OcNOS DC : Layer 2 Guide : Layer 2 Configuration Guide : MLAG Configuration
MLAG Configuration
This chapter contains a complete example of Multi-Chassis Link Aggregation (MLAG) configuration.
MLAG (also called DRNI, Distributed Resilient Network Interconnect) expands the concept of link aggregation so that it provides node-level redundancy by allowing two or more nodes to share a common LAG endpoint. MLAG emulates multiple nodes to represent as a single logical node to the remote node running link aggregation. As a result even if one of the nodes is down there exists a path to reach the destination through the other nodes.
Note: MLAG is compatible only with a RSTP VLAN-aware bridge or a spanning tree disabled bridge.
Note: All MLAG nodes must have the same MAC table size as specified by each node’s switching ASIC forwarding profile limit.
Note: More than one IDL is not supported in single node under mcec configuration.
Note: IDL and IDP configurations are allowed together, IDP will provide a Layer 3 communication path which will be used as a Secondary test to determine the state of MLAG Peer, however It is recommended not to use IDP without IDL for MLAG Active-Active
Dynamic Configuration
Topology
As shown in Figure 8-18, switches 3 and 4 form an MLAG domain. Switches 3 and 4 are a single logical switch to switches 1 and 2. Even if either switch 3 or 4 is down, there exists a path to reach other destinations.
MLAG Topology
Switch 1
 
#configure terminal
Enter configure mode.
(config)#bridge 1 protocol rstp vlan-bridge
Create RSTP bridge 1.
(config)#vlan database
Enter vlan database mode.
(config-vlan)#vlan 2 bridge 1 state enable
Create VLAN 2.
(config-vlan)#exit
Exit vlan database mode.
(config)#interface po2
Enter interface mode.
(config-if)#switchport
Configure the interface as Layer 2
(config-if)#bridge-group 1
Associate the interface with bridge group 1.
(config-if)#switchport mode trunk
Set the switching characteristics of this interface to trunk mode.
(config-if)#switchport trunk allowed vlan all
Enable all VLAN identifiers on this interface.
(config-if)#exit
Exit interface mode.
(config)#interface xe1
Enter interface mode.
(config-if)#channel-group 2 mode active
Add this interface to channel group 2 and enable link aggregation so that it can be selected for aggregation by the local system.
(config-if)#exit
Exit interface mode.
(config)#interface xe2
Enter interface mode.
(config-if)#channel-group 2 mode active
Add this interface to channel group 2 and enable link aggregation so that it can be selected for aggregation by the local system.
(config-if)#exit
Exit interface mode.
(config)#interface xe33
Enter interface mode.
(config-if)#channel-group 2 mode active
Add this interface to channel group 2 and enable link aggregation so that it can be selected for aggregation by the local system.
(config-if)#exit
Exit interface mode.
(config)#interface xe34
Enter interface mode.
(config-if)#channel-group 2 mode active
Add this interface to channel group 2 and enable link aggregation so that it can be selected for aggregation by the local system.
(config-if)#exit
Exit interface mode.
(config)#commit
Commit the transaction.
Switch 2
 
#configure terminal
Enter configure mode.
(config)#bridge 1 protocol rstp vlan-bridge
Create RSTP bridge 1.
(config)#vlan database
Enter vlan database mode.
(config-vlan)#vlan 2 bridge 1 state enable
Create VLAN 2.
(config-vlan)#exit
Exit vlan database mode.
(config)#interface po1
Enter interface mode.
(config-if)#switchport
Configure the interface as Layer 2
(config-if)#bridge-group 1
Associate the interface with bridge group 1.
(config-if)#switchport mode trunk
Set the switching characteristics of this interface to trunk mode.
(config-if)#switchport trunk allowed vlan all
Enable all VLAN identifiers on this interface.
(config-if)#exit
Exit interface mode.
(config)#interface xe5
Enter interface mode.
(config-if)#channel-group 1 mode active
Add this interface to channel group 1 and enable link aggregation so that it can be selected for aggregation by the local system.
(config-if)#exit
Exit interface mode.
(config)#interface xe6
Enter interface mode.
(config-if)#channel-group 1 mode active
Add this interface to channel group 1 and enable link aggregation so that it can be selected for aggregation by the local system.
(config-if)#exit
Exit interface mode.
(config)#interface xe7
Enter interface mode.
(config-if)#channel-group 1 mode active
Add this interface to channel group 1 and enable link aggregation so that it can be selected for aggregation by the local system.
(config-if)#exit
Exit interface mode.
(config)#interface xe8
Enter interface mode.
(config-if)#channel-group 1 mode active
Add this interface to channel group 1 and enable link aggregation so that it can be selected for aggregation by the local system.
(config-if)#exit
Exit interface mode.
(config)#commit
Commit the transaction.
 
Switch 3
 
#configure terminal
Enter configure mode.
(config)#bridge 1 protocol rstp vlan-bridge
Create RSTP bridge 1.
(config)#vlan database
Enter vlan database mode.
(config-vlan)#vlan 2 bridge 1 state enable
Create VLAN 2.
(config-vlan)#exit
Exit vlan database mode.
(config)#interface mlag1
Enter interface mode.
(config-if)#switchport
Configure the interface as Layer 2
(config-if)#bridge-group 1
Associate the interface with bridge group 1.
(config-if)#switchport mode trunk
Set the switching characteristics of this interface to trunk mode.
(config-if)#switchport trunk allowed vlan all
Enable all VLAN identifiers on this interface.
(config-if)#exit
Exit interface mode.
(config)#interface mlag2
Enter interface mode.
(config-if)#switchport
Configure the interface as Layer 2
(config-if)#bridge-group 1
Associate the interface with bridge group 1.
(config-if)#switchport mode trunk
Set the switching characteristics of this interface to trunk mode.
(config-if)#switchport trunk allowed vlan all
Enable all VLAN identifiers on this interface.
(config-if)#exit
Exit interface mode.
(config)#interface po1
Enter interface mode.
(config-if)#switchport
Configure the interface as Layer 2
(config-if)#mlag 1
Enabling Mlag group number
(config-if)#exit
Exit interface mode.
(config)#interface po2
Enter interface mode.
(config-if)#switchport
Configure the interface as Layer 2
(config-if)#mlag 2
enabling Mlag group number
(config-if)#exit
Exit interface mode.
(config)#interface xe9
Enter interface mode.
(config-if)#channel-group 1 mode active
Add this interface to channel group 1 and enable link aggregation so that it can be selected for aggregation by the local system.
(config-if)#exit
Exit interface mode.
(config)#interface xe57
Enter interface mode.
(config-if)#channel-group 2 mode active
Add this interface to channel group 2 and enable link aggregation so that it can be selected for aggregation by the local system.
(config-if)#exit
Exit interface mode.
(config)#interface xe58
Enter interface mode.
(config-if)#channel-group 2 mode active
Add this interface to channel group 2 and enable link aggregation so that it can be selected for aggregation by the local system.
(config-if)#exit
Exit interface mode.
(config)#interface xe10
Enter interface mode.
(config-if)#channel-group 1 mode active
Add this interface to channel group 1 and enable link aggregation so that it can be selected for aggregation by the local system.
(config-if)#exit
Exit interface mode.
(config)#interface xe49
Enter interface mode.
(config-if)#switchport
Configure the interface as Layer 2
(config-if)#exit
Exit interface mode.
(cosnfig)#commit
Commit the transaction.
(config)#mcec domain configuration
Entering MCEC mode
(config-mcec-domain)#domain-address 1111.2222.3333
Domain address for the mlag domain
(config-mcec-domain)#intra-domain link xe49
Intra domain line between mlag domain
(config-mcec-domain)#domain-system-number 1
Number to identify the node in a domain
(config-mcec-domain)#exit
Exit MCEC mode
(config)#commit
Commit the transaction.
 
Switch 4
 
#configure terminal
Enter configure mode.
(config)#bridge 1 protocol rstp vlan-bridge
Create RSTP bridge 1.
(config)#vlan database
Enter vlan database mode.
(config-vlan)#vlan 2 bridge 1 state enable
Create VLAN 2.
(config-vlan)#exit
Exit vlan database mode.
(config-if)#switchport
Configure the interface as Layer 2
(config-if)#bridge-group 1
Associate the interface with bridge group 1.
(config-if)#switchport mode trunk
Set the switching characteristics of this interface to trunk mode.
(config-if)#switchport trunk allowed vlan all
Enable all VLAN identifiers on this interface.
(config-if)#exit
Exit interface mode.
(config)#interface mlag2
Enter interface mode.
(config-if)#switchport
Configure the interface as Layer 2
(config-if)#bridge-group 1
Associate the interface with bridge group 1.
(config-if)#switchport mode trunk
Set the switching characteristics of this interface to trunk mode.
(config-if)#switchport trunk allowed vlan all
Enable all VLAN identifiers on this interface.
(config-if)#exit
Exit interface mode.
(config)#interface po1
Enter interface mode.
(config-if)#switchport
Configure the interface as Layer 2
(config-if)#mlag 1
Enabling Mlag group number
(config-if)#exit
Exit interface mode.
(config)#interface po2
Enter interface mode.
(config-if)#switchport
Configure the interface as Layer 2
(config-if)#mlag 2
enabling Mlag group number
(config-if)#exit
Exit interface mode.
(config)#interface xe9
Enter interface mode.
(config-if)#channel-group 1 mode active
Add this interface to channel group 1 and enable link aggregation so that it can be selected for aggregation by the local system.
(config-if)#exit
Exit interface mode.
(config)#interface xe10
Enter interface mode.
(config-if)#channel-group 1 mode active
Add this interface to channel group 1 and enable link aggregation so that it can be selected for aggregation by the local system.
(config-if)#exit
Exit interface mode.
(config)#interface xe57
Enter interface mode.
(config-if)#channel-group 2 mode active
Add this interface to channel group 2 and enable link aggregation so that it can be selected for aggregation by the local system.
(config-if)#exit
Exit interface mode.
(config)#interface xe58
Enter interface mode.
(config-if)#channel-group 2 mode active
Add this interface to channel group 2 and enable link aggregation so that it can be selected for aggregation by the local system.
(config-if)#exit
Exit interface mode.
(config)#interface xe49
Enter interface mode.
(config-if)#switchport
Configure the interface as Layer 2
(config-if)#exit
Exit interface mode.
(config)#commit
Commit the transaction.
(config)#mcec domain configuration
Entering MCEC mode
(config-mcec-domain)#domain-address 1111.2222.3333
Domain address for the Mlag domain
(config-mcec-domain)#intra-domain link xe49
Intra domain Link between Mlag domains
(config-mcec-domain)#domain-system-number 2
Number to identify the node in domain
(config-mcec-domain)#exit
Exit MCEC mode
(config)#commit
Commit the transaction.
 
Validation
Switch 3
#sh mlag domain details
 
------------------------------------
Domain Configuration
------------------------------------
 
Domain System Number : 1
Domain Address : 1111.2222.3333
Domain Priority : 1000
Intra Domain Interface : xe49
 
Hello RCV State : Current
Hello Periodic Timer State : Fast Periodic
Domain Sync : IN_SYNC
Neigh Domain Sync : IN_SYNC
Domain Adjacency : UP
 
------------------------------------
MLAG Configuration
------------------------------------
 
MLAG-1
Mapped Aggregator : po1
Admin Key : 16385
Oper Key : 16385
Physical properties Digest : dd 9c f 76 dd b6 5f 2f eb a1 d3 bb 8d 96 fc 82
 
Neigh Admin Key : 32769
Neigh Physical Digest : dd 9c f 76 dd b6 5f 2f eb a1 d3 bb 8d 96 fc 82
Info RCV State : Current
Info Periodic Time State : Standby
Mlag Sync : IN_SYNC
Mode : Active-Active
Current Mlag State : Active
 
 
MLAG-2
Mapped Aggregator : po2
Admin Key : 16386
Oper Key : 16386
Physical properties Digest : dd 9c f 76 dd b6 5f 2f eb a1 d3 bb 8d 96 fc 82
 
Neigh Admin Key : 32770
Neigh Physical Digest : dd 9c f 76 dd b6 5f 2f eb a1 d3 bb 8d 96 fc 82
Info RCV State : Current
Info Periodic Time State : Standby
Mlag Sync : IN_SYNC
Mode : Active-Active
Current Mlag State : Active
 
 
#sh etherchannel summary
% Aggregator po1 0
% Aggregator Type: Layer2
% Admin Key: 16385 - Oper Key 16385
% Link: xe57 (5057) sync: 1 (Mlag-active-link)
% Link: xe58 (5058) sync: 1 (Mlag-active-link)
% Aggregator po2 0
% Aggregator Type: Layer2
% Admin Key: 16386 - Oper Key 16386
% Link: xe9 (5009) sync : 1 (Mlag-active-link)
% Link: xe10 (5010) sync: 1 (Mlag-active-link)
 
#sh mlag 1 detail
 
MLAG-1
Mapped Aggregator : po1
Admin Key : 16385
Oper Key : 16385
Physical properties Digest : dd 9c f 76 dd b6 5f 2f eb a1 d3 bb 8d 96 fc 82
 
Neigh Admin Key : 32769
Neigh Physical Digest : dd 9c f 76 dd b6 5f 2f eb a1 d3 bb 8d 96 fc 82
Info RCV State : Current
Info Periodic Time State : Standby
Total Bandwidth : 20g
Mlag Sync : IN_SYNC
Mode : Active-Active
Current Mlag State : Active
 
 
sh mcec statistics
 
Unknown MCCPDU received on the system : 0
 
------------------------------------
IDP xe49
------------------------------------
Valid RX Hello PDUs : 398
Valid TX Hello PDUs : 417
Valid RX Info PDUs : 16
Valid TX Info PDUs : 6
 
Valid RX Mac Sync PDUs : 3
Valid TX Mac Sync PDUs : 4
 
MLAG 1
Valid RX Info PDUs : 8
Valid TX Info PDUs : 3
 
MLAG 2
Valid RX Info PDUs : 8
Valid TX Info PDUs : 3
sh mlag domain summary
 
------------------------------------
Domain Configuration
------------------------------------
 
Domain System Number : 1
Domain Address : 1111.2222.3333
Domain Priority : 1000
Intra Domain Interface : xe49
Domain Adjacency : UP
 
------------------------------------
MLAG Configuration
------------------------------------
 
MLAG-1
Mapped Aggregator : po1
Physical properties Digest : dd 9c f 76 dd b6 5f 2f eb a1 d3 bb 8d 96 fc 82
Total Bandwidth : 40g
Mlag Sync : IN_SYNC
Mode : Active-Active
Current Mlag State : Active
 
 
MLAG-2
Mapped Aggregator : po2
Physical properties Digest : dd 9c f 76 dd b6 5f 2f eb a1 d3 bb 8d 96 fc 82
Total Bandwidth : 40g
Mlag Sync : IN_SYNC
Mode : Active-Active
Current Mlag State : Active
 
Static Configuration
Static MLAG provides node-level redundancy by allowing two or more nodes in the network to share a common static-LAG endpoint. It emulates multiple nodes to represent as a single logical node to the remote node having static Link aggregation. As a result, even if one of the nodes is down there exists a path to reach the destination via other nodes.
Topology
Static MLAG topology
L2SW
 
#configure terminal
Enter configure mode.
(config)#hostname L2SW
Configuring host name
(config)#bridge 1 protocol rstp vlan-bridge
Create a RSTP VLAN bridge on customer side
(config)#vlan database
Enter vlan database mode.
(config-vlan)#vlan 2 bridge 1 state enable
Configure VLAN for the bridge
(config-vlan)#exit
Exit vlan database mode.
(config)#interface sa1
Enter the interface mode
(config-if)#switchport
Configure the interface as Layer 2
(config-if)# bridge-group 1 spanning-tree disable
Disable the spanning-tree for the interface
(config-if)#switchport mode hybrid
Configure the mode as hybrid
(config-if)#switchport hybrid allowed vlan all
Configure allowed VLAN all on the interface
(config-if)#exit
Exit the interface mode
(config)#interface xe2
Enter the interface mode
(config-if)# static-channel-group 1
Map static channel to the interface
(config-if)#exit
Exit the interface mode
(config)#interface xe9
Enter the interface mode
(config-if)# static-channel-group 1
Map static channel to the interface
(config-if)#exit
Exit the interface mode
(config)#interface xe11
Enter the interface mode
(config-if)# static-channel-group 1
Map static channel to the interface
(config-if)#exit
Exit the interface mode
(config)#interface xe22
Enter the interface mode
(config-if)# static-channel-group 1
Map static channel to the interface
(config-if)#exit
Exit the interface mode
(config)#interface xe47
Enter the interface mode
(config-if)#switchport
Make the interface as switch port
(config-if)# bridge-group 1 spanning-tree disable
Disable the spanning-tree for the interface
(config-if)#switchport mode hybrid
Configure the mode as hybrid
(config-if)#switchport hybrid allowed vlan all
Configure allowed VLAN all on the interface
(config-if)#exit
Exit the interface mode
(config)#commit
Commit the transaction.
TOR1
 
