Aruba JL593A Configuration Guide

JL593A
Aruba
Brand
Aruba
Model
JL593A
Category
Networking
Type
Configuration Guide
1
Contents
Example: Configuring DRNI with MDT-based MVXLAN ································· 1
Network configuration ········································································································································ 1
Applicable product matrix ··································································································································· 3
Restrictions and guidelines ································································································································ 3
Configuring access devices ······························································································································· 4
Procedure summary ··································································································································· 4
Configuring access devices Switch A and Switch B ·················································································· 4
Configuring access device Switch E ········································································································ 11
Configuring core devices·································································································································· 11
Overlay traffic forwarding models····················································································································· 21
Overlay traffic characteristics ··················································································································· 21
Forwarding models ··································································································································· 21
Testing network convergence ·························································································································· 22
Verifying the configuration································································································································ 23
Verification commands ····························································································································· 23
Procedure ················································································································································· 23
Upgrading the devices ····································································································································· 27
Upgrading a leaf device ··························································································································· 27
Upgrading a spine device ························································································································· 28
Upgrading a border device ······················································································································· 29
Expanding the network····································································································································· 30
Adding a leaf device ································································································································· 30
Replacing hardware ········································································································································· 31
Replacing a device ··································································································································· 31
1
Example: Configuring DRNI with
MDT-based MVXLAN
Network configuration
As shown in Figure 1:
•
Switch A, Switch B, Switch C, Switch D, and Switch E are distributed EVPN gateways.
ï‚¡ Leaf devices Switch A and Switch B form a DR system through DRNI, and they use the IPL
to synchronize MAC and ARP entries to ensure MAC and ARP entry consistency. In this
example, an Ethernet aggregate link acts as the IPL.
ï‚¡ Switch C and Switch D form a DR system through DRNI, and the DR system acts all the
roles of spine, border, and leaf. In this example, an Ethernet aggregate link acts as the IPL.
ï‚¡ Switch E acts as a standalone leaf device.
•
Switch A and Switch B are connected to VM 1 and VM 2 through Ethernet links. On Switch A
and Switch B, the Ethernet links connected to the same VM are aggregated into a Layer 2
aggregation group to avoid single points of failure. Connect Switch C, Switch D, and VMs in
the same way Switch A, Switch B, VM 1, and VM 2 are connected.
•
VM 1 is the multicast source. VM 2, VM 3, VM 5, and VM 6 are multicast receivers in a private
network. VM 4 is a multicast receiver in the public network. They use MVXLAN to transmit
multicast traffic.
Figure 1 Network diagram
Switch A
Server 2
Multicast
receiver
Server 1
Multicast
source
Switch B
V
M
2
V
M
1
IPL
HGE2/0/30 Loop0
3.3.3.3/32
Server 5
Multicast
receiver
V
M
5
Switch E
Loop0
2.2.2.2/32
Loop1
1.2.3.4/32
Loop0
1.1.1.1/32
Loop1
1.2.3.4/32
Transport
network
Agg1
Multicast
receiver
Server 3
Multicast
receiver
Server 4
V
M
3
V
M
4
Server 6
Multicast
receiver
V
M
6
Switch D
Switch C
Loop0
4.4.4.4/32
Loop1
5.6.7.8/32
Loop0
5.5.5.5/32
Loop1
5.6.7.8/32
HGE1/0/25
HGE1/0/27
HGE1/0/30
HGE2/0/25
HGE2/0/27
HGE1/0/25
HGE1/0/27
HGE1/0/30
HGE1/0/31
IPL
HGE1/0/25
HGE1/0/27
HGE1/0/30
HGE1/0/31
HGE1/0/25
HGE1/0/26
Agg2
Agg2
Agg100
2
Table 1 Interface and IP address assignment
Device
Interface
IP address
Switch A
Loopback 0
1.1.1.1/32
Loopback 1
1.2.3.4/32
Loopback 2
1.2.3.4/32
HundredGigE 1/0/25
11.1.1.2/24
HundredGigE 1/0/27
12.1.1.2/24
HundredGigE 1/0/30
21.0.0.1/24
VSI-interface 1
10.1.1.1/24
VSI-interface 2
10.1.2.1/24
Switch B
Loopback 0
2.2.2.2/32
Loopback 1
1.2.3.4/32
Loopback 2
1.2.3.4/32
HundredGigE 2/0/25
13.1.1.2/24
HundredGigE 2/0/27
14.1.1.2/24
HundredGigE 2/0/30
21.0.0.2/24
VSI-interface 1
10.1.1.1/24
VSI-interface 2
10.1.2.1/24
Switch C
Loopback 0
4.4.4.4/32
Loopback 1
5.6.7.8/32
Loopback 2
5.6.7.8/32
HundredGigE 1/0/25
11.1.1.1/24
HundredGigE 1/0/27
13.1.1.1/24
HundredGigE 1/0/30
15.1.1.1/24
HundredGigE 1/0/31
21.1.0.1
VSI-interface 1
10.1.1.1/24
VSI-interface 2
10.1.2.1/24
VLAN-interface 100
100.1.1.3/24
Switch D
Loopback 0
5.5.5.5/32
Loopback 1
5.6.7.8/32
Loopback 2
5.6.7.8/32
HundredGigE 1/0/25
12.1.1.1/24
HundredGigE 1/0/27
14.1.1.1/24
HundredGigE 1/0/30
16.1.1.1/24
HundredGigE 1/0/31
21.1.0.2
VSI-interface 1
10.1.1.1/24
VSI-interface 2
10.1.2.1/24
VLAN-interface 100
100.1.1.4/24
Switch E
Loopback 0
3.3.3.3/32
Loopback 1
3.3.3.3/32
HundredGigE 1/0/25
15.1.1.2/24
HundredGigE 1/0/26
16.1.1.2/24
VSI-interface 1
10.1.1.1/24
3
Device
Interface
IP address
VSI-interface 2
10.1.2.1/24
Applicable product matrix
IMPORTANT:
In addition to running an
applicable software version, you must also install the most recent patch, if
any.
