RRPP configuration experiment of Huawei Switch

In the work encountered H3C and HW RRPP configuration, the following is the Huawei simulator to do another experiment. We all come together to discuss the problems encountered.

"Theoretical basis"

RRPP specific theory See configuration Manual

Here are just a few things that are prone to error.

1, as the RRPP loop interface to close STP

2. Two IMPORTANT commands:

Control-vlan vlan-id command to create a control VLAN.

The control VLAN specified by the parameter Vlan-id and the child control VLAN specified by vlan-id+1 must be VLANs that have not been created and have not been used by Port trunk, mapping, stacking, and so on.

Each RRPP domain is equipped with two control VLANs, the main control VLAN and the child control VLAN respectively. When configured, you only need to specify the primary control VLAN, and a VLAN that is 1 greater than the main control VLAN ID value is the child control VLAN.

Control VLAN is not directly modified after the creation, you can delete the domain first, and then reconfigure the way to modify, or through the Undo Control-vlan command to control the VLAN removed after the way to reconfigure. The child control VLAN is deleted when the domain is deleted.

Protected-vlan reference-instance {instance-id1 [to Instance-id2]} &<1-10> | all}, configure the list of protected VLANs for the RRPP domain.

RRPP ports allow VLAN to be configured to protect VLANs, including data VLANs and control VLANs.

Description

Configuring the RRPP Protection VLAN list requires the following considerations:

You must configure the Protection VLAN before configuring the RRPP loop.

You can remove and modify a protected VLAN that is already configured before configuring the RRPP loop. Changes to the protected VLAN are not allowed after the loop is configured.

In the same physical topology, the control VLAN for this domain cannot be a protected VLAN for other domains.

The control VLAN must be in the protected VLAN range, otherwise the configuration loop is not allowed.

The control VLAN allows other instances to be added before the loop is created, and no changes are allowed after the loop is created, unless the domain is deleted.

When the instance and VLAN mapping relationships change, the protection VLAN of the RRPP domain changes.

All VLANs allowed by the RRPP port should be protected by the RRPP domain.

3, RRPP under the port do not allow control VLAN through.

4, RRPP in STP domain to the Control VLAN to join the domain.

"Experimental Software and Topology"

ENSP 1.0 simulator, praise, this simulator is really good! Have not been how to contact before, use up quite conveniently, and the real environment is similar.

Switch Selection S5700

The connected interfaces are as follows, LSW0-G0/0/1-----------G0/0/1-LSW1-G0/0/2------------G0/0/1--LSW2-G0/0/2-----------G0/0/2-LSW1

This column more highlights: http://www.bianceng.cnhttp://www.bianceng.cn/Network/jhjs/

LSW0 as the primary node, 0/0/2 as the primary port, 0/0/1 as the secondary port, after the configuration is complete 0/0/1 is blocked logically.

LSW1 and LSW2 as transmission nodes, the port principal pair of the transmission node is irrelevant, but it is recommended to be configured regularly in the actual project.

The configuration script is as follows:

<sw0>dis CU

#

sysname SW0

#

VLAN Batch to 21

#

RRPP Enable

#

Cluster enable

NTDP Enable

NDP enable

#

Drop Illegal-mac Alarm

#

DiffServ domain Default

#

STP Region-configuration

Instance 1 VLAN to 300

Active Region-configuration

#

RRPP Domain 1

Control-vlan 20

Protected-vlan Reference-instance 1

Ring 1 Node-mode Master Primary-port GIGABITETHERNET0/0/2 Secondary-port GIGABITETHERNET0/0/1 Level 0

Ring 1 Enable

#

Drop-profile Default

#

Aaa

Authentication-scheme Default

Authorization-scheme Default

Accounting-scheme Default

Domain default

Domain Default_admin

Local-user Admin Password Simple admin

Local-user Admin Service-type http

#

Interface VLANIF1

#

Interface METH0/0/1

#

Interface GIGABITETHERNET0/0/1

Port Link-type Trunk

Port Trunk Allow-pass VLAN to 300

STP Disable

#

Interface GIGABITETHERNET0/0/2

Port Link-type Trunk

Port Trunk Allow-pass VLAN to 300

STP Disable

#

[Sw1]dis CU

#

sysname SW1

#

VLAN Batch to 21

#

RRPP Enable

#

Cluster enable

NTDP Enable

NDP enable

#

Drop Illegal-mac Alarm

#

DiffServ domain Default

#

STP Region-configuration

Instance 1 VLAN to 300

Active Region-configuration

#

RRPP Domain 1

Control-vlan 20

Protected-vlan Reference-instance 1

Ring 1 Node-mode Transit primary-port GIGABITETHERNET0/0/1 Secondary-port GIGABITETHERNET0/0/2 Level 0

Ring 1 Enable

#

Drop-profile Default

#

Aaa

Authentication-scheme Default

Authorization-scheme Default

Accounting-scheme Default

Domain default

Domain Default_admin

Local-user Admin Password Simple admin

Local-user Admin Service-type http

#

Interface VLANIF1

#

Interface METH0/0/1

#

Interface GIGABITETHERNET0/0/1

Port Link-type Trunk

Port Trunk Allow-pass VLAN to 300

STP Disable

#

Interface GIGABITETHERNET0/0/2

Port Link-type Trunk

Port Trunk Allow-pass VLAN to 300

STP Disable

#

<sw2>dis CU

#

sysname SW2

#

VLAN Batch to 21

#

RRPP Enable

#

Cluster enable

NTDP Enable

NDP enable

#

Drop Illegal-mac Alarm

#

DiffServ domain Default

#

STP Region-configuration

Instance 1 VLAN to 300

Active Region-configuration

#

RRPP Domain 1

Control-vlan 20

Protected-vlan Reference-instance 1

Ring 1 Node-mode Transit primary-port GIGABITETHERNET0/0/1 Secondary-port GIGABITETHERNET0/0/2 Level 0

Ring 1 Enable

#

Drop-profile Default

#

Aaa

Authentication-scheme Default

Authorization-scheme Default

Accounting-scheme Default

Domain default

Domain Default_admin

Local-user Admin Password Simple admin