Switching

 View Only
last person joined: yesterday 

Ask questions and share experiences about EX and QFX portfolios and all switching solutions across your data center, campus, and branch locations.
  • 1.  LACP Link Aggregation between Cisco and Juniper - A Dark Art?

    Posted 03-22-2012 09:04
      |   view attached

    My request is pretty simple, but trying to get a straight, working config seems like a Dark Art according to all the unanswered or unsolved posts out there....


    I'm after a "best practice" LACP Config for the following scenario:
    -Juniper EX (11.4) to Cisco IOS (if needing to be specific EX4500 to Cat6500)
    -An 802.1q Trunk between the two devices
    -Up to four bonded links
    -1Gb or 10Gb type links (I would use one or the other, not combined)
    -Configured for Maximum Speed/Best Load Sharing
    -Configured for Maximum Redundancy (can scale down to run off one link)
    -Configured for Fastest Failover (recovery time from link failure)
    -Compatible with all versions of STP, but specifically MSTP
    -Using config Defaults as much as possible (not screwing around with hidden configuration items or timers)

     

    Additional Queries:
    -Native/Default VLAN
    To ensure the correct operation of LACP and STP (CIST for MSTP) PDUs between IOS and JUNOS, is there anything special I need to do in regards to respective Native/Default VLANs?
    Do I need specify anything, like adding the JUNOS Default VLAN as untagged/native on the Trunk? (I try to leave the Native/Defaults VLANs alone).
    -Ethernet OAM
    Is this a requirement for LACP? I am aware that this is a good idea to prevent Unidirectional Links between switches, especially for fibre.
    -LACP Active/Passive Combination
    Apart from the Passive/Passive combination being the obvious no-no, do the other combinations really make any difference? The other three combinations should work right?

     

    Attached is my first attempt at the configuration, unfortunately I have a very limited testing window:

     

    Thanks in advance.


     


    #LACP
    #cisco

    Attachment(s)

    txt
    LACP Interop.txt   1 KB 1 version


  • 2.  RE: LACP Link Aggregation between Cisco and Juniper - A Dark Art?

    Posted 03-22-2012 11:45

    -Ethernet OAM 

    LACP can be a substitute for OAM, as both test and verify the circuit bidirectionally. For Fiber, if you don't use LACP I suggest using OAM. Both will detect failures and take a link out of service.

     

    -Native VLAN 

    Are you expecting to receive untagged frams across the trunk?

     

     

    Here is my LACP Configs:

     

    Cisco:
    
    
    interface Port-channel10
     description Trunk to coresw4 Juniper EX4200
     switchport
     switchport trunk encapsulation dot1q
     switchport mode trunk
     switchport nonegotiate
     no ip address
    
    
    interface GigabitEthernet2/1
     description Po10 trunk to juniper ge-0/1/0
     switchport
     switchport trunk encapsulation dot1q
     switchport mode trunk
     switchport nonegotiate
     no ip address
     channel-protocol lacp
     channel-group 10 mode active
    
    
    Juniper:
    
    show configuration interfaces ae1
    description "Trunk to Cisco";
    aggregated-ether-options {
        lacp {
            active;
            periodic fast;
        }
    }
    unit 0 {
        family ethernet-switching {
            port-mode trunk;
            vlan {
                members all;
            }
        }
    }

     

    I have two gig interfaces in the LACP bundle and I see 1.7Gb of traffic on backup nights. No issues in 6 months.



  • 3.  RE: LACP Link Aggregation between Cisco and Juniper - A Dark Art?

    Posted 03-22-2012 15:43

    Hi Michael,

     

    Thanks for your reply, in regards to the Native/Default VLANs on the devices; we don't run any client/corporate traffic in those VLANs at either end, however I believe that MSTP and LACP send their relevant BPDUs/PDUs untagged.

    Some of the other posts around this topic have also made reference to it.

     

    I wanted to confirm whether this needs to be explicitly specified.

    I noticed in your configuration that the Juniper has the line vlan { members all; } Does the Juniper "Default" VLAN get added on to this Trunk Port  as tagged or untagged?

     

    Cheers



  • 4.  RE: LACP Link Aggregation between Cisco and Juniper - A Dark Art?

    Posted 03-22-2012 16:54

    I recently converted from PVSTP to MST for my network.

     

    My MST and VLAN config on the trunk are:

     

     

    MSTI     Member VLANs
       0 0,4094
       1 1-125
       2 126-250
       3 251-375
       4 376-500
       5 501-625
       6 626-750
       7 751-875
       8 876-1000
       9 1001-1500
      10 1501-2000
      11 2001-2500
      12 2501-3000
      13 3001-3500
      14 3501-4000
      15 4001-4093
    
    
    
    show spanning-tree interface ae1
    
    Spanning tree interface parameters for instance 0
    
    Interface    Port ID    Designated      Designated         Port    State  Role
                             port ID        bridge ID          Cost
    ae1.0            128:2     128:1670  28672.001b0df6d000     10000  FWD    ROOT
    
    Spanning tree interface parameters for instance 1
    
    Interface    Port ID    Designated      Designated         Port    State  Role
                             port ID        bridge ID          Cost
    ae1.0            128:2        128:2  24577.5c5eab757180     10000  FWD    MSTR
    
    Spanning tree interface parameters for instance 2
    
    Interface    Port ID    Designated      Designated         Port    State  Role
                             port ID        bridge ID          Cost
    ae1.0            128:2        128:2  28674.5c5eab757180     10000  FWD    MSTR
    
    Spanning tree interface parameters for instance 3
    
    Interface    Port ID    Designated      Designated         Port    State  Role
                             port ID        bridge ID          Cost
    ae1.0            128:2        128:2  24579.5c5eab757180     10000  FWD    MSTR
    
    Spanning tree interface parameters for instance 4
    
    Interface    Port ID    Designated      Designated         Port    State  Role
                             port ID        bridge ID          Cost
    ae1.0            128:2        128:2  28676.5c5eab757180     10000  FWD    MSTR
    
    Spanning tree interface parameters for instance 5
    
    Interface    Port ID    Designated      Designated         Port    State  Role
                             port ID        bridge ID          Cost
    ae1.0            128:2        128:2  24581.5c5eab757180     10000  FWD    MSTR
    
    Spanning tree interface parameters for instance 6
    
    Interface    Port ID    Designated      Designated         Port    State  Role
                             port ID        bridge ID          Cost
    ae1.0            128:2        128:2  28678.5c5eab757180     10000  FWD    MSTR
    
    Spanning tree interface parameters for instance 7
    
    Interface    Port ID    Designated      Designated         Port    State  Role
                             port ID        bridge ID          Cost
    ae1.0            128:2        128:2  24583.5c5eab757180     10000  FWD    MSTR
    
    Spanning tree interface parameters for instance 8
    
    Interface    Port ID    Designated      Designated         Port    State  Role
                             port ID        bridge ID          Cost
    ae1.0            128:2        128:2  28680.5c5eab757180     10000  FWD    MSTR
    
    Spanning tree interface parameters for instance 10
    
    Interface    Port ID    Designated      Designated         Port    State  Role
                             port ID        bridge ID          Cost
    ae1.0            128:2        128:2  28682.5c5eab757180     10000  FWD    MSTR

     

    Hm, I didn't think about the native vlan aspect when it comes to it working between my Cisco and Junipers. Currently the only see each other via CST and not MST, but I didn't mind  as I am migrating off of the Cisco gear.

     

    I think I may have a "ships passing in the night" scenario.

     

    edit: It is curious, as my LACP connectivity works, but not my BPDU exchanges. 



  • 5.  RE: LACP Link Aggregation between Cisco and Juniper - A Dark Art?

    Posted 03-22-2012 20:47

    Hi Michael,

    On your Juniper, does the default VLAN come up as assigned to any interfaces?



  • 6.  RE: LACP Link Aggregation between Cisco and Juniper - A Dark Art?

    Posted 03-23-2012 10:10

    It does, but on interfaces we have not configured, so it would appear that the keyword "all" does not include default.

     

    show vlans default detail
    VLAN: default, 802.1Q Tag: Untagged, Admin State: Enabled
    Number of interfaces: 10 (Active = 3)
      Untagged interfaces: ge-0/0/8.0, ge-0/0/9.0, ge-0/0/11.0*, ge-0/0/12.0*, ge-0/0/13.0*, ge-0/0/14.0, ge-0/0/15.0, ge-0/0/16.0, ge-0/0/18.0, ge-0/0/23.0

     

     



  • 7.  RE: LACP Link Aggregation between Cisco and Juniper - A Dark Art?

    Posted 03-13-2020 06:24

    Hi how is possible to connect Juniper VQFX with Cisco VIOS in port channel with LACP?

    Here is my onfiguration but it doesn't work...

     

     

    Juniper VQFX side configuration:
    root@vqfx-re# run show configuration interfaces ae0
    aggregated-ether-options {
    minimum-links 1;
    lacp {
    active;
    periodic slow;
    force-up;
    }
    }
    unit 0 {
    family ethernet-switching {
    interface-mode trunk;
    vlan {
    members all;
    }
    storm-control default;
    }
    }

     

    root@vqfx-re# run show interfaces terse ae0
    Interface Admin Link Proto Local Remote
    ae0 up up
    ae0.0 up up eth-switch

     

    root@vqfx-re# run show interfaces terse xe-0/0/2
    Interface Admin Link Proto Local Remote
    xe-0/0/2 up up
    xe-0/0/2.0 up up aenet --> ae0.0

     

    root@vqfx-re# run show interfaces terse xe-0/0/3
    Interface Admin Link Proto Local Remote
    xe-0/0/3 up up
    xe-0/0/3.0 up up aenet --> ae0.0



    Cisco configruation side:

    interface Port-channel1
    switchport trunk encapsulation dot1q
    switchport mode trunk
    switchport nonegotiate

    interface GigabitEthernet1/1
    switchport trunk encapsulation dot1q
    switchport mode trunk
    switchport nonegotiate
    media-type rj45
    no negotiation auto
    channel-protocol lacp
    channel-group 1 mode active


    interface GigabitEthernet1/2
    switchport trunk encapsulation dot1q
    switchport mode trunk
    switchport nonegotiate
    media-type rj45
    no negotiation auto
    channel-protocol lacp
    channel-group 1 mode active


    Switch#show interfaces status
    Gi1/1 notconnect trunk auto auto unknown
    Gi1/2 notconnect trunk auto auto unknown
    Po1 connected trunk auto auto



  • 8.  RE: LACP Link Aggregation between Cisco and Juniper - A Dark Art?

    Posted 03-13-2020 14:38

    I found the problem!


    Xe interfaces are not compatible  with Ge interfaces!

    The problem is with speed of different types of interfaces!



  • 9.  RE: LACP Link Aggregation between Cisco and Juniper - A Dark Art?

     
    Posted 03-13-2020 15:05

    802.3ad (LACP) standard does require all links to be the same speed.  If you had configured without LACP, all might have them come up.

     

    Just FYI



  • 10.  RE: LACP Link Aggregation between Cisco and Juniper - A Dark Art?

    Posted 03-14-2020 19:25
    Yes, in clear trunk juniper and cisco can talk together .


    In situation where juniper is with Xe interfaces and Cisco is with ge interfaces it is not possible to use lacp.

    I test it in virtual simulation with eve-ng.

    In real environment I use in Juniper QFX and in Cisco, cisco and juniper 1 ge sfp interface modules for single and multimod optical cables and everything is okay because the speed of interfaces in both sides are the same.


  • 11.  RE: LACP Link Aggregation between Cisco and Juniper - A Dark Art?

    Posted 03-15-2020 02:20

    Hi ,

    Hi 

    -Native/Default VLAN

    To ensure the correct operation of LACP and STP (CIST for MSTP) PDUs between IOS and JUNOS, is there anything special I need to do in regards to respective Native/Default VLANs?

     

    Answer :

     

    By default there is no native vlan configuration required , you need to tag only those vlan traffic that needs to pass through that port

     

     

    Do I need specify anything, like adding the JUNOS Default VLAN as untagged/native on the Trunk? (I try to leave the Native/Defaults VLANs alone).

     

    Answer :

     

     nope it Is not required , as your trying to keep everything default

     

    -Ethernet OAM

    Is this a requirement for LACP? I am aware that this is a good idea to prevent Unidirectional Links between switches, especially for fibre.

     

    Answer :

     

    as your using LACP , which can detect link fault , OAM is not required

     

    LACP was designed to achieve the following:

    Automatic addition and deletion of individual links to the bundle without user intervention

    Link monitoring to check whether both ends of the bundle are connected to the correct group

     

    When LACP is enabled, the local and remote sides of the aggregated Ethernet links exchange protocol data units (PDUs), which contain information about the state of the link.

     

     

    -LACP Active/Passive Combination

    Apart from the Passive/Passive combination being the obvious no-no, do the other combinations really make any difference? The other three combinations should work right?

     

    Answer :

     

    You can configure Ethernet links to actively transmit PDUs, or you can configure the links to passively transmit them (sending out LACP PDUs only when they receive them from another link). One side of the link must be configured as active for the link to be up.

     

    Refer to this link , I think it gives you all the basics for juniper :

     

    https://www.juniper.net/documentation/en_US/junos/topics/task/configuration/lacp-cli.html

     

    Basics for cisco :

     

    https://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus5000/sw/configuration/guide/cli/CLIConfigurationGuide/EtherChannel.html

     

    ----

    Sharanya