Ethernet Switching
Reply
Visitor
aniki2507
Posts: 5
Registered: ‎09-15-2011
0

LACP Link Aggregation between Cisco and Juniper - A Dark Art?

My request is pretty simple, but trying to get a straight, working config seems like a Dark Art according to all the unanswered or unsolved posts out there....


I'm after a "best practice" LACP Config for the following scenario:
-Juniper EX (11.4) to Cisco IOS (if needing to be specific EX4500 to Cat6500)
-An 802.1q Trunk between the two devices
-Up to four bonded links
-1Gb or 10Gb type links (I would use one or the other, not combined)
-Configured for Maximum Speed/Best Load Sharing
-Configured for Maximum Redundancy (can scale down to run off one link)
-Configured for Fastest Failover (recovery time from link failure)
-Compatible with all versions of STP, but specifically MSTP
-Using config Defaults as much as possible (not screwing around with hidden configuration items or timers)

 

Additional Queries:
-Native/Default VLAN
To ensure the correct operation of LACP and STP (CIST for MSTP) PDUs between IOS and JUNOS, is there anything special I need to do in regards to respective Native/Default VLANs?
Do I need specify anything, like adding the JUNOS Default VLAN as untagged/native on the Trunk? (I try to leave the Native/Defaults VLANs alone).
-Ethernet OAM
Is this a requirement for LACP? I am aware that this is a good idea to prevent Unidirectional Links between switches, especially for fibre.
-LACP Active/Passive Combination
Apart from the Passive/Passive combination being the obvious no-no, do the other combinations really make any difference? The other three combinations should work right?

 

Attached is my first attempt at the configuration, unfortunately I have a very limited testing window:

 

Thanks in advance.


 

Contributor
Michael Gonnason
Posts: 42
Registered: ‎11-02-2010
0

Re: LACP Link Aggregation between Cisco and Juniper - A Dark Art?

-Ethernet OAM 

LACP can be a substitute for OAM, as both test and verify the circuit bidirectionally. For Fiber, if you don't use LACP I suggest using OAM. Both will detect failures and take a link out of service.

 

-Native VLAN 

Are you expecting to receive untagged frams across the trunk?

 

 

Here is my LACP Configs:

 

Cisco:


interface Port-channel10
 description Trunk to coresw4 Juniper EX4200
 switchport
 switchport trunk encapsulation dot1q
 switchport mode trunk
 switchport nonegotiate
 no ip address


interface GigabitEthernet2/1
 description Po10 trunk to juniper ge-0/1/0
 switchport
 switchport trunk encapsulation dot1q
 switchport mode trunk
 switchport nonegotiate
 no ip address
 channel-protocol lacp
 channel-group 10 mode active


Juniper:

show configuration interfaces ae1
description "Trunk to Cisco";
aggregated-ether-options {
    lacp {
        active;
        periodic fast;
    }
}
unit 0 {
    family ethernet-switching {
        port-mode trunk;
        vlan {
            members all;
        }
    }
}

 

I have two gig interfaces in the LACP bundle and I see 1.7Gb of traffic on backup nights. No issues in 6 months.

Visitor
aniki2507
Posts: 5
Registered: ‎09-15-2011
0

Re: LACP Link Aggregation between Cisco and Juniper - A Dark Art?

Hi Michael,

 

Thanks for your reply, in regards to the Native/Default VLANs on the devices; we don't run any client/corporate traffic in those VLANs at either end, however I believe that MSTP and LACP send their relevant BPDUs/PDUs untagged.

Some of the other posts around this topic have also made reference to it.

 

I wanted to confirm whether this needs to be explicitly specified.

I noticed in your configuration that the Juniper has the line vlan { members all; } Does the Juniper "Default" VLAN get added on to this Trunk Port  as tagged or untagged?

 

Cheers

Contributor
Michael Gonnason
Posts: 42
Registered: ‎11-02-2010
0

Re: LACP Link Aggregation between Cisco and Juniper - A Dark Art?

[ Edited ]

I recently converted from PVSTP to MST for my network.

 

My MST and VLAN config on the trunk are:

 

 

MSTI     Member VLANs
   0 0,4094
   1 1-125
   2 126-250
   3 251-375
   4 376-500
   5 501-625
   6 626-750
   7 751-875
   8 876-1000
   9 1001-1500
  10 1501-2000
  11 2001-2500
  12 2501-3000
  13 3001-3500
  14 3501-4000
  15 4001-4093



show spanning-tree interface ae1

Spanning tree interface parameters for instance 0

Interface    Port ID    Designated      Designated         Port    State  Role
                         port ID        bridge ID          Cost
ae1.0            128:2     128:1670  28672.001b0df6d000     10000  FWD    ROOT

Spanning tree interface parameters for instance 1

Interface    Port ID    Designated      Designated         Port    State  Role
                         port ID        bridge ID          Cost
ae1.0            128:2        128:2  24577.5c5eab757180     10000  FWD    MSTR

Spanning tree interface parameters for instance 2

Interface    Port ID    Designated      Designated         Port    State  Role
                         port ID        bridge ID          Cost
ae1.0            128:2        128:2  28674.5c5eab757180     10000  FWD    MSTR

Spanning tree interface parameters for instance 3

Interface    Port ID    Designated      Designated         Port    State  Role
                         port ID        bridge ID          Cost
ae1.0            128:2        128:2  24579.5c5eab757180     10000  FWD    MSTR

Spanning tree interface parameters for instance 4

Interface    Port ID    Designated      Designated         Port    State  Role
                         port ID        bridge ID          Cost
ae1.0            128:2        128:2  28676.5c5eab757180     10000  FWD    MSTR

Spanning tree interface parameters for instance 5

Interface    Port ID    Designated      Designated         Port    State  Role
                         port ID        bridge ID          Cost
ae1.0            128:2        128:2  24581.5c5eab757180     10000  FWD    MSTR

Spanning tree interface parameters for instance 6

Interface    Port ID    Designated      Designated         Port    State  Role
                         port ID        bridge ID          Cost
ae1.0            128:2        128:2  28678.5c5eab757180     10000  FWD    MSTR

Spanning tree interface parameters for instance 7

Interface    Port ID    Designated      Designated         Port    State  Role
                         port ID        bridge ID          Cost
ae1.0            128:2        128:2  24583.5c5eab757180     10000  FWD    MSTR

Spanning tree interface parameters for instance 8

Interface    Port ID    Designated      Designated         Port    State  Role
                         port ID        bridge ID          Cost
ae1.0            128:2        128:2  28680.5c5eab757180     10000  FWD    MSTR

Spanning tree interface parameters for instance 10

Interface    Port ID    Designated      Designated         Port    State  Role
                         port ID        bridge ID          Cost
ae1.0            128:2        128:2  28682.5c5eab757180     10000  FWD    MSTR

 

Hm, I didn't think about the native vlan aspect when it comes to it working between my Cisco and Junipers. Currently the only see each other via CST and not MST, but I didn't mind  as I am migrating off of the Cisco gear.

 

I think I may have a "ships passing in the night" scenario.

 

edit: It is curious, as my LACP connectivity works, but not my BPDU exchanges. 

Visitor
aniki2507
Posts: 5
Registered: ‎09-15-2011
0

Re: LACP Link Aggregation between Cisco and Juniper - A Dark Art?

Hi Michael,

On your Juniper, does the default VLAN come up as assigned to any interfaces?

Contributor
Michael Gonnason
Posts: 42
Registered: ‎11-02-2010
0

Re: LACP Link Aggregation between Cisco and Juniper - A Dark Art?

It does, but on interfaces we have not configured, so it would appear that the keyword "all" does not include default.

 

show vlans default detail
VLAN: default, 802.1Q Tag: Untagged, Admin State: Enabled
Number of interfaces: 10 (Active = 3)
  Untagged interfaces: ge-0/0/8.0, ge-0/0/9.0, ge-0/0/11.0*, ge-0/0/12.0*, ge-0/0/13.0*, ge-0/0/14.0, ge-0/0/15.0, ge-0/0/16.0, ge-0/0/18.0, ge-0/0/23.0

 

 

Copyright© 1999-2013 Juniper Networks, Inc. All rights reserved.