Hi!
"I removed the link between the two members on each cluster."
That's a good thing.
"I think I understand now, the links between the two clusters needs to be a LAG link."
On the contrary, the links between the two VSX Clusters need to be part of VSX LAGs (Grammar: VSX LAG = Multi-Chassis LAG) so each VSX Member of the VSX Cluster has a physical link to any other VSX member of the peer VSX Cluster.
The first link you referenced points to a scenario where you have just 2 physical links between VSX Clusters...but, really, the best practice reports - and it's quite easy to understand why - that you 4 physical links are needed, so - just as an example - the whole interconnection between the two VSX Clusters should appear like a full mesh to have full resiliency and redundancy:
- Site 1 VSX-1 (VSX LAG 1) port 1/1/1 <--> port 1/1/1 (VSX LAG 1) VSX-1 Site 2
- Site 1 VSX-1 (VSX LAG 1) port 1/1/2 <--> port 1/1/1 (VSX LAG 1) VSX-2 Site 2
- Site 1 VSX-2 (VSX LAG 1) port 1/1/1 <--> port 1/1/2 (VSX LAG 1) VSX-1 Site 2
- Site 1 VSX-2 (VSX LAG 1) port 1/1/2 <--> port 1/1/2 (VSX LAG 1) VSX-2 Site 2
and VSX LAG 1 on VSX Cluster on Site 1 is made of 1/1/1 + 1/1/2 on VSX-1 and 1/1/1 + 1/1/2 on VSX-2 while VSX LAG 1 on VSX Cluster on Site 2 is made of 1/1/1 + 1/1/2 on VSX-1 and 1/1/1 + 1/1/2 on VSX-2. As you see you can also change the order of connectivity between VSX Cluster but the important thing is that, on each Site, the VSX Cluster of that site has a 4 ports VSX LAG (2 ports on 1st VSX member and 2 ports on 2nd VSX member).
"If it is between a cluster and regular switch, it does not need to be a LAG."
On the contrary, it needs to be a VSX LAG (VSX Cluster side) and a LAG (standalone/cluster peer switch side). And, as a best practice, any LAG (VSX or not) should use LACP. The same between a VSX Cluster and a physical server connected to both VSX Cluster's members.
Clearly if you're trying to interconnect your two VSX Clusters each others "back-to-back" have a look at VSX Configuration Guide various examples (
here).
------------------------------
Davide Poletto
------------------------------
Original Message:
Sent: Mar 22, 2022 04:16 PM
From: richard ford
Subject: VSX active-gateway and MCLAG question
I removed the link between the two members on each cluster. I think I am getting the MCLAG and VSX LAG confused....I think I understand now, the links between the two clusters needs to be a LAG link. If it is between a cluster and regular switch, it does not need to be a LAG.
I am using OSPF and the link between each device is using a /30 subnet. I am trying to have a similar configuration like the post below with 2 VSX Clusters connected to each other. Interconnect 2 ArubaOS-CX VSX clusters with LACP | Wired Intelligent Edge (arubanetworks.com) and Aruba CX VSX Connection between two pair of VSX cluster | Wired Intelligent Edge (arubanetworks.com)
------------------------------
rford1219
Original Message:
Sent: Mar 21, 2022 05:28 AM
From: Vincent Giles
Subject: VSX active-gateway and MCLAG question
I would agree that these 2 very first questions are important.
------------------------------
Vincent Giles
Original Message:
Sent: Mar 19, 2022 11:47 AM
From: Davide Poletto
Subject: VSX active-gateway and MCLAG question
Hi,
First thing: given the network topology drawing you posted your're going to create a loop (VSX Cluster SW1 Top/Bottom + VSX Cluster SW2 Top/Bottom both linked to VSF made of SW3, SW4 and SW5).
Second thing: I don't understand what is the meaning of those "MLAG" links between each VSX Member (See, as example, SW1-UPPER to SW1-LOWER MCLAG on the left, the very same can be seen on the other VSX Cluster): Once a VSX is formed (VSX ISL + VSX Keepalive links) you DON'T want to interlink VSX Members together with anything.
------------------------------
Davide Poletto
Original Message:
Sent: Mar 18, 2022 11:21 AM
From: richard ford
Subject: VSX active-gateway and MCLAG question
It has taken awhile to get some of the equipment so I am starting to actually configure things now. All I have are the 8320 Series switches.
I have them configured with VSX, OSPF and each switch is running dhcp-server. The blue cable is the keepalive. The two red connecting
the Upper and Lower are the VSX Links. All others are the OSPF links. As of how it is configured now, I am able to ping everything
and my VSX status is showing up, established, operational and in-sync. As far as I can tell, I feel like I have everything configured
correclty. My issue is I am not very familiar with VSX and have been trying to learn more from documentation, but I still have some
questions that I am not sure about...
1) I will need to configured the two links between the two clusters and each 8320 in each cluster as an MCLAG I believe, but the connection from each cluster going
to SW3 and SW5 I can keep as a regular uplink?
2) With using dhcp-server on the 8320 switches, each SVI needs to be configured as the active-gateway on each switch?
------------------------------
rford1219
------------------------------