Wired Intelligent Edge

I could not find the document to configure Aruba 2930F to run VSF function. Just found only 5400R. Another thing if using VSF, will L2/L3 load balacing (without VRRP) in 2930F benefit?

 

Thanks.

Greetings!

 

VSF functionality was added to the 2930F in the WC.16.03 release; configuration instructions can be found in Chapter 30 of the Management and Configuration Guide for WC.16.03 (Page 598).

 

Load balancing across trunked links (e.g., a trunk distributed across a VSF fabric) is covered on page 139-140 of the same document; the switch supports load balancing based on L2/L3/L4 port information.

Hello,

I was wondering how to enable VSF ring topology on three switches while using the link 1 and link 2 command.

when i try on 2 or 4 switches i encounter no issue, while using three, the topology ends up in chain only topology. i must be missing something, any help will be appreciated.

Thanks Wizil

 

Three switches in a ring is certainly a supported and recommended VSF topology for the 2930F. 

 

To confirm your configuration, a 'show vsf topology' and 'show vsf link detail' will display each member and the ports it is expecting to peer on. This output will also show whether each switchport has been successfully in an UP state, or unsuccessful DOWN state. 

If all ports are showing up, the 'show vsf' command should display a VSF Topology of Ring, and state of Active.

 

Lastly, make sure you haven't provisioned another switch as a 4th member of the 3-member VSF, which will show a 'missing' status in the 'show vsf' output.

 

Let us know how you go. 

Thanks for the reply David,

Yep, i have seen that three switches in VSF are supported as ring topologie but i could not get there for some reason, i got only chain.

To get more precision, i would like to undestand what link 1 and link 2 refer to, what role they are playing. Is it an obligation to get link 1 against link 1 between two members ? or link 1 against link 2 would be considered as good ?

I am asking this question since in documentation the links always form 1 to 1 and 2 against 2. i am wondering why.   

Hey Wizil

 

No, the links do not need to match between members. Link 1 will happily connect to Link 2 when you manually configure the switches. If it's Auto-VSF, I have noticed it will use the same link number. We might need to whack something in the doco to make this clear. 

 

 

(admittidly) I only have two 2930F in my lab at the moment; I'll track down a third and test out auto-VSF with three switches in a ring topology to make sure it comes up without having to manually configure it. 

Hi David,

I am glad to annouce that the problem have been solved. I managed to manually cofigure the three switches topology under ring, since i am not a fan of automation. I actually compared the links to IRF logical ports since both solutions belong to the same house hold, after that, the solution made more sense. Effectively i would believe the doc should be adapted accordingly since we can easily think the VSF is configured by pair.

Thanks for your assistance.   

Great to hear. Lastly, adding a third member in a ring topology was as easy as provisioning the link ports in the existing 2 member VSF topology and adding my switch to the correct ports. 

 

Third switch automatically was added and my topology changed from a chain to a ring. The Link IDs, and shown below, do not need to match on both sides. 

 

I hope that helps.

 

Cheers

David Grocke

is it possible to have only 2 2930F switches in a Ring Topology or will it only work if you have up to 3?

There's no ring topology in connecting 2 swiches. You can use 2 or more ports in each switch to form VSF. When connecting 2 switches, called chain topology (see diagram).

hi all,

 

i am configuring the aruba 2930f switches vsf.

 

i am having problem while switch stacking.

 

if anyone have vsf switch configuration pls share.

 

regards,

MM

This is the easiest way (2 switches).

The 1st switch:
(config)#vsf member 1 link 51, 52
(config)#vsf member 1 priority 199
(config)#vsf enable domain 99

After rebooting, have to connect between them and config the 2nd switch with this command:
(config)#erase startup-config

 

Note:firmware must be the same version when forming VSF clustering.

 

Hello,

 

Here is the complete and tested configuration with "MAD-VLAN" of three member VSF for Aruba 2930F Switches.

 

2930F-740W-VSF(config)# show running-config 

Running configuration:

; hpStack_WC Configuration Editor; Created on release #WC.16.06.0006
; Ver #13:4f.f8.1c.9b.3f.bf.bb.ef.7c.59.fc.6b.fb.9f.fc.ff.ff.37.ef:05
hostname "2930F-740W-VSF"
vsf
   enable domain 1
   member 1
      type "JL557A" mac-address ecebb8-d09380
      priority 255
      link 1 1/1-1/4
      link 1 name "Member1-2"
      link 2 1/5-1/8
      link 2 name "Member1-3"
      exit
   member 2
      type "JL557A" mac-address ecebb8-d07340
      priority 200
      link 1 2/1-2/4
      link 1 name "Member2-3"
      link 2 2/5-2/8
      link 2 name "Member2-1"
      exit
   member 3
      type "JL557A" mac-address ecebb8-d0b3c0
      priority 128
      link 1 3/1-3/4
      link 1 name "Member3-1"
      link 2 3/5-3/8
      link 2 name "Member3-2"
      exit
   vlan-mad 123
   port-speed 1g
   exit
timesync ntp
ntp unicast
ntp server 10.X.X.X iburst
ntp enable
time daylight-time-rule continental-us-and-canada
time timezone -480
ip default-gateway 10.X.X.X
snmp-server community "public" unrestricted
vlan 1
   name "DEFAULT_VLAN"
   no untagged 1/9,2/9,3/9
   untagged 1/10-1/52,2/10-2/52,3/10-3/52
   ip address 10.X.X.X 255.255.255.0
   exit
vlan 123
   name "MAD-VLAN"
   untagged 1/9,2/9,3/9
   no ip address
   exit
no tftp server
no autorun
no dhcp config-file-update
no dhcp image-file-update
no dhcp tr69-acs-url
password manager

Thank You,

I am setting up a 3 x 2930f switch stack and plan on using a configuration similar to the configurtion above but I have a couple questions.

1- Can I just use any cheap switch for the 4th switch used for MAD?

2- Do I need to setup the MAD vlan on the 4th switch if it is only used for this purpose?

3- If that 4th switch is turned off will the stack fail or would it simply not be able to prevent split brain since it is turned off?

4- If I use 8 x 1g port for VSF then my stack is load balanced automatically between all those ports?

Thanks

Hey the_sim

 

Three types of VSF MAD

• OOBM - 5400s only (no OOBM port on 2930Fs)
• LLDP - two memebers only
• VLAN - 2930F only as far as I remember, and it's stupidly simple as (I think) it just uses broadcasts to perform MAD.

So, can I use a generic switch to use VLAN MAD? Yes - I would recommend a dedicated VLAN that isn't present on other ports or for other purposes.

 

Do I need the MAD VLAN on the MAD switch? Well, you configure the 2930F ports as untagged so you can use any VLAN number you chose on the MAD switch --- but I would try to use the same untagged VLAN number if you can configure the switch. You can use an unmanaged switch so that should answer the question :)

 

If the MAD switch fails, nothing happens if the VSF is working other than MAD stops. MAD fails when VSF becomes disjoint. 

 

Load Balancing will happen by default over the VSF. It's interesting to note that with Aruba switches, front plane stacking, such as VSX and VSF uses shortest-path forwarding by default. This means that if there is an upstream / downstream LAG it will take this path first before using the load balancing hashing algorithm. the hashing algorithm kicks in if there is more than one uplink / downlink port on a single member VSF/VSX switch. The reason for shortest-path forwarding (I just made up that term - not sure what we call it inside Aruba) is it reduces the potential traffic across the VSF/VSX links as traffic will prefer the direct path, not the ISL path. This can play an important part in the design of VSF/VSX as you might not need 8 ports between your member switches - but it depends what your uplinks are and how much east-west traffic there is.

 

Configure MAD before you connect it, otherwise broadcast storms can occur.