Device
Software version
HPE FlexFabric 5944 & 5945 Switch
Series R6710
HPE FlexFabric 5940 Switch Series R6710
HPE FlexFabric 5710 Switch Series R6710
HPE FlexFabric
12900E Switch
Series (Type X) R7624P08
Restrictions and guidelines
•
The member devices in a DR system must use the same DR system MAC address. Different
DR systems must each have a unique DR system MAC address on the network.
•
As a best practice, run a dynamic routing protocol between the spine devices and the external
network. If you use static routing, rebooting spine devices might cause traffic interruption. For
example, traffic interruption occurs if the service modules that provide IPP member ports,
keepalive interfaces, and DR interfaces start up slower than other service modules. To resolve
the issue, use one of the following solutions:
ï‚¡ Assign ports operating at the same rate to the IPPs on all service modules to ensure that
the IPPs are always restored first. If the member ports cannot operate at the same rate,
use the link-aggregation ignore speed command on the IPPs to ensure ports at all
rates can be selected. In this solution, hash congestion or uneven load sharing might
occur.
ï‚¡ On the spine devices, configure a monitor link group. To ensure that the uplink interfaces
always start up earlier than the downlink DR interfaces, assign all downlink DR member
ports to the monitor link group as uplink interfaces and assign all uplink interfaces to the
monitor link group as downlink interfaces. The maintainability of this solution is weak.
When you add, delete, or modify DR groups, you must update the uplink interfaces of the
monitor link group accordingly.
•
All ACs must be dual-homed to the DR member devices. Singlehomed ACs are not supported.
Multicast traffic load sharing is not supported. The IPL can only be an Ethernet aggregate link.
•
MVXLAN supports only IPv4 underlay networks and IPv4 overlay networks in the current
software version.
•
As a best practice, create frame match criteria based on VXLAN IDs for the dynamic ACs on
the IPL.
•
As a best practice to ensure correct traffic forwarding, do not allow IPPs or DR interfaces to
forward traffic in the VLANs to which transport-facing interfaces are assigned.
•
When a device plays all roles of leaf, border, and spine, packet loss occurs if the multicast
source is on the public network and the receivers are attached to ACs in VPN instances. If
4
such multicast traffic exists, do not configure a device to play all roles of leaf, border, and
spine.
Configuring access devices
Procedure summary
•
Configuring access devices Switch A and Switch B
•
Configuring access device Switch E
Configuring access devices Switch A and Switch B
Switch B
Description
ip vpn-instance vpn1 ip vpn-instance vpn1 Create VPN instance vpn1.
route-distinguisher 1:1 route-distinguisher 1:1 Configure an RD for the VPN
instance.
address-family ipv4 address-family ipv4 Enter VPN instance IPv4 address
family view.
vpn-target 2:2 vpn-target 2:2 Configure a route target for the
VPN instance.
quit quit N/A
address-family evpn address-family evpn Enter VPN instance EVPN view.
vpn-target 1:1 vpn-target 1:1 Configure a route target for
EVPN.
quit quit N/A
quit quit N/A
ospf 1 router-id 1.1.1.1 ospf 1 router-id 2.2.2.2 Enable OSPF process 1, specify
a route ID, and enter OSPF
process view.
stub-router include-stub on-startup
900 stub-router include-stub
on-startup 900
Configure the router as a stub
router during reboot and specify
the timeout time to 900 seconds.
area 0.0.0.0 area 0.0.0.0 Create an OSPF area.
quit quit N/A
quit quit N/A
interface loopback 0 interface loopback 0 Create interface Loopback 0.
pim sm pim sm Enable PIM SM on the interface.
ospf 1 area 0.0.0.0 ospf 1 area 0.0.0.0 Enable OSPF process 1 on the
interface.
quit quit N/A
interface loopback 1 interface loopback 1 Create interface Loopback 1.
pim sm pim sm Enable PIM SM on the interface.
ospf 1 area 0.0.0.0 ospf 1 area 0.0.0.0 Enable OSPF process 1 on the
interface.
5
Switch B
Description
quit quit N/A
interface loopback 2 interface loopback 2 Create interface Loopback 2.
ip binding vpn-instance vpn1 ip binding vpn-instance vpn1 Associate the interface with VPN
instance vpn1.
pim sm pim sm Enable PIM SM on the interface.
interface hundredgige 1/0/25 interface hundredgige 2/0/25 Enter interface view.
pim sm pim sm Enable PIM SM on the interface.
ospf 1 area 0.0.0.0 ospf 1 area 0.0.0.0 Enable OSPF process 1 on the
interface.
quit quit N/A
interface hundredgige 1/0/27 interface hundredgige 2/0/27 Enter interface view.
pim sm pim sm Enable PIM SM on the interface.
ospf 1 area 0.0.0.0 ospf 1 area 0.0.0.0 Enable OSPF process 1 on the
interface.
quit quit N/A
interface hundredgige 1/0/30 interface hundredgige 2/0/30 Enter interface view.
ospf 1 area 0.0.0.0 ospf 1 area 0.0.0.0 Enable OSPF process 1 on the
interface.
quit quit N/A
l2vpn enable l2vpn enable Enable L2VPN.
vxlan tunnel mac-learning disable vxlan tunnel mac-learning
disable Disable remote MAC learning.
vxlan tunnel arp-learning disable vxlan tunnel arp-learning
disable Disable remote ARP learning.
evpn global-mac 0001-0002-0003 evpn global-mac
0001-0002-0003 Specify a global EVPN MAC
address.
vsi vpn1 vsi vpn1 Create VSI vpn1 and enter VSI
view.
flooding disable unknown-unicast
unknown-multicast
flooding disable
unknown-unicast
unknown-multicast Disable flooding for the VSI.
vxlan 10 vxlan 10 Create VXLAN 10
and enter
VXLAN view.
quit quit N/A
evpn encapsulation vxlan evpn encapsulation vxlan Create an EVPN instance.
route-distinguisher auto route-distinguisher auto
Configure the switch to
automatically generate an RD for
the EVPN instance.
vpn-target auto vpn-target auto
Configure the switch to
automatically generate a route
target for the EVPN instance.
quit quit N/A
quit quit N/A
6
Switch B
Description
vsi vpn2 vsi vpn2 Create VSI vpn2 and enter VSI
view.
flooding disable unknown-unicast
unknown-multicast
flooding disable
unknown-unicast
unknown-multicast Disable flooding for the VSI.
vxlan 20 vxlan 20 Create VXLAN 20
and enter
VXLAN view.
quit quit N/A
evpn encapsulation vxlan evpn encapsulation vxlan Create an EVPN instance.
route-distinguisher auto route-distinguisher auto
Configure the switch to
automatically generate an RD for
the EVPN instance.
vpn-target auto vpn-target auto
Configure the switch to
automatically generate a route
target for the EVPN instance.
quit quit N/A
quit quit N/A
interface vsi-interface 1 interface vsi-interface 1 Create VSI-interface 1.
ip binding vpn-instance vpn1 ip binding vpn-instance vpn1
Associate the VSI interface with
VPN instance vpn1.
mac-address 0001-0001-0001 mac-address 0001-0001-0001 Specify a MAC
address for the
VSI interface.
local-proxy-arp enable local-proxy-arp enable Enable local proxy ARP.
distributed-gateway local distributed-gateway local Specify the VSI interface as a
distributed gateway.
pim distributed-dr pim distributed-dr
Configure the VSI interface as a
distributed designated router
interface.
igmp enable igmp enable Enable IGMP on the interface.
pim sm pim sm Enable PIM SM on the interface.
quit quit N/A
interface vsi-interface 2 interface vsi-interface 2 Create VSI-interface 2.
ip binding vpn-instance vpn1 ip binding vpn-instance vpn1
Associate the VSI interface with
VPN instance vpn1.
mac-address 0002-0002-0002 mac-address 0002-0002-0002
Specify a MAC address for the
VSI interface.
local-proxy-arp enable local-proxy-arp enable Enable local proxy ARP.
distributed-gateway local distributed-gateway local
Specify the VSI interface as a
distributed gateway.
pim distributed-dr pim distributed-dr
Configure the VSI interface as a
distributed designated router
interface.
igmp enable igmp enable Enable IGMP on the interface.
pim sm pim sm Enable PIM SM on the interface.
7
Switch B
Description
quit quit N/A
interface vsi-interface 3 interface vsi-interface 3 Create VSI-interface 3.
ip binding vpn-instance vpn1 ip binding vpn-instance vpn1
Associate the VSI interface with
VPN instance vpn1.
pim sm pim sm Enable PIM SM on the interface.
l3-vni 1000 l3-vni 1000 Configure the Layer 3 VXLAN ID
as 1000.
quit quit N/A
vsi vpn1 vsi vpn1 Enter the view of VSI vpn1.
gateway vsi-interface 1 gateway vsi-interface 1 Specify VSI-
interface 1 as the
gateway interface for the VSI.
quit quit N/A
vsi vpn2 vsi vpn2 Enter the view of VSI vpn2.
gateway vsi-interface 2 gateway vsi-interface 2 Specify VSI-
interface 2 as the
gateway interface for the VSI.
quit quit N/A
l2vpn drni peer-link ac-match-rule
vxlan-mapping l2vpn drni peer-link
ac-match-rule vxlan-mapping
Enable the switch to create frame
match criteria based on VXLAN
IDs for the dynamic ACs on the
IPL.
evpn drni group 1.2.3.4 evpn drni group 1.2.3.4
Enable EVPN distributed relay
and specify the virtual VTEP
address.
evpn drni local 1.1.1.1 remote
2.2.2.2 evpn drni local 2.2.2.2 remote
1.1.1.1
Specify the IP addresses of the
local and peer VTEPs in the DR
system.
drni restore-delay 300 drni restore-delay 300
Set the data restoration interval
to 300 seconds.
drni system-mac 0021-0021-0021 drni system-mac
0021-0021-0021 Configure the DR system MAC
address.
drni system-number 1 drni system-number 2 Set the DR system number.
drni system-priority 21 drni system-priority 21 Set the DR system priority.
drni standalone enable drni standalone enable Enable DRNI standalone mode.
drni
21.0.0.2 source 21.0.0.1 drni
keepalive ip destination
21.0.0.1 source 21.0.0.2 Configure DR keepalive packet
parameters.
interface bridge-aggregation 1 interface bridge-aggregation 1
Create Layer 2 aggregate
interface Bridge-Aggregation 1
and enter its view.
link-aggregation mode dynamic link-aggregation mode dynamic
Configure the aggregation group
to operate in dynamic
aggregation mode and enable
LACP.
quit quit N/A
interface hundredgige 1/0/29 interface hundredgige 2/0/29 Enter interface view.
port link-aggregation group 1 port link-aggregation group 1 A
ssign the interface to
8
Switch B
Description
aggregation group 1.
quit quit N/A
interface bridge-aggregation 1 interface bridge-aggregation 1
Enter the view of
Bridge-Aggregation 1.
