场景说明:交换机1、交换机2组成M-LAG系统,同时作为vlan10、vlan20的双活网关,并且与sw7模拟的服务器在vlan10中运行ospf协议,同时作为根桥。交换机3、交换机4组成M-LAG系统,作为接入层。SW7在vlan10中发布地址7.7.7.7,通过vlan20访问7.7.7.7。
vlan10=192.168.10.0/24
vlan20=192.168.20.0/24
主要配置SW1:
# sysname CSW-1 # ip vpn-instance Keepalive # ospf 1 router-id 192.168.10.253 area 0.0.0.0 network 192.168.10.0 0.0.0.255 # lldp global enable # vlan 1 # vlan 10 # vlan 20 # stp region-configuration region-name ARS revision-level 255 instance 1 vlan 1 to 4094 active region-configuration # stp instance 0 to 1 root primary //配置设备作为实例1、实例2的根桥 stp global enable # interface Bridge-Aggregation11 port link-type trunk undo port trunk permit vlan 1 port trunk permit vlan 10 20 link-aggregation mode dynamic port m-lag group 11 # interface Bridge-Aggregation1024 port link-type trunk port trunk permit vlan all link-aggregation mode dynamic port m-lag peer-link 1 # interface Route-Aggregation1024 ip binding vpn-instance Keepalive ip address 1.1.1.1 255.255.255.252 link-aggregation mode dynamic # interface Vlan-interface10 ip address 192.168.10.254 255.255.255.0 ospf peer sub-address enable 192.168.10.253 port m-lag virtual-ip 192.168.10.253 255.255.255.0 active //配置m-lag场景中建立邻居关系使用的子地址,两台M-LAG设备不同,而且需要配置active关键字,不配置的话,仅有m-lag的主设备地址才会生效。建议双活网关场景配置上 mac-address 7e20-ab68-0100 # interface Vlan-interface20 ip address 192.168.20.254 255.255.255.0 mac-address 7e20-ab68-0100 # interface FortyGigE1/0/53 port link-mode bridge port link-type trunk port trunk permit vlan all port link-aggregation group 1024 # interface FortyGigE1/0/54 port link-mode bridge port link-type trunk port trunk permit vlan all port link-aggregation group 1024 # interface GigabitEthernet1/0/1 port link-mode bridge port link-type trunk undo port trunk permit vlan 1 port trunk permit vlan 10 20 combo enable fiber port link-aggregation group 11 # interface GigabitEthernet1/0/2 port link-mode bridge port link-type trunk undo port trunk permit vlan 1 port trunk permit vlan 10 20 combo enable fiber port link-aggregation group 11 # interface Ten-GigabitEthernet1/0/51 port link-mode route combo enable fiber port link-aggregation group 1024 # interface Ten-GigabitEthernet1/0/52 port link-mode route combo enable fiber port link-aggregation group 1024 # # m-lag mad exclude interface Route-Aggregation1024 m-lag role priority 4096 // M-LAG的优先级,越小越优先,类似STP 默认32768 m-lag restore-delay 180 //M-LAG系统恢复后,业务接口延迟UP的时间,防止转发黑洞使用。 m-lag system-mac 7e20-ab68-0100 //M-LAG系统中的LACP SYSTEM-ID,两台设备一样 m-lag system-number 1 //M-LAG系统中的DR ID,两台设备不一样,主一般为1,备一般为2 m-lag system-priority 4096 //配置LACP协议中的优先级,两台设备一样 m-lag standalone enable //配置独立工作模式,当Keepalive和Peer-link全部中断后,设备会采用自身的MAC作为SYSTEM-ID与其他跨设备进行链路聚合,此时对端会收到两个SYSTEM-ID,但是仅会和其中一个建立select关系,这样就避免了双主场景。 m-lag keepalive ip destination 1.1.1.2 source 1.1.1.1 vpn-instance Keepalive # return
实验结果:
结论:由于采用SW7模拟多台设备,因此划分了VRF A、B,从VRF B可以访问到VRF A的7.7.7.7
后续更新:后续会更新H3C的M-LAG场景下VXLAN如何处理