[one-users] Gratuitous ARP replies: VM live-migration without loss of IP connectivity

[Stefan Kooman]

Hi List,

In some larger cloud / network environments IPv4 connectivity issues may
arise when VM's get (live-)migrated from one HOST to the other. The MAC
address(es) of the Virtual Machine (VM) might still be mapped to the
wrong port on switches/routers upstream from the switch the HOST is
patched on. This might lead to IPv4 connectivity issues for the VM being
migrated. This issue becomes escpecially noticable when the VM doesn't
generate a lot of network traffic and/or the MAC address table timeout on the
switch(es) is large. To overcome this issue I made a "VM_HOOK" and script(s) that run
on the HOST when the hook is triggered [1]. It will execute a script that
sends Gratuitous ARP replies (unsollicited ARP reply) on the virtual
network interface(s) on behalf of the VM. These VM_HOOK and script(s)
will work on a KVM/QEMU environment with OpenvSwitch. It should be
fairly easy to adjust the scripts to support other enviroments (i.e. Xen
with "legacy" bridging). Environments based on VMware with VM's that
have "vmware-tools" installed are covered by VMware ESX. VMware will
have the VM send gratuitous ARP replies as soon as the live-migration
finishes. It does _not_ work for VM's without vmware-tools installed
though. I hope "one-grarp" will be useful for some of you out there
suffering from this issue.

Gr. Stefan

[1]: https://github.com/hydro-b/one-grarp

P.s. In so called "switched fabric" networks the issue above might not
occur because the "fabric" operates as one (logical) switch (like
Brocade's Ethernet Fabric).


-- 
| BIT BV  http://www.bit.nl/        Kamer van Koophandel 09090351
| GPG: 0xD14839C6                   +31 318 648 688 / info at bit.nl