Scribd
Upload
35 views22 pages

01.layer 2 Technologies Advanced LAB

Uploaded by

MD Mario
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
35 views22 pages

01.layer 2 Technologies Advanced LAB

Uploaded by

MD Mario
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 22

Lab 2: Layer 2 technologies advanced

Contents
Introduction to LAB 1 .............................................................................................. 2
Exercise 1: Install H3C Cloud Lab ............................................................................. 2
Task 1: Install the H3C Cloud Lab simulator .............................................................................................. 2
Task 2: Run and test the simulator ............................................................................................................ 2

Exercise 2: Link aggregation (LACP) ......................................................................... 3


Exercise 3: Multiple Spanning Tree Protocol ........................................................... 8
Exercise 4: Intelligent Resilient Framework (IRF) ................................................... 12
Exercise 5: LACP between IRF stack and a standalone switch. LACP MAD ............. 17
Task 1: Create the topology .................................................................................................................... 17
Task 2: Test IRF split stack without MAD (Multi Active Detection) ......................................................... 19
Task 3: Configure LACP MAD ................................................................................................................... 20
Task 4: Test the IRF split stack and MAD ................................................................................................. 21

© SoftUni – https://softuni.org. Copyrighted document. Unauthorized copy, reproduction or use is not permitted.
Follow us: Page 1 of 22
Introduction to LAB 1

In this lab, we are going to use another simulator – H3C Cloud Lab. This is a HPE
device simulator, which simulates the Comware operating system. With this
simulator, you are going to configure link aggregation, spanning tree (MSTP) and
device stacking (IRF)

Exercise 1: Install H3C Cloud Lab

H3C Cloud Lab is a software simulator and it runs on top of Oracle’s VirtualBox
virtualization. That is why, when you start with the installation of H3C Cloud Lab, it
will also install VirtualBox.
The two latest versions of the H3C Cloud Lab are “HCL_v5.5.0” (latest as of
18.12.2022) and “HCL_v3.0.1.1”
Each of the above versions will install VirtualBox version 6.0.14.
Please note, that you have to uninstall previous versions of HCL and VirtualBox
prior installing the updated HCL version. It can be downloaded from here or from
the course resources. Also, if you are using Hyper-V on your Windows machine,
you have to uninstall or disable it (you may use the instructions from this link if
you just want to disable it).

Task 1: Install the H3C Cloud Lab simulator

When you find and download the correct version, install the H3C Cloud Lab
simulator. Use the default settings unless you have some special requirements.
Note: Even if it is not required by the setup, you may need to reboot your machine
after the installation if you have issues with adding or starting the simulated
devices.

Task 2: Run and test the simulator

© SoftUni – https://softuni.org. Copyrighted document. Unauthorized copy, reproduction or use is not permitted.
Follow us: Page 2 of 22
Open the H3C Cloud Lab and learn how to use it. You can search for a
documentation how to use it, but typically, you just need to move/drag devices
(switches, routers and other) to the topology area, start them (right click -> Start),
connect to the console (right click -> Start CLI) and create connections between
them. Note that when you add and start a device it actually runs in VirtualBox
behind the scenes.

Exercise 2: Link aggregation (LACP)

1. Using the H3C Cloud Lab simulator, move four devices to the topology –
two switches and two routers.

2. Rename the devices (right click -> rename) so the routers become Host1
and Host2 and the switches become SW-1 and SW-2. Please note that
renaming is possible only when the devices are stopped
3. Use the Add links tool to connect the devices as per the picture below. Use
the GigabitEthernet option for the links

© SoftUni – https://softuni.org. Copyrighted document. Unauthorized copy, reproduction or use is not permitted.
Follow us: Page 3 of 22
Note: Connect SW-1 and SW-2 with two links – they will be used to create the link
aggregation group.
Note: You can show/hide the device and interface names by selecting the correct
icon

4. Assign IP addresses. Set 10.1.1.1/24 to GE0/0 on Host1 (which is the first


router) and 10.1.1.2/24 to GE0/0 on Host2 (which is the second router).

