MLAG Limitations and Requirements

The MLAG (Multi-switch Link Aggregation Group) feature has the following limitations:

  • MLAG peer switches must be of the same platform family. The following MLAG peers are allowed:
    • Summit switches with Summit switches
    • SummitStack with SummitStack
    Note

    Note

    In the case of Summit standalone switches, it is strongly recommended that MLAG peer switches be of the same type.

    In the case of SummitStack switches, we recommend that the MLAG ports be from slots of similar capability.

  • Layer 2 protocols such as EAPS (Extreme Automatic Protection Switching) or STP (Spanning Tree Protocol) will be configured to not allow the blocking of the ISC.
  • The number of MLAG ports for each pair of switches is limited to 768.
  • MLAG peers should run the same version of ExtremeXOS for proper functioning.
  • ESRP (Extreme Standby Router Protocol) cannot be configured in a MLAG environment with more than one peer.
  • The MLAG peers in a multi peer setup cannot be looped however can be extended as a linear daisy chain.

MLAG Requirements

The following table shows additional MLAG requirements that are specific to other protocols and features.

Note

Note

To function properly, MLAG peers should run the same version of ExtremeXOS.
Items Impact
VLAN (Virtual LAN):Membership

You must add the respective port (or LAG (Link Aggregation Group)) that is part of an MLAG to a VLAN on both MLAG peers.

The set of configured VLANs on [Switch1:P1] must be identical to the set of VLANs configured on [Switch2:P2].

You must add the ISC to every VLAN that has an MLAG link as a member port.

VMAN:Membership The restrictions are the same as those for VLAN Membership.
VLAN:ISC

You must create a Layer 3 VLAN for control communication between MLAG peers.

You cannot enable IP forwarding on this VLAN.

The ISC is exclusively used for inter-MLAG peer control traffic and should not be provisioned to carry any user data traffic. Customer data traffic however can traverse the ISC port using other user VLANs.

VMAN:ISC

Although not recommended, a VMAN may be configured to carry Inter-MLAG peer traffic,

LAG:Load-Sharing Algorithm It is recommended but not required that LAGs that form an MLAG be configured to use the same algorithm.
Ports:Flooding To disable flooding on an MLAG, you must disable flooding on both ports (or LAGs) that form the MLAG.
Ports:Learning To disable learning on an MLAG, you must disable learning on both ports (or LAGs) that form the MLAG. Learning is disabled by default on ISC ports.
FDB (forwarding database):Static & Blackhole entries Configuration must be identical on both MLAG peers for entries that point to an MLAG port.
FDB:Limit learning Learning limits are applicable to member ports of each peer. The limit on the MLAG is the sum of the configured value on each peer.
FDB:MAC Lockdown This is supported but needs configuration on both peers. A switch can still receive checkpointed MAC addresses from its peer in the window between executing the lockdown command on both switches.
EAPS

MLAG ports cannot be configured to be EAPS ring ports.

Configuration of the ISC port as an EAPS blocked port is disallowed.

STP

STP cannot be enabled on MLAG ports.

STP should not be enabled on the ports present in the remote node which connects to the MLAG ports.

You should ensure that the ISC port is never blocked by STP.

VRRP (Virtual Router Redundancy Protocol) VRRP must be enabled on Layer 3 VLANs that have MLAG member ports.
ESRP

MLAG and ISC ports must be added as ESRP host-attach ports.

EDP (Extreme Discovery Protocol)/LLDP (Link Layer Discovery Protocol) There are no restrictions but the remote end of the MLAG will display different neighbors for different ports in the same LAG.
ELSM ELSM is not to be configured on MLAG ports at either end of an MLAG.
Software-Redundant Ports These are not to be configured on MLAG ports at either end of an MLAG.
Mirroring Mirroring on local ports in an MLAG is supported. Mirroring of MLAG peer ports to a local port is not supported.
Routing Protocols OSPFV2/OSPFV3 neighborship can be formed across an MLAG.
Multicast:IGMP (Internet Group Management Protocol) All timers related to IGMP must be identical on both the peers.
Multicast:PIM

PIM should be configured on both the MLAG peers, and the PIM timers must be identical.

MLAG functionality must not be enabled on PIM Intermediate routers. It should be enabled only on Last Hop (LHR) and First Hop (FHR) routers.

MLAG peer switches S1 and S2 perform Checkpoint PIM for S and G states. This should include all MLAG egresses.

To avoid traffic drops due to asserts, do not include ISC port in MLAG egresses if the ingress VLAN includes ISC port, and both the peers have the same ingress for the S, G cache.

Multicast:MVR

MVR should be enabled on only one of the MLAG peer switches.

MVR must not be enabled on MLAG VLANs.

Multicast:PIM Snooping This is not supported.
Multicast:IPv6 There are no restrictions.
CFM There are no restrictions.
MPLS (Multiprotocol Label Switching):General MPLS cannot be enabled on VLANs having MLAG member ports.
MPLS:VPLS

VPLS must be configured for redundancy using ESRP. The ESRP master VLAN must include the ISC ports and the VPLS service VLAN ports as members.

Pseudowires cannot traverse an ISC link. You should not add the ISC port as a member to MPLS VLANs that can be used by LSPs that can carry Layer 2 VPN traffic terminating on MLAG peer switches.

ACLs It is strongly recommended that configuration be identical across peers on MLAG ports.
QoS (Quality of Service) It is strongly recommended that configuration be identical across peers on MLAG ports.
Netlogin This is not supported.
VLAN:PVLAN

If an MLAG port is a member of either a subscriber VLAN or a network VLAN, the ISC port needs to be added as a member of the network VLAN.

Subscriber VLANs in a private VLAN cannot have overlapping MLAG ports as members. Configuring dedicated loopback ports for subscriber VLANs in a private VLAN that shares an MLAG port causes duplicate traffic to be sent to the remote node.

DAD DAD detects duplicate IPv4 addresses configured on a VLAN that spans MLAG peer switches. This occurs only when the solicitation attempts to use the following command is more than one:

configure ip dad attempts max_solicitations