Login
- Table of Contents
- Related Documents
-
| Title | Size | Download |
|---|---|---|
| 01-IRF configuration | 426.21 KB |
Contents
File system naming conventions
Multi-active handling procedure
Restrictions: Hardware compatibility with IRF
Restrictions and guidelines: IRF configuration
Support for Web-based configuration
Hardware compatibility with IRF
Candidate IRF physical interfaces
Transceiver modules and cables selection for IRF
IRF physical interface configuration restrictions and guidelines
Feature compatibility and configuration restrictions with IRF
Licensing requirements for IRF
Configuration rollback restrictions
Assigning a member ID to each IRF member device
Specifying a priority for each member device
Binding physical interfaces to IRF ports
Bulk-configuring basic IRF settings for a member device
Connecting IRF physical interfaces
Restrictions and guidelines for MAD configuration
Excluding interfaces from the shutdown action upon detection of multi-active collision
Optimizing IRF settings for an IRF fabric
Configuring a member device description
Configuring IRF link load sharing mode
Configuring the IRF bridge MAC address
Enabling software auto-update for software image synchronization
Removing an expansion interface card that has IRF physical interfaces
Replacing an expansion interface card that has IRF physical interfaces
Display and maintenance commands for IRF
Configuring an IRF fabric
About IRF
The Intelligent Resilient Framework (IRF) technology virtualizes multiple physical devices at the same layer into one virtual fabric to provide data center class availability and scalability. IRF virtualization technology offers processing power, interaction, unified management, and uninterrupted maintenance of multiple devices.
IRF network model
Figure 1 shows an IRF fabric that has two devices, which appear as a single node to the upper-layer and lower-layer devices.
Figure 1 IRF application scenario
IRF benefits
IRF provides the following benefits:
· Simplified topology and easy management—An IRF fabric appears as one node and is accessible at a single IP address on the network. You can use this IP address to log in at any member device to manage all the members of the IRF fabric. In addition, you do not need to run the spanning tree feature among the IRF members.
· 1:N redundancy—In an IRF fabric, one member acts as the master to manage and control the entire IRF fabric. All the other members process services while backing up the master. When the master fails, all the other member devices elect a new master from among them to take over without interrupting services.
· IRF link aggregation—You can assign several physical links between neighboring members to their IRF ports to create a load-balanced aggregate IRF connection with redundancy.
· Multichassis link aggregation—You can use the Ethernet link aggregation feature to aggregate the physical links between the IRF fabric and its upstream or downstream devices across the IRF members.
· Network scalability and resiliency—Processing capacity of an IRF fabric equals the total processing capacities of all the members. You can increase ports, network bandwidth, and processing capacity of an IRF fabric simply by adding member devices without changing the network topology.
Basic concepts
IRF member roles
IRF uses two member roles: master and standby (called subordinate throughout the documentation).
When devices form an IRF fabric, they elect a master to manage and control the IRF fabric, and all the other devices back up the master. When the master device fails, the other devices automatically elect a new master. For more information about master election, see "Master election."
IRF member ID
An IRF fabric uses member IDs to uniquely identify and manage its members. This member ID information is included as the first part of interface numbers and file paths to uniquely identify interfaces and files in an IRF fabric. Two devices cannot form an IRF fabric if they use the same member ID. A device cannot join an IRF fabric if its member ID has been used in the fabric.
Member priority
Member priority determines the possibility of a member device to be elected the master. A member with higher priority is more likely to be elected the master.
IRF port
An IRF port is a logical interface that connects IRF member devices. Every IRF-capable device has two IRF ports.
The IRF ports are named IRF-port n/1 and IRF-port n/2, where n is the member ID of the device. The two IRF ports are referred to as IRF-port 1 and IRF-port 2.
To use an IRF port, you must bind a minimum of one physical interface to it. The physical interfaces assigned to an IRF port automatically form an aggregate IRF link. An IRF port goes down when all its IRF physical interfaces are down.
IRF physical interface
IRF physical interfaces connect IRF member devices and must be bound to an IRF port. They forward traffic between member devices, including IRF protocol packets and data packets that must travel across IRF member devices.
IRF split
IRF split occurs when an IRF fabric breaks up into multiple IRF fabrics because of IRF link failures, as shown in Figure 2. The split IRF fabrics operate with the same IP address. IRF split causes routing and forwarding problems on the network. To quickly detect a multi-active collision, configure a minimum of one MAD mechanism (see "Configuring MAD").
IRF merge
IRF merge occurs when two split IRF fabrics reunite or when two independent IRF fabrics are united, as shown in Figure 3.
MAD
An IRF link failure causes an IRF fabric to split in two IRF fabrics operating with the same Layer 3 settings, including the same IP address. To avoid IP address collision and network problems, IRF uses multi-active detection (MAD) mechanisms to detect the presence of multiple identical IRF fabrics, handle collisions, and recover from faults.
IRF domain ID
One IRF fabric forms one IRF domain. IRF uses IRF domain IDs to uniquely identify IRF fabrics and prevent IRF fabrics from interfering with one another.
As shown in Figure 4, IRF fabric 1 contains Device A and Device B, and IRF fabric 2 contains Device C and Device D. Both fabrics use the LACP aggregate links between them for MAD. When a member device receives an extended LACPDU for MAD, it checks the domain ID to determine whether the packet is from the local IRF fabric. Then, the member device can handle the packet correctly.
Figure 4 A network that contains two IRF domains
IRF network topology
An IRF fabric can use a daisy-chain topology, as shown in Figure 5.
|
|
IMPORTANT: No relay devices are allowed between IRF member devices. |
Master election
Master election occurs each time the IRF fabric topology changes in the following situations:
· The IRF fabric is established.
· The master device fails or is removed.
· The IRF fabric splits.
· Independent IRF fabrics merge.
|
|
NOTE: Master election does not occur when split IRF fabrics merge. For information about the master device of the merged IRF fabric, see "Failure recovery." |
Master election selects a master in descending order:
1. Current master, even if a new member has higher priority.
When an IRF fabric is being formed, all members consider themselves as the master. This rule is skipped.
2. Member with higher priority.
3. Member with the longest system uptime.
Two members are considered to start up at the same time if the difference between their startup times is equal to or less than 10 minutes. For these members, the next tiebreaker applies.
4. Member with the lowest CPU MAC address.
For the setup of a new IRF fabric, the subordinate devices must reboot to complete the setup after the master election.
For an IRF merge, devices must reboot if they are in the IRF fabric that fails the master election.
Interface naming conventions
A physical interface is numbered in the chassis-number/slot-number/interface-index format.
· chassis-number—Member ID of the device. The default value for this argument is 1. Any change to the member ID takes effect after a reboot.
· slot-number—Slot number of the interface.
· interface-index—Interface index on the device. Interface index depends on the number of physical interfaces available on the device. To identify the index of a physical interface, examine its index mark on the chassis.
For example, GigabitEthernet 2/0/1 represents the first fixed physical interface on member device 2. Set its link type to trunk, as follows:
<Sysname> system-view
[Sysname] interface gigabitethernet 2/0/1
[Sysname-GigabitEthernet2/0/1] port link-type trunk
File system naming conventions
On a single-chassis fabric, you can use its storage device name to access its file system.
On a multichassis IRF fabric, you can use the storage device name to access the file system of the master. To access the file system of any other member device, use the name in the slotmember-ID#storage-device-name format.
For more information about storage device naming conventions, see Fundamentals Configuration Guide.
For example:
· To create and access the test folder under the root directory of the flash memory on the master switch:
<Master> mkdir test
Creating directory flash:/test... Done.
<Master> cd test
<Master> dir
Directory of flash:/test
The directory is empty.
