Last Modified: Jan 04, 2022
See more info
Known Affected Versions:
15.1.0, 18.104.22.168, 22.214.171.124, 126.96.36.199, 188.8.131.52, 184.108.40.206, 16.0.0, 220.127.116.11, 16.0.1, 18.104.22.168, 22.214.171.124
Opened: Jul 31, 2020
When the standby system in a High Availability (HA) group becomes active, it sends out gratuitous ARPs to advertise its ownership of IP addresses and direct traffic to itself. In rare conditions, when becoming active, other processes may send out traffic before Gratuitous ARPs are generated.
This has been observed as an issue for IPsec during failover, causing tunnel stability issues after failover. No other protocols are known to be affected by the issue.
-- HA configured -- Protocols in use that generate frequent and fast signaling messages
When the standby device in an HA pair becomes active, Gratuitous ARPs are prioritized over other traffic.