 

switch(config)# vlan 999 name VLAN-MAD
switch(config)# vlan 999 untag 1/47,2/47,3/47,4/47,5/47
switch(config)# vsf vlan-mad 999

 

 

---

@DavidGrocke wrote: 

Load Balancing will happen by default over the VSF. It's interesting to note that with Aruba switches, front plane stacking, such as VSX and VSF uses shortest-path forwarding by default. This means that if there is an upstream / downstream LAG it will take this path first before using the load balancing hashing algorithm. the hashing algorithm kicks in if there is more than one uplink / downlink port on a single member VSF/VSX switch. The reason for shortest-path forwarding (I just made up that term - not sure what we call it inside Aruba) is it reduces the potential traffic across the VSF/VSX links as traffic will prefer the direct path, not the ISL path. This can play an important part in the design of VSF/VSX as you might not need 8 ports between your member switches - but it depends what your uplinks are and how much east-west traffic there is.

  

---

Reading this papragraph makes me question my setup. I have 3 x 2930f switches that I use as my core switches. I use the 4 SPF+ on each switches for 10G links to my storage and VMware hosts. I have 4 VLANs per switch, storage vlan, company a vlan, company b vlan and MAD vlan. Each switch has an SPF+ for storage, 2 for company a and 1 for company b. I use the majority of the 1G ports for VSF. 

Will this setup allow proper communication between switches through the VSF ports?

Would it be better for me to use LAG trunks between switches instead? 

 

Happy New Year!

 

Like with any plumbing, you need to work out your bottlenecks. Draw yourself a diagram and work out the traffic flows that you expect. Your solution sounds like it will work fine, and remember not to boil the ocean - just keep things simple. (I can't remember the support caveats of 1G port VSF - I nearly always use 10G, except for 8 port 2930Fs)

 

If you use LAGs between your switches rather than a stack, that makes redundancy trickier and I can't think achieves anything positive. Make it a stack, but consider both directions of your flows and the shortest-path decision of traffic sent on a 2930F VSF Stack.

 

If it was me I would hate to bottleneck my traffic on the VSF ISL, especially storage, as VSF state traffic will likely be prioritised over any storage traffic (I think), but you don't want to flood those links. If your VM host <-> storage traffic is 'active' on the same 2930F then you don't have to worry about that.

 

sir,

I have 2 2930F switches. Two firewall connected to two 2930F switches.I have to do VSF between 2930F switches or VRRP is best option.

and also I have to make cross connectivity between firewall and switches or Port channel from firewall to swithes is ok.

please confirm.

------------------------------
rajesh kumar
------------------------------

Original Message:
Sent: Feb 06, 2017 02:49 PM
From: Matthew Fern
Subject: VSF-config on 2930F and L2/L3 load balancing in VSF

Greetings!

 

VSF functionality was added to the 2930F in the WC.16.03 release; configuration instructions can be found in Chapter 30 of the Management and Configuration Guide for WC.16.03 (Page 598).

 

Load balancing across trunked links (e.g., a trunk distributed across a VSF fabric) is covered on page 139-140 of the same document; the switch supports load balancing based on L2/L3/L4 port information.

Hi Rajesh,

Open a new topic please...

------------------------------
PowerArubaSW : Powershell Module to use Aruba Switch API for Vlan, VlanPorts, LACP, LLDP...

PowerArubaCP: Powershell Module to use ClearPass API (create NAD, Guest...)

PowerArubaCX: Powershell Module to use ArubaCX API (get interface/vlan/ports info)..

ACEP / ACMX #107 / ACDX #1281
------------------------------

Original Message:
Sent: Dec 17, 2020 06:33 AM
From: rajesh kumar
Subject: VSF-config on 2930F and L2/L3 load balancing in VSF

sir,

I have 2 2930F switches. Two firewall connected to two 2930F switches.I have to do VSF between 2930F switches or VRRP is best option.

and also I have to make cross connectivity between firewall and switches or Port channel from firewall to swithes is ok.

please confirm.

------------------------------
rajesh kumar

Original Message:
Sent: Feb 06, 2017 02:49 PM
From: Matthew Fern
Subject: VSF-config on 2930F and L2/L3 load balancing in VSF

Greetings!

 

VSF functionality was added to the 2930F in the WC.16.03 release; configuration instructions can be found in Chapter 30 of the Management and Configuration Guide for WC.16.03 (Page 598).

 

Load balancing across trunked links (e.g., a trunk distributed across a VSF fabric) is covered on page 139-140 of the same document; the switch supports load balancing based on L2/L3/L4 port information.