Wired

last person joined: 4 hours ago 

Bring performance and reliability to your network with the Aruba Core, Aggregation, and Access layer switches. Discuss the latest features and functionality of the ArubaOS-Switch and ArubaOS-CX devices, and find ways to improve security across your network to bring together a mobile first solution.
Expand all | Collapse all

Interconnect 2 ArubaOS-CX VSX clusters with LACP

  • 1.  Interconnect 2 ArubaOS-CX VSX clusters with LACP

    Posted Jul 27, 2020 11:13 AM

    Hi All,

     

    I'm preparing a setup and wanted to check best practises for interconnecting 2 VSX clusters to eachother at Layer 2

     

     

    The topology looks like this:

    Site 1 is a VSX cluster and Site 2 is a VSX cluster.

    We want to stretch L2 over the 2 clusters, but only have 2 links between the 2 sites. I want to have the 2 interconnecting links as a LACP for redundancy/bandwith.

     

     

    thomasnass_0-1595862082821.png

    I was wondering what the best approach is here.
    If I configure a non-VSX LAG on all the switches (so LAG 1 on all the 4 Switches) , 1 of the links goes into blocking.

     

    As this is not a fully meshed setup in terms of links, do I still use the MCLAG/ VSX LAG ?

     

    I was testing this with the virtual CX platform, and get some strange things.

     
     

    I simulated a link failure between SITE1-VSX1 and SITE2-VSX1.

     

    failed link.jpg

    when pinging from SITE2-VSX2 to SITE1-VSX1, I get duplicate replies

    SITE2-VSX2 output.jpg

     

    So any advise regarding best practises is welcome

     


    Thanks



  • 2.  RE: Interconnect 2 ArubaOS-CX VSX clusters with LACP

    Posted Jul 28, 2020 07:00 AM

    Hi!

     

    Your scenario (it's "Back-to-Back" VSX Stacks, isn't it?) requires to setup VSX LAGs between VSX Stacks, you can't work with "simple" (non-VSX) LAGs.

     

    Each VSX Stack member is going to have its VSX LAG (say vsx lag1 made of 1/1/4 on Site 1 VSX-1 and also on VSX-2 and say vsx lag1 made of 1/1/4 on Site 2 VSX-1 and also on VSX-2) and those VSX LAGs, from each VSX, are going to see the peer VSX Stack as they will see an anonymous 3rd switch (de facto the VSX appears as an unique switch entity to any 3rd party switch thus it appears as an unique entity to an another VSX Stack too, and vice-versa...the point is that an anonymous 3rd party switch will use a simple Static/LACP port aggregation instead of a VSX LAG). In any case try to use LACP (VSX LAGs with LACP, not static).

     

    I would probably cross the involved physical links that way:

     

    • Site 1 VSX-1 (VSX LAG 1) port 1/1/4 <--> port 1/1/4 (VSX LAG 1) VSX-2 Site 2
    • Site 1 VSX-2 (VSX LAG 1) port 1/1/4 <--> port 1/1/4 (VSX LAG 1) VSX-1 Site 2

    All the above without knowing how and where traffic is going to flow in order to understand if cross connections will fit the bill or not (VSX helps to keep egress traffic local: if the incoming traffic is going to hit the VSX-1 the outgoing traffic is going to egress from the same node, most of the time).



  • 3.  RE: Interconnect 2 ArubaOS-CX VSX clusters with LACP

    Posted Jul 28, 2020 07:50 AM

    Hi,

     

    Thanks for your reply.
    So you would connect it like this ?

    thomasnass_0-1595936744968.png

     

    If I understand you correctly, I need to create 2 VSX LAGs, on on site 1 (VSX LAG nr 10)  and another on site 2 (VSX LAG nr 20) ?

     

    Wil the fact that not all switches are connected be an issue ?

    Say for example I make VSX LAG10 with site1-vsx1, site1-vsx2 and site2-vsx2 (this last one being the "3rd party" not aware of VSX LAG) , there is no connection between site1-vsx2 and site2-vsx2.
    So i'm not sure how this will work then.

    In this scenario, do I create a normal LAG on the site2-vsx2 , or still a VSX LAG ?

     

    Thanks for your help !

     



  • 4.  RE: Interconnect 2 ArubaOS-CX VSX clusters with LACP

    Posted Jul 28, 2020 02:14 PM

    @thomasnass wrote:

    Hi,

     

    Thanks for your reply.
    So you would connect it like this ?

    thomasnass_0-1595936744968.png

     


    Yes, it's correct. That's just a suggestion. The fact you don't have four physical links between both VSX clusters prevents you to do a full meshed connectivity where "all are connected to all" to limit SPoF (in terms of both VSX member and inter-VSX Cluster links availability).


