Wired Intelligent Edge

 View Only
last person joined: 20 hours ago 

Bring performance and reliability to your network with the HPE Aruba Networking Core, Aggregation, and Access layer switches. Discuss the latest features and functionality of your switching devices, and find ways to improve security across your network to bring together a mobile-first solution
Back to discussions
Expand all | Collapse all

MSTP for asymetric VLAN configuration

This thread has been viewed 0 times

  • 1.  MSTP for asymetric VLAN configuration

    Posted Nov 28, 2016 08:31 AM

    I'm currently trying to set up a connection from a Datacenter to a HQ using 2x Layer 2 connections.

    There are 2 Procurves on one side and 2 on the other, each is connected to 1 of the Layer 2 Links. Basically I have a ring of 4 Switches.

    I have to monitor the Layer 2 connections using IP addresses on the Switches. This means for example Switch 1 in HQ has an IP address in VLAN 99, this IP address has to be reachable using the Main-Layer 2 Link but should be unreachable over the backup Layer 2 Link even if the Main-Link goes down.

    Same for the Switch 2 in HQ: IP in vlan 100 of Switch 2 should be reachable over backup but not over main.

    For all Data-VLANs the backup-Layer2-Link must have the blocking Port of MSTP.

     

     

    Is this configuration possible using 3 Instances (Monitor-Main, Monitor-Backup, Data)? I know the MSTP VLAN Config must be identical on all Switches, but would it work to simply not use VLAN 99 on Switch 2 (or not allow it on the Link to Switch 1) in this example?


    #VLAN
    #MSTP


  • 2.  RE: MSTP for asymetric VLAN configuration

    Posted Nov 29, 2016 10:28 PM

    Just off the top of my head, the scenarios I would explore to see if they are feasible would be:

    1/ create a VLAN on one switch, then add it to only one switchport, connecting it to the switch on the other side of one link, adding the VLAN to that switch and not adding that VLAN to any other switchport. If the link goes down, the whole VLAN should go down?

    2/ Use tracking against an IP address and down the VLAN interface if the remote interface becomes unreachable.

    Bear in mind, I have no idea what you are trying to do.

    Your question about blocking ports is just a question of setting your STP metrics correctly.



  • 3.  RE: MSTP for asymetric VLAN configuration

    Posted Nov 30, 2016 02:40 AM

    I probably didn't explain it well, wanted to keep it simple. The main goal is to make one VLAN only reachable over the main-link, one VLAN only over the backup-link while a third VLAN is reachable over both links.

    MSTP is needed so the backup-link is not blocking for the backup-VLAN while it is blocking for Data-VLAN.

    I will simply not allow the VLANs where they are not supposed to go and use 3 MSTP Instances.

    Thanks