MC-LAG Examples

Example: Configuring Multichassis Link Aggregation on the QFX Series

• Requirements

• Overview

• Configuration

• (Optional) Configuring RSTP

• (Optional) Configuring IGMP Snooping

• (Optional) Configuring VRRP

• (Optional) Configuring MAC Address Synchronization

• (Optional) Configuring OSPF

• (Optional) Configuring PIM

• (Optional) Configuring DHCP Relay

• Verification

• Troubleshooting

Requirements

• Junos OS Release 13.2X51-D10 or later for the QFX5100 standalone switches, Release 15.1X53-D10 or later for QFX10002 standalone switches.

  • Revalidated on Junos OS Release 17.3R1 for QFX5100 and QFX10000 switches.

  • Revalidated on Junos OS Release 19.4R1 for QFX10000 switches.

• Configure aggregated Ethernet interfaces on a switch. See Example: Configuring Link Aggregation Between a QFX Series Product and an Aggregation Switch.

• Configure the Link Aggregation Control Protocol (LACP) on aggregated Ethernet interfaces on a switch. See Example: Configuring Link Aggregation with LACP Between a QFX Series Product and an Aggregation Switch.

Overview

In this example, you configure an MC-LAG across two switches, consisting of two aggregated Ethernet interfaces, an interchassis control link-protection link (ICL-PL), multichassis protection link for the ICL-PL, the Inter-Chassis Control Protocol for the peers hosting the MC-LAG, and Layer 3 connectivity between MC-LAG peers. Layer 3 connectivity is required for ICCP.

Topology

The topology used in this example consists of two switches hosting an MC-LAG. The two switches are connected to a server. Figure 1 shows the topology used in this example.

Figure 1: Configuring a Multichassis LAG Between QFX1 and QFX2

Configuration

CLI Quick Configuration

To quickly configure this example, copy the following commands, paste them in a text file, remove any line breaks, change any details necessary to match your network configuration, copy and paste the commands into the CLI at the [edit] hierarchy level, and then enter commit from configuration mode.

Configuring MC-LAG on Two Switches

Step-by-Step Procedure

1. Configure the number of LAGs on both QFX1 and QFX2.
2. Add member interfaces to the aggregated Ethernet interfaces on both QFX1 and QFX2.

   QFX1 and QFX2:

3. Configure an access interface to the connected end host.
4. Add member interfaces to VLAN v10.
5. Configure a trunk interface between QFX1 and QFX2.
6. Enable VLANs on the MC-LAG between QFX1 and QFX2.
7. Configure an IRB 50.
8. Assign VLAN 50 to irb.50.
9. Configure an IRB 10.
10. Assign VLAN 10 irb.10.
11. Enable LACP on the MC-LAG interface on QFX1 and QFX2.Note

    At least one end needs to be active. The other end can be either active or passive.
12. Specify the same LACP system ID for the MC-LAG on QFX1 and QFX2.
13. Specify the same LACP administration key on both QFX1 and QFX2.
14. Specify the same multichassis aggregated Ethernet identification number on both MC-LAG peers on QFX1 and QFX2.
15. Specify a unique chassis ID for the MC-LAG on the MC-LAG peers on QFX1 and QFX2.

    QFX1:

    QFX2:

16. Specify the operating mode of the MC-LAG on both QFX1 and QFX2.Note

    Only active-active mode is supported at this time.
17. Specify the status control for MC-LAG on QFX1 and QFX2.Note

    You must configure status control on both QFX1 and QFX2 hosting the MC-LAG. If one peer is in active mode, the other must be in standby mode.

    QFX1:

    QFX2:

18. Specify the number of seconds by which the bring-up of the multichassis aggregated Ethernet interface should be deferred after you reboot QFX1 and QFX2.Note

    The recommended value for maximum VLAN configuration (for example, 4,000 VLANS) is 240 seconds. If IGMP snooping is enabled on all of the VLANs, the recommended value is 420 seconds.
19. Configure Layer 3 connectivity between the MC-LAG peers on both QFX1 and QFX2.
20. Configure a multichassis protection link between QFX1 and QFX2.

    QFX1:

    QFX2:

21. Configure the local IP address to be in the ICCP connection on QFX1 and QFX2.

    QFX1:

    QFX2:

22. (Optional) Configure the time during which an ICCP connection must succeed between MC-LAG peers on QFX1 and QFX2.Note

    On QFX Series switches, the default session establishment hold time is 300 seconds. However, the session establishment time must be at least 100 seconds higher than the init delay time. You can optionally update the session establishment time to be 340 seconds and the init delay time to be 240 seconds.

    QFX1:

    QFX2:

23. Configure the redundancy groups for ICCP on QFX1 and QFX2.

    QFX1:

    QFX2:

24. (Optional) Configure the backup IP address to be used for backup liveness detection on both QFX1 and QFX2.Note

    By default, backup liveness detection is not enabled. Configuring a backup IP address helps achieve sub-second traffic loss during an MC-LAG peer reboot.

    QFX1:

    QFX2:

25. Configure the peer IP address and minimum receive interval for a BFD session for ICCP on QFX1 and QFX2.

    QFX1:

    QFX2:

26. Configure the peer IP address and minimum transmit interval for BFD session for ICCP on QFX1 and QFX2.

    QFX1:

    QFX2:

27. To enable the service ID on QFX1 and QFX2:

    The switch service ID is used to synchronize applications, IGMP, ARP, and MAC learning across MC-LAG members.

Results

Here are the results of your configuration on QFX1.

Display the results of the configuration on QFX2.

Display the results of the configuration on QFX3.

(Optional) Configuring RSTP

CLI Quick Configuration

Configuring QFX1 and QFX2

Step-by-Step Procedure

1. Configure the MC-LAG interfaces as edge ports on QFX1 and QFX2.
2. Disable RSTP on the ICL-PL interfaces on QFX1 and QFX2:
3. Enable RSTP globally on all interfaces on QFX1 and QFX2.
4. Enable BPDU blocking on all interfaces except for the ICL-PL interfaces on QFX1 and QFX2.Note

   The ae1 interface is a downstream interface. This is why RSTP and bpdu-block-on-edge need to be configured.

QFX1 and QFX2

From configuration mode, confirm your configuration by entering the show protocols rstp commands. If the output does not display the intended configuration, repeat the instructions in this example to correct the configuration.

Configuring QFX3

CLI Quick Configuration

Step-by-Step Procedure

1. Configure an interface as an edge port on QF3.
2. Enable RSTP globally on all QFX3.
3. Enable BPDU blocking on all interfaces on QFX3.Note

   The ae1 interface is a downstream interface. This is why RSTP and bpdu-block-on-edge need to be configured.

QFX3

From configuration mode, confirm your configuration by entering the show protocols rstp commands. If the output does not display the intended configuration, repeat the instructions in this example to correct the configuration.

(Optional) Configuring IGMP Snooping

CLI Quick Configuration

Configuring QFX1 and QFX2

Step-by-Step Procedure

1. Enable IGMP snooping for all VLANs.
   [edit protocols]

user@switch# set igmp-snooping vlan all

QFX1 and QFX2

From configuration mode, confirm your configuration by entering the show protocols igmp and show multicast-snooping-options commands. If the output does not display the intended configuration, repeat the instructions in this example to correct the configuration.

(Optional) Configuring VRRP

CLI Quick Configuration

Configuring QFX1

Step-by-Step Procedure

1. Enable VRRP on the MC-LAGs by creating an IRB interface for each MC-LAG, assign a virtual IP address that is shared between each switch in the VRRP group, and assign an individual IP address for each individual member in the VRRP group.
   [edit interfaces]

user@switch# set interfaces irb unit 50 family inet address 10.50.1.1/30 vrrp-group 1 virtual-address 50.1.1/30

   user@switch# set interfaces irb unit 50 family inet address 10.50.1.1/30 vrrp-group 1 priority 200

   user@switch# set interfaces irb unit 50 family inet address 10.50.1.2/30 vrrp-group 1 accept-data

QFX1

From configuration mode, confirm your configuration by entering the show interfaces irb unit 100 family inet address 10.1.1.11/8 vrrp-group command. If the output does not display the intended configuration, repeat the instructions in this example to correct the configuration.

Configuring QFX2

Step-by-Step Procedure

1. Enable VRRP on the MC-LAGs by creating an IRB interface for each MC-LAG, assign a virtual IP address that is shared between each switch in the VRRP group, and assign an individual IP address for each individual member in the VRRP group.
   [edit interfaces]

user@switch# set interfaces irb unit 500 family inet address 10.3.3.1/30 vrrp-group 1 virtual-address 3.3.1/24

   user@switch# set interfaces irb unit 500 family inet address 10.3.3.1/30 vrrp-group 1 priority 150

   user@switch# set interfaces irb unit 500 family inet address 10.3.3.1/30 vrrp-group 1 accept-data

QFX2

From configuration mode, confirm your configuration by entering the show interfaces irb unit 500 family inet address 10.1.1.10/8 vrrp-group commands. If the output does not display the intended configuration, repeat the instructions in this example to correct the configuration.

(Optional) Configuring MAC Address Synchronization

CLI Quick Configuration

Configuring QFX1 and QFX2

Step-by-Step Procedure

1. Configure MAC address synchronization in the MC-LAG VLAN on both QFX1 and QFX2.
   [edit]

user@switch# set vlans v10 mcae-mac-synchronize

QFX1 and QFX2

From configuration mode, confirm your configuration by entering the show vlans v10 command. If the output does not display the intended configuration, repeat the instructions in this example to correct the configuration.

(Optional) Configuring OSPF

CLI Quick Configuration

Configuring QFX1 and QFX2

Step-by-Step Procedure

1. Configure an OSPF area on QFX1, QFX2, and QFX3.

QFX1, QFX2, and QFX3

From configuration mode, confirm your configuration by entering the show protocols ospf commands. If the output does not display the intended configuration, repeat the instructions in this example to correct the configuration.

(Optional) Configuring PIM

CLI Quick Configuration

Configuring QFX1 and QFX2

Step-by-Step Procedure

1. Configure a static rendezvous point (RP) address on QFX1 and QFX2.
2. Configure the address ranges of the multicast groups for which QFX1 and QFX2 can be a rendezvous point (RP).
3. Enable PIM on the VLAN interfaces for the MC-LAGs on QFX1 and QFX2.
4. Configure each PIM interface’s priority for being selected as the designated router (DR) on QFX1 and QFX2.

   An interface with a higher priority value has a higher probability of being selected as the DR.

   QFX1:

   QFX2:

5. Configure the minimum receive interval, minimum transmit interval, and transmit interval threshold for a Bidirectional Forwarding Detection (BFD) session for the PIM interfaces on QFX1 and QFX2.

QFX1

From configuration mode, confirm your configuration by entering the show protocols pim commands. If the output does not display the intended configuration, repeat the instructions in this example to correct the configuration.

QFX2

From configuration mode, confirm your configuration by entering the show protocols pim commands. If the output does not display the intended configuration, repeat the instructions in this example to correct the configuration.

(Optional) Configuring DHCP Relay

CLI Quick Configuration

Configuring QFX1 and QFX2

Step-by-Step Procedure

1. Configure forward snooped unicast packets on all interfaces.
   [edit fowarding-options]

user@switch# set dhcp-relay forward-snooped-clients all-interfaces
2. Create a binding entry to snoop unicast clients.
   [edit forwarding-options]

user@switch# set dhcp-relay overrides allow-snooped-clients
3. Create a DHCP server group.
   [edit forwarding-options]

user@switch# set dhcp-relay server-group GVP-DHCP 10.105.5.202
4. Apply a DHCP relay agent configuration to the named group of DHCP server addresses.
   [edit forwarding-options]

user@switch# set dhcp-relay active-server-group GVP-DHCP
5. Configure the relay agent to suppress the installation of ARP and route entries for corresponding client binding.
   [edit forwarding-options]

user@switch# set dhcp-relay route-suppression destination
6. Create a DHCP relay group that includes at least one interface.

   DHCP runs on the interfaces defined in the DHCP groups.

   [edit forwarding-options]

user@switch# set dhcp-relay group Floor1 interface irb.500
7. Configure DHCP relay with option 82.
   [edit forwarding-options]

user@switch# set dhcp-relay relay-option-82 circuit-id use-interface-description device

QFX1 and QFX2

From configuration mode, confirm your configuration by entering the show protocols pim commands. If the output does not display the intended configuration, repeat the instructions in this example to correct the configuration.

Verification

• Verifying That ICCP Is Working on QFX1

• Verifying That ICCP Is Working on QFX2

• Verifying That LACP Is Active on QFX1

• Verifying That LACP Is Active on QFX2

• Verifying That the MC-AE and ICL-PL Interfaces Are Up on QFX1

• Verifying That the MC-AE and ICL-PL Interfaces Are Up on QFX2

• Verifying That MAC Learning Is Occurring on QFX1

• Verifying That MAC Learning Is Occurring on QFX2

• Verifying That Host1 Can Connect to Host2

• Verifying That Host2 Can Connect to Host1

• Verifying That RSTP is Working on QFX1

Verifying That ICCP Is Working on QFX1

Purpose

Verify that ICCP is running on QFX1.

Action

Meaning

This output shows that the TCP connection between the peers hosting the MC-LAG is up, liveness detection is up, and MCSNOOPD and ESWD client applications are running.

Verifying That ICCP Is Working on QFX2

Purpose

Verify that ICCP is running on QFX2.

Action

show iccp

Meaning

This output shows that the TCP connection between the peers hosting the MC-LAG is up, liveness detection is up, and MCSNOOPD and ESWD client applications are running.

Verifying That LACP Is Active on QFX1

Purpose

Verify that LACP is active on QFX1.

Action

Meaning

This output shows that QFX1 is participating in LACP negotiation.

Verifying That LACP Is Active on QFX2

Purpose

Verify that LACP is active on QFX2

Action

Meaning

This output shows that QFX2 is participating in LACP negotiation.

Verifying That the MC-AE and ICL-PL Interfaces Are Up on QFX1

Purpose

Verify that the MC-AE and ICL-PL interfaces are up on QFX1

Action

Meaning

This output shows that the MC-AE interface on QFX1 is up and active.

Verifying That the MC-AE and ICL-PL Interfaces Are Up on QFX2

Purpose

Verify that the MC-AE and ICL-PL interfaces are up on QFX2.

Action

Meaning

This output shows that the MC-AE interface on QFX2 is up and active.

Verifying That MAC Learning Is Occurring on QFX1

Purpose

Verify that MAC learning is working on QFX1.

Action

Meaning

The output shows three learned MAC addresses entries.

Verifying That MAC Learning Is Occurring on QFX2

Purpose

Verify that MAC learning is working on QFX2.

Action

Meaning

The output shows three learned MAC addresses entries.

Verifying That Host1 Can Connect to Host2

Purpose

Verify that Host1 can connect to Host2.

Action

Meaning

The output shows that HOST1 received ICMP ECHO_RESPONSE messages from HOST2.

Verifying That Host2 Can Connect to Host1

Purpose

Verify that Host2 can connect to Host1.

Action

Meaning

The output shows that HOST2 received ICMP ECHO_RESPONSE messages from HOST1.

Verifying That RSTP is Working on QFX1

Purpose

Verify that RSTP is working correctly.

Action

Meaning

The output shows that the RSTP parameters are configured correctly.

Action

Meaning

The output shows that the RSTP bridge parameters are configured correctly.

Verifying That OSPF is Working on QFX1

Purpose

Verify that OSPF is working.

Action

Meaning

The output shows that the OSPF neighboring devices are fully adjacent.

Troubleshooting

Troubleshooting a LAG That Is Down

Problem

The show interfaces terse command shows that the MC-LAG is down.

Solution

Check the following:

1. Verify that there is no configuration mismatch.

2. Verify that all member ports are up.

3. Verify that the MC-LAG is part of family Ethernet switching (Layer 2 LAG).

4. Verify that the MC-LAG member is connected to the correct MC-LAG member at the other end.

Example: Configuring Multichassis Link Aggregation on the MX Series

• Requirements

• Overview

• Configuring the PE Routers

• Configuring the CE Device

• Configuring the Provider Router

• (Optional) Configuring Multichassis Link Aggregation in Active-Active Mode with RSTP

• (Optional) Configuring Multichassis Link Aggregation in Active-Active Mode with IGMP Snooping

• (Optional) Configuring VRRP

• (Optional) Configuring OSPF

• (Optional) Configuring PIM

• Verification

Requirements

This example uses the following hardware and software components:

• Four Juniper Networks MX Series routers ( MX240, MX480, MX960)

• Junos OS Release 11.2 or later running on all four routers

Overview

Consider a sample topology in which a customer edge router, CE, is connected to two provider edge (PE) routers, PE1 and PE2, respectively. The two PE devices each have a link aggregation group (LAG) connected to the CE device. The configured mode is active -active, meaning that both PE routers’ LAG ports are active and carrying traffic at the same time. PE1 and PE2 are connected to a single service provider router, P.

In this example, the CE router is not aware that its aggregated Ethernet links are connected to two separate PE devices. The two PE devices each have a LAG connected to the CE device. The configured mode is active-active, meaning that both PE routers’ LAG ports are active and carrying traffic at the same time.

In Figure 2, from the perspective of Router CE, all four ports belonging to a LAG are connected to a single service provider device. Because the configured mode is active-active, all four ports are active, and the CE device load-balances the traffic to the peering PE devices. On the PE routers, a regular LAG is configured facing the CE device.

On one end of an MC-LAG is an MC-LAG client device, such as a server, that has one or more physical links in a LAG. This client device does not need to detect the MC-LAG. On the other side of an MC-LAG are two MC-LAG routers. Each of the routers has one or more physical links connected to a single client device. The routers coordinate with each other to ensure that data traffic is forwarded properly.

ICCP messages are sent between the two PE devices. In this example, you configure an MC-LAG across two routers, consisting of two aggregated Ethernet interfaces, an interchassis link-protection link (ICL-PL), multichassis protection link for the ICL-PL, and ICCP for the peers hosting the MC-LAG.

Topology Diagram

Figure 2 shows the topology used in this example.

Figure 2: MC-LAG Active-Active Mode on MX Series Routers

Configuring the PE Routers

CLI Quick Configuration

To quickly configure this example, copy the following commands, paste them in a text file, remove any line breaks, change any details necessary to match your network configuration, copy and paste the commands into the CLI at the [edit] hierarchy level, and then enter commit from configuration mode.

Configuring the PE1 Router

Step-by-Step Procedure

1. Specify the number of aggregated Ethernet interfaces to be created.

2. Specify the members to be included within the aggregated Ethernet bundles.

3. Configure the interfaces that connect to senders or receivers, the ICL interfaces, and the ICCP interfaces.

4. Configure parameters on the aggregated Ethernet bundles.

5. Configure LACP on the aggregated Ethernet bundles.

6. Configure the MC-LAG interfaces.

   The multichassis aggregated Ethernet identification number (mc-ae-id) specifies which link aggregation group the aggregated Ethernet interface belongs to. The ae0 interfaces on Router PE1 and Router PE2 are configured with mc-ae-id 5. The ae1 interfaces on Router PE1 and Router PE2 are configured with mc-ae-id 10.

   The redundancy-group 10 statement is used by ICCP to associate multiple chassis that perform similar redundancy functions and to establish a communication channel so that applications on peering chassis can send messages to each other. The ae0 and ae1 interfaces on Router PE1 and Router PE2 are configured with the same redundancy group, redundancy-group 10.

   The chassis-id statement is used by LACP for calculating the port number of the MC-LAG's physical member links. Router PE1 uses chassid-id 1 to identify both its ae0 and ae1 interfaces. Router PE2 uses chassis-id 0 to identify both its ae0 and ae1 interfaces.

   The mode statement indicates whether an MC-LAG is in active-standby mode or active-active mode. Chassis that are in the same group must be in the same mode.

7. Configure a domain that includes the set of logical ports.

   The ports within a bridge domain share the same flooding or broadcast characteristics in order to perform Layer 2 bridging.

   The bridge-level service-id statement is required to link related bridge domains across peers (in this case Router PE1 and Router PE2), and must be configured with the same value.

8. Configure ICCP parameters.

9. Configure the service ID at the global level.

   You must configure the same unique network-wide configuration for a service in the set of PE routers providing the service. This service ID is required if the multichassis aggregated Ethernet interfaces are part of a bridge domain.

Results

From configuration mode, confirm your configuration by entering the show bridge-domains, show chassis, show interfaces, show protocols, and show switch-options commands. If the output does not display the intended configuration, repeat the instructions in this example to correct the configuration.

If you are done configuring the device, enter commit from configuration mode.

Repeat the procedure for Router PE2, using the appropriate interface names and addresses.

Configuring the CE Device

CLI Quick Configuration

To quickly configure this example, copy the following commands, paste them in a text file, remove any line breaks, change any details necessary to match your network configuration, copy and paste the commands into the CLI at the [edit] hierarchy level , and then enter commit from configuration mode.

Configuring the CE Device

Step-by-Step Procedure

1. Specify the number of aggregated Ethernet interfaces to be created.

2. Specify the members to be included within the aggregated Ethernet bundle.

3. Configure an interface that connects to senders or receivers.

4. Configure parameters on the aggregated Ethernet bundle.

5. Configure LACP on the aggregated Ethernet bundle.

   The active statement initiates transmission of LACP packets.

   For the system-priority statement, a smaller value indicates a higher priority. The device with the lower system priority value determines which links between LACP partner devices are active and which are in standby mode for each LACP group. The device on the controlling end of the link uses port priorities to determine which ports are bundled into the aggregated bundle and which ports are put in standby mode. Port priorities on the other device (the noncontrolling end of the link) are ignored.

6. Configure a domain that includes the set of logical ports.

   The ports within a bridge domain share the same flooding or broadcast characteristics in order to perform Layer 2 bridging.

Results

From configuration mode, confirm your configuration by entering the show bridge-domains, show chassis, and show interfaces commands. If the output does not display the intended configuration, repeat the instructions in this example to correct the configuration.

If you are done configuring the device, enter commit from configuration mode.

Configuring the Provider Router

CLI Quick Configuration

To quickly configure this example, copy the following commands, paste them in a text file, remove any line breaks, change any details necessary to match your network configuration, copy and paste the commands into the CLI at the [edit] hierarchy level, and then enter commit from configuration mode.

Configuring the PE Router

Step-by-Step Procedure

1. Specify the number of aggregated Ethernet interfaces to be created.

2. Specify the members to be included within the aggregated Ethernet bundle.

3. Configure an interface that connects to senders or receivers.

4. Configure parameters on the aggregated Ethernet bundle.

5. Configure LACP on the aggregated Ethernet bundle.

6. Configure a domain that includes the set of logical ports.

Results

From configuration mode, confirm your configuration by entering the show bridge-domains, show chassis, and show interfaces commands. If the output does not display the intended configuration, repeat the instructions in this example to correct the configuration.

If you are done configuring the device, enter commit from configuration mode.

(Optional) Configuring Multichassis Link Aggregation in Active-Active Mode with RSTP

CLI Quick Configuration

Configuring the PE1 and PE2 Routers

Step-by-Step Procedure

1. Enable RSTP globally on all interfaces.

2. 2. Configure the MC-LAG interfaces as edge ports on PE1 and PE2.

   Note

   The ae1 interface is a downstream interface. This is why RSTP and bpdu-block-on-edge need to be configured.

3. 3. Enable BPDU blocking on all interfaces except for the ICL-PL interfaces on PE1 and PE2.

   Note

   The ae1 interface is a downstream interface. This is why RSTP and bpdu-block-on-edge need to be configured.

Results

From configuration mode, confirm your configuration by entering the show protocols rstp commands. If the output does not display the intended configuration, repeat the instructions in this example to correct the configuration.

(Optional) Configuring Multichassis Link Aggregation in Active-Active Mode with IGMP Snooping

CLI Quick Configuration

Configuring the PE1 Router

Step-by-Step Procedure

1. At the global level and also in the bridge domain, replicate IGMP join and leave messages from the active link to the standby link of a dual-link MC-LAG interface, to enable faster recovery of membership information after failover.

2. (Optional) ) Suppress MC-LAG reports to optimize the syncing of the ICCP messages. By default, every IGMP packet received on the MC-AE interface is replicated to the peer. If multiple hosts behind the CE router send reports for the same group, all the packets are synced even though only a single report is used for building the IGMP snooping state on the peer. Also all subsequent refreshes sent in response to the IGMP queries are also synced to this peer. This requires significant CPU cycles on both peers which send and receive these reports over ICCP. Starting with Junos OS Release 16.1, you can configure the suppress-report statement at the [edit multicast-snooping-options multichassis-lag-replicate-state] hierarchy level to optimize the syncing of the ICCP messages.

   Optimizing the syncing of ICCP messages ensures that the message exchanges using ICCP between the peers is more efficient. This also improves scaling by ensuring that the membership state is present only at the receiving PE.Note

   Because the IGMP reports/leaves sent between the MC-LAG peers are suppressed, IGMP snooping statistics will not be the same on both peers. Total statistics will be the sum of the IGMP reports received on both MCLAG peers. When MC-LAG reports are suppressed, the MCSNOOPD client application will not receive the source IP address (host information).

3. Configure multicast snooping for the MC-LAG interfaces.

   Note

   Starting with Junos OS Release 16.1, you can selectively add ICL to preserve ICL bandwidth. To do this, you must not configure the ICL as an multicast-router-interface as specified in this step. Instead, you must configure the enhanced-ip statement.

   When you configure to selectively add ICL, control packets are directly sent from PFE to RPD. Therefore, if an IRB interface is attached to a bridge domain, the proxy functionality in the L2 domain will not be effective because MCSNOOPD only proxies to external routers connected to the physical interfaces. In such scenarios, you can enable proxy to IRB. To do this, configure the irbstatement at the [edit protocols igmp-snooping proxy] hierarchy level.

Results

From configuration mode, confirm your configuration by entering the show bridge-domains bd0 multicast-snooping-options, show bridge-domains multicast-snooping-options, and show bridge-domains bd0 protocols commands. If the output does not display the intended configuration, repeat the instructions in this example to correct the configuration.

Configuring the PE2 Router

Step-by-Step Procedure

1. At the global level and also in the bridge domain, replicate IGMP join and leave messages from the active link to the standby link of a dual-link MC-LAG interface, to enable faster recovery of membership information after failover.

2. (Optional) ) Suppress MC-LAG reports to optimize the syncing of the ICCP messages. By default, every IGMP packet received on the MC-AE interface is replicated to the peer. If multiple hosts behind the CE router send reports for the same group, all the packets are synced even though only a single report is used for building the IGMP snooping state on the peer. Also all subsequent refreshes sent in response to the IGMP queries are also synced to this peer. This requires significant CPU cycles on both peers which send and receive these reports over ICCP. Starting with Junos OS Release 16.1, you can configure the suppress-report statement at the [edit multicast-snooping-options multichassis-lag-replicate-state] hierarchy level to optimize the syncing of the ICCP messages.

   Optimizing the syncing of ICCP messages ensures that the message exchanges using ICCP between the peers is more efficient. This also improves scaling by ensuring that the membership state is present only at the receiving PE.Note

   Because the IGMP reports/leaves sent between the MC-LAG peers are suppressed, IGMP snooping statistics will not be the same on both peers. Total statistics will be the sum of the IGMP reports received on both MCLAG peers. When MC-LAG reports are suppressed, the MCSNOOPD client application will not receive the source IP address (host information).

3. Configure multicast snooping for the MC-LAG interfaces.

   Note

   Starting with Junos OS Release 16.1, you can selectively add ICL to preserve ICL bandwidth. To do this, you must not configure the ICL as an multicast-router-interface as specified in this step. Instead, you must configure the enhanced-ip statement.

   When you configure to selectively add ICL, control packets are directly sent from PFE to RPD. Therefore, if an IRB interface is attached to a bridge domain, the proxy functionality in the L2 domain will not be effective because MCSNOOPD only proxies to external routers connected to the physical interfaces. In such scenarios, you can enable proxy to IRB. To do this, configure the irbstatement at the [edit protocols igmp-snooping proxy] hierarchy level.

Results

From configuration mode, confirm your configuration by entering the show bridge-domains bd0 multicast-snooping-options, show bridge-domains multicast-snooping-options, and show bridge-domains bd0 protocols commands. If the output does not display the intended configuration, repeat the instructions in this example to correct the configuration.

(Optional) Configuring VRRP

CLI Quick Configuration

Configuring the PE1 Router

Step-by-Step Procedure

1. Create a Integrated Routing and Bridging (IRB), assign a virtual IP address that is shared between each router in the VRRP group, and assign an individual IP address for each router in the VRRP group.

2. Assign the priority for each router in the VRRP group.

   Note

   The router configured with the highest priority is the master.

3. Enable the router to accept all packets destined for the virtual IP address.

Step-by-Step Procedure

1. Create a Integrated Routing and Bridging (IRB), assign a virtual IP address that is shared between each router in the VRRP group, and assign an individual IP address for each router in the VRRP group.

2. Assign the priority for each router in the VRRP group..

   Note

   The router configured with the highest priority is the master.

3. Enable the router to accept all packets destined for the virtual IP address.

Results

From configuration mode, confirm your configuration by entering the show interfaces irb command. If the output does not display the intended configuration, repeat the instructions in this example to correct the configuration.

(Optional) Configuring OSPF

CLI Quick Configuration

Configuring the PE1 Router

Step-by-Step Procedure

1. To configure OSPF as the Layer 3 protocol:

   Configure an OSPF area.

2. Assign the VLAN interfaces for the MC-LAGs as interfaces to the OSPF area:

3. Configure the minimum receive interval, minimum transmit interval, and transmit interval threshold for a Bidirectional Forwarding Detection (BFD) session for the OSPF interfaces .

Step-by-Step Procedure

1. To configure OSPF as the Layer 3 protocol:

   Configure an OSPF area.

2. Assign the VLAN interfaces for the MC-LAGs as interfaces to the OSPF area:

3. Configure the minimum receive interval, minimum transmit interval, and transmit interval threshold for a Bidirectional Forwarding Detection (BFD) session for the OSPF interfaces .

Results

From configuration mode, confirm your configuration by entering the show protocols ospf command. If the output does not display the intended configuration, repeat the instructions in this example to correct the configuration.

(Optional) Configuring PIM

CLI Quick Configuration

Configuring the PE1 Router

Step-by-Step Procedure

1. Configure a static rendezvous point (RP) address.

2. Configure the address ranges of the multicast groups for which PE1 and PE2 can be a rendezvous point (RP).

3. Enable PIM on the VLAN interfaces for the MC-LAG.

4. Configure each PIM interface’s priority for being selected as the designated router (DR).

5. Configure the minimum receive interval, minimum transmit interval, and transmit interval threshold for a Bidirectional Forwarding Detection (BFD) session for the PIM interfaces on PE1 and PE2.

Step-by-Step Procedure

1. Configure a static rendezvous point (RP) address.

2. Configure the address ranges of the multicast groups for which PE1 and PE2 can be a rendezvous point (RP).

3. Enable PIM on the VLAN interfaces for the MC-LAG.

4. Configure each PIM interface’s priority for being selected as the designated router (DR).

5. Configure the minimum receive interval, minimum transmit interval, and transmit interval threshold for a Bidirectional Forwarding Detection (BFD) session for the PIM interfaces.

Results

From configuration mode, confirm your configuration by entering the show protocols ospf command. If the output does not display the intended configuration, repeat the instructions in this example to correct the configuration.

Verification

Example: Configuring Multichassis Link Aggregation on EX9200 Switches in the Core for Campus Networks

• Requirements

• Overview

• Configuration

• (Optional) Configuring RSTP

• (Optional) Configuring IGMP Snooping

• (Optional) Configuring VRRP

• (Optional) Configuring MAC Address Synchronization

• (Optional) Configuring OSPF

• (Optional) Configuring PIM

• (Optional) Configuring DHCP Relay

• Verification

Requirements

• Junos OS Release 13.2R5.10 for EX Series

• Two EX9200 switches

• Configure aggregated Ethernet interfaces on a switch. See Configuring an Aggregated Ethernet Interface.

• Configure the Link Aggregation Control Protocol (LACP) on aggregated Ethernet interfaces on a switch. See Configuring Aggregated Ethernet LACP (CLI Procedure).

Overview

In this example, you configure an MC-LAG across two switches, consisting of two aggregated Ethernet interfaces, an interchassis link-protection link (ICL-PL), multichassis protection link for the ICL-PL, ICCP for the peers hosting the MC-LAG, and Layer 3 connectivity between MC-LAG peers. Layer 3 connectivity is required for ICCP.

Topology

The topology used in this example consists of two switches hosting an MC-LAG. The two switches are connected to an EX4600 switch and an MX80 router. Figure 3 shows the topology of this example.

Figure 3: Topology Diagram

Table 1 details the topology used in this configuration example.

Configuration

CLI Quick Configuration

To quickly configure this example, copy the following commands, paste them in a text file, remove any line breaks, change any details necessary to match your network configuration, copy and paste the commands into the CLI at the [edit] hierarchy level, and then enter commit from configuration mode.

Configuring MC-LAG on Switch A

Step-by-Step Procedure

1. Configure the number of aggregated Ethernet interfaces to be created on Switch A.
   [edit chassis]

user@switch# set aggregated-devices ethernet device-count 20
2. Add member interfaces to the aggregated Ethernet interfaces that will be used for the Inter-Chassis Control Protocol (ICCP) interface.
   [edit interfaces]

user@switch# set et-1/0/0 ether-options 802.3ad ae0

   user@switch# set et-1/0/1 ether-options 802.3ad ae0

   Specify the member interfaces that belong to interface ae2.

   [edit interfaces]

user@switch# set et-1/2/0 ether-options 802.3ad ae2
3. Configure the member interfaces for the interchassis link (ICL) with a hold-time value that is higher than the configured BFD timer to prevent the ICL from being advertised as being down before the ICCP link is down.

   If the ICL goes down before the ICCP link goes down, the MC-LAG interface configured as the standby status-control peer goes up and down. The interface going up and down causes a delay in convergence.

   [edit interfaces]

user@switch# set xe-2/0/3 hold-time up 100

   user@switch# set xe-2/0/3 hold-time down 9000

   user@switch# set xe-2/0/3 ether-options 802.3ad ae1

   user@switch# set xe-2/0/4 hold-time up 100

   user@switch# set xe-2/0/4 hold-time down 9000

   user@switch# set xe-2/0/4 ether-options 802.3ad ae1
4. Specify the members that belong to ae4.

   Specify the members that belong to ae4.

   [edit interfaces]

user@switch# set xe-2/0/0 ether-options 802.3ad ae4
5. Configure ae0 as a Layer 3 interface.
   [edit interfaces]

user@switch# set ae0 aggregated-ether-options lacp active

   user@switch# set ae0 aggregated-ether-options lacp periodic fast

   user@switch# set ae0 unit 0 family inet address 192.168.90.1/24
6. Configure ae1 as a Layer 2 interface.
   [edit interfaces]

user@switch# set ae1 description ICL-LINK

   user@switch# set ae1 aggregated-ether-options lacp active

   user@switch# set ae1 aggregated-ether-options lacp periodic fast
7. Configure a trunk interface between EX9200-A and EX9200-B.
   [edit interfaces]

user@switch# set ae1 unit 0 family ethernet-switching interface-mode trunk

   user@switch# set ae1 unit 0 family ethernet-switching vlan members all
8. Configure the LACP parameters on ae2.
   [edit interfaces]

user@switch# set ae2 aggregated-ether-options lacp active

   user@switch# set ae2 aggregated-ether-options lacp periodic fast
9. Configure the LACP administration key on ae2.
   [edit interfaces]

user@switch# set ae2 aggregated-ether-options lacp system-id 00:01:02:03:04:06
10. Configure the MC-AE interface properties.
    [edit interfaces]

user@switch# set ae2 aggregated-ether-options lacp admin-key 3

    user@switch# set ae2 aggregated-ether-options mc-ae mc-ae-id 3

    user@switch# set ae2 aggregated-ether-options mc-ae redundancy-group 1
11. Specify a unique chassis ID for the MC-LAG that the aggregated Ethernet interface belongs to.
    [edit interfaces]

user@switch# set ae2 aggregated-ether-options mc-ae chassis-id 0
12. Specify the mode of the MC-LAG that the aggregated Ethernet interface belongs to.
    [edit interfaces]

user@switch# set ae2 aggregated-ether-options mc-ae mode active-active
13. Configure the status control on the switch that hosts the MC-LAG.

    If one switch is in active mode, then the other switch must be in standby mode.

    [edit interfaces]

user@switch# set ae2 aggregated-ether-options mc-ae status-control active
14. Specify the time in seconds by when routing adjacencies must form.
    [edit interfaces]

user@switch# set ae2 aggregated-ether-options mc-ae init-delay-time 520
15. Specify that if a peer of the MC-LAG group goes down, the peer that is configured as status-control active becomes the active peer.
    [edit interfaces]

user@switch# set ae2 aggregated-ether-options mc-ae events iccp-peer-down prefer-status-control-active
16. Configure ae2 as a trunk port with membership in all VLANs.
    [edit interfaces]

user@switch# set ae2 unit 0 family ethernet-switching interface-mode trunk

    user@switch# set ae2 unit 0 family ethernet-switching vlan members all
17. Configure the LACP parameters on ae4.
    [edit interfaces]

user@switch# set ae4 aggregated-ether-options lacp active

    user@switch# set ae4 aggregated-ether-options lacp periodic fast
18. Specify the LACP administration key.
    [edit interfaces]

user@switch# set ae4 aggregated-ether-options lacp system-id 00:01:02:03:04:06

    user@switch# set ae4 aggregated-ether-options lacp admin-key 7

    user@switch# set ae4 aggregated-ether-options mc-ae mc-ae-id 7

    user@switch# set ae4 aggregated-ether-options mc-ae redundancy-group 1
19. Specify a unique chassis ID for the MC-LAG that the aggregated Ethernet interface belongs to.
    [edit interfaces]

user@switch# set ae4 aggregated-ether-options mc-ae chassis-id 0

    user@switch# set ae4 aggregated-ether-options mc-ae mode active-active
20. Configure the status control on the switch that hosts the MC-LAG.

    If one switch is in active mode, then the other switch must be in standby mode.

    [edit interfaces]

user@switch# set ae4 aggregated-ether-options mc-ae status-control active

    user@switch# set ae4 aggregated-ether-options mc-ae init-delay-time 520

    user@switch# set ae4 aggregated-ether-options mc-ae events iccp-peer-down prefer-status-control-active
21. Configure ae4 as a Layer 2 interface.
    [edit interfaces]

user@switch# set ae4 unit 0 family ethernet-switching interface-mode trunk

    user@switch# set ae4 unit 0 family ethernet-switching vlan members v54
22. Configure VLAN rack_1 and configure a Layer 3 IRB interface on VLAN rack_1.
    [edit vlans]

user@switch# set rack_1 vlan-id 100

    user@switch# set rack_1 l3-interface irb.100
23. Configure VLAN rack_1.
    [edit vlans]

user@switch# set rack_1 vlan-id 54
24. Configure VLAN 54 and configure a Layer 3 IRB on VLAN 54.
    [edit vlans]

user@switch# set v54 vlan-id 54

    user@switch# set v54 l3-interface irb.54
25. Configure an IRB interface on VLAN 54.

    You must configure static ARP on the MC-LAG peers to allow routing protocols to traverse over the IRB interface.

    [edit interfaces]

user@switch# set irb unit 54 family inet address 192.168.54.2/24 arp 192.168.54.1 l2-interface ae1.0

    user@switch# set irb unit 54 family inet address 192.168.54.2/24 arp 192.168.54.1 mac 3c:8a:b0:85:78:70
26. Configure static ARP on the MC-LAG peers to allow routing protocols to traverse over the IRB interface
    [edit interfaces]

user@switch# set irb unit 100 family inet address 192.168.10.3/24 arp 192.168.10.2 l2-interface ae1.0

    user@switch# set irb unit 100 family inet address 192.168.10.3/24 arp 192.168.10.2 mac 3c:8a:b0:85:78:70
27. Configure a loopback interface.
    [edit interfaces]

user@switch# set lo0 unit 0 family inet address 192.168.39.2/32
28. Configure ICCP using the loopback address.
    [edit protocols]

user@switch# set iccp local-ip-addr 192.168.39.1
29. Configure the session establishment hold time for ICCP to connect faster.Note

    We recommend 50 seconds as the session establishment hold time value.

    [edit protocols]

user@switch# set iccp peer 192.168.39.2 session-establishment-hold-time 50

    user@switch# set iccp peer 192.168.39.2 redundancy-group-id-list 1

    user@switch# set iccp peer 192.168.39.2 backup-liveness-detection backup-peer-ip 10.105.5.6
30. To enable Bidirectional Forwarding Detection (BFD), configure the minimum receive interval.

    We recommend a minimum receive interval value of 6 seconds.

    [edit protocols]

user@switch# set iccp peer 192.168.39.2 liveness-detection minimum-interval 2000

    user@switch# set iccp peer 192.168.39.2 liveness-detection multiplier 4

    
    
    

    [edit multi-chassis]

user@switch# set multi-chassis-protection 192.168.39.2 interface ae1
31. Specify the switch service ID.

    The switch service ID is used to synchronize applications, IGMP, ARP, and MAC learning across MC-LAG members.

    [edit switch-options]

user@switch# set service-id 1

Configuring MC-LAG on Switch B

Step-by-Step Procedure

1. Configure the number of aggregated Ethernet interfaces to be created on Switch A.
   [edit chassis]

user@switch# set aggregated-devices ethernet device-count 20
2. Add member interfaces to the aggregated Ethernet interfaces that will be used for the Inter-Chassis Control Protocol (ICCP) interface.
   [edit interfaces]

user@switch# set et-1/0/0 ether-options 802.3ad ae0

   user@switch# set et-1/0/1 ether-options 802.3ad ae0
3. Specify the member interfaces that belong to interface ae2.
   [edit interfaces]

user@switch# set et-1/2/0 ether-options 802.3ad ae2
4. Configure the member interfaces for the interchassis link (ICL) with a hold-time value that is higher than the configured BFD timer to prevent the ICL from being advertised as being down before the ICCP link is down.

   If the ICL goes down before the ICCP link goes down, the MC-LAG interface configured as the standby status-control peer goes up and down. The interface going up and down causes a delay in convergence.

   [edit interfaces]

user@switch# set xe-2/0/3 hold-time up 100

   user@switch# set xe-2/0/3 hold-time down 9000

   user@switch# set xe-2/0/3 ether-options 802.3ad ae1

   user@switch# set xe-2/0/4 hold-time up 100

   user@switch# set xe-2/0/4 hold-time down 9000

   user@switch# set xe-2/0/4 ether-options 802.3ad ae1
5. Specify the members that belong to ae4.
   [edit interfaces]

user@switch# set xe-2/0/0 ether-options 802.3ad ae4
6. Configure ae0 as a Layer 3 interface.
   [edit interfaces]

user@switch# set ae0 aggregated-ether-options lacp active

   user@switch# set ae0 aggregated-ether-options lacp periodic fast

   user@switch# set ae0 unit 0 family inet address 192.168.90.2/24
7. Configure ae1 as a Layer 2 interface.
   [edit interfaces]

user@switch# set ae1 description ICL-LINK

   user@switch# set ae1 aggregated-ether-options lacp active

   user@switch# set ae1 aggregated-ether-options lacp periodic fast
8. Configure a trunk interface between EX9200-A and EX9200-B.
   [edit interfaces]

user@switch# set ae1 unit 0 family ethernet-switching interface-mode trunk

   user@switch# set ae1 unit 0 family ethernet-switching vlan members all
9. Configure the LACP parameters on ae2.
   [edit interfaces]

user@switch# set ae2 aggregated-ether-options lacp active

   user@switch# set ae2 aggregated-ether-options lacp periodic fast
10. Configure the LACP administration key on ae2.
    [edit interfaces]

user@switch# set ae2 aggregated-ether-options lacp system-id 00:01:02:03:04:05
11. Configure the MC-AE interface properties.
    [edit interfaces]

user@switch# set ae2 aggregated-ether-options lacp admin-key 3

    user@switch# set ae2 aggregated-ether-options mc-ae mc-ae-id 3

    user@switch# set ae2 aggregated-ether-options mc-ae redundancy-group 1
12. Specify a unique chassis ID for the MC-LAG that the aggregated Ethernet interface belongs to.
    [edit interfaces]

user@switch# set ae2 aggregated-ether-options mc-ae chassis-id 1
13. Specify the mode of the MC-LAG that the aggregated Ethernet interface belongs to.
    [edit interfaces]

user@switch# set ae2 aggregated-ether-options mc-ae mode active-active
14. Specify the time in seconds by when routing adjacencies must form.
    [edit interfaces]

user@switch# set ae2 aggregated-ether-options mc-ae init-delay-time 520
15. Specify that if a peer of the MC-LAG group goes down, the peer that is configured as status-control active becomes the active peer.
    [edit interfaces]

user@switch# set ae2 aggregated-ether-options mc-ae events iccp-peer-down prefer-status-control-active
16. Configure the status control on the switch that hosts the MC-LAG.

    If one switch is in active mode, then the other switch must be in standby mode.

    [edit interfaces]

user@switch# set ae2 aggregated-ether-options mc-ae status-control standby
17. Configure ae2 as a trunk port with membership in all VLANs.
    [edit interfaces]

user@switch# set ae2 unit 0 family ethernet-switching interface-mode trunk

    user@switch# set ae2 unit 0 family ethernet-switching vlan members all
18. Configure the LACP parameters on ae4.
    [edit interfaces]

user@switch# set ae4 aggregated-ether-options lacp active

    user@switch# set ae4 aggregated-ether-options lacp periodic fast
19. Specify the LACP administration key.
    [edit interfaces]

user@switch# set ae4 aggregated-ether-options lacp system-id 00:01:02:03:04:06

    user@switch# set ae4 aggregated-ether-options lacp admin-key 7

    user@switch# set ae4 aggregated-ether-options mc-ae mc-ae-id 7

    user@switch# set ae4 aggregated-ether-options mc-ae redundancy-group 1
20. Specify a unique chassis ID for the MC-LAG that the aggregated Ethernet interface belongs to.
    [edit interfaces]

user@switch# set ae4 aggregated-ether-options mc-ae chassis-id 1

    user@switch# set ae4 aggregated-ether-options mc-ae mode active-active
21. Configure the status control on the switch that hosts the MC-LAG.

    If one switch is in active mode, then the other switch must be in standby mode.

    [edit interfaces]

user@switch# set ae4 aggregated-ether-options mc-ae status-control standby

    user@switch# set ae4 aggregated-ether-options mc-ae init-delay-time 520

    user@switch# set ae4 aggregated-ether-options mc-ae events iccp-peer-down prefer-status-control-active
22. Configure ae4 as a Layer 2 interface.
    [edit interfaces]

user@switch# set ae4 unit 0 family ethernet-switching interface-mode trunk

    user@switch# set ae4 unit 0 family ethernet-switching vlan members v54
23. Configure VLAN rack_1 and configure a Layer 3 IRB interface on VLAN rack_1.
    [edit vlans]

user@switch# set rack_1 vlan-id 100

    user@switch# set rack_1 l3-interface irb.100
24. Configure VLAN 54 and configure an IRB on VLAN 54.
    [edit vlans]

user@switch# set v54 vlan-id 54

    user@switch# set v54 l3-interface irb.54
25. Configure static ARP on the MC-LAG peers to allow routing protocols to traverse over the IRB interface.
    [edit interfaces]

user@switch# set irb unit 54 family inet address 192.168.54.1/24 arp 192.168.54.2 l2-interface ae1.0

    user@switch# set irb unit 54 family inet address 192.168.54.1/24 arp 192.168.54.2 mac mac 00:1f:12:b6:6f:f0
26. Configure static Address Resolution Protocol (ARP) on the MC-LAG IRB peers to allow routing protocols to traverse the IRB interface.
    [edit interfaces]

user@switch# set irb unit 100 family inet address 192.168.10.2/24 arp 192.168.10.3 l2-interface ae1.0

    user@switch# set irb unit 100 family inet address 192.168.10.2/24 arp 192.168.10.3 mac 00:1f:12:b6:6f:f0
27. Configure a loopback interface.
    [edit interfaces]

user@switch# set lo0 unit 0 family inet address 192.168.39.2/32
28. Configure ICCP using the loopback address.
    [edit protocols]

user@switch# set iccp local-ip-addr 192.168.39.2
29. Configure the session establishment hold time for ICCP to connect faster.Note

    We recommend 50 seconds as the session establishment hold time value.

    [edit protocols]

user@switch# set iccp peer 192.168.39.1 session-establishment-hold-time 50

    user@switch# set iccp peer 192.168.39.1 redundancy-group-id-list 1

    user@switch# set iccp peer 192.168.39.1 backup-liveness-detection backup-peer-ip 10.105.5.5
30. To enable Bidirectional Forwarding Detection (BFD), configure the minimum receive interval.

    We recommend a minimum receive interval value of 6 seconds.

    [edit protocols]

user@switch# set iccp peer 192.168.39.1 liveness-detection minimum-interval 2000

    user@switch# set iccp peer 192.168.39.1 liveness-detection multiplier 4

    
    
    

    [edit multi-chassis]

user@switch# set multi-chassis-protection 192.168.39.1 interface ae1
31. Specify the switch service ID.

    The switch service ID is used to synchronize applications, IGMP, ARP, and MAC learning across MC-LAG members.

    [edit switch-options]

user@switch# set service-id 1

Results

Display the results of the configuration on EX9200-A.

Display the results of the configuration on EX9200-B.

(Optional) Configuring RSTP

CLI Quick Configuration

Configuring Switch A and Switch B

Step-by-Step Procedure

1. Enable the Rapid Spanning Tree Protocol on the ae2 and ae4 interfaces for optional loop prevention.
   [edit protocols]

user@switch# set rstp interface ae2

   user@switch# set rstp interface ae4
2. Configure the system identifier.
   [edit protocols]

user@switch# set rstp system-identifier 00:01:02:03:04:05
3. Set Rapid Spanning Tree Protocol priority to 0. This will make the MC-AE node the highest priority.
   [edit protocols]

user@switch# set rstp bridge-priority 0

Switch A and Switch B

From configuration mode, confirm your configuration by entering the show protocols rstp commands. If the output does not display the intended configuration, repeat the instructions in this example to correct the configuration.

(Optional) Configuring IGMP Snooping

CLI Quick Configuration

Configuring Switch A and Switch B

Step-by-Step Procedure

1. Enable IGMP snooping for all VLANs.
   [edit protocols]

user@switch# set igmp-snooping vlan rack_1

   user@switch# set igmp-snooping vlan v54
2. Synchronize multicast states across MC-LAG peers when bridge domains are configured.

   At the global level, IGMP join and leave messages are replicated from the MC-LAG interface active link to the standby link to enable faster recovery of membership information after a failover.

   [edit multicast-snooping-options]

user@switch# set multichassis-lag-replicate-state
3. Configure the ICL-PL interface as a router-facing interface.
   [edit protocols]

user@switch# set igmp-snooping vlan rack_1 interface ae1.0 multicast-router-interface

   user@switch# set igmp-snooping vlan v54 interface ae1.0 multicast-router-interface

Switch A and Switch B

From configuration mode, confirm your configuration by entering the show protocols igmp and show multicast-snooping-options commands. If the output does not display the intended configuration, repeat the instructions in this example to correct the configuration.

(Optional) Configuring VRRP

CLI Quick Configuration

Configuring Switch A

Step-by-Step Procedure

1. Enable VRRP on the MC-LAGs by creating an IRB interface for each MC-LAG, assign a virtual IP address that is shared between each switch in the VRRP group, and assign an individual IP address for each individual member in the VRRP group.
   [edit interfaces]

user@switch# set irb unit 100 family inet address 192.168.10.3/24 vrrp-group 1 virtual-address 192.168.10.1

   user@switch# set irb unit 100 family inet address 192.168.10.3/24 vrrp-group 1 priority 150

   user@switch# set irb unit 100 family inet address 192.168.10.3/24 vrrp-group 1 accept-data
2. Enable VRRP on the MC-LAGs by creating an IRB interface for each MC-LAG, assign a virtual IP address that is shared between each switch in the VRRP group, and assign an individual IP address for each individual member in the VRRP group.
   [edit interfaces]

user@switch# set irb unit 54 family inet address 192.168.54.2/24 vrrp-group 4 virtual-address 192.168.54.3

   user@switch# set irb unit 54 family inet address 192.168.54.2/24 vrrp-group 4 priority 200

Switch A

From configuration mode, confirm your configuration by entering the show interfaces irb unit 100 family inet address 192.168.10.3/24 vrrp-group and show interfaces irb unit 100 family inet address 192.168.54.2/24 vrrp-group commands. If the output does not display the intended configuration, repeat the instructions in this example to correct the configuration.

Configuring Switch B

Step-by-Step Procedure

1. Enable VRRP on the MC-LAGs by creating an IRB interface for each MC-LAG, assign a virtual IP address that is shared between each switch in the VRRP group, and assign an individual IP address for each individual member in the VRRP group.
   [edit interfaces]

user@switch# set irb unit 100 family inet address 192.168.10.2/24 vrrp-group 1 virtual-address 192.168.10.1

   user@switch# set irb unit 100 family inet address 192.168.10.2/24 vrrp-group 1 priority 150

   user@switch# set irb unit 100 family inet address 192.168.10.2/24 vrrp-group 1 accept-data
2. Enable VRRP on the MC-LAGs by creating an IRB interface for each MC-LAG, assign a virtual IP address that is shared between each switch in the VRRP group, and assign an individual IP address for each individual member in the VRRP group.
   [edit interfaces]

user@switch# set irb unit 54 family inet address 192.168.54.1/24 vrrp-group 4 virtual-address 192.168.54.3

   user@switch# set irb unit 54 family inet address 192.168.54.1/24 vrrp-group 4 priority 150

Switch B

From configuration mode, confirm your configuration by entering the show protocols rstp commands. If the output does not display the intended configuration, repeat the instructions in this example to correct the configuration.

(Optional) Configuring MAC Address Synchronization

CLI Quick Configuration

Configuring Switch A and Switch B

Step-by-Step Procedure

1. Configure MAC address synchronization in the MC-LAG VLAN on both Switch A and Switch B.
   [edit]

user@switch# set vlans v100 mcae-mac-synchronize

   [edit]

user@switch# set vlans v54 mcae-mac-synchronize

Switch A and Switch B

From configuration mode, confirm your configuration by entering the show vlans v100 and show vlans v54 commands. If the output does not display the intended configuration, repeat the instructions in this example to correct the configuration.

(Optional) Configuring OSPF

CLI Quick Configuration

Configuring Switch A and Switch B

Step-by-Step Procedure

1. Configure an OSPF area.
   [edit protocols]

user@switch# set ospf area 0.0.0.0 interface lo0.0

   user@switch# set ospf area 0.0.0.0 interface ae0.0

   user@switch# set ospf area 0.0.0.0 interface irb.54

   user@switch# set ospf area 0.0.0.0 interface irb.100

Switch A and Switch B

From configuration mode, confirm your configuration by entering the show protocols ospf commands. If the output does not display the intended configuration, repeat the instructions in this example to correct the configuration.

(Optional) Configuring PIM

CLI Quick Configuration

Configuring Switch A

Step-by-Step Procedure

1. Configure Protocol Independent Multicast (PIM) as the multicast protocol.
   [edit protocols]

user@switch# set pim interface irb.54

   user@switch# set pim interface irb.100
2. Configure the loopback interface.
   [edit protocols]

user@switch# set pim interface lo0.0
3. Configure the switch as a secondary rendezvous point (RP).

   A lower priority setting indicates that the secondary RP is in a bootstrap configuration.

   [edit protocols]

user@switch# set pim rp bootstrap-priority 150

   user@switch# set pim rp local address 192.168.39.1

Switch A

From configuration mode, confirm your configuration by entering the show protocols pim commands. If the output does not display the intended configuration, repeat the instructions in this example to correct the configuration.

Configuring Switch B

Step-by-Step Procedure

1. Configure Protocol Independent Multicast (PIM) as the multicast protocol.
   [edit protocols]

user@switch# set pim interface irb.54

   user@switch# set pim interface irb.100
2. Configure the loopback interface.
   [edit protocols]

user@switch# set pim interface lo0.0
3. Configure the switch as a secondary rendezvous point (RP).

   A lower priority setting indicates that the secondary RP is in a bootstrap configuration.

   [edit protocols]

user@switch# set pim rp bootstrap-priority 200

   user@switch# set pim rp local address 192.168.39.2

Switch B

From configuration mode, confirm your configuration by entering the show protocols pim commands. If the output does not display the intended configuration, repeat the instructions in this example to correct the configuration.

(Optional) Configuring DHCP Relay

CLI Quick Configuration

Configuring Switch A and Switch B

Step-by-Step Procedure

1. Configure forward snooped unicast packets on all interfaces.
   [edit fowarding-options]

user@switch# set dhcp-relay forward-snooped-clients all-interfaces
2. Create a binding entry to snoop unicast clients.
   [edit forwarding-options]

user@switch# set dhcp-relay overrides allow-snooped-clients
3. Create a DHCP server group.
   [edit forwarding-options]

user@switch# set dhcp-relay server-group GVP-DHCP 10.105.5.202
4. Apply a DHCP relay agent configuration to the named group of DHCP server addresses.
   [edit forwarding-options]

user@switch# set dhcp-relay active-server-group GVP-DHCP
5. Configure the relay agent to suppress the installation of ARP and route entries for corresponding client binding.
   [edit forwarding-options]

user@switch# set dhcp-relay route-suppression destination
6. Create a DHCP relay group that includes at least one interface.

   DHCP runs on the interfaces defined in the DHCP groups.

   [edit forwarding-options]

user@switch# set dhcp-relay group Floor1 interface irb.100
7. Configure DHCP relay with option 82.
   [edit forwarding-options]

user@switch# set dhcp-relay relay-option-82 circuit-id use-interface-description device

Switch A and Switch B

From configuration mode, confirm your configuration by entering the show protocols pim commands. If the output does not display the intended configuration, repeat the instructions in this example to correct the configuration.

Verification

• Verifying ICCP on MC-LAG

• Verifying LACP on MC-LAG

• Verifying Aggregated Ethernet Interfaces in MC-LAG

• Verifying MAC Learning on MC-LAG

• Verifying VRRP in MC-LAG

• Verifying OSPF on MC-LAG

Verifying ICCP on MC-LAG

Purpose

Verify that ICCP is running on each device in the MC-LAG.

Action

1. Verify that ICCP is running on Switch A.
   root@EX92000-A> show iccp
2. Verify that ICCP is running on Switch B.
   root@EX9200-B> show iccp

Meaning

This output shows that the TCP connection between the peers hosting the MC-LAG is up, liveness detection is up, and MCSNOOPD and ESWD client applications are running.

Verifying LACP on MC-LAG

Purpose

Verify that LACP is working properly on each device in the MC-LAG.

Action

1. Verify that the LACP interfaces are up and running on Switch A.
   root@EX9200-A> show lacp interfaces
2. Verify that the LACP interfaces are up and running on Switch B.
   root@EX9200-B> show lacp interfaces

Meaning

This output means that both devices and all related interfaces are properly participating in LACP negotiations.

Verifying Aggregated Ethernet Interfaces in MC-LAG

Purpose

Verify that all of the ae interfaces are configured properly in the MC–LAG.

Action

1. Verify the ae interfaces on Switch A.
   user@EX9200-A> show interfaces mc-ae
2. Verify the ae interfaces on Switch B.
   root@EX9200-B> show interface mc-ae

Meaning

This output means that the mc-ae interfaces on each device are up and active.

Verifying MAC Learning on MC-LAG

Purpose

Verify that MAC learning between devices is happening in the MC-LAG.

Action

1. Show Ethernet switching table in Switch A.
   root@EX9200-A> show ethernet-switching table
2. Show Ethernet switching table in Switch B.
   root@EX9200-B> show ethernet-switching table

Meaning

This output means that the MAC addresses are properly learned within the shared VLANs defined in the MC-LAG. This includes IRB interfaces to define the MC-LAG as well as the ICL interfaces used to configure VRRP.

Verifying VRRP in MC-LAG

Purpose

Verify that VRRP is up and active between the devices in the MC-LAG.

Action

1. Confirm that VRRP is up and active on Switch A.
   root@EX9200-A> show vrrp

   In this example, Switch A is the backup VRRP member.

2. Confirm that VRRP is up and active on Switch B.
   root@EX9200-B> show vrrp

   In this example, Switch B is the master VRRP member.

Meaning

This output means that VRRP is up and running properly.

Verifying OSPF on MC-LAG

Purpose

Verify that OSPF is properly up and running with MC-LAG.

Action

1. Show OSPF neighbors on Switch A.
   root@EX9200-A> show ospf neighbor
2. Show OSPF routing table on Switch A.
   root@EX9200-A> show ospf route
3. Show OSPF neighbors on Switch B.
   root@EX9200-B> show ospf neighbor
4. Show OSPF routing table on Switch B.
   root@EX9200-B> show ospf route

Example: Simplifying Multichassis Link Aggregation on EX9200 Switches in the Core for Campus Networks

• Requirements

• Overview

• Configuration

• Verification

Requirements

• Junos OS Release 16.1R1 for EX Series

• Two EX9200 switches

• Configure aggregated Ethernet interfaces on a switch. See Configuring an Aggregated Ethernet Interface .

• Configure the Link Aggregation Control Protocol (LACP) on aggregated Ethernet interfaces on a switch. See Configuring Aggregated Ethernet LACP (CLI Procedure) .

Overview

In this example, you configure an MC-LAG across two switches, consisting of two aggregated Ethernet interfaces, multichassis protection using the ICL, ICCP for the peers hosting the MC-LAG, and Layer 3 connectivity between MC-LAG peers. Layer 3 connectivity is required for ICCP.

To simplify the MC-LAG configuration process, you will enable configuration synchronization and configuration consistency check. Configuration synchronization enables you to easily propagate, synchronize, and commit configurations from one MC-LAG peer to another. You can log into any one of the MC-LAG peers to manage both MC-LAG peers, thus having a single point of management. Configuration consistency check uses the Inter-Chassis Control Protocol (ICCP) to exchange MC-LAG configuration parameters (chassis ID, service ID, and so on) and checks for any configuration inconsistencies across MC-LAG peers. When there is an inconsistency, you are notified and can take action to resolve it. Configuration consistency check is invoked after you issue a commit on an MC-LAG peer.

• Local, remote, and global configuration groups that are synchronized to the EX9200-B switch.

• Conditional groups.

• Apply groups.

• NETCONF over SSH.

• MC-LAG peer details and user authentication details for MC-LAG configuration synchronization.

• peers-synchronize statement to synchronize the configurations between local and remote MC-LAG peers by default.

• set multi-chassis mc-lag consistency-check command for consistency check.

• Apply groups.

• NETCONF over SSH.

• MC-LAG peer details and user authentication details for MC-LAG configuration synchronization.

• peers-synchronize statement to synchronize and commit the configurations between local and remote MC-LAG peers.

• multi-chassis mc-lag consistency-check statement to enable consistency check.

Topology

The topology used in this example consists of two switches hosting an MC-LAG. Figure 4 shows the topology of this example.

Figure 4: Topology Diagram

Table 2 details the topology used in this configuration example.

Configuration

CLI Quick Configuration

To quickly configure this example, copy the following commands, paste them in a text file, remove any line breaks, change any details necessary to match your network configuration, copy and paste the commands into the CLI at the [edit] hierarchy level, and then enter commit from configuration mode.

Configuring MC-LAG on EX9200-A

Step-by-Step Procedure

1. Create a user account to access the switch, along with a user identifier (UID), a login class, and a password.
   [edit system]

user@EX9200-A# set login user MCLAG_Admin uid 2000

   user@EX9200-A# set login user MCLAG_Admin class super-user

   user@EX9200-A# set login user MCLAG_Admin authentication encrypted-password “$ABC123”
2. Statically map EX9200-A to 10.92.76.2 and EX9200-B to 10.92.76.4.
   [edit system]

user@EX9200-A# set static-host-mapping EX9200-A inet 10.92.76.2

   user@EX9200-A# set static-host-mapping EX9200-B inet 10.92.76.4
3. Enable NETCONF service using SSH.
   [edit system]

user@EX9200-A# set services netconf ssh
4. Enable the peers-synchronize statement to copy and load the MC-LAG configuration from EX9200-A to EX9200-B by default.
   [edit system]

user@EX9200-A# set commit peers-synchronize
5. Configure the hostname, usernames, and authentication details for EX9200-B, the peer with which EX9200-A will be synchronizing the MC-LAG configuration.
   [edit system]

user@EX9200-A# set commit peers EX9200-B user MCLAG_Admin

   user@EX9200-A# set commit peers EX9200-B user authentication “$ABC123”
6. Configure an MC-LAG IRB and configure static Address Resolution Protocol (ARP) on the MC-LAG IRB peers to allow routing protocols to traverse the IRB interface.
   [edit interfaces]

user@EX9200-A# set irb unit 100 family inet address 192.168.100.2/24 arp 192.168.100.3 l2-interface ae1

   user@EX9200-A# set irb unit 100 family inet address 192.168.100.2/24 arp 192.168.100.3 mac 28:8a:1c:e5:3b:f0
7. Enable VRRP on the MC-LAGs by assigning a virtual IP address that is shared between each switch in the VRRP group, and assigning an individual IP address for each individual member in the VRRP group.
   [edit interfaces]

user@EX9200-A# set irb unit 100 family inet address 192.168.100.2/24 vrrp-group 1 virtual-address 192.168.100.1

   user@EX9200-A# set irb unit 100 family inet address 192.168.100.2/24 vrrp-group 1 priority 150

   user@EX9200-A# set irb unit 100 family inet address 192.168.100.2/24 vrrp-group 1 accept-data
8. Configure a loopback interface.
   [edit interfaces]

user@EX9200-A# set lo0 unit 0 family inet address 172.16.32.5/32
9. Configure a default gateway.
   [edit routing-options]

user@EX9200-A# set static route 0.0.0.0 next-hop 10.92.77.254
10. Configure an OSPF area that includes the loopback interface and the ICCP interface.
    [edit protocols]

user@EX9200-A# set ospf area 0.0.0.0 interface lo0 passive

    user@EX9200-A# set ospf area 0.0.0.0 interface ae0
11. Configure Link Layer Discovery Protocol for all interfaces.
    [edit protocols]

user@EX9200-A# set lldp interface all
12. Configure the number of aggregated Ethernet interfaces to be created on EX9200-A.
    [edit chassis]

user@EX9200-A# set aggregated-devices ethernet device-count 20
13. Configure a configuration group for a global MC-LAG configuration that applies to both EX9200-A and EX9200-B.

    The global configuration is synchronized between EX9200-A and EX9200-B.

    [edit groups]

user@EX9200-A# set MC_Config_Global
14. Specify the peers that will apply the MC_Config_Global configuration group.
    [edit groups]

user@EX9200-A# set MC_Config_Global when peers EX9200-A

    user@EX9200-A# set MC_Config_Global when peers EX9200-B
15. Add member interfaces to the aggregated Ethernet interfaces that will be used for the Inter-Chassis Control Protocol (ICCP) interface.
    [edit groups]

user@EX9200-A# set MC_Config_Global interfaces xe-0/3/6 ether-options 802.3ad ae0

    user@EX9200-A# set MC_Config_Global interfaces xe-1/3/6 ether-options 802.3ad ae0
16. Configure the aggregated Ethernet interface (ae0) that will be used for the Inter-Chassis Control Protocol (ICCP) interface.Note

    You will be configuring the IP address for ae0 in a later step.

    [edit groups]

user@EX9200-A# set MC_Config_Global interfaces ae0 description "ICCP Layer 3 Link with 2 members,xe-0/3/6,xe-1/3/6"
17. Configure the LACP parameters on ae0.
    [edit groups]

user@EX9200-A# set MC_Config_Global interfaces ae0 aggregated-ether-options lacp active

    user@EX9200-A# set MC_Config_Global interfaces ae0 aggregated-ether-options lacp periodic fast
18. Configure the LACP system ID on ae0.
    [edit groups]

user@EX9200-A# set MC_Config_Global interfaces ae0 aggregated-ether-options lacp system-id 00:01:02:03:04:05
19. Configure the LACP administrative key on ae0.
    [edit groups]

user@EX9200-A# set MC_Config_Global interfaces ae0 aggregated-ether-options lacp admin-key 0
20. Add member interfaces to the aggregated Ethernet interface (ae1) that will be used for the ICL.
    [edit groups]

user@EX9200-A# set MC_Config_Global interfaces xe-0/3/7 ether-options 802.3ad ae1

    user@EX9200-A# set MC_Config_Global interfaces xe-1/3/7 ether-options 802.3ad ae1
21. Configure the aggregated Ethernet interface that will be used for the ICL.
    [edit groups]

user@EX9200-A# set MC_Config_Global interfaces ae1 description "ICL Layer 2 link with 2 members,xe-0/3/7,1/3/7"
22. Configure ae1 as a Layer 2 interface.
    [edit groups]

user@EX9200-A# set MC_Config_Global ae1 unit 0 family ethernet-switching interface-mode trunk

    user@EX9200-A# set MC_Config_Global ae1 unit 0 family ethernet-switching vlan members all
23. Enable the reception and transmission of 802.1Q VLAN-tagged frames on ae1.
    [edit groups]

user@EX9200-A# set MC_Config_Global interfaces ae1 vlan-tagging
24. Configure the LACP parameters on ae1.
    [edit groups]

user@EX9200-A# set MC_Config_Global interfaces ae1 aggregated-ether-options lacp active

    user@EX9200-A# set MC_Config_Global interfaces ae1 aggregated-ether-options lacp periodic fast
25. Configure the LACP system ID on ae1.
    [edit groups]

user@EX9200-A# set MC_Config_Global interfaces ae1 aggregated-ether-options lacp system-id 00:01:02:03:04:06
26. Configure the LACP administrative key on ae1.
    [edit groups]

user@EX9200-A# set MC_Config_Global interfaces ae1 aggregated-ether-options lacp admin-key 1
27. Add member interfaces to the aggregated Ethernet interface (ae2) that will be used as the MC-LAG interface.
    [edit groups]

user@EX9200-A# set MC_Config_Global interfaces xe-0/0/1 ether-options 802.3ad ae2

    user@EX9200-A# set MC_Config_Global interfaces xe-1/0/1 ether-options 802.3ad ae2
28. Configure the aggregated Ethernet interface (ae2) that will be used as an MC-LAG interface.
    [edit groups]

user@EX9200-A# set MC_Config_Global interfaces ae2 description “MC-LAG interface with members xe-0/0/1,xe-1/0/1”
29. Configure ae2 as a Layer 2 interface.
    [edit groups]

user@EX9200-A# set MC_Config_Global interfaces ae2 unit 0 family ethernet-switching interface-mode trunk

    user@EX9200-A# set MC_Config_Global interfaces ae2 unit 0 family ethernet-switching vlan members all
30. Configure the LACP parameters on ae2.
    [edit groups]

user@EX9200-A# set MC_Config_Global interfaces ae2 aggregated-ether-options lacp active

    user@EX9200-A# set MC_Config_Global interfaces ae2 aggregated-ether-options lacp periodic fast
31. Configure the LACP system ID on ae2.
    [edit groups]

user@EX9200-A# set MC_Config_Global interfaces ae2 aggregated-ether-options lacp system-id 00:01:02:03:04:07
32. Configure the LACP administrative key on ae2.
    [edit groups]

user@EX9200-A# set MC_Config_Global interfaces ae2 aggregated-ether-options lacp admin-key 2
33. Configure the MC-AE interface properties on ae2.
    [edit groups]

user@EX9200-A# set MC_Config_Global interfaces ae2 aggregated-ether-options mc-ae mc-ae-id 2

    user@EX9200-A# set MC_Config_Global interfaces ae2 aggregated-ether-options mc-ae redundancy-group 1
34. Specify the mode of ae2 to be active-active.
    [edit groups]

user@EX9200-A# set MC_Config_Global interfaces ae2 aggregated-ether-options mc-ae mode active-active
35. Specify the time in seconds to delay bringing the MC-AE interface to the up state after rebooting an MC-LAG peer.

    By delaying the bring-up of the interface until after protocol convergence, you can prevent packet loss during the recovery of failed links and devices. This network configuration example uses a delay time of 520 seconds. This delay time might not be optimal for your network and should be adjusted to fit your network requirements.

    [edit groups]

user@EX9200-A# set MC_Config_Global interfaces ae2 aggregated-ether-options mc-ae init-delay-time 520
36. Specify that if a peer of the MC-LAG group goes down, the peer that is configured as status-control active becomes the active peer.
    [edit groups]

user@EX9200-A# set MC_Config_Global interfaces ae2 aggregated-ether-options mc-ae events iccp-peer-down prefer-status-control-active
37. Add member interfaces to the aggregated Ethernet interface (ae3) that will be used as the MC-LAG interface.Note

    EX9200-B uses the same interface name of xe-0/0/2.

    [edit groups]

user@EX9200-A# set MC_Config_Global interfaces xe-0/0/2 ether-options 802.3ad ae3
38. Configure the aggregated Ethernet interface (ae3) that will be used as an MC-LAG interface.
    [edit groups]

user@EX9200-A# set groups MC_Config_Global interfaces ae3 description “MC-LAG interface with members xe-0/0/2 on both switches”
39. Configure ae3 as a Layer 2 interface.
    [edit groups]

user@EX9200-A# set MC_Config_Global interfaces ae3 unit 0 family ethernet-switching interface-mode trunk

    user@EX9200-A# set MC_Config_Global interfaces ae3 unit 0 family ethernet-switching vlan members all
40. Configure the LACP parameters on ae3.
    [edit groups]

user@EX9200-A# set MC_Config_Global interfaces ae3 aggregated-ether-options lacp active

    user@EX9200-A# set MC_Config_Global interfaces ae3 aggregated-ether-options lacp periodic fast
41. Configure the LACP system ID on ae3.
    [edit groups]

user@EX9200-A# set MC_Config_Global interfaces ae3 aggregated-ether-options lacp system-id 00:01:02:03:04:08
42. Configure the LACP administrative key on ae3.
    [edit groups]

user@EX9200-A# set MC_Config_Global interfaces ae3 aggregated-ether-options lacp admin-key 3
43. Configure the MC-AE interface properties on ae3.
    [edit groups]

user@EX9200-A# set MC_Config_Global interfaces ae3 aggregated-ether-options mc-ae mc-ae-id 3

    user@EX9200-A# set MC_Config_Global interfaces ae3 aggregated-ether-options mc-ae redundancy-group 1
44. Specify the mode of ae3 to be active-active.
    [edit groups]

user@EX9200-A# set MC_Config_Global interfaces ae3 aggregated-ether-options mc-ae mode active-active
45. Specify the time in seconds to delay bringing the MC-AE interface to the up state after rebooting an MC-LAG peer.

    By delaying the bring-up of the interface until after protocol convergence, you can prevent packet loss during the recovery of failed links and devices. This network configuration example uses a delay time of 520 seconds. This delay time might not be optimal for your network and should be adjusted to fit your network requirements.

    [edit groups]

user@EX9200-A# set MC_Config_Global interfaces ae3 aggregated-ether-options mc-ae init-delay-time 520
46. Specify that if a peer of the MC-LAG group goes down, the peer that is configured as status-control active becomes the active peer.
    [edit groups]

user@EX9200-A# set MC_Config_Global interfaces ae3 aggregated-ether-options mc-ae events iccp-peer-down prefer-status-control-active
47. Configure VLAN 100 to connect end users.
    [edit groups]

user@EX9200-A# set MC_Config_Global vlans v100 vlan-id 100
48. Configure the routed VLAN interface for VLAN 100.
    [edit groups]

user@EX9200-A# set MC_Config_Global vlans v100 l3-interface irb.100
49. Enable consistency check.
    [edit groups]

user@EX9200-A# set MC_Config_Global multi-chassis mc-lag consistency-check
50. Enable the Rapid Spanning Tree Protocol on the ae2 and ae3 interfaces (MC-LAG interfaces) for optional loop prevention.
    [edit groups]

user@EX9200-A# set MC_Config_Global protocols rstp interfaces ae2

    user@EX9200-A# set MC_Config_Global protocols rstp interfaces ae3
51. Configure the RSTP bridge priority.

    Setting the bridge priority to 0 will make the MC-AE nodes of EX9200-A and EX9200-B the best priority.

    [edit groups]

user@EX9200-A# set MC_Config_Global protocols rstp bridge-priority 0
52. Configure the RSTP system identifier value.
    [edit groups]

user@EX9200-A# set MC_Config_Global protocols rstp system-id 00:01:02:03:04:09
53. Specify the switch service ID.

    The switch service ID is used to synchronize applications, ARP, and MAC learning across MC-LAG members.

    [edit groups]

user@EX9200-A# set MC_Config_Global switch-options service-id 1
54. Configure a configuration group for an MC-LAG configuration that applies to the local peer.
    [edit groups]

user@EX9200-A# set MC_Config_Local
55. Configure the ICCP interface (ae0) as a Layer 3 interface.
    [edit groups]

user@EX9200-A# set MC_Config_Local interfaces ae0 unit 0 family inet address 172.16.32.9/30
56. Specify a unique chassis ID for the MC-LAG (ae2) that the aggregated Ethernet interface belongs to.
    [edit groups]

user@EX9200-A# set MC_Config_Local interfaces ae2 aggregated-ether-options mc-ae chassis-id 0
57. Specify the status-control setting of ae2 to be active.
    [edit groups]

user@EX9200-A# set MC_Config_Local interfaces ae2 aggregated-ether-options mc-ae status-control active
58. Specify a unique chassis ID for the MC-LAG (ae3) that the aggregated Ethernet interface belongs to.
    [edit groups]

user@EX9200-A# set MC_Config_Local interfaces ae3 aggregated-ether-options mc-ae chassis-id 0
59. Specify the status-control setting of ae3 to be active..
    [edit groups]

user@EX9200-A# set MC_Config_Local interfaces ae3 aggregated-ether-options mc-ae status-control active
60. Configure a configuration group for an MC-LAG configuration that applies to the remote peer.
    [edit groups]

user@EX9200-A# set MC_Config_Remote
61. Configure ae0 as a Layer 3 interface.
    [edit groups]

user@EX9200-A# set MC_Config_Remote interfaces ae0 unit 0 family inet address 172.16.32.10/30
62. Specify a unique chassis ID for the MC-LAG (ae2) that the aggregated Ethernet interface belongs to.
    [edit groups]

user@EX9200-A# set MC_Config_Remote interfaces ae2 aggregated-ether-options mc-ae chassis-id 1
63. Specify the status-control setting of ae2 to be standby.
    [edit groups]

user@EX9200-A# set MC_Config_Remote interfaces ae2 aggregated-ether-options mc-ae status-control standby
64. Specify a unique chassis ID for the MC-LAG (ae3) that the aggregated Ethernet interface belongs to.
    [edit groups]

user@EX9200-A# set MC_Config_Remote interfaces ae3 aggregated-ether-options mc-ae chassis-id 1
65. Specify the status-control setting of ae3 to be standby.
    [edit interfaces]

user@EX9200-A# set MC_Config_Remote interfaces ae3 aggregated-ether-options mc-ae status-control standby
66. Specify that if a peer of the MC-LAG group goes down, the peer that is configured as status-control active becomes the active peer.
    [edit interfaces]

user@EX9200-A# set MC_Config_Remote interfaces ae3 aggregated-ether-options mc-ae events iccp-peer-down prefer-status-control-standby
67. Enable link protection between the two MC-LAG peers.

    Assign interface ae1 to act as the ICL to protect the MC-AE interfaces, ae2 and ae3, in case of failure.

    [edit interfaces]

user@EX9200-A# set ae2 unit 0 multi-chassis-protection 172.16.32.6 interface ae1
    user@EX9200-A# set ae3 unit 0 multi-chassis-protection 172.16.32.6 interface ae1
68. Specify the local IP address of the ICCP interface.
    [edit protocols]

user@EX9200-A# set iccp local-ip-addr 172.16.32.5
69. Configure the session establishment hold time for ICCP to connect faster.Note

    We recommend 50 seconds as the session establishment hold time value.

    [edit protocols]

user@EX9200-A# set iccp peer 172.16.32.6 session-establishment-hold-time 50

    user@EX9200-A# set iccp peer 172.16.32.6 redundancy-group-id-list 1

    user@EX9200-A# set iccp peer 172.16.32.6 backup-liveness-detection backup-peer-ip 10.92.76.4
70. To enable BFD for ICCP, configure the minimum receive interval.

    We recommend a minimum receive interval value of 6 seconds.

    [edit protocols]

user@EX9200-A# set iccp peer 172.16.32.6 liveness-detection minimum-interval 2000

    user@EX9200-A# set iccp peer 172.16.32.6 liveness-detection multiplier 4

    
    
    
71. Apply the groups configured earlier, so that the Junos configuration will inherit the statements from the MC_Config_Global, MC_Config_Local, and MC_Config_Remote configuration groups.
    [edit]

user@EX9200-A# set apply-groups [ MC_Config_Global MC_Config_Local MC_Config_Remote ]

Configuring MC-LAG on EX9200-B

Step-by-Step Procedure

1. Create a user account to access the switch, along with a user identifier (UID), a login class, and a password.
   [edit system]

user@EX9200-A# set login user MCLAG_Admin uid 2000

   user@EX9200-B# set login user MCLAG_Admin class super-user

   user@EX9200-B# set login user MCLAG_Admin authentication encrypted-password “$ABC123”
2. Statically map EX9200-A to 10.92.76.2 and EX9200-B to 10.92.76.4.
   [edit system]

user@EX9200-B# set static-host-mapping EX9200-A inet 10.92.76.2

   user@EX9200-B# set static-host-mapping EX9200-B inet 10.92.76.4
3. Enable NETCONF service using SSH.
   [edit system]

user@EX9200-B# set services netconf ssh
4. Enable the peers-synchronize statement to copy and load the MC-LAG configuration from EX9200-B to EX9200-A by default.
   [edit system]

user@EX9200-B# set commit peers-synchronize
5. Configure the hostname, usernames, and authentication details for EX9200-A, the peer with which EX9200-B will be synchronizing the MC-LAG configuration.
   [edit system]

user@EX9200-B# set commit peers EX9200-A user MCLAG_Admin

   user@EX9200-A# set commit peers EX9200-A authentication "$ABC123"
6. Configure an MC-LAG IRB and configure static Address Resolution Protocol (ARP) on the MC-LAG IRB peers to allow routing protocols to traverse the IRB interface.
   [edit interfaces]

user@EX9200-B# set irb unit 100 family inet address 192.168.100.3/24 arp 192.168.100.2 l2-interface ae1

   user@EX9200-B# set irb unit 100 family inet address 192.168.100.3/24 arp 192.168.100.2 mac 28:8a:1c:e3:f7:f0
7. Enable VRRP on the MC-LAGs by assigning a virtual IP address that is shared between each switch in the VRRP group, and assigning an individual IP address for each individual member in the VRRP group.
   [edit interfaces]

user@EX9200-B# set irb unit 100 family inet address 192.168.100.3/24 vrrp-group 1 virtual-address 192.168.100.1

   user@EX9200-B# set irb unit 100 family inet address 192.168.100.3/24 vrrp-group 1 priority 100

   user@EX9200-B# set irb unit 100 family inet address 192.168.100.3/24 vrrp-group 1 accept-data
8. Configure a loopback interface.
   [edit interfaces]

user@EX9200-B# set lo0 unit 0 family inet address 172.16.32.6/32
9. Configure a default gateway.
   [edit routing-options]

user@EX9200-B# set static route 0.0.0.0 next-hop 10.92.77.254
10. Configure an OSPF area that includes the loopback interface and the ICCP interface.
    [edit protocols]

user@EX9200-B# set ospf area 0.0.0.0 interface lo0 passive

    user@EX9200-B# set ospf area 0.0.0.0 interface ae0
11. Configure Link Layer Discovery Protocol for all interfaces.
    [edit protocols]

user@EX9200-B# set lldp interface all
12. Configure the number of aggregated Ethernet interfaces to be created on EX9200-B.
    [edit chassis]

user@EX9200-B# set aggregated-devices ethernet device-count 20
13. Enable link protection between the two MC-LAG peers.

    Assign interface ae1 to act as the ICL to protect the MC-AE interfaces, ae2 and ae3, in case of failure.

    [edit interfaces]

user@EX9200-B# set ae2 unit 0 multi-chassis-protection 172.16.32.5 interface ae1

    user@EX9200-B# set ae3 unit 0 multi-chassis-protection 172.16.32.5 interface ae1
14. Specify the local IP address of the ICCP interface.
    [edit protocols]

user@EX9200-B# set iccp local-ip-addr 172.16.32.6
15. Configure the session establishment hold time for ICCP to connect faster.Note

    We recommend 50 seconds as the session establishment hold time value.

    [edit protocols]

user@EX9200-B# set iccp peer 172.16.32.5 session-establishment-hold-time 50

    user@EX9200-B# set iccp peer 172.16.32.5 redundancy-group-id-list 1

    user@EX9200-B# set iccp peer 172.16.32.5 backup-liveness-detection backup-peer-ip 10.92.76.2
16. To enable BFD for ICCP, configure the minimum receive interval.

    We recommend a minimum receive interval value of 6 seconds.

    [edit protocols]

user@EX9200-B# set iccp peer 172.16.32.5 liveness-detection minimum-interval 2000

    user@EX9200-B# set iccp peer 172.16.32.5 liveness-detection multiplier 4
17. Apply the groups configured earlier, so that the Junos configuration will inherit the statements from the MC_Config_Global, MC_Config_Local, and MC_Config_Remote configuration groups.
    [edit]

user@EX9200-B# set apply-groups [ MC_Config_Global MC_Config_Local MC_Config_Remote ]

Results

Display the results of the configuration on EX9200-A before you commit the configuration.

Display the results of the configuration on EX9200-B before you commit the configuration.

Verification

• Verifying ICCP on MC-LAG

• Verifying LACP on MC-LAG

• Verifying Aggregated Ethernet Interfaces in MC-LAG

• Verifying VRRP in MC-LAG

• Verifying OSPF on MC-LAG

• Verifying that Configuration Consistency Check Passed

• Verifying the Configuration Consistency Check Status for the Global Configuration

• Verifying the Configuration Consistency Check Status for the Interchassis Control Link

• Verifying the Configuration Consistency Check Status for the MC-LAG Interfaces

• Verifying the Configuration Consistency Check Status for the VLAN Configuration

• Verifying the Configuration Consistency Check Status for VRRP

Verifying ICCP on MC-LAG

Purpose

Verify that ICCP is running on each device in the MC-LAG.

Action

1. Verify that ICCP is running on EX9200-A.
   user@EX92000-A> show iccp
2. Verify that ICCP is running on EX9200-B.
   user@EX9200-B> show iccp

Meaning

This output shows that the TCP connection between the peers hosting the MC-LAG is up, liveness detection is up, Backup liveness peer status is up, and LACPD, MCLAG_CFGCHKD,and L2ALD _ICCP_CLIENT client applications are running.

Verifying LACP on MC-LAG

Purpose

Verify that LACP is working properly on each device in the MC-LAG.

Action

1. Verify that the LACP interfaces are up and running on EX9200-A.
   user@EX9200-A> show lacp interfaces
2. Verify that the LACP interfaces are up and running on EX9200-B.
   user@EX9200-B> show lacp interfaces

Meaning

This output means that both devices and all related interfaces are properly participating in LACP negotiations.

Verifying Aggregated Ethernet Interfaces in MC-LAG

Purpose

Verify that all of the ae interfaces are configured properly in the MC–LAG.

Action

1. Verify the ae interfaces on EX9200-A.
   user@EX9200-A> show interfaces mc-ae
2. Verify the ae interfaces on EX9200-B.
   user@EX9200-B> show interface mc-ae

Meaning

This output means that the mc-ae interfaces on each device are up and active.

Verifying VRRP in MC-LAG

Purpose

Verify that VRRP is up and active between the devices in the MC-LAG.

Action

1. Confirm that VRRP is up and active on EX9200-A.
   user@EX9200-A> show vrrp

   In this example, Switch A is the master VRRP member.

2. Confirm that VRRP is up and active on EX9200-B.
   user@EX9200-B> show vrrp

   In this example, Switch B is the backup VRRP member.

Meaning

This output means that VRRP is up and running properly.

Verifying OSPF on MC-LAG

Purpose

Verify that OSPF is properly up and running with MC-LAG.

Action

1. Show the OSPF neighbors on EX9200-A.
   user@EX9200-A> show ospf neighbor
2. Show the OSPF routing table on EX9200-A.
   user@EX9200-A> show ospf route
3. Show the OSPF neighbors on EX9200-B.
   user@EX9200-B> show ospf neighbor
4. Show the OSPF routing table on EX9200-B.
   user@EX9200-B> show ospf route

Meaning

The output shows that the neighboring devices are fully adjacent.

Verifying that Configuration Consistency Check Passed

Purpose

View the list of committed MC-LAG parameters that are checked for inconsistencies, the consistency requirement (identical or unique), the enforcement level (mandatory or desired), and the result of the configuration consistency check. The results are either pass or fail.

Action

1. Show the list of committed MC-LAG parameters that passed or failed configuration consistency check on EX9200-A.
   user@EX9200-A> show multi-chassis mc-lag configuration-consistency
2. Show the list of committed MC-LAG parameters that passed or failed configuration consistency check on EX9200-B.
   user@EX9200-B> show multi-chassis mc-lag configuration-consistency

Meaning

The output shows that all configured and committed MC-LAG parameters have passed configuration consistency check.

Verifying the Configuration Consistency Check Status for the Global Configuration

Purpose

View configuration consistency check status for all committed global configuration related to MC-LAG functionality, the consistency requirement (identical or unique), the enforcement level (mandatory or desired), and the result of the configuration consistency check. The results are either pass or fail.

This command shows only a subset of what is shown in the show multi-chassis mc-lag configuration-consistency command. The following parameters related to the global configuration are checked for consistency.

• ICL interface

• RSTP bridge priority

• service ID

• session establishment hold time

• local IP address of the ICCP interface

• backup liveness detection peer IP address

• ICCP/BFD multiplier

Parameters specific to the ICL, MC-LAG interfaces, and VLAN and VRRP configurations are shown later in this document.

Action

1. Show the list of committed global configuration parameters that passed or failed configuration consistency check on EX9200-A.

   The output below shows all of the parameters that directly affect the MC-LAG configuration.

   user@EX9200-A> show multi-chassis mc-lag configuration-consistency global-config
2. Show the list of committed global configuration parameters that passed or failed configuration consistency check on EX9200-B
   user@EX9200-B> show multi-chassis mc-lag configuration-consistency global-config

Meaning

The output shows that the committed global configuration related to MC-LAG have passed configuration consistency check.

Verifying the Configuration Consistency Check Status for the Interchassis Control Link

Purpose

View configuration consistency check status for parameters related to the ICL, the consistency requirement (identical or unique), the enforcement level (mandatory or desired), and the result of the configuration consistency check. The results are either pass or fail. Some example of parameters related to the ICL interface are the interface mode and which VLAN the interface belongs to.

This command shows only a subset of what is shown in the show multi-chassis mc-lag configuration-consistency command. The following parameters related to the ICL configuration are checked for consistency check:

• VLAN membership

• interface mode

Action

1. Show the list of committed ICL configuration parameters that passed or failed configuration consistency check on EX9200-A
   user@EX9200-A> show multi-chassis mc-lag configuration-consistency icl-config
2. Show the list of committed ICL configuration parameters that passed or failed configuration consistency check on EX9200-B
   user@EX9200-B> show multi-chassis mc-lag configuration-consistency icl-config

Meaning

The output shows that the committed MC-LAG parameters related to the ICL have passed configuration consistency check.

Verifying the Configuration Consistency Check Status for the MC-LAG Interfaces

Purpose

View configuration consistency check status for committed parameters related to the multichassis aggregated Ethernet interfaces, the consistency requirement (identical or unique), the enforcement level (mandatory or desired), and the result of the configuration consistency check. The results are either pass or fail.

This command shows only a subset of what is shown in the show multi-chassis mc-lag configuration-consistency command. The following parameters related to the MC-AE interfaces are checked for consistency:

• LACP administrative key

• LACP system ID

• LACP periodic interval

• prefer status control setting

• status control setting

• mode

• chassis ID

• redundancy group ID

• VLAN membership of the ICL

• interface mode of the ICL

Action

1. Show the list of committed MC-LAG interface configuration parameters that passed or failed configuration consistency check on EX9200-A.
   user@EX9200-A> show multi-chassis mc-lag configuration-consistency mcae-config
2. Show the list of committed MC-LAG interface configuration parameters that passed or failed configuration consistency check on EX9200-B.
   user@EX9200-B> show multi-chassis mc-lag configuration-consistency mcae-config

Meaning

The output shows that the committed MC-LAG parameters related to the MC-AE interfaces have passed configuration consistency check.

Verifying the Configuration Consistency Check Status for the VLAN Configuration

Purpose

View configuration consistency check status for committed parameters related to MC-LAG VLAN configuration, the consistency requirement (identical or unique), the enforcement level (mandatory or desired), and the result of the configuration consistency check. The results are either pass or fail.

This command shows only a subset of what is shown in the show multi-chassis mc-lag configuration-consistency command. The following parameters related to the VLAN and IRB configuration are checked for consistency:

• VRRP group ID

• IP address of IRB interface

Action

1. Show the list of committed VLAN configuration parameters that passed or failed configuration consistency check on EX9200-A.
   user@EX9200-A> show multi-chassis mc-lag configuration-consistency vlan-config
2. Show the list of committed VLAN configuration parameters that passed or failed configuration consistency check on EX9200-B.
   user@EX9200-B> show multi-chassis mc-lag configuration-consistency vlan-config

Meaning

The output shows that the committed MC-LAG parameters related to the VLAN and IRB configurations have passed configuration consistency check.

Verifying the Configuration Consistency Check Status for VRRP

Purpose

View configuration consistency check status for committed parameters related to VRRP configuration, the consistency requirement (identical or unique), the enforcement level (mandatory or desired), and the result of the configuration consistency check. The results are either pass or fail.

This command shows only a subset of what is shown in the show multi-chassis mc-lag configuration-consistency command. The following parameters related to the VRRP configuration are checked for consistency: VRRP group virtual IP address and VRRP group priority value.

Action

1. Show the list of committed VRRP configuration parameters that passed or failed configuration consistency check on EX9200-A.
   user@EX9200-A> show multi-chassis mc-lag configuration-consistency vrrp-config
2. Show the list of committed VRRP configuration parameters that passed or failed configuration consistency check on EX9200-B.
   user@EX9200-B> show multi-chassis mc-lag configuration-consistency vrrp-config

Meaning

The output shows that the committed MC-LAG parameters related to VRRP configuration have passed configuration consistency check.

Example: Configuring CoS for FCoE Transit Switch Traffic Across an MC-LAG

• Requirements

• Overview

• Configuration

• Verification

Requirements

• Two Juniper Networks QFX3500 switches that form an MC-LAG for FCoE traffic.

• Two Juniper Networks QFX3500 switches that provide FCoE server access in transit switch mode and that connect to the MC-LAG switches. These switches can be standalone QFX3500 switches or they can be Node devices in a QFabric system.

• FCoE servers (or other FCoE hosts) connected to the transit switches.

• Junos OS Release 12.2 or later for the QFX Series.

Overview

• Configure CoS for FCoE traffic on the two QFX3500 switches that form the MC-LAG, including priority-based flow control (PFC) and enhanced transmission selection (ETS; hierarchical scheduling of resources for the FCoE forwarding class priority and for the forwarding class set priority group).

  Note

  Configuring or changing PFC on an interface blocks the entire port until the PFC change is completed. After a PFC change is completed, the port is unblocked and traffic resumes. Blocking the port stops ingress and egress traffic, and causes packet loss on all queues on the port until the port is unblocked.

• Configure CoS for FCoE on the two FCoE transit switches that connect FCoE hosts to the MC-LAG switches and enable FIP snooping on the FCoE VLAN at the FCoE transit switch access ports.

• Disable IGMP snooping on the FCoE VLAN.

  Note

  This is only necessary if IGMP snooping is enabled on the VLAN. Before Junos OS Release 13.2, IGMP snooping was enabled by default on VLANs. Beginning with Junos OS Release 13.2, IGMP snooping is enabled by default only on the default VLAN.

• Configure the appropriate port mode, MTU, and FCoE trusted or untrusted state for each interface to support lossless FCoE transport.

Topology

Switches that act as transit switches support MC-LAGs for FCoE traffic in an inverted-U network topology, as shown in Figure 5.

Figure 5: Supported Topology for an MC-LAG on an FCoE Transit Switch

Table 3 shows the configuration components for this example.

• Use the default FCoE forwarding class and forwarding-class-to-queue mapping (do not explicitly configure the FCoE forwarding class or output queue). The default FCoE forwarding class is fcoe, and the default output queue is queue 3.

  Note

  In Junos OS Release 12.2, traffic mapped to explicitly configured forwarding classes, even lossless forwarding classes such as fcoe, is treated as lossy (best-effort) traffic and does not receive lossless treatment. To receive lossless treatment in Release 12.2, traffic must use one of the default lossless forwarding classes (fcoe or no-loss).

  In Junos OS Release 12.3 and later, you can include the no-loss packet drop attribute in the explicit forwarding class configuration to configure a lossless forwarding class.

• Use the default trusted BA classifier, which maps incoming packets to forwarding classes by the IEEE 802.1p code point (CoS priority) of the packet. The trusted classifier is the default classifier for interfaces in trunk and tagged-access port modes. The default trusted classifier maps incoming packets with the IEEE 802.1p code point 3 (011) to the FCoE forwarding class. If you choose to configure the BA classifier instead of using the default classifier, you must ensure that FCoE traffic is classified into forwarding classes in exactly the same way on both MC-LAG switches. Using the default classifier ensures consistent classifier configuration on the MC-LAG ports.

• Configure a congestion notification profile that enables PFC on the FCoE code point (code point 011 in this example). The congestion notification profile configuration must be the same on both MC-LAG switches.

• Apply the congestion notification profile to the interfaces.

• Configure enhanced transmission selection (ETS, also known as hierarchical scheduling) on the interfaces to provide the bandwidth required for lossless FCoE transport. Configuring ETS includes configuring bandwidth scheduling for the FCoE forwarding class, a forwarding class set (priority group) that includes the FCoE forwarding class, and a traffic control profile to assign bandwidth to the forwarding class set that includes FCoE traffic.

• Apply the ETS scheduling to the interfaces.

• Configure the port mode, MTU, and FCoE trusted or untrusted state for each interface to support lossless FCoE transport.

In addition, this example describes how to enable FIP snooping on the Transit Switch TS1 and TS2 ports that are connected to the FCoE servers and how to disable IGMP snooping on the FCoE VLAN. To provide secure access, FIP snooping must be enabled on the FCoE access ports.

This example focuses on the CoS configuration to support lossless FCoE transport across an MC-LAG. This example does not describe how to configure the properties of MC-LAGs and LAGs, although it does show you how to configure the port characteristics required to support lossless transport and how to assign interfaces to the MC-LAG and to the LAGs.

• The MC-LAGs that connect Switches S1 and S2 to Switches TS1 and TS2.

• The LAGs that connect the Transit Switches TS1 and TS2 to MC-LAG Switches S1 and S2.

• The LAG that connects Switch S1 to Switch S2.

Configuration

• Configuring MC-LAG Switches S1 and S2

• Configuring FCoE Transit Switches TS1 and TS2

• Results

CLI Quick Configuration

To quickly configure CoS for lossless FCoE transport across an MC-LAG, copy the following commands, paste them in a text file, remove line breaks, change variables and details to match your network configuration, and then copy and paste the commands into the CLI for MC-LAG Switch S1 and MC-LAG Switch S2 at the [edit] hierarchy level. The configurations on Switches S1 and S2 are identical because the CoS configuration must be identical, and because this example uses the same ports on both switches.

To quickly configure CoS for lossless FCoE transport across an MC-LAG, copy the following commands, paste them in a text file, remove line breaks, change variables and details to match your network configuration, and then copy and paste the commands into the CLI for Transit Switch TS1 and Transit Switch TS2 at the [edit] hierarchy level. The configurations on Switches TS1 and TS2 are identical because the CoS configuration must be identical, and because this example uses the same ports on both switches.

Configuring MC-LAG Switches S1 and S2

Step-by-Step Procedure

1. Configure output scheduling for the FCoE queue.
   [edit class-of-service schedulers fcoe-sched]

user@switch# set priority low transmit-rate 3g

user@switch# set shaping-rate percent 100

   
   
   

2. Map the FCoE forwarding class to the FCoE scheduler (fcoe-sched).
   [edit class-of-service]

user@switch# set scheduler-maps fcoe-map forwarding-class fcoe scheduler fcoe-sched

   
   
   

3. Configure the forwarding class set (fcoe-pg) for the FCoE traffic.
   [edit class-of-service]

user@switch# set forwarding-class-sets fcoe-pg class fcoe

   
   
   

4. Define the traffic control profile (fcoe-tcp) to use on the FCoE forwarding class set.
   [edit class-of-service traffic-control-profiles fcoe-tcp]

user@switch# set scheduler-map fcoe-map guaranteed-rate 3g

user@switch# set shaping-rate percent 100

   
   
   

5. Apply the FCoE forwarding class set and traffic control profile to the LAG and MC-LAG interfaces.
   [edit class-of-service]

user@switch# set interfaces ae0 forwarding-class-set fcoe-pg output-traffic-control-profile fcoe-tcp

user@switch# set interfaces ae1 forwarding-class-set fcoe-pg output-traffic-control-profile fcoe-tcp

   
   
   

6. Enable PFC on the FCoE priority by creating a congestion notification profile (fcoe-cnp) that applies FCoE to the IEEE 802.1 code point 011.
   [edit class-of-service]

user@switch# set congestion-notification-profile fcoe-cnp input ieee-802.1 code-point 011 pfc



   
   
   

7. Apply the PFC configuration to the LAG and MC-LAG interfaces.
   [edit class-of-service]

user@switch# set interfaces ae0 congestion-notification-profile fcoe-cnp

user@switch# set interfaces ae1 congestion-notification-profile fcoe-cnp

   
   
   

8. Configure the VLAN for FCoE traffic (fcoe_vlan).
   [edit vlans]

user@switch# set fcoe_vlan vlan-id 100

   
   
   

9. Disable IGMP snooping on the FCoE VLAN.
   [edit protocols]

user@switch# set igmp-snooping vlan fcoe_vlan disable

   
   
   

10. Add the member interfaces to the LAG between the two MC-LAG switches.
    [edit interfaces]

user@switch# set xe-0/0/10 ether-options 802.3ad ae0

user@switch# set xe-0/0/11 ether-options 802.3ad ae0

    
    
    

11. Add the member interfaces to the MC-LAG.
    [edit interfaces]

user@switch# set xe-0/0/20 ether-options 802.3ad ae1

user@switch# set xe-0/0/21 ether-options 802.3ad ae1

    
    
    

12. Configure the port mode as trunk and membership in the FCoE VLAN (fcoe_vlan)for the LAG (ae0) and for the MC-LAG (ae1).
    [edit interfaces]

user@switch# set ae0 unit 0 family ethernet-switching port-mode trunk vlan members fcoe_vlan

user@switch# set ae1 unit 0 family ethernet-switching port-mode trunk vlan members fcoe_vlan

    
    
    

13. Set the MTU to 2180 for the LAG and MC-LAG interfaces.

    2180 bytes is the minimum size required to handle FCoE packets because of the payload and header sizes. You can configure the MTU to a higher number of bytes if desired, but not less than 2180 bytes.

    [edit interfaces]

user@switch# set ae0 mtu 2180

user@switch# set ae1 mtu 2180

    
    
    

14. Set the LAG and MC-LAG interfaces as FCoE trusted ports.

    Ports that connect to other switches should be trusted and should not perform FIP snooping.

    [edit ethernet-switching-options secure-access-port interface]

user@switch# set ae0 fcoe-trusted

user@switch# set ae1 fcoe-trusted

Configuring FCoE Transit Switches TS1 and TS2

Step-by-Step Procedure

1. Configure output scheduling for the FCoE queue.
   [edit class-of-service schedulers fcoe-sched]

user@switch# set priority low transmit-rate 3g

user@switch# set shaping-rate percent 100

   
   
   

2. Map the FCoE forwarding class to the FCoE scheduler (fcoe-sched).
   [edit class-of-service]

user@switch# set scheduler-maps fcoe-map forwarding-class fcoe scheduler fcoe-sched

   
   
   

3. Configure the forwarding class set (fcoe-pg) for the FCoE traffic.
   [edit class-of-service]

user@switch# set forwarding-class-sets fcoe-pg class fcoe

   
   
   

4. Define the traffic control profile (fcoe-tcp) to use on the FCoE forwarding class set.
   [edit class-of-service]

user@switch# set traffic-control-profiles fcoe-tcp scheduler-map fcoe-map guaranteed-rate 3g

user@switch# set traffic-control-profiles fcoe-tcp shaping-rate percent 100

   
   
   

5. Apply the FCoE forwarding class set and traffic control profile to the LAG interface and to the FCoE access interfaces.
   [edit class-of-service]

user@switch# set interfaces ae1 forwarding-class-set fcoe-pg output-traffic-control-profile fcoe-tcp

user@switch# set interfaces xe-0/0/30 forwarding-class-set fcoe-pg output-traffic-control-profile fcoe-tcp

user@switch# set interfaces xe-0/0/31 forwarding-class-set fcoe-pg output-traffic-control-profile fcoe-tcp

user@switch# set interfaces xe-0/0/32 forwarding-class-set fcoe-pg output-traffic-control-profile fcoe-tcp

user@switch# set interfaces xe-0/0/33 forwarding-class-set fcoe-pg output-traffic-control-profile fcoe-tcp

   
   
   

6. Enable PFC on the FCoE priority by creating a congestion notification profile (fcoe-cnp) that applies FCoE to the IEEE 802.1 code point 011.
   [edit class-of-service]

user@switch# set congestion-notification-profile fcoe-cnp input ieee-802.1 code-point 011 pfc



   
   
   

7. Apply the PFC configuration to the LAG interface and to the FCoE access interfaces.
   [edit class-of-service]

user@switch# set interfaces ae1 congestion-notification-profile fcoe-cnp

user@switch# set interfaces xe-0/0/30 congestion-notification-profile fcoe-cnp

user@switch# set interfaces xe-0/0/31 congestion-notification-profile fcoe-cnp

user@switch# set interfaces xe-0/0/32 congestion-notification-profile fcoe-cnp

user@switch# set interfaces xe-0/0/33 congestion-notification-profile fcoe-cnp

   
   
   

8. Configure the VLAN for FCoE traffic (fcoe_vlan).
   [edit vlans]

user@switch# set fcoe_vlan vlan-id 100

   
   
   

9. Disable IGMP snooping on the FCoE VLAN.
   [edit protocols]

user@switch# set igmp-snooping vlan fcoe_vlan disable

   
   
   

10. Add the member interfaces to the LAG.
    [edit interfaces]

user@switch# set xe-0/0/25 ether-options 802.3ad ae1

user@switch# set xe-0/0/26 ether-options 802.3ad ae1

    
    
    

11. On the LAG (ae1), configure the port mode as trunk and membership in the FCoE VLAN (fcoe_vlan).
    [edit interfaces]

user@switch# set ae1 unit 0 family ethernet-switching port-mode trunk vlan members fcoe_vlan

    
    
    

12. On the FCoE access interfaces (xe-0/0/30, xe-0/0/31, xe-0/0/32, xe-0/0/33), configure the port mode as tagged-access and membership in the FCoE VLAN (fcoe_vlan).
    [edit interfaces]

user@switch# set xe-0/0/30 unit 0 family ethernet-switching port-mode tagged-access vlan members fcoe_vlan

user@switch# set xe-0/0/31 unit 0 family ethernet-switching port-mode tagged-access vlan members fcoe_vlan

user@switch# set xe-0/0/32 unit 0 family ethernet-switching port-mode tagged-access vlan members fcoe_vlan

user@switch# set xe-0/0/33 unit 0 family ethernet-switching port-mode tagged-access vlan members fcoe_vlan

    
    
    

13. Set the MTU to 2180 for the LAG and FCoE access interfaces.

    2180 bytes is the minimum size required to handle FCoE packets because of the payload and header sizes; you can configure the MTU to a higher number of bytes if desired, but not less than 2180 bytes.

    [edit interfaces]

user@switch# set ae1 mtu 2180

user@switch# set xe-0/0/30 mtu 2180

user@switch# set xe-0/0/31 mtu 2180

user@switch# set xe-0/0/32 mtu 2180

user@switch# set xe-0/0/33 mtu 2180



    
    
    

14. Set the LAG interface as an FCoE trusted port. Ports that connect to other switches should be trusted and should not perform FIP snooping:
    [edit ethernet-switching-options]

user@switch# set secure-access-port interface ae1 fcoe-trusted
    Note

    Access ports xe-0/0/30, xe-0/0/31, xe-0/0/32, and xe-0/0/33 are not configured as FCoE trusted ports. The access ports remain in the default state as untrusted ports because they connect directly to FCoE devices and must perform FIP snooping to ensure network security.

    
    
    

15. Enable FIP snooping on the FCoE VLAN to prevent unauthorized FCoE network access (this example uses VN2VN_Port FIP snooping; the example is equally valid if you use VN2VF_Port FIP snooping).
    [edit ethernet-switching-options]

user@switch# set secure-access-port vlan fcoe_vlan examine-fip examine-vn2vn beacon-period 90000

Results

Display the results of the CoS configuration on MC-LAG Switch S1 and on MC-LAG Switch S2 (the results on both switches are the same).

Display the results of the CoS configuration on FCoE Transit Switch TS1 and on FCoE Transit Switch TS2 (the results on both transit switches are the same).

Verification

• Verifying That the Output Queue Schedulers Have Been Created

• Verifying That the Priority Group Output Scheduler (Traffic Control Profile) Has Been Created

• Verifying That the Forwarding Class Set (Priority Group) Has Been Created

• Verifying That Priority-Based Flow Control Has Been Enabled

• Verifying That the Interface Class of Service Configuration Has Been Created

• Verifying That the Interfaces Are Correctly Configured

• Verifying That FIP Snooping Is Enabled on the FCoE VLAN on FCoE Transit Switches TS1 and TS2 Access Interfaces

• Verifying That the FIP Snooping Mode Is Correct on FCoE Transit Switches TS1 and TS2

• Verifying That IGMP Snooping Is Disabled on the FCoE VLAN

Verifying That the Output Queue Schedulers Have Been Created

Purpose

Verify that the output queue scheduler for FCoE traffic has the correct bandwidth parameters and priorities, and is mapped to the correct forwarding class (output queue). Queue scheduler verification is the same on each of the four switches.

Action

List the scheduler map using the operational mode command show class-of-service scheduler-map fcoe-map:

Meaning

The show class-of-service scheduler-map fcoe-map command lists the properties of the scheduler map fcoe-map. The command output includes:

• The name of the scheduler map (fcoe-map)

• The name of the scheduler (fcoe-sched)

• The forwarding classes mapped to the scheduler (fcoe)

• The minimum guaranteed queue bandwidth (transmit rate 3000000000 bps)

• The scheduling priority (low)

• The maximum bandwidth in the priority group the queue can consume (shaping rate 100 percent)

• The drop profile loss priority for each drop profile name. This example does not include drop profiles because you do not apply drop profiles to FCoE traffic.

Verifying That the Priority Group Output Scheduler (Traffic Control Profile) Has Been Created

Purpose

Verify that the traffic control profile fcoe-tcp has been created with the correct bandwidth parameters and scheduler mapping. Priority group scheduler verification is the same on each of the four switches.

Action

List the FCoE traffic control profile properties using the operational mode command show class-of-service traffic-control-profile fcoe-tcp:

Meaning

The show class-of-service traffic-control-profile fcoe-tcp command lists all of the configured traffic control profiles. For each traffic control profile, the command output includes:

• The name of the traffic control profile (fcoe-tcp)

• The maximum port bandwidth the priority group can consume (shaping rate 100 percent)

• The scheduler map associated with the traffic control profile (fcoe-map)

• The minimum guaranteed priority group port bandwidth (guaranteed rate 3000000000 in bps)

Verifying That the Forwarding Class Set (Priority Group) Has Been Created

Purpose

Verify that the FCoE priority group has been created and that the fcoe priority (forwarding class) belongs to the FCoE priority group. Forwarding class set verification is the same on each of the four switches.

Action

List the forwarding class sets using the operational mode command show class-of-service forwarding-class-set fcoe-pg:

Meaning

The show class-of-service forwarding-class-set fcoe-pg command lists all of the forwarding classes (priorities) that belong to the fcoe-pg priority group, and the internal index number of the priority group. The command output shows that the forwarding class set fcoe-pg includes the forwarding class fcoe.

Verifying That Priority-Based Flow Control Has Been Enabled

Purpose

Verify that PFC is enabled on the FCoE code point. PFC verification is the same on each of the four switches.

Action

List the FCoE congestion notification profile using the operational mode command show class-of-service congestion-notification fcoe-cnp:

Meaning

The show class-of-service congestion-notification fcoe-cnp command lists all of the IEEE 802.1p code points in the congestion notification profile that have PFC enabled. The command output shows that PFC is enabled on code point 011 (fcoe queue) for the fcoe-cnp congestion notification profile.

The command also shows the default cable length (100 meters), the default maximum receive unit (2500 bytes), and the default mapping of priorities to output queues because this example does not include configuring these options.

Verifying That the Interface Class of Service Configuration Has Been Created

Purpose

Verify that the CoS properties of the interfaces are correct. The verification output on MC-LAG Switches S1 and S2 differs from the output on FCoE Transit Switches TS1 and TS2.

Action

List the interface CoS configuration on MC-LAG Switches S1 and S2 using the operational mode command show configuration class-of-service interfaces:

List the interface CoS configuration on FCoE Transit Switches TS1 and TS2 using the operational mode command show configuration class-of-service interfaces:

Meaning

The show configuration class-of-service interfaces command lists the class of service configuration for all interfaces. For each interface, the command output includes:

• The name of the interface (for example, ae0 or xe-0/0/30)

• The name of the forwarding class set associated with the interface (fcoe-pg)

• The name of the traffic control profile associated with the interface (output traffic control profile, fcoe-tcp)

• The name of the congestion notification profile associated with the interface (fcoe-cnp)

Verifying That the Interfaces Are Correctly Configured

Purpose

Verify that the LAG membership, MTU, VLAN membership, and port mode of the interfaces are correct. The verification output on MC-LAG Switches S1 and S2 differs from the output on FCoE Transit Switches TS1 and TS2.

Action

List the interface configuration on MC-LAG Switches S1 and S2 using the operational mode command show configuration interfaces:

List the interface configuration on FCoE Transit Switches TS1 and TS2 using the operational mode command show configuration interfaces:

Meaning

The show configuration interfaces command lists the configuration of each interface by interface name.

For each interface that is a member of a LAG, the command lists only the name of the LAG to which the interface belongs.

For each LAG interface and for each interface that is not a member of a LAG, the command output includes:

• The MTU (2180)

• The unit number of the interface (0)

• The port mode (trunk mode for interfaces that connect two switches, tagged-access mode for interfaces that connect to FCoE hosts)

• The name of the VLAN in which the interface is a member (fcoe_vlan)

Verifying That FIP Snooping Is Enabled on the FCoE VLAN on FCoE Transit Switches TS1 and TS2 Access Interfaces

Purpose

Verify that FIP snooping is enabled on the FCoE VLAN access interfaces. FIP snooping is enabled only on the FCoE access interfaces, so it is enabled only on FCoE Transit Switches TS1 and TS2. FIP snooping is not enabled on MC-LAG Switches S1 and S2 because FIP snooping is done at the Transit Switch TS1 and TS2 FCoE access ports.

Action

List the port security configuration on FCoE Transit Switches TS1 and TS2 using the operational mode command show configuration ethernet-switching-options secure-access-port:

Meaning

The show configuration ethernet-switching-options secure-access-port command lists port security information, including whether a port is trusted. The command output shows that:

• LAG port ae1.0, which connects the FCoE transit switch to the MC-LAG switches, is configured as an FCoE trusted interface. FIP snooping is not performed on the member interfaces of the LAG (xe-0/0/25 and xe-0/0/26).

• FIP snooping is enabled (examine-fip) on the FCoE VLAN (fcoe_vlan), the type of FIP snooping is VN2VN_Port FIP snooping (examine-vn2vn), and the beacon period is set to 90000 milliseconds. On Transit Switches TS1 and TS2, all interface members of the FCoE VLAN perform FIP snooping unless the interface is configured as FCoE trusted. On Transit Switches TS1 and TS2, interfaces xe-0/0/30, xe-0/0/31, xe-0/0/32, and xe-0/0/33 perform FIP snooping because they are not configured as FCoE trusted. The interface members of LAG ae1 (xe-0/0/25 and xe-0/0/26) do not perform FIP snooping because the LAG is configured as FCoE trusted.

Verifying That the FIP Snooping Mode Is Correct on FCoE Transit Switches TS1 and TS2

Purpose

Verify that the FIP snooping mode is correct on the FCoE VLAN. FIP snooping is enabled only on the FCoE access interfaces, so it is enabled only on FCoE Transit Switches TS1 and TS2. FIP snooping is not enabled on MC-LAG Switches S1 and S2 because FIP snooping is done at the Transit Switch TS1 and TS2 FCoE access ports.

Action

List the FIP snooping configuration on FCoE Transit Switches TS1 and TS2 using the operational mode command show fip snooping brief:

Meaning

The show fip snooping brief command lists FIP snooping information, including the FIP snooping VLAN and the FIP snooping mode. The command output shows that:

• The VLAN on which FIP snooping is enabled is fcoe_vlan

• The FIP snooping mode is VN2VN_Port FIP snooping (VN2VN Snooping)

Verifying That IGMP Snooping Is Disabled on the FCoE VLAN

Purpose

Verify that IGMP snooping is disabled on the FCoE VLAN on all four switches.

Action

List the IGMP snooping protocol information on each of the four switches using the show configuration protocols igmp-snooping command:

Meaning

The show configuration protocols igmp-snooping command lists the IGMP snooping configuration for the VLANs configured on the switch. The command output shows that IGMP snooping is disabled on the FCoE VLAN (fcoe_vlan).

Example: EVPN-MPLS Interworking With an MC-LAG Topology

• Requirements

• Overview and Topology

• PE1 and PE2 Configuration

• PE3 Configuration

Requirements

• Three EX9200 switches:

  • PE1 and PE2, which both function as MC-LAG peers in the MC-LAG topology and EVPN BGP peers in the EVPN-MPLS overlay network.

  • PE3, which functions as an EVPN BGP peer in the EVPN-MPLS overlay network.

• The EX9200 switches are running Junos OS Release 17.4R1 or later software.

Overview and Topology

Figure 6 shows an MC-LAG topology with provider edge devices PE1 and PE2 that are configured as MC-LAG peers. The MC-LAG peers exchange control information over an ICCP link and data traffic over an ICL. In this example, the ICL is an aggregated Ethernet interface that is comprised of two interfaces.

Figure 6: EVPN-MPLS Interworking With an MC-LAG Topology

The topology in Figure 6 also includes CE devices CE1 and CE2, which are both multihomed to each PE device. The links between CE1 and the two PE devices are bundled as an aggregated Ethernet interface on which MC-LAG in active-active mode is configured.

The topology in Figure 6 also includes PE3 at the edge of an MPLS network. PE3 functions as the gateway between the MC-LAG network and either a data center or a geographically distributed campus network. PE1, PE2, and PE3 run EVPN, which enables hosts in the MC-LAG network to communicate with hosts in the data center or other campus network by way of an intervening MPLS network.

From the perspective of the EVPN-MPLS interworking feature, PE3 functions solely as an EVPN BGP peer, and PE1 and PE2 in the MC-LAG topology have dual roles:

• MC-LAG peers in the MC-LAG network.

• EVPN BGP peers in the EVPN-MPLS network.

Because of the dual roles, PE1 and PE2 are configured with MC-LAG, EVPN, BGP, and MPLS attributes.

Table 4 outlines key MC-LAG and EVPN (BGP and MPLS) attributes configured on PE1, PE2, and PE3.

Note the following about the EVPN-MPLS interworking feature and its configuration:

• You must configure Ethernet segment identifiers (ESIs) on the dual-homed interfaces in the MC-LAG topology. The ESIs enable EVPN to identify the dual-homed interfaces.

• The only type of routing instance that is supported is the virtual switch instance (set routing-instances name instance-type virtual-switch).

• On the MC-LAG peers, you must include the bgp-peer configuration statement in the [edit routing-instances name protocols evpn mclag] hierarchy level. This configuration statement enables the interworking of EVPN-MPLS with MC-LAG on the MC-LAG peers.

• Address Resolution Protocol (ARP) suppression is not supported.

PE1 and PE2 Configuration

• PE1: Configuring MC-LAG

• PE1: Configuring EVPN-MPLS

• PE2: Configuring MC-LAG

• PE2: Configuring EVPN-MPLS

CLI Quick Configuration

PE1: Configuring MC-LAG

Step-by-Step Procedure

1. Set the number of aggregated Ethernet interfaces on PE1.

2. Configure aggregated Ethernet interface ae0 on interface xe-2/0/1, and configure LACP and MC-LAG on ae0. Divide aggregated Ethernet interface ae0 into three logical interfaces (ae0.1, ae0.2, and ae0.3). For each logical interface, specify an ESI, place the logical interface is in MC-LAG active-active mode, and map the logical interface to a VLAN.

3. Configure physical interface xe-2/0/6, and divide it into three logical interfaces (xe-2/0/6.1, xe-2/0/6.2, and xe-2/0/6.3). Map each logical interface to a VLAN.

4. Configure physical interface xe-2/1/0 as a Layer 3 interface, on which you configure ICCP. Specify the interface with the IP address of 203.0.113.2 on PE2 as the ICCP peer to PE1.

5. Configure aggregated Ethernet interface ae1 on interfaces xe-2/1/1 and xe-2/1/2, and configure LACP on ae1. Divide aggregated Ethernet interface ae1 into three logical interfaces (ae1.1, ae1.2, and ae1.3), and map each logical interface to a VLAN. Specify ae1 as the multichassis protection link between PE1 and PE2.

PE1: Configuring EVPN-MPLS

Step-by-Step Procedure

1. Configure the loopback interface, and the interfaces connected to the other PE devices.

2. Configure IRB interfaces irb.1, irb.2, and irb.3.

3. Assign a router ID and the autonomous system in which PE1, PE2, and PE3 reside.

4. Enable per-packet load-balancing for EVPN routes when EVPN multihoming active-active mode is used.

5. Enable MPLS on interfaces xe-2/0/0.0 and xe-2/0/2.0.

6. Configure an IBGP overlay that includes PE1, PE2, and PE3.

7. Configure OSPF as the internal routing protocol for EVPN by specifying an area ID and interfaces on which EVPN-MPLS is enabled.

8. Configure the Label Distribution Protocol (LDP) on the loopback interface and the interfaces on which EVPN-MPLS is enabled.

9. Configure virtual switch routing instances for VLAN v1, which is assigned VLAN IDs of 1, 2, and 3, and include the interfaces and other entities associated with the VLAN.

PE2: Configuring MC-LAG

Step-by-Step Procedure

1. Set the number of aggregated Ethernet interfaces on PE2.

2. Configure aggregated Ethernet interface ae0 on interface xe-2/0/1, and configure LACP and MC-LAG on ae0. Divide aggregated Ethernet interface ae0 into three logical interfaces (ae0.1, ae0.2, and ae0.3). For each logical interface, specify an ESI, place the logical interface is in MC-LAG active-active mode, and map the logical interface to a VLAN.

3. Configure physical interface xe-2/0/6, and divide it into three logical interfaces (xe-2/0/6.1, xe-2/0/6.2, and xe-2/0/6.3). Map each logical interface to a VLAN.

4. Configure physical interface xe-2/1/0 as a Layer 3 interface, on which you configure ICCP. Specify the interface with the IP address of 203.0.113.1 on PE1 as the ICCP peer to PE2.

5. Configure aggregated Ethernet interface ae1 on interfaces xe-2/1/1 and xe-2/1/2, and configure LACP on ae1. Divide aggregated Ethernet interface ae1 into three logical interfaces (ae1.1, ae1.2, and ae1.3), and map each logical interface to a VLAN. Specify ae1 as the multichassis protection link between PE1 and PE2.

PE2: Configuring EVPN-MPLS

Step-by-Step Procedure

1. Configure the loopback interface, and the interfaces connected to the other PE devices.

2. Configure IRB interfaces irb.1, irb.2, and irb.3.

3. Assign a router ID and the autonomous system in which PE1, PE2, and PE3 reside.

4. Enable per-packet load-balancing for EVPN routes when EVPN multihoming active-active mode is used.

5. Enable MPLS on interfaces xe-2/0/0.0 and xe-2/0/2.0.

6. Configure an IBGP overlay that includes PE1, PE2, and PE3.

7. Configure OSPF as the internal routing protocol for EVPN by specifying an area ID and interfaces on which EVPN-MPLS is enabled.

8. Configure the Label Distribution Protocol (LDP) on the loopback interface and the interfaces on which EVPN-MPLS is enabled.

9. Configure virtual switch routing instances for VLAN v1, which is assigned VLAN IDs of 1, 2, and 3, and include the interfaces and other entities associated with the VLAN.

PE3 Configuration

CLI Quick Configuration

PE3: Configuring EVPN-MPLS

Step-by-Step Procedure

1. Configure the loopback interface, and the interfaces connected to the other PE devices.

2. Configure interface xe-2/0/6, which is connected to the host.

3. Configure IRB interfaces irb.1, irb.2, and irb.3.

4. Assign a router ID and the autonomous system in which PE1, PE2, and PE3 reside.

5. Enable per-packet load-balancing for EVPN routes when EVPN multihoming active-active mode is used.

6. Enable MPLS on interfaces xe-2/0/2.0 and xe-2/0/3.0.

7. Configure an IBGP overlay that includes PE1, PE2, and PE3.

8. Configure OSPF as the internal routing protocol for EVPN by specifying an area ID and interfaces on which EVPN-MPLS is enabled.

9. Configure the LDP on the loopback interface and the interfaces on which EVPN-MPLS is enabled.

10. Configure virtual switch routing instances for VLAN v1, which is assigned VLAN IDs of 1, 2, and 3, and include the interfaces and other entities associated with the VLAN.