mc-lag_zu_virtual-chassis_migration
Inhaltsverzeichnis
Migration von MC-LAG zu Virtual-Chassis
In diesem Beitrag beschreiben wir die Migration von Alcatel-Lucent OmniSwitch MC-LAG zum Virtual-Chassis. Nach unseren Erfahrungen werden für diesen Vorgang (Neustart der Geräte) weniger als 5 Minuten benötigt. Eine ausführliche Lektüre dieser Seite, ist aber die Grundvoraussetzung!
Bitte prüfen Sie die Konfiguration sorgfältig bevor Sie die Systeme neustarten!
Voraussetzungen
Wir nutzen VIM um viele, sonst fehleranfällige, Änderungen der Konfiguration zu automatisieren.
VIM ist ein großartiges Programm und sollte auf keinem Rechner fehlen.
- Download für MacOSX: http://code.google.com/p/macvim/
- Download für Windows: http://www.vim.org/download.php#pc
- Download für Linux: http://www.vim.org/download.php#unix
Damit VIM beim „Suchen & Ersetzen“ die Zeilen farbig markiert, ist folgende Einstellung sinnvoll:
:set hlsearch
- Auf dem OmniSwitch wird die „Advanced“-Lizenz benötigt um das „Virtual Chassis“ einsetzen zu können.
- Bitte beachten Sie die u-boot / AOS-Abhängigkeiten! Details dazu stehen in den „Upgrade Instructions“.
Vergleich von MC-LAG mit Virtual-Chassis
| MC-LAG | Virtual-Chassis |
|---|---|
| Verfügbar seit AOS 7.1.1.R01 | Verfügbar seit AOS 7.3.1.R01 |
| L2-Learning in Hardware (MAC-Tabelle wird zwischen den Chassis synchronisiert) | L2-Learning in Hardware (MAC-Tabelle wird zwischen den Chassis synchronisiert) |
| Unabhängige Konfiguration mit separater Management-IP für jeden Switch | Konfiguration und Management des gesamten Virtual-Chassis erfolgt über eine IP-Adresse |
| Unabhängige Bridge-IDs | Eine Bridge-ID |
| Unabhängige Router | Ein Router |
| Nur eingeschränkte IPv4-L3-Unterstützung über MC-LAGs (z.B. Dynamisches Routing) | Vollständige Unterstützung |
| Keine IPv6-L3-Unterstützung über MC-LAGs (z.B. Gateway, Dynamisches Routing) | Vollständige Unterstützung |
| Virtual Fabric Link (VFL), fehlertolerantes und hochperformantes Link-Aggregat | Identisch |
| Limitiert auf zwei Chassis | Aktuell zwei Chassis, zukünftig sechs |
| ISSU nur für das gleiche Chassis | ISSU über Chassis hinweg |
Gründe um von MC-LAG zum Virtual-Chassis zu migrieren
- einfacheres Management
- IPv6-fähig
- IPv4/IPv6-Routing
Planung der Arbeitsschritte
- vcsetup.cfg's müssen vorbereitet werden
- MC-LAG und System/Session:
- „multi-chassis“-Zeilen müssen komplett aus der Konfiguration entfernt werden
- „session prompt“ vom zweiten Core entfernen
- „system name“, „system location“, „system contact“ & „ip interface“ vom zweiten Core entfernen
- Link-Aggregation:
- „linkagg range“ Zeile muss aus der Konfiguration entfernt werden
- linkagg {lacp|static} agg <agg> size <size> admin-state {enable|disable} „multi-chassis active“ muss aus der Konfiguration entfernt werden
- linkagg lacp agg <agg> „system-id xx:xx:xx:xx:xx:xx“ muss aus der Konfiguration entfernt werden
- linkagg {lacp|static} port „system-id xx:xx:xx:xx:xx:xx“ muss aus der Konfiguration entfernt werden
- linkagg {lacp|static} port „slot/port“ zu „chassis/slot/port“ konvertieren
- VLAN:
- multi-chassis vip-vlan konvertieren in normales vlan
- VLAN-Zuordnung von Ports tagged/untagged „slot/port“ zu „chassis/slot/port“ konvertieren
- IP-Interface:
- Entweder bisherige virtuelle Adresse (vip-address) als VRRP anlegen ODER
- IP-Interface mit „vip-address“ betreiben (bisherige physikalische IP überschreiben)
- (IP Interfaces aus Chassis 2 komplett löschen)
- LLDP:
- „slot/port“ zu „chassis/slot/port“ konvertieren
- Weitere Konfigurationen
- Sind in der Konfiguration noch Kommandos enthalten die hier nicht behandelt werden?
Durchführung der vorbereitenden Arbeitsschritte
Wenn nicht anders angegeben, müssen die VIM-Kommandos jeweils einmal für „Chassis 1“ und „Chassis 2“-Konfiguration durchgeführt werden.
Konvertieren und entfernen der Multi-Chassis & VF-Link Konfiguration
An dieser Stelle wird die Multi-Chassis Konfiguration entfernt, vorher sollten natürlich die Parameter in eine jeweils neue vcsetup.cfg übernommen werden. Wie diese Dateien aussehen müssen, steht u.a. hier: NextiraOne - Data Center Validated Reference Design
Um die Konvertierung möglichst einfach zu gestalten, helfen die folgenden VIM-Kommandos beim Erstellen der zwei vcsetup.cfg's:
Ein hinter das „g“ (global) angestelltes „c“ (confirmation) fordert für jede Fundstelle vor Ersetzung eine Bestätigung ein. Wer also nicht jede Zeile bestätigen möchte, entfernt das „c“.
Chassis 1: :%s/^multi-chassis\ chassis-id\ \(\d\+\)$/virtual-chassis chassis-id \1 configured-chassis-id \1/gc :%s/^multi-chassis\ vf-link\ create$/virtual-chassis chassis-id 1 vf-link 0 create/gc :%s/^multi-chassis\ vf-link\ member-port\ \(\d\+\/\S*\)$/virtual-chassis chassis-id 1 vf-link 0 member-port 1\/\1/gc :%s/^multi-chassis\ chassis-group\ \(\d\+\)$/virtual-chassis chassis-id 1 chassis-group \1/gc Chassis 2: :%s/^multi-chassis\ chassis-id\ \(\d\+\)$/virtual-chassis chassis-id \1 configured-chassis-id \1/gc :%s/^multi-chassis\ vf-link\ create$/virtual-chassis chassis-id 2 vf-link 0 create/gc :%s/^multi-chassis\ vf-link\ member-port\ \(\d\+\/\S*\)$/virtual-chassis chassis-id 2 vf-link 0 member-port 2\/\1/gc :%s/^multi-chassis\ chassis-group\ \(\d\+\)$/virtual-chassis chassis-id 2 chassis-group \1/gc
Wer die Zeilen kopiert oder manuell die Dateien angelegt hat, kann nun die Zeilen löschen:
(Löscht beide Varianten, multi-chassis und konvertierte virtual-chassis Kommandos)
:g/^\(multi\|virtual\)-chassis\ \(cha\|vf-\).*$/d
Entfernen der "linkagg range" aus der Konfiguration
:g/^linkagg\ range.*$/d
"multi-chassis active" aus den Link-Aggregationen entfernen
:%s/\ multi-chassis\ active.*$//gc
"system-id xx:xx:xx:xx:xx:xx"-Zeilen aus Link-Aggregation Port und Aggs entfernen
:g/^linkagg\ \(.*system-id\).*$/d
Link-Aggregations - Konfiguration von "slot/port" zu "chassis/slot/port" konvertieren
Chassis 1: :%s/^linkagg\ \(static\|lacp\)\ port\ \(\d\+\/\S*\)/linkagg \1 port 1\/\2/gc Chassis 2: :%s/^linkagg\ \(static\|lacp\)\ port\ \(\d\+\/\S*\)/linkagg \1 port 2\/\2/gc
"multi-chassis vip-vlan" ersetzen durch normales "vlan"
:%s/^multi-chassis\ vip-vlan/vlan/gc
VLAN Portzuordnung von "slot/port" zu "chassis/slot/port" konvertieren
Chassis 1: :%s/^vlan\ \(\d\+\)\ members\ port\ \(\d\+\/\S*\)/vlan \1 members port 1\/\2/gc Chassis 2: :%s/^vlan\ \(\d\+\)\ members\ port\ \(\d\+\/\S*\)/vlan \1 members port 2\/\2/gc
IP-Interfaces automatisiert konvertieren
Nachdem wir die beiden MC-LAG Nodes zu einem Virtual Chassis migriert haben, sollen Server/Clients die gleichen Gateways wie zuvor nutzen können - daher konvertieren wir im Folgenden die IP-Interfaces von bisherigen physikalischen IPs auf Ihre „VIP-Address“ um.
