About Symmetric Routing over vLAGs

As stated above, vLAGs work best with symmetric traffic flows. In order to achieve that with routing, two main designs are recommended: VRRP + ECMP and symmetric VRRP.


The goal of either design is to distribute traffic equally across the different paths both upstream and downstream, making sure that the redundant cluster nodes can steer the traffic to its destination without having to rely upon the cluster links.



Figure 7-14 - Symmetric Routing over a vLAG with ECMP and VRRP


In this figure traffic is, for example, directed to and from host 50.50.50.1: downstream the spine router/switch has ECMP routes toward both cluster nodes, which have Layer 3 adjacencies to all the hosts, so either of them can properly steer traffic to 50.50.50.1. Upstream they implement the active-active default gateway function via VRRP and support traffic load-balancing with vLAGs from the host(s) toward the spine.


Hence this design implements optimal Layer 3 forwarding both ways (without relying on the cluster links as active paths, only as backups). It also supports running Layer 3 routing protocols on the cluster switches.



Figure 7-15 - Symmetric Routing over a vLAG with VRRP

 

In this other scenario two cluster switches run vRouters with active-active VRRP in order to provide redundant Layer 3 next hops (using virtual IPs) to both upstream and downstream devices.


This design achieves symmetric Layer 3 forwarding purely via vLAG load-balancing and VRRP active-active forwarding. However, note that it does not lend itself to the use of dynamic routing protocols on vRouters because with VRRP routing adjacencies would only form on the vRouter acting as VRRP master, preventing the slave vRouter to process and install routes.


NetVisor OS supports the active-active dual-forwarding logic by default with VRRP. However, if needed, you can disable it or re-enable it on a per vRouter basis with this command:


CLI (network-admin@switch) > vrouter-modify name vRouter-PN-0 cluster-active-active-routing|no-cluster-active-active-routing

 

To display the configuration, use the vrouter-show command:


CLI (network-admin@switch) > vrouter-show format all layout vertical


switch: PN-0

id: b000f1e:1

name: vRouter-PN-0

type: vrouter

scope: local

vnet: test

vnet-service: dedicated

state: enabled

location: sw45

zone-id: b000f1e:2

template: no

failover-action: stop-old

router-type: hardware

fabric-comm: false

router-ipstack: frr

hw-router-mac: 66:0e:94:1e:7a:6a

cluster-active-active-routing: disable

hw-vrid: 0

hw-vrrp-id: -1

proto-multi: none

proto-routing: static,routesnoop

bgp-redist-static-metric: none

bgp-redist-connected-metric: none

bgp-redist-rip-metric:  none

bgp-redist-ospf-metric: none

bgp-dampening: false

bgp-scantime(s):  60

bgp-delayed-startup(s): 1

bgp-keepalive-interval(s): 60

bgp-holdtime(s): 180

ospf-redist-static-metric: none

ospf-redist-static-metric-type: 2

ospf-redist-connected-metric:  none

ospf-redist-connected-metric-type: 2

ospf-redist-rip-metric:  none

ospf-redist-rip-metric-type: 2

ospf-redist-bgp-metric: none

ospf-redist-bgp-metric-type: 2

ospf-stub-router-on-startup: false

ospf-bfd-all-if: no

ospf-default-information: none

ospf-default-info-originate-metric: none

ospf-default-info-originate-metric-type: 2

bgp-snmp:  false

bgp-snmp-notification: false

ospf-snmp:  false

ospf-snmp-notification: false

ospf6-snmp:  false

ospf6-snmp-notification: false

ip-snmp: false

north
    keyboard_arrow_up
    keyboard_arrow_down
    description
    print
    feedback
    support
    business
    rss_feed
    south