HP FlexFabric 5700 Configuration Manual
  1. Manuals
  2. Brands
  3. HP Manuals
  4. Switch
  5. FlexFabric 5700
  6. Configuration manual

HP FlexFabric 5700 Configuration Manual

Hide thumbs
Table of Contents

Advertisement

Quick Links

HPE FlexFabric 5700 Switch Series
MCE Configuration Guide
Part number: 5998-8586R
Software version: Release 2422P01 and later
Document version: 6W100-20160331

Advertisement

Table of Contents
loading

Related Manuals for HP FlexFabric 5700

Summary of Contents for HP FlexFabric 5700

  • Page 1 HPE FlexFabric 5700 Switch Series MCE Configuration Guide Part number: 5998-8586R Software version: Release 2422P01 and later Document version: 6W100-20160331...
  • Page 2 © Copyright 2016 Hewlett Packard Enterprise Development LP The information contained herein is subject to change without notice. The only warranties for Hewlett Packard Enterprise products and services are set forth in the express warranty statements accompanying such products and services. Nothing herein should be construed as constituting an additional warranty. Hewlett Packard Enterprise shall not be liable for technical or editorial errors or omissions contained herein.

  • Page 3: Table Of Contents

    Contents Configuring MCE ····························································································· 1     MPLS L3VPN overview ······································································································································ 1   Basic MPLS L3VPN architecture ··············································································································· 1   MPLS L3VPN concepts ······························································································································ 1   MCE overview ···················································································································································· 3   MCE configuration task list ································································································································ 4   Configuring VPN instances ································································································································ 4  ...

  • Page 4: Configuring Mce

    Configuring MCE This chapter describes MCE configuration. For information about the related routing protocols, see — Layer 3 IP Routing Configuration Guide. MPLS L3VPN overview MPLS L3VPN is a L3VPN technology used to interconnect geographically dispersed VPN sites. MPLS L3VPN uses BGP to advertise VPN routes and uses MPLS to forward VPN packets over a service provider backbone.
  • Page 5 • A site is a group of IP systems with IP connectivity that does not rely on any service provider network. • The classification of a site depends on the topology relationship of the devices, rather than the geographical positions. However, the devices at a site are, in most cases, adjacent to each other geographically.

  • Page 6: Mce Overview

    • When the Type field is 1, the Administrator subfield occupies four bytes, the Assigned number subfield occupies two bytes, and the RD format is 32-bit IPv4 address:16-bit user-defined number. For example, 172.1.1.1:1. • When the Type field is 2, the Administrator subfield occupies four bytes, the Assigned number subfield occupies two bytes, and the RD format is 32-bit AS number:16-bit user-defined number, where the minimum value of the AS number is 65536.

  • Page 7: Mce Configuration Task List

    As shown in Figure 3, the MCE exchanges private routes with VPN sites and PE 1, and adds the private routes to the routing tables of corresponding VPN instances. • Route exchange between MCE and VPN site—Create VPN instances VPN 1 and VPN 2 on the MCE.

  • Page 8: Associating A Vpn Instance With An Interface

    Step Command Remarks (Optional.) Configure a By default, no description is description for the VPN description text configured for a VPN instance. instance. (Optional.) Configure a VPN By default, no VPN ID is vpn-id vpn-id ID for the VPN instance. configured for a VPN instance.

  • Page 9: Configuring Routing On An Mce

    Configuring routing on an MCE MCE implements service isolation through route isolation. MCE routing configuration includes the following: • MCE-VPN site routing configuration. • MCE-PE routing configuration. On the PE, do the following: • Disable routing loop detection to avoid route loss during route calculation. •...
  • Page 10 Step Command Remarks Enter system view. system-view Create a RIP process for a Perform this configuration on the rip [ process-id ] vpn-instance VPN instance and enter RIP MCE. On a VPN site, create a vpn-instance-name view. common RIP process. Enable RIP on the interface By default, RIP is disabled on an attached to the specified...
  • Page 11 Step Command Remarks When one MCE advertises the routes learned from BGP to the VPN, the other MCEs might learn the routes, resulting in routing loops. To avoid such routing loops, you can configure route tags for VPN instances on an MCE.
  • Page 12 Step Command Remarks Enable the IS-IS process on isis enable [ process-id ] By default, IS-IS is disabled. the interface. Configuring EBGP between an MCE and a VPN site To run EBGP between an MCE and a VPN site, you must configure a BGP peer for each VPN instance on the MCE, and redistribute the IGP routes of each VPN instance on the VPN site.
  • Page 13 Step Command Remarks Enter BGP IPv4 unicast address-family ipv4 [ unicast ] address family view. Enable BGP to exchange By default, BGP does not peer { group-name | ip-address IPv4 unicast routes with the exchange IPv4 unicast routes [ mask-length ] } enable peer.

  • Page 14: Configuring Routing Between An Mce And A Pe

    Configure a VPN site: Step Command Remarks Enter system view. system-view Enter BGP view. bgp as-number peer { group-name | ip-address Configure the MCE as an [ mask-length ] } as-number IBGP peer. as-number Enter BGP IPv4 unicast address-family ipv4 [ unicast ] address family view.
  • Page 15 Configuring RIP between an MCE and a PE Step Command Remarks Enter system view. system-view Create a RIP process rip [ process-id ] vpn-instance for a VPN instance and vpn-instance-name enter RIP view. Enable RIP on the By default, RIP is disabled on interface attached to network network-address an interface.
  • Page 16 Step Command Remarks nssa-only | tag tag | type type ] * By default, OSPF does not redistribute the default route. (Optional.) Configure OSPF default-route-advertise This command redistributes the to redistribute the default summary cost cost default route in a Type-3 LSA. The route.

  • Page 17: Displaying And Maintaining Mce

    Step Command Remarks Enter BGP-VPN ip vpn-instance vpn-instance-name instance view. Configure the PE as an peer { group-name | ip-address EBGP peer. [ mask-length ] } as-number as-number Enter BGP-VPN IPv4 unicast address family address-family ipv4 [ unicast ] view. Enable BGP to By default, BGP does not peer { group-name | ip-address...

  • Page 18: Mce Configuration Examples

    Task Command Display information about a specified or display ip vpn-instance [ instance-name vpn-instance-name ] all VPN instances. Display BGP peer group information for display bgp group ipv4 [ unicast ] vpn-instance a VPN instance. vpn-instance-name [ group-name group-name ] display bgp peer ipv4 [ unicast ] vpn-instance Display BGP peer information for a VPN vpn-instance-name [ ip-address mask-length | { ip-address |...
  • Page 19 Figure 4 Network diagram Configuration procedure Assume that the system name of the MCE device is MCE, the system names of the edge devices of VPN 1 and VPN 2 are VR1 and VR2, respectively, and the system name of PE 1 is PE1. Configure the VPN instances on the MCE and PE 1: # On the MCE, configure VPN instances vpn1 and vpn2, and specify an RD and route targets for each VPN instance.
  • Page 20 [MCE-Vlan-interface10] quit # Configure VLAN 20, add port Ten-GigabitEthernet 1/0/2 to VLAN 20. [MCE] vlan 20 [MCE-vlan20] port ten-gigabitethernet 1/0/2 [MCE-vlan20] quit # Bind VLAN-interface 20 to VPN instance vpn2. [MCE] interface vlan-interface 20 [MCE-Vlan-interface20] ip binding vpn-instance vpn2 # Specify an IP address for VLAN-interface 20. [MCE-Vlan-interface20] ip address 10.214.20.3 24 [MCE-Vlan-interface20] quit # On PE 1, configure VPN instances vpn1 and vpn2, and specify an RD and route targets for...
  • Page 21 127.255.255.255/32 Direct 0 127.0.0.1 InLoop0 192.168.0.0/24 Static 60 10.214.10.2 Vlan10 224.0.0.0/4 Direct 0 0.0.0.0 NULL0 224.0.0.0/24 Direct 0 0.0.0.0 NULL0 255.255.255.255/32 Direct 0 127.0.0.1 InLoop0 The output shows that the MCE has a static route for VPN instance vpn1. # Run OSPF in VPN 2. Create OSPF process 20 and bind it to VPN instance vpn2 on the MCE, so that the MCE can learn the routes of VPN 2 and add them to the routing table of the VPN instance vpn2.
  • Page 22 # The MCE uses port Ten-GigabitEthernet 1/0/3 to connect to PE's port Ten-GigabitEthernet 1/0/1. Configure the two ports as trunk ports, and configure them to permit packets carrying VLAN tags 30 and 40 to pass. [MCE] interface ten-gigabitethernet 1/0/3 [MCE-Ten-GigabitEthernet1/0/3] port link-type trunk [MCE-Ten-GigabitEthernet1/0/3] port trunk permit vlan 30 40 [MCE-Ten-GigabitEthernet1/0/3] quit # Configure port Ten-GigabitEthernet 1/0/1 on the PE.
  • Page 23 # Disable OSPF routing loop detection. [MCE-ospf-10] vpn-instance-capability simple # Set the domain ID to 10. [MCE-ospf-10] domain-id 10 # On the MCE, advertise subnet 30.1.1.0 in area 0, and redistribute the static route of VPN 1. [MCE-ospf-10] area 0 [MCE-ospf-10-area-0.0.0.0] network 30.1.1.0 0.0.0.255 [MCE-ospf-10-area-0.0.0.0] quit [MCE-ospf-10] import-route static...

  • Page 24: Configuring The Mce That Uses Ebgp To Advertise Vpn Routes To The Pe

    0.0.0.0/32 Direct 0 127.0.0.1 InLoop0 40.1.1.0/24 Direct 0 40.1.1.2 Vlan40 40.1.1.0/32 Direct 0 40.1.1.2 Vlan40 40.1.1.2/32 Direct 0 127.0.0.1 InLoop0 40.1.1.255/32 Direct 0 40.1.1.2 Vlan40 127.0.0.0/8 Direct 0 127.0.0.1 InLoop0 127.0.0.0/32 Direct 0 127.0.0.1 InLoop0 127.0.0.1/32 Direct 0 127.0.0.1 InLoop0 127.255.255.255/32 Direct 0 127.0.0.1...
  • Page 25 Configuration procedure Create VPN instances on the MCE and PE 1, and bind the VPN instances to VLAN interfaces. For the configuration procedure, see "Configure the VPN instances on the MCE and PE 1:." Configure routing between the MCE and VPN sites: # Enable an OSPF process on the devices in the two VPNs, and advertise the subnets.
  • Page 26 127.0.0.0/8 Direct 0 127.0.0.1 InLoop0 127.0.0.0/32 Direct 0 127.0.0.1 InLoop0 127.0.0.1/32 Direct 0 127.0.0.1 InLoop0 127.255.255.255/32 Direct 0 127.0.0.1 InLoop0 192.168.10.0/24 OSPF 10.214.20.2 Vlan20 224.0.0.0/4 Direct 0 0.0.0.0 NULL0 224.0.0.0/24 Direct 0 0.0.0.0 NULL0 255.255.255.255/32 Direct 0 127.0.0.1 InLoop0 Configure routing between the MCE and PE 1: # Configure the ports between the MCE and PE 1 as trunk ports.
  • Page 27 127.255.255.255/32 Direct 0 127.0.0.1 InLoop0 192.168.0.0/24 30.1.1.1 Vlan30 224.0.0.0/4 Direct 0 0.0.0.0 NULL0 224.0.0.0/24 Direct 0 0.0.0.0 NULL0 255.255.255.255/32 Direct 0 127.0.0.1 InLoop0 # Display the routing information for VPN 2 on PE 1. [PE1] display ip routing-table vpn-instance vpn2 Destinations : 13 Routes : 13 Destination/Mask...

  • Page 28: Configuring Ipv6 Mce

    Configuring IPv6 MCE This chapter describes IPv6 MCE configuration. Overview In MPLS L3VPN networks, MCE uses static routes or dynamic routing protocols to advertise IPv4 routes between internal networks and PEs and forwards IPv4 packets. In IPv6 MPLS L3VPN networks, IPv6 MCE uses IPv6 static routes and dynamic routing protocols to advertise IPv6 routes between internal networks and PEs and forwards IPv6 packets.

