Join the Conversation

To sign in, use your existing MySonicWall account. To create a free MySonicWall account click "Register".

Tech Tips: Brief Explaination about Virtual MAC in High Availabilty

Hello Everyone,

I have tried to briefly explain the working of Virtual MAC in HA environment .

What happens ->

When Virtual MAC is not in use:

When Virtual MAC is disabled, the Active and Standby appliances each have their own MAC addresses. Because the appliances are using the same IP address, when a Failover occurs, it breaks the mapping between the IP address and MAC address in the ARP cache of all clients and network resources. The makes the Secondary appliance issue an ARP request, announcing the new MAC address/IP address pair. Until this ARP request propagates through the network, traffic intended for the Primary appliance’s MAC address can be lost.

When the Virtual MAC is in use :

The Virtual MAC address allows the High Availability pair to share the same MAC address, which dramatically reduces convergence time following a fail over. The Convergence time is the amount of time it takes for the devices in a network to adapt their routing tables to the changes introduced by high availability.

The Virtual MAC address greatly simplifies the process of data loss or connection outage by using the same MAC address for both the Primary and Secondary appliances. When a Failover occurs, all routes to and from the Primary appliance are still valid for the Secondary appliance. All clients and remote sites continue to use the same Virtual MAC address and IP address without interruption.

How is Virtual MAC defined on SonicWall ?

By default, this Virtual MAC address is provided by the SonicWall firmware and is different from the physical MAC address of either the Primary or Secondary appliances. This eliminates the possibility of configuration errors and ensures the uniqueness of the Virtual MAC address, which prevents possible conflicts.

Can we change Virtual MAC on SonicWall ?

We can manually configure the virtual MAC under “monitoring settings” on the SonicWall appliance.

I hope this information is usefull.

Regards,

Nevyaditha P

Category: Mid Range Firewalls
Reply

Nevyaditha P

Technical Support Advisor, Premier Services

Comments

  • Poorni_5Poorni_5 SonicWall Employee

    @Nevyaditha,

    Good Article.

    To add, Virtual MAC is independent of stateful Sync, so this can be configured even if the stateful HA is not licensed. When V-MAC is enabled it is always used even if the stateful sync is not enabled.


    Thanks & Regards,

    Poornima.T.R

  • NevyadithaNevyaditha Moderator

    Thank you for the adding more information @Poorni_5 !!

    Nevyaditha P

    Technical Support Advisor, Premier Services

  • Harshi_0614Harshi_0614 Newbie ✭
    Usefull Information @Nevyaditha.
  • NevyadithaNevyaditha Moderator

    Thank you @Harshi_0614 .

    Nevyaditha P

    Technical Support Advisor, Premier Services

Sign In or Register to comment.