Benutzer-Werkzeuge

Webseiten-Werkzeuge


english:migrate-mclag-to-omniswitch-virtual-chassis

Unterschiede

Hier werden die Unterschiede zwischen zwei Versionen angezeigt.

Link zu dieser Vergleichsansicht

english:migrate-mclag-to-omniswitch-virtual-chassis [2014/06/19 15:24] (aktuell)
benny angelegt
Zeile 1: Zeile 1:
 +====== Migrate MC-LAG to OmniSwitch Virtual-Chassis ======
  
 +{{::a-titelbild.png?nolink|}}
 +
 +In this TechTip we describe how to successfully migrate from Alcatel-Lucent MC-LAG to Virtual-Chassis. Our experience is that the migration (mainly reload of the switches) takes **less than 5 minutes**. We recommend to read through this document before you start.
 +
 +**Please validate/check the configuration carefully before you reboot your switches!**
 +
 +===== Prerequisites =====
 +We'll use VIM to automate many, otherwise error-prone, modifications of the configuration.
 +
 +VIM is an amazing tool and should not be missing on any workstation.
 +  * Download for MacOSX: http://code.google.com/p/macvim/
 +  * Download for Windows: http://www.vim.org/download.php#pc
 +  * Download for Linux: http://www.vim.org/download.php#unix
 +
 +You should set the following in VIM to highlight the results of "Search & Replace" as we'll use it throughout the document:
 +<code>
 +:set hlsearch
 +</code>
 +
 +  * On OmniSwitch you'll need the "Advanced" license to use Virtual-Chassis
 +  * Please read carefully through the u-boot / AOS dependencies! Details can be found in the "Upgrade Instructions".
 +
 +===== Comparison of MC-LAG and Virtual-Chassis =====
 +
 +^  MC-LAG  ^  Virtual-Chassis  ^
 +|  Available in AOS 7.1.1.R01  |  Available in AOS 7.3.1.R01  |  
 +|  L2-Learning in hardware\\ (MAC-ADDRESS table synchronised across chassis)  |  L2-Learning in hardware\\ (MAC-ADDRESS table synchronised across chassis)  |  
 +|  Independent configuration with separate Management-IP for each switch  |  Configuration and management of Virtual Chassis is done through one unified IP-Adresse  |  
 +|  Independent Bridge-IDs  |  **One** Bridge-ID  |  
 +|  Independent Routers  |  **One** Router  |  
 +|  Limited IPv4-L3-Support for MC-LAG (e.g. dynamic routing protocols)  |  Full support  |  
 +|  No IPv6-L3-Support for MC-LAGs (e.g. gateway, dynamic routing)  |  Full support 
 +|  Virtual Fabric Link (VFL), fault-tolerant and high-performance Link-Aggregate  |  Identical  |  
 +|  Limited to two chassis  |  Currently two chassis, soon six  |  
 +|  ISSU within the same chassis  |  ISSU across the chassis  |  
 +
 +==== Reasons to migrate from MC-LAG to Virtual-Chassis ====
 +
 +  * simple, unified Management
 +  * IPv6-Support
 +  * IPv4/IPv6-Routing
 +
 +===== Planning the migration =====
 +  * vcsetup.cfg's need to be prepared
 +  * MC-LAG and System/Session:
 +    * "multi-chassis"-rows need to be completely removed from configuration
 +    * "session prompt" needs to be removed from 2nd chassis
 +    * "system name", "system location", "system contact" & "ip interface" needs to be removed from 2nd chassis
 +  * Link-Aggregation:
 +    * "linkagg range" row needs to be removed from configuration
 +    * linkagg {lacp|static} agg <agg> size <size> admin-state {enable|disable} "multi-chassis active" needs to be removed from configuration
 +    * linkagg lacp agg <agg> "system-id xx:xx:xx:xx:xx:xx" needs to be removed from configuration
 +    * linkagg {lacp|static} port "system-id xx:xx:xx:xx:xx:xx" needs to be removed from configuration
 +    * Convert linkagg {lacp|static} port "slot/port" to "chassis/slot/port"
 +  * VLAN:
 +    * Convert multi-chassis vip-vlan to normal vlan
 +    * Convert VLAN-Assignement of ports tagged/untagged "slot/port" to "chassis/slot/port"
 +  * IP-Interface:
 +    * Either re-use the former virtual IP address (VIP-ADDRESS) as VRRP **OR**
 +    * Create and use IP-Interface with former "vip-address" (replace previous "physical IP" with "vip-address)
 +    * (Remove IP Interfaces from 2nd chassis)
 +  * LLDP:
 +    * Convert "slot/port" to "chassis/slot/port"
 +  * Additional configuration
 +    * Verify if there are any configurations in your specific setup that are not handled during this migration?
 +
 +===== Prepare for the migration =====
 +
 +If not stated otherwise, VIM-commands need to be executed for "Chassis 1" and "Chassis 2" configuration.
 +
 +==== Convert and remove the Multi-Chassis & VF-Link configuration ====
 +
 +<WRAP center round tip 60%>
 +At this point we'll remove the multi-chassis configuration. You should store the parameters in a safe place and create new vcsetup.cfg files. In the following we'll see how those kind of files need to look like.
 +</WRAP>
 +
 +
 +To ease the migration, the following VIM-commands will help us to create the two vcsetup.cfg's:
 +<WRAP center round info 60%>
 +If you put a "c" (confirmation) after the "g" (global), VIM will request a confirmation before replacing each occurrence. If you don't want VIM to do that, simply remove the "c".
 +</WRAP>
 +
 +<code>
 +Chassis 1:
 +:%s/^multi-chassis\ chassis-id\ \(\d\+\)$/virtual-chassis chassis-id \1 configured-chassis-id \1/gc
 +:%s/^multi-chassis\ vf-link\ create$/virtual-chassis chassis-id 1 vf-link 0 create/gc
 +:%s/^multi-chassis\ vf-link\ member-port\ \(\d\+\/\S*\)$/virtual-chassis chassis-id 1 vf-link 0 member-port 1\/\1/gc
 +:%s/^multi-chassis\ chassis-group\ \(\d\+\)$/virtual-chassis chassis-id 1 chassis-group \1/gc
 +
 +Chassis 2:
 +:%s/^multi-chassis\ chassis-id\ \(\d\+\)$/virtual-chassis chassis-id \1 configured-chassis-id \1/gc
 +:%s/^multi-chassis\ vf-link\ create$/virtual-chassis chassis-id 2 vf-link 0 create/gc
 +:%s/^multi-chassis\ vf-link\ member-port\ \(\d\+\/\S*\)$/virtual-chassis chassis-id 2 vf-link 0 member-port 2\/\1/gc
 +:%s/^multi-chassis\ chassis-group\ \(\d\+\)$/virtual-chassis chassis-id 2 chassis-group \1/gc
 +</code>
 +
 +{{::mclag-migration-bild8.png?nolink|}}
 +(The German word "Magie" means "magic".)
 +
 +**After you copied the lines and put them in the separate vcsetup.cfg's you can remove those rows from the configuration with the following command (removes both, multi-chassis and converted virtual-chassis commands)**
 +<code>
 +:g/^\(multi\|virtual\)-chassis\ \(cha\|vf-\).*$/d
 +</code>
 +
 +==== Remove the "linkagg range" from configuration ====
 +
 +<code>
 +:g/^linkagg\ range.*$/
 +</code>
 +
 +==== Remove "multi-chassis active" from the link-aggregate configuration ====
 +
 +<code>
 +:%s/\ multi-chassis\ active.*$//gc
 +</code>
 +
 +{{:mclag-migration-bild6.png?nolink|}}
 +
 +==== Remove "system-id xx:xx:xx:xx:xx:xx"-rows from Link-Aggregation port/agg configuration ====
 +
 +<code>
 +:g/^linkagg\ \(.*system-id\).*$/d
 +</code>
 +
 +==== Convert Link-Aggregate configuration from "slot/port" to "chassis/slot/port" ====
 +
 +<code>
 +Chassis 1:
 +:%s/^linkagg\ \(static\|lacp\)\ port\ \(\d\+\/\S*\)/linkagg \1 port 1\/\2/gc
 +
 +Chassis 2:
 +:%s/^linkagg\ \(static\|lacp\)\ port\ \(\d\+\/\S*\)/linkagg \1 port 2\/\2/gc
 +</code>
 +
 +{{:mclag-migration-bild7.png?nolink|}}
 +
 +==== Replace "multi-chassis vip-vlan" with standard "vlan" ====
 +
 +<code>
 +:%s/^multi-chassis\ vip-vlan/vlan/gc
 +</code>
 +
 +==== Convert VLAN port assignment from "slot/port" to "chassis/slot/port" ====
 +
 +<code>
 +Chassis 1:
 +:%s/^vlan\ \(\d\+\)\ members\ port\ \(\d\+\/\S*\)/vlan \1 members port 1\/\2/gc
 +
 +Chassis 2:
 +:%s/^vlan\ \(\d\+\)\ members\ port\ \(\d\+\/\S*\)/vlan \1 members port 2\/\2/gc
 +</code>
 +
 +==== Automate the convertion of IP-Interfaces ====
 +
 +After the migration from MC-LAG to Virtual-Chassis our servers/clients should be able to use the same gateway as before, hence we convert the IP-Interfaces to represent the "VIP-ADDRESS" as new physical IP.
 +
 +(If you don't want to do that automated convertion, but use e.g. VRRP you need to do this step manually.)
 +<code>
 +Chassis 1:
 +:%s/^ip\ interface\ \(\".*\"\)\ address \(\d\+\.\d\+\.\d\+\.\d\+\)\ mask\ \(\d\+\.\d\+\.\d\+\.\d\+\)\ vip-address\ \(\d\+\.\d\+\.\d\+\.\d\+\)/ip interface \1 address \4 mask \3/gc 
 +
 +Chassis 2:
 +:g/^ip\ interface.*$/
 +</code>
 +
 +{{::mclag-migration-bild9.png?nolink|}}
 +
 +==== Convert LLDP configuration from "slot/port" to "chassis/slot/port" ====
 +
 +<code>
 +Chassis 1:
 +:%s/^lldp\ \(nearest-bridge\|non-tpmr\|nearest-customer\)\ port \(\d\+\/\S*\)/lldp \1 port 1\/\2/gc 
 +
 +Chassis 2:
 +:%s/^lldp\ \(nearest-bridge\|non-tpmr\|nearest-customer\)\ port \(\d\+\/\S*\)/lldp \1 port 2\/\2/gc
 +</code>
 +
 +{{:mclag-migration-bild5.png?nolink|}}
 +
 +==== Remove unnecessary configuration/parameters ====
 +
 +**You should remove unnecessary configuratin/parameters from __Chassis 2__ as otherwise the merge of the two configuration is not straight forward:**
 +<code>
 +:g/^system\ \(name\|contact\|location\)/
 +:g/^session\ prompt/d
 +</code>
 +
 +**Save the changes to both files and close them with VIM-command ":wq".**
 +
 +==== Create the vcboot.cfg for Virtual Chassis ====
 +
 +**In the following you can see that we opened the primary configuration (chassis-1):**
 +
 +{{:mclag-migration-bild1.png?nolink|}}
 +
 +**In the next step we open the configuration of the 2nd chassis and highlight the differences, so that we can easily copy them:**
 +
 +<code>
 +:vert diffsplit CORE02.cfg
 +</code>
 +
 +{{:mclag-migration-bild2.png?nolink|}}
 +
 +You can jump between the windows with the VIM-command CTRL+WW.
 +You can select rows visually with the VIM-command Shift+V (as seen in the screenshot) and cut the selected rows with "d".
 +
 +{{:mclag-migration-bild3.png?nolink|}}
 +
 +We'll paste the rows that you just cut (after changing focus to the "primary configuration" with CTRL+WW) using the VIM-command "p" at the desired position of the configuration. This step needs to be repeated for VLAN port assignment, link-aggregate port assignment, LLDP port configuration etc.
 +
 +{{:mclag-migration-bild4.png?nolink|}}
 +
 +**After you have merged all relevant configuration, you can save the configuration with the following VIM-command to "vcboot.cfg":**
 +<code>
 +:w vcboot.cfg
 +</code>
 +
 +===== Example Configuration =====
 +
 +==== MC-LAG Node 1 (CORE01) ====
 +
 +<file cfg CORE01.cfg>
 +!========================================!
 +! File: /flash/working/boot.cfg          !
 +!========================================!
 +! Chassis:
 +system name MC-Lag1
 +system contact myContact
 +system location "1. DC"
 +mac-retention admin-state enable
 +mac-retention dup-mac-trap admin-state enable
 +mac-retention timer 30
 +
 +! Configuration:
 +
 +! Capability Manager:
 +! Multi-Chassis:
 +multi-chassis chassis-id 1
 +multi-chassis vf-link create
 +multi-chassis vf-link member-port 1/1
 +multi-chassis vf-link member-port 1/20
 +multi-chassis chassis-group 9
 +
 +! Virtual Chassis Manager:
 +! Virtual Flow Control:
 +! Interface:
 +! Link Aggregate:
 +linkagg range local 0-47 peer 48-95 multi-chassis 96-127 
 +linkagg lacp agg 96 size 2 admin-state enable multi-chassis active
 +linkagg lacp agg 96 name "RACK01"
 +linkagg lacp agg 96 actor system-id 00:00:00:00:00:96
 +linkagg lacp agg 96 actor admin-key 96
 +linkagg lacp agg 97 size 2 admin-state enable multi-chassis active
 +linkagg lacp agg 97 name "RACK02"
 +linkagg lacp agg 97 actor system-id 00:00:00:00:00:97
 +linkagg lacp agg 97 actor admin-key 97
 +linkagg lacp agg 98 size 2 admin-state enable multi-chassis active
 +linkagg lacp agg 98 name "RACK03"
 +linkagg lacp agg 98 actor system-id 00:00:00:00:00:98
 +linkagg lacp agg 98 actor admin-key 98
 +linkagg lacp agg 99 size 2 admin-state enable multi-chassis active
 +linkagg lacp agg 99 name "RACK04"
 +linkagg lacp agg 99 actor system-id 00:00:00:00:00:99
 +linkagg lacp agg 99 actor admin-key 99
 +linkagg lacp agg 100 size 2 admin-state enable multi-chassis active
 +linkagg lacp agg 100 name "SW01"
 +linkagg lacp agg 100 actor system-id 00:00:00:00:01:00
 +linkagg lacp agg 100 actor admin-key 100
 +linkagg lacp agg 101 size 2 admin-state enable multi-chassis active
 +linkagg lacp agg 101 name "SW02"
 +linkagg lacp agg 101 actor system-id 00:00:00:00:01:01
 +linkagg lacp agg 101 actor admin-key 101
 +linkagg lacp agg 102 size 2 admin-state enable multi-chassis active
 +linkagg lacp agg 102 name "SW03"
 +linkagg lacp agg 102 actor system-id 00:00:00:00:01:02
 +linkagg lacp agg 102 actor admin-key 102
 +linkagg lacp agg 103 size 2 admin-state enable multi-chassis active
 +linkagg lacp agg 103 name "SW04"
 +linkagg lacp agg 103 actor system-id 00:00:00:00:01:03
 +linkagg lacp agg 103 actor admin-key 103
 +linkagg lacp agg 104 size 2 admin-state enable multi-chassis active
 +linkagg lacp agg 104 name "SW05"
 +linkagg lacp agg 104 actor system-id 00:00:00:00:01:04
 +linkagg lacp agg 104 actor admin-key 104
 +linkagg lacp agg 105 size 2 admin-state enable multi-chassis active
 +linkagg lacp agg 105 name "SW06"
 +linkagg lacp agg 105 actor system-id 00:00:00:00:01:05
 +linkagg lacp agg 105 actor admin-key 105
 +linkagg lacp agg 106 size 2 admin-state enable multi-chassis active
 +linkagg lacp agg 106 name "SW07"
 +linkagg lacp agg 106 actor system-id 00:00:00:00:01:06
 +linkagg lacp agg 106 actor admin-key 106
 +linkagg lacp port 1/2 actor admin-key 96
 +linkagg lacp port 1/2 actor system-id 00:00:00:00:00:96
 +linkagg lacp port 1/3 actor admin-key 97
 +linkagg lacp port 1/3 actor system-id 00:00:00:00:00:97
 +linkagg lacp port 1/4 actor admin-key 98
 +linkagg lacp port 1/4 actor system-id 00:00:00:00:00:98
 +linkagg lacp port 1/5 actor admin-key 99
 +linkagg lacp port 1/5 actor system-id 00:00:00:00:00:99
 +linkagg lacp port 1/6 actor admin-key 100
 +linkagg lacp port 1/6 actor system-id 00:00:00:00:01:00
 +linkagg lacp port 1/7 actor admin-key 101
 +linkagg lacp port 1/7 actor system-id 00:00:00:00:01:01
 +linkagg lacp port 1/8 actor admin-key 102
 +linkagg lacp port 1/8 actor system-id 00:00:00:00:01:02
 +linkagg lacp port 1/9 actor admin-key 103
 +linkagg lacp port 1/9 actor system-id 00:00:00:00:01:03
 +linkagg lacp port 1/10 actor admin-key 104
 +linkagg lacp port 1/10 actor system-id 00:00:00:00:01:04
 +linkagg lacp port 1/11 actor admin-key 105
 +linkagg lacp port 1/11 actor system-id 00:00:00:00:01:05
 +linkagg lacp port 1/12 actor admin-key 106
 +linkagg lacp port 1/12 actor system-id 00:00:00:00:01:06
 +
 +! VLAN:
 +vlan 1 admin-state enable
 +vlan 1 name "Mgmt"
 +multi-chassis vip-vlan 100 admin-state enable
 +multi-chassis vip-vlan 100 name "Server"
 +vlan 102-104 admin-state enable
 +vlan 102 name "Guest"
 +vlan 103 name "VoIP"
 +vlan 104 name "Build"
 +vlan 106 admin-state enable
 +vlan 106 name "Dev"
 +multi-chassis vip-vlan 110-113 admin-state enable
 +multi-chassis vip-vlan 110 name "Client1"
 +multi-chassis vip-vlan 111 name "Client2"
 +multi-chassis vip-vlan 112 name "Client3"
 +multi-chassis vip-vlan 113 name "Client4"
