Question

VRRP with MLAG and MSTP

  • 17 August 2019
  • 4 replies
  • 216 views

Hello! I have a question regarding a 670G2 best practices. I am replacing a undersized core with a pair of 670G2's in an MLAG config and VRRP to protect the L3 gateway. Is there anything special about the STP config for MSTP that is enabled by default on the 22.2 code? I am integrating this into a network that is running RSTP, but as far as I know, MSTP and RSTP are comptable.

Any suggestions would be welcome!

Thanks!

J

4 replies

Userlevel 3
You must be careful using any kind of STP together with MLAG on EXOS previous to 22.5.
IIRC 22.5 introduced support for RSTP with MLAG, and 22.6 added MSTP to it.

I think if you put your new EXOS switches into your existing network already using RSTP and expect everything to work correctly, you should run at least EXOS 22.5 and just use RSTP.
Userlevel 3
Additional note: I have had some discussions about such topologies in this very community. Also with GTAC. Information on it is very sparse. Also you find a lot of outdated information (both on the general internet and also in Extreme's KB). That makes it difficult to find out what can be used together and how.

Concerning your very request (I never understood in what case STP needed to be used with MLAG in the first place) GTAC once told me (after my support request) they would create a KB article, but I have yet to see it.

In general, the answer was that if you include any kind of MLAG setup into your existing network (as you and I do), and that existing network is running STP and you expect the new switches using MLAG to be part of that spanning tree, then you need one of the later EXOS versions as I described above
Userlevel 2
RSTP and MSTP is supported in newer XOS Versions to work with MLAG. But I recommend to not use it. In my eyes it's a bad implementation. The MLAG peers will not signalling as one stp bridge via a mlag. So it's unusable for me. Otherwise you need to configure the mlag peers as root and backup-root as described in config-guide.
Userlevel 2
As you're talking about a core, perhaps there are ways to skip STP in the core and only use it closer to the access layer. After all, LAG and MLAG are often used to mitigate the need for older loop resolution protocols like STP and EAPS. Would it be possible to have a lot of smaller STP loops from the distribution and down, not involving the core? I tend to recommend staying away from STP except for disabling access ports that are accidentally looped, but your environment may of course require STP.

/Fredrik

Reply