OSPF Design over MLAG


Hi,
I'm putting up a design, and planning to use OSPF between Firewall (Edge) and Extreme X670 switches (Core).

I'm clear about the Firewall part (going to cluster the Firewalls).

have been looking for a Document on how to configure OSPF on two Extreme Switches in MLAG.

What is the best Practice to configure OSPF over MLAG Pair?
Is there a Document the explains how to do such configuration?

My plan is use the Internal Network downstream X670 as Area 0, and x670 upstream facing the Firewalls as area 10 (e.g).

Am going on the write track, or there's a better way to design such setup?

please let me know if you need more information form me?

Thanks again
Sulaiman

8 replies

Userlevel 6
Hello Sulaiman,

If you are looking to create an OSPF adjacency between two MLAG peers then you can treat the two MLAG switches like normal. MLAG is only affecting L2 traffic from MLAG clients lagged up to the peers.

Do both the x670 switches have a core license?
Patrick Voss wrote:

Hello Sulaiman,

If you are looking to create an OSPF adjacency between two MLAG peers then you can treat the two MLAG switches like normal. MLAG is only affecting L2 traffic from MLAG clients lagged up to the peers.

Do both the x670 switches have a core license?

yes they do
Userlevel 6
Patrick Voss wrote:

Hello Sulaiman,

If you are looking to create an OSPF adjacency between two MLAG peers then you can treat the two MLAG switches like normal. MLAG is only affecting L2 traffic from MLAG clients lagged up to the peers.

Do both the x670 switches have a core license?

I would ignore the fact that MLAG is configured and utilize the VLAN to create the adjacency between OSPF routers. There isn't anything special that needs to be done while configuring OSPF on top of MLAG peers.
Patrick Voss wrote:

Hello Sulaiman,

If you are looking to create an OSPF adjacency between two MLAG peers then you can treat the two MLAG switches like normal. MLAG is only affecting L2 traffic from MLAG clients lagged up to the peers.

Do both the x670 switches have a core license?

Hello@Patrick Voss

What do you mean by "utilize the VLAN to create the adjacency between OSPF routers."

in such senario the two configured switches aren't treated as routers, and by the way... does Extreme support routed ports on switches "like on cisco _no switchport_ command does" ??

Thanks
Userlevel 6
Patrick Voss wrote:

Hello Sulaiman,

If you are looking to create an OSPF adjacency between two MLAG peers then you can treat the two MLAG switches like normal. MLAG is only affecting L2 traffic from MLAG clients lagged up to the peers.

Do both the x670 switches have a core license?

You are not routing on the Extreme Switches?
Patrick Voss wrote:

Hello Sulaiman,

If you are looking to create an OSPF adjacency between two MLAG peers then you can treat the two MLAG switches like normal. MLAG is only affecting L2 traffic from MLAG clients lagged up to the peers.

Do both the x670 switches have a core license?

I didn't understand your question .. am not asking regarding this case I am asking in general, could routed port be configured on extreme switches?
Userlevel 6
Why do you plan on making a different OSPF area for your firewalls? Are you plan to summarizing routes to the firewall? Normal OSPF rules apply to MLAG when connecting to non-MLAG ports.

If you plan to cluster the Firewalls then you will probably need a vlan connecting them. You could use a broadcast OSPF vlan, and add the two MLAG peers and firewalls in them.
Stephen Williams wrote:

Why do you plan on making a different OSPF area for your firewalls? Are you plan to summarizing routes to the firewall? Normal OSPF rules apply to MLAG when connecting to non-MLAG ports.

If you plan to cluster the Firewalls then you will probably need a vlan connecting them. You could use a broadcast OSPF vlan, and add the two MLAG peers and firewalls in them.

Hi,
my idea since the Firewalls are connecting branches to main office, i would make it in a separate area.

Reply