Re: [j-nsp] STP in spine leaf architecture

Fri, 27 Oct 2017 09:24:07 -0700 


On Fri 2017-Oct-27 18:04:36 +0200, Thomas Bellman <bell...@nsc.liu.se> wrote:


On 2017-10-26 18:11 (CEST), Hugo Slabbert wrote:


[...] in a general a spine & leaf setup should be L3 for interswitch
links, so any STP should be local to a given switch.  [...]
Here I'm just talking about a vanilla spine & leaf setup, not anything
Juniper-specific e.g. QFabric or VCF or whatnot.


You can also build a spine & leaf setup using TRILL och Shortest Path
Bridging (SPB), in which case you have a single large layer 2-domain.
Not using Juniper equipment, though, since Juniper supports neither
TRILL nor SPB...
A fair point; TRILL was only somewhat in the mix when we were evaluating options, but vendor support was hit and miss. VXLAN ended up being a more common and "vetted" solution for L2 across a spine & leaf setup. 


I'd be curious about more specific details from folks running QFX in
prod in this type of setup.


You are generally correct though.  Configure your swithc-to-switch
links as L3 ports (i.e. 'interface ... unit ... family inet/inet6',
not 'family ethernet-switching'), and some routing protocol like
OSPF, IS-IS or BGP.  BGP is fairly popular in datacenter settings,
but OSPF works fine as well, as should IS-IS.

Layer 2 domains should be kept to a single leaf switch, and thus you
don't need to run Spanning Tree at all.  And definitely not on your
links between spines and leafs, since that would block all but one of
the uplinks, and give you all the pains of Spanning Tree without any
of the benefits.  (You *might* want to run STP on your client ports and
configure them as edge ports with bpdu-block-on-edge, to protect against
someone misadvertently connecting two L2 client ports togethere.)


Yep; that's our CYA config.


(I don't run a pure spine-and-leaf network myself.  I am trying to
migrate towards one, but we still have several "impurities", and
have STP running in several places.)


We all still have lots of "dirty corners" in our networks ;)

--
Hugo Slabbert       | email, xmpp/jabber: h...@slabnet.com
pgp key: B178313E   | also on Signal

Attachment: signature.asc
Description: Digital signature

_______________________________________________
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp

Reply via email to