Wired

last person joined: yesterday 

Bring performance and reliability to your network with the Aruba Core, Aggregation, and Access layer switches. Discuss the latest features and functionality of the ArubaOS-Switch and ArubaOS-CX devices, and find ways to improve security across your network to bring together a mobile first solution.
Expand all | Collapse all

Stacking 2 x 8320's

  • 1.  Stacking 2 x 8320's

    Posted Feb 06, 2019 06:39 PM

    Hi,

     

    I have a couple of 8320's that i want to stack. I've spent the last 2 hours reading up on VSX documentation with 2 core and aggregate switches etc. and come to the conclusion i need to create a lag on each switch and make them an ISL's and nominate a primary and secondary switch but i dont think that will achieve what i want. i simply just want to stack them like you would 2 2930F's using VSF. Can somebody tell me the best way to achieve this, or nearest way to achieve this. This isnt going to be a complex network. Im going to attach 5 edge switches to this "core" via trunks and also do the same with 6 ESXi hosts and a SAN, using VLANs etc. simple.

     

    Thanks!!



  • 2.  RE: Stacking 2 x 8320's

    Posted Feb 06, 2019 07:25 PM

    HI 8320's dont Stack like VSF they will be two independently managed switches but will act as one logical switch from the perspective of the downstream 2930F's .

     

    Here is an example config 

    ================================

    8320-SW01

    ================================

    interface lag 10
    no shutdown
    no routing
    vlan trunk native 1 tag
    vlan trunk allowed 10,20,30
    lacp mode active
    interface lag 20 multi-chassis
    no shutdown
    no routing
    vlan trunk native 1
    vlan trunk allowed 10,20

    --------------------------------------------

    vsx
    inter-switch-link lag 10
    role primary #This Actually Turns on VSX
    keepalive peer 10.1.1.2 source 10.1.1.1 # This line is optional and doesnt have to be a directly connected link between the switches its just an Ip address thats on both switches and is reachable 

    -------------------------------------------

    interface 1/1/1
    no shutdown
    lag 20
    interface 1/1/2
    no shutdown
    lag 10
    interface 1/1/3
    no shutdown
    lag 10

     

     

    ================================

    8320-SW02

    ================================

     

    interface lag 10
    no shutdown
    no routing
    vlan trunk native 1 tag
    vlan trunk allowed 10,20,30
    lacp mode active
    interface lag 20 multi-chassis
    no shutdown
    no routing
    vlan trunk native 1
    vlan trunk allowed 10,20
    lacp mode active

    -------------------------------------------

    vsx
    inter-switch-link lag 10
    role secondary
    keepalive peer 10.1.1.1 source 10.1.1.2

    --------------------------------------------

    interface 1/1/1
    no shutdown
    lag 20
    interface 1/1/2
    no shutdown
    lag 10
    interface 1/1/3
    no shutdown
    lag 10

     

     

    This Configuration will get the two Devices up in an VSX configuration But the down stream device will not actually see them as the same Logial switch until you take advantage of the Active gateway under a particular Vlan, the active gateway address is similar to a VRRP Virtual IP. This Configuration has to be on both switches as well

    ========================================

    8320-SW01

    ========================================

    interface vlan10
    ip address 10.10.10.2/24
    active-gateway ip 10.10.10.1 mac 48:00:00:00:10:10
    interface vlan20
    ip address 10.20.20.2/24
    active-gateway ip 10.20.20.1 mac 48:00:00:00:20:20

     

    ========================================

    8320-SW02

    ========================================

    interface vlan10
    ip address 10.10.10.3/24
    active-gateway ip 10.10.10.1 mac 48:00:00:00:10:10
    interface vlan20
    ip address 10.20.20.3/24
    active-gateway ip 10.20.20.1 mac 48:00:00:00:20:20

     

     

     

    Once this is all set up and configured the down stream 2930F's well see the two swotches as  one logical switch but they two independent switches. 



  • 3.  RE: Stacking 2 x 8320's

    Posted Feb 06, 2019 07:46 PM

    @ClarenceHillard2 wrote:

    This Configuration will get the two Devices up in an VSX configuration But the down stream device will not actually see them as the same Logial switch until you take advantage of the Active gateway under a particular Vlan, the active gateway address is similar to a VRRP Virtual IP.


    That's not totally correct: VSX deployed without Active Gateway - in a "simple" Layer 2 switching implementation scenario - is seen as a single entity from downstream switches/hosts once those are connected via traditional LACP aggregated ports (LAGs aka Trunks) to VSX members...in other words...Active Gateway just kicks in when VSX has Layer 3 duties too.

     

    It's not clear from OP post if Layer 3 functionalities (IP Routing) are needed and, if so, they should be in charge of the VSX.

     

    For sure VSX is not like VSF from the point of view of management plane. Also, VSX configuration requires more attention (it's like Distributed Trunking on steroids)...no matter if you just stop at Layer 2 (which is essential) or you go up by implementing Layer 3 features on it.



  • 4.  RE: Stacking 2 x 8320's

    Posted Feb 07, 2019 03:26 AM
    These switches are going to be doing layer 3 duties yes. I was going to configure VLAN interfaces for routing between the VLANs.


  • 5.  RE: Stacking 2 x 8320's

    Posted Feb 07, 2019 03:51 AM

    I read that document last night and by the looks of it I'm wanting to setup an ISL and active active gateway. All documentation has more than one switch as the keep alive can't go over the ISL? So is it possible to configure VSX properly with 2 switches, layer 2 & 3?



  • 6.  RE: Stacking 2 x 8320's

    Posted Feb 07, 2019 05:44 AM

    @strabries wrote: ...I'm wanting to setup an ISL and active active gateway.

    You simply don't want to setup an ISL...you must setup an ISL to form VSX.

     

    VSX requires (as best practices):

    • a LAG with fast physical interfaces devoted to ISL (generally one would use and aggregate DACs on fastest ports Aruba 8320 offers...nobody will block you if you're going to use simple SFP+ interfaces). Generally use LAG 128 (last LAG id available so you can start with LAG Id 1 upwards for VSX LAGs to downstream/upstream devices).
    •  a Keepalive dedicated link (or a dedicated LAG), avoid to use the ISL for Keepalive peering.
    • VSX LAGs (Multi-Chassis LAGs) to upstream/downstream devices with - at least - VLAN synchronization.

    @strabries wrote: All documentation has more than one switch as the keep alive can't go over the ISL?

    As said...Keepalive should go over a dedicated link (directly - preferred - or indirect - via a third switch) and not use the ISL.



  • 7.  RE: Stacking 2 x 8320's

    Posted Feb 07, 2019 06:10 AM

    Yes so im going to create an ISL using 2 x 40GB DACs, then run another 10GbE SFP link across for the keepalive to avoid splitbrain, im confortable now ive read the documentation step by step (i think!). So im going to be connecting 6 x DL380's each with 4 x10GbE nics (ESXi) so i was going to (if they were stacked like with VSF) attach 2 to each switch. Would i greate a lag for each and assign 2 interfaces which would sync over to the secondary switch and then connect the 4 10GbE nics? Also connecting a HPE Nimble SAN to the same switches same thing. Any advice appreciated so far!

     

    thanks!



  • 8.  RE: Stacking 2 x 8320's

    Posted Feb 07, 2019 07:22 AM

    @strabries wrote:

    Yes so im going to create an ISL using 2 x 40GB DACs, then run another 10GbE SFP link across for the keepalive to avoid splitbrain, im confortable now ive read the documentation step by step (i think!). So im going to be connecting 6 x DL380's each with 4 x10GbE nics (ESXi) so i was going to (if they were stacked like with VSF) attach 2 to each switch. Would i greate a lag for each and assign 2 interfaces which would sync over to the secondary switch and then connect the 4 10GbE nics? Also connecting a HPE Nimble SAN to the same switches same thing. Any advice appreciated so far!

     

    thanks!


    for ESXi, you don't need to make LACP

     



  • 9.  RE: Stacking 2 x 8320's

    Posted Feb 07, 2019 07:25 AM

    So would i just connect my 4 NICS to my 2 8320's and make each interface a trunk port passing my VLANs?



  • 10.  RE: Stacking 2 x 8320's

    Posted Feb 07, 2019 07:32 AM

    @strabries wrote:

    So would i just connect my 4 NICS to my 2 8320's and make each interface a trunk port passing my VLANs?


    Yes !



  • 11.  RE: Stacking 2 x 8320's

    Posted Feb 07, 2019 07:48 AM

    It depends: If you have ESXi enterprise, you can use distributed vswitch and use LACP so you can have 2x10G on 1 SW and 2x10G on the other siwthc, all these 4x10G being in the same MCLAG (VSX LAG). If you want to use LACP on ESXi, indeed, you do not need VSX LAG. But you 'll get better load idstribution with LACP or course.



