On Fri 2017-Oct-27 18:04:36 +0200, Thomas Bellman <bell...@nsc.liu.se> wrote:
On 2017-10-26 18:11 (CEST), Hugo Slabbert wrote:[...] in a general a spine & leaf setup should be L3 for interswitch links, so any STP should be local to a given switch. [...] Here I'm just talking about a vanilla spine & leaf setup, not anything Juniper-specific e.g. QFabric or VCF or whatnot.You can also build a spine & leaf setup using TRILL och Shortest Path Bridging (SPB), in which case you have a single large layer 2-domain. Not using Juniper equipment, though, since Juniper supports neither TRILL nor SPB...
A fair point; TRILL was only somewhat in the mix when we were evaluating options, but vendor support was hit and miss. VXLAN ended up being a more common and "vetted" solution for L2 across a spine & leaf setup.
I'd be curious about more specific details from folks running QFX in prod in this type of setup.You are generally correct though. Configure your swithc-to-switch links as L3 ports (i.e. 'interface ... unit ... family inet/inet6', not 'family ethernet-switching'), and some routing protocol like OSPF, IS-IS or BGP. BGP is fairly popular in datacenter settings, but OSPF works fine as well, as should IS-IS. Layer 2 domains should be kept to a single leaf switch, and thus you don't need to run Spanning Tree at all. And definitely not on your links between spines and leafs, since that would block all but one of the uplinks, and give you all the pains of Spanning Tree without any of the benefits. (You *might* want to run STP on your client ports and configure them as edge ports with bpdu-block-on-edge, to protect against someone misadvertently connecting two L2 client ports togethere.)
Yep; that's our CYA config.
(I don't run a pure spine-and-leaf network myself. I am trying to migrate towards one, but we still have several "impurities", and have STP running in several places.)
We all still have lots of "dirty corners" in our networks ;) -- Hugo Slabbert | email, xmpp/jabber: h...@slabnet.com pgp key: B178313E | also on Signal
signature.asc
Description: Digital signature
_______________________________________________ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
