Aruba DRNI+IPv4 and IPv6 Dual-Active VLAN Gateway Configuration Guide

Aruba
Brand
Aruba
Model
DRNI+IPv4 and IPv6 Dual-Active VLAN Gateway
Type
Configuration Guide
i
Contents
Example: Configuring IPv4 and IPv6 dual-active VLAN gateways on a DRNI
network ·········································································································· 1
Network configuration ········································································································································ 1
Applicable product matrix ··································································································································· 3
Analysis ······························································································································································ 3
Restrictions and guidelines ································································································································ 4
Configuring the DR system ································································································································ 4
Procedure summary ··································································································································· 4
Configuring the interconnect links between the DR system and the downlink device Device D ················ 4
Configuring the dual-active gateways ········································································································ 6
Configuring Layer 3 communication between DR member devices ·························································· 7
Configuring the interconnect links between the DR system and the uplink device Device C ···················· 8
Configuring the single-homed interface of the DR system ········································································· 9
Configuring a dynamic routing protocol used for communication with Device D ······································· 9
Configuring uplink device Device C ················································································································· 10
Procedure summary ································································································································· 10
Configuring the interconnect links to the DR member devices ································································ 10
Configuring the interconnect links between the uplink device Device C and the network ······················· 11
Configuring downlink device Device D ············································································································· 12
Procedure summary ································································································································· 12
Configuring the interconnect links to the DR member devices ································································ 12
Setting up OSPF and OSPFv3 peer relationships with the DR member devices ···································· 12
Traffic forwarding models ································································································································· 13
Underlay traffic characteristics ················································································································· 13
Forwarding models ··································································································································· 13
Testing network convergence upon single points of failure ············································································· 14
Verifying the configuration································································································································ 14
Upgrading the devices ····································································································································· 18
Upgrading the DR member devices ········································································································· 18
Expanding the network····································································································································· 19
Adding a DR member device ··················································································································· 19
Replacing hardware ········································································································································· 20
Replacing a service module ····················································································································· 20
Replacing a switching fabric module ········································································································ 20
Replacing a device ··································································································································· 21
1
Example: Configuring IPv4 and IPv6
dual-active VLAN gateways on a DRNI
network
Network configuration
As shown in Figure 1:
Device A and Device B form a DR system. Device D accesses the DR system through DR
interfaces.
Device A and Device B are connected to uplink device Device C through equal-cost routes.
Configure the network as follows to meet the server access requirements of users:
The two DR member devices Device A and Device B both act as the IPv4 gateway and IPv6
gateway for the servers.
If the link between Device A or Device B and uplink device Device C fails, packets can be
transmitted along the other DR member device to Device C to avoid interrupting the servers’
communication with the external network.
In some scenarios, the devices or servers attached to the DR interfaces are required to establish
routing peer relationships with the DR member devices.
Figure 1 Network diagram
Network
Server 1
Device A Device B
Device C
HGE1/0/3
HGE1/0/1 HGE1/0/2
HGE1/0/6 HGE1/0/6
HGE1/0/5 HGE1/0/5
HGE1/0/1
HGE1/0/1
HGE1/0/4
HGE1/0/3 HGE1/0/4
HGE1/0/3
IPL
BAGG 1
BAGG 3
HGE1/0/2
HGE1/0/2
Server 2
Device D
HGE1/0/1 to HGE1/0/4
Server 3
HGE1/0/7
2
Table 1 Topology and IP assignment
Device
Interface
IP address
Peer device and interface
Device A
HGE1/0/1 N/A Device D: HGE1/0/1
HGE1/0/2 N/A Device D: HGE1/0/2
HGE1/0/3 N/A Device B: HGE1/0/3
HGE1/0/4 N/A Device B: HGE1/0/4
HGE1/0/5 IPv4: 21.1.1.1/24
IPv6: 21::1/64 Device B: HGE1/0/5
HGE1/0/6 N/A Device C: HGE1/0/1
HGE1/0/7 N/A N/A
Vlan-int100
IPv4: 100.1.1.100/24
DRNI virtual IPv4
address:
100.1.1.101/24
IPv6: 100::100/64
DRNI virtual IPv6
address: 100::101
N/A
Vlan-int101 IPv4: 101.1.1.1/24
IPv6: 101::1/64
Device B: Vlan-int101
IPv4: 101.1.1.2/24
IPv6: 101::2/64
Vlan-int32 IPv4: 32.1.1.1/24
IPv6: 32::1/64
Device C: Vlan-int32
IPv4: 32.1.1.2/24
IPv6: 32::2/64
Device B
HGE1/0/1 N/A Device D: HGE1/0/3
HGE1/0/2 N/A Device D: HGE1/0/4
HGE1/0/3 N/A Device A: HGE1/0/3
HGE1/0/4 N/A Device A: HGE1/0/4
HGE1/0/5 IPv4: 21.1.1.2/24
IPv6: 21::2/64 Device A: HGE1/0/5
HGE1/0/6 N/A Device C: HGE1/0/2
Vlan-int100
IPv4: 100.1.1.100/24
DRNI virtual IPv4
address:
100.1.1.102/24
IPv6: 100::100/64
DRNI virtual IPv6
address: 100::102
N/A
Vlan-int101 IPv4: 101.1.1.2/24
IPv6: 101::2/64
Device A: Vlan-int101
IPv4: 101.1.1.1/24
IPv6: 101::1/64
Vlan-int33 IPv4: 33.1.1.1/24
IPv6: 33::1/64
Device C: Vlan-int33
IPv4: 33.1.1.2/24
IPv6: 33::2/64
Device C HGE1/0/1 N/A Device A: HGE1/0/6
3
Device
Interface
IP address
Peer device and interface
HGE1/0/2 N/A Device B: HGE1/0/6
HGE1/0/3 N/A Network
Vlan-int22 IPv4: 22.1.1.1/24
IPv6: 22::1/64 Network
Vlan-int32 IPv4: 32.1.1.2/24
IPv6: 32::2/64
Device A: Vlan-int32
IPv4: 32.1.1.1/24
IPv6: 32::1/64
Vlan-int33 IPv4: 33.1.1.2/24
IPv6: 33::2/64
Device B: Vlan-int33
IPv4: 33.1.1.1/24
IPv6: 33::1/64
Device D
HGE1/0/1 N/A Device A: HGE1/0/1
HGE1/0/2 N/A Device A: HGE1/0/2
HGE1/0/3 N/A Device B: HGE1/0/1
HGE1/0/4 N/A Device B: HGE1/0/2
Vlan-int100 IPv4: 100.1.1.110/24
IPv6: 100::110
Routing peers to the DRNI virtual IP
addresses assigned to
VLAN-interface 100 on the DR
member devices
Applicable product matrix
IMPORTANT:
In addition to running an applicable software version, you must also install the most recent patch, if
any.
Device
HPE FlexFabric 5944 & 5945 Switch Series R6710
HPE FlexFabric 5940 Switch Series R6710
HPE FlexFabric 5710 Switch Series R6710
HPE FlexFabric 12900E Switch Series (Type K) R5210
HPE FlexFabric 12900E Switch Series (Type X) R7624P08
Analysis
Configure VLAN-interface 100 on Device A and Device B to act as the IPv4 and IPv6
dual-active gateways. To enable IPv4 and IPv6 users to access the external network through
the gateways, configure the same IPv4 address, MAC address, IPv6 address, and IPv6
link-local address for VLAN-interface 100 on Device A and Device B.
Enable Device A and Device B to communicate at Layer 3 through VLAN-interface 101. Then,
packets can be routed to the other DR member device when the link between Device A or
Device B and uplink device Device C fails.
4
Restrictions and guidelines
All the devices were started with the factory default configuration. When you are working on a live
network, make sure the existing configuration does not conflict with the following configuration.
The DR system MAC address must be the same for devices in the same DR system. The DR system
MAC addresses must be different for devices in different DR systems.
Configuring the DR system
Procedure summary
Configuring the interconnect links between the DR system and the downlink device Device D
Configuring the dual-active gateways
Configuring Layer 3 communication between DR member devices
Configuring the interconnect links between the DR system and the uplink device Device C
Configuring the single-homed interface of the DR system
Configuring a dynamic routing protocol used for communication with Device D
Configuring the interconnect links between the DR system
and the downlink device Device D
Device A
Device B
Description
Remarks
drni system-mac
2-2-2 drni system-mac
2-2-2 Set the DR system MAC
address.
You must set the same
DR system MAC
address for devices in
the same DR system.
drni system-number 1 drni system-number 2 Set the DR system
number.
You must set different
DR system numbers for
devices in the same DR
system.
drni system-priority 123 drni system-priority 123 Set the DR system
priority.
You must set the same
DR system priority for
devices in the same DR
system.
drni standalone enable drni standalone enable Enable DRNI standalone
mode. N/A
drni keepalive ip
destination
21.1.1.2
source 21.1.1.1
drni keepalive ip
destination 21.1.1.1
source 21.1.1.2
Configure the
destination and source
IP addresses of
keepalive packets.
N/A
stp instance 0 root
primary stp instance 0 root
primary-
Configure the DR
member device as the
root STP bridge. N/A
stp global enable stp global enable Enable spanning tree
globally. N/A
stp tc-protection stp tc-protection Enable the TC-BPDU
guard feature. To prevent the device
from frequently deleting
MAC address entries
5
Device A
Device B
Description
Remarks
and ARP entries and
thus protect the device,
enable this feature.
stp bpdu-protection stp bpdu-protection Enable BPDU guard
globally. N/A
interface
HundredGigE1/0/5 interface
HundredGigE1/0/5 Enter the interface view
for the keepalive link. N/A
port link-mode route port link-mode route
Configure the interface
for the keepalive link to
operate in route mode as
a Layer 3 interface.
N/A
ip address 21.1.1.1
24 ip address 21.1.1.2
24
Configure the source
IPv4 address of
keepalive packets. N/A
quit quit N/A N/A
drni mad exclude
interface
HundredGigE1/0/5
drni mad exclude
interface
HundredGigE1/0/5
Exclude the interface
used for DR keepalive
detection from the
shutdown action by
DRNI MAD.
N/A
interface
bridge-aggregation 1 interface
bridge-aggregation 1
Create the Layer 2
aggregate interface to be
used as the IPP and
enter interface view.
N/A
link-aggregation mode
dynamic link-aggregation mode
dynamic
Configure the aggregate
interface to operate in
dynamic mode. N/A
quit quit N/A N/A
interface range
HundredGigE 1/0/3
HundredGigE 1/0/4
interface range
HundredGigE 1/0/3
HundredGigE 1/0/4
Enter the view of
physical interfaces on
the IPL. N/A
port link-aggregation
group 1 port link-aggregation
group 1
Assign the physical
interfaces on the IPL to
the aggregation group
for the IPL (aggregation
group 1).
N/A
interface
bridge-aggregation 1 interface
bridge-aggregation 1 N/A N/A
port drni intra-portal-port
1 port drni intra-portal-port
1
Specify the aggregate
interface
(Bridge-Aggregation 1)
as the IPP.
N/A
undo mac-address static
source-check enable undo mac-address static
source-check enable
Disable the static source
check feature to avoid
inter-IPL Layer 3 traffic
forwarding failures.
You do not need to
execute this command
on an HPE FlexFabric
12900E switch, because
inter-IPL Layer 3 traffic
forwarding failures do
not exist on these
switches.
quit quit N/A N/A
interface
interface
Create an aggregate
N/A
6
Device A
Device B
Description
Remarks
bridge-aggregation 3
bridge-aggregation 3
interface connecting to
Device D.
link-aggregation mode
dynamic link-aggregation mode
dynamic
Configure the aggregate
interface connecting to
Device D to operate in
dynamic mode.
N/A
port drni group 1 port drni group 1
Assign the Layer 2
aggregate interface
(Bridge-Aggregation 3)
to DR group 1.
N/A
quit quit N/A N/A
interface range
HundredGigE 1/0/1
HundredGigE 1/0/2
interface range
HundredGigE 1/0/1
HundredGigE 1/0/2
Enter the view of the
physical interfaces
connecting the DR
system to Device D.
N/A
port link-aggregation
group 3 port link-aggregation
group 3 Assign the interfaces to
a DR group. N/A
quit quit N/A N/A
drni restore-delay 300 drni restore-delay 300 Set the data restoration
interval.
The data restoration
interval specifies the
maximum amount of
time for the secondary
DR member device to
synchronize data with
the primary DR member
device during DR system
setup.
Configuring the dual-active gateways
Device A
Device B
Description
vlan 100 101 vlan 100 101 Create VLAN 100 and VLAN 101.
interface bridge-aggregation 3 interface bridge-aggregation 3 N/A
port link-type trunk port link-type trunk Set the link type of the Layer 2
aggregate interface
(Bridge-Aggregation 3) to trunk.
port trunk permit vlan 100 port trunk permit vlan 100 Assign the interface to VLAN 100.
port lacp system-priority 100 port lacp system-priority 101
Set the LACP system priority, so that
only member ports with higher priority
are selected when both IPL and
keepalive link fail.
quit quit N/A
interface bridge-aggregation 1 interface bridge-aggregation 1 N/A
port link-type trunk port link-type trunk Set the link type of the Layer 2
aggregate interface
(Bridge-Aggregation 1) to trunk.
port trunk permit vlan all port trunk permit vlan all Assign the interface to all VLANs.
quit quit N/A
7
Device A
Device B
Description
interface vlan-interface 100 interface vlan-interface 100 Create VLAN-interface 100.
ip address 100.1.1.100 24 ip address 100.1.1.100 24 Assign an IPv4 address to
VLAN-interface 100, which is to act as
an IPv4 dual-active gateway.
mac-address 0000-0010-0010 mac-address 0000-0010-0010 Assign a MAC address to
VLAN-interface 100, which is to act as
an IPv4 dual-active gateway.
ipv6 address 100::100 64 ipv6 address 100::100 64 Assign an IPv6 address to
VLAN-interface 100, which is to act as
an IPv6 dual-active gateway.
ipv6 address FE80::80
link-local ipv6 address FE80::80 link-local Assign a link-local address to
VLAN-interface 100, which is to act as
an IPv6 dual-active gateway.
ipv6 nd unsolicited-na-learning
enable ipv6 nd unsolicited-na-learning
enable
Enable unsolicited NA learning.