port drni intra-portal-port 1 port drni intra-portal-port 1 Configure Bridge-Aggregation 1
as the IPP.
undo mac-
source-check enable undo mac-
address static
source-check enable
Dis
able static source check to
ensure correct Layer 3
forwarding over the IPL.
quit quit N/A
interface bridge-aggregation 2 interface bridge-aggregation 2 Create
Layer 2 aggregate
interface Bridge-Aggregation 2
and enter its view.
link-aggregation mode dynamic link-aggregation mode dynamic
Configure the aggregation group
to operate in dynamic
aggregation mode and enable
LACP.
port trunk pvid vlan 4040 port trunk pvid vlan 4040 Configure the Layer 2 aggregate
interface as a trunk port and set
its PVID to 4040.
quit quit N/A
interface hundredgige 1/0/26 interface hundredgige 2/0/26 Enter interface view.
port link-aggregation group 2 port link-aggregation group 2
Assign the interface to
aggregation group 2.
quit quit N/A
interface bridge-aggregation 2 interface bridge-aggregation 2 Enter the view of
Bridge-Aggregation 2.
port link-type trunk port link-type trunk Set the link type of the aggregate
interface to trunk.
undo port trunk permit vlan 1 undo port trunk permit vlan 1
Remove the aggregate interface
from VLAN 1.
port trunk permit vlan 2 to 3 port trunk permit vlan 2 to 3 Assign the aggregate interface to
VLANs 2 and 3.
port drni group 2 port drni group 2 Assign the aggregate interface to
DR group 2.
quit quit N/A
drni
hundredgige 1/0/25 drni
mad exclude interface
hundredgige 2/0/25
Exclude an interface from the
DRNI MAD shutdown action.
drni
hundredgige 1/0/27 drni
mad exclude interface
hundredgige 2/0/27
Exclude an interface from the
DRNI MAD shutdown action.
drni
hundredgige 1/0/30 drni
mad exclude interface
hundredgige 2/0/30
Exclude an interface from the
DRNI MAD shutdown action.
drni mad exclude interface loopback
0 drni
mad exclude interface
loopback 0
Exclude an interface from the
DRNI MAD shutdown action.
drni mad exclude interface loopback
1 drni
mad exclude interface
loopback 1
Exclude an interface from the
DRNI MAD shutdown action.
9
Switch B
Description
drni mad exclude interface loopback
2 drni
mad exclude interface
loopback 2
Exclude an interface from the
DRNI MAD shutdown action.
drni
vsi-interface 1 drni
mad exclude interface
vsi-interface 1
Exclude an interface from the
DRNI MAD shutdown action.
drni
vsi-interface 2 drni
mad exclude interface
vsi-interface 2
Exclude an interface from the
DRNI MAD shutdown action.
drni
vsi-interface 3 drni
mad exclude interface
vsi-interface 3
Exclude an interface from the
DRNI MAD shutdown action.
bgp 100 bgp 100 Create BGP instance 100.
router-id 1.1.1.1 router-id 2.2.2.2 Configure a router ID for the BGP
instance.
peer 4.4.4.4 as-number 100 peer 4.4.4.4 as-number 100 Specify an AS number for a peer
group.
peer 4.4.4.4 connect-interface
loopback 0 peer 4.4.4.4 connect-interface
loopback 0
Specify a source interface for
establishing TCP connections to
a peer or peer group.
peer 5.5.5.5 as-number 100 peer 5.5.5.5 as-number 100 Specify an AS number for a peer
group.
peer 5.5.5.5 connect-interface
loopback 0 peer 5.5.5.5 connect-interface
loopback 0
S
pecify a source interface for
establishing TCP connections to
a peer or peer group.
address-family l2vpn evpn address-family l2vpn evpn Enter BGP EVPN address family
view.
peer 4.4.4.4 enable peer 4.4.4.4 enable Enable BGP to exchange unicast
routing information with a peer or
peer group.
peer 5.5.5.5 enable peer 5.5.5.5 enable Enable BGP to exchange unicast
routing information with a peer or
peer group.
quit quit N/A
quit quit N/A
interface bridge-aggregation 2 interface bridge-aggregation 2 Enter the view of
Bridge-Aggregation 2.
service-instance 1000 service-instance 1000 Create Ethernet service instance
1000.
encapsulation s-vid 2 encapsulation s-vid 2 Configure a frame match criterion
for the Ethernet service instance.
xconnect vsi vpn1 xconnect vsi vpn1 Map VSI vpn1
to the Ethernet
service instance.
service-instance 1001 service-instance 1001 Create Ethernet service instance
1001.
encapsulation s-vid 3 encapsulation s-vid 3 Configure a frame match criterion
for the Ethernet service instance.
xconnect vsi vpn2 xconnect vsi vpn2 Map VSI vpn2
to the Ethernet
service instance.
quit quit N/A
10
Switch B
Description
quit quit N/A
igmp-snooping igmp-snooping Enable IGMP snooping
on the
switch and enter IGMP-snooping
view.
quit quit N/A
vsi vpn1 vsi vpn1 Enter the view of VSI vpn1.
igmp-snooping enable igmp-snooping enable Enable IGMP snooping
for the
VSI.
pim-snooping enable pim-snooping enable Enable PIM snooping for the VSI.
igmp-snooping proxy enable igmp-snooping proxy enable Enable IGMP snooping proxying
for the VSI.
quit quit N/A
vsi vpn2 vsi vpn2 Enter the view of VSI vpn2.
igmp-snooping enable igmp-snooping enable Enable IGMP snooping
for the
VSI.
pim-snooping enable pim-snooping enable Enable PIM snooping for the VSI.
igmp-snooping proxy enable igmp-snooping proxy enable Enable IGMP snooping proxying
for the VSI.