#configure terminal
Enter configure mode.
(config)#hostname TOR1
Configuring host name
(config)#bridge 1 protocol provider-rstp edge
Create a PROVIDER-RSTP EDGE bridge
(config)#vlan database
Enter vlan database mode.
(config-vlan)#vlan 2 type customer bridge 1 state enable
Configure VLAN for the bridge
(config-vlan)# vlan 200 type service point-point bridge 1 state enable
Configure SVLAN for the bridge
(config-vlan)#exit
Exit vlan database mode.
(config)# #cvlan registration table map1 bridge 1
Configure cvlan-svlan mapping registration table for the bridge.
(config-cvlan-registration)#cvlan 2 svlan 200
Map CVLAN to SVLAN
(config-cvlan-registration)#exit
Exit the config-cvlan-registration mode
(config)#interface mlag1
Enter the interface mode
(config-if)#switchport
Make the interface as switch port
(config-if)#bridge-group 1 spanning-tree disable
Associate the interface to bridge and disable the spanning tree.
(config-if)# switchport mode customer-edge hybrid
Configure the mode as customer-edge hybrid
(config-if)# switchport customer-edge hybrid allowed vlan all
Configure allowed VLAN all on the interface
(config-if)#switchport customer-edge vlan registration map1
Map the cvlan registration table into the MLAG interface
(config-if)#mode active-standby
Configuring MLAG mode
(config-if)#exit
Exit the interface mode
(config)#interface mlag2
Enter the interface mode
(config-if)#switchport
Make the interface as switch port
(config-if)#bridge-group 1 spanning-tree disable
Associate the interface to bridge and disable the spanning-tree.
(config-if)# switchport mode provider-network
Configure the mode as provider-network
(config-if)# switchport provider-network allowed vlan all
Configure allowed VLAN all on the interface
(config-if)#mode active-standby
Configuring MLAG mode
(config-if)#exit
Exit the interface mode
(config)#interface sa1
Enter the interface mode
(config-if)#switchport
Make the interface as switch port
(config-if)#mlag 1
Map MLAG on SA interface
(config-if)#exit
Exit the interface mode
(config)#interface sa2
Enter the interface mode
(config-if)#switchport
Make the interface as switch port
(config-if)#mlag 2
Map MLAG on SA interface
(config-if)#exit
Exit the interface mode
(config)#interface xe1
Enter the interface mode
(config-if)# static-channel-group 2
Map static channel-group to the interface
(config-if)#exit
Exit the interface mode
(config)#interface xe13
Enter the interface mode
(config-if)# static-channel-group 2
Map static channel-group to the interface
(config-if)#exit
Exit the interface mode
(config)#interface xe9
Enter the interface mode
(config-if)# static-channel-group 1
Map static channel-group to the interface
(config-if)#exit
Exit the interface mode
(config)#interface xe11
Enter the interface mode
(config-if)# static-channel-group 1
Map static channel to the interface
(config-if)#exit
Exit the interface mode
(config)#interface sa5
Enter the interface mode
(config-if)#switchport
Make the interface as switch port
(config-if)#exit
Exit the interface mode
(config)#interface xe3
Enter the interface mode
(config-if)#static-channel-group 5
Map static channel-group to the interface
(config)#interface xe5
Enter the interface mode
(config-if)#static-channel-group 5
Map static channel-group to the interface
(config-if)#exit
Exit the interface mode
(config)#commit
Commit the transaction.
(config)#mcec domain configuration
Enter the MLAG domain configuration mode
(config-mcec-domain)#domain-address 1111.2222.3333
Configure the MLAG domain address
(config-mcec-domain)#domain-system-number 1
Configure MLAG domain system number
(config-mcec-domain)#intra-domain-link sa5
Configure the intra domain link
(config-mcec-domain)#exit
Exit from mcec domain mode.
(config)#commit
Commit the transaction.
TOR2
 
#configure terminal
Enter configure mode.
(config)#hostname TOR2
Configuring host name
(config)#bridge 1 protocol provider-rstp edge
Create a PROVIDER-RSTP EDGE bridge
(config)#vlan database
Enter vlan database mode.
(config-vlan)#vlan 2 bridge 1 state enable
Configure VLAN for the bridge
(config-vlan)# vlan 200 type service point-point bridge 1 state enable
Configure SVLAN for the bridge
(config-vlan)#exit
Exit vlan database mode.
(config)#cvlan registration table map1 bridge 1
Configure cvlan-svlan mapping registration table for the bridge
(config-cvlan-registration)#cvlan 2 svlan 200
Map CVLAN to SVLAN
(config-cvlan-registration)#exit
Exit the config-cvlan-registration mode
(config)#interface mlag1
Enter the interface mode
(config-if)#switchport
Make the interface as switch port
(config-if)#bridge-group 1 spanning-tree disable
Associate the interface to bridge and disable the spanning-tree.
(config-if)# switchport mode customer-edge hybrid
Configure the mode as customer-edge hybrid
(config-if)# switchport customer-edge hybrid allowed vlan all
Configure allowed VLAN all on the interface
(config-if)#switchport customer-edge vlan registration map1
Map the cvlan registration table into the MLAG interface
(config-if)#mode active-standby
Configuring MLAG mode
(config-if)#exit
Exit the interface mode
(config)#interface mlag2
Enter the interface mode
(config-if)#switchport
Make the interface as switch port
(config-if)#bridge-group 1 spanning-tree disable
Associate the interface to bridge and disable the spanning-tree.
(config-if)# switchport mode provider-network
Configure the mode as provider-network
(config-if)# switchport provider-network allowed vlan all
Configure allowed VLAN all on the interface
(config-if)#mode active-standby
Configuring MLAG mode
(config-if)#exit
Exit the interface mode
(config)#interface sa1
Enter the interface mode
(config-if)#switchport
Make the interface as switch port
(config-if)#mlag 1
Map MLAG on SA interface
(config-if)#exit
Exit the interface mode
(config)#interface sa2
Enter the interface mode
(config-if)#switchport
Make the interface as switch port
(config-if)#mlag 2
Map MLAG on SA interface
(config-if)#exit
Exit the interface mode
(config)#interface xe11
Enter the interface mode
(config-if)# static-channel-group 2
Map static channel to the interface
(config-if)#exit
Exit the interface mode
(config)#interface xe38
Enter the interface mode
(config-if)# static-channel-group 2
Map static channel to the interface
(config-if)#exit
Exit the interface mode
(config)#interface xe2
Enter the interface mode
(config-if)# static-channel-group 1
Create static channel group
(config-if)#exit
Exit the interface mode
(config)#interface xe22
Enter the interface mode
(config-if)# static-channel-group 1
Create static channel group
(config-if)#exit
Exit the interface mode
(config)#interface sa5
Enter the interface mode
(config-if)#switchport
Make the interface as switch port
(config-if)#exit
Exit the interface mode
(config)#interface xe3
Enter the interface mode
(config-if)#static-channel-group 5
Map static channel-group to the interface
(config)#interface xe5
Enter the interface mode
(config-if)#static-channel-group 5
Map static channel-group to the interface
(config-if)#exit
Exit the interface mode
(config)#commit
Commit the transaction.
(config)#mcec domain configuration
Enter the MLAG domain configuration mode
(config-mcec-domain)#domain-address 1111.2222.3333
Configure the MLAG domain address
(config-mcec-domain)#domain-system-number 2
Configure MLAG domain system number
(config-mcec-domain)#intra-domain-link sa5
Configure the intera domain link
(config-if)#exit
Exit the interface mode
(config)#commit
Commit the transaction.
LEAF
 
#configure terminal
Enter configure mode.
(config)#hostname LEAF
Configuring host name
(config)#bridge 1 protocol provider-rstp edge
Create a PROVIDER-RSTP EDGE bridge
(config)#vlan database
Enter vlan database mode.
(config-vlan)#vlan 2 bridge 1 state enable
Configure VLAN for the bridge
(config-vlan)# vlan 200 type service point-point bridge 1 state enable
Configure SVLAN for the bridge
(config-vlan)#exit
Exit vlan database mode.
(config)#cvlan registration table map1 bridge 1
Configure cvlan-svlan mapping registration table for the bridge
(config-cvlan-registration)#cvlan 2 svlan 200
Map CVLAN to SVLAN
(config-cvlan-registration)#exit
Exit the config-cvlan-registration mode
(config)#interface sa2
Enter the interface mode
(config-if)#swtichport
Make the interface a switch port
(config-if)# bridge-group 1 spanning-tree disable
Disable the spanning-tree for the interface
(config-if)#switchport mode provider-network
Configure the mode as provider-network
(config-if)#)# switchport provider-network allowed vlan all
Configure allowed VLAN all on the interface
(config-if)#exit
Exit the interface mode
(config)#interface xe1
Enter the interface mode
(config-if)# static-channel-group 2
Map the interface to the static channel-group
(config-if)#exit
Exit the interface mode
(config)#interface xe13
Enter the interface mode
(config-if)# static-channel-group 2
Create static channel group
(config-if)#exit
Exit the interface mode
(config)#interface xe11
Enter the interface mode
(config-if)# static-channel-group 2
Map the interface to the static channel-group
(config-if)#exit
Exit the interface mode
(config)#interface xe38
Enter the interface mode
(config-if)# static-channel-group 2
Create static channel group
(config-if)#exit
Exit the interface mode
(config)#interface xe47
Enter the interface mode
(config-if)#switchport
Make the interface as switch port
(config-if)# bridge-group 1 spanning-tree disable
Disable the spanning-tree for the interface
(config-if)# switchport mode customer-edge hybrid
Configure the mode as customer-edge hybrid
(config-if)# switchport customer-edge hybrid allowed vlan all
Configure allowed VLAN all on the interface
(config-if)#switchport customer-edge vlan registration map1
Map the cvlan registration table into the MLAG interface
(config-if)#exit
Exit the interface mode
(config)#commit
Commit the transaction.
Validation
TOR1#show mlag 1 detail
 
