I'd like to ask a few questions about the design and the technical implementation and I hope that someone can help me understand the differences of the following scenarios and tell me also what are the Pro's & Con's, so I can figured out how the implementation would fit the best...
I`ve two sites - each with a Layer3 capable Switch - connected with 2x 10G dedicated Point-to-Point WAN-Links!
Each site has basically it`s own VLANs and different IP-Subnets in use BUT one Vlan has to be used on both switches for Management-Purpose!
What I´ll try to accomplish is to setup a dynamic Routing between those both sites via OSPF and use both of the links simulatinously (load-balancing) for Traffic Routing and the Layer2 Managment VLAN!
1) on each side = 2 Switchports are configured as untagged member in VLAN-10 and as tagged member in VLAN-500; an SVI for VLAN-10 with IP-Subnet = 192.168.10.0/30 and a SVI for VLAN-500 with IP-Subnet = 192.168.50.0/30 will be used
2) on each side = 2 Switchports are configured, one as untagged member in VLAN-10 and an SVI for VLAN-10 with IP-Subnet = 192.168.10.0/30; the second interface is an untagged member in VLAN-20 and an SVI for VLAN-20 with IP-Subnet = 192.168.20.0/30
both of the switchports should also carry VLAN-500 tagged as well (SVI with IP-Subnet = 192.168.50.0/30) - OSPF could use ECMP in that case?!
3) on each side = the 2 Switchports are configured to use LACP for Bundling those; each member will use VLAN-10 untagged an SVI for VLAN-10 with IP-Subnet = 192.168.10.0/30 and a SVI for VLAN-500 (IP-Subnet = 192.168.50.0/30) will be used
Can OSPF ECMP be also used in that concept, if yes - how will the Load-Balancing (Algorithm) work in case?
There are aspects of your question that are not clear to me. But this statement is clear (and significant)
BUT one Vlan has to be used on both switches for Management-Purpose!
If one vlan has to be used on both switches then the links between the sites needs to be layer 2. You can use OSPF as the routing protocol for the network, but OSPF will not play any role in how the site to site links are used.
To the extent that some vlans (and their associated IP subnets) are unique to a site then they do not need to go over the site to site links. But the site to site links (in the ether channel) need to have a vlan for site to site communication. OSPF would use the SVI of that vlan and would not have any interaction with the physical interfaces or how traffic was sent over the ether channel.
>> What I´ll try to accomplish is to setup a dynamic Routing between those both sites via OSPF and use both of the links simulatinously (load-balancing) for Traffic Routing and the Layer2 Managment VLAN!
This can be done in different ways as you have noted.
The inter-site links need to be L2 trunks to carry the management VLAN ( L2 transport) and the VLAN(s) used for OSPF peering.
To be noted that if do not use a bundle STP will block one link per VLAN and this is valid for the management VLAN and for the VLANs used for OSPF peering.
By playing with STP cost per vlan ( I suppose you use PVST+ or Rapid PVST) using two VLANs for OSPF allows to use both links for routing and only one for extending the management VLAN
The command is spanning-tree vlan X cost 500 to be given on the non root bridge side of each link . Where X and Y are the OSPF dedicated VLANs
link 1 we want to be STP forwarding for VLAN X
on link 2 we put:
spanning-tree vlan X cost 500
link 2 we want to be STP forwarding for VLAN Y
on link 1 we put ( on non root bridge side)
spanning-tree vlan Y cost 500
Solution 3) building an LACP port-channel and carrying over it the three VLANs allow to use both links at the same time for all type of traffic.
But you have to check with your Metro ethernet provider that their links are able to carry LACP frames without blocking them ( this depends on SP technology and settings, 802.1Q in Q can have this problem but enabling l2 protocol tunneling would allow LACP frames to pass, EoMPLS pseudowires have not this issue).
So in this case for routed traffic each flow would be :
a) choices a peering OSPF VLAN as exit interface from (X,Y) set ---> it will choice the VLAN tag
b) on the bundle the flow will be processed using etherchannel load balancing IP SA and IP DA to choice a member link to send the tagged frame over it
Hope to help
Any suggestions between L2 and L3 port channel configurations? typical example is for internet connection redundancy setup; Two Internet IP routers and each have L3 channel group configured connecting to a L2 stack switch. The L2 stack switch will connect to FWs, VPN routers, and so on behind the Internet routers and all are configured with port channels for redundancy. what is the best practice for the channel groups on the L2 switch which connect all the L3 devices using port channels? something like L2 mode on, L3 mode on, or one end On the other end use default (cisco routers have the default no mode option) and so on.
There are parts of your question that I do not understand. But let me respond to the part that I think that I do understand. If you are going to configure port channel where some of the participants in the port channel are L2 switches then the port channel needs to be a layer 2 port channel. When all participants are L3 switches then you have options about whether to make the port channel L2 or L3. But with a L2 participant the port channel must be L2.