EXOS MLAG and bonded S8s

  • 0
  • 1
  • Question
  • Updated 2 days ago
  • Answered
Hello Extreme Hub,

I have a questions regarding EXOS MLAG and bonded S8s

1st here is the scenario:

I have a customer with bonded S8s that function essentially as a collapsed core (Distribution/Core and some direct server connections)
S8-Alpha is building 'A' and S8-Bravo is in 'Building B'
There is a Data Center in Building A and a Data Center in Building B, each Data Center server is single homed to its buildings S8.  Also each buildings IDFs are also single homed to its local buildings S8.

The customer is going to be increasing their fiber infrastructure between building A and building B with the goal of dual homing the Data Center servers and some of the IDFs.
The customer also plans to add some EXOS x690s to move the Data Center servers off of the S8s.  So all of the servers would connect to local MLAG'd x690s, and the x690s would then uplink to each S8 (local and remote) using the new fiber infrastructure.

My question is, are there any issues connected MLAG'd x690s to bonded S8's with regards to STP or any other loop prevention protocols? (XLRP)
Am i correct in saying, that from the perspective of the x690s, the ports facing the servers need to be set up as MLAG and the ports facing the bonded S8s need to be set up as MLAG ?  (otherwise, the ISC between the x690s would not block looped traffic from the S8s ?)

Should each x690s connect to more than one blade per S8 chassis ?

The x690s would be set up as L2, VRRP and routing would still be handled by the S8s.

I am not familiar with S8 bonding and I am newer to EXOS... I just want to make sure I am not creating a problem with this design.

Thanks

Jake
Photo of Jake Koch

Jake Koch, Employee

  • 364 Points 250 badge 2x thumb

Posted 4 weeks ago

  • 0
  • 1
Photo of Rob Mitchell

Rob Mitchell

  • 212 Points 100 badge 2x thumb
There are some Extreme papers I’ve seen in the past which advise against STP being used from the mlag’d uplinks, my take on it is you’d otherwise need to implement stp over the mlag isc which will cause a lot of problems.


One solution - if the vlans on the mlag’d x690s are unique to those on the bonded s8s, could this connection between the environments become L3 using OSPF as that would negate the need for a L2 loop provention protocol? Also if these are servers it gives good segregation from the user facing vlans.
(Edited)
Photo of Andre Brits Kannemeyer

Andre Brits Kannemeyer

  • 5,288 Points 5k badge 2x thumb
Hi Jake

When you talk about bonded s8, is alpha and bravo bonded together or is aplha and bravo each a bonded s8 setup?
Photo of Jake Koch

Jake Koch, Employee

  • 364 Points 250 badge 2x thumb
Thanks for the responses guys.

Rob, to your point I believe STP would need to be disabled between the S8s and the x690s and only enabled on the x690s 'down' links.

Andre, the S8 in Alpha is bonded to the S8 in bravo.


Photo of Rob Mitchell

Rob Mitchell

  • 212 Points 100 badge 2x thumb
This might help:

https://gtacknowledge.extremenetworks.com/articles/How_To/Design-Considerations-when-using-EXOS-MLAG

If the MLAG'd X690s are connected to the VSB'd S8's i.e. a square layout with each device in the corner and the lines of the square representing the interlinks, you'd effectively setup LACP from the S8's to the X690s, from the X690s those connecting ports would be configured in the same MLAG group (so effectively LACP back) using port sharing - just make sure it's using the appropriate algorithm to match that of the S8. My take would be within this S8 to X690 square setup you would avoid L2 loop protection to keep these links always forwarding, but then anything say on an edge/access side of things going to edge devices (e.g. users, servers) use either ELRP on purple switches copper ports (not uplinks) and use adminedge/spanguard on any Enterasys edge switch copper ports (again not the uplinks). If Enterasys edge is going to S8 consider using some additional elements like loop protect.

If you chose to try the STP route between the environments, obviously test offline if possible - would be interesting to see how this behaves when failures are simulated.

Again if the devices on the X690s are unique subnets I would strongly consider the use of L3 separation and implementing OSPF to hook them up to the S8s, keeps it nice and separated and saves some of the pain you are now trying to work through.
Photo of Jake Koch

Jake Koch, Employee

  • 364 Points 250 badge 2x thumb
Rob, great reference articles and you walked thru your explanation very well and answered all my questions.  I feel more comfortable with what we are looking to do with this customer.  Eventually, we are going to start phasing in Fabric Connect, but that is a different topic all together :) 

Thank you
Photo of Erik Auerswald

Erik Auerswald, Embassador

  • 13,636 Points 10k badge 2x thumb
Hi,

I had posted an answer before, but it was lost in the platform troubles. :-(

Anyway, connecting two X690 via MLAG to an S-Series VSB should work without problems. You should probably consider a few things:
  • always use LACP
  • manually configure the LACP MAC used by MLAG (for stability)
  • disable STP on the MLAG ports and the S-Series LAG and physical ports of the LAG
  • remove all egress VLANs from the S-Series physical ports of the LAG
  • configure VLANs only on the LAG of the S-Series
Regarding the S-Series you migt want to look at EOS: Basic Switch Layer 2 Configuration Best Practices and minimum feature recommendations. Regarding the combination of S-Series and EXOS MLAG you might want to look at How to configure MLAG with EXOS core switches to EOS edge switch (that looks at the different direction, i.e. connecting to an EXOS core, but the principles should be similar).

Thanks,
Erik


Photo of Jake Koch

Jake Koch, Employee

  • 332 Points 250 badge 2x thumb
thanks Erik, great info.  I believe I am good to go
Photo of James A

James A, Embassador

  • 7,204 Points 5k badge 2x thumb
I'm not going to recommend it, but 22.5 and 22.6 have some features that allow RSTP and MSTP respectively over MLAG.
Photo of Jake Koch

Jake Koch, Employee

  • 332 Points 250 badge 2x thumb
interesting... i would also not recommend it lol
Photo of Erik Auerswald

Erik Auerswald, Embassador

  • 13,636 Points 10k badge 2x thumb
I think MSTP over MLAG ports is a really important feature, and I plan to try it out in the future, but have not yet tested it. Has anybody tried it out, or does anybody use it production already?
Photo of James A

James A, Embassador

  • 7,204 Points 5k badge 2x thumb
22.6 has a crash so I've gone back to 22.5 (not that I use MLAG or MSTP)