Article ID: 7086
Products
SecureStack
C5, C3, C2-Series
B5, B3, B2-Series
A2-Series
Solution
Most of the following is paraphrased, with elaborations, from the
Configuration Guides.
About Switch Operation in a Stack
Up to eight SecureStack switches, in the combinations described in
5834, may be combined into one manageable stack when installed and connected as described in the
Installation Guide relevant to your SecureStack product.
Within a stack, the individual switch units behave and perform as a single logical switch, having a single configuration which references ports as 'type.unit.port' (for example, ge.2.3). Thus, within a stack there is no separate protocol necessary to prevent data loops over the stacking cables. Externally - for example to prevent a loop when a crossover cable is attached at both ends to front switch ports of the same stack - Spanning Tree is necessary to prevent a data loop.
The following occurs during initialization:
- The switch that will manage the stack is automatically established. The manager organizes all the reachability information for bridging and routing, including keeping the address tables in the member units (including itself) coherent.
- All other switches are established as members in the stack. Each individual stack member processes its own packets, rather than pushing them to the manager for processing.
- The hierarchy of the member switches that will assume the function of backup manager is also determined in case the current manager malfunctions, is powered down, or is disconnected from the stack.
- The console port on the manager switch remains active for out-of-band (local) switch management, but the console port on each member switch is deactivated - except for the ability for it to report its unit number. This enables the user to set the IP address, system password, and any other parameters using a single console port. Each switch can be configured locally using only the manager's console port (5463), or inband using the stack's IP address from a remote device.
- When stacked, the only file structure and configuration that is viewable or manipulable is that of the manager unit, which pushes its configuration to each of the member units at up to 30-minute intervals. To avoid partial or complete configuration loss in the event of manager failure after a configuration change but before it was able to push the changes to the member units, please review and act upon the guidelines explained in 5482.
- When a member is unstacked to become its own manager, it starts with a defaulted configuration. Any previous configuration that was on it before it was stacked is lost, with one exception: If the previous configuration had been saved using the 'save outfile' command prior to the unit being stacked as a member, it may be reactivated by means of the 'configure' command (5623) after the unit is unstacked and is again a manager unit.
Stacking cables are hot-swappable. It is not necessary (unless stated otherwise below, in certain circumstances) to power down SecureStack units before attaching or detaching stacking cables. And even in those exception circumstances, no harm will come to the hardware whether powered down first, or not.
Once a stack is created (more than one switch is interconnected)...
1. The management election process uses the following precedence to assign a management device:
- Previously assigned / elected management unit
- User-assigned priority ('set switch <ID> priority <15-0>', where15 is high priority)(7694)
- Hardware preference level
- Highest MAC Address
The management designation is written to the manager. Then, every time the manager is power-cycled, it will initialize with that role if not already assigned elsewhere. This is important for consistent stacking behavior from the human perspective.
Once the stack has an assigned manager unit, that unit will remain the stack manager until it is no longer operational within the stack but at least one other stack unit is available to assume the manager role. If due to a reset event the user-preferred manager unit no longer has that role, as desired it should resume the manager role after a manual reset of (only) the current manager unit again triggers the management election process - which will choose the best available candidate to assume the stack manager role.
2. The unit# election process uses the following precedence to assign unit numbers 1-8:
- Previously assigned / elected unit#
- User-assigned priority ('set switch <ID> priority <15-0>', where15 is high priority)
- Hardware preference level
- Highest MAC Address
The unit IDs are saved against each unit (all IDs written to the manager, and each unit's ID written to itself). Then, every time a unit is power-cycled, it will initialize with the same unit ID if not already assigned elsewhere. This is important for port-specific information (for example: ge.4.12 is the 12th Gigabit Ethernet port on Unit # 4).
Routing Operation
In addition to switching; the C5 (all firmware), C3 (all firmware), C2 (f/w 3.00.50+), B5 (all firmware), and B3 (f/w 1.01.01.0039+) support a routing capability. The SecureStack routes among VLANs, after appropriate L3 Interfaces are created and each is bound to a VLAN. A loaded stack can act like one large 192-port (8x48) router. There is no concept of configuring a specific stack unit as a router. As already noted, if the manager fails, then a backup manager takes over. If the router is active and any one unit fails, the switching and routing continue.
Stack Disruption timing
The insertion of new units to the stack is handled dynamically. Plug in the stack cable, then power up the new unit. Normally the integration is a fairly rapid process. However, be aware that this is a background function; if the stack is extremely busy with user traffic, it could take possibly hours for the new unit to integrate with the stack.
Note: On the C2 with f/w prior to 2.01.22+, inserting new units requires the stack to restart. Data transmission in the stack is disrupted for up to two minutes (unit boot-up time). Once new units are booted, it takes another two minutes to settle the stack.
Upon management unit failure, removal, or reassignment ('set switch movemanagement'); the operation of the stack (including the ethernet link state of all ports) will be interrupted for about 30-40 seconds.
Upon non-management unit failure and/or removal, the operation of the stack will be interrupted for about 2-3 seconds.
Installing a New Stackable System of Up to Eight Units
Use the following procedure for installing a new stack of up to eight units out of the box, assuming that all units have a clean configuration from manufacturing and are in the same licensing state (
5834), and that all units are running the same firmware image.
Note: For mixed stacks, see
12760.
- Before applying power, make all physical stack cable connections (11977).
- Individually power on each unit from top to bottom. Ensure that each device is fully operational before applying power to the next device. Unit IDs are assigned on a first-come-first-serve basis, so this will ensure that unit IDs are ordered sequentially.
- Log into the CLI of the management unit (5463), and use the 'show switch' command (5780) to display stacking information.
- Optionally, change the management unit using the 'set switch movemanagement' command, and/or change the unit numbering using the 'set switch member' command.
Installing a Previously-Configured System of Up to Eight Units
If member units in a stack have been previous members of a different stack, you may need to configure the renumbering of the stack. All units must be running the same firmware image.
- Stack the unpowered units in the order desired, and connect the stack cables (11977).
- Power up only the unit you wish to be manager.
- Once the management unit is powered up, log into the CLI (5463) and use the 'show switch' command (5780) to display stacking information.
- Clear any switches which are listed as "Unassigned", using the 'clear switch member' command.
- Power up the member of the stack you wish to become unit 2. Once the second unit is fully powered, the COM session of the CLI will state that a new CPU was added.
- Use the 'show switch' command to redisplay stacking information.[list=1]
- If the new member displays as unit 2, you can proceed to repeat this step with the next unit.
- If the new member displays a different unit number, you must renumber the stack using the 'set switch renumber' command then clear the original unit number using the 'clear switch member' command. Avoid directly reassigning a different unit number to the stack manager, or by design the stack configuration will revert to defaults (10749).
Repeat Step 6 until all members have been renumbered to the order you desire.
Adding a New Unit to an Existing Stack
Use the following procedure for installing a new unit to an existing stack configuration. This procedure assumes that the new unit being added has a clean configuration from manufacturing, is in the same licensing state (5834) as the other units in the stack, and is running the same firmware image version as the other units in the stack.
Note: For mixed stacks, see 12760.
- Ensure that power is off on the new unit being installed. It is assumed here that the existing stack is powered up.
- Use one of the following methods to complete stack cable connections (11977😞
- If the running stack uses a daisy chain topology, make the stack cable connections from the bottom of the stack to the new unit (that is, STACK UP port from the bottom unit of the running stack to the STACK DOWN port on the new unit).
- If the running stack uses a ring stack topology, break the ring and make the stack cable connections to the new unit to close the ring.
- Apply power to the new unit.
- Log into the CLI of the management unit (5463), and use the 'show switch' command (5780) to display stacking information.
- If the stacking setup does not appear as desired, use the guidelines from the above section to readjust the configuration.
Upgrading an Operational Stack
Stack upgrade may be accomplished by a single upgrade operation (5605), which is pushed by the manager to all the stack members.
Removing Units from an Existing Stack
Use the following procedure for removing one or more units from an existing stack configuration. On the C2, this procedure assumes that the stack is running firmware 2.01.20 or higher.
- If it's been less than 30 minutes since the last time the configuration changed, use the 'save config' command to ensure that all units have full configuration knowledge.
- Remove the stack cable(s) associated with the switch(es) you want to remove.
- Operation of the sub-stack which retains the previous manager unit will be disrupted for 2-3 seconds.
- Operation of any sub-stack(s) which now lack a manager unit will be disrupted for 30-40 seconds while a new manager unit is elected and comes on line.
- In all cases, units will retain their unit numbers.
- You may optionally power down one or more units either before or after removing stack cables. If this happens in a stack, disruption time to any remaining unit(s) will be as stated above.
- After the fact, you may optionally use the 'clear switch member' command to remove any "Unassigned" units.
Important: The 'clear config' command clears configuration parameters exceptstack unit IDs, priorities, management history, licensing - and possibly the host IP address (5628). The 'clear config all' command makes a clean sweep of all configurations except licensing (5781).
See also: 5455, 5751, 7247, and 12133.