I've been trying to figure out what makes MLAG implementation in a vxlan enviroment different from other more 'regular vlan' implementations. The user guide suggests that the isc link gets turned into an ospf routed link, but it doesn't go into detail on how this impacts the rest of the mlag setup.
I've gotten this far with my configuration so far, it's working for traffic to and from vmware-hosts, however when connecting to other existing l2 enviroments strange things seem to happen with broadcast packets, and a switch-loop like scenario seems to appear.
I'm at wit's end on what the correct implementation of mlag and vxlan is supposed to be, I'm attaching the configuration I've done so far in hopes more experienced minds can figure out what I'm missing.
The configuration example omits ospf information, since I have done no such configuration in regards to mlag.
# Setting the same IP on both switches ensures both identify as the same
# vxlan endpoint
# Mlag peer creation: # Both:
enable sharing 1 grouping 1 algorithm address-based L2 lacp
# Left: create vlan "ISC" configure vlan ISC tag 4000 configure vlan ISC add ports 117 untagged
configure vlan ISC ipaddress 10.0.0.0 255.255.255.254 configure mlag ports convergence-control fast
create mlag peer "right" configure mlag peer "right" ipaddress 10.0.0.1 vr VR-Default
enable mlag port 1 peer "right" id 1
# Right: create vlan "ISC" configure vlan ISC tag 4000 configure vlan ISC add ports 117 untagged
configure vlan ISC ipaddress 10.0.0.1 255.255.255.254 configure mlag ports convergence-control fast
create mlag peer "left" configure mlag peer "left" ipaddress 10.0.0.0 vr VR-Default
enable mlag port 1 peer "left" id 1
#vxlan related config:
create vlan loopback enable loopback-mode loopback configure vlan loopback ipaddress 192.168.0.0 255.255.255.255 create vlan mlag-test disable igmp snooping vlan "mlag-test" configure vlan mlag-test tag 1000 configure vlan mlag-test add ports 1,117 tagged
create virtual-network "vni10001" flooding standard configure virtual-network "vni10001" vxlan vni 10001 configure virtual-network "vni10001" add vlan mlag-test configure virtual-network local-endpoint 192.168.0.0
OSPF router-ID and local address is configured as a secondary-IP on the vlan loopback. This is to keep the number of OSPF interfaces down so we can still keep under the limit imposed on the Advanced Edge licence.
Ah, so it's just more redundancy. The route-isc link in this example would just provide alternative paths to the L3 enviroment in case of a fault, and has nothing to do with the actual mlag syncronization?
If one switch of the MLAG pair loses all uplinks, the transfer network across the ISC still connects it to the rest of the network via the other MLAG switch. This is important if only one uplink per MLAG switch is used (I would not recommend to use only one uplink per switch).
I missed that adding passive interfaces doesn't count against the 4 ospf link limit. Thanks!
What I'm more curious about is the routed vlan over the ISC link, I'm not quite sure what that adds to the mlag configuration as a whole, and in my specific design I already have two uplinks on each switch to the L3 layer, so more redundancy might just complicate things.
Basically from how I figure it, the routed-isc link would be used if none of the other ospf links are avaliable?