10-High availability

HomeSupportResource CenterConfigure & DeployConfiguration ExamplesH3C Access Controllers Configuration Examples(V7)-6W10210-High availability
Table of Contents
Related Documents
03-IRF Setup with Members in One Chassis Configuration Examples

 

H3C Access Controller Modules

Comware 7 IRF Setup with Members in One Chassis

Configuration Examples

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Copyright © 2021 New H3C Technologies Co., Ltd. All rights reserved.

No part of this manual may be reproduced or transmitted in any form or by any means without prior written consent of New H3C Technologies Co., Ltd.

Except for the trademarks of New H3C Technologies Co., Ltd., any trademarks that may be mentioned in this document are the property of their respective owners.

The information in this document is subject to change without notice.



Introduction

The following information provides an example for setting up an IRF fabric with two access controller modules in the same chassis.

The Intelligent Resilient Framework (IRF) technology is proprietary to H3C. This technology is a true stacking technology that creates a large virtual stack called IRF fabric from multiple devices to provide data center class availability and scalability. IRF offers processing power, interaction, unified management, and uninterrupted maintenance of multiple devices.

Prerequisites

The following information applies to Comware 7-based access controllers and access points. Procedures and information in the examples might be slightly different depending on the software or hardware version of the access controllers and access points.

The configuration examples were created and verified in a lab environment, and all the devices were started with the factory default configuration. When you are working on a live network, make sure you understand the potential impact of every command on your network.

The following information is provided based on the assumption that you have basic knowledge of IRF and Ethernet link aggregation.

Example: Setting up an IRF fabric with access controller modules in the same chassis

Network configuration

As shown in Figure 1, AC 1 and AC 2 are access controller modules. The ACs are inserted into slot 2 and slot 5 of the switch, respectively.

Use the access controller modules to set up an IRF fabric. Configure LACP MAD on the multi-member link aggregation to the switch.

Figure 1 Network diagram

 

Restrictions and guidelines

When you set up an IRF fabric with members in the same chassis, follow the restrictions and guidelines in this section.

Hardware compatibility

An access controller module can form an IRF fabric only with access controller modules of the same model.

Software requirements

All IRF member devices must run the same software image version as the master. For software synchronization, make sure the software auto-update feature is enabled.

IRF size restrictions

The maximum number of member devices in an IRF fabric varies by device model.

IRF member ID restrictions

Make sure each IRF member device is assigned a unique member ID. For a new member ID to take effect, you must reboot the device.

The port number of the IRF port is the same as the IRF member ID of the device.

IRF topo-domain ID and MAD domain ID restrictions

Make sure all member devices have the same topo-domain ID and MAD domain ID. For a new topo-domain ID to take effect on a device, you must reboot the device.

IRF port binding requirements

An IRF port must have a minimum of one hybrid channel, or a minimum of one data channel and one control channel.

The network interfaces bound to an IRF port must operate at the same rate. The two ends of an IRF link must operate at the same rate.

For the port bindings to take effect, perform the following tasks:

1.     Save the configuration.

2.     Reboot the device or activate the IRF port configuration.

IRF network interface shutdown restrictions

You cannot use the shutdown command on the IRF standby device to shut down an IRF network interface if the interface is the only control channel available on the device. To shut down the IRF link in this situation, shut down the IRF network interface on the master device.

Connectivity requirements

Make sure the member devices have Layer 2 connectivity with each other.

If the IRF fabric contains only two member devices, you can connect the member devices directly or through Layer 2 intermediate devices. If the IRF fabric contains more than two member devices, you must connect the member devices through Layer 2 intermediate devices.

IRF merge restrictions

If the IRF fabric splits, do not change the IRF settings on any IRF member devices before they reunite.

IRF member device bridge MAC address restrictions

Member devices cannot join the same IRF fabric if they have the same bridge MAC address.

IRF port binding removal restrictions

To remove a network interface from an IRF port, you must first shut down the IRF network interface.

Feature compatibility and configuration restrictions

Ethernet link aggregation restrictions

On the Layer 2 intermediate devices, do not configure per-packet load sharing on the Layer 2 link aggregation groups that connect to multiple member devices of the IRF fabric.

On the intermediate devices, aggregate the physical links that connect to the IRF network interfaces of the IRF fabric.

If Bridge-Aggregation 1 exists by default, delete the aggregate interface to remove all the member ports from the aggregate interface.

As a best practice, configure Ethernet link aggregation settings after the IRF fabric is formed.

VLAN restrictions

Do not assign IRF links to VLANs that run on links that forward data traffic.

Spanning tree feature restrictions

On the Layer 2 intermediate devices, disable the spanning tree feature on the ports through which packets of an IRF member device reaches another IRF member device.

WLAN hardware fast forwarding restrictions

To use WLAN hardware fast forwarding on an IRF fabric that contains access controller modules, follow these restrictions and guidelines:

·     For the EWPXM2WCMD0F, LSQM1WCMX20, and LSUM1WCMX20RT modules, make sure the following requirements are met: Each module has one Ten-GigabitEthernet interface to act as a non-IRF network interface and the other Ten-GigabitEthernet interface to act as an IRF network interface.

·     For the EWPXM1MAC0, EWPXM1WCME0, LSQM1WCMX40, LSUM1WCME0, and LSUM1WCMX40RT modules, make sure the following requirements are met: On each module, the Ten-GigabitEthernet interfaces in one group act as non-IRF network interfaces and the Ten-GigabitEthernet interfaces in the other group act as IRF network interfaces. Ten-GigabitEthernet n/0/1 and Ten-GigabitEthernet n/0/3 belong to one group, and Ten-GigabitEthernet n/0/2 and Ten-GigabitEthernet n/0/4 belong to another group. The integer n represents the IRF member ID.

Procedures

Configuring the switch

1.     Configure links for interfaces connected to the IRF network interfaces:

# Create Layer 2 aggregate interface Bridge-Aggregation 1 for AC 1 IRF connection.

<Switch> system-view

[Switch] interface bridge-aggregation 1

[Switch-Bridge-Aggregation1] quit

# Assign internal port Ten-GigabitEthernet 2/2/0/1 to aggregation group 1.

[Switch] interface ten-gigabitethernet 2/2/0/1

[Switch-Ten-GigabitEthernet2/2/0/1] port link-aggregation group 1

[Switch-Ten-GigabitEthernet2/2/0/1] quit

# Assign internal port Ten-GigabitEthernet 2/2/0/3 to aggregation group 1.

[Switch] interface ten-gigabitethernet 2/2/0/3

[Switch-Ten-GigabitEthernet2/2/0/3] port link-aggregation group 1

[Switch-Ten-GigabitEthernet2/2/0/3] quit

# Create Layer 2 aggregate interface Bridge-Aggregation 2 for AC 2 IRF connection.

[Switch] interface bridge-aggregation 2

[Switch-Bridge-Aggregation2] quit

# Assign internal port Ten-GigabitEthernet 2/5/0/1 to aggregation group 2.

[Switch] interface ten-gigabitethernet 2/5/0/1

[Switch-Ten-GigabitEthernet2/5/0/1] port link-aggregation group 2

[Switch-Ten-GigabitEthernet2/5/0/1] quit

# Assign internal port Ten-GigabitEthernet 2/5/0/3 to aggregation group 2.

[Switch] interface ten-gigabitethernet 2/5/0/3

[Switch-Ten-GigabitEthernet2/5/0/3] port link-aggregation group 2

[Switch-Ten-GigabitEthernet2/5/0/3] quit

# Create VLAN 400 and assign the aggregate interfaces to the VLAN. The VLAN will transmit traffic for IRF links.

[Switch] vlan 400

[Switch-vlan400] port bridge-aggregation 1

[Switch-vlan400] port bridge-aggregation 2

[Switch-vlan400] quit

# Disable the spanning tree feature on Bridge-Aggregation 1 and Bridge-Aggregation 2.

[Switch] interface bridge-aggregation 1

[Switch-Bridge-Aggregation1] undo stp enable

[Switch-Bridge-Aggregation1] quit

[Switch] interface bridge-aggregation 2

[Switch-Bridge-Aggregation2] undo stp enable

[Switch-Bridge-Aggregation2] quit

2.     Configure links used for transmitting LACP MAD packets:

# Create Layer 2 aggregate interface Bridge-Aggregation 3, and configure the aggregation group of the aggregate interface to operate in dynamic mode.

[Switch] interface bridge-aggregation 3

[Switch-Bridge-Aggregation3] link-aggregation mode dynamic

[Switch-Bridge-Aggregation3] quit

# Assign internal port Ten-GigabitEthernet 2/2/0/2 to aggregation group 3.

[Switch] interface ten-gigabitethernet 2/2/0/2

[Switch-Ten-GigabitEthernet2/2/0/2] port link-aggregation group 3

[Switch-Ten-GigabitEthernet2/2/0/2] quit

# Assign internal port Ten-GigabitEthernet 2/2/0/4 to aggregation group 3.

[Switch] interface ten-gigabitethernet 2/2/0/4

[Switch-Ten-GigabitEthernet2/2/0/4] port link-aggregation group 3

[Switch-Ten-GigabitEthernet2/2/0/4] quit

# Assign internal port Ten-GigabitEthernet 2/5/0/2 to aggregation group 3.

[Switch] interface ten-gigabitethernet 2/5/0/2

[Switch-Ten-GigabitEthernet2/5/0/2] port link-aggregation group 3

[Switch-Ten-GigabitEthernet2/5/0/2] quit

# Assign internal port Ten-GigabitEthernet 2/5/0/4 to aggregation group 3.

[Switch] interface ten-gigabitethernet 2/5/0/4

[Switch-Ten-GigabitEthernet2/5/0/4] port link-aggregation group 3

[Switch-Ten-GigabitEthernet2/5/0/4] quit

3.     Enable link-aggregation traffic redirection.

[Switch] link-aggregation lacp traffic-redirect-notification enable

Configuring AC 1

# Assign internal ports Ten-GigabitEthernet 1/0/1 and Ten-GigabitEthernet 1/0/3 to the IRF port.

<AC1> system-view

[AC1] irf-port 1

[AC1-irf-port1] port group interface ten-gigabitethernet 1/0/1

You must perform the following tasks for a successful IRF setup:

Save the configuration after completing IRF configuration.

Execute the \"irf-port-configuration active\" command to activate the IRF ports.

[AC1-irf-port1] port group interface ten-gigabitethernet 1/0/3

You must perform the following tasks for a successful IRF setup:

Save the configuration after completing IRF configuration.

Execute the \"irf-port-configuration active\" command to activate the IRF ports.

[AC1-irf-port1] quit

# Specify the member priority as 2. AC 1 will be the master device.

[AC1] irf member 1 priority 2

# Save the configuration.

[AC1] save

The current configuration will be written to the device. Are you sure? [Y/N]:y

Please input the file name(*.cfg)[cfa0:/startup.cfg]

(To leave the existing filename unchanged, press the enter key):irf.cfg

Validating file. Please wait...

Saved the current configuration to mainboard device successfully.

# Activate the IRF port configuration.

[AC1] irf-port-configuration active

Configuring AC 2

# Change the IRF member ID to 2.

<AC2> system-view

[AC2] irf member 1 renumber 2

Renumbering the member ID may result in configuration change or loss. Continue?[

Y/N]:y

[AC2] quit

# Reboot AC 2 for the new member ID to take effect.

<AC2> reboot

Start to check configuration with next startup configuration file, please wait..

.......DONE!

Current configuration may be lost after the reboot, save current configuration?

[Y/N]:y

Please input the file name(*.cfg)[cfa0:/startup.cfg]

(To leave the existing filename unchanged, press the enter key):irf.cfg

cfa0:/startup.cfg exists, overwrite? [Y/N]:y

Validating file. Please wait...

Saved the current configuration to mainboard device successfully.

This command will reboot the device. Continue? [Y/N]:y

Now rebooting, please wait...

# Assign internal ports Ten-GigabitEthernet 2/0/1 and Ten-GigabitEthernet 2/0/3 to the IRF port.

<AC2> system-view

[AC2] irf-port 2

[AC2-irf-port2] port group interface ten-gigabitethernet 2/0/1

You must perform the following tasks for a successful IRF setup:

Save the configuration after completing IRF configuration.

Execute the \"irf-port-configuration active\" command to activate the IRF ports.

[AC2-irf-port2] port group interface ten-gigabitethernet 2/0/3

You must perform the following tasks for a successful IRF setup:

Save the configuration after completing IRF configuration.

Execute the \"irf-port-configuration active\" command to activate the IRF ports.

[AC2-irf-port2] quit

# Save the configuration.

[AC2] save

The current configuration will be written to the device. Are you sure? [Y/N]:y

Please input the file name(*.cfg)[cfa0:/ irf.cfg]

(To leave the existing filename unchanged, press the enter key):

Validating file. Please wait...

Saved the current configuration to mainboard device successfully.

# Activate the IRF port configuration.

[AC2] irf-port-configuration active

AC 1 and AC 2 perform master election. AC 2 fails the master election and reboots to form an IRF fabric with AC 1.

Configuring the IRF fabric

# Change the name of the IRF fabric to IRF.

<AC1> system-view

[AC1] system-name IRF

# Configure descriptions for AC 1 and AC 2, respectively.

[IRF] irf member 1 description AC 1

[IRF] irf member 2 description AC 2

# Delete the system-defined aggregate interface named Bridge-Aggregation 1. The member ports will automatically leave the aggregation group of Bridge-Aggregation 1.

[IRF] undo interface bridge-aggregation 1

# Create Layer 2 aggregate interface Bridge-Aggregation 3, and configure the aggregation group of the aggregate interface to operate in dynamic mode.

[IRF] interface bridge-aggregation 3

[IRF-Bridge-Aggregation3] link-aggregation mode dynamic

# Enable LACP MAD on Bridge-Aggregation 3.

[IRF-Bridge-Aggregation3] mad enable

[IRF-Bridge-Aggregation3] quit

# Enable link-aggregation traffic redirection.

[IRF] link-aggregation lacp traffic-redirect-notification enable

# Assign internal port Ten-GigabitEthernet 1/0/2 to aggregation group 3.

[IRF] interface ten-gigabitethernet 1/0/2

[IRF-Ten-GigabitEthernet1/0/2] port link-aggregation group 3

[IRF-Ten-GigabitEthernet1/0/2] quit

# Assign internal port Ten-GigabitEthernet 1/0/4 to aggregation group 3.

[IRF] interface ten-gigabitethernet 1/0/4

[IRF-Ten-GigabitEthernet1/0/4] port link-aggregation group 3

[IRF-Ten-GigabitEthernet1/0/4] quit

# Assign internal port Ten-GigabitEthernet 2/0/2 to aggregation group 3.

[IRF] interface ten-gigabitethernet 2/0/2

[IRF-Ten-GigabitEthernet2/0/2] port link-aggregation group 3

[IRF-Ten-GigabitEthernet2/0/2] quit

# Assign internal port Ten-GigabitEthernet 2/0/4 to aggregation group 3.

[IRF] interface ten-gigabitethernet 2/0/4

[IRF-Ten-GigabitEthernet2/0/4] port link-aggregation group 3

[IRF-Ten-GigabitEthernet2/0/4] quit

Verifying the configuration

# Display IRF information. Verify that AC 1 is the master device.

[IRF] display irf

Member ID    Role    Priority  CPU MAC         Description

  *+1        Master  2         50da-005b-8b98  AC 1

    2        Standby 1         70f9-6d17-2e37  AC 2

--------------------------------------------------

The asterisk (*) indicates the master.

The plus sign (+) indicates the device through which you are logged in.

The right angle bracket (>) indicates the device's stack capability is disabled.

 

Bridge MAC of the IRF: 50da-005b-8b98

Auto upgrade         : Enabled

MAC persistence      : 6 min

Topo-domain ID       : 0

Auto merge           : Enabled

# Display IRF link information. Verify that the IRF network interfaces on both member devices are up.

[IRF] display irf link

Member ID   Member Interfaces                   Status

1           XGE1/0/1(ctrl&data)                 Up

            XGE1/0/3(ctrl&data)                 Up

2           XGE2/0/1(ctrl&data)                 Up

            XGE2/0/3(ctrl&data)                 Up

# On the IRF fabric, display detailed information about aggregation groups. Verify that Ten-GigabitEthernet 1/0/2, Ten-GigabitEthernet 1/0/4, Ten-GigabitEthernet 2/0/2, and Ten-GigabitEthernet 2/0/4 are in aggregation group 3 and in Selected state.

[IRF] display link-aggregation verbose

Loadsharing Type: Shar -- Loadsharing, NonS -- Non-Loadsharing

Port Status: S -- Selected, U -- Unselected, I -- Individual

Flags:  A -- LACP_Activity, B -- LACP_Timeout, C -- Aggregation,

        D -- Synchronization, E -- Collecting, F -- Distributing,

        G -- Defaulted, H -- Expired

 

Aggregate Interface: Bridge-Aggregation3

Aggregation Mode: Dynamic

Loadsharing Type: NonS

System ID: 0x8000, 50da-005b-8b98

Local:

  Port             Status  Priority Oper-Key  Flag

--------------------------------------------------------------------------------

  XGE1/0/2         S       32768    1         {ACDEF}

  XGE1/0/4         S       32768    1         {ACDEF}

  XGE2/0/2         S       32768    1         {ACDEF}

  XGE2/0/4         S       32768    1         {ACDEF}

Remote:

  Actor            Partner Priority Oper-Key  SystemID               Flag

--------------------------------------------------------------------------------

  XGE1/0/2         1943    32768    3         0x8000, 741f-4a56-9890 {ACDEF}

  XGE1/0/4         1944    32768    3         0x8000, 741f-4a56-9890 {ACDEF}

  XGE2/0/2         2234    32768    3         0x8000, 741f-4a56-9890 {ACDEF}

  XGE2/0/4         2235    32768    3         0x8000, 741f-4a56-9890 {ACDEF}

# On the switch, display detailed information about aggregation groups. Verify the link aggregation settings and verify that all member ports in the aggregation groups are in Selected state.

[Switch]display link-aggregation verbose

Loadsharing Type: Shar -- Loadsharing, NonS -- Non-Loadsharing

Port Status: S -- Selected, U -- Unselected, I -- Individual

Flags:  A -- LACP_Activity, B -- LACP_Timeout, C -- Aggregation,

        D -- Synchronization, E -- Collecting, F -- Distributing,

        G -- Defaulted, H -- Expired

 

Aggregate Interface: Bridge-Aggregation1

Aggregation Mode: Static

Loadsharing Type: Shar

  Port             Status  Priority Oper-Key

--------------------------------------------------------------------------------

  XGE2/2/0/1       S       32768    1

  XGE2/2/0/3       S       32768    1

 

Aggregate Interface: Bridge-Aggregation2

Aggregation Mode: Static

Loadsharing Type: Shar

  Port             Status  Priority Oper-Key

--------------------------------------------------------------------------------

  XGE2/5/0/1       S       32768    2

  XGE2/5/0/3       S       32768    2

 

Aggregate Interface: Bridge-Aggregation3

Aggregation Mode: Dynamic

Loadsharing Type: Shar

System ID: 0x8000, 741f-4a56-9890

Local:

  Port             Status  Priority Oper-Key  Flag

--------------------------------------------------------------------------------

  XGE2/2/0/2       S       32768    3         {ACDEF}

  XGE2/2/0/4       S       32768    3         {ACDEF}

  XGE2/5/0/2       S       32768    3         {ACDEF}

  XGE2/5/0/4       S       32768    3         {ACDEF}

Remote:

  Actor            Partner Priority Oper-Key  SystemID               Flag

--------------------------------------------------------------------------------

  XGE2/2/0/2       5       32768    1         0x8000, 50da-005b-8b98 {ACDEF}

  XGE2/2/0/4       6       32768    1         0x8000, 50da-005b-8b98 {ACDEF}

  XGE2/5/0/2       11      32768    1         0x8000, 50da-005b-8b98 {ACDEF}

  XGE2/5/0/4       12      32768    1         0x8000, 50da-005b-8b98 {ACDEF}

Configuration files

·     IRF fabric:

#

 sysname IRF

#

 irf mac-address persistent timer

 irf auto-update enable

 irf auto-merge enable

 irf member 1 priority 2

 irf member 2 priority 1

 irf member 1 description AC 1

 irf member 2 description AC 2

#

 link-aggregation lacp traffic-redirect-notification enable

#

irf-port 1

 port group interface Ten-GigabitEthernet1/0/1

 port group interface Ten-GigabitEthernet1/0/3

#

irf-port 2

 port group interface Ten-GigabitEthernet2/0/1

 port group interface Ten-GigabitEthernet2/0/3

#

interface Bridge-Aggregation3

 link-aggregation mode dynamic

 mad enable

#

interface Ten-GigabitEthernet1/0/2

 port link-aggregation group 3

#

interface Ten-GigabitEthernet1/0/4

 port link-aggregation group 3

#

interface Ten-GigabitEthernet2/0/2

 port link-aggregation group 3

#

interface Ten-GigabitEthernet2/0/4

 port link-aggregation group 3

#

·     Switch:

#

 link-aggregation lacp traffic-redirect-notification enable

#

vlan 400

#

interface Bridge-Aggregation1

 port access vlan 400

 undo stp enable

#

interface Bridge-Aggregation2

 port access vlan 400

 undo stp enable

#

interface Bridge-Aggregation3

 link-aggregation mode dynamic

#

interface Ten-GigabitEthernet2/2/0/1

 port link-mode bridge

 port access vlan 400

 port link-aggregation group 1

#

interface Ten-GigabitEthernet2/2/0/2

 port link-mode bridge

 port link-aggregation group 3

#

interface Ten-GigabitEthernet2/2/0/3

 port link-mode bridge

 port access vlan 400

 port link-aggregation group 1

#

interface Ten-GigabitEthernet2/2/0/4

 port link-mode bridge

 port link-aggregation group 3

#

interface Ten-GigabitEthernet2/5/0/1

 port link-mode bridge

 port access vlan 400

 port link-aggregation group 2

#

interface Ten-GigabitEthernet2/5/0/2

 port link-mode bridge

 port link-aggregation group 3

#

interface Ten-GigabitEthernet2/5/0/3

 port link-mode bridge

 port access vlan 400

 port link-aggregation group 2

#

interface Ten-GigabitEthernet2/5/0/4

 port link-mode bridge

 port link-aggregation group 3

#

Related documentation

·     High Availability Configuration Guide in H3C Access Controllers Configuration Guides

·     High Availability Command Reference in H3C Access Controllers Command References

·     Network Connectivity Configuration Guide in H3C Access Controllers Configuration Guides

·     Network Connectivity Command Reference in H3C Access Controllers Command References