November 2017
Extreme Fabric connect
Lab
Agenda






2
Lab
Enabling SPB on the Switch
Creating and testing SPB NNI links
Creating and testing Layer 2 VSNs
Creating and testing IP Shortcuts
Creating and testing Layer 3 VSNs
Overall LAB Deployment
LAB 4
VSP 4K4
1/49
LAB 1
VSP 4K1
1/49
LAB 5
VSP 4K5
1/49
1/7
LAB 2
VSP 4K2
1/6
1/6
1/7
1/49
LAB 6
VSP 4K6
1/7
1/8 VSP 8K1
VSP 8K2
1/9
1/8
1/49
LAB 3
VSP 4K3
LAB 7
VSP 4K7
1/49
1/49
VLAN Port Layout VSP 4000
All Labs
1/49 NNI Port
BVLAN 4051, 4052
1/5‐1/6
1/7‐1/9
1/10‐1/12
VLAN
100
VLAN
20X
All Switches
VLAN
30X
All Switches
All Switches
Console 9600‐8‐N‐1
Instructions
• Carefully check each command to ensure you are entering the specific
information (VLAN ID, IP address, etc.) for your switch, rather than
the example indicated. LAB specific information is denoted in red.
• Tables are contained in the LAB Cut‐Sheet’s specific to your LAB
indicate your specific SPB parameter, VLAN and IP address
assignments.
• Stop at the end of each section and check with your neighbors to
discuss results (adjacencies, entries in LSDB, IP reachability, etc.)
Configuring VSP4k/VSP 8K Device Access
• Enable the Configuration Interface:
•
•
•
•
VSP-4850GTS-PWR+:1>ena
VSP-4850GTS-PWR+:1#config t
VSP-4850GTS-PWR+:1(config)#
Industry accepted Command Line.
• Note – Take notice of the command level shown by the system prompt
• Set the System Name:
• VSP-4850GTS-PWR+:1(config)#sys name vsp4kX
 X=Lab,
• vsp4k1-1:1(config)#
• Note – System Name will be used automatically for the ISIS System Name
Enabling SPB on the Switch
7
Enabling SPB on the VSP4k/VSP8k
Overview of Configuring IS‐IS/SPBM Global Switch items
• Objective
• This is the general process flow for enabling SPB on the VSP 4000/8000. Specific instructions begin on the
following slide
• Global settings
• Configuring SPBM
• Enabling SPBM
• Creating SPBM instance
• SPBM nick‐name
• Configuring SPBM BVLAN
• Configuring IS‐IS
• IS‐IS area
• IS‐IS sys‐name (SNMP System name used by default)
• System ID (Unit base MAC address used by default)
• Enabling IS‐IS
Enabling SPB on the VSP4k/VSP8k – Step 1 of
2
•
Enable SPBM globally:
• vsp4k1-1:1(config)#spbm
• Enables the SPBM Protocol for your switch node globally.
•
Enter the ISIS Router Configuration mode:
• vsp4k1-1:1(config)#router isis
• Places you in the router isis context.
•
Create the SPBM instance:
• vsp4k1-1:1(config-isis)#spbm 1
• Note – Currently only one SPBM instance is supported
• Establishes SPBM Domain 1 within your node. This domain value is common for your entire SPBM cloud. We are configuring the SPBM 1 Domain.
•
Create the ISIS area
• vsp4k1-1:1(config-isis)#manual-area 49.0001
• Establishes the SPBM Area for your cloud. This area value is common for our entire SPBM cloud.
•
Add the SPBM B‐VLANs (Backbone VLANs) to the SPBM instance:
• vsp4k1-1:1(config-isis)#spbm 1 b-vid 4051,4052 primary 4051
• Defines the Backbone Control VLAN Identifiers for the entire cloud. Today, Avaya supports two Backbone VLAN IDs (Primary and Secondary) for a deployed SPBM Solution. This configuration
defines 4051 and 4052 as the Backbone VLAN IDs with 4051 defined as the primary B‐VID for the entire SPBM Cloud. The B‐VID values along with the designated Primary B‐VID are common
for our entire SPBM cloud.
• vsp4k1-1:1(config-isis)#exit
• Note – B‐VLAN’s will be used by SPB to carry traffic across the network
•
Create the SPB Backbone VLANs
• vsp4k1-1:1(config)#vlan create 4051 name BVID1 type spbm-bvlan
• Creates Backbone VLAN (B‐VLAN) #1 within the node and defines it as an SPBM Backbone VLAN. This VLAN along with B‐VLAN #2 will be the only VLANs seen on the NNI connections within
the SPBM Cloud.
• vsp4k1-1:1(config)#vlan create 4052 name BVID2 type spbm-bvlan
• Creates B‐VLAN #2 within the node and defines it as an SPBM Backbone VLAN. This VLAN along with B‐VLAN #1 will be the only VLANs seen on the NNI connections within the SPBM Cloud
• Note – While only a single backbone VLAN is required, two should be used for load‐balancing
• Note – Naming the VLAN is purely optional and is not a requirement
Enabling SPB on the VSP4k/VSP 8k – Step 2
of 2
•
Configure the ISIS nick‐name (a.k.a. Shortest Path Source Name) :
• vsp4k1-1:1(config)#router isis
•
•
Moves our configuration efforts to the router isis context.
vsp4k1-1:1(config-isis)#spbm 1 nick-name 1.00.0x
 x=lab
•
Note – The nick‐name is a 2.5 byte field (x.xx.xx) that must be globally unique
•
Defines the unique SPBM Nickname for this node. ENTER THIS VALUE CAREFULLY and ACCURATELY. Re‐enter it now if you mistyped it; it is important that you make
any necessary changes to this parameter prior to enabling router isis.
•
Enable ISIS
• vsp4k1-1:1(config-isis)#router isis enable
•
•
Enable Connectivity Fault Management (CFM)
• vsp4k1-1:1(config)#cfm spbm enable
•
•
This enables and activates your ISIS node.
Note – CFM offers troubleshooting capabilities at Layer 2 (Allows SPB OAM features like L2 ping, L2 traceroute, L2 tracemroute, L2 tracetree). While merely a
footnote here, this capability is extremely significant (IEEE 802.1ag) as there is no Layer 2 OAM today
Core SPBM Configuration Complete!
Enabling SPB on the VSP4k/VSP8k –
Verification
Show Commands for ISIS/SPB Basic – take a look to get a feel for what’s there
• show isis
• show isis spbm
• show isis lsdb
• show isis interface
– couple of entries at this point
– nothing yet
• show isis adjacencies
– nothing yet
• show isis system‐id
• show isis manual‐area
• show isis spbm unicast‐fib
– couple of entries at this point
• show isis spbm unicast‐fib vlan <xxxx> (BVID)
– ditto
• show isis spbm unicast‐tree <xxxx> (BVID)
– nothing yet
• show isis spbm multicast‐fib
– nothing yet
• show isis spbm ip‐unicast‐fib
– nothing yet
• show isis spbm ? [For Additional Commands]
Creating and testing IP Shortcut
12
Creating and testing IP Shortcuts
• Objectives
• IP Shortcuts are redistribution of routes into ISIS in order to allow ISIS/SPB to
“route” across the fabric at Layer 2 by Ethernet forwarding or switching. This
causes the entire fabric to appear as a single router hop from the perspective
of the client (apparent when you do a traceroute from Windows).
• You will configure a Loopback Address on your switch that will become
routable across the fabric. In a later lab, you’ll see additional routes
advertised via IP Shortcuts.
Establishing IP Shortcuts
LAB 4
VSP 4K4
1/49
LAB 1
VSP 4K1
GRT
1/49
LAB 5
VSP 4K5
GRT
1/49
GRT
LAB 2
VSP 4K2
1/6
1/6
1/7
1/7
1/49
LAB 6
VSP 4K6
1/7
GRT
1/8 VSP 8K1
VSP 8K2
1/9
1/8
1/49
GRT
LAB 3
VSP 4K3
LAB 7
VSP 4K7
1/49
GRT
1/49
GRT
•
•
Creating and testing IP Shortcuts – Step 1
of 2
Configure CLIP address and ISIS Source IP address
• vsp4k1-1:1(config)#interface loopback 1
• Selects the loopback 1 context.
• vsp4k1-1:1(config-if)#ip address 10.10.11.x/32
 x=Lab
• Assigns the Circuitless IP Address to this node’s Loopback one interface. This loopback will be used as the node’s IP Source Address used for IP Shortcuts. The IP Address has a 32‐Bit mask
assigned to it.
• vsp4k1-1:1(config-if)#exit
• vsp4k1-1:1)#router isis
• Enters the router isis context.
• vsp4k1-1:1(config-isis)#ip-source-address 10.10.11.x
• Assigns the newly configured Loopback 1 IP Address to the Source IP Address parameter.
• vsp4k1-1:1(config-isis)#spbm 1 ip enable
• Enables IP Shortcuts as part of SPBM Domain 1.
• vsp4k1-1:1(config-isis)#exit
• Note – CLIP is required for IP Shortcuts and Multicast over SPB
Configure IP Route Redistribution into ISIS
• vsp4k1-1:1(config)#router isis
• Enters the router isis context.
• vsp4k1-1:1(config-isis)#redistribute direct
• WARNING: Routes will not be injected until apply command is issued after enabled
• Initiates the redistribution of directly connected routes to the Global Routing Table.
• vsp4k1-1:1(config-isis)#redistribute direct enable
• Enables the redistribution of direct routes locally.
• vsp4k1-1:1(config-isis)#isis apply redistribute direct
• Activates the redistribution of direct routes as part of the Global Routing Table(GRT).
• vsp4k1-1:1(config-isis)#exit
• (Now as you create VLAN’s and give them IP addresses, they will be reachable via ISIS*)
• * At least one end station needs to be attached to the VLAN to populate ISIS GRT
•
Creating and testing IP Shortcuts – Step 2
of 2
Configure CLIP address and ISIS Source IP address
• vsp4k1-1:1(config)#vlan create 20X type port-mstprstp 1
•
•
•
•
•
•
•
•
•
•
Note x=lab
vsp4k1-1:1(config)#vlan members remove 1 1/7-1/9
vsp4k1-1:1(config)#vlan members add 20X 1/7-1/9
vsp4k1-1:1(config)#interface vlan 20X
vsp4k1-1:1(config-if)#ip address 10.11.1X.1 255.255.255.0 Note x=lab
vsp4k1-1:1(config-if)#exit
vsp4k1-1:1(config)#interface gigabitethernet 1/7-1/9
vsp4k1-1:1(config-if)#no shutdown
vsp4k1-1:1(config-if)#exit
vsp4k1-1:1(config)#save config
Creating and testing IP Shortcuts –
Verification
• Ping the Loopback Addresses of other LAB’s
• Show Commands
• vsp4k1-1:1(config)#show ip route
• Note route entries for other LAB’s VLAN ´s
• Note Loopback addresses of other LAB’s as advertised by assigning IP to ISIS.
• vsp4k1-1:1(config)#show ip isis redistribute
• In this lab, we are just redistributing direct (local VLAN) interfaces
• OSPF, RIP, Static and BGP can be redistributed as well.
Establishing High Availability Access
Layer Connectivity
• Objective
• Configure Aggregation/Site Core Layer for SMLT/RSMLT to
the Access Layer
• Create an MLT between VSP4k pairs for the vIST
• Configure the vIST
• Configure MLT for the Access Layer
• Configure the Access Layer
• Create an MLT between ERS3k/4k and the Core VSP4k’s
All lab group switches:
Port 1/50 NNI
MLT from Edge
RSMLT to Edge
HA Peers w/ vIST
HA Peers w/ vIST
RSMLT to Edge
MLT from Edge
Configuring Access Layer HA Aggregation
Be sure to Write Mem or Save Config
often!
