10-20-2019 08:11 AM - edited 11-17-2019 05:52 PM
ENCS 5400 is a purpose built compute platform for branch networking. Multiple VNFs (virtual network functions) can be hosted in the ENCS platform with flexible connectivity options. This document provides use-case design overview step-by-step configuration for key design options with ENCS switch.
NFVIS uses L2 physical and virtual entities to plumb traffic from LAN towards the WAN. There are multiple Layer2 software and hardware entities in a typical ENCS based design. OVS vswitch, SRIOV, ENCS switch(8 ports) and External switch.
It is important to understand the "network" construct in NFVIS.
wan-net, lan-net, mgmt-net are essentially port-groups (ports in vswitch with same characteristics), idea is to abstract and hide virtual ports, simplify configuration as a result.
For example :
Connect multiple VNFs to mgmt-net on lan-br vswitch (access, vlan 10).
Connect multiple VNFs to lan-net on lan-br vswitch (trunk-> allowing vlan 20, 30).
For making a connection from VNF towards a user on the lan side, at a minimum, OVS or SRIOV and ENCS Switch connectivity must be configured. Similar to connecting 2 physical switches, OVS vswitch and ENCS switch have 4 possible configuration possibilities.
ENCS-Left(config)# switch
ENCS-Left(config-switch)# vlan 20
ENCS-Left(config-switch-vlan)# vlan 30
ENCS-Left(config)# switch interface gigabitEthernet 1/1
ENCS-Left(config-switch-if)# switchport mode access
ENCS-Left(config-switch-if)# switchport access vlan 20
ENCS-Left(config-switch-if)# interface gigabitEthernet 1/7
ENCS-Left(config-switch-if)# switchport mode trunk
ENCS-Left(config-switch-if)# switchport trunk allowed vlan 20,30
ENCS-Left(config-switch-if)# commit
ENCS-Left(config)# networks network lan-net
ENCS-Left(config-network-lan-net)# vlan 20
ENCS-Left(config-network-lan-net)# vlan 30
ENCS-Left(config-network-lan-net)# commit
ENCS-Left(config)# switch interface gigabitEthernet 1/7
ENCS-Left(config-switch-if)# switchport mode trunk
ENCS-Left(config-switch-if)# switchport trunk allowed vlan 10
ENCS-Left(config-switch-if)# interface gigabitEthernet 1/1
ENCS-Left(config-switch-if)# switchport mode access
ENCS-Left(config-switch-if)# switchport access vlan 10
ENCS-Left(config-switch-if)# commit
ENCS-Left(config)# networks network mgmt-net
ENCS-Left(config-network-mgmt-net)# bridge lan-br
ENCS-Left(config-network-mgmt-net)# trunk false
ENCS-Left(config-network-mgmt-net)# vlan 10
When using Cisco ENCS and Cisco Switches, common expectation is to use PVST+, detect loops and switch specific ports to BLOCKING mode.
ENCS switch does NOT support PVST (Per VLAN spanning tree). By Default, RSTP could end up blocking ENCS port back-to-back connection, this will result in Blocking “Traffic path between the VNFs”.
Recommended Solution is to use MSTP in ENCS and the External Switches. Following topology and configuration provides a step-by-step procedure with reasoning for specific config use.
Essentially, there are 2 instances of MSTP created. One for handling “Traffic path between VNFs” and the Second for handling “Traffic from/towards LAN”.
Note : Ensure that the MST instance id is identical in the participating switches with, also match the VLAN id's associated with MST instances.
NOTE: In cases where External Switch cannot be configured for MSTP, RSTP will be used and the 2 links back-2-back between ENCS will not be in port-channel.
Refer attached ENCS HA design for further details.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: