HP FlexFabric 5940 Configuration Manual
  1. Manuals
  2. Brands
  3. HP Manuals
  4. Switch
  5. FlexFabric 5940
  6. Configuration manual

HP FlexFabric 5940 Configuration Manual

Hide thumbs
Table of Contents

Advertisement

Quick Links

HPE FlexFabric 5940 Switch Series
MCE Configuration Guide
Part number: 5200-1024a
Software version: Release 2508 and later verison
Document version: 6W101-20161101

Advertisement

Table of Contents
loading

Related Manuals for HP FlexFabric 5940

Summary of Contents for HP FlexFabric 5940

  • Page 1 HPE FlexFabric 5940 Switch Series MCE Configuration Guide Part number: 5200-1024a Software version: Release 2508 and later verison Document version: 6W101-20161101...
  • Page 2 © Copyright 2016 Hewlett Packard Enterprise Development LP The information contained herein is subject to change without notice. The only warranties for Hewlett Packard Enterprise products and services are set forth in the express warranty statements accompanying such products and services. Nothing herein should be construed as constituting an additional warranty. Hewlett Packard Enterprise shall not be liable for technical or editorial errors or omissions contained herein.

  • Page 3: Table Of Contents

    Contents Configuring MCE ····························································································· 1     MPLS L3VPN overview ······································································································································ 1   Basic MPLS L3VPN architecture ··············································································································· 1   MPLS L3VPN concepts ······························································································································ 1   MCE overview ···················································································································································· 3   MCE configuration task list ································································································································ 4   Configuring VPN instances ································································································································ 4  ...

  • Page 4: Configuring Mce

    Configuring MCE This chapter describes MCE configuration. MPLS L3VPN overview MPLS L3VPN is a L3VPN technology used to interconnect geographically dispersed VPN sites. MPLS L3VPN uses BGP to advertise VPN routes and uses MPLS to forward VPN packets over a service provider backbone.
  • Page 5 • The classification of a site depends on the topology relationship of the devices, rather than the geographical positions. However, the devices at a site are, in most cases, adjacent to each other geographically. • The devices at a site can belong to multiple VPNs, which means that a site can belong to multiple VPNs.

  • Page 6: Mce Overview

    • When the Type field is 2, the Administrator subfield occupies four bytes, the Assigned number subfield occupies two bytes, and the RD format is 32-bit AS number:16-bit user-defined number, where the minimum value of the AS number is 65536. For example, 65536:1. To guarantee global uniqueness for a VPN-IPv4 address, do not set the Administrator subfield to any private AS number or private IP address.

  • Page 7: Mce Configuration Task List

    Figure 3 Network diagram for the MCE feature You can configure static routes, RIP, OSPF, IS-IS, EBGP, or IBGP between an MCE and a VPN site and between an MCE and a PE. NOTE: To implement dynamic IP assignment for DHCP clients in private networks, you can configure DHCP server or DHCP relay agent on the MCE.

  • Page 8: Creating A Vpn Instance

    Creating a VPN instance A VPN instance is a collection of the VPN membership and routing rules of its associated site. A VPN instance might correspond to more than one VPN. To create and configure a VPN instance: Step Command Remarks Enter system view.

  • Page 9: Configuring Routing On An Mce

    Step Command Remarks view. b. address-family ipv4 vpn-target vpn-target&<1-8> [ both | By default, no route targets are Configure route targets. export-extcommunity | configured. import-extcommunity ] By default, the number of active routes ain a VPN instance is not limited. Set the maximum routing-table limit number Setting the maximum number of...
  • Page 10 Step Command Remarks Enter system view. system-view ip route-static vpn-instance s-vpn-instance-name By default, no static dest-address { mask-length | mask } { interface-type routes are configured. interface-number [ next-hop-address ] | Configure a static Perform this next-hop-address [ public ] [ track route for a VPN configuration on the track-entry-number ] | vpn-instance...
  • Page 11 Step Command Remarks a router ID for the OSPF process. An OSPF process can belong to only one VPN instance, but one VPN instance can use multiple OSPF processes to advertise VPN routes. import-route protocol [ process-id | all-processes | Redistribute remote site allow-ibgp ] [ allow-direct | cost By default, no routes are...
  • Page 12 Configuring EBGP between an MCE and a VPN site To run EBGP between an MCE and a VPN site, you must configure a BGP peer for each VPN instance on the MCE, and redistribute the IGP routes of each VPN instance on the VPN site. Configure the MCE: Step Command...
  • Page 13 Step Command Remarks By default, no routes are import-route protocol redistributed into BGP. [ { process-id | all-processes } Redistribute the IGP routes [ allow-direct | med med-value A VPN site must advertise the of the VPN into BGP. | route-policy VPN network addresses it can route-policy-name ] * ] reach to the connected MCE.

  • Page 14: Configuring Routing Between An Mce And A Pe

    Step Command Remarks peer { group-name | Configure the MCE as an By default, no BGP peers or ipv4-address [ mask-length ] } IBGP peer. peer groups exist. as-number as-number Enter BGP-VPN IPv4 unicast address family address-family ipv4 [ unicast ] view.
  • Page 15 Step Command Remarks routes. all-processes | allow-ibgp ] redistributed into RIP. [ allow-direct | cost cost-value | route-policy route-policy-name | tag tag ] Configuring OSPF between an MCE and a PE Step Command Remarks Enter system view. system-view Create an OSPF process for ospf [ process-id | router-id a VPN instance and enter router-id | vpn-instance...
  • Page 16 Step Command Remarks interface interface-type Enter interface view. interface-number Enable the IS-IS By default, no IS-IS process is process on the isis enable [ process-id ] enabled on the interface. interface. Configuring EBGP between an MCE and a PE Step Command Remarks Enter system view.

  • Page 17: Displaying And Maintaining Mce

    Displaying and maintaining MCE Execute display commands in any view. Task Command Display VPN instance information. display ip vpn-instance [ instance-name vpn-instance-name ] For commands that display routing tables for VPN instances, see Layer 3—IP Routing Command Reference. MCE configuration examples Configuring the MCE that uses OSPF to advertise VPN routes to the PE Network requirements...
  • Page 18 # On the MCE, configure VPN instances vpn1 and vpn2, and specify an RD and route targets for each VPN instance. <MCE> system-view [MCE] ip vpn-instance vpn1 [MCE-vpn-instance-vpn1] route-distinguisher 10:1 [MCE-vpn-instance-vpn1] vpn-target 10:1 [MCE-vpn-instance-vpn1] quit [MCE] ip vpn-instance vpn2 [MCE-vpn-instance-vpn2] route-distinguisher 20:1 [MCE-vpn-instance-vpn2] vpn-target 20:1 [MCE-vpn-instance-vpn2] quit # Bind VLAN-interface 10 to VPN instance vpn1, and configure an IP address for the VLAN...
  • Page 19 Destinations : 13 Routes : 13 Destination/Mask Proto Pre Cost NextHop Interface 0.0.0.0/32 Direct 127.0.0.1 InLoop0 10.214.10.0/24 Direct 10.214.10.3 Vlan10 10.214.10.0/32 Direct 10.214.10.3 Vlan10 10.214.10.3/32 Direct 127.0.0.1 InLoop0 10.214.10.255/32 Direct 10.214.10.3 Vlan10 127.0.0.0/8 Direct 127.0.0.1 InLoop0 127.0.0.0/32 Direct 127.0.0.1 InLoop0 127.0.0.1/32 Direct 127.0.0.1...
  • Page 20 127.0.0.0/32 Direct 127.0.0.1 InLoop0 127.0.0.1/32 Direct 127.0.0.1 InLoop0 127.255.255.255/32 Direct 127.0.0.1 InLoop0 192.168.10.0/24 O_INTRA 10 10.214.20.2 Vlan20 224.0.0.0/4 Direct 0.0.0.0 NULL0 224.0.0.0/24 Direct 0.0.0.0 NULL0 255.255.255.255/32 Direct 127.0.0.1 InLoop0 The output shows that the MCE has learned the private routes of VPN 2. The MCE maintains the routes of VPN 1 and those of VPN2 in two different routing tables.
  • Page 21 # On PE 1, enable OSPF process 10, and bind the process to VPN instance vpn1. [PE1] ospf 10 router-id 100.100.10.1 vpn-instance vpn1 # Set the domain ID to 10. [PE1-ospf-10] domain-id 10 # Advertise subnet 30.1.1.0 in area 0. [PE1-ospf-10] area 0 [PE1-ospf-10-area-0.0.0.0] network 30.1.1.0 0.0.0.255 [PE1-ospf-10-area-0.0.0.0] quit...

