In the work encountered H3C and HW RRPP configuration, the following is the Huawei simulator to do another experiment. We all come together to discuss the problems encountered.
"Theoretical basis"
RRPP specific theory See configuration Manual
Here are just a few things that are prone to error.
1, as the RRPP loop interface to close STP
2. Two IMPORTANT commands:
Control-vlan vlan-id command to create a control VLAN.
The control VLAN specified by the parameter Vlan-id and the child control VLAN specified by vlan-id+1 must be VLANs that have not been created and have not been used by Port trunk, mapping, stacking, and so on.
Each RRPP domain is equipped with two control VLANs, the main control VLAN and the child control VLAN respectively. When configured, you only need to specify the primary control VLAN, and a VLAN that is 1 greater than the main control VLAN ID value is the child control VLAN.
Control VLAN is not directly modified after the creation, you can delete the domain first, and then reconfigure the way to modify, or through the Undo Control-vlan command to control the VLAN removed after the way to reconfigure. The child control VLAN is deleted when the domain is deleted.
Protected-vlan reference-instance {instance-id1 [to Instance-id2]} &<1-10> | all}, configure the list of protected VLANs for the RRPP domain.
RRPP ports allow VLAN to be configured to protect VLANs, including data VLANs and control VLANs.
Description
Configuring the RRPP Protection VLAN list requires the following considerations:
You must configure the Protection VLAN before configuring the RRPP loop.
You can remove and modify a protected VLAN that is already configured before configuring the RRPP loop. Changes to the protected VLAN are not allowed after the loop is configured.
In the same physical topology, the control VLAN for this domain cannot be a protected VLAN for other domains.
The control VLAN must be in the protected VLAN range, otherwise the configuration loop is not allowed.
The control VLAN allows other instances to be added before the loop is created, and no changes are allowed after the loop is created, unless the domain is deleted.
When the instance and VLAN mapping relationships change, the protection VLAN of the RRPP domain changes.
All VLANs allowed by the RRPP port should be protected by the RRPP domain.
3, RRPP under the port do not allow control VLAN through.
4, RRPP in STP domain to the Control VLAN to join the domain.
"Experimental Software and Topology"
ENSP 1.0 simulator, praise, this simulator is really good! Have not been how to contact before, use up quite conveniently, and the real environment is similar.
Switch Selection S5700
The connected interfaces are as follows, LSW0-G0/0/1-----------G0/0/1-LSW1-G0/0/2------------G0/0/1--LSW2-G0/0/2-----------G0/0/2-LSW1
This column more highlights: http://www.bianceng.cnhttp://www.bianceng.cn/Network/jhjs/
LSW0 as the primary node, 0/0/2 as the primary port, 0/0/1 as the secondary port, after the configuration is complete 0/0/1 is blocked logically.
LSW1 and LSW2 as transmission nodes, the port principal pair of the transmission node is irrelevant, but it is recommended to be configured regularly in the actual project.
The configuration script is as follows:
<sw0>dis CU
#
sysname SW0
#
VLAN Batch to 21
#
RRPP Enable
#
Cluster enable
NTDP Enable
NDP enable
#
Drop Illegal-mac Alarm
#
DiffServ domain Default
#
STP Region-configuration
Instance 1 VLAN to 300
Active Region-configuration
#
RRPP Domain 1
Control-vlan 20
Protected-vlan Reference-instance 1
Ring 1 Node-mode Master Primary-port GIGABITETHERNET0/0/2 Secondary-port GIGABITETHERNET0/0/1 Level 0
Ring 1 Enable
#
Drop-profile Default
#
Aaa
Authentication-scheme Default
Authorization-scheme Default
Accounting-scheme Default
Domain default
Domain Default_admin
Local-user Admin Password Simple admin
Local-user Admin Service-type http
#
Interface VLANIF1
#
Interface METH0/0/1
#
Interface GIGABITETHERNET0/0/1
Port Link-type Trunk
Port Trunk Allow-pass VLAN to 300
STP Disable
#
Interface GIGABITETHERNET0/0/2
Port Link-type Trunk
Port Trunk Allow-pass VLAN to 300
STP Disable
#
[Sw1]dis CU
#
sysname SW1
#
VLAN Batch to 21
#
RRPP Enable
#
Cluster enable
NTDP Enable
NDP enable
#
Drop Illegal-mac Alarm
#
DiffServ domain Default
#
STP Region-configuration
Instance 1 VLAN to 300
Active Region-configuration
#
RRPP Domain 1
Control-vlan 20
Protected-vlan Reference-instance 1
Ring 1 Node-mode Transit primary-port GIGABITETHERNET0/0/1 Secondary-port GIGABITETHERNET0/0/2 Level 0
Ring 1 Enable
#
Drop-profile Default
#
Aaa
Authentication-scheme Default
Authorization-scheme Default
Accounting-scheme Default
Domain default
Domain Default_admin
Local-user Admin Password Simple admin
Local-user Admin Service-type http
#
Interface VLANIF1
#
Interface METH0/0/1
#
Interface GIGABITETHERNET0/0/1
Port Link-type Trunk
Port Trunk Allow-pass VLAN to 300
STP Disable
#
Interface GIGABITETHERNET0/0/2
Port Link-type Trunk
Port Trunk Allow-pass VLAN to 300
STP Disable
#
<sw2>dis CU
#
sysname SW2
#
VLAN Batch to 21
#
RRPP Enable
#
Cluster enable
NTDP Enable
NDP enable
#
Drop Illegal-mac Alarm
#
DiffServ domain Default
#
STP Region-configuration
Instance 1 VLAN to 300
Active Region-configuration
#
RRPP Domain 1
Control-vlan 20
Protected-vlan Reference-instance 1
Ring 1 Node-mode Transit primary-port GIGABITETHERNET0/0/1 Secondary-port GIGABITETHERNET0/0/2 Level 0
Ring 1 Enable
#
Drop-profile Default
#
Aaa
Authentication-scheme Default
Authorization-scheme Default
Accounting-scheme Default
Domain default
Domain Default_admin
Local-user Admin Password Simple admin