When configuring cluster management, go to
these sections for information you are interested in:
l
Cluster Management Overview
l
Cluster Configuration Task
List
l
Configuring the Management
Device
l
Configuring the Member Devices
l
Configuring Access Between
the Management Device and Its Member Devices
l
Adding a Candidate Device
to a Cluster
l
Configuring Advanced Cluster
Functions
l
Displaying and Maintaining
Cluster Management
l
Cluster Management Configuration
Examples
1.1 Cluster Management Overview
A cluster is an aggregation of a group of
communication devices. Cluster management is to implement management of large
numbers of distributed network devices.
Cluster management is implemented through Huawei
Group Management Protocol version 2 (HGMPv2). By employing HGMPv2, a network
administrator can manage multiple devices using the public IP address of one
device in a cluster. The device that configured with a public address and
performs the management function is known as the management device and other
managed devices are called member devices, which together form a cluster. Figure 1-1 illustrates
a typical cluster implementation.
Figure 1-1 Network diagram for a cluster
Cluster
management offers the following advantages:
l
Saving public IP address resource
l
Simplifying configuration and management tasks. By
configuring a public IP address on the management device, you can configure and
manage a group of member devices on the management device without the trouble
of logging onto each device separately.
l
Providing topology discovery and display function,
which is useful for network monitoring and debugging
l
Allowing simultaneous software upgrading and
parameter configuring on multiple devices, free of topology and distance
limitations
1.1.2 Roles in a Cluster
The devices in a cluster play different
roles according to their different functions and status. You can specify the
role a device plays. The following three roles exist in a cluster: management
device, member device, and candidate device.
l
Management device: The device providing
management interfaces for all devices in the cluster and the only device configured
with a public IP address. Any configuration, management, and monitoring of the
member devices in a cluster can only be implemented through the management
device. When a device is specified as the management device, it collects Neighbor
Discovery Protocol (NDP) and Neighbor Topology Discovery Protocol (NTDP) information
to discover and define a candidate device.
l
Member device: The device being managed by the
management device in a cluster.
l
Candidate device: A device that does not belong
to any cluster but can be added to a cluster. Different from a member device,
its topology information has been collected by the management device but it has
not been added to the cluster.
Figure
1-2 Role change in a cluster
A device in a cluster changes its
role according to the following rules:
l
A candidate device becomes a management device
when you create a cluster on it. Note that a cluster must have one (and only
one) management device. On becoming a management device, the device collects
network topology information and tries to discover and determine candidate
devices, which can then be added to the cluster through configuration.
l
A candidate device becomes a member device after
being added to a cluster.
l
A member device becomes a candidate device after
it is removed from the cluster.
l
A management device becomes a candidate device
only after the cluster is removed.
HGMPv2 consists of the following three
protocols:
l
Neighbor Discovery Protocol (NDP)
l
Neighbor Topology Discovery Protocol (NTDP)
l
Cluster
A cluster configures and manages the
devices in it through the above three protocols.
Cluster management involves topology
information collection and the establishment and maintenance of a cluster.
Topology information collection and cluster maintenance are independent from
each other, with the former starting before the cluster is created:
l
All devices use NDP to collect the information
of the directly connected neighbors, including their software version, host
name, MAC address and port number.
l
The management device uses NTDP to collect the
information of the devices within user-specified hops and the topology
information of all devices and specify the candidate devices of the cluster.
l
The management device adds or deletes a member
device and modifies cluster management configuration according to the candidate
device information collected through NTDP.
NDP is used to discover the information
about directly connected neighbors, including the device name, software
version, and connecting port of the adjacent devices. NDP works in the
following ways:
l
A device running NDP periodically sends NDP
packets to its neighbors. An NDP packet carries NDP information (including the
device name, software version, and connecting port, etc.) and the holdtime, which
indicates how long the receiving devices will keep the NDP information. At the
same time, the device also receives but does not forward the NDP packets from
its neighbors.
l
A device running NDP stores and maintains an NDP
table. The device creates an entry in the NDP table for each neighbor. If a new
neighbor is found, meaning the device receives an NDP packet sent by the
neighbor for the first time, the device adds an entry in the NDP table. When
another NDP packet is received, if the NDP information carried in the NDP
packet is different from the stored information, the corresponding entry in the
NDP table is updated; otherwise, only the holdtime of the entry is updated. If
no NDP information from the neighbor is received within the holdtime, the
corresponding entry is removed from the NDP table.
NDP runs on the data link layer, and therefore
supports different network layer protocols.
NTDP is a
protocol used to collect network topology information. NTDP provides information
required for cluster management: it collects topology information about the devices
within the specified hop count, to identify candidate devices for a cluster.
Based on the neighbor information stored in
the neighbor table maintained by NDP, NTDP on the management device advertises
NTDP topology collection requests to collect the NDP information of each device
in a specific network range as well as the connection information of all its
neighbors. The information collected will be used by the management device or
the network management software to implement required functions.
When a member device detects a change on
its neighbors through its NDP table, it informs the management device through
handshake packets. Then the management device triggers its NTDP to perform
specific topology collection, so that its NTDP can discover topology changes
timely.
The management device collects topology
information periodically. You can also administratively launch a topology
information collection with commands. The process of topology information
collection is as follows:
l
The management device periodically sends NTDP
topology collection request from the NTDP-enabled ports.
l
Upon receiving the request, the device sends NTDP
topology collection response to the management device, copies this response
packet on the NTDP-enabled port and sends it to the adjacent device. Topology
collection response includes the basic information of the NDP-enabled device
and NDP information of all adjacent devices.
l
The adjacent device performs the same operation
until the NTDP topology collection request is sent to all the devices within
specified hops.
When the NTDP topology collection request
is advertised in the network, large numbers of network devices receive the NTDP
topology collection request and send NTDP topology collection response at the
same time, which may cause congestion and the management device busyness. To
avoid such case, the following methods can be used to control the speed of the NTDP
topology collection request advertisement:
l
Upon receiving an NTDP topology collection
request the device does not forward it, instead, it waits for a period of time
and then forwards the NTDP topology collection request on the first
NTDP-enabled port.
l
On the same device, except the first port, each
NTDP-enabled port waits for a period of time and then forwards the NTDP
topology collection request after the port before it sends the NTDP topology
collection request.
III. Cluster management
maintenance
1)
Adding a candidate device to a cluster
You should specify the management device
before creating a cluster. The management device discovers and defines a
candidate device through NDP and NTDP protocols. The candidate device can be
automatically or manually added to the cluster.
After the candidate device is added to the
cluster, it can obtain the member number assigned by the management device and
the private IP address used for cluster management.
2)
Communication within a cluster
In a cluster the management device communicates
with its member devices by sending handshake packets to maintain connection between
them. The management/member device state change is shown in Figure 1-3.
Figure 1-3 Management/member device
state change
l
After a cluster is created and a candidate
device is added to the cluster and becomes a member device, the management
device saves the state information of its member device and identifies it as
Active. And the member device also saves its state information and identifies
it as Active.
l
After a cluster is created, its member devices
begin to send handshake packets first. The management device also sends
handshake packets to the member devices at the same interval. Upon receiving
the handshake packets from the other side, the management device or member
device simply changes or remains its state as Active, without sending a
response.
l
If the management device does not receive the
handshake packets from a member device in an interval three times of the
interval to send handshake packets, it changes the status of the member device
from Active to Connect. Likewise, if a member device fails to receive the
handshake packets from the management device in an interval three times of the
interval to send handshake packets, the status of the member device will also
be changed from Active to Connect.
l
If this management device, in information
holdtime, receives the handshake or management packets from its member device
which is in Connect state, it changes the state of its member device to Active;
otherwise, it changes the state of its member device to Disconnect, in which
case the management device considers its member device disconnected. If this member
device, which is in Connect state, receives handshake or management packets from
the management device in information holdtime, it changes its state to Active;
otherwise, it changes its state to Disconnect.
l
If the communication between the management
device and a member device is recovered, the member device which is in
Disconnect state will be added to the cluster. After that, the state of the
member device locally and on the management device will be changed to Active.
Besides, the member
device informs the management device using handshake packets when there is a
neighbor topology change.
IV. Management VLAN
The management VLAN limits the cluster
management range. Through configuration of the management VLAN, the following
functions can be implemented:
l
Management packets (including NDP, NTDP and
handshake packets) are restricted within the management VLAN, therefore
isolated from other packets, which enhances security.
l
The management device and the member devices
communicate with each other through the management VLAN.
For a cluster to work normally, you must set
the packets from the management VLAN to pass the subtending ports (If a
candidate device is connected to the management device through another
candidate device, the ports connecting these two candidate devices are called
subtending ports.) and the ports connecting the management device and the
member/candidate devices. Therefore:
l
If the packets from the management VLAN cannot
pass a port, the device connected with the port cannot be added to the cluster.
Therefore, if the ports (including the subtending ports) connecting the management
device and the member/candidate devices prohibit the packets from the
management VLAN, you can set the packets from the management VLAN to pass the
ports on candidate devices with the management VLAN auto-negotiation function.
l
Only when the default VLAN ID of the subtending
ports and the ports connecting the management device and the member/candidate
devices is that of the management VLAN can you set the packets without tags from
the management VLAN to pass the ports; otherwise, only the packets with tags from
the management VLAN can pass the ports.
Refer to VLAN Configuration for the
introduction to VLAN.
Before configuring a cluster, you need to
determine the roles and functions the devices play. You also need to configure
the related functions, preparing for the communication between devices within
the cluster.
Complete these tasks to configure a cluster:
Caution:
Disabling the NDP
and NTDP functions on the management device and member devices after a cluster
is created will not cause the cluster to be dismissed, but will influence the
normal operation of the cluster.
1.3 Configuring the Management Device
1.3.1 Enabling NDP Globally and for Specific Ports
Follow these
steps to enable NDP globally and for specific ports:
|
To do…
|
Use the command…
|
Remarks
|
|
Enter
system view
|
system-view
|
—
|
|
Enable NDP
globally
|
ndp
enable
|
Optional
Enabled by
default.
|
|
Enable the NDP feature for the port(s)
|
In system view
|
ndp enable interfaceinterface-list
|
Use either command
By default, NDP is enabled globally and
also on all ports.
|
|
In Ethernet port view
|
interface interface-type interface-number
|
|
ndp enable
|
Caution:
l
For NDP to work normally, you must enable NDP
both globally and on the specified port.
l
If the subtending port or the port connecting
the management device to a member/candidate device is a port of a member in an
aggregation group, you must enable NDP on all member ports of the aggregation
group at the same time. Otherwise, NDP will work abnormally.
l
You are recommended to disable NDP on the port
which connects with the devices that do not need to join the cluster,
preventing the management device from adding the device which needs not to join
the cluster and collecting the topology information of this device.
1.3.2 Configuring NDP Parameters
Follow these steps to configure NDP
parameters:
|
To do…
|
Use the command…
|
Remarks
|
|
Enter system view
|
system-view
|
—
|
|
Configure the period for the receiving
devices to keep the NDP packets
|
ndp timer aging aging-time
|
Optional
180 seconds by
default.
|
|
Configure
the interval to send NDP packets
|
ndp
timer hello hello-time
|
Optional
60 seconds
by default.
|
Caution:
The time for the receiving device to hold
NDP packets cannot be shorter than the interval to send NDP packets;
otherwise, the NDP table may become instable.
Follow these steps to enable NTDP globally
and for specific ports:
|
To do…
|
Use the command…
|
Remarks
|
|
Enter system view
|
system-view
|
—
|
|
Enable NTDP globally
|
ntdp enable
|
Optional
Enabled by default
|
|
Enable NTDP for the port
|
interface interface-type interface-number
|
Optional
NTDP is enabled on all ports by default.
|
|
ntdp enable
|
Caution:
l
For NTDP to work normally, you must enable NTDP
both globally and on the specified port.
l
The NTDP function is mutually exclusive with the
BPDU TUNNEL function under a port and you cannot enable them at the same time.
For the detailed description of the BPDU TUNNEL function, refer to BPDU
TUNNEL Configuration.
l
If the subtending port or the port connecting
the management device to a member/candidate device is a port of a member in an
aggregation group, you must enable NDP on all member ports of the aggregation
group at the same time. Otherwise, NDP will work abnormally.
l
You are recommended to disable NDP on the port
which connects with the devices that do not need to join the cluster,
preventing the management device from adding the device which needs not to join
the cluster and collecting the topology information of this device.
1.3.4 Configuring NTDP Parameters
Follow these steps to configure NTDP
parameters:
|
To do…
|
Use the command…
|
Remarks
|
|
Enter system view
|
system-view
|
—
|
|
Configure the range within which topology
information is to be collected
|
ntdp hop hop-value
|
Optional
By default, the hop range for topology
collection is 3 hops.
|
|
Configure the interval to collect
topology information
|
ntdp timer interval-time
|
Optional
1 minute by default.
|
|
Configure the delay to forward
topology-collection request packets on the first port
|
ntdp timer hop-delay time
|
Optional
200 ms by default.
|
|
Configure the port delay to forward
topology collection request
|
ntdp timer port-delay time
|
Optional
20 ms by default.
|
1.3.5 Manually Collecting NTDP Information
The management
device collects topology information periodically after a cluster is created.
In addition, you can configure to manually collect NTDP information to initiate
NTDP information collection, thus managing and monitoring the device on real
time, regardless of whether a cluster is created.
Follow these steps to configure to manually
collect NTDP information:
|
To do…
|
Use the command…
|
Remarks
|
|
Manually collect NTDP information
|
ntdp explore
|
Required
|
|
To do…
|
Use the command…
|
Remarks
|
|
Enter system view
|
system-view
|
—
|
|
Enable the cluster function globally
|
cluster
enable
|
Optional
Enabled by default.
|
1.3.7 Establishing a Cluster
Before establishing a cluster, you need to configure a private IP
address pool for the devices to be added to the cluster. When a candidate
device is added to a cluster, the management device assigns a private IP
address to it for the candidate device to communicate with other devices in the
cluster. This enables you to manage and maintain member devices in a cluster
through the management device.
Caution:
l
If the routing table of the management device is
full when a cluster is created, that is, entries with the destination address
as a candidate device cannot be added to the routing table, all candidate
devices will be added to and removed from the cluster repeatedly.
l
If the routing table of a candidate device is
full when the candidate device is added to the cluster, that is, entries with
the destination address as the management device cannot be added to the routing
table, the candidate device will be added to and removed from the cluster repeatedly.
Caution:
l
You can only specify a management VLAN before
establishing a cluster. After a device has been added to the cluster, you
cannot modify the management VLAN. To change the management VLAN after the
cluster is established, you should remove the cluster on the management device,
re-specify the management VLAN and reestablish a cluster.
l
For the purpose of security, you are not
recommended to configure the VLAN ID of the management VLAN as the default VLAN
ID of the port connecting the management device to its member devices.
l
Only when the default VLAN ID of all subtending
ports and the port connecting the management device to its member device is that
of the management VLAN, can the packets without a tag from the management VLAN
pass the ports. Otherwise, you must configure the packets from the management
VLAN to pass these ports. For the configuration procedure, refer to VLAN
Configuration in the Access Volume.
l
You must configure the IP address pool before
establishing a cluster and configure it on the management device only. If a
cluster has already been established, you are not allowed to change the IP
address pool.
I. Manually establishing a cluster
Follow these steps to manually establish a
cluster:
|
To do…
|
Use the command…
|
Remarks
|
|
Enter system view
|
system-view
|
—
|
|
Specify the management VLAN
|
management-vlan vlan-id
|
Optional
By default, VLAN 1 is the management
VLAN.
|
|
Enter cluster view
|
cluster
|
—
|
|
Configure the private IP address range
for member devices on a device which is to be configured as the management
device
|
ip-pool administrator-ip-address
{ mask | mask-length }
|
Required
For a cluster to work normally, the IP
addresses of the VLAN interfaces of the management device and member devices
must not be in the same network segment as that of the cluster address pool.
|
|
Configure
the current device as the management device and assign a name to it
|
build name
|
Required
By
default, the device is not the management device.
|
II. Automatically establishing a
cluster
In addition to establishing a cluster
manually, you are also provided with the means to establish a cluster
automatically. With only a few commands (as shown in the table below) on the
management device, you can let the system automatically build a cluster.
During the process, you will first be asked
to enter a name for the cluster you want to establish, the system then lists all
the candidate devices within your predefined hop counts and starts to automatically
add them to the cluster.
You can use <Ctrl+C> anytime during the
adding process to exit cluster auto-building. However, this will only stop adding
new devices into the cluster, and devices already added in the cluster are not
removed.
Follow these steps to automatically establish
a cluster:
|
To do…
|
Use the command…
|
Remarks
|
|
Enter system view
|
system-view
|
—
|
|
Specify the management VLAN
|
management-vlan vlan-id
|
Optional
By default, VLAN 1 is the management
VLAN.
|
|
Enter cluster view
|
cluster
|
—
|
|
Configure the private IP address range
for member devices on a device which is to be configured as the management
device
|
ip-pool administrator-ip-address
{ mask | mask-length }
|
Required
For a cluster to work normally, the IP
addresses of the VLAN interfaces of the management device and member devices
must not be in the same network segment as the cluster address pool.
|
|
Establish a
cluster automatically
|
auto-build [ recover ]
|
Required
|
1.3.8 Configuring Communication Between the Management Device and the Member
Devices Within a Cluster
In a
cluster, the management device and member devices communicate by sending
handshake packets to maintain connection between them. You can configure
interval of sending handshake packets and the holdtime of a device on the management
device. This configuration applies to all member devices within the cluster.
Follow
these steps to configure communication between the management device and the member
devices within a cluster:
|
To do…
|
Use the command…
|
Remarks
|
|
Enter system view
|
system-view
|
—
|
|
Configure the interval to send handshake
packets
|
timer interval-time
|
Optional
10 seconds by default
|
|
Configure the holdtime of a device
|
holdtime seconds
|
Optional
60 seconds by default
|
1.3.9 Configuring the Destination MAC Address of Cluster Management Multicast Packets
By default, the destination MAC address of cluster
management multicast packets (including NDP, NTDP and HABP packets) is 010f-e200-0002
, which IEEE reserved for later use. Since some devices cannot forward the
multicast packets with the destination MAC address of 010f-e200-0002, cluster
management packets cannot traverse these devices. For a cluster to work
normally in this case, you can modify the destination MAC address of a cluster
management multicast packet without changing the current networking.
The management device periodically sends
MAC address negotiation broadcast packets to advertise the destination MAC
address of th
