Wired Intelligent Edge

Hi 

My understanding of this is, that indeed you will end up with an L2 loop. Given that the VLANs forwarded through the LACP links to your Aruba VSX cluster are also forwarded on the VLT link, this builds a loop. 

You have the following options to remove the looping topology and replace it by a loop-free network:

• only connect the "left" ToR switch (e.g. ToR1 and ToR3) to the left CX8325 and not to the right CX8325 anymore. Do the same for the "right" ToR switch (e.g. ToR2 and ToR4) and remove the link to the left CX. Span the LAG across the two ToR (1/2 resp. 3/4) and configure an MCLAG (interface lag XX multi-chassis) on the CX side. 
• if you like to have full-meshed connectivity, span the LAG across all four links (instead of having two LAGs per ToR pair) and configure MC-LAG again on the CX side. 

Whether or not you may get a loop on L3 is not possible to say by the information we have here. Most probably not as you may only forward VLANs from the ToR to the CX and not configure any kind of routing on the ToR switches. 

VSX and VLT should not cause a problem to each other as long as properly configured. 

It's a best practice to use LACP for port-channels / LAGs. So go ahead with it ;-). 

Regards, 
Thomas

Original Message:
Sent: Aug 28, 2023 01:49 PM
From: flyturk
Subject: Aruba VSX and VLT - VPC Compatibility

Hi Thomas , thanks for your reply

Actually the design is like this, but does this cause L2 loop? 

if you want I can send to you detail configuration

Hi 

My understanding of this is, that indeed you will end up with an L2 loop. Given that the VLANs forwarded through the LACP links to your Aruba VSX cluster are also forwarded on the VLT link, this builds a loop. 

You have the following options to remove the looping topology and replace it by a loop-free network:

• only connect the "left" ToR switch (e.g. ToR1 and ToR3) to the left CX8325 and not to the right CX8325 anymore. Do the same for the "right" ToR switch (e.g. ToR2 and ToR4) and remove the link to the left CX. Span the LAG across the two ToR (1/2 resp. 3/4) and configure an MCLAG (interface lag XX multi-chassis) on the CX side. 
• if you like to have full-meshed connectivity, span the LAG across all four links (instead of having two LAGs per ToR pair) and configure MC-LAG again on the CX side. 

Whether or not you may get a loop on L3 is not possible to say by the information we have here. Most probably not as you may only forward VLANs from the ToR to the CX and not configure any kind of routing on the ToR switches. 

VSX and VLT should not cause a problem to each other as long as properly configured. 

It's a best practice to use LACP for port-channels / LAGs. So go ahead with it ;-). 

Regards, 
Thomas

Original Message:
Sent: Aug 28, 2023 01:49 PM
From: flyturk
Subject: Aruba VSX and VLT - VPC Compatibility

Hi Thomas , thanks for your reply

Actually the design is like this, but does this cause L2 loop? 

if you want I can send to you detail configuration

Hi 

My understanding of this is, that indeed you will end up with an L2 loop. Given that the VLANs forwarded through the LACP links to your Aruba VSX cluster are also forwarded on the VLT link, this builds a loop. 

You have the following options to remove the looping topology and replace it by a loop-free network:

• only connect the "left" ToR switch (e.g. ToR1 and ToR3) to the left CX8325 and not to the right CX8325 anymore. Do the same for the "right" ToR switch (e.g. ToR2 and ToR4) and remove the link to the left CX. Span the LAG across the two ToR (1/2 resp. 3/4) and configure an MCLAG (interface lag XX multi-chassis) on the CX side. 
• if you like to have full-meshed connectivity, span the LAG across all four links (instead of having two LAGs per ToR pair) and configure MC-LAG again on the CX side. 

Whether or not you may get a loop on L3 is not possible to say by the information we have here. Most probably not as you may only forward VLANs from the ToR to the CX and not configure any kind of routing on the ToR switches. 

VSX and VLT should not cause a problem to each other as long as properly configured. 

It's a best practice to use LACP for port-channels / LAGs. So go ahead with it ;-). 

Regards, 
Thomas

Original Message:
Sent: Aug 28, 2023 01:49 PM
From: flyturk
Subject: Aruba VSX and VLT - VPC Compatibility

Hi Thomas , thanks for your reply

Actually the design is like this, but does this cause L2 loop? 

if you want I can send to you detail configuration

Hi 

My understanding of this is, that indeed you will end up with an L2 loop. Given that the VLANs forwarded through the LACP links to your Aruba VSX cluster are also forwarded on the VLT link, this builds a loop. 

You have the following options to remove the looping topology and replace it by a loop-free network:

• only connect the "left" ToR switch (e.g. ToR1 and ToR3) to the left CX8325 and not to the right CX8325 anymore. Do the same for the "right" ToR switch (e.g. ToR2 and ToR4) and remove the link to the left CX. Span the LAG across the two ToR (1/2 resp. 3/4) and configure an MCLAG (interface lag XX multi-chassis) on the CX side. 
• if you like to have full-meshed connectivity, span the LAG across all four links (instead of having two LAGs per ToR pair) and configure MC-LAG again on the CX side. 

Whether or not you may get a loop on L3 is not possible to say by the information we have here. Most probably not as you may only forward VLANs from the ToR to the CX and not configure any kind of routing on the ToR switches. 

VSX and VLT should not cause a problem to each other as long as properly configured. 

It's a best practice to use LACP for port-channels / LAGs. So go ahead with it ;-). 

Regards, 
Thomas

Original Message:
Sent: Aug 28, 2023 01:49 PM
From: flyturk
Subject: Aruba VSX and VLT - VPC Compatibility

Hi 

My understanding of this is, that indeed you will end up with an L2 loop. Given that the VLANs forwarded through the LACP links to your Aruba VSX cluster are also forwarded on the VLT link, this builds a loop. 

You have the following options to remove the looping topology and replace it by a loop-free network:

• only connect the "left" ToR switch (e.g. ToR1 and ToR3) to the left CX8325 and not to the right CX8325 anymore. Do the same for the "right" ToR switch (e.g. ToR2 and ToR4) and remove the link to the left CX. Span the LAG across the two ToR (1/2 resp. 3/4) and configure an MCLAG (interface lag XX multi-chassis) on the CX side. 
• if you like to have full-meshed connectivity, span the LAG across all four links (instead of having two LAGs per ToR pair) and configure MC-LAG again on the CX side. 

Whether or not you may get a loop on L3 is not possible to say by the information we have here. Most probably not as you may only forward VLANs from the ToR to the CX and not configure any kind of routing on the ToR switches. 

VSX and VLT should not cause a problem to each other as long as properly configured. 

It's a best practice to use LACP for port-channels / LAGs. So go ahead with it ;-). 

Regards, 
Thomas

Original Message:
Sent: Aug 28, 2023 01:49 PM
From: flyturk
Subject: Aruba VSX and VLT - VPC Compatibility

BB1 -->ARUBA CX 1

BB2-->ARUBA CX 2

Hi 

My understanding of this is, that indeed you will end up with an L2 loop. Given that the VLANs forwarded through the LACP links to your Aruba VSX cluster are also forwarded on the VLT link, this builds a loop. 

You have the following options to remove the looping topology and replace it by a loop-free network:

• only connect the "left" ToR switch (e.g. ToR1 and ToR3) to the left CX8325 and not to the right CX8325 anymore. Do the same for the "right" ToR switch (e.g. ToR2 and ToR4) and remove the link to the left CX. Span the LAG across the two ToR (1/2 resp. 3/4) and configure an MCLAG (interface lag XX multi-chassis) on the CX side. 
• if you like to have full-meshed connectivity, span the LAG across all four links (instead of having two LAGs per ToR pair) and configure MC-LAG again on the CX side. 

Whether or not you may get a loop on L3 is not possible to say by the information we have here. Most probably not as you may only forward VLANs from the ToR to the CX and not configure any kind of routing on the ToR switches. 

VSX and VLT should not cause a problem to each other as long as properly configured. 

It's a best practice to use LACP for port-channels / LAGs. So go ahead with it ;-). 

Regards, 
Thomas

Original Message:
Sent: Aug 28, 2023 01:49 PM
From: flyturk
Subject: Aruba VSX and VLT - VPC Compatibility

Hi 

My understanding of this is, that indeed you will end up with an L2 loop. Given that the VLANs forwarded through the LACP links to your Aruba VSX cluster are also forwarded on the VLT link, this builds a loop. 

You have the following options to remove the looping topology and replace it by a loop-free network:

• only connect the "left" ToR switch (e.g. ToR1 and ToR3) to the left CX8325 and not to the right CX8325 anymore. Do the same for the "right" ToR switch (e.g. ToR2 and ToR4) and remove the link to the left CX. Span the LAG across the two ToR (1/2 resp. 3/4) and configure an MCLAG (interface lag XX multi-chassis) on the CX side. 
• if you like to have full-meshed connectivity, span the LAG across all four links (instead of having two LAGs per ToR pair) and configure MC-LAG again on the CX side. 

Whether or not you may get a loop on L3 is not possible to say by the information we have here. Most probably not as you may only forward VLANs from the ToR to the CX and not configure any kind of routing on the ToR switches. 

VSX and VLT should not cause a problem to each other as long as properly configured. 

It's a best practice to use LACP for port-channels / LAGs. So go ahead with it ;-). 

Regards, 
Thomas

Original Message:
Sent: Aug 28, 2023 01:49 PM
From: flyturk
Subject: Aruba VSX and VLT - VPC Compatibility

I'm sorry there's something wrong with the drawing. 
That's the main thing 

and all TOR Spanning tree disabled

Original Message:
Sent: Aug 29, 2023 02:35 AM
From: thomasbnc
Subject: Aruba VSX and VLT - VPC Compatibility

Hi 

My understanding of this is, that indeed you will end up with an L2 loop. Given that the VLANs forwarded through the LACP links to your Aruba VSX cluster are also forwarded on the VLT link, this builds a loop. 

You have the following options to remove the looping topology and replace it by a loop-free network:

• only connect the "left" ToR switch (e.g. ToR1 and ToR3) to the left CX8325 and not to the right CX8325 anymore. Do the same for the "right" ToR switch (e.g. ToR2 and ToR4) and remove the link to the left CX. Span the LAG across the two ToR (1/2 resp. 3/4) and configure an MCLAG (interface lag XX multi-chassis) on the CX side. 
• if you like to have full-meshed connectivity, span the LAG across all four links (instead of having two LAGs per ToR pair) and configure MC-LAG again on the CX side. 

Whether or not you may get a loop on L3 is not possible to say by the information we have here. Most probably not as you may only forward VLANs from the ToR to the CX and not configure any kind of routing on the ToR switches. 

VSX and VLT should not cause a problem to each other as long as properly configured. 

It's a best practice to use LACP for port-channels / LAGs. So go ahead with it ;-). 

Regards, 
Thomas

Original Message:
Sent: Aug 28, 2023 01:49 PM
From: flyturk
Subject: Aruba VSX and VLT - VPC Compatibility

Thank you. That all looks very good. It's crucial that the partner system-ids are the same for all 4 links configured for the same lag, otherwise the link would not or only partially come up. This happens if for instance you wrongly connect the interfaces or have a config mistake. 

Spanning Tree is necessarily not needed in a loop-free network. However, for me it's sometimes some kind of life insurance that prevents the network from going down in case of a major loop occurs. However, it's quite important that you have a properly configured spanning tree topology across the entire network. This includes the fact that you use the same version of spanning tree protocols or at least compatible ones. 

Alternatively, ArubaOS-CX supports "loop-protect" which is a proprietary protocol that sends out beacons and if it receives it again on an interface not expected to do so it either disables TX on that port (default behavior) or shuts down the port. That one you could for example activate on the CX plattform for all downlinks if you liked. 

Regards, 
Thomas

I'm sorry there's something wrong with the drawing. 
That's the main thing 

and all TOR Spanning tree disabled

Original Message:
Sent: Aug 29, 2023 02:35 AM
From: thomasbnc
Subject: Aruba VSX and VLT - VPC Compatibility

Hi 

My understanding of this is, that indeed you will end up with an L2 loop. Given that the VLANs forwarded through the LACP links to your Aruba VSX cluster are also forwarded on the VLT link, this builds a loop. 

You have the following options to remove the looping topology and replace it by a loop-free network:

• only connect the "left" ToR switch (e.g. ToR1 and ToR3) to the left CX8325 and not to the right CX8325 anymore. Do the same for the "right" ToR switch (e.g. ToR2 and ToR4) and remove the link to the left CX. Span the LAG across the two ToR (1/2 resp. 3/4) and configure an MCLAG (interface lag XX multi-chassis) on the CX side. 
• if you like to have full-meshed connectivity, span the LAG across all four links (instead of having two LAGs per ToR pair) and configure MC-LAG again on the CX side. 

Whether or not you may get a loop on L3 is not possible to say by the information we have here. Most probably not as you may only forward VLANs from the ToR to the CX and not configure any kind of routing on the ToR switches. 

VSX and VLT should not cause a problem to each other as long as properly configured. 

It's a best practice to use LACP for port-channels / LAGs. So go ahead with it ;-). 

Regards, 
Thomas

Original Message:
Sent: Aug 28, 2023 01:49 PM
From: flyturk
Subject: Aruba VSX and VLT - VPC Compatibility