MLAG Limitations and Requirements

The This command is available on all Universal switches supported in this document. feature has the following limitations:

Note

Note

The behavior of ExtremeXOS 30.1 has changed if locally configured IP addresses are used to determine network reachability. For details, see the ping command.

MLAG Requirements

The following table shows additional MLAG requirements that are specific to other protocols and features.

Items Impact
VLAN:Membership

You must add the respective port (or LAG) that is part of an MLAG to a VLAN on both MLAG peers.

The set of configured VLANs on [Switch1:P1] must be identical to the set of VLANs configured on [Switch2:P2].

You must add the ISC to every VLAN that has an MLAG link as a member port.

VMAN:Membership The restrictions are the same as those for VLAN Membership.
VLAN:ISC

You must create a Layer 3 VLAN for control communication between MLAG peers.

You cannot enable IP forwarding on this VLAN.

The ISC is exclusively used for inter-MLAG peer control traffic and should not be provisioned to carry any user data traffic. Customer data traffic however can traverse the ISC port using other user VLANs.

VMAN:ISC

Although not recommended, a VMAN may be configured to carry Inter-MLAG peer traffic,

LAG:Load-Sharing Algorithm It is recommended but not required that LAGs that form an MLAG be configured to use the same algorithm.
Ports:Flooding To disable flooding on an MLAG, you must disable flooding on both ports (or LAGs) that form the MLAG.
Ports:Learning To disable learning on an MLAG, you must disable learning on both ports (or LAGs) that form the MLAG. Learning is disabled by default on ISC ports.
FDB:Static & Blackhole entries Configuration must be identical on both MLAG peers for entries that point to an MLAG port.
FDB:Limit learning Learning limits are applicable to member ports of each peer. The limit on the MLAG is the sum of the configured value on each peer.
FDB:MAC Lockdown This is supported but needs configuration on both peers. A switch can still receive checkpointed MAC addresses from its peer in the window between executing the lockdown command on both switches.
EAPS

MLAG ports cannot be configured to be EAPS ring ports.

Configuration of the ISC port as an EAPS blocked port is disallowed.

STP

You should ensure that the ISC port is never blocked by STP.

You should configure in such a way that one of the MLAG peers become root bridge and also configure MLAG peers with backup root option.

Loop protect feature should not be enabled on LAG ports on access switches. Enabling this feature on MLAG ports is acceptable.

For more information about STP and MLAG, see STP and MLAG.

VRRP VRRP must be enabled on Layer 3 VLANs that have MLAG member ports.
ESRP

MLAG and ISC ports must be added as ESRP host-attach ports.

EDP/LLDP There are no restrictions but the remote end of the MLAG will display different neighbors for different ports in the same LAG.
ELSM ELSM is not to be configured on MLAG ports at either end of an MLAG.
Software-Redundant Ports These are not to be configured on MLAG ports at either end of an MLAG.
Mirroring Mirroring on local ports in an MLAG is supported. Mirroring of MLAG peer ports to a local port is not supported.
Routing Protocols OSPFV2/OSPFV3 neighborship can be formed across an MLAG.
Multicast:IGMP All timers related to IGMP must be identical on both the peers.
Multicast:PIM

PIM should be configured on both the MLAG peers, and the PIM timers must be identical.

MLAG functionality must not be enabled on PIM Intermediate routers. It should be enabled only on Last Hop (LHR) and First Hop (FHR) routers.

MLAG peer switches S1 and S2 perform Checkpoint PIM for S and G states. This should include all MLAG egresses.

To avoid traffic drops due to asserts, do not include ISC port in MLAG egresses if the ingress VLAN includes ISC port, and both the peers have the same ingress for the S, G cache.

Multicast:MVR

MVR should be enabled on only one of the MLAG peer switches.

MVR must not be enabled on MLAG VLANs.

Multicast:PIM Snooping This is not supported.
Multicast:IPv6 There are no restrictions.
CFM There are no restrictions.
MPLS:General MPLS cannot be enabled on VLANs having MLAG member ports.
MPLS:VPLS

VPLS must be configured for redundancy using ESRP. The ESRP master VLAN must include the ISC ports and the VPLS service VLAN ports as members.

Pseudowires cannot traverse an ISC link. You should not add the ISC port as a member to MPLS VLANs that can be used by LSPs that can carry Layer 2 VPN traffic terminating on MLAG peer switches.

ACLs It is strongly recommended that configuration be identical across peers on MLAG ports.
QoS It is strongly recommended that configuration be identical across peers on MLAG ports.
NetLogin Supported. NetLogin should be enabled across the MLAG ports of both the peers.
VLAN:PVLAN

If an MLAG port is a member of either a subscriber VLAN or a network VLAN, the ISC port needs to be added as a member of the network VLAN.

Subscriber VLANs in a private VLAN cannot have overlapping MLAG ports as members. Configuring dedicated loopback ports for subscriber VLANs in a private VLAN that shares an MLAG port causes duplicate traffic to be sent to the remote node.

W-MLAG Supported.