Here's the topology:
As you can see, we have two stacks of three Nortel switches used for aggregation and server access switches. This could alternatively be a pair of Passport 8600 switches. There are three interfaces configured as the inter-switch trunk (IST). The IST is similar to the vPC peer link. Each switch on the top stack is connected to Nexus01 and each switch on the bottom stack are connected to Nexus02.
Here's the IST configuration for the Nortel switches:
Nortel-Stack01 vlan name 1000 "IST_VLAN" interface vlan 1000 ip address 10.10.10.1 255.255.255.252 2 vlan ports 1/45,2/45,3/45 tagging tagAll vlan members 1000 1/45,2/45,3/45 vlan ports 1/45,2/45,3/45 pvid 1000 vlan configcontrol strict no auto-pvid spanning-tree port 1/45,2/45,3/45 learning disable mlt spanning-tree 1 stp 1 learning disable mlt 1 name "IST" enable member 1/45,2/45,3/45 interface mlt 1 ist peer-ip 10.10.10.2 ist vlan 1000 ist enable vlacp macaddress 18:0c:20:00:00:0f vlacp port 1/45,2/45,3/45 timeout short vlacp port 1/45,2/45,3/45 enable vlacp enable Nortel-Stack02 vlan create 1000 type port 1 vlan name 1000 "IST_VLAN" interface vlan 1000 ip address 10.10.10.2 255.255.255.252 2 vlan ports 1/45,2/45,3/45 tagging tagAll vlan members 1000 1/45,2/45,3/45 vlan ports 1/45,2/45,3/45 pvid 1000 vlan configcontrol strict no auto-pvid spanning-tree port 1/45,2/45,3/45 learning disable mlt spanning-tree 1 stp 1 learning disable mlt 1 name "IST" enable member 1/45,2/45,3/45 interface mlt 1 ist peer-ip 10.10.10.1 ist vlan 1000 ist enable vlacp macaddress 18:0c:20:00:00:0f vlacp port 1/45,2/45,3/45 timeout short vlacp port 1/45,2/45,3/45 enable vlacp enable
As you can see, we are using VLAN 1000 for the IST connection, disabling spanning-tree for the IST ports, creating MLT ID 1 and designating it as an IST. The IST VLAN is used for SMLT exchanges and keepalives.
Since MLT/SMLT connections don't use any negoitiation mechanism to form the trunk, we need something that can detect a failure at layer 2 to layer 3. This is where VLACP comes in. VLACP is a Nortel proprietary protocol similar to LACP and used in conjunction with MLT and SMLT connections. Like LACP, if an interface fails to see hello packets from it's neighbor interface, it will bring that interface to a down state to prevent packet loss.
At this point, our IST should be established between the two switches. We need to configure the uplinks to the Nexus switches and assign VLANs to the trunks. We will be utilizing LACP for this connection.
On Both Switches lacp key 32 mlt-id 32 smlt-id 32 lacp port-mode advance lacp smlt-sys-id 18:0c:20:00:00:0f interface FastEthernet 1/48,2/48,3/48 lacp key 32 lacp timeout-time short lacp mode active lacp aggregation enable vlan create 2,4,8 type port 1 vlan ports 1/48,2/48,3/48 tagging untagPvidOnly vlan members 1 1/45,1/48,2/45,2/48,3/45,3/48 vlan members 2 1/45,1/48,2/45,2/48,3/45,3/48 vlan members 4 1/45,1/48,2/45,2/48,3/45,3/48 vlan members 8 1/45,1/48,2/45,2/48,3/45,3/48
As you can see, this configuration is similar to the LACP configuration from a single Nortel switch with one noticeable difference. By default, LACP creates a system id based on the built-in MAC address of a switch. Since we are connecting two switch stacks to the Nexus switches, we need to define a shared system id to use. As shown above, we start by associating the lacp key with an MLT and SMLT id. We then assign an SMLT system id. You can just use the built-in address from one of the switches.
We already covered the configuration for the Nexus port-channels in the previous blog post. The configuration is identical except that we are bundling more interfaces.
At this point, everything should be connected and working properly. You can verify the LACP system ID on the Nexus switches by issuing the "show lacp neighbors" command. You can also verify that the port channels are live and passed the vPC consistency check with a "show vpc".
No comments:
Post a Comment