Wired

This is a quick note on how to configure VSX and MC-LAG in two tier topology.

Topology Diagram:

For initial setup of ArubaOS-CX Switch, please refer the below page.

https://community.arubanetworks.com/t5/Wired-Intelligent-Edge-Campus/ArubaOS-CX-Switches-Configuring-for-initial-access-and/td-p/526080

How to configure VSX and MC-LAG ?

Aruba Virtual Switching Extension (VSX) is virtualization technology for aggregation/core switches running the ArubaOS-CX operating system.
VSX virtualizes the control plane of two aggregation switches to function as one device at layer 2 and as independent devices at layer 3. From a datapath perspective, each device does an independent forwarding lookup to decide how to handle traffic.

Creating the VSX LAG:
Create the required VLANs
vlan 200
vlan 250

Create the ISL interface
interface lag 256
description ISL link for VSX
no shutdown
no routing
vlan trunk native 250
vlan trunk allowed 200,250
lacp mode active

Add a physical interface into the LAG
interface 1/1/52
description vsx-link
no shutdown
lag 256
interface 1/1/53
description vsx-link
no shutdown
lag 256

Enable the interface for keepalive communication
interface 1/1/1
description heartbeat-link
no shutdown
ip address 192.168.255.1/24
ipv6 address link-local

Goto the VSX context, set the role of switch(Primary/Secondary), Enable ISL and Enable Keepalive.
vsx
inter-switch-link lag 256
role primary
keepalive peer 192.168.255.2 source 192.168.255.1
vsx-sync copp-policy dns snmp static-routes time

Configure the Multi-Chassis LAG:
interface lag 1 multi-chassis
vsx-sync vlans
description MC-LAG
no shutdown
no routing
vlan trunk native 250
vlan trunk allowed all
lacp mode active

Add physical interfaces into the multichassis interface
interface 1/1/31
no shutdown
lag 1

Create an active gateway SVI
interface vlan250
vsx-sync active-gateways
ip address 10.10.250.11/24
active-gateway ip 10.10.250.1 mac 00:00:00:00:83:20
interface vlan200
vsx-sync active-gateways
ip address 10.200.1.11/24
active-gateway ip 10.200.1.1 mac 00:00:00:00:83:21

Repeat the previous steps for the secondary switch.

Configuration on the Access Switch (ArubaOS-Switch)

trunk 1/A1-1/A2 trk1 lacp
vlan 200
name "VLAN200"
tagged Trk1
ip address 10.200.1.13 255.255.255.0
exit
vlan 250
name "VLAN250"
untagged Trk1
ip address 10.10.250.13 255.255.255.0
exit

Verification:

show vsx brief

show lacp interfaces

show vsx status

show lacp (From Access Switch)

Statistics Commands:

show vsx statistics interface lag256
show vsx statistics interface lag1

Hope you find this post useful.  Please post your feedback !

Great post, I just completed the exact design with all CX platform using GNS3. 

Great write up. Just set this up in my lab. 

What program did you use to map out the topology? I'm about to build one and was just curious if you used something other than visio. 

I used a tool called Intangi Iris.

Can you do 14 x VSX Lags, say to 14 IDF's in a warehouse with this topology using this two VSX pair in this two tier toplogy? I have two large warehouses where I purchased 4 Aruba 8320 48 port.  My thought was two for each building.  I also bought 40 x 2930F - 2 for for each IDF.  

Hi,

Yes and no...

Because you can have only 2 switch on a VSX

Do you have a schema what do you plan to make ?

Yes, i will be work

(but there is the 2 other 8320 ?)

Yes, there are two more 8320 in the other building.  They will be connected via LACP Trunk using 2 x QSFTP Modules.  That will be OK?

Thank you so much for responding.  :-)

---

@bygrob77 wrote:

Yes, there are two more 8320 in the other building.  They will be connected via LACP Trunk using 2 x QSFTP Modules.  That will be OK?

 

Thank you so much for responding.  :-)

 

 

---

2930F/M will no be connected on this other 8320?

Yes, there will be 2 x 2930F on the 2 x 8320 in second building but only for access ports, no routing.  Will that be OK?

---

@bygrob77 wrote:

Yes, there will be 2 x 2930F on the 2 x 8320 in second building but only for access ports, no routing.  Will that be OK?

---

Yes !

THANK YOU SO MUCH! YOU ARE AWESOME!

The following picture is of my current setup.  My post is about a question I have towards the original setup created by Kapildev Erampu or what documentation calls "Small Campus Toplogy".

Question about this setup created by Kapildev Erampu.

Open for anyone to answer or provide feedback.  

I am in the midst of a setup and things are not clear, but I am almost there.  :-)

In this setup VSX LAG 1 (MC-LAG) is set = Truck Native VLAN 250.  VSX-LAG 1 is also set = Trunk Allowed to: All (which include 1, 200 and 250).  

Say for example, if you created VSX LAG 2, VSX LAG 3, and 

VSX LAG 4 (MC-LAGS).  

VSX LAG 1 (Already in-pace) = IP: 10.200.1.11/24 AG IP: 10.200.1.1

**Would the following apply?**

VSX LAG 2 = IP: 10.2.1.11/24 AG IP: 10.2.1.1

VSX LAG 3 = IP: 10.3.1.11/24 AG IP: 10.3.1.1

VSX LAG 4 = IP: 10.4.1.11/24 AG IP: 10.4.1.1

In other words would my number of Active-Gateways go up per VSX LAG (MC-LAG)?

Moreover, does that mean that VSX LAG 2 has to be set on [Interface VLAN 2]?  And VSX LAG 3 set on [Interface VLAN 3]?  And VSX LAG 4 set on [Interface VLAN 4]? All configured similarly to how VSX LAG 1 is configured on [Interface VLAN 200], per this setup?

And with all that said, would it also mean to set: VLAN trunk Native 250 on [Interface lag 2, 3, and 4] with trunk allowed all + lacp mode active? Similar to how Native VLAN 250 is set on [Interface lag 1], per this setup?

To conclude this question, I have doubts and I will not deny that I could be completely wrong and not seeing the technology correctly.  If so, please say so.  The examples in the best practices documentation only use 1 MC-LAG and really don't elaborate for enviornments like a 1 million square foot warehouse where I will have up to 14 IDF's with 2x Aruba 2930F for access ports.  My thoughts are to create LAG 1 thru 14 to interconnect each IDF back to the VSX pair.  

In my office I have a VSX Pair, configured identically to this example provided by: Kapildev Erampu, but the only difference is that VSX LAG 1 has 2 x Aruba 2930F in VSF.  

I have configured an access port on the Aruba 2930F on VLAN 250 (Native).  I plugged in a laptop and gave it IP: 10.10.250.200/24 with GW IP: 10.10.250.1.  I am able to ping the gateway.  

* VSX is status and brief show operational, in-sync, peer_reachable.

* VSX consistency shows L3-CORE, and VLAN List match.

* VSX statistics on lag256 state: active, native-untagged, (speed 80000) counters are all for error, dropped and CRC/FCS are zero.

* If I add a VLAN is is sync immediately.

* Show LACP aggregates state active, slow, hash: l3-src-dat

* On the 2930F, I ran show LACP and the links are success.

* On the 8320, I ran show LCAP interfaces - see below.

Actor details of all interfaces:

------------------------------------------------------------------------------
Intf Aggr Port Port State System-ID System Aggr Forwarding
Name Id Pri Pri Key State
------------------------------------------------------------------------------
1/1/1 lag1(mc) 1 1 ALFNCD d0:67:26:a5:f9:90 65534 1 up
1/1/2 lag1(mc) 2 1 ALFNCD d0:67:26:a5:f9:90 65534 1 up
1/1/52 lag256 53 1 ALFNCD d0:67:26:a5:f9:90 65534 256 up
1/1/53 lag256 54 1 ALFNCD d0:67:26:a5:f9:90 65534 256 up

Partner details of all interfaces:
------------------------------------------------------------------------------
Intf Aggr Port Port State System-ID System Aggr
Name Id Pri Pri Key
------------------------------------------------------------------------------
1/1/1 lag1(mc) 51 0 ALFNCD 38:21:c7:aa:44:8b 17547 532
1/1/2 lag1(mc) 104 0 ALFNCD 38:21:c7:aa:44:8b 17547 532
1/1/52 lag256 53 1 ALFNCD d0:67:26:a5:74:b0 65534 256
1/1/53 lag256 54 1 ALFNCD d0:67:26:a5:74:b0 65534 256