Configuration Guide
Table Of Contents
- Table of Contents
- 1. Overview
- 2. SPB Terminology
- 3. SPB Support Topologies
- 4. UNI Types
- 5. Summary of SPB Features and ProductRelease Matrix
- 6. SPB Feature and License Matrix
- 7. Scaling
- 8. Migration & Upgrades
- 9. Field Introduction & Support Specifications
- 10. VSP 7000 – Fabric Interconnect
- 11. ISIS Metrics - Optional
- 12. ISIS Accept Policy
- 13. ISIS External Metric
- 14. SPB over L2/L3 networks
- 15. Fabric Attach
- 16. SPB SMLT BEB Design Best Practices
- 17. SPB NNI SMLT – migrating existing SMLT network to SPB
- 18. IS-IS TLV
- 19. SPB Best Practices
- 20. SPB Configuration
- 20.1 SPB Configuration
- 20.1.1 ERS 8800 – Converting from CLI to ACLI
- 20.1.2 SPB and IS-IS Core Configuration
- 20.1.3 SPB NNI Interface Configuration
- 20.1.4 CFM Configuration
- 20.1.5 VSP 7000 – Fabric Interconnect Mesh
- 20.1.6 SMLT – Normal IST
- 20.1.7 SMLT - Virtual IST (vIST)
- 20.1.8 L2VSN Configuration
- 20.1.9 SwitchedUNI Configuration
- 20.1.10 Flex UNI Switched Configuration
- 20.1.11 Transparent UNI Configuration
- 20.1.12 Private VLAN (ETREE) Configuration
- 20.1.13 L3VSN Configuration
- 20.1.14 L3VSN – leaking routes between VRF’s
- 20.1.15 IP Shortcuts
- 20.1.16 IP Shortcut– Suppress IST Network
- 20.1.17 IP Shortcuts – leaking routes between GRT and VRF
- 20.1.18 IP Shortcuts – redistribution of ISIS and OSPF
- 20.1.19 Inter-VSN Routing
- 20.1.20 IPv6 Shortcuts
- 20.1.21 SPB Multicast Configuration
- 20.1.22 Multicast 239.255.255/24 – UPnP Filtering
- 20.1.23 Connectivity Fault Management (CFM) Configuration
- 20.1.24 CFM Configuration Example – 7.1.1.x or higher
- 20.1.25 Fabric Extend Configuration
- 20.1.26 ONA: Assigning a Static IP address to the Open Network Adapter
- 20.1.27 Fabric Extend over Routed Infrastructure using VRF to interconnect to routed network
- 20.1.28 Fabric Extend over Routed Infrastructure using GRT to interconnect to routed network
- 20.1.29 Fabric Extend over E-LAN/VPLS (L2) network using Layer 3 over Layer 2 tunneling using VSP 4000
- 20.1.30 Fabric Extend over E-LAN/VPLS (L2) network using Layer 3 over Layer 2 tunneling with VSP8000 orVSP7200
- 20.1.31 Fabric Extend over E-LAN/VPLS (L2) network using VLAN Tunnels
- 20.1.32 Fabric Attach Configuration
- 20.1.33 Identity Engines – Attribute Details
- 20.1.34 Fabric Attach Base Configuration – Adding a FA Proxy and FA Server
- 20.1.34.1 Fabric Attach – Adding a Platform VLAN on FA Server forManagement VLAN
- 20.1.34.2 Fabric Attach – Adding a L2VSN Service
- 20.1.34.3 Fabric Attach – Adding a L3VSN Service
- 20.1.34.4 Fabric Attach - Adding a WLAN 9100 FA Client with EAPDevice authentication via Identity Engines
- 20.1.34.5 Fabric Attach – Changing the FA authentication key
- 20.1.35 Fabric Attach Proxy Standalone
- 20.2 Using EDM
- 20.1 SPB Configuration
- 21. VLAN and ISID Restrictions using TACACS+via Identity Engines
- 22. Configuration Examples
- 22.1 SPB – Core Setup
- 22.1.1 Configuration
- 22.1.1.1 Configuration Mode
- 22.1.1.2 Auto Save
- 22.1.1.3 VSP 7000 – Rear Port Mode
- 22.1.1.4 Option: Change Spanning Tree mode to MSTP
- 22.1.1.5 System Name
- 22.1.1.6 Option – Configure out-of-band management interface
- 22.1.1.7 Enable VLACP Globally
- 22.1.1.8 IST Configuration – SMLT Cluster switch 4001 & 4002, 9001 & 9002 and 8005 & 8006
- 22.1.1.9 IS-IS and SPB Global Configuration
- 22.1.1.10 IS-IS SPB Interface Configuration
- 22.1.1.11 Remove default VLAN from all SPB ports
- 22.1.1.12 Other best practice items – VLACP and discard untagged frames
- 22.1.1.13 IST Configuration – SMLT Cluster switch 7001 & 7002
- 22.1.1.14 ISIS L1-metric – Optional
- 22.1.1.15 Connectivity Fault Management (CFM) Configuration
- 22.1.1.16 QoS
- 22.1.2 Configuration using EDM – Using 8005 as an example
- 22.1.3 Verify Operations
- 22.1.1 Configuration
- 22.2 SMLT Configuration
- 22.3 SPB L2 VSN Configuration
- 22.4 VSP 7000 & ERS 4800 – In-band Management via L2VSN
- 22.5 Multicast over L2VSN
- 22.6 Inter VSN Routing
- 22.7 Inter-ISID Configuration
- 22.7.1 VRF configuration
- 22.7.2 Verification
- 22.8 SPB L3 VSN – SMLT
- 22.9 Extending L3VSN to the VSP 7000 Cluster via L2VSN
- 22.10 Multicast over L3VSN
- 22.11 SPB IP Shortcuts
- 22.12 Multicast over IP Shortcuts
- 22.1 SPB – Core Setup
- 23. Restrictions and Limitations
- 24. Reference Documentation
©2021 Extreme Networks, Inc. All rights reserved
October 2021
74
Fabric Attach element model
FA Server
When a switch is enabled as an FA Server, it receives IEEE 802.1AB Logical Link Discovery Protocol
(LLDP) messages from FA Proxy switches and/or FA Client devices requesting the creation of Switched
UNI service identifiers (I-SIDs). An FA Server can receive requests and consequently attach to multiple FA
Proxy switches and/or FA Client devices. The I-SIDs thus created is required to join a Shortest Path Bridging
(SPB) network.
The service created on the FA Server is an ELAN Switch UNI service with a FA I-SID to VLAN mapping.
For Layer 2 or Layer 3 participation, you can create a platform VLAN with the same I-SID value as that of
the ELAN I-SID value; this can be on the local FA Server node or another SPBM node in the network.
A platform VLAN is a VLAN created using the vlan create <2-4059> type port-mstprstp
<instance> ACLI command
FA Proxy & Proxy Standalone
A FA proxy switch supports the ability to define ISID to VLAN assignments and relay this information to the
FA server. This assignment can be accomplished, for example, by the local CLI or using Enterprise Device
Manger. It also has the ability add I-SID to VLAN assignments after a FA client, i.e. WLAN 9100 AP, has
successfully authenticated using EAP device authentication against Extreme’s Identity Engines RADIUS
server. In this case, after the FA Client has successfully authenticated, the policy used on Identity Engines
RADIUS will contain all the various VLAN and I-SID assignments required. This information is sent via the
outbound values provisioned in the Identity Engines Policy server. The I-SID assignment binding request
in turn will be relayed from the FA Proxy to the FA Server where the FA Server will automatically create an
ELAN (Switched UNI with c-vid and I-SID mappings).
A FA Proxy switch can be deployed in Standalone Proxy mode for scenarios where a FA Server is not
available, i.e. a legacy network. In this case, in Standalone Proxy mode, the switch simply connects to a
core/distribution switch or cluster via a tagged VLAN uplink port or MLT. Identity Engines is used in this
case to authenticate the attached FA Clients and push down the necessary VLANs required. In this case,
the policy created on Identity Engines must use a VLAN and I-SID combination where the I-SID must be a
null ISID value of 0.
FA Client
A FA Client is a network attached end device supporting the Fabric Attach or (IEEE Auto Attach) agent in
Client mode. FA Clients can initiate I-SID / VLAN binding requests for service creation to a FA Proxy or a
FA Server. A FA Client will use FA signaling to automatically attach to fabric services that are always
terminated on a FA Server. An FA Proxy switch will simply relay these requests from FA clients to the FA
Server.