1. Manuals
  2. Brands
  3. HP Manuals
  4. Switch
  5. 6125G
  6. Configuration manual

HP 6125G Configuration Manual

High availability configuration guide
Hide thumbs Also See for 6125G:
Table of Contents

Advertisement

Quick Links

Download this manual See also: Configuration Manual, Installation Manual
HP 6125 Blade Switch Series

High Availability

Configuration Guide

Part number: 5998-3161
Software version: Release 2103
Document version: 6W100-20120907

Advertisement

Table of Contents
loading

Related Manuals for HP 6125G

Summary of Contents for HP 6125G

  • Page 1: High Availability

    HP 6125 Blade Switch Series High Availability Configuration Guide Part number: 5998-3161 Software version: Release 2103 Document version: 6W100-20120907...
  • Page 2 HEWLETT-PACKARD COMPANY MAKES NO WARRANTY OF ANY KIND WITH REGARD TO THIS MATERIAL, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. Hewlett-Packard shall not be liable for errors contained herein or for incidental or consequential damages in connection with the furnishing, performance, or use of this material.

  • Page 3: Table Of Contents

    Contents High availability overview ··········································································································································· 1   Availability requirements ·················································································································································· 1   Availability evaluation ······················································································································································ 1   High availability technologies ········································································································································· 2   Fault detection technologies ···································································································································· 2   Protection switchover technologies ························································································································· 3   Configuring Ethernet OAM ········································································································································· 5  ...
  • Page 4 DLDP configuration task list ··········································································································································· 35   Configuring the duplex mode and speed of an Ethernet interface ··········································································· 35   Enabling DLDP ································································································································································ 36   Setting DLDP mode ························································································································································· 36   Setting the interval to send advertisement packets ····································································································· 36  ...
  • Page 5 Configuring protected VLANs for a smart link group ························································································ 93   Configuring member ports for a smart link group ····························································································· 94   Configuring role preemption for a smart link group·························································································· 95   Enabling the sending of flush messages ············································································································· 95  ...
  • Page 6 IPv4-based VRRP configuration examples ················································································································· 135   Single VRRP group configuration example ······································································································· 135   VRRP interface tracking configuration example ······························································································· 138   VRRP with multiple VLANs configuration example ··························································································· 142   VRRP load balancing mode configuration example ························································································ 144  ...
  • Page 7 Index ········································································································································································ 214  ...

  • Page 8: High Availability Overview

    High availability overview Communication interruptions can seriously affect widely-deployed value-added services such as IPTV and video conference. Therefore, the basic network infrastructures must be able to provide high availability. The following are the effective ways to improve availability: Increasing fault tolerance •...

  • Page 9: High Availability Technologies

    High availability technologies Increasing MTBF or decreasing MTTR can enhance the availability of a network. The high availability technologies described in this section meet the level 2 and level 3 high availability requirements by decreasing MTTR. High availability technologies can be classified as fault detection technologies or protection switchover technologies.

  • Page 10: Protection Switchover Technologies

    Technology Introduction Reference The track module is used to implement collaboration between different modules. The collaboration here involves three parts: the application modules, the track module, and the detection modules. These modules collaborate with one another through collaboration entries. That is, the detection modules trigger the application "Configuring track"...
  • Page 11 Technology Introduction Reference Virtual Router Redundancy Protocol (VRRP) is an error-tolerant "Configuring VRRP" protocol that provides highly reliable default links on multicast and VRRP in High Availability broadcast LANs such as Ethernet, avoiding network interruption Configuration Guide due to failure of a single link. A single availability technology cannot solve all problems.

  • Page 12: Configuring Ethernet Oam

    Configuring Ethernet OAM Ethernet OAM overview Ethernet Operation, Administration and Maintenance (OAM) is a tool that monitors Layer 2 link status and addresses common link-related issues on the "last mile." You can use it to monitor the status of the point-to-point link between two directly connected devices.

  • Page 13: How Ethernet Oam Works

    Field Description The specific protocol being encapsulated in the Ethernet OAMPDU Subtype The value is 0x03. Flags Status information of an Ethernet OAM entity Code Type of the Ethernet OAMPDU NOTE: Throughout this document, a port with Ethernet OAM enabled is an Ethernet OAM entity or an OAM entity.
  • Page 14 Item Active Ethernet OAM mode Passive Ethernet OAM mode Transmitting Event Notification Available Available OAMPDUs Transmitting Information Available Available OAMPDUs without any TLV Transmitting Loopback Control Available Unavailable OAMPDUs Responding to Loopback Control Available—if both sides operate in Available OAMPDUs active OAM mode NOTE: Only OAM entities operating in active OAM mode can initiate OAM connections.

  • Page 15: Standards And Protocols

    A second in which errored frames appear is called an "errored frame second." Remote fault detection Information OAMPDUs are exchanged periodically among Ethernet OAM entities across established OAM connections. In a network where traffic is interrupted due to device failures or unavailability, the flag field defined in information OAMPDUs allows an Ethernet OAM entity to send error information—the critical link event type—to its peer.

  • Page 16: Configuring Basic Ethernet Oam Functions

    Task Remarks Configuring errored frame seconds event detection Optional Enabling Ethernet OAM remote loopback Optional Configuring Ethernet OAM remote Rejecting the Ethernet OAM remote loopback Optional loopback request from a remote port Configuring basic Ethernet OAM functions For Ethernet OAM connection establishment, an Ethernet OAM entity operates in active mode or passive mode.

  • Page 17: Configuring Errored Frame Event Detection

    Configuring errored frame event detection Step Command Remarks Enter system view. system-view Optional. Configure the errored frame oam errored-frame period event detection interval. period-value 1 second by default. Optional. Configure the errored frame oam errored-frame threshold event triggering threshold. threshold-value 1 by default.
  • Page 18 CAUTION: Use this function with caution, because enabling Ethernet OAM remote loopback impacts other services. When you enable Ethernet OAM remote loopback on a port, the port sends Loopback Control OAMPDUs to a remote port, and the remote port enters the loopback state. The port then sends test frames to the remote port.

  • Page 19: Rejecting The Ethernet Oam Remote Loopback Request From A Remote Port

    Step Command Remarks Enter system view. system-view Enter Layer 2 Ethernet interface interface-type interface view. interface-number Enable Ethernet OAM remote oam loopback Disabled by default. loopback on the port. Rejecting the Ethernet OAM remote loopback request from a remote port The Ethernet OAM remote loopback function impacts other services.

  • Page 20: Ethernet Oam Configuration Example

    Task Command Remarks display oam { local | remote } [ interface interface-type Display the information about an interface-number ] [ | { begin | Available in any view Ethernet OAM connection. exclude | include } regular-expression ] Clear statistics on Ethernet OAM reset oam [ interface interface-type packets and Ethernet OAM link Available in user view...
  • Page 21 Use the display oam configuration command to display the Ethernet OAM configuration. For example: # Display the Ethernet OAM configuration on Device A. [DeviceA] display oam configuration Configuration of the link event window/threshold : -------------------------------------------------------------------------- Errored-symbol Event period(in seconds) Errored-symbol Event threshold Errored-frame Event period(in seconds) Errored-frame Event threshold Errored-frame-period Event period(in ms)

  • Page 22: Configuring Cfd

    Configuring CFD Overview Connectivity Fault Detection (CFD) is an end-to-end per-VLAN link layer OAM mechanism used for link connectivity detection, fault verification, and fault location. It conforms to IEEE 802.1ag CFM. Basic CFD concepts This section explains the concepts of CFD. A maintenance domain (MD) defines the network or part of the network where CFD plays its role.
  • Page 23 An MA serves a VLAN. Packets sent by the MPs in an MA carry the relevant VLAN tag. An MP can receive packets sent by other MPs in the same MA. The level of an MA equals the level of the MD that the MA belongs to.

  • Page 24: Cfd Functions

    configured on the ports of device A through device F. Port 1 of device B is configured with the following MPs—a level 5 MIP, a level 3 inward-facing MEP, a level 2 inward-facing MEP, and a level 0 outward-facing MEP. Figure 5 CFD grading example MEP list A MEP list is a collection of configurable local MEPs and the remote MEPs to be monitored in the same...

  • Page 25: Protocols And Standards

    Depending on whether the source MEP can receive a loopback reply message (LBR) from the target MEP, the link state between the two can be verified. LBM frames and LBR frames are unicast frames. LT is similar to traceroute. It identifies the path between the source MEP and the target MP. This function is implemented in the following way—the source MEP sends the linktrace messages (LTMs) to the target MP.

  • Page 26: Configuring Basic Cfd Settings

    The port is configured as a MIP or an inward-facing MEP that can still receive and send CFD • messages except CCM messages. For more information about the spanning tree feature, see Layer 2—LAN Switching Configuration Guide. Configuring basic CFD settings This section provides procedures for configuring basic CFD settings.

  • Page 27: Configuring Meps

    Service instance without the MD name, which takes effect in only CFD IEEE 802.1ag. • You can create either type of service instance as needed. Creating a service instance with the MD name To create a service instance with the MD name, create the MD and MA for the service instance first. To configure a service instance with the MD name: Step Command...

  • Page 28: Configuring Mip Generation Rules

    Step Command Remarks cfd mep mep-id service-instance Create a MEP. By default, no MEP is created. instance-id { inbound | outbound } cfd mep service-instance Enable the MEP. By default, the MEP is disabled. instance-id mep mep-id enable Configuring MIP generation rules As functional entities in a service instance, MIPs respond to various CFD frames, such as LTM frames, LBM frames, 1DM frames, DMM frames, and TST frames.

  • Page 29: Configuring Lb On Meps

    Table 9 Relationship between the interval field value in the CCM message, the interval between CCM messages, and the timeout time of the remote MEP The interval field value in The interval between CCM The timeout time of the remote MEP the CCM message messages 1 second...

  • Page 30: Displaying And Maintaining Cfd

    TTL field in the LTM frames set to the maximum value 255. Based on the LTRs that the MIPs return, the fault source can be located. To configure LT on MEPs: Step Command Remarks cfd linktrace service-instance Find the path between a source instance-id mep mep-id { target-mep Available in any view.

  • Page 31: Cfd Configuration Example

    Task Command Remarks display cfd remote-mep Display the information of a remote service-instance instance-id mep Available in any view MEP. mep-id [ | { begin | exclude | include } regular-expression ] display cfd linktrace-reply Display the content of the LTR auto-detection [ size size-value ] [ | messages received as responses to Available in any view...

  • Page 32: Configuration Procedure

    Figure 6 Network diagram Configuration procedure Configure a VLAN and assign ports to it: On each device shown in Figure 6, create VLAN 100 and assign ports GigabitEthernet 1/0/1 through GigabitEthernet 1/0/4 to VLAN 100. Enable CFD: # Enable CFD on Device A. <DeviceA>...
  • Page 33 [DeviceC] cfd ma MA_B md MD_B vlan 100 [DeviceC] cfd service-instance 2 md MD_B ma MA_B Configure MEPs: # On Device A, configure a MEP list in service instance 1. Create and enable inward-facing MEP 1001 in service instance 1 on GigabitEthernet 1/0/1. [DeviceA] cfd meplist 1001 4002 5001 service-instance 1 [DeviceA] interface gigabitethernet 1/0/1 [DeviceA-GigabitEthernet1/0/1] cfd mep 1001 service-instance 1 inbound...

  • Page 34: Verifying The Configuration

    [DeviceA-GigabitEthernet1/0/1] cfd cc service-instance 1 mep 1001 enable [DeviceA-GigabitEthernet1/0/1] quit # On Device B, enable the sending of CCM frames for MEP 2001 in service instance 2 on GigabitEthernet 1/0/3. [DeviceB] interface gigabitethernet 1/0/3 [DeviceB-GigabitEthernet1/0/3] cfd cc service-instance 2 mep 2001 enable [DeviceB-GigabitEthernet1/0/3] quit # On Device D, enable the sending of CCM frames for MEP 4001 in service instance 2 on GigabitEthernet 1/0/1.

  • Page 35: Configuring Dldp

    Configuring DLDP DLDP overview Background Unidirectional links occur when one end of a link can receive packets from the other end, but the other end cannot receive packets sent by the first end. Unidirectional links result in problems such as loops in an STP-enabled network.

  • Page 36: How Dldp Works

    performs operations such as identifying peer devices, detecting unidirectional links, and shutting down unreachable ports. The auto-negotiation mechanism and DLDP work together to make sure that physical/logical unidirectional links are detected and shut down, and to prevent failure of other protocols such as STP.
  • Page 37 DLDP timer Description This timer is set to 10 seconds. It is triggered when a device transits to the Probe state or when an enhanced detect is launched. When the Echo timer expires and no Echo packet has been received from a neighbor device, the state of the link is set to unidirectional and the device transits to the Disable state.
  • Page 38 Table 12 DLDP mode and neighbor entry aging Detecting a neighbor Removing the neighbor Triggering the Enhanced DLDP mode after the corresponding entry immediately after the timer after an Entry timer neighbor entry ages out Entry timer expires expires Normal DLDP mode Enhanced DLDP mode...
  • Page 39 Non-authentication: • The sending side sets the Authentication field and the Authentication type field of DLDP packets to 0. The receiving side checks the values of the two fields of received DLDP packets and drops the packets where the two fields conflict with the corresponding local configuration. Simple authentication: •...
  • Page 40 Table 15 Procedures for processing different types of DLDP packets received Packet type Processing procedure If the corresponding neighbor entry does not exist, creates the neighbor entry, triggers the Entry timer, and transits to Probe Retrieves the Advertisement state. neighbor packet with RSY tag information If the corresponding neighbor entry already exists, resets the...
  • Page 41 Packet type Processing procedure If not, performs no processing. If yes and the local port is not in Disable state, sets the state of the corresponding neighbor to unidirectional, and then checks Checks whether the the state of other neighbors. If all the neighbors are LinkDown packet local port operates unidirectional, transitions the local port to the Disable state.

  • Page 42: Dldp Configuration Task List

    Table 17 Description on DLDP neighbor states DLDP neighbor state Description A neighbor is in this state when it is just detected and is being probed. A neighbor is Unknown in this state only when it is being probed. It transits to Two way state or Unidirectional state after the probe operation finishes.

  • Page 43: Enabling Dldp

    Enabling DLDP To properly configure DLDP on the device, first enable DLDP globally, and then enable it on each port. To enable DLDP: Step Command Remarks Enter system view. system-view Enable DLDP globally. dldp enable Globally disabled by default. Enter Layer 2 Ethernet interface interface-type interface view.

  • Page 44: Setting The Delaydown Timer

    Step Command Remarks Optional. Set the interval to send dldp interval time Advertisement packets. 5 seconds by default. NOTE: The interval for sending Advertisement packets applies to all DLDP-enabled ports. • To enable DLDP to operate properly, make sure the intervals for sending Advertisement packets on both •...

  • Page 45: Configuring Dldp Authentication

    To set port shutdown mode: Step Command Remarks Enter system view. system-view Optional. dldp unidirectional-shutdown Set port shutdown mode. { auto | manual } auto by default. Configuring DLDP authentication You can guard your network against attacks and malicious probes by configuring an appropriate DLDP authentication mode, which can be simple authentication or MD5 authentication.

  • Page 46: Displaying And Maintaining Dldp

    Step Command Reset DLDP state. dldp reset Resetting DLDP state in interface view Resetting DLDP state in interface view applies to the current port. To reset DLDP state in interface view: Step Command Remarks Enter system view. system-view Enter Layer 2 Ethernet interface interface-type interface view.
  • Page 47 Figure 9 Network diagram Correct fiber connection Cross-connected fibers Device A Device A GE1/1/3 GE1/1/4 GE1/1/3 GE1/1/4 GE1/1/3 GE1/1/4 GE1/1/3 GE1/1/4 Device B Device B Ethernet Fiber link Tx end Rx end optical port Configuration procedure Configure Device A: # Enable DLDP globally. <DeviceA>...
  • Page 48 # Enable DLDP globally. <DeviceB> system-view [DeviceB] dldp enable # Configure GigabitEthernet 1/1/3 to operate in full duplex mode and at 1000 Mbps, and enable DLDP on it. [DeviceB] interface gigabitethernet 1/1/3 [DeviceB-GigabitEthernet1/1/3] duplex full [DeviceB-GigabitEthernet1/1/3] speed 1000 [DeviceB-GigabitEthernet1/1/3] dldp enable [DeviceB-GigabitEthernet1/1/3] quit # Configure GigabitEthernet 1/1/4 to operate in full duplex mode and at 1000 Mbps, and enable DLDP on it.
  • Page 49 Neighbor mac address : 0023-8956-3600 Neighbor port index : 60 Neighbor state : two way Neighbor aged time : 12 The output shows that both GigabitEthernet 1/1/3 and GigabitEthernet 1/1/4 are in Advertisement state, which means both links are bidirectional. # Enable system information monitoring on Device A, and enable the display of log and trap information.

  • Page 50: Manually Shutting Down Unidirectional Links

    The output shows that the link status of both GigabitEthernet 1/1/3 and GigabitEthernet 1/1/4 is now up. Manually shutting down unidirectional links Network requirements As shown in Figure 10, Device A and Device B are connected with two fiber pairs. •...
  • Page 51 [DeviceA-GigabitEthernet1/1/4] duplex full [DeviceA-GigabitEthernet1/1/4] speed 1000 [DeviceA-GigabitEthernet1/1/4] dldp enable [DeviceA-GigabitEthernet1/1/4] quit # Set the DLDP mode to enhanced. [DeviceA] dldp work-mode enhance # Set the port shutdown mode to manual. [DeviceA] dldp unidirectional-shutdown manual Configure Device B: # Enable DLDP globally. <DeviceB>...
  • Page 52 The neighbor number of the port is 1. Neighbor mac address : 0023-8956-3600 Neighbor port index : 59 Neighbor state : two way Neighbor aged time : 11 Interface GigabitEthernet1/1/4 DLDP port state : advertisement DLDP link state : up The neighbor number of the port is 1.

  • Page 53: Troubleshooting Dldp

    [DeviceA-GigabitEthernet1/1/3] quit [DeviceA] interface gigabitethernet 1/1/4 [DeviceA-GigabitEthernet1/1/4] shutdown %Jan 18 18:18:03:583 2010 DeviceA IFNET/3/LINK_UPDOWN: GigabitEthernet1/1/4 link status is DOWN. The output shows that the link status of both GigabitEthernet 1/1/3 and GigabitEthernet 1/1/4 is down. Assume that in this example, the unidirectional links are caused by cross-connected fibers. Correct the fiber connections, and then bring up the ports shut down earlier.

  • Page 54: Configuring Rrpp

    Configuring RRPP RRPP overview The Rapid Ring Protection Protocol (RRPP) is a link layer protocol designed for Ethernet rings. RRPP can prevent broadcast storms caused by data loops when an Ethernet ring is healthy, and rapidly restore the communication paths between the nodes in the event that a link is disconnected on the ring. Background Metropolitan area networks (MANs) and enterprise networks usually use the ring structure to improve reliability.
  • Page 55 RRPP ring A ring-shaped Ethernet topology is called an "RRPP ring". RRPP rings fall into two types: primary ring and subring. You can configure a ring as either the primary ring or a subring by specifying its ring level. The primary ring is of level 0, and a subring is of level 1.

  • Page 56: Rrppdus

    Primary port and secondary port Each master node or transit node has two ports connected to an RRPP ring, one serving as the primary port and the other serving as the secondary port. You can determine the port’s role. In terms of functionality, the primary port and the secondary port of a master node have the following differences: The primary port and the secondary port are designed to play the role of sending and receiving loop-detect packets respectively.

  • Page 57: Rrpp Timers

    Type Description The master node initiates Common-Flush-FDB packets to instruct the transit nodes Common-Flush-FDB to update their own MAC entries and ARP/ND entries when an RRPP ring transits to Disconnect state. FDB stands for Forwarding Database. The master node initiates Complete-Flush-FDB packets to instruct the transit nodes Complete-Flush-FDB to update their own MAC entries and ARP/ND entries and release blocked ports from being blocked temporarily when an RRPP ring transits to Health state.
  • Page 58 VLANs and sending Common-Flush-FDB packets to instruct all transit nodes to update their own MAC entries and ARP/ND entries. Link down alarm mechanism The transit node, the edge node or the assistant-edge node sends Link-Down packets to the master node immediately when they find any of its own ports belonging to an RRPP domain are down.

  • Page 59: Typical Rrpp Networking

    packets frequently. If more subrings are configured or if load balancing is configured for multiple domains, Device B and Device C will send or receive a mass of Edge-Hello packets. To reduce Edge-Hello traffic, you can assign Ring 2 and Ring 3 to an RRPP ring group configured on the edge node Device B and assign Ring 2 and Ring 3 to an RRPP ring group configured on Device C.
  • Page 60 Figure 13 Schematic diagram for a tangent-ring network Intersecting rings As shown in Figure 14, two or more rings are in the network topology and two common nodes exist between rings. You only need to define an RRPP domain and configure one ring as the primary ring and the other rings as subrings.
  • Page 61 Figure 15 Schematic diagram for a dual-homed-ring network Single-ring load balancing In a single-ring network, you can achieve load balancing by configuring multiple domains. As shown in Figure 16, Ring 1 is configured as the primary ring of both Domain 1 and Domain 2. Domain 1 and Domain 2 are configured with different protected VLANs.

  • Page 62: Protocols And Standards

    Figure 17 Schematic diagram for an intersecting-ring load balancing network Protocols and standards RFC 3619 Extreme Networks' Ethernet Automatic Protection Switching (EAPS) Version 1 is related to RRPP. RRPP configuration task list You can create RRPP domains based on service planning, specify control VLANs and data VLANs for each RRPP domain, and then determine the ring roles and node roles based on the traffic paths in each RRPP domain.

  • Page 63: Creating An Rrpp Domain

    Task Remarks Optional. Configuring an RRPP ring group Perform this task on the edge node and assistant-edge node in the RRPP domain. NOTE: RRPP does not have an auto election mechanism, so you must configure each node in the ring network •...

