This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

LACP/LAG with 'switches in between' (not true 2-Tier)?

LACP/LAG with 'switches in between' (not true 2-Tier)?

Frank
Contributor II

‎09-28-2016 11:37 AM

I'm drawing a blank as to "do I do this right, or what do I do wrong?". If you look at the following:

346f30e7e2e64597a19862a098666481_RackMultipart20160928-2844-g7c0gc-LACP_inline.png


Note that there is no ISC/MLAG between the two 460s.

Coworker and I are debating if the two ports on the Cisco stack need to be put in a LACP/channel-group or not. Neither of us has good enough arguments or detailed enough knowledge as to what exactly is happening, so if anyone could help, that'd be awesome!

- Is the above design reasonable/unreasonable/plain wrong?
- Do the Cisco ports need to be configured as two regular normal trunked/tagged ports, or do they need to be configured as channel/lacp/shared ports?
- or would they only need to be lacp ports if (and only if) the 460s would get an ISC/MLAG between them?

At this point I'm not sure if I could be trusted to connect two tin cans with a string!

Thanks for you help,

Frank

0 Kudos
19 REPLIES 19

Frank
Contributor II
In response to Paul_Russo

‎09-28-2016 11:58 AM

The Cisco port configuration was exactly what we were debating 🙂
And yes, this does help immensely (together with Stephane's comment below)
0 Kudos

Paul_Russo
Extreme Employee
In response to Paul_Russo

‎09-28-2016 11:58 AM

Hey Frank

I guess I am confused on how the two ports on the cisco is configured. The connections from the cisco would be either a LAG, where the switch determines which link to send the traffic to, or in an active/passive design using a redundant port configuration. If you can use the redundant port I think that would work here if it is a LAG I don't think that would work as you don't have MLAG on the 460s.

Does that help?

P
0 Kudos

Frank
Contributor II
In response to Paul_Russo

‎09-28-2016 11:58 AM

Single point failure would still be covered in above diagram - if let's say the connection cisco->460-2 fails, packets would still be able to get to everywhere via 460-1 -> 8800 -> somewhere-including-460-2
I understand that an mlag between the 460s would give me multi-point failure resilience plus bandwidth (which, however, in most of our cases is negligible)

Background: the 460s are typically customer-access-port edge switches in a multi-tenant datacenter. While most customers are happy with either one non-redundant connection, or two connections that go into two of their firewalls (active/passive) where I don't have to worry about lag/lacp, there is the occasional scenario as above. Due to the "nobody needed it before" nature, we haven't MLAGed those 460s. "Yet (tm)" 🙂
0 Kudos

Frank
Contributor II

‎09-28-2016 11:49 AM

I did configure ELRP on the respective VLAN on the 460s, hoping that would be sufficient?
(excluding the 460-to-8800 ports so it should only block the ports to the Cisco - because a lot of other VLANs go from the 460 to the 8800)
0 Kudos

OscarK
Extreme Employee

‎09-28-2016 11:43 AM

Only when you make the X460 do MLAG you can add the ports in a channel group.
If the X460 do not do MLAG you need to have a redundancy protocol to prevent loops.
You can however make the ports a trunk as you will put tagged frames on it.
0 Kudos
GTM-P2G8KFN