Flow of events:

1. Cisco Device originally sends an ARP Request for the ClusterXL Virtual IP address.
2. ClusterXL replies with the VMAC address.
3. Cisco Device updates its ARP table with association of ClusterXL VIP address to ClusterXL VMAC.
4. By design, traffic that is originated from ClusterXL configured in VMAC mode is sent with the Source MAC address of cluster member's physical interface and with Source IP address of ClusterXL VIP.
5. Cisco Device uses the Source MAC address from the first packet of a new connection to determine the device that sent the return traffic and checks the Source MAC of the return packet against its ARP Table.
6. Since the ARP Table contains different MAC entries for ClusterXL VIP, Cisco Device drops the traffic on the receiving interface.

Two options are available:

1. Do not use VMAC mode in ClusterXL environments, which are connected to Cisco ACE Load Balancers or Switches
   
   

2. Disable the Mac-Sticky Feature on the Cisco ACE Load Balancers:

   host/Admin(config-if)# no mac-sticky enable

   For additional information, refer, for example, to the following Cisco Article.
3. Disable the Mac-Sticky Feature on the Cisco Switch:
   
   Router(config-if)# ip sticky-arp ignore
   
   For additional information, refer, for example, to the following Cisco Article.

 

A workaround would be to create the first NAT rule to not translate sessions with Source IP address of the cluster members.

This solution is about products that are no longer supported and it will not be updated