H3C Access Controllers
Comware 7 IRF Setup with Members Directly Connected
Configuration Examples

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Contents

Introduction· 1

Prerequisites· 1

Example: Setting up a two-member IRF fabric with members directly connected· 1

Network configuration·· 1

Restrictions and guidelines· 2

Hardware compatibility· 2

Software requirements· 2

IRF size restrictions· 2

IRF member ID restrictions· 2

IRF topo-domain ID and MAD domain ID restrictions· 2

IRF port binding requirements· 2

IRF network interface shutdown restrictions· 2

Connectivity requirements· 2

IRF merge restrictions· 3

IRF member device bridge MAC address restrictions· 3

IRF port binding removal restrictions· 3

Feature compatibility and configuration restrictions· 3

Procedures· 3

Configuring the switch·· 3

Configuring AC 1· 4

Configuring AC 2· 4

Configuring the IRF fabric· 5

Verifying the configuration·· 6

Configuration files· 7

Related documentation· 8

 

Introduction

This document provides an example for setting up an IRF fabric with two member devices that are directly connected.

The Intelligent Resilient Framework (IRF) technology is proprietary to H3C. This technology is a true stacking technology that creates a large virtual stack called IRF fabric from multiple devices to provide data center class availability and scalability. IRF offers processing power, interaction, unified management, and uninterrupted maintenance of multiple devices.

Prerequisites

This document applies to Comware 7-based access controllers and access points. Procedures and information in the examples might be slightly different depending on the software or hardware version of the access controllers and access points.

The configuration examples in this document were created and verified in a lab environment, and all the devices were started with the factory default configuration. When you are working on a live network, make sure you understand the potential impact of every command on your network.

This document assumes that you have basic knowledge of IRF and Ethernet link aggregation.

Example: Setting up a two-member IRF fabric with members directly connected

Network configuration

As shown in Figure 1, use AC 1 and AC 2 to set up an IRF fabric. The IRF network interfaces on the ACs are directly connected.

Configure LACP MAD on the multi-member link aggregation to the switch, an H3C device that supports extended LACP.

Assign IRF links and non-IRF links to different VLANs for traffic isolation at Layer 2.

Figure 1 Network diagram

 

Restrictions and guidelines

When you set up an IRF fabric with members directly connected, follow the restrictions and guidelines in this section.

Hardware compatibility

An access controller can form an IRF fabric only with access controllers of the same model.

Software requirements

All IRF member devices must run the same software image version as the master. For software synchronization, make sure the software auto-update feature is enabled.

IRF size restrictions

The maximum number of member devices in an IRF fabric varies by device model.

IRF member ID restrictions

Make sure each IRF member device is assigned a unique member ID. For a new member ID to take effect, you must reboot the device.

The port number of the IRF port is the same as the IRF member ID of the device.

IRF topo-domain ID and MAD domain ID restrictions

Make sure all member devices have the same topo-domain ID and MAD domain ID. For a new topo-domain ID to take effect on a device, you must reboot the device.

IRF port binding requirements

An IRF port must have a minimum of one hybrid channel, or a minimum of one data channel and one control channel.

The network interfaces bound to an IRF port must operate at the same rate. The two ends of an IRF link must operate at the same rate.

For the port bindings to take effect, perform the following tasks:

1.     Save the configuration.

2.     Reboot the device or activate the IRF port configuration.

IRF network interface shutdown restrictions

Do not use the shutdown command on an IRF network interface if the interface is the only control channel available on the IRF standby device. If removing the channel is required, shut down the master's IRF network interfaces that have Layer 2 connectivity to that interface.

Connectivity requirements

Make sure the member devices have Layer 2 connectivity with each other.

If the IRF fabric contains only two member devices, you can connect the member devices directly or through Layer 2 intermediate devices. If the IRF fabric contains more than two member devices, you must connect the member devices through Layer 2 intermediate devices.

IRF merge restrictions

If the IRF fabric splits, do not change the IRF settings on any IRF member devices before they reunite.

IRF member device bridge MAC address restrictions

Member devices cannot join the same IRF fabric if they have the same bridge MAC address.

IRF port binding removal restrictions

To remove a network interface from an IRF port, you must first shut down the IRF network interface.

Feature compatibility and configuration restrictions

Ethernet link aggregation restrictions

On the Layer 2 intermediate devices, do not configure per-packet load sharing on the Layer 2 link aggregation groups that connect to multiple member devices of the IRF fabric.

As a best practice, configure Ethernet link aggregation settings after the IRF fabric is formed.

VLAN restrictions

Do not assign IRF links to VLANs that run on links that forward data traffic.

NAT restrictions

NAT is not supported on an IRF fabric.

Procedures

Configuring the switch

# Create Layer 2 aggregate interface Bridge-Aggregation 1, and configure the aggregation group of the aggregate interface to operate in dynamic mode.

<Switch> system-view

[Switch] interface bridge-aggregation 1

[Switch-Bridge-Aggregation1] link-aggregation mode dynamic

[Switch-Bridge-Aggregation1] quit

# Assign GigabitEthernet 1/0/1 to aggregation group 1.

[Switch] interface gigabitethernet 1/0/1

[Switch-GigabitEthernet1/0/1] port link-aggregation group 1

[Switch-GigabitEthernet1/0/1] quit

# Assign GigabitEthernet 1/0/2 to aggregation group 1.

[Switch] interface gigabitethernet 1/0/2

[Switch-GigabitEthernet1/0/2] port link-aggregation group 1

[Switch-GigabitEthernet1/0/2] quit

# Enable link-aggregation traffic redirection.

[Switch] link-aggregation lacp traffic-redirect-notification enable

Configuring AC 1

# Assign Ten-GigabitEthernet 1/0/25 to IRF-port 1.

<AC1> system-view

[AC1] irf-port 1

[AC1-irf-port1] port group interface ten-gigabitethernet 1/0/25

[AC1-irf-port1] quit

# Specify the member priority as 2. AC 1 will be the master device.

[AC1] irf member 1 priority 2

# Save the configuration.

[AC1] save

The current configuration will be written to the device. Are you sure? [Y/N]:y

Please input the file name(*.cfg)[cfa0:/startup.cfg]

(To leave the existing filename unchanged, press the enter key):

Validating file. Please wait...

Saved the current configuration to mainboard device successfully.

# Activate the IRF port configuration.

[AC1] irf-port-configuration active

Configuring AC 2

# Change the IRF member ID to 2.

<AC2> system-view

[AC2] irf member 1 renumber 2

Renumbering the member ID may result in configuration change or loss. Continue?[

Y/N]:y

[AC2] quit

# Reboot the AC for the new member ID to take effect.

<AC2> reboot

Start to check configuration with next startup configuration file, please wait..

.......DONE!

Current configuration may be lost after the reboot, save current configuration?

[Y/N]:y

Please input the file name(*.cfg)[cfa0:/startup.cfg]

(To leave the existing filename unchanged, press the enter key):

cfa0:/startup.cfg exists, overwrite? [Y/N]:y

Validating file. Please wait...

Saved the current configuration to mainboard device successfully.

This command will reboot the device. Continue? [Y/N]:y

Now rebooting, please wait...

# Assign Ten-GigabitEthernet 2/0/25 to the IRF port.

<AC2> system-view

[AC2] irf-port 2

[AC2-irf-port2] port group interface ten-gigabitethernet 2/0/25

[AC2-irf-port2] quit

# Save the configuration.

[AC2] save

The current configuration will be written to the device. Are you sure? [Y/N]:y

Please input the file name(*.cfg)[cfa0:/startup.cfg]

(To leave the existing filename unchanged, press the enter key):

Validating file. Please wait...

Saved the current configuration to mainboard device successfully.

# Activate the IRF port configuration.

[AC2] irf-port-configuration active

System is starting...

AC 1 and AC 2 perform master election. AC 2 fails master election and reboots to form an IRF fabric with AC 1.

Configuring the IRF fabric

# Change the name of the IRF fabric to IRF.

<AC1> system-view

[AC1] system-name IRF

# Configure descriptions for AC 1 and AC 2, respectively.

[IRF] irf member 1 description AC 1

[IRF] irf member 2 description AC 2

# Create a Layer 2 aggregate interface named Bridge-Aggregation 1, and configure the aggregation group of the aggregate interface to operate in dynamic mode.

[IRF] interface bridge-aggregation 1

[IRF-Bridge-Aggregation1] link-aggregation mode dynamic

# Enable LACP MAD on the aggregate interface.

[IRF-Bridge-Aggregation1] mad enable

[IRF-Bridge-Aggregation1] quit

# Enable link-aggregation traffic redirection.

[IRF] link-aggregation lacp traffic-redirect-notification enable

# Assign GigabitEthernet 1/0/1 to aggregation group 1.

[IRF] interface gigabitethernet 1/0/1

[IRF-GigabitEthernet1/0/1] port link-aggregation group 1

[IRF-GigabitEthernet1/0/1] quit

# Assign GigabitEthernet 2/0/1 to aggregation group 1.

[IRF] interface gigabitethernet 2/0/1

[IRF-GigabitEthernet2/0/1] port link-aggregation group 1

[IRF-GigabitEthernet2/0/1] quit

# Create VLAN 400 and assign IRF network interfaces Ten-GigabitEthernet 1/0/25 and Ten-GigabitEthernet 2/0/25 to the VLAN. The VLAN will transmit traffic for IRF links.

[IRF] vlan 400

[IRF-vlan400] port ten-gigabitethernet 1/0/25

[IRF-vlan400] port ten-gigabitethernet 2/0/25

[IRF-vlan400] quit

Verifying the configuration

# Display IRF information. Verify that AC 1 is the master device.

[IRF] display irf

Member ID    Role    Priority  CPU MAC         Description

   *1        Master  2         50da-0051-2608  AC 1

   +2        Standby 1         50da-0051-2670  AC 2

--------------------------------------------------

The asterisk (*) indicates the master.

The plus sign (+) indicates the device through which you are logged in.

The right angle bracket (>) indicates the device's stack capability is disabled.

 

Bridge MAC of the IRF: 50da-0051-2608

Auto upgrade         : Enabled

MAC persistence      : 6 min

Topo-domain ID       : 0

Auto merge           : Enabled

# Display IRF link information. Verify that the IRF network interfaces on both member devices are up.

[IRF] display irf link

Member ID   Member Interfaces                   Status

1           XGE1/0/25(ctrl&data)                Up

2           XGE2/0/25(ctrl&data)                Up

# On the IRF fabric, display detailed information about aggregation groups. Verify that GigabitEthernet 1/0/1 and GigabitEthernet 2/0/1 are in aggregation group 1 and in Selected state.

[IRF] display link-aggregation verbose

Loadsharing Type: Shar -- Loadsharing, NonS -- Non-Loadsharing

Port Status: S -- Selected, U -- Unselected, I -- Individual

Flags:  A -- LACP_Activity, B -- LACP_Timeout, C -- Aggregation,

        D -- Synchronization, E -- Collecting, F -- Distributing,

        G -- Defaulted, H -- Expired

 

Aggregate Interface: Bridge-Aggregation1

Aggregation Mode: Dynamic

Loadsharing Type: Shar

System ID: 0x8000, 50da-0051-2608

Local:

  Port             Status  Priority Oper-Key  Flag

--------------------------------------------------------------------------------

  GE1/0/1          S       32768    1         {ACDEF}

  GE2/0/1          S       32768    1         {ACDEF}

Remote:

  Actor            Partner Priority Oper-Key  SystemID               Flag

--------------------------------------------------------------------------------

  GE1/0/1          1       32768    1         0x8000, 3897-d633-f3c6 {ACDEF}

  GE2/0/1          2       32768    1         0x8000, 3897-d633-f3c6 {ACDEF}

# On the switch, display detailed information about aggregation groups. Verify that GigabitEthernet 1/0/1 and GigabitEthernet 1/0/2 are in aggregation group 1 and in Selected state.

[Switch] display link-aggregation verbose

Loadsharing Type: Shar -- Loadsharing, NonS -- Non-Loadsharing

Port Status: S -- Selected, U -- Unselected,

             I -- Individual, * -- Management port

Flags:  A -- LACP_Activity, B -- LACP_Timeout, C -- Aggregation,

        D -- Synchronization, E -- Collecting, F -- Distributing,

        G -- Defaulted, H -- Expired

 

Aggregate Interface: Bridge-Aggregation1

Aggregation Mode: Dynamic

Loadsharing Type: Shar

Management VLAN : None

System ID: 0x8000, 3897-d633-f3c6

Local:

  Port             Status  Priority Oper-Key  Flag

--------------------------------------------------------------------------------

  GE1/0/1          S       32768    1         {ACDEF}

  GE1/0/2          S       32768    1         {ACDEF}

Remote:

  Actor            Partner Priority Oper-Key  SystemID               Flag

--------------------------------------------------------------------------------

  GE1/0/1          2       32768    1         0x8000, 50da-0051-2608 {ACDEF}

  GE1/0/2          31      32768    1         0x8000, 50da-0051-2608 {ACDEF}

Configuration files

·     IRF fabric:

#

 sysname IRF

#

 irf mac-address persistent timer

 irf auto-update enable

 irf auto-merge enable

 irf member 1 priority 2

 irf member 2 priority 1

 irf member 1 description AC 1

 irf member 2 description AC 2

#

 link-aggregation lacp traffic-redirect-notification enable

#

vlan 400

#

irf-port 1

 port group interface Ten-GigabitEthernet1/0/25

#

irf-port 2

 port group interface Ten-GigabitEthernet2/0/25

#

interface Bridge-Aggregation1

 link-aggregation mode dynamic

 mad enable

#

interface GigabitEthernet1/0/1

 port link-aggregation group 1

#

interface GigabitEthernet2/0/1

 port link-aggregation group 1

#

interface Ten-GigabitEthernet1/0/25

 port access vlan 400

#

interface Ten-GigabitEthernet2/0/25

 port access vlan 400

#

·     Switch:

#

 link-aggregation lacp traffic-redirect-notification enable

#

interface Bridge-Aggregation1

 link-aggregation mode dynamic

#

interface GigabitEthernet1/0/1

 port link-aggregation group 1

#

interface GigabitEthernet1/0/2

 port link-aggregation group 1

#

Related documentation

·     IRF Command Reference in H3C Access Controllers Command References

·     IRF Configuration Guide in H3C Access Controllers Configuration Guides

·     Layer 2—LAN Switching Command Reference in H3C Access Controllers Command References

·     Layer 2—LAN Switching Configuration Guide in H3C Access Controllers Configuration Guides