Failover mac addresses, Mac address format, Licensing requirements for multiple context mode – Cisco ASA 5505 User Manual

Page 212

Advertising
background image

5-12

Cisco ASA 5500 Series Configuration Guide using the CLI

Chapter 5 Configuring Multiple Context Mode

Licensing Requirements for Multiple Context Mode

Failover MAC Addresses

For use with failover, the ASA generates both an active and standby MAC address for each interface. If
the active unit fails over and the standby unit becomes active, the new active unit starts using the active
MAC addresses to minimize network disruption. See the

“MAC Address Format”

section for more

information.

MAC Address Format

The MAC address format without a prefix is a legacy version not supported on newer ASA versions.

MAC Address Format Using a Prefix

The ASA generates the MAC address using the following format:

A2xx.yyzz.zzzz

Where xx.yy is a user-defined prefix or an autogenerated prefix based on the last two bytes of the
interface MAC address, and zz.zzzz is an internal counter generated by the ASA. For the standby MAC
address, the address is identical except that the internal counter is increased by 1.

For an example of how the prefix is used, if you set a prefix of 77, then the ASA converts 77 into the
hexadecimal value 004D (yyxx). When used in the MAC address, the prefix is reversed (xxyy) to match
the ASA native form:

A24D.00zz.zzzz

For a prefix of 1009 (03F1), the MAC address is:

A2F1.03zz.zzzz

MAC Address Format Without a Prefix (Legacy Method; Not Available in 8.6(1) and Later)

Without a prefix, the MAC address is generated using the following format:

Active unit MAC address: 12_slot.port_subid.contextid.

Standby unit MAC address: 02_slot.port_subid.contextid.

For platforms with no interface slots, the slot is always 0. The port is the interface port. The subid is an
internal ID for the subinterface, which is not viewable. The contextid is an internal ID for the context,
viewable with the show context detail command. For example, the interface GigabitEthernet 0/1.200 in
the context with the ID 1 has the following generated MAC addresses, where the internal ID for
subinterface 200 is 31:

Active: 1200.0131.0001

Standby: 0200.0131.0001

This MAC address generation method does not allow for persistent MAC addresses across reloads, does
not allow for multiple ASAs on the same network segment (because unique MAC addresses are not
guaranteed), and does not prevent overlapping MAC addresses with manually assigned MAC addresses.
We recommend using a prefix with the MAC address generation to avoid these issues.

Licensing Requirements for Multiple Context Mode

Advertising
This manual is related to the following products:

ASA 5585-X, ASA 5555-X, ASA 5545-X, ASA 5525-X, ASA 5515-X, ASA 5512-X, ASA 5580, ASA 5550, ASA 5540, ASA 5520, ASA 5510, ASA 5500 Series

Popular Brands
Popular manuals