This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

L3 and L2 forwarding vs. address limits on x620

L3 and L2 forwarding vs. address limits on x620

Eric_Burke
New Contributor III

‎04-06-2020 04:43 PM

Have an interesting dilema. We’re using a VLAN (4090) between two X620 MLAG cores (east/west campus). We’re routing two small subnets from within the Extreme default VR on each side into this transit VLAN for for high-speed connections between PBX’s. We also have two firewalls in this same VLAN routing between one another for non-voice traffic (they have eachother as next hop’s for the non-voice subnets). So, the question - will the two firewalls at L2 contribute to the use of forwarding addresses (L3) of the transit network and should we drop them into their own stretched VLAN instead (that’s not routed as well in Extreme) to avoid the very low L3 FDB table size in the x620? The upper arrows show the L3 routing done by the switch (very few devices, ignore the noted subnet sizes). The bottom arrows show the routing done by the firewalls. The bottom path will have way more than 480 IPV4 addresses.

6c7082d184984b0f91da8cd3a2a046d9_883edf37-14e3-49fa-8ec9-dfcd886f394f.png

 

Thinking that the firewalls will “pollute” the L3 FDB even though they’re not handled by the switch based routes since they share an IP subnet. The thought would be that we spin up a separate L2 only stretched VLAN between campuses for the firewall to firewall traffic. Thoughts?

0 Kudos
2 REPLIES 2

Eric_Burke
New Contributor III

‎04-09-2020 11:12 PM

Thanks Fredrik. I realize it’s a contradiction in terms and unfortunately, I think it starts with the product description (where FDB is listed for L3). I guess I made a mistake in getting these switches then, as I was aware of the L3 table limit, but didn’t realize the arp entry limit was also so low. I may find myself in a more serious bind than I thought. I think I’ve worked through the other concerns of switching/routing convergence. Thanks again.

 

0 Kudos

FredrikB
Contributor II

‎04-09-2020 08:28 AM

L3 FDB is a contradiction in terms  The forwarding database (FDB) is the MAC address table and is per definition an L2 thing. I suspect you mean L3 route entries instead as that is limited to 480 in the X620. If you need that many route entries, you need another switch, but I cannot tell from your drawing if that’s the case. The same goes for ARP entries as they max out at 1533 in the X620.

Use these command to see some limits for your platform:

show iproute reserved-entries

show iproute reserved-entries statistics

In the latter, you’ll also see how much table space you actually use in your X620’s.

/Fredrik

0 Kudos
GTM-P2G8KFN