Configuring a Data Center Network Based on VS and VRRP

CloudEngine 16800, 12800, 9800, 8800, 7800, 6800, and 5800 Series Switches Typical Configuration Examples (V100 and V200)

Rate and give feedback:

Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).

Applicable Products and Versions

CE16800, CE12800, and CE12800E series switches (excluding the CE12800E configured with FD-X series cards)
V100R002C00 and later versions
For details about the mapping between software versions and switch models, see the Hardware Query Tool.

Networking Requirements

On the data center network shown in Figure 1-3, a CE12800 connects to multiple access switches. VSs need to be created on the CE12800 to function as core and aggregation switches and set up a three-layer network structure with one core switch, two aggregation switches, and multiple access switches. On the three-layer network, an access switch needs to be dual-homed to two aggregation switches, and VRRP needs to be configured on aggregation switches for gateway backup.

Figure 1-3 Networking of a VS- and VRRP-based data center network

Table 1-3 Data Preparation

Device Name	Interface Number	IP Address	Interconnected Device and Interface Number
Router	Eth-Trunk1 10GE1/0/1 10GE1/0/2	10.10.10.1/24	vs1: Eth-Trunk1
vs1	Eth-Trunk1 10GE1/0/1 10GE1/0/2	10.10.10.2/24	Router: Eth-Trunk1
	Eth-Trunk2 10GE1/0/3 10GE1/0/4	10.10.20.1/24	vs2: Eth-Trunk2
	Eth-Trunk3 10GE1/0/5 10GE1/0/6	10.10.30.1/24	vs3: Eth-Trunk3
vs2	Eth-Trunk2 10GE2/0/1 10GE2/0/2	10.10.20.2/24	vs1: Eth-Trunk2
	10GE2/0/3	VLANIF 10: 10.10.40.1/24	SwitchB: 10GE1/0/1
	10GE2/0/4	VLANIF 20: 10.10.50.1/24	SwitchC: 10GE1/0/1
vs3	Eth-Trunk3 10GE3/0/1 10GE3/0/2	10.10.30.2/24	vs1: Eth-Trunk3
	10GE3/0/3	VLANIF 10: 10.10.40.2/24	SwitchB: 10GE1/0/2
	10GE3/0/4	VLANIF 20: 10.10.50.2/24	SwitchC: 10GE1/0/2
SwitchB	10GE1/0/1	-	vs2: 10GE2/0/3
SwitchB	10GE1/0/2	-	vs3: 10GE3/0/3
SwitchC	10GE1/0/1	-	vs2: 10GE2/0/4
SwitchC	10GE1/0/2	-	vs3: 10GE3/0/4

Configuration Roadmap

The configuration roadmap is as follows:

Create VSs as core and aggregation switches.
Configure VRRP on aggregation switches VSs for gateway backup.
Configure routes between upstream and downstream devices to implement Layer 2 and Layer 3 interconnection.

Procedure

On Switch A, create vs1 as a core switch, and create vs2 and vs3 as aggregation switches.

The VS function is controlled by a license and is disabled on a new device by default. To use the VS function, apply for and purchase the license from the Huawei agent or Huawei local office.

# Create VS1, VS2, and VS3 in group mode, and assign interfaces in slots 1, 2, and 3 to VSs 1, 2, and 3 respectively.

<HUAWEI> system-view
[~HUAWEI] sysname SwitchA
[*HUAWEI] commit
[~SwitchA] admin
[~SwitchA-admin] virtual-system vs1
[*SwitchA-admin-vs:vs1] port-mode group
[*SwitchA-admin-vs:vs1] assign interface 10ge 1/0/0
Warning: All configurations of the interfaces will be deleted. Interfaces 10GE1/0/0-23 of the same group will be assigned. Continue? [Y/N]: y
[*SwitchA-admin-vs:vs1] quit
[*SwitchA-admin] virtual-system vs2
[*SwitchA-admin-vs:vs2] port-mode group
[*SwitchA-admin-vs:vs2] assign interface 10ge 2/0/0
Warning: All configurations of the interfaces will be deleted. Interfaces 10GE2/0/0-23 of the same group will be assigned. Continue? [Y/N]: y
[*SwitchA-admin-vs:vs2] quit
[*SwitchA-admin] virtual-system vs3
[*SwitchA-admin-vs:vs3] port-mode group
[*SwitchA-admin-vs:vs3] assign interface 10ge 3/0/0
Warning: All configurations of the interfaces will be deleted. Interfaces 10GE3/0/0-23 of the same group will be assigned. Continue? [Y/N]: y
[*SwitchA-admin-vs:vs3] commit
[~SwitchA-admin-vs:vs3] return

# Configure management IP addresses and management accounts for the VSs.

<SwitchA> switch virtual-system vs1
<SwitchA-vs1> system-view
[~SwitchA-vs1] interface MEth 0/0/0
[~SwitchA-vs1-MEth0/0/0] ip address 10.1.1.10 24
[*SwitchA-vs1-MEth0/0/0] quit
[*SwitchA-vs1] user-interface vty 0 4
[*SwitchA-vs1-ui-vty0-4] authentication-mode aaa
[*SwitchA-vs1-ui-vty0-4] user privilege level 3
[*SwitchA-vs1-ui-vty0-4] quit
[*SwitchA-vs1] aaa
[*SwitchA-vs1-aaa] local-user vs1_user password cipher VS1_password
[*SwitchA-vs1-aaa] local-user vs1_user service-type telnet
[*SwitchA-vs1-aaa] local-user vs1_user level 3
[*SwitchA-vs1-aaa] quit
[*SwitchA-vs1] undo telnet server disable
[*SwitchA-vs1] commit
[~SwitchA-vs1] quit
<SwitchA-vs1> quit

# The configurations of vs2 and vs3 are similar to that of vs1 and are not mentioned here.

Configure VLANs on the access and aggregation layers for Layer 2 interconnection.

# On vs2 and vs3, configure the interfaces that connect to SwitchB to allow packets from VLAN 10 to pass through.

<SwitchA> switch virtual-system vs2
<SwitchA-vs2> system-view
[~SwitchA-vs2] vlan batch 10
[*SwitchA-vs2] interface 10ge 2/0/3
[*SwitchA-vs2-10GE2/0/3] description To_SwitchB
[*SwitchA-vs2-10GE2/0/3] port link-type trunk
[*SwitchA-vs2-10GE2/0/3] undo port trunk allow-pass vlan 1
[*SwitchA-vs2-10GE2/0/3] port trunk allow-pass vlan 10
[*SwitchA-vs2-10GE2/0/3] quit
[*SwitchA-vs2] interface vlanif 10
[*SwitchA-vs2-Vlanif10] ip address 10.10.40.1 24
[*SwitchA-vs2-Vlanif10] commit
[~SwitchA-vs2-Vlanif10] return
<SwitchA-vs2> quit
<SwitchA> switch virtual-system vs3
<SwitchA-vs3> system-view
[~SwitchA-vs3] vlan batch 10
[*SwitchA-vs3] interface 10ge 3/0/3
[*SwitchA-vs3-10GE2/0/3] description To_SwitchB
[*SwitchA-vs3-10GE2/0/3] port link-type trunk
[*SwitchA-vs3-10GE2/0/3] undo port trunk allow-pass vlan 1
[*SwitchA-vs3-10GE2/0/3] port trunk allow-pass vlan 10
[*SwitchA-vs3] interface vlanif 10
[*SwitchA-vs3-Vlanif10] ip address 10.10.40.2 24
[*SwitchA-vs3-Vlanif10] commit
[~SwitchA-vs3-Vlanif10] return
<SwitchA-vs3> quit

# On SwitchB, configure the interfaces that connect to vs2 and vs3 to allow packets from VLAN 10 to pass through.

<HUAWEI> system-view
[~HUAWEI] sysname SwitchB
[*HUAWEI] commit
[~SwitchB] vlan batch 10
[*SwitchB] interface 10ge 1/0/1
[*SwitchB-10GE1/0/1] description To_vs2
[*SwitchB-10GE1/0/1] port link-type trunk
[*SwitchB-10GE1/0/1] undo port trunk allow-pass vlan 1
[*SwitchB-10GE1/0/1] port trunk allow-pass vlan 10
[*SwitchB-10GE1/0/1] quit
[*SwitchB] interface 10ge 1/0/2
[*SwitchB-10GE1/0/2] description To_vs3
[*SwitchB-10GE1/0/2] port link-type trunk
[*SwitchB-10GE1/0/2] undo port trunk allow-pass vlan 1
[*SwitchB-10GE1/0/2] port trunk allow-pass vlan 10
[*SwitchB-10GE1/0/2] quit
[*SwitchB] commit

# On vs2 and vs3, configure the interfaces that connect to SwitchC to allow packets from VLAN 20 to pass through according to the preceding configuration. The configuration is not mentioned here.

Configure VRRP on vs2 and vs3 at the aggregation layer.

# On vs2 and vs3, create VRRP group 1. Set the priority of vs2 to 120 and priority of vs3 to 100 so that vs2 becomes the master device to transmit SwitchB uplink traffic.

<SwitchA> switch virtual-system vs2
<SwitchA-vs2> system-view
[~SwitchA-vs2] interface vlanif 10
[~SwitchA-vs2-Vlanif10] vrrp vrid 1 virtual-ip 10.10.40.100
[*SwitchA-vs2-Vlanif10] vrrp vrid 1 priority 120
[*SwitchA-vs2-Vlanif10] commit
[~SwitchA-vs2-Vlanif10] return
<SwitchA-vs2> quit
<SwitchA> switch virtual-system vs3
<SwitchA-vs3> system-view
[~SwitchA-vs3] interface vlanif 10
[~SwitchA-vs3-Vlanif10] vrrp vrid 1 virtual-ip 10.10.40.100
[*SwitchA-vs3-Vlanif10] commit
[~SwitchA-vs3-Vlanif10] return
<SwitchA-vs3> quit

# On vs2 and vs3, create VRRP group 2. Set the priority of vs3 to 120 and priority of vs2 to 100 so that vs3 becomes the master device to transmit SwitchC uplink traffic.

<SwitchA> switch virtual-system vs2
<SwitchA-vs2> system-view
[~SwitchA-vs2] interface vlanif 20
[~SwitchA-vs2-Vlanif20] vrrp vrid 2 virtual-ip 10.10.50.100
[*SwitchA-vs2-Vlanif20] commit
[~SwitchA-vs2-Vlanif20] return
<SwitchA-vs2> quit
<SwitchA> switch virtual-system vs3
<SwitchA-vs3> system-view
[~SwitchA-vs3] interface vlanif 20
[~SwitchA-vs3-Vlanif20] vrrp vrid 2 virtual-ip 10.10.50.100
[*SwitchA-vs2-Vlanif20] vrrp vrid 2 priority 120
[*SwitchA-vs3-Vlanif20] commit
[~SwitchA-vs3-Vlanif20] return
<SwitchA-vs3> quit

Configure routes between the router, aggregation switches, and core switch to implement Layer 3 interconnection.

<SwitchA> switch virtual-system vs1
<SwitchA-vs1> system-view
[~SwitchA-vs1] ospf 1
[*SwitchA-vs1-ospf-1] area 0
[*SwitchA-vs1-ospf-1-area-0.0.0.0] network 10.10.10.0 0.0.0.255
[*SwitchA-vs1-ospf-1-area-0.0.0.0] network 10.10.20.0 0.0.0.255
[*SwitchA-vs1-ospf-1-area-0.0.0.0] network 10.10.30.0 0.0.0.255
[*SwitchA-vs1-ospf-1-area-0.0.0.0] commit
[~SwitchA-vs1-ospf-1-area-0.0.0.0] return
<SwitchA-vs1> quit

# Configure OSPF on the router, vs2, and vs3. The configurations of the router, vs2, and vs3 are similar to the configuration of vs1 and are not mentioned here.

Checking the Configuration

After the preceding configurations are complete, check whether servers can ping the router successfully (you need to set the default gateway for the servers). In this example, the servers ping the router.

PC> ping 10.10.10.1

Ping 10.10.10.1: 32 data bytes, Press Ctrl_C to break
From 10.10.10.1: bytes=32 seq=1 ttl=253 time=93 ms
From 10.10.10.1: bytes=32 seq=2 ttl=253 time=125 ms
From 10.10.10.1: bytes=32 seq=3 ttl=253 time=94 ms
From 10.10.10.1: bytes=32 seq=4 ttl=253 time=47 ms
From 10.10.10.1: bytes=32 seq=5 ttl=253 time=109 ms

--- 10.10.10.1 ping statistics ---
  5 packet(s) transmitted
  5 packet(s) received
  0.00% packet loss
  round-trip min/avg/max = 47/93/125 ms

Configuration Files

Configuration file of Router

#
sysname Router
#
interface Eth-Trunk1
 ip address 10.10.10.1 255.255.255.0
#
interface XGigabitEthernet1/0/1 
 eth-trunk 1
#
interface XGigabitEthernet1/0/2 
 eth-trunk 1
#
ospf 1
 area 0.0.0.0
  network 10.10.10.0 0.0.0.255
#
return

Configuration file of SwitchA

#
sysname SwitchA
#
admin
 virtual-system vs1 
  port-mode group
  resource u4route upper-limit 60000
  resource m4route upper-limit 1000
  resource u6route upper-limit 16000
  resource m6route upper-limit 100
  resource vlan upper-limit 4063
  resource mpls enable
  resource trill enable
  resource mcast enable
  resource vpn-instance upper-limit 4096
  resource cpu weight 5
  resource memory ratio-threshold 100
  assign interface 10GE1/0/0
  assign interface 10GE1/0/1
  assign interface 10GE1/0/2
  assign interface 10GE1/0/3
  assign interface 10GE1/0/4
  assign interface 10GE1/0/5
  assign interface 10GE1/0/6
  assign interface 10GE1/0/7
  assign interface 10GE1/0/8
  assign interface 10GE1/0/9
  assign interface 10GE1/0/10
  assign interface 10GE1/0/11
  assign interface 10GE1/0/12
  assign interface 10GE1/0/13
  assign interface 10GE1/0/14
  assign interface 10GE1/0/15
  assign interface 10GE1/0/16
  assign interface 10GE1/0/17
  assign interface 10GE1/0/18
  assign interface 10GE1/0/19
  assign interface 10GE1/0/20
  assign interface 10GE1/0/21
  assign interface 10GE1/0/22
  assign interface 10GE1/0/23
 virtual-system vs2 
  port-mode group
  resource u4route upper-limit 60000
  resource m4route upper-limit 1000
  resource u6route upper-limit 16000
  resource m6route upper-limit 100
  resource vlan upper-limit 4063
  resource mpls enable
  resource trill enable
  resource mcast enable
  resource vpn-instance upper-limit 4096
  resource cpu weight 5
  resource memory ratio-threshold 100
  assign interface 10GE2/0/0
  assign interface 10GE2/0/1
  assign interface 10GE2/0/2
  assign interface 10GE2/0/3
  assign interface 10GE2/0/4
  assign interface 10GE2/0/5
  assign interface 10GE2/0/6
  assign interface 10GE2/0/7
  assign interface 10GE2/0/8
  assign interface 10GE2/0/9
  assign interface 10GE2/0/10
  assign interface 10GE2/0/11
  assign interface 10GE2/0/12
  assign interface 10GE2/0/13
  assign interface 10GE2/0/14
  assign interface 10GE2/0/15
  assign interface 10GE2/0/16
  assign interface 10GE2/0/17
  assign interface 10GE2/0/18
  assign interface 10GE2/0/19
  assign interface 10GE2/0/20
  assign interface 10GE2/0/21
  assign interface 10GE2/0/22
  assign interface 10GE2/0/23
 virtual-system vs3 
  port-mode group
  resource u4route upper-limit 60000
  resource m4route upper-limit 1000
  resource u6route upper-limit 16000
  resource m6route upper-limit 100
  resource vlan upper-limit 4063
  resource mpls enable
  resource trill enable
  resource mcast enable
  resource vpn-instance upper-limit 4096
  resource cpu weight 5
  resource memory ratio-threshold 100
  assign interface 10GE3/0/0
  assign interface 10GE3/0/1
  assign interface 10GE3/0/2
  assign interface 10GE3/0/3
  assign interface 10GE3/0/4
  assign interface 10GE3/0/5
  assign interface 10GE3/0/6
  assign interface 10GE3/0/7
  assign interface 10GE3/0/8
  assign interface 10GE3/0/9
  assign interface 10GE3/0/10
  assign interface 10GE3/0/11
  assign interface 10GE3/0/12
  assign interface 10GE3/0/13
  assign interface 10GE3/0/14
  assign interface 10GE3/0/15
  assign interface 10GE3/0/16
  assign interface 10GE3/0/17
  assign interface 10GE3/0/18
  assign interface 10GE3/0/19
  assign interface 10GE3/0/20
  assign interface 10GE3/0/21
  assign interface 10GE3/0/22
  assign interface 10GE3/0/23
#
return

Configuration file of vs1

#
sysname vs1
#
aaa
 local-user vs1_user password cipher %^%#TT4N+w]%[C+rM>)S8Ti!'p1iV@RZh(3MO7QGd96Z%^%#
 local-user vs1_user service-type telnet
 local-user vs1_user level 3
#
interface MEth0/0/0
 ip address 10.1.1.10 255.255.255.0
#
interface Eth-Trunk1
 undo portswitch
 description To_Router
 ip address 10.10.10.2 255.255.255.0
#
interface Eth-Trunk2
 undo portswitch
 description To_vs2
 ip address 10.10.20.1 255.255.255.0
#
interface Eth-Trunk3
 undo portswitch
 description To_vs3
 ip address 10.10.30.1 255.255.255.0
#
interface 10GE1/0/1
 eth-trunk 1
#
interface 10GE1/0/2
 eth-trunk 1
#
interface 10GE1/0/3
 eth-trunk 2
#
interface 10GE1/0/4
 eth-trunk 2
#
interface 10GE1/0/5
 eth-trunk 3
#
interface 10GE1/0/6
 eth-trunk 3
#
ospf 1
 area 0.0.0.0
  network 10.10.10.0 0.0.0.255
  network 10.10.20.0 0.0.0.255
  network 10.10.30.0 0.0.0.255
#
user-interface vty 0 4
 authentication-mode aaa
 user privilege level 3
#
return

Configuration file of vs2

#
sysname vs2
#
vlan batch 10 20
#
aaa
 local-user vs2_user password cipher %^%#%j]%Lv%StAqIveR"YfuS<{^%;~p*$D<&&@X/Xs(/%^%#
 local-user vs2_user service-type telnet
 local-user vs2_user level 3
#
interface Vlanif10
 ip address 10.10.40.1 24
 vrrp vrid 1 virtual-ip 10.10.40.100
 vrrp vrid 1 priority 120
#
interface Vlanif20
 ip address 10.10.50.1 24
 vrrp vrid 2 virtual-ip 10.10.50.100
#
interface MEth0/0/0
 ip address 10.1.1.20 255.255.255.0
#
interface Eth-Trunk2
 undo portswitch
 description To_vs1
 ip address 10.10.20.2 255.255.255.0
#
interface 10GE2/0/1
 eth-trunk 2
#
interface 10GE2/0/2
 eth-trunk 2
#
interface 10GE2/0/3
 description To_SwitchB
 port link-type trunk
 undo port trunk allow-pass vlan 1
 port trunk allow-pass vlan 10
#
interface 10GE2/0/4
 description To_SwitchC
 port link-type trunk
 undo port trunk allow-pass vlan 1
 port trunk allow-pass vlan 20
#
ospf 1
 area 0.0.0.0
  network 10.10.20.0 0.0.0.255
  network 10.10.40.0 0.0.0.255
  network 10.10.50.0 0.0.0.255
#
user-interface vty 0 4
 authentication-mode aaa
 user privilege level 3
#
return

Configuration file of vs3

#
sysname vs3
#
vlan batch 10 20
#
aaa
 local-user vs3_user password cipher %^%#UcmwI^>OxIF$(.XyM&%I0J}ASW#3:OxGvM;^.yF!%^%#
 local-user vs3_user service-type telnet
 local-user vs3_user level 3
#
interface Vlanif10
 ip address 10.10.40.2 24
 vrrp vrid 1 virtual-ip 10.10.40.100
#
interface Vlanif20
 ip address 10.10.50.2 24
 vrrp vrid 2 virtual-ip 10.10.50.100
 vrrp vrid 2 priority 120
#
interface MEth0/0/0
 ip address 10.1.1.30 255.255.255.0
#
interface Eth-Trunk3
 undo portswitch
 description To_vs1
 ip address 10.10.30.2 255.255.255.0
#
interface 10GE3/0/1
 eth-trunk 3
#
interface 10GE3/0/2
 eth-trunk 3
#
interface 10GE3/0/3
 description To_SwitchB
 port link-type trunk
 undo port trunk allow-pass vlan 1
 port trunk allow-pass vlan 10
#
interface 10GE3/0/4
 description To_SwitchC
 port link-type trunk
 undo port trunk allow-pass vlan 1
 port trunk allow-pass vlan 20
#
ospf 1
 area 0.0.0.0
  network 10.10.30.0 0.0.0.255
  network 10.10.40.0 0.0.0.255
  network 10.10.50.0 0.0.0.255
#
user-interface vty 0 4
 authentication-mode aaa
 user privilege level 3
#
return

Configuration file of SwitchB at the access layer

#
sysname SwitchB
#
vlan batch 10
#
interface 10GE1/0/1
 description To_vs2
 port link-type trunk
 undo port trunk allow-pass vlan 1
 port trunk allow-pass vlan 10
#
interface 10GE1/0/2
 description To_vs3
 port link-type trunk
 undo port trunk allow-pass vlan 1
 port trunk allow-pass vlan 10
#
return

Configuration file of SwitchC at the access layer

#
sysname SwitchC
#
vlan batch 20
#
interface 10GE1/0/1
 description To_vs2
 port link-type trunk
 undo port trunk allow-pass vlan 1
 port trunk allow-pass vlan 20
#
interface 10GE1/0/2
 description To_vs3
 port link-type trunk
 undo port trunk allow-pass vlan 1
 port trunk allow-pass vlan 20
#
return

Translation

Español Français 日本語 Русский 简体中文

Download

Updated: 2021-10-21

Document ID: EDOC1000039339

Downloads: 10364

Average rating:

This Document Applies to these Products

Related Version

Digital Signature File

Digital Signature Authentication Mode