(Soll dies nicht so gemacht werden, muss dieser Schritt natürlich manuell nach eigenem Wunsch durchgeführt werden.)
Chassis 1: :%s/^ip\ interface\ \(\".*\"\)\ address \(\d\+\.\d\+\.\d\+\.\d\+\)\ mask\ \(\d\+\.\d\+\.\d\+\.\d\+\)\ vip-address\ \(\d\+\.\d\+\.\d\+\.\d\+\)/ip interface \1 address \4 mask \3/gc Chassis 2: :g/^ip\ interface.*$/d
LLDP-Konfiguration von "slot/port" zu "chassis/slot/port" konvertieren
Chassis 1: :%s/^lldp\ \(nearest-bridge\|non-tpmr\|nearest-customer\)\ port \(\d\+\/\S*\)/lldp \1 port 1\/\2/gc Chassis 2: :%s/^lldp\ \(nearest-bridge\|non-tpmr\|nearest-customer\)\ port \(\d\+\/\S*\)/lldp \1 port 2\/\2/gc
Entfernung überflüssiger Parameter
Aus der Konfiguration von Chassis 2 sollten noch einige Parameter entfernt werden die sonst beim Zusammenführen (merge) der beiden Dateien zu fehlender Übersicht führen können:
:g/^system\ \(name\|contact\|location\)/d :g/^session\ prompt/d
Beide Dateien mit „:wq“ abspeichern und schließen.
Erstellen der vcboot.cfg für das Virtual Chassis
Im folgenden sieht man wie die „primäre“ Konfiguration wieder geöffent wurde:
Wir holen uns nun über das folgende Kommando die zweite Datei inkl. farblich markierten Unterschieden dazu:
:vert diffsplit CORE02.cfg
Über die Tastenkombination STRG+WW kann zwischen den Fenstern gewechselt werden. Mit der Tastenkombination Shift (Hochstelltaste)+V können wir Zeilenweise über die Cursortasten markieren und mit „d“ die markierten Zeilen ausschneiden.
Die ausgeschnittenen Zeilen fügen wir (nach wechseln ins andere Fenster mit Strg+WW) mit „p“ an der gewünschten Stelle in der Konfiguration ein. Dieser Schritt muss für VLAN-Portzuordnung, Link-Aggregation-Portzuordnung, LLDP-Portkonfiguration usw. durchgeführt werden.
Nachdem alle relevanten Inhalte in die Konfiguration kopiert wurden, diese mit dem folgenden Kommando abspeichern:
:w vcboot.cfg
Exemplarische Konfiguration
MC-LAG Knoten 1 (CORE01)
- CORE01.cfg
!========================================! ! File: /flash/working/boot.cfg ! !========================================! ! Chassis: system name MC-Lag1 system contact myContact system location "1. DC" mac-retention admin-state enable mac-retention dup-mac-trap admin-state enable mac-retention timer 30 ! Configuration: ! Capability Manager: ! Multi-Chassis: multi-chassis chassis-id 1 multi-chassis vf-link create multi-chassis vf-link member-port 1/1 multi-chassis vf-link member-port 1/20 multi-chassis chassis-group 9 ! Virtual Chassis Manager: ! Virtual Flow Control: ! Interface: ! Link Aggregate: linkagg range local 0-47 peer 48-95 multi-chassis 96-127 linkagg lacp agg 96 size 2 admin-state enable multi-chassis active linkagg lacp agg 96 name "RACK01" linkagg lacp agg 96 actor system-id 00:00:00:00:00:96 linkagg lacp agg 96 actor admin-key 96 linkagg lacp agg 97 size 2 admin-state enable multi-chassis active linkagg lacp agg 97 name "RACK02" linkagg lacp agg 97 actor system-id 00:00:00:00:00:97 linkagg lacp agg 97 actor admin-key 97 linkagg lacp agg 98 size 2 admin-state enable multi-chassis active linkagg lacp agg 98 name "RACK03" linkagg lacp agg 98 actor system-id 00:00:00:00:00:98 linkagg lacp agg 98 actor admin-key 98 linkagg lacp agg 99 size 2 admin-state enable multi-chassis active linkagg lacp agg 99 name "RACK04" linkagg lacp agg 99 actor system-id 00:00:00:00:00:99 linkagg lacp agg 99 actor admin-key 99 linkagg lacp agg 100 size 2 admin-state enable multi-chassis active linkagg lacp agg 100 name "SW01" linkagg lacp agg 100 actor system-id 00:00:00:00:01:00 linkagg lacp agg 100 actor admin-key 100 linkagg lacp agg 101 size 2 admin-state enable multi-chassis active linkagg lacp agg 101 name "SW02" linkagg lacp agg 101 actor system-id 00:00:00:00:01:01 linkagg lacp agg 101 actor admin-key 101 linkagg lacp agg 102 size 2 admin-state enable multi-chassis active linkagg lacp agg 102 name "SW03" linkagg lacp agg 102 actor system-id 00:00:00:00:01:02 linkagg lacp agg 102 actor admin-key 102 linkagg lacp agg 103 size 2 admin-state enable multi-chassis active linkagg lacp agg 103 name "SW04" linkagg lacp agg 103 actor system-id 00:00:00:00:01:03 linkagg lacp agg 103 actor admin-key 103 linkagg lacp agg 104 size 2 admin-state enable multi-chassis active linkagg lacp agg 104 name "SW05" linkagg lacp agg 104 actor system-id 00:00:00:00:01:04 linkagg lacp agg 104 actor admin-key 104 linkagg lacp agg 105 size 2 admin-state enable multi-chassis active linkagg lacp agg 105 name "SW06" linkagg lacp agg 105 actor system-id 00:00:00:00:01:05 linkagg lacp agg 105 actor admin-key 105 linkagg lacp agg 106 size 2 admin-state enable multi-chassis active linkagg lacp agg 106 name "SW07" linkagg lacp agg 106 actor system-id 00:00:00:00:01:06 linkagg lacp agg 106 actor admin-key 106 linkagg lacp port 1/2 actor admin-key 96 linkagg lacp port 1/2 actor system-id 00:00:00:00:00:96 linkagg lacp port 1/3 actor admin-key 97 linkagg lacp port 1/3 actor system-id 00:00:00:00:00:97 linkagg lacp port 1/4 actor admin-key 98 linkagg lacp port 1/4 actor system-id 00:00:00:00:00:98 linkagg lacp port 1/5 actor admin-key 99 linkagg lacp port 1/5 actor system-id 00:00:00:00:00:99 linkagg lacp port 1/6 actor admin-key 100 linkagg lacp port 1/6 actor system-id 00:00:00:00:01:00 linkagg lacp port 1/7 actor admin-key 101 linkagg lacp port 1/7 actor system-id 00:00:00:00:01:01 linkagg lacp port 1/8 actor admin-key 102 linkagg lacp port 1/8 actor system-id 00:00:00:00:01:02 linkagg lacp port 1/9 actor admin-key 103 linkagg lacp port 1/9 actor system-id 00:00:00:00:01:03 linkagg lacp port 1/10 actor admin-key 104 linkagg lacp port 1/10 actor system-id 00:00:00:00:01:04 linkagg lacp port 1/11 actor admin-key 105 linkagg lacp port 1/11 actor system-id 00:00:00:00:01:05 linkagg lacp port 1/12 actor admin-key 106 linkagg lacp port 1/12 actor system-id 00:00:00:00:01:06 ! VLAN: vlan 1 admin-state enable vlan 1 name "Mgmt" multi-chassis vip-vlan 100 admin-state enable multi-chassis vip-vlan 100 name "Server" vlan 102-104 admin-state enable vlan 102 name "Guest" vlan 103 name "VoIP" vlan 104 name "Build" vlan 106 admin-state enable vlan 106 name "Dev" multi-chassis vip-vlan 110-113 admin-state enable multi-chassis vip-vlan 110 name "Client1" multi-chassis vip-vlan 111 name "Client2" multi-chassis vip-vlan 112 name "Client3" multi-chassis vip-vlan 113 name "Client4" multi-chassis vip-vlan 150 admin-state enable multi-chassis vip-vlan 150 name "VIP VLAN" vlan 100 members linkagg 96-99 tagged vlan 102 members linkagg 100-106 tagged vlan 103 members linkagg 96-106 tagged vlan 104 members linkagg 96-106 tagged vlan 106 members linkagg 96-106 tagged vlan 110 members linkagg 100-101 tagged vlan 111 members linkagg 102-103 tagged vlan 112 members linkagg 104-105 tagged vlan 113 members linkagg 106 tagged vlan 150 members linkagg 96-99 tagged ! Spanning Tree: spantree vlan 1 admin-state enable spantree vlan 100 admin-state enable spantree vlan 102 admin-state enable spantree vlan 103 admin-state enable spantree vlan 104 admin-state enable spantree vlan 106 admin-state enable spantree vlan 110 admin-state enable spantree vlan 111 admin-state enable spantree vlan 112 admin-state enable spantree vlan 113 admin-state enable spantree vlan 150 admin-state enable ! Bridging: ! Port Mirroring: ! Port Mapping: ! IP: ip service port 21 admin-state enable ip service port 22 admin-state enable ip service port 23 admin-state enable ip service port 80 admin-state enable ip service port 123 admin-state enable ip service port 443 admin-state enable ip interface "Mgmt" address 192.168.130.197 mask 255.255.255.0 vlan 1 no forward ifindex 1 ip interface "Client1" address 10.2.140.197 mask 255.255.255.0 vip-address 10.2.140.1 vlan 110 ifindex 2 ip interface "Client2" address 10.2.141.197 mask 255.255.255.0 vip-address 10.2.141.1 vlan 111 ifindex 3 ip interface "Client3" address 10.2.142.197 mask 255.255.255.0 vip-address 10.2.142.1 vlan 112 ifindex 4 ip interface "Client4" address 10.2.143.197 mask 255.255.255.0 vip-address 10.2.143.1 vlan 113 ifindex 5 ip interface "Server" address 10.2.128.197 mask 255.255.255.0 vip-address 10.2.128.1 vlan 100 ifindex 6 ip interface "Transfer_Firewall" address 192.168.150.197 mask 255.255.255.0 vip-address 192.168.150.1 vlan 150 ifindex 7 ! IPv6: ! IPSec: ! IPMS: ! AAA: aaa authentication console "local" aaa authentication ftp "local" aaa authentication http "local" aaa authentication snmp "local" aaa authentication ssh "local" user password-size min 6 ! NTP: ntp server 192.168.2.253 ntp client admin-state enable ! QOS: policy condition from_voip source vlan 103 policy action set_dscp dscp 46 policy rule prio_voip condition from_voip action set_dscp qos apply ! Policy Manager: ! VLAN Stacking: ! ERP: ! MVRP: ! LLDP: lldp nearest-bridge port 1/1-20 tlv management system-capabilities enable lldp nearest-bridge port 1/1-20 tlv management system-description enable lldp nearest-bridge port 1/1-20 tlv management system-name enable lldp nearest-bridge port 1/1-20 tlv management port-description enable lldp non-tpmr port 1/1-20 tlv management system-capabilities enable lldp non-tpmr port 1/1-20 tlv management system-description enable lldp non-tpmr port 1/1-20 tlv management system-name enable lldp non-tpmr port 1/1-20 tlv management port-description enable lldp nearest-customer port 1/1-20 tlv management system-capabilities enable lldp nearest-customer port 1/1-20 tlv management system-description enable lldp nearest-customer port 1/1-20 tlv management system-name enable lldp nearest-customer port 1/1-20 tlv management port-description enable lldp nearest-bridge port 1/1-20 tlv management management-address enable lldp non-tpmr port 1/1-20 tlv management management-address enable lldp nearest-customer port 1/1-20 tlv management management-address enable ! UDLD: ! Server Load Balance: ! High Availability Vlan: ! Session Manager: session cli timeout 30 session http timeout 30 session prompt default "CORE01 ->" command-log enable ! Web: ! Trap Manager: snmp station 192.168.2.203 162 "snmpv3" v3 enable ! Health Monitor: ! System Service: swlog output socket 192.168.2.203 system timezone CET ! SNMP: snmp security authentication set snmp community-map mode enable snmp community-map "public" user "snmp" enable ! BFD: ! IP Route Manager: ip static-route 0.0.0.0/0 gateway 192.168.150.253 metric 1 ! VRRP: ! UDP Relay: ! RIP: ! OSPF: ! ISIS: ! IP Multicast: ! DVMRP: ! IPMR: ! RIPng: ! OSPF3: ! BGP: ! Netsec: ! Module: ! RDP: ! DA-UNP: ! DHL: ! Ethernet-OAM: ! SAA: ! SPB-ISIS: ! SVCMGR: ! LDP: ! EVB:
Modifizierte Konfiguration MC-LAG Knoten 1 (CORE01)
- modifiziert-CORE01.cfg
!========================================! ! File: /flash/working/boot.cfg ! !========================================! ! Chassis: system name MC-Lag1 system contact myContact system location "1. DC" mac-retention admin-state enable mac-retention dup-mac-trap admin-state enable mac-retention timer 30 ! Configuration: ! Capability Manager: ! Multi-Chassis: ! Virtual Chassis Manager: ! Virtual Flow Control: ! Interface: ! Link Aggregate: linkagg lacp agg 96 size 2 admin-state enable linkagg lacp agg 96 name "RACK01" linkagg lacp agg 96 actor admin-key 96 linkagg lacp agg 97 size 2 admin-state enable linkagg lacp agg 97 name "RACK02" linkagg lacp agg 97 actor admin-key 97 linkagg lacp agg 98 size 2 admin-state enable linkagg lacp agg 98 name "RACK03" linkagg lacp agg 98 actor admin-key 98 linkagg lacp agg 99 size 2 admin-state enable linkagg lacp agg 99 name "RACK04" linkagg lacp agg 99 actor admin-key 99 linkagg lacp agg 100 size 2 admin-state enable linkagg lacp agg 100 name "SW01" linkagg lacp agg 100 actor admin-key 100 linkagg lacp agg 101 size 2 admin-state enable linkagg lacp agg 101 name "SW02" linkagg lacp agg 101 actor admin-key 101 linkagg lacp agg 102 size 2 admin-state enable linkagg lacp agg 102 name "SW03" linkagg lacp agg 102 actor admin-key 102 linkagg lacp agg 103 size 2 admin-state enable linkagg lacp agg 103 name "SW04" linkagg lacp agg 103 actor admin-key 103 linkagg lacp agg 104 size 2 admin-state enable linkagg lacp agg 104 name "SW05" linkagg lacp agg 104 actor admin-key 104 linkagg lacp agg 105 size 2 admin-state enable linkagg lacp agg 105 name "SW06" linkagg lacp agg 105 actor admin-key 105 linkagg lacp agg 106 size 2 admin-state enable linkagg lacp agg 106 name "SW07" linkagg lacp agg 106 actor admin-key 106 linkagg lacp port 1/1/2 actor admin-key 96 linkagg lacp port 1/1/3 actor admin-key 97 linkagg lacp port 1/1/4 actor admin-key 98 linkagg lacp port 1/1/5 actor admin-key 99 linkagg lacp port 1/1/6 actor admin-key 100 linkagg lacp port 1/1/7 actor admin-key 101 linkagg lacp port 1/1/8 actor admin-key 102 linkagg lacp port 1/1/9 actor admin-key 103 linkagg lacp port 1/1/10 actor admin-key 104 linkagg lacp port 1/1/11 actor admin-key 105 linkagg lacp port 1/1/12 actor admin-key 106 ! VLAN: vlan 1 admin-state enable vlan 1 name "Mgmt" vlan 100 admin-state enable vlan 100 name "Server" vlan 102-104 admin-state enable vlan 102 name "Guest" vlan 103 name "VoIP" vlan 104 name "Build" vlan 106 admin-state enable vlan 106 name "Dev" vlan 110-113 admin-state enable vlan 110 name "Client1" vlan 111 name "Client2" vlan 112 name "Client3" vlan 113 name "Client4" vlan 150 admin-state enable vlan 150 name "VIP VLAN" vlan 100 members linkagg 96-99 tagged vlan 102 members linkagg 100-106 tagged vlan 103 members linkagg 96-106 tagged vlan 104 members linkagg 96-106 tagged vlan 106 members linkagg 96-106 tagged vlan 110 members linkagg 100-101 tagged vlan 111 members linkagg 102-103 tagged vlan 112 members linkagg 104-105 tagged vlan 113 members linkagg 106 tagged vlan 150 members linkagg 96-99 tagged ! Spanning Tree: spantree vlan 1 admin-state enable spantree vlan 100 admin-state enable spantree vlan 102 admin-state enable spantree vlan 103 admin-state enable spantree vlan 104 admin-state enable spantree vlan 106 admin-state enable spantree vlan 110 admin-state enable spantree vlan 111 admin-state enable spantree vlan 112 admin-state enable spantree vlan 113 admin-state enable spantree vlan 150 admin-state enable ! Bridging: ! Port Mirroring: ! Port Mapping: ! IP: ip service port 21 admin-state enable ip service port 22 admin-state enable ip service port 23 admin-state enable ip service port 80 admin-state enable ip service port 123 admin-state enable ip service port 443 admin-state enable ip interface "Mgmt" address 192.168.130.197 mask 255.255.255.0 vlan 1 no forward ifindex 1 ip interface "Client1" address 10.2.140.1 mask 255.255.255.0 vlan 110 ifindex 2 ip interface "Client2" address 10.2.141.1 mask 255.255.255.0 vlan 111 ifindex 3 ip interface "Client3" address 10.2.142.1 mask 255.255.255.0 vlan 112 ifindex 4 ip interface "Client4" address 10.2.143.1 mask 255.255.255.0 vlan 113 ifindex 5 ip interface "Server" address 10.2.128.1 mask 255.255.255.0 vlan 100 ifindex 6 ip interface "Transfer_Firewall" address 192.168.150.1 mask 255.255.255.0 vlan 150 ifindex 7 ! IPv6: ! IPSec: ! IPMS: ! AAA: aaa authentication console "local" aaa authentication ftp "local" aaa authentication http "local" aaa authentication snmp "local" aaa authentication ssh "local" user password-size min 6 ! NTP: ntp server 192.168.2.253 ntp client admin-state enable ! QOS: policy condition from_voip source vlan 103 policy action set_dscp dscp 46 policy rule prio_voip condition from_voip action set_dscp qos apply ! Policy Manager: ! VLAN Stacking: ! ERP: ! MVRP: ! LLDP: lldp nearest-bridge port 1/1/1-20 tlv management system-capabilities enable lldp nearest-bridge port 1/1/1-20 tlv management system-description enable lldp nearest-bridge port 1/1/1-20 tlv management system-name enable lldp nearest-bridge port 1/1/1-20 tlv management port-description enable lldp non-tpmr port 1/1/1-20 tlv management system-capabilities enable lldp non-tpmr port 1/1/1-20 tlv management system-description enable lldp non-tpmr port 1/1/1-20 tlv management system-name enable lldp non-tpmr port 1/1/1-20 tlv management port-description enable lldp nearest-customer port 1/1/1-20 tlv management system-capabilities enable lldp nearest-customer port 1/1/1-20 tlv management system-description enable lldp nearest-customer port 1/1/1-20 tlv management system-name enable lldp nearest-customer port 1/1/1-20 tlv management port-description enable lldp nearest-bridge port 1/1/1-20 tlv management management-address enable lldp non-tpmr port 1/1/1-20 tlv management management-address enable lldp nearest-customer port 1/1/1-20 tlv management management-address enable ! UDLD: ! Server Load Balance: ! High Availability Vlan: ! Session Manager: session cli timeout 30 session http timeout 30 session prompt default "CORE01 ->" command-log enable ! Web: ! Trap Manager: snmp station 192.168.2.203 162 "snmpv3" v3 enable ! Health Monitor: ! System Service: swlog output socket 192.168.2.203 system timezone CET ! SNMP: snmp security authentication set snmp community-map mode enable snmp community-map "public" user "snmp" enable ! BFD: ! IP Route Manager: ip static-route 0.0.0.0/0 gateway 192.168.150.253 metric 1 ! VRRP: ! UDP Relay: ! RIP: ! OSPF: ! ISIS: ! IP Multicast: ! DVMRP: ! IPMR: ! RIPng: ! OSPF3: ! BGP: ! Netsec: ! Module: ! RDP: ! DA-UNP: ! DHL: ! Ethernet-OAM: ! SAA: ! SPB-ISIS: ! SVCMGR: ! LDP: ! EVB:
MC-LAG Knoten 2 (CORE02)
- CORE02.cfg
!========================================! ! File: /flash/working/boot.cfg ! !========================================! ! Chassis: system name MC-Lag2 system contact myContact system location "1. DC" mac-retention admin-state enable mac-retention dup-mac-trap admin-state enable mac-retention timer 30 ! Configuration: ! Capability Manager: ! Multi-Chassis: multi-chassis chassis-id 2 multi-chassis vf-link create multi-chassis vf-link member-port 1/1 multi-chassis vf-link member-port 1/20 multi-chassis chassis-group 9 ! Virtual Chassis Manager: ! Virtual Flow Control: ! Interface: ! Link Aggregate: linkagg range local 48-95 peer 0-47 multi-chassis 96-127 linkagg lacp agg 96 size 2 admin-state enable multi-chassis active linkagg lacp agg 96 name "RACK01" linkagg lacp agg 96 actor system-id 00:00:00:00:00:96 linkagg lacp agg 96 actor admin-key 96 linkagg lacp agg 97 size 2 admin-state enable multi-chassis active linkagg lacp agg 97 name "RACK02" linkagg lacp agg 97 actor system-id 00:00:00:00:00:97 linkagg lacp agg 97 actor admin-key 97 linkagg lacp agg 98 size 2 admin-state enable multi-chassis active linkagg lacp agg 98 name "RACK03" linkagg lacp agg 98 actor system-id 00:00:00:00:00:98 linkagg lacp agg 98 actor admin-key 98 linkagg lacp agg 99 size 2 admin-state enable multi-chassis active linkagg lacp agg 99 name "RACK04" linkagg lacp agg 99 actor system-id 00:00:00:00:00:99 linkagg lacp agg 99 actor admin-key 99 linkagg lacp agg 100 size 2 admin-state enable multi-chassis active linkagg lacp agg 100 name "SW01" linkagg lacp agg 100 actor system-id 00:00:00:00:01:00 linkagg lacp agg 100 actor admin-key 100 linkagg lacp agg 101 size 2 admin-state enable multi-chassis active linkagg lacp agg 101 name "SW02" linkagg lacp agg 101 actor system-id 00:00:00:00:01:01 linkagg lacp agg 101 actor admin-key 101 linkagg lacp agg 102 size 2 admin-state enable multi-chassis active linkagg lacp agg 102 name "SW03" linkagg lacp agg 102 actor system-id 00:00:00:00:01:02 linkagg lacp agg 102 actor admin-key 102 linkagg lacp agg 103 size 2 admin-state enable multi-chassis active linkagg lacp agg 103 name "SW04" linkagg lacp agg 103 actor system-id 00:00:00:00:01:03 linkagg lacp agg 103 actor admin-key 103 linkagg lacp agg 104 size 2 admin-state enable multi-chassis active linkagg lacp agg 104 name "SW05" linkagg lacp agg 104 actor system-id 00:00:00:00:01:04 linkagg lacp agg 104 actor admin-key 104 linkagg lacp agg 105 size 2 admin-state enable multi-chassis active linkagg lacp agg 105 name "SW06" linkagg lacp agg 105 actor system-id 00:00:00:00:01:05 linkagg lacp agg 105 actor admin-key 105 linkagg lacp agg 106 size 2 admin-state enable multi-chassis active linkagg lacp agg 106 name "SW07" linkagg lacp agg 106 actor system-id 00:00:00:00:01:06 linkagg lacp agg 106 actor admin-key 106 linkagg lacp port 1/2 actor admin-key 96 linkagg lacp port 1/2 actor system-id 00:00:00:00:00:96 linkagg lacp port 1/3 actor admin-key 97 linkagg lacp port 1/3 actor system-id 00:00:00:00:00:97 linkagg lacp port 1/4 actor admin-key 98 linkagg lacp port 1/4 actor system-id 00:00:00:00:00:98 linkagg lacp port 1/5 actor admin-key 99 linkagg lacp port 1/5 actor system-id 00:00:00:00:00:99 linkagg lacp port 1/6 actor admin-key 100 linkagg lacp port 1/6 actor system-id 00:00:00:00:01:00 linkagg lacp port 1/7 actor admin-key 101 linkagg lacp port 1/7 actor system-id 00:00:00:00:01:01 linkagg lacp port 1/8 actor admin-key 102 linkagg lacp port 1/8 actor system-id 00:00:00:00:01:02 linkagg lacp port 1/9 actor admin-key 103 linkagg lacp port 1/9 actor system-id 00:00:00:00:01:03 linkagg lacp port 1/10 actor admin-key 104 linkagg lacp port 1/10 actor system-id 00:00:00:00:01:04 linkagg lacp port 1/11 actor admin-key 105 linkagg lacp port 1/11 actor system-id 00:00:00:00:01:05 linkagg lacp port 1/12 actor admin-key 106 linkagg lacp port 1/12 actor system-id 00:00:00:00:01:06 ! VLAN: vlan 1 admin-state enable vlan 1 name "Mgmt" multi-chassis vip-vlan 100 admin-state enable multi-chassis vip-vlan 100 name "Server" vlan 102-104 admin-state enable vlan 102 name "Guest" vlan 103 name "VoIP" vlan 104 name "Build" vlan 106 admin-state enable vlan 106 name "Dev" multi-chassis vip-vlan 110-113 admin-state enable multi-chassis vip-vlan 110 name "Client1" multi-chassis vip-vlan 111 name "Client2" multi-chassis vip-vlan 112 name "Client3" multi-chassis vip-vlan 113 name "Client4" multi-chassis vip-vlan 150 admin-state enable multi-chassis vip-vlan 150 name "VIP VLAN" vlan 100 members linkagg 96-99 tagged vlan 102 members linkagg 100-106 tagged vlan 103 members linkagg 96-106 tagged vlan 104 members linkagg 96-106 tagged vlan 106 members linkagg 96-106 tagged vlan 110 members linkagg 100-101 tagged vlan 111 members linkagg 102-103 tagged vlan 112 members linkagg 104-105 tagged vlan 113 members linkagg 106 tagged vlan 150 members linkagg 96-99 tagged ! Spanning Tree: spantree vlan 1 admin-state enable spantree vlan 100 admin-state enable spantree vlan 102 admin-state enable spantree vlan 103 admin-state enable spantree vlan 104 admin-state enable spantree vlan 106 admin-state enable spantree vlan 110 admin-state enable spantree vlan 111 admin-state enable spantree vlan 112 admin-state enable spantree vlan 113 admin-state enable spantree vlan 150 admin-state enable ! Bridging: ! Port Mirroring: ! Port Mapping: ! IP: ip service port 21 admin-state enable ip service port 22 admin-state enable ip service port 23 admin-state enable ip service port 80 admin-state enable ip service port 123 admin-state enable ip service port 443 admin-state enable ip interface "Mgmt" address 192.168.130.198 mask 255.255.255.0 vlan 1 no forward ifindex 1 ip interface "Client1" address 10.2.140.198 mask 255.255.255.0 vip-address 10.2.140.1 vlan 110 ifindex 2 ip interface "Client2" address 10.2.141.198 mask 255.255.255.0 vip-address 10.2.141.1 vlan 111 ifindex 3 ip interface "Client3" address 10.2.142.198 mask 255.255.255.0 vip-address 10.2.142.1 vlan 112 ifindex 4 ip interface "Client4" address 10.2.143.198 mask 255.255.255.0 vip-address 10.2.143.1 vlan 113 ifindex 5 ip interface "Server" address 10.2.128.198 mask 255.255.255.0 vip-address 10.2.128.1 vlan 100 ifindex 6 ip interface "Transfer_Firewall" address 192.168.150.198 mask 255.255.255.0 vip-address 192.168.150.1 vlan 150 ifindex 7 ! IPv6: ! IPSec: ! IPMS: ! AAA: aaa authentication console "local" aaa authentication ftp "local" aaa authentication http "local" aaa authentication snmp "local" aaa authentication ssh "local" user password-size min 6 ! NTP: ntp server 192.168.2.253 ntp client admin-state enable ! QOS: policy condition from_voip source vlan 103 policy action set_dscp dscp 46 policy rule prio_voip condition from_voip action set_dscp qos apply ! Policy Manager: ! VLAN Stacking: ! ERP: ! MVRP: ! LLDP: lldp nearest-bridge port 1/1-20 tlv management system-capabilities enable lldp nearest-bridge port 1/1-20 tlv management system-description enable lldp nearest-bridge port 1/1-20 tlv management system-name enable lldp nearest-bridge port 1/1-20 tlv management port-description enable lldp non-tpmr port 1/1-20 tlv management system-capabilities enable lldp non-tpmr port 1/1-20 tlv management system-description enable lldp non-tpmr port 1/1-20 tlv management system-name enable lldp non-tpmr port 1/1-20 tlv management port-description enable lldp nearest-customer port 1/1-20 tlv management system-capabilities enable lldp nearest-customer port 1/1-20 tlv management system-description enable lldp nearest-customer port 1/1-20 tlv management system-name enable lldp nearest-customer port 1/1-20 tlv management port-description enable lldp nearest-bridge port 1/1-20 tlv management management-address enable lldp non-tpmr port 1/1-20 tlv management management-address enable lldp nearest-customer port 1/1-20 tlv management management-address enable ! UDLD: ! Server Load Balance: ! High Availability Vlan: ! Session Manager: session cli timeout 30 session http timeout 30 session prompt default "CORE02 ->" command-log enable ! Web: ! Trap Manager: snmp station 192.168.2.203 162 "snmpv3" v3 enable ! Health Monitor: ! System Service: swlog output socket 192.168.2.203 system timezone CET ! SNMP: snmp security authentication set snmp community-map mode enable snmp community-map "public" user "snmp" enable ! BFD: ! IP Route Manager: ip static-route 0.0.0.0/0 gateway 192.168.150.253 metric 1 ! VRRP: ! UDP Relay: ! RIP: ! OSPF: ! ISIS: ! IP Multicast: ! DVMRP: ! IPMR: ! RIPng: ! OSPF3: ! BGP: ! Netsec: ! Module: ! RDP: ! DA-UNP: ! DHL: ! Ethernet-OAM: ! SAA: ! SPB-ISIS: ! SVCMGR: ! LDP: ! EVB:
Modifizierte Konfiguration MC-LAG Knoten 2 (CORE02)
- modifiziert-CORE02.cfg
!========================================! ! File: /flash/working/boot.cfg ! !========================================! ! Chassis: mac-retention admin-state enable mac-retention dup-mac-trap admin-state enable mac-retention timer 30 ! Configuration: ! Capability Manager: ! Multi-Chassis: ! Virtual Chassis Manager: ! Virtual Flow Control: ! Interface: ! Link Aggregate: linkagg lacp agg 96 size 2 admin-state enable linkagg lacp agg 96 name "RACK01" linkagg lacp agg 96 actor admin-key 96 linkagg lacp agg 97 size 2 admin-state enable linkagg lacp agg 97 name "RACK02" linkagg lacp agg 97 actor admin-key 97 linkagg lacp agg 98 size 2 admin-state enable linkagg lacp agg 98 name "RACK03" linkagg lacp agg 98 actor admin-key 98 linkagg lacp agg 99 size 2 admin-state enable linkagg lacp agg 99 name "RACK04" linkagg lacp agg 99 actor admin-key 99 linkagg lacp agg 100 size 2 admin-state enable linkagg lacp agg 100 name "SW01" linkagg lacp agg 100 actor admin-key 100 linkagg lacp agg 101 size 2 admin-state enable linkagg lacp agg 101 name "SW02" linkagg lacp agg 101 actor admin-key 101 linkagg lacp agg 102 size 2 