MLAG - best practices to avoid as much as possible data traffic between ISC link

  • 0
  • 1
  • Question
  • Updated 2 years ago
  • Answered
Dear All,

Can you please give me some hints about the best configurations on MLAG peers and on connecting switches/servers about LACP in order to avoid, as much as possible, data traffic on ISC links?
I now how to do it on EOS VSB setting the local preference, but can't find the same feature on MLAG.
Many thanks  
Photo of Luis Oliveira

Luis Oliveira

  • 182 Points 100 badge 2x thumb

Posted 2 years ago

  • 0
  • 1
Photo of Paul Russo

Paul Russo, Alum

  • 9,694 Points 5k badge 2x thumb
Hello Luis

Can you provide a little more information on the design or even a diagram?  MLAG works best when the MLAG switches have connections to all servers down stream as well as the devices upstream.  For example a file server has a two port LAG to to MLAG switches and the IDF also has a two port lag to the MLAG servers.  In that configuration regardless of which link the server sends the traffic to the switch will also have a direct connection and not use the ISC link.  The ISC link will only be used if there is a failure on one of the links,

If you have a scenario where the server has a two port LAG to two MLAG switch and the IDF is only connected to one switch then there are possibilities of the traffic traversing the ISC link.

Thanks
P
Photo of Luis Oliveira

Luis Oliveira

  • 182 Points 100 badge 2x thumb
Hi Paul,
Many thanks.

The question is: which spreading algorithm should i use on the LAGs configuration in order to avoid as much as possible traffic on the ISC links.
I assume 802.3ad protocol on 3rd party.
The customer uses Hypervisor as virtualisation platform. On the server side i don't have a clue about how to configure teaming ou lacp support.
Cheers,

Luís Oliveira
Photo of Paul Russo

Paul Russo, Alum

  • 9,694 Points 5k badge 2x thumb
Hey Luis

Just to clarify you are asking which algorithm should you use on the server or the 3rd party switch to distribute their traffic to the MLAG peers?  That depends on the device as the algorithm is a hop by hop count. So the decision which link to take is up to the originating device.  For example if you use address based traffic from the same originating device to the end device will go the same link.

As for the ISC link the switch will forward traffic based on the MAC address in its tables.  So in the design you have above the server determines which link to send it to based on its Algorithm.  it sends it to either MLAG sw1 or sw2.  That switch knows that the destination MAC lives off of its port 1 (for example) and will send it directly.  It will not send it over the ISC because the MAC table doesn't have that MAC on the ISC port.  The only traffic that goes across the ISC are broadcast and multicast packets.  When that happens it is up to the MLAG Peer Port ( the port directly connected to the end device) to drop the packet.

I hope that helps.  if not please let me know where I went off topic.
  Thanks
P
Photo of Erik Auerswald

Erik Auerswald, Embassador

  • 12,782 Points 10k badge 2x thumb
Hello Luís,

in an MLAG setup the switch of the MLAG pair receiving a frame for a device connected via MLAG will always send it directly, unless the link has failed. This is different from the default settings of S-Series VSB, for example.

LACP should be used for all LAGs if possible (e.g. correct VMware license level).

As paul wrote, link selection is a hop-by-hop process. I use L3_L4 hashing unless I have a really good reason to use something else (e.g. L3_L4 not supported or non-IP traffic).

The hop-by-hop load sharing combined with using the local MLAG port for delivery combined result in very low ISC usage by default, unless single attached devices connect to an MLAG pair. Frames arriving at the wrong switch need to traverse the ISC.

Best regards,
Erik
Photo of Carsten Buchenau

Carsten Buchenau

  • 888 Points 500 badge 2x thumb
Also, the amount of traffic on your ISB heavily depends on your L3 design on top. For example, if the 2 MLAG peers are configure as VRRP active/passive, then all traffic that has to be routed (but was sent to the VRRP passive instance) will be transported over the ISC.

As Paul already wrote, a design description ideally with a diagram would help :-)
Photo of Erik Auerswald

Erik Auerswald, Embassador

  • 12,782 Points 10k badge 2x thumb
Hello Luís,

you should avoid single attached devices on the MLAG pair. Single attached devices should not be mixed with dual-attached devices on the same switch pair. Single attached devices should not be attached to one switch of an MLAG pair. (The switch for single attached devices can use a LAG for upstream connectivity, terminating on an MLAG pair.)

Use of VMware MAC pinning or Load Based Teaming (LBT) or similar instead of a LAG between the VMware host and two switches is equivalent to single attached devices, because every VM is single attached.

Best regards,
Erik
(Edited)