01-30-2013 01:48 AM
I have stumbled upon a limitation that I can't seem to find any workaround for. I have the following setup per-pop :
MLXe ========== FCS stack (2 members) =========== Management interfaces of devices (switchs, PDUs, firewalls, etc.)
I created a managment VRF that spans multiple POPs, each has it's IP private space.
A Vlan (on the MLXe) is binded to a VRF, the VLAN is trunked down to a stack of switchs (using a LAG) in order to aggregate cabling.
Problem I have is the following :
I can't use the dedicated managment interface on the MLX MR2 modules because the chassis only has one mac-address.
So, when I plug in the cable to the aggregation switchs, mac-address is not learned from that port but rather from the LAG. Otherwise, I would create a nice L2 loop ;-)
This on the MLX :
Ethernetmgmt1 is down, line protocol is down
STP Root Guard is disabled, STP BPDU Guard is disabled
Hardware is Ethernet, address is 0024.38a5.7b00 (bia 0024.38a5.7b00)
This is on the FCS stack switchs :
Total active entries from all ports = 35
MAC-Address Port Type Index VLAN
0024.38a4.fb00 1/1/1*2/1/1 Dynamic 28312 100
N.B : e1/1/1 and 2/1/1 are the ports used to create uplink LAG to the MLX router / VLAN100 is the managment VLAN bounded to the management VRF.
For operational needs, I would really like to use the dedicated management interface on the MLX routers (authentication, supervision/monitoring, etc.).
Sadly, there is nothing you can do on that interface except change the IP address :-/
Has anyone faced this before ? Any workaround you can think of ?
01-30-2013 04:41 AM
Quick follow-up, solution was obvious and I didn't see it
Instead of focusing on the dedicated management interface, just have to use the VE for that VLAN on the router.
Solution was given here :