admin-state enable linkagg lacp agg 102 name "SW03" linkagg lacp agg 102 actor admin-key 102 linkagg lacp agg 103 size 2 admin-state enable linkagg lacp agg 103 name "SW04" linkagg lacp agg 103 actor admin-key 103 linkagg lacp agg 104 size 2 admin-state enable linkagg lacp agg 104 name "SW05" linkagg lacp agg 104 actor admin-key 104 linkagg lacp agg 105 size 2 admin-state enable linkagg lacp agg 105 name "SW06" linkagg lacp agg 105 actor admin-key 105 linkagg lacp agg 106 size 2 admin-state enable linkagg lacp agg 106 name "SW07" linkagg lacp agg 106 actor admin-key 106 linkagg lacp port 2/1/2 actor admin-key 96 linkagg lacp port 2/1/3 actor admin-key 97 linkagg lacp port 2/1/4 actor admin-key 98 linkagg lacp port 2/1/5 actor admin-key 99 linkagg lacp port 2/1/6 actor admin-key 100 linkagg lacp port 2/1/7 actor admin-key 101 linkagg lacp port 2/1/8 actor admin-key 102 linkagg lacp port 2/1/9 actor admin-key 103 linkagg lacp port 2/1/10 actor admin-key 104 linkagg lacp port 2/1/11 actor admin-key 105 linkagg lacp port 2/1/12 actor admin-key 106 ! VLAN: vlan 1 admin-state enable vlan 1 name "Mgmt" vlan 100 admin-state enable vlan 100 name "Server" vlan 102-104 admin-state enable vlan 102 name "Guest" vlan 103 name "VoIP" vlan 104 name "Build" vlan 106 admin-state enable vlan 106 name "Dev" vlan 110-113 admin-state enable vlan 110 name "Client1" vlan 111 name "Client2" vlan 112 name "Client3" vlan 113 name "Client4" vlan 150 admin-state enable vlan 150 name "VIP VLAN" vlan 100 members linkagg 96-99 tagged vlan 102 members linkagg 100-106 tagged vlan 103 members linkagg 96-106 tagged vlan 104 members linkagg 96-106 tagged vlan 106 members linkagg 96-106 tagged vlan 110 members linkagg 100-101 tagged vlan 111 members linkagg 102-103 tagged vlan 112 members linkagg 104-105 tagged vlan 113 members linkagg 106 tagged vlan 150 members linkagg 96-99 tagged ! Spanning Tree: spantree vlan 1 admin-state enable spantree vlan 100 admin-state enable spantree vlan 102 admin-state enable spantree vlan 103 admin-state enable spantree vlan 104 admin-state enable spantree vlan 106 admin-state enable spantree vlan 110 admin-state enable spantree vlan 111 admin-state enable spantree vlan 112 admin-state enable spantree vlan 113 admin-state enable spantree vlan 150 admin-state enable ! Bridging: ! Port Mirroring: ! Port Mapping: ! IP: ip service port 21 admin-state enable ip service port 22 admin-state enable ip service port 23 admin-state enable ip service port 80 admin-state enable ip service port 123 admin-state enable ip service port 443 admin-state enable ! IPv6: ! IPSec: ! IPMS: ! AAA: aaa authentication console "local" aaa authentication ftp "local" aaa authentication http "local" aaa authentication snmp "local" aaa authentication ssh "local" user password-size min 6 ! NTP: ntp server 192.168.2.253 ntp client admin-state enable ! QOS: policy condition from_voip source vlan 103 policy action set_dscp dscp 46 policy rule prio_voip condition from_voip action set_dscp qos apply ! Policy Manager: ! VLAN Stacking: ! ERP: ! MVRP: ! LLDP: lldp nearest-bridge port 2/1/1-20 tlv management system-capabilities enable lldp nearest-bridge port 2/1/1-20 tlv management system-description enable lldp nearest-bridge port 2/1/1-20 tlv management system-name enable lldp nearest-bridge port 2/1/1-20 tlv management port-description enable lldp non-tpmr port 2/1/1-20 tlv management system-capabilities enable lldp non-tpmr port 2/1/1-20 tlv management system-description enable lldp non-tpmr port 2/1/1-20 tlv management system-name enable lldp non-tpmr port 2/1/1-20 tlv management port-description enable lldp nearest-customer port 2/1/1-20 tlv management system-capabilities enable lldp nearest-customer port 2/1/1-20 tlv management system-description enable lldp nearest-customer port 2/1/1-20 tlv management system-name enable lldp nearest-customer port 2/1/1-20 tlv management port-description enable lldp nearest-bridge port 2/1/1-20 tlv management management-address enable lldp non-tpmr port 2/1/1-20 tlv management management-address enable lldp nearest-customer port 2/1/1-20 tlv management management-address enable ! UDLD: ! Server Load Balance: ! High Availability Vlan: ! Session Manager: session cli timeout 30 session http timeout 30 command-log enable ! Web: ! Trap Manager: snmp station 192.168.2.203 162 "snmpv3" v3 enable ! Health Monitor: ! System Service: swlog output socket 192.168.2.203 system timezone CET ! SNMP: snmp security authentication set snmp community-map mode enable snmp community-map "public" user "snmp" enable ! BFD: ! IP Route Manager: ip static-route 0.0.0.0/0 gateway 192.168.150.253 metric 1 ! VRRP: ! UDP Relay: ! RIP: ! OSPF: ! ISIS: ! IP Multicast: ! DVMRP: ! IPMR: ! RIPng: ! OSPF3: ! BGP: ! Netsec: ! Module: ! RDP: ! DA-UNP: ! DHL: ! Ethernet-OAM: ! SAA: ! SPB-ISIS: ! SVCMGR: ! LDP: ! EVB:
Finale Zielkonfiguration (VC-CORE01, vcboot.cfg)
- vcboot.cfg
!========================================! ! File: /flash/working/boot.cfg ! !========================================! ! Chassis: system name MC-Lag1 system contact myContact system location "1. DC" mac-retention admin-state enable mac-retention dup-mac-trap admin-state enable mac-retention timer 30 ! Configuration: ! Capability Manager: ! Multi-Chassis: ! Virtual Chassis Manager: ! Virtual Flow Control: ! Interface: ! Link Aggregate: linkagg lacp agg 96 size 2 admin-state enable linkagg lacp agg 96 name "RACK01" linkagg lacp agg 96 actor admin-key 96 linkagg lacp agg 97 size 2 admin-state enable linkagg lacp agg 97 name "RACK02" linkagg lacp agg 97 actor admin-key 97 linkagg lacp agg 98 size 2 admin-state enable linkagg lacp agg 98 name "RACK03" linkagg lacp agg 98 actor admin-key 98 linkagg lacp agg 99 size 2 admin-state enable linkagg lacp agg 99 name "RACK04" linkagg lacp agg 99 actor admin-key 99 linkagg lacp agg 100 size 2 admin-state enable linkagg lacp agg 100 name "SW01" linkagg lacp agg 100 actor admin-key 100 linkagg lacp agg 101 size 2 admin-state enable linkagg lacp agg 101 name "SW02" linkagg lacp agg 101 actor admin-key 101 linkagg lacp agg 102 size 2 admin-state enable linkagg lacp agg 102 name "SW03" linkagg lacp agg 102 actor admin-key 102 linkagg lacp agg 103 size 2 admin-state enable linkagg lacp agg 103 name "SW04" linkagg lacp agg 103 actor admin-key 103 linkagg lacp agg 104 size 2 admin-state enable linkagg lacp agg 104 name "SW05" linkagg lacp agg 104 actor admin-key 104 linkagg lacp agg 105 size 2 admin-state enable linkagg lacp agg 105 name "SW06" linkagg lacp agg 105 actor admin-key 105 linkagg lacp agg 106 size 2 admin-state enable linkagg lacp agg 106 name "SW07" linkagg lacp agg 106 actor admin-key 106 linkagg lacp port 1/1/2 actor admin-key 96 linkagg lacp port 1/1/3 actor admin-key 97 linkagg lacp port 1/1/4 actor admin-key 98 linkagg lacp port 1/1/5 actor admin-key 99 linkagg lacp port 1/1/6 actor admin-key 100 linkagg lacp port 1/1/7 actor admin-key 101 linkagg lacp port 1/1/8 actor admin-key 102 linkagg lacp port 1/1/9 actor admin-key 103 linkagg lacp port 1/1/10 actor admin-key 104 linkagg lacp port 1/1/11 actor admin-key 105 linkagg lacp port 1/1/12 actor admin-key 106 linkagg lacp port 2/1/2 actor admin-key 96 linkagg lacp port 2/1/3 actor admin-key 97 linkagg lacp port 2/1/4 actor admin-key 98 linkagg lacp port 2/1/5 actor admin-key 99 linkagg lacp port 2/1/6 actor admin-key 100 linkagg lacp port 2/1/7 actor admin-key 101 linkagg lacp port 2/1/8 actor admin-key 102 linkagg lacp port 2/1/9 actor admin-key 103 linkagg lacp port 2/1/10 actor admin-key 104 linkagg lacp port 2/1/11 actor admin-key 105 linkagg lacp port 2/1/12 actor admin-key 106 ! VLAN: vlan 1 admin-state enable vlan 1 name "Mgmt" vlan 100 admin-state enable vlan 100 name "Server" vlan 102-104 admin-state enable vlan 102 name "Guest" vlan 103 name "VoIP" vlan 104 name "Build" vlan 106 admin-state enable vlan 106 name "Dev" vlan 110-113 admin-state enable vlan 110 name "Client1" vlan 111 name "Client2" vlan 112 name "Client3" vlan 113 name "Client4" vlan 150 admin-state enable vlan 150 name "VIP VLAN" vlan 100 members linkagg 96-99 tagged vlan 102 members linkagg 100-106 tagged vlan 103 members linkagg 96-106 tagged vlan 104 members linkagg 96-106 tagged vlan 106 members linkagg 96-106 tagged vlan 110 members linkagg 100-101 tagged vlan 111 members linkagg 102-103 tagged vlan 112 members linkagg 104-105 tagged vlan 113 members linkagg 106 tagged vlan 150 members linkagg 96-99 tagged ! Spanning Tree: spantree vlan 1 admin-state enable spantree vlan 100 admin-state enable spantree vlan 102 admin-state enable spantree vlan 103 admin-state enable spantree vlan 104 admin-state enable spantree vlan 106 admin-state enable spantree vlan 110 admin-state enable spantree vlan 111 admin-state enable spantree vlan 112 admin-state enable spantree vlan 113 admin-state enable spantree vlan 150 admin-state enable ! Bridging: ! Port Mirroring: ! Port Mapping: ! IP: ip service port 21 admin-state enable ip service port 22 admin-state enable ip service port 23 admin-state enable ip service port 80 admin-state enable ip service port 123 admin-state enable ip service port 443 admin-state enable ip interface "Mgmt" address 192.168.130.197 mask 255.255.255.0 vlan 1 no forward ifindex 1 ip interface "Client1" address 10.2.140.1 mask 255.255.255.0 vlan 110 ifindex 2 ip interface "Client2" address 10.2.141.1 mask 255.255.255.0 vlan 111 ifindex 3 ip interface "Client3" address 10.2.142.1 mask 255.255.255.0 vlan 112 ifindex 4 ip interface "Client4" address 10.2.143.1 mask 255.255.255.0 vlan 113 ifindex 5 ip interface "Server" address 10.2.128.1 mask 255.255.255.0 vlan 100 ifindex 6 ip interface "Transfer_Firewall" address 192.168.150.1 mask 255.255.255.0 vlan 150 ifindex 7 ! IPv6: ! IPSec: ! IPMS: ! AAA: aaa authentication console "local" aaa authentication ftp "local" aaa authentication http "local" aaa authentication snmp "local" aaa authentication ssh "local" user password-size min 6 ! NTP: ntp server 192.168.2.253 ntp client admin-state enable ! QOS: policy condition from_voip source vlan 103 policy action set_dscp dscp 46 policy rule prio_voip condition from_voip action set_dscp qos apply ! Policy Manager: ! VLAN Stacking: ! ERP: ! MVRP: ! LLDP: lldp nearest-bridge port 1/1/1-20 tlv management system-capabilities enable lldp nearest-bridge port 1/1/1-20 tlv management system-description enable lldp nearest-bridge port 1/1/1-20 tlv management system-name enable lldp nearest-bridge port 1/1/1-20 tlv management port-description enable lldp non-tpmr port 1/1/1-20 tlv management system-capabilities enable lldp non-tpmr port 1/1/1-20 tlv management system-description enable lldp non-tpmr port 1/1/1-20 tlv management system-name enable lldp non-tpmr port 1/1/1-20 tlv management port-description enable lldp nearest-customer port 1/1/1-20 tlv management system-capabilities enable lldp nearest-customer port 1/1/1-20 tlv management system-description enable lldp nearest-customer port 1/1/1-20 tlv management system-name enable lldp nearest-customer port 1/1/1-20 tlv management port-description enable lldp nearest-bridge port 1/1/1-20 tlv management management-address enable lldp non-tpmr port 1/1/1-20 tlv management management-address enable lldp nearest-customer port 1/1/1-20 tlv management management-address enable lldp nearest-bridge port 2/1/1-20 tlv management system-capabilities enable lldp nearest-bridge port 2/1/1-20 tlv management system-description enable lldp nearest-bridge port 2/1/1-20 tlv management system-name enable lldp nearest-bridge port 2/1/1-20 tlv management port-description enable lldp non-tpmr port 2/1/1-20 tlv management system-capabilities enable lldp non-tpmr port 2/1/1-20 tlv management system-description enable lldp non-tpmr port 2/1/1-20 tlv management system-name enable lldp non-tpmr port 2/1/1-20 tlv management port-description enable lldp nearest-customer port 2/1/1-20 tlv management system-capabilities enable lldp nearest-customer port 2/1/1-20 tlv management system-description enable lldp nearest-customer port 2/1/1-20 tlv management system-name enable lldp nearest-customer port 2/1/1-20 tlv management port-description enable lldp nearest-bridge port 2/1/1-20 tlv management management-address enable lldp non-tpmr port 2/1/1-20 tlv management management-address enable lldp nearest-customer port 2/1/1-20 tlv management management-address enable ! UDLD: ! Server Load Balance: ! High Availability Vlan: ! Session Manager: session cli timeout 30 session http timeout 30 session prompt default "CORE01 ->" command-log enable ! Web: ! Trap Manager: snmp station 192.168.2.203 162 "snmpv3" v3 enable ! Health Monitor: ! System Service: swlog output socket 192.168.2.203 system timezone CET ! SNMP: snmp security authentication set snmp community-map mode enable snmp community-map "public" user "snmp" enable ! BFD: ! IP Route Manager: ip static-route 0.0.0.0/0 gateway 192.168.150.253 metric 1 ! VRRP: ! UDP Relay: ! RIP: ! OSPF: ! ISIS: ! IP Multicast: ! DVMRP: ! IPMR: ! RIPng: ! OSPF3: ! BGP: ! Netsec: ! Module: ! RDP: ! DA-UNP: ! DHL: ! Ethernet-OAM: ! SAA: ! SPB-ISIS: ! SVCMGR: ! LDP: ! EVB:
Durchführung der MC-LAG zu Virtual-Chassis Migration
Vorbereiten von CORE01
Anlegen eines Verzeichnisses für Virtual-Chassis Betrieb und Erstellung vcsetup.cfg:
CORE01 -> mkdir vc-config CORE01 -> cd vc-config CORE01 -> vi vcsetup.cfg (Datei editieren, nach folgendem Beispiel)
Dieses Beispiel folgt den bisherigen Einstellungen der VFL-Ports von MC-LAG, was in den meisten Fällen sinnvoll ist.
- vcsetup.cfg
!========================================! ! File: /flash/vc-config/vcsetup.cfg ! !========================================! ! Virtual Chassis Manager: virtual-chassis chassis-id 1 configured-chassis-id 1 virtual-chassis chassis-id 1 vf-link 0 create virtual-chassis chassis-id 1 vf-link 0 member-port 1/1/1 virtual-chassis chassis-id 1 vf-link 0 member-port 1/1/20 virtual-chassis chassis-id 1 chassis-group 9 ! IP: ip interface local chassis-id 1 emp address 192.168.1.1 mask 255.255.255.0
Wir empfehlen dringend den EMP-Port bzw. das Out-of-Band Management zu konfigurieren, dies ist für die Remote-Chassis-Split-Detection zur Vermeidung einer sogenannten „Split-Brain“-Situation notwendig!
Hochladen/Kopieren des AOS-Betriebssystems:
Laden Sie die vcboot.cfg per FTP in das Verzeichnis vc-config hoch!
CORE01 -> CORE01 -> ls vcboot.cfg vcsetup.cfg CORE01 -> cp ../732-344-GA/Tos.img . CORE01 -> ls -l -rw-r--r-- 1 admin user 126642216 Aug 16 09:51 Tos.img -rw------- 1 admin user 8279 Aug 16 09:50 vcboot.cfg -rw-r--r-- 1 admin user 497 Aug 16 09:49 vcsetup.cfg CORE01 ->
Vorbereiten von CORE02
Anlegen eines Verzeichnisses für Virtual-Chassis Betrieb und Erstellung vcsetup.cfg:
CORE02 -> mkdir vc-config CORE02 -> cd vc-config CORE02 -> vi vcsetup.cfg (Datei editieren, nach folgendem Beispiel)
Dieses Beispiel folgt den bisherigen Einstellungen der VFL-Ports von MC-LAG, was in den meisten Fällen sinnvoll ist.
- vcsetup.cfg
!========================================! ! File: /flash/vc-config/vcsetup.cfg ! !========================================! ! Virtual Chassis Manager: virtual-chassis chassis-id 2 configured-chassis-id 2 virtual-chassis chassis-id 2 vf-link 0 create virtual-chassis chassis-id 2 vf-link 0 member-port 2/1/1 virtual-chassis chassis-id 2 vf-link 0 member-port 2/1/20 virtual-chassis chassis-id 2 chassis-group 9 ! IP: ip interface local chassis-id 2 emp address 192.168.1.2 mask 255.255.255.0
Wir empfehlen dringend den EMP-Port bzw. das Out-of-Band Management zu konfigurieren, dies ist für die Remote-Chassis-Split-Detection zur Vermeidung einer sogenannten „Split-Brain“-Situation notwendig!
Hochladen/Kopieren des AOS-Betriebssystems:
Laden Sie die vcboot.cfg per FTP in das Verzeichnis vc-config hoch!
CORE02 -> CORE02 -> ls vcboot.cfg vcsetup.cfg CORE02 -> cp ../732-344-GA/Tos.img . CORE02 -> ls -l -rw-r--r-- 1 admin user 126642216 Aug 16 09:51 Tos.img -rw------- 1 admin user 8279 Aug 16 09:50 vcboot.cfg -rw-r--r-- 1 admin user 497 Aug 16 09:49 vcsetup.cfg CORE02 ->
Neustart der beiden Geräte
Auf CORE01:
CORE01 -> reload from vc-config no rollback-timeout
Auf CORE02:
CORE02 -> reload from vc-config no rollback-timeout
Relevante Meldungen auf der Konsole
Wichtig ist Chassis Supervision: CMM has reached the ready state [L8], in diesem Moment ist das Virtual-Chassis in Betrieb und beginnt damit Datenverkehr zu verarbeiten.
Fri Aug 16 10:03:44 : vcmCmm chas_sup info message: +++ CMM:vcmCMM_cs_handle_chassis_ready@3602: Chassis 1 ready (data 0) [L1] Fri Aug 16 10:04:05 : vcmCmm port_mgr info message: +++ CMM:vcmCMM_client_rx_pm@1551: VFL link 1/0 up (pri 1/1/1:0x0) [L2] Fri Aug 16 10:04:05 : vcmCmm protocol info message: +++ CMM:vcmCMN_protocol_ready_update_cb@13348: Chassis 1, role Master, status Running, master 1 [L3] Fri Aug 16 10:04:05 : vcmCmm ipc info message: +++ CMM:vcmCMM_peer_connected@1792: Remote endpoint (chassis 2, slot 65) [L4] Fri Aug 16 10:04:08 : vcmCmm node_sync info message: +++ CMM:notify_sync_complete@757: Sync complete 'multi node' (peers 1, conn 1, sync 1) [L5] Fri Aug 16 10:04:08 : ChassisSupervisor bootMgr info message: +++ Sending VC Takeover to NIs and applications [L6] Fri Aug 16 10:04:08 : isis_spb_0 TASK info message: +++ VC Takeover: chassis_id:1 Fri Aug 16 10:04:08 : ipv4 itf info message: +++ Interface EMP-CHAS1 192.168.1.1/255.255.255.0 Fri Aug 16 10:04:08 : SNMP aluSubagent_thread info message: +++ snmp_vc_takeover_callback | VC Takeover complete Fri Aug 16 10:04:10 : qosNi Info info message: +++ VC Takeover in progress. +++ VC Takeover complete. Fri Aug 16 10:04:10 : ChassisSupervisor bootMgr info message: +++ Received VC Takeover Complete event from all apps [L7] Chassis Supervision: CMM has reached the ready state [L8] Chassis Supervision: CMM has reached the ready state [L8] Fri Aug 16 10:04:12 : ChassisSupervisor reloadMgr info message: +++ Redundancy time expired - updating next running to vc-config
Diese Zeit ist seit dem Neustart der Geräte bis zur „ready state“-Meldung vergangen:
Überprüfung der Virtual-Chassis Topologie
CORE01 -> show virtual-chassis topology
Local Chassis: 1
Config
Chas Role Status Chas ID Pri Group MAC-Address
-----+------------+-------------------+--------+-----+------+------------------
1 Master Running 1 100 9 e8:e7:32:11:ca:ed
2 Slave Running 2 100 9 e8:e7:32:11:ca:d1
Abschluss der Migration
Nachdem wir festgestellt haben dass alles wie gewünscht funktioniert, sollte die laufende Konfiguration gespeichert und zertifiziert werden.
CORE01 -> write memory flash-synchro
mc-lag_zu_virtual-chassis_migration.txt · Zuletzt geändert: 2024/06/09 10:29 von 127.0.0.1