524288 KB total (29832 KB free)
· To create and access the test folder under the root directory of the flash memory on member device 2:
<Master> mkdir slot2#flash:/test
Creating directory slot2#flash:/test... Done.
<Master> cd slot2#flash:/test
<Master> dir
Directory of slot2#flash:/test
The directory is empty.
524288 KB total (128812 KB free)
Configuration synchronization
IRF uses a strict running-configuration synchronization mechanism. In an IRF fabric, all devices obtain and run the running configuration of the master. Configuration changes are automatically propagated from the master to the remaining devices. The configuration files of these devices are retained, but the files do not take effect. The devices use their own startup configuration files only after they are removed from the IRF fabric.
As a best practice, back up the next-startup configuration file on a device before adding the device to an IRF fabric as a subordinate.
A subordinate device's next-startup configuration file might be overwritten if the master and the subordinate use the same file name for their next-startup configuration files. You can use the backup file to restore the original configuration after removing the subordinate from the IRF fabric.
For more information about configuration management, see Fundamentals Configuration Guide.
Multi-active handling procedure
The multi-active handling procedure includes detection, collision handling, and failure recovery.
Detection
IRF provides MAD mechanisms by extending LACP, BFD, ARP, and IPv6 ND to detect multi-active collisions. As a best practice, configure a minimum of one MAD mechanism on an IRF fabric. For more information about the MAD mechanisms and their application scenarios, see "MAD mechanisms."
For information about LACP, see Ethernet link aggregation in Layer 2—LAN Switching Configuration Guide. For information about BFD, see Network Management and Monitoring Configuration Guide. For information about ARP, see Layer 3—IP Services Configuration Guide. For information about ND, see IPv6 basics in Layer 3—IP Services Configuration Guide.
Collision handling
When MAD detects a multi-active collision, it sets all IRF fabrics except one to the Recovery state. The fabric that is not placed in Recovery state can continue to forward traffic. The Recovery-state IRF fabrics are inactive and cannot forward traffic.
LACP MAD and BFD MAD use the following process to handle a multi-active collision:
1. Compare the number of members in each fabric.
2. Set all fabrics to the Recovery state except the one that has the most members.
3. Compare the member IDs of the masters if all IRF fabrics have the same number of members.
4. Set all fabrics to the Recovery state except the one that has the lowest numbered master.
5. Shut down all common network interfaces in the Recovery-state fabrics except for the following interfaces:
¡ Interfaces automatically excluded from being shut down by the system.
¡ Interfaces specified by using the mad exclude interface command.
ARP MAD and ND MAD use the following process to handle a multi-active collision:
1. Compare the member IDs of the masters in the IRF fabrics.
2. Set all fabrics to the Recovery state except the one that has the lowest numbered master.
3. Take the same action on the network interfaces in Recovery-state fabrics as LACP MAD and BFD MAD.
Failure recovery
To merge two split IRF fabrics, first repair the failed IRF link and remove the IRF link failure.
After the failed IRF link between two split IRF fabrics is recovered, reboot the member devices in the inactive IRF fabric. The member devices in the inactive IRF fabric join the active IRF fabric as subordinate devices. The network interfaces that have been shut down by MAD automatically restore their original state, as shown in Figure 6.
|
|
CAUTION: If you inadvertently reboot the active IRF fabric after the failed IRF link recovers, its member devices will join the inactive IRF fabric with their network interfaces being shut down by MAD. To restore the original states of the network interfaces in the merged IRF fabric, use the mad restore command. |
Figure 6 Recovering the IRF fabric
If the active IRF fabric fails before the IRF link is recovered (see Figure 7), use the mad restore command on the inactive IRF fabric to recover the inactive IRF fabric. This command brings up all network interfaces that were shut down by MAD. After the IRF link is repaired, merge the two parts into a unified IRF fabric.
Figure 7 Active IRF fabric fails before the IRF link is recovered
MAD mechanisms
IRF provides MAD mechanisms by extending LACP, BFD, ARP, and IPv6 ND.
Table 1 compares the MAD mechanisms and their application scenarios.
Table 1 Comparison of MAD mechanisms
|
MAD mechanism |
Advantages |
Disadvantages |
Application scenarios |
|
· Detection speed is fast. · Runs on existing aggregate links without requiring MAD-dedicated physical links or Layer 3 interfaces. |
Requires an intermediate device that supports extended LACP for MAD. |
Link aggregation is used between the IRF fabric and its upstream or downstream device. |
|
|
· Detection speed is fast. · Intermediate device, if used, can come from any vendor. |
Requires MAD dedicated physical links and Layer 3 interfaces, which cannot be used for transmitting user traffic. |
· No special requirements for network scenarios. · If no intermediate device is used, this mechanism is only suitable for IRF fabrics that have only two members that are geographically close to one another. |
|
|
· No intermediate device is required. · Intermediate device, if used, can come from any vendor. · Does not require MAD dedicated ports. |
· Detection speed is slower than BFD MAD and LACP MAD. · The spanning tree feature must be enabled. |
Spanning tree-enabled non-link aggregation IPv4 network scenarios. |
|
|
· No intermediate device is required. · Intermediate device, if used, can come from any vendor. · Does not require MAD dedicated ports. |
· Detection speed is slower than BFD MAD and LACP MAD. · The spanning tree feature must be enabled. |
Spanning tree-enabled non-link aggregation IPv6 network scenarios. |
LACP MAD
As shown in Figure 8, LACP MAD has the following requirements:
· Every IRF member must have a link with an intermediate device.
· All the links form a dynamic link aggregation group.
· The intermediate device must be a device that supports extended LACP for MAD.
The IRF member devices send extended LACPDUs that convey a domain ID and an active ID (the member ID of the master). The intermediate device transparently forwards the extended LACPDUs received from one member device to all the other member devices.
· If the domain IDs and active IDs sent by all the member devices are the same, the IRF fabric is integrated.
· If the extended LACPDUs convey the same domain ID but different active IDs, a split has occurred. LACP MAD handles this situation as described in "Collision handling."
BFD MAD
BFD MAD detects multi-active collisions by using BFD.
You can use common Ethernet ports for BFD MAD.
If management Ethernet ports are used, BFD MAD has the following requirements:
· An intermediate device is required and each IRF member device must have a BFD MAD link to the intermediate device.
· Each member device is assigned a MAD IP address on the master's management Ethernet port.
If common Ethernet ports are used, BFD MAD has the following requirements:
· If an intermediate device is used, each member device must have a BFD MAD link to the intermediate device. If no intermediate device is used, all member devices must have a BFD MAD link to each other. As a best practice, use an intermediate device to connect IRF member devices if the IRF fabric has more than two member devices. A full mesh of IRF members might cause broadcast loops.
· Ports on BFD MAD links are assigned to a VLAN (or Layer 3 aggregate interface) used for BFD MAD. Each member device is assigned a MAD IP address on the VLAN interface (or Layer 3 aggregate interface).
As a best practice, preferentially use management Ethernet ports for BFD MAD.
The BFD MAD links and BFD MAD VLAN (or Layer 3 aggregate interface) must be dedicated. Do not use BFD MAD links or BFD MAD VLAN (or Layer 3 aggregate interface) for any other purposes.
When you use a Layer 3 aggregate interface for BFD MAD, make sure its member ports do not exceed the maximum number of Selected ports allowed for an aggregation group. If the number of member ports exceeds the maximum number of Selected ports, some member ports cannot become Selected. BFD MAD will be unable to work correctly and its state will change to Faulty. For more information about setting the maximum number of Selected ports for an aggregation group, see Ethernet link aggregation in Layer 2—LAN Switching Configuration Guide.
|
|
NOTE: · The MAD addresses identify the member devices and must belong to the same subnet. · Of all management Ethernet ports on an IRF fabric, only the master's management Ethernet port is accessible. |
Figure 9 shows a typical BFD MAD scenario that uses an intermediate device. On the intermediate device, assign the ports on the BFD MAD links to the same VLAN.
Figure 10 shows a typical BFD MAD scenario that does not use an intermediate device.
With BFD MAD, the master attempts to establish BFD sessions with other member devices by using its MAD IP address as the source IP address.
· If the IRF fabric is integrated, only the MAD IP address of the master takes effect. The master cannot establish a BFD session with any other member. If you execute the display bfd session command, the state of the BFD sessions is Down.
· When the IRF fabric splits, the IP addresses of the masters in the split IRF fabrics take effect. The masters can establish a BFD session. If you execute the display bfd session command, the state of the BFD session between the two devices is Up.
Figure 9 BFD MAD scenario with an intermediate device
Figure 10 BFD MAD scenario without an intermediate device
ARP MAD
ARP MAD detects multi-active collisions by using extended ARP packets that convey the IRF domain ID and the active ID.
ARP MAD can work with or without an intermediate device. Make sure the following requirements are met:
· If an intermediate device is used, connect each IRF member device to the intermediate device, as shown in Figure 11. Run the spanning tree feature between the IRF fabric and the intermediate device. In this situation, data links can be used.
· If no intermediate device is used, connect each IRF member device to all other member devices. In this situation, IRF links cannot be used for ARP MAD.
Each IRF member compares the domain ID and the active ID (the member ID of the master) in incoming extended ARP packets with its domain ID and active ID.
· If the domain IDs are different, the extended ARP packet is from a different IRF fabric. The device does not continue to process the packet with the MAD mechanism.
· If the domain IDs are the same, the device compares the active IDs.
¡ If the active IDs are different, the IRF fabric has split.
¡ If the active IDs are the same, the IRF fabric is integrated.
ND MAD
ND MAD detects multi-active collisions by using NS packets to transmit the IRF domain ID and the active ID.
You can set up ND MAD links between neighbor IRF member devices or between each IRF member device and an intermediate device (see Figure 12). If an intermediate device is used, you must also run the spanning tree protocol between the IRF fabric and the intermediate device.
Each IRF member device compares the domain ID and the active ID (the member ID of the master) in incoming NS packets with its domain ID and active ID.
· If the domain IDs are different, the NS packet is from a different IRF fabric. The device does not continue to process the packet with the MAD mechanism.
· If the domain IDs are the same, the device compares the active IDs.
¡ If the active IDs are different, the IRF fabric has split.
¡ If the active IDs are the same, the IRF fabric is integrated.
Restrictions: Hardware compatibility with IRF
|
F1000 series |
Models |
IRF compatibility |
|
F1000-X-G5 series |
F1000-A-G5, F1000-C-G5, F1000-C-G5-LI, F1000-E-G5, F1000-H-G5, F1000-S-G5 |
Yes |
|
F1000-X-G3 series |
F1000-A-G3, F1000-C-G3, F1000-E-G3, F1000-S-G3 |
Yes |
|
F1000-X-G2 series |
F1000-A-G2, F1000-C-G2, F1000-E-G2, F1000-S-G2 |
Yes |
|
F1000-9X0-AI series |
F1000-9390-AI, F1000-9385-AI, F1000-9380-AI, F1000-9370-AI, F1000-9360-AI, F1000-9350-AI, F1000-9330-AI, F1000-9320-AI, F1000-990-AI, F1000-980-AI, F1000-970-AI, F1000-960-AI, F1000-950-AI, F1000-930-AI, F1000-920-AI |
Yes |
|
F1000-910-AI, F1000-905-AI |
No |
|
|
F1000-C83X0 series |
F1000-C8395, F1000-C8390, F1000-C8385, F1000-C8380, F1000-C8370, F1000-C8360, F1000-C8350, F1000-C8330 |
Yes |
|
F1000-C81X0 series |
F1000-C8180, F1000-C8170, F1000-C8160 |
Yes |
|
F1000-C8150, F1000-C8130, F1000-C8120, F1000-C8110 |
No |
|
|
F1000-7X0-HI series |
F1000-770-HI, F1000-750-HI, F1000-740-HI, F1000-730-HI |
Yes |
|
F1000-720-HI, F1000-710-HI |
No |
|
|
F1000-C-X series |
F1000-C-EI, F1000-C-HI, F1000-C-XI, F1000-E-XI |
Yes |
|
F1000-V series |
F1000-E-VG |
Yes |
|
F1000-S-VG |
No |
|
|
SecBlade IV |
LSPM6FWD8, LSQM2FWDSC8 |
Yes |
|
F100 series |
Models |
IRF compatibility |
|
F100-X-G5 series |
F100-A-G5, F100-E-G5 |
Yes |
|
F100-C-G5, F100-M-G5, F100-S-G5 |
No |
|
|
F100-X-G3 series |
F100-A-G3, F100-E-G3 |
Yes |
|
F100-C-G3, F100-M-G3, F100-S-G3 |
No |
|
|
F100-X-G2 series |
F100-A-G2, F100-E-G2 |
Yes |
|
F100-C-G2, F100-M-G2, F100-S-G2 |
No |
|
|
F100-WiNet series |
F100-A91-WiNet, F100-A81-WiNet, F100-A80-WiNet |
Yes |
|
F100-C80-WiNet, F100-C60-WiNet, F100-C50-WiNet, F100-S80-WiNet |
No |
|
|
F100-C-A series |
F100-C-A6, F100-C-A5, F100-C-A3, F100-C-A2, F100-C-A1, F100-C-A6-WL, F100-C-A5-W, F100-C-A3-W |
No |
|
F100-X-XI series |
F100-A-EI, F100-A-HI, F100-A-SI, F100-E-EI |
Yes |
|
F100-C-EI, F100-C-HI, F100-C-XI, F100-S-HI, F100-S-XI |
No |
Restrictions and guidelines: IRF configuration
Support for Web-based configuration
You can configure only basic IRF settings from the Web interface. To configure IRF parameters not available on the Web interface, access the CLI.
Hardware compatibility with IRF
The device can form an IRF fabric only with devices of the same model.
Software requirements for IRF
All IRF member devices must run the same software image version. Make sure the software auto-update feature is enabled on all member devices.
IRF fabric size
An IRF fabric can contain a maximum of two member devices.
Candidate IRF physical interfaces
As a best practice, use high-speed ports as IRF physical interfaces.
Do not use the following ports as IRF physical interfaces:
· Console ports.
· Management ports. The interface type identifier for management ports is M-GigabitEthernet. The port identifier for a management port has a suffix of “/MGMT” on the panel.
· A port that has been assigned by default or manually to a bridge instance enabled with security service bypass..
On H3C SecBlade IV NGFW firewall modules, only the ports on the front panel can be used as IRF physical interfaces. If the panel has both 10-GE and GE ports, only the 10-GE ports can be used as IRF physical interfaces.
As a best practice, do not bind a Ten-GigabitEthernet (XGE) fiber port to an IRF port if a gigabit fiber transceiver module is installed in it. The port identifier for a Ten-GigabitEthernet fiber port is 10GBASE-R on the panel.
To use a port as an IRF physical interface, use the port group interface command to bind the port to an IRF port.
Use Table 2 and Table 3 to identify which ports on your device or module can act as IRF physical interfaces.
Table 2 F1000 series and candidate IRF physical interfaces matrix
|
F1000 series |
Models |
Candidate IRF physical interfaces |
|
F1000-X-G5 series |
F1000-A-G5, F1000-S-G5 |
· GE 1/0/0 to GE 1/0/23. · XGE 1/0/24 to XGE 1/0/29. |
|
F1000-C-G5, F1000-C-G5-LI |
· GE 1/0/0 to GE 1/0/25. · XGE 1/0/26. · XGE 1/0/27. |
|
|
F1000-E-G5, F1000-H-G5 |
· XGE 1/0/14 to XGE 1/0/17. · XGE 1/0/20. · XGE 1/0/21. |
|
|
F1000-X-G3 series |
F1000-A-G3, F1000-E-G3 |
· XGE 1/0/14 to XGE 1/0/17. · XGE 1/0/20. · XGE 1/0/21. |
|
F1000-C-G3, F1000-S-G3 |
· GE 1/0/14 to GE 1/0/17. · XGE 1/0/20. · XGE 1/0/21. |
|
|
F1000-X-G2 series |
F1000-A-G2, F1000-C-G2, F1000-E-G2, F1000-S-G2 |
All fixed ports. |
|
F1000-9X0-AI series |
F1000-9390-AI, F1000-9385-AI |
· XGE 1/0/14 to XGE 1/0/17. · XGE 1/0/20. · XGE 1/0/21. |
|
F1000-9380-AI, F1000-9370-AI |
· GE 1/0/0 to GE 1/0/23. · XGE 1/0/24 to XGE 1/0/29. |
|
|
F1000-9360-AI, F1000-9350-AI |
· GE 1/0/0 to GE 1/0/25. · XGE 1/0/26. · XGE 1/0/27. |
|
|
F1000-9330-AI, F1000-9320-AI |
· GE 1/0/4 to GE 1/0/21. · XGE 1/0/30. · XGE 1/0/31. |
|
|
F1000-990-AI, F1000-980-AI, F1000-970-AI, F1000-960-AI, F1000-950-AI, F1000-930-AI, F1000-920-AI |
All fixed ports. |
|
|
F1000-910-AI, F1000-905-AI |
IRF not supported. |
|
|
F1000-C83X0 series |
F1000-C8395 |
XGE 1/0/14 to XGE 1/0/17, XGE 1/0/20 to XGE 1/0/21 |
|
F1000-C8390, F1000-C8385, F1000-C8380 |
· GE 1/0/0 to GE 1/0/23. · XGE 1/0/24 to XGE 1/0/29. |
|
|
F1000-C8370, F1000-C8360, F1000-C8350 |
· GE 1/0/0 to GE 1/0/25. · XGE 1/0/26. · XGE 1/0/27. |
|
|
F1000-C8330 |
· GE 1/0/4 to GE 1/0/21. · XGE 1/0/30. · XGE 1/0/31. |
|
|
F1000-C81X0 series |
F1000-C8180, F1000-C8170, F1000-C8160 |
All fixed ports. |
|
F1000-C8150, F1000-C8130, F1000-C8120, F1000-C8110 |
IRF not supported. |
|
|
F1000-7X0-HI series |
F1000-770-HI |
· GE 1/0/0 to GE 1/0/23. · XGE 1/0/24 to XGE 1/0/29. |
|
F1000-750-HI, F1000-740-HI |
· GE 1/0/0 to GE 1/0/25. · XGE 1/0/26 to XGE 1/0/27. |
|
|
F1000-730-HI |
· GE 1/0/4 to GE 1/0/21. · XGE 1/0/30. · XGE 1/0/31. |
|
|
F1000-720-HI, F1000-710-HI |
IRF not supported. |
|
|
F1000-C-X series |
F1000-C-EI, F1000-C-HI |
All ports. |
|
F1000-C-XI |
· GE 1/0/0 to GE 1/0/23. · XGE 1/0/24 to XGE 1/0/29. |
|
|
F1000-E-XI |
· GE 1/0/0 to GE 1/0/25. · XGE 1/0/26. · XGE 1/0/27. |
|
|
F1000-V series |
F1000-E-VG |
All fixed ports. |
|
F1000-S-VG |
IRF not supported. |
|
|
SecBlade IV |
LSPM6FWD8 |
All ports on the front panel. |
|
LSQM2FWDSC8 |
XGE 1/0/1 to XGE 1/0/4. |
Table 3 F100 series and candidate IRF physical interfaces matrix
|
F100 series |
Models |
Candidate IRF physical interfaces |
|
F100-X-G5 series |
F100-A-G5 |
· GE 1/0/4 to GE 1/0/21. · XGE 1/0/30. · XGE 1/0/31. |
|
F100-C-G5, F100-M-G5, F100-S-G5 |
IRF not supported. |
|
|
F100-E-G5 |
GE 1/0/0 to GE 1/0/25, XGE 1/0/26 to XGE 1/0/27 |
|
|
F100-X-G3 series |
F100-A-G3, F100-E-G3 |
All fixed ports. |
|
F100-C-G3, F100-M-G3, F100-S-G3 |
IRF not supported. |
|
|
F100-X-G2 series |
F100-A-G2, F100-E-G2 |
All fixed ports. |
|
F100-C-G2, F100-M-G2, F100-S-G2 |
IRF not supported. |
|
|
F100-WiNet series |
F100-A91-WiNet |
· GE 1/0/0 to GE 1/0/25. · XGE 1/0/26. · XGE 1/0/27. |
|
F100-A81-WiNet |
· GE 1/0/4 to GE 1/0/21. · XGE 1/0/30. · XGE 1/0/31. |
|
|
F100-A80-WiNet |
All fixed ports. |
|
|
F100-C80-WiNet, F100-C60-WiNet, F100-C50-WiNet, F100-S80-WiNet |
IRF not supported. |
|
|
F100-C-A series |
F100-C-A6, F100-C-A5, F100-C-A3, F100-C-A2, F100-C-A1, F100-C-A6-WL, F100-C-A5-W, F100-C-A3-W |
IRF not supported. |
|
F100-X-XI series |
F100-A-EI, F100-A-HI, F100-A-SI, F100-E-EI |
All fixed ports. |
|
F100-C-EI, F100-C-HI, F100-C-XI, F100-S-HI, F100-S-XI |
IRF not supported. |
Transceiver modules and cables selection for IRF
When you select transceiver modules and cables, follow these restrictions and guidelines:
· Use Category 5 (or above) twisted-pair cables to connect 10/100/1000Mbps Ethernet ports for a short-distance connection.
· Use SFP or SFP+ DAC cables to connect SFP or SFP+ ports for a short-distance connection.
· Use SFP or SFP+ transceiver modules and fibers to connect SFP or SFP+ ports for a long-distance connection.
· The transceiver modules at the two ends of an IRF link must be the same type.
For more information about the transceiver modules and DAC cables, see the device installation guide and H3C Transceiver Modules User Guide.
|
|
NOTE: The transceiver modules and DAC cables available for the device are subject to change over time. For the most up-to-date list of transceiver modules and DAC cables, contact your H3C sales representative. |
IRF port connection
When you connect two neighboring IRF members, follow these restrictions and guidelines:
· You must connect the physical interfaces of IRF-port 1 on one member to the physical interfaces of IRF-port 2 on the other.
· For high availability, bind multiple physical interfaces to an IRF port.
· No relay devices are allowed between neighboring members.
Figure 13 Connecting IRF physical interfaces
IRF physical interface configuration restrictions and guidelines
Command configuration restrictions
On a physical interface bound to an IRF port, you can execute only the following commands:
· Interface commands, including:
¡ description.
¡ flow-interval.
¡ shutdown.
For more information about these commands, see Ethernet interface configuration in Interface Command Reference.
· LLDP commands, including:
¡ lldp admin-status.
¡ lldp check-change-interval.
¡ lldp enable.
¡ lldp encapsulation snap.
¡ lldp notification remote-change enable.
¡ lldp tlv-enable.
