Nkhani ya switch imodzi

M'magulu athu amtaneti amderali tinali ndi mawotchi asanu ndi limodzi a Arista DCS-7050CX3-32S ndi ma switch a Brocade VDX 6940-36Q. Sikuti tinali olemedwa kwambiri ndi ma switch a Brocade pamanetiyi, amagwira ntchito ndikuchita ntchito zawo, koma tinali kukonzekera zochita zina zokha, ndipo tinalibe kuthekera uku pa masinthidwe awa. Ndinkafunanso kusintha kuchokera ku 40GE interfaces kuti ndigwiritse ntchito 100GE kuti ndipange malo osungirako zaka 2-3. Chifukwa chake tinaganiza zosintha Brocade kukhala Arista.

Ma switch awa ndi ma switch a LAN aggregation pa data center iliyonse. Zosintha zogawa (gawo lachiwiri la kuphatikizira) zimalumikizidwa mwachindunji kwa iwo, zomwe zimasonkhanitsa kale masiwichi amtundu wa Top-of-Rack m'malo okhala ndi maseva.

Seva iliyonse imalumikizidwa ndi masiwichi amodzi kapena awiri. Zosintha zolowera zimalumikizidwa ndi masiwichi ogawa (zosintha ziwiri zogawa ndi maulalo awiri akuthupi kuchokera pakusintha kolowera kupita ku masinthidwe osiyanasiyana ogawa amagwiritsidwa ntchito pakubwezeretsanso).

Seva iliyonse imatha kugwiritsidwa ntchito ndi kasitomala wake, kotero kasitomala amapatsidwa VLAN yosiyana. VLAN yomweyi imalembetsedwa pa seva ina ya kasitomala uyu muchoyika chilichonse. Deta ya data imakhala ndi mizere ingapo (PODs), mzere uliwonse wa ma racks uli ndi zosintha zake zogawa. Ndiye masiwichi ogawa awa amalumikizidwa ndi masiwichi ophatikiza.

Makasitomala amatha kuyitanitsa seva pamzere uliwonse; ndizosatheka kuneneratu pasadakhale kuti sevayo idzagawidwe kapena kuyikidwa pamzere wina wake pachimake, chifukwa chake pali pafupifupi ma VLAN a 2500 pazosinthira zophatikizira pamalo aliwonse a data.

Zida za DCI (Data-Center Interconnect) zimalumikizidwa ndi masiwichi ophatikiza. Itha kupangidwira kulumikizana kwa L2 (ma switch omwe amapanga ngalande ya VXLAN kupita kumalo ena a data) kapena kulumikizana kwa L3 (ma router awiri a MPLS).

Monga ndalembera kale, kugwirizanitsa njira zosinthira makonzedwe a mautumiki pazida mu data center imodzi, kunali koyenera kusintha masiwichi apakati. Tidayika masiwichi atsopano pafupi ndi omwe alipo, kuwaphatikiza kukhala gulu la MLAG ndikuyamba kukonzekera ntchito. Iwo adalumikizidwa nthawi yomweyo ndi masinthidwe ophatikizira omwe analipo, kotero kuti anali ndi madera wamba a L2 pama VLAN onse a kasitomala.

Tsatanetsatane wa dera

Kuti mudziwe zambiri, tiyeni titchule masiwichi akale ophatikiza A1 и A2, watsopano - N1 и N2. Tiyerekeze kuti mu POD1 и POD4 ma seva a kasitomala m'modzi amakhala C1, kasitomala VLAN akuwonetsedwa mu buluu. Makasitomalayu akugwiritsa ntchito kulumikizana kwa L2 ndi malo ena a data, kotero VLAN yake imadyetsedwa ndi ma switch a VXLAN.

Makasitomala C2 amasunga ma seva mu POD2 и POD3, Makasitomala a VLAN amatchulidwa mumdima wobiriwira. Wothandizira uyu amagwiritsanso ntchito ntchito yolumikizirana ndi malo ena a data, koma L3, kotero VLAN yake imadyetsedwa kwa ma routers a L3VPN.

Tikufuna ma VLAN a kasitomala kuti amvetsetse zomwe zimachitika m'malo mwake, komwe kusokoneza kulumikizana kumachitika, komanso nthawi yomwe ingakhale. The STP protocol si ntchito chiwembu ichi, popeza m'lifupi mtengo kwa izo mu nkhani iyi ndi lalikulu, ndi convergence wa protocol amakula exponentially ndi chiwerengero cha zipangizo ndi maulalo pakati pawo.

Zida zonse zolumikizidwa ndi maulalo awiri zimapanga stack, MLAG pair kapena VCS Ethernet nsalu. Kwa ma routers awiri a L3VPN, matekinoloje oterewa sagwiritsidwa ntchito, chifukwa palibe chifukwa cha L2 redundancy; ndizokwanira kuti ali ndi mgwirizano wa L2 wina ndi mzake kupyolera mu kusintha kwamagulu.

Zosankha pakukhazikitsa

Posanthula zosankha za zochitika zina, tidazindikira kuti pali njira zingapo zochitira ntchitoyi. Kuchokera pakupuma kwapadziko lonse pamaneti onse amderali, mpaka pang'ono pang'onopang'ono 1-2 masekondi m'magawo a netiweki.

Network, siyani! Kusintha, m'malo mwake!

Njira yosavuta ndiyo, kulengeza kutha kwa kulumikizana kwapadziko lonse pa ma POD onse ndi ntchito zonse za DCI ndikusintha maulalo onse kuchokera pama switch. А ku masiwichi N.

Kupatula kusokonezedwa, nthawi yomwe sitingathe kulosera modalirika (inde, tikudziwa kuchuluka kwa maulalo, koma sitikudziwa kangati chinthu chidzalakwika - kuchokera pa chingwe chosweka kapena cholumikizira chowonongeka kupita ku doko lolakwika kapena transceiver. ), sitingathe kuneneratu pasadakhale ngati kutalika kwa zingwe zachigamba, DAC, AOC, yolumikizidwa ndi masiwichi akale A, idzakhala yokwanira kuwafikitsa ku masiwichi atsopano N, ngakhale atayima pafupi nawo, komabe pang'ono mbali, komanso ngati ma transceivers omwewo adzagwira ntchito /DAC/AOC kuchokera ku Brocade switch to Arista switches.

Ndipo zonsezi pansi pa zovuta kwambiri kuchokera kwa makasitomala ndi chithandizo chaumisiri ("Natasha, dzuka! Natasha, chirichonse sichigwira ntchito pamenepo! Natasha, talembera kale ku chithandizo chaumisiri, moona mtima! Natasha, ataya kale chirichonse! ! Natasha, ndi angati omwe sitingagwire? Ngakhale kuti nthawi yopuma idalengezedwa kale ndi chidziwitso kwa makasitomala, kuchuluka kwa zopempha panthawi yotere kumatsimikizika.

Imani, 1-2-3-4!

Nanga bwanji ngati sitilengeza za kutha kwa dziko lonse, koma m'malo mwake zosokoneza zazing'ono za POD ndi DCI. Pa nthawi yopuma yoyamba, sinthani ku masiwichi N okha POD1, chachiwiri - m'masiku angapo - POD2, kenako masiku angapo POD3, Komanso POD 4…[N], ndiye VXLAN masiwichi ndiyeno L3VPN rauta.

Ndi bungwe ili la kusintha ntchito, timachepetsa zovuta za ntchito ya nthawi imodzi ndikuwonjezera nthawi yathu yothetsera mavuto ngati chinachake chalakwika mwadzidzidzi. POD 1 imakhalabe yolumikizidwa ndi ma POD ena ndi ma DCI mutatha kusintha. Koma ntchito yokhayo imakokera kwa nthawi yayitali; pa ntchito iyi mu data center, injiniya amafunika kuti asinthe, komanso panthawi ya ntchito (ndipo ntchito yotereyi ikuchitika, monga lamulo, usiku, kuyambira 2). mpaka 5 am), kukhalapo kwa injiniya wapaintaneti kumafunika paziyeneretso zapamwamba kwambiri. Koma timakhala ndi zosokoneza zazifupi; monga lamulo, ntchito imatha kuchitika mkati mwa theka la ola ndikupumula kwa mphindi 2 (zochita nthawi zambiri masekondi 20-30 ndi zomwe zikuyembekezeka pazida).

Mu chitsanzo kasitomala C1 kapena kasitomala C2 muyenera kuchenjeza za ntchito ndi kusokoneza kulankhulana osachepera katatu - nthawi yoyamba kugwira ntchito pa POD imodzi, momwe ma seva ake ali, kachiwiri - kachiwiri, ndi kachitatu - pamene. kusintha zida za ntchito za DCI.

Kusintha njira zolumikizirana zophatikizana

Chifukwa chiyani tikukamba za machitidwe omwe akuyembekezeka pazida, komanso momwe matchanelo ophatikizana angasinthidwe ndikuchepetsa kusokoneza kulumikizana? Tiyeni tiyerekeze chithunzi chotsatirachi:

Kumbali imodzi ya ulalo pali masiwichi ogawa a POD - D1 и D2, amapanga awiri a MLAG wina ndi mzake (stack, VCS fakitale, vPC pair), mbali inayo pali maulalo awiri - Lumikizani 1 и Lumikizani 2 - yophatikizidwa ndi ma MLAG awiri osinthira akale А. Kumbali yosinthira D mawonekedwe ophatikizika okhala ndi dzina Port-Channel A, pa mbali ya aggregation switches А - mawonekedwe ophatikizidwa ndi dzina Port-Channel D.

Kuphatikizika kophatikizana kumagwiritsa ntchito LACP pogwira ntchito, ndiye kuti, masiwichi mbali zonse ziwiri amasinthanitsa mapaketi a LACPDU pamaulalo onse awiri kuti atsimikizire kuti maulalo:

• ogwira ntchito;
• kuphatikizidwa mu zida ziwiri kumbali yakutali.

Posinthanitsa mapaketi, paketi imanyamula mtengo wake system-id, kusonyeza chipangizo chomwe maulalo awa akuphatikizidwa. Kwa awiri a MLAG (stack, fakitale, etc.), mtengo wa id pazida zomwe zimapanga mawonekedwe ophatikizana ndi ofanana. Sinthani D1 amatumiza ku Lumikizani 1 tanthauzo ndondomeko D, ndi kusintha D2 amatumiza ku Lumikizani 2 tanthauzo ndondomeko D.

Masinthidwe A1 и A2 santhula mapaketi a LACPDU omwe adalandilidwa pa mawonekedwe amodzi a Po D ndikuwona ngati id yomwe ilimo ikugwirizana. Ngati dongosolo-id yomwe idalandilidwa kudzera pa ulalo wina imasiyana mwadzidzidzi kuchokera pamtengo womwe ulipo, ndiye ulalowu umachotsedwa pazophatikizana mpaka zinthu zitakonzedwa. Tsopano ku mbali yathu yosinthira D mtengo wamakono wa id kuchokera kwa mnzake wa LACP - A, ndi mbali ya kusintha А - mtengo wamakono wa id kuchokera kwa mnzake wa LACP - D.

Ngati tikufuna kusintha mawonekedwe ophatikizika, titha kuchita m'njira ziwiri:

Njira 1 - Yosavuta
Zimitsani maulalo onse ku masiwichi A. Pamenepa, njira yophatikizika sikugwira ntchito.

Lumikizani maulalo onse amodzi ndi amodzi ku masiwichi N, ndiye magawo ogwiritsira ntchito LACP adzakambitsirananso ndipo mawonekedwe adzapangidwa PoD pa masiwichi N ndi kufalitsa zamtengo wapatali pa maulalo ndondomeko ndi N.

Njira 2 - Chepetsani kusokoneza
Lumikizani Link 2 kuchokera ku switch A2. Pa nthawi yomweyo, magalimoto pakati А и D adzapitiriza kufalitsidwa mosavuta pa umodzi wa maulalo, amene adzakhala mbali ya mawonekedwe aggregated.

Lumikizani Link 2 kuti musinthe N2. Pa kusintha N mawonekedwe ophatikizidwa akonzedwa kale Pa DN, ndi kusintha N2 idzayamba kutumiza ku LACPDU ndondomeko ndi N. Pakadali pano titha kuwona kale kuti kusinthaku N2 imagwira ntchito bwino ndi transceiver yomwe imagwiritsidwa ntchito Lumikizani 2, kuti cholumikizira chalowa m'boma Up, komanso kuti palibe zolakwika zomwe zimachitika padoko lolumikizira potumiza ma LACPDU.

Koma mfundo yakuti kusintha D2 kwa mawonekedwe ophatikizika Po A kuchokera kumbali Link 2 imalandira mtengo wa ID-N wosiyana ndi mtengo wamakono wa ID A, sichilola masiwichi D kuyambitsa Lumikizani 2 gawo la mawonekedwe ophatikizika Po A. Sinthani N sindingathe kulowa Lumikizani 2 ikugwira ntchito, chifukwa sichilandira chitsimikiziro cha operability kuchokera kwa mnzake wa LACP wa switch D2. Zotsatira zake zimakhala Lumikizani 2 osadutsa.

Ndipo tsopano tikuzimitsa Link 1 kuchokera ku switch A1, potero amalepheretsa ma switch А и D ntchito aggregate mawonekedwe. Ndiye ku mbali yosinthira D mtengo wamakono wogwiritsira ntchito-id ya mawonekedwe amasowa Po A.

Izi zimalola masiwichi D и N kuvomereza kusinthanitsa dongosolo-id AN pa zolumikizira Po A и Pa DN, kotero kuti magalimoto amayamba kufalikira pa ulalo Lumikizani 2. Kupuma mu nkhani iyi ndi, kuchita, mpaka 2 masekondi.

Ndipo tsopano titha kusintha mosavuta Link 1 kuti tisinthe N1, kubwezeretsa mphamvu ndi mlingo wa redundancy mawonekedwe Po A и Pa DN. Popeza pamene ulalowu ulumikizidwa, mtengo wa id wamakono sukusintha mbali zonse, palibe kusokoneza.

Maulalo owonjezera

Koma kusinthaku kumatha kuchitika popanda kukhalapo kwa injiniya panthawi yosinthira. Kuti tichite izi, tidzafunika kuyala maulalo owonjezera pakati pa masiwichi ogawa pasadakhale D ndi masiwichi atsopano ophatikiza N.

Tikuyika maulalo atsopano pakati pa masiwichi ophatikiza N ndi kusintha kogawa kwa ma POD onse. Izi zimafunika kuyitanitsa ndikuyika zingwe zowonjezera, ndikuyika ma transceivers owonjezera monga momwe zilili N, ndi D. Titha kuchita izi chifukwa mumasinthidwe athu D POD iliyonse ili ndi madoko aulere (kapena timawamasula). Zotsatira zake, POD iliyonse imalumikizidwa ndi maulalo awiri ku masiwichi akale A ndi ma switch atsopano N.

Pa kusintha D magawo awiri ophatikizana apangidwa - Po A ndi maulalo Lumikizani 1 и Lumikizani 2ndi Po N - ndi maulalo Zogwirizana ndi N1 и Zogwirizana ndi N2. Pakadali pano, timayang'ana kulumikizana kolondola kwa maulumikizidwe ndi maulalo, milingo ya ma siginecha owoneka pamapeto onse a maulalo (kudzera mu chidziwitso cha DDM kuchokera ku masinthidwe), titha kuyang'ananso momwe ulalowo ukuyendera kapena kuyang'anira mayiko a zizindikiro za kuwala ndi kutentha kwa transceiver kwa masiku angapo.

Magalimoto amatumizidwabe kudzera mu mawonekedwe Po A, ndi mawonekedwe Po N mtengo palibe magalimoto. Zokonda pa interfaces ndi izi:

Interface Port-channel A
Switchport mode trunk
Switchport allowed vlan C1, C2

Interface Port-channel N
Switchport mode trunk
Switchport allowed vlan none

D masinthidwe, monga lamulo, kusintha kwa kasinthidwe kogwirizana ndi gawo; Sinthani mitundu yomwe ili ndi ntchitoyi imagwiritsidwa ntchito. Chifukwa chake titha kusintha makonda a Po A ndi Po N mu sitepe imodzi:

Configure session
Interface Port-channel A
Switchport allowed vlan none
Interface Port-channel N
Switchport allowed vlan C1, C2
Commit

Ndiye kusintha kasinthidwe kudzachitika mofulumira mokwanira, ndipo yopuma adzakhala, pochita, kukhala zosaposa 5 masekondi.

Njirayi imatithandiza kumaliza ntchito yonse yokonzekera pasadakhale, kuchita zofufuza zonse zofunika, kugwirizanitsa ntchito ndi omwe akugwira nawo ntchito, kulosera mwatsatanetsatane zomwe zidzachitike popanga ntchito, popanda ndege zachidziwitso pamene "zonse zinalakwika. ,” ndipo muli ndi mapulani obwereranso ku kasinthidwe kakale. Kugwira ntchito molingana ndi dongosololi kumachitika ndi injiniya wamaneti popanda kukhalapo kwa injiniya wapa data pamalopo omwe amasinthiratu.

Chofunikiranso ndi njira iyi yosinthira ndikuti maulalo onse atsopano amayang'aniridwa kale. Zolakwa, kuphatikizidwa kwa maulalo mu unit, kutsitsa maulalo - zonse zofunika zili kale mu dongosolo loyang'anira, ndipo izi zajambulidwa kale pamapu.

Tsiku la D

POD

Tinasankha njira yochepetsera yopweteka kwambiri kwa makasitomala ndi omwe amakonda kwambiri "chinachake chalakwika" ndi maulalo owonjezera. Chifukwa chake tidasintha ma POD onse ku masinthidwe atsopano ophatikizira mausiku angapo.

Koma chomwe chatsala ndikusintha zida zomwe zimapereka ntchito za DCI.

L2

Pankhani ya zida zomwe zimapereka kulumikizana kwa L2, sitinathe kugwira ntchito yofananira ndi maulalo owonjezera. Pali zifukwa ziwiri zimene zimachititsa zimenezi:

• Kupanda madoko aulere a liwiro lofunikira pa ma switch a VXLAN.
• Kuperewera kwa kusintha kwa kasinthidwe kagawo pakusintha kwa VXLAN.

Sitinasinthire maulalo "imodzi panthawi" ndikupumula pokhapokha tikuvomerezana ndi gulu latsopano la id, popeza tinalibe chidaliro cha 100% kuti njirayi iyenda bwino, ndipo mayeso mu labotale adawonetsa kuti mu mlandu ngati "chinachake chikuyenda molakwika," timapezabe kusokonezeka kwa kugwirizana, ndipo choyipa kwambiri si kwa makasitomala omwe ali ndi L2 yolumikizana ndi malo ena a data, koma kawirikawiri kwa makasitomala onse a data center.

Tidachita ntchito zabodza pasadakhale pakusintha kuchokera kumayendedwe a L2, kotero kuchuluka kwamakasitomala omwe akhudzidwa ndi ntchito pa masinthidwe a VXLAN anali kale kangapo pasanathe chaka chapitacho. Zotsatira zake, tidaganiza zosokoneza kulumikizana kudzera pa intaneti ya L2, bola ngati tisungabe magwiridwe antchito amtaneti amderali pamalo amodzi a data. Kuphatikiza apo, SLA yautumikiwu imapereka mwayi wogwira ntchito zomwe zakonzedwa ndi zosokoneza.

L3

Chifukwa chiyani tidapangira kuti aliyense asinthe ku L3VPN pokonza ntchito za DCI? Chimodzi mwazifukwa ndikutha kugwira ntchito pa imodzi mwa ma routers omwe amapereka ntchitoyi, ndikungochepetsanso mulingo wa redundancy kukhala N + 0, popanda kusokoneza kulumikizana.

Tiyeni tione mwatsatanetsatane ndondomeko yopereka chithandizo. Muutumikiwu, gawo la L2 limachokera ku maseva a kasitomala kupita ku L3VPN Selectel routers. Network kasitomala imathetsedwa pa ma routers.

