SupportDocumentationSwitchesData Center SwitchCloudEngine 12800&16800Configuration & CommissioningConfiguration Examples

CloudEngine 16800, 12800, 9800, 8800, 7800, 6800, and 5800 Series Switches Typical Configuration Examples (V100 and V200)

Example for Configuring M-LAG Lite

Example for Configuring M-LAG Lite

Applicable Products and Versions

CloudEngine 16800, 12800, 12800E, 9800, 8800, 7800, 6800, and 5800 series switches

V200R003C00 or later versions

For details about the mapping between software versions and switch models, see the Hardware Center.

Networking Requirements

On the network shown in Figure 1-10, in the data center, customers want to implement device independence at the access layer, control plane isolation and device fault isolation, and the version upgrade cannot be mutually affected. Inter-device link aggregation (single-machine) configuration ensures the decoupling of control planes between multiple devices. The device does not need to be configured with a heartbeat link to synchronize protocol packets to achieve dual-active forwarding.

Figure 1-10 M-LAG lite networks

Configuration Roadmap

The configuration roadmap is as follows:

  1. Configure the Eth-Trunk on Leaf switches connected to servers with the M-LAG lite way.

    To ensure successful Eth-Trunk negotiation, ensure that Leaf1 and Leaf2 have the same LACP system priority and Eth-Trunks have the same interface ID and LACP system ID. In addition, the Eth-Trunk member interfaces on the two leaf switches must have different numbers in the LACP protocol to prevent LACP negotiation failures.

    If a device that supports STP is connected to leaf switches in M-LAG Lite mode, disable STP on the device and run the stp edged-port enable command on the downlink interfaces of the leaf switches. Otherwise, STP flapping occurs on the device.

  2. Configure IP addresses on each interface.
  3. Create VLANIF interfaces on leaf switches and configure the same IP addresses and MAC address for the VLANIF interfaces to provide dual-active gateways.
    • A leaf switch must be a Layer 3 gateway but not a Layer 2 transparent transmission device. If a spine switch serves as a Layer 3 gateway and servers connect to leaf switches in M-LAG Lite mode, server ARP entries learned by the spine device will have two egresses and MAC address flapping occurs. Therefore, the leaf switch to which servers connect in M-LAG Lite mode must be a Layer 3 gateway.
    • To make leaf switches function as Layer 3 gateways, that is, all traffic from servers to leaf switches be forwarded at Layer 3 (including the traffic forwarded in the same Layer 2 domain), enable proxy ARP on leaf switches.
    • Configure the same IP addresses for gateways on Leaf 1 and Leaf2 so that ECMP load balancing is performed on the traffic from spine switches to leaf switches. If a link between a server and leaf switch fails, for example, a link between Server1 and Leaf1 becomes faulty, only one link is available for traffic transmission and the traffic from Server1 to Leaf1 may be interrupted due to hash-based ECMP. Therefore, you need to ensure that the gateway interface of a leaf switch can advertise the ARP Vlink direct route to its neighbors and advertise the host route translated by the ARP to spine switches. Then you need to configure a corresponding dynamic routing protocol on leaf switches to import the direct route. If the preceding fault occurs, the ARP entry mapping Server1 on Leaf1 is deleted, the ARP Vlink direct route is unavailable, and the traffic from spine switches to Server1 is forwarded to Leaf2 to ensure normal traffic forwarding.
    • To ensure normal communication between Server1 and Server2, after learning the ARP Vlink direct route advertised by leaf switches, spine switches advertise the route to other leaf switches. In normal cases, both the host routes translated by the ARP (not delivered to the forwarding entry) and the host routes advertised by spine switches are available on leaf switches. You need to set a higher priority for the host routes translated by the ARP, to ensure that the local ARP entries are forwarded. If a link between a server and leaf switch fails, for example, a link between Server1 and Leaf1 fails, the ARP entry mapping Server1 on Leaf1 is deleted, and the ARP Vlink direct route becomes unavailable. The traffic from Server2 to Server1 starts from Server2, Leaf1, Spine1 or Spine2, Leaf2, and finally arrives at Server1.
  4. Configure the routing protocol between the Leaf layer and the Spine layer switches to establish a neighbor relationship.

  5. On leaf layer switches, associate uplink and downlink interfaces with the Monitor Link group to prevent a user-side traffic forwarding failure and traffic loss due to the uplink fault.

Procedure

  1. Configure Inter-device link aggregation in LACP mode.

    # Configure Leaf1

    <HUAWEI> system-view
[~HUAWEI] sysname Leaf1  //Modify the device name to Leaf1.
[*HUAWEI] commit
[~Leaf1] vlan batch 100
[*Leaf1] interface eth-trunk 10
[*Leaf1-Eth-Trunk10] trunkport 10ge 1/0/3
[*Leaf1-Eth-Trunk10] mode lacp-static
[*Leaf1-Eth-Trunk10] lacp system-id 00e0-cf00-0000  //Configure the same LACP system ID on Leaf1 and Leaf2.
[*Leaf1-Eth-Trunk10] port link-type trunk
[*Leaf1-Eth-Trunk10] port trunk pvid vlan 100
[*Leaf1-Eth-Trunk10] port trunk allow-pass vlan 100
[*Leaf1-Eth-Trunk10] quit
[*Leaf1] interface eth-trunk 20
[*Leaf1-Eth-Trunk20] trunkport 10ge 1/0/4
[*Leaf1-Eth-Trunk20] mode lacp-static
[*Leaf1-Eth-Trunk20] lacp system-id 00e0-cf00-0001  //Configure the same LACP system ID on Leaf1 and Leaf2.
[*Leaf1-Eth-Trunk20] port link-type trunk
[*Leaf1-Eth-Trunk20] port trunk pvid vlan 100
[*Leaf1-Eth-Trunk20] port trunk allow-pass vlan 100
[*Leaf1-Eth-Trunk20] quit
[*Leaf1] lacp priority 100  //Configure the same LACP priority on Leaf1 and Leaf2.
[*Leaf1] commit

    # Configure Leaf2

    <HUAWEI> system-view
[~HUAWEI] sysname Leaf2  //Modify the device name to Leaf2.
[*HUAWEI] commit
[~Leaf2] vlan batch 100
[*Leaf2] interface eth-trunk 10
[*Leaf2-Eth-Trunk10] trunkport 10ge 1/0/3
[*Leaf2-Eth-Trunk10] mode lacp-static
[*Leaf2-Eth-Trunk10] lacp system-id 00e0-cf00-0000  //Configure the same LACP system ID on Leaf1 and Leaf2.
[*Leaf2-Eth-Trunk10] lacp port-id-extension enable  //Configure numbers of member interfaces of an Eth-Trunk in LACP mode on the Leaf2 to increase by 32768.
[*Leaf2-Eth-Trunk10] port link-type trunk
[*Leaf2-Eth-Trunk10] port trunk pvid vlan 100
[*Leaf2-Eth-Trunk10] port trunk allow-pass vlan 100
[*Leaf2-Eth-Trunk10] quit
[*Leaf2] interface eth-trunk 20
[*Leaf2-Eth-Trunk20] trunkport 10ge 1/0/4
[*Leaf2-Eth-Trunk20] mode lacp-static
[*Leaf2-Eth-Trunk20] lacp system-id 00e0-cf00-0001  //Configure the same LACP system ID on Leaf1 and Leaf2.
[*Leaf2-Eth-Trunk20] lacp port-id-extension enable  //Configure numbers of member interfaces of an Eth-Trunk in LACP mode on the Leaf2 to increase by 32768.
[*Leaf2-Eth-Trunk20] port link-type trunk
[*Leaf2-Eth-Trunk20] port trunk pvid vlan 100
[*Leaf2-Eth-Trunk20] port trunk allow-pass vlan 100
[*Leaf2-Eth-Trunk20] quit
[*Leaf2] lacp priority 100  //Configure the same LACP priority on Leaf1 and Leaf2.
[*Leaf2] commit

  2. Configure IP addresses on each interface.

    # Configure Spine1

    <HUAWEI> system-view
[~HUAWEI] sysname Spine1  //Modify the device name to Spine1.
[*HUAWEI] commit
[~Spine1] interface 10ge 1/0/1
[~Spine1-10GE1/0/1] undo portswitch
[*Spine1-10GE1/0/1] port-isolate l3 enable  //Enable Layer 3 port isolation. The CE5880EI and CE6880EI do not support Layer 3 port isolation.
[*Spine1-10GE1/0/1] ip address 192.168.1.1 24
[*Spine1-10GE1/0/1] quit
[*Spine1] interface 10ge 1/0/2
[*Spine1-10GE1/0/2] undo portswitch
[*Spine1-10GE1/0/2] port-isolate l3 enable  //Enable Layer 3 port isolation. The CE5880EI and CE6880EI do not support Layer 3 port isolation.
[*Spine1-10GE1/0/2] ip address 10.1.2.1 24
[*Spine1-10GE1/0/2] quit
[*Spine1] commit

    # Configure Spine2

    <HUAWEI> system-view
[~HUAWEI] sysname Spine2  //Modify the device name to Spine2.
[*HUAWEI] commit
[~Spine2] interface 10ge 1/0/1
[~Spine2-10GE1/0/1] undo portswitch
[*Spine2-10GE1/0/1] port-isolate l3 enable  //Enable Layer 3 port isolation. The CE5880EI and CE6880EI do not support Layer 3 port isolation.
[*Spine2-10GE1/0/1] ip address 10.10.1.1 24
[*Spine2-10GE1/0/1] quit
[*Spine2] interface 10ge 1/0/2
[*Spine2-10GE1/0/2] undo portswitch
[*Spine2-10GE1/0/2] port-isolate l3 enable  //Enable Layer 3 port isolation. The CE5880EI and CE6880EI do not support Layer 3 port isolation.
[*Spine2-10GE1/0/2] ip address 192.168.2.1 24
[*Spine2-10GE1/0/2] quit
[*Spine2] commit

    # Configure Leaf1

    [~Leaf1] interface 10ge 1/0/1
[~Leaf1-10GE1/0/1] undo portswitch
[*Leaf1-10GE1/0/1] port-isolate l3 enable  //Enable Layer 3 port isolation. The CE5880EI and CE6880EI do not support Layer 3 port isolation.
[*Leaf1-10GE1/0/1] ip address 192.168.1.2 24
[*Leaf1-10GE1/0/1] quit
[*Leaf1] interface 10ge 1/0/2
[*Leaf1-10GE1/0/2] undo portswitch
[*Leaf1-10GE1/0/2] port-isolate l3 enable  //Enable Layer 3 port isolation. The CE5880EI and CE6880EI do not support Layer 3 port isolation.
[*Leaf1-10GE1/0/2] ip address 192.168.2.2 24
[*Leaf1-10GE1/0/2] quit
[*Leaf1] commit

    # Configure Leaf2

    [~Leaf2] interface 10ge 1/0/1
[~Leaf2-10GE1/0/1] undo portswitch
[*Leaf2-10GE1/0/1] port-isolate l3 enable  //Enable Layer 3 port isolation. The CE5880EI and CE6880EI do not support Layer 3 port isolation.
[*Leaf2-10GE1/0/1] ip address 10.1.1.2 24
[*Leaf2-10GE1/0/1] quit
[*Leaf2] interface 10ge 1/0/2
[*Leaf2-10GE1/0/2] undo portswitch
[*Leaf2-10GE1/0/2] port-isolate l3 enable  //Enable Layer 3 port isolation. The CE5880EI and CE6880EI do not support Layer 3 port isolation.
[*Leaf2-10GE1/0/2] ip address 10.1.2.2 24
[*Leaf2-10GE1/0/2] quit
[*Leaf2] commit

  3. Create VLANIF interfaces on leaf switches and configure the same IP addresses and MAC address for the VLANIF interfaces to provide dual-active gateways.

    # Configure Leaf1

    [~Leaf1] interface vlanif 100
[*Leaf1-Vlanif100] ip address 172.16.1.2 24
[*Leaf1-Vlanif100] mac-address 0000-5e00-0101
[*Leaf1-Vlanif100] arp timeout 90  //Set the aging time of dynamic ARP entries to 90 seconds.
[*Leaf1-Vlanif100] arp proxy anyway enable  //Enable proxy ARP anyway on an interface, after the ARP request packet between the servers is captured on the Leaf layer, the ARP reply is performed on the interface MAC/IP of the Layer 3 gateway interface. After the upstream traffic of the server reaches the Leaf layer, Layer 3 forwarding is performed.
[*Leaf1-Vlanif100] arp delete trigger link-down enable  //Enables the device to delete ARP entries learned by an interface immediately after the interface link goes Down.
[*Leaf1-Vlanif100] arp direct-route enable   //Enable the ARP Vlink direct route function on the interface, and then redistribute the route to the neighbor through the routing protocol to prevent the route blackhole from being formed when the link is faulty.
[*Leaf1-Vlanif100] arp direct-route preference 1  //Set the priority of ARP Vlink direct routes to 1.
[*Leaf1-Vlanif100] arp direct-route delay 120    //(Optional) In V200R019C00 and later versions, you can configure a delay in advertising ARP Vlink direct routes to prevent traffic loss caused by slow ARP Vlink direct route establishment but fast route diversion. Only CE16800, CE12800, CE12800E, CE5880EI, CE6850HI, CE6850U-HI, CE6851HI, CE6855HI, CE6856HI, CE6857EI, CE6860EI, CE6865EI, CE6865SI, CE6870EI, CE6875EI, CE6880EI, CE6881, CE5881, CE6881K, CE6820, CE6863, CE6863K, CE6881E, CE7850EI, CE7855EI, CE8850EI, CE8861EI, CE6857E, CE6857F, CE6857S, CE8850E-32CQ-EI, CE9860EI, CE8868EI, and CE8860EI support this command.
[*Leaf1-Vlanif100] quit 
[*Leaf1] commit

    # Configure Leaf2

    [~Leaf2] interface vlanif 100
[*Leaf2-Vlanif100] ip address 172.16.1.2 24
[*Leaf2-Vlanif100] mac-address 0000-5e00-0101
[*Leaf2-Vlanif100] arp timeout 90  //Set the aging time of dynamic ARP entries to 90 seconds.
[*Leaf2-Vlanif100] arp proxy anyway enable  //Enable proxy ARP anyway on an interface, after the ARP request packet between the servers is captured on the Leaf layer, the ARP reply is performed on the interface MAC/IP of the Layer 3 gateway interface. After the upstream traffic of the server reaches the Leaf layer, Layer 3 forwarding is performed.
[*Leaf2-Vlanif100] arp delete trigger link-down enable  //Enables the device to delete ARP entries learned by an interface immediately after the interface link goes Down.
[*Leaf2-Vlanif100] arp direct-route enable   //Enable the ARP Vlink direct route function on the interface, and then redistribute the route to the neighbor through the routing protocol to prevent the route blackhole from being formed when the link is faulty.
[*Leaf2-Vlanif100] arp direct-route preference 1  //Set the priority of ARP Vlink direct routes to 1.
[*Leaf2-Vlanif100] arp direct-route delay 120    //(Optional) In V200R019C00 and later versions, you can configure a delay in advertising ARP Vlink direct routes to prevent traffic loss caused by slow ARP Vlink direct route establishment but fast route diversion. Only CE16800, CE12800, CE12800E, CE5880EI, CE6850HI, CE6850U-HI, CE6851HI, CE6855HI, CE6856HI, CE6857EI, CE6860EI, CE6865EI, CE6865SI, CE6870EI, CE6875EI, CE6880EI, CE6881, CE5881, CE6881K, CE6820, CE6863, CE6863K, CE6881E, CE7850EI, CE7855EI, CE8850EI, CE8861EI, CE6857E, CE6857F, CE6857S, CE8850E-32CQ-EI, CE9860EI, CE8868EI, and CE8860EI support this command.
[*Leaf2-Vlanif100] quit 
[*Leaf2] commit

    For a load balancing server connected to a leaf layer switch, the ARP reply or ARP request packet sent by the server is sent to the leaf1 device only because the HASH route is selected. The leaf 2 device cannot receive the ARP packet sent by the server. As a result, the ARP entry of the server is not learned on the interface. Therefore, the server can send ARP request packets on the interfaces of the two NICs periodically. If the server does not have the function, you can run the arp smart-discover enable command on the leaf layer switch to enable ARP active detection. The CE5810EI, CE5850EI, CE5850HI, CE5855EI, CE5855E, CE5855F, CE5880EI, CE6810EI, CE6850EI, CE6881K, CE6863K, CE6881E, CE6820, CE6881, CE5881, CE6863, CE6863E, and CE6880EI do not support this function.

  4. (Optional) Configure the traffic policy in the outbound direction to prevent the other servers from learning the ARP entries on the access switch.

    In V200R005C00 and earlier versions, the ARP entry can be learned by the hosts in the same domain. After the ARP entry is enabled, the hosts in the same domain can learn from each other. If the server server1 is changed from dual-homed to single-homed due to a link failure (link failure to the Leaf1 device), the traffic of the server accessing Server1 on the same network segment as the server Server1 is HASH to Leaf1, which will be different due to the Layer 2 domain. And cut off. In this scenario, you need to configure the global outbound application flow policy to prevent the connected service devices from learning each other's ARP entries.

    # Configure Leaf1

    [~Leaf1] arp fast-reply disable  //Disable the fast ARP reply function to ensure that the upstream ARP packets are not blocked by the traffic policy.
[*Leaf1] acl 4000
[*Leaf1-acl-L2-4000] rule 5 permit type arp
[*Leaf1-acl-L2-4000] quit
[*Leaf1] traffic classifier arp-no-forwarding type and
[*Leaf1-classifier-arp-no-forwarding] if-match acl 4000
[*Leaf1-classifier-arp-no-forwarding] quit
[*Leaf1] traffic classifier arp-forwarding type and
[*Leaf1-classifier-arp-forwarding] if-match acl 4000
[*Leaf1-classifier-arp-forwarding] if-match source-mac 0000-5e00-0101 ffff-ffff-ffff
[*Leaf1] quit
[*Leaf1] traffic behavior arp-forwarding
[*Leaf1-behavior-arp-forwarding] quit
[*Leaf1] traffic behavior arp-no-forwarding
[*Leaf1-behavior-arp-no-forwarding] deny
[*Leaf1-behavior-arp-no-forwarding] quit
[*Leaf1] traffic policy arp-no-forwarding
[*Leaf1-trafficpolicy-arp-no-forwarding] classifier arp-forwarding behavior arp-forwarding precedence 5
[*Leaf1-trafficpolicy-arp-no-forwarding] classifier arp-no-forwarding behavior arp-no-forwarding precedence 10
[*Leaf1-trafficpolicy-arp-no-forwarding] quit
[*Leaf1] traffic-policy arp-no-forwarding global outbound 
[*Leaf1] commit

    # Configure Leaf2

    [~Leaf2] arp fast-reply disable  //Disable the fast ARP reply function to ensure that the upstream ARP packets are not blocked by the traffic policy.
[*Leaf2] acl 4000
[*Leaf2-acl-L2-4000] rule 5 permit type arp
[*Leaf2-acl-L2-4000] quit
[*Leaf2] traffic classifier arp-no-forwarding type and
[*Leaf2-classifier-arp-no-forwarding] if-match acl 4000
[*Leaf2-classifier-arp-no-forwarding] quit
[*Leaf2] traffic classifier arp-forwarding type and
[*Leaf2-classifier-arp-forwarding] if-match acl 4000
[*Leaf2-classifier-arp-forwarding] if-match source-mac 0000-5e00-0101 ffff-ffff-ffff
[*Leaf2] quit
[*Leaf2] traffic behavior arp-forwarding
[*Leaf2-behavior-arp-forwarding] quit
[*Leaf2] traffic behavior arp-no-forwarding
[*Leaf2-behavior-arp-no-forwarding] deny
[*Leaf2-behavior-arp-no-forwarding] quit
[*Leaf2] traffic policy arp-no-forwarding
[*Leaf2-trafficpolicy-arp-no-forwarding] classifier arp-forwarding behavior arp-forwarding precedence 5
[*Leaf2-trafficpolicy-arp-no-forwarding] classifier arp-no-forwarding behavior arp-no-forwarding precedence 10
[*Leaf2-trafficpolicy-arp-no-forwarding] quit
[*Leaf2] traffic-policy arp-no-forwarding global outbound 
[*Leaf2] commit

  5. Configure BGP between the aggregation layer and the access layer switch to implement Layer 3 connectivity.

    # Configure Spine1

    [~Spine1] bgp 65009
[*Spine1-bgp] group leaf external
[*Spine1-bgp] peer 192.168.1.2 as-number 65020
[*Spine1-bgp] peer 192.168.1.2 group leaf
[*Spine1-bgp] peer 10.1.2.2 as-number 65021
[*Spine1-bgp] peer 10.1.2.2 group leaf
[*Spine1-bgp] load-balancing as-path-relax  //Disable the device from comparing the AS_Path attributes of the same length of the routes for load balancing. This ensures that the routes sent from different leaf switches to the spine switch can implement load balancing.
[*Spine1-bgp] timer keepalive 10 hold 30
[*Spine1-bgp] preference 20 200 10
[*Spine1-bgp] quit
[*Spine1] commit

    # Configure Spine2

    [~Spine2] bgp 65009
[*Spine2-bgp] group leaf external  
[*Spine2-bgp] peer 192.168.2.2 as-number 65020
[*Spine2-bgp] peer 192.168.2.2 group leaf
[*Spine2-bgp] peer 10.1.1.2 as-number 65021
[*Spine2-bgp] peer 10.1.1.2 group leaf
[*Spine2-bgp] load-balancing as-path-relax  //Disable the device from comparing the AS_Path attributes of the same length of the routes for load balancing. This ensures that the routes sent from different leaf switches to the spine switch can implement load balancing.
[*Spine2-bgp] timer keepalive 10 hold 30
[*Spine2-bgp] preference 20 200 10
[*Spine2-bgp] quit
[*Spine2] commit

    # Configure Leaf1

    [~Leaf1] bgp 65020
[*Leaf1-bgp] group spine external
[*Leaf1-bgp] peer spine as-number 65009  
[*Leaf1-bgp] peer 192.168.1.1 as-number 65009
[*Leaf1-bgp] peer 192.168.1.1 group spine
[*Leaf1-bgp] peer 192.168.2.1 as-number 65009
[*Leaf1-bgp] peer 192.168.2.1 group spine
[*Leaf1-bgp] timer keepalive 10 hold 30
[*Leaf1-bgp] preference 20 200 10
[*Leaf1-bgp] import-route direct  //Configure the switch to import direct routes. You can configure a routing policy to filter unnecessary routes.
[*Leaf1-bgp] quit
[*Leaf1] commit

    # Configure Leaf2

    [~Leaf2] bgp 65021
[*Leaf2-bgp] group spine external
[*Leaf2-bgp] peer spine as-number 65009  
[*Leaf2-bgp] peer 10.1.2.1 as-number 65009
[*Leaf2-bgp] peer 10.1.2.1 group spine
[*Leaf2-bgp] peer 10.1.1.1 as-number 65009
[*Leaf2-bgp] peer 10.1.1.1 group spine
[*Leaf2-bgp] timer keepalive 10 hold 30
[*Leaf2-bgp] preference 20 200 10
[*Leaf2-bgp] import-route direct  //Configure the switch to import direct routes. You can configure a routing policy to filter unnecessary routes.
[*Leaf2-bgp] quit
[*Leaf2] commit

    This example configures different ASs on Leaf1 and Leaf2. If the same AS is configured on Leaf1 and Leaf2, the peer allow-as-loop command needs to be added to ensure that the routes of different leaf switches can be advertised to each other after passing through the spine switch.

  6. On leaf layer switches, associate uplink and downlink interfaces with the Monitor Link group to prevent a user-side traffic forwarding failure and traffic loss due to the uplink fault.

    # Configure Leaf1

    [~Leaf1] monitor-link group 1
[*Leaf1-mtlk-group1] port 10ge 1/0/1 uplink
[*Leaf1-mtlk-group1] port 10ge 1/0/2 uplink
[*Leaf1-mtlk-group1] port eth-trunk 10 downlink 1
[*Leaf1-mtlk-group1] port eth-trunk 20 downlink 2
[*Leaf1-mtlk-group1] quit
[*Leaf1] commit

    # Configure Leaf2

    [~Leaf2] monitor-link group 1
[*Leaf2-mtlk-group1] port 10ge 1/0/1 uplink
[*Leaf2-mtlk-group1] port 10ge 1/0/2 uplink
[*Leaf2-mtlk-group1] port eth-trunk 10 downlink 1
[*Leaf2-mtlk-group1] port eth-trunk 20 downlink 2
[*Leaf2-mtlk-group1] quit
[*Leaf2] commit

Verifying the Configuration

  • Check the Eth-Trunk information of the device and check that the M-LAG Lite has been successfully negotiated with the server. The port status is Up.

    [~Leaf1] display eth-trunk 10
Eth-Trunk10's state information is:
(h): high priority
(r): reference port 
Local:
LAG ID: 10                      Working Mode: Static
Preempt Delay: Disabled         Hash Arithmetic: profile default
System Priority: 100            System ID: 00e0-cf00-0000
Least Active-linknumber: 1      Max Active-linknumber: 32 
Operating Status: up            Number Of Up Ports In Trunk: 1
Timeout Period: Slow
PortKeyMode: Auto          
--------------------------------------------------------------------------------
ActorPortName          Status   PortType PortPri PortNo PortKey PortState Weight
10GE1/0/3(hr)          Selected 10GE     32768   1      2625    10111100  1     

Partner:
--------------------------------------------------------------------------------
ActorPortName          SysPri   SystemID        PortPri PortNo PortKey PortState
10GE1/0/3              32768    00e0-fc12-2401  32768   1      2625    10111100 
    [~Leaf1] display eth-trunk 20
Eth-Trunk20's state information is:
(h): high priority
(r): reference port
Local:
LAG ID: 20                      Working Mode: Static
Preempt Delay: Disabled         Hash Arithmetic: profile default
System Priority: 100            System ID: 00e0-cf00-0001
Least Active-linknumber: 1      Max Active-linknumber: 32 
Operating Status: up            Number Of Up Ports In Trunk: 1
Timeout Period: Slow
PortKeyMode: Auto          
--------------------------------------------------------------------------------
ActorPortName          Status   PortType PortPri PortNo PortKey PortState Weight
10GE1/0/4(hr)          Selected 10GE     32768   2      5185    10111100  1     

Partner:
--------------------------------------------------------------------------------
ActorPortName          SysPri   SystemID        PortPri PortNo PortKey PortState
10GE1/0/4              32768    00e0-fc39-8b01  32768   1      5185    10111100

  • Check the device routing relationship establishment.

    [~Spine1] display bgp routing-table 
 BGP Local router ID is 10.1.1.190
 Status codes: * - valid, > - best, d - damped, h - history,
               i - internal, s - suppressed, S - Stale
 Origin      : i - IGP, e - EGP, ? - incomplete


 Total Number of Routes: 6 
        Network            NextHop                       MED        LocPrf    PrefVal Path/Ogn
        10.1.2.0/24        10.1.2.2                       0                     0      65021?
 *>     172.16.1.0/24     10.1.2.2                       0                     0      65021?
 *                         192.168.1.2                    0                     0      65021?
 *>     10.1.1.0/24        10.1.2.2                       0                     0      65021?
 *                         192.168.1.2                    0                     0      65021?
        192.168.1.0/24     192.168.1.2                    0                     0      65021?
    [~Spine1] display ip routing-table 
Proto: Protocol        Pre: Preference
Route Flags: R - relay, D - download to fib, T - to vpn-instance, B - black hole route
------------------------------------------------------------------------------
Routing Table : _public_
         Destinations : 15       Routes : 15        

Destination/Mask    Proto   Pre  Cost        Flags NextHop         Interface

        0.0.0.0/0   Static  60   0             RD  10.1.1.1        MEth0/0/0
       10.1.2.0/24  Direct  0    0             D   10.1.2.1        10GE1/0/2
       10.1.2.1/32  Direct  0    0             D   127.0.0.1       10GE1/0/2
     10.1.2.255/32  Direct  0    0             D   127.0.0.1       10GE1/0/2
      127.0.0.0/8   Direct  0    0             D   127.0.0.1       InLoopBack0
      127.0.0.1/32  Direct  0    0             D   127.0.0.1       InLoopBack0
127.255.255.255/32  Direct  0    0             D   127.0.0.1       InLoopBack0
     172.16.1.0/24  EBGP    20   0             RD  10.1.2.2        10GE1/0/2
       10.1.1.0/24  Direct  0    0             D   10.1.1.190      MEth0/0/0
     10.1.1.190/32  Direct  0    0             D   127.0.0.1       MEth0/0/0
     10.1.1.255/32  Direct  0    0             D   127.0.0.1       MEth0/0/0
    192.168.1.0/24  Direct  0    0             D   192.168.1.1     10GE1/0/1
    192.168.1.1/32  Direct  0    0             D   127.0.0.1       10GE1/0/1
  192.168.1.255/32  Direct  0    0             D   127.0.0.1       10GE1/0/1
255.255.255.255/32  Direct  0    0             D   127.0.0.1       InLoopBack0?

Configuration Files

  • Spine1 configuration file
    #
sysname Spine1
#
interface 10GE1/0/1
 undo portswitch
 ip address 192.168.1.1 255.255.255.0
 port-isolate l3 enable 
#
interface 10GE1/0/2
 undo portswitch
 ip address 10.1.2.1 255.255.255.0
 port-isolate l3 enable 
#
bgp 65009
 timer keepalive 10 hold 30
 group leaf external
 peer 10.1.2.2 as-number 65021
 peer 10.1.2.2 group leaf
 peer 192.168.1.2 as-number 65020
 peer 192.168.1.2 group leaf
 load-balancing as-path-relax
 #
 ipv4-family unicast
  preference 20 200 10
  peer leaf enable
  peer 10.1.2.2 enable
  peer 10.1.2.2 group leaf
  peer 192.168.1.2 enable
  peer 192.168.1.2 group leaf
#
return
  • Spine2 configuration file
    #
sysname Spine2
#
interface 10GE1/0/1
 undo portswitch
 ip address 10.1.1.1 255.255.255.0
 port-isolate l3 enable 
#
interface 10GE1/0/2
 undo portswitch
 ip address 192.168.2.1 255.255.255.0
 port-isolate l3 enable 
#
bgp 65009
 timer keepalive 10 hold 30
 group leaf external
 peer 10.1.1.2 as-number 65021
 peer 10.1.1.2 group leaf
 peer 192.168.2.2 as-number 65020
 peer 192.168.2.2 group leaf
 load-balancing as-path-relax
 #
 ipv4-family unicast
  preference 20 200 10
  peer leaf enable
  peer 10.1.1.2 enable
  peer 10.1.1.2 group leaf
  peer 192.168.2.2 enable
  peer 192.168.2.2 group leaf
#
return
  • Leaf1 configuration file (V200R005C00 and earlier versions)
    #
sysname Leaf1
#
arp fast-reply disable
#
vlan batch 100
#
lacp priority 100
#
traffic-policy arp-no-forwarding global outbound 
#
acl number 4000
 rule 5 permit type arp
#
traffic classifier arp-forwarding type and
 if-match acl 4000
 if-match source-mac 0000-5e00-0101 ffff-ffff-ffff 
#
traffic classifier arp-no-forwarding type and
 if-match acl 4000
#
traffic behavior arp-forwarding
#
traffic behavior arp-no-forwarding
 deny
#
traffic policy arp-no-forwarding
 classifier arp-forwarding behavior arp-forwarding precedence 5
 classifier arp-no-forwarding behavior arp-no-forwarding precedence 10
#
interface Vlanif100
 ip address 172.16.1.2 255.255.255.0
 arp timeout 90
 arp proxy anyway enable
 mac-address 0000-5e00-0101
 arp delete trigger link-down enable
 arp direct-route enable
 arp direct-route preference 1
#
interface Eth-Trunk10
 port link-type trunk
 port trunk pvid vlan 100
 port trunk allow-pass vlan 100
 mode lacp-static
 lacp system-id 00e0-cf00-0000
#
interface Eth-Trunk20
 port link-type trunk
 port trunk pvid vlan 100
 port trunk allow-pass vlan 100
 mode lacp-static
 lacp system-id 00e0-cf00-0001
#
interface 10GE1/0/1
 undo portswitch
 ip address 192.168.1.2 255.255.255.0
 port-isolate l3 enable 
#
interface 10GE1/0/2
 undo portswitch
 ip address 192.168.2.2 255.255.255.0
 port-isolate l3 enable 
#
interface 10GE1/0/3
 eth-trunk 10
#
interface 10GE1/0/4
 eth-trunk 20
#
monitor-link group 1
 port 10GE1/0/1 uplink
 port 10GE1/0/2 uplink
 port Eth-Trunk10 downlink 1
 port Eth-Trunk20 downlink 2
#
bgp 65020
 timer keepalive 10 hold 30
 group spine external
 peer spine as-number 65009
 peer 192.168.1.1 as-number 65009
 peer 192.168.1.1 group spine
 peer 192.168.2.1 as-number 65009
 peer 192.168.2.1 group spine
 #
 ipv4-family unicast
  preference 20 200 10
  import-route direct
  peer spine enable
  peer 192.168.1.1 enable
  peer 192.168.1.1 group spine
  peer 192.168.2.1 enable
  peer 192.168.2.1 group spine
#
return
  • Leaf2 configuration file (V200R005C00 and earlier versions)
    #
sysname Leaf2
#
arp fast-reply disable
#
vlan batch 100
#
lacp priority 100
#
traffic-policy arp-no-forwarding global outbound 
#
acl number 4000
 rule 5 permit type arp
#
traffic classifier arp-forwarding type and
 if-match acl 4000
 if-match source-mac 0000-5e00-0101 ffff-ffff-ffff 
#
traffic classifier arp-no-forwarding type and
 if-match acl 4000
#
traffic behavior arp-forwarding
#
traffic behavior arp-no-forwarding
 deny
#
traffic policy arp-no-forwarding
 classifier arp-forwarding behavior arp-forwarding precedence 5
 classifier arp-no-forwarding behavior arp-no-forwarding precedence 10
#
interface Vlanif100
 ip address 172.16.1.2 255.255.255.0
 arp timeout 90
 arp proxy anyway enable
 mac-address 0000-5e00-0101
 arp delete trigger link-down enable
 arp direct-route enable
 arp direct-route preference 1
#
interface Eth-Trunk10
 port link-type trunk
 port trunk pvid vlan 100
 port trunk allow-pass vlan 100
 mode lacp-static
 lacp system-id 00e0-cf00-0000
 lacp port-id-extension enable
#
interface Eth-Trunk20
 port link-type trunk
 port trunk pvid vlan 100
 port trunk allow-pass vlan 100
 mode lacp-static
 lacp system-id 00e0-cf00-0001
 lacp port-id-extension enable
#
interface 10GE1/0/1
 undo portswitch
 ip address 10.1.1.2 255.255.255.0
 port-isolate l3 enable 
#
interface 10GE1/0/2
 undo portswitch
 ip address 10.1.2.2 255.255.255.0
 port-isolate l3 enable 
#
interface 10GE1/0/3
 eth-trunk 10
 #
interface 10GE1/0/4
 eth-trunk 20
#
monitor-link group 1
 port 10GE1/0/1 uplink
 port 10GE1/0/2 uplink
 port Eth-Trunk10 downlink 1
 port Eth-Trunk20 downlink 2
#
bgp 65021
 timer keepalive 10 hold 30
 group spine external
 peer spine as-number 65009
 peer 10.1.1.1 as-number 65009
 peer 10.1.1.1 group spine
 peer 10.1.2.1 as-number 65009
 peer 10.1.2.1 group spine
 #
 ipv4-family unicast
  preference 20 200 10
  import-route direct
  peer spine enable
  peer 10.1.1.1 enable
  peer 10.1.1.1 group spine
  peer 10.1.2.1 enable
  peer 10.1.2.1 group spine
#
return
  • Leaf1 configuration file (V200R005C10 and later versions)
    #
sysname Leaf1
#
vlan batch 100
#
lacp priority 100
#
interface Vlanif100
 ip address 172.16.1.2 255.255.255.0
 arp timeout 90
 arp proxy anyway enable
 mac-address 0000-5e00-0101
 arp delete trigger link-down enable
 arp direct-route enable
 arp direct-route preference 1
 arp direct-route delay 120
#
interface Eth-Trunk10
 port link-type trunk
 port trunk pvid vlan 100
 port trunk allow-pass vlan 100
 mode lacp-static
 lacp system-id 00e0-cf00-0000
#
interface Eth-Trunk20
 port link-type trunk
 port trunk pvid vlan 100
 port trunk allow-pass vlan 100
 mode lacp-static
 lacp system-id 00e0-cf00-0001
#
interface 10GE1/0/1
 undo portswitch
 ip address 192.168.1.2 255.255.255.0
 port-isolate l3 enable 
#
interface 10GE1/0/2
 undo portswitch
 ip address 192.168.2.2 255.255.255.0
 port-isolate l3 enable 
#
interface 10GE1/0/3
 eth-trunk 10
#
interface 10GE1/0/4
 eth-trunk 20
#
monitor-link group 1
 port 10GE1/0/1 uplink
 port 10GE1/0/2 uplink
 port Eth-Trunk10 downlink 1
 port Eth-Trunk20 downlink 2
#
bgp 65020
 timer keepalive 10 hold 30
 group spine external
 peer spine as-number 65009
 peer 192.168.1.1 as-number 65009
 peer 192.168.1.1 group spine
 peer 192.168.2.1 as-number 65009
 peer 192.168.2.1 group spine
 #
 ipv4-family unicast
  preference 20 200 10
  import-route direct
  peer spine enable
  peer 192.168.1.1 enable
  peer 192.168.1.1 group spine
  peer 192.168.2.1 enable
  peer 192.168.2.1 group spine
#
return
  • Leaf2 configuration file (V200R005C10 and later versions)
    #
sysname Leaf2
#
vlan batch 100
#
lacp priority 100
#
interface Vlanif100
 ip address 172.16.1.2 255.255.255.0
 arp timeout 90
 arp proxy anyway enable
 mac-address 0000-5e00-0101
 arp delete trigger link-down enable
 arp direct-route enable
 arp direct-route preference 1
 arp direct-route delay 120
#
interface Eth-Trunk10
 port link-type trunk
 port trunk pvid vlan 100
 port trunk allow-pass vlan 100
 mode lacp-static
 lacp system-id 00e0-cf00-0000
 lacp port-id-extension enable
#
interface Eth-Trunk20
 port link-type trunk
 port trunk pvid vlan 100
 port trunk allow-pass vlan 100
 mode lacp-static
 lacp system-id 00e0-cf00-0001
 lacp port-id-extension enable
#
interface 10GE1/0/1
 undo portswitch
 ip address 10.1.1.2 255.255.255.0
 port-isolate l3 enable 
#
interface 10GE1/0/2
 undo portswitch
 ip address 10.1.2.2 255.255.255.0
 port-isolate l3 enable 
#
interface 10GE1/0/3
 eth-trunk 10
 #
interface 10GE1/0/4
 eth-trunk 20
#
monitor-link group 1
 port 10GE1/0/1 uplink
 port 10GE1/0/2 uplink
 port Eth-Trunk10 downlink 1
 port Eth-Trunk20 downlink 2
#
bgp 65021
 timer keepalive 10 hold 30
 group spine external
 peer spine as-number 65009
 peer 10.1.1.1 as-number 65009
 peer 10.1.1.1 group spine
 peer 10.1.2.1 as-number 65009
 peer 10.1.2.1 group spine
 #
 ipv4-family unicast
  preference 20 200 10
  import-route direct
  peer spine enable
  peer 10.1.1.1 enable
  peer 10.1.1.1 group spine
  peer 10.1.2.1 enable
  peer 10.1.2.1 group spine
#
return