Show Menu
Cheatography

Arista MLAG Cheat Sheet (DRAFT) by

This is a draft cheat sheet. It is a work in progress and is not finished yet.

Multi-­Chassis Link Aggreg­ation

Two physical switches (same platform, same EOS version for simplicity and predic­tab­ility) connected via a peer-link to form one logical switch for redund­ancy, higher resili­ency, and allowing active­/active use of all interc­onn­ects.

Config­uration

Peer A

Turn off spanning tree for the MLAG VLAN:
no spanning-tree vlan 4094

Configure the VLAN for MLAG control plane traffic; can be any VLAN but recommended to use 4094:
vlan 4094

Put this VLAN into a trunk group which removes this VLAN out of the default switchport mode trunk command:
  trunk group MLAG-Peer

Create the L3 interface for the MLAG VLAN which carries the control plane traffic across the peer-link and serves as the source interface for the MLAG tunnel:
interface Vlan 4094
  ip address 169.1.1.1/30

Set the interface to always be "up":
  no autostate

Set MTU to allow jumbo frames:
  mtu 9214

Create the L2 peer link between the two peers.  Use LACP (mode active) and use at least two interfaces for redundancy:

interface Ethernet 51/1
  description MLAG Peer Link Member
  channel-group 2000 mode active
interface Ethernet 52/1
  description MLAG Peer Link Member
  channel-group 2000 mode active
interface Port-Channel 2000
  description MLAG Peer Link
  switchport mode trunk

Add the trunk group created earlier for the MLAG VLAN to allow this traffic to traverse this link:
  switchport trunk group MLAG-Peer

Ensure native vlan packets are tagged.  In later codes (>4.21.1F), this is internal code and doesn't need to be explicitly configured:
  switchport trunk native vlan tag

Configure the MLAG domain.
mlag configuration

The Domain ID is case sensitive and has to match identically to its peer:
  domain-id AristaMLAG1

Set the source interface:
  local-interface Vlan4094

Set the destination interface:
  peer-address 169.1.1.2

Set the peer link:
  peer-link Port-Channel2000

interface Port-Channel X
  switchport mode trunk

Configure port-channels to be MLAG member ports:
  mlag <mlag_ID>

interface Ethernet Y
  description Example MLAG member link

Use LACP (mode active) whenever possible.
  channel-group X mode active


Peer B
Configure identically to Peer A with differences noted below:

interface Vlan 4094
  ip address 169.1.1.2/30
  no autostate
  mtu 9214
!
mlag configuration
  domain-id AristaMLAG1
  local-interface Vlan4094
  peer-address 169.1.1.1
  peer-link Port-Channel2000
!

Sample Topology and Termin­ology

*Only two switches per MLAG domain.

*The peer link is mainly for control plane traffic, but L3 traffic (these are still two "­rou­ter­s" even though they are simulating one "­swi­tch­") and Layer 2 data plane traffic could still traverse the peer link (singl­e-homed devices aka orphan ports or active­/down MLAG interf­aces.)

Confir­mation

show mlag config­-sanity
Run on both peers to confirm no incons­ist­encies or issues
show mlag detail
Confirm MLAG is active, which peer is Primar­y/S­eco­ndary, timers, number of active­-fu­ll/­act­ive­-pa­rtial interf­aces, etc.
show mlag interfaces [detai­l|m­emb­ers­|st­ates]
Confirm inform­ation on MLAG interf­aces.
show mlag issu warnings
Displays a warning message regarding the backwa­rd-­com­pat­ibility of this feature before upgrading.
tcpdump
#bash tcpdump -nei vlan4094 port 4432 ==> to confirm control plane traffic for mlag is being sent and received.

Things to Note

MLAG System ID
Derived after Primary Peer is elected (lowest MAC address); persistent across reboots; LACP and STP control packets uses this to emulate one "­log­ica­l" switch.
STP
Active only on the Primary Peer; config­uration needs to be consistent across both peers for seamless failover; Secondary will forward BPDUs to Primary across the Peer Link.
TCP and UDP Port 4432
Must be permitted in control plane ACL on both peers if non-de­fault control plane ACL is used.
MAC address table
Sync'ed between MLAG peers for active­/active member ports.
IGMP Snooping Tables
Sync'ed between MLAG peers for active­/active member ports; config­uration should be consistent across both peers.
ARP table sync?
No ARP table sync with MLAG.
L3 Sync?
MLAG is L2 active­/active techno­logy. To get an active­/active L3 Gateway use VARP, but keep in mind that though MLAG forms one logical switch between two switches, there are two separate Layer 3 control planes on each peer.
For any additional questions, please check EOS Centra­l/A­rista Forum or contact Arista TAC. https:­//w­ww.a­ri­sta.co­m/e­n/s­upp­ort­/cu­sto­mer­-su­pport
 

Config­uration Notes

Turn off STP on the MLAG peering VLAN to prevent the peer link from going into the discarding state.
Recomm­ended to use VLAN4094 but any VLAN can be used. Use the same VLAN throughout all MLAG domains for consis­tency.
Put the MLAG peering VLAN into a trunk group to ensure this VLAN isn't used by any other ports and avoid any possible loop conditions being created.
Use "no autost­ate­" on the MLAG SVI to ensure this interface remains UP.
For the Peer Link port-c­hannel, use a minimum of two interfaces across multiple ASICs or line cards for optimal redund­ancy.
The Peer Link capacity should be equal to the Leaf-t­o-Spine total capacity to avoid losing capacity if the uplinks fail.
The MLAG Domain ID needs to be identical (case-­sen­sitive) across Peers as well as be unique in regards to other Leaf MLAG pairs.
The MLAG IDs need to match across Peers, but it is recomm­ended to use the same port-c­hannel ID across both Peers if possible for simplicity in operations and troubl­esh­ooting.
MLAG timers should be kept to the default values. Reload Delay is the interval that MLAG interfaces are disabled after an MLAG peer reboots. Non MLAG Reload Delay is the interval that non-MLAG links are disabled after an MLAG peer reboots.
After 4.21.1F, "­swi­tchport mode trunk native vlan tag" is no longer needed to be explicitly configured on the MLAG Peer Link.