Page 1: High Availability
HP 5920 & 5900 Switch Series High Availability Configuration Guide Part number: 5998-5303a Software version: Release 23xx Document version: 6W101-20150320...
Page 2 The only warranties for HP products and services are set forth in the express warranty statements accompanying such products and services. Nothing herein should be construed as constituting an additional warranty.
Page 3: Table Of Contents
Contents Configuring Ethernet OAM ········································································································································· 1 Overview ············································································································································································ 1 Major functions of Ethernet OAM ·························································································································· 1 Ethernet OAMPDUs ·················································································································································· 1 How Ethernet OAM works ······································································································································ 1 Protocols and standards ·········································································································································· 3 Ethernet OAM configuration task list ······························································································································ 4 ...
Page 4 Enabling DLDP ································································································································································ 30 Setting the interval to send advertisement packets ····································································································· 30 Setting the DelayDown timer ········································································································································ 30 Setting the port shutdown mode ··································································································································· 31 Configuring DLDP authentication ·································································································································· 31 Displaying and maintaining DLDP ································································································································ 32 ...
Page 5 IPv4 VRRP configuration task list ·························································································································· 78 Specifying an IPv4 VRRP operating mode ·········································································································· 79 Specifying the IPv4 VRRP version ························································································································ 79 Creating a VRRP group and assigning a virtual IP address ············································································· 79 Configuring the router priority, preemptive mode, and tracking function ······················································ 80 ...
Page 6 Configuring a self affinity ··································································································································· 158 Optimizing process placement ··································································································································· 158 Displaying process placement ···································································································································· 159 Support and other resources ·································································································································· 160 Contacting HP ······························································································································································ 160 Subscription service ············································································································································ 160 Related information ······················································································································································ 160 Documents ···························································································································································· 160 ...
Page 7: Configuring Ethernet Oam
Configuring Ethernet OAM Overview Ethernet Operation, Administration and Maintenance (OAM) is a tool that monitors Layer 2 link status and addresses common link-related issues on the "last mile." Ethernet OAM improves Ethernet management and maintainability. You can use it to monitor the status of the point-to-point link between two directly connected devices.
Page 8 Ethernet OAM connection establishment Ethernet OAM connection is the basis of all the other Ethernet OAM functions. OAM connection establishment is also known as the "Discovery phase," where an Ethernet OAM entity discovers the remote OAM entity to establish a session. In this phase, two connected OAM entities exchange Information OAMPDUs to advertise their OAM configuration and capabilities to each other for a comparison.
Page 9: Protocols And Standards
Ethernet OAM link events Description An errored frame event occurs when the number of detected error frames in Errored frame event the detection window (specified detection interval) exceeds the predefined threshold. An errored frame period event occurs when the number of frame errors in Errored frame period event the detection window (specified number of received frames) exceeds the predefined threshold.
Page 10: Ethernet Oam Configuration Task List
Ethernet OAM configuration task list Tasks at a glance (Required.) Configuring basic Ethernet OAM functions (Optional.) Configuring the Ethernet OAM connection detection timers (Optional.) Configuring link monitoring • Configuring errored symbol event detection • Configuring errored frame event detection • Configuring errored frame period event detection •...
Page 11: Configuring Link Monitoring
After the timeout timer of an Ethernet OAM connection expires, the local OAM entity ages out its connection with the peer OAM entity, causing the OAM connection to disconnect. To keep the Ethernet OAM connections stable, HP recommends that you set the connection timeout timer to be at least five times the handshake packet transmission interval.
Page 12: Configuring Errored Frame Event Detection
To configure errored symbol event detection globally: Step Command Remarks Enter system view. system-view By default, the errored symbol Configure the errored symbol oam global errored-symbol-period event detection window is event detection window. window window-value 100000000. Configure the errored symbol oam global errored-symbol-period By default, the errored symbol event triggering threshold.
Page 13: Configuring Errored Frame Period Event Detection
Step Command Remarks Configure the errored frame oam errored-frame window By default, an interface uses the event detection window. window-value value configured globally. Configure the errored frame oam errored-frame threshold By default, an interface uses the event triggering threshold. threshold-value value configured globally.
Page 14: Configuring The Action A Port Takes After It Receives An Ethernet Oam Event From The Remote End
An errored frame seconds event occurs when the number of times that errored frame seconds are detected on a port in the detection window (specified detection interval) exceeds the predefined threshold. You can configure this command in system view or port view. The configuration in system view takes effect on all ports, and the configuration in port view takes effect on the specified port.
Page 15: Configuring Ethernet Oam Remote Loopback
Step Command Remarks Configure the action the port oam remote-failure By default, the port only logs the takes after it receives an { connection-expired | Ethernet OAM event it receives Ethernet OAM event from the critical-event | dying-gasp | from the remote end. remote end.
Page 16: Enabling Ethernet Oam Remote Loopback On The Port
Enabling Ethernet OAM remote loopback on the port Step Command Remarks Enter system view. system-view Enter Layer 2/Layer 3 interface interface-type Ethernet port view. interface-number Enable Ethernet OAM remote By default, Ethernet OAM remote oam remote-loopback start loopback on the port. loopback is disabled.
Page 17: Ethernet Oam Configuration Example
Purpose Command Display the statistics on Ethernet OAM link error display oam link-event { local | remote } [ interface events after an Ethernet OAM connection is interface-type interface-number ] established. Clear statistics on Ethernet OAM packets and Ethernet reset oam [ interface interface-type interface-number ] OAM link error events.
Page 18 Use the display oam critical-event command to display the statistics of Ethernet OAM critical link events. For example: # Display the statistics of Ethernet OAM critical link events on all the ports of Device A. [DeviceA] display oam critical-event -----------[Ten-GigabitEthernet1/0/1] ----------- Local link status : UP Event statistics...
Page 19: Configuring Cfd
Configuring CFD Overview Connectivity Fault Detection (CFD), which conforms to IEEE 802.1ag Connectivity Fault Management (CFM), is an end-to-end per-VLAN link layer OAM mechanism. CFD is used for link connectivity detection, fault verification, and fault location. Basic CFD concepts Maintenance domain A maintenance domain (MD) defines the network or part of the network where CFD plays its role.
Page 20 An MA serves the specified VLAN or no VLAN. An MA that serves a VLAN is considered carrying VLAN attribute. An MA that serves no VLAN is considered having no VLAN attribute. An MP can receive packets sent by other MPs in the same MA. The level of an MA equals the level of the MD that the MA belongs to.
Page 21 Figure 3 Procedure of creating MIPs Figure 4 demonstrates a grading example of the CFD module. Four levels of MDs (0, 2, 3, and 5) are designed. The bigger the number, the higher the level and the larger the area covered. MPs are configured on the ports of Device A through Device F.
Page 22: Cfd Functions
CFD functions CFD works effectively only in networks that are configured correctly. Its functions, which are implemented through the MPs, include: • Continuity check (CC) Loopback (LB) • Linktrace (LT) • Continuity check Connectivity faults are usually caused by device faults or configuration errors. Continuity check checks the connectivity between MEPs.
Page 23: Configuring Basic Cfd Settings
Tasks at a glance Configuring basic CFD settings: • (Required.) Enabling CFD • (Required.) Configuring service instances • (Required.) Configuring MEPs • (Required.) Configuring MIP auto-generation rules Configuring CFD functions: • (Required.) Configuring CC on MEPs • (Optional.) Configuring LB on MEPs •...
Page 24: Configuring Meps
Step Command Remarks cfd service-instance instance-id ma-id { icc-based icc-name | integer ma-num | string ma-name By default, no service instance Create a service instance. | vlan-based [ vlan-id ] } exists. [ ma-index index-value ] md md-name [ vlan vlan-id ] Configuring MEPs CFD is implemented through various operations on MEPs.
Page 25: Configuring Cfd Functions
Changes occur to the VLAN attribute of a port. • • The rule specified in the cfd mip-rule command changes. An MA with no VLAN attribute is mainly used to detect direct link status. It cannot generate MIPs. For an MA with VLAN attribute, if the same or higher level MEP exists on the interface, no MIP is generated for the MA on the interface.
Page 26: Configuring Lb On Meps
Configurations in aggregate interface view take effect on the aggregate interface and all its • member ports. Configurations on a member port take effect only when the member port leaves the aggregation • group. To configure CC on a MEP: Step Command Remarks...
Page 27: Displaying And Maintaining Cfd
Step Command Remarks cfd linktrace service-instance Find the path between a instance-id mep mep-id { target-mac Available in any view. source MEP and a target MEP. mac-address | target-mep target-mep-id } [ ttl ttl-value ] [ hw-only ] Enter system view. system-view Enable LT messages automatic cfd linktrace auto-detection [ size...
Page 28 In MD_A, Device B is designed to have MIPs when its port is configured with low level MEPs. Port • Ten-GigabitEthernet 1/0/3 is configured with MEPs of MD_B, and the MIPs of MD_A can be configured on this port. You should configure the MIP generation rule of MD_A as explicit. •...
Page 29 [DeviceB] cfd md MD_B level 3 [DeviceB] cfd service-instance 2 ma-id vlan-based md MD_B vlan 100 Configure Device D as you configure Device B. # Create MD_B (level 3) on Device C, and create service instance 2 (in which the MA is identified by a VLAN and serves VLAN 100).