  • Page 22: Configuring The Mce That Uses Ebgp To Advertise Vpn Routes To The Pe

    224.0.0.0/24 Direct 0.0.0.0 NULL0 255.255.255.255/32 Direct 127.0.0.1 InLoop0 The routing information for the two VPNs has been redistributed into the routing tables on PE 1. Configuring the MCE that uses EBGP to advertise VPN routes to the PE Network requirements As shown in Figure 5, configure the MCE to advertise the routes of VPNs 1 and 2 to PE 1, so that the...
  • Page 23 [MCE-ospf-10-area-0.0.0.0] network 10.214.10.0 0.0.0.255 [MCE-ospf-10-area-0.0.0.0] quit [MCE-ospf-10] quit # Display the routing table of VPN 1 on the MCE. [MCE] display ip routing-table vpn-instance vpn1 Destinations : 13 Routes : 13 Destination/Mask Proto Pre Cost NextHop Interface 0.0.0.0/32 Direct 127.0.0.1 InLoop0 10.214.10.0/24 Direct...
  • Page 24 # Enable BGP in AS 100 on the MCE. [MCE] bgp 100 # Enter the BGP-VPN instance view of VPN instance vpn1. [MCE-bgp-default] ip vpn-instance vpn1 # Specify the EBGP peer PE 1 in AS 200. [MCE-bgp-default-vpn1] peer 30.1.1.2 as-number 200 # Activate the EBGP VPNv4 peer PE 1, and redistribute routing information from OSPF process 10 to BGP.
  • Page 25 0.0.0.0/32 Direct 127.0.0.1 InLoop0 40.1.1.0/24 Direct 40.1.1.2 Vlan40 40.1.1.0/32 Direct 40.1.1.2 Vlan40 40.1.1.2/32 Direct 127.0.0.1 InLoop0 40.1.1.255/32 Direct 40.1.1.2 Vlan40 127.0.0.0/8 Direct 127.0.0.1 InLoop0 127.0.0.0/32 Direct 127.0.0.1 InLoop0 127.0.0.1/32 Direct 127.0.0.1 InLoop0 127.255.255.255/32 Direct 127.0.0.1 InLoop0 192.168.10.0/24 255 3 40.1.1.1 Vlan40 224.0.0.0/4 Direct...

  • Page 26: Configuring Ipv6 Mce

    Configuring IPv6 MCE This chapter describes IPv6 MCE configuration. IPv6 MPLS L3VPN overview IPv6 MPLS L3VPN uses BGP to advertise IPv6 VPN routes and uses MPLS to forward IPv6 VPN packets on the service provider backbone. Figure 6 shows a typical IPv6 MPLS L3VPN model. The service provider backbone in the IPv6 MPLS L3VPN model is an IPv4 network.

  • Page 27: Configuring Vpn Instances

    Tasks at a glance (Required.) Configuring routing between an MCE and a PE Configuring VPN instances By configuring VPN instances on a PE, you isolate not only VPN routes from public network routes, but also routes between VPNs. This feature allows VPN instances to be used in network scenarios in addition to MPLS L3VPNs.

  • Page 28: Configuring Route Related Attributes For A Vpn Instance

    Step Command Remarks interface after configuring this command. Configuring route related attributes for a VPN instance Step Command Remarks Enter system view. system-view • Enter VPN instance view: Configurations made in VPN ip vpn-instance instance view apply to both IPv4 vpn-instance-name VPN and IPv6 VPN.

  • Page 29: Configuring Routing Between An Mce And A Vpn Site

    • MCE-PE routing configuration. On a PE in an MCE network environment, perform the following tasks: • Disable routing loop detection to avoid route loss during route calculation. • Disable route redistribution between routing protocols to save system resources. Before you configure routing on an MCE, perform the following tasks: •...
  • Page 30 Step Command Remarks import-route protocol [ process-id ] [ allow-ibgp ] Redistribute remote site By default, no routes are [ allow-direct | cost cost-value | routes advertised by the PE. redistributed into RIPng. route-policy route-policy-name ] Return to system view. quit interface interface-type Enter interface view.
  • Page 31 processes. This ensures the separation and security of IPv6 VPN routes. For more information about IPv6 IS-IS, see Layer 3—IP Routing Configuration Guide. To configure IPv6 IS-IS between an MCE and a VPN site: Step Command Remarks Enter system view. system-view Create an IPv6 IS-IS process Perform this configuration on the...
  • Page 32 Step Command Remarks | route-policy route-policy-name ] * ] Configure a VPN site: Step Command Remarks Enter system view. system-view bgp as-number [ instance Enter BGP instance view. instance-name ] [ multi-session-thread ] peer { group-name | Configure the MCE as an ipv6-address [ prefix-length ] } By default, no BGP peers exist.

  • Page 33: Configuring Routing Between An Mce And A Pe

    Step Command Remarks learned from the VPN site to other IBGP peers, including VPNv6 peers. The MCE advertises routes learned from a VPN site only when you configure the VPN site as a client of the RR (the MCE). import-route protocol Redistribute remote site [ { process-id | all-processes } By default, no routes are...
  • Page 34 Step Command Remarks [ next-hop-address ] | nexthop-address [ public ] | vpn-instance d-vpn-instance-name nexthop-address } [ permanent ] [ preference preference ] [ tag tag-value ] [ description text ] (Optional.) Set the ipv6 route-static default-preference default preference for The default value is 60.
  • Page 35 Step Command Remarks [ instance instance-id ] on the interface. an interface. Configuring IPv6 IS-IS between an MCE and a PE Step Command Remarks Enter system view. system-view Create an IS-IS process for isis [ process-id ] vpn-instance an IPv6 VPN instance and vpn-instance-name enter IS-IS view.

  • Page 36: Displaying And Maintaining Ipv6 Mce

    Configuring IBGP between an MCE and a PE Step Command Remarks Enter system view. system-view Enter BGP instance bgp as-number [ instance instance-name ] By default, BGP is not view. [ multi-session-thread ] enabled. Enter BGP-VPN ip vpn-instance vpn-instance-name instance view. Configure the PE as an peer { group-name | ipv6-address By default, no BGP peers or...

  • Page 37: Configuration Procedure

    Figure 7 Network diagram VPN 2 Site 1 PE 2 PE 1 Vlan-int30: 30::2/64 Vlan-int40: 40::2/64 PE 3 Vlan-int10 VPN 1 VPN 1 Vlan-int30: 30::1/64 2001:1::2/64 Site 2 2012:1::/64 Vlan-int40: 40::1/64 Vlan-int11 Vlan-int10 2012:1::2/64 2001:1::1/64 VR 1 Vlan-int20 2002:1::1/64 Vlan-int20 2002:1::2/64 VR 2 Vlan-int21...
  • Page 38 [MCE-Vlan-interface10] ipv6 address 2001:1::1 64 [MCE-Vlan-interface10] quit # Bind VLAN-interface 20 to VPN instance vpn2, and configure an IPv6 address for the VLAN interface. [MCE] interface vlan-interface 20 [MCE-Vlan-interface20] ip binding vpn-instance vpn2 [MCE-Vlan-interface20] ipv6 address 2002:1::1 64 [MCE-Vlan-interface20] quit # On PE 1, configure VPN instances vpn1 and vpn2, and specify an RD and route targets for each VPN instance.
  • Page 39 # On the MCE, display the routing tables of VPN instances vpn1 and vpn2. [MCE] display ipv6 routing-table vpn-instance vpn1 Destinations : 6 Routes : 6 Destination: ::1/128 Protocol : Direct NextHop : ::1 Preference: 0 Interface : InLoop0 Cost Destination: 2001:1::/64 Protocol : Direct...
  • Page 40 Destination: FE80::/10 Protocol : Direct NextHop : :: Preference: 0 Interface : NULL0 Cost Destination: FF00::/8 Protocol : Direct NextHop : :: Preference: 0 Interface : NULL0 Cost The output shows that the MCE has learned the private route of VPN 2. The MCE maintains the routes of VPN 1 and VPN 2 in two different routing tables.

  • Page 41: Verifying The Configuration

    [PE1] ospfv3 10 vpn-instance vpn1 [PE1-ospf-10] router-id 100.100.10.1 [PE1-ospf-10] quit # Enable OSPFv3 on VLAN-interface 30. [PE1] interface vlan-interface 30 [PE1-Vlan-interface30] ospfv3 10 area 0.0.0.0 [PE1-Vlan-interface30] quit # Configure OSPFv3 process 20 between the MCE and PE 1. (Details not shown.) # Redistribute VPN 2's routes from RIPng process 20 into the OSPFv3 routing table of the MCE.
  • Page 42 Interface : InLoop0 Cost Destination: 40::/64 Protocol : Direct NextHop : :: Preference: 0 Interface : Vlan40 Cost Destination: 40::2/128 Protocol : Direct NextHop : ::1 Preference: 0 Interface : InLoop0 Cost Destination: 2012::/64 Protocol : O_ASE2 NextHop : FE80::200:FF:FE0F:5 Preference: 150 Interface : Vlan40...

  • Page 43: Document Conventions And Icons

    Document conventions and icons Conventions This section describes the conventions used in the documentation. Port numbering in examples The port numbers in this document are for illustration only and might be unavailable on your device. Command conventions Convention Description Boldface Bold text represents commands and keywords that you enter literally as shown.

  • Page 44: Network Topology Icons

    Network topology icons Convention Description Represents a generic network device, such as a router, switch, or firewall. Represents a routing-capable device, such as a router or Layer 3 switch. Represents a generic switch, such as a Layer 2 or Layer 3 switch, or a router that supports Layer 2 forwarding and other Layer 2 features.

  • Page 45: Support And Other Resources

    Hewlett Packard Enterprise Support Center More Information on Access to Support Materials page: www.hpe.com/support/AccessToSupportMaterials IMPORTANT: Access to some updates might require product entitlement when accessed through the Hewlett Packard Enterprise Support Center. You must have an HP Passport set up with relevant entitlements.

  • Page 46: Websites

    Websites Website Link Networking websites Hewlett Packard Enterprise Information Library for www.hpe.com/networking/resourcefinder Networking Hewlett Packard Enterprise Networking website www.hpe.com/info/networking Hewlett Packard Enterprise My Networking website www.hpe.com/networking/support Hewlett Packard Enterprise My Networking Portal www.hpe.com/networking/mynetworking Hewlett Packard Enterprise Networking Warranty www.hpe.com/networking/warranty General websites Hewlett Packard Enterprise Information Library www.hpe.com/info/enterprise/docs Hewlett Packard Enterprise Support Center...
  • Page 47 part number, edition, and publication date located on the front cover of the document. For online help content, include the product name, product version, help edition, and publication date located on the legal notices page.

  • Page 48: Index

    Index MCE configuration, MCE EBGP VPN route advertisement, advertising MCE OSPF VPN route advertisement, MCE EBGP VPN route advertisement, MCE routing, MCE OSPF VPN route advertisement, MCE VPN instance, architecture MCE VPN instance route related attribute, MPLS L3VPN, MCE-PE EBGP, associating MCE-PE IBGP, IPv6 MCE VPN instance+interface,...
  • Page 49 IPv6 MCE-PE OSPFv3, IPv6 MCE-PE RIPng, IBGP IPv6 MCE-VPN site EBGP, IPv6 MCE-PE IBGP, IPv6 MCE-VPN site IBGP, IPv6 MCE-VPN site IBGP, IPv6 MCE-VPN site IPv6 IS-IS, MCE-PE IBGP configuration, IPv6 MCE-VPN site OSPFv3, MCE-VPN site IBGP, IPv6 MCE-VPN site RIPng, importing IPv6 MCE-VPN site routing, MCE VPN instance route related attributes,...
  • Page 50 MCE EBGP VPN route advertisement, IPv6 MPLS L3VPN IPv6 MCE-VPN site routing, MCE maintain, MCE EBGP VPN route advertisement, MCE OSPF VPN route advertisement, MCE OSPF VPN route advertisement, MCE routing configuration, MCE routing configuration, MCE-PE EBGP, MCE VPN instance, MCE-PE IBGP, MCE VPN instance route related attributes, MCE-PE IS-IS,...
  • Page 51 IPv6 MCE-PE OSPFv3, configuring MCE OSPF VPN route advertisement, IPv6 MCE-PE RIPng, configuring MCE routing, IPv6 MCE-PE routing, configuring MCE VPN instance, IPv6 MCE-VPN site EBGP, configuring MCE VPN instance route related IPv6 MCE-VPN site IBGP, attribute, IPv6 MCE-VPN site IPv6 IS-IS, configuring MCE-PE EBGP, IPv6 MCE-VPN site OSPFv3, configuring MCE-PE IBGP,...
  • Page 52 IPv6 MCE-PE IPv6 static routing, IPv6 MCE-PE OSPFv3, IPv6 MCE-PE RIPng, IPv6 MCE-VPN site EBGP, IPv6 MCE-VPN site IBGP, IPv6 MCE-VPN site IPv6 IS-IS, IPv6 MCE-VPN site OSPFv3, IPv6 MCE-VPN site RIPng, IPv6 MCE-VPN site static routing, IPv6 MPLS L3VPN IPv6 MCE-VPN site routing, MCE configuration, 1, 14...

Table of Contents