Aruba JL849AAE Configuration Guide

HPE IMC Orchestrator 6.3 Security RBM

Scenario

Multiple Egresses and Primary/Backup

Egresses Configuration Guide

The information in this document is subject to change without notice.

i 
Contents 
Overview ························································································1 
Configure basic controller settings ·······················································2 
Log in to the controller··················································································································· 2 
Create a fabric ····························································································································· 2 
Configure virtual distributed switch VDS1 ························································································· 3 
Configure global controller settings ·································································································· 4 
Create an IP address pool ············································································································· 5 
Create VLAN pool VLAN300 ·········································································································· 5 
Create a device group ··················································································································· 6 
Configure VLAN-VXLAN mappings ·································································································· 7 
Create a tenant ···························································································································· 9 
Configure multiple egresses directly connected to external networks for a 
single fabric (network segmentation) ·················································· 10 
Network planning ······················································································································· 10 
Network topology ················································································································ 10 
Resource plan ···················································································································· 12 
Deployment workflow ·················································································································· 13 
Procedure ································································································································· 14 
Configure the underlay network ······························································································ 14 
Configure basic controller settings ·························································································· 14 
Add a border gateway ·········································································································· 15 
Bind gateways to tenants ······································································································ 18 
Add a virtual network ··········································································································· 19 
Add a vRouter ···················································································································· 21 
Add an external network ······································································································· 22 
Configure NQA profiles and bind the profiles to the external network ············································· 25 
Bind gateways and external networks to a vRouter ···································································· 27 
Verify the deployed configuration ···························································································· 29 
Configure NQA entries and startup settings ·············································································· 29 
Verify the service ················································································································· 32 
Configure underlay settings on ED devices in multiple fabrics ·················· 34 
Network planning ······················································································································· 34 
Network topology ················································································································ 34 
Resource plan ···················································································································· 38 
Deployment workflow ·················································································································· 38 
Procedure ································································································································· 38 
Configure the underlay network ······························································································ 38 
Configure basic controller settings ·························································································· 42 
Add a fabric connection ········································································································ 42 
View expected configuration deployment ················································································· 43 
Configure network segment-based primary and backup egresses across 
multiple fabrics ·············································································· 47 
Network planning ······················································································································· 47 
Network topology ················································································································ 47 
Resource plan ···················································································································· 52 
Configuration workflow ················································································································ 53 
Procedure ································································································································· 53 
Configure basic underlay network settings ··············································································· 53 
Configure basic controller settings ·························································································· 53 
Add a fabric connection ········································································································ 55 
Add a border gateway ·········································································································· 55 
Bind a border gateway to a tenant ·························································································· 57 

ii 
Add a virtual network and vRouters························································································· 57 
Add external networks ·········································································································· 60 
Configure primary and backup egresses to external networks through vRouters ······························ 65 
Add and bind NQA profiles ···································································································· 66 
Verify that the configuration has been deployed correctly ···························································· 67 
Configure track entries for quick route failover ·········································································· 69 
Configure the core device ····································································································· 69 
Verify the service ················································································································· 70 
Configure multi-fabric EVPN multicast ················································ 71 
Network planning ······················································································································· 71 
Network topology ················································································································ 71 
Resource plan ···················································································································· 72 
Deployment workflow ·················································································································· 73 
Procedure ································································································································· 73 
Configure basic underlay network settings ··············································································· 73 
Configure basic settings on the controller ················································································· 74 
Deploy the multi-fabric multicast network ················································································· 75 
Verify the service ················································································································· 83 
Configure direct Internet access with network segmentation in multifabric 
deployment ··················································································· 87 
Network planning ······················································································································· 87 
Network topology ················································································································ 87 
Resource plan ···················································································································· 90 
Deployment workflow ·················································································································· 92 
Procedure ································································································································· 92 
Configure basic underlay network settings ··············································································· 92 
Configure basic settings on the controller for network deployment ················································ 92 
Add a fabric connection ········································································································ 94 
Add the border gateways ······································································································ 95 
Bind the gateway to the tenant ······························································································· 96 
Add vNetworks and vRouters ································································································ 97 
Add the external network ···································································································· 100 
Configure primary and backup border gateways for Internet access without firewall protection ········· 105 
Configure NQA and bind NQA profiles to the external subnets ··················································· 106 
Verify that the configuration has been deployed correctly ·························································· 107 
Manually configure settings from the CLI of the devices ···························································· 109 
Verify the service ··············································································································· 110 
Configure direct Internet access with BGP in multifabric deployment ······· 111 
Network planning ····················································································································· 111 
Network topology ·············································································································· 111 
Resource plan ·················································································································· 114 
Deployment workflow ················································································································ 115 
Procedure ······························································································································· 116 
Configure basic underlay network settings ············································································· 116 
Configure external network switches manually ········································································ 116 
Configure basic settings on the controller for network deployment ·············································· 118 
Add a fabric connection ······································································································ 120 
Add the border gateways ···································································································· 121 
Bind the gateway to the tenant ····························································································· 122 
Add vNetworks and vRouters ······························································································ 123 
Bind the vRouter to border gateways ···················································································· 126 
Configure vRouter connections ···························································································· 127 
Configure BGP peers for border routers ················································································· 128 
Bind DRNI routed peer links to border routers ········································································· 130 
Verify configuration deployment ··························································································· 131 
Manually configure devices from the CLI ················································································ 147 
Verify the service ··············································································································· 147 

iii

O&M monitoring ··········································································· 149

1

Overview

This guide describes how to configure multiple egresses and primary/backup egresses in a

single-fabric or multi-fabric network.

Traffic that accesses the external network through a secure link passes a firewall. Traffic that

accesses the external network through a direct link directly accesses the external network through

the default route, without passing a firewall. This guide contains configuration in the following

scenarios:

• Configure multiple egresses directly connected to external networks for a single fabric (network

segmentation)

A single-fabric network has three direct link egresses: egress 1, egress 2, and egress 3. Egress

1 has the highest priority. When egress 1 fails, egress 2 takes over to forward traffic. When

egress 2 fails, egress 3 takes over to forward traffic.

• Configure underlay settings on ED devices in multiple fabrics

This section describes how to configure edge device underlay and fabric connection settings in

a multi-fabric network when the edge devices in all the fabrics are configured with DRNI.

• Configure network segment-based primary and backup egresses across multiple fabrics

A multi-fabric network has multiple direct link egresses. One egress acts as the primary egress

and the others act as backup egresses. When the primary egress fails, a backup egress takes

over to forward traffic to the external network.

• Configure multi-fabric EVPN multicast

Configure EVPN multicast for multicast receivers on one fabric to receive multicast traffic from a

multicast source (or server) on another fabric.

• Configure direct Internet access with network segmentation in multifabric deployment

On a multifabric network, configure static routes on each fabric to provide external connectivity

for direct Internet access without traversing a firewall. Internet-bound traffic on a fabric

traverses its local external connection as long as the connection is available. When the local

external connection is unavailable, Internet-bound traffic on fabric traverses the external

connection on a remote fabric.

• Configure direct Internet access with BGP in multifabric deployment

On a multi-fabric network, configure BGP routes on each fabric to provide external connectivity

for direct Internet access without traversing a firewall. Internet-bound traffic on a fabric

traverses its local external connection as long as the connection is available. When the local

external connection is unavailable, Internet-bound traffic on fabric traverses the external

connection on a remote fabric.

2

Configure basic controller settings

Log in to the controller

After the controller is deployed, you can log in to IMC PLAT through a browser to use the controller

features.

To log in to IMC PLAT, access the URL http://ip_address:30000/central/index.html through a

browser. The ip_address address is the northbound service virtual IP address of the Installer where

IMC PLAT resides.

Figure 1 Logging in to IMC PLAT

Create a fabric

1. Navigate to the Automation > Data Center Networks > Fabrics > Fabrics page.

2. Click Add, and then configure the parameters as follows:

 Specify a name for the fabric. In this example, set the fabric name to fabric1.

 Set the overlay BGP AS number. The AS number must be the same as the BGP AS number

of devices in the fabric. In this example, set the AS number to 100.

 Enable the multicast network and EPG controller features as needed.

 Configure other parameters as needed. In this example, the default settings are used.

3. Click OK.

3

Figure 2 Creating a fabric

4. Click the icon in the Actions column for the added fabric, and then click the Settings tab.

5. Configure advanced settings for the fabric as needed. In this example, the default settings are

used.

Figure 3 Configuring advanced fabric settings

Configure virtual distributed switch VDS1

1. Navigate to the Automation > Data Center Networks > Common Network Settings >

Virtual Distributed Switch page.

2. Click the edit icon in the Actions column for VDS1.

3. On the Carrier Fabric tab, select fabric fabric1.

4

Figure 4 Selecting a fabric for the VDS

4. Click the Advanced Settings tab, and then configure the parameters as follows:

 Set the bridge name to vds1-br.

 Set the VXLAN tunnel interface name to vxlan_vds1-br.

 Set the aging time for flow entries learned by the vSwitch to 300 seconds.

 Configure other parameters as needed. In this example, the default settings are used.

Figure 5 Configuring advanced settings

Configure global controller settings

Navigate to the Automation > Data Center Networks > Fabrics > Parameters page, and then click

the Controller Global Settings tab.

1. To run IPv6 services in the network, enable IPv6.

2. To reduce the ACL resource usage of switches, disable the controller from deploying the

security policy flow table to switching devices.

3. To enable the controller to automatically generate VRF names based on a specific rule, set the

VRF autonaming mode to rule-based. Then, the controller will automatically generate VRF

names in the tenant name_router name_Segment ID format.

5

Figure 6 Configuring global controller settings

Create an IP address pool

1. Navigate to the Automation > Data Center Networks > Resource Pools > IP Address Pools

page.

2. Click Add, and then configure the parameters as follows:

 Specify a name for the address pool.

 Select an address pool type.

 Select whether to use this address pool as the default address pool. Each address pool type

can have only one default address pool.

 Configure the address ranges.

3. Click Apply.

Figure 7 Creating an IP address pool

Create VLAN pool VLAN300

1. Navigate to the Automation > Data Center Networks > Resource Pools > VNID Pools >

VLANs page.

2. Click Add, and then configure the parameters as follows:

6

 Set the VLAN pool name to VLAN300.

 Set the VLAN pool type to tenant carrier network.

 Add VLAN ID range 300 to 399.

3. Click Apply.

Figure 8 Creating a VLAN pool

Create a device group

1. Navigate to the Automation > Data Center Networks > Fabrics > Fabrics page.

2. Click the icon in the Actions column for fabric1, and then click the Device groups tab.

3. Click Add, and then configure the basic parameters as follows:

 Specify a name for the device group.

 Select whether the device group is a remote device group. This parameter cannot be edited

after configuration.

 Select network positions as needed. This parameter cannot be edited after configuration. In

a single-fabric scenario, select border gateway. In a fabric interconnection scenario, select

border gateway and fabric interconnection. In a DC interconnection scenario, select border

gateway and DC interconnection.

 Set the HA mode to DRNI.

IMPORTANT:

In a fabric interconnection scenario, if edge device and border device are deployed on the same

device, only one device group is required, and select border gateway and fabric interconnection

as the network positions. If edge device and border device are deployed on different devices,

two device groups are required, select fabric interconnection as the network position for the

device group to which the edge device belongs, and select border gateway as the network

position for the device group to which the border device belongs.

4. Configure the border gateway parameters as needed. The connection mode cannot be edited

after configuration.

5. Add border devices to the device group.

6. Click Apply.

7

Figure 9 Creating a device group

Configure VLAN-VXLAN mappings

The following information is provided only for illustration purposes. For scenario-specific

configuration and data, see the basic controller settings for each scenario.

To configure VLAN-VXLAN mappings:

1. Navigate to the Automation > Data Center Networks > Resource Pools > VNID Pools >

VLAN-VXLAN Mappings page.

2. Click Add, select VLAN-VXLAN Mapping, and then perform the following tasks:

a. Enter a name for the mapping. In this example, set the mapping name to map1.

Figure 10 Configuring VLAN-VXLAN mappings

b. Click Add Mapping, and then configure the parameters as follows:

− Set the mapping name to map001.

− Set the start VLAN ID to 2001.

− Set the start VXLAN ID to 2001.

− Set the mapping range length to 4.

− Set the access mode to VLAN.

After the configuration, click Apply.

8

Figure 11 Adding VLAN-VXLAN mapping

c. Click Apply.

3. On the VLAN-VXLAN Mappings page, click the link in the Applied to Interfaces column for

map1.

You can also click the link in the Applied to Devices column to apply the VLAN-VXLAN

mapping to devices.

