NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
Problems configuring multi-chassis LAG with STP to core router
I am trying to configure two M7100-24X in a configuration that looks exactly like this http://i.imgur.com/huVN2h9.png, ready to take to our datacenter and migrate our existing hosts onto it.
The datacenter provide us only with two links, a gateway address and tell us to use STP (they can't/won't aggregate these links at their end).
My test platform for their equipment is two links terminating at a bridged interface on a pfsense box with STP configured.
The issue is that flows arriving at the switch with the backup link (i.e. the one blocked by STP) seemingly won't cross the bridge to get to the gateway (or the other switch, if attempting to access the management interface, meaning one of the switches is inaccessible from the router side).
Flows between interfaces assigned to a VPC are rerouted and work as they should under all faliure modes, so it's seemingly just flows that need to cross the bridge that don't terminate at an MLAG interface that are affected.
STP is enabled on all ports and LAG interfaces, router has highest STP priority, one switch has higher priority than the other and the correct ports are designated as the next hops. Non-MLAG terminated flows just won't cross the bridge.
Can someone shed some light on:
a) If this is actually possible on this hardware?
b) If it is, what is the suggested configuration?
Thanks.
5 Replies
Hi connorzc,
Welcome to the community!
I have tested the same scenario as you, the traffic(downstream/upstream) is ok.
So I suggest you check the configuration of the MLAG Switch, it is best to try and isolate the issue first.
A reminder: STP mode should be disabled on MLAG peer-link port, for the detailed information for MLAG feature and Admin guide, please refer the KB as below:
1. MLAG on M7100--Basic setup and best practice
https://kb.netgear.com/app/answers/detail/a_id/25097
2. Software Administration Manual: MLAG configuraiton, on Page73
http://www.downloads.netgear.com/files/GDC/M5300/M5300-M6100-M7100_SWA_v11_30Oct2015.pdf
Thanks,
Eric
NETGEAR® Community TeamHi Eric,
Thanks for your reply.
I appears that I am on a newer firmware than that manual was written for.
I have consulted the manual for the latest firmware (the version I have installed), followed the configuration instructions as before and I am still facing the same issue.
Let's simplify the situation, as I get the feeling it requires the same solution.
I now have a setup which looks like the following:
dev1 ----- sw1 ===== sw2 ----- dev2
The sw1-sw2 peer link has been set as a LAG that was fully functioning before configuring the peer link.
I have also disabled STP on the LAG and member ports, despite the current manual suggesting that STP across the peer link is actually possible.
Now I am unable to ping across the link between dev1 and dev2 which are connected to plain (i.e. non-MLAG configured) ports.
Why isn't non-MLAG traffic able to cross the peer link? Presumably this is the same reason why in my previous post MLAG to gateway flows were not working depending on which switch they were sent to first.
Hi connorzc,
Thanks for your response immediately.
As you saied, you give us one simplistic situation, but it's a LAG situation, not same as MLAG situation. And the configuration is not same too.
In LAG situation, all member ports need to enable STP to prevent the loop.
Then you said unable to ping across the link between dev1 and dev2, I suggest you can check LAG status at first. To confirm whether the LAG status is up or not.
Thanks,
Eric
NETGEAR® Community Team
NETGEAR Academy
Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology!
Join Us!