quit quit N/A
multicast-vpn vxlan vpn-instance
vpn1 mode mdt multicast-
vpn vxlan
vpn-instance vpn1 mode mdt Create an MDT-based MVXLAN.
address-family ipv4 address-family ipv4 Enter MVXLAN IPv4 address
family view.
source loopback 1 evpn-drni-group source loopback 1
evpn-drni-group
Specify the virtual VTEP address
of the DR member devices as the
IP address of the source
interface.
default-group 239.0.0.1 default-group 239.0.0.1 Configure the default group.
data-
255.255.255.128 data-
group 239.0.1.0
255.255.255.128 Configure the data group range.
drni local 1.1.1.1 remote 2.2.2.2 drni local 2.2.2.2 remote 1.1.1.1
Specify the IP addresses of the
local and remote DR member
devices.
quit quit N/A
quit quit N/A
multicast routing multicast routing Enable IP multicast
routing for
the public network.
quit quit N/A
multicast routing vpn-instance vpn1 multicast routing vpn-instance
vpn1
Enable IP multicast routing for
VPN instance vpn1.
quit quit N/A
pim pim Enable PIM
for the public
network.
c-bsr 1.1.1.1 c-bsr 2.2.2.2 Configure a candidate-BSR.
11
Switch B
Description
c-rp 1.1.1.1 c-rp 2.2.2.2 Configure a candidate-RP.
quit quit N/A
pim vpn-instance vpn1 pim vpn-instance vpn1 Enable PIM
for VPN instance
vpn1.
c-bsr 1.2.3.4 c-bsr 1.2.3.4 Configure a candidate-BSR.
c-rp 1.2.3.4 c-rp 1.2.3.4 Configure a candidate-RP.
Configuring access device Switch E
Configure Switch E in the same way Switch A and Switch B are configured except that DRNI
settings are not required on Switch E. For more information about interface and IP address
assignment on Switch E, see Table 1. For more information about the configuration procedure, see
"Configuring access devices Switch A and Switch B."
Switch E
Description
multicast-vpn vxlan vpn-
instance vpn1 mode
mdt Create an MDT-based MVXLAN.
address-family ipv4 Enter MVXLAN IPv4 address family view.
source loopback 0 Specify Loopback 0 as the source interface.
default-group 239.0.0.1 Configure the default group.
data-group 239.0.1.0 255.255.255.128 Configure the data group range.
quit N/A
quit N/A
multicast routing Enable IP multicast routing for the public network.
quit N/A
multicast routing vpn-instance vpn1 Enable IP multicast routing for VPN instance vpn1.
quit N/A
pim Enable PIM for the public network.
c-bsr 3.3.3.3 Configure a candidate-BSR.
c-rp 3.3.3.3 Configure a candidate-RP.
quit N/A
pim vpn-instance vpn1 Enable PIM for VPN instance vpn1.
c-bsr 3.3.3.3 Configure a candidate-BSR.
c-rp 3.3.3.3 Configure a candidate-RP.
Configuring core devices
Switch C
Switch D
Description
ip vpn-instance external_vpn ip vpn-instance external_vpn Create VPN instance
external_vpn.
12
Switch C
Switch D
Description
route-distinguisher 1:100 route-distinguisher 1:100 Configure an RD
for the VPN
instance.
address-family ipv4 address-family ipv4 Enter VPN instance IPv4 address
family view.
vpn-target 100:100 2:2 vpn-target 100:100 2:2
Configure route targets for the
VPN instance.
quit quit N/A
quit quit N/A
ip vpn-instance vpn1 ip vpn-instance vpn1 Create VPN instance vpn1.
route-distinguisher 1:1 route-distinguisher 1:1
Configure an RD for the VPN
instance.
address-family ipv4 address-family ipv4 Enter VPN instance IPv4 address
family view.
vpn-target 2:2 1:2 vpn-target 2:2 1:2
Configure route targets for the
VPN instance.
address-family evpn address-family evpn Enter VPN instance EVPN view.
vpn-target 1:1 vpn-target 1:1 Configure a route target for
EVPN.
quit quit N/A
quit quit N/A
ospf 1 router-id 4.4.4.4 ospf 1 router-id 5.5.5.5 Enable OSPF process 1 and
specify a router ID for the
process.
stub-router include-stub
on-startup 900 stub-router include-stub on-startup
900
Configure the router as a stub
router during reboot and specify
the timeout time to 900 seconds.
area 0.0.0.0 area 0.0.0.0 Create an OSPF area.
quit quit N/A
quit quit N/A
ospf 2 vpn-instance
external_vpn ospf 2 vpn-instance external_vpn Enable OSPF
process 2 and
specify VPN instance
external_vpn for the process.
stub-router include-stub
on-startup 900 stub-router include-stub on-startup
900
Configure the router as a stub
router during reboot and specify
the timeout time to 900 seconds.
area 0.0.0.0 area 0.0.0.0 Create an OSPF area.
quit quit N/A
quit quit N/A
interface hundredgige 1/0/25 interface hundredgige 1/0/25 Enter interface view.
pim sm pim sm Enable PIM SM on the interface.
ospf 1 area 0.0.0.0 ospf 1 area 0.0.0.0
Enable OSPF process 1 on the
interface.
quit quit N/A
13
Switch C
Switch D
Description
interface hundredgige 1/0/27 interface hundredgige 1/0/27 Enter interface view.
pim sm pim sm Enable PIM SM on the interface.
ospf 1 area 0.0.0.0 ospf 1 area 0.0.0.0
Enable OSPF process 1 on the
interface.
quit quit N/A
interface hundredgige 1/0/30 interface hundredgige 1/0/30 Enter interface view.
pim sm pim sm Enable PIM SM on the interface.
ospf 1 area 0.0.0.0 ospf 1 area 0.0.0.0
Enable OSPF process 1 on the
interface.
quit quit N/A
interface loopback 0 interface loopback 0
Create Loopback 0 and enter
loopback interface view.
pim sm pim sm Enable PIM SM on the interface.
ospf 1 area 0.0.0.0 ospf 1 area 0.0.0.0
Enable OSPF process 1 on the
interface.
quit quit N/A
interface loopback 1 interface loopback 1
Create Loopback 1 and enter
loopback interface view.
pim sm pim sm Enable PIM SM on the interface.
ospf 1 area 0.0.0.0 ospf 1 area 0.0.0.0
Enable OSPF process 1 on the
interface.
quit quit N/A
interface loopback 2 interface loopback 2
Create Loopback 2 and enter
loopback interface view.
ip binding vpn-instance vpn1 ip binding vpn-instance vpn1 Associate the interface with VPN
instance vpn1.
pim sm pim sm Enable PIM SM on the interface.
quit quit N/A
l2vpn enable l2vpn enable Enable L2VPN.
vxlan tunnel mac-learning
disable vxlan tunnel mac-learning disable Disable remote-
MAC address
learning.
vxlan tunnel arp-learning disable vxlan tunnel arp-learning disable D
isable remote ARP learning for
VXLANs.
evpn global-mac
0001-0002-0004 evpn global-mac 0001-0002-0004 Configure the EVPN global MAC
address.
vsi vpn1 vsi vpn1 Create VSI vpn1 and enter VSI
view.
flooding disable
unknown-unicast
unknown-multicast
flooding disable unknown-unicast
unknown-multicast Disable flooding for the VSI.
vxlan 10 vxlan 10 Create VXLAN
10 and enter its
view.
quit quit N/A
14
Switch C
Switch D
Description
evpn encapsulation vxlan evpn encapsulation vxlan Create an EVPN instance.
route-distinguisher auto route-distinguisher auto
Configure the switch to
automatically generate an RD for
the EVPN instance.
vpn-target auto vpn-target auto
Configure the switch to
automatically generate a route
target for the EVPN instance.
quit quit N/A
quit quit N/A
vsi vpn2 vsi vpn2 Create VSI vpn2 and enter VSI
view.
flooding disable
unknown-unicast
unknown-multicast
flooding disable unknown-unicast
unknown-multicast Disable flooding for the VSI.
vxlan 20 vxlan 20 Create VXLAN
20 and enter its
view.
quit quit N/A
evpn encapsulation vxlan evpn encapsulation vxlan Create an EVPN instance.
route-distinguisher auto route-distinguisher auto Configure
the switch to
automatically generate an RD for
the EVPN instance.
vpn-target auto vpn-target auto
Configure the switch to
automatically generate a route
target for the EVPN instance.
quit quit N/A
quit quit N/A
interface vsi-interface 1 interface vsi-interface 1 Create VSI-interface 1.
ip binding vpn-instance vpn1 ip binding vpn-instance vpn1 Associate the VSI interface with
VPN instance vpn1.
mac-address 0001-0001-0001 mac-address 0001-0001-0001
Configure the MAC address of
the VSI interface.
local-proxy-arp enable local-proxy-arp enable Enable local proxy ARP on the
VSI interface.
distributed-gateway local distributed-gateway local Specify the VSI interface
as a
distributed gateway.
pim distributed-dr pim distributed-dr
Configure the VSI interface as a
distributed designated router
interface.
igmp enable igmp enable Enable IGMP on the VSI
interface.
pim sm pim sm
Enable PIM SM on the VSI
interface.
quit quit N/A
interface vsi-interface 2 interface vsi-interface 2 Create VSI-interface 2.
ip binding vpn-instance vpn1 ip binding vpn-instance vpn1 Associate the VSI interface with
15
Switch C
Switch D
Description
VPN instance vpn1.
mac-address 0002-0002-0002 mac-address 0002-0002-0002
Configure the MAC address of
the VSI interface.
local-proxy-arp enable local-proxy-arp enable Enable local proxy ARP
on the
VSI interface.
distributed-gateway local distributed-gateway local Specify the VSI interface
as a
distributed gateway.
pim distributed-dr pim distributed-dr
Configure the VSI interface as a
distributed designated router
interface.
igmp enable igmp enable Enable IGMP on the VSI
interface.
pim sm pim sm
Enable PIM SM on the VSI
interface.
quit quit N/A
interface vsi-interface 3 interface vsi-interface 3 Create VSI-interface 3.
ip binding vpn-instance vpn1 ip binding vpn-instance vpn1
Associate the VSI interface with
VPN instance vpn1.
pim sm pim sm Enable PIM SM
on the VSI
interface.
l3-vni 1000 l3-vni 1000
Configure the L3 VXLAN ID as
1000 for the VPN instance.
quit quit N/A
interface vsi-interface 4 interface vsi-interface 4 Create VSI-interface 4.
ip binding vpn-instance
external_vpn ip binding vpn-instance
external_vpn
Associate the VSI interface with
VPN instance external_vpn.
pim sm pim sm Enable PIM SM
on the VSI
interface.
l3-vni 2000 l3-vni 2000
Configure the L3 VXLAN ID as
2000 for the VPN instance.
quit quit N/A
vsi vpn1 vsi vpn1 Enter the view of VSI vpn1.
gateway vsi-interface 1 gateway vsi-interface 1 Specify VSI-interface 1
as the
gateway interface for the VSI.
quit quit N/A
vsi vpn2 vsi vpn2 Enter the view of VSI vpn2.
gateway vsi-interface 2 gateway vsi-interface 2 Specify VSI-interface 2
as the
gateway interface for the VSI.
