Configuring core 1 and core 2 for VSX

The steps in this section are for configuring core 1 and core 2 for VSX, as displayed in Figure 2: VSX LAG in the core (recommended).

After completing these steps, configure the aggregate switches in your network topology, as described in Configuring the two aggregate VSX switches. Then, enable VSX configuration synchronization for a feature, as described in Enabling VSX configuration synchronization.

A VSX LAG supports a maximum of four member links per switch segment. A VSX LAG across a downstream switch can have at most a total of eight member links. Run the show capacities command for the maximum number of VSX LAGs supported for your type of switch.

The core can be third-party devices, as long as they support LACP for downstream connectivity to the VSX LAG. VSX synchronization syncs from the primary switch (aggregate 1) to the secondary switch (aggregate-2).

NOTE:

When creating a VSX LAG, select an equal number of member links in each segment for load balancing, such as four member links (one segment) and four member links (another segment). Do not create a VSX LAG with four member links in one switch and two member links on another segment. A switch can have a maximum of four member links.

Procedure
  1. Access the prompt on the switch you want to make the primary core switch.
  2. If the switch lacks a hostname, create one: 
    switch(config)# hostname <HOSTNAME>
  3. Create the required VLANS: 
    switch(config)# vlan 1-20
  4. Enable OSPFv2: 
    switch(config)# router ospf 1
switch(config-ospf-1)# redistribute connected
switch(config-ospf-1)# area 0.0.0.0
  5. Enable OSPFv3: 
    switch(config)# router ospfv3 1
switch(config-ospfv3-1)# redistribute connected
switch(config-ospfv3-1)# area 0.0.0.0
switch(config-ospfv3-1)# exit

    OSPFv2 and OSPFv3 are not required to be activated simultaneously. Activate OSPFv2 and OSPFV3 according to the needs of the environment.

  6. Create a loop back interface and enable OSPFv2/v3: 
    switch(config)# interface loopback 1
switch(config-loopback-if)# ip address 3.3.3.3/24
switch(config-loopback-if)# ip ospf 1 area 0.0.0.0
switch(config-loopback-if)# exit
  7. Enable OSPFv2/v3 on the physical port: 
    switch(config)# interface 1/2/43
switch(config-if)# no shutdown
switch(config-if)# ip address 192.168.10.5/24
switch(config-if)# ipv6 address 2001:11::3/64
switch(config-if)# ip ospf 1 area 0.0.0.0
switch(config-if)# ipv6 ospfv3 1 area 0.0.0.0
switch(config-if)# exit
  8. Create a VLAN for the host network: 
    switch(config)# vlan 200
switch(config-vlan-200)# interface vlan 200
switch(config-if-vlan)# ip address 192.168.10.6/16
switch(config-if-vlan)# ipv6 address 2001:200::1/64
switch(config-if-vlan)# exit
  9. Enable the port for host communication: 
    switch(config)# interface 1/1/48
switch(config-if)# no shutdown
switch(config-if)# no routing
switch(config-if)# vlan access 200
switch(config-if)# exit
  10. Enter vsx: 
    switch(config)# vsx
switch(config-vsx)#
  11. Enter the role primary command for assigning the primary role to a switch. If you have already gone through these steps for configuring the primary switch and you are now configuring the secondary switch, enter the role secondary command.

    Setting the primary role on a switch: 

    switch(config-vsx)# role primary

    Setting the secondary role on a switch: 

    switch(config-vsx)# role secondary
  12. Configure a layer 2 interface as an ISL: 
    switch(config-vsx)# inter-switch-link lag 100

    In this instance, an ISL was configured over LAG 100.

    NOTE:

    Before you enter this command, verify that the interface is layer 2 and the LAG is not a VSX LAG.

  13. Keepalive helps the core switches continue to stay insynch during an ISL failure. When creating the keepalive path, make sure that the path does not go over the ISL or a VSX LAG. Keepalive can be configure two ways for core 1 and core 2. One way is to enable keepalive between core 1 and core 2 as a direct link. A second way is to create a keepalive path for a loopback interface through the upstream that lacks a VSX LAG. 
    switch(config)# int loopback 0
switch(config-loopback-if)# ip address 192.168.1.1/32
switch(config-loopback-if)# ip ospf 1 area 0
switch(config-loopback-if)# exit
switch(config)# vsx
switch(config-vsx)# keepalive peer 192.168.1.2 source 192.168.1.1 vrf <KA-VRF-NAME>
switch(config-vsx)# exit
switch(config)# int loopback 0
switch(config-loopback-if)# vrf attach <KA-VRF-NAME>
    NOTE:

    The source of the keepalive interface can be a supported layer 3 interface through the loopback interface, SVI, or layer 3 interface. The source must be reachable to the VSX peer through layer 3. The path can be over the core or direct path. The keepalive path must not be over the ISL. See Recommended network configuration for keepalive.

  14. Change the context to the switch(config)# context: 
    switch(config-vsx)# exit
switch(config)#
  15. Configuring a LAG interface as an ISL: 
    switch(config)# interface lag <LAG-ID>
    For example, configuring LAG 100 as an ISL LAG: 
    switch(config)# interface lag 100
switch(config-lag-if)# vsx
switch(config-vsx)# inter-switch-link lag 100
  16. Repeat the previous steps for the secondary core switch.
  17. Enter the show vsx configuration inter-switch-link command for confirming the properties of the VSX LAG, such as confirming if the ISL is in-sync. 
    switch# show vsx configuration inter-switch-link
Inter Switch Link   : 1/1/43
Hello Interval      : 1 Seconds
Dead Interval       : 20 Seconds
Hold Time           : 0 Seconds
System MAC          : 10:00:00:00:00:01
Device Role         : primary
Multichassis LAGs   : lag100