There can be some situations where you need to create a redundant link between two switches/routers (f.e. between a Cisco and a Brocade device) where you are not able to use STP which takes care of a loop-free configuration and failover handling.
Cisco has this nice little feature called FlexLink. You define a backup interface which takes the active role as soon as the active interface goes down. The failover takes place immediately, during my lab tests I could not see any paket missing or see any effects on the client.
It's very simple to activate the FlexLink feature on any interface:
interface TenGigabitEthernet1/1/1 switchport trunk encapsulation dot1q switchport mode trunk switchport backup interface Te2/1/1 !
interface TenGigabitEthernet2/1/1 switchport trunk encapsulation dot1q switchport mode trunk !
As seen on the config, the backup interface does not need to have any configuration regarding the FlexLink feature. The interface
Te2/1/1 does not forward any traffic until the state of the interface
Te1/1/1 goes down.
Note: It's only possible to define one backup interface and the backup interface cannot be backup interface for more than one active interface.
On a FlexLink activated interface spanning-tree participation is completely disabled.
To check the state of the backup interface configuration use the following show command:
Switch#show interfaces switchport backup detail Switch Backup Interface Pairs: Active Interface Backup Interface State ------------------------------------------------------------------------ TenGigabitEthernet1/1/1 TenGigabitEthernet2/1/1 Active Up/Backup Down Preemption Mode : off Multicast Fast Convergence : Off Bandwidth : 10000000 Kbit (Te1/1/1), 10000000 Kbit (Te2/1/1) Mac Address Move Update Vlan : auto
You can also define if and when to switch back to the original active interface after the interface comes back up into operation. This is called preemption and can be configured like this:
interface TenGigabitEthernet1/1/1 switchport mode trunk switchport backup interface Te2/1/1 switchport backup interface Te2/1/1 preemption mode forced switchport backup interface Te2/1/1 preemption delay 90 !
This means that 90 seconds after the active link comes back up into operation it will take over the active role from the backup interface. There are some more options to configure, but this would exceed the scope of this blog entry.
It's a bit embarrassing that you don't see the FlexLink feature when you enter
show interfaces status.
You only see it with the
show interfaces switchport backup command and on the device itself (the LED is orange on the backup interface)
Increase the reliability
To increase the reliability of the port state detection it's possible to combine FlexLink with a singleton lag / single port etherchannel.
This helps to detect port failures because it's an active protocol (LACP) to detect the state of a port.
On the Cisco switch just create an EtherChannel per interface containing just this interface:
interface TenGigabitEthernet1/1/1 switchport trunk encapsulation dot1q switchport mode trunk channel-group 24 mode active ! interface TenGigabitEthernet2/1/1 switchport trunk encapsulation dot1q switchport mode trunk channel-group 25 mode active end
And then add the FlexLink configuration to the Port-Channel interface:
interface Port-channel24 switchport trunk encapsulation dot1q switchport mode trunk switchport backup interface Po25 switchport backup interface Po25 preemption mode forced switchport backup interface Po25 preemption delay 90 ! interface Port-channel25 switchport trunk encapsulation dot1q switchport mode trunk end
If this Cisco switch is connected to a Brocade device we need to configure the port on the Brocade device into a singleton lag:
interface ethernet 1/1/5 port-name CiscoSwitch link-aggregate configure singleton link-aggregate active !
Now LACP takes care of checking the correct function of the link.
This is very helpful if the two devices are connected with DAC cables because the link state does not change on the Cisco side if you administratively disable the interface on the Brocade side (Maybe a bug - investigation in progress). This is not a problem with copper or fibre connections, I've just seen this behaviour with DAC connections.