cancel
Showing results forĀ 
Search instead forĀ 
Did you mean:Ā 

Tagging virtual-router vlans down the same physical port

Tagging virtual-router vlans down the same physical port

Robin_W
New Contributor
On a Cisco switch, I can have two VRFs with different VLANs tagged into each, but then both VLANs tagged on the same uplink port.

I've tried to find a way to do this on my Extreme switches, but am struggling as you have to add physical ports to a VR before adding a VLAN, and the switch won't allow me to add multiple VRs to a physical port. Is there a way to do this?

* L065-Core_10K.27 # configure vr test2 add ports 1:24
Error: Port 1:24 belongs to another vr test.

Surely part of the point of the virtual-router is to be able to segregate traffic coming into the router, and in the majority of cases, a router is only going to have one physical upstream connection to a WAN. I can't believe this wouldn't be supported, so I'm assuming my understanding is missing something?

We're currently running ExtremeXOS 12.5.4.5.

Any ideas gratefully received!

Thanks,
Rob.

10 REPLIES 10

Robin_W
New Contributor
Sorry Paul, I should have mentioned before, it's only a stack of x450a-48t's.

I've just tried on a BD10K and that seems to work OK when tagged to 2 ports, see below. Might this mean it's not supported on the x450? I know it's not the newest of the available products!

* 10K.4 # delete virtual-router "helix"
* 10K.5 # create virtual-router helix
* 10K.6 # configure vlan default delete ports 1:24
* 10K.7 # configure vr vr-default delete ports 1:24
* 10K.8 # create vlan vlan3000 vr helix
* 10K.10 # configure vlan vlan3000 tag 3000
* 10K.11 # configure vlan vlan3000 add ports 1:24 tagged
Warning: Port properties related to diff serv and code replacement on
some of the ports will not work. This is true for those ports that belong to
VLAN's and different virtual routers
* 10K.12 # create virtual-router helix2
* 10K.13 # create vlan vlan3001 vr helix2
* 10K.14 # configure vlan vlan3001 tag 3001
* 10K.15 # configure vlan vlan3001 add ports 1:24 tagged
Warning: Port properties related to diff serv and code replacement on
some of the ports will not work. This is true for those ports that belong to
VLAN's and different virtual routers

10K.16 # show licenses
Enabled License Level:
Advanced Core
Enabled Feature Packs:
MPLS-Layer2VPN

Thanks,
Robin.

Paul_Russo
Extreme Employee
Hey Robin

The licenses look ok. The feature packs are things like MPLS etc.

Unfortunately I do not have a BD10K to test with. I would recommend opening up a case with TAC to see if it is something in the config. I am testing it on our VM (XOS running on Virtual box) which acts like a 10K.

I am curious about your prompt. This is a BD10K correct I am wondering why the prompted says slot-1

P

Robin_W
New Contributor
Hi Paul,

This is a transcript of what I get if I create the vr and either add it to a physical port, or just try to add a vlan to the VR and tag that to a port. Also an output of show licenses at the bottom. Do the enabled licenses seem right to you?

The other thing I had tried is creating a virtual-router with the 'vrf' keyword at the end. That seems to create VRs which are children of VR-Default, though using these still seems to give me the same errors ultimately when I try to tag the VLAN.

* Slot-1 # create virtual-router helix
* Slot-1 # configure vlan default delete ports 1:11
* Slot-1 # configure vr vr-default delete ports 1:11
* Slot-1 # configure vr helix add ports 1:11
Error: Port 1:11 doesn't support virtual routers. Can not be added to user VR.
Configuration failed on backup MSM, command execution aborted!

* Slot-1 # create vlan vlan3000 vr helix
* Slot-1 # configure vlan vlan3000 tag 3000
* Slot-1 # configure vlan vlan3000 add ports 1:11 tagged
Error: Port 1:11 doesn't support virtual routers. Can not be added to user VR.
Configuration failed on backup MSM, command execution aborted!

* Slot-1 # show licenses
Enabled License Level:
Core
Enabled Feature Packs:
Unknown
Effective License Level:
Core

Thanks,
Robin

Paul_Russo
Extreme Employee
Thanks Rob

User created VRs are supported on edge licenses assuming that it is the correct HW and the BD10K is supported and came with the core license as well so we should be ok.

Here's the commands to get it to work can you look this over and let me know if they are what you are using

ā€¢ Create a user VR named helix.

ā€¢ Remove ports from the VLAN Default and VR-Default.

ā€¢ Add ports to user VR helix.

ā€¢ Add the OSPF protocol to user VR helix.

ā€¢ Set the VR context to helix, so that subsequent VR commands affect VR helix.

ā€¢ Create an incoming VLAN named helix-accounting-in.

ā€¢ Create an outgoing VLAN named helix-accounting-out.

ā€¢ Add ports that belong to user VR helix to the helix-accounting incoming and outgoing VLANs.



The CLI prompt is shown in this example to show how the VR context appears. At the end of the example, the VR is ready to be configured for OSPF, using ExtremeXOS software commands.



* BD10K.1 # create virtual-router helix

* BD10K.2 # configure vlan default delete ports 3:*

* BD10K.3 # configure vr vr-default delete ports 3:*

* BD10K.4 # configure vr helix add ports 3:*

* BD10K.5 # configure vr helix add protocol ospf

* BD10K.6 # virtual-router helix

* (vr helix) BD10K.8 # configure helix-accounting-in add ports 3:1

* (vr helix) BD10K.8 # configure helix-accounting-out add ports 3:2


Thanks
P


Robin_W
New Contributor
Hi Paul,

Thanks a lot for your message.

Indeed, when I try to do it without having the physical port in any VRs (including default) I get a different error:

configure vlan vlan3001 add ports 1:11 tagged
Error: Port 1:11 doesn't support virtual routers. Can not be added to user VR.

Am hoping this is a config thing rather than a licensing or hardware support thing, but I'm guessing it probably isn't!

Thanks,
Robin.

GTM-P2G8KFN