MLAG-1
Mapped Aggregator : sa1
Admin Key : 16385
Oper Key : 16385
Physical properties Digest : d a6 26 2d fa 9a 5c 7b e6 15 79 c2 d5 9c 57 cc
 
Neigh Admin Key : 32769
Neigh Physical Digest : d a6 26 2d fa 9a 5c 7b e6 15 79 c2 d5 9c 57 cc
Info RCV State : Current
Info Periodic Time State : Standby
Total Bandwidth : 40g
Mlag Sync : IN_SYNC
Mode : Active-Standby
Current Mlag State : Active
 
TOR1#
 
TOR1#show mlag domain summary
 
------------------------------------
Domain Configuration
------------------------------------
 
Domain System Number : 1
Domain Address : 1111.2222.3333
Domain Priority : 32768
Intra Domain Interface : sa5
Domain Adjacency : UP
 
------------------------------------
MLAG Configuration
------------------------------------
 
MLAG-1
Mapped Aggregator : sa1
Physical properties Digest : d a6 26 2d fa 9a 5c 7b e6 15 79 c2 d5 9c 57 cc
Total Bandwidth : 40g
Mlag Sync : IN_SYNC
Mode : Active-Standby
Current Mlag State : Active
 
 
 
MLAG-2
Mapped Aggregator : sa2
Physical properties Digest : ae 56 a1 c5 b9 dc 46 a4 5d 97 dc 79 9c 6f a5 c8
 
Total Bandwidth : 40g
Mlag Sync : IN_SYNC
Mode : Active-Standby
Current Mlag State : Active
 
 
 
TOR1#
TOR1#show mlag domain detail
------------------------------------
Domain Configuration
------------------------------------
 
Domain System Number : 1
Domain Address : 1111.2222.3333
Domain Priority : 32768
Intra Domain Interface : sa5
 
Hello RCV State : Current
Hello Periodic Timer State : Slow Periodic
Domain Sync : IN_SYNC
Neigh Domain Sync : IN_SYNC
Domain Adjacency : UP
 
------------------------------------
MLAG Configuration
------------------------------------
 
MLAG-1
Mapped Aggregator : sa1
Admin Key : 16385
Oper Key : 16385
Physical properties Digest : d a6 26 2d fa 9a 5c 7b e6 15 79 c2 d5 9c 57 cc
 
Neigh Admin Key : 32769
Neigh Physical Digest : d a6 26 2d fa 9a 5c 7b e6 15 79 c2 d5 9c 57 cc
Info RCV State : Current
Info Periodic Time State : Standby
Total Bandwidth : 40g
Mlag Sync : IN_SYNC
Mode : Active-Standby
Current Mlag State : Active
 
 
MLAG-2
Mapped Aggregator : sa2
Admin Key : 16386
Oper Key : 16386
Physical properties Digest : ae 56 a1 c5 b9 dc 46 a4 5d 97 dc 79 9c 6f a5 c8
 
 
Neigh Admin Key : 32770
Neigh Physical Digest : ae 56 a1 c5 b9 dc 46 a4 5d 97 dc 79 9c 6f a5 c8
 
Info RCV State : Current
Info Periodic Time State : Standby
Total Bandwidth : 40g
Mlag Sync : IN_SYNC
Mode : Active-Standby
Current Mlag State : Active
 
 
TOR1#
ARP ACL Configuration
Topology
ARP ACL configuration with MC LAG
TOR1
 
TOR1(config)#bridge 1 protocol provider-rstp edge
Create provider rstp bridge
TOR1(config)#vlan database
Enter vlan database mode.
TOR1(config-vlan)#vlan 2-3990 type customer bridge 1 state enable
Enable customer vlan for bridge
TOR1(config-vlan)#vlan 2-3990 type service point-point bridge 1 state enable
Enable service vlan for bridge
TOR1(config-vlan)#exit
Exit vlan database mode.
TOR1(config)#cvlan registration table map1 bridge 1
Create registration table
TOR1(config-cvlan-registration)#cvlan 2-3990 svlan 3990
Map cvlan to svlan
TOR1(config-cvlan-registration)#exit
Exit the cvlan registration table mode
TOR1(config)#interface mlag1
Enter mlag interface
TOR1(config-if)#switchport
Configure interface as switchport
TOR1(config-if)#bridge-group 1 spanning-tree disable
Associate the interface to bridge and disable the spanning-tree.
TOR1(config-if)# switchport mode customer-edge hybrid
Configure the mode as customer-edge hybrid
TOR1(config-if)# switchport customer-edge hybrid allowed vlan all
Configure allowed VLAN all on the interface
TOR1(config-if)#switchport customer-edge vlan registration map1
Map the cvlan registration table into the MLAG interface
TOR1(config-if)#exit
Exit interface mode.
TOR1(config)#interface mlag2
Enter mlag interface mode.
TOR1(config-if)#switchport
Configure interface as switchport
TOR1(config-if)#bridge-group 1 spanning-tree disable
Associate the interface to bridge and disable the spanning-tree.
TOR1(config-if)#switchport mode provider- network
Set the switching characteristics of this interface to provider network
TOR1(config-if)#switchport provider-network allowed vlan all
Set the switching characteristics of this interface to provider network and allow all vlan
TOR1(config-if)#exit
Exit the interface mode
TOR1(config)#interface po1
Enter dynamic lag interface
TOR1(config-if)#switchport
Configure interface as switchport
TOR1(config-if)#mlag 1
Enable mlag group number
TOR1(config-if)#exit
Exit the interface mode
TOR1(config-if)#interface po2
Enter dynamic lag interface
TOR1(config-if)#switchport
Configure interface as switchport
TOR1(config-if)#mlag 2
Enable mlag group number
TOR1(config-if)#exit
Exit the interface mode
TOR1(config)#interface po3
Enter dynamic lag interface
TOR1(config-if)#switchport
Configure interface as switchport
TOR1(config-if)#exit
Exit the interface mode
TOR1(config)#interface xe2
Enter interface mode
TOR1(config-if)#channel-group 3 mode active
Make part of channel group 3
TOR1(config-if)#exit
Exit the interface mode
TOR1(config)#interface xe3
Enter interface mode
TOR1(config-if)#channel-group 1 mode active
Add this interface to channel group 1 and enable link aggregation so that it can be selected for aggregation by the local system
TOR1(config-if)#exit
Exit the interface mode
TOR1(config-if)#interface xe49/1
Enter interface mode
TOR1(config-if)#channel-group 2 mode active
Enable channel-group 2
TOR1(config-if)#exit
Exit the interface mode
TOR1(config)#commit
Commit the transaction.
TOR1(config)#mcec domain configuration
Enter MCEC mode
TOR1(config-mcec-domain)#domain-address 2222.3333.4444
Domain address for the mlag domain
TOR1(config-mcec-domain)#domain-system-number 1
Number to identify the node in a domain
TOR1(config-mcec-domain)#intra-domain-link po3
Intra domain line between mlag domain
TOR1(config-mcec-domain)#exit
Exit mcec domain mode.
TOR1(config)#commit
Commit the transaction.
TOR1(config)#hardware-profile filter ingress-arp enable
Enable globally hardware profile for arp
TOR1(config)#arp access-list cep
Create access list with name as cep
TOR1(config-arp-acl)# 30 permit request ip any mac host 0000.2A6C.668D vlan 3990 inner-vlan 2
Create permit rule for particular arp request
TOR1(config-arp-acl)# 40 permit response ip any any mac host 0000.2A6C.668D host 0000.2A6C.7202 vlan 3990 inner-vlan 2
Create permit rule for particular arp response
TOR1(config-arp-acl)#exit
Exit ARP ACL mode.
TOR1(config)#arp access-list pnp
Create access list with name as pnp
TOR1(config-arp-acl)#20 permit request ip any mac host 0000.2A6C.7202 vlan 3990 inner-vlan 2
Create permit rule for particular arp request
TOR1(config-arp-acl)#30 permit response ip any any mac host 0000.2A6C.7202 host 0000.2A6C.668D vlan 3990 inner-vlan 2
Create permit rule for particular arp response
TOR1(config-arp-acl)#exit
Exit ARP ACL mode.
TOR1(config)#interface mlag1
Enter mlag1 interface
TOR1(config-if)#arp access-group cep in
Attach rule with access-group cep
TOR1(config-if)#interface mlag2
Enter mlag2 interface
TOR1(config-if)#arp access-group pnp in
Attach rule with access-group pnp
TOR1(config-if)#exit
Exit interface mode.
TOR1(config)#commit
Commit the transaction.
TOR2
 
