Posts
Alteon Hot-Standby Redundancy Configuration - Part 1
Posted On Oct 2, 2008 at at 5:22 PM by DophiNortel Application Switch (aka Alteon) supports a proprietary Virtual Router Redundancy Protocol called Hot-Standby Redundancy. In a Hot-Standby configuration, Spanning Tree is not needed to eliminate bridge loops. This can speeds up failover when a switch fails. The standby switch virtually blocks all ports (Links are up) configured as hot-standby ports and the master switch enables these same ports. Consequently, on a given switch, all virtual routers are either master or backup; they cannot change state individually.
The Nortel official document provides a configuration example of Hot-Standby Redundancy but it makes management be inconvenient and topology be complex. In the example, we have to create an individual VLAN for inter-switch link operation. Due to the port blocking behavior of a standby switch, that individual VLAN is the only one way to manage. Without a dedicated routing to that VLAN, ASEM can't manage or monitor both switches simultaneously.
In order to simplify the topology and configuration, I create two labs to verify hot-standby functionality.
Lab 1: Single VLAN implementation
Active Alteon:
1. Turn off Spanning Tree:
>> Main# /c/l2/stg 1
------------------------------------------------------------
[Spanning Tree Group 1 Menu]
brg - Bridge parameter Menu
port - Port parameter Menu
add - Add VLAN(s) to Spanning Tree Group
remove - Remove VLAN(s) from Spanning Tree Group
clear - Remove all VLANs from Spanning Tree Group
on - Globally turn Spanning Tree ON
off - Globally turn Spanning Tree OFF
default - Default Spanning Tree and Member parameters
cur - Display current bridge parameters
>> Spanning Tree Group 1# off
Current Spanning Tree 1 setting: ON
New Spanning Tree 1 setting: OFF
>> Spanning Tree Group 1# apply
2. Confgiure the default gateway:
>> Main# /c/l3/gw 1
------------------------------------------------------------
[Default gateway 1 Menu]
ipver - Set IP version
addr - Set IP address
intr - Set interval between ping attempts
retry - Set number of failed attempts to declare gateway DOWN
vlan - Set VLAN number
prio - Set priority of default gateway route
arp - Enable/disable ARP only health checks
ena - Enable default gateway
dis - Disable default gateway
del - Delete default gateway
cur - Display current default gateway configuration
>> Default gateway 1# addr 192.168.10.254
Current IP address: 0.0.0.0
New pending IP address: 192.168.10.254
>> Default gateway 1# en
Current status: disabled
New status: enabled
>> Default gateway 1# apply
3. Configure the IP address:
>> Spanning Tree Group 1# /c/l3/if 1
------------------------------------------------------------
[IP Interface 1 Menu]
ip6nd - IP6 Neighbor Discovery Menu
ipver - Set IP version
addr - Set IP address
mask - Set subnet mask/prefix len
vlan - Set VLAN number
relay - Enable/disable BOOTP relay
ena - Enable IP interface
dis - Disable IP interface
del - Delete IP interface
cur - Display current interface configuration
>> IP Interface 1# addr 192.168.10.230
Current IP address: 0.0.0.0
New pending IP address: 192.168.10.230
Pending new subnet mask: 255.255.255.0
>> IP Interface 1# en
Current status: disabled
New status: enabled
>> IP Interface 1# apply
4. Configure virtual router 1 as an VIR for the interface: Sharing has to be turned off but official document (NN47220-104, Rev 01.05) doesn't mention it.
>> Main# /c/l3/vrrp/vr 1
------------------------------------------------------------
[VRRP Virtual Router 1 Menu]
track - Priority Tracking Menu
ipver - Set IP version
vrid - Set virtual router ID
addr - Set IP address
if - Set interface number
prio - Set renter priority
adver - Set advertisement interval
preem - Enable/disable preemption
share - Enable/disable sharing
ena - Enable virtual router
dis - Disable virtual router
del - Delete virtual router
cur - Display current VRRP virtual router configuration
>> VRRP Virtual Router 1# addr 192.168.10.232
Current IP address: 0.0.0.0
New pending IP address: 192.168.10.232
>> VRRP Virtual Router 1# sha dis
Current sharing: enabled
New sharing: disabled
>> VRRP Virtual Router 1# en
Current status: disabled
New status: enabled
>> VRRP Virtual Router 1# apply
5. Configure virtual router 2 as an VSR for the virtual server:
>> Main# /c/l3/vrrp/vr 2
------------------------------------------------------------
[VRRP Virtual Router 2 Menu]
track - Priority Tracking Menu
ipver - Set IP version
vrid - Set virtual router ID
addr - Set IP address
if - Set interface number
prio - Set renter priority
adver - Set advertisement interval
preem - Enable/disable preemption
share - Enable/disable sharing
ena - Enable virtual router
dis - Disable virtual router
del - Delete virtual router
cur - Display current VRRP virtual router configuration
>> VRRP Virtual Router 2# addr 192.168.10.233
Current IP address: 0.0.0.0
New pending IP address: 192.168.10.233
>> VRRP Virtual Router 2# sha dis
Current sharing: enabled
New sharing: disabled
>> VRRP Virtual Router 2# en
Current status: disabled
New status: enabled
>> VRRP Virtual Router 2# apply
6. Configure the real server, group and virtual server:
>> Main# /c/slb/real 1
>> Real Server 1 # rip 192.168.10.202
Current real server IP address: 0.0.0.0
New pending real server IP address: 192.168.10.202
>> Real Server 1 # en
Current status: disabled
New status: enabled
>> Real Server 1 # /c/slb/group 1
>> Real Server Group 1# add 1
Real server 1 added to real server group 1.
>> Real Server Group 1# met hash
Current metric: leastconns
New pending metric: hash
>> Real Server Group 1# /c/slb/virt 1
>> Virtual Server 1# vip 192.168.10.233
Current virtual server IP address: 0.0.0.0
New pending virtual server IP address: 192.168.10.233
>> Virtual Server 1# en
Current status: disabled
New status: enabled
>> Virtual Server 1# service http
>> Virtual Server 1 http Service# group 1
Current real server group: 1
New pending real server group: 1
>> Virtual Server 1 http Service# ..
------------------------------------------------------------
[Virtual Server 1 Menu]
service - Virtual Service Menu
ipver - Set IP version
vip - Set IP addr of virtual server
vname - Set name of virtual server
dname - Set domain name of virtual server
cont - Set BW Contract
weight - Set Global SLB weight for virtual server
avail - Set Global SLB availability for virtual server
avpersis - Enable/disable GSLB availability persistence
addrule - Add Global SLB rule to domain
remrule - Remove Global SLB rule from domain
layr3 - Enable/disable layer 3 only balancing
creset - Enable/disable client connection reset for invalid VPORT
ena - Enable virtual server
dis - Disable virtual server
del - Delete virtual server
cur - Display current virtual configuration
>> Virtual Server 1# en
Current status: disabled
New status: enabled
>> Virtual Server 1# apply
7. Configure port 1 as a hot-standby and client processing port, 3 as an inter-switch port, and 5 as a hot-standby and server processing port.
>> Layer 4# /c/slb/port 1
>> SLB Port 1# cli en
Current client processing: disabled
New client processing: enabled
>> SLB Port 1# hot en
Current hot-standby processing: disabled
New hot-standby processing: enabled
>> SLB Port 1# /c/slb/port 3
>> SLB Port 3# inter en
Current inter-switch processing: disabled
New inter-switch processing: enabled
>> SLB Port 3# /c/slb/port 5
>> SLB Port 5# ser en
Current server processing: disabled
New server processing: enabled
>> SLB Port 5# hot en
Current hot-standby processing: disabled
New hot-standby processing: enabled
>> SLB Port 5#
8. From the VRRP menu, enable VRRP group mode and tracking for ports. After it, globally enable VRRP and hot-standby.
>> Main# c/l3/vrrp/group
------------------------------------------------------------
[VRRP Virtual Router Group Menu]
track - Priority Tracking Menu
ipver - Set IP version
vrid - Set virtual router ID
if - Set interface number
prio - Set renter priority
adver - Set advertisement interval
preem - Enable/disable preemption
share - Enable/disable sharing
ena - Enable virtual router
dis - Disable virtual router
del - Delete virtual router
cur - Display current VRRP virtual router configuration
>> VRRP Virtual Router Group# prio 101
Current router priority: 100
New pending router priority: 101
>> VRRP Virtual Router Group# sha dis
Current sharing: enabled
New sharing: disabled
>> VRRP Virtual Router Group# vrid 100
Current virtual router ID: 1
New pending virtual router ID: 100
>> VRRP Virtual Router Group# en
Current status: disabled
New status: enabled
>> VRRP Virtual Router Group# track/port en
Current tracking ports in VLAN: disabled
New tracking ports in VLAN: enabled
>> Vrtual Router Group Priority Tracking# /c/l3/vrrp
------------------------------------------------------------
[Virtual Router Redundancy Protocol Menu]
vr - VRRP Virtual Router Menu
vrgroup - VRRP Virtual Router Vrgroup Menu
group - VRRP Virtual Router Group Menu
if - VRRP Interface Menu
track - VRRP Priority Tracking Menu
hotstan - Enable/disable hot-standby processing
on - Globally turn VRRP ON
off - Globally turn VRRP OFF
holdoff - Globally set VRRP hold off time
cur - Display current VRRP configuration
>> Virtual Router Redundancy Protocol# on
Current status: OFF
New status: ON
>> Virtual Router Redundancy Protocol# hot en
Current hot-standby processing: disabled
New hot-standby processing: enabled
>> Virtual Router Redundancy Protocol# apply
9. Setup the peer switch to receive synchronization and turn off priority synchronization:
>> Main# c/slb/sync/peer 2
------------------------------------------------------------
[Peer Switch 2 Menu]
addr - Set peer switch IP address
ena - Enable peer switch
dis - Disable peer switch
del - Delete peer switch
cur - Display current peer switch configuration
>> Peer Switch 2# addr 192.168.10.231
Current IP address: 0.0.0.0
New pending IP address: 192.168.10.231
>> Peer Switch 1# en
Current status: disabled
New status: enabled
>> Peer Switch 1# /c/slb/sync/prio dis
Current synching VRRP priorities: enabled
New synching VRRP priorities: disabled
Standby Alteon:
Dump the configuration script from active switch and modify any necessary commands. Copy and Paste the script to standby switch.
The following script is the configuration of active switch of this example.
>> Configuration# dum
script start "Nortel Application Switch 3408 E" 4 /**** DO NOT EDIT THIS LINE!
/* Configuration dump taken 0:33:00 Thu Oct 2, 2008
/* Configuration last applied at 0:27:57 Thu Oct 2, 2008
/* Configuration last save at 19:19:30 Wed Oct 1, 2008
/* Version 24.0.2, Base MAC address 00:1b:25:78:e1:00
/c/l2/stg 1/off
/c/l3/if 1
ena
ipver v4
addr 192.168.10.230
/c/l3/gw 1
ena
ipver v4
addr 192.168.10.254
/c/l3/vrrp/on
/c/l3/vrrp/hotstan enabled
/c/l3/vrrp/vr 1
ena
ipver v4
vrid 1
if 1
addr 192.168.10.232
share dis
/c/l3/vrrp/vr 2
ena
ipver v4
vrid 2
if 1
addr 192.168.10.233
share dis
/c/l3/vrrp/group
ena
ipver v4
vrid 101
if 1
share dis
track
ports ena
/c/slb/sync
prios d
/c/slb/sync/peer 2
ena
addr 192.168.10.231
/c/slb/real 1
ena
ipver v4
rip 192.168.10.202
/c/slb/group 1
ipver v4
metric hash
add 1
/c/slb/port 1
client ena
hotstan ena
/c/slb/port 3
intersw ena
/c/slb/port 5
server ena
hotstan ena
/c/slb/virt 1
ena
ipver v4
vip 192.168.10.233
/c/slb/virt 1/service http
group 1
/
script end /**** DO NOT EDIT THIS LINE!
The ARP table of active switch: The IP and MAC address of standby switch are learned from port 3. This indicates that the port 1 and 5 are blocked and traffic forwarding to standby switch must passes through port 3.
>> Address Resolution Protocol# dump
IP address Flags MAC address VLAN Port Referenced SPs
--------------- ----- ----------------- ---- ------ ----------------
192.168.10.230 P 00:1e:ca:be:c6:00 1 1-4
192.168.10.231 00:1b:25:78:e1:00 1 3 empty
192.168.10.232 P 00:00:5e:00:01:01 1 1-4
192.168.10.233 P 4 00:00:5e:00:01:02 1 1-4
192.168.10.254 00:a0:8e:18:5c:ab 1 1 1-4
The VRRP state of the active switch:
>> Layer 3# vrrp
VRRP information (group priorities):
1: vrid 1, 192.168.10.232, if 1, renter, prio 109, master
2: vrid 2, 192.168.10.233, if 1, renter, prio 109, master, server
Note:
1. The VRRP hot-standby approach does not support single-link failover. If one hot-standby port loses link, the entire switch must change the state to eliminate loss of connectivity.
2. The number of active links should be the same on both switches while VRRP is initializing.
To be Continued.......
