Aruba JH348A Configuration Guide

JH348A
Aruba
Brand
Aruba
Model
JH348A
Category
Networking
Type
Configuration Guide
i
Contents
Example: Access to DRNI Through Dynamic Routing and Distributed EVPN
Gateways Configuration Example ·································································· 1
Network configuration ········································································································································ 1
Applicable product matrix ··································································································································· 5
Analysis ······························································································································································ 5
Restrictions and guidelines ································································································································ 6
DRNI configuration ····································································································································· 6
Routing configuration ································································································································· 6
Procedures ························································································································································· 7
Configuring leaf devices ····························································································································· 7
Configuring spine devices ························································································································ 25
Configuring the border device ·················································································································· 29
Overlay traffic forwarding models ············································································································· 33
Testing network convergence ·················································································································· 44
Verifying the configuration ························································································································ 45
Upgrading the devices ····································································································································· 48
Upgrading the leaf devices ······················································································································· 48
Upgrading the spine devices ···················································································································· 49
Upgrading the border device ···················································································································· 50
Expanding the network····································································································································· 51
Adding a leaf device ································································································································· 51
Replacing hardware ········································································································································· 52
Replacing a leaf device ···························································································································· 52
1
Example: Access to DRNI Through
Dynamic Routing and Distributed EVPN
Gateways Configuration Example
Network configuration
As shown in Figure 1:
•
Leaf 1 and Leaf 2 are distributed EVPN gateways that are virtualized into one DR system. The
IPL is an Ethernet aggregate link.
•
Spine 1 and Spine 2 act as RRs to reflect routes between the leaf devices and between the
leaf and border devices.
•
Switch A and Switch B each is dual-homed to Leaf 1 and Leaf 2 through an Ethernet aggregate
link. To avoid single points of failure, a Layer 2 Ethernet interface that contains member ports
across devices is configured for the links connected to each VM.
•
Standalone device Leaf 3 is connected to Switch C through a Layer 2 aggregate link.
•
Switch D and Switch E each is single-homed to Leaf 1 and Leaf 2 through a physical link.
•
To forward VXLAN traffic from one DR member to the other DR member for single-homed ACs,
the DR member devices create VXLAN tunnels over the IPL.
•
For Layer 3 communication, enable a routing protocol for route advertisement between Leaf 1
and Leaf 2 and the user network. The underlay network is an IPv4 network and the overlay
network is an IPv4 and IPv6 network.
2
Figure 1 Network diagram
Table 1 Topology and IP assignment
Device
Interface
IP address
Remarks
Leaf 1
Loopback 0 1.1.1.1/32 VTEP address
Used to establish BGP EVPN peer
relationship
Loopback 1 1.2.3.4/32 Virtual VTEP address
VLAN-interface
4094 100.0.1.1/24
Attached to the link that forwards
east-west traffic
HGE 1/0/25 N/A Attached to the IPL
Connected to HGE 1/0/25 on Leaf 2
HGE 1/0/26 100.0.0.1/24 Attached to the keepalive link
Server D
V
M
4
HGE 1/0/3
XGE 1/1/3
Server B
XGE 1/2/24
Server A Server E
XGE 1/1/10
Server C
XGE 1/0/3
HGE 1/0/30
Border
HGE 1/0/25
HGE 1/0/9
HGE 1/0/26 HGE 1/0/9
Spine2Spine 1
HGE 1/0/4
HGE 1/0/27
HGE1/0/5
HGE1/0/27
HGE 1/0/28
HGE 1/0/5
HGE 1/0/4
HGE1 0/28
HGE 1/0/25 HGE 1/0/25
HGE 1/0/26 HGE 1/0/26
HGE 1/0/32
WGE 1/0/1
WGE1/0/2
XGE 1/0/2
XGE 1/0/1
XGE 1/0/2
XGE 1/0/2
HGE 1/0/6
HGE 1/0/28
XGE 1/0/1
XGE 1/0/1
Peer link
XGE 1/0/1
XGE 1/0/1
HGE 1/0/30 HGE 1/1/3
HGE 1/0/1
HGE 1/0/6
Leaf 2 Leaf 3
Loop0 6.6.6.6/32
Switch C
Switch D
Switch E
Switch A Switch B
Keepalive
V
M
1
V
M
2
V
M
6
V
M
3
V
M
5
Loop0 1.1.1.1/32
Loop1 1.2.3.4/32
Leaf 1
Loop0 2.2.2.2/32
Loop1 1.2.3.4/32 Loop0 3.3.3.3/32
Loop0 5.5.5.5/32
Loop0 4.4.4.4/32
IPL
3
Device
Interface
IP address
Remarks
100::1/64
Connected to HGE 1/0/26 on Leaf 2.
HGE 1/0/27 Borrowed from Loopback
0 Connected to HGE 1/0/4 on Spine 1.
HGE 1/0/28 Borrowed from Loopback
0 Connected to HGE 1/0/4 on Spine 2.
HGE 1/0/32 N/A AC interface
Connected to HGE 1/0/1 on Switch
D
WGE 1/0/1 N/A DR group member port
Connected to Server A
WGE 1/0/2 N/A DR group member port
Connected to Server B
VSI-interface 10
20.1.1.1/24
20:1:1:1::1/64
Virtual IP: 20.1.1.5/24
IPv6 virtual IP:
20:1:1:1::5/64
Gateway interface for VXLAN 100
VSI-interface 20
20.2.1.1/24
20:2:1:1::1/64
Virtual IP: 20.2.1.5/24
IPv6 virtual IP:
20:2:1:1::5/64
Gateway interface for VXLAN 101
VSI-interface 100 N/A Associated with a L3 VXLAN ID
Leaf 2
Loopback 0 2.2.2.2/32 VTEP address
Used to establish BGP EVPN peer
relationship
Loopback 1 1.2.3.4/32 Virtual VTEP address
VLAN-interface
4094 100.0.1.2/24
Attached to the link that forwards
east-west traffic
HGE 1/0/25 N/A Attached to the IPL
Connected to HGE 1/0/25 on Leaf 1
HGE 1/0/26 100.0.0.2/24
100::2/64 Attached to the keepalive link
Connected to HGE 1/0/26 on Leaf 1
HGE 1/0/27 N/A Borrowed from Loopback 0
Connected to HGE 1/0/5 on Spine 1
HGE 1/0/28 N/A Borrowed from Loopback 0
Connected to HGE 1/0/5 on Spine 2
HGE 1/0/30 N/A Single-homed AC interface
Connected to HGE 1/1/3 on Switch
E
XGE 1/0/1 N/A DR group member port
Connected to Server B
XGE 1/0/2 N/A DR group member port
4
Device
Interface
IP address
Remarks
Connected to Server A
VSI-interface 10
20.1.1.1/24
20:1:1:1::1/64
Virtual IP: 20.1.1.6/24
IPv6 virtual IP:
20:1:1:1::6/64
Gateway interface for VXLAN 100
VSI-interface 20
20.2.1.1/24
20:2:1:1::1/64
Virtual IP: 20.2.1.6/24
IPv6 virtual IP:
20:2:1:1::6/64
Gateway interface for VXLAN 101
VSI-interface 100 N/A Associated with a L3 VXLAN ID
Leaf 3
Loopback 0 3.3.3.3/32 VTEP address
Used to establish BGP EVPN peer
relationship
HGE 1/0/27 Borrowed from Loopback
0 Connected to HGE 1/0/6 on Spine 1
HGE 1/0/28 Borrowed from Loopback
0 Connected to HGE 1/0/6 on Spine 2
XGE 1/0/1 N/A Member port of a Layer 2 aggregate
interface
Connected to Server 3
Spine 1
Loopback 0 4.4.4.4/32 VTEP address
Used to establish BGP EVPN peer
relationship
HGE 1/0/4 N/A Borrowed from Loopback 0
Connected to HGE 1/0/27 on Leaf 1
HGE 1/0/5 N/A Borrowed from Loopback 0
Connected to HGE 1/0/27 on Leaf 2
HGE 1/0/6 N/A Borrowed from Loopback 0
Connected to HGE 1/0/27 on Leaf 3
HGE 1/0/9 30.0.0.1/24 Connected to HGE 1/0/25
on the
border device
Spine 2
Loopback 0 5.5.5.5/32 VTEP address
Used to establish BGP EVPN peer
relationship
HGE 1/0/4 N/A Borrowed from Loopback 0
Connected to HGE 1/0/28 on Leaf 1
HGE 1/0/5 N/A Borrowed from Loopback 0
Connected to HGE 1/0/28 on Leaf 2
HGE 1/0/6 N/A Borrowed from Loopback 0
Connected to HGE 1/0/28 on Leaf 3
HGE 1/0/9 31.0.0.1/24 Connected to HGE 1/0/26
on the
border device
5
Device
Interface
IP address
Remarks
Border
Loopback 0 6.6.6.6/32 VTEP address
Used to establish BGP EVPN peer
relationship
HGE 1/0/25 30.0.0.2/24 Connected to HGE 1/0/9 on Spine 1
HGE 1/0/26 31.0.0.2/24 Connected to HGE 1/0/9 on Spine 2
HGE 1/0/30 50.0.0.1/24 Connected to the external network
VSI-interface 100 N/A Associated with a L3 VXLAN ID
Applicable product matrix
IMPORTANT:
In addition to running an applicable software version, you must also install the most recent patch, if
any.
Device
Software version
Spine
HPE FlexFabric 12900E Switch
Series (Type K) R5210
HPE FlexFabric 12900E Switch
Series (Type X) R7624P08
Leaf or border
HPE FlexFabric 12900E Switch
Series (Type X)
(only border, not
leaf) R7624P08
HPE FlexFabric 5944 & 5945 Switch
Series R6710
HPE FlexFabric 5940 Switch Series R6710
HPE FlexFabric 5710 Switch Series R6710
SDN controller N/A Contact Hewlett Packard Enterprise
support to
verify version compatibility
Analysis
Leaf 1 and Leaf 2 form a DR system and the same VSI interface on the leaf devices is assigned the
same IP address and MAC address. As a result, the leaf devices cannot separately establish EBGP
peer relationship with Switch A and Switch B. For Leaf 1 and Leaf 2 to separately establish EBGP
peer relationship with the switches, you must assign different DRNI virtual IP addresses to the same
VSI interface on the leaf devices. Then, Leaf 1 and Leaf 2 each can use its own DRNI virtual IP
address to establish EBGP peer relationship with the switches. To configure an DRNI virtual IP
address on a VSI interface, use the port drni virtual-ip command.
For the servers to reach one another, configure Switch A through Switch E to import direct routes to
EBGP.
6
Restrictions and guidelines
DRNI configuration
•
When Leaf 1 and Leaf 2 create VXLAN tunnels over the IPL, the tunnel source IP address is
the virtual VTEP address of the DR system. The tunnel destination IP address is the VTEP
address of the local leaf device. When traffic from a single-homed server is forwarded from
one DR member to the other DR member through a VXLAN tunnel created on the IPL, the
latter DR member cannot decapsulate the traffic. To resolve this issue, use the vxlan
default-decapsulation source interface loopback 0 command on the latter DR
member so that the DR member can decapsulate the traffic.
•
In this example, Leaf 1 is the primary device and Leaf 2 is the secondary device in the DR
system. When the IPL is disconnected, the links connecting Leaf 1 to Sever A and Sever B are
also disconnected. However, the EBGP connections to Sever A and Sever B go down only
when the BGP peer relationship expires. The convergence time is up to dozens seconds and
even more than 100 seconds. To resolve this issue, use the drni mad include interface
command on Leaf 1 to add the interfaces connected to Server A and Server B to the
user-configured list of included ports. The interfaces will be shut down by DRNI MAD when the
DR system splits.
•
When GIR is configured on a DR member device and the DR member device is isolated, traffic
from single-homed interfaces on the DR member device still can be forwarded to a leaf device.
•
In an EVPN distributed relay network, AC interfaces and VSI interfaces support QoS rate limit.
•
To avoid packet loss or other forwarding issues when the secondary device that has a large
number of entries or is being upgraded joins the DR system, use the drni restore-delay
command to increase the data restoration interval.
Routing configuration
•
You can configure a router ID for an OSPF process or BGP instance. If you do not configure a
router ID, the OSPF process or BGP instance uses the global router ID. Make sure the router
ID for each device is unique in the network.
•
For the remote leaf and border devices to establish tunnels only with the DR system
(represented by the virtual VTEP address), use the nexthop evpn-drni group-address
command in BGP EVPN address family view on the DR member devices. When this command
is used, the VXLAN tunnels established between the DR member devices go down. To resolve
this issue, configure a routing policy for each DR member device to use its local VTEP address
as the next hop of BGP EVPN routes advertised to the other DR member device. The following
information shows the settings:
#
route-policy 1 permit node 1
if-match route-type bgp-evpn-ip-prefix
apply ip-address next-hop 1.1.1.1
#
route-policy 1 deny node 10
#
bgp 20
address-family l2vpn evpn
nexthop evpn-drni group-address
peer 2.2.2.2 route-policy 1 export
#
7
•
As a best practice, use the nexthop evpn-drni group-address command. If you do not
use this command, OSPF advertises the IP address of Loopback 0. When the IPL recovers
from a failure or a DR member device finishes reboot, the following issues exist:
 Traffic detour—When the IPL recovers from a failure or a DR member device finishes
reboot, the IPL comes up earlier than other links. The VLAN interfaces used to forward
east-west traffic also come up. As a result, the tunnels between the failed DR member and
remote VTEPs come up before the failed DR member recovers. Downstream traffic from
the remote VTEPs to the failed DR member is forwarded to the failed DR member.
Because the failed DR member has not recovered, the failed DR member forwards the
traffic to the other DR member through the IPL. In this process, detour exists for the traffic.
 Two traffic convergences—The first traffic convergence occurs when the IPL recovers
and the second traffic convergence occurs when DRNI MAD brings up the interfaces that
were shut down when the DR system split.
Procedures
Configuring leaf devices
Procedure summary
•
Configuring DRNI settings
•
Configuring the links connected to the spine devices
•
Configuring the overlay network
•
Configuring links for dual-homed servers
•
Configuring links for single-homed servers
Configuring DRNI settings
Leaf 1 (5945) Leaf 2 (5945) Configuration
method
Description Remarks
drni system-mac
cda-8037-1324 drni system-mac
cda-8037-1324
Manual or
controller-based
Configure the DR
system MAC
address.
For the DR
member devices
to be identified as
one DR system,
you must
configure the
same DR system
MAC address on
them.
drni system-number
1 drni system-number
2
Manual or
controller-based Set the DR
system number.
You must assign
different DR
system numbers
to the DR member
devices in
a DR
system.
drni system-priority
100 drni system-priority
100
Manual or
controller-based Set the DR
system priority.
You must
configure the
same DR system
priority for the DR
member devices
in a DR system.
drni
keepalive ip
destination 100.0.0.2
source 100.0.0.1
drni
keepalive ip
destination
100.0.0.1 source
100.0.0.2
Manual or
controller-based
Specify the
destination and
source IP
addresses of
N/A
8
Leaf 1 (5945) Leaf 2 (5945) Configuration
method
Description Remarks
keepalive packets.
interface
hundredgige 1/0/26 interface
hundredgige 1/0/26
Manual or
controller-based
Enter the view of
HundredGigE
1/0/26
. The
interface is
attached to the
keepalive link.
N/A
port link-mode route port link-mode route
Manual or
controller-based
Set the link mode
of the keepalive
interface to Layer
3.
N/A
ip address 100.0.0.1
24 ip address 100.0.0.2
24
Manual or
controller-based
Assign an IP
address to
HundredGigE
1/0/26
. This IP
ad
dress is the
source IP address
of keepalive
packets.
N/A
quit quit N/A N/A N/A
drni mad
default-action none drni mad
default-action none
Manual or
controller-based
Configure DRNI
MAD to
not shut
down any network
interfaces when
the DR system
splits, except the
interfaces
configured
manually or by the
system to be shut
down by DRNI
MAD.
N/A
drni restore-delay
300 drni restore-delay
300
Manual or
controller-based
Set the data
restoration interval
to 300 seconds. N/A
drni
mad include
interface
hundredgige 1/0/27
drni
mad include
interface
hundredgige 1/0/27
Manual or
controller-based
Add HundredGigE
1/0/27
to the
user-configured
list of included
ports, which will
be shut down by
DRNI MAD when
the DR system
splits
N/A
drni
mad include
interface
hundredgige 1/0/28
drni
mad include
interface
hundredgige 1/0/28
Manual or
controller-based
A
dd HundredGigE
1/0/28
to the
user-configured
list of included
ports, which will
be shut down by
DRNI MAD when
the DR system
splits
N/A
vlan all vlan all
Manual or
controller-based Create all VLANs. N/A
9
Leaf 1 (5945) Leaf 2 (5945) Configuration
method
Description Remarks
interface
vlan-interface 4094 interface
vlan-interface 4094
Manual or
controller-based
Create
VLAN-interface
4094 and enter its
view.
VLAN-interface
4094
is used to
forward east-west
traffic. The VLAN
interface cannot
borrow IP
addresses from
loopback
interfaces.
ip address 100.0.1.1
24 ip address 100.0.1.2
24
Manual or
controller-based
Assign an IP
address to the
interface. N/A
ospf 1 area 0 ospf 1 area 0
Manual or
controller-based
Enable OSPF
process 1 on the
interface. N/A
quit quit
Manual or
controller-based N/A N/A
interface
bridge-aggregation 1
interface
bridge-aggregation
1
Manual or
controller-based
Create Layer 2
aggregate
interface
Bridge-Aggregatio
n 1. This
aggregate
interface will be
used as the IPP.
N/A
quit quit
Manual or
controller-based N/A N/A
interface
hundredgige 1/0/25 interface
hundredgige 1/0/25
Manual or
controller-based
Enter the view of
the physical
interface that will
be assigned to the
IPP.
N/A
port link-aggregation
group 1
port
link-aggregation
group 1
Manual or
controller-based
Assign the
physical interface
to
Bridge-Aggregatio
n 1.
Bridge-Aggregatio
n 1 will be
configured as the
IPP.
N/A
quit quit
Manual or
controller-based N/A N/A
interface
bridge-aggregation 1
interface
bridge-aggregation
1
Manual or
controller-based
Enter the
view of
Bridge-Aggregatio
n 1. N/A
link-aggregation
mode dynamic link-aggregation
mode dynamic
Manual or
controller-based
Configure the
aggregate
interface to
operate in
dynamic
aggregation mode
N/A
port drni
intra-portal-port 1 port drni
intra-portal-port 1
Manual or
controller-based
Specify the
aggregate N/A
10
Leaf 1 (5945) Leaf 2 (5945) Configuration
method
Description Remarks
interface as the
IPP.
port link-type trunk port link-type trunk
Manual or
controller-based
Set the link type of
the aggregate
interface to trunk. N/A
port trunk permit vlan
all
port trunk permit
vlan all
Manual or
controller-based
Assign the
aggregate
interface to all
VLANs.
N/A
port trunk pvid vlan
4094
port trunk pvid vlan
4094
Manual or
controller-based
Set the PVID of
the aggregate
interface to 4094.
VLAN 4094 is a
VLAN
used to
provide services
when
all services
become
unavailable.
undo mac-address
static source-check
enable
undo mac-address
static source-check
enable
Manual or
controller-based
E
nable the static
source check
feature. N/A
flow-interval 5 flow-interval 5
Manual or
controller-based
Set the statistics
polling interval to
5 seconds
on the
aggregate
interface.
N/A
quit quit
Manual or
controller-based N/A N/A
Configuring the links connected to the spine devices
Leaf 1 (5945)
Leaf 2 (5944)
Leaf 3 (5944)
Description
Remarks
interface
loopback 0 interface loopback 0 interface loopback 0
Create interface
Loopback
0 and
enter its view. N/A
ip address 1.1.1.1
32 ip address 2.2.2.2
32 ip address 3.3.3.3
32
Assign an IP
address to the
interface.
This IP address
will be used as
the VTEP
address. Make
sure each
device is
assigned a
unique VTEP
address.
quit quit quit N/A N/A
interface
loopback 1 interface loopback 1 N/A
Create interface
Loopback
1 and
enter its view. N/A
ip address 1.2.3.4
32 ip address 1.2.3.4
32 N/A
Assign an IP
address to the
interface.
Specify this IP
address as the
virtual VTEP
address when
you enable
EVPN
distributed relay.
quit quit N/A N/A N/A
11
Leaf 1 (5945)
Leaf 2 (5944)
Leaf 3 (5944)
Description
Remarks
ospf 1 router-id
1.1.1.1 ospf 1 router-id
2.2.2.2 ospf 1 router-id
3.3.3.3
Enable OSPF
process 1 and enter
OSPF process view. N/A
non-stop-routing non-stop-routing non-stop-routing
Enable NSR for the
OSPF process. N/A
stub-router
include-stub
on-startup 900
stub-router
include-stub
on-startup 900
stub-router
include-stub
on-startup 900
Configure the router
as a stub router
during reboot and
specify
the timeout
time to 900 seconds
t
o accelerate
network
convergence.
N/A
area 0.0.0.0 area 0.0.0.0 area 0.0.0.0
Create an OSPF
area and enter
OSPF area view or
OSPF IPv4 unicast
topology area view.
N/A
network 1.1.1.1
0.0.0.0 network 2.2.2.2
0.0.0.0 network 3.3.3.3
0.0.0.0
E
nable OSPF on
the interface
attached to the
specified
network in
the area.
N/A
network 1.2.3.4
0.0.0.0 network 1.2.3.4
0.0.0.0 N/A
E
nable OSPF on
the interface
attached to the
specified network in
the area.
N/A
quit quit quit N/A N/A
quit quit quit N/A N/A
interface range
hundredgige
1/0/27
hundredgige
1/0/28
interface range
hundredgige 1/0/27
hundredgige 1/0/28
interface range
hundredgige 1/0/27
hundredgige 1/0/28
Enter the interface
range view of the
interfaces
connected to the
spine devices.
N/A
port link-mode
route port link-mode route port link-mode route
Set the link mode of
the interfaces to
Layer 3. N/A
flow-interval 5 flow-interval 5 flow-interval 5
Set the statistics
polling interval to 5
seconds on the
interfaces.
N/A
ip address
unnumbered
interface
loopback 0
ip address
unnumbered
interface loopback 0
ip address
unnumbered
interface loopback 0
Configure the
interfaces
to borrow
the IP address of
interface Loopback
0.
N/A
ospf network-type
p2p ospf network-type
p2p ospf network-type
p2p
Set the OSPF
network type to P2P
on the interfaces. N/A
ospf 1 area
0.0.0.0 ospf 1 area 0.0.0.0 ospf 1 area 0.0.0.0 Enable OSPF
process 1 on the
interfaces. N/A
12
Leaf 1 (5945)
Leaf 2 (5944)
Leaf 3 (5944)
Description
Remarks
ospf peer
hold-max-cost
duration 20000
ospf peer
hold-max-cost
duration 20000
ospf peer
hold-max-cost
duration 20000
E
nable OSPF to
advertise the
maximum link cost
to neighbors within
20000 milliseconds.
Route
convergence
optimization.
lldp
management-add
ress arp-learning
lldp
management-addre
ss arp-learning
lldp
management-addre
ss arp-learning
Configure the
interfaces to
generate an ARP
entry after receiving
an LLDP frame that
carries a
management
address TLV.
N/A
lldp tlv-enable
basic-tlv
management-add
ress-
tlv interface
loopback 0
lldp tlv-enable
basic-tlv
management-addre
ss-
tlv interface
loopback 0
lldp tlv-enable
basic-tlv
management-addre
ss-
tlv interface
loopback 0
C
onfigure the types
of advertisable
TLVs
on the
interfaces.
N/A
undo
mac-address
static
source-check
enable
undo mac-address
static source-check
enable
undo mac-address
static source-check
enable
D
isable the static
source check
feature. N/A
quit quit quit N/A N/A
bgp 20 bgp 20 bgp 20 Create BGP
instance 20 and
enter its view. N/A
router-id 1.1.1.1 router-id 2.2.2.2 router-id 3.3.3.3
Specify a router ID
for the BGP
instance. N/A
peer 4.4.4.4
as-number 20 peer 4.4.4.4
as-number 20 peer 4.4.4.4
as-number 20
Create BGP peer
4.4.4.4
and specify
AS number 20 for
the peer.
N/A
peer 4.4.4.4
connect-interface
loopback 0
peer 4.4.4.4
connect-interface
loopback 0
peer 4.4.4.4
connect-interface
loopback 0
Specify
Loopback 0
as the source
interface for
establishing TCP
connections to peer
4.4.4.4.
N/A
peer 5.5.5.5
as-number 20 peer 5.5.5.5
as-number 20 peer 5.5.5.5
as-number 20
Create BGP peer
5.5.5.5
and specify
AS number 20 for
the peer.
N/A
peer 5.5.5.5
connect-interface
loopback 0
peer 5.5.5.5
connect-interface
loopback 0
peer 5.5.5.5
connect-interface
loopback 0
Specify
Loopback 0
as the source
interface for
establishing TCP
connections to peer
5.5.5.5.
N/A
address-family
l2vpn evpn address-family
l2vpn evpn address-family
l2vpn evpn
Enter BGP EVPN
address family view. N/A
nexthop evpn-drni
group-address nexthop evpn-drni
group-address nexthop evpn-drni
group-address Enable the device to
replace the next hop N/A
13
Leaf 1 (5945)
Leaf 2 (5944)
Leaf 3 (5944)
Description
Remarks
in advertised BGP
EVPN routes with
the v
irtual VTEP
address.
peer 4.4.4.4
enable peer 4.4.4.4 enable peer 4.4.4.4 enable
Enable
the local
router
to exchange
unicast routing
information with
peer 4.4.4.4.
N/A
peer 5.5.5.5
enable peer 5.5.5.5 enable peer 5.5.5.5 enable
Enable
the local
router
to exchange
unicast routing
information with
peer 5.5.5.5.
N/A
quit quit quit N/A N/A
quit quit quit N/A N/A
Configuring the overlay network
Leaf 1 (5945)
Leaf 2 (5944)
Leaf 3 (5944)
Description
Remarks
ip vpn-instance
vpn1 ip vpn-instance
vpn1 ip vpn-instance
vpn1
Create VPN instance
vpn1 and enter its view,
or directly enter the
view of the VPN
instance if the VPN
instance already exists.
N/A
route-distinguishe
r 1:100 route-distinguisher
1:101 route-distinguisher
1:102 Configure an RD for the
VPN instance. N/A
address-family
ipv4 address-family ipv4 address-family ipv4 Enter VPN instance
IPv4
address family
view. N/A
vpn-target 1:100 vpn-target 1:100 vpn-target 1:100 Configure a route target
for the VPN instance. N/A
address-family
ipv6 address-family ipv6 address-family ipv6 Enter VPN instance
IPv6
address family
view. N/A
vpn-target 1:100 vpn-target 1:100 vpn-target 1:100 Configure a route target
for the VPN instance. N/A
address-family
evpn address-family evpn address-family evpn Enter VPN instance
EVPN view. N/A
vpn-target 1:100 vpn-target 1:100 vpn-target 1:100 Configure a route target
for EVPN. N/A
quit quit quit N/A N/A
quit quit quit N/A N/A
l2vpn enable l2vpn enable l2vpn enable Enable L2VPN. N/A
l2vpn drni
peer-link
ac-match-rule
vxlan-mapping
l2vpn drni peer-link
ac-match-rule
vxlan-mapping N/A
E
nable the device to
create frame match
criteria based on
VXLAN IDs for the
dynamic ACs on the
Ethernet aggregate link
N/A
14
Leaf 1 (5945)
Leaf 2 (5944)
Leaf 3 (5944)
Description
Remarks
IPL.
vxlan tunnel
mac-learning
disable
vxlan tunnel
mac-learning
disable
vxlan tunnel
mac-learning
disable
Disable remote-MAC
address learning. N/A
vxlan tunnel
arp-learning
disable
vxlan tunnel
arp-learning disable
vxlan tunnel
arp-learning disable D
isable remote ARP
learning for VXLANs. N/A
vxlan tunnel
nd-learning
disable
vxlan tunnel
nd-learning disable
vxlan tunnel
nd-learning disable Disable remote ND
learning for VXLANs. N/A
evpn drni group
1.2.3.4 evpn drni group
1.2.3.4 N/A
E
nable EVPN
distributed relay and
specify the virtual VTEP
address.
N/A
evpn global-mac
1-1-1 evpn global-mac
1-1-1 evpn global-mac
2-2-2 C
onfigure the EVPN
global MAC address. N/A
vxlan
default-decapsula
tion source
interface
loopback 0
vxlan
default-decapsulatio
n source interface
loopback 0
vxlan
default-decapsulatio
n source interface
loopback 0
E
nable default IPv4
VXLAN decapsulation. N/A
interface
vsi-interface 10 interface
vsi-interface 10 interface
vsi-interface 30 Create VSI-interface 10
and enter its view. N/A
ip binding
vpn-instance
vpn1
ip binding
vpn-instance vpn1
ip binding
vpn-instance vpn1
Associate VPN instance
vpn1 with the VSI
interface. N/A
ip address
20.1.1.1 24 ip address 20.1.1.1
24 ip address 20.3.1.1
24 Assign an IP address to
the VSI interface. N/A
mac-address
0001-0001-0002 mac-address
0001-0001-0002 mac-address
0001-0001-0004 Assign a MAC address
to the VSI interface. N/A
local-proxy-arp
enable local-proxy-arp
enable local-proxy-arp
enable
Enable local proxy
ARP. N/A
ipv6 address
20:1:1:1::1/64 ipv6 address
20:1:1:1::1/64 ipv6 address
20:3:1:1::1/64
Assign an IPv6 global
unicast address to the
VSI interface. N/A
distributed-gatew
ay local distributed-gateway
local distributed-gateway
local
Specify the VSI
interface as a
distributed gateway. N/A
quit quit quit N/A N/A
interface
vsi-interface 20 interface
vsi-interface 20 N/A Create VSI-interface 20
and enter its view. N/A
ip binding
vpn-instance
vpn1
ip binding
vpn-instance vpn1 N/A Associate VPN instance
vpn1 with the VSI
interface. N/A
ip address
20.2.1.1 24 ip address 20.2.1.1
24 N/A Assign an IP address to
the VSI interface. N/A
mac-address
0001-0001-0003 mac-address
0001-0001-0003 N/A Assign a MAC address
to the VSI interface. N/A
local-proxy-arp local-proxy-arp N/A
Enable local proxy
N/A
15
Leaf 1 (5945)
Leaf 2 (5944)
Leaf 3 (5944)
Description
Remarks
enable
enable
ARP.
ipv6 address
20:2:1:1::1/64 ipv6 address
20:2:1:1::1/64 N/A
Assign an IPv6 global
unicast address to the
VSI interface. N/A
distributed-gatew
ay local distributed-gateway
local N/A
Specify the VSI
interface as a
distributed gateway. N/A
quit quit N/A N/A N/A
interface
vsi-interface 100 interface
vsi-interface 100 interface
vsi-interface 100 Create VSI-interface
100 and enter its view. N/A
description
L3_vni description L3_vni description L3_vni
Configure a description
for the VSI interface. N/A
ip binding
vpn-instance
vpn1
ip binding
vpn-instance vpn1
ip binding
vpn-instance vpn1
Associate VPN instance
vpn1 with the VSI
interface. N/A
l3-vni 1000 l3-vni 1000 l3-vni 1000 Associate Layer 3
VXLAN I
D 1000 with
the VSI interface. N/A
quit quit quit N/A N/A
vsi vni_100 vsi vni_100 vsi vni_102
Create a VSI and enter
its view, or directly enter
the view of the VSI if
the VPN instance
already exists.
N/A
gateway
vsi-interface 10 gateway
vsi-interface 10 gateway
vsi-interface 30
Specify a gateway for
the VSI. N/A
vxlan 100 vxlan 100 vxlan 102
Create a VXLAN and
enter its view, or enter
the view of the VXLAN
if the VXLAN already
exists.
N/A
quit quit quit N/A N/A
evpn
encapsulation
vxlan
evpn encapsulation
vxlan
evpn encapsulation
vxlan C
reate an EVPN
instance on the VSI. N/A
route-distinguishe
r 1:100 route-distinguisher
1:100 route-distinguisher
1:102 Configure an RD for the
EVPN instance. N/A
vpn-target 1:100
both vpn-target 1:100
both vpn-target 1:102
both
Configure route targets
for the EVPN instance. N/A
quit quit quit N/A N/A
quit quit quit N/A N/A
vsi vni_101 vsi vni_101 N/A
Create a VSI and enter
its view, or directly enter
the view of the VSI if
the VPN instance
already exists.
