IRF
IRF技术具有管理渐变、网络扩展能力强、可靠性高等优点。
前提条件
两个系统启动后
配置swi-2
1、线路连接好,修改主机名
[H3C]sysname swi-1
[swi-1]
2、shutdown 用于IRF的端口
[swi-1]interface range Ten-GigabitEthernet 1/0/49 to Ten-GigabitEthernet 1/0/50
[swi-1-if-range]shutdown
[swi-1-if-range]quit
3、在swi-1 创建IRF端口2,将两个端口 与 IRF端口绑定
例子:irf-port member-id/port-number
[swi-1]irf-port 1/2
[swi-1-irf-port1/2]port group interface Ten-GigabitEthernet 1/0/49
You must perform the following tasks for a successful IRF setup:
Save the configuration after completing IRF configuration.
Execute the "irf-port-configuration active" command to activate the IRF ports.
[swi-1-irf-port1/2]port group interface Ten-GigabitEthernet 1/0/50
[swi-1-irf-port1/2]quit
4、undo shutdown 用于irf的端口
[swi-1]interface range Ten-GigabitEthernet 1/0/49 to Ten-GigabitEthernet 1/0/50
[swi-1-if-range]undo shutdown
[swi-1-if-range]quit
5、配置 swi-1 irf组中,默认成员编号为1 ,优先级为31 ,IRF 优先级,越大越是Master,保证其成为IRF中的主设备。
[swi-1]irf member 1 priority 31
6、保存配置
[swi-1]quit
<swi-1>save
The current configuration will be written to the device. Are you sure? [Y/N]:y
Please input the file name(*.cfg)[flash:/startup.cfg]
(To leave the existing filename unchanged, press the enter key):
Validating file. Please wait...
Saved the current configuration to mainboard device successfully.
7、激活IRF端口的配置
<swi-1>sys
System View: return to User View with Ctrl+Z.
[swi-1]irf-port-configuration active
配置swi-2
1、配置swi-2 加入IRF组,成员编号为2,并重启设备使配置生效。
[swi-2]irf member 1 renumber 2
Renumbering the member ID may result in configuration change or loss. Continue?[Y/N]:y
[swi-2]quit
<swi-2>reboot
Start to check configuration with next startup configuration file, please wait.........DONE!
Current configuration may be lost after the reboot, save current configuration? [Y/N]:y
Please input the file name(*.cfg)[flash:/startup.cfg]
(To leave the existing filename unchanged, press the enter key):
Validating file. Please wait...
Saved the current configuration to mainboard device successfully.
This command will reboot the device. Continue? [Y/N]:y
2、shutdown 用于irf的端口
swi-2 交换机重启后,系统的接口都已经变成了 如下:
interface GigabitEthernet2/0/1
port link-mode bridge
combo enable fiber
#
interface GigabitEthernet2/0/2
port link-mode bridge
combo enable fiber
所以,在接着配置端口的时候就都变成了2/0/X
[swi-2]interface range Ten-GigabitEthernet 2/0/49 to Ten-GigabitEthernet 2/0/50
[swi-2-if-range]shutdown
[swi-2-if-range]quit
3、在swi-2 创建IRF端口1,将两个端口 与 IRF端口绑定
例子:irf-port member-id/port-number
[swi-2]irf-port 2/1
[swi-2-irf-port2/1]port group interface Ten-GigabitEthernet 2/0/49
[swi-2-irf-port2/1]port group interface Ten-GigabitEthernet 2/0/50
[swi-2-irf-port2/1]quit
4、undo shutdown 用于irf的端口
[swi-2]interface range Ten-GigabitEthernet 2/0/49 to Ten-GigabitEthernet 2/0/50
[swi-2-if-range]undo shutdown
[swi-2-if-range]quit
5、保存配置
[swi-2]quit
<swi-2>save
The current configuration will be written to the device. Are you sure? [Y/N]:y
Please input the file name(*.cfg)[flash:/startup.cfg]
(To leave the existing filename unchanged, press the enter key):
flash:/startup.cfg exists, overwrite? [Y/N]:y
Validating file. Please wait...
Saved the current configuration to mainboard device successfully.
6、激活IRF端口的配置
<swi-2>sys
System View: return to User View with Ctrl+Z.
[swi-2]irf-port-configuration active
到这里,两台设备会进行Master竞选,竞选失败的一方将自动重启,重启完成后IRF形成,系统名称统一为swi-1的主机名。
验证
当swi-2 启动,这时候swi-1 和swi-2的配置文件是一样的,甚至主机名都是一样的,并且包含两个交换机的所有端口。
1/0/X 是swi-1 的对应端口;2/0/X 是swi-2的对应端口。
irf配置如下:
irf mac-address persistent timer
irf auto-update enable
undo irf link-delay
irf member 1 priority 31
irf member 2 priority 1
irf-port 1/2
port group interface Ten-GigabitEthernet1/0/49
port group interface Ten-GigabitEthernet1/0/50
#
irf-port 2/1
port group interface Ten-GigabitEthernet2/0/49
port group interface Ten-GigabitEthernet2/0/50
端口如下:
interface Ten-GigabitEthernet1/0/49
combo enable fiber
#
interface Ten-GigabitEthernet1/0/50
combo enable fiber
#
interface Ten-GigabitEthernet2/0/49
combo enable fiber
#
interface Ten-GigabitEthernet2/0/50
combo enable fiber
当这时候保存配置的时候,会发现多了一个slot 2:
<swi-1>sav
The current configuration will be written to the device. Are you sure? [Y/N]:y
Please input the file name(*.cfg)[flash:/startup.cfg]
(To leave the existing filename unchanged, press the enter key):
flash:/startup.cfg exists, overwrite? [Y/N]:y
Validating file. Please wait...
Saved the current configuration to mainboard device successfully.
Slot 2:
Save next configuration file successfully.
验证客户端到IRF
swi-1 和swi-2 配置了IRF ,他们的配置是统一的,client模拟一个服务器两个网卡,当1/0/1断掉后,1.1.1.2和1.1.1.1之间还是畅通的。
默认链路正常的情况下,client ping 5次,都从swi-1走了,抓包如下:
当client到swi-1 之间的链路中断,数据将从g1/0/2 向swi-2通信。
MAD检测
BFD MAD检测
MAD 检测 (Multi-Active Detection,多active检测)
BFD 检测 (bidirectional forwarding detection,双向转发检测)
ARP 检测 (Address Resolution Protocol,地址解析协议)
为了防止万一IRF链路故障导致IRF分裂、网络中存在两个配置冲突的IRF,需要启用MAD检测功能。因为成员设备计较少,我们采用BFD MAD检测方式来检测IRF 的状态。
BFD前提条件: 需要在swi-1和swi-2 之间增加一条心跳线用于检测,这条线不能用于其他任何数据传输。
在swi-1和swi-2之间增加一条连接线 G1/0/3和G2/0/3:
1、创建一个单独vlan 3用于 MAD ip检测通信,把接口加入vlan
[swi-1]vlan 3
[swi-1-vlan3]port GigabitEthernet 1/0/3 GigabitEthernet 2/0/3
[swi-1-vlan3]quit
2、创建vlan接口3 配置MAD IP地址
[swi-1]interface Vlan-interface 3
[swi-1-Vlan-interface3]mad bfd enable
[swi-1-Vlan-interface3]mad ip address 192.168.1.1 30 member 1
[swi-1-Vlan-interface3]mad ip address 192.168.1.2 30 member 2
[swi-1-Vlan-interface3]quit
3、在两个接口上关闭生成树功能。
因为BFD MAD和生成树功互斥。
[swi-1]interface GigabitEthernet 1/0/3
[swi-1-GigabitEthernet1/0/3]undo stp enable
[swi-1-GigabitEthernet1/0/3]inter gi 2/0/3
[swi-1-GigabitEthernet2/0/3]undo stp enable
[swi-1-GigabitEthernet2/0/3]quit
4、配置完成后如下:
interface Vlan-interface3
mad bfd enable
mad ip address 192.168.1.1 255.255.255.252 member 1
mad ip address 192.168.1.2 255.255.255.252 member 2
interface GigabitEthernet1/0/3
port link-mode bridge
port access vlan 3
combo enable fiber
undo stp enable
interface GigabitEthernet2/0/3
port link-mode bridge
port access vlan 3
combo enable fiber
undo stp enable
正常情况下,只可以ping通192.168.1.1 。
当irf 链路1/0/49和1/0/50断裂后,inter vlan 3 接口和g1/0/3 随即也会变为down,最后提示 BFD MAD function enabled on Vlan-interface3 changed to the faulty state.
[swi-1]interface range Ten-GigabitEthernet 1/0/49 to Ten-GigabitEthernet 1/0/50
[swi-1-if-range]shu
[swi-1-if-range]shutdown
%Nov 6 11:10:35:730 2018 swi-1 LLDP/6/LLDP_DELETE_NEIGHBOR: -Slot=2; Nearest bridge agent neighbor deleted on port Ten-GigabitEthernet2/0/49 (IfIndex 178), neighbor's chassis ID is 22ce-0ad0-0100, port ID is Ten-GigabitEthernet1/0/49.
%Nov 6 11:10:36:231 2018 swi-1 IFNET/3/PHY_UPDOWN: Physical state on the interface Ten-GigabitEthernet1/0/49 changed to down.
%Nov 6 11:10:36:231 2018 swi-1 IFNET/5/LINK_UPDOWN: Line protocol state on the interface Ten-GigabitEthernet1/0/49 changed to down.
%Nov 6 11:10:36:261 2018 swi-1 IFNET/3/PHY_UPDOWN: Physical state on the interface Ten-GigabitEthernet2/0/49 changed to down.
%Nov 6 11:10:36:261 2018 swi-1 IFNET/5/LINK_UPDOWN: Line protocol state on the interface Ten-GigabitEthernet2/0/49 changed to down.
[swi-1-if-range]%Nov 6 11:10:36:045 2018 swi-1 LLDP/6/LLDP_DELETE_NEIGHBOR: -Slot=2; Nearest bridge agent neighbor deleted on port Ten-GigabitEthernet2/0/50 (IfIndex 179), neighbor's chassis ID is 22ce-0ad0-0100, port ID is Ten-GigabitEthernet1/0/50.
%Nov 6 11:10:36:558 2018 swi-1 STM/3/STM_LINK_DOWN: IRF port 2 went down.
%Nov 6 11:10:36:559 2018 swi-1 DEV/3/BOARD_REMOVED: Board was removed from slot 2, type is H3C S5820V2-54Q.
%Nov 6 11:10:36:598 2018 swi-1 IFNET/3/PHY_UPDOWN: Physical state on the interface Ten-GigabitEthernet1/0/50 changed to down.
%Nov 6 11:10:36:598 2018 swi-1 IFNET/5/LINK_UPDOWN: Line protocol state on the interface Ten-GigabitEthernet1/0/50 changed to down.
%Nov 6 11:10:36:615 2018 swi-1 BFD/5/BFD_CHANGE_FSM: Sess[192.168.1.1/192.168.1.2, LD/RD:129/129, Interface:Vlan3, SessType:Ctrl, LinkType:INET], Ver:1, Sta: DOWN->INIT, Diag: 0 (No Diagnostic)
%Nov 6 11:10:36:702 2018 swi-1 SHELL/5/SHELL_LOGOUT: Console logged out from con1.
%Nov 6 11:10:37:457 2018 swi-1 BFD/5/BFD_MAD_INTERFACE_CHANGE_STATE: BFD MAD function enabled on Vlan-interface3 changed to the normal state.
%Nov 6 11:10:37:857 2018 swi-1 BFD/5/BFD_CHANGE_FSM: Sess[192.168.1.1/192.168.1.2, LD/RD:129/129, Interface:Vlan3, SessType:Ctrl, LinkType:INET], Ver:1, Sta: INIT->UP, Diag: 0 (No Diagnostic)
%Nov 6 11:10:37:898 2018 swi-1 IFNET/3/PHY_UPDOWN: Physical state on the interface GigabitEthernet1/0/3 changed to down.
%Nov 6 11:10:37:898 2018 swi-1 IFNET/5/LINK_UPDOWN: Line protocol state on the interface GigabitEthernet1/0/3 changed to down.
%Nov 6 11:10:37:898 2018 swi-1 IFNET/3/PHY_UPDOWN: Physical state on the interface Vlan-interface3 changed to down.
%Nov 6 11:10:37:898 2018 swi-1 IFNET/5/LINK_UPDOWN: Line protocol state on the interface Vlan-interface3 changed to down.
%Nov 6 11:10:42:861 2018 swi-1 BFD/5/BFD_CHANGE_FSM: Sess[192.168.1.1/192.168.1.2, LD/RD:129/129, Interface:Vlan3, SessType:Ctrl, LinkType:INET], Ver:1, Sta: UP->DOWN, Diag: 1 (Control Detection Time Expired)
%Nov 6 11:10:47:455 2018 swi-1 BFD/4/BFD_MAD_INTERFACE_CHANGE_STATE: BFD MAD function enabled on Vlan-interface3 changed to the faulty state.
而查看1/0/3的配置是没有 shutdown的:
[swi-1-if-range]display current-configuration interface GigabitEthernet 1/0/3
#
interface GigabitEthernet1/0/3
port link-mode bridge
port access vlan 3
combo enable fiber
undo stp enable
#
return
[swi-1-if-range]dis
[swi-1-if-range]display inter
[swi-1-if-range]display interface gi
[swi-1-if-range]display interface GigabitEthernet 1/0/3
GigabitEthernet1/0/3
Current state: DOWN
Line protocol state: DOWN
当irf 链路1/0/49和1/0/50恢复后,swi-1和swi-2 的两个IRF 会重新进行选举master,因为之前配置swi-1的优先级搞swi-1成为master,swi-2 成为Standby将自动重启后形成IRF拓扑,inter vlan 3 接口和g1/0/3 随即也会变为up。
[swi-1-if-range]undo shutdown
[swi-1-if-range]%Nov 6 11:17:26:972 2018 swi-1 STM/6/STM_LINK_UP: IRF port 2 came up.
%Nov 6 11:17:26:972 2018 swi-1 IFNET/3/PHY_UPDOWN: Physical state on the interface Ten-GigabitEthernet1/0/49 changed to up.
%Nov 6 11:17:26:973 2018 swi-1 IFNET/5/LINK_UPDOWN: Line protocol state on the interface Ten-GigabitEthernet1/0/49 changed to up.
%Nov 6 11:17:26:976 2018 swi-1 LLDP/6/LLDP_CREATE_NEIGHBOR: Nearest bridge agent neighbor created on port Ten-GigabitEthernet1/0/49 (IfIndex 50), neighbor's chassis ID is 22ce-0ad0-0100, port ID is Ten-GigabitEthernet2/0/49.
%Nov 6 11:17:26:981 2018 swi-1 IFNET/3/PHY_UPDOWN: Physical state on the interface Ten-GigabitEthernet1/0/50 changed to up.
%Nov 6 11:17:26:981 2018 swi-1 IFNET/5/LINK_UPDOWN: Line protocol state on the interface Ten-GigabitEthernet1/0/50 changed to up.
%Nov 6 11:17:26:985 2018 swi-1 LLDP/6/LLDP_CREATE_NEIGHBOR: Nearest bridge agent neighbor created on port Ten-GigabitEthernet1/0/50 (IfIndex 51), neighbor's chassis ID is 22ce-0ad0-0100, port ID is Ten-GigabitEthernet2/0/50.
%Nov 6 11:17:27:196 2018 swi-1 STM/4/STM_MERGE: IRF merge occurred.
quit
[swi-1]%Nov 6 11:17:31:566 2018 swi-1 STM/3/STM_LINK_DOWN: IRF port 2 went down.
%Nov 6 11:17:31:566 2018 swi-1 IFNET/3/PHY_UPDOWN: Physical state on the interface Ten-GigabitEthernet1/0/49 changed to down.
%Nov 6 11:17:31:566 2018 swi-1 IFNET/5/LINK_UPDOWN: Line protocol state on the interface Ten-GigabitEthernet1/0/49 changed to down.
%Nov 6 11:17:31:566 2018 swi-1 IFNET/3/PHY_UPDOWN: Physical state on the interface Ten-GigabitEthernet1/0/50 changed to down.
