Tuesday, July 28, 2015

How you understand documenting Conceptual, Logic, Physical?

I have just read following question in Google+ "VCDX Study Group 2015"
As a fellow writer (we architects are not readers, but writers! :) ) wanted to ask you how you understand documenting Conceptual, Logic, Physical.
Can you add all these in a single Architecture design document with all 3 parts as 3 sections or you are better off creating 3 separate documents for each type of design?
I'm hearing very often similar questions about approach how to write good design documentation. So my answer was following ...

As a writer you have to decide what is the best for your readers :-)

When I'm engaged to write Architecture document I use different approaches for different design engagements. It really depends on project size, scope, audience, architecture team, etc... For example, right now I'm working on project where 6 architects are working on single High Level Design covering big picture and each preparing Low Level Design. At the end there is single HLD document and five separate LLD documents covering
  • Compute, 
  • Storage, 
  • Networking,
  • vSphere and
  • Backup.
I had another projects where whole architecture was in single document where each section was targeted to different auditorium. That was a case of my VCDX design documentation.

Generally I believe High Level Design (HLD) is for broader technical audience but also for business owners. Therefore physical design is not required in this stage and only Conceptual and brief Logical design for each area should be in HLD. Low Level Design (LLD) is for technical implementers and technical operational personnel therefore less writing creativity and more deep technical language for specific area should be used there with references to HLD. I recommend to read Greg Ferro's "Eleven Rules of Design Documentation" which IMHO apply very good to LLD.

HLD Conceptual Design should include business and technical requirements, constraints, assumptions, key design decisions, overall high level concept and risk analysis).

HLD Logical Design should include basic logical constructions for different design areas together with capacity planning.

LLD should include Conceptual, Logical and Physical design for specific area(s) or designed system/subsystem. In LLD conceptual design there should be a subset of HLD technical requirements, constraints and assumptions and maybe some other specific requirements irrelevant in HLD. They can be even discovered after HLD and LLD design reviews and additional technical workshops. Logical design can be the same as in HLD or you can go into deeper level but still stay in logical layer without product physical specifications, cabling port IDs, VLAN IDs, IP addressing, etc... These physical details should be in in physical design and if needed referenced in to attachments, excel workbooks, or similar implementation/configuration management documents.

LLD Physical design is usually leveraged by implementer to prepare As-Built documentation.

That's just my $0.02 and your mileage can vary. 

At the end I have to repeat ... you, as a writer (Architect), have to decide appropriate documentation format for your target audience.

Don't hesitate to share your thoughts in comments.

Tuesday, July 07, 2015

DELL Force10 : Interface Configuration and VLANs

Physical interface configuration

Physical switch interface configuration is a basic operation with any switch device. DELL Force10 switch is not exception. However one think is very unique on Force10 switches. Everything, including physical interfaces, on Force10 switch is disabled by default therefore interfaces are in down state and must be configured before any use. Someones are saying it is strange behavior but in my opinion that's pretty good behavior because it is much more secure approach. You will not disrupt whole network by connecting and cabling new switch in to your enterprise network until you configure something. If you will do bad configuration than it is your fault and not device fault.

Ok, so when you want to use some switch interface you have to enable interface explicitly. Before that you should be absolutely sure your new Force10 switch is ready to be connected to the network. Think for example about spanning tree protocol configuration. Let's assume you know what you do and you want enable particular physical interface. It is easy. I thong the example below is self explanatory
conf
  interface tengigabit 0/1
  no shutdown
So your interface is up but another important note is that all physical interfaces are Layer 3 by default. You can assign IP address to Layer 3 (routed) interface and your L3 switch is configured as router device. IP address assignment is shown below.
conf
  interface tengigabit 0/1
  ip address 192.168.1.11/24
  no shutdown
Cool, but there is a chance you want configure Layer 2 interface to work as a switch port and not routed port. It is pretty easy, you have to tell it to your interface to not have IP address and behave as a switch port.
conf
  interface tengigabit 0/1
  no ip address
  switchport
  no shutdown

Physical Interface Numbering

So far we have used similar interface identification as follows
interface tengigabit 0/13

General interface identification convention parts have following format
interface <Interface Type> <Stack Unit Number>/<Interface Number>
where
  • Interface Type - can have values gigabit (gi), tengigabit (te), fortygigabit (fo)
  • Stack Unit Number - is stack ID number if classic stacking is configured otherwise there is 0 as it is single unit switch
  • Interface Number - is sequential port number on particular stack unit

Interface ranges

You can leverage interface ranges to simplify interface and VLAN configurations. 
conf
interface range  te 0/1-3, te 0/5-7
interface range vlan 100-110
I think you can see.the benefit. All configurations are applied to all interfaces on the range.

VLANs

In configurations above everything is happening in default VLAN which is by default VLAN 1. This is a single broadcast domain. In computer networking, a single layer-2 network may be partitioned to create multiple distinct broadcast domains, which are mutually isolated so that packets can only pass between them via one or more routers; such a domain is referred to as a virtual local area network, virtual LAN or VLAN. Source: wikipedia. Nowadays VLANs are used very often for network separation (security) and broadcast domain split (availability, performance). If you are familiar with CISCO VLAN configuration then you have to create VLAN id in VLAN database and you can assign VLAN/VLANs to particular interface. In Force10 it is little bit different. You have to create VLAN id, that's the same. However you are not assigning VLAN per interface but assigning interfaces to VLAN. See example below.
conf
  interface vlan 100
  description "VLAN for mission critical servers"
  untagged TenGigabitEthernet 0/1-3
  tagged TenGigabitEthernet 0/0
In example above we have created VLAN 100 for three mission critical servers. Servers are connected to ports Te 0/1, Te 0/2 and Te 0/3 without VLAN tagging (aka access mode). Switch interface Te 0/0 is uplink to the rest of the network therefore more VLANs has to be configured on this particular port therefore the port is configured as a trunk port with more tagged VLANs.

Switch uplinks are usually configured redundantly in high availability mode therefore there is a big chance you would like to use port-channel (aka LAG) as an switch uplink. LAGs are explained in next section. Port-channel is nothing else as a special virtual interface therefore port-channel VLAN configuration is very similar to physical interfaces.
conf
interface vlan 100
  description "VLAN for mission critical servers"
  untagged TenGigabitEthernet 0/1-3
  tagged Port-channel 1

LAGs - Link Aggregates 

Link Aggregation is general term for channeling multiple links into single virtual aggregate also known as port channel. There are two types of port channels static and dynamic (aka LACP). For more general information about link aggregation look here.

Now let's see how you can configure port channels.

Static Port Channel
Below is example of static port channel bundled with two interfaces (te 0/1 and te 0/2)
interface port-channel 1
  description "Static Port-Channel"
  channel-member tengigabit 0/1
  channel-member tengigabit 0/2
  no ip address
  switchport
  no shutdown
Dynamic Port Channel
Below is example of dynamic port channel bundled with two interfaces (te 0/1 and te 0/2)
interface port-channel 1
  description "Dynamic Port-Channel (LACP)"
  no ip address
  switchport
  no shutdown
 
interface tengigabit 0/1
  port-channel-protocol lacp
    port-channel 1 mode active
  no shutdown
 
interface tengigabit 0/2
  port-channel-protocol lacp
    port-channel 1 mode active
  no shutdown

VLT (Virtual Link Trunking) is actually virtual Port Channel spanned across multiple chassis (aka MultiChassis LAG). VLT can be static or dynamic port-channel. When two Force10 switches are configured in single VLT domain you can create VLT port-channel independently on each VLT node. You can read more about VLT here.

You configure VLT port-channel on each node in absolutely same way as classic port-channels. The only difference is that you will tell FTOS that this particular port-channel is VLT and you can define peer port-channel id which can be different then on other node. However best practice is to use same port-channel IDs on both VLT nodes just to keep configuration simple and more readable.

Directive to tell the port-channel is VLT is vlt-peer-lag.

So if port-channel examples above would be VLTs then the configuration is the same only with one additional option. See examples below.

Static VLT Port Channel
interface port-channel 1
  description "Static Port-Channel"
  channel-member tengigabit 0/1
  channel-member tengigabit 0/2
  vlt-peer-lag port-channel 1
  no ip address
  no shutdown

Dynamic VLT Port Channel
interface port-channel 1
  description "Dynamic Port-Channel (LACP)"
  no ip address
  vlt-peer-lag port-channel 1
  switchport
  no shutdown
 
interface tengigabit 0/1
  port-channel-protocol lacp
    port-channel 1 mode active
  no shutdown
 
interface tengigabit 0/2
  port-channel-protocol lacp
    port-channel 1 mode active
  no shutdown

Conclusion

Interface and VLAN configuration is an basic network operation. If you are familiar with any other switch vendor interface configuration I think Force10 interface configuration is simple for you. Only different approach is with VLAN configuration but it is just a matter of habit.

Hope you found this blog post useful and as always, any comment and feedback is highly appreciated.