IP to MAC mapping, GARP, RARP and Notify Switch
search cancel

IP to MAC mapping, GARP, RARP and Notify Switch

book

Article ID: 343401

calendar_today

Updated On:

Products

VMware vSphere ESXi

Issue/Introduction

A Gratuitous Address Resolution Protocol (GARP) packet is an ARP Response that was not prompted by an ARP Request.
Just like ARP (ether-type 0x0806), the GARP is a layer 2 protocol (ether-type 0x8035) and is sent as a broadcast.
vSphere virtual Switches do not send GARP packets but send Reverse Address Resolution Protocol (RARP) packets (ether-type 0x8035), which is an ARP request.
It's used by ESXi hosts as a way to announce a change or update to upstream switches, for them to update the MAC to switchport mapping (in the MAC table, CAM, or TCAM) for VMs, vmkernel ports and virtual MAC addresses.
 

ESXi Hosts will send a RARP in the following scenarios, provided the "Notify Switch" option is set to "yes":

1. When a link goes down (or up) and VMs need to connect via a different uplink (the RARP will come from the working link, for each VM or service that had to change links). Around 5 (max. 8) RARP packets for each VM are sent. If the link flaps (goes down and up continuously), up to 8 RARP packets will be sent for each status change and each VM on the link.
In case of multiple events in a short timespan the ESXi host might limit the number, or in some cases not send RARP packets for some systems.
This does not apply to LAGs (see Link Aggregation Groups and vSphere7Doc).

2. After a vMotion the destination ESXi host will send a RARP for the VM that is connected on the destination host (usually <1 second).

3. When vCenter reconnects ESXi hosts, or a manual restart of vCenter and/or vpxd is performed, the portgroup, Distributed vSwitch (DVS/vDS) and ports are re-applied to the hosts for previously connected systems.
A Standard vSwitch is managed by the ESXi host, hence, this does not apply to it.

4. When a change/update is made to a portgroup/teaming on a Distributed vSwitch, it is re-applied to the ESXi hosts for previously connected systems.

Note: ESXi Hosts will not send any IPv6 Neighbor Solicitation if "Notify Switch" option is set to "yes" in case of a virtual machine that is using IPv6.

Environment

VMware vSphere ESXi 6.7
VMware vSphere ESXi 6.0
VMware vSphere ESXi 6.5
VMware vSphere ESXi 7.0.x
VMware vSphere ESXi 8.0.x

Resolution

If the "Notify Switch" option is set to "no", the usual networking rules apply.

As a result, when a VM is vMotioned, the VM loses contact with the physical switch(es) until the switch MAC table is updated with the new switchport. This will only happen when a packet egresses from the VM into the switch.

The HostSync between ESXi hosts and vCenter, where vCenter retrieves data from the hosts, remains as usual.

Changes made to DVS/vDS (or to a Standard vSwitch) and portgroups are effective immediately - there is no wait time for a HostSync.

Additional Information

vSphere virtual switches do not hold a "traditional" MAC table (MAC learning provides network connectivity to deployments where multiple MAC addresses are used from one vNIC).

The Source and Destination IP in a RARP packet (in the IP payload) send by the ESXi host are random.

Newer builds of vSphere 7.0 and 8.0 will use IP notation "0.0.0.0" for all virtual switch types.
The IP information has no negative impact on the upstream since the MAC address is the important part.
The RARP packet is purely intended to speed-up MAC learning on the physical switches, which works as intended.