For ND entries to be synchronous on
DR member devices, enable this
feature.
quit quit N/A
drni mad exclude interface
Vlan-interface100 drni mad exclude interface
Vlan-interface100 Exclude VLAN-interface100 from the
shutdown action by DRNI MAD.
interface vlan-interface 101 interface vlan-interface 101 Create VLAN-interface 101.
ip address 101.1.1.1 24 ip address 101.1.1.2 24
Assign an IPv4 address to
VLAN-interface 101, which is used for
Layer 3 communication between DR
member devices.
ipv6 address 101::1 64 ipv6 address 101::2 64
Assign an IPv6 address to
VLAN-interface 101, which is used for
Layer 3 communication between DR
member devices.
quit quit N/A
drni mad exclude interface
Vlan-interface101 drni mad exclude interface
Vlan-interface101 Exclude VLAN-interface101 from the
shutdown action by DRNI MAD.
Configuring Layer 3 communication between DR member
devices
Device A
Device B
Description
router id 3.3.3.3 router id 4.4.4.4 Configure a router ID.
ospf 1 ospf 1 Configure OSPF to enable DR
member devices to communicate
through an IPv4 network.
stub-router include-stub
on-startup 900 stub-router include-stub
on-startup 900
Specify the cost of the stub links (link
type 3) in Router LSAs to the maximum
value 65535 to accelerate network
convergence.
silent-interface Vlan-interface
100 silent-interface Vlan-interface
100 Disable VLAN-interface 100 from
receiving and sending OSPF packets.
8
Device A
Device B
Description
area 0 area 0 N/A
quit quit N/A
interface vlan-interface 100 interface vlan-interface 100 N/A
ospf 1 area 0 ospf 1 area 0 Enable OSPF on an interface.
quit quit N/A
interface vlan-interface 101 interface vlan-interface 101 N/A
ospf 1 area 0 ospf 1 area 0 Enable OSPF on an interface.
quit quit N/A
ospfv3 1 ospfv3 1 Configure OSPFv3 to enable DR
member devices to communicate
through an IPv6 network.
router-id 3.3.3.3 router-id 4.4.4.4 Configure a router ID.
stub-router max-metric
on-startup 900 stub-router max-metric
on-startup 900
Specify the cost of the links in Type-1
LSAs to the maximum value 65535
and specify the router as a stub router
during reboot.
silent-interface Vlan-interface
100 silent-interface Vlan-interface
100 Disable VLAN-interface 100 from
receiving and sending OSPF packets.
area 0 area 0 N/A
quit quit N/A
interface vlan-interface 100 interface vlan-interface 100 N/A
ospfv3 1 area 0 ospfv3 1 area 0 Enable OSPFv3 on an interface.
quit quit N/A
interface vlan-interface 101 interface vlan-interface 101 N/A
ospfv3 1 area 0 ospfv3 1 area 0 Enable OSPFv3 on an interface.
quit quit N/A
Configuring the interconnect links between the DR system
and the uplink device Device C
Device A
Device B
Description
vlan 32 vlan 33 Create a VLAN.
quit quit N/A
interface HundredGigE 1/0/6 interface HundredGigE 1/0/6 N/A
port link-type trunk port link-type trunk Set the link type of the interface to
trunk.
port trunk permit vlan 32 port trunk permit vlan 33 Assign the interface to the specified
VLANs.
undo port trunk permit vlan 1 undo port trunk permit vlan 1 Remove the interface from VLAN 1.
undo stp enable undo stp enable Disable STP on the uplink interface to
9
Device A
Device B
Description
speed up topology convergence.
quit quit N/A
interface vlan-interface 32 interface vlan-interface 33 Create a VLAN interface.
ip address 32.1.1.1 24 ip address 33.1.1.1 24 Assign an IPv4 address to a
VLAN-interface.
ipv6 address 32::1 64 ipv6 address 33::1 64 Assign an IPv6 address to a
VLAN-interface.
ospf 1 area 0 ospf 1 area 0 Enable OSPF on an interface.
ospfv3 1 area 0 ospfv3 1 area 0 Enable OSPFv3 on an interface.
quit quit N/A
Configuring the single-homed interface of the DR system
Device A
Description
vlan 100 Create a VLAN.
quit N/A
interface HundredGigE 1/0/7 Configure the single-homed interface.
port link-mode bridge Configure the interface to operate in bridge mode as a Layer 2 interface.
port link-type access Set the link type of the interface to access.
port access vlan 100 Assign the interface to the specified VLAN.
Configuring a dynamic routing protocol used for
communication with Device D
Perform this task if the devices or servers attached to the DR member devices are required to
establish routing peer relationships with the DR member devices.
Device A
Device B
Description
interface vlan-interface 100 interface vlan-interface 100 N/A
port drni virtual-ip 100.1.1.101
255.255.255.0 active port drni virtual-ip 100.1.1.102
255.255.255.0 active Assign a DRNI virtual IPv4 address
to this VLAN interface.
port drni ipv6 virtual-ip FE80::81
link-local port drni ipv6 virtual-ip FE80::82
link-local Assign a DR link-local virtual IPv6
address to this VLAN interface.
port drni ipv6 virtual-ip 100::101
64 active port drni ipv6 virtual-ip 100::102
64 active Assign a DRNI virtual IPv6 address
to this VLAN interface, and set the
state of the address to active.
ospf peer sub-address enable
100.1.1.101 ospf peer sub-address enable
100.1.1.102
Enable OSPF to use secondary IP
addresses to set up peer
relationships.
quit quit N/A
10
Configuring uplink device Device C
Procedure summary
Configuring the interconnect links to the DR member devices
Configuring the interconnect links between the uplink device Device C and the network
Configuring the interconnect links to the DR member devices
Device C
Description
vlan 32 Create VLAN 32.
quit N/A
interface HundredGigE 1/0/1 N/A
port link-type trunk Set the link type of the interface to trunk.
port trunk permit vlan 32 Assign HundredGigE 1/0/1 (which connects Device C to
Device A) to VLAN 32.
undo port trunk permit vlan 1 Remove the interface from VLAN 1.
undo stp enable Disable the spanning tree protocol to speed up topology
convergence.
quit N/A
interface vlan-interface 32 Create VLAN-interface 32.
ip address 32.1.1.2 24 Assign an IPv4 address to the VLAN-interface.
ipv6 address 32::2 64 Assign an IPv6 address to the VLAN-interface.
quit N/A
vlan 33 Create VLAN 33.
quit N/A
interface HundredGigE 1/0/2 N/A
port link-type trunk Set the link type of the interface to trunk.
port trunk permit vlan 33 Assign HundredGigE 1/0/2 (which connects Device C to
Device B) to VLAN 33.
undo port trunk permit vlan 1 Remove the interface from VLAN 1.
undo stp enable Disable the spanning tree protocol to speed up topology
convergence.
quit N/A
interface vlan-interface 33 Create VLAN-interface 33.
ip address 33.1.1.2 24 Assign an IPv4 address to the VLAN-interface.
ipv6 address 33::2 64 Assign an IPv6 address to the VLAN-interface.
quit N/A
router id 5.5.5.5 Configure a router ID.
ospf 1 Configure OSPF to enable DR member devices to
communicate through an IPv4 network.
11
Device C
Description
stub-router include-stub on-startup 900 Specify the cost of the stub links (link type 3) in Router LSAs
to the maximum value 65535 to accelerate network
convergence.
area 0 N/A
quit N/A
interface vlan-interface 32 N/A
ospf 1 area 0 Enable OSPF on the interface.
quit N/A
interface vlan-interface 33 N/A
ospf 1 area 0 Enable OSPF on the interface.
quit N/A
ospfv3 1 Configure OSPFv3 to enable DR member devices to
communicate through an IPv6 network.
router id 5.5.5.5 Configure a Router ID.
stub-router max-metric on-startup 900 Specify the cost of the links in Type-1 LSAs to the maximum
value 65535 and specify the router as a stub router during
reboot.
area 0 N/A
quit N/A
interface vlan-interface 32 N/A
ospfv3 1 area 0 Enable OSPFv3 on the interface.
quit N/A
interface vlan-interface 33 N/A
ospfv3 1 area 0 Enable OSPFv3 on the interface.
quit N/A
Configuring the interconnect links between the uplink device
Device C and the network
Device C
Description
vlan 22 Create VLAN 22.
quit N/A
interface HundredGigE 1/0/3 N/A
port link-type trunk Set the link type of the interface to trunk.
port trunk permit vlan 22 Assign HundredGigE 1/0/3 (which connects Device C to the
network) to VLAN 22.
undo port trunk permit vlan 1 Remove the interface from VLAN 1.
undo stp enable Disable the spanning tree protocol to speed up topology
convergence.
12
Device C
Description
quit N/A
interface vlan-interface 22 Create VLAN-interface 22.
ip address 22.1.1.1 24 Assign an IPv4 address to the VLAN-interface.
ipv6 address 22::1 64 Assign an IPv6 address to the VLAN-interface.
quit N/A
Configuring downlink device Device D
Procedure summary
Configuring the interconnect links to the DR member devices
Setting up OSPF and OSPFv3 peer relationships with the DR member devices
Configuring the interconnect links to the DR member devices
Device D
Description
interface bridge-aggregation 3 Create Layer 2 aggregate interface Bridge-Aggregation 3,
and enter its view.
link-aggregation mode dynamic Configure the aggregate interface connecting to the DR
system to operate in dynamic mode.
quit N/A
interface range HundredGigE 1/0/1 to
HundredGigE 1/0/4
Enter the view of the physical interfaces connecting Device D
to the DR system.
port link-aggregation group 3 Assign interfaces to an aggregation group.
quit N/A
vlan 100 Create VLAN 100.
quit N/A
interface bridge-aggregation 3 N/A
port link-type trunk Set the link type of the interface to trunk.
port trunk permit vlan 100 Assign the interface to VLAN 100.
undo port trunk permit vlan 1 Remove the interface from VLAN 1.
quit N/A
Setting up OSPF and OSPFv3 peer relationships with the DR
member devices
Perform this task if the devices or servers attached to the DR member devices are required to
establish routing peer relationships with the DR member devices.
13
Device D
Description
router id 6.6.6.6 Configure the router ID.
ospf 1 Configure OSPF to set up IPv4 connectivity to the DR
member devices.
area 0 Create an OSPF area and enter its view.
quit N/A
interface vlan-interface 100 N/A
ip address 100.1.1.110 255.255.255.0 Assign an IPv4 address to this VLAN interface.
ipv6 address FE80::83 link-local Assign an IPv6 link-local address to this VLAN interface.
ipv6 address 100::110 64 Assign an IPv6 address to this VLAN interface.
ospf 1 area 0.0.0.0 Enable OSPF on VLAN-interface 100.
ospfv3 1 area 0.0.0.0 Enable OSPFv3 on VLAN-interface 100.
quit N/A
Traffic forwarding models
Underlay traffic characteristics
The forwarding model matrix provides the following characteristics of underlay traffic:
No.Traffic number in the U-X-XXX format:
UUnderlay traffic.
XProtocol number, which can be 4 (IPv4) or 6 (IPv6).
XXXTraffic sequence number.
Traffic typeType of underlay traffic, which can be IPv4 known unicast or IPv6 known unicast.
DirectionDirection of underlay traffic.
Forwarding pathNodes that underlay traffic traverses.
Traffic simulationTraffic simulation method. Typically a tester is used to simulate server
traffic.
LoadTraffic size, which can be light (less than 1000 flows) and heavy (more than 1000 flows).
Traffic direction to firewalls/LBConfiguration used to direct traffic to firewalls and load
balancers, other than PBR, DRNI, VRRP, static routes.
Forwarding models
No. Traffic
type Dire
ction Forwarding path Traffic
simulation Load Traffic
direction to
firewalls/LB
U-4-101 IPv4
known
unicast
South
to
north
Network > DeviceC >
DeviceA&B > DeviceD >
Server Tester Light N/A
U-6-101 IPv6
known
unicast
South
to
north
Network > DeviceC >
DeviceA&B > DeviceD >
Server Tester Light N/A
14
Testing network convergence upon single points
of failure
Table 2 Network convergence upon single points of failure
Device
Failure type
Traffic interruption time
DRNI
Single point of failure on DR member
links < 500 ms
Single point of failure restored on DR
member links < 500 ms
Single point of failure on uplink ECMP
links < 500 ms
Single point of failure restored on
uplink ECMP links < 500 ms
IPL failure < 500 ms
IPL failure restored < 500 ms
Keepalive link failure 0 ms
Keepalive link failure restored 0 ms
Keepalive link and IPL failure < 5000 ms
Keepalive link and IPL restored < 1000 ms
Upgrading the devices < 500 ms (per-device upgrade)
Expanding the network N/A
Replacing hardware
Fixed-port device: < 500 ms
Modular device:
Device replacement: < 1000 ms
Switching fabric module replacement: 0 ms
Service module replacement: < 500 ms
Verifying the configuration
Verifying the status of the DR system
Verify that the IPP and the DR interface are working correctly on Device A and Device B. Use Device
A as an example.
# Display summary information about the IPP and DR interface.
[DeviceA] display drni summary
Flags: A -- Aggregate interface down, B -- No peer DR interface configured
C -- Configuration consistency check failed
IPP: BAGG1
IPP state (cause): UP
Keepalive link state (cause): UP
DR interface information
DR interface DR group Local state (cause) Peer state Remaining down time (s)
15
BAGG3 1 UP UP -
# Verify that keepalive link is working correctly.
[DeviceA] display drni keepalive
Neighbor keepalive link status: Up
Neighbor is alive for: 64765 s 28 ms
Keepalive packet transmission status:
Sent: Successful
Received: Successful
Last received keepalive packet information:
Source IP address: 21.1.1.2
Time: 2021/01/17 17:10:52
Action: Accept
DR keepalive parameters:
Destination IP address: 21.1.1.2
Source IP address: 21.1.1.1
Keepalive UDP port : 6400
Keepalive VPN name : N/A
Keepalive interval : 1000 ms
Keepalive timeout : 5 sec
Keepalive hold time: 3 sec
# Display the DR system settings.
<DeviceA> display drni system
System information
Local system number: 1 Peer system number: 2
Local system MAC: 0002-0002-0002 Peer system MAC: 0002-0002-0002
Local system priority: 123 Peer system priority: 123
Local bridge MAC: 3cd4-3ce1-0200 Peer bridge MAC: 3cd4-437d-0300
Local effective role: Primary Peer effective role: Secondary
Health level: 0
Standalone mode on split: Enabled
In standalone mode: No
System timer information
Timer State Value (s) Remaining time (s)
Auto recovery Disabled - -
Restore delay Disabled 300 -
Consistency-check delay Disabled 150 -
Standalone delay Disabled - -
Role to None delay Disabled 60 -
# Display detailed information about the IPP and DR interfaces.
[DeviceA] display drni verbose
Flags: A -- Home_Gateway, B -- Neighbor_Gateway, C -- Other_Gateway,
D -- IPP_Activity, E -- DRCP_Timeout, F -- Gateway_Sync,
G -- Port_Sync, H -- Expired
IPP/IPP ID: BAGG1/1
State: UP
16
Cause: -
Local DRCP flags/Peer DRCP flags: ABDFG/ABDFG
Local Selected ports (index): HGE1/0/3 (27), HGE1/0/4 (32)
Peer Selected ports indexes: 125, 130
DR interface/DR group ID: BAGG3/1
Local DR interface state: UP
Peer DR interface state: UP
DR group state: UP
Local DR interface down cause: -
Remaining DRNI DOWN time: -
Local DR interface LACP MAC: Config=0002-0002-0002, Effective=0002-0002-0002
Peer DR interface LACP MAC: Config=0002-0002-0002, Effective=0002-0002-0002
Local DR interface LACP priority: Config=123, Effective=123
Peer DR interface LACP priority: Config=123, Effective=123
Local DRCP flags/Peer DRCP flags: ABDFG/ABDFG
Local Selected ports (index): HGE1/0/1 (12), HGE1/0/2 (13)
Peer Selected ports indexes: 56, 57
Verifying the routing protocols
# Display the OSPF neighbors of Device A.
[DeviceA] display ospf peer
OSPF Process 1 with Router ID 3.3.3.3
Neighbor Brief Information
Area: 0.0.0.0
Router ID Address Pri Dead-Time State Interface
4.4.4.4 101.1.1.2 1 36 Full/DR Vlan101
5.5.5.5 32.1.1.2 1 38 Full/DR Vlan32
6.6.6.6 100.1.1.110 1 36 Full/DR Vlan100
# Display the OSPFv3 neighbors of Device A.
[DeviceA] display ospfv3 peer
OSPFv3 Process 1 with Router ID 3.3.3.3
Area: 0.0.0.0
-------------------------------------------------------------------------
Router ID Pri State Dead-Time InstID Interface
4.4.4.4 1 Full/DR 00:00:36 0 Vlan101
5.5.5.5 1 Full/DR 00:00:35 0 Vlan32
6.6.6.6 1 Full/DR 00:00:35 0 Vlan100
# Display the OSPF neighbors of Device B.
[DeviceB] display ospf peer
OSPF Process 1 with Router ID 4.4.4.4
Neighbor Brief Information
17
Area: 0.0.0.0
Router ID Address Pri Dead-Time State Interface
3.3.3.3 101.1.1.1 1 32 Full/BDR Vlan101
5.5.5.5 33.1.1.2 1 33 Full/DR Vlan33
6.6.6.6 100.1.1.110 1 36 Full/DR Vlan100
# Display the OSPFv3 neighbors of Device B.
[DeviceB] display ospfv3 peer
OSPFv3 Process 1 with Router ID 4.4.4.4
Area: 0.0.0.0
-------------------------------------------------------------------------
Router ID Pri State Dead-Time InstID Interface
3.3.3.3 1 Full/BDR 00:00:35 0 Vlan101
5.5.5.5 1 Full/DR 00:00:38 0 Vlan33
6.6.6.6 1 Full/DR 00:00:36 0 Vlan100
# Display the OSPF neighbors of Device C.
[DeviceC] display ospf peer
OSPF Process 1 with Router ID 5.5.5.5
Neighbor Brief Information
Area: 0.0.0.0
Router ID Address Pri Dead-Time State Interface
3.3.3.3 32.1.1.1 1 32 Full/DR Vlan32
4.4.4.4 33.1.1.1 1 38 Full/DR Vlan33
# Display the OSPFv3 neighbors of Device C.
[DeviceC] display ospfv3 peer
OSPFv3 Process 1 with Router ID 5.5.5.5
Area: 0.0.0.0
-------------------------------------------------------------------------
Router ID Pri State Dead-Time InstID Interface
3.3.3.3 1 Full/DR 00:00:37 0 Vlan32
4.4.4.4 1 Full/DR 00:00:34 0 Vlan33
Verifying that Server 1 and Server 2 can communicate with Network
Server 1 and Server 2 can communicate with Network through both IPv4 and IPv6 addresses.
Verifying that Server 1 and Server 2 can still communicate with Network when the uplink
interface of Device A or Device B fails
Disconnect the interface connecting Device A to Device C. Server 1 and Server 2 can still
communicate with Network (transient packet loss occurs during the traffic switchover process).
Displaying the brief spanning tree status and statistics
<DeviceA> display stp brief
MST ID Port Role STP State Protection
0 Bridge-Aggregation3 (DRNI) DESI FORWARDING NONE
18
<DeviceB> display stp brief
MST ID Port Role STP State Protection
0 Bridge-Aggregation3 (DRNI) DESI FORWARDING NONE
Verifying OSPF and OSPFv3 peer establishment with the DRNI virtual IP addresses
[DeviceD]display ospf peer
OSPF Process 1 with Router ID 6.6.6.6
Neighbor Brief Information
Area: 0.0.0.0
Router ID Address Pri Dead-Time State Interface
3.3.3.3 100.1.1.101 1 38 Full/DR Vlan100
4.4.4.4 100.1.1.102 1 33 Full/DROther Vlan100
[DeviceD]display ospfv3 peer
OSPFv3 Process 1 with Router ID 6.6.6.6
Area: 0.0.0.0
-------------------------------------------------------------------------
Router ID Pri State Dead-Time InstID Interface
3.3.3.3 1 Full/DROther 00:00:32 0 Vlan100
4.4.4.4 1 Full/BDR 00:00:34 0 Vlan100
Upgrading the devices
Upgrading the DR member devices
Checking the environment
Execute the commands in "Verifying the configuration" and the following commands to verify that the
devices are available for an upgrade.
DRNI 1
DRNI 2
Description
display device
display device
Displays device information
display boot-loader display boot-loader Displays current software images
and startup software images.
display version
display version
Displays system version information.
Upgrading the devices
1. Use the display version command to verify the current BootWare image version and
startup software version.
2. Use the release notes for the upgrade software version to evaluate the upgrade impact on your
network and verify the following items:
Software and hardware compatibility.
Version and size of the upgrade software.
Compatibility of the upgrade software with the current BootWare image and startup software
image.
19
3. Use the dir command to verify that the device has sufficient storage space for the upgrade
images. If the storage space is not sufficient, delete unused files by using the delete
command. Verify that each MPU in the system has sufficient storage space.
4. Use FTP or TFTP to transfer the upgrade image file to the root directory of a file system.
5. Upgrade the device according to the configuration guides for the device.
Verifying the traffic interruption time during the upgrade
Verify that the traffic interruption time is shorter than 500 ms during a switchover and shorter than
150 ms during fallback when the traffic load is light. For more information, see “Testing network
convergence upon single points of failure.”
Verifying the upgrade result
Execute the commands in "Verifying the configuration" and the following commands to verify that the
device is upgraded successfully.
DRNI 1
DRNI 2
Description
display device
display device
Displays device information
display boot-loader display boot-loader Displays current software images
and startup software images.
display version
display version
Displays system version information.
Expanding the network
An expansion operation adds two leaf devices.
Adding a DR member device
Checking the environment
Execute the commands in "Verifying the configuration" and the following commands to verify that the
device is available for an expansion.
DRNI 1
DRNI 2
Description
display device
display device
Displays device information
display boot-loader display boot-loader Displays current software images
and startup software images.
display version
display version
Displays system version information.
Expanding the network
1. Disconnect the device from network management systems.
2. Upgrade the software of the device as needed.
3. Preconfigure the device.
4. Connect the device to network management systems.
5. Incorporate the device on the controller.
Verifying the traffic interruption time
For more information, see “Testing network convergence upon single points of failure.”
Page is loading ...
Page is loading ...
  • Page 1 1
  • Page 2 2
  • Page 3 3
  • Page 4 4
  • Page 5 5
  • Page 6 6
  • Page 7 7
  • Page 8 8
  • Page 9 9
  • Page 10 10
  • Page 11 11
  • Page 12 12
  • Page 13 13
  • Page 14 14
  • Page 15 15
  • Page 16 16
  • Page 17 17
  • Page 18 18
  • Page 19 19
  • Page 20 20
  • Page 21 21
  • Page 22 22

Aruba DRNI+IPv4 and IPv6 Dual-Active VLAN Gateway Configuration Guide

Aruba
Brand
Aruba
Model
DRNI+IPv4 and IPv6 Dual-Active VLAN Gateway
Type
Configuration Guide
Download PDF
report

Ask a question and I''ll find the answer in the document

Finding information in a document is now easier with AI

Related papers

Other documents