HP 5500 Ei 5500 Si Switch Series Configuration Guide
Have a look at the manual HP 5500 Ei 5500 Si Switch Series Configuration Guide online for free. It’s possible to download the document as PDF or print. UserManuals.tech offer 1114 HP manuals and user’s guides for free. Share the user manual or guide on Facebook, Twitter or Google+.
15 Connecting physical IRF ports When you connect two neighboring IRF members, connect the physical ports of IRF-port 1 on one member to the physical ports of IRF-port 2 on the other, as shown in Figure 9. IMPORTANT: No intermediate devices are allo wed between neighboring members. Figure 9 Connecting IRF physical ports Connection restrictions The switches support up to two physical IRF ports for an IRF port. Note the following IRF link binding restrictions when you connect physical IRF ports: • Facing the rear panel, make sure the physical ports bound to IRF port 1 is on the left of the physical ports bound to IRF port 2. • Physical ports of an IRF port must be on the same interface card IRF fabric topology Connect the switches into a daisy chain topolo g y o r m o r e r e l i a b l y, a r i n g t o p o l o g y ( s e e Figure 10). In ring topology, the failure of one IRF link does not cause the IRF fabric to split as in daisy chain topology. Rather, the IRF fabric changes to a daisy chain topology without interrupting network services. To use the ring topology, you must have at least three member switches.
16
Figure 10 Daisy chain topology vs. ring topology
Binding physical ports to IRF ports
When you bind physical ports to IRF ports, follow the restrictions in Connection restrictions.
On a ph
ysical port that has been bound to an IRF port, you can only use the cfd, default , shutdown ,
description , and flow-interval commands. For more information about these commands, see Layer
2—LAN Switching Command Reference.
To bind physical ports to IRF ports:
Step Command Remarks
1. Enter system view.
system-view N/A
2. Enter physical IRF port view. interface
interface-type
interface-number N/A
3.
Shut down the port.
shutdown Always shut down a physical port
before binding it to an IRF port or
removing the binding.
Start the shutdown operation on the
master and then the switch that has
the fewest number of hops from the
master.
4.
Return to system view.
quit N/A
5. Create an IRF port and enter
IRF port view. irf-port
member-id /port-number N/A
6. Bind the physical port to the
IRF port. port group interface
interface-type
interface-number [ mode
{ enhanced | normal } ] By default, no physical port is bound
to any IRF port.
The switch does not support the
enhanced
keyword.
Make sure the two ends of an IRF link
use the same binding mode.
17 Step Command Remarks 7. Return to system view. quit N/A 8. Enter physical IRF port view. interface interface-type interface-number N/A 9. Bring up the port. undo shutdown N/A 10. Return to system view. quit N/A 11. Save the running configuration. save N/A 12. Activate the IRF port configuration. irf-port-configuration active After this step is performed, the state of the IRF port changes to UP, the member switches automatically elects a master, and the subordinate switch automatically reboots. After the IRF fabric is formed, you can add more physical ports to an IRF port (in UP state) without performing this step. Accessing the IRF fabric The IRF fabric appears as one device after it is formed. You configure and manage all IRF members at the CLI of the master. All settings you made are automatically propagated to the IRF members. When you log in to an IRF fabric, you are placed at the CLI of the master, regardless of at which member switch you are logged in. After that, you can access the CLI of a subordinate switch to execute a limited set of maintenance commands. Th e I R F fa b ric s u p p o r t s u p t o 16 c o n cu rre n t V T Y u s e r s. Th e m a xi m u m nu m b e r o f c o n cu rre n t c o n s o l e u s e rs equals the total number of member switches in the IRF fabric. Accessing the CLI of the master switch Access an IRF fabric in one of the following ways: • Local login —Log in through the console port of any member switch. • Remote login —Remotely log in at a Layer 3 interface on any member switch through Telnet, SNMP, or Web. For more information, see the chapter on login in Fundamentals Configuration Guide. Accessing the CLI of a subordinate switch You can log in to the CLI of a subordinate switch for maintenance or debugging. At the CLI of a subordinate switch, you are placed in user view, and the command prompt changes to , for example, . You can use the following commands at a subordinate switchs CLI: • display • quit • return
18 • system-view • debugging • terminal debugging • terminal logging • terminal monitor • terminal trapping Perform the following task in user view: Task Command Remarks Log in to a subordinate switch. irf switch-to member-id By default, you are placed at the masters CLI. To return to the masters CLI, use the quit command. Assigning an IRF domain ID to the IRF fabric This task is required for running LACP MAD or ARP MAD between two IRF fabrics. For BFD MAD, this task is optional. One IRF fabric forms one IRF domain. IRF domain ID s prevent IRF fabrics from interfering with one another. In Figure 1 1, S witch A and Switch B form IRF fabric 1, and Switch C and Switch D form IRF fabric 2. These fabrics have LACP MAD links between them. When a me m b e r swi tch i n o n e I R F fa b ric re c eives a n L AC P MAD packet, it looks at the domain ID in the packet to see whether the packet is from the local IRF fabric or from a different IRF fabric. Then, the switch can handle the packet correctly.
19 Figure 11 A network that comprises two IRF domains To assign a domain ID to an IRF fabric: Step Command Remarks 1. Enter system view. system-view N/A 2. Assign a domain ID to the IRF fabric. irf domain domain-id By d efa ult, the d oma in ID of an IRF fa b ric is 0. Configuring a member switch description You can configure a description for a member switch to identify its physical location, or for any other management purpose. To configure a description for a member switch: Step Command Remarks 1. Enter system view. system-view N/A 2. Configure the description of a member. irf member member-id description text By default, no member switch description is configured. Configuring IRF link load sharing mode On an IRF port that has multiple links, traffic is balanced across its physical links. You can configure the IRF port to distribute traffic based on certain criteria, including source IP address, destination IP address, Switch A Switch BIRF 1 (domain 10) IRF link Core network IRF 2 (domain 20) IRF link Switch C Switch D Access network
20
source MAC address, destination MAC address, or a combination of them. If a criteria combination is
not supported, the system displays an error message.
Configure the IRF link load sharing mode for IRF links in system view or IRF port view.
• In system view, the configuration is global and takes effect on all IRF ports.
• In IRF port view, the configuration is port specific and takes effect only on the specific IRF port.
An IRF port preferentially uses the port-specific lo ad sharing mode. If no port-specific load sharing mode
is available, it uses the global load sharing mode.
Configuring the global load sharing mode
Step Command Remarks
1. Enter system view.
system-view N/A
2. Configure the global
IRF link load sharing
mode. irf-port load-sharing mode { destination-ip
| destination-mac | source-ip |
source-mac } * By default, the switch uses source
and destination MAC addresses
for packets that have no IP
header, and uses source and
destination IP addresses for IP
packets.
Configuring port-specific load sharing criteria
Step Command Remarks
1.
Enter system view.
system-view N/A
2. Enter IRF port view.
irf-port member-id /port-number N/A
3. Configure the
port-specific load
sharing mode. irf-port load-sharing mode
{ destination-ip
| destination-mac | source-ip |
source-mac } * By default, the switch uses
source and destination MAC
addresses for packets that have
no IP header, and uses source
and destination IP addresses for
IP packets.
Configuring IRF bridge MAC persistence
An IRF fabric by default uses the bridge MAC address of the master switch as its bridge MAC address.
This bridge MAC address is used by Layer 2 protocols, for example, LACP, to identify the IRF fabric, and
must be unique on a switched LAN for proper communication.
To avoid duplicate bridge MAC addresses, an IRF fabric can automatically change its bridge MAC
address after its master leaves, but the change
can cause transient traffic interruption.
Depending on your network condition, enable the IRF fabric to preserve or change its bridge MAC
address after the master leaves. Available options include:
• irf mac-address persistent timer —Bridge MAC address of the IRF fabric persists for six minutes after
the master leaves. If the master does not come back before the timer expires, the IRF fabric uses the
bridge MAC address of the new master as its bridge MAC address. This option avoids unnecessary
21 bridge MAC address change due to a device reboot, transient link failure, or purposeful link disconnection. • irf mac-address persistent always —Bridge MAC address of the IRF fabric does not change after the master leaves. • undo irf mac-address persistent —Bridge MAC address of the new master replaces the original one as soon as the old master leaves. IMPORTANT: If ARP MAD is used, configure the undo irf mac-address persistent command to enable immediate brid ge MAC address change after a master leaves. If two IRF fabrics have the same bridge MAC address, they cannot merge. To configure the IRF bridge MAC persistence setting: Step Command Remarks 1. Enter system view. system-view N/A 2. Configure IRF bridge MAC persistence. • Keep the bridge MAC address unchanged even if the master has changed: irf mac-address persistent always • Preserve the bridge MAC address for six minutes after the master leaves: irf mac-address persistent timer • Change the bridge MAC address as soon as the master leaves: undo irf mac-address persistent By default, the IRF fabrics bridge MAC address persists permanently even after the master leaves. Enabling software auto-update for system software image synchronization To join an IRF fabric, a switch must use the same system software image as the master in the fabric. The software auto-update function automatically propag ates the system software image of the master to all members in the IRF fabric. If software auto-updat e is disabled, you must manually update the switch with the system software image of the master. When you add a switch to the IRF fabric, the software auto-update function compares the system software versions of the switch and the IRF master. If the versions are different, the switch automatically downloads the system software image from the master, sets the downloaded image as the system software for the next startup, and automatically reboots with the new system software image to re-join the IRF fabric. Before you use the software auto-update function, make sure: • The switch you are adding to the IRF fabric is compatible with the software version running on the master. If not, the automatic system software upgrading function cannot correctly work. • The switch you are adding to the IRF fabric has sufficient space for the new system software image. To enable the IRF fabric to automatically synchronize the system software of the master to the switch you are adding to the IRF fabric:
22 Step Command Remarks 1. Enter system view. system-view N/A 2. Enable the software auto-update function. irf auto-update enable By default, this function is disabled. In an IRF fabric enabled with software auto-update, if a software upgrade requires upgrading the Boot ROM image, use the following upgrading procedure: 1. Download the new system software image to the master device. 2. Use the bootrom update command to upgrade the Boot ROM image on the master. This step guarantees that the master can complete startup prior to other member switches. 3. Use the boot-loader file file -url slot slot-number main command to specify the system software image as the startup image for the master. 4. Reboot the entire IRF fabric to complete upgrading software. For the system software image and Boot ROM compatibility, see the release notes for the new software release. Setting the IRF link down report delay You can avoid IRF link flapping causing frequent IRF splits and merges during a short time by configuring the IRF ports to delay reporting link down events. An IRF port works as follows: • When the IRF link changes from up to down, the po rt does not immediately report the change to the IRF fabric. If the IRF link state is still down when the delay time is reached, the port reports the change to the IRF fabric. • When the IRF link changes from down to up, the li nk layer immediately reports the event to the IRF fabric. To set the IRF link down report delay: Step Command Remarks 1. Enter system view. system-view N/A 2. Set the IRF link down report delay. irf link-delay interval The default IRF link down report delay is 4 seconds. The recommended value range is 200 to 500 milliseconds. The greater the interval, the slower the service recovery. Configuring MAD You have the following MAD mechanisms for detect ing multi-active collisions in different network scenarios: • LACP MAD • BFD MAD • ARP MAD
