HP 5120-24G EI, 5120-24G EI TAA, 5120-48G EI, 5120-48G EI TAA, 5120-24G-PoE+ EI IRF Configuration Guide

HP 5120 EI Switch Series

IRF
Configuration Guide

Part number: 5998-1789b

Software version: Release 2220

Document version: 6W100-20130810

Legal and notice information

© Copyright 2013 Hewlett-Packard Development Company, L.P.

No part of this documentation may be reproduced or transmitted in any form or by any means without
prior written consent of Hewlett-Packard Development Company, L.P.

The information contained herein is subject to change without notice.

HEWLETT-PACKARD COMPANY MAKES NO WARRANTY OF ANY KIND WITH REGARD TO THIS
MATERIAL, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
AND FITNESS FOR A PARTICULAR PURPOSE. Hewlett-Packard shall not be liable for errors contained
herein or for incidental or consequential damages in connection with the furnishing, performance, or
use of this material.

The only warranties for HP products and services are set forth in the express warranty statements
accompanying such products and services. Nothing herein should be construed as constituting an
additional warranty. HP shall not be liable for technical or editorial errors or omissions contained
herein.

i

Contents

IRF overview ································································································································································· 1

Hardware compatibility ···················································································································································· 1
IRF benefits ········································································································································································· 1
Application scenario ························································································································································· 2
Basic concepts ··································································································································································· 2

IRF member roles ······················································································································································ 2
IRF member ID ··························································································································································· 2
IRF port ······································································································································································ 2
Physical IRF port ······················································································································································· 3
IRF domain ID ··························································································································································· 3
IRF split ······································································································································································ 4
IRF merge ·································································································································································· 4

Member priority ························································································································································ 5
Interface naming conventions ·········································································································································· 5
File system naming conventions······································································································································· 5
Configuration synchronization mechanism ···················································································································· 6
Loop-elimination mechanism ············································································································································ 7
Master election ·································································································································································· 7
IRF multi-active detection ·················································································································································· 7

Multi-active handling procedure ····························································································································· 7

LACP MAD ································································································································································ 8

ARP MAD ·································································································································································· 9

Configuring IRF ··························································································································································· 11

General restrictions and configuration guidelines ······································································································ 11

Software requirements ·········································································································································· 11

IRF link redundancy ··············································································································································· 11

IRF physical port restrictions and cabling requirements ···················································································· 11

IRF port binding restrictions ·································································································································· 11

MAD ······································································································································································· 11

FIPS mode requirement ········································································································································· 12

Other configuration guidelines ···························································································································· 12
Setup and configuration task list ·································································································································· 12
Planning the IRF fabric setup ········································································································································· 13
Assigning a member ID to each IRF member switch ·································································································· 14
Specifying a priority for each member switch ············································································································ 14
Connecting physical IRF ports ······································································································································· 15
Binding physical ports to IRF ports ······························································································································· 16
Accessing the IRF fabric ················································································································································ 17

Accessing the CLI of the master switch ··············································································································· 17

Accessing the CLI of a subordinate switch ········································································································· 18
Assigning an IRF domain ID to the IRF fabric ·············································································································· 18
Configuring a member switch description··················································································································· 18
Configuring IRF link load sharing mode ······················································································································ 19

Configuring the global load sharing mode ········································································································ 19

Configuring a port-specific load sharing mode ································································································· 19
Configuring IRF bridge MAC persistence ···················································································································· 20
Enabling software auto-update for system software image synchronization ··························································· 20
Setting the IRF link down report delay ························································································································· 21

ii

Configuring MAD ··························································································································································· 22

Configuring LACP MAD ········································································································································ 22

Configuring ARP MAD ·········································································································································· 23

Excluding a port from the shutdown action upon detection of multi-active collision ······································ 24

Recovering an IRF fabric ······································································································································· 25
Displaying and maintaining an IRF fabric ··················································································································· 26
Configuration examples ················································································································································ 27

LACP MAD-enabled IRF configuration example ································································································· 27

ARP MAD-enabled IRF configuration example ··································································································· 29

Support and other resources ····································································································································· 32

Contacting HP ································································································································································ 32

Subscription service ·············································································································································· 32
Related information ························································································································································ 32

Documents ······························································································································································ 32

Websites ································································································································································· 32
Conventions ···································································································································································· 33

Index ··········································································································································································· 35

1

IRF overview

The HP Intelligent Resilient Framework (IRF) technology creates a large IRF fabric from multiple switches
to provide data center class availability and scalability. IRF virtualization technology offers processing
power, interaction, unified management, and uninterrupted maintenance of multiple switches.

This book describes IRF concepts and guides you through the IRF setup procedure.

Hardware compatibility

In the HP 5120 EI Switch Series, only the following switch models can form an IRF fabric, and they must
have expansion interface cards listed in "IRF physical port restrictions and cabling requirements":

• HP 5120-24G EI Switch with 2 Interface Slots (JE068A)

• HP 5120-24G EI TAA Switch with 2 Interface Slots (JG245A)

• HP 5120-48G EI Switch with 2 Interface Slots (JE069A)

• HP 5120-48G EI TAA Switch with 2 Interface Slots (JG246A)

• HP 5120-24G-PoE+ EI Switch with 2 Interface Slots (JG236A)

• HP 5120-24G-PoE+ EI TAA Switch with 2 Interface Slots (JG247A)

• HP 5120-48G-PoE+ EI Switch with 2 Interface Slots (JG237A)

• HP 5120-48G-PoE+ EI TAA Switch with 2 Interface Slots (JG248A)

IRF benefits

IRF provides the following benefits:

• Simplified topology and easy management—An IRF fabric appears as one node and is accessible

at a single IP address on the network. You can use this IP address to log in at any member device
to manage all the members of the IRF fabric. In addition, you do not need to run the spanning tree
feature among the IRF members.

• 1:N redundancy—In an IRF fabric, one member works as the master to manage and control the

entire IRF fabric, and all the other members process services while backing up the master. When the
master fails, all the other member devices elect a new master from among them to take over without
interrupting services.

• IRF link aggregation—You can assign several physical links between neighboring members to their

IRF ports to create a load-balanced aggregate IRF connection with redundancy.

• Multiple-chassis link aggregation—You can use the Ethernet link aggregation feature to aggregate

the physical links between the IRF fabric and its upstream or downstream devices across the IRF
members.

• Network scalability and resiliency—Processing capacity of an IRF fabric equals the total

processing capacities of all the members. You can increase ports, network bandwidth, and
processing capacity of an IRF fabric simply by adding member devices without changing the
network topology.

2

Application scenario

Figure 1 shows an IRF fabric that is formed by two switches, which appear as a single node to the upper

and lower layer devices.

Figure 1 IRF application scenario

Basic concepts

This section describes the basic concepts that you might encounter when working with IRF.

IRF member roles

IRF uses two member roles: master and slave (called "subordinate" throughout the documentation).

When switches form an IRF fabric, they elect a master to manage the IRF fabric, and all other switches
back up the master. When the master switch fails, the other switches automatically elect a new master
from among them to take over. For more information about master election, see "Master election."

IRF member ID

An IRF fabric uses member IDs to uniquely identify and manage its members. This member ID information
is included as the first part of interface numbers and file paths to uniquely identify interfaces and files in
an IRF fabric. For more information about interface and file path naming, see "Interface naming

co

nventions" and "File system naming conventions."

If t

wo switches have the same IRF member ID, they cannot form an IRF fabric.

IRF port

An IRF port is a logical interface for the connection between IRF member devices. Every IRF-capable
device supports two IRF ports. The IRF ports are named IRF-port n/1 and IRF-port n/2, where n is the

IP network

IRF

IP network

IRF link

Equal to

Master

Subordinate

3

member ID of the switch. The two IRF ports are referred to as "IRF-port 1" and "IRF-port 2" in this book
for simplicity.

To use an IRF port, you must bind at least one physical port to it. The physical ports assigned to an IRF
port automatically form an aggregate IRF link. An IRF port goes down only if all its physical IRF ports are
down.

For two neighboring devices, their IRF physical links must be bound to IRF-port 1 on one device and to
IRF-port 2 on the other.

Physical IRF port

Physical IRF ports connect IRF member devices and must be bound to an IRF port. They forward IRF
protocol packets between IRF member devices and data packets that must travel across IRF member
devices.

For more information about physical ports that can be used for IRF links, see "General restrictions and

c

onfiguration guidelines."

IRF domain ID

One IRF fabric forms one IRF domain. IRF uses IRF domain IDs to uniquely identify IRF fabrics and prevent
IRF fabrics from interfering with one another.

As shown in Figure 2, S

witch A and Switch B form IRF fabric 1, and Switch C and Switch D form IRF fabric

2. The fabrics have LACP MAD detection links between them. When a member switch in one IRF fabric
receives an extended LACP packet for MAD detection, it looks at the domain ID in the packet to see
whether the packet is from the local IRF fabric or from a different IRF fabric. Then, the switch can handle
the packet correctly.

4

Figure 2 A network that comprises two IRF domains

IRF split

IRF split occurs when an IRF fabric breaks up into two or more IRF fabrics because of IRF link failures, as
shown in Figure 3. T

he split IRF fabrics operate with the same IP address and cause routing and
forwarding problems on the network. To quickly detect a multi-active collision, configure at least one
MAD mechanisms (see "IRF multi-active detection")

.

Figure 3 IRF split

IRF merge

IRF merge occurs when two split IRF fabrics reunite or when you configure and connect two independent
IRF fabrics to be one IRF fabric, as shown in Figure 4.

5

Figure 4 IRF merge

Member priority

Member priority determines the possibility of a member device to be elected the master. A member with
higher priority is more likely to be elected the master.

The default member priority is 1. You can change the member priority of a member device to affect the
master election result.

Interface naming conventions

An interface is named in the format of chassis-id/slot-number/port-index, where:

• chassis-id—IRF member ID of the switch. This argument defaults to 1.

• slot-number—Represents the slot number of the interface card. This argument takes 0 for the fixed

ports on the front panel, and takes 1 and 2 for the two interface cards (from left to right) on the rear
panel.

• port-index—Port index depends on the number of ports available on the switch. To identify the

index of a port, look at its port index mark on the chassis.

For one example, on the standalone switch Sysname, GigabitEthernet 1/0/1 represents the first fixed
port on the front panel. Set its link type to trunk, as follows:

<Sysname> system-view
[Sysname] interface gigabitethernet 1/0/1
[Sysname-GigabitEthernet1/0/1] port link-type trunk

For another example, on the IRF fabric Master, GigabitEthernet 3/0/1 represents the first fixed port on
the front panel of member switch 3. Set its link type to trunk, as follows:

<Master> system-view
[Master] interface gigabitethernet 3/0/1
[Master-GigabitEthernet3/0/1] port link-type trunk

File system naming conventions

On a standalone switch, you can use the name of storage device to access its file system. For more
information about storage device naming conventions, see Fundamentals Configuration Guide.

On an IRF fabric, you can use the name of storage device to access the file system of the master. To
access the file system of any other member switch, use the name in the
slotmember-ID#storage-device-name format. For example:

To access the test folder under the root directory of the Flash on the master switch:

<Master> mkdir test
...

6

%Created dir flash:/test.
<Master> dir
Directory of flash:/
0 -rw- 10105088 Apr 26 2000 13:44:57 test.app
1 -rw- 2445 Apr 26 2000 15:18:19 config.cfg
2 drw- - Jul 14 2008 15:20:35 test
30861 KB total (20961 KB free)

To create and access the test folder under the root directory of the Flash on member switch 3:

<Master> mkdir slot3#flash:/test
%Created dir slot3#flash:/test.
<Master> cd slot3#flash:/test
<Master> pwd
slot3#flash:/test

Or:

<Master> cd slot3#flash:/
<Master> mkdir test
%Created dir slot3#flash:/test.

To copy the file test.app on the master to the root directory of the Flash on member switch 3:

# Display the current working path. In this example, the current working path is the root directory of the
Flash on member switch 3.

<Master> pwd
slot3#flash:

# Change the current working path to the root directory of the Flash on the master switch.

<Master> cd flash:/
<Master> pwd
flash:

# Copy the file to member switch 3.

<Master> copy test.app slot3#flash:/
Copy flash:/test.app to slot3#flash:/test.app?[Y/N]:y
%Copy file flash:/test.app to slot3#flash:/test.app...Done.

Configuration synchronization mechanism

IRF uses a strict running-configuration synchronization mechanism so all chassis in an IRF fabric can work
as a single node, and after the master fails, other members can operate normally.

In an IRF fabric, all chassis get and run the running configuration of the master. Any configuration you
have made is propagated to all members.

When you execute the save [ safely ] [ backup | main ] [ force ] command or the save file-url all
command, the system saves the running configuration, as follows:

• If the configuration auto-update function (the slave auto-update config command) is enabled, saves

the configuration as the startup configuration on all member switches for the next startup.

• If the configuration auto-update function is disabled, saves the configuration as the startup

configuration on the master for the next startup.

By default, configuration auto-update is enabled.

7

For more information about configuration management, see Fundamentals Configuration Guide.

Loop-elimination mechanism

IRF has its own mechanism to eliminate loops, though loop control protocols such as the spanning tree
feature cannot be configured on IRF physical interfaces. Before an IRF member device forwards a packet,
it identifies whether loops exist on the forwarding path based on the source and destination physical
interfaces and the IRF topology. If a loop exists, the device discards the packet on the source interface of
the looped path. This loop-elimination mechanism will drop a large number of broadcast packets on the
IRF physical interfaces. To reduce the SNMP notifications of packet drops, do not monitor packet
forwarding for the IRF physical interfaces.

Master election

Master election is held each time the IRF fabric topology changes, for example, when the IRF fabric is
established, a new member device is plugged in, the master device fails or is removed, the IRF fabric
splits, or IRF fabrics merge.

Master election uses the following rules in descending order:

1. Current master, even if a new member has higher priority.

When an IRF fabric is being formed, all member switches consider themselves as the master, and
this rule is skipped

2. Member with higher priority.

3. Member with the longest system uptime.

4. Member with the lowest bridge MAC address.

The IRF fabric is formed on election of the master.

During an IRF merge, the switches of the IRF fabric that fails the master election must reboot to re-join the
IRF fabric that wins the election.

After a master election, all subordinate switches reboot with the configuration on the master. Their
configuration files do not take effect.

IRF multi-active detection

An IRF link failure causes an IRF fabric to split in two IRF fabrics operating with the same Layer 3
configurations, including the same IP address. To avoid IP address collision and network problems, IRF
uses multi-active detection (MAD) mechanisms to detect the presence of multiple identical IRF fabrics,
handle collisions, and recover from faults.

Multi-active handling procedure

The multi-active handling procedure includes detection, collision handling and failure recovery.

Detection

The MAD implementation of the switch detects active IRF fabrics with the same Layer 3 global
configuration by extending the LACP or gratuitous ARP protocol.

8

These MAD mechanisms identify each IRF fabric with a domain ID and an active ID (the member ID of
the master). If multiple active IDs are detected in a domain, MAD determines that an IRF collision or split
has occurred.

You can use at least one of these mechanisms in an IRF fabric, depending on your network topology. For
a comparison of these MAD mechanisms, see "Configuring MAD."

Collision handling

When multiple identical active IRF fabrics are detected, MAD compares the member IDs of their masters.
If the master in one IRF fabric has the lowest member ID among all the masters, the members in the fabric
continue to operate in Active state and forward traffic. MAD sets all the other IRF fabrics in Recovery
(disabled) state and shuts down all their physical ports except the console ports, physical IRF ports, and
any ports you have specified with the mad exclude interface command.

Failure recovery

To merge two split IRF fabrics, first repair the failed IRF link and remove the IRF link failure.

If the IRF fabric in Recovery state fails before the failure is recovered, repair the failed IRF fabric and the
failed IRF link.

If the IRF fabric in Active state fails before the failure is recovered, first enable the IRF fabric in Recovery
state to take over the active IRF fabric and protect the services from being affected. After that, recover the
MAD failure.

LACP MAD

LACP MAD requires that every IRF member have a link with an intermediate device, and all these links
form a dynamic link aggregation group, as shown in Figure 5. In additi

on, the intermediate device must

be an HP device that supports extended LACP for MAD.

The IRF member switches send extended LACPDUs with TLVs that convey the domain ID and the active ID
of the IRF fabric. The intermediate device transparently forwards the extended LACPDUs received from
one member switch to all the other member switches:

• If the domain IDs and the active IDs in the extended LACPDUs sent by all the member devices are

the same, the IRF fabric is integrated.

• If the extended LACPDUs convey the same domain ID but different active IDs, a split has occurred.

To handle this situation, LACP MAD sets the IRF fabric with higher active ID in Recovery state, and
shuts down all its physical ports but the console port, IRF ports, and any ports you have specified
with the mad exclude interface command. The IRF fabric with lower active ID is still in Active state
and forwards traffic.