  • Page 64: Configuration Procedure

    Configuration procedure To configure control VLANs: Step Command Enter system view. system-view Enter RRPP domain view. rrpp domain domain-id Configure the primary control VLAN for the RRPP control-vlan vlan-id domain. Configuring protected VLANs Before configuring RRPP rings in an RRPP domain, configure the same protected VLANs for all nodes in the RRPP domain first.

  • Page 65: Configuring Rrpp Rings

    Step Command Remarks Enter RRPP domain view. rrpp domain domain-id Configure protected VLANs protected-vlan reference-instance By default, no protected VLAN is for the RRPP domain. instance-id-list configured for an RRPP domain. NOTE: When configuring load balancing, you must configure different protected VLANs for different RRPP domains.

  • Page 66: Configuring Rrpp Nodes

    Step Command Remarks Configure the link type of the By default, the link type of an port link-type trunk interface as trunk. interface is access. Assign the trunk port to the port trunk permit vlan { vlan-id-list By default, a trunk port allows only protected VLANs of the RRPP | all } packets of VLAN 1 to pass through.

  • Page 67: Activating An Rrpp Domain

    To specify an edge node: Step Command Enter system view. system-view Enter RRPP domain view. rrpp domain domain-id ring ring-id node-mode { master | transit } Specify the current device as a master node or [ primary-port interface-type interface-number ] transit node of the primary ring, and specify the [ secondary-port interface-type interface-number ] primary port and the secondary port.

  • Page 68: Configuring Rrpp Timers

    Step Command Remarks Enter RRPP domain view. rrpp domain domain-id Enable the specified RRPP ring ring-id enable Disabled by default. ring. Configuring RRPP timers Perform this configuration on the master node of an RRPP domain. To configure RRPP timers: Step Command Remarks Enter system view.

  • Page 69: Configuration Procedure

    Configuration procedure To configure an RRPP ring group: Step Command Enter system view. system-view Create an RRPP ring group and enter RRPP ring rrpp ring-group ring-group-id group view. Assign the specified subrings to the RRPP ring domain domain-id ring ring-id-list group.
  • Page 70 Specify Device B, Device C, and Device D as the transit nodes of primary ring 1. Specify their • GigabitEthernet 1/0/1 as the primary port and GigabitEthernet 1/0/2 as the secondary port. Figure 18 Network diagram Configuration procedure Configure Device A: # Create VLANs 1 through 30, map these VLANs to MSTI 1, and activate the MST region configuration.
  • Page 71 [DeviceA] rrpp domain 1 [DeviceA-rrpp-domain1] control-vlan 4092 [DeviceA-rrpp-domain1] protected-vlan reference-instance 1 # Configure Device A as the master node of primary ring 1, with GigabitEthernet 1/0/1 as the primary port and GigabitEthernet 1/0/2 as the secondary port, and enable ring 1. [DeviceA-rrpp-domain1] ring 1 node-mode master primary-port gigabitethernet 1/0/1 secondary-port gigabitethernet 1/0/2 level 0 [DeviceA-rrpp-domain1] ring 1 enable...

  • Page 72: Intersecting Ring Configuration Example

    [DeviceB-rrpp-domain1] quit # Enable RRPP. [DeviceB] rrpp enable Configure Device C: The configuration on Device C is similar to that on Device B and is not shown here. Configure Device D: The configuration on Device D is similar to that on Device B and is not shown here. Verify the configuration: Use the display command to view RRPP configuration and operational information on each device.
  • Page 73 Configuration procedure Configure Device A: # Create VLANs 1 through 30, map these VLANs to MSTI 1, and activate the MST region configuration. <DeviceA> system-view [DeviceA] vlan 1 to 30 [DeviceA] stp region-configuration [DeviceA-mst-region] instance 1 vlan 1 to 30 [DeviceA-mst-region] active region-configuration [DeviceA-mst-region] quit # Cancel the physical state change suppression interval setting on GigabitEthernet 1/0/1 and...
  • Page 74 [DeviceB-mst-region] instance 1 vlan 1 to 30 [DeviceB-mst-region] active region-configuration [DeviceB-mst-region] quit # Cancel the physical state change suppression interval setting on GigabitEthernet 1/0/1, GigabitEthernet 1/0/2, and GigabitEthernet 1/0/3, disable the spanning tree feature, and set the trusted packet priority type to 802.1p priority. Configure the three ports as trunk ports, and assign them to VLANs 1 through 30.
  • Page 75 # Create VLANs 1 through 30, map these VLANs to MSTI 1, and activate the MST region configuration. <DeviceC> system-view [DeviceC] vlan 1 to 30 [DeviceC] stp region-configuration [DeviceC-mst-region] instance 1 vlan 1 to 30 [DeviceC-mst-region] active region-configuration [DeviceC-mst-region] quit # Cancel the physical state change suppression interval setting on GigabitEthernet 1/0/1, GigabitEthernet 1/0/2, and GigabitEthernet 1/0/3, disable the spanning tree feature, and set the trusted packet priority type to 802.1p priority.
  • Page 76 [DeviceC-rrpp-domain1] quit # Enable RRPP. [DeviceC] rrpp enable Configure Device D: # Create VLANs 1 through 30, map these VLANs to MSTI 1, and activate the MST region configuration. <DeviceD> system-view [DeviceD] vlan 1 to 30 [DeviceD] stp region-configuration [DeviceD-mst-region] instance 1 vlan 1 to 30 [DeviceD-mst-region] active region-configuration [DeviceD-mst-region] quit # Cancel the physical state change suppression interval setting on GigabitEthernet 1/0/1 and...

  • Page 77: Dual Homed Rings Configuration Example

    [DeviceE] vlan 1 to 30 [DeviceE] stp region-configuration [DeviceE-mst-region] instance 1 vlan 1 to 30 [DeviceE-mst-region] active region-configuration [DeviceE-mst-region] quit # Cancel the physical state change suppression interval setting on GigabitEthernet 1/0/1 and GigabitEthernet 1/0/2, disable the spanning tree feature, and set the trusted packet priority type to 802.1p priority.
  • Page 78 Device A through Device D form primary ring 1. Device A, Device B, and Device E form subring 2. • Device A, Device B, and Device F form subring 3. Device C, Device D, and Device G form subring 4. Device C, Device D, and Device H form subring 5. •...
  • Page 79 [DeviceA-mst-region] instance 1 vlan 1 to 30 [DeviceA-mst-region] active region-configuration [DeviceA-mst-region] quit # Cancel the physical state change suppression interval setting on GigabitEthernet 1/0/1 through GigabitEthernet 1/0/4, disable the spanning tree feature, and set the trusted packet priority type to 802.1p priority. Configure the four ports as trunk ports, and assign them to VLANs 1 through [DeviceA] interface gigabitethernet 1/0/1 [DeviceA-GigabitEthernet1/0/1] undo link-delay [DeviceA-GigabitEthernet1/0/1] undo stp enable...
  • Page 80 [DeviceA-rrpp-domain1] ring 2 enable # Configure Device A as the edge node of subring 3, with GigabitEthernet 1/0/3 as the edge port, and enable subring 3. [DeviceA-rrpp-domain1] ring 3 node-mode edge edge-port gigabitethernet 1/0/3 [DeviceA-rrpp-domain1] ring 3 enable [DeviceA-rrpp-domain1] quit # Enable RRPP.
  • Page 81 [DeviceB-GigabitEthernet1/0/4] quit # Create RRPP domain 1. Configure VLAN 4092 as the primary control VLAN of RRPP domain 1, and configure the VLANs mapped to MSTI 1 as the protected VLANs of RRPP domain 1. [DeviceB] rrpp domain 1 [DeviceB-rrpp-domain1] control-vlan 4092 [DeviceB-rrpp-domain1] protected-vlan reference-instance 1 # Configure Device B as the transit node of primary ring 1, with GigabitEthernet 1/0/1 as the primary port and GigabitEthernet 1/0/2 as the secondary port, and enable ring 1.
  • Page 82 [DeviceC-GigabitEthernet1/0/2] port link-type trunk [DeviceC-GigabitEthernet1/0/2] port trunk permit vlan 1 to 30 [DeviceC-GigabitEthernet1/0/2] quit [DeviceC] interface gigabitethernet 1/0/3 [DeviceC-GigabitEthernet1/0/3] undo link-delay [DeviceC-GigabitEthernet1/0/3] undo stp enable [DeviceC-GigabitEthernet1/0/3] qos trust dot1p [DeviceC-GigabitEthernet1/0/3] port link-type trunk [DeviceC-GigabitEthernet1/0/3] port trunk permit vlan 1 to 30 [DeviceC-GigabitEthernet1/0/3] quit [DeviceC] interface gigabitethernet 1/0/4 [DeviceC-GigabitEthernet1/0/4] undo link-delay...
  • Page 83 [DeviceD-mst-region] quit # Cancel the physical state change suppression interval setting on GigabitEthernet 1/0/1 through GigabitEthernet 1/0/4, disable the spanning tree feature, and set the trusted packet priority type to 802.1p priority. Configure the four ports as trunk ports, and assign them to VLANs 1 through [DeviceD] interface gigabitethernet 1/0/1 [DeviceD-GigabitEthernet1/0/1] undo link-delay [DeviceD-GigabitEthernet1/0/1] undo stp enable...
  • Page 84 # Configure Device D as the edge node of subring 5, with GigabitEthernet 1/0/4 as the edge port, and enable subring 5. [DeviceD-rrpp-domain1] ring 5 node-mode edge edge-port gigabitethernet 1/0/4 [DeviceD-rrpp-domain1] ring 5 enable [DeviceD-rrpp-domain1] quit # Enable RRPP. [DeviceD] rrpp enable Configure Device E: # Create VLANs 1 through 30, map these VLANs to MSTI 1, and activate the MST region configuration.
  • Page 85 Configure Device F: # Create VLANs 1 through 30, map these VLANs to MSTI 1, and activate the MST region configuration. <DeviceF> system-view [DeviceF] vlan 1 to 30 [DeviceF] stp region-configuration [DeviceF-mst-region] instance 1 vlan 1 to 30 [DeviceF-mst-region] active region-configuration [DeviceF-mst-region] quit # Cancel the physical state change suppression interval setting on GigabitEthernet 1/0/1 and GigabitEthernet 1/0/2, disable the spanning tree feature, and set the trusted packet priority type...
  • Page 86 [DeviceG-mst-region] active region-configuration [DeviceG-mst-region] quit # Cancel the physical state change suppression interval setting on GigabitEthernet 1/0/1 and GigabitEthernet 1/0/2, disable the spanning tree feature, and set the trusted packet priority type to 802.1p priority. Configure the two ports as trunk ports, and assign them to VLANs 1 through [DeviceG] interface gigabitethernet 1/0/1 [DeviceG-GigabitEthernet1/0/1] undo link-delay [DeviceG-GigabitEthernet1/0/1] undo stp enable...

  • Page 87: Intersecting-Ring Load Balancing Configuration Example

    [DeviceH-GigabitEthernet1/0/1] undo stp enable [DeviceH-GigabitEthernet1/0/1] qos trust dot1p [DeviceH-GigabitEthernet1/0/1] port link-type trunk [DeviceH-GigabitEthernet1/0/1] port trunk permit vlan 1 to 30 [DeviceH-GigabitEthernet1/0/1] quit [DeviceH] interface gigabitethernet 1/0/2 [DeviceH-GigabitEthernet1/0/2] undo link-delay [DeviceH-GigabitEthernet1/0/2] undo stp enable [DeviceH-GigabitEthernet1/0/2] qos trust dot1p [DeviceH-GigabitEthernet1/0/2] port link-type trunk [DeviceH-GigabitEthernet1/0/2] port trunk permit vlan 1 to 30 [DeviceH-GigabitEthernet1/0/2] quit # Create RRPP domain 1.
  • Page 88 Figure 21 Network diagram Configuration procedure Configure Device A: # Create VLANs 1 and 2, map VLAN 1 to MSTI 1 and VLAN 2 to MSTI 2, and activate MST region configuration. <DeviceA> system-view [DeviceA] vlan 1 to 2 [DeviceA] stp region-configuration [DeviceA-mst-region] instance 1 vlan 1 [DeviceA-mst-region] instance 2 vlan 2 [DeviceA-mst-region] active region-configuration...
  • Page 89 [DeviceA-GigabitEthernet1/0/2] quit # Create RRPP domain 1. Configure VLAN 100 as the primary control VLAN of RRPP domain 1, and configure the VLAN mapped to MSTI 1 as the protected VLAN of RRPP domain 1. [DeviceA] rrpp domain 1 [DeviceA-rrpp-domain1] control-vlan 100 [DeviceA-rrpp-domain1] protected-vlan reference-instance 1 # Configure Device A as the master node of primary ring 1, with GigabitEthernet 1/0/1 as the primary port and GigabitEthernet 1/0/2 as the secondary port, and enable ring 1.
  • Page 90 [DeviceB-GigabitEthernet1/0/2] undo link-delay [DeviceB-GigabitEthernet1/0/2] undo stp enable [DeviceB-GigabitEthernet1/0/2] qos trust dot1p [DeviceB-GigabitEthernet1/0/2] port link-type trunk [DeviceB-GigabitEthernet1/0/2] port trunk permit vlan 1 2 [DeviceB-GigabitEthernet1/0/2] quit # Cancel the physical state change suppression interval setting on GigabitEthernet 1/0/3, disable the spanning tree feature, and set the trusted packet priority type to 802.1p priority. Configure the port as a trunk port, and assign it to VLAN 2.
  • Page 91 # Configure Device B as the transit node of primary ring 1, with GigabitEthernet 1/0/1 as the primary port and GigabitEthernet 1/0/2 as the secondary port, and enable ring 1. [DeviceB-rrpp-domain2] ring 1 node-mode transit primary-port gigabitethernet 1/0/1 secondary-port gigabitethernet 1/0/2 level 0 [DeviceB-rrpp-domain2] ring 1 enable # Configure Device B as the assistant-edge node of subring 2 in RRPP domain 2, with GigabitEthernet 1/0/3 as the edge port, and enable subring 2.
  • Page 92 [DeviceC-GigabitEthernet1/0/3] qos trust dot1p [DeviceC-GigabitEthernet1/0/3] port link-type trunk [DeviceC-GigabitEthernet1/0/3] undo port trunk permit vlan 1 [DeviceC-GigabitEthernet1/0/3] port trunk permit vlan 2 [DeviceC-GigabitEthernet1/0/3] port trunk pvid vlan 2 [DeviceC-GigabitEthernet1/0/3] quit # Cancel the physical state change suppression interval setting on GigabitEthernet 1/0/4, disable the spanning tree feature, and set the trusted packet priority type to 802.1p priority.
  • Page 93 [DeviceC] rrpp enable Configure Device D: # Create VLANs 1 and 2, map VLAN 1 to MSTI 1 and VLAN 2 to MSTI 2, and activate MST region configuration. <DeviceD> system-view [DeviceD] vlan 1 to 2 [DeviceD] stp region-configuration [DeviceD-mst-region] instance 1 vlan 1 [DeviceD-mst-region] instance 2 vlan 2 [DeviceD-mst-region] active region-configuration [DeviceD-mst-region] quit...
  • Page 94 [DeviceD-rrpp-domain2] ring 1 node-mode transit primary-port gigabitethernet 1/0/1 secondary-port gigabitethernet 1/0/2 level 0 [DeviceD-rrpp-domain2] ring 1 enable [DeviceD-rrpp-domain2] quit # Enable RRPP. [DeviceD] rrpp enable Configure Device E: # Create VLAN 2, map VLAN 2 to MSTI 2, and activate MST region configuration. <DeviceE>...
  • Page 95 # Enable RRPP. [DeviceE] rrpp enable Configure Device F: # Create VLAN 1, map VLAN 1 to MSTI 1, and activate MST region configuration. <DeviceF> system-view [DeviceF] vlan 1 [DeviceF-vlan1] quit [DeviceF] stp region-configuration [DeviceF-mst-region] instance 1 vlan 1 [DeviceF-mst-region] active region-configuration [DeviceF-mst-region] quit # Cancel the physical state change suppression interval setting on GigabitEthernet 1/0/1 and GigabitEthernet 1/0/2, disable the spanning tree feature, and set the trusted packet priority type...

  • Page 96: Troubleshooting

    # Create RRPP ring group 1 on Device C, and add subrings 2 and 3 to the RRPP ring group. [DeviceC] rrpp ring-group 1 [DeviceC-rrpp-ring-group1] domain 2 ring 2 [DeviceC-rrpp-ring-group1] domain 1 ring 3 Verify the configuration: Use the display command to view RRPP configuration and operational information on each device. Troubleshooting Symptom When the link state is normal, the master node cannot receive Hello packets, and the master node...

  • Page 97: Configuring Smart Link

    Configuring Smart Link Smart Link overview Background To avoid single-point failures and guarantee network reliability, downstream devices are usually dual-homed to upstream devices, as shown in Figure Figure 22 Diagram for a dual uplink network To remove network loops on a dual-homed network, you can use a spanning tree protocol or the Rapid Ring Protection Protocol (RRPP).

  • Page 98: Terminology

    Dedicated to dual uplink networks • • Subsecond convergence Easy to configure • Terminology Smart link group A smart link group consists of only two member ports: the master and the slave ports. At a time, only one port is active for forwarding, and the other port is blocked and in standby state. When link failure occurs on the active port due to port shutdown or presence of unidirectional link, the standby port becomes active to take over and the original active port transits to the blocked state.

  • Page 99: How Smart Link Works

    How Smart Link works Link backup mechanism As shown in Figure 22, the link on Port1 of Device C is the master link, and the link on Port2 of Device C is the slave link. Typically, Port1 is in forwarding state, and Port2 is in standby state. When the master link fails, Port2 takes over to forward traffic and Port1 is blocked and placed in standby state.

  • Page 100: Smart Link Configuration Task List

    downlink ports to the up/down state of uplink ports, triggering Smart Link to perform link switchover on the downstream device. For more information about Monitor Link, see "Configuring Monitor Link." Smart Link configuration task list A smart link device is a device that supports Smart Link and is configured with a smart link group and a transmit control VLAN for flush message transmission.

  • Page 101: Configuring Member Ports For A Smart Link Group

    Step Command Remarks Enter system view. system-view For more information about the Enter MST region view. stp region-configuration command, see Layer 2—LAN Switching Command Reference. Optional. Use either approach. Approach 1: All VLANs in an MST region are Configure the instance instance-id vlan vlan-list mapped to CIST (MSTI 0) by VLAN-to-instance mapping...

  • Page 102: Configuring Role Preemption For A Smart Link Group

    Step Command Enter system view. system-view Enter Layer 2 Ethernet interface view or layer 2 interface interface-type interface-number aggregate interface view. Configure member ports for a smart link group. port smart-link group group-id { master | slave } Configuring role preemption for a smart link group Step Command Remarks...

  • Page 103: Configuring An Associated Device

    Configuring an associated device Configuration prerequisites Disable the spanning tree feature on the associated device’s ports that connect to the member ports of the smart link group; otherwise, the ports will discard flush messages when they are not in the forwarding state in case of a topology change.

  • Page 104: Smart Link Configuration Examples

    Task Command Remarks Clear the statistics about flush reset smart-link statistics Available in user view messages. Smart Link configuration examples Single smart link group configuration example Network requirements As shown in Figure 23, Device C and Device D are smart link devices, and Device A, Device B, and Device E are associated devices.
  • Page 105 [DeviceC-GigabitEthernet1/0/1] undo stp enable [DeviceC-GigabitEthernet1/0/1] port link-type trunk [DeviceC-GigabitEthernet1/0/1] port trunk permit vlan 1 to 30 [DeviceC-GigabitEthernet1/0/1] quit [DeviceC] interface gigabitethernet 1/0/2 [DeviceC-GigabitEthernet1/0/2] shutdown [DeviceC-GigabitEthernet1/0/2] undo stp enable [DeviceC-GigabitEthernet1/0/2] port link-type trunk [DeviceC-GigabitEthernet1/0/2] port trunk permit vlan 1 to 30 [DeviceC-GigabitEthernet1/0/2] quit # Create smart link group 1, and configure all VLANs mapped to MSTI 1 as the protected VLANs.
  • Page 106 [DeviceD-GigabitEthernet1/0/2] shutdown [DeviceD-GigabitEthernet1/0/2] undo stp enable [DeviceD-GigabitEthernet1/0/2] port link-type trunk [DeviceD-GigabitEthernet1/0/2] port trunk permit vlan 1 to 30 [DeviceD-GigabitEthernet1/0/2] quit # Create smart link group 1, and configure all VLANs mapped to MSTI 1 as the protected VLANs. [DeviceD] smart-link group 1 [DeviceD-smlk-group1] protected-vlan reference-instance 1 # Configure GigabitEthernet 1/0/1 as the master port and GigabitEthernet 1/0/2 as the slave port for smart link group 1.
  • Page 107 [DeviceB] interface gigabitethernet 1/0/3 [DeviceB-GigabitEthernet1/0/3] port link-type trunk [DeviceB-GigabitEthernet1/0/3] port trunk permit vlan 1 to 30 [DeviceB-GigabitEthernet1/0/3] undo stp enable [DeviceB-GigabitEthernet1/0/3] smart-link flush enable control-vlan 10 [DeviceB-GigabitEthernet1/0/3] quit Configure Device E: # Create VLANs 1 through 30. <DeviceE> system-view [DeviceE] vlan 1 to 30 # Configure GigabitEthernet 1/0/1 as a trunk port, and assign it to VLANs 1 through 30.

  • Page 108: Multiple Smart Link Groups Load Sharing Configuration Example

    [DeviceA] interface gigabitethernet 1/0/2 [DeviceA-GigabitEthernet1/0/2] port link-type trunk [DeviceA-GigabitEthernet1/0/2] port trunk permit vlan 1 to 30 [DeviceA-GigabitEthernet1/0/2] smart-link flush enable control-vlan 10 20 [DeviceA-GigabitEthernet1/0/2] quit Verify the configuration: You can use the display smart-link group command to display the smart link group configuration on a device.
  • Page 109 Figure 24 Network diagram Configuration procedure Configure Device C: # Create VLAN 1 through VLAN 200. Map VLANs 1 through 100 to MSTI 1. Map VLANs 101 through 200 to MSTI 2, and activate MST region configuration. <DeviceC> system-view [DeviceC] vlan 1 to 200 [DeviceC] stp region-configuration [DeviceC-mst-region] instance 1 vlan 1 to 100 [DeviceC-mst-region] instance 2 vlan 101 to 200...
  • Page 110 # Enable role preemption in smart link group 1, enable flush message sending, and configure VLAN 10 as the transmit control VLAN. [DeviceC-smlk-group1] preemption mode role [DeviceC-smlk-group-1] flush enable control-vlan 10 [DeviceC-smlk-group-1] quit # Create smart link group 2, and configure all VLANs mapped to MSTI 2 as the protected VLANs for smart link group 2.
  • Page 111 # Create VLAN 1 through VLAN 200. <DeviceD> system-view [DeviceD] vlan 1 to 200 # Configure GigabitEthernet 1/0/1 as a trunk port and assign it to VLANs 1 through 200. Enable flush message receiving and configure VLAN 10 and VLAN 110 as the receive control VLANs on GigabitEthernet 1/0/1.
  • Page 112 Protected VLAN: Reference Instance 1 Member Role State Flush-count Last-flush-time ----------------------------------------------------------------------------- GigabitEthernet1/0/1 MASTER ACTVIE 16:37:20 2010/02/21 GigabitEthernet1/0/2 SLAVE STANDBY 17:45:20 2010/02/21 Smart link group 2 information: Device ID: 000f-e23d-5af0 Preemption mode: ROLE Preemption delay: 1(s) Control VLAN: 110 Protected VLAN: Reference Instance 2 Member Role State...

  • Page 113: Configuring Monitor Link

    Configuring Monitor Link Monitor Link overview Monitor Link is a port collaboration function. Monitor Link usually works together with Layer 2 topology protocols. The idea is to monitor the states of uplink ports and adapt the up/down state of downlink ports to the up/down state of uplink ports, triggering link switchover on the downstream device in time, as shown in Figure...

  • Page 114: How Monitor Link Works

    Downlink ports are the monitoring ports. The state of the downlink ports in a monitor link group • adapts to that of the monitor link group. When the state of a monitor link group changes, the state of its member downlink ports change accordingly. The state of the downlink ports in a monitor link group is always consistent with that of the monitor link group.

  • Page 115: Displaying And Maintaining Monitor Link

    Step Command Enter system view. system-view Enter monitor link group view. monitor-link group group-id port interface-type interface-number { uplink | Configure member ports for the monitor link group. downlink } In interface view To configure member ports for a monitor link group in interface view: Step Command Enter system view.
  • Page 116 Figure 26 Network diagram Configuration procedure Configure Device C: # Create VLANs 1 through 30, map these VLANs to MSTI 1, and activate MST region configuration. <DeviceC> system-view [DeviceC] vlan 1 to 30 [DeviceC] stp region-configuration [DeviceC-mst-region] instance 1 vlan 1 to 30 [DeviceC-mst-region] active region-configuration [DeviceC-mst-region] quit # Disable the spanning tree feature on GigabitEthernet 1/0/1 and GigabitEthernet 1/0/2...
  • Page 117 Configure Device A: # Create VLANs 1 through 30. <DeviceA> system-view [DeviceA] vlan 1 to 30 # Configure GigabitEthernet 1/0/1 and GigabitEthernet 1/0/2 as trunk ports, assign them to VLANs 1 through 30, and enable flush message receiving on them. [DeviceA] interface gigabitethernet 1/0/1 [DeviceA-GigabitEthernet1/0/1] port link-type trunk [DeviceA-GigabitEthernet1/0/1] port trunk permit vlan 1 to 30...
  • Page 118 # Configure GigabitEthernet 1/0/1 as a trunk port, assign it to VLANs 1 through 30, and enable flush message receiving on it. [DeviceD] interface gigabitethernet 1/0/1 [DeviceD-GigabitEthernet1/0/1] port link-type trunk [DeviceD-GigabitEthernet1/0/1] port trunk permit vlan 1 to 30 [DeviceD-GigabitEthernet1/0/1] smart-link flush enable [DeviceD-GigabitEthernet1/0/1] quit # Configure GigabitEthernet 1/0/2 as a trunk port, assign it to VLANs 1 through 30, disable the spanning tree feature, and enable flush message receiving on it.

  • Page 119: Configuring Vrrp

    Configuring VRRP The term router in this document refers to both routers and Layer 3 switches. • The term interface in the VRRP feature refers to VLAN interfaces. • VRRP overview Typically, as shown in Figure 27, you can configure a default route with the gateway as the next hop for every host on a network segment.

  • Page 120: Vrrp Standard Protocol Mode

    Load balancing mode—Extends the standard protocol mode and realizes load balancing. For more • information, see "VRRP load balancing mode." VRRP standard protocol mode Introduction to VRRP group VRRP combines a group of routers (including a master and multiple backups) on a LAN into a virtual router called VRRP group.

  • Page 121: Vrrp Timers

    VRRP priority is in the range of 0 to 255. The greater the number, the higher the priority. Priorities 1 to 254 are configurable. Priority 0 is reserved for special uses and priority 255 for the IP address owner. When a router acts as the IP address owner, its running priority is always 255. That is, the IP address owner in a VRRP group acts as the master as long as it operates properly.

  • Page 122: Packet Format

    Packet format The master multicasts VRRP packets periodically to declare its existence. VRRP packets are also used for checking the parameters of the virtual router and electing the master. VRRP packets are encapsulated in IP packets, with the protocol number being 1 12. Figure 29 shows the format of a VRRPv2 packet and...

  • Page 123: Principles Of Vrrp

    Count IP Addrs/Count IPv6 Addrs—Number of virtual IPv4 or IPv6 addresses for the VRRP group. • A VRRP group can have multiple virtual IPv4 or IPv6 addresses. Auth Type—Authentication type. 0 means no authentication, 1 means simple text authentication, • and 2 means MD5 authentication.

  • Page 124: Vrrp Application (Taking Ipv4-Based Vrrp For Example)

    If the uplink interface of a router in a VRRP group fails, usually the VRRP group cannot be aware of the uplink interface failure. If the router is the master of the VRRP group, hosts on the LAN are not able to access external networks because of the uplink failure.

  • Page 125: Vrrp Load Balancing Mode

    In load sharing mode, multiple routers provide services simultaneously. This mode requires two or more VRRP groups, each of which comprises a master and one or more backups. The masters of the VRRP groups are assumed by different routers, as shown in Figure Figure 32 VRRP in load sharing mode A router can be in multiple VRRP groups and hold a different priority in a different group.

  • Page 126: Assigning Virtual Mac Addresses

    balancing mode, you need to create only one VRRP group to balance load among multiple routers, instead of allowing one router to bear the load but other routers to stay idle. VRRP load balancing mode is based on VRRP standard protocol mode, so mechanisms, such as master election, preemption, and tracking functions, in the standard protocol mode are also supported in the load balancing mode.
  • Page 127 Figure 34 Answering ARP requests Network Router A Router B Master Backup Virtual IP: 10.1.1.1/24 Virtual MAC: 000f-e2ff-0012 Virtual MAC: 000f-e2ff-0011 ARP request ARP reply Target IP: 10.1.1.1/24 Target MAC: 000f-e2ff-0011 ARP request ARP reply Target IP: 10.1.1.1/24 Target MAC: 000f-e2ff-0012 Gateway IP: 10.1.1.1/24 Gateway IP: 10.1.1.1/24 Host A...

  • Page 128: Virtual Forwarder

    Virtual forwarder Creating a virtual forwarder Virtual MAC addresses help different hosts transmit packets to different routers in a VRRP group. To enable the routers in the VRRP group to forward the packets, be sure to create virtual forwarders (VFs) on the routers.
  • Page 129 Figure 36 VF information Figure 36 illustrates the VF information on each router in the VRRP group and how the routers back up one another. The master, Router A, assigns virtual MAC addresses 000f-e2ff-001 1, 000f-e2ff-0012, and 000f-e2ff-0013 to itself, Router B, and Router C, respectively. The VFs corresponding to these three virtual MAC addresses, VF 1, VF 2, and VF 3, are created on each of the three routers, and the VFs corresponding to the same virtual MAC address on different routers back up one another.

  • Page 130: Packet Types

    Timeout Timer—The duration that the new AVF takes over the VF owner. Before this timer times out, • all the routers in the VRRP group keep the failed AVF, and the new AVF forwards the packets destined for the virtual MAC address corresponding to the failed AVF. When this timer times out, all the routers in the VRRP group remove the failed AVF, and the new AVF stops forwarding the packets destined for the virtual MAC address corresponding to the failed AVF.

  • Page 131: Configuring A Vrrp Operation Mode

    Complete these tasks to configure VRRP for IPv4: Task Remarks Configuring a VRRP operation mode Optional. Optional. Specifying the type of MAC addresses mapped to When VRRP is operating in load balancing mode, virtual IP addresses this configuration is not effective. Creating a VRRP group and configuring virtual IP Required.

  • Page 132: Creating A Vrrp Group And Configuring Virtual Ip Address

    from hosts so that the hosts in the internal network can learn the mapping between the IP address and the MAC address. The following types of MAC addresses are available to be mapped to the virtual IP address of a VRRP group: Virtual MAC to virtual IP mapping—By default, a virtual MAC address is automatically created for •...

  • Page 133: Configuring Router Priority, Preemptive Mode And Tracking Function

    When a router is the IP address owner in a VRRP group, HP recommends you not to use the IP • address of the interface (virtual IP address of the VRRP group) to establish a neighbor relationship with the adjacent router, that is, not to use the network command to enable OSPF on the interface. For more information about network command, see Layer 3—IP Routing Command Reference.

  • Page 134: Configuring Vf Tracking

    If the state of a tracked interface changes from down or removed to up, the priority of the router • where the interface resides is automatically restored. If the state of a track entry changes from negative or invalid to positive, the priority of the router •...

  • Page 135: Configuring Vrrp Packet Attributes

    Configuration prerequisites Before you configure the VF tracking function, create a VRRP group and configure a virtual IP address for Configuration procedure VRRP operates in load balancing mode. Assume that you have configured the VF tracking function to monitor the track entry and specified the value by which the weight decreases. When the status of the track entry becomes negative, the weight values of all VFs on the router decrease by the specified value.

  • Page 136: Enabling The Trap Function For Vrrp

    Configuration prerequisites Before you configure the relevant attributes of VRRP packets, create a VRRP group and configure a virtual IP address for it. Configuration procedure To configure VRRP packet attributes: Step Command Remarks Enter system view. system-view Set the Differentiated Services Optional.

  • Page 137: Configuring Vrrp For Ipv6

    Task Command Remarks display vrrp [ verbose ] [ interface interface-type interface-number Display VRRP group status. [ vrid virtual-router-id ] ] [ | { begin Available in any view | exclude | include } regular-expression ] display vrrp statistics [ interface interface-type interface-number Display VRRP group statistics.

  • Page 138: Creating A Vrrp Group And Configuring A Virtual Ipv6 Address

    Virtual MAC to virtual IP mapping—By default, a virtual MAC address is automatically created for • a VRRP group when the VRRP group is created, and the virtual IPv6 address of the VRRP group is mapped to the virtual MAC address. When such a mapping is adopted, the hosts in the internal network do not need to update the mapping between the IPv6 address and the MAC address when the master changes.

  • Page 139: Configuring Router Priority, Preemptive Mode And Tracking Function

    Configuration prerequisites Before creating a VRRP group and configuring a virtual IPv6 address on an interface, configure an IPv6 address for the interface and make sure that it is in the same network segment as the virtual IPv6 address to be configured. Configuration procedure To create a VRRP group and configure its virtual IPv6 address: Step...

  • Page 140: Configuring Vf Tracking

    Configuration procedure By configuring router priority, preemptive mode, interface tracking, or a track entry, determine which router in the VRRP group serves as the master. To configure router priority, preemptive mode and interface tracking: Step Command Remarks Enter system view. system-view Enter the specified interface interface interface-type...

  • Page 141: Configuring Vrrp Packet Attributes

    the status of the track entry becomes positive or invalid, the weight values of all VFs on the router restore their original values. If you configure the VF tracking function on an LVF to monitor its corresponding AVF on a specified router, the LVF can take over the AVF immediately when the status of the track entry becomes negative, to ensure uninterrupted network communications.

  • Page 142: Displaying And Maintaining Vrrp For Ipv6

    Step Command Remarks Optional. Set the DSCP value for VRRP vrrp ipv6 dscp dscp-value packets. 56 by default. Enter the specified interface interface interface-type view. interface-number Configure the authentication Optional. vrrp ipv6 vrid virtual-router-id mode and authentication key authentication-mode simple Authentication is not performed by when the VRRP groups send [ cipher ] key...
  • Page 143 Figure 37 Network diagram Configuration procedure Configure Switch A: # Configure VLAN 2. <SwitchA> system-view [SwitchA] vlan 2 [SwitchA-vlan2] port gigabitethernet 1/0/5 [SwitchA-vlan2] quit [SwitchA] interface vlan-interface 2 [SwitchA-Vlan-interface2] ip address 202.38.160.1 255.255.255.0 # Create VRRP group 1 and set its virtual IP address to 202.38.160.111. [SwitchA-Vlan-interface2] vrrp vrid 1 virtual-ip 202.38.160.111 # Set the priority of Switch A in VRRP group 1 to 110, which is higher than that of Switch B (100), so that Switch A can become the master.
  • Page 144 Verify the configuration: After the configuration, Host B can be pinged successfully on Host A. To verify your configuration, use the display vrrp verbose command. # Display the detailed information about VRRP group 1 on Switch A. [SwitchA-Vlan-interface2] display vrrp verbose IPv4 Standby Information: Run Mode : Standard...

  • Page 145: Vrrp Interface Tracking Configuration Example

    Preempt Mode : Yes Delay Time Auth Type : None Virtual IP : 202.38.160.111 Virtual MAC : 0000-5e00-0101 Master IP : 202.38.160.2 The output shows that when Switch A fails, Switch B becomes the master, and packets sent from Host A to Host B are forwarded by Switch B. # After Switch A resumes normal operation, use the display vrrp verbose command to display the detailed information about VRRP group 1 on Switch A.
  • Page 146 Figure 38 Network diagram Configuration procedure Configure Switch A: # Configure VLAN 2. <SwitchA> system-view [SwitchA] vlan 2 [SwitchA-vlan2] port gigabitethernet 1/0/5 [SwitchA-vlan2] quit [SwitchA] interface vlan-interface 2 [SwitchA-Vlan-interface2] ip address 202.38.160.1 255.255.255.0 # Create a VRRP group 1 and set its virtual IP address to 202.38.160.111. [SwitchA-Vlan-interface2] vrrp vrid 1 virtual-ip 202.38.160.111 # Configure the priority of Switch A in the VRRP group to 110, which is higher than that of Switch B (100), so that Switch A can become the master.
  • Page 147 [SwitchB-vlan2] port gigabitethernet 1/0/5 [SwitchB-vlan2] quit [SwitchB] interface vlan-interface 2 [SwitchB-Vlan-interface2] ip address 202.38.160.2 255.255.255.0 # Create a VRRP group 1 and set its virtual IP address to 202.38.160.111. [SwitchB-Vlan-interface2] vrrp vrid 1 virtual-ip 202.38.160.111 # Configure the authentication mode of the VRRP group as simple and authentication key as hello. [SwitchB-Vlan-interface2] vrrp vrid 1 authentication-mode simple hello # Set the interval for master to send VRRP advertisement to four seconds.
  • Page 148 Virtual IP : 202.38.160.111 Master IP : 202.38.160.1 The output shows that in VRRP group 1 Switch A is the master, Switch B is the backup and packets sent from Host A to Host B are forwarded by Switch A. If interface VLAN-interface 3 through which Switch A connects to the Internet is not available, you can still ping Host B successfully on Host A.

  • Page 149: Vrrp With Multiple Vlans Configuration Example

    VRRP with multiple VLANs configuration example Network requirements • Hosts in VLAN 2 use 202.38.160.100/25 as their default gateway and hosts in VLAN 3 use 202.38.160.200/25 as their default gateway. Switch A and Switch B belong to both VRRP group 1 and VRRP group 2. The virtual IP address of •...
  • Page 150 [SwitchA-vlan3] quit [SwitchA] interface vlan-interface 3 [SwitchA-Vlan-interface3] ip address 202.38.160.130 255.255.255.128 # Create a VRRP group 2 and set its virtual IP address to 202.38.160.200. [SwitchA-Vlan-interface3] vrrp vrid 2 virtual-ip 202.38.160.200 Configure Switch B: # Configure VLAN 2. <SwitchB> system-view [SwitchB] vlan 2 [SwitchB-vlan2] port gigabitethernet 1/0/5 [SwitchB-vlan2] quit...

  • Page 151: Vrrp Load Balancing Mode Configuration Example

    Admin Status : Up State : Backup Config Pri : 100 Running Pri : 100 Preempt Mode : Yes Delay Time Become Master : 2200ms left Auth Type : None Virtual IP : 202.38.160.200 Master IP : 202.38.160.131 # Display the detailed information about the VRRP group on Switch B. [SwitchB-Vlan-interface3] display vrrp verbose IPv4 Standby Information: Run Mode...
  • Page 152 Configure track entries on Switch C to monitor Switch A and Switch B. When Switch A or Switch B • fails, Switch C immediately takes over the AVF on Switch A or Switch B. Figure 40 Network diagram Network Switch A Switch B Switch C Vlan-int3...
  • Page 153 # Create track entry 1 to associate with the physical status of VLAN-interface 3 on Switch A. When the track entry becomes negative, it means that the interface fails. [SwitchA] track 1 interface vlan-interface 3 # Configure VF tracking to monitor track entry 1 and specify the value by which the weight decreases, making the weight of Switch A decrease by more than 245 (250 in this example) when track entry 1 turns to negative.
  • Page 154 # Set Switch C to operate in preemptive mode. The preemption delay is five seconds. [SwitchC-Vlan-interface2] vrrp vrid 1 preempt-mode timer delay 5 [SwitchC-Vlan-interface2] quit # Create track entry 1 to associate with the physical status of VLAN-interface 3 on Switch C. When the track entry becomes negative, it means that the interface fails.
  • Page 155 Forwarder Information: 3 Forwarders 1 Active Config Weight : 255 Running Weight : 255 Forwarder 01 State : Active Virtual MAC : 000f-e2ff-0011 (Owner) Owner ID : 0000-5e01-1101 Priority : 255 Active : local Forwarder 02 State : Listening Virtual MAC : 000f-e2ff-0012 (Learnt) Owner ID : 0000-5e01-1103...
  • Page 156 Active : 10.1.1.2 Forwarder 02 State : Active Virtual MAC : 000f-e2ff-0012 (Owner) Owner ID : 0000-5e01-1103 Priority : 255 Active : local Forwarder 03 State : Listening Virtual MAC : 000f-e2ff-0013 (Learnt) Owner ID : 0000-5e01-1105 Priority : 127 Active : 10.1.1.4 Forwarder Weight Track Information:...
  • Page 157 State : Active Virtual MAC : 000f-e2ff-0013 (Owner) Owner ID : 0000-5e01-1105 Priority : 255 Active : local Forwarder Weight Track Information: Track Object State : Positive Weight Reduced : 250 Forwarder Switchover Track Information: Track Object State : Positive Member IP : 10.1.1.2 Track Object...
  • Page 158 Virtual MAC : 000f-e2ff-0013 (Learnt) Owner ID : 0000-5e01-1105 Priority Active : 10.1.1.4 Forwarder Weight Track Information: Track Object State : Negative Weight Reduced : 250 # Use the display vrrp verbose command to display the detailed information about VRRP group 1 on Switch C.
  • Page 159 Track Object State : Positive Weight Reduced : 250 Forwarder Switchover Track Information: Track Object State : Positive Member IP : 10.1.1.2 Track Object State : Positive Member IP : 10.1.1.3 The output shows that when VLAN interface 3 on Switch A fails, the weight of the AVF on Switch A decreases to 5, which is lower than the lower limit of failure.
  • Page 160 Member IP : 10.1.1.2 Track Object State : Positive Member IP : 10.1.1.3 The output shows that when the timeout timer expires, the VF corresponding to virtual MAC address 000f-e2ff-0011 is removed, and does not forward the packets destined for the MAC address any more.

  • Page 161: Ipv6-Based Vrrp Configuration Examples

    Interface GigabitEthernet1/0/1 VRID Adver Timer Admin Status : Up State : Master Config Pri : 100 Running Pri : 100 Preempt Mode : Yes Delay Time Auth Type : None Virtual IP : 10.1.1.1 Member IP List : 10.1.1.4 (Local, Master) Forwarder Information: 2 Forwarders 2 Active Config Weight : 255...
  • Page 162 Figure 41 Network diagram Configuration procedure Configure Switch A: # Configure VLAN 2. <SwitchA> system-view [SwitchA] ipv6 [SwitchA] vlan 2 [SwitchA-vlan2] port gigabitethernet 1/0/5 [SwitchA-vlan2] quit [SwitchA] interface vlan-interface 2 [SwitchA-Vlan-interface2] ipv6 address fe80::1 link-local [SwitchA-Vlan-interface2] ipv6 address 1::1 64 # Create a VRRP group 1 and set its virtual IPv6 addresses to FE80::10 and 1::10.
  • Page 163 [SwitchB] interface vlan-interface 2 [SwitchB-Vlan-interface2] ipv6 address fe80::2 link-local [SwitchB-Vlan-interface2] ipv6 address 1::2 64 # Create a VRRP group 1 and set its virtual IPv6 addresses to FE80::10 and 1::10. [SwitchB-Vlan-interface2] vrrp ipv6 vrid 1 virtual-ip fe80::10 link-local [SwitchB-Vlan-interface2] vrrp ipv6 vrid 1 virtual-ip 1::10 # Configure Switch B to operate in preemptive mode, with the preemption delay set to 5 seconds.

  • Page 164: Vrrp Interface Tracking Configuration Example

    When Switch A fails, you can still successfully ping Host B on Host A. To view the detailed information about the VRRP group on Switch B, use the display vrrp ipv6 verbose command. # When Switch A fails, the detailed information about VRRP group 1 on Switch B is displayed. [SwitchB-Vlan-interface2] display vrrp ipv6 verbose IPv6 Standby Information: Run Mode...
  • Page 165 When Switch A operates properly, packets sent from Host A to Host B are forwarded by Switch A. • If VLAN-interface 3 through which Switch A connects to the Internet is not available, packets sent from Host A to Host B are forwarded by Switch B. •...
  • Page 166 [SwitchA-Vlan-interface2] vrrp ipv6 vrid 1 preempt-mode timer delay 5 # Set VLAN-interface 3 on Switch A to be tracked, and configure the amount by which the priority value decreases to be more than 10 (30 in this example), so that when VLAN interface 3 fails, the priority of Switch A in VRRP group 1 decreases to a value lower than 100 and thus Switch B can become the master.
  • Page 167 Auth Type : Simple : ****** Virtual IP : FE80::10 1::10 Virtual MAC : 0000-5e00-0201 Master IP : FE80::1 VRRP Track Information: Track Interface: Vlan3 State : Up Pri Reduced : 30 # Display the detailed information about VRRP group 1 on Switch B. [SwitchB-Vlan-interface2] display vrrp ipv6 verbose IPv6 Standby Information: Run Mode...

  • Page 168: Vrrp With Multiple Vlans Configuration Example

    # When interface VLAN-interface 3 on Switch A is not available, the detailed information about VRRP group 1 on Switch B is displayed. [SwitchB-Vlan-interface2] display vrrp ipv6 verbose IPv6 Standby Information: Run Mode : Standard Run Method : Virtual MAC Total number of virtual routers : 1 Interface Vlan-interface2 VRID...
  • Page 169 Figure 43 Network diagram Virtual IPv6 address 1: FE80::10 1::10/64 Vlan-int2 Switch A FE80::1 1::1/64 VLAN 2 Vlan-int3 Gateway: 1::10/64 FE90::1 2::1/64 Internet Vlan-int2 VLAN 3 FE80::2 1::2/64 Gateway: 2::10/64 Vlan-int3 FE90::2 Switch B 2::2/64 Virtual IPv6 address 2: FE90::10 2::10/64 Configuration procedure Configure Switch A:...
  • Page 170 # Create VRRP group 2 and set its virtual IPv6 addresses to FE90::10 and 2::10. [SwitchA-Vlan-interface3] vrrp ipv6 vrid 2 virtual-ip fe90::10 link-local [SwitchA-Vlan-interface3] vrrp ipv6 vrid 2 virtual-ip 2::10 # Enable Switch A to send RA messages, so that hosts in VLAN 3 can learn the default gateway address.
  • Page 171 Total number of virtual routers : 2 Interface Vlan-interface2 VRID Adver Timer : 100 Admin Status : Up State : Master Config Pri : 110 Running Pri : 110 Preempt Mode : Yes Delay Time Auth Type : None Virtual IP : FE80::10 1::10 Virtual MAC...

  • Page 172: Vrrp Load Balancing Mode Configuration Example

    The output shows that in VRRP group 1 Switch A is the master, Switch B is the backup and hosts with the default gateway of 1::10/64 accesses the Internet through Switch A; in VRRP group 2 Switch A is the backup, Switch B is the master and hosts with the default gateway of 2::10/64 accesses the Internet through Switch B.
  • Page 173 # Configure VRRP to operate in load balancing mode. [SwitchA] vrrp mode load-balance # Create VRRP group 1 and configure its virtual IPv6 addresses as FE80::10 and 1::10. [SwitchA] interface vlan-interface 2 [SwitchA-Vlan-interface2] ipv6 address fe80::1 link-local [SwitchA-Vlan-interface2] ipv6 address 1::1 64 [SwitchA-Vlan-interface2] vrrp ipv6 vrid 1 virtual-ip fe80::10 link-local [SwitchA-Vlan-interface2] vrrp ipv6 vrid 1 virtual-ip 1::10 # Set the priority of Switch A in VRRP group 1 to 120, which is higher than that of Switch B (110)
  • Page 174 # Enable Switch B to send RA messages so that hosts on network segment 1::/64 can learn the default gateway address. [SwitchB-Vlan-interface2] undo ipv6 nd ra halt [SwitchB-Vlan-interface2] quit # Create track entry 1 to associate with the physical status of VLAN-interface 3 on Switch B. When the track entry becomes negative, it means that the interface fails.
  • Page 175 Run Mode : Load Balance Run Method : Virtual MAC Total number of virtual routers : 1 Interface Vlan-interface2 VRID Adver Timer : 100 Admin Status : Up State : Master Config Pri : 120 Running Pri : 120 Preempt Mode : Yes Delay Time Auth Type...
  • Page 176 Become Master : 2200ms left Auth Type : None Virtual IP : FE80::10 1::10 Member IP List : FE80::2 (Local, Backup) FE80::1 (Master) FE80::3 (Backup) Forwarder Information: 3 Forwarders 1 Active Config Weight : 255 Running Weight : 255 Forwarder 01 State : Listening Virtual MAC...
  • Page 177 Forwarder Information: 3 Forwarders 1 Active Config Weight : 255 Running Weight : 255 Forwarder 01 State : Listening Virtual MAC : 000f-e2ff-4011 (Learnt) Owner ID : 0000-5e01-1101 Priority : 127 Active : FE80::1 Forwarder 02 State : Listening Virtual MAC : 000f-e2ff-4012 (Learnt) Owner ID : 0000-5e01-1103...
  • Page 178 Virtual MAC : 000f-e2ff-4011 (Owner) Owner ID : 0000-5e01-1101 Priority Active : FE80::3 Forwarder 02 State : Initialize Virtual MAC : 000f-e2ff-4012 (Learnt) Owner ID : 0000-5e01-1103 Priority Active : FE80::2 Forwarder 03 State : Initialize Virtual MAC : 000f-e2ff-4013 (Learnt) Owner ID : 0000-5e01-1105 Priority...
  • Page 179 Forwarder 02 State : Listening Virtual MAC : 000f-e2ff-4012 (Learnt) Owner ID : 0000-5e01-1103 Priority : 85 Active : FE80::2 Forwarder 03 State : Active Virtual MAC : 000f-e2ff-4013 (Owner) Owner ID : 0000-5e01-1105 Priority : 255 Active : local Forwarder Weight Track Information: Track Object State : Positive...
  • Page 180 State : Active Virtual MAC : 000f-e2ff-4013 (Owner) Owner ID : 0000-5e01-1105 Priority : 255 Active : local Forwarder Weight Track Information: Track Object State : Positive Weight Reduced : 250 The output shows that when the timeout timer expires, the VF corresponding to virtual MAC address 000f-e2ff-4011 is removed, and does not forward the packets destined for the MAC address any more.

  • Page 181: Troubleshooting Vrrp

    Troubleshooting VRRP The screen frequently displays error prompts. Analysis This error is probably caused by: Inconsistent configuration of the devices in the VRRP group. • A device is attempting to send illegitimate VRRP packets. • Solution In the first case, modify the configuration. •...

  • Page 182: Configuring Bfd

    Configuring BFD The term router in the BFD feature refers to both routers and Layer 3 switches. BFD overview Devices must quickly detect communication failures so that measures can be taken promptly to ensure service continuity and enhance network availability. The main fault detection methods include the following: Hardware detection—Detects link failures by sending hardware detection signals, such as •...
  • Page 183 The process of BFD session establishment is as follows: A protocol sends hello messages to discover neighbors and establish neighborships. After establishing neighborships, the protocol notifies BFD of the neighbor information, including destination and source addresses. BFD uses the information to establish BFD sessions. Figure 46 BFD fault detection (on OSPF routers) Router A Router B...

  • Page 184: Bfd Packet Format

    BFD operating modes Before a BFD session is established, BFD has the following operating modes—active and passive. • Active mode—BFD actively sends BFD control packets regardless of whether any BFD control packet is received from the peer. Passive mode—BFD does not send control packets until a BFD control packet is received from the •...
  • Page 185 Diag—This bit indicates the reason for the last transition of the local session from up to some other • state. Table 19 lists the states. Table 19 Diag bit values Diag Description No Diagnostic Control Detection Time Expired Echo Function Failed Neighbor Signaled Session Down Forwarding Plane Reset Path Down...

  • Page 186: Supported Features

    Required Min Echo RX Interval—This is the minimum interval, in microseconds, between received • BFD echo packets that this system is capable of supporting. If this value is zero, the transmitting system does not support the receipt of BFD echo packets. •...
  • Page 187 Step Command Remarks Optional. The source IP address should not be on the same network segment Configure the source IP as any local interface’s IP address. bfd echo-source-ip ip-address address of echo packets. Otherwise, a large number of ICMP redirect packets may be sent from the peer, resulting in link congestion.

  • Page 188: Displaying And Maintaining Bfd

    The actual transmitting interval on Router B is 300 milliseconds, which is the greater value between • the minimum interval for transmitting BFD control packets on Router B (150 milliseconds) and the minimum interval for receiving BFD control packets on Router A (300 milliseconds). •...

  • Page 189: Configuring Track

    Configuring track Track overview Introduction to collaboration The track module works between application and detection modules, as shown in Figure 48. It shields the differences between various detection modules from application modules. Collaboration is enabled after you associate the track module with a detection module and an application module.

  • Page 190: Collaboration Application Example

    • • Interface management module • Collaboration between the track module and an application module After being associated with an application module, when the status of the track entry changes, the track module notifies the application module, which then takes proper actions. The following application modules can be associated with the track module: •...

  • Page 191: Associating The Track Module With A Detection Module

    Task Remarks Associating track with NQA Required. Associating the track module Associating track with BFD with a detection module Use any of the approaches. Associating track with interface management Associating track with VRRP Required. Associating the track module with an application module Use any of the approaches.

  • Page 192: Associating Track With Interface Management

    The BFD functions as follows when it is associated with a track entry: • If the BFD detects that the link fails, it informs the track entry of the link failure. The track module then sets the track entry to the Negative state. If the BFD detects that the link is normal, the track module sets the track entry to the Positive state.

  • Page 193: Associating The Track Module With An Application Module

    Step Command Remarks Create a track entry, associate it with the interface management module to monitor the physical status of an interface, and specify the delay time for the track module to notify the associated application module when the track entry status changes: track track-entry-number interface interface-type interface-number [ delay...
  • Page 194 When VRRP is operating in load balancing mode, associate the track module with the VRRP Virtual Forwarder (VF) to implement the following functions: Change the priority of the active VF (AVF) according to its uplink state. When the uplink of the AVF •...

  • Page 195: Associating Track With Static Routing

    NOTE: When the status of the track entry changes from Negative to Positive or Invalid, the associated router or • VF restores its priority automatically. You can associate a nonexistent track entry with a VRRP group or VF. The association takes effect only •...

  • Page 196: Displaying And Maintaining Track Entries

    Step Command Remarks Approach 1: ip route-static dest-address { mask | mask-length } { next-hop-address | vpn-instance d-vpn-instance-name next-hop-address } track track-entry-number [ preference preference-value ] Associate the static [ tag tag-value ] [ description description-text ] Use either approach. route with a track entry Approach 2: to check the...
  • Page 197 Figure 49 Network diagram Configuration procedure Create VLANs, and assign corresponding ports to the VLANs. Configure the IP address of each VLAN interface as shown in Figure 49. (Details not shown.) Configure an NQA test group on Switch A: <SwitchA> system-view # Create an NQA test group with the administrator name admin and the operation tag test.
  • Page 198 # Set the authentication mode of VRRP group 1 to simple, and the authentication key to hello. [SwitchA-Vlan-interface2] vrrp vrid 1 authentication-mode simple hello # Configure the master to send VRRP packets at an interval of five seconds. [SwitchA-Vlan-interface2] vrrp vrid 1 timer advertise 5 # Configure Switch A to operate in preemptive mode, and set the preemption delay to five seconds.
  • Page 199 Total number of virtual routers : 1 Interface Vlan-interface2 VRID Adver Timer Admin Status : Up State : Backup Config Pri : 100 Running Pri : 100 Preempt Mode : Yes Delay Time Become Master : 2200ms left Auth Type : Simple : ****** Virtual IP...

  • Page 200: Configuring Bfd For A Vrrp Backup To Monitor The Master

    The output shows that when a fault is on the link between Switch A and Switch C, the priority of Switch A decreases to 80. Switch A becomes the backup, and Switch B becomes the master. Packets from Host A to Host B are forwarded through Switch B. Configuring BFD for a VRRP backup to monitor the master Network requirements As shown in...
  • Page 201 [SwitchA-Vlan-interface2] vrrp vrid 1 virtual-ip 192.168.0.10 [SwitchA-Vlan-interface2] vrrp vrid 1 priority 110 [SwitchA-Vlan-interface2] return Configure BFD on Switch B: # Configure the source address of BFD echo packets as 10.10.10.10. <SwitchB> system-view [SwitchB] bfd echo-source-ip 10.10.10.10 Create the track entry to be associated with the BFD session on Switch B: # Create track entry 1 to be associated with the BFD session to check whether Switch A is reachable.
  • Page 202 Become Master : 2200ms left Auth Type : None Virtual IP : 192.168.0.10 Master IP : 192.168.0.101 VRRP Track Information: Track Object State : Positive Switchover # Display information about track entry 1 on Switch B. <SwitchB> display track 1 Track ID: 1 Status: Positive Duration: 0 days 0 hours 0 minutes 32 seconds...

  • Page 203: Configuring Bfd For The Vrrp Master To Monitor The Uplinks

    The output shows that when BFD detects that Switch A fails, it notifies VRRP through the track module to change the status of Switch B to master without waiting for a period three times the advertisement interval, so that a backup can quickly preempt as the master. Configuring BFD for the VRRP master to monitor the uplinks Network requirements As shown in...
  • Page 204 # Create track entry 1 to be associated with the BFD session to check whether the uplink device with the IP address 1.1.1.2 is reachable. [SwitchA] track 1 bfd echo interface vlan-interface 3 remote ip 1.1.1.2 local ip 1.1.1.1 Configure VRRP on Switch A: # Create VRRP group 1, and configure the virtual IP address of the group as 192.168.0.10.
  • Page 205 Interface : Vlan-interface2 Remote IP : 1.1.1.2 Local IP : 1.1.1.1 # Display the detailed information about the VRRP group on Switch B. <SwitchB> display vrrp verbose IPv4 Standby Information: Run Mode : Standard Run Method : Virtual MAC Total number of virtual routers : 1 Interface Vlan-interface2 VRID Adver Timer...

  • Page 206: Static Routing-Track-Nqa Collaboration Configuration Example

    Track Object State : Negative Pri Reduced : 20 # Display the detailed information about VRRP group 1 on Switch B. <SwitchB> display vrrp verbose IPv4 Standby Information: Run Mode : Standard Run Method : Virtual MAC Total number of virtual routers : 1 Interface Vlan-interface2 VRID Adver Timer...
  • Page 207 Figure 52 Network diagram Configuration procedure Create VLANs, and assign corresponding ports to the VLANs. Configure the IP address of each VLAN interface as shown in Figure 52. (Details not shown.) Configure Switch A: # Configure a static route to 30.1.1.0/24, with the address of the next hop as 10.1.1.2 and the default priority 60.
  • Page 208 [SwitchA] nqa schedule admin test start-time now lifetime forever # Configure track entry 1, and associate it with reaction entry 1 of the NQA test group (with the administrator admin, and the operation tag test). [SwitchA] track 1 nqa entry admin test reaction 1 Configure Switch B: # Configure a static route to 30.1.1.0/24, with the address of the next hop as 10.2.1.4.
  • Page 209 [SwitchD] track 1 nqa entry admin test reaction 1 Verify the configuration: # Display information about the track entry on Switch A. [SwitchA] display track all Track ID: 1 Status: Positive Duration: 0 days 0 hours 0 minutes 32 seconds Notification delay: Positive 0, Negative 0 (in seconds) Reference object: NQA entry: admin test...
  • Page 210 Destination/Mask Proto Cost NextHop Interface 10.1.1.0/24 Direct 0 10.1.1.1 Vlan2 10.1.1.1/32 Direct 0 127.0.0.1 InLoop0 10.2.1.0/24 Static 60 10.1.1.2 Vlan2 10.3.1.0/24 Direct 0 10.3.1.1 Vlan3 10.3.1.1/32 Direct 0 127.0.0.1 InLoop0 20.1.1.0/24 Direct 0 20.1.1.1 Vlan6 20.1.1.1/32 Direct 0 127.0.0.1 InLoop0 30.1.1.0/24 Static 80 10.3.1.3...

  • Page 211: Static Routing-Track-Bfd Collaboration Configuration Example

    Static routing-Track-BFD collaboration configuration example Network requirements As shown in Figure 53, Switch A, Switch B, and Switch C are connected to two segments 20.1.1.0/24 and 30.1.1.0/24. Configure static routes on these routers so that the two segments can communicate with each other, and configure route backup to improve reliability of the network.
  • Page 212 [SwitchA] ip route-static 30.1.1.0 24 10.2.1.2 track 1 # Configure a static route to 30.1.1.0/24, with the address of the next hop as 10.3.1.3 and the priority 80. [SwitchA] ip route-static 30.1.1.0 24 10.3.1.3 preference 80 # Configure the source address of BFD echo packets as 10.10.10.10. [SwitchA] bfd echo-source-ip 10.10.10.10 # Configure track entry 1, and associate it with the BFD session.

  • Page 213: Interface

    Destinations : 9 Routes : 9 Destination/Mask Proto Cost NextHop Interface 10.2.1.0/24 Direct 0 10.2.1.1 Vlan2 10.2.1.1/32 Direct 0 127.0.0.1 InLoop0 10.3.1.0/24 Direct 0 10.3.1.1 Vlan3 10.3.1.1/32 Direct 0 127.0.0.1 InLoop0 20.1.1.0/24 Direct 0 20.1.1.1 Vlan5 20.1.1.1/32 Direct 0 127.0.0.1 InLoop0 30.1.1.0/24 Static 60...

  • Page 214: Network Requirements

    # When the master route fails, the hosts in 20.1.1.0/24 can still communicate with the hosts in 30.1.1.0/24. [SwitchA] ping -a 20.1.1.1 30.1.1.1 PING 30.1.1.1: 56 data bytes, press CTRL_C to break Reply from 30.1.1.1: bytes=56 Sequence=1 ttl=254 time=2 ms Reply from 30.1.1.1: bytes=56 Sequence=2 ttl=254 time=1 ms Reply from 30.1.1.1: bytes=56 Sequence=3 ttl=254 time=1 ms Reply from 30.1.1.1: bytes=56 Sequence=4 ttl=254 time=2 ms...
  • Page 215 Figure 54 Network diagram Configuration procedure Create VLANs, and assign corresponding ports to the VLANs. Configure the IP address of each VLAN interface as shown in Figure 54. (Details not shown.) Configure a track entry on Switch A: # Configure track entry 1, and associate it with the physical status of the uplink interface VLAN-interface 3.
  • Page 216 VRID Adver Timer Admin Status : Up State : Master Config Pri : 110 Running Pri : 110 Preempt Mode : Yes Delay Time Auth Type : None Virtual IP : 10.1.1.10 Virtual MAC : 0000-5e00-0101 Master IP : 10.1.1.1 VRRP Track Information: Track Object State : Positive...
  • Page 217 VRRP Track Information: Track Object State : Negative Pri Reduced : 30 # After shutting down the uplink interface on Switch A, display detailed information about VRRP group 1 on Switch B. [SwitchB-Vlan-interface2] display vrrp verbose IPv4 Standby Information: Run Mode : Standard Run Method : Virtual MAC...

  • Page 218: Support And Other Resources

    Support and other resources Contacting HP For worldwide technical support information, see the HP support website: http://www.hp.com/support Before contacting HP, collect the following information: Product model names and numbers • • Technical support registration number (if applicable) Product serial numbers •...

  • Page 219: Conventions

    Conventions This section describes the conventions used in this documentation set. Command conventions Convention Description Boldface Bold text represents commands and keywords that you enter literally as shown. Italic Italic text represents arguments that you replace with actual values. Square brackets enclose syntax choices (keywords or arguments) that are optional. Braces enclose a set of required syntax choices separated by vertical bars, from which { x | y | ...
  • Page 220 Network topology icons Represents a generic network device, such as a router, switch, or firewall. Represents a routing-capable device, such as a router or Layer 3 switch. Represents a generic switch, such as a Layer 2 or Layer 3 switch, or a router that supports Layer 2 forwarding and other Layer 2 features.
  • Page 221 Index A B C D E H I M O R S T V Displaying and maintaining CFD,23 Displaying and maintaining DLDP,39 Activating an RRPP domain,60 Displaying and maintaining Ethernet OAM Associating the track module with a detection configuration,12 module,184 Displaying and maintaining Monitor Link,108 Associating the track module with an application...
  • Page 222 Setting the interval to send advertisement packets,36 Track overview,182 Setting the port shutdown mode,37 Troubleshooting,89 Smart Link configuration examples,97 Troubleshooting DLDP,46 Smart Link configuration task list,93 Troubleshooting VRRP,174 Smart Link overview,90 VRRP load balancing mode,1 18 Track configuration examples,189 VRRP overview,1 12 Track configuration task list,183...

This manual is also suitable for:

6125 blade switch series

Table of Contents