Configuring the two aggregate VSX switches

The steps in this section are for configuring the two aggregate VSX switches, as described in Sample VSX solution topology. VSX switches do not automatically have VSX configuration synchronization enabled. After completing the steps in this section, enable VSX configuration synchronization for a feature, as described in VSX configuration synchronization. VSX synchronization sync configuration information from the primary switch (Aggregate-1) to the secondary switch (Aggregate-2). After completing the steps in this section, enable VSX configuration synchronization for a feature, as described in Enabling VSX configuration synchronization.

A VSX LAG supports a maximum of four member links per switch segment. A VSX LAG across a downstream switch can have at most a total of eight member links. Run the show capacities command for the maximum number of VSX LAGs supported for your type of switch.

NOTE:

When creating a VSX LAG, select an equal number of member links in each segment for load balancing, such as four member links (one segment) and four member links (another segment). Do not create a VSX LAG with four member links in one switch and two member links on another segment. A switch can have a maximum of four member links.

Procedure
  1. Access the prompt on the switch you want to make the primary aggregate switch.
  2. If the switch lacks a hostname, create one: 
    switch(config)# hostname <HOSTNAME>
  3. Create the required VLANS: 
    switch(config)# vlan 1-20
  4. Create the ISL interface: 
    switch(config)# interface lag 128
switch(config-lag-if)# no shutdown
switch(config-lag-if)# no routing
switch(config-lag-if)# vlan trunk native 1
switch(config-lag-if)# lacp mode active

    When a native VLAN is defined (as shown this example), the switch automatically executes the vlan trunk allowed all command to ensure that the default VLAN is allowed on the trunk. In this example, LAG 128 is being used as the ISL.

    The same list of VLANs that are trunked over the VSX LAGs must be configured on the primary and secondary VSX switches in the global configuration. The list of VLANs can be synced to the secondary switch if the vsx-sync command is used in the VLAN context. Also verify that the VLAN set is also permitted on the ISL on the primary and secondary VSX switches. To configure VLAN trunking on the ISL, enter the vlan trunk allowed [<VLAN-LIST> | all] command. If a native VLAN is defined, the switch automatically runs the vlan trunk allowed all command to ensure that the default VLAN is allowed on the trunk. To allow only specific VLANs on the trunk, enter the vlan trunk allowed <VLAN-LIST> command, for example: vlan trunk allowed 2,3,4

  5. Add a physical interface into the LAG: 
    switch(config)# interface 1/4/28
switch(config-if)# no shutdown
switch(config-if)# lag 128
switch(config)# interface 1/4/32
switch(config-if)# no shutdown
switch(config-if)# lag 128
  6. Enable the interface for keepalive communication: 
    switch(config)# interface 1/1/5
switch(config-if)# ip address 192.168.100.1/24
switch(config-if)# ipv6 address 2001:13::1/64
  7. Go to the vsx context: 
    switch(config)# vsx
switch(config-vsx)#
  8. Enter the role primary command for assigning the primary role to a switch. If you have already gone through these steps for configuring the primary switch and you are now configuring the secondary switch, enter the role secondary command.

    Setting the primary role on a switch: 

    switch(config-vsx)# role primary

    Setting the secondary role on a switch: 

    switch(config-vsx)# role secondary
  9. Enable ISL: 
    switch(config-vsx)# inter-switch-link lag 128

    In this example, ISL is being enabled for LAG 128.

    NOTE:

    Before you enter this command, verify that the interface is layer 2 and the LAG is not a VSX LAG.

  10. Enable keepalive: 
    switch(config-vsx)# keepalive peer 192.168.100.2 source 192.168.100.1

    In this example, 192.168.100.2 is the peer IP address and 192.168.100.1 is the source IP address.

  11. Enable the multichassis interface: 
    switch(config)# interface lag 1 multi-chassis
switch(config-lag-if)# no shutdown
switch(config-lag-if)# no routing
switch(config-lag-if)# vlan trunk native 1
switch(config-lag-if)# vlan trunk allowed 11
  12. Add physical interfaces into the multichassis interface: 
    switch(config)# interface 1/1/1
switch(config-if)# no shutdown
switch(config-if)# lag 1
  13. Create an active gateway SVI: 
    switch(config)# interface vlan 11
switch(config-if-vlan)# ip address 192.168.100.5/16
switch(config-if-vlan)# ipv6 address 2001:DB8::2/64
switch(config-if-vlan)# active-gateway ip 192.168.100.2 mac 00:00:00:00:00:01
switch(config-if-vlan)# active-gateway ipv6 2001:DB8::3 mac 00:00:01:00:00:01
  14. Enable uplink communication for OSPFv2: 
    switch(config)# router ospf 1
switch(config-ospf-1)# redistribute connected
switch(config-ospf-1)# area 0.0.0.0

    The redistribute connected command is optional in this example. See the Command-Line Interface Guide for your switch and software version for more information about the redistribute connected command.

  15. Enable uplink communication for OSPFv3: 
    switch(config)# router ospfv3 1
switch(config-ospfv3-1)# redistribute connected
switch(config-ospfv3-1)# area 0.0.0.0

    The redistribute connected command is optional in this example. See the Command-Line Interface Guide for your switch and software version for more information about the redistribute connected command.

  16. Create the loopback interface and enable OSPFv2/v3: 
    switch(config)# interface loopback 1
switch(config-loopback-if)# ip address 192.168.0.1/32
switch(config-loopback-if)# ip ospf 1 area 0.0.0.0
switch(config-loopback-if)# ipv6 ospfv3 1 area 0.0.0.0
  17. Enable OSPFv2/v3 on the physical port: 
    switch(config)# interface 1/4/30
switch(config-if)# no shutdown
switch(config-if)# ip address 192.168.10.0/31
switch(config-if)# ipv6 address 2001:11::1/64
switch(config-if)# ip ospf 1 area 0.0.0.0
switch(config-if)# ipv6 ospfv3 1 area 0.0.0.0
  18. Repeat the previous steps for the secondary aggregate switch.
  19. View the running configuration by entering the following on the primary and secondary switches: 
    switch# show running-config
  20. Verify that the ISL link is in-sync, the role of the switch, and the keepalive state (if enabled) by entering the following on the primary and secondary switches: 
    vsx-primary# show vsx brief
ISL State                              : In-Sync
Device State                           : Peer-Established
Keepalive State                        : Keepalive-Established
Device Role                            : primary
Number of Multi-chassis LAG interfaces : 2
  21. Verify the VSX status by entering the following on the primary and secondary switches: 
    switch# show vsx status
VSX Operational State
---------------------
  ISL channel             : In-Sync
  ISL mgmt channel        : operational
  Config Sync Status      : in-sync
  NAE                     : peer_reachable
  HTTPS Server            : peer_reachable


Attribute           Local                       Peer
------------        --------                    --------
ISL link            1/1/43                      1/1/43
ISL version         2                           2
System MAC          48:0f:cf:af:70:84           48:0f:cf:af:c2:84
Platform            8320                        8320
Software Version    10.03.0001                  10.03.0001
Device Role         primary                     secondary
  22. Verify the LACP interface status by entering the following on the primary and secondary switches: 
    switch# show lacp interfaces
  23. Verify the uplink (layer 3 communication) by entering the following on the primary and secondary switches: 
    switch# show ip ospf neighbors