HPE Aruba Networking & ProVision-based
1839149 Members
2906 Online
110136 Solutions
New Discussion

Re: 5406R switch redundancy

 
Bijukiv
Advisor

5406R switch redundancy

Dear sir

I have 2 switch of HP 5406R zl2  both switch having

1. HP 24p 10/100/1000BASE-T Poe+ V3 zl2 mdule

2. SFP Transceiver

 

I want to make both the switch as redundancy

Please let me know the steps

 

Regards

Biju

29 REPLIES 29
parnassus
Honored Contributor

Re: 5406R switch redundancy

Your question is a little bit unclear.

What do you mean with the word redundancy once it is applied to a single Switch/Chassis?

Do you mean adding redundancy at Management Module level (called Nonstop Switching) within each HPE 5406R zl2 chassis you have or what else (Power Supply redundancy, always within the same chassis)?

If you mean adding redundancy at Management Module level within the same chassis you need to add an additional Management Module per chassis (so you end with an Active Management Module and a Standby Management Module): redundant Management Modules offer Nonstop switching and Hitless failover within the same Chassis.

This, it's clear, is valid only per-chassis not between them.

Start by reading the Chassis Redundancy (8200zl and 5400R Switches) page here and then follow next related pages.

AFAIK there is no other redundancy concept between these Switches (between Fabrics = between Chassis).

Eventually, there is a new technology called VSF (Virtual Switching Framework), very recently introduced, but that technology adds definitely other features (Two Physical Switches become a single Logical Switch) and it has little to do with Management Module redundancy. The VSF, if implemented, disables the Nonstop switching (if enabled).

Probably there are other (more or less complex) configurations with which you can try to avoid SPoF...like using proprietary IRF (Intelligent Resilient Framework) but, AFAIK, IRF is supported only by HPE FlexNetwork Switches family and not by the HPE/Aruba ProCurve one.


I'm not an HPE Employee
Kudos and Accepted Solution banner
Bijukiv
Advisor

Re: 5406R switch redundancy

Dear Sir

 

thanks for quick response

I am here by attached teh image of 2 switches for your reference. I want these 2 switches to be done in redundancy. In these 2 swtiches only 3 SFP will be connected for time being . so that if 1 switch fails other will be active. 

its like 2 switches will be load balancing If 1 switch is active other switch will be passive and vice versa

 

I hope this information is clear for a slotuion

Regards

Biju

Vince-Whirlwind
Honored Contributor

Re: 5406R switch redundancy

I've used a pair of 5412s for a redundant core setup.

I added VRRP to all VLAN interfaces.
I trunked the two switches together and added all VLANs.
I made the VRRP Owner the STP Root.
I made the VRRP Backup the STP 2nd choice.

parnassus
Honored Contributor

Re: 5406R switch redundancy

VRRP has nothing to do with the broader "core redundancy" concept...so saying that VRRP provides a "redundant core setup" is simply misleading.

Why it is?

Because VRRP is a protocol that provides redundancy to Default Gateway(s) within a LAN; VRRP allows you to provide alternate Default Gateway's paths for LAN's Hosts without changing the IP/MAC addresses by which those Hosts know their next-hop gateway.

So...considering the PO request in the light of what he posted (he didn't mention about any peer/edge Switch connected with Distributed Trunks) if:

  1. He configures VRRP as you told him,
  2. He simulates that a Switch of the pair (as example: the VRRP member 1, actually the VRRP Master) goes definitely down (K.O.),
  3. He has an Host (as example a Workstation) that is directly connected only to that Switch (no DT),

What is going to happen to that Host? ...there is no VRRP that can help it.

That Host on that Switch will be left out...despite the VRRP, despite both HPE 5400R zl2 Chassis are trunked togheter, despite the single HPE 5400R zl2 Chassis has Nonstop switching feature enabled (if equipped with the second Management Module).

If you want redudancy you need Hosts:

  • connected to another layer of peer Switch (or Switches), that additional layer is then connected with DT links to the ISC-Enabled core (in this way you are just moving down your SPoF at peer level):

HPE_ISC_plus_DT_with_DTs_against_peer_Switch_C.png

or

  • directly connected to the ISC-Enabled core with direct DT links (so you need Host/Servers equipped with dual port NIC with ports capable of Distributed Trunking):

HPE_ISC_plus_DT_with_three_DTs_against_three_Servers.png

or a mix of both.

In both cases you need ISC. Then you need DTs and, eventually, then you can add VRRP.

For Distributed Trunking (dt-lacp or dt-trunk) to work you must use ISC (InterSwitch Connection) between the two 5400R zl2 cores. It's a pre-requisite.

For Distributed Trunking and ISC there are a lot of others restrictions and requirements.


I'm not an HPE Employee
Kudos and Accepted Solution banner
Vince-Whirlwind
Honored Contributor

Re: 5406R switch redundancy

He seems to have written that he wants redundancy in case one switch fails. With only 3 SFPs connected, he says there are no workstations directly connected to them.

A "core" switch is a switch that does routing. VRRP provides redundancy at Layer3. VRRP and core redundancy are therefore mutually agreeable concepts that have everything to do with each other. (you must have been having a bad day - I didn't write anything misleading).
He hasn't indicated he is going to be doing any routing on these switches, so my VRRP example may or may not be relevant. It was a brief and factual response designed to elicit further information from him about his requirements.

parnassus
Honored Contributor

Re: 5406R switch redundancy

Sorry! was an hot day yesterday. I didn't mean to offend you.

The point is that a Core that has no other connections to any other device (so there is only just Switch 1 <--> Switch 2 and exactly nothing else) is a practical non sense, no matter if VRRP, ISC or DT were used or not (probably theoretically it could have a meaning but I ignored it)...so I supposed that if the OP asked (He asked two times, didn't him?) for an Active/Standby clustering-like Core with two 5400R zl2 then maybe he is going to use that clustered-Core to provide some sort of continuity to any Servers/Hosts and/or to any Edge/Access Switches (not indicate, you're right) connected to it.

It's like the OP is asking for a "load balancing"/"redudancy" to nowhere...

Yes, I just supposed that and I build up a picture a little bit more complex than required but I did that to show the OP that things (if he really need to implement that) aren't simple as his request.

Sorry again.


I'm not an HPE Employee
Kudos and Accepted Solution banner
Bijukiv
Advisor

Re: 5406R switch redundancy

HI

 

Sorry for the late reply

 

Its just confusing for me

 

I need just like load balancing. switch1  will be active and switch 2 will be passive. if switch 1 fails switch 2 will be active and switch 1 passive

 

now at present

3 fibre are connected to switch 1

same 3 fibre are connected to switch 2

stacking cable are connected from switch 1 to switch 2 in sfp port

For the above i need to do redudancy / load balancing

 

i hope these info is clear

Regardds

Biju

 

Bijukiv
Advisor

Re: 5406R switch redundancy

hi

 

Attached the image for the reference

 

I hope Its like VSF configuration 

 

I require r configuration steps if it is VSF or is there any other solutions

 

REgards

Biju

parnassus
Honored Contributor

Re: 5406R switch redundancy

Hello Biju,

I think we understood pretty well what you have.

IMHO, the point here is that you need to explore/read/understand by yourself any pertinent documentation about the features provided by Aruba 5400R zl2 so you can compare them with your specific requirements and decide what to do next.

Start by reading The Joy of Stacking here.

The Aruba VSF Configuration Guide is published here.

Also the ArubaOS-Switch Management and Configuration guide for K/KA/KB.16.01 has a good section (Chapter 19) about VSF. Read it.

Just study all the material you're able to find.

There is also a nice Video about VSF in which Justin Nooan (Technical Marketing Engineer at HPE) explains quite well what VSF is and how to configure it; that video is called "Improve network resiliency with VSF simplicity" and can be found here.

It's really up to you to understand if what you want is achievable (or not) with the systems and the knowledge you have now.

It's really up to you to understand if VSF is good enough (it has clear requirements and restrictions, pay attention) or if you need something different to setup, as written.

Good work and good luck Biju.

P.S.

It's not clear from the picture...but I think you're using the HP 12-port 10/100/1000BASE-T PoE+ / 12-port 1GbE SFP MACsec v3 zl2 Module (J9989A) for your uplinks between your 5406R zl2 Switches...if so...even if you just want to give VSF a try...you will not be able to...because VSF cannot be enabled on port(s) operating at other than 10G or 40G (you have SFP so limited to 1G ports) and, in any case, you can't mix different port speeds in the same VSF link: all ports of the VSF link must be either 10G or 40G (no 1G).


I'm not an HPE Employee
Kudos and Accepted Solution banner
Bijukiv
Advisor

Re: 5406R switch redundancy

hi

 

I tried the VSF and is not accepting.

I am attached the pic of my aruba switch setup

 

When the fibre of 1 switch is disconnected the fibre from the 2 switch should be active

 

there are 3 fibre connected to each aruba switch

we have connection coming from basement , ground floor and second floor (HP 2920 is used in each floor)

each floor has switch hp 2920. in these switch there are 2 fibre SFP port connected.

the oher end of 2 sfp port are connected to each aruba switch 5406R

The RJ45 cable are connected to the storage and servers

hope the setup is clear

Regards

Biju

 

parnassus
Honored Contributor

Re: 5406R switch redundancy

For VSF:

If your HPE/Aruba 5406R zl2 Switches are equipped with HP 12-port 10/100/1000BASE-T PoE+ / 12-port 1GbE SFP MACsec v3 zl2 Module (J9989A) modules and you're using those Module's SFP ports (aggregated or not, doesn't matter) to create the VSF you will not be able to do that...because VSF cannot be enabled on port(s) operating at other than 10G or 40G speed (You seem to have SFP ports so you're limited to 1G Transceivers) and, in any case, you can't then mix different port speeds in the same VSF link: all ports of the VSF link must be either 10G or 40G (Again: no 1G).

You need SFP+ ports (so SFP+ modules and related Fiber Optic Transceivers or DACs) for 10G or 40G to start with VSF.

Mate, more clear than that it can't be.

P.S. a camera picture is just not as useful as a real Network Diagarm...but it doesn't matter.


I'm not an HPE Employee
Kudos and Accepted Solution banner
Bijukiv
Advisor

Re: 5406R switch redundancy

HI

 

Without VSF , is there any other way or solution to make the module redundancy

 

Regards

Biju

Bijukiv
Advisor

Re: 5406R switch redundancy

Hi

LCAP can be used in the fibre port for the redudancy ?

 

parnassus
Honored Contributor

Re: 5406R switch redundancy

Yes, it can.


I'm not an HPE Employee
Kudos and Accepted Solution banner
Bijukiv
Advisor

Re: 5406R switch redundancy

hi

Thanks for the response

 

Can i have the steps. or is there anywhite paper technical docments

 

Please provide

REgards

Biju

parnassus
Honored Contributor

Re: 5406R switch redundancy

There is plenty of good documentation on the HPE Support portal here: https://www.hpe.com/us/en/support.html (check it also in your mother tongue)

Then go to "HPE Servers, Storage and Networking", there you can look for your Product Number or Product Name (e.g. as simple as Aruba 5400R).

If you look for Aruba 5400R you will be forwarded to the product page where there are Manuals and then simply look for the HPE ArubaOS-Switch Management and Configuration Guide for K/KA/KB.xx.yy (where basically xx.yy is the Major Release your Switch is using...generally any recent guide is good enough for learning about general features, Port Trunking is a general feature).

On the HPE ArubaOS-Switch Management and Configuration Guide for K/KA/KB.16.02 there is a specific Chapter about "Port trunking" with plenty of information about LACP too: this Chapter is the number 5.

Here the link to ease your efforts: HPE ArubaOS-Switch Management and Configuration Guide for K/KA/KB.16.02

It takes time and a great deal of curiosity but then you will be able to find what you're looking for (if you look for! because just asking doesn't mean to look for).


I'm not an HPE Employee
Kudos and Accepted Solution banner
Bijukiv
Advisor

Re: 5406R switch redundancy

hi 

Thanks for the information. I had looked into the documents

 

Here are a few steps which i had applied. I am not getting proper connectivinty

Switch A #

 

Switch_A(5406Rzl2)(config)#
Switch_A(5406Rzl2)(config)# show trunk

Load Balancing Method: L3-based (default)

Port | Name Type | Group Type
------ + -------------------------------- ---------- + ------ --------
1/B13 | 1000SX | Trk1 LACP
1/B15 | 1000SX | Trk1 LACP
1/B17 | 1000SX | Trk1 LACP
1/B23 | | Trk1 LACP


Switch_A(5406Rzl2)(config)#

Switch_A(5406Rzl2)(config)# show lACP

LACP

LACP Trunk Port LACP Admin Oper
Port Enabled Group Status Partner Status Key Key
----- ------- ------- ------- ------- ------- ------ ------
1/B13 Active Trk1 Up No Success 0 962
1/B15 Active Trk1 Up No Success 0 962
1/B17 Active Trk1 Up No Success 0 962
1/B23 Active Trk1 Down No Success 0 962


