Programmable Internetworking & Communication Operating System Docs ... Click Spaces -> Space Directory to see docs for all releases ...
Page tree
Skip to end of metadata
Go to start of metadata

Networking Requirements

Figure 1. User Configuration Topology of MLAG with VRRP


Basic Deployment

  •   In Figure 1, multi-cascade MLAG is deployed in the topology, where Switch1 and Switch2 form an MLAG, Switch3 and Switch4 form an MLAG. Moreover, Switch1, Switch2, Switch3, and Switch4 should belong to the same MLAG domain (MLAG domain 1).
  •   Access Switch5 dual-accesses to the network through Switch3 and Switch4 by LAG interface.
  •   Active-Active VRRP is deployed on Switch1 and Switch2 as Gateway for Host devices of VLAN 20.

Networking Address Planning

The networking IP address planning is shown in the following table.

Switch

Physical Interface

Aggregate Interface

VIF Interface and IP Address

Switch1

Te-1/1/2

ae3

VIF 4092: 192.168.45.2

Te-1/1/3

Te-1/1/4

ae1

VIF 20: 11.251.201.1

VRRP virtual IP: 11.251.201.3

Te-1/1/6

Switch2

Te-1/1/2

ae3


VIF 4092: 192.168.45.1

Te-1/1/3

Te-1/1/4

ae1


VIF 20: 11.251.201.2

VRRP virtual IP: 11.251.201.3

Te-1/1/6

Switch3

Te-1/1/2

ae4

VIF 4093: 192.168.46.2

Te-1/1/6

Te-1/1/1

ae1

-

Te-1/1/3

Te-1/1/5

ae6

-

Switch4

Te-1/1/2

ae4

VIF 4093: 192.168.46.1

Te-1/1/6

Te-1/1/4

ae1

-

Te-1/1/7

Te-1/1/5

ae6

-

Switch5

Ge-1/1/1

ae6

-

Ge-1/1/2

Procedure

Switch1

Step1         Configure an aggregation interface with LACP mode.

admin@Switch1# set interface aggregate-ethernet ae1 aggregated-ether-options lacp enable true
admin@Switch1# set interface aggregate-ethernet ae3 aggregated-ether-options lacp enable true

Step2         Configure VLAN.

admin@Switch1# set vlans vlan-id 10-19
admin@Switch1# set vlans vlan-id 20 l3-interface 20
admin@Switch1# set vlans vlan-id 4092 l3-interface 4092
admin@Switch1# set interface aggregate-ethernet ae1 family ethernet-switching native-vlan-id 10
admin@Switch1# set interface aggregate-ethernet ae1 family ethernet-switching port-mode trunk
admin@Switch1# set interface aggregate-ethernet ae1 family ethernet-switching vlan members 10-19
admin@Switch1# set interface aggregate-ethernet ae1 family ethernet-switching vlan members 20
admin@Switch1# set interface aggregate-ethernet ae3 family ethernet-switching native-vlan-id 4092
admin@Switch1# set interface aggregate-ethernet ae3 family ethernet-switching port-mode trunk
admin@Switch1# set interface aggregate-ethernet ae3 family ethernet-switching vlan members 10-19
admin@Switch1# set interface aggregate-ethernet ae3 family ethernet-switching vlan members 20

Step3         Configure the L3 interface IP address.

admin@Switch1# set vlan-interface interface 4092 vif 4092 address 192.168.45.2 prefix-length 24
admin@Switch1# set vlan-interface interface 20 vif 20 address 11.251.201.1 prefix-length 24

Step4          Enable MLAG on the LAG.

admin@Switch1# set interface aggregate-ethernet ae1 aggregated-ether-options mlag disable false

Step5         Configure MLAG domain ID.

admin@Switch1# set interface aggregate-ethernet ae1 aggregated-ether-options mlag domain-id 1

Step6         Add member interfaces to a LAG.

admin@Switch1# set interface gigabit-ethernet te-1/1/2 ether-options 802.3ad ae3
admin@Switch1# set interface gigabit-ethernet te-1/1/3 ether-options 802.3ad ae3
admin@Switch1# set interface gigabit-ethernet te-1/1/4 ether-options 802.3ad ae1
admin@Switch1# set interface gigabit-ethernet te-1/1/6 ether-options 802.3ad ae1

Step7         Configure the peer IP address and the peer-link for the MLAG peer.

admin@Switch1# set interface mlag peer 192.168.45.1 peer-link ae3

Step8         Configure a static ARP entry for peer-link interface.

admin@Switch1# set interface aggregate-ethernet ae3 static-ethernet-switching mac-address A0:34:44:32:9C:23 vlan 4092
admin@Switch1# set protocols arp interface 4092 address 192.168.45.1 mac-address A0:34:44:32:9C:23

NOTE:

PICA8 recommends configuring a static ARP for peer-link interface to prevent ARP entry of the peer-link interface from being modified by ARP attack packets.

Step9         Configure system ID for LACP negotiation.

admin@Switch1# set interface mlag system-id 00:00:00:00:00:0a

Step10        Disable spanning tree.

admin@Switch1# set protocols spanning-tree enable false 

Step11      Enable Active-Active-VRRP function.

 admin@Switch1# set protocols vrrp interface 20 vif 20 vrid 20 ip 11.251.201.3
 admin@Switch1# set protocols vrrp interface 20 vif 20 vrid 20 load-balance disable false

Step12      Commit the configuration.

 admin@Switch1# commit

Switch2


Step1        
Configure an aggregation interface with LACP mode.

admin@Switch2# set interface aggregate-ethernet ae1 aggregated-ether-options lacp enable true
admin@Switch2# set interface aggregate-ethernet ae3 aggregated-ether-options lacp enable true

Step2         Configure VLAN.

admin@Switch2# set vlans vlan-id 10-19
admin@Switch2# set vlans vlan-id 20 l3-interface 20
admin@Switch2# set vlans vlan-id 4092 l3-interface 4092
admin@Switch2# set interface aggregate-ethernet ae1 family ethernet-switching native-vlan-id 10
admin@Switch2# set interface aggregate-ethernet ae1 family ethernet-switching port-mode trunk
admin@Switch2# set interface aggregate-ethernet ae1 family ethernet-switching vlan members 10-19
admin@Switch2# set interface aggregate-ethernet ae1 family ethernet-switching vlan members 20
admin@Switch2# set interface aggregate-ethernet ae3 family ethernet-switching native-vlan-id 4092
admin@Switch2# set interface aggregate-ethernet ae3 family ethernet-switching port-mode trunk
admin@Switch2# set interface aggregate-ethernet ae3 family ethernet-switching vlan members 10-19
admin@Switch2# set interface aggregate-ethernet ae3 family ethernet-switching vlan members 20

Step3         Configure the L3 interface IP address.

admin@Switch2# set vlan-interface interface 4092 vif 4092 address 192.168.45.1 prefix-length 24
admin@Switch2# set vlan-interface interface 20 vif 20 address 11.251.201.2 prefix-length 24

Step4         Enable MLAG on the LAG.

admin@Switch2# set interface aggregate-ethernet ae1 aggregated-ether-options mlag disable false

Step5         Configure MLAG domain ID.

admin@Switch2# set interface aggregate-ethernet ae1 aggregated-ether-options mlag domain-id 1

Step6         Add member interfaces to a LAG.

 admin@Switch2# set interface gigabit-ethernet te-1/1/2 ether-options 802.3ad ae3
 admin@Switch2# set interface gigabit-ethernet te-1/1/3 ether-options 802.3ad ae3
 admin@Switch2# set interface gigabit-ethernet te-1/1/4 ether-options 802.3ad ae1
 admin@Switch2# set interface gigabit-ethernet te-1/1/6 ether-options 802.3ad ae1

Step7         Configure the peer IP address and the peer-link for the MLAG peer.

admin@Switch2# set interface mlag peer 192.168.45.2 peer-link ae3

Step8         Configure a static ARP entry for peer-link interface.

admin@Switch2# set interface aggregate-ethernet ae3 static-ethernet-switching mac-address 11:31:00:C1:8C:11 vlan 4092
admin@Switch2# set protocols arp interface 4092 address 192.168.45.2 mac-address 11:31:00:C1:8C:11

NOTE:

PICA8 recommends configuring a static ARP for peer-link interface to prevent ARP entry of the peer-link interface from being modified by ARP attack packets.

Step9         Configure system ID for LACP negotiation.

admin@Switch2# set interface mlag system-id 00:00:00:00:00:0a

Step10        Disable spanning tree.

admin@Switch2# set protocols spanning-tree enable false 

Step11      Enable Active-Active-VRRP function.

admin@Switch2# set protocols vrrp interface 20 vif 20 vrid 20 ip 11.251.201.3
admin@Switch2# set protocols vrrp interface 20 vif 20 vrid 20 load-balance disable false

Step12      Commit the configuration.

admin@Switch2# commit

Switch3


Step1        
Configure an aggregation interface with LACP mode.

admin@Switch3# set interface aggregate-ethernet ae1 aggregated-ether-options lacp enable true
admin@Switch3# set interface aggregate-ethernet ae4 aggregated-ether-options lacp enable true
admin@Switch3# set  interface aggregate-ethernet ae6 aggregated-ether-options lacp enable true

Step2         Configure VLAN.

admin@Switch3# set vlans vlan-id 10-20
admin@Switch3# set vlans vlan-id 4093 l3-interface 4093
admin@Switch3# set interface aggregate-ethernet ae1 family ethernet-switching native-vlan-id 10
admin@Switch3# set interface aggregate-ethernet ae1 family ethernet-switching port-mode trunk
admin@Switch3# set interface aggregate-ethernet ae1 family ethernet-switching vlan members 10-20
admin@Switch3# set interface aggregate-ethernet ae4 family ethernet-switching native-vlan-id 4093
admin@Switch3# set interface aggregate-ethernet ae4 family ethernet-switching port-mode trunk
admin@Switch3# set interface aggregate-ethernet ae4 family ethernet-switching vlan members 10-20
admin@Switch3# set interface aggregate-ethernet ae6 family ethernet-switching native-vlan-id 10
admin@Switch3# set interface aggregate-ethernet ae6 family ethernet-switching port-mode trunk
admin@Switch3# set interface aggregate-ethernet ae6 family ethernet-switching vlan members 10-20

Step3         Configure the L3 interface IP address.

admin@Switch3# set vlan-interface interface 4093 vif 4093 address 192.168.46.2 prefix-length 24

Step4         Enable MLAG on the LAG.

admin@Switch3# set interface aggregate-ethernet ae1 aggregated-ether-options mlag disable false
admin@Switch3# set interface aggregate-ethernet ae6 aggregated-ether-options mlag disable false

Step5         Configure MLAG domain ID.

admin@Switch3# set interface aggregate-ethernet ae1 aggregated-ether-options mlag domain-id 2
admin@Switch3# set interface aggregate-ethernet ae6 aggregated-ether-options mlag domain-id 3

Step6         Add member interfaces to a LAG.

 admin@Switch3# set interface gigabit-ethernet te-1/1/2 ether-options 802.3ad ae4
 admin@Switch3# set interface gigabit-ethernet te-1/1/6 ether-options 802.3ad ae4
 admin@Switch3# set interface gigabit-ethernet te-1/1/1 ether-options 802.3ad ae1
 admin@Switch3# set interface gigabit-ethernet te-1/1/3 ether-options 802.3ad ae1
  admin@Switch3# set interface gigabit-ethernet te-1/1/5 ether-options 802.3ad ae6

Step7         Configure the peer IP address and the peer-link for the MLAG peer.

admin@Switch3# set interface mlag peer 192.168.46.1 peer-link ae4

Step8         Configure a static ARP entry for peer-link interface.

admin@Switch3# set interface aggregate-ethernet ae4 static-ethernet-switching mac-address A0:34:44:32:9C:23 vlan 4093
admin@Switch3# set protocols arp interface 4093 address 192.168.46.1 mac-address A0:34:44:32:9C:23

NOTE:

PICA8 recommends configuring a static ARP for peer-link interface to prevent ARP entry of the peer-link interface from being modified by ARP attack packets.