For more information about these commands, see Layer 2—LAN Switching Command Reference.
· The mirroring-group reflector-port command, which specifies the physical interface as a reflector port for remote mirroring. For more information about this command, see port mirroring in Network Management and Monitoring Command Reference.
|
|
IMPORTANT: Do not execute the mirroring-group reflector-port command on an IRF physical interface if that interface is the only member interface of an IRF port. Doing so will split the IRF fabric, because this command also removes the binding of the physical interface and IRF port. |
Feature compatibility and configuration restrictions with IRF
ACL
To form an IRF fabric, all member devices in the IRF fabric must have the same settings for the ACL hardware mode. For more information about hardware-based ACLs, see ACL and QoS Configuration Guide.
Licensing requirements for IRF
For a license-based feature to run correctly on an IRF fabric, make sure the licenses installed for the feature on all member devices are the same. For more information about feature licensing, see Fundamentals Configuration Guide.
Configuration rollback restrictions
The configuration rollback feature cannot roll back the following IRF settings:
· Member device description (set by using the irf member description command).
· Member device priority (set by using the irf member priority command).
· IRF physical interface and IRF port bindings (set by using the port group interface command).
For more information about the configuration rollback feature, see configuration file management in Fundamentals Configuration Guide.
IRF tasks at a glance
To configure IRF, perform the following tasks:
Configure a minimum of one MAD mechanism on an IRF fabric.
¡ Excluding interfaces from the shutdown action upon detection of multi-active collision
This feature excludes an interface from the shutdown action for management or other special purposes when an IRF fabric transits to the Recovery state.
3. (Optional.) Optimizing IRF settings for an IRF fabric
¡ Configuring a member device description
¡ Configuring IRF link load sharing mode
¡ Configuring the IRF bridge MAC address
¡ Enabling software auto-update for software image synchronization
This feature automatically synchronizes the current software images of the master to devices that are attempting to join the IRF fabric.
¡ Removing an expansion interface card that has IRF physical interfaces
¡ Replacing an expansion interface card that has IRF physical interfaces
Planning the IRF fabric setup
Consider the following items when you plan an IRF fabric:
· Hardware compatibility and restrictions.
· IRF fabric size.
· Master device.
· Member ID and priority assignment scheme.
· Fabric topology and cabling scheme.
· IRF physical interfaces.
Setting up an IRF fabric
IRF setup tasks at a glance
To set up an IRF fabric, perform the following tasks:
1. Configure member IDs, priorities, and IRF physical interfaces separately.
a. Assigning a member ID to each IRF member device
b. (Optional.) Specifying a priority for each member device
c. Binding physical interfaces to IRF ports
Skip these tasks if you configure member IDs, priorities, domain ID, and IRF physical interfaces in bulk.
2. Bulk-configuring basic IRF settings for a member device
Skip this task if you configure member IDs, priorities, domain ID, and IRF physical interfaces separately.
3. Connecting IRF physical interfaces
Assigning a member ID to each IRF member device
Restrictions and guidelines
To create an IRF fabric, you must assign a unique IRF member ID to each member device.
The new member ID of a device takes effect at a reboot. After the device reboots, the settings on all member ID-related physical resources (including common physical network interfaces) are removed, regardless of whether you have saved the configuration.
Procedure
1. Enter system view.
system-view
2. Assign a member ID to a member device.
irf member member-id renumber new-member-id
The default IRF member ID is 1.
|
|
CAUTION: An IRF member ID change can invalidate member ID-related settings and cause data loss. Make sure you fully understand its impact on the live network. |
3. (Optional.) Save the configuration.
save
If you have bound physical interfaces to IRF ports or assigned member priority, you must perform this step for these settings to take effect after the reboot.
4. Return to user view.
quit
5. Reboot the device.
reboot [ slot slot-number ] [ force ]
Specifying a priority for each member device
About this task
IRF member priority represents the possibility for a device to be elected the master in an IRF fabric. A larger priority value indicates a higher priority.
A change to member priority affects the election result at the next master election, but it does not cause an immediate master re-election.
Procedure
1. Enter system view.
system-view
2. Specify a priority for the device.
irf member member-id priority priority
The default IRF member priority is 1.
Binding physical interfaces to IRF ports
Restrictions and guidelines
Select qualified physical interfaces as IRF physical interfaces as described in "Candidate IRF physical interfaces."
Make sure the IRF physical interfaces of an IRF port use the same binding mode.
After binding physical interfaces to IRF ports for the first time, you must use the irf-port-configuration active command to activate the settings on the IRF ports.
The system activates the IRF port settings automatically only in the following situations:
· The configuration file that the device starts with contains IRF port bindings.
· You are adding physical interfaces to an IRF port (in UP state) after an IRF fabric is formed.
Procedure
1. Enter system view.
system-view
2. Enter the interface view or interface range view of an IRF physical interface or a range of IRF physical interfaces, respectively.
¡ Enter Layer 2 or Layer 3 Ethernet interface view.
interface interface-type interface-number
¡ Enter interface range view. Choose one of the following commands:
interface range { interface-type interface-number [ to interface-type interface-number ] } &<1-24>
interface range name name [ interface { interface-type interface-number [ to interface-type interface-number ] } &<1-24> ]
To shut down a range of IRF physical interfaces, enter interface range view.
To shut down one IRF physical interface, enter its interface view.
3. Shut down the physical interfaces.
shutdown
By default, a physical interface is not administratively down.
You must always shut down a physical interface before binding it to an IRF port or removing the binding. If the system prevents you from shutting down an interface, follow the system instructions to disable its peer interface.
4. Return to system view.
quit
5. Enter IRF port view.
irf-port member-id/irf-port-number
6. Bind each physical interface to the IRF port.
port group interface interface-type interface-number
By default, no physical interfaces are bound to an IRF port.
Repeat this step to assign multiple physical interfaces to the IRF port.
7. Return to system view.
quit
8. Enter the interface view or interface range view of an IRF physical interface or a range of IRF physical interfaces, respectively.
¡ Enter Layer 2 or Layer 3 Ethernet interface view.
interface interface-type interface-number
¡ Enter interface range view. Choose one of the following commands:
interface range { interface-type interface-number [ to interface-type interface-number ] } &<1-24>
interface range name name [ interface { interface-type interface-number [ to interface-type interface-number ] } &<1-24> ]
9. Bring up the physical interfaces.
undo shutdown
10. Return to system view.
quit
11. Save the configuration.
save
Activating IRF port configurations causes IRF merge and reboot. To avoid data loss, save the running configuration to the startup configuration file before you perform the operation.
12. Activate the IRF port settings.
irf-port-configuration active
Bulk-configuring basic IRF settings for a member device
About this task
Use the easy IRF feature to bulk-configure basic IRF settings for a member device, including the member ID, domain ID, priority, and IRF port bindings.
The easy IRF feature provides the following configuration methods:
· Interactive method—Enter the easy-irf command without parameters. The system will guide you to set the parameters step by step.
· Non-interactive method—Enter the easy-irf command with parameters.
As a best practice, use the interactive method if you are new to IRF.
Restrictions and guidelines
|
|
CAUTION: · Use caution when you change the member ID of an IRF member device. An IRF member ID uniquely identifies a device in an IRF fabric . An IRF member ID change can invalidate member ID-related settings, including interface and file path settings, and cause data loss. Make sure you fully understand its impact on the live network. · The member device reboots immediately after you specify a new member ID for it. Make sure you are aware of the impact of this operation on the network. |
If you execute the easy-irf command multiple times, the following settings take effect:
· The most recent settings for the member ID, domain ID, and priority.
· IRF port bindings added through repeated executions of the command. To remove an IRF physical interface from an IRF port, you must use the undo port group interface command in IRF port view.
If you specify IRF physical interfaces by using the interactive method, you must also follow these restrictions and guidelines:
· Do not enter spaces between the interface type and interface number.
· Use a comma (,) to separate two physical interfaces. No spaces are allowed between interfaces.
Procedure
1. Enter system view.
system-view
2. Bulk-configure basic IRF settings for the device.
easy-irf [ member member-id [ renumber new-member-id ] domain domain-id [ priority priority ] [ irf-port1 interface-list1 ] [ irf-port2 interface-list2 ] ]
Make sure the new member ID is unique in the IRF fabric to which the device will be added.
Connecting IRF physical interfaces
Follow the restrictions in "IRF port connection" to connect IRF physical interfaces as well as based on the topology and cabling scheme. The devices perform master election. The member devices that fail the master election automatically reboot to form an IRF fabric with the master device.
Accessing the IRF fabric
The IRF fabric appears as one device after it is formed. You configure and manage all IRF members at the CLI of the master. All settings you have made are automatically propagated to the IRF members.
The following methods are available for accessing an IRF fabric:
· Local login—Log in through the AUX or console port of any member device.
· Remote login—Log in at a Layer 3 interface on any member device by using methods including Telnet and SNMP.
When you log in to an IRF fabric, you are placed at the CLI of the master, regardless of at which member device you are logged in.
For more information, see login configuration in Fundamentals Configuration Guide.
Configuring MAD
Restrictions and guidelines for MAD configuration
VLAN interface compatibility
Do not configure MAD on VLAN interfaces.
MAD mechanism compatibility
As a best practice, configure a minimum of one MAD mechanism on an IRF fabric for prompt IRF split detection. Because MAD mechanisms use different collision handling processes, follow these restrictions and guidelines when you configure multiple MAD mechanisms on an IRF fabric:
· Do not configure LACP MAD together with ARP MAD or ND MAD.
· Do not configure BFD MAD together with ARP MAD or ND MAD.
Assigning IRF domain IDs
An IRF fabric has only one IRF domain ID.
You can change the IRF domain ID by using the following commands: irf domain, mad enable, mad arp enable, or mad nd enable. The IRF domain IDs configured by using these commands overwrite each other.
If LACP MAD, ARP MAD, or ND MAD runs between two IRF fabrics, assign each fabric a unique IRF domain ID. (For BFD MAD, this task is optional.)
Actions on interfaces shut down by MAD
To prevent a multi-active collision from causing network issues, avoid using the undo shutdown command to bring up the interfaces shut down by a MAD mechanism on a Recovery-state IRF fabric.
Configuring LACP MAD
1. Enter system view.
system-view
2. Assign a domain ID to the IRF fabric.
irf domain domain-id
The default IRF domain ID is 0.
|
|
CAUTION: Changing the IRF domain ID of an IRF member device will remove that member device from the IRF fabric. This member device will be unable to exchange IRF protocol packets with the remaining member devices in the IRF fabric. |
3. Create an aggregate interface and enter aggregate interface view.
¡ Enter Layer 2 aggregate interface view.
interface bridge-aggregation interface-number
¡ Enter Layer 3 aggregate interface view.
interface route-aggregation interface-number
Perform this step also on the intermediate device.
4. Configure the aggregation group to operate in dynamic aggregation mode.
link-aggregation mode dynamic
By default, an aggregation group operates in static aggregation mode.
LACP MAD takes effect only on dynamic aggregate interfaces.
Perform this step also on the intermediate device.
5. Enable LACP MAD.
mad enable
By default, LACP MAD is disabled.
6. Return to system view.
quit
7. Enter Ethernet interface view or interface range view.
¡ Enter Ethernet interface view.
interface interface-type interface-number
¡ Enter interface range view. Choose one of the following commands:
interface range { interface-type interface-number [ to interface-type interface-number ] } &<1-24>
interface range name name [ interface { interface-type interface-number [ to interface-type interface-number ] } &<1-24> ]
To assign a range of ports to the aggregation group, enter interface range view.
To assign one port to the aggregation group, enter Ethernet interface view.
8. Assign the Ethernet port or the range of Ethernet ports to the specified aggregation group.
port link-aggregation group group-id
Multichassis link aggregation is allowed.
Perform this step also on the intermediate device.
Configuring BFD MAD
Restrictions and guidelines for configuring BFD MAD
As a best practice, use the following procedure to set up BFD MAD:
1. Choose a BFD MAD link scheme as described in "BFD MAD."
2. Configure BFD MAD.
3. Connect the BFD MAD links.
When you configure BFD MAD on a Layer 3 aggregate interface, follow these restrictions and guidelines:
|
Category |
Restrictions and guidelines |
|
BFD MAD-enabled Layer 3 aggregate interface |
· Make sure the Layer 3 aggregate interface operates in static aggregation mode. · Make sure the member ports in the aggregation group do not exceed the maximum number of Selected ports allowed for an aggregation group. If the number of member ports exceeds the maximum number of Selected ports, some member ports cannot become Selected. BFD MAD will be unable to work correctly and its state will change to Faulty. |
|
BFD MAD VLAN |
If a switch is used as the intermediate device, use a VLAN as the BFD MAD VLAN on the intermediate device. · If the intermediate device acts as a BFD MAD intermediate device for multiple IRF fabrics, assign different BFD MAD VLANs to the IRF fabrics. · Assign the ports on the BFD MAD links for the same IRF fabric to the same VLAN. Do not assign the ports to an aggregate interface. If the ports are hybrid ports, make sure these ports are untagged members of their PVIDs. · Do not use the BFD MAD VLAN on the intermediate device for any purposes other than BFD MAD. · Make sure the BFD MAD VLAN on the intermediate device contains only ports on the BFD MAD links. Exclude a port from the BFD MAD VLAN if that port is not on a BFD MAD link. If you have assigned that port to all VLANs by using the port trunk permit vlan all command, use the undo port trunk permit command to exclude that port from the BFD MAD VLAN. |
|
BFD MAD-enabled Layer 3 aggregate interface and feature compatibility |
Use only the mad bfd enable and mad ip address commands on the BFD MAD-enabled interface. If you configure other features, both BFD MAD and other features on the interface might run incorrectly. |
|
MAD IP address |
· To avoid network issues, only use the mad ip address command to configure IP addresses on the BFD MAD-enabled interface. Do not configure an IP address by using the ip address command on the BFD MAD-enabled interface. · Make sure all the MAD IP addresses are on the same subnet. |
Configuring BFD MAD on a Layer 3 aggregate interface
1. Enter system view.
system-view
2. (Optional.) Assign a domain ID to the IRF fabric.
irf domain domain-id
By default, the domain ID of an IRF fabric is 0.
|
|
CAUTION: Changing the IRF domain ID of an IRF member device will remove that member device from the IRF fabric. This member device will be unable to exchange IRF protocol packets with the remaining member devices in the IRF fabric. |
3. Create a Layer 3 aggregate interface for BFD MAD.
interface route-aggregation interface-number
4. Return to system view.
quit
5. Enter interface view or interface range view.
¡ Enter Ethernet interface view.
interface interface-type interface-number
¡ Enter interface range view. Choose one of the following commands:
interface range { interface-type interface-number [ to interface-type interface-number ] } &<1-24>
interface range name name [ interface { interface-type interface-number [ to interface-type interface-number ] } &<1-24> ]
To assign a range of ports to the aggregation group for the aggregate interface, enter interface range view.
To assign one port to the aggregation group for the aggregate interface, enter Ethernet interface view.
6. Assign the port or the range of ports to the aggregation group for the aggregate interface.
port link-aggregation group number
7. Return to system view.
quit
8. Enter Layer 3 aggregate interface view.
interface route-aggregation interface-number
9. Enable BFD MAD.
mad bfd enable
By default, BFD MAD is disabled.
