03-Layer 2—LAN Switching Configuration Guide

HomeSupportResource CenterH3C S6520X-EI[HI][SI] & S6520-SI & S5560X-HI Switch Series Configuration Guides-R65xx-6W10303-Layer 2—LAN Switching Configuration Guide
06-DRNI configuration
Title Size Download
06-DRNI configuration 426.61 KB

Contents

Configuring DRNI 1

About DRNI 1

DRNI network model 1

DRCP· 2

Keepalive and failover mechanism·· 2

MAD mechanism·· 3

Device role calculation· 3

DRNI MAD DOWN state persistence· 3

DR system setup process· 4

DRNI standalone mode· 5

Configuration consistency check· 5

DRNI sequence number check· 7

DRNI packet authentication· 7

DRNI failure handling mechanisms· 8

Mechanisms to handle concurrent IPL and keepalive link failures· 9

Protocols and standards· 12

Restrictions and guidelines: DRNI configuration· 12

Software version requirements· 12

DRNI configuration· 12

Compatibility with other features· 12

DRNI tasks at a glance· 14

Configuring DR system settings· 15

Configuring the DR system MAC address· 15

Setting the DR system number 15

Setting the DR system priority· 16

Setting the DR role priority of the device· 16

Enabling DRNI standalone mode on a DR member device· 17

Configuring DR keepalive settings· 17

Restrictions and guidelines for configuring DR keepalive settings· 17

Configuring DR keepalive packet parameters· 17

Setting the DR keepalive interval and timeout timer 18

Configuring DRNI MAD·· 18

About this task· 18

Configuring the default DRNI MAD action on network interfaces· 19

Excluding an interface from the shutdown action by DRNI MAD·· 20

Excluding all logical interfaces from the shutdown action by DRNI MAD·· 20

Specifying interfaces to be shut down by DRNI MAD when the DR system splits· 21

Enabling DRNI MAD DOWN state persistence· 21

Configuring a DR interface· 22

Specifying a Layer 2 aggregate interface or VXLAN tunnel interface as the IPP· 22

Enabling the IPP to retain MAC address entries for down single-homed devices· 23

Setting the mode of configuration consistency check· 24

Disabling configuration consistency check· 24

Enabling the short DRCP timeout timer on the IPP or a DR interface· 24

Setting the keepalive hold timer for identifying the cause of IPL down events· 25

Configuring DR system auto-recovery· 25

Setting the data restoration interval 26

Enabling DRNI sequence number check· 26

Enabling DRNI packet authentication· 27

Displaying and maintaining DRNI 27

DRNI configuration examples· 28

Example: Configuring basic DRNI functions· 28

Example: Configuring Layer 3 gateways on a DR system·· 32

 


Configuring DRNI

About DRNI

Distributed Resilient Network Interconnect (DRNI) virtualizes two physical devices into one system through multichassis link aggregation.

DRNI network model

As shown in Figure 1, DRNI virtualizes two devices into a distributed-relay (DR) system, which connects to the remote aggregation system through a multichassis aggregate link. To the remote aggregation system, the DR system is one device.

Figure 1 DRNI network model

 

The DR member devices are DR peers to each other. For features that require centralized traffic processing (for example, spanning tree), a DR member device is assigned the primary or secondary role based on its DR role priority. The secondary DR member device passes the traffic of those features to the primary DR member device for processing. If the DR member devices in a DR system have the same DR role priority, the device with the lower bridge MAC address is assigned the primary role.

DRNI defines the following interface roles for each DR member device:

·     DR interface—Layer 2 aggregate interface connected to the remote aggregation system. DR interfaces connected to the same remote aggregation system belong to one DR group. In Figure 1, Bridge-Aggregation 1 on Device A and Bridge-Aggregation 2 on Device B belong to the same DR group. DR interfaces in a DR group form a multichassis aggregate link.

·     Intra-portal port (IPP)—Interface connected to the DR peer for internal control. Each DR member device has only one IPP. The IPPs of the DR member devices transmit DRNI protocol packets and data packets through the intra-portal link (IPL) established between them. A DR system has only one IPL.

DR member devices use a keepalive link to monitor each other's state. For more information about the keepalive mechanism, see "Keepalive and failover mechanism."

If a device is attached to only one of the DR member devices in a DR system, that device is a single-homed device.

DRCP

DRNI uses IEEE P802.1AX Distributed Relay Control Protocol (DRCP) for multichassis link aggregation. DRCP runs on the IPL and uses distributed relay control protocol data units (DRCPDUs) to advertise the DRNI configuration out of IPPs and DR interfaces.

DRCP operating mechanism

DRNI-enabled devices use DRCPDUs for the following purposes:

·     Exchange DRCPDUs through DR interfaces to determine whether they can form a DR system.

·     Exchange DRCPDUs through IPPs to negotiate the IPL state.

DRCP timeout timers

DRCP uses a timeout mechanism to specify the amount of time that an IPP or DR interface must wait to receive DRCPDUs before it determines that the peer interface is down. This timeout mechanism provides the following timer options:

·     Short DRCP timeout timer, which is fixed at 3 seconds. If this timer is used, the peer interface sends one DRCPDU every second.

·     Long DRCP timeout timer, which is fixed at 90 seconds. If this timer is used, the peer interface sends one DRCPDU every 30 seconds.

Short DRCP timeout timer enables the DR member devices to detect a peer interface down event more quickly than the long DRCP timeout timer. However this benefit is at the expense of bandwidth and system resources.

Keepalive and failover mechanism

For the secondary DR member device to monitor the state of the primary device, you must establish a Layer 3 keepalive link between the DR member devices.

The DR member devices periodically send keepalive packets over the keepalive link. If a DR member device has not received keepalive packets from the peer when the keepalive timeout timer expires, it determines that the keepalive link is down. When both the keepalive link and the IPL are down, a DR member device acts depending on its role.

·     If its role is primary, the device retains its role as long as it has up DR interfaces. If all its DR interfaces are down, its role becomes None.

·     If its role is secondary, the device takes over the primary role and retains the role as long as it has up DR interfaces. If all its DR interfaces are down, its role becomes None.

A device with the None role cannot send or receive keepalive packets. Its keepalive link stays in the down state.

If the keepalive link is down while the IPL is up, the DR member devices prompt you to check for keepalive link issues.

If the keepalive link is up while the IPL is down, the DR member devices elect a primary device based on the information in the keepalive packets.

MAD mechanism

A multi-active collision occurs if the IPL goes down while the keepalive link is up. To avoid network issues, DRNI MAD shuts down all network interfaces on the secondary DR member device except those manually or automatically excluded.

When the IPL comes up, the secondary DR member device starts a delay timer and begins to restore table entries (including MAC address entries and ARP entries) from the primary DR member device. When the delay timer expires, the secondary DR member device brings up all network interfaces placed in DRNI MAD DOWN state.

Device role calculation

The role of a DR member device can be primary, secondary, or none.

DRNI uses the following process to determine the role of each DR member device:

1.     Initially, each DR member device is assigned the none role when it joins a DR system or reboots with DRNI configuration.

2.     If the IPL is up, the DR member devices exchange DRCPDUs over the IPL to determine which of them takes the primary role.

a.     Device roles before calculation. If one device already has the primary role, the primary device retains its role.

b.     DRNI MAD DOWN state. If one device has not placed any network interfaces in DRNI MAD DOWN state, it becomes the primary device.

c.     Health state. The healthier device takes the primary role.

The smaller the health state value, the healthier the device is. The health state value is 0 if the device is running without faults.

d.     DR role priority. The device with higher DR role priority takes the primary role.

e.     Bridge MAC address. The device with a lower bridge MAC address takes the primary role.

The device that has failed the election takes the secondary role if it has DR interfaces in up state. If the device does not have DR interfaces in up state, its role is none.

3.     If the IPL is down, each DR member device examines the availability of their local DR interfaces.

¡     A DR member device changes its role to none if all its local DR interfaces are down.

¡     A DR member device does not change its role if it has a minimum of one DR interface in up state.

4.     If the keepalive link is up, the DR member devices exchange keepalive packets over the link to determine their roles.

¡     If the role of one DR member device is none, the other DR member device retains its primary role or changes its role from secondary to primary.

¡     If neither of them has the none role, the DR member devices negotiate their roles as they do on the IPL.

5.     If both the IPL and the keepalive link are down, a DR member device takes the primary role if it has available DR interfaces.

DRNI MAD DOWN state persistence

Both of the DR member devices might take the primary role if both of them have DR interfaces in up state after the following series of events occur:

1.     The IPL goes down while the keepalive link is up. Then, DRNI MAD shuts down all network interfaces on the secondary DR member device except those excluded from the shutdown action by IRF MAD or DRNI MAD.

2.     The keepalive link also goes down. Then, the secondary DR member device brings up the network interfaces in DRNI MAD DOWN state and sets its role to primary.

DRNI MAD DOWN state persistence helps avoid the forwarding issues that might occur in the multi-active situation that occurs because the keepalive link goes down while the IPL is down.

DR system setup process

As shown in Figure 2, two devices perform the following operations to form a DR system:

1.     Send DRCPDUs over the IPL to each other and compare the DRCPDUs to determine the DR system stackability and device roles:

a.     Compare the DR system settings. The devices can form a DR system if they have consistent DR system settings.

b.     Determine the device roles based on the DR role priority and the bridge MAC address.

c.     Perform configuration consistency check. For more information, see "Configuration consistency check."

2.     Send keepalive packets over the keepalive link after primary DR member election to verify that the peer system is operating correctly.

3.     Synchronize configuration data by sending DRCPDUs over the IPL. The configuration data includes MAC address entries and ARP entries.

Figure 2 DR system setup process

 

DRNI standalone mode

The DR member devices might both operate with the primary role to forward traffic if they have DR interfaces in up state after the DR system splits. DRNI standalone mode helps avoid traffic forwarding issues in this multi-active situation by allowing only the member ports in the DR interfaces on one member device to forward traffic.

The following information describes the operating mechanism of this feature.

The DR member devices change to DRNI standalone mode when they detect that both the IPL and the keepalive link are down. In addition, the secondary DR member device changes its role to primary.

In DRNI standalone mode, the LACPDUs sent out of a DR interface by each DR member device contain the interface-specific LACP system MAC address and LACP system priority.

The Selected state of the member ports in the DR interfaces in a DR group depends on their LACP system MAC address and LACP system priority. If a DR interface has a lower LACP system priority value or LACP system MAC address, the member ports in that DR interface become Selected to forward traffic. If those Selected ports fail, the member ports in the DR interface on the other DR member device become Selected to forward traffic.

 

 

NOTE:

A DR member device changes to DRNI standalone mode only when it detects that both the IPL and the keepalive link are down. It does not change to DRNI standalone mode when the peer DR member device reboots.

 

Configuration consistency check

During DR system setup, DR member devices exchange the configuration and perform configuration consistency check to verify their consistency in the following configurations:

·     Type 1 configuration—Settings that affect traffic forwarding of the DR system. If an inconsistency in type 1 configuration is detected, the secondary DR member device shuts down its DR interfaces.

·     Type 2 configuration—Settings that affect only service features. If an inconsistency in type 2 configuration is detected, the secondary DR member device disables the affected service features, but it does not shut down its DR interfaces.

To prevent interface flapping, the DR system performs configuration consistency check when half the data restoration internal elapses.

 

 

NOTE:

The data restoration interval specifies the maximum amount of time for the secondary DR member device to synchronize data with the primary DR member device during DR system setup. For more information, see "Setting the data restoration interval."

 

Type 1 configuration

Type 1 configuration consistency check is performed both globally and on DR interfaces. Table 1 and Table 2 show settings that type 1 configuration contains.

Table 1 Global type 1 configuration

Setting

Details

IPP link type

IPP link type, including access, hybrid, and trunk.

PVID on the IPP

PVID on the IPP.

Spanning tree state

·     Global spanning tree state.

·     VLAN-specific spanning tree state. DRNI checks the VLAN-specific spanning tree state only when PVST is enabled.

Spanning tree mode

Spanning tree mode, including STP, RSTP, PVST, and MSTP.

MST region settings

·     MST region name.

·     MST region revision level.

·     VLAN-to-MSTI mappings.

 

Table 2 DR interface type 1 configuration

Setting

Details

Aggregation mode

Aggregation mode, including static and dynamic.

Spanning tree state

Interface-specific spanning tree state.

Link type

Interface link type, including access, hybrid, and trunk.

PVID

Interface PVID.

 

Type 2 configuration

Type 2 configuration consistency check is performed both globally and on DR interfaces. Table 3 and Table 4 show settings that type 2 configuration contains.

Table 3 Global type 2 configuration

Setting

Details

VLANs permitted by the IPP

VLANs permitted by the IPP.

The DR system compares tagged VLANs prior to untagged VLANs.

VLAN interfaces

Up VLAN interfaces of which the VLANs contain the IPP.

VLAN interface status

Whether a VLAN interface is in administratively down state.

IPv4 address of a VLAN interface

IPv4 address assigned to a VLAN interface.

IPv6 address of a VLAN interface

IPv6 address assigned to a VLAN interface.

Virtual IPv4 address of the VRRP group on a VLAN interface

Virtual IPv4 address of the VRRP group configured on a VLAN interface.

Global BPDU guard

Global status of BPDU guard.

MAC aging timer

Aging timer for dynamic MAC address entries.

VSI name

Name of a VSI that has ACs on a DR interface.

VXLAN ID

VXLAN ID of a VSI.

Gateway interface

VSI interface associated with a VSI.

VSI interface number

Number of a VSI interface.

MAC address of a VSI interface

MAC address assigned to a VSI interface.

IPv4 address of a VSI interface

IPv4 address assigned to a VSI interface.

IPv6 address of a VSI interface

IPv6 address assigned to a VSI interface.

Physical state of a VSI interface

Physical link state of a VSI interface.

Protocol state of a VSI interface

Data link layer state of a VSI interface.

 

The device displays the following global type 2 settings only when VLAN or VLAN interface configuration inconsistency exists:

·     VLAN interface status.

·     IPv4 address of a VLAN interface.

·     IPv6 address of a VLAN interface.

·     Virtual IPv4 address of the VRRP group on a VLAN interface.

Table 4 DR interface type 2 configuration

Setting

Details

VLANs permitted by a DR interface

VLANs permitted by a DR interface.

The DR system compares tagged VLANs prior to untagged VLANs.

Using port speed as the prioritized criterion for reference port selection

Whether a DR interface uses port speed as the prioritized criterion for reference port selection.

Ignoring port speed in setting the aggregation states of member ports

Whether a DR interface ignores port speed in setting the aggregation states of member ports.

Root guard status

Status of root guard.

 

DRNI sequence number check

DRNI sequence number check protects DR member devices from replay attacks.

With this feature enabled, the DR member devices insert a sequence number into each outgoing DRCPDU or keepalive packet and the sequence number increases by 1 for each sent packet. When receiving a DRCPDU or keepalive packet, the DR member devices check its sequence number and drop the packet if the check result is either of the following:

·     The sequence number of the packet is the same as that of a previously received packet.

·     The sequence number of the packet is smaller than that of the most recently received packet.

DRNI packet authentication

DRNI packet authentication prevents DRCPDU and keepalive packet tampering from causing link flapping.

With this feature enabled, the DR member devices compute a message digest by using an authentication key for each outgoing DRCPDU or keepalive packet and insert the message digest into the packet. When receiving a DRCPDU or keepalive packet, a DR member device computes a message digest and compares it with the message digest in the packet. If the message digests match, the packet passes authentication. If the message digests do not match, the device drops the packet.

DRNI failure handling mechanisms

DR interface failure handling mechanism

When the DR interface of one DR member device fails, the DR system forwards traffic through the other DR member device.

As shown in Figure 3, Device A and Device B form a DR system, to which Device C is attached through a multichassis aggregation. If traffic to Device C arrives at Device B after the DR interface connected Device B to Device C has failed, the DR system forwards the traffic as follows:

1.     Device B sends the traffic to Device A over the IPL.

2.     Device A forwards the downlink traffic received from the IPL to Device C.

After the faulty DR interface comes up, Device B forwards traffic to Device C through the DR interface.

Figure 3 DR interface failure handling mechanism

 

IPL failure handling mechanism

As shown in Figure 4, multi-active collision occurs if the IPL goes down while the keepalive link is up. To avoid network issues, the secondary DR device sets all network interfaces to DRNI MAD DOWN state, except for the interfaces excluded from the shutdown action by DRNI MAD.

In this situation, the primary DR member device forwards all traffic for the DR system.

When the IPP comes up, the secondary DR member device does not bring up the network interfaces immediately. Instead, it starts a delay timer and begins to recover data from the primary DR member device. When the delay timer expires, the secondary DR member device brings up all network interfaces.

Figure 4 IPL failure handling mechanism

 

Device failure handling mechanism

As shown in Figure 5, when the primary DR member device fails, the secondary DR member device takes over the primary role to forward all traffic for the DR system. When the faulty device recovers, it becomes the secondary DR member device.

When the secondary DR member device fails, the primary DR member device forwards all traffic for the DR system.

Figure 5 Device failure handling mechanism

 

Uplink failure handling mechanism

Uplink failure does not interrupt traffic forwarding of the DR system. As shown in Figure 6, when the uplink of Device A fails, Device A passes traffic destined for the IP network to Device B for forwarding.

To enable faster traffic switchover in response to an uplink failure and minimize traffic losses, configure Monitor Link to associate the DR interfaces with the uplink interfaces. When the uplink interface of a DR member device fails, that device shuts down its DR interface for the other DR member device to forward all traffic of Device C. For more information about Monitor Link, see High Availability Configuration Guide.

Figure 6 Uplink failure handling mechanism

 

Mechanisms to handle concurrent IPL and keepalive link failures

When both the IPL and the keepalive link are down, the DR member devices handle this situation depending on your configuration.

Default failure handling mechanism

Figure 7 shows the default mechanism to handle IPL and keepalive link failures when the DRNI standalone mode and DRNI MAD DOWN state persistency features are not configured.

·     If the IPL goes down while the keepalive link is up, the DR member devices negotiate their roles over the keepalive link. DRNI MAD shuts down all network interfaces on the secondary DR member device except those excluded from the shutdown action by IRF MAD or DRNI MAD.

·     If the keepalive link goes down while the IPL is down, the secondary DR member device sets its role to primary and brings up the network interfaces in DRNI MAD DOWN state to forward traffic. In this situation, both of the DR member devices might operate with the primary role to forward traffic. Forwarding errors might occur because the DR member devices cannot synchronize MAC address entries over the IPL.

·     If the keepalive link is down before the IPL goes down, DRNI MAD will not place network interfaces in DRNI MAD DOWN state. Both DR member devices can operate with the primary role to forward traffic.

Figure 7 Default failure handling mechanism

 

Failure handling mechanism with DRNI MAD DOWN state persistence

Figure 8 shows the mechanism to handle IPL and keepalive link failures when the DRNI MAD DOWN state persistence feature is configured.

·     If the IPL goes down while the keepalive link is up, the DR member devices negotiate their roles over the keepalive link. DRNI MAD shuts down all network interfaces on the secondary DR member device except those excluded from the shutdown action by IRF MAD or DRNI MAD.

·     If the keepalive link goes down while the IPL is down, the secondary DR member device sets its role to primary, but it does not bring up the network interfaces in DRNI MAD DOWN state. Only the original primary member device can forward traffic.

·     If the keepalive link is down before the IPL goes down, DRNI MAD will not place network interfaces in DRNI MAD DOWN state. Both DR member devices can operate with the primary role to forward traffic.

