advertisement
HP 5920 & 5900 Switch Series
Layer 3 - IP Routing
Configuration Guide
Part number: 5998-2895
Software version: Release2207
Document version: 6W100-20121130
Legal and notice information
© Copyright 2012 Hewlett-Packard Development Company, L.P.
No part of this documentation may be reproduced or transmitted in any form or by any means without prior written consent of Hewlett-Packard Development Company, L.P.
The information contained herein is subject to change without notice.
HEWLETT-PACKARD COMPANY MAKES NO WARRANTY OF ANY KIND WITH REGARD TO THIS
MATERIAL, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
AND FITNESS FOR A PARTICULAR PURPOSE. Hewlett-Packard shall not be liable for errors contained herein or for incidental or consequential damages in connection with the furnishing, performance, or use of this material.
The only warranties for HP products and services are set forth in the express warranty statements accompanying such products and services. Nothing herein should be construed as constituting an additional warranty. HP shall not be liable for technical or editorial errors or omissions contained herein.
Contents
i
ii
iii
iv
v
vi
vii
viii
IP routing basics
IP routing directs IP packet forwarding on routers based on a routing table. This chapter focuses on unicast routing protocols. For more information about multicast routing protocols, see IP Multicast
Configuration Guide.
Routing table
A router maintains at least two routing tables: a global routing table and a FIB. The FIB table contains only the optimal routes, and the global routing table contains all routes. The router uses the FIB table to forward packets. For more information about the FIB table, see Layer 3—IP Services Configuration
Guide.
categorizes routes by different criteria.
Table 1 Route categories
Criterion Categories
Destination
•
Network route—The destination is a network. The subnet mask is less than 32 bits.
•
Host route—The destination is a host. The subnet mask is 32 bits.
Whether the destination is directly connected
•
•
Direct route—The destination is directly connected.
Indirect route—The destination is indirectly connected.
Origin
•
Direct route—A direct route is discovered by the data link protocol on an interface, and is also called an "interface route."
•
Static route—A static route is manually configured by an administrator.
•
Dynamic route—A dynamic route is dynamically discovered by a routing protocol.
To view brief information about a routing table, use the display ip routing-table command:
<Sysname> display ip routing-table
Destinations : 19 Routes : 19
Destination/Mask Proto Pre Cost NextHop Interface
0.0.0.0/32 Direct 0 0 127.0.0.1 InLoop0
1.1.1.0/24 Direct 0 0 1.1.1.1 Vlan1
1.1.1.0/32 Direct 0 0 1.1.1.1 Vlan1
1.1.1.1/32 Direct 0 0 127.0.0.1 InLoop0
1.1.1.255/32 Direct 0 0 1.1.1.1 Vlan1
2.2.2.0/24 Static 60 0 12.2.2.2 Vlan2
80.1.1.0/24 OSPF 10 2 80.1.1.1 Vlan3
...
A route entry includes the following key items:
• Destination—IP address of the destination host or network.
•
Mask—Mask length of the IP address.
1
• Pre—Preference of the route. Among routes to the same destination, the route with the highest preference is optimal.
•
Cost—If multiple routes to a destination have the same preference, the one with the smallest cost is the optimal route.
• NextHop—Next hop.
•
Interface—Output interface.
Dynamic routing protocols
Static routes work well in small, stable networks. They are easy to configure and require fewer system resources. However, in networks where topology changes occur frequently, a typical practice is to configure a dynamic routing protocol. Compared with static routing, a dynamic routing protocol is complicated to configure, requires more routers resources, and consumes more network resources.
Dynamic routing protocols dynamically collect and report reachability information to adapt to topology changes. They are suitable for large networks.
Dynamic routing protocols can be classified by different criteria, as shown in Table 2 .
Table 2 Categories of dynamic routing protocols
Criterion Categories
Operation scope
•
IGPs—Work within an AS. Examples include RIP, OSPF, and IS-IS.
•
EGPs—Work between ASs. The most popular EGP is BGP.
Routing algorithm
Destination address type
IP version
•
Distance-vector protocols—Examples include RIP and BGP. BGP is also considered a path-vector protocol.
•
Link-state protocols—Examples include OSPF and IS-IS.
•
Unicast routing protocols—Examples include RIP, OSPF, BGP, and IS-IS.
•
Multicast routing protocols—Examples include PIM-SM and PIM-DM.
•
IPv4 routing protocols—Examples include RIP, OSPF, BGP, and IS-IS.
•
IPv6 routing protocols—Examples include RIPng, OSPFv3, IPv6 BGP, and IPv6 IS-IS.
An AS refers to a group of routers that use the same routing policy and work under the same administration.
Route preference
Routing protocols, including static and direct routing, each by default have a preference. If they find multiple routes to the same destination, the router selects the route with the highest preference as the optimal route.
The preference of a direct route is always 0 and cannot be changed. You can configure a preference for each static route and each dynamic routing protocol. The following table lists the route types and default preferences. The smaller the value, the higher the preference.
Table 3 Route types and default route preferences
Route type
Direct route
Preference
0
2
Route type Preference
Multicast static route 1
OSPF 10
IS-IS 15
Unicast static route 60
RIP 100
OSPF ASE
OSPF NSSA
150
150
IBGP 255
EBGP 255
Unknown (route from an untrusted source) 256
Load sharing
A routing protocol may find multiple optimal equal-cost routes to the same destination. You can use these routes to implement equal-cost multi-path (ECMP) load sharing.
Static routing, IPv6 static routing, RIP, RIPng, OSPF, OSPFv3, BGP, IPv6 BGP, IS-IS, and IPv6 IS-IS support
ECMP load sharing.
Route backup
Route backup can improve network availability. Among multiple routes to the same destination, the route with the highest priority is the primary route and others are secondary routes.
The router forwards matching packets through the primary route. When the primary route fails, the route with the highest preference among the secondary routes is selected to forward packets. When the primary route recovers, the router uses it to forward packets.
Route recursion
To use a BGP or static route, a router must perform route recursion to find the outgoing interface to reach the next hop.
Link-state routing protocols, such as OSPF and IS-IS, do not need route recursion, because they obtain directly connected next hops through route calculation.
Route redistribution
Route redistribution enables routing protocols to learn route information from each other. A dynamic routing protocol can redistribute routes from other routing protocols, including direct and static routing.
For more information, see the respective chapters on those routing protocols in this configuration guide.
3
Configuring the maximum number of ECMP routes
This configuration takes effect at next reboot. Make sure the reboot does not impact your network.
To configure the maximum number of ECMP routes:
Step Command
1. Enter system view. system-view
2. Configure the maximum number of ECMP routes.
3. (Optional.) Display the maximum number of ECMP routes. max-ecmp-num number display max-ecmp-num
Remarks
N/A
By default, the maximum number of ECMP routes is 8.
You can execute the display command in any view.
Displaying and maintaining a routing table
Execute display commands in any view and reset commands in user view.
Task Command
Display routing table information.
Display information about routes permitted by an IPv4 basic ACL.
Display information about routes to a specific destination address. display ip routing-table [ vpn-instance vpn-instance-name ]
[ verbose ] display ip routing-table [ vpn-instance vpn-instance-name ] acl
acl-number [ verbose ] display ip routing-table [ vpn-instance vpn-instance-name ]
ip-address [ mask | mask-length ] [ longer-match ] [ verbose ]
Display information about routes to a range of destination addresses.
Display information about routes permitted by an IP prefix list.
Display information about routes installed by a protocol.
Display IPv4 route statistics.
Clear IPv4 route statistics.
Display IPv6 routing table information.
Display information about routes to an
IPv6 destination address.
Display information about routes permitted by an IPv6 basic ACL.
Display information about routes to a range of IPv6 destination addresses.
Display information about routes permitted by an IPv6 prefix list. display ip routing-table [ vpn-instance vpn-instance-name ]
ip-address1 to ip-address2 [ verbose ] display ip routing-table [ vpn-instance vpn-instance-name ] prefix-list
prefix-list-name [ verbose ] display ip routing-table [ vpn-instance vpn-instance-name ] protocol
protocol [ inactive | verbose ] display ip routing-table [ vpn-instance vpn-instance-name ] statistics reset ip routing-table statistics protocol [ vpn-instance
vpn-instance-name ] { protocol | all } display ipv6 routing-table [ vpn-instance vpn-instance-name ]
[ verbose ] display ipv6 routing-table [ vpn-instance vpn-instance-name ]
ipv6-address [ prefix-length ] [ longer-match ] [ verbose ] display ipv6 routing-table [ vpn-instance vpn-instance-name ] acl
acl6-number [ verbose ] display ipv6 routing-table [ vpn-instance vpn-instance-name ]
ipv6-address1 to ipv6-address2 [ verbose ] display ipv6 routing-table [ vpn-instance vpn-instance-name ] prefix-list prefix-list-name [ verbose ]
4
Task Command
Display information about routes installed by an IPv6 protocol.
Display IPv6 route statistics.
Clear IPv6 route statistics. display ipv6 routing-table [ vpn-instance vpn-instance-name ] protocol protocol [ inactive | verbose ] display ipv6 routing-table [ vpn-instance vpn-instance-name ] statistics reset ipv6 routing-table statistics protocol [ vpn-instance
vpn-instance-name ] { protocol | all }
5
Configuring static routing
Static routes are manually configured. If a network's topology is simple, you only need to configure static routes for the network to work properly.
Static routes cannot adapt to network topology changes. If a fault or a topological change occurs in the network, the network administrator must modify the static routes manually.
Configuring a static route
Before you configure a static route, complete the following tasks:
•
Configure the physical parameters for related interfaces.
• Configure the link-layer attributes for related interfaces.
•
Configure the IP addresses for related interfaces.
You can associate track with a static route to monitor the reachability of the next hops. For more information about track, see High Availability Configuration Guide.
To configure a static route:
Step Command
1. Enter system view. system-view
2. Configure a static route.
•
Approach 1: ip route-static dest-address { mask |
mask-length } { next-hop-address [ track
track-entry-number ] | interface-type
interface-number [ next-hop-address ] | vpn-instance d-vpn-instance-name
next-hop-address [ track track-entry-number ] }
[ permanent ] [ preference preference-value ]
[ tag tag-value ] [ description description-text ]
•
Approach 2: ip route-static vpn-instance
s-vpn-instance-name dest-address { mask |
mask-length } { next-hop-address [ public ]
[ track track-entry-number ] | interface-type
interface-number [ next-hop-address ] | vpn-instance d-vpn-instance-name
next-hop-address [ track track-entry-number ] }
[ permanent ] [ preference preference-value ]
[ tag tag-value ] [ description description-text ]
3. (Optional.)
Configure the default preference for static routes. ip route-static default-preference
default-preference-value
4. (Optional.) Delete all static routes, including the default route. delete [ vpn-instance vpn-instance-name ] static-routes all
Remarks
N/A
Use either approach.
By default, no static route is configured.
The default setting is 60.
To delete one static route, use the undo ip route-static command.
6
Configuring BFD for static routes
IMPORTANT:
Enabling BFD for a flapping route could worsen the situation.
BFD provides a general-purpose, standard, medium-, and protocol-independent fast failure detection mechanism. It can uniformly and quickly detect the failures of the bidirectional forwarding paths between two routers for protocols, such as routing protocols and MPLS.
For more information about BFD, see High Availability Configuration Guide.
Bidirectional control mode
To use BFD bidirectional control detection between two devices, enable BFD control mode for each device's static route destined to the peer.
To configure a static route and enable BFD control mode for it, specify an output interface and a direct next hop, or specify an indirect next hop and a specific BFD packet source address for the static route.
To configure BFD control mode for a static route (direct next hop):
Step Command
1. Enter system view. system-view
2. Configure BFD control mode for a static route.
•
Approach 1: ip route-static dest-address { mask | mask-length }
interface-type interface-number next-hop-address bfd control-packet [ preference preference-value ]
[ tag tag-value ] [ description description-text ]
•
Approach 2: ip route-static vpn-instance s-vpn-instance-name
dest-address { mask | mask-length } interface-type
interface-number next-hop-address bfd control-packet [ preference preference-value ] [ tag
tag-value ] [ description description-text ]
To configure BFD control mode for a static route (indirect next hop):
Step Command
1. Enter system view. system-view
Remarks
N/A
Use either approach.
By default, BFD control mode for a static route is not configured.
Remarks
N/A
7
Step Command
2. Configure BFD control mode for a static route.
•
Approach 1: ip route-static dest-address { mask | mask-length }
{ next-hop-address bfd control-packet bfd-source
ip-address | vpn-instance d-vpn-instance-name
next-hop-address bfd control-packet bfd-source
ip-address } [ preference preference-value ] [ tag tag-value ] [ description description-text ]
•
Approach 2: ip route-static vpn-instance s-vpn-instance-name
dest-address { mask | mask-length }
{ next-hop-address bfd control-packet bfd-source
ip-address | vpn-instance d-vpn-instance-name
next-hop-address bfd control-packet bfd-source
ip-address } [ preference preference-value ] [ tag
tag-value ] [ description description-text ]
Remarks
Use either approach.
By default, BFD control mode for a static route is not configured.
Single-hop echo mode
With BFD echo mode enabled for a static route, the output interface sends BFD echo packets to the destination device, which loops the packets back to test the link reachability.
IMPORTANT:
Do not use BFD for a static route with the output interface in spoofing state.
To configure BFD echo mode for a static route:
Step Command
1. Enter system view.
2. Configure the source address of echo packets.
3. Configure BFD echo mode for a static route. system-view bfd echo-source-ip ip-address
Remarks
N/A
By default, the source address of echo packets is not configured.
For more information about this command, see High
Availability Command
Reference.
•
Approach 1: ip route-static dest-address { mask |
mask-length } interface-type interface-number
next-hop-address bfd echo-packet [ preference
preference-value ] [ tag tag-value ] [ description
description-text ]
•
Approach 2: ip route-static vpn-instance
s-vpn-instance-name dest-address { mask |
mask-length } interface-type interface-number
next-hop-address bfd echo-packet [ preference
preference-value ] [ tag tag-value ] [ description
description-text ]
Use either approach.
By default, BFD echo mode for a static route is not configured.
8
Configuring static route FRR
A link or router failure on a path can cause packet loss and even routing loop. Static route fast reroute
(FRR) enables fast rerouting to minimize the impact of link or node failures.
Figure 1 Network diagram
As shown in
Figure 1 , upon a link failure, FRR specifies a backup next hop by using a routing policy for
routes matching the specified criteria. Packets are directed to the backup next hop to avoid traffic interruption.
Configuration guidelines
• Do not use static route FRR and BFD (for a static route) at the same time.
•
Static route does not take effect when the backup output interface is unavailable.
•
Equal-cost routes do not support FRR.
• The backup output interface and next hop cannot be modified directly or the same as the primary output interface and next hop.
Configuration procedure
To configure static route FRR:
Step Command
1. Enter system view. system-view
2. Configure the source address of BFD echo packets. bfd echo-source-ip ip-address
Remarks
N/A
By default, the source address of BFD echo packets is not configured.
For more information about this command, see High
Availability Command
Reference.
9
Step Command
3. Configure static route
FRR.
•
Approach 1: ip route-static dest-address { mask |
mask-length } interface-type
interface-number [ next-hop-address
[ backup-interface interface-type
interface-number [ backup-nexthop
backup-nexthop-address ] ] ] [ permanent ]
•
Approach 2: ip route-static vpn-instance
s-vpn-instance-name dest-address { mask |
mask-length } interface-type
interface-number [ next-hop-address
[ backup-interface interface-type
interface-number [ backup-nexthop
backup-nexthop-address ] ] ] [ permanent ]
Remarks
Use either approach.
By default, static route FRR is not configured.
Displaying and maintaining static routes
Execute the display command in any view.
Task Command
Display static route information. display ip routing-table protocol static [ inactive | verbose ]
Static route configuration examples
Basic static route configuration example
Network requirements
Configure static routes on the switches in Figure 2
for interconnections between any two hosts.
Figure 2 Network diagram
10
Configuration procedure
1.
2.
Configure IP addresses for interfaces. (Details not shown.)
Configure static routes:
# Configure a default route on Switch A.
<SwitchA> system-view
[SwitchA] ip route-static 0.0.0.0 0.0.0.0 1.1.4.2
# Configure two static routes on Switch B.
<SwitchB> system-view
[SwitchB] ip route-static 1.1.2.0 255.255.255.0 1.1.4.1
[SwitchB] ip route-static 1.1.3.0 255.255.255.0 1.1.5.6
# Configure a default route on Switch C.
<SwitchC> system-view
3.
[SwitchC] ip route-static 0.0.0.0 0.0.0.0 1.1.5.5
Configure the default gateways of Host A, Host B, and Host C as 1.1.2.3, 1.1.6.1, and 1.1.3.1.
(Details not shown.)
Verifying the configuration
# Display static routes on Switch A.
[SwitchA] display ip routing-table protocol static
Summary Count : 1
Static Routing table Status : <Active>
Summary Count : 1
Destination/Mask Proto Pre Cost NextHop Interface
0.0.0.0/0 Static 60 0 1.1.4.2 Vlan500
Static Routing table Status : <Inactive>
Summary Count : 0
# Display static routes on Switch B.
[SwitchB] display ip routing-table protocol static
Summary Count : 2
Static Routing table Status : <Active>
Summary Count : 2
Destination/Mask Proto Pre Cost NextHop Interface
1.1.2.0/24 Static 60 0 1.1.4.1 Vlan500
Static Routing table Status : <Inactive>
Summary Count : 0
# Use the ping command on Host B to test the reachability of Host A (Windows XP runs on the two hosts).
C:\Documents and Settings\Administrator>ping 1.1.2.2
11
Pinging 1.1.2.2 with 32 bytes of data:
Reply from 1.1.2.2: bytes=32 time=1ms TTL=126
Reply from 1.1.2.2: bytes=32 time=1ms TTL=126
Reply from 1.1.2.2: bytes=32 time=1ms TTL=126
Reply from 1.1.2.2: bytes=32 time=1ms TTL=126
Ping statistics for 1.1.2.2:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 1ms, Maximum = 1ms, Average = 1ms
# Use the tracert command on Host B to test the reachability of Host A.
C:\Documents and Settings\Administrator>tracert 1.1.2.2
Tracing route to 1.1.2.2 over a maximum of 30 hops
1 <1 ms <1 ms <1 ms 1.1.6.1
2 <1 ms <1 ms <1 ms 1.1.4.1
3 1 ms <1 ms <1 ms 1.1.2.2
Trace complete.
BFD for static routes configuration example (direct next hop)
Network requirements
In
, configure a static route to subnet 120.1.1.0/24 on Switch A, and configure a static route to subnet 121.1.1.0/24 on Switch B. Enable BFD for both routes. Configure a static route to subnet
120.1.1.0/24 and a static route to subnet 121.1.1.0/24 on Switch C. When the link between Switch A and
Switch B through the Layer 2 switch fails, BFD can detect the failure immediately and inform Switch A and
Switch B to communicate through Switch C.
Figure 3 Network diagram
Switch A Vlan-int10 12.1.1.1/24
Switch C Vlan-int11 10.1.1.100/24
Device
Switch B
Interface IP address
Vlan-int10 12.1.1.2/24
12
Configuration procedure
1.
2.
Configure IP addresses for the interfaces. (Details not shown.)
Configure static routes and BFD:
# Configure static routes on Switch A and enable BFD control mode for the static route that traverses the Layer 2 switch.
<SwitchA> system-view
[SwitchA] interface vlan-interface 10
[SwitchA-vlan-interface10] bfd min-transmit-interval 500
[SwitchA-vlan-interface10] bfd min-receive-interval 500
[SwitchA-vlan-interface10] bfd detect-multiplier 9
[SwitchA-vlan-interface10] quit
[SwitchA] ip route-static 120.1.1.0 24 vlan-interface 10 12.1.1.2 bfd control-packet
[SwitchA] ip route-static 120.1.1.0 24 vlan-interface 11 10.1.1.100 preference 65
[SwitchA] quit
# Configure static routes on Switch B and enable BFD control mode for the static route that traverses the Layer 2 switch.
<SwitchB> system-view
[SwitchB] interface vlan-interface 10
[SwitchB-vlan-interface10] bfd min-transmit-interval 500
[SwitchB-vlan-interface10] bfd min-receive-interval 500
[SwitchB-vlan-interface10] bfd detect-multiplier 9
[SwitchB-vlan-interface10] quit
[SwitchB] ip route-static 121.1.1.0 24 vlan-interface 10 12.1.1.1 bfd control-packet
[SwitchB] ip route-static 121.1.1.0 24 vlan-interface 13 13.1.1.2 preference 65
[SwitchB] quit
# Configure static routes on Switch C.
<SwitchC> system-view
[SwitchC] ip route-static 120.1.1.0 24 13.1.1.1
[SwitchC] ip route-static 121.1.1.0 24 10.1.1.102
Verifying the configuration
# Display BFD sessions on Switch A.
<SwitchA> display bfd session
Total Session Num: 1 Up Session Num: 1 Init Mode: Active
IPv4 Session Working Under Ctrl Mode:
LD/RD SourceAddr DestAddr State Holdtime Interface
4/7 12.1.1.1 12.1.1.2 Up 2000ms Vlan10
The output shows that the BFD session has been created.
# Display the static routes on Switch A.
<SwitchA> display ip routing-table protocol static
Summary Count : 1
Static Routing table Status : <Active>
13
Summary Count : 1
Destination/Mask Proto Pre Cost NextHop Interface
120.1.1.0/24 Static 60 0 12.1.1.2 Vlan10
Static Routing table Status : <Inactive>
Summary Count : 0
The output shows that Switch A communicates with Switch B through VLAN-interface 10. Then the link over VLAN-interface 10 fails.
# Display static routes on Switch A.
<SwitchA> display ip routing-table protocol static
Summary Count : 1
Static Routing table Status : <Active>
Summary Count : 1
Destination/Mask Proto Pre Cost NextHop Interface
120.1.1.0/24 Static 65 0 10.1.1.100 Vlan11
Static Routing table Status : <Inactive>
Summary Count : 0
The output shows that Switch A communicates with Switch B through VLAN-interface 11.
BFD for static routes configuration example (indirect next hop)
Network requirements
In
, Switch A has a route to interface Loopback1 (2.2.2.9/32) on Switch B, with the output interface VLAN-interface 10. Switch B has a route to interface Loopback1 (1.1.1.9/32) on Switch A, with the output interface VLAN-interface 12. Switch D has a route to 1.1.1.9/32, with the output interface
VLAN-interface 10, and a route to 2.2.2.9/32, with the output interface VLAN-interface 12.
Configure a static route to subnet 120.1.1.0/24 on Switch A, and configure a static route to subnet
121.1.1.0/24 on Switch B. Enable BFD for both routes. Configure a static route to subnet 120.1.1.0/24 and a static route to subnet 121.1.1.0/24 on both Switch C and Switch D. When the link between Switch A and
Switch B through Switch D fails, BFD can detect the failure immediately and inform Switch A and Switch
B to communicate through Switch C.
14
Figure 4 Network diagram
1.
2.
Configuration procedure
Configure IP addresses for interfaces. (Details not shown.)
Configure static routes and BFD:
# Configure static routes on Switch A and enable BFD control mode for the static route that traverses Switch D.
<SwitchA> system-view
[SwitchA] bfd multi-hop min-transmit-interval 500
[SwitchA] bfd multi-hop min-receive-interval 500
[SwitchA] bfd multi-hop detect-multiplier 9
[SwitchA] ip route-static 120.1.1.0 24 2.2.2.9 bfd control-packet bfd-source 1.1.1.9
[SwitchA] ip route-static 120.1.1.0 24 vlan-interface 11 10.1.1.100 preference 65
[SwitchA] quit
# Configure static routes on Switch B and enable BFD control mode for the static route that traverses Switch D.
<SwitchB> system-view
[SwitchB] bfd multi-hop min-transmit-interval 500
[SwitchB] bfd multi-hop min-receive-interval 500
[SwitchB] bfd multi-hop detect-multiplier 9
[SwitchB] ip route-static 121.1.1.0 24 1.1.1.9 bfd control-packet bfd-source 2.2.2.9
[SwitchB] ip route-static 121.1.1.0 24 vlan-interface 13 13.1.1.2 preference 65
[SwitchB] quit
# Configure static routes on Switch C.
<SwitchC> system-view
[SwitchC] ip route-static 120.1.1.0 24 13.1.1.1
[SwitchC] ip route-static 121.1.1.0 24 10.1.1.102
# Configure static routes on Switch D.
<SwitchD> system-view
[SwitchD] ip route-static 120.1.1.0 24 11.1.1.1
[SwitchD] ip route-static 121.1.1.0 24 12.1.1.1
Verifying the configuration
# Display BFD sessions on Switch A.
<SwitchA> display bfd session
15
Total Session Num: 1 Up Session Num: 1 Init Mode: Active
IPv4 Session Working Under Ctrl Mode:
LD/RD SourceAddr DestAddr State Holdtime Interface
4/7 1.1.1.9 2.2.2.9 Up 2000ms Loop1
The output shows that the BFD session has been created.
# Display the static routes on Switch A.
<SwitchA> display ip routing-table protocol static
Summary Count : 1
Static Routing table Status : <Active>
Summary Count : 1
Destination/Mask Proto Pre Cost NextHop Interface
120.1.1.0/24 Static 60 0 12.1.1.2 Vlan10
Static Routing table Status : <Inactive>
Summary Count : 0
The output shows that Switch A communicates with Switch B through VLAN-interface 10. Then the link over VLAN-interface 10 fails.
# Display static routes on Switch A.
<SwitchA> display ip routing-table protocol static
Summary Count : 1
Static Routing table Status : <Active>
Summary Count : 1
Destination/Mask Proto Pre Cost NextHop Interface
120.1.1.0/24 Static 65 0 10.1.1.100 Vlan11
Static Routing table Status : <Inactive>
Summary Count : 0
The output shows that Switch A communicates with Switch B through VLAN-interface 11.
16
Static route FRR configuration example
Network requirements
As shown in
, configure static routes on Switch S, Switch A, and Switch D, and configure static route FRR so when Link A fails, traffic can be switched to Link B immediately.
Figure 5 Network diagram
Configuration procedure
1.
2.
Configure IP addresses for interfaces. (Details not shown.)
Configure static routes FRR on link A:
# Configure a static route on Switch S, and specify VLAN-inteface 100 as the backup output interface and 12.12.12.2 as the backup next hop.
<SwitchS> system-view
3.
[SwitchS] bfd echo-source-ip 4.4.4.4
[SwitchS] ip route-static 4.4.4.4 32 vlan-interface 200 13.13.13.2 backup-interface vlan-interface 100 backup-nexthop 12.12.12.2
# Configure a static route on Switch D, and specify VLAN-interface 101 as the backup output interface and 24.24.24.2 as the backup next hop.
<SwitchD> system-view
[SwitchD] bfd echo-source-ip 1.1.1.1
[SwitchD] ip route-static 1.1.1.1 32 vlan-interface 200 13.13.13.1 backup-interface vlan-interface 101 backup-nexthop 24.24.24.2
Configure static routes on Switch A.
<SwitchA> system-view
[SwitchA] ip route-static 4.4.4.4 32 vlan-interface 101 24.24.24.4
[SwitchA] ip route-static 1.1.1.1 32 vlan-interface 100 12.12.12.1
Verifying the configuration
# Display route 4.4.4.4/32 on Switch S to view the backup next hop information.
[SwitchS] display ip routing-table 4.4.4.4 verbose
Summary Count : 1
Destination: 4.4.4.4/32
Protocol: Static Process ID: 0
SubProtID: 0x0 Age: 04h20m37s
Cost: 0 Preference: 60
Tag: 0 State: Active Adv
17
OrigTblID: 0x0 OrigVrf: default-vrf
TableID: 0x2 OrigAs: 0
NBRID: 0x26000002 LastAs: 0
AttrID: 0xffffffff Neighbor: 0.0.0.0
Flags: 0x1008c OrigNextHop: 13.13.13.2
Label: NULL RealNextHop: 13.13.13.2
BkLabel: NULL BkNextHop: 12.12.12.2
Tunnel ID: Invalid Interface: Vlan-interface200
BkTunnel ID: Invalid BkInterface: Vlan-interface100
# Display route 1.1.1.1/32 on Switch D to view the backup next hop information.
[SwitchD] display ip routing-table 1.1.1.1 verbose
Summary Count : 1
Destination: 1.1.1.1/32
Protocol: Static Process ID: 0
SubProtID: 0x0 Age: 04h20m37s
Cost: 0 Preference: 60
Tag: 0 State: Active Adv
OrigTblID: 0x0 OrigVrf: default-vrf
TableID: 0x2 OrigAs: 0
NBRID: 0x26000002 LastAs: 0
AttrID: 0xffffffff Neighbor: 0.0.0.0
Flags: 0x1008c OrigNextHop: 13.13.13.1
Label: NULL RealNextHop: 13.13.13.1
BkLabel: NULL BkNextHop: 24.24.24.2
Tunnel ID: Invalid Interface: Vlan-interface200
BkTunnel ID: Invalid BkInterface: Vlan-interface101
18
Configuring a default route
A default route is used to forward packets that do not match any specific routing entry in the routing table.
Without a default route, packets that do not match any routing entries are discarded.
A default route can be configured in either of the following ways:
•
The network administrator can configure a default route with both destination and mask being
0.0.0.0. For more information, see "
• Some dynamic routing protocols, such as OSPF, RIP, and IS-IS, can generate a default route. For example, an upstream router running OSPF can generate a default route and advertise it to other routers, which install the default route with the next hop being the upstream router. For more information, see the respective chapters on these routing protocols in this configuration guide.
19
Configuring RIP
Routing Information Protocol (RIP) is a distance-vector IGP suited to small-sized networks. It employs UDP to exchange route information through port 520.
Overview
RIP uses a hop count to measure the distance to a destination. The hop count from a router to a directly connected network is 0. The hop count from a router to a directly connected router is 1. To limit convergence time, RIP restricts the metric range from 0 to 15. A destination with a metric value of 16 (or greater) is considered unreachable. For this reason, RIP is not suitable for large-sized networks.
RIP route entries
RIP stores routing entries in a database. Each routing entry contains the following elements:
• Destination address—IP address of a destination host or a network.
•
Next hop—IP address of the next hop.
•
Egress interface—Egress interface of the route.
•
Metric—Cost from the local router to the destination.
• Route time—Time elapsed since the last update. The time is reset to 0 when the routing entry is updated.
•
Route tag—Used for route control. For more information, see "Configuring routing policies."
Routing loop prevention
RIP uses the following mechanisms to prevent routing loops:
•
Counting to infinity—A destination with a metric value of 16 is considered unreachable. When a routing loop occurs, the metric value of a route will increment to 16 to avoid endless looping.
• Triggered updates—RIP immediately advertises triggered updates for topology changes to reduce the possibility of routing loops and to speed up convergence.
•
Split horizon—Disables RIP from sending routing information on the interface from which the information was learned to prevent routing loops and save bandwidth.
•
Poison reverse—Enables RIP to set the metric of routes received from a neighbor to 16 and sends these routes back to the neighbor so the neighbor can delete such information from its routing table to prevent routing loops.
RIP operation
RIP works as follows:
1.
RIP sends request messages to neighboring routers. Neighboring routers return response messages that contain their routing tables.
20
2.
3.
RIP uses the received responses to update the local routing table and sends triggered update messages to its neighbors. All RIP routers on the network do this to learn latest routing information.
RIP periodically sends the local routing table to its neighbors. After a RIP neighbor receives the message, it updates its routing table, selects optimal routes, and sends an update to other neighbors. RIP ages routes to keep only valid routes.
RIP versions
There are two RIP versions, RIPv1 and RIPv2.
RIPv1 is a classful routing protocol. It advertises messages through broadcast only. RIPv1 messages do not carry mask information, so RIPv1 can only recognize natural networks such as Class A, B, and C. For this reason, RIPv1 does not support discontiguous subnets.
RIPv2 is a classless routing protocol. It has the following advantages over RIPv1:
•
Supports route tags to implement flexible route control through routing policies.
• Supports masks, route summarization, and CIDR.
• Supports designated next hops to select the best ones on broadcast networks.
•
Supports multicasting route updates so only RIPv2 routers can receive these updates to reduce resource consumption.
• Supports plain text authentication and MD5 authentication to enhance security.
RIPv2 supports two transmission modes: broadcast and multicast. Multicast is the default mode using
224.0.0.9 as the multicast address. An interface operating in RIPv2 broadcast mode can also receive
RIPv1 messages.
Protocols and standards
•
RFC 1058, Routing Information Protocol
•
RFC 1723, RIP Version 2 - Carrying Additional Information
• RFC 1721, RIP Version 2 Protocol Analysis
•
RFC 1722, RIP Version 2 Protocol Applicability Statement
•
RFC 1724, RIP Version 2 MIB Extension
•
RFC 2082, RIPv2 MD5 Authentication
• RFC 2091, Triggered Extensions to RIP to Support Demand Circuits
•
RFC 2453, RIP Version 2
RIP configuration task list
Tasks at a glance
•
(Required.)
•
(Optional.) Controlling RIP reception and advertisement on interfaces
•
(Optional.) Configuring a RIP version
21
Tasks at a glance
(Optional.) Configuring RIP route control
•
Configuring an additional routing metric
•
Configuring RIPv2 route summarization
•
Disabling host route reception
•
•
Configuring inbound/outbound route filtering
•
Configuring a preference for RIP
•
Configuring RIP route redistribution
(Optional.) Tuning and optimizing RIP networks
•
•
Configuring split horizon and poison reverse
•
Configuring the maximum number of ECMP routes
•
Enabling zero field check on incoming RIPv1 messages
•
Enabling source IP address check on incoming RIP updates
•
Configuring RIPv2 message authentication
•
Configuring the RIP packet sending rate
(Optional.) Configuring RIP Graceful Restart
(Optional.) Configuring BFD for RIP
(Optional.)
Configuring basic RIP
Before you configure basic RIP settings, complete the following tasks:
•
Configure the link layer protocol.
•
Configure IP addresses for interfaces to ensure IP connectivity between neighboring routers.
Enabling RIP
Perform this task to create a RIP process and enable the RIP process on the interface attached to the specified network. An interface that is not on the specified network does not run RIP.
To enable multiple RIP processes on a router, you must specify an ID for each process. A RIP process ID has only local significance. Two RIP routers having different process IDs can also exchange RIP packets.
If you configure RIP settings in interface view before enabling RIP, the settings do not take effect until RIP is enabled. If a physical interface is attached to multiple networks, you cannot advertise these networks in different RIP processes.
To enable RIP:
Step Command
1. Enter system view. system-view
2. Create a RIP process and enter RIP view. rip [ process-id ] [ vpn-instance
vpn-instance-name ]
Remarks
N/A
By default, no RIP process is enabled.
22
Step Command
3. Enable the RIP process on the interface attached to the specified network. network network-address
Remarks
By default, RIP is disabled on an interface.
The network 0.0.0.0 command can enable RIP on all interfaces in a single process, but does not apply to multiple RIP processes.
Controlling RIP reception and advertisement on interfaces
Step Command
1. Enter system view. system-view
2. Enter RIP view. rip [ process-id ] [ vpn-instance
vpn-instance-name ]
Remarks
N/A
N/A
3. Disable a specified interface from sending RIP messages. silent-interface { interface-type
interface-number | all }
By default, all RIP-enabled interfaces can send RIP messages.
The disabled interface can still receive RIP messages and respond to unicast requests containing unknown ports.
N/A
4.
5.
Return to system view.
Enter interface view. quit interface interface-type
interface-number
6. Enable an interface to receive
RIP messages.
7. Enable an interface to send
RIP messages. rip input rip output
N/A
By default, a RIP-enabled interface can receive RIP messages.
By default, a RIP-enabled interface can send RIP messages.
Configuring a RIP version
You can configure a global RIP version in RIP view or an interface-specific RIP version in interface view.
An interface preferentially uses the interface-specific RIP version. If no interface-specific version is specified, the interface uses the global RIP version. If neither global nor interface-specific RIP version is configured, the interface sends RIPv1 broadcasts, and can receive RIPv1 broadcasts and unicasts, and
RIPv2 broadcasts, multicasts, and unicasts.
To configure a RIP version:
Step Command
1. Enter system view. system-view
2. Enter RIP view. rip [ process-id ] [ vpn-instance
vpn-instance-name ]
Remarks
N/A
N/A
23
Step Command
3. Specify a global RIP version. version { 1 | 2 }
Remarks
By default, no global version is specified, and an interface sends
RIPv1 broadcasts, and can receive
RIPv1 broadcasts and unicasts, and RIPv2 broadcasts, multicasts, and unicasts.
N/A
4. Return to system view.
5. Enter interface view. quit interface interface-type
interface-number
N/A
6. Specify a RIP version for the interface. rip version { 1 | 2 [ broadcast | multicast ] }
By default, no interface-specific RIP version is specified, and the interface sends RIPv1 broadcasts, and can receive RIPv1 broadcasts and unicasts, and RIPv2 broadcasts, multicasts, and unicasts.
Configuring RIP route control
Before you configure RIP route control, complete the following tasks:
• Configure IP addresses for interfaces to ensure IP connectivity between neighboring routers.
• Configure basic RIP.
Configuring an additional routing metric
An additional routing metric (hop count) can be added to the metric of an inbound or outbound RIP route.
An outbound additional metric is added to the metric of a sent route, and it does not change the route's metric in the routing table.
An inbound additional metric is added to the metric of a received route before the route is added into the routing table, and the route's metric is changed. If the sum of the additional metric and the original metric is greater than 16, the metric of the route is 16.
To configure additional routing metrics:
Remarks
N/A
Step Command
1. Enter system view. system-view
2. Enter interface view. interface interface-type
interface-number
3. Specify an inbound additional routing metric.
4. Specify an outbound additional routing metric. rip metricin [ route-policy
route-policy-name ] value rip metricout [ route-policy
route-policy-name ] value
N/A
The default setting is 0.
The default setting is 1.
24
Configuring RIPv2 route summarization
Perform this task to summarize contiguous subnets into a summary network and sends the network to neighbors. The smallest metric among all summarized routes is used as the metric of the summary route.
Enabling RIPv2 automatic route summarization
Automatic summarization enables RIPv2 to generate a natural network for contiguous subnets. For example, suppose there are three subnet routes 10.1.1.0/24, 10.1.2.0/24, and 10.1.3.0/24. Automatic summarization automatically creates and advertises a summary route 10.0.0.0/8 instead of the more specific routes.
To enable RIPv2 automatic route summarization:
Step Command
1. Enter system view. system-view
2. Enter RIP view. rip [ process-id ] [ vpn-instance
vpn-instance-name ]
Remarks
N/A
N/A
3. (Optional.) Enable RIPv2 automatic route summarization. summary
By default, RIPv2 automatic route summarization is enabled.
If subnets in the routing table are not contiguous, disable automatic route summarization to advertise more specific routes.
Advertising a summary route
Perform this task to manually configure a summary route.
For example, suppose contiguous subnets routes 10.1.1.0/24, 10.1.2.0/24, and 10.1.3.0/24 exist in the routing table. You can create a summary route 10.1.0.0/16 on Ethernet 1/1 to advertise the summary route instead of the more specific routes.
To configure a summary route:
Step Command
1. Enter system view. system-view
2. Enter RIP view. rip [ process-id ] [ vpn-instance
vpn-instance-name ]
3. Disable RIPv2 automatic route summarization. undo summary
4. Return to system view.
5. Enter interface view.
6. Configure a summary route. quit interface interface-type
interface-number rip summary-address ip-address
{ mask | mask-length }
Remarks
N/A
N/A
By default, RIPv2 automatic route summarization is enabled.
N/A
N/A
By default, no summary route is configured.
25
Disabling host route reception
Perform this task to disable RIPv2 from receiving host routes from the same network to save network resources. This feature does not apply to RIPv1.
To disable RIP from receiving host routes:
Step Command
1. Enter system view. system-view
2. Enter RIP view. rip [ process-id ] [ vpn-instance
vpn-instance-name ]
3. Disable RIP from receiving host routes. undo host-route
Remarks
N/A
N/A
By default, RIP receives host routes.
Advertising a default route
You can advertise a default route on all RIP interfaces in RIP view or on a specific RIP interface in interface view. The interface view setting takes precedence over the RIP view settings.
To disable an interface from advertising a default route, use the rip default-route no-originate command on the interface.
To configure RIP to advertise a default route:
Step Command
1. Enter system view. system-view
2. Enter RIP view. rip [ process-id ] [ vpn-instance
vpn-instance-name ]
Remarks
N/A
N/A
3. Enable RIP to advertise a default route. default-route { only | originate }
[ cost cost ]
By default, RIP does not advertise a default route.
4. Return to system view.
5. Enter interface view. quit interface interface-type
interface-number
N/A
N/A
6. Configure the RIP interface to advertise a default route. rip default-route { { only | originate } [ cost cost ] | no-originate }
By default, a RIP interface can advertise a default route if the RIP process is enabled to advertise a default route.
NOTE:
The router enabled to advertise a default route does not accept default routes from RIP neighbors.
Configuring inbound/outbound route filtering
Perform this task to filter inbound and outbound routes by using an IP prefix list. You can also configure
RIP to receive routes only from a specified neighbor.
26
To configure route filtering:
Step Command
1. Enter system view. system-view
2. Enter RIP view. rip [ process-id ] [ vpn-instance
vpn-instance-name ]
Remarks
N/A
N/A
3. Configure the filtering of inbound routes.
4. Configure the filtering of outbound routes. filter-policy { acl-number | gateway
prefix-list-name | prefix-list
prefix-list-name [ gateway
prefix-list-name ] } import
[ interface-type interface-number ] filter-policy { acl-number | prefix-list
prefix-list-name } export [ protocol
[ process-id ] | interface-type
interface-number ]
By default, the filtering of inbound routes is not configured.
This command filters inbound routes. Filtered routes are not installed into the routing table or advertised to neighbors.
By default, the filtering of outbound routes is not configured.
This command filters outbound routes, including routes redistributed with the import-route command.
Configuring a preference for RIP
If multiple IGPs find routes to the same destination, the route found by the IGP that has the highest priority is selected as the optimal route. Perform this task to assign a preference to RIP. The smaller the preference value, the higher the priority.
To configure a preference for RIP:
Step Command
1. Enter system view. system-view
2. Enter RIP view.
3. Configure a preference for
RIP. rip [ process-id ] [ vpn-instance
vpn-instance-name ] preference [ route-policy
route-policy-name ] value
Remarks
N/A
N/A
The default setting is 100.
Configuring RIP route redistribution
Perform this task to configure RIP to redistribute routes from other routing protocols, including OSPF, IS-IS,
BGP, static, and direct.
To configure RIP route redistribution:
Step Command
1. Enter system view. system-view
2. Enter RIP view. rip [ process-id ] [ vpn-instance
vpn-instance-name ]
Remarks
N/A
N/A
27
Step Command
3. Redistribute routes from another routing protocol. import-route protocol [ process-id
| all-processes | allow-ibgp ] [ cost
cost | route-policy
route-policy-name | tag tag ] *
Remarks
By default, RIP route redistribution is disabled.
This command can redistribute only active routes. To view active routes, use the display ip routing-table protocol command.
4. (Optional.) Configure a default cost for redistributed routes. default cost value The default setting is 0.
Tuning and optimizing RIP networks
Configuration prerequisites
Before you tune and optimize RIP networks, complete the following tasks:
• Configure IP addresses for interfaces to ensure IP connectivity between neighboring nodes.
•
Configure basic RIP.
Configuring RIP timers
You can change the RIP network convergence speed by adjusting the following RIP timers:
•
Update timer—Specifies the interval between route updates.
•
Timeout timer—Specifies the route aging time. If no update for a route is received within the aging time, the metric of the route is set to 16.
•
Suppress timer—Specifies how long a RIP route stays in suppressed state. When the metric of a route is 16, the route enters the suppressed state. A suppressed route can be replaced by an updated route that is received from the same neighbor before the suppress timer expires and has a metric less than 16.
•
Garbage-collect timer—Specifies the interval from when the metric of a route becomes 16 to when it is deleted from the routing table. RIP advertises the route with a metric of 16. If no update is announced for that route before the garbage-collect timer expires, the route is deleted from the routing table.
IMPORTANT:
To avoid unnecessary traffic or route flapping, configure identical RIP timer settings on RIP routers.
To configure RIP timers:
Step Command
1. Enter system view. system-view
2. Enter RIP view. rip [ process-id ] [ vpn-instance
vpn-instance-name ]
Remarks
N/A
N/A
28
Step Command
3. Configure RIP timers. timers { garbage-collect
garbage-collect-value | suppress
suppress-value | timeout
timeout-value | update
update-value } *
Remarks
By default:
•
The garbage-collect timer is 120 seconds.
•
The suppress timer is 120 seconds.
•
The timeout timer is 180 seconds.
•
The update timer is 30 seconds.
Configuring split horizon and poison reverse
The split horizon and poison reverse functions can prevent routing loops.
If both split horizon and poison reverse are configured, only the poison reverse function takes effect.
Enabling split horizon
Split horizon disables RIP from sending routes through the interface where the routes were learned to prevent routing loops between adjacent routers.
To enable split horizon:
Step Command
1. Enter system view. system-view
2. Enter interface view. interface interface-type
interface-number
N/A
3. Enable split horizon.
Enabling poison reverse rip split-horizon By default, split horizon is enabled.
Poison reverse allows RIP to send routes through the interface where the routes were learned, but the metric of these routes is always set to 16 (unreachable) to avoid routing loops between neighbors.
To enable poison reverse:
Remarks
N/A
Step Command
1. Enter system view. system-view
2. Enter interface view. interface interface-type
interface-number
Remarks
N/A
N/A
3. Enable poison reverse. rip poison-reverse
By default, poison reverse is disabled.
Configuring the maximum number of ECMP routes
Perform this task to implement load sharing over ECMP routes.
To configure the maximum number of ECMP routes:
29
Step Command
1. Enter system view. system-view
2. Enter RIP view. rip [ process-id ] [ vpn-instance
vpn-instance-name ]
3. Configure the maximum number of ECMP routes.
Remarks
N/A
N/A maximum load-balancing number
By default, the maximum number of
ECMP routes is the same as that configured in the max-ecmp-num command. For more information about the max-ecmp-num command, see IP Routing
Command Reference.
Enabling zero field check on incoming RIPv1 messages
Some fields in the RIPv1 message must be set to zero. These fields are called "zero fields." You can enable zero field check on incoming RIPv1 messages. If a zero field of a message contains a non-zero value, RIP does not process the message. If you are certain that all messages are trustworthy, disable zero field check to save CPU resources.
This feature does not apply to RIPv2 packets, because they have no zero fields.
To enable zero field check on incoming RIPv1 messages:
Step Command
1. Enter system view. system-view
2. Enter RIP view. rip [ process-id ] [ vpn-instance
vpn-instance-name ]
3. Enable zero field check on incoming RIPv1 messages. checkzero
Remarks
N/A
N/A
The default setting is enabled.
Enabling source IP address check on incoming RIP updates
Perform this task to enable source IP address check on incoming RIP updates.
Upon receiving a message on an Ethernet interface, RIP compares the source IP address of the message with the IP address of the interface. If they are not in the same network segment, RIP discards the message.
Upon receiving a message on a serial interface, RIP checks whether the source address of the message is the IP address of the peer interface. If not, RIP discards the message.
To enable source IP address check on incoming RIP updates:
Step Command
1. Enter system view. system-view
2. Enter RIP view. rip [ process-id ] [ vpn-instance
vpn-instance-name ]
Remarks
N/A
N/A
30
Step Command
3. Enable source IP address check on incoming RIP messages. validate-source-address
Remarks
By default, this function is enabled.
Configuring RIPv2 message authentication
Perform this task to enable authentication on RIPv2 messages. This feature does not apply to RIPv1 because RIPv1 does not support authentication. Although you can specify an authentication mode for
RIPv1 in interface view, the configuration does not take effect.
RIPv2 supports two authentication modes: simple authentication and MD5 authentication.
To configure RIPv2 message authentication:
Step Command
1. Enter system view.
Remarks system-view N/A
2. Enter interface view. interface interface-type interface-number N/A
3. Configure RIPv2 authentication. rip authentication-mode
{ md5 { rfc2082
{ cipher cipher-string | plain plain-string
}
key-id
| rfc2453
{ cipher cipher-string | plain
plain-string
}
} | simple
{ cipher cipher-string | plain plain-string
}
}
By default, RIPv2 authentication is not configured.
Configuring the RIP packet sending rate
Perform this task to specify the interval for sending RIP packets and the maximum number of RIP packets that can be sent at each interval. This feature can avoid excessive RIP packets from affecting system performance and consuming too much bandwidth.
To configure the RIP packet sending rate:
Remarks
N/A
Step Command…
1. Enter system view. system-view
2. Enter RIP view. rip [ process-id ] [ vpn-instance
vpn-instance-name ]
3. Specify the interval for sending RIP packets and the maximum number of RIP packets that can be sent at each interval. output-delay time count count
N/A
By default, an interface sends up to three RIP packets every 20 milliseconds.
Configuring RIP Graceful Restart
GR ensures the continuity of packet forwarding when a routing protocol restarts or an active/standby switchover occurs.
•
GR Restarter—Graceful restarting router. It must have GR capability.
31
•
GR Helper—A neighbor of the GR Restarter. It helps the GR Restarter to complete the GR process.
After RIP restarts on a router, the router must learn RIP routes again and updates its FIB table, which causes network disconnections and route reconvergence.
With the GR feature, the restarting router (known as the "GR Restarter") can notify the event to its GR capable neighbors. GR capable neighbors (known as "GR Helpers") keep their adjacencies with the router within a GR interval. During this process, the FIB table of the router does not change. After the restart, the router contacts its neighbors to retrieve its FIB.
By default, a RIP-enabled device acts as the GR Helper. Perform this task on the GR Restarter.
To configure GR on the GR Restarter:
Step Command
1. Enter system view.
2. Enable RIP and enter RIP view.
3. Enable GR for RIP. system-view rip [ process-id ] [ vpn-instance
vpn-instance-name ] graceful-restart
Remarks
N/A
N/A
By default, RIP GR is disabled.
Configuring BFD for RIP
RIP detects route failures by periodically sending requests. If it receives no response for a route within a certain time, RIP considers the route unreachable. This detection mechanism is not fast enough. To speed up convergence, perform this task to enable BFD for RIP. For more information about BFD, see High
Availability Configuration Guide.
BFD provides only single-hop echo detection mode for directly connected RIP neighbors. In this mode, a
BFD session is established only when the neighbor has route information to send.
To enable BFD for RIP (single-hop echo detection):
Step Command
1. Enter system view. system-view
2. Configure the source IP address of BFD echo packets. bfd echo-source-ip ip-address
Remarks
N/A
By default, the source IP address of
BFD echo packets is not configured.
3. Enter interface view.
4. Enable BFD for RIP. interface interface-type
interface-number rip bfd enable
N/A
By default, BFD for RIP is disabled.
Configuring RIP FRR
A link or router failure on a path can cause packet loss and even routing loop until RIP completes routing convergence based on the new network topology. FRR enables fast rerouting to minimize the impact of link or node failures.
32
Figure 6 Network diagram for RIP FRR
, configure FRR on Router B by using a routing policy to specify a backup next hop. When the primary link fails, RIP directs packets to the backup next hop. At the same time, RIP calculates the shortest path based on the new network topology, and forwards packets over that path after network convergence.
Configuration restrictions and guidelines
•
RIP FRR takes effect only for RIP routes learned from directly connected neighbors.
•
Do not use RIP FRR and BFD for RIP at the same time. Otherwise, FRR might fail to work.
• RIP FRR is available only when the state of primary link (with Layer 3 interfaces staying up) changes from bidirectional to unidirectional or when the primary link fails. This function is not available when the Layer 3 interfaces are down. A unidirectional link refers to the link through which packets are forwarded only from one end to the other.
Configuration prerequisites
You must specify a next hop by using the apply fast-reroute backup-interface command in a routing policy and reference the routing policy for FRR. For more information about routing policy configuration, see "Configuring routing policies."
Configuration procedure
To configure RIP FRR:
Step Command
1. Enter system view. system-view
2. Configure the source address of echo packets. bfd echo-source-ip ip-address
3. Enter RIP view.
4. Configure RIP FRR. rip [ process-id ] [ vpn-instance
vpn-instance-name ] fast-reroute route-policy
route-policy-name
Remarks
N/A
By default, the source address of echo packets is not configured.
N/A
By default, RIP FRR is disabled.
Displaying and maintaining RIP
Execute display commands in any view and execute reset commands in user view.
Task Command
Display RIP current status and configuration information. display rip [ process-id ]
33
Task Command
Display all active routes in RIP database. display rip process-id database
Display RIP interface information. display rip process-id interface [ interface-type
interface-number ]
Display routing information about a specified RIP process.
Reset a RIP process.
Clear the statistics of a RIP process. display rip process-id route [ ip-address { mask |
mask-length } | peer ip-address | statistics ] reset rip process-id process reset rip process-id statistics
RIP configuration examples
Configuring basic RIP
Network requirements
advertise route 10.2.1.0/24 to Switch A, and to accept only route 2.1.1.0/24 from Switch A.
Figure 7 Network diagram
Configuration procedure
1.
2.
Configure IP addresses for interfaces. (Details not shown.)
Configure basic RIP:
# Configure Switch A.
<SwitchA> system-view
[SwitchA] rip
[SwitchA-rip-1] network 192.168.1.0
[SwitchA-rip-1] network 172.16.0.0
[SwitchA-rip-1] network 172.17.0.0
[SwitchA-rip-1] quit
# Configure Switch B.
<SwitchB> system-view
[SwitchB] rip
[SwitchB-rip-1] network 192.168.1.0
[SwitchB-rip-1] network 10.0.0.0
[SwitchB-rip-1] quit
# Display the RIP routing table of Switch A.
[SwitchA] display rip 1 route
Route Flags: R - RIP
34
3.
A - Aging, S - Suppressed, G - Garbage-collect
----------------------------------------------------------------------------
Peer 192.168.1.2 on Vlan-interface100
Destination/Mask Nexthop Cost Tag Flags Sec
10.0.0.0/8 192.168.1.2 1 0 RA 11
The output shows that RIPv1 uses a natural mask.
Configure a RIP version:
# Configure RIPv2 on Switch A.
[SwitchA] rip
[SwitchA-rip-1] version 2
[SwitchA-rip-1] undo summary
[SwitchA-rip-1] quit
# Configure RIPv2 on Switch B.
[SwitchB] rip
[SwitchB-rip-1] version 2
[SwitchB-rip-1] undo summary
[SwitchB-rip-1] quit
# Display the RIP routing table on Switch A.
[SwitchA] display rip 1 route
Route Flags: R - RIP
A - Aging, S - Suppressed, G - Garbage-collect
----------------------------------------------------------------------------
Peer 192.168.1.2 on Vlan-interface100
Destination/Mask Nexthop Cost Tag Flags Sec
10.0.0.0/8 192.168.1.2 1 0 RA 50
10.2.1.0/24 192.168.1.2 1 0 RA 16
10.1.1.0/24 192.168.1.2 1 0 RA 16
The output shows that RIPv2 uses classless subnet masks.
NOTE:
After RIPv2 is configured, RIPv1 routes might still exist in the routing table until they are aged out.
# Display the RIP routing table on Switch B.
[SwitchB] display rip 1 route
4.
Route Flags: R - RIP
A - Aging, S - Suppressed, G - Garbage-collect
----------------------------------------------------------------------------
Peer 192.168.1.3 on Vlan-interface100
Destination/Mask Nexthop Cost Tag Flags Sec
172.16.1.0/24 192.168.1.3 1 0 RA 19
172.17.1.0/24 192.168.1.3 1 0 RA 19
Configure route filtering:
# Reference IP prefix lists on Switch B to filter inbound and outbound routes.
[SwitchB] ip prefix-list aaa index 10 permit 172.16.1.0 24
[SwitchB] ip prefix-list bbb index 10 permit 10.1.1.0 24
35
[SwitchB] rip 1
[SwitchB-rip-1] filter-policy prefix-list aaa import
[SwitchB-rip-1] filter-policy prefix-list bbb export
[SwitchB-rip-1] quit
# Display the RIP routing table on Switch A.
[SwitchA] display rip 100 route
Route Flags: R - RIP
A - Aging, S - Suppressed, G - Garbage-collect
----------------------------------------------------------------------------
Peer 192.168.1.2 on Vlan-interface100
Destination/Mask Nexthop Cost Tag Flags Sec
10.1.1.0/24 192.168.1.2 1 0 RA 19
# Displays the RIP routing table on Switch B.
[SwitchB] display rip 1 route
Route Flags: R - RIP
A - Aging, S - Suppressed, G - Garbage-collect
----------------------------------------------------------------------------
Peer 192.168.1.3 on Vlan-interface100
Destination/Mask Nexthop Cost Tag Flags Sec
172.16.1.0/24 192.168.1.3 1 0 RA 19
Configuring RIP route redistribution
Network requirements
As shown in
Figure 8 , Switch B communicates with Switch A through RIP 100 and with Switch C through
RIP 200.
Configure RIP 200 to redistribute direct routes and routes from RIP 100 on Switch B so Switch C can learn routes destined for 10.2.1.0/24 and 11.1.1.0/24. Switch A cannot learn routes destined for 12.3.1.0/24 and 16.4.1.0/24.
Figure 8 Network diagram
Configuration procedure
1.
2.
Configure IP addresses for interfaces. (Details not shown.)
Configure basic RIP:
# Enable RIP 100, and configure RIPv2 on Switch A.
<SwitchA> system-view
[SwitchA] rip 100
[SwitchA-rip-100] network 10.0.0.0
[SwitchA-rip-100] network 11.0.0.0
36
3.
[SwitchA-rip-100] version 2
[SwitchA-rip-100] undo summary
[SwitchA-rip-100] quit
# Enable RIP 100 and RIP 200, and configure RIPv2 on Switch B.
<SwitchB> system-view
[SwitchB] rip 100
[SwitchB-rip-100] network 11.0.0.0
[SwitchB-rip-100] version 2
[SwitchB-rip-100] undo summary
[SwitchB-rip-100] quit
[SwitchB] rip 200
[SwitchB-rip-200] network 12.0.0.0
[SwitchB-rip-200] version 2
[SwitchB-rip-200] undo summary
[SwitchB-rip-200] quit
# Enable RIP 200, and configure RIPv2 on Switch C.
<SwitchC> system-view
[SwitchC] rip 200
[SwitchC-rip-200] network 12.0.0.0
[SwitchC-rip-200] network 16.0.0.0
[SwitchC-rip-200] version 2
[SwitchC-rip-200] undo summary
[SwitchC-rip-200] quit
# Display the IP routing table on Switch C.
[SwitchC] display ip routing-table
Destinations : 13 Routes : 13
Destination/Mask Proto Pre Cost NextHop Interface
0.0.0.0/32 Direct 0 0 127.0.0.1 InLoop0
12.3.1.0/24 Direct 0 0 12.3.1.2 Vlan200
12.3.1.0/32 Direct 0 0 12.3.1.2 Vlan200
12.3.1.2/32 Direct 0 0 127.0.0.1 InLoop0
12.3.1.255/32 Direct 0 0 12.3.1.2 Vlan200
16.4.1.0/24 Direct 0 0 16.4.1.1 Vlan400
16.4.1.0/32 Direct 0 0 16.4.1.1 Vlan400
16.4.1.1/32 Direct 0 0 127.0.0.1 InLoop0
16.4.1.255/32 Direct 0 0 16.4.1.1 Vlan400
127.0.0.0/8 Direct 0 0 127.0.0.1 InLoop0
127.0.0.0/32 Direct 0 0 127.0.0.1 InLoop0
127.0.0.1/32 Direct 0 0 127.0.0.1 InLoop0
127.255.255.255/32 Direct 0 0 127.0.0.1 InLoop0
Configure route redistribution:
# Configure RIP 200 to redistribute routes from RIP 100 and direct routes on Switch B.
[SwitchB] rip 200
[SwitchB-rip-200] import-route rip 100
[SwitchB-rip-200] import-route direct
37
[SwitchB-rip-200] quit
# Display the IP routing table on Switch C.
[SwitchC] display ip routing-table
Destinations : 15 Routes : 15
Destination/Mask Proto Pre Cost NextHop Interface
0.0.0.0/32 Direct 0 0 127.0.0.1 InLoop0
10.2.1.0/24 RIP 100 1 12.3.1.1 Vlan200
11.1.1.0/24 RIP 100 1 12.3.1.1 Vlan200
12.3.1.0/24 Direct 0 0 12.3.1.2 Vlan200
12.3.1.0/32 Direct 0 0 12.3.1.2 Vlan200
12.3.1.2/32 Direct 0 0 127.0.0.1 InLoop0
12.3.1.255/32 Direct 0 0 12.3.1.2 Vlan200
16.4.1.0/24 Direct 0 0 16.4.1.1 Vlan400
16.4.1.0/32 Direct 0 0 16.4.1.1 Vlan400
16.4.1.1/32 Direct 0 0 127.0.0.1 InLoop0
16.4.1.255/32 Direct 0 0 16.4.1.1 Vlan400
127.0.0.0/8 Direct 0 0 127.0.0.1 InLoop0
127.0.0.0/32 Direct 0 0 127.0.0.1 InLoop0
127.0.0.1/32 Direct 0 0 127.0.0.1 InLoop0
127.255.255.255/32 Direct 0 0 127.0.0.1 InLoop0
Configuring an additional metric for a RIP interface
Network requirements
Switch E.
Switch A has two links to Switch D. The link from Switch B to Switch D is more stable than that from Switch
C to Switch D. Configure an additional metric for RIP routes received from VLAN-interface 200 on Switch
A so Switch A prefers route 1.1.5.0/24 learned from Switch B.
Figure 9 Network diagram
Switch A
Vlan-int100
1.1.1.1/24
Vlan-int100
1.1.1.2/24
Vlan-int200
1.1.2.1/24
Vlan-int200
1.1.2.2/24
Switch B
Vlan-int400
1.1.3.1/24
Vlan-int300
1.1.4.2/24
Vlan-int400
1.1.3.2/24
Vlan-int500
Switch D
1.1.5.1/24
Vlan-int500
1.1.5.2/24
Switch E
Vlan-int300
1.1.4.1/24
Switch C
Configuration procedure
1.
2.
Configure IP addresses for interfaces. (Details not shown.)
Configure basic RIP:
# Configure Switch A.
38
3.
<SwitchA> system-view
[SwitchA] rip 1
[SwitchA-rip-1] network 1.0.0.0
[SwitchA-rip-1] version 2
[SwitchA-rip-1] undo summary
[SwitchA-rip-1] quit
# Configure Switch B.
<SwitchB> system-view
[SwitchB] rip 1
[SwitchB-rip-1] network 1.0.0.0
[SwitchB-rip-1] version 2
[SwitchB-rip-1] undo summary
# Configure Switch C.
<SwitchC> system-view
[SwitchB] rip 1
[SwitchC-rip-1] network 1.0.0.0
[SwitchC-rip-1] version 2
[SwitchC-rip-1] undo summary
# Configure Switch D.
<SwitchD> system-view
[SwitchD] rip 1
[SwitchD-rip-1] network 1.0.0.0
[SwitchD-rip-1] version 2
[SwitchD-rip-1] undo summary
# Configure Switch E.
<SwitchE> system-view
[SwitchE] rip 1
[SwitchE-rip-1] network 1.0.0.0
[SwitchE-rip-1] version 2
[SwitchE-rip-1] undo summary
# Display the IP routing table on Switch A.
[SwitchA] display rip 1 database
1.0.0.0/8, cost 0, ClassfulSumm
1.1.1.0/24, cost 0, nexthop 1.1.1.1, Rip-interface
1.1.2.0/24, cost 0, nexthop 1.1.2.1, Rip-interface
1.1.3.0/24, cost 1, nexthop 1.1.1.2
1.1.4.0/24, cost 1, nexthop 1.1.2.2
1.1.5.0/24, cost 2, nexthop 1.1.1.2
1.1.5.0/24, cost 2, nexthop 1.1.2.2
The output shows two RIP routes destined for network 1.1.5.0/24, with the next hops as Switch B
(1.1.1.2) and Switch C (1.1.2.2), and with the same cost of 2. Switch C is the next hop router to reach network 1.1.4.0/24, with a cost of 1.
Configure an additional metric of 3 for RIP-enabled VLAN-interface 200 on Switch A.
[SwitchA] interface vlan-interface 200
[SwitchA-Vlan-interface200] rip metricin 3
[SwitchA-Vlan-interface200] display rip 1 database
39
1.0.0.0/8, cost 0, auto-summary
1.1.1.0/24, cost 0, nexthop 1.1.1.1, RIP-interface
1.1.2.0/24, cost 0, nexthop 1.1.2.1, RIP-interface
1.1.3.0/24, cost 1, nexthop 1.1.1.2
1.1.4.0/24, cost 2, nexthop 1.1.1.2
1.1.5.0/24, cost 2, nexthop 1.1.1.2
The output shows that only one RIP route reaches network 1.1.5.0/24, with the next hop as Switch
B (1.1.1.2) and a cost of 2.
Configuring RIP to advertise a summary route
Network requirements
, Switch A and Switch B run OSPF, Switch D runs RIP, and Switch C runs OSPF and
RIP. Configure RIP to redistribute OSPF routes on Switch C so Switch D can learn routes destined for networks 10.1.1.0/24, 10.2.1.0/24, 10.5.1.0/24, and 10.6.1.0/24.
To reduce the routing table size of Switch D, configure route summarization on Switch C to advertise only the summary route 10.0.0.0/8 to Switch D.
Figure 10 Network diagram
Vlan-int200
10.1.1.1/24
Vlan-int500
10.6.1.2/24
Vlan-int300
11.3.1.1/24
Vlan-int200
10.1.1.2/24
Switch C
Vlan-int100
10.2.1.2/24
Vlan-int100
10.2.1.1/24
Switch B
Switch A
Vlan-int600
10.5.1.2/24
OSPF
RIP
Vlan-int400
11.4.1.2/24
Switch D
Vlan-int300
11.3.1.2/24
Configuration procedure
1.
2.
Configure IP addresses for interfaces. (Details not shown.)
Configure basic OSPF:
# Configure Switch A.
<SwitchA> system-view
[SwitchA] ospf
[SwitchA-ospf-1] area 0
[SwitchA-ospf-1-area-0.0.0.0] network 10.5.1.0 0.0.0.255
[SwitchA-ospf-1-area-0.0.0.0] network 10.2.1.0 0.0.0.255
[SwitchA-ospf-1-area-0.0.0.0] quit
# Configure Switch B.
<SwitchB> system-view
[SwitchB] ospf
[SwitchB-ospf-1] area 0
[SwitchB-ospf-1-area-0.0.0.0] network 10.1.1.0 0.0.0.255
40
3.
[SwitchB-ospf-1-area-0.0.0.0] network 10.6.1.0 0.0.0.255
[SwitchB-ospf-1-area-0.0.0.0] quit
# Configure Switch C.
<SwitchC> system-view
[SwitchC] ospf
[SwitchC-ospf-1] area 0
[SwitchC-ospf-1-area-0.0.0.0] network 10.1.1.0 0.0.0.255
[SwitchC-ospf-1-area-0.0.0.0] network 10.2.1.0 0.0.0.255
[SwitchC-ospf-1-area-0.0.0.0] quit
[SwitchC-ospf-1] quit
Configure basic RIP:
# Configure Switch C.
[SwitchC] rip 1
[SwitchC-rip-1] network 11.3.1.0
[SwitchC-rip-1] version 2
[SwitchC-rip-1] undo summary
# Configure Switch D.
<SwitchD> system-view
[SwitchD] rip 1
[SwitchD-rip-1] network 11.0.0.0
[SwitchD-rip-1] version 2
[SwitchD-rip-1] undo summary
[SwitchD-rip-1] quit
# Configure RIP to redistribute routes from OSPF process 1 and direct routes on Switch C.
[SwitchC-rip-1] import-route direct
[SwitchC-rip-1] import-route ospf 1
[SwitchC-rip-1] quit
# Display the IP routing table on Switch D.
[SwitchD] display ip routing-table
Destinations : 15 Routes : 15
Destination/Mask Proto Pre Cost NextHop Interface
0.0.0.0/32 Direct 0 0 127.0.0.1 InLoop0
10.1.1.0/24 RIP 100 1 11.3.1.1 Vlan300
10.2.1.0/24 RIP 100 1 11.3.1.1 Vlan300
10.5.1.0/24 RIP 100 1 11.3.1.1 Vlan300
10.6.1.0/24 RIP 100 1 11.3.1.1 Vlan300
11.3.1.0/24 Direct 0 0 11.3.1.2 Vlan300
11.3.1.0/32 Direct 0 0 11.3.1.2 Vlan300
11.3.1.2/32 Direct 0 0 127.0.0.1 InLoop0
11.4.1.0/24 Direct 0 0 11.4.1.2 Vlan400
11.4.1.0/32 Direct 0 0 11.4.1.2 Vlan400
11.4.1.2/32 Direct 0 0 127.0.0.1 InLoop0
127.0.0.0/8 Direct 0 0 127.0.0.1 InLoop0
127.0.0.0/32 Direct 0 0 127.0.0.1 InLoop0
41
4.
127.0.0.1/32 Direct 0 0 127.0.0.1 InLoop0
127.255.255.255/32 Direct 0 0 127.0.0.1 InLoop0
Configure route summarization:
# Configure route summarization on Switch C and advertise only the summary route 10.0.0.0/8.
[SwitchC] interface vlan-interface 300
[SwitchC-Vlan-interface300] rip summary-address 10.0.0.0 8
# Display the IP routing table on Switch D.
[SwitchD] display ip routing-table
Destinations : 12 Routes : 12
Destination/Mask Proto Pre Cost NextHop Interface
0.0.0.0/32 Direct 0 0 127.0.0.1 InLoop0
10.0.0.0/8 RIP 100 1 11.3.1.1 Vlan300
11.3.1.0/24 Direct 0 0 11.3.1.2 Vlan300
11.3.1.0/32 Direct 0 0 11.3.1.2 Vlan300
11.3.1.2/32 Direct 0 0 127.0.0.1 InLoop0
11.4.1.0/24 Direct 0 0 11.4.1.2 Vlan400
11.4.1.0/32 Direct 0 0 11.4.1.2 Vlan400
11.4.1.2/32 Direct 0 0 127.0.0.1 InLoop0
127.0.0.0/8 Direct 0 0 127.0.0.1 InLoop0
127.0.0.0/32 Direct 0 0 127.0.0.1 InLoop0
127.0.0.1/32 Direct 0 0 127.0.0.1 InLoop0
127.255.255.255/32 Direct 0 0 127.0.0.1 InLoop0
Configuring BFD for RIP (single-hop echo detection)
Network requirements
200 of Switch A runs RIP process 2. VLAN-interface 300 of Switch C and VLAN-interface 200 and
VLAN-interface 300 of Switch B run RIP process 1.
Configure a static route destined for 100.1.1.1/24 and enable static route redistribution into RIP on Switch
C so Switch A can learn two routes destined for 100.1.1.1/24 through VLAN-interface 100 and
VLAN-interface 200 respectively, and uses the one through VLAN-interface 100.
Enable BFD for RIP on VLAN-interface 100 of Switch A. When the link over VLAN-interface 100 fails,
BFD can quickly detect the failure and notify it to RIP so RIP deletes the neighbor relationship and route information learned on VLAN-interface 100, and uses the route destined for 100.1.1.1 24 through
VLAN-interface 200.
42
Figure 11 Network diagram
Configuration procedure
1.
2.
Configure IP addresses for interfaces. (Details not shown.)
Configure basic RIP:
# Configure Switch A.
<SwitchA> system-view
[SwitchA] rip 1
[SwitchA-rip-1] version 2
[SwitchA-rip-1] undo summary
[SwitchA-rip-1] network 192.168.1.0
[SwitchA-rip-1] quit
[SwitchA] interface vlan-interface 100
[SwitchA-Vlan-interface100] rip bfd enable
[SwitchA-Vlan-interface100] quit
[SwitchA] rip 2
[SwitchA-rip-2] version 2
[SwitchA-rip-2] undo summary
[SwitchA-rip-2] network 192.168.2.0
[SwitchA-rip-2] quit
# Configure Switch B.
<SwitchB> system-view
[SwitchB] rip 1
[SwitchB-rip-1] version 2
[SwitchB-rip-1] undo summary
[SwitchB-rip-1] network 192.168.2.0
[SwitchB-rip-1] network 192.168.3.0
[SwitchB-rip-1] quit
# Configure Switch C.
<SwitchC> system-view
[SwitchC] rip 1
[SwitchC-rip-1] version 2
[SwitchC-rip-1] undo summary
43
3.
[SwitchC-rip-1] network 192.168.1.0
[SwitchC-rip-1] network 192.168.3.0
[SwitchC-rip-1] import-route static
[SwitchC-rip-1] quit
Configure BFD parameters on VLAN-interface 100 of Switch A.
[SwitchA] bfd session init-mode active
[SwitchA] bfd echo-source-ip 11.11.11.11
[SwitchA] interface vlan-interface 100
[SwitchA-Vlan-interface100] bfd min-transmit-interval 500
[SwitchA-Vlan-interface100] bfd min-receive-interval 500
4.
[SwitchA-Vlan-interface100] bfd detect-multiplier 7
[SwitchA-Vlan-interface100] quit
[SwitchA] quit
Configure a static route on Switch C.
[SwitchC] ip route-static 120.1.1.1 24 null 0
Verifying the configuration
# Display the BFD session information on Switch A.
<SwitchA> display bfd session
Total Session Num: 1 Up Session Num: 1 Init Mode: Active
IPv4 Session Working Under Echo Mode:
LD SourceAddr DestAddr State Holdtime Interface
4 192.168.1.1 192.168.1.2 Up 2000ms Vlan100
# Display RIP routes destined for 120.1.1.0/24 on Switch A.
<SwitchA> display ip routing-table 120.1.1.0 24 verbose
Summary Count : 1
Destination: 120.1.1.0/24
Protocol: RIP Process ID: 1
SubProtID: 0x1 Age: 04h20m37s
Cost: 1 Preference: 100
Tag: 0 State: Active Adv
OrigTblID: 0x0 OrigVrf: default-vrf
TableID: 0x2 OrigAs: 0
NBRID: 0x26000002 LastAs: 0
AttrID: 0xffffffff Neighbor: 192.168.1.2
Flags: 0x1008c OrigNextHop: 192.168.1.2
Label: NULL RealNextHop: 192.168.1.2
BkLabel: NULL BkNextHop: N/A
Tunnel ID: Invalid Interface: Vlan-interface100
BkTunnel ID: Invalid BkInterface: N/A
The output shows that Switch A communicates with Switch C through VLAN-interface 100. Then the link over VLAN-interface 100 fails.
44
# Display RIP routes destined for 120.1.1.0/24 on Switch A.
<SwitchA> display ip routing-table 120.1.1.0 24 verbose
Summary Count : 1
Destination: 120.1.1.0/24
Protocol: RIP Process ID: 2
SubProtID: 0x1 Age: 04h20m37s
Cost: 1 Preference: 100
Tag: 0 State: Active Adv
OrigTblID: 0x0 OrigVrf: default-vrf
TableID: 0x2 OrigAs: 0
NBRID: 0x26000002 LastAs: 0
AttrID: 0xffffffff Neighbor: 192.168.2.2
Flags: 0x1008c OrigNextHop: 192.168.2.2
Label: NULL RealNextHop: 192.168.2.2
BkLabel: NULL BkNextHop: N/A
Tunnel ID: Invalid Interface: Vlan-interface200
BkTunnel ID: Invalid BkInterface: N/A
The output shows that Switch A communicates with Switch C through VLAN-interface 200.
Configuring RIP FRR
Network requirements
A fails, services can be switched to Link B immediately.
Figure 12 Network diagram
Configuration procedure
1.
2.
3.
Configure IP addresses and subnet masks for interfaces on the switches. (Details not shown.)
Configure RIPv2 on the switches to make sure Switch A, Switch D, and Switch S can communicate with each other at Layer 3. (Details not shown.)
Configure RIP FRR:
# Configure Switch S.
<SwitchS> system-view
[SwitchS] bfd echo-source-ip 1.1.1.1
[SwitchS] ip prefix-list abc index 10 permit 4.4.4.4 32
45
[SwitchS] route-policy frr permit node 10
[SwitchS-route-policy-frr-10] if-match ip address prefix-list abc
[SwitchS-route-policy-frr-10] apply fast-reroute backup-interface vlan-interface
100 backup-nexthop 12.12.12.2
[SwitchS-route-policy-frr-10] quit
[SwitchS] rip 1
[SwitchS-rip-1] fast-reroute route-policy frr
[SwitchS-rip-1] quit
# Configure Switch D.
<SwitchD> system-view
[SwitchD] bfd echo-source-ip 4.4.4.4
[SwitchD] ip prefix-list abc index 10 permit 1.1.1.1 32
[SwitchD] route-policy frr permit node 10
[SwitchD-route-policy-frr-10] if-match ip address prefix-list abc
[SwitchD-route-policy-frr-10] apply fast-reroute backup-interface vlan-interface
101 backup-nexthop 24.24.24.2
[SwitchD-route-policy-frr-10] quit
[SwitchD] rip 1
[SwitchD-rip-1] fast-reroute route-policy frr
[SwitchD-rip-1] quit
Verifying the configuration
# Display route 4.4.4.4/32 on Switch S to view the backup next hop information.
[SwitchS] display ip routing-table 4.4.4.4 verbose
Summary Count : 1
Destination: 4.4.4.4/32
Protocol: RIP Process ID: 1
SubProtID: 0x1 Age: 04h20m37s
Cost: 1 Preference: 100
Tag: 0 State: Active Adv
OrigTblID: 0x0 OrigVrf: default-vrf
TableID: 0x2 OrigAs: 0
NBRID: 0x26000002 LastAs: 0
AttrID: 0xffffffff Neighbor: 13.13.13.2
Flags: 0x1008c OrigNextHop: 13.13.13.2
Label: NULL RealNextHop: 13.13.13.2
BkLabel: NULL BkNextHop: 12.12.12.2
Tunnel ID: Invalid Interface: Vlan-interface200
BkTunnel ID: Invalid BkInterface: Vlan-interface100
# Display route 1.1.1.1/32 on Switch D to view the backup next hop information.
[SwitchD] display ip routing-table 1.1.1.1 verbose
Summary Count : 1
Destination: 1.1.1.1/32
Protocol: RIP Process ID: 1
46
SubProtID: 0x1 Age: 04h20m37s
Cost: 1 Preference: 100
Tag: 0 State: Active Adv
OrigTblID: 0x0 OrigVrf: default-vrf
TableID: 0x2 OrigAs: 0
NBRID: 0x26000002 LastAs: 0
AttrID: 0xffffffff Neighbor: 13.13.13.1
Flags: 0x1008c OrigNextHop: 13.13.13.1
Label: NULL RealNextHop: 13.13.13.1
BkLabel: NULL BkNextHop: 24.24.24.2
Tunnel ID: Invalid Interface: Vlan-interface200
BkTunnel ID: Invalid BkInterface: Vlan-interface101
47
Configuring OSPF
Open Shortest Path First (OSPF) is a link-state IGP developed by the OSPF working group of the IETF.
OSPF version 2 is used for IPv4. OSPF refers to OSPFv2 throughout this chapter.
Overview
OSPF offers the following features:
• Wide scope—Supports various network sizes and up to several hundred routers in an OSPF routing domain.
•
Fast convergence—Advertises routing updates instantly upon network topology changes.
• Loop free—Computes routes with the SPF algorithm to avoid routing loops.
• Area-based network partition—Splits an AS into multiple areas to facilitate management. This feature reduces the LSDB size on routers to save memory and CPU resources, and reduces route updates transmitted between areas to save bandwidth.
• ECMP routing—Supports multiple equal-cost routes to a destination.
•
Routing hierarchy—Supports a 4-level routing hierarchy that prioritizes routes into intra-area, inter-area, external Type-1, and external Type-2 routes.
• Authentication—Supports area- and interface-based packet authentication to ensure secure packet exchange.
•
Support for multicasting—Multicasts protocol packets on some types of links to avoid impacting other devices.
OSPF packets
OSPF messages are carried directly over IP. The protocol number is 89.
OSPF uses the following packet types:
• Hello—Periodically sent to find and maintain neighbors, containing timer values, information about the DR, BDR, and known neighbors.
•
Database description (DD)—Describes the digest of each LSA in the LSDB, exchanged between two routers for data synchronization.
• Link state request (LSR)—Requests needed LSAs from a neighbor. After exchanging the DD packets, the two routers know which LSAs of the neighbor are missing from their LSDBs. They then exchange
LSR packets requesting the missing LSAs. The LSA packet contains the digest of the missing LSAs.
• Link state update (LSU)—Transmits the requested LSAs to the neighbor.
• Link state acknowledgment (LSAck)—Acknowledges received LSU packets. It contains the headers of received LSAs (an LSAck packet can acknowledge multiple LSAs).
LSA types
OSPF advertises routing information in Link State Advertisements (LSAs). The following LSAs are commonly used:
48
• Router LSA—Type-1 LSA, originated by all routers and flooded throughout a single area only. This
LSA describes the collected states of the router's interfaces to an area.
•
Network LSA—Type-2 LSA, originated for broadcast and NBMA networks by the designated router, and flooded throughout a single area only. This LSA contains the list of routers connected to the network.
•
Network Summary LSA—Type-3 LSA, originated by Area Border Routers (ABRs), and flooded throughout the LSA's associated area. Each summary-LSA describes a route to a destination outside the area, yet still inside the AS (an inter-area route).
•
ASBR Summary LSA—Type-4 LSA, originated by ABRs and flooded throughout the LSA's associated area. Type 4 summary-LSAs describe routes to Autonomous System Boundary Router
(ASBR).
• AS External LSA—Type-5 LSA, originated by ASBRs, and flooded throughout the AS (except stub and NSSA areas). Each AS-external-LSA describes a route to another AS.
•
NSSA LSA—Type-7 LSA, as defined in RFC 1587, originated by ASBRs in NSSAs and flooded throughout a single NSSA. NSSA LSAs describe routes to other ASs.
• Opaque LSA—A proposed type of LSA. Its format consists of a standard LSA header and application specific information. Opaque LSAs are used by the OSPF protocol or by some applications to distribute information into the OSPF routing domain. The opaque LSA includes Type
9, Type 10, and Type 11. The Type 9 opaque LSA is flooded into the local subnet, the Type 10 is flooded into the local area, and the Type 11 is flooded throughout the AS.
OSPF areas
In large OSPF routing domains, SPF route computations consume too many storage and CPU resources, and enormous OSPF packets generated for route synchronization occupy excessive bandwidth.
To resolve these issues, OSPF splits an AS into multiple areas. Each area is identified by an area ID. The boundaries between areas are routers rather than links. A network segment (or a link) can only reside in one area as shown in
.
You can configure route summarization on ABRs to reduce the number of LSAs advertised to other areas and minimize the effect of topology changes.
49
Figure 13 Area-based OSPF network partition
Area 4
Area 1
Area 0
Area 2
Area 3
Backbone area and virtual links
Each AS has a backbone area that distributes routing information between non-backbone areas. Routing information between non-backbone areas must be forwarded by the backbone area. OSPF includes the following requirements:
•
All non-backbone areas must maintain connectivity to the backbone area.
• The backbone area must maintain connectivity within itself.
In practice, these requirements might not be satisfied due to lack of physical links. OSPF virtual links can resolve this issue.
A virtual link is established between two ABRs through a non-backbone area. It must be configured on both ABRs to take effect. The non-backbone area is called a transit area.
, Area 2 has no direct physical link to the backbone area 0. You can configure a virtual link between the two ABRs to connect Area 2 to the backbone area.
Figure 14 Virtual link application 1
Virtual links can also be used to provide redundant links. If the backbone area cannot maintain internal connectivity due to the failure of a physical link, you can configure a virtual link to replace the failed physical link, as shown in
.
50
Figure 15 Virtual link application 2
Area 1
Virtual link
R1
R2
Area 0
The virtual link between the two ABRs acts as a point-to-point connection. You can configure interface parameters, such as hello interval, on the virtual link as they are configured on a physical interface.
The two ABRs on the virtual link unicast OSPF packets to each other, and the OSPF routers in between convey these OSPF packets as normal IP packets.
Stub area and totally stub area
A stub area does not distribute Type-5 LSAs to reduce the routing table size and LSAs advertised within the area. The ABR of the stub area advertises a default route in a Type-3 LSA so that the routers in the area can reach external networks through the default route.
To further reduce the routing table size and advertised LSAs, you can configure the stub area as a totally stub area. The ABR of a totally stub area does no advertise inter-area routes or external routes. It advertises a default route in a Type-3 LSA so that the routers in the area can reach external networks through the default route.
NSSA area and totally NSSA area
An NSSA area does not import AS external LSAs (Type-5 LSAs) but can import Type-7 LSAs generated by the NSSA ASBR. The NSSA ABR translates Type-7 LSAs into Type-5 LSAs and advertises the Type-5 LSAs to other areas.
, the OSPF AS contains Area 1, Area 2, and Area 0. The other two ASs run RIP. Area 1 is an
NSSA area where the ASBR redistributes RIP routes in Type-7 LSAs into Area 1. Upon receiving the Type-7
LSAs, the NSSA ABR translates them to Type-5 LSAs, and advertises the Type-5 LSAs to Area 0.
The ASBR of Area 2 redistributes RIP routes in Type-5 LSAs into the OSPF routing domain. However, Area
1 does not receive Type-5 LSAs because it is an NSSA area.
Figure 16 NSSA area
Router types
OSPF routers are classified into the following types based on their positions in the AS:
51
• Internal router—All interfaces on an internal router belong to one OSPF area.
•
ABR—Belongs to more than two areas, one of which must be the backbone area. ABR connects the backbone area to a non-backbone area. An ABR and the backbone area can be connected through a physical or logical link.
• Backbone router—At least one interface of a backbone router must reside in the backbone area.
All ABRs and internal routers in area 0 are backbone routers.
•
ASBR—Exchanges routing information with another AS is an ASBR. An ASBR might not reside on the border of the AS. It can be an internal router or an ABR.
Figure 17 OSPF router types
RIP
IS-IS
ASBR
Area 1
Area 4
Backbone router
Internal router
Area 0
ABR
Area 2
Area 3
Route types
OSPF prioritizes routes into the following route levels:
•
Intra-area route
•
Inter-area route
• Type-1 external route
• Type-2 external route
The intra-area and inter-area routes describe the network topology of the AS. The external routes describe routes to external ASs.
A Type-1 external route has high credibility. The cost from a router to the destination of a Type-1 external route = the cost from the router to the corresponding ASBR + the cost from the ASBR to the destination of the external route.
A Type-2 external route has low credibility. OSPF considers the cost from the ASBR to the destination of a Type-2 external route is much greater than the cost from the ASBR to an OSPF internal router. The cost from the internal router to the destination of the Type-2 external route = the cost from the ASBR to the
52
destination of the Type-2 external route. If two Type-2 routes to the same destination have the same cost,
OSPF takes the cost from the router to the ASBR into consideration to determine the best route.
Route calculation
OSPF computes routes in an area as follows:
•
Each router generates LSAs based on the network topology around itself, and sends them to other routers in update packets.
• Each OSPF router collects LSAs from other routers to compose an LSDB. An LSA describes the network topology around a router, and the LSDB describes the entire network topology of the area.
•
Each router transforms the LSDB to a weighted directed graph that shows the topology of the area.
All the routers within the area have the same graph.
• Each router uses the SPF algorithm to compute a shortest path tree that shows the routes to the nodes in the area. The router itself is the root of the tree.
OSPF network types
OSPF classifies networks into the following types, depending on different link layer protocols:
•
Broadcast—If the link layer protocol is Ethernet or FDDI, OSPF considers the network type as broadcast by default. On a broadcast network, hello, LSU, and LSAck packets are multicast to
224.0.0.5 that identifies all OSPF routers or to 224.0.0.6 that identifies the DR; DD packets and LSR packets are unicast.
•
NBMA—If the link layer protocol is Frame Relay, ATM, or X.25, OSPF considers the network type as NBMA by default. OSPF packets are unicast on a NBMA network.
• P2MP—No link is P2MP type by default. P2MP must be a conversion from other network types such as NBMA. On a P2MP network, OSPF packets are multicast to 224.0.0.5.
•
P2P—If the link layer protocol is PPP or HDLC, OSPF considers the network type as P2P. On a P2P network, OSPF packets are multicast to 224.0.0.5.
The following are the differences between NBMA and P2MP networks:
•
NBMA networks are fully meshed. P2MP networks are not required to be fully meshed.
•
NBMA networks require DR and BDR election. P2MP networks do not have DR or BDR.
•
On a NBMA network, OSPF packets are unicast, and neighbors are manually configured. On a
P2MP network, OSPF packets are multicast by default, and you can configure OSPF to unicast protocol packets.
DR and BDR
On a broadcast or NBMA network, any two routers must establish an adjacency to exchange routing information with each other. If n routers are present on the network, n(n-1)/2 adjacencies are established.
Any topology change on the network results in an increase in traffic for route synchronization, consuming many system and bandwidth resources.
The DR and BDR mechanisms can solve this problem.
•
DR—Elected to advertise routing information among other routers. If the DR fails, routers on the network must elect another DR and synchronize information with the new DR. Using this mechanism alone is time-consuming and prone to route calculation errors.
53
• BDR—Elected along with the DR to establish adjacencies with all other routers. If the DR fails, the
BDR immediately becomes the new DR, and other routers elect a new BDR.
Routers other than the DR and BDR are called "DROthers." They do not establish adjacencies with one another, so the number of adjacencies is reduced.
The role of a router is subnet (or interface) specific. It might be a DR on one interface and a BDR or
DROther on another interface.
the DR and BDR, only seven adjacencies are established.
Figure 18 DR and BDR in a network
DR BDR
DR other DR other DR other
Physical links Adjacencies
NOTE:
In OSPF, "neighbor" and "adjacency" are different concepts. After startup, OSPF sends a hello packet on each OSPF interface. A receiving router checks parameters in the packet. If the parameters match its own, the receiving router considers the sending router an OSPF neighbor. Two OSPF neighbors establish an adjacency relationship after they synchronize their LSDBs through exchange of DD packets and LSAs.
DR and BDR election
DR election is performed on broadcast or NBMA networks but not on P2P and P2MP networks.
Routers in a broadcast or NBMA network elect the DR and BDR by router priority and ID. Routers with a router priority value higher than 0 are candidates for DR and BDR election.
The election votes are hello packets. Each router sends the DR elected by itself in a hello packet to all the other routers. If two routers on the network declare themselves as the DR, the router with the higher router priority wins. If router priorities are the same, the router with the higher router ID wins.
If a router with a higher router priority is added to the network after DR and BDR election, the router cannot become the DR or BDR immediately as no DR election is performed for it. Therefore, the DR of a network might not be the router with the highest priority, and the BDR might not be the router with the second highest priority.
Protocols and standards
•
RFC 1765, OSPF Database Overflow
• RFC 2328, OSPF Version 2
•
RFC 3101, OSPF Not-So-Stubby Area (NSSA) Option
54
• RFC 3137, OSPF Stub Router Advertisement
•
RFC 4811, OSPF Out-of-Band LSDB Resynchronization
•
RFC 4812, OSPF Restart Signaling
• RFC 4813, OSPF Link-Local Signaling
OSPF configuration task list
To run OSPF, you must first enable OSPF on the router. Make a proper configuration plan to avoid incorrect settings that can result in route blocking and routing loops.
To configure OSPF, perform the following tasks:
Tasks at a glance
(Optional.) Configuring OSPF areas :
•
•
•
(Optional.) Configuring OSPF network types :
•
Configuring the broadcast network type for an interface
•
Configuring the NBMA network type for an interface
•
Configuring the P2MP network type for an interface
•
Configuring the P2P network type for an interface
(Optional.) Configuring OSPF route control
:
•
Configuring OSPF route summarization
{
Configuring route summarization on an ABR
{
Configuring route summarization when redistributing routes into OSPF on an ASBR
•
Configuring inbound OSPF route filtering
•
Configuring Type-3 LSA filtering
•
Configuring an OSPF cost for an interface
•
Configuring the maximum number of ECMP routes
•
•
Configuring OSPF route redistribution
{
Configuring OSPF to redistribute routes from another routing protocol
{
Configuring OSPF to redistribute a default route
{
Configuring default parameters for redistributed routes
•
55
Tasks at a glance
(Optional.) Tuning and optimizing OSPF networks :
•
•
Specifying LSA transmission delay
•
Specifying SPF calculation interval
•
Specifying the LSA arrival interval
•
Specifying the LSA generation interval
•
Disabling interfaces from receiving and sending OSPF packets
•
•
Configuring OSPF authentication
•
Adding the interface MTU into DD packets
•
Configuring the maximum number of external LSAs in LSDB
•
Configuring OSPF exit overflow interval
•
Enabling compatibility with RFC 1583
•
Logging neighbor state changes
•
Configuring OSPF network management
•
Configuring the LSU transmit rate
•
(Optional.) Configuring OSPF Graceful Restart
:
•
Configuring the OSPF GR Restarter
•
•
Triggering OSPF Graceful Restart
(Optional.) Configuring BFD for OSPF
(Optional.) Configuring OSPF FRR
Enabling OSPF
Enable OSPF before you perform other OSPF configuration tasks.
Configuration prerequisites
Configure the link layer protocol and IP addresses for interfaces to ensure IP connectivity between neighboring nodes.
Configuration guidelines
Complete the following tasks to enable an interface to run an OSPF process in an area:
•
Enable the OSPF process.
• Create the area for the OSPF process.
• Add the network segment where the interface resides to the area. The OSPF process advertises the direct route of the interface.
•
Specify a router ID, the unique identifier of the router in the AS.
You can also specify a router ID when you create an OSPF process.
56
• If you specify a router ID when you create an OSPF process, any two routers in an AS must have different router IDs. A common practice is to specify the IP address of an interface as the router ID.
•
If you specify no router ID when you create the OSPF process, the global router ID is used. HP recommends specifying a router ID when you create the OSPF process.
OSPF can run multiple processes and supports VPNs:
•
To run multiple OSPF processes, you must specify an ID for each process. The process IDs take effect locally and has no influence on packet exchange between routers. Two routers with different process IDs can exchange packets.
•
VPN support enables an OSPF process to run in a specified VPN. For more information about VPN, see MCE Configuration Guide.
Configuration procedure
To enable OSPF:
Step Command
1. Enter system view. system-view
2. (Optional.) Configure a global router ID.
3. Enable an OSPF process and enter OSPF view.
4. (Optional.) Configure a description for the OSPF process. router id router-id
Remarks
N/A
By default, no global router ID is configured.
If no global router ID is configured, the highest loopback interface IP address, if any, is used as the router ID. If no loopback interface IP address is available, the highest physical interface IP address is used, regardless of the interface status (up or down). ospf [ process-id | router-id
router-id | vpn-instance
vpn-instance-name ] *
By default, no OSPF process is enabled. description description
By default, no description is configured for the OSPF process.
HP recommends configuring a description for each OSPF process.
5. Create an OSPF area and enter OSPF area view. area area-id By default, no OSPF area is created.
6. (Optional.) Configure a description for the area. description description
By default, no description is configured for the area.
HP recommends configuring a description for each OSPF area.
7. Specify a network to enable the interface attached to the network to run the OSPF process in the area. network ip-address
wildcard-mask
By default, no network is specified.
A network can be added to only one area.
Configuring OSPF areas
Before you configure an OSPF area, complete the following tasks:
•
Configure IP addresses for interfaces to ensure IP connectivity between neighboring nodes.
57
• Enable OSPF.
Configuring a stub area
You can configure a non-backbone area at an AS edge as a stub area. To do so, issue the stub command on all routers attached to the area. The routing table size is reduced because Type-5 LSAs will not be flooded within the stub area. The ABR generates a default route into the stub area so all packets destined outside of the AS are sent through the default route.
To further reduce the routing table size and routing information exchanged in the stub area, configure a totally stub area by using the stub [ no-summary ] command on the ABR. AS external routes and inter-area routes will not be distributed into the area. All the packets destined outside of the AS or area will be sent to the ABR for forwarding.
A stub or totally stub area cannot have an ASBR because external routes cannot be distributed into the area.
Virtual links cannot transit a stub area or totally stub area.
To configure an OSPF stub area:
Step Command
1. Enter system view. system-view
2. Enter OSPF view.
3. Enter area view.
4. Configure the area as a stub area. ospf [ process-id | router-id
router-id | vpn-instance
vpn-instance-name ] * area area-id stub [ default-route-advertise | no-summary ] *
Remarks
N/A
N/A
N/A
By default, no stub area is configured.
5. (Optional.) Specify a cost for the default route advertised to the stub area. default-cost cost
The default setting is 1.
The default-cost cost command takes effect only on the ABR of a stub area or totally stub area.
Configuring an NSSA area
A stub area cannot import external routes, but an NSSA area can import external routes into the OSPF routing domain while retaining other stub area characteristics.
Do not configure the backbone area as an NSSA area or totally NSSA area.
To configure an NSSA area, configure the nssa command on all the routers attached to the area.
To configure a totally NSSA area, configure the nssa command on all the routers attached to the area and configure the nssa no-summary command on the ABR. The ABR of a totally NSSA area does not advertise inter-area routes into the area.
Virtual links cannot transit a stub area or totally stub area.
To configure an NSSA area:
Step Command
1. Enter system view. system-view
Remarks
N/A
58
Step Command
2. Enter OSPF view. ospf [ process-id | router-id
router-id | vpn-instance
vpn-instance-name ] *
3. Enter area view. area area-id
4. Configure the area as an
NSSA area. nssa [ default-route-advertise | no-import-route | no-summary | translate-always | translator-stability-interval value ]
*
Remarks
N/A
N/A
By default, no area is configured as an NSSA area.
5. (Optional.) Specify a cost for the default route advertised to the NSSA area. default-cost cost
The default setting is 1.
This command takes effect only on the ABR/ASBR of an NSSA or totally
NSSA area.
Configuring a virtual link
Virtual links are configured for connecting backbone area routers that have no direct physical links.
Virtual links cannot transit a stub area, totally stub area, NSSA area, or totally NSSA area.
To configure a virtual link:
Step Command
1. Enter system view. system-view
2. Enter OSPF view.
3. Enter area view. ospf [ process-id | router-id
router-id | vpn-instance
vpn-instance-name ] * area area-id
4. Configure a virtual link.
Remarks
N/A
N/A vlink-peer router-id [ dead seconds
| hello seconds | { hmac-md5 | md5 } key-id { cipher cipher-string
| plain plain-string } | retransmit
seconds | simple { cipher
cipher-string | plain plain-string } | trans-delay seconds ] *
N/A
By default, no virtual link is configured.
Configure this command on both ends of a virtual link, and the hello and dead intervals must be identical on both ends of the virtual link.
The authentication mode (MD5 or simple) of the virtual link is determined by the authentication mode configured for the backbone area.
Configuring OSPF network types
OSPF classifies networks into the following types based on the link layer protocol:
• Broadcast—When the link layer protocol is Ethernet or FDDI, OSPF classifies the network type as broadcast by default.
59
• NBMA—When the link layer protocol is Frame Relay, ATM, or X.25, OSPF classifies the network type as NBMA by default.
•
P2P—When the link layer protocol is PPP, LAPB, or HDLC, OSPF classifies the network type as P2P by default.
When you change the network type of an interface, follow these guidelines:
• When an NBMA network becomes fully meshed, change the network type to broadcast to avoid manual configuration of neighbors.
•
If any routers in a broadcast network do not support multicasting, change the network type to
NBMA.
• An NBMA network must be fully meshed. OSPF requires that an NBMA network be fully meshed.
If a network is partially meshed, change the network type to P2MP.
•
If a router on an NBMA network has only one neighbor, you can change the network type to P2P to save costs.
Two broadcast-, NBMA-, and P2MP-interfaces can establish a neighbor relationship only when they are on the same network segment.
Configuration prerequisites
Before you configure OSPF network types, complete the following tasks:
•
Configure IP addresses for interfaces to ensure IP connectivity between neighboring nodes.
•
Enable OSPF.
Configuring the broadcast network type for an interface
Step Command
1. Enter system view. system-view
2. Enter interface view. interface interface-type
interface-number
Remarks
N/A
N/A
3. Configure the OSPF network type for the interface as broadcast. ospf network-type broadcast
By default, the network type of an interface depends on the link layer protocol.
4. (Optional.) Configure a router priority for the interface. ospf dr-priority priority The default router priority is 1.
Configuring the NBMA network type for an interface
After you configure the network type as NBMA, you must specify neighbors and their router priorities because NBMA interfaces cannot find neighbors by broadcasting hello packets.
To configure the NBMA network type for an interface:
Step Command
1. Enter system view. system-view
Remarks
N/A
60
Step Command
2. Enter interface view. interface interface-type
interface-number
3. Configure the OSPF network type for the interface as NBMA. ospf network-type nbma
4. (Optional.) Configure a router priority for the interface.
5. Return to system view. ospf dr-priority priority
6. Enter OSPF view. quit ospf [ process-id | router-id
router-id | vpn-instance
vpn-instance-name ] *
Remarks
N/A
By default, the network type of an interface depends on the link layer protocol.
The default setting is 1.
The router priority configured with this command is for DR election.
N/A
N/A
7. Specify a neighbor and its router priority. peer ip-address [ cost value | dr-priority dr-priority ]
By default, no neighbor is specified.
The priority configured with this command indicates whether a neighbor has the election right or not. If you configure the router priority for a neighbor as 0, the local router determines the neighbor has no election right, and does not send hello packets to this neighbor. However, if the local router is the DR or BDR, it still sends hello packets to the neighbor for neighbor relationship establishment.
Configuring the P2MP network type for an interface
Step Command
1. Enter system view. system-view
2. Enter interface view. interface interface-type
interface-number
Remarks
N/A
N/A
3. Configure the OSPF network type for the interface as
P2MP. ospf network-type p2mp [ unicast ]
4. Exit to system view.
By default, the network type of an interface depends on the link layer protocol.
After you configure the OSPF network type for an interface as
P2MP unicast, all packets are unicast over the interface. The interface cannot broadcast hello packets to discover neighbors, so you must manually specify the neighbors.
N/A
5. Enter OSPF view. quit ospf [ process-id | router-id
router-id | vpn-instance
vpn-instance-name ] *
N/A
61
Step Command
6. (Optional.) Specify a neighbor and its router priority. peer ip-address [ cost value | dr-priority dr-priority ]
Remarks
By default, no neighbor is specified.
This step must be performed if the network type is P2MP unicast, and is optional if the network type is P2MP.
Configuring the P2P network type for an interface
Step Command
1. Enter system view. system-view
2. Enter interface view. interface interface-type
interface-number
Remarks
N/A
N/A
3. Configure the OSPF network type for the interface as P2P. ospf network-type p2p
By default, the network type of an interface depends on the link layer protocol.
Configuring OSPF route control
This section describes how to control the advertisement and reception of OSPF routing information, as well as route redistribution from other protocols.
Configuration prerequisites
Before you configure OSPF route control, complete the following tasks:
• Configure IP addresses for interfaces to ensure IP connectivity between neighboring nodes.
• Enable OSPF.
•
Configure filters if routing information filtering is needed.
Configuring OSPF route summarization
Configure route summarization on an ABR or ASBR to summarize contiguous networks into a single network and distribute it to other areas.
Route summarization reduces the routing information exchanged between areas and the size of routing tables, and improves routing performance. For example, three internal networks 19.1.1.0/24,
19.1.2.0/24, and 19.1.3.0/24 are available within an area. You can summarize the three networks into network 19.1.0.0/16, and advertise the summary network to other areas.
Configuring route summarization on an ABR
After you configure a summary route on an ABR, the ABR generates a summary LSA instead of more specific LSAs so that the scale of LSDBs on routers in other areas and the influence of topology changes are reduced.
To configure route summarization on an ABR:
62
Step Command
1. Enter system view. system-view
2. Enter OSPF view.
3. Enter OSPF area view.
Remarks
N/A ospf [ process-id | router-id router-id
| vpn-instance vpn-instance-name ] * N/A area area-id N/A
4. Configure ABR route summarization. abr-summary ip-address { mask |
mask-length } [ advertise | not-advertise ] [ cost cost ]
By default, no route summarization is configured.
The command takes effect only on an ABR.
Configuring route summarization when redistributing routes into OSPF on an ASBR
Without route summarization, an ASBR advertises each redistributed route in a separate ASE LSA. After you configure a summary route, the ASBR advertises only the summary route in an ASE LSA instead of more specific routes, reducing the number of LSAs in the LSDB.
The ASBR summarizes redistributed Type-5 LSAs that fall into the specified address range. If the ASBR is in an NSSA area, it also summarizes Type-7 LSAs that fall into the specified address range. If the ASBR is also the ABR, it summarizes Type-5 LSAs translated from Type-7 LSAs.
To configure route summarization when redistributing routes into OSPF on an ASBR:
Step Command
1. Enter system view. system-view
2. Enter OSPF view. ospf [ process-id | router-id router-id
| vpn-instance vpn-instance-name ]*
Remarks
N/A
N/A
3. Configure ASBR route summarization. asbr-summary ip-address { mask |
mask-length } [ tag tag | not-advertise
| cost cost ] *
By default, no ASBR route summarization is configured.
The command takes effect only on an
ASBR.
Configuring inbound OSPF route filtering
Perform this task to filter routes calculated using received LSAs.
The following filtering methods are available:
•
Use an ACL or IP prefix list to filter routing information by destination address.
• Use the gateway keyword to filter routing information by next hop.
• Use an ACL or IP prefix list to filter routing information by destination address and at the same time use the gateway keyword to filter routing information by next hop.
•
Use a routing policy to filter routing information.
To configure OSPF to filter routes calculated using received LSAs:
Step Command
1. Enter system view. system-view
2. Enter OSPF view. ospf [ process-id | router-id router-id | vpn-instance vpn-instance-name ] *
Remarks
N/A
N/A
63
Step Command
3. Configure OSPF to filter routes calculated using received LSAs. filter-policy { acl-number [ gateway
ip-prefix-name ] | gateway ip-prefix-name | ip-prefix ip-prefix-name [ gateway
ip-prefix-name ] | route-policy
route-policy-name } import
Remarks
By default, OSPF accepts all routes calculated using received LSAs.
Configuring Type-3 LSA filtering
Perform this task to filter Type-3 LSAs advertised to an area on an ABR.
To configure Type-3 LSA filtering:
Step Command
1. Enter system view. system-view
2. Enter OSPF view.
3. Enter area view.
4. Configure Type-3 LSA filtering. ospf [ process-id | router-id router-id | vpn-instance vpn-instance-name ] *
N/A area area-id N/A filter { acl-number | ip-prefix
ip-prefix-name } { import | export }
Remarks
N/A
By default, the ABR does not filter Type-3 LSAs.
Configuring an OSPF cost for an interface
Configure an OSPF cost for an interface by using either of the following methods:
•
Configure the cost value in interface view.
• Configure a bandwidth reference value for the interface. OSPF computes the cost with this formula:
Interface OSPF cost = Bandwidth reference value (100 Mbps)/Interface bandwidth (Mbps). If the calculated cost is greater than 65535, the value of 65535 is used. If the calculated cost is less than
1, the value of 1 is used. If no cost or bandwidth reference value is configured for an interface,
OSPF computes the interface cost based on the interface bandwidth and default bandwidth reference value.
To configure an OSPF cost for an interface:
Step Command
1. Enter system view. system-view
2. Enter interface view. interface interface-type
interface-number
Remarks
N/A
N/A
3. Configure an OSPF cost for the interface. ospf cost value
By default, the OSPF cost is calculated according to the interface bandwidth. For a loopback interface, the OSPF cost is 0 by default.
To configure a bandwidth reference value:
Step Command
1. Enter system view. system-view
Remarks
N/A
64
Step Command
2. Enter OSPF view. ospf [ process-id | router-id router-id | vpn-instance vpn-instance-name ] *
3. Configure a bandwidth reference value. bandwidth-reference value
Remarks
N/A
The default setting is 100
Mbps.
Configuring the maximum number of ECMP routes
Perform this task to implement load sharing over ECMP routes.
To configure the maximum number of ECMP routes:
Step Command
1. Enter system view. system-view
2. Enter OSPF view. ospf [ process-id | router-id router-id | vpn-instance vpn-instance-name ] *
Remarks
N/A
N/A
3. Configure the maximum number of ECMP routes. maximum load-balancing maximum
By default, the maximum number of
ECMP routes is the same as that configured in the max-ecmp-num command. For more information about the max-ecmp-num command, see IP
Routing Command
Reference.
Configuring OSPF preference
A router can run multiple routing protocols, and each protocol is assigned a preference. If multiple routes are available to the same destination, the one with the highest protocol preference is selected as the best route.
To configure OSPF preference:
Step Command
1. Enter system view. system-view
2. Enter OSPF view. ospf [ process-id | router-id router-id
| vpn-instance vpn-instance-name ] *
Remarks
N/A
N/A
3. Configure a preference for OSPF. preference [ ase ] [ route-policy
route-policy-name ] value
By default, the preference of OSPF internal routes is 10 and the preference of OSPF external routes is 150.
Configuring OSPF route redistribution
On a router running OSPF and other routing protocols, you can configure OSPF to redistribute routes from other protocols, such as RIP, IS-IS, BGP, static, and direct, and advertise them in Type-5 LSAs or
65
Type-7 LSAs. In addition, you can configure OSPF to filter redistributed routes so that OSPF advertises only permitted routes.
IMPORTANT:
The import-route bgp command redistributes only EBGP routes. Because the import-route bgp allow-ibgp command redistributes both EBGP and IBGP routes, and might cause routing loops, use it with caution.
Configuring OSPF to redistribute routes from another routing protocol
Step Command
1. Enter system view. system-view
2. Enter OSPF view. ospf [ process-id | router-id router-id | vpn-instance vpn-instance-name ] *
Remarks
N/A
N/A
3. Configure OSPF to redistribute routes from another routing protocol. import-route protocol [ process-id | all-processes | allow-ibgp ] [ cost cost | route-policy route-policy-name | tag tag
| type type ] *
By default, no route redistribution is configured.
This command redistributes only active routes. To view information about active routes, use the display ip routing-table protocol command.
4. (Optional.) Configure
OSPF to filter redistributed routes. filter-policy { acl-number | prefix-list
ip-prefix-name } export [ protocol
[ process-id ] ]
Configuring OSPF to redistribute a default route
By default, OSPF accepts all redistributed routes.
The import-route command cannot redistribute a default external route. Perform this task to redistribute a default route.
To redistribute a default route:
Step Command
1. Enter system view. system-view
Remarks
N/A
2. Enter OSPF view.
3. Redistribute a default route. ospf [ process-id | router-id router-id | vpn-instance vpn-instance-name ] *
N/A default-route-advertise [ [ [ always | permit-calculate-other ] | cost cost | route-policy route-policy-name | type
type ] * | summary cost cost ]
By default, no default route is redistributed.
This command is applicable only to VPNs. The PE router advertises a default route in a
Type-3 LSA to a CE router.
66
Configuring default parameters for redistributed routes
Perform this task to configure default parameters for redistributed routes, including cost, tag, and type.
Tags indicate information about protocols. For example, when redistributing BGP routes, OSPF uses tags to identify AS IDs.
To configure the default parameters for redistributed routes:
Step Command
1. Enter system view. system-view
Remarks
N/A
2. Enter OSPF view. ospf [ process-id | router-id router-id | vpn-instance vpn-instance-name ] *
N/A
3. Configure the default parameters for redistributed routes (cost, upper limit, tag, and type). default { cost cost | tag tag | type type } *
Advertising a host route
Step Command
1. Enter system view. system-view
2. Enter OSPF view.
3. Enter area view. ospf [ process-id | router-id
router-id | vpn-instance
vpn-instance-name ] * area area-id
4. Advertise a host route. host-advertise ip-address cost
Remarks
N/A
N/A
By default, the cost is 1, the tag is 1, and the type is
Type-2.
N/A
By default, no host route is advertised.
Tuning and optimizing OSPF networks
You can use one of the following methods to optimize an OSPF network:
• Change OSPF packet timers to adjust the convergence speed and network load. On low-speed links, consider the delay time for sending LSAs.
•
Change the SPF calculation interval to reduce resource consumption caused by frequent network changes.
• Configure OSPF authentication to improve security.
Configuration prerequisites
Before you configure OSPF network optimization, complete the following tasks:
• Configure IP addresses for interfaces to ensure IP connectivity between neighboring nodes.
•
Enable OSPF.
67
Configuring OSPF timers
An OSPF interface includes the following timers:
•
Hello timer—Interval for sending hello packets. It must be identical on OSPF neighbors.
•
Poll timer—Interval for sending hello packets to a neighbor that is down on the NBMA network.
•
Dead timer—Interval within which if the interface receives no hello packet from the neighbor, it declares the neighbor is down.
• LSA retransmission timer—Interval within which if the interface receives no acknowledgement packets after sending a LSA to the neighbor, it retransmits the LSA.
To configure OSPF timers:
Step Command
1. Enter system view. system-view
2. Enter interface view. interface interface-type
interface-number
Remarks
N/A
N/A
3. Specify the hello interval.
4. Specify the poll interval.
5. Specify the dead interval.
6. Specify the retransmission interval. ospf timer hello seconds ospf timer poll seconds ospf timer dead seconds ospf timer retransmit interval
By default:
•
The hello interval on P2P and broadcast interfaces is 10 seconds.
•
The hello interval on P2MP and NBMA interfaces is 30 seconds.The default hello interval is restored when the network type for an interface is changed.
The default setting is 120 seconds.
The poll interval is at least four times the hello interval.
By default:
•
The dead interval on P2P and broadcast interfaces is 40 seconds.
•
The dead interval on P2MP and NBMA interfaces is 120 seconds.
The dead interval must be at least four times the hello interval on an interface.
The default dead interval is restored when the network type for an interface is changed.
The default setting is 5 seconds.
A retransmission interval setting that is too small can cause unnecessary LSA retransmissions.
This interval is typically set bigger than the round-trip time of a packet between two neighbors.
Specifying LSA transmission delay
To avoid LSAs from aging out during transmission, set an LSA retransmission delay especially for low speed links.
To specify the LSA transmission delay on an interface:
68
Step Command
1. Enter system view. system-view
2. Enter interface view. interface interface-type
interface-number
3. Specify the LSA transmission delay. ospf trans-delay seconds
Remarks
N/A
N/A
The default setting is 1 second.
Specifying SPF calculation interval
LSDB changes result in SPF calculations. When the topology changes frequently, a large amount of network and router resources are occupied by SPF calculation. You can adjust the SPF calculation interval to reduce the impact.
When network changes are not frequent, the minimum-interval is adopted. If network changes become frequent, the SPF calculation interval is incremented by incremental-interval × 2 n-2 (n is the number of calculation times) each time a calculation occurs until the maximum-interval is reached.
To configure the SPF calculation interval:
Step Command
1. Enter system view. system-view
2. Enter OSPF view.
3. Specify the SPF calculation interval.
Remarks
N/A ospf [ process-id | router-id router-id
| vpn-instance vpn-instance-name ] * N/A spf-schedule-interval
maximum-interval [ minimum-interval
[ incremental-interval ] ]
By default:
•
The maximum interval is 5 seconds.
•
The minimum interval is 50 milliseconds.
•
The incremental interval is 200 milliseconds.
Specifying the LSA arrival interval
If OSPF receives an LSA that has the same LSA type, LS ID, and router ID as the previously received LSA within the LSA arrival interval, OSPF discards the LSA to save bandwidth and route resources.
To configure the LSA arrival interval:
Step Command
1. Enter system view. system-view
2. Enter OSPF view. ospf [ process-id | router-id
router-id | vpn-instance
vpn-instance-name ] *
Remarks
N/A
N/A
3. Configure the LSA arrival interval. lsa-arrival-interval interval
The default setting is 1000 milliseconds.
Make sure this interval is smaller than or equal to the interval set with the lsa-generation-interval command.
69
Specifying the LSA generation interval
Adjust the LSA generation interval to protect network resources and routers from being overwhelmed by
LSAs at the time of frequent network changes.
When network changes are not frequent, LSAs are generated at the minimum-interval. If network changes become frequent, the LSA generation interval is incremented by incremental-interval × 2 n-2
(n is the number of generation times) each time a LSA generation occurs until the maximum-interval is reached.
To configure the LSA generation interval:
Step Command
1. Enter system view. system-view
2. Enter OSPF view. ospf [ process-id | router-id router-id | vpn-instance vpn-instance-name ] *
Remarks
N/A
N/A
3. Configure the LSA generation interval. lsa-generation-interval
maximum-interval [ minimum-interval
[ incremental-interval ] ]
By default:
•
The maximum interval is 5 seconds.
•
The minimum interval is 0 milliseconds.
•
The incremental interval is 0 milliseconds.
Disabling interfaces from receiving and sending OSPF packets
To enhance OSPF adaptability and reduce resource consumption, you can set an OSPF interface to
"silent." A silent OSPF interface blocks OSPF packets and cannot establish any OSPF neighbor relationship. However, other interfaces on the router can still advertise direct routes of the interface in
Router LSAs.
To disable interfaces from receiving and sending routing information:
Step Command
1. Enter system view. system-view
2. Enter OSPF view. ospf [ process-id | router-id router-id
| vpn-instance vpn-instance-name ] *
Remarks
N/A
N/A
3. Disable interfaces from receiving and sending
OSPF packets. silent-interface { interface-type
interface-number | all }
By default, an OSPF interface can receive and send OSPF packets.
The silent-interface command disables only the interfaces associated with the current process rather than other processes.
Multiple OSPF processes can disable the same interface from receiving and sending OSPF packets.
70
Configuring stub routers
A stub router is used for traffic control. It reports its status as a stub router to neighboring OSPF routers.
The neighboring routers do not use the stub router to forward data although they have a route to it.
Router LSAs from the stub router might contain different link type values. A value of 3 means a link to a stub network, and the cost of the link will not be changed. A value of 1, 2 or 4 means a point-to-point link, a link to a transit network, or a virtual link. On such links, a maximum cost value of 65535 is used.
Neighbors do not send packets to the stub router as long as they have a route with a smaller cost.
To configure a router as a stub router:
Step Command
1. Enter system view. system-view
2. Enter OSPF view. ospf [ process-id | router-id router-id | vpn-instance vpn-instance-name ] *
Remarks
N/A
N/A
3. Configure the router as a stub router. stub-router
By default, the router is not configured as a stub router.
A stub router has no associations with a stub area.
Configuring OSPF authentication
Configure OSPF packet authentication to ensure the packet exchange security.
After authentication is configured, OSPF only receives packets that pass authentication. Failed packets cannot establish neighboring relationships.
You must configure the same area authentication mode on all the routers in an area. In addition, the authentication mode and password for all interfaces attached to the same area must be identical.
To configure OSPF authentication:
Step Command
1. Enter system view. system-view
2.
Enter OSPF view.
3. Enter area view.
Remarks
N/A ospf [ process-id | router-id router-id | vpn-instance vpn-instance-name ] *
N/A area area-id N/A
4. Configure area authentication mode.
5. Return to OSPF view.
6. Return to system view.
7. Enter interface view. authentication-mode { md5 | simple }
By default, no authentication is configured. quit quit
N/A
N/A interface interface-type interface-number N/A
71
Step Command
8. Configure interface authentication mode.
Remarks
•
Configure simple authentication: ospf authentication-mode simple { cipher
cipher-string | plain plain-string }
•
Configure MD5 authentication: ospf authentication-mode { hmac-md5 | md5 } key-id { cipher cipher-string | plain
plain-string }
Use either approach.
By default, no interface authentication is configured.
Adding the interface MTU into DD packets
By default, an OSPF interface adds a value of 0 into the interface MTU field of a DD packet rather than the actual interface MTU. You can enable an interface to add its MTU into DD packets.
To add the interface MTU into DD packets:
Step Command
1. Enter system view. system-view
2. Enter interface view. interface interface-type
interface-number
3. Enable the interface to add its
MTU into DD packets. ospf mtu-enable
Remarks
N/A
N/A
By default, the interface adds an
MTU value of 0 into DD packets.
Configuring the maximum number of external LSAs in LSDB
Step Command
1. Enter system view. system-view
2. Enter OSPF view. ospf [ process-id | router-id router-id | vpn-instance vpn-instance-name ] *
Remarks
N/A
N/A
3. Specify the maximum number of external LSAs in the LSDB. lsdb-overflow-limit number
By default, the maximum number of external LSAs in the
LSDB is not limited.
Configuring OSPF exit overflow interval
When the number of LSAs in the LSDB exceeds the upper limit, the LSDB is in an overflow state. To save resources, OSPF does not receive any external LSAs and deletes the external LSAs generated by itself when in this state.
Perform this task to configure the interval that OSPF exits overflow state.
To configure the OSPF exit overflow interval:
72
Step Command
1. Enter system view. system-view
2. Enter OSPF view. ospf [ process-id | router-id router-id | vpn-instance vpn-instance-name ] *
Remarks
N/A
N/A
3. Configure the OSPF exit overflow interval. lsdb-overflow-interval interval
The default setting is 300 seconds.
The value of 0 indicates that
OSPF does not exit overflow state.
Enabling compatibility with RFC 1583
RFC 1583 specifies a different method than RFC 2328 for selecting an external route from multiple LSAs.
This task enables RFC 2328 to be compatible with RFC 1583 so that the intra-area route in the backbone area is preferred. If they are not compatible, the intra-area route in a non-backbone area is preferred to reduce the burden of the backbone area.
To avoid routing loops, HP recommends enabling or disabling RFC 1583-compatibility on all routers in a routing domain.
To enable compatibility with RFC 1583:
Step Command
1. Enter system view. system-view
2. Enter OSPF view. ospf [ process-id | router-id router-id | vpn-instance vpn-instance-name ] *
3. Enable compatibility with RFC 1583. rfc1583 compatible
Remarks
N/A
N/A
By default, this feature is enabled.
Logging neighbor state changes
Perform this task to enable output of log information to the terminal upon neighbor state changes.
To enable the logging of neighbor state changes:
Step Command
1. Enter system view. system-view
2. Enter OSPF view. ospf [ process-id | router-id router-id | vpn-instance vpn-instance-name ] *
3. Enable the logging of neighbor state changes. log-peer-change
Remarks
N/A
N/A
By default, this feature is enabled.
Configuring OSPF network management
OSPF network management allows you to save system resources by enabling trap generation to report important events and configuring the maximum number of output traps for a specific time period.
To configure OSPF network management:
73
Step Command
1. Enter system view.
2. Bind OSPF MIB to an
OSPF process. ospf mib-binding process-id
3. Enable OSPF trap generation. system-view
Remarks
N/A
By defaut, OSPF MIB is bound to the process with the smallest process ID. snmp-agent trap enable ospf
[ authentication-failure | bad-packet | config-error | grhelper-status-change | grrestarter-status-change | if-state-change
| lsa-maxage | lsa-originate | lsdb-approaching-overflow | lsdb-overflow | neighbor-state-change | nssatranslator-status-change | retransmit | virt-authentication-failure | virt-bad-packet
| virt-config-error | virt-retransmit | virtgrhelper-status-change | virtif-state-change | virtneighbor-state-change ] *
By default, OSPF trap sending is enabled.
4. Configure the number of output traps in a specific time. snmp trap rate-limit interval trap-interval count trap-number
By default, OSPF outputs seven traps in 10 seconds.
Configuring the LSU transmit rate
Sending large numbers of LSU packets affects router performance and consumes too much network bandwidth. You can configure the router to send LSU packets at a proper interval and limit the maximum number of LSU packets sent out of an OSPF interface each time.
To configure the LSU transmit rate:
Step Command
1. Enter system view. system-view
2. Enter OSPF view. ospf [ process-id | router-id router-id | vpn-instance vpn-instance-name ] *
Remarks
N/A
N/A
3. Configure the LSU transmit rate. transmit-pacing interval interval count count
By default, an OSPF interface sends up to three LSU packets every 20 milliseconds.
Enabling OSPF ISPF
When the topology changes, Incremental Shortest Path First (ISPF) computes only the affected part of the
SPT, instead of the entire SPT.
To enable OSPF ISPF:
Step Command
1. Enter system view. system-view
Remarks
N/A
74
Step Command
2. Enter OSPF view. ospf [ process-id | router-id router-id | vpn-instance vpn-instance-name ] *
3. Enable OSPF ISPF. ispf enable
Remarks
N/A
By default, OSPF ISPF is enabled.
Configuring OSPF Graceful Restart
GR ensures the continuity of packet forwarding when a routing protocol restarts or an active/standby switchover occurs.
•
GR Restarter—Graceful restarting router. It must have GR capability.
•
GR Helper—A neighbor of the GR Restarter. It helps the GR Restarter to complete the GR process.
OSPF GR has the following types:
•
IETF GR—Uses Opaque LSAs to implement GR.
•
Non-IETF GR—Uses link local signaling (LLS) to advertise GR capability and uses out of band synchronization to synchronize the LSDB.
A device can act as a GR Restarter and GR Helper at the same time.
Configuring the OSPF GR Restarter
You can configure the IETF or non IETF OSPF GR Restarter.
Configuring the IETF OSPF GR Restarter
Step Command
1. Enter system view. system-view
2. Enable OSPF and enter its view. ospf [ process-id | router-id
router-id | vpn-instance
vpn-instance-name ] *
3. Enable opaque LSA reception and advertisement capability. opaque-capability enable
Remarks
N/A
N/A
By default, opaque LSA reception and advertisement capability is enabled.
By default, the IETF GR capability is disabled.
4. Enable the IETF GR. graceful-restart ietf [ global | planned-only ] *
5. (Optional.) Configure GR interval. graceful-restart interval
interval-value
Configuring the non-IETF OSPF GR Restarter
Step Command
1. Enter system view. system-view
2. Enable OSPF and enter its view. ospf [ process-id | router-id
router-id | vpn-instance
vpn-instance-name ] *
The default setting is 120 seconds.
Remarks
N/A
N/A
75
Step Command
3. Enable the link-local signaling capability. enable link-local-signaling
4. Enable the out-of-band re-synchronization capability. enable out-of-band-resynchronization
5. Enable non-IETF GR.
6. (Optional.) Configure GR interval. graceful-restart [ nonstandard ]
[ global | planned-only ] * graceful-restart interval
interval-value
Configuring OSPF GR Helper
You can configure the IETF or non IETF OSPF GR Helper.
Configuring the IETF OSPF GR Helper
Step Command
1. Enter system view. system-view
2. Enable OSPF and enter its view. ospf [ process-id | router-id
router-id | vpn-instance
vpn-instance-name ] *
3. Enable opaque LSA reception and advertisement capability. opaque-capability enable
4. (Optional.) Enable GR Helper capability.
5. (Optional.) Enable strict LSA checking for the GR Helper.
Configuring the non-IETF OSPF GR Helper graceful-restart helper enable
[ planned-only ] graceful-restart helper strict-lsa-checking
Step Command
1. Enter system view. system-view
2. Enable OSPF and enter its view. ospf [ process-id | router-id
router-id | vpn-instance
vpn-instance-name ] *
3. Enable the link-local signaling capability. enable link-local-signaling
4. Enable the out-of-band re-synchronization capability. enable out-of-band-resynchronization
5. (Optional.) Enable GR
Helper. graceful-restart helper enable
Remarks
By default, the link-local signaling capability is disabled.
By default, the out-of-band re-synchronization capability is disabled.
By default, non-IETF GR capability is disabled.
The default setting is120.
Remarks
N/A
N/A
By default, opaque LSA reception and advertisement capability is enabled.
By default, GR Helper capability is enabled.
By default, strict LSA checking for the GR Helper is disabled.
Remarks
N/A
N/A
By default, the link-local signaling capability is disabled.
By default, the out-of-band re-synchronization capability is disabled.
By default, GR Helper is enabled.
76
Step Command
6. (Optional.) Enable strict LSA checking for the GR Helper. graceful-restart helper strict-lsa-checking
Remarks
By default, strict LSA checking for the GR Helper is disabled.
Triggering OSPF Graceful Restart
To trigger OSPF Graceful Restart, perform the following command in user view:
Task Command
Trigger OSPF Graceful Restart. reset ospf [ process-id ] process graceful-restart
Configuring BFD for OSPF
BFD provides a single mechanism to quickly detect and monitor the connectivity of links between OSPF neighbors, which improves the network convergence speed. For more information about BFD, see High
Availability Configuration Guide.
OSPF supports the following BFD detection modes:
•
Bidirectional control detection—Requires BFD configuration to be made on both OSPF routers on the link.
•
Single-hop echo detection—Requires BFD configuration to be made on one OSPF router on the link.
Configuring bidirectional control detection
Step Command
1. Enter system view. system-view
2. Enter interface view. interface interface-type
interface-number
Remarks
N/A
N/A
3. Enable BFD bidirectional control detection. ospf bfd enable
By default, BFD bidirectional control detection is disabled.
Both ends of a BFD session must be on the same network segment and in the same area.
Configuring single-hop echo detection
Step Command
1. Enter system view. system-view
2. Configure the source address of echo packets. bfd echo-source-ip ip-address
Remarks
N/A
By default, the source address of echo packets is not configured.
3. Enter interface view. interface interface-type
interface-number
N/A
77
Step Command
4. Enable BFD single-hop echo detection. ospf bfd enable echo
Remarks
By default, BFD single-hop echo detection is disabled.
Configuring OSPF FRR
A link or router failure on a path can cause packet loss and even routing loop until OSPF completes routing convergence based on the new network topology. FRR enables fast rerouting to minimize the impact of link or node failures.
Figure 19 Network diagram for OSPF FRR
primary link fails, OSPF directs packets to the backup next hop. At the same time, OSPF calculates the shortest path based on the new network topology, and forwards packets over the path after network convergence.
You can configure OSPF FRR to calculate a backup next hop by using the loop free alternate (LFA) algorithm, or specify a backup next hop by using a routing policy.
Configuration prerequisites
Before you configure OSPF FRR, complete the following tasks:
•
Configure IP addresses for interfaces to ensure IP connectivity between neighboring nodes.
•
Enable OSPF.
Configuration guidelines
•
Do not use FRR and BFD at the same time. Otherwise, FRR might fail to take effect.
•
Do not use the fast-reroute lfa command together with the command vlink-peer.
Configuring OSPF FRR to calculate a backup next hop using the
LFA algorithm
Step Command
1. Enter system view. system-view
2. Configure the source address of echo packets. bfd echo-source-ip ip-address
Remarks
N/A
By default, the source address of echo packets is not configured.
78
Step Command
3. Enter interface view. interface interface-type
interface-number
4. Enable LFA calculation on an interface. ospf fast-reroute lfa-backup
Remarks
N/A
By default, the interface on which LFA calculation is enabled can be selected as a backup interface.
N/A
5.
6.
Return to system view.
Enter OSPF view. quit ospf [ process-id | router-id
router-id | vpn-instance
vpn-instance-name ] *
7. Enable OSPF FRR to calculate a backup next hop by using the LFA algorithm. fast-reroute lfa [ abr-only ]
N/A
By default, OSPF FRR is not configured.
If abr-only is specified, the route to the
ABR is selected as the backup path.
Configuring OSPF FRR to specify a backup next hop using a routing policy
Before you configure this task, use the apply fast-reroute backup-interface command to specify a backup next hop in the routing policy to be referenced. For more information about the apply fast-reroute backup-interface command and routing policy configuration, see "Configuring routing policies."
To configure OSPF FRR to specify a backup next hop using a routing policy:
Step Command
1. Enter system view. system-view
2. Configure the source address of echo packets. bfd echo-source-ip ip-address
3. Enter OSPF view. ospf [ process-id | router-id
router-id | vpn-instance
vpn-instance-name ] *
4. Enable OSPF FRR to specify a backup next hop by using a routing policy. fast-reroute route-policy
route-policy-name
Remarks
N/A
By default, the source address of echo packets is not configured.
N/A
By default, OSPF FRR is not configured.
Displaying and maintaining OSPF
Execute display commands in any view and reset commands in user view.
Task Command
Display OSPF brief information. display ospf [ process-id ] brief
Display OSPF statistics. display ospf [ process-id ] cumulative
Display GR status of the specified
OSPF process. display ospf [ process-id ] graceful-restart [ verbose ]
79
Task Command
Display Link State Database information. display ospf [ process-id ] lsdb [ brief | [ { ase | router | network | summary | asbr | nssa | opaque-link | opaque-area | opaque-as }
[ link-state-id ] ] [ originate-router advertising-router-id | self-originate ] ]
Display OSPF neighbor information. display ospf [ process-id ] peer [ verbose ] [ interface-type
interface-number ] [ neighbor-id ]
Display neighbor statistics of OSPF areas. display ospf [ process-id ] peer statistics
Display routing table information.
Display virtual link information.
Display OSPF request queue information.
Display OSPF retransmission queue information.
Display OSPF ABR and ASBR information.
Display OSPF interface information.
Display OSPF error information.
Display OSPF ASBR route summarization information.
Display the global route ID. display ospf [ process-id ] routing [ interface interface-type
interface-number ] [ nexthop nexthop-address ] [ verbose ] display ospf [ process-id ] vlink display ospf [ process-id ] request-queue [ interface-type
interface-number ] [ neighbor-id ] display ospf [ process-id ] retrans-queue [ interface-type
interface-number ] [ neighbor-id ] display ospf [ process-id ] abr-asbr display ospf [ process-id ] interface [ all | interface-type
interface-number ] display ospf [ process-id ] error display ospf [ process-id ] asbr-summary [ ip-address { mask |
mask-length } ] display router id
Reset an OSPF process.
Re-enable OSPF route redistribution. reset ospf [ process-id ] process [ graceful-restart ] reset ospf [ process-id ] redistribution
OSPF configuration examples
These configuration examples only cover commands for OSPF configuration.
Configuring basic OSPF
Network requirements
•
Enable OSPF on all switches, and split the AS into three areas.
•
Configure Switch A and Switch B as ABRs.
80
Figure 20 Network diagram
Switch A
Vlan-int100
10.1.1.1/24
Area 0
Vlan-int200
10.2.1.1/24
Vlan-int100
10.1.1.2/24
Switch B
Vlan-int200
10.3.1.1/24
Area 1
Vlan-int200
10.2.1.2/24
Switch C
Vlan-int300
10.4.1.1/24
Area 2
Vlan-int200
10.3.1.2/24
Vlan-int300
10.5.1.1/24
Switch D
Configuration procedure
1.
2.
Configure IP addresses for interfaces. (Details not shown.)
Enable OSPF:
# Configure Switch A.
<SwitchA> system-view
[SwitchA] router id 10.2.1.1
[SwitchA] ospf
[SwitchA-ospf-1] area 0
[SwitchA-ospf-1-area-0.0.0.0] network 10.1.1.0 0.0.0.255
[SwitchA-ospf-1-area-0.0.0.0] quit
[SwitchA-ospf-1] area 1
[SwitchA-ospf-1-area-0.0.0.1] network 10.2.1.0 0.0.0.255
[SwitchA-ospf-1-area-0.0.0.1] quit
[SwitchA-ospf-1] quit
# Configure Switch B.
<SwitchB> system-view
[SwitchB] router id 10.3.1.1
[SwitchB] ospf
[SwitchB-ospf-1] area 0
[SwitchB-ospf-1-area-0.0.0.0] network 10.1.1.0 0.0.0.255
[SwitchB-ospf-1-area-0.0.0.0] quit
[SwitchB-ospf-1] area 2
[SwitchB-ospf-1-area-0.0.0.2] network 10.3.1.0 0.0.0.255
[SwitchB-ospf-1-area-0.0.0.2] quit
[SwitchB-ospf-1] quit
# Configure Switch C.
<SwitchC> system-view
[SwitchC] router id 10.4.1.1
[SwitchC] ospf
[SwitchC-ospf-1] area 1
[SwitchC-ospf-1-area-0.0.0.1] network 10.2.1.0 0.0.0.255
[SwitchC-ospf-1-area-0.0.0.1] network 10.4.1.0 0.0.0.255
[SwitchC-ospf-1-area-0.0.0.1] quit
[SwitchC-ospf-1] quit
81
# Configure Switch D.
<SwitchD> system-view
[SwitchD] router id 10.5.1.1
[SwitchD] ospf
[SwitchD-ospf-1] area 2
[SwitchD-ospf-1-area-0.0.0.2] network 10.3.1.0 0.0.0.255
[SwitchD-ospf-1-area-0.0.0.2] network 10.5.1.0 0.0.0.255
[SwitchD-ospf-1-area-0.0.0.2] quit
[SwitchD-ospf-1] quit
Verifying the configuration
# Display information about neighbors on Switch A.
[SwitchA] display ospf peer verbose
OSPF Process 1 with Router ID 10.2.1.1
Neighbors
Area 0.0.0.0 interface 10.1.1.1(Vlan-interface100)'s neighbors
Router ID: 10.3.1.1 Address: 10.1.1.2 GR State: Normal
State: Full Mode: Nbr is Master Priority: 1
DR: 10.1.1.1 BDR: 10.1.1.2 MTU: 0
Options is 0x02 (-|-|-|-|-|-|E|-)
Dead timer due in 37 sec
Neighbor is up for 06:03:59
Authentication Sequence: [ 0 ]
Neighbor state change count: 5
Neighbors
Area 0.0.0.1 interface 10.2.1.1(Vlan-interface200)'s neighbors
Router ID: 10.4.1.1 Address: 10.2.1.2 GR State: Normal
State: Full Mode: Nbr is Master Priority: 1
DR: 10.2.1.1 BDR: 10.2.1.2 MTU: 0
Options is 0x02 (-|-|-|-|-|-|E|-)
Dead timer due in 32 sec
Neighbor is up for 06:03:12
Authentication Sequence: [ 0 ]
Neighbor state change count: 5
# Display OSPF routing information on Switch A.
[SwitchA] display ospf routing
OSPF Process 1 with Router ID 10.2.1.1
Routing Tables
Routing for Network
Destination Cost Type NextHop AdvRouter Area
10.2.1.0/24 1 Transit 10.2.1.1 10.2.1.1 0.0.0.1
10.3.1.0/24 2 Inter 10.1.1.2 10.3.1.1 0.0.0.0
82
10.4.1.0/24 2 Stub 10.2.1.2 10.4.1.1 0.0.0.1
10.5.1.0/24 3 Inter 10.1.1.2 10.3.1.1 0.0.0.0
10.1.1.0/24 1 Transit 10.1.1.1 10.2.1.1 0.0.0.0
Total Nets: 5
Intra Area: 3 Inter Area: 2 ASE: 0 NSSA: 0
# Display OSPF routing information on Switch D.
[SwitchD] display ospf routing
OSPF Process 1 with Router ID 10.5.1.1
Routing Tables
Routing for Network
Destination Cost Type NextHop AdvRouter Area
10.2.1.0/24 3 Inter 10.3.1.1 10.3.1.1 0.0.0.2
10.3.1.0/24 1 Transit 10.3.1.2 10.3.1.1 0.0.0.2
10.4.1.0/24 4 Inter 10.3.1.1 10.3.1.1 0.0.0.2
10.5.1.0/24 1 Stub 10.5.1.1 10.5.1.1 0.0.0.2
10.1.1.0/24 2 Inter 10.3.1.1 10.3.1.1 0.0.0.2
Total Nets: 5
Intra Area: 2 Inter Area: 3 ASE: 0 NSSA: 0
# On Switch D, ping the IP address 10.4.1.1 to test reachability.
[SwitchD] ping 10.4.1.1
PING 10.4.1.1: 56 data bytes, press CTRL_C to break
Reply from 10.4.1.1: bytes=56 Sequence=2 ttl=253 time=2 ms
Reply from 10.4.1.1: bytes=56 Sequence=2 ttl=253 time=1 ms
Reply from 10.4.1.1: bytes=56 Sequence=3 ttl=253 time=1 ms
Reply from 10.4.1.1: bytes=56 Sequence=4 ttl=253 time=1 ms
Reply from 10.4.1.1: bytes=56 Sequence=5 ttl=253 time=1 ms
--- 10.4.1.1 ping statistics ---
5 packet(s) transmitted
5 packet(s) received
0.00% packet loss
round-trip min/avg/max = 1/1/2 ms
Configuring OSPF route redistribution
Network requirements
•
Enable OSPF on all the switches
•
Split the AS into three areas
• Configure Switch A and Router B as ABRs
•
Configure Switch C as an ASBR to redistribute external routes (static routes).
83
Figure 21 Network diagram
Configuration procedure
1.
2.
3.
Configure IP addresses for interfaces. (Details not shown.)
Enable OSPF (see "
").
Configure OSPF to redistribute routes:
# On Switch C, configure a static route destined for network 3.1.2.0/24.
<SwitchC> system-view
[SwitchC] ip route-static 3.1.2.1 24 10.4.1.2
# On Switch C, configure OSPF to redistribute static routes.
[SwitchC] ospf 1
[SwitchC-ospf-1] import-route static
Verifying the configuration
# Display the ABR/ASBR information of Switch D.
<SwitchD> display ospf abr-asbr
OSPF Process 1 with Router ID 10.5.1.1
Routing Table to ABR and ASBR
Type Destination Area Cost Nexthop RtType
Intra 10.3.1.1 0.0.0.2 10 10.3.1.1 ABR
Inter 10.4.1.1 0.0.0.2 22 10.3.1.1 ASBR
# Display the OSPF routing table on Switch D.
<SwitchD> display ospf routing
OSPF Process 1 with Router ID 10.5.1.1
Routing Tables
Routing for Network
Destination Cost Type NextHop AdvRouter Area
10.2.1.0/24 22 Inter 10.3.1.1 10.3.1.1 0.0.0.2
10.3.1.0/24 10 Transit 10.3.1.2 10.3.1.1 0.0.0.2
10.4.1.0/24 25 Inter 10.3.1.1 10.3.1.1 0.0.0.2
10.5.1.0/24 10 Stub 10.5.1.1 10.5.1.1 0.0.0.2
10.1.1.0/24 12 Inter 10.3.1.1 10.3.1.1 0.0.0.2
84
Routing for ASEs
Destination Cost Type Tag NextHop AdvRouter
3.1.2.0/24 1 Type2 1 10.3.1.1 10.4.1.1
Total Nets: 6
Intra Area: 2 Inter Area: 3 ASE: 1 NSSA: 0
Configuring OSPF to advertise a summary route
Network requirements
• Configure OSPF on Switch A and Switch B in AS 200.
• Configure OSPF on Switch C, Switch D, and Switch E in AS 100.
•
Configure an eBGP connection between Switch B and Switch C. Configure Switch B and Switch C to redistribute OSPF routes and direct routes into BGP and BGP routes into OSPF.
• Configure Switch B to advertise only summary route 10.0.0.0/8 to Switch A.
Figure 22 Network diagram
Vlan-int500
10.3.1.1/24
Switch D
Vlan-int400
10.1.1.1/24
Vlan-int300
10.2.1.2/24
Switch E
Vlan-int600
10.4.1.1/24
Vlan-int400
10.1.1.2/24
Vlan-int300
10.2.1.1/24
Switch C
AS 100
Vlan-int200
11.1.1.2/24
EBGP
Vlan-int200
11.1.1.1/24
Switch B
Vlan-int100
11.2.1.1/24
Vlan-int100
11.2.1.2/24
AS 200
Switch A
Configuration procedure
1.
2.
Configure IP addresses for interfaces. (Details not shown.)
Enable OSPF:
# Configure Switch A.
<SwitchA> system-view
[SwitchA] router id 11.2.1.2
[SwitchA] ospf
[SwitchA-ospf-1] area 0
[SwitchA-ospf-1-area-0.0.0.0] network 11.2.1.0 0.0.0.255
[SwitchA-ospf-1-area-0.0.0.0] quit
[SwitchA-ospf-1] quit
85
3.
# Configure Switch B.
<SwitchB> system-view
[SwitchB] router id 11.2.1.1
[SwitchB] ospf
[SwitchB-ospf-1] area 0
[SwitchB-ospf-1-area-0.0.0.0] network 11.2.1.0 0.0.0.255
[SwitchB-ospf-1-area-0.0.0.0] quit
[SwitchB-ospf-1] quit
# Configure Switch C.
<SwitchC> system-view
[SwitchC] router id 11.1.1.2
[SwitchC] ospf
[SwitchC-ospf-1] area 0
[SwitchC-ospf-1-area-0.0.0.0] network 10.1.1.0 0.0.0.255
[SwitchC-ospf-1-area-0.0.0.0] network 10.2.1.0 0.0.0.255
[SwitchC-ospf-1-area-0.0.0.0] quit
[SwitchC-ospf-1] quit
# Configure Switch D.
<SwitchD> system-view
[SwitchD] router id 10.3.1.1
[SwitchD] ospf
[SwitchD-ospf-1] area 0
[SwitchD-ospf-1-area-0.0.0.0] network 10.1.1.0 0.0.0.255
[SwitchD-ospf-1-area-0.0.0.0] network 10.3.1.0 0.0.0.255
[SwitchD-ospf-1-area-0.0.0.0] quit
# Configure Switch E.
<SwitchE> system-view
[SwitchE] router id 10.4.1.1
[SwitchE] ospf
[SwitchE-ospf-1] area 0
[SwitchE-ospf-1-area-0.0.0.0] network 10.2.1.0 0.0.0.255
[SwitchE-ospf-1-area-0.0.0.0] network 10.4.1.0 0.0.0.255
[SwitchE-ospf-1-area-0.0.0.0] quit
[SwitchE-ospf-1] quit
Configure BGP to redistribute OSPF routes and direct routes:
# Configure Switch B.
[SwitchB] bgp 200
[SwitchB-bgp] peer 11.1.1.2 as 100
[SwitchB-bgp] ipv4-family unicast
[SwitchB-bgp-ipv4] import-route ospf
[SwitchB-bgp-ipv4] import-route direct
[SwitchB-bgp ipv4] quit
[SwitchB-bgp] quit
# Configure Switch C.
[SwitchC] bgp 100
[SwitchC-bgp] peer 11.1.1.1 as 200
[SwitchC-bgp] ipv4-family unicast
86
4.
5.
[SwitchC-bgp-ipv4] import-route ospf
[SwitchC-bgp-ipv4]import-route direct
[SwitchC-bgp-ipv4] quit
[SwitchC-bgp] quit
Configure Switch B and Switch C to redistribute BGP routes into OSPF:
# Configure OSPF to redistribute routes from BGP on Switch B.
[SwitchB] ospf
[SwitchB-ospf-1] import-route bgp
# Configure OSPF to redistribute routes from BGP on Switch C.
[SwitchC] ospf
[SwitchC-ospf-1] import-route bgp
# Display the OSPF routing table on Switch A.
[SwitchA] display ip routing-table
Destinations : 16 Routes : 16
Destination/Mask Proto Pre Cost NextHop Interface
0.0.0.0/32 Direct 0 0 127.0.0.1 InLoop0
10.1.1.0/24 OSPF 150 1 11.2.1.1 Vlan100
10.2.1.0/24 OSPF 150 1 11.2.1.1 Vlan100
10.3.1.0/24 OSPF 150 1 11.2.1.1 Vlan100
10.4.1.0/24 OSPF 150 1 11.2.1.1 Vlan100
11.2.1.0/24 Direct 0 0 11.2.1.2 Vlan100
11.2.1.0/32 Direct 0 0 11.2.1.2 Vlan100
11.2.1.2/32 Direct 0 0 127.0.0.1 InLoop0
11.2.1.255/32 Direct 0 0 11.2.1.2 Vlan100
127.0.0.0/8 Direct 0 0 127.0.0.1 InLoop0
127.0.0.0/32 Direct 0 0 127.0.0.1 InLoop0
127.0.0.1/32 Direct 0 0 127.0.0.1 InLoop0
127.255.255.255/32 Direct 0 0 127.0.0.1 InLoop0
224.0.0.0/4 Direct 0 0 0.0.0.0 NULL0
224.0.0.0/24 Direct 0 0 0.0.0.0 NULL0
255.255.255.255/32 Direct 0 0 127.0.0.1 InLoop0
Configure route summarization:
# Configure route summarization on Switch B to advertise a summary route 10.0.0.0/8.
[SwitchB-ospf-1] asbr-summary 10.0.0.0 8
# Display the IP routing table on Switch A.
[SwitchA] display ip routing-table
Destinations : 13 Routes : 13
Destination/Mask Proto Pre Cost NextHop Interface
0.0.0.0/32 Direct 0 0 127.0.0.1 InLoop0
10.0.0.0/8 OSPF 150 2 11.2.1.1 Vlan100
11.2.1.0/24 Direct 0 0 11.2.1.2 Vlan100
11.2.1.0/32 Direct 0 0 11.2.1.2 Vlan100
87
11.2.1.2/32 Direct 0 0 127.0.0.1 InLoop0
11.2.1.255/32 Direct 0 0 11.2.1.2 Vlan100
127.0.0.0/8 Direct 0 0 127.0.0.1 InLoop0
127.0.0.0/32 Direct 0 0 127.0.0.1 InLoop0
127.0.0.1/32 Direct 0 0 127.0.0.1 InLoop0
127.255.255.255/32 Direct 0 0 127.0.0.1 InLoop0
224.0.0.0/4 Direct 0 0 0.0.0.0 NULL0
224.0.0.0/24 Direct 0 0 0.0.0.0 NULL0
255.255.255.255/32 Direct 0 0 127.0.0.1 InLoop0
The output shows that routes 10.1.1.0/24, 10.2.1.0/24, 10.3.1.0/24 and 10.4.1.0/24 are summarized into a single route 10.0.0.0/8.
Configuring an OSPF stub area
Network requirements
•
Enable OSPF on all switches, and split the AS into three areas.
•
Configure Switch A and Switch B as ABRs to forward routing information between areas.
• Configure Switch D as the ASBR to redistribute static routes.
• Configure Area 1 as a stub area to reduce advertised LSAs without influencing reachability.
Figure 23 Network diagram
Switch A
Vlan-int100
Area 0
10.1.1.1/24
Vlan-int200
10.2.1.1/24
Vlan-int100
10.1.1.2/24
Switch B
Vlan-int200
10.3.1.1/24
Area 1
Stub
Vlan-int200
10.2.1.2/24
Switch C
Vlan-int300
10.4.1.1/24
Area 2
Vlan-int200
10.3.1.2/24
Vlan-int300
10.5.1.1/24
Switch D
ASBR
Configuration procedure
1.
2.
3.
