Example for Configuring MLAG with VXLAN
- Tracy Yang (Unlicensed)
Introduction
With PicaPilot, PICOS-powered Ethernet switches use Multi-Chassis Link Aggregation (MLAG) technology to connect devices, enabling each one to connect to a pair of Pica8 switches with all links running active/active to improve resiliency. There’s no need to block certain links, as with the spanning tree protocol (STP), resulting in improved bandwidth utilization and performance. With STP, while redundant links may exist between switches, traffic can only flow over one of them at a time, which effectively cuts the amount of available bandwidth in half. MLAG still supports redundancy, however, because peer switches synchronize forwarding state between them, so if a leaf or spine switch fails, traffic is automatically rerouted for continuous uptime.
This document describes how to configure MLAG with a Virtual Extensible LAN (VXLAN), a method for running a Layer 2 overlay network on Layer 3 infrastructure.
Networking Requirements
Figure 1 illustrates an MLAG configured between Switch A and Switch B, the MLAG connections between the neighboring switches, and two downstream Network Devices.
The MLAG switches connect through a LACP LAG to Switch C.
The MLAG switches connect through a LACP LAG to Switch D.
Figure 1 MLAG Topology with VXLAN
Procedure
Configuring MLAG on SwitchA
Step1 Configure an aggregation interface with LACP mode.
admin@SwitchA# set interface aggregate-ethernet ae1 aggregated-ether-options lacp enable true
admin@SwitchA# set interface aggregate-ethernet ae2 aggregated-ether-options lacp enable true
admin@SwitchA# set interface aggregate-ethernet ae3
Step2 Add member interfaces to a LAG.
admin@SwitchA# set interface gigabit-ethernet ge-1/1/1 ether-options 802.3ad ae1
admin@SwitchA# set interface gigabit-ethernet ge-1/1/2 ether-options 802.3ad ae2
admin@SwitchA# set interface gigabit-ethernet te-1/1/49 ether-options 802.3ad ae3
admin@SwitchA# set interface gigabit-ethernet te-1/1/50 ether-options 802.3ad ae3
Step3 Configure the VLANs.
admin@SwitchA# set vlans vlan-id 15
admin@SwitchA# set vlans vlan-id 16
admin@SwitchA# set vlans vlan-id 4094 l3-interface vlan-4094
admin@SwitchA# set interface aggregate-ethernet ae1 family ethernet-switching port-mode trunk
admin@SwitchA# set interface aggregate-ethernet ae1 family ethernet-switching vlan members 15
admin@SwitchA# set interface aggregate-ethernet ae1 family ethernet-switching vlan members 16
admin@SwitchA# set interface aggregate-ethernet ae2 family ethernet-switching port-mode trunk
admin@SwitchA# set interface aggregate-ethernet ae2 family ethernet-switching vlan members 15
admin@SwitchA# set interface aggregate-ethernet ae2 family ethernet-switching vlan members 16
admin@SwitchA# set interface aggregate-ethernet ae3 family ethernet-switching native-vlan-id 4094
admin@SwitchA# set interface aggregate-ethernet ae3 family ethernet-switching port-mode trunk
admin@SwitchA# set interface aggregate-ethernet ae3 family ethernet-switching vlan members 15
admin@SwitchA# set interface aggregate-ethernet ae3 family ethernet-switching vlan members 16
Step4 Configure the L3 Interface IP Address.
admin@SwitchA# set vlan-interface interface 4094 vif 4094 address 10.10.0.1 prefix-length 24
Step5 Configure MLAG domain ID.
admin@SwitchA# set interface aggregate-ethernet ae1 aggregated-ether-options mlag domain-id 1
admin@SwitchA# set interface aggregate-ethernet ae2 aggregated-ether-options mlag domain-id 2
Step6 Configure the peer IP address and the peer-link for the MLAG peer.
admin@SwitchA# set interface aggregate-ethernet ae1 aggregated-ether-options mlag peer 10.10.0.2 peer-link ae3
admin@SwitchA# set interface aggregate-ethernet ae2 aggregated-ether-options mlag peer 10.10.0.2 peer-link ae3
Step7 Configure a static ARP entry for peer-link interface.
admin@SwitchA# set interface gigabit-ethernet ae3 static-ethernet-switching mac-address A0:34:44:32:9C:23 vlan 4094
admin@SwitchA# set protocols arp interface vlan-4094 address 10.10.0.2 mac-address A0:34:44:32:9C:23
NOTE: PICA8 recommends configuring a static ARP for peer-link interface to prevent ARP entry of the peer-link interface from being modified by ARP attack packets. |
Step8 Commit the configurations.
admin@SwitchA# commit
Configuring VXLAN on SwitchA
Step1 Configure VXLAN soure interface.
admin@SwitchA# set vlan-interface loopback address 10.10.10.1 prefix-length 32
admin@SwitchA# set vxlans source-interface loopback address 10.10.10.1
Step2 Create VXLAN VNI.
admin@SwitchA# set vxlans vni 100010
Step3 Configure vtep address for VXLAN VNI.
admin@SwitchA# set vxlans vni 100010 flood vtep 20.20.20.1
Step4 Add VXLAN port into VXLAN VNI.
admin@SwitchA# set vxlans vni 100010 interface ae1 vlan 15
Step5 Configure a static route.
admin@SwitchA# set protocols static route 20.20.20.1/24 next-hop 10.10.10.2
Step6 Commit the configurations.
admin@SwitchA# commit
Configuring MLAG on SwitchB
Step1 Configure an aggregation interface with LACP mode.
admin@SwitchB# set interface aggregate-ethernet ae1 aggregated-ether-options lacp enable true
admin@SwitchB# set interface aggregate-ethernet ae2 aggregated-ether-options lacp enable true
admin@SwitchB# set interface aggregate-ethernet ae3
Step2 Add member interfaces to a LAG.
admin@SwitchB# set interface gigabit-ethernet ge-1/1/1 ether-options 802.3ad ae1
admin@SwitchB# set interface gigabit-ethernet ge-1/1/2 ether-options 802.3ad ae2
admin@SwitchB# set interface gigabit-ethernet te-1/1/49 ether-options 802.3ad ae3
admin@SwitchB# set interface gigabit-ethernet te-1/1/50 ether-options 802.3ad ae3
Step3 Configure the VLANs.
admin@SwitchB# set vlans vlan-id 15
admin@SwitchB# set vlans vlan-id 16
admin@SwitchB# set vlans vlan-id 4094 l3-interface vlan-4094
admin@SwitchB# set interface aggregate-ethernet ae1 family ethernet-switching port-mode trunk
admin@SwitchB# set interface aggregate-ethernet ae1 family ethernet-switching vlan members 15
admin@SwitchB# set interface aggregate-ethernet ae1 family ethernet-switching vlan members 16
admin@SwitchB# set interface aggregate-ethernet ae2 family ethernet-switching port-mode trunk
admin@SwitchB# set interface aggregate-ethernet ae2 family ethernet-switching vlan members 15
admin@SwitchB# set interface aggregate-ethernet ae2 family ethernet-switching vlan members 16
admin@SwitchB# set interface aggregate-ethernet ae3 family ethernet-switching native-vlan-id 4094
admin@SwitchB# set interface aggregate-ethernet ae3 family ethernet-switching port-mode trunk
admin@SwitchB# set interface aggregate-ethernet ae3 family ethernet-switching vlan members 15
admin@SwitchB# set interface aggregate-ethernet ae3 family ethernet-switching vlan members 16
Step4 Configure the L3 Interface IP Address.
admin@SwitchB# set vlan-interface interface 4094 vif 4094 address 10.10.0.2 prefix-length 24
Step5 Configure MLAG domain ID.
admin@SwitchB# set interface aggregate-ethernet ae1 aggregated-ether-options mlag domain-id 1
admin@SwitchB# set interface aggregate-ethernet ae2 aggregated-ether-options mlag domain-id 2
Step6 Configure the peer IP address and the peer-link for the MLAG peer.
admin@SwitchB# set interface aggregate-ethernet ae1 aggregated-ether-options mlag peer 10.10.0.1 peer-link ae3
admin@SwitchB# set interface aggregate-ethernet ae2 aggregated-ether-options mlag peer 10.10.0.1 peer-link ae3
Step7 Configure a static ARP entry for peer-link interface.
admin@SwitchB# set interface gigabit-ethernet ae3 static-ethernet-switching mac-address 00:18:23:30:E7:90 vlan 4094
admin@SwitchB# set protocols arp interface vlan-4094 address 10.10.0.1 mac-address 00:18:23:30:E7:90
NOTE: PICA8 recommends configuring a static ARP for peer-link interface to prevent ARP entry of the peer-link interface from being modified by ARP attack packets. |
Step8 Commit the configurations.
admin@SwitchB# commit
Configuring VXLAN on SwitchB
Step1 Configure VXLAN soure interface.
admin@SwitchB# set vlan-interface loopback address 10.10.10.1 prefix-length 32
admin@SwitchB# set vxlans source-interface loopback address 10.10.10.1
Step2 Create VXLAN VNI.
admin@SwitchB# set vxlans vni 100010
Step3 Configure vtep address for VXLAN VNI.
admin@SwitchB# set vxlans vni 100010 flood vtep 20.20.20.1
Step4 Add VXLAN port into VXLAN VNI.
admin@SwitchB# set vxlans vni 100010 interface ae1 vlan 15
Step5 Configure a static route.
admin@SwitchB# set protocols static route 20.20.20.1/24 next-hop 10.10.20.2
Step6 Commit the configurations.
admin@SwitchB# commit
Configuring LAG on SwitchC
Step1 Configure an aggregation interface with LACP mode.
admin@SwitchC# set interface aggregate-ethernet ae1 aggregated-ether-options lacp enable true
Step2 Add member interfaces to a LAG.
admin@SwitchC# set interface gigabit-ethernet ge-1/1/1 ether-options 802.3ad ae1
admin@SwitchC# set interface gigabit-ethernet ge-1/1/2 ether-options 802.3ad ae1
Step3 Configure VLAN.
admin@SwitchC# set vlans vlan-id 15
admin@SwitchC# set vlans vlan-id 16
admin@SwitchC# set interface aggregate-ethernet ae1 family ethernet-switching port-mode trunk
admin@SwitchC# set interface aggregate-ethernet ae1 family ethernet-switching vlan members 15
admin@SwitchC# set interface aggregate-ethernet ae1 family ethernet-switching vlan members 16
Step4 Commit the configurations.
admin@SwitchC# commit
Configuring LAG on SwitchD
Step1 Configure an aggregation interface with LACP mode.
admin@SwitchD# set interface aggregate-ethernet ae2 aggregated-ether-options lacp enable true
Step2 Add member interfaces to a LAG.
admin@SwitchD# set interface gigabit-ethernet ge-1/1/1 ether-options 802.3ad ae2
admin@SwitchD# set interface gigabit-ethernet ge-1/1/2 ether-options 802.3ad ae2
Step3 Configure VLAN.
admin@SwitchD# set vlans vlan-id 15
admin@SwitchD# set vlans vlan-id 16
admin@SwitchD# set interface aggregate-ethernet ae2 family ethernet-switching port-mode trunk
admin@SwitchD# set interface aggregate-ethernet ae2 family ethernet-switching vlan members 15
admin@SwitchD# set interface aggregate-ethernet ae2 family ethernet-switching vlan members 16
Step4 Commit the configurations.
admin@SwitchD# commit
Copyright © 2025 Pica8 Inc. All Rights Reserved.