N/A
gateway
vsi-interface 20 gateway
vsi-interface 20 N/A
Specify a gateway for
the VSI. N/A
vxlan 101 vxlan 101 N/A Create a VXLAN and N/A
16
Leaf 1 (5945)
Leaf 2 (5944)
Leaf 3 (5944)
Description
Remarks
enter its view, or enter
the view of the VXLAN
if the VXLAN already
exists.
quit quit N/A N/A N/A
evpn
encapsulation
vxlan
evpn encapsulation
vxlan N/A C
reate an EVPN
instance on the VSI. N/A
route-distinguishe
r 1:101 route-distinguisher
1:101 N/A Configure an RD for the
EVPN instance. N/A
vpn-target 1:101
both vpn-target 1:101
both N/A
Configure route targets
for the EVPN instance. N/A
quit quit N/A N/A N/A
quit quit N/A N/A N/A
Configuring links for dual-homed servers
Leaf 1 (5945)
Leaf 2 (5944)
Leaf 3 (5944)
Description
Remarks
interface
bridge-aggregation
2
interface
bridge-aggregation 2
interface
bridge-aggregation
1
Create a Layer 2
aggregate interface
and enter its view.
The
Layer 2
aggregate interface
on each device is
connected to a server.
N/A
link-aggregation
mode dynamic link-aggregation
mode dynamic link-aggregation
mode dynamic
Configure the Layer 2
aggregation group to
operate in dynamic
aggregation mode.
N/A
port drni group 1 port drni group 1 N/A Assign
Bridge-
Aggregation 2
to DR group 1. N/A
stp edged-port stp edged-port stp edged-port
Configure the Layer 2
aggregate interface
as an
edge port for
the spanning tree
feature.
N/A
port link-type trunk port link-type trunk port link-type trunk Set the link type of the
Layer 2 aggregate
interface to trunk. N/A
undo port trunk
permit vlan 1 undo port trunk permit
vlan 1
undo port trunk
permit vlan 1
Remove the Layer 2
aggregate interface
from VLAN 1. N/A
port trunk permit
vlan 10 20
port trunk permit vlan
10 20
port trunk permit
vlan 30
Assign the Layer 2
aggregate interface
to the specified
VLANs.
N/A
service-instance 10 service-instance 10 service-instance 30
Create an Ethernet
service instance. N/A
encapsulation s-vid
10 encapsulation s-vid
10 encapsulation s-vid
30
Configure a frame
match criterion for the
Ethernet service
N/A
17
Leaf 1 (5945)
Leaf 2 (5944)
Leaf 3 (5944)
Description
Remarks
instance.
xconnect vsi
vni_100 xconnect vsi vni_100
xconnect vsi
vni_102
Map the Ethernet
service instance to a
VSI. N/A
quit quit N/A N/A N/A
service-instance 20 service-instance 20 N/A
Create an Ethernet
service instance. N/A
encapsulation s-vid
20 encapsulation s-vid
20 N/A
Configure a frame
match criterion for the
Ethernet service
instance.
N/A
xconnect vsi
vni_101 xconnect vsi vni_101 N/A
Map the Ethernet
service instance to a
VSI. N/A
quit quit quit N/A N/A
quit quit quit N/A N/A
interface
twenty-fivegige
1/0/1
interface
ten-gigabitethernet
1/0/2
interface
ten-gigabitethernet
1/0/1
Enter the view of a
physical interface
connected to a server. N/A
speed 10000 N/A N/A
Set the interface
speed to 10 Gbps. N/A
flow-interval 5 flow-interval 5 flow-interval 5
Set the statistics
polling interval to 5
seconds on the
interface.
N/A
port link-type trunk port link-type trunk port link-type trunk Set the link type of the
interface to trunk. N/A
undo port trunk
permit vlan 1 undo port trunk permit
vlan 1
undo port trunk
permit vlan 1
Remove the interface
from VLAN 1. N/A
port trunk permit
vlan 10 20
port trunk permit vlan
10 20
port trunk permit
vlan 30 Assign the interface to
the specified VLANs. N/A
port
link-aggregation
group 2
port link-aggregation
group 2
port
link-aggregation
group 1
Assign the interface to
the Layer 2 aggregate
interface created for
server connection.
N/A
quit quit quit N/A N/A
interface
bridge-aggregation
3
interface
bridge-aggregation 3 N/A
Create
Bridge-Aggregation 3.
The aggregate
interface is connected
to a server.
N/A
interface
twenty-fivegige
1/0/2
interface
ten-gigabitethernet
1/0/1 N/A Enter the view of a
physical interface
connected to a server. N/A
speed 10000 N/A N/A
Set the interface
speed to 10 Gbps. N/A
flow-interval 5 flow-interval 5 N/A
Set the statistics
polling interval to 5
seconds on the
N/A
18
Leaf 1 (5945)
Leaf 2 (5944)
Leaf 3 (5944)
Description
Remarks
interface.
port link-type trunk port link-type trunk N/A Set the link type of the
interface to trunk. N/A
undo port trunk
permit vlan 1 undo port trunk permit
vlan 1 N/A
Remove the interface
from VLAN 1. N/A
port trunk permit
vlan 10 20
port trunk permit vlan
10 20 N/A Assign the interface to
the specified VLANs. N/A
port
link-aggregation
group 3
port link-aggregation
group 3 N/A Assign the interface to
a
Layer 2 aggregate
interface. N/A
quit quit N/A N/A N/A
interface
vsi-interface 10 interface vsi-interface
10 N/A Enter the view of
VSI-interface 10. N/A
port drni virtual-ip
20.1.1.5 24 active port drni virtual-ip
20.1.1.6 24 active N/A Assign an DRNI
virtual IPv4 address to
the VSI interface.
Make sure
you assign
different
DRNI
virtual IPv4
addresses
to the
same VSI
interface
on the DR
member
devices in
one DR
system.
port drni ipv6
virtual-ip 20:1:1:1::5
64 active
port drni ipv6 virtual-ip
20:1:1:1::6 64 active N/A Assign an DRNI
virtual IPv6 address to
the VSI interface.
Make sure
you assign
different
DRNI
virtual IPv6
addresses
to the
same VSI
interface
on the DR
member
devices in
one DR
system.
quit quit N/A N/A N/A
interface
vsi-interface 20 interface vsi-interface
20 N/A
Enter the view of
VSI-interface 20. N/A
port drni virtual-ip
20.2.1.5 24 active port drni virtual-ip
20.2.1.6 24 active N/A Assign an DRNI
virtual IPv4 address to
the VSI interface.
Make sure
you assign
different
DRNI
virtual IPv4
addresses
to the
same VSI
interface
on the DR
member
19
Leaf 1 (5945)
Leaf 2 (5944)
Leaf 3 (5944)
Description
Remarks
devices in
one DR
system.
port drni ipv6
virtual-ip 20:2:1:1::5
64 active
port drni ipv6 virtual-ip
20:2:1:1::6 64 active N/A Assign an DRNI
virtual IPv6 address to
the VSI interface.
Make sure
you assign
different
DRNI
virtual IPv6
addresses
to the
same VSI
interface
on the DR
member
devices in
one DR
system.
quit quit N/A N/A N/A
bgp 20 bgp 20 bgp 20 Enter BGP instance
view. N/A
ip vpn-instance
vpn1 ip vpn-instance vpn1 ip vpn-instance
vpn1
Create BGP-VPN
instance vpn1 and
enter BGP-VPN
instance view.
N/A
peer 20.1.1.10
as-number 10 peer 20.1.1.10
as-number 10 peer 20.3.1.10
as-number 10
Create a BGP peer
and specify its AS
number.
Leaf 3
does not
form
a DR
system
with any
device.
Leaf 3 uses
the primary
IP address
of the VSI
interface to
establish
BGP peer
relationship
with other
devices.
peer 20.1.1.10
source-address
20.1.1.5
peer 20.1.1.10
source-address
20.1.1.6
peer 20:3:1:1::10
as-number 10
Specify a source IPv4
address for
establishing TCP
connections to a peer.
N/A
peer 20.2.1.10
as-number 10 peer 20.2.1.10
as-number 10 N/A
Create a BGP peer
for the server at
20.2.1.10 and specify
its AS number.
N/A
peer 20.2.1.10
source-address
20.2.1.5
peer 20.2.1.10
source-address
20.2.1.6 N/A
Specify a source IPv4
address for
establishing TCP
connections to peer
20.2.1.10.
N/A
peer 20:1:1:1::10
as-number 10 peer 20:1:1:1::10
as-number 10 N/A Create a BGP peer
for the server at
20:1:1:1::10 and
specify its AS
N/A
Page is loading ...
Page is loading ...
Page is loading ...
Page is loading ...
Page is loading ...
Page is loading ...
Page is loading ...
Page is loading ...
Page is loading ...
Page is loading ...
Page is loading ...
Page is loading ...
Page is loading ...
Page is loading ...
Page is loading ...
Page is loading ...
Page is loading ...
Page is loading ...
Page is loading ...
Page is loading ...
Page is loading ...
Page is loading ...
Page is loading ...
Page is loading ...
Page is loading ...
Page is loading ...
Page is loading ...
Page is loading ...
Page is loading ...
Page is loading ...
Page is loading ...
Page is loading ...
Page is loading ...
  • Page 1 1
  • Page 2 2
  • Page 3 3
  • Page 4 4
  • Page 5 5
  • Page 6 6
  • Page 7 7
  • Page 8 8
  • Page 9 9
  • Page 10 10
  • Page 11 11
  • Page 12 12
  • Page 13 13
  • Page 14 14
  • Page 15 15
  • Page 16 16
  • Page 17 17
  • Page 18 18
  • Page 19 19
  • Page 20 20
  • Page 21 21
  • Page 22 22
  • Page 23 23
  • Page 24 24
  • Page 25 25
  • Page 26 26
  • Page 27 27
  • Page 28 28
  • Page 29 29
  • Page 30 30
  • Page 31 31
  • Page 32 32
  • Page 33 33
  • Page 34 34
  • Page 35 35
  • Page 36 36
  • Page 37 37
  • Page 38 38
  • Page 39 39
  • Page 40 40
  • Page 41 41
  • Page 42 42
  • Page 43 43
  • Page 44 44
  • Page 45 45
  • Page 46 46
  • Page 47 47
  • Page 48 48
  • Page 49 49
  • Page 50 50
  • Page 51 51
  • Page 52 52
  • Page 53 53

Aruba JH348A Configuration Guide

JH348A
Aruba
Brand
Aruba
Model
JH348A
Category
Networking
Type
Configuration Guide
Download PDF
report

Ask a question and I''ll find the answer in the document

Finding information in a document is now easier with AI

Related papers

Other documents