Figure 8 Failure handling mechanism with DRNI MAD DOWN state persistence

 

As shown in Figure 9, you can bring up the interfaces in DRNI MAD DOWN state on the secondary DR member device for it to forward traffic if the following conditions exist:

·     Both the IPL and the keepalive link are down.

·     The primary DR member device fails or its DR interface fails.

Figure 9 Bringing up the interfaces in DRNI MAD DOWN state

 

Failure handling mechanism with DRNI standalone mode

Figure 10 shows the mechanism to handle IPL and keepalive link failures when the DRNI standalone mode feature is configured.

·     If the IPL goes down while the keepalive link is up, the DR member devices negotiate their roles over the keepalive link. DRNI MAD shuts down all network interfaces on the secondary DR member device except those excluded from the shutdown action by IRF MAD or DRNI MAD.

·     If the keepalive link goes down while the IPL is down, both DR member devices change to DRNI standalone mode. The secondary DR member device sets its role to primary and brings up its network interfaces in DRNI MAD DOWN state. In DRNI standalone mode, only the aggregation member ports on one DR member device can become Selected to forward traffic. For more information about how DRNI standalone mode operates, see "DRNI standalone mode."

·     If the keepalive link is down before the IPL goes down, both DR member devices change to DRNI standalone mode.

Figure 10 Failure handling mechanism with DRNI standalone mode

 

Protocols and standards

IEEE P802.1AX-REV/D4.4c, Draft Standard for Local and Metropolitan Area Networks

Restrictions and guidelines: DRNI configuration

Software version requirements

The DR member devices in a DR system must use the same software version.

DRNI configuration

For the DR member devices to be identified as one DR system, you must configure the same DR system MAC address and DR system priority on them. You must assign different DR system numbers to the DR member devices.

Do not configure the same LACP system MAC address for the DR interfaces in the same DR group.

As a best practice to reduce the impact of interface flapping on upper-layer services, use the link-delay command to configure the same link delay settings on the IPPs.

To prevent data synchronization failure, you must set the same maximum jumbo frame length on the IPPs of the DR member devices.

To ensure correct forwarding, delete DRNI configuration from a DR member device if it leaves its DR system.

Compatibility with other features

Feature

Restrictions and guidelines

IRF

DRNI cannot work correctly on an IRF fabric. Do not configure DRNI on an IRF fabric. For more information about IRF, see Virtual Technologies Configuration Guide.

MAC address table

If the DR system has a large number of MAC address entries, set the MAC aging timer to a higher value than 20 minutes as a best practice. To set the MAC aging timer, use the mac-address timer command.

The MAC address learning feature is disabled on the IPP.

For more information about the MAC address table, see "Configuring the MAC address table."

Ethernet link aggregation

Do not configure automatic link aggregation on a DR system.

The aggregate interfaces in an S-MLAG group cannot be used as DR interfaces or IPPs.

When you configure a DR interface, follow these restrictions and guidelines:

·     The link-aggregation selected-port maximum and link-aggregation selected-port minimum commands do not take effect on a DR interface.

·     If you execute the display link-aggregation verbose command for a DR interface, the displayed system ID contains the DR system MAC address and the DR system priority.

·     If the reference port is a member port of a DR interface, the display link-aggregation verbose command displays the reference port on both DR member devices.

For more information about Ethernet link aggregation, see "Configuring Ethernet link aggregation."

Port isolation

Do not assign DR interfaces or IPPs to a port isolation group. For more information about port isolation, see "Configuring port isolation."

Loop detection

Member devices in a DR system must have the same loop detection configuration. For information about loop detection, see "Configuring loop detection."

Spanning tree

When the spanning tree protocol is enabled for a DR system, follow these restrictions and guidelines:

·     Make sure the DR member devices have the same spanning tree configuration. Violation of this rule might cause network flapping. The configuration includes:

¡     Global spanning tree configuration.

¡     Spanning tree configuration on the IPP.

¡     Spanning tree configuration on DR interfaces.

·     IPPs of the DR system do not participate in spanning tree calculation.

·     The DR member devices still use the DR system MAC address after the DR system splits, which will cause spanning tree calculation issues. To avoid the issues, enable DRNI standalone mode on the DR member devices before the DR system splits.

For more information about spanning tree, see "Configuring spanning tree."

CFD

Do not use the MAC address of a remote MEP for CFD tests on IPPs. These tests cannot work on IPPs. For more information about CFD, see High Availability Configuration Guide.

VRRP

If you use DRNI and VRRP together, make sure the keepalive hold timer is shorter than the interval at which the VRRP master sends VRRP advertisements. Violation of this restriction might cause a VRRP master/backup switchover to occur before IPL failure is confirmed. To set the interval at which the VRRP master sends VRRP advertisements, use the vrrp vrid timer advertise or vrrp ipv6 vrid timer advertise command. For more information about the commands, see High Availability Command Reference.

Mirroring

If you use port mirroring together with DRNI, assign the source port, destination port, egress port, and reflector port for a mirroring group to the same aggregation group. If the source port is in a different aggregation group than the other ports, mirrored LACPDUs will be transmitted between aggregation groups and cause aggregate interface flapping.

VXLAN and EVPN

For information about VXLAN and EVPN restrictions, see VXLAN Configuration Guide and EVPN VXLAN configuration in EVPN Configuration Guide.

 

DRNI tasks at a glance

To configure DRNI, perform the following tasks:

1.     Configuring DR system settings

¡     Configuring the DR system MAC address

¡     Setting the DR system number

¡     Setting the DR system priority

2.     Setting the DR role priority of the device

3.     (Optional.) Enabling DRNI standalone mode on a DR member device

4.     Configuring DR keepalive settings

¡     Configuring DR keepalive packet parameters

¡     Setting the DR keepalive interval and timeout timer

5.     Configuring DRNI MAD

¡     Configuring the default DRNI MAD action on network interfaces

¡     Excluding an interface from the shutdown action by DRNI MAD

¡     Excluding all logical interfaces from the shutdown action by DRNI MAD

¡     Specifying interfaces to be shut down by DRNI MAD when the DR system splits

¡     Enabling DRNI MAD DOWN state persistence

6.     Configuring a DR interface

7.     Specifying a Layer 2 aggregate interface or VXLAN tunnel interface as the IPP

8.     (Optional.) Enabling the IPP to retain MAC address entries for down single-homed devices

9.     (Optional.) Configuring configuration consistency check

¡     Setting the mode of configuration consistency check

¡     (Optional.) Disabling configuration consistency check

Configuration consistency check might fail when you upgrade the DR member devices in a DR system. To prevent the DR system from falsely shutting down DR interfaces, temporarily disable configuration consistency check.

10.     (Optional.) Enabling the short DRCP timeout timer on the IPP or a DR interface

11.     Configuring DRNI timers

¡     (Optional.) Setting the keepalive hold timer for identifying the cause of IPL down events

¡     Configuring DR system auto-recovery

¡     (Optional.) Setting the data restoration interval

12.     (Optional.) Configuring DRNI security features

¡     Enabling DRNI sequence number check

¡     Enabling DRNI packet authentication

Configuring DR system settings

Configuring the DR system MAC address

Restrictions and guidelines

On a DR system, DR interfaces in the same DR group must use the same LACP system MAC address. As a best practice, use the bridge MAC address of one DR member device as the DR system MAC address.

Changing the DR system MAC address causes DR system split. When you perform this task on a live network, make sure you are fully aware of its impact.

You can configure the DR system MAC address on an aggregate interface only after it is configured as a DR interface.

You can configure the DR system MAC address globally and in aggregate interface view. The global DR system MAC address takes effect on all aggregation groups. On an aggregate interface, the interface-specific DR system MAC address takes precedence over the global DR system MAC address.

Procedure

1.     Enter system view.

system-view

2.     Configure the DR system MAC address.

drni system-mac mac-address

By default, the DR system MAC address is not configured.

3.     Enter Layer 2 aggregate interface view.

interface bridge-aggregation interface-number

4.     Set the DR system MAC address on the aggregate interface.

port drni system-mac mac-address

By default, the DR system MAC address is not configured.

Setting the DR system number

Restrictions and guidelines

Changing the DR system number causes DR system split. When you perform this task on a live network, make sure you are fully aware of its impact.

You must assign different DR system numbers to the DR member devices in a DR system.

Procedure

1.     Enter system view.

system-view

2.     Set the DR system number.

drni system-number system-number

By default, the DR system number is not set.

Setting the DR system priority

About this task

A DR system uses its DR system priority as the system LACP priority to communicate with the remote aggregation system.

Restrictions and guidelines

Changing the DR system priority in system view causes DR system split. When you perform this task on a live network, make sure you are fully aware of its impact.

You must configure the same DR system priority for the DR interfaces in the same DR group.

You can configure the DR system priority on an aggregate interface only after it is configured as a DR interface.

You can configure the DR system priority globally and in aggregate interface view. The global DR system priority takes effect on all aggregation groups. On an aggregate interface, the interface-specific DR system priority takes precedence over the global DR system priority.

Procedure

1.     Enter system view.

system-view

2.     Set the DR system priority.

drni system-priority system-priority

By default, the DR system priority is 32768.

3.     Enter Layer 2 aggregate interface view.

interface bridge-aggregation interface-number

4.     Set the DR system priority on the aggregate interface.

port drni system-priority priority

By default, the DR system priority is 32768.

Setting the DR role priority of the device

About this task

DRNI assigns the primary or secondary role to a DR member device based on its DR role priority. The smaller the priority value, the higher the priority. If the DR member devices in a DR system use the same DR role priority, the device with the lower bridge MAC address is assigned the primary role.

Restrictions and guidelines

To prevent a primary/secondary role switchover from causing network flapping, avoid changing the DR priority assignment after the DR system is established.

Procedure

1.     Enter system view.

system-view

2.     Set the DR role priority of the device.

drni role priority priority-value

By default, the DR role priority of the device is 32768.

