A Virtual MAC
address (VMAC) is a floating entity shared by the primary and the secondary
nodes in an HA setup.
In an HA setup, the
primary node owns all of the floating IP addresses, such as the MIPs, SNIPs,
and VIPs. The primary node responds to Address Resolution Protocol (ARP)
requests for these IP addresses with its own MAC address. As a result, the ARP
table of an external device (for example, an upstream router) is updated with
the floating IP address and the primary node's MAC address.
When a failover
occurs, the secondary node takes over as the new primary node. It then uses
Gratuitous ARP (GARP) to advertise the floating IP addresses that it acquired
from the primary. However, the MAC address that the new primary advertises is
the MAC address of its own interface.
(notably a few routers) do not accept the GARP messages generated by the
NetScaler appliance. As a result, some external devices retain the old IP to
MAC mapping advertised by the old primary node. This can result in a site going
You can overcome
this problem by configuring a VMAC on both nodes of an HA pair. Both nodes then
possess identical MAC addresses. Therefore, when failover occurs, the MAC
address of the secondary node remains unchanged, and the ARP tables on the
external devices do not need to be updated.
To create a VMAC,
you need to first create a Virtual Router ID (VRID) and bind it to an
interface. (In an HA setup, you need to bind the VRID to the interfaces on both
nodes.) Once the VRID is bound to an interface, the system generates a VMAC
with the VRID as the last octet.
This section includes the following details: