Subject: RARE user and assistance email list
List archive
- From: Xavier Jeannin <>
- To: "" <>
- Subject: [RARE-users] LACP and VLAN usage configuration
- Date: Tue, 27 Sep 2022 10:37:10 +0200
- Dkim-filter: OpenDKIM Filter v2.10.3 zmtaauth04.partage.renater.fr E48AF1C06EF
Hello
I create a testbed on which (see picture attached):
- the client is connected on a WEDGE (L2-PPN) at Layer 2 using Ethernet or VLAN
- The WEDGE (L2PPN) should be connected to our backbone thanks to a bond of interfaces (LACP). The traffic on the LACP must be a VLAN trunk.
I see a strange behaviour and it is certainly due to how I configure it.
If I put the 2 vlans (11-12) on the all interfaces taking part
on the LACP, it does not work.
If I put the 1 vlan only on each interface of the taking part on
the LACP, it works. But in this case the traffic should not be
well shared between the LACP links.
I suspect I implement this use case not appropriately (see configuration attached + picture). Any suggestion?
Regards
Xavier
-- Xavier JEANNIN Network Dpt. GN4-3 Network technology evolution (WP6 T1) task leader Tél. : +33 1 5394 2042 Mob. : +33 6 3017 0963 www.renater.fr
DAV0101#show running-config hide
hostname DAV0101
buggy
!
logging buffered debug 8192
logging file debug zzz.log
logging rotate 65536000 zzz.old
!
crypto rsakey rsa import $w10$<removed>$
!
crypto dsakey dsa import $w10$<removed>$
!
crypto ecdsakey ecdsa import $w10$<removed>$
!
aaa userlist usr
username rare
username rare password $w10$<removed>$
exit
!
scheduler errors
time 600000
delay 30000
command clear errors
start
exit
!
scheduler upgrade
time 600000
delay 60000
random-time 60000
random-delay 300000
command flash upgrade
start
exit
!
object-group network host4
sequence 10 10.255.255.0 255.255.255.0
exit
!
object-group network host6
sequence 10 2001:db8:ffff:ffff:: ffff:ffff:ffff:ffff::
exit
!
object-group network lloc4
sequence 10 169.254.0.0 255.255.0.0
exit
!
object-group network lloc6
sequence 10 fe80:: ffff::
exit
!
object-group network mcast4
sequence 10 224.0.0.0 255.255.0.0
exit
!
object-group network mcast6
sequence 10 ff00:: ff00::
exit
!
access-list nat4
sequence 10 deny all obj lloc4 all any all
sequence 20 deny all any all obj mcast4 all
sequence 30 deny all obj host4 all obj host4 all
sequence 40 permit all obj host4 all any all
exit
!
access-list nat6
sequence 10 deny all obj lloc6 all any all
sequence 20 deny all any all obj mcast6 all
sequence 30 deny all obj host6 all obj host6 all
sequence 40 permit all obj host6 all any all
exit
!
access-list test4
sequence 10 permit all any all 3.3.3.3 255.255.255.255 all
exit
!
prefix-list all4
sequence 10 permit 0.0.0.0/0 ge 0 le 0
exit
!
prefix-list all6
sequence 10 permit ::/0 ge 0 le 0
exit
!
bridge 1
mac-learn
exit
!
bridge 2
mac-learn
exit
!
vrf definition inet
exit
!
vrf definition oob
exit
!
vrf definition p4
exit
!
router ospf4 1
vrf inet
router-id 10.1.3.3
traffeng-id 0.0.0.0
area 0 enable
exit
!
router ospf6 1
vrf inet
router-id 10.1.3.3
traffeng-id ::
area 0 enable
exit
!
interface loopback0
vrf forwarding inet
ipv4 address 10.1.3.3 255.255.255.255
router ospf4 1 enable
router ospf4 1 area 0
router ospf4 1 passive
no shutdown
no log-link-change
exit
!
interface loopback1
vrf forwarding inet
ipv4 address 2.2.2.3 255.255.255.255
ipv6 address 4321::3 ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff
router ospf4 1 enable
router ospf4 1 area 0
router ospf4 1 passive
router ospf6 1 enable
router ospf6 1 area 0
router ospf6 1 passive
no shutdown
no log-link-change
exit
!
interface loopback3333
vrf forwarding inet
ipv4 address 3.3.3.3 255.255.255.255
no shutdown
no log-link-change
exit
!
interface bvi1
vrf forwarding inet
ipv4 address 11.11.11.101 255.255.255.0
no shutdown
no log-link-change
exit
!
interface bvi2
vrf forwarding inet
ipv4 address 12.12.12.101 255.255.255.0
no shutdown
no log-link-change
exit
!
interface ethernet0
description p4 cpu port
no shutdown
no log-link-change
exit
!
interface sdn1
mtu 1500
macaddr 0028.7866.2c41
lldp enable
vrf forwarding inet
ipv4 address 10.1.34.3 255.255.255.0
shutdown
no log-link-change
exit
!
interface sdn2
mtu 1500
macaddr 0040.572f.3c09
lldp enable
vrf forwarding inet
ipv4 address 10.2.34.3 255.255.255.0
shutdown
no log-link-change
exit
!
interface sdn3
mtu 1500
macaddr 0009.1275.1e69
lldp enable
vrf forwarding inet
ipv4 address 10.3.34.3 255.255.255.0
shutdown
no log-link-change
exit
!
interface sdn4
mtu 1500
macaddr 004f.3b5b.5353
lldp enable
lacp 0000.0000.4321 12345 4
vrf forwarding inet
no shutdown
no log-link-change
exit
!
interface sdn4.11
bridge-group 1
no shutdown
no log-link-change
exit
!
interface sdn4.12
bridge-group 2
no shutdown
no log-link-change
exit
!
interface sdn5
mtu 1500
macaddr 0060.1a21.1d27
lldp enable
lacp 0000.0000.4321 12345 2
no shutdown
no log-link-change
exit
!
interface sdn5.11
bridge-group 1
no shutdown
no log-link-change
exit
!
interface sdn5.12
bridge-group 2
no shutdown
no log-link-change
exit
!
interface sdn6
mtu 1500
macaddr 0061.4870.5670
lldp enable
vrf forwarding inet
ipv4 address 10.6.34.3 255.255.255.0
shutdown
no log-link-change
exit
!
interface sdn7
mtu 1500
macaddr 0067.2724.3157
lldp enable
vrf forwarding inet
ipv4 address 10.7.34.3 255.255.255.0
shutdown
no log-link-change
exit
!
proxy-profile inet
vrf inet
exit
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
alias test bash command attach shell1 socat - exec:bash,ctty,pty,stderr
alias test bash description get linux shell
!
server telnet inet
security protocol telnet
security authentication usr
exec logging
no exec authorization
login authentication usr
login logging
interface loopback3333
vrf inet
exit
!
server telnet oob
security authentication usr
security rsakey rsa
security dsakey dsa
security ecdsakey ecdsa
second-port 22
exec logging
no exec authorization
login authentication usr
login logging
vrf oob
exit
!
server telnet p4
security protocol telnet
no exec authorization
no login authentication
vrf p4
exit
!
server telnet tel
security rsakey rsa
security dsakey dsa
security ecdsakey ecdsa
access-log
access-rate 5 5000
access-total 5
access-peer 5
protocol ipv4 tcp
second-port 22
exec logging
no exec authorization
no login authentication
login logging
login last global
vrf inet
exit
!
server p4lang p4
export-vrf inet
export-vrf oob
export-bridge 1
export-port sdn1 0 1 0 0 0
export-port sdn2 1 1 0 0 0
export-port sdn3 2 1 0 0 0
export-port sdn4 3 10 0 0 0
export-port sdn5 4 10 0 0 0
export-port sdn6 5 1 0 0 0
export-port sdn7 6 1 0 0 0
export-port bvi1 dynamic 0 0 0 0
interconnect ethernet0
vrf p4
exit
!
server dns ns
recursion enable
vrf inet
exit
!
client proxy inet
client name-server 193.49.159.2
client upgrade-server http://upgrade.nop.hu/
client upgrade-backup
client config-backup
client time-server europe.pool.ntp.org
client time-zone CET
!
end
DAV0001#show running-config hide
hostname DAV0001
buggy
!
