No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

Configuration Guide - DCN and Server Management

CloudEngine 8800, 7800, 6800, and 5800 V200R003C00

This document describes the configurations of Trill, FCoE, DCB, and NLB Server Cluster Association.
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Licensing Requirements and Limitations for TRILL

Licensing Requirements and Limitations for TRILL

This section provides the points of attention when configuring Transparent Interconnection of Lots of Links (TRILL).

Involved Network Elements

Other network elements are required to support TRILL.

Licensing Requirements

TRILL is a basic feature of a switch and is not under license control.

Version Requirements

Table 1-3 Products and minimum version supporting TRILL

Device Model

Minimum Version Required

CE8860EI

V100R006C00

CE8850-32CQ-EI

V200R002C50

CE8850-64CQ-EI

V200R005C00

CE7855EI

V200R001C00

CE7850EI

V100R003C00

CE6875EI

V200R003C00

CE6870EI

V200R001C00

CE6860EI

V200R002C50

CE6850EI

V100R001C00

CE6850-48S6Q-HI

V100R005C00

CE6850-48T6Q-HI/CE6850U-HI/CE6851HI

V100R005C10

CE6855HI

V200R001C00

CE6856HI

V200R002C50

CE6810EI

V100R003C00

CE5850EI

V100R001C00

CE5850HI

V100R003C00

CE5855EI

V100R006C00

Feature Limitations

For CE switches excluding the CE6870EI and CE6875EI, TRILL conflicts with some other features:
  • In versions earlier than V200R001C00, Layer 2 port isolation does not take effect for Layer 2 packets that are encapsulated through TRILL and VXLAN tunnels. In V200R001C00 and later versions, Layer 2 port isolation takes effect for Layer 2 packets that are encapsulated at the VXLAN service access side on the CE6870EI and CE6875EI, and for TRILL packets that are encapsulated at the access side.

  • On a TRILL network, multicast traffic cannot be forwarded at line rate.

  • TRILL and FCF/NPV cannot be configured together.
  • When outbound mirroring is performed on TRILL unicast packets sent from the user side to the network side, the source MAC address, destination MAC address, and VLAN ID encapsulated for the packets received by the observing port are all 0s, but service data is correct.

  • In an SVF system in distributed or hybrid forwarding mode, both parent and leaf switches support TRILL. If leaf switches do not support TRILL (for example, CE6810LI switches), these switches cannot function as access-side devices or network-side devices. In an SVF system in centralized forwarding mode, parent switches support TRILL, and leaf switches can function only as TRILL user-side devices.

  • NetStream and sFlow cannot sample TRILL packets.

  • VBST cannot be associated with TRILL.

  • In the SVF system, VXLAN and TRILL services share chip resources. When VXLAN or TRILL services are configured, the switch will generate an alarm if chip resources are insufficient for the services. The services for which chip resources are unavailable will not take effect. To prevent this problem, delete any VXLAN or TRILL services that are not in use, and then configure required services again.
  • On a TRILL network, priority mapping can be performed based only on 802.1p priorities.
    • On an ingress node, the internal priority is mapped based on the 802.1p priority of the CE VLAN and the DiffServ domain of physical ports for receiving packets in the inbound direction. The 802.1p priority of the outer carrier VLAN is mapped based on the internal priority and DiffServ domain of the carrier VLAN in the outbound direction.
    • On a transit node, the internal priority is mapped based on the 802.1p priority of the carrier VLAN and DiffServ domain of physical ports for receiving packets in the inbound direction. The 802.1p priority of the outer carrier VLAN is mapped based on the internal priority and DiffServ domain of the carrier VLAN in the outbound direction.
    • On an egress node, the internal priority is mapped based on the 802.1p priority and DiffServ domain of the carrier VLAN in the inbound direction. The 802.1p priority of the inner CE VLAN is mapped based on the internal priority and DiffServ domain of the physical outbound interface in the outbound direction.
For CE6870EI and CE6875EI switches, TRILL conflicts with some other features:
  • When VXLAN is configured on the device, TRILL cannot be configured.

  • By default, the TRILL function cannot be configured together with any of the FCF, port security, MAC VLAN, blackhole MAC, MAC limit, disabling MAC address learning, URPF, DHCP snooping, or 802.1X functions. To use these functions together with TRILL, run the trill adjacency-check disable command. The TRILL function takes precedence over the preceding functions. If the TRILL function is configured after the preceding functions are configured, only the TRILL function takes effect.

  • When MPLS is configured on a device, TRILL cannot be enabled on the interfaces on the MPLS forwarding path. Otherwise, MPLS will not take effect.

  • NetStream and sFlow cannot sample TRILL packets.

  • VBST cannot be associated with TRILL.

  • On a TRILL network, priority mapping can be performed based only on 802.1p priorities.
    • On an ingress node, the internal priority is mapped based on the 802.1p priority and DiffServ domain of the CE VLAN in the inbound direction. The 802.1p priority of the outer carrier VLAN is mapped based on the internal priority and DiffServ domain of the CE VLAN in the outbound direction.
    • On a transit node, the internal priority is mapped based on the 802.1p priority and DiffServ domain of the carrier VLAN in the inbound direction. The 802.1p priority of the outer carrier VLAN is mapped based on the internal priority and DiffServ domain of the carrier VLAN in the outbound direction.
    • On an egress node, the internal priority is mapped based on the 802.1p priority and DiffServ domain of the carrier VLAN in the inbound direction. The 802.1p priority of the inner CE VLAN is mapped based on the internal priority and DiffServ domain of the carrier VLAN in the outbound direction.
Pay attention to the following points when configuring VLAN on a TRILL network:
  • A carrier VLAN must be a new VLAN. A CE VLAN and admin VLAN must be the VLANs created using the vlan command and different from the carrier VLAN.

  • A device can have a maximum of three carrier VLANs configured, and the carrier VLAN with the smallest VLAN ID defaults to be the DVLAN. You can also run the trill designated-vlan command to configure a DVLAN.

  • When a user network connects to the TRILL network through AFs, ensure that AFs can exchange TRILL packets over the user network. You need to configure devices of the user network to allow packets with DVLAN ID to pass through.

  • For switches excluding the CE6870EI and CE6875EI, after a CE VLAN is configured to permit user-side traffic of the TRILL network, the VLAN does not permit VXLAN traffic.

  • When the length of packets sent by user-side devices (CE VLAN) is smaller than 512 bytes for CE6870EI and CE6875EI switches, interfaces on a TRILL network may be unable to provide line-rate forwarding.

  • The transit node of the CE6870EI or CE6875EI switch on which a CE VLAN is configured will learn user MAC addresses of all CE VLANs.

  • In an SVF system running V100R005C10 and later versions, when the CE7850EI functions as a spine node and the CE6810LI functions as a leaf node, a maximum of 1300 CE VLANs can be configured.

  • In V100R005C00 and earlier versions, switches do not support the forwarding of TRILL packets at Layer 3 through routes after terminating these packets based on the CE VLAN or admin VLAN.

  • When a user network connects to the TRILL network through AFs, the admin VLAN must be configured on the TRILL network and an IP address must be configured for the VLANIF interface of the admin VLAN.

  • A TRILL CE VLAN or admin VLAN cannot be configured as a super VLAN.

  • For CE6870EI and CE6875EI switches, after TRILL multicast packets are decapsulated, these switches cannot look up the MAC address table to forward the packets based on inner packet information.
On a TRILL network, the port mode defaults to p2p. The port mode configuration rules are as follows:
  • When a port is at the edge of the TRILL network and connects to a user VLAN, the port mode is typically set to access.
  • When a port is in the middle of the TRILL network and transmits only TRILL packets, the port mode is typically set to trunk.
  • The ports between two RBs are typically set as p2p ports only on a P2P network.
  • If a port needs to connect to a user VLAN and transmit TRILL packets, the port mode is typically set to hybrid.
When configuring association between TRILL and MSTP (changing the root bridge mode), pay attention to the following points:
  • When the same bridge MAC address is configured for two devices using the stp bridge-address command, to simulate the two devices as one root bridge, ensure that all STP configurations of the two devices are the same, including the device priority and timer parameters.

  • Before configuring the stp tc-notify trill vlan vlan-id command on a device, you must configure the stp disable command on the device's interface that has the trill enable port-mode { hybrid | p2p | trunk } command configured. Otherwise, TC packets may be looped.
When configuring association between TRILL and MSTP (retaining the root bridge mode), pay attention to the following points to ensure that STP packets are transparently transmitted over a TRILL network:
  • An admin VLAN must be configured on the TRILL network and an IP address must be configured for the VLANIF interface of the admin VLAN.

  • The same PVID must be configured for the interfaces that have the stp tc-snooping notify trill command configured, and the PVID is the admin VLAN ID of the TRILL network.

  • On an STP/RSTP/MSTP network, the devices that connect the MSTP network to the TRILL network must be configured as root bridges.

  • On an STP/RSTP/MSTP network, ensure that the interface that connects the STP/RSTP/MSTP network to the TRILL network is not blocked. To prevent the interface from being blocked, set the path cost of the interface to the smallest value among those of other interfaces.

  • You need to run the stp edged-port disable command on the interface that connects an STP/RSTP/MSTP network to the TRILL network to configure the interface as a non-edge interface.

When configuring TRILL dual-homing access through an E-Trunk/M-LAG, pay attention to the following points:
  • To deploy TRILL dual-homing access through an E-Trunk, ensure that all devices on the TRILL networks run V100R003C00 or V100R003C10.

  • To deploy TRILL dual-homing access through an M-LAG, ensure that all devices on the TRILL networks run V100R005C00 or later.

  • In V100R005C00 and later versions, TRILL dual-homing access through an M-LAG conflicts with association between STP/RSTP/MSTP and TRILL. Therefore, the two functions cannot be configured together.

For CE switches excluding the CE6870EI and CE6875EI, when configuring a TRILL gateway, pay attention to the following points:
  • In an SVF system of fixed switches, ports of leaf switches cannot be added to the internal loopback interfaces of the TRILL gateway.

  • After you run the service type trill unicast command on an Eth-Trunk interface to be configured as a loopback interface, the Eth-Trunk interface and its physical member interfaces can only be used for the TRILL gateway and cannot be configured with other services. After the Eth-Trunk interface is configured as a loopback interface, the device forwarding performance will degrade. Additionally, ensure that the Eth-Trunk interface can provide sufficient bandwidth to send TRILL packets to the gateway. For example, if traffic is sent from users to the gateway across the TRILL network at a rate of 10 Gbit/s, add a 10GE interface or ten GE interfaces to the Eth-Trunk interface that you want to use as the internal loopback interface.

  • The TRILL gateway in internal loopback mode cannot forward multicast traffic at Layer 3.

  • After the TRILL gateway function is configured, the admin-VLAN does not support data traffic transmission.

  • In V100R005C10, after the TRILL gateway in internal loopback mode is configured, the VLANIF interface of a CE VLAN cannot establish neighbor relationships with other devices' interfaces through a TRILL network. In V100R006C00 and later versions, the VLANIF interface of a CE VLAN can establish only OSPF neighbor relationships but not neighbor relationships of other routing protocols with other devices' interfaces through a TRILL network.

  • In an SVF system in distributed forwarding mode, if the TRILL gateway function is configured, traffic sent from leaf nodes cannot be forwarded at Layer 3 through the TRILL gateway.

  • In V100R005C10, after MQC is configured on a TRILL gateway, if a device on the TRILL network does not learn the MAC address of the gateway, MQC does not take effect for the traffic forwarded from this device to the gateway.

When configuring the TRILL gateway function on the CE6870EI and CE6875EI, pay attention to the following points:
  • The TRILL gateway in internal loopback mode cannot forward multicast traffic at Layer 3.

  • After the TRILL gateway function is configured, the admin-VLAN does not support data traffic transmission.

  • The VLANIF interface of a CE VLAN can establish only OSPF neighbor relationships but not neighbor relationships of other routing protocols with other devices' interfaces through a TRILL network.

  • After the TRILL gateway function is configured, a traffic policy configured on the VLANIF interface of a CE VLAN matches only the inner IPv4 packets decapsulated from TRILL packets.

  • A TRILL gateway cannot forward QinQ packets that enter a TRILL domain at Layer 3.

  • After the TRILL gateway in internal loopback mode is configured on a device, the TRILL gateway in VLAN mapping mode cannot be configured on the device.

  • The CE6870EI and CE6875EI that has the TRILL gateway function configured can process at most 100 Gbit/s Layer 3 forwarded traffic.

  • In a TRILL gateway scenario or TRILL in-band network management scenario, after TRILL packets are decapsulated, inner packets are forwarded using routes or sent to the CPU. In this process, the outer source MAC address of TRILL packets is incorrectly learned. As a result, MAC address flapping occurs. To solve this problem, configure a whitelist for MAC address flapping detection.

When configuring TRILL OAM, pay attention to the following points:

  • In a stack, to view the TRILL unicast forwarding path or use the TRILL unicast trace function, specify the source interface.

  • The input parameter must be consistent with the actual hash factor so that a correct outbound interface can be obtained. If the user-entered hash factor is only the physical source interface, the device considers all the received packets as Layer 2 packets by default. If a user sends a non-Layer 2 packet, the actual Layer 3 hash factor of the device also needs to be entered. If the actual Layer 3 factor of the device only is the physical source interface, any of the src-ip, dst-ip, l4-src-port, and l4-dst-port also needs to be entered.

  • On a CE8860EI, CE8850EI, and CE6860EI, if you want to use flow-based TRILL unicast trace, specify the source-interface parameter to obtain a correct outbound interface. If the source-interface parameter indicates a TRILL user-side interface or TRILL user-side Eth-Trunk member interface, you must specify the dst-mac and ce-vlan parameters and ensure that the device's MAC address entries include the entries with the specified dst-mac and ce-vlan. Otherwise, the correct traffic forwarding path cannot be obtained.

  • For the CE8860EI, CE8850EI, and CE6860EI, if you run the display trill forwarding-path unicast command to check the TRILL unicast forwarding path, pay attention to the following points:
    • If the device is an ingress or egress node, you must specify the dst-mac, ce-vlan, and src-interface parameters and ensure that the device's MAC address entries include the entries with the specified dst-mac and ce-vlan. Otherwise, the correct traffic forwarding path cannot be obtained.
    • If the device is a transit node, you must specify the src-interface parameter. Otherwise, the correct traffic forwarding path cannot be obtained.
There are other configuration restrictions on a TRILL network:
  • NETs must be unique on the TRILL network. If NETs are not unique, route flapping will easily occur. Therefore, the parameters should be planned before you perform the operations.

  • Manually changing the nickname of a device will interrupt services on the TRILL network temporarily. Therefore, confirm your operation before changing the nickname. Nicknames of devices on the TRILL network must be unique.

  • For CE switches excluding the CE6870EI and CE6875EI, when the TRILL gateway function is implemented in VLAN mapping mode and Layer 3 forwarding is required for the traffic sent from the local CE VLAN, you need to configure VRRP on the VLANIF interface of the CE VLAN and do not configure a VLANIF interface for the VLAN before VLAN mapping.

  • After devices on a TRILL network are configured to perform pruning based on multicast groups, multicast data within the TRILL network can only be forwarded based on MAC addresses. Multiple IPv4 multicast addresses may be mapped to the same IPv4 multicast MAC address according to the multicast IP-and-MAC address mapping mechanism. When the MAC address-based multicast forwarding mode is used in a VLAN and the multicast IP address of a user and the multicast IP address reserved for a protocol are mapped to the same IP multicast MAC address, the protocol cannot run normally. For example, IP multicast address 224.0.0.5 is reserved for the OSPF protocol. If the user currently uses IP multicast address 225.0.0.5, the two IP multicast addresses are both mapped to IP multicast MAC address 01-00-5E-00-00-05. In this case, the OSPF protocol cannot run normally. Therefore, a proper IP multicast address plan must be made to prevent this problem.

  • When the TRILL interfaces between RBs use the P2P mode and have established a neighbor relationship, if the network-entity configuration changes, the new neighbor relationship needs to be re-established after the neighbor timeout period (which is specified by the timer lsp-max-age command and defaults to 1200 seconds) is reached.
  • To terminate the TRILL unicast forwarding process, delete the MAC address learned in a CE VLAN when deleting the CE VLAN on ingress and egress nodes.
Translation
Download
Updated: 2019-05-08

Document ID: EDOC1100004349

Views: 31799

Downloads: 120

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next