    @thomasnass wrote:

    If I understand you correctly, I need to create 2 VSX LAGs, on on site 1 (VSX LAG nr 10)  and another on site 2 (VSX LAG nr 20) ?

     


    Exactly. VSX LAGs can have the very same id, it is mandatory that within the same VSX the VSX LAG you're going to create use the same lag id...but VSX LAGs belonging to different VSX domains can have equal or different lag id(s)...since they will belong to different VSX Clusters there is no a specific requirement to have them different or equal, you're just free about that...the important thing is that within the same VSX Cluster you use the same lag id to build your VSX LAG stretched to VSX Members (Site 1: VSX LAG with id 10: on VSX-1 VSX LAG 10 with member port 1/1/4, on VSX-2 VSX LAG 10 with member port 1/1/4).

     

    To be honest the "symmetry" on port 1/1/4 (within the same VSX domain) is not mandatory...but it simplifies the way you look at the VSX LAG as an object.


    @thomasnass wrote: Wil the fact that not all switches are connected be an issue ?

    See above.


    @thomasnassSay for example I make VSX LAG10 with site1-vsx1, site1-vsx2 and site2-vsx2 (this last one being the "3rd party" not aware of VSX LAG) , there is no connection between site1-vsx2 and site2-vsx2.

    So i'm not sure how this will work then.

    In this scenario, do I create a normal LAG on the site2-vsx2 , or still a VSX LAG ?

     

    Thanks for your help !

     


    You can't...or better you can invent such scenario but it will be not correct...you have to remember that you are dealing with two separated VSX Clusters (one on site 1 and the other on site 2). This is your design. The example would instead be: what will happen if you're going to lose a VSX node on a particular VSX Cluster?

     

    Once you have a VSX Cluster you have to work with VSX LAGs if you're planning to connect (and present) both VSX Members to the peer switch entity (whatever it is: a Server with a NIC with bonded7teamed ports, a physical Switch with a LAG LACP/Static or another Virtual Switch made by VSF, IRF or VSX technology...just to name few ones)...so you can't design a VSX connected to another VSX by means of a "simple" LAG...since the "simple" LAG approach is used to connect a single VSX Member to a peer device...which is want you don't want.



  • 5.  RE: Interconnect 2 ArubaOS-CX VSX clusters with LACP

    Posted Jul 28, 2020 04:17 PM

    Do you have using Active Gateway ?



  • 6.  RE: Interconnect 2 ArubaOS-CX VSX clusters with LACP

    Posted Jul 28, 2020 05:38 PM

    @ alagoutte,

     

    I plan to use it surely on the same VSX cluster, not sure if it will span the 4 switches.

     

    Regards



  • 7.  RE: Interconnect 2 ArubaOS-CX VSX clusters with LACP

    Posted Jul 28, 2020 09:42 PM

    Initially you wrote that you wanted to stretch Layer 2 ("We want to stretch L2 over the 2 clusters")...so here it's a matter of clarifying what is the real purpose behind the physical interconnection of two separated VSX clusters.

     

    If you need to extend at Layer 2 some VLANs from one site to the other we need to imply that somewhere (on the VSX at Site 1? on VSX at Site 2? elsewhere not in the picture?) there is a Core responsible for IP routing...and VLANs could propagate at Layer 2 from that Core...OR...but this shouldn't be your case...you have two Layer 3 domains (VSX routes on Site 1 and VSX routes on Site 2) and you want them to route each others.

     

    Since you wrote you wanted to stretch Layer 2 then LACP both Back-to-Back VSX is OK and over that VSX LAGs you need to permit VLANs you want transported between both VSX (clearly here we imply that VLANs are somewhat equals on both VSX Clusters but only one VSX Cluster - or another Core somewhere - is responsible for their IP Routing).



  • 8.  RE: Interconnect 2 ArubaOS-CX VSX clusters with LACP

    Posted Aug 03, 2020 09:40 AM

    Please note that each VSX cluster can advertise (route) same subnet configured on SVI with same Active-Gateway shared between the 4 CX nodes, as described in Appendix F in the following document:

    https://support.hpe.com/hpsc/doc/public/display?docId=a00094242en_us

     



  • 9.  RE: Interconnect 2 ArubaOS-CX VSX clusters with LACP

    Posted Jul 28, 2020 05:34 PM

    Thanks again,

     

    I will try your suggestions in the lab tomorrow !

     

    Regards