F5 Logo MyF5
Search
  1. MyF5 Home
  2. VELOS Systems: Administration and Configuration
  3. Network Settings
Manual Chapter : Network Settings

Applies To:

Show Versions Show Versions

F5OS-C

  • 1.1.4, 1.1.3, 1.1.2, 1.1.1, 1.1.0
Manual Chapter

Network Settings

Network configuration for the system controllers

The chassis administrator can perform general networking tasks for the system controllers. You can configure management interfaces for the system controllers, enable DHCP, and set up DNS for the VELOS platform.
You perform these tasks by logging in to the system controller typically using the floating IP address from a secure webUI with HTTPS on port 443, or the CLI with SSH on port 22.

Configure management interfaces from the webUI

You can view or change the configuration of management interfaces, prefix length (netmask), and gateway for the VELOS system at the chassis level.
  1. Log in to the system controller webUI using an account with admin access.
  2. On the left, click
    NETWORK SETTINGS
    Management Interfaces
    .
  3. If the management port is getting addresses from DHCP, enable
    DHCP
    .
  4. The management IP addresses for both system controllers and the floating IP address are typically set during initial configuration using the setup wizard. You can review or change them, if necessary.
  5. For
    Prefix Length
    , type a number from 1-32 for the length of the prefix.
  6. For
    Gateway
    , type the IP address for the gateway.
  7. To enable aggregation for the management ports between the system controllers and an outside switch, for
    Interface Aggregation
     select
    Enabled
    .
    Interface aggregation increases the bandwidth between peers by load balancing traffic across the ports.
  8. Click
    Save
    .

Why use link aggregation on management ports

Forwarding is enabled for both management ports when link aggregation is used. If one port of the aggregation goes down, traffic is seamlessly handled by the remaining management port. A health-driven HA switchover need not occur to activate the alternate management port as it does when the management ports are operating independently.
There is also a gain in overall management port throughput. Specifically, total management port bandwidth doubles to 20 Gbps when aggregated. When not aggregated, only one management link is active at a time and total bandwidth is limited to 10 Gbps.
The downside of using management port aggregation is that the ports to which the management ports connect must also be aggregated.
There’s no difference in IP configuration between aggregated and independent modes of operation. That’s because aggregation (an L2 feature) is applied to the physical switch ports that physically connect to the management network, and IP addresses are applied to host interfaces at L3 connecting to entirely different physical switch ports.

Configure DNS from the webUI

You can configure DNS for the VELOS system at the chassis level. This is used for name resolution such as when setting up the system.
  1. Log in to the system controller webUI using an account with admin access.
  2. On the left, click
    NETWORK SETTINGS
    DNS
    .
  3. Under
    DNS Lookup Servers
    , specify the name servers that the system uses to validate DNS lookups, and resolve host names. For each name server you want to add:
    1. Click
      Add
      .
    2. For
      Lookup Server
      , type the IP address of the name server that you want to add to the list.
    3. Click
      Save & Close
      .
  4. Under
    DNS Search Domains
    , specify the domains that the system searches for local domain lookups and to resolve local host names. For each domain you want to add:
    1. Click
      Add
      .
    2. For
      Search Domain
      , type the domain name of the name server that you want to add to the list. For example, DNSsearch.com
    3. Click
      Save & Close
      .
DNS lookup servers and search domains are specified for the VELOS system.

Network configuration for the partition

Much of the L2 network configuration on VELOS systems is performed at the chassis partition level by the chassis partition administrator. The administrator logs into the partition to view or configure port groups, interfaces, VLANs, and create LAGs for that partition. Configuration can be done from the webUI, or using the CLI or REST APIs.
The chassis partition administrator performs these network configuration tasks:
  • Create and manage VLANs
  • Create and manage LAGs
  • Manage interfaces
  • Manage port groups, as needed
  • Display VLAN listeners, if necessary

Manage port groups from the webUI

The front-panel ports on VELOS blades support
port group
 functionality. Port groups allow you to configure the mode of the physical port, which controls whether the port is bundled or unbundled, and the port speed. Until configured, the VELOS system uses 100G for the port speeds. You can change them based on what optical transceiver module type you are using.
Before configuring any interfaces, VLANs, or LAGs, you can set up port groups so that physical interfaces on the blade are configured for the proper speed and bundling. Depending on the port group mode, a different FPGA version is loaded, and the speed of the port is adjusted accordingly (changing the mode causes a blade reboot). The system creates the port group components, based on the type of blades installed.
This task describes how to use the webUI to configure the port groups to use a specific mode depending on how you are connecting your blades to an upstream switch.
Changing the port group mode impacts the view of physical interfaces published by the system. The previous interfaces that corresponded to the previous port group mode are deleted, and new ones are created. All configuration associated with the deleted interfaces is also lost.
  1. Log in to the chassis partition webUI using an account with admin access.
  2. On the left, click
    NETWORK SETTINGS
    Port Groups
    .
  3. For a specific blade, select a
    Mode
     from the list.
    You can choose one of these modes:
    Mode
    Description
    100GbE
    Creates one interface at 100G speed
    40GbE
    Creates one interface at 40G speed
    4 x 25GbE
    Creates four interfaces at 25G speed (requires the use of a breakout cable)
    4 x 10GbE
    Creates four interfaces at 10G speed (requires the use of a breakout cable)
  4. Click
    Save
    .
When you change the port group mode on ports for a specific blade, the blade reboots. The previous interfaces that corresponded to the previous port group mode are deleted, and the associated (underlying) configuration is also lost.

Create VLANs from the webUI

A VLAN is a logical subset of hosts on a local area network (LAN) that operates in the same IP address space. Grouping hosts together in a VLAN has distinct advantages. For example, with VLANs, you can:
  • Reduce the size of broadcast domains, thereby enhancing overall network performance.
  • Reduce system and network maintenance tasks substantially. Functionally related hosts do not need to physically reside together to achieve optimal network performance.
  • Enhance security on your network by segmenting hosts that must transmit sensitive data.
You can create a VLAN and associate physical interfaces or LAGs with that VLAN. In this way, any host that sends traffic to an interface is logically a member of the VLAN or VLANs to which that interface or LAG belongs.
  1. Log in to the chassis partition webUI using an account with admin access.
  2. On the left, click
    NETWORK SETTINGS
    VLANs
    .
    The screen shows VLANs that are configured for that chassis partition.
  3. Click
    Add
    .
  4. In the
    Name
     field, type a name for the VLAN.
  5. In the
    VLAN ID
    , type a number between 1-4094 for the VLAN.
    The VLAN ID identifies the traffic from hosts in the associated VLAN for an associated interface or LAG.
  6. Click
    Add VLAN
     to create the VLAN.
The VLAN is created and displayed in the VLAN list. You can use the VLANs when configuring interfaces, creating LAGs, and deploying tenants (one VLAN can be shared by more than one tenant within a partition).
one particular VLAN is shared by two or more tenants, for example being assigned at the tenant deployment time.

Display VLAN listeners from the webUI

VLAN listeners are created and deleted by the system at runtime. They are used to used to program the destination for broadcast packets and L2 destination lookup failures (DLFs). One of the following listeners is created when a VLAN is configured with an interface and a tenant.
  • VLAN Listener (listener): Created when a VLAN is used by a single tenant.
  • Rebroadcast Listener (rbcast-listener): Created when a VLAN is used by multiple tenants, that is, when tenants share VLANs in a chassis partition.
Viewing the VLAN listeners is primarily used for troubleshooting data path issues. For example, to check whether the correct VLANs are assigned to the tenants.
  1. Log in to the chassis partition webUI using an account with admin access.
  2. On the left, click
    NETWORK SETTINGS
    VLAN Listeners
    .
    The screen shows VLAN listeners that are active on the system.
  3. For
    Auto Refresh
    , from the list, you can select the time interval for refreshing the VLAN listener details, or click the icon to refresh now.
You can see the VLAN listeners that are associated with specific interfaces, VLANs, and other related information. If something does not look correct, review the configuration for that object.

Configure interfaces from the webUI

VELOS blades support two kinds of physical network interfaces: interfaces that correspond to the blade front-panel QSFP28 ports and link aggregation groups (LAGs).
You can configure settings or properties on front-panel interfaces:
  • To associate an interface with VLAN(s)
  • To associate a physical port interface with a LAG
  • To configure interface attributes
  • To enable or disable an interface
Before you begin, you need to have created the VLANs that you want to associate with the interface. But if you intend to create LAGs, you should wait to associate VLANs with interfaces because if associated with an interface, the interface cannot be used as a LAG member.
  1. Log in to the chassis partition webUI using an account with admin access.
  2. On the left, click
    NETWORK SETTINGS
    Interfaces
    .
  3. Click an interface name.
  4. For
    State
    , select whether the interface is
    Enabled
    , or
    Disabled
    .
  5. The next few settings are informational and cannot be changed. For example, Operational Status, Speed, MAC Address, and Interface Type are set values.
  6. For
    MTU
    , the maximum transmissions unit is set to the default value of 9600 (read only).
    This is the largest size that the system allows for an IP datagram passing through a physical interface.
  7. Forward Error Correction
     is set to the default value of
    Auto
     (read only) and detects and corrects a limited number of errors in transmitted data.
    Since this setting is automatically enabled, your upstream switch must also support Forward Error Correction (FEC).
  8. RX Flow Control
     is set to
    Off
    , and it is not supported on any of the interfaces.
  9. For
    Native VLAN
    , select the VLAN ID to use for untagged frames received on an interface; either a single interface or LAG.
    An interface or LAG can have only one Native VLAN assigned to it. You can use a Native VLAN with multiple LAGs or interfaces. However, you cannot use a VLAN as both a Native and Trunk VLAN for the same interface.
  10. For
    Trunk VLAN
    , select one or more interfaces, if available, and not a member of another LAG; this is used for tagged traffic.
    You can use the same VLAN ID as the Trunk VLAN across all interfaces or LAGs. However, you cannot use a VLAN as both a Native and Trunk VLAN for the same interface.
    A trunk VLAN or a Native VLAN is required to pass traffic. If you do not select either a Native VLAN or a Trunk VLAN, the port will not carry any traffic.
  11. Click
    Save & Close
     to save your changes.

Display and reset interface statistics in the webUI

You can view statistics for physical interfaces configured on the chassis partition you are logged in to. The table shows, for each interface, the amount of data that was input and output in multiple forms. You can also see in/out errors and frame check sequence (FCS) errors that occurred on each of the interfaces, and you can reset to clear the data.
  1. Log in to the chassis partition webUI using an account with admin access.
  2. On the left, click
    NETWORK SETTINGS
    Interface Statistics
    .
    A table showing all the statistics opens.
  3. Change the way the statistics are displayed in the
    Data Format
     by selecting
    Normalized
     or
    Unformatted
    .
    Selecting
    Normalized
     converts the byte representation to kilobytes, megabytes, or terabytes depending on the size. This provides better data readability especially when there is massive amounts of traffic passing through the interfaces.
  4. Set the
    Auto Refresh
     interval for refreshing the data displayed, or click the refresh icon to update all data now.
  5. Select one or more interfaces, then click
    Reset
    to clear the data.

Spanning tree protocol

The VELOS system supports a set of industry-standard, Layer 2 protocols known as
spanning tree protocols
. A spanning tree is a logical tree-like depiction of the bridges on a network and the paths that connect them. Spanning tree protocols block redundant paths on a network, preventing bridging loops. If a blocked, redundant path is needed later because another path has failed, the spanning tree protocols clear the path again for traffic. The spanning tree protocols that the VELOS system supports are Spanning Tree Protocol (STP), Rapid Spanning Tree Protocol (RSTP), and Multiple Spanning Tree Protocol (MSTP). Only one protocol can be configured on a partition at a time.
Central to the way that spanning tree protocols work is the use of bridge protocol data units (BPDUs). When you enable spanning tree protocols on Layer 2 devices on a network, the devices send BPDUs to each other, for the purpose of learning the redundant paths and updating their L2 forwarding tables accordingly, electing a root bridge, building a spanning tree, and notifying each other about changes in interface status.
The term bridge refers to a Layer 2 device such as a switch, bridge, or hub.
When you configure spanning tree on a VELOS system, you must first decide which protocol, or mode, you want to enable. Because MSTP recognizes VLANs, using MSTP is preferable. However, all bridges in a network environment that you want to use spanning tree must run the same spanning tree protocol. If a legacy bridge running RSTP or STP is added to the network, the VELOS system must switch to that same protocol.

Configuring STP or RSTP on a partition from the CLI

STP is the original spanning tree protocol but is not recommended in VLAN-rich environments due to poor performance unless required by your configuration. RSTP is an enhancement to STP that improves spanning tree performance. Both STP and RSTP can create only one spanning tree (instance 0) for the entire network, and therefore cannot take VLANs into account when managing redundant paths.
You can use the VELOS command-line interface (CLI) to configure STP or RSTP on a partition. STP and RSTP configuration are the same except STP does not use interface edge-port and link-type.
  1. Log in to the command line interface (CLI) of the chassis partition using an account with admin access.
    When you log in to the system, you are in user (operational) mode.
  2. Change to config mode.
    config
    The CLI prompt changes to include
    (config)
    .
  3. Enable STP or RSTP.
    stp global config enabled-protocol [STP RSTP]
    The bridge-priority, forwarding-delay, hello-time, hold-count, and max-age have default values, which are recommended for use.
  4. Configure the bridge-priority to select/not select itself as the root bridge.
    [stp rstp] config bridge-priority integer
    # range 0 (highest) to 61440 (lowest) in increments of 4096
# default: 32768.
# The priority is used together with the address as a bridge identifier.
partition1# config
partition1(config)# stp rstp config bridge-priority integer
partition1# commit
  5. Configure interface cost and port priority as shown in the example.
     