Configure IP addresses for interfaces. (Details not shown.)
Enable OSPF (see "
").
Configure route redistribution:
# Configure Switch D to redistribute static routes.
<SwitchD> system-view
[SwitchD] ip route-static 3.1.2.1 24 10.5.1.2
[SwitchD] ospf
[SwitchD-ospf-1] import-route static
[SwitchD-ospf-1] quit
# Display ABR/ASBR information on Switch C.
<SwitchC> display ospf abr-asbr
OSPF Process 1 with Router ID 10.4.1.1
88
4.
Routing Table to ABR and ASBR
Type Destination Area Cost Nexthop RtType
Intra 10.2.1.1 0.0.0.1 3 10.2.1.1 ABR
Inter 10.5.1.1 0.0.0.1 7 10.2.1.1 ASBR
# Display OSPF routing table on Switch C.
<SwitchC> display ospf routing
OSPF Process 1 with Router ID 10.4.1.1
Routing Tables
Routing for Network
Destination Cost Type NextHop AdvRouter Area
10.2.1.0/24 3 Transit 10.2.1.2 10.2.1.1 0.0.0.1
10.3.1.0/24 7 Inter 10.2.1.1 10.2.1.1 0.0.0.1
10.4.1.0/24 3 Stub 10.4.1.1 10.4.1.1 0.0.0.1
10.5.1.0/24 17 Inter 10.2.1.1 10.2.1.1 0.0.0.1
10.1.1.0/24 5 Inter 10.2.1.1 10.2.1.1 0.0.0.1
Routing for ASEs
Destination Cost Type Tag NextHop AdvRouter
3.1.2.0/24 1 Type2 1 10.2.1.1 10.5.1.1
Total Nets: 6
Intra Area: 2 Inter Area: 3 ASE: 1 NSSA: 0
Because Switch C resides in a normal OSPF area, its routing table contains an AS external route.
Configure Area 1 as a stub area:
# Configure Switch A.
<SwitchA> system-view
[SwitchA] ospf
[SwitchA-ospf-1] area 1
[SwitchA-ospf-1-area-0.0.0.1] stub
[SwitchA-ospf-1-area-0.0.0.1] quit
[SwitchA-ospf-1] quit
# Configure Switch C.
<SwitchC> system-view
[SwitchC] ospf
[SwitchC-ospf-1] area 1
[SwitchC-ospf-1-area-0.0.0.1] stub
[SwitchC-ospf-1-area-0.0.0.1] quit
[SwitchC-ospf-1] quit
# Display OSPF routing information on Switch C
[SwitchC] display ospf routing
OSPF Process 1 with Router ID 10.4.1.1
Routing Tables
89
Routing for Network
Destination Cost Type NextHop AdvRouter Area
0.0.0.0/0 4 Inter 10.2.1.1 10.2.1.1 0.0.0.1
10.2.1.0/24 3 Transit 10.2.1.2 10.2.1.1 0.0.0.1
10.3.1.0/24 7 Inter 10.2.1.1 10.2.1.1 0.0.0.1
10.4.1.0/24 3 Stub 10.4.1.1 10.4.1.1 0.0.0.1
10.5.1.0/24 17 Inter 10.2.1.1 10.2.1.1 0.0.0.1
10.1.1.0/24 5 Inter 10.2.1.1 10.2.1.1 0.0.0.1
Total Nets: 6
Intra Area: 2 Inter Area: 4 ASE: 0 NSSA: 0
After the area where Switch C resides is configured as a stub area, a default route takes the place of the AS external route.
# Configure the area as a totally stub area by filtering Type-3 LSAs out of the stub area.
[SwitchA] ospf
[SwitchA-ospf-1] area 1
[SwitchA-ospf-1-area-0.0.0.1] stub no-summary
[SwitchA-ospf-1-area-0.0.0.1] quit
# Display OSPF routing information on Switch C.
[SwitchC] display ospf routing
OSPF Process 1 with Router ID 10.4.1.1
Routing Tables
Routing for Network
Destination Cost Type NextHop AdvRouter Area
0.0.0.0/0 4 Inter 10.2.1.1 10.2.1.1 0.0.0.1
10.2.1.0/24 3 Transit 10.2.1.2 10.4.1.1 0.0.0.1
10.4.1.0/24 3 Stub 10.4.1.1 10.4.1.1 0.0.0.1
Total Nets: 3
Intra Area: 2 Inter Area: 1 ASE: 0 NSSA: 0
After this configuration, inter-area routes are removed, and only one external route (a default route) exists.
Configuring an OSPF NSSA area
Network requirements
•
Configure OSPF on all switches and split AS into three areas.
•
Configure Switch A and Switch B as ABRs to forward routing information between areas.
• Configure Area 1 as an NSSA area and configure Switch C as an ASBR to redistribute static routes into the AS.
90
Figure 24 Network diagram
Configuration procedure
1.
2.
3.
Configure IP addresses for interfaces.
Enable OSPF (see "
").
Configure Area 1 as an NSSA area:
# Configure Switch A.
<SwitchA> system-view
[SwitchA] ospf
[SwitchA-ospf-1] area 1
[SwitchA-ospf-1-area-0.0.0.1] nssa default-route-advertise no-summary
[SwitchA-ospf-1-area-0.0.0.1] quit
[SwitchA-ospf-1] quit
# Configure Switch C.
<SwitchC> system-view
[SwitchC] ospf
[SwitchC-ospf-1] area 1
[SwitchC-ospf-1-area-0.0.0.1] nssa
[SwitchC-ospf-1-area-0.0.0.1] quit
[SwitchC-ospf-1] quit
NOTE:
•
To allow Switch C in the NSSA area to reach other areas within the AS, you must provide the keyword default-route-advertise for the nssa command issued on Switch A (the ABR) so that Switch C can obtain a default route.
•
Configuring the nssa command with the keyword no-summary on Switch A can reduce the routing table size on NSSA Switches. On other NSSA Switches, you only need to configure the nssa command.
# Display OSPF routing information on Switch C.
[SwitchC] display ospf routing
OSPF Process 1 with Router ID 10.4.1.1
Routing Tables
Routing for Network
Destination Cost Type NextHop AdvRouter Area
91
4.
0.0.0.0/0 65536 Inter 10.2.1.1 10.2.1.1 0.0.0.1
10.2.1.0/24 65535 Transit 10.2.1.2 10.4.1.1 0.0.0.1
10.4.1.0/24 3 Stub 10.4.1.1 10.4.1.1 0.0.0.1
Total Nets: 3
Intra Area: 2 Inter Area: 1 ASE: 0 NSSA: 0
Configure route redistribution:
# Configure Switch C to redistribute static routes.
[SwitchC] ip route-static 3.1.3.1 24 10.4.1.2
[SwitchC] ospf
[SwitchC-ospf-1] import-route static
[SwitchC-ospf-1] quit
# Display OSPF routing information on Switch D.
<SwitchD> display ospf routing
OSPF Process 1 with Router ID 10.5.1.1
Routing Tables
Routing for Network
Destination Cost Type NextHop AdvRouter Area
10.2.1.0/24 22 Inter 10.3.1.1 10.3.1.1 0.0.0.2
10.3.1.0/24 10 Transit 10.3.1.2 10.3.1.1 0.0.0.2
10.4.1.0/24 25 Inter 10.3.1.1 10.3.1.1 0.0.0.2
10.5.1.0/24 10 Stub 10.5.1.1 10.5.1.1 0.0.0.2
10.1.1.0/24 12 Inter 10.3.1.1 10.3.1.1 0.0.0.2
Routing for ASEs
Destination Cost Type Tag NextHop AdvRouter
3.1.3.0/24 1 Type2 1 10.3.1.1 10.2.1.1
Total Nets: 6
Intra Area: 2 Inter Area: 3 ASE: 1 NSSA: 0
The output shows an external route imported from the NSSA area exists on Switch D.
Configuring OSPF DR election
Network requirements
• Enable OSPF on Switches A, B, C, and D on the same network.
•
Configure Switch A as the DR, and configure Switch C as the BDR.
92
Figure 25 Network diagram
Configuration procedure
1.
2.
Configure IP addresses for interfaces. (Details not shown.)
Enable OSPF:
# Configure Switch A.
<SwitchA> system-view
[SwitchA] router id 1.1.1.1
[SwitchA] ospf
[SwitchA-ospf-1] area 0
[SwitchA-ospf-1-area-0.0.0.0] network 192.168.1.0 0.0.0.255
[SwitchA-ospf-1-area-0.0.0.0] quit
[SwitchA-ospf-1] quit
# Configure Switch B.
<SwitchB> system-view
[SwitchB] router id 2.2.2.2
[SwitchB] ospf
[SwitchB-ospf-1] area 0
[SwitchB-ospf-1-area-0.0.0.0] network 192.168.1.0 0.0.0.255
[SwitchB-ospf-1-area-0.0.0.0] quit
[SwitchB-ospf-1] quit
# Configure Switch C.
<SwitchC> system-view
[SwitchC] router id 3.3.3.3
[SwitchC] ospf
[SwitchC-ospf-1] area 0
[SwitchC-ospf-1-area-0.0.0.0] network 192.168.1.0 0.0.0.255
[SwitchC-ospf-1-area-0.0.0.0] quit
[SwitchC-ospf-1] quit
# Configure Switch D.
<SwitchD> system-view
[SwitchD] router id 4.4.4.4
[SwitchD] ospf
[SwitchD-ospf-1] area 0
[SwitchD-ospf-1-area-0.0.0.0] network 192.168.1.0 0.0.0.255
[SwitchD-ospf-1-area-0.0.0.0] quit
93
3.
[SwitchD-ospf-1] return
# Display OSPF neighbor information of Switch A.
[SwitchA] display ospf peer verbose
OSPF Process 1 with Router ID 1.1.1.1
Neighbors
Area 0.0.0.0 interface 192.168.1.1(Vlan-interface1)'s neighbors
Router ID: 2.2.2.2 Address: 192.168.1.2 GR State: Normal
State: 2-Way Mode: None Priority: 1
DR: 192.168.1.4 BDR: 192.168.1.3 MTU: 0
Options is 0x02 (-|-|-|-|-|-|E|-)
Dead timer due in 38 sec
Neighbor is up for 00:01:31
Authentication Sequence: [ 0 ]
Router ID: 3.3.3.3 Address: 192.168.1.3 GR State: Normal
State: Full Mode: Nbr is Master Priority: 1
DR: 192.168.1.4 BDR: 192.168.1.3 MTU: 0
Options is 0x02 (-|-|-|-|-|-|E|-)
Dead timer due in 31 sec
Neighbor is up for 00:01:28
Authentication Sequence: [ 0 ]
Router ID: 4.4.4.4 Address: 192.168.1.4 GR State: Normal
State: Full Mode: Nbr is Master Priority: 1
DR: 192.168.1.4 BDR: 192.168.1.3 MTU: 0
Options is 0x02 (-|-|-|-|-|-|E|-)
Dead timer due in 31 sec
Neighbor is up for 00:01:28
Authentication Sequence: [ 0 ]
The output shows that Switch D is the DR and Switch C is the BDR.
Configure router priorities on interfaces:
# Configure Switch A.
[SwitchA] interface vlan-interface 1
[SwitchA-Vlan-interface1] ospf dr-priority 100
[SwitchA-Vlan-interface1] quit
# Configure Switch B.
[SwitchB] interface vlan-interface 1
[SwitchB-Vlan-interface1] ospf dr-priority 0
[SwitchB-Vlan-interface1] quit
# Configure Switch C.
[SwitchC] interface vlan-interface 1
[SwitchC-Vlan-interface1] ospf dr-priority 2
[SwitchC-Vlan-interface1] quit
# Display neighbor information of Switch D.
<SwitchD> display ospf peer verbose
94
4.
OSPF Process 1 with Router ID 4.4.4.4
Neighbors
Area 0.0.0.0 interface 192.168.1.4(Vlan-interface1)'s neighbors
Router ID: 1.1.1.1 Address: 192.168.1.1 GR State: Normal
State: Full Mode:Nbr is Slave Priority: 100
DR: 192.168.1.4 BDR: 192.168.1.3 MTU: 0
Options is 0x02 (-|-|-|-|-|-|E|-)
Dead timer due in 31 sec
Neighbor is up for 00:11:17
Authentication Sequence: [ 0 ]
Router ID: 2.2.2.2 Address: 192.168.1.2 GR State: Normal
State: Full Mode:Nbr is Slave Priority: 0
DR: 192.168.1.4 BDR: 192.168.1.3 MTU: 0
Options is 0x02 (-|-|-|-|-|-|E|-)
Dead timer due in 35 sec
Neighbor is up for 00:11:19
Authentication Sequence: [ 0 ]
Router ID: 3.3.3.3 Address: 192.168.1.3 GR State: Normal
State: Full Mode:Nbr is Slave Priority: 2
DR: 192.168.1.4 BDR: 192.168.1.3 MTU: 0
Options is 0x02 (-|-|-|-|-|-|E|-)
Dead timer due in 33 sec
Neighbor is up for 00:11:15
Authentication Sequence: [ 0 ]
The output shows that the DR and BDR are not changed, because the priority settings do not take effect immediately.
Restart OSPF process:
# Restart the OSPF process of Switch D.
<SwitchD> reset ospf 1 process
Warning : Reset OSPF process? [Y/N]:y
# Display neighbor information of Switch D.
<SwitchD> display ospf peer verbose
OSPF Process 1 with Router ID 4.4.4.4
Neighbors
Area 0.0.0.0 interface 192.168.1.4(Vlan-interface1)'s neighbors
Router ID: 1.1.1.1 Address: 192.168.1.1 GR State: Normal
State: Full Mode: Nbr is Slave Priority: 100
DR: 192.168.1.1 BDR: 192.168.1.3 MTU: 0
Options is 0x02 (-|-|-|-|-|-|E|-)
Dead timer due in 39 sec
Neighbor is up for 00:01:40
Authentication Sequence: [ 0 ]
95
Router ID: 2.2.2.2 Address: 192.168.1.2 GR State: Normal
State: 2-Way Mode: None Priority: 0
DR: 192.168.1.1 BDR: 192.168.1.3 MTU: 0
Options is 0x02 (-|-|-|-|-|-|E|-)
Dead timer due in 35 sec
Neighbor is up for 00:01:44
Authentication Sequence: [ 0 ]
Router ID: 3.3.3.3 Address: 192.168.1.3 GR State: Normal
State: Full Mode: Nbr is Slave Priority: 2
DR: 192.168.1.1 BDR: 192.168.1.3 MTU: 0
Options is 0x02 (-|-|-|-|-|-|E|-)
Dead timer due in 39 sec
Neighbor is up for 00:01:41
Authentication Sequence: [ 0 ]
If the neighbor state is full, Switch D has established an adjacency with the neighbor. If the neighbor state is 2-way, the two switches are not the DR or the BDR, and they do not exchange
LSAs.
# Display OSPF interface information.
[SwitchA] display ospf interface
OSPF Process 1 with Router ID 1.1.1.1
Interfaces
Area: 0.0.0.0
IP Address Type State Cost Pri DR BDR
192.168.1.1 Broadcast DR 1 100 192.168.1.1 192.168.1.3
[SwitchB] display ospf interface
OSPF Process 1 with Router ID 2.2.2.2
Interfaces
Area: 0.0.0.0
IP Address Type State Cost Pri DR BDR
192.168.1.2 Broadcast DROther 1 0 192.168.1.1 192.168.1.3
The interface state DROther means the interface is not the DR or BDR.
Configuring OSPF virtual links
Network requirements
Configure a virtual link between Switch B and Switch C to connect Area 2 to the backbone area. After configuration, Switch B can learn routes to Area 2.
96
Figure 26 Network diagram
Configuration procedure
1.
2.
Configure IP addresses for interfaces. (Details not shown.)
Enable OSPF:
# Configure Switch A.
<SwitchA> system-view
[SwitchA] ospf 1 router-id 1.1.1.1
[SwitchA-ospf-1] area 0
[SwitchA-ospf-1-area-0.0.0.0] network 10.1.1.0 0.0.0.255
[SwitchA-ospf-1-area-0.0.0.0] quit
# Configure Switch B.
<SwitchB> system-view
[SwitchB] ospf 1 router-id 2.2.2.2
[SwitchB-ospf-1] area 0
[SwitchB-ospf-1-area-0.0.0.0] network 10.1.1.0 0.0.0.255
[SwitchB-ospf-1-area-0.0.0.0] quit
[SwitchB-ospf-1] area 1
[SwitchB–ospf-1-area-0.0.0.1] network 10.2.1.0 0.0.0.255
[SwitchB–ospf-1-area-0.0.0.1] quit
[SwitchB-ospf-1] quit
# Configure Switch C.
<SwitchC> system-view
[SwitchC] ospf 1 router-id 3.3.3.3
[SwitchC-ospf-1] area 1
[SwitchC-ospf-1-area-0.0.0.1] network 10.2.1.0 0.0.0.255
[SwitchC-ospf-1-area-0.0.0.1] quit
[SwitchC-ospf-1] area 2
[SwitchC–ospf-1-area-0.0.0.2] network 10.3.1.0 0.0.0.255
[SwitchC–ospf-1-area-0.0.0.2] quit
[SwitchC-ospf-1] quit
# Configure Switch D.
<SwitchD> system-view
[SwitchD] ospf 1 router-id 4.4.4.4
[SwitchD-ospf-1] area 2
[SwitchD-ospf-1-area-0.0.0.2] network 10.3.1.0 0.0.0.255
[SwitchD-ospf-1-area-0.0.0.2] quit
# Display the OSPF routing table of Switch B.
97
3.
[SwitchB] display ospf routing
OSPF Process 1 with Router ID 2.2.2.2
Routing Tables
Routing for Network
Destination Cost Type NextHop AdvRouter Area
10.2.1.0/24 2 Transit 10.2.1.1 3.3.3.3 0.0.0.1
10.1.1.0/24 2 Transit 10.1.1.2 2.2.2.2 0.0.0.0
Total Nets: 2
Intra Area: 2 Inter Area: 0 ASE: 0 NSSA: 0
Area 0 has no direct connection to Area 2, so the routing table of Switch B has no route to Area
2.
Configure a virtual link:
# Configure Switch B.
[SwitchB] ospf
[SwitchB-ospf-1] area 1
[SwitchB-ospf-1-area-0.0.0.1] vlink-peer 3.3.3.3
[SwitchB-ospf-1-area-0.0.0.1] quit
[SwitchB-ospf-1] quit
# Configure Switch C.
[SwitchC] ospf 1
[SwitchC-ospf-1] area 1
[SwitchC-ospf-1-area-0.0.0.1] vlink-peer 2.2.2.2
[SwitchC-ospf-1-area-0.0.0.1] quit
# Display the OSPF routing table on Switch B.
[SwitchB] display ospf routing
OSPF Process 1 with Router ID 2.2.2.2
Routing Tables
Routing for Network
Destination Cost Type NextHop AdvRouter Area
10.2.1.0/24 2 Transit 10.2.1.1 3.3.3.3 0.0.0.1
10.3.1.0/24 5 Inter 10.2.1.2 3.3.3.3 0.0.0.0
10.1.1.0/24 2 Transit 10.1.1.2 2.2.2.2 0.0.0.0
Total Nets: 3
Intra Area: 2 Inter Area: 1 ASE: 0 NSSA: 0
The output shows that Switch B has learned the route 10.3.1.0/24 to Area 2.
Configuring OSPF Graceful Restart
Network requirements
•
As shown in Figure 27 , Switch A, Switch B, and Switch C that belong to the same AS and the same
OSPF routing domain are GR capable.
•
Switch A acts as the non-IETF GR Restarter; Switch B and Switch C are the GR Helpers and re-synchronize their LSDB with Switch A through OOB communication of GR.
98
Figure 27 Network diagram
Configuration procedure
1.
2.
Configure IP addresses for interfaces. (Details not shown.)
Enable OSPF:
# Configure Switch A
SwitchA> system-view
3.
[SwitchA] router id 1.1.1.1
[SwitchA] ospf 100
[SwitchA-ospf-100] area 0
[SwitchA-ospf-100-area-0.0.0.0] network 192.1.1.0 0.0.0.255
[SwitchA-ospf-100-area-0.0.0.0] quit
# Configure Switch B
<SwitchB> system-view
[SwitchB] router id 2.2.2.2
[SwitchB] ospf 100
[SwitchB-ospf-100] area 0
[SwitchB-ospf-100-area-0.0.0.0] network 192.1.1.0 0.0.0.255
[SwitchB-ospf-100-area-0.0.0.0] quit
# Configure Switch C
<SwitchC> system-view
[SwitchC] router id 3.3.3.3
[SwitchC] ospf 100
[SwitchC-ospf-100] area 0
[SwitchC-ospf-100-area-0.0.0.0] network 192.1.1.0 0.0.0.255
[SwitchC-ospf-100-area-0.0.0.0] quit
Configure OSPF GR:
# Configure Switch A as the non-IETF OSPF GR Restarter: enable the link-local signaling capability, the out-of-band re-synchronization capability, and non-IETF GRaceful Restart capability for OSPF process 100.
[SwitchA-ospf-100] enable link-local-signaling
[SwitchA-ospf-100] enable out-of-band-resynchronization
[SwitchA-ospf-100] graceful-restart
[SwitchA-ospf-100] return
# Configure Switch B as the GR Helper: enable the link-local signaling capability and the out-of-band re-synchronization capability for OSPF process 100.
99
[SwitchB-ospf-100] enable link-local-signaling
[SwitchB-ospf-100] enable out-of-band-resynchronization
# Configure Switch C as the GR Helper: enable the link-local signaling capability and the out-of-band re-synchronization capability for OSPF process 100.
[SwitchC-ospf-100] enable link-local-signaling
[SwitchC-ospf-100] enable out-of-band-resynchronization
Verifying the configuration
# After the configurations on Switch A, Switch B, and Switch C are complete and the switches are running steadily, enable OSPF Graceful Restart event debugging and then restart the OSPF process using GR on Switch A.
<SwitchA> debugging ospf event graceful-restart
<SwitchA> terminal monitor
<SwitchA> terminal logging level 7
<SwitchA> reset ospf 100 process graceful-restart
Reset OSPF process? [Y/N]:y
%Oct 21 15:29:28:727 2011 SwitchA OSPF/5/OSPF_NBR_CHG: -MDC=1; OSPF 100 Neighbor
192.1.1.2(Vlan-interface100) from Full to Down.
%Oct 21 15:29:28:729 2011 SwitchA OSPF/5/OSPF_NBR_CHG: -MDC=1; OSPF 100 Neighbor
192.1.1.3(Vlan-interface100) from Full to Down.
*Oct 21 15:29:28:735 2011 SwitchA OSPF/7/DEBUG: -MDC=1;
OSPF 100 nonstandard GR Started for OSPF Router
*Oct 21 15:29:28:735 2011 SwitchA OSPF/7/DEBUG: -MDC=1;
OSPF 100 created GR wait timer,timeout interval is 40(s).
*Oct 21 15:29:28:735 2011 SwitchA OSPF/7/DEBUG: -MDC=1;
OSPF 100 created GR Interval timer,timeout interval is 120(s).
*Oct 21 15:29:28:758 2011 SwitchA OSPF/7/DEBUG: -MDC=1;
OSPF 100 created OOB Progress timer for neighbor 192.1.1.3.
*Oct 21 15:29:28:766 2011 SwitchA OSPF/7/DEBUG: -MDC=1;
OSPF 100 created OOB Progress timer for neighbor 192.1.1.2.
%Oct 21 15:29:29:902 2011 SwitchA OSPF/5/OSPF_NBR_CHG: -MDC=1; OSPF 100 Neighbor
192.1.1.2(Vlan-interface100) from Loading to Full.
*Oct 21 15:29:29:902 2011 SwitchA OSPF/7/DEBUG: -MDC=1;
OSPF 100 deleted OOB Progress timer for neighbor 192.1.1.2.
%Oct 21 15:29:30:897 2011 SwitchA OSPF/5/OSPF_NBR_CHG: -MDC=1; OSPF 100 Neighbor
192.1.1.3(Vlan-interface100) from Loading to Full.
*Oct 21 15:29:30:897 2011 SwitchA OSPF/7/DEBUG: -MDC=1;
OSPF 100 deleted OOB Progress timer for neighbor 192.1.1.3.
*Oct 21 15:29:30:911 2011 SwitchA OSPF/7/DEBUG: -MDC=1;
OSPF GR: Process 100 Exit Restart,Reason : DR or BDR change,for neighbor : 192.1.1.3.
*Oct 21 15:29:30:911 2011 SwitchA OSPF/7/DEBUG: -MDC=1;
OSPF 100 deleted GR Interval timer.
*Oct 21 15:29:30:912 2011 SwitchA OSPF/7/DEBUG: -MDC=1;
OSPF 100 deleted GR wait timer.
%Oct 21 15:29:30:920 2011 SwitchA OSPF/5/OSPF_NBR_CHG: -MDC=1; OSPF 100 Neighbor
192.1.1.2(Vlan-interface100) from Full to Down.
%Oct 21 15:29:30:921 2011 SwitchA OSPF/5/OSPF_NBR_CHG: -MDC=1; OSPF 100 Neighbor
192.1.1.3(Vlan-interface100) from Full to Down.
%Oct 21 15:29:33:815 2011 SwitchA OSPF/5/OSPF_NBR_CHG: -MDC=1; OSPF 100 Neighbor
192.1.1.3(Vlan-interface100) from Loading to Full.
100
%Oct 21 15:29:35:578 2011 SwitchA OSPF/5/OSPF_NBR_CHG: -MDC=1; OSPF 100 Neighbor
192.1.1.2(Vlan-interface100) from Loading to Full.
The output shows that Switch A completes GR.
Configuring BFD for OSPF
Network requirements
As shown in
Figure 28 , run OSPF on Switch A, Switch B, and Switch C so that they are reachable to each
other at the network layer. When the link over which Switch A and Switch B communicate through a Layer
2 switch fails, BFD can quickly detect the failure and notify OSPF of the failure. Switch A and Switch B then communicate through Switch C.
Figure 28 Network diagram
Switch A
Switch C
Vlan-int10
Vlan-int11
Device
192.168.0.102/24 Switch B
10.1.1.100/24
Interface
Vlan-int10
IP address
192.168.0.100/24
Vlan-int13 13.1.1.1/24
Configuration procedure
1.
2.
Configure IP addresses for interfaces. (Details not shown.)
Enable OSPF:
# Configure Switch A.
<SwitchA> system-view
[SwitchA] ospf
[SwitchA-ospf-1] area 0
[SwitchA-ospf-1-area-0.0.0.0] network 192.168.0.0 0.0.0.255
[SwitchA-ospf-1-area-0.0.0.0] network 10.1.1.0 0.0.0.255
[SwitchA-ospf-1-area-0.0.0.0] network 121.1.1.0 0.0.0.255
[SwitchA-ospf-1-area-0.0.0.0] quit
[SwitchA-ospf-1] quit
[SwitchA] interface vlan 11
[SwitchA-Vlan-interface11] ospf cost 2
[SwitchA-Vlan-interface11] quit
# Configure Switch B.
101
3.
<SwitchB> system-view
[SwitchB] ospf
[SwitchB-ospf-1] area 0
[SwitchB-ospf-1-area-0.0.0.0] network 192.168.0.0 0.0.0.255
[SwitchB-ospf-1-area-0.0.0.0] network 13.1.1.0 0.0.0.255
[SwitchB-ospf-1-area-0.0.0.0] network 120.1.1.0 0.0.0.255
[SwitchB-ospf-1-area-0.0.0.0] quit
[SwitchB-ospf-1] quit
[SwitchB] interface vlan-interface 13
[SwitchB-Vlan-interface13] ospf cost 2
[SwitchA-Vlan-interface13] quit
# Configure Switch C.
<SwitchC> system-view
[SwitchC] ospf
[SwitchC-ospf-1] area 0
[SwitchC-ospf-1-area-0.0.0.0] network 10.1.1.0 0.0.0.255
[SwitchC-ospf-1-area-0.0.0.0] network 13.1.1.0 0.0.0.255
[SwitchC-ospf-1-area-0.0.0.0] quit
[SwitchC-ospf-1] quit
Configure BFD:
# Enable BFD on Switch A and configure BFD parameters.
[SwitchA] bfd session init-mode active
[SwitchA] interface vlan-interface 10
[SwitchA-Vlan-interface10] ospf bfd enable
[SwitchA-Vlan-interface10] bfd min-transmit-interval 500
[SwitchA-Vlan-interface10] bfd min-receive-interval 500
[SwitchA-Vlan-interface10] bfd detect-multiplier 7
[SwitchA-Vlan-interface10] quit
[SwitchA] quit
# Enable BFD on Switch B and configure BFD parameters.
[SwitchB] bfd session init-mode active
[SwitchB] interface vlan-interface 10
[SwitchB-Vlan-interface10] ospf bfd enable
[SwitchB-Vlan-interface10] bfd min-transmit-interval 500
[SwitchB-Vlan-interface10] bfd min-receive-interval 500
[SwitchB-Vlan-interface10] bfd detect-multiplier 6
Verifying the configuration
# Display the BFD information on Switch A.
<SwitchA> display bfd session
Total Session Num: 1 Up Session Num: 1 Init Mode: Active
IPv4 Session Working Under Ctrl Mode:
LD/RD SourceAddr DestAddr State Holdtime Interface
3/1 192.168.0.102 192.168.0.100 Up 1700ms Vlan10
102
# Display routes destined for 120.1.1.0/24 on Switch A.
<SwitchA> display ip routing-table 120.1.1.0 verbose
Summary Count : 1
Destination: 120.1.1.0/24
Protocol: OSPF Process ID: 1
SubProtID: 0x1 Age: 04h20m37s
Cost: 2 Preference: 10
Tag: 0 State: Active Adv
OrigTblID: 0x0 OrigVrf: default-vrf
TableID: 0x2 OrigAs: 0
NBRID: 0x26000002 LastAs: 0
AttrID: 0xffffffff Neighbor: 0.0.0.0
Flags: 0x1008c OrigNextHop: 192.168.0.100
Label: NULL RealNextHop: 192.168.0.100
BkLabel: NULL BkNextHop: N/A
Tunnel ID: Invalid Interface: Vlan-interface10
BkTunnel ID: Invalid BkInterface: N/A
The output shows that Switch A communicates with Switch B through VLAN-interface 10. Then the link over VLAN-interface 10 fails.
# Display routes destined for 120.1.1.0/24 on Switch A.
<SwitchA> display ip routing-table 120.1.1.0 verbose
Summary Count : 1
Destination: 120.1.1.0/24
Protocol: OSPF Process ID: 1
SubProtID: 0x1 Age: 04h20m37s
Cost: 4 Preference: 10
Tag: 0 State: Active Adv
OrigTblID: 0x0 OrigVrf: default-vrf
TableID: 0x2 OrigAs: 0
NBRID: 0x26000002 LastAs: 0
AttrID: 0xffffffff Neighbor: 0.0.0.0
Flags: 0x1008c OrigNextHop: 10.1.1.100
Label: NULL RealNextHop: 10.1.1.100
BkLabel: NULL BkNextHop: N/A
Tunnel ID: Invalid Interface: Vlan-interface11
BkTunnel ID: Invalid BkInterface: N/A
The output shows that Switch A communicates with Switch B through VLAN-interface 11.
103
Configuring OSPF FRR
Network requirements
As shown in Figure 29 , Switch S, Switch A, and Switch D reside in the same OSPF domain. Configure
OSPF FRR so that when the link between Switch S and Switch D fails, traffic is immediately switched to
Link B.
Figure 29 Network diagram
Configuration procedure
1.
2.
3.
Configure IP addresses and subnet masks for interfaces on the switches. (Details not shown.)
Configure OSPF on the switches to make sure Switch S, Switch A, and Switch D can communicate with each other at the network layer. (Details not shown.)
Configure OSPF FRR to automatically calculate the backup next hop:
You can enable OSPF FRR to either calculate a backup next hop by using the LFA algorithm, or specify a backup next hop by using a routing policy.
{
(Method 1.) Enable OSPF FRR to calculate the backup next hop by using the LFA algorithm:
# Configure Switch S.
<SwitchS> system-view
{
[SwitchS] bfd echo-source-ip 1.1.1.1
[SwitchS] ospf 1
[SwitchS-ospf-1] fast-reroute lfa
[SwitchS-ospf-1] quit
# Configure Switch D.
<SwitchD> system-view
[SwitchD] bfd echo-source-ip 4.4.4.4
[SwitchD] ospf 1
[SwitchD-ospf-1] fast-reroute lfa
[SwitchD-ospf-1] quit
(Method 2.) Enable OSPF FRR to designate a backup next hop by using a routing policy.
# Configure Switch S.
<SwitchS> system-view
[SwitchS] bfd echo-source-ip 1.1.1.1
[SwitchS] ip prefix-list abc index 10 permit 4.4.4.4 32
[SwitchS] route-policy frr permit node 10
[SwitchS-route-policy-frr-10] if-match ip address prefix-list abc
[SwitchS-route-policy-frr-10] apply fast-reroute backup-interface vlan-interface
100 backup-nexthop 12.12.12.2
104
[SwitchS-route-policy-frr-10] quit
[SwitchS] ospf 1
[SwitchS-ospf-1] fast-reroute route-policy frr
[SwitchS-ospf-1] quit
# Configure Switch D.
<SwitchD> system-view
[SwitchD] bfd echo-source-ip 4.4.4.4
[SwitchD] ip prefix-list abc index 10 permit 1.1.1.1 32
[SwitchD] route-policy frr permit node 10
[SwitchD-route-policy-frr-10] if-match ip address prefix-list abc
[SwitchD-route-policy-frr-10] apply fast-reroute backup-interface vlan-interface
101 backup-nexthop 24.24.24.2
[SwitchD-route-policy-frr-10] quit
[SwitchD] ospf 1
[SwitchD-ospf-1] fast-reroute route-policy frr
[SwitchD-ospf-1] quit
Verifying the configuration
# Display route 4.4.4.4/32 on Switch S to view the backup next hop information.
[SwitchS] display ip routing-table 4.4.4.4 verbose
Summary Count : 1
Destination: 4.4.4.4/32
Protocol: OSPF Process ID: 1
SubProtID: 0x1 Age: 04h20m37s
Cost: 1 Preference: 10
Tag: 0 State: Active Adv
OrigTblID: 0x0 OrigVrf: default-vrf
TableID: 0x2 OrigAs: 0
NBRID: 0x26000002 LastAs: 0
AttrID: 0xffffffff Neighbor: 0.0.0.0
Flags: 0x1008c OrigNextHop: 13.13.13.2
Label: NULL RealNextHop: 13.13.13.2
BkLabel: NULL BkNextHop: 12.12.12.2
Tunnel ID: Invalid Interface: Vlan-interface200
BkTunnel ID: Invalid BkInterface: Vlan-interface100
# Display route 1.1.1.1/32 on Switch D to view the backup next hop information.
[SwitchD] display ip routing-table 1.1.1.1 verbose
Summary Count : 1
Destination: 1.1.1.1/32
Protocol: OSPF Process ID: 1
SubProtID: 0x1 Age: 04h20m37s
Cost: 1 Preference: 10
Tag: 0 State: Active Adv
OrigTblID: 0x0 OrigVrf: default-vrf
105
TableID: 0x2 OrigAs: 0
NBRID: 0x26000002 LastAs: 0
AttrID: 0xffffffff Neighbor: 0.0.0.0
Flags: 0x1008c OrigNextHop: 13.13.13.1
Label: NULL RealNextHop: 13.13.13.1
BkLabel: NULL BkNextHop: 24.24.24.2
Tunnel ID: Invalid Interface: Vlan-interface200
BkTunnel ID: Invalid BkInterface: Vlan-interface101
Troubleshooting OSPF configuration
No OSPF neighbor relationship established
Symptom
No OSPF neighbor relationship can be established.
Analysis
If the physical link and lower layer protocols work well, verify OSPF parameters configured on interfaces.
Two neighbors must have the same parameters, such as the area ID, network segment, and mask (a P2P or virtual link can have different network segments and masks).
Solution
1.
2.
3.
4.
5.
6.
Use the display ospf peer command to verify OSPF neighbor information.
Use the display ospf interface command to verify OSPF interface information.
Ping the neighbor router's IP address to verify that the connectivity is normal.
Verify OSPF timers. The dead interval on an interface must be at least four times the hello interval.
On an NBMA network, use the peer ip-address command to manually specify the neighbor.
At least one interface must have a router priority higher than 0 on an NBMA or a broadcast network.
Incorrect routing information
Symptom
OSPF cannot find routes to other areas.
Analysis
The backbone area must maintain connectivity to all other areas. If a router connects to more than one area, at least one area must be connected to the backbone. The backbone cannot be configured as a stub area.
In a stub area, all routers cannot receive external routes, and all interfaces connected to the stub area must belong to the stub area.
Solution
1.
2.
3.
Use the display ospf peer command to verify neighbor information.
Use the display ospf interface command to verify OSPF interface information.
Use the display ospf lsdb command to verify the LSDB.
106
4.
5.
6.
Use the display current-configuration configuration ospf command to verify area configuration. If more than two areas are configured, at least one area is connected to the backbone.
In a stub area, all routers attached are configured with the stub command. In an NSSA area, all routers attached are configured with the nssa command.
If a virtual link is configured, use the display ospf vlink command to verify the state of the virtual link.
107
Configuring IS-IS
This chapter describes how to configure IS-IS for IPv4 networks.
Overview
Intermediate System-to-Intermediate System (IS-IS) is a dynamic routing protocol designed by the ISO to operate on the connectionless network protocol (CLNP).
IS-IS was modified and extended in RFC 1195 by the IETF for application in both TCP/IP and OSI reference models, called "Integrated IS-IS" or "Dual IS-IS."
IS-IS is an IGP used within an AS. It uses the SPF algorithm for route calculation.
Terminology
•
Intermediate system—Similar to a router in TCP/IP, IS is the basic unit used in an IS-IS routing domain to generate and propagate routing information. Throughout this chapter, an IS refers to a router.
• End system—Similar to a host in TCP/IP, an ES does not run IS-IS. ISO defines the ES-IS protocol for communication between an ES and an IS.
•
Routing domain—An RD comprises a group of ISs that exchange routing information with each other by using the same routing protocol.
•
Area—An IS-IS routing domain can be split into multiple areas.
•
Link State Database—All link states in the network form the LSDB. Each IS has at least one LSDB. An
IS uses the SPF algorithm and LSDB to generate IS-IS routes.
• Link State Protocol Data Unit or Link State Packet —An IS advertises link state information in an LSP.
•
Network Protocol Data Unit—An NPDU is a network layer protocol packet in OSI, similar to an IP packet in TCP/IP.
• Designated IS—A DIS is elected on a broadcast network.
• Network service access point—An NSAP is an OSI network layer address. The NSAP identifies an abstract network service access point and describes the network address format in the OSI reference model.
IS-IS address format
NSAP
, an NSAP address comprises the Initial Domain Part (IDP) and the Domain
Specific Part (DSP). The IDP is analogous to the network ID of an IP address, and the DSP is analogous to the subnet and host ID.
The IDP includes the Authority and Format Identifier (AFI) and the Initial Domain Identifier (IDI).
The DSP includes:
• High Order Part of DSP (HO-DSP)—Identifies the area.
• System ID—Identifies the host.
108
• SEL—Identifies the type of service.
The IDP and DSP are variable in length. The length of an NSAP address ranges from 8 bytes to 20 bytes.
Figure 30 NSAP address format
Area address
The area address comprises the IDP and the HO-DSP of the DSP, which identify the area and the routing domain. Different routing domains cannot have the same area address.
Typically, a router only needs one area address, and all nodes in the same area must have the same area address. To support smooth area merging, partitioning, and switching, a router can have a maximum of three area addresses.
System ID
A system ID uniquely identifies a host or router. It has a fixed length of 48 bits (6 bytes).
The system ID of a device can be generated from the router ID. For example, suppose a router uses the
IP address 168.10.1.1 of Loopback 0 as the router ID. The system ID can be obtained in the following steps:
1.
Extend each decimal number of the IP address to three digits by adding 0s from the left, such as
168.010.001.001.
2.
Divide the extended IP address into three sections that each has four digits to get the system ID
1680.1000.1001.
If you use other methods to define a system ID, make sure that it can uniquely identify the host or router.
SEL
The N-SEL, or the NSAP selector (SEL), is similar to the protocol identifier in IP. Different transport layer protocols correspond to different SELs. All SELs in IP are 00.
Routing method
The IS-IS address format identifies the area, so a Level-1 router can easily identify packets destined to other areas. IS-IS routers perform routing as follows:
•
A Level-1 router performs intra-area routing according to the system ID. If the destination address of a packet does not belong to the local area, the Level-1 router forwards it to the nearest Level-1-2 router.
• A Level-2 router performs inter-area routing according to the area address.
NET
A network entity title (NET) identifies the network layer information of an IS. It does not include transport layer information. A NET is a special NSAP address with the SEL being 0. The length of a NET ranges from 8 bytes to 20 bytes, same as a NSAP address.
A NET includes the following parts:
• Area ID—Has a length of 1 to 13 bytes.
109
• System ID—A system ID uniquely identifies a host or router in the area and has a fixed length of 6 bytes.
•
SEL—Has a value of 0 and a fixed length of 1 byte.
For example, for a NET ab.cdef.1234.5678.9abc.00, the area ID is ab.cdef, the system ID is
1234.5678.9abc, and the SEL is 00.
Typically, a router only needs one NET, but it can have a maximum of three NETs for smooth area merging and partitioning. When you configure multiple NETs, make sure the system IDs are the same.
IS-IS area
IS-IS has a 2-level hierarchy to support large-scale networks. A large-scale routing domain is divided into multiple areas. Typically, a Level-1 router is deployed within an area, a Level-2 router is deployed between areas, and a Level-1-2 router is deployed between Level-1 and Level-2 routers.
Level-1 and Level-2
•
Level-1 router—A Level-1 router establishes neighbor relationships with Level-1 and Level-1-2 routers in the same area. It maintains a LSDB comprising intra-area routing information. A Level-1 router forwards packets destined for external areas to the nearest Level-1-2 router. Level-1 routers in different areas cannot establish neighbor relationships.
•
Level-2 router—A Level-2 router establishes neighbor relationships with Level-2 and Level-1-2 routers in the same area or in different areas. It maintains a Level-2 LSDB containing inter-area routing information. All the Level-2 and Level-1-2 routers must be contiguous to form the backbone of the IS-IS routing domain. Level-2 routers can establish neighbor relationships regardless of the areas they reside in.
• Level-1-2 router—A router with both Level-1 and Level-2 router functions is a Level-1-2 router. It can establish Level-1 neighbor relationships with Level-1 and Level-1-2 routers in the same area, and establish Level-2 neighbor relationships with Level-2 and Level-1-2 routers in different areas. A Level-1 router can reach other areas only through a Level-1-2 router. The Level-1-2 router maintains two LSDBs, a Level-1 LSDB for intra-area routing and a Level-2 LSDB for inter-area routing.
shows one IS-IS network topology. Area 1 is the backbone that comprises a set of Level-2 routers. The other four areas are non-backbone areas connected to the backbone through Level-1-2 routers.
110
Figure 31 IS-IS topology 1
Area 2
L1/L2
L1
L2
L2
L1/L2
Area 3
L2
Area 1
L2
L1/L2
Area 5
L1/L2
L1
Area 4
L1 L1
L1 L1
shows another IS-IS topology. The Level-1-2 routers connect to the Level-1 and Level-2 routers, and form the IS-IS backbone together with the Level-2 routers. No area is defined as the backbone in this topology. The backbone comprises all contiguous Level-2 and Level-1-2 routers in different areas. The IS-IS backbone does not need to be a specific area.
Figure 32 IS-IS topology 2
Area 3
Area 2
L1/L2
L1
L2
Area 4
L2
L1/L2
L2
Area 1
L2
L1/L2
Area 5
L1/L2
L1
L1
L1 L1
L1
Both the Level-1 and Level-2 routers use the SPF algorithm to generate the shortest path tree.
111
Route leaking
Level-2 and Level-1-2 routers form a Level-2 area. An IS-IS routing domain comprises only one Level-2 area and multiple Level-1 areas. A Level-1 area must connect to the Level-2 area rather than other Level-1 area.
The routing information of each Level-1 area is sent to the Level-2 area through a Level-1-2 router, so a
Level-2 router knows the routing information of the entire IS-IS routing domain. By default, a Level-2 router does not advertise the routing information of other Level-1 areas and the Level-2 area to a Level-1 area, so a Level-1 router simply sends packets destined for other areas to the nearest Level-1-2 router. The path passing through the Level-1-2 router may not be the best. To solve this problem, IS-IS provides the route leaking feature.
Route leaking enables a Level-1-2 router to advertise the routes of other Level-1 areas and the Level-2 area to the connected Level-1 area so that the Level-1 routers can select the optimal routes for packets.
IS-IS network types
Network types
IS-IS supports the broadcast network (for example, Ethernet and Token Ring) and the point-to-point network (for example, PPP and HDLC).
For an NBMA interface, such as an ATM interface, you must configure point-to-point or broadcast subinterfaces. IS-IS cannot run on P2MP links.
DIS and pseudonodes
IS-IS routers on a broadcast network must elect a DIS.
The Level-1 and Level-2 DISs are elected separately. You can assign different priorities to a router for different level DIS elections. The higher the router priority, the more likely the router becomes the DIS. If multiple routers with the same highest DIS priority exist, the one with the highest SNPA (Subnetwork Point of Attachment) address (MAC address on a broadcast network) will be elected. A router can be the DIS for different levels.
IS-IS DIS election differs from OSPF DIS election in the following ways:
• A router with priority 0 can also participate in the DIS election.
•
When a router with a higher priority is added to the network, an LSP flooding process is performed to elect the router as the new DIS.
, the same level routers on a network, including non-DIS routers, establish adjacency with each other.
Figure 33 DIS in the IS-IS broadcast network
L1/L2 L1/L2
L2 adjacencies
L1 adjacencies
L1
DIS
L2
DIS
112
The DIS creates and updates pseudonodes, and generates LSPs for the pseudonodes, to describe all routers on the network.
A pseudonode represents a virtual node on the broadcast network. It is not a real router. In IS-IS, it is identified by the system ID of the DIS and a 1-byte Circuit ID (a non-zero value).
Using pseudonodes simplifies network topology and can reduce the amount of resources consumed by
SPF.
NOTE:
On an IS-IS broadcast network, all routers establish adjacency relationships, but they synchronize their
LSDBs through the DIS.
IS-IS PDUs
PDU
IS-IS PDUs are encapsulated into link layer frames. An IS-IS PDU has two parts, the headers and the variable length fields. The headers comprise the PDU common header and the PDU specific header. All
PDUs have the same PDU common header. The specific headers vary by PDU type.
Figure 34 PDU format
Table 4 PDU types
18
20
24
25
15
16
17
Level-1 LAN IS-IS hello PDU
Level-2 LAN IS-IS hello PDU
Point-to-Point IS-IS hello PDU
Level-1 Link State PDU
Level-2 Link State PDU
Level-1 Complete Sequence Numbers PDU
Level-2 Complete Sequence Numbers PDU
L1 LAN IIH
L2 LAN IIH
P2P IIH
L1 LSP
L2 LSP
L1 CSNP
L2 CSNP
26
Hello PDU
27
Level-1 Partial Sequence Numbers PDU
Level-2 Partial Sequence Numbers PDU
L1 PSNP
L2 PSNP
IS-to-IS hello (IIH) PDUs are used by routers to establish and maintain neighbor relationships. On broadcast networks, Level-1 routers use Level-1 LAN IIHs, and Level-2 routers use Level-2 LAN IIHs. The
P2P IIHs are used on point-to-point networks.
LSP
The LSPs carry link state information. LSPs include Level-1 LSPs and Level-2 LSPs. The Level-2 LSPs are sent by the Level-2 routers, and the Level-1 LSPs are sent by the Level-1 routers. The Level-1-2 router can send both types of LSPs.
113
SNP
A sequence number PDU (SNP) describes the complete or partial LSPs for LSDB synchronization.
SNPs include CSNP and PSNP, which are further divided into Level-1 CSNP, Level-2 CSNP, Level-1 PSNP, and Level-2 PSNP.
A CSNP describes the summary of all LSPs for LSDB synchronization between neighboring routers. On broadcast networks, CSNPs are sent by the DIS periodically (every 10 seconds by default). On point-to-point networks, CSNPs are sent only during the first adjacency establishment.
A PSNP only contains the sequence numbers of one or multiple latest received LSPs. It can acknowledge multiple LSPs at one time. When LSDBs are not synchronized, a PSNP is used to request missing LSPs from a neighbor.
CLV
The variable fields of PDU comprise multiple Code-Length-Value (CLV) triplets.
Figure 35 CLV format
10
128
129
130
131
132
shows that different PDUs contain different CLVs. Codes 1 through 10 are defined in ISO 10589
(code 3 and 5 are not shown in the table), and others are defined in RFC 1195.
Table 5 CLV codes and PDU types
CLV Code
1
Name
Area Addresses
6
7
2
4
IS Neighbors (LSP)
Partition Designated Level2 IS
IS Neighbors (MAC Address)
IS Neighbors (SNPA Address)
8 Padding
Authentication Information
IP Internal Reachability Information
Protocols Supported
IP External Reachability Information
Inter-Domain Routing Protocol Information
IP Interface Address
PDU Type
IIH, LSP
LSP
L2 LSP
LAN IIH
LAN IIH
IIH
SNP
IIH, LSP, SNP
LSP
IIH, LSP
L2 LSP
L2 LSP
IIH, LSP
Protocols and standards
• ISO 10589 ISO IS-IS Routing Protocol
114
• ISO 9542 ES-IS Routing Protocol
•
ISO 8348/Ad2 Network Services Access Points
•
RFC 1195, Use of OSI IS-IS for Routing in TCP/IP and Dual Environments
• RFC 2763, Dynamic Hostname Exchange Mechanism for IS-IS
• RFC 2966, Domain-wide Prefix Distribution with Two-Level IS-IS
•
RFC 2973, IS-IS Mesh Groups
•
RFC 3277, IS-IS Transient Blackhole Avoidance
• RFC 3358, Optional Checksums in ISIS
• RFC 3373, Three-Way Handshake for IS-IS Point-to-Point Adjacencies
•
RFC 3567, Intermediate System to Intermediate System (IS-IS) Cryptographic Authentication
•
RFC 3719, Recommendations for Interoperable Networks using IS-IS
• RFC 3786, Extending the Number of IS-IS LSP Fragments Beyond the 256 Limit
•
RFC 3787, Recommendations for Interoperable IP Networks using IS-IS
•
RFC 3847, Restart Signaling for IS-IS
IS-IS configuration task list
Tasks at a glance
•
(Required.)
•
(Optional.) Configuring the IS level and circuit level
•
(Optional.) Configuring P2P network type for an interface
(Optional.) Configuring IS-IS route control
•
•
Specifying a preference for IS-IS
•
Configuring the maximum number of ECMP routes
•
Configuring IS-IS route summarization
•
•
Configuring IS-IS route redistribution
•
Configuring IS-IS route filtering
•
Configuring IS-IS route leaking
115
Tasks at a glance
(Optional.) Tuning and optimizing IS-IS networks
•
Specifying intervals for sending IS-IS hello and CSNP packets
•
Specifying the IS-IS hello multiplier
•
Configuring a DIS priority for an interface
•
Disabling an interface from sending/receiving IS-IS packets
•
Enabling an interface to send small hello packets
•
•
Controlling SPF calculation interval
•
Configuring convergence priorities for specific routes
•
•
Configuring system ID to host name mappings
•
Enabling the logging of neighbor state changes
•
(Optional.) Enhancing IS-IS network security
•
Configuring neighbor relationship authentication
•
Configuring area authentication
•
Configuring routing domain authentication
(Optional.) Configuring IS-IS GR
(Optional.) Configuring BFD for IS-IS
(Optional.) Configuring IS-IS FRR
Configuring basic IS-IS
Configuration prerequisites
Before the configuration, complete the following tasks:
•
Configure the link layer protocol.
• Configure IP addresses for interfaces to ensure IP connectivity between neighboring nodes.
Enabling IS-IS
Step Command
1. Enter system view. system-view
2. Create an IS-IS process and enter its view. isis [ process-id ] [ vpn-instance
vpn-instance-name ]
3. Assign a NET. network-entity net
4. Return to system view. quit
5. Enter interface view. interface interface-type
interface-number
6. Enable an IS-IS process on the interface. isis enable [ process-id ]
Remarks
N/A
By default, the IS-IS process is disabled.
By default, NET is not assigned.
N/A
N/A
By default, no IS-IS process is enabled.
116
Configuring the IS level and circuit level
Follow these guidelines when you configure the IS level for routers in only one area:
• Configure the IS level of all routers as Level-1 or Level-2 rather than different levels because the routers do not need to maintain two identical LSDBs.
•
Configure the IS level as Level-2 on all routers in an IP network for good scalability.
For an interface of a Level-1 (or Level-2) router, the circuit level can only be Level-1 (or Level-2). For an interface of a Level-1-2 router, the default circuit level is Level-1-2; if the router only needs to form Level-1 (or
Level-2) neighbor relationships, configure the circuit level for its interfaces as Level-1 (or Level-2) to limit neighbor relationship establishment.
To configure the IS level and circuit level:
Remarks
N/A
Step Command
1. Enter system view. system-view
2. Enter IS-IS view. isis [ process-id ] [ vpn-instance
vpn-instance-name ]
3. Specify the IS level.
4. Return to system view.
5. Enter interface view. is-level { level-1 | level-1-2 | level-2 } quit interface interface-type
interface-number
N/A
By default, the IS level is Level-1-2.
N/A
N/A
6. Specify the circuit level. isis circuit-level [ level-1 | level-1-2
| level-2 ]
By default, an interface can establish either the Level-1 or Level-2 adjacency.
Configuring P2P network type for an interface
Perform this task only for a broadcast network that has up to two attached routers.
Interfaces with different network types operate differently. For example, broadcast interfaces on a network must elect the DIS and flood CSNP packets to synchronize the LSDBs, but P2P interfaces on a network do not need to elect the DIS, and have a different LSDB synchronization mechanism.
If only two routers exist on a broadcast network, configure the network type of attached interfaces as P2P to avoid DIS election and CSNP flooding, saving network bandwidth and speeding up network convergence.
To configure P2P network type for an interface:
Step Command
1. Enter system view. system-view
2. Enter interface view. interface interface-type
interface-number
Remarks
N/A
N/A
117
Step Command
3. Configure P2P network type for an interface. isis circuit-type p2p
Remarks
By default, the network type of an interface depends on the physical media. The network type of a
VLAN interface is broadcast.
Configuring IS-IS route control
Configuration prerequisites
Before the configuration, complete the following tasks:
•
Configure IP addresses for interfaces to ensure IP connectivity between neighboring nodes.
•
Enable IS-IS.
Configuring IS-IS link cost
The IS-IS cost of an interface is determined in the following order:
1.
IS-IS cost specified in interface view.
2.
3.
IS-IS cost specified in system view. The cost is applied to the interfaces associated with the IS-IS process.
Automatically calculated cost. If the cost style is wide or wide-compatible, IS-IS automatically calculates the cost using the formula: interface cost = (bandwidth reference value/interface bandwidth) ×10, in the range of 1 to16777214. For other cost styles,
Table 6 Automatic cost calculation scheme for cost styles other than wide and wide-compatible
Interface bandwidth
≤ 10 Mbps
≤ 100 Mbps
≤ 155 Mbps
≤ 622 Mbps
Interface cost
60
50
40
30
≤ 2500 Mbps 20
> 2500 Mbps
4.
10
If none of the above costs is used, a default cost of 10 applies.
Configuring an IS-IS cost for an interface
Step Command
1. Enter system view. system-view
2. Enter IS-IS view. isis [ process-id ] [ vpn-instance
vpn-instance-name ]
Remarks
N/A
N/A
118
Step Command
3. (Optional.) Specify an
IS-IS cost style. cost-style { narrow | wide | wide-compatible
| { compatible | narrow-compatible }
[ relax-spf-limit ] }
4. Return to system view. quit
5. Enter interface view. interface interface-type interface-number
6. (Optional.) Specify a cost for the IS-IS interface. isis cost value [ level-1 | level-2 ]
Configuring a global IS-IS cost
Remarks
By default, the IS-IS cost type is narrow.
N/A
N/A
By default, no cost for the interface is specified.
Step Command
1. Enter system view. system-view
2. Enter IS-IS view.
Remarks
N/A isis [ process-id ] [ vpn-instance vpn-instance-name ] N/A
3. (Optional.) Specify an IS-IS cost style. cost-style { narrow | wide | wide-compatible |
{ compatible | narrow-compatible }
[ relax-spf-limit ] }
4. Specify a global
IS-IS cost. circuit-cost value [ level-1 | level-2 ]
Enabling automatic IS-IS cost calculation
By default, the IS-IS cost style is narrow.
By default, no global cost is specified.
Step Command
1. Enter system view. system-view
Remarks
N/A
2. Enter IS-IS view. isis [ process-id ] [ vpn-instance
vpn-instance-name ]
N/A
3. Specify an IS-IS cost style. cost-style { wide | wide-compatible } By default, the IS-IS cost is narrow.
4. Enable automatic IS-IS cost calculation.
5. (Optional.) Configure a bandwidth reference value for automatic IS-IS cost calculation. auto-cost enable bandwidth-reference value
By default, automatic IS-IS cost calculation is disabled.
The default setting is100 Mbps.
Specifying a preference for IS-IS
If multiple routing protocols find routes to the same destination, the route found by the routing protocol that has the highest preference is selected as the optimal route.
Perform this task to assign a preference to IS-IS directly or by using a routing policy. For more information about the routing policy, see "Configuring routing policies."
To configure a preference for IS-IS:
119
Step Command
1. Enter system view. system-view
2. Enter IS-IS view.
3. Configure a prefrence for
IS-IS. isis [ process-id ] [ vpn-instance
vpn-instance-name ] preference { preference | route-policy
route-policy-name } *
Remarks
N/A
N/A
The default setting is
15.
Configuring the maximum number of ECMP routes
Perform this task to implement load sharing over ECMP routes.
To configure the maximum number of ECMP routes:
Step Command
1. Enter system view. system-view
2. Enter IS-IS view. isis [ process-id ] [ vpn-instance
vpn-instance-name ]
Remarks
N/A
N/A
3. Specify the maximum number of ECMP routes. maximum load-balancing number
By default, the maximum number of ECMP routes is the same as that configured in the max-ecmp-num command. For more information about the max-ecmp-num command, see IP Routing
Command Reference.
Configuring IS-IS route summarization
Perform this task to summarize specific routes, including IS-IS routes and redistributed routes, into a single route. Route summarization can reduce the routing table size and the LSDB scale.
Route summarization applies only to locally generated LSPs. The cost of the summary route is the lowest one among the costs of the more-specific routes.
To configure route summarization:
Step Command
1. Enter system view. system-view
2. Enter IS-IS view.
3. Configure IS-IS route summarization. isis [ process-id ] [ vpn-instance
vpn-instance-name ] summary ip-address { mask | mask-length }
[ avoid-feedback | generate_null0_route |
[ level-1 | level-1-2 | level-2 ] | tag tag ] *
Remarks
N/A
N/A
By default, route summarization is not configured.
120
Advertising a default route
IS-IS cannot redistribute a default route to its neighbors. This task enables IS-IS to advertise a default route of 0.0.0.0/0 in an LSP to the same-level neighbors. Upon receiving the default route, the neighbors add it into their routing table.
To advertise a default route:
Step Command
1. Enter system view. system-view
2. Enter IS-IS view. isis [ process-id ] [ vpn-instance
vpn-instance-name ]
Remarks
N/A
N/A
3. Advertise a default route. default-route-advertise [ [ level-1 | level-1-2
| level-2 ] | route-policy route-policy-name ]
*
By default, IS-IS does not advertise a default route.
The generated routes are advertised to only the same-level neighbors.
Configuring IS-IS route redistribution
Perform this task to redistribute routes from other routing protocols into IS-IS. You can specify a cost for redistributed routes and specify the maximum number of redistributed routes.
To configure IS-IS route redistribution from other routing protocols:
Step Command
1. Enter system view. system-view
2. Enter IS-IS view. isis [ process-id ] [ vpn-instance
vpn-instance-name ]
Remarks
N/A
N/A
3. Redistribute routes from other routing protocols or other IS-IS processes. import-route protocol [ process-id | all-processes | allow-ibgp ] [ cost cost
| cost-type { external | internal } |
[ level-1 | level-1-2 | level-2 ] | route-policy route-policy-name | tag
tag ] *
By default, no route is redistributed.
By default, if no level is specified, this command redistributes routes into the
Level-2 routing table.
This command redistributes only active routes. To display active routes, use the display ip routing-table protocol command.
4. (Optional.) Configure the maximum number of redistributed Level
1/Level 2 IPv4 routes. import-route limit number
By default, the maximum number of redistributed Level 1/Level 2 IPv4 routes is not configured.
Configuring IS-IS route filtering
You can use an ACL, IP prefix list, or routing policy to filter routes calculated using received LSPs and routes redistributed from other routing protocols.
121
Filtering routes calculated from received LSPs
IS-IS saves LSPs received from neighbors in the LSDB, uses the SPF algorithm to calculate the shortest path tree with itself as the root, and installs the routes to the IS-IS routing table.
Perform this task to filter calculated routes. Only routes that are not filtered can be added to the IS-IS routing table.
To filter routes calculated using received LSPs:
Step Command
1. Enter system view. system-view
2. Enter IS-IS view. isis [ process-id ] [ vpn-instance
vpn-instance-name ]
Remarks
N/A
N/A
3. Filter routes calculated using received LSPs. filter-policy { acl-number | prefix-list
prefix-list-name | route-policy
route-policy-name } import
By default, IS-IS accepts all routes calculated using received LSPs.
Filtering redistributed routes
IS-IS can redistribute routes from other routing protocols or other IS-IS processes, add them to the IS-IS routing table, and advertise them in LSPs.
Perform this task to filter redistributed routes. Only routes that are not filtered can be added to the IS-IS routing table and advertised to neighbors.
To filter redistributed routes:
Step Command
1. Enter system view. system-view
2. Enter IS-IS view.
3. Filter routes redistributed from other routing protocols or IS-IS processes. isis [ process-id ] [ vpn-instance
vpn-instance-name ] filter-policy { acl-number | prefix-list
prefix-list-name | route-policy
route-policy-name } export [ protocol
[ process-id ] ]
Remarks
N/A
N/A
By default, IS-IS accepts all redistributed routes.
Configuring IS-IS route leaking
Perform this task to control route advertisement (route leaking) between Level-1 and Level-2.
You can configure IS-IS to advertise routes from Level-2 to Level-1, and to not advertise routes from Level-1 to Level-2.
To configure IS-IS route leaking:
Step Command
1. Enter system view. system-view
2. Enter IS-IS view. isis [ process-id ] [ vpn-instance
vpn-instance-name ]
Remarks
N/A
N/A
122
Step Command
3. Configure route leaking from Level-1 to
Level-2. import-route isis level-1 into level-2 [ filter-policy
{ acl-number | prefix-list prefix-list-name | route-policy route-policy-name } | tag tag ] *
4. Configure route leaking from Level-2 to
Level-1. import-route isis level-2 into level-1 [ filter-policy
{ acl-number | prefix-list prefix-list-name | route-policy route-policy-name } | tag tag ] *
Remarks
By default, IS-IS advertises routes from Level-1 to
Level-2.
By default, IS-IS does not advertise routes from
Level-2 to Level-1.
Tuning and optimizing IS-IS networks
Configuration prerequisites
Before you tune and optimize IS-IS networks, complete the following tasks:
• Configure IP addresses for interfaces to ensure IP connectivity between neighboring nodes.
•
Enable IS-IS.
Specifying intervals for sending IS-IS hello and CSNP packets
Step Command
1. Enter system view. system-view
2. Enter interface view. interface interface-type
interface-number
Remarks
N/A
N/A
3. Specify the interval for sending hello packets. isis timer hello seconds [ level-1 | level-2 ]
The default setting is10 seconds.
The interval between hello packets sent by the DIS is 1/3 the hello interval set with the isis timer hello command.
4. Specify the interval for sending CSNP packets on the
DIS of a broadcast network. isis timer csnp seconds [ level-1 | level-2 ]
The default setting is10 seconds.
Specifying the IS-IS hello multiplier
If a neighbor receives no hello packets from the router within the advertised hold time, it considers the router down and recalculates the routes. The hold time is the hello multiplier multiplied by the hello interval.
On a broadcast link, Level-1 and Level-2 hello packets are advertised separately. You must set a hello multiplier for each level.
On a P2P link, Level-1 and Level-2 hello packets are advertised in P2P hello packets. You do not need to specify Level-1 or Level-2.
To specify the IS-IS hello multiplier:
Step Command
1. Enter system view. system-view
Remarks
N/A
123
Step Command
2. Enter interface view. interface interface-type
interface-number
3. Specify the number of hello packets a neighbor must miss before declaring the router is down. isis timer holding-multiplier value
[ level-1 | level-2 ]
Remarks
N/A
The default setting is
3.
Configuring a DIS priority for an interface
On a broadcast network, IS-IS must elect a router as the DIS at a routing level. You can specify a DIS priority at a level for an interface. The greater the interface's priority, the more likely it becomes the DIS.
If multiple routers in the broadcast network have the same highest DIS priority, the router with the highest
MAC address becomes the DIS.
To configure a DIS priority for an interface:
Remarks
N/A
Step Command
1. Enter system view. system-view
2. Enter interface view.
3. Configure a DIS priority for the interface. interface interface-type
interface-number isis dis-priority value [ level-1 | level-2 ]
N/A
The default setting is 64.
Disabling an interface from sending/receiving IS-IS packets
After being disabled from sending and receiving hello packets, an interface cannot form any neighbor relationship, but can advertise directly connected networks in LSPs through other interfaces. This can save bandwidth and CPU resources, and ensures that other routers know networks directly connected to the interface.
To disable an interface from sending and receiving IS-IS packets:
Remarks
N/A
Step Command
1. Enter system view. system-view
2. Enter interface view. interface interface-type
interface-number
3. Disable the interface from sending and receiving IS-IS packets. isis silent
N/A
By default, the interface can send and receive IS-IS packets.
Enabling an interface to send small hello packets
IS-IS messages cannot be fragmented at the IP layer because they are directly encapsulated in frames.
Any two IS-IS neighboring routers must negotiate a common MTU. To avoid sending big hellos to save bandwidth, enable the interface to send small hello packets without CLVs.
To enable an interface to send small hello packets:
124
Step Command
1. Enter system view. system-view
2. Enter interface view. interface interface-type
interface-number
3. Enable the interface to send small hello packets without
CLVs. isis small-hello
Remarks
N/A
N/A
By default, the interface can send standard hello packets.
Configuring LSP parameters
Configuring LSP timers
1.
Specify the maximum age of LSPs.
Each LSP has an age that decreases in the LSDB. IS-IS runs a process to delete any LSP with an age of 0 from the LSDB. You can adjust the age value based on the scale of a network.
To specify the maximum age of LSPs:
Step Command
1. Enter system view. system-view
Remarks
N/A
2. Enter IS-IS view. isis [ process-id ] [ vpn-instance
vpn-instance-name ]
N/A
2.
3. Specify the maximum LSP age. timer lsp-max-age seconds
The default setting is1200 seconds.
Specify the LSP refresh interval and generation interval.
Each router needs to refresh its LSPs at a configurable interval and send them to other routers to prevent valid routes from aging out. A smaller refresh interval speeds up network convergence but consumes more bandwidth.
When the network topology changes, for example, a neighbor is down or up, or the interface metric, system ID, or area ID is changed, the router generates an LSP after a configurable interval.
If such a change occurs frequently, excessive LSPs are generated, consuming a large amount of router resources and bandwidth. To solve the problem, you can adjust the LSP generation interval.
When network changes are not frequent, the minimum-interval is adopted. If network changes become frequent, the LSP generation interval is incremented by incremental-interval × 2 n-2
(n is the number of calculation times) each time a generation occurs until the maximum-interval is reached.
To specify the LSP refresh interval and generation interval:
Step Command
1. Enter system view. system-view
2. Enter IS-IS view. isis [ process-id ] [ vpn-instance
vpn-instance-name ]
3. Specify the LSP refresh interval. timer lsp-refresh seconds
Remarks
N/A
N/A
By default, the LSP refresh interval is 900 seconds.
125
Step Command
4. Specify the LSP generation interval. timer lsp-generation maximum-interval
[ minimum-interval [ incremental-interval ] ]
[ level-1 | level-2 ]
Remarks
By default:
•
The maximum interval is 2 seconds.
•
The minimum interval is 0 milliseconds.
•
The incremental interval is
0 milliseconds.
3.
Specify LSP sending intervals.
If a change occurs in the LSDB, IS-IS advertises the changed LSP to neighbors. You can specify the minimum interval for sending such LSPs.
To avoid unnecessary retransmissions, configure an LSP sending interval according to the number of IS-IS interfaces or routes.
To configure LSP sending intervals:
Step Command
1. Enter system view. system-view
Remarks
N/A
2. Enter interface view. interface interface-type
interface-number
N/A
3. Specify the minimum interval for sending LSPs and the maximum LSP number that can be sent at a time. isis timer lsp time [ count count ]
By default, the minimum interval is 33 milliseconds, and the maximum LSP number that can be sent at a time is 5.
Specifying LSP lengths
IS-IS messages cannot be fragmented at the IP layer because they are directly encapsulated in frames.
IS-IS routers in an area must send LSPs smaller than the smallest interface MTU in the area.
If the IS-IS routers have different interface MTUs, HP recommends configuring the maximum size of generated LSP packets to be smaller than the smallest interface MTU in the area. Otherwise, the routers must dynamically adjust the LSP packet size to fit the smallest interface MTU, which takes time and affects other services.
To specify LSP lengths:
Remarks
N/A
Step Command
1. PreferenceEnter system view. system-view
2. Enter IS-IS view. isis [ process-id ] [ vpn-instance
vpn-instance-name ]
3. Specify the maximum length of generated Level-1 LSPs or
Level-2 LSPs. lsp-length originate size [ level-1 | level-2 ]
4. Specify the maximum length of received LSPs. lsp-length receive size
N/A
By default, the maximum length of generated Level-1 LSPs or
Level-2 LSPs is 1497 bytes.
By default, the maximum length of received LSPs is 1497 bytes.
126
Enabling LSP flash flooding
Changed LSPs can trigger SPF recalculation. To advertise the changed LSPs before the router recalculates routes for faster network convergence, enable LSP flash flooding.
To enable LSP flash flooding:
Step Command
1. Enter system view. system-view
2. Enter IS-IS view.
Remarks
N/A isis [ process-id ] [ vpn-instance vpn-instance-name ] N/A
3. Enable LSP flash flooding. flash-flood [ flood-count flooding-count | max-timer-interval flooding-interval | [ level-1 | level-2 ] ] *
By default, LSP flash flooding is disabled.
Enabling LSP fragment extension
Perform this task to enable IS-IS fragment extension for an IS-IS process. The MTUs of all interfaces running the IS-IS process must not be less than 512. Otherwise, LSP fragment extension does not take effect.
To enable LSP fragment extension:
Step Command
1. Enter system view. system-view
2. Enter IS-IS view.
3. Enable LSP fragment extension. isis [ process-id ] [ vpn-instance
vpn-instance-name ] lsp-fragments-extend [ level-1 | level-1-2 | level-2 ]
Remarks
N/A
N/A
By default, this feature is disabled.
4. Configure a virtual system
ID. virtual-system virtual-system-id
By default, no virtual system ID is configured.
Configure at least one virtual system to generate extended LSP fragments.
Controlling SPF calculation interval
Based on the LSDB, an IS-IS router uses the SPF algorithm to calculate the shortest path tree with itself being the root, and uses the shortest path tree to determine the next hop to a destination network. By adjusting the SPF calculation interval, you can prevent bandwidth and router resources from being overconsumed due to frequent topology changes.
When network changes are not frequent, the minimum-interval is adopted. If network changes become frequent, the SPF calculation interval is incremented by incremental-interval × 2 n-2 (n is the number of calculation times) each time a calculation occurs until the maximum-interval is reached.
To control SPF calculation interval:
Step Command
1. Enter system view. system-view
2. Enter IS-IS view. isis [ process-id ] [ vpn-instance
vpn-instance-name ]
Remarks
N/A
N/A
127
Step Command
3. Configure the SPF calculation interval. timer spf maximum-interval
[ minimum-interval [ incremental-interval ] ]
Remarks
By default:
•
The maximum interval is 5 seconds.
•
The minimum interval is 50 milliseconds.
•
The incremental interval is
200 milliseconds.
Configuring convergence priorities for specific routes
A topology change causes IS-IS routing convergence. To improve convergence speed, you can assign different convergence priorities to specific IS-IS routes, including critical, high, medium, and low. The higher the convergence priority, the faster the convergence speed.
IS-IS host routes have the medium convergence priority.
To assign convergence priorities to specific IS-IS routes:
Step Command
1. Enter system view. system-view
2. Enter IS-IS view.
3. Assign convergence priorities to specific IS-IS routes. isis [ process-id ] [ vpn-instance
vpn-instance-name ] priority { critical | high | medium }
{ prefix-list prefix-list-name | tag
tag-value }
Remarks
N/A
N/A
By default, IS-IS routes have the lowest convergence priority.
Setting the LSDB overload bit
By setting the overload bit in sent LSPs, a router informs other routers of failures that make it unable to select routes and forward packets.
When an IS-IS router cannot record the complete LSDB, for example, because of memory insufficiency, it will calculate wrong routes. To make troubleshooting easier, temporarily isolate the router from the IS-IS network by setting the overload bit.
To set the LSDB overload bit:
Step Command
1. Enter system view. system-view
2. Enter IS-IS view. isis [ process-id ] [ vpn-instance vpn-instance-name ]
3. Set the overload bit. set-overload [ on-startup [ [ start-from-nbr system-id
[ timeout1 [ nbr-timeout ] ] ] | timeout2 ] [ allow { external
| interlevel } * ]
Remarks
N/A
N/A
By default, the overload bit is not set.
128
Configuring system ID to host name mappings
A 6-byte system ID in hexadecimal notation uniquely identifies a router or host in an IS-IS network. To make a system ID easy to read, the system allows you to use host names to identify devices and provides mappings between system IDs and host names.
The mappings can be configured manually or dynamically. Follow these guidelines when you configure the mappings:
• To view host names rather than system IDs by using the display isis lsdb command, you must enable dynamic system ID to host name mapping.
•
If you configure both dynamic mapping and static mapping on a router, the host name specified for dynamic mapping applies.
Configuring a static system ID to host name mapping
Step Command
1. Enter system view. system-view
2. Enter IS-IS view. isis [ process-id ] [ vpn-instance
vpn-instance-name ]
3. Configure a system ID to host name mapping for a remote
IS. is-name map sys-id map-sys-name
Configuring dynamic system ID to host name mapping
Remarks
N/A
N/A
A system ID can correspond to only one host name.
Static system ID to host name mapping requires you to manually configure a mapping for each router in the network. When a new router is added to the network or a mapping must be modified, you must configure all routers manually.
When you use dynamic system ID to host name mapping, you only need to configure a host name for each router in the network. Each router advertises the host name in a dynamic host name CLV to other routers so all routers in the network can have all mappings.