quit quit N/A
l2vpn drni peer-link
ac-match-rule vxlan-mapping l2vpn drni peer-link ac-match-rule
vxlan-mapping
Enable the switch to create frame
match criteria based on VXLAN
IDs for the dynamic ACs on the
IPL.
evpn drni group 5.6.7.8 evpn drni group 5.6.7.8 Enable EVPN distrib
uted relay
and specify the virtual VTEP
16
Switch C
Switch D
Description
address.
evpn drni local 4.4.4.4 remote
5.5.5.5 evpn drni local 5.5.5.5 remote
4.4.4.4
Specify the IP addresses of the
local and peer VTEPs in the DR
system.
drni restore-delay 300 drni restore-delay 300
Set the data restoration interval
to 300 seconds.
drni system-mac
0022-0022-0022 drni system-mac 0022-0022-0022 Configure the DR system MAC
address.
drni system-number 1 drni system-number 2 Set the DR system number.
drni system-priority 22 drni system-priority 22 Set the DR system priority.
drni standalone enable drni standalone enable Enable DRNI standalone mode.
drni
keepalive ip destination
21.1.0.2 source 21.1.0.1 drni keepalive ip destination
21.1.0.1 source 21.1.0.2 Configure DR keepalive packet
parameters.
interface bridge-aggregation 1 interface bridge-aggregation 1
Create Layer 2 aggregate
interface Bridge-Aggregation 1
and enter its view.
link-aggregation mode dynamic link-aggregation mode dynamic
Configure the
aggregation group
to operate in dynamic
aggregation mode and enable
LACP.
quit quit N/A
interface hundredgige 1/0/32 interface hundredgige 1/0/32 Enter interface view.
port link-aggregation group 1 port link-aggregation group 1
Assign the interface to
aggregation group 1.
quit quit N/A
interface bridge-aggregation 1 interface bridge-aggregation 1 Enter the view of
Bridge-Aggregation 1.
port drni intra-portal-port 1 port drni intra-portal-port 1 Configure the aggregate interface
as the IPP.
port trunk pvid vlan 4050 port trunk pvid vlan 4050 Configure the aggregate interface
as a trunk port and set its PVID to
4050.
undo mac-
address static
source-check enable undo mac-
address static
source-check enable
Disable static source check to
ensure correct Layer 3
forwarding over the IPL.
quit quit N/A
interface bridge-aggregation 2 interface bridge-aggregation 2 Create Layer 2 aggregate
interface Bridge-Aggregation 2
and enter its view.
link-aggregation mode dynamic link-aggregation mode dynamic
Configure the
aggregation group
to operate in dynamic
aggregation mode and enable
LACP.
quit quit N/A
interface hundredgige 1/0/26 interface hundredgige 1/0/26 Enter interface view.
port link-aggregation group 2 port link-aggregation group 2
Assign the interface to
aggregation group 2.
17
Switch C
Switch D
Description
quit quit N/A
vlan 2 to 3 100 vlan 2 to 3 100 Create VLANs 2, 3, and 100.
quit quit N/A
interface bridge-aggregation 2 interface bridge-aggregation 2
Enter the view of
Bridge-Aggregation 2.
port link-type trunk port link-type trunk Set the link type of the aggregate
interface to trunk.
undo port trunk permit vlan 1 undo port trunk permit vlan 1 Remove the aggregate interface
from VLAN 1.
port trunk permit vlan 2 to 3 port trunk permit vlan 2 to 3 Assign the aggregate interface to
VLANs 2 and 3.
port drni group 2 port drni group 2 Assign the aggregate interface to
DR group 2.
service-instance 1000 service-instance 1000
Create Ethernet service instance
1000.
encapsulation s-vid 2 encapsulation s-vid 2 Configure a frame match criterion
for the Ethernet service instance.
xconnect vsi vpn1 xconnect vsi vpn1
Map the Ethernet service
instance to VSI vpn1.
service-instance 1001 service-instance 1001 Create Ethernet service instance
1001.
encapsulation s-vid 3 encapsulation s-vid 3 Configure a frame match criterion
for the Ethernet service instance.
xconnect vsi vpn2 xconnect vsi vpn2
Map the Ethernet service
instance to VSI vpn2.
quit quit N/A
quit quit N/A
interface bridge-aggregation 100 interface bridge-aggregation 100 Create Layer 2 aggregate
interface Bridge-Aggregation 100
and enter its view.
link-aggregation mode dynamic link-aggregation mode dynamic
Configure the
aggregation group
to operate in dynamic
aggregation mode and enable
LACP.
quit quit N/A
interface hundredgige 1/0/29 interface hundredgige 1/0/29 Enter interface view.
port link-aggregation group 100 port link-aggregation group 100 Assign the interface to
aggregation group 100.
quit quit N/A
interface bridge-aggregation 100 interface bridge-aggregation 100 Enter the view of
Bridge-Aggregation 100.
port link-type trunk port link-type trunk Set the link type of the aggregate
interface to trunk.
undo port trunk permit vlan 1 undo port trunk permit vlan 1 Remove the aggregate interface
from VLAN 1.