Configure VSP4k Pairs for SMLT/RSMLT –
Step 1 of 2
• Disable ISIS
• vsp4k1-1:1(config)#no router isis enable
• Do you want to continue (y/n) ? Y
• Configure the SMLT Peer System‐ID
•
•

•
•
vsp4k1-1:1(config)#router isis
vsp4k1-1:1(config-isis)#spbm 1 smlt-peer-system-id xxxx.xxxx.xxxx
xxxx.xxxx.xxxx=Peer System-ID (Default Base MAC of Peer)
vsp4k1-1:1(config-isis)#exit
Note – Use ‘show isis system‐id’ on the Peer Switch to locate the System ID
• Create a vIST MLT (Link Aggregation Group) Between Individual LAB VSP4k Pairs:
•
•
•
•
vsp4k1-1:1(config)#mlt 512 enable
vsp4k1-1:1(config)#mlt 512 member 1/1-1/2
vsp4k1-1:1(config)#mlt 512 encapsulation dot1q
Note – This is not strictly necessary since the vIST can run over any SPB connection between two VSP’s.
However, if near each other physically, a direct connection is recommended
• Enable SPB on the MLT
•
•
•
•
•
vsp4k1-1:1(config)#interface mlt 512
vsp4k1-1:1(config-mlt)#isis
vsp4k1-1:1(config-mlt)#isis spbm 1
vsp4k1-1:1(config-mlt)#isis enable
vsp4k1-1:1(config-mlt)#exit
Configure VSP4k Pairs for SMLT/RSMLT –
Step 2 of 2
• Create a VLAN to Carry the vIST Traffic
• vsp4k1-1:1(config)#vlan create 4000 name IST type port-mstprstp 0
• vsp4k1-1:1(config)#vlan i-sid 4000 x04000
 x=Clúster
• Configure an IP Address for the vIST VLAN
•
•

•
vsp4k1-1:1(config)#interface vlan 4000
vsp4k1-1:1(config-if)#ip address 192.168.x.y 255.255.255.0
x=Lab, y=Unit
Note – Notice the subnet mask usage. While the VSP supports CIDR prefix or dotted decimal notations,
other products may require the full subnet mask (i.e. ERS series)
• Configure the IP Address of the VSP4k Peer vIST Member
• vsp4k1-1:1(config-if)#virtual-ist peer-ip 192.168.x.z vlan 4000
 x=Lab, z=Unit Number of LAB Peer
• Enable ISIS
• vsp4k1-1:1(config)#router isis enable
• Enable the Interfaces Comprising the vIST MLT
•
•
•
•
•
vsp4k1-1:1(config)#interface gigabitEthernet 1/1-1/2
vsp4k1-1:1(config-if)#no spanning-tree mstp force-port-state enable
Are you sure you want to continue (y/n) ? y
vsp4k1-1:1(config-if)#no shutdown
vsp4k1-1:1(config-if)#exit
Configure VSP4k Pairs for SMLT/RSMLT
–VerifyVerification
vIST Operation and SMLT Peer Info
• show virtual‐ist
 State should be up
• show isis spbm
 Verifty SMLT Peer info
• show isis adjacencies
 two adjacencies up
• show isis interface
 two interfaces up
• show isis lsdb
• show isis spbm ? [For Additional Commands]
 more entries (neighbors)
Configure VSP4k SMLT Uplinks to Access
Layer
• Globally Enable VLACP
• vsp4k1-1:1(config)#vlacp enable
• Note – VLACP is not required but is recommended to avoid traffic loss due to cable issues
• Create an MLT (Link Aggregation Group) to the Access Layer
• vsp4k1-1:1(config)#mlt 1 enable
• vsp4k1-1:1(config)#mlt 1 member 1/3
• vsp4k1-1:1(config)#mlt 1 encap dot1q
• Configure MLT as an SMLT
• vsp4k1-1:1(config)#interface mlt 1
• vsp4k1-1:1(config-mlt)#smlt
• vsp4k1-1:1(config-mlt)#exit
• Enable the Interface Comprising the Access Layer MLT & Enable VLACP
•
•
•
•
vsp4k1-1:1(config)#interface gigabitEthernet 1/3
vsp4k1-1:1(config-if)#no spanning-tree mstp force-port-state enable
vsp4k1-1:1(config-if)#vlacp fast-periodic-time 500
vsp4k1-1:1(config-if)#vlacp timeout short timeout-scale 5 funcmacaddr 180.c200.f
• vsp4k1-1:1(config-if)#vlacp enable
• vsp4k1-1:1(config-if)#no shutdown
• vsp4k1-1:1(config-if)#exit
Configure VSP4k SMLT Uplinks to Access
Layer
– Verification
Verify MLT and SMLT State
• show mlt
 Note MLT Admin vs. MLT Current
• show smlt mlt
 Note Admin vs. Current
The current state of an SMLT link will show ‘norm’ if the other side of the link is down, hasn’t yet
been configured or is misconfigured. Since we haven’t configured the ERS3k/4k, the current state
will show ‘norm’.
Note – The state of the vIST will show ‘norm’ for both Admin and Current. This is expected as it’s
a normal MLT. Unlike some earlier products, the vIST functions are handled within SPB and not
the underlying MLT aggregation group. Hence, you wouldn’t see the MLT state for the IST
showing ‘IST’ as you would with other products. Using the ‘show virtual‐ist’ will give you
configuration and current state information.
Configure ERS3k/4k Uplinks to
Aggregation/Core Layer
• Access the ERS3k/4k Console
• Configure MLT Group for the Uplinks to the Core VSP4k’s
• ers4k1(config)#mlt 1 name AggBlock1 member 1-2 learning disable
• ers4k1(config)#mlt 1 enable
• Note – “learning disable “ disables Spanning Tree on the MLT ports
• Configure the VLACP MAC and enable VLACP globally.
• ers4k1(config)#vlacp macaddress 180.c200.f
• ers4k1(config)#vlacp enable
• Note – The VLACP MAC Address MUST match on both sides of the connection. Otherwise, the MLT will
not be formed.
• Enable VLACP on the Uplink Ports
•
•
•
•
•
•
ers4k1(config)#interface FastEthernet all
ers4k1(config-if)#vlacp port 1-2 timeout short
ers4k1(config-if)#vlacp port 1-2 fast-periodic-time 500
ers4k1(config-if)#vlacp port 1-2 timeout-scale 5
ers4k1(config-if)#vlacp port 1-2 enable
ers4k1(config-if)#exit
Configure VSP4k SMLT Uplinks to Access
Layer
– Verification
On the VSP4k ‐ Verify MLT & SMLT State
• show mlt
 Note MLT Admin vs. MLT Current
• show smlt mlt
 Note Admin vs. Current
Has the current state changed? If the Admin State shows ‘smlt’, yet the Current state shows ‘norm’
(instead of ‘smlt’):
‐ Is your peer configured yet?
‐ Are the interfaces enabled?
‐ Is the Access Layer switch MLT enabled?
‐ Is VLACP configured correctly and enabled?
On the ERS3k/4k ‐ Verify MLT Status
• show mlt
 Note the Status
Verify VLACP Status (ERS & VSP)
• ERS & VSP: show vlacp
 Note the Status
• ERS: show vlacp interface x
 Note the ADMIN & OPER state & values
• VSP Switch: show vlacp interface gigabit x/y
 Note the ADMIN & OPER state & values
Stop Here
Lab Flow
•
•
•
•
•
•
•
•
•
•
•
VSP 4000/8000 Accessing and Basics
Review VSP 4000/8000 Software Upgrades and Licenses
Enabling SPB on the switch
Creating and testing SPB NNI links
Creating and testing Layer 2 VSNs
Creating and testing IP Shortcuts
Establishing High Availability Access Layer Connectivity
Creating Routed VLAN’s for the Access Layer
Configuring Access Layer Best Practices
Configuring Multicast Services
Configuring and testing Layer 3 VSNs
Creating Routed VLAN’s for the Access
Layer
• Objective
• Configure Routed Data & Voice VLAN’s on the VSP4k’s
• Create VLAN’s and Assign IP Addresses
• Configure VLAN’s for RSMLT Operation
• Assign VLAN’s to Access Layer Uplinks
• Configure Data, Voice & Management VLAN’s on the ERS
• Create and assign the Management VLAN & IP
• Configure VLAN’s
• Assign VLAN’s to Aggregation/Core Layer Uplinks
• IP Subnets of Other LAB’s Will be Learned via IP Shortcuts
Create Routed VLAN’s for RSMLT
Operation – Step 1 of 2
• Access the VSP4k
• Enable RSMLT Edge Support
• vsp4k1-1:1(config)#ip rsmlt edge-support
• Note – RSMLT Edge Support will save the RSMLT peer IP/MAC in the config file in the event the peer
doesn’t restore after a simultaneous restart of both RSMLT systems
• Create VLAN’s for Data and Voice
•
•
•
•
vsp4k1-1:1(config)#vlan
vsp4k1-1:1(config)#vlan
vsp4k1-1:1(config)#vlan
vsp4k1-1:1(config)#vlan
create 10 name Data type port-mstprstp 0
i-sid 10 x00010
 x=lab number
create 20 name Voice type port-mstprstp 0
i-sid 20 x00020
 x=lab number
• Assign IP Address to the Data VLAN, Configure RSMLT and DHCP‐Relay
•
•

•
•
•
•
•
•
vsp4k1-1:1(config)#interface vlan 10
vsp4k1-1:1(config-if)#ip address 10.1x.10.y/24
x=lab number y=unit number
vsp4k1-1:1(config-if)#ip rsmlt
vsp4k1-1:1(config-if)#ip rsmlt holdup-timer 9999
vsp4k1-1:1(config-if)#ip dhcp-relay
vsp4k1-1:1(config-if)#ip dhcp-relay fwd-path 135.20.74.30
vsp4k1-1:1(config-if)#ip dhcp-relay fwd-path 135.20.74.30 enable
vsp4k1-1:1(config-if)#exit
Create Routed VLAN’s for RSMLT
Operation – Step 2 of 2
• Assign IP Address to the Voice VLAN, Configure RSMLT and DHCP‐Relay
•
•

•
•
•
•
•
•
vsp4k1-1:1(config)#interface vlan 20
vsp4k1-1:1(config-if)#ip address 10.1x.20.y/24
x=lab number y=unit number
vsp4k1-1:1(config-if)#ip rsmlt
vsp4k1-1:1(config-if)#ip rsmlt holdup-timer 9999
vsp4k1-1:1(config-if)#ip dhcp-relay
vsp4k1-1:1(config-if)#ip dhcp-relay fwd-path 135.20.74.30
vsp4k1-1:1(config-if)#ip dhcp-relay fwd-path 135.20.74.30 enable
vsp4k1-1:1(config-if)#exit
• Configure Existing Management VLAN 100 for RSMLT Operation
•
•
•
•
vsp4k1-1:1(config)#interface vlan 100
vsp4k1-1:1(config-if)#ip rsmlt
vsp4k1-1:1(config-if)#ip rsmlt holdup-timer 9999
vsp4k1-1:1(config-if)#exit
• Assign VLAN 10, 20 and 100 to the Access Layer MLT
• vsp4k1-1:1(config)#vlan members add 10 1/3
• vsp4k1-1:1(config)#vlan members add 20 1/3
• vsp4k1-1:1(config)#vlan members add 100 1/3