Header Only - DO NOT REMOVE - Extreme Networks

Loop Protection in MLAG Desgin with non-exos edge


Userlevel 2
Hello,

I'm looking for a solution to realise loop protection in MLAG design with non exos edge-switches.

- a dedicated STP-domain per edge-switch is a option when only 1 switch is in a location.
- How can I realise a comprehensive loop-protection between 2 edge-switches in a location, which are both connected via MLAG?

I've 2 use-cases...
- edge-switches are HP Procurve
- edge-switches are EOS Devices

Can somebody give me a bit input?

6 replies

Userlevel 3
Hmmm... not sure how exactly all involved switches are connected with each other.

Can you maybe add a network diagram here, should the connections between the involved switches and where you have configured LAGs and MLAG?
Userlevel 2



On MLAG devices and lag-ports on edge-switches STP must be disabled...thats fact...

How can I prevet a loop between edge 2 & 3?
Userlevel 7
Peter wrote:



On MLAG devices and lag-ports on edge-switches STP must be disabled...thats fact...

How can I prevet a loop between edge 2 & 3?

I'd use STP on each edge switch's edge ports (so not facing back towards the MLAG peers), with edge-safeguard and BPDU-restrict or whatever the equivalent is on your edge switches.

The key is that we want the edge switches to transmit BPDUs out the edge ports and block whenever they receive a BPDU on an edge port. This way, if Edge2 gets looped in to Edge3, they will see each other's BPDUs and block the ports.
Userlevel 3
If all Edge switches are EXOS, you can enable ELRP on them (all ports but the uplinks).
https://gtacknowledge.extremenetworks.com/articles/How_To/How-to-configure-ELRP-to-disable-ports/?q=...

In your case, with HP and EOS switches, you'll have to go with Spanning Tree. Protect your edge ports and enable it on the LACP-enable uplinks. With no STP configured at all on your Cores, they will simply forward the BPDUs as they see it as normal Multicast traffic. Even through the MLAG links. See also here: https://community.extremenetworks.com/extreme/topics/stp-on-mlag-ports
Userlevel 7
cbuchenau wrote:

If all Edge switches are EXOS, you can enable ELRP on them (all ports but the uplinks).
https://gtacknowledge.extremenetworks.com/articles/How_To/How-to-configure-ELRP-to-disable-ports/?q=...

In your case, with HP and EOS switches, you'll have to go with Spanning Tree. Protect your edge ports and enable it on the LACP-enable uplinks. With no STP configured at all on your Cores, they will simply forward the BPDUs as they see it as normal Multicast traffic. Even through the MLAG links. See also here: https://community.extremenetworks.com/extreme/topics/stp-on-mlag-ports

Only use STP on edge port with an STP edge mode. You don't want TCN all over your network as soon as an edge port goes Up or Down.
Userlevel 2
cbuchenau wrote:

If all Edge switches are EXOS, you can enable ELRP on them (all ports but the uplinks).
https://gtacknowledge.extremenetworks.com/articles/How_To/How-to-configure-ELRP-to-disable-ports/?q=...

In your case, with HP and EOS switches, you'll have to go with Spanning Tree. Protect your edge ports and enable it on the LACP-enable uplinks. With no STP configured at all on your Cores, they will simply forward the BPDUs as they see it as normal Multicast traffic. Even through the MLAG links. See also here: https://community.extremenetworks.com/extreme/topics/stp-on-mlag-ports

hmm... enabling stp on lacp uplinks would cause, that bpdu's would flood on all ports on mlag-peers ...thats not what I want...

enabling with spanguard etc on edge ports I will test; that could solve my problem with interrupts during mlag-upgrade, because there is no more STP (and so topo change) in core-connections.

Reply