Switch_A(5406Rzl2)(config)#

 

witch_A(5406Rzl2)(config)# SHOW RUNning-config

Running configuration:

; J9850A Configuration Editor; Created on release #KB.16.01.0007
; Ver #0d:10.91.7c.59.f4.7b.ff.ff.fc.ff.ff.3f.ef:0a
hostname "Switch_A(5406Rzl2)"
module 1/A type j9986a
module 1/B type j9989a
vsf
enable domain 4
member 1
type "J9850A" mac-address 1c98ec-b1c000
priority 128
exit
exit
no rest-interface
trunk 1/B13,1/B15,1/B17,1/B23 trk1 lacp
ip default-gateway 192.168.132.1
snmp-server community "public" unrestricted
oobm
ip address dhcp-bootp
vsf member 1
ip address dhcp-bootp
exit
exit
vlan 1
name "DEFAULT_VLAN"
untagged 1/A1-1/A24,1/B1-1/B12,1/B14,1/B16,1/B18-1/B22,1/B24,Trk1
ip address 192.168.132.3 255.255.255.0
exit
spanning-tree Trk1 priority 4
no allow-v2-modules

Switch_A(5406Rzl2)(config)#

 

Switch B

Switch_B(5406Rzl2)(config)# show running-config

Running configuration:

; J9850A Configuration Editor; Created on release #KB.16.01.0007
; Ver #0d:10.91.7c.59.f4.7b.ff.ff.fc.ff.ff.3f.ef:0a
hostname "Switch_B(5406Rzl2)"
module A type j9986a
module B type j9989a
trunk B13,B15,B17,B23 trk1 lacp
snmp-server community "public" unrestricted
oobm
ip address dhcp-bootp
exit
vlan 1
name "DEFAULT_VLAN"
untagged A1-A24,B1-B12,B14,B16,B18-B22,B24,Trk1
no ip address
exit
spanning-tree Trk1 priority 4

Switch_B(5406Rzl2)(config)#

Switch_B(5406Rzl2)(config)# show trunk

Load Balancing Method: L3-based (default)

Port | Name Type | Group Type
------ + -------------------------------- ---------- + ------ --------
B13 | 1000SX | Trk1 LACP
B15 | 1000SX | Trk1 LACP
B17 | 1000SX | Trk1 LACP
B23 | | Trk1 LACP


Switch_B(5406Rzl2)(config)#
Switch_B(5406Rzl2)(config)# show lacp

LACP

LACP Trunk Port LACP Admin Oper
Port Enabled Group Status Partner Status Key Key
----- ------- ------- ------- ------- ------- ------ ------
B13 Active Trk1 Up No Success 0 962
B15 Active Trk1 Up No Success 0 962
B17 Active Trk1 Up No Success 0 962
B23 Active Trk1 Down No Success 0 962


Switch_B(5406Rzl2)(config)#

 

I request you to please look into it. and let me know is there any ore steps to be added

Regards

Biju

parnassus
Honored Contributor

Re: 5406R switch redundancy

Looks like you have some troubles on Port 1/B23 on both Switches.

Why the cable connected on Port 1/B23 is different from (SFP-SX LC) Fiber Optic Multi-Mode cables used on Ports 1/B13, 1/B15 and 1/B17?

On Ports 1/B13, 1/B15 and 1/B17 both your Switches recognize correctly the 1000Base-SX media...on Port 1/B23 nothing appear.

You can't use different Media Types to form a BAGG (LACP or No-Protocol, doesn't matter).

Have you read the documentation about Port Trunking and understood its restrictions?

Isn't strange for you?

Which SFP Transceiver is installed on Slot 1/B23?

Is it supported by HPE/Aruba?

Is it genuine?

What happens if you detach the black thick patch cable from Ports 1/B23 on both ends?

Provide the show interface transceivers and show tech transceivers commands results.


I'm not an HPE Employee
Kudos and Accepted Solution banner
Vince-Whirlwind
Honored Contributor

Re: 5406R switch redundancy

Do a "show vsf".

We need a network diagram.

parnassus
Honored Contributor

Re: 5406R switch redundancy

AFAIK the OP should have two identical Aruba 5406R zl2 interconnected using LAG made of 4 ports of the Module on slot B (B13, B15, B17 and B23)...and it seems it's all (nothing more in his scenario).

Modules on Slot B are J9989A on both units and so the OP uses just a part of last twelve ports (B13-B24) equipped with some - three - SFP Transceivers (1000Base-SX).

On a image provided before the OP connected for sure 3 Fiber Optic cables (LC/LC) between B13, B15 and B17 on both units but I can't recognize what type of cable he used on ports B23 (it looks like a DAC!).

Maybe this explains why the Trunk doesn't work (and so the VSF).

I agree, a show config and a show vsf would help too (also a good show tech all too).


I'm not an HPE Employee
Kudos and Accepted Solution banner
Bijukiv
Advisor

Re: 5406R switch redundancy

hi

B23 is used for SFP stacking cable. but the light is showing orange color. We had removed the stacking cable.

 

I ll provide the necessary information as said by you

i had reffered the documents. and also searched online for reference

Regards

Biju

parnassus
Honored Contributor

Re: 5406R switch redundancy


@Bijukiv wrote:

B23 is used for SFP stacking cable. but the light is showing orange color. We had removed the stacking cable.


It's good that you removed that cable.

What are you trying to achieve from your two 5406R zl2 Switches?

  • VSF ?
  • Port Trunking (LACP/No-Protocol, it doesn't matter)?

Pay attention that on HPE 5400R zl2 series (and 5400 zl series too) you can't do "front-plane stacking": you can do Port Trunking and, only since KB.16.01 version, you can implement VSF...so that cable was not as good as others three LC Fiber Optic cables...in any case...especially if you pretend to aggregate it to others three 1000Base-SX ports.

Pay attention to how you define the LAG used for VSF: VSF admits only (single/aggregated) SFP+ 10G ports or (single/aggregated) 40G ports. No 1G ports.

So it seems that you're trying to implement VSF using the J9989A Module ...you can't (I wrote that yet in one post above):

NO 10G/40G ports? then NO VSF, NO joy --> "A VSF link can only comprise ports with the same speed; either all 10G or all 40G"

If you're just trying to only interconnect your two Aruba 5406R zl2 Switches using Port Trunking with the usage of a LAG (as example three 1G SFP ports aggregated together) that is OK at least IF you don't pretend to add to the same LAG a different media type (probably the ports B23).

To summarize:

  1. VSF Links admits differnet media type as VSF Ports but the very important thing is that those VSF Ports should work at same speed (as example a 10G Fiber Optic port + a 10 Copper port can be aggregated together and used as VSF Ports to create the VSF Link, the important thing is that both ports work at the same 10Gbps). The complete list is: 10G Fiber Optic link, 10G DAC, 10G Copper, 40G DAC. No more, no less.
  2. VSF doesn't admit 1G links as VSF Ports. No 1Gbps link or 1G aggregated links.
  3. VSF admits the aggregation (it's an addition) of up to 8 VSF Ports that will form the VSF Link.
  4. To create the VSF Link you don't use Port Trunking, you simply add to the VSF Member the 10G or 40G links you need/want (honoring the rules written above).
  5. VSF can use LACP Trunks (with other ports involved) when you deploy a third LLDP-MAD compatible Switch (such as the Aruba 2920) as a MAD Device (it acts as Quorum device basically for the VSF cluster).
  6. Port Trunking - which is not VSF - requires that aggregated Ports work at same speed, belong to same media type and usa the same mode (Full Duplex generally).

I'm not an HPE Employee
Kudos and Accepted Solution banner
Bijukiv
Advisor

Re: 5406R switch redundancy

hi'

 

The VSF wont work here. I tried the VSF and i didnt remove the steps of VSF. thats the reason its showing the steps

Here acrually i am trying to do redudancy with SFP port of two switches, If one switch fails the other switch should be working

B23 of both switches are not included 

 

REgards

Biju

 

 

parnassus
Honored Contributor

Re: 5406R switch redundancy

OK, so you're just trying to do Port Trunking (using LACP) between the two units.

Once you fulfill all requirements and restrictions that Port Trunking requires you will be OK with that.

I still don't understand why you insist to (mis)use the word "redundacy" here.

If the Port Trunking (using LACP) will be up and running you will end up only with "redundant links" between the two units...that's good, but no more.

If a unit (no matter which one) will fail the other one will continue to serve its hosts and only its hosts, no more and no less.

At that point there will not be any "redundancy of operation" from the point of view of connected hosts because both units operate exactly as two standalone units not as a single virtual device.


I'm not an HPE Employee
Kudos and Accepted Solution banner