virtual chassis with shared link to non stackable switches

  • 0
  • 1
  • Question
  • Updated 4 years ago
I've got 2 x450 in a stack configuration (virtual chassis) as a core with a 2 port shared link out to one edge. The edge has been replaced with non stackable x440-10G (the 10Gb SFP+ slots need to be preserved at this time for other uses so I can't use these as stacking option) but I want to be able to trunk all the vlans from the core to both edge switches. 

sharing on the core is 2 ports address based. If I configure m-lag on the 2 edge switches with an isc interconnect, would I need to change the core end to lacp based port group?
Photo of Steve Smith

Steve Smith

  • 114 Points 100 badge 2x thumb

Posted 4 years ago

  • 0
  • 1
Photo of Stephane Grosjean

Stephane Grosjean

  • 762 Points 500 badge 2x thumb
Hi Steve,

you're speaking of one edge, then of two edge. If this is two edge switches, you can have a LAG from a stack to an MLAG pair (running EXOS 15.3.1 at least on the MLAG side if you want LACP).

You are not forced to configure LACP, but I would recommend it if possible.

If this is x440, I would also recommend using 15.4.2 with LACP. As a best practice, manually configure the MLAG-LACP value on both MLAG peers.
Photo of Steve Smith

Steve Smith

  • 114 Points 100 badge 2x thumb
Thanks Stephane, after posting the question I set this up in lab and it appears to work as expected, which is good. :)
Photo of Steve Smith

Steve Smith

  • 114 Points 100 badge 2x thumb
mmm...potential problem found, if I try and trunk down two links from the lagged X440's (one from each switch) to another virtual chassis (local in same cabinet) which has 2 ports configured as a simple L2 address based share with the required vlans tagged on the ICS ports, the two trunk ports and on the downstream chassis shared ports. I'm seeing a lot of duplicate packets between the downstream chassis and the lagged switches. Also pinging from a device on the downstream chassis back up to that vlans gateway are timing out for a whole bunch of pings and then coming back again..can only assume this is a loop
Photo of Stephane Grosjean

Stephane Grosjean

  • 762 Points 500 badge 2x thumb
There must be a config issue.
To be sure we are in sync, as this diagram is not clear to me:
- The MLAG pair (the middle switches) requires an ISC link between them
- The ports toward the edge should be MLAG port with the same Id per edge
- If you are using LACP, the MLAG port must be LACP LAG of one port.

Can you share the following from the MLAG pari?
- show config vsm
- show mlag peer <peer name>
- show mlag ports
Photo of Steve Smith

Steve Smith

  • 114 Points 100 badge 2x thumb
Hi Stephane, thanks for checking back.

Ok



chassis (1) enable sharing 1:9 grouping 1:9,2:9 algorithm address based
configure vlan 1001 add ports 1:9 tagged

here is the config for the mlag peers (2)

2) mlag peer 1create vlan "vMLAG_ISC"
configure vlan vMLAG_ISC tag 3999
enable sharing 1 grouping 1,2 algorithm address-based L2
configure vlan vMLAG_ISC add ports 1 tagged
configure vlan vMLAG_ISC ipaddress 1.1.1.1 255.255.255.0
 
configure mlag ports convergence-control fast
create mlag peer 6_1_switch2
configure mlag peer 6_1_switch2 ipaddress 1.1.1.2
enable mlag port 1 peer 6_1_switch2 id 1
 
create vlan data_vlan
configure vlan data_vlan tag 1001
configure vlan data_vlan add ports 1 tagged
 
2) mlag peer 2

create vlan "vMLAG_ISC"
configure vlan vMLAG_ISC tag 3999
enable sharing 1 grouping 1-2 algorithm address-based L2
configure vlan vMLAG_ISC add ports 1 tagged
configure vlan vMLAG_ISC ipaddress 1.1.1.2 255.255.255.0
 
configure mlag ports convergence-control fast
create mlag peer 6_1_switch1
configure mlag peer 6_1_switch1 ipaddress 1.1.1.1
enable mlag port 1 peer 6_1_switch1 id 1
 
create vlan data_vlan
configure vlan data_vlan tag 1001
configure vlan data_vlan add ports 1 tagged
 

also:

two ports configured to feed edge virtual chassis (3)
on lag peer 1

configure vlan 1001 add ports 47

on lag peer 2

configure vlan 1001 add ports 47

on virtual chassis (3)

enable sharing 1:48 grouping 1:48,2:48 algorithm address based
configure vlan 1001 add ports 1:48 tagged

so if I'm on a host on chassis 3 and trying to ping an address on chassis 1 via the mlag switches, the pings stay stable for about 10 minutes then drop off and if I ping an interface address on chassis 1 from chassis 3 I get a lot of "DUP!" packets

thanks

Steve

Photo of Sumit Tokle

Sumit Tokle, Alum

  • 5,738 Points 5k badge 2x thumb
Your design is still not clear to  me.

MLAG peers devices should be of same type of devices and running with same software version. 



Here, SW1 and SW 2 is MLAG peer, where as SW3 is Edge switch where all servers are being connected.

On switch 3, Sharing is configured on port 1, 2.
On SW1 and SW2, Those are the MLAG peer devices, port # 8 is MLAG port, port 1,2 is configured as ISC link.
Photo of Brandon Clay

Brandon Clay, Escalation Support Engineer

  • 13,594 Points 10k badge 2x thumb
Steve, I noticed something in your config for the MLAG peers that may be the cause of some issues.

I see that you have enabled MLAG on port 1, which is the ISC. You do not need to do this, but you do need to enable MLAG on the ports connected to the stacks.

For example, if virtual chassis 1 is connected on port 11 on both MLAG peers, and virtual chassis 2 is connected on port 12 of both MLAG peers, you would need to enable MLAG on these ports. For example:

On MLAG peer 1:
  enable mlag port 11 peer 6_1_switch2 id 1
  enable mlag port 12 peer 6_1_switch2 id 2
On MLAG peer 2:

  enable mlag port 11 peer 6_1_switch1 id 1
  enable mlag port 12 peer 6_1_switch2 id 2

Photo of Steve Smith

Steve Smith

  • 114 Points 100 badge 2x thumb
@Brandon, bingo, that was the issue with the chassis facing ports on the mlag peered switches. Problem fixed :)
@Stephane, I think you initimated the same issue in your last reply.

Many thanks to you both, have a great day