%Nov 6 11:17:31:566 2018 swi-1 IFNET/5/LINK_UPDOWN: Line protocol state on the interface Ten-GigabitEthernet1/0/50 changed to down.
%Nov 6 11:17:36:646 2018 swi-1 STM/6/STM_LINK_UP: IRF port 2 came up.
%Nov 6 11:17:36:646 2018 swi-1 IFNET/3/PHY_UPDOWN: Physical state on the interface Ten-GigabitEthernet1/0/49 changed to up.
%Nov 6 11:17:36:646 2018 swi-1 IFNET/5/LINK_UPDOWN: Line protocol state on the interface Ten-GigabitEthernet1/0/49 changed to up.
%Nov 6 11:17:37:570 2018 swi-1 IFNET/3/PHY_UPDOWN: Physical state on the interface Ten-GigabitEthernet1/0/50 changed to up.
%Nov 6 11:17:37:570 2018 swi-1 IFNET/5/LINK_UPDOWN: Line protocol state on the interface Ten-GigabitEthernet1/0/50 changed to up.
%Nov 6 11:17:57:898 2018 swi-1 DEV/2/BOARD_STATE_FAULT: Board state changed to Fault on slot 2, type is unknown.
%Nov 6 11:17:58:215 2018 swi-1 HA/5/HA_BATCHBACKUP_STARTED: Batch backup of standby board in slot 2 started.
%Nov 6 11:17:59:056 2018 swi-1 DEV/5/BOARD_STATE_NORMAL: Board state changed to Normal on slot 2, type is H3C S5820V2-54Q.
%Nov 6 11:18:01:762 2018 swi-1 LLDP/6/LLDP_CREATE_NEIGHBOR: Nearest bridge agent neighbor created on port Ten-GigabitEthernet1/0/49 (IfIndex 50), neighbor's chassis ID is 22ce-0ad0-0100, port ID is Ten-GigabitEthernet2/0/49.
%Nov 6 11:18:01:762 2018 swi-1 LLDP/6/LLDP_CREATE_NEIGHBOR: Nearest bridge agent neighbor created on port Ten-GigabitEthernet1/0/50 (IfIndex 51), neighbor's chassis ID is 22ce-0ad0-0100, port ID is Ten-GigabitEthernet2/0/50.
%Nov 6 11:18:01:688 2018 swi-1 LLDP/6/LLDP_CREATE_NEIGHBOR: -Slot=2; Nearest bridge agent neighbor created on port Ten-GigabitEthernet2/0/49 (IfIndex 178), neighbor's chassis ID is 22ce-0ad0-0100, port ID is Ten-GigabitEthernet1/0/49.
%Nov 6 11:18:01:689 2018 swi-1 LLDP/6/LLDP_CREATE_NEIGHBOR: -Slot=2; Nearest bridge agent neighbor created on port Ten-GigabitEthernet2/0/50 (IfIndex 179), neighbor's chassis ID is 22ce-0ad0-0100, port ID is Ten-GigabitEthernet1/0/50.
%Nov 6 11:18:01:765 2018 swi-1 IFNET/3/PHY_UPDOWN: Physical state on the interface Ten-GigabitEthernet2/0/49 changed to up.
%Nov 6 11:18:01:766 2018 swi-1 IFNET/5/LINK_UPDOWN: Line protocol state on the interface Ten-GigabitEthernet2/0/49 changed to up.
%Nov 6 11:18:01:766 2018 swi-1 IFNET/3/PHY_UPDOWN: Physical state on the interface Ten-GigabitEthernet2/0/50 changed to up.
%Nov 6 11:18:01:766 2018 swi-1 IFNET/5/LINK_UPDOWN: Line protocol state on the interface Ten-GigabitEthernet2/0/50 changed to up.
%Nov 6 11:18:02:449 2018 swi-1 IFNET/3/PHY_UPDOWN: Physical state on the interface GigabitEthernet1/0/3 changed to up.
%Nov 6 11:18:02:453 2018 swi-1 IFNET/5/LINK_UPDOWN: Line protocol state on the interface GigabitEthernet1/0/3 changed to up.
%Nov 6 11:18:02:453 2018 swi-1 IFNET/3/PHY_UPDOWN: Physical state on the interface Vlan-interface3 changed to up.
%Nov 6 11:18:02:453 2018 swi-1 IFNET/5/LINK_UPDOWN: Line protocol state on the interface Vlan-interface3 changed to up.
%Nov 6 11:18:02:454 2018 swi-1 IFNET/3/PHY_UPDOWN: Physical state on the interface GigabitEthernet2/0/3 changed to up.
%Nov 6 11:18:02:454 2018 swi-1 IFNET/5/LINK_UPDOWN: Line protocol state on the interface GigabitEthernet2/0/3 changed to up.
%Nov 6 11:18:02:470 2018 swi-1 LLDP/6/LLDP_CREATE_NEIGHBOR: Nearest bridge agent neighbor created on port GigabitEthernet1/0/3 (IfIndex 4), neighbor's chassis ID is 22ce-0ad0-0100, port ID is GigabitEthernet2/0/3.
%Nov 6 11:18:02:443 2018 swi-1 LLDP/6/LLDP_CREATE_NEIGHBOR: -Slot=2; Nearest bridge agent neighbor created on port GigabitEthernet2/0/3 (IfIndex 132), neighbor's chassis ID is 22ce-0ad0-0100, port ID is GigabitEthernet1/0/3.
LACP MAD检测
1、创建一个动态聚合端口,并使能LACP MAD 检测功能。
[swi-1]interface Bridge-Aggregation 2
[swi-1-Bridge-Aggregation2]link-aggregation mode dynamic
[swi-1-Bridge-Aggregation2]mad enable
[swi-1-Bridge-Aggregation2]quit
2、在聚合端口组中添加成员端口
[swi-1]interface GigabitEthernet 1/0/2
[swi-1-GigabitEthernet1/0/2]port link-aggregation group 2
[swi-1-GigabitEthernet1/0/2]quit
[swi-1]interface GigabitEthernet 2/0/2
[swi-1-GigabitEthernet2/0/2]port link-aggregation group 2
[swi-1-GigabitEthernet1/0/2]quit
当配置到这的时候,你会发现2/0/2的为down
3、中间设备配置
创建动态聚合端口,并将与irf中各成员设备相连的线加入动态聚合端口组。
[swi-4]interface Bridge-Aggregation 2
[swi-4-Bridge-Aggregation2]link-aggregation mode dynamic
[swi-4-Bridge-Aggregation2]quit
[swi-4]interface range GigabitEthernet 1/0/1 to GigabitEthernet 1/0/2
[swi-4-if-range]port link-aggregation group 2
[swi-4-if-range]quit
当配置到这的时候,你会发现2/0/2的为up了。
4、检测效果
当swi-1和swi-2 之间的 1/0/49和1/0/50 链路down了之后,IRF会发生分裂,产生两个IRF,两个IRF会通过LACP保温的扩展部分将本IRF的activeID传送到对端IRF,由于swi-1的activeID较小,因此该IRF将处于Active状态,设备swi-2所在的irf处于recovery状态。
同时swi-2连接client的链路会转为down状态,是由MAD shutdown的。
注意:
当swi-1和swi-2 之间的 1/0/49和1/0/50 链路恢复之后,会重新选择master,那么swi-2 没有成为master 就会自动重启后成为standby,恢复IRF。
三个MAD 检测对比
| MAD检测方式 | 优势 | 限制 |
|---|---|---|
| LACP MAD | 检测速度快,利用现有聚合组网即可实现,无需占用额外端口和接口 | 组网中需要中间设备,并且该设备必须为支持LACP扩展功能的H3C交换机 |
| BFD MAD | 检测速度较快,组网形式灵活,对其他设备没有要求 | 需要使用额外的端口和三层接口,这些端口和接口不能再传输普通业务流量 |
| ARP MAD | 对其他设备没有要求,在使用中间设备的组网中不需要占用额外端口 | 检测速度慢于前两种,需要配置专用三层接口 |
交换重新加入组的步骤
按照“配置swi-2” 步骤部署即可。
1363
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