    # Port Priority: range 0 (highest) to 240 (lowest) in increments of 16, 
# default 128. The priority is used as the port identifier together with 
# the slot/port numbers.
 
# Port Path Cost: range 0 (lowest) to 20,000,000,000 in increments of 1.
# The default port path cost is assigned dynamically:
# cost = 20,000,000,000 / port speed in Kbits/s.
 
partition1# config
# Need to config all interfaces which will be included into STP
partition1(config)# stp rstp interfaces interface 1/1.0 config cost 200 port-priority 128
partition1# commit
  6. RSTP/MSTP only: Configure interface edge-port and link-type as shown in the example.
     
    partition1# config
# Need to config all interfaces that will be included in STP
partition1(config)# partition1(config)# stp interfaces interface 
 1/2.0 config edge-port EDGE_AUTO link-type P2P
partition1# commit

Configuring MSTP on a partition from the CLI

MSTP is an enhancement to RSTP and is the preferred spanning tree protocol for the VELOS system. MSTP is specifically designed to understand VLANs and VLAN tagging (specified in IEEE 802.1q). MSTP allows for multiple spanning tree instances. Each instance corresponds to a spanning tree, and can control one or more VLANs that you specify when you create the instance. Thus, for any VELOS system interface that you assigned to multiple VLANs, MSTP can block a path on one VLAN, while still keeping a path in another VLAN open for traffic.
You can use the VELOS command-line interface (CLI) to configure MSTP on a partition. The spanning tree algorithm automatically groups bridges into regions, based on the values you assign to the MSTP configuration name, revision number, instance numbers, and instance members.
  1. Log in to the command line interface (CLI) of the chassis partition using an account with admin access.
    When you log in to the system, you are in user (operational) mode.
  2. Change to config mode.
    config
    The CLI prompt changes to include
    (config)
    .
  3. Enable MSTP.
     
    partition1(config)# stp mstp config name <region-name> revision [0-65535]
partition1# commit
    Where:
    • Region Name: string <= 32 characters, default: bridge MAC address
    • Revision: range 0-65535, default is 0
    These two parameters together form the common identifier of the BPDUs within the region. They must be identical on all bridges in the region.
    The forwarding-delay, hello-time, hold-count, max-age, and max-hop have default values, which are recommended for use.
  4. Create an MSTP instance.
     
    partition1(config)# stp mstp mst-instances mst-instance <integer> 
config mst-id <integer>
partition1# commit
  5. Configure VLANs for the MSTP instance. The VLANs must already exist.
     
    # create vlan 300 and 301
partition1# config
partition1(config)# vlans vlan 300
partition1(config-vlan-300)# vlans vlan 301
partition1(config-vlan-301)# commit
Commit complete.
partition1(config-vlan-301)# top
 
# assign vlan 300 and 301 to mstp instance 1
partition1(config)# stp mstp mst-instances mst-instance 1 config vlan [ 300 3001 ]
partition1(config-mst-instance-1)# commit
Commit complete.
partition1(config-mst-instance-1)# top
  6. Configure bridge priority for the MSTP instance. Each MSTP instance can have its own priority.
     
    # range 0 (highest) to 61440 (lowest) in increments of 4096
# default: 32768.
# The priority is used together with the address as a bridge identifier.
partition1# config
partition1(config)# stp mstp mst-instances mst-instance 1 config 
 bridge-priority <integer>
partition1# commit
partition1(config-mst-instance-1)# top
  7. Configure interface cost and port priority.
     
    # Port Priority: range 0 (highest) to 240 (lowest) in increments of 16, default 128.
# The priority is used as the port identifier together with the slot/port numbers.
 
# Port Path Cost: range 0 (lowest) to 20,000,000,000 in increments of 1.
# The default port path cost is assigned dynamically:
# cost = 20,000,000,000 / port speed in Kbits/s.
 
partition1# config
# Need to configure all interfaces that will be included in STP
partition1(config)# stp mstp mst-instances mst-instance 1 interfaces interface 1/1.0 
  config cost 200 port-priority 128
partition1# commit
  8. Configure interface edge-port and link-type.
     
    # Need to configure all interfaces that will be included in STP
partition1(config)# partition1(config)# stp interfaces interface 1/2.0 
  config edge-port EDGE_AUTO link-type P2P
partition1# commit
    These settings speed up convergence time by eliminating the learning state on ports that do not receive BPDUs. This configuration is cancelled automatically upon reception of a BPDU.
Contact Support Contact Support

Have a Question?

Support and Sales >

About F5

Education

F5 Sites

Support Tasks




©2023 F5, Inc. All rights reserved.


Trademarks Policies Privacy California Privacy Do Not Sell My Personal Information