HP FlexFabric 5700 Configuration Manual Download

Page: 1 / 56

HPE FlexFabric 5700 Switch Series

MCE Configuration Guide

Part number: 5998-8586R
Software version: Release 2422P01 and later
Document version: 6W100-20160331

Summary of Contents for FlexFabric 5700

Page 1: ...HPE FlexFabric 5700 Switch Series MCE Configuration Guide Part number 5998 8586R Software version Release 2422P01 and later Document version 6W100 20160331 ...

Page 2: ...nd 12 212 Commercial Computer Software Computer Software Documentation and Technical Data for Commercial Items are licensed to the U S Government under vendor s standard commercial license Links to third party websites take you outside the Hewlett Packard Enterprise website Hewlett Packard Enterprise has no control over and is not responsible for information outside the Hewlett Packard Enterprise ...

Page 3: ... Configuring the MCE that uses EBGP to advertise VPN routes to the PE 21 Configuring IPv6 MCE 25 Overview 25 IPv6 MCE configuration task list 25 Configuring VPN instances 25 Creating a VPN instance 25 Associating a VPN instance with an interface 26 Configuring route related attributes for a VPN instance 26 Configuring routing on an MCE 27 Configuring routing between an MCE and a VPN site 27 Config...

Page 4: ...ecture A basic MPLS L3VPN architecture has the following types of devices Customer edge device A CE device resides on a customer network and has one or more interfaces directly connected to a service provider network It does not support VPN or MPLS Provider edge device A PE device resides at the edge of a service provider network and connects to one or more CEs All MPLS VPN services are processed ...

Page 5: ... the VPN instance to the PE s interface connected to the site A site can be associated with only one VPN instance and different sites can associate with the same VPN instance A VPN instance contains the VPN membership and routing rules of associated sites VPN IPv4 address Each VPN independently manages its address space The address spaces of VPNs might overlap For example if both VPN 1 and VPN 2 u...

Page 6: ...ort target attribute for VPN IPv4 routes learned from directly connected sites before advertising them to other PEs Import target attribute A PE checks the export target attribute of VPN IPv4 routes received from other PEs If the export target attribute matches the import target attribute of a VPN instance the PE adds the routes to the routing table of the VPN instance Route target attributes defi...

Page 7: ...ver or DHCP relay agent on the MCE When the MCE functions as the DHCP server the IP addresses assigned to different private networks cannot overlap MCE configuration task list Tasks at a glance Configuring VPN instances 1 Required Creating a VPN instance 2 Required Associating a VPN instance with an interface 3 Optional Configuring route related attributes for a VPN instance Configuring routing on...

Page 8: ...deletes the IP address of the current interface You must re configure an IP address for the interface after configuring the command Configuring route related attributes for a VPN instance Step Command Remarks 1 Enter system view system view N A 2 Enter VPN instance view or IPv4 VPN view Enter VPN instance view ip vpn instance vpn instance name Enter IPv4 VPN view a ip vpn instance vpn instance nam...

Page 9: ... be isolated from each other To configure a static route to a VPN site Step Command Remarks 1 Enter system view system view N A 2 Configure a static route for a VPN instance ip route static vpn instance s vpn instance name dest address mask length mask interface type interface number next hop address next hop address public track track entry number vpn instance d vpn instance name next hop address...

Page 10: ...an MCE and a VPN site Step Command Remarks 1 Enter system view system view N A 2 Create an OSPF process for a VPN instance and enter OSPF view ospf process id router id router id vpn instance vpn instance name Perform this configuration on the MCE On a VPN site create a common OSPF process An OSPF process bound to a VPN instance does not use the public network router ID configured in system view T...

Page 11: ...uring IS IS between an MCE and a VPN site An IS IS process belongs to the public network or a single VPN instance If you create an IS IS process without binding it to a VPN instance the process belongs to the public network Binding IS IS processes to VPN instances can isolate routes of different VPNs For more information about IS IS see Layer 3 IP Routing Configuration Guide To configure IS IS bet...

Page 12: ...eer peer group name ip address mask length enable By default BGP does not exchange IPv4 unicast routes with any peer 7 Allow the local AS number to appear in the AS_PATH attribute of routes received from the peer and set the maximum number of repetitions peer group name ip address mask length allow as loop number By default BGP discards incoming route updates that contain the local AS number 8 Red...

Page 13: ...er as number N A 5 Enter BGP VPN IPv4 unicast address family view address family ipv4 unicast N A 6 Enable BGP to exchange IPv4 unicast routes with the peer peer group name ip address mask length enable By default BGP does not exchange IPv4 unicast routes with any peer 7 Optional Configure the system to be the RR and specify the peer as the client of the RR peer group name ip address mask length r...

Page 14: ...rfaces to VPN instances Performing route configurations Redistributing VPN routes into the routing protocol running between the MCE and the PE Perform the following configurations on the MCE Configure the PE in the same way that you configure a PE in a basic MPLS L3VPN For more information about configuring the PE see Configuring MPLS L3VPN Configuring static routing between an MCE and a PE Step C...

Page 15: ...detection is enabled You must disable routing loop detection for an OSPF VRF process on the MCE Otherwise the MCE does not receive OSPF routes from the PE 4 Optional Configure the OSPF domain ID domain id domain id secondary The default domain ID is 0 5 Optional Configure the type codes of OSPF extended community attributes ext community type domain id type code1 router id type code2 route type ty...

Page 16: ...runs OSPF Configuring IS IS between an MCE and a PE Step Command Remarks 1 Enter system view system view N A 2 Create an IS IS process for a VPN instance and enter IS IS view isis process id vpn instance vpn instance name N A 3 Configure a network entity title network entity net By default no NET is configured 4 Redistribute VPN routes import route protocol process id all processes allow ibgp cost...

Page 17: ...eived routes Configuring IBGP between an MCE and a PE Step Command Remarks 1 Enter system view system view N A 2 Enter BGP view bgp as number N A 3 Enter BGP VPN instance view ip vpn instance vpn instance name N A 4 Configure the PE as an IBGP peer peer group name ip address mask length as number as number N A 5 Enter BGP VPN IPv4 unicast address family view address family ipv4 unicast N A 6 Enabl...

Page 18: ... address verbose standby slot slot number For other MCE related displaying and maintaining commands such as displaying routing table information for a VPN instance and maintaining routing sessions for a VPN instance see Layer 3 IP Routing Command Reference For more information about the display bgp group and display bgp peer commands see Layer 3 IP Routing Command Reference MCE configuration examp...

Page 19: ...CE vpn instance vpn1 route distinguisher 10 1 MCE vpn instance vpn1 vpn target 10 1 MCE vpn instance vpn1 quit MCE ip vpn instance vpn2 MCE vpn instance vpn2 route distinguisher 20 1 MCE vpn instance vpn2 vpn target 20 1 MCE vpn instance vpn2 quit Create VLAN 10 add port Ten GigabitEthernet 1 0 1 to VLAN 10 MCE vlan 10 MCE vlan10 port ten gigabitethernet 1 0 1 MCE vlan10 quit Create VLAN interface...

Page 20: ...ol is enabled in VPN 1 Therefore you can configure static routes On VR 1 assign IP address 10 214 10 2 24 to the interface connected to MCE and 192 168 0 1 24 to the interface connected to VPN 1 Add ports to VLANs correctly Details not shown On VR 1 configure a default route with the next hop being 10 214 10 3 VR1 system view VR1 ip route static 0 0 0 0 0 0 0 0 10 214 10 3 On the MCE configure a s...

Page 21: ... 0 network 192 168 10 0 0 0 0 255 VR2 ospf 2 area 0 0 0 0 network 10 214 20 0 0 0 0 255 VR2 ospf 2 area 0 0 0 0 quit VR2 ospf 2 quit On the MCE display the routing information maintained for VPN instance vpn2 MCE display ip routing table vpn instance vpn2 Destinations 13 Routes 13 Destination Mask Proto Pre Cost NextHop Interface 0 0 0 0 32 Direct 0 0 127 0 0 1 InLoop0 10 214 20 0 24 Direct 0 0 10...

Page 22: ... VPN instance vpn2 and configure an IP address for the VLAN interface MCE vlan 40 MCE vlan40 quit MCE interface vlan interface 40 MCE Vlan interface40 ip binding vpn instance vpn2 MCE Vlan interface40 ip address 40 1 1 1 24 MCE Vlan interface40 quit On PE 1 create VLAN 30 and VLAN interface 30 bind the VLAN interface to VPN instance vpn1 and configure an IP address for the VLAN interface PE1 vlan ...

Page 23: ...nformation for VPN 1 The output shows that the static route of VPN 1 has been redistributed to the OSPF routing table of PE 1 PE1 display ip routing table vpn instance vpn1 Destinations 13 Routes 13 Destination Mask Proto Pre Cost NextHop Interface 0 0 0 0 32 Direct 0 0 127 0 0 1 InLoop0 30 1 1 0 24 Direct 0 0 30 1 1 2 Vlan30 30 1 1 0 32 Direct 0 0 30 1 1 2 Vlan30 30 1 1 2 32 Direct 0 0 127 0 0 1 ...

Page 24: ...F 150 1 40 1 1 1 Vlan40 224 0 0 0 4 Direct 0 0 0 0 0 0 NULL0 224 0 0 0 24 Direct 0 0 0 0 0 0 NULL0 255 255 255 255 32 Direct 0 0 127 0 0 1 InLoop0 The routing information for the two VPNs has been redistributed into the routing tables on PE 1 Configuring the MCE that uses EBGP to advertise VPN routes to the PE Network requirements As shown in Figure 5 configure the MCE to advertise the routes of V...

Page 25: ... 10 214 10 3 Vlan10 10 214 10 3 32 Direct 0 0 127 0 0 1 InLoop0 10 214 10 255 32 Direct 0 0 10 214 10 3 Vlan10 127 0 0 0 8 Direct 0 0 127 0 0 1 InLoop0 127 0 0 0 32 Direct 0 0 127 0 0 1 InLoop0 127 0 0 1 32 Direct 0 0 127 0 0 1 InLoop0 127 255 255 255 32 Direct 0 0 127 0 0 1 InLoop0 192 168 0 0 24 OSPF 10 2 10 214 10 2 Vlan10 224 0 0 0 4 Direct 0 0 0 0 0 0 NULL0 224 0 0 0 24 Direct 0 0 0 0 0 0 NUL...

Page 26: ...information from OSPF process 10 to BGP MCE bgp vpn1 address family ipv4 MCE bgp ipv4 vpn1 peer 30 1 1 2 enable MCE bgp ipv4 vpn1 import route ospf 10 On PE 1 enable BGP in AS 200 and specify the MCE as its EBGP peer PE1 bgp 200 PE1 bgp ip vpn instance vpn1 PE1 bgp vpn1 peer 30 1 1 1 as number 100 PE1 bgp vpn1 address family ipv4 PE1 bgp ipv4 vpn1 peer 30 1 1 1 enable PE1 bgp ipv4 vpn1 quit PE1 bg...

Page 27: ...0 0 1 InLoop0 40 1 1 0 24 Direct 0 0 40 1 1 2 Vlan40 40 1 1 0 32 Direct 0 0 40 1 1 2 Vlan40 40 1 1 2 32 Direct 0 0 127 0 0 1 InLoop0 40 1 1 255 32 Direct 0 0 40 1 1 2 Vlan40 127 0 0 0 8 Direct 0 0 127 0 0 1 InLoop0 127 0 0 0 32 Direct 0 0 127 0 0 1 InLoop0 127 0 0 1 32 Direct 0 0 127 0 0 1 InLoop0 127 255 255 255 32 Direct 0 0 127 0 0 1 InLoop0 192 168 10 0 24 BGP 255 3 40 1 1 1 Vlan40 224 0 0 0 4...

Page 28: ...routing between an MCE and a VPN site Required Configuring routing between an MCE and a PE Configuring VPN instances VPN instances isolate VPN routes from public network routes and routes among VPNs You must configure VPN instances for an MCE network Creating a VPN instance A VPN instance is associated with a site It is a collection of the VPN membership and routing rules of its associated site A ...

Page 29: ...a PE by using the following process 1 When a VPN route learned from a CE gets redistributed into BGP BGP associates it with a route target extended community attribute list which is usually the export target attribute of the VPN instance associated with the CE 2 The VPN instance determines which routes it can accept and redistribute according to the import extcommunity in the route target 3 The VP...

Page 30: ... site through an IPv6 static route IPv6 static routing on a traditional CE is globally effective and does not support address overlapping among VPNs An MCE supports binding an IPv6 static route with an IPv6 VPN instance so that the IPv6 static routes of different IPv6 VPN instances can be isolated from each other To configure IPv6 static routing between an MCE and a VPN site Step Command Remarks 1...

Page 31: ...IPng is disabled Configuring OSPFv3 between an MCE and a VPN site An OSPFv3 process belongs to the public network or a single IPv6 VPN instance If you create an OSPFv3 process without binding it to an IPv6 VPN instance the process belongs to the public network By configuring OSPFv3 process to IPv6 VPN instance bindings on a MCE you allow routes of different IPv6 VPNs to be exchanged between the MC...

Page 32: ...p Command Remarks 1 Enter system view system view N A 2 Create an IPv6 IS IS process for a VPN instance and enter IS IS view isis process id vpn instance vpn instance name Perform this configuration on the MCE On a VPN site configure common IPv6 IS IS 3 Configure a network entity title for the IS IS process network entity net By default no NET is configured 4 Enable IPv6 for the IPv6 IS IS process...

Page 33: ...s filter policy acl6 number import By default BGP does not filter received routes 2 Configure a VPN site Step Command Remarks 1 Enter system view system view N A 2 Enter BGP view bgp as number N A 3 Configure the MCE as an EBGP peer peer group name ipv6 address prefix length as number as number By default no BGP peer is configured 4 Enter BGP IPv6 unicast address family view address family ipv6 un...

Page 34: ...the MCE 8 Redistribute remote site routes advertised by the PE into BGP import route protocol process id med med value By default no routes are redistributed into BGP 9 Optional Configure filtering of advertised routes filter policy acl6 number export protocol process id By default BGP does not filter advertised routes 10 Optional Configure filtering of received routes filter policy acl6 number im...

Page 35: ... vpn instance d vpn instance name nexthop address permanent preference preference value tag tag value description description text By default no IPv6 static route is configured 3 Optional Configure the default preference for IPv6 static routes ipv6 route static default preference default preference value The default value is 60 Configuring RIPng between an MCE and a PE Step Command Remarks 1 Enter...

Page 36: ...ed routes are not filtered 8 Optional Configure the default external route tag for redistributed VPN routes default tag tag By default the default external route tag is 1 9 Return to system view quit N A 10 Enter interface view interface interface type interface number N A 11 Enable the OSPFv3 process on the interface ospfv3 process id area area id instance instance id By default OSPFv3 is disable...

Page 37: ...lt BGP does not exchange IPv6 unicast routes with any peer 7 Redistribute VPN routes import route protocol process id med med value By default no routes are redistributed into BGP 8 Optional Configure filtering of advertised routes filter policy acl6 number export protocol process id By default BGP does not filter advertised routes 9 Optional Configure filtering of received routes filter policy ac...

Page 38: ...n for a VPN instance display bgp group ipv6 unicast vpn instance vpn instance name group name group name Display BGP peer information for a VPN instance display bgp peer ipv6 unicast vpn instance vpn instance name ipv6 address prefix length ipv6 address group name group name log info ipv6 address verbose standby slot slot number For commands that display information about a routing table see Layer...

Page 39: ...ce vpn1 vpn target 10 1 MCE vpn instance vpn1 quit MCE ip vpn instance vpn2 MCE vpn instance vpn2 route distinguisher 20 1 MCE vpn instance vpn2 vpn target 20 1 MCE vpn instance vpn2 quit Create VLAN 10 add port Ten GigabitEthernet 1 0 1 to VLAN 10 and create VLAN interface 10 MCE vlan 10 MCE vlan10 port ten gigabitethernet 1 0 1 MCE vlan10 quit CE VPN 1 Site 2 CE VPN 2 Site 1 PE 1 PE 3 PE 2 VPN 2...

Page 40: ...ce vpn2 quit 2 Configure routing between the MCE and VPN sites The MCE is connected to VPN 1 directly and no routing protocol is enabled in VPN 1 Therefore you can configure IPv6 static routes On VR 1 assign IPv6 address 2001 1 2 64 to the interface connected to the MCE and 2012 1 2 64 to the interface connected to VPN 1 Add ports to VLANs Details not shown On VR 1 configure a default route with t...

Page 41: ...4 Protocol Direct NextHop Preference 0 Interface Vlan10 Cost 0 Destination 2001 1 1 128 Protocol Direct NextHop 1 Preference 0 Interface InLoop0 Cost 0 Destination 2012 1 64 Protocol Static NextHop 2001 1 2 Preference 60 Interface Vlan10 Cost 0 Destination FE80 10 Protocol Direct NextHop Preference 0 Interface NULL0 Cost 0 Destination FF00 8 Protocol Direct NextHop Preference 0 Interface NULL0 Cos...

Page 42: ...CE Ten GigabitEthernet1 0 3 port trunk permit vlan 30 40 MCE Ten GigabitEthernet1 0 3 quit On PE 1 configure the port connected to MCE as a trunk port and configure it to permit packets of VLAN 30 and VLAN 40 to pass with VLAN tags PE1 interface ten gigabitethernet 1 0 1 PE1 Ten GigabitEthernet1 0 1 port link type trunk PE1 Ten GigabitEthernet1 0 1 port trunk permit vlan 30 40 PE1 Ten GigabitEther...

Page 43: ... to VPN instance vpn1 and redistribute the IPv6 static route of VPN 1 MCE ospfv3 10 vpn instance vpn1 MCE ospfv3 10 router id 101 101 10 1 MCE ospfv3 10 import route static MCE ospfv3 10 quit Enable OSPFv3 on VLAN interface 30 MCE interface vlan interface 30 MCE Vlan interface30 ospfv3 10 area 0 0 0 0 MCE Vlan interface30 quit On PE 1 enable OSPFv3 process 10 and bind the process to VPN instance v...

Page 44: ...uting table for VPN instance vpn2 The output shows that PE 1 has learned the private route of VPN 2 through OSPFv3 PE1 display ipv6 routing table vpn instance vpn2 Destinations 6 Routes 6 Destination 1 128 Protocol Direct NextHop 1 Preference 0 Interface InLoop0 Cost 0 Destination 40 64 Protocol Direct NextHop Preference 0 Interface Vlan40 Cost 0 Destination 40 2 128 Protocol Direct NextHop 1 Pref...

Page 45: ...42 Interface NULL0 Cost 0 The routing information for the two VPNs has been added into the routing tables on PE 1 ...

Page 46: ...st one x y Asterisk marked square brackets enclose optional syntax choices separated by vertical bars from which you select one choice multiple choices or none 1 n The argument or keyword and argument combination before the ampersand sign can be entered 1 to n times A line that starts with a pound sign is comments GUI conventions Convention Description Boldface Window names button names field name...

Page 47: ... Represents an access controller a unified wired WLAN module or the access controller engine on a unified wired WLAN switch Represents an access point Represents a wireless terminator unit Represents a wireless terminator Represents a mesh access point Represents omnidirectional signals Represents directional signals Represents a security product such as a firewall UTM multiservice security gatewa...

Page 48: ...s provide a mechanism for accessing software updates through the product interface Review your product documentation to identify the recommended software update method To download product updates go to either of the following Hewlett Packard Enterprise Support Center Get connected with updates page www hpe com support e updates Software Depot website www hpe com support softwaredepot To view and u...

Page 49: ...r self repair CSR programs allow you to repair your product If a CSR part needs to be replaced it will be shipped directly to you so that you can install it at your convenience Some parts do not qualify for CSR Your Hewlett Packard Enterprise authorized service provider will determine whether a repair can be accomplished by CSR For more information about CSR contact your local service provider or ...

Page 50: ...umber edition and publication date located on the front cover of the document For online help content include the product name product version help edition and publication date located on the legal notices page ...

Page 51: ... MPLS L3VPN MCE PE OSPFv3 33 IPv6 MPLS L3VPN MCE PE RIPng 32 IPv6 MPLS L3VPN MCE PE routing 32 IPv6 MPLS L3VPN MCE VPN site EBGP 29 IPv6 MPLS L3VPN MCE VPN site IBGP 30 IPv6 MPLS L3VPN MCE VPN site IPv6 IS IS 29 IPv6 MPLS L3VPN MCE VPN site OSPFv3 28 IPv6 MPLS L3VPN MCE VPN site RIPng 27 IPv6 MPLS L3VPN VPN instance 25 IPv6 MPLS L3VPN VPN instance route related attributes 26 MCE 15 MPLS L3VPN MCE ...

Page 52: ...PN instance configuration 4 MPLS L3VPN VPN instance creation 4 MPLS L3VPN VPN instance interface association 5 IPv4 MPLS L3VPN MCE PE EBGP configuration 13 MPLS L3VPN MCE PE IBGP configuration 14 MPLS L3VPN VPN IPv4 address 2 IPv6 IS IS IPv6 MPLS L3VPN MCE VPN site IPv6 IS IS 29 IPv6 MPLS L3VPN MCE PE EBGP 34 IPv6 MPLS L3VPN MCE PE IBGP 34 IPv6 MPLS L3VPN MCE PE IPv6 IS IS 33 IPv6 MCE configuratio...

Page 53: ...BGP 14 MCE PE IS IS 13 MCE PE OSPF 12 MCE PE RIP 12 MCE PE routing 11 MCE PE static routing 11 MCE VPN site EBGP 9 MCE VPN site IBGP 10 MCE VPN site IS IS 8 MCE VPN site OSPF 7 MCE VPN site RIP 6 MCE VPN site routing 6 MCE VPN site static routing 6 site 1 VPN instance 2 VPN instance configuration 4 VPN instance creation 4 VPN instance interface association 5 VPN instance route related attribute co...

Page 54: ...g 15 O OSPF MPLS L3VPN MCE OSPF VPN route advertising 15 MPLS L3VPN MCE PE OSPF 12 MPLS L3VPN MCE VPN site OSPF 7 OSPFv3 IPv6 MPLS L3VPN MCE VPN site OSPFv3 28 IPv6 MPLS L3VPN MCE PE OSPFv3 33 P P device MPLS L3VPN architecture 1 PE IPv6 MPLS L3VPN MCE routing 27 IPv6 MPLS L3VPN MCE VPN site EBGP 29 IPv6 MPLS L3VPN MCE VPN site IBGP 30 IPv6 MPLS L3VPN MCE VPN site IPv6 IS IS 29 IPv6 MPLS L3VPN MCE...

Page 55: ...VPN MCE VPN site IBGP 10 configuring MPLS L3VPN MCE VPN site IS IS 8 configuring MPLS L3VPN MCE VPN site OSPF 7 configuring MPLS L3VPN MCE VPN site RIP 6 configuring MPLS L3VPN MCE VPN site routing 6 configuring MPLS L3VPN MCE VPN site static routing 6 configuring MPLS L3VPN VPN instance 4 configuring MPLS L3VPN VPN instance route related attribute 5 creating IPv6 MPLS L3VPN VPN instance 25 creati...

Page 56: ...3VPN MCE routing 6 MPLS L3VPN MCE PE EBGP 13 MPLS L3VPN MCE PE IBGP configuration 14 MPLS L3VPN MCE PE IS IS 13 MPLS L3VPN MCE PE OSPF 12 MPLS L3VPN MCE PE RIP 12 MPLS L3VPN MCE PE routing 11 MPLS L3VPN MCE PE static routing 11 MPLS L3VPN MCE VPN site EBGP 9 MPLS L3VPN MCE VPN site IBGP 10 MPLS L3VPN MCE VPN site IS IS 8 MPLS L3VPN MCE VPN site OSPF 7 MPLS L3VPN MCE VPN site RIP 6 MPLS L3VPN MCE V...

Search results

Summary of Contents for FlexFabric 5700

Reviews:

Related manuals for FlexFabric 5700

Brands by name

Popular brands

HP FlexFabric 5700, Configuration Manual

Search results

Summary of Contents for FlexFabric 5700

Reviews:

Related manuals for FlexFabric 5700

Brands by name

Popular brands