Wired Intelligent Edge

I am trying to add additional redundancy to our core and am wondering if it is a bad idea to use VSF. We currently have two 5400Rs acting as our core switches and wont get the okay to upgrade anytime soon. There is almost no redundancy between the two, and the secondary is essentially a passive backup. Obviously I would like to fix this, and my first thought was VSF. It seems like most Aruba info says VSF is for access layer switches and VSX is for core. I'm seeing discussions about it as well with people saying not to use VSF on core switches. What is the reasoning behind this? Is it just the limitations of the shared control plane between the two? Any input would be appreciated.

------------------------------
Devin Burns
------------------------------

Hello Devin, well the roots of VSF (on Aruba 5400R zl2) date back to 2016 at least. At time ArubaOS-CX wasn't available and first Aruba CX switch series were presented to the public in late 2017 and early 2018...so comparing the Aruba 5400R zl2 VSF approach (and specifically it [1]) now with VSX isn't totally fair.

The very first question you should answer first is: what do I mean with redundancy? redundancy of physical connectivity (through redundant links from peers)? redundancy of services (IP Routing, as example)? both?

I don't know you Network and the switching/routing services running on...but, from what you wrote, it seems that you have a Core (and with Core I mean a switch with IP Routing enabled, router for your internal network segments) and a sort of backup passively sitting aside. No VRRP between the two, correct me if I'm wrong.

Given that for sure transitioning to a VSF of two Aruba 5400R zl2 will be a real enhancement from the point of view of redundancy of both connectivity and services offered to your peers (Access switches and/or directly connected Servers).

Keep in mind that VSF deployed for those reasons requires a redundant connectivity spread to both VSF Members (so you should heavily end using Port Trunking with LACP to your peers).

VSF on Aruba 5400R zl2 requires you to fulfill some points and those are clearly specified on well-known documents (let me know if you need an help to find them [2]).

Clearly the discussion can be further developed in many different directions but, at the moment, I personally would stop here.

[1] Features/Requirements/Restrictions of VSF on the 2 Members VSF on Aruba 5400R zl2 (operating in v3 Mode) aren't exactly the same of VSF deployed on, say, Aruba 2930F (FSU Fast Software Upgrade is not available on Aruba 2930F VSF, as example...a "n" Members VSF can't be made on Aruba 5400R zl2 which is limited to 2 members, as example...required VSF interfaces' speed varies and so on).
[2] Start with: https://higherlogicdownload.s3.amazonaws.com/HPE/MigratedAssets/ArubaOS%20VSF%20Configuration%20Guide.pdf (old but good), https://higherlogicdownload.s3.amazonaws.com/HPE/MigratedAssets/Backplane%20Stacking%20and%20VSF%20Best%20Practices.pdf these just to familiarize. Then there are more updated guides to read too.

------------------------------
Davide Poletto
------------------------------

Original Message:
Sent: Apr 13, 2022 06:50 PM
From: Devin Burns
Subject: VSF for Access Layer Only?

I am trying to add additional redundancy to our core and am wondering if it is a bad idea to use VSF. We currently have two 5400Rs acting as our core switches and wont get the okay to upgrade anytime soon. There is almost no redundancy between the two, and the secondary is essentially a passive backup. Obviously I would like to fix this, and my first thought was VSF. It seems like most Aruba info says VSF is for access layer switches and VSX is for core. I'm seeing discussions about it as well with people saying not to use VSF on core switches. What is the reasoning behind this? Is it just the limitations of the shared control plane between the two? Any input would be appreciated.

------------------------------
Devin Burns
------------------------------

Thanks for the fantastic reply! As far as the question of redundancy, pretty much all of it. We don't have physical redundancy of links or redundancy of services with BGP, OSPF, etc. There are a couple redundant links that are getting blocked by STP, but a few would have to be physically moved over in the event of a failure as well. Your other assertions are correct as well, the device is essentially sitting aside as it is. I want to add VSF and (like you said) utilize LACP to create redundant links that don't rely on STP. I wasn't aware that VSF on the 5400 differed from other models, so that is good to know. I will read through those documents and check all the requirements. Again, thanks for the detailed reply.

------------------------------
Devin Burns
------------------------------

Original Message:
Sent: Apr 14, 2022 02:28 AM
From: Davide Poletto
Subject: VSF for Access Layer Only?

Hello Devin, well the roots of VSF (on Aruba 5400R zl2) date back to 2016 at least. At time ArubaOS-CX wasn't available and first Aruba CX switch series were presented to the public in late 2017 and early 2018...so comparing the Aruba 5400R zl2 VSF approach (and specifically it [1]) now with VSX isn't totally fair.

The very first question you should answer first is: what do I mean with redundancy? redundancy of physical connectivity (through redundant links from peers)? redundancy of services (IP Routing, as example)? both?

I don't know you Network and the switching/routing services running on...but, from what you wrote, it seems that you have a Core (and with Core I mean a switch with IP Routing enabled, router for your internal network segments) and a sort of backup passively sitting aside. No VRRP between the two, correct me if I'm wrong.

Given that for sure transitioning to a VSF of two Aruba 5400R zl2 will be a real enhancement from the point of view of redundancy of both connectivity and services offered to your peers (Access switches and/or directly connected Servers).

Keep in mind that VSF deployed for those reasons requires a redundant connectivity spread to both VSF Members (so you should heavily end using Port Trunking with LACP to your peers).

VSF on Aruba 5400R zl2 requires you to fulfill some points and those are clearly specified on well-known documents (let me know if you need an help to find them [2]).

Clearly the discussion can be further developed in many different directions but, at the moment, I personally would stop here.

[1] Features/Requirements/Restrictions of VSF on the 2 Members VSF on Aruba 5400R zl2 (operating in v3 Mode) aren't exactly the same of VSF deployed on, say, Aruba 2930F (FSU Fast Software Upgrade is not available on Aruba 2930F VSF, as example...a "n" Members VSF can't be made on Aruba 5400R zl2 which is limited to 2 members, as example...required VSF interfaces' speed varies and so on).
[2] Start with: https://higherlogicdownload.s3.amazonaws.com/HPE/MigratedAssets/ArubaOS%20VSF%20Configuration%20Guide.pdf (old but good), https://higherlogicdownload.s3.amazonaws.com/HPE/MigratedAssets/Backplane%20Stacking%20and%20VSF%20Best%20Practices.pdf these just to familiarize. Then there are more updated guides to read too.

------------------------------
Davide Poletto

Original Message:
Sent: Apr 13, 2022 06:50 PM
From: Devin Burns
Subject: VSF for Access Layer Only?

I am trying to add additional redundancy to our core and am wondering if it is a bad idea to use VSF. We currently have two 5400Rs acting as our core switches and wont get the okay to upgrade anytime soon. There is almost no redundancy between the two, and the secondary is essentially a passive backup. Obviously I would like to fix this, and my first thought was VSF. It seems like most Aruba info says VSF is for access layer switches and VSX is for core. I'm seeing discussions about it as well with people saying not to use VSF on core switches. What is the reasoning behind this? Is it just the limitations of the shared control plane between the two? Any input would be appreciated.

------------------------------
Devin Burns
------------------------------

Hello, I apologize if I'm not in the right place to ask this question. I would be very grateful if you could assist me.

I am reaching out for assistance with configuring OSPF between (two firewall) and (two Aruba 5406R zl2 that are connected in VSF mode). When I try to activate OSPF by entering "router OSPF 1" or "router-id", I receive an error message "invalid input". Additionally, I am facing issues assigning an IP address to a port.

I would greatly appreciate if you could answer the following questions: 

Is it possible to activate OSPF on a VSF?

Is it possible to assign an IP address to a port on a VSF?

Thank you in advance for your help.

Original Message:
Sent: Apr 14, 2022 02:28 AM
From: parnassus
Subject: VSF for Access Layer Only?

Hello Devin, well the roots of VSF (on Aruba 5400R zl2) date back to 2016 at least. At time ArubaOS-CX wasn't available and first Aruba CX switch series were presented to the public in late 2017 and early 2018...so comparing the Aruba 5400R zl2 VSF approach (and specifically it [1]) now with VSX isn't totally fair.

The very first question you should answer first is: what do I mean with redundancy? redundancy of physical connectivity (through redundant links from peers)? redundancy of services (IP Routing, as example)? both?

I don't know you Network and the switching/routing services running on...but, from what you wrote, it seems that you have a Core (and with Core I mean a switch with IP Routing enabled, router for your internal network segments) and a sort of backup passively sitting aside. No VRRP between the two, correct me if I'm wrong.

Given that for sure transitioning to a VSF of two Aruba 5400R zl2 will be a real enhancement from the point of view of redundancy of both connectivity and services offered to your peers (Access switches and/or directly connected Servers).

Keep in mind that VSF deployed for those reasons requires a redundant connectivity spread to both VSF Members (so you should heavily end using Port Trunking with LACP to your peers).

VSF on Aruba 5400R zl2 requires you to fulfill some points and those are clearly specified on well-known documents (let me know if you need an help to find them [2]).

Clearly the discussion can be further developed in many different directions but, at the moment, I personally would stop here.

[1] Features/Requirements/Restrictions of VSF on the 2 Members VSF on Aruba 5400R zl2 (operating in v3 Mode) aren't exactly the same of VSF deployed on, say, Aruba 2930F (FSU Fast Software Upgrade is not available on Aruba 2930F VSF, as example...a "n" Members VSF can't be made on Aruba 5400R zl2 which is limited to 2 members, as example...required VSF interfaces' speed varies and so on).
[2] Start with: https://higherlogicdownload.s3.amazonaws.com/HPE/MigratedAssets/ArubaOS%20VSF%20Configuration%20Guide.pdf (old but good), https://higherlogicdownload.s3.amazonaws.com/HPE/MigratedAssets/Backplane%20Stacking%20and%20VSF%20Best%20Practices.pdf these just to familiarize. Then there are more updated guides to read too.

------------------------------
Davide Poletto

Original Message:
Sent: Apr 13, 2022 06:50 PM
From: Devin Burns
Subject: VSF for Access Layer Only?

I am trying to add additional redundancy to our core and am wondering if it is a bad idea to use VSF. We currently have two 5400Rs acting as our core switches and wont get the okay to upgrade anytime soon. There is almost no redundancy between the two, and the secondary is essentially a passive backup. Obviously I would like to fix this, and my first thought was VSF. It seems like most Aruba info says VSF is for access layer switches and VSX is for core. I'm seeing discussions about it as well with people saying not to use VSF on core switches. What is the reasoning behind this? Is it just the limitations of the shared control plane between the two? Any input would be appreciated.

------------------------------
Devin Burns
------------------------------

Your best bet for a detailed response would probably be a new thread, but it does seem like your commands are off. 

For OSPF the setup  would be something like this:

router ospf
area backbone
enable

int loopback 0
ip address 192.168.0.1
ip ospf 192.168.0.1 area backbone

I am not sure if any of these commands are disabled for VSF but I don't see why they would be. 

Here is a useful article on it:

https://support.hpe.com/hpesc/public/docDisplay?docId=emr_na-c03323728

Original Message:
Sent: Feb 01, 2023 04:16 AM
From: amanar
Subject: VSF for Access Layer Only?

Hello, I apologize if I'm not in the right place to ask this question. I would be very grateful if you could assist me.

I am reaching out for assistance with configuring OSPF between (two firewall) and (two Aruba 5406R zl2 that are connected in VSF mode). When I try to activate OSPF by entering "router OSPF 1" or "router-id", I receive an error message "invalid input". Additionally, I am facing issues assigning an IP address to a port.

I would greatly appreciate if you could answer the following questions: 

Is it possible to activate OSPF on a VSF?

Is it possible to assign an IP address to a port on a VSF?

Thank you in advance for your help.

Original Message:
Sent: Apr 14, 2022 02:28 AM
From: parnassus
Subject: VSF for Access Layer Only?

Hello Devin, well the roots of VSF (on Aruba 5400R zl2) date back to 2016 at least. At time ArubaOS-CX wasn't available and first Aruba CX switch series were presented to the public in late 2017 and early 2018...so comparing the Aruba 5400R zl2 VSF approach (and specifically it [1]) now with VSX isn't totally fair.

The very first question you should answer first is: what do I mean with redundancy? redundancy of physical connectivity (through redundant links from peers)? redundancy of services (IP Routing, as example)? both?

I don't know you Network and the switching/routing services running on...but, from what you wrote, it seems that you have a Core (and with Core I mean a switch with IP Routing enabled, router for your internal network segments) and a sort of backup passively sitting aside. No VRRP between the two, correct me if I'm wrong.

Given that for sure transitioning to a VSF of two Aruba 5400R zl2 will be a real enhancement from the point of view of redundancy of both connectivity and services offered to your peers (Access switches and/or directly connected Servers).

