Community discussions

MikroTik App
  4. RouterOS
  5. General

MLAG problem?

Post Reply
 
mfischer
just joined
Topic Author
Posts: 8
Joined: Fri May 10, 2019 3:39 pm

MLAG problem?

Fri Apr 19, 2024 12:40 pm

We are trying to implement the following MLAG setup:
Image

The switches swi-core-01 and swi-core-02 are CRS326-24S+2Q+, Fiber are 2 stacke Cisco C9300-48P.

The configs are:
swi-core-01 and swi-core-02: (the only difference is the admin-mac of the bridge)
Code: Select all
/interface bridge
add admin-mac=D4:01:C3:0A:A5:57 auto-mac=no name=bridge1 priority=0x1000 vlan-filtering=yes
/interface vlan
add interface=bridge1 name=vlan13 vlan-id=13
/interface bonding
add mode=802.3ad name=bond-core slaves=qsfpplus1-1,qsfpplus2-1 transmit-hash-policy=layer-3-and-4
add mlag-id=2 mode=802.3ad name=bond-fibre slaves=sfp-sfpplus24 transmit-hash-policy=layer-2-and-3
add mlag-id=1 mode=802.3ad name=bond-forti slaves=sfp-sfpplus23 transmit-hash-policy=layer-2-and-3
/interface bridge mlag
set bridge=bridge1 peer-port=bond-core
/interface bridge port
add bridge=bridge1 edge=no interface=bond-core pvid=998
add bridge=bridge1 interface=bond-fibre
add bridge=bridge1 interface=bond-forti
add bridge=bridge1 interface=sfp-sfpplus1
add bridge=bridge1 interface=sfp-sfpplus2
add bridge=bridge1 interface=sfp-sfpplus3
add bridge=bridge1 interface=sfp-sfpplus4
add bridge=bridge1 interface=sfp-sfpplus5
add bridge=bridge1 interface=sfp-sfpplus6
add bridge=bridge1 interface=sfp-sfpplus7
add bridge=bridge1 interface=sfp-sfpplus8
add bridge=bridge1 interface=sfp-sfpplus9
add bridge=bridge1 interface=sfp-sfpplus10
add bridge=bridge1 interface=sfp-sfpplus11
add bridge=bridge1 interface=sfp-sfpplus12
add bridge=bridge1 interface=sfp-sfpplus13
add bridge=bridge1 interface=sfp-sfpplus14
add bridge=bridge1 interface=sfp-sfpplus15
add bridge=bridge1 interface=sfp-sfpplus16
add bridge=bridge1 interface=sfp-sfpplus17
add bridge=bridge1 interface=sfp-sfpplus18
add bridge=bridge1 comment=esxl-01 interface=sfp-sfpplus19 pvid=12
add bridge=bridge1 comment=esxl-01 interface=sfp-sfpplus20 pvid=12
add bridge=bridge1 comment=esxl-02 interface=sfp-sfpplus21 pvid=12
add bridge=bridge1 comment=esxl-02 interface=sfp-sfpplus22 pvid=12
/interface bridge vlan
add bridge=bridge1 comment=ICCP-MLAG-Core-Communication untagged=bond-core vlan-ids=998
add bridge=bridge1 tagged="bond-core,ether1,bond-forti,sfp-sfpplus2,sfp-sfpplus3,sfp-sfpplus4,sfp-sfpplus5,sfp-sfpplus6,sfp-sfpplus7,sfp-sfpplus8,sfp-sfpplus9,sfp-sfpplus10,sfp-sfpplus11,sfp-sfpplus12,sfp-sfpplus13,sfp-sfpplus14,sfp-sfpplus15,sfp-sfpplus16,sfp-sfpplus17,sfp-sfpplus18,sfp-sfpplus19,sfp-sfpplus20,sfp-sfpplus21,sfp-sfpplus22,sfp-sfpplus1,bond-fibre" vlan-ids=2
add bridge=bridge1 tagged="bond-core,ether1,bond-forti,sfp-sfpplus2,sfp-sfpplus3,sfp-sfpplus4,sfp-sfpplus5,sfp-sfpplus6,sfp-sfpplus7,sfp-sfpplus8,sfp-sfpplus9,sfp-sfpplus10,sfp-sfpplus11,sfp-sfpplus12,sfp-sfpplus13,sfp-sfpplus14,sfp-sfpplus15,sfp-sfpplus16,sfp-sfpplus17,sfp-sfpplus18,sfp-sfpplus19,sfp-sfpplus20,sfp-sfpplus21,sfp-sfpplus22,sfp-sfpplus1,bond-fibre" vlan-ids=3
add bridge=bridge1 tagged="bond-core,ether1,bond-forti,sfp-sfpplus2,sfp-sfpplus3,sfp-sfpplus4,sfp-sfpplus5,sfp-sfpplus6,sfp-sfpplus7,sfp-sfpplus8,sfp-sfpplus9,sfp-sfpplus10,sfp-sfpplus11,sfp-sfpplus12,sfp-sfpplus13,sfp-sfpplus14,sfp-sfpplus15,sfp-sfpplus16,sfp-sfpplus17,sfp-sfpplus18,sfp-sfpplus19,sfp-sfpplus20,sfp-sfpplus21,sfp-sfpplus22,sfp-sfpplus1,bond-fibre" vlan-ids=4
add bridge=bridge1 tagged="bond-core,ether1,bond-forti,sfp-sfpplus2,sfp-sfpplus3,sfp-sfpplus4,sfp-sfpplus5,sfp-sfpplus6,sfp-sfpplus7,sfp-sfpplus8,sfp-sfpplus9,sfp-sfpplus10,sfp-sfpplus11,sfp-sfpplus12,sfp-sfpplus13,sfp-sfpplus14,sfp-sfpplus15,sfp-sfpplus16,sfp-sfpplus17,sfp-sfpplus18,sfp-sfpplus19,sfp-sfpplus20,sfp-sfpplus21,sfp-sfpplus22,sfp-sfpplus1,bond-fibre" vlan-ids=5
add bridge=bridge1 tagged="bond-core,ether1,bond-forti,sfp-sfpplus2,sfp-sfpplus3,sfp-sfpplus4,sfp-sfpplus5,sfp-sfpplus6,sfp-sfpplus7,sfp-sfpplus8,sfp-sfpplus9,sfp-sfpplus10,sfp-sfpplus11,sfp-sfpplus12,sfp-sfpplus13,sfp-sfpplus14,sfp-sfpplus15,sfp-sfpplus16,sfp-sfpplus17,sfp-sfpplus18,sfp-sfpplus19,sfp-sfpplus20,sfp-sfpplus21,sfp-sfpplus22,sfp-sfpplus1,bond-fibre" vlan-ids=6
add bridge=bridge1 comment=fiber-forty tagged="bond-core,ether1,bond-forti,sfp-sfpplus2,sfp-sfpplus3,sfp-sfpplus4,sfp-sfpplus5,sfp-sfpplus6,sfp-sfpplus7,sfp-sfpplus8,sfp-sfpplus9,sfp-sfpplus10,sfp-sfpplus11,sfp-sfpplus12,sfp-sfpplus13,sfp-sfpplus14,sfp-sfpplus15,sfp-sfpplus16,sfp-sfpplus17,sfp-sfpplus18,sfp-sfpplus19,sfp-sfpplus20,sfp-sfpplus21,sfp-sfpplus22,sfp-sfpplus1,bond-fibre" vlan-ids=7
add bridge=bridge1 tagged="bond-core,ether1,bond-forti,sfp-sfpplus2,sfp-sfpplus3,sfp-sfpplus4,sfp-sfpplus5,sfp-sfpplus6,sfp-sfpplus7,sfp-sfpplus8,sfp-sfpplus9,sfp-sfpplus10,sfp-sfpplus11,sfp-sfpplus12,sfp-sfpplus13,sfp-sfpplus14,sfp-sfpplus15,sfp-sfpplus16,sfp-sfpplus17,sfp-sfpplus18,sfp-sfpplus19,sfp-sfpplus20,sfp-sfpplus21,sfp-sfpplus22,sfp-sfpplus1,bond-fibre" vlan-ids=8
add bridge=bridge1 tagged="bond-core,ether1,bond-forti,sfp-sfpplus2,sfp-sfpplus3,sfp-sfpplus4,sfp-sfpplus5,sfp-sfpplus6,sfp-sfpplus7,sfp-sfpplus8,sfp-sfpplus9,sfp-sfpplus10,sfp-sfpplus11,sfp-sfpplus12,sfp-sfpplus13,sfp-sfpplus14,sfp-sfpplus15,sfp-sfpplus16,sfp-sfpplus17,sfp-sfpplus18,sfp-sfpplus19,sfp-sfpplus20,sfp-sfpplus21,sfp-sfpplus22,sfp-sfpplus1,bond-fibre,bridge1" vlan-ids=9
add bridge=bridge1 tagged="bond-core,ether1,bond-forti,sfp-sfpplus2,sfp-sfpplus3,sfp-sfpplus4,sfp-sfpplus5,sfp-sfpplus6,sfp-sfpplus7,sfp-sfpplus8,sfp-sfpplus9,sfp-sfpplus10,sfp-sfpplus11,sfp-sfpplus12,sfp-sfpplus13,sfp-sfpplus14,sfp-sfpplus15,sfp-sfpplus16,sfp-sfpplus17,sfp-sfpplus18,sfp-sfpplus19,sfp-sfpplus20,sfp-sfpplus21,sfp-sfpplus22,sfp-sfpplus1,bond-fibre" vlan-ids=10
add bridge=bridge1tagged="bond-core,ether1,bond-forti,sfp-sfpplus2,sfp-sfpplus3,sfp-sfpplus4,sfp-sfpplus5,sfp-sfpplus6,sfp-sfpplus7,sfp-sfpplus8,sfp-sfpplus9,sfp-sfpplus10,sfp-sfpplus11,sfp-sfpplus12,sfp-sfpplus13,sfp-sfpplus14,sfp-sfpplus15,sfp-sfpplus16,sfp-sfpplus17,sfp-sfpplus18,sfp-sfpplus19,sfp-sfpplus20,sfp-sfpplus21,sfp-sfpplus22,sfp-sfpplus1,bond-fibre" vlan-ids=11
add bridge=bridge1 tagged="bond-core,ether1,bond-forti,sfp-sfpplus2,sfp-sfpplus3,sfp-sfpplus4,sfp-sfpplus5,sfp-sfpplus6,sfp-sfpplus7,sfp-sfpplus8,sfp-sfpplus9,sfp-sfpplus10,sfp-sfpplus11,sfp-sfpplus12,sfp-sfpplus13,sfp-sfpplus14,sfp-sfpplus15,sfp-sfpplus16,sfp-sfpplus17,sfp-sfpplus18,sfp-sfpplus1,bond-fibre" untagged=sfp-sfpplus19,sfp-sfpplus20,sfp-sfpplus21,sfp-sfpplus22 vlan-ids=12
add bridge=bridge1 tagged="bridge1,bond-core,bond-forti,sfp-sfpplus2,sfp-sfpplus3,sfp-sfpplus4,sfp-sfpplus5,sfp-sfpplus6,sfp-sfpplus7,sfp-sfpplus8,sfp-sfpplus9,sfp-sfpplus10,sfp-sfpplus11,sfp-sfpplus12,sfp-sfpplus13,sfp-sfpplus14,sfp-sfpplus15,sfp-sfpplus16,sfp-sfpplus17,sfp-sfpplus18,sfp-sfpplus19,sfp-sfpplus20,sfp-sfpplus21,sfp-sfpplus22,sfp-sfpplus1,bond-fibre" untagged=ether1 vlan-ids=13
add bridge=bridge1 tagged="bond-core,ether1,bond-forti,sfp-sfpplus2,sfp-sfpplus3,sfp-sfpplus4,sfp-sfpplus5,sfp-sfpplus6,sfp-sfpplus7,sfp-sfpplus8,sfp-sfpplus9,sfp-sfpplus10,sfp-sfpplus11,sfp-sfpplus12,sfp-sfpplus13,sfp-sfpplus14,sfp-sfpplus15,sfp-sfpplus16,sfp-sfpplus17,sfp-sfpplus18,sfp-sfpplus19,sfp-sfpplus20,sfp-sfpplus21,sfp-sfpplus22,sfp-sfpplus1,bond-fibre" vlan-ids=14
add bridge=bridge1 comment="Projekt (ID:15)" tagged="bond-core,ether1,bond-forti,sfp-sfpplus2,sfp-sfpplus3,sfp-sfpplus4,sfp-sfpplus5,sfp-sfpplus6,sfp-sfpplus7,sfp-sfpplus8,sfp-sfpplus9,sfp-sfpplus10,sfp-sfpplus11,sfp-sfpplus12,sfp-sfpplus13,sfp-sfpplus14,sfp-sfpplus15,sfp-sfpplus16,sfp-sfpplus17,sfp-sfpplus18,sfp-sfpplus19,sfp-sfpplus20,sfp-sfpplus21,sfp-sfpplus22,sfp-sfpplus1,bond-fibre" vlan-ids=15
add bridge=bridge1 tagged="bond-core,ether1,bond-forti,sfp-sfpplus2,sfp-sfpplus3,sfp-sfpplus4,sfp-sfpplus5,sfp-sfpplus6,sfp-sfpplus7,sfp-sfpplus8,sfp-sfpplus9,sfp-sfpplus10,sfp-sfpplus11,sfp-sfpplus12,sfp-sfpplus13,sfp-sfpplus14,sfp-sfpplus15,sfp-sfpplus16,sfp-sfpplus17,sfp-sfpplus18,sfp-sfpplus19,sfp-sfpplus20,sfp-sfpplus21,sfp-sfpplus22,sfp-sfpplus1,bond-fibre" vlan-ids=16
add bridge=bridge1 comment=DMZ-Unterricht tagged="bond-core,ether1,bond-forti,sfp-sfpplus2,sfp-sfpplus3,sfp-sfpplus4,sfp-sfpplus5,sfp-sfpplus6,sfp-sfpplus7,sfp-sfpplus8,sfp-sfpplus9,sfp-sfpplus10,sfp-sfpplus11,sfp-sfpplus12,sfp-sfpplus13,sfp-sfpplus14,sfp-sfpplus15,sfp-sfpplus16,sfp-sfpplus17,sfp-sfpplus18,sfp-sfpplus19,sfp-sfpplus20,sfp-sfpplus21,sfp-sfpplus22,sfp-sfpplus1,bond-fibre" vlan-ids=17
add bridge=bridge1 comment=sthwohn tagged="bond-core,ether1,bond-forti,sfp-sfpplus2,sfp-sfpplus3,sfp-sfpplus4,sfp-sfpplus5,sfp-sfpplus6,sfp-sfpplus7,sfp-sfpplus8,sfp-sfpplus9,sfp-sfpplus10,sfp-sfpplus11,sfp-sfpplus12,sfp-sfpplus13,sfp-sfpplus14,sfp-sfpplus15,sfp-sfpplus16,sfp-sfpplus17,sfp-sfpplus18,sfp-sfpplus19,sfp-sfpplus20,sfp-sfpplus21,sfp-sfpplus22,sfp-sfpplus1,bond-fibre" vlan-ids=20
/ip address
add address=172.16.13.31/24 interface=vlan13 network=172.16.13.0
/ip route
add disabled=no dst-address=0.0.0.0/0 gateway=172.16.13.1 routing-table=main suppress-hw-offload=no
The relevant configuration on the cisco is:
Code: Select all
interface TenGigabitEthernet1/1/1
 description swi-core-01/sfp-sfpplus-24
 switchport mode trunk
 channel-protocol lacp
 channel-group 10 mode active
end
interface TenGigabitEthernet2/1/1
 description swi-core-02/sfp-sfpplus-24
 switchport mode trunk
 channel-protocol lacp
 channel-group 10 mode active
end
interface Port-channel10
 description swi-core/bond-fiber
 switchport mode trunk
end
spanning-tree mode rapid-pvst
spanning-tree extend system-id
no spanning-tree vlan 760,765,770,775,999-1000
spanning-tree vlan 1-4094 priority 8192
The Fortigate Link is configured as LACP and has VLAN-Interfaces configured on that link. This device does the routing.

We are experiencing issues (STP?) when we connect another Cisco Switch to one of the core switches. To be honest I have no idea if it is a configuration issue or a bug...

There are a lot of posts in this forum stating that MLAG is not working as it is intended and causes STP problems. Are there any problems fixed with 7.14.1?

Thanks,
Mike
You do not have the required permissions to view the files attached to this post.
Top
 
User avatar
damadmai
just joined
Posts: 9
Joined: Fri Nov 01, 2019 11:54 pm
Location: Vienna, Austria
Contact:
Contact damadmai

Re: MLAG problem?

Fri Apr 26, 2024 3:26 pm

I encountered problems with Cisco port channels connected to MikroTik CRS317 RouterOS 7.14.3 too.
Code: Select all
Eth1/22       sw-1 vpcCmpFai trunk     full    auto    10Gbase-LR
Using
Code: Select all
# sho vpc consistency-parameters vpc 22
it was seen that there was a lag-id MAC-Adress mismatch.
The LACP ports of the CRS317 used their own MAC-Adress after reboots for a while an switched to the same for both members with the same mlag-id later.

This could be resolved by setting the MAC-Adress of the second switch forced to the same as of the first switch using:
Code: Select all
/interface/bonding> set forced-mac-address=
Top
 
User avatar
damadmai
just joined
Posts: 9
Joined: Fri Nov 01, 2019 11:54 pm
Location: Vienna, Austria
Contact:
Contact damadmai

Re: MLAG problem?

Fri Apr 26, 2024 4:06 pm

This may be related to the report:

viewtopic.php?p=1070572&hilit=mlag#p1021198

> The lacp system id changes when devices are rebooted
Top
Post Reply

Who is online

Users browsing this forum: scoobyn8 and 21 guests
  4. RouterOS
  5. General