Page 30 [DeviceA] interface ten-gigabitethernet 1/0/1 [DeviceA-Ten-GigabitEthernet1/0/1] cfd cc service-instance 1 mep 1001 enable [DeviceA-Ten-GigabitEthernet1/0/1] quit # On Device B, enable the sending of CCM frames for MEP 2001 in service instance 2 on Ten-GigabitEthernet 1/0/3. [DeviceB] interface ten-gigabitethernet 1/0/3 [DeviceB-Ten-GigabitEthernet1/0/3] cfd cc service-instance 2 mep 2001 enable [DeviceB-Ten-GigabitEthernet1/0/3] quit # On Device D, enable the sending of CCM frames for MEP 4001 in service instance 2 on Ten-GigabitEthernet 1/0/1, and enable the sending of CCM frames for MEP 4002 in service...
Page 31: Configuring Dldp
Configuring DLDP Overview Unidirectional links occur when one end of a link can receive packets from the other end, but the other end cannot receive packets sent by the first end. Unidirectional fiber links include the following types: Occur when fibers are cross-connected. •...
Page 32: Basic Concepts
Basic concepts DLDP neighbor states If port A and B are on the same link and port A can receive link-layer packets from port B, port B is a DLDP neighbor of port A. Two ports that can exchange packets are neighbors. Table 6 DLDP neighbor states DLDP timer Description...
Page 33: How Dldp Works
DLDP timer Description If a port is physically down, the device triggers the DelayDown timer (the default is 1 second and is configurable), rather than removing the corresponding neighbor entry. DelayDown timer When the DelayDown timer expires, the device removes the corresponding DLDP neighbor information if the port is down, and does not perform any operation if the port is up.
Page 34 Port 1 receives the RecoverProbe packet from Port 4, and returns a RecoverEcho packet. Port 4 cannot receive any RecoverEcho packet from Port 1, so Port 4 cannot become the neighbor of Port 1. Port 3 can receive the RecoverEcho packet from Port 1, but Port 3 is not the intended destination, so Port 3 cannot become the neighbor of Port 1.
Page 35: Configuration Restrictions And Guidelines
packet to Port 2. At the same time, Port 1 deletes the neighborship with Port 2, and starts the RecoverProbe timer. Port 2 stays in Inactive state during this process. Detecting multiple neighbors When multiple devices are connected through a hub, enable DLDP on all interfaces connected to the hub to detect unidirectional links among the neighbors.
Page 36: Enabling Dldp
Setting the interval to send advertisement packets To make sure DLDP can detect unidirectional links before network performance deteriorates, set the advertisement interval appropriate for your network environment. (HP recommends that you use the default interval.) To set the Advertisement packet sending interval:...
Page 37: Setting The Port Shutdown Mode
Setting the port shutdown mode On detecting a unidirectional link, the ports can be shut down in one of the following modes: • Auto mode—When a unidirectional link is detected, DLDP changes the DLDP port state to Unidirectional. The unidirectional port periodically sends RecoverProbe packets. When a correct RecoverEcho packet is received, the link is restored to a bidirectional link, and the port state changes from Unidirectional to Bidirectional.
Page 38: Displaying And Maintaining Dldp
Displaying and maintaining DLDP Execute display commands in any view and the reset command in user view. Task Command display dldp [ interface interface-type Display the DLDP configuration globally and of a port. interface-number ] Display the statistics on DLDP packets passing through display dldp statistics [ interface interface-type a port.
Page 39 # Configure Ten-GigabitEthernet 1/0/2 to operate in full duplex mode and at 10000 Mbps, and enable DLDP on the port. [DeviceA] interface ten-gigabitethernet 1/0/2 [DeviceA-Ten-GigabitEthernet1/0/2] duplex full [DeviceA-Ten-GigabitEthernet1/0/2] speed 10000 [DeviceA-Ten-GigabitEthernet1/0/2] dldp enable [DeviceA-Ten-GigabitEthernet1/0/2] quit # Set the port shutdown mode to auto. [DeviceA] dldp unidirectional-shutdown auto Configure Device B: # Enable DLDP globally.
Page 40 Neighbor aged time: 11s Interface Ten-GigabitEthernet1/0/2 DLDP port state: Bidirectional Number of the port’s neighbors: 1 Neighbor MAC address: 0023-8956-3600 Neighbor port index: 2 Neighbor state: Confirmed Neighbor aged time: 12s The output shows that both Ten-GigabitEthernet 1/0/1 and Ten-GigabitEthernet 1/0/2 are in Bidirectional state, which means both links are bidirectional.
Page 41: Manually Shutting Down Unidirectional Links
The output shows that the DLDP port status of both Ten-GigabitEthernet 1/0/1 and Ten-GigabitEthernet 1/0/2 is unidirectional, which indicates that DLDP detects unidirectional links on them and automatically shuts down the two ports. The unidirectional links are caused by cross-connected fibers. Correct the fiber connections. As a result, the ports shut down by DLDP automatically recover, and Device A displays the following log information: <DeviceA>%Jul 11 17:42:57:709 2012 DeviceA IFNET/3/PHY_UPDOWN:...
Page 42 Configuration procedure Configure Device A: # Enable DLDP globally. <DeviceA> system-view [DeviceA] dldp enable # Configure Ten-GigabitEthernet 1/0/1 to operate in full duplex mode and at 10000 Mbps, and enable DLDP on the port. [DeviceA] interface ten-gigabitethernet 1/0/1 [DeviceA-Ten-GigabitEthernet1/0/1] duplex full [DeviceA-Ten-GigabitEthernet1/0/1] speed 10000 [DeviceA-Ten-GigabitEthernet1/0/1] dldp enable [DeviceA-Ten-GigabitEthernet1/0/1] quit...
Page 43 DLDP global status: Enabled DLDP advertisement interval: 5s DLDP authentication-mode: None DLDP unidirectional-shutdown mode: Manual DLDP delaydown-timer value: 1s Number of enabled ports: 2 Interface Ten-GigabitEthernet1/0/1 DLDP port state: Bidirectional Number of the port’s neighbors: 1 Neighbor MAC address: 0023-8956-3600 Neighbor port index: 1 Neighbor state: Confirmed Neighbor aged time: 11s...
Page 44 <DeviceA> display dldp DLDP global status: Enabled DLDP advertisement interval: 5s DLDP authentication-mode: None DLDP unidirectional-shutdown mode: Manual DLDP delaydown-timer value: 1s Number of enabled ports: 2 Interface Ten-GigabitEthernet1/0/1 DLDP port state: Unidirectional Number of the port’s neighbors: 0 (Maximum number ever detected: 1) Interface Ten-GigabitEthernet1/0/2 DLDP port state: Unidirectional Number of the port’s neighbors: 0 (Maximum number ever detected: 1)
Page 45 %Jul 12 08:46:17:959 2012 DeviceA DLDP/6/DLDP_NEIGHBOR_CONFIRMED: A neighbor was confirmed on interface Ten-GigabitEthernet1/0/2. The neighbor's system MAC is 0023-8956-3600, and the port index is 2. %Jul 12 08:46:17:959 2012 DeviceA DLDP/6/DLDP_LINK_BIDIRECTIONAL: DLDP detected a bidirectional link on interface Ten-GigabitEthernet1/0/2. The output shows that the port status and link status of Ten-GigabitEthernet 1/0/2 are now up and its DLDP neighbors are determined.
Page 46: Configuring Smart Link
Configuring Smart Link Smart Link overview To avoid single-point failures and guarantee network reliability, downstream devices are usually dual-homed to upstream devices, as shown in Figure Figure 12 Dual uplink network diagram To remove network loops on a dual-homed network, you can use a spanning tree protocol. However, convergence time is long with spanning tree protocols, which makes it unsuitable for users who have high demand on convergence speed.
Page 47: Terminology
Terminology Smart link group A smart link group consists of only two member ports: the primary and the secondary ports. Only one port is active for forwarding at a time, and the other port is blocked and in standby state. When link failure occurs on the active port due to port shutdown or the presence of unidirectional link, the standby port becomes active and takes over, and the original active port transits to the blocked state.
Page 48: Smart Link Collaboration Mechanisms
When a port switches to the forwarding state, the system outputs log information to notify the user of the port state change. Topology change Link switchover can outdate the MAC address forwarding entries and ARP/ND entries on all devices, so a forwarding entry update mechanism is required to ensure proper transmission.
Page 49: Smart Link Configuration Task List
Smart Link collaborates with link detection protocols through track entries. It supports only the Continuity Check (CC) function of Connectivity Fault Detection (CFD) to implement link detection. CFD notifies the smart link group member ports of fault detection events by using detection VLANs and detection ports. A port responds to a continuity check event only when the control VLAN of the smart link group to which it belongs matches the detection VLAN.
Page 50: Configuring Member Ports For A Smart Link Group
Step Command Remarks Use either method. • Method 1: instance instance-id vlan All VLANs in an MST region are Configure the vlan-list mapped to CIST (MSTI 0) by default. VLAN-to-instance mapping • Method 2: For more information about the table. vlan-mapping modulo commands, see Layer 2—LAN modulo...
Page 51: Configuring Role Preemption For A Smart Link Group
Step Command Remarks Enter system view. system-view Enter Layer 2 Ethernet interface interface interface-type view or Layer 2 aggregate interface-number interface view. Configure member ports for a port smart-link group group-id By default, a port is not a smart smart link group. { primary | secondary } link group member.
Page 52: Configuring The Collaboration Between Smart Link And Track
Configuring the collaboration between Smart Link and Track Smart Link collaborates with the CC function of CFD through track entries to implement link detection. Before configuring the collaboration between Smart Link and Track on a port, make sure the port has been added to the specified smart link group.
Page 53: Displaying And Maintaining Smart Link
Step Command Remarks Enter system view. system-view Enter Layer 2 Ethernet interface interface-type interface view or Layer 2 interface-number aggregate interface view. Configure the control VLANs smart-link flush enable By default, no control VLAN for receiving flush messages. [ control-vlan vlan-id-list ] receives flush messages.
Page 54 Figure 13 Network diagram Configuration procedure Configure Device C: # Create VLANs 1 through 30, map these VLANs to MSTI 1, and activate the MST region configuration. <DeviceC> system-view [DeviceC] vlan 1 to 30 [DeviceC] stp region-configuration [DeviceC-mst-region] instance 1 vlan 1 to 30 [DeviceC-mst-region] active region-configuration [DeviceC-mst-region] quit # Shut down Ten-GigabitEthernet 1/0/1 and Ten-GigabitEthernet 1/0/2, disable the spanning...
Page 55 [DeviceC-smlk-group1] port ten-gigabitethernet1/0/2 secondary # Enable flush message sending in smart link group 1, and configure VLAN 10 as the transmit control VLAN. [DeviceC-smlk-group1] flush enable control-vlan 10 [DeviceC-smlk-group1] quit # Bring up Ten-GigabitEthernet 1/0/1 and Ten-GigabitEthernet 1/0/2 again. [DeviceC] interface ten-gigabitethernet 1/0/1 [DeviceC-Ten-GigabitEthernet1/0/1] undo shutdown [DeviceC-Ten-GigabitEthernet1/0/1] quit [DeviceC] interface ten-gigabitethernet 1/0/2...
Page 56 # Bring up Ten-GigabitEthernet 1/0/1 and Ten-GigabitEthernet 1/0/2 again. [DeviceD] interface ten-gigabitethernet 1/0/1 [DeviceD-Ten-GigabitEthernet1/0/1] undo shutdown [DeviceD-Ten-GigabitEthernet1/0/1] quit [DeviceD] interface ten-gigabitethernet 1/0/2 [DeviceD-Ten-GigabitEthernet1/0/2] undo shutdown [DeviceD-Ten-GigabitEthernet1/0/2] quit Configure Device B: # Create VLANs 1 through 30. <DeviceB> system-view [DeviceB] vlan 1 to 30 # Configure Ten-GigabitEthernet 1/0/1 as a trunk port, and assign it to VLANs 1 through 30.
Page 57 [DeviceE-Ten-GigabitEthernet1/0/1] smart-link flush enable control-vlan 10 20 [DeviceE-Ten-GigabitEthernet1/0/1] quit # Configure Ten-GigabitEthernet 1/0/2 as a trunk port, and assign it to VLANs 1 through 30. Disable the spanning tree feature and enable flush message receiving on it, and configure VLAN 10 as the receive control VLAN.
Page 58: Multiple Smart Link Groups Load Sharing Configuration Example
Protected VLAN : Reference Instance 1 Member Role State Flush-count Last-flush-time ----------------------------------------------------------------------------- XGE1/0/1 PRIMARY ACTIVE 16:45:20 2012/04/21 XGE1/0/2 SECONDARY STANDBY 1 16:37:20 2012/04/21 Use the display smart-link flush command to display the flush messages received on a device. # Display the flush messages received on Device B. [DeviceB] display smart-link flush Received flush packets Receiving interface of the last flush packet...
Page 59 [DeviceC-mst-region] instance 1 vlan 1 to 100 [DeviceC-mst-region] instance 2 vlan 101 to 200 [DeviceC-mst-region] active region-configuration [DeviceC-mst-region] quit # Shut down Ten-GigabitEthernet 1/0/1 and Ten-GigabitEthernet 1/0/2, disable the spanning tree feature on them, configure them as trunk ports, and assign them to VLAN 1 through VLAN 200.
Page 60 [DeviceC-Ten-GigabitEthernet1/0/1] undo shutdown [DeviceC-Ten-GigabitEthernet1/0/1] quit [DeviceC] interface ten-gigabitethernet 1/0/2 [DeviceC-Ten-GigabitEthernet1/0/2] undo shutdown [DeviceC-Ten-GigabitEthernet1/0/2] quit Configure Device B: # Create VLAN 1 through VLAN 200. <DeviceB> system-view [DeviceB] vlan 1 to 200 # Configure Ten-GigabitEthernet 1/0/1 as a trunk port, assign it to VLANs 1 through 200, enable flush message receiving, and configure VLAN 10 and VLAN 110 as the receive control VLANs on the port.
Page 61 Configure Device A: # Create VLAN 1 through VLAN 200. <DeviceA> system-view [DeviceA] vlan 1 to 200 # Configure Ten-GigabitEthernet 1/0/1 and Ten-GigabitEthernet 1/0/2 as trunk ports, assign them to VLANs 1 through 200, enable flush message receiving, and configure VLAN 10 and VLAN 110 as the receive control VLANs on the ports.
Page 62: Smart Link And Track Collaboration Configuration Example
Use the display smart-link flush command to display the flush messages received on a device. # Display the flush messages received on Device B. [DeviceB] display smart-link flush Received flush packets Receiving interface of the last flush packet : Ten-GigabitEthernet1/0/2 Receiving time of the last flush packet : 16:25:21 2012/04/21 Device ID of the last flush packet...
Page 63 [DeviceA] vlan 1 to 200 # Configure Ten-GigabitEthernet 1/0/1 and Ten-GigabitEthernet 1/0/2 as trunk ports and assign them to VLANs 1 through 200. Enable flush message receiving and configure VLAN 10 and VLAN 110 as the receive control VLANs on Ten-GigabitEthernet 1/0/1 and Ten-GigabitEthernet 1/0/2. [DeviceA] interface ten-gigabitethernet 1/0/1 [DeviceA-Ten-GigabitEthernet1/0/1] port link-type trunk [DeviceA-Ten-GigabitEthernet1/0/1] port trunk permit vlan 1 to 200...
Page 64 [DeviceB-Ten-GigabitEthernet1/0/1] smart-link flush enable control-vlan 10 110 [DeviceB-Ten-GigabitEthernet1/0/1] quit # Configure Ten-GigabitEthernet 1/0/2 as a trunk port and assign it to VLANs 1 through 200. Disable the spanning tree feature and enable flush message receiving on it. Configure VLAN 10 and VLAN 110 as the receive control VLANs.
Page 65 [DeviceC-smlk-group1] flush enable control-vlan 10 [DeviceC-smlk-group1] quit # Create smart link group 2, and configure all VLANs mapped to MSTI 2 as the protected VLANs for smart link group 2. [DeviceC] smart-link group 2 [DeviceC-smlk-group2] protected-vlan reference-instance 2 # Configure Ten-GigabitEthernet 1/0/1 as the secondary port and Ten-GigabitEthernet 1/0/2 as the primary port for smart link group 2.
Page 66 # Create track entry 1 that is associated with the CFD CC function of MEP 1001 in service instance [DeviceC] track 2 cfd cc service-instance 2 mep 2001 # Configure the collaboration between the primary port Ten-GigabitEthernet 1/0/2 of smart link group 2 and the CC function of CFD through track entry 2, and bring up the port.
Page 67 XGE1/0/2 SECONDARY ACTIVE 16:37:20 2012/04/21 Smart link group 2 information: Device ID : 000f-e23d-5af0 Preemption mode : ROLE Preemption delay: 1(s) Control VLAN : 110 Protected VLAN : Reference Instance 2 Member Role State Flush-count Last-flush-time ----------------------------------------------------------------------------- XGE1/0/2 PRIMARY ACTIVE 16:45:20 2012/04/21 XGE1/0/1 SECONDARY DOWN...
Page 68: Configuring Monitor Link
Configuring Monitor Link Overview Monitor Link associates the state of downlink interfaces with the state of uplink interfaces in a monitor link group. When Monitor Link shuts down the downlink interfaces because of an uplink failure, the downstream device changes connectivity to another link. Figure 16 Monitor Link application scenario A monitor link group contains uplink and downlink interfaces.
Page 69: Configuring Monitor Link
A monitor link group works independently of other monitor link groups. When a monitor link group does not contain any uplink interface or all its uplink interfaces are down, the monitor link group goes down. It forces all downlink interfaces down at the same time. When any uplink interface comes up, the monitor link group comes up and brings up all the downlink interfaces.
Page 70: Configuring The Switchover Delay For A Monitor Link Group
In monitor link group view To configure member interfaces for a monitor link group in monitor link group view: Step Command Remarks Enter system view. system-view Enter monitor link group view. monitor-link group group-id port interface-type Configure member interfaces By default, a monitor link group { interface-number | for the monitor link group.
Page 71: Monitor Link Configuration Example
Monitor Link configuration example Network requirements As shown in Figure Device C is a Smart Link device, and Device A, Device B, and Device D are associated devices. • Traffic of VLANs 1 through 30 on Device C is dual-uplinked to Device A through a smart link group. Implement dual uplink backup on Device C.
Page 72 [DeviceC-Ten-GigabitEthernet1/0/1] quit # Configure Ten-GigabitEthernet 1/0/2 in the same way Ten-GigabitEthernet 1/0/1 is configured. [DeviceC] interface ten-gigabitethernet 1/0/2 [DeviceC-Ten-GigabitEthernet1/0/2] shutdown [DeviceC-Ten-GigabitEthernet1/0/2] undo stp enable [DeviceC-Ten-GigabitEthernet1/0/2] port link-type trunk [DeviceC-Ten-GigabitEthernet1/0/2] port trunk permit vlan 1 to 30 [DeviceC-Ten-GigabitEthernet1/0/2] quit # Create smart link group 1, and configure all the VLANs mapped to MSTI 1 as the protected VLANs for smart link group 1.
Page 73 Configure Device B: # Create VLANs 1 through 30. <DeviceB> system-view [DeviceB] vlan 1 to 30 # Configure Ten-GigabitEthernet 1/0/1 as a trunk port. [DeviceB] interface ten-gigabitethernet 1/0/1 [DeviceB-Ten-GigabitEthernet1/0/1] port link-type trunk # Assign the interface to VLANs 1 through 30. [DeviceB-Ten-GigabitEthernet1/0/1] port trunk permit vlan 1 to 30 # Enable flush message receiving on the interface.
Page 74 # Configure the interface as a trunk port. [DeviceD-Ten-GigabitEthernet1/0/2] port link-type trunk # Assign the interface to VLANs 1 through 30. [DeviceD-Ten-GigabitEthernet1/0/2] port trunk permit vlan 1 to 30 # Enable flush message receiving on the interface. [DeviceD-Ten-GigabitEthernet1/0/2] smart-link flush enable [DeviceD-Ten-GigabitEthernet1/0/2] quit # Create monitor link group 1.
Page 75: Configuring Vrrp
Configuring VRRP The term "interface" in this chapter refers to Layer 3 Ethernet interfaces, VLAN interfaces, Layer 3 aggregate interfaces, Layer 3 Ethernet subinterfaces, and Layer 3 aggregate subinterfaces. You can configure an Ethernet port as a Layer 3 interface by using the port link-mode route command (see Layer 2—LAN Switching Configuration Guide).
Page 76: Vrrp Standard Mode
Standard mode—Implemented based on RFCs. For more information, see "VRRP standard mode." • • Load balancing mode—Extends the VRRP standard mode to distribute load across VRRP group members. For more information, see "VRRP load balancing mode." VRRP has two versions: VRRPv2 and VRRPv3. VRRPv2 supports IPv4 VRRP. VRRPv3 supports IPv4 VRRP and IPv6 VRRP.
Page 77: Authentication Method
Preemptive mode—A backup starts a new master election and takes over as master when it detects • that it has a higher priority than the current master. Preemptive mode makes sure the router with the highest priority in a VRRP group always acts as the master. Authentication method To avoid attacks from unauthorized users, VRRP member routers add authentication keys in VRRP packets to authenticate one another.
Page 78: Master Election
Master election Routers in a VRRP group determine their roles by priority. When a router joins a VRRP group, it has a backup role. The router role changes according to the following situations: • If the backup does not receive any VRRP advertisement when the timer (3 × advertisement interval + Skew_Time) expires, it becomes the master.
Page 79 Figure 20 VRRP in master/backup mode Assume that Router A is acting as the master to forward packets to external networks, and Router B and Router C are backups in listening state. When Router A fails, Router B and Router C elect a new master to forward packets for hosts on the subnet.
Page 80: Vrrp Load Balancing Mode
VRRP group 1—Router A is the master. Router B and Router C are the backups. • • VRRP group 2—Router B is the master. Router A and Router C are the backups. VRRP group 3—Router C is the master. Router A and Router B are the backups. •...
Page 81 Figure 22 Virtual MAC address assignment Network Router A Router B Master Backup Virtual MAC: 000f-e2ff-0012 Virtual MAC: 000f-e2ff-0011 Virtual IP address:10.1.1.1/24 Virtual IP address:10.1.1.1/24 Allocate Virtual MAC 000f-e2ff-0012 to Router B Gateway IP: 10.1.1.1/24 Gateway IP: 10.1.1.1/24 Host A Host B When an ARP request arrives, the master (Router A) selects a virtual MAC address based on the load balancing algorithm to answer the ARP request.
Page 82: Virtual Forwarder
Figure 24 Sending packets to different routers for forwarding Virtual forwarder Virtual forwarder creation Virtual MAC addresses enable traffic distribution across routers in a VRRP group. To enable routers in the VRRP group to forward packets, VFs must be created on them. Each VF is associated with a virtual MAC address in the VRRP group and forwards packets that are sent to this virtual MAC address.
Page 83 On a router that does not own the VF, if the weight of the VF is higher than or equal to the lower limit • of failure, the priority of the VF is calculated as weight/(number of local AVFs +1). If the weight of the VF is lower than the lower limit of failure, the priority of the VF is 0.
Page 84: Protocols And Standards
Redirect timer—Before this timer expires, the master still uses the virtual MAC address • corresponding to the failed AVF to respond to ARP/ND requests from hosts. The VF owner can share traffic load if the VF owner resumes normal operation within this time. When this timer expires, the master stops using the virtual MAC address corresponding to the failed AVF to respond to ARP/ND requests from hosts.
Page 85: Specifying An Ipv4 Vrrp Operating Mode
Tasks at a glance Remarks (Optional.) Enabling SNMP notifications for VRRP (Optional.) Disabling an IPv4 VRRP group Specifying an IPv4 VRRP operating mode A VRRP group can operate in either of the following modes: Standard mode—Only the master can forward packets. •...
Page 86: Configuring The Router Priority, Preemptive Mode, And Tracking Function
In VRRP load balancing mode, the device supports a maximum of MaxVRNum/N VRRP groups. • MaxVRNum refers to the maximum number of VRRP groups supported by the device in VRRP standard mode, and N refers to the number of devices in the VRRP group. •...
Page 87: Configuring Ipv4 Vrrp Packet Attributes
Configuration procedure To configure the router priority, preemptive mode, and tracking function: Step Command Remarks Enter system view. system-view interface interface-type Enter interface view. interface-number Configure the priority of the vrrp vrid virtual-router-id priority The default setting is 100. router in the VRRP group. priority-value By default, the router in a VRRP Enable the preemptive mode...
Page 88: Configuring Vf Tracking
The default setting is 100 centiseconds. Configure the interval at which the master in an IPv4 vrrp vrid virtual-router-id timer To maintain system stability, HP VRRP group sends VRRP advertise adver-interval recommends that you set the VRRP advertisements. advertisement interval to be greater than 100 centiseconds.
Page 89: Enabling Snmp Notifications For Vrrp
Step Command Remarks interface interface-type Enter interface view. interface-number • Configure the VFs in a VRRP group to monitor a track entry and configure the reduced weight: vrrp vrid virtual-router-id weight track track-entry-number Use either approach. [ reduced weight-reduced ] Configure VF tracking.
Page 90: Displaying And Maintaining Ipv4 Vrrp
Displaying and maintaining IPv4 VRRP Execute display commands in any view and the reset command in user view. Task Command display vrrp [ interface interface-type interface-number [ vrid Display states of IPv4 VRRP groups. virtual-router-id ] ] [ verbose ] Display statistics for IPv4 VRRP display vrrp statistics [ interface interface-type interface-number [ vrid groups.
Page 91: Creating A Vrrp Group And Assigning A Virtual Ipv6 Address
Step Command Remarks Enter system view. system-view • Specify the standard mode: undo vrrp ipv6 mode Use one of the commands. Specify an IPv6 VRRP • Specify the load balancing By default, VRRP operates in operating mode. mode: standard mode. vrrp ipv6 mode load-balance Creating a VRRP group and assigning a virtual IPv6 address A VRRP group can work correctly after you create it and assign at least one virtual IPv6 address for it.
Page 92: Configuring The Router Priority, Preemptive Mode, And Tracking Function
Step Command Remarks By default, no VRRP group exists. The first virtual IPv6 address that you assign to an IPv6 VRRP group Create a VRRP group and vrrp ipv6 vrid virtual-router-id must be a link-local address, and it assign a virtual IPv6 address, virtual-ip virtual-address link-local must be the last address you which is a link-local address.
Page 93: Configuring Vf Tracking
Configuring VF tracking You can configure VF tracking in both standard mode and load balancing mode, but the function takes effect only in load balancing mode. In load balancing mode, you can configure the VFs in a VRRP group to monitor a track entry. When the state of the track entry transits to Negative, the weights of all VFs in the VRRP group on the router decrease by a specific value.
Page 94: Disabling An Ipv6 Vrrp Group
Enter interface view. interface-number The default setting is 100 centiseconds. To maintain system stability, HP Configure the IPv6 VRRP vrrp ipv6 vrid virtual-router-id recommends that you set the advertisement interval. timer advertise adver-interval VRRP advertisement interval to be greater than 100 centiseconds.
Page 95: Ipv4 Vrrp Configuration Examples
Task Command Display the states of IPv6 VRRP display vrrp ipv6 [ interface interface-type interface-number [ vrid groups. virtual-router-id ] ] [ verbose ] Display statistics for IPv6 VRRP display vrrp ipv6 statistics [ interface interface-type interface-number groups. [ vrid virtual-router-id ] ] Clear statistics for IPv6 VRRP reset vrrp ipv6 statistics [ interface interface-type interface-number [ vrid groups.
Page 96 [SwitchA-Vlan-interface2] ip address 10.1.1.1 255.255.255.0 # Create VRRP group 1 on VLAN-interface 2, and set its virtual IP address to 10.1.1.111. [SwitchA-Vlan-interface2] vrrp vrid 1 virtual-ip 10.1.1.111 # Assign Switch A a higher priority than Switch B in VRRP group 1, so Switch A can become the master.
Page 97 Admin Status : Up State : Backup Config Pri : 100 Running Pri : 100 Preempt Mode : Yes Delay Time Become Master : 401ms left Auth Type : None Virtual IP : 10.1.1.111 Master IP : 10.1.1.1 The output shows that Switch A is operating as the master in VRRP group 1 to forward packets from Host A to Host B.
Page 98: Multiple Vrrp Groups Configuration Example
Multiple VRRP groups configuration example This section provides an example of configuring multiple VRRP groups on switches. Network requirements Switch A and Switch B form two VRRP groups. VRRP group 1 uses the virtual IP address 10.1.1.100/25 to provide gateway service for hosts in VLAN 2, and VRRP group 2 uses the virtual IP address 10.1.1.200/25 to provide gateway service for hosts in VLAN 3, as shown in Figure Assign a higher priority to Switch A than Switch B in VRRP group 1, but a lower priority in VRRP group...
Page 99 [SwitchA] interface vlan-interface 3 [SwitchA-Vlan-interface3] ip address 10.1.1.130 255.255.255.128 # Create VRRP group 2, and set its virtual IP address to 10.1.1.200. [SwitchA-Vlan-interface3] vrrp vrid 2 virtual-ip 10.1.1.200 Configure Switch B: # Configure VLAN 2. <SwitchB> system-view [SwitchB] vlan 2 [SwitchB-vlan2] port ten-gigabitethernet 1/0/5 [SwitchB-vlan2] quit [SwitchB] interface vlan-interface 2...
Page 100: Vrrp Load Balancing Configuration Example
Preempt Mode : Yes Delay Time Become Master : 203ms left Auth Type : None Virtual IP : 10.1.1.200 Master IP : 10.1.1.131 # Display detailed information about the VRRP groups on Switch B. [SwitchB-Vlan-interface3] display vrrp verbose IPv4 Virtual Router Information: Running Mode : Standard Total number of virtual routers : 2...
Page 101 Figure 28 Network diagram Configuration procedure Configure Switch A: # Configure VLAN 2. <SwitchA> system-view [SwitchA] vlan 2 [SwitchA-vlan2] port ten-gigabitethernet 1/0/5 [SwitchA-vlan2] quit # Configure VRRP to operate in load balancing mode. [SwitchA] vrrp mode load-balance # Create VRRP group 1, and set its virtual IP address to 10.1.1.1. [SwitchA] interface vlan-interface 2 [SwitchA-Vlan-interface2] ip address 10.1.1.2 24 [SwitchA-Vlan-interface2] vrrp vrid 1 virtual-ip 10.1.1.1...
Page 102 [SwitchA] interface vlan-interface 2 [SwitchA-Vlan-interface2] vrrp vrid 1 weight track 1 reduced 250 Configure Switch B: # Configure VLAN 2. <SwitchB> system-view [SwitchB] vlan 2 [SwitchB-vlan2] port ten-gigabitethernet 1/0/5 [SwitchB-vlan2] quit # Configure VRRP to operate in load balancing mode. [SwitchB] vrrp mode load-balance # Create VRRP group 1, and set its virtual IP address to 10.1.1.1.
Page 103 # Configure the VFs in VRRP group 1 to monitor track entry 1, and decrease their weights by 250 when the track entry transits to Negative. [SwitchC] interface vlan-interface 2 [SwitchC-Vlan-interface2] vrrp vrid 1 weight track 1 reduced 250 Verify the configuration: # Verify that Host A can ping the external network.
Page 104 Total number of virtual routers : 1 Interface Vlan-interface2 VRID Adver Timer : 100 Admin Status : Up State : Backup Config Pri : 110 Running Pri : 110 Preempt Mode : Yes Delay Time Become Master : 410ms left Auth Type : None Virtual IP...
Page 105 Member IP List : 10.1.1.4 (Local, Backup) 10.1.1.2 (Master) 10.1.1.3 (Backup) Forwarder Information: 3 Forwarders 1 Active Config Weight : 255 Running Weight : 255 Forwarder 01 State : Listening Virtual MAC : 000f-e2ff-0011 (Learnt) Owner ID : 0000-5e01-1101 Priority : 127 Active : 10.1.1.2...
Page 106 State : Initialize Virtual MAC : 000f-e2ff-0011 (Owner) Owner ID : 0000-5e01-1101 Priority Active : 10.1.1.4 Forwarder 02 State : Initialize Virtual MAC : 000f-e2ff-0012 (Learnt) Owner ID : 0000-5e01-1103 Priority Active : 10.1.1.3 Forwarder 03 State : Initialize Virtual MAC : 000f-e2ff-0013 (Learnt) Owner ID : 0000-5e01-1105...
Page 107 Priority : 85 Active : 10.1.1.3 Forwarder 03 State : Active Virtual MAC : 000f-e2ff-0013 (Owner) Owner ID : 0000-5e01-1105 Priority : 255 Active : local Forwarder Weight Track Information: Track Object State : Positive Weight Reduced : 250 The output shows that when VLAN-interface 3 on Switch A fails, the weights of the VFs on Switch A drop below the lower limit of failure.
Page 108: Ipv6 Vrrp Configuration Examples
The output shows that when the timeout timer expires, the VF for virtual MAC address 000f-e2ff-0011 is removed, and no longer forwards the packets destined for the MAC address. # When Switch A fails, display detailed information about VRRP group 1 on Switch B. [SwitchB-Vlan-interface2] display vrrp verbose IPv4 Virtual Router Information: Running Mode...
Page 109 Host A learns 1::10/64 as its default gateway from RA messages sent by the switches. Switch A operates as the master to forward packets from Host A to Host B. When Switch A fails, Switch B takes over to forward packets for Host A. Figure 29 Network diagram Configuration procedure Configure Switch A:...
Page 110 [SwitchB] interface vlan-interface 2 [SwitchB-Vlan-interface2] ipv6 address fe80::2 link-local [SwitchB-Vlan-interface2] ipv6 address 1::2 64 # Create VRRP group 1 and set its virtual IPv6 addresses to FE80::10 and 1::10. [SwitchB-Vlan-interface2] vrrp ipv6 vrid 1 virtual-ip fe80::10 link-local [SwitchB-Vlan-interface2] vrrp ipv6 vrid 1 virtual-ip 1::10 # Configure Switch B to operate in preemptive mode, and set the preemption delay to 5 seconds.
Page 111: Multiple Vrrp Groups Configuration Example
# Display detailed information about VRRP group 1 on Switch B. [SwitchB-Vlan-interface2] display vrrp ipv6 verbose IPv6 Virtual Router Information: Running Mode : Standard Total number of virtual routers : 1 Interface Vlan-interface2 VRID Adver Timer : 100 Admin Status : Up State : Master...
Page 112 Assign Switch A a higher priority than Switch B in VRRP group 1 but a lower priority in VRRP group 2 to distribute the traffic from VLAN 2 and VLAN 3 between the two switches. When one of the switches fails, the healthy switch provides gateway service for both VLANs.
Page 113 [SwitchA-Vlan-interface3] ipv6 address 2::1 64 # Create VRRP group 2, and set its virtual IPv6 addresses to FE90::10 and 2::10. [SwitchA-Vlan-interface3] vrrp ipv6 vrid 2 virtual-ip fe90::10 link-local [SwitchA-Vlan-interface3] vrrp ipv6 vrid 2 virtual-ip 2::10 # Enable Switch A to send RA messages, so hosts in VLAN 3 can learn the default gateway address.
Page 114 Admin Status : Up State : Master Config Pri : 110 Running Pri : 110 Preempt Mode : Yes Delay Time Auth Type : None Virtual IP : FE80::10 1::10 Virtual MAC : 0000-5e00-0201 Master IP : FE80::1 Interface Vlan-interface3 VRID Adver Timer : 100...
Page 115: Vrrp Load Balancing Configuration Example
VRRP load balancing configuration example This section provides an example of configuring the VRRP load balancing mode. Network requirements Switch A, Switch B, and Switch C form a load balanced VRRP group and use the virtual IPv6 addresses FE80::10 and 1::10 to provide gateway service for subnet 1::/64, as shown in Figure Hosts on subnet 1::/64 learn 1::10 as their default gateway from RA messages sent by the switches.
Page 116 [SwitchA-Vlan-interface2] ipv6 address 1::1 64 [SwitchA-Vlan-interface2] vrrp ipv6 vrid 1 virtual-ip fe80::10 link-local [SwitchA-Vlan-interface2] vrrp ipv6 vrid 1 virtual-ip 1::10 # Assign Switch A the highest priority in VRRP group 1, so Switch A can become the master. [SwitchA-Vlan-interface2] vrrp ipv6 vrid 1 priority 120 # Configure Switch A to operate in preemptive mode, so it can become the master whenever it operates correctly.
Page 117 # Configure the VFs in VRRP group 1 to monitor track entry 1, and decrease their weights by 250 when the track entry transits to Negative. [SwitchB] interface vlan-interface 2 [SwitchB-Vlan-interface2] vrrp ipv6 vrid 1 weight track 1 reduced 250 Configure Switch C: # Configure VLAN 2.
Page 118 Member IP List : FE80::1 (Local, Master) FE80::2 (Backup) FE80::3 (Backup) Forwarder Information: 3 Forwarders 1 Active Config Weight : 255 Running Weight : 255 Forwarder 01 State : Active Virtual MAC : 000f-e2ff-4011 (Owner) Owner ID : 0000-5e01-1101 Priority : 255 Active : local...
Page 119 Virtual MAC : 000f-e2ff-4011 (Learnt) Owner ID : 0000-5e01-1101 Priority : 127 Active : FE80::1 Forwarder 02 State : Active Virtual MAC : 000f-e2ff-4012 (Owner) Owner ID : 0000-5e01-1103 Priority : 255 Active : local Forwarder 03 State : Listening Virtual MAC : 000f-e2ff-4013 (Learnt) Owner ID...
Page 120 Priority : 127 Active : FE80::2 Forwarder 03 State : Active Virtual MAC : 000f-e2ff-4013 (Owner) Owner ID : 0000-5e01-1105 Priority : 255 Active : local Forwarder Weight Track Information: Track Object State : Positive Weight Reduced : 250 The output shows that Switch A is the master in VRRP group 1, and each of the three switches has one AVF and two LVFs.
Page 121 Priority Active : FE80::3 Forwarder Weight Track Information: Track Object State : Negative Weight Reduced : 250 # Display detailed information about VRRP group 1 on Switch C. [SwitchC-Vlan-interface2] display vrrp ipv6 verbose IPv6 Virtual Router Information: Running Mode : Load Balance Total number of virtual routers : 1 Interface Vlan-interface2 VRID...
Page 122 # When the timeout timer (about 1800 seconds) expires, display detailed information about VRRP group 1 on Switch C. [SwitchC-Vlan-interface2] display vrrp ipv6 verbose IPv6 Virtual Router Information: Running Mode : Load Balance Total number of virtual routers : 1 Interface Vlan-interface2 VRID Adver Timer...
Page 123: Troubleshooting Vrrp
Virtual IP : FE80::10 1::10 Member IP List : FE80::2 (Local, Master) FE80::3 (Backup) Forwarder Information: 2 Forwarders 1 Active Config Weight : 255 Running Weight : 255 Forwarder 02 State : Active Virtual MAC : 000f-e2ff-4012 (Owner) Owner ID : 0000-5e01-1103 Priority : 255...
Page 124: Multiple Masters Appear In A Vrrp Group
Multiple masters appear in a VRRP group Symptom Multiple masters appear in a VRRP group. Analysis It is normal for a VRRP group to have multiple masters for a short time, and this situation requires no manual intervention. If multiple masters coexist for a longer period, it might be because the masters cannot receive advertisements from each other, or because the received advertisements are illegitimate.
Page 125: Configuring Bfd
Configuring BFD The term "interface" in this chapter typically refers to Layer 3 interfaces, including VLAN interfaces and Layer 3 Ethernet interfaces. You can set an Ethernet port as a Layer 3 interface by using the port link-mode route command (see Layer 2—LAN Switching Configuration Guide). The following commands can be configured in Layer 2 aggregate interface view: bfd authentication-mode •...
Page 126: Bfd Session Modes And Operating Modes
The protocol terminates the neighborship on the link. If a backup link is available, the protocol will use it for communication. BFD session modes and operating modes BFD sessions use the following types of packets: Echo packets—Encapsulated into UDP packets with port number 3785. •...
Page 127: Protocols And Standards
BGP. For more information, see Layer 3—IP Routing Configuration Guide. • • IPv6 BGP. For more information, see Layer 3—IP Routing Configuration Guide. PIM. For more information, see IP Multicast Configuration Guide. • IPv6 PIM. For more information, see IP Multicast Configuration Guide. •...
Page 128: Configuring Control Packet Mode
Step Command Remarks Use either command. By default, no source IP address is configured for echo packets. • Configure the source IP address The source IP address cannot be on of echo packets: the same network segment as any bfd echo-source-ip ip-address local interface's IP address.
Page 129: Displaying And Maintaining Bfd
Step Command Remarks By default, the echo packet mode is disabled. If you enable the echo packet mode for a BFD session in which Enable the echo packet mode. bfd echo enable control packets are sent and the session goes up, BFD periodically sends echo packets to detect link connectivity and decrease control packet receive rate.
Page 130 Task Command Display BFD session information. display bfd session [ discriminator value | verbose ] Clear BFD session statistics. reset bfd session statistics...
Page 131: Configuring Track
Configuring Track Overview The Track module works between application modules and detection modules, as shown in Figure 32. It shields the differences between various detection modules from application modules. Collaboration is enabled after you associate the Track module with a detection module and an application module.
Page 132: Collaboration Application Example
BFD. • • CFD. Interface management. • Collaboration between the Track module and an application module The following application modules can be associated with the Track module: VRRP. • Static routing. • Policy-based routing. • Smart Link. • When configuring a track entry for an application module, you can set a notification delay to avoid immediate notification of status changes, which can cause communication failure.
Page 133: Associating The Track Module With A Detection Module
Tasks at a glance Remarks (Required.) Associating the Track module with a detection module: • Associating Track with NQA Use one of the • Associating Track with BFD methods. • Associating Track with CFD • Associating Track with interface management (Required.) Associating the Track module with an application module:...
Page 134: Associating Track With Bfd
Associating Track with BFD BFD supports the control packet mode and echo packet mode. A track entry can only be associated with the echo-mode BFD session, and cannot be associated with the control-mode BFD session. For more information about BFD, see "Configuring BFD."...
Page 135: Associating Track With Interface Management
Associating Track with interface management The interface management module monitors the link status or network-layer protocol status of the interface. The interface management module functions as follows when it is associated with a track entry: • When the link or network-layer protocol status of the interface changes to up, the interface management module informs the Track module of the change.
Page 136 LAN cannot access the external network. This problem can be solved by establishing a Track-VRRP group association. Use the detection modules to monitor the status of the uplink of the router and establish collaborations between the detection modules, Track module, and VRRP. When the uplink fails, the detection modules notify the Track module to change the status of the monitored track entry to Negative, and the priority of the master decreases by a user-specified value.
Page 137: Associating Track With Static Routing
Step Command Remarks By default, no track entry is specified for a VF. This command is configurable vrrp [ ipv6 ] vrid virtual-router-id Associate Track with a VRRP when VRRP is operating in weight track track-entry-number standard mode or load balancing [ reduced weight-reduced ] mode.
Page 138: Associating Track With Pbr
Step Command Remarks • Method 1: ip route-static dest-address { mask-length | mask } { interface-type interface-number [ next-hop-address ] | next-hop-address [ track track-entry-number ] | vpn-instance d-vpn-instance-name next-hop-address [ track track-entry-number ] } [ permanent ] [ preference preference-value ] [ tag Associate the static tag-value ] [ description description-text ] route with a track...
Page 139: Associating Track With Smart Link
To associate Track with PBR: Step Command Remarks Enter system view. system-view Create a policy or policy policy-based-route policy-name [ deny | node and enter PBR policy permit ] node node-number node view. Define an ACL match criterion: By default, no packets Define a match criterion.
Page 140: Track Configuration Examples
Task Command Display information about a specific or all track entries. display track { track-entry-number | all } Track configuration examples VRRP-Track-NQA collaboration configuration example Network requirements As shown in Figure • Host A requires access to Host B. The default gateway of Host A is 10.1.1.10/24. Switch A and Switch B belong to VRRP group 1.
Page 141 [SwitchA-nqa-admin-test-icmp-echo] destination ip 10.1.2.2 # Set the operation frequency to 100 milliseconds. [SwitchA-nqa-admin-test-icmp-echo] frequency 100 # Configure reaction entry 1, specifying that five consecutive probe failures trigger the Track module. [SwitchA-nqa-admin-test-icmp-echo] reaction 1 checked-element probe-fail threshold-type consecutive 5 action-type trigger-only [SwitchA-nqa-admin-test-icmp-echo] quit # Start the NQA operation.
Page 142 Verifying the configuration # Ping Host B from Host A to verify that Host B is reachable. (Details not shown.) # Display detailed information about VRRP group 1 on Switch A. [SwitchA-Vlan-interface2] display vrrp verbose IPv4 Virtual Router Information: Running Mode : Standard Total number of virtual routers : 1 Interface Vlan-interface2...
Page 143: Configuring Bfd For A Vrrp Backup To Monitor The Master
Become Master : 2200ms left Auth Type : Simple : ****** Virtual IP : 10.1.1.10 Master IP : 10.1.1.2 VRRP Track Information: Track Object State : Negative Pri Reduced : 30 # Display detailed information about VRRP group 1 on Switch B. [SwitchB-Vlan-interface2] display vrrp verbose IPv4 Virtual Router Information: Running Mode...
Page 144 Figure 34 Network diagram Internet Virtual router Switch A Switch B Virtual IP address: Master Backup 192.168.0.10 Vlan-int2 Vlan-int2 192.168.0.101/24 192.168.0.102/24 L2 switch BFD probe packets VRRP packets Configuration procedure Create VLANs and assign ports to them. Configure the IP address of each VLAN interface as shown in Figure 34.
Page 145 [SwitchB-Vlan-interface2] vrrp vrid 1 track 1 switchover [SwitchB-Vlan-interface2] return Verifying the configuration # Display detailed information about VRRP group 1 on Switch A. <SwitchA> display vrrp verbose IPv4 Virtual Router Information: Running Mode : Standard Total number of virtual routers : 1 Interface Vlan-interface2 VRID Adver Timer...
Page 146: Configuring Bfd For The Vrrp Master To Monitor The Uplinks
# Enable VRRP state debugging and BFD event debugging on Switch B. <SwitchB> terminal debugging <SwitchB> terminal monitor <SwitchB> debugging vrrp fsm <SwitchB> debugging bfd event # When Switch A fails, the following output is displayed on Switch B. *Dec 17 14:44:34:142 2013 SwitchB BFD/7/EVENT:Send sess-down Msg, [Src:192.168.0.102,Dst:192.168.0.101,Vlan-interface2,Echo], instance:0, protocol:Track *Dec 17 14:44:34:144 2013 SwitchB VRRP4/7/FSM: IPv4 Vlan-interface2 | Virtual Router 1 : Backup -->...
Page 147 Figure 35 Network diagram Internet Master Backup uplink device uplink device Vlan-int3 1.1.1.2/24 Uplink Uplink Vlan-int3 1.1.1.1/24 Switch A Virtual router Switch B Master Virtual IP address: Backup 192.168.0.10 Vlan-int2 Vlan-int2 192.168.0.101/24 192.168.0.102/24 L2 switch BFD probe packets VRRP packets Configuration procedure Create VLANs and assign ports to them.
Page 148 [SwitchB-Vlan-interface2] vrrp vrid 1 virtual-ip 192.168.0.10 [SwitchB-Vlan-interface2] return Verifying the configuration # Display detailed information about the VRRP group on Switch A. <SwitchA> display vrrp verbose IPv4 Virtual Router Information: Running Mode : Standard Total number of virtual routers : 1 Interface Vlan-interface2 VRID Adver Timer...
Page 149 # When the uplink of Switch A goes down, the status of track entry 1 becomes Negative. <SwitchA> display track 1 Track ID: 1 State: Negative Duration: 0 days 0 hours 0 minutes 32 seconds Notification delay: Positive 0, Negative 0 (in seconds) Tracked object: BFD session mode: Echo Outgoing interface: Vlan-interface2...
Page 150: Static Routing-Track-Nqa Collaboration Configuration Example
Static routing-Track-NQA collaboration configuration example Network requirements As show in Figure Switch A is the default gateway of the hosts in subnet 20.1.1.0/24. • Switch D is the default gateway of the hosts in subnet 30.1.1.0/24. • • Hosts in the two subnets communicate with each other through static routes. To ensure network availability, configure route backup and static routing-Track-NQA collaboration on Switch A and Switch D as follows: •...
Page 151 # Configure a static route to 10.2.1.4 with the next hop 10.1.1.2. [SwitchA] ip route-static 10.2.1.4 24 10.1.1.2 # Create an NQA operation with the administrator admin and the operation tag test. [SwitchA] nqa entry admin test # Configure the operation type as ICMP echo. [SwitchA-nqa-admin-test] type icmp-echo # Configure the destination address of the operation as 10.2.1.4 and the next hop address as 10.1.1.2.
Page 152 # Configure the operation type as ICMP echo. [SwitchD-nqa-admin-test] type icmp-echo # Configure the destination address of the operation as 10.1.1.1 and the next hop address as 10.2.1.2. [SwitchD-nqa-admin-test-icmp-echo] destination ip 10.1.1.1 [SwitchD-nqa-admin-test-icmp-echo] next-hop 10.2.1.2 # Configure the operation frequency as 100 milliseconds. [SwitchD-nqa-admin-test-icmp-echo] frequency 100 # Configure reaction entry 1, specifying that five consecutive probe failures trigger the Track module.
Page 153 # Remove the IP address of interface VLAN-interface 2 on Switch B. <SwitchB> system-view [SwitchB] interface vlan-interface 2 [SwitchB-Vlan-interface2] undo ip address # Display information about the track entry on Switch A. [SwitchA] display track all Track ID: 1 State: Negative Duration: 0 days 0 hours 0 minutes 32 seconds Notification delay: Positive 0, Negative 0 (in seconds) Tracked object:...
Page 154: Static Routing-Track-Bfd Collaboration Configuration Example
# Verify that the hosts in subnet 30.1.1.0/24 can communicate with the hosts in subnet 20.1.1.0/24 when the master route fails. [SwitchB] ping -a 30.1.1.1 20.1.1.1 Ping 20.1.1.1: 56 data bytes, press CTRL_C to break Reply from 20.1.1.1: bytes=56 Sequence=1 ttl=254 time=2 ms Reply from 20.1.1.1: bytes=56 Sequence=2 ttl=254 time=1 ms Reply from 20.1.1.1: bytes=56 Sequence=3 ttl=254 time=1 ms Reply from 20.1.1.1: bytes=56 Sequence=4 ttl=254 time=1 ms...
Page 155 Configure Switch A: # Configure a static route to 30.1.1.0/24 with the next hop 10.2.1.2 and the default priority 60, and associate this static route with track entry 1. <SwitchA> system-view [SwitchA] ip route-static 30.1.1.0 24 10.2.1.2 track 1 # Configure a static route to 30.1.1.0/24 with the next hop 10.3.1.3 and the priority 80. [SwitchA] ip route-static 30.1.1.0 24 10.3.1.3 preference 80 # Configure the source address of BFD echo packets as 10.10.10.10.
Page 156 The output shows that the status of the track entry is Positive, indicating that the next hop 10.2.1.2 is reachable. # Display the routing table of Switch A. [SwitchA] display ip routing-table Destinations : 9 Routes : 9 Destination/Mask Proto Cost NextHop Interface...
Page 157: Vrrp-Track-Interface Management Collaboration Configuration Example
10.3.1.1/32 Direct 0 127.0.0.1 InLoop0 20.1.1.0/24 Direct 0 20.1.1.1 Vlan5 20.1.1.1/32 Direct 0 127.0.0.1 InLoop0 30.1.1.0/24 Static 80 10.3.1.3 Vlan3 127.0.0.0/8 Direct 0 127.0.0.1 InLoop0 127.0.0.1/32 Direct 0 127.0.0.1 InLoop0 The output shows that the backup static route takes effect. Switch A forwards packets to 30.1.1.0/24 through Switch C and Switch B.
Page 158 When VRRP detects a fault on the uplink interface of Switch A through the interface management • module, Switch B forwards packets from Host A to Host B. Figure 38 Network diagram Configuration procedure Create VLANs and assign ports to them. Configure the IP address of each VLAN interface as shown in Figure 38.
Page 159 Admin Status : Up State : Master Config Pri : 110 Running Pri : 110 Preempt Mode : Yes Delay Time Auth Type : None Virtual IP : 10.1.1.10 Virtual MAC : 0000-5e00-0101 Master IP : 10.1.1.1 VRRP Track Information: Track Object State : Positive Pri Reduced : 30...
Page 160: Smart Link-Track-Cfd Collaboration Configuration Example
[SwitchB-Vlan-interface2] display vrrp verbose IPv4 Virtual Router Information: Running Mode : Standard Total number of virtual routers : 1 Interface Vlan-interface2 VRID Adver Timer : 100 Admin Status : Up State : Master Config Pri : 100 Running Pri : 100 Preempt Mode : Yes Delay Time...
Page 161: Configuring Process Placement
Configuring process placement Overview Process placement enables placing processes to specific CPUs (also called "nodes") in your system for optimal distribution of CPU and memory resources. Process A process comprises a set of codes and provides specific functionality. For example, an AAA process provides AAA functions.
Page 162: Configuration Restrictions And Guidelines
Configuration restrictions and guidelines The system determines the location for each active process, and there is no need to optimize process placement. If optimization is needed, work with HP engineers to avoid service interruption. Process placement configuration task list Tasks at a glance...
Page 163: Configuring Process Placement Policy
Configuring process placement policy Configuring a location affinity Step Command Remarks Enter system view. system-view Use either command. Settings in default • Enter default placement process view: placement process view placement program default Enter placement process take effect for all •...
Page 164: Configuring A Process Affinity
Configuring a process affinity Step Command Remarks Enter system view. system-view • Enter default placement Use either command. process view: Settings in default placement placement program default process view take effect for all Enter placement process view. • Enter placement process view: processes.
Page 165: Displaying Process Placement
Step Command Remarks To keep the system stable, HP recommends not performing any Optimize process placement. placement reoptimize operation that requires process restart when you execute this command. Displaying process placement Execute display commands in any view. Task Command display placement policy program { program-name | all Display process placement policy information.
Page 166: Support And Other Resources
Related information Documents To find related documents, browse to the Manuals page of the HP Business Support Center website: http://www.hp.com/support/manuals For related documentation, navigate to the Networking section, and select a networking category. •...
Page 167: Conventions
Conventions This section describes the conventions used in this documentation set. Command conventions Convention Description Boldface Bold text represents commands and keywords that you enter literally as shown. Italic Italic text represents arguments that you replace with actual values. Square brackets enclose syntax choices (keywords or arguments) that are optional. Braces enclose a set of required syntax choices separated by vertical bars, from which { x | y | ...
Page 168 Network topology icons Represents a generic network device, such as a router, switch, or firewall. Represents a routing-capable device, such as a router or Layer 3 switch. Represents a generic switch, such as a Layer 2 or Layer 3 switch, or a router that supports Layer 2 forwarding and other Layer 2 features.
Page 169: Index
Index Numerics high availability VRRP, high availability VRRP load-sharing, high availability VRRP master/backup, N process redundancy, high availability VRRP virtual MAC address active virtual forwarder. Use assignment, advertising assigning high availability DLDP advertisement packet high availability IPv4 VRRP virtual IP address, send interval, high availability IPv6 VRRP virtual IP address, high availability DLDP advertisement timer,...
Page 170 high availability DLDP automatic unidirectional displaying, link shutdown, enabling, function configuration, high availability IPv4 VRRP operating mode high availability Smart Link-Track-CFD specification, collaboration, high availability VRRP virtual forwarder high availability Track/CFD association, weight/priority, linktrace function, 16, linktrace on MEP configuration, loopback function, 16, backing up loopback on MEP configuration,...
Page 171 high availability BFD control packet mode, high availability IPv6 VRRP multiple groups, high availability BFD echo packet mode, high availability IPv6 VRRP packet attribute, high availability CFD, 13, 16, high availability IPv6 VRRP router preemptive mode, high availability CFD basic settings, high availability IPv6 VRRP router priority, high availability CFD continuity check on MEP,...
Page 172 high availability Smart Link-Track-CFD high availability DLDP manual unidirectional link collaboration, shutdown, high availability static routing-Track-BFD high availability DLDP multiple neighbors collaboration, detection, high availability static routing-Track-NQA high availability DLDP single neighbor collaboration, detection, high availability Track, 125, 126, high availability Ethernet OAM connection detection timer, high availability Track BFD/VRRP backup master monitor,...
Page 173 high availability IPv4 VRRP router preemptive high availability VRRP-Track-NQA mode, collaboration, high availability IPv4 VRRP router priority, link detection protocol. Use DLDP high availability IPv4 VRRP router tracking, disabling high availability IPv4 VRRP single group high availability IPv4 VRRP group, configuration, high availability IPv6 VRRP group, high availability IPv6 VRRP configuration,...
Page 174 high availability VRRP master election, remote loopback configuration, enabling remote loopback on port, high availability CFD, remote loopback on specific port, high availability DLDP, remote loopback request rejection, high availability Ethernet OAM remote explicit rule (CFD MIP), loopback on port, high availability Ethernet OAM remote fast failure detection (BFD), 1 19...
Page 175 high availability Smart Link group role IPv4 VRRP multiple groups configuration, preemption, 45, IPv4 VRRP operating mode specification, IPv4 VRRP packet attribute, IPv4 VRRP router preemptive mode, hardware IPv4 VRRP router priority, high availability BFD configuration, 1 19 IPv4 VRRP router tracking, high availability IPv4 VRRP single group configuration, BFD configuration,...
Page 176 Smart Link flush message reception, 46, VRRP virtual forwarder, Smart Link flush message send, 45, VRRP virtual forwarder tracking, 82, Smart Link group, 41, VRRP virtual MAC address assignment, Smart Link group configuration (multiple/load VRRP-Track-interface management sharing), 52, collaboration, Smart Link group configuration (single), 47, VRRP-Track-NQA collaboration, Smart Link group member ports, 44, Smart Link group protected VLAN, 43,...
Page 177 high availability BFD supported, high availability Ethernet OAM configuration, 1, 4, IPv6 IS-IS high availability Ethernet OAM link monitoring high availability BFD supported, configuration, IPv6 PIM high availability Ethernet OAM monitoring, high availability BFD supported, high availability Ethernet OAM performance IPv6 VRRP monitoring, configuration, 84,...
Page 178 high availability IPv6 VRRP router tracking high availability IPv6 VRRP, function, high availability Smart Link, 47, high availability IPv6 VRRP virtual IP address maintenance assignment, association end point. See high availability VRRP load-balancing association intermediate point. See operating mode, high availability CFD continuity check on MEP, high availability VRRP operating mode, high availability CFD linktrace on MEP high availability VRRP virtual forwarder,...
Page 179 high availability Smart Link flush message high availability Smart Link-Track-CFD reception, 46, collaboration, high availability Smart Link flush message high availability static routing-Track-BFD send, 45, collaboration, high availability static routing-Track-NQA collaboration, high availability CFD, high availability Track application high availability CFD MIP auto-generation collaboration, rule, high availability Track BFD/VRRP backup master...
Page 180 high availability Ethernet OAM link monitoring high availability DLDP multiple neighbors configuration, detection, high availability Ethernet OAM link high availability DLDP single neighbor performance, detection, high availability Monitor Link high availability Ethernet OAM connection configuration, 62, 63, detection timer, multi-hop high availability Ethernet OAM errored frame event detection, high availability BFD control packet mode,...
Page 181 high availability IPv6 VRRP router tracking high availability Track/detection module function, association, high availability IPv6 VRRP virtual IP address high availability Track/interface management assignment, association, high availability Monitor Link group, high availability Track/NQA association, high availability Monitor Link group member high availability Track/policy-based routing interface, association,...
Page 182 high availability process placement high availability process placement, optimization, high availability process placement high availability process placement policy, optimization, high availability Smart Link OSPF configuration, 40, 40, 43, 43, 47, high availability BFD-supported, high availability Smart Link group configuration OSPFv3 (multiple/load sharing), 52, high availability BFD-supported, high availability Smart Link group configuration...
Page 183 high availability DLDP automatic unidirectional high availability IPv4 VRRP router priority, link shutdown, high availability IPv6 VRRP router priority, high availability DLDP configuration, 25, 29, high availability VRRP group router priority, high availability DLDP DelayDown timer, high availability VRRP virtual forwarder high availability DLDP manual unidirectional weight/priority, link shutdown,...
Page 184 configuring high availability CFD MIP configuring high availability IPv6 VRRP router auto-generation rules, preemptive mode, configuring high availability CFD service configuring high availability IPv6 VRRP router instance, priority, configuring high availability DLDP, 29, configuring high availability IPv6 VRRP router tracking function, configuring high availability DLDP authentication, configuring high availability IPv6 VRRP single...
Page 185 configuring high availability Smart Link group enabling high availability Smart Link flush message role preemption, 45, receiving, 46, configuring high availability Smart Link/Track enabling high availability Smart Link flush message collaboration, 46, 46, 56, sending, 45, configuring high availability Smart enabling high availability VRRP SNMP Link-Track-CFD collaboration, notification,...
Page 186 high availability Smart Link group protected high availability Smart Link preemption, 42, VLAN, 43, router high availability Smart Link load high availability IPv4 VRRP router preemptive sharing, 42, mode, protocols and standards high availability IPv4 VRRP router priority, high availability BFD, high availability IPv4 VRRP router tracking, high availability CFD, high availability IPv6 VRRP router preemptive...
Page 187 high availability CFD MIP explicit rule, associated device configuration, 46, collaboration, 42, configuration, 40, 40, 43, 43, 47, security device configuration, 43, high availability DLDP authentication, displaying, 47, high availability DLDP authentication modes, flush message, 41, high availability VRRP MD5 authentication, flush message reception enable, 46, high availability VRRP simple authentication, flush message send enable, 45,...
Page 188 high availability BFD supported static high availability DLDP advertisement, routing, high availability DLDP DelayDown, 26, static routing high availability DLDP echo, high availability static routing-Track-BFD high availability DLDP enhanced, collaboration, high availability DLDP entry, high availability static routing-Track-NQA high availability DLDP probe, collaboration, high availability DLDP recoverprobe, high availability Track/application module...
Page 189 Smart Link association, high availability Smart Link uplink traffic triggered MAC address learning, 42, Smart Link-Track-CFD collaboration configuration, high availability Track BFD/VRRP master uplink monitor, static routing association, static routing-Track-BFD collaboration configuration, version static routing-Track-NQA collaboration high availability IPv4 VRRP specification, configuration, virtual VRRP association,...
Page 190 configuration, group router priority, high availability Track BFD/VRRP backup master monitor, high availability Track BFD/VRRP master uplink monitor, high availability Track/application module collaboration, high availability Track/VRRP association, high availability VRRP-Track-interface management collaboration, high availability VRRP-Track-NQA collaboration, IPv4. See IPv4 VRRP IPv6.

This manual is also suitable for:

5920 series

HP 5900 Series Configuration Manual

Quick Links

High Availability

Configuration Guide

Related Manuals for HP 5900 Series

Summary of Contents for HP 5900 Series

This manual is also suitable for:

Table of Contents