10. Assign a MAD IP address to a member device on the Layer 3 aggregate interface.
mad ip address ip-address { mask | mask-length } member member-id
By default, no MAD IP addresses are configured on aggregate interfaces.
Repeat this step to assign a MAD IP address to each member device on the aggregate interface.
Configuring ARP MAD
Restrictions and guidelines
As a best practice, use the following procedure to set up ARP MAD:
1. Choose an ARP MAD link scheme as described in "ARP MAD."
2. Configure ARP MAD.
3. Connect the ARP MAD links if you are not using existing data links as ARP MAD links.
When you configure ARP MAD, follow these restrictions and guidelines:
|
Category |
Restrictions and guidelines |
|
ARP MAD VLAN |
· Do not enable ARP MAD on VLAN-interface 1. · If you are using an intermediate device, perform the following tasks: ¡ On the IRF fabric and the intermediate device, create a VLAN for ARP MAD. ¡ On the IRF fabric and the intermediate device, assign the ports of ARP MAD links to the ARP MAD VLAN. ¡ On the IRF fabric, create a VLAN interface for the ARP MAD VLAN. · Do not use the ARP MAD VLAN for any other purposes. |
|
ARP MAD and feature configuration |
If an intermediate device is used, make sure the following requirements are met: · Run the spanning tree feature between the IRF fabric and the intermediate device to ensure that there is only one ARP MAD link in forwarding state. For more information about the spanning tree feature and its configuration, see Layer 2—LAN Switching Configuration Guide. · Enable the IRF fabric to change its bridge MAC address as soon as the address owner leaves. · If the intermediate device is also an IRF fabric, assign the two IRF fabrics different domain IDs for correct split detection. |
Procedure
1. Enter system view.
system-view
2. Assign a domain ID to the IRF fabric.
irf domain domain-id
The default IRF domain ID is 0.
|
|
CAUTION: Changing the IRF domain ID of an IRF member device will remove that member device from the IRF fabric. This member device will be unable to exchange IRF protocol packets with the remaining member devices in the IRF fabric. |
3. Configure the IRF bridge MAC address to change as soon as the address owner leaves.
undo irf mac-address persistent
By default, the IRF bridge MAC address remains unchanged for 6 minutes after the address owner leaves.
4. Create a VLAN dedicated to ARP MAD.
vlan vlan-id
By default, only VLAN 1 exists.
5. Return to system view.
quit
6. Enter Ethernet interface view or interface range view.
¡ Enter Ethernet interface view.
interface interface-type interface-number
¡ Enter interface range view. Choose one of the following commands:
interface range { interface-type interface-number [ to interface-type interface-number ] } &<1-24>
interface range name name [ interface { interface-type interface-number [ to interface-type interface-number ] } &<1-24> ]
To assign a range of ports to the ARP MAD VLAN, enter interface range view.
To assign one port to the ARP MAD VLAN, enter Ethernet interface view.
7. Assign the port or the range of ports to the ARP MAD VLAN.
¡ Assign the ports to the VLAN as access ports.
port access vlan vlan-id
¡ Assign the ports to the VLAN as trunk ports.
port trunk permit vlan vlan-id
¡ Assign the ports to the VLAN as hybrid ports.
port hybrid vlan vlan-id { tagged | untagged }
The link type of ARP MAD ports can be access, trunk, or hybrid.
The default link type of a port is access.
8. Return to system view.
quit
9. Enter VLAN interface view.
interface vlan-interface vlan-interface-id
10. Assign the interface an IP address.
ip address ip-address { mask | mask-length }
By default, no IP addresses are assigned to any VLAN interfaces.
11. Enable ARP MAD.
mad arp enable
By default, ARP MAD is disabled.
Configuring ND MAD
Restrictions and guidelines
When you use ND MAD, follow these guidelines:
· If an intermediate device is used, you can use common data links as ND MAD links. If no intermediate device is used, set up dedicated ND MAD links between IRF member devices.
· If an intermediate device is used, make sure the following requirements are met:
¡ Run the spanning tree feature between the IRF fabric and the intermediate device. Make sure there is only one ND MAD link in forwarding state. For more information about the spanning tree feature and its configuration, see Layer 2—LAN Switching Configuration Guide.
¡ Enable the IRF fabric to change its bridge MAC address as soon as the address owner leaves.
¡ If the intermediate device is also an IRF fabric, assign the two IRF fabrics different domain IDs for correct split detection.
Procedure
1. Enter system view.
system-view
2. Assign a domain ID to the IRF fabric.
irf domain domain-id
The default IRF domain ID is 0.
|
|
CAUTION: Changing the IRF domain ID of an IRF member device will remove that member device from the IRF fabric. This member device will be unable to exchange IRF protocol packets with the remaining member devices in the IRF fabric. |
3. Configure the IRF bridge MAC address to change as soon as the address owner leaves.
undo irf mac-address persistent
By default, the IRF bridge MAC address remains unchanged for 6 minutes after the address owner leaves.
4. Create a VLAN dedicated to ND MAD.
vlan vlan-id
By default, only VLAN 1 exists.
Do not configure ND MAD on VLAN-interface 1.
Do not use the VLAN configured for ND MAD for any other purposes.
Perform this task also on the intermediate device (if any).
5. Return to system view.
quit
6. Enter Ethernet interface view or interface range view.
¡ Enter Ethernet interface view.
interface interface-type interface-number
¡ Enter interface range view. Choose one of the following commands:
interface range { interface-type interface-number [ to interface-type interface-number ] } &<1-24>
interface range name name [ interface { interface-type interface-number [ to interface-type interface-number ] } &<1-24> ]
To assign a range of ports to the ND MAD VLAN, enter interface range view.
To assign one port to the ND MAD VLAN, enter Ethernet interface view.
7. Assign the port or the range of ports to the ND MAD VLAN.
¡ Assign the ports to the VLAN as access ports.
port access vlan vlan-id
¡ Assign the ports to the VLAN as trunk ports.
port trunk permit vlan vlan-id
¡ Assign the ports to the VLAN as hybrid ports.
port hybrid vlan vlan-id { tagged | untagged }
The link type of ND MAD ports can be access, trunk, or hybrid.
The default link type of a port is access.
Perform this task also on the intermediate device (if any).
8. Return to system view.
quit
9. Enter VLAN interface view.
interface vlan-interface vlan-interface-id
10. Assign the interface an IPv6 address.
ipv6 address { ipv6-address/prefix-length | ipv6-address prefix-length }
By default, no IPv6 addresses are assigned to any VLAN interfaces.
11. Enable ND MAD.
mad nd enable
By default, ND MAD is disabled.
Excluding interfaces from the shutdown action upon detection of multi-active collision
About this task
When an IRF fabric transits to the Recovery state, the system automatically excludes the following network interfaces from being shut down:
· IRF physical interfaces.
· Member interfaces of an aggregate interface if the aggregate interface is excluded from being shut down.
You can exclude a network interface from the shutdown action for management or other special purposes. For example:
· Exclude a port from the shutdown action so you can Telnet to the port for managing the device.
· Exclude a VLAN interface and its Layer 2 ports from the shutdown action so you can log in through the VLAN interface.
Restrictions and guidelines
If the Layer 2 ports of a VLAN interface are distributed on multiple member devices, the exclusion operation might introduce IP collision risks. The VLAN interface might be up on both active and inactive IRF fabrics.
Procedure
1. Enter system view.
system-view
2. Configure a network interface to not shut down when the IRF fabric transits to the Recovery state.
mad exclude interface interface-type interface-number
By default, all network interfaces on a Recovery-state IRF fabric are shut down, except for the network interfaces automatically excluded by the system.
