Automating VRR Configuration with Mako

Follow

This article provides a mechanism for scaling VRR to 200 SVIs (switch VLAN interfaces) using Mako.

Important: This knowledge base article is an extension of the documentation Deploying VRR on Cumulus Linux. Please read the documentation prior to reading this one.

{{table_of_contents}}

Configuring the Switches

The diagram above uses the following example configuration. This configuration only shows 1 SVI (Switch VLAN interface), and is configured for VLAN 10; indicated by the bridge.10 sub-interface.

/etc/network/interfaces for leaf1:

/etc/network/interfaces for leaf2:

auto bridge
iface bridge
  bridge-vlan-aware yes
  bridge-ports swp1 peerlink
  bridge-vids 1-200
  bridge-stp on

auto bridge.10
iface bridge.10
address 192.168.10.2/24 
address-virtual 00:00:5e:00:01:01 192.168.10.1/24

auto peerlink
iface peerlink
    bond-slaves glob swp45-48
    {bond-defaults removed for brevity}

auto swp1
iface swp1
  mstpctl-portadminedge yes
  mstpctl-bpduguard yes
auto bridge
iface bridge
  bridge-vlan-aware yes
  bridge-ports swp1 peerlink
  bridge-vids 1-200
  bridge-stp on

auto bridge.10
iface bridge.10
address 192.168.10.3/24 
address-virtual 00:00:5e:00:01:01 192.168.10.1/24

auto peerlink
iface peerlink
    bond-slaves glob swp45-48
    {bond-defaults removed for brevity}

auto swp1
iface swp1
  mstpctl-portadminedge yes
  mstpctl-bpduguard yes

Automating the Configuration with Mako

auto bridge
iface bridge
  bridge-vlan-aware yes
  bridge-ports swp1 peerlink
  bridge-vids 1-200
  bridge-stp on

% for I in range(1,200):
<%
     mac = '%04d' % I
     mac1 = mac[:2]
     mac2 = mac[-2:]
%>
     auto bridge.${I}
     iface bridge.${I}
         address 192.168.${I}.2/24
         address-virtual 44:38:39:ff:${mac1}:${mac2} 192.168.${I}.1/24
% endfor

There are several important points to note in the code sample above:

  • The range(1,201) in the template creates a list from 1 to 200 that is iterated. This line follows standard Python syntax, so you can create the list in any order you want. It can be a range range(1000, 1201), a gapped range range(1000, 1201, 10), or explicit [1000, 1500, 2000].
  • ${I} is the variable iterated each time in the loop. For this example, it is iterated between 1 and 200, representing the VLANs configured.
  • mac = '%04d' % I converts the VLAN into a usable MAC address. A unique MAC address must be created to use for the Virtual IP (VIP). For example, if the VLAN 10 is used, it will convert this into 0010. mac1 will be 00 and mac2 will be 10. VLAN 4094 would be converted into 40:94 (mac1 would be 40 and mac2 would be 94). This is a simple way to keep track of which virtual MAC address is assigned to which VLAN. There are numerous other ways to configure this.
  • MAC addresses should use the reserved range for Cumulus Linux (44:38:39:ff:00:00->44:38:39:ff:ff:ff), refer to this kb.

/etc/network/interfaces for leaf2:

auto bridge
iface bridge
  bridge-vlan-aware yes
  bridge-ports swp1 peerlink
  bridge-vids 1-200
  bridge-stp on

% for I in range(1,200):
<%
     mac = '%04d' % I
     mac1 = mac[:2]
     mac2 = mac[-2:]
%>
     auto bridge.${I}
     iface bridge.${I}
         address 192.168.${I}.3/24
         address-virtual 44:38:39:ff:${mac1}:${mac2} 192.168.${I}.1/24
% endfor

Observing the Results in Action

There are numerous ways to see vrr is running correctly:

  • Checking the IP Address Assigned to the VIP

    The virtual IP address is assigned as a real IP address to a virtual interface. Each address is configured as <bridge-name>-<VLAN>-v0; so for the above solution, it is bridge-<VLAN>-v0

    Here is the output for switch2:

    cumulus@leaf2$ ip addr show bridge-20-v0
    1102: bridge-20-v0@bridge.20: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN
    link/ether 44:38:39:ff:00:20 brd ff:ff:ff:ff:ff:ff
    inet 192.168.20.1/24 scope global bridge-20-v0
    inet6 fe80::4638:39ff:feff:20/64 scope link
    valid_lft forever preferred_lft forever
  • Using ifquery

    Use ifquery to see the configuration for a particular VLAN:

    cumulus@leaf2$ sudo ifquery bridge.10
    auto bridge.10
    iface bridge.10
    	address 192.168.10.3/24
    	address-virtual 44:38:39:ff:00:10 192.168.10.1/24
    

See Also

Have more questions? Submit a request

Comments

Powered by Zendesk