beautypg.com

Configuration guidelines – H3C Technologies H3C SecBlade LB Cards User Manual

Page 91

background image

83

# Assign GigabitEthernet 0/1 to VLAN 100.

[LBA-vlan100] port gigabitethernet 0/1

[DeviceA-vlan100] quit

# Specify VLAN 100 as a backup VLAN.

[LBA] dhbk vlan 100

# Enable symmetric-path mode stateful failover.

[LBA] dhbk enable backup-type symmetric-path

2.

Configure Device A:
# Create VLAN 100.

system-view

[DeviceA] vlan 100

# Assign GigabitEthernet 1/1 to VLAN 100.

[DeviceA-vlan100] port gigabitethernet 1/1

[DeviceA-vlan100] quit

# Assign GigabitEthernet 1/2 to VLAN 100.
Because Device A and Device B may exchange packets of multiple VLANs, configure

GigabitEthernet 1/2 as a trunk port and permit packets of VLAN 100 to pass.

[DeviceB] interface gigabitethernet 1/2

[DeviceB-GigabitEthernet1/2] port link-type trunk

[DeviceB-GigabitEthernet1/2] port trunk permit vlan 100

Please wait... Done.

3.

Configure Device B in the same way you configure Device A. (Details not shown.)

4.

Configure LB B in the same way you configure LB A. (Details not shown.)

Configuration guidelines

When you configure stateful failover, follow these guidelines:

Stateful failover can be implemented only between two devices. The failover interfaces on the two
devices must have consistent configurations, including interface name, number of interfaces,

backup VLAN, and configuration order. If NAT is enabled on the stateful failover devices, the order
to create subinterfaces must be consistent.

The same numbered interfaces must exist on the two devices. Otherwise, session backup fails. For
example, if Device A uses GigabitEthernet 0/1 and GigabitEthernet 0/3 to forward backup data,

Device B must also use GigabitEthernet 0/1 and GigabitEthernet 0/3.

To run NAT on two failover devices, you must configure two identical NAT address pools for each
device. The higher-priority address pool on a device must be different from that on the other.

Otherwise, a conflict may occur during backup. For example, you can configure two NAT address
pools, 100.0.0.1 through 100.0.0.5 (Pool 1) and 100.0.0.6 through 100.0.0.10 (Pool 2), on

devices A and B. Pool 1 has a lower priority on Device A, and Pool 2 has a lower priority on Device

B. For more information, see Network Management Configuration Guide.

Configure VRRP or a dynamic routing protocol on the failover devices and the uplink/downlink
devices to make sure that the traffic can automatically switch to the other device if one device fails.

While the active device synchronizes all configurations to the standby device, the redundant

configurations, if any, on the standby device are not removed. This may result in a synchronization

This manual is related to the following products:
See also other documents in the category H3C Technologies Safety: