华为交换机M-lag配置示例

2022-9-19

组网需求

如图所示，采用M-LAG方式将主机双归接入普通以太网络。由于用户对于业务的可靠性要求很高，如果主机和接入设备之间做链路聚合只能保证链路级的可靠性，接入设备发生故障时则会导致业务中断。这时用户可以采用跨设备链路聚合技术，正常工作时链路进行负载分担且任何一台设备故障对业务均没有影响，保证业务的高可靠性。由于普通以太网络中存在阻塞端口无法传输M-LAG主备设备的心跳报文，这里采用配置DFS Group绑定管理网口IP地址，保证M-LAG主备设备的心跳报文能够正常传输。

配置思路

将SwitchA和SwitchB配置为根桥，配置相同的桥ID，保证M-LAG主备设备在二层网络中处于根桥地位。
分别在SwitchA和SwitchB上配置管理网口的IP地址，且保证能够三层互通，用于M-LAG主备设备间心跳报文的传输。
分别在SwitchA和SwitchB上配置M-LAG特性，实现服务器的双归接入。
在SwitchC和SwitchD上创建VLANIF接口并配置IP地址，在VLANIF接口上创建VRRP备份组，作为M-LAG主备设备的网关。

操作步骤

将SwitchA和SwitchB配置为根桥，配置相同的桥ID

如果组成M-LAG的设备下行接入的是交换设备，必须配置根保护功能。

# 配置SwitchA。

<HUAWEI> system-view
[~HUAWEI] sysname SwitchA
[*HUAWEI] commit
[~SwitchA] stp root primary
[*SwitchA] stp bridge-address 39-39-39

# 配置SwitchB。

<HUAWEI> system-view
[~HUAWEI] sysname SwitchB
[*HUAWEI] commit
[~SwitchB] stp root primary
[*SwitchB] stp bridge-address 39-39-39

分别配置SwitchA和SwitchB管理网口的IP地址# 配置SwitchA。

[~SwitchA] interface meth 0/0/0
[~SwitchA-MEth0/0/0] ip address 10.1.1.1 24
[*SwitchA-MEth0/0/0] quit
[*SwitchA] commit

# 配置SwitchB。

[~SwitchB] interface meth 0/0/0
[~SwitchB-MEth0/0/0] ip address 10.1.1.2 24
[*SwitchB-MEth0/0/0] quit
[*SwitchB] commit

在SwitchA和SwitchB上分别创建DFS并绑定管理网口的IP地址SwitchA和SwitchB管理网口需要保证能够三层互通。# 配置SwitchA。

[~SwitchA] dfs-group 1
[*SwitchA-dfs-group-1] source ip 10.1.1.1
[*SwitchA-dfs-group-1] priority 150
[*SwitchA-dfs-group-1] quit
[*SwitchA] commit

# 配置SwitchB。

[~SwitchB] dfs-group 1
[*SwitchB-dfs-group-1] source ip 10.1.1.2
[*SwitchB-dfs-group-1] priority 120
[*SwitchB-dfs-group-1] quit
[*SwitchB] commit

配置SwitchA和SwitchB之间的Peer-link# 配置SwitchA。

[~SwitchA] interface eth-trunk 0
[*SwitchA-Eth-Trunk0] trunkport 10ge 1/0/3
[*SwitchA-Eth-Trunk0] trunkport 10ge 1/0/4
[*SwitchA-Eth-Trunk0] undo stp enable
[*SwitchA-Eth-Trunk0] mode lacp-static
[*SwitchA-Eth-Trunk0] peer-link 1
[*SwitchA-Eth-Trunk0] quit
[*SwitchA] commit

# 配置SwitchB。

[~SwitchB] interface eth-trunk 0
[*SwitchB-Eth-Trunk0] trunkport 10ge 1/0/3
[*SwitchB-Eth-Trunk0] trunkport 10ge 1/0/4
[*SwitchB-Eth-Trunk0] undo stp enable
[*SwitchB-Eth-Trunk0] mode lacp-static
[*SwitchB-Eth-Trunk0] peer-link 1
[*SwitchB-Eth-Trunk0] quit
[*SwitchB] commit

配置SwitchA和SwitchB连接服务器的Eth-Trunk接口加入VLAN 11并绑定DFS Group服务器上行连接交换机的端口需要绑定在一个聚合链路中且链路聚合模式需要和交换机侧的聚合模式匹配。# 配置SwitchA。

[~SwitchA] vlan batch 11
[*SwitchA] interface eth-trunk 1
[*SwitchA-Eth-Trunk1] mode lacp-dynamic
[*SwitchA-Eth-Trunk1] port link-type access
[*SwitchA-Eth-Trunk1] port default vlan 11
[*SwitchA-Eth-Trunk1] dfs-group 1 m-lag 1
[*SwitchA-Eth-Trunk1] quit
[*SwitchA] commit

# 配置SwitchB。

[~SwitchB] vlan batch 11
[*SwitchB] interface eth-trunk 1
[*SwitchB-Eth-Trunk1] mode lacp-dynamic
[*SwitchB-Eth-Trunk1] port link-type access
[*SwitchB-Eth-Trunk1] port default vlan 11
[*SwitchB-Eth-Trunk1] dfs-group 1 m-lag 1
[*SwitchB-Eth-Trunk1] quit
[*SwitchB] commit

配置SwitchA和SwitchC之间为聚合链路以及SwitchB和SwitchD之间为聚合链路，并配置接口类型和通过的VLAN# 配置SwitchA。

[~SwitchA] interface eth-trunk 2
[*SwitchA-Eth-Trunk2] mode lacp-static
[*SwitchA-Eth-Trunk2] port link-type trunk
[*SwitchA-Eth-Trunk2] port trunk allow-pass vlan 11
[*SwitchA-Eth-Trunk2] trunkport 10ge 1/0/1
[*SwitchA-Eth-Trunk2] trunkport 10ge 1/0/2
[*SwitchA-Eth-Trunk2] quit
[*SwitchA] commit

# 配置SwitchB。

[~SwitchB] interface eth-trunk 2
[*SwitchB-Eth-Trunk2] mode lacp-static
[*SwitchB-Eth-Trunk2] port link-type trunk
[*SwitchB-Eth-Trunk2] port trunk allow-pass vlan 11
[*SwitchB-Eth-Trunk2] trunkport 10ge 1/0/1
[*SwitchB-Eth-Trunk2] trunkport 10ge 1/0/2
[*SwitchB-Eth-Trunk2] quit
[*SwitchB] commit

# 配置SwitchC。

<HUAWEI> system-view
[~HUAWEI] sysname SwitchC
[*HUAWEI] commit
[~SwitchC] vlan batch 11
[*SwitchC] interface eth-trunk 2
[*SwitchC-Eth-Trunk2] mode lacp-static
[*SwitchC-Eth-Trunk2] port link-type trunk
[*SwitchC-Eth-Trunk2] port trunk allow-pass vlan 11
[*SwitchC-Eth-Trunk2] trunkport 10ge 1/0/1
[*SwitchC-Eth-Trunk2] trunkport 10ge 1/0/2
[*SwitchC-Eth-Trunk2] quit
[*SwitchC] commit

# 配置SwitchD。

<HUAWEI> system-view
[~HUAWEI] sysname SwitchD
[*HUAWEI] commit
[~SwitchD] vlan batch 11
[*SwitchD] interface eth-trunk 2
[*SwitchD-Eth-Trunk2] mode lacp-static
[*SwitchD-Eth-Trunk2] port link-type trunk
[*SwitchD-Eth-Trunk2] port trunk allow-pass vlan 11
[*SwitchD-Eth-Trunk2] trunkport 10ge 1/0/1
[*SwitchD-Eth-Trunk2] trunkport 10ge 1/0/2
[*SwitchD-Eth-Trunk2] quit
[*SwitchD] commit

在SwitchC和SwitchD上创建VLANIF接口并配置IP地址，在VLANIF接口上创建VRRP备份组# 在SwitchC上创建VRRP备份组1，配置SwitchC在该备份组中的优先级为120。

[~SwitchC] interface vlanif 11
[*SwitchC-Vlanif11] ip address 10.2.1.1 24
[*SwitchC-Vlanif11] vrrp vrid 1 virtual-ip 10.2.1.111
[*SwitchC-Vlanif11] vrrp vrid 1 priority 120
[*SwitchC-Vlanif11] quit
[*SwitchC] commit

# 在SwitchD上创建VRRP备份组1，其在该备份组中的优先级为缺省值100。

[~SwitchD] interface vlanif 11
[*SwitchD-Vlanif11] ip address 10.2.1.2 24
[*SwitchD-Vlanif11] vrrp vrid 1 virtual-ip 10.2.1.111
[*SwitchD-Vlanif11] quit
[*SwitchD] commit

验证配置结果

执行命令display dfs-group，查看M-LAG的相关信息。# 查看DFS Group编号为1的M-LAG信息。

[~SwitchA] display dfs-group 1 m-lag
*                : Local node
Heart beat state : OK
Node 1 *
  Dfs-Group ID   : 1
  Priority       : 150
  Address        : ip address 10.1.1.1
  State          : Master
  Causation      : -
  System ID      : 00e0-fc95-7c31
  SysName        : SwitchA
  Version        : V200R020C00
  Device Type    : CE9860EI
Node 2
  Dfs-Group ID   : 1
  Priority       : 120
  Address        : ip address 10.1.1.2
  State          : Backup
  Causation      : -
  System ID      : 00e0-fc95-7c11
  SysName        : SwitchB
  Version        : V200R020C00
  Device Type    : CE9860EI

# 查看SwitchA上的M-LAG信息。

[~SwitchA] display dfs-group 1 node 1 m-lag brief
* - Local node

M-Lag ID     Interface      Port State    Status                Consistency-check
       1     Eth-Trunk 1    Up            active(*)-active      --


Failed reason:                                                                  
    1 -- Relationship between vlan and port is inconsistent                     
    2 -- STP configuration under the port is inconsistent                       
    3 -- STP port priority configuration is inconsistent                        
    4 -- LACP mode of M-LAG is inconsistent                                     
    5 -- M-LAG configuration is inconsistent                                    
    6 -- The number of M-LAG members is inconsistent

# 查看SwitchB上的M-LAG信息。

[~SwitchA] display dfs-group 1 node 2 m-lag brief
* - Local node

M-Lag ID     Interface      Port State    Status                Consistency-check
       1     Eth-Trunk 1    Up            active-active(*)      --


Failed reason:                                                                  
    1 -- Relationship between vlan and port is inconsistent                     
    2 -- STP configuration under the port is inconsistent                       
    3 -- STP port priority configuration is inconsistent                        
    4 -- LACP mode of M-LAG is inconsistent                                     
    5 -- M-LAG configuration is inconsistent                                    
    6 -- The number of M-LAG members is inconsistent

通过以上显示信息可以看到，“Heart beat state”的状态是“OK”，表明心跳状态正常；SwitchA作为Node 1，优先级为150，“State”的状态是“Master”；SwitchB作为Node 2，优先级为120，“State”的状态是“Backup”。同时“Causation”的状态是“-”，Node 1的“Port State”状态为“Up”，Node 2的“Port State”状态为“Up”，且Node 1和Node 2的M-LAG状态均为“active”，表明M-LAG的配置正确。

在SwitchC和SwitchD上分别执行display vrrp命令，可以看到SwitchC在备份组中的状态为Master，SwitchD在备份组中的状态为Backup。

[~SwitchC] display vrrp verbose
Vlanif11 | Virtual Router 1
State        : Master
Virtual IP     : 10.2.1.111
Master IP      : 10.2.1.1
PriorityRun    : 120
PriorityConfig : 120                                                        
MasterPriority : 120                                                        
Preempt        : YES   Delay Time : 0s    Remain : --    
TimerRun       : 1s                                                              
TimerConfig    : 1s                                                           
Auth Type      : NONE                                                            
Virtual MAC    : 0000-5e00-0101                                                
Check TTL      : YES                                                             
Config Type    : Normal                                                   
Create Time       : 2020-01-30 11:39:18                                           
Last Change Time  : 2020-02-04 11:38:58

[~SwitchD] display vrrp verbose
Vlanif11 | Virtual Router 1
State        : Backup
Virtual IP     : 10.2.1.111
Master IP      : 10.2.1.1
PriorityRun    : 100
PriorityConfig : 100                                                        
MasterPriority : 120                                                        
Preempt        : YES   Delay Time : 0s   Remain : --     
TimerRun       : 1s                                                        
TimerConfig    : 1s                                                        
Auth Type      : NONE                                                       
Virtual MAC    : 0000-5e00-0101                                             
Check TTL      : YES                                                        
Config Type    : Normal                                                
Create Time      : 2020-01-30 11:39:18                                      
Last Change Time : 2020-02-04 11:38:58

配置文件

SwitchA的配置文件

#
sysname SwitchA
#
dfs-group 1
 priority 150
 source ip 10.1.1.1
#
vlan batch 11
#
stp bridge-address 00e0-fc39-0039
stp instance 0 root primary
#
interface MEth0/0/0
 ip address 10.1.1.1 255.255.255.0
#
interface Eth-Trunk0
 stp disable
 mode lacp-static
 peer-link 1
#
interface Eth-Trunk1
 port default vlan 11
 stp edged-port enable
 mode lacp-dynamic
 dfs-group 1 m-lag 1
#
interface Eth-Trunk2
 port link-type trunk
 port trunk allow-pass vlan 11
 mode lacp-static 
#
interface 10GE1/0/1
 eth-trunk 1
#
interface 10GE1/0/2
 eth-trunk 1
#
interface 10GE1/0/3
 eth-trunk 0
#
interface 10GE1/0/4
 eth-trunk 0
#
interface 10GE1/0/5
 eth-trunk 2
#
interface 10GE1/0/6
 eth-trunk 2
#
return

SwitchB的配置文件

#
sysname SwitchB
#
dfs-group 1
 priority 120
 source ip 10.1.1.2
#
vlan batch 11
#
stp bridge-address 00e0-fc39-0039
stp instance 0 root primary
#
interface MEth0/0/0
 ip address 10.1.1.2 255.255.255.0
#
interface Eth-Trunk0
 stp disable
 mode lacp-static
 peer-link 1
#
interface Eth-Trunk1
 port default vlan 11
 stp edged-port enable
 mode lacp-dynamic
 dfs-group 1 m-lag 1
#
interface Eth-Trunk2
 port link-type trunk
 port trunk allow-pass vlan 11
 mode lacp-static
#
interface 10GE1/0/1
 eth-trunk 1
#
interface 10GE1/0/2
 eth-trunk 1
#
interface 10GE1/0/3
 eth-trunk 0
#
interface 10GE1/0/4
 eth-trunk 0
#
interface 10GE1/0/5
 eth-trunk 2
#
interface 10GE1/0/6
 eth-trunk 2
#
return

SwitchC的配置文件

#
sysname SwitchC
#
vlan batch 11
#
interface Vlanif11
 ip address 10.2.1.1 255.255.255.0
 vrrp vrid 1 virtual-ip 10.2.1.111
 vrrp vrid 1 priority 120
#
interface Eth-Trunk2
 port link-type trunk
 port trunk allow-pass vlan 11
 mode lacp-static
#
interface 10GE1/0/1
 eth-trunk 2
#
interface 10GE1/0/2
 eth-trunk 2
#
return

SwitchD的配置文件

#
sysname SwitchD
#
vlan batch 11
#
interface Vlanif11
 ip address 10.2.1.2 255.255.255.0
 vrrp vrid 1 virtual-ip 10.2.1.111
#
interface Eth-Trunk2
 port link-type trunk
 port trunk allow-pass vlan 11
 mode lacp-static
#
interface 10GE1/0/1
 eth-trunk 2
#
interface 10GE1/0/2
 eth-trunk 2
#
return

版权声明网站名称： 树洞笔记
本站网址：www.x8xx.cn
本站提供的一切软件、教程和内容信息仅限用于学习和研究目的。
不得将上述内容用于商业或者非法用途，否则，一切后果请用户自负。
我们非常重视版权问题，如有侵权请邮件与我们联系处理。敬请谅解！邮件：hole8443@gmail.com
网站部分内容来源于网络，版权争议与本站无关。请在下载后的24小时内从您的设备中彻底删除上述内容。
如无特别声明本文即为原创文章仅代表个人观点，版权归《树洞笔记》所有，欢迎转载，转载请保留原文链接。

THE END