOS 12.4.x
08-16-2009 03:14 AM
Hello Jack,
a L2 switch doesn't care of ARP tables and duplicated ip addresses.
the L3 part of the switch cares.
you can cable the new server put it on a different vlan.
During maintanance window:
you shut the port of the old server
you put in the right vlan the port of new server
you unshut the port of the new server
you need to clear the ARP entry on the L3 device that acts as gateway
clear ip arp x.x.x.x
so that the new MAC address can be learned
at the end of maintanance window:
you shut new server port
you unshut old server port
clear ip arp x.x.x.x
so that MAC address can be learned
this doesn't mean that the two coexist but that can be used in different times.
Hope to help
Giuseppe
08-16-2009 08:15 AM
Giuseppe, thanks for your response.
Your solution should work if the server is simply connected to a physical switchport running on a single VLAN. What if the connection is a trunk, server is hosting multiple services running on different IPs across multiple VLANs? I cannot simply put a swithport to a desired VLAN. A real world example is a load balancer device which has VIPs on different VLANs.
08-16-2009 11:29 AM
Hello Jack,
the same reasoning can be used ;
the different vlans will be on a l2 trunk or distributed across multiple NICs simply the procedure needs to be performed for each ip address
at the step clear ip arp x.x.x.x
you need to do it for each ip address in each involved vlan
notice that multiple ip addresses can be associated to the same MAC address in different vlans but you need to clear all entries to avoid out of service when doing the switchover.
Hope to help
Giuseppe
08-16-2009 04:50 PM
Hi Giuseppe.
I was following the discussion between you and Jack which i found quite interesting.
I have few questions based on Jack's statement,quoted below:
"What if the connection is a trunk, server is hosting multiple services running on different IPs across multiple VLANs?"
My understanding is ip address is associated with physical nic of server. But jack mentioned his server is running different applications and each using different ip addresses. How is it possible?
Thanks and have a nice weekend.
08-16-2009 08:54 PM
Hello Sarah,
>> My understanding is ip address is associated with physical nic of server. But jack mentioned his server is running different applications and each using different ip addresses. How is it possible?
this is possible and common in our networks the vlan-id is used to multiplex and de-multiplex.
think of a router on a stick with vlan subinterfaces if you look at the cam table from the switch point of view you can see the same MAC address associated with multiple vlans on the same port.
You could use this to detect if the port is a trunk or there is an hub connected to it: if you see multiple mac addresses in the same vlan there is an hub or a non cisco switch: if there are multiple mac addresses in different vlans the port is a trunk.
A CAM entry is made of :
vlan-id, port-id, and MAC address
the ARP table is a different object and that is the place where each ip address is associated with a MAC address but this is not a one-to-one association:
that is to a specific MAC address multiple ip addresses in different vlans can be associated without any problem.
The same happens on a C6500: all SVI interfaces that are the L3 logical interfaces for each vlan shares the same source MAC address and this not a problem.
Modern servers can use also virtual mac addresses to act as a cluster and this makes the real scenario a little more complex.
To give you an idea in our customer network server people is installing servers with up to 14 NICs and with some of them used as trunk ports.
Hope to help
Giuseppe
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide