Skip to Content.
Sympa Menu

rare-users - Re: [RARE-users] [freertr] LACP and VLAN usage configuration

Subject: RARE user and assistance email list

List archive

Re: [RARE-users] [freertr] LACP and VLAN usage configuration


Chronological Thread 
    < Chronological >      < Thread >
  • From: Xavier Jeannin <>
  • To: mc36 <>,
  • Subject: Re: [RARE-users] [freertr] LACP and VLAN usage configuration
  • Date: Mon, 24 Oct 2022 15:47:43 +0200
  • Dkim-filter: OpenDKIM Filter v2.10.3 zmtaauth02.partage.renater.fr 7CBF0A027E

Hi

Thank you for your help

I just come back and put the IP address on the bviX interface instead of Bund1.X

Find below the show bridge1
It seems the mac learning works

No the from Bund1.11 and now bvi1 - ping does not work
Would you like I put a IPv4 @ on sdn4.11?



thank you
Xavier

Le 24/10/2022 à 15:16, mc36 a écrit :
hi,
sad to hear that.. does the bundling alone work? i saw a .11 subinterface in your configs, does that one ping?
also, does the mac learning at least work? could you please share sho bri 1 from both boxes?
thanks,
cs


On 10/24/22 14:37, Xavier Jeannin wrote:
Hello Csaba,

I apply your example but it does not work.
I am pretty sure, it is a misconfiguration   :-(

I put the configuration of the 2 switch attached and few show commands below

Thank you
Xavier

DAV0101#show bundle 1
parameter   state
backup         0
selected     null
replicate   false
sequence     null
dejitter     0
reporter     0
dynamic       0

interface   state   quota   report   priority
sdn4             up         2000     0             0
sdn5             up         2000     0             0

DAV0101#show bundle 1
parameter   state
backup         0
selected     null
replicate   false
sequence     null
dejitter     0
reporter     0
dynamic       0

interface   state   quota   report   priority
sdn4             up         2000     0             0
sdn5             up         2000     0             0

DAV0101#show lacp neighbor
interface   system                                           port         state
sdn4             32768.0000.0000.1234.12345   32768.3   63
sdn5             32768.0000.0000.1234.12345   32768.1   63


DAV0001#show bundle 1
parameter   state
backup         0
selected     null
replicate   false
sequence     null
dejitter     0
reporter     0
dynamic       0

interface   state   quota   report   priority
sdn7             up         2000     0             0
sdn10           up         2000     0             0

DAV0001#show lacp neighbor
interface   system                                           port         state
sdn10           32768.0000.0000.4321.12345   32768.4   63
sdn7             32768.0000.0000.4321.12345   32768.2   63


Le 24/10/2022    13:07, mc36 a   crit  :
hi,
in general, bundles are created over physical interfaces and not subinterfaces...
so you have to bundle the sdns togeher, then configure the subinterface on top of the bundle interface...
much like this: http://sources.freertr.org/cfg/p4lang-rout018.tst
here you create a vlan 11 subinterface on top of sdn3 and sdn4...
br,
cs



On 10/24/22 12:11, Xavier Jeannin wrote:
Hello Csaba,

Thank     you for your email.
I want to collect our user traffic and put their traffic in a dedicated VLAN (then established the BGP peering between the RENATER bacbone PE and the client) - see picture below.

My understanding (I am certainly     wrong) is that I have to put the interface (sdnXX) in the bundle (not the sub interface) and it should be enough (see configuration attached).
But it does not work
I try also to put the sub-interface but no success.

Could you advice what type of configuration should I use for this use case?

The example available on http://docs.freertr.org/guides/reference/ are

conn-bundle01                           bundle of ethernet port
conn-bundle02                           bundle of serial port
conn-bundle03                           bundle of ethernet ports
conn-bundle04                           bundle of serial ports
conn-bundle05                           bundle over bridge
conn-bundle06                           bridge over bundle
conn-bundle07                           replicating bundle
conn-bundle08                           unreplicating bundle
conn-bundle09                           dejittering bundle
conn-bundle10                           loadbalancing bundle
conn-bundle11                           multichassis bundle
conn-bundle12                           backup bundle

Thank you
Regards
Xavier

Le 20/10/2022       10:03, mc36 a     crit   :
hi,
lacp is there:
you have to configure it per member interface with both the lacp knob and the bundle-group knob...
the first one is just the protocol sender and you can omit if you do "mode on" on the remote side...
so that latter is the interesting part in the fastpath, and it's heavily tested with the dataplanes...
br,
cs

On 10/20/22 09:58, wrote:
Hello

I allow myself to post again this request about LACP supporting trunk as if this would not be implemented, it will impact strongly our use case deployment.

Thank you
Regards
Xavier

Le 17/10/2022             18:23, Xavier Jeannin a         crit     :

Hello

I am still stuck with the creation of LACP handling a trunk.
In the meantime, I review my configuration and see that "bridge-group 2" was not declared in P4 server after correction same pb.
This really something that block this work.

Any suggestion ?

Regards
Xavier

Le 27/09/2022             10:37, Xavier Jeannin a         crit     :

Hello

I create a testbed on which (see picture attached):

     * the client is connected on a WEDGE (L2-PPN) at Layer 2 using Ethernet         or VLAN
     * The WEDGE (L2PPN) should be connected to our backbone thanks to a bond of interfaces (LACP). The traffic on the LACP must be a VLAN trunk.

I see a strange behaviour and it is certainly due to how I configure it.

If I put the 2         vlans (11-12) on the all interfaces taking part on the LACP, it does not work.
If         I put the 1 vlan only on each interface of the taking part on the LACP, it         works. But in this case the traffic should not be well shared between the LACP links.

I suspect I implement this use case not appropriately (see configuration attached + picture). Any suggestion?

Regards
Xavier



-- 
Xavier JEANNIN
Network Dpt.
GN4-3 Network technology evolution (WP6 T1) task leader
T     l. : +33 1 5394 2042
Mob. : +33 6 3017 0963
www.renater.fr
-- 
Xavier JEANNIN
Network Dpt.
GN4-3 Network technology evolution (WP6 T1) task leader
T     l. : +33 1 5394 2042
Mob. : +33 6 3017 0963
www.renater.fr

-- 
Xavier JEANNIN
Network Dpt.
GN4-3 Network technology evolution (WP6 T1) task leader
T     l. : +33 1 5394 2042
Mob. : +33 6 3017 0963
www.renater.fr

_._,_._,_
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Groups.io Links:

You receive all messages sent to this group.

View/Reply Online (#768) <https://groups.io/g/freertr/message/768> | Reply To Group | Reply To Sender | Mute This Topic <https://groups.io/mt/93945667/6006518> | New Topic <https://groups.io/g/freertr/post>
Your Subscription <https://groups.io/g/freertr/editsub/6006518> | Contact Group Owner | Unsubscribe <https://groups.io/g/freertr/unsub> []

_._,_._,_
From - Fri Oct 21 08:43:28 2022
X-Mozilla-Status: 0001
X-Mozilla-Status2: 00000000
Return-Path:
Received: from zmtain01.partage.renater.fr (LHLO
zmtain01.partage.renater.fr) (194.254.240.20) by
zstore-b1-018.partage.renater.fr with LMTP; Fri, 21 Oct 2022 06:02:16

-- 
Xavier JEANNIN
Network Dpt.
GN4-3 Network technology evolution (WP6 T1) task leader
T   l. : +33 1 5394 2042
Mob. : +33 6 3017 0963
www.renater.fr 

-- 
Xavier JEANNIN
Network Dpt.
GN4-3 Network technology evolution (WP6 T1) task leader
Tél. : +33 1 5394 2042
Mob. : +33 6 3017 0963
www.renater.fr
DAV0101#show running-config hide
hostname DAV0101
buggy
!
logging buffered debug 8192
logging file debug zzz.log
logging rotate 65536000 zzz.old
!
crypto rsakey rsa import $w10$<removed>$
!
crypto dsakey dsa import $w10$<removed>$
!
crypto ecdsakey ecdsa import $w10$<removed>$
!
aaa userlist usr
username rare
username rare password $w10$<removed>$
exit
!
scheduler errors
time 600000
delay 30000
command clear errors
start
exit
!
scheduler upgrade
time 600000
delay 60000
random-time 60000
random-delay 300000
command flash upgrade
start
exit
!
object-group network host4
sequence 10 10.255.255.0 255.255.255.0
exit
!
object-group network host6
sequence 10 2001:db8:ffff:ffff:: ffff:ffff:ffff:ffff::
exit
!
object-group network lloc4
sequence 10 169.254.0.0 255.255.0.0
exit
!
object-group network lloc6
sequence 10 fe80:: ffff::
exit
!
object-group network mcast4
sequence 10 224.0.0.0 255.255.0.0
exit
!
object-group network mcast6
sequence 10 ff00:: ff00::
exit
!
access-list nat4
sequence 10 deny all obj lloc4 all any all
sequence 20 deny all any all obj mcast4 all
sequence 30 deny all obj host4 all obj host4 all
sequence 40 permit all obj host4 all any all
exit
!
access-list nat6
sequence 10 deny all obj lloc6 all any all
sequence 20 deny all any all obj mcast6 all
sequence 30 deny all obj host6 all obj host6 all
sequence 40 permit all obj host6 all any all
exit
!
access-list test4
sequence 10 permit all any all 3.3.3.3 255.255.255.255 all
exit
!
prefix-list all4
sequence 10 permit 0.0.0.0/0 ge 0 le 0
exit
!
prefix-list all6
sequence 10 permit ::/0 ge 0 le 0
exit
!
bundle 1
exit
!
bridge 1
mac-learn
exit
!
bridge 2
mac-learn
exit
!
vrf definition inet
exit
!
vrf definition oob
exit
!
vrf definition p4
exit
!
vrf definition pr_vrf
exit
!
router ospf4 1
vrf inet
router-id 10.1.3.3
traffeng-id 0.0.0.0
area 0 enable
exit
!
router ospf6 1
vrf inet
router-id 10.1.3.3
traffeng-id ::
area 0 enable
exit
!
interface loopback0
vrf forwarding inet
ipv4 address 10.1.3.3 255.255.255.255
router ospf4 1 enable
router ospf4 1 area 0
router ospf4 1 passive
no shutdown
no log-link-change
exit
!
interface loopback1
vrf forwarding inet
ipv4 address 2.2.2.3 255.255.255.255
ipv6 address 4321::3 ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff
router ospf4 1 enable
router ospf4 1 area 0
router ospf4 1 passive
router ospf6 1 enable
router ospf6 1 area 0
router ospf6 1 passive
no shutdown
no log-link-change
exit
!
interface loopback3333
vrf forwarding inet
ipv4 address 3.3.3.3 255.255.255.255
no shutdown
no log-link-change
exit
!
interface bundle1
description "Bundle to PPN"
no shutdown
no log-link-change
exit
!
interface bundle1.11
bridge-group 1
no shutdown
no log-link-change
exit
!
interface bundle1.12
bridge-group 2
no shutdown
no log-link-change
exit
!
interface bvi1
vrf forwarding inet
ipv4 address 11.11.11.101 255.255.255.0
no shutdown
no log-link-change
exit
!
interface bvi2
vrf forwarding inet
ipv4 address 12.12.12.101 255.255.255.0
no shutdown
no log-link-change
exit
!
interface ethernet0
description p4 cpu port
no shutdown
no log-link-change
exit
!
interface sdn1
mtu 1500
macaddr 0028.7866.2c41
lldp enable
vrf forwarding inet
ipv4 address 10.1.34.3 255.255.255.0
shutdown
no log-link-change
exit
!
interface sdn2
mtu 1500
macaddr 0040.572f.3c09
lldp enable
vrf forwarding inet
ipv4 address 10.2.34.3 255.255.255.0
shutdown
no log-link-change
exit
!
interface sdn3
mtu 1500
macaddr 0009.1275.1e69
lldp enable
vrf forwarding inet
ipv4 address 10.3.34.3 255.255.255.0
shutdown
no log-link-change
exit
!
interface sdn4
mtu 1500
macaddr 004f.3b5b.5353
lldp enable
lacp 0000.0000.4321 12345 4
bundle-group 1
vrf forwarding inet
no shutdown
no log-link-change
exit
!
interface sdn4.11
bridge-group 1
no shutdown
no log-link-change
exit
!
interface sdn4.12
bridge-group 2
no shutdown
no log-link-change
exit
!
interface sdn5
mtu 1500
macaddr 0060.1a21.1d27
lldp enable
lacp 0000.0000.4321 12345 2
bundle-group 1
no shutdown
no log-link-change
exit
!
interface sdn5.11
bridge-group 1
no shutdown
no log-link-change
exit
!
interface sdn5.12
bridge-group 2
no shutdown
no log-link-change
exit
!
interface sdn6
mtu 1500
macaddr 0061.4870.5670
lldp enable
vrf forwarding inet
ipv4 address 10.6.34.3 255.255.255.0
shutdown
no log-link-change
exit
!
interface sdn7
mtu 1500
macaddr 0067.2724.3157
lldp enable
vrf forwarding inet
ipv4 address 10.7.34.3 255.255.255.0
shutdown
no log-link-change
exit
!
proxy-profile inet
vrf inet
exit
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
sensor ifaces-hw
path interfaces-hw/interface/counter
prefix freertr-ifaces
prepend iface_hw_byte_
command sho inter hwsumm
name 0 ifc=
key name interfaces-hw/interface
replace \. _
column 1 name st
column 1 replace admin -1
column 1 replace down 0
column 1 replace up 1
column 2 name tx
column 3 name rx
column 4 name dr
exit
!
sensor ifaces-sw
path interfaces-sw/interface/counter
prefix freertr-ifaces
prepend iface_sw_byte_
command sho inter swsumm
name 0 ifc=
key name interfaces-sw/interface
replace \. _
column 1 name st
column 1 replace admin -1
column 1 replace down 0
column 1 replace up 1
column 2 name tx
column 3 name rx
column 4 name dr
exit
!
alias test bash command attach shell1 socat - exec:bash,ctty,pty,stderr
alias test bash description get linux shell
!
server telnet inet
security protocol telnet
security authentication usr
exec logging
no exec authorization
login authentication usr
login logging
interface loopback3333
vrf inet
exit
!
server telnet oob
security authentication usr
security rsakey rsa
security dsakey dsa
security ecdsakey ecdsa
second-port 22
exec logging
no exec authorization
login authentication usr
login logging
vrf oob
exit
!
server telnet p4
security protocol telnet
no exec authorization
no login authentication
vrf p4
exit
!
server telnet tel
security rsakey rsa
security dsakey dsa
security ecdsakey ecdsa
access-log
access-rate 5 5000
access-total 5
access-peer 5
protocol ipv4 tcp
second-port 22
exec logging
no exec authorization
no login authentication
login logging
login last global
vrf inet
exit
!
server p4lang p4
export-vrf inet
export-vrf oob
export-bridge 1
export-bridge 2
export-port sdn1 0 1 0 0 0
export-port sdn2 1 1 0 0 0
export-port sdn3 2 1 0 0 0
export-port sdn4 3 10 0 0 0
export-port sdn5 4 10 0 0 0
export-port sdn6 5 1 0 0 0
export-port sdn7 6 1 0 0 0
export-port bundle1 dynamic 0 0 0 0
export-port bvi1 dynamic 0 0 0 0
interconnect ethernet0
vrf p4
exit
!
server dns ns
recursion enable
vrf inet
exit
!
server prometheus pr
sensor ifaces-hw
sensor ifaces-sw
interface bvi1
vrf inet
exit
!
client proxy inet
client name-server 193.49.159.2
client upgrade-server http://upgrade.nop.hu/
client upgrade-backup
client config-backup
client time-server europe.pool.ntp.org
client time-zone CET
!
end
DAV0001#show running-config hide
hostname DAV0001
buggy
!
logging buffered debug 10240
logging file debug /var/log/freertr.log
logging rotate 655360000 /var/log/freertr.old
!
crypto rsakey rsa import $w10$<removed>$
!
crypto dsakey dsa import $w10$<removed>$
!
crypto ecdsakey ecdsa import $w10$<removed>$
!
aaa userlist usr
username rare
exit
!
scheduler errors
time 600000
delay 30000
command clear errors
start
exit
!
access-list test1
exit
!
prefix-list all4
sequence 10 permit 0.0.0.0/0 ge 0 le 0
exit
!
prefix-list all6
sequence 10 permit ::/0 ge 0 le 0
exit
!
bundle 1
exit
!
bridge 1
mac-learn
exit
!
bridge 2
mac-learn
exit
!
vrf definition inet
exit
!
vrf definition lin
exit
!
vrf definition oob
exit
!
vrf definition p4
description P4 VRF _NEVER_EVER_ CONFIGURE IT
exit
!
interface bundle1
description "Bundle to RENATER"
no shutdown
no log-link-change
exit
!
interface bundle1.11
bridge-group 1
no shutdown
no log-link-change
exit
!
interface bundle1.12
bridge-group 2
no shutdown
no log-link-change
exit
!
interface bvi1
vrf forwarding inet
ipv4 address 11.11.11.1 255.255.255.0
no shutdown
no log-link-change
exit
!
interface bvi2
vrf forwarding inet
ipv4 address 12.12.12.1 255.255.255.0
no shutdown
no log-link-change
exit
!
interface ethernet0
description CPU_PORT _NEVER_EVER_ CONFIGURE IT
no shutdown
no log-link-change
exit
!
interface ethernet1
description out of band management port
vrf forwarding oob
ipv4 address dynamic dynamic
ipv4 gateway-prefix all4
ipv4 dhcp-client enable
ipv4 dhcp-client early
ipv6 address dynamic dynamic
ipv6 gateway-prefix all6
ipv6 slaac-client enable
ipv6 prefix-suppress
no shutdown
no log-link-change
exit
!
interface ethernet2
description linux tuntap management interface
vrf forwarding lin
ipv4 address 10.255.255.254 255.255.255.0
no shutdown
no log-link-change
exit
!
interface sdn10
description frontpanel port 10/0
mtu 1500
macaddr 0031.755e.0363
monitor-session ethernet2
lldp enable
lacp 0000.0000.1234 12345 3
bundle-group 1
no shutdown
no log-link-change
exit
!
interface sdn10.11
bridge-group 1
no shutdown
no log-link-change
exit
!
interface sdn10.12
bridge-group 2
no shutdown
no log-link-change
exit
!
interface sdn15
description frontpanel port 15/0
mtu 1500
bandwidth 10000000
macaddr 0056.2158.6249
lldp enable
vrf forwarding inet
no shutdown
log-link-change
exit
!
interface sdn15.11
bridge-group 1
no shutdown
no log-link-change
exit
!
interface sdn7
description frontpanel port 7/0
mtu 1500
macaddr 0040.784a.0b38
lldp enable
lacp 0000.0000.1234 12345 1
bundle-group 1
no shutdown
log-link-change
exit
!
interface sdn7.11
bridge-group 1
no shutdown
no log-link-change
exit
!
interface sdn7.12
bridge-group 2
no shutdown
no log-link-change
exit
!
proxy-profile oob
vrf oob
exit
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
sensor ifaces-hw
path interfaces-hw/interface/counter
prefix freertr-ifaces
prepend iface_hw_byte_
command sho inter hwsumm
name 0 ifc=
key name interfaces-hw/interface
replace \. _
column 1 name st
column 1 replace admin -1
column 1 replace down 0
column 1 replace up 1
column 2 name tx
column 3 name rx
column 4 name dr
exit
!
sensor ifaces-sw
path interfaces-sw/interface/counter
prefix freertr-ifaces
prepend iface_sw_byte_
command sho inter swsumm
name 0 ifc=
key name interfaces-sw/interface
replace \. _
column 1 name st
column 1 replace admin -1
column 1 replace down 0
column 1 replace up 1
column 2 name tx
column 3 name rx
column 4 name dr
exit
!
!
!
!
!
!
!
!
!
!
!
alias exec tna-set-profile sticky-param RENATER_PEERING_L2
!
!
!
!
!
!
!
!
!
!
server telnet oob
security authentication usr
security rsakey rsa
security dsakey dsa
security ecdsakey ecdsa
second-port 22
exec logging
no exec authorization
login authentication usr
login logging
vrf oob
exit
!
server telnet p4
security protocol telnet
exec logging
no exec authorization
no login authentication
login logging
vrf p4
exit
!
server p4lang p4
export-vrf inet
export-bridge 1
export-bridge 2
export-port sdn15 12 10 0 0 0
export-port sdn10 52 10 0 0 0
export-port sdn7 176 10 0 0 0
export-port bundle1 dynamic 0 0 0 0
export-port bvi1 dynamic 0 0 0 0
interconnect ethernet0
vrf p4
exit
!
server prometheus pr
sensor ifaces-hw
sensor ifaces-sw
interface bvi1
vrf inet
exit
!
client proxy oob
client name-server 1.1.1.1
client time-server europe.pool.ntp.org
client time-zone CET
!
end

Archive powered by MHonArc 2.6.19.

Top of Page