cancel
Showing results for 
Search instead for 
Did you mean: 

ELRP with dynamically changing vlan membership

ELRP with dynamically changing vlan membership

EtherNation_Use
Contributor II
Create Date: Mar 13 2013 9:48PM

Hello Everyone,

I've been looking at ELRP to help prevent L2 loops. Our switches (one section of them) work in conjunction with Bradford NAC system, which based on the user's profile and settings, puts the edge port into either production vlan or registration or quarantine (non-production) vlans. ELRP if I understand correctly works per vlan only, right? For instance looping a edge port in production vlan with a an edge port in the non-production vlan will not cause either of the edge ports to shutdown, right? My final goal is to achieve prevent L2 loops when the vlan membership of an edge port is constantly changing.

Is there anyway to tweak this behavior of ELRP and if not, are there any alternatives to what I'm trying to achieve?

Thanks!
(from Shashank_S Kumar)
23 REPLIES 23

Stephane_Grosj1
Extreme Employee
Hi,

I wanted to point out that 22.2 introduced: "Extreme Loop Recovery Protocol (ELRP) on Dynamic VLANs"

Starting with ExtremeXOS 22.2, ELRP supports dynamically created VLANs created by:
• NetLogin
• Extreme Network Virtualization (XNV)
• Multiple Registration Protocol (MVRP)

As far as I could get ELRP on dynamic VLANs to work, it just allows to statically configure ELRP on all ports of a switch where an already existing VLAN may be dynamically assigned, and have ELRP automatically started/stopped whenever one of those specific VLANs is dynamically assigned/removed from one of the ELRP configured ports.

This still needs manual configuration to add ELRP to the VLAN, there is no setting to automatically add ELRP to all VLANs on a set of ports (usually the front ports).

Additionally, for each port that has is not yet dynamically assigned to a VLAN (because you are still configuring the switch and it is not yet in use), ELRP will issue a warning. But this is just a warning, the configuration is applied regardless.

Thanks,
Erik

Matt_Myers
New Contributor
Sure I see your point and have run into the scenario you pointed out regarding the WAN connection. Always best on Cisco to do "spanning-tree bpdufilter enable" for the WAN facing port. With cisco you end up with loops when switch software wigs out in rare cases. With Extreme you end up with a loop because a network admin forgot to update the elrp config when a vlan change was made. My experience is that the network admin will forget to update the elrp config many more times than a software failure will occur. I just wish Extreme had a better implementation of loop prevention/auto configuration.

EtherMAN
Contributor III
Matt I certainly don't want to start a post war about this but for me and our staff I much prefer having to set a switch up as I want and according to my needs and network design. I can not tell you as a service providor which is all Purple and most of my clients are Cisco how many outages they have had due to the fact that portfast and BPDU protection are enabled by default on their WAN facing ports where we are handing services off. Nothing like their port on their remote site going into error-disable due this being enabled and not adjusted to come back up. To many network support calls and then the poor customers network guy having to drive to that remote site due to his port being shut down by this "feature". I like having the control over when I want ELRP on or off and on what vlan.

I am not saying what you are asking for is bad or not a better way of doing things but I am saying that for us we like the way it is and don't like portfast and bpdu protection... Dont like spanning tree being enabled every time you build a vlan. Of course we live in a world that is much more mixed on how folks use our service and what is plugged into our Extreme switches than most folks on this forum....
GTM-P2G8KFN