Header Only - DO NOT REMOVE - Extreme Networks

EXOS: mLAG vlan consistency check


Userlevel 6
currently we use very often MultiSwitch LAGs (mLAG). It works well and offers a very good flexibility. But it is very error-prone to keep all the vlan consistent (equal) over the 2 switch and the isc manually by the admin. It needs a lot of time to check that really all vlan are configured correctly. If there is one vlan missed there is no error message or advice that will show the mistake. And also the resulting connectivity problems are very strange. So it is fundamental that vlan configs are equal in mLAG environments!

Other vendors will help the network admins with some checks that will generate an error if something is missed:



What do you think ? Someone who agree with my need ? Is it imaginable that EXOS will so that (in the future) ?

i am very pleased for some discussion!

8 replies

Hi Matthias,

Have you see the script on Github? I think that this is what you are looking for. Can you confirm? https://github.com/extremenetworks/ExtremeScripting/tree/master/EXOS/Python/mlag_config_check
Userlevel 7
Brad wrote:

Hi Matthias,

Have you see the script on Github? I think that this is what you are looking for. Can you confirm? https://github.com/extremenetworks/ExtremeScripting/tree/master/EXOS/Python/mlag_config_check

I just want to point out one limitation of this script. It doesn't compare the VLANs across the peers.

So it will ensure that peer A has all the VLANs on its MLAG ports on the ISC, and the peer B has all the VLANs on its MLAG ports on the ISC. However, it doesn't check to see if both MLAG peers have the same VLAN config on MLAG ports.
Userlevel 6
Hi Brad,
it looks like what i am looking for ;-)) Let it test it in my lab (the next days).

It seems only the last thing is open in my mLAG-related whishlist - Spanning Tree AND mLAG allowed together on one port!

Regards,
Matthias
Userlevel 3
M.Nees wrote:

Hi Brad,
it looks like what i am looking for ;-)) Let it test it in my lab (the next days).

It seems only the last thing is open in my mLAG-related whishlist - Spanning Tree AND mLAG allowed together on one port!

Regards,
Matthias

And why would you want to do that? One nice thing about MLAG is that it helps you to eliminate Spanning Tree in your Network 🙂

By the way - if you have spanning tree enabled on other ports or switches inside the network, BPDUs are still being forwarded, including through MLAG ports, as EXOS sees and handles it as normal L2 Multicast traffic. Maybe that helps?
Userlevel 4
M.Nees wrote:

Hi Brad,
it looks like what i am looking for ;-)) Let it test it in my lab (the next days).

It seems only the last thing is open in my mLAG-related whishlist - Spanning Tree AND mLAG allowed together on one port!

Regards,
Matthias

I think the benefits from running STP over MLAG are to detect and prevent a super loop formed down on access switches uplinked to different MLAG ports. And, the access switches running with STP could have MLAG peer switches as root bridge.
Userlevel 3
M.Nees wrote:

Hi Brad,
it looks like what i am looking for ;-)) Let it test it in my lab (the next days).

It seems only the last thing is open in my mLAG-related whishlist - Spanning Tree AND mLAG allowed together on one port!

Regards,
Matthias

Understand. So in this case it's more about loop protection rather than path redundancy.
I would add ELRP on all access ports of the access switches then, but I understand why others would prefer to stick with what they know 🙂
Userlevel 4
M.Nees wrote:

Hi Brad,
it looks like what i am looking for ;-)) Let it test it in my lab (the next days).

It seems only the last thing is open in my mLAG-related whishlist - Spanning Tree AND mLAG allowed together on one port!

Regards,
Matthias

I think it would make more sense when access switches are not Extreme.
Userlevel 6
Hi Brad,
i have a closer look at your suggested python script.

Because of the 2 limitations - it is not very useable in the real world:
+ it does not check if the vlans are tagged or untagged configured
+ it does not check vlans on the mLAG peer - so there is not possibility to recognize if vlan config is equal

So i have to check that manually.

Additionally the "vPC consisteny check" will run continiously in the OS background.

It will be very nice of the python script (or maybe the mLAG peer control protocol too) will enhanced that both above problems will be also checked and therefore a manually check is not be necessary.

Regards

Reply