  • Page 29: Associating A Vpn Instance With An Interface

    Step Command Remarks relationship with a certain VPN. (Optional.) Configure an ID By default, no ID is configured for vpn-id vpn-id for the VPN instance. a VPN instance. Associating a VPN instance with an interface After creating and configuring a VPN instance, associate the VPN instance with the MCE's interface connected to the site and the interface connected to the PE.

  • Page 30: Configuring Routing On An Mce

    Step Command Remarks By default, the maximum number of active routes for the VPN instance is not limited. Set the maximum number of routing-table limit number Setting the maximum number of active routes supported. { warn-threshold | simply-alert } active routes for a VPN instance can prevent the PE from storing too many routes.
  • Page 31 configuring RIPng process-to-IPv6 VPN instance bindings on a MCE, you allow routes of different VPNs to be exchanged between the MCE and the sites through different RIPng processes, ensuring the separation and security of IPv6 VPN routes. For more information about RIPng, see Layer 3—IP Routing Configuration Guide. To configure RIPng between an MCE and a VPN site: Step Command...
  • Page 32 Step Command Remarks import-route protocol Redistribute remote site [ process-id | all-processes | By default, no routes are routes advertised by the PE. allow-ibgp ] [ cost cost | redistributed into OSPFv3. nssa-only | tag tag | type type ] * Return to system view.
  • Page 33 Step Command Remarks Enter system view. system-view Enter BGP view. bgp as-number Enter BGP-VPN instance ip vpn-instance view. vpn-instance-name peer { group-name | Specify an IPv6 BGP peer By default, no BGP peer is ipv6-address [ prefix-length ] } in an AS. configured.
  • Page 34 Step Command Remarks Enter BGP view. bgp as-number Enter BGP-VPN instance ip vpn-instance view. vpn-instance-name peer { group-name | Configure an IBGP peer. ipv6-address [ prefix-length ] } as-number as-number Enter BGP-VPN IPv6 unicast address family address-family ipv6 [ unicast ] view.

  • Page 35: Configuring Routing Between An Mce And A Pe

    Configuring routing between an MCE and a PE MCE-PE routing configuration includes these tasks: • Binding the MCE-PE interfaces to IPv6 VPN instances. • Performing routing configurations. • Redistributing IPv6 VPN routes into the routing protocol running between the MCE and the PE. Perform the following configuration tasks on the MCE.
  • Page 36 Configuring OSPFv3 between an MCE and a PE Step Command Remarks Enter system view. system-view Create an OSPFv3 process ospfv3 [ process-id | for an IPv6 VPN instance vpn-instance and enter OSPFv3 view. vpn-instance-name ] * Set the router ID. router-id router-id By default, routing loop detection is enabled.
  • Page 37 Step Command Remarks (Optional.) Configure filtering ipv6 filter-policy acl6-number By default, IPv6 IS-IS does not of advertised routes. export [ protocol [ process-id ] ] filter advertised routes. Return to system view. quit interface interface-type Enter interface view. interface-number Enable the IPv6 IS-IS By default, IPv6 IS-IS is disabled isis ipv6 enable [ process-id ] process on the interface.

  • Page 38: Displaying And Maintaining Ipv6 Mce

    Step Command Remarks (Optional.) Configure filter-policy acl6-number export [ protocol By default, BGP does not filter filtering of advertised process-id ] advertised routes. routes. (Optional.) Configure By default, BGP does not filter filtering of received filter-policy acl6-number import received routes. routes.
  • Page 39 Figure 6 Network diagram VPN 2 Site 1 PE 2 PE 1 XGE1/0/1 Vlan-int30: 30::2/64 Vlan-int40: 40::2/64 PE 3 Vlan-int10 VPN 1 XGE1/0/3 VPN 1 2001:1::2/64 Site 2 Vlan-int30: 30::1/64 2012:1::/64 XGE1/0/1 Vlan-int11 Vlan-int40: 40::1/64 Vlan-int10 XGE1/0/2 2012:1::2/64 VR 1 2001:1::1/64 Vlan-int20 2002:1::1/64...
  • Page 40 # Bind VLAN-interface 10 to VPN instance vpn1, and configure an IPv6 address for the VLAN interface. [MCE] interface vlan-interface 10 [MCE-Vlan-interface10] ip binding vpn-instance vpn1 [MCE-Vlan-interface10] ipv6 address 2001:1::1 64 [MCE-Vlan-interface10] quit # Configure VLAN 20, add port Ten-GigabitEthernet 1/0/2 to VLAN 20. [MCE] vlan 20 [MCE-vlan20] port ten-gigabitethernet 1/0/2 [MCE-vlan20] quit...
  • Page 41 <VR2> system-view [VR2] ripng 20 [VR2-ripng-20] quit [VR2] interface vlan-interface 20 [VR2-Vlan-interface20] ripng 20 enable [VR2-Vlan-interface20] quit [VR2] interface vlan-interface 21 [VR2-Vlan-interface21] ripng 20 enable [VR2-Vlan-interface21] quit # On the MCE, display the routing table of VPN instance vpn1. [MCE] display ipv6 routing-table vpn-instance vpn1 Destinations : 6 Routes : 6 Destination: ::1/128 Protocol...
  • Page 42 Interface : Vlan20 Cost Destination: 2002:1::1/128 Protocol : Direct NextHop : ::1 Preference: 0 Interface : InLoop0 Cost Destination: 2012::/64 Protocol : RIPng NextHop : FE80::20C:29FF:FE40:701 Preference: 100 Interface : Vlan20 Cost Destination: FE80::/10 Protocol : Direct NextHop : :: Preference: 0 Interface : NULL0...
  • Page 43 # On PE 1, create VLAN 30 and VLAN-interface 30, bind VLAN-interface 30 to VPN instance vpn1, and configure an IPv6 address for the VLAN-interface 30. [PE1] vlan 30 [PE1-vlan30] quit [PE1] interface vlan-interface 30 [PE1-Vlan-interface30] ip binding vpn-instance vpn1 [PE1-Vlan-interface30] ipv6 address 30::2 64 [PE1-Vlan-interface30] quit # On PE 1, create VLAN 40 and VLAN-interface 40, bind VLAN-interface 40 to VPN instance...
  • Page 44 Interface : InLoop0 Cost Destination: 30::/64 Protocol : Direct NextHop : :: Preference: 0 Interface : Vlan30 Cost Destination: 30::2/128 Protocol : Direct NextHop : ::1 Preference: 0 Interface : InLoop0 Cost Destination: 2012:1::/64 Protocol : OSPFv3 NextHop : FE80::202:FF:FE02:2 Preference: 150 Interface : Vlan30...
  • Page 45 Interface : NULL0 Cost The routing information for the two VPNs has been added into the routing tables on PE 1.

  • Page 46: Document Conventions And Icons

    Document conventions and icons Conventions This section describes the conventions used in the documentation. Port numbering in examples The port numbers in this document are for illustration only and might be unavailable on your device. Command conventions Convention Description Boldface Bold text represents commands and keywords that you enter literally as shown.

  • Page 47: Network Topology Icons

    Network topology icons Convention Description Represents a generic network device, such as a router, switch, or firewall. Represents a routing-capable device, such as a router or Layer 3 switch. Represents a generic switch, such as a Layer 2 or Layer 3 switch, or a router that supports Layer 2 forwarding and other Layer 2 features.

  • Page 48: Support And Other Resources

    Hewlett Packard Enterprise Support Center More Information on Access to Support Materials page: www.hpe.com/support/AccessToSupportMaterials IMPORTANT: Access to some updates might require product entitlement when accessed through the Hewlett Packard Enterprise Support Center. You must have an HP Passport set up with relevant entitlements.

  • Page 49: Websites

    Websites Website Link Networking websites Hewlett Packard Enterprise Information Library for www.hpe.com/networking/resourcefinder Networking Hewlett Packard Enterprise Networking website www.hpe.com/info/networking Hewlett Packard Enterprise My Networking website www.hpe.com/networking/support Hewlett Packard Enterprise My Networking Portal www.hpe.com/networking/mynetworking Hewlett Packard Enterprise Networking Warranty www.hpe.com/networking/warranty General websites Hewlett Packard Enterprise Information Library www.hpe.com/info/enterprise/docs Hewlett Packard Enterprise Support Center...
  • Page 50 part number, edition, and publication date located on the front cover of the document. For online help content, include the product name, product version, help edition, and publication date located on the legal notices page.

  • Page 51: Index

    Index IPv6 MPLS L3VPN MCE-PE IPv6 static routing, IPv6 MPLS L3VPN MCE-PE OSPFv3, advertising IPv6 MPLS L3VPN MCE-PE RIPng, MPLS L3VPN MCE EBGP VPN route advertising, IPv6 MPLS L3VPN MCE-PE routing, MPLS L3VPN MCE OSPF VPN route IPv6 MPLS L3VPN MCE-VPN site EBGP, advertising, IPv6 MPLS L3VPN MCE-VPN site IBGP, architecture...
  • Page 52 IPv6 MPLS L3VPN MCE, MPLS L3VPN MCE-PE IBGP configuration, IPv6 MPLS L3VPN VPN instance MPLS L3VPN VPN-IPv4 address, configuration, IPv6 IS-IS IPv6 MPLS L3VPN VPN instance creation, IPv6 MPLS L3VPN MCE/VPN site IPv6 IS-IS, IPv6 MPLS L3VPN VPN instance interface IPv6 MPLS L3VPN MCE-PE EBGP, association, IPv6 MPLS L3VPN MCE-PE IBGP,...
  • Page 53 IPv6 MPLS L3VPN MCE/VPN site IPv6 IS-IS, MCE-PE IBGP, IPv6 MPLS L3VPN MCE/VPN site OSPFv3, MCE-PE IS-IS, IPv6 MPLS L3VPN MCE/VPN site RIPng, MCE-PE OSPF, IPv6 MPLS L3VPN MCE/VPN site routing, MCE-PE RIP, IPv6 MPLS L3VPN MCE/VPN site static MCE-PE routing, routing, MCE-PE static routing, IPv6 MPLS L3VPN MCE-PE EBGP,...
  • Page 54 IPv6 MPLS L3VPN VPN instance creation, MPLS L3VPN MCE OSPF VPN route advertising, IPv6 MPLS L3VPN VPN instance interface MPLS L3VPN MCE-PE OSPF, association, MPLS L3VPN MCE-VPN site OSPF, IPv6 MPLS L3VPN VPN instance route related OSPFv3 attributes, IPv6 MPLS L3VPN MCE/VPN site OSPFv3, MPLS L3VPN BGP route target attributes, IPv6 MPLS L3VPN MCE-PE OSPFv3, MPLS L3VPN MCE,...
  • Page 55 configuring IPv6 MPLS L3VPN MCE/VPN site configuring MPLS L3VPN MCE-VPN site routing, static routing, configuring MPLS L3VPN MCE-VPN site static configuring IPv6 MPLS L3VPN MCE-PE routing, EBGP, configuring MPLS L3VPN VPN instance, configuring IPv6 MPLS L3VPN MCE-PE IBGP, configuring MPLS L3VPN VPN instance route configuring IPv6 MPLS L3VPN MCE-PE IPv6 related attribute, IS-IS,...
  • Page 56 IPv6 MPLS L3VPN MCE-PE IPv6 static MPLS L3VPN VPN-IPv4 address, routing, IPv6 MPLS L3VPN MCE-PE OSPFv3, IPv6 MPLS L3VPN MCE-PE RIPng, IPv6 MPLS L3VPN VPN instance configuration, IPv6 MPLS L3VPN VPN instance creation, IPv6 MPLS L3VPN VPN instance interface association, IPv6 MPLS L3VPN VPN instance route related attributes, MCE configuration,...

Table of Contents