Ethernet Switches & Routers

Brocade NetIron - Multi Chassis Trunking (MCT) comparable to VSS, VPC, MLT, ...

by gfcm on ‎04-28-2011 05:48 AM (4,989 Views)

Background information

In a data center network environment, Link Aggregation (LAG) trunks are commonly deployed to provide link-level redundancy and increase the link capacity between network devices. However, LAG trunks do not provide switch-level redundancy. If the switch to which the LAG trunk is attached fails, the entire LAG trunk loses network connectivity. With MCT, member links of the LAG are connected to two MCT-aware switches, which are directly connected using an Inter-Chassis Link (ICL) to enable data flow and control messages between them. In the MCT deployment scenario, all links are active and can be load shared using hash algorithm. If one MCT switch fails, a data path will remain through the other switch with milliseconds range of traffic convergence time, which dramatically increase the network resilience and performance.

 

Equipment used

  • NetIron CES that runs v5.1.0c (PeerLeft)
  • NetIron CES that runs v5.1.0c (PeerRight)
  • FastIron FCX that runs FCXS07100a.bin (FCXBottom )
  • FastIron FCX that runs FCXS07100a.bin (FCXTop)

 

Network Diagram

mct.jpg

 

Configuration

 

  • PeerLeft (NetIron CES)

!
lag "FCXBottom" dynamic id 3
  ports ethernet 1/30
  primary-port 1/30
  deploy
  port-name "lag-FCXBottom" ethernet 1/30
!
lag "FCXTop" dynamic id 2
  ports ethernet 1/20
  primary-port 1/20
  deploy
  port-name "lag-FCXTop" ethernet 1/20
!
lag "ICL" dynamic id 1
  ports ethernet 1/1 to 1/2
  primary-port 1/1
  deploy
  port-name "ICL-to-PeerRight:1/1" ethernet 1/1
  port-name "ICL-to-PeerRight:1/2" ethernet 1/2
!
!
no spanning-tree
!
vlan 20 name client-VLAN20
  tagged ethe 1/1 to 1/2 ethe 1/20
  router-interface ve 20
!
vlan 30 name client-VLAN30
  tagged ethe 1/1 to 1/2 ethe 1/30
  router-interface ve 30
!
vlan 4090 name Session-VLAN
  tagged ethe 1/1 to 1/2
  router-interface ve 100
!
!
hostname PeerLeft
!
!
router vrrp-extended
!
!
interface ethernet 1/1
  enable
!
interface ethernet 1/20
  enable
!
interface ethernet 1/30
  enable
!
interface ve 20
  ip address 192.168.20.2/24
  ip vrrp-extended vrid 20
    backup priority 110
    ip-address 192.168.20.1
    short-path-forwarding
    activate
!
interface ve 30
  ip address 192.168.30.2/24
  ip vrrp-extended vrid 30
    backup priority 100
    ip-address 192.168.30.1
    short-path-forwarding
    activate
!
interface ve 100
   ip address 10.10.10.1/24
!
!
cluster GFCM 1
  rbridge-id 100
  session-vlan 4090
  member-vlan 20
  member-vlan 30
  icl MCT ethernet 1/1
  peer 10.10.10.2 rbridge-id 200 icl MCT
  deploy
  client FCXTop
    rbridge-id 301
    client-interface ethernet 1/20
    deploy
  client FCXBottom
    rbridge-id 302
    client-interface ethernet 1/30
    deploy
!

 

 

 

  • PeerRight (NetIron CES)

!
lag "FCXBottom" dynamic id 3
  ports ethernet 1/30
  primary-port 1/30
  deploy
  port-name "lag-FCXBottom" ethernet 1/30
!
lag "FCXTop" dynamic id 2
  ports ethernet 1/20
  primary-port 1/20
  deploy
  port-name "lag-FCXTop" ethernet 1/20
!
lag "ICL" dynamic id 1
  ports ethernet 1/1 to 1/2
  primary-port 1/1
  deploy
  port-name "ICL-to-PeerLeft:1/1" ethernet 1/1
  port-name "ICL-to-PeerLeft:1/2" ethernet 1/2
!
!
no spanning-tree
!
vlan 20 name client-VLAN20
  tagged ethe 1/1 to 1/2 ethe 1/20
  router-interface ve 20
!
vlan 30 name client-VLAN30
  tagged ethe 1/1 to 1/2 ethe 1/30
  router-interface ve 30
!
vlan 4090 name Session-VLAN
  tagged ethe 1/1 to 1/2
  router-interface ve 100
!
!
hostname PeerRight
!
!
router vrrp-extended
!
interface ethernet 1/1
  enable
!
interface ethernet 1/20
  enable
!
interface ethernet 1/30
  enable
!
interface ve 20
  ip address 192.168.20.3/24
  ip vrrp-extended vrid 20
    backup priority 100
    ip-address 192.168.20.1
    short-path-forwarding
    activate
!
interface ve 30
  ip address 192.168.30.3/24
  ip vrrp-extended vrid 30
    backup priority 110
    ip-address 192.168.30.1
    short-path-forwarding
    activate
!
interface ve 100
  ip address 10.10.10.2/24
!
!
!
cluster GFCM 1
  rbridge-id 200
  session-vlan 4090
  member-vlan 20
  member-vlan 30
  icl MCT ethernet 1/1
  peer 10.10.10.1 rbridge-id 100 icl MCT
  deploy
  client FCXTop
    rbridge-id 301
    client-interface ethernet 1/20
    deploy
  client FCXBottom
    rbridge-id 302
    client-interface ethernet 1/30
    deploy
!

 

 

  • FCXTop

!
vlan 20 by port
  tagged ethe 1/1/9 to 1/1/10
  untagged ethe 1/1/1
!
!
hostname FCXTop
interface ethernet 1/1/9
  link-aggregate configure key 10000
  link-aggregate active
!
interface ethernet 1/1/10
  link-aggregate configure key 10000
  link-aggregate active
!

 

 

  • FCXBottom

!
vlan 30 by port
  tagged ethe 1/1/9 to 1/1/10
  untagged ethe 1/1/1
!
!
hostname FCXBottom
  interface ethernet 1/1/9
  link-aggregate configure key 10000
  link-aggregate active
!
interface ethernet 1/1/10
  link-aggregate configure key 10000
  link-aggregate active
!

 

Explanation Step-by-Step (To be done on each NetIron Router without forgetting to use appropriate variables)

 

  • Create a dynamic LAG between the two NetIron Chassis (ICL)

lag "ICL" dynamic id 1
  ports ethernet 1/1 to 1/2
  primary-port 1/1
  deploy

  port-name "ICL-to-PeerRight:1/1" ethernet 1/1
  port-name "ICL-to-PeerRight:1/2" ethernet 1/2

 

  • Create a dynamic LAG between the logical chassis and the clients (here FCXBottom and FCXTop)

lag "FCXBottom" dynamic id 3
  ports ethernet 1/30
  primary-port 1/30
  deploy
  port-name "lag-FCXBottom" ethernet 1/30
!
lag "FCXTop" dynamic id 2
  ports ethernet 1/20
  primary-port 1/20
  deploy
  port-name "lag-FCXTop" ethernet 1/20

!

 

 

  • Create the client VLANs that will be used by the hosts connected to your switches (FCXBottom and FCXTop). Create at the same time a router-interface if you want to enable inter-VLAN routing later on.

vlan 20 name client-VLAN20
  tagged ethe 1/1 to 1/2 ethe 1/20
  router-interface ve 20
!
vlan 30 name client-VLAN30
  tagged ethe 1/1 to 1/2 ethe 1/30
  router-interface ve 30
!

 

 

  • Create the session (keepalived) VLAN as well as the router-interface used to check connectivity between MCT peers. The cluster session VLAN is the VLAN used by the cluster for control operations.

vlan 4090 name Session-VLAN
  tagged ethe 1/1 to 1/2
  router-interface ve 100

!
!

interface ve 100
   ip address 10.10.10.1/24
!

 

  • Configure the cluster. Each MCT physical node, PeerLeft and PeerRight, will act as an MCT peer and they are connected using an ICL. As you can see below, each MCT peer has an rbridge-id used by the peer to comunicate with this cluster node. Then specified the session-vlan previously configured. The member-vlans represent the client VLANs allowed to transit across the logical switch. The icl line specifiy the ICL for the cluster that is to say the link between the two MCT peers. Finally you have to configure the details of the other MCT peer.

cluster GFCM 1
  rbridge-id 100
  session-vlan 4090
  member-vlan 20
  member-vlan 30
  icl MCT ethernet 1/1
  peer 10.10.10.2 rbridge-id 200 icl MCT
  deploy

 

  • Create the cluster client instances under cluster configuration. This RBridge ID is used by the peer to communicate with this cluster node.

client FCXTop
  rbridge-id 301
  client-interface ethernet 1/20
  deploy
client FCXBottom
  rbridge-id 302
  client-interface ethernet 1/30
  deploy

 

  • Create the virtual interfaces to enable inter-VLAN routing. Then configure VRRPe so that each MCT peer can handle requests from each VLAN. Thus even if one peer fails, the remaining node will be able to answer to any gateway configured.

interface ve 20
  ip address 192.168.20.2/24
  ip vrrp-extended vrid 20
    backup priority 110
    ip-address 192.168.20.1
    short-path-forwarding
    activate
!
interface ve 30
  ip address 192.168.30.2/24
  ip vrrp-extended vrid 30
    backup priority 100
    ip-address 192.168.30.1
    short-path-forwarding
    activate
!

 

  • With the VRRP-E server virtualization featureshort-path forwarding, enabled, the MCT VRRP-E backup switch can forward both Layer 2 and Layer 3 packets to the VRRP-E master switch without going through ICL, which provides a VRRP active-active topology

VRRPe_no_short_path_small.jpg

 

  • Without the VRRP-E server virtualization feature and an active-standby VRRP/VRRPe topology, here is how the traffic will be handled.

 

VRRPe_no_short_path.jpg

 

  • Finally do not forget to configure dynamic LAGs on your switches. (Example for FCXTop)

vlan 20 by port
  tagged ethe 1/1/9 to 1/1/10
  untagged ethe 1/1/1
!
!
hostname FCXTop
interface ethernet 1/1/9
  link-aggregate configure key 10000
  link-aggregate active
!
interface ethernet 1/1/10
  link-aggregate configure key 10000
  link-aggregate active

!