HP H3C S9500 Operation Manual

Operation Manual – Reliability H3C S9500 Series Routing Switches Table of Contents

Table of Contents

Chapter 1 VRRP Configuration....................................................................................................1-1

1.1 Introduction to VRRP.........................................................................................................1-1

1.2 Configuring VRRP .............................................................................................................1-2

1.2.1 Enabling/Disabling the Function to Ping the Virtual IP Address............................. 1-3

1.2.2 Enabling/Disabling the Check of TTL Value of VRRP Packet................................ 1-3

1.2.3 Setting Correspondence between Virtual IP Address and MAC Address .............. 1-3

1.2.4 Adding/Deleting a Virtual IP Address......................................................................1-4

1.2.5 Configuring the Priority of Switches in the Virtual Router....................................... 1-5

1.2.6 Configuring Preemption and Delay for a Switch within a Virtual Router................. 1-5

1.2.7 Configuring Authentication Type and Authentication Key....................................... 1-6

1.2.8 Configuring Virtual Router Timer.............................................................................1-7

1.2.9 Configuring Switch to Track a Specified Interface..................................................1-8

1.3 Displaying and debugging VRRP ...................................................................................... 1-9

1.4 VRRP Configuration Example ........................................................................................... 1-9

1.4.1 VRRP Single Virtual Router Example..................................................................... 1-9

1.4.2 VRRP Tracking Interface Example ....................................................................... 1-11

1.4.3 Multiple Virtual Routers Example..........................................................................1-12

1.5 Troubleshooting VRRP.................................................................................................... 1-13

Chapter 2 HA Configuration......................................................................................................... 2-1

2.1 Introduction to HA.............................................................................................................. 2-1

2.2 Configuring HA...................................................................................................................2-2

2.2.1 Restarting the Slave System Manually ................................................................... 2-2

2.2.2 Starting the Master-Slave Switchover Manually ..................................................... 2-2

2.2.3 Enabling/Disabling Automatic Synchronization....................................................... 2-2

2.2.4 Synchronizing the Configuration File Manually.......................................................2-3

2.2.5 Configuring the Load Mode of the Master and Slave boards .................................2-3

2.3 Displaying and Debugging HA Configuration....................................................................2-4

2.4 HA Configuration Example ................................................................................................ 2-4

Operation Manual – Reliability H3C S9500 Series Routing Switches Chapter 1 VRRP Configuration

Chapter 1 VRRP Configuration

1.1 Introduction to VRRP

Virtual Router Redundancy Protocol (VRRP) is a fault-tolerant protocol. In general, a default route (for example, 10.100.10.1 as shown in the following internetworking diagram) will be configured for every host on a network, so that the pa ckets destined to some other network segment from the host will go through the default route to the Layer 3 Switch, implementing communication between the host and the external network. If Switch is down, all the hosts on this segment taking Switch as the next-hop on the default route will be disconnected from the external network.

Network

Switch

10.100.10.1

10.100.10.7 10.100.10.8 10.100.10.9

Host 1 Host 2 Host 3

Ethernet

Figure 1-1 Network diagram for LAN

VRRP, designed for LANs with multicast and broadcast capabilities (such as Ethernet) settles the above problem. The diagram below is taken as an example to explain the implementation principal of VRRP. VRRP combine s a group of LAN switche s (including a Master and several Backups) into a virtual router.

1-1

Operation Manual – Reliability H3C S9500 Series Routing Switches Chapter 1 VRRP Configuration

Network

Actual IP address10.100.10.2 Actual IP address10.100.10.3

Master

Virtual IP address10.100.10.1

10.100.10.7 10.100.10.8 10.100.10.9

Host 1 Host 2 Host 3

Ethernet

Virtual IP address10.100.10.1

Backup

Figure 1-2 Network diagram for virtual router

This virtual router has its own IP address: 10.100.10.1 (which can be the interface address of a switch within the virtual router). The switches within the virtual router have their own IP addresses (such as 10.100.10.2 for the Master switch and 10.10 0.10.3 for the Backup switch). The host on the LAN only knows the IP address of this virtual router

10.100.10.1 (usually called as virtual IP address of virtual router), b ut not the specific IP addresses 10.100.10.2 of the Master switch and 10.100.10.3 of the Backup switch. They configure their own default routes as the IP address of this virtual router:

10.100.10.1. Therefore, hosts within the network will communicate with the external network through this virtual router. If a Master switch in the virtual group breaks down, another Backup switch will function as the new Master switch to continue serving the host with routing to avoid interrupting the communication between the host and the external networks.

1.2 Configuring VRRP

The following sections describe the VRRP configuration tasks:

z Enabling/Disabling the Function to Ping the Virtual IP Address z Enabling/Disabling the Check of TTL Value of VRRP Packet z Setting Correspondence between Virtual IP Address and MAC Address z Adding/Deleting a Virtual IP Address z Configuring the Priority of Switches in the Virtual Router z Configuring Preemption and Delay for a Switch within a Virtual Router z Configuring Authentication Type and Authentication Key z Configuring Virtual Router Timer z Configuring Switch to Track a Specified Interface

1-2

Operation Manual – Reliability H3C S9500 Series Routing Switches Chapter 1 VRRP Configuration

1.2.1 Enabling/Disabling the Function to Ping the Virtual IP Address

This operation enables or disables the function to ping the virtual IP address of the virtual router. The standard protocol of VRRP does not support the ping function, then the user cannot judge with ping command whether an IP address i s used by the virtual router. If the user configure the IP address for the host same as the virtual IP address of the virtual router, then all messages in this segment will be forwarded to the host.

