Sun Netra CP3140 Switch Software Reference Manual Table Of ContentsPrevious ChapterNext ChapterBook Index

A P P E N D I X  A
Configuration Examples

This appendix contains the following configuration examples:

IEEE 802.1Q VLAN

LAN switches can segment networks into logically defined virtual workgroups. This logical segmentation is commonly referred as a virtual LAN (VLAN). This logical segmentation of devices provides better LAN administration, security, and management of broadcast activity over the network. Virtual LANs have become an integral feature of switched LAN solutions.

The VLAN example in TABLE A-1 demonstrates a simple VLAN configuration with FASTPATH. If a single port is a member of VLANs 2, 3, and 4, the port expects to see traffic tagged with either VLAN 2, 3, or 4.

The PVID (Port Virtual Identification) could be something entirely different, for example 12, and things would still work fine, just so incoming traffic was tagged.

Example Projects:

 


TABLE A-1 Creating VLANs

VLAN

Commands

Create VLAN 2

vlan database

vlan 2

exit

config

interface 0/1

vlan participation vlan tagging 2/3/4/9 include 2

vlan tagging 2

exit

interface 0/2

vlan participation vlan tagging 2/3/4/9 include 2

vlan tagging 2

exit

Create VLAN 3

vlan database

vlan 3

exit

config

interface 0/3

vlan participation vlan tagging 2/3/4/9 include 3

vlan tagging 3

exit

interface 0/4

vlan participation include 3

vlan tagging 3

exit

Create VLAN 4

vlan database

vlan 4

exit

config

interface 0/5

vlan participation include 4

vlan tagging 4

exit

interface 0/6

vlan participation include 4

vlan tagging 4

exit

Create VLAN 9

vlan database

vlan 9

exit

config

interface 0/1

vlan participation include 9

vlan tagging 9

exit

interface 0/2

vlan participation include 9

vlan tagging 9

exit

interface 0/3

vlan participation include 9

vlan tagging 9

exit

interface 0/4

vlan participation include 9

vlan tagging 9

exit

interface 0/5

vlan participation include 9

vlan tagging 9

exit

interface 0/6

vlan participation include 9

vlan tagging 9

exit

interface 0/7

vlan participation include 9

vlan tagging 9

exit


VLAN Solution 1

All traffic entering the ports is tagged traffic. Since the traffic is tagged, the PVID configuration for each port is not a concern.

VLAN Solution 2

The network card configuration for devices on Project A, B and C should be set to NOT tag traffic.

To take care of these untagged frames, configure the following:


Note - Refer to the release notes for the FASTPATH application level code. The release notes detail the platform specific functionality of the Switching, Routing, SNMP, Config, Management, and Bandwidth Provisioning packages. The suite of features supported by the FASTPATH packages are not available on all the platforms to which FASTPATH has been ported.

VLAN Routing

This section provides examples of VLAN Routing for RIP and OSPF.

RIP Configuration

This example in TABLE A-2 creates two router ports to run RIP 2.


TABLE A-2 VLAN RIP Configurations

Step

Example CLI Command

1. Create VLAN

Enter Privileged EXEC Mode from User Exec.

enable

 

Create VLAN. SC box only supports VLAN routing; router port has to join VLAN.

vlan database

vlan 10

vlan 20

exit

 

Physical Port IDs are 0/1 and 0/2; create PVID for ports.

configure

interface 0/1

vlan participation include 10

vlan tagging 10

vlan pvid 10

exit

interface 0/2

vlan participation include 20

vlan tagging 20

vlan pvid 20

exit

exit

2. Create IP VLAN routing

vlan database

routing 10

routing 20

exit

3. Enable the routing function for the virtual router

configure

ip routing

4. Configure Router ID (virtual)

router ospf

router-id 192.168.111.50

exit

 

5. Configure IP interface (virtual)

Assign IP to router port 4/1 and 4/2.

interface 4/1

ip address 9.1.1.1 255.0 0 0

exit

interface 4/2

ip address 192.168.111.1 255.255.255.0

exit

6. Enable OSPF protocol

router ospf

enable

exit

interface 4/1

ip ospf

exit

interface 4/2

ip ospf

exit


STP, RSTP and MSTP Configuration

The configuration commands shown in TABLE A-3 are the same for STP, RSTP and the basic part of MSTP. You must enable spanning-tree from both the global configuration level and the interface level.


TABLE A-3 STP, RSTP, and MSTP Configuration Example
STP, RSTP, and MSTP

enable

configure

spanning-tree

spanning-tree forceversion 802.1w //to force RSTP. Use 802.1s for // MSTP or 802.1d for STP

spanning-tree port mode all //to enable for ALL ports

exit

interface 0/4

spanning-tree port mode //to enable for just port 4

exit

 


Using VRRP

When an end station is statically configured with the address of the router that will handle its routed traffic, a single point of failure is introduced into the network. If the router goes down, the end station is unable to communicate. Since static configuration is a convenient way to assign router addresses, Virtual Router Redundancy Protocol (VRRP) was developed to provide a backup mechanism.

VRRP eliminates the single point of failure associated with static default routes by enabling a backup router to take over from a “master” router without affecting the end stations using the route. The end stations uses a “virtual” IP address that is recognized by the backup router if the master router fails. Participating routers use an election protocol to determine which router is the master router at any given time. A given port can appear as more than one virtual router to the network, also, more than one port on a FASTPATH software can be configured as a virtual router. Either a physical port or a routed VLAN can participate.

Setting Up VRRP on the Sun Netra CP3140

VRRP provides redundant gateways in an L3 routed network. If Sun Netra CP3140 board is used as an L2 only switch, there is no reason to use VRRP. If L3 routing is used, then VRRP can be used.

A Sun Netra CT 900 chassis can be equipped with maximum of two Sun Netra CP3140 boards. A user can configure the two Sun Netra CP3140 boards in each chassis as redundant gateways for the node boards in the same chassis, or the user can group multiple chassis into a layer 2 network and then use the Sun Netra CP3140 boards in one chassis as the redundant gateways for all the node boards in the group.

A user may not also configure Sun Netra CP3140 boards as redundant gateways, instead a pair or a set of external routers can be used to provide VRRP facility to a set of Sun Netra CT 900 chassis. In such configuration, Sun Netra CP3140 boards are used as L2 switches only.

The L2 requirements for a VRRP configuration involving Sun Netra CT 900 chassis are the following:

For example, if a Sun Netra CP3140 board is set up as router for a node board in the same Sun Netra CT 900 chassis and that Sun Netra CP3140 board fails, the node board can not reach any other network element via the interface connected to the failed Sun Netra CP3140 board. Even if there is a backup router set up using VRRP, it won’t be reachable via that interface. In such configuration, the only solution is to configure a bonding interface on top of the two base/fabric interfaces. With a bonding interface solution, the node can reach the backup router (that is, the other Sun Netra CP3140 board in the chassis) via the interface connected to the backup router.

A network involving multiple Sun Netra CT 900 chassis with redundant paths to the VRRP enabled Sun Netra CP3140s can have multiple broadcast loops. Therefore, it is important to configure the Spanning Tree Protocol on the Sun Netra CP3140 board in a loop.

Sun Netra CP3140 VRRP Configuration

In order to configure VRRP on a Sun Netra CP3140 board, a user might need to run all or some of the following commands:

1. To enable administrative mode of VRRP 


configure
ip vrrp

2. To create a virtual router ID on an interface: 


interface 0/20
ip vrrp 1

VRID 1 is created on 0/20. VRID value can range from 1 to 255.

3. To set the IP address of the virtual router: 


ip vrrp 1 ip 192.150.2.1

If this IP address is owned by the interface being configured, then that switch assumes the master role for that VRID. An interface owns the IP address that was configured using the ip address <ip-address> <netmask> command

4. To enable virtual router on an interface for a VRID: 


ip vrrp 1 mode

5. To set the priority of virtual router: 


ip vrrp 1 priority 253

This priority determines which backup takes over the master role when master router fails. Priority ranges from 1 to 254, 1 being the lowest.

VRRP CLI Configuration Examples

This section shows how to configure the FASTPATH software to support VRRP. In the example shown in FIGURE A-1, Router 1 will be the default master router for the virtual route, and Router 2 will be the backup router.


FIGURE A-1 VRRP Example Network Configuration

Example 1: Configuring VRRP on FASTPATH as a Master Router

1. Enable routing for the switch. IP forwarding is then enabled by default. 


config 
  ip routing 
exit

2. Configure the IP addresses and subnet masks for the port that will participate in the protocol. 


config 
  interface 0/2
  routing 
  ip address 192.150.2.1 255.255.255.0
exit

3. Enable VRRP for the switch. 


config 
  ip vrrp
exit

4. Assign virtual router IDs to the port that will participate in the protocol. 


config 
  interface 0/2
  ip vrrp 20

5. Specify the IP address that the virtual router function will recognize. Note that the virtual IP address on port 1/0/2 is the same as the port’s actual IP address, therefore this router will always be the VRRP master when it is active. And the priority default is 255. 


  ip vrrp 20 ip 192.150.2.1

6. Enable VRRP on the port. 


ip vrrp 20 mode
exit

Example 2: Configuring VRRP on FASTPATH as a Backup Router

1. Enable routing for the switch. IP forwarding is then enabled by default. 


config 
  ip routing 
exit

2. Configure the IP addresses and subnet masks for the port that will participate in the protocol. 


config 
  interface 0/4
  routing 
  ip address 192.150.4.1 255.255.255.0
exit

3. Enable VRRP for the switch. 


config 
  ip vrrp 20
exit

4. Assign virtual router IDs to the port that will participate in the protocol. 


config 
  interface 0/4
  ip vrrp 20

5. Specify the IP address that the virtual router function will recognize. Since the virtual IP address on port 1/0/4 is the same as Router 1’s port 1/0/2 actual IP address, this router will always be the VRRP backup when Router 1 is active. 


ip vrrp 20 ip 192.150.2.1

6. Set the priority for the port. The default priority is 100. 


ip vrrp 20 priority 254

7. Enable VRRP on the port. 


ip vrrp 20 mode
exit

 

 



Sun Netra CP3140 Switch Software Reference Manual 819-3774-15 Table Of ContentsPrevious ChapterNext ChapterBook Index

Copyright © 2009 Sun Microsystems, Inc. All rights reserved.