VSX solution requirements

  • All VSX switches in an environment must have identical settings for the following:

    • The VLAN membership for all VSX trunk ports.

    • The loop-protection configuration on a VLAN that is part of a VSX LAG.
  • Mutually exclusive features:
    • VSX active-forwarding and VSX active-gateway on the same VLAN interface

    • VSX active-gateway and VRRP

    • VSX and MVRP

    • VxLAN and VSX

  • Profiles for 832x series switches: All switches must be assigned either in profile L3-agg or L3-core.

  • Support for Inter-Switch links (ISLs): VSX LAG does not support layer 3 processing, such as a routed port; however, multiple Virtual Switch Interfaces (VSI) can be configured on the switch in association with the VLANs carried over the given VSX LAG.

  • Support for Layer 3: VSX LAG as a route only port is not supported. To enable Layer 3, create an SVI associated to a given VLAN that is enabled on the VSX LAG.

  • VLAN support: The same list of VLANs that are trunked over the VSX LAGs must be configured on the primary and secondary VSX switches in the global configuration. The list of VLANs can be synced to the secondary switch if the vsx-sync command is used in the VLAN context. Also verify that the VLAN set is also permitted on the ISL on the primary and secondary VSX switches. To configure VLAN trunking on the ISL, enter the vlan trunk allowed [<VLAN-LIST> | all] command. If a native VLAN is defined, the switch automatically runs the vlan trunk allowed all command to ensure that the default VLAN is allowed on the trunk. To allow only specific VLANs on the trunk, enter the vlan trunk allowed <VLAN-LIST> command, for example: vlan trunk allowed 2,3,4

    For steps about creating the ISL within a VSX LAG, see Configuring the two aggregate VSX switches.

  • VSX active-forwarding, VSX active-gateway, and VSX LAG are supported with BFD.

  • VSX switches and software versions: Both VSX peer switches must use the same software version in most situations; however during an upgrade, one switch can run a different version than the peer with some limitations, such as no VSX synchronization support.