Enabling DRNI standalone mode on a DR member device

About this task

Perform this task to avoid forwarding issues in the multi-active situation that might occur after both the IPL and the keepalive link are down.

DRNI standalone mode helps avoid traffic forwarding issues in this multi-active situation by allowing only the member ports in the DR interfaces on one member device to forward traffic. For more information about this mode, see "DRNI standalone mode."

When you configure this feature, you can configure a delay to prevent an unnecessary mode change because of transient link down issues.

Restrictions and guidelines

As a best practice, enable DRNI standalone mode on both DR member devices.

Before you enable DRNI standalone mode on a DR member device, make sure its LACP system priority is higher than that of the remote aggregation system. This restriction ensures that the reference port is on the remote aggregation system and prevents the interfaces attached to the DR system from flapping.

Procedure

1.     Enter system view.

system-view

2.     Enable DRNI standalone mode.

drni standalone enable [ delay delay-time ]

By default, DRNI standalone mode is disabled.

Configuring DR keepalive settings

Restrictions and guidelines for configuring DR keepalive settings

As a best practice, establish a dedicated direct link between DR member devices as a keepalive link. Do not use the keepalive link for any other purposes. Make sure the DR member devices have Layer 2 and Layer 3 connectivity to each other over the keepalive link.

Configuring DR keepalive packet parameters

About this task

Perform this task to specify the parameters for sending DR keepalive packets, such as its source and destination IP addresses.

The device accepts only keepalive packets that are sourced from the specified destination IP address. The keepalive link goes down if the device receives keepalive packets sourced from any other IP address.

Restrictions and guidelines

Make sure the DR member devices in a DR system use the same keepalive destination UDP port.

Procedure

1.     Enter system view.

system-view

2.     Configure DR keepalive packet parameters.

drni keepalive { ip | ipv6 } destination { ipv4-address | ipv6-address } [ source { ipv4-address | ipv6-address } | udp-port udp-number | vpn-instance vpn-instance-name ] *

By default, the DR keepalive packet parameters are not configured. If you do not specify a source IP address or destination UDP port when you execute this command, the IP address of the outgoing interface and UDP port 6400 are used, respectively.

Setting the DR keepalive interval and timeout timer

About this task

The device sends keepalive packets at the specified interval to its DR peer. If the device has not received a keepalive packet from the DR peer before the keepalive timeout timer expires, the device determines that the keepalive link is down.

Restrictions and guidelines

The local DR keepalive timeout timer must be two times the DR keepalive interval of the peer at minimum.

Configure the same DR keepalive interval on the DR member devices in the DR system.

Procedure

1.     Enter system view.

system-view

2.     Set the DR keepalive interval and timeout timer.

drni keepalive interval interval [ timeout timeout ]

By default, the DR keepalive interval is 1000 milliseconds, and the DR keepalive timeout timer is 5 seconds.

Configuring DRNI MAD

About this task

DRNI MAD configuration methods

When you configure DRNI MAD, use either of the following methods:

·     To shut down all network interfaces on the secondary DR member device except a few special-purpose interfaces that must be retained in up state:

¡     Set the default DRNI MAD action to DRNI MAD DOWN. For more information, see "Configuring the default DRNI MAD action on network interfaces."

¡     Exclude interfaces from being shut down by DRNI MAD. For more information, see "Excluding an interface from the shutdown action by DRNI MAD."

This method is applicable to most network environments.

·     To have the secondary DR member device retain a large number of interfaces in up state and shut down the remaining interfaces:

¡     Set the default DRNI MAD action to NONE. For more information, see "Configuring the default DRNI MAD action on network interfaces."

¡     Specify network interfaces that must be shut down by DRNI MAD. For more information, see "Specifying interfaces to be shut down by DRNI MAD when the DR system splits."

One applicable scenario of this method is the EVPN environment in which you use a VXLAN tunnel as the IPL. In this scenario, you must retain a large number of logical interfaces (for example, tunnel and loopback interfaces) in up state.

List of automatically included interfaces

DRNI MAD will always shut down the ports in the system-configured included port list if the device acts as the secondary DR member device when the DR system splits.

This list contains aggregation member ports of DR interfaces. To identify system-configured included ports, execute the display drni mad verbose command.

List of automatically excluded interfaces

DRNI MAD will not shut down the ports in the following list when the DR system splits:

·     System-configured excluded port list in DRNI MAD:

¡     IPP.

¡     Aggregation member interfaces if a Layer 2 aggregate interface is used as the IPP.

¡     DR interfaces.

¡     Management interfaces.

To identify these interfaces, execute the display drni mad verbose command.

·     Interfaces manually or automatically excluded from being shut down by IRF MAD. To identify these interfaces, execute the display mad verbose command.

·     Network interfaces used for special purposes, including:

¡     Interfaces placed in a loopback test by using the loopback command.

¡     Interfaces in a mirroring group.

¡     Interfaces forced to stay up by using the port-up mode command.

Configuring the default DRNI MAD action on network interfaces

About this task

You can configure DRNI MAD to take either of the following default actions on network interfaces if the device acts as the secondary DR member device when the DR system splits:

·     DRNI MAD DOWN—DRNI MAD will shut down all network interfaces on the secondary DR member device when the DR system splits, except the interfaces excluded manually or by the system.

·     NONE—DRNI MAD will not shut down any network interfaces when the DR system splits, except the interfaces configured manually or by the system to be shut down by DRNI MAD.

Restrictions and guidelines

The DRNI MAD DOWN action will not take effect on the interfaces listed in "List of automatically excluded interfaces."

The DRNI MAD DOWN action will always take on the interfaces listed in "List of automatically included interfaces," even if the default DRNI MAD action is NONE.

Procedure

1.     Enter system view.

system-view

2.     Configure the default DRNI MAD action to take on network interfaces on the secondary DR member device when the DR system splits.

drni mad default-action { down | none }

By default, DRNI MAD shuts down network interfaces on the secondary DR member device.

Excluding an interface from the shutdown action by DRNI MAD

About this task

By default, DRNI MAD automatically excludes the interfaces listed in "List of automatically excluded interfaces" when it shuts down network interfaces on the secondary DR member device.

To specify additional interfaces that cannot be shut down, perform this task.

You typically perform this task when the default DRNI MAD action is set to DRNI MAD DOWN.

Restrictions and guidelines

You must always exclude the following interfaces from being shut down by DRNI MAD:

·     For correct keepalive detection, you must exclude the interfaces used for keepalive detection.

·     If the IPP is a tunnel interface, you must exclude the traffic outgoing interface for the tunnel.

·     For DR member devices to synchronize ARP entries, you must exclude the VLAN interfaces of the VLANs to which the DR interfaces and IPPs belong.

The DRNI MAD DOWN action is always taken on interfaces listed in "List of automatically included interfaces." You cannot disable the action by excluding those interfaces.

To view interfaces excluded from the MAD shutdown action, see the Excluded ports (user-configured) field in the output from the display drni mad verbose command.

If you exclude an interface that is already in DRNI MAD DOWN state from the MAD shutdown action, the interface stays in that state. It will not come up automatically.

Procedure

1.     Enter system view.

system-view

2.     Exclude an interface from the shutdown action by DRNI MAD.

drni mad exclude interface interface-type interface-number

By default, DRNI MAD shuts down all network interfaces when detecting a multi-active collision, except for the network interfaces set by the system to not shut down.

Excluding all logical interfaces from the shutdown action by DRNI MAD

About this task

When a VXLAN tunnel is used as the IPL on an EVPN DR system, you must retain a large number of logical interfaces (for example, tunnel and loopback interfaces) in up state. To simplify configuration, you can exclude all logical interfaces from the shutdown action by DRNI MAD.

Restrictions and guidelines

The drni mad exclude interface and drni mad include interface commands take precedence over the drni mad exclude logical-interfaces command.

Procedure

1.     Enter system view.

system-view

2.     Exclude all logical interfaces from the shutdown action by DRNI MAD.

drni mad exclude logical-interfaces

By default, DRNI MAD shuts down all network interfaces when it detects a multi-active collision, except for the network interfaces set by the system to not shut down.

Specifying interfaces to be shut down by DRNI MAD when the DR system splits

About this task

By default, DRNI MAD automatically shuts down the interfaces listed in "List of automatically included interfaces" if the device is the secondary DR member device when the DR system splits.

To specify additional interfaces to be shut down by DRNI MAD, perform this task.

You typically perform this task when the default DRNI MAD action is set to NONE.

Restrictions and guidelines

The DRNI MAD DOWN action will not take effect on the interfaces listed in "List of automatically excluded interfaces."

Procedure

1.     Enter system view.

system-view

2.     Specify interfaces to be shut down by DRNI MAD when the DR system splits.

drni mad include interface interface-type interface-number

By default, the user-configured included port list does not contain any ports.

Enabling DRNI MAD DOWN state persistence

About this task

DRNI MAD DOWN state persistency helps avoid the multi-active situation by preventing the secondary DR member device from bringing up the network interfaces in DRNI MAD DOWN state. For more information about this feature, see "DRNI MAD DOWN state persistence" and "Failure handling mechanism with DRNI MAD DOWN state persistence."

You can bring up the interfaces in DRNI MAD DOWN state on the secondary DR member device for it to forward traffic if the following conditions exist:

·     The primary DR member device fails while the IPL is down.

·     The DRNI MAD DOWN state persists on the secondary DR member device.

Procedure

1.     Enter system view.

system-view

2.     Enable DRNI MAD DOWN state persistence.

drni mad persistent

By default, the secondary DR member device brings up interfaces in DRNI MAD DOWN state when its role changes to primary.

3.     (Optional.) Bring up the interfaces in DRNI MAD DOWN state.

drni mad restore

Configuring a DR interface

Restrictions and guidelines

The device can have multiple DR interfaces. However, you can assign a Layer 2 aggregate interface to only one DR group.

A Layer 2 aggregate interface cannot operate as both IPP and DR interface.

To improve forwarding efficiency, exclude the DR interface on the secondary DR member device from the shutdown action by DRNI MAD. This action enables the DR interface to forward traffic immediately after a multi-active collision is removed without having to wait for the secondary DR member device to complete entry restoration.

Procedure

1.     Enter system view.

system-view

2.     Enter Layer 2 aggregate interface view.

interface bridge-aggregation interface-number

3.     Assign the aggregate interface to a DR group.

port drni group group-id

Specifying a Layer 2 aggregate interface or VXLAN tunnel interface as the IPP

Restrictions and guidelines

A Layer 2 aggregate interface or VXLAN tunnel interface cannot operate as both IPP and DR interface. Make sure the bandwidth of the IPP is higher than that of a DR interface.

Do not associate a VXLAN tunnel interface with a VXLAN if you use it as the IPP. You can use a VXLAN tunnel interface as an IPP only in an EVPN network. For more information about EVPN, see EVPN Configuration Guide.

A DR member device can have only one IPP.

As a best practice to reduce the impact of interface flapping on upper-layer services, execute the link-delay command on the IPP. For more information about this command, see Ethernet link aggregation commands in Layer 2—LAN Switching Command Reference.

By default, MAC address learning is enabled on the IPP. This feature is not configurable on the IPP. For more information about the MAC address learning feature, see "Configuring the MAC address table."

To prevent data synchronization failure, you must set the same maximum jumbo frame length on the IPPs of the DR member devices. For more information about jumbo frames, see "Configuring Ethernet link aggregation."

Do not use the MAC address of a remote MEP for CFD tests on IPPs. These tests cannot work on IPPs. For more information about CFD, see High Availability Configuration Guide.

Procedure

1.     Enter system view.

system-view

2.     Enter interface view.

¡     Enter Layer 2 aggregate interface view.

interface bridge-aggregation interface-number

¡     Enter VXLAN tunnel interface view.

interface tunnel number

3.     Specify the interface as the IPP.

port drni intra-portal-port port-id

4.     For DRNI to operate correctly, disable the static source check feature for the MAC address table.

quit

undo mac-address static source-check enable

By default, static source check is enabled.

For more information about the mac-address static source-check enable command, see "Configuring the MAC address table."

Enabling the IPP to retain MAC address entries for down single-homed devices

About this task

When a DR member device detects that the link to a single-homed device goes down, the IPP takes the following actions:

·     Deletes the MAC address entries for the single-homed device.

·     Sends a message to the peer IPP for it to delete the affected MAC address entries.

If the link to a single-homed device flaps constantly, the IPP repeatedly deletes and adds MAC address entries for the device. This situation increases floods of unicast traffic destined for the single-homed device.

To reduce flood traffic, enable the IPP to retain MAC address entries for single-homed devices. After the links to single-homed devices go down, the affected MAC address entries age out on expiration of the MAC aging timer instead of being deleted immediately. The timer is set by using the mac-address timer command. For more information about this command, see MAC address table commands in Layer 2—LAN Switching Command Reference.

Procedure

1.     Enter system view.

system-view

2.     Enable the IPP to retain MAC address entries for single-homed devices.

drni ipp mac-address hold

By default, the IPP does not retain MAC address entries for single-homed devices when the devices go down.

Setting the mode of configuration consistency check

About this task

The device handles configuration inconsistency depending on the mode of configuration consistency check.

·     For type 1 configuration inconsistency:

¡     The device generates log messages if loose mode is enabled.

¡     The device shuts down DR interfaces and generates log messages if strict mode is enabled.

·     For type 2 configuration inconsistency, the device only generates log messages, whether strict or loose mode is enabled.

Procedure

1.     Enter system view.

system-view

2.     Set the mode of configuration consistency check.

drni consistency-check mode { loose | strict }

By default, configuration consistency check uses strict mode.

Disabling configuration consistency check

About this task

To ensure that the DR system can operate correctly, DRNI by default performs configuration consistency check when the DR system is set up.

Configuration consistency check might fail when you upgrade the DR member devices in a DR system. To prevent the DR system from falsely shutting down DR interfaces, you can temporarily disable configuration consistency check.

Restrictions and guidelines

Make sure the DR member devices use the same setting for configuration consistency check.

Procedure

1.     Enter system view.

system-view

2.     Disable configuration consistency check.

drni consistency-check disable

By default, configuration consistency check is enabled.

Enabling the short DRCP timeout timer on the IPP or a DR interface

About this task

By default, the IPP or a DR interface uses the 90-second long DRCP timeout timer. To detect peer interface down events more quickly, enable the 3-second short DRCP timeout timer on the interface.

Restrictions and guidelines

To avoid traffic interruption during an ISSU or DRNI process restart, disable the short DRCP timeout timer before you perform an ISSU or DRNI process restart. For more information about ISSU, see Fundamentals Configuration Guide.

Procedure

1.     Enter system view.

system-view

2.     Enter interface view.

¡     Enter Layer 2 aggregate interface view.

interface bridge-aggregation interface-number

¡     Enter VXLAN tunnel interface view.

interface tunnel number

3.     Enable the short DRCP timeout timer.

drni drcp period short

By default, an interface uses the long DRCP timeout timer (90 seconds).

Setting the keepalive hold timer for identifying the cause of IPL down events

About this task

The keepalive hold timer starts when the IPL goes down. The keepalive hold timer specifies the amount of time that the device uses to identify the cause of an IPL down event.

·     If the device receives keepalive packets from the DR peer before the timer expires, the IPL is down because the IPL fails.

·     If the device does not receive keepalive packets from the DR peer before the timer expires, the IPL is down because the peer DR member device fails.

Procedure

1.     Enter system view.

system-view

2.     Set the keepalive hold timer.

drni keepalive hold-time value

By default, the keepalive hold timer is 3 seconds.

Configuring DR system auto-recovery

About this task

If only one DR member device recovers after the entire DR system reboots, auto-recovery enables that member device to remove its DR interfaces from the DRNI DOWN interface list.

·     If that member device has up DR interfaces, it takes over the primary role when the reload delay timer expires and forwards traffic.

·     If that member device does not have up DR interfaces, it is stuck in the None role and does not forward traffic.

If auto-recovery is disabled, that DR member device will be stuck in the None role with all its DR interfaces being DRNI DOWN after it recovers.

Restrictions and guidelines

If both DR member devices recover and have up DR interfaces after the entire DR system reboots, active-active situation might occur if both the IPL and the keepalive link were down when the reload delay timer expires. If this rare situation occurs, examine the IPL and the keepalive link and restore them.

To avoid incorrect role preemption, make sure the reload delay timer is longer than the amount of time required for the device to restart.

Procedure

1.     Enter system view.

system-view

2.     Configure DR system auto-recovery.

drni auto-recovery reload-delay delay-value

By default, DR system auto-recovery is not configured. The reload delay timer is not set.

Setting the data restoration interval

About this task

The data restoration interval specifies the maximum amount of time for the secondary DR member device to synchronize data with the primary DR member device during DR system setup. Within the data restoration interval, the secondary DR member device sets all network interfaces to DRNI MAD DOWN state, except for the following interfaces:

·     Interfaces excluded from the shutdown action by IRF MAD.

·     Interfaces excluded from the shutdown action by DRNI MAD.

When the data restoration interval expires, the secondary DR member device brings up all network interfaces.

Restrictions and guidelines

Increase the data restoration interval as needed for the following purposes:

·     Avoid packet loss and forwarding failure that might occur when the amount of data is large or when you perform an ISSU between the DR member devices.

·     Avoid DR interface flapping that might occur if type 1 configuration consistency check fails after the DR interfaces come up upon expiration of the data restoration interval.

Procedure

1.     Enter system view.

system-view

2.     Set the data restoration interval.

drni restore-delay value

By default, the data restoration interval is 30 seconds.

Enabling DRNI sequence number check

Restrictions and guidelines

As a best practice to improve security, use DRNI sequence number check together with DRNI packet authentication.

After one DR member device reboots, the other DR member device might receive and accept the packets that were intercepted by an attacker before the reboot. As a best practice, change the  authentication key after a DR member device reboots.

Procedure

1.     Enter system view.

system-view

2.     Enable DRNI sequence number check.

drni sequence enable

By default, DRNI sequence number check is disabled.

Enabling DRNI packet authentication

Restrictions and guidelines

For successful authentication, configure the same authentication key for the DR member devices.

Procedure

1.     Enter system view.

system-view

2.     Enable DRNI packet authentication and configure an authentication key.

drni authentication key { simple | cipher } string

By default, DRNI packet authentication is disabled.

Displaying and maintaining DRNI

Execute display commands in any view and reset commands in user view.

 

Task

Command

Display information about the configuration consistency check done by DRNI.

display drni consistency { type1 | type2 } { global | interface interface-type interface-number }

Display DRCPDU statistics.

display drni drcp statistics [ interface interface-type interface-number ]

Display DR keepalive packet statistics.

display drni keepalive

Display detailed DRNI MAD information.

display drni mad verbose

Display DR role information.

display drni role

Display brief information about the IPP and DR interfaces.

display drni summary

Display the DR system settings.

display drni system

Display detailed information about the IPP and DR interfaces.

display drni verbose [ interface bridge-aggregation interface-number ]

Display DRNI troubleshooting information.

display drni troubleshooting [ dr | ipp | keepalive ] [ history ] [ count ]

Clear DRCPDU statistics.

reset drni drcp statistics [ interface interface-list ]

Clear DRNI troubleshooting records.

reset drni troubleshooting history

 

DRNI configuration examples

Example: Configuring basic DRNI functions

Network configuration

As shown in Figure 11, configure DRNI on Device A and Device B to establish a multichassis aggregate link with Device C.

Figure 11 Network diagram

Procedure

 

1.     Configure Device A:

# Configure DR system settings.

<DeviceA> system-view

[DeviceA] drni system-mac 1-1-1

[DeviceA] drni system-number 1

[DeviceA] drni system-priority 123

# Configure DR keepalive packet parameters.

[DeviceA] drni keepalive ip destination 1.1.1.1 source 1.1.1.2

# Set the link mode of Ten-GigabitEthernet 1/0/5 to Layer 3, and assign the interface an IP address. The IP address will be used as the source IP address of keepalive packets.

[DeviceA] interface ten-gigabitethernet 1/0/5

[DeviceA-Ten-GigabitEthernet1/0/5] port link-mode route

[DeviceA-Ten-GigabitEthernet1/0/5] ip address 1.1.1.2 24

[DeviceA-Ten-GigabitEthernet1/0/5] quit

# Exclude the interface used for DR keepalive detection (Ten-GigabitEthernet 1/0/5) from the shutdown action by DRNI MAD.

[DeviceA] drni mad exclude interface ten-gigabitethernet 1/0/5

# Disable the static source check feature.

[DeviceA] undo mac-address static source-check enable

# Create Layer 2 dynamic aggregate interface Bridge-Aggregation 3.

[DeviceA] interface bridge-aggregation 3

[DeviceA-Bridge-Aggregation3] link-aggregation mode dynamic

[DeviceA-Bridge-Aggregation3] quit

# Assign Ten-GigabitEthernet 1/0/1 and Ten-GigabitEthernet 1/0/2 to aggregation group 3.

[DeviceA] interface ten-gigabitethernet 1/0/1

[DeviceA-Ten-GigabitEthernet1/0/1] port link-aggregation group 3

[DeviceA-Ten-GigabitEthernet1/0/1] quit

[DeviceA] interface ten-gigabitethernet 1/0/2

[DeviceA-Ten-GigabitEthernet1/0/2] port link-aggregation group 3

[DeviceA-Ten-GigabitEthernet1/0/2] quit

# Specify Bridge-Aggregation 3 as the IPP.

[DeviceA] interface bridge-aggregation 3

[DeviceA-Bridge-Aggregation3] port drni intra-portal-port 1

[DeviceA-Bridge-Aggregation3] quit

# Create Layer 2 dynamic aggregate interface Bridge-Aggregation 4.

[DeviceA] interface bridge-aggregation 4

[DeviceA-Bridge-Aggregation4] link-aggregation mode dynamic

[DeviceA-Bridge-Aggregation4] quit

# Assign Ten-GigabitEthernet 1/0/3 and Ten-GigabitEthernet 1/0/4 to aggregation group 4.

[DeviceA] interface ten-gigabitethernet 1/0/3

[DeviceA-Ten-GigabitEthernet1/0/3] port link-aggregation group 4

[DeviceA-Ten-GigabitEthernet1/0/3] quit

[DeviceA] interface ten-gigabitethernet 1/0/4

[DeviceA-Ten-GigabitEthernet1/0/4] port link-aggregation group 4

[DeviceA-Ten-GigabitEthernet1/0/4] quit

# Assign Bridge-Aggregation 4 to DR group 4.

[DeviceA] interface bridge-aggregation 4

[DeviceA-Bridge-Aggregation4] port drni group 4

[DeviceA-Bridge-Aggregation4] quit

2.     Configure Device B:

# Configure DR system settings.

<DeviceB> system-view

[DeviceB] drni system-mac 1-1-1

[DeviceB] drni system-number 2

[DeviceB] drni system-priority 123

# Configure DR keepalive packet parameters.

[DeviceB] drni keepalive ip destination 1.1.1.2 source 1.1.1.1

# Set the link mode of Ten-GigabitEthernet 1/0/5 to Layer 3, and assign the interface an IP address. The IP address will be used as the source IP address of keepalive packets.

[DeviceB] interface ten-gigabitethernet 1/0/5

[DeviceB-Ten-GigabitEthernet1/0/5] port link-mode route

[DeviceB-Ten-GigabitEthernet1/0/5] ip address 1.1.1.1 24

[DeviceB-Ten-GigabitEthernet1/0/5] quit

# Exclude the interface used for DR keepalive detection (Ten-GigabitEthernet 1/0/5) from the shutdown action by DRNI MAD.

[DeviceB] drni mad exclude interface ten-gigabitethernet 1/0/5

# Create Layer 2 dynamic aggregate interface Bridge-Aggregation 3.

[DeviceB] interface bridge-aggregation 3

[DeviceB-Bridge-Aggregation3] link-aggregation mode dynamic

[DeviceB-Bridge-Aggregation3] quit

# Assign Ten-GigabitEthernet 1/0/1 and Ten-GigabitEthernet 1/0/2 to aggregation group 3.

[DeviceB] interface ten-gigabitethernet 1/0/1

[DeviceB-Ten-GigabitEthernet1/0/1] port link-aggregation group 3

[DeviceB-Ten-GigabitEthernet1/0/1] quit

[DeviceB] interface ten-gigabitethernet 1/0/2

[DeviceB-Ten-GigabitEthernet1/0/2] port link-aggregation group 3

[DeviceB-Ten-GigabitEthernet1/0/2] quit

# Specify Bridge-Aggregation 3 as the IPP.

[DeviceB] interface bridge-aggregation 3

[DeviceB-Bridge-Aggregation3] port drni intra-portal-port 1

[DeviceB-Bridge-Aggregation3] quit

# Create Layer 2 dynamic aggregate interface Bridge-Aggregation 4.

[DeviceB] interface bridge-aggregation 4

[DeviceB-Bridge-Aggregation4] link-aggregation mode dynamic

[DeviceB-Bridge-Aggregation4] quit

# Assign Ten-GigabitEthernet 1/0/3 and Ten-GigabitEthernet 1/0/4 to aggregation group 4.

[DeviceB] interface ten-gigabitethernet 1/0/3

[DeviceB-Ten-GigabitEthernet1/0/3] port link-aggregation group 4

[DeviceB-Ten-GigabitEthernet1/0/3] quit

[DeviceB] interface ten-gigabitethernet 1/0/4

[DeviceB-Ten-GigabitEthernet1/0/4] port link-aggregation group 4

[DeviceB-Ten-GigabitEthernet1/0/4] quit

# Assign Bridge-Aggregation 4 to DR group 4.

[DeviceB] interface bridge-aggregation 4

[DeviceB-Bridge-Aggregation4] port drni group 4

[DeviceB-Bridge-Aggregation4] quit

3.     Configure Device C:

# Create Layer 2 dynamic aggregate interface Bridge-Aggregation 4.

<DeviceC> system-view

[DeviceC] interface bridge-aggregation 4

[DeviceC-Bridge-Aggregation4] link-aggregation mode dynamic

[DeviceC-Bridge-Aggregation4] quit

# Assign Ten-GigabitEthernet 1/0/1 through Ten-GigabitEthernet 1/0/4 to aggregation group 4.

[DeviceC] interface range ten-gigabitethernet 1/0/1 to ten-gigabitethernet 1/0/4

[DeviceC-if-range] port link-aggregation group 4

[DeviceC-if-range] quit

Verifying the configuration

# Verify that the keepalive link is working correctly on Device A.

[DeviceA] display drni keepalive

Neighbor keepalive link status (cause): Up

Neighbor is alive for: 104 s, 16 ms

Keepalive packet transmission status:

  Sent: Successful

  Received: Successful

Last received keepalive packet information:

  Source IP address: 1.1.1.1

  Time: 2019/09/11 09:21:51

  Action: Accept

 

Distributed relay keepalive parameters:

Destination IP address: 1.1.1.1

Source IP address: 1.1.1.2

Keepalive UDP port : 6400

Keepalive VPN name : N/A

Keepalive interval : 1000 ms

Keepalive timeout  : 5 sec

Keepalive hold time: 3 sec

# Verify that the IPP and the DR interface are working correctly on Device A.

[DeviceA] display drni summary

Flags: A -- Aggregate interface down, B -- No peer DR interface configured

       C -- Configuration consistency check failed

 

IPP: BAGG3

IPP state (cause): UP

Keepalive link state (cause): UP

 

                     DR interface information

DR interface  DR group  Local state (cause)  Peer state  Remaining down time (s)

BAGG4         4         UP                   UP          -

[DeviceA] display drni verbose

Flags: A -- Home_Gateway, B -- Neighbor_Gateway, C -- Other_Gateway,

       D -- IPP_Activity, E -- DRCP_Timeout, F -- Gateway_Sync,

       G -- Port_Sync, H -- Expired

IPP/IPP ID: BAGG3/1

State: UP

Cause: -

Local DRCP flags/Peer DRCP flags: ABDFG/ABDFG

Local Selected ports (index): XGE1/0/1 (260), XGE1/0/2 (261)

Peer Selected ports indexes: 260, 261

 

DR interface/DR group ID: BAGG4/4

Local DR interface state: UP

Peer DR interface state: UP

DR group state: UP

Local DR interface down cause: -

Remaining DRNI DOWN time: -

Local DR interface LACP MAC: Config=0001-0001-0001, Effective=0001-0001-0001

Peer DR interface LACP MAC: Config=0001-0001-0001, Effective=0001-0001-0001

Local DR interface LACP priority: Config=123, Effective=123

Peer DR interface LACP priority: Config=123, Effective=123

Local DRCP flags/Peer DRCP flags: ABDFG/ABDFG

Local Selected ports (index): XGE1/0/3 (258), XGE1/0/4 (259)

Peer Selected ports indexes: 258, 259

# Verify that all member ports of aggregation group 4 are in Selected state on Device C, which indicates a successful link aggregation between the DR system and Device C.

[DeviceC] display link-aggregation verbose bridge-aggregation 4

Loadsharing Type: Shar -- Loadsharing, NonS -- Non-Loadsharing

Port Status: S -- Selected, U -- Unselected, I -- Individual

Port: A -- Auto port, M -- Management port, R -- Reference port

Flags:  A -- LACP_Activity, B -- LACP_Timeout, C -- Aggregation,

        D -- Synchronization, E -- Collecting, F -- Distributing,

        G -- Defaulted, H -- Expired

Aggregate Interface: Bridge-Aggregation4

Creation Mode: Manual

Aggregation Mode: Dynamic

Loadsharing Type: Shar

Management VLANs: None

System ID: 0x8000, 2e56-cbae-0600

Local:

  Port                Status   Priority Index    Oper-Key               Flag

  XGE1/0/1(R)          S        32768    1        1                      {ACDEF}

  XGE1/0/2             S        32768    2        1                      {ACDEF}

  XGE1/0/3             S        32768    3        1                      {ACDEF}

  XGE1/0/4             S        32768    4        1                      {ACDEF}

Remote:

  Actor               Priority Index    Oper-Key SystemID               Flag

  XGE1/0/1             32768    16387    40004    0x7b  , 0001-0001-0001 {ACDEF}

  XGE1/0/2             32768    16388    40004    0x7b  , 0001-0001-0001 {ACDEF}

  XGE1/0/3             32768    32771    40004    0x7b  , 0001-0001-0001 {ACDEF}

  XGE1/0/4             32768    32772    40004    0x7b  , 0001-0001-0001 {ACDEF}

Example: Configuring Layer 3 gateways on a DR system

Network configuration

As shown in Figure 12:

·     Configure Device A and Device B as a DR system to establish one multichassis aggregate link with Device C and one with Device D.

·     Set up a keepalive link between Ten-GigabitEthernet 1/0/5 of Device A and Ten-GigabitEthernet 1/0/5 of Device B, and exclude the interfaces from the shutdown action by DRNI MAD.

·     Configure two VRRP groups on Device A and Device B to provide gateway services for VLAN 100 and VLAN 200. Configure Device A as the master of the VRRP groups.

Figure 12 Network diagram

Procedure

 

1.     Configure Device A:

# Configure DR system settings.

<DeviceA> system-view

[DeviceA] drni system-mac 1-1-1

[DeviceA] drni system-number 1

[DeviceA] drni system-priority 123

# Configure DR keepalive parameters.

[DeviceA] drni keepalive ip destination 1.1.1.2 source 1.1.1.1

# Set the link mode of Ten-GigabitEthernet 1/0/5 to Layer 3, and assign the interface an IP address. The IP address will be used as the source IP address of keepalive packets.

[DeviceA] interface ten-gigabitethernet 1/0/5

[DeviceA-Ten-GigabitEthernet1/0/5] port link-mode route

[DeviceA-Ten-GigabitEthernet1/0/5] ip address 1.1.1.1 24

[DeviceA-Ten-GigabitEthernet1/0/5] quit

# Exclude the interface used for DR keepalive detection (Ten-GigabitEthernet 1/0/5) from the shutdown action by DRNI MAD.

[DeviceA] drni mad exclude interface ten-gigabitethernet 1/0/5

# Disable the static source check feature.

[DeviceA] undo mac-address static source-check enable

# Create Layer 2 dynamic aggregate interface Bridge-Aggregation 125, and specify it as the IPP.

[DeviceA] interface bridge-aggregation 125

[DeviceA-Bridge-Aggregation125] link-aggregation mode dynamic

[DeviceA-Bridge-Aggregation125] port drni intra-portal-port 1

[DeviceA-Bridge-Aggregation125] quit

# Assign Ten-GigabitEthernet 1/0/3 and Ten-GigabitEthernet 1/0/4 to aggregation group 125.

[DeviceA] interface ten-gigabitethernet 1/0/3

[DeviceA-Ten-GigabitEthernet1/0/3] port link-aggregation group 125

[DeviceA-Ten-GigabitEthernet1/0/3] quit

[DeviceA] interface Ten-GigabitEthernet 1/0/4

[DeviceA-Ten-GigabitEthernet1/0/4] port link-aggregation group 125

[DeviceA-Ten-GigabitEthernet1/0/4] quit

# Create Layer 2 dynamic aggregate interface Bridge-Aggregation 100, and assign it to DR group 1.

[DeviceA] interface bridge-aggregation 100

[DeviceA-Bridge-Aggregation100] link-aggregation mode dynamic

[DeviceA-Bridge-Aggregation100] port drni group 1

[DeviceA-Bridge-Aggregation100] quit

# Assign Ten-GigabitEthernet 1/0/1 to aggregation group 100.

[DeviceA] interface ten-gigabitethernet 1/0/1

[DeviceA-Ten-GigabitEthernet1/0/1] port link-aggregation group 100

[DeviceA-Ten-GigabitEthernet1/0/1] quit

# Create Layer 2 dynamic aggregate interface Bridge-Aggregation 101, and assign it to DR group 2.

[DeviceA] interface bridge-aggregation 101

[DeviceA-Bridge-Aggregation101] link-aggregation mode dynamic

[DeviceA-Bridge-Aggregation101] port drni group 2

[DeviceA-Bridge-Aggregation101] quit

# Assign Ten-GigabitEthernet 1/0/2 to aggregation group 101.

[DeviceA] interface ten-gigabitethernet 1/0/2

[DeviceA-Ten-GigabitEthernet1/0/2] port link-aggregation group 101

[DeviceA-Ten-GigabitEthernet1/0/2] quit

# Create VLAN 100 and VLAN 101.

[DeviceA] vlan 100

[DeviceA-vlan100] quit

[DeviceA] vlan 101

[DeviceA-vlan101] quit

# Set the link type of Bridge-Aggregation 100 to trunk, and assign it to VLAN 100.

[DeviceA] interface bridge-aggregation 100

[DeviceA-Bridge-Aggregation100] port link-type trunk

[DeviceA-Bridge-Aggregation100] port trunk permit vlan 100

[DeviceA-Bridge-Aggregation100] quit

# Set the link type of Bridge-Aggregation 101 to trunk, and assign it to VLAN 101.

[DeviceA] interface bridge-aggregation 101

[DeviceA-Bridge-Aggregation101] port link-type trunk

[DeviceA-Bridge-Aggregation101] port trunk permit vlan 101

[DeviceA-Bridge-Aggregation101] quit

# Set the link type of Bridge-Aggregation 125 to trunk, and assign it to VLAN 100 and VLAN 101.

[DeviceA] interface bridge-aggregation 125

[DeviceA-Bridge-Aggregation125] port link-type trunk

[DeviceA-Bridge-Aggregation125] port trunk permit vlan 100 101

[DeviceA-Bridge-Aggregation125] quit

# Create VLAN-interface 100 and VLAN-interface 101, and assign IP addresses to them.

[DeviceA] interface vlan-interface 100

[DeviceA-vlan-interface100] ip address 10.1.1.1 24

[DeviceA-vlan-interface100] quit

[DeviceA] interface vlan-interface 101

[DeviceA-vlan-interface101] ip address 20.1.1.1 24

[DeviceA-vlan-interface101] quit

# Exclude VLAN-interface 100 and VLAN-interface 101 from the shutdown action by DRNI MAD.

[DeviceA] drni mad exclude interface vlan-interface 100

[DeviceA] drni mad exclude interface vlan-interface 101

# Configure OSPF.

[DeviceA] ospf

[DeviceA-ospf-1] import-route direct

[DeviceA-ospf-1] area 0

[DeviceA-ospf-1-area-0.0.0.0] network 10.1.1.0 0.0.0.255

[DeviceA-ospf-1-area-0.0.0.0] network 20.1.1.0 0.0.0.255

[DeviceA-ospf-1-area-0.0.0.0] quit

[DeviceA-ospf-1] quit

# Create VRRP group 1 on VLAN-interface 100 and set its virtual IP address to 10.1.1.100.

[DeviceA] interface vlan-interface 100

[DeviceA-Vlan-interface100] vrrp vrid 1 virtual-ip 10.1.1.100

# Set the priority of Device A (primary DR member device) to 200 for it to become the master in VRRP group 1.

[DeviceA-Vlan-interface100] vrrp vrid 1 priority 200

[DeviceA-Vlan-interface100] quit

# Create VRRP group 2 on VLAN-interface 101 and set its virtual IP address to 20.1.1.100.

[DeviceA] interface vlan-interface 101

[DeviceA-Vlan-interface101] vrrp vrid 2 virtual-ip 20.1.1.100

# Set the priority of Device A (primary DR member device) to 200 for it to become the master in VRRP group 2.

[DeviceA-Vlan-interface101] vrrp vrid 2 priority 200

[DeviceA-Vlan-interface101] quit

2.     Configure Device B:

# Configure DR system settings.

<DeviceB> system-view

[DeviceB] drni system-mac 1-1-1

[DeviceB] drni system-number 2

[DeviceB] drni system-priority 123

# Configure DR keepalive parameters.

[DeviceB] drni keepalive ip destination 1.1.1.1 source 1.1.1.2

# Set the link mode of Ten-GigabitEthernet 1/0/5 to Layer 3, and assign the interface an IP address. The IP address will be used as the source IP address of keepalive packets.

[DeviceB] interface ten-gigabitethernet 1/0/5

[DeviceB-Ten-GigabitEthernet1/0/5] port link-mode route

[DeviceB-Ten-GigabitEthernet1/0/5] ip address 1.1.1.2 24

[DeviceB-Ten-GigabitEthernet1/0/5] quit

# Exclude the interface used for DR keepalive detection (Ten-GigabitEthernet 1/0/5) from the shutdown action by DRNI MAD.

[DeviceB] drni mad exclude interface ten-gigabitethernet 1/0/5

# Create Layer 2 dynamic aggregate interface Bridge-Aggregation 125, and specify it as the IPP.

[DeviceB] interface bridge-aggregation 125

[DeviceB-Bridge-Aggregation125] link-aggregation mode dynamic

[DeviceB-Bridge-Aggregation125] port drni intra-portal-port 1

[DeviceB-Bridge-Aggregation125] quit

# Assign Ten-GigabitEthernet 1/0/3 and Ten-GigabitEthernet 1/0/4 to aggregation group 125.

[DeviceB] interface ten-gigabitethernet 1/0/3

[DeviceB-Ten-GigabitEthernet1/0/3] port link-aggregation group 125

[DeviceB-Ten-GigabitEthernet1/0/3] quit

[DeviceB] interface ten-gigabitethernet 1/0/4

[DeviceB-Ten-GigabitEthernet1/0/4] port link-aggregation group 125

[DeviceB-Ten-GigabitEthernet1/0/4] quit

# Create Layer 2 dynamic aggregate interface Bridge-Aggregation 100, and assign it to DR group 1.

[DeviceB] interface bridge-aggregation 100

[DeviceB-Bridge-Aggregation100] link-aggregation mode dynamic

[DeviceB-Bridge-Aggregation100] port drni group 1

[DeviceB-Bridge-Aggregation100] quit

# Assign Ten-GigabitEthernet 1/0/1 to aggregation group 100.

[DeviceB] interface ten-gigabitethernet 1/0/1

[DeviceB-Ten-GigabitEthernet1/0/1] port link-aggregation group 100

[DeviceB-Ten-GigabitEthernet1/0/1] quit

# Create Layer 2 dynamic aggregate interface Bridge-Aggregation 101, and assign it to DR group 2.

[DeviceB] interface bridge-aggregation 101

[DeviceB-Bridge-Aggregation101] link-aggregation mode dynamic

[DeviceB-Bridge-Aggregation101] port drni group 2

[DeviceB-Bridge-Aggregation101] quit

# Assign Ten-GigabitEthernet 1/0/2 to aggregation group 101.

[DeviceB] interface ten-gigabitethernet 1/0/2

[DeviceB-Ten-GigabitEthernet1/0/2] port link-aggregation group 101

[DeviceB-Ten-GigabitEthernet1/0/2] quit

# Create VLAN 100 and VLAN 101.

[DeviceB] vlan 100

[DeviceB-vlan100] quit

[DeviceB] vlan 101

[DeviceB-vlan101] quit

# Set the link type of Bridge-Aggregation 100 to trunk, and assign it to VLAN 100.

[DeviceB] interface bridge-aggregation 100

[DeviceB-Bridge-Aggregation100] port link-type trunk

[DeviceB-Bridge-Aggregation100] port trunk permit vlan 100

[DeviceB-Bridge-Aggregation100] quit

# Set the link type of Bridge-Aggregation 101 to trunk, and assign it to VLAN 101.

[DeviceB] interface bridge-aggregation 101

[DeviceB-Bridge-Aggregation101] port link-type trunk

[DeviceB-Bridge-Aggregation101] port trunk permit vlan 101

[DeviceB-Bridge-Aggregation101] quit

# Set the link type of Bridge-Aggregation 125 to trunk, and assign it to VLAN 100 and VLAN 101.

[DeviceB] interface bridge-aggregation 125

[DeviceB-Bridge-Aggregation125] port link-type trunk

[DeviceB-Bridge-Aggregation125] port trunk permit vlan 100 101

[DeviceB-Bridge-Aggregation125] quit

# Create VLAN-interface 100 and VLAN-interface 101, and assign IP addresses to them.

[DeviceB] interface vlan-interface 100

[DeviceB-vlan-interface100] ip address 10.1.1.2 24

[DeviceB-vlan-interface100] quit

[DeviceB] interface vlan-interface 101

[DeviceB-vlan-interface101] ip address 20.1.1.2 24

[DeviceB-vlan-interface101] quit

# Exclude VLAN-interface 100 and VLAN-interface 101 from the shutdown action by DRNI MAD.

[DeviceB] drni mad exclude interface vlan-interface 100

[DeviceB] drni mad exclude interface vlan-interface 101

# Configure OSPF.

[DeviceB] ospf

[DeviceB-ospf-1] import-route direct

[DeviceB-ospf-1] area 0

[DeviceB-ospf-1-area-0.0.0.0] network 10.1.1.0 0.0.0.255

[DeviceB-ospf-1-area-0.0.0.0] network 20.1.1.0 0.0.0.255

[DeviceB-ospf-1-area-0.0.0.0] quit

[DeviceB-ospf-1] quit

# Create VRRP group 1 on VLAN-interface 100 and set its virtual IP address to 10.1.1.100.

[DeviceB] interface vlan-interface 100

[DeviceB-Vlan-interface100] vrrp vrid 1 virtual-ip 10.1.1.100

[DeviceB-Vlan-interface100] quit

# Create VRRP group 2 on VLAN-interface 101 and set its virtual IP address to 20.1.1.100.

[DeviceB] interface vlan-interface 101

[DeviceB-Vlan-interface101] vrrp vrid 2 virtual-ip 20.1.1.100

[DeviceB-Vlan-interface101] quit

3.     Configure Device C:

# Create Layer 2 dynamic aggregate interface Bridge-Aggregation 100.

<DeviceC> system-view

[DeviceC] interface bridge-aggregation 100

[DeviceC-Bridge-Aggregation100] link-aggregation mode dynamic

[DeviceC-Bridge-Aggregation100] quit

# Assign Ten-GigabitEthernet 1/0/1 and Ten-GigabitEthernet 1/0/2 to aggregation group 100.

[DeviceC] interface range ten-gigabitethernet 1/0/1 to ten-gigabitethernet 1/0/2

[DeviceC-if-range] port link-aggregation group 100

[DeviceC-if-range] quit

# Create VLAN 100.

[DeviceC] vlan 100

[DeviceC-vlan100] quit

# Set the link type of Bridge-Aggregation 100 to trunk, and assign it to VLAN 100.

[DeviceC] interface bridge-aggregation 100

[DeviceC-Bridge-Aggregation100] port link-type trunk

[DeviceC-Bridge-Aggregation100] port trunk permit vlan 100

[DeviceC-Bridge-Aggregation100] quit

# Set the link type of Ten-GigabitEthernet 1/0/3 to trunk, and assign it to VLAN 100.

[DeviceC] interface ten-gigabitethernet 1/0/3

[DeviceC-Ten-GigabitEthernet1/0/3] port link-type trunk

[DeviceC-Ten-GigabitEthernet1/0/3] port trunk permit vlan 100

[DeviceC-Ten-GigabitEthernet1/0/3] quit

# Create VLAN-interface 100, and assign it an IP address.

[DeviceC] interface vlan-interface 100

[DeviceC-vlan-interface100] ip address 10.1.1.3 24

[DeviceC-vlan-interface100] quit

# Configure OSPF.

[DeviceC] ospf

[DeviceC-ospf-1] import-route direct

[DeviceC-ospf-1] area 0

[DeviceC-ospf-1-area-0.0.0.0] network 10.1.1.0 0.0.0.255

[DeviceC-ospf-1-area-0.0.0.0] quit

[DeviceC-ospf-1] quit

4.     Configure Device D:

# Create Layer 2 dynamic aggregate interface Bridge-Aggregation 101.

<DeviceD> system-view

[DeviceD] interface bridge-aggregation 101

[DeviceD-Bridge-Aggregation101] link-aggregation mode dynamic

[DeviceD-Bridge-Aggregation101] quit

# Assign Ten-GigabitEthernet 1/0/1 and Ten-GigabitEthernet 1/0/2 to aggregation group 101.

[DeviceD] interface range ten-gigabitethernet 1/0/1 to ten-gigabitethernet 1/0/2

[DeviceD-if-range] port link-aggregation group 101

[DeviceD-if-range] quit

# Create VLAN 101.

[DeviceD] vlan 101

[DeviceD-vlan101] quit

# Set the link type of Bridge-Aggregation 101 to trunk, and assign it to VLAN 101.

[DeviceD] interface bridge-aggregation 101

[DeviceD-Bridge-Aggregation101] port link-type trunk

[DeviceD-Bridge-Aggregation101] port trunk permit vlan 101

[DeviceD-Bridge-Aggregation101] quit

# Set the link type of Ten-GigabitEthernet 1/0/3 to trunk, and assign it to VLAN 101.

[DeviceD] interface ten-gigabitethernet 1/0/3

[DeviceD-Ten-GigabitEthernet1/0/3] port link-type trunk

[DeviceD-Ten-GigabitEthernet1/0/3] port trunk permit vlan 101

[DeviceD-Ten-GigabitEthernet1/0/3] quit

# Create VLAN-interface 101, and assign it an IP address.

[DeviceD] interface vlan-interface 101

[DeviceD-vlan-interface101] ip address 20.1.1.3 24

[DeviceD-vlan-interface101] quit

# Configure OSPF.

[DeviceD] ospf

[DeviceD-ospf-1] import-route direct

[DeviceD-ospf-1] area 0

[DeviceD-ospf-1-area-0.0.0.0] network 20.1.1.0 0.0.0.255

[DeviceD-ospf-1-area-0.0.0.0] quit

[DeviceD-ospf-1] quit

Verifying the configuration

# Verify that Device C has established OSPF neighbor relationships with Device A and Device B.

[DeviceC] display ospf peer

 

         OSPF Process 1 with Router ID 10.1.1.3

               Neighbor Brief Information

 

 Area: 0.0.0.0

 Router ID       Address         Pri Dead-Time  State             Interface

 20.1.1.1        10.1.1.1        1   37         Full/DR           Vlan100

 20.1.1.2        10.1.1.2        1   32         Full/BDR          Vlan100

# Verify that Device D has established OSPF neighbor relationships with Device A and Device B.

[DeviceD] display ospf peer

 

         OSPF Process 1 with Router ID 20.1.1.3

               Neighbor Brief Information

 

 Area: 0.0.0.0

 Router ID       Address         Pri Dead-Time  State             Interface

 20.1.1.1        20.1.1.1        1   38         Full/DR           Vlan101

 20.1.1.2        20.1.1.2        1   37         Full/BDR          Vlan101

# Verify that Host A and Host B can ping each other. (Details not shown.)