Step9         Configure system ID for LACP negotiation.

admin@Switch3# set interface mlag system-id 00:00:00:00:00:0b

Step10        Disable spanning tree.

admin@Switch3# set protocols spanning-tree enable false 

Step11      Commit the configuration.

admin@Switch3# commit

Switch4


Step1        
Configure an aggregation interface with LACP mode.

admin@Switch4# set interface aggregate-ethernet ae1 aggregated-ether-options lacp enable true
admin@Switch4# set interface aggregate-ethernet ae4 aggregated-ether-options lacp enable true
admin@Switch4# set interface aggregate-ethernet ae6 aggregated-ether-options lacp enable true

Step2         Configure VLAN.

admin@Switch4# set vlans vlan-id 10-20
admin@Switch4# set vlans vlan-id 4093 l3-interface 4093
admin@Switch4# set interface aggregate-ethernet ae1 family ethernet-switching native-vlan-id 10
admin@Switch4# set interface aggregate-ethernet ae1 family ethernet-switching port-mode trunk
admin@Switch4# set interface aggregate-ethernet ae1 family ethernet-switching vlan members 10-20
admin@Switch4# set interface aggregate-ethernet ae4 family ethernet-switching native-vlan-id 4093
admin@Switch4# set interface aggregate-ethernet ae4 family ethernet-switching port-mode trunk
admin@Switch4# set interface aggregate-ethernet ae4 family ethernet-switching vlan members 10-20
admin@Switch4# set interface aggregate-ethernet ae6 family ethernet-switching native-vlan-id 10
admin@Switch4# set interface aggregate-ethernet ae6 family ethernet-switching port-mode trunk
admin@Switch4# set interface aggregate-ethernet ae6 family ethernet-switching vlan members 10-20

Step3         Configure the L3 interface IP address.

admin@Switch4# set vlan-interface interface 4093 vif 4093 address 192.168.46.1 prefix-length 24

Step4         Enable MLAG on the LAG.

admin@Switch4# set interface aggregate-ethernet ae1 aggregated-ether-options mlag disable false
admin@Switch4# set interface aggregate-ethernet ae6 aggregated-ether-options mlag disable false

Step5         Configure MLAG domain ID.

admin@Switch4# set interface aggregate-ethernet ae1 aggregated-ether-options mlag domain-id 2
admin@Switch4# set interface aggregate-ethernet ae6 aggregated-ether-options mlag domain-id 3

Step6         Add member interfaces to a LAG.

 admin@Switch4# set interface gigabit-ethernet te-1/1/2 ether-options 802.3ad ae4
 admin@Switch4# set interface gigabit-ethernet te-1/1/6 ether-options 802.3ad ae4
 admin@Switch4# set interface gigabit-ethernet te-1/1/1 ether-options 802.3ad ae1
 admin@Switch4# set interface gigabit-ethernet te-1/1/3 ether-options 802.3ad ae1
 admin@Switch4# set interface gigabit-ethernet te-1/1/5 ether-options 802.3ad ae6

Step7         Configure the peer IP address and the peer-link for the MLAG peer.

admin@Switch4# set interface mlag peer 192.168.46.2 peer-link ae4

Step8         Configure a static ARP entry for peer-link interface.

admin@Switch4# set interface aggregate-ethernet ae4 static-ethernet-switching mac-address 22:22:22:22:22:22 vlan 4093
admin@Switch4# set protocols arp interface 4093 address 192.168.46.2 mac-address 22:22:22:22:22:22

NOTE:

PICA8 recommends configuring a static ARP for peer-link interface to prevent ARP entry of the peer-link interface from being modified by ARP attack packets.

Step9         Configure system ID for LACP negotiation.

admin@Switch4# set interface mlag system-id 00:00:00:00:00:0b

Step10        Disable spanning tree.

 admin@Switch4# set protocols spanning-tree enable false 

Step11      Commit the configuration.

admin@Switch4# commit

Switch5


Step1        
Enable aggregation interface with LACP mode.

admin@Switch5# set interface aggregate-ethernet ae6 aggregated-ether-options lacp enable true

Step2         Add member interfaces to a LAG. 

admin@Switch5# set interface gigabit-ethernet ge-1/1/1 ether-options 802.3ad ae6
admin@Switch5# set interface gigabit-ethernet ge-1/1/2 ether-options 802.3ad ae6

Step3         Configure VLAN.

admin@Switch5# set vlans vlan-id 10-20
admin@Switch4# set interface aggregate-ethernet ae6 family ethernet-switching native-vlan-id 10
admin@Switch5# set interface aggregate-ethernet ae6 family ethernet-switching port-mode trunk
admin@Switch5# set interface aggregate-ethernet ae6 family ethernet-switching vlan members 10-20

Verify the Configuration

  •   You can use the run show mlag configuration command to check the configuration information of MLAG.

       # Check information about MLAG 1 on Switch1.

admin@Switch1# run show mlag configuration
Domain-id Local-LAG  System-id     Priority  Source   Peer   Peer-link  Hello-interval  Reload-delay
----------------------------------------------------------------------------------------------------------
1      ae1    00:00:00:00:00:0a  0    N/A   192.168.45.1   ae3      4            0    

       # Check information about MLAG 1 on Switch2.

admin@Switch2# run show mlag configuration
Domain-id Local-LAG  System-id     Priority  Source   Peer   Peer-link  Hello-interval  Reload-delay
----------------------------------------------------------------------------------------------------------
1      ae1    00:00:00:00:00:0a  0  N/A   192.168.45.2   ae3        4           0

       # Check information about MLAG 1 on Switch3.

admin@Switch3# run show mlag configuration
Domain-id Local-LAG  System-id     Priority  Source   Peer   Peer-link  Hello-interval  Reload-delay
----------------------------------------------------------------------------------------------------------
1      ae1    00:00:00:00:00:0b  0  N/A   192.168.46.1   ae4   4               0

       # Check information about MLAG 1 on Switch4.

admin@Switch4# run show mlag configuration
Domain-id Local-LAG  System-id     Priority  Source   Peer   Peer-link  Hello-interval  Reload-delay
----------------------------------------------------------------------------------------------------------
1      ae1    00:00:00:00:00:0b  0  N/A   192.168.46.2   ae4   4                0  
  •   You can use the run show mlag peer domain-id command to view the status of MLAG peer device in an MLAG domain.

# Check the status of local MLAG interface state on Switch1.

admin@Switch1# run show mlag peer 1
Domain-id  Peer         System-id       State  Link-status
----------------------------------------------------------------------------
1     192.168.45.1     00:00:00:00:00:0a  TWO-WAY  DOWN

# Check the status of local MLAG interface state on Switch2.

admin@Switch2# run show mlag peer 1
Domain-id  Peer        System-id     State   Link-status
---------------------------------------------------------------------------
1     192.168.45.2     00:00:00:00:00:0a  TWO-WAY  DOWN

# Check the status of local MLAG interface state on Switch3.

admin@Switch3# run show mlag peer 1
Domain-id  Peer          System-id      State    Link-status
-----------------------------------------------------------------------------
1     192.168.46.1     00:00:00:00:00:0b  TWO-WAY     DOWN

# Check the status of local MLAG interface state on Switch4.

admin@Switch4# run show mlag peer 1
Domain-id  Peer           System-id      State  Link-status
-------------------------------------------------------------------------
1       192.168.46.2     00:00:00:00:00:0b  TWO-WAY  DOWN
  •  You can use the run show mlag internal command to view the status of local MLAG interface state.

# Check the status of local MLAG interface state on Switch1.

admin@Switch1# run show mlag internal
Domain-id  Local-LAG  Flood  MAC-sync  State    Config-Match  Role
-------------------------------------------------------------------------------
1      ae1    false  false   DOWN      Yes      MASTER

# Check the status of local MLAG interface state on Switch2.

admin@Switch2# run show mlag internal
Domain-id  Local-LAG  Flood  MAC-sync  State    Config-Match  Role
-----------------------------------------------------------------------------
1          ae1     false  false   DOWN      Yes      SLAVE

# Check the status of local MLAG interface state on Switch3.

admin@Switch3# run show mlag internal
Domain-id  Local-LAG  Flood  MAC-sync  State   Config-Match  Role
----------------------------------------------------------------------------
1         ae1     false   false   DOWN      Yes    MASTER

# Check the status of local MLAG interface state on Switch4.

admin@Switch4# run show mlag internal
Domain-id  Local-LAG  Flood  MAC-sync  State   Config-Match  Role
----------------------------------------------------------------------------
1      ae1     false   false  DOWN    Yes      SLAVE
  • No labels