So H3C S9500 Series Routing Switches (hereinafter referred to as S9500 series) provide the ping function to ping the virtual IP address of the virtual router.

Perform the following configuration in system view.

Table 1-1 Enable/disable the ping function

Operation Command

Enable to ping the virtual IP address Disable to ping the virtual IP address

By default, the function to ping the virtual IP address is disabled. Y ou should set the ping function before configuring the virtual router . If a virtual router i s

already established on the switch, it is not allowed to use the vrrp ping-enable command and the undo vrrp ping-enable command to modify the configuration any more.

vrrp ping-enable undo vrrp ping-enable

1.2.2 Enabling/Disabling the Check of TTL Value of VRRP Packet

This operation configures whether to check TTL value of VRRP packet on the Backup switch. The TTL value must be 225. If the Backup switch find TTL is not 225 when receiving VRRP packet, the packet will be discarded.

Perform the following configuration in VLAN interface view.

Table 1-2 Enable/disable the check of TTL value of VRRP packet

Operation Command

Disable the check of TTL value of VRRP packet Enable the check of TTL value of VRRP packet

By default, the switch checks TTL value of VRRP packets.

vrrp un-check ttl undo vrrp un-check ttl

1.2.3 Setting Correspondence between Virtual IP Address and MAC Address

This operation sets correspondence between the virtual lP address and the MAC address. In the standard protocol of VRRP, the virtual IP address of the virtual router

1-3

Operation Manual – Reliability H3C S9500 Series Routing Switches Chapter 1 VRRP Configuration

corresponds to the virtual MAC address, to ensure correct data forwarding in the sub-net.

Due to the chips installed, some switches support matching one IP address to multiple MAC addresses.

S9500 series not only guarantee correct data forwarding in the sub-net, but also support such function: the user can choose to match the virtual IP address with the real MAC address or virtual MAC address of the routing interface.

The following commands can be used to set correspondence between the IP address and the MAC address.

Perform the following configuration in system view.

Table 1-3 Set correspondence between virtual IP address and MAC address

Operation Command

Set correspondence between the virtual IP address and the MAC address

Set the correspondence to the default value

By default, the virtual IP address of the virtual router corresponds to the virtual MAC address.

You should set correspondence between the virtual IP address of the virtual router and the MAC address before configuring the virtual router. Otherwise, you cannot configure the correspondence.

If you set correspondence between the IP address of the virtual router and the real MAC address, you can configure only one virtual router on VLAN interface.

1.2.4 Adding/Deleting a Virtual IP Address

The following command is used for assigning a virtual IP address of the local segment to a virtual router or removing an assigned virtual IP address of a virtual router from the virtual address list.

Perform the following configuration in VLAN interface view.

vrrp method { real-mac | virtual-mac }

undo vrrp method

Table 1-4 Add/delete a virtual IP address

Operation Command

Add a virtual IP address

Delete a virtual IP address

vrrp vrid virtual-router-ID virtual-ip virtual-address undo vrrp vrid virtual-router-ID [ virtual-ip

virtual-address ]

The virtual-router-ID covers the range from 1 to 255.

1-4

Operation Manual – Reliability H3C S9500 Series Routing Switches Chapter 1 VRRP Configuration

The virtual-address can be an unused address in the network segment where the virtual router resides, or the IP address of an interface in the virtual router. If the IP address is of the switch in the virtual router , it can also be configured as virtual-address. In this case, the switch will be called an IP Address Owner. When adding the first IP address to a virtual router , the system will cr eate a new virtual router accordingly. When adding a new address to this virtual router thereafter, the system will directly add it into the virtual IP address list.

After the last virtual IP address is removed from the virtual router, the whole virtual router will also be removed. That is, there is no more virtual router on the interface any more and any configuration of it is invalid accordingly.

1.2.5 Configuring the Priority of Switches in the Virtual Router

The status of each switch in the virtual router will be determined by its priority in VRRP. The switch with the highest priority will become the Master.

Perform the following configuration in VLAN interface view.

Table 1-5 Configure the priority of switches in the virtual router.

Operation Command

Configure the priority of switches in the virtual router.

Clear the priority of switches in the virtual router.

vrrp vrid virtual-router-ID priority priority

undo vrrp vrid virtual-router-ID priority

The priority ranges from 0 to 255. The greater the number, the higher the priority. However the value can only be taken from 1 to 254. T he priority 0 is reserved for special use and 255 is reserved for the IP address owner by the syste m.

By default, the priority is 100.

 Note:

The priority for IP address owner is always 255, which cannot be configured otherwise.

1.2.6 Configuring Preemption and Delay for a Switch within a Virtual Router

Once a switch in the virtual router becomes the Master switch, so long as it still functions properly, other switches, even configured with a higher priority later, cannot become the Master switch unless they are configured to work in preemption mode. The switch in preemption mode will become the Master switch, when it finds its own priority

1-5

+ 13 hidden pages

HP H3C S9500 Operation Manual

Specifications and Main Features

Frequently Asked Questions

User Manual

1.1 Introduction to VRRP

1.2 Configuring VRRP

1.2.1 Enabling/Disabling the Function to Ping the Virtual IP Address

1.2.2 Enabling/Disabling the Check of TTL Value of VRRP Packet

1.2.3 Setting Correspondence between Virtual IP Address and MAC Address

1.2.4 Adding/Deleting a Virtual IP Address

1.2.5 Configuring the Priority of Switches in the Virtual Router

1.2.6 Configuring Preemption and Delay for a Switch within a Virtual Router