ELRP implementation

  • 0
  • 1
  • Problem
  • Updated 2 years ago
  • Solved
Hello everyone,
I have some issues configuring ELRP and need a few clarifications :)

So, I have several access switches called ToR that connect to the core switches.
I want to enable ELRP on all ports except uplinks to the core switch.
On every ToR switch I have around 70 vlans. I thought that I can copy/paste the config but it is not a solution as I'm receiving warnings that not all ports are in that VLAN.

* Slot-1 ENSX670V-01.15 # configure elrp-client periodic "Backup_2" ports 1:1-48,1:50-52,1:54-64,2:1-48,2:50-52,2:54-64 log-and-trap disable-port egress duration 30WARNING: Port 1:1 does not belong to Backup_2!

I ignored the message and continued with my vlans until I was stopped by:
* Slot-1 ENSX670V-01.22 # configure elrp-client periodic "VDI_Provisioning_PFDC" ports 1:1-48,1:50-52,1:54-64,2:1-48,2:50-52,2:54-64 log-and-trap disable-port egress duration 30
Configuration reply is too big
Configuration failed on backup Node, command execution aborted!

Did some tests..I am able to issue the command if I reduce the number of "port list"; is there any command to add ports to an existing elpr session for a vlan ?


Another way would be to configure elrp on all ports for each vlan but do we have a command to exclude a specific port after that?



 
Photo of Victor Plohod

Victor Plohod

  • 80 Points 75 badge 2x thumb

Posted 2 years ago

  • 0
  • 1
Photo of David Coglianese

David Coglianese, Embassador

  • 5,944 Points 5k badge 2x thumb
Sounds like you have the basics but are complicating it. Below is a summary of our default elrp config to protect all non uplink ports. I remember all the symantics but if you take the below information and tab your way through you should be good. The name and tag of the vlan is simply what we choose any name and tag you find relevant would work.

Our standard elrp configuration is:

Create vlan NO_LOOP tag 666
Config NO_LOOP add ports all tagged
Config elrp client ........................
Config elrp disabled-ports exclude (uplink Ports)

Hope this helps,
Photo of Dorian Perry

Dorian Perry, Employee

  • 2,300 Points 2k badge 2x thumb
Hi Victor,

Yes the best option would be to configure ELRP on all ports, then use the below command to exclude the uplinks:
"configure elrp-client disable-port exclude <port_list>"
Photo of Frank

Frank

  • 3,662 Points 3k badge 2x thumb
Call me a cheater, but I just do:

enable elrp-client
configure elrp-client disable-port exclude <uplink-port(s)>
configure elrp-client periodic <Vlan-Name> ports all interval 5 log disable-port duration 300 ...

I don't even care what ports are in which vlan - I just do it by vlan  "all ports".
Photo of Victor Plohod

Victor Plohod

  • 80 Points 75 badge 2x thumb
I would do the same thing if it was up to me :).
The only problem with this solution is that it is still sending elrp packets on the uplink ports...
Photo of Frank

Frank

  • 3,662 Points 3k badge 2x thumb
Yes, but wouldn't it have to, in order to detect a loop?
Reading https://gtacknowledge.extremenetworks.com/articles/Q_A/What-is-ELRP, it says that the switch sends out a packet on every configured (including the uplink, in my approach) port, and sees if it gets it back on another port.
If I have a switch scenario like:
           Core-Switch
/ \
 EdgeSW-1 EdgeSW-2
and have a vlan with untagged port 1 on Edge-1 and Edge-2, and tagged ports 55 on Edge-1 and Edge-2 (the uplink ports), same vlan on the Core between Edge-1 and Edge-2, and configure elrp both on Edge-1 and Edge-2, wouldn't the only way that I can detect a loop between Edge-1 and Edge-2 (let's just say 'physical cable') be because I the packet goes out port-1 Edge-1 and comes in on Edge-1 port 55 - or out Edge-1 55 and back in on Edge-1 port 1?
If I wouldn't include the uplink port on the elrp port list (OK, 'all vlan ports'), I'd never detect the loop, even if it existed.

Now, if you're only concerned with loops on a single Edge switch (for instance because you don't have the same vlan on another Edge switch, then you could live without the uplink port in ELRP - but I fear you'd then have to specify every port that's in the vlan, except the uplink port, and only ports that are part of that vlan.
And if you add ports to the vlan, you'd probably have to add them manually to the ELRP list. And that would just drive me nuts, because I know I'd screw up sooner or later (but that's juist me :) )

Standard disclaimer - I may have something wrong. Also, I only have BlackDiamon/Summit 460/480/670s running EXOS 15.4 or higher.
Photo of David Coglianese

David Coglianese, Embassador

  • 5,944 Points 5k badge 2x thumb
I too do not see why the ELRP packets going out the uplinks. If the links leave the building and physical loops are not possible you could simply leave your "noloop" vlan off those ports.

The the links go to other stacks within the building I would think you would want the protection to span those ports.

Thanks