logging buffered debug 10240
logging file debug /var/log/freertr.log
logging rotate 655360000 /var/log/freertr.old
!
crypto rsakey rsa import $w10$<removed>$
!
crypto dsakey dsa import $w10$<removed>$
!
crypto ecdsakey ecdsa import $w10$<removed>$
!
aaa userlist usr
username rare
username rare password $w10$<removed>$
exit
!
scheduler errors
time 600000
delay 30000
command clear errors
start
exit
!
access-list test1
exit
!
prefix-list all4
sequence 10 permit 0.0.0.0/0 ge 0 le 0
exit
!
prefix-list all6
sequence 10 permit ::/0 ge 0 le 0
exit
!
bridge 1
mac-learn
exit
!
bridge 2
mac-learn
exit
!
vrf definition inet
exit
!
vrf definition lin
exit
!
vrf definition oob
exit
!
vrf definition p4
description P4 VRF _NEVER_EVER_ CONFIGURE IT
exit
!
interface bvi1
description "DAV0001 BVI1 BRIDGE 1"
vrf forwarding inet
ipv4 address 11.11.11.1 255.255.255.0
no shutdown
no log-link-change
exit
!
interface bvi2
vrf forwarding inet
ipv4 address 12.12.12.1 255.255.255.0
no shutdown
no log-link-change
exit
!
interface ethernet0
description CPU_PORT _NEVER_EVER_ CONFIGURE IT
no shutdown
no log-link-change
exit
!
interface ethernet1
description out of band management port
vrf forwarding oob
ipv4 address dynamic dynamic
ipv4 gateway-prefix all4
ipv4 dhcp-client enable
ipv4 dhcp-client early
ipv6 address dynamic dynamic
ipv6 gateway-prefix all6
ipv6 slaac-client enable
ipv6 prefix-suppress
no shutdown
no log-link-change
exit
!
interface ethernet2
description linux tuntap management interface
vrf forwarding lin
ipv4 address 10.255.255.254 255.255.255.0
no shutdown
no log-link-change
exit
!
interface sdn10
description frontpanel port 10/0
mtu 1500
macaddr 0031.755e.0363
monitor-session ethernet2
lldp enable
lacp 0000.0000.1234 12345 3
no shutdown
no log-link-change
exit
!
interface sdn10.11
bridge-group 1
no shutdown
no log-link-change
exit
!
interface sdn10.12
bridge-group 2
no shutdown
no log-link-change
exit
!
interface sdn15
description frontpanel port 15/0
mtu 1500
bandwidth 10000000
macaddr 0056.2158.6249
lldp enable
vrf forwarding inet
no shutdown
log-link-change
exit
!
interface sdn15.11
bridge-group 1
no shutdown
no log-link-change
exit
!
interface sdn7
description frontpanel port 7/0
mtu 1500
macaddr 0040.784a.0b38
lldp enable
lacp 0000.0000.1234 12345 1
no shutdown
log-link-change
exit
!
interface sdn7.11
bridge-group 1
no shutdown
no log-link-change
exit
!
interface sdn7.12
bridge-group 2
no shutdown
no log-link-change
exit
!
proxy-profile oob
vrf oob
exit
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
alias exec tna-set-profile sticky-param RENATER_PEERING_L2
!
!
!
!
!
!
!
!
!
!
server telnet oob
security authentication usr
security rsakey rsa
security dsakey dsa
security ecdsakey ecdsa
second-port 22
exec logging
no exec authorization
login authentication usr
login logging
vrf oob
exit
!
server telnet p4
security protocol telnet
exec logging
no exec authorization
no login authentication
login logging
vrf p4
exit
!
server p4lang p4
export-vrf inet
export-bridge 1
export-bridge 2
export-port sdn15 12 10 0 0 0
export-port sdn10 52 10 0 0 0
export-port sdn7 176 10 0 0 0
export-port bvi1 dynamic 0 0 0 0
interconnect ethernet0
vrf p4
exit
!
client proxy oob
client name-server 1.1.1.1
client time-server europe.pool.ntp.org
client time-zone CET
!
end
- [RARE-users] LACP and VLAN usage configuration, Xavier Jeannin, 09/27/2022
Archive powered by MHonArc 2.6.19.