Can the MLAG ISL bundled ports between two Summit 670Vs also be used for data traffic?

  • 0
  • 1
  • Question
  • Updated 4 years ago
I have a BD8810 connected via MLAG (ports 5:1 & 6:1) to two upstream Summit 670Vs.  Ports 47-48 are the bundled ISL links between the 670Vs.  The 8810 has vlan 10 whose gateway is a VRRP setup on the 670Vs.  My question is, is it OK to use the ISL ports (47-48) as the data path for vlan 10, or should I use another bundled pair of ports?  In other words, should the ISL vlan be the only vlan on the ISL ports?
Photo of Jim Keeffe

Jim Keeffe

  • 390 Points 250 badge 2x thumb

Posted 4 years ago

  • 0
  • 1
Photo of Sumit Tokle

Sumit Tokle, Alum

  • 5,738 Points 5k badge 2x thumb
I believe you could add vlan 10 in ISL link as in s/w, traffic will get block till peer ports are up and running and there is no loop in the network.
Photo of Paul Russo

Paul Russo, Alum

  • 9,694 Points 5k badge 2x thumb
Hey Jim

I agree with Sumit.  There is no reason you can't use the ISL link for other traffic as long as it is not blocked by another protocol. If the VLAN is not part of a MALG peer then it will just be bridged based on MAC just like any other traffic.  Usually the ISL isn't used simply because everything is dual homed and it takes the most direct path.

The ISC link does not block traffic the blocking is done at the MLAG peer port.

Does that help?

P
Photo of Jim Keeffe

Jim Keeffe

  • 390 Points 250 badge 2x thumb
So is best practice to not use the ISL link for data transit traffic?  In this example, vlan 10 is part of the MLAG peer.
Photo of Paul Russo

Paul Russo, Alum

  • 9,694 Points 5k badge 2x thumb
The MLAG peers may use the ISC if needed.  For example if a user is going from VLAN 10 to a server which has a MLAG connection to both switches.  If one of the links goes down the traffic will be forwarded across the ISC to the other switch to send to the server.

The ISC can be used for any traffic although with the MLAG the need to use it should be minimized. 


Not sure if that helps.  I feel I am missing something obvious so please straighten me out :)

Thanks
P
Photo of Jim Keeffe

Jim Keeffe

  • 390 Points 250 badge 2x thumb
I'm just trying to make sure I have a new network installation configured correctly.  We have six 8810s (L2 access layer for users) each with MLAG connections to two Summit 670Vs acting as a L3 distribution layer.  Each 8810 has three unique vlans whose gateways are on the 670Vs.  Each 670V is connected to a single WAN router - so we have two WAN routers, one for each 670V.  At this point all the user Vlans are tagged across the ISC link, the thought being if one of the 670Vs loses its uplink connection to its WAN router, the data going through that 670V will traverse the ISL link to use the other WAN router.  So in essence the ISC link is also configured to carry all data Vlan traffic if necessary.

My main question is if this is best practice.  Or is best practice is have a separate link between the two 670Vs for the data Vlan transit traffic and keep the ISC link between the two 670Vs only for ISC traffic.

Thanks for your patience.
Photo of Paul Russo

Paul Russo, Alum

  • 9,694 Points 5k badge 2x thumb
Hello Jim

Based on your description I think this is setup correctly.  The VLANs should be tagged across the ISC exactly for the purpose you mentioned. 

Does each 670 have two default gateways, one for each router that is connected so router on 670-a and router on 670-b?  If a router goes down the 670 will lose its DG and should reroute it to the other DG.

Since the ISC does not block the traffic the switch will forward based on dest mac.

P
Photo of Jim Keeffe

Jim Keeffe

  • 390 Points 250 badge 2x thumb
Each 670 is running OSPF, along with all WAN routers, and default route is injected into the routing table at our internet edge - so if one of the WAN routers goes down, its 670 should reroute all traffic through the ISC link to the other 670 and out the other WAN router.  At least that's the objective.