To assign an IP address on HPE Comware, use the following commands (the


example is for Host1):
• From the user view <>, go to system view [], by typing sys
• From system view, type interface GigabitEthernet 0/0

© SoftUni – https://softuni.org. Copyrighted document. Unauthorized copy, reproduction or use is not permitted.
Follow us: Page 4 of 22
• If needed, enable the interface by typing undo shutdown
• Set the IP address: ip address 10.1.1.1 24

5. Test the connectivity between Host1 and Host2 using ping – it should
succeed
6. Check STP.
SW-1 and SW-2 are connected to each other with two links which is a
potential loop problem. The good news is that spanning tree is turned on by
default so it should have already blocked one of the ports.

To check if STP is working, the port roles and states, who is the Root and
other related information, use display stp commands. Some of the most
useful are:

• display stp brief


• display stp interface [interface number]
• display stp

7. Configure link aggregation. We are going to use static LACP (Link


Aggregation Control Protocol)
Use the following procedure to create a virtual port for link aggregation and
to assign the two physical ports to the newly created virtual one. The
example below uses SW-1 and the two physical ports GE1/0/2 and
GE1/0/3:
• interface Bridge-Aggregation 1

© SoftUni – https://softuni.org. Copyrighted document. Unauthorized copy, reproduction or use is not permitted.
Follow us: Page 5 of 22
• link-aggregation mode dynamic
• quit
• interface GigabitEthernet 1/0/2
• port link-aggregation group 1
• quit
• interface GigabitEthernet 1/0/3
• port link-aggregation group 1

Note: Believe it or not, the command link-aggregation mode dynamic actually


configures the virtual port for static LACP. This is Comware (HPE) specific
terminology and logic. If the mode is configured as “static” (you simply do not
type the above command), this means that the virtual port will be configured
without any link aggregation protocol.

Use the same procedure to do this for SW-2.

8. Check the link aggregation configuration.


There are several useful commands to check link aggregation configuration.
One of the most useful is display link-aggregation verbose. Several things
to note about the output of this command:
• Aggregation mode is dynamic. As we already know, this actually
means “static LACP” (If the aggregation mode is static, this would
mean “link aggregation without a protocol like LACP”)
• The individual physical port’s status is S, which means selected – this
is a good sign that LACP is working properly
• The flags. Typically, when you see the flags ACDEF for the physical
ports, this means that the static LACP is working properly – not only
on our side, but on the remote device as well

© SoftUni – https://softuni.org. Copyrighted document. Unauthorized copy, reproduction or use is not permitted.
Follow us: Page 6 of 22
Another useful command to check will be display stp brief. If the LACP
configuration is working correct, you should see something like the output below
– spanning tree does not “see” GE1/0/2 and GE1/0/3 as two individual ports and
instead, it “sees” it as one port – the Bridge-Aggregation1 port.

9. Test link failure.


The benefits of link aggregation are two – first, we want to increase the
bandwidth and second, we have redundancy in the case of one physical
link/cable/port down. This is what we are going to simulate now. To do this,
open a continuous ping from Host1 to Host1 and then delete one of the
links.
You can use ping -c 1000 10.1.1.2 to initiate ping from Host1 with 1000
requests to the destination - Host2. While the ping is running, try deleting
one of the links and monitor the results – the ping should continue to work,
you may lose maximum several packets. Then, recreate the link-aggregation

© SoftUni – https://softuni.org. Copyrighted document. Unauthorized copy, reproduction or use is not permitted.
Follow us: Page 7 of 22
by connecting again the second cable, and delete the other one. You should
see that the ping does not stop.

Exercise 3: Multiple Spanning Tree Protocol

In this exercise, you will have three switches and four VLANs – 5,6,7 and 8. Then,
you will create MSTP configuration with two instances – Instance 1 and Instance 2.
Each of the instances will be mapped (associated) with two VLANs (Instance 1 to
VLAN 5 and VLAN 6 and Instance 2 to VLAN 7 and VLAN 8). Finally, you will make
one of the switches Root for Instance 1 and another switch – Root for Instance 2.

1. Create the topology. Move three switches to the topology and using the
Add links tool connect them to each other as per the picture below

© SoftUni – https://softuni.org. Copyrighted document. Unauthorized copy, reproduction or use is not permitted.
Follow us: Page 8 of 22
2. Create the four VLANs in each switch. To do this, you have to go first to
system view (by typing sys) and then use the VLAN X command. On each
switch check if you have configured all the VLANs by typing display VLAN. In
the picture below, “5-8” is a range and means that we have all the VLANs

3. Configure the trunk ports.


On each switch, you need to configure the connected ports to be trunk. To
do this:
• sys
• interface G1/0/1
• port link-type trunk
• port trunk permit vlan all
• interface G1/0/2
• port link-type trunk
• port trunk permit vlan all

4. Look at the STP/MSTP configuration at this moment – each switch is in its


own region, because their “Region names” are different (by default this is

© SoftUni – https://softuni.org. Copyrighted document. Unauthorized copy, reproduction or use is not permitted.
Follow us: Page 9 of 22
the MAC address of each switch). Type display stp region-configuration on
two of the switches (doesn’t matter which two exactly) and you will see the
different regions

5. Put all three switches in the same region.


Now, for each switch, you need to configure two instances, assign VLANs to
them and make them part of the same region by configuring exactly the
same the three configuration options:
• Region name
• Revision level
• VLAN to instance mappings (Configuration digest)

On each of the switches, create the following configuration:


sys – goes to system view
stp region-configuration – enters to MSTP configuration mode
region-name SoftUni (this is case sensitive!) – sets the region name
revision-level 1 – sets the revision level/number
instance 1 vlan 5 6 – creates Instance 1 and associates VLAN 5 and VLAN 6
to Instance 1
instance 2 vlan 7 8 – creates Instance 2 and associates VLAN 7 and VLAN 8
to Instance 2

© SoftUni – https://softuni.org. Copyrighted document. Unauthorized copy, reproduction or use is not permitted.
Follow us: Page 10 of 22
active region-configuration – activates the configuration (without this, it
will not be applied)

6. Check your MSTP configuration.


Type display stp region-configuration on each switch again. This time, the
output should be exactly the same on each switch, meaning that they are in
the same region.

7. Set priorities for the instances.


On the first switch, type:

© SoftUni – https://softuni.org. Copyrighted document. Unauthorized copy, reproduction or use is not permitted.
Follow us: Page 11 of 22
sys
stp instance 1 priority 0

On the second switch, type:


sys
stp instance 2 priority 0

8. Check the roots for the instances.


Now, with display commands, confirm that the first switch is Root for
Instance 1 (VLAN 5 and VLAN 6) and the second switch is Root for Instance 2
(VLAN 7 and VLAN 8). Also, you can see which ports are forwarding and
which are blocked for the particular instance. Use these commands on all
switches:

• display stp instance 1


• display stp instance 2

Exercise 4: Intelligent Resilient Framework (IRF)

The Intelligent Resilient Framework, or IRF, is a HPE Comware stacking technology.


To mention some of the benefits:
• Redundancy
• More physical ports
• Simplicity – a single device to manage
• Efficiency – no blocked ports (like in STP)
• Fast failover

In this exercise, you are going to configure IRF with two switches from the H3C
Cloud Lab simulator.

© SoftUni – https://softuni.org. Copyrighted document. Unauthorized copy, reproduction or use is not permitted.
Follow us: Page 12 of 22
1. Create the topology. Move two switches to the topology and using the Add
links tool connect them to each other using two Ten-GigabitEthernet
connections (remember, 10Gbps is a requirement for IRF)

2. Prepare the devices.


Rename the switches to SW-1 and SW-2 in the topology (right click ->
Rename). Remember, you can do this only if the devices are stopped. Then,
go in the device configurations and rename them with the same names (as
the names in the topology). To do this, you need to go to system view (type
sys) and then rename each device by typing sysname SW-1 (for the first
switch) and sysname SW-2 (for the second switch)
3. Create the IRF configuration.
Below is the step-by-step procedure to configure IRF and to create one
virtual device from the two physical switches. The commands are in bold
and next to each command is an explanation of what it does. Please note
that the order of execution is very important.

You may have different interfaces/ports which you use to connect the
switches and that is why we will use X and Y for the last portion of the
interface number:

© SoftUni – https://softuni.org. Copyrighted document. Unauthorized copy, reproduction or use is not permitted.
Follow us: Page 13 of 22
1/0/X = First ten gigabit interface on switch
1/0/Y = Second ten gigabit interface on switch

SW-1:
sys – goes to system view
irf member 1 priority 32 – sets the highest priority, because we want SW-1
to be the Master
interface ten-gigabit 1/0/X – enters into the first physical interface
configuration
shutdown – shuts down the port
interface ten-gigabit 1/0/Y - enters into the second physical interface
configuration
shutdown – shuts down the port
quit – exits the interface configuration mode
irf-port 1/1 – creates the IRF virtual port and enters to its configuration
port group interface ten-gigabit 1/0/X - assigns the physical port to the
virtual port 1/1
port group interface ten-gigabit 1/0/Y - assigns the physical port to the
virtual port 1/1
quit – goes back to system view
save force – saves the config (at this moment this step is optional)

SW-2:
sys – goes to system view
irf member 1 renumber 2 – changes the Member ID of the second physical
switch (this is mandatory, since the Member ID of each switch should be
different)
save force – this saves the configuration
quit – exits and goes to “user” view
reboot – changing Member ID requires reboot.

Note: after SW-2 reboots, type display interface brief and pay attention on
something important - the interface numbers are now 2/0/X and not as
before – 1/0/X. This is because the Member ID (which is now 2 on this
switch) affects the port numbering.

© SoftUni – https://softuni.org. Copyrighted document. Unauthorized copy, reproduction or use is not permitted.
Follow us: Page 14 of 22
sys – goes to system view
interface ten-gigabit 2/0/X - enters into the first physical interface
configuration
shutdown – shuts down the port
interface ten-gigabit 2/0/Y - enters into the first physical interface
configuration
shutdown – shuts down the port
quit – exits the interface configuration mode
irf-port 2/2 - creates the IRF virtual port and enters to its configuration.
Note that port 1 on device 1 should be connected to port 2 on device 2 and
that is why we use the 2/2 port on this device
port group interface ten-gigabit 2/0/X - assigns the physical port to the
virtual port 2/2
port group interface ten-gigabit 2/0/Y - assigns the physical port to the
virtual port 2/2
quit – goes back to system view
save force – saves the config (at this moment this step is optional)

Do the following last:

SW-1:
interface ten-gigabit 1/0/X - enters into the first physical interface
configuration
undo shutdown – enables the port
interface ten-gigabit 1/0/Y - enters into the second physical interface
configuration
undo shutdown – enables the port
quit – goes back to system view
irf-port-configuration active – this activates IRF and the virtual port. Since
the configuration on SW-2 is not complete, nothing happens at this time.

SW-2:

© SoftUni – https://softuni.org. Copyrighted document. Unauthorized copy, reproduction or use is not permitted.
Follow us: Page 15 of 22
interface ten-gigabit 2/0/X - enters into the first physical interface
configuration
undo shutdown – enables the port
interface ten-gigabit 2/0/Y - enters into the second physical interface
configuration
undo shutdown – enables the port
quit – goes back to system view
save force – this save is very important! Why? Because it is just before the
IRF merge and if you do not save here, the following will happen: IRF merge
will occur -> the slave/standby member will reboot (this is SW-2) -> it will
run with disabled ports -> IRF stack will not work since the members are not
connected.

irf-port-configuration active - this activates IRF and the virtual port.

Now SW-2 should reboot and after this you should have the IRF stack up
and running. How to check this? There are several options:

• display irf – you should see the two members with their IDs, roles
and MAC addresses, who is the master and to which physical device
you are connected
• display irf topology – here you can see the topology – which IRF port
is connected to which member. This way you can understand if you
have daisy chain or ring topology
• display irf configuration – here you can see the virtual (IRF) ports to
the physical port mappings for each of the members of the stack
• display interface brief – this is not an IRF specific command but
looking at the number of the interfaces (and their names), you can
see that the stack has double number of ports comparing to the
single individual device – you can see the 1/0/X ports and 2/0/X
ports. And this is true regardless to which physical device you are
connected at the moment – they both are part of the IRF stack.

© SoftUni – https://softuni.org. Copyrighted document. Unauthorized copy, reproduction or use is not permitted.
Follow us: Page 16 of 22
You can do another test – set an IP address, for example on VLAN 1 and then type
display ip interface brief from each of the members of the IRF stack – you should
see the same IP address, because it is actually the same device.
Do not delete the topology, you will need it for the next exercise.

Exercise 5: LACP between IRF stack and a standalone switch. LACP MAD

In this exercise, we are going to create LACP between the IRF stack (from the
previous exercise) and another switch. This configuration can be used to increase
the redundancy, and this is enough reason to implement it, but we are going to
use it for one more thing – we are going to implement MAD (Multi-Active
Detection) using the LACP configuration

Task 1: Create the topology

1. Add one more switch to the topology and rename it to SW-3


2. Connect SW-3 to the IRF stack with two links – each link goes to a different
member of the stack. Now you can use gigabit connections

© SoftUni – https://softuni.org. Copyrighted document. Unauthorized copy, reproduction or use is not permitted.
Follow us: Page 17 of 22
3. Create the static LACP configuration
For SW-3, assuming that the connected ports are G1/0/1 and G1/0/2,
create the following configuration:

• system-view
• interface Bridge-Aggregation 1
• link-aggregation mode dynamic
• quit
• interface GigabitEthernet 1/0/1
• port link-aggregation group 1
• quit
• interface GigabitEthernet 1/0/2
• port link-aggregation group 1
• quit

For the IRF stack device, assuming that the connected ports are G1/0/1 and
G2/0/1 (note that these are the first ports from each module), create the
following configuration:

© SoftUni – https://softuni.org. Copyrighted document. Unauthorized copy, reproduction or use is not permitted.
Follow us: Page 18 of 22
• system-view
• interface Bridge-Aggregation 1
• link-aggregation mode dynamic
• quit
• interface GigabitEthernet 1/0/1
• port link-aggregation group 1
• quit
• interface GigabitEthernet 2/0/1
• port link-aggregation group 1
• quit

Note that it does not matter from which physical switch (or stack member)
you are doing this configuration – in either case you are working on the
same virtual device (that is the idea of IRF).
4. Check the LACP configuration.
To check if your configuration is working, use the following commands:

• display link-aggregation verbose


• display stp brief
The result should prove that LACP is working and spanning tree is not blocking any
port.

Task 2: Test IRF split stack without MAD (Multi Active Detection)

Connect a router (and rename it to Host1) to the second member of the IRF
stack (not the master). Configure IP address on VLAN 1 on the IRF stack and
configure IP address on the Host1 from the same network (the interface
which goes to the stack. Enable it if needed with undo shutdown). Then,
run a continuous ping from Host1 to the IRF stack (using ping -c 1000
IP_address). While the ping is running, disconnect/delete the links between
the members of the stack (the ten-gigabit links). Host1 should continue to

© SoftUni – https://softuni.org. Copyrighted document. Unauthorized copy, reproduction or use is not permitted.
Follow us: Page 19 of 22
have successful ping to SW-2 (which can be a problem, because SW-1 has
the same IP address)

Task 3: Configure LACP MAD

Now you will create LACP MAD in order to detect split-stack situation in the IRF
stack and to automatically disable most of the ports.
First, recreate the connections between the members of the stack (SW-1 and SW-
2). When you connect the switches with the two ten-gigabit links (using the same
interfaces), the IRF stack will recreate itself and SW-2 will reboot. Wait for SW-2 to
reboot and confirm that IRF stack is back on (you can use the display irf command
on either device)

Create LACP MAD configuration.


On the IRF stack, go to the virtual port (link aggregation) and enable LACP
mad:

© SoftUni – https://softuni.org. Copyrighted document. Unauthorized copy, reproduction or use is not permitted.
Follow us: Page 20 of 22
• interface Bridge-Aggregation 1
• mad enable

You can check LACP mad configuration with these commands:


• display mad
• display mad verbose
• Press Enter to assign the default domain ID: 0

Task 4: Test the IRF split stack and MAD

Repeat the procedure from Task 2 – make a continuous ping from Host1 to the IRF
stack (the IP address in VLAN 1) and in the meantime disconnect/delete the links
between the members of the stack. Since LACP MAD is running, it should detect
the split stack situation, trigger election process (who will become the “real
master”) and disable G2/0/2 (on SW-2), so the ping should stop.

© SoftUni – https://softuni.org. Copyrighted document. Unauthorized copy, reproduction or use is not permitted.
Follow us: Page 21 of 22
After this, you can reconnect the links (the ten-gigabit links) between the
members of the stack - SW-2 should reboot and the IRF stack should be recreated,
again.

You have completed LAB 1.

© SoftUni – https://softuni.org. Copyrighted document. Unauthorized copy, reproduction or use is not permitted.
Follow us: Page 22 of 22

You might also like