VRRP Active-Active

VRRP Active-Active mode allows you to have two active VRRP masters in conjunction with MLAG by applying an ACL on the ISC links in order to block VRRP updates.

When you configure VRRP with MLAG, you have the option to make VRRP operate in active-active mode. For MLAG peers to operate in VRRP active-active mode, configure the following ACL on both ends of the ISC link.

entry vrrp-act {    
if match all {    
    destination-address 224.0.0.18/32 ;   
} then {    
    deny ;   
       }    
}

There are two caveats that you need to be aware of that are illustrated in VRRP Active-Active :

An ARP request from 10.0.0.4 results in duplicate ARP replies (one from each MLAG switch).
For this to work correctly, you have to configure the virtual IP address to be a different address from either of the MLAG peer interface addresses. When an MLAG switch generates an ARP request it uses the vMAC instead of its own switch MAC, and the response (if the reverse path hashing chooses the other MLAG switch) is consumed by the peer MLAG switch.

Switching

Routing

Wireless

Management & Automation

Analytics & Visibility

Security & Access Control

Remote

Cloud

Security

Machine Learning

Campus Fabric

Data Center Fabric

Internet of Things

Wi-Fi 6

Primary & Secondary Education (K-12)

Retail

Service Providers

Federal Government

Manufacturing

Higher Education

Healthcare

Hospitality

State & Local Government

Sports & Public Venues

Support Portal

Knowledge Base

Documentation

End of Sale

Policies & Warranties

Training & Courses

Maintenance Services

Premier Services

Professional Services

Managed Services

VRRP Active-Active