Figure 12 Applying the VLAN-VXLAN mapping to interfaces

4. Select the target devices, select the access or aggregate interfaces on the selected devices,

add the selected interfaces to the selected interface list, and then click Apply.

NOTE:

In this step for a manually deployed device, you must click Specify Downlink Interfaces to add

the downlink aggregate interfaces of the device to the available interface list. For automatically

deployed devices, you do not need to perform this step. The controller can automatically obtain

the aggregate interface information. This document uses automated deployment as an

example.

9

Figure 13 Selecting interfaces

Create a tenant

This section gives only a configuration example. For detailed configuration and data, see the basic

controller settings chapter for each scenario.

To create a tenant:

1. Navigate to the Automation > Data Center Networks > Tenant Management > All Tenants

page.

2. Click Add, and then configure the parameters as follows:

 Specify a tenant name. In this example, set the tenant name to tenant1.

 Select a VDS. In this example, select VDS1.

Figure 14 Creating a tenant

3. Click Apply.

10

Configure multiple egresses directly

connected to external networks for a

single fabric (network segmentation)

Network planning

Network topology

As shown in Figure 15, the core switch has multiple egresses directly connected to the Internet:

internet1, internet2, and internet3. Make sure the priorities of internet1, internet2, and internet3 are in

descending order for internet2 to take over services when internet1 is down and internet3 to take

over services when both internet1 and internet2 are down.

Use Table 1 to identify device connections.

Figure 15 Network diagram

Border1 Border2

Leaf1 Leaf2

Server1 Server2

peer-link

Spine1 Spine2

Leaf3 Leaf4

Server3 Server4

peer-link

Internet

Core Internet1 traffic

Internet2 traffic

External network traffic

Internet3 traffic

11

Table 1 Device IP address and interface description

Device

Description

Management IP

Service IPs and interfaces

Border 1

EVPN border device

192.168.11.8

• Loopback0 10.1.1.8/32

• HGE4/0/1 (connected to Border 2 HGE4/0/1)

• HGE4/0/2 (connected to Border 2 HGE4/0/2)

• XGE6/0/48 (connected to Border 2

XGE6/0/48)

• HGE4/0/3 (connected to Spine 1 HGE1/0/3)

• HGE4/0/4 (connected to Spine 2 HGE1/0/3)

Border 2

EVPN border device

192.168.11.9

• Loopback0 10.1.1.9/32

• HGE4/0/1 (connected to Border 1 HGE4/0/1)

• HGE4/0/2 (connected to Border 1 HGE4/0/2)

• XGE6/0/48 (connected to Border 1

XGE6/0/48)

• HGE4/0/3 (connected to Spine 1 HGE1/0/4)

• HGE4/0/4 (connected to Spine 2 HGE1/0/4)

Border 3

EVPN border device

192.168.11.10

• Loopback0 10.1.1.10/32

• HGE4/0/1 (connected to Border 4 HGE4/0/1)

• HGE4/0/2 (connected to Border 4 HGE4/0/2)

• XGE6/0/48 (connected to Border 2

XGE6/0/48)

• HGE4/0/3 (connected to Spine 1 HGE1/0/5)

• HGE4/0/4 (connected to Spine 2 HGE1/0/6)

Border 4

EVPN border device

192.168.11.11

• Loopback0 10.1.1.11/32

• HGE4/0/1 (connected to Border 3 HGE4/0/1)

• HGE4/0/2 (connected to Border 3 HGE4/0/2)

• XGE6/0/48 (connected to Border 1

XGE6/0/48)

• HGE4/0/3 (connected to Spine 1 HGE1/0/7)

• HGE4/0/4 (connected to Spine 2 HGE1/0/8)

Spine 1

Underlay physical

device

192.168.11.2

• Loopback0 10.1.1.2/32

• HGE1/0/3 (connected to Border 1 HGE4/0/3)

• HGE1/0/4 (connected to Border 2 HGE4/0/3)

• HGE1/0/5 (connected to Leaf 1 HGE1/0/25)

• HGE1/0/6 (connected to Leaf 2 HGE1/0/25)

• HGE1/0/7 (connected to Leaf 3 HGE1/0/27)

• HGE1/0/8 (connected to Leaf 4 HGE1/0/27)

