Active gateway over VSX

Active gateway is a first hop redundancy protocol that eliminates a single point of failure. The active gateway feature is used to increase the availability of the default gateway servicing hosts on the same subnet. An active gateway improves the reliability and performance of the host network by enabling a virtual router to act as the default gateway for that network.

Requirements

  • An active gateway can be configured only over an SVI.

  • An active gateway can have a maximum 16 "unique" MAC addresses per system, including IPv4 and IPv6 addresses.

  • IPv4 and IPv6 active gateways in an SVI cannot share virtual MAC addresses. Given an SVI with both IPv4 and IPv6 active gateways, you must configure a unique active gateway MAC address, so the IPv4 and IPv6 active gateways do not have the same MAC address.

  • Only one IPv4 and IPv6 active gateway can be configured on an SVI.

  • Link local IPv6 virtual IP address of an active gateway address is multicasted for router advertisement so that the IPv6 address can be chosen as a default gateway.

  • Active gateway configuration must be the same in both the VSX peer switches.

  • It is highly recommended that you use an IPv6 link local address as a gateway (VIP) on the active gateway IPv6 configuration.

Example of IPv4 and IPv6 active gateways on an SVI

Assume that you have IPv4 and IPv6 active gateways on an SVI. Each SVI uses a MAC address for IPv4 and one for IPv6. The configuration of the VSX with an active-gateway consumes a second MAC address per SVI. The following is an example for IPv4: 

switch# sh int vlan10

Interface vlan10 is up
Admin state is up
Description: ACCESS switch mgmt
Hardware: Ethernet, MAC Address: 98:f2:b3:68:71:fe
IPv4 address 10.1.1.253/24
Rx
       L3:
            0 packets, 0 bytes
Tx
       L3:
            0 packets, 0 bytes

switch# sh run int vlan141
interface vlan141
   description USER VLAN 10.141.0.0/16
   ip address 10.141.255.253/16
   ip ospf 1 area 0.0.0.0
   ip pim-sparse enable
    ip igmp enable
    ip igmp version 2
   exit
switch# config t
switch(config)# int vlan10
switch(config-if-vlan)# active-gateway ip 10.1.1.254 mac 00:00:00:10:11:12
switch# sh int vlan10

Interface vlan10 is up
Admin state is up
Description: ACCESS switch mgmt
Hardware: Ethernet, MAC Address: 98:f2:b3:68:71:fe
IPv4 address 10.1.1.253/24
active gateway 10.1.1.254           00:00:00:10:11:12
Rx
       L3:
            0 packets, 0 bytes
Tx
       L3:
            0 packets, 0 bytes

Example of configuring a virtual IPv4 and IPv6 address for an interface VLAN

Configuring a virtual IPv4 and IPv6 address for an interface VLAN: 

switch# config
switch(config)# vlan 2
switch(config)# interface vlan 2 
switch(config-if-vlan)# ip address 10.0.0.1/24
switch(config-if-vlan)# active-gateway ip 10.0.0.2 mac 00:00:5E:00:53:FF
switch(config-if-vlan)# ipv6 address aa:bb::cc:dd/24
switch(config-if-vlan)# active-gateway ipv6 2001:DB8::/32 mac 00:00:5E:00:53:00
Viewing the configuration from the previous example: 
switch(config-if-vlan)# show running-config interface vlan2
interface vlan2
   ip address 10.0.0.1/24
   active-gateway ip 10.0.0.2 mac 00:00:5E:00:53:FF
   active-gateway ipv6 2001:DB8::/32 mac 00:00:5E:00:53:00
   ipv6 address aa:bb::cc:dd/24
   exit