 +multi-chassis vip-vlan 150 admin-state enable
 +multi-chassis vip-vlan 150 name "VIP VLAN"
 +vlan 100 members linkagg 96-99 tagged
 +vlan 102 members linkagg 100-106 tagged
 +vlan 103 members linkagg 96-106 tagged
 +vlan 104 members linkagg 96-106 tagged
 +vlan 106 members linkagg 96-106 tagged
 +vlan 110 members linkagg 100-101 tagged
 +vlan 111 members linkagg 102-103 tagged
 +vlan 112 members linkagg 104-105 tagged
 +vlan 113 members linkagg 106 tagged
 +vlan 150 members linkagg 96-99 tagged
 +
 +! Spanning Tree:
 +spantree vlan 1 admin-state enable 
 +spantree vlan 100 admin-state enable 
 +spantree vlan 102 admin-state enable 
 +spantree vlan 103 admin-state enable 
 +spantree vlan 104 admin-state enable 
 +spantree vlan 106 admin-state enable 
 +spantree vlan 110 admin-state enable 
 +spantree vlan 111 admin-state enable 
 +spantree vlan 112 admin-state enable 
 +spantree vlan 113 admin-state enable 
 +spantree vlan 150 admin-state enable 
 +
 +! Bridging:
 +! Port Mirroring:
 +! Port Mapping:
 +! IP:
 +ip service port 21 admin-state enable
 +ip service port 22 admin-state enable
 +ip service port 23 admin-state enable
 +ip service port 80 admin-state enable
 +ip service port 123 admin-state enable
 +ip service port 443 admin-state enable
 +ip interface "Mgmt" address 192.168.130.197 mask 255.255.255.0 vlan 1 no forward ifindex 1
 +ip interface "Client1" address 10.2.140.197 mask 255.255.255.0 vip-address 10.2.140.1 vlan 110 ifindex 2
 +ip interface "Client2" address 10.2.141.197 mask 255.255.255.0 vip-address 10.2.141.1 vlan 111 ifindex 3
 +ip interface "Client3" address 10.2.142.197 mask 255.255.255.0 vip-address 10.2.142.1 vlan 112 ifindex 4
 +ip interface "Client4" address 10.2.143.197 mask 255.255.255.0 vip-address 10.2.143.1 vlan 113 ifindex 5
 +ip interface "Server" address 10.2.128.197 mask 255.255.255.0 vip-address 10.2.128.1 vlan 100 ifindex 6
 +ip interface "Transfer_Firewall" address 192.168.150.197 mask 255.255.255.0 vip-address 192.168.150.1 vlan 150 ifindex 7
 +
 +! IPv6:
 +! IPSec:
 +! IPMS:
 +! AAA:
 +aaa authentication console "local" 
 +aaa authentication ftp "local" 
 +aaa authentication http "local" 
 +aaa authentication snmp "local" 
 +aaa authentication ssh "local" 
 +
 +user password-size min 6
 +
 +! NTP:
 +ntp server 192.168.2.253
 +ntp client admin-state enable
 +
 +! QOS:
 +policy condition from_voip source vlan 103 
 +policy action set_dscp dscp 46 
 +policy rule prio_voip condition from_voip action set_dscp 
 +qos apply
 +
 +! Policy Manager:
 +! VLAN Stacking:
 +! ERP:
 +! MVRP:
 +! LLDP:
 +lldp nearest-bridge port 1/1-20 tlv management system-capabilities enable
 +lldp nearest-bridge port 1/1-20 tlv management system-description enable
 +lldp nearest-bridge port 1/1-20 tlv management system-name enable
 +lldp nearest-bridge port 1/1-20 tlv management port-description enable
 +lldp non-tpmr port 1/1-20 tlv management system-capabilities enable
 +lldp non-tpmr port 1/1-20 tlv management system-description enable
 +lldp non-tpmr port 1/1-20 tlv management system-name enable
 +lldp non-tpmr port 1/1-20 tlv management port-description enable
 +lldp nearest-customer port 1/1-20 tlv management system-capabilities enable
 +lldp nearest-customer port 1/1-20 tlv management system-description enable
 +lldp nearest-customer port 1/1-20 tlv management system-name enable
 +lldp nearest-customer port 1/1-20 tlv management port-description enable
 +lldp nearest-bridge port 1/1-20 tlv management management-address enable
 +lldp non-tpmr port 1/1-20 tlv management management-address enable
 +lldp nearest-customer port 1/1-20 tlv management management-address enable
 +
 +! UDLD:
 +! Server Load Balance:
 +! High Availability Vlan:
 +! Session Manager:
 +session cli timeout 30
 +session http timeout 30
 +session prompt default "CORE01 ->"
 +command-log enable
 +
 +! Web:
 +! Trap Manager:
 +snmp station 192.168.2.203 162 "snmpv3" v3 enable
 +
 +! Health Monitor:
 +! System Service:
 +swlog output socket 192.168.2.203
 +system timezone CET
 +
 +! SNMP:
 +snmp security authentication set
 +snmp community-map mode enable
 +snmp community-map "public" user "snmp" enable
 +
 +! BFD:
 +! IP Route Manager:
 +ip static-route 0.0.0.0/0 gateway 192.168.150.253 metric 1
 +
 +! VRRP:
 +! UDP Relay:
 +! RIP:
 +! OSPF:
 +! ISIS:
 +! IP Multicast:
 +! DVMRP:
 +! IPMR:
 +! RIPng:
 +! OSPF3:
 +! BGP:
 +! Netsec:
 +! Module:
 +! RDP:
 +! DA-UNP:
 +! DHL:
 +! Ethernet-OAM:
 +! SAA:
 +! SPB-ISIS:
 +! SVCMGR:
 +! LDP:
 +! EVB:
 +</file>
 +
 +==== Modified configuration of MC-LAG Node 1 (CORE01) ====
 +
 +<file cfg modified-CORE01.cfg>
 +!========================================!
 +! File: /flash/working/boot.cfg          !
 +!========================================!
 +! Chassis:
 +system name MC-Lag1
 +system contact myContact
 +system location "1. DC"
 +mac-retention admin-state enable
 +mac-retention dup-mac-trap admin-state enable
 +mac-retention timer 30
 +
 +! Configuration:
 +
 +! Capability Manager:
 +! Multi-Chassis:
 +
 +! Virtual Chassis Manager:
 +! Virtual Flow Control:
 +! Interface:
 +! Link Aggregate:
 +linkagg lacp agg 96 size 2 admin-state enable
 +linkagg lacp agg 96 name "RACK01"
 +linkagg lacp agg 96 actor admin-key 96
 +linkagg lacp agg 97 size 2 admin-state enable
 +linkagg lacp agg 97 name "RACK02"
 +linkagg lacp agg 97 actor admin-key 97
 +linkagg lacp agg 98 size 2 admin-state enable
 +linkagg lacp agg 98 name "RACK03"
 +linkagg lacp agg 98 actor admin-key 98
 +linkagg lacp agg 99 size 2 admin-state enable
 +linkagg lacp agg 99 name "RACK04"
 +linkagg lacp agg 99 actor admin-key 99
 +linkagg lacp agg 100 size 2 admin-state enable
 +linkagg lacp agg 100 name "SW01"
 +linkagg lacp agg 100 actor admin-key 100
 +linkagg lacp agg 101 size 2 admin-state enable
 +linkagg lacp agg 101 name "SW02"
 +linkagg lacp agg 101 actor admin-key 101
 +linkagg lacp agg 102 size 2 admin-state enable
 +linkagg lacp agg 102 name "SW03"
 +linkagg lacp agg 102 actor admin-key 102
 +linkagg lacp agg 103 size 2 admin-state enable
 +linkagg lacp agg 103 name "SW04"
 +linkagg lacp agg 103 actor admin-key 103
 +linkagg lacp agg 104 size 2 admin-state enable
 +linkagg lacp agg 104 name "SW05"
 +linkagg lacp agg 104 actor admin-key 104
 +linkagg lacp agg 105 size 2 admin-state enable
 +linkagg lacp agg 105 name "SW06"
 +linkagg lacp agg 105 actor admin-key 105
 +linkagg lacp agg 106 size 2 admin-state enable
 +linkagg lacp agg 106 name "SW07"
 +linkagg lacp agg 106 actor admin-key 106
 +linkagg lacp port 1/1/2 actor admin-key 96
 +linkagg lacp port 1/1/3 actor admin-key 97
 +linkagg lacp port 1/1/4 actor admin-key 98
 +linkagg lacp port 1/1/5 actor admin-key 99
 +linkagg lacp port 1/1/6 actor admin-key 100
 +linkagg lacp port 1/1/7 actor admin-key 101
 +linkagg lacp port 1/1/8 actor admin-key 102
 +linkagg lacp port 1/1/9 actor admin-key 103
 +linkagg lacp port 1/1/10 actor admin-key 104
 +linkagg lacp port 1/1/11 actor admin-key 105
 +linkagg lacp port 1/1/12 actor admin-key 106
 +
 +! VLAN:
 +vlan 1 admin-state enable
 +vlan 1 name "Mgmt"
 +vlan 100 admin-state enable
 +vlan 100 name "Server"
 +vlan 102-104 admin-state enable
 +vlan 102 name "Guest"
 +vlan 103 name "VoIP"
 +vlan 104 name "Build"
 +vlan 106 admin-state enable
 +vlan 106 name "Dev"
 +vlan 110-113 admin-state enable
 +vlan 110 name "Client1"
 +vlan 111 name "Client2"
 +vlan 112 name "Client3"
 +vlan 113 name "Client4"
 +vlan 150 admin-state enable
 +vlan 150 name "VIP VLAN"
 +vlan 100 members linkagg 96-99 tagged
 +vlan 102 members linkagg 100-106 tagged
 +vlan 103 members linkagg 96-106 tagged
 +vlan 104 members linkagg 96-106 tagged
 +vlan 106 members linkagg 96-106 tagged
 +vlan 110 members linkagg 100-101 tagged
 +vlan 111 members linkagg 102-103 tagged
 +vlan 112 members linkagg 104-105 tagged
 +vlan 113 members linkagg 106 tagged
 +vlan 150 members linkagg 96-99 tagged
 +
 +! Spanning Tree:
 +spantree vlan 1 admin-state enable 
 +spantree vlan 100 admin-state enable 
 +spantree vlan 102 admin-state enable 
 +spantree vlan 103 admin-state enable 
 +spantree vlan 104 admin-state enable 
 +spantree vlan 106 admin-state enable 
 +spantree vlan 110 admin-state enable 
 +spantree vlan 111 admin-state enable 
 +spantree vlan 112 admin-state enable 
 +spantree vlan 113 admin-state enable 
 +spantree vlan 150 admin-state enable 
 +
 +! Bridging:
 +! Port Mirroring:
 +! Port Mapping:
 +! IP:
 +ip service port 21 admin-state enable
 +ip service port 22 admin-state enable
 +ip service port 23 admin-state enable
 +ip service port 80 admin-state enable
 +ip service port 123 admin-state enable
 +ip service port 443 admin-state enable
 +ip interface "Mgmt" address 192.168.130.197 mask 255.255.255.0 vlan 1 no forward ifindex 1
 +ip interface "Client1" address 10.2.140.1 mask 255.255.255.0 vlan 110 ifindex 2
 +ip interface "Client2" address 10.2.141.1 mask 255.255.255.0 vlan 111 ifindex 3
 +ip interface "Client3" address 10.2.142.1 mask 255.255.255.0 vlan 112 ifindex 4
 +ip interface "Client4" address 10.2.143.1 mask 255.255.255.0 vlan 113 ifindex 5
 +ip interface "Server" address 10.2.128.1 mask 255.255.255.0 vlan 100 ifindex 6
 +ip interface "Transfer_Firewall" address 192.168.150.1 mask 255.255.255.0 vlan 150 ifindex 7
 +
 +! IPv6:
 +! IPSec:
 +! IPMS:
 +! AAA:
 +aaa authentication console "local" 
 +aaa authentication ftp "local" 
 +aaa authentication http "local" 
 +aaa authentication snmp "local" 
 +aaa authentication ssh "local" 
 +
 +user password-size min 6
 +
 +! NTP:
 +ntp server 192.168.2.253
 +ntp client admin-state enable
 +
 +! QOS:
 +policy condition from_voip source vlan 103 
 +policy action set_dscp dscp 46 
 +policy rule prio_voip condition from_voip action set_dscp 
 +qos apply
 +
 +! Policy Manager:
 +! VLAN Stacking:
 +! ERP:
 +! MVRP:
 +! LLDP:
 +lldp nearest-bridge port 1/1/1-20 tlv management system-capabilities enable
 +lldp nearest-bridge port 1/1/1-20 tlv management system-description enable
 +lldp nearest-bridge port 1/1/1-20 tlv management system-name enable
 +lldp nearest-bridge port 1/1/1-20 tlv management port-description enable
 +lldp non-tpmr port 1/1/1-20 tlv management system-capabilities enable
 +lldp non-tpmr port 1/1/1-20 tlv management system-description enable
 +lldp non-tpmr port 1/1/1-20 tlv management system-name enable
 +lldp non-tpmr port 1/1/1-20 tlv management port-description enable
 +lldp nearest-customer port 1/1/1-20 tlv management system-capabilities enable
 +lldp nearest-customer port 1/1/1-20 tlv management system-description enable
 +lldp nearest-customer port 1/1/1-20 tlv management system-name enable
 +lldp nearest-customer port 1/1/1-20 tlv management port-description enable
 +lldp nearest-bridge port 1/1/1-20 tlv management management-address enable
 +lldp non-tpmr port 1/1/1-20 tlv management management-address enable
 +lldp nearest-customer port 1/1/1-20 tlv management management-address enable
 +
 +! UDLD:
 +! Server Load Balance:
 +! High Availability Vlan:
 +! Session Manager:
 +session cli timeout 30
 +session http timeout 30
 +session prompt default "CORE01 ->"
 +command-log enable
 +
 +! Web:
 +! Trap Manager:
 +snmp station 192.168.2.203 162 "snmpv3" v3 enable
 +
 +! Health Monitor:
 +! System Service:
 +swlog output socket 192.168.2.203
 +system timezone CET
 +
 +! SNMP:
 +snmp security authentication set
 +snmp community-map mode enable
 +snmp community-map "public" user "snmp" enable
 +
 +! BFD:
 +! IP Route Manager:
 +ip static-route 0.0.0.0/0 gateway 192.168.150.253 metric 1
 +
 +! VRRP:
 +! UDP Relay:
 +! RIP:
 +! OSPF:
 +! ISIS:
 +! IP Multicast:
 +! DVMRP:
 +! IPMR:
 +! RIPng:
 +! OSPF3:
 +! BGP:
 +! Netsec:
 +! Module:
 +! RDP:
 +! DA-UNP:
 +! DHL:
 +! Ethernet-OAM:
 +! SAA:
 +! SPB-ISIS:
 +! SVCMGR:
 +! LDP:
 +! EVB:
 +</file>
 +
 +==== MC-LAG Node 2 (CORE02) ====
 +
 +<file cfg CORE02.cfg>
 +!========================================!
 +! File: /flash/working/boot.cfg          !
 +!========================================!
 +! Chassis:
 +system name MC-Lag2
 +system contact myContact
 +system location "1. DC"
 +mac-retention admin-state enable
 +mac-retention dup-mac-trap admin-state enable
 +mac-retention timer 30
 +
 +! Configuration:
 +
 +! Capability Manager:
 +! Multi-Chassis:
 +multi-chassis chassis-id 2
 +multi-chassis vf-link create
 +multi-chassis vf-link member-port 1/1
 +multi-chassis vf-link member-port 1/20
 +multi-chassis chassis-group 9
 +
 +! Virtual Chassis Manager:
 +! Virtual Flow Control:
 +! Interface:
 +! Link Aggregate:
 +linkagg range local 48-95 peer 0-47 multi-chassis 96-127 
 +linkagg lacp agg 96 size 2 admin-state enable multi-chassis active
 +linkagg lacp agg 96 name "RACK01"
 +linkagg lacp agg 96 actor system-id 00:00:00:00:00:96
 +linkagg lacp agg 96 actor admin-key 96
 +linkagg lacp agg 97 size 2 admin-state enable multi-chassis active
 +linkagg lacp agg 97 name "RACK02"
 +linkagg lacp agg 97 actor system-id 00:00:00:00:00:97
 +linkagg lacp agg 97 actor admin-key 97
 +linkagg lacp agg 98 size 2 admin-state enable multi-chassis active
 +linkagg lacp agg 98 name "RACK03"
 +linkagg lacp agg 98 actor system-id 00:00:00:00:00:98
 +linkagg lacp agg 98 actor admin-key 98
 +linkagg lacp agg 99 size 2 admin-state enable multi-chassis active
 +linkagg lacp agg 99 name "RACK04"
 +linkagg lacp agg 99 actor system-id 00:00:00:00:00:99
 +linkagg lacp agg 99 actor admin-key 99
 +linkagg lacp agg 100 size 2 admin-state enable multi-chassis active
 +linkagg lacp agg 100 name "SW01"
 +linkagg lacp agg 100 actor system-id 00:00:00:00:01:00
 +linkagg lacp agg 100 actor admin-key 100
 +linkagg lacp agg 101 size 2 admin-state enable multi-chassis active
 +linkagg lacp agg 101 name "SW02"
 +linkagg lacp agg 101 actor system-id 00:00:00:00:01:01
 +linkagg lacp agg 101 actor admin-key 101
 +linkagg lacp agg 102 size 2 admin-state enable multi-chassis active
 +linkagg lacp agg 102 name "SW03"
 +linkagg lacp agg 102 actor system-id 00:00:00:00:01:02
 +linkagg lacp agg 102 actor admin-key 102
 +linkagg lacp agg 103 size 2 admin-state enable multi-chassis active
 +linkagg lacp agg 103 name "SW04"
 +linkagg lacp agg 103 actor system-id 00:00:00:00:01:03
 +linkagg lacp agg 103 actor admin-key 103
 +linkagg lacp agg 104 size 2 admin-state enable multi-chassis active
 +linkagg lacp agg 104 name "SW05"
 +linkagg lacp agg 104 actor system-id 00:00:00:00:01:04
 +linkagg lacp agg 104 actor admin-key 104
 +linkagg lacp agg 105 size 2 admin-state enable multi-chassis active
 +linkagg lacp agg 105 name "SW06"
 +linkagg lacp agg 105 actor system-id 00:00:00:00:01:05
 +linkagg lacp agg 105 actor admin-key 105
 +linkagg lacp agg 106 size 2 admin-state enable multi-chassis active
 +linkagg lacp agg 106 name "SW07"
 +linkagg lacp agg 106 actor system-id 00:00:00:00:01:06
 +linkagg lacp agg 106 actor admin-key 106
 +linkagg lacp port 1/2 actor admin-key 96
 +linkagg lacp port 1/2 actor system-id 00:00:00:00:00:96
 +linkagg lacp port 1/3 actor admin-key 97
 +linkagg lacp port 1/3 actor system-id 00:00:00:00:00:97
 +linkagg lacp port 1/4 actor admin-key 98
 +linkagg lacp port 1/4 actor system-id 00:00:00:00:00:98
 +linkagg lacp port 1/5 actor admin-key 99
 +linkagg lacp port 1/5 actor system-id 00:00:00:00:00:99
 +linkagg lacp port 1/6 actor admin-key 100
 +linkagg lacp port 1/6 actor system-id 00:00:00:00:01:00
 +linkagg lacp port 1/7 actor admin-key 101
 +linkagg lacp port 1/7 actor system-id 00:00:00:00:01:01
 +linkagg lacp port 1/8 actor admin-key 102
 +linkagg lacp port 1/8 actor system-id 00:00:00:00:01:02
 +linkagg lacp port 1/9 actor admin-key 103
 +linkagg lacp port 1/9 actor system-id 00:00:00:00:01:03
 +linkagg lacp port 1/10 actor admin-key 104
 +linkagg lacp port 1/10 actor system-id 00:00:00:00:01:04
 +linkagg lacp port 1/11 actor admin-key 105
 +linkagg lacp port 1/11 actor system-id 00:00:00:00:01:05
 +linkagg lacp port 1/12 actor admin-key 106
 +linkagg lacp port 1/12 actor system-id 00:00:00:00:01:06
 +
 +! VLAN:
 +vlan 1 admin-state enable
 +vlan 1 name "Mgmt"
 +multi-chassis vip-vlan 100 admin-state enable
 +multi-chassis vip-vlan 100 name "Server"
 +vlan 102-104 admin-state enable
 +vlan 102 name "Guest"
 +vlan 103 name "VoIP"
 +vlan 104 name "Build"
 +vlan 106 admin-state enable
 +vlan 106 name "Dev"
 +multi-chassis vip-vlan 110-113 admin-state enable
 +multi-chassis vip-vlan 110 name "Client1"
 +multi-chassis vip-vlan 111 name "Client2"
 +multi-chassis vip-vlan 112 name "Client3"
 +multi-chassis vip-vlan 113 name "Client4"
 +multi-chassis vip-vlan 150 admin-state enable
 +multi-chassis vip-vlan 150 name "VIP VLAN"
 +vlan 100 members linkagg 96-99 tagged
 +vlan 102 members linkagg 100-106 tagged
 +vlan 103 members linkagg 96-106 tagged
 +vlan 104 members linkagg 96-106 tagged
 +vlan 106 members linkagg 96-106 tagged
 +vlan 110 members linkagg 100-101 tagged
 +vlan 111 members linkagg 102-103 tagged
 +vlan 112 members linkagg 104-105 tagged
 +vlan 113 members linkagg 106 tagged
 +vlan 150 members linkagg 96-99 tagged
 +
 +! Spanning Tree:
 +spantree vlan 1 admin-state enable 
 +spantree vlan 100 admin-state enable 
 +spantree vlan 102 admin-state enable 
 +spantree vlan 103 admin-state enable 
 +spantree vlan 104 admin-state enable 
 +spantree vlan 106 admin-state enable 
 +spantree vlan 110 admin-state enable 
 +spantree vlan 111 admin-state enable 
 +spantree vlan 112 admin-state enable 
 +spantree vlan 113 admin-state enable 
 +spantree vlan 150 admin-state enable 
 +
 +! Bridging:
 +! Port Mirroring:
 +! Port Mapping:
 +! IP:
 +ip service port 21 admin-state enable
 +ip service port 22 admin-state enable
 +ip service port 23 admin-state enable
 +ip service port 80 admin-state enable
 +ip service port 123 admin-state enable
 +ip service port 443 admin-state enable
 +ip interface "Mgmt" address 192.168.130.198 mask 255.255.255.0 vlan 1 no forward ifindex 1
 +ip interface "Client1" address 10.2.140.198 mask 255.255.255.0 vip-address 10.2.140.1 vlan 110 ifindex 2
 +ip interface "Client2" address 10.2.141.198 mask 255.255.255.0 vip-address 10.2.141.1 vlan 111 ifindex 3
 +ip interface "Client3" address 10.2.142.198 mask 255.255.255.0 vip-address 10.2.142.1 vlan 112 ifindex 4
 +ip interface "Client4" address 10.2.143.198 mask 255.255.255.0 vip-address 10.2.143.1 vlan 113 ifindex 5
 +ip interface "Server" address 10.2.128.198 mask 255.255.255.0 vip-address 10.2.128.1 vlan 100 ifindex 6
 +ip interface "Transfer_Firewall" address 192.168.150.198 mask 255.255.255.0 vip-address 192.168.150.1 vlan 150 ifindex 7
 +
 +! IPv6:
 +! IPSec:
 +! IPMS:
 +! AAA:
 +aaa authentication console "local" 
 +aaa authentication ftp "local" 
 +aaa authentication http "local" 
 +aaa authentication snmp "local" 
 +aaa authentication ssh "local" 
 +
 +user password-size min 6
 +
 +! NTP:
 +ntp server 192.168.2.253
 +ntp client admin-state enable
 +
 +! QOS:
 +policy condition from_voip source vlan 103 
 +policy action set_dscp dscp 46 
 +policy rule prio_voip condition from_voip action set_dscp 
 +qos apply
 +
 +! Policy Manager:
 +! VLAN Stacking:
 +! ERP:
 +! MVRP:
 +! LLDP:
 +lldp nearest-bridge port 1/1-20 tlv management system-capabilities enable
 +lldp nearest-bridge port 1/1-20 tlv management system-description enable
 +lldp nearest-bridge port 1/1-20 tlv management system-name enable
 +lldp nearest-bridge port 1/1-20 tlv management port-description enable
 +lldp non-tpmr port 1/1-20 tlv management system-capabilities enable
 +lldp non-tpmr port 1/1-20 tlv management system-description enable
 +lldp non-tpmr port 1/1-20 tlv management system-name enable
 +lldp non-tpmr port 1/1-20 tlv management port-description enable
 +lldp nearest-customer port 1/1-20 tlv management system-capabilities enable
 +lldp nearest-customer port 1/1-20 tlv management system-description enable
 +lldp nearest-customer port 1/1-20 tlv management system-name enable
 +lldp nearest-customer port 1/1-20 tlv management port-description enable
 +lldp nearest-bridge port 1/1-20 tlv management management-address enable
 +lldp non-tpmr port 1/1-20 tlv management management-address enable
 +lldp nearest-customer port 1/1-20 tlv management management-address enable
 +
 +! UDLD:
 +! Server Load Balance:
 +! High Availability Vlan:
 +! Session Manager:
 +session cli timeout 30
 +session http timeout 30
 +session prompt default "CORE02 ->"
 +command-log enable
 +
 +! Web:
 +! Trap Manager:
 +snmp station 192.168.2.203 162 "snmpv3" v3 enable
 +
 +! Health Monitor:
 +! System Service:
 +swlog output socket 192.168.2.203
 +system timezone CET
 +
 +! SNMP:
 +snmp security authentication set
 +snmp community-map mode enable
 +snmp community-map "public" user "snmp" enable
 +
 +! BFD:
 +! IP Route Manager:
 +ip static-route 0.0.0.0/0 gateway 192.168.150.253 metric 1
 +
 +! VRRP:
 +! UDP Relay:
 +! RIP:
 +! OSPF:
 +! ISIS:
 +! IP Multicast:
 +! DVMRP:
 +! IPMR:
 +! RIPng:
 +! OSPF3:
 +! BGP:
 +! Netsec:
 +! Module:
 +! RDP:
 +! DA-UNP:
 +! DHL:
 +! Ethernet-OAM:
 +! SAA:
 +! SPB-ISIS:
 +! SVCMGR:
 +! LDP:
 +! EVB:
 +</file>
 +
 +==== Modified configuration of MC-LAG Node 2 (CORE02) ====
 +
 +<file cfg modified-CORE02.cfg>
 +!========================================!
 +! File: /flash/working/boot.cfg          !
 +!========================================!
 +! Chassis:
 +mac-retention admin-state enable
 +mac-retention dup-mac-trap admin-state enable
 +mac-retention timer 30
 +
 +! Configuration:
 +
 +! Capability Manager:
 +! Multi-Chassis:
 +
 +! Virtual Chassis Manager:
 +! Virtual Flow Control:
 +! Interface:
 +! Link Aggregate:
 +linkagg lacp agg 96 size 2 admin-state enable
 +linkagg lacp agg 96 name "RACK01"
 +linkagg lacp agg 96 actor admin-key 96
 +linkagg lacp agg 97 size 2 admin-state enable
 +linkagg lacp agg 97 name "RACK02"
 +linkagg lacp agg 97 actor admin-key 97
 +linkagg lacp agg 98 size 2 admin-state enable
 +linkagg lacp agg 98 name "RACK03"
 +linkagg lacp agg 98 actor admin-key 98
 +linkagg lacp agg 99 size 2 admin-state enable
 +linkagg lacp agg 99 name "RACK04"
 +linkagg lacp agg 99 actor admin-key 99
 +linkagg lacp agg 100 size 2 admin-state enable
 +linkagg lacp agg 100 name "SW01"
 +linkagg lacp agg 100 actor admin-key 100
 +linkagg lacp agg 101 size 2 admin-state enable
 +linkagg lacp agg 101 name "SW02"
 +linkagg lacp agg 101 actor admin-key 101
 +linkagg lacp agg 102 size 2 admin-state enable
 +linkagg lacp agg 102 name "SW03"
 +linkagg lacp agg 102 actor admin-key 102
 +linkagg lacp agg 103 size 2 admin-state enable
 +linkagg lacp agg 103 name "SW04"
 +linkagg lacp agg 103 actor admin-key 103
 +linkagg lacp agg 104 size 2 admin-state enable
 +linkagg lacp agg 104 name "SW05"
 +linkagg lacp agg 104 actor admin-key 104
 +linkagg lacp agg 105 size 2 admin-state enable
 +linkagg lacp agg 105 name "SW06"
 +linkagg lacp agg 105 actor admin-key 105
 +linkagg lacp agg 106 size 2 admin-state enable
 +linkagg lacp agg 106 name "SW07"
 +linkagg lacp agg 106 actor admin-key 106
 +linkagg lacp port 2/1/2 actor admin-key 96
 +linkagg lacp port 2/1/3 actor admin-key 97
 +linkagg lacp port 2/1/4 actor admin-key 98
 +linkagg lacp port 2/1/5 actor admin-key 99
 +linkagg lacp port 2/1/6 actor admin-key 100
 +linkagg lacp port 2/1/7 actor admin-key 101
 +linkagg lacp port 2/1/8 actor admin-key 102
 +linkagg lacp port 2/1/9 actor admin-key 103
 +linkagg lacp port 2/1/10 actor admin-key 104
 +linkagg lacp port 2/1/11 actor admin-key 105
 +linkagg lacp port 2/1/12 actor admin-key 106
 +
 +! VLAN:
 +vlan 1 admin-state enable
 +vlan 1 name "Mgmt"
 +vlan 100 admin-state enable
 +vlan 100 name "Server"
 +vlan 102-104 admin-state enable
 +vlan 102 name "Guest"
 +vlan 103 name "VoIP"
 +vlan 104 name "Build"
 +vlan 106 admin-state enable
 +vlan 106 name "Dev"
 +vlan 110-113 admin-state enable
 +vlan 110 name "Client1"
 +vlan 111 name "Client2"
 +vlan 112 name "Client3"
 +vlan 113 name "Client4"
 +vlan 150 admin-state enable
 +vlan 150 name "VIP VLAN"
 +vlan 100 members linkagg 96-99 tagged
 +vlan 102 members linkagg 100-106 tagged
 +vlan 103 members linkagg 96-106 tagged
 +vlan 104 members linkagg 96-106 tagged
 +vlan 106 members linkagg 96-106 tagged
 +vlan 110 members linkagg 100-101 tagged
 +vlan 111 members linkagg 102-103 tagged
 +vlan 112 members linkagg 104-105 tagged
 +vlan 113 members linkagg 106 tagged
 +vlan 150 members linkagg 96-99 tagged
 +
 +! Spanning Tree:
 +spantree vlan 1 admin-state enable 
 +spantree vlan 100 admin-state enable 
 +spantree vlan 102 admin-state enable 
 +spantree vlan 103 admin-state enable 
 +spantree vlan 104 admin-state enable 
 +spantree vlan 106 admin-state enable 
 +spantree vlan 110 admin-state enable 
 +spantree vlan 111 admin-state enable 
 +spantree vlan 112 admin-state enable 
 +spantree vlan 113 admin-state enable 
 +spantree vlan 150 admin-state enable 
 +
 +! Bridging:
 +! Port Mirroring:
 +! Port Mapping:
 +! IP:
 +ip service port 21 admin-state enable
 +ip service port 22 admin-state enable
 +ip service port 23 admin-state enable
 +ip service port 80 admin-state enable
 +ip service port 123 admin-state enable
 +ip service port 443 admin-state enable
 +
 +! IPv6:
 +! IPSec:
 +! IPMS:
 +! AAA:
 +aaa authentication console "local" 
 +aaa authentication ftp "local" 
 +aaa authentication http "local" 
 +aaa authentication snmp "local" 
 +aaa authentication ssh "local" 
 +
 +user password-size min 6
 +
 +! NTP:
 +ntp server 192.168.2.253
 +ntp client admin-state enable
 +
 +! QOS:
 +policy condition from_voip source vlan 103 
 +policy action set_dscp dscp 46 
 +policy rule prio_voip condition from_voip action set_dscp 
 +qos apply
 +
 +! Policy Manager:
 +! VLAN Stacking:
 +! ERP:
 +! MVRP:
 +! LLDP:
 +lldp nearest-bridge port 2/1/1-20 tlv management system-capabilities enable
 +lldp nearest-bridge port 2/1/1-20 tlv management system-description enable
 +lldp nearest-bridge port 2/1/1-20 tlv management system-name enable
 +lldp nearest-bridge port 2/1/1-20 tlv management port-description enable
 +lldp non-tpmr port 2/1/1-20 tlv management system-capabilities enable
 +lldp non-tpmr port 2/1/1-20 tlv management system-description enable
 +lldp non-tpmr port 2/1/1-20 tlv management system-name enable
 +lldp non-tpmr port 2/1/1-20 tlv management port-description enable
 +lldp nearest-customer port 2/1/1-20 tlv management system-capabilities enable
 +lldp nearest-customer port 2/1/1-20 tlv management system-description enable
 +lldp nearest-customer port 2/1/1-20 tlv management system-name enable
 +lldp nearest-customer port 2/1/1-20 tlv management port-description enable
 +lldp nearest-bridge port 2/1/1-20 tlv management management-address enable
 +lldp non-tpmr port 2/1/1-20 tlv management management-address enable
 +lldp nearest-customer port 2/1/1-20 tlv management management-address enable
 +
 +! UDLD:
 +! Server Load Balance:
 +! High Availability Vlan:
 +! Session Manager:
 +session cli timeout 30
 +session http timeout 30
 +command-log enable
 +
 +! Web:
 +! Trap Manager:
 +snmp station 192.168.2.203 162 "snmpv3" v3 enable
 +
 +! Health Monitor:
 +! System Service:
 +swlog output socket 192.168.2.203
 +system timezone CET
 +
 +! SNMP:
 +snmp security authentication set
 +snmp community-map mode enable
 +snmp community-map "public" user "snmp" enable
 +
 +! BFD:
 +! IP Route Manager:
 +ip static-route 0.0.0.0/0 gateway 192.168.150.253 metric 1
 +
 +! VRRP:
 +! UDP Relay:
 +! RIP:
 +! OSPF:
 +! ISIS:
 +! IP Multicast:
 +! DVMRP:
 +! IPMR:
 +! RIPng:
 +! OSPF3:
 +! BGP:
 +! Netsec:
 +! Module:
 +! RDP:
 +! DA-UNP:
 +! DHL:
 +! Ethernet-OAM:
 +! SAA:
 +! SPB-ISIS:
 +! SVCMGR:
 +! LDP:
 +! EVB:
 +</file>
 +
 +==== Final configuration (VC-CORE01, vcboot.cfg) ====
 +
 +<file cfg vcboot.cfg>
 +!========================================!
 +! File: /flash/working/boot.cfg          !
 +!========================================!
 +! Chassis:
 +system name MC-Lag1
 +system contact myContact
 +system location "1. DC"
 +mac-retention admin-state enable
 +mac-retention dup-mac-trap admin-state enable
 +mac-retention timer 30
 +
 +! Configuration:
 +
 +! Capability Manager:
 +! Multi-Chassis:
 +
 +! Virtual Chassis Manager:
 +! Virtual Flow Control:
 +! Interface:
 +! Link Aggregate:
 +linkagg lacp agg 96 size 2 admin-state enable
 +linkagg lacp agg 96 name "RACK01"
 +linkagg lacp agg 96 actor admin-key 96
 +linkagg lacp agg 97 size 2 admin-state enable
 +linkagg lacp agg 97 name "RACK02"
 +linkagg lacp agg 97 actor admin-key 97
 +linkagg lacp agg 98 size 2 admin-state enable
 +linkagg lacp agg 98 name "RACK03"
 +linkagg lacp agg 98 actor admin-key 98
 +linkagg lacp agg 99 size 2 admin-state enable
 +linkagg lacp agg 99 name "RACK04"
 +linkagg lacp agg 99 actor admin-key 99
 +linkagg lacp agg 100 size 2 admin-state enable
 +linkagg lacp agg 100 name "SW01"
 +linkagg lacp agg 100 actor admin-key 100
 +linkagg lacp agg 101 size 2 admin-state enable
 +linkagg lacp agg 101 name "SW02"
 +linkagg lacp agg 101 actor admin-key 101
 +linkagg lacp agg 102 size 2 admin-state enable
 +linkagg lacp agg 102 name "SW03"
 +linkagg lacp agg 102 actor admin-key 102
 +linkagg lacp agg 103 size 2 admin-state enable
 +linkagg lacp agg 103 name "SW04"
 +linkagg lacp agg 103 actor admin-key 103
 +linkagg lacp agg 104 size 2 admin-state enable
 +linkagg lacp agg 104 name "SW05"
 +linkagg lacp agg 104 actor admin-key 104
 +linkagg lacp agg 105 size 2 admin-state enable
 +linkagg lacp agg 105 name "SW06"
 +linkagg lacp agg 105 actor admin-key 105
 +linkagg lacp agg 106 size 2 admin-state enable
 +linkagg lacp agg 106 name "SW07"
 +linkagg lacp agg 106 actor admin-key 106
 +linkagg lacp port 1/1/2 actor admin-key 96
 +linkagg lacp port 1/1/3 actor admin-key 97
 +linkagg lacp port 1/1/4 actor admin-key 98
 +linkagg lacp port 1/1/5 actor admin-key 99
 +linkagg lacp port 1/1/6 actor admin-key 100
 +linkagg lacp port 1/1/7 actor admin-key 101
 +linkagg lacp port 1/1/8 actor admin-key 102
 +linkagg lacp port 1/1/9 actor admin-key 103
 +linkagg lacp port 1/1/10 actor admin-key 104
 +linkagg lacp port 1/1/11 actor admin-key 105
 +linkagg lacp port 1/1/12 actor admin-key 106
 +linkagg lacp port 2/1/2 actor admin-key 96
 +linkagg lacp port 2/1/3 actor admin-key 97
 +linkagg lacp port 2/1/4 actor admin-key 98
 +linkagg lacp port 2/1/5 actor admin-key 99
 +linkagg lacp port 2/1/6 actor admin-key 100
 +linkagg lacp port 2/1/7 actor admin-key 101
 +linkagg lacp port 2/1/8 actor admin-key 102
 +linkagg lacp port 2/1/9 actor admin-key 103
 +linkagg lacp port 2/1/10 actor admin-key 104
 +linkagg lacp port 2/1/11 actor admin-key 105
 +linkagg lacp port 2/1/12 actor admin-key 106
 +
 +! VLAN:
 +vlan 1 admin-state enable
 +vlan 1 name "Mgmt"
 +vlan 100 admin-state enable
 +vlan 100 name "Server"
 +vlan 102-104 admin-state enable
 +vlan 102 name "Guest"
 +vlan 103 name "VoIP"
 +vlan 104 name "Build"
 +vlan 106 admin-state enable
 +vlan 106 name "Dev"
 +vlan 110-113 admin-state enable
 +vlan 110 name "Client1"
 +vlan 111 name "Client2"
 +vlan 112 name "Client3"
 +vlan 113 name "Client4"
 +vlan 150 admin-state enable
 +vlan 150 name "VIP VLAN"
 +vlan 100 members linkagg 96-99 tagged
 +vlan 102 members linkagg 100-106 tagged
 +vlan 103 members linkagg 96-106 tagged
 +vlan 104 members linkagg 96-106 tagged
 +vlan 106 members linkagg 96-106 tagged
 +vlan 110 members linkagg 100-101 tagged
 +vlan 111 members linkagg 102-103 tagged
 +vlan 112 members linkagg 104-105 tagged
 +vlan 113 members linkagg 106 tagged
 +vlan 150 members linkagg 96-99 tagged
 +
 +! Spanning Tree:
 +spantree vlan 1 admin-state enable 
 +spantree vlan 100 admin-state enable 
 +spantree vlan 102 admin-state enable 
 +spantree vlan 103 admin-state enable 
 +spantree vlan 104 admin-state enable 
 +spantree vlan 106 admin-state enable 
 +spantree vlan 110 admin-state enable 
 +spantree vlan 111 admin-state enable 
 +spantree vlan 112 admin-state enable 
 +spantree vlan 113 admin-state enable 
 +spantree vlan 150 admin-state enable 
 +
 +! Bridging:
 +! Port Mirroring:
 +! Port Mapping:
 +! IP:
 +ip service port 21 admin-state enable
 +ip service port 22 admin-state enable
 +ip service port 23 admin-state enable
 +ip service port 80 admin-state enable
 +ip service port 123 admin-state enable
 +ip service port 443 admin-state enable
 +ip interface "Mgmt" address 192.168.130.197 mask 255.255.255.0 vlan 1 no forward ifindex 1
 +ip interface "Client1" address 10.2.140.1 mask 255.255.255.0 vlan 110 ifindex 2
 +ip interface "Client2" address 10.2.141.1 mask 255.255.255.0 vlan 111 ifindex 3
 +ip interface "Client3" address 10.2.142.1 mask 255.255.255.0 vlan 112 ifindex 4
 +ip interface "Client4" address 10.2.143.1 mask 255.255.255.0 vlan 113 ifindex 5
 +ip interface "Server" address 10.2.128.1 mask 255.255.255.0 vlan 100 ifindex 6
 +ip interface "Transfer_Firewall" address 192.168.150.1 mask 255.255.255.0 vlan 150 ifindex 7
 +
 +! IPv6:
 +! IPSec:
 +! IPMS:
 +! AAA:
 +aaa authentication console "local" 
 +aaa authentication ftp "local" 
 +aaa authentication http "local" 
 +aaa authentication snmp "local" 
 +aaa authentication ssh "local" 
 +
 +user password-size min 6
 +
 +! NTP:
 +ntp server 192.168.2.253
 +ntp client admin-state enable
 +
 +! QOS:
 +policy condition from_voip source vlan 103 
 +policy action set_dscp dscp 46 
 +policy rule prio_voip condition from_voip action set_dscp 
 +qos apply
 +
 +! Policy Manager:
 +! VLAN Stacking:
 +! ERP:
 +! MVRP:
 +! LLDP:
 +lldp nearest-bridge port 1/1/1-20 tlv management system-capabilities enable
 +lldp nearest-bridge port 1/1/1-20 tlv management system-description enable
 +lldp nearest-bridge port 1/1/1-20 tlv management system-name enable
 +lldp nearest-bridge port 1/1/1-20 tlv management port-description enable
 +lldp non-tpmr port 1/1/1-20 tlv management system-capabilities enable
 +lldp non-tpmr port 1/1/1-20 tlv management system-description enable
 +lldp non-tpmr port 1/1/1-20 tlv management system-name enable
 +lldp non-tpmr port 1/1/1-20 tlv management port-description enable
 +lldp nearest-customer port 1/1/1-20 tlv management system-capabilities enable
 +lldp nearest-customer port 1/1/1-20 tlv management system-description enable
 +lldp nearest-customer port 1/1/1-20 tlv management system-name enable
 +lldp nearest-customer port 1/1/1-20 tlv management port-description enable
 +lldp nearest-bridge port 1/1/1-20 tlv management management-address enable
 +lldp non-tpmr port 1/1/1-20 tlv management management-address enable
 +lldp nearest-customer port 1/1/1-20 tlv management management-address enable
 +lldp nearest-bridge port 2/1/1-20 tlv management system-capabilities enable
 +lldp nearest-bridge port 2/1/1-20 tlv management system-description enable
 +lldp nearest-bridge port 2/1/1-20 tlv management system-name enable
 +lldp nearest-bridge port 2/1/1-20 tlv management port-description enable
 +lldp non-tpmr port 2/1/1-20 tlv management system-capabilities enable
 +lldp non-tpmr port 2/1/1-20 tlv management system-description enable
 +lldp non-tpmr port 2/1/1-20 tlv management system-name enable
 +lldp non-tpmr port 2/1/1-20 tlv management port-description enable
 +lldp nearest-customer port 2/1/1-20 tlv management system-capabilities enable
 +lldp nearest-customer port 2/1/1-20 tlv management system-description enable
 +lldp nearest-customer port 2/1/1-20 tlv management system-name enable
 +lldp nearest-customer port 2/1/1-20 tlv management port-description enable
 +lldp nearest-bridge port 2/1/1-20 tlv management management-address enable
 +lldp non-tpmr port 2/1/1-20 tlv management management-address enable
 +lldp nearest-customer port 2/1/1-20 tlv management management-address enable
 +
 +! UDLD:
 +! Server Load Balance:
 +! High Availability Vlan:
 +! Session Manager:
 +session cli timeout 30
 +session http timeout 30
 +session prompt default "CORE01 ->"
 +command-log enable
 +
 +! Web:
 +! Trap Manager:
 +snmp station 192.168.2.203 162 "snmpv3" v3 enable
 +
 +! Health Monitor:
 +! System Service:
 +swlog output socket 192.168.2.203
 +system timezone CET
 +
 +! SNMP:
 +snmp security authentication set
 +snmp community-map mode enable
 +snmp community-map "public" user "snmp" enable
 +
 +! BFD:
 +! IP Route Manager:
 +ip static-route 0.0.0.0/0 gateway 192.168.150.253 metric 1
 +
 +! VRRP:
 +! UDP Relay:
 +! RIP:
 +! OSPF:
 +! ISIS:
 +! IP Multicast:
 +! DVMRP:
 +! IPMR:
 +! RIPng:
 +! OSPF3:
 +! BGP:
 +! Netsec:
 +! Module:
 +! RDP:
 +! DA-UNP:
 +! DHL:
 +! Ethernet-OAM:
 +! SAA:
 +! SPB-ISIS:
 +! SVCMGR:
 +! LDP:
 +! EVB:
 +</file>
 +
 +===== Carry out the MC-LAG to OmniSwitch Virtual-Chassis migration =====
 +
 +==== Preparation of CORE01 ====
 +
 +**Create the directories for Virtual-Chassis and open vcsetup.cfg:**
 +
 +<code>
 +CORE01 -> mkdir vc-config
 +CORE01 -> cd vc-config
 +CORE01 -> vi vcsetup.cfg
 +(Edit file, like in the following example) 
 +</code>
 +
 +<WRAP center round tip 60%>
 +This example follows the previous configuration of the multi-chassis/VFL-ports, this is worthwhile in most cases.
