Flex Links, otherwise known as the devil for your L2 network.
In all fairness, lets actually figure out what this feature
is used for.
The most important thing you need to know is the fact that
Flex links disable your spanning-tree process.
By that very sentence alone, you should be concerned.
I like to call Flex links, backup-links instead, because that is in fact what it is.
If you have two uplink ports to your upstream switch as seen in our topology below, you might want to have one link in a standby mode, ready to take over immediately. Flex links provides this for you.
In this case, our upstream switch, Cat4 is connected to our downstream switch, Cat2.
I am using two vlan’s to demonstrate all of this. Vlan 100 and Vlan 200. I have created an SVI on both switches in each of these vlan’s:
Cat2:
Vlan 100: 192.168.100.2
Vlan 200: 192.168.200.2
Cat4:
Vlan 100: 192.168.100.4
Vlan 200: 192.168.200.4
The configuration itself takes place on Cat2.
Under the primary interface, which we have selected f0/21 to be, we define which interface we want to have as our backup interface.
Both the interfaces have been set to static trunk mode to carry our vlans.
Before we do any configuration, lets see how things are looking with regular spanning-tree:
Cat4:
and on Cat2, our downstream switch:
If you look closely at these outputs, you can deduce a couple of things.
First off, we are running RSTP (802.1w). Cat4 is our root bridge in the topology.
Secondly we can see that our active link from Cat2 towards Cat4 is Fa0/21 and Fa0/22 is in a blocking state.
Now, instead of using spanning-tree to converge on the Fa0/22 link when Fa0/21 goes down, lets use Flex Links.
We configure the feature on the primary interface:
Immediately we see this information:
This is basically the point in time that spanning-tree is disabled for these two links.
We can verify this:
To verify the Flex Link feature itself, the command is:
With this bit of information, we see that our active interface is F0/21 and that Fa0/22 is configured as the backup interface.
Lets make sure we got connectivity between Cat2 and Cat4:
Everything looks good. Time to bring down the primary (Fa0/21) interface and see if Fa0/22 takes over. In another terminal, i have issued a ping test from Cat2 to Cat4 on the vlan interfaces. I will use this to see how much data is lost if any:
And our ping results from Cat2 to Cat4:
Great! we didnt loose a single ICMP packet.
So lets summarize. We have used the Flex Link feature in order not to run spanning-tree between Cat2 (downstream) and Cat4 (upstream). In the event that we loose Fa0/21 on Cat2, we immediately switch over to Fa0/22.
If you have used other technologies regarding backup of something, you have probably come across the notion that you want to fall back to the original state after the primary links come back online. In order to do that, we need to get into the concept of preemption.
Preemption basically means under which circumstances (if any), do you want to return traffic to the primary link.
Lets assume that we want to resume to the primary link as soon as possible, with no regard to the bandwidth of the primary interface or anything of that nature.
In order to do that we need to do a few more commands on the Fa0/21 (primary) interface:
This tells the Flex Link feature that when the Fa0/21 (primary) link comes back online, return data to it no matter what and that the preemption delay should be the absolute minimum (1 second). Use this with caution in real life however as you want to make sure that the link is really functioning and operational. The default delay is 35 seconds.
Lets see what happens when we shut down Fa0/21 (primary) and after a while turn it back on again:
Long output, but it demonstrates what is happening. After the Flex Link is using the Fa0/22 (backup) interface, we turn the Fa0/21 (primary) interface back on, which causes Flex Link to preempt the data back onto the F0/21 link.
Again, be advised, that since spanning-tree is still in function on Cat4 and that it doesnt receive any BPDU’s from Cat2, it treats it “old style”, meaning going through the blocking, listening and learning states, it will take some time for Cat4 to reach a forwarding state for the Fa0/21 (primary) link. In effect, this means that switching back with such a fast preemption will cause you to loose data.
I hope this has been of some use to you and i urge you to goto the Cisco documentation to learn more about this feature if you so desire: