MLAG configuration

  • 0
  • 1
  • Question
  • Updated 4 weeks ago
  • Answered
  • (Edited)
Hi,
im having a virtual lab, where i try to practice MLAG, the topology is as in the diagram


now i have a problem and some questions regarding MLAGmy problem that MLAG doesnt come up,
i have followed the following on both EXOS1 and EXOS2 switches
EXOS1
configure vlan default delete ports all
configure vr VR-Default delete ports 1-7
configure vr VR-Default add ports 1-7
configure vlan default delete ports 1-7
create vlan "ISC-VLAN"
configure vlan ISC-VLAN tag 10
create vlan "VLAN20"
configure vlan VLAN20 tag 20
enable sharing 3 grouping 3-4 algorithm roundRobin-based lacp
configure vlan ISC-VLAN add ports 3 tagged 
configure vlan VLAN20 add ports 3 tagged 
configure vlan ISC-VLAN ipaddress 1.1.1.1 255.255.255.252
configure vlan VLAN20 ipaddress 10.1.20.2 255.255.255.0
enable ipforwarding vlan VLAN20

create mlag peer "core"
configure mlag peer "core" ipaddress 1.1.1.2 vr VR-Default

EXOS2
configure vlan default delete ports all
configure vr VR-Default delete ports 1-7
configure vr VR-Default add ports 1-7
configure vlan default delete ports 1-7
create vlan "ISC-VLAN"
configure vlan ISC-VLAN tag 10
create vlan "VLAN20"
configure vlan VLAN20 tag 20
enable sharing 3 grouping 3-4 algorithm roundRobin-based lacp
configure vlan ISC-VLAN add ports 3 tagged 
configure vlan ISC-VLAN ipaddress 1.1.1.2 255.255.255.252
configure vlan VLAN20 ipaddress 10.1.20.3 255.255.255.0
enable ipforwarding vlan VLAN20

create mlag peer "core"
configure mlag peer "core" ipaddress 1.1.1.1 vr VR-Default

Where's the output of show mlag peer on EXOS1
* EXOS01.131 # show mlag peer
Multi-switch Link Aggregation Peers:

MLAG Peer         : core
VLAN              : ISC-VLAN               Virtual Router    : VR-Default 
Local IP Address  : 1.1.1.1                Peer IP Address   : 1.1.1.2    
MLAG ports        : 0                      Tx-Interval       : 1000 ms
Checkpoint Status : Down                   Peer Tx-Interval  : 0 ms
Rx-Hellos         : 0                      Tx-Hellos         : 120768     
Rx-Checkpoint Msgs: 0                      Tx-Checkpoint Msgs: 0          
Rx-Hello Errors   : 0                      Tx-Hello Errors   : 863        
Hello Timeouts    : 0                      Checkpoint Errors : 0          
Up Time           : N/A                    Peer Conn.Failures: 0          
Local MAC         : 50:00:00:03:00:00      Peer MAC          : None       
Config'd LACP MAC : None                   Current LACP MAC  : 50:00:00:03:00:00
Authentication    : None                  
            

Alternate path information: None
and from EXOS2
EXOS02.42 # show mlag peer
Multi-switch Link Aggregation Peers:

MLAG Peer         : core
VLAN              : ISC-VLAN               Virtual Router    : VR-Default 
Local IP Address  : 1.1.1.2                Peer IP Address   : 1.1.1.1    
MLAG ports        : 0                      Tx-Interval       : 1000 ms
Checkpoint Status : Down                   Peer Tx-Interval  : 0 ms
Rx-Hellos         : 0                      Tx-Hellos         : 118591     
Rx-Checkpoint Msgs: 0                      Tx-Checkpoint Msgs: 0          
Rx-Hello Errors   : 0                      Tx-Hello Errors   : 1253       
Hello Timeouts    : 0                      Checkpoint Errors : 0          
Up Time           : N/A                    Peer Conn.Failures: 0          
Local MAC         : 50:00:00:04:00:00      Peer MAC          : None       
Config'd LACP MAC : None                   Current LACP MAC  : 50:00:00:04:00:00
Authentication    : None                  

Alternate path information: Nonejudging from the output i think that the Hello is not happening between the peers.

can someone advice what am I doing wrong.

also
do we need to tag all VLANs (in this case VLAN 20 ) on ISC Ports? if not, how would the failover happen.
Thanks
Sulaiman
Photo of Sulaiman Al Darmaki

Sulaiman Al Darmaki

  • 120 Points 100 badge 2x thumb

Posted 1 month ago

  • 0
  • 1
Photo of Tomasz

Tomasz

  • 2,382 Points 2k badge 2x thumb
Hi Sulaiman,

There is one thing for sure I would add to your config on both sides:
enable mlag port 1 peer core id 1
So you specify that your downlink port (no. 1 here) is to be considered as an element of a multi-switch terminated lag with ID of 1, where this ID has to be the same on both switches for that particular MLAG link.

If you had this command, and there was such amount of hellos transmitted and none received, I would take a look at VLAN id (both sides the same), tagging (both sides the same) and if the port is enabled and link connected.

You didn't add VLAN20 to your port 3 on EXOS2 by the way, and to any other ports that have to share this data VLAN.

As on each port, on your ISC you could have some single untagged VLAN, but I think it's better to have clear picture with only tagged VLANs everywhere except access ports. And if you ask, do we need to span all data VLANs across peer-peer connection, the answer is yes. If MLAG peers have to pretend being a single device from a downstream device perspective, they should be able to pass those VLANs' between them in case of unicast traffic.

On how the failover works, you can read thoroughly in EXOS User Guide, it's a really nice lecture not only for this topic. :)
https://documentation.extremenetworks.com/exos_22.5/EXOS_User_Guide_22_5.pdf
In brief:
- MLAG switches prevent broadcast, multicast and unknown unicast coming from a downstream device to their peer, without that we would have a broadcast storm;
- if single peer link/lag fails, blocking filter is taken down.

Hope that helps,
Tomasz

Photo of Sulaiman Al Darmaki

Sulaiman Al Darmaki

  • 120 Points 100 badge 2x thumb
thanks for the reply,
i have tried to configure the same on both Core EXOS1 and EXOS2
here's a sample
EXOS1: enable mlag port 1 peer "core" id 1
EXOS2: enable mlag port 1 peer "core" id 1
and the lag on downstream device

enable sharing 1 grouping 1-2 algorithm roundRobin-based lacp

do i need to tag ISC VLAN on that trunk?

but usually we when i configure mlag kind of technology, like Dell VLT and cisco vPC, once we config is complete, without configuring the MLAG ports, (which are connected to downstream device) the status shows as up.

is it different on EXOS?
sorry if that seem naive, but im totally new to Extreme switches.
Thanks
Sulaiman


Photo of Eric Burke

Eric Burke

  • 3,418 Points 3k badge 2x thumb
In my experience, when you're using LACP on the downstream ports, you still need to create a "sharing" group on each switch containing just one member (the one from the local switch). It's a little weird, but it seems to work. 
Photo of Tomasz

Tomasz

  • 2,316 Points 2k badge 2x thumb
Good point, when LACP is running on one side, it expects it be running on the other end.
Photo of Erik Auerswald

Erik Auerswald, Embassador

  • 13,792 Points 10k badge 2x thumb
The MLAG peer is shown as up even without any MLAG ports configured, just as with e.g. Dell VLT or Cisco vPC.

The configuration looks OK.

Did you test IP connectivity across the ISC?
Photo of Tim O'Donnell

Tim O'Donnell

  • 240 Points 100 badge 2x thumb
So, verify that your Physical is up on ports 3 and 4.  Verify the sharing is up on 3 and 4.  If both are up then I would look to change the algorithm of the share to L2 or L3 and see if the MLAG comes up.

Look at this as a reference:
https://gtacknowledge.extremenetworks.com/articles/How_To/How-to-configure-MLAG-in-Extreme-switches