Hi all,
I could do with some advice please on the best way to configure spanning-tree on a VPLS network we are migrating to.
We have 2 sites - Birmingham and London - and we want VLANs available in both with the default gateways being hosted on the set of redundant ASA firewalls in Colo. This is with the aim of long term active-active VMWare environments with cross site vmotion. For reference both our sites are using HP Aruba 3810 switches uplinked to on-site provider Huawei equipment with a VPLS Cisco ASA firewall
Anyway the provider can map nearly all of VLANs fine except VLAN1, which is our main DATA VLAN (I know we should migrate away from it, but that is a longer term goal than what we need to achieve right now). So from this our network provider is putting VLAN1 on a separate ether-channel to the other VLANS, untagged our side and then tagging it their side 1405 until it gets either site and back to untagged.
I have no real training in VPLS technology and wanted to understand it better, so with some spare HP Procurve 2810's I lab replicated our network environment and am playing around how it all works. My confusion is around spanning-tree, I think it is working correct but I wanted to check with more knowledgable people before I go ahead and implement this in production when we migrate. We have the option of MSTP or PVRSTP on our Arubas - I am currently playing around with MSTP.
Our provider said that they will not be replicating our spanning-tree regoins on their equipment, so we will be handling it per-site ourselves. I've got it working two different ways on my lab, one where our Birmingham core switch is root for all MSTP instances, and one where each sites individual core switches are root for their instances and wanted advice on what would be best?
I am also thinking that my lab is probably going to act differently to how it will work in production as I do not fully know every part of VPLS technology Huawei or Cisco ASA provide compared to my pure HP lab, so if I am wrong about any of this I apologise!
For reference Trk4 will carry all of our VLANs on one ether-channel except VLAN1 and Trk10 will carry just VLAN1 on it's own ether-channel
So below is method 1 where Birmingham is the root bridge for just two insances with both London and Birmingham on the same region:
Birmingham Core Switch
spanning-tree config-name MSTP spanning-tree config-revision 1 spanning-tree instance 1 vlan 1 spanning-tree instance 1 priority 0 spanning-tree instance 1 trk4 path-cost 100000000 spanning-tree instance 1 trk10 priority 1 spanning-tree instance 1 trk4 priority 4 spanning-tree instance 2 vlan 2-4094 spanning-tree instance 2 priority 0 spanning-tree instance 2 trk10 path-cost 100000000 spanning-tree instance 2 trk4 priority 1 spanning-tree instance 2 trk10 priority 4 London Core Switch
spanning-tree config-name MSTP spanning-tree config-revision 1 spanning-tree instance 1 vlan 1 spanning-tree instance 1 priority 1 spanning-tree instance 1 trk4 path-cost 100000000 spanning-tree instance 1 trk10 priority 2 spanning-tree instance 1 trk4 priority 5 spanning-tree instance 2 vlan 2-4094 spanning-tree instance 2 priority 1 spanning-tree instance 2 trk10 path-cost 100000000 spanning-tree instance 2 trk4 priority 2 spanning-tree instance 2 trk10 priority 5
Method 2 I had separate regions per site with separate instances to ensure spanning-tree stays local to each site
Birmingham Core Switch
spanning-tree config-name BHX spanning-tree config-revision 1 spanning-tree instance 1 vlan 1 spanning-tree instance 1 trk4 path-cost 100000000 spanning-tree instance 1 trk10 priority 1 spanning-tree instance 1 trk4 priority 4 spanning-tree instance 2 vlan 2-4094 spanning-tree instance 2 trk10 path-cost 100000000 spanning-tree instance 2 trk4 priority 1 spanning-tree instance 2 trk10 priority 4 London Core Switch
spanning-tree config-name LDN spanning-tree config-revision 1 spanning-tree instance 3 vlan 1 spanning-tree instance 3 trk4 path-cost 100000000 spanning-tree instance 3 trk10 priority 1 spanning-tree instance 3 trk4 priority 4 spanning-tree instance 4 vlan 2-4094 spanning-tree instance 4 trk10 path-cost 100000000 spanning-tree instance 4 trk4 priority 1 spanning-tree instance 4 trk10 priority 4 Any advice would be much appreciated on the best method forwards! or if I have my thinking totally incorrect and should be looking at it differently.
No comments:
Post a Comment