Hi,
I use a CRS326-24G-2S+ (7.20.7) as home switch/router. As I have moved my servers/NAS devices to a different VLAN, I want to use L3HW Offloaded routing in switch ASIC for performance reasons.
Currently, I am in the testing phase. I have two test Switch rules to HW route between my test networkds 192.168.10.0/24 and 192.168.15.0/24.
[admin@crs326] > interface/ethernet/switch/rule/print
Flags: X - disabled, I - invalid; D - dynamic
0 ;;; Management ALLOW
switch=switch1 ports=ether24 copy-to-cpu=no redirect-to-cpu=no mirror=no
1 switch=switch1 src-address=192.168.10.0/255.255.255.0
dst-address=192.168.15.0/255.255.255.0 copy-to-cpu=no redirect-to-cpu=no
mirror=no
2 switch=switch1 src-address=192.168.15.0/255.255.255.0
dst-address=192.168.10.0/255.255.255.0 copy-to-cpu=no redirect-to-cpu=no
mirror=no
3 ;;; ---- FORCE EVERYTHING ELSE TO CPU (good, but slow Firewall) ----
switch=switch1 dst-mac-address=12:34:56:78:9A:BC/FF:FF:FF:FF:FF:FF
copy-to-cpu=no redirect-to-cpu=yes mirror=no
The MAC in #3 is the CRS326 MAC.
This works nicely when both devices are reachable in the ARP List. But when I power on my Laptop which otherwise does not communicate with the CRS326, it won’t appear in the ARP List (or will still be stale/failed from the last time it was on). As it does not appear in the ARP List, the ASIC routing fails and all packets are instead forwarded to the firewall. As soon as I ping the CRS326 from my Laptop, it appears in the ARP List and ASIC routing works like a charm.
Is this a bug or expected behavior? Of course, workarounds would be possible, like creating static ARP entries for the relevant devices or pinging stale entries regularly. However, I would expect the L3HW routing to work properly without any workarounds.