TOR2(config)#bridge 1 protocol provider-rstp edge
Create provider rstp bridge
TOR2(config)#vlan database
Enter vlan database mode.
TOR2(config-vlan)#vlan 2-3990 type customer bridge 1 state enable
Enable customer vlan for bridge
TOR2(config-vlan)#vlan 2-3990 type service point-point bridge 1 state enable
Enable service vlan for bridge
TOR2(config-vlan)#exit
Exit vlan database mode.
TOR2(config)#cvlan registration table map1 bridge 1
Create registration table
TOR2(config-cvlan-registration)#cvlan 2-3990 svlan 3990
Map cvlan to svlan
TOR2(config-cvlan-registration)#exit
Exit the cvlan registration table mode
TOR2(config)#interface mlag1
Enter mlag interface mode.
TOR2(config-if)#switchport
Configure interface as a switch.
TOR2(config-if)#bridge-group 1 spanning-tree disable
Associate the interface with bridge group 1and disabling spanning-tree
TOR2(config-if)#switchport mode customer-edge hybrid
Set the switching characteristics of this interface to customer-edge hybrid
TOR2(config-if)#switchport customer-edge hybrid allowed vlan all
Set the switching characteristics of this interface to customer-edge hybrid and allow vlan all
TOR2(config-if)#switchport customer-edge vlan registration map1
Configure the registration table mapping on mlag interface
TOR2(config-if)#exit
Exit the interface mode
TOR2(config)#interface mlag2
Enter mlag interface
TOR2(config-if)#switchport
Configure interface as switchport
TOR2(config-if)#bridge-group 1
Associate the interface with bridge group 1
TOR2(config-if)#switchport mode provider- network
Set the switching characteristics of this interface to provider network
TOR2(config-if)#switchport provider-network allowed vlan all
Set the switching characteristics of this interface to provider network and allow all vlan
TOR2(config-if)#exit
Exit the interface mode
TOR2(config)#interface po1
Enter dynamic lag interface
TOR2(config-if)#switchport
Configure interface as switchport
TOR2(config-if)#mlag 1
Enable mlag group number
TOR2(config-if)#exit
Exit the interface mode
TOR2(config)#interface po2
Enter dynamic lag interface
TOR2(config-if)#switchport
Configure interface as switchport
TOR2(config-if)#mlag 2
Enable mlag group number
TOR2(config-if)#exit
Exit the interface mode
TOR2(config)#interface po3
Enter dynamic lag interface
TOR2(config-if)#switchport
Configure interface as switchport
TOR2(config-if)#exit
Exit the interface mode
TOR2(config)#interface xe2
Enter interface mode
TOR2(config-if)#channel-group 3 mode active
Make part of channel group 3
TOR2(config-if)#interface xe3
Enter interface mode
TOR2(config-if)#channel-group 1 mode active
Add this interface to channel group 1 and enable link aggregation so that it can be selected for aggregation by the local system
TOR2(config-if)#exit
Exit the interface mode
TOR2(config)#Interface xe49/1
Enter interface mode
TOR2(config-if)#channel-group 2 mode active
Enable channel-group 2
TOR2(config-if)#exit
Exit interface mode.
TOR2(config)#commit
Commit the transaction.
TOR2(config)#mcec domain configuration
Configure mcec domain information
TOR2(config-mcec-domain)#domain-address 2222.3333.4444
Domain address for the mlag domain
TOR2(config-mcec-domain)#domain-system-number 2
Number to identify the node in a domain
TOR2(config-mcec-domain)#intra-domain-link po3
Intra domain line between mlag domain
TOR2(config-mcec-domain)#exit
Exit mcec domain mode.
TOR2(config)#commit
Commit the transaction.
TOR2(config)#hardware-profile filter ingress-arp enable
Enable globally hardware profile for arp
TOR2(config)#arp access-list cep
Create access list with name as cep
TOR2(config-arp-acl)# 30 permit request ip any mac host 0000.2A6C.668D vlan 3990 inner-vlan 2
Create permit rule for particular arp request
TOR2(config-arp-acl)# 40 permit response ip any any mac host 0000.2A6C.668D host 0000.2A6C.7202 vlan 3990 inner-vlan 2
Create permit rule for particular arp response
TOR2(config-arp-acl)#exit
Exit ARP ACL mode.
TOR2(config)#arp access-list pnp
Create access list with name as pnp
TOR2(config-arp-acl)#20 permit request ip any mac host 0000.2A6C.7202 vlan 3990 inner-vlan 2
Create permit rule for particular arp request
TOR2(config-arp-acl)#30 permit response ip any any mac host 0000.2A6C.7202 host 0000.2A6C.668D vlan 3990 inner-vlan 2
Create permit rule for particular arp response
TOR2(config-arp-acl)#exit
Exit ARP ACL mode.
TOR2(config-if)#interface mlag1
Enter mlag1 interface
TOR2(config-if)#arp access-group cep in
Attach rule with access-group cep
TOR2(config-if)#interface mlag2
Enter mlag2 interface
TOR2(config-if)#arp access-group pnp in
Attach rule with access-group pnp
TOR2(config-if)#exit
Exit interface mode.
TOR2(config)#commit
Commit the transaction.
SW1
 
SW1(config)#bridge 1 protocol rstp vlan-bridge
Configure the rstp vlan bridge
SW1(config)#vlan database
Enter vlan database mode.
SW1(config-vlan)#vlan 2-3990 type customer bridge 1 state enable
Enable customer vlan for bridge
SW1(config-vlan)#exit
Exit vlan database mode.
SW1(config)#interface po1
Enter dynamic lag interface
SW1(config-if)#switchport
Configure interface as switchport
SW1(config-if)#bridge-group 1 spanning-tree disable
Associate the interface with bridge group 1and disabling spanning-tree
SW1(config-if)#switchport mode hybrid
Set the switching characteristics of this interface hybrid
SW1(config-if)#switchport hybrid allowed vlan all
Set the switching characteristics of this interface hybrid and allowing all vlan
SW1(config-if)#exit
Exit the interface mode
SW1(config)#interface xe1
Enter interface mode
SW1(config-if)#channel-group 1 mode active
Add this interface to channel group 1 and enable link aggregation so that it can be selected for aggregation by the local system.
SW1(config-if)#exit
Exit the interface mode
SW1(config)#interface xe2
Enter interface mode
SW1(config-if)#channel-group 1 mode active
Add this interface to channel group 1 and enable link aggregation so that it can be selected for aggregation by the local system.
SW1(config-if)#exit
Exit the interface mode
SW1(config)#interface xe3
Enter interface mode
SW1(config-if)#switchport
Configure interface as switchport
SW1(config-if)#bridge-group 1 spanning-tree disable
Associate the interface with bridge group 1and disabling spanning-tree
SW1(config-if)#switchport mode hybrid
Set the switching characteristics of this interface hybrid
SW1(config-if)#switchport hybrid allowed vlan all
Set the switching characteristics of this interface hybrid and allowing all vlan
SW1(config-if)#exit
Exit the interface mode
SW1(config)#commit
Commit the transaction.
LEAF
 
Leaf(config)#bridge 1 protocol provider-rstp edge
Configure the rstp vlan bridge
Leaf(config)#vlan database
Enter vlan database
Leaf(config-vlan)#vlan 2-3990 type customer bridge 1 state enable
Enable customer vlan for bridge
Leaf(config)#vlan 2-3990 type service point-point bridge 1 state enable
Enable service vlan for bridge
Leaf(config-vlan)#exit
Exit vlan database mode.
Leaf(config)#cvlan registration table map1 bridge 1
Create registration table
Leaf(config-cvlan-registration)#cvlan 2-3990 svlan 3990
Map cvlan to svlan
Leaf(config-cvlan-registration)#exit
Exit the cvlan registration table mode
Leaf(config)#interface po2
Enter interface mode
Leaf(config-if)#switchport
Configure interface as switchport
Leaf(config-if)#bridge-group 1 spanning-tree disable
Associate the interface with bridge group 1and disabling spanning-tree
Leaf(config-if)#switchport mode provider-network
Set the switching characteristics of this interface provider network
Leaf(config-if)#switchport provider-network allowed vlan all
Set the switching characteristics of this interface provider and allowing all vlan
Leaf(config-if)#exit
Exit the interface mode
Leaf(config)#interface xe1
Enter interface mode
Leaf(config-if)#channel-group 2 mode active
Add this interface to channel group 2 and enable link aggregation so that it can be selected for aggregation by the local system.
Leaf(config-if)#exit
Exit the interface mode
Leaf(config)#interface xe2
Enter interface mode
Leaf(config-if)#channel-group 2 mode active
Add this interface to channel group 2 and enable link aggregation so that it can be selected for aggregation by the local system.
Leaf(config-if)#exit
Exit the interface mode
Leaf(config)#Interface xe3
Enter interface mode
Leaf(config-if)#switchport
Configure interface as switchport
Leaf(config-if)#bridge-group 1 spanning-tree disable
Associate the interface with bridge group 1and disabling spanning-tree
Leaf(config-if)#switchport mode customer-edge hybrid
Set the switching characteristics of this interface to customer-edge hybrid
Leaf(config-if)#switchport customer-edge hybrid allowed vlan all
Set the switching characteristics of this interface to customer-edge hybrid and allow vlan all
Leaf(config-if)#switchport customer-edge vlan registration map1
Configure the registration table mapping on mlag interface
Leaf(config-if)#exit
Exit the interface mode
Leaf(config)#commit
Commit the transaction.
Validation
TOR1#show access-lists
ARP access list cep
30 permit request ip any mac host 0000.2A6C.668D vlan 3990 inner-vlan 2
40 permit response ip any any mac host 0000.2A6C.668D host 0000.2A6C.7202 vlan 3990 inner-vlan 2
default deny-all
ARP access list pnp
20 permit request ip any mac host 0000.2A6C.7202 vlan 3990 inner-vlan 2 [match=1]
30 permit response ip any any mac host 0000.2A6C.7202 host 0000.2A6C.668D vlan 3990 inner-vlan 2 [match=1]
default deny-all log
 
