This is my current setup. Cluster B picks up IP Address from DHCP Server setting I have configured on Cluster A. Both Clusters have VSX configured and working. Cluster A also has the DHCP Pools configured on it.
I am trying to setup LAGs between the two clusters. I am going from the primary on Cluster A to the secondary on Cluster B and from the primary on Cluster B to the secondary on Cluster A. I had regular LAGs at first and they worked. This is how I had set them up:
Interface lag 100
no routing
no shutdown
vlan trunk naitve 1
vlan trunk allowed 1,2,3,4,5
lacp mode active
int 1/1/53
no routing
no shut
lag 100
They all worked, and I could ping and see everything. I realized I want to use Multi-Chassis LAGs instead. I am doing the same configuration, but instead of interface lag 100, I am saying interface lag 100 multi-chassis. The LAG shows down and blocked by LACP when I do this. If I add the static option to the end, the LAG shows up, but passes no traffic. I have tried to do it using the simpler configuration from page 25 on VSX Configurations Best Practices Technical Whitepaper (I have been trying to do it like the example on page 26) which showed up for a little bit then went into blocked state again... The picture is what I am going for...
Original Message:
Sent: Jan 03, 2023 11:48 PM
From: Timo Krjukoff
Subject: LAG between two 8320 clusters for multiple VLANs
Document - VSX Configuration Best Practices for Aruba CX 6400, 8320, 8325, 8360, 8400 v1.3 | HPE Support
The document explains the whole idea of VSX clusters and how to set up MCLAGs.
Cheers
/timo
Original Message:
Sent: Jan 03, 2023 06:30 PM
From: Ashour Shamoon
Subject: LAG between two 8320 clusters for multiple VLANs
I have two VSX Clusters and I am going from the primary on one to the secondary on the other so I did not try the vsx-sync mclag-interfaces. I removed the lag and create one again. I have lacp mode active on both sides. If I try to change one to passive, I get a message that I cannot do that because it is part of a LAG. What I did notice is that if I use the static option (interface lag 55 multi-chassis static) the interfaces show up, but do not pass traffic (I cannot ping IPs on the other side).
Original Message:
Sent: Dec 29, 2022 02:48 AM
From: Ian Nightingale
Subject: LAG between two 8320 clusters for multiple VLANs
Hi, The info you have posted suggests a LACP issue rather than config.
Here is an example of a simple config that works:
router1(config)# show run int 1/1/2
interface 1/1/2
no shutdown
lag 24
exit
router1(config)# show run int lag 24
interface lag 24 multi-chassis
no shutdown
no routing
vlan trunk native 1
vlan trunk allowed 5,114,200
lacp mode active
exit
The output you attached shows passive LACP. Could this be caused by LACP not negotiating between two passive switches? What happens when you apply the "lacp mode active" and then bounce the physical ports?
I also note the difference between the two VSX members and wonder if you have different configs on each member for the lag interface? It might be worth checking you have mclag-interfaces added to the VSX config (vsx...vsx-sync mclag-interfaces)
Original Message:
Sent: Dec 28, 2022 04:10 PM
From: Ashour Shamoon
Subject: LAG between two 8320 clusters for multiple VLANs
Hello, I am working on changing my LAGs to Multi-Chassis LAGs between the two clusters (That was my mistake, I did regular LAGs at first). Initially I just did int lag # on both sides. I am trying to do primary to secondary between the two clusters.
I am seeing that the LAG shows as blocked by LACP. I did try adding lacp mode active to both ends and that did not help either.
I configured it as follows and am wondering if I am missing something? I do have spanning-tree disabled also.
configure terminal
interface lag 50 multi-chassis
no routing
no shut
interface 1/1/54
no routing
no shut
lag 5
interface lag 5
vlan trunk allowed 2,3,4,5,6,7 etc...
I see the ports lights on both ends, but it shows as blocked by lacp and I am not sure why. The only difference between this and the regular LAG configuration I have done is using multi-chassis. I am using HP DAC cables (JH234A) for all my LAGs as well.
Original Message:
Sent: Nov 19, 2022 08:09 AM
From: Davide Poletto
Subject: LAG between two 8320 clusters for multiple VLANs
...and my above questions are not necessarily tied to the fact that, in my opinion, an "interlink among switches" (or among VSX clusters) - no matter if realized with just one single physical link or with multiple physical links aggregated together into a new logical interface (a LAG or a Multi-Chassis LAG) - should carry only tagged VLANs, the idea of working with an untagged VLAN's membership/transport is typically associated with (VLAN unaware) access devices (indeed you work with Native VLAN on ports designated with the Access/Edge role). Point to Point links generally carry multiple tagged VLAN and the Native VLAN could be, counter-intuitively, declared tagged too (in any case you should allow all of them).
Original Message:
Sent: 11/19/2022 7:48:00 AM
From: parnassus
Subject: RE: LAG between two 8320 clusters for multiple VLANs
Hi, you initially wrote "I currently have two LAGs setup and working between the two clusters using the DAC ports. The LAGs are only one VLAN each.".
Just to clarify (maybe it's just me!), does the above sentence mean that your setup was made with two non-VSX LAGs (as you wrote, each one carrying one particular untagged VLAN id only) so it was made with normal LAGs (where a normal LAG is made of two or more physical interfaces of the same VSX member - the Primary or the Secondary - aggregated together instead of being made of two or more interfaces of both VSX members of a particular VSX cluster), say coming from the Primary or the Secondary and terminating to the other VSX cluster Primary or Secondary (or vice-versa) OR does the above sentence mean that your setup was made with two different VSX LAGs each one initiating and terminating in a distributed way on both VSX members of each VSX Cluster with its member interfaces?
In other words...are you LAGging two VSX Clusters back to back (say from Primary to Primary, Secondary to Secondary or Primary to Secondary/Secondary to Primary) OR are you Multi-Chassis LAGging the first entire VSX cluater to you second entire VSX cluster?
Then, is there reason you were forced to use two separate (supposedly non MC-LAGs = non VSX LAGs) to separately transport each one a VLAN ID when you could setup a VSX LAG back to back carrying multiple VLAN IDs and aggregating on each side (VSX cluster) up to four physical interfaces per VSX member (having a 4+4=8 ports links aggregation connected to the other VSX cluster)? Any relation with a related (M)STP setup?
Original Message:
Sent: 11/18/2022 6:53:00 PM
From: sfpit1202
Subject: LAG between two 8320 clusters for multiple VLANs
I have 2 VSX Clusters. One has 2 Fiber 8320s and the other is 2 Ethernet 8320s. I currently have two LAGs setup and working between the two clusters using the DAC ports. The LAGs are only one VLAN each.
I was trying to setup another LAG between the clusters that would carry multiple other VLANs. I was using 1/1/51 for it. I have it set up just like the other LAGs that are working except instead of vlan access # I am using vlan trunk allowed #,#,#.
I set up 1 ethernet port on the two ethernet switches and added them to the LAG just to test and that worked. I was wondering, is there any reason why 1/1/51 would not work as a LAG with multiple VLANS? I read somewhere a few times that people had some issues doing something with LAGs, I forget what off hand, but I remember one thing said not sue the bottom row of ports on the swithces...