Seva iliyonse yamakasitomala, mwachitsanzo. S2 и S3 pa chithunzi pamwambapa, ali ndi ma adilesi awo achinsinsi a IP - 10.0.0.2/24 pa seva S2 и 10.0.0.3/24 pa seva S3. Maadiresi 10.0.0.252/24 и 10.0.0.253/24 zoperekedwa ndi Selectel kwa ma routers L3VPN-1 и L3VPN-2, motero. IP adilesi 10.0.0.254/24 ndi adilesi ya VRRP VIP pa Selectel routers.

Mutha kudziwa zambiri za ntchito ya L3VPN werengani mu blog yathu.

Asanasinthe, chilichonse chinkawoneka ngati chithunzi:

Ma router awiri L3VPN-1 и L3VPN-2 zidalumikizidwa ku switch yakale yophatikizira А. Mbuye wa VRRP VIP adilesi 10.0.0.254 ndi rauta L3VPN-1. Ili ndi chofunikira kwambiri pa adilesi iyi kuposa rauta L3VPN-2.

unit 1006 {
    description C2;
    vlan-id 1006;
    family inet {       
        address 10.0.0.252/24 {
            vrrp-group 1 {
                priority 200;
                virtual-address 10.100.0.254;
                preempt {
                    hold-time 120;
                }
                accept-data;
            }
        }
    }
}

Seva ya S2 imagwiritsa ntchito chipata 10.0.0.254 kuti ilumikizane ndi ma seva m'malo ena. Chifukwa chake, kutulutsa rauta ya L3VPN-2 kuchokera pa netiweki (ndithudi, ngati idachotsedwa koyamba kudera la MPLS) sikukhudza kulumikizidwa kwa ma seva a kasitomala. Panthawi imeneyi, kuchuluka kwa redundancy kwa dera kumangochepetsedwa.

Pambuyo pake, tikhoza kulumikizanso rauta mosamala L3VPN-2 ku masiwichi N. Ikani maulalo, sinthani ma transceivers. Mawonekedwe omveka a rauta, omwe ntchito za kasitomala zimatengera, zimayimitsidwa mpaka zitatsimikiziridwa kuti zonse zikuyenda momwe ziyenera kukhalira.

Pambuyo poyang'ana maulalo, ma transceivers, milingo yazizindikiro, ndi milingo yolakwika pazolumikizana, rauta imayikidwa, koma yolumikizidwa kale ndi ma switch atsopano.

Kenako, timatsitsa VRRP patsogolo pa rauta ya L3VPN-1, ndipo adilesi ya VIP 10.0.0.254 imasunthidwa ku rauta ya L3VPN-2. Ntchitozi zimagwiranso ntchito popanda kusokoneza kulumikizana.

Kusamutsa adilesi ya VIP 10.0.0.254 ku rauta L3VPN-2 imakulolani kuti muyimitse rauta L3VPN-1 popanda kusokoneza kulankhulana kwa kasitomala ndikugwirizanitsa ndi ma switches atsopano N.

Kaya kapena ayi kubwezeretsa VRRP VIP ku L3VPN-1 rauta ndi funso lina, ndipo ngakhale litabwezeredwa, limachitidwa popanda kusokoneza kulumikizana.

Chiwerengero

Pambuyo pa masitepe onsewa, tidasinthanso masinthidwe ophatikizira mu imodzi mwamalo athu a data, ndikuchepetsa kusokoneza kwa makasitomala athu.

Chotsalira ndikuchotsa. Kugwetsa masiwichi akale, kugwetsa maulalo akale pakati pa masiwichi A ndi D, kugwetsa ma transceivers kuchokera ku maulalo awa, kuwongolera kuwunika, kuwongolera zithunzi zama netiweki polemba ndi kuyang'anira.

Titha kugwiritsa ntchito masiwichi, ma transceivers, zingwe zigamba, AOC, DAC yotsalira pambuyo posintha ma projekiti ena kapena kusintha kwina kofananako.

"Natasha, tasintha chilichonse!"

Source: www.habr.com