Example for Configuring MLAG with VXLAN



Introduction

PICOS-powered Ethernet switches use Multi-Chassis Link Aggregation (MLAG) technology to connect devices, enabling each one to connect to a pair of Pica8 switches with all links running active/active to improve resiliency. There’s no need to block certain links, as with the spanning tree protocol (STP), resulting in improved bandwidth utilization and performance. With STP, while redundant links may exist between switches, traffic can only flow over one of them at a time, which effectively cuts the amount of available bandwidth in half. MLAG still supports redundancy, however, because peer switches synchronize forwarding state between them, so if a leaf or spine switch fails, traffic is automatically rerouted for continuous uptime.

This document describes how to configure MLAG with a Virtual eXtensible LAN (VXLAN), a method for running a Layer 2 overlay network on Layer 3 infrastructure.

Networking Requirements

Figure 1 illustrates an MLAG configured between Switch A and Switch B, the MLAG connections between the neighboring switches, and two downstream Network Devices. 

Access Switches SwitchC and SwitchD are dual-homed to an MLAG domain through a VXLAN tunnel, achieving that Layer 2 devices on the access side can communicate with each other over Layer 3 networks.

Figure 1 MLAG Topology with VXLAN


Follow the configuration roadmap below to complete the configuration:

  • Configure MLAG. SwitchA, SwitchB and the aggregated port ae1connected to SwitchC form an MLAG, link ID is 1; SwitchA, SwitchB and the aggregated port ae2 connected to SwitchD form another MLAG, link ID is 2. MLAG peer-link implements a backup link aggregation group ae3 between SwitchA and SwitchB to carry MLAG control messages and improve network reliability.
  • Configure VXLAN functions on SwitchA and SwitchB.
  • Configure LACP LAG ports on Switch C and Switch D to implement dual-homing access.

Procedure

Configuring MLAG on SwitchA

Step1         Configure the aggregation interfaces with LACP mode.

    admin@SwitchA# set interface aggregate-ethernet ae1 aggregated-ether-options lacp enable true

    admin@SwitchA# set interface aggregate-ethernet ae2 aggregated-ether-options lacp enable true   

Step2         Add member interfaces to a LAG.

   admin@SwitchA# set interface gigabit-ethernet ge-1/1/1 ether-options 802.3ad ae1

   admin@SwitchA# set interface gigabit-ethernet ge-1/1/2 ether-options 802.3ad ae2

   admin@SwitchA# set interface gigabit-ethernet te-1/1/49 ether-options 802.3ad ae3 

   admin@SwitchA# set interface gigabit-ethernet te-1/1/50 ether-options 802.3ad ae3  

Step3        Configure the VLANs.

   admin@SwitchA# set vlans vlan-id 15

   admin@SwitchA# set vlans vlan-id 16

   admin@SwitchA# set vlans vlan-id 4088 l3-interface vlan4088

   admin@SwitchA# set interface aggregate-ethernet ae1 family ethernet-switching port-mode trunk

   admin@SwitchA# set interface aggregate-ethernet ae1 family ethernet-switching vlan members 15

   admin@SwitchA# set interface aggregate-ethernet ae1 family ethernet-switching vlan members 16

   admin@SwitchA# set interface aggregate-ethernet ae2 family ethernet-switching port-mode trunk

   admin@SwitchA# set interface aggregate-ethernet ae2 family ethernet-switching vlan members 15

   admin@SwitchA# set interface aggregate-ethernet ae2 family ethernet-switching vlan members 16

   admin@SwitchA# set interface aggregate-ethernet ae3 family ethernet-switching native-vlan-id 4088

   admin@SwitchA# set interface aggregate-ethernet ae3 family ethernet-switching port-mode trunk

   admin@SwitchA# set interface aggregate-ethernet ae3 family ethernet-switching vlan members 15

   admin@SwitchA# set interface aggregate-ethernet ae3 family ethernet-switching vlan members 16

Step4        Configure the L3 Interface IP Address.

   admin@SwitchA# set l3-interface vlan-interface vlan4088 address 10.10.0.1 prefix-length 24

Step5        Configure MLAG domain ID.

   admin@SwitchA# set protocols mlag domain 10

   NOTE: Currently, only one MLAG domain is allowed to be configured on one MLAG device.

Step6        Specify SwitchA as MLAG Node 0.

   admin@SwitchA# set protocols mlag domain 10 node 0

Step7         Configure the peer IP address and peer link port.

   admin@SwitchA# set protocols mlag domain 10 peer-ip 10.10.0.2 peer-link ae3

   NOTE: Peer-link port should be configured as a LAG port.

Step8        Configure the L3 interface IP address for peer link port on local MLAG peer device.

                   admin@SwitchA# set l3-interface vlan-interface vlan4088 address 10.10.0.1 prefix-length 24

Step9        Configure link ID for the MLAG member port.

                   admin@SwitchA# set protocols mlag domain 10 interface ae1 link 1

                   admin@SwitchA# set protocols mlag domain 10 interface ae2 link 2

    NOTE: The paired MLAG member ports must be bound to the same MLAG link ID.

Step10       Configure MLAG peer VLAN.

    admin@SwitchA# set protocols mlag domain 10 peer-ip 10.10.0.2 peer-vlan 4088

Step11       Commit the configurations.

    admin@SwitchA# commit

Configuring VXLAN on SwitchA

Step1        Configure VXLAN soure interface.

  admin@SwitchA# set l3-interface loopback lo address 10.10.10.1 prefix-length 32

  admin@SwitchA# set vxlans source-interface loopback address 10.10.10.1

Step2        Create VXLAN VNI.

  admin@SwitchA# set vxlans vni 100010

Step3        Configure vtep address for VXLAN VNI.

  admin@SwitchA# set vxlans vni 100010 flood vtep 20.20.20.1

Step4        Add VXLAN port into VXLAN VNI.

  admin@SwitchA# set vxlans vni 100010 vlan 15

  Note that, in current version, only one VLAN is supported in one VNI.

Step5        Configure a static route.

  admin@SwitchA# set protocols static route 20.20.20.1/24 next-hop 10.10.10.2

Step6        Enable IP routing.

  admin@SwitchA# set ip routing enable true

Step7        Commit the configurations.

   admin@SwitchA# commit

Configuring MLAG on SwitchB

Step1         Configure the aggregation interfaces with LACP mode.

    admin@SwitchB# set interface aggregate-ethernet ae1 aggregated-ether-options lacp enable true

    admin@SwitchB# set interface aggregate-ethernet ae2 aggregated-ether-options lacp enable true   

Step2         Add the member interfaces to the LAG ports.

   admin@SwitchB# set interface gigabit-ethernet ge-1/1/1 ether-options 802.3ad ae1

   admin@SwitchB# set interface gigabit-ethernet ge-1/1/2 ether-options 802.3ad ae2

   admin@SwitchB# set interface gigabit-ethernet te-1/1/49 ether-options 802.3ad ae3 

   admin@SwitchB# set interface gigabit-ethernet te-1/1/50 ether-options 802.3ad ae3  

Step3        Configure the VLANs.

   admin@SwitchB# set vlans vlan-id 15

   admin@SwitchB# set vlans vlan-id 16

   admin@SwitchB# set vlans vlan-id 4088 l3-interface vlan4088

   admin@SwitchB# set interface aggregate-ethernet ae1 family ethernet-switching port-mode trunk

   admin@SwitchB# set interface aggregate-ethernet ae1 family ethernet-switching vlan members 15

   admin@SwitchB# set interface aggregate-ethernet ae1 family ethernet-switching vlan members 16

   admin@SwitchB# set interface aggregate-ethernet ae2 family ethernet-switching port-mode trunk

   admin@SwitchB# set interface aggregate-ethernet ae2 family ethernet-switching vlan members 15

   admin@SwitchB# set interface aggregate-ethernet ae2 family ethernet-switching vlan members 16

   admin@SwitchB# set interface aggregate-ethernet ae3 family ethernet-switching native-vlan-id 4088

   admin@SwitchB# set interface aggregate-ethernet ae3 family ethernet-switching port-mode trunk

   admin@SwitchB# set interface aggregate-ethernet ae3 family ethernet-switching vlan members 15

   admin@SwitchB# set interface aggregate-ethernet ae3 family ethernet-switching vlan members 16

Step4        Configure the L3 Interface IP Address.

   admin@SwitchB# set l3-interface vlan-interface vlan4088 address 10.10.0.2 prefix-length 24

Step5        Configure MLAG domain ID.

   admin@SwitchB# set protocols mlag domain 10

   NOTE: Currently, only one MLAG domain is allowed to be configured on one MLAG device.

Step6        Specify SwitchB as MLAG Node 1.

   admin@SwitchB# set protocols mlag domain 10 node 1

Step7         Configure the peer IP address and peer link port.

   admin@SwitchB# set protocols mlag domain 10 peer-ip 10.10.0.1 peer-link ae3

   NOTE: Peer-link port should be configured as a LAG port.

Step8        Configure the L3 interface IP address for peer link port on local MLAG peer device.

                   admin@SwitchB# set l3-interface vlan-interface vlan4088 address 10.10.0.2 prefix-length 24

Step9        Configure link ID for the MLAG member port.

                   admin@SwitchB# set protocols mlag domain 10 interface ae1 link 1

                   admin@SwitchB# set protocols mlag domain 10 interface ae2 link 2

    NOTE: The paired MLAG member ports must be bound to the same MLAG link ID.

Step10       Configure MLAG peer VLAN.

    admin@SwitchB# set protocols mlag domain 10 peer-ip 10.10.0.1 peer-vlan 4088

Step11       Commit the configurations.

    admin@SwitchB# commit

Configuring VXLAN on SwitchB

Step1        Configure VXLAN soure interface.

  admin@SwitchB# set l3-interface loopback lo address 10.10.10.1 prefix-length 32

  admin@SwitchB# set vxlans source-interface loopback address 10.10.10.1

Step2        Create VXLAN VNI.

  admin@SwitchB# set vxlans vni 100010

Step3        Configure vtep address for VXLAN VNI.

  admin@SwitchB# set vxlans vni 100010 flood vtep 20.20.20.1

Step4        Add VXLAN port into VXLAN VNI.

  admin@SwitchB# set vxlans vni 100010 vlan 15

  Note that, in current version, only one VLAN is supported in one VNI.

Step5        Configure a static route.

  admin@SwitchB# set protocols static route 20.20.20.0/24 next-hop 10.10.20.2

Step6        Enable IP routing.

  admin@SwitchB# set ip routing enable true

Step7        Commit the configurations.

   admin@SwitchB# commit

Configuring LAG on SwitchC

Step1         Configure the aggregation interface with LACP mode.

    admin@SwitchC# set interface aggregate-ethernet ae1 aggregated-ether-options lacp enable true

Step2         Add the member interfaces to the LAG ports.

   admin@SwitchC# set interface gigabit-ethernet ge-1/1/1 ether-options 802.3ad ae1

   admin@SwitchC# set interface gigabit-ethernet ge-1/1/2 ether-options 802.3ad ae1

Step3        Configure the VLANs.

   admin@SwitchC# set vlans vlan-id 15

   admin@SwitchC# set vlans vlan-id 16

   admin@SwitchC# set interface aggregate-ethernet ae1 family ethernet-switching port-mode trunk

   admin@SwitchC# set interface aggregate-ethernet ae1 family ethernet-switching vlan members 15

   admin@SwitchC# set interface aggregate-ethernet ae1 family ethernet-switching vlan members 16   

Step4        Commit the configurations.

   admin@SwitchC# commit

Configuring LAG on SwitchD

Step1         Configure the aggregation interface with LACP mode.

    admin@SwitchD# set interface aggregate-ethernet ae2 aggregated-ether-options lacp enable true

