Example for Connecting a VRRP Group to an NLB Cluster (Using Physical Link Loopback)
Overview
NLB is developed by Microsoft for a cluster set up by multiple Windows servers. When a switch is connected to an NLB cluster, the switch needs to send packets destined for the cluster IP address to every NLB server in the cluster. An NLB server can work in unicast, multicast, or IGMP multicast mode.
Currently, a switch can be connected to the NLB server working in only unicast or multicast mode. If the switch supports multi-interface ARP, this function is recommended to implement the connection between the switch and NLB cluster. When the switch or version does not support multi-interface ARP and there are insufficient device resources, you can use physical link loopback to connect the switch to the NLB cluster.
Configuration Notes
l When the NLB cluster works in unicast mode, static ARP entries do not need to be configured on the switch; when the cluster works in multicast mode, static ARP entries need to be configured on the switch.
l Table 1 lists the applicable products and versions.
Table 1 Applicable product models and versions
|
Product |
Product Model |
Software Version |
|
S1700 |
S1720GW and S1720GWR |
V200R010C00, V200R011C00, V200R011C10 |
|
S1720GW-E and S1720GWR-E |
V200R010C00, V200R011C00, V200R011C10 |
|
|
S1720X and S1720X-E |
V200R011C00, V200R011C10 |
|
|
S2700 |
S2720EI |
V200R011C10 |
|
S3700 |
S3700EI |
V100R006C05 |
|
S3700HI |
V200R001C00 |
|
|
S5700 |
S5700EI |
V200R001(C00&C01), V200R002C00, V200R003C00, V200R005(C00&C01&C02&C03) |
|
S5700HI |
V200R001(C00&C01), V200R002C00, V200R003C00, V200R005(C00SPC500&C01&C02) |
|
|
S5710EI |
V200R001C00, V200R002C00, V200R003C00, V200R005(C00&C02) |
|
|
S5710HI |
V200R003C00, V200R005(C00&C02&C03) |
|
|
S5720LI and S5720S-LI |
V200R010C00, V200R011C00, V200R011C10 |
|
|
S5720SI and S5720S-SI |
V200R008C00, V200R009C00, V200R010C00, V200R011C00, V200R011C10 |
|
|
S5720EI |
V200R007C00, V200R008C00, V200R009C00, V200R010C00, V200R011C00, V200R011C10 |
|
|
S5720HI |
V200R006C00, V200R007(C00&C10), V200R008C00, V200R009C00, V200R010C00, V200R011C00, V200R011C10 |
|
|
S6700 |
S6700EI |
V200R001(C00&C01), V200R002C00, V200R003C00, V200R005(C00&C01&C02) |
|
S6720LI and S6720S-LI |
V200R011C00, V200R011C10 |
|
|
S6720SI and S6720S-SI |
V200R011C00, V200R011C10 |
|
|
S6720EI |
V200R008C00, V200R009C00, V200R010C00, V200R011C00, V200R011C10 |
|
|
S6720S-EI |
V200R009C00, V200R010C00, V200R011C00, V200R011C10 |
|
|
S7700 |
S7703, S7706, and S7712 |
V200R001(C00&C01), V200R002C00, V200R003C00, V200R005C00, V200R006C00, V200R007C00, V200R008C00, V200R009C00, V200R010C00, V200R011C10 |
|
S9700 |
S9703, S9706, and S9712 |
V200R001(C00&C01), V200R002C00, V200R003C00, V200R005C00, V200R006C00, V200R007(C00&C10), V200R008C00, V200R009C00, V200R010C00, V200R011C10 |
For details about software mappings, see Version Mapping Search for Huawei Campus Switches.
Networking Requirements
As shown in Figure 1, Switch_1 and Switch_2 connect to each other using GE0/0/2 and form a VRRP group through the heartbeat link. Switch_1 is the master and Switch_2 is the backup. GE0/0/1 interfaces on Switch_1 and Switch_2 are directly connected to two NLB servers respectively. The NLB cluster works in multicast mode, the cluster IP address is 10.128.246.252/24, and the cluster MAC address is 03bf-0a80-f6fc. There are reachable routes between the Switch and Client.
The customer requires that the VRRP group be able to send the Client's packets destined for the NLB cluster IP address to all NLB servers.
Figure 1 Connecting a VRRP group to an NLB cluster in multicast mode
Data plan
Before the configuration, you need the following data.
|
Item |
Data |
Description |
|
IP address |
l Switch_1's VLANIF 200: 10.128.246.10/24 l Switch_2's VLANIF 200: 10.128.246.11/24 l Virtual IP address: 10.128.246.250 |
- |
Configuration Roadmap
The configuration roadmap is as follows:
1. Add GE0/0/1 to VLAN 100.
2. Add GE0/0/2 to VLAN 100.
3. Disable STP, RSTP, VBST, or MSTP on GE0/0/4 and GE0/0/5, and add the interfaces to VLAN 100 and VLAN 200 respectively in access mode.
4. Configure a VRRP virtual IP address for VLANIF 200 that functions as the NLB cluster's gateway.
5. Configure a static ARP entry. In the static ARP entry, the IP address is the cluster IP address, the MAC address is the cluster multicast MAC address, and the outbound interface is the interface where the VLAN to which the NLB cluster's gateway belongs is configured.
6. Connect GE0/0/4 and GE0/0/5.
Procedure
Step 1 # Configure GE0/0/1.
# Add GE0/0/1 on Switch_1 to VLAN 100.
<HUAWEI> system-view
[HUAWEI] sysname Switch_1
[Switch_1] vlan batch 100 200
[Switch_1] interface gigabitethernet 0/0/1
[Switch_1-GigabitEthernet0/0/1] port link-type access
[Switch_1-GigabitEthernet0/0/1] port default vlan 100
[Switch_1-GigabitEthernet0/0/1] quit
# Add GE0/0/1 on Switch_2 to VLAN 100.
<HUAWEI> system-view
[HUAWEI] sysname Switch_2
[Switch_2] vlan batch 100 200
[Switch_2] interface gigabitethernet 0/0/1
[Switch_2-GigabitEthernet0/0/1] port link-type access
[Switch_2-GigabitEthernet0/0/1] port default vlan 100
[Switch_2-GigabitEthernet0/0/1] quit
Step 2 Add GE0/0/2 to VLAN 100.
# Add GE0/0/2 on Switch_1 to VLAN 100.
[Switch_1] interface gigabitethernet 0/0/2
[Switch_1-GigabitEthernet0/0/2] port link-type trunk
[Switch_1-GigabitEthernet0/0/2] port trunk allow-pass vlan 100
[Switch_1-GigabitEthernet0/0/2] quit
# Add GE0/0/2 on Switch_2 to VLAN 100.
[Switch_2] interface gigabitethernet 0/0/2
[Switch_2-GigabitEthernet0/0/2] port link-type trunk
[Switch_2-GigabitEthernet0/0/2] port trunk allow-pass vlan 100
[Switch_2-GigabitEthernet0/0/2] quit
Heartbeat interfaces cannot belong to the same VLAN as the gateway to prevent a traffic loop within the VRRP group. For example, GE0/0/2 in this example cannot be added to VLAN 200.
Step 3 Configure GE0/0/4 and GE0/0/5.
# Disable STP, RSTP, VBST, or MSTP on GE0/0/4 and GE0/0/5 on Switch_1.
[Switch_1] interface gigabitethernet 0/0/4
[Switch_1-GigabitEthernet0/0/4] undo stp enable //Disable STP, RSTP, VBST, or MSTP
[Switch_1-GigabitEthernet0/0/4] quit
[Switch_1] interface gigabitethernet 0/0/5
[Switch_1-GigabitEthernet0/0/5] undo stp enable //Disable STP, RSTP, VBST, or MSTP
[Switch_1-GigabitEthernet0/0/5] quit
# Add GE0/0/4 and GE0/0/5 on Switch_1 to VLAN 100 and VLAN 200 respectively in access mode.
[Switch_1] interface gigabitethernet 0/0/4
[Switch_1-GigabitEthernet0/0/4] port link-type access
[Switch_1-GigabitEthernet0/0/4] port default vlan 100
[Switch_1-GigabitEthernet0/0/4] quit
[Switch_1] interface gigabitethernet 0/0/5
[Switch_1-GigabitEthernet0/0/5] port link-type access
[Switch_1-GigabitEthernet0/0/5] port default vlan 200
[Switch_1-GigabitEthernet0/0/5] quit
# Disable STP, RSTP, VBST, or MSTP on GE0/0/4 and GE0/0/5 on Switch_2.
[Switch_2] interface gigabitethernet 0/0/4
[Switch_2-GigabitEthernet0/0/4] undo stp enable //Disable STP, RSTP, VBST, or MSTP
[Switch_2-GigabitEthernet0/0/4] quit
[Switch_2] interface gigabitethernet 0/0/5
[Switch_2-GigabitEthernet0/0/5] undo stp enable //Disable STP, RSTP, VBST, or MSTP
[Switch_2-GigabitEthernet0/0/5] quit
# Add GE0/0/4 and GE0/0/5 on Switch_2 to VLAN 100 and VLAN 200 respectively in access mode.
[Switch_2] interface gigabitethernet 0/0/4
[Switch_2-GigabitEthernet0/0/4] port link-type access
[Switch_2-GigabitEthernet0/0/4] port default vlan 100
[Switch_2-GigabitEthernet0/0/4] quit
[Switch_2] interface gigabitethernet 0/0/5
[Switch_2-GigabitEthernet0/0/5] port link-type access
[Switch_2-GigabitEthernet0/0/5] port default vlan 200
[Switch_2-GigabitEthernet0/0/5] quit
Step 4 Configure an IP address for the NLB cluster's gateway.
# Create VRRP group 1 on Switch_1 and set the VRRP priority to 120.
[Switch_1] interface vlanif 200
[Switch_1-Vlanif200] ip address 10.128.246.10 24
[Switch_1-Vlanif200] vrrp vrid 1 virtual-ip 10.128.246.250 //Create VRRP group 1
[Switch_1-Vlanif200] vrrp vrid 1 priority 120 //Set the VRRP priority to 120
[Switch_1-Vlanif200] quit
# Create VRRP group 1 on Switch_2 and use the default VRRP priority 100.
[Switch_2] interface vlanif 200
[Switch_2-Vlanif200] ip address 10.128.246.11 24
[Switch_2-Vlanif200] vrrp vrid 1 virtual-ip 10.128.246.250 //Create VRRP group 1
[Switch_2-Vlanif200] quit
l Configure the VRRP virtual IP address 10.128.246.250 for VLANIF 200 that functions as the NLB cluster's gateway.
l To reduce network workload, you are advised to separate the NLB cluster's gateway from other gateways.
In this networking, traffic from a switch to the NLB cluster passes along the heartbeat link to the peer switch and then passes along the self-loop line on the peer switch. In this case, if other servers use the same gateway as the NLB servers, other servers will receive traffic destined for the NLB cluster, causing an increase of network workload. For example, packets destined for the NLB cluster from Switch_1 pass along the heartbeat link to Switch_2. On Switch_2, packets are sent from GE0/0/4 to 0/0/5. If VLANIF 200 on Switch_2 is also the gateway of non-NLB servers, packets are sent to non-NLB servers through GE0/0/5.
Step 5 Configure static ARP entries.
# On Switch_1, configure a static ARP entry. In the ARP entry, the IP address is 10.128.246.252, the MAC address is 03bf-0a80-f6fc, the outbound interface is GE0/0/5 where VLAN 200 is located.
[Switch_1] arp static 10.128.246.252 03bf-0a80-f6fc vid 200 interface gigabitethernet 0/0/5
# On Switch_2, configure a static ARP entry. In the ARP entry, the IP address is 10.128.246.252, the MAC address is 03bf-0a80-f6fc, the outbound interface is GE0/0/5 where VLAN 200 is located.
[Switch_2] arp static 10.128.246.252 03bf-0a80-f6fc vid 200 interface gigabitethernet 0/0/5
Step 6 Connect GE0/0/4 and GE0/0/5.
After the previous configurations, connect physical links on Switch_1 and Switch_2 respectively.
Step 7 Verify the configuration.
Verify that Server_1 and Server_2 can receive packets destined for the NLB cluster.
----End
Configuration Files
l Switch_1 configuration file
#
sysname Switch_1
#
vlan batch 100 200
#
interface Vlanif200
ip address 10.128.246.10 255.255.255.0
vrrp vrid 1 virtual-ip 10.128.246.250
vrrp vrid 1 priority 120
#
interface GigabitEthernet0/0/1
port link-type access
port default vlan 100
#
interface GigabitEthernet0/0/2
port link-type trunk
port trunk allow-pass vlan 100
#
interface GigabitEthernet0/0/4
port link-type access
port default vlan 100
stp disable
#
interface GigabitEthernet0/0/5
port link-type access
port default vlan 200
stp disable
#
arp static 10.128.246.252 03bf-0a80-f6fc vid 200 interface GigabitEthernet0/0/5
#
return
l Switch_2 configuration file
#
sysname Switch_2
#
vlan batch 100 200
#
interface Vlanif200
ip address 10.128.246.11 255.255.255.0
vrrp vrid 1 virtual-ip 10.128.246.250
#
interface GigabitEthernet0/0/1
port link-type access
port default vlan 100
#
interface GigabitEthernet0/0/2
port link-type trunk
port trunk allow-pass vlan 100
#
interface GigabitEthernet0/0/4
port link-type access
port default vlan 100
stp disable
#
interface GigabitEthernet0/0/5
port link-type access
port default vlan 200
stp disable
#
arp static 10.128.246.252 03bf-0a80-f6fc vid 200 interface GigabitEthernet0/0/5
#
return
