vEOS – Logical VTEP with MLAG – VXLAN interpreted on MLAG Peer

Hello all, Please see attached picture for network topolgy. I try to use VXLAN with HER for DCI, together with BGP&BFD as routing protocol (for underlay) between Site A and Site B.– Site A: VLAN100 mapped to DCI VNI 10100– Site B: VLAN1100 mapped to DCI VNI 10100– spine1&spine2 as mlag peers with logical VTEP– spine3 as single VTEP– ports for DCI configured as L3 routed (no switchport)– EBGP between spine1 and spine3 as well as spine2 and spine3– VLAN4093 between spine1 (10.0.1.1) and spine2 (10.0.1.2) for re-routing in case one DCI is down– IBGP between spine1 and spine2– target...
Continue reading →

MLAG Unicast Convergence

On an MLAG chassis we sync the MAC addresses learnt on individual peers and make sure we use the appropriate interface to map the MAC addresses. In case of unexpected events like reloading of one of the peers in the MLAG chassis or flapping of one or more MLAG interfaces, we may observe some loss of traffic. If an MLAG flaps on one peer, then we may have to remap the MAC addresses learned, such that the reachability is via the other peer in the MLAG domain. Until we re-map the MAC addresses and host routes, we may drop some...
Continue reading →

DHCP Snooping and MLAG interfaces

I have a vlan that I want to allocate IP addresses to the hosts based on their switch port-number so that the machines will get a consistent IP address based on their physical location in our cluster. The interface that this vlan is presented to the host is running as an MLAG. The Circuit ID gets correctly inserted as switchname:PortChannelxxx but which switchname will be sent is not clear. Any advice on how to make this configuration work reliably (we can only have one circuit ID in the DHCP configuration)? Should I only run dhcp snooping on one of the...
Continue reading →

VXLan, MLAG and duplicate ARP

We having an issue that we believe is related to receiving duplicate ARP requests. We’ve got nodes (part of openstack) connected to a pair of 7060 switches using MLAG, these 7060 switches then join a VXLan to connect to other pairs of 7060 switches where other nodes exist. The behaviour we’re seeing with ARP requests is that the broadcast is being flooded to the VTEP that is on both switches in the MLAG group, this is then being forwarded down both legs to the node, so the node sees the request twice. This seems to be confusing the OVS running...
Continue reading →

MSTP and MLAG Best Pratices

Hello folks, Following situation:– 2 datacenters– 2 spines per datacenter (short name: S1 & S2 in DC1, S3 & S4 in DC2)– multiple leafs per datacenter connected to both spines via bowtie MLAG– S1 & S2 forms MLAG pair, S3 & S4 forms MLAG pair– CWDM: S1 connected to S3, S2 connected to S4 (ring)– bowtie MLAG between MLAG pairs S1/S2 and S3/S4– MSTP with 1 MST instance What is the best practise for configuring MSTP root bridges?Configuring S1 as primary and S2-4 as secondary? Or S1 AND S2 as primary and S3+S4 as secondary?As far as I know, in...
Continue reading →

MLAG and SSO

Hi; Can you have MLAG without Stateful Switch Over What exactly the advantage of MLAG with SSO VS MLAG without SSO? For SSO to be functional, do you need to have the exact software image on both peers?

A comparison of virtual ip commands

The ‘ip virtual-router’ command Switch1:   Switch1(config)#interface vlan 10   Switch1(config-if-Vl10)#ip address 10.0.0.2/24   Switch1(config-if-Vl10)#ip virtual-router address 10.0.0.1   Switch1(config)#ip virtual-router mac-address 00:1c:73:00:00:99 Switch2:   Switch2(config)#interface vlan 10   Switch2(config-if-Vl10)#ip address 10.0.0.3/24   Switch2(config-if-Vl10)#ip virtual-router address 10.0.0.1   Switch2(config)#ip virtual-router mac-address 00:1c:73:00:00:99 The ‘ip virtual-router address’ command requires an IP address to be configured on the SVI where it is applied. How does the host resolve ARP for the default gateway/vIP? Gratuitous ARPs: Gratuitous ARPs are periodically sent from both switches which have VARP configured. In the gratuitous ARPs the configured vMAC is used as the Ethernet Source MAC. The ARP message  informs the host that Virtual IP...
Continue reading →

