No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

NE40E V800R010C10SPC500 Configuration Guide - User Access 01

This is NE40E V800R010C10SPC500 Configuration Guide - User Access
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Configuring User Information Backup in Shared IP Address Pool Mode

Configuring User Information Backup in Shared IP Address Pool Mode

The sharing address pool mode needs additional links but the networking is flexible.

Context

If the exclusive IP address pool mode is used, a great number of address pools are needed. This wastes addresses. The shared IP address pool mode resolves this problem. To use the shared IP address pool mode:

  • Do not bind address pools to the RBP.
  • Both the master and backup devices must advertise their network segment routes to address pools and be configured with a route policy to ensure that the route advertised by the master device has a higher priority. This prevents load balancing on the network-side devices.
  • A protection tunnel, for example, an LSP, must be set up between the master and backup devices. If the uplink of a user fails, the downstream traffic of the user is diverted to the protection tunnel.
  • Bind the address pool to the RBS by running the ip-pool pool-name in the RBS view. This ensures that traffic at the network side can be forwarded through the protection tunnel before the host route is generated.
    NOTE:

    Only the primary address pool needs to be bound to the RBS. The secondary address pool does not need to be bound to the RBS.

Perform the following steps on each of the devices that back up each other:

Procedure

  • Configure the protection path in IP redirection mode for public users.

    To configure the protection path in IP redirection mode, deploy a directly connected link between the devices that back up each other.

    1. Run system-view

      The system view is displayed.

    2. Run remote-backup-service service-name

      The RBS view is displayed.

    3. Run protect redirect ip-nexthop ip-address interface interface-type interface-number

      The protection path is configured to work in IP redirection mode for public users. The peer IP address and local outbound interface must be specified.

    4. Run ip-pool pool-name

      The primary address pool is bound to the RBS.

    5. Run commit

      The configuration is committed.

  • Configure the protection path in tunnel mode for public users.
    1. Run system-view

      The system view is displayed.

    2. Run remote-backup-service service-name

      The RBS view is displayed.

    3. Run protect tnl-policy policy-name peer-ip ip-address [ interface interface-type interface-number ]

      The protection path is configured to be the label switched path (LSP), Multiprotocol Label Switching (MPLS) Traffic Engineering (TE) tunnel, or Generic Routing Encapsulation (GRE) tunnel for public users. The tunnel type is specified by the tunnel policy, and the outbound interface is optional.

    4. Run ip-pool pool-name

      The primary address pool is bound to the RBS.

    5. Run commit

      The configuration is committed.

  • Configure the protection path for VPN users.
    1. Run system-view

      The system view is displayed.

    2. Run remote-backup-service service-name

      The RBS view is displayed.

    3. Run protect ip-vpn-instance vpn-instance-name peer-ip ip-address [ interface interface-type interface-number ]

      The protection tunnel is configured for VPN users. You need to specify the VPN instance name. The peer IP address is the IP address of the loopback interface that is bind to the VPN instance on the peer device. In this case, the tunnel type cannot be specified. Instead, the tunnel is automatically selected by the device. The outbound interface is optional.

    4. Run ip-pool pool-name

      The primary address pool is bound to the RBS.

    5. Run commit

      The configuration is committed.

  • Configure a public and VPN protection tunnel template.
    1. Run system-view

      The system view is displayed.

    2. Run remote-backup-service service-name

      The RBS view is displayed.

    3. Run protect lsp-tunnel for-all-instance peer-ip ip-address

      A public and VPN protection tunnel template is configured.

    4. Run ip-pool pool-name

      The primary address pool is bound to the RBS.

    5. Run commit

      The configuration is committed.

    NOTE:

    The protect lsp-tunnel for-all-instance peer-ip command configures a protection tunnel template for both the public network and VPNs. After the command is run, a public protection tunnel is automatically created, and a VPN protection tunnel is triggered by user login, without needing to configure a protection tunnel for each VPN. This function simplifies tunnel configuration.

    To configure a specific public protection tunnel, run the protect tnl-policy policy-name peer-ip ip-address [ interface interface-type interface-number ] command; to configure a specific VPN protection tunnel, run the protect ip-vpn-instance vpn-instance-name peer-ip ip-address [ interface interface-type interface-number ] command. These two commands can be configured together with the protect lsp-tunnel for-all-instance peer-ip command. In this situation, the protect lsp-tunnel for-all-instance peer-ip command takes precedence.

Translation
Download
Updated: 2019-01-03

Document ID: EDOC1100055031

Views: 17680

Downloads: 72

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next