23 These MAD detection mechanisms operate independently. You can configure all of them for an IRF fabric. Tabl e 1 pr ovides a reference for you to make a MAD mechanism selection decision. Table 1 A comparison of the MAD mechanisms MAD mechanism Advantages Disadvantages Application scenario LACP MAD • Detection speed is fast. • Requires no MAD-dedicated physical ports or interfaces. Requires an intermediate HP device that supports LACP MAD packets. Link aggregation is used between the IRF fabric and its upstream or downstream device. For information about LACP, see Layer 2—LAN Switching Configuration Guide . BFD MAD • Detection speed is fast. • No intermediate device is required. • Intermediate device, if used, can come from any vendor. • Requires MAD dedicated physical ports and Layer 3 interfaces, which cannot be used for transmitting user traffic. • If no intermediate device is used, the IRF members must be fully meshed. • If an intermediate device is used, every IRF member must connect to the intermediate device. • Suitable for various network scenarios. • If no intermediate device is used, this mechanism is only suitable for IRF fabrics that have a small number of members that are geographically close to one another. For information about BFD, see High Availability Configuration Guide . ARP MAD • No intermediate device is required. • Intermediate device, if used, can come from any vendor. • Requires no MAD dedicated ports. • Detection speed is slower than BFD MAD and LACP MAD. • MSTP must be enabled. MSTP-enabled non-link aggregation IPv4 network scenario. For information about ARP, see Layer 3—IP Services Configuration Guide . Configuring LACP MAD When you use LACP MAD, follow these guidelines: • The intermediate device must be an HP device that support extended LACP for MAD. • If the intermediate device is in an IRF fabric, assi gn this fabric a different domain ID than the LACP MAD-enabled fabric to avoid false detection of IRF partition. • Use dynamic link aggregation mode. MAD is LACP dependent. Even though LACP MAD can be configured on both static and dynamic aggregate interfaces, it takes effect only on dynamic aggregate interfaces. • Configure link aggregation settings also on the intermediate device. To c o n fig u re L AC P M A D :
24 Step Command Remarks 1. Enter system view. system-view N/A 2. Assign a domain ID to the IRF fabric. irf domain domain-id The default IRF domain ID is 0. 3. Create an aggregate interface and enter aggregate interface view. • Enter Layer 2 aggregate interface view: interface bridge-aggregation interface-number • Enter Layer 3 aggregate interface view: interface route-aggregation interface-number Use either command. Perform this step also on the intermediate device. The 5500 SI switch series does not support Layer 3 aggregate interfaces. 4. Configure the aggregation group to work in dynamic aggregation mode. link-aggregation mode dynamic By default, an aggregation group operates in static aggregation mode. Perform this step also on the intermediate device. 5. Enable LACP MAD. mad enable By default, LACP MAD is disabled. 6. Return to system view. quit N/A 7. Enter Ethernet interface view. interface interface-type interface-number N/A 8. Assign the Ethernet interface to the specified aggregation group. port link-aggregation group number Perform this step also on the intermediate device. Configuring BFD MAD When you configure BFD MAD, follow these guidelines: • You cannot enable BFD MAD detection on VLAN-interface 1. • Do not use the BFD MAD VLAN for any other purpose. No Layer 2 or Layer 3 features, including ARP and LACP, can work on the BFD MAD-enabled VL AN interface or any port in the VLAN. If you configure any other feature on the VLAN, neither the configured feature nor the BFD MAD function can work correctly. • Do not enable the spanning tree function on any port in a BFD MAD VLAN. The MAD function is mutually exclusive with the spanning tree function. • Do not bind a BFD MAD-enabled VLAN interface to any VPN. The MAD function is mutually exclusive with VPN. • To avoid anomalies, do not assign the BFD MAD-enabled VLAN interface a common IP address, for example, an IP address configured with the ip address command or a VRRP virtual IP address. • If an intermediate device is used, you must assign the ports of the BFD MAD links to the BFD MAD VLAN on the device. To configure BFD MAD: