[f-nsp] MLXe interface management - one mac address per chassis ?!?

"Rolf Hanßen" nsp at rhanssen.de
Wed Jan 30 07:09:14 EST 2013 

Hello,

do you have vlan 100 configured on the MLX ?
If yes, use the ve instead the management-port or make sure no
mac-addresses are learned within the vlan (enable transparent-hw-flooding
or use MPLS) and MLX geneartes no packets in that vlan.
If not, I do not see the problem, your FCS should be able to learn the MAC
on different ports in different vlans.
But this will become a problem if you use a switch that has a global MAC
table and not one each vlan in such configuration.

btw, the management-port afaik does not switch (or route to another
interface) packets (at least it did not some years ago with the old MLX).

kind regards
Rolf

> Hello,
>
>
>
> I have stumbled upon a limitation that I can't seem to find any workaround
> for. I have the following setup per-pop :
>
> MLXe ========== FCS stack (2 members) =========== Management interfaces of
> devices (switchs, PDUs, firewalls, etc.)
>
> I created a managment VRF that spans multiple POPs, each has it's IP
> private space.
>
> A Vlan (on the MLXe) is binded to a VRF, the VLAN is trunked down to a
> stack of switchs (using a LAG) in order to aggregate cabling.
>
>
>
> Problem I have is the following :
>
> I can't use the dedicated managment interface on the MLX MR2 modules
> because the chassis only has one mac-address.
>
> So, when I plug in the cable to the aggregation switchs, mac-address is
> not
> learned from that port but rather from the LAG. Otherwise, I would create
> a
> nice L2 loop ;-)
>
>
>
> This on the MLX :
>
> Ethernetmgmt1 is down, line protocol is down
>
>   STP Root Guard is disabled, STP BPDU Guard is disabled
>
>   Hardware is Ethernet, address is *0024.38a5.7b00 (bia 0024.38a5.7b00)*
>
>
>
> This is on the FCS stack switchs :
>
> telnet at ag01-par01#sh mac-address
>
> Total active entries from all ports = 35
>
> MAC-Address     Port           Type          Index  VLAN
>
> ....
>
> *0024.38a4.fb00  1/1/1*2/1/1    Dynamic       28312  100*
>
>
>
> N.B : e1/1/1 and 2/1/1 are the ports used to create uplink LAG to the MLX
> router / VLAN100 is the managment VLAN bounded to the management VRF.
>
>
>
> For operational needs, I would really like to use the dedicated management
> interface on the MLX routers (authentication, supervision/monitoring,
> etc.).
>
> Sadly, there is nothing you can do on that interface except change the IP
> address :-/
>
> Has anyone faced this before ? Any workaround you can think of ?
>
> Best.
>
> Y.
> _______________________________________________
> foundry-nsp mailing list
> foundry-nsp at puck.nether.net
> http://puck.nether.net/mailman/listinfo/foundry-nsp

More information about the foundry-nsp mailing list