Why MAC Address Changes and Forged Transmits are required for HA checks

 Enable MAC Address Changes and Forged Transmits for HA checks to avoid Master-Master Scenario in Vsphere/VMware

Product: Loadmaster

Version: Any

Platform: Any

Application: Vsphere

What do MAC Address Changes and Forged Transmits do and why it's required for HA checks in Vsphere

We require Mac Address Changes and Forged Transmits to be set to Accept for all distributed switches that HA checks are turned on for (or at the host level if not preset) for an HA pair. 

They allow the MAC address of the interfaces of either unit to be associated with the shared IP address and the virtual services on that interface. When a failover occurs, gratuitous ARPs are sent over the network to attribute the shared IP/VIPs to the MAC of the new master unit instead of the old master unit. That way, when the HA pair performs a failover, the traffic previously flowing to the old master unit can continue flowing to the new master unit instead.

Mac Address Changes allows virtual machines to receive frames with a MAC address that is different from the one configured in the VMX.

Forged Transmits allows the LoadMaster to accept packets where the source MAC address does not match the effective MAC address. The effective MAC address is set by the OS (the LoadMaster) and in the case of an HA failover, the source and effective MAC addresses will not match.
Having MAC address changes and forged transmits set to reject can cause both units to believe they are the master unit.