Sunday, March 18, 2018

Extreme Switch - How to Configure VRRP active/active on MLAG


First of all, configure a basic VRRP configuration in EXOS with the following steps.

How to Create a Basic VRRP Configuration in EXOS

 Step 1. Create a VLAN on MLAG peers and add ports to ISC link
Step 2. Add an IP address to the VRRP VLAN on each MLAG Peers
Step 3. Create a VRRP router instance on MLAG peers
Step 4. Add VIP to VRRP instance on each MLAG Peer
Step 5. Enable VRRP globally and on each VLAN

Step 6. Create the below ACL on each MLAG Peer

vi vrrp-act.pol

entry vrrp-act {
if match all {
destination-address 224.0.0.18/32 ;
} then {
deny ;
}
}

Step 7. Apply the ACL policy on both ends of ISC link

configure access-list vrrp-act ports 47 ingress

Once you applied the ACL, you will be able to see the status by the following command.

Switch # show access-list
Vlan Name    Port   Policy Name          Dir      Rules  Dyn Rules
===================================================================
*            47     vrrp-act             ingress  1      0

Step 8. Check the VRRP state on both switches

You should be able to see the 'Master (MSTR)' state on both switches (Switch 1 and 2).

Switch1 # show vrrp
                      Virtual                 Master
   VLAN Name VRID Pri IP Address        State MAC Address       TP/TR/TV/P/T    /FR/G
    vlan10(En) 0001 200 10.10.10.1       MSTR 00:00:5e:00:01:01  0  0  0 Y 2      N N
    vlan20(En) 0001 200 10.10.10.1       MSTR 00:00:5e:00:01:01  0  0  0 Y 2      N N

   En-Enabled, Ds-Disabled, Pri-Priority, T-Advert Timer, P-Preempt
  TP-Tracked Pings, TR-Tracked Routes, TV-Tracked VLANs, FR-Fabric Routing,
  G-Group

 Total number of VRs : 2
Switch2 # show vrrp
                      Virtual                 Master
   VLAN Name VRID Pri IP Address        State MAC Address       TP/TR/TV/P/T    /FR/G
    vlan10(En) 0001 100 10.10.10.1       MSTR 00:00:5e:00:01:01  0  0  0 Y 2      N N
    vlan20(En) 0001 100 10.10.20.1       MSTR 00:00:5e:00:01:01  0  0  0 Y 2      N N

   En-Enabled, Ds-Disabled, Pri-Priority, T-Advert Timer, P-Preempt
  TP-Tracked Pings, TR-Tracked Routes, TV-Tracked VLANs, FR-Fabric Routing,
  G-Group

 Total number of VRs : 2


* Additional Notes:

If IPv6 address is used, then use IPv6 VRRP multicast address FF02:0:0:0:0:0:0:12/128 instead of IPv4 multicast address 224.0.0.18/32 in the ACL.


* Related posts:
Posted by at 11:54 AM
Labels: , , , , , ,

No comments:

Post a Comment