[j-nsp] MX Design

Chuck Anderson cra at WPI.EDU
Thu Sep 13 10:08:44 EDT 2012 

On Thu, Sep 13, 2012 at 10:55:41AM +0200, Johan Borch wrote:
> Hi,
> 
> I have two mx and two ex connected as follows, L2 on the EX and L2/L3
> on MX, MX handles all the routing.
> 
> 
> MX -- MX
> |   \   /   |
> |   /   \   |
> EX -- EX
>    \    /
> Access-sw
> 
> 
> What is the best way to tie everything together? MSTP all the way up
> to MX or is there a better way? How do I transport VLAN's between the
> MX, with just tagging the interfaces between or is some kind of MPLS
> better?

We have a similar setup and are currently doing MSTP all the way
through, with 2 MSTIs and half the VLANs in each MSTI.  It works ok as
long as you are diligent about monitoring for STP topology changes and
minimizing/mitigating them as much as possible.  Don't allow random
users to plug/unplug STP-enabled devices, put all your edge ports into
edge mode and use bpdu-block-on-edge.  Also use no-root-port
protection on the MXes and set your bridge-priorities appropriately
(such as priority 0 for one MX, 4k for the other).

Options for avoiding/migrating away from MSTP:

1. MX Virtual Chassis + EX Virtual Chassis + regular AEs between them.
   Gets you full load-sharing, all links active on all VLANs, at the
   expense of fate-sharing your MXes with a single
   control-plane/management-plane between them.  This might actually
   work well with the latest 11.4 release...

2. EX Redundant Trunk Groups (RTG) to disable one of the uplink ports
   locally until the other one fails.  Active-Passive only, but
   simple--no control protocols to worry about.  Combine with EX VC
   and use regular AE to Access-sw if possible.

3. MX Multi-Chassis LAG (MC-LAG).  Either Active-Active or
   Active-Passive.  Somewhat complicated control protocol that is
   bug-prone.  I've seen PR's in the release notes that describe
   problems of the sort that I first encountered on Nortel's
   Split-Multi-Link Trunking 5-7 years ago.  The same mistakes are
   being made by Juniper.  I think this proves that this technology is
   perhaps overly complicated and difficult to get the implementation
   right.  Requires robust LACP implementation on the edge device,
   which should be OK if you stick with Juniper, hit-or-miss with
   other vendors.

4. Wait for Juniper to implement IEEE 802.1aq Shortest Path Bridging
   (SPB), especially SPB-MAC (SPBM).  It is unclear to me if the EX
   line hardware can support the MAC-in-MAC encapsulation required by
   SPBM.  It is my belief that this is the future of L2 networking.

More information about the juniper-nsp mailing list