Administrator Guide
Neighbor Solicitation from VLT Hosts
Consider a case in which NS for VLT node1 IP reaches VLT node1 on the VLT interface and NS for VLT node1 IP reaches VLT node2 due
to LAG level hashing in the ToR. When VLT node1 receives NS from VLT VLAN interface, it unicasts the NA packet on the VLT interface.
When NS reaches VLT node2, it is flooded on all interfaces including ICL. When VLT node 1 receives NS on ICL, it floods the NA packet on
the VLAN. If NS is unicast and if it reaches the wrong VLT peer, it is lifted to the CPU using ACL entry. Then wrong peer adds a tunnel
header and forwards the packet over ICL.
Neighbor Advertisement from VLT Hosts
Consider an example in which NA for VLT node1 reaches VLT node1 on the VLT interface and NA for VLT node1 reaches VLT node2 due
to LAG level hashing in ToR. When VLT node1 receives NA on VLT interface, it learns the Host MAC address on VLT interface. This
learned neighbor entry is synchronized to VLT node2 as it is learned on VLT interface of Node2. If VLT node2 receives a NA packet on
VLT interface which is destined to VLT node1, node 2 lifts the NA packet to CPU using an ACL entry then it adds a tunnel header to the
received NA and forwards the packet to VLT node1 over ICL. When VLT node1 receives NA over ICL with tunnel header it learns the Host
MAC address on VLT port channel interface. This learned neighbor entry is synchronized to VLT node2 as it is learned on VLT interface of
Node2.
If NA is intended for a VLT peer and DIP is LLA of the peer, it is lifted to the CPU and tunneled to the peer. VLT nodes drop the NA packet
if the NA is received over ICL without a tunneling header.
Neighbor Solicitation from Non-VLT Hosts
Consider a sample scenario in which NS for VLT node1 IP reaches VLT node1 on a non-VLT interface and NS for VLT node1 IP reaches
VLT node2 on a non-VLT interface. When VLT node1 receives NS from a non-VLT interface, it unicasts the NA packet on the received
interface. When NS reaches VLT node2, it floods on all interfaces including ICL. When VLT node 1 receives NS on the ICL, it floods the NA
packet on the VLAN. If NS is unicast and if it reaches the wrong VLT peer, it is lifted to the CPU using the ACL entry. Then the wrong
peer adds a tunnel header and forwards the packet over the ICL.
Neighbor Advertisement from Non-VLT Hosts
Consider a situation in which NA for VLT node1 reaches VLT node1 on a non-VLT interface and NA for VLT node1 reaches VLT node2 on a
non-VLT interface. When VLT node1 receives NA on a VLT interface, it learns the Host MAC address on the received interface. This
learned neighbor entry is synchronized to VLT node2 as it is learned on ICL. If VLT node2 receives a NA packet on non-VLT interface
which is destined to VLT node1, node 2 lifts the NA packet to CPU using an ACL entry then it adds a tunnel header to the received NA
and forwards the packet to VLT node1 over ICL. When VLT node1 received NA over ICL with tunnel header it learns the Host MAC
address on the ICL. Host entries learned on ICL will not be synchronized to the VLT peer.
If NA is intended for VLT peer and DIP is LLA of peer, it is lifted to CPU and tunneled to the peer. VLT nodes will drop NA packet, If NA is
received over ICL without tunneling header.
Traffic Destined to VLT Nodes
Hosts can send traffic to one of the VLT nodes using a global IP or Link-Local address. When the host communicates with the VLT node
using LLA and traffic reaches the wrong peer due to LAG level hashing in the ToR, the wrong peer routes the packet to correct the VLT
node though the destination IP is LLA. Consider a case in which traffic destined for VLT node1 reaches VLT node1 on the VLT interface
and traffic destined for VLT node1 reaches VLT node2 due to LAG level hashing in the ToR.
When VLT node1 receives traffic on VLT interface, it consumes the packets and process them based on the packet type. If VLT node2
receives a packet on a VLT interface which is destined to VLT node1, it routes the packet to VLT node1 instead of switching the packet
because the match that occurs for the neighbor entry in the TCAM table.
If the destination IP address is peers' link-local advertisement (LLA), the wrong VLT peer switches the traffic over ICL. This is achieved
using switching egress object for peers LLA.
VLT host to North Bound traffic flow
One of the VLT peer is configured as the default gateway router on VLT hosts. If the VLT node receives Layer 3 traffic intended for the
other VLT peer, it routes the traffic to next hop instead of forwarding the traffic to the VLT peer. If the neighbor entry is not present, the
VLT node resolves the next hop. There may be traffic loss during the neighbor resolution period.
North-Bound to VLT host traffic flow
When a VLT node receives traffic from the north intended for the VLT host, it completes neighbor entry lookup and routes traffic to the
VLT interface. If the VLT interface is not operationally up, the VLT node routes the traffic over ICL. If the neighbor entry is not present,
the VLT node resolves the destination. There may be traffic loss during the neighbor resolution period.
VLT host to Non-VLT host traffic flow
When VLT node receives traffic intended to non-VLT host, it routes the traffic over non-VLT interface. If the traffic intended to non-VLT
host reaches wrong VLT peer due to LAG hashing in ToR, the wrong VLT node will resolve the destination over ICL and routes the traffic
over ICL. When Correct VLT node receives this routed traffic over ICL it will switch traffic to non-VLT interface.
Non-VLT host to VLT host traffic flow
922
Virtual Link Trunking (VLT)