Link Search Menu Expand Document
calendar_month 11-Apr-24

Multifabric: Fabric 1 Leaf 3-2 Configuration

!
!Version ArubaOS-CX DL.10.11.1050
!export-password: default
hostname RSVDC-FB1-LF3-2
user admin group administrators password ciphertext AQBapU260s0qW+dAOIoHC6SQNkwoDJduGsK/PJuOcFPVKf4BYgAAAEZtDcTr9IjogvLBf2SjusjhExgVC0xeuEBpDkCkohLxGN086iLEtcSNDo4MEB34z/NGRJDvaNROCTRPzPCnnOBHv5ehVzY+cqz2ELC4WWrAC5hOu45LNLuokDp5tVVDjZnH
user afc_admin group administrators password ciphertext AQBapdsJsKHNO9inv5h+vlmWYtGIXz5gcAJRnY568ztlxMJcYgAAAA5EIouuB11ckrZrniHvjQGRjpglPGwIVo4n9HS91HmCbjkNhjJ61HcqB40bhKw9aHRrMIiN4ZrC1avQ+1r3O0XQpXyYnKqrb83S1omVSELQrF0uFf988tFSfstuWpO+U13g
clock timezone america/los_angeles
bfd
profile leaf
vrf DEV-DC-VRF
    rd 10.250.2.0:11
    route-target export 65001:100002 evpn
    route-target import 65001:100002 evpn
vrf PROD-DC-VRF
    rd 10.250.2.0:10
    route-target export 1:100001 evpn
    route-target export 65001:100001 evpn
    route-target import 1:100001 evpn
    route-target import 65001:100001 evpn
ntp server 10.2.120.98 prefer
ntp server 10.2.120.99 prefer
ntp enable
ntp vrf mgmt
cli-session
    timeout 0
!
!
!
!
!
!
ssh server vrf mgmt
psm
    host 172.16.104.51 172.16.104.52 172.16.104.53 vrf mgmt
vlan 1
vlan 50
    private-vlan primary
vlan 51
    private-vlan isolated primary-vlan 50
vlan 101
    description AFC-created VLAN
vlan 102
    description AFC-created VLAN
vlan 201
    description AFC-created VLAN
vlan 202
    description AFC-created VLAN
vlan 3999
virtual-mac 02:00:01:00:00:00
evpn
    arp-suppression
    vlan 50
        rd auto
        route-target export auto
        route-target import auto
        redistribute host-route
    vlan 101
        rd auto
        route-target export auto
        route-target export 1:10101
        route-target import auto
        route-target import 1:10101
        redistribute host-route
    vlan 102
        rd auto
        route-target export auto
        route-target export 1:10102
        route-target import auto
        route-target import 1:10102
        redistribute host-route
    vlan 201
        rd auto
        route-target export auto
        route-target import auto
        redistribute host-route
    vlan 202
        rd auto
        route-target export auto
        route-target import auto
        redistribute host-route
spanning-tree config-name 
interface mgmt
    no shutdown
    ip dhcp
interface lag 1 multi-chassis
    description L2 Subleaf Leaf MLAG
    no shutdown
    no routing
    vlan trunk native 1
    vlan trunk allowed all
    lacp mode active
    lacp fallback
    lacp rate slow
interface lag 2 multi-chassis
    description MC-LAG for ESXi host 7
    no shutdown
    no routing
    vlan trunk native 1
    vlan trunk allowed 1,101-102,201-202
    lacp mode active
    lacp fallback
    lacp rate slow
interface lag 11 multi-chassis
    description MC-LAG for example microsegmentation of ESXI-07
    no shutdown
    no routing
    vlan trunk native 1
    vlan trunk allowed 1,50-51
    lacp mode active
    lacp fallback
    lacp rate slow
interface lag 256
    description ISL
    no shutdown
    no routing
    vlan trunk native 1
    vlan trunk allowed all
    lacp mode active
    lacp rate slow
interface 1/1/1
    no shutdown
    mtu 9198
    lag 2
interface 1/1/2
    no shutdown
    mtu 9198
    lag 11
interface 1/1/3
    no shutdown
    mtu 9198
    ip mtu 9198
interface 1/1/4
    no shutdown
    mtu 9198
    ip mtu 9198
interface 1/1/5
    no shutdown
    mtu 9198
    ip mtu 9198
interface 1/1/6
    no shutdown
    mtu 9198
    ip mtu 9198
interface 1/1/7
    no shutdown
    mtu 9198
    ip mtu 9198
interface 1/1/8
    no shutdown
    mtu 9198
    ip mtu 9198
interface 1/1/9
    no shutdown
    mtu 9198
    ip mtu 9198
interface 1/1/10
    no shutdown
    mtu 9198
    ip mtu 9198
interface 1/1/11
    no shutdown
    mtu 9198
    ip mtu 9198
interface 1/1/12
    no shutdown
    mtu 9198
    lag 1
interface 1/1/13
    no shutdown
    mtu 9198
    ip mtu 9198
interface 1/1/14
    no shutdown
    mtu 9198
    ip mtu 9198
interface 1/1/15
    no shutdown
    mtu 9198
    ip mtu 9198
interface 1/1/16
    no shutdown
    mtu 9198
    ip mtu 9198
interface 1/1/17
    no shutdown
    mtu 9198
    ip mtu 9198
interface 1/1/18
    no shutdown
    mtu 9198
    ip mtu 9198
interface 1/1/19
    no shutdown
    mtu 9198
    ip mtu 9198
interface 1/1/20
    no shutdown
    mtu 9198
    ip mtu 9198
interface 1/1/21
    no shutdown
    mtu 9198
    ip mtu 9198
interface 1/1/22
    no shutdown
    mtu 9198
    ip mtu 9198
interface 1/1/23
    no shutdown
    mtu 9198
    ip mtu 9198
interface 1/1/24
    no shutdown
    mtu 9198
    ip mtu 9198
interface 1/1/25
    no shutdown
    mtu 9198
    ip mtu 9198
interface 1/1/26
    no shutdown
    mtu 9198
    ip mtu 9198
interface 1/1/27
    no shutdown
    mtu 9198
    ip mtu 9198
interface 1/1/28
    no shutdown
    mtu 9198
    ip mtu 9198
interface 1/1/29
    no shutdown
    mtu 9198
    ip mtu 9198
interface 1/1/30
    no shutdown
    mtu 9198
    ip mtu 9198
interface 1/1/31
    no shutdown
    mtu 9198
    ip mtu 9198
interface 1/1/32
    no shutdown
    mtu 9198
    ip mtu 9198
interface 1/1/33
    no shutdown
    mtu 9198
    ip mtu 9198
interface 1/1/34
    no shutdown
    mtu 9198
    ip mtu 9198
interface 1/1/35
    no shutdown
    mtu 9198
    ip mtu 9198
interface 1/1/36
    no shutdown
    mtu 9198
    ip mtu 9198
interface 1/1/37
    no shutdown
    mtu 9198
    ip mtu 9198
interface 1/1/38
    no shutdown
    mtu 9198
    ip mtu 9198
interface 1/1/39
    no shutdown
    mtu 9198
    ip mtu 9198
interface 1/1/40
    no shutdown
    mtu 9198
    ip mtu 9198
interface 1/1/41
    no shutdown
    mtu 9198
    ip mtu 9198
interface 1/1/42
    no shutdown
    mtu 9198
    ip mtu 9198
interface 1/1/43
    no shutdown
    mtu 9198
    ip mtu 9198
interface 1/1/44
    no shutdown
    mtu 9198
    ip mtu 9198
interface 1/1/45
    no shutdown
    mtu 9198
    ip mtu 9198
interface 1/1/46
    no shutdown
    mtu 9198
    ip mtu 9198
interface 1/1/47
    no shutdown
    mtu 9198
    ip mtu 9198
interface 1/1/48
    description Keep alive Interface RSVDC-FB1-LF3-2
    no shutdown
    mtu 9198
    ip mtu 9198
    ip address 10.250.0.0/31
interface 1/1/49
    no shutdown
    persona access
    mtu 9198
    lag 256
interface 1/1/50
    no shutdown
    persona access
    mtu 9198
    lag 256
interface 1/1/51
    no shutdown
    persona uplink
    mtu 9198
    ip mtu 9198
interface 1/1/52
    no shutdown
    persona uplink
    mtu 9198
    ip mtu 9198
interface 1/1/53
    description Leaf Spine RPI to RSVDC-FB1-SP1
    no shutdown
    persona uplink
    mtu 9198
    ip mtu 9198
    ip address 10.255.0.3/31
    ip ospf 1 area 0.0.0.0
    no ip ospf passive
    ip ospf network point-to-point
interface 1/1/54
    description Leaf Spine RPI to RSVDC-FB1-SP2
    no shutdown
    persona uplink
    mtu 9198
    ip mtu 9198
    ip address 10.255.0.19/31
    ip ospf 1 area 0.0.0.0
    no ip ospf passive
    ip ospf network point-to-point
interface loopback 0
    description BGP/OSPF underlay
    ip address 10.250.0.6/32
interface loopback 1
    description BGP VXLAN overlay
    ip address 10.250.2.0/32
interface vlan 50
    description Example microsegmentation SVI
    vrf attach PROD-DC-VRF
    ip mtu 9198
    ip address 10.5.50.1/24
    active-gateway ip mac 02:00:0a:05:00:01
    active-gateway ip 10.5.50.1
    ip local-proxy-arp
interface vlan 101
    description Production web app SVI/VLAN 101 in DC overlay
    vrf attach PROD-DC-VRF
    ip mtu 9198
    ip address 10.5.101.1/24
    active-gateway ip mac 02:00:0a:05:00:01
    active-gateway ip 10.5.101.1
interface vlan 102
    description Production database SVI/VLAN 102 DC overlay
    vrf attach PROD-DC-VRF
    ip mtu 9198
    ip address 10.5.102.1/24
    active-gateway ip mac 02:00:0a:05:00:01
    active-gateway ip 10.5.102.1
interface vlan 201
    description Development web app SVI/VLAN 201 in DC overlay
    vrf attach DEV-DC-VRF
    ip mtu 9198
    ip address 10.6.201.1/24
    active-gateway ip mac 02:00:0a:06:00:01
    active-gateway ip 10.6.201.1
interface vlan 202
    description Development database  SVI/VLAN 202 in DC overlay
    vrf attach DEV-DC-VRF
    ip mtu 9198
    ip address 10.6.202.1/24
    active-gateway ip mac 02:00:0a:06:00:01
    active-gateway ip 10.6.202.1
interface vlan 3999
    description Transit VLAN
    ip mtu 9198
    ip address 10.250.0.14/31
    ip ospf 1 area 0.0.0.0
    no ip ospf passive
    ip ospf cost 1
    ip ospf network point-to-point
interface vxlan 1
    source ip 10.250.2.0
    no shutdown
    vni 10050
        vlan 50
    vni 10101
        vlan 101
    vni 10102
        vlan 102
    vni 10201
        vlan 201
    vni 10202
        vlan 202
    vni 100001
        vrf PROD-DC-VRF 
        routing
    vni 100002
        vrf DEV-DC-VRF 
        routing
vsx
    system-mac 02:00:00:00:10:00
    inter-switch-link lag 256
    role secondary
    keepalive peer 10.250.0.1 source 10.250.0.0
    linkup-delay-timer 600
    vsx-sync vsx-global
ip dns domain-name example.local vrf mgmt
ip dns server-address 10.2.120.98 vrf mgmt
ip dns server-address 10.2.120.99 vrf mgmt
!
!
!
!
route-map connected-ospf permit seq 10
     set tag 1000
!
router ospf 1
    router-id 10.250.0.6
    passive-interface default
    maximum-paths 8
    redistribute local loopback route-map connected-ospf
    area 0.0.0.0
router bgp 65001
    bgp router-id 10.250.0.6
    maximum-paths 8
    bgp log-neighbor-changes
    bgp deterministic-med
    bgp always-compare-med
    bgp bestpath as-path multipath-relax
    neighbor RSVDC-FB1-RR peer-group
    neighbor RSVDC-FB1-RR remote-as 65001
    neighbor RSVDC-FB1-RR description Spine and RR peer-group
    neighbor RSVDC-FB1-RR fall-over
    neighbor RSVDC-FB1-RR update-source loopback 0
    neighbor 10.250.0.9 peer-group RSVDC-FB1-RR
    neighbor 10.250.0.13 peer-group RSVDC-FB1-RR
    address-family ipv4 unicast
        redistribute connected
    exit-address-family
    address-family l2vpn evpn
        neighbor RSVDC-FB1-RR send-community both
        neighbor 10.250.0.9 activate
        neighbor 10.250.0.13 activate
    exit-address-family
!
    vrf DEV-DC-VRF
        bgp router-id 10.250.0.6
        maximum-paths 8
        bgp log-neighbor-changes
        bgp deterministic-med
        bgp always-compare-med
        bgp bestpath as-path multipath-relax
        address-family ipv4 unicast
            redistribute connected
        exit-address-family
!
    vrf PROD-DC-VRF
        bgp router-id 10.250.0.6
        maximum-paths 8
        bgp log-neighbor-changes
        bgp deterministic-med
        bgp always-compare-med
        bgp bestpath as-path multipath-relax
        address-family ipv4 unicast
            redistribute connected
        exit-address-family
!
https-server vrf mgmt

Back to top

© Copyright 2024 Hewlett Packard Enterprise Development LP. The information contained herein is subject to change without notice. The only warranties for Hewlett Packard Enterprise products and services are set forth in the express warranty statements accompanying such products and services. Nothing herein should be construed as constituting an additional warranty. Hewlett Packard Enterprise shall not be liable for technical or editorial errors or omissions contained herein. Aruba Networks and the Aruba logo are registered trademarks of Aruba Networks, Inc. Third-party trademarks mentioned are the property of their respective owners. To view the end-user software agreement, go to Aruba EULA.