VARP – IP router not configured with MLAG peer MAC address

Hi forum, I have configured VARP on four 7050QX with 4.16.6M using the following config: <pre>ip virtual-router mac-address 00:1c:73:00:00:99 interface vlan 999 ip address 192.168.99.2/24 ip virtual-router address 192.168.99.1</pre> The virtual IP is pingable, but what does “IP router is not configured with Mlag peer MAC address” means in the output below? <pre>spine1(config)#sh ip virtual-router IP virtual router is configured with MAC address: 001c.7300.0099 IP router is not configured with Mlag peer MAC address MAC address advertisement interval: 30 seconds Protocol: U – Up, D – Down, T – Testing, UN – Unknown NP – Not Present, LLD – Lower...
Continue reading →

MLAG heartbeat timeout enhancement

In an MLAG setup, periodic TCP/UDP heartbeats are sent over peer-link to ensure IP connectivity between peers. Prior to EOS-4.17.0F release, a heartbeat timeout on MLAG primary/secondary causes MLAG state to become inactive and leads to spanning-tree topology changes, LACP port-channel link-flaps etc. From EOS-4.17.0F onwards, a heartbeat timeout on MLAG primary/secondary doesn’t cause MLAG state change, instead MLAG will remain in same state and also remain active. Status CLI command “show mlag detail” captures statistics related to heartbeat timeout events. Configured heartbeat interval : 4000 ms Effective heartbeat interval : 4000 ms Heartbeat timeout : 60000 ms Last heartbeat...
Continue reading →

MLAG ISSU

Overview MLAG ISSU (In-Service Software Upgrade) upgrades EOS software on one MLAG peer with minimal traffic disruptions on active MLAG interfaces and without changing the network topology. Note: Traffic impact could be seen for orphan links, active partial links and packets in flight   MLAG considerations before upgrade   I. Check for configuration inconsistencies Following features should be configured consistently on each switch: VLANs Switchport configuration on port channel interfaces that are configured with an MLAG ID STP configuration (global) In EOS versions 4.15.2F onwards, we can use MLAG configuration check feature: https://eos.arista.com/eos-4-15-2f/mlag-config-check/   II. Resolve ISSU warnings Resolve the...
Continue reading →

MLAG – unique domain ID and IP-pair needed for each leaf pair?

Hello I am currently testing the L2/MLAG-Design in GNS3 using vEOS. My topology consists of 2 spine switches and 3 pairs of leaf switches (=6 leaf switches).The 2 spine-switches will form an MLAG peering, as well as each of the leaf switch pairs. Each leaf is connected to both spines –> bowtie MLAG. Now my questions: 1. If I have multiple leaf pairs, can I use the same MLAG domain-ID for each leaf pair, or should I use a distinct one for each pair? 2. Is there any reason I should not use the same 2 IPs for MLAG peering...
Continue reading →

MLAG ToR pair to switches in U-shape

Hi Guys, Just want check how to configure Arista EOS to support the following ToR1 —-ToR2 |               | SW1 —- SW2 ToR1 & ToR2 are Arista MLAG pair to appear as single logical switch SW1 & SW2 is access sw running STP protocol Rgds Art  

IgmpSnooping and Mlag

Hi, In my case I have configured the querier on one of the Mlag( Ex. Mlag 20 ) and PIM router on Mlag 30. The Mlags here contain Eth Intfs from both the switches. Now when I send a UDP packet destined for a particular group( Ex. 225.0.0.1) as it is a multicast packet it gets flodded onto the local switch. It doesnt go towards the peer-switch as the peer-link is not a part of the multicast group. When I disable the Mlags on one of the switch the Mlag status on both the switches become ”Inactive” Now the peer-link...
Continue reading →

VXLAN Routing with MLAG

Introduction This document describes the operation and configuration of  VXLAN routing on an Arista platform in conjunction with MLAG for redundancy. The configuration and guidance within the document unless specifically noted is based on the platforms and EOS releases noted in the table below.   Arista’s Multi-Chassis LAG (MLAG) technology provides the ability to build a loop free active-active layer 2 topology. The technology operates by allowing two physical Arista switches to appear as a single logical switch (MLAG domain), third-party switches, servers or neighbouring Arista switches connect to the logical switch via a standard port-channel (static, passive or active)...
Continue reading →

MLAG “Orphan Ports”

Hi, I wanted to know if MLAG has the same issue as Cisco’s VPC. Specially regarding “Orphan Ports”? If so how do the Arista switches deal with this?   Thank you, Victor

MLAG switches connecting Physical server without LACP

Hi, i have a setup with two 7050X in MLAG Domain. I have most of my Physical servers connected to the two Switches 10G interfaces with LACP and LAG and everything works great. However, i have a few specific servers that needs to be connected to the two switches( one server port to first switch and second server port to the second switch) but without LACP(the servers will be in a Hyper-v Cluster with software defined nic teaming). The question is, do i need to create a LAG without LACP in order to connect the server to the switches or...
Continue reading →

VXLAN bridging with MLAG

VXLAN bridging with MLAG Introduction This document describes the operation and configuration of VXLAN within an Multi-Chassis LAG (MLAG) deployment. The configuration and guidance within the document is based on the platforms and EOS release of table 1.0 Arista MLAG technologyTable 1.0 Arista’s Multi-Chassis LAG (MLAG) technology provides the ability to build a loop free active-active layer 2 topology. The technology operates by allowing two physical Arista switches to appear as a single logical switch (MLAG domain), third-party switches, servers or neighbouring Arista switches connect to the logical switch via a standard port-channel (static, passive or active) with the physical links...
Continue reading →

MLAG Priorities

Hi, How does the Arista switches decide which switch will be the primary switch of the MLAG domain? Also, is there anyway to change which one is primary and which one is secondary within the MLAG domain? Thank you

MLAG – basic configuration

MLAG overview LAG or link aggregation is a way of bonding multiple physical links into a combined logical link. MLAG or multi-chassis link aggregation extends this capability allowing a downstream switch or host to connect to two switches configured as an MLAG domain. This provides redundancy by giving the downstream switch or host two uplink paths as well as full bandwidth utilization since the MLAG domain appears to be a single switch to Spanning Tree (STP). Because the MLAG domain appears to STP as a single switch there are no blocked ports. Configuration The following will provide instructions on how...
Continue reading →

Active-active router redundancy using VARP

In most of Leaf-Spine deployments, redundancy in Spine layer is required to achieve high availability and to prevent network service disruption. Modern layer 2 networks adopted loop-free and balanced path networks using Multi Chassis Link Aggregation topologies with LACP port channels, leaving loop control methods (STP) as second protection layer. Spines also supports layer 3 networks, using ECMP in a scalable network topology. For unicast redundancy in layer 3, a common method is use First Hop Router Redundancy (FHRR) to provide a simple and unique gateway for Leaf level. VRRP and HRSP are popular FHRR protocols and supported in most...
Continue reading →

In the output of sh vlan brief command output what are ‘PEt’ interfaces

When I execute the command “sh vlan brief” in the output I see a few interfaces with “PEt” (see below). What exactly are these interfaces where are they coming from?   Core_Router# sh vlan brief VLAN  Name                             Status    Ports ----- -------------------------------- --------- ------------------------------- 1     default                          active 563   User_Segment1           active    Cpu, Et9, Et10, Et11, Et12 Et13, Et14, Et15, Et16, Et17 PEt9, PEt10, PEt11, PEt12 PEt13, PEt14, PEt15, PEt16 PEt17, Po100