- 产品与解决方案
- 行业解决方案
- 服务
- 支持
- 合作伙伴
- 新华三人才研学中心
- 关于我们
手册下载
H3C交换机IRF组网切换M-LAG组网指导书-6W100-整本手册.pdf (1.09 MB)
|
|
|
|
|
H3C交换机IRF组网切换M-LAG组网指导书 |
|
|
|
|
|
资料版本:6W100-20221230 |
Copyright © 2023 新华三技术有限公司及其许可者 版权所有,保留一切权利。
未经本公司书面许可,任何单位和个人不得擅自摘抄、复制本书内容的部分或全部,并不得以任何形式传播。
除新华三技术有限公司的商标外,本手册中出现的其它公司的商标、产品标识及商品名称,由各自权利人拥有。
由于产品版本升级或其他原因,本手册内容有可能变更。H3C保留在没有任何通知或者提示的情况下对本手册的内容进行修改的权利。本手册仅作为使用指导,H3C尽全力在本手册中提供准确的信息,但是H3C并不确保手册内容完全没有错误,本手册中的所有陈述、信息和建议也不构成任何明示或暗示的担保。
目 录
4.4 切换后的组网1(Spine与DCGW之间使用聚合口和静态路由举例)
4.5 切换后的组网2(Spine与DCGW之间使用三层直连口和动态路由举例)
4.7.2 切换组网2(Spine与DCGW之间是三层直连口)
5 EVPN VXLAN IRF组网切换M-LAG组网示例(VXLAN二层转发)
5.4.2 关闭TOR从设备物理接口,流量切换到主设备,IRF分裂
5.4.3 关闭EOR从设备物理接口,流量切换到主设备,IRF分裂
5.5.2 开启TOR从设备接口,关闭TOR主设备接口,使流量切换到从设备
5.5.3 开启EOR从设备接口,关闭EOR主设备接口,使流量切换到从设备
5.5.9 开启TOR主设备接口,完成M-LAG系统切换,流量负载分担到主、从设备
5.5.10 开启EOR主设备接口,完成M-LAG系统切换,流量负载分担到主、从设备
IRF(Intelligent Resilient Framework,智能弹性架构)是H3C自主研发的软件虚拟化技术。它的核心思想是将多台设备连接在一起,进行必要的配置后,虚拟化成一台设备。使用这种虚拟化技术可以集合多台设备的硬件资源和软件处理能力,实现多台设备的协同工作、统一管理和不间断维护。
M-LAG(Multichassis link aggregation,跨设备链路聚合)将两台物理设备在聚合层面虚拟成一台设备来实现跨设备链路聚合,从而提供设备级冗余保护和流量负载分担。
表1-1为IRF和M-LAG对比,组网可靠性要求高,升级过程要求业务中断时间短的场景推荐使用M-LAG。
表1-1 IRF和M-LAG对比
|
项目 |
IRF |
M-LAG |
|
控制面 |
· 所有成员设备控制面统一,集中管理 · 所有成员设备需要同步所有表项 |
· 两台独立设备,控制平面解耦 · 主要同步MAC/ARP表项 |
|
设备面 |
紧耦合 · 硬件要求:芯片架构相同,一般要求同系列 · 软件要求:必须相同版本 |
松耦合 · 硬件要求:支持不同型号 · 软件要求:支持不同版本(由于M-LAG的特性支持情况还在快速发展阶段,现阶段部分产品要求相同版本) |
|
版本升级 |
· 需要成员设备同步升级,或者主设备、从设备分开升级但操作较复杂 · 传统主备倒换升级(不使用ISSU)时业务中断时间30s以上;ISSU升级时业务中断时间2s左右 |
可独立升级,升级时业务中断时间小于1s 对于支持GIR(Graceful Insertion and Removal,平滑插入和移除)的版本,可以做到不中断。关于使用GIR进行M-LAG系统升级的更多介绍,请参见“H3C交换机M-LAG升级&替换&扩容指导” |
|
配置管理 |
统一配置,统一管理,操作简单 耦合度高,和控制器配合存在单点故障可能 |
独立配置,M-LAG系统会进行配置一致性检查,具体业务配置需要手工保证 独立管理,耦合度低,和控制器配合使用不存在单点故障,可靠性更高 |
GIR提供了一种设备隔离方案,适用于设备进行维护或升级的场景。通过GIR模式切换功能,可以一次下发多个业务模块的隔离命令,各业务协议模块会先将流量切换至冗余路径,再将设备置于维护模式,此时处于维护模式下的设备与其他设备之间网络隔离。当完成维护或者升级操作之后,将设备切换到普通模式,恢复流量的正常转发和处理。有关GIR功能的详细描述,请参见“基础配置指导”中的“GIR”。
|
适用场景 |
系列交换机 |
适用版本 |
|
数据中心 |
S12500X-AF/S12500G-AF/S12500F-AF |
建议使用各设备推荐版本,推荐版本请参见“H3C数据中心交换机M-LAG配置指导书”和“H3C园区交换机M-LAG配置指导书” |
|
S9820/S9850 |
||
|
S6800/S6812[S6813]/S6805/S6825/S6850/S6860/S6890/S6900 |
||
|
园区 |
S12500G-AF/S12500-XS |
|
|
S10500X |
||
|
S7600/S7600E-X/S7500X |
||
|
S6550XE-HI\S6525XE-HI |
如图2-1所示,IRF系统正常工作时,现网中的业务分为双归和单归接入。对于双归业务,由于切换过程中需要单个成员设备承载所有业务流量,因此在切换前需要评估单个成员设备的带宽能力是否满足需求。如果单个成员设备的带宽能力不能承载全部流量,需要评估是否可以将部分业务流量暂时迁移到其他设备,完成切换后再迁移回来。对于单归业务,如果业务对中断不敏感,可以先中断业务,将设备切换成M-LAG后,再恢复业务;如果业务对中断敏感,需要先将单归接入改造成双归接入,再按照本文描述的方式切换。
由于将IRF切换为M-LAG相当于将一台设备切换成两台设备,导致切换后M-LAG设备与上行设备之间的路由数量增加,可能造成切换后M-LAG设备的路由数量超过规格。如果出现这种情况,建议采用将M-LAG设备与上行设备之间的路由改造成静态路由的方法以减少路由数量。
设备配置M-LAG时,会占用一定数量的ACL资源,M-LAG接口越多,占用资源越多。如果ACL资源不足,请留意资源的告警信息并调整ACL资源以保证切换M-LAG能够成功。
如果IRF设备上存在跨成员设备的镜像、重定向等业务,由于IRF切换为M-LAG后,成员设备成为了独立的设备,会导致这些配置失效。如果IRF上存在跨成员设备的镜像、重定向等业务,需要重新规划流量模型并修改配置,将流量出接口和入接口配置在同一台设备上。
缺省情况下,IRF使用主设备的桥MAC作为IRF设备的桥MAC。如果使用irf mac-address persistent命令配置了IRF设备桥MAC保留时间,或者使用irf mac-address mac-address命令配置了IRF设备的桥MAC地址,则IRF分裂后,两台成员设备会继续使用分裂前的主设备的桥MAC地址或者配置的桥MAC地址,使两台成员设备具有相同的桥MAC地址,引起网络故障。因此进行IRF切换M-LAG前,需要配置undo irf mac-address persistent命令和undo irf mac-address命令,使IRF分裂后桥MAC立即变化为当前主设备的桥MAC地址。
建议进行如下配置,以便加快IRF切换M-LAG组网过程中网络的收敛时间。
· 将Keepalive口、M-LAG接口所属VLAN的VLAN接口、两台M-LAG设备之间的三层互联接口配置为M-LAG保留接口
· 一般情况下建议将M-LAG延迟恢复时间(m-lag restore-delay命令)配置为300秒,如果ARP/MAC表项规模较大,可以再酌情调大。框式设备的ARP表项接近48K规格时,延迟时间需要配置为900秒。
· 在设备存在大量MAC地址表项时,请通过mac-address timer aging命令增加MAC地址老化时间,建议配置MAC地址老化时间在20分钟以上。
· 先将IRF从设备切换为M-LAG设备,再将IRF主设备切换为M-LAG设备。如果先切换IRF主设备,IRF会进行主备倒换,过程中可能会出现丢包。
对于框式设备,配置M-LAG之前,需要先执行undo chassis convert mode命令将设备由IRF模式切换为独立运行模式。设备进行模式切换后接口索引会发生变化(包括VLAN接口、聚合接口、VSI接口等)。ADNET解决方案等涉及接口索引的应用请注意处理。对于盒式设备,删除IRF配置、进行M-LAG配置的过程中,如果没有删除过对应接口,则接口索引不会变。
本文以数据中心典型的Spine-Leaf架构来讲述切换过程。如图4-1所示:
· Spine、Leaf分别是由两台成员设备组成的IRF;
· 服务器通过跨IRF成员设备聚合链路接入Leaf设备;
· Leaf设备通过跨IRF成员设备聚合链路接入Spine设备;
· Spine设备通过跨IRF成员设备聚合链路连接DCGW;
· Spine设备作为服务器的网关,并配置静态路由与DCGW连接的外网互通。
现要求:
· 将Spine、Leaf由IRF设备切换为M-LAG系统;
· 服务器、Leaf、Spine、DCGW之间互联的跨IRF成员设备聚合链路切换为M-LAG接口,Spine和DCGW之间可以采用M-LAG接口连接,也可以采用三层接口和等价路由连接,推荐采用三层接口和等价路由方式;
· Spine设备仍然作为服务器的网关,并配置静态路由或动态路由与DCGW连接的外网互通;
· 切换收敛时间尽量快,以减少对业务的影响。
图4-1 IRF组网切换M-LAG组网示例图(切换前)
|
设备 |
接口 |
IP地址 |
对接设备及接口 |
|
Leaf(IRF) |
XGE1/0/1 |
- |
Server |
|
XGE1/0/45 |
- |
Spine:XGE1/0/1 |
|
|
XGE1/0/46 |
- |
Spine:XGE2/0/1 |
|
|
XGE1/0/47 |
- |
MAD检测物理接口 |
|
|
XGE1/0/48 |
- |
MAD检测物理接口 |
|
|
FGE1/0/49 |
- |
IRF物理接口 |
|
|
FGE1/0/50 |
- |
IRF物理接口 |
|
|
XGE2/0/1 |
- |
Server |
|
|
XGE2/0/45 |
- |
Spine:XGE1/0/2 |
|
|
XGE2/0/46 |
- |
Spine:XGE2/0/2 |
|
|
XGE2/0/47 |
|
MAD检测物理接口 |
|
|
XGE2/0/48 |
|
MAD检测物理接口 |
|
|
FGE2/0/49 |
- |
IRF物理接口 |
|
|
FGE2/0/50 |
- |
IRF物理接口 |
|
|
BAGG1 |
- |
BAGG2 MAD检测逻辑接口 |
|
|
BAGG2 |
- |
BAGG1 MAD检测逻辑接口 |
|
|
BAGG200 |
- |
Spine:BAGG200 |
|
|
BAGG701 |
- |
Server |
|
|
Vlan-int4094 |
Member1: 1.1.1.1/30 Member2: 1.1.1.2/30 |
MAD检测VLAN接口 |
|
|
Spine(IRF) |
XGE1/0/1 |
- |
Leaf:XGE1/0/45 |
|
XGE1/0/2 |
- |
Leaf:XGE2/0/45 |
|
|
XGE1/0/45 |
- |
DCGW:XGE2/1/5 |
|
|
XGE1/0/47 |
|
MAD检测物理接口 |
|
|
XGE1/0/48 |
|
MAD检测物理接口 |
|
|
FGE1/0/49 |
- |
IRF物理接口 |
|
|
FGE1/0/50 |
- |
IRF物理接口 |
|
|
XGE2/0/1 |
- |
Leaf:XGE1/0/46 |
|
|
XGE2/0/2 |
- |
Leaf:XGE2/0/46 |
|
|
XGE2/0/45 |
- |
DCGW:XGE2/1/6 |
|
|
XGE2/0/47 |
|
MAD检测物理接口 |
|
|
XGE2/0/48 |
|
MAD检测物理接口 |
|
|
FGE2/0/49 |
- |
IRF物理接口 |
|
|
FGE2/0/50 |
- |
IRF物理接口 |
|
|
BAGG1 |
- |
BAGG2 MAD检测逻辑接口 |
|
|
BAGG2 |
- |
BAGG1 MAD检测逻辑接口 |
|
|
BAGG200 |
- |
Leaf:BAGG200 |
|
|
BAGG201 |
- |
DCGW |
|
|
Vlan-int11 |
19.1.128.254/24 |
Server的网关 |
|
|
Vlan-int40 |
19.1.32.44/29 |
DCGW:19.1.32.41/29 与DCGW建立路由 |
|
|
Vlan-int4094 |
member 1: 192.168.1.1/24 member 2: 192.168.1.2/24 |
MAD检测VLAN接口 |
· Leaf
#
vlan 11 4094
#
irf-port 1/1
port group interface FortyGigE1/0/49
port group interface FortyGigE1/0/50
#
irf-port 2/2
port group interface FortyGigE2/0/49
port group interface FortyGigE2/0/50
#
interface Bridge-Aggregation1
description MAD-BFD
port access vlan 4094
undo stp enable
#
interface Bridge-Aggregation2
description MAD-BFD
port access vlan 4094
undo stp enable
#
interface Bridge-Aggregation200
description ToSpine
port link-type trunk
undo port trunk permit vlan 1
port trunk permit vlan 11
link-aggregation mode dynamic
#
interface Bridge-Aggregation701
description ToServer
port access vlan 11
link-aggregation mode dynamic
#
interface Vlan-interface4094
description For-MAD
mad bfd enable
mad ip address 1.1.1.1 255.255.255.252 member 1
mad ip address 1.1.1.2 255.255.255.252 member 2
#
interface Ten-GigabitEthernet1/0/1
port link-mode bridge
port access vlan 11
port link-aggregation group 701
#
interface Ten-GigabitEthernet1/0/45
port link-mode bridge
port link-type trunk
undo port trunk permit vlan 1
port trunk permit vlan 11
port link-aggregation group 200
#
interface Ten-GigabitEthernet1/0/46
port link-mode bridge
port link-type trunk
undo port trunk permit vlan 1
port trunk permit vlan 11
port link-aggregation group 200
#
interface Ten-GigabitEthernet1/0/47
port link-mode bridge
port access vlan 4094
port link-aggregation group 1
#
interface Ten-GigabitEthernet1/0/48
port link-mode bridge
port access vlan 4094
port link-aggregation group 1
#
interface FortyGigE1/0/49
#
interface FortyGigE1/0/50
#
interface Ten-GigabitEthernet2/0/1
port link-mode bridge
port access vlan 11
port link-aggregation group 701
#
interface Ten-GigabitEthernet2/0/45
port link-mode bridge
port link-type trunk
undo port trunk permit vlan 1
port trunk permit vlan 11
port link-aggregation group 200
#
interface Ten-GigabitEthernet2/0/46
port link-mode bridge
port link-type trunk
undo port trunk permit vlan 1
port trunk permit vlan 11
port link-aggregation group 200
#
interface Ten-GigabitEthernet2/0/47
port link-mode bridge
port access vlan 4094
port link-aggregation group 2
#
interface Ten-GigabitEthernet2/0/48
port link-mode bridge
port access vlan 4094
port link-aggregation group 2
#
interface FortyGigE2/0/49
#
interface FortyGigE2/0/50
#
· Spine
#
vlan 11 40 4094
#
irf-port 1/1
port group interface FortyGigE1/0/49
port group interface FortyGigE1/0/50
#
irf-port 2/2
port group interface FortyGigE2/0/49
port group interface FortyGigE2/0/50
#
interface Bridge-Aggregation1
port access vlan 4094
undo stp enable
#
interface Bridge-Aggregation2
port access vlan 4094
undo stp enable
#
interface Bridge-Aggregation200
description ToLeaf
port link-type trunk
undo port trunk permit vlan 1
port trunk permit vlan 11
link-aggregation mode dynamic
#
interface Bridge-Aggregation201
description ToDCGW
port link-type trunk
undo port trunk permit vlan 1
port trunk permit vlan 40
link-aggregation mode dynamic
#
interface Vlan-interface11
description ServerGW
ip address 19.1.128.254 255.255.255.0
#
interface Vlan-interface40
description ToDCGW
ip address 19.1.32.44 255.255.255.248
#
interface Vlan-interface4094
description For-MAD
mad bfd enable
mad ip address 192.168.1.1 255.255.255.0 member 1
mad ip address 192.168.1.2 255.255.255.0 member 2
#
interface Ten-GigabitEthernet1/0/1
port link-mode bridge
description ToLeaf1-1
port link-type trunk
undo port trunk permit vlan 1
port trunk permit vlan 11
port link-aggregation group 200
#
interface Ten-GigabitEthernet1/0/2
port link-mode bridge
description ToLeaf1-2
port link-type trunk
undo port trunk permit vlan 1
port trunk permit vlan 11
port link-aggregation group 200
#
interface Ten-GigabitEthernet1/0/45
port link-mode bridge
description ToDCGW
port link-type trunk
undo port trunk permit vlan 1
port trunk permit vlan 40
port link-aggregation group 201
#
interface Ten-GigabitEthernet1/0/47
port link-mode bridge
port access vlan 4094
port link-aggregation group 1
#
interface Ten-GigabitEthernet1/0/48
port link-mode bridge
port access vlan 4094
port link-aggregation group 1
#
interface FortyGigE1/0/49
#
interface FortyGigE1/0/50
#
interface Ten-GigabitEthernet2/0/1
port link-mode bridge
description ToLeaf1-1
port link-type trunk
undo port trunk permit vlan 1
port trunk permit vlan 11
port link-aggregation group 200
#
interface Ten-GigabitEthernet2/0/2
port link-mode bridge
description ToLeaf1-2
port link-type trunk
undo port trunk permit vlan 1
port trunk permit vlan 11
port link-aggregation group 200
#
interface Ten-GigabitEthernet2/0/45
port link-mode bridge
description ToDCGW
port link-type trunk
undo port trunk permit vlan 1
port trunk permit vlan 40
port link-aggregation group 201
#
interface Ten-GigabitEthernet2/0/47
port link-mode bridge
port access vlan 4094
port link-aggregation group 2
#
interface Ten-GigabitEthernet2/0/48
port link-mode bridge
port access vlan 4094
port link-aggregation group 2
#
interface FortyGigE2/0/49
#
interface FortyGigE2/0/50
#
ip route-static 19.1.129.0 24 Vlan-interface40 19.1.32.41 description To-DCGW /*去往DCGW的路由出接口为Vlan-int40,下一跳地址为DCGW的Route-Aggregation201.40的地址*/
#
· DCGW
#
interface Route-Aggregation201.40
description ToSpine
ip address 19.1.32.41 255.255.255.248
vlan-type dot1q vid 40
#
interface Ten-GigabitEthernet2/1/5
port link-mode route
description ToSpine1-1
port link-aggregation group 201
#
interface Ten-GigabitEthernet2/1/6
port link-mode route
description ToSpine1-2
port link-aggregation group 201
#
ip route-static 19.1.128.0 24 Route-Aggregation201.40 19.1.32.44 /*去往Server的路由出接口为Route-Aggregation201.40,下一跳地址为Spine的Vlan-int40的地址*/
#
切换前请先准备好如下配置,以便切换过程中快速下发配置。
· M-LAG系统配置,通过配置角色优先级确定设备主、从关系。
· IRF物理链路修改为peer-link链路,peer-link链路允许所有VLAN通过。
· 跨IRF成员设备的聚合接口修改为M-LAG接口M-LAG接口关闭STP功能。
· 两台M-LAG设备间配置Keepalive链路,可以使用MAD检测链路作为Keepalive链路。
切换操作过程如下:
(1) 手动关闭IRF从设备上所有业务相关的物理端口,将流量切换到主设备,再关闭IRF物理端口。
(2) 从设备配置M-LAG。
(3) 开启从设备的接口,关闭主设备接口,使流量切换到从设备。
(4) 主设备配置M-LAG。
(5) 开启主设备接口,完成M-LAG系统切换,流量负载分担到主从设备。
切换前请先准备好如下配置,以便切换过程中快速下发配置。
· M-LAG系统配置,通过配置角色优先级确定设备主、从关系。
· IRF物理链路修改为peer-link链路,peer-link链路允许所有VLAN通过。
· 跨IRF成员设备的聚合接口修改为M-LAG接口。M-LAG接口关闭STP功能。
· 两台M-LAG设备间配置Keepalive链路,可以使用MAD检测链路作为Keepalive链路。
· 由于IRF切换为M-LAG后,组网中的逻辑设备由一台变成两台,因此涉及为M-LAG接口上的业务做三层转发的接口均需要配置VLAN双活网关或者VRRP,本文以VRRP为例。VRRP配置不抢占模式。由于VRRP配置至少需要3个地址(主设备三层接口地址、从设备三层接口地址、VRRP虚拟IP地址),所以可能需要调整网段和IP地址的设计。建议VRRP虚拟IP地址配置为切换前三层接口的IP地址。
· IRF设备配置了动态路由时,IRF切换M-LAG后,组成IRF的两台设备成为独立设备,切换前IRF设备上配置的Router ID出现冲突,重新配置路由协议Router ID,并重启路由进程。
· 使用动态路由实现M-LAG设备与上行设备的路由互通时,M-LAG主、从设备之间需要建立三层路由,打通主、从设备的三层互联,用于上游链路故障的业务保护,以及M-LAG故障时的业务保护。并且需要确保上行设备到M-LAG系统的两台设备之间至少各存在一条等价路由。
切换操作过程如下:
(1) 手动关闭IRF从设备上所有业务相关的物理端口,流量切换到主设备,再关闭IRF物理端口。
(2) 从设备配置M-LAG。
除了进行M-LAG的配置,也要为三层接口配置VRRP。
(3) 开启从设备的接口,关闭主设备接口,使流量切换到从设备。
完成流量切换后,配置从设备与主设备之间建立三层路由。
(4) 主设备配置M-LAG。
除了进行M-LAG的配置,也要为三层接口配置VRRP。
(5) 开启主设备接口,完成M-LAG系统切换,流量负载分担到主从设备。
完成流量切换后,配置主设备与从设备之间建立三层路由。
Leaf设备的切换要点如下:
· Leaf设备由IRF组网切换为M-LAG组网。
· 原IRF物理端口切换为peer-link链路。
· 原MAD检测物理链路作为Keepalive链路。
· 连接服务器和上行设备的跨IRF成员设备聚合接口切换为M-LAG接口。
Spine设备的切换要点如下:
· Spine设备由IRF组网切换为M-LAG组网。
· 原IRF物理端口切换为peer-link链路。
· 原MAD检测物理链路作为Keepalive链路。
· 连接上下行设备的跨IRF成员设备聚合接口切换为M-LAG接口。
· M-LAG接口上需要使能三层接口的,均需要配置VRRP,VRRP配置不抢占模式。
· M-LAG主、从设备之间建立三层路由,打通主、从设备的三层互联,用于上游链路故障的业务保护,以及M-LAG故障时的业务保护。
· IRF切换M-LAG后,组成IRF的两台设备成为独立设备,切换前三层接口的IP地址出现冲突,需重新配置IP地址。
图4-2 IRF组网切换M-LAG组网示例图(切换后)
|
设备 |
接口 |
IP地址 |
对接设备及接口 |
|
Leaf1-1 |
XGE1/0/1 |
- |
Server |
|
XGE1/0/45 |
- |
Spine1-1:XGE1/0/1 |
|
|
XGE1/0/46 |
- |
Spine1-2:XGE2/0/1 |
|
|
XGE1/0/47 |
|
Keepalive物理接口 |
|
|
XGE1/0/48 |
|
Keepalive物理接口 |
|
|
FGE1/0/49 |
- |
Peer-link链路物理接口 |
|
|
FGE1/0/50 |
- |
Peer-link链路物理接口 |
|
|
BAGG1 |
- |
Peer-link链路二层聚合口 |
|
|
RAGG1 |
1.1.1.1/30 |
Keepalive三层聚合口 |
|
|
BAGG200 |
- |
Spine:BAGG200 |
|
|
BAGG701 |
- |
Server |
|
|
Leaf1-2 |
XGE2/0/1 |
- |
Server |
|
XGE2/0/45 |
- |
Spine1-1:XGE1/0/2 |
|
|
XGE2/0/46 |
- |
Spine1-2:XGE2/0/2 |
|
|
XGE2/0/47 |
|
Keepalive物理接口 |
|
|
XGE2/0/48 |
|
Keepalive物理接口 |
|
|
FGE2/0/49 |
- |
Peer-link链路物理接口 |
|
|
FGE2/0/50 |
- |
Peer-link链路物理接口 |
|
|
BAGG1 |
- |
Peer-link链路二层聚合口 |
|
|
RAGG1 |
1.1.1.2/30 |
Keepalive三层聚合口 |
|
|
BAGG200 |
- |
Spine:BAGG200 |
|
|
BAGG701 |
- |
Server |
|
|
Spine1-1 |
XGE1/0/1 |
- |
Leaf1-1:XGE1/0/45 |
|
XGE1/0/2 |
- |
Leaf1-2:XGE2/0/45 |
|
|
XGE1/0/45 |
- |
DCGW:XGE2/1/5 |
|
|
XGE1/0/47 |
|
Keepalive物理接口 |
|
|
XGE1/0/48 |
|
Keepalive物理接口 |
|
|
FortyGigE1/0/49 |
- |
Peer-link链路物理接口 |
|
|
FortyGigE1/0/50 |
- |
Peer-link链路物理接口 |
|
|
BAGG1 |
- |
Peer-link链路二层聚合口 |
|
|
RAGG1 |
192.168.1.1/30 |
Keepalive三层聚合口 |
|
|
BAGG200 |
- |
Leaf:BAGG200 |
|
|
BAGG201 |
- |
DCGW |
|
|
Vlan-interface11 |
IP: 19.1.128.252/24 VRRP virtual-ip: 19.1.128.254 |
Server的网关 |
|
|
Vlan-interface40 |
IP: 19.1.32.42/29 VRRP virtual-ip: 19.1.32.44 |
DCGW:19.1.32.41/29 |
|
|
Vlan-interface4094 |
192.168.1.5/30 |
切换前MAD检测VLAN接口 切换后,M-LAG设备与上行设备配置动态路由互通时,可作为M-LAG设备间三层互通接口 |
|
|
Spine1-2 |
XGE2/0/1 |
- |
Leaf1-1:XGE1/0/46 |
|
XGE2/0/2 |
- |
Leaf1-2:XGE2/0/46 |
|
|
XGE2/0/45 |
- |
DCGW:XGE2/1/6 |
|
|
XGE2/0/47 |
- |
Keepalive物理接口 |
|
|
XGE2/0/48 |
- |
Keepalive物理接口 |
|
|
FGE2/0/49 |
- |
Peer-link链路物理接口 |
|
|
FGE2/0/50 |
- |
Peer-link链路物理接口 |
|
|
BAGG1 |
- |
Peer-link链路二层聚合口 |
|
|
RAGG1 |
192.168.1.2/30 |
Keepalive三层聚合口 |
|
|
BAGG200 |
- |
Leaf:BAGG200 |
|
|
BAGG201 |
- |
DCGW |
|
|
Vlan-interface11 |
IP:19.1.128.253/24 VRRP virtual-ip:19.1.128.254 |
Server的网关 |
|
|
Vlan-interface40 |
IP:19.1.32.43/29 VRRP virtual-ip:19.1.32.44 |
DCGW:19.1.32.41/29 |
|
|
Vlan-interface4094 |
192.168.1.6/30 |
切换前MAD检测VLAN接口 切换后,M-LAG设备与上行设备配置动态路由互通时,可作为M-LAG设备间三层互通接口 |
(1) 关闭IRF从设备所有业务物理接口(除了IRF物理接口),流量切换到主设备
(2) 从设备配置M-LAG
(4) 主设备配置M-LAG
(5) 开启主设备接口,完成M-LAG系统切换,流量负载分担到主、从设备
请提前准备好配置,并快速下发切换配置以便减少收敛时间。
(1) 关闭从设备所有业务物理接口和BFD MAD物理接口(即除了IRF物理接口外的物理接口),使流量切换到主设备。
[IRF] interface range ten-gigabitethernet 2/0/1 ten-gigabitethernet 2/0/45 to ten-gigabitethernet 2/0/48
[IRF-if-range] shutdown
[IRF-if-range] quit
(2) 主设备关闭IRF物理接口,IRF分裂。
[IRF] interface range fortygige 1/0/49 fortygige 1/0/50
[IRF-if-range] shutdown
[IRF-if-range] quit
请严格按建议顺序操作,否则从设备可能进入MAD DOWN状态,过程中涉及接口先开启再关闭可能导致丢包。
框式设备需要先切换到独立运行模式并重启设备使模式切换生效后,在独立运行模式下进行M-LAG配置。
(1) 配置IRF设备桥MAC恢复缺省情况,配置IRF桥MAC不保留,避免分裂后的两台设备具有相同MAC导致网络故障。
# 配置IRF桥MAC不保留。
[Leaf1-2] undo irf mac-address persistent
# 配置IRF设备桥MAC恢复缺省情况。
[Leaf1-2] undo irf mac-address
(2) M-LAG系统配置。
# 配置延迟恢复定时器超时时间为300秒。
[Leaf1-2] m-lag restore-delay 300
# 配置M-LAG设备的角色优先级为100,使本设备作为M-LAG系统主设备。
[Leaf1-2] m-lag role priority 100
建议将IRF的主设备设置为M-LAG的从设备、将IRF的从设备设置为M-LAG的主设备,否则M-LAG系统形成后会出现实际生效的角色和配置角色不一致,概率出现角色切换,切换过程中有50秒左右丢包。
# 配置M-LAG系统MAC地址(同一M-LAG系统的两台M-LAG设备需要配置相同的系统MAC)。
[Leaf1-2] m-lag system-mac 0002-0002-0002
# 配置M-LAG系统编号(同一M-LAG系统的两台M-LAG设备需要配置不同的系统编号)。
[Leaf1-2] m-lag system-number 2
# 配置M-LAG系统优先级(同一M-LAG系统的两台M-LAG设备需要配置相同的系统优先级)。
[Leaf1-2] m-lag system-priority 123
# 配置Keepalive报文的目的IPv4地址为1.1.1.1,源IPv4地址为1.1.1.2。
[Leaf1-2] m-lag keepalive ip destination 1.1.1.1 source 1.1.1.2
# 配置从设备重启后的自动恢复时间。否则仅一台M-LAG设备启动后,缺省情况下,该设备处于None角色,所有M-LAG接口处于M-LAG DOWN状态。此时用户流量无法通过M-LAG接口转发。
m-lag auto-recovery reload-delay 240
(3) 配置M-LAG接口。
# 配置连接Spine的聚合接口200和连接服务器的聚合接口701加入M-LAG组。关闭M-LAG接口的STP功能。
[Leaf1-2] interface bridge-aggregation 200
[Leaf1-2-Bridge-Aggregation200] port m-lag group 200
[Leaf1-2-Bridge-Aggregation200] undo stp enable
[Leaf1-2-Bridge-Aggregation200] quit
[Leaf1-2] interface bridge-aggregation 701
[Leaf1-2-Bridge-Aggregation701] port m-lag group 701
[Leaf1-2-Bridge-Aggregation701] undo stp enable
[Leaf1-2-Bridge-Aggregation701] quit
(4) 配置peer-link链路。
# 删除切换前IRF设备上用于MAD检测的二层聚合接口1和2,重新创建二层聚合接口1作为peer-link接口使用。
[Leaf1-2] undo interface bridge-aggregation 1
[Leaf1-2] undo interface bridge-aggregation 2
[Leaf1-2] interface bridge-aggregation 1
# 配置IRF物理接口FortyGigE2/0/49和FortyGigE2/0/50取消与IRF接口绑定,并加入聚合组1作为peer-link链路物理接口。
[Leaf1-2] interface range fortygige 2/0/49 fortygige 2/0/50
[Leaf1-2-if-range] shutdown
[Leaf1-2-if-range] quit
[Leaf1-2] irf-port 2/2
[Leaf1-2-irf-port2/2] undo port group interface fortygige 2/0/49
[Leaf1-2-irf-port2/2] undo port group interface fortygige 2/0/50
[Leaf1-2-irf-port2/2] quit
[Leaf1-2] interface range fortygige 2/0/49 fortygige 2/0/50
[Leaf1-2-if-range] port link-aggregation group 1
[Leaf1-2-if-range] quit
# 配置二层聚合接口1作为peer-link接口。
[Leaf1-2] interface Bridge-Aggregation 1
[Leaf1-2-Bridge-Aggregation1] port link-type trunk
[Leaf1-2-Bridge-Aggregation1] port trunk permit vlan all
[Leaf1-2-Bridge-Aggregation1] link-aggregation mode dynamic
[Leaf1-2-Bridge-Aggregation1] port m-lag peer-link 1
[Leaf1-2-Bridge-Aggregation1] quit
(5) 配置Keepalive链路。
# 删除切换前IRF设备上用于MAD检测的VLAN接口4094,创建三层聚合接口1作为Keepalive接口。
[Leaf1-2] undo interface vlan-interface 4094
[Leaf1-2] interface route-aggregation 1
[Leaf1-2-Route-Aggregation1] quit
# 配置物理接口Ten-GigabitEthernet2/0/47 Ten-GigabitEthernet2/0/48加入三层聚合组1作为Keepalive链路物理接口。
[Leaf1-2] interface range ten-gigabitethernet 2/0/47 ten-gigabitethernet 2/0/48
[Leaf1-2-if-range] port link-mode route
[Leaf1-2-if-range] port link-aggregation group 1
[Leaf1-2-if-range] quit
# 配置三层聚合接口1作为Keepalive接口,并配置IP地址。
[Leaf1-2] interface route-aggregation 1
[Leaf1-2-Route-Aggregation1] link-aggregation mode dynamic
[Leaf1-2-Route-Aggregation1] ip address 1.1.1.2 255.255.255.0
[Leaf1-2-Route-Aggregation1] quit
(6) 配置Keepalive链路接口及其物理接口为保留接口。
[Leaf1-2] m-lag mad exclude interface route-aggregation 1
[Leaf1-2] m-lag mad exclude interface ten-gigabitethernet 2/0/47
[Leaf1-2] m-lag mad exclude interface ten-gigabitethernet 2/0/48
在从设备接口执行undo shutdown命令开启接口,M-LAG接口UP后,马上在主设备接口执行shutdown命令关闭接口,以减少流量中断时间。
# 从设备所有业务物理接口和逻辑接口(包括peer-link物理接口和逻辑接口、Keepalive物理接口和逻辑接口、M-LAG接口和成员端口)执行undo shutdown命令开启接口。
[Leaf1-2] interface range ten-gigabitethernet 2/0/1 ten-gigabitethernet 2/0/45 to ten-gigabitethernet 2/0/48 fortygige 2/0/49 fortygige 2/0/50 bridge-aggregation 200 bridge-aggregation 701 bridge-aggregation 1 route-aggregation 1
[Leaf1-2-if-range] undo shutdown
[Leaf1-2-if-range] quit
# 主设备所有业务物理接口和BFD MAD物理接口执行shutdown命令关闭接口。
[Leaf1-1] interface range ten-gigabitethernet 1/0/1 ten-gigabitethernet 1/0/45 to ten-gigabitethernet 1/0/48
[Leaf1-1-if-range] shutdown
[Leaf1-1-if-range] quit
框式设备需要先切换到独立运行模式并重启设备使模式切换生效后,在独立运行模式下进行M-LAG配置。
(1) 配置IRF设备桥MAC恢复缺省情况,配置IRF桥MAC不保留,避免分裂后的两台设备具有相同MAC导致网络故障。
# 配置IRF桥MAC不保留。
[Leaf1-1] undo irf mac-address persistent
# 配置IRF设备桥MAC恢复缺省情况。
[Leaf1-1] undo irf mac-address
(2) M-LAG系统配置。
# 配置延迟恢复定时器超时时间为300秒。
[Leaf1-1] m-lag restore-delay 300
# 配置M-LAG系统MAC地址(同一M-LAG系统的两台M-LAG设备需要配置相同的系统MAC)。
[Leaf1-1] m-lag system-mac 0002-0002-0002
# 配置M-LAG系统编号(同一M-LAG系统的两台M-LAG设备需要配置不同的系统编号)。
[Leaf1-1] m-lag system-number 1
# 配置M-LAG系统优先级(同一M-LAG系统的两台M-LAG设备需要配置相同的系统优先级)。
[Leaf1-1] m-lag system-priority 123
# 配置Keepalive报文的目的IPv4地址为1.1.1.2,源IPv4地址为1.1.1.1。
[Leaf1-1] m-lag keepalive ip destination 1.1.1.2 source 1.1.1.1
(3) 配置M-LAG接口。
# 配置连接Spine的聚合接口200和连接服务器的聚合接口701加入M-LAG组。关闭M-LAG接口的STP功能。
[Leaf1-1] interface Bridge-Aggregation 200
[Leaf1-1-Bridge-Aggregation200] port m-lag group 200
[Leaf1-1-Bridge-Aggregation200] undo stp enable
[Leaf1-1-Bridge-Aggregation200] quit
[Leaf1-1] interface Bridge-Aggregation 701
[Leaf1-1-Bridge-Aggregation701] port m-lag group 701
[Leaf1-1-Bridge-Aggregation701] undo stp enable
[Leaf1-1-Bridge-Aggregation701] quit
(4) 配置peer-link接口。
# 删除切换前IRF设备上用于MAD检测的二层聚合接口1和2,重新创建二层聚合接口1作为peer-link接口使用。
[Leaf1-1] undo interface bridge-aggregation 1
[Leaf1-1] undo interface bridge-aggregation 2
[Leaf1-1] interface bridge-aggregation 1
# 配置IRF物理接口FortyGigE1/0/49 和FortyGigE1/0/50取消与IRF接口绑定,并加入聚合组1作为peer-link链路物理接口。
[Leaf1-1] irf-port 1/1
[Leaf1-1-irf-port1/1] undo port group interface fortygige 1/0/49
[Leaf1-1-irf-port1/1] undo port group interface fortygige 1/0/50
[Leaf1-1-irf-port1/1] quit
[Leaf1-1] interface range fortygige 1/0/49 fortygige 1/0/50
[Leaf1-1-if-range] port link-aggregation group 1
[Leaf1-1-if-range] quit
# 配置二层聚合接口1作为peer-link接口。
[Leaf1-1] interface bridge-aggregation 1
[Leaf1-1-Bridge-Aggregation1] port link-type trunk
[Leaf1-1-Bridge-Aggregation1] port trunk permit vlan all
[Leaf1-1-Bridge-Aggregation1] link-aggregation mode dynamic
[Leaf1-1-Bridge-Aggregation1] port m-lag peer-link 1
[Leaf1-1-Bridge-Aggregation1] quit
(5) 配置Keepalive链路接口。
# 删除切换前IRF设备上用于MAD检测的VLAN接口4094,创建三层聚合接口1作为Keepalive接口。
[Leaf1-1] undo interface Vlan-interface4094
[Leaf1-1] interface route-aggregation 1
# 配置物理接口Ten-GigabitEthernet1/0/47 Ten-GigabitEthernet1/0/48加入三层聚合组1作为Keepalive链路物理接口。
[Leaf1-1] interface range ten-gigabitethernet 1/0/47 ten-gigabitethernet 1/0/48
[Leaf1-1-if-range] port link-mode route
[Leaf1-1-if-range] port link-aggregation group 1
[Leaf1-1-if-range] quit
# 配置三层聚合接口1作为Keepalive接口,并配置IP地址。
[Leaf1-1] interface route-aggregation1
[Leaf1-1-Route-Aggregation1] link-aggregation mode dynamic
[Leaf1-1-Route-Aggregation1] ip address 1.1.1.1 255.255.255.0
[Leaf1-1-Route-Aggregation1] quit
(6) 配置Keepalive链路接口及其物理接口为保留接口。
[Leaf1-1] m-lag mad exclude interface route-aggregation 1
[Leaf1-1] m-lag mad exclude interface ten-gigabitethernet 1/0/47
[Leaf1-1] m-lag mad exclude interface ten-gigabitethernet 1/0/48
在主设备接口执行undo shutdown命令开启接口时,请按如下顺序操作以减少收敛时间:
· 开启peer-link链路接口;
· 开启Keepalive链路接口;
· 等待一段时间,使用display m-lag summary命令查看M-LAG工作状态,确认M-LAG设备工作正常;
· 开启所有业务物理接口和逻辑接口。
# 主设备peer-link链路接口执行undo shutdown开启接口。
[Leaf1-1] interface range fortygige 1/0/49 fortygige 1/0/50 bridge-aggregation 1
[Leaf1-1-if-range] undo shutdown
[Leaf1-1-if-range] quit
# 主设备Keepalive链路接口执行undo shutdown开启接口。
[Leaf1-1] interface range ten-gigabitethernet 1/0/47 to ten-gigabitethernet 1/0/48 route-aggregation 1
[Leaf1-1-if-range] undo shutdown
[Leaf1-1-if-range] quit
# 主设备所有业务物理接口和逻辑接口(包括上行、下行的M-LAG接口及其成员端口)执行undo shutdown开启接口。
[Leaf1-1] interface range ten-gigabitethernet 1/0/1 ten-gigabitethernet 1/0/45 ten-gigabitethernet 1/0/46 bridge-aggregation 200 bridge-aggregation 701
[Leaf1-1-if-range] undo shutdown
[Leaf1-1-if-range] quit
# 主设备、从设备保存配置。
[Leaf1-1] save
[Leaf1-2] save
(2) 从设备配置M-LAG
(4) 主设备配置M-LAG
(5) 开启主设备接口,完成M-LAG系统切换,流量负载分担到主、从设备
· 请提前准备好配置,并快速下发切换配置以便减少收敛时间。
· 将切换前三层接口的IP地址作为VRRP虚拟地址,为切换后的三层接口重新配置IP地址。
(1) 关闭从设备所有业务物理接口和BFD MAD物理接口(即除了IRF物理接口外的物理接口),流量切换到主设备。
[IRF] interface range ten-gigabitethernet 2/0/1 ten-gigabitethernet 2/0/2 ten-gigabitethernet 2/0/45 ten-gigabitethernet 2/0/47 ten-gigabitethernet 2/0/48
[IRF-if-range] shutdown
[IRF-if-range] quit
(2) 主设备关闭IRF物理接口,IRF分裂。
[IRF] interface range fortygige 1/0/49 fortygige 1/0/50
[IRF-if-range] shutdown
[IRF-if-range] quit
请严格按建议顺序操作,否则从设备可能进入MAD DOWN状态,过程中涉及接口先开启再关闭可能导致丢包。
框式设备需要先切换到独立运行模式并重启设备使模式切换生效后,在独立运行模式下进行M-LAG配置。
(1) 配置IRF设备桥MAC恢复缺省情况,配置IRF桥MAC不保留,避免分裂后的两台设备具有相同MAC导致网络故障。
# 配置IRF桥MAC不保留。
[Spine1-2] undo irf mac-address persistent
# 配置IRF设备桥MAC恢复缺省情况。
[Spine1-2] undo irf mac-address
(2) M-LAG系统配置。
# 配置延迟恢复定时器超时时间为300秒。
[Spine1-2] m-lag restore-delay 300
# 配置M-LAG设备的角色优先级为100,使本设备作为M-LAG系统主设备。
[Spine1-2] m-lag role priority 100
建议将IRF的主设备设置为M-LAG的从设备、将IRF的从设备设置为M-LAG的主设备,否则M-LAG系统形成后会出现实际生效的角色和配置角色不一致,概率出现角色切换,切换过程中有50秒左右丢包。
# 配置M-LAG系统MAC地址(同一M-LAG系统的两台M-LAG设备需要配置相同的系统MAC)。
[Spine1-2] m-lag system-mac 0001-0001-0001
# 配置M-LAG系统编号(同一M-LAG系统的两台M-LAG设备需要配置不同的系统编号)。
[Spine1-2] m-lag system-number 2
# 配置M-LAG系统优先级(同一M-LAG系统的两台M-LAG设备需要配置相同的系统优先级)。
[Spine1-2] m-lag system-priority 123
# 配置Keepalive报文的目的IPv4地址为192.168.1.1,源IPv4地址为192.168.1.2。
[Spine1-2] m-lag keepalive ip destination 192.168.1.1 source 192.168.1.2
# 配置从设备重启后的自动恢复时间。否则仅一台M-LAG设备启动后,缺省情况下,该设备处于None角色,所有M-LAG接口处于M-LAG DOWN状态。此时用户流量无法通过M-LAG接口转发。
m-lag auto-recovery reload-delay 240
(3) 配置M-LAG接口。
# 配置连接Leaf的聚合接口200和连接DCGW的聚合接口201加入M-LAG组。关闭M-LAG接口的STP功能。
[Spine1-2] interface Bridge-Aggregation 200
[Spine1-2-Bridge-Aggregation200] port m-lag group 200
[Spine1-2-Bridge-Aggregation200] undo stp enable
[Spine1-2-Bridge-Aggregation200] quit
[Spine1-2] interface Bridge-Aggregation 201
[Spine1-2-Bridge-Aggregation201] port m-lag group 201
[Spine1-2-Bridge-Aggregation201] undo stp enable
[Spine1-2-Bridge-Aggregation201] quit
(4) 配置VRRP。
# M-LAG接口所属VLAN的VLAN接口11、40需要配置VRRP功能。将VLAN接口的原IP地址指定为VRRP备份组的虚拟IP,为VLAN接口指定同一网段的另一IP地址。配置设备在VRRP备份组中工作在非抢占模式。Spine1-2由于先启动而成为VRRP的Master路由器。
[Spine1-2] interface Vlan-interface 11
[Spine1-2-Vlan-interface11] ip address 19.1.128.253 255.255.255.0
[Spine1-2-Vlan-interface11] vrrp vrid 11 virtual-ip 19.1.128.254
[Spine1-2-Vlan-interface11] undo vrrp vrid 11 preempt-mode
[Spine1-2-Vlan-interface11] quit
[Spine1-2] interface Vlan-interface 40
[Spine1-2-Vlan-interface40] ip address 19.1.32.43 255.255.255.248
[Spine1-2-Vlan-interface40] vrrp vrid 40 virtual-ip 19.1.32.44
[Spine1-2-Vlan-interface40] undo vrrp vrid 40 preempt-mode
[Spine1-2-Vlan-interface40] quit
(5) 配置peer-link链路。
# 删除切换前IRF设备上用于MAD检测的二层聚合接口1和2,重新创建二层聚合接口1作为peer-link接口。
[Spine1-2] undo interface bridge-aggregation 1
[Spine1-2] undo interface bridge-aggregation 2
[Spine1-2] interface bridge-aggregation 1
[Spine1-2-Bridge-Aggregation1] quit
# 配置IRF物理接口FortyGigE2/0/49 和FortyGigE2/0/50 取消与IRF接口绑定,并加入聚合组1作为peer-link链路物理接口。
[Spine1-2] irf-port 2/2
[Spine1-2-irf-port2/2] undo port group interface fortygige 2/0/49
[Spine1-2-irf-port2/2] undo port group interface fortygige 2/0/50
[Spine1-2-irf-port2/2] quit
[Spine1-2] interface range fortygige 2/0/49 fortygige 2/0/50
[Spine1-2-if-range] port link-aggregation group 1
[Spine1-2-if-range] quit
# 配置二层聚合接口1作为peer-link接口。
[Spine1-2] interface bridge-aggregation 1
[Spine1-2-Bridge-Aggregation1] port link-type trunk
[Spine1-2-Bridge-Aggregation1] port trunk permit vlan all
[Spine1-2-Bridge-Aggregation1] link-aggregation mode dynamic
[Spine1-2-Bridge-Aggregation1] port m-lag peer-link 1
[Spine1-2-Bridge-Aggregation1] quit
(6) 配置Keepalive链路接口。
# 创建三层聚合接口1。
[Spine1-2] undo interface vlan-interface 4094
[Spine1-2] interface route-aggregation 1
# 配置物理接口Ten-GigabitEthernet2/0/47 Ten-GigabitEthernet2/0/48加入三层聚合组1作为Keepalive链路物理接口。
[Spine1-2] interface range ten-gigabitethernet 2/0/47 ten-gigabitethernet 2/0/48
[Spine1-2-if-range] port link-mode route
[Spine1-2-if-range] port link-aggregation group 1
[Spine1-2-if-range] quit
# 配置三层聚合接口1作为Keepalive接口,并配置IP地址。
[Spine1-2] interface route-aggregation1
[Spine1-2-Route-Aggregation1] link-aggregation mode dynamic
[Spine1-2-Route-Aggregation1] ip address 1.1.1.2 255.255.255.0
[Spine1-2-Route-Aggregation1] quit
(7) 配置保留接口。
[Spine1-2] m-lag mad exclude interface route-aggregation 1
[Spine1-2] m-lag mad exclude interface ten-gigabitethernet 2/0/47
[Spine1-2] m-lag mad exclude interface ten-gigabitethernet 2/0/48
[Spine1-2] m-lag mad exclude interface vlan-interface 11
[Spine1-2] m-lag mad exclude interface vlan-interface 40
在从设备接口执行undo shutdown命令开启接口,M-LAG接口起来后,马上在主设备接口执行shutdown命令关闭接口,以减少流量中断时间。
(1) 从设备所有业务物理接口和逻辑接口(包括peer-link物理接口和逻辑接口、Keepalive物理接口和逻辑接口、M-LAG接口和成员端口、Server的网关VLAN接口11,与DCGW三层互联接口VLAN接口40)执行undo shutdown命令开启接口。
[Spine1-2] interface range ten-gigabitethernet 2/0/1 ten-gigabitethernet 2/0/2 ten-gigabitethernet 2/0/45 ten-gigabitethernet 2/0/47 ten-gigabitethernet 2/0/48 fortygige 2/0/49 fortygige 2/0/50 bridge-aggregation 1 bridge-aggregation 200 bridge-aggregation 201 route-aggregation 1 vlan-interface 11 vlan-interface 40
[Spine1-2-if-range] undo shutdown
[Spine1-2-if-range] quit
(2) 主设备业务物理接口和BFD MAD物理接口执行shutdown命令关闭接口。
[Spine1-1] interface range ten-gigabitethernet 1/0/1 ten-gigabitethernet 1/0/2 ten-gigabitethernet 1/0/45 ten-gigabitethernet 1/0/47 ten-gigabitethernet 1/0/48
[Spine1-1-if-range] shutdown
[Spine1-1-if-range] quit
框式设备需要先切换到独立运行模式并重启设备使模式切换生效后,在独立运行模式下进行M-LAG配置。
(1) 配置IRF设备桥MAC恢复缺省情况,配置IRF桥MAC不保留,避免分裂后的两台设备具有相同MAC导致网络故障。
# 配置IRF桥MAC不保留。
[Spine1-1] undo irf mac-address persistent
# 配置IRF设备桥MAC恢复缺省情况。
[Spine1-1] undo irf mac-address
(2) M-LAG系统配置。
# 配置延迟恢复定时器超时时间为300秒。
[Spine1-1] m-lag restore-delay 300
# 配置M-LAG系统MAC地址(同一M-LAG系统的两台M-LAG设备需要配置相同的系统MAC)。
[Spine1-1] m-lag system-mac 0001-0001-0001
# 配置M-LAG系统编号(同一M-LAG系统的两台M-LAG设备需要配置不同的系统编号)。
[Spine1-1] m-lag system-number 1
# 配置M-LAG系统优先级(同一M-LAG系统的两台M-LAG设备需要配置相同的系统优先级)。
[Spine1-1] m-lag system-priority 123
# 配置Keepalive报文的目的IPv4地址为192.168.1.2,源IPv4地址为192.168.1.1。
[Spine1-1] m-lag keepalive ip destination 192.168.1.2 source 192.168.1.1
(3) 配置M-LAG接口。
# 配置连接Leaf的聚合接口200和连接DCGW的聚合接口201加入M-LAG组。关闭M-LAG接口的STP功能。
[Spine1-1] interface bridge-aggregation 200
[Spine1-1-Bridge-Aggregation200] port m-lag group 200
[Spine1-1-Bridge-Aggregation200] undo stp enable
[Spine1-1-Bridge-Aggregation200] quit
[Spine1-1] interface bridge-aggregation 201
[Spine1-1-Bridge-Aggregation201] port m-lag group 201
[Spine1-1-Bridge-Aggregation201] undo stp enable
[Spine1-1-Bridge-Aggregation201] quit
(4) 配置VRRP。
# M-LAG接口所属VLAN的VLAN接口11、40需要配置VRRP功能。将VLAN接口的原IP地址指定为VRRP备份组的虚拟IP,为VLAN接口指定同一网段的另一IP地址。配置设备在VRRP备份组中工作在非抢占模式。
[Spine1-1] interface vlan-interface 11
[Spine1-1-Vlan-interface11] ip address 19.1.128.252 255.255.255.0
[Spine1-1-Vlan-interface11] vrrp vrid 11 virtual-ip 19.1.128.254
[Spine1-1-Vlan-interface11] undo vrrp vrid 11 preempt-mode
[Spine1-1-Vlan-interface11] quit
[Spine1-1] interface vlan-interface 40
[Spine1-1-Vlan-interface40] ip address 19.1.32.42 255.255.255.248
[Spine1-1-Vlan-interface40] vrrp vrid 40 virtual-ip 19.1.32.44
[Spine1-1-Vlan-interface40] undo vrrp vrid 40 preempt-mode
[Spine1-1-Vlan-interface40] quit
(5) 配置peer-link接口。
# 删除切换前IRF设备上用于MAD检测的二层聚合接口1和2,重新创建二层聚合接口1作为peer-link接口。
[Spine1-1] undo interface bridge-aggregation 1
[Spine1-1] undo interface bridge-aggregation 2
[Spine1-1] interface bridge-aggregation 1
# 配置IRF物理接口FortyGigE1/0/49 和FortyGigE1/0/50 取消与IRF接口绑定,并加入聚合组1作为peer-link链路物理接口。
[Spine1-1] irf-port 1/1
[Spine1-1-irf-port1/1] undo port group interface fortygige 1/0/49
[Spine1-1-irf-port1/1] undo port group interface fortygige 1/0/50
[Spine1-1-irf-port1/1] quit
[Spine1-1] interface range fortygige 1/0/49 fortygige 1/0/50
[Spine1-1-if-range] port link-aggregation group 1
[Spine1-1-if-range] quit
# 配置二层聚合接口1作为peer-link接口。
[Spine1-1] interface Bridge-Aggregation 1
[Spine1-1-Bridge-Aggregation1] port link-type trunk
[Spine1-1-Bridge-Aggregation1] port trunk permit vlan all
[Spine1-1-Bridge-Aggregation1] link-aggregation mode dynamic
[Spine1-1-Bridge-Aggregation1] port m-lag peer-link 1
[Spine1-1-Bridge-Aggregation1] quit
# 删除切换前IRF设备上用于MAD检测的VLAN接口4094,创建三层聚合接口1作为Keepalive接口。
[Spine1-1] undo interface vlan-interface 4094
[Spine1-1] interface route-aggregation 1
[Spine1-1-Route-Aggregation1] quit
# 配置物理接口Ten-GigabitEthernet1/0/47 Ten-GigabitEthernet1/0/48加入三层聚合组1作为Keepalive链路物理接口。
[Spine1-1] interface range ten-gigabitethernet 1/0/47 ten-gigabitethernet 1/0/48
[Spine1-1-if-range] port link-mode route
[Spine1-1-if-range] port link-aggregation group 1
[Spine1-1-if-range] quit
# 配置三层聚合接口1作为Keepalive接口,并配置IP地址。
[Spine1-1] interface Route-Aggregation1
[Spine1-1-Route-Aggregation1] link-aggregation mode dynamic
[Spine1-1-Route-Aggregation1] ip address 1.1.1.1 255.255.255.0
[Spine1-1-Route-Aggregation1] quit
(6) 配置保留接口。
[Spine1-1] m-lag mad exclude interface route-aggregation 1
[Spine1-1] m-lag mad exclude interface ten-gigabitethernet 1/0/47
[Spine1-1] m-lag mad exclude interface ten-gigabitethernet 1/0/48
[Spine1-1] m-lag mad exclude interface vlan-interface 11
[Spine1-1] m-lag mad exclude interface vlan-interface 40
在主设备接口执行undo shutdown命令开启接口时,请按如下顺序操作以减少收敛时间:
· 开启peer-link链路接口;
· 开启Keepalive链路接口;
· 等待一段时间,使用display m-lag summary命令查看M-LAG工作状态,确认M-LAG设备工作正常;
· 开启所有业务物理接口和逻辑接口。
# 主设备peer-link链路接口执行undo shutdown命令开启接口。
[Spine1-1] interface range fortygige 1/0/49 fortygige 1/0/50 bridge-aggregation 1 [Spine1-1-if-range] undo shutdown
[Spine1-1-if-range] quit
# 主设备Keepalive链路接口执行undo shutdown命令开启接口。
[Spine1-1] interface range ten-gigabitethernet 1/0/47 ten-gigabitethernet 1/0/48 route-aggregation 1
[Spine1-1-if-range] undo shutdown
[Spine1-1-if-range] quit
# 主设备所有业务物理接口和逻辑接口(包括M-LAG接口及其成员口、Server的网关接口VLAN接口11,与DCGW三层互联接口VLAN接口40)执行undo shutdown命令开启接口。
[Spine1-1] interface range ten-gigabitethernet 1/0/1 ten-gigabitethernet 1/0/2 ten-gigabitethernet 1/0/45 bridge-aggregation 200 bridge-aggregation 201 vlan-interface 11 vlan-interface 40
[Spine1-1-if-range] undo shutdown
[Spine1-1-if-range] quit
# 主设备、从设备保存配置。
[Spine1-1] save
[Spine1-2] save
Leaf设备的切换要点如下:
· Leaf设备由IRF组网切换为M-LAG组网。
· 原IRF物理端口切换为peer-link链路。
· 原MAD检测物理链路作为Keepalive链路。
· 连接服务器和上行设备的跨IRF成员设备聚合接口切换为M-LAG接口。
Spine设备的切换要点如下:
· Spine设备由IRF组网切换为M-LAG组网。
· 原IRF物理端口切换为peer-link链路。
· 原MAD检测物理链路作为Keepalive链路。
· 连接下行设备的跨IRF成员设备聚合接口切换为M-LAG接口。
· 与DCGW接口修改为三层以太网接口,开启OSPF并引入直连路由。
· M-LAG接口上需要使能三层接口的,均需要配置VRRP,VRRP配置不抢占模式。
· M-LAG主、从设备之间建立三层路由,打通主、从设备的三层互联,用于上游链路故障的业务保护,以及M-LAG故障时的业务保护。
· IRF切换M-LAG后,组成IRF的两台设备成为独立设备,切换前三层接口的IP地址出现冲突,需重新配置IP地址。
DCGW设备的切换要点如下:
· 重新配置接口IP地址,开启OSPF并引入直连路由。
图4-3 IRF组网切换M-LAG组网示例图(切换后)
|
设备 |
接口 |
IP地址 |
对接设备及接口 |
|
Leaf1-1 |
XGE1/0/1 |
- |
Server |
|
XGE1/0/45 |
- |
Spine1-1:XGE1/0/1 |
|
|
XGE1/0/46 |
- |
Spine1-2:XGE2/0/1 |
|
|
XGE1/0/47 |
|
Keepalive物理接口 |
|
|
XGE1/0/48 |
|
Keepalive物理接口 |
|
|
FGE1/0/49 |
- |
Peer-link链路物理接口 |
|
|
FGE1/0/50 |
- |
Peer-link链路物理接口 |
|
|
BAGG1 |
- |
Peer-link链路二层聚合口 |
|
|
RAGG1 |
1.1.1.1/30 |
Keepalive三层聚合口 |
|
|
BAGG200 |
- |
Spine:BAGG200 |
|
|
BAGG701 |
- |
Server |
|
|
Leaf1-2 |
XGE2/0/1 |
- |
Server |
|
XGE2/0/45 |
- |
Spine1-1:XGE1/0/2 |
|
|
XGE2/0/46 |
- |
Spine1-2:XGE2/0/2 |
|
|
XGE2/0/47 |
|
Keepalive物理接口 |
|
|
XGE2/0/48 |
|
Keepalive物理接口 |
|
|
FGE2/0/49 |
- |
Peer-link链路物理接口 |
|
|
FGE2/0/50 |
- |
Peer-link链路物理接口 |
|
|
BAGG1 |
- |
Peer-link链路二层聚合口 |
|
|
RAGG1 |
1.1.1.2/30 |
Keepalive三层聚合口 |
|
|
BAGG200 |
- |
Spine:BAGG200 |
|
|
BAGG701 |
- |
Server |
|
|
Spine1-1 |
XGE1/0/1 |
- |
Leaf1-1:XGE1/0/45 |
|
XGE1/0/2 |
- |
Leaf1-2:XGE2/0/45 |
|
|
XGE1/0/45 |
19.1.32.42/30 |
DCGW:XGE2/1/5(19.1.32.41/30) |
|
|
XGE1/0/47 |
|
Keepalive物理接口 |
|
|
XGE1/0/48 |
|
Keepalive物理接口 |
|
|
FortyGigE1/0/49 |
- |
Peer-link链路物理接口 |
|
|
FortyGigE1/0/50 |
- |
Peer-link链路物理接口 |
|
|
BAGG1 |
- |
Peer-link链路二层聚合口 |
|
|
RAGG1 |
192.168.1.1/30 |
Keepalive三层聚合口 |
|
|
BAGG200 |
- |
Leaf:BAGG200 |
|
|
BAGG201 |
- |
DCGW |
|
|
Vlan-interface11 |
IP: 19.1.128.252/24 VRRP virtual-ip: 19.1.128.254 |
Server的网关 |
|
|
Vlan-interface4094 |
192.168.1.5/30 |
切换前MAD检测VLAN接口 切换后,M-LAG设备与上行设备配置动态路由互通时,可作为M-LAG设备间三层互通接口 |
|
|
Spine1-2 |
XGE2/0/1 |
- |
Leaf1-1:XGE1/0/46 |
|
XGE2/0/2 |
- |
Leaf1-2:XGE2/0/46 |
|
|
XGE2/0/45 |
19.1.32.46/30 |
DCGW:XGE2/1/6(19.1.32.45/30) |
|
|
XGE2/0/47 |
- |
Keepalive物理接口 |
|
|
XGE2/0/48 |
- |
Keepalive物理接口 |
|
|
FGE2/0/49 |
- |
Peer-link链路物理接口 |
|
|
FGE2/0/50 |
- |
Peer-link链路物理接口 |
|
|
BAGG1 |
- |
Peer-link链路二层聚合口 |
|
|
RAGG1 |
192.168.1.2/30 |
Keepalive三层聚合口 |
|
|
BAGG200 |
- |
Leaf:BAGG200 |
|
|
BAGG201 |
- |
DCGW |
|
|
Vlan-interface11 |
IP:19.1.128.253/24 VRRP virtual-ip:19.1.128.254 |
Server的网关 |
|
|
Vlan-interface4094 |
192.168.1.6/30 |
切换前MAD检测VLAN接口 切换后,M-LAG设备与上行设备配置动态路由互通时,可作为M-LAG设备间三层互通接口 |
(2) 从设备配置M-LAG
(4) 主设备配置M-LAG
(5) 开启主设备接口,完成M-LAG系统切换,流量负载分担到主、从设备
· 请提前准备好配置,并快速下发切换配置以便减少收敛时间。
· 重新配置OSPF进程Router ID后,需要重新启动OSPF进程。
· 将切换前三层接口的IP地址作为VRRP虚拟地址,为切换后的三层接口重新配置IP地址。
(1) 关闭从设备所有业务物理接口和BFD MAD物理接口(即除了IRF物理接口外的接口),流量切换到主设备。
[IRF] interface range ten-gigabitethernet 2/0/1 ten-gigabitethernet 2/0/2 ten-gigabitethernet 2/0/45 ten-gigabitethernet 2/0/47 ten-gigabitethernet 2/0/48
[IRF-if-range] shutdown
[IRF-if-range] quit
(2) 主设备关闭IRF物理接口,IRF分裂。
[IRF] interface range fortygige 1/0/49 fortygige 1/0/50
[IRF-if-range] shutdown
[IRF-if-range] quit
请严格按建议顺序操作,否则从设备可能进入MAD DOWN状态,过程中涉及接口先开启再关闭可能导致丢包。
框式设备需要先切换到独立运行模式并重启设备使模式切换生效后,在独立运行模式下进行M-LAG配置。
(1) 配置IRF设备桥MAC恢复缺省情况,配置IRF桥MAC不保留,避免分裂后的两台设备具有相同MAC导致网络故障。
# 配置IRF桥MAC不保留。
[Spine1-2] undo irf mac-address persistent
# 配置IRF设备桥MAC恢复缺省情况。
[Spine1-2] undo irf mac-address
(2) M-LAG系统配置。
# 配置延迟恢复定时器超时时间为300秒。
[Spine1-2] m-lag restore-delay 300
# 配置M-LAG设备的角色优先级为100,使本设备作为M-LAG系统主设备。
[Spine1-2] m-lag role priority 100
建议将IRF的主设备设置为M-LAG的从设备、将IRF的从设备设置为M-LAG的主设备,否则M-LAG系统形成后会出现实际生效的角色和配置角色不一致,概率出现角色切换,切换过程中有50秒左右丢包。
# 配置M-LAG系统MAC地址(同一M-LAG系统的两台M-LAG设备需要配置相同的系统MAC)。
[Spine1-2] m-lag system-mac 0001-0001-0001
# 配置M-LAG系统编号(同一M-LAG系统的两台M-LAG设备需要配置不同的系统编号)。
[Spine1-2] m-lag system-number 2
# 配置M-LAG系统优先级(同一M-LAG系统的两台M-LAG设备需要配置相同的系统优先级)。
[Spine1-2] m-lag system-priority 123
# 配置Keepalive报文的目的IPv4地址为192.168.1.1,源IPv4地址为192.168.1.2。
[Spine1-2] m-lag keepalive ip destination 192.168.1.1 source 192.168.1.2
# 配置从设备重启后的自动恢复时间。否则仅一台M-LAG设备启动后,缺省情况下,该设备处于None角色,所有M-LAG接口处于M-LAG DOWN状态。此时用户流量无法通过M-LAG接口转发。
m-lag auto-recovery reload-delay 240
(3) 配置M-LAG接口。
# 配置连接Leaf的聚合接口200加入M-LAG组。关闭M-LAG接口的STP功能。
[Spine1-2] interface Bridge-Aggregation 200
[Spine1-2-Bridge-Aggregation200] port m-lag group 200
[Spine1-2-Bridge-Aggregation200] undo stp enable
[Spine1-2-Bridge-Aggregation200] quit
(4) 配置VRRP。
# M-LAG接口所属VLAN的VLAN接口11需要配置VRRP功能。将VLAN接口的原IP地址指定为VRRP备份组的虚拟IP,为VLAN接口指定同一网段的另一IP地址。配置设备在VRRP备份组中工作在非抢占模式。Spine1-2由于先启动而成为VRRP的Master路由器。
[Spine1-2] interface Vlan-interface 11
[Spine1-2-Vlan-interface11] ip address 19.1.128.253 255.255.255.0
[Spine1-2-Vlan-interface11] vrrp vrid 11 virtual-ip 19.1.128.254
[Spine1-2-Vlan-interface11] undo vrrp vrid 11 preempt-mode
[Spine1-2-Vlan-interface11] quit
(5) 配置peer-link链路。
# 删除切换前IRF设备上用于MAD检测的二层聚合接口1和2,重新创建二层聚合接口1作为peer-link接口。
[Spine1-2] undo interface bridge-aggregation 1
[Spine1-2] undo interface bridge-aggregation 2
[Spine1-2] interface bridge-aggregation 1
[Spine1-2-Bridge-Aggregation1] quit
# 配置IRF物理接口FortyGigE2/0/49 和FortyGigE2/0/50 取消与IRF接口绑定,并加入聚合组1作为peer-link链路物理接口。
[Spine1-2] irf-port 2/2
[Spine1-2-irf-port2/2] undo port group interface fortygige 2/0/49
[Spine1-2-irf-port2/2] undo port group interface fortygige 2/0/50
[Spine1-2-irf-port2/2] quit
[Spine1-2] interface range fortygige 2/0/49 fortygige 2/0/50
[Spine1-2-if-range] port link-aggregation group 1
[Spine1-2-if-range] quit
# 配置二层聚合接口1作为peer-link接口。
[Spine1-2] interface bridge-aggregation 1
[Spine1-2-Bridge-Aggregation1] port link-type trunk
[Spine1-2-Bridge-Aggregation1] port trunk permit vlan all
[Spine1-2-Bridge-Aggregation1] link-aggregation mode dynamic
[Spine1-2-Bridge-Aggregation1] port m-lag peer-link 1
[Spine1-2-Bridge-Aggregation1] quit
(6) 配置Keepalive链路接口。
# 创建三层聚合接口1。
[Spine1-2] undo interface vlan-interface 4094
[Spine1-2] interface route-aggregation 1
# 配置物理接口Ten-GigabitEthernet2/0/47 Ten-GigabitEthernet2/0/48加入三层聚合组1作为Keepalive链路物理接口。
[Spine1-2] interface range ten-gigabitethernet 2/0/47 ten-gigabitethernet 2/0/48
[Spine1-2-if-range] port link-mode route
[Spine1-2-if-range] port link-aggregation group 1
[Spine1-2-if-range] quit
# 配置三层聚合接口1作为Keepalive接口,并配置IP地址。
[Spine1-2] interface route-aggregation1
[Spine1-2-Route-Aggregation1] link-aggregation mode dynamic
[Spine1-2-Route-Aggregation1] ip address 1.1.1.2 255.255.255.0
[Spine1-2-Route-Aggregation1] quit
(7) 配置连接DCGW的接口,配置OSPF。
# 删除切换前Spine与DCGW三层互连接口Vlan-interface40。将Ten-GigabitEthernet2/0/45配置为三层以太网接口,配置IP并开启OSPF功能。
[Spine1-2] undo interface vlan-interface 40
[Spine1-2] undo interface bridge-Aggregation 201
[Spine1-2] interface ten-gigabitethernet 2/0/45
[Spine1-2-Ten-GigabitEthernet2/0/45] port link-mode route
[Spine1-2-Ten-GigabitEthernet2/0/45] ip address 19.1.32.46 255.255.255.252
[Spine1-2-Ten-GigabitEthernet2/0/45] ospf 65535 area 0.0.0.0
[Spine1-2-Ten-GigabitEthernet2/0/45] quit
# 配置Vlan-interface4094作为两台M-LAG设备之间的三层互通接口。
[Spine1-2] interface vlan-interface 4094
[Spine1-2-Vlan-interface4094] ip address 192.168.1.6 255.255.255.252
[Spine1-2-Vlan-interface4094] ospf 65535 area 0.0.0.0
[Spine1-2-Vlan-interface4094] quit
# 重新配置OSPF Router-id,引入直连路由,重启OSPF进程。
[Spine1-2] ospf 65535 router-id 19.1.30.2
[Spine1-2-ospf-65535] import-route direct
<Spine1-2> reset ospf process
(8) 配置保留接口。
[Spine1-2] m-lag mad exclude interface route-aggregation 1
[Spine1-2] m-lag mad exclude interface ten-gigabitethernet 2/0/47
[Spine1-2] m-lag mad exclude interface ten-gigabitethernet 2/0/48
[Spine1-2] m-lag mad exclude interface vlan-interface 11
在从设备接口执行undo shutdown命令开启接口,M-LAG接口起来后,马上在主设备接口执行shutdown命令关闭接口,以减少流量中断时间。
(1) 配置DCGW连接Spine1-2的物理接口退出聚合组,开启OSPF功能并引入直连路由。
[DCGW] interface ten-gigabitEthernet 2/1/6
[DCGW-Ten-GigabitEthernet2/1/6] undo port link-aggregation group
[DCGW-Ten-GigabitEthernet2/1/6] ip address 19.1.32.45 255.255.255.252
[DCGW-Ten-GigabitEthernet2/1/6] ospf 65535 area 0.0.0.0
[DCGW] ospf 65535
[DCGW-ospf-65535] import-route direct
(2) 从设备所有业务物理接口和逻辑接口(包括peer-link物理接口和逻辑接口、Keepalive物理接口和逻辑接口、M-LAG接口和成员端口、Server的网关VLAN接口11,上行物理接口和VLAN接口40)执行undo shutdown命令开启接口。
[Spine1-2] interface range ten-gigabitethernet 2/0/1 ten-gigabitethernet 2/0/2 ten-gigabitethernet 2/0/45 ten-gigabitethernet 2/0/47 ten-gigabitethernet 2/0/48 fortygige 2/0/49 fortygige 2/0/50 bridge-aggregation 1 bridge-aggregation 200 bridge-aggregation 201 route-aggregation 1 vlan-interface 11 vlan-interface 40
[Spine1-2-if-range] undo shutdown
[Spine1-2-if-range] quit
(3) 主设备业务物理接口和BFD MAD物理接口执行shutdown命令关闭接口。
[Spine1-1] interface range ten-gigabitethernet 1/0/1 ten-gigabitethernet 1/0/2 ten-gigabitethernet 1/0/45 ten-gigabitethernet 1/0/47 ten-gigabitethernet 1/0/48
[Spine1-1-if-range] shutdown
[Spine1-1-if-range] quit
框式设备需要先切换到独立运行模式并重启设备使模式切换生效后,在独立运行模式下进行M-LAG配置。
(1) 配置IRF设备桥MAC恢复缺省情况,配置IRF桥MAC不保留,避免分裂后的两台设备具有相同MAC导致网络故障。
# 配置IRF桥MAC不保留。
[Spine1-1] undo irf mac-address persistent
# 配置IRF设备桥MAC恢复缺省情况。
[Spine1-1] undo irf mac-address
(2) M-LAG系统配置。
# 配置延迟恢复定时器超时时间为300秒。
[Spine1-1] m-lag restore-delay 300
# 配置M-LAG系统MAC地址(同一M-LAG系统的两台M-LAG设备需要配置相同的系统MAC)。
[Spine1-1] m-lag system-mac 0001-0001-0001
# 配置M-LAG系统编号(同一M-LAG系统的两台M-LAG设备需要配置不同的系统编号)。
[Spine1-1] m-lag system-number 1
# 配置M-LAG系统优先级(同一M-LAG系统的两台M-LAG设备需要配置相同的系统优先级)。
[Spine1-1] m-lag system-priority 123
# 配置Keepalive报文的目的IPv4地址为192.168.1.2,源IPv4地址为192.168.1.1。
[Spine1-1] m-lag keepalive ip destination 192.168.1.2 source 192.168.1.1
(3) 配置M-LAG接口。
# 配置连接Leaf的聚合接口200加入M-LAG组。关闭M-LAG接口的STP功能。
[Spine1-1] interface bridge-aggregation 200
[Spine1-1-Bridge-Aggregation200] port m-lag group 200
[Spine1-1-Bridge-Aggregation200] undo stp enable
[Spine1-1-Bridge-Aggregation200] quit
(4) 配置VRRP。
# M-LAG接口所属VLAN的VLAN接口11需要配置VRRP功能。将VLAN接口的原IP地址指定为VRRP备份组的虚拟IP,为VLAN接口指定同一网段的另一IP地址。配置设备在VRRP备份组中工作在非抢占模式。
[Spine1-1] interface vlan-interface 11
[Spine1-1-Vlan-interface11] ip address 19.1.128.252 255.255.255.0
[Spine1-1-Vlan-interface11] vrrp vrid 11 virtual-ip 19.1.128.254
[Spine1-1-Vlan-interface11] undo vrrp vrid 11 preempt-mode
[Spine1-1-Vlan-interface11] quit
(5) 配置peer-link接口。
# 删除切换前IRF设备上用于MAD检测的二层聚合接口1和2,重新创建二层聚合接口1作为peer-link接口。
[Spine1-1] undo interface bridge-aggregation 1
[Spine1-1] undo interface bridge-aggregation 2
[Spine1-1] interface bridge-aggregation 1
# 配置IRF物理接口FortyGigE1/0/49 和FortyGigE1/0/50 取消与IRF接口绑定,并加入聚合组1作为peer-link链路物理接口。
[Spine1-1] irf-port 1/1
[Spine1-1-irf-port1/1] undo port group interface fortygige 1/0/49
[Spine1-1-irf-port1/1] undo port group interface fortygige 1/0/50
[Spine1-1-irf-port1/1] quit
[Spine1-1] interface range fortygige 1/0/49 fortygige 1/0/50
[Spine1-1-if-range] port link-aggregation group 1
[Spine1-1-if-range] quit
# 配置二层聚合接口1作为peer-link接口。
[Spine1-1] interface Bridge-Aggregation 1
[Spine1-1-Bridge-Aggregation1] port link-type trunk
[Spine1-1-Bridge-Aggregation1] port trunk permit vlan all
[Spine1-1-Bridge-Aggregation1] link-aggregation mode dynamic
[Spine1-1-Bridge-Aggregation1] port m-lag peer-link 1
[Spine1-1-Bridge-Aggregation1] quit
# 删除切换前IRF设备上用于MAD检测的VLAN接口4094,创建三层聚合接口1作为Keepalive接口。
[Spine1-1] undo interface vlan-interface 4094
[Spine1-1] interface route-aggregation 1
[Spine1-1-Route-Aggregation1] quit
# 配置物理接口Ten-GigabitEthernet1/0/47 Ten-GigabitEthernet1/0/48加入三层聚合组1作为Keepalive链路物理接口。
[Spine1-1] interface range ten-gigabitethernet 1/0/47 ten-gigabitethernet 1/0/48
[Spine1-1-if-range] port link-mode route
[Spine1-1-if-range] port link-aggregation group 1
[Spine1-1-if-range] quit
# 配置三层聚合接口1作为Keepalive接口,并配置IP地址。
[Spine1-1] interface Route-Aggregation1
[Spine1-1-Route-Aggregation1] link-aggregation mode dynamic
[Spine1-1-Route-Aggregation1] ip address 1.1.1.1 255.255.255.0
[Spine1-1-Route-Aggregation1] quit
(6) 配置连接DCGW的接口,配置OSPF。
# 删除切换前Spine与DCGW二层互连接口Bridge-Aggregation201和三层互连接口Vlan-interface40。将Ten-GigabitEthernet1/0/45配置为三层以太网接口,配置IP并开启OSPF功能。
[Spine1-1] undo interface vlan-interface40
[Spine1-1] undo interface bridge-aggregation 201
[Spine1-1] interface ten-gigabitethernet 1/0/45
[Spine1-1-Ten-GigabitEthernet1/0/45] port link-mode route
[Spine1-1-Ten-GigabitEthernet1/0/45] ip address 19.1.32.42 255.255.255.252
[Spine1-1-Ten-GigabitEthernet1/0/45] ospf 65535 area 0.0.0.0
[Spine1-1-Ten-GigabitEthernet1/0/45] quit
# 配置Vlan-interface4094作为两台M-LAG设备之间的三层互通接口。
[Spine1-1] interface vlan-interface4094
[Spine1-1-Vlan-interface4094] ip address 192.168.1.5 255.255.255.252
[Spine1-1-Vlan-interface4094] ospf 65535 area 0.0.0.0
[Spine1-1-Vlan-interface4094] quit
# 配置OSPF Router-id,引入直连路由,重启OSPF进程。
[Spine1-1] ospf 65535 router-id 19.1.30.1
[Spine1-1-ospf-65535] import-route direct
<Spine1-1> reset ospf process
(7) 配置保留接口。
[Spine1-1] m-lag mad exclude interface route-aggregation 1
[Spine1-1] m-lag mad exclude interface ten-gigabitethernet 1/0/47
[Spine1-1] m-lag mad exclude interface ten-gigabitethernet 1/0/48
[Spine1-1] m-lag mad exclude interface vlan-interface 11
在主设备接口执行undo shutdown命令开启接口时,请按如下顺序操作以减少收敛时间:
· 开启peer-link链路接口;
· 开启Keepalive链路接口;
· 等待一段时间,使用display m-lag summary命令查看M-LAG工作状态,确认M-LAG设备工作正常;
· 开启所有业务物理接口和逻辑接口。
# 删除切换前DCGW连接Spine1-1的三层聚合子接口Route-Aggregation201.40,配置DCGW连接Spine1-1的物理接口退出聚合组。
[DCGW] undo interface route-ggregation201.40
[DCGW] interface ten-gigabitEthernet 2/1/5
[DCGW-Ten-GigabitEthernet2/1/5] undo port link-aggregation group
[DCGW-Ten-GigabitEthernet2/1/5] ip address 19.1.32.41 255.255.255.252
[DCGW-Ten-GigabitEthernet2/1/5] ospf 65535 area 0.0.0.0
[DCGW-Ten-GigabitEthernet2/1/5] quit
# 主设备peer-link链路接口执行undo shutdown命令开启接口。
[Spine1-1] interface range fortygige 1/0/49 fortygige 1/0/50 bridge-aggregation 1 [Spine1-1-if-range] undo shutdown
[Spine1-1-if-range] quit
# 主设备Keepalive链路接口执行undo shutdown命令开启接口。
[Spine1-1] interface range ten-gigabitethernet 1/0/47 ten-gigabitethernet 1/0/48 route-aggregation 1
[Spine1-1-if-range] undo shutdown
[Spine1-1-if-range] quit
# 主设备所有业务物理接口和逻辑接口(包括M-LAG接口及其成员口、Server的网关接口VLAN接口11、M-LAG设备互联的VLAN接口4094)执行undo shutdown命令开启接口。
[Spine1-1] interface range ten-gigabitethernet 1/0/1 ten-gigabitethernet 1/0/2 ten-gigabitethernet 1/0/45 bridge-aggregation 200 vlan-interface 11 vlan-interface 4094
[Spine1-1-if-range] undo shutdown
[Spine1-1-if-range] quit
# 主设备、从设备保存配置。
[Spine1-1] save
[Spine1-2] save
编号:U代表Underlay,4代表IPv4,101是序号。
流量大小:轻载(小于1000条流),重载(大于1000条流)。
|
编号 |
类型 |
流量方向 |
流量路径 |
仿真方式 |
流量大小 |
上墙/LB方式 |
|
U-4-101 |
IPv4已知单播 |
南北向 |
Server-Leaf- Spine-DCGW |
使用测试仪器仿真服务器和外网的流量转发 |
轻载 |
不涉及 |
|
U-4-101 |
IPv4已知单播 |
南北向 |
DCGW-Spine- Leaf-Server |
轻载 |
不涉及 |
· 隔离和恢复操作快慢会影响收敛时间,测试数据可能会有浮动。
· 如果IRF的主设备切换为M-LAG的主设备,在恢复Leaf1-1或Spine1-1时,可能会导致两台M-LAG设备角色重选,出现网络震荡,流量中断情况,重选结束后流量稳定,测试流量中断时间不超过60s。
· 本节的收敛时间基于S6800设备测试。
|
故障类型 |
流量中断时间 |
|
|
Leaf |
隔离Leaf1-2 |
不超过500ms |
|
主备倒换(隔离Leaf1-1,恢复Leaf1-2) |
不超过60s |
|
|
恢复Leaf1-1 |
不超过3s |
|
|
Spine |
隔离Spine1-2 |
不超过500ms |
|
主备倒换(隔离Spine1-1,恢复Spine1-2) |
不超过60s |
|
|
恢复Spine1-1 |
不超过1s |
|
设备 |
故障类型 |
流量中断时间 |
|
Leaf |
隔离Leaf1-2 |
不超过500ms |
|
主备倒换(隔离Leaf1-1,恢复Leaf1-2) |
不超过60s |
|
|
恢复Leaf1-1 |
不超过3s |
|
|
Spine |
隔离Spine1-2 |
不超过500ms |
|
主备倒换(隔离Spine1-1,恢复Spine1-2) |
不超过60s |
|
|
恢复Spine1-1 |
不超过1s |
# 在Leaf1-1上查看Leaf1-1与Leaf1-2之间的M-LAG系统状态,M-LAG正常建立。
<Leaf1-1> display m-lag summary
Global consistency check : SUCCESS
Inconsistent type 1 global settings: -
Peer-link interface Peer-link interface ID State
BAGG1 1 UP
M-LAG IF M-LAG group ID State Check result Type 1 inconsistency
BAGG200 200 UP SUCCESS -
BAGG701 701 UP SUCCESS -
# 在Leaf1-1上查看M-LAG系统信息。
<Leaf1-1> display m-lag system
Peer-link interface: Bridge-Aggregation1
State: UP
M-LAG System number System MAC System priority
Local 1 0002-0002-0002 123
Peer 2 0002-0002-0002 123
# 在Leaf1-1上查看M-LAG系统Keepalive报文的信息。
<Leaf1-1> display m-lag keepalive
Neighbor keepalive link status: Up
Neighbor is alive for: 175965 s 418 ms
Last keepalive packet sending status: Successful
Last keepalive packet sending time: 2021/01/15 05:48:38 439 ms
Last keepalive packet receiving status: Successful
Last keepalive packet receiving time: 2021/01/15 05:48:38 358 ms
M-LAG keepalive parameters:
Destination IP address: 1.1.1.2
Source IP address: 1.1.1.1
Keepalive UDP port : 6400
Keepalive VPN name : N/A
Keepalive interval : 1000 ms
Keepalive timeout : 5 sec
Keepalive hold time: 3 sec
# 在Leaf1-1上查看M-LAG设备角色信息。
<Leaf1-1> display m-lag role
M-LAG Role priority Bridge Mac Configured role Effective role
Local 32768 542b-de52-1ba0 Secondary Secondary
Peer 100 542b-de52-179e Primary Primary
# 在Leaf1-1上查看M-LAG配置一致性信息。
<Leaf1-1> display m-lag consistency type2 global
VLAN consistency check: Success
Local VLAN interfaces:
1
Peer VLAN interfaces:
1
Passing PVID and VLANs (tagged) on local peer-link interface:
1-4094
Passing PVID and VLANs (tagged) on peer peer-link interface:
1-4094
Invalid VLANs on local peer-link interface:
None
# 在Leaf1-1上查看聚合接口的相关信息。
<Leaf1-1> display interface bridge-aggregation brief
Brief information on interfaces in bridge mode:
Link: ADM - administratively down; Stby - standby
Speed: (a) - auto
Duplex: (a)/A - auto; H - half; F - full
Type: A - access; T - trunk; H - hybrid
Interface Link Speed Duplex Type PVID Description
BAGG1 UP 200G(a) F(a) T 1
BAGG200 UP 400G(a) F(a) T 1 To:GLEOR
BAGG701 UP 200G(a) F(a) A 11 To:Cloudos-01
本章讲述从EVPN VXLAN IRF组网到M-LAG组网的切换过程。如图5-1所示:
· EOR、TOR分别是由两台成员设备组成的IRF。EOR为框式设备组成的IRF,TOR为盒式设备组成的IRF。
· 服务器通过跨IRF成员设备聚合链路接入TOR设备,聚合口为AC口。
· EOR设备通过跨IRF成员设备聚合链路连接DCGW,聚合口为AC口。
· TOR设备通过三层口与EOR设备互联,建立OSPF、BGP邻居,建立EVPN VXLAN隧道,实现EVPN VXLAN二层转发组网。
现要求:
· 将EOR、TOR由IRF设备切换为M-LAG系统。
· 服务器与TOR、EOR与DCGW之间互联的跨IRF成员设备聚合链路切换为M-LAG接口。
· M-LAG主、从设备之间建立三层路由,打通主、从设备的三层互联,用于上游链路故障的业务保护,以及M-LAG故障时的业务保护。
· 切换收敛时间尽量快,以减少对业务的影响。
图5-1 EVPN VXLAN IRF组网切换M-LAG组网示例图
|
设备 |
接口 |
IP地址 |
对接设备及接口 |
|
TOR(IRF)
|
XGE1/0/6 |
- |
Server |
|
XGE1/0/7 |
- |
Server |
|
|
XGE1/0/45 |
- |
EOR:XGE5/2/0/48 |
|
|
XGE1/0/46 |
- |
EOR:XGE1/2/0/48 |
|
|
XGE1/0/47 |
- |
MAD检测物理接口 |
|
|
XGE1/0/48 |
- |
IRF物理接口 |
|
|
FGE1/0/49 |
- |
IRF物理接口 |
|
|
FGE1/0/50 |
- |
IRF物理接口 |
|
|
XGE5/0/6 |
- |
Server |
|
|
XGE5/0/7 |
- |
Server |
|
|
XGE5/0/45 |
- |
EOR:XGE5/2/0/47 |
|
|
XGE5/0/46 |
- |
EOR:XGE1/2/0/47 |
|
|
XGE5/0/47 |
- |
MAD检测物理接口 |
|
|
XGE5/0/48 |
- |
IRF物理接口 |
|
|
FGE5/0/49 |
- |
IRF物理接口 |
|
|
FGE5/0/50 |
- |
IRF物理接口 |
|
|
BAGG101 |
- |
Server |
|
|
Loopback0 |
19.1.37.1/32 |
内部环回接口,用来建立EOR和TOR之间的BGP邻居 |
|
|
Vlan-interface4093 |
member 1:192.168.2.1/24 member 5:192.168.2.2/24 |
MAD检测VLAN接口 |
|
|
EOR(IRF) |
HGE1/2/0/1 |
- |
IRF物理接口 |
|
HGE1/3/0/1 |
- |
IRF物理接口 |
|
|
XGE1/2/0/3 |
- |
DCGW |
|
|
XGE1/2/0/47 |
|
TOR:XGE5/0/46 |
|
|
XGE1/2/0/48 |
|
TOR:XGE1/0/46 |
|
|
XGE1/2/0/49 |
- |
MAD检测物理接口 |
|
|
XGE1/2/0/50 |
- |
IRF物理接口 |
|
|
HGE5/2/0/1 |
- |
IRF物理接口 |
|
|
HGE5/3/0/1 |
- |
IRF物理接口 |
|
|
XGE5/2/0/3 |
- |
DCGW |
|
|
XGE5/2/0/47 |
- |
TOR:XGE5/0/45 |
|
|
XGE5/2/0/48 |
- |
TOR:XGE1/0/45 |
|
|
XGE5/2/0/49 |
- |
MAD检测物理接口 |
|
|
XGE5/2/0/50 |
- |
IRF物理接口 |
|
|
BAGG101 |
- |
DCGW |
|
|
Loopback0 |
19.1.37.3/32 |
内部环回接口,用来建立EOR和TOR之间的BGP邻居 |
|
|
Vlan-interface4093 |
member 1:192.168.2.2/24 member 5:192.168.2.1/24 |
MAD检测VLAN接口 |
· TOR
#
router id 19.1.129.96
#
ospf 100
non-stop-routing
area 0.0.0.0
#
vlan 2 to 4094
#
irf-port 1/1
port group interface FortyGigE 1/0/49
port group interface FortyGigE 1/0/50
port group interface Ten-GigabitEthernet1/0/48
#
irf-port 5/2
port group interface FortyGigE 5/0/49
port group interface FortyGigE 5/0/50
port group interface Ten-GigabitEthernet5/0/48
#
stp global enable
#
l2vpn enable
vxlan tunnel arp-learning disable
#
vsi VSI_30061
arp suppression enable
vxlan 30061
evpn encapsulation vxlan
route-distinguisher auto
vpn-target auto export-extcommunity
vpn-target auto import-extcommunity
#
interface Bridge-Aggregation101
description To_vUP_For_VxLAN-AC
port link-type trunk
undo port trunk permit vlan 1
port trunk permit vlan 3122
link-aggregation mode dynamic
link-aggregation bfd ipv4 source 66.6.6.5 destination 66.6.6.6
vtep access port
bfd min-transmit-interval 100
bfd min-receive-interval 100
bfd detect-multiplier 3
#
service-instance 3122
encapsulation s-vid 3122
xconnect vsi VSI_30061
#
interface LoopBack0
ip address 19.1.37.1 255.255.255.255
#
interface Vlan-interface4093
mad bfd enable
mad ip address 192.168.2.1 255.255.255.0 member 1
mad ip address 192.168.2.2 255.255.255.0 member 5
#
interface Ten-GigabitEthernet1/0/6
port link-mode bridge
description TO_Sever
port link-type trunk
undo port trunk permit vlan 1
port trunk permit vlan 3122
lldp compliance admin-status cdp txrx
vtep access port
port link-aggregation group 101
#
interface Ten-GigabitEthernet1/0/7
port link-mode bridge
description TO_Sever
port link-type trunk
undo port trunk permit vlan 1
port trunk permit vlan 3122
lldp compliance admin-status cdp txrx
vtep access port
port link-aggregation group 101
#
interface Ten-GigabitEthernet1/0/45
port link-mode route
mtu 9000
link-delay down msec 100
link-delay up msec 100
ip address unnumbered interface LoopBack0
ospf network-type p2p
ospf 100 area 0.0.0.0
lldp compliance admin-status cdp txrx
lldp management-address arp-learning
lldp tlv-enable basic-tlv management-address-tlv interface LoopBack0
undo mac-address static source-check enable
#
interface Ten-GigabitEthernet1/0/46
port link-mode route
mtu 9000
link-delay down msec 100
link-delay up msec 100
ip address unnumbered interface LoopBack0
ospf network-type p2p
ospf 100 area 0.0.0.0
lldp compliance admin-status cdp txrx
lldp management-address arp-learning
lldp tlv-enable basic-tlv management-address-tlv interface LoopBack0
undo mac-address static source-check enable
#
interface Ten-GigabitEthernet1/0/47
port link-mode bridge
port access vlan 4093
undo stp enable
undo lldp enable
lldp compliance admin-status cdp txrx
#
interface Ten-GigabitEthernet1/0/48
#
interface FortyGigE 1/0/49
#
interface FortyGigE 1/0/50
#
interface Ten-GigabitEthernet5/0/6
port link-mode bridge
description TO_Sever
port link-type trunk
undo port trunk permit vlan 1
port trunk permit vlan 3122
lldp compliance admin-status cdp txrx
vtep access port
port link-aggregation group 101
#
interface Ten-GigabitEthernet5/0/7
port link-mode bridge
description TO_Sever
port link-type trunk
undo port trunk permit vlan 1
port trunk permit vlan 3122
lldp compliance admin-status cdp txrx
vtep access port
port link-aggregation group 101
#
interface Ten-GigabitEthernet5/0/45
port link-mode route
mtu 9000
link-delay down msec 100
link-delay up msec 100
ip address unnumbered interface LoopBack0
ospf network-type p2p
ospf 100 area 0.0.0.0
lldp compliance admin-status cdp txrx
lldp management-address arp-learning
lldp tlv-enable basic-tlv management-address-tlv interface LoopBack0
undo mac-address static source-check enable
#
interface Ten-GigabitEthernet5/0/46
port link-mode route
mtu 9000
link-delay down msec 100
link-delay up msec 100
ip address unnumbered interface LoopBack0
ospf network-type p2p
ospf 100 area 0.0.0.0
lldp compliance admin-status cdp txrx
lldp management-address arp-learning
lldp tlv-enable basic-tlv management-address-tlv interface LoopBack0
undo mac-address static source-check enable
#
interface Ten-GigabitEthernet5/0/47
port link-mode bridge
port access vlan 4093
undo stp enable
undo lldp enable
lldp compliance admin-status cdp txrx
#
interface Ten-GigabitEthernet5/0/48
#
interface FortyGigE 5/0/49
#
interface FortyGigE 5/0/50
#
bgp 64667
non-stop-routing
peer 19.1.37.3 as-number 64667
peer 19.1.37.3 connect-interface LoopBack0
#
address-family l2vpn evpn
peer 19.1.37.3 enable
#
· EOR
#
router id 19.1.129.99
#
ospf 100
non-stop-routing
area 0.0.0.0
#
vlan 2 to 4094
#
irf-port 1/1
port group interface hundredgige1/2/0/1 mode enhanced
port group interface hundredgige1/3/0/1 mode enhanced
port group interface Ten-GigabitEthernet1/2/0/50 mode enhanced
#
irf-port 5/2
port group interface hundredgige5/2/0/1 mode enhanced
port group interface hundredgige5/3/0/1 mode enhanced
port group interface Ten-GigabitEthernet5/2/0/50 mode enhanced
#
vsi VSI_30061
arp suppression enable
vxlan 30061
evpn encapsulation vxlan
route-distinguisher auto
vpn-target auto export-extcommunity
vpn-target auto import-extcommunity
#
interface Bridge-Aggregation101
description TO_DCGW
port link-type trunk
undo port trunk permit vlan 1
port trunk permit vlan 101
link-aggregation mode dynamic
#
service-instance 3122
encapsulation s-vid 101
xconnect vsi VSI_30061 access-mode Ethernet
#
interface LoopBack0
ip address 19.1.37.3 255.255.255.255
#
interface Vlan-interface4093
mad bfd enable
mad ip address 192.168.2.2 255.255.255.0 member 1
mad ip address 192.168.2.1 255.255.255.0 member 5
#
interface hundredgige1/2/0/1
#
interface hundredgige1/3/0/1
#
interface Ten-GigabitEthernet1/2/0/3
port link-mode bridge
port link-type trunk
undo port trunk permit vlan 1
port trunk permit vlan 101 104 to 106
port link-aggregation group 101
#
interface Ten-GigabitEthernet1/2/0/47
port link-mode route
mtu 9000
dampening
ip address unnumbered interface LoopBack0
ospf network-type p2p
ospf 100 area 0.0.0.0
lldp management-address arp-learning
lldp tlv-enable basic-tlv management-address-tlv interface LoopBack0
#
interface Ten-GigabitEthernet1/2/0/48
port link-mode route
mtu 9000
dampening
ip address unnumbered interface LoopBack0
ospf network-type p2p
ospf 100 area 0.0.0.0
lldp management-address arp-learning
lldp tlv-enable basic-tlv management-address-tlv interface LoopBack0
#
interface Ten-GigabitEthernet1/2/0/49
port link-mode bridge
port access vlan 4093
undo stp enable
#
interface Ten-GigabitEthernet1/2/0/50
#
interface hundredgige5/2/0/1
#
interface hundredgige5/3/0/1
#
interface Ten-GigabitEthernet5/2/0/3
port link-mode bridge
port link-type trunk
undo port trunk permit vlan 1
port trunk permit vlan 101 104 to 106
port link-aggregation group 101
#
interface Ten-GigabitEthernet5/2/0/47
port link-mode route
mtu 9000
dampening
ip address unnumbered interface LoopBack0
ospf network-type p2p
ospf 100 area 0.0.0.0
lldp management-address arp-learning
lldp tlv-enable basic-tlv management-address-tlv interface LoopBack0
#
interface Ten-GigabitEthernet5/2/0/48
port link-mode route
mtu 9000
dampening
ip address unnumbered interface LoopBack0
ospf network-type p2p
ospf 100 area 0.0.0.0
lldp management-address arp-learning
lldp tlv-enable basic-tlv management-address-tlv interface LoopBack0
#
interface Ten-GigabitEthernet5/2/0/49
port link-mode bridge
port access vlan 4093
undo stp enable
#
interface Ten-GigabitEthernet5/2/0/50
#
bgp 64667
non-stop-routing
group evpn internal
peer evpn connect-interface LoopBack0
peer 19.1.37.1 group evpn
#
address-family l2vpn evpn
undo policy vpn-target
peer evpn enable
peer evpn next-hop-local
peer evpn reflect-client
#
· DCGW
interface Route-Aggregation101.101
description ToCP_For_CU-Tunnel
ip binding vpn-instance CP2UP_L3VPN
ip address 19.1.15.9 255.255.255.248
vlan-type dot1q vid 101
bfd min-echo-receive-interval 50
bfd detect-multiplier 8
#
TOR设备和EOR设备都由IRF组网切换为M-LAG组网。
对于框式设备,配置M-LAG之前,需要先执行undo chassis convert mode命令将设备由IRF模式切换为独立运行模式。需要注意的是,为了防止切换运行模式的过程中有配置丢失,请在切换前保存一份配置文件,切换后再保存一份配置文件,切换后将两份配置文件进行对比,确保配置没有丢失。
一般情况下,建议将原IRF物理端口切换为peer-link链路,原MAD检测物理链路切换为Keepalive链路。本例中TOR上的XGE1/0/48和XGE5/0/48,EOR上的XGE1/2/0/50和XGE5/2/0/50切换前为IRF物理端口,切换后调整为Keepalive链路接口。原因一为peer-link聚合链路中的成员端口需要为相同速率接口,二为增加Keepalive链路的可靠性。
TOR连接服务器的跨成员设备聚合接口切换为M-LAG接口,EOR设备连接DCGW设备的跨成员设备聚合接口也切换为M-LAG接口。
IRF切换M-LAG后,组成IRF的两台设备成为独立设备,切换前三层接口的IP地址出现冲突,需要重新配置IP地址。
使用动态路由实现M-LAG设备与上行设备的路由互通时,M-LAG主、从设备之间需要建立三层路由,打通主、从设备的三层互联,用于上游链路故障的业务保护,以及M-LAG故障时的业务保护。
IRF设备配置了动态路由时,IRF切换M-LAG后,组成IRF的两台设备成为独立设备,切换前IRF设备上配置的Router ID出现冲突,需要重新配置路由协议Router ID,并重启路由进程。
切换前,IRF逻辑设备作为VTEP。切换后,需要在两台设备上均开启EVPN的M-LAG模式,并为其配置相同的虚拟VTEP地址(通过evpn m-lag group命令配置),将两台设备虚拟成为一台VTEP设备。设备采用虚拟VTEP地址作为源端地址,使M-LAG系统与远端VTEP自动建立VXLAN隧道,从而避免VTEP单点故障对网络造成影响。
对于S12500X-AF/S12500F-AF设备,切换后需要通过l2vpn m-lag peer-link tunnel命令开启成员设备间自动建立VXLAN隧道功能。执行本命令后,作为M-LAG成员设备的两台VTEP之间会自动建立VXLAN隧道,并将该VXLAN隧道自动与所有VXLAN关联。自动创建的VXLAN隧道用来实现用户侧链路的备份:如果一台VTEP上的AC故障,则该VTEP从VXLAN隧道上接收到远端VTEP(非M-LAG成员设备)发送给故障AC的报文后,为报文添加VXLAN封装,封装的VXLAN ID为故障AC所属VSI对应的VXLAN ID,并通过本命令自动创建的VXLAN隧道将其转发到另一台VTEP(M-LAG成员设备)。该VTEP根据VXLAN ID判断报文所属的VSI,并转发该报文。由于需要使用VXLAN隧道进行三层转发,还需要配置vxlan ip-forwarding命令使VXLAN隧道工作在三层转发模式。
对于S12500G-AF/S12500-XS/S10500X/S7600/S7600E-X/S7500X设备,切换后需要配置通过VXLAN ID映射方式生成peer-link链路上动态AC的报文匹配规则(l2vpn m-lag peer-link ac-match-rule vxlan-mapping命令)。
为了让EOR和TOR之间的OSPF和BGP协议先起来,隧道能够提前建立,在设备端口恢复UP时,能快速完成流量切换,需要将EOR的从设备和TOR从设备一起切换,EOR的主设备和TOR的主设备一起切换,操作过程如下:
(1) 手动关闭EOR从设备和TOR从设备上所有业务端口,将流量切换到主设备;再关闭主设备的IRF物理端口,使IRF分裂;
(2) EOR从设备和TOR从设备配置M-LAG;
(3) 手动关闭EOR主设备和TOR主设备接口,开启EOR从设备和TOR从设备的接口,使流量切换到EOR从设备和TOR从设备;
(4) EOR的主设备和TOR的主设备配置M-LAG;
(5) 手动开启EOR主设备和TOR主设备接口,完成M-LAG系统切换,流量负载分担到主从设备。
图5-2 IRF组网切换M-LAG组网示例图(切换后)
|
设备 |
接口 |
IP地址 |
对接设备及接口 |
|
TOR1-1 |
XGE1/0/6 |
- |
Server |
|
XGE1/0/7 |
- |
Server |
|
|
XGE1/0/45 |
- |
EOR 2:XGE2/0/48 |
|
|
XGE1/0/46 |
- |
EOR 1:XGE2/0/48 |
|
|
XGE1/0/47 |
- |
Keepalive物理接口 TOR 2:XGE5/0/47 |
|
|
XGE1/0/48 |
- |
Keepalive物理接口 TOR 2:XGE5/0/48 |
|
|
FGE1/0/49 |
- |
Peer-link链路物理接口 TOR 2:FGE5/0/49 |
|
|
FGE1/0/50 |
- |
Peer-link链路物理接口 TOR 2:FGE5/0/50 |
|
|
BAGG1 |
- |
Peer-link链路二层聚合口 |
|
|
BAGG101 |
- |
Server |
|
|
RAGG1 |
1.1.1.1/24 |
Keepalive三层聚合口 |
|
|
LoopBack0 |
19.1.37.3 |
本地地址 |
|
|
LoopBack2 |
19.1.37.6 |
虚拟VTEP地址 |
|
|
Vlan-interface4094 |
192.168.1.1/30 |
Peer-link链路 OSPF邻居 |
|
|
TOR1-2 |
XGE5/0/6 |
- |
Server |
|
XGE5/0/7 |
- |
Server |
|
|
XGE5/0/45 |
- |
EOR 2:XGE2/0/47 |
|
|
XGE5/0/46 |
- |
EOR 1:XGE2/0/47 |
|
|
XGE5/0/47 |
- |
Keepalive物理接口 TOR 1:XGE1/0/47 |
|
|
XGE5/0/48 |
- |
Keepalive物理接口 TOR 1:XGE1/0/48 |
|
|
FGE5/0/49 |
- |
Peer-link链路物理接口 TOR 1:XGE1/0/49 |
|
|
FGE5/0/50 |
- |
Peer-link链路物理接口 TOR 1:XGE1/0/50 |
|
|
BAGG1 |
- |
Peer-link链路二层聚合口 |
|
|
BAGG101 |
- |
Server |
|
|
RAGG1 |
1.1.1.2/24 |
Keepalive三层聚合口 |
|
|
LoopBack0 |
19.1.37.4 |
本地地址 |
|
|
LoopBack2 |
19.1.37.6 |
虚拟VTEP地址 |
|
|
Vlan-interface4094 |
192.168.1.2/30 |
Peer-link链路 OSPF邻居 |
|
|
EOR1-1 |
HGE2/0/1 |
- |
Peer-link链路物理接口 EOR 2:HGE2/0/1 |
|
HGE3/0/1 |
- |
Peer-link链路物理接口 EOR 2:HGE3/0/1 |
|
|
XGE2/0/3 |
- |
DCGW |
|
|
XGE2/0/47 |
- |
TOR 2:XGE5/0/46 |
|
|
XGE2/0/48 |
- |
TOR 2:XGE1/0/46 |
|
|
XGE2/0/49 |
- |
Keepalive物理接口 EOR 2:XGE2/0/49 |
|
|
XGE2/0/50 |
- |
Keepalive物理接口 EOR 2:XGE2/0/50 |
|
|
BAGG1 |
- |
Peer-link链路二层聚合口 |
|
|
RAGG1 |
1.1.1.1/24 |
Keepalive三层聚合口 |
|
|
BAGG101 |
- |
DCGW |
|
|
LoopBack0 |
19.1.37.1 |
本地地址 |
|
|
LoopBack2 |
19.1.37.5 |
虚拟VTEP地址 |
|
|
Vlan-interface4094 |
192.168.2.5/30 |
Peer-link链路 OSPF邻居 |
|
|
EOR1-2 |
HGE2/0/1 |
- |
Peer-link链路物理接口 EOR 1:HGE2/0/1 |
|
HGE3/0/1 |
- |
Peer-link链路物理接口 EOR 1:HGE3/0/1 |
|
|
XGE2/0/3 |
- |
DCGW |
|
|
XGE2/0/47 |
|
TOR 2:XGE5/0/45 |
|
|
XGE2/0/48 |
|
TOR 1:XGE1/0/45 |
|
|
XGE2/0/49 |
- |
Keepalive物理接口 EOR 1:XGE2/0/49 |
|
|
XGE2/0/50 |
- |
Keepalive物理接口 EOR 1:XGE2/0/50 |
|
|
BAGG1 |
- |
Peer-link链路二层聚合口 |
|
|
RAGG1 |
1.1.1.2/24 |
Keepalive三层聚合口 |
|
|
BAGG101 |
- |
DCGW |
|
|
LoopBack0 |
19.1.37.2 |
实VTEP地址的内部环回接口 |
|
|
LoopBack2 |
19.1.37.5 |
虚VTEP地址的内部环回接口 |
|
|
Vlan-interface4094 |
192.168.2.6/30 |
Peer-link链路 OSPF邻居VLAN接口 |
(1) 关闭TOR从设备物理接口,流量切换到主设备,IRF分裂
(2) 关闭EOR从设备物理接口,流量切换到主设备,IRF分裂
(4) TOR从设备配置M-LAG
(5) EOR从设备配置M-LAG
(6) 查看TOR从设备配置生效情况
(7) 查看EOR从设备配置生效情况
· 请提前准备好配置,并快速下发切换配置以便减少收敛时间。
· 隔离IRF从设备的操作请严格按建议顺序操作,否则从设备可能进入MAD Down状态,过程中涉及接口先开启再关闭可能导致丢包。
· 重新配置OSPF进程Router ID后,需要重新启动OSPF进程。
· 在流量切换至主设备后,开启TOR从设备与EOR从设备之间的三层口,使隧道提前建立,减少收敛时间。
· 建议将IRF的主设备设置为M-LAG的从设备、将IRF的从设备设置为M-LAG的主设备,否则M-LAG系统形成后会出现实际生效的角色和配置角色不一致,概率出现角色切换,切换过程中有50秒左右丢包。
(1) 关闭TOR从设备除IRF物理接口外的所有物理接口,流量切换到主设备。
[TOR1-2] interface range ten-gigabitethernet 5/0/6 ten-gigabitethernet 5/0/7 ten-gigabitethernet 5/0/45 to ten-gigabitethernet 5/0/47
[TOR1-2-if-range] shutdown
[TOR1-2-if-range] quit
(2) 关闭TOR主设备IRF物理端口,完成IRF分裂。
[TOR1-1] interface range ten-gigabitethernet 1/0/48 fortygige 1/0/49 fortygige 1/0/50
[TOR1-1-if-range] shutdown
[TOR1-1-if-range] quit
(1) 关闭EOR从设备除IRF物理接口外的所有物理接口,流量切换到主设备。
[EOR1-2] interface range ten-gigabitethernet 5/2/0/3 ten-gigabitethernet 5/2/0/47 to ten-gigabitethernet 5/2/0/49
[EOR1-2-if-range] shutdown
[EOR1-2-if-range] quit
(2) 关闭EOR主设备IRF物理端口,完成IRF分裂。
[EOR1-1] interface range hundredgige 1/2/0/1 hundredgige 1/3/0/1 ten-gigabitethernet 1/2/0/50
[EOR1-1-if-range] shutdown
[EOR1-1-if-range] quit
(3) 开启TOR从设备与EOR从设备之间的三层口。
# 开启TOR从设备上与EOR从设备连接的三层口。
[TOR1-2] interface ten-gigabitethernet 5/0/45
[TOR1-2-Ten-GigabitEthernet5/0/45] undo shutdown
[TOR1-2-Ten-GigabitEthernet5/0/45] quit
# 开启EOR从设备上与TOR从设备连接的三层口。
[EOR1-2] interface ten-gigabitethernet 5/2/0/47
[EOR1-2-Ten-GigabitEthernet5/2/0/47] undo shutdown
[EOR1-2-Ten-GigabitEthernet5/2/0/47] quit
(1) 保存IRF模式下的配置文件为irf.cfg。
[EOR1-2] save flash:/irf.cfg
The current configuration will be saved to flash:/irf.cfg. Continue? [Y/N]:y
Now saving current configuration to the device.
Saving configuration flash:/irf.cfg.Please wait...
Configuration is saved to device successfully.
(2) EOR从设备由IRF模式切换为独立运行模式。
[EOR1-2] undo chassis convert mode
The device will switch to stand-alone mode and reboot. Continue? [Y/N]:y
You are recommended to save the current running configuration and specify the configuration file for the next startup. Continue? [Y/N]:y
Please input the file name(*.cfg)[flash:/startup.cfg]
(To leave the existing filename unchanged, press the enter key):
flash:/startup.cfg exists, overwrite? [Y/N]:y
Validating file. Please wait...
Saved the current configuration to mainboard device successfully.
Do you want to convert the content of the next startup configuration file flash:/startup.cfg to make it available in stand-alone mode? [Y/N]:y
Now rebooting, please wait...
(3) 比较独立运行模式的配置文件startup.cfg和IRF模式的配置文件irf.cfg,确保配置没有丢失。
[EOR1-2] display diff configfile flash:/irf.cfg configfile flash:/startup.cfg
(1) 配置IRF设备桥MAC恢复缺省情况,配置IRF桥MAC不保留,避免分裂后的两台设备具有相同MAC导致网络故障。
# 配置IRF桥MAC不保留。
[TOR1-2] undo irf mac-address persistent
# 配置IRF设备桥MAC恢复缺省情况。
[TOR1-2] undo irf mac-address
(2) M-LAG系统配置。
# 配置延迟恢复定时器超时时间为300秒。
[TOR1-2] m-lag restore-delay 300
# 配置M-LAG设备角色优先级。
[TOR1-2] m-lag role priority 100
# 配置M-LAG系统MAC地址(同一M-LAG系统的两台M-LAG设备需要配置相同的系统MAC)。
[TOR1-2] m-lag system-mac 0002-0002-0002
# 配置M-LAG系统编号(同一M-LAG系统的两台M-LAG设备需要配置不同的系统编号)。
[TOR1-2] m-lag system-number 2
# 配置M-LAG系统优先级(同一M-LAG系统的两台M-LAG设备需要配置相同的系统优先级)。
[TOR1-2] m-lag system-priority 123
# 配置Keepalive报文的目的IPv4地址为1.1.1.1,源IPv4地址为1.1.1.2。
[TOR1-2] m-lag Keepalive ip destination 1.1.1.1 source 1.1.1.2
# 配置从设备重启后的自动恢复时间。否则仅一台M-LAG设备启动后,缺省情况下,该设备处于None角色,所有M-LAG接口处于M-LAG DOWN状态。此时用户流量无法通过M-LAG接口转发。
m-lag auto-recovery reload-delay 240
# 配置虚拟VTEP地址。
[TOR1-2] evpn m-lag group 19.1.37.6
(3) 配置M-LAG接口。
# 配置连接服务器的聚合接口101加入M-LAG组。关闭M-LAG接口的STP功能。
[TOR1-2] interface Bridge-Aggregation 101
[TOR1-2-Bridge-Aggregation101] port m-lag group 101
[TOR1-2-Bridge-Aggregation101] undo stp enable
[TOR1-2-Bridge-Aggregation101] quit
(4) 配置peer-link链路。
# 创建二层聚合接口1作为peer-link接口。
[TOR1-2] interface bridge-aggregation 1
[TOR1-2-Bridge-Aggregation1] quit
# 配置IRF物理接口Ten-GigabitEthernet5/0/48、FortyGigE5/0/49和FortyGigE5/0/50取消与IRF接口绑定,并将FortyGigE5/0/49和FortyGigE5/0/50加入聚合组1作为peer-link链路物理接口。
[TOR1-2] interface range ten-gigabitethernet 5/0/48 fortygige 5/0/49 fortygige 5/0/50
[TOR1-2-if-range] shutdown
[TOR1-2-if-range] quit
[TOR1-2] irf-port 5/2
[TOR1-2-irf-port5/2] undo port group interface fortygige 5/0/49
[TOR1-2-irf-port5/2] undo port group interface fortygige 5/0/50
[TOR1-2-irf-port5/2] undo port group interface ten-gigabitethernet 5/0/48
[TOR1-2-irf-port5/2] quit
[TOR1-2] interface range fortygige 5/0/49 fortygige 5/0/50
[TOR1-2-if-range] port link-aggregation group 1
[TOR1-2-if-range] quit
# 配置二层聚合接口1作为peer-link接口。
[TOR1-2] interface Bridge-Aggregation 1
[TOR1-2-Bridge-Aggregation1] port link-type trunk
[TOR1-2-Bridge-Aggregation1] port trunk permit vlan all
[TOR1-2-Bridge-Aggregation1] link-aggregation mode dynamic
[TOR1-2-Bridge-Aggregation1] port m-lag peer-link 1
[TOR1-2-Bridge-Aggregation1] quit
(5) 配置Keepalive链路接口。
# 删除切换前IRF设备上用于MAD检测的VLAN接口4093,创建三层聚合接口1作为Keepalive接口。
[TOR1-2] undo interface Vlan-interface 4093
[TOR1-2] interface route-aggregation 1
[TOR1-2-Route-Aggregation1] quit
# 配置物理接口Ten-GigabitEthernet5/0/47 Ten-GigabitEthernet5/0/48加入三层聚合组1作为Keepalive链路物理接口。
[TOR1-2] interface range ten-gigabitethernet 5/0/47 ten-gigabitethernet 5/0/48
[TOR1-2-if-range] port link-mode route
[TOR1-2-if-range] port link-aggregation group 1
[TOR1-2-if-range] quit
(6) 配置三层聚合接口1作为Keepalive接口,并配置IP地址。
[TOR1-2] interface Route-Aggregation 1
[TOR1-2-Route-Aggregation1] link-aggregation mode dynamic
[TOR1-2-Route-Aggregation1] ip address 1.1.1.2 255.255.255.0
[TOR1-2-Route-Aggregation1] quit
(7) 通过peer-link链路建立OSPF邻居。
[TOR1-2] interface Vlan-interface 4094
[TOR1-2-Vlan-interface4094] ip address 192.168.1.2 255.255.255.252
[TOR1-2-Vlan-interface4094] ospf 100 area 0.0.0.0
[TOR1-2-Vlan-interface4094] quit
(8) 原有IRF设备与EOR建立的BGP邻居配置删除,重新配置TOR从设备与EOR主设备、从设备的BGP邻居。
[TOR1-2] bgp 64667
[TOR1-2-bgp-default] undo peer 19.1.37.3
[TOR1-2-bgp-default] group evpn internal
[TOR1-2-bgp-default] peer evpn connect-interface LoopBack0
[TOR1-2-bgp-default] peer 19.1.37.1 group evpn
[TOR1-2-bgp-default] peer 19.1.37.2 group evpn
[TOR1-2-bgp-default] address-family l2vpn evpn
[TOR1-2-bgp-default-evpn] peer evpn enable
[TOR1-2-bgp-default-evpn] quit
[TOR1-2-bgp-default] quit
(9) IRF设备拆分为两台独立设备后,两台设备不能用相同的IP地址,因为没有预留地址需要重新分配地址。
# TOR从设备的LoopBack0接口修改地址为19.1.37.4,用来建立Underlay网络的路由邻居,两台M-LAG设备需要配置不同的地址。
[TOR1-2] interface LoopBack 0
[TOR1-2-LoopBack0] ip address 19.1.37.4 255.255.255.255
[TOR1-2-LoopBack0] ospf 100 area 0.0.0.0
[TOR1-2-LoopBack0] quit
# TOR从设备的LoopBack2接口配置地址为19.1.37.6,两台M-LAG设备需要配置相同的地址,即evpn m-lag group命令配置的虚拟VTEP地址,使M-LAG系统与远端VTEP自动建立VXLAN隧道。
[TOR1-2] interface LoopBack 2
[TOR1-2-LoopBack2] ip address 19.1.37.6 255.255.255.255
[TOR1-2-LoopBack2] ospf 100 area 0.0.0.0
[TOR1-2-LoopBack2] quit
# 重新配置OSPF的Router ID,并重启OSPF进程。
[TOR1-2] router-id 19.1.35.4
<TOR1-2> quit
<TOR1-2> reset ospf process? [Y/N]:y
(10) 配置保留接口。
<TOR1-2> system-view
[TOR1-2] m-lag mad exclude interface Route-Aggregation 1
[TOR1-2] m-lag mad exclude interface ten-gigabitethernet 5/0/47
[TOR1-2] m-lag mad exclude interface ten-gigabitethernet 5/0/48
[TOR1-2] m-lag mad exclude interface LoopBack0
[TOR1-2] m-lag mad exclude interface LoopBack2
[TOR1-2] m-lag mad exclude interface Vlan-interface 4094
(1) 配置IRF设备桥MAC恢复缺省情况,配置IRF桥MAC不保留,避免分裂后的两台设备具有相同MAC导致网络故障。
# 配置IRF桥MAC不保留。
[EOR1-2] undo irf mac-address persistent
# 配置IRF设备桥MAC恢复缺省情况。
[EOR1-2] undo irf mac-address
(2) M-LAG系统配置。
# 配置延迟恢复定时器超时时间为300秒。
[EOR1-2] m-lag restore-delay 300
# 配置M-LAG设备角色优先级。
[EOR1-2] m-lag role priority 100
# 配置M-LAG系统MAC地址(同一M-LAG系统的两台M-LAG设备需要配置相同的系统MAC)。
[EOR1-2] m-lag system-mac 0001-0001-0001
# 配置M-LAG系统编号(同一M-LAG系统的两台M-LAG设备需要配置不同的系统编号)。
[EOR1-2] m-lag system-number 2
# 配置M-LAG系统优先级(同一M-LAG系统的两台M-LAG设备需要配置相同的系统优先级)。
[EOR1-2] m-lag system-priority 123
# 配置Keepalive报文的目的IPv4地址为1.1.1.1,源IPv4地址为1.1.1.2。
[EOR1-2] m-lag Keepalive ip destination 1.1.1.1 source 1.1.1.2
# 配置从设备重启后的自动恢复时间。否则仅一台M-LAG设备启动后,缺省情况下,该设备处于None角色,所有M-LAG接口处于M-LAG DOWN状态。此时用户流量无法通过M-LAG接口转发。
m-lag auto-recovery reload-delay 240
# 配置虚拟VTEP地址。
[EOR1-2] evpn m-lag group 19.1.37.5
(3) 开启成员设备间自动建立VXLAN隧道功能,并配置VXLAN隧道工作在三层转发模式。(仅仅S12500X-AF/S12500F-AF适用)
[EOR1-2] l2vpn m-lag peer-link tunnel source 19.1.37.2 destination 19.1.37.1
[EOR1-2] vxlan ip-forwarding tagged
(4) # 配置通过VXLAN ID映射方式生成peer-link链路上动态AC的报文匹配规则。(仅S12500G-AF/S12500-XS/S10500X/S7600/S7600E-X/S7500X适用)
l2vpn m-lag peer-link ac-match-rule vxlan-mapping
(5) 配置M-LAG接口。
# 配置连接DCGW的聚合接口101加入M-LAG组。关闭M-LAG接口的STP功能。
[EOR1-2] interface Bridge-Aggregation 101
[EOR1-2-Bridge-Aggregation101] port m-lag group 101
[EOR1-2-Bridge-Aggregation101] undo stp enable
[EOR1-2-Bridge-Aggregation101] quit
(6) 配置peer-link链路。
# 创建二层聚合接口1作为peer-link接口。
[EOR1-2] interface bridge-aggregation 1
[EOR1-2-Bridge-Aggregation1] undo shutdown
# 配置IRF物理接口Ten-GigabitEthernet2/0/50、HundredGigE2/0/1 和HundredGigE3/0/1取消与IRF接口绑定,并配置HundredGigE2/0/1和HundredGigE3/0/1加入聚合组1作为peer-link链路物理接口。
[EOR1-2] interface range hundredgige 2/0/1 hundredgige 3/0/1 ten-gigabitethernet 2/0/50
[EOR1-2-if-range] shutdown
[EOR1-2-if-range] quit
[EOR1-2] irf-port 5/2
[EOR1-2-irf-port5/2] undo port group interface hundredgige 2/0/1
[EOR1-2-irf-port5/2] undo port group interface hundredgige 3/0/1
[EOR1-2-irf-port5/2] undo port group interface ten-gigabitethernet 2/0/50
[EOR1-2-irf-port5/2] quit
[EOR1-2] interface range hundredgige 2/0/1 hundredgige 3/0/1
[EOR1-2-if-range] port link-aggregation group 1
[EOR1-2-if-range] quit
# 配置二层聚合接口1作为peer-link接口。
[EOR1-2] interface Bridge-Aggregation 1
[EOR1-2-Bridge-Aggregation1] port link-type trunk
[EOR1-2-Bridge-Aggregation1] port trunk permit vlan all
[EOR1-2-Bridge-Aggregation1] link-aggregation mode dynamic
[EOR1-2-Bridge-Aggregation1] port m-lag peer-link 1
[EOR1-2-Bridge-Aggregation1] quit
(7) 配置Keepalive链路接口。
# 创建三层聚合接口1作为Keepalive接口。
[EOR1-2] undo interface Vlan-interface 4093
[EOR1-2] interface route-aggregation 1
[EOR1-2-Route-Aggregation1] undo shutdown
[EOR1-2-Route-Aggregation1] quit
# 配置物理接口Ten-GigabitEthernet2/0/49、Ten-GigabitEthernet2/0/50加入三层聚合组1作为Keepalive链路物理接口。
[EOR1-2] interface range ten-gigabitethernet 2/0/49 ten-gigabitethernet 2/0/50
[EOR1-2-if-range] port link-mode route
[EOR1-2-if-range] port link-aggregation group 1
[EOR1-2-if-range] quit
# 配置三层聚合接口1作为Keepalive接口,并配置IP地址。
[EOR1-2] interface Route-Aggregation 1
[EOR1-2-Route-Aggregation1] link-aggregation mode dynamic
[EOR1-2-Route-Aggregation1] ip address 1.1.1.2 255.255.255.0
[EOR1-2-Route-Aggregation1] quit
(8) 通过peer-link链路建立OSPF邻居。
[EOR1-2] interface Vlan-interface 4094
[EOR1-2-Vlan-interface4094] undo shutdown
[EOR1-2-Vlan-interface4094] ip address 192.168.2.6 255.255.255.252
[EOR1-2-Vlan-interface4094] ospf 100 area 0.0.0.0
[EOR1-2-Vlan-interface4094] quit
(9) 原有IRF设备与TOR建立的BGP邻居配置删除,重新配置EOR从设备与TOR主设备、从设备的BGP邻居。
[EOR1-2] bgp 64667
[EOR1-2-bgp-default] undo peer 19.1.37.1
[EOR1-2-bgp-default] peer evpn connect-interface LoopBack0
[EOR1-2-bgp-default] peer 19.1.37.3 group evpn
[EOR1-2-bgp-default] peer 19.1.37.4 group evpn
[EOR1-2-bgp-default] quit
(10) IRF设备拆分为两台设备后,两台设备不能用相同的地址,因为没有预留地址需要重新分配地址。
# EOR从设备的LoopBack0接口修改地址为19.1.37.2,用来建立Underlay网络的路由邻居,两台M-LAG设备需要配置不同的地址。
[EOR1-2] interface LoopBack0
[EOR1-2-LoopBack0] ip address 19.1.37.2 255.255.255.255
[EOR1-2-LoopBack0] ospf 100 area 0.0.0.0
[EOR1-2-LoopBack0] quit
# EOR从设备的LoopBack2接口配置地址为19.1.37.5,两台M-LAG设备需要配置相同的地址,即evpn m-lag group命令配置的虚拟VTEP地址,使M-LAG系统与远端VTEP自动建立VXLAN隧道。
[EOR1-2] interface LoopBack2
[EOR1-2-LoopBack2] ip address 19.1.37.5 255.255.255.255
[EOR1-2-LoopBack2] ospf 100 area 0.0.0.0
[EOR1-2-LoopBack2] quit
# 重新配置OSPF的Router ID,并重启OSPF进程。
[EOR1-2] router-id 19.1.35.2
[EOR1-2] quit
<EOR1-2> reset ospf process? [Y/N]:y
(11) 配置保留接口。
<EOR1-2> system-view
[EOR1-2] m-lag mad exclude interface Route-Aggregation1
[EOR1-2] m-lag mad exclude interface ten-gigabitethernet 5/2/0/49
[EOR1-2] m-lag mad exclude interface ten-gigabitethernet 5/2/0/50
[EOR1-2] m-lag mad exclude interface LoopBack0
[EOR1-2] m-lag mad exclude interface LoopBack2
[EOR1-2] m-lag mad exclude interface Vlan-interface4094
# 在TOR从设备上查看M-LAG系统状态,peer-link接口和M-LAG接口已经生成,但是处于Down状态。
[TOR1-2] display m-lag summary
Global consistency check : -
Inconsistent type 1 global settings: -
Peer-link interface Peer-link interface ID State
BAGG1 1 DOWN
M-LAG IF M-LAG group ID State Check result Type 1 inconsistency
BAGG101 101 DOWN - -
# TOR从设备与EOR从设备之间OSPF和BGP邻居已经建立。
[TOR1-2] display ospf peer
OSPF Process 100 with Router ID 19.1.35.4
Neighbor Brief Information
Area: 0.0.0.0
Router ID Address Pri Dead-Time State Interface
19.1.35.2 19.1.37.2 1 35 Full/ - FGE5/0/53
[TOR1-2] dis bgp peer l2vpn evpn
BGP local router ID: 19.1.129.96
Local AS number: 64667
Total number of peers: 2 Peers in established state: 1
* - Dynamically created peer
Peer AS MsgRcvd MsgSent OutQ PrefRcv Up/Down State
19.1.37.1 64667 1 1 0 0 00:40:54 Connect
19.1.37.2 64667 29 26 0 2 00:17:59 Established
# TOR从设备与EOR从设备之间Tunnel已经生成,处于UP状态。
[TOR1-2] display interface Tunnel
Tunnel0
Current state: UP
Line protocol state: UP
Description: Tunnel0 Interface
Bandwidth: 64 kbps
Maximum transmission unit: 8964
Internet protocol processing: Disabled
Last clearing of counters: Never
Tunnel source 19.1.37.6, destination 19.1.37.5
Tunnel protocol/transport UDP_VXLAN/IP
Last 300 seconds input rate: 0 bytes/sec, 0 bits/sec, 0 packets/sec
Last 300 seconds output rate: 0 bytes/sec, 0 bits/sec, 0 packets/sec
Input: 0 packets, 0 bytes, 0 drops
Output: 0 packets, 0 bytes, 0 drops
# 在EOR从设备上查看M-LAG系统状态,peer-link接口和M-LAG接口已经生成,但是处于Down状态。
[EOR1-2] display m-lag summary
Flags: A -- Aggregate interface down, B -- No peer M-LAG interface configured
C -- Configuration consistency check failed
Peer-link interface: BAGG1
Peer-link interface state (cause): DOWN (Aggregate interface down)
Keepalive link state (cause): DOWN (Local Tx failed)
M-LAG interface information
M-LAG IF M-LAG group Local state (cause) Peer state Remaining down time(s)
BAGG101 101 DOWN (B) UNKNOWN -
# TOR与EOR从设备之间OSPF和BGP邻居已经建立。
[EOR1-2] display ospf peer
OSPF Process 100 with Router ID 19.1.35.2
Neighbor Brief Information
Area: 0.0.0.0
Router ID Address Pri Dead-Time State Interface
19.1.35.4 19.1.37.4 1 36 Full/ - HGE5/0/0/2
[EOR1-2]display bgp peer l2vpn evpn
BGP local router ID: 19.1.129.99
Local AS number: 64667
Total number of peers: 2 Peers in established state: 1
* - Dynamically created peer
Peer AS MsgRcvd MsgSent OutQ PrefRcv Up/Down State
19.1.37.3 64667 0 0 0 0 00:01:25 Connect
19.1.37.4 64667 6 6 0 2 00:01:10 Established
# EOR1-1和EOR1-2间的隧道已经生成,但是处于Down状态。
[EOR1-2] display l2vpn vsi verbose
VSI Name: VSI_30061
VSI Index : 0
VSI State : Down
MTU : 1500
Bandwidth : Unlimited
Broadcast Restrain : Unlimited
Multicast Restrain : Unlimited
Unknown Unicast Restrain: Unlimited
MAC Learning : Enabled
MAC Table Limit : Unlimited
MAC Learning rate : -
Drop Unknown : Disabled
Flooding : Enabled
Statistics : Enabled
Input Statistics :
Octets :2098750749578
Packets :16800457679
Errors :0
Discards :0
Output Statistics :
Octets :2116596276554
Packets :16809468249
Errors :0
Discards :0
VXLAN ID : 30061
Tunnels:
Tunnel Name Link ID State Type Flood proxy
Tunnel0 0x5000000 Down Manual Disabled
Tunnel1 0x5000001 UP Auto Disabled
ACs:
AC Link ID State Type
BAGG101 srv3122 0 Down Manual
[EOR1-2] display interface Tunnel
Tunnel0
Current state: DOWN
Line protocol state: DOWN
Description: Tunnel0 Interface
Bandwidth: 64 kbps
Maximum transmission unit: 64000
Internet protocol processing: Disabled
Last clearing of counters: Never
Tunnel source 19.1.37.2, destination 19.1.37.1
Tunnel protocol/transport UDP_VXLAN/IP
Last 5 seconds input rate: 0 bytes/sec, 0 bits/sec, 0 packets/sec
Last 5 seconds output rate: 0 bytes/sec, 0 bits/sec, 0 packets/sec
Input: 0 packets, 0 bytes, 0 drops
Output: 0 packets, 0 bytes, 0 drops
# TOR从设备与EOR从设备之间Tunnel已经生成,处于UP状态。
[EOR1-2] display interface Tunnel
Tunnel1
Current state: UP
Line protocol state: UP
Description: Tunnel1 Interface
Bandwidth: 64 kbps
Maximum transmission unit: 8964
Internet protocol processing: Disabled
Last clearing of counters: Never
Tunnel source 19.1.37.5, destination 19.1.37.6
Tunnel protocol/transport UDP_VXLAN/IP
Last 5 seconds input rate: 0 bytes/sec, 0 bits/sec, 0 packets/sec
Last 5 seconds output rate: 0 bytes/sec, 0 bits/sec, 0 packets/sec
Input: 0 packets, 0 bytes, 0 drops
Output: 0 packets, 0 bytes, 0 drops
(1) 开启TOR从设备接口,关闭TOR主设备接口,使流量切换到从设备
(2) 开启EOR从设备接口,关闭EOR主设备接口,使流量切换到从设备
(4) TOR主设备配置M-LAG
(5) EOR主设备配置M-LAG
(6) 查看TOR主设备配置生效情况
(7) 查看EOR主设备配置生效情况
(8) 开启TOR主设备接口,完成M-LAG系统切换,流量负载分担到主、从设备
(9) 开启EOR主设备接口,完成M-LAG系统切换,流量负载分担到主、从设备
· 请提前准备好配置,并快速下发切换配置以便减少收敛时间。
· 在流量切换至从设备后,开启TOR与EOR主设备之间的三层口,使隧道提前建立,减少收敛时间。
在从设备接口执行undo shutdown命令开启接口,M-LAG接口起来后,马上在主设备接口执行shutdown命令关闭接口,以减少流量中断时间。
# TOR从设备接口执行undo shutdown命令开启所有物理接口和逻辑接口(包括M-LAG接口及其成员端口、上行接口、Keepalive接口及其物理接口、peer-link接口及其物理接口)。
[TOR1-2] interface range ten-gigabitethernet 5/0/6 ten-gigabitethernet 5/0/7 ten-gigabitethernet 5/0/45 to ten-gigabitethernet 5/0/48 fortygige 5/0/49 fortygige 5/0/50 Bridge-Aggregation 1 Bridge-Aggregation 101 Route-Aggregation 1
[TOR1-2-if-range] undo shutdown
[TOR1-2-if-range] quit
# TOR主设备接口执行shutdown命令关闭业务物理接口和MAD检测接口。
[TOR1-1] interface range ten-gigabitethernet 1/0/6 ten-gigabitethernet 1/0/7 ten-gigabitethernet 1/0/45 to ten-gigabitethernet 1/0/47
[TOR1-1-if-range] shutdown
[TOR1-1-if-range] quit
在从设备接口执行undo shutdown命令开启接口,M-LAG接口起来后,马上在主设备接口执行shutdown命令关闭接口,以减少流量中断时间。
(1) EOR从设备接口执行undo shutdown命令开启所有物理接口和逻辑接口(包括M-LAG接口及其成员端口、下行接口、Keepalive接口及其物理接口、peer-link接口及其物理接口)。
[EOR1-2] interface range hundredgige 2/0/1 hundredgige 3/0/1 ten-gigabitethernet 2/0/3 ten-gigabitethernet 2/0/47 to ten-gigabitethernet 2/0/50 Bridge-Aggregation 1 Bridge-Aggregation 101 Route-Aggregation 1
[EOR1-2-if-range] undo shutdown
[EOR1-2-if-range] quit
(2) EOR主设备接口执行shutdown命令关闭业务物理接口和MAD检测接口。
[EOR1-1] interface range ten-gigabitethernet 1/2/0/3 ten-gigabitethernet 1/2/0/47 to ten-gigabitethernet 1/ 2/0/49
[EOR1-1-if-range] shutdown
[EOR1-1-if-range] quit
(3) 开启TOR主设备与EOR主设备之间的三层口。
# 开启TOR主设备上与EOR主设备连接的三层口。
[TOR1-1] interface ten-gigabitethernet 1/0/46
[TOR1-1-Ten-GigabitEthernet1/0/46] undo shutdown
[TOR1-1-Ten-GigabitEthernet1/0/46] quit
# 开启EOR主设备与TOR主设备连接的三层口。
[EOR1-1] interface ten-gigabitethernet 1/2/0/48
[EOR1-1-Ten-GigabitEthernet1/2/0/48] undo shutdown
[EOR1-1-Ten-GigabitEthernet1/2/0/48] quit
(1) 保存IRF模式下的配置文件为irf.cfg。
[EOR1-1] save flash:/irf.cfg
The current configuration will be saved to flash:/irf.cfg. Continue? [Y/N]:y
Now saving current configuration to the device.
Saving configuration flash:/irf.cfg.Please wait...
Configuration is saved to device successfully.
(2) EOR主设备由IRF模式切换为独立运行模式。
[EOR1-1] undo chassis convert mode
The device will switch to stand-alone mode and reboot. Continue? [Y/N]:y
You are recommended to save the current running configuration and specify the configuration file for the next startup. Continue? [Y/N]:y
Please input the file name(*.cfg)[flash:/startup.cfg]
(To leave the existing filename unchanged, press the enter key):
flash:/startup.cfg exists, overwrite? [Y/N]:y
Validating file. Please wait...
Saved the current configuration to mainboard device successfully.
Do you want to convert the content of the next startup configuration file flash:/startup.cfg to make it available in stand-alone mode? [Y/N]:y
Now rebooting, please wait...
(3) 比较独立运行模式的配置文件startup.cfg和IRF模式的配置文件irf.cfg,确保配置没有丢失。
[EOR1-1] display diff configfile flash:/irf.cfg configfile flash:/startup.cfg
(1) 配置IRF设备桥MAC恢复缺省情况,配置IRF桥MAC不保留,避免分裂后的两台设备具有相同MAC导致网络故障。
# 配置IRF桥MAC不保留。
[TOR1-1] undo irf mac-address persistent
# 配置IRF设备桥MAC恢复缺省情况。
[TOR1-1] undo irf mac-address
(2) M-LAG系统配置。
# 配置延迟恢复定时器超时时间为300秒。
[TOR1-1] m-lag restore-delay 300
# 配置M-LAG系统MAC地址(同一M-LAG系统的两台M-LAG设备需要配置相同的系统MAC)。
[TOR1-1] m-lag system-mac 0002-0002-0002
# 配置M-LAG系统编号(同一M-LAG系统的两台M-LAG设备需要配置不同的系统编号)。
[TOR1-1] m-lag system-number 1
# 配置M-LAG系统优先级(同一M-LAG系统的两台M-LAG设备需要配置相同的系统优先级)。
[TOR1-1] m-lag system-priority 123
# 配置Keepalive报文的目的IPv4地址为1.1.1.2,源IPv4地址为1.1.1.1。
[TOR1-1] m-lag Keepalive ip destination 1.1.1.2 source 1.1.1.1
# 配置虚拟VTEP地址。
[TOR1-1] evpn m-lag group 19.1.37.6
(3) 配置M-LAG接口。
# 配置连接服务器的聚合接口101加入M-LAG组。关闭M-LAG接口的STP功能。
[TOR1-1] interface Bridge-Aggregation 101
[TOR1-1-Bridge-Aggregation101] port m-lag group 101
[TOR1-1-Bridge-Aggregation101] undo stp enable
[TOR1-1-Bridge-Aggregation101] quit
(4) 配置peer-link链路。
# 创建二层聚合接口1作为peer-link接口。
[TOR1-1] interface bridge-aggregation 1
# 配置IRF物理接口Ten-GigabitEthernet1/0/48、FortyGigE5/0/49和FortyGigE5/0/50取消与IRF接口绑定,并将FortyGigE5/0/49和FortyGigE5/0/50加入聚合组1作为peer-link链路物理接口。
[TOR1-1] irf-port 1/1
[TOR1-1-irf-port1/1] undo port group interface fortygige 1/0/49
[TOR1-1-irf-port1/1] undo port group interface fortygige 1/0/50
[TOR1-1-irf-port1/1] undo port group interface ten-gigabitethernet1/0/48
[TOR1-1-irf-port1/1] quit
[TOR1-1] interface range fortygige 1/0/49 fortygige 1/0/50
[TOR1-1-if-range] port link-aggregation group 1
[TOR1-1-if-range] quit
# 配置二层聚合接口1作为peer-link接口。
[TOR1-1] interface Bridge-Aggregation 1
[TOR1-1-Bridge-Aggregation1] port link-type trunk
[TOR1-1-Bridge-Aggregation1] port trunk permit vlan all
[TOR1-1-Bridge-Aggregation1] link-aggregation mode dynamic
[TOR1-1-Bridge-Aggregation1] port m-lag peer-link 1
[TOR1-1-Bridge-Aggregation1] quit
(5) 配置Keepalive链路接口。
# 创建三层聚合接口1作为Keepalive接口。
[TOR1-1] undo interface Vlan-interface 4093
[TOR1-1] interface route-aggregation 1
[TOR1-1-Route-Aggregation1] quit
# 配置物理接口Ten-GigabitEthernet1/0/47和Ten-GigabitEthernet1/0/48加入三层聚合组1作为Keepalive链路物理接口。
[TOR1-1] interface range ten-gigabitethernet 1/0/47 ten-gigabitethernet 1/0/48
[TOR1-1-if-range] port link-mode route
[TOR1-1-if-range] port link-aggregation group 1
[TOR1-1-if-range] quit
# 配置三层聚合接口1作为Keepalive接口,并配置IP地址。
[TOR1-1] interface Route-Aggregation1
[TOR1-1-Route-Aggregation1] link-aggregation mode dynamic
[TOR1-1-Route-Aggregation1] ip address 1.1.1.1 255.255.255.0
[TOR1-1-Route-Aggregation1] quit
(6) 通过peer-link链路建立OSPF邻居。
[TOR1-1] interface Vlan-interface 4094
[TOR1-1-Vlan-interface4094] ip address 192.168.1.1 255.255.255.252
[TOR1-1-Vlan-interface4094] ospf 100 area 0.0.0.0
[TOR1-1-Vlan-interface4094] quit
(7) 原有IRF设备与EOR建立的BGP邻居配置删除,重新配置TOR主设备与EOR主设备、从设备的BGP邻居。
[TOR1-1] bgp 64667
[TOR1-1-bgp-default] undo peer 19.1.37.3
[TOR1-1-bgp-default] group evpn internal
[TOR1-1-bgp-default] peer evpn connect-interface LoopBack0
[TOR1-1-bgp-default] peer 19.1.37.1 group evpn
[TOR1-1-bgp-default] peer 19.1.37.2 group evpn
[TOR1-1-bgp-default] address-family l2vpn evpn
[TOR1-1-bgp-default-evpn] peer evpn enable
[TOR1-1-bgp-default-evpn] quit
[TOR1-1-bgp-default] quit
(8) 重新分配地址。
# TOR1-1 LoopBack0接口修改地址为19.1.37.3,用来建立Underlay网络的路由邻居,两台M-LAG设备需要配置不同的地址。
[TOR1-1] interface LoopBack0
[TOR1-1- LoopBack0] ip address 19.1.37.3 255.255.255.255
[TOR1-1- LoopBack0] ospf 100 area 0.0.0.0
[TOR1-1- LoopBack0] quit
# TOR1-1 LoopBack2接口配置地址为19.1.37.6,两台M-LAG设备需要配置相同的地址,即evpn m-lag group命令配置的虚拟VTEP地址,使M-LAG系统与远端VTEP自动建立VXLAN隧道。
[TOR1-1] interface LoopBack2
[TOR1-1- LoopBack2] ip address 19.1.37.6 255.255.255.255
[TOR1-1- LoopBack2] ospf 100 area 0.0.0.0
[TOR1-1- LoopBack2] quit
# 配置OSPF Router ID,重启OSPF进程。
[TOR1-1] router-id 19.1.35.3
[TOR1-1] quit
<TOR1-1> reset ospf process? [Y/N]:y
(9) 配置保留接口。
[TOR1-1] system-view
[TOR1-1] m-lag mad exclude interface Route-Aggregation 1
[TOR1-1] m-lag mad exclude interface ten-gigabitethernet1/0/47
[TOR1-1] m-lag mad exclude interface ten-gigabitethernet1/0/48
[TOR1-1] m-lag mad exclude interface LoopBack 0
[TOR1-1] m-lag mad exclude interface LoopBack 2
[TOR1-1] m-lag mad exclude interface Vlan-interface 4094
(1) 配置IRF设备桥MAC恢复缺省情况,配置IRF桥MAC不保留,避免分裂后的两台设备具有相同MAC导致网络故障。
# 配置IRF桥MAC不保留。
[EOR1-1] undo irf mac-address persistent
# 配置IRF设备桥MAC恢复缺省情况。
[EOR1-1] undo irf mac-address
(2) M-LAG系统配置。
# 配置延迟恢复定时器超时时间为300秒。
[EOR1-1] m-lag restore-delay 300
# 配置M-LAG系统MAC地址(同一M-LAG系统的两台M-LAG设备需要配置相同的系统MAC)。
[EOR1-1] m-lag system-mac 0001-0001-0001
# 配置M-LAG系统编号(同一M-LAG系统的两台M-LAG设备需要配置不同的系统编号)。
[EOR1-1] m-lag system-number 1
# 配置M-LAG系统优先级(同一M-LAG系统的两台M-LAG设备需要配置相同的系统优先级)。
[EOR1-1] m-lag system-priority 123
# 配置Keepalive报文的目的IPv4地址为1.1.1.2,源IPv4地址为1.1.1.1。
[EOR1-1] m-lag Keepalive ip destination 1.1.1.2 source 1.1.1.1
# 配置虚拟VTEP地址。
[EOR1-1] evpn m-lag group 19.1.37.5
(3) 开启成员设备间自动建立VXLAN隧道功能,并配置VXLAN隧道工作在三层转发模式。(仅S12500X-AF/S12500F-AF适用)
[EOR1-1] l2vpn m-lag peer-link tunnel source 19.1.37.1 destination 19.1.37.2
[EOR1-1] vxlan ip-forwarding tagged
(4) 配置通过VXLAN ID映射方式生成peer-link链路上动态AC的报文匹配规则。(仅S12500G-AF/S12500-XS/S10500X/S7600/S7600E-X/S7500X适用)
l2vpn m-lag peer-link ac-match-rule vxlan-mapping
(5) 配置M-LAG接口。
# 配置连接DCGW的聚合接口101加入M-LAG组。关闭M-LAG接口的STP功能。
[EOR1-1] interface Bridge-Aggregation 101
[EOR1-1-Bridge-Aggregation101] port m-lag group 101
[EOR1-1-Bridge-Aggregation101] undo stp enable
[EOR1-1-Bridge-Aggregation101] quit
(6) 配置peer-link链路。
# 创建二层聚合接口1作为peer-link接口。
[EOR1-1] interface bridge-aggregation 1
[EOR1-1-Bridge-Aggregation1] undo shutdown
# 将HundredGigE2/0/1、HundredGigE3/0/1加入聚合组1作为peer-link链路物理接口。
[EOR1-1] interface range hundredgige 2/0/1 hundredgige 3/0/1
[EOR1-1-if-range] port link-aggregation group 1
[EOR1-1-if-range] quit
# 配置二层聚合接口1作为peer-link接口。
[EOR1-1] interface Bridge-Aggregation 1
[EOR1-1-Bridge-Aggregation1] port link-type trunk
[EOR1-1-Bridge-Aggregation1] port trunk permit vlan all
[EOR1-1-Bridge-Aggregation1] link-aggregation mode dynamic
[EOR1-1-Bridge-Aggregation1] port m-lag peer-link 1
[EOR1-1-Bridge-Aggregation1] quit
(7) 配置Keepalive链路接口。
# 创建三层聚合接口1作为Keepalive接口。
[EOR1-1] undo interface Vlan-interface 4093
[EOR1-1] interface route-aggregation 1
[EOR1-1-Route-Aggregation1] undo shutdown
[EOR1-1-Route-Aggregation1] quit
# 配置物理接口Ten-GigabitEthernet2/0/49和Ten-GigabitEthernet2/0/50加入三层聚合组1作为Keepalive链路物理接口。
[EOR1-1] interface range ten-gigabitethernet 2/0/49 ten-gigabitethernet 2/0/50
[EOR1-1-if-range] port link-mode route
[EOR1-1-if-range] port link-aggregation group 1
[EOR1-1-if-range] quit
# 配置三层聚合接口1作为Keepalive接口,并配置IP地址。
[EOR1-1] interface Route-Aggregation 1
[EOR1-1-Route-Aggregation1] link-aggregation mode dynamic
[EOR1-1-Route-Aggregation1] ip address 1.1.1.1 255.255.255.0
[EOR1-1-Route-Aggregation1] quit
(8) 通过peer-link链路建立OSPF邻居。
[EOR1-1] interface Vlan-interface 4094
[EOR1-1-Vlan-interface4094] undo shutdown
[EOR1-1-Vlan-interface4094] ip address 192.168.2.5 255.255.255.252
[EOR1-1-Vlan-interface4094] ospf 100 area 0.0.0.0
[EOR1-1-Vlan-interface4094] quit
(9) 原有IRF设备与TOR建立的BGP邻居配置删除,重新配置EOR主设备与TOR主设备、从设备的BGP邻居。
[EOR1-1] bgp 64667
[EOR1-1-bgp-default] undo peer 19.1.37.1
[EOR1-1-bgp-default] peer evpn connect-interface LoopBack0
[EOR1-1-bgp-default] peer 19.1.37.3 group evpn
[EOR1-1-bgp-default] peer 19.1.37.4 group evpn
[EOR1-1-bgp-default] quit
(10) 重新分配地址。
# EOR1-1 LoopBack0接口修改地址为19.1.37.1,用来建立Underlay网络的路由邻居,两台M-LAG设备需要配置不同的地址。
[EOR1-1] interface LoopBack 0
[EOR1-1- LoopBack0] ip address 19.1.37.1 255.255.255.255
[EOR1-1- LoopBack0] ospf 100 area 0.0.0.0
[EOR1-1- LoopBack0] quit
# EOR1-1 LoopBack2接口配置地址为19.1.37.5,两台M-LAG设备需要配置相同的地址,即evpn m-lag group命令配置的虚拟VTEP地址,使M-LAG系统与远端VTEP自动建立VXLAN隧道。
[EOR1-1] interface LoopBack 2
[EOR1-1-LoopBack2] ip address 19.1.37.5 255.255.255.255
[EOR1-1-LoopBack2] ospf 100 area 0.0.0.0
[EOR1-1-LoopBack2] quit
# 重新配置OSPF的Router ID,并重启OSPF进程。
[EOR1-1] router-id 19.1.35.1
[EOR1-1] quit
<EOR1-1> reset ospf process? [Y/N]:y
(11) 配置保留接口。
[EOR1-1] system-view
[EOR1-1] m-lag mad exclude interface Route-Aggregation1
[EOR1-1] m-lag mad exclude interface ten-gigabitethernet 2/0/49
[EOR1-1] m-lag mad exclude interface ten-gigabitethernet 2/0/50
[EOR1-1] m-lag mad exclude interface LoopBack0
[EOR1-1] m-lag mad exclude interface LoopBack2
[EOR1-1] m-lag mad exclude interface Vlan-interface4094
# 在TOR主设备上查看M-LAG系统状态,peer-link接口和M-LAG接口已经生成,但是处于Down状态。
[TOR1-1] display m-lag summary
Global consistency check : -
Inconsistent type 1 global settings: -
Peer-link interface Peer-link interface ID State
BAGG1 1 DOWN
M-LAG IF M-LAG group ID State Check result Type 1 inconsistency
BAGG101 101 DOWN - -
# TOR主设备与EOR主设备之间OSPF和BGP邻居已经建立。
[TOR1-1] display ospf peer
OSPF Process 100 with Router ID 19.1.35.3
Neighbor Brief Information
Area: 0.0.0.0
Router ID Address Pri Dead-Time State Interface
19.1.35.1 19.1.37.1 1 31 Full/ - FGE1/0/54
[TOR1-1] display bgp peer l2vpn evpn
BGP local router ID: 19.1.129.96
Local AS number: 64667
Total number of peers: 2 Peers in established state: 1
* - Dynamically created peer
Peer AS MsgRcvd MsgSent OutQ PrefRcv Up/Down State
19.1.37.1 64667 10 10 0 2 00:04:15 Established
19.1.37.2 64667 0 0 0 0 00:11:24 Connect
# M-LAG系统成员设备间的动态AC口已经生成,但是处于Down状态。
[TOR1-1] display l2vpn vsi verbose
VSI Name: VSI_30061
VSI Index : 0
VSI State : Down
MTU : 1500
Bandwidth : Unlimited
Broadcast Restrain : Unlimited
Multicast Restrain : Unlimited
Unknown Unicast Restrain: Unlimited
MAC Learning : Enabled
MAC Table Limit : Unlimited
MAC Learning rate : -
Drop Unknown : Disabled
Flooding : Enabled
Statistics : Enabled
Input Statistics :
Octets :3403840501876
Packets :26921058372
Errors :0
Discards :0
Output Statistics :
Octets :3352673798948
Packets :26512663950
Errors :0
Discards :0
VXLAN ID : 30061
Tunnels:
Tunnel Name Link ID State Type Flood proxy
Tunnel0 0x5000000 UP Auto Disabled
ACs:
AC Link ID State Type
BAGG101 srv3122 0 Down Manual
BAGG1 srv3122 1 Down Dynamic (M-LAG)
# TOR主设备与EOR主设备之间Tunnel已经生成,处于UP状态。
[TOR1-1] display interface Tunnel
Tunnel0
Current state: UP
Line protocol state: UP
Description: Tunnel0 Interface
Bandwidth: 64 kbps
Maximum transmission unit: 8964
Internet protocol processing: Disabled
Last clearing of counters: Never
Tunnel source 19.1.37.6, destination 19.1.37.5
Tunnel protocol/transport UDP_VXLAN/IP
Last 300 seconds input rate: 0 bytes/sec, 0 bits/sec, 0 packets/sec
Last 300 seconds output rate: 0 bytes/sec, 0 bits/sec, 0 packets/sec
Input: 0 packets, 0 bytes, 0 drops
Output: 0 packets, 0 bytes, 0 drops
# 在EOR主设备上查看M-LAG系统状态,peer-link接口和M-LAG接口已经生成,但是处于Down状态。
[EOR1-1] display m-lag summary
Flags: A -- Aggregate interface down, B -- No peer M-LAG interface configured
C -- Configuration consistency check failed
Peer-link interface: BAGG1
Peer-link interface state (cause): DOWN (Aggregate interface down)
Keepalive link state (cause): DOWN (Local Tx failed)
M-LAG interface information
M-LAG IF M-LAG group Local state (cause) Peer state Remaining down time(s)
BAGG101 101 DOWN (B) UNKNOWN -
# TOR与EOR主设备之间OSPF和BGP邻居已经建立。
[EOR1-1] display ospf peer
OSPF Process 100 with Router ID 19.1.35.1
Neighbor Brief Information
Area: 0.0.0.0
Router ID Address Pri Dead-Time State Interface
19.1.35.3 19.1.37.3 1 33 Full/ - HGE 3/0/1
[EOR1-1] display bgp peer l2vpn evpn
BGP local router ID: 19.1.129.99
Local AS number: 64667
Total number of peers: 2 Peers in established state: 1
* - Dynamically created peer
Peer AS MsgRcvd MsgSent OutQ PrefRcv Up/Down State
19.1.37.3 64667 8 8 0 2 00:02:47 Established
19.1.37.4 64667 0 0 0 0 00:02:49 Connect
# M-LAG系统成员设备间的Tunnel已经生成,但是处于Down状态。
[EOR1-1] display l2vpn vsi verbose
VSI Name: VSI_30061
VSI Index : 0
VSI State : Down
MTU : 1500
Bandwidth : Unlimited
Broadcast Restrain : Unlimited
Multicast Restrain : Unlimited
Unknown Unicast Restrain: Unlimited
MAC Learning : Enabled
MAC Table Limit : Unlimited
MAC Learning rate : -
Drop Unknown : Disabled
Flooding : Enabled
Statistics : Enabled
Input Statistics :
Octets :2325163620662
Packets :18611776369
Errors :0
Discards :0
Output Statistics :
Octets :2344819217494
Packets :18620776435
Errors :0
Discards :0
VXLAN ID : 30061
Tunnels:
Tunnel Name Link ID State Type Flood proxy
Tunnel0 0x5000000 Down Manual Disabled
Tunnel1 0x5000001 UP Auto Disabled
ACs:
AC Link ID State Type
BAGG101 srv3122 0 Down Manual
[EOR1-1] display interface Tunnel
Tunnel0
Current state: DOWN
Line protocol state: DOWN
Description: Tunnel0 Interface
Bandwidth: 64 kbps
Maximum transmission unit: 64000
Internet protocol processing: Disabled
Last clearing of counters: Never
Tunnel source 19.1.37.1, destination 19.1.37.2
Tunnel protocol/transport UDP_VXLAN/IP
Last 5 seconds input rate: 0 bytes/sec, 0 bits/sec, 0 packets/sec
Last 5 seconds output rate: 0 bytes/sec, 0 bits/sec, 0 packets/sec
Input: 0 packets, 0 bytes, 0 drops
Output: 0 packets, 0 bytes, 0 drop
# TOR与EOR主设备之间Tunnel已经生成,处于UP状态。
[EOR1-1] display interface Tunnel
Tunnel1
Current state: UP
Line protocol state: UP
Description: Tunnel1 Interface
Bandwidth: 64 kbps
Maximum transmission unit: 8964
Internet protocol processing: Disabled
Last clearing of counters: Never
Tunnel source 19.1.37.5, destination 19.1.37.6
Tunnel protocol/transport UDP_VXLAN/IP
Last 5 seconds input rate: 0 bytes/sec, 0 bits/sec, 0 packets/sec
Last 5 seconds output rate: 0 bytes/sec, 0 bits/sec, 0 packets/sec
Input: 0 packets, 0 bytes, 0 drops
Output: 0 packets, 0 bytes, 0 drops
在TOR主设备接口执行undo shutdown命令开启接口时,请按如下顺序操作以减少收敛时间:
· 开启peer-link链路接口;
· 开启Keepalive链路接口;
· 等待一段时间,使用display m-lag summary命令查看M-LAG工作状态,确认M-LAG设备工作正常;
· 开启所有业务物理接口和逻辑接口。
# TOR主设备peer-link链路接口执行undo shutdown命令开启接口。
[TOR1-1] interface range fortygige 1/0/49 fortygige 1/0/50 Bridge-Aggregation 1
[TOR1-1-if-range] undo shutdown
[TOR1-1-if-range] quit
# TOR主设备Keepalive链路接口执行undo shutdown命令开启接口。
[TOR1-1] interface range ten-gigabitethernet 1/0/47 to ten-gigabitethernet 1/0/48 Route-Aggregation 1
[TOR1-1-if-range] undo shutdown
[TOR1-1-if-range] quit
# TOR主设备所有业务物理接口和逻辑接口(包括M-LAG接口及其成员口和上行接口)执行undo shutdown命令开启接口。
[TOR1-1] interface range ten-gigabitethernet 1/0/6 ten-gigabitethernet 1/0/7 ten-gigabitethernet 1/0/45 ten-gigabitethernet 1/0/46 Bridge-Aggregation 101 [TOR1-1-if-range] undo shutdown
[TOR1-1-if-range] quit
# TOR主设备、从设备保存配置。
[TOR1-1] save
[TOR1-2] save
在EOR主设备接口执行undo shutdown命令开启接口时,请按如下顺序操作以减少收敛时间:
· 开启peer-link链路接口;
· 开启Keepalive链路接口;
· 等待一段时间,使用display m-lag summary命令查看M-LAG工作状态,确认M-LAG设备工作正常;
· 开启所有业务物理接口和逻辑接口。
# EOR主设备peer-link链路接口执行undo shutdown命令开启接口。
[EOR1-1] interface range hundredgige 2/0/1 hundredgige 3/0/1 Bridge-Aggregation 1 [EOR1-1-if-range] undo shutdown
[EOR1-1-if-range] quit
# EOR主设备Keepalive链路接口执行undo shutdown命令开启接口。
[EOR1-1] interface range ten-gigabitethernet 2/0/49 to ten-gigabitethernet 2/0/50 Route-Aggregation 1
[EOR1-1-if-range] undo shutdown
[EOR1-1-if-range] quit
# EOR主设备所有业务物理接口和逻辑接口(包括M-LAG接口及其成员口和下行接口)执行undo shutdown命令开启接口。
[EOR1-1] interface range ten-gigabitethernet 2/0/3 ten-gigabitethernet 2/0/47 to ten-gigabitethernet 2/0/58 Bridge-Aggregation 101
[EOR1-1-if-range] undo shutdown
[EOR1-1-if-range] quit
# EOR主设备、从设备保存配置。
[EOR1-1] save
[EOR1-2] save
编号:U代表Underlay,4代表IPv4,101是序号。
流量大小:轻载(小于1000条流),重载(大于1000条流)。
|
编号 |
类型 |
流量方向 |
流量路径 |
仿真方式 |
流量大小 |
上墙/LB方式 |
|
U-4-101 |
IPv4已知单播 |
南北向 |
Server-TOR- EOR-DCGW |
测试仪器 |
轻载 |
不涉及 |
|
U-4-101 |
IPv4已知单播 |
南北向 |
DCGW-EOR- TOR-Server |
测试仪器 |
轻载 |
不涉及 |
· 隔离和恢复操作快慢会影响收敛时间,数据可能会有浮动。
· TOR的从设备和EOR的从设备同时切换,TOR的主设备和EOR的主设备同时切换,减少丢包时间。
· 本节的收敛时间基于S12500X-AF(EOR)和S6800(TOR)设备测试。
|
设备 |
故障类型 |
流量中断时间 |
|
TOR/EOR |
隔离TOR1-2/EOR1-2,流量切换到主设备: |
不超过2s |
|
恢复TOR1-2/EOR1-2,隔离TOR1-1/EOR1-1,流量切换到从设备: |
不超过10s |
|
|
恢复TOR1-1/EOR1-1,流量负载分担到主、从设备: |
不超过2s |
本文以查看TOR1-1上的配置信息为例,TOR1-2上的配置信息查看方式类似。
(1) 在TOR1-1上查看TOR1-1与TOR1-2之间的M-LAG系统状态,M-LAG正常建立
(2) 在TOR1-1上查看M-LAG系统信息,TOR1-1和TOR1-2建立了M-LAG系统
(3) 在TOR1-1上查看M-LAG系统Keepalive信息,TOR1-1和TOR1-2之间建立了Keepalive邻居
(4) 在TOR1-1上查看M-LAG设备角色信息,本地设备为角色为Secondary
(5) 在TOR1-1上查看M-LAG配置一致性信息,本地和对端设备配置一致
(6) 在TOR1-1上查看聚合接口的相关信息,聚合接口链路状态为UP
(7) 在TOR1-1上查看VSI的信息,VSI状态、绑定的隧道状态、AC口状态均为UP
(8) 在TOR1-1上查看Tunnel的信息,已与EOR之间建立VXLAN隧道
(9) 在TOR1-1上查看OSPF、BGP的邻居/对等体信息,已分别与TOR1-2、EOR1-1、EOR1-2建立邻居关系
<TOR1-1> display m-lag summary
Global consistency check : SUCCESS
Inconsistent type 1 global settings: -
Peer-link interface Peer-link interface ID State
BAGG1 1 UP
M-LAG IF M-LAG group ID State Check result Type 1 inconsistency
BAGG101 101 UP SUCCESS -
<TOR1-1> display m-lag system
Peer-link interface: Bridge-Aggregation1
State: UP
M-LAG System number System MAC System priority
Local 1 0002-0002-0002 123
Peer 2 0002-0002-0002 123
<TOR1-1> display m-lag Keepalive
Neighbor Keepalive link status: Up
Neighbor is alive for: 1657 s 317 ms
Last Keepalive packet sending status: Successful
Last Keepalive packet sending time: 2022/01/15 05:57:16 10 ms
Last Keepalive packet receiving status: Successful
Last Keepalive packet receiving time: 2022/01/15 05:57:16 493 ms
Distributed relay Keepalive parameters:
Destination IP address: 1.1.1.2
Source IP address: 1.1.1.1
Keepalive UDP port : 6400
Keepalive VPN name : N/A
Keepalive interval : 1000 ms
Keepalive timeout : 5 sec
Keepalive hold time: 3 sec
<TOR1-1> display m-lag role
M-LAG Role priority Bridge Mac Configured role Effective role
Local 32768 30b0-37c3-e5a0 Secondary Secondary
Peer 100 30b0-37c3-e19e Primary Primary
<TOR1-1> display m-lag consistency type2 global
VLAN consistency check: Success
Local VLAN interfaces:
1, 4094
Peer VLAN interfaces:
1, 4094
Passing PVID and VLANs (tagged) on local Peer-link interface:
1-4094
Passing PVID and VLANs (tagged) on peer Peer-link interface:
1-4094
Invalid VLANs on local Peer-link interface:
None
<TOR1-1> display interface Bridge-Aggregation brief
Brief information on interfaces in bridge mode:
Link: ADM - administratively down; Stby - standby
Speed: (a) - auto
Duplex: (a)/A - auto; H - half; F - full
Type: A - access; T - trunk; H - hybrid
Interface Link Speed Duplex Type PVID Description
BAGG1 UP 80G(a) F(a) T 1
BAGG101 UP 40G(a) F(a) T 1 To_vUP_For_VxLAN-AC
<TOR1-1> display l2vpn vsi verbose
VSI Name: VSI_30061
VSI Index : 0
VSI State : Up
MTU : 1500
Bandwidth : Unlimited
Broadcast Restrain : Unlimited
Multicast Restrain : Unlimited
Unknown Unicast Restrain: Unlimited
MAC Learning : Enabled
MAC Table Limit : Unlimited
MAC Learning rate : -
Drop Unknown : Disabled
Flooding : Enabled
Statistics : Enabled
Input Statistics :
Octets :3407216953426
Packets :26947792217
Errors :0
Discards :0
Output Statistics :
Octets :3356083688850
Packets :26539382536
Errors :0
Discards :0
VXLAN ID : 30061
Tunnels:
Tunnel Name Link ID State Type Flood proxy
Tunnel0 0x5000000 UP Auto Disabled
ACs:
AC Link ID State Type
BAGG101 srv3122 0 Up Manual
BAGG1 srv3122 1 Up Dynamic (M-LAG)
<TOR1-1> display interface Tunnel
Tunnel0
Current state: UP
Line protocol state: UP
Description: Tunnel0 Interface
Bandwidth: 64 kbps
Maximum transmission unit: 8964
Internet protocol processing: Disabled
Last clearing of counters: Never
Tunnel source 19.1.37.6, destination 19.1.37.5
Tunnel protocol/transport UDP_VXLAN/IP
Last 300 seconds input rate: 0 bytes/sec, 0 bits/sec, 0 packets/sec
Last 300 seconds output rate: 0 bytes/sec, 0 bits/sec, 0 packets/sec
Input: 0 packets, 0 bytes, 0 drops
Output: 0 packets, 0 bytes, 0 drops
<TOR1-1> display ospf peer
OSPF Process 100 with Router ID 19.1.35.3
Neighbor Brief Information
Area: 0.0.0.0
Router ID Address Pri Dead-Time State Interface
19.1.35.2 19.1.37.2 1 38 Full/ - FGE1/0/53
19.1.35.1 19.1.37.1 1 37 Full/ - FGE1/0/54
19.1.35.4 192.168.1.2 1 37 Full/DR Vlan4094
<TOR1-1> display bgp peer l2vpn evpn
BGP local router ID: 19.1.129.96
Local AS number: 64667
Total number of peers: 2 Peers in established state: 2
* - Dynamically created peer
Peer AS MsgRcvd MsgSent OutQ PrefRcv Up/Down State
19.1.37.1 64667 36 11 0 8 00:04:54 Established
19.1.37.2 64667 44 12 0 8 00:06:15 Established
本文以查看EOR1-1上的配置信息为例,EOR1-2上的配置信息查看方式类似。
(1) 在EOR1-1上查看EOR1-1与EOR1-2之间的M-LAG系统状态,M-LAG正常建立
(2) 在EOR1-1上查看M-LAG系统信息,EOR1-1与EOR1-2建立M-LAG系统
(3) 在EOR1-1上查看M-LAG系统Keepalive报文的信息,EOR1-1与EOR1-2之间建立了Keepalive邻居
(4) 在EOR1-1上查看M-LAG设备角色信息,M-LAG角色为Secondary
(5) 在EOR1-1上查看M-LAG配置一致性信息,本地和对端设备配置一致
(6) 在EOR1-1上查看聚合接口的相关信息,聚合接口链路状态为UP
(7) 在EOR1-1上查看VSI的信息,VSI状态、绑定的隧道状态、AC口状态均为UP
(8) 在EOR1-1上查看Tunnel的信息,EOR1-1与EOR1-2和TOR之间建立了VXLAN隧道
(9) 在EOR1-1上查看OSPF、BGP的邻居/对等体信息,EOR1-1分别与EOR1-2和TOR之间建立了路由邻居
<EOR1-1> display m-lag summary
Flags: A -- Aggregate interface down, B -- No peer M-LAG interface configured
C -- Configuration consistency check failed
Peer-link interface: BAGG1
Peer-link interface state (cause): UP
Keepalive link state (cause): UP
M-LAG interface information
M-LAG IF M-LAG group Local state (cause) Peer state Remaining down time(s)
BAGG101 101 UP UP -
<EOR1-1> display m-lag system
System information
Local system number: 1 Peer system number: 2
Local system MAC: 0001-0001-0001 Peer system MAC: 0001-0001-0001
Local system priority: 123 Peer system priority: 123
Local bridge MAC: 88df-9e39-a800 Peer bridge MAC: 7485-c41c-2a00
Local effective role: Secondary Peer effective role: Primary
Health level: 0
Standalone mode on split: Disabled
In standalone mode: No
System timer information
Timer State Value (s) Remaining time (s)
Auto recovery Disabled - -
Restore delay Disabled 180 -
Consistency-check delay Disabled 90 -
Standalone delay Disabled - -
Role to None delay Disabled 60 -
<EOR1-1> display m-lag Keepalive
Neighbor Keepalive link status (cause): Up
Neighbor is alive for: 553 s 41 ms
Keepalive packet transmission status:
Sent: Successful
Received: Successful
Last received Keepalive packet information:
Source IP address: 1.1.1.2
Time: 2001/05/11 22:05:37
Action: Accept
Distributed relay Keepalive parameters:
Destination IP address: 1.1.1.2
Source IP address: 1.1.1.1
Keepalive UDP port : 6400
Keepalive VPN name : N/A
Keepalive interval : 1000 ms
Keepalive timeout : 5 sec
Keepalive hold time: 3 sec
<EOR1-1> display m-lag role
Effective role information
Factors Local Peer
Effective role Secondary Primary
Initial role Secondary Primary
MAD DOWN state Yes No
Health level 0 0
Role priority 32768 100
Bridge MAC 88df-9e39-a800 7485-c41c-2a00
Effective role trigger: Peer link calculation
Effective role reason: MAD status
Configured role information
Factors Local Peer
Configured role Secondary Primary
Role priority 32768 100
Bridge MAC 88df-9e39-a800 7485-c41c-2a00
<EOR1-1> display m-lag consistency type2 global
VLAN consistency check: SUCCESS
Local VLAN interfaces:
4094
Peer VLAN interfaces:
4094
Passing PVID and VLANs (tagged) on local Peer-link interface:
1-4094
Passing PVID and VLANs (tagged) on peer Peer-link interface:
1-4094
Invalid VLANs on local Peer-link interface:
None
<EOR1-1> display interface Bridge-Aggregation brief
Brief information on interfaces in bridge mode:
Link: ADM - administratively down; Stby - standby
Speed: (a) - auto
Duplex: (a)/A - auto; H - half; F - full
Type: A - access; T - trunk; H - hybrid
Interface Link Speed Duplex Type PVID Description
BAGG1 UP 200G(a) F(a) T 1
BAGG101 UP 200G(a) F(a) T 1 TO_DCGW
<EOR1-1> display l2vpn vsi verbose
VSI Name: VSI_30061
VSI Index : 0
VSI State : Up
MTU : 1500
Bandwidth : Unlimited
Broadcast Restrain : Unlimited
Multicast Restrain : Unlimited
Unknown Unicast Restrain: Unlimited
MAC Learning : Enabled
MAC Table Limit : Unlimited
MAC Learning rate : -
Drop Unknown : Disabled
Flooding : Enabled
Statistics : Enabled
Input Statistics :
Octets :2330946176652
Packets :18658198385
Errors :0
Discards :0
Output Statistics :
Octets :2350648147036
Packets :18667203515
Errors :0
Discards :0
VXLAN ID : 30061
Tunnels:
Tunnel Name Link ID State Type Flood proxy
Tunnel0 0x5000000 UP Manual Disabled
Tunnel1 0x5000001 UP Auto Disabled
ACs:
AC Link ID State Type
BAGG101 srv3122 0 Up Manual
<EOR1-1> display interface Tunnel
Tunnel0
Current state: UP
Line protocol state: UP
Description: Tunnel0 Interface
Bandwidth: 64 kbps
Maximum transmission unit: 1464
Internet protocol processing: Disabled
Last clearing of counters: Never
Tunnel source 19.1.37.1, destination 19.1.37.2
Tunnel protocol/transport UDP_VXLAN/IP
Last 5 seconds input rate: 0 bytes/sec, 0 bits/sec, 0 packets/sec
Last 5 seconds output rate: 0 bytes/sec, 0 bits/sec, 0 packets/sec
Input: 88 packets, 5866 bytes, 0 drops
Output: 0 packets, 0 bytes, 0 drops
Tunnel1
Current state: UP
Line protocol state: UP
Description: Tunnel1 Interface
Bandwidth: 64 kbps
Maximum transmission unit: 8964
Internet protocol processing: Disabled
Last clearing of counters: Never
Tunnel source 19.1.37.5, destination 19.1.37.6
Tunnel protocol/transport UDP_VXLAN/IP
Last 5 seconds input rate: 0 bytes/sec, 0 bits/sec, 0 packets/sec
Last 5 seconds output rate: 0 bytes/sec, 0 bits/sec, 0 packets/sec
Input: 0 packets, 0 bytes, 0 drops
Output: 0 packets, 0 bytes, 0 drops
<EOR1-1> display ospf peer
OSPF Process 100 with Router ID 19.1.35.1
Neighbor Brief Information
Area: 0.0.0.0
Router ID Address Pri Dead-Time State Interface
19.1.35.3 19.1.37.3 1 31 Full/ - HGE3/0/1
19.1.35.4 19.1.37.4 1 30 Full/ - HGE3/0/2
19.1.35.2 192.168.2.6 1 30 Full/DR Vlan4094 <EOR1-1> display bgp peer l2vpn evpn
BGP local router ID: 19.1.129.99
Local AS number: 64667
Total number of peers: 2 Peers in established state: 2
* - Dynamically created peer
Peer AS MsgRcvd MsgSent OutQ PrefRcv Up/Down State
19.1.37.3 64667 15 69 0 3 00:08:39 Established
19.1.37.4 64667 17 71 0 4 00:08:36 Established
支持
售前咨询
售后咨询
人工在线咨询