Step2         Add the member interfaces to the LAG ports.

   admin@SwitchD# set interface gigabit-ethernet ge-1/1/1 ether-options 802.3ad ae2

   admin@SwitchD# set interface gigabit-ethernet ge-1/1/2 ether-options 802.3ad ae2

Step3         Configure the VLANs.

   admin@SwitchD# set vlans vlan-id 15

   admin@SwitchD# set vlans vlan-id 16

   admin@SwitchD# set interface aggregate-ethernet ae2 family ethernet-switching port-mode trunk

   admin@SwitchD# set interface aggregate-ethernet ae2 family ethernet-switching vlan members 15

   admin@SwitchD# set interface aggregate-ethernet ae2 family ethernet-switching vlan members 16 

Step4        Commit the configurations.

   admin@SwitchD# commit

Verifiy the Configuration

  • You can use the run show vxlan vni and run show vxlan tunnel commands to display the information of VXLAN tunnel.
admin@SwitchA# run show vxlan vni 100010
Interface    ID             Type           Egress     Vlan ID
-----------  -----------    -----------    -------    --------
ae1          0x80000001     Access         100078     15  
ae2          0x80000002     Access         100083     15 
ge-1/1/3     0x80000005     Network(UC)    100085            

admin@SwitchA# run show vxlan tunnel
Total number of tunnels: 1
 
VNI 100010, Encap:service-vlan-delete, Decap:service-vlan-add-replace
  src addr:10.10.10.1, dst addr:20.20.20.1, state:UP
  traffic type:all
  nexthops:10.10.10.2
  output ports:ge-1/1/3
  • You can use the run show vxlan address-table and run show mac-address table commands to display the VXLAN MAC address information.
admin@SwitchA# run show vxlan address-table
VNID           MAC address          Type       Interface          VTEP
-----------    -----------------    -------    ----------------    ---------------
100010         20:04:0f:0f:49:d1    Dynamic                        20.20.20.1
100010         22:22:22:44:44:44    Dynamic                        20.20.20.1
 
admin@SwitchB# run show vxlan address-table
VNID           MAC address          Type       Interface          VT EP
-----------    -----------------    -------    ----------------    ---------------
100010         20:04:0f:0f:49:d1    Sync                           10.10.10.1
100010         22:22:22:44:44:44    Sync                           10.10.10.1

admin@SwitchB# run show mac-address table
Total entries in switching table:   3909
Static entries in switching table:  6
Dynamic entries in switching table: 3903

VLAN      MAC address          Type         Age     Interfaces         User
----      -----------------    ---------    ----    ----------------   ----------
15        a0:01:0f:0f:49:f1    Dynamic      300     ae2                xorp     
N/A       20:04:0f:0f:49:d1    Peer-Sync    300     vxlan              xorp     
N/A       22:22:22:44:44:44    Peer-Sync    300     vxlan              xorp     
  • You can use the run show mlag domain command to display the MLAG domain information.
admin@SwitchA# run show mlag domain summary
Domain ID: 10    Domain MAC: 48:6E:73:FF:00:0a    Node ID: 0
----------------------------------------------------------------------
Peer Link  Peer IP          Peer Vlan  Neighbor Status  Config Matched   MAC Synced   # of Links
---------  ---------------  ---------  ---------------  --------------  ----------  --------------
ae3        10.10.10.2       4088        ESTABLISHED     Yes              Yes         2 
  • You can use the run show mlag link command to display MLAG link information.
admin@SwitchA# run show mlag link summary
# of Links: 2
Link   Local LAG   Link Status   Local Status   Peer-Status   Config Matched   Flood
----   ---------   -----------   ------------   -----------   --------------   -----
1      ae1         IDLE          UP             UNKNOWN       No               No  
2      ae2         IDLE          UP             UNKNOWN       No               No
  • After the configuration is complete, the access switches SwitchC and SwitchD can communicate with each other normally.

Copyright © 2024 Pica8 Inc. All Rights Reserved.