Spine 2

Underlay physical

device

192.168.11.3

• Loopback0 10.1.1.3/32

• HGE1/0/3 (connected to Border 1 HGE4/0/4)

• HGE1/0/4 (connected to Border 2 HGE4/0/4)

• HGE1/0/5 (connected to Leaf 1 HGE1/0/27)

• HGE1/0/6 (connected to Leaf 2 HGE1/0/27)

• HGE1/0/7 (connected to Leaf 3 HGE1/0/25)

• HGE1/0/8 (connected to Leaf 4 HGE1/0/25)

Leaf 1

EVPN access

device

192.168.11.4

• Loopback0 10.1.1.4/32

• XGE1/0/9 (connected to Leaf 2 XGE1/0/9)

• HGE1/0/29 (connected to Leaf 2 HGE1/0/29)

• HGE1/0/30 (connected to Leaf 2 HGE1/0/30)

• HGE1/0/25 (connected to Spine1 HGE1/0/5)

• HGE1/0/27 (connected to Spine2 HGE1/0/5)

12

Device

Description

Management IP

Service IPs and interfaces

Leaf 2

EVPN access

device

192.168.11.5

• Loopback0 10.1.1.5/32

• XGE1/0/9 (connected to Leaf 1 XGE1/0/9)

• HGE1/0/29 (connected to Leaf 1 HGE1/0/29)

• HGE1/0/30 (connected to Leaf 1 HGE1/0/30)

• HGE1/0/25 (connected to Spine 1 HGE1/0/6)

• HGE1/0/27 (connected to Spine 2 HGE1/0/6)

Leaf 3

EVPN access

device

192.168.11.6

• Loopback0 10.1.1.6/32

• XGE1/0/9 (connected to Leaf 4 XGE1/0/9)

• HGE1/0/29 (connected to Leaf 4 HGE1/0/29)

• HGE1/0/30 (connected to Leaf 4 HGE1/0/30)

• HGE1/0/25 (connected to Spine 1 HGE1/0/7)

• HGE1/0/27 (connected to Spine 2 HGE1/0/8)

Leaf 4

EVPN access

device

192.168.11.7

• Loopback0 10.1.1.7/32

• XGE1/0/9 (connected to Leaf 3 XGE1/0/9)

• HGE1/0/29 (connected to Leaf 3 HGE1/0/29)

• HGE1/0/30 (connected to Leaf 3 HGE1/0/30)

• HGE1/0/25 (connected to Spine 1 HGE1/0/9)

• HGE1/0/27 (connected to Spine 2 HGE1/0/10)

NOTE:

In this example, the Spine and Border tiers use 12900E and the Leaf tier uses 5945. To use any

other devices, plan the network as needed. The interface connections are for illustration only.

Resource plan

Table 2 Resource plan

Item

Configuration example

Remarks

Management network

of physical devices

• 192.168.11.0/24

• Gateway: 192.168.11.1

N/A

Fabric

• Name: fabric1

• AS number: 100

N/A

VDS

• Name: VDS1

• Bearer fabric: fabric1

• VXLAN ID range: 1-16777215

The VXLAN ID range must

contain the VXLAN IDs in all

subnets of the VDS. The

VXLAN ID must be unique in

a LAN. Different VDSs

cannot be configured with the

same VXLAN ID.

External network 1

• Name: exnetwork1901

• Type: VLAN

• Network segmentation: Enabled

• Network segment name and segment ID:

 exnetwork1901_seg1

 Segment ID: 4006

 exnetwork1901_seg2

 Segment ID: 4007

 exnetwork1901_seg3

 Segment ID: 4008

N/A

13

Item

Configuration example

Remarks

• IPv4 subnet name, address, and gateway:

 Subnet name: v4exsubnet_int1

 Address: 100.0.6.0/24

 Gateway: 100.0.6.1

 Subnet name: v4exsubnet_int2

 Address: 100.0.7.0/24

 Gateway: 100.0.7.1

 Subnet name: v4exsubnet_int3

 Address: 100.0.8.0/24

 Gateway: 100.0.8.1

• IPv6 subnet name, address, and gateway:

 Subnet name: v6exsubnet_int1

 Address: 2001:100:0:6::/64

 Gateway: 2001:100:0:6::1

 Subnet name: v6exsubnet_int2

 Address: 2001:100:0:7::/64

 Gateway: 2001:100:0:7::1

 Subnet name: v6exsubnet_int3

 Address: 2001:100:0:8::/64

 Gateway: 2001:100:0:8::1

External network

service

• 19.1.1.0/24

• 19::/64

N/A

Deployment workflow

Figure 16 Deployment workflow

End

Required main process

Optional main process

Required sub process

Optional sub process

Configure controller

basics

Add border

gateway Add vNetwork

Add vRouter

Configure gateway

and service

resource

Configure tenant

network

Add fabric

Configure VDS

Configure global

parameters

Add border

device group

Add VLAN-to-

VXLAN mapping

Add tenant

Add external

network

Start Configure underlay

network

Allocate gateway to

tenant

Bind gateway and

external network to

vRouter

Add NQA profile and

bind profile to

external network

Configure NQA

entry and startup

setting

14

Procedure

Configure the underlay network

Configure and incorporate all switching devices in the network. For more information, see IMC

Orchestrator6.3 Underlay Network Configuration Guide.

Configure basic controller settings

For information about the configuration procedures, see "Configure basic controller settings." See

Table 3 for sample configuration.

Table 3 Basic controller settings

Item

Configuration example

Remarks

Add a fabric

• Basic:

 Name: fabric1

 AS number: 100

• Advanced:

 Unknown unicast suppression: Enabled

 Unknown multicast suppression: Enabled

 Broadcast suppression: Enabled

N/A

Configure a VDS

• Name: VDS1

• Bearer fabric: fabric1

• VXLAN ID range: 1-16777215

The VXLAN ID range

must contain the VXLAN

IDs in all subnets of the

VDS. The VXLAN ID must

be unique in a LAN.

Different VDSs cannot be

configured with the same

VXLAN ID.

Configure global

parameters

• IPv6 state: Enabled

• Deploy security policy flow table to switch

devices: Disabled

• VRF name generation: By rule

N/A

Add a device group

• Name: bdgroup1

• Position: Border gateway

• HA mode: DRNI

• Connection method: inter-subnet VLAN

• Address pool: Default address pool

• VLAN pool: Default VLAN pool

• Device group member: border1 and border2

You cannot edit the

position, remote device

group, firewall service,

and connection mode

after the group is added.

The firewall service and

position settings might

affect fabric expansion.

Please first plan the

network and then

configure the parameters.

Add a VLAN-to-VXLAN

mapping

• Name: map1

• VLAN-to-VXLAN mapping:

 Name: map1901

 Start VLAN ID: 2073

 Start VXLAN ID: 2073

 Mapping range length: 4

 Access mode: VLAN

• Apply to interface: Apply to all aggregate

interfaces on servers in server-leaf connections

Before applying a

mapping to an interface,

first navigate to the

Automation > Data

Center Networks >

Devices > Physical

Devices > Specify

Downlink Interfaces >

Specify Downlink

Interface [XXX] page and

configure the interface as

15

Item

Configuration example

Remarks

in the network

a downlink interface.

Add tenants

• Name: pulictenant1

• Name: tenant1

• VDS name: VDS1

N/A

Add a border gateway

Access the border gateway page and add the following non-shared gateways: gw1_internet1,

gw1_internet2, and gw1_internet3. For more information, see Table 4.

Table 4 Non-shared gateway configuration

Gateway name

Gateway sharing

Member name

Fabric

Device group

Priority

gw1_internet1

Disabled

gw1_member1

fabric1

Device group

bdgroup1

1

gw1_internet2

Disabled

gw1_member2

fabric1

Device group

bdgroup1

1

gw1_internet3

Disabled

gw1_member3

fabric1

Device group

bdgroup1

1

To configure a border gateway:

1. Navigate to the Automation > Data Center Networks > Common Network Settings >

Gateway page.

2. Click Add. Configure the following parameters:

 Gateway Name: gw1_internet1.

 Gateway Sharing: Off.

Figure 17 Adding border gateway gw1_internet1

3. Click Add Gateway Member. Configure the following parameters, and then click Apply:

 Member Name: gw1_member1.

 Fabric: fabric1.

 Device Group: bdgroup1.

 Priority: 1.

Page is loading ...

Aruba JL849AAE Configuration Guide

This manual is also suitable for

Aruba JL849AAE Configuration Guide

Related papers

Other documents