Topology: MLAG

  • 0
  • 1
  • Question
  • Updated 3 weeks ago
  • Answered
Hey,

Can you validate that the following is a valid setup using MLAG.

Sites A and B contain two MLAG peers each.

There are two independent links between sites A and B, and in order to connect both sites, both peers can use MLAG at each end. (Each group of switches thinks that it is talking to one switch at the other end.)

This would make the two links active, thus double the bandwidth compared to STP which would always block one ISL. But I'm not sure about STP in this scenario.

I couldn't really validate nor not validate such a setup from reading the manual. Is it valid?

Anything that comes to mind about this?

Thanks.

Photo of jeronimo

jeronimo

  • 1,408 Points 1k badge 2x thumb

Posted 4 weeks ago

  • 0
  • 1
Photo of Tomasz

Tomasz

  • 2,382 Points 2k badge 2x thumb
Hi jeronimo,

I've encountered this when visiting one of the customers.
From MLAG perspective, it will forward the traffic, but IMO you don't benefit MLAG here. It's like having failover scenario due to diagonal links (A1-B2, A2-B1) outage.
I'm not sure right now if the ISC blocking filters be disabled due to this.

With such four switches you can also think of different non-port-blocking mechanism, it could be EAPS or A and B stacks + LACP... Or perhaps you would like to play with MSTP and manipulating the bridge priorities for every MST instance so for each VLAN root bridge is different one, so all links are used. But that sounds like a lot to do. ;)
All depends on place in the network and your goals and constraints.

Kind regards,
Tomasz


(Edited)
Photo of Erik Auerswald

Erik Auerswald, Embassador

  • 13,792 Points 10k badge 2x thumb
Hi jeronimo,

the topology is valid. No link needs to be blocked with MLAG while STP, EAPS, or similar would need to block at least one (logical) link. You might want to consider adding cross-links (upper left to lower right, lower left to upper right) if possible to optimize redundancy and fail-over speed.

Please see the GTAC Knowledge site for additional info:
Thanks,
Erik
Photo of jeronimo

jeronimo

  • 1,408 Points 1k badge 2x thumb
Ok, thanks. Now I am wondering indeed what would be the use of using MLAG here. As Tomasz claims, there's no real benefit here. What would you do? Use MLAG for those ISLs or simply treat them as single links and let STP handle them? Cross-links are not possible right now.
Photo of Tomasz

Tomasz

  • 2,316 Points 2k badge 2x thumb
IMO single STP domain makes you benefit less as the link is blocked. MSTP might cover this issue, but more to configure. If those cross-links are not possible just for some time, perhaps you might leave it as is until it becomes full-blown MLAG (then there'll be not much to reconfigure). :)
(Edited)
Photo of Grosjean, Stephane

Grosjean, Stephane, Employee

  • 13,676 Points 10k badge 2x thumb
The benefits are all links active and no extra protocol running.
Photo of Paul Thornton

Paul Thornton

  • 1,464 Points 1k badge 2x thumb
Interesting this question came up - I was about to post about a near identical setup.

The benefit I see of this "back to back" MLAG is that both sides just see a LAG, so you have a true active-active situation for traffic in either direction.  The alternative is EAPS or STP; which would work, and you could probably arrange multiple VLANs to get maximum use of both connections.  But it is still more work and config compared to the MLAG example.

When I did some testing of this (well actually ended up deploying it with 2x X460G2s on one side, and 2x customer X440s on the other side), I was seeing some destination macs in the same L2 network that just didn't work.  It had all the hallmarks of a situation where a LAG without LACP was unidirectional so a packet was hashed and sent down a link that just didn't work.

I can't see why this shouldn't work, and so long as you have LACP enabled (we do all remember to always enable LACP, don't we folks) you have a control protocol to deal with connectivity problems where the link may appear to still be up and avoid the blackhole situation I saw.

The "Two Tier MLAG design" topologically isn't quite the same as what we're describing here - it has the cross connections in place.  Are they required to make this legal (I can imagine, given that I had  packets going nowhere, that this would fix what I saw) - or should this "just work" with the simple two cables between two sets of switches setup?

Paul.


Photo of jeronimo

jeronimo

  • 1,408 Points 1k badge 2x thumb
I found using MLAG on both sides between switches quite a thought experiment, since you usually somehow associate MLAG with the "server"/"switch"-side and a port-channel/LAG with the "client"/host-side. In this scenario, MLAG is both...
Photo of Erik Auerswald

Erik Auerswald, Embassador

  • 13,792 Points 10k badge 2x thumb
This two-tier-MLAG construct is used in quite a few EXOS based networks, because all links are active as opposed to blocking links with STP or EAPS.
Photo of Erik Auerswald

Erik Auerswald, Embassador

  • 13,792 Points 10k badge 2x thumb
Hi Paul,

the setup should work without the cross connections, we are using this exact setup in the network of the small company I work for (we are using older EXOS switches, not -G2, but this should still work). We have a switch pair on the office floor and another one in the basement connected via two-tier-MLAG using just two links.

Thanks,
Erik