No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

Configuration Guide - Ethernet Switching

CloudEngine 8800, 7800, 6800, and 5800 V200R003C00

This document describes the configuration of Ethernet services, including configuring MAC address table, link aggregation, VLANs, MUX VLAN, Voice VLAN, VLAN mapping, QinQ, GVRP, VCMP, STP/RSTP/MSTP, VBST, SEP, RRPP, ERPS, LBDT, and Layer 2 protocol transparent transmission.
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Example for Configuring Active-Active VXLAN Access with Centralized Gateways in Static Mode

Example for Configuring Active-Active VXLAN Access with Centralized Gateways in Static Mode

Networking Requirements

In Figure 4-22, there are the following requirements when servers access the VXLAN network:
  • To ensure high reliability, the server is dual-homed to two leaf devices. When one access link fails, traffic can be rapidly switched to the other link.
  • To improve bandwidth utilization, two links are in active state simultaneously to load balance traffic.
Figure 4-22 VXLAN active-active access networking

Configuration Roadmap

The configuration roadmap is as follows:
  1. Configure a routing protocol on Leaf1, Leaf2, and Spine1 to ensure Layer 3 network connectivity.
  2. Configure basic VXLAN functions on Leaf1, Leaf2, and Spine1 to ensure VXLAN network connectivity.
  3. Create Eth-Trunks.
  4. Configure V-STP.

  5. Configure M-LAG.
    • Associate a DFS group with VXLAN on Leaf1 and Leaf2.
    • Configure a link between Leaf1 and Leaf2 as the peer link.
    • Bind the user-side Eth-Trunk to the DFS group on Leaf1 and Leaf2.
NOTE:

If the link through which Leaf1 is uplink connected to the VXLAN network fails, Leaf1 discards all received user traffic because no uplink outbound interface is available. You can configure a monitor-link to associate the uplink and downlink interfaces of Leaf1. When the uplink outbound interface of Leaf1 becomes Down, the downlink interface also becomes Down. Then user traffic will not be forwarded or discarded by Leaf1. For details about the monitor-link configuration, see Configuring the Uplink and Downlink Interfaces in a Monitor Link Group.

Data Preparation

The following data is needed to complete the configuration:

  • Interface IP addresses for device interconnection
  • Routing protocol: OSPF
  • VLAN ID to which servers belong: VLAN 10
  • BD ID: BD 10
  • VNI ID: VNI 5010

Precautions

  • When a CE6855HI, CE6856HI, or CE7855EI works as a Layer 3 VXLAN gateway, it can connect to a VXLAN network through VBDIF interfaces only. Otherwise, the switch cannot normally forward VXLAN packets.

VXLAN-related constraints are described in the procedure. To obtain more constraint information, see Licensing Requirements and Limitations for VXLANs.

Procedure

  1. Configure a routing protocol.

    # Configure Leaf1. The configurations on Spine1 and Leaf2 are similar to that on Leaf1, and are not mentioned here. When OSPF is used, the devices advertise the 32-bit loopback IP addresses.

    <HUAWEI> system-view
    [~HUAWEI] sysname Leaf1
    [*HUAWEI] commit
    [~Leaf1] interface loopback 1
    [*Leaf1-LoopBack1] ip address 10.2.2.2 32
    [*Leaf1-LoopBack1] quit
    [*Leaf1] interface loopback 2
    [*Leaf1-LoopBack2] ip address 10.3.3.3 32
    [*Leaf1-LoopBack2] quit
    [*Leaf1] interface 10ge 1/0/1
    [*Leaf1-10GE1/0/1] undo portswitch
    [*Leaf1-10GE1/0/1] ip address 192.168.1.1 24
    [*Leaf1-10GE1/0/1] quit
    [*Leaf1] ospf
    [*Leaf1-ospf-1] area 0
    [*Leaf1-ospf-1-area-0.0.0.0] network 10.2.2.2 0.0.0.0
    [*Leaf1-ospf-1-area-0.0.0.0] network 10.3.3.3 0.0.0.0
    [*Leaf1-ospf-1-area-0.0.0.0] network 192.168.1.0 0.0.0.255
    [*Leaf1-ospf-1-area-0.0.0.0] quit
    [*Leaf1-ospf-1] quit
    [*Leaf1] commit

    After OSPF is configured, the devices can learn the loopback IP address of each other and successfully ping each other.

  2. Configure the VXLAN tunnel mode and enable the VXLAN ACL extension function. (Perform this step on the CE6870EI/CE6875EI only.)

    # Configure Leaf1. The configurations on Leaf2 and Spine1 are similar to that on Leaf1, and are not mentioned here.

    [~Leaf1] ip tunnel mode vxlan
    [*Leaf1] assign forward nvo3 acl extend enable
    [*Leaf1] commit
    
    NOTE:

    After modifying the VXLAN tunnel mode or enabling the VXLAN ACL extension function, save the configuration and restart the device to make the configuration take effect. Restart the device immediately or after completing all the configurations.

  3. Configure VXLAN tunnels between Leaf1, Leaf2, and Spine1.

    # Configure Leaf1. The configuration on Leaf2 is similar to that on Leaf1, and is not mentioned here.

    [~Leaf1] bridge-domain 10
    [*Leaf1-bd10] vxlan vni 5010
    [*Leaf1-bd10] quit
    [*Leaf1] interface nve1
    [*Leaf1] mac-address 0000-5e00-0101
    [*Leaf1-Nve1] source 10.2.2.2
    [*Leaf1-Nve1] vni 5010 head-end peer-list 10.1.1.1
    [*Leaf1-Nve1] quit
    [*Leaf1] commit
    NOTE:

    Because Leaf1 and Leaf2 work as active-active access, you need to ensure that the IP addresses of NVE interfaces on the two devices are the same.

    # Configure Spine1.

    [~Spine1] bridge-domain 10
    [*Spine1-bd10] vxlan vni 5010
    [*Spine1-bd10] quit
    [*Spine1] interface nve1
    [*Spine1-Nve1] source 10.1.1.1
    [*Spine1-Nve1] vni 5010 head-end peer-list 10.2.2.2
    [*Spine1-Nve1] quit
    [*Spine1] commit

    After the configuration is complete, run the display vxlan vni command on Spine1. The command output shows that the VNI status is up. Run the display vxlan tunnel command, and you can see VXLAN tunnel information.

    [~Spine1] display vxlan vni
    Number of vxlan vni : 1
    VNI            BD-ID            State
    ---------------------------------------
    5010           10               up
    [~Spine1] display vxlan tunnel
    Number of vxlan tunnel : 1
    Tunnel ID   Source                Destination           State  Type     Uptime
    -----------------------------------------------------------------------------------
    4026531841  10.1.1.1              10.2.2.2              up     static   0035h21m

  4. Create an Eth-Trunk and add physical Ethernet interfaces to the Eth-Trunk.

    An uplink interface of a server connected to a switch needs to be bound to an aggregated link and the link aggregation mode of the server needs to be consistent with that of the switch.

    # Create an Eth-Trunk in LACP mode on Leaf1 and add physical Ethernet interfaces to the Eth-Trunk. The configuration on Leaf2 is similar to that on Leaf1, and is not mentioned here.

    [~Leaf1] interface eth-trunk 1
    [*Leaf1-Eth-Trunk1] mode lacp-static
    [*Leaf1-Eth-Trunk1] trunkport 10ge 1/0/4
    [*Leaf1-Eth-Trunk1] trunkport 10ge 1/0/5
    [*Leaf1-Eth-Trunk1] quit
    [*Leaf1] interface eth-trunk 10
    [*Leaf1-Eth-Trunk10] mode lacp-static
    [*Leaf1-Eth-Trunk10] trunkport 10ge 1/0/2
    [*Leaf1-Eth-Trunk10] quit
    [*Leaf1] interface 10ge 1/0/2
    [*Leaf1-10GE1/0/2] lacp force-up
    [*Leaf1-10GE1/0/2] quit
    [*Leaf1] commit

  5. Configure V-STP.

    # Configure Leaf1.

    [~Leaf1] stp mode rstp
    [*Leaf1] stp v-stp enable
    [*Leaf1] interface eth-trunk 10
    [*Leaf1-Eth-Trunk10] stp edged-port enable
    [*Leaf1-Eth-Trunk10] commit
    [~Leaf1-Eth-Trunk10] quit

    # Configure Leaf2.

    [~Leaf2] stp mode rstp
    [*Leaf2] stp v-stp enable
    [*Leaf2] interface eth-trunk 10
    [*Leaf2-Eth-Trunk10] stp edged-port enable
    [*Leaf2-Eth-Trunk10] commit
    [~Leaf2-Eth-Trunk10] quit

  6. Configure a DFS group on Leaf1 and Leaf2 respectively.

    # Configure Leaf1. The configuration on Leaf2 is similar to that on Leaf1, and is not mentioned here.

    [~Leaf1] dfs-group 1
    [*Leaf1-dfs-group-1] source ip 10.3.3.3
    [*Leaf1-dfs-group-1] quit
    [*Leaf1] commit

  7. Configure a link between Leaf1 and Leaf2 as the peer link.

    # Configure Leaf1. The configuration on Leaf2 is similar to that on Leaf1, and is not mentioned here.

    [~Leaf1] interface eth-trunk 1
    [~Leaf1-Eth-Trunk1] peer-link 1
    [*Leaf1-Eth-Trunk1] quit
    [*Leaf1] commit

  8. Bind the user-side Eth-Trunk to the DFS group on Leaf1 and Leaf2.

    # Configure Leaf1. The configuration on Leaf2 is similar to that on Leaf1, and is not mentioned here.

    [~Leaf1] interface eth-trunk 10
    [~Leaf1-Eth-Trunk10] dfs-group 1 m-lag 1
    [*Leaf1-Eth-Trunk10] quit
    [*Leaf1] commit

  9. Configure service access points on Leaf1 and Leaf2.

    # Configure Leaf1. The configuration on Leaf2 is similar to that on Leaf1, and is not mentioned here.

    [~Leaf1] vlan 10
    [*Leaf1-vlan10] quit
    [*Leaf1] bridge-domain 10
    [*Leaf1-bd10] l2 binding vlan 10
    [*Leaf1-bd10] quit
    [*Leaf1] interface eth-trunk 10
    [*Leaf1-Eth-Trunk10] port link-type trunk
    [*Leaf1-Eth-Trunk10] undo port trunk allow-pass vlan 1
    [*Leaf1-Eth-Trunk10] port trunk allow-pass vlan 10
    [*Leaf1-Eth-Trunk10] quit
    [*Leaf1] commit

  10. Verify the configuration.

    Run the display dfs-group 1 m-lag command to check M-LAG information.

    [~Leaf1] display dfs-group 1 m-lag
    *                : Local node
    Heart beat state : OK
    Node 1 *
      Dfs-Group ID   : 1
      Priority       : 100
      Address        : ip address 10.3.3.3
      State          : Master
      Causation      : -
      System ID      : 0025-9e95-7c11
      SysName        : Leaf1
      Version        : V200R003C00
      Device Type    : CE7850EI
    Node 2
      Dfs-Group ID   : 1
      Priority       : 100
      Address        : ip address 10.4.4.4
      State          : Backup
      Causation      : -
      System ID      : 0025-9e95-7c31
      SysName        : Leaf2
      Version        : V200R003C00
      Device Type    : CE7850EI

    Check M-LAG information on Leaf1.

    [~Leaf1] display dfs-group 1 node 1 m-lag brief
    * - Local node
    
    M-Lag ID     Interface      Port State    Status                Consistency-check
           1     Eth-Trunk 10   Up            active(*)-active      -
    
    Failed reason:
        1 -- Relationship between vlan and port is inconsistent
        2 -- STP configuration under the port is inconsistent
        3 -- STP port priority configuration is inconsistent
        4 -- LACP mode of M-LAG is inconsistent
        5 -- M-LAG configuration is inconsistent

    Check M-LAG information on Leaf2.

    [~Leaf2] display dfs-group 1 node 2 m-lag brief
    * - Local node
    
    M-Lag ID     Interface      Port State    Status                Consistency-check
           1     Eth-Trunk 10   Up            active(*)-active      -
    
    Failed reason:
        1 -- Relationship between vlan and port is inconsistent
        2 -- STP configuration under the port is inconsistent
        3 -- STP port priority configuration is inconsistent
        4 -- LACP mode of M-LAG is inconsistent
        5 -- M-LAG configuration is inconsistent

    Run the display bridge-domain 10 verbose command on Leaf1 and Leaf2 to view BD information. The display on Leaf1 is taken as an example.

    [~Leaf1] display bridge-domain 10 verbose
      Bridge-domain ID        : 10
      Description             :
      State                   : Up
      MAC Learning            : Enable
      Statistics              : Disable
      Broadcast               : Forward
      Unknown-unicast         : Forward
      Unknown-multicast       : Forward
      Split-horizon           : Disable
      Vxlan Vni               : 5010
    
      ----------------
    Interface                                State
      Eth-Trunk1.5010                        up
    

Configuration Files

  • Leaf1 configuration file (CE6870EI/CE6875EI)

    #
    sysname Leaf1
    #
    assign forward nvo3 acl extend enable
    #
    dfs-group 1
     source ip 10.3.3.3
    #
    vlan batch 10
    #
    stp mode rstp
    stp v-stp enable
    #
    bridge-domain 10
     l2 binding vlan 10
     vxlan vni 5010
    #
    interface Eth-Trunk1
     mode lacp-static
     peer-link 1
    #
    interface Eth-Trunk10
     port link-type trunk
     undo port trunk allow-pass vlan 1
     port trunk allow-pass vlan 10
     stp edged-port enable
     mode lacp-static
     dfs-group 1 m-lag 1
    #
    interface 10GE1/0/1
     undo portswitch
     ip address 192.168.1.1 255.255.255.0
    #
    interface 10GE1/0/2
     eth-trunk 10
     lacp force-up
    #
    interface 10GE1/0/4
     eth-trunk 1
    #
    interface 10GE1/0/5
     eth-trunk 1
    #
    interface LoopBack1
     ip address 10.2.2.2 255.255.255.255
    #
    interface LoopBack2
     ip address 10.3.3.3 255.255.255.255
    #
    interface Nve1
     source 10.2.2.2
     vni 5010 head-end peer-list 10.1.1.1
     mac-address 0000-5e00-0101#
    ospf 1
     area 0.0.0.0
      network 10.2.2.2 0.0.0.0
      network 10.3.3.3 0.0.0.0
      network 192.168.1.0 0.0.0.255
    #
    return
  • Leaf1 configuration file (except CE6870EI/CE6875EI)

    #
    sysname Leaf1
    #
    dfs-group 1
     source ip 10.3.3.3
    #
    vlan batch 10
    #
    stp mode rstp
    stp v-stp enable
    #
    bridge-domain 10
     l2 binding vlan 10
     vxlan vni 5010
    #
    interface Eth-Trunk1
     mode lacp-static
     peer-link 1
    #
    interface Eth-Trunk10
     port link-type trunk
     undo port trunk allow-pass vlan 1
     port trunk allow-pass vlan 10
     stp edged-port enable
     mode lacp-static
     dfs-group 1 m-lag 1
    #
    interface 10GE1/0/1
     undo portswitch
     ip address 192.168.1.1 255.255.255.0
    #
    interface 10GE1/0/2
     eth-trunk 10
     lacp force-up
    #
    interface 10GE1/0/4
     eth-trunk 1
    #
    interface 10GE1/0/5
     eth-trunk 1
    #
    interface LoopBack1
     ip address 10.2.2.2 255.255.255.255
    #
    interface LoopBack2
     ip address 10.3.3.3 255.255.255.255
    #
    interface Nve1
     source 10.2.2.2
     vni 5010 head-end peer-list 10.1.1.1
     mac-address 0000-5e00-0101#
    ospf 1
     area 0.0.0.0
      network 10.2.2.2 0.0.0.0
      network 10.3.3.3 0.0.0.0
      network 192.168.1.0 0.0.0.255
    #
    return
  • Leaf2 configuration file (CE6870EI/CE6875EI)

    #
    sysname Leaf2
    #
    assign forward nvo3 acl extend enable
    #
    dfs-group 1
     source ip 10.4.4.4
    #
    vlan batch 10
    #
    stp mode rstp
    stp v-stp enable
    #
    bridge-domain 10
     l2 binding vlan 10
     vxlan vni 5010
    #
    interface Eth-Trunk1
     mode lacp-static
     peer-link 1
    #
    interface Eth-Trunk10
     port link-type trunk
     undo port trunk allow-pass vlan 1
     port trunk allow-pass vlan 10
     stp edged-port enable
     mode lacp-static
     dfs-group 1 m-lag 1
    #
    interface 10GE1/0/1
     undo portswitch
     ip address 192.168.2.1 255.255.255.0
    #
    interface 10GE1/0/2
     eth-trunk 10
     lacp force-up
    #
    interface 10GE1/0/4
     eth-trunk 1
    #
    interface 10GE1/0/5
     eth-trunk 1
    #
    interface LoopBack1
     ip address 10.2.2.2 255.255.255.255
    #
    interface LoopBack2
     ip address 10.4.4.4 255.255.255.255
    #
    interface Nve1
     source 10.2.2.2
     vni 5010 head-end peer-list 10.1.1.1
     mac-address 0000-5e00-0101#
    ospf 1
     area 0.0.0.0
      network 10.2.2.2 0.0.0.0
      network 10.4.4.4 0.0.0.0
      network 192.168.2.0 0.0.0.255
    #
    return
  • Leaf2 configuration file (CE6870EI/CE6875EI)

    #
    sysname Leaf2
    #
    assign forward nvo3 acl extend enable
    #
    dfs-group 1
     source ip 10.4.4.4
    #
    vlan batch 10
    #
    stp mode rstp
    stp v-stp enable
    #
    bridge-domain 10
     l2 binding vlan 10
     vxlan vni 5010
    #
    interface Eth-Trunk1
     mode lacp-static
     peer-link 1
    #
    interface Eth-Trunk10
     port link-type trunk
     undo port trunk allow-pass vlan 1
     port trunk allow-pass vlan 10
     stp edged-port enable
     mode lacp-static
     dfs-group 1 m-lag 1
    #
    interface 10GE1/0/1
     undo portswitch
     ip address 192.168.2.1 255.255.255.0
    #
    interface 10GE1/0/2
     eth-trunk 10
     lacp force-up
    #
    interface 10GE1/0/4
     eth-trunk 1
    #
    interface 10GE1/0/5
     eth-trunk 1
    #
    interface LoopBack1
     ip address 10.2.2.2 255.255.255.255
    #
    interface LoopBack2
     ip address 10.4.4.4 255.255.255.255
    #
    interface Nve1
     source 10.2.2.2
     vni 5010 head-end peer-list 10.1.1.1
     mac-address 0000-5e00-0101#
    ospf 1
     area 0.0.0.0
      network 10.2.2.2 0.0.0.0
      network 10.4.4.4 0.0.0.0
      network 192.168.2.0 0.0.0.255
    #
    return
  • Leaf2 configuration file (except CE6870EI/CE6875EI)

    #
    sysname Leaf2
    #
    dfs-group 1
     source ip 10.4.4.4
    #
    vlan batch 10
    #
    stp mode rstp
    stp v-stp enable
    #
    bridge-domain 10
     l2 binding vlan 10
     vxlan vni 5010
    #
    interface Eth-Trunk1
     mode lacp-static
     peer-link 1
    #
    interface Eth-Trunk10
     port link-type trunk
     undo port trunk allow-pass vlan 1
     port trunk allow-pass vlan 10
     stp edged-port enable
     mode lacp-static
     dfs-group 1 m-lag 1
    #
    interface 10GE1/0/1
     undo portswitch
     ip address 192.168.2.1 255.255.255.0
    #
    interface 10GE1/0/2
     eth-trunk 10
     lacp force-up
    #
    interface 10GE1/0/3
     eth-trunk 10
     lacp force-up
    #
    interface 10GE1/0/4
     eth-trunk 1
    #
    interface 10GE1/0/5
     eth-trunk 1
    #
    interface LoopBack1
     ip address 10.2.2.2 255.255.255.255
    #
    interface LoopBack2
     ip address 10.4.4.4 255.255.255.255
    #
    interface Nve1
     source 10.2.2.2
     vni 5010 head-end peer-list 10.1.1.1
     mac-address 0000-5e00-0101#
    ospf 1
     area 0.0.0.0
      network 10.2.2.2 0.0.0.0
      network 10.4.4.4 0.0.0.0
      network 192.168.2.0 0.0.0.255
    #
    return
  • Spine1 configuration file (CE6870EI/CE6875EI)

    #
    sysname Spine1
    #
    assign forward nvo3 acl extend enable
    #
    bridge-domain 10
     vxlan vni 5010
    #
    interface 10GE1/0/1
     undo portswitch
     ip address 192.168.1.2 255.255.255.0
    #
    interface 10GE1/0/2
     undo portswitch
     ip address 192.168.2.2 255.255.255.0
    #
    interface LoopBack1
     ip address 10.1.1.1 255.255.255.255
    #
    interface Nve1
     source 10.1.1.1
     vni 5010 head-end peer-list 10.2.2.2
    #
    ospf 1
     area 0.0.0.0
      network 10.1.1.1 0.0.0.0
      network 192.168.1.0 0.0.0.255
      network 192.168.2.0 0.0.0.255
    #
    return
  • Spine1 configuration file (except CE6870EI/CE6875EI)

    #
    sysname Spine1
    #
    bridge-domain 10
     vxlan vni 5010
    #
    interface 10GE1/0/1
     undo portswitch
     ip address 192.168.1.2 255.255.255.0
    #
    interface 10GE1/0/2
     undo portswitch
     ip address 192.168.2.2 255.255.255.0
    #
    interface LoopBack1
     ip address 10.1.1.1 255.255.255.255
    #
    interface Nve1
     source 10.1.1.1
     vni 5010 head-end peer-list 10.2.2.2
    #
    ospf 1
     area 0.0.0.0
      network 10.1.1.1 0.0.0.0
      network 192.168.1.0 0.0.0.255
      network 192.168.2.0 0.0.0.255
    #
    return
Translation
Download
Updated: 2019-05-08

Document ID: EDOC1100004351

Views: 117011

Downloads: 290

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next