Keep in mind that VSF deployed for those reasons requires a redundant connectivity spread to both VSF Members (so you should heavily end using Port Trunking with LACP to your peers).

VSF on Aruba 5400R zl2 requires you to fulfill some points and those are clearly specified on well-known documents (let me know if you need an help to find them [2]).

Clearly the discussion can be further developed in many different directions but, at the moment, I personally would stop here.

[1] Features/Requirements/Restrictions of VSF on the 2 Members VSF on Aruba 5400R zl2 (operating in v3 Mode) aren't exactly the same of VSF deployed on, say, Aruba 2930F (FSU Fast Software Upgrade is not available on Aruba 2930F VSF, as example...a "n" Members VSF can't be made on Aruba 5400R zl2 which is limited to 2 members, as example...required VSF interfaces' speed varies and so on).
[2] Start with: https://higherlogicdownload.s3.amazonaws.com/HPE/MigratedAssets/ArubaOS%20VSF%20Configuration%20Guide.pdf (old but good), https://higherlogicdownload.s3.amazonaws.com/HPE/MigratedAssets/Backplane%20Stacking%20and%20VSF%20Best%20Practices.pdf these just to familiarize. Then there are more updated guides to read too.

------------------------------
Davide Poletto

Original Message:
Sent: Apr 13, 2022 06:50 PM
From: Devin Burns
Subject: VSF for Access Layer Only?

I am trying to add additional redundancy to our core and am wondering if it is a bad idea to use VSF. We currently have two 5400Rs acting as our core switches and wont get the okay to upgrade anytime soon. There is almost no redundancy between the two, and the secondary is essentially a passive backup. Obviously I would like to fix this, and my first thought was VSF. It seems like most Aruba info says VSF is for access layer switches and VSX is for core. I'm seeing discussions about it as well with people saying not to use VSF on core switches. What is the reasoning behind this? Is it just the limitations of the shared control plane between the two? Any input would be appreciated.

------------------------------
Devin Burns
------------------------------

+ to Davide Poletto 

Hi Devin,
Good question!

There is nothing wrong in deploying VSF in aggregation or core if network is not demanding/running mission critical application.
However, It is always recommended to run VSF on Access switches and VSX on aggregation and core switches to keep network always on!

In simple words, A VSF stack means single switch, all connected switches act as Line cards or members - one of the member act as Standy. 
means, VSF is single switch with active/standby for control and management plane traffic.
Means, VSF switch will have single control plane, and distributed forwarding.
Consider VSF active switch fails, then control and management plane switchover to new active (old standby).


VSX is advance technology, in market for few years. Basically brings independent control plane, management plane between two switches (active/active) with advance synchronization method. Due to that during any vsx node failure/upgrade control & management plane is unaltered, network will be always on.

Hope this helps!

Yash


------------------------------
Yash NN
------------------------------

Original Message:
Sent: Apr 13, 2022 06:50 PM
From: Devin Burns
Subject: VSF for Access Layer Only?

I am trying to add additional redundancy to our core and am wondering if it is a bad idea to use VSF. We currently have two 5400Rs acting as our core switches and wont get the okay to upgrade anytime soon. There is almost no redundancy between the two, and the secondary is essentially a passive backup. Obviously I would like to fix this, and my first thought was VSF. It seems like most Aruba info says VSF is for access layer switches and VSX is for core. I'm seeing discussions about it as well with people saying not to use VSF on core switches. What is the reasoning behind this? Is it just the limitations of the shared control plane between the two? Any input would be appreciated.

------------------------------
Devin Burns
------------------------------

Thanks for the reply Yash. The switches are mission critical, but considering the second switch is essentially passive right now, I don't foresee an issue with the shared control plane, unless there is something I am overlooking. We are not going to be able to upgrade to VSX capable switches for a while unfortunately so the only other option would be VRRP + STP really.

------------------------------
Devin Burns
------------------------------

Original Message:
Sent: Apr 14, 2022 03:11 PM
From: Yash NN
Subject: VSF for Access Layer Only?

+ to Davide Poletto 

Hi Devin,
Good question!

There is nothing wrong in deploying VSF in aggregation or core if network is not demanding/running mission critical application.
However, It is always recommended to run VSF on Access switches and VSX on aggregation and core switches to keep network always on!

In simple words, A VSF stack means single switch, all connected switches act as Line cards or members - one of the member act as Standy. 
means, VSF is single switch with active/standby for control and management plane traffic.
Means, VSF switch will have single control plane, and distributed forwarding.
Consider VSF active switch fails, then control and management plane switchover to new active (old standby).


VSX is advance technology, in market for few years. Basically brings independent control plane, management plane between two switches (active/active) with advance synchronization method. Due to that during any vsx node failure/upgrade control & management plane is unaltered, network will be always on.

Hope this helps!

Yash


------------------------------
Yash NN

Original Message:
Sent: Apr 13, 2022 06:50 PM
From: Devin Burns
Subject: VSF for Access Layer Only?

I am trying to add additional redundancy to our core and am wondering if it is a bad idea to use VSF. We currently have two 5400Rs acting as our core switches and wont get the okay to upgrade anytime soon. There is almost no redundancy between the two, and the secondary is essentially a passive backup. Obviously I would like to fix this, and my first thought was VSF. It seems like most Aruba info says VSF is for access layer switches and VSX is for core. I'm seeing discussions about it as well with people saying not to use VSF on core switches. What is the reasoning behind this? Is it just the limitations of the shared control plane between the two? Any input would be appreciated.

------------------------------
Devin Burns
------------------------------

Hi Devin, VSF deployed on your pair of Aruba 5400R zl2 (the Switch is required to operate in v3-Only mode so only Aruba v3 zl2 Modules for Aruba 5400R zl2 will be supported on VSF) should be enough. Consider that Aruba 5400R zl2 VSF supports the FSU Fast Software Upgrade procedure, detailed here and here and the secondary MM (if installed in the Chassis) will be disabled on both VSF Members.

Search for VSF related threads here on Airheads or on the legacy (now closed) HPE Community Networking forum (ArubaOS-Switch section) and you will be able to find a lot of interesting things about VSF. As said - IMHO - VSF and VSX shouldn't not be compared because comparing Hardware and Software architectures (and deployment approaches) used on the ArubaOS-Switch operating system based switch series supporting VSF versus those used on ArubaOS-CX operating system based switch series will be like comparing apples and oranges (and - pay attention - VSF was also "ported" on some ArubaOS-CX based switch series - engineered and featured to better serve the Access layer - so this could be quite confusing since one will think that new Aruba CX switches should only support VSX and not VSF...that's to say that there are at least two macro-flavors of VSF types).

------------------------------
Davide Poletto
------------------------------

Original Message:
Sent: Apr 14, 2022 03:32 PM
From: Devin Burns
Subject: VSF for Access Layer Only?

Thanks for the reply Yash. The switches are mission critical, but considering the second switch is essentially passive right now, I don't foresee an issue with the shared control plane, unless there is something I am overlooking. We are not going to be able to upgrade to VSX capable switches for a while unfortunately so the only other option would be VRRP + STP really.

------------------------------
Devin Burns

Original Message:
Sent: Apr 14, 2022 03:11 PM
From: Yash NN
Subject: VSF for Access Layer Only?

+ to Davide Poletto 

Hi Devin,
Good question!

There is nothing wrong in deploying VSF in aggregation or core if network is not demanding/running mission critical application.
However, It is always recommended to run VSF on Access switches and VSX on aggregation and core switches to keep network always on!

In simple words, A VSF stack means single switch, all connected switches act as Line cards or members - one of the member act as Standy. 
means, VSF is single switch with active/standby for control and management plane traffic.
Means, VSF switch will have single control plane, and distributed forwarding.
Consider VSF active switch fails, then control and management plane switchover to new active (old standby).


VSX is advance technology, in market for few years. Basically brings independent control plane, management plane between two switches (active/active) with advance synchronization method. Due to that during any vsx node failure/upgrade control & management plane is unaltered, network will be always on.

Hope this helps!

Yash


------------------------------
Yash NN

Original Message:
Sent: Apr 13, 2022 06:50 PM
From: Devin Burns
Subject: VSF for Access Layer Only?

I am trying to add additional redundancy to our core and am wondering if it is a bad idea to use VSF. We currently have two 5400Rs acting as our core switches and wont get the okay to upgrade anytime soon. There is almost no redundancy between the two, and the secondary is essentially a passive backup. Obviously I would like to fix this, and my first thought was VSF. It seems like most Aruba info says VSF is for access layer switches and VSX is for core. I'm seeing discussions about it as well with people saying not to use VSF on core switches. What is the reasoning behind this? Is it just the limitations of the shared control plane between the two? Any input would be appreciated.

------------------------------
Devin Burns
------------------------------

I was reading through the documents you linked yesterday and did see the part about the v3 modules. That will definitely be a hurdle as the majority of ours are v2 currently. I will have to look into replacing those and what that would entail. I wasn't aware of the FSU procedure before posting, that would be great for minimizing downtime. I also like that it splits the upgrade, so if there is some sort of failure it doesn't take out the entire stack. Thanks again for all the great information on the subject!

------------------------------
Devin Burns
------------------------------

Original Message:
Sent: Apr 15, 2022 08:00 AM
From: Davide Poletto
Subject: VSF for Access Layer Only?

Hi Devin, VSF deployed on your pair of Aruba 5400R zl2 (the Switch is required to operate in v3-Only mode so only Aruba v3 zl2 Modules for Aruba 5400R zl2 will be supported on VSF) should be enough. Consider that Aruba 5400R zl2 VSF supports the FSU Fast Software Upgrade procedure, detailed here and here and the secondary MM (if installed in the Chassis) will be disabled on both VSF Members.

Search for VSF related threads here on Airheads or on the legacy (now closed) HPE Community Networking forum (ArubaOS-Switch section) and you will be able to find a lot of interesting things about VSF. As said - IMHO - VSF and VSX shouldn't not be compared because comparing Hardware and Software architectures (and deployment approaches) used on the ArubaOS-Switch operating system based switch series supporting VSF versus those used on ArubaOS-CX operating system based switch series will be like comparing apples and oranges (and - pay attention - VSF was also "ported" on some ArubaOS-CX based switch series - engineered and featured to better serve the Access layer - so this could be quite confusing since one will think that new Aruba CX switches should only support VSX and not VSF...that's to say that there are at least two macro-flavors of VSF types).

------------------------------
Davide Poletto

Original Message:
Sent: Apr 14, 2022 03:32 PM
From: Devin Burns
Subject: VSF for Access Layer Only?

Thanks for the reply Yash. The switches are mission critical, but considering the second switch is essentially passive right now, I don't foresee an issue with the shared control plane, unless there is something I am overlooking. We are not going to be able to upgrade to VSX capable switches for a while unfortunately so the only other option would be VRRP + STP really.

------------------------------
Devin Burns

Original Message:
Sent: Apr 14, 2022 03:11 PM
From: Yash NN
Subject: VSF for Access Layer Only?

+ to Davide Poletto 

Hi Devin,
Good question!

There is nothing wrong in deploying VSF in aggregation or core if network is not demanding/running mission critical application.
However, It is always recommended to run VSF on Access switches and VSX on aggregation and core switches to keep network always on!

In simple words, A VSF stack means single switch, all connected switches act as Line cards or members - one of the member act as Standy. 
means, VSF is single switch with active/standby for control and management plane traffic.
Means, VSF switch will have single control plane, and distributed forwarding.
Consider VSF active switch fails, then control and management plane switchover to new active (old standby).


VSX is advance technology, in market for few years. Basically brings independent control plane, management plane between two switches (active/active) with advance synchronization method. Due to that during any vsx node failure/upgrade control & management plane is unaltered, network will be always on.

Hope this helps!

Yash


------------------------------
Yash NN

Original Message:
Sent: Apr 13, 2022 06:50 PM
From: Devin Burns
Subject: VSF for Access Layer Only?

I am trying to add additional redundancy to our core and am wondering if it is a bad idea to use VSF. We currently have two 5400Rs acting as our core switches and wont get the okay to upgrade anytime soon. There is almost no redundancy between the two, and the secondary is essentially a passive backup. Obviously I would like to fix this, and my first thought was VSF. It seems like most Aruba info says VSF is for access layer switches and VSX is for core. I'm seeing discussions about it as well with people saying not to use VSF on core switches. What is the reasoning behind this? Is it just the limitations of the shared control plane between the two? Any input would be appreciated.

------------------------------
Devin Burns
------------------------------

Hello Devin, the requirement about VSF deployment imposing to use v3 zl2 Modules (or to lose v2 zl Modules eventually installed) sounds difficult to digest, especially when your HP/Aruba 5400R zl2 wasn't initially equipped with all of them in favor of older generation v2 zl Modules (I think about them as a sort of transition options among HP 5400zl and newer HP 5400R zl2). There are valid reason to explain why such of requirement was imposed: v3 zl2 Modules supports newer features and have higher bandwidth which, from the VSF implementation PoV, sound pretty reasonable additions.

Read this.

------------------------------
Davide Poletto
------------------------------

Original Message:
Sent: Apr 15, 2022 05:53 PM
From: Devin Burns
Subject: VSF for Access Layer Only?

I was reading through the documents you linked yesterday and did see the part about the v3 modules. That will definitely be a hurdle as the majority of ours are v2 currently. I will have to look into replacing those and what that would entail. I wasn't aware of the FSU procedure before posting, that would be great for minimizing downtime. I also like that it splits the upgrade, so if there is some sort of failure it doesn't take out the entire stack. Thanks again for all the great information on the subject!

------------------------------
Devin Burns

Original Message:
Sent: Apr 15, 2022 08:00 AM
From: Davide Poletto
Subject: VSF for Access Layer Only?

Hi Devin, VSF deployed on your pair of Aruba 5400R zl2 (the Switch is required to operate in v3-Only mode so only Aruba v3 zl2 Modules for Aruba 5400R zl2 will be supported on VSF) should be enough. Consider that Aruba 5400R zl2 VSF supports the FSU Fast Software Upgrade procedure, detailed here and here and the secondary MM (if installed in the Chassis) will be disabled on both VSF Members.

Search for VSF related threads here on Airheads or on the legacy (now closed) HPE Community Networking forum (ArubaOS-Switch section) and you will be able to find a lot of interesting things about VSF. As said - IMHO - VSF and VSX shouldn't not be compared because comparing Hardware and Software architectures (and deployment approaches) used on the ArubaOS-Switch operating system based switch series supporting VSF versus those used on ArubaOS-CX operating system based switch series will be like comparing apples and oranges (and - pay attention - VSF was also "ported" on some ArubaOS-CX based switch series - engineered and featured to better serve the Access layer - so this could be quite confusing since one will think that new Aruba CX switches should only support VSX and not VSF...that's to say that there are at least two macro-flavors of VSF types).

------------------------------
Davide Poletto

Original Message:
Sent: Apr 14, 2022 03:32 PM
From: Devin Burns
Subject: VSF for Access Layer Only?

Thanks for the reply Yash. The switches are mission critical, but considering the second switch is essentially passive right now, I don't foresee an issue with the shared control plane, unless there is something I am overlooking. We are not going to be able to upgrade to VSX capable switches for a while unfortunately so the only other option would be VRRP + STP really.

------------------------------
Devin Burns

Original Message:
Sent: Apr 14, 2022 03:11 PM
From: Yash NN
Subject: VSF for Access Layer Only?

+ to Davide Poletto 

Hi Devin,
Good question!

There is nothing wrong in deploying VSF in aggregation or core if network is not demanding/running mission critical application.
However, It is always recommended to run VSF on Access switches and VSX on aggregation and core switches to keep network always on!

In simple words, A VSF stack means single switch, all connected switches act as Line cards or members - one of the member act as Standy. 
means, VSF is single switch with active/standby for control and management plane traffic.
Means, VSF switch will have single control plane, and distributed forwarding.
Consider VSF active switch fails, then control and management plane switchover to new active (old standby).


VSX is advance technology, in market for few years. Basically brings independent control plane, management plane between two switches (active/active) with advance synchronization method. Due to that during any vsx node failure/upgrade control & management plane is unaltered, network will be always on.

Hope this helps!

Yash


------------------------------
Yash NN

Original Message:
Sent: Apr 13, 2022 06:50 PM
From: Devin Burns
Subject: VSF for Access Layer Only?

I am trying to add additional redundancy to our core and am wondering if it is a bad idea to use VSF. We currently have two 5400Rs acting as our core switches and wont get the okay to upgrade anytime soon. There is almost no redundancy between the two, and the secondary is essentially a passive backup. Obviously I would like to fix this, and my first thought was VSF. It seems like most Aruba info says VSF is for access layer switches and VSX is for core. I'm seeing discussions about it as well with people saying not to use VSF on core switches. What is the reasoning behind this? Is it just the limitations of the shared control plane between the two? Any input would be appreciated.

------------------------------
Devin Burns
------------------------------