Feature

In general, when an IP address fails over between Service Engines, a gratuitous ARP (GARP) is sent, to inform endpoints on the subnet of the change in MAC address and to allow layer 2 and layer 3 switches to update their forwarding tables as necessary.

While this is sufficient in a majority of cases, some endpoints either ignore the GARP message or do not process it in a timely manner. This results in these endpoints clinging to the previous MAC address, until the corresponding ARP entry ages out. This can have a detrimental effect on failover times.

The MAC masquerade feature addresses this issue by allowing such floating IP addresses to be associated with a virtual MAC address that also fails over between SEs. As the virtual MAC does not change during failover, there is no need for ARP entries to be updated, resulting in faster and more consistent failover.

See the following table for compatibility details of this feature:

MAC Masquerade is supported for Active or Standby SE Groups configured for IP Routing and using the floating IP address configuration. Each floating IP address is associated with a distinct virtual MAC address, computed automatically based on the SE group and floating IP. Other secondary IP addresses that failover between active and standby SEs, such as VIPs and SNAT IPs and that are within the same subnet as a floating IP are also associated with this virtual MAC address.

CLI Interface

MAC Masquerade is configured through the Network Service associated with the Service Engine Group. For more information, see the Network Service Configuration topic in the VMware NSX Advanced Load Balancer Controller Configuration Guide.