18
Switch C
Switch D
Description
port trunk permit vlan 100 port trunk permit vlan 100 Assign the aggregate interface to
VLAN 100.
port drni group 100 port drni group 100 Assign the aggregate interface to
DR group 100.
quit quit N/A
interface hundredgige 1/0/31 interface hundredgige 1/0/31 Enter interface view.
ospf 1 area 0.0.0.0 ospf 1 area 0.0.0.0 Enable OSPF process 1 on the
interface.
pim sm pim sm Enable PIM SM on the interface.
quit quit N/A
drni
mad exclude interface
hundredgige 1/0/25 drni
mad exclude interface
hundredgige 1/0/25 Exclude an interface
from the
DRNI MAD shutdown action.
drni
mad exclude interface
hundredgige 1/0/27 drni
mad exclude interface
hundredgige 1/0/27
Exclude an interface from the
DRNI MAD shutdown action.
drni
mad exclude interface
hundredgige 1/0/28 drni
mad exclude interface
hundredgige 1/0/28
Exclude an interface from the
DRNI MAD shutdown action.
drni
mad exclude interface
hundredgige 1/0/31 drni
mad exclude interface
hundredgige 1/0/31
Exclude an interface from the
DRNI MAD shutdown action.
drni
mad exclude interface
loopback 0 drink
mad exclude interface
loopback 0
Exclude an interface from the
DRNI MAD shutdown action.
drni
mad exclude interface
vlan-interface 100 drni
mad exclude interface
vlan-interface 100
Exclude an interface from the
DRNI MAD shutdown action.
drni
mad exclude interface
vsi-interface 1 drni
mad exclude interface
vsi-interface 1
Exclude an interface from the
DRNI MAD shutdown action.
drni
mad exclude interface
vsi-interface 2 drni
mad exclude interface
vsi-interface 2
Exclude an interface from the
DRNI MAD shutdown action.
drni
mad exclude interface
vsi-interface 3 drni
mad exclude interface
vsi-interface 3
Exclude an interface from the
DRNI MAD shutdown action.
drni
mad exclude interface
vsi-interface 4 drni
mad exclude interface
vsi-interface 4
Exclude an interface from the
DRNI MAD shutdown action.
bgp 100 bgp 100 Create BGP instance 100.
router-id 4.4.4.4 router-id 5.5.5.5 Configure a router ID for the BGP
instance.
group e internal group e internal Create a peer group.
peer e connect-interface
loopback 0 peer e connect-interface loopback
0
Specify a source
interface for
establishing TCP connections to
a peer or peer group.
peer 1.1.1.1 group e peer 1.1.1.1 group e Add peer 1.1.1.1
to the peer
group.
peer 2.2.2.2 group e peer 2.2.2.2 group e Add peer 2.2.2.2
to the peer
group.
peer 3.3.3.3 group e peer 3.3.3.3 group e Add peer 3.3.3.3
to the peer
group.
address-family l2vpn evpn address-family l2vpn evpn Enter BGP EVPN address family
view.
19
Switch C
Switch D
Description
undo policy vpn-target undo policy vpn-target
Disable route target filtering for
BGP EVPN routes.
peer e enable peer e enable Enable BGP to exchange unicast
routing information with a peer or
peer group.
peer e next-hop-local peer e next-hop-local S
et the local router as the next
hop for routes sent to a peer or
peer group.
peer e reflect-client peer e reflect-client Configure the local switch as a
route reflector and specify peer
group e as a client.
quit quit N/A
quit quit N/A
igmp-snooping igmp-snooping Enable IGMP snooping and enter
IGMP-snooping view.
quit quit N/A
vlan 100 vlan 100 Create VLAN 100.
igmp-snooping enable igmp-snooping enable Enable IGMP snooping
for the
VLAN.
pim-snooping enable pim-snooping enable Enable PIM snooping
for the
VLAN.
igmp-snooping triggered-query
enable port-down port-up igmp-snooping triggered-query
enable port-down port-up
Enable the switch to send IGMP
general queries when the state of
a port changes.
quit quit N/A
interface vlan-interface 100 interface vlan-interface 100 Create VLAN-interface 100.
ip binding vpn-instance
external_vpn ip binding vpn-instance
external_vpn
Associate the VLAN interface
with VPN instance external_vpn.
pim sm pim sm Enable PIM SM.
pim distributed-dr pim distributed-dr
Configure the VLAN interface as
a distributed designated router
interface.
pim triggered-
hello enable
port-down port-up pim triggered-
hello enable
port-down port-up
Enable the switch to send hello
messages with a different
Generation ID when the state of a
port changes.
igmp enable igmp enable Enable IGMP on the interface.
quit quit N/A
multicast-vpn vxlan vpn-instance
external_vpn mode mdt multicast-vpn vxlan vpn-instance
external_vpn mode mdt Create an MDT-based MVXLAN
and enter MVXLAN view.
address-family ipv4 address-family ipv4 Enter MVXLAN IPv4 address
family view.
source loopback 1
evpn-drni-group source loopback 1 evpn-drni-group
Specify the virtual VTEP address
of the DR member devices as the
IP address of the source
interface.
Page is loading ...
Page is loading ...
Page is loading ...
Page is loading ...
Page is loading ...
Page is loading ...
Page is loading ...
Page is loading ...
Page is loading ...
Page is loading ...
Page is loading ...
Page is loading ...
  • Page 1 1
  • Page 2 2
  • Page 3 3
  • Page 4 4
  • Page 5 5
  • Page 6 6
  • Page 7 7
  • Page 8 8
  • Page 9 9
  • Page 10 10
  • Page 11 11
  • Page 12 12
  • Page 13 13
  • Page 14 14
  • Page 15 15
  • Page 16 16
  • Page 17 17
  • Page 18 18
  • Page 19 19
  • Page 20 20
  • Page 21 21
  • Page 22 22
  • Page 23 23
  • Page 24 24
  • Page 25 25
  • Page 26 26
  • Page 27 27
  • Page 28 28
  • Page 29 29
  • Page 30 30
  • Page 31 31
  • Page 32 32

Aruba JL593A Configuration Guide

JL593A
Aruba
Brand
Aruba
Model
JL593A
Category
Networking
Type
Configuration Guide
Download PDF
report

Ask a question and I''ll find the answer in the document

Finding information in a document is now easier with AI

Related papers

Other documents