Vyatta Network OS Documentation

Learn how to install, configure and operate the Vyatta NOS, which helps drive our virtual networking & physical platforms portfolio.

Virtual MAC address

RFC 3768 and RFC 5798 define a specific 48-bit MAC address that is to be associated with each VRRP virtual router. The ARP translation for the virtual router IPv4 or IPv6 address points to this MAC address.

The master router uses this well-defined MAC address as the source MAC address of VRRP packets that it sends, in this way teaching switches to send packets for that MAC address to itself. If one master fails and another router takes over as master, it acts in the same way.

Using the well-defined MAC address ensures quick failover of traffic for that MAC address. In addition, the ARP translations of the other hosts and routers on the network do not need to change when a new router takes over as master. This configuration is recommended.

In legacy versions of the vRouter , the VIP was directly linked with the real MAC address of the master router rather than the well-defined MAC address specified by the RFCs. In that implementation, if the master router failed and a new master was elected, the VIP assumed the MAC address of the physical interface of the new master router and the new master notified the network of its MAC address by issuing a gratuitous ARP. This behavior is still the default for VRRP.

Configure RFC-compliant MAC address behavior by setting the rfc-compatibility option for the VRRP group with interfaces <interface> vrrp vrrp-group <group-id> rfc-compatibility when you specify VRRP group information for the interface that you are adding to the VRRP group. Note that a vRouter in RFC-compliant mode does not interoperate with a vRouter in noncompliant mode.


Currently, no VMware settings allow RFC-compliant MAC address behavior for VRRP interfaces. To prevent RFC compatibility issues when running a vRouter on a VMware platform, by default, RFC-compliant MAC address behavior is not enabled on the vRouter. To enable MAC address RFC-compliance, you must run the set interfaces <interface> vrrp vrrp-group <group-id> rfc-compatibility command.

The default non-RFC-compliant MAC address behavior is required for any deployment in which VMware provides Layer 2 services because vSwitch does not support true MAC learning and blocks traffic when MAC addresses move between the ports of an L2 switch. In addition, a key component of RFC-compliant VRRP is that MAC addresses must be able to freely move between routers participating in a group. For more information about MAC support on VMware, refer to VMware documentation.