cancel
Showing results for 
Search instead for 
Did you mean: 

MLAG VRRP Member Switch Connection

MLAG VRRP Member Switch Connection

Ty_Kolff
New Contributor II
Good Evening,

I was testing a MLAG/VRRP setup today and couldn't get a member switch LAG to connect to the two cores. The two cores seem to be working correctly, they are able to ping each other and the VRRP address that is configured. When I do a "show mlag peer" they see each other just fine.

When I added a member switch and connected a lacp LAG from the member switch to each of the cores, the links light up but there doesn't seem to be any traffic flowing. Do the following configs look correct?

Core Switch 1

configure vlan default delete ports all
configure vr VR-Default delete ports 1:1-64
configure vr VR-Default add ports 1:1-64
configure vlan default delete ports 1:1-64create vlan "isc" configure vlan isc tag 4090 create vlan "Switch-MGMT" configure vlan Switch-MGMT tag 2 enable sharing 1:49 grouping 1:49,1:53 algorithm address-based L2 lacp configure vlan isc add ports 1:49 tagged configure vlan Switch-MGMT add ports 1:1,1:49 tagged configure vlan isc ipaddress 192.168.99.253 255.255.255.252 configure vlan Switch-MGMT ipaddress 10.10.0.2 255.255.252.0 enable ipforwarding vlan Switch-MGMT create vrrp vlan Switch-MGMT vrid 2 configure vrrp vlan Switch-MGMT vrid 2 priority 200 configure vrrp vlan Switch-MGMT vrid 2 preempt delay 5 configure vrrp vlan Switch-MGMT vrid 2 fabric-routing on configure vrrp vlan Switch-MGMT vrid 2 add 10.10.0.1 enable vrrp vlan Switch-MGMT vrid 2 create mlag peer "x670_Bottom" configure mlag peer "x670_Bottom" ipaddress 192.168.99.254 vr VR-Default enable mlag port 1:1 peer "x670_Bottom" id 1

Core Switch 2
configure vlan default delete ports all configure vr VR-Default delete ports 1:1-64 configure vr VR-Default add ports 1:1-64 configure vlan default delete ports 1:1-64 create vlan "isc" configure vlan isc tag 4090 create vlan "Switch-MGMT" configure vlan Switch-MGMT tag 2 enable sharing 1:49 grouping 1:49,1:53 algorithm address-based L2 lacp configure vlan isc add ports 1:49 tagged configure vlan Switch-MGMT add ports 1:1,1:49 tagged configure vlan isc ipaddress 192.168.99.254 255.255.255.252 configure vlan Switch-MGMT ipaddress 10.10.0.3 255.255.252.0 enable ipforwarding vlan Switch-MGMT create vrrp vlan Switch-MGMT vrid 2 configure vrrp vlan Switch-MGMT vrid 2 fabric-routing on configure vrrp vlan Switch-MGMT vrid 2 add 10.10.0.1 enable vrrp vlan Switch-MGMT vrid 2 create mlag peer "x670_Top" configure mlag peer "x670_Top" ipaddress 192.168.99.253 vr VR-Default enable mlag port 1:1 peer "x670_Top" id 1
Member Switch

configure vlan default delete ports all
configure vr VR-Default delete ports 1-54
configure vr VR-Default add ports 1-54
configure vlan default delete ports 1-54

create vlan "Switch-MGMT"
configure vlan Switch-MGMT tag 2
configure ports 49 auto off speed 10000 duplex full
configure ports 50 auto off speed 10000 duplex full
configure ports 51 auto off speed 10000 duplex full
configure ports 52 auto off speed 10000 duplex full
enable sharing 49 grouping 49-50 algorithm address-based L2 lacp
configure vlan Switch-MGMT add ports 49 tagged
configure vlan Switch-MGMT ipaddress 10.10.0.4 255.255.252.0

Thanks!
6 REPLIES 6

Patrick_Voss
Extreme Employee
If you have a client switch connecting to 2 MLAG peers using LACP. You need to create a 1 port lag on each peer.

For example,

Client switch has port 1 and 2 in a lag:

enable sharing 1 grouping 1,2 lacp

Both these ports connect to port one on core1 and core2. You need to configure the following on each core:

enable sharing 1 grouping 1 lacp

Once MLAG is enabled it will take care of the LACP ID shared between the cores to the client switch. This should allow the switch to start passing traffic.

Hope this helps!

Ty_Kolff
New Contributor II
I just found this at extremenetworks.guru:
One thing to be mindful of is if when looking at Vlan (lab), and with everything connected it is showing blocking as per below:
# show vlan lab

Ports: 3. (Number of active ports=2)
Untag: *17, 18
Tag: *1bg

This is probably due to only one side of the lag configured for LACP.

If the core is the side that does not have LACP enabled the process is as follows:

Core1

disable mlag port 1
enable sharing 1 grouping 1 lacp algorithm address-based L2
enable mlag port 1 peer "MLAG-PEER-253" id 100

Core2

disable mlag port 1
enable sharing 1 grouping 1 lacp algorithm address-based L2
enable mlag port 1 peer "MLAG-PEER-254" id 100

I think this may be what I was missing as the ports on the Member switch were showing as "blocking" when I did the "Show vlan" command. I will check into this tomorrow and post here with the results.

Ty_Kolff
New Contributor II
Thanks Brandon!

Yes, any VLANs that are on MLAG ports should also be on the ISC link.

If this isn't done, failover may not work correctly and there may be FDB learning issues as well for the MLAG ports.
GTM-P2G8KFN