Recovering an IRF fabric
About this task
For split IRF fabrics, if the active IRF fabric fails before the IRF link is recovered, perform this task on the inactive IRF fabric to recover the inactive IRF fabric. The manual recovery operation brings up all interfaces that were shut down by MAD on the inactive IRF fabric.
Procedure
1. Enter system view.
system-view
2. Recover the inactive IRF fabric.
mad restore
Optimizing IRF settings for an IRF fabric
Configuring a member device description
1. Enter system view.
system-view
2. Configure a description for a member device.
irf member member-id description text
By default, no member device description is configured.
Configuring IRF link load sharing mode
About IRF link load sharing mode
On an IRF port, traffic is balanced across its physical links.
You can configure the IRF port to distribute traffic based on any combination of the following criteria:
· IP addresses.
· MAC addresses.
The system displays an error message if a criteria combination is not supported.
The criteria can also be packet types, such as Layer 2, IPv4, and IPv6.
Restrictions and guidelines for configuring IRF link load sharing mode
Configure the IRF link load sharing mode for IRF links in system view or IRF port view:
· In system view, the configuration is global and takes effect on all IRF ports.
· In IRF port view, the configuration is port specific and takes effect only on the specified IRF port.
An IRF port preferentially uses the port-specific load sharing mode. If no port-specific load sharing mode is available, the IRF port uses the global load sharing mode.
Before you configure a port-specific load sharing mode, make sure you have bound a minimum of one physical interface to the IRF port.
Configuring the global load sharing mode
1. Enter system view.
system-view
2. Configure the global IRF link load sharing mode.
irf-port global load-sharing mode { destination-ip | destination-mac | source-ip | source-mac } *
By default, packets are distributed based on the load sharing mode automatically selected depending on the packet type.
If you execute this command multiple times, the most recent configuration takes effect.
Configuring a port-specific load sharing mode
1. Enter system view.
system-view
2. Enter IRF port view.
irf-port member-id/irf-port-number
3. Configure the port-specific load sharing mode.
irf-port load-sharing mode { destination-ip | destination-mac | source-ip | source-mac } *
By default, packets are distributed based on the load sharing mode automatically selected depending on the packet type.
If you execute this command multiple times, the most recent configuration takes effect.
Configuring the IRF bridge MAC address
About this task
The bridge MAC address of a system must be unique on a switched LAN. IRF bridge MAC address identifies an IRF fabric by Layer 2 protocols (for example, LACP) on a switched LAN.
By default, an IRF fabric uses the bridge MAC address of the master as the IRF bridge MAC address. After the master leaves, the IRF bridge MAC address persists for a period of time or permanently depending on the IRF bridge MAC persistence setting. When the IRF bridge MAC persistence timer expires, the IRF fabric uses the bridge MAC address of the current master as the IRF bridge MAC address.
If IRF fabric merge occurs, IRF determines the IRF bridge MAC address of the merged IRF fabric as follows:
1. When IRF fabrics merge, IRF ignores the IRF bridge MAC addresses and checks the bridge MAC address of each member device in the IRF fabrics. IRF merge fails if any two member devices have the same bridge MAC address.
2. After IRF fabrics merge, the merged IRF fabric uses the bridge MAC address of the merging IRF fabric that won the master election as the IRF bridge MAC address.
Restrictions and guidelines
|
|
CAUTION: Bridge MAC address change will cause transient traffic disruption. |
When you configure IRF bridge MAC persistence, follow these restrictions and guidelines:
· If ARP MAD or ND MAD is used with the spanning tree feature, you must disable IRF bridge MAC persistence by using the undo irf mac-address persistent command.
· If the IRF fabric has multichassis aggregate links, do not use the undo irf mac-address persistent command. Use of this command might cause traffic disruption.
An IRF bridge MAC change might cause the MAC addresses of logical interfaces such as VLAN interfaces to change, resulting in forwarding issues. To avoid this situation, configure IRF bridge MAC persistence to have the existing IRF bridge MAC address persists for a while or permanently after the address owner leaves the IRF fabric.
Configuring IRF bridge MAC persistence
1. Enter system view.
system-view
2. Configure IRF bridge MAC persistence.
¡ Retain the bridge MAC address permanently even if the address owner has left the fabric.
irf mac-address persistent always
¡ Retain the bridge MAC address for 6 minutes after the address owner leaves the fabric.
irf mac-address persistent timer
¡ Change the bridge MAC address as soon as the address owner leaves the fabric.
undo irf mac-address persistent
By default, the IRF bridge MAC address remains unchanged for 6 minutes after the address owner leaves.
The irf mac-address persistent timer command avoids unnecessary bridge MAC address changes caused by device reboot, transient link failure, or purposeful link disconnection.
Enabling software auto-update for software image synchronization
About this task
The software auto-update feature automatically synchronizes the current software images of the master to devices that are attempting to join the IRF fabric.
To join an IRF fabric, a device must use the same software images as the master in the fabric.
When you add a device to the IRF fabric, software auto-update compares the startup software images of the device with the current software images of the IRF master. If the two sets of images are different, the device automatically performs the following operations:
1. Downloads the current software images of the master.
2. Sets the downloaded images as its main startup software images.
3. Reboots with the new software images to rejoin the IRF fabric.
You must manually update the new device with the software images running on the IRF fabric if software auto-update is disabled.
Restrictions and guidelines
To ensure a successful software auto-update in a multi-user environment, prevent anyone from rebooting member devices during the auto-update process. To inform administrators of the auto-update status, configure the information center to output the status messages to configuration terminals (see Network Management and Monitoring Configuration Guide).
Make sure the device you are adding to the IRF fabric has sufficient storage space for the new software images.
If sufficient storage space is not available, the device automatically deletes the current software images. If the reclaimed space is still insufficient, the device cannot complete the auto-update. You must reboot the device, and then access the Bootware menu to delete files.
Procedure
1. Enter system view.
system-view
2. Enable software auto-update.
irf auto-update enable
By default, software auto-update is enabled.
Removing an expansion interface card that has IRF physical interfaces
To remove an expansion interface card that provides IRF physical interfaces:
1. Perform one of the following tasks to eliminate temporary packet loss:
¡ Remove cables from the IRF physical interfaces on the card.
¡ Shut down the IRF physical interfaces on the card by using the shutdown command.
2. Remove the card.
Replacing an expansion interface card that has IRF physical interfaces
Replacing the old card with a different model replacement card
1. Shut down the IRF physical interfaces on the old card by using the shutdown command.
2. Remove the IRF port bindings that contain the physical interfaces.
3. Remove the old card, and then install the replacement card.
4. Verify that the replacement card has been correctly installed by using the display device command.
5. Reconfigure the IRF port bindings, as described in "Binding physical interfaces to IRF ports."
6. Activate the IRF port settings by using the irf-port-configuration active command.
You can skip this step if the IRF port is in UP state when you add bindings.
Replacing the old card with the same model replacement card
1. Shut down the IRF physical interfaces on the old card by using the shutdown command.
2. Remove the old card, and then install the replacement card.
3. Verify that the replacement card has been correctly installed by using the display device command.
Bring up the physical interfaces by using the undo shutdown command after the interface card completes startup.
Display and maintenance commands for IRF
Execute display commands in any view.
|
Task |
Command |
|
Display information about all IRF members. |
display irf |
|
Display the IRF fabric topology. |
display irf topology |
|
Display IRF link information. |
display irf link |
|
Display IRF configuration. |
display irf configuration |
|
Display the load sharing mode for IRF links. |
display irf-port load-sharing mode [ irf-port [ member-id/irf-port-number ] ] |
|
Display MAD configuration. |
display mad [ verbose ] |