TOR2#show access-lists
ARP access list cep
30 permit request ip any mac host 0000.2A6C.668D vlan 3990 inner-vlan 2 [match=1]
40 permit response ip any any mac host 0000.2A6C.668D host 0000.2A6C.7202 vlan 3990 inner-vlan 2 [match=1]
default deny-all log
ARP access list pnp
20 permit request ip any mac host 0000.2A6C.7202 vlan 3990 inner-vlan 2
30 permit response ip any any mac host 0000.2A6C.7202 host 0000.2A6C.668D vlan 3990 inner-vlan 2
default deny-all
Disabling STP for MLAG
The command no bridge 1 provider-rstp enable bridge-forward is used to disable the spanning tree globally.
Enabling Provider RSTP
 
OcNOS#configure terminal
Enter Configure mode.
OcNOS(config)# bridge 1 protocol provider-rstp edge
Configure Provider-rstp edge bridge.
OcNOS(config)# interface xe13/2
Configure interface xe13/2\
OcNOS(config-if)# switchport
Configure the interface as switchport
OcNOS(config-if)# bridge-group 1
Assign the above created bridge to this port.
OcNOS(config-vrf)#exit
Exit from interface mode to config mode
OcNOS(config)# interface po1
Configure interface po1
OcNOS(config-if)# switchport
Configure the interface as switchport
OcNOS(config-if)# bridge-group 1
Assign the above created bridge to this port.
OcNOS(config-vrf)#exit
Exit from interface mode to config mode
OcNOS(config)# interface mlag2
Configure interface mlag1
OcNOS(config-if)# switchport
Configure the interface as switchport
OcNOS(config-if)# bridge-group 1 spanning-tree disable
Assign the above created bridge to this port and disable the spanning tree.
OcNOS(config-vrf)#exit
Exit from interface mode to config mode
OcNOS(config)#commit
Commit the transaction.
Validation
OcNOS#show spanning-tree
% 1: Bridge up - Spanning Tree Enabled - topology change detected
% 1: Root Path Cost 0 - Root Port 0 - Bridge Priority 32768
% 1: Forward Delay 15 - Hello Time 2 - Max Age 20 - Transmit Hold Count 6
% 1: Root Id 8000ecf4bbfc6928
% 1: Bridge Id 8000ecf4bbfc6928
% 1: last topology change Tue Jul 30 06:47:37 2019
% 1: 2 topology change(s) - last topology change Tue Jul 30 06:47:37 2019
 
% 1: portfast bpdu-filter disabled
% 1: portfast bpdu-guard disabled
% xe13/2: Port Number 942 - Ifindex 5038 - Port Id 0x83ae - Role Designated - State Forwarding
% xe13/2: Designated Path Cost 0
% xe13/2: Configured Path Cost 2000 - Add type Explicit ref count 1
% xe13/2: Designated Port Id 0x83ae - Priority 128 -
% xe13/2: Root 8000ecf4bbfc6928
% xe13/2: Designated Bridge 8000ecf4bbfc6928
% xe13/2: Message Age 0 - Max Age 20
% xe13/2: Hello Time 2 - Forward Delay 15
% xe13/2: Forward Timer 0 - Msg Age Timer 0 - Hello Timer 0 - topo change timer 0
% xe13/2: forward-transitions 3
% xe13/2: Version Rapid Spanning Tree Protocol - Receive None - Send RSTP
% xe13/2: No portfast configured - Current portfast off
% xe13/2: bpdu-guard default - Current bpdu-guard off
% xe13/2: bpdu-filter default - Current bpdu-filter off
% xe13/2: no root guard configured - Current root guard off
% xe13/2: Configured Link Type point-to-point - Current point-to-point
% xe13/2: No auto-edge configured - Current port Auto Edge off
%
% po1: Port Number 1697 - Ifindex 100001 - Port Id 0x86a1 - Role Designated - State Forwarding
% po1: Designated Path Cost 0
% po1: Configured Path Cost 2000 - Add type Explicit ref count 1
% po1: Designated Port Id 0x86a1 - Priority 128 -
% po1: Root 8000ecf4bbfc6928
% po1: Designated Bridge 8000ecf4bbfc6928
% po1: Message Age 0 - Max Age 20
% po1: Hello Time 2 - Forward Delay 15
% po1: Forward Timer 0 - Msg Age Timer 0 - Hello Timer 0 - topo change timer 0
% po1: forward-transitions 1
% po1: Version Rapid Spanning Tree Protocol - Receive None - Send RSTP
% po1: No portfast configured - Current portfast off
% po1: bpdu-guard default - Current bpdu-guard off
% po1: bpdu-filter default - Current bpdu-filter off
% po1: no root guard configured - Current root guard off
% po1: Configured Link Type point-to-point - Current point-to-point
% po1: No auto-edge configured - Current port Auto Edge off
%
% mlag2: Port Number 2690 - Ifindex 400002 - Port Id 0x8a82 - Role Disabled - State Forwarding
% mlag2: Designated Path Cost 0
% mlag2: Configured Path Cost 20000000 - Add type Explicit ref count 1
% mlag2: Designated Port Id 0x0 - Priority 128 -
% mlag2: Message Age 0 - Max Age 0
% mlag2: Hello Time 0 - Forward Delay 0
% mlag2: Forward Timer 0 - Msg Age Timer 0 - Hello Timer 0 - topo change timer 0
% mlag2: forward-transitions 1
% mlag2: Version Rapid Spanning Tree Protocol - Receive None - Send RSTP
% mlag2: No portfast configured - Current portfast off
% mlag2: bpdu-guard default - Current bpdu-guard off
% mlag2: bpdu-filter default - Current bpdu-filter off
% mlag2: no root guard configured - Current root guard off
% mlag2: Configured Link Type point-to-point - Current point-to-point
% mlag2: No auto-edge configured - Current port Auto Edge off
%
Disabling RSTP Globally
OcNOS#configure terminal
Enter Configure mode.
OcNOS(config)# no bridge 1 rapid-spanning-tree enable bridge-forward
Disable spanning tree globally for Provider-RSTP and keeping the ports in Forwarding state.
OcNOS(config)# interface mlag1
Configure interface mlag1
OcNOS(config-if)# switchport
Configure the interface as switchport
OcNOS(config-if)# bridge-group 1
Assign the above created bridge to this port.
OcNOS(config-vrf)#exit
Exit from interface mode to config mode
OcNOS(config)#commit
Commit the transaction.
Validation
OcNOS#sh run int mlag2-
!
interface mlag2
switchport
bridge-group 1 spanning-tree disable
switchport mode provider-network
!
OcNOS#sh run int mlag1
!
interface mlag1
switchport
bridge-group 1
switchport mode provider-network
!
OcNOS#
OcNOS#sh spanning-tree
% 1: Bridge up - Spanning Tree Disabled - topology change detected
% 1: Root Path Cost 0 - Root Port 0 - Bridge Priority 32768
% 1: Forward Delay 15 - Hello Time 2 - Max Age 20 - Transmit Hold Count 6
% 1: Root Id 8000000000000000
% 1: Bridge Id 8000000000000000
% 1: 2 topology change(s) - last topology change Tue Jul 30 06:47:37 2019
 
% 1: portfast bpdu-filter disabled
% 1: portfast bpdu-guard disabled
% xe13/2: Port Number 942 - Ifindex 5038 - Port Id 0x83ae - Role Disabled - State Forwarding
% xe13/2: Designated Path Cost 0
% xe13/2: Configured Path Cost 2000 - Add type Explicit ref count 1
% xe13/2: Designated Port Id 0x83ae - Priority 128 -
% xe13/2: Message Age 0 - Max Age 20
% xe13/2: Hello Time 2 - Forward Delay 15
% xe13/2: Forward Timer 0 - Msg Age Timer 0 - Hello Timer 0 - topo change timer 0
% xe13/2: forward-transitions 4
% xe13/2: Version Rapid Spanning Tree Protocol - Receive None - Send RSTP
% xe13/2: No portfast configured - Current portfast off
% xe13/2: bpdu-guard default - Current bpdu-guard off
% xe13/2: bpdu-filter default - Current bpdu-filter off
% xe13/2: no root guard configured - Current root guard off
% xe13/2: Configured Link Type point-to-point - Current point-to-point
% xe13/2: No auto-edge configured - Current port Auto Edge off
%
% po1: Port Number 1697 - Ifindex 100001 - Port Id 0x86a1 - Role Disabled - State Forwarding
% po1: Designated Path Cost 0
% po1: Configured Path Cost 2000 - Add type Explicit ref count 1
% po1: Designated Port Id 0x86a1 - Priority 128 -
% po1: Message Age 0 - Max Age 20
% po1: Hello Time 2 - Forward Delay 15
% po1: Forward Timer 0 - Msg Age Timer 0 - Hello Timer 0 - topo change timer 0
% po1: forward-transitions 2
% po1: Version Rapid Spanning Tree Protocol - Receive None - Send RSTP
% po1: No portfast configured - Current portfast off
% po1: bpdu-guard default - Current bpdu-guard off
% po1: bpdu-filter default - Current bpdu-filter off
% po1: no root guard configured - Current root guard off
% po1: Configured Link Type point-to-point - Current point-to-point
% po1: No auto-edge configured - Current port Auto Edge off
%
% mlag1: Port Number 2689 - Ifindex 400001 - Port Id 0x8a81 - Role Disabled - State Forwarding
% mlag1: Designated Path Cost 0
% mlag1: Configured Path Cost 20000000 - Add type Explicit ref count 1
% mlag1: Designated Port Id 0x0 - Priority 128 -
% mlag1: Message Age 0 - Max Age 0
% mlag1: Hello Time 0 - Forward Delay 0
% mlag1: Forward Timer 0 - Msg Age Timer 0 - Hello Timer 0 - topo change timer 0
% mlag1: forward-transitions 2
% mlag1: Version Rapid Spanning Tree Protocol - Receive None - Send RSTP
% mlag1: No portfast configured - Current portfast off
% mlag1: bpdu-guard default - Current bpdu-guard off
% mlag1: bpdu-filter default - Current bpdu-filter off
% mlag1: no root guard configured - Current root guard off
% mlag1: Configured Link Type point-to-point - Current point-to-point
% mlag1: No auto-edge configured - Current port Auto Edge off
%
% mlag2: Port Number 2690 - Ifindex 400002 - Port Id 0x8a82 - Role Disabled - State Forwarding
% mlag2: Designated Path Cost 0
% mlag2: Configured Path Cost 20000000 - Add type Explicit ref count 1
% mlag2: Designated Port Id 0x0 - Priority 128 -
% mlag2: Message Age 0 - Max Age 0
% mlag2: Hello Time 0 - Forward Delay 0
% mlag2: Forward Timer 0 - Msg Age Timer 0 - Hello Timer 0 - topo change timer 0
% mlag2: forward-transitions 2
% mlag2: Version Rapid Spanning Tree Protocol - Receive None - Send RSTP
% mlag2: No portfast configured - Current portfast off
% mlag2: bpdu-guard default - Current bpdu-guard off
% mlag2: bpdu-filter default - Current bpdu-filter off
% mlag2: no root guard configured - Current root guard off
% mlag2: Configured Link Type point-to-point - Current point-to-point
% mlag2: No auto-edge configured - Current port Auto Edge off
%
Port-isolation for MLAG
The feature is to prohibit communication between Isolated ports across MLAG switches. Protected port can communicate with an unprotected port and vice-versa. The use of protected ports ensures that there is no exchange of unicast, broadcast, or multicast data traffic between ports on the same switch so that one neighbor does not see the traffic generated by another neighbor.
Topology
 
Static MLAG Topology
L2SW
 
#configure terminal
Enter configure mode.(config)#bridge 1 protocol rstp vlan-bridge
(config)#bridge 1 protocol rstp vlan-bridge
Create RSTP bridge 1.
(config)#vlan database
Enter VLAN database mode.
(config-vlan)#vlan 2 bridge 1 state enable
Create VLAN 2.
(config-vlan)#exit
Exit vlan database mode.
(config)#interface po1
Enter interface mode.
(config-if)#switchport
Configure the interface as Layer 2
(config-if)#bridge-group 1
Associate the interface with bridge group 1.
(config-if)#switchport mode trunk
Set the switching characteristics of this interface to trunk mode.
(config-if)#switchport trunk allowed vlan all
Enable all VLAN identifiers on this interface.
(config-if)#exit
Exit interface mode.
(config)#interface xe2
Enter interface mode.
(config-if)#channel-group 1 mode active
Add this interface to channel group 1 and enable link aggregation so that it can be selected for aggregation by the local system.
(config-if)#exit
Exit interface mode.
(config)#interface xe9
Enter interface mode.
(config-if)#channel-group 1 mode active
Add this interface to channel group 1 and enable link aggregation so that it can be selected for aggregation by the local system.
(config-if)#exit
Exit interface mode.
(config)#interface xe11
Enter interface mode.
(config-if)#channel-group 1 mode active
Add this interface to channel group 1 and enable link aggregation so that it can be selected for aggregation by the local system.
(config-if)#exit
Exit interface mode.
(config)#interface xe22
Enter interface mode.
(config-if)#channel-group 1 mode active
Add this interface to channel group 1 and enable link aggregation so that it can be selected for aggregation by the local system.
(config-if)#exit
Exit interface mode.
(config)#commit
Commit the transaction.
TOR1
 
#configure terminal
Enter configure mode.
(config)#bridge 1 protocol rstp vlan-bridge
Create RSTP bridge 1.
(config)#vlan database
Enter vlan database mode.
(config-vlan)#vlan 2 bridge 1 state enable
Create VLAN 2.
(config-vlan)#exit
Exit vlan database mode.
(config)#hardware-profile filter port-isolation enable
Enable the hardware profile filter globally
(config)#interface mlag1
Enter interface mode.
(config-if)#switchport
Configure the interface as Layer 2
(config-if)#bridge-group 1
Associate the interface with bridge group 1.
(config-if)#switchport mode trunk
Set the switching characteristics of this interface to trunk mode.
(config-if)#switchport trunk allowed vlan all
Enable all VLAN identifiers on this interface.
(config-if)#switchport protected promiscuous
Configure interface as promiscuous port
(config-if)#exit
Exit interface mode.
(config)#interface mlag2
Enter interface mode.
(config-if)#switchport
Configure the interface as Layer 2
(config-if)#bridge-group 1
Associate the interface with bridge group 1.
(config-if)#switchport mode trunk
Set the switching characteristics of this interface to trunk mode.
(config-if)#switchport trunk allowed vlan all
Enable all VLAN identifiers on this interface.
(config-if)#switchport protected isolated
Configure interface as isolated port
(config-if)#exit
Exit interface mode.
(config)#interface po1
Enter interface mode.
(config-if)#switchport
Configure the interface as Layer 2
(config-if)#mlag 1
Enabling Mlag group number
(config-if)#exit
Exit interface mode.
(config)#interface po2
Enter interface mode.
(config-if)#switchport
Configure the interface as Layer 2
(config-if)#mlag 2
enabling Mlag group number
(config-if)#exit
Exit interface mode.
(config)#interface po3
Enter interface mode.
(config-if)#switchport
Configure the interface as Layer 2
(config-if)#exit
Exit interface mode.
(config)#interface xe9
Enter interface mode.
(config-if)#channel-group 1 mode active
Add this interface to channel group 1 and enable link aggregation so that it can be selected for aggregation by the local system.
(config-if)#exit
Exit interface mode.
(config)#interface xe11
Enter interface mode.
(config-if)#channel-group 1 mode active
Add this interface to channel group 1 and enable link aggregation so that it can be selected for aggregation by the local system.
(config-if)#exit
Exit interface mode.
(config)#interface xe1
Enter interface mode.
(config-if)#channel-group 2 mode active
Add this interface to channel group 2 and enable link aggregation so that it can be selected for aggregation by the local system.
(config-if)#exit
Exit interface mode.
(config)#interface xe13
Enter interface mode.
(config-if)#channel-group 2 mode active
Add this interface to channel group 2 and enable link aggregation so that it can be selected for aggregation by the local system.
(config-if)#exit
Exit interface mode.
(config)#interface xe49
Enter interface mode.
(config-if)#channel-group 3 mode active
Add this interface to channel group 3 and enable link aggregation so that it can be selected for aggregation by the local system.
(config-if)#exit
Exit interface mode.
(cosnfig)#commit
Commit the transaction.
(config)#mcec domain configuration
Entering MCEC mode
(config-mcec-domain)#domain-address 1111.2222.3333
Domain address for the mlag domain
(config-mcec-domain)# domain-system-number 1
Number to identify the node in a domain
(config-mcec-domain)# intra-domain link po3
Intra domain line between mlag domain
(config-mcec-domain)#idl-higig
Enable the idl-higig on mlag idl.
(config-mcec-domain)#exit
Exit MCEC mode
(config)#commit
Commit the transaction.
TOR2
 
#configure terminal
Enter configure mode.
(config)#bridge 1 protocol rstp vlan-bridge
Create RSTP bridge 1.
(config)#vlan database
Enter vlan database mode.
(config-vlan)#vlan 2 bridge 1 state enable
Create VLAN 2.
(config-vlan)#exit
Exit vlan database mode.
(config)#hardware-profile filter port-isolation enable
Enable the hardware profile filter globally
(config)#interface mlag1
Enter interface mode.
(config-if)#switchport
Configure the interface as Layer 2
(config-if)#bridge-group 1
Associate the interface with bridge group 1.
(config-if)#switchport mode trunk
Set the switching characteristics of this interface to trunk mode.
(config-if)#switchport trunk allowed vlan all
Enable all VLAN identifiers on this interface.
(config-if)#switchport protected promiscuous
Configure interface as promiscuous port
(config-if)#exit
Exit interface mode.
(config)#interface mlag2
Enter interface mode.
(config-if)#switchport
Configure the interface as Layer 2
(config-if)#bridge-group 1
Associate the interface with bridge group 1.
(config-if)#switchport mode trunk
Set the switching characteristics of this interface to trunk mode.
(config-if)#switchport trunk allowed vlan all
Enable all VLAN identifiers on this interface.
(config-if)#switchport protected isolated
Configure interface as isolated port
(config-if)#exit
Exit interface mode.
(config)#interface po1
Enter interface mode.
(config-if)#switchport
Configure the interface as Layer 2
(config-if)#mlag 1
Enabling Mlag group number
(config-if)#exit
Exit interface mode.
(config)#interface po2
Enter interface mode.
(config-if)#switchport
Configure the interface as Layer 2
(config-if)#mlag 2
Enabling Mlag group number
(config-if)#exit
Exit interface mode.
(config)#interface po3
Enter interface mode.
(config-if)#switchport
Configure the interface as Layer 2
(config-if)#exit
Exit interface mode.
(config)#interface xe2
Enter interface mode.
(config-if)#channel-group 1 mode active
Add this interface to channel group 1 and enable link aggregation so that it can be selected for aggregation by the local system.
(config-if)#exit
Exit interface mode.
(config)#interface xe22
Enter interface mode.
(config-if)#channel-group 1 mode active
Add this interface to channel group 1 and enable link aggregation so that it can be selected for aggregation by the local system.
(config-if)#exit
Exit interface mode.
(config)#interface xe11
Enter interface mode.
(config-if)#channel-group 2 mode active
Add this interface to channel group 2 and enable link aggregation so that it can be selected for aggregation by the local system.
(config-if)#exit
Exit interface mode.
(config)#interface xe38
Enter interface mode.
(config-if)#channel-group 2 mode active
Add this interface to channel group 2 and enable link aggregation so that it can be selected for aggregation by the local system.
(config-if)#exit
Exit interface mode.
(config)#interface xe49
Enter interface mode.
(config-if)#channel-group 3 mode active
Add this interface to channel group 3 and enable link aggregation so that it can be selected for aggregation by the local system.
(config-if)#exit
Exit interface mode.
(config)#commit
Commit the transaction.
(config)#mcec domain configuration
Entering MCEC mode
(config-mcec-domain)#domain-address 1111.2222.3333
Domain address for the mlag domain
(config-mcec-domain)# domain-system-number 2
Number to identify the node in a domain
(config-mcec-domain)# intra-domain link po3
Intra domain line between mlag domain
(config-mcec-domain)#idl-higig
Enable the idl-higig on mlag idl.
(config-mcec-domain)#exit
Exit MCEC mode
(config)#commit
Commit the transaction.
LEAF
 
#configure terminal
Enter configure mode.
(config)#bridge 1 protocol rstp vlan-bridge
Create RSTP bridge 1.
(config)#vlan database
Enter vlan database mode.
(config-vlan)#vlan 2 bridge 1 state enable
Create VLAN 2.
(config-vlan)#exit
Exit vlan database mode.
(config)#interface po2
Enter interface mode.
(config-if)#switchport
Configure the interface as Layer 2
(config-if)#bridge-group 1
Associate the interface with bridge group 1.
(config-if)#switchport mode trunk
Set the switching characteristics of this interface to trunk mode.
(config-if)#switchport trunk allowed vlan all
Enable all VLAN identifiers on this interface.
(config-if)#exit
Exit interface mode.
(config)#interface xe1
Enter interface mode.
(config-if)#channel-group 2 mode active
Add this interface to channel group 2 and enable link aggregation so that it can be selected for aggregation by the local system.
(config-if)#exit
Exit interface mode.
(config)#interface xe11
Enter interface mode.
(config-if)#channel-group 2 mode active
Add this interface to channel group 2 and enable link aggregation so that it can be selected for aggregation by the local system.
(config-if)#exit
Exit interface mode.
(config)#interface xe13
Enter interface mode.
(config-if)#channel-group 2 mode active
Add this interface to channel group 2 and enable link aggregation so that it can be selected for aggregation by the local system.
(config-if)#exit
Exit interface mode.
(config)#interface xe38
Enter interface mode.
(config-if)#channel-group 2 mode active
Add this interface to channel group 2 and enable link aggregation so that it can be selected for aggregation by the local system.
(config-if)#exit
Exit interface mode.
(config)#commit
(config)#commit
Validation
TOR1
#sh mlag domain details
 
 
Domain Configuration
 
Domain System Number :1
Domain Address :1111.2222.3333
Domain Priority :1000
Intra Domain Interface :po3
Hello RCV State :Current
Hello Periodic Timer State :Fast Periodic
Domain Sync :IN_SYNC
Neigh Domain Sync :IN_SYNC
Domain Adjacency :UP
 
 
MLAG Configuration
 
 
MLAG-1
Mapped Aggregator :po1
Admin Key : 16385
Oper Key : 16385
Physical properties Digest : dd 9c f 76 dd b6 5f 2f eb a1 d3 bb 8d 96 fc 82
 
Neigh Admin Key : 32769
Neigh Physical Digest : dd 9c f 76 dd b6 5f 2f eb a1 d3 bb 8d 96 fc 82
Info RCV State : Current
Info Periodic Time State : Standby
Mlag Sync : IN_SYNC
Mode : Active-Active
Current Mlag State : Active
 
 
MLAG-2
Mapped Aggregator : po2
Admin Key : 16386
Oper Key : 16386
Physical properties Digest : dd 9c f 76 dd b6 5f 2f eb a1 d3 bb 8d 96 fc 82
 
Neigh Admin Key : 32770
Neigh Physical Digest : dd 9c f 76 dd b6 5f 2f eb a1 d3 bb 8d 96 fc 82
Info RCV State : Current
Info Periodic Time State : Standby
Mlag Sync : IN_SYNC
Mode : Active-Active
Current Mlag State : Active
 
#sh etherchannel summary
Aggregator po1 100001
Aggregator Type: Layer2
Admin Key: 16385 - Oper Key 16385
Link: xe9 (5007) sync: 1 (Mlag-active-link)
Link: xe11 (5008) sync: 1 (Mlag-active-link)
--------------------------------------
Aggregator po2 100002
Aggregator Type: Layer2
Admin Key: 16386 - Oper Key 16386
Link: xe1 (5005) sync: 1 (Mlag-active-link)
Link: xe13 (5006) sync: 1 (Mlag-active-link)
--------------------------------------
Aggregator po3 100003
Aggregator Type: Layer2
Admin Key: 0003 - Oper Key 0003
Link: xe49 (5002) sync: 1
 
#sh mlag 1 detail
MLAG-1
Mapped Aggregator :po1
Admin Key : 16385
Oper Key : 16385
Physical properties Digest : dd 9c f 76 dd b6 5f 2f eb a1 d3 bb 8d 96 fc 82
 
Neigh Admin Key : 32769
Neigh Physical Digest : dd 9c f 76 dd b6 5f 2f eb a1 d3 bb 8d 96 fc 82
Info RCV State : Current
Info Periodic Time State : Standby
Mlag Sync : IN_SYNC
Mode : Active-Active
Current Mlag State : Active
 
#sh mcec statistics
 
Unknown MCCPDU received on the system : 0
 
 
IDP xe49
 
Valid RX Hello PDUs : 398
Valid TX Hello PDUs : 417
Valid RX Info PDUs : 16
Valid TX Info PDUs : 6
 
Valid RX Mac Sync PDUs : 3
Valid TX Mac Sync PDUs : 4
 
MLAG 1
Valid RX Info PDUs : 8
Valid TX Info PDUs : 3
 
MLAG 2
Valid RX Info PDUs : 8
Valid TX Info PDUs : 3
 
#sh mlag domain summary
 
Domain Configuration
 
 
Domain System Number :1
Domain Address :1111.2222.3333
Domain Priority :1000
Intra Domain Interface :xe49
Domain Adjacency :UP
 
 
MLAG Configuration
 
MLAG-1
Mapped Aggregator :po1
Physical properties Digest : dd 9c f 76 dd b6 5f 2f eb a1 d3 bb 8d 96 fc 82
 
Total Bandwidth : 40g
Mlag Sync : IN_SYNC
Mode : Active-Active
Current Mlag State : Active
 
 
MLAG-2
Mapped Aggregator : po2
Physical properties Digest : dd 9c f 76 dd b6 5f 2f eb a1 d3 bb 8d 96 fc 82
 
Total Bandwidth : 40g
Mlag Sync : IN_SYNC
Mode : Active-Active
Current Mlag State : Active