Cisco Cisco 1700 2600 3600 3700 Series VPN Module White Paper
© 2012 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information.
Page 6 of 55
Router MAC Addresses
When a virtual switch boots up and transitions to an active state, it assigns all its Layer 3 interfaces with a MAC
address. From a default configuration, the MAC address is derived from an EEPROM memory device located on
the Catalyst 6500 chassis itself. Whichever supervisor is elected to the active role will provide the system MAC
address for the VSS. The EEPROM is programmed in the factory and contains range of unique MAC addresses.
When the standby virtual switch is brought online after VSL activation, it also derives its router MAC addresses
from the MAC EEPROM of the active virtual switch. From this point onward, even if a switchover occurs between
the virtual switches (causing a role change), the MAC address remains consistent (Figure 3). In other words, the
virtual switch will change its router MAC address after a supervisor switchover event.
Figure 3. MAC Address Synchronization Across Cisco Virtual Switching System
If the entire Cisco Virtual Switching System is restarted and brought online again, but the peer switch assumes the
active virtual switch role on activation, the router MAC address will then be derived from the peer switch.
Consequently, the router MAC addresses will be different from before the system reload. In most environments,
this change does not represent a problem, because gratuitous Address Resolution Protocol (ARP) frames
advertising the new router MAC addresses are transmitted upon interface initialization.
To avoid reliance on gratuitous ARP for advertising the router MAC address, alternative methods have been
developed. The first option is called “Virtual MAC Address.” Using the Virtual MAC Address feature, the router
developed. The first option is called “Virtual MAC Address.” Using the Virtual MAC Address feature, the router
MAC address will be derived from a formula that uses the domain-id of the VSS pairs, combining MAC address
from a pool of MAC addresses dedicated just for VSS. This helps ensure that the router MAC address is unique for
a virtual switch domain and will remain the same, irrespective of which becomes active. The Virtual MAC address
feature is available with Supervisor Engine 720-10G implementations, beginning with software release
12.2(33)SXH1, and is available with all software releases for the Supervisor Engine 2T.
Example Virtual MAC Address configuration
VSS(config-vs-domain)# switch virtual domain 100
VSS(config-vs-domain)# mac-address use-virtual
VSS (config-vs-domain)#mac-address use-virtual
Configured Router mac address (0008.e3ff.fd34) is different from operational
value (0013.5f48.fe40). Change will take effect after the configuration is saved
and the entire Virtual Switching System (Active and Standby) is reloaded.
value (0013.5f48.fe40). Change will take effect after the configuration is saved
and the entire Virtual Switching System (Active and Standby) is reloaded.
VSS(config-vs-domain)#
As a best practice when using the Virtual MAC Address feature, it is recommend to always use a unique Virtual
Switch Domain IDs for every VSS in a given network. This helps ensure a unique virtual MAC address for each
system.