37-CFD典型配置举例
本章节下载: 37-CFD典型配置举例 (283.23 KB)
目 录
本文档介绍通过在网络中使用CFD功能,可以实现在二层网络中检测链路连通性,确认故障并确定故障发生的位置。
本文档中的配置均是在实验室环境下进行的配置和验证,配置前设备的所有参数均采用出厂时的缺省配置。如果您已经对设备进行了配置,为了保证配置效果,请确认现有配置和以下举例中的配置不冲突。
本文档假设您已了解CFD特性。
某公司网络如图1所示,设备Device B、Device C位于中央机房,设备Device A、Device D、Device E分布在其它区域。VLAN 20内的用户(研发部)分别通过Device A和Device D接入公司网络,VLAN 30内的用户(市场部)分别通过Device A和Device E接入公司网络。
现要求在该网络中配置CFD功能,实现当某条链路发生故障,CFD功能能够确认故障并对故障进行定位。
· 为了较好的规划CFD功能所作用的区域,可以根据设备所在的位置来划分MD(便于故障定位)。根据各MD的范围来确定MD的级别,确保低级别MD嵌套于高级别MD中。本案例将公司整个网络划分为MD_A(level 5),将中央机房的网络划分为MD_B(level 3)。
· 为了较好的规划CFD功能所作用的区域,可以根据业务流量所属的VLAN来划分MA。本案例中将MD_A的VLAN 20划分为MA_A_1,MD_A的VLAN 30划分为MA_A_2;将MD_B的VLAN 20划分为MA_B_1,MD_B的VLAN 30划分为MA_B_2。
· 为了实现CFD能够检测网络的链路连通性的功能,需要在位于MA边界的接口上配置MEP,并根据该接口对CFD协议报文的发送情况确定MEP的类型。
¡ 例如,MA_B_1所对应的VLAN为VLAN 20,位于MA_B_1允许VLAN 20通过的接口有Device B的接口GE1/0/1和GE1/0/2、Device C的接口GE1/0/1和GE1/0/2、Device D的接口GE1/0/1。可以看出MA_B_1的边界的接口分别为Device B的接口GE1/0/1和Device D的接口GE1/0/1,因此我们需要在这两个接口上配置MEP;
¡ 由于Device B的接口GE1/0/1发送的CFD协议报文需要从本设备其他接口转发出去,因此该接口需配置为内向MEP;而Device D的GE1/0/1发送的CFD协议报文直接从该接口发送出去,该接口需配置为外向MEP。
· 由于Device C为MD_B的中间设备,为了准确定位Device B和Device D之间链路故障,需要在Device C上配置MIP,并选择合适的MIP生成规则。本例中,将Device C作为MIP,创建规则为default规则。
· 为了检测各MA内的MEP之间的连通状态,需要开启连续性检测功能。
· 当CFD的连续性检测功能检测到链路故障时,可以使用环回功能进行故障确认,并在获取到整个组网的状态后,使用链路跟踪功能进行路径查找或故障定位。
综合以上配置思路,配置CFD功能示意图如图2所示。
图2 CFD功能示意图
表1 适用产品及版本
产品 |
软件版本 |
S5560X-EI系列 |
Release 63xx系列 |
S5560X-HI系列 |
Release 63xx系列 |
S5500V2-EI系列 |
Release 63xx系列 |
MS4520V2-30F |
Release 63xx系列 |
S6520X-HI系列 S6520X-EI系列 |
Release 63xx系列 |
S6520X-SI系列 S6520-SI系列 |
Release 63xx系列 |
S5000-EI系列 |
Release 63xx系列 |
MS4600系列 |
Release 63xx系列 |
S5560S-EI系列 S5560S-SI系列 |
Release 63xx系列 |
S5130S-HI系列 S5130S-EI系列 S5130S-SI系列 S5130S-LI系列 |
Release 63xx系列 |
S5120V2-SI系列 S5120V2-LI系列 |
Release 63xx系列 |
S3100V3-EI系列 S3100V3-SI系列 |
Release 63xx系列 |
S5110V2系列 |
Release 63xx系列 |
S5110V2-SI系列 |
Release 63xx系列 |
S5000V3-EI系列 |
Release 63xx系列 |
S5000E-X系列 |
Release 63xx系列 |
E128C E152C E500C系列 E500D系列 |
Release 63xx系列 |
MS4520V2系列(除MS4520V2-30F) |
Release 63xx系列 |
MS4320V2系列 MS4300V2系列 MS4320系列 MS4200系列 |
Release 63xx系列 |
WS5850-WiNet系列 |
Release 63xx系列 |
WS5820-WiNet系列 WS5810-WiNet系列 |
Release 63xx系列 |
WAS6000系列 |
Release 63xx系列 |
· 在创建MEP时,该MEP的ID必须已包含在对应服务实例的MEP列表中,否则不能创建成功。
· 一个MD内可以有多个MA,但一个MA只能与一个检测VLAN进行关联。
· 同一MA中所有MEP发送的CCM报文中时间间隔域的值必须相同。本案例中不对MEP发送的CCM报文中时间间隔域进行修改,即均采用缺省配置。
# 在Device A上开启CFD功能。
<DeviceA> system-view
[DeviceA] cfd enable
Device B~Device E的配置与Device A相同,配置过程略。
[DeviceA] vlan 20
[DeviceA-vlan20] quit
[DeviceA] vlan 30
[DeviceA-vlan30] quit
[DeviceA] interface gigabitethernet 1/0/1
[DeviceA-GigabitEthernet1/0/1] port access vlan 20
[DeviceA-GigabitEthernet1/0/1] quit
[DeviceA] interface gigabitethernet 1/0/2
[DeviceA-GigabitEthernet1/0/2] port access vlan 30
[DeviceA-GigabitEthernet1/0/2] quit
[DeviceA] interface gigabitethernet 1/0/3
[DeviceA-GigabitEthernet1/0/3] port link-type trunk
[DeviceA-GigabitEthernet1/0/3] port trunk permit vlan 20 30
[DeviceA-GigabitEthernet1/0/3] quit
[DeviceB] vlan 20
[DeviceB-vlan20] quit
[DeviceB] vlan 30
[DeviceB-vlan30] quit
[DeviceB] interface gigabitethernet 1/0/1
[DeviceB-GigabitEthernet1/0/1] port link-type trunk
[DeviceB-GigabitEthernet1/0/1] port trunk permit vlan 20 30
[DeviceB-GigabitEthernet1/0/1] quit
[DeviceB] interface gigabitethernet 1/0/2
[DeviceB-GigabitEthernet1/0/2] port link-type trunk
[DeviceB-GigabitEthernet1/0/2] port trunk permit vlan 20
[DeviceB-GigabitEthernet1/0/2] quit
[DeviceB] interface gigabitethernet 1/0/3
[DeviceB-GigabitEthernet1/0/3] port link-type trunk
[DeviceB-GigabitEthernet1/0/3] port trunk permit vlan 30
[DeviceB-GigabitEthernet1/0/3] quit
[DeviceC] vlan 20
[DeviceC-vlan20] quit
[DeviceC] interface gigabitethernet 1/0/1
[DeviceC-GigabitEthernet1/0/1] port link-type trunk
[DeviceC-GigabitEthernet1/0/1] port trunk permit vlan 20
[DeviceC-GigabitEthernet1/0/1] quit
[DeviceC] interface gigabitethernet 1/0/2
[DeviceC-GigabitEthernet1/0/2] port link-type trunk
[DeviceC-GigabitEthernet1/0/2] port trunk permit vlan 20
[DeviceC-GigabitEthernet1/0/2] quit
[DeviceD] vlan 20
[DeviceD-vlan20] quit
[DeviceD] interface gigabitethernet 1/0/1
[DeviceD-GigabitEthernet1/0/1] port link-type trunk
[DeviceD-GigabitEthernet1/0/1] port trunk permit vlan 20
[DeviceD-GigabitEthernet1/0/1] quit
[DeviceD] interface gigabitethernet 1/0/2
[DeviceD-GigabitEthernet1/0/2] port access vlan 20
[DeviceD-GigabitEthernet1/0/2] quit
[DeviceE] vlan 30
[DeviceE-vlan30] quit
[DeviceE] interface gigabitethernet 1/0/1
[DeviceE-GigabitEthernet1/0/1] port access vlan 30
[DeviceE-GigabitEthernet1/0/1] quit
[DeviceE] interface gigabitethernet 1/0/2
[DeviceE-GigabitEthernet1/0/2] port link-type trunk
[DeviceE-GigabitEthernet1/0/2] port trunk permit vlan 30
[DeviceE-GigabitEthernet1/0/2] quit
根据CFD功能示意图中每台设备上的接点所属的MD中的MA,共需要完成表2配置。
设备 |
MD |
MD级别 |
MA |
VLAN |
服务实例 |
Device A |
MD_A |
5 |
MA_A_1 |
20 |
1 |
MA_A_2 |
30 |
2 |
|||
Device B |
MD_B |
3 |
MA_B_1 |
20 |
3 |
MA_B_2 |
30 |
4 |
|||
Device C |
MD_B |
3 |
MA_B_1 |
20 |
3 |
Device D |
MD_A |
5 |
MA_A_1 |
20 |
1 |
MD_B |
3 |
MA_B_1 |
20 |
3 |
|
Device E |
MD_A |
5 |
MA_A_2 |
30 |
2 |
MD_B |
3 |
MA_B_2 |
30 |
4 |
# 在Device A上创建级别为5的MD,MD名称为MD_A。
[DeviceA] cfd md MD_A level 5
# 创建服务实例1,该服务实例的MA名称为MA_A_1,且服务于VLAN 20。
[DeviceA] cfd service-instance 1 ma-id string MA_A_1 md MD_A vlan 20
# 创建服务实例2,该服务实例的MA名称为MA_A_2,且服务于VLAN 30。
[DeviceA] cfd service-instance 2 ma-id string MA_A_2 md MD_A vlan 30
Device B~Device E的配置与Device A相似。
[DeviceB] cfd md MD_B level 3
[DeviceB] cfd service-instance 3 ma-id string MA_B_1 md MD_B vlan 20
[DeviceB] cfd service-instance 4 ma-id string MA_B_2 md MD_B vlan 30
[DeviceC] cfd md MD_B level 3
[DeviceC] cfd service-instance 3 ma-id string MA_B_1 md MD_B vlan 20
[DeviceD] cfd md MD_A level 5
[DeviceD] cfd service-instance 1 ma-id string MA_A_1 md MD_A vlan 20
[DeviceD] cfd md MD_B level 3
[DeviceD] cfd service-instance 3 ma-id string MA_B_1 md MD_B vlan 20
[DeviceE] cfd md MD_A level 5
[DeviceE] cfd service-instance 2 ma-id string MA_A_2 md MD_A vlan 30
[DeviceE] cfd md MD_B level 3
[DeviceE] cfd service-instance 4 ma-id string MA_B_2 md MD_B vlan 30
MEP ID分配如表3所示。
表3 MEP ID分配表
服务实例 |
设备 |
接口 |
MEP ID |
MEP类型 |
1 |
DeviceA |
GigabitEthernet1/0/1 |
1001 |
内向MEP |
DeviceD |
GigabitEthernet1/0/2 |
1002 |
内向MEP |
|
2 |
DeviceA |
GigabitEthernet1/0/2 |
2001 |
内向MEP |
DeviceE |
GigabitEthernet1/0/1 |
2002 |
内向MEP |
|
3 |
DeviceB |
GigabitEthernet1/0/1 |
3001 |
内向MEP |
DeviceD |
GigabitEthernet1/0/1 |
3002 |
外向MEP |
|
4 |
DeviceB |
GigabitEthernet1/0/1 |
4001 |
内向MEP |
DeviceE |
GigabitEthernet1/0/2 |
4002 |
外向MEP |
# 在Device A的服务实例1和2内分别配置MEP列表。
[DeviceA] cfd meplist 1001 1002 service-instance 1
[DeviceA] cfd meplist 2001 2002 service-instance 2
# 在接口GigabitEthernet1/0/1上创建服务实例1内的内向MEP 1001。
[DeviceA] interface gigabitethernet 1/0/1
[DeviceA-GigabitEthernet1/0/1] cfd mep 1001 service-instance 1 inbound
[DeviceA-GigabitEthernet1/0/1] quit
# 在接口GigabitEthernet1/0/2上创建服务实例2内的内向MEP 2001。
[DeviceA] interface gigabitethernet 1/0/2
[DeviceA-GigabitEthernet1/0/2] cfd mep 2001 service-instance 2 inbound
[DeviceA-GigabitEthernet1/0/2] quit
Device B、Device D和Device E的配置与Device A相似。
[DeviceB] cfd meplist 3001 3002 service-instance 3
[DeviceB] cfd meplist 4001 4002 service-instance 4
[DeviceB] interface gigabitethernet 1/0/1
[DeviceB-GigabitEthernet1/0/1] cfd mep 3001 service-instance 3 inbound
[DeviceB-GigabitEthernet1/0/1] cfd mep 4001 service-instance 4 inbound
[DeviceB-GigabitEthernet1/0/1] quit
[DeviceD] cfd meplist 1001 1002 service-instance 1
[DeviceD] cfd meplist 3001 3002 service-instance 3
[DeviceD] interface gigabitethernet 1/0/2
[DeviceD-GigabitEthernet1/0/2] cfd mep 1002 service-instance 1 inbound
[DeviceD-GigabitEthernet1/0/2] quit
[DeviceD] interface gigabitethernet 1/0/1
[DeviceD-GigabitEthernet1/0/1] cfd mep 3002 service-instance 3 outbound
[DeviceD-GigabitEthernet1/0/1] quit
[DeviceE] cfd meplist 2001 2002 service-instance 2
[DeviceE] cfd meplist 4001 4002 service-instance 4
[DeviceE] interface gigabitethernet 1/0/1
[DeviceE-GigabitEthernet1/0/1] cfd mep 2002 service-instance 2 inbound
[DeviceE-GigabitEthernet1/0/1] quit
[DeviceE] interface gigabitethernet 1/0/2
[DeviceE-GigabitEthernet1/0/2] cfd mep 4002 service-instance 4 outbound
[DeviceE-GigabitEthernet1/0/2] quit
# 在Device C的服务实例3内配置MIP的创建规则为Default规则。
[DeviceC] cfd mip-rule default service-instance 3
# 在接口GigabitEthernet1/0/1上开启服务实例1内MEP 1001的CCM报文发送功能。
[DeviceA] interface gigabitethernet 1/0/1
[DeviceA-GigabitEthernet1/0/1] cfd cc service-instance 1 mep 1001 enable
[DeviceA-GigabitEthernet1/0/1] quit
# 在接口GigabitEthernet1/0/2上开启服务实例2内MEP 2001的CCM报文发送功能。
[DeviceA] interface gigabitethernet 1/0/2
[DeviceA-GigabitEthernet1/0/2] cfd cc service-instance 2 mep 2001 enable
[DeviceA-GigabitEthernet1/0/2] quit
Device B、Device D和Device E的配置与Device A相似。
[DeviceB] interface gigabitethernet 1/0/1
[DeviceB-GigabitEthernet1/0/1] cfd cc service-instance 3 mep 3001 enable
[DeviceB-GigabitEthernet1/0/1] cfd cc service-instance 4 mep 4001 enable
[DeviceB-GigabitEthernet1/0/1] quit
[DeviceD] interface gigabitethernet 1/0/1
[DeviceD-GigabitEthernet1/0/1] cfd cc service-instance 3 mep 3002 enable
[DeviceD-GigabitEthernet1/0/1] quit
[DeviceD] interface gigabitethernet 1/0/2
[DeviceD-GigabitEthernet1/0/2] cfd cc service-instance 1 mep 1002 enable
[DeviceD-GigabitEthernet1/0/2] quit
[DeviceE] interface gigabitethernet 1/0/1
[DeviceE-GigabitEthernet1/0/1] cfd cc service-instance 2 mep 2002 enable
[DeviceE-GigabitEthernet1/0/1] quit
[DeviceE] interface gigabitethernet 1/0/2
[DeviceE-GigabitEthernet1/0/2] cfd cc service-instance 4 mep 4002 enable
[DeviceE-GigabitEthernet1/0/2] quit
假定Device A~Device E的MAC地址依次为0010-FC01-6511、0010-FC02-6512、0010-FC03-6513、0010-FC04-6514和0010-FC05-6515。
(1) 网络链路正常时
# 在Device A上查看服务实例1内MEP 1001的远端MEP的信息。
[DeviceA] display cfd remote-mep service-instance 1 mep 1001
MEP ID MAC address State Time MAC status
1002 0010-fc04-6514 OK 2019/07/26 12:54:52 UP
结果显示远端MEP运行状态正常。
# 在Device A上启用环回功能,检查服务实例1内MEP 1001到MEP 1002的链路状况。
[DeviceA] cfd loopback service-instance 1 mep 1001 target-mep 1002
Loopback to MEP 1002 with the sequence number start from 1001-43404:
Reply from 0010-fc04-6514: sequence number=1001-43404 Time=5ms
Reply from 0010-fc04-6514: sequence number=1001-43405 Time=5ms
Reply from 0010-fc04-6514: sequence number=1001-43406 Time=5ms
Reply from 0010-fc04-6514: sequence number=1001-43407 Time=5ms
Reply from 0010-fc04-6514: sequence number=1001-43408 Time=5ms
Sent: 5 Received: 5 Lost: 0
结果显示服务实例1内的MEP 1001和MEP 1002间的链路无故障。
(2) 网络链路故障时
# 在Device A上查看服务实例1内MEP 1001的远端MEP的信息。
[DeviceA] display cfd remote-mep service-instance 1 mep 1001
MEP ID MAC address State Time MAC status
1002 0010-fc04-6514 FAILED 2019/07/26 13:01:52 DOWN
结果显示远端MEP运行状态不正常。
# 在Device A上启用环回功能,检查服务实例1内MEP 1001到MEP 1002的链路状况。
[DeviceA] cfd loopback service-instance 1 mep 1001 target-mep 1002
Loopback to MEP 1002 with the sequence number start from 1001-43904:
Sent: 5 Received: 0 Lost: 5
结果显示服务实例1内的MEP 1001和MEP 1002间的链路存在故障。
# 先从小区域内排查故障位置,在Device B上开启链路跟踪功能,查找服务实例3内的MEP 3001到MEP 3002的路径。
[DeviceB] cfd linktrace service-instance 3 mep 3001 target-mep 3002
Linktrace to MEP 3002 with the sequence number 3001-43862:
MAC address TTL Last MAC Relay action
0010-fc03-6513 63 0010-fc02-6512 MPDB
结果显示服务实例3内的MEP 3001仅收到MIP反馈的LTR报文,而未收到MEP3002(DeviceD的GE1/0/1)反馈的LTR,从而可以初步判断Device C和Device D之间的链路发生故障。MD_B之外的网络就不用再进行故障检查,减少了故障定位的时间。
部分交换机的配置文件中会显示port link-mode bridge命令,请以实际情况为准。
· Device A:
#
cfd enable
cfd md MD_A index 1 level 5
cfd service-instance 1 ma-id string MA_A_1 ma-index 1 md MD_A vlan 20
cfd meplist 1001 to 1002 service-instance 1
cfd service-instance 2 ma-id string MA_A_2 ma-index 1 md MD_A vlan 30
cfd meplist 2001 to 2002 service-instance 2
#
vlan 20
#
vlan 30
#
interface GigabitEthernet1/0/1
port link-mode bridge
port access vlan 20
cfd mep 1001 service-instance 1 inbound
cfd cc service-instance 1 mep 1001 enable
#
interface GigabitEthernet1/0/2
port link-mode bridge
port access vlan 30
cfd mep 2001 service-instance 2 inbound
cfd cc service-instance 2 mep 2001 enable
#
interface GigabitEthernet1/0/3
port link-mode bridge
port link-type trunk
port trunk permit vlan 20 30
· Device B:
#
cfd enable
cfd md MD_B index 1 level 3
cfd service-instance 3 ma-id string MA_B_1 ma-index 1 md MD_B vlan 20
cfd meplist 3001 to 3002 service-instance 3
cfd service-instance 4 ma-id string MA_B_2 ma-index 2 md MD_B vlan 30
cfd meplist 4001 to 4002 service-instance 4
#
vlan 20
#
vlan 30
#
interface GigabitEthernet1/0/1
port link-mode bridge
port link-type trunk
port trunk permit vlan 20 30
cfd mep 3001 service-instance 3 inbound
cfd cc service-instance 3 mep 3001 enable
cfd mep 4001 service-instance 4 inbound
cfd cc service-instance 4 mep 4001 enable
#
interface GigabitEthernet1/0/2
port link-mode bridge
port link-type trunk
port trunk permit vlan 20
#
interface GigabitEthernet1/0/3
port link-mode bridge
port link-type trunk
port trunk permit vlan 30
· Device C:
#
cfd enable
cfd md MD_B index 1 level 3
cfd service-instance 3 ma-id string MA_B_1 ma-index 1 md MD_B vlan 20
cfd mip-rule default service-instance 3
#
vlan 20
#
interface GigabitEthernet1/0/1
port link-mode bridge
port link-type trunk
port trunk permit vlan 20
#
interface GigabitEthernet1/0/2
port link-mode bridge
port link-type trunk
port trunk permit vlan 20
· Device D:
#
cfd enable
cfd md MD_A index 1 level 5
cfd md MD_B index 2 level 3
cfd service-instance 1 ma-id string MA_A_1 ma-index 1 md MD_A vlan 20
cfd meplist 1001 to 1002 service-instance 1
cfd service-instance 3 ma-id string MA_B_1 ma-index 1 md MD_B vlan 20
cfd meplist 3001 to 3002 service-instance 3
#
vlan 20
#
interface GigabitEthernet1/0/1
port link-mode bridge
port link-type trunk
port trunk permit vlan 20
cfd mep 3002 service-instance 3 outbound
cfd cc service-instance 3 mep 3002 enable
#
interface GigabitEthernet1/0/2
port link-mode bridge
port access vlan 20
cfd mep 1002 service-instance 1 inbound
cfd cc service-instance 1 mep 1002 enable
· Device E:
#
cfd enable
cfd md MD_A index 1 level 5
cfd md MD_B index 2 level 3
cfd service-instance 2 ma-id string MA_A_2 ma-index 1 md MD_A vlan 30
cfd meplist 2001 to 2002 service-instance 2
cfd service-instance 4 ma-id string MA_B_2 ma-index 2 md MD_B vlan 30
cfd meplist 4001 to 4002 service-instance 4
#
vlan 30
#
interface GigabitEthernet1/0/1
port link-mode bridge
port access vlan 30
cfd mep 2002 service-instance 2 inbound
cfd cc service-instance 2 mep 2002 enable
#
interface GigabitEthernet1/0/2
port link-mode bridge
port link-type trunk
port trunk permit vlan 30
cfd mep 4002 service-instance 4 outbound
不同款型规格的资料略有差异, 详细信息请向具体销售和400咨询。H3C保留在没有任何通知或提示的情况下对资料内容进行修改的权利!