Switching

Hi,

 

I have a test environment with two EX4200 switches in a virtual chassis configuration. I also have a pair of HP Procurve 5412zl running VRRP (part of a much bigger test environment). The Procurves are the core switches for this test environment.

 

What would be the recommended way of connecting my EX4200's to the Procurves? My ultimate goal is good redundancy, where one EX4200 and one Procurve can fail at the same time. Some example configuration would be helpful. Especially if I need to take STP into consideration.

 

I've setup vlan 50 for this. RVI on EX4200 has been assigned ip 10.101.50.2 and VRRP on Procurve has been assigned ip 10.101.50.1.

 

My current EX4200 configuration looks like this:

version 11.4R2.14;
system {
    host-name ex4200;
    root-authentication {
        encrypted-password BLAHA; ## SECRET-DATA
    }
    services {
        ssh {
            protocol-version v2;
        }
    }
    syslog {
        user * {
            any emergency;
        }
        file messages {
            any notice;
            authorization info;
        }
        file interactive-commands {
            interactive-commands any;
        }
    }
    commit synchronize;
}
chassis {
    aggregated-devices {
        ethernet {
            device-count 4;
        }
    }
}
interfaces {
    vlan {
        unit 50 {
            family inet {
                address 10.101.50.2/24;
            }
        }
    }
}
routing-options {
    static {
        route 0.0.0.0/0 next-hop 10.101.50.1;
    }
}
protocols {
    igmp-snooping {
        vlan all;
    }
    rstp;
    lldp {
        interface all;
    }
    lldp-med {
        interface all;
    }
}
ethernet-switching-options {
    storm-control {
        interface all;
    }
}
vlans {
    TESTVLAN {
        vlan-id 50;
        l3-interface vlan.50;
    }
}
virtual-chassis {
    no-split-detection;
    member 0 {
        mastership-priority 255;
    }
    member 1 {
        mastership-priority 255;
    }
}

 

HP Procurve 1

hostname "testcore1"
trunk E1-E2 Trk1 Trunk 
ip routing 
vlan 50 
   name "NETCORE" 
   ip address 10.101.50.1 255.255.255.0 
   tagged Trk1 
   exit
ip route 0.0.0.0 0.0.0.0 10.101.1.1
router vrrp
spanning-tree
spanning-tree Trk1 path-cost 30000
spanning-tree Trk1 priority 4
spanning-tree config-name "Test"
spanning-tree config-revision 1
spanning-tree instance 1 vlan 1-19 40-59 80-99
spanning-tree instance 1 priority 0
spanning-tree instance 1 Trk1 path-cost 30000
spanning-tree instance 2 vlan 20-39 60-79
spanning-tree instance 2 priority 1
spanning-tree instance 2 Trk1 priority 4
spanning-tree priority 0
vlan 50
   vrrp vrid 1
      owner
      virtual-ip-address 10.101.50.1 255.255.255.0
      priority 255
      enable
      exit
   exit

 

HP Procurve 2

hostname "testcore2"
trunk E1-E2 Trk1 Trunk 
ip routing 
vlan 50 
   name "NETCORE" 
   ip address 10.101.50.99 255.255.255.0 
   tagged Trk1 
   exit
ip route 0.0.0.0 0.0.0.0 10.101.1.1
router vrrp
spanning-tree
spanning-tree Trk1 path-cost 30000
spanning-tree Trk1 priority 4
spanning-tree config-name "Test"
spanning-tree config-revision 1
spanning-tree instance 1 vlan 1-19 40-59 80-99
spanning-tree instance 1 priority 1
spanning-tree instance 1 Trk1 path-cost 30000
spanning-tree instance 2 vlan 20-39 60-79
spanning-tree instance 2 priority 0
spanning-tree instance 2 Trk1 priority 4
spanning-tree priority 1
vlan 50
   vrrp vrid 1
      backup
      virtual-ip-address 10.101.50.1 255.255.255.0
      enable
      exit
   exit

 

 

 I've also attached a simple network diagram.

I'm not sure what would be recommended, but as far as the mos redundancy I think the best bet as far as physical connections is to have a link ag of at least two links from each HP to the Juniper VC.  The AG will be such that one physical link goes to each member of the chassis, so if one unit of the VC fails the ag port stays up.  It looks like you would have a layer two loop in that situation so you would need to use something like STP...should be fairly simple you'll just have to decide which port you want to to be STP blocked and set bridge priorities accordingly.

 

A bit off topic but I am kinda curious why you set the mastership priority of both VC units to 255.

Hi,

 

So, two aggregated interfaces, each containing one physical interface from each EX4200. Connect aggregated interface 1 to the first Procurve, and aggregated interface 2 to the second Procurve. Correct?

 

About STP - I've always found this to be a bit confusing - the Procurves are aldready running Spanning Tree Protocol (as shown in the Procurve configuration above), but I still need to set it up for the EX4200's as well?

 

And to answer your last question, the Day One book about configuring EX switches mentions the following:

 

"When an EX4200 switch powers on, it receives the default mastership priority value of 128. Although it is not required, it is recommended that the master and backup switches be designated by configuring the master- ship priority of these switches to be the highest value of all members.

 

Yes, about the aggregate interfaces that sounds correct.  Concerning STP, yes easiest thing would be to setup STP on the EX VC as well.  Though as another posted noted, it looks like the HPs are running MST, which the VC is setup for RSTP...these are different flavors of STP that don't interoperate, or at least don't interoperate well.  Given the config already in place on the HPs, it would probably make sense to put a similar MSTP config on teh VC stack.

 

Thanks for the excerpt from the day one book, interesting stuff, and it makes some sense.

one quick suggestion: It looks like you have MSTP configured on the procurve and RSTP on the EX.
I would suggest using MSTP on EX too..

I forgot to mark this as solved, thanks guys.

 

What I did was:

 

 

protocols {
    mstp {
        configuration-name Test;
        revision-level 1;
    }

 

 I also removed rstp from my Junos configuration.