There can be some situations where you need to create a redundant link between two switches/routers (f.e. between a Cisco and a Brocade device) where you are not able to use STP which takes care of a loop-free configuration and failover handling.
Cisco has this nice little feature called FlexLink. You define a backup interface which takes the active role as soon as the active interface goes down. The failover takes place immediately, during my lab tests I could not see any paket missing or see any effects on the client.
Configuring FlexLink
It's very simple to activate the FlexLink feature on any interface:
interface TenGigabitEthernet1/1/1
switchport trunk encapsulation dot1q
switchport mode trunk
switchport backup interface Te2/1/1
!
interface TenGigabitEthernet2/1/1
switchport trunk encapsulation dot1q
switchport mode trunk
!
As seen on the config, the backup interface does not need to have any configuration regarding the FlexLink feature. The interface Te2/1/1
does not forward any traffic until the state of the interface Te1/1/1
goes down.
Note: It's only possible to define one backup interface and the backup interface cannot be backup interface for more than one active interface.
On a FlexLink activated interface spanning-tree participation is completely disabled.
To check the state of the backup interface configuration use the following show command:
Switch#show interfaces switchport backup detail
Switch Backup Interface Pairs:
Active Interface Backup Interface State
------------------------------------------------------------------------
TenGigabitEthernet1/1/1 TenGigabitEthernet2/1/1 Active Up/Backup Down
Preemption Mode : off
Multicast Fast Convergence : Off
Bandwidth : 10000000 Kbit (Te1/1/1), 10000000 Kbit (Te2/1/1)
Mac Address Move Update Vlan : auto
Further options
You can also define if and when to switch back to the original active interface after the interface comes back up into operation. This is called preemption and can be configured like this:
interface TenGigabitEthernet1/1/1
switchport mode trunk
switchport backup interface Te2/1/1
switchport backup interface Te2/1/1 preemption mode forced
switchport backup interface Te2/1/1 preemption delay 90
!
This means that 90 seconds after the active link comes back up into operation it will take over the active role from the backup interface. There are some more options to configure, but this would exceed the scope of this blog entry.
It's a bit embarrassing that you don't see the FlexLink feature when you enter show interfaces status
.
You only see it with the show interfaces switchport backup
command and on the device itself (the LED is orange on the backup interface)
Increase the reliability
To increase the reliability of the port state detection it's possible to combine FlexLink with a singleton lag / single port etherchannel.
This helps to detect port failures because it's an active protocol (LACP) to detect the state of a port.
On the Cisco switch just create an EtherChannel per interface containing just this interface:
interface TenGigabitEthernet1/1/1
switchport trunk encapsulation dot1q
switchport mode trunk
channel-group 24 mode active
!
interface TenGigabitEthernet2/1/1
switchport trunk encapsulation dot1q
switchport mode trunk
channel-group 25 mode active
end
And then add the FlexLink configuration to the Port-Channel interface:
interface Port-channel24
switchport trunk encapsulation dot1q
switchport mode trunk
switchport backup interface Po25
switchport backup interface Po25 preemption mode forced
switchport backup interface Po25 preemption delay 90
!
interface Port-channel25
switchport trunk encapsulation dot1q
switchport mode trunk
end
If this Cisco switch is connected to a Brocade device we need to configure the port on the Brocade device into a singleton lag:
interface ethernet 1/1/5
port-name CiscoSwitch
link-aggregate configure singleton
link-aggregate active
!
Now LACP takes care of checking the correct function of the link.
This is very helpful if the two devices are connected with DAC cables because the link state does not change on the Cisco side if you administratively disable the interface on the Brocade side (Maybe a bug - investigation in progress). This is not a problem with copper or fibre connections, I've just seen this behaviour with DAC connections.