  • 12.  RE: Stacking 2 x 8320's

    Posted Feb 07, 2019 07:53 AM

    Yes i have seen this done at a previous company using Cisco Nexus switches. I will try it out i think, makes sense as i am using vDS.



  • 13.  RE: Stacking 2 x 8320's

    Posted Feb 07, 2019 08:17 AM

    @vincent.giles wrote:

    It depends: If you have ESXi enterprise, you can use distributed vswitch and use LACP so you can have 2x10G on 1 SW and 2x10G on the other siwthc, all these 4x10G being in the same MCLAG (VSX LAG). If you want to use LACP on ESXi, indeed, you do not need VSX LAG. But you 'll get better load idstribution with LACP or course.


    Yes, it is possible but no mandatory... (for ESXi...)



  • 14.  RE: Stacking 2 x 8320's

    Posted Feb 07, 2019 08:27 AM

    I think reading the HPE SimpliVity Cluster with ArubaOS-CX Switch (VSX) interoperability guide would be illuminating (OK it's not HPE Nimble, but HPE Simplivity ...which is the hyperconverged solution...but there is for sure something interesting to read about VSX and ESX).



  • 15.  RE: Stacking 2 x 8320's

    Posted 17 days ago
    Hallo Parnassus. Is there a way to receive the guide you refer to? The link doesn't work for me. Thank you. Paul

    ------------------------------
    Paul Wade
    ------------------------------



  • 16.  RE: Stacking 2 x 8320's

    Posted 17 days ago
    Hi Paul, me too. So, try from here. Davide.

    ------------------------------
    Davide Poletto
    ------------------------------



  • 17.  RE: Stacking 2 x 8320's

    Posted Feb 07, 2019 07:57 AM

    If OP do want to use LACP Trunking on its ESXi (and/or Nimble) ethernet interfaces then he needs to use VMware vDS instead of VMware vSS ESXi side...otherwise he will not be able to use LACP Trunking and so it will not be able to use it against VSX (if running ArubaOS-CX 10.01).

     

    There is a possible escape path to test...use Non-Protocol Trunking links aggregation (also called Static Trunking)...so use vSS...and then benefit of the new static (so non LACP Trunking) VSX LAGs support introduced with ArubaOS-CX 10.02...this requires that VSX is built with two Aruba 8320 running ArubaOS-CX 10.02.

     

    ArubaOS-CX 10.02 VSX should permit that, ArubaOS-CX 10.01 VSX instead requires mandatory LACP Trunking usage on upstream/downstream hosts/devices.

     

    Or...forget about any links aggregation switch side (so neither LACP Trunking nor Non-Protocol Trunking) and follow the suggestion provided by Alexis.



  • 18.  RE: Stacking 2 x 8320's

    Posted Feb 06, 2019 07:54 PM

    Pay attention that example configuration proposed above it's just an example so take it as it is: it lacks indeed of few essential prerequisites about VSX ISL and VSX Keepalive to be really "ready for a production site". See VSX Deep Dive and VSX Best Practices guides (VSX Configuration Guide)...there is a lot to say on how correctly configure a VSX to have it rock solid for further deployments at Layer 2 and 3 levels.



  • 19.  RE: Stacking 2 x 8320's

    Posted Feb 07, 2019 05:20 AM

    delete



  • 20.  RE: Stacking 2 x 8320's

    Posted Feb 07, 2019 12:06 PM

    Just To be Clear for anyone in the future that might read this post The config above is what is needed to run VSX but there are some safety gaurds we have in additon to VSX like Loop protect, we also recommend to run and the keep alive etc. Reason being Spanning tree does not work with VSX there are some othere details that are dug into in the VSX 10.1 guide as well

     

    There are also Some other features like Config Sync that I left out.



  • 21.  RE: Stacking 2 x 8320's

    Posted Feb 07, 2019 12:18 PM

    Just to add: MSTP works with VSX in 10.2.



  • 22.  RE: Stacking 2 x 8320's

    Posted Apr 06, 2019 02:23 PM

    Just my 2 cents.

     

    - Note that for KeepAlive 1 GB/s is sufficient

    - for MSTP you have to configure both VSX-Members with the SAME priority (otherwise ISL goes in blocking state)

    - on the MCLAG you can also set a "vlan trunk allowed all" command (if you want)

     

    Andy

     



  • 23.  RE: Stacking 2 x 8320's

    Posted Apr 08, 2019 06:14 AM

    Most importantly, you have to configure the same vsx system-mac

    which is used as the bridge-ID in STP calculation.