Wired Intelligent Edge

Hi,

I've been looking for a specific clarification, unable to find yet in documentation or existing threads.

Use case is a deployement of two 5412's in VSF configuration.

In a scenario where you have a routed VLAN for management (without the "vlan management" command enabled), that IP address is shared between the VSF members, always up.

If you enable OoBM-MAD for "split brain" detection, what is the recommended/best practice on IP addressing?

Assign IP on the same VLAN/subnet or use an entirely different?

Is that Control Plane traffic of the OoBM ports like a separate VRF?

Or its purpose is that it has to be in the MGMT subnet but will always stay up in the event of severe traffic congestion/loss, due to the separate Control Plane?

Hi! please have a look here...it could be an interesting thread to read.

---

@epsarias wrote:

 

Assign IP on the same VLAN/subnet or use an entirely different?

 

Is that Control Plane traffic of the OoBM ports like a separate VRF?

 

Or its purpose is that it has to be in the MGMT subnet but will always stay up in the event of severe traffic congestion/loss, due to the separate Control Plane?

---

Since OoBM is de-facto like a really isolated VRF I suspect you have some possible cases: best practices suggest to use a separate (physical network) with a dedicate IP addressing space for OoBM Management (and if you can't have that at least use one IP addressing space not overlapping/conflicting to your data VLANs' SVI addresses spaces, see below why).

Scenarios:

• If OoBM ports are directly linked each other the IP address would be whatever you like (it's a totally isolated environment).
• If OoBM ports link to a OoBM-dedicated switching infrastructure (where you have a dedicated monitoring host) physically separated by your data switching infrastructure then your OoBM IP addressing should match at least the network address space used into that OoBM-dedicated network (that's reasonable).
• If OoBM ports link back to your data switching infrastructure then you fall on the case above but, clearly, you need to respect some network address space used into the data network (the one used on the routed VLAN you're using for management purposes).

I don't think there other cases.

Thank you, the link I had already checked but your comments also provided some clarity.

---

@parnassus wrote:

Hi! please have a look here...it could be an interesting thread to read.

 

---

@epsarias wrote:

 

Assign IP on the same VLAN/subnet or use an entirely different?

 

Is that Control Plane traffic of the OoBM ports like a separate VRF?

 

Or its purpose is that it has to be in the MGMT subnet but will always stay up in the event of severe traffic congestion/loss, due to the separate Control Plane?

---

Since OoBM is de-facto like a really isolated VRF I suspect you have some possible cases: best practices suggest to use a separate (physical network) with a dedicate IP addressing space for OoBM Management (and if you can't have that at least use one IP addressing space not overlapping/conflicting to your data VLANs' SVI addresses spaces, see below why).

 

Scenarios:

 

• If OoBM ports are directly linked each other the IP address would be whatever you like (it's a totally isolated environment).
• If OoBM ports link to a OoBM-dedicated switching infrastructure (where you have a dedicated monitoring host) physically separated by your data switching infrastructure then your OoBM IP addressing should match at least the network address space used into that OoBM-dedicated network (that's reasonable).
• If OoBM ports link back to your data switching infrastructure then you fall on the case above but, clearly, you need to respect some network address space used into the data network (the one used on the routed VLAN you're using for management purposes).

I don't think there other cases.

---