 +</WRAP>
 +
 +
 +<file cfg vcsetup.cfg>
 +!========================================!
 +! File: /flash/vc-config/vcsetup.cfg     !
 +!========================================!
 +! Virtual Chassis Manager:
 +virtual-chassis chassis-id 1 configured-chassis-id 1
 +virtual-chassis chassis-id 1 vf-link 0 create       
 +virtual-chassis chassis-id 1 vf-link 0 member-port 1/1/1 
 +virtual-chassis chassis-id 1 vf-link 0 member-port 1/1/20
 +virtual-chassis chassis-id 1 chassis-group 9             
 +                                                         
 +! IP:                                                                     
 +ip interface local chassis-id 1 emp address 192.168.1.1 mask 255.255.255.0
 +</file>
 +
 +<WRAP center round tip 60%>
 +We **strongly** recommend to use and configure the EMP-port (Out-of-Band-Management), which is important to use "Remote-Chassis-Split-Detection" which avoids a "Split-Brain"-situation!
 +</WRAP>
 +
 +
 +**Upload/Copy the Alcatel-Lucent Operating System (AOS):**
 +<WRAP center round tip 60%>
 +Upload the vcboot.cfg via FTP to the directory vc-config!
 +</WRAP>
 +
 +<code>
 +CORE01 -> 
 +CORE01 -> ls
 +vcboot.cfg   vcsetup.cfg
 +CORE01 -> cp ../732-344-GA/Tos.img .
 +CORE01 -> ls -l
 +-rw-r--r--    1 admin    user     126642216 Aug 16 09:51 Tos.img
 +-rw-------    1 admin    user          8279 Aug 16 09:50 vcboot.cfg
 +-rw-r--r--    1 admin    user           497 Aug 16 09:49 vcsetup.cfg
 +CORE01 -> 
 +</code>
 +
 +==== Preparation of CORE02 ====
 +
 +**Create the directories for Virtual-Chassis and open vcsetup.cfg:**
 +
 +<code>
 +CORE02 -> mkdir vc-config
 +CORE02 -> cd vc-config
 +CORE02 -> vi vcsetup.cfg
 +(Edit file, like in the following example) 
 +</code>
 +
 +<WRAP center round tip 60%>
 +This example follows the previous configuration of the multi-chassis/VFL-ports, this is worthwhile in most cases.
 +</WRAP>
 +
 +
 +<file cfg vcsetup.cfg>
 +!========================================!
 +! File: /flash/vc-config/vcsetup.cfg     !
 +!========================================!
 +! Virtual Chassis Manager:
 +virtual-chassis chassis-id 2 configured-chassis-id 2
 +virtual-chassis chassis-id 2 vf-link 0 create       
 +virtual-chassis chassis-id 2 vf-link 0 member-port 2/1/1 
 +virtual-chassis chassis-id 2 vf-link 0 member-port 2/1/20
 +virtual-chassis chassis-id 2 chassis-group 9             
 +                                                         
 +! IP:                                                                     
 +ip interface local chassis-id 2 emp address 192.168.1.2 mask 255.255.255.0
 +</file>
 +
 +<WRAP center round tip 60%>
 +We **strongly** recommend to use and configure the EMP-port (Out-of-Band-Management), which is important to use "Remote-Chassis-Split-Detection" which avoids a "Split-Brain"-situation!
 +</WRAP>
 +
 +
 +**Upload/Copy the Alcatel-Lucent Operating System (AOS):**
 +<WRAP center round tip 60%>
 +Upload the vcboot.cfg via FTP to the directory vc-config!
 +</WRAP>
 +
 +<code>
 +CORE02 -> 
 +CORE02 -> ls
 +vcboot.cfg   vcsetup.cfg
 +CORE02 -> cp ../732-344-GA/Tos.img .
 +CORE02 -> ls -l
 +-rw-r--r--    1 admin    user     126642216 Aug 16 09:51 Tos.img
 +-rw-------    1 admin    user          8279 Aug 16 09:50 vcboot.cfg
 +-rw-r--r--    1 admin    user           497 Aug 16 09:49 vcsetup.cfg
 +CORE02 -> 
 +</code>
 +
 +==== Reboot the two nodes/chassis ====
 +
 +**CORE01:**
 +<code>
 +CORE01 -> reload from vc-config no rollback-timeout
 +</code>
 +
 +**CORE02:**
 +<code>
 +CORE02 -> reload from vc-config no rollback-timeout
 +</code>
 +
 +==== Relevant output on console ====
 +
 +We're waiting for **Chassis Supervision: CMM has reached the ready state [L8]**, in that moment the Virtual-Chassis is ready and starts to switch/forward traffic.
 +
 +<code>
 +Fri Aug 16 10:03:44 : vcmCmm chas_sup info message:
 ++++ CMM:vcmCMM_cs_handle_chassis_ready@3602: Chassis 1 ready (data 0) [L1]
 + 
 +Fri Aug 16 10:04:05 : vcmCmm port_mgr info message:
 ++++ CMM:vcmCMM_client_rx_pm@1551: VFL link 1/0 up (pri 1/1/1:0x0) [L2]
 +
 +Fri Aug 16 10:04:05 : vcmCmm protocol info message:
 ++++ CMM:vcmCMN_protocol_ready_update_cb@13348: Chassis 1, role Master, status Running, master 1 [L3]
 +
 +Fri Aug 16 10:04:05 : vcmCmm ipc info message:
 ++++ CMM:vcmCMM_peer_connected@1792: Remote endpoint (chassis 2, slot 65) [L4]
 +
 +Fri Aug 16 10:04:08 : vcmCmm node_sync info message:
 ++++ CMM:notify_sync_complete@757: Sync complete 'multi node' (peers 1, conn 1, sync 1) [L5]
 +
 +Fri Aug 16 10:04:08 : ChassisSupervisor bootMgr info message:
 ++++ Sending VC Takeover to NIs and applications [L6]
 +
 +Fri Aug 16 10:04:08 : isis_spb_0 TASK info message:
 ++++ VC Takeover: chassis_id:1
 +
 +Fri Aug 16 10:04:08 : ipv4 itf info message:
 ++++ Interface EMP-CHAS1 192.168.1.1/255.255.255.0
 +
 +Fri Aug 16 10:04:08 : SNMP aluSubagent_thread info message:
 ++++ snmp_vc_takeover_callback | VC Takeover complete
 +
 +Fri Aug 16 10:04:10 : qosNi Info info message:
 ++++ VC Takeover in progress.
 ++++ VC Takeover complete.
 +
 +Fri Aug 16 10:04:10 : ChassisSupervisor bootMgr info message:
 ++++ Received VC Takeover Complete event from all apps [L7]
 +Chassis Supervision: CMM has reached the ready state [L8]
 +Chassis Supervision: CMM has reached the ready state [L8]
 +
 +Fri Aug 16 10:04:12 : ChassisSupervisor reloadMgr info message:
 ++++ Redundancy time expired - updating next running to vc-config
 +</code>
 +
 +**The time it took since reload and "ready state"-message:**
 +
 +{{:mclag-migrationszeit.jpg?nolink&300|}}
 +
 +==== Verify the Virtual-Chassis topology ====
 +<code>
 +CORE01 -> show virtual-chassis topology 
 +Local Chassis: 1
 +                                        Config 
 + Chas  Role         Status              Chas ID  Pri   Group  MAC-Address      
 +-----+------------+-------------------+--------+-----+------+------------------
 +     Master       Running                    100        e8:e7:32:11:ca:ed
 +     Slave        Running                    100        e8:e7:32:11:ca:d1
 +
 +</code>
 +
 +==== Finalising the VC migration ====
 +
 +After you've verified that everything works as expected, you should save and certify the configuration.
 +<code>
 +CORE01 -> write memory flash-synchro
 +</code>
english/migrate-mclag-to-omniswitch-virtual-chassis.txt · Zuletzt geändert: 2014/06/19 15:24 von benny