To help check the origin of LSPs in the LSDB, you can configure a name for the DIS in a broadcast network.
To configure dynamic system ID to host name mapping:
Remarks
N/A
Step Command
1. Enter system view. system-view
2. Enter IS-IS view. isis [ process-id ] [ vpn-instance
vpn-instance-name ]
3. Specify a host name for the IS and enable dynamic system ID to host name mapping. is-name sys-name
4. Return to system view. quit
5. Enter interface view. interface interface-type
interface-number
N/A
By default, no host name is specified for the router.
N/A
N/A
129
Step Command
6. Configure a DIS name. isis dis-name symbolic-name
Remarks
By default, no DIS name is configured.
This command takes effect only on a router enabled with dynamic system ID to host name mapping.
This command is not available on P2P interfaces.
Enabling the logging of neighbor state changes
With this feature enabled, the router delivers information about neighbor state changes to the terminal for display.
To enable the logging of neighbor state changes:
Remarks
N/A
Step Command
1. Enter system view. system-view
2. Enter IS-IS view. isis [ process-id ] [ vpn-instance
vpn-instance-name ]
3. Enable the logging of neighbor state changes. log-peer-change
N/A
By default, the logging of neighbor state is enabled.
Enabling IS-IS ISPF
When the network topology changes, Incremental Shortest Path First (ISPF) computes only the affected part of the SPT, instead of the entire SPT.
To enable IS-IS ISPF:
Step Command
1. Enter system view. system-view
2. Enter IS-IS view.
Remarks
N/A isis [ process-id ] [ vpn-instance vpn-instance-name ] N/A
3. Enable IS-IS ISPF. ispf enable By default, IS-IS is disabled.
Enhancing IS-IS network security
To enhance the security of an IS-IS network, you can configure IS-IS authentication. IS-IS authentication involves neighbor relationship authentication, area authentication, and routing domain authentication.
Configuration prerequisites
Before the configuration, complete the following tasks:
• Configure IP addresses for interfaces to ensure IP connectivity between neighboring nodes.
•
Enable IS-IS.
130
Configuring neighbor relationship authentication
With neighbor relationship authentication configured, an interface adds the password in the specified mode into hello packets to the peer and checks the password in the received hello packets. If the authentication succeeds, it forms the neighbor relationship with the peer.
The authentication mode and password at both ends must be identical.
To configure neighbor relationship authentication:
Step Command
1. Enter system view. system-view
2. Enter interface view.
Remarks
N/A interface interface-type interface-number N/A
3. Specify the authentication mode and password. isis authentication-mode { md5 | simple }
{ cipher cipher-string | plain plain-string }
[ level-1 | level-2 ] [ ip | osi ]
By default, no authentication is configured.
Configuring area authentication
Area authentication prevents the router from installing routing information from untrusted routers into the
Level-1 LSDB. The router encapsulates the authentication password in the specified mode in Level-1 packets (LSP, CSNP, and PSNP) and checks the password in received Level-1 packets.
Routers in a common area must have the same authentication mode and password.
To configure area authentication:
Remarks
N/A
Step Command
1. Enter system view. system-view
2. Enter IS-IS view. isis [ process-id ] [ vpn-instance
vpn-instance-name ]
3. Specify the area authentication mode and password. area-authentication-mode { md5 | simple } { cipher cipher-string | plain
plain-string } [ ip | osi ]
N/A
By default, no area authentication is configured.
Configuring routing domain authentication
Routing domain authentication prevents untrusted routing information from entering into a routing domain. A router with the authentication configured encapsulates the password in the specified mode into Level-2 packets (LSP, CSNP, and PSNP) and check the password in received Level-2 packets.
All the routers in the backbone must have the same authentication mode and password.
To configure routing domain authentication:
Step Command
1. Enter system view. system-view
2. Enter IS-IS view. isis [ process-id ] [ vpn-instance
vpn-instance-name ]
Remarks
N/A
N/A
131
Step Command
3. Specify the routing domain authentication mode and password. domain-authentication-mode
{ md5 | simple } { cipher
cipher-string | plain plain-string }
[ ip | osi ]
Remarks
By default, no routing domain authentication is configured.
Configuring IS-IS GR
GR ensures the continuity of packet forwarding when a routing protocol restarts.
• GR Restarter—Graceful restarting router. It must have GR capability.
•
GR Helper—A neighbor of the GR Restarter. It assists the GR Restarter to complete the GR process.
By default, a device acts as the GR Helper. Configure IS-IS GR on the GR Restarter.
GR Restarter uses the following timers:
• T1 timer—Specifies the times that GR Restarter can send a Restart TLV with the RR bit set. After restart, the GR Restarter sends a Restart TLV with the RR bit set to its neighbor. If the restarting router receives a Restart TLV with the RA set from its neighbor before the T1 timer expires, the GR process starts. Otherwise, the GR process fails.
• T2 timer—Specifies the LSDB synchronization interval. Each LSDB has a T2 timer. The Level-1-2 router has two T2 timers: a Level-1 timer and a Level-2 timer. If the LSDBs have not achieved synchronization before the two timers expire, the GR process fails.
• T3 timer—Specifies the GR interval. The GR interval is set as the holdtime in hello PDUs. Within the interval, the neighbors maintain their adjacency with the GR Restarter. If the GR process has not completed within the holdtime, the neighbors tear down the neighbor relationship and the GR process fails.
To configure GR on the GR Restarter:
Step Command
1. Enter system view. system-view
2. Enable IS-IS and enter IS-IS view. isis [ process-id ] [ vpn-instance
vpn-instance-name ]
Remarks
N/A
N/A
3. Enable IS-IS GR.
4. (Optional.) Suppress the SA bit during restart. graceful-restart graceful-restart suppress-sa graceful-restart t1 seconds count
count
By default, the GR capability for IS-IS is disabled.
By default, the SA bit is not suppressed.
By enabling the GR Restarter to suppress the
Suppress-Advertisement (SA) bit in the hello
PDUs, the neighbors will still advertise their adjacency with the GR Restarter.
By default, the T1 timer is 3 seconds and can expire 10 times.
5. (Optional.) Configure the T1 timer.
6. (Optional.) Configure the T2 timer.
7. (Optional.) Configure the T3 timer. graceful-restart t2 seconds graceful-restart t3 seconds
By default, the T2 timer is 60 seconds.
By default, the T2 timer is 300 seconds.
132
Configuring BFD for IS-IS
BFD provides a single mechanism to quickly detect and monitor the connectivity of links between OSPF neighbors, reducing network convergence time. For more information about BFD, see High Availability
Configuration Guide.
To configure BFD for IS-IS:
Step Command
1. Enter system view. system-view
2. Enter interface view.
Remarks
N/A interface interface-type interface-number N/A
3. Enable IS-IS on an interface. isis enable [ process-id ] N/A
4. Enable BFD on an IS-IS interface. isis bfd enable
By default, an IS-IS interface is not enabled with BFD.
Configuring IS-IS FRR
A link or router failure on a path can cause packet loss and even routing loop. Such problems arise until
IS-IS completes the routing convergence based on the new network topology. IS-IS FRR enables fast rerouting to minimize the impact of link or node failures.
Figure 36 Network diagram for IS-IS FRR
hop when a link failure is detected. In this way, packets are directed to the backup next hop to reduce traffic recovery time. Meanwhile, IS-IS calculates the shortest path based on the new network topology, and forwards packets over the path after network convergence.
You can either enable IS-IS FRR to calculate a backup next hop automatically, or designate a backup next hop with a routing policy for routes matching specific criteria.
Configuration prerequisites
Before you configure IS-IS FRR, complete the following tasks:
• Configure IP addresses for interfaces to ensure IP connectivity between neighboring nodes.
•
Enable IS-IS.
133
Configuration guidelines
Do not use FRR and BFD at the same time. Otherwise, FRR may fail to take effect.
Configuring IS-IS FRR to automatically calculate a backup next hop
Step Command
1. Enter system view. system-view
2. Configure the source address of echo packets. bfd echo-source-ip ip-address
3. Enter IS-IS view. isis [ process-id ] [ vpn-instance
vpn-instance-name ]
4. Enable IS-IS FRR to automatically calculate a backup next hop. fast-reroute auto
Remarks
N/A
By default, the source address of echo packets is not configured.
N/A
By default, IS-IS FRR is disabled.
Configuring IS-IS FRR using a routing policy
You can use the apply fast-reroute backup-interface command to specify a backup next hop in a routing policy for routes matching specific criteria, and perform this task to reference the routing policy for IS-IS
FRR. For more information about the apply fast-reroute backup-interface command and routing policy configurations, see "Configuring routing policies."
To configure IS-IS FRR using a routing policy:
Step Command
1. Enter system view. system-view
2. Configure the source address of echo packets. bfd echo-source-ip ip-address
3. Enter IS-IS view.
4. Enable IS-IS FRR using a routing policy. isis [ process-id ] [ vpn-instance
vpn-instance-name ] fast-reroute route-policy
route-policy-name
Remarks
N/A
By default, the source address of echo packets is not configured.
N/A
By default, this feature is not enabled.
Displaying and maintaining IS-IS
Execute display commands in any view and the reset command in user view.
Task Command
Display brief IS-IS configuration information. display isis brief [ process-id ]
Display the IS-IS GR status. display isis graceful-restart status [ level-1 | level-2 ] [ process-id ]
134
Task Command
Display information about IS-IS enabled interfaces. display isis interface [ [ interface-type interface-number ] [ verbose ]
| statistics] [ process-id ]
Display IS-IS LSDB information. display isis lsdb [ [ level-1 | level-2 ] | local | lsp-id lspid |
[ lsp-name lspname ] | verbose ] * [ process-id ]
Display the host name to system ID mapping table.
Display IS-IS neighbor information.
Display IS-IS redistributed route information
Display IS-IS IPv4 routing information. display isis name-table [ process-id ] display isis peer [ statistics | verbose ] [ process-id ] display isis redistribute [ ipv4 [ ip-address mask-length ] ] [ level-1 | level-2 ] [ process-id ] display isis route [ ipv4 [ ip-address mask-length ] ] [ [ level-1 | level-2 ] | verbose ] * [ process-id ] display isis statistics [ level-1 | level-1-2 | level-2 ] [ process-id ] Display IS-IS statistics.
Clear IS-IS process data structure information.
Clear the data structure information of an
IS-IS neighbor. reset isis all [ process-id ] [ graceful-restart ] reset isis peer system-id [ process-id ]
IS-IS configuration examples
Basic IS-IS configuration example
Network requirements
As shown in
Figure 37 , Switch A, Switch B, Switch C, and Switch D reside in an IS-IS AS.
Switch A and B are Level-1 switches, Switch D is a Level-2 switch, and Switch C is a Level-1-2 switch. Switch
A, Switch B, and Switch C are in Area 10, and Switch D is in Area 20.
Figure 37 Network diagram
Configuration procedure
1.
Configure IP addresses for interfaces. (Details not shown.)
135
2.
Configure IS-IS:
# Configure Switch A.
<SwitchA> system-view
[SwitchA] isis 1
[SwitchA-isis-1] is-level level-1
[SwitchA-isis-1] network-entity 10.0000.0000.0001.00
[SwitchA-isis-1] quit
[SwitchA] interface vlan-interface 100
[SwitchA-Vlan-interface100] isis enable 1
[SwitchA-Vlan-interface100] quit
# Configure Switch B.
<SwitchB> system-view
[SwitchB] isis 1
[SwitchB-isis-1] is-level level-1
[SwitchB-isis-1] network-entity 10.0000.0000.0002.00
[SwitchB-isis-1] quit
[SwitchB] interface vlan-interface 200
[SwitchB-Vlan-interface200] isis enable 1
[SwitchB-Vlan-interface200] quit
# Configure Switch C.
<SwitchC> system-view
[SwitchC] isis 1
[SwitchC-isis-1] network-entity 10.0000.0000.0003.00
[SwitchC-isis-1] quit
[SwitchC] interface vlan-interface 100
[SwitchC-Vlan-interface100] isis enable 1
[SwitchC-Vlan-interface100] quit
[SwitchC] interface vlan-interface 200
[SwitchC-Vlan-interface200] isis enable 1
[SwitchC-Vlan-interface200] quit
[SwitchC] interface vlan-interface 300
[SwitchC-Vlan-interface300] isis enable 1
[SwitchC-Vlan-interface300] quit
# Configure Switch D.
<SwitchD> system-view
[SwitchD] isis 1
[SwitchD-isis-1] is-level level-2
[SwitchD-isis-1] network-entity 20.0000.0000.0004.00
[SwitchD-isis-1] quit
[SwitchD] interface vlan-interface 100
[SwitchD-Vlan-interface100] isis enable 1
[SwitchD-Vlan-interface100] quit
[SwitchD] interface vlan-interface 300
[SwitchD-Vlan-interface300] isis enable 1
[SwitchD-Vlan-interface300] quit
Verifying the configuration
# Display the IS-IS LSDB on each switch to verify the LSPs.
136
[SwitchA] display isis lsdb
Database information for IS-IS(1)
---------------------------------
Level-1 Link State Database
---------------------------
LSPID Seq Num Checksum Holdtime Length ATT/P/OL
--------------------------------------------------------------------------
0000.0000.0001.00-00* 0x00000004 0xdf5e 1096 68 0/0/0
0000.0000.0002.00-00 0x00000004 0xee4d 1102 68 0/0/0
0000.0000.0002.01-00 0x00000001 0xdaaf 1102 55 0/0/0
0000.0000.0003.00-00 0x00000009 0xcaa3 1161 111 1/0/0
0000.0000.0003.01-00 0x00000001 0xadda 1112 55 0/0/0
*-Self LSP, +-Self LSP(Extended), ATT-Attached, P-Partition, OL-Overload
[SwitchB] display isis lsdb
Database information for IS-IS(1)
---------------------------------
Level-1 Link State Database
---------------------------
LSPID Seq Num Checksum Holdtime Length ATT/P/OL
--------------------------------------------------------------------------
0000.0000.0001.00-00 0x00000006 0xdb60 988 68 0/0/0
0000.0000.0002.00-00* 0x00000008 0xe651 1189 68 0/0/0
0000.0000.0002.01-00* 0x00000005 0xd2b3 1188 55 0/0/0
0000.0000.0003.00-00 0x00000014 0x194a 1190 111 1/0/0
0000.0000.0003.01-00 0x00000002 0xabdb 995 55 0/0/0
*-Self LSP, +-Self LSP(Extended), ATT-Attached, P-Partition, OL-Overload
[SwitchC] display isis lsdb
Database information for IS-IS(1)
---------------------------------
Level-1 Link State Database
---------------------------
LSPID Seq Num Checksum Holdtime Length ATT/P/OL
--------------------------------------------------------------------------
0000.0000.0001.00-00 0x00000006 0xdb60 847 68 0/0/0
0000.0000.0002.00-00 0x00000008 0xe651 1053 68 0/0/0
0000.0000.0002.01-00 0x00000005 0xd2b3 1052 55 0/0/0
0000.0000.0003.00-00* 0x00000014 0x194a 1051 111 1/0/0
137
0000.0000.0003.01-00* 0x00000002 0xabdb 854 55 0/0/0
*-Self LSP, +-Self LSP(Extended), ATT-Attached, P-Partition, OL-Overload
Level-2 Link State Database
---------------------------
LSPID Seq Num Checksum Holdtime Length ATT/P/OL
--------------------------------------------------------------------------
0000.0000.0003.00-00* 0x00000012 0xc93c 842 100 0/0/0
0000.0000.0004.00-00 0x00000026 0x331 1173 84 0/0/0
0000.0000.0004.01-00 0x00000001 0xee95 668 55 0/0/0
*-Self LSP, +-Self LSP(Extended), ATT-Attached, P-Partition, OL-Overload
[SwitchD] display isis lsdb
Database information for IS-IS(1)
---------------------------------
Level-2 Link State Database
---------------------------
LSPID Seq Num Checksum Holdtime Length ATT/P/OL
-------------------------------------------------------------------------------
0000.0000.0003.00-00 0x00000013 0xc73d 1003 100 0/0/0
0000.0000.0004.00-00* 0x0000003c 0xd647 1194 84 0/0/0
0000.0000.0004.01-00* 0x00000002 0xec96 1007 55 0/0/0
*-Self LSP, +-Self LSP(Extended), ATT-Attached, P-Partition, OL-Overload
# Display the IS-IS routing information on each switch.
[SwitchA] display isis route
Route information for IS-IS(1)
------------------------------
Level-1 IPv4 Forwarding Table
-----------------------------
IPv4 Destination IntCost ExtCost ExitInterface NextHop Flags
-------------------------------------------------------------------------------
10.1.1.0/24 10 NULL Vlan100 Direct D/L/-
10.1.2.0/24 20 NULL Vlan100 10.1.1.1 R/-/-
192.168.0.0/24 20 NULL Vlan100 10.1.1.1 R/-/-
0.0.0.0/0 10 NULL Vlan100 10.1.1.1 R/-/-
Flags: D-Direct, R-Added to Rib, L-Advertised in LSPs, U-Up/Down Bit Set
[SwitchC] display isis route
138
Route information for IS-IS(1)
------------------------------
Level-1 IPv4 Forwarding Table
-----------------------------
IPv4 Destination IntCost ExtCost ExitInterface NextHop Flags
-------------------------------------------------------------------------------
192.168.0.0/24 10 NULL Vlan300 Direct D/L/-
10.1.1.0/24 10 NULL Vlan100 Direct D/L/-
10.1.2.0/24 10 NULL Vlan200 Direct D/L/-
Flags: D-Direct, R-Added to Rib, L-Advertised in LSPs, U-Up/Down Bit Set
Level-2 IPv4 Forwarding Table
-----------------------------
IPv4 Destination IntCost ExtCost ExitInterface NextHop Flags
-------------------------------------------------------------------------------
192.168.0.0/24 10 NULL Vlan300 Direct D/L/-
10.1.1.0/24 10 NULL Vlan100 Direct D/L/-
10.1.2.0/24 10 NULL Vlan200 Direct D/L/-
172.16.0.0/16 20 NULL Vlan300 192.168.0.2 R/-/-
Flags: D-Direct, R-Added to Rib, L-Advertised in LSPs, U-Up/Down Bit Set
[SwitchD] display isis route
Route information for IS-IS(1)
------------------------------
Level-2 IPv4 Forwarding Table
-----------------------------
IPv4 Destination IntCost ExtCost ExitInterface NextHop Flags
-------------------------------------------------------------------------------
192.168.0.0/24 10 NULL Vlan300 Direct D/L/-
10.1.1.0/24 20 NULL Vlan300 192.168.0.1 R/-/-
10.1.2.0/24 20 NULL Vlan300 192.168.0.1 R/-/-
172.16.0.0/16 10 NULL Vlan100 Direct D/L/-
Flags: D-Direct, R-Added to Rib, L-Advertised in LSPs, U-Up/Down Bit Set
The output shows that the routing table of Level-1 switches contains a default route with the next hop as the Level-1-2 switch. The routing table of Level-2 switch contains both routing information of Level-1 and
Level-2.
139
DIS election configuration example
Network requirements
Switch A and Switch B are Level-1-2 switches, Switch C is a Level-1 switch, and Switch D is a Level-2 switch.
Change the DIS priority of Switch A to make it elected as the Level-1-2 DIS router.
Figure 38 Network diagram
Configuration procedure
1.
2.
Configure IP addresses for interfaces. (Details not shown.)
Enable IS-IS:
# Configure Switch A.
<SwitchA> system-view
[SwitchA] isis 1
[SwitchA-isis-1] network-entity 10.0000.0000.0001.00
[SwitchA-isis-1] quit
[SwitchA] interface vlan-interface 100
[SwitchA-Vlan-interface100] isis enable 1
[SwitchA-Vlan-interface100] quit
# Configure Switch B.
<SwitchB> system-view
[SwitchB] isis 1
[SwitchB-isis-1] network-entity 10.0000.0000.0002.00
[SwitchB-isis-1] quit
[SwitchB] interface vlan-interface 100
[SwitchB-Vlan-interface100] isis enable 1
[SwitchB-Vlan-interface100] quit
# Configure Switch C.
<SwitchC> system-view
[SwitchC] isis 1
[SwitchC-isis-1] network-entity 10.0000.0000.0003.00
[SwitchC-isis-1] is-level level-1
[SwitchC-isis-1] quit
140
[SwitchC] interface vlan-interface 100
[SwitchC-Vlan-interface100] isis enable 1
[SwitchC-Vlan-interface100] quit
# Configure Switch D.
<SwitchD> system-view
[SwitchD] isis 1
[SwitchD-isis-1] network-entity 10.0000.0000.0004.00
[SwitchD-isis-1] is-level level-2
[SwitchD-isis-1] quit
[SwitchD] interface vlan-interface 100
[SwitchD-Vlan-interface100] isis enable 1
[SwitchD-Vlan-interface100] quit
# Display information about IS-IS neighbors on Switch A.
[SwitchA] display isis peer
Peer information for IS-IS(1)
----------------------------
System Id: 0000.0000.0002
Interface: Vlan-interface100 Circuit Id: 0000.0000.0003.01
State: Up HoldTime: 21s Type: L1(L1L2) PRI: 64
System Id: 0000.0000.0003
Interface: Vlan-interface100 Circuit Id: 0000.0000.0003.01
State: Up HoldTime: 27s Type: L1 PRI: 64
System Id: 0000.0000.0002
Interface: Vlan-interface100 Circuit Id: 0000.0000.0004.01
State: Up HoldTime: 28s Type: L2(L1L2) PRI: 64
System Id: 0000.0000.0004
Interface: Vlan-interface100 Circuit Id: 0000.0000.0004.01
State: Up HoldTime: 30s Type: L2 PRI: 64
# Display information about IS-IS interfaces on Switch A.
[SwitchA] display isis interface
Interface information for IS-IS(1)
----------------------------------
Interface: Vlan-interface100
Id IPv4.State IPv6.State MTU Type DIS
001 Up Down 1497 L1/L2 No/No
# Display information about IS-IS interfaces on Switch C.
[SwitchC] display isis interface
Interface information for IS-IS(1)
----------------------------------
Interface: Vlan-interface100
141
Id IPv4.State IPv6.State MTU Type DIS
001 Up Down 1497 L1/L2 Yes/No
# Display information about IS-IS interfaces on Switch D.
[SwitchD] display isis interface
Interface information for IS-IS(1)
----------------------------------
Interface: Vlan-interface100
Id IPv4.State IPv6.State MTU Type DIS
001 Up Down 1497 L1/L2 No/Yes
The output shows that when the default DIS priority is used, Switch C is the DIS for Level-1, and
Switch D is the DIS for Level-2. The pseudonodes of Level-1 and Level-2 are 0000.0000.0003.01 and 0000.0000.0004.01.
#Configure the DIS priority of Switch A.
[SwitchA] interface vlan-interface 100
[SwitchA-Vlan-interface100] isis dis-priority 100
[SwitchA-Vlan-interface100] quit
# Display IS-IS neighbors on Switch A.
[SwitchA] display isis peer
Peer information for IS-IS(1)
----------------------------
System Id: 0000.0000.0002
Interface: Vlan-interface100 Circuit Id: 0000.0000.0001.01
State: Up HoldTime: 21s Type: L1(L1L2) PRI: 64
System Id: 0000.0000.0003
Interface: Vlan-interface100 Circuit Id: 0000.0000.0001.01
State: Up HoldTime: 27s Type: L1 PRI: 64
System Id: 0000.0000.0002
Interface: Vlan-interface100 Circuit Id: 0000.0000.0001.01
State: Up HoldTime: 28s Type: L2(L1L2) PRI: 64
System Id: 0000.0000.0004
Interface: Vlan-interface100 Circuit Id: 0000.0000.0001.01
State: Up HoldTime: 30s Type: L2 PRI: 64
# Display information about IS-IS interfaces on Switch A.
[SwitchA] display isis interface
Interface information for IS-IS(1)
----------------------------------
Interface: Vlan-interface100
Id IPv4.State IPv6.State MTU Type DIS
142
001 Up Down 1497 L1/L2 Yes/Yes
The output shows that after the DIS priority configuration, Switch A becomes the DIS for Level-1-2, and the pseudonode is 0000.0000.0001.01.
# Display information about IS-IS neighbors and interfaces on Switch C.
[SwitchC] display isis peer
Peer information for IS-IS(1)
----------------------------
System Id: 0000.0000.0002
Interface: Vlan-interface100 Circuit Id: 0000.0000.0001.01
State: Up HoldTime: 25s Type: L1 PRI: 64
System Id: 0000.0000.0001
Interface: Vlan-interface100 Circuit Id: 0000.0000.0001.01
State: Up HoldTime: 7s Type: L1 PRI: 100
[SwitchC] display isis interface
Interface information for IS-IS(1)
----------------------------------
Interface: Vlan-interface100
Id IPv4.State IPv6.State MTU Type DIS
001 Up Down 1497 L1/L2 No/No
# Display information about IS-IS neighbors and interfaces on Switch D.
[SwitchD] display isis peer
Peer information for IS-IS(1)
----------------------------
System Id: 0000.0000.0001
Interface: Vlan-interface100 Circuit Id: 0000.0000.0001.01
State: Up HoldTime: 9s Type: L2 PRI: 100
System Id: 0000.0000.0002
Interface: Vlan-interface100 Circuit Id: 0000.0000.0001.01
State: Up HoldTime: 28s Type: L2 PRI: 64
[SwitchD] display isis interface
Interface information for IS-IS(1)
----------------------------------
Interface: Vlan-interface100
Id IPv4.State IPv6.State MTU Type DIS
001 Up Down 1497 L1/L2 No/No
143
IS-IS route redistribution configuration example
Network requirements
As shown in
Figure 39 , Switch A, Switch B, Switch C, and Switch D reside in the same AS. They use IS-IS
to interconnect. Switch A and Switch B are Level-1 routers, Switch D is a Level-2 router, and Switch C is a
Level-1-2 router.
Redistribute RIP routes into IS-IS on Switch D.
Figure 39 Network diagram
Configuration procedure
1.
2.
Configure IP addresses for interfaces. (Details not shown.)
Configure basic IS-IS:
# Configure Switch A.
<SwitchA> system-view
[SwitchA] isis 1
[SwitchA-isis-1] is-level level-1
[SwitchA-isis-1] network-entity 10.0000.0000.0001.00
[SwitchA-isis-1] quit
[SwitchA] interface vlan-interface 100
[SwitchA-Vlan-interface100] isis enable 1
[SwitchA-Vlan-interface100] quit
# Configure Switch B.
<SwitchB> system-view
[SwitchB] isis 1
[SwitchB-isis-1] is-level level-1
[SwitchB-isis-1] network-entity 10.0000.0000.0002.00
[SwitchB-isis-1] quit
[SwitchB] interface vlan-interface 200
[SwitchB-Vlan-interface200] isis enable 1
[SwitchB-Vlan-interface200] quit
# Configure Switch C.
<SwitchC> system-view
[SwitchC] isis 1
144
[SwitchC-isis-1] network-entity 10.0000.0000.0003.00
[SwitchC-isis-1] quit
[SwitchC] interface vlan-interface 200
[SwitchC-Vlan-interface200] isis enable 1
[SwitchC-Vlan-interface200] quit
[SwitchC] interface vlan-interface 100
[SwitchC-Vlan-interface100] isis enable 1
[SwitchC-Vlan-interface100] quit
[SwitchC] interface vlan-interface 300
[SwitchC-Vlan-interface300] isis enable 1
[SwitchC-Vlan-interface300] quit
# Configure Switch D.
<SwitchD> system-view
[SwitchD] isis 1
[SwitchD-isis-1] is-level level-2
[SwitchD-isis-1] network-entity 20.0000.0000.0004.00
[SwitchD-isis-1] quit
[SwitchD] interface interface vlan-interface 300
[SwitchD-Vlan-interface300] isis enable 1
[SwitchD-Vlan-interface300] quit
# Display IS-IS routing information on each switch.
[SwitchA] display isis route
Route information for IS-IS(1)
------------------------------
Level-1 IPv4 Forwarding Table
-----------------------------
IPv4 Destination IntCost ExtCost ExitInterface NextHop Flags
-------------------------------------------------------------------------------
10.1.1.0/24 10 NULL VLAN100 Direct D/L/-
10.1.2.0/24 20 NULL VLAN100 10.1.1.1 R/-/-
192.168.0.0/24 20 NULL VLAN100 10.1.1.1 R/-/-
0.0.0.0/0 10 NULL VLAN100 10.1.1.1 R/-/-
Flags: D-Direct, R-Added to Rib, L-Advertised in LSPs, U-Up/Down Bit Set
[SwitchC] display isis route
Route information for IS-IS(1)
------------------------------
Level-1 IPv4 Forwarding Table
-----------------------------
IPv4 Destination IntCost ExtCost ExitInterface NextHop Flags
-------------------------------------------------------------------------------
10.1.1.0/24 10 NULL VLAN100 Direct D/L/-
145
3.
10.1.2.0/24 10 NULL VLAN200 Direct D/L/-
192.168.0.0/24 10 NULL VLAN300 Direct D/L/-
Flags: D-Direct, R-Added to Rib, L-Advertised in LSPs, U-Up/Down Bit Set
Level-2 IPv4 Forwarding Table
-----------------------------
IPv4 Destination IntCost ExtCost ExitInterface NextHop Flags
-------------------------------------------------------------------------------
10.1.1.0/24 10 NULL VLAN100 Direct D/L/-
10.1.2.0/24 10 NULL VLAN200 Direct D/L/-
192.168.0.0/24 10 NULL VLAN300 Direct D/L/-
Flags: D-Direct, R-Added to Rib, L-Advertised in LSPs, U-Up/Down Bit Set
[SwitchD] display isis route
Route information for IS-IS(1)
------------------------------
Level-2 IPv4 Forwarding Table
-----------------------------
IPv4 Destination IntCost ExtCost ExitInterface NextHop Flags
-------------------------------------------------------------------------------
192.168.0.0/24 10 NULL VLAN300 Direct D/L/-
10.1.1.0/24 20 NULL VLAN300 192.168.0.1 R/-/-
10.1.2.0/24 20 NULL VLAN300 192.168.0.1 R/-/-
Flags: D-Direct, R-Added to Rib, L-Advertised in LSPs, U-Up/Down Bit Set
Run RIPv2 between Switch D and Switch E, and configure IS-IS to redistribute RIP routes on Switch
D:
# Configure RIPv2 on Switch D.
[SwitchD] rip 1
[SwitchD-rip-1] network 10.0.0.0
[SwitchD-rip-1] version 2
[SwitchD-rip-1] undo summary
# Configure RIPv2 on Switch E.
[SwitchE] rip 1
[SwitchE-rip-1] network 10.0.0.0
[SwitchE-rip-1] version 2
[SwitchE-rip-1] undo summary
# Configure IS-IS to redistribute RIP routes on Switch D.
[SwitchD-rip-1] quit
[SwitchD] isis 1
[SwitchD–isis-1] import-route rip level-2
# Display IS-IS routing information on Switch C.
146
[SwitchC] display isis route
Route information for IS-IS(1)
------------------------------
Level-1 IPv4 Forwarding Table
-----------------------------
IPv4 Destination IntCost ExtCost ExitInterface NextHop Flags
-------------------------------------------------------------------------------
10.1.1.0/24 10 NULL VLAN100 Direct D/L/-
10.1.2.0/24 10 NULL VLAN200 Direct D/L/-
192.168.0.0/24 10 NULL VLAN300 Direct D/L/-
Flags: D-Direct, R-Added to Rib, L-Advertised in LSPs, U-Up/Down Bit Set
Level-2 IPv4 Forwarding Table
-----------------------------
IPv4 Destination IntCost ExtCost ExitInterface NextHop Flags
-------------------------------------------------------------------------------
10.1.1.0/24 10 NULL VLAN100 Direct D/L/-
10.1.2.0/24 10 NULL VLAN200 Direct D/L/-
192.168.0.0/24 10 NULL VLAN300 Direct D/L/-
10.1.4.0/24 10 NULL VLAN300 192.168.0.2 R/L/-
10.1.5.0/24 20 NULL VLAN300 192.168.0.2 R/L/-
10.1.6.0/24 20 NULL VLAN300 192.168.0.2 R/L/-
Flags: D-Direct, R-Added to Rib, L-Advertised in LSPs, U-Up/Down Bit Set
IS-IS authentication configuration example
Network requirements
, Switch A, Switch B, Switch C, and Switch D reside in the same IS-IS routing domain. Run IS-IS among them.
Switch A, Switch B, and Switch C belong to Area 10, and Switch D belongs to Area 20.
Configure neighbor relationship authentication between neighbors. Configure area authentication in
Area 10 to prevent untrusted routes from entering into the area. Configure routing domain authentication on Switch C and Switch D to prevent untrusted routes from entering the routing domain.
147
Figure 40 Network diagram
Configuration procedure
1.
2.
Configure IP addresses for interfaces. (Details not shown.)
Configure basic IS-IS:
# Configure Switch A.
<SwitchA> system-view
[SwitchA] isis 1
[SwitchA-isis-1] network-entity 10.0000.0000.0001.00
[SwitchA-isis-1] quit
[SwitchA] interface vlan-interface 100
[SwitchA-Vlan-interface100] isis enable 1
[SwitchA-Vlan-interface100] quit
# Configure Switch B.
<SwitchB> system-view
[SwitchB] isis 1
[SwitchB-isis-1] network-entity 10.0000.0000.0002.00
[SwitchB-isis-1] quit
[SwitchB] interface vlan-interface 200
[SwitchB-Vlan-interface200] isis enable 1
[RouterB--Vlan-interface200] quit
# Configure Switch C.
<SwitchC> system-view
[SwitchC] isis 1
[SwitchC-isis-1] network-entity 10.0000.0000.0003.00
[SwitchC-isis-1] quit
[SwitchC] interface vlan-interface 200
[SwitchC-Vlan-interface200] isis enable 1
[SwitchC-Vlan-interface200] quit
[SwitchC] interface vlan-interface 300
[SwitchC-Vlan-interface300] isis enable 1
[SwitchC-Vlan-interface300] quit
[SwitchC] interface vlan-interface 300
[SwitchC-Vlan-interface300] isis enable 1
148
3.
4.
5.
[SwitchC-Vlan-interface300] quit
# Configure Switch D.
<SwitchD> system-view
[SwitchD] isis 1
[SwitchD-isis-1] network-entity 20.0000.0000.0001.00
[SwitchD-isis-1] quit
[SwitchD] interface vlan-interface 300
[SwitchD-Vlan-interface300] isis enable 1
[SwitchD-Vlan-interface300] quit
Configure neighbor relationship authentication between neighbors:
# Configure the authentication mode as MD5 and set the plaintext password to eRq on
VLAN-interface 100 of Switch A and on VLAN-interface 100 of Switch C.
[SwitchA] interface vlan-interface 100
[SwitchA-Vlan-interface100] isis authentication-mode md5 plain eRg
[SwitchA-Vlan-interface100] quit
[SwitchC] interface vlan-interface 100
[SwitchC-Vlan-interface100] isis authentication-mode md5 plain eRg
[SwitchC-Vlan-interface100] quit
# Configure the authentication mode as MD5 and set the plaintext password to t5Hr on
VLAN-interface 200 of Switch B and on VLAN-interface 200 of Switch C.
[SwitchB] interface vlan-interface 200
[SwitchB-Vlan-interface200] isis authentication-mode md5 plain t5Hr
[SwitchB-Vlan-interface200] quit
[SwitchC] interface vlan-interface 200
[SwitchC-Vlan-interface200] isis authentication-mode md5 plain t5Hr
[SwitchC-Vlan-interface200] quit
# Configure the authentication mode as MD5 and set the plaintext password to hSec on
VLAN-interface 300 of Switch D and on VLAN-interface 300 of Switch C.
[SwitchC] interface vlan-interface 300
[SwitchC-Vlan-interface300] isis authentication-mode md5 plain hSec
[SwitchC-Vlan-interface300] quit
[SwitchD] interface vlan-interface 300
[SwitchD-Vlan-interface300] isis authentication-mode md5 plain hSec
[SwitchD-Vlan-interface300] quit
Configure the area authentication mode as MD5 and set the plaintext password to 10Sec on
Switch A, Switch B, and Switch C.
[SwitchA] isis 1
[SwitchA-isis-1] area-authentication-mode md5 plain 10Sec
[SwitchA-isis-1] quit
[SwitchB] isis 1
[SwitchB-isis-1] area-authentication-mode md5 plain 10Sec
[SwitchB-isis-1] quit
[SwitchC] isis 1
[SwitchC-isis-1] area-authentication-mode md5 plain 10Sec
[SwitchC-isis-1] quit
Configure routing domain authentication mode as MD5 and set the plaintext password to
1020Sec on Switch C and Switch D.
149
[SwitchC] isis 1
[SwitchC-isis-1] domain-authentication-mode md5 plain 1020Sec
[SwitchC-isis-1] quit
[SwitchD] isis 1
[SwitchD-isis-1] domain-authentication-mode md5 plain 1020Sec
IS-IS Graceful Restart configuration example
Network requirements
As shown in
Figure 41 , Switch A, Switch B, and Switch C belong to the same IS-IS routing domain.
Figure 41 Network diagram
Configuration procedure
1.
2.
3.
Configure IP addresses and subnet masks for interfaces. (Details not shown.)
Configure IS-IS on the switches to make sure Switch A, Switch B, and Switch C can communicate with each other at layer 3 and dynamic route update can be implemented among them with IS-IS.
(Details not shown.)
Configure IS-IS GR:
# Enable IS-IS GR on Switch A.
<SwitchA> system-view
[SwitchA] isis 1
[SwitchA-isis-1] graceful-restart
[SwitchA-isis-1] return
Verifying the configuration
After Switch A establishes adjacencies with Switch B and Switch C, they begin to exchange routing information. Restart IS-IS on Switch A, which enters the restart state and sends connection requests to its neighbors through the Graceful Restart mechanism to synchronize the LSDB. To display the IS-IS GR status on Switch A, use the display isis graceful-restart status command.
# Restart the IS-IS process on Switch A.
<SwitchA> reset isis all 1 graceful-restart
Reset IS-IS process? [Y/N]:y
# Check the Graceful Restart status of IS-IS on Switch A.
<SwitchA> display isis graceful-restart status
Restart information for IS-IS(1)
--------------------------------
150
Restart status: COMPLETE
Restart phase: Finish
Restart t1: 3, count 10; Restart t2: 60; Restart t3: 300
SA Bit: supported
Level-1 restart information
---------------------------
Total number of interfaces: 1
Number of waiting LSPs: 0
Level-2 restart information
---------------------------
Total number of interfaces: 1
Number of waiting LSPs: 0
BFD for IS-IS configuration example
Network requirements
•
As shown in Figure 42 , run IS-IS on Switch A, Switch B and Switch C so that can reach each other
at the network layer.
•
After the link over which Switch A and Switch B communicate through the Layer-2 switch fails, BFD can quickly detect the failure and notify IS-IS of the failure. Switch A and Switch B then communicate through Switch C.
Figure 42 Network diagram
Switch A
Switch C
Vlan-int10
Vlan-int11
10.1.0.102/24
11.1.1.2/24
Device
Switch B
Configuration procedure
1.
2.
Configure IP addresses for interfaces. (Details not shown.)
Configure basic IS-IS:
# Configure Switch A.
<SwitchA> system-view
Interface IP address
Vlan-int10 10.1.0.100/24
Vlan-int13 13.1.1.1/24
151
3.
[SwitchA] isis
[SwitchA-isis-1] network-entity 10.0000.0000.0001.00
[SwitchA-isis-1] quit
[SwitchA] interface vlan-interface 10
[SwitchA-Vlan-interface10] isis enable
[SwitchA-Vlan-interface10] quit
[SwitchA] interface vlan-interface 11
[SwitchA-Vlan-interface11] isis enable
[SwitchA-Vlan-interface11] quit
# Configure Switch B.
<SwitchB> system-view
[SwitchB] isis
[SwitchB-isis-1] network-entity 10.0000.0000.0002.00
[SwitchB-isis-1] quit
[SwitchB] interface vlan-interface 10
[SwitchB-Vlan-interface10] isis enable
[SwitchB-Vlan-interface10] quit
[SwitchB] interface vlan-interface 13
[SwitchB-Vlan-interface13] isis enable
[SwitchB-Vlan-interface13] quit
# Configure Switch C.
<SwitchC> system-view
[SwitchC] isis
[SwitchC-isis-1] network-entity 10.0000.0000.0003.00
[SwitchC-isis-1] quit
[SwitchC] interface vlan-interface 11
[SwitchC-Vlan-interface11] isis enable
[SwitchC-Vlan-interface11] quit
[SwitchC] interface vlan-interface 13
[SwitchC-Vlan-interface13] isis enable
[SwitchC-Vlan-interface13] quit
Configure BFD functions:
# Enable BFD and configure BFD parameters on Switch A.
[SwitchA] bfd session init-mode passive
[SwitchA] interface vlan-interface 10
[SwitchA-Vlan-interface10] isis bfd enable
[SwitchA-Vlan-interface10] bfd min-receive-interval 500
[SwitchA-Vlan-interface10] bfd min-transmit-interval 500
[SwitchA-Vlan-interface10] bfd detect-multiplier 7
# Enable BFD and configure BFD parameters on Switch B.
[SwitchB] bfd session init-mode active
[SwitchB] interface vlan-interface 10
[SwitchB-Vlan-interface10] isis bfd enable
[SwitchB-Vlan-interface10] bfd min-receive-interval 500
[SwitchB-Vlan-interface10] bfd min-transmit-interval 500
[SwitchB-Vlan-interface10] bfd detect-multiplier 8
[SwitchB-Vlan-interface10] return
152
Verifying the configuration
# Display the BFD session information on Switch A.
<SwitchA> display bfd session
Total Session Num: 1 Up Session Num: 1 Init Mode: Active
IPv4 Session Working Under Ctrl Mode:
LD/RD SourceAddr DestAddr State Holdtime Interface
3/1 192.168.0.102 192.168.0.100 Up 1700ms Vlan10
# Display routes destined for 120.1.1.0/24 on Switch A.
<SwitchA> display ip routing-table 120.1.1.0 verbose
Summary Count : 1
Destination: 120.1.1.0/24
Protocol: ISIS Process ID: 1
SubProtID: 0x1 Age: 04h20m37s
Cost: 10 Preference: 10
Tag: 0 State: Active Adv
OrigTblID: 0x0 OrigVrf: default-vrf
TableID: 0x2 OrigAs: 0
NBRID: 0x26000002 LastAs: 0
AttrID: 0xffffffff Neighbor: 0.0.0.0
Flags: 0x1008c OrigNextHop: 192.168.0.100
Label: NULL RealNextHop: 192.168.0.100
BkLabel: NULL BkNextHop: N/A
Tunnel ID: Invalid Interface: Vlan-interface10
BkTunnel ID: Invalid BkInterface: N/A
The output shows that Switch A and Switch B communicate through VLAN-interface 10. Then the link over
VLAN-interface 10 fails.
# Display routes destined for 120.1.1.0/24 on Switch A.
<SwitchA> display ip routing-table 120.1.1.0 verbose
Summary Count : 1
Destination: 120.1.1.0/24
Protocol: ISIS Process ID: 1
SubProtID: 0x1 Age: 04h20m37s
Cost: 20 Preference: 10
Tag: 0 State: Active Adv
OrigTblID: 0x0 OrigVrf: default-vrf
TableID: 0x2 OrigAs: 0
NBRID: 0x26000002 LastAs: 0
AttrID: 0xffffffff Neighbor: 0.0.0.0
Flags: 0x1008c OrigNextHop: 10.1.1.100
Label: NULL RealNextHop: 10.1.1.100
153
BkLabel: NULL BkNextHop: N/A
Tunnel ID: Invalid Interface: Vlan-interface11
BkTunnel ID: Invalid BkInterface: N/A
The output shows that Switch A and Switch B communicate through VLAN-interface 11.
IS-IS FRR configuration example
Network requirements
As shown in
, Switch S, Switch A, and Switch D belong to the same IS-IS routing domain.
Configure IS-IS FRR so that when the Link A fails, traffic can be switched to Link B immediately.
Figure 43 Network diagram nt1
00
Vla n-i
12
.12
.12
.2/
24
Switch A
Link B
Vla
24.2
n-in
4.2
t10
4.2
1
/24
Vla n-i nt1
00
12
.12
.12
.1/
24
Link A
24.2
Vla
4.2
n-in
4.4
t10
/24
1
Loop 0
1.1.1.1/32
Switch S
Vlan-int200
13.13.13.1/24
Vlan-int200
13.13.13.2/24
Switch D
Loop 0
4.4.4.4/32
Configuration procedure
1.
2.
3.
Configure IP addresses and subnet masks for interfaces on the switches. (Details not shown.)
Configure IS-IS on the switches to make sure Switch A, Switch D, and Switch S can communicate with each other at Layer 3. (Details not shown.)
Configure IS-IS FRR:
Enable IS-IS FRR to automatically calculate a backup next hop, or designate a backup next hop by using a referenced routing policy.
{
(Method 1.) Enable IS-IS FRR to automatically calculate a backup next hop:
# Configure Switch S.
<SwitchS> system-view
{
[SwitchS] bfd echo-source-ip 1.1.1.1
[SwitchS] isis 1
[SwitchS-isis-1] fast-reroute auto
[SwitchS-isis-1] quit
# Configure Switch D.
<SwitchD> system-view
[SwitchD] bfd echo-source-ip 4.4.4.4
[SwitchD] isis 1
[SwitchD-isis-1] fast-reroute auto
[SwitchD-isis-1] quit
(Method 2.) Enable IS-IS FRR to designate a backup next hop by using a referenced routing policy:
# Configure Switch S.
<SwitchS> system-view
[SwitchS] bfd echo-source-ip 1.1.1.1
154
[SwitchS] ip prefix-list abc index 10 permit 4.4.4.4 32
[SwitchS] route-policy frr permit node 10
[SwitchS-route-policy-frr-10] if-match ip address prefix-list abc
[SwitchS-route-policy-frr-10] apply fast-reroute backup-interface vlan-interface
100 backup-nexthop 12.12.12.2
[SwitchS-route-policy-frr-10] quit
[SwitchS] isis 1
[SwitchS-isis-1] fast-reroute route-policy frr
[SwitchS-isis-1] quit
# Configure Switch D.
<SwitchD> system-view
[SwitchD] bfd echo-source-ip 4.4.4.4
[SwitchD] ip prefix-list abc index 10 permit 1.1.1.1 32
[SwitchD] route-policy frr permit node 10
[SwitchD-route-policy-frr-10] if-match ip address prefix-list abc
[SwitchD-route-policy-frr-10] apply fast-reroute backup-interface vlan-interface
101 backup-nexthop 24.24.24.2
[SwitchD-route-policy-frr-10] quit
[SwitchD] isis 1
[SwitchD-isis-1] fast-reroute route-policy frr
[SwitchD-isis-1] quit
Verifying the configuration
# Display route 4.4.4.4/32 on Switch S to view the backup next hop information.
[SwitchS] display ip routing-table 4.4.4.4 verbose
Summary Count : 1
Destination: 4.4.4.4/32
Protocol: ISIS Process ID: 1
SubProtID: 0x1 Age: 04h20m37s
Cost: 10 Preference: 10
Tag: 0 State: Active Adv
OrigTblID: 0x0 OrigVrf: default-vrf
TableID: 0x2 OrigAs: 0
NBRID: 0x26000002 LastAs: 0
AttrID: 0xffffffff Neighbor: 0.0.0.0
Flags: 0x1008c OrigNextHop: 13.13.13.2
Label: NULL RealNextHop: 13.13.13.2
BkLabel: NULL BkNextHop: 12.12.12.2
Tunnel ID: Invalid Interface: Vlan-interface200
BkTunnel ID: Invalid BkInterface: Vlan-interface100
# Display route 1.1.1.1/32 on Switch D to view the backup next hop information.
[SwitchD] display ip routing-table 1.1.1.1 verbose
Summary Count : 1
Destination: 1.1.1.1/32
155
Protocol: ISIS Process ID: 1
SubProtID: 0x1 Age: 04h20m37s
Cost: 10 Preference: 10
Tag: 0 State: Active Adv
OrigTblID: 0x0 OrigVrf: default-vrf
TableID: 0x2 OrigAs: 0
NBRID: 0x26000002 LastAs: 0
AttrID: 0xffffffff Neighbor: 0.0.0.0
Flags: 0x1008c OrigNextHop: 13.13.13.1
Label: NULL RealNextHop: 13.13.13.1
BkLabel: NULL BkNextHop: 24.24.24.2
Tunnel ID: Invalid Interface: Vlan-interface200
BkTunnel ID: Invalid BkInterface: Vlan-interface101
156
Configuring BGP
Overview
Border Gateway Protocol (BGP) is an exterior gateway protocol (EGP). It is called internal BGP (IBGP) when it runs within an AS and called external BGP (EBGP) when it runs between ASs.
The current version in use is BGP-4 (RFC 4271).
BGP has the following characteristics:
•
Focuses on route control and selection rather than route discovery and calculation.
•
Uses TCP to enhance reliability.
• Measures the distance of a route by using a list of ASs that the route must travel through to reach the destination. BGP is also called a path-vector protocol.
•
Supports CIDR.
•
Reduces bandwidth consumption by advertising only incremental updates. BGP is very suitable to advertise large numbers of routes on the Internet.
•
Eliminates routing loops by adding AS path information to BGP route updates.
•
Uses policies to implement flexible route filtering and selection.
•
Has good scalability.
BGP speaker and BGP peer
A router running BGP is a BGP speaker. A BGP speaker establishes peer relationships with other BGP speakers to exchange routing information over TCP connections.
BGP peers fall into the following types:
•
IBGP peers—Reside in the same AS as the local router.
•
EBGP peers—Reside in different ASs from the local router.
BGP message types
BGP uses the following message types:
•
Open—After establishing a TCP connection, BGP sends an Open message to establish a session with the peer.
• Update—BGP sends update messages to exchange routing information between peers. Each update message can advertise a group of feasible routes with identical attributes and multiple withdrawn routes.
• Keepalive—BGP sends Keepalive messages between peers to maintain connectivity.
•
Route-refresh—BGP sends a Route-refresh message to request the routing information of a specified address family from a peer.
• Notification—BGP sends a Notification message upon detecting an error and immediately closes the connection.
157
BGP path attributes
BGP uses the following path attributes in update messages for route filtering and selection:
• ORIGIN
The ORIGIN attribute specifies the origin of BGP routes. This attribute has the following types:
{
IGP—Has the highest priority. Routes generated in the local AS have the IGP attribute.
{
EGP—Has the second highest priority. Routes obtained through EGP have the EGP attribute.
{
INCOMPLETE—Has the lowest priority. The source of routes with this attribute is unknown.
Routes redistributed from other routing protocols have the INCOMPLETE attribute.
•
AS_PATH
The AS_PATH attribute identifies the ASs through which a route has passed. Before advertising a route to another AS, BGP adds the local AS number into the AS_PATH attribute, so the receiver can determine ASs to route the message back.
The AS_PATH attribute has the following types:
{
{
AS_SEQUENCE—Arranges AS numbers in sequence. As shown in
, the number of the
AS closest to the receiver's AS is leftmost.
AS_SET—Arranges AS numbers randomly.
Figure 44 AS_PATH attribute
BGP uses the AS_PATH attribute to implement the following functions:
{
Avoid routing loops—A BGP router does not receive routes containing the local AS number to avoid routing loops.
{
Affect route selection—BGP gives priority to the route with the shortest AS_PATH length if other
factors are the same. As shown in Figure 44
, the BGP router in AS 50 gives priority to the route passing AS40 for sending data to the destination 8.0.0.0. In some applications, you can apply a routing policy to control BGP route selection by modifying the AS_PATH length. For more information about routing policy, see "Configuring routing policies."
158
{
Filter routes—By using an AS path list, you can filter routes based on AS numbers contained in the AS_PATH attribute. For more information about AS path list, see "Configuring routing policies."
• NEXT_HOP
The NEXT_HOP attribute may not be the IP address of a directly-connected router. Its value is determined as follows:
{
{
{
When a BGP speaker advertises a self-originated route to a BGP peer, it sets the address of the sending interface as the NEXT_HOP.
When a BGP speaker sends a received route to an EBGP peer, it sets the address of the sending interface as the NEXT_HOP.
When a BGP speaker sends a route received from an EBGP peer to an IBGP peer, it does not modify the NEXT_HOP attribute. If load balancing is configured, BGP modifies the NEXT_HOP attribute for the equal-cost routes. For load balancing information, see "
Figure 45 NEXT_HOP attribute
• MED (Multi-Exit Discriminator)
BGP advertises the MED attribute between two neighboring ASs, each of which does not advertise the attribute to any other AS.
Similar to metrics used by IGPs, MED is used to determine the best route for traffic going into an AS.
When a BGP router obtains multiple routes to the same destination, but with different next hops from different EBGP peers, it considers the route with the smallest MED value the best route given that other conditions are the same. As shown in
, traffic from AS 10 to AS 20 travels through Router B that is selected according to MED.
159
Figure 46 MED attribute
2.1.1.1
MED = 0
Router B
D = 9.0.0.0
Next_hop = 2.1.1.1
MED = 0
EBGP
Router A
IBGP
IBGP
9.0.0.0
Router D
D = 9.0.0.0
Next_hop = 3.1.1.1
MED = 100
EBGP IBGP
AS 10
3.1.1.1
Router C
MED = 100
AS 20
Generally BGP only compares MEDs of routes received from the same AS. You can also use the compare-different-as-med command to force BGP to compare MED values of routes received from different ASs.
• LOCAL_PREF
The LOCAL_PREF attribute is exchanged between IBGP peers only, and is not advertised to any other AS. It indicates the priority of a BGP router.
BGP uses LOCAL_PREF to determine the best route for traffic leaving the local AS. When a BGP router obtains from several IBGP peers multiple routes to the same destination but with different next hops, it considers the route with the highest LOCAL_PREF value as the best route. As shown
, traffic from AS 20 to AS 10 travels through Router C that is selected according to
LOCAL_PREF.
160
Figure 47 LOCAL_PREF attribute
•
COMMUNITY
The COMMUNITY attribute identifies the community of BGP routes. A BGP community is a group of routes with the same characteristics. It has no geographical boundaries. Routes of different ASs can belong to the same community.
A route can carry one or more COMMUNITY attribute values (each of which is represented by a
4-byte integer). A router uses the COMMUNITY attribute to determine whether to advertise the route and the advertising scope without using complex filters such as ACLs. This mechanism simplifies routing policy configuration, management, and maintenance.
Well-known COMMUNITY attributes involve the following:
{
{
{
{
INTERNET—By default, all routes belong to the Internet community. Routes with this attribute can be advertised to all BGP peers.
NO_EXPORT—Routes with this attribute cannot be advertised out of the local AS or out of the local confederation, but can be advertised to other sub-ASs in the confederation. For
confederation information, see " Settlements for problems in large-scale BGP networks ."
{
{
No_ADVERTISE—Routes with this attribute cannot be advertised to other BGP peers.
No_EXPORT_SUBCONFED—Routes with this attribute cannot be advertised out of the local AS or other sub-ASs in the local confederation.
You can configure BGP community lists to filter BGP routes based on the BGP COMMUNITY attribute.
•
Extended community attribute
To satisfy new demands, BGP defines the extended community attribute. The extended community attribute has the following advantages over the COMMUNITY attribute:
Provides more attribute values by extending the attribute length to eight bytes.
Allows for using different types of extended community attributes in different scenarios to enhance route filtering and control and simplify configuration and management.
161
BGP route selection
BGP discards routes with unreachable NEXT_HOPs. If multiple routes to the same destination are available, BGP selects the best route in the following sequence:
1.
2.
The route with the highest Preferred_value
The route with the highest LOCAL_PREF
3.
4.
5.
6.
7.
8.
The route generated by the network command, the route redistributed by the importe-route command, or the summary route in turn.
The route with the shortest AS_PATH
The IGP, EGP, or INCOMPLETE route in turn
The route with the lowest MED value
The route learned from EBGP, confederation EBGP, confederation IBGP, or IBGP in turn
The route with the smallest next hop metric
9.
10.
11.
12.
The route with the shortest CLUSTER_LIST
The route with the smallest ORIGINATOR_ID
The route advertised by the router with the smallest router ID
The route advertised by the peer with the lowest IP address
CLUSTER_IDs of route reflectors form a CLUSTER_LIST. If a route reflector receives a route that contains its own CLUSTER ID in the CLUSTER_LIST, the router discards the route to avoid routing loops.
If load balancing is configured, the system selects available routes to implement load balancing.
BGP route advertisement rules
BGP follow these rules for route advertisement:
• When multiple feasible routes to a destination exist, BGP advertises only the best route to its peers.
If the advertise-rib-active command is configured, BGP advertises the best route in the IP routing table; if not, BGP advertise the best route in the BGP routing table.
• BGP advertises only routes that it uses.
•
BGP advertises routes learned from an EBGP peer to all BGP peers, including both EBGP and IBGP peers.
•
BGP advertises routes learned from an IBGP peer to EBGP peers, rather than other IBGP peers.
• After establishing a session with a new BGP peer, BGP advertises all the routes matching the above rules to the peer. After that, BGP advertises only incremental updates to the peer.
BGP load balancing
BGP implements load balancing through route recursion and route selection.
•
BGP load balancing through route recursion.
The next hop of a BGP route may not be directly connected. One of the reasons is next hops in routing information exchanged between IBGP peers are not modified. The BGP router must find the directly-connected next hop through IGP. The matching route with the direct next hop is called the
"recursive route." The process of finding a recursive route is route recursion.
The system supports BGP load balancing based on route recursion. If multiple recursive routes to the same destination are load balanced (suppose three direct next hop addresses), BGP generates
162
the same number of next hops to forward packets. BGP load balancing based on route recursion is always enabled by the system rather than configured by using commands.
•
BGP load balancing through route selection.
BGP differs from IGP in the implementation of load balancing in the following ways:
{
IGP routing protocols, such as RIP and OSPF, compute metrics of routes, and then implement load balancing over routes with the same metric and to the same destination. The route selection criterion is metric.
{
BGP has no route computation algorithm, so it cannot implement load balancing according to metrics of routes. However, BGP has abundant route selection rules, through which, it selects available routes for load balancing and adds load balancing to route selection rules.
BGP implements load balancing only on routes that have the same AS_PATH, ORIGIN,
LOCAL_PREF and MED, rather than using the route selection rules as described in "
Figure 48 Network diagram
, Router A and Router B are IBGP peers of Router C. Router D and Router E both advertise a route 9.0.0.0 to Router C. If load balancing with a maximum number of two routes is configured on
Router C, and the two routes have the same AS_PATH, ORIGIN, LOCAL_PREF, and MED, Router C installs both the two routes to its routing table for load balancing. After that, Router C forwards to Router
A and Router B a single route that has NEXT_HOP changed to Router C and other attributes changed to those of the best route.
NOTE:
BGP load balancing is applicable between EBGP peers, between IBGP peers, and between confederations.
Settlements for problems in large-scale BGP networks
You can use the following methods to facilitate management and improve route distribution efficiency on a large-scale BGP network.
• Route summarization
Route summarization can reduce the BGP routing table size by advertising summary routes rather than more specific routes.
163
The system supports both manual and automatic route summarization. Manual route summarization allows you to determine the attribute of a summary route and whether to advertise more specific routes.
• Route dampening
Route frapping (a route comes up and disappears in the routing table frequently) causes BGP to send many routing updates. It can consume too many resources and affect other operations.
In most cases, BGP runs in complex networks where route changes are more frequent. To solve the problem caused by route flapping, you can use BGP route dampening to suppress unstable routes.
BGP route dampening uses a penalty value to judge the stability of a route. The bigger the value, the less stable the route. Each time a route state change (from reachable to unreachable) occurs, or a reachable route's attribute changes, BGP adds a penalty value (1000, which is a fixed number and cannot be changed) to the route. When the penalty value of the route exceeds the suppress value, the route is suppressed and cannot become the optimal route. When the penalty value reaches the upper limit, no penalty value is added.
If the suppressed route does not flap, its penalty value gradually decreases to half of the suppress value after a period of time. This period is called "Half-life." When the value decreases to the reusable threshold value, the route is usable again.
Figure 49 BGP route dampening
Penalty value
Suppress threshold
Reusable threshold
Suppress time
Time
Half-life
•
Peer group
You can organize BGP peers with the same attributes into a group to simplify their configurations.
When a peer joins the peer group, the peer obtains the same configuration as the peer group. If the configuration of the peer group is changed, the configuration of group members is changed.
•
Community
You can apply a community list or an extended community list to a routing policy for route control.
For more information, see " BGP path attributes
."
•
Route reflector
IBGP peers must be fully meshed to maintain connectivity. If n routers exist in an AS, the number of
IBGP connections is n(n-1)/2. If a large number of IBGP peers exist, large amounts of network and
CPU resources are consumed to maintain sessions.
164
Using route reflectors can solve this issue. In an AS, a router acts as a route reflector, and other routers act as clients connecting to the route reflector. The route reflector forwards routing information received from a client to other clients. In this way, all clients can receive routing information from one another without establishing BGP sessions.
, must establish BGP sessions to the route reflector and other non-clients.
Figure 50 Network diagram for a route reflector
The route reflector and clients form a cluster. Typically a cluster has one route reflector. The ID of the route reflector is the Cluster_ID. You can configure more than one route reflector in a cluster to improve availability, as shown in
. The configured route reflectors must have the same
Cluster_ID to avoid routing loops.
Figure 51 Network diagram for route reflectors
When the BGP routers in an AS are fully meshed, route reflection is unnecessary because it consumes more bandwidth resources. You can use commands to disable route reflection instead of modifying network configuration or changing network topology.
After route reflection is disabled between clients, routes can still be reflected between a client and a non-client.
•
Confederation
165
Confederation is another method to manage growing IBGP connections in an AS. It splits an AS into multiple sub-ASs. In each sub-AS, IBGP peers are fully meshed. As shown in
, intra-confederation EBGP connections are established between sub-ASs in AS 200.
Figure 52 Confederation network diagram
A non-confederation BGP speaker does not need to know sub-ASs in the confederation. It considers the confederation as one AS, and the confederation ID as the AS number. In the above figure, AS 200 is the confederation ID.
Confederation has a deficiency. When you change an AS into a confederation, you must reconfigure the routers, and the topology will be changed.
In large-scale BGP networks, you can use both route reflector and confederation.
MP-BGP
BGP-4 carries only IPv4 unicast routing information. IETF extended BGP-4 by introducing Multiprotocol
Extensions for BGP-4 (MP-BGP). MP-BGP can carry routing information for multiple address families, including IPv4 multicast, IPv6 unicast, and IPv6 multicast.
MP-BGP is backward compatible with BGP.
MP-BGP extended attributes
Prefixes and next hops are key routing information. BGP-4 uses update messages to carry feasible route prefixes in the Network Layer Reachability Information (NLRI) field, unfeasible route prefixes in the withdrawn routes field, and next hops in the NEXT_HOP attribute. These attributes cannot carry routing information for multiple network layer protocols.
To support multiple network layer protocols, MP-BGP defines the following path attributes:
•
MP_REACH_NLRI—Carries feasible route prefixes and next hops for multiple network layer protocols.
•
MP_UNREACH_NLRI—Carries unfeasible route prefixes for multiple network layer protocols.
MP-BGP uses these two attributes to advertise feasible and unfeasible routes for different network layer protocols. BGP speakers not supporting MP-BGP ignore updates containing these attributes and do not forward them to its peers.
166
The current MP-BGP implementation supports multiple protocol extensions, including VPN, IPv6, and multicast. For more information about VPN, see MCE Configuration Guide.
Address family
MP-BGP uses address families and subsequent address families to identify different network layer protocols for routes contained in the MP_REACH_NLRI and MP_UNREACH_NLRI attributes. For example, an Address Family Identifier (AFI) of 2 and a Subsequent Address Family Identifier (SAFI) of 1 identify
IPv6 unicast routing information carried in the MP_REACH_NLRI attribute. For address family values, see
RFC 1700.
BGP configuration views
BGP uses different views to manage routing information for different address families and different VPN instances. Most BGP commands are available in all BGP views. BGP supports multiple VPN instances by establishing a separate routing table for each VPN.
describes different BGP views.
Table 7 BGP views
View names
BGP view
Ways to enter the views
<Sysname> system-view
[Sysname] bgp 100
[Sysname-bgp]
Remarks
Configurations in this view are effective for routes of all address families on the public network and in all VPN instances (such as confederation, GR, and logging configurations), or only for routes of all address families on the public network.
BGP IPv4 unicast instance view
BGP IPv6 unicast instance view
BGP-VPN view
BGP-VPN IPv4 unicast instance view
<Sysname> system-view
[Sysname] bgp 100
[Sysname-bgp] ipv4-family unicast
[Sysname-bgp-ipv4]
Configurations in this view are effective for IPv4 unicast routes on the public network.
<Sysname> system-view
[Sysname] bgp 100
[Sysname-bgp] ipv6-family unicast
[Sysname-bgp-ipv6]
<Sysname> system-view
[Sysname] bgp 100
[Sysname-bgp] ip vpn-instance vpn1
[Sysname-bgp-vpn1]
<Sysname> system-view
[Sysname] bgp 100
[Sysname-bgp] ip vpn-instance vpn1
[Sysname-bgp-vpn1] ipv4-family unicast
[Sysname-bgp-ipv4-vpn1]
Configurations in this view are effective for IPv6 unicast routes on the public network.
Configurations in this view are effective for routes of all address families in the specified VPN instance.
Configurations in this view are effective for IPv4 unicast routes in the specified VPN instance.
167
View names
BGP-VPN IPv6 unicast instance view
Ways to enter the views Remarks
<Sysname> system-view
[Sysname] bgp 100
[Sysname-bgp] ip vpn-instance vpn1
[Sysname-bgp-vpn1] ipv6-family unicast
[Sysname-bgp-ipv6-vpn1]
Configurations in this view are effective for IPv6 unicast routes in the specified VPN instance.
Protocols and standards
• RFC 1700, ASSIGNED NUMBERS
•
RFC 1771, A Border Gateway Protocol 4 (BGP-4)
•
RFC 2858, Multiprotocol Extensions for BGP-4
• RFC 3392, Capabilities Advertisement with BGP-4
• RFC 2918, Route Refresh Capability for BGP-4
•
RFC 2439, BGP Route Flap Damping
•
RFC 1997, BGP Communities Attribute
• RFC 2796, BGP Route Reflection
• RFC 3065, Autonomous System Confederations for BGP
•
RFC 4271, A Border Gateway Protocol 4 (BGP-4)
•
RFC 4724, Graceful Restart Mechanism for BGP
• RFC 4360, BGP Extended Communities Attribute
•
RFC 4760, Multiprotocol Extensions for BGP-4
BGP configuration task list
In a basic BGP network, you only need to perform the following configurations:
•
Enable BGP.
•
Configure BGP peers or peer groups. If you configure a BGP setting at both the peer group and the peer level, the most recent configuration takes effect on the peer.
• Control BGP route generation.
To control BGP route distribution and path selection, you must perform additional configuration tasks.
To configure BGP, perform the following tasks (IPv4):
Tasks at a glance
:
•
(Required.)
•
(Required.) Perform one of the following tasks:
{
{
•
(Optional.) Specifying the source interface for TCP connections
Remarks
HP recommends configuring BGP peer groups on large scale
BGP networks for easy configuration and maintenance.
168
Tasks at a glance
:
•
Perform at least one of the following tasks:
{
{
(Optional.) Controlling route distribution and reception :
•
Configuring BGP route summarization
•
Advertising optimal routes in the IP routing table
•
Advertising a default route to a peer or peer group
•
Limiting routes received from a peer or peer group
•
Configuring BGP route filtering policies
•
Configuring BGP route dampening
(Optional.) Controlling BGP path selection :
•
Specifying a preferred value for routes received
•
Configuring preferences for BGP routes
•
Configuring the default local preference
•
•
Configuring the NEXT_HOP attribute
•
Configuring the AS_PATH attribute
(Optional.) Tuning and optimizing BGP networks
:
•
Configuring the keepalive interval and hold time
•
Configuring the interval for sending updates for the same route
•
Enabling BGP to establish an EBGP session over multiple hops
•
Enabling immediate reestablishment of direct EBGP connections upon link failure
•
Enabling 4-byte AS number suppression
•
Configuring MD5 authentication for BGP
•
Configuring BGP load balancing
•
Disabling BGP to establish a session to a peer or peer group
•
•
Protecting an EBGP peer when memory usage reaches level 2 threshold
Remarks
N/A
N/A
N/A
N/A
(Optional.) Configuring a large-scale BGP network
:
•
•
Configuring a BGP route reflector
•
Configuring a BGP confederation
N/A
(Optional.) Configuring BGP GR N/A
(Optional.)
N/A
(Optional.) Enabling logging of session state changes
N/A
(Optional.) Configuring BFD for BGP N/A
To configure BGP, perform the following tasks (IPv6):
169
Tasks at a glance
:
•
(Required.)
•
(Required.) Perform one of the following tasks:
{
{
•
(Optional.) Specifying the source interface for TCP connections
:
•
Perform at least one of the following tasks:
{
{
(Optional.) Controlling route distribution and reception :
•
Configuring BGP route summarization
•
Advertising optimal routes in the IP routing table
•
Advertising a default route to a peer or peer group
•
Limiting routes received from a peer or peer group
•
Configuring BGP route filtering policies
•
Configuring BGP route dampening
(Optional.) Controlling BGP path selection :
•
Specifying a preferred value for routes received
•
Configuring preferences for BGP routes
•
Configuring the default local preference
•
•
Configuring the NEXT_HOP attribute
•
Configuring the AS_PATH attribute
Remarks
HP recommends configuring BGP peer groups on large scale
BGP networks for easy configuration and maintenance.
N/A
N/A
N/A
(Optional.) Tuning and optimizing BGP networks
:
•
Configuring the keepalive interval and hold time
•
Configuring the interval for sending updates for the same route
•
Enabling BGP to establish an EBGP session over multiple hops
•
Enabling immediate reestablishment of direct EBGP connections upon link failure
•
Enabling 4-byte AS number suppression
•
Configuring MD5 authentication for BGP
•
Configuring BGP load balancing
•
Disabling BGP to establish a session to a peer or peer group
•
•
Protecting an EBGP peer when memory usage reaches level 2 threshold
N/A
(Optional.) Configuring a large-scale BGP network
:
•
•
Configuring a BGP route reflector
•
Configuring a BGP confederation
N/A
(Optional.) Configuring BGP GR N/A
N/A
(Optional.) Enabling logging of session state changes
N/A
(Optional.) Configuring BFD for BGP N/A
170
Configuring basic BGP
This section describes the basic settings required for a BGP network to run.
Enabling BGP
A router ID is the unique identifier of a BGP router in an AS.
•
To ensure the uniqueness of a router ID and enhance availability, specify in BGP view the IP address of a local loopback interface as the router ID.
•
If no router ID is specified in BGP view, the global router ID is used.
•
To modify a router ID, use the router-id command in BGP view, rather than the router id command in system view.
• If you specify a router ID in BGP view and then remove the interface that owns the router ID, the router does not select a new router ID. To select a new router ID, use the undo router-id command in BGP view.
To enable BGP:
1. Enter system view.
3. Enable BGP and enter BGP view or BGP-VPN view. system-view
2. Configure a global router ID. router id router-id
•
Enable BGP and enter BGP view: bgp as-number
•
Enable BGP and enter
BGP-VPN view: a. bgp as-number b. ip vpn-instance
vpn-instance-name
N/A
By default, no global router ID is configured, and BGP uses the highest loopback interface IP address—if any—as the router ID. If no loopback interface IP address is available, BGP uses the highest physical interface IP address as the route ID regardless of the interface status.
By default, BGP is not enabled.
A router can reside in only one AS, so the router can run only one BGP process.
To enter BGP-VPN view, the specified VPN instance must already exist and have the route distinguisher
(RD) configured. For more information about VPN, see MCE
Configuration Guide.
By default, the global router ID is used.
4. Specify a router ID.
Configuring a BGP peer
Configuring an IPv4 BGP peer router-id router-id
171
1. Enter system view.
2. Enter BGP view or BGP-VPN view.
3. Create an IPv4 BGP peer and specify its AS number.
4. (Optional.) Configure a description for a peer.
5. Create and enter BGP IPv4 unicast instance view or
BGP-VPN IPv4 unicast instance view.
6. Enable the router to exchange
IPv4 unicast routing information with the specified peer.
Configuring an IPv6 BGP peer system-view
•
Enter BGP view: bgp as-number
•
Enter BGP-VPN view: a. bgp as-number b. ip vpn-instance
vpn-instance-name peer ip-address as-number
as-number peer ip-address description
description-text ipv4-family [ unicast ] peer ip-address enable
N/A
N/A
By default, no IPv4 BGP peer is created.
By default, no description is configured for a peer.
By default, the BGP IPv4 unicast instance view and BGP-VPN IPv4 unicast instance view are not created.
By default, the router cannot exchange IPv4 unicast routing information with the peer.
1. Enter system view.
2. Enter BGP view or BGP-VPN view.
3. Create an IPv6 BGP peer and specify its AS number.
4. (Optional.) Configure a description for a peer.
5. Create and enter BGP IPv6 unicast instance view or
BGP-VPN IPv6 unicast instance view.
6. Enable the router to exchange
IPv6 unicast routing information with the specified peer. system-view
•
Enter BGP view: bgp as-number
•
Enter BGP-VPN view: a. bgp as-number b. ip vpn-instance
vpn-instance-name peer ipv6-address as-number
as-number peer ipv6-address description
description-text ipv6-family [ unicast ] peer ipv6-address enable
N/A
N/A
By default, no IPv6 BGP peer is created.
By default, no description is configured for a peer.
By default, the BGP IPv6 unicast instance view and BGP-VPN IPv6 unicast instance view are not created.
By default, the router cannot exchange IPv6 unicast routing information with the peer.
172
Configuring a BGP peer group
The peers in a peer group use the same route selection policy.
In a large-scale network, many peers can use the same route selection policy. You can configure a peer group and add these peers into this group. When you change the policy for the group, the modification also applies to the peers in the group.
A peer group is an IBGP peer group if peers in it belong to the local AS, and is an EBGP peer group if peers in it belong to different ASs.
Configuring an IBGP peer group
After you create an IBGP peer group and then add a peer into it, the system creates the peer in BGP view and specifies the local AS number for the peer.
To configure an IBGP peer group (IPv4):
1. Enter system view.
2. Enter BGP view or BGP-VPN view. system-view
•
Enter BGP view: bgp as-number
•
Enter BGP-VPN view: a. bgp as-number b. ip vpn-instance
vpn-instance-name
N/A
N/A
3.
4.
Create an IBGP peer group.
Add a peer into the IBGP peer group.
5. (Optional.) Configure a description for a peer group. group group-name [ internal ] peer ip-address group group-name
[ as-number as-number ] peer group-name description
description-text
6. Create and enter BGP IPv4 unicast instance view or
BGP-VPN IPv4 unicast instance view.
7. Enable the router to exchange
IPv4 unicast routing information with peers in the specified peer group. ipv4-family [ unicast ] peer group-name enable
To configure an IBGP peer group (IPv6):
By default, no IBGP peer group is created.
By default, no peer exists in the peer group.
To use the as-number as-number option, you must specify the local
AS number.
By default, no description is configured for the peer group.
By default, the BGP IPv4 unicast instance view and BGP-VPN IPv4 unicast instance view are not created.
By default, the router cannot exchange IPv4 unicast routing information with the peers.
1. Enter system view. system-view N/A
173
2. Enter BGP view or BGP-VPN view.
•
Enter BGP view: bgp as-number
•
Enter BGP-VPN view: a. bgp as-number b. ip vpn-instance
vpn-instance-name
N/A
3. Create an IBGP peer group. group group-name [ internal ]
By default, no IBGP peer group is created.
4. Add a peer into the IBGP peer group.
5. (Optional.) Configure a description for a peer group.
6. Create and enter BGP IPv6 unicast instance view or
BGP-VPN IPv6 unicast instance view.
7. Enable the router to exchange
IPv6 unicast routing information with peers in the specified peer group. peer ipv6-address group
group-name [ as-number
as-number ] peer group-name description
description-text ipv6-family [ unicast ] peer group-name enable
By default, no peer exists in the peer group.
To use the as-number as-number option, you must specify the local
AS number.
By default, no description is configured for the peer group.
By default, the BGP IPv6 unicast instance view and BGP-VPN IPv6 unicast instance view are not created.
By default, the router cannot exchange IPv6 unicast routing information with the peers.
Configuring an EBGP peer group
If peers in an EBGP group belong to the same external AS, the EBGP peer group is a pure EBGP peer group. If not, it is a mixed EBGP peer group.
Use one of the following approaches to configure an EBGP peer group:
•
Approach 1—Create an EBGP peer group, specify its AS number, and add peers into it. All the added peers have the same AS number. All peers in the peer group have the same AS number as the peer group. You can specify an AS number for a peer before adding it into the peer group. The
AS number must be the same as that of the peer group.
•
Approach 2—Create an EBGP peer group, specify an AS number for a peer, and add the peer into the peer group. Peers added in the group can have different AS numbers.
• Approach 3—Create an EBGP peer group and add a peer with an AS number into it. Peers added in the group can have different AS numbers.
To configure an EBGP peer group by using Approach 1 (IPv4):
Step Command
1. Enter system view. system-view
Remarks
N/A
174
Step Command
2. Enter BGP view or BGP-VPN view.
•
Enter BGP view: bgp as-number
•
Enter BGP-VPN view: a. bgp as-number b. ip vpn-instance
vpn-instance-name
Remarks
N/A
3.
4.
5.
Create an EBGP peer group. group group-name external
Specify the AS number for the group.
Add a peer into the EBGP peer group.
6. (Optional.) Configure a description for a peer group. peer group-name as-number
as-number peer ip-address group group-name
[ as-number as-number ] peer group-name description
description-text
7. Create and enter BGP IPv4 unicast instance view or
BGP-VPN IPv4 unicast instance view.
8. Enable the router to exchange
IPv4 unicast routing information with peers in the specified peer group. ipv4-family [ unicast ] peer group-name enable
To configure an EBGP peer group by using Approach 1 (IPv6):
By default, no EBGP peer group is created.
By default, no AS number is specified.
If a peer group contains peers, you cannot remove or change its AS number.
By default, no peer exists in the peer group.
The as-number as-number option, if used, must specify the same AS number as the peer group-name as-number as-number command.
By default, no description is configured for the peer group.
By default, the BGP IPv4 unicast instance view and BGP-VPN IPv4 unicast instance view are not created.
By default, the router cannot exchange IPv4 unicast routing information with the peers.
Step Command
1. Enter system view. system-view
2. Enter BGP view or BGP-VPN view.
•
Enter BGP view: bgp as-number
•
Enter BGP-VPN view: a. bgp as-number b. ip vpn-instance
vpn-instance-name
Remarks
N/A
N/A
3. Create an EBGP peer group. group group-name external
4. Specify the AS number for the group. peer group-name as-number
as-number
By default, no EBGP peer group is created.
By default, no AS number is specified.
If a peer group contains peers, you cannot remove or change its AS number.
175
Step Command
5. Add a peer into the EBGP peer group. peer ipv6-address group
group-name [ as-number
as-number ]
6. (Optional.) Configure a description for a peer group. peer group-name description
description-text
7. Create and enter BGP IPv6 unicast instance view or
BGP-VPN IPv6 unicast instance view.
8. Enable the router to exchange
IPv6 unicast routing information with peers in the specified peer group. ipv6-family [ unicast ] peer group-name enable
To configure an EBGP peer group by using Approach 2 (IPv4):
Remarks
By default, no peer exists in the peer group.
The as-number as-number option, if used, must specify the same AS number as the peer group-name as-number as-number command.
By default, no description is configured for the peer group.
By default, the BGP IPv6 unicast instance view and BGP-VPN IPv6 unicast instance view are not created.
By default, the router cannot exchange IPv6 unicast routing information with the peers.
Step Command
1. Enter system view. system-view
2. Enter BGP view or BGP-VPN view.
•
Enter BGP view: bgp as-number
•
Enter BGP-VPN view: a. bgp as-number b. ip vpn-instance
vpn-instance-name
Remarks
N/A
N/A
3.
4.
5.
6.
Create an EBGP peer group. group group-name external
Create an IPv4 BGP peer and specify its AS number.
Add the peer into the EBGP peer group.
(Optional.) Configure a description for a peer group.
7. Create and enter BGP IPv4 unicast instance view or
BGP-VPN IPv4 unicast instance view.
8. Enable the router to exchange
IPv4 unicast routing information with peers in the specified peer group. peer ip-address as-number
as-number peer ip-address group group-name
[ as-number as-number ] peer group-name description
description-text ipv4-family [ unicast ] peer group-name enable
By default, no EBGP peer group is created.
By default, no IPv4 BGP peer is created.
By default, no peer exists in the peer group.
The as-number as-number option, if used, must specify the same AS number as the peer ip-address as-number as-number command.
By default, no description is configured for the peer group.
By default, the BGP IPv4 unicast instance view and BGP-VPN IPv4 unicast instance view are not created.
By default, the router cannot exchange IPv4 unicast routing information with the peers.
176
To configure an EBGP peer group by using Approach 2 (IPv6):
Step Command
1. Enter system view. system-view
2. Enter BGP view or BGP-VPN view.
•
Enter BGP view: bgp as-number
•
Enter BGP-VPN view: a. bgp as-number b. ip vpn-instance
vpn-instance-name
Remarks
N/A
N/A
3. Create an EBGP peer group. group group-name external
4. Create an IPv6 BGP peer and specify its AS number.
5. Add the peer into the EBGP peer group. peer ipv6-address as-number
as-number peer ipv6-address group
group-name [ as-number
as-number ]
6. (Optional.) Configure a description for the peer group. peer group-name description
description-text
7. Create and enter BGP IPv6 unicast instance view or
BGP-VPN IPv6 unicast instance view.
8. Enable the router to exchange
IPv6 unicast routing information with peers in the specified peer group. ipv6-family [ unicast ] peer group-name enable
To configure an EBGP peer group by using Approach 3 (IPv4):
By default, no EBGP peer group is created.
By default, no IPv6 BGP peer is created.
By default, no peer exists in the peer group.
The as-number as-number option, if used, must specify the same AS number as the peer ip-address as-number as-number command.
By default, no description is configured for the peer group.
By default, the BGP IPv6 unicast instance view and BGP-VPN IPv6 unicast instance view are not created.
By default, the router cannot exchange IPv6 unicast routing information with the peers.
Step Command
1. Enter system view. system-view
2. Enter BGP view or BGP-VPN view.
•
Enter BGP view: bgp as-number
•
Enter BGP-VPN view: a. bgp as-number b. ip vpn-instance
vpn-instance-name
Remarks
N/A
N/A
3.
4.
5.
Create an EBGP peer group. group group-name external
Add a peer into the EBGP peer group.
(Optional.) Configure a description for the peer group. peer ip-address group group-name as-number as-number peer group-name description
description-text
By default, no EBGP peer group is created.
By default, no peer exists in the peer group.
By default, no description is configured for the peer group.
177
Step Command
6. Create and enter BGP IPv4 unicast instance view or
BGP-VPN IPv4 unicast instance view. ipv4-family [ unicast ]
7. Enable the router to exchange
IPv4 unicast routing information with peers in the specified peer group. peer group-name enable
To configure an EBGP peer group by using Approach 3 (IPv6):
Step Command
1. Enter system view. system-view
2. Enter BGP view or BGP-VPN view.
•
Enter BGP view: bgp as-number
•
Enter BGP-VPN view: a. bgp as-number b. ip vpn-instance
vpn-instance-name
Remarks
By default, the BGP IPv4 unicast instance view and BGP-VPN IPv4 unicast instance view are not created.
By default, the router cannot exchange IPv4 unicast routing information with the peers.
Remarks
N/A
N/A
3. Create an EBGP peer group. group group-name external
4. Add a peer into the EBGP peer group.
5. (Optional.) Configure a description for the peer group.
6. Create and enter BGP IPv6 unicast instance view or
BGP-VPN IPv6 unicast instance view.
7. Enable the router to exchange
IPv6 unicast routing information with peers in the specified peer group. peer ipv6-address group
group-name as-number as-number peer group-name description
description-text ipv6-family [ unicast ] peer group-name enable
By default, no EBGP peer group is created.
By default, no peer exists in the peer group.
By default, no description is configured for the peer group.
By default, the BGP IPv6 unicast instance view and BGP-VPN IPv6 unicast instance view are not created.
By default, the router cannot exchange IPv6 unicast routing information with the peers.
Specifying the source interface for TCP connections
By default, BGP uses the output interface of the optimal route to a peer or peer group as the source interface for establishing TCP connections to the peer or peer group, and it uses the IP address/IPv6 address of the output interface as the source IP address/IPv6 address of TCP connections. You can change the source interface in the following scenarios:
•
If the peer’s IP address/IPv4 address belongs to an interface indirectly connected to the local router, you must specify that interface as the source interface for TCP connections on the peer. For example, interface A on the local end is directly connected to interface B on the peer. If you use the peer x.x.x.x as-number as-number command in which x.x.x.x is not the IP address of interface B on the local end, you must use the peer connect-interface command on the peer to specify the interface whose IP address is x.x.x.x as the source interface for establishing a TCP connection.
178
• On a BGP router that has multiple links to a peer, if the source interface fails, BGP has to reestablish
TCP connections. To avoid this problem, use a loopback interface as the source interface.
•
To establish multiple BGP sessions between two routers, specify the source interface for establishing
TCP connections to each peer on the local router. Otherwise, the local BGP router may fail to establish a TCP connection to a peer when using the outbound interface of the best route to the peer as the source interface.
To specify the source interface for TCP connections (IPv4):
1. Enter system view.
2. Enter BGP view or BGP-VPN view. system-view
•
Enter BGP view: bgp as-number
•
Enter BGP-VPN view: a. bgp as-number b. ip vpn-instance
vpn-instance-name
N/A
N/A
3. Specify the source interface for establishing TCP connections to a peer or peer group. peer { group-name | ip-address } connect-interface interface-type
interface-number
By default, BGP uses the outbound interface of the best route to the
BGP peer or peer group as the source interface for establishing a
TCP connection to the peer or peer group.
To specify the source interface for TCP connections (IPv6):
1. Enter system view.
2. Enter BGP view or BGP-VPN view. system-view
•
Enter BGP view: bgp as-number
•
Enter BGP-VPN view: a. bgp as-number b. ip vpn-instance
vpn-instance-name
N/A
N/A
3. Specify the source interface for establishing TCP connections to a peer or peer group. peer { group-name |
ipv6-address } connect-interface
interface-type interface-number
Generating BGP routes
BGP can generate routes in the following ways:
•
Advertise local networks.
•
Redistribute IGP routes.
By default, BGP uses the outbound interface of the best route to the
BGP peer or peer group as the source interface for establishing a
TCP connection to the peer or peer group.
179
Injecting a local network
Perform this task to inject a network in the local routing table to the BGP routing table, so BGP can advertise the network to BGP peers. The ORIGIN attribute of BGP routes advertised in this way is IGP.
You can also use a routing policy to control route advertisement.
The specified network must be available and active in the local IP routing table.
To inject a local network (IPv4):
Remarks
N/A
Step Command
1. Enter system view. system-view
2. Enter BGP view or BGP-VPN view.
•
Enter BGP view: bgp as-number
•
Enter BGP-VPN view: a. bgp as-number b. ip vpn-instance
vpn-instance-name
3. Enter BGP IPv4 unicast instance view or BGP-VPN
IPv4 unicast instance view. ipv4-family [ unicast ]
4. Inject a local network to the
BGP routing table. network ip-address [ mask |
mask-length ] [ route-policy
route-policy-name ]
To inject a local network (IPv6):
Step Command
1. Enter system view. system-view
2. Enter BGP view or BGP-VPN view.
•
Enter BGP view: bgp as-number
•
Enter BGP-VPN view: a. bgp as-number b. ip vpn-instance
vpn-instance-name
3. Enter BGP IPv6 unicast instance view or BGP-VPN
IPv6 unicast instance view. ipv6-family [ unicast ]
4. Inject a local network to the
IPv6 BGP routing table. network ipv6-address prefix-length
[ route-policy route-policy-name ]
N/A
N/A
By default, BGP does not advertise any local network.
Remarks
N/A
N/A
N/A
By default, BGP does not advertise any local network.
Redistributing IGP routes
Perform this task to configure route redistribution from an IGP to BGP.
By default, BGP does not redistribute default IGP routes. You can use the default-route imported command to redistribute default IGP routes into the BGP routing table.
Only active routes can be redistributed. To view route state information, use the display ip routing-table protocol or display ipv6 routing-table protocol command.
180
The ORIGIN attribute of BGP routes redistributed from IGPs is INCOMPLETE.
To configure BGP to redistribute IGP routes (IPv4):
Step Command
1. Enter system view. system-view
2. Enter BGP view or BGP-VPN view.
•
Enter BGP view: bgp as-number
•
Enter BGP-VPN view: a. bgp as-number b. ip vpn-instance
vpn-instance-name
3. Enter BGP IPv4 unicast instance view or BGP-VPN
IPv4 unicast instance view. ipv4-family [ unicast ]
4. Enable route redistribution from the specified IGP into
BGP.
Remarks
N/A
N/A
N/A import-route protocol [ { process-id
| all-processes } [ med med-value | route-policy route-policy-name ] * ]
By default, BGP does not redistribute IGP routes.
5. (Optional.) Enable default route redistribution into BGP. default-route imported
By default, BGP does not redistribute default routes.
To configure BGP to redistribute IGP routes (IPv6):
Remarks
N/A
Step Command
1. Enter system view. system-view
2. Enter BGP view or BGP-VPN view.
•
Enter BGP view: bgp as-number
•
Enter BGP-VPN view: a. bgp as-number b. ip vpn-instance
vpn-instance-name
3. Enter BGP IPv6 unicast instance view or BGP-VPN
IPv6 unicast instance view. ipv6-family [ unicast ]
4. Enable route redistribution from the specified IGP into
BGP. import-route protocol [ process-id
[ med med-value | route-policy
route-policy-name ] * ]
5. (Optional.) Enable default route redistribution into BGP. default-route imported
N/A
N/A
By default, BGP does not redistribute IGP routes.
By default, BGP does not redistribute default routes.
Controlling route distribution and reception
This section describes how to control route distribution and reception.
181
Configuring BGP route summarization
Route summarization can reduce the number of redistributed routes and the routing table size. IPv4 BGP supports automatic route summarization and manual route summarization. Manual summarization takes precedence over automatic summarization. IPv6 BGP supports only manual route summarization.
The output interface of a BGP summary route is Null 0 on the originating router. Therefore, a summary route must not be an optimal route on the originating router. Otherwise, BGP will fail to forward packets matching the route. If a summarized specific route has the same mask as the summary route, but has a lower priority, the summary route becomes the optimal route. In this case, you must change the priority of the summary or the specific route to make the specific route as the optimal route.
Configuring automatic route summarization
Automatic route summarization enables BGP to summarize IGP subnet routes redistributed by the import-route command so BGP advertises only natural network routes.
To configure automatic route summarization (IPv4):
Step Command
1. Enter system view. system-view
2. Enter BGP view or BGP-VPN view.
•
Enter BGP view: bgp as-number
•
Enter BGP-VPN view: a. bgp as-number b. ip vpn-instance
vpn-instance-name
3. Enter BGP IPv4 unicast instance view or BGP-VPN
IPv4 unicast instance view. ipv4-family [ unicast ]
4. Configure automatic route summarization. summary automatic
Configuring manual route summarization
Remarks
N/A
N/A
N/A
By default, automatic route summarization is not configured.
By configuring manual route summarization, you can summarize both redistributed routes and routes injected using the network command and determine the mask length for a summary route as needed.
To configure BGP manual route summarization (IPv4):
Step Command
1. Enter system view. system-view
2. Enter BGP view or BGP-VPN view.
•
Enter BGP view: bgp as-number
•
Enter BGP-VPN view: a. bgp as-number b. ip vpn-instance
vpn-instance-name
3. Enter BGP IPv4 unicast instance view or BGP-VPN
IPv4 unicast instance view. ipv4-family [ unicast ]
Remarks
N/A
N/A
N/A
182
Step Command
4. Create a summary route in the
BGP routing table. aggregate ip-address { mask |
mask-length } [ as-set | attribute-policy route-policy-name
| detail-suppressed | origin-policy
route-policy-name | suppress-policy
route-policy-name ] *
To configure BGP manual route summarization (IPv6):
Remarks
By default, no summary route is configured.
Step Command
1. Enter system view. system-view
2. Enter BGP view.
3. Enter BGP IPv6 unicast instance view. bgp as-number ipv4-family [ unicast ]
4. Create a summary route in the
IPv6 BGP routing table. aggregate ipv6-address
prefix-length [ as-set | attribute-policy route-policy-name
| detail-suppressed | origin-policy
route-policy-name | suppress-policy
route-policy-name ] *
Remarks
N/A
N/A
N/A
By default, no summary route is configured.
Advertising optimal routes in the IP routing table
By default, BGP advertises optimal routes in the BGP routing table, which may not be optimal in the IP routing table. This task allows you to advertise BGP routes that are optimal in the IP routing table to all
BGP peers.
To enable BGP to advertise optimal routes in the IP routing table:
Step Command
1. Enter system view. system-view
2. Enter BGP view.
3. Enable BGP to advertise optimal routes in the IP routing table. bgp as-number advertise-rib-active
Remarks
N/A
N/A
By default, BGP advertises optimal routes in the BGP routing table.
Advertising a default route to a peer or peer group
Perform this task to advertise a default BGP route with the next hop being the advertising router to a peer or peer group.
To advertise a default route to a peer or peer group (IPv4):
Step Command
1. Enter system view. system-view
Remarks
N/A
183
Step Command
2. Enter BGP view or BGP-VPN view.
•
Enter BGP view: bgp as-number
•
Enter BGP-VPN view: a. bgp as-number b. ip vpn-instance
vpn-instance-name
3. Enter BGP IPv4 unicast instance view or BGP-VPN
IPv4 unicast instance view. ipv4-family [ unicast ]
4. Advertise a default route to a peer or peer group. peer { group-name | ip-address } default-route-advertise
[ route-policy route-policy-name ]
To advertise a default route to a peer or peer group (IPv6):
Step Command
1. Enter system view. system-view
2. Enter BGP view.
3. Enter BGP IPv6 unicast instance view. bgp as-number ipv6-family [ unicast ]
4. Advertise a default route to a peer or peer group. peer { group-name |
ipv6-address } default-route-advertise
[ route-policy route-policy-name ]
Remarks
N/A
N/A
By default, no default route is advertised.
Remarks
N/A
N/A
N/A
By default, no default route is advertised.
Limiting routes received from a peer or peer group
This feature can prevent attacks that send a large number of BGP routes to the router.
If the number of routes received from a peer or peer group exceeds the upper limit, the router takes one of the following actions based on your configuration:
• Tear down the BGP session to the peer or peer group.
• Display an alarm message.
•
Tear down the BGP session to the peer or peer group and, after a specified period of time, reestablishes a BGP session to the peer or peer group.
You can specify a percentage threshold for the router to display an alarm message. When the ratio of the number of received routes to the maximum number reaches the percentage value, the router displays an alarm message.
To limit routes that a router can receive from a peer or peer group (IPv4):
Step Command
1. Enter system view. system-view
Remarks
N/A
184
Step Command
2. Enter BGP view or BGP-VPN view.
•
Enter BGP view: bgp as-number
•
Enter BGP-VPN view: a. bgp as-number b. ip vpn-instance
vpn-instance-name
3. Enter BGP IPv4 unicast instance view or BGP-VPN
IPv4 unicast instance view. ipv4-family [ unicast ]
Remarks
N/A
N/A
4. Specify the maximum number of routes that a router can receive from a peer or peer group. peer { group-name | ip-address } route-limit prefix-number
[ { alert-only | reconnect
reconnect-time } |
percentage-value ] *
By default, the number of routes that a router can receive from a peer or peer group is not limited.
To limit routes that a router can receive from a peer or peer group (IPv6):
Step Command
1. Enter system view.
2. Enter BGP view.
3. Enter BGP IPv6 unicast instance view.
4. Specify the maximum number of routes that a router can receive from a peer or peer group. system-view bgp as-number ipv6-family [ unicast ] peer { group-name |
ipv6-address } route-limit
prefix-number [ { alert-only | reconnect reconnect-time } |
percentage-value ] *
Remarks
N/A
N/A
N/A
By default, the number of routes that a router can receive from a peer or peer group is not limited.
Configuring BGP route filtering policies
Configuration prerequisites
Before you configure BGP routing filtering policies, configure the following filters used for route filtering as needed:
•
ACL (see ACL and QoS Configuration Guide)
• Prefix list (see "Configuring routing policies")
•
Routing policy (see "Configuring routing policies")
•
AS path list (see "Configuring routing policies")
Configuring BGP route distribution filtering policies
To configure BGP route distribution filtering policies, use the following methods:
•
Use an ACL or prefix list to filter routing information advertised to all peers.
•
Use a routing policy, ACL, AS path list, or prefix list to filter routing information advertised to a peer or peer group.
If you configure multiple filtering policies, apply them in the following sequence:
185
1.
2.
3.
4.
5. filter-policy export peer filter-policy export peer as-path-acl export peer prefix-list export peer route-policy export
Only routes passing all the configured policies can be advertised.
To configure BGP route distribution filtering policies (IPv4):
Step Command
1. Enter system view. system-view
2. Enter BGP view or BGP-VPN view.
•
Enter BGP view: bgp as-number
•
Enter BGP-VPN view: a. bgp as-number b. ip vpn-instance
vpn-instance-name
3. Enter BGP IPv4 unicast instance view or BGP-VPN
IPv4 unicast instance view. ipv4-family [ unicast ]
Remarks
N/A
N/A
N/A
186
Step Command
4. Configure BGP route distribution filtering policies.
•
Reference an ACL or IP prefix list to filter routes redistributed to all peers: filter-policy { acl-number | prefix-list prefix-list-name } export [ direct | isis process-id
| ospf process-id | rip
process-id | static ]
•
Reference a routing policy to filter advertisements to a peer or peer group: peer { group-name |
ip-address } route-policy
route-policy-name export
•
Reference an ACL to filter advertisements to a peer or peer group: peer { group-name |
ip-address } filter-policy
acl-number export
•
Reference an AS path list to filter routing information sent to a peer or peer group: peer { group-name |
ip-address } as-path-acl
as-path-acl-number export
•
Reference an IPv4 prefix list to filter routing information sent to a peer or peer group: peer { group-name |
ip-address } prefix-list
prefix-list-name export
To configure BGP route distribution filtering policies (IPv6):
Remarks
Use at least one approach.
By default, no BGP distribution filtering policy is configured.
Step Command
1. Enter system view. system-view
2. Enter BGP view or BGP-VPN view.
•
Enter BGP view: bgp as-number
•
Enter BGP-VPN view: a. bgp as-number b. ip vpn-instance
vpn-instance-name
3. Enter BGP IPv6 unicast instance view or BGP-VPN
IPv6 unicast instance view.
Ipv6-family [ unicast ]
Remarks
N/A
N/A
N/A
187
Step Command
4. Configure BGP route distribution filtering policies.
•
Reference an ACL or IPv6 prefix list to filter routes redistributed to all peers: filter-policy { acl6-number | prefix-list ipv6-prefix-name } export [ direct | isisv6
process-id | ospfv3 process-id
| ripng process-id | static ]
•
Reference a routing policy to filter advertisements to a peer or peer group: peer { group-name |
ipv6-address } route-policy
route-policy-name export
•
Reference an ACL to filter advertisements to a peer or peer group: peer { group-name |
ipv6-address } filter-policy
acl6-number export
•
Reference an AS path list to filter routing information sent to a peer or peer group: peer { group-name |
ipv6-address } as-path-acl
as-path-acl-number export
•
Reference an IPv6 prefix list to filter routing information sent to peer { group-name |
ipv6-address } prefix-list
ipv6-prefix-name export
Configuring BGP route reception filtering policies
Remarks
Use at least one approach.
Not configured by default.
You can use the following methods to configure BGP route reception filtering policies:
•
Use an ACL or prefix list to filter routing information received from all peers.
•
Use a routing policy, ACL, AS path list, or prefix list to filter routing information received from a peer or peer group.
If you configure multiple filtering policies, apply them in the following sequence:
1. filter-policy import
2. peer filter-policy import
3.
4.
5. peer as-path-acl import peer prefix-list import peer route-policy import
Only routes passing all the configured policies can be received.
To configure BGP route reception filtering policies (IPv4):
188
Step Command Remarks
1. Enter system view.
2. Enter BGP view or BGP-VPN view. system-view
•
Enter BGP view: bgp as-number
•
Enter BGP-VPN view: a. bgp as-number b. ip vpn-instance
vpn-instance-name
N/A
N/A
3. Enter BGP IPv4 unicast instance view or BGP-VPN
IPv4 unicast instance view. ipv4-family [ unicast ] N/A
4. Configure BGP route reception filtering policies.
•
Reference an ACL or IP prefix list to filter routes from all peers: filter-policy { acl-number | prefix-list
prefix-list-name } import
•
Reference a routing policy to filter routing information from a peer or peer group: peer { group-name | ip-address } route-policy route-policy-name import
•
Reference an ACL to filter routing information from a peer or peer group: peer { group-name | ip-address } filter-policy acl-number import
•
Reference an AS path list to filter routing information from a peer or peer group: peer { group-name | ip-address } as-path-acl as-path-acl-number import
•
Reference an IPv4 prefix list to filter routing information from a peer or peer group: peer { group-name | ip-address } prefix-list prefix-list-name import
Use at least one approach.
By default, no route reception filtering is configured.
To configure BGP route reception filtering policies (IPv6):
Step Command Remarks
1. Enter system view.
2. Enter BGP view or BGP-VPN view. system-view
•
Enter BGP view: bgp as-number
•
Enter BGP-VPN view: a. bgp as-number b. ip vpn-instance
vpn-instance-name
N/A
N/A
189
Step Command Remarks
3. Enter BGP IPv6 unicast instance view or BGP-VPN
IPv6 unicast instance view. ipv6-family [ unicast ] N/A
4. Configure BGP route reception filtering policies.
•
Reference ACL or IPv6 prefix list to filter routes from all peers: filter-policy { acl6-number | prefix-list ipv6-prefix-name } import
•
Reference a routing policy to filter routing information from a peer or peer group: peer { group-name | ipv6-address } route-policy route-policy-name import
•
Reference an ACL to filter routing information from a peer or peer group: peer { group-name | ipv6-address } filter-policy acl6-number import
•
Reference an AS path list to filter routing information from a peer or peer group: peer { group-name | ipv6-address } as-path-acl as-path-acl-number import
•
Reference an IPv6 prefix list to filter routing information from a peer or peer group: peer { group-name | ipv6-address } prefix-list ipv6-prefix-name import
Use at least one approach.
By default, no route reception filtering is configured.
Configuring BGP route dampening
Route dampening enables BGP to not select unstable routes as optimal routes.
To configure BGP route dampening (IPv4):
Step Command
1. Enter system view. system-view
2.
Enter BGP view or BGP-VPN view.
•
Enter BGP view: bgp as-number
•
Enter BGP-VPN view: a. bgp as-number b. ip vpn-instance
vpn-instance-name
3. Enter BGP IPv4 unicast instance view or BGP-VPN
IPv4 unicast instance view.
Remarks
N/A
N/A ipv4-family [ unicast ] N/A
190
Step Command
4. Configure BGP route dampening. dampening [ half-life-reachable
half-life-unreachable reuse suppress
ceiling | route-policy
route-policy-name ] *
To configure BGP route dampening (IPv6):
Remarks
By default, BGP route dampening is not configured.
Step Command
1. Enter system view. system-view
2. Enter BGP view or BGP-VPN view.
•
Enter BGP view: bgp as-number
•
Enter BGP-VPN view: a. bgp as-number b. ip vpn-instance
vpn-instance-name
3. Enter BGP IPv6 unicast instance view or BGP-VPN
IPv6 unicast instance view.
Remarks
N/A
N/A ipv6-family [ unicast ] N/A
4. Configure IPv6 BGP route dampening. dampening [ half-life-reachable
half-life-unreachable reuse suppress
ceiling | route-policy
route-policy-name ] *
By default, IPv6 BGP route dampening is not configured.
Controlling BGP path selection
By configuring BGP path attributes, you can control BGP path selection.
Specifying a preferred value for routes received
Perform this task to set a preferred value for specific routes to control BGP path selection.
Among multiple routes that have the same destination/mask and are learned from different peers, the one with the greatest preferred value is selected as the optimal route.
To specify a preferred value for routes from a peer or peer group (IPv4):
Step Command
1. Enter system view. system-view
2. Enter BGP view or BGP-VPN view.
•
Enter BGP view: bgp as-number
•
Enter BGP-VPN view: a. bgp as-number b. ip vpn-instance
vpn-instance-name
3. Enter BGP IPv4 unicast instance view or BGP-VPN
IPv4 unicast instance view. ipv4-family [ unicast ]
Remarks
N/A
N/A
N/A
191
Step Command
4. Specify a preferred value for routes received from a peer or peer group. peer { group-name | ip-address } preferred-value value
Remarks
The default preferred value is 0.
To specify a preferred value for routes from a peer or peer group (IPv6):
Remarks
N/A
Step Command
1. Enter system view. system-view
2. Enter BGP view or BGP-VPN view.
•
Enter BGP view: bgp as-number
•
Enter BGP-VPN view: a. bgp as-number b. ip vpn-instance
vpn-instance-name
3. Enter BGP IPv6 unicast instance view or BGP-VPN
IPv6 unicast instance view. ipv6-family [ unicast ]
4. Specify a preferred value for routes received from a peer or peer group. peer { group-name |
ipv6-address } preferred-value
value
N/A
N/A
The default preferred value is 0.
Configuring preferences for BGP routes
Routing protocols each have a default preference. If they find multiple routes destined for the same network, the route found by the routing protocol with the highest preference is selected as the optimal route.
You can use the preference command to modify preferences for EBGP, IBGP, and local BGP routes, or reference a routing policy to set a preference for matching routes (for routes not matching the routing policy, the default preference applies).
If a device has an EBGP route and a local BGP route to reach the same destination, it does not select the
EBGP route because the EBGP route has a lower preference than the local BGP route by default. You can use the network short-cut command to configure the EBGP route as a shortcut route that has the same preference as the local BGP route so that the EBGP route will more likely become the optimal route.
To configure preferences for BGP routes (IPv4):
Step Command
1. Enter system view. system-view
2. Enter BGP view or BGP-VPN view.
•
Enter BGP view: bgp as-number
•
Enter BGP-VPN view: a. bgp as-number b. ip vpn-instance
vpn-instance-name
Remarks
N/A
N/A
192
Step Command
3. Enter BGP IPv4 unicast instance view or BGP-VPN
IPv4 unicast instance view. ipv4-family [ unicast ]
4. Configure preferences for
EBGP, IBGP, and local BGP routes. preference { external-preference
internal-preference
local-preference | route-policy
route-policy-name }
5. Configure an EBGP route as a shortcut route. network ip-address [ mask |
mask-length ] short-cut
To configure preferences for BGP routes (IPv6):
Step Command
1. Enter system view. system-view
2. Enter BGP view or BGP-VPN view.
•
Enter BGP view: bgp as-number
•
Enter BGP-VPN view: a. bgp as-number b. ip vpn-instance
vpn-instance-name
3. Enter BGP IPv6 unicast instance view or BGP-VPN
IPv6 unicast instance view. ipv6-family [ unicast ]
4. Configure preferences for
EBGP, IBGP, and local BGP routes.
5. Configure an EBGP route as a shortcut route. preference { external-preference
internal-preference
local-preference | route-policy
route-policy-name } network ipv6-address prefix-length short-cut
Remarks
N/A
The default preferences for EBGP,
IBGP, and local BGP routes are
255, 255, and 130.
By default, an EBGP route has a preference of 255.
Remarks
N/A
N/A
N/A
The default preferences for EBGP,
IBGP, and local BGP routes are
255, 255, and 130.
By default, an EBGP route has a preference of 255.
Configuring the default local preference
The local preference is used to determine the best route for traffic leaving the local AS. When a BGP router obtains from several IBGP peers multiple routes to the same destination, but with different next hops, it considers the route with the highest local preference as the best route.
This task allows you to specify the default local preference for routes sent to IBGP peers.
To specify the default local preference (IPv4):
1. Enter system view. system-view N/A
193
2. Enter BGP view or BGP-VPN view.
•
Enter BGP view: bgp as-number
•
Enter BGP-VPN view: a. bgp as-number b. ip vpn-instance
vpn-instance-name
N/A
3. Enter BGP IPv4 unicast instance view or BGP-VPN
IPv4 unicast instance view.
4. Configure the default local preference. ipv4-family [ unicast ] N/A default local-preference value
To specify the default local preference (IPv6):
The default local preference is
100.
1. Enter system view.
2. Enter BGP view or BGP-VPN view. system-view
•
Enter BGP view: bgp as-number
•
Enter BGP-VPN view: a. bgp as-number b. ip vpn-instance
vpn-instance-name
N/A
N/A
3. Enter BGP IPv6 unicast instance view or BGP-VPN
IPv6 unicast instance view.
4. Configure the default local preference. ipv6-family [ unicast ] N/A default local-preference value
The default local preference is
100.
Configuring the MED attribute
BGP uses MED to determine the best route for traffic going into an AS. When a BGP router obtains from
EBGP peers multiple routes to the same destination but with different next hops, it considers the route with the smallest MED value as the best route if other conditions are the same.
Configuring the default MED value
To configure the default MED value (IPv4):
1. Enter system view.
2. Enter BGP view or BGP-VPN view. system-view
•
Enter BGP view: bgp as-number
•
Enter BGP-VPN view: a. bgp as-number b. ip vpn-instance
vpn-instance-name
194
N/A
N/A
3. Enter BGP IPv4 unicast instance view or BGP-VPN
IPv4 unicast instance view.
4. Configure the default MED value. ipv4-family [ unicast ] default med med-value
To configure the default MED value (IPv6):
N/A
The default MED value is 0.
1. Enter system view.
2. Enter BGP view or BGP-VPN view. system-view
•
Enter BGP view: bgp as-number
•
Enter BGP-VPN view: a. bgp as-number b. ip vpn-instance
vpn-instance-name
3. Enter BGP IPv6 unicast instance view or BGP-VPN
IPv6 unicast instance view.
4. Configure the default MED value. ipv6-family [ unicast ] default med med-value
Enabling MED comparison for routes from different ASs
N/A
N/A
N/A
The default MED value is 0.
This task enables BGP to compare the MEDs of routes from different ASs.
To enable MED comparison for routes from different ASs (IPv4):
1. Enter system view.
2. Enter BGP view or BGP-VPN view. system-view
•
Enter BGP view: bgp as-number
•
Enter BGP-VPN view: a. bgp as-number b. ip vpn-instance
vpn-instance-name
N/A
N/A
3. Enter BGP IPv4 unicast instance view or BGP-VPN
IPv4 unicast instance view.
4. Enable MED comparison for routes from different ASs. ipv4-family [ unicast ] N/A compare-different-as-med
To enable MED comparison for routes from different ASs (IPv6):
By default, this feature is disabled.
1. Enter system view.
2. Enter BGP view. system-view bgp as-number
195
N/A
N/A
3. Enter BGP IPv6 unicast instance view.
4. Enable MED comparison for routes from different ASs. ipv6-family [ unicast ] N/A compare-different-as-med
Enabling MED comparison for routes on a per-AS basis
By default, this feature is disabled.
This task enables BGP to compare the MEDs of routes from an AS.
Figure 53 Route selection based on MED (in an IPv4 network)
AS 400
Router E
10.0.0.0
AS 200
Router ID : 3.3.3.3
Router A
Eth1/1
3.3.3.3/24
Router ID : 1.1.1.1
Router C
Eth1/1
1.1.1.1
Router ID : 2.2.2.2
AS 300
Router B
Eth1/1
2.2.2.2/24
AS 100
Router D
, Router D learns network 10.0.0.0 from both Router A and Router B. Because
Router B has a smaller router ID, the route learned from Router B is optimal.
Network NextHop MED LocPrf PrefVal Path/Ogn
*>i 10.0.0.0 2.2.2.2 50 0 300e
* i 3.3.3.3 50 0 200e
When Router D learns network 10.0.0.0 from Router C, it compares the route with the optimal route in its routing table. Because Router C and Router B reside in different ASs, BGP does not compare the MEDs of the two routes. Router C has a smaller router ID than Router B so the route from Router C becomes optimal.
Network NextHop MED LocPrf PrefVal Path/Ogn
*>i 10.0.0.0 1.1.1.1 60 0 200e
* i 10.0.0.0 2.2.2.2 50 0 300e
* i 3.3.3.3 50 0 200e
However, Router C and Router A reside in the same AS, and Router C has a greater MED, so network
10.0.0.0 learned from Router C should not be optimal.
You can configure the bestroute compare-med command to enable MED comparison for routes from the same AS on Router D. After that, Router D puts the routes received from each AS into a group, selects the route with the lowest MED from each group, and compares routes from different groups. This mechanism avoids the above-mentioned problem. The following output shows the BGP routing table on Router D after this feature is enabled. Network 10.0.0.0 learned from Router B is the optimal route.
196
Network NextHop MED LocPrf PrefVal Path/Ogn
*>i 10.0.0.0 2.2.2.2 50 0 300e
* i 3.3.3.3 50 0 200e
* i 1.1.1.1 60 0 200e
To enable MED comparison for routes on a per-AS basis (IPv4):
Step Command
1. Enter system view. system-view
2. Enter BGP view or BGP-VPN view.
•
Enter BGP view: bgp as-number
•
Enter BGP-VPN view: a. bgp as-number b. ip vpn-instance
vpn-instance-name
3. Enter BGP IPv4 unicast instance view or BGP-VPN
IPv4 unicast instance view.
4. Enable MED comparison for routes on a per-AS basis. ipv4-family [ unicast ] bestroute compare-med
To enable MED comparison for routes on a per-AS basis (IPv6):
Remarks
N/A
N/A
N/A
By default, this feature is disabled.
Step Command
1. Enter system view. system-view
2. Enter BGP view.
3. Enter BGP IPv6 unicast instance view.
4. Enable MED comparison for routes on a per-AS basis. bgp as-number ipv6-family [ unicast ] bestroute compare-med
Enabling MED comparison for routes from confederation peers
Remarks
N/A
N/A
N/A
By default, this feature is disabled.
This task enables BGP to compare the MEDs of routes received from confederation peers. However, if a route received from a confederation peer has an AS number that does not belong to the confederation,
BGP does not compare the route with other routes. For example, a confederation has three AS numbers
65006, 65007, and 65009. BGP receives three routes from different confederation peers. The AS_PATH attributes of these routes are 65006 65009, 65007 65009, and 65008 65009, and the MED values of them are 2, 3, and 1. Because the third route's AS_PATH attribute contains AS number 65008 that does not belong to the confederation, BGP does not compare it with other routes. As a result, the first route becomes the optimal route.
To enable MED comparison for routes from confederation peers (IPv4):
1. Enter system view. system-view
N/A
197
2. Enter BGP view or BGP-VPN view.
•
Enter BGP view: bgp as-number
•
Enter BGP-VPN instance view: a. bgp as-number b. ip vpn-instance
vpn-instance-name
N/A
3. Enter BGP IPv4 unicast instance view or BGP-VPN
IPv4 unicast instance view.
4. Enable MED comparison for routes from confederation peers. ipv4-family [ unicast ] N/A bestroute med-confederation By default, this feature is disabled.
To enable MED comparison for routes from confederation peers (IPv6):
1. Enter system view.
2. Enter BGP view.
3. Enter BGP IPv6 unicast instance view.
4. Enable MED comparison for routes from confederation peers. system-view bgp as-number
N/A
N/A ipv6-family [ unicast ] N/A bestroute med-confederation By default, this feature is disabled.
Configuring the NEXT_HOP attribute
By default, a BGP router does not set itself as the next hop for routes advertised to an IBGP peer or peer group. In some cases, however, you must configure the advertising router as the next hop to make sure the BGP peer can find the correct next hop.
For example, as shown in Figure 54
, Router A and Router B establish an EBGP neighbor relationship, and
Router B and Router C establish an IBGP neighbor relationship. If Router C has no route destined for IP address 1.1.1.1/24, you must configure Router B to set itself 3.1.1.1/24 as the next hop for the network
2.1.1.1/24 advertised to Router C.
Figure 54 NEXT_HOP attribute configuration
If a BGP router has two peers on a broadcast network, it does not set itself as the next hop for routes sent
to an EBGP peer by default. As shown in Figure 55
, Router A and Router B establish an EBGP neighbor relationship, and Router B and Router C establish an IBGP neighbor relationship. They are on the same broadcast network 1.1.1.0/24. When Router B sends EBGP routes to Router A, it does not set itself as the
198
next hop by default. However, you can configure Router B to set it (1.1.1.2/24) as the next hop for routes sent to Router A by using the peer next-hop-local command as needed.
Figure 55 NEXT_HOP attribute configuration
IMPORTANT:
If you have configured BGP load balancing, the router sets itself as the next hop for routes sent to an IBGP peer or peer group regardless of whether the peer next-hop-local command is configured.
To configure the NEXT_HOP attribute (IPv4):
Step Command
1. Enter system view. system-view
2. Enter BGP view or BGP-VPN view.
•
Enter BGP view: bgp as-number
•
Enter BGP-VPN view: a. bgp as-number b. ip vpn-instance
vpn-instance-name
3. Enter BGP IPv4 unicast instance view or BGP-VPN
IPv4 unicast instance view. ipv4-family [ unicast ]
Remarks
N/A
N/A
N/A
4. Specify the router as the next hop for routes sent to a peer or peer group. peer { group-name | ip-address } next-hop-local
By default, the router sets itself as the next hop for routes sent to an
EBGP peer or peer group, but does not set itself as the next hop for routes sent to an IBGP peer or peer group.
To configure the NEXT_HOP attribute (IPv6):
Step Command
1. Enter system view. system-view
2. Enter BGP view. bgp as-number
3. Enter BGP IPv6 unicast instance view. ipv6-family [ unicast ]
Remarks
N/A
N/A
N/A
199
Step Command
4. Specify the router as the next hop for routes sent to a peer or peer group. peer { group-name |
ipv6-address } next-hop-local
Remarks
By default, the router sets itself as the next hop for routes sent to an
EBGP peer or peer group, but does not set itself as the next hop for routes sent to an IBGP peer or peer group.
Configuring the AS_PATH attribute
Permitting local AS number to appear in routes from a peer or peer group
In general, BGP checks whether the AS_PATH attribute of a route from a peer contains the local AS number. If yes, it discards the route to avoid routing loops.
In certain network environments (for example, a Hub&Spoke network in MPLS L3VPN), however, the
AS_PATH attribute of a route from a peer must be allowed to contain the local AS number. Otherwise, the route cannot be advertised correctly.
To permit the local AS number to appear in routes from a peer or peer group and specify the appearance times (IPv4):
Step Command
1.
Enter system view. system-view
2. Enter BGP view or BGP-VPN view.
•
Enter BGP view: bgp as-number
•
Enter BGP-VPN view: a. bgp as-number b. ip vpn-instance
vpn-instance-name
3. Enter BGP IPv4 unicast instance view or BGP-VPN
IPv4 unicast instance view.
4. Permit the local AS number to appear in routes from a peer or peer group and specify the appearance times. ipv4-family [ unicast ] peer { group-name | ip-address } allow-as-loop [ number ]
Remarks
N/A
N/A
N/A
By default, the local AS number is not allowed in routes from a peer or peer group.
To permit the local AS number to appear in routes from a peer or peer group and specify the appearance times (IPv6):
Step Command
1. Enter system view. system-view
2. Enter BGP view or BGP-VPN view.
•
Enter BGP view: bgp as-number
•
Enter BGP-VPN view: a. bgp as-number b. ip vpn-instance
vpn-instance-name
Remarks
N/A
N/A
200
Step Command
3. Enter BGP IPv6 unicast instance view or BGP-VPN
IPv6 unicast instance view. ipv6-family [ unicast ]
4. Permit the local AS number to appear in routes from a peer or peer group and specify the appearance times. peer { group-name |
ipv6-address } allow-as-loop
[ number ]
Disabling BGP from considering AS_PATH during best route selection
Remarks
N/A
By default, the local AS number is not allowed in routes from a peer or peer group.
To disable BGP from considering AS_PATH during best route selection (IPv4):
1. Enter system view.
2. Enter BGP view or BGP-VPN view. system-view
•
Enter BGP view: bgp as-number
•
Enter BGP-VPN view: a. bgp as-number b. ip vpn-instance
vpn-instance-name
N/A
N/A
3. Enter BGP IPv4 unicast instance view or BGP-VPN
IPv4 unicast instance view.
4. Disable BGP from considering
AS_PATH during best route selection. ipv4-family [ unicast ] N/A bestroute as-path-neglect
By default, BGP considers
AS_PATH during best route selection.
To disable BGP from considering AS_PATH during best route selection (IPv6):
1. Enter system view.
2. Enter BGP view or BGP-VPN view. system-view
•
Enter BGP view: bgp as-number
•
Enter BGP-VPN view: a. bgp as-number b. ip vpn-instance
vpn-instance-name
N/A
N/A
3. Enter BGP IPv6 unicast instance view or BGP-VPN
IPv6 unicast instance view.
4. Disable BGP from considering
AS_PATH during best route selection. ipv6-family [ unicast ] N/A bestroute as-path-neglect
Advertising a fake AS number to a peer or peer group
By default, BGP considers
AS_PATH during best route selection.
After you move a BGP router from an AS to another AS (from AS 2 to AS 3 for example), you have to modify the AS number of the router on all its EBGP peers. To avoid such modifications, you can configure
201
the router to advertise a fake AS number 2 to its EBGP peers so that the EBGP peers still think that Router
A is in AS 2.
To advertise a fake AS number to a peer or peer group (IPv4):
Step Command
1. Enter system view. system-view
2. Enter BGP view or BGP-VPN view.
•
Enter BGP view: bgp as-number
•
Enter BGP-VPN view: a. bgp as-number b. ip vpn-instance
vpn-instance-name
Remarks
N/A
N/A
3. Advertise a fake AS number to a peer or peer group. peer { group-name | ip-address } fake-as as-number
By default, no fake AS number is advertised to a peer or peer group.
This command applies to only
EBGP peers or EBGP peer groups.
To advertise a fake AS number to a peer or peer group (IPv6):
Step Command
1. Enter system view. system-view
2. Enter BGP view or BGP-VPN view.
•
Enter BGP view: bgp as-number
•
Enter BGP-VPN view: a. bgp as-number b. ip vpn-instance
vpn-instance-name
Remarks
N/A
N/A
3. Advertise a fake AS number to a peer or peer group. peer { group-name |
ipv6-address } fake-as as-number
By default, no fake AS number is advertised to a peer or peer group.
This command applies to only
EBGP peers or EBGP peer groups.
Configuring AS number substitution
IMPORTANT:
Do not configure AS number substitution in normal circumstances. Otherwise, routing loops might occur.
To use BGP between PE and CE in MPLS L3VPN, VPN sites in different geographical areas should have different AS numbers. Otherwise, BGP discards route updates containing the local AS number. If two CEs connected to different PEs use the same AS number, you must configure AS number substitution on each
PE to replace the AS number in route updates originated by the remote CE as its own AS number before advertising them to the connected CE.
202
Figure 56 AS number substitution configuration (in an IPv4 network)
For example, as shown in
, CE 1 and CE 2 use the same AS number 800. To implement bidirectional communication between the two sites, configure AS number substitution on PE 2 to replace
AS 800 as AS 100 for the BGP route update originated from CE 1 before advertising it to CE2, and perform the same configuration on PE1.
To configure AS number substitution for a peer or peer group (IPv4):
Step Command
1. Enter system view. system-view
2. Enter BGP view or BGP-VPN view.
•
Enter BGP view: bgp as-number
•
Enter BGP-VPN view: a. bgp as-number b. ip vpn-instance
vpn-instance-name
3. Configure AS number substitution for a peer or peer group. peer { group-name | ip-address } substitute-as
To configure AS number substitution for a peer or peer group (IPv6):
Remarks
N/A
N/A
By default, AS number substitution is not configured.
Step Command
1. Enter system view. system-view
2. Enter BGP view or BGP-VPN view.
•
Enter BGP view: bgp as-number
•
Enter BGP-VPN view: a. bgp as-number b. ip vpn-instance
vpn-instance-name
3. Configure AS number substitution for a peer or peer group. peer { group-name |
ipv6-address } substitute-as
Remarks
N/A
N/A
By default, AS number substitution is not configured.
Removing private AS numbers from updates sent to an EBGP peer or peer group
Private AS numbers are typically used in test networks, and should not be transmitted in public networks.
The range of private AS numbers is from 64512 to 65535.
To remove private AS numbers from updates sent to an EBGP peer or peer group (IPv4):
203
Step Command
1. Enter system view. system-view
2. Enter BGP view or BGP-VPN view.
•
Enter BGP view: bgp as-number
•
Enter BGP-VPN view: a. bgp as-number b. ip vpn-instance
vpn-instance-name
3. Enter BGP IPv4 unicast instance view or BGP-VPN
IPv4 unicast instance view. ipv4-family [ unicast ]
4. Configure BGP to remove private AS numbers from the
AS_PATH attribute of updates sent to an EBGP peer or peer group. peer { group-name | ip-address } public-as-only
Remarks
N/A
N/A
N/A
By default, this feature is not configured.
This command is only applicable to
EBGP peers or peer groups.
To remove private AS numbers from updates sent to an EBGP peer or peer group (IPv6):
Step Command
1. Enter system view. system-view
2. Enter BGP view or BGP-VPN view.
•
Enter BGP view: bgp as-number
•
Enter BGP-VPN view: a. bgp as-number b. ip vpn-instance
vpn-instance-name
3. Enter BGP IPv6 unicast instance view or BGP-VPN
IPv6 unicast instance view.
4. Configure BGP to remove private AS numbers from the
AS_PATH attribute of updates sent to an EBGP peer or peer group. ipv6-family [ unicast ] peer { group-name |
ipv6-address } public-as-only
Ignoring the first AS number of EBGP route updates
Remarks
N/A
N/A
N/A
By default, this feature is not configured.
This command is only applicable to
EBGP peers or peer groups.
By default, BGP checks whether the first AS number in the AS_PATH attribute of a route update received from a peer is the AS number of that peer. If not, BGP discards the route update.
To ignore the first AS number of EBGP route updates:
1. Enter system view.
2. Enter BGP view.
3. Configure BGP to ignore the first AS number of EBGP route updates. system-view bgp as-number ignore-first-as
204
N/A
N/A
By default, BGP checks the first AS number of EBGP route updates.
Tuning and optimizing BGP networks
This section describes how to tune and optimize BGP networks.
Configuring the keepalive interval and hold time
BGP sends keepalive messages at a specific interval to keep the BGP session between two routers.
If a router receives no keepalive or update message from a peer within the hold time, it tears down the session.
You can configure the keepalive interval and hold time globally or for a specific peer or peer group. The individual settings take precedence over the global settings.
The actual keepalive interval and hold time are determined as follows:
• If the hold time settings on the local and peer routers are different, the smaller setting is used. If the hold time is 0, BGP does not send keepalive messages to its peers and never tears down the session.
• If the keepalive interval is 0 and the negotiated hold time is not 0, the actual keepalive interval equals 1/3 of the hold time. If the keepalive interval is not 0, the actual keepalive interval is the smaller one between 1/3 of the hold time and the keepalive interval.
To configure the keepalive interval and hold time (IPv4):
Step Command
1. Enter system view. system-view
2. Enter BGP view or BGP-VPN view.
•
Enter BGP view: bgp as-number
•
Enter BGP-VPN view: a. bgp as-number b. ip vpn-instance
vpn-instance-name
Remarks
N/A
N/A
3. Configure the keepalive interval and hold time.
•
Configure the global keepalive interval and hold time: timer keepalive keepalive hold
holdtime
•
Configure the keepalive interval and hold time for a peer or peer group: peer { group-name |
ip-address } timer keepalive
keepalive hold holdtime
Use either approach.
By default, the keepalive interval is
60 seconds, and hold time is 180 seconds.
The timer command takes effect for new BGP sessions and does not affect existing sessions.
If you modify the timers with the peer timer command, BGP immediately closes the existing
BGP session and creates a new session to the peer by using the new settings.
To configure the keepalive interval and hold time (IPv6):
205
Step Command
1. Enter system view. system-view
2. Enter BGP view or BGP-VPN view.
•
Enter BGP view: bgp as-number
•
Enter BGP-VPN view: a. bgp as-number b. ip vpn-instance
vpn-instance-name
3. Configure the keepalive interval and hold time.
Remarks
N/A
N/A
•
Configure the global keepalive interval and hold time: timer keepalive keepalive hold
holdtime
•
Configure the keepalive interval and hold time for a peer or peer group: peer { group-name |
ipv6-address } timer keepalive
keepalive hold holdtime
Use either approach.
By default, the keepalive interval is
60 seconds, and hold time is 180 seconds.
The timer command takes effect for new BGP sessions and does not affect existing sessions.
If you modify the timers with the peer timer command, BGP immediately closes the existing
BGP session and creates a new session to the peer by using the new settings.
Configuring the interval for sending updates for the same route
A BGP router sends an update message to its peers when a route is changed. If the route changes frequently, the BGP router keeps sending updates for the same route, resulting route flapping. To prevent this situation, perform this task to configure the interval for sending updates for the same route to a peer or peer group.
To configure the interval for sending the same update to a peer or peer group (IPv4):
Step Command
1. Enter system view. system-view
2. Enter BGP view or BGP-VPN view.
•
Enter BGP view: bgp as-number
•
Enter BGP-VPN view: a. bgp as-number b. ip vpn-instance
vpn-instance-name
3. Configure the interval for sending updates for the same route to a peer or peer group. peer { group-name | ip-address } route-update-interval interval
Remarks
N/A
N/A
By default, the interval is 15 seconds for an IBGP peer and 30 seconds for an EBGP peer.
To configure the interval for sending the same update to a peer or peer group (IPv6):
Step Command
1. Enter system view. system-view
Remarks
N/A
206
Step Command
2. Enter BGP view or BGP-VPN view.
•
Enter BGP view: bgp as-number
•
Enter BGP-VPN view: a. bgp as-number b. ip vpn-instance
vpn-instance-name
3. Configure the interval for sending updates for the same route to a peer or peer group. peer { group-name |
ipv6-address } route-update-interval interval
Remarks
N/A
By default, the interval is 15 seconds for an IBGP peer and 30 seconds for an EBGP peer.
Enabling BGP to establish an EBGP session over multiple hops
To establish an EBGP connection, two routers must have a direct physical link. If no direct link is available, you must use the peer ebgp-max-hop command to enable BGP to establish an EBGP session over multiple hops and specify the maximum hops.
If directly connected EBGP peers use loopback interfaces to establish a BGP session, you do not need to configure the peer ebgp-max-hop command.
To enable BGP to establish an indirect EBGP session (IPv4):
Remarks
N/A
Step Command
1. Enter system view. system-view
2. Enter BGP view or BGP-VPN view.
•
Enter BGP view: bgp as-number
•
Enter BGP-VPN view: a. bgp as-number b. ip vpn-instance
vpn-instance-name
3. Enable BGP to establish an
EBGP session to an indirectly-connected peer or peer group and specify the maximum hop count. peer { group-name | ip-address } ebgp-max-hop [ hop-count ]
To enable BGP to establish an indirect EBGP session (IPv6):
Step Command
1. Enter system view. system-view
2. Enter BGP view or BGP-VPN view.
•
Enter BGP view: bgp as-number
•
Enter BGP-VPN view: a. bgp as-number b. ip vpn-instance
vpn-instance-name
N/A
By default, BGP cannot establish an EBGP session to an indirectly-connected peer or peer group.
Remarks
N/A
N/A
207
Step Command
3. Enable BGP to establish an
EBGP session to an indirectly-connected peer or peer group and specify the maximum hop count. peer { group-name |
ipv6-address } ebgp-max-hop
[ hop-count ]
Remarks
By default, BGP cannot establish an EBGP session to an indirectly-connected peer or peer group.
Enabling immediate reestablishment of direct EBGP connections upon link failure
When the link to a directly-connected EBGP peer goes down, the router does not reestablish a session to the peer until the hold time timer expires. This feature enables BGP to immediately recreate the session in that situation. When this feature is disabled, route flapping does not affect EBGP session state.
To enable immediate reestablishment of direct EBGP connections:
1. Enter system view.
2. Enter BGP view.
3. Enable immediate reestablishment of direct EBGP connections upon link failure. system-view bgp as-number ebgp-interface-sensitive
N/A
N/A
By default, this feature is enabled.
Enabling 4-byte AS number suppression
BGP supports 4-byte AS numbers. The 4-byte AS number occupies four bytes, in the range of 1 to
4294967295. By default, a device sends an Open message to the peer device for session establishment.
The Open message indicates that the device supports 4-byte AS numbers. If the peer device does not support 4-byte AS numbers (supports only 2-byte AS numbers), the session cannot be established. To resolve this issue, enable the 4-byte AS number suppression function. The device then sends an Open message to inform the peer that it does not support 4-byte AS numbers, so the BGP session can be established.
If the peer device supports 4-byte AS numbers, do not enable the 4-byte AS number suppression function.
Otherwise, the BGP session cannot be established.
To enable 4-byte AS number suppression (IPv4):
1. Enter system view.
2. Enter BGP view or BGP-VPN instance view. system-view N/A
•
Enter BGP view: bgp as-number
•
Enter BGP-VPN instance view: a. bgp as-number b. ip vpn-instance
vpn-instance-name
N/A
208
3. Enable 4-byte AS number suppression. peer { group-name | ip-address } capability-advertise suppress-4-byte-as
To enable 4-byte AS number suppression (IPv6):
By default, 4-byte AS number suppression is not enabled.
1. Enter system view.
2. Enter BGP view or BGP-VPN instance view.
3. Enable 4-byte AS number suppression. system-view N/A
•
Enter BGP view: bgp as-number
•
Enter BGP-VPN instance view: a. bgp as-number b. ip vpn-instance
vpn-instance-name
N/A peer { group-name |
ipv6-address } capability-advertise suppress-4-byte-as
By default, 4-byte AS number suppression is not enabled.
Configuring MD5 authentication for BGP
Perform this task to configure MD5 authentication between BGP peers. MD5 authentication verifies each segment sent on the TCP connection between the peers. The BGP peers must be configured with the same key to establish a TCP connection.
To configure MD5 authentication for BGP (IPv4):
1. Enter system view.
2. Enter BGP view or BGP-VPN instance view. system-view N/A
•
Enter BGP view: bgp as-number
•
Enter BGP-VPN instance view: a. bgp as-number b. ip vpn-instance
vpn-instance-name
N/A
3. Configure MD5 authentication for a peer or peer group. peer { group-name | ip-address } password { cipher | simple }
password
To configure MD5 authentication for BGP (IPv6):
By default, MD5 authentication is not configured for any BGP peer.
1. Enter system view. system-view
N/A
209
2. Enter BGP view or BGP-VPN instance view.
3. Configure MD5 authentication for a peer or peer group.
•
Enter BGP view: bgp as-number
•
Enter BGP-VPN instance view: a. bgp as-number b. ip vpn-instance
vpn-instance-name peer { group-name |
ipv6-address } password { cipher | simple } password
N/A
By default, MD5 authentication is not configured for any BGP peer.
Configuring BGP load balancing
If multiple BGP routes with the same AS_PATH, ORIGIN, LOCAL_PREF, and MED attributes to a destination exist, you can use the balance command to enable load balancing over these ECMP routes and specify the maximum number of ECMP routes.
To configure the maximum number of ECMP routes (IPv4):
Remarks
N/A
Step Command
1. Enter system view. system-view
2. Enter BGP view or BGP-VPN view.
•
Enter BGP view: bgp as-number
•
Enter BGP-VPN view: a. bgp as-number b. ip vpn-instance
vpn-instance-name
3. Enter BGP IPv4 unicast instance view or BGP-VPN
IPv4 unicast instance view. ipv4-family [ unicast ]
4. Configure the maximum number of ECMP routes for load balancing. balance number
To configure the maximum number of ECMP routes (IPv6):
Step Command
1. Enter system view. system-view
2. Enter BGP view or BGP-VPN view.
•
Enter BGP view: bgp as-number
•
Enter BGP-VPN view: a. bgp as-number b. ip vpn-instance
vpn-instance-name
3. Enter BGP IPv6 unicast instance view or BGP-VPN
IPv6 unicast instance view. ipv6-family [ unicast ]
N/A
N/A
By default, load balancing is disabled.
Remarks
N/A
N/A
N/A
210
Step Command
4. Configure the maximum number of ECMP routes for load balancing. balance number
Remarks
By default, load balancing is disabled.
Disabling BGP to establish a session to a peer or peer group
This task enables you to temporarily tear down the BGP session to a specific peer or peer group so that you can perform network upgrade and maintenance without needing to delete and reconfigure the peer or peer group. To recover the session, execute the undo peer ignore command.
To disable BGP to establish a session to a peer or peer group (IPv4):
Step Command
1. Enter system view. system-view
2. Enter BGP view or BGP-VPN view.
•
Enter BGP view: bgp as-number
•
Enter BGP-VPN view: a. bgp as-number b. ip vpn-instance
vpn-instance-name
3. Disable BGP to establish a session to a peer or peer group. peer { group-name | ip-address } ignore
To disable BGP to establish a session to a peer or peer group (IPv6):
Remarks
N/A
N/A
By default, BGP can establish a session to a peer or peer group.
Remarks
N/A
Step Command
1. Enter system view. system-view
2. Enter BGP view or BGP-VPN view.
•
Enter BGP view: bgp as-number
•
Enter BGP-VPN view: a. bgp as-number b. ip vpn-instance
vpn-instance-name
3. Disable BGP to establish a session to a peer or peer group. peer { group-name |
ipv6-address } ignore
N/A
By default, BGP can establish a session to a peer.
Configuring BGP soft-reset
After you modify the route selection policy (for example, modify the preferred value), you must reset BGP sessions to apply the new policy. The reset operation tears down and re-establishes BGP sessions.
To avoid tearing down BGP sessions, you can use one of the following soft-reset methods to apply the new policy:
211
• Enabling route-refresh—The BGP router advertises a route-refresh message to the specified peer, and the peer resends its routing information to the router. After receiving the routing information, the router filters the routing information by using the new policy.
This method requires that both the local router and the peer support route refresh.
• Saving updates—Use the peer keep-all-routes command to save all route updates from the specified peer. After modifying the route selection policy, filter routing information by using the new policy.
This method does not require that the local router and the peer support route refresh but it uses more memory resources to save routes.
•
Manual soft-reset—Use the refresh bgp command to enable BGP to send local routing information or advertise a route-refresh message to the specified peer so the peer resends its routing information.
After receiving the routing information, the router filters the routing information by using the new policy.
This method requires that both the local router and the peer support route refresh.
Enabling route-refresh
To enable BGP route refresh for a peer or peer group (IPv4):
Step Command
1. Enter system view. system-view
2. Enter BGP view or BGP-VPN view.
3. Enable BGP route refresh for a peer or peer group.
•
Enter BGP view: bgp as-number
•
Enter BGP-VPN view: a. bgp as-number b. ip vpn-instance
vpn-instance-name
•
Enable BGP route refresh for the specified peer or peer group: peer { group-name |
ip-address } capability-advertise route-refresh
•
Enable BGP route refresh and multi-protocol extension capability for the specified peer or peer group: undo peer { group-name |
ip-address } capability-advertise conventional
To enable BGP route refresh for a peer or peer group (IPv6):
Step Command
1. Enter system view. system-view
Remarks
N/A
N/A
Use either approach.
By default, BGP route refresh is enabled.
Remarks
N/A
212
Step Command
2. Enter BGP view or BGP-VPN view.
•
Enter BGP view: bgp as-number
•
Enter BGP-VPN view: a. bgp as-number b. ip vpn-instance
vpn-instance-name
3.
Enable BGP route refresh for a peer or peer group.
•
Enable BGP route refresh for the specified peer or peer group: peer { group-name |
ipv6-address } capability-advertise route-refresh
•
Enable BGP route refresh and multi-protocol extension capability for the specified peer or peer group: undo peer { group-name |
ipv6-address } capability-advertise conventional
Remarks
N/A
Saving updates
To save all route updates from the specified peer or peer group (IPv4):
Use either approach.
By default, BGP route refresh is enabled.
Step Command
1. Enter system view. system-view
2. Enter BGP view or BGP-VPN view.
•
Enter BGP view: bgp as-number
•
Enter BGP-VPN view: a. bgp as-number b. ip vpn-instance
vpn-instance-name
3. Enter BGP IPv4 unicast instance view or BGP-VPN
IPv4 unicast instance view. ipv4-family [ unicast ]
Remarks
N/A
N/A
N/A
4. Save all route updates from the peer or peer group. peer { group-name | ip-address } keep-all-routes
By default, the routes are not saved.
This command takes effect only for the routes received after this command is executed.
To save all route updates from the specified peer or peer group (IPv6):
Step Command
1. Enter system view. system-view
2. Enter BGP view bgp as-number
Remarks
N/A
N/A
213
Step Command
3. Enter BGP IPv6 unicast instance view. ipv6-family [ unicast ]
Remarks
N/A
4. Save all route updates from the peer or peer group. peer { group-name |
ipv6-address } keep-all-routes
By default, the routes are not saved.
This command takes effect only for the routes received after this command is executed.
Configuring manual soft-reset
To configure manual soft-reset (IPv4):
Step Command
1. Enter system view. system-view
2. Enter BGP view or BGP-VPN view.
3. Enable BGP route refresh for a peer or peer group.
•
Enter BGP view: bgp as-number
•
Enter BGP-VPN view: a. bgp as-number b. ip vpn-instance
vpn-instance-name
•
Enable BGP route refresh for the specified peer or peer group: peer { group-name |
ip-address } capability-advertise route-refresh
•
Enable BGP route refresh and multi-protocol extension capability for the specified peer or peer group: undo peer { group-name |
ip-address } capability-advertise conventional
Remarks
N/A
N/A
By default, BGP route refresh is enabled.
4. Return to user view. return N/A
5. Perform manual soft-reset. refresh bgp { ip-address | all | external | group group-name | internal } { export | import } ipv4
[ unicast ] [ vpn-instance
vpn-instance-name ]
To configure manual soft-reset (IPv6):
Step Command
1. Enter system view. system-view
N/A
Remarks
N/A
214
Step Command
2. Enter BGP view or BGP-VPN view.
•
Enter BGP view: bgp as-number
•
Enter BGP-VPN view: a. bgp as-number b. ip vpn-instance
vpn-instance-name
3.
Enable BGP route refresh for a peer or peer group.
•
Enable BGP route refresh for the specified peer or peer group: peer { group-name |
ipv6-address } capability-advertise route-refresh
•
Enable BGP route refresh and multi-protocol extension capability for the specified peer or peer group: undo peer { group-name |
ipv6-address } capability-advertise conventional
Remarks
N/A
By default, BGP route refresh is enabled.
4. Return to user view. return N/A
5. Perform manual soft-reset. refresh bgp { ipv6-address | all | external | group group-name | internal } { export | import } ipv6
[ unicast ] [ vpn-instance
vpn-instance-name ]
N/A
Protecting an EBGP peer when memory usage reaches level 2 threshold
Memory usage includes the following levels of thresholds: normal, level 1, level 2, and level 3. When level 2 threshold is reached, BGP tears down an EBGP session to release memory resources periodically until the memory usage is exempt from level 2 threshold. You can configure this feature to avoid tearing down the BGP session with a specific EBGP peer when memory usage reaches level 2 threshold.
For more information about thresholds, see Fundamentals Configuration Guide.
To configure BGP to protect EBGP peer or peer group when the memory usage reaches level 2 threshold
(IPv4):
Step Command
1. Enter system view. system-view
2. Enter BGP view or BGP-VPN view.
•
Enter BGP view: bgp as-number
•
Enter BGP-VPN view: a. bgp as-number b. ip vpn-instance
vpn-instance-name
Remarks
N/A
N/A
215
Step Command
3. Configure BGP to protect
EBGP peer or peer group when the memory usage reaches level 2 threshold. peer { group-name | ip-address } low-memory-exempt
Remarks
By default, BGP tears down an
EBGP session to release memory resources periodically when level
2 threshold is reached.
To configure BGP to protect EBGP peer or peer group when the memory usage reaches level 2 threshold
(IPv6):
Remarks
N/A
Step Command
1. Enter system view. system-view
2. Enter BGP view or BGP-VPN view.
•
Enter BGP view: bgp as-number
•
Enter BGP-VPN view: a. bgp as-number b. ip vpn-instance
vpn-instance-name
3. Configure BGP to protect
EBGP peer or peer group when the memory usage reaches level 2 threshold. peer { group-name |
ipv6-address } low-memory-exempt
N/A
By default, BGP tears down an
EBGP session to release memory resources periodically when level
2 threshold is reached.
Configuring a large-scale BGP network
In a large network, the number of BGP connections is huge and BGP configuration and maintenance are complicated. To simply BGP configuration, you can use the peer group, community, route reflector, and confederation features as needed. For more information about configuring peer groups, see
"
Configuring a BGP peer group ."
Configuring BGP community
By default, a router does not advertise the COMMUNITY or extended community attribute to its peers or peer groups. When the router receives a route carrying the COMMUNITY or extended community attribute, it removes the attribute before advertising the route to other peers or peer groups.
Perform this task to enable a router to advertise the COMMUNITY or extended community attribute to its peers for route filtering and control. You can also reference a routing policy to add or modify the
COMMUNITY or extended community attribute for specific routes. For more information about routing policy, see "Configuring routing policies."
To configure BGP community (IPv4):
1. Enter system view. system-view N/A
216
2. Enter BGP view or BGP-VPN view.
•
Enter BGP view: bgp as-number
•
Enter BGP-VPN view: a. bgp as-number b. ip vpn-instance
vpn-instance-name
3. Enter BGP IPv4 unicast instance view or BGP-VPN
IPv4 unicast instance view. ipv4-family [ unicast ]
4. Advertise the COMMUNITY or extended community attribute to a peer or peer group.
•
Advertise the COMMUNITY attribute to a peer or peer group: peer { group-name |
ip-address } advertise-community
•
Advertise the extended community attribute to a peer or peer group: peer { group-name |
ip-address } advertise-ext-community
5. (Optional.) Apply a routing policy to routes advertised to a peer or peer group.
To configure BGP community (IPv6): peer { group-name | ip-address } route-policy route-policy-name export
N/A
N/A
By default, the COMMUNITY or extended community attribute is not advertised.
By default, no routing policy is applied.
1. Enter system view.
2. Enter BGP view.
3. Enter BGP IPv6 unicast instance view. system-view bgp as-number
4. Advertise the COMMUNITY or extended community attribute to a peer or peer group.
5. (Optional.) Apply a routing policy to routes advertised to a peer or peer group. ipv6-family [ unicast ]
•
Advertise the COMMUNITY attribute to a peer or peer group: peer { group-name |
ipv6-address } advertise-community
•
Advertise the extended community attribute to a peer or peer group: peer { group-name |
ipv6-address } advertise-ext-community peer { group-name |
ipv6-address } route-policy
route-policy-name export
N/A
N/A
N/A
By default, the COMMUNITY or extended community attribute is not advertised.
By default, no routing policy is applied.
217
Configuring a BGP route reflector
If an AS has many BGP routers, configure them as a cluster. To reduce IBGP connections, configure one of them as a route reflector and others as clients.
To improve availability, you can specify multiple route reflectors for a cluster. The route reflectors in the cluster must have the same cluster ID to avoid routing loops.
To configure a BGP route reflector (IPv4):
1. Enter system view.
2. Enter BGP view or BGP-VPN view. system-view
•
Enter BGP view: bgp as-number
•
Enter BGP-VPN view: a. bgp as-number b. ip vpn-instance vpn-instance-name
3. Enter BGP IPv4 unicast instance view or BGP-VPN
IPv4 unicast instance view.
4. Configure the router as a route reflector and specify a peer or peer group as its client.
5. Enable route reflection between clients. ipv4-family [ unicast ] peer { group-name | ip-address } reflect-client reflect between-clients
6. (Optional.) Configure the cluster ID of the route reflector. reflector cluster-id { cluster-id |
ip-address }
To configure a BGP route reflector (IPv6):
N/A
N/A
N/A
By default, no route reflector or client is configured.
By default, route reflection between clients is enabled.
By default, a route reflector uses its own router ID as the cluster ID.
1. Enter system view.
2. Enter BGP view.
3. Enter BGP IPv6 unicast instance view.
4. Configure the router as a route reflector and specify a peer or peer group as its client.
5. Enable route reflection between clients.
6. (Optional.) Configure the cluster ID of the route reflector. system-view bgp as-number ipv6-family [ unicast ] peer { group-name |
ipv6-address } reflect-client reflect between-clients reflector cluster-id { cluster-id |
ip-address }
N/A
N/A
N/A
By default, no route reflector or client is configured.
By default, route reflection between clients is enabled.
By default, a route reflector uses its own router ID as the cluster ID.
Configuring a BGP confederation
BGP confederation provides another way to reduce IBGP connections in an AS.
218
A confederation contains sub-ASs. In each sub-AS, IBGP peers are fully meshed. Sub-ASs establish EBGP connections in between.
Configuring a BGP confederation
After you split an AS into multiple sub-ASs, configure a router in a sub-AS as follows:
1.
2.
3.
Enable BGP and specify the AS number of the router. For more information, see "
Specify the confederation ID. From an outsider’s perspective, the sub-ASs of the confederation is a single AS, which is identified by the confederation ID.
If the router needs to establish EBGP connections to other sub-ASs, you must specify the peering sub-ASs in the confederation.
A confederation can contain a maximum of 32 sub-ASs. The AS number of a sub-AS is effective only in the confederation.
To configure a BGP confederation:
1. Enter system view. system-view N/A
2. Enter BGP view. bgp as-number
3. Configure a confederation ID. confederation id as-number
N/A
By default, no confederation ID is configured.
4. Specify peering sub-ASs in the confederation. confederation peer-as
as-number-list
By default, no peering sub-AS is specified.
Configuring confederation compatibility
If any routers in the confederation do not comply with RFC 3065, enable confederation compatibility to allow the router to work with those routers.
To configure confederation compatibility:
1. Enter system view.
2. Enter BGP view.
3. Enable confederation compatibility. system-view bgp as-number confederation nonstandard
N/A
N/A
By default, confederation compatibility is disabled.
Configuring BGP GR
Graceful Restart (GR) ensures continuous forwarding when BGP restarts or an active/standby switchover occurs. GR defines the following types of GR-capable devices:
•
GR restarter—Performs GR upon a BGP restart or active/standby switchover.
• GR helper—Helps the GR restarter to complete the GR process.
A device can act as a GR restarter and GR helper at the same time.
BGP GR works as follows:
219
1.
2.
3.
4.
The BGP GR restarter and helper exchange Open messages for GR capability negotiation. If both parties have the GR capability, they establish a GR-capable session. The GR restarter sends the GR timer set by the graceful-restart timer restart command to the GR helper in an Open message.
When an active/standby switchover occurs or BGP restarts, the GR restarter does not remove existing BGP routes, and it still uses these routes for packet forwarding. The GR helper marks all routes learned from the GR restarter as stale instead of deleting them, and it still uses these routes for packet forwarding. During the GR process, packet forwarding is not interrupted.
After the active/standby switchover or BGP restart completes, the GR restarter reestablishes a BGP session with the GR helper. If the BGP session fails to be established within the GR timer advertised by the GR Restarater, the GR helper removes the stale routes.
If the BGP session is established, routing information is exchanged for the GR Restarter to retrieve route entries and for the GR Helper to recover stale routes. You can use the graceful-restart timer wait-for-rib command to configure the time for the local router to wait for the End-Of-RIB (End of
Routing-Information-Base) marker, and control the route convergence speed. If routing information exchange is not completed within the time, the GR restarter does not receive new routes. Instead, the GR restarter updates its routing table and forwarding table with the BGP routes already learned to complete BGP route convergence. The GR helper removes the stale routes.
Follow these guidelines when you configure BGP GR:
• The End-Of-RIB indicates the end of route updates.
•
The maximum time to wait for the End-of-RIB marker configured on the local end is not advertised to the peer. It controls the time for the local end to receive updates from the peer.
Perform the following configuration on the GR restarter and GR helper.
To configure BGP GR:
Step Command
1. Enter system view. system-view
2. Enter BGP view. bgp as-number
3. Enable GR capability for BGP. graceful-restart
4. Configure the GR timer. graceful-restart timer restart
timer
Remarks
N/A
N/A
By default, GR capability is disabled for BGP.
The default setting is 150 seconds.
The time that a peer waits to reestablish a session must be less than the hold time.
5. Configure the maximum time to wait for the End-of-RIB marker. graceful-restart timer wait-for-rib timer
The default setting is 180 seconds.
Enabling trap
After trap is enabled for BGP, BGP generates Level-4 traps to report important events. The generated traps are sent to the information center of the device. The output rules of the traps (whether to output the traps and where to output) are determined according to the information center configuration. For information center configuration, see Network Management and Monitoring Configuration Guide.
To enable trap:
220
Step Command
1. Enter system view. system-view
2. Enable trap for BGP. snmp-agent trap enable bgp
Remarks
N/A
By default, trap for BGP is enabled.
For more information about this command, see Network Management
and Monitoring Configuration Guide.
Enabling logging of session state changes
Perform this task to enable BGP to log BGP session establishment and disconnection events. To view the log information, use the display bgp peer ipv4 log-info command.
To enable the logging of session state changes:
1. Enter system view.
2. Enter BGP view.
3. Enable the logging of session state changes globally. system-view bgp as-number log-peer-change
N/A
N/A
By default, logging of session state changes is enabled globally.
Configuring BFD for BGP
IMPORTANT:
If you have enabled GR, use BFD with caution because BFD might detect a failure before the system performs GR, which will result in GR failure. If you have enabled both BFD and GR for BGP, do not disable
BFD during a GR process to avoid GR failure.
BGP maintains neighbor relationships based on the keepalive timer and hold timer in seconds. It requires that the hold time must be at least three times the keepalive interval. This mechanism makes link failure detection slow. Once a failure occurs on a high-speed link, a large quantity of packets will be dropped before routing convergence completes. BFD for BGP can solve this problem by fast detecting link failures to reduce convergence time.
For more information about BFD, see High Availability Configuration Guide.
Before you can enable BFD for the BGP peer, establish a BGP session between the local router and the peer.
To enable BFD for a BGP peer (IPv4):
Step Command
1. Enter system view.
system-view
Remarks
N/A
221
Step Command
2. Enter BGP view or BGP-VPN view.
•
Enter BGP view: bgp as-number
•
Enter BGP-VPN view: a. bgp as-number b. ip vpn-instance vpn-instance-name
3. Enable BFD to detect the link to the specified BGP peer.
To enable BFD for a BGP peer (IPv6): peer ip-address bfd
Step Command
1. Enter system view. system-view
2. Enter BGP view or BGP-VPN view.
•
Enter BGP view: bgp as-number
•
Enter BGP-VPN view: a. bgp as-number b. ip vpn-instance vpn-instance-name
Remarks
N/A
By default, BFD is not enabled.
Remarks
N/A
N/A
3. Enable BFD to detect the link to the specified IPv6 BGP peer. peer ipv6-address bfd
By default, BFD is not enabled.
Displaying and maintaining BGP
Execute display commands in any view and reset commands in user view (IPv4).
Task Command
Display BGP IPv4 unicast peer group information. display bgp group ipv4 [ unicast ] [ vpn-instance
vpn-instance-name ] [ group-name ]
Display BGP IPv4 unicast peer or peer group information.
Display BGP IPv4 unicast routing information.
Display BGP IPv4 unicast route advertisement information.
Display BGP IPv4 unicast routing information sent to/received from the specified BGP peer.
Display BGP IPv4 unicast routing statistics. display bgp peer ipv4 [ unicast ] [ vpn-instance
vpn-instance-name ] [ ip-address { log-info | verbose } |
group-name log-info | verbose ] display bgp routing-table ipv4 [ unicast ] [ vpn-instance
vpn-instance-name ] [ network-address [ { mask | mask-length }
[ longest-match ] ] ] display bgp routing-table ipv4 [ unicast ] [ vpn-instance
vpn-instance-name ] network-address [ mask | mask-length ] advertise-info display bgp routing-table ipv4 [ unicast ] [ vpn-instance
vpn-instance-name ] peer ip-address { advertised-routes | received-routes } [ network-address [ mask | mask-length ] | statistic ] display bgp routing-table ipv4 [ unicast ] [ vpn-instance
vpn-instance-name ] statistic
222
Task Command
Display BGP IPv4 unicast routing information matching the specified AS path list. display bgp routing-table ipv4 [ unicast ] [ vpn-instance
vpn-instance-name ] as-path-acl as-path-acl-number
Display BGP IPv4 unicast routing information matching the specified BGP community list.
Display dampened BGP IPv4 unicast routing information.
Display BGP dampening parameter information. display bgp routing-table ipv4 [ unicast ] [ vpn-instance
vpn-instance-name ] community-list
{ { basic-community-list-number | comm-list-name }
[ whole-match ] | adv-community-list-number } display bgp routing-table dampened ipv4 [ unicast ]
[ vpn-instance vpn-instance-name ] display bgp dampening parameter ipv4 [ unicast ] [ vpn-instance
vpn-instance-name ]
Display BGP IPv4 unicast routing flap statistics. display bgp routing-table flap-info ipv4 [ unicast ] [ vpn-instance
vpn-instance-name ] [ network-address [ { mask | mask-length }
[ longest-match ] ] | as-path-acl as-path-acl-number ]
Display information about routes advertised by the network command and shortcut routes configured by the network short-cut command.
Display BGP path attribute information. display bgp network ipv4 [ unicast ] [ vpn-instance
vpn-instance-name ] display bgp paths [ as-regular-expression ]
Reset all BGP sessions.
Reset IPv4 unicast BGP sessions. reset bgp all reset bgp { as-number | ip-address | all | external | group
group-name | internal } ipv4 [ unicast ] [ vpn-instance
vpn-instance-name ]
Clear dampened BGP IPv4 unicast routing information and release suppressed routes. reset bgp dampening ipv4 [ unicast ] [ vpn-instance
vpn-instance-name ] [ network-address [ mask | mask-length ] ]
Clear BGP IPv4 unicast route flap information. reset bgp flap-info ipv4 [ unicast ] [ vpn-instance
vpn-instance-name ] [ network-address [ mask | mask-length ] | as-path-acl as-path-acl-number | peer peer-address ]
Execute display commands in any view and reset commands in user view (IPv6).
Task Command
Display BGP IPv6 unicast peer group information. display bgp group ipv6 [ unicast ] [ vpn-instance
vpn-instance-name ] [ group-name ]
Display BGP IPv6 unicast peer or peer group information. display bgp peer ipv6 [ unicast ] [ group-name log-info |
ipv6-address { log-info | verbose } | verbose ] display bgp peer ipv6 [ unicast ] vpn-instance vpn-instance-name
[ group-name log-info | ipv6-address { log-info | verbose } | verbose ]
Display BGP IPv6 unicast routing information. display bgp routing-table ipv6 [ unicast ] [ vpn-instance
vpn-instance-name ] [ network-address prefix-length
[ advertise-info ] ]
223
Task Command
Display BGP IPv6 unicast routing information sent to/received from the specified BGP peer. display bgp routing-table ipv6 [ unicast ] peer ipv6-address
{ advertised-routes | received-routes } [ network-address
prefix-length | statistics ] display bgp routing-table ipv6 [ unicast ] vpn-instance
vpn-instance-name peer ipv6-address { advertised-routes | received-routes } [ network-address prefix-length | statistics ]
Display BGP IPv6 unicast routing statistics. display bgp routing-table ipv6 [ unicast ] [ vpn-instance
vpn-instance-name ] statistics
Display BGP IPv6 unicast routing information matching the specified AS path list. display bgp routing-table ipv6 [ unicast ] [ vpn-instance
vpn-instance-name ] as-path-acl as-path-acl-number
Display BGP IPv6 unicast routing information matching the specified BGP community list.
Display dampened BGP IPv6 unicast routing information.
Display BGP dampening parameter information.
Display BGP IPv6 unicast routing flap statistics. display bgp routing-table ipv6 [ unicast ] [ vpn-instance
vpn-instance-name ] community-list
{ { basic-community-list-number | comm-list-name }
[ whole-match ] | adv-community-list-number } display bgp routing-table dampened ipv6 [ unicast ]
[ vpn-instance vpn-instance-name ] display bgp dampening parameter ipv6 [ unicast ] [ vpn-instance
vpn-instance-name ] display bgp routing-table flap-info ipv6 [ unicast ] [ vpn-instance
vpn-instance-name ] [ network-address prefix-length | as-path-acl
as-path-acl-number ]
Display the incoming label of BGP IPv6 unicast routing information.
Display the outgoing label of BGP IPv6 unicast routing information.
Display information about routes advertised by the network command and shortcut routes configured by the network short-cut command.
Display BGP path attribute information. display bgp routing-table ipv6 [ unicast ] inlabel display bgp routing-table ipv6 [ unicast ] outlabel display bgp network ipv6 [ unicast ] [ vpn-instance
vpn-instance-name ]
Reset IPv6 unicast BGP sessions. display bgp paths [ as-regular-expression ] reset bgp { as-number | ipv6-address | all | external | group
group-name | internal } ipv6 [ unicast ] [ vpn-instance
vpn-instance-name ] reset bgp ip-address ipv6 [ unicast ]
Clear dampened BGP IPv6 unicast routing information and release suppressed routes. reset bgp dampening ipv6 [ unicast ] [ vpn-instance
vpn-instance-name ] [ network-address prefix-length ]
Clear BGP IPv6 unicast route flap information. reset bgp flap-info ipv6 [ unicast ] [ vpn-instance
vpn-instance-name ] [ network-address prefix-length | as-path-acl
as-path-acl-number | peer ipv6-address ]
224
IPv4 BGP configuration examples
Basic BGP configuration example
Network requirements
In Figure 57 , run EBGP between Switch A and Switch B, and run IBGP between Switch B and Switch C
so that Switch C can access the network 8.1.1.0/24 connected to Switch A.
Figure 57 Network diagram
Configuration considerations
To prevent route flapping caused by port state changes, this example uses loopback interfaces to establish IBGP connections. Because loopback interfaces are virtual interfaces, use the peer connect-interface command to specify the loopback interface as the source interface for establishing
BGP connections. Enable OSPF in AS 65009 to make sure that Switch B can communicate with Switch
C through loopback interfaces.
The EBGP peers, Switch A and Switch B (usually belong to different carriers), are located in different ASs.
Typically, their loopback interfaces are not reachable to each other, so directly connected interfaces are used for establishing BGP sessions. To enable Switch C to access the network 8.1.1.0/24 connected directly to Switch A, inject network 8.1.1.0/24 to the BGP routing table of Switch A.
Configuration procedure
1.
2.
Configure IP addresses for interfaces. (Details not shown.)
Configure IBGP:
# Configure Switch B.
<SwitchB> system-view
[SwitchB] bgp 65009
[SwitchB-bgp] router-id 2.2.2.2
[SwitchB-bgp] peer 3.3.3.3 as-number 65009
[SwitchB-bgp] peer 3.3.3.3 connect-interface loopback 0
[SwitchB-bgp] ipv4-family unicast
[SwitchB-bgp-ipv4] peer 3.3.3.3 enable
[SwitchB-bgp-ipv4] quit
[SwitchB-bgp] quit
[SwitchB] ospf 1
[SwitchB-ospf-1] area 0
[SwitchB-ospf-1-area-0.0.0.0] network 2.2.2.2 0.0.0.0
[SwitchB-ospf-1-area-0.0.0.0] network 9.1.1.1 0.0.0.255
[SwitchB-ospf-1-area-0.0.0.0] quit
225
3.
[SwitchB-ospf-1] quit
# Configure Switch C.
<SwitchC> system-view
[SwitchC] bgp 65009
[SwitchC-bgp] router-id 3.3.3.3
[SwitchC-bgp] peer 2.2.2.2 as-number 65009
[SwitchC-bgp] peer 2.2.2.2 connect-interface loopback 0
[SwitchC-bgp] ipv4-family unicast
[SwitchC-bgp-ipv4] peer 2.2.2.2 enable
[SwitchC-bgp-ipv4] quit
[SwitchC-bgp] quit
[SwitchC] ospf 1
[SwitchC-ospf-1] area 0
[SwitchC-ospf-1-area-0.0.0.0] network 3.3.3.3 0.0.0.0
[SwitchC-ospf-1-area-0.0.0.0] network 9.1.1.0 0.0.0.255
[SwitchC-ospf-1-area-0.0.0.0] quit
[SwitchC-ospf-1] quit
[SwitchC] display bgp peer ipv4
BGP local router ID : 3.3.3.3
Local AS number : 65009
Total number of peers : 1 Peers in established state : 1
Peer AS MsgRcvd MsgSent OutQ PrefRcv Up/Down State
2.2.2.2 65009 2 2 0 0 00:00:13 Established
The output shows that Switch C has established an IBGP peer relationship with Switch B.
Configure EBGP:
# Configure Switch A.
<SwitchA> system-view
[SwitchA] bgp 65008
[SwitchA-bgp] router-id 1.1.1.1
[SwitchA-bgp] peer 3.1.1.1 as-number 65009
[SwitchA-bgp] ipv4-family unicast
[SwitchA-bgp-ipv4] peer 3.1.1.1 enable
[SwitchA-bgp-ipv4] network 8.1.1.0 24
[SwitchA-bgp-ipv4] quit
[SwitchA-bgp] quit
# Configure Switch B.
[SwitchB] bgp 65009
[SwitchB-bgp] peer 3.1.1.2 as-number 65008
[SwitchB-bgp] ipv4-family unicast
[SwitchB-bgp-ipv4] peer 3.1.1.2 enable
[SwitchB-bgp-ipv4] quit
[SwitchB-bgp] quit
# Display BGP peer information on Switch B.
[SwitchB] display bgp peer ipv4
226
BGP local router ID : 2.2.2.2
Local AS number : 65009
Total number of peers : 2 Peers in established state : 2
Peer AS MsgRcvd MsgSent OutQ PrefRcv Up/Down State
3.3.3.3 65009 4 4 0 0 00:02:49 Established
3.1.1.2 65008 2 2 0 0 00:00:05 Established
The output shows that Switch B has established an IBGP peer relationship with Switch C and an
EBGP peer relationship with Switch A.
# Display the BGP routing table on Switch A.
[SwitchA] display bgp routing-table ipv4
Total number of routes: 1
BGP local router ID is 1.1.1.1
Status codes: * - valid, > - best, d - damped, h - history,
s - suppressed, S - Stale, i - internal, e - external
Origin: i - IGP, e - EGP, ? - incomplete
Network NextHop MED LocPrf PrefVal Path/Ogn
> 8.1.1.0/24 8.1.1.1 0 0 i
# Display the BGP routing table on Switch B.
[SwitchB] display bgp routing-table ipv4
Total number of routes: 1
BGP local router ID is 2.2.2.2
Status codes: * - valid, > - best, d - damped, h - history,
s - suppressed, S - Stale, i - internal, e - external
Origin: i - IGP, e - EGP, ? - incomplete
Network NextHop MED LocPrf PrefVal Path/Ogn
>e 8.1.1.0/24 3.1.1.2 0 0 65008i
# Display the BGP routing table on Switch C.
[SwitchC] display bgp routing-table ipv4
Total number of routes: 1
BGP local router ID is 3.3.3.3
Status codes: * - valid, > - best, d - damped, h - history,
s - suppressed, S - Stale, i - internal, e - external
Origin: i - IGP, e - EGP, ? - incomplete
Network NextHop MED LocPrf PrefVal Path/Ogn
227
4.
i 8.1.1.0/24 3.1.1.2 0 100 0 65008i
The outputs show that Switch A has learned no route to AS65009, and Switch C has learned network 8.1.1.0, but the next hop 3.1.1.2 is unreachable. As a result, the route is invalid.
Redistribute direct routes:
Configure BGP to redistribute direct routes on Switch B, so that Switch A can obtain the route to
9.1.1.0/24, and Switch C can obtain the route to 3.1.1.0/24.
# Configure Switch B.
[SwitchB] bgp 65009
[SwitchB-bgp] ipv4-family unicast
[SwitchB-bgp-ipv4] import-route direct
[SwitchB-bgp-ipv4] quit
[SwitchB-bgp] quit
# Display the BGP routing table on Switch A.
[SwitchA] display bgp routing-table ipv4
Total number of routes: 4
BGP local router ID is 1.1.1.1
Status codes: * - valid, > - best, d - damped, h - history,
s - suppressed, S - Stale, i - internal, e - external
Origin: i - IGP, e - EGP, ? - incomplete
Network NextHop MED LocPrf PrefVal Path/Ogn
>e 2.2.2.2/32 3.1.1.1 0 0 65009?
e 3.1.1.0/24 3.1.1.1 0 0 65009?
> 8.1.1.0/24 8.1.1.1 0 0 i
>e 9.1.1.0/24 3.1.1.1 0 0 65009?
Two routes, 2.2.2.2/32 and 9.1.1.0/24, have been added in Switch A’s routing table.
# Display the BGP routing table on Switch C.
[SwitchC] display bgp routing-table ipv4
Total number of routes: 4
BGP local router ID is 3.3.3.3
Status codes: * - valid, > - best, d - damped, h - history,
s - suppressed, S - Stale, i - internal, e - external
Origin: i - IGP, e - EGP, ? - incomplete
Network NextHop MED LocPrf PrefVal Path/Ogn
i 2.2.2.2/32 2.2.2.2 0 100 0 ?
>i 3.1.1.0/24 2.2.2.2 0 100 0 ?
>i 8.1.1.0/24 3.1.1.2 0 100 0 65008i
>i 9.1.1.0/24 2.2.2.2 0 100 0 ?
The output shows that the route 8.1.1.0 becomes valid with the next hop as Switch A.
228
Verifying the configuration
# Ping 8.1.1.1 on Switch C.
[SwitchC] ping 8.1.1.1
PING 8.1.1.1 (8.1.1.1): 56 data bytes
56 bytes from 8.1.1.1: icmp_seq=0 ttl=254 time=10.000 ms
56 bytes from 8.1.1.1: icmp_seq=1 ttl=254 time=4.000 ms
56 bytes from 8.1.1.1: icmp_seq=2 ttl=254 time=4.000 ms
56 bytes from 8.1.1.1: icmp_seq=3 ttl=254 time=3.000 ms
56 bytes from 8.1.1.1: icmp_seq=4 ttl=254 time=3.000 ms
--- 8.1.1.1 ping statistics ---
5 packet(s) transmitted, 5 packet(s) received, 0.0% packet loss round-trip min/avg/max/stddev = 3.000/4.800/10.000/2.638 ms
BGP and IGP route redistribution configuration example
Network requirements
, all devices of company A belong to AS 65008, and all devices of company B belong to AS 65009. AS 65008 and AS 65009 are connected through Switch A and Switch B. It is required that Switch A can access network 9.1.2.0/24 in AS 65009, and Switch C can access network
8.1.1.0/24 in AS 65008.
Figure 58 Network diagram
Configuration considerations
Configure BGP to redistribute routes from OSPF on Switch B, so Switch A can obtain the route to
9.1.2.0/24. Configure OSPF to redistribute routes from BGP on Switch B, so Switch C can obtain the route to 8.1.1.0/24.
Configuration procedure
1.
2.
Configure IP addresses for interfaces. (Details not shown.)
Configure OSPF:
Enable OSPF in AS 65009, so Switch B can obtain the route to 9.1.2.0/24.
# Configure Switch B.
<SwitchB> system-view
[SwitchB] ospf 1
[SwitchB-ospf-1] area 0
[SwitchB-ospf-1-area-0.0.0.0] network 2.2.2.2 0.0.0.0
[SwitchB-ospf-1-area-0.0.0.0] network 9.1.1.0 0.0.0.255
[SwitchB-ospf-1-area-0.0.0.0] quit
[SwitchB-ospf-1] quit
229
3.
4.
# Configure Switch C.
<SwitchC> system-view
[SwitchC] ospf 1
[SwitchC-ospf-1] import-route direct
[SwitchC-ospf-1] area 0
[SwitchC-ospf-1-area-0.0.0.0] network 9.1.1.0 0.0.0.255
[SwitchC-ospf-1-area-0.0.0.0] quit
[SwitchC-ospf-1] quit
Configure the EBGP connection:
Configure the EBGP connection and inject network 8.1.1.0/24 to the BGP routing table of Switch
A, so that Switch B can obtain the route to 8.1.1.0/24.
# Configure Switch A.
<SwitchA> system-view
[SwitchA] bgp 65008
[SwitchA-bgp] router-id 1.1.1.1
[SwitchA-bgp] peer 3.1.1.1 as-number 65009
[SwitchA-bgp] ipv4-family unicast
[SwitchA-bgp-ipv4] peer 3.1.1.1 enable
[SwitchA-bgp-ipv4] network 8.1.1.0 24
[SwitchA-bgp-ipv4] quit
[SwitchA-bgp] quit
# Configure Switch B.
[SwitchB] bgp 65009
[SwitchB-bgp] router-id 2.2.2.2
[SwitchB-bgp] peer 3.1.1.2 as-number 65008
[SwitchB-bgp] ipv4-family unicast
[SwitchB-bgp-ipv4] peer 3.1.1.2 enable
Configure BGP and IGP route redistribution:
# Configure route redistribution between BGP and OSPF on Switch B.
[SwitchB-bgp-ipv4] import-route ospf 1
[SwitchB-bgp-ipv4] quit
[SwitchB-bgp] quit
[SwitchB] ospf 1
[SwitchB-ospf-1] import-route bgp
[SwitchB-ospf-1] quit
# Display the BGP routing table on Switch A.
[SwitchA] display bgp routing-table ipv4
Total number of routes: 3
BGP local router ID is 1.1.1.1
Status codes: * - valid, > - best, d - damped, h - history,
s - suppressed, S - Stale, i - internal, e - external
Origin: i - IGP, e - EGP, ? - incomplete
Network NextHop MED LocPrf PrefVal Path/Ogn
230
>e 3.3.3.3/32 3.1.1.1 1 0 65009?
> 8.1.1.0/24 8.1.1.1 0 0 i
>e 9.1.2.0/24 3.1.1.1 1 0 65009?
# Display the OSPF routing table on Switch C.
[SwitchC] display ospf routing
OSPF Process 1 with Router ID 3.3.3.3
Routing Tables
Routing for Network
Destination Cost Type NextHop AdvRouter Area
9.1.1.0/24 1 Transit 9.1.1.2 3.3.3.3 0.0.0.0
2.2.2.2/32 1 Stub 9.1.1.1 2.2.2.2 0.0.0.0
Routing for ASEs
Destination Cost Type Tag NextHop AdvRouter
8.1.1.0/24 1 Type2 1 9.1.1.1 2.2.2.2
Total Nets: 3
Intra Area: 2 Inter Area: 0 ASE: 1 NSSA: 0
Verifying the configuration
# Use ping for verification.
[SwitchA] ping -a 8.1.1.1 9.1.2.1
PING 9.1.2.1 (9.1.2.1) from 8.1.1.1: 56 data bytes
56 bytes from 9.1.2.1: icmp_seq=0 ttl=254 time=10.000 ms
56 bytes from 9.1.2.1: icmp_seq=1 ttl=254 time=12.000 ms
56 bytes from 9.1.2.1: icmp_seq=2 ttl=254 time=2.000 ms
56 bytes from 9.1.2.1: icmp_seq=3 ttl=254 time=7.000 ms
56 bytes from 9.1.2.1: icmp_seq=4 ttl=254 time=9.000 ms
--- 9.1.2.1 ping statistics ---
5 packet(s) transmitted, 5 packet(s) received, 0.0% packet loss round-trip min/avg/max/stddev = 2.000/8.000/12.000/3.406 ms
[SwitchC] ping -a 9.1.2.1 8.1.1.1
PING 8.1.1.1 (8.1.1.1) from 9.1.2.1: 56 data bytes
56 bytes from 8.1.1.1: icmp_seq=0 ttl=254 time=9.000 ms
56 bytes from 8.1.1.1: icmp_seq=1 ttl=254 time=4.000 ms
56 bytes from 8.1.1.1: icmp_seq=2 ttl=254 time=3.000 ms
56 bytes from 8.1.1.1: icmp_seq=3 ttl=254 time=3.000 ms
56 bytes from 8.1.1.1: icmp_seq=4 ttl=254 time=3.000 ms
--- 8.1.1.1 ping statistics ---
5 packet(s) transmitted, 5 packet(s) received, 0.0% packet loss round-trip min/avg/max/stddev = 3.000/4.400/9.000/2.332 ms
231
BGP route summarization configuration example
Network requirements
As shown in
Figure 59 , run EBGP between Switch C and Switch D, so the internal network and external
network can communicate with each other.
In AS 65106, configure static routing between Switch A and Switch B, configure OSPF between Switch
B and Switch C, and configure OSPF to redistribute static routes, so the devices in the internal network can communicate with each other.
Configure route summarization on Switch C so BGP advertises a summary route instead of the specific networks 192.168.64.0/24, 192.168.74.0/24, and 192.168.99.0/24 to Switch D.
Figure 59 Network diagram
Configuration procedure
1.
2.
Configure IP addresses for interfaces. (Details not shown.)
Configure static routing between Switch A and Switch B:
# Configure a default route with the next hop 192.168.212.1 on Switch A.
<SwitchA> system-view
3.
[SwitchA] ip route-static 0.0.0.0 0 192.168.212.1
# Configure static routes to 192.168.64.0/24, 192.168.74.0/24, and 192.168.99.0/24 with the same next hop 192.168.212.161 on Switch B.
<SwitchB> system-view
[SwitchB] ip route-static 192.168.64.0 24 192.168.212.161
[SwitchB] ip route-static 192.168.74.0 24 192.168.212.161
[SwitchB] ip route-static 192.168.99.0 24 192.168.212.161
Configure OSPF between Switch B and Switch C and configure OSPF on Switch B to redistribute static routes:
# Configure OSPF to advertise the local network and enable OSPF to redistribute static routes on
Switch B.
[SwitchB] ospf
[SwitchB-ospf-1] area 0
[SwitchB-ospf-1-area-0.0.0.0] network 172.17.100.0 0.0.0.255
[SwitchB-ospf-1-area-0.0.0.0] quit
[SwitchB-ospf-1] import-route static
232
4.
[SwitchB-ospf-1] quit
# Configure OSPF to advertise the local networks on Switch C.
[SwitchC] ospf
[SwitchC-ospf-1] area 0
[SwitchC-ospf-1-area-0.0.0.0] network 172.17.100.0 0.0.0.255
[SwitchC-ospf-1-area-0.0.0.0] network 10.220.2.0 0.0.0.255
[SwitchC-ospf-1-area-0.0.0.0] quit
[SwitchC-ospf-1] quit
# Display the IP routing table on Switch C.
[SwitchC] display ip routing-table protocol ospf
Summary Count : 5
OSPF Routing table Status : <Active>
Summary Count : 3
Destination/Mask Proto Pre Cost NextHop Interface
192.168.64.0/24 OSPF 150 1 172.17.100.1 Vlan100
192.168.74.0/24 OSPF 150 1 172.17.100.1 Vlan100
192.168.99.0/24 OSPF 150 1 172.17.100.1 Vlan100
OSPF Routing table Status : <Inactive>
Summary Count : 2
Destination/Mask Proto Pre Cost NextHop Interface
10.220.2.0/24 OSPF 10 1 10.220.2.16 Vlan200
172.17.100.0/24 OSPF 10 1 172.17.100.2 Vlan100
The output shows that Switch C has learned routes to 192.168.64.0/24, 192.168.99.0/24, and
192.168.64.0/18 through OSPF.
Configure BGP between Switch C and Switch D and configure BGP on Switch C to redistribute
OSPF routes:
# On Switch C, enable BGP, specify Switch D as an EBGP peer, and configure BGP to redistribute
OSPF routes.
[SwitchC] bgp 65106
[SwitchC-bgp] router-id 3.3.3.3
[SwitchC-bgp] peer 10.220.2.217 as-number 64631
[SwitchC-bgp] ipv4-family unicast
[SwitchC-bgp-ipv4] peer 10.220.2.217 enable
[SwitchC-bgp-ipv4] import-route ospf
# Enable BGP, and configure Switch C as an EBGP peer on Switch D.
[SwitchD] bgp 64631
[SwitchD-bgp] router-id 4.4.4.4
[SwitchD-bgp] peer 10.220.2.16 as-number 65106
[SwitchD-bgp] ipv4-family unicast
[SwitchD-bgp-ipv4] peer 10.220.2.16 enable
[SwitchD-bgp-ipv4] quit
[SwitchD-bgp] quit
233
5.
# Display the IP routing table on Switch D.
[SwitchD] display ip routing-table protocol bgp
Summary Count : 3
BGP Routing table Status : <Active>
Summary Count : 3
Destination/Mask Proto Pre Cost NextHop Interface
192.168.64.0/24 BGP 255 1 10.220.2.16 Vlan200
192.168.74.0/24 BGP 255 1 10.220.2.16 Vlan200
192.168.99.0/24 BGP 255 1 10.220.2.16 Vlan200
BGP Routing table Status : <Inactive>
Summary Count : 0
The output shows that Switch D has learned routes to 192.168.64.0/24, 192.168.74.0/24, and
192.168.99.0/24 through BGP.
After the above configurations, ping hosts on networks 192.168.74.0/24, 192.168.99.0/24, and 192.168.64.0/18 from Switch D. The ping operations succeed.
Configure route summarization on Switch C to summarize 192.168.64.0/24,
192.168.74.0/24, and 192.168.99.0/24 into a single route 192.168.64.0/18 on Switch C, and disable advertisement of the specific routes.
[SwitchC-bgp-ipv4] aggregate 192.168.64.0 18 detail-suppressed
[SwitchC-bgp-ipv4] quit
[SwitchC-bgp] quit
Verifying the configuration
# Display IP routing table on Switch C.
[SwitchC] display ip routing-table | include 192.168
192.168.64.0/18 BGP 130 0 127.0.0.1 NULL0
192.168.64.0/24 OSPF 150 1 172.17.100.1 Vlan100
192.168.74.0/24 OSPF 150 1 172.17.100.1 Vlan100
192.168.99.0/24 OSPF 150 1 172.17.100.1 Vlan100
The output shows that Switch C has a summary route 192.168.64.0/18 with the output interface Null0.
# Display IP routing table on Switch D.
[SwitchD] display ip routing-table protocol bgp
Summary Count : 1
BGP Routing table Status : <Active>
Summary Count : 1
Destination/Mask Proto Pre Cost NextHop Interface
192.168.64.0/18 BGP 255 0 10.220.2.16 Vlan200
BGP Routing table Status : <Inactive>
Summary Count : 0
234
The output shows that Switch D has only one route 192.168.64.0/18 to AS 65106.
After the above configurations, ping the hosts on networks 192.168.64.0/24, 192.168.74.0/24 and
192.168.99.0/24 from Switch D. The ping operations succeed.
BGP load balancing configuration example
Network requirements
, run EBGP between Switch A and Switch B and between Switch A and Switch C.
Run IBGP between Switch B and Switch C. Configure load balancing over the two EBGP links on Switch
A.
Figure 60 Network diagram
Configuration considerations
On Switch A, establish EBGP connections with Switch B and Switch C. Configure BGP to advertise network 8.1.1.0/24 to Switch B and Switch C, so that Switch B and Switch C can access the internal network connected to Switch A.
On Switch B, establish an EBGP connection with Switch A and an IBGP connection with Switch C.
Configure BGP to advertise network 9.1.1.0/24 to Switch A, so that Switch A can access the intranet through Switch B. Configure a static route to interface loopback 0 on Switch C (or use a routing protocol like OSPF) to establish the IBGP connection.
On Switch C, establish an EBGP connection with Switch A and an IBGP connection with Switch B.
Configure BGP to advertise network 9.1.1.0/24 to Switch A, so that Switch A can access the intranet through Switch C. Configure a static route to interface loopback 0 on Switch B (or use another protocol like OSPF) to establish the IBGP connection.
Configure load balancing on Switch A.
Configuration procedure
1.
2.
Configure IP addresses for interfaces. (Details not shown.)
Configure BGP connections:
# Configure Switch A.
<SwitchA> system-view
[SwitchA] bgp 65008
235
[SwitchA-bgp] router-id 1.1.1.1
[SwitchA-bgp] peer 3.1.1.1 as-number 65009
[SwitchA-bgp] peer 3.1.2.1 as-number 65009
[SwitchA-bgp] ipv4-family unicast
[SwitchA-bgp-ipv4] peer 3.1.1.1 enable
[SwitchA-bgp-ipv4] peer 3.1.2.1 enable
[SwitchA-bgp-ipv4] network 8.1.1.1 24
[SwitchA-bgp-ipv4] quit
[SwitchA-bgp] quit
# Configure Switch B.
<SwitchB> system-view
[SwitchB] bgp 65009
[SwitchB-bgp] router-id 2.2.2.2
[SwitchB-bgp] peer 3.1.1.2 as-number 65008
[SwitchB-bgp] peer 3.3.3.3 as-number 65009
[SwitchB-bgp] peer 3.3.3.3 connect-interface loopback 0
[SwitchB-bgp] ipv4-family unicast
[SwitchB-bgp-ipv4] peer 3.1.1.2 enable
[SwitchB-bgp-ipv4] peer 3.3.3.3 enable
[SwitchB-bgp-ipv4] network 9.1.1.0 24
[SwitchB-bgp-ipv4] quit
[SwitchB-bgp] quit
[SwitchB] ip route-static 3.3.3.3 32 9.1.1.2
# Configure Switch C.
<SwitchC> system-view
[SwitchC] bgp 65009
[SwitchC-bgp] router-id 3.3.3.3
[SwitchC-bgp] peer 3.1.2.2 as-number 65008
[SwitchC-bgp] peer 2.2.2.2 as-number 65009
[SwitchC-bgp] peer 2.2.2.2 connect-interface loopback 0
[SwitchC-bgp] ipv4-family unicast
[SwitchC-bgp-ipv4] peer 3.1.2.2 enable
[SwitchC-bgp-ipv4] peer 2.2.2.2 enable
[SwitchC-bgp-ipv4] network 9.1.1.0 24
[SwitchC-bgp-ipv4] quit
[SwitchC-bgp] quit
[SwitchC] ip route-static 2.2.2.2 32 9.1.1.1
# Display the BGP routing table on Switch A.
[SwitchA] display bgp routing-table ipv4
Total number of routes: 3
BGP local router ID is 1.1.1.1
Status codes: * - valid, > - best, d - damped, h - history,
s - suppressed, S - Stale, i - internal, e - external
Origin: i - IGP, e - EGP, ? - incomplete
Network NextHop MED LocPrf PrefVal Path/Ogn
236
3.
> 8.1.1.0/24 8.1.1.1 0 0 i
>e 9.1.1.0/24 3.1.1.1 0 0 65009i
* e 3.1.2.1 0 0 65009i
{
The output shows two valid routes to destination 9.1.1.0/24. The route with next hop 3.1.1.1 is marked with a greater-than sign (>), indicating it is the best route (because the ID of Switch B is smaller). The route with next hop 3.1.2.1 is marked with an asterisk (*), indicating it is a valid route, but not the best.
{
By using the display ip routing-table command, you can find only one route to 9.1.1.0/24 with next hop 3.1.1.1 and outbound interface VLAN-interface 200.
Configure loading balancing:
Because Switch A has two routes to reach AS 65009, configuring load balancing over the two
BGP routes on Switch A can improve link usage.
# Configure Switch A.
[SwitchA] bgp 65008
[SwitchA-bgp] ipv4-family unicast
[SwitchA-bgp-ipv4] balance 2
[SwitchA-bgp-ipv4] quit
[SwitchA-bgp] quit
Verifying the configuration
# Display the BGP routing table on Switch A.
[SwitchA] display bgp routing-table ipv4
Total number of routes: 3
BGP local router ID is 1.1.1.1
Status codes: * - valid, > - best, d - damped, h - history,
s - suppressed, S - Stale, i - internal, e - external
Origin: i - IGP, e - EGP, ? - incomplete
Network NextHop MED LocPrf PrefVal Path/Ogn
> 8.1.1.0/24 8.1.1.1 0 0 i
>e 9.1.1.0/24 3.1.1.1 0 0 65009i
>e 3.1.2.1 0 0 65009i
•
The route 9.1.1.0/24 has two next hops, 3.1.1.1 and 3.1.2.1, both of which are marked with a greater-than sign (>), indicating they are the best routes.
• By using the display ip routing-table command, you can find two routes to 9.1.1.0/24. One has next hop 3.1.1.1 and outbound interface VLAN-interface 200, and the other has next hop 3.1.2.1 and outbound interface VLAN-interface 300.
237
BGP community configuration example
Network requirements
As shown in
Figure 61 , Switch B establishes EBGP connections with Switch A and C. Configure
NO_EXPORT community attribute on Switch A to make routes from AS 10 not advertised by AS 20 to any other AS.
Figure 61 Network diagram
Configuration procedure
1.
2.
Configure IP addresses for interfaces. (Details not shown.)
Configure EBGP:
# Configure Switch A.
<SwitchA> system-view
[SwitchA] bgp 10
[SwitchA-bgp] router-id 1.1.1.1
[SwitchA-bgp] peer 200.1.2.2 as-number 20
[SwitchA-bgp] ipv4-family unicast
[SwitchA-bgp-ipv4] peer 200.1.2.2 enable
[SwitchA-bgp-ipv4] network 9.1.1.0 255.255.255.0
[SwitchA-bgp] quit
# Configure Switch B.
<SwitchB> system-view
[SwitchB] bgp 20
[SwitchB-bgp] router-id 2.2.2.2
[SwitchB-bgp] peer 200.1.2.1 as-number 10
[SwitchB-bgp] peer 200.1.3.2 as-number 30
[SwitchB-bgp] ipv4-family unicast
[SwitchB-bgp-ipv4] peer 200.1.2.1 enable
[SwitchB-bgp-ipv4] peer 200.1.3.2 enable
[SwitchB-bgp-ipv4] quit
[SwitchB-bgp] quit
# Configure Switch C.
<SwitchC> system-view
[SwitchC] bgp 30
[SwitchC-bgp] router-id 3.3.3.3
238
[SwitchC-bgp] peer 200.1.3.1 as-number 20
[SwitchC-bgp] ipv4-family unicast
[SwitchC-bgp-ipv4] peer 200.1.3.1 enable
[SwitchC-bgp-ipv4] quit
[SwitchC-bgp] quit
# Display the BGP routing table on Switch B.
[SwitchB] display bgp routing-table ipv4 9.1.1.0
BGP local router ID: 2.2.2.2
Local AS number: 20
Paths: 1 available, 1 best
BGP routing table information of 9.1.1.0/24:
From : 200.1.2.1 (1.1.1.1)
Relay nexthop : 200.1.2.1
Original nexthop: 200.1.2.1
OutLabel : NULL
AS-path : 10
Origin : igp
Attribute value : pref-val 0
State : valid, external, best,
# Display advertisement information of network 9.1.1.0 on Switch B.
[SwitchB] display bgp routing-table ipv4 9.1.1.0 advertise-info
BGP local router ID: 2.2.2.2
Local AS number: 20
Paths: 1 best
BGP routing table information of 9.1.1.0/24:
Advertised to peers (1 in total):
200.1.3.2
The output shows that Switch B can advertise the route with the destination 9.1.1.0/24 to other
ASs through BGP.
# Display the BGP routing table on Switch C.
[SwitchC] display bgp routing-table ipv4
Total number of routes: 1
BGP local router ID is 3.3.3.3
Status codes: * - valid, > - best, d - dampened, h - history,
s - suppressed, S - stale, i - internal, e - external
Origin: i - IGP, e - EGP, ? - incomplete
Network NextHop MED LocPrf PrefVal Path/Ogn
>e 9.1.1.0/24 200.1.3.1 0 20 10i
239
3.
The output shows that Switch C has learned route 9.1.1.0/24 from Switch B.
Configure BGP community:
# Configure a routing policy.
[SwitchA] route-policy comm_policy permit node 0
[SwitchA-route-policy-comm_policy-0] apply community no-export
[SwitchA-route-policy-comm_policy-0] quit
# Apply the routing policy.
[SwitchA] bgp 10
[SwitchA-bgp] ipv4-family unicast
[SwitchA-bgp-ipv4] peer 200.1.2.2 route-policy comm_policy export
[SwitchA-bgp-ipv4] peer 200.1.2.2 advertise-community
Verifying the configuration
# Display the routing table on Switch B.
[SwitchB] display bgp routing-table ipv4 9.1.1.0
BGP local router ID: 2.2.2.2
Local AS number: 20
Paths: 1 available, 1 best
BGP routing table information of 9.1.1.0/24:
From : 200.1.2.1 (1.1.1.1)
Relay nexthop : 200.1.2.1
Original nexthop: 200.1.2.1
OutLabel : NULL
Community : No-Export
AS-path : 10
Origin : igp
Attribute value : pref-val 0
State : valid, external, best,
# Display advertisement information for the route 9.1.1.0 on Switch B.
[SwitchB] display bgp routing-table ipv4 9.1.1.0 advertise-info
BGP local router ID: 2.2.2.2
Local AS number: 20
Paths: 1 best
BGP routing table information of 9.1.1.0/24:
Not advertised to any peers yet
# Display the BGP routing table on Switch C.
[SwitchC] display bgp routing-table ipv4
Total number of routes: 0
You can see the NO_EXPORT community attribute in the output. In this case, Switch B does not advertise the route 9.1.1.0/24 through BGP.
240
BGP route reflector configuration example
Network requirements
In Figure 62 , all switches run BGP.
• Between Switch A and Switch B is an EBGP connection, between Switch C and Switch B, and between Switch C and Switch D are IBGP connections.
•
Switch C is a route reflector with clients Switch B and D.
• Switch D can learn route 20.0.0.0/8 from Switch C.
Figure 62 Network diagram
Configuration procedure
1.
2.
Configure IP addresses for interfaces. (Details not shown.)
Configure BGP connections:
# Configure Switch A.
<SwitchA> system-view
[SwitchA] bgp 100
[SwitchA-bgp] router-id 1.1.1.1
[SwitchA-bgp] peer 192.1.1.2 as-number 200
[SwitchA-bgp] ipv4-family unicast
[SwitchA-bgp-ipv4] peer 192.1.1.2 enable
# Inject network 20.0.0.0/8 to the BGP routing table.
[SwitchA-bgp-ipv4] network 20.0.0.0
[SwitchA-bgp-ipv4] quit
[SwitchA-bgp] quit
# Configure Switch B.
<SwitchB> system-view
[SwitchB] bgp 200
[SwitchB-bgp] router-id 2.2.2.2
[SwitchB-bgp] peer 192.1.1.1 as-number 100
[SwitchB-bgp] peer 193.1.1.1 as-number 200
[SwitchB-bgp] ipv4-family unicast
[SwitchB-bgp-ipv4] peer 192.1.1.1 enable
[SwitchB-bgp-ipv4] peer 193.1.1.1 enable
[SwitchB-bgp-ipv4] peer 193.1.1.1 next-hop-local
241
3.
[SwitchB-bgp-ipv4] quit
[SwitchB-bgp] quit
# Configure Switch C.
<SwitchC> system-view
[SwitchC] bgp 200
[SwitchC-bgp] router-id 3.3.3.3
[SwitchC-bgp] peer 193.1.1.2 as-number 200
[SwitchC-bgp] peer 194.1.1.2 as-number 200
[SwitchC-bgp] ipv4-family unicast
[SwitchC-bgp-ipv4] peer 193.1.1.2 enable
[SwitchC-bgp-ipv4] peer 194.1.1.2 enable
[SwitchC-bgp-ipv4] quit
[SwitchC-bgp] quit
# Configure Switch D.
<SwitchD> system-view
[SwitchD] bgp 200
[SwitchD-bgp] router-id 4.4.4.4
[SwitchD-bgp] peer 194.1.1.1 as-number 200
[SwitchD-bgp] ipv4-family unicast
[SwitchD-bgp-ipv4] peer 194.1.1.1 enable
[SwitchD-bgp-ipv4] quit
[SwitchD-bgp] quit
Configure Switch C as the route reflector.
[SwitchC] bgp 200
[SwitchC-bgp] ipv4-family unicast
[SwitchC-bgp-ipv4] peer 193.1.1.2 reflect-client
[SwitchC-bgp-ipv4] peer 194.1.1.2 reflect-client
[SwitchC-bgp-ipv4] quit
[SwitchC-bgp] quit
Verifying the configuration
# Display the BGP routing table on Switch B.
[SwitchB] display bgp routing-table ipv4
Total number of routes: 1
BGP local router ID is 2.2.2.2
Status codes: * - valid, > - best, d - damped, h - history,
s - suppressed, S - Stale, i - internal, e - external
Origin: i - IGP, e - EGP, ? - incomplete
Network NextHop MED LocPrf PrefVal Path/Ogn
>e 20.0.0.0 192.1.1.1 0 0 100i
# Display the BGP routing table on Switch D.
[SwitchD] display bgp routing-table ipv4
Total number of routes: 1
242
BGP local router ID is 4.4.4.4
Status codes: * - valid, > - best, d - damped, h - history,
s - suppressed, S - Stale, i - internal, e - external
Origin: i - IGP, e - EGP, ? - incomplete
Network NextHop MED LocPrf PrefVal Path/Ogn
i 20.0.0.0 193.1.1.2 0 100 0 100i
Switch D has learned route 20.0.0.0/8 from Switch C.
BGP confederation configuration example
Network requirements
, to reduce IBGP connections, AS 200 is split into three sub-ASs: AS65001,
AS65002, and AS65003. Switches in AS65001 are fully meshed.
Figure 63 Network diagram
Switch C
Switch F
Switch B
Vlan-int600
Vlan-int200
Vlan-int300
AS 65002
AS 65003
Vlan-int100
Switch A
AS 100
Vlan-int100
Switch A
Vlan-int500
00
Vl an
-int3
Vlan-int400
Vlan-int400
Switch D
Vlan-int200
Vlan-int500
AS 65001
Vlan-int200
Switch E
AS 200
Vlan-int100
Device
200.1.1.1/24 Switch D Vlan-int200 10.1.5.1/24
Switch E
Switch B
Switch C
Configuration procedure
Vlan-int200
Vlan-int300
1.
2.
10.1.1.2/24
10.1.2.2/24
Configure IP addresses for interfaces. (Details not shown.)
Configure BGP confederation:
# Configure Switch A.
<SwitchA> system-view
[SwitchA] bgp 65001
[SwitchA-bgp] router-id 1.1.1.1
243
Vlan-int200 10.1.5.2/24
Vlan-int500 10.1.4.2/24
Vlan-int600 9.1.1.1/24
3.
[SwitchA-bgp] confederation id 200
[SwitchA-bgp] confederation peer-as 65002 65003
[SwitchA-bgp] peer 10.1.1.2 as-number 65002
[SwitchA-bgp] peer 10.1.2.2 as-number 65003
[SwitchA-bgp] ipv4-family unicast
[SwitchA-bgp-ipv4] peer 10.1.1.2 enable
[SwitchA-bgp-ipv4] peer 10.1.2.2 enable
[SwitchA-bgp-ipv4] peer 10.1.1.2 next-hop-local
[SwitchA-bgp-ipv4] peer 10.1.2.2 next-hop-local
[SwitchA-bgp-ipv4] quit
[SwitchA-bgp] quit
# Configure Switch B.
<SwitchB> system-view
[SwitchB] bgp 65002
[SwitchB-bgp] router-id 2.2.2.2
[SwitchB-bgp] confederation id 200
[SwitchB-bgp] confederation peer-as 65001 65003
[SwitchB-bgp] peer 10.1.1.1 as-number 65001
[SwitchB-bgp] ipv4-family unicast
[SwitchB-bgp-ipv4] peer 10.1.1.1 enable
[SwitchB-bgp-ipv4] quit
[SwitchB-bgp] quit
# Configure Switch C.
<SwitchC> system-view
[SwitchC] bgp 65003
[SwitchC-bgp] router-id 3.3.3.3
[SwitchC-bgp] confederation id 200
[SwitchC-bgp] confederation peer-as 65001 65002
[SwitchC-bgp] peer 10.1.2.1 as-number 65001
[SwitchC-bgp] ipv4-family unicast
[SwitchC-bgp-ipv4] peer 10.1.2.1 enable
[SwitchC-bgp-ipv4] quit
[SwitchC-bgp] quit
Configure IBGP connections in AS 65001:
# Configure Switch A.
[SwitchA] bgp 65001
[SwitchA-bgp] peer 10.1.3.2 as-number 65001
[SwitchA-bgp] peer 10.1.4.2 as-number 65001
[SwitchA-bgp] ipv4-family unicast
[SwitchA-bgp-ipv4] peer 10.1.3.2 enable
[SwitchA-bgp-ipv4] peer 10.1.4.2 enable
[SwitchA-bgp-ipv4] peer 10.1.3.2 next-hop-local
[SwitchA-bgp-ipv4] peer 10.1.4.2 next-hop-local
[SwitchA-bgp-ipv4] quit
[SwitchA-bgp] quit
# Configure Switch D.
<SwitchD> system-view
244
4.
[SwitchD] bgp 65001
[SwitchD-bgp] router-id 4.4.4.4
[SwitchD-bgp] confederation id 200
[SwitchD-bgp] peer 10.1.3.1 as-number 65001
[SwitchD-bgp] peer 10.1.5.2 as-number 65001
[SwitchD-bgp] ipv4-family unicast
[SwitchD-bgp-ipv4] peer 10.1.3.1 enable
[SwitchD-bgp-ipv4] peer 10.1.5.2 enable
[SwitchD-bgp-ipv4] quit
[SwitchD-bgp] quit
# Configure Switch E.
<SwitchE> system-view
[SwitchE] bgp 65001
[SwitchE-bgp] router-id 5.5.5.5
[SwitchE-bgp] confederation id 200
[SwitchE-bgp] peer 10.1.4.1 as-number 65001
[SwitchE-bgp] peer 10.1.5.1 as-number 65001
[SwitchE-bgp] ipv4-family unicast
[SwitchE-bgp-ipv4] peer 10.1.4.1 enable
[SwitchE-bgp-ipv4] peer 10.1.5.1 enable
[SwitchE-bgp-ipv4] quit
[SwitchE-bgp] quit
Configure the EBGP connection between AS 100 and AS 200:
# Configure Switch A.
[SwitchA] bgp 65001
[SwitchA-bgp] peer 200.1.1.2 as-number 100
[SwitchA-bgp] ipv4-family unicast
[SwitchA-bgp-ipv4] peer 200.1.1.2 enable
[SwitchA-bgp-ipv4] quit
[SwitchA-bgp] quit
# Configure Switch F.
<SwitchF> system-view
[SwitchF] bgp 100
[SwitchF-bgp] router-id 6.6.6.6
[SwitchF-bgp] peer 200.1.1.1 as-number 200
[SwitchF-bgp] ipv4-family unicast
[SwitchF-bgp-ipv4] peer 200.1.1.1 enable
[SwitchF-bgp-ipv4] network 9.1.1.0 255.255.255.0
[SwitchF-bgp-ipv4] quit
[SwitchF-bgp] quit
Verifying the configuration
# Display the routing table on Switch B, which is similar to that on Switch C.
[SwitchB] display bgp routing-table ipv4
Total number of routes: 1
BGP local router ID is 2.2.2.2
245
Status codes: * - valid, > - best, d - damped, h - history,
s - suppressed, S - Stale, i - internal, e - external
Origin: i - IGP, e - EGP, ? - incomplete
Network NextHop MED LocPrf PrefVal Path/Ogn
>i 9.1.1.0/24 10.1.1.1 0 100 0 (65001)
100i
[SwitchB] display bgp routing-table ipv4 9.1.1.0
BGP local router ID: 2.2.2.2
Local AS number: 65002
Paths: 1 available, 1 best
BGP routing table information of 9.1.1.0/24:
From : 10.1.1.1 (1.1.1.1)
Relay nexthop : 10.1.1.1
Original nexthop: 10.1.1.1
OutLabel : NULL
AS-path : (65001) 100
Origin : igp
Attribute value : MED 0, localpref 100, pref-val 0, pre 255
State : valid, external-confed, best,
# Display the BGP routing table on Switch D.
[SwitchD] display bgp routing-table ipv4
Total number of routes: 1
BGP local router ID is 4.4.4.4
Status codes: * - valid, > - best, d - damped, h - history,
s - suppressed, S - Stale, i - internal, e - external
Origin: i - IGP, e - EGP, ? - incomplete
Network NextHop MED LocPrf PrefVal Path/Ogn
>i 9.1.1.0/24 10.1.3.1 0 100 0 100i
[SwitchD] display bgp routing-table ipv4 9.1.1.0
BGP local router ID: 4.4.4.4
Local AS number: 65001
Paths: 1 available, 1 best
BGP routing table information of 9.1.1.0/24:
From : 10.1.3.1 (1.1.1.1)
Relay nexthop : 10.1.3.1
Original nexthop: 10.1.3.1
246
OutLabel : NULL
AS-path : 100
Origin : igp
Attribute value : MED 0, localpref 100, pref-val 0, pre 255
State : valid, internal-confed, best,
The output indicates the following:
•
Switch F can send route information to Switch B and Switch C through the confederation by establishing only an EBGP connection with Switch A.
• Switch B and Switch D are in the same confederation, but belong to different sub-ASs. They obtain external route information from Switch A and generate the same BGP route entries. It is likely that they reside in the same AS, although they have no direct connection in between.
BGP path selection configuration example
Network requirements
, all switches run BGP. EBGP runs between Switch A and Switch B, and between Switch A and Switch C. IBGP runs between Switch B and Switch D, and between Switch D and Switch C. OSPF is the IGP protocol in AS 200.
Configure routing policies, making Switch D use the route 1.0.0.0/8 from Switch C as the optimal.
Figure 64 Network diagram
Switch A Vlan-int101 1.0.0.1/8
Device
Switch D Vlan-int400 195.1.1.1/24
Vlan-int200 Switch C
Switch B Vlan-int100 192.1.1.2/24
Vlan-int400 195.1.1.2/24
Vlan-int200 193.1.1.2/24
Configuration procedure
1.
2.
Configure IP addresses for interfaces. (Details not shown.)
Configure OSPF on Switch B, Switch C, and Switch D:
# Configure Switch B.
<SwitchB> system-view
[SwitchB] ospf
[SwitchB-ospf] area 0
[SwitchB-ospf-1-area-0.0.0.0] network 192.1.1.0 0.0.0.255
247
3.
[SwitchB-ospf-1-area-0.0.0.0] network 194.1.1.0 0.0.0.255
[SwitchB-ospf-1-area-0.0.0.0] quit
[SwitchB-ospf-1] quit
# Configure Switch C.
<SwitchC> system-view
[SwitchC] ospf
[SwitchC-ospf] area 0
[SwitchC-ospf-1-area-0.0.0.0] network 193.1.1.0 0.0.0.255
[SwitchC-ospf-1-area-0.0.0.0] network 195.1.1.0 0.0.0.255
[SwitchC-ospf-1-area-0.0.0.0] quit
[SwitchC-ospf-1] quit
# Configure Switch D.
<SwitchD> system-view
[SwitchD] ospf
[SwitchD-ospf] area 0
[SwitchD-ospf-1-area-0.0.0.0] network 194.1.1.0 0.0.0.255
[SwitchD-ospf-1-area-0.0.0.0] network 195.1.1.0 0.0.0.255
[SwitchD-ospf-1-area-0.0.0.0] quit
[SwitchD-ospf-1] quit
Configure BGP connections:
# Configure Switch A.
<SwitchA> system-view
[SwitchA] bgp 100
[SwitchA-bgp] peer 192.1.1.2 as-number 200
[SwitchA-bgp] peer 193.1.1.2 as-number 200
[SwitchA-bgp] ipv4-family unicast
[SwitchA-bgp-ipv4] peer 192.1.1.2 enable
[SwitchA-bgp-ipv4] peer 193.1.1.2 enable
# Inject network 1.0.0.0/8 to the BGP routing table on Switch A.
[SwitchA-bgp-ipv4] network 1.0.0.0 8
[SwitchA-bgp-ipv4] quit
[SwitchA-bgp] quit
# Configure Switch B.
[SwitchB] bgp 200
[SwitchB-bgp] peer 192.1.1.1 as-number 100
[SwitchB-bgp] peer 194.1.1.1 as-number 200
[SwitchB-bgp] ipv4-family unicast
[SwitchB-bgp-ipv4] peer 192.1.1.1 enable
[SwitchB-bgp-ipv4] peer 194.1.1.1 enable
[SwitchB-bgp-ipv4] quit
[SwitchB-bgp] quit
# Configure Switch C.
[SwitchC] bgp 200
[SwitchC-bgp] peer 193.1.1.1 as-number 100
[SwitchC-bgp] peer 195.1.1.1 as-number 200
[SwitchC-bgp] ipv4-family unicast
[SwitchC-bgp-ipv4] peer 193.1.1.1 enable
248
4.
[SwitchC-bgp-ipv4] peer 195.1.1.1 enable
[SwitchC-bgp-ipv4] quit
[SwitchC-bgp] quit
# Configure Switch D.
[SwitchD] bgp 200
[SwitchD-bgp] peer 194.1.1.2 as-number 200
[SwitchD-bgp] peer 195.1.1.2 as-number 200
[SwitchD-bgp] ipv4-family unicast
[SwitchD-bgp-ipv4] peer 194.1.1.2 enable
[SwitchD-bgp-ipv4] peer 195.1.1.2 enable
[SwitchD-bgp-ipv4] quit
[SwitchD-bgp] quit
Configure attributes for route 1.0.0.0/8, making Switch D give priority to the route learned from
Switch C:
{
(Method 1.) Configure a higher MED value for the route 1.0.0.0/8 advertised from Switch A to peer 192.1.1.2:
# Define an ACL numbered 2000 to permit route 1.0.0.0/8.
[SwitchA] acl number 2000
[SwitchA-acl-basic-2000] rule permit source 1.0.0.0 0.255.255.255
[SwitchA-acl-basic-2000] quit
# Define two routing policies, apply_med_50, which sets the MED for route 1.0.0.0/8 to 50, and apply_med_100, which sets the MED for route 1.0.0.0/8 to 100.
[SwitchA] route-policy apply_med_50 permit node 10
[SwitchA-route-policy-apply_med_50-10] if-match ip address acl 2000
[SwitchA-route-policy-apply_med_50-10] apply cost 50
[SwitchA-route-policy-apply_med_50-10] quit
[SwitchA] route-policy apply_med_100 permit node 10
[SwitchA-route-policy-apply_med_100-10] if-match ip address acl 2000
[SwitchA-route-policy-apply_med_100-10] apply cost 100
[SwitchA-route-policy-apply_med_100-10] quit
# Apply routing policy apply_med_50 to the route advertised to peer 193.1.1.2 (Switch C), and apply_med_100 to the route advertised to peer 192.1.1.2 (Switch B).
[SwitchA] bgp 100
[SwitchA-bgp] ipv4-family unicast
[SwitchA-bgp-ipv4] peer 193.1.1.2 route-policy apply_med_50 export
[SwitchA-bgp-ipv4] peer 192.1.1.2 route-policy apply_med_100 export
[SwitchA-bgp-ipv4] quit
[SwitchA-bgp] quit
# Display the BGP routing table on Switch D.
[SwitchD] display bgp routing-table ipv4
Total number of routes: 2
BGP local router ID is 195.1.1.1
Status codes: * - valid, > - best, d - dampened, h - history,
s - suppressed, S - stale, i - internal, e - external
Origin: i - IGP, e - EGP, ? - incomplete
249
{
Network NextHop MED LocPrf PrefVal Path/Ogn
>i 1.0.0.0 193.1.1.1 50 100 0 100i
* i 192.1.1.1 100 100 0 100i
Route 1.0.0.0/8 is the optimal.
(Method 2.) Configure different local preferences on Switch B and C for route 1.0.0.0/8, making Switch D give priority to the route from Switch C:
# Define an ACL numbered 2000 on Router C, permitting route 1.0.0.0/8.
[SwitchC] acl number 2000
[SwitchC-acl-basic-2000] rule permit source 1.0.0.0 0.255.255.255
[SwitchC-acl-basic-2000] quit
# Configure a routing policy named localpref on Switch C, setting the local preference of route
1.0.0.0/8 to 200 (the default is 100).
[SwitchC] route-policy localpref permit node 10
[SwitchC-route-policy-localpref-10] if-match ip address acl 2000
[SwitchC-route-policy-localpref-10] apply local-preference 200
[SwitchC-route-policy-localpref-10] quit
# Apply routing policy localpref to routes from peer 193.1.1.1.
[SwitchC] bgp 200
[SwitchC-bgp] ipv4-family unicast
[SwitchC-bgp-ipv4] peer 193.1.1.1 route-policy localpref import
[SwitchC-bgp-ipv4] quit
[SwitchC-bgp] quit
# Display the BGP routing table on Switch D.
[SwitchD] display bgp routing-table ipv4
Total number of routes: 2
BGP local router ID is 195.1.1.1
Status codes: * - valid, > - best, d - dampened, h - history,
s - suppressed, S - stale, i - internal, e - external
Origin: i - IGP, e - EGP, ? - incomplete
Network NextHop MED LocPrf PrefVal Path/Ogn
>i 1.0.0.0 193.1.1.1 200 0 100i
* i 192.1.1.1 100 0 100i
Route 1.0.0.0/8 learned from Switch C is the optimal.
BGP GR configuration example
Network requirements
are all BGP switches. EBGP runs between Switch A and Switch B. IBGP runs between Switch
B and Switch C. Enable GR capability for BGP so that the communication between Switch A and Switch
C is not affected when an active/standby switchover occurs on Switch B.
250
Figure 65 Network diagram
Configuration procedure
1.
Configure Switch A:
# Configure IP addresses for interfaces. (Details not shown.)
# Configure the EBGP connection.
<SwitchA> system-view
[SwitchA] bgp 65008
[SwitchA-bgp] router-id 1.1.1.1
[SwitchA-bgp] peer 200.1.1.1 as-number 65009
# Enable GR capability for BGP.
[SwitchA-bgp] graceful-restart
# Inject network 8.0.0.0/8 to the BGP routing table.
[SwitchA-bgp] ipv4-family
2.
3.
[SwitchA-bgp-ipv4] network 8.0.0.0
# Enable Switch A to exchange IPv4 unicast routing information with Switch B.
[SwitchA-bgp-ipv4] peer 200.1.1.1 enable
Configure Switch B:
# Configure IP addresses for interfaces. (Details not shown.)
# Configure the EBGP connection.
<SwitchB> system-view
[SwitchB] bgp 65009
[SwitchB-bgp] router-id 2.2.2.2
[SwitchB-bgp] peer 200.1.1.2 as-number 65008
# Configure the IBGP connection.
[SwitchB-bgp] peer 9.1.1.2 as-number 65009
# Enable GR capability for BGP.
[SwitchB-bgp] graceful-restart
# Inject networks 200.1.1.0/24 and 9.1.1.0/24 to the BGP routing table.
[SwitchB-bgp] ipv4-family
[SwitchB-bgp-ipv4] network 200.1.1.0 24
[SwitchB-bgp-ipv4] network 9.1.1.0 24
# Enable Switch B to exchange IPv4 unicast routing information with Switch A and Switch C.
[SwitchB-bgp-ipv4] peer 200.1.1.2 enable
[SwitchB-bgp-ipv4] peer 9.1.1.2 enable
Configure Switch C:
# Configure IP addresses for interfaces. (Details not shown.)
# Configure the IBGP connection.
251
<SwitchC> system-view
[SwitchC] bgp 65009
[SwitchC-bgp] router-id 3.3.3.3
[SwitchC-bgp] peer 9.1.1.1 as-number 65009
# Enable GR capability for BGP.
[SwitchC-bgp] graceful-restart
# Enable Switch C to exchange IPv4 unicast routing information with Switch B.
[SwitchC-bgp-ipv4] peer 9.1.1.1 enable
Verifying the configuration
Ping Switch C on Switch A. Meanwhile, perform an active/standby switchover on Switch B. The ping operation is successful during the whole switchover process.
BFD for BGP configuration example
Network requirements
As shown in
,
•
Configure OSPF as the IGP in AS 200.
•
Establish two IBGP connections between Switch A and Switch C. When both paths are working,
Switch C adopts the path Switch A<—>Switch B<—>Switch C to exchange packets with network
1.1.1.0/24. Configure BFD over the path. If the path fails, BFD can quickly detect the failure and notify it to BGP. Then the path Switch A<—>Switch D<—>Switch C takes effect immediately.
Figure 66 Network diagram
Switch A
Switch B
Vlan-int100
Vlan-int100
3.0.1.1/24
3.0.1.2/24
Device
Switch C
Switch D
Vlan-int101 3.0.2.2/24
Vlan-int201 2.0.2.2/24
Vlan-int200 2.0.1.2/24
252
Configuration procedure
1.
2.
3.
Configure IP addresses for interfaces. (Details not shown.)
Configure OSPF to make sure that Switch A and Switch C are reachable to each other. (Details not shown.)
Configure BGP on Switch A:
# Establish two IBGP connections to Switch C.
<SwitchA> system-view
4.
[SwitchA] bgp 200
[SwitchA-bgp] peer 3.0.2.2 as-number 200
[SwitchA-bgp] peer 2.0.2.2 as-number 200
[SwitchA-bgp] ipv4-family unicast
[SwitchA-bgp-ipv4] peer 3.0.2.2 enable
[SwitchA-bgp-ipv4] peer 2.0.2.2 enable
[SwitchA-bgp-ipv4] quit
[SwitchA-bgp] quit
# Create ACL 2000 to permit 1.1.1.0/24 to pass.
[SwitchA] acl number 2000
[SwitchA-acl-basic-2000] rule permit source 1.1.1.0 0.0.0.255
[SwitchA-acl-basic-2000] quit
# Create two route policies, apply_med_50 and apply_med_100. Policy apply_med_50 sets the
MED for route 1.1.1.0/24 to 50. Policy apply_med_100 sets that to 100.
[SwitchA] route-policy apply_med_50 permit node 10
[SwitchA-route-policy-apply_med_50-10] if-match ip address acl 2000
[SwitchA-route-policy-apply_med_50-10] apply cost 50
[SwitchA-route-policy-apply_med_50-10] quit
[SwitchA] route-policy apply_med_100 permit node 10
[SwitchA-route-policy-apply_med_100-10] if-match ip address acl 2000
[SwitchA-route-policy-apply_med_100-10] apply cost 100
[SwitchA-route-policy-apply_med_100-10] quit
# Apply routing policy apply_med_50 to routes outgoing to peer 3.0.2.2, and apply routing policy apply_med_100 to routes outgoing to peer 2.0.2.2.
[SwitchA] bgp 200
[SwitchA-bgp] ipv4-family unicast
[SwitchA-bgp-ipv4] peer 3.0.2.2 route-policy apply_med_50 export
[SwitchA-bgp-ipv4] peer 2.0.2.2 route-policy apply_med_100 export
[SwitchA-bgp-ipv4] quit
# Enable BFD for peer 3.0.2.2.
[SwitchA-bgp] peer 3.0.2.2 bfd
[SwitchA-bgp] quit
Configure BGP on Switch C:
# Establish two IBGP connections to Switch A.
<SwitchC> system-view
[SwitchC] bgp 200
[SwitchC-bgp] peer 3.0.1.1 as-number 200
[SwitchC-bgp] peer 2.0.1.1 as-number 200
[SwitchC-bgp] ipv4-family unicast
253
[SwitchC-bgp-ipv4] peer 3.0.1.1 enable
[SwitchC-bgp-ipv4] peer 2.0.1.1 enable
[SwitchC-bgp-ipv4] quit
[SwitchC-bgp] quit
# Enable BFD for peer 3.0.1.1.
[SwitchC-bgp] peer 3.0.1.1 bfd
[SwitchC-bgp] quit
[SwitchC] quit
Verifying the configuration
# Display detailed BFD session information on Router C.
<SwitchC> display bfd session verbose
Total Session Num: 1 Up Session Num: 1 Init Mode: Active
IPv4 Session Working Under Ctrl Mode:
Local Discr: 513 Remote Discr: 513
Source IP: 3.0.2.2 Destination IP: 3.0.1.1
Session State: Up Interface: N/A
Min Tx Inter: 500ms Act Tx Inter: 500ms
Min Rx Inter: 500ms Detect Inter: 2500ms
Rx Count: 135 Tx Count: 135
Connect Type: Indirect Running Up for: 00:00:58
Hold Time: 2457ms Auth mode: None
Detect Mode: Async Slot: 0
Protocol: BGP
Diag Info: No Diagnostic
The output shows that a BFD session has been established between Switch A and Switch C and that BFD runs properly.
# Display BGP peer information on Switch C.
<SwitchC> display bgp peer ipv4
BGP local router ID: 3.3.3.3
Local AS number: 200
Total number of peers: 2 Peers in established state: 2
Peer AS MsgRcvd MsgSent OutQ PrefRcv Up/Down State
2.0.1.1 200 4 5 0 0 00:01:55 Established
3.0.1.1 200 4 5 0 0 00:01:52 Established
The output shows that Switch C has established two BGP connections with Switch A, and both connections are in Established state.
# Display route 1.1.1.0/24 on Switch C.
<SwitchC> display ip routing-table 1.1.1.0 24 verbose
Summary Count : 1
254
Destination: 1.1.1.0/24
Protocol: BGP Process ID: 0
SubProtID: 0x1 Age: 00h00m09s
Cost: 50 Preference: 255
Tag: 0 State: Active Adv
OrigTblID: 0x1 OrigVrf: default-vrf
TableID: 0x2 OrigAs: 0
NBRID: 0x15000001 LastAs: 0
AttrID: 0x1 Neighbor: 3.0.1.1
Flags: 0x10060 OrigNextHop: 3.0.1.1
Label: NULL RealNextHop: 3.0.2.1
BkLabel: NULL BkNextHop: N/A
Tunnel ID: Invalid Interface: Vlan-interface101
BkTunnel ID: Invalid BkInterface: N/A
The output shows that Switch C communicates with network 1.1.1.0/24 through the path Switch
C<—>Switch B<—>Switch A. Then the path Switch C<—>Switch B<—>Switch A fails.
# Enable debugging on Switch C.
<SwitchC> debugging bgp event
<SwitchC> terminal monitor
<SwitchC> terminal logging level 7
%Mar 12 19:02:59:241 2012 SwitchC BFD/6/FSM: -VDC=1; Sess[3.0.2.2/3.0.1.1, LD/RD:
513/513, Interface:N/A, SessType:Ctrl, LinkType:INET], Sta: UP->DOWN, Diag: 1
*Mar 12 19:02:59:242 2012 SwitchC BGP/7/DEBUG: -VDC=1;
BGP.: 3.0.1.1 Receive ManualStop event in ESTABLISHED state.
*Mar 12 19:02:59:242 2012 SwitchC BGP/7/DEBUG: -VDC=1;
BGP.: 3.0.1.1 Send NOTIFICATION
Err/SubErr: 6/0 (Cease/ErrSubCode Unspecified)
Error data NULL.
*Mar 12 19:02:59:243 2012 SwitchC BGP/7/DEBUG: -VDC=1;
BGP.: 3.0.1.1 State is changed from ESTABLISHED to IDLE.
The output shows that Switch C can quickly detect the link failure and notify BGP to change the relevant IBGP session state.
# Display route 1.1.1.0/24 on Switch C.
<SwitchC> display ip routing-table 1.1.1.0 24 verbose
Summary Count : 1
Destination: 1.1.1.0/24
Protocol: BGP Process ID: 0
SubProtID: 0x1 Age: 00h03m08s
Cost: 100 Preference: 255
Tag: 0 State: Active Adv
OrigTblID: 0x1 OrigVrf: default-vrf
TableID: 0x2 OrigAs: 0
NBRID: 0x15000000 LastAs: 0
AttrID: 0x0 Neighbor: 2.0.1.1
255
Flags: 0x10060 OrigNextHop: 2.0.1.1
Label: NULL RealNextHop: 2.0.2.1
BkLabel: NULL BkNextHop: N/A
Tunnel ID: Invalid Interface: Vlan-interface201
BkTunnel ID: Invalid BkInterface: N/A
The output shows that Switch C communicates with network 1.1.1.0/24 through the path Switch
C<—>Switch D<—>Switch A.
IPv6 BGP configuration examples
IPv6 BGP basic configuration example
Network requirements
In Figure 67 , run EBGP between Switch A and Switch B, and run IBGP between Switch B and Switch C
so that Switch C can access the network 50::/64 connected to Switch A.
Figure 67 Network diagram
Configuration procedure
1.
2.
Configure IP addresses for interfaces. (Details not shown.)
Configure IBGP:
# Configure Switch B.
<SwitchB> system-view
3.
[SwitchB] bgp 65009
[SwitchB-bgp] router-id 2.2.2.2
[SwitchB-bgp] peer 9::2 as-number 65009
[SwitchB-bgp] ipv6-family
[SwitchB-bgp-ipv6] peer 9::2 enable
[SwitchB-bgp-ipv6] quit
# Configure Switch C.
<SwitchC> system-view
[SwitchC] bgp 65009
[SwitchC-bgp] router-id 3.3.3.3
[SwitchC-bgp] peer 9::1 as-number 65009
[SwitchC-bgp] ipv6-family
[SwitchC-bgp-ipv6] peer 9::1 enable
Configure EBGP:
# Configure Switch A.
<SwitchA> system-view
256
4.
[SwitchA] bgp 65008
[SwitchA-bgp] router-id 1.1.1.1
[SwitchA-bgp] peer 10::1 as-number 65009
[SwitchA-bgp] ipv6-family
[SwitchA-bgp-ipv6] peer 10::1 enable
# Configure Switch B.
[SwitchB-bgp] peer 10::2 as-number 65008
[SwitchB-bgp] ipv6-family
[SwitchB-bgp-ipv6] peer 10::2 enable
Inject network routes to the BGP routing table:
# Configure Switch A.
[SwitchA-bgp-ipv6] network 10:: 64
[SwitchA-bgp-ipv6] network 50:: 64
[SwitchA-bgp-ipv6] quit
[SwitchA-bgp] quit
# Configure Switch B.
[SwitchB-bgp-ipv6] network 10:: 64
[SwitchB-bgp-ipv6] network 9:: 64
[SwitchB-bgp-ipv6] quit
[SwitchB-bgp] quit
# Configure Switch C.
[SwitchC-bgp-ipv6] network 9:: 64
[SwitchC-bgp-ipv6] quit
[SwitchC-bgp] quit
Verifying the configuration
# Display IPv6 BGP peer information on Switch B.
[SwitchB] display bgp peer ipv6
BGP local router ID: 2.2.2.2
Local AS number: 65009
Total number of peers: 2 Peers in established state: 2
Peer AS MsgRcvd MsgSent OutQ PrefRcv Up/Down State
9::2 65009 41 43 0 1 00:29:00 Established
10::2 65008 38 38 0 2 00:27:20 Established
The output shows that Switch A and Switch B have established an EBGP connection, and Switch B and
Switch C have established an IBGP connection.
# Display IPv6 BGP routing table information on Switch A.
[SwitchA] display bgp routing-table ipv6
Total number of routes: 4
BGP local router ID is 1.1.1.1
Status codes: * - valid, > - best, d - dampened, h - history,
s - suppressed, S - stale, i - internal, e - external
257
Origin: i - IGP, e - EGP, ? - incomplete
>e Network : 9:: PrefixLen : 64
NextHop : 10::1 LocPrf :
PrefVal : 0 OutLabel : NULL
MED : 0
Path/Ogn: 65009i
> Network : 10:: PrefixLen : 64
NextHop : :: LocPrf :
PrefVal : 32768 OutLabel : NULL
MED : 0
Path/Ogn: i
* e Network : 10:: PrefixLen : 64
NextHop : 10::1 LocPrf :
PrefVal : 0 OutLabel : NULL
MED : 0
Path/Ogn: 65009i
> Network : 50:: PrefixLen : 64
NextHop : :: LocPrf :
PrefVal : 32768 OutLabel : NULL
MED : 0
Path/Ogn: i
The output shows that Switch A has learned routing information of AS 65009.
# Display IPv6 BGP routing table information on Switch C.
[SwitchC] display bgp routing-table ipv6
Total number of routes: 4
BGP local router ID is 3.3.3.3
Status codes: * - valid, > - best, d - dampened, h - history,
s - suppressed, S - stale, i - internal, e - external
Origin: i - IGP, e - EGP, ? - incomplete
> Network : 9:: PrefixLen : 64
NextHop : :: LocPrf :
PrefVal : 32768 OutLabel : NULL
MED : 0
Path/Ogn: i
* i Network : 9:: PrefixLen : 64
NextHop : 9::1 LocPrf : 100
PrefVal : 0 OutLabel : NULL
MED : 0
Path/Ogn: i
258
>i Network : 10:: PrefixLen : 64
NextHop : 9::1 LocPrf : 100
PrefVal : 0 OutLabel : NULL
MED : 0
Path/Ogn: i
>i Network : 50:: PrefixLen : 64
NextHop : 10::2 LocPrf : 100
PrefVal : 0 OutLabel : NULL
MED : 0
Path/Ogn: 65008i
The output shows that Switch C has learned the route 50::/64.
# Ping hosts on network 50::/64 on Switch C. The ping operations succeed.
IPv6 BGP route reflector configuration example
Network requirements
, run EBGP between Switch A and Switch B, run IBGP between Switch C and Switch B, and between Switch C and Switch D. Switch C is a route reflector with clients Switch B and D.
Figure 68 Network diagram
Configuration procedure
1.
2.
Configure IPv6 addresses for interfaces and IPv4 addresses for loopback interfaces. (Details not shown.)
Configure IBGP and EBGP connections and advertise network routes through IPv6 BGP:
# Configure Switch A.
<SwitchA> system-view
[SwitchA] bgp 100
[SwitchA-bgp] router-id 1.1.1.1
[SwitchA-bgp] peer 100::2 as-number 200
[SwitchA-bgp] ipv6-family
[SwitchA-bgp-ipv6] peer 100::2 enable
[SwitchA-bgp-ipv6] network 1:: 64
[SwitchA-bgp-ipv6] network 100:: 96
[SwitchA-bgp-ipv6] quit
259
[SwitchA-bgp] quit
# Configure Switch B
<SwitchB> system-view
[SwitchB] bgp 200
[SwitchB-bgp] router-id 2.2.2.2
[SwitchB-bgp] peer 100::1 as-number 100
[SwitchB-bgp] peer 101::1 as-number 200
[SwitchB-bgp] ipv6-family
[SwitchB-bgp-ipv6] peer 100::1 enable
[SwitchB-bgp-ipv6] peer 101::1 enable
[SwitchB-bgp-ipv6] peer 101::1 next-hop-local
[SwitchB-bgp-ipv6] network 100:: 96
[SwitchB-bgp-ipv6] network 101:: 96
[SwitchB-bgp-ipv6] quit
[SwitchB-bgp] quit
# Configure Switch C.
<SwitchC> system-view
3.
[SwitchC] bgp 200
[SwitchC-bgp] router-id 3.3.3.3
[SwitchC-bgp] peer 101::2 as-number 200
[SwitchC-bgp] peer 102::2 as-number 200
[SwitchC-bgp] ipv6-family
[SwitchC-bgp-ipv6] peer 101::2 enable
[SwitchC-bgp-ipv6] peer 102::2 enable
[SwitchC-bgp-ipv6] network 101:: 96
[SwitchC-bgp-ipv6] network 102:: 96
# Configure Switch D.
<SwitchD> system-view
[SwitchD] bgp 200
[SwitchD-bgp] router-id 4.4.4.4
[SwitchD-bgp] peer 102::1 as-number 200
[SwitchD-bgp] ipv6-family
[SwitchD-bgp-ipv6] peer 102::1 enable
[SwitchD-bgp-ipv6] network 102:: 96
Configure Switch C as a route reflector, and configure Switch B and Switch D as its clients.
[SwitchC-bgp-ipv6] peer 101::2 reflect-client
[SwitchC-bgp-ipv6] peer 102::2 reflect-client
[SwitchC-bgp-ipv6] quit
[SwitchC-bgp] quit
Verifying the configuration
# Execute the display bgp routing-table ipv6 command on Switch D.
[SwitchD] display bgp routing-table ipv6
Total number of routes: 5
BGP local router ID is 4.4.4.4
Status codes: * - valid, > - best, d - dampened, h - history,
260
s - suppressed, S - stale, i - internal, e - external
Origin: i - IGP, e - EGP, ? - incomplete
>i Network : 1:: PrefixLen : 64
NextHop : 101::2 LocPrf : 100
PrefVal : 0 OutLabel : NULL
MED : 0
Path/Ogn: 100i
>i Network : 100:: PrefixLen : 96
NextHop : 101::2 LocPrf : 100
PrefVal : 0 OutLabel : NULL
MED : 0
Path/Ogn: i
>i Network : 101:: PrefixLen : 96
NextHop : 102::1 LocPrf : 100
PrefVal : 0 OutLabel : NULL
MED : 0
Path/Ogn: i
> Network : 102:: PrefixLen : 96
NextHop : :: LocPrf :
PrefVal : 32768 OutLabel : NULL
MED : 0
Path/Ogn: i
* i Network : 102:: PrefixLen : 96
NextHop : 102::1 LocPrf : 100
PrefVal : 0 OutLabel : NULL
MED : 0
Path/Ogn: i
The output shows that Switch D has learned the network 1::/64 from Switch C through route reflection.
BFD for IPv6 BGP configuration example
Network requirements
As shown in
Figure 69 , configure OSPFv3 as the IGP in AS 200.
Establish two IBGP connections between Switch A and Switch C. When both paths are working, Switch
C adopts the path Switch A<—>Switch B<—>Switch C to exchange packets with network 1200::0/64.
Configure BFD over the path. Then if the path fails, BFD can quickly detect the failure and notify it to IPv6
BGP. Then the path Switch A<—>Switch D<—>Switch C takes effect immediately.
261
Figure 69 Network diagram
AS 100
1200::0/64
Switch B
Vlan-int100 Vlan-int101
Vlan-int100
Vlan-int101
Switch A
Vlan-int200
AS 200
Vlan-int201
Switch C
AS 300
Vlan-int200
Switch D
Vlan-int201
Device
Switch A
Switch B
Interface
Vlan-int100
Vlan-int100
IP address
3000::1/64
3000::2/64
Device
Switch C
Switch D
Interface IP address
Vlan-int101 3001::3/64
Vlan-int201 2001::3/64
Vlan-int200 2000::2/64
Vlan-int201 2001::2/64
Configuration procedure
1.
2.
3.
Configure IPv6 addresses for interfaces. (Details not shown.)
Configure OSPFv3 so that Switch A and Switch C can reach each other. (Details not shown.)
Configure IPv6 BGP on Switch A:
# Establish two IBGP connections to Switch C.
<SwitchA> system-view
[SwitchA] bgp 200
[SwitchA-bgp] router-id 1.1.1.1
[SwitchA-bgp] peer 3001::3 as-number 200
[SwitchA-bgp] peer 2001::3 as-number 200
[SwitchA-bgp] ipv6-family
[SwitchA-bgp-ipv6] peer 3001::3 enable
[SwitchA-bgp-ipv6] peer 2001::3 enable
[SwitchA-bgp-ipv6] quit
# Create IPv6 ACL 2000 to permit 1200::0/64 to pass.
[SwitchA] acl ipv6 number 2000
[SwitchA-acl6-basic-2000] rule permit source 1200:: 64
[SwitchA-acl6-basic-2000] quit
# Create two route policies, apply_med_50 and apply_med_100. Policy apply_med_50 sets the
MED for route 1200::0/64 to 50. Policy apply_med_100 sets that to 100.
[SwitchA] route-policy apply_med_50 permit node 10
[SwitchA-route-policy-apply_med_50-10] if-match ipv6 address acl 2000
[SwitchA-route-policy-apply_med_50-10] apply cost 50
[SwitchA-route-policy-apply_med_50-10] quit
262
[SwitchA] route-policy apply_med_100 permit node 10
[SwitchA-route-policy-apply_med_100-10] if-match ipv6 address acl 2000
[SwitchA-route-policy-apply_med_100-10] apply cost 100
[SwitchA-route-policy-apply_med_100-10] quit
# Apply routing policy apply_med_50 to routes outgoing to peer 3001::3, and apply routing policy apply_med_100 to routes outgoing to peer 2001::3.
[SwitchA] bgp 200
4.
[SwitchA-bgp] ipv6-family unicast
[SwitchA-bgp-ipv6] peer 3001::3 route-policy apply_med_50 export
[SwitchA-bgp-ipv6] peer 2001::3 route-policy apply_med_100 export
[SwitchA-bgp-ipv6] quit
# Enable BFD for peer 3001::3.
[SwitchA-bgp] peer 3001::3 bfd
[SwitchA-bgp] quit
Configure IPv6 BGP on Switch C:
# Establish two IBGP connections to Switch A.
<SwitchC> system-view
[SwitchC] bgp 200
[SwitchC-bgp] router-id 3.3.3.3
[SwitchC-bgp] peer 3000::1 as-number 200
[SwitchC-bgp] peer 2000::1 as-number 200
[SwitchC-bgp] ipv6-family
[SwitchC-bgp-ipv6] peer 3000::1 enable
[SwitchC-bgp-ipv6] peer 2000::1 enable
[SwitchC-bgp-ipv6] quit
# Enable BFD for peer 3001::1.
[SwitchC-bgp] peer 3000::1 bfd
[SwitchC-bgp] quit
[SwitchC] quit
Verifying the configuration
# Display detailed BFD session information on Switch C.
<SwitchC> display bfd session verbose
Total Session Num: 1 Up Session Num: 1 Init Mode: Active
IPv6 Session Working Under Ctrl Mode:
Local Discr: 513 Remote Discr: 513
Source IP: 3001::3
Destination IP: 3000::1
Session State: Up Interface: N/A
Min Tx Inter: 500ms Act Tx Inter: 500ms
Min Rx Inter: 500ms Detect Inter: 2500ms
Rx Count: 13 Tx Count: 14
Connect Type: Indirect Running Up for: 00:00:05
Hold Time: 2243ms Auth mode: None
Detect Mode: Async Slot: 0
Protocol: BGP6
263
Diag Info: No Diagnostic
The output shows that a BFD session has been established between Switch A and Switch C and that BFD runs properly.
# Display BGP peer information on Switch C.
<SwitchC> display bgp peer ipv6
BGP local router ID: 3.3.3.3
Local AS number: 200
Total number of peers: 2 Peers in established state: 2
Peer AS MsgRcvd MsgSent OutQ PrefRcv Up/Down State
2000::1 200 8 8 0 0 00:04:45 Established
3000::1 200 5 4 0 0 00:01:53 Established
The output shows that Switch C has established two BGP connections with Switch A, and both connections are in Established state.
# Display route 1200::0/64 on Switch C.
<SwitchC> display ipv6 routing-table 1200::0 64 verbose
Summary Count : 1
Destination: 1200::/64
Protocol: BGP4+ Process ID: 0
SubProtID: 0x1 Age: 00h01m07s
Cost: 50 Preference: 255
Tag: 0 State: Active Adv
OrigTblID: 0x1 OrigVrf: default-vrf
TableID: 0xa OrigAs: 0
NBRID: 0x25000001 LastAs: 0
AttrID: 0x1 Neighbor: 3000::1
Flags: 0x10060 OrigNextHop: 3000::1
Label: NULL RealNextHop: FE80::20C:29FF:FE4A:3873
BkLabel: NULL BkNextHop: N/A
Tunnel ID: Invalid Interface: Vlan-interface101
BkTunnel ID: Invalid BkInterface: N/A
The output shows that Switch C communicates with network 1200::0/64 through the path Switch
C<—>Switch B<—>Switch A. Then the path Switch C<—>Switch B<—>Switch A fails.
# Enable debugging on Switch C.
<SwitchC> debugging bgp event
<SwitchC> terminal monitor
<SwitchC> terminal logging level 7
%Mar 14 15:00:24:256 2012 SwitchC BFD/6/FSM: -VDC=1; Sess[3002::2/3001::1, LD/RD:
513/513, Interface:N/A, SessType:Ctrl, LinkType:INET], Sta: UP->DOWN, Diag: 1
*Mar 14 15:00:24:257 2012 SwitchC BGP/7/DEBUG: -VDC=1;
BGP.: 3001::1 Receive ManualStop event in ESTABLISHED state.
264
*Mar 14 15:00:24:257 2012 SwitchC BGP/7/DEBUG: -VDC=1;
BGP.: 3001::1 Send NOTIFICATION
Err/SubErr: 6/0 (Cease/ErrSubCode Unspecified)
Error data NULL.
*Mar 14 15:00:24:258 2012 SwitchC BGP/7/DEBUG: -VDC=1;
BGP.: 3001::1 State is changed from ESTABLISHED to IDLE.
The output shows that Switch C can quickly detect the link failure and notify BGP to change the relevant
IBGP session state.
# Display route 1200::0/64 on Switch C.
<SwitchC> display ipv6 routing-table 1200::0 64 verbose
Summary Count : 1
Destination: 1200::/64
Protocol: BGP4+ Process ID: 0
SubProtID: 0x1 Age: 00h00m57s
Cost: 100 Preference: 255
Tag: 0 State: Active Adv
OrigTblID: 0x1 OrigVrf: default-vrf
TableID: 0xa OrigAs: 0
NBRID: 0x25000000 LastAs: 0
AttrID: 0x0 Neighbor: 2000::1
Flags: 0x10060 OrigNextHop: 2000::1
Label: NULL RealNextHop: FE80::20C:29FF:FE40:715
BkLabel: NULL BkNextHop: N/A
Tunnel ID: Invalid Interface: Vlan-interface201
BkTunnel ID: Invalid BkInterface: N/A
The output shows that Switch C communicates with network 1200::0/64 through the path Switch
C<—>Switch D<—>Switch A.
Troubleshooting BGP
Symptom
Display BGP peer information by using the display bgp peer ipv4 unicast or display bgp peer ipv6 unicast command. The state of the connection to a peer cannot become established.
Analysis
To become BGP peers, any two routers must establish a TCP connection using port 179 and exchange
Open messages successfully.
Solution
1.
Use the display current-configuration command to verify the current configuration, and verify that the peer's AS number is correct.
265
4.
5.
6.
7.
8.
2.
3.
Use the display bgp peer ipv4 unicast or display bgp peer ipv6 unicast command to verify that the peer's IP address/IPv6 address is correct.
If a loopback interface is used, verify that the loopback interface is specified with the peer connect-interface command.
If the peer is a non-direct EBGP peer, verify that the peer ebgp-max-hop command is configured.
Verify that a valid route to the peer is available.
Use the ping command to verify the connectivity to the peer.
Use the display tcp verbose or display ipv6 tcp verbose command to verify the TCP connection.
Verify that no ACL rule is applied to disable TCP port 179.
266
Configuring PBR
Introduction to PBR
Different from destination-based routing, policy-based routing (PBR) uses user-defined policies to route packets. A policy can specify the next hop and other parameters for packets that match specific criteria, such as ACLs.
A device uses PBR to forward matching packets and uses the routing table to forward other packets. If
PBR is not configured, the device uses the routing table to forward packets.
The device supports only interface PBR, which guides the forwarding of packets received on an interface only.
Policy
A policy comprises match criteria and actions to be taken on the matching packets. A policy can have one or multiple nodes as follows:
•
Each node is identified by a node number. A smaller node number has a higher priority.
•
A node comprises if-match and apply clauses. An if-match clause specifies a match criterion, and an apply clause specifies an action.
• A node has a match mode of permit or deny.
A policy matches nodes in priority order against packets. If a packet satisfies the match criteria on a node, it is processed by the action on the node. Otherwise, it goes to the next node for a match. If the packet does not match the criteria on any node, it is forwarded according to the routing table. if-match clause
PBR supports only the if-match acl clause, which sets an ACL match criterion.
You can specify only one if-match clause of each type for a node. apply clause
PBR supports only the apply next-hop clause, which sets the next hop for packets.
Relationship between the match mode and clauses on the node
Does a packet match all the if-match clauses on the node?
Yes.
No.
Match mode permit Deny
•
If the node is configured with an apply clause, PBR executes the apply clause on the node.
•
If the node is configured with no apply clause, the packet is forwarded according to the routing table.
PBR matches the packet against the next node.
The packet is forwarded according to the routing table.
PBR matches the packet against the next node.
267
A node that has no if-match clauses matches any packet.
PBR and track
PBR can work with the Track feature to dynamically adapt the availability status of a node configured with an apply clause to the link status of a tracked next hop.
When the track entry associated with the node changes to negative because the next hop is detected as being unavailable, the node cannot be used for forwarding. When the track entry changes to positive or
NotReady because the next hop is detected as being available, the node can be used for forwarding.
For more information about track-PBR collaboration, see High Availability Configuration Guide.
PBR configuration task list
Tasks at a glance
(Required.) Configuring a policy :
•
•
Configuring match criteria for a node
•
Configuring actions for a node
Configuring a policy
Creating a node
Step Command
1. Enter system view. system-view
2. Create a node for a policy, and enter policy node view. policy-based-route policy-name
[ deny | permit ] node node-number
Remarks
N/A
By default, no policy node is created.
Configuring match criteria for a node
Step Command
1. Enter system view. system-view
2. Enter policy node view. policy-based-route policy-name [ deny | permit ] node
node-number
3. Configure an
ACL match criterion. if-match acl acl-number
Remarks
N/A
N/A
By default, no ACL match criterion is configured.
268
NOTE:
If an ACL match criterion is defined, packets are matched against the ACL rules, and the permit or deny action and the time range of the specified ACL are ignored. If the specified ACL does not exist, no packet is matched.
Configuring actions for a node
Step Command
1. Enter system view. system-view
2. Enter policy node view. policy-based-route policy-name [ deny | permit ] node node-number
Remarks
N/A
N/A
3. Set next hops. apply next-hop [ vpn-instance
vpn-instance-name ] { ip-address [ direct ]
[ track track-entry-number ] }&<1-n>
By default, no next hop is specified.
You can specify multiple next hops for backup, which are executed in the order they are configured.
The value of n is 2.
Configuring PBR
Configure PBR by applying a policy to an interface. PBR uses the policy to guide the forwarding of packets received on the interface. The specified policy must exist. Otherwise, the interface PBR configuration fails.
You can apply only one policy on an interface. Before you apply a new policy, you must first remove the current policy from the interface.
You can apply the same policy on multiple interfaces.
To configure interface PBR:
Step Command
1. Enter system view. system-view
2. Enter interface view.
Remarks
N/A interface interface-type interface-number N/A
3. Apply a policy on the interface. ip policy-based-route policy-name
By default, no policy is applied on the interface.
Displaying and maintaining PBR
Execute display commands in any view and reset commands in user view.
Task Command
Display PBR policy information. display ip policy-based-route [ policy policy-name ]
Display PBR configuration. display ip policy-based-route setup
269
Task Command
Display interface PBR configuration and statistics. display ip policy-based-route interface interface-type
interface-number [ slot slot-number ]
Clear PBR statistics. reset ip policy-based-route statistics [ policy policy-name ]
Packet type-based interface PBR configuration example
Network requirements
, configure PBR on Switch A to forward all TCP packets received on VLAN-interface
11 to the next hop 1.1.2.2. Switch A forwards other packets according to the routing table.
Figure 70 Network diagram
Configuration procedure
1.
Configure Switch A:
# Configure ACL 3101 to match TCP packets.
<SwitchA> system-view
[SwitchA] acl number 3101
[SwitchA-acl-adv-3101] rule permit tcp
[SwitchA-acl-adv-3101] quit
# Configure Node 5 for policy aaa to forward TCP packets to next hop 1.1.2.2.
[SwitchA] policy-based-route aaa permit node 5
[SwitchA-pbr-aaa-5] if-match acl 3101
[SwitchA-pbr-aaa-5] apply next-hop 1.1.2.2
[SwitchA-pbr-aaa-5] quit
270
2.
3.
# Configure interface PBR by applying the policy aaa on VLAN-interface 11.
[SwitchA] interface vlan-interface 11
[SwitchA-Vlan-interface11] ip address 10.110.0.10 255.255.255.0
[SwitchA-Vlan-interface11] ip policy-based-route aaa
[SwitchA-Vlan-interface11] quit
# Configure the IP addresses of VLAN-interface 10 and VLAN-interface 20.
[SwitchA] interface vlan-interface 10
[SwitchA-Vlan-interface10] ip address 1.1.2.1 255.255.255.0
[SwitchA-Vlan-interface10] quit
[SwitchA] interface vlan-interface 20
[SwitchA-Vlan-interface20] ip address 1.1.3.1 255.255.255.0
Configure Switch B:
# Configure a static route to subnet 10.110.0.0/24.
<SwitchB> system-view
[SwitchB] ip route-static 10.110.0.0 24 1.1.2.1
# Configure the IP address of VLAN-interface 10.
[SwitchB] interface vlan-interface 10
[SwitchB-Vlan-interface10] ip address 1.1.2.2 255.255.255.0
Configure Switch C:
# Configure a static route to subnet 10.110.0.0/24.
<SwitchC> system-view
[SwitchC] ip route-static 10.110.0.0 24 1.1.3.1
# Configure the IP address of VLAN-interface 20.
[SwitchC] interface vlan-interface 20
[SwitchC-Vlan-interface20] ip address 1.1.3.2 255.255.255.0
Verifying the configuration
# Configure the IP address 10.110.0.20/24 for Host A, and specify its gateway address as 10.110.0.10.
# On Host A, Telnet to Switch B that is directly connected to Switch A. The operation succeeds.
# On Host A, Telnet to Switch C that is directly connected to Switch A. The operation fails.
# Ping Switch C from Host A. The operation succeeds.
Telnet uses TCP and ping uses ICMP. The preceding results show that all TCP packets arriving on
VLAN-interface 11 of Switch A are forwarded to next hop 1.1.2.2, and other packets are forwarded through VLAN-interface 20. The interface PBR configuration is effective.
271
Configuring IPv6 static routing
Static routes are manually configured and cannot adapt to network topology changes. If a fault or a topological change occurs in the network, the network administrator must modify the static routes manually. IPv6 static routing works well in a simple IPv6 network.
Configuring an IPv6 static route
Before you configure an IPv6 static route, complete the following tasks:
•
Configure parameters for the related interfaces.
•
Configure link layer attributes for the related interfaces.
• Ensure that the neighboring nodes can reach each other.
To configure an IPv6 static route:
Step Command
1. Enter system view. system-view
2.
Configure an IPv6 static route.
•
Approach 1: ipv6 route-static ipv6-address prefix-length
{ interface-type interface-number
[ next-hop-address ] | next-hop-address | vpn-instance d-vpn-instance-name
next-hop-address } [ permanent ] [ preference
preference-value ] [ tag tag-value ]
[ description description-text ]
•
Approach 2: ipv6 route-static vpn-instance
s-vpn-instance-name ipv6-address
prefix-length { interface-type interface-number
[ next-hop-address ] | next-hop-address
[ public ] | vpn-instance d-vpn-instance-name
next-hop-address } [ permanent ] [ preference
preference-value ] [ tag tag-value ]
[ description description-text ]
3. (Optional.) Configure the default preference for IPv6 static routes. ipv6 route-static default-preference
default-preference-value
Remarks
N/A
Use either approach.
By default, no IPv6 static route is configured.
The default setting is 60.
4. (Optional.) Delete all IPv6 static routes, including the default route. delete ipv6 [ vpn-instance vpn-instance-name ] static-routes all
The undo ipv6 route-static command deletes one IPv6 static route.
Configuring BFD for IPv6 static routes
BFD provides a general purpose, standard, and medium- and protocol-independent fast failure detection mechanism. It can uniformly and quickly detect the failures of the bidirectional forwarding paths between
272
two routers for protocols, such as routing protocols and MPLS. For more information about BFD, see High
Availability Configuration Guide.
IMPORTANT:
Enabling BFD for a flapping route could worsen the situation.
Bidirectional control mode
To use BFD bidirectional control detection between two devices, enable BFD control mode for each device's static route destined to the peer.
To configure a static route and enable BFD control mode for it, specify an output interface and a direct next hop, or specify an indirect next hop and a specific BFD packet source address for the static route.
To configure BFD control mode for an IPv6 static route (direct next hop):
Step Command
1. Enter system view. system-view
2. Configure BFD control mode for an
IPv6 static route.
•
Approach 1: ipv6 route-static ipv6-address prefix-length
interface-type interface-number next-hop-address bfd control-packet [ preference preference-value ] [ tag
tag-value ] [ description description-text ]
•
Approach 2: ipv6 route-static vpn-instance s-vpn-instance-name
ipv6-address prefix-length interface-type
interface-number next-hop-address bfd control-packet
[ preference preference-value ] [ tag tag-value ]
[ description description-text ]
To configure BFD control mode for an IPv6 static route (indirect next hop):
Remarks
N/A
Step Command
1. Enter system view. system-view
2. Configure BFD control mode for an
IPv6 static route.
•
Approach 1: ipv6 route-static ipv6-address prefix-length
{ next-hop-address bfd control-packet bfd-source
ipv6-address | vpn-instance d-vpn-instance-name
next-hop-address bfd control-packet bfd-source ip-address }
[ preference preference-value ] [ tag tag-value ] [ description
description-text ]
•
Approach 2: ipv6 route-static vpn-instance s-vpn-instance-name
ipv6-address prefix-length { next-hop-address bfd control-packet bfd-source ipv6-address | vpn-instance
d-vpn-instance-name next-hop-address bfd control-packet bfd-source ipv6-address } [ preference preference-value ]
[ tag tag-value ] [ description description-text ]
Use either approach.
By default, BFD control mode for an
IPv6 static route is not configured.
Remarks
N/A
Use either approach.
By default, BFD control mode for an IPv6 static route is not configured.
273
Single-hop echo mode
With BFD echo mode enabled for a static route, the output interface sends BFD echo packets to the destination device, which loops the packets back to test the link reachability.
IMPORTANT:
Do not use BFD for a static route with the output interface in spoofing state.
To configure BFD echo mode for an IPv6 static route:
Step Command
1. Enter system view. system-view
2. Configure the source address of echo packets. bfd echo-source-ipv6 ipv6-address
Remarks
N/A
By default, the source address of echo packets is not configured.
The source address of echo packets must be a global unicast address.
For more information about this command, see High
Availability Command
Reference.
3. Configure BFD echo mode for an IPv6 static route.
•
Approach 1: ipv6 route-static ipv6-address prefix-length
interface-type interface-number
next-hop-address bfd echo-packet
[ preference preference-value ] [ tag
tag-value ] [ description description-text ]
•
Approach 2: ipv6 route-static vpn-instance
s-vpn-instance-name ipv6-address
prefix-length interface-type
interface-number next-hop-address bfd echo-packet [ preference preference-value ]
[ tag tag-value ] [ description
description-text ]
Use either approach.
By default, BFD echo mode for an IPv6 static route is not configured.
The next hop IPv6 address must be a global unicast address.
Displaying and maintaining IPv6 static routes
Execute display commands in any view.
Task Command
Display IPv6 static route information. display ipv6 routing-table protocol static [ inactive | verbose ]
274
IPv6 static routing configuration examples
Basic IPv6 static route configuration example
Network requirements
As shown in
Figure 71 , configure IPv6 static routes so that hosts can reach one another.
Figure 71 Network diagram
Host B
2::2/64
Vlan-int400
2::1/64
Vlan-int200
4::2/64
Switch B
Vlan-int300
5::2/64
Vlan-int200
4::1/64
Vlan-int300
5::1/64
Host A
1::2/64
Vlan-int100
1::1/64
Switch A
Vlan-int500
Switch C
3::1/64
Host C
3::2/64
Configuration procedure
1.
2.
Configure the IPv6 addresses for all VLAN interfaces. (Details not shown.)
Configure IPv6 static routes:
# Configure a default IPv6 static route on Switch A.
<SwitchA> system-view
3.
4.
[SwitchA] ipv6 route-static :: 0 4::2
# Configure two IPv6 static routes on Switch B.
<SwitchB> system-view
[SwitchB] ipv6 route-static 1:: 64 4::1
[SwitchB] ipv6 route-static 3:: 64 5::1
# Configure a default IPv6 static route on Switch C.
<SwitchC> system-view
[SwitchC] ipv6 route-static :: 0 5::2
Configure the IPv6 addresses for all the hosts and configure the default gateway of Host A, Host
B, and Host C as 1::1, 2::1, and 3::1.
Verify the configuration:
# Display the IPv6 static route information on Switch A.
[SwitchA] display ipv6 routing-table protocol static
Summary Count : 1
Static Routing table Status : <Active>
Summary Count : 1
275
Destination: :: Protocol : Static
NextHop : 4::2 Preference: 60
Interface : Vlan-interface200 Cost : 0
Static Routing table Status : <Inactive>
Summary Count : 0
# Display the IPv6 static route information on Switch B.
[SwitchB] display ipv6 routing-table protocol static
Summary Count : 2
Static Routing table Status : <Active>
Summary Count : 2
Destination: 1::/64 Protocol : Static
NextHop : 4::1 Preference: 60
Interface : Vlan-interface200 Cost : 0
Destination: 3::/64 Protocol : Static
NextHop : 5::1 Preference: 60
Interface : Vlan-interface300 Cost : 0
Static Routing table Status : <Inactive>
Summary Count : 0
# Use the ping command to test the reachability.
[SwitchA] ping ipv6 3::1
PING6(104=40+8+56 bytes) 4::1 --> 3::1
56 bytes from 3::1, icmp_seq=0 hlim=62 time=4.000 ms
56 bytes from 3::1, icmp_seq=1 hlim=62 time=3.000 ms
56 bytes from 3::1, icmp_seq=2 hlim=62 time=2.000 ms
56 bytes from 3::1, icmp_seq=3 hlim=62 time=2.000 ms
56 bytes from 3::1, icmp_seq=4 hlim=62 time=2.000 ms
--- 3::1 ping6 statistics ---
5 packet(s) transmitted, 5 packet(s) received, 0.0% packet loss round-trip min/avg/max/std-dev = 2.000/10.200/42.000/15.905 ms
BFD for IPv6 static routes configuration example (direct next hop)
Network requirements
route to subnet 121::/64 on Switch B. Enable BFD for both routes. Configure an IPv6 static route to subnet
120::/64 and an IPv6 static route to subnet 121::/64 on Switch C. When the link between Switch A and
Switch B through the Layer 2 switch fails, BFD can detect the failure immediately, and Switch A and
Switch B can communicate through Switch C.
276
Figure 72 Network diagram
Device Interface IPv6 address
Switch A Vlan-int10 12::1/64
Device
Switch B
Interface IPv6 address
Vlan-int10 12::2/64
Vlan-int13 13::1/64
Configuration procedure
1.
2.
Configure IPv6 addresses for interfaces. (Details not shown.)
Configure IPv6 static routes and BFD:
# Configure IPv6 static routes on Switch A and enable BFD control mode for the static route that traverses the Layer 2 switch.
<SwitchA> system-view
[SwitchA] interface vlan-interface 10
[SwitchA-vlan-interface10] bfd min-transmit-interval 500
[SwitchA-vlan-interface10] bfd min-receive-interval 500
[SwitchA-vlan-interface10] bfd detect-multiplier 9
[SwitchA-vlan-interface10] quit
[SwitchA] ipv6 route-static 120:: 64 vlan-interface 10 FE80::2E0:FCFF:FE58:123E bfd control-packet
[SwitchA] ipv6 route-static 120:: 64 10::100 preference 65
[SwitchA] quit
# Configure IPv6 static routes on Switch B and enable BFD control mode for the static route that traverses the Layer 2 switch.
<SwitchB> system-view
[SwitchB] interface vlan-interface 10
[SwitchB-vlan-interface10] bfd min-transmit-interval 500
[SwitchB-vlan-interface10] bfd min-receive-interval 500
[SwitchB-vlan-interface10] bfd detect-multiplier 9
[SwitchB-vlan-interface10] quit
[SwitchB] ipv6 route-static 121:: 64 vlan-interface 10 FE80::2A0:FCFF:FE00:580A bfd control-packet
[SwitchB] ipv6 route-static 121:: 64 vlan-interface 13 13::2 preference 65
[SwitchB] quit
# Configure IPv6 static routes on Switch C.
<SwitchC> system-view
[SwitchC] ipv6 route-static 120:: 64 13::1
[SwitchC] ipv6 route-static 121:: 64 10::102
277
Verifying the configuration
# Display the BFD sessions on Switch A.
<SwitchA> display bfd session
Total Session Num: 1 Up Session Num: 1 Init Mode: Active
IPv6 Session Working Under Ctrl Mode:
Local Discr: 513 Remote Discr: 33
Source IP: FE80::2A0:FCFF:FE00:580A (link-local address of VLAN-interface 10 on
Switch A)
Destination IP: FE80::2E0:FCFF:FE58:123E (link-local address of VLAN-interface 10 on
Switch B)
Session State: Up Interface: Vlan10
Hold Time: 2012ms
The output shows that the BFD session has been created.
# Display IPv6 static routes on Switch A.
<SwitchA> display ipv6 routing-table protocol static
Summary Count : 1
Static Routing table Status : <Active>
Summary Count : 1
Destination: 12::/64 Protocol : Static
NextHop : 12::2 Preference: 60
Interface : Vlan10 Cost : 0
Direct Routing table Status : <Inactive>
Summary Count : 0
The output shows that Switch A communicates with Switch B through VLAN-interface 10. Then the link over VLAN-interface 10 fails.
# Display IPv6 static routes on Switch A again.
<SwitchA> display ipv6 routing-table protocol static
Summary Count : 1
Static Routing table Status : <Active>
Summary Count : 1
Destination: 120::/64 Protocol : Static
NextHop : 10::100 Preference: 65
Interface : Vlan11 Cost : 0
Static Routing table Status : < Inactive>
Summary Count : 0
278
The output shows that Switch A communicates with Switch B through VLAN-interface 11.
BFD for IPv6 static routes configuration example (indirect next hop)
Network requirements
In
, Switch A has a route to interface Loopback 1 (2::9/128) on Switch B, with the output interface being VLAN-interface 10. Switch B has a route to interface Loopback 1 (1::9/128) on Switch A, with the output interface being VLAN-interface 12. Switch D has a route to 1::9/128, with the output interface being VLAN-interface 10, and a route to 2::9/128, with the output interface being
VLAN-interface 12.
Configure an IPv6 static route to subnet 120::/64 on Switch A, and configure an IPv6 static route to subnet 121::/64 on Switch B. Enable BFD for both routes. Configure an IPv6 static route to subnet
120::/64 and an IPv6 static route to subnet 121::/64 on both Switch C and Switch D. When the link between Switch A and Switch B through Switch D fails, BFD can detect the failure immediately and
Switch A and Switch B can communicate through Switch C.
Figure 73 Network diagram
121::/64
Loop1
1::9/128
Switch D
Vlan-int10
Switch A
Vl anint11
Vlan-int10
BFD
Loop1
2::9/128
Vlan-int12
Vlan-int12
Vlanint13
Switch B
120::/64
Vlan-int11 Vlan-int13
Switch C
Switch A Vlan-int10 12::1/64
Device
Switch B
Interface IPv6 address
Vlan-int12 11::1/64
Switch C Vlan-int11 10::100/64 Switch D
Loop1 2::9/128
Vlan-int10 12::2/64
Configuration procedure
1.
2.
Configure IPv6 addresses for interfaces. (Details not shown.)
Configure IPv6 static routes and BFD:
# Configure IPv6 static routes on Switch A and enable BFD control packet mode for the IPv6 static route that traverses Switch D.
<SwitchA> system-view
[SwitchA] interface loopback 1
[SwitchA-LoopBack1] bfd min-transmit-interval 500
[SwitchA-LoopBack1] bfd min-receive-interval 500
[SwitchA-LoopBack1] bfd detect-multiplier 9
[SwitchA-LoopBack1] quit
279
[SwitchA] ipv6 route-static 120:: 64 2::9 bfd control-packet bfd-source 1::9
[SwitchA] ipv6 route-static 120:: 64 10::100 preference 65
[SwitchA] quit
# Configure IPv6 static routes on Switch B and enable BFD control packet mode for the static route that traverses Switch D.
<SwitchB> system-view
[SwitchB] interface loopback 1
[SwitchB-LoopBack1] bfd min-transmit-interval 500
[SwitchB-LoopBack1] bfd min-receive-interval 500
[SwitchB-LoopBack1] bfd detect-multiplier 9
[SwitchB-LoopBack1] quit
[SwitchB] ipv6 route-static 121:: 64 1::9 bfd control-packet bfd-source 2::9
[SwitchB] ipv6 route-static 121:: 64 13::2 preference 65
[SwitchB] quit
# Configure IPv6 static routes on Switch C.
<SwitchC> system-view
[SwitchC] ipv6 route-static 120:: 64 13::2
[SwitchC] ipv6 route-static 121:: 64 10::102
# Configure IPv6 static routes on Switch D.
<SwitchD> system-view
[SwitchD] ipv6 route-static 120:: 64 11::2
[SwitchD] ipv6 route-static 121:: 64 12::1
Verifying the configuration
# Display the BFD sessions on Switch A.
<SwitchA> display bfd session
Total Session Num: 1 Up Session Num: 1 Init Mode: Active
IPv6 Session Working Under Ctrl Mode:
Local Discr: 513 Remote Discr: 33
Source IP: FE80::1:1B49 (link-local address of Loopback1 on Switch A)
Destination IP: FE80::1:1B49 (link-local address of Loopback1 on Switch B)
Session State: Up Interface: Loop1
Hold Time: 2012ms
The output shows that the BFD session has been created.
# Display the IPv6 static routes on Switch A.
<SwitchA> display ipv6 routing-table protocol static
Summary Count : 1
Static Routing table Status : <Active>
Summary Count : 1
Destination: 120::/64 Protocol : Static
NextHop : 2::9 Preference: 60
280
Interface : Vlan10 Cost : 0
Static Routing table Status : <Inactive>
Summary Count : 0
The output shows that Switch A communicates Switch B through VLAN-interface 10. Then the link over
VLAN-interface 10 fails.
# Display IPv6 static routes on Switch A again.
<SwitchA> display ipv6 routing-table protocol static
Summary Count : 1
Static Routing table Status : <Active>
Summary Count : 1
Destination: 120::/64 Protocol : Static
NextHop : 10::100 Preference: 65
Interface : Vlan11 Cost : 0
Static Routing table Status : <Inactive>
Summary Count : 0
The output shows that Switch A communicates with Switch B through VLAN-interface 11.
281
Configuring an IPv6 default route
A default IPv6 route is used to forward packets that match no entry in the routing table.
A default IPv6 route can be configured in either of the following ways:
•
The network administrator can configure a default route with a destination prefix of ::/0. For more information, see "
Configuring an IPv6 static route
."
•
Some dynamic routing protocols, such as OSPFv3, IPv6 IS-IS, and RIPng, can generate a default
IPv6 route. For example, an upstream router running OSPFv3 can generate a default IPv6 route and advertise it to other routers, which install the default IPv6 route with the next hop being the upstream router. For more information, see the respective chapters on those routing protocols in this configuration guide.
282
Configuring RIPng
RIP next generation (RIPng) is an extension of RIP-2 for support of IPv6. Most RIP concepts are applicable to RIPng.
Overview
RIPng is a distance vector routing protocol. It employs UDP to exchange route information through port
521. RIPng uses a hop count to measure the distance to a destination. The hop count is the metric or cost.
The hop count from a router to a directly connected network is 0. The hop count between two directly connected routers is 1. When the hop count is greater than or equal to 16, the destination network or host is unreachable.
By default, the routing update is sent every 30 seconds. If the router receives no routing updates from a neighbor within 180 seconds, the routes learned from the neighbor are considered unreachable. If no routing update is received within another 240 seconds, the router removes these routes from the routing table.
RIPng for IPv6 has the following differences from RIP:
•
UDP port number—RIPng uses UDP port 521 to send and receive routing information.
• Multicast address—RIPng uses FF02:9 as the link-local-router multicast address.
• Destination Prefix—128-bit destination address prefix.
•
Next hop—128-bit IPv6 address.
•
Source address—RIPng uses FE80::/10 as the link-local source address.
RIPng route entries
RIP stores routing entries in a database. Each routing entry contains the following elements:
•
Destination address—IPv6 address of a destination host or a network.
• Next hop address—IPv6 address of the next hop.
• Egress interface—Egress interface of the route.
•
Metric—Cost from the local router to the destination.
•
Route time—Time elapsed since the last update. The time is reset to 0 every time the routing entry is updated.
•
Route tag—Used for route control. For more information, see "Configuring routing policies."
RIPng packets
RIPng uses request and response packets to exchange routing information as follows:
1.
When RIPng starts or needs to update some routing entries, it sends a multicast request packet to neighbors.
2.
When a RIPng neighbor receives the request packet, it sends back a response packet that contains the local routing table. RIPng can also advertise route updates in response packets periodically or advertise a triggered update caused by a route change.
283
3.
After RIPng receives a response, it checks the validity of the response before adding routes to its routing table, such as whether the source IPv6 address is the link-local address and whether the port number is correct. A response packet that fails the check is discarded.
Protocols and standards
•
RFC 2080, RIPng for IPv6
•
RFC 2081, RIPng Protocol Applicability Statement
RIPng configuration task list
Tasks at a glance
(Required.) Configuring basic RIPng
(Optional.) Configuring RIPng route control
•
Configuring an additional routing metric
•
Configuring RIPng route summarization
•
•
Configuring inbound/outbound route filtering
•
Configuring a preference for RIPng
•
Configuring RIPng route redistribution
(Optional.) Tuning and optimizing the RIPng network
•
•
Configuring split horizon and poison reverse
•
Configuring zero field check on RIPng packets
•
Configuring the maximum number of ECMP routes
(Optional.) Configuring RIPng Graceful Restart
Configuring basic RIPng
Before you configure basic RIPng, configure IPv6 addresses for interfaces to ensure IPv6 connectivity between neighboring nodes.
To configure basic RIPng:
Step Command
1. Enter system view. system-view
2. Create a RIPng process and enter its view. ripng [ process-id ]
[ vpn-instance
vpn-instance-name ]
3. Return to system view.
4. Enter interface view. quit interface interface-type
interface-number
Remarks
N/A
By default, the RIPng process is not created.
N/A
N/A
284
Step Command
5. Enable RIPng on the interface. ripng process-id enable
Remarks
By default, RIPng is disabled.
If RIPng is not enabled on an interface, the interface does not send or receive any RIPng route.
Configuring RIPng route control
Before you configure RIPng, complete the following tasks:
• Configure IPv6 addresses for interfaces to ensure IPv6 connectivity between neighboring nodes.
• Configure basic RIPng.
Configuring an additional routing metric
An additional routing metric (hop count) can be added to the metric of an inbound or outbound RIPng route.
An outbound additional metric is added to the metric of a sent route, and it does not change the route's metric in the routing table.
An inbound additional metric is added to the metric of a received route before the route is added into the routing table, and the route's metric is changed.
To configure an inbound or outbound additional routing metric:
Step Command
1.
Enter system view. system-view
2. Enter interface view.
3. Specify an inbound additional routing metric.
4. Specify an outbound additional routing metric.
Remarks
N/A interface interface-type interface-number N/A ripng metricin value ripng metricout value
The default setting is 0.
The default setting is 1.
Configuring RIPng route summarization
Configure route summarization on an interface, so RIPng advertises a summary route based on the longest match.
RIPng route summarization improves network scalability, reduces routing table size, and increases routing table lookup efficiency.
For example, RIPng has two specific routes to be advertised through an interface: 1:11:11::24 with a metric of a 2 and 1:11:12::34 with a metric of 3. Configure route summarization on the interface, so RIPng advertises a single route 11::0/16 with a metric of 2.
To configure RIPng route summarization:
Step Command
1. Enter system view. system-view
Remarks
N/A
285
Step Command
2. Enter interface view. interface interface-type interface-number
3. Advertise a summary IPv6 prefix. ripng summary-address ipv6-address
prefix-length
Advertising a default route
Step Command
1. Enter system view. system-view
2. Enter interface view. interface interface-type
interface-number
Remarks
N/A
N/A
3. Configure RIPng to advertise a default route. ripng default-route { only | originate } [ cost cost ]
Remarks
N/A
By default, the summary IPv6 prefix is not configured.
By default, RIPng does not advertise a default route.
This command advertises a default route on the current interface regardless of whether the default route is available in the local IPv6 routing table.
Configuring inbound/outbound route filtering
Perform this task to filter inbound or outbound routes by using an IPv6 prefix list. You can also configure
RIPng to filter routes redistributed from other routing protocols and routes from a specified neighbor.
To configure a RIPng route filtering policy:
Remarks
N/A
Step Command
1. Enter system view. system-view
2. Enter RIPng view.
3. Configure a filter policy to filter incoming routes.
4. Configure a filter policy to filter outgoing routes. ripng [ process-id ] [ vpn-instance
vpn-instance-name ] filter-policy { acl6-number | prefix-list
prefix-list-name } import filter-policy { acl6-number | prefix-list
prefix-list-name } export [ protocol
[ process-id ] ]
N/A
By default, RIPng does not filter incoming routing information.
By default, RIPng does not filter outgoing routing information.
Configuring a preference for RIPng
Routing protocols each have a preference. When they find routes to the same destination, the route found by the routing protocol with the highest preference is selected as the optimal route. You can manually set a preference for RIPng. The smaller the value, the higher the preference.
To configure a preference for RIPng:
286
Step Command
1. Enter system view. system-view
2. Enter RIPng view.
3. Configure a preference for
RIPng. ripng [ process-id ] [ vpn-instance
vpn-instance-name ] preference [ route-policy
route-policy-name ] value
Remarks
N/A
N/A
The default setting is 100.
Configuring RIPng route redistribution
Step Command
1. Enter system view. system-view
2. Enter RIPng view.
3. Redistribute routes from other routing protocols. ripng [ process-id ] [ vpn-instance
vpn-instance-name ] import-route protocol [ process-id ]
[ allow-ibgp ] [ cost cost | route-policy route-policy-name ] *
4. (Optional.) Configure a default routing metric for redistributed routes. default cost cost
Remarks
N/A
N/A
By default, RIPng does not redistribute routes from other routing protocols.
The default metric of redistributed routes is 0.
Tuning and optimizing the RIPng network
This section describes how to tune and optimize the performance of the RIPng network as well as applications under special network environments.
Before you tune and optimize the RIPng network, complete the following tasks:
• Configure IPv6 addresses for interfaces to ensure IPv6 connectivity between neighboring nodes.
•
Configure basic RIPng.
Configuring RIPng timers
You can adjust RIPng timers to optimize the performance of the RIPng network.
When you adjust RIPng timers, consider the network performance, and perform unified configurations on routers running RIPng to avoid unnecessary network traffic or route oscillation.
To configure RIPng timers:
Step Command
1. Enter system view. system-view
2. Enter RIPng view. ripng [ process-id ] [ vpn-instance
vpn-instance-name ]
Remarks
N/A
N/A
287
Step Command
3. Configure RIPng timers. timers { garbage-collect
garbage-collect-value | suppress
suppress-value | timeout
timeout-value | update
update-value } *
Remarks
By default:
•
The update timer is 30 seconds.
•
The timeout timer is 180 seconds.
•
The suppress timer is 120 seconds.
•
The garbage-collect timer is 120 seconds.
Configuring split horizon and poison reverse
If both split horizon and poison reverse are configured, only the poison reverse function takes effect.
Configuring split horizon
Split horizon disables RIP from sending routes through the interface where the routes were learned to prevent routing loops between neighbors.
HP recommends enabling split horizon to prevent routing loops in normal cases.
To configure split horizon:
Step Command
1. Enter system view. system-view
Remarks
N/A
2. Enter interface view.
3. Enable split horizon.
Configuring poison reverse interface interface-type
interface-number
ripng split-horizon
N/A
By default, split horizon is enabled.
The poison reverse function enables a route learned from an interface to be advertised through the interface. However, the metric of the route is set to 16, which means the route is unreachable.
To configure poison reverse:
Step Command
1. Enter system view. system-view
2. Enter interface view. interface interface-type
interface-number
Remarks
N/A
N/A
3. Enable poison reverse. ripng poison-reverse
By default, poison reverse is disabled.
Configuring zero field check on RIPng packets
Some fields in the RIPng packet header must be zero. These fields are called "zero fields." You can enable zero field check on incoming RIPng packets. If a zero field of a packet contains a non-zero value,
RIPng does not process the packets. If you are certain that all packets are trustworthy, disable the zero field check to save CPU resources.
To configure RIPng zero field check:
288
Step Command
1. Enter system view. system-view
2. Enter RIPng view. ripng [ process-id ] [ vpn-instance
vpn-instance-name ]
3. Enable the zero field check on incoming RIPng packets. checkzero
Remarks
N/A
N/A
By default, this feature is enabled.
Configuring the maximum number of ECMP routes
Step Command
1. Enter system view. system-view
Remarks
N/A
2. Enter RIPng view. ripng [ process-id ] [ vpn-instance
vpn-instance-name ]
N/A
3. Configure the maximum number of ECMP routes. maximum load-balancing number
By default, the maximum number of
ECMP routes is the same as that configured in the max-ecmp-num command. For more information about the max-ecmp-num command, see IP Routing
Command Reference.
Configuring RIPng Graceful Restart
Graceful Restart (GR) ensures the continuity of packet forwarding when a routing protocol restarts or an active/standby switchover occurs.
•
GR Restarter—Graceful restarting router. It must have GR capability.
•
GR Helper—A neighbor of the GR Restarter. It helps the GR Restarter to complete the GR process.
After RIPng restarts on a router, the router must learn RIPng routes again and updates its FIB table, which causes network disconnections and route reconvergence.
With the GR feature, the restarting router (known as the "GR Restarter") can notify the event to its GR capable neighbors. GR capable neighbors (known as "GR Helpers") keep their adjacencies with the router within a configurable GR interval. During this process, the FIB table of the router does not change.
After the restart, the router contacts its neighbors to retrieve its FIB.
By default, a RIPng-enabled device acts as the GR Helper. Perform this task on the GR Restarter.
To configure GR on the GR Restarter:
Step Command
1. Enter system view. system-view
2. Enable RIPng and enter RIPng view.
3. Enable the GR capability for
RIPng. ripng [ process-id ] [ vpn-instance
vpn-instance-name ] graceful-restart
Remarks
N/A
N/A
By default, RIP GR is disabled.
289
Displaying and maintaining RIPng
Execute display commands in any view and reset commands in user view.
Task Command
Display configuration information of a RIPng process. display ripng [ process-id ]
Display routes in the RIPng database. display ripng process-id database
Display the routing information of a specified
RIPng process. display ripng process-id route
Display RIPng interface information.
Reset a RIPng process.
Clear statistics of a RIPng process. display ripng process-id interface [ interface-type
interface-number ] reset ripng process-id process reset ripng process-id statistics
RIPng configuration examples
Basic RIPng configuration example
Network requirements
Switch A and to forward only the route 4::/64 to Switch A.
Figure 74 Network diagram
Configuration procedure
1.
2.
Configure IPv6 addresses for interfaces. (Details not shown.)
Configure basic RIPng:
# Configure Switch A.
<SwitchA> system-view
[SwitchA] ripng 1
[SwitchA-ripng-1] quit
[SwitchA] interface vlan-interface 100
[SwitchA-Vlan-interface100] ripng 1 enable
[SwitchA-Vlan-interface100] quit
[SwitchA] interface vlan-interface 400
[SwitchA-Vlan-interface400] ripng 1 enable
[SwitchA-Vlan-interface400] quit
# Configure Switch B.
290
<SwitchA> system-view
[SwitchA] ripng 1
[SwitchA-ripng-1] quit
[SwitchA] interface vlan-interface 100
[SwitchA-Vlan-interface100] ripng 1 enable
[SwitchA-Vlan-interface100] quit
[SwitchA] interface vlan-interface 400
[SwitchA-Vlan-interface400] ripng 1 enable
[SwitchA-Vlan-interface400] quit
# Configure Switch C.
<SwitchC> system-view
[SwitchC] ripng 1
[SwitchC-ripng-1] quit
[SwitchC] interface vlan-interface 200
[SwitchC-Vlan-interface200] ripng 1 enable
[SwitchC-Vlan-interface200] quit
[SwitchC] interface vlan-interface 500
[SwitchC-Vlan-interface500] ripng 1 enable
[SwitchC-Vlan-interface500] quit
[SwitchC] interface vlan-interface 600
[SwitchC-Vlan-interface600] ripng 1 enable
[SwitchC-Vlan-interface600] quit
# Display the RIPng routing table on Switch B.
[SwitchB] display ripng 1 route
Route Flags: A - Aging, S - Suppressed, G - Garbage-collect
----------------------------------------------------------------
Peer FE80::20F:E2FF:FE23:82F5 on Vlan-interface100
Dest 1::/64,
via FE80::20F:E2FF:FE23:82F5, cost 1, tag 0, A, 6 Sec
Dest 2::/64,
via FE80::20F:E2FF:FE23:82F5, cost 1, tag 0, A, 6 Sec
Peer FE80::20F:E2FF:FE00:100 on Vlan-interface200
Dest 3::/64,
via FE80::20F:E2FF:FE00:100, cost 1, tag 0, A, 11 Sec
Dest 4::/64,
via FE80::20F:E2FF:FE00:100, cost 1, tag 0, A, 11 Sec
Dest 5::/64,
via FE80::20F:E2FF:FE00:100, cost 1, tag 0, A, 11 Sec
# Display the RIPng routing table on Switch A.
[SwitchA] display ripng 1 route
Route Flags: A - Aging, S - Suppressed, G - Garbage-collect
----------------------------------------------------------------
Peer FE80::200:2FF:FE64:8904 on Vlan-interface100
Dest 1::/64,
via FE80::200:2FF:FE64:8904, cost 1, tag 0, A, 31 Sec
291
3.
Dest 3::/64,
via FE80::200:2FF:FE64:8904, cost 1, tag 0, A, 31 Sec
Dest 4::/64,
via FE80::200:2FF:FE64:8904, cost 2, tag 0, A, 31 Sec
Dest 5::/64,
via FE80::200:2FF:FE64:8904, cost 2, tag 0, A, 31 Sec
Configure route filtering:
# Use IPv6 prefix lists on Switch B to filter inbound and outbound routes.
[SwitchB] ipv6 prefix-list aaa permit 4:: 64
[SwitchB] ipv6 prefix-list bbb deny 2:: 64
[SwitchB] ipv6 prefix-list bbb permit :: 0 less-equal 128
[SwitchB] ripng 1
[SwitchB-ripng-1] filter-policy prefix-list aaa export
[SwitchB-ripng-1] filter-policy prefix-list bbb import
[SwitchB-ripng-1] quit
# Display RIPng routing tables on Switch B and Switch A.
[SwitchB] display ripng 1 route
Route Flags: A - Aging, S - Suppressed, G - Garbage-collect
----------------------------------------------------------------
Peer FE80::1:100 on Vlan-interface100
Destination 1::/64,
via FE80::2:100, cost 1, tag 0, A, 6 secs
Peer FE80::3:200 on Vlan-interface200
Destination 3::/64,
via FE80::2:200, cost 1, tag 0, A, 11 secs
Destination 4::/64,
via FE80::2:200, cost 1, tag 0, A, 11 secs
Destination 5::/64,
via FE80::2:200, cost 1, tag 0, A, 11 secs
[SwitchA] display ripng 1 route
Route Flags: A - Aging, S - Suppressed, G - Garbage-collect
----------------------------------------------------------------
Peer FE80::2:100 on Ethernet1/1
Destination 4::/64,
via FE80::1:100, cost 2, tag 0, A, 2 secs
Configuring RIPng route redistribution
Network requirements
As shown in
, Switch B communicates with Switch A through RIPng 100 and with Switch C through RIPng 200.
Configure route redistribution on Switch B, so the two RIPng processes can redistribute routes from each other.
292
Figure 75 Network diagram
Configuration procedure
1.
2.
Configure IPv6 addresses for interfaces. (Details not shown.)
Configure basic RIPng:
# Enable RIPng 100 on Switch A.
<SwitchA> system-view
[SwitchA] ripng 100
[SwitchA-ripng-100] quit
[SwitchA] interface vlan-interface 100
[SwitchA-Vlan-interface100] ripng 100 enable
[SwitchA-Vlan-interface100] quit
[SwitchA] interface vlan-interface 200
[SwitchA-Vlan-interface200] ripng 100 enable
[SwitchA-Vlan-interface200] quit
# Enable RIP 100 and RIP 200 on Switch B.
<SwitchB> system-view
[SwitchB] ripng 100
[SwitchB-ripng-100] quit
[SwitchB] interface vlan-interface 100
[SwitchB-Vlan-interface100] ripng 100 enable
[SwitchB-Vlan-interface100] quit
[SwitchB] ripng 200
[SwitchB-ripng-200] quit
[SwitchB] interface vlan-interface 300
[SwitchB-Vlan-interface300] ripng 200 enable
[SwitchB-Vlan-interface300] quit
# Enable RIPng 200 on Switch C.
<SwitchC> system-view
[SwitchC] ripng 200
[SwitchC] interface vlan-interface 300
[SwitchC-Vlan-interface300] ripng 200 enable
[SwitchC-Vlan-interface300] quit
[SwitchC] interface vlan-interface 400
[SwitchC-Vlan-interface400] ripng 200 enable
[SwitchC-Vlan-interface400] quit
# Display the routing table on Switch A.
[SwitchA] display ipv6 routing-table
Destinations : 7 Routes : 7
293
3.
Destination: ::1/128 Protocol : Direct
NextHop : ::1 Preference: 0
Interface : InLoop0 Cost : 0
Destination: 1::/64 Protocol : Direct
NextHop : 1::1 Preference: 0
Interface : Vlan100 Cost : 0
Destination: 1::1/128 Protocol : Direct
NextHop : ::1 Preference: 0
Interface : InLoop0 Cost : 0
Destination: 2::/64 Protocol : Direct
NextHop : 2::1 Preference: 0
Interface : Vlan200 Cost : 0
Destination: 2::1/128 Protocol : Direct
NextHop : ::1 Preference: 0
Interface : InLoop0 Cost : 0
Destination: FE80::/10 Protocol : Direct
NextHop : :: Preference: 0
Interface : NULL0 Cost : 0
Destination: FF00::/8 Protocol : Direct
NextHop : :: Preference: 0
Interface : NULL0 Cost : 0
Configure RIPng route redistribution:
# Configure route redistribution between the two RIPng processes on Switch B.
[SwitchB] ripng 100
[SwitchB-ripng-100] import-route ripng 200
[SwitchB-ripng-100] quit
[SwitchB] ripng 200
[SwitchB-ripng-200] import-route ripng 100
[SwitchB-ripng-200] quit
# Display the routing table on Switch A.
[SwitchA] display ipv6 routing-table
Destinations : 8 Routes : 8
Destination: ::1/128 Protocol : Direct
NextHop : ::1 Preference: 0
Interface : InLoop0 Cost : 0
Destination: 1::/64 Protocol : Direct
NextHop : 1::1 Preference: 0
Interface : Vlan100 Cost : 0
294
Destination: 1::1/128 Protocol : Direct
NextHop : ::1 Preference: 0
Interface : InLoop0 Cost : 0
Destination: 2::/64 Protocol : Direct
NextHop : 2::1 Preference: 0
Interface : Vlan200 Cost : 0
Destination: 2::1/128 Protocol : Direct
NextHop : ::1 Preference: 0
Interface : InLoop0 Cost : 0
Destination: 4::/64 Protocol : RIPng
NextHop : FE80::200:BFF:FE01:1C02 Preference: 100
Interface : Vlan100 Cost : 1
Destination: FE80::/10 Protocol : Direct
NextHop : :: Preference: 0
Interface : NULL0 Cost : 0d
Destination: FF00::/8 Protocol : Direct
NextHop : :: Preference: 0
Interface : NULL0 Cost : 0
295
Configuring OSPFv3
This chapter describes how to configure RFC 2740-compliant Open Shortest Path First version 3 (OSPFv3) for an IPv6 network. For more information about OSPFv2, see "Configuring OSPF".
OSPFv3 overview
OSPFv3 and OSPFv2 have the following in common:
• 32-bit router ID and area ID
•
Hello, Database Description (DD), Link State Request (LSR), Link State Update (LSU), Link State
Acknowledgment (LSAck)
• Mechanisms for finding neighbors and establishing adjacencies
• Mechanisms for advertising and aging LSAs
OSPFv3 and OSPFv2 have the following differences:
•
OSPFv3 runs on a per-link basis. OSPFv2 runs on a per-IP-subnet basis.
• OSPFv3 supports running multiple processes on an interface, but OSPFv2 does not support.
•
OSPFv3 identifies neighbors by router ID. OSPFv2 identifies neighbors by IP address.
OSPFv3 packets
OSPFv3 uses the following packet types:
•
Hello—Periodically sent to find and maintain neighbors, containing timer values, information about the DR, BDR, and known neighbors.
• DD—Describes the digest of each LSA in the LSDB, exchanged between two routers for data synchronization.
•
LSR—Requests needed LSAs from the neighbor. After exchanging the DD packets, the two routers know which LSAs of the neighbor are missing from their LSDBs. They then send an LSR packet to each other, requesting the missing LSAs. The LSA packet contains the digest of the missing LSAs.
• LSU—Transmits the requested LSAs to the neighbor
•
LSAck—Acknowledges received LSU packets.
OSPFv3 LSA types
OSPFv3 sends routing information in the following types of LSAs as defined in RFC 5340:
•
Router-LSA—Originated by all routers. This LSA describes the collected states of the router's interfaces to an area, and is flooded throughout a single area only.
• Network-LSA—Originated for broadcast and NBMA networks by the DR. This LSA contains the list of routers connected to the network, and is flooded throughout a single area only.
•
Inter-Area-Prefix-LSA—Originated by ABRs and flooded throughout the LSA's associated area.
Each Inter-Area-Prefix-LSA describes a route with IPv6 address prefix to a destination outside the area, yet still inside the AS.
296
• Inter-Area-Router-LSA—Originated by ABRs and flooded throughout the LSA's associated area.
Each Inter-Area-Router-LSA describes a route to ASBR.
•
AS-external-LSA—Originated by ASBRs, and flooded throughout the AS, except stub and NSSA areas. Each AS-external-LSA describes a route to another AS. A default route can be described by an AS external LSA.
•
Link-LSA—A router originates a separate Link-LSA for each attached link. Link-LSAs have link-local flooding scope. Each Link-LSA describes the IPv6 address prefix of the link and Link-local address of the router.
•
Intra-Area-Prefix-LSA—Each Intra-Area-Prefix-LSA contains IPv6 prefix information on a router, stub area, or transit area information, and has area flooding scope. It was introduced because
Router-LSAs and Network-LSAs contain no address information.
RFC 5187 defines the Grace-LSA. A Grace-LSA is generated by a GR (Graceful Restart) Restarter at reboot and transmitted on the local link. The restarter describes the cause and interval of the reboot in the
Grace-LSA to tell its neighbors that it performs a GR operation.
Protocols and standards
•
RFC 5340, OSPF for IPv6
•
RFC 2328, OSPF Version 2
• RFC 5187, OSPFv3 Graceful Restart
OSPFv3 configuration task list
Tasks at a glance
(Optional.) Configuring OSPFv3 area parameters :
•
•
Configuring an OSPFv3 virtual link
(Optional.) Configuring OSPFv3 network types
:
•
Configuring the OSPFv3 network type for an interface
•
Configuring an NBMA or P2MP neighbor
(Optional.) Configuring OSPFv3 route control:
•
Configuring OSPFv3 route summarization
•
Configuring OSPFv3 inbound route filtering
•
Configuring Inter-Area-Prefix-LSA filtering
•
Configuring an OSPFv3 cost for an interface
•
Configuring the maximum number of OSPFv3 ECMP routes
•
Configuring a preference for OSPFv3
•
Configuring OSPFv3 route redistribution
297
Tasks at a glance
(Optional.) Tuning and optimizing OSPFv3 networks
•
•
Specifying LSA transmission delay
•
Configuring a DR priority for an interface
•
Specifying SPF calculation interval
•
Specifying the LSA generation interval
•
Ignoring MTU check for DD packets
•
Disabling interfaces from receiving and sending OSPFv3 packets
•
Enabling the logging of neighbor state changes
(Optional.) Configuring OSPFv3 GR
•
•
(Optional.) Configuring BFD for OSPFv3
Enabling OSPFv3
Before you enable OSPFv3, configure IPv6 addresses for interfaces to ensure IPv6 connectivity between neighboring nodes.
To enable an OSPFv3 process on a router:
•
Enable the OSPFv3 process globally.
•
Assign the OSPFv3 process a router ID.
• Enable the OSPFv3 process on related interfaces.
The router ID uniquely identifies the router within an AS. If a router runs multiple OSPFv3 processes, you must specify a unique router ID for each process.
An OSPFv3 process ID has only local significance. Process 1 on a router can exchange packets with process 2 on another router.
To enable OSPFv3:
Step Command
1. Enter system view.
Remarks system-view N/A
2. Enable an OSPFv3 process and enter its view. ospfv3 [ process-id | vpn-instance
vpn-instance-name ] *
By default, no OSPFv3 process is enabled.
3. Specify a router ID. router-id router-id
By default, no router ID is configured.
4. Enter interface view. interface interface-type
interface-number
N/A
5. Enable an OSPFv3 process on the interface. ospfv3 process-id area area-id
[ instance instance-id ]
No OSPFv3 process is enabled on an interface by default.
298
Configuring OSPFv3 area parameters
OSPFv3 has the same stub area and virtual link features as OSPFv2.
After you split an OSPFv3 AS into multiple areas, the LSA number is reduced and OSPFv3 applications are extended. To further reduce the size of routing tables and the number of LSAs, configure the non-backbone areas at an AS edge as stub areas.
Non-backbone areas exchange routing information through the backbone area, so the backbone and non-backbone areas (including the backbone itself) must be fully meshed. If no connectivity can be achieved, configure virtual links.
Configuration prerequisites
Before you configure OSPFv3 area parameters, enable OSPFv3.
Configuring a stub area
All the routers attached to a stub area must be configured with the stub command. The keyword no-summary is only available on the ABR of the stub area.
If you use the stub command with the keyword no-summary on an ABR, the ABR advertises a default route in an Inter-Area-Prefix-LSA into the stub area. No AS-external-LSA, Inter-Area-Prefix-LSA, or other
Inter-Area-Router-LSA is advertised in the area. The stub area of this kind is also known as a "totally stub area."
To configure an OSPFv3 stub area:
Remarks
N/A
Step Command
1. Enter system view. system-view
2. Enter OSPFv3 view.
3. Enter OSPFv3 area view.
4. Configure the area as a stub area. ospfv3 [ process-id | vpn-instance
vpn-instance-name ] * area area-id stub
[ default-route-advertise-always | no-summary ] *
5. (Optional.) Specify a cost for the default route advertised to the stub area. default-cost value
N/A
N/A
By default, no stub area is configured as a stub area.
The default setting is 1.
Configuring an OSPFv3 virtual link
You can configure a virtual link to maintain connectivity between a non-backbone area and the backbone, or in the backbone itself.
IMPORTANT:
•
Both ends of a virtual link are ABRs that must be configured with the vlink-peer command.
• Do not configure virtual links in the areas of a GR-capable process.
To configure a virtual link:
299
Step Command
1. Enter system view. system-view
2. Enter OSPFv3 view. ospfv3 [ process-id | vpn-instance
vpn-instance-name ] *
3. Enter OSPFv3 area view.
4. Configure a virtual link. area area-id vlink-peer router-id [ dead seconds | hello seconds | instance instance-id | retransmit seconds | trans-delay
seconds ] *
Remarks
N/A
N/A
N/A
By default, no virtual link is configured.
Configuring OSPFv3 network types
OSPFv3 classifies networks into the following types by the link layer protocol:
• Broadcast—When the link layer protocol is Ethernet or FDDI, OSPFv3 considers the network type as broadcast by default.
•
NBMA—When the link layer protocol is ATM, Frame Relay, or X.25, OSPFv3 considers the network type as NBMA by default.
•
P2P—When the link layer protocol is PPP, LAPB, HDLC, or POS, OSPFv3 considers the network type as P2P by default.
Follow these guidelines when you change the network type of an OSPFv3 interface:
• An NBMA network must be fully connected. Any two routers in the network must be directly reachable to each other through a virtual circuit. If no such direct link is available, you must change the network type through a command.
• If direct connections are not available between some routers in an NBMA network, the type of interfaces associated must be configured as P2MP, or as P2P for interfaces with only one neighbor.
Configuration prerequisites
Before you configure OSPFv3 network types, enable OSPFv3.
Configuring the OSPFv3 network type for an interface
Step Command
1. Enter system view. system-view
2. Enter interface view.
3. Configure a network type for the OSPFv3 interface. interface interface-type
interface-number
ospfv3 network-type { broadcast | nbma | p2mp [ unicast ] | p2p }
[ instance instance-id ]
Remarks
N/A
N/A
By default, the network type of an interface depends on the media type of the interface.
300
Configuring an NBMA or P2MP neighbor
For NBMA and P2MP interfaces (only when in unicast mode), you must specify the link-local IP addresses of their neighbors because these interfaces cannot find neighbors through broadcasting hello packets.
For NBMA interfaces, you can also specify DR priorities for neighbors.
To configure an NBMA or P2MP (unicast) neighbor and its DR priority:
Remarks
N/A
Step Command
1. Enter system view. system-view
2. Enter interface view.
3. Specify an NBMA or P2MP
(unicast) neighbor and its DR priority. interface interface-type
interface-number ospfv3 peer ipv6-address [ cost
value | dr-priority dr-priority ]
[ instance instance-id ]
N/A
By default, no link-local address is specified for the neighbor interface.
Configuring OSPFv3 route control
Configuration prerequisites
Before you configure OSPFv3 route control, complete the following tasks:
•
Configure IPv6 addresses for interfaces to ensure IPv6 connectivity between neighboring nodes.
•
Enable OSPFv3.
Configuring OSPFv3 route summarization
If contiguous network segments exist in an area, you can use the abr-summary command to summarize them into one network segment on the ABR. The ABR will advertise only the summary route. Any LSA falling into the specified network segment will not be advertised, reducing the LSDB size in other areas.
To configure route summarization:
Step Command
1. Enter system view. system-view
2. Enter OSPFv3 view. ospfv3 [ process-id | vpn-instance
vpn-instance-name ] *
3. Enter OSPFv3 area view. area area-id
Remarks
N/A
N/A
4. Configure route summarization. abr-summary ipv6-address prefix-length
[ not-advertise ] [ cost value ]
N/A
By default, route summarization is not configured.
The abr-summary command takes effect only on ABRs.
Configuring OSPFv3 inbound route filtering
According to some rules, you can configure OSPFv3 to filter routes calculated using received LSAs.
To configure OSPFv3 to filter routes calculated using received LSAs:
301
Step Command
1. Enter system view. system-view
2. Enter OSPFv3 view. ospfv3 [ process-id | vpn-instance
vpn-instance-name ] *
Remarks
N/A
N/A
3. Configure OSPFv3 to filter routes calculated using received LSAs. filter-policy { acl6-number [ gateway
prefix-list-name ] | prefix-list
prefix-list-name [ gateway
prefix-list-name ] | gateway
prefix-list-name | route-policy
route-policy-name } import
By default, OSPFv3 accepts all routes calculated using received
LSAs.
This command can only filter routes computed by OSPFv3. Only routes not filtered out can be added into the local routing table.
Configuring Inter-Area-Prefix-LSA filtering
Step Command
1. Enter system view. system-view
2. Enter OSPFv3 view. ospfv3 [ process-id | vpn-instance
vpn-instance-name ] *
3. Configure OSPFv3 to filter
Inter-Area-Prefix-LSAs.
Remarks
N/A
N/A filter { acl6-number | prefix-list
prefix-list-name | route-policy
route-policy-name } { export | import }
By default, OSPFv3 accepts all
Inter-Area-Prefix-LSAs.
This command takes effect only on
ABRs.
Configuring an OSPFv3 cost for an interface
You can configure an OSPFv3 cost for an interface with one of the following methods:
•
Configure the cost value in interface view.
•
Configure a bandwidth reference value for the interface, and OSPFv3 computes the cost automatically based on the bandwidth reference value: Interface OSPFv3 cost = Bandwidth reference value (100 Mbps)/Interface bandwidth (Mbps). If the calculated cost is greater than
65535, the value of 65535 is used; if the calculated cost is smaller than 1, the value of 1 is used.
If no cost is configured for an interface, OSPFv3 automatically computes the cost for the interface.
To configure an OSPFv3 cost for an interface:
Step Command
1. Enter system view. system-view
2. Enter interface view. interface interface-type
interface-number
Remarks
N/A
N/A
3. Configure an OSPFv3 cost for the interface. ospfv3 cost value [ instance
instance-id ]
By default, the OSPF cost is 1 for a VLAN interface, is 0 for a loopback interface, and is automatically computed according to the interface bandwidth for other interfaces.
To configure a bandwidth reference value:
302
Step Command
1. Enter system view. system-view
2. Enter OSPFv3 view. ospfv3 [ process-id | vpn-instance
vpn-instance-name ] *
3. Configure a bandwidth reference value. bandwidth-reference value
Remarks
N/A
N/A
The default setting is100 Mbps.
Configuring the maximum number of OSPFv3 ECMP routes
Perform this task to implement load sharing over ECMP routes.
To configure the maximum number of ECMP routes:
Step Command
1. Enter system view. system-view
2. Enter OSPFv3 view. ospfv3 [ process-id | vpn-instance
vpn-instance-name ] *
Remarks
N/A
N/A
3. Specify the maximum number of ECMP routes. maximum load-balancing
maximum
By default, the maximum number of ECMP routes is the same as that configured in the max-ecmp-num command. For more information about the max-ecmp-num command, see IP Routing
Command Reference.
Configuring a preference for OSPFv3
A router can run multiple routing protocols. The system assigns a priority for each protocol. When these routing protocols find the same route, the route found by the protocol with the highest priority is selected.
To configure a preference for OSPFv3:
Step Command
1. Enter system view. system-view
2. Enter OSPFv3 view. ospfv3 [ process-id | vpn-instance
vpn-instance-name ] *
Remarks
N/A
N/A
3. Configure a preference for OSPFv3. preference [ ase ] [ route-policy
route-policy-name ] preference
By default, the preference of OSPFv3 internal routes is 10, and the priority of
OSPFv3 external routes is 150.
Configuring OSPFv3 route redistribution
Because OSPFv3 is a link state routing protocol, it cannot directly filter LSAs to be advertised. OSPFv3 filters only redistributed routes. Only routes that are not filtered out can be advertised in LSAs.
Executing the import-route or default-route-advertise command on a router makes it become an ASBR.
303
To configure OSPFv3 route redistribution:
Step Command
1. Enter system view. system-view
2. Enter OSPFv3 view. ospfv3 [ process-id | vpn-instance
vpn-instance-name ] *
3. (Optional.) Specify a default cost for redistributed routes. default cost value
4. Configure OSPFv3 to redistribute routes from other routing protocols. import-route protocol [ process-id | all-processes | allow-ibgp ] [ cost cost | route-policy route-policy-name | type
type ] *
5. (Optional.) Configure
OSPFv3 to redistribute a default route. default-route-advertise [ [ always | permit-calculate-other ] | cost cost | route-policy route-policy-name | type
type ] *
6. (Optional.) Configure
OSPFv3 to filter redistributed routes. filter-policy { acl6-number | prefix-list
prefix-list-name } export [ protocol
[ process-id ] ]
Remarks
N/A
N/A
The default setting is 1.
By default, route redistribution is disabled.
By default, no default route is redistributed.
This command can only inject and advertise a default route.
By default, OSPFv3 accepts all redistributed routes.
This command filters only routes redistributed with the import-route command. If the import-route command is not configured, executing this command does not take effect.
Tuning and optimizing OSPFv3 networks
This section describes configurations of OSPFv3 timers, interface DR priority, and the logging of neighbor state changes.
Configuration prerequisites
Before you tune and optimize OSPFv3 networks, complete the following tasks:
•
Configure IPv6 addresses for interfaces to ensure IPv6 connectivity between neighboring nodes.
•
Enable OSPFv3.
Configuring OSPFv3 timers
Step Command
1. Enter system view. system-view
2. Enter interface view. interface interface-type
interface-number
3. Configure the hello interval. ospfv3 timer hello seconds
Remarks
N/A
N/A
By default, the hello interval on P2P and broadcast interfaces is 10 seconds.
304
Step Command
4. Configure the dead interval. ospfv3 timer dead seconds
5. Configure the poll interval.
6. Configure the LSA retransmission interval.
Remarks
By default, the dead interval on P2P and broadcast interfaces is 40 seconds.
The dead interval set on neighboring interfaces cannot be too short.
Otherwise, a neighbor is easily considered down.
By default, the poll interval is 120 seconds. ospfv3 timer poll seconds
[ instance instance-id ] ospfv3 timer retransmit
interval [ instance instance-id ]
The default setting is 5 seconds.
The LSA retransmission interval cannot be too short. Otherwise, unnecessary retransmissions will occur.
Specifying LSA transmission delay
Each LSA in the LSDB has an age that is incremented by 1 every second, but the age does not change during transmission. Therefore, it is necessary to add a transmission delay into the age time, especially for low-speed links.
To specify the LSA transmission delay on an interface:
Step Command
1. Enter system view. system-view
2. Enter interface view. interface interface-type
interface-number
3. Specify the LSA transmission delay. ospf trans-delay seconds [ instance
instance-id ]
Remarks
N/A
N/A
By default, the LSA transmission delay is 1 second.
Specifying SPF calculation interval
LSDB changes result in SPF calculations. When the topology changes frequently, a large amount of network and router resources are occupied by SPF calculation. You can adjust the SPF calculation interval to reduce the impact.
When network changes are not frequent, the minimum-interval is adopted. If network changes become frequent, the SPF calculation interval is incremented by incremental-interval × 2 n-2 (n is the number of generation times) each time an SPF calculation occurs until the maximum-interval is reached.
To configure SPF calculation interval:
Step Command
1. Enter system view. system-view
2. Enter OSPFv3 view. ospfv3 [ process-id | vpn-instance
vpn-instance-name ] *
Remarks
N/A
N/A
305
Step Command
3. Specify the SPF calculation interval. spf-schedule-interval maximum-interval
[ minimum-interval
[ incremental-interval ] ]
Remarks
By default:
•
The maximum interval is 5 seconds.
•
The minimum interval is 50 milliseconds.
•
The incremental interval is 200 milliseconds.
Specifying the LSA generation interval
You can adjust the LSA generation interval to protect network resources and routers from being over consumed by frequent network changes.
When network changes are not frequent, LSAs are generated at the minimum-interval. If network changes become frequent, the LSA generation interval is incremented by incremental-interval × 2 n-2 (n is the number of generation times) each time an LSA generation occurs until the maximum-interval is reached.
To configure the LSA generation interval:
Step Command
1. Enter system view. system-view
2. Enter OSPFv3 view. ospf [ process-id | vpn-instance
vpn-instance-name ] *
Remarks
N/A
N/A
3. Configure the LSA generation interval. lsa-generation-interval
maximum-interval [ minimum-interval
[ incremental-interval ] ]
By default, the maximum interval is 5 seconds, the minimum interval is 0 milliseconds, and the incremental interval is 0 milliseconds.
Configuring a DR priority for an interface
The router priority is used for DR election. Interfaces having the priority 0 cannot become a DR or BDR.
To configure a DR priority for an interface:
Step Command
1. Enter system view. system-view
2. Enter interface view. interface interface-type interface-number
3. Configure a router priority. ospfv3 dr-priority priority [ instance
instance-id ]
Remarks
N/A
N/A
The default router priority is 1.
Ignoring MTU check for DD packets
When LSAs are few in DD packets, it is unnecessary to check the MTU in DD packets to improve efficiency.
To ignore MTU check for DD packets:
306
Step Command
1. Enter system view. system-view
2. Enter interface view.
3. Ignore MTU check for DD packets. interface interface-type
interface-number
ospfv3 mtu-ignore [ instance
instance-id ]
Remarks
N/A
N/A
By default, OSPFv3 does not ignore MTU check for DD packets.
Disabling interfaces from receiving and sending OSPFv3 packets
After an OSPF interface is set to silent, direct routes of the interface can still be advertised in
Intra-Area-Prefix-LSAs through other interfaces, but other OSPFv3 packets cannot be advertised. No neighboring relationship can be established on the interface. This feature can enhance the adaptability of OSPFv3 networking.
To disable interfaces from receiving and sending OSPFv3 packets:
Step Command
1. Enter system view. system-view
2. Enter OSPFv3 view. ospfv3 [ process-id | vpn-instance
vpn-instance-name ] *
Remarks
N/A
N/A
3. Disable interfaces from receiving and sending
OSPFv3 packets. silent-interface { interface-type
interface-number | all }
By default, the interfaces are able to receive and send OSPFv3 packets.
This command disables only the interfaces associated with the current process, though multiple
OSPFv3 processes can disable the same interface from receiving and sending OSPFv3 packets.
Enabling the logging of neighbor state changes
Step Command
1. Enter system view. system-view
2. Enter OSPFv3 view. ospfv3 [ process-id | vpn-instance
vpn-instance-name ] *
3. Enable the logging of neighbor state changes. log-peer-change
Remarks
N/A
N/A
By default, this feature is enabled.
Configuring OSPFv3 GR
Graceful Restart ensures the continuity of packet forwarding when a routing protocol restarts or an active/standby switchover occurs:
307
• GR Restarter—Graceful restarting router. It must be Graceful Restart capable.
•
GR Helper—The neighbor of the GR Restarter. It helps the GR Restarter to complete the GR process.
To prevent service interruption after a master/backup switchover, a GR Restarter running OSPFv3 must complete the following tasks:
• Keep the GR Restarter forwarding entries stable during reboot.
•
Establish all adjacencies and obtain complete topology information after reboot.
After the active/standby switchover, the GR Restarter sends a Grace-LSA to tell its neighbors that it performs a GR. Upon receiving the Grace-LSA, the neighbors with the GR Helper capability enter the helper mode (and are called "GR Helpers"). Then, the GR Restarter retrieves its adjacencies and LSDB with the help of the GR Helpers.
Configuring GR Restarter
You can configure the GR Restarter capability on a GR Restarter.
To configure GR Restarter:
Remarks
N/A
Step Command
1.
Enter system view. system-view
2. Enter OSPFv3 view. ospfv3 [ process-id | vpn-instance
vpn-instance-name ] *
3. Enable the GR capability. graceful-restart enable
4. (Optional.) Configure the GR interval. graceful-restart interval
interval-value
N/A
By default, OSPFv3 GR Restarter capability is disabled.
By default, the GR interval is 120 seconds.
Configuring GR Helper
You can configure the GR Helper capability on a GR Helper.
To configure GR Helper
Step Command
1. Enter system view. system-view
2. Enter OSPFv3 view. ospfv3 [ process-id | vpn-instance
vpn-instance-name ] *
3. Enable the GR Helper capability.
4. Enable strict LSA checking. graceful-restart helper enable graceful-restart helper strict-lsa-checking
Remarks
N/A
N/A
By default, the GR Helper capability is enabled.
By default, strict LSA checking is disabled.
Configuring BFD for OSPFv3
Bidirectional forwarding detection (BFD) provides a mechanism to quickly detect the connectivity of links between OSPFv3 neighbors, improving the convergence speed of OSPFv3. For more information about
BFD, see High Availability Configuration Guide.
308
After discovering neighbors by sending hello packets, OSPFv3 notifies BFD of the neighbor addresses, and BFD uses these addresses to establish sessions. Before a BFD session is established, it is in the down state. In this state, BFD control packets are sent at an interval of no less than 1 second to reduce BFD control packet traffic. After the BFD session is established, BFD control packets are sent at the negotiated interval, thereby implementing fast fault detection.
To configure BFD for OSPFv3, you need to configure OSPFv3 first.
To configure BFD for OSPFv3:
Remarks
N/A
Step Command
1. Enter system view. system-view
2. Enter OSPFv3 view. ospfv3 [ process-id | vpn-instance
vpn-instance-name ] *
3. Specify a router ID.
4. Quit the OSPFv3 view. router-id router-id quit
5. Enter interface view.
6. Enable an OSPFv3 process on the interface. interface interface-type
interface-number ospfv3 process-id area area-id
[ instance instance-id ]
N/A
N/A
N/A
N/A
N/A
7. Enable BFD on the interface. ospfv3 bfd enable [ instance
By default, BFD on the interface is disabled.
Displaying and maintaining OSPFv3
Execute display commands in any view.
Purpose Command
Display information about the routes to
OSPFv3 ABR and ASBR. display ospfv3 [ process-id ] abr-asbr
Display brief OSPFv3 process information.
Display GR status of the specified
OSPFv3 process. display ospfv3 [ process-id ] brief display ospfv3 [ process-id ] graceful-restart status
Display OSPFv3 interface information.
Display OSPFv3 LSDB information.
Display OSPFv3 neighbor information.
Display OSPFv3 request list information.
Display OSPFv3 retransmission list information. display ospfv3 [ process-id ] interface [ interface-type
interface-number | verbose ] display ospfv3 [ process-id ] lsdb [ { external | grace | inter-prefix | inter-router | intra-prefix | link | network | router | unknown
[ type ] } [ link-state-id ] [ originate-router router-id | self-originate ] | statistics | total ] display ospfv3 [ process-id ] [ area area-id ] peer [ [ interface-type
interface-number ] [ verbose ] | peer-router-id | statistics ] display ospfv3 [ process-id ] [ area area-id ] request-queue
[ interface-type interface-number ] [ neighbor-id ] display ospfv3 [ process-id ] [ area area-id ] retrans-queue
[ interface-type interface-number ] [ neighbor-id ]
309
Purpose Command
Display OSPFv3 routing information. display ospfv3 [ process-id ] routing [ ipv6-address prefix-length ] display ospfv3 [ process-id ] statistics Display OSPFv3 statistics.
Display OSPFv3 virtual link information. display ospfv3 [ process-id ] vlink
OSPFv3 configuration examples
Configuring OSPFv3 areas
Network requirements
As shown in
:
•
Enable OSPFv3 on all switches.
•
Split the AS into three areas.
•
Configure Switch B and Switch C as ABRs to forward routing information between areas.
• Configure Area 2 as a stub area to reduce LSAs in the area without affecting route reachability.
Figure 76 Network diagram
Configuration procedure
1.
2.
Configure IPv6 addresses for interfaces. (Details not shown.)
Configure basic OSPFv3:
# Configure Switch A: enable OSPFv3 and specify the router ID as 1.1.1.1.
<SwitchA> system-view
[SwitchA] ospfv3
[SwitchA-ospfv3-1] router-id 1.1.1.1
[SwitchA-ospfv3-1] quit
[SwitchA] interface vlan-interface 300
[SwitchA-Vlan-interface300] ospfv3 1 area 1
[SwitchA-Vlan-interface300] quit
[SwitchA] interface vlan-interface 200
[SwitchA-Vlan-interface200] ospfv3 1 area 1
[SwitchA-Vlan-interface200] quit
310
# Configure Switch B: enable OSPFv3 and specify the router ID as 2.2.2.2.
<SwitchB> system-view
[SwitchB] ospfv3
[SwitchB-ospf-1] router-id 2.2.2.2
[SwitchB-ospf-1] quit
[SwitchB] interface vlan-interface 100
[SwitchB-Vlan-interface100] ospfv3 1 area 0
[SwitchB-Vlan-interface100] quit
[SwitchB] interface vlan-interface 200
[SwitchB-Vlan-interface200] ospfv3 1 area 1
[SwitchB-Vlan-interface200] quit
# Configure Switch C: enable OSPFv3 and specify the router ID as 3.3.3.3.
<SwitchC> system-view
[SwitchC] ospfv3
[SwitchC-ospfv3-1] router-id 3.3.3.3
[SwitchC-ospfv3-1] quit
[SwitchC] interface vlan-interface 100
[SwitchC-Vlan-interface100] ospfv3 1 area 0
[SwitchC-Vlan-interface100] quit
[SwitchC] interface vlan-interface 400
[SwitchC-Vlan-interface400] ospfv3 1 area 2
[SwitchC-Vlan-interface400] quit
# Configure Switch D: enable OSPFv3 and specify the router ID as 4.4.4.4.
<SwitchD> system-view
[SwitchD] ospfv3
[SwitchD-ospfv3-1] router-id 4.4.4.4
[SwitchD-ospfv3-1] quit
[SwitchD] interface vlan-interface 400
[SwitchD-Vlan-interface400] ospfv3 1 area 2
[SwitchD-Vlan-interface400] quit
# Display OSPFv3 neighbors on Switch B.
[SwitchB] display ospfv3 peer
OSPFv3 Process 1 with Router ID 2.2.2.2
Area: 0.0.0.0
-------------------------------------------------------------------------
Router ID Pri State Dead-Time Interface Inst ID
3.3.3.3 1 Full/Backup 00:00:40 Vlan100 0
Area: 0.0.0.1
-------------------------------------------------------------------------
Router ID Pri State Dead-Time Interface Inst ID
1.1.1.1 1 Full/DR 00:00:40 Vlan200 0
# Display OSPFv3 neighbors on Switch C.
[SwitchC] display ospfv3 peer
311
3.
OSPFv3 Process 1 with Router ID 3.3.3.3
Area: 0.0.0.0
-------------------------------------------------------------------------
Router ID Pri State Dead-Time Interface Inst ID
2.2.2.2 1 Full/DR 00:00:40 Vlan100 0
Area: 0.0.0.2
-------------------------------------------------------------------------
Router ID Pri State Dead-Time Interface Inst ID
4.4.4.4 1 Full/Backup 00:00:40 Vlan400 0
# Display OSPFv3 routing table information on Switch D.
[SwitchD] display ospfv3 routing
OSPFv3 Process 1 with Router ID 4.4.4.4
-------------------------------------------------------------------------
E1 - Type 1 external route, IA - Inter area route, I - Intra area route
E2 - Type 2 external route, * - Selected route
*Destination: 2001::/64
Type : IA Cost : 2
NextHop : FE80::F40D:0:93D0:1 Interface: Vlan400
*Destination: 2001:1::/64
Type : IA Cost : 3
NextHop : FE80::F40D:0:93D0:1 Interface: Vlan400
*Destination: 2001:2::/64
Type : I Cost : 1
NextHop : directly-connected Interface: Vlan400
*Destination: 2001:3::/64
Type : IA Cost : 4
NextHop : FE80::F40D:0:93D0:1 Interface: Vlan400
Total: 4
Intra area: 1 Inter area: 3 ASE: 0
Configure Area 2 as a stub area:
# Configure Switch D
[SwitchD] ospfv3
[SwitchD-ospfv3-1] area 2
[SwitchD-ospfv3-1-area-0.0.0.2] stub
# Configure Switch C, and specify the cost of the default route sent to the stub area as 10.
[SwitchC] ospfv3
[SwitchC-ospfv3-1] area 2
[SwitchC-ospfv3-1-area-0.0.0.2] stub
[SwitchC-ospfv3-1-area-0.0.0.2] default-cost 10
312
4.
# Display OSPFv3 routing table information on Switch D.
[SwitchD] display ospfv3 routing
OSPFv3 Process 1 with Router ID 4.4.4.4
-------------------------------------------------------------------------
E1 - Type 1 external route, IA - Inter area route, I - Intra area route
E2 - Type 2 external route, * - Selected route
*Destination: ::/0
Type : IA Cost : 11
NextHop : FE80::F40D:0:93D0:1 Interface: Vlan400
*Destination: 2001::/64
Type : IA Cost : 2
NextHop : FE80::F40D:0:93D0:1 Interface: Vlan400
*Destination: 2001:1::/64
Type : IA Cost : 3
NextHop : FE80::F40D:0:93D0:1 Interface: Vlan400
*Destination: 2001:2::/64
Type : I Cost : 1
NextHop : directly-connected Interface: Vlan400
*Destination: 2001:3::/64
Type : IA Cost : 4
NextHop : FE80::F40D:0:93D0:1 Interface: Vlan400
Total: 5
Intra area: 1 Inter area: 4 ASE: 0
The output shows that a default route is added, and its cost is the cost of a direct route plus the configured cost.
Configure Area 2 as a totally stub area:
# Configure Area 2 as a totally stub area on Switch C.
[SwitchC-ospfv3-1-area-0.0.0.2] stub no-summary
# Display OSPFv3 routing table information on Switch D.
[SwitchD] display ospfv3 routing
OSPFv3 Process 1 with Router ID 4.4.4.4
-------------------------------------------------------------------------
E1 - Type 1 external route, IA - Inter area route, I - Intra area route
E2 - Type 2 external route, * - Selected route
*Destination: ::/0
Type : IA Cost : 11
NextHop : FE80::F40D:0:93D0:1 Interface: Vlan400
*Destination: 2001:2::/64
313
Type : I Cost : 1
NextHop : directly-connected Interface: Vlan400
Total: 2
Intra area: 1 Inter area: 1 ASE: 0
The output shows that route entries are reduced. All indirect routes are removed, except the default route.
Configuring OSPFv3 DR election
Network requirements
•
Configure router priority 100 for Switch A, the highest priority on the network, so it will become the
DR.
• Configure router priority 2 for Switch C, the second highest priority on the network, so it will become the BDR.
•
Configure router priority 0 for Switch B, so it cannot become a DR or BDR.
•
Switch D uses the default router priority 1.
Figure 77 Network diagram
Configuration procedure
1.
2.
Configure IPv6 addresses for interfaces. (Details not shown.)
Configure basic OSPFv3:
# Configure Switch A: enable OSPFv3 and specify the router ID as 1.1.1.1.
<SwitchA> system-view
[SwitchA] ospfv3
[SwitchA-ospfv3-1] router-id 1.1.1.1
[SwitchA-ospfv3-1] quit
[SwitchA] interface vlan-interface 100
[SwitchA-Vlan-interface100] ospfv3 1 area 0
[SwitchA-Vlan-interface100] quit
# Configure Switch B: enable OSPFv3 and specify the router ID as 2.2.2.2.
<SwitchB> system-view
[SwitchB] ospfv3
[SwitchB-ospfv3-1] router-id 2.2.2.2
314
3.
[SwitchB-ospfv3-1] quit
[SwitchB] interface vlan-interface 200
[SwitchB-Vlan-interface200] ospfv3 1 area 0
[SwitchB-Vlan-interface200] quit
# Configure Switch C: enable OSPFv3 and specify the router ID as 3.3.3.3.
<SwitchC> system-view
[SwitchC] ospfv3
[SwitchC-ospfv3-1] router-id 3.3.3.3
[SwitchC-ospfv3-1] quit
[SwitchC] interface vlan-interface 100
[SwitchC-Vlan-interface100] ospfv3 1 area 0
[SwitchC-Vlan-interface100] quit
# Configure Switch D: enable OSPFv3 and specify the router ID as 4.4.4.4.
<SwitchD> system-view
[SwitchD] ospfv3
[SwitchD-ospfv3-1] router-id 4.4.4.4
[SwitchD-ospfv3-1] quit
[SwitchD] interface vlan-interface 200
[SwitchD-Vlan-interface200] ospfv3 1 area 0
[SwitchD-Vlan-interface200] quit
# Display neighbor information on Switch A. The switches have the same default DR priority 1, so
Switch D (the switch with the highest Router ID) is elected as the DR, and Switch C is the BDR.
[SwitchA] display ospfv3 peer
OSPFv3 Process 1 with Router ID 1.1.1.1
Area: 0.0.0.0
-------------------------------------------------------------------------
Router ID Pri State Dead-Time Interface Inst ID
2.2.2.2 1 2-Way/DROther 00:00:36 Vlan200 0
3.3.3.3 1 Full/Backup 00:00:35 Vlan100 0
4.4.4.4 1 Full/DR 00:00:33 Vlan200 0
# Display neighbor information on Switch D. The neighbor states are all full.
[SwitchD] display ospfv3 peer
OSPFv3 Process 1 with Router ID 4.4.4.4
Area: 0.0.0.0
-------------------------------------------------------------------------
Router ID Pri State Dead-Time Interface Inst ID
1.1.1.1 1 Full/DROther 00:00:30 Vlan100 0
2.2.2.2 1 Full/DROther 00:00:37 Vlan200 0
3.3.3.3 1 Full/Backup 00:00:31 Vlan100 0
Configure router priorities for interfaces:
# Configure the router priority of VLAN-interface 100 as 100 on Switch A.
[SwitchA] interface Vlan-interface 100
[SwitchA-Vlan-interface100] ospfv3 dr-priority 100
315
4.
[SwitchA-Vlan-interface100] quit
# Configure the router priority of VLAN-interface 200 as 0 on Switch B.
[SwitchB] interface vlan-interface 200
[SwitchB-Vlan-interface200] ospfv3 dr-priority 0
[SwitchB-Vlan-interface200] quit
# Configure the router priority of VLAN-interface 100 of Switch C as 2.
[SwitchC] interface Vlan-interface 100
[SwitchC-Vlan-interface100] ospfv3 dr-priority 2
[SwitchC-Vlan-interface100] quit
# Display neighbor information on Switch A. Router priorities have been updated, but the DR and
BDR are not changed.
[SwitchA] display ospfv3 peer
OSPFv3 Process 1 with Router ID 1.1.1.1
Area: 0.0.0.0
-------------------------------------------------------------------------
Router ID Pri State Dead-Time Interface Inst ID
2.2.2.2 0 2-Way/DROther 00:00:36 Vlan200 0
3.3.3.3 2 Full/Backup 00:00:35 Vlan200 0
4.4.4.4 1 Full/DR 00:00:33 Vlan200 0
# Display neighbor information on Switch D. Switch D is still the DR.
[SwitchD] display ospfv3 peer
OSPFv3 Process 1 with Router ID 4.4.4.4
Area: 0.0.0.0
-------------------------------------------------------------------------
Router ID Pri State Dead-Time Interface Inst ID
1.1.1.1 100 Full/DROther 00:00:30 Vlan100 0
2.2.2.2 0 Full/DROther 00:00:37 Vlan200 0
3.3.3.3 2 Full/Backup 00:00:31 Vlan100 0
Restart DR and BDR election:
# Use the shutdown and undo shutdown commands on interfaces to restart DR and BDR election.
(Details not shown.)
# Display neighbor information on Switch A. The output shows that Switch C becomes the BDR.
[SwitchA] display ospfv3 peer
OSPFv3 Process 1 with Router ID 1.1.1.1
Area: 0.0.0.0
-------------------------------------------------------------------------
Router ID Pri State Dead-Time Interface Inst ID
2.2.2.2 0 Full/DROther 00:00:36 Vlan200 0
3.3.3.3 2 Full/Backup 00:00:35 Vlan100 0
4.4.4.4 1 Full/DROther 00:00:33 Vlan200 0
# Display neighbor information on Switch D.
316
[SwitchD] display ospfv3 peer
OSPFv3 Process 1 with Router ID 4.4.4.4
Area: 0.0.0.0
-------------------------------------------------------------------------
Router ID Pri State Dead-Time Interface Inst ID
1.1.1.1 100 Full/DR 00:00:30 Vlan100 0
2.2.2.2 0 2-Way/DROther 00:00:37 Vlan200 0
3.3.3.3 2 Full/Backup 00:00:31 Vlan100 0
The output shows that Switch A becomes the DR.
Configuring OSPFv3 route redistribution
Network requirements
As shown in
:
•
Switch A, Switch B, and Switch C are in Area 2.
•
OSPFv3 process 1 and OSPFv3 process 2 run on Switch B. Switch B communicates with Switch A and Switch C through OSPFv3 process 1 and OSPFv3 process 2.
•
Configure OSPFv3 process 2 to redistribute direct routes and the routes from OSPFv3 process 1 on
Switch B, and set the default metric for redistributed routes to 3. Switch C can then learn the routes destined for 1::0/64 and 2::0/64, and Switch A cannot learn the routes destined for 3::0/64 or
4::0/64.
Figure 78 Network diagram
Configuration procedure
1.
2.
Configure IPv6 addresses for interfaces. (Details not shown.)
Configure basic OSPFv3:
# Enable OSPFv3 process 1 on Switch A.
<SwitchA> system-view
[SwitchA] ospfv3 1
[SwitchA-ospfv3-1] router-id 1.1.1.1
[SwitchA-ospfv3-1] quit
[SwitchA] interface vlan-interface 100
[SwitchA-Vlan-interface100] ospfv3 1 area 2
[SwitchA-Vlan-interface100] quit
[SwitchA] interface vlan-interface 200
317
[SwitchA-Vlan-interface200] ospfv3 1 area 2
[SwitchA-Vlan-interface200] quit
# Enable OSPFv3 process 1 and OSPFv3 process 2 on Switch B.
<SwitchB> system-view
[SwitchB] ospfv3 1
[SwitchB-ospfv3-1] router-id 2.2.2.2
[SwitchB-ospfv3-1] quit
[SwitchB] interface vlan-interface 100
[SwitchB-Vlan-interface100] ospfv3 1 area 2
[SwitchB-Vlan-interface100] quit
[SwitchB] ospfv3 2
[SwitchB-ospfv3-2] router-id 3.3.3.3
[SwitchB-ospfv3-2] quit
[SwitchB] interface vlan-interface 300
[SwitchB-Vlan-interface300] ospfv3 2 area 2
[SwitchB-Vlan-interface300] quit
# Enable OSPFv3 process 2 on Switch C.
<SwitchC> system-view
[SwitchC] ospfv3 2
[SwitchC-ospfv3-2] router-id 4.4.4.4
[SwitchC-ospfv3-2] quit
[SwitchC] interface vlan-interface 300
[SwitchC-Vlan-interface300] ospfv3 2 area 2
[SwitchC-Vlan-interface300] quit
[SwitchC] interface vlan-interface 400
[SwitchC-Vlan-interface400] ospfv3 2 area 2
[SwitchC-Vlan-interface400] quit
# Display the routing table on Switch C.
[SwitchC] display ipv6 routing-table
Destinations : 7 Routes : 7
Destination: ::1/128 Protocol : Direct
NextHop : ::1 Preference: 0
Interface : InLoop0 Cost : 0
Destination: 3::/64 Protocol : Direct
NextHop : 3::2 Preference: 0
Interface : Vlan300 Cost : 0
Destination: 3::2/128 Protocol : Direct
NextHop : ::1 Preference: 0
Interface : InLoop0 Cost : 0
Destination: 4::/64 Protocol : Direct
NextHop : 4::1 Preference: 0
Interface : Vlan400 Cost : 0
318
3.
Destination: 4::1/128 Protocol : Direct
NextHop : ::1 Preference: 0
Interface : InLoop0 Cost : 0
Destination: FE80::/10 Protocol : Direct
NextHop : :: Preference: 0
Interface : NULL0 Cost : 0
Destination: FF00::/8 Protocol : Direct
NextHop : :: Preference: 0
Interface : NULL0
Configure OSPFv3 route redistribution:
# Configure OSPFv3 process 2 to redistribute direct routes and the routes from OSPFv3 process 1 on Switch B.
[SwitchB] ospfv3 2
[SwitchB-ospfv3-2] default cost 3
[SwitchB-ospfv3-2] import-route ospfv3 1
[SwitchB-ospfv3-2] import-route direct
[SwitchB-ospfv3-2] quit
# Display the routing table on Switch C.
[SwitchC] display ipv6 routing-table
Destinations : 9 Routes : 9
Destination: ::1/128 Protocol : Direct
NextHop : ::1 Preference: 0
Interface : InLoop0 Cost : 0
Destination: 1::/64 Protocol : OSPFv3
NextHop : FE80::200:CFF:FE01:1C03 Preference: 150
Interface : Vlan300 Cost : 3
Destination: 2::/64 Protocol : OSPFv3
NextHop : FE80::200:CFF:FE01:1C03 Preference: 150
Interface : Vlan300 Cost : 3
Destination: 3::/64 Protocol : Direct
NextHop : 3::2 Preference: 0
Interface : Vlan300 Cost : 0
Destination: 3::2/128 Protocol : Direct
NextHop : ::1 Preference: 0
Interface : InLoop0 Cost : 0
Destination: 4::/64 Protocol : Direct
NextHop : 4::1 Preference: 0
Interface : Vlan400 Cost : 0
319
Destination: 4::1/128 Protocol : Direct
NextHop : ::1 Preference: 0
Interface : InLoop0 Cost : 0
Destination: FE80::/10 Protocol : Direct
NextHop : :: Preference: 0
Interface : NULL0 Cost : 0
Destination: FF00::/8 Protocol : Direct
NextHop : :: Preference: 0
Interface : NULL0
Configuring OSPFv3 GR
Network requirements
•
As shown in Figure 79 , Switch A, Switch B, and Switch C that reside in the same AS and the same
OSPFv3 routing domain are GR capable.
•
Switch A acts as the GR Restarter. Switch B and Switch C act as the GR Helpers, and synchronize their LSDBs with Switch A through out-of-band (OOB) communication of GR.
Figure 79 Network diagram
Configuration procedure
1.
2.
Configure IPv6 addresses for interfaces. (Details not shown.)
Configure basic OSPFv3:
# On Switch A, enable OSPFv3 process 1, enable GR, and set the router ID to 1.1.1.1.
<SwitchA> system-view
[SwitchA] ospfv3 1
[SwitchA-ospfv3-1] router-id 1.1.1.1
[SwitchA-ospfv3-1] graceful-restart enable
[SwitchA-ospfv3-1] quit
[SwitchA] interface vlan-interface 100
[SwitchA-Vlan-interface100] ospfv3 1 area 1
[SwitchA-Vlan-interface100] quit
# On Switch B, enable OSPFv3 and set the router ID to 2.2.2.2. (By default, GR helper is enabled on Switch B.)
<SwitchB> system-view
[SwitchB] ospfv3 1
320
[SwitchB-ospfv3-1] router-id 2.2.2.2
[SwitchB-ospfv3-1] quit
[SwitchB] interface vlan-interface 100
[SwitchB-Vlan-interface100] ospfv3 1 area 1
[SwitchB-Vlan-interface100] quit
# On Switch C, enable OSPFv3 and set the router ID to 3.3.3.3. (By default, GR helper is enabled on Switch C.)
<SwitchC> system-view
[SwitchC] ospfv3 1
[SwitchC-ospfv3-1] router-id 3.3.3.3
[SwitchC-ospfv3-1] quit
[SwitchC] interface vlan-interface 100
[SwitchC-Vlan-interface100] ospfv3 1 area 1
[SwitchC-Vlan-interface100] quit
Verifying the configuration
After all switches function properly, perform a master/backup switchover on Switch A to trigger an
OSPFv3 GR operation.
Configuring BFD for OSPFv3
Network requirements
As shown in
:
•
Configure OSPFv3 on Switch A, Switch B and Switch C and configure BFD over the link Switch
A<—>L2 Switch<—>Switch B.
• After the link Switch A<—>L2 Switch<—>Switch B fails, BFD can quickly detect the failure and notify OSPFv3 of the failure. Then Switch A and Switch B communicate through Switch C.
Figure 80 Network diagram
Device Interface IPv6 address
Switch A Vlan-int10 2001::1/64
Device
Switch B
Configuration procedure
1.
Configure IP addresses for the interfaces. (Details not shown.)
321
Interface IPv6 address
Vlan-int10 2001::2/64
Vlan-int13 2001:3::2/64
2.
3.
Configure basic OSPF:
# On Switch A, enable OSPFv3 and specify the router ID as 1.1.1.1.
<SwitchA> system-view
[SwitchA] ospfv3
[SwitchA-ospfv3-1] router-id 1.1.1.1
[SwitchA-ospfv3-1] quit
[SwitchA] interface vlan-interface 10
[SwitchA-Vlan-interface10] ospfv3 1 area 0
[SwitchA-Vlan-interface10] quit
[SwitchA] interface vlan-interface 11
[SwitchA-Vlan-interface11] ospfv3 1 area 0
[SwitchA-Vlan-interface11] quit
# On Switch B, enable OSPFv3 and specify the router ID as 2.2.2.2.
<SwitchB> system-view
[SwitchB] ospfv3
[SwitchB-ospf-1] router-id 2.2.2.2
[SwitchB-ospf-1] quit
[SwitchB] interface vlan-interface 10
[SwitchB-Vlan-interface10] ospfv3 1 area 0
[SwitchB-Vlan-interface10] quit
[SwitchB] interface vlan-interface 13
[SwitchB-Vlan-interface13] ospfv3 1 area 0
[SwitchB-Vlan-interface13] quit
# On Switch C, enable OSPFv3 and configure the router ID as 3.3.3.3.
<SwitchC> system-view
[SwitchC] ospfv3
[SwitchC-ospfv3-1] router-id 3.3.3.3
[SwitchC-ospfv3-1] quit
[SwitchC] interface vlan-interface 11
[SwitchC-Vlan-interface11] ospfv3 1 area 0
[SwitchC-Vlan-interface11] quit
[SwitchC] interface vlan-interface 13
[SwitchC-Vlan-interface13] ospfv3 1 area 0
[SwitchC-Vlan-interface13] quit
Configure BFD:
# Enable BFD and configure BFD parameters on Switch A.
[SwitchA] bfd session init-mode active
[SwitchA] interface vlan-interface 10
[SwitchA-Vlan-interface10] ospfv3 bfd enable
[SwitchA-Vlan-interface10] bfd min-transmit-interval 500
[SwitchA-Vlan-interface10] bfd min-receive-interval 500
[SwitchA-Vlan-interface10] bfd detect-multiplier 7
[SwitchA-Vlan-interface10] return
# Enable BFD and configure BFD parameters on Switch B.
[SwitchB] bfd session init-mode active
[SwitchB] interface vlan-interface 10
[SwitchB-Vlan-interface10] ospfv3 bfd enable
322
[SwitchB-Vlan-interface10] bfd min-transmit-interval 500
[SwitchB-Vlan-interface10] bfd min-receive-interval 500
[SwitchB-Vlan-interface10] bfd detect-multiplier 6
Verifying the configuration
# Display the BFD information of Switch A.
<SwitchA> display bfd session
Total Session Num: 1 Init Mode: Active
IPv6 Session Working Under Ctrl Mode:
Local Discr: 1441 Remote Discr: 1450
Source IP: FE80::20F:FF:FE00:1202 (link-local address of VLAN-interface 10 on
Switch A)
Destination IP: FE80::20F:FF:FE00:1200 (link-local address of VLAN-interface 10 on
Switch B)
Session State: Up Interface: Vlan10
Hold Time: 2319ms
# Display routes destined for 2001:4::0/64 on Switch A.
<SwitchA> display ipv6 routing-table 2001:4::0 64
Summary Count : 1
Destination: 2001:4::/64 Protocol : OSPFv3
NextHop : FE80::20F:FF:FE00:1200 Preference: 10
Interface : Vlan10 Cost : 1
The output information shows that Switch A communicates with Switch B through VLAN-interface 10. The the link over VLAN-interface 10 fails.
# Display routes to 2001:4::0/64 on Switch A.
<SwitchA> display ipv6 routing-table 2001:4::0 64
Summary Count : 1
Destination: 2001:4::/64 Protocol : OSPFv3
NextHop : FE80::BAAF:67FF:FE27:DCD0 Preference: 10
Interface : Vlan11 Cost : 2
The output shows that Switch A communicates with Switch B through VLAN-interface 11.
323
Configuring IPv6 IS-IS
IPv6 IS-IS supports all IPv4 IS-IS features except that it advertises IPv6 routing information. This chapter describes only IPv6 IS-IS specific configuration tasks. For information about IS-IS, see "Configuring IS-IS."
Overview
Intermediate System-to-Intermediate System (IS-IS) supports multiple network protocols, including IPv6. To support IPv6, the IETF added two type-length-values (TLVs) and a new network layer protocol identifier
(NLPID).
The TLVs are as follows:
• IPv6 Reachability—Contains routing prefix and metric information to describe network reachability and has a type value of 236 (0xEC).
•
IPv6 Interface Address—Same as the "IP Interface Address" TLV in IPv4 ISIS, except that the 32-bit
IPv4 address is translated to the 128-bit IPv6 address.
The new NLPID is an 8-bit field that identifies which network layer protocol is supported. For IPv6, the
NLPID is 142 (0x8E), which must be carried in hello packets sent by IPv6 IS-IS.
Configuring basic IPv6 IS-IS
Before you configure basic IPv6 IS-IS, complete the following tasks:
•
Configure IPv6 addresses for interfaces to ensure IPv6 connectivity between neighboring nodes.
•
Enable IS-IS.
Basic IPv6 IS-IS configuration can implement the interconnection of IPv6 networks.
To configure basic IPv6 IS-IS:
Step Command
1. Enter system view. system-view
2. Enable an IS-IS process and enter IS-IS view.
3. Configure the network entity title (NET) for the IS-IS process.
4. Enable IPv6 for the IS-IS process.
5. Return to system view. isis [ process-id ] [ vpn-instance
vpn-instance-name ] network-entity net ipv6 enable quit
6. Enter interface view. interface interface-type
interface-number
7. Enable IPv6 for an IS-IS process on the interface. isis ipv6 enable [ process-id ]
Remarks
N/A
By default, no IS-IS process is enabled.
By default, no NET is configured.
The default setting is disabled.
N/A
N/A
The default setting is disabled.
324
Configuring IPv6 IS-IS route control
Before you configure IPv6 IS-IS route control, complete basic IPv6 IS-IS configuration.
To configure IPv6 IS-IS route control:
Step Command
1. Enter system view. system-view
2.
Enter IS-IS view.
3. Specify a preference for
IPv6 IS-IS routes. isis [ process-id ] [ vpn-instance
vpn-instance-name ] ipv6 preference { route-policy
route-policy-name | preference } *
4. Configure an IPv6 IS-IS summary route.
5. Generate an IPv6 IS-IS default route. ipv6 summary ipv6-prefix prefix-length
[ avoid-feedback | generate_null0_route |
[ level-1 | level-1-2 | level-2 ] | tag tag ] * ipv6 default-route-advertise [ [ level-1 | level-1-2 | level-2 ] | route-policy
route-policy-name ] *
6. Configure IPv6 IS-IS to filter redistributed routes.
7. Configure IPv6 IS-IS to filter inbound routes.
8. Configure IPv6 IS-IS to redistribute routes from another routing protocol.
9. Configure the maximum number of redistributed
Level 1/Level 2 IPv6 routes.
10. Configure route advertisement from Level-2 to Level-1.
11. Configure route advertisement from Level-1 to Level-2.
Remarks
N/A
N/A
By default, the default setting is 15.
By default, no IPv6 IS-IS summary route is configured.
By default, no IPv6 default route is generated. ipv6 filter-policy { acl6-number | prefix-list
prefix-list-name | route-policy
route-policy-name } export [ protocol
[ process-id ] ]
By default, IPv6 IS-IS does not filter redistributed routes.
This command is usually used together with the ipv6 import-route command. ipv6 filter-policy { acl6-number | prefix-list
prefix-list-name | route-policy
route-policy-name } import ipv6 import-route protocol [ process-id ]
[ allow-ibgp ] [ cost cost | [ level-1 | level-1-2
| level-2 ] | route-policy route-policy-name | tag tag ] *
By default, IPv6 IS-IS does not filter inbound routes.
By default, IPv6 IS-IS does not redistribute routes from any other routing protocol. ipv6 import-route limit number
By default, the maximum number of redistributed
Level 1/Level 2 IPv6 routes is 8192. ipv6 import-route isisv6 level-2 into level-1
[ filter-policy { acl6-number | prefix-list
prefix-list-name | route-policy
route-policy-name } | tag tag ] * ipv6 import-route isisv6 level-1 into level-2
[ filter-policy { acl6-number | prefix-list
prefix-list-name | route-policy
route-policy-name } | tag tag ] *
By default, IPv6 IS-IS does not advertise routes from
Level-2 to Level-1.
By default, IPv6 IS-IS advertises routes from
Level-1 to Level-2.
325
Step Command
12. Specify the maximum number of ECMP routes for load balancing. ipv6 maximum load-balancing number
Remarks
By default, the maximum number of ECMP routes is the same as that configured in the max-ecmp-num command. For more information about the max-ecmp-num command, see IP Routing Command
Reference.
Configuring BFD for IPv6 IS-IS
Bidirectional forwarding detection (BFD) can quickly detect faults between IPv6 IS-IS neighbors to improve the convergence speed of IPv6 IS-IS. For more information about BFD, see High Availability
Configuration Guide.
To configure BFD for IPv6 IS-IS:
Remarks
N/A
Step Command
1. Enter system view. system-view
2. Enable an IS-IS process and enter IS-IS view.
3. Configure the NET for the IS-IS process.
4. Enable IPv6 for the IS-IS process. isis [ process-id ] [ vpn-instance
vpn-instance-name ] network-entity net ipv6 enable
5. Return to system view.
6. Enter interface view. quit interface interface-type
interface-number
7. Enable IPv6 for an IS-IS process. isis ipv6 enable [ process-id ]
8. Enable BFD for IPv6 IS-IS. isis ipv6 bfd enable
N/A
By default, no NET is configured.
By default, IPv6 for the IS-IS process is disabled.
N/A
N/A
By default, IPv6 is disabled for an
IS-IS process.
By default, BFD for IPv6 IS-IS is disabled.
Displaying and maintaining IPv6 IS-IS
Execute display commands in any view. For other display and reset commands, see "Configuring IS-IS."
Task Command
Display information about routes redistributed by IPv6 IS-IS. display isis redistribute ipv6 [ ipv6-address mask-length ]
[ level-1 | level-2 ] [ process-id ]
Display IPv6 IS-IS routing information. display isis route ipv6 [ ipv6-address ] [ [ level-1 | level-2 ] | verbose ] * [ process-id ]
326
IPv6 IS-IS configuration examples
IPv6 IS-IS basic configuration example
Network requirements
same AS. Configure IPv6 IS-IS on the switches so that they can reach each other.
Switch A and Switch B are Level-1 switches, Switch D is a Level-2 switch, and Switch C is a Level-1-2 switch.
Figure 81 Network diagram
Configuration procedure
1.
2.
Configure IPv6 addresses for interfaces. (Details not shown.)
Configure IPv6 IS-IS:
# Configure Switch A.
<SwitchA> system-view
[SwitchA] isis 1
[SwitchA-isis-1] is-level level-1
[SwitchA-isis-1] network-entity 10.0000.0000.0001.00
[SwitchA-isis-1] ipv6 enable
[SwitchA-isis-1] quit
[SwitchA] interface vlan-interface 100
[SwitchA-Vlan-interface100] isis ipv6 enable 1
[SwitchA-Vlan-interface100] quit
# Configure Switch B.
<SwitchB> system-view
[SwitchB] isis 1
[SwitchB-isis-1] is-level level-1
[SwitchB-isis-1] network-entity 10.0000.0000.0002.00
[SwitchB-isis-1] ipv6 enable
[SwitchB-isis-1] quit
[SwitchB] interface vlan-interface 200
[SwitchB-Vlan-interface200] isis ipv6 enable 1
[SwitchB-Vlan-interface200] quit
327
# Configure Switch C.
<SwitchC> system-view
[SwitchC] isis 1
[SwitchC-isis-1] network-entity 10.0000.0000.0003.00
[SwitchC-isis-1] ipv6 enable
[SwitchC-isis-1] quit
[SwitchC] interface vlan-interface 100
[SwitchC-Vlan-interface100] isis ipv6 enable 1
[SwitchC-Vlan-interface100] quit
[SwitchC] interface vlan-interface 200
[SwitchC-Vlan-interface200] isis ipv6 enable 1
[SwitchC-Vlan-interface200] quit
[SwitchC] interface vlan-interface 300
[SwitchC-Vlan-interface300] isis ipv6 enable 1
[SwitchC-Vlan-interface300] quit
# Configure Switch D.
<SwitchD> system-view
[SwitchD] isis 1
[SwitchD-isis-1] is-level level-2
[SwitchD-isis-1] network-entity 20.0000.0000.0004.00
[SwitchD-isis-1] ipv6 enable
[SwitchD-isis-1] quit
[SwitchD] interface vlan-interface 300
[SwitchD-Vlan-interface300] isis ipv6 enable 1
[SwitchD-Vlan-interface300] quit
[SwitchD] interface vlan-interface 301
[SwitchD-Vlan-interface301] isis ipv6 enable 1
[SwitchD-Vlan-interface301] quit
Verifying the configuration
# Display the IPv6 IS-IS routing table on Switch A.
[SwitchA] display isis route ipv6
Route information for IS-IS(1)
------------------------------
Level-1 IPv6 Forwarding Table
-----------------------------
Destination : :: PrefixLen: 0
Flag : R/-/- Cost : 10
Next Hop : FE80::200:FF:FE0F:4 Interface: Vlan100
Destination : 2001:1:: PrefixLen: 64
Flag : D/L/- Cost : 10
Next Hop : Direct Interface: Vlan100
Destination : 2001:2:: PrefixLen: 64
328
Flag : R/-/- Cost : 20
Next Hop : FE80::200:FF:FE0F:4 Interface: Vlan100
Destination : 2001:3:: PrefixLen: 64
Flag : R/-/- Cost : 20
Next Hop : FE80::200:FF:FE0F:4 Interface: Vlan100
Flags: D-Direct, R-Added to Rib, L-Advertised in LSPs, U-Up/Down Bit Set
# Display the IPv6 IS-IS routing table on Switch B.
[SwitchB] display isis route ipv6
Route information for IS-IS(1)
------------------------------
Level-1 IPv6 Forwarding Table
-----------------------------
Destination : :: PrefixLen: 0
Flag : R/-/- Cost : 10
Next Hop : FE80::200:FF:FE0F:4 Interface: Vlan200
Destination : 2001:1:: PrefixLen: 64
Flag : D/L/- Cost : 10
Next Hop : FE80::200:FF:FE0F:4 Interface: Vlan200
Destination : 2001:2:: PrefixLen: 64
Flag : R/-/- Cost : 20
Next Hop : Direct Interface: Vlan200
Destination : 2001:3:: PrefixLen: 64
Flag : R/-/- Cost : 20
Next Hop : FE80::200:FF:FE0F:4 Interface: Vlan200
Flags: D-Direct, R-Added to Rib, L-Advertised in LSPs, U-Up/Down Bit Set
# Display the IPv6 IS-IS routing table on Switch C.
[SwitchC] display isis route ipv6
Route information for IS-IS(1)
------------------------------
Level-1 IPv6 Forwarding Table
-----------------------------
Destination : 2001:1:: PrefixLen: 64
Flag : D/L/- Cost : 10
Next Hop : Direct Interface: Vlan100
Destination : 2001:2:: PrefixLen: 64
329
Flag : D/L/- Cost : 10
Next Hop : Direct Interface: Vlan200
Destination : 2001:3:: PrefixLen: 64
Flag : D/L/- Cost : 10
Next Hop : Direct Interface: Vlan300
Flags: D-Direct, R-Added to Rib, L-Advertised in LSPs, U-Up/Down Bit Set
Level-2 IPv6 Forwarding Table
-----------------------------
Destination : 2001:1:: PrefixLen: 64
Flag : D/L/- Cost : 10
Next Hop : Direct Interface: Vlan100
Destination : 2001:2:: PrefixLen: 64
Flag : D/L/- Cost : 10
Next Hop : Direct Interface: Vlan200
Destination : 2001:3:: PrefixLen: 64
Flag : D/L/- Cost : 10
Next Hop : Direct Interface: Vlan300
Destination : 2001:4::1 PrefixLen: 128
Flag : R/-/- Cost : 10
Next Hop : FE80::20F:E2FF:FE3E:FA3D Interface: Vlan300
Flags: D-Direct, R-Added to Rib, L-Advertised in LSPs, U-Up/Down Bit Set
# Display the IPv6 IS-IS routing table on Switch D.
[SwitchD] display isis route ipv6
Route information for IS-IS(1)
------------------------------
Level-2 IPv6 Forwarding Table
-----------------------------
Destination : 2001:1:: PrefixLen: 64
Flag : R/-/- Cost : 20
Next Hop : FE80::200:FF:FE0F:4 Interface: Vlan300
Destination : 2001:2:: PrefixLen: 64
Flag : R/-/- Cost : 20
Next Hop : FE80::200:FF:FE0F:4 Interface: Vlan300
Destination : 2001:3:: PrefixLen: 64
Flag : D/L/- Cost : 10
330
Next Hop : Direct Interface: Vlan300
Destination : 2001:4::1 PrefixLen: 128
Flag : D/L/- Cost : 0
Next Hop : Direct Interface: Loop1
Flags: D-Direct, R-Added to Rib, L-Advertised in LSPs, U-Up/Down Bit Set
BFD for IPv6 IS-IS configuration example
Network requirements
• As shown in
Figure 82 , configure IPv6 IS-IS on Switch A and Switch B so that they can reach other.
• Enable BFD on VLAN-interface 10 of Switch A and Switch B. After the link between Switch B and the Layer-2 switch fails, BFD can quickly detect the failure and notify IPv6 IS-IS of the failure. Then
Switch A and Switch B communicate through Switch C.
Figure 82 Network diagram
Switch A Vlan-int10 2001::1/64
Device
Switch B
Switch C Vlan-int11 2001:2::2/64
Configuration procedure
1.
2.
Configure IP addresses for interfaces. (Details not shown.)
Configure IPv6 IS-IS:
# Configure Switch A.
<SwitchA> system-view
[SwitchA] isis 1
[SwitchA-isis-1] is-level level-1
[SwitchA-isis-1] network-entity 10.0000.0000.0001.00
[SwitchA-isis-1] ipv6 enable
[SwitchA-isis-1] quit
[SwitchA] interface vlan-interface 10
[SwitchA-Vlan-interface10] isis ipv6 enable 1
[SwitchA-Vlan-interface10] quit
331
Interface IPv6 address
Vlan-int10 2001::2/64
3.
[SwitchA] interface vlan-interface 11
[SwitchA-Vlan-interface11] isis ipv6 enable 1
[SwitchA-Vlan-interface11] quit
# Configure Switch B.
<SwitchB> system-view
[SwitchB] isis 1
[SwitchB-isis-1] is-level level-1
[SwitchB-isis-1] network-entity 10.0000.0000.0002.00
[SwitchB-isis-1] ipv6 enable
[SwitchB-isis-1] quit
[SwitchB] interface vlan-interface 10
[SwitchB-Vlan-interface10] isis ipv6 enable 1
[SwitchB-Vlan-interface10] quit
[SwitchB] interface vlan-interface 13
[SwitchB-Vlan-interface13] isis ipv6 enable 1
[SwitchB-Vlan-interface13] quit
# Configure Switch C.
<SwitchC> system-view
[SwitchC] isis 1
[SwitchC-isis-1] network-entity 10.0000.0000.0003.00
[SwitchC-isis-1] ipv6 enable
[SwitchC-isis-1] quit
[SwitchC] interface vlan-interface 11
[SwitchC-Vlan-interface11] isis ipv6 enable 1
[SwitchC-Vlan-interface11] quit
[SwitchC] interface vlan-interface 13
[SwitchC-Vlan-interface13] isis ipv6 enable 1
[SwitchC-Vlan-interface13] quit
Configure BFD functions:
# Enable BFD and configure BFD parameters on Switch A.
[SwitchA] bfd session init-mode active
[SwitchA] interface vlan-interface 10
[SwitchA-Vlan-interface10] isis ipv6 bfd enable
[SwitchA-Vlan-interface10] bfd min-transmit-interval 500
[SwitchA-Vlan-interface10] bfd min-receive-interval 500
[SwitchA-Vlan-interface10] bfd detect-multiplier 7
[SwitchA-Vlan-interface10] return
# Enable BFD and configure BFD parameters on Switch B.
[SwitchB] bfd session init-mode active
[SwitchB] interface vlan-interface 10
[SwitchB-Vlan-interface10] isis ipv6 bfd enable
[SwitchB-Vlan-interface10] bfd min-transmit-interval 500
[SwitchB-Vlan-interface10] bfd min-receive-interval 500
[SwitchB-Vlan-interface10] bfd detect-multiplier 6
Verifying the configuration
# Display BFD session information on Switch A.
332
<SwitchA> display bfd session
Total Session Num: 1 Init Mode: Active
IPv6 Session Working Under Ctrl Mode:
Local Discr: 1441 Remote Discr: 1450
Source IP: FE80::20F:FF:FE00:1202 (link-local address of VLAN-interface 10 on
Switch A)
Destination IP: FE80::20F:FF:FE00:1200 (link-local address of VLAN-interface 10 on
Switch B)
Session State: Up Interface: Vlan10
Hold Time: 2319ms
# Display routes destined for 2001:4::0/64 on Switch A.
<SwitchA> display ipv6 routing-table 2001:4::0 64
Summary Count : 1
Destination: 2001:4::/64 Protocol : ISISv6
NextHop : FE80::20F:FF:FE00:1200 Preference: 15
Interface : Vlan10 Cost : 10
The output shows that Switch A and Switch B communicate through VLAN-interface 10. Then the link over
VLAN-interface 10 fails.
# Display routes destined for 2001:4::0/64 on Switch A.
<SwitchA> display ipv6 routing-table 2001:4::0 64
Summary Count : 1
Destination: 2001:4::/64 Protocol : ISISv6
NextHop : FE80::BAAF:67FF:FE27:DCD0 Preference: 15
Interface : Vlan11 Cost : 20
The output shows that Switch A and Switch B communicate through VLAN-interface 11.
333
Configuring IPv6 PBR
Introduction to IPv6 PBR
Policy-based routing (PBR) uses user-defined policies to route packets. A policy can specify the next hop and other parameters for packets that match specific criteria such as ACLs.
A device uses PBR to forward matching packets and uses the routing table to forward non-matching packets. If PBR is not configured, the device uses the routing table to forward packets.
The device supports only interface PBR, which guides the forwarding of packets received on an interface only.
Policy
An IPv6 policy includes match criteria and actions to be taken on the matching packets. A policy can have one or multiple nodes as follows:
• Each node is identified by a node number. A smaller node number has a higher priority.
•
A node comprises if-match and apply clauses. An if-match clause specifies a match criterion, and an apply clause specifies an action.
•
A node has a match mode of permit or deny.
An IPv6 policy matches nodes in priority order against packets. If a packet satisfies the match criteria on a node, it is processed by the action on the node. Otherwise, it goes to the next node for a match. If the packet does not match the criteria on any node, it is forwarded according to the routing table. if-match clause
IPv6 PBR supports only the if-match acl clause, which sets an ACL match criterion.
You can specify only one if-match clause of each type for a node. apply clause
IPv6 PBR supports only the apply next-hop clause, which sets the next hop for packets.
Relationship between the match mode and clauses on the node
Does a packet match all the if-match clauses on the node?
Yes
No
In permit mode
Match mode
In deny mode
•
If the node is configured with an apply clause, IPv6 PBR executes the apply clause on the node.
•
If the node is configured with no apply clause, the packet is forwarded according to the routing table.
IPv6 PBR matches the packet against the next node.
The packet is forwarded according to the routing table.
IPv6 PBR matches the packet against the next node.
334
A node that has no if-match clauses matches any packet.
PBR and track
PBR can work with the Track feature to dynamically adapt the availability status of a node configured with an apply clause to the link status of a tracked next hop.
When the track entry associated with the node changes to negative because the next hop is detected to be unavailable, the node cannot be used for forwarding. When the track entry changes to positive or
NotReady because the next hop is detected to be available, the node can be used for forwarding.
For more information about track-PBR collaboration, see High Availability Configuration Guide.
IPv6 PBR configuration task list
Tasks at a glance
(Required.) Configuring an IPv6 policy :
•
•
Configuring match criteria for an IPv6 node
•
Configuring actions for an IPv6 node
(Required.) Configuring IPv6 PBR
Configuring an IPv6 policy
Creating an IPv6 node
Step Command
1. Enter system view. system-view
2. Create an IPv6 policy or policy node, and enter IPv6 policy node view. ipv6 policy-based-route policy-name [ deny | permit ] node node-number
Configuring match criteria for an IPv6 node
Step Command
1. Enter system view. system-view
2. Enter IPv6 policy node view. ipv6 policy-based-route policy-name [ deny | permit ] node node-number
3. Configure an ACL match criterion. if-match acl acl-number
Remarks
N/A
By default, no IPv6 policy node is created.
Remarks
N/A
N/A
By default, no ACL match criterion is configured.
335
NOTE:
If an ACL match criterion is defined, packets are matched against the ACL rules, and the permit or deny action and the time range of the specified ACL are ignored. If the specified ACL does not exist, no packet is matched.
Configuring actions for an IPv6 node
Step Command
1. Enter system view. system-view
2. Enter IPv6 policy node view. ipv6 policy-based-route policy-name [ deny
| permit ] node node-number
3. Set next hops for permitted IPv6 packets.
Remarks
N/A
N/A apply next-hop [ vpn-instance
vpn-instance-name ] { ipv6-address [ direct ]
[ track track-entry-number ] }&<1-n>
By default, no next hop is specified.
You can specify multiple next hops for backup, which are executed in the order they are configured.
The value of n is 2.
Configuring IPv6 PBR
Configure IPv6 PBR by applying an IPv6 policy to an interface. IPv6 PBR uses the policy to guide the forwarding of IPv6 packets received on the interface. The specified policy must exist. Otherwise, the IPv6 interface PBR configuration fails.
You can apply only one policy on an interface. Before you apply a new policy, you must first remove the current policy from the interface.
You can apply the same IPv6 policy on multiple interfaces.
To configure IPv6 interface PBR:
Step Command
1. Enter system view. system-view
Remarks
N/A
2. Enter interface view. interface interface-type interface-number N/A
3. Apply an IPv6 policy on the interface. ipv6 policy-based-route policy-name
By default, no IPv6 policy is applied on the interface.
Displaying and maintaining IPv6 PBR
Execute display commands in any view and reset commands in user view.
Task Command
Display IPv6 PBR policy information. display ipv6 policy-based-route [ policy policy-name ]
Display IPv6 PBR configuration. display ipv6 policy-based-route setup
336
Task Command
Display IPv6 interface PBR configuration and statistics. display ipv6 policy-based-route interface interface-type
interface-number [ slot slot-number ]
Clear IPv6 PBR statistics. reset ipv6 policy-based-route statistics [ policy policy-name ]
Packet type-based IPv6 interface PBR configuration example
Network requirements
, configure IPv6 PBR on Switch A to forward all TCP packets received on
VLAN-interface 11 to the next hop 1::2. Switch A forwards other IPv6 packets according to the routing table.
Figure 83 Network diagram
Configuration procedure
1.
Configure Switch A:
# Configure RIPng.
<SwitchA> system-view
[SwitchA] ripng 1
[SwitchA-ripng-1] quit
[SwitchA] interface vlan-interface 10
[SwitchA-Vlan-interface10] ipv6 address 1::1 64
[SwitchA-Vlan-interface10] ripng 1 enable
[SwitchA-Vlan-interface10] quit
[SwitchA] interface vlan-interface 20
337
2.
3.
[SwitchA-Vlan-interface20] ipv6 address 2::1 64
[SwitchA-Vlan-interface20] ripng 1 enable
[SwitchA-Vlan-interface20] quit
# Configure ACL 3001 to match TCP packets.
[SwitchA] acl ipv6 number 3001
[SwitchA-acl6-adv-3001] rule permit tcp
[SwitchA-acl6-adv-3001] quit
# Configure Node 5 for policy aaa to forward TCP packets to next hop 1::2.
[SwitchA] ipv6 policy-based-route aaa permit node 5
[SwitchA-pbr6-aaa-5] if-match acl 3001
[SwitchA-pbr6-aaa-5] apply next-hop 1::2
[SwitchA-pbr6-aaa-5] quit
# Configure IPv6 interface PBR by applying the policy aaa on VLAN-interface 11.
[SwitchA] interface vlan-interface 11
[SwitchA-Vlan-interface11] ipv6 address 10::2 64
[SwitchA-Vlan-interface11] undo ipv6 nd ra halt
[SwitchA-Vlan-interface11] ripng 1 enable
[SwitchA-Vlan-interface11] ipv6 policy-based-route aaa
Configure RIPng on Switch B.
<SwitchB> system-view
[SwitchB] ripng 1
[SwitchB-ripng-1] quit
[SwitchB] interface vlan-interface 10
[SwitchB-Vlan-interface10] ipv6 address 1::2 64
[SwitchB-Vlan-interface10] ripng 1 enable
Configure RIPng on Switch C.
<SwitchC> system-view
[SwitchC] ripng 1
[SwitchC-ripng-1] quit
[SwitchC] interface vlan-interface 20
[SwitchC-Vlan-interface20] ipv6 address 2::2 64
[SwitchC-Vlan-interface20] ripng 1 enable
Verifying the configuration
# Enable IPv6 and configure the IPv6 address 10::3 for Host A.
C:\>ipv6 install
Installing...
Succeeded.
C:\>ipv6 adu 4/10::3
# On Host A, Telnet to Switch B that is directly connected to Router A. The operation succeeds.
# On Host A, Telnet to Switch C that is directly connected to Router A. The operation fails.
# Ping Switch C from Host A. The operation succeeds.
Telnet uses TCP, and ping uses ICMP. The preceding results show that all TCP packets arriving on
VLAN-interface 11 of Switch A are forwarded to next hop 1::2, and other packets are forwarded through
VLAN-interface 20. The IPv6 interface PBR configuration is effective.
338
Configuring routing policies
Routing policies control routing paths by filtering and modifying routing information. This chapter describes both IPv4 and IPv6 routing policies.
Overview
Routing policies can filter advertised, received, and redistributed routes, and modify attributes for specific routes.
To configure a routing policy:
1.
2.
Configure filters based on route attributes, such as destination address and the advertising router's address.
Create a routing policy and apply filters to the routing policy.
Filters
Routing policies can use the following filters to match routes.
ACL
ACLs include IPv4 ACLs and IPv6 ACLs. An ACL can match the destination or next hop of routing information.
For more information about ACLs, see ACL and QoS Configuration Guide.
IP prefix list
IP prefix lists include IPv4 prefix lists and IPv6 prefix lists.
An IP prefix list matches the destination address of routing information. You can use the gateway option to receive routing information only from specific routers. For more information about the gateway option, see "Configuring RIP" and "Configuring OSPF."
An IP prefix list, identified by name, can comprise multiple items. Each item, identified by an index number, specifies a prefix range to match. An item with a smaller index number is matched first. A route that matches one item matches the IP prefix list.
AS path list
An AS path list matches the AS_PATH attribute of BGP routing information.
For more information about AS path lists, see "Configuring BGP."
Community list
A community list matches the COMMUNITY attribute of BGP routing information.
For more information about community lists, see "Configuring BGP."
Extended community list
An extended community list matches the extended community attribute (for example, Route-Target for
VPN) of BGP routing information.
339
For more information about extended community lists, see MCE Configuration Guide.
Routing policy
A routing policy can comprise multiple nodes, which are in a logical OR relationship. A node with a smaller number is matched first. A route (except the route configured with the continue clauses) that matches one node matches the routing policy.
Each node has a match mode of permit or deny.
• permit—Specifies the permit match mode for a routing policy node. If a route matches all the if-match clauses of the node, it is handled by the apply clauses of the node and does not match against the next node unless the continue clause is configured. If not, it matches against the next node.
• deny—Specifies the deny match mode for a routing policy node. The apply and continue clauses of a deny-mode node are never executed. If a route matches all the if-match clauses of the node, it is discarded and does not match against the next node. If a route does not match all the if-match clauses of the node, it matches against the next node.
A node can comprise a set of if-match, apply, and continue clauses.
• if-match clauses—Configure the match criteria that match the attributes of routing information. The if-match clauses are in a logical AND relationship. A route must match all the if-match clauses to match the node.
• apply clauses—Specify the actions to be taken on permitted routes, such as modifying a route attribute.
• continue clause—Specify the next node. A route that matches the current node (permit-mode node) must match the specified next node in the same routing policy. The continue clause combines the if-match and apply clauses of the two nodes to improve flexibility of the routing policy.
Follow these guidelines when you configure if-match, apply, and continue clauses:
•
If you only want to filter routes, do not configure apply clauses.
• If you do not configure any if-match clauses for a permit-mode node, the node will permit all routes.
•
Configure a permit-mode node containing no if-match or apply clauses behind multiple deny-mode nodes to allow unmatched routes to pass.
Configuring filters
Configuration prerequisites
Determine the IP prefix list name, matching address range, and community list number.
Configuring an IP prefix list
Configuring an IPv4 prefix list
If all the items are set to deny mode, no routes can pass the IPv4 prefix list. To allow other IPv4 routing information to pass, you must configure the permit 0.0.0.0 0 less-equal 32 item following multiple deny items.
To configure an IPv4 prefix list:
340
Step Command
1. Enter system view. system-view
Remarks
N/A
2. Configure an IPv4 prefix list. ip prefix-list prefix-list-name [ index index-number ]
{ deny | permit } ip-address mask-length
[ greater-equal min-mask-length ] [ less-equal
max-mask-length ]
By default, no IPv4 prefix list is configured.
Configuring an IPv6 prefix list
If all items are set to deny mode, no routes can pass the IPv6 prefix list. To allow other IPv6 routing information to pass, you must configure the permit :: 0 less-equal 128 item following multiple deny items.
To configure an IPv6 prefix list:
Step Command
1. Enter system view. system-view
2. Configure an IPv6 prefix list. ipv6 prefix-list prefix-list-name [ index index-number ]
{ deny | permit } ipv6-address prefix-length
[ greater-equal min-prefix-length ] [ less-equal
max-prefix-length ]
Remarks
N/A
By default, no IPv6 prefix list is configured.
Configuring an AS path list
You can configure multiple items for an AS path list that is identified by a number. The relationship between items is logical OR. A route that matches one item matches the AS path list.
To configure an AS path list:
Step Command
1. Enter system view. system-view
2. Configure an AS path list. ip as-path as-path-number { deny | permit } regular-expression
Remarks
N/A
By default, no AS path list is configured.
Configuring a community list
You can configure multiple items for a community list that is identified by number. The relationship between the items is logic OR. A route that matches one item matches the community list.
To configure a community list:
Step Command
1. Enter system view. system-view
Remarks
N/A
341
Step Command
2. Configure a community list.
•
Configure a basic community list: ip community-list { basic-comm-list-num | basic
basic-comm-list-name } { deny | permit }
[ community-number&<1-32> | aa:nn&<1-32> ]
[ internet | no-advertise | no-export | no-export-subconfed ] *
•
Configure an advanced community list: ip community-list { adv-comm-list-num | advanced
adv-comm-list-name } { deny | permit }
regular-expression
Remarks
Use either approach.
By default, no community list is configured.
Configuring an extended community list
You can configure multiple items for an extended community list that is identified by a number. The relationship between items is logic OR. A route that matches one item matches the extended community list.
To configure an extended community list:
Step Command
1. Enter system view. system-view
2. Configure an extended community list. ip extcommunity-list ext-comm-list-number { deny | permit } { rt route-target }&<1-32>
Remarks
N/A
By default, no extended community list is configured.
Configuring a routing policy
Configuration prerequisites
Configure filters and routing protocols, and determine the routing policy name, node numbers, match criteria, and the attributes to be modified.
Creating a routing policy
For a routing policy that has more than one node, configure at least one permit-mode node. A route that does not match any node cannot pass the routing policy. If all the nodes are in deny mode, no routing information can pass the routing policy.
To create a routing policy:
Step Command
1. Enter system view. system-view
2. Create a routing policy and a node, and enter routing policy node view. route-policy
route-policy-name { deny | permit } node node-number
Remarks
N/A
By default, no routing policy is created.
342
Configuring if-match clauses
You can either specify no if-match clauses or multiple if-match clauses for a routing policy node. If no if-match clause is specified for a permit-mode node, all routing information can pass the node. If no if-match clause is specified for a deny-mode node, no routing information can pass the node.
The if-match clauses of a routing policy node have a logical AND relationship. A route must satisfy all if-match clauses before it can be executed by the apply clauses of the node. If an if-match command exceeds the maximum length, multiple identical if-match clauses are generated. These clauses have a logical OR relationship. A route only needs to match one of them.
To configure if-match clauses:
Step Command
1. Enter system view. system-view
Remarks
N/A
2. Enter routing policy node view. route-policy route-policy-name { deny
3. Match routes whose destination, next hop, or source matches a specified prefix list.
•
Match IPv4 routes whose destination, next hop, or source matches the IPv4 prefix list: if-match ip { address | next-hop | route-source } { acl acl-number | prefix-list prefix-list-name }
•
Match IPv6 routes whose destination, next hop, or source matches the IPv6 prefix list: if-match ipv6 { address | next-hop | route-source } { acl
acl6-number | prefix-list
prefix-list-name }
N/A
By default, no IPv4 or IPv6 prefix list match criterion is configured.
If the ACL used by an if-match clause does not exist, the clause is always satisfied. If no rules of the specified ACL are matched or the match rules are inactive, the clause is not satisfied.
The ACL specified in an if-match clause must be a non-VPN ACL.
4. Match BGP routes whose
AS_PATH attribute matches a specified AS path list. if-match as-path
as-path-number&<1-32>
By default, no AS path match criterion is configured.
5. Match BGP routes whose
COMMUNITY attribute matches a specified community list. if-match community
{ { basic-community-list-number | name comm-list-name }
[ whole-match ] |
adv-community-list-number }&<1-32>
6. Match routes having the specified cost.
7. Match BGP routes whose extended community attribute matches a specified extended community list. if-match cost value if-match extcommunity
ext-comm-list-number&<1-32>
8. Match routes having the specified output interface. if-match interface { interface-type
interface-number }&<1-16>
By default, no COMMUNITY match criterion is matched.
By default, no cost match criterion is configured.
By default, no extended community list match criterion is configured.
By default, no output interface match criterion is configured.
This command is not supported by BGP.
343
Step Command
9. Match BGP routes having the specified local preference.
10. Match routes having the specified route type. if-match local-preference preference
Remarks
By default, no local preference is configured for
BGP routes. if-match route-type { external-type1 | external-type1or2 | external-type2 | internal | is-is-level-1 | is-is-level-2 | nssa-external-type1 | nssa-external-type1or2 | nssa-external-type2 } *
By default, no route type match criterion is configured.
11. Match RIP, OSPF, and IS-IS routes having the specified tag value. if-match tag value
By default, no tag match criterion is configured.
Configuring apply clauses
The difference between IPv4 and IPv6 apply clauses is the command for setting the next hop for routing information.
To configure apply clauses:
Remarks
N/A
Step Command
1. Enter system view. system-view
2. Enter routing policy node view.
3. Set the AS_PATH attribute for
BGP routes.
4. Delete the specified
COMMUNITY attribute for
BGP routes.
5. Set the specified COMMUNITY attribute for BGP routes.
6. Set a cost for routes.
7. Set a cost type for routes.
8. Set the extended community attribute for BGP routes. route-policy route-policy-name
{ deny | permit } node
node-number apply as-path
as-number&<1-32> [ replace ] apply comm-list
{ comm-list-number |
comm-list-name } delete apply community { none | additive |
{ community-number&<1-32> |
aa:nn&<1-32> | internet | no-advertise | no-export | no-export-subconfed } *
[ additive ] } apply cost [ + | - ] value apply cost-type { external | internal | type-1 | type-2 } apply extcommunity { rt
route-target }&<1-32>
[ additive ]
N/A
By default, no AS_PATH attribute is set for BGP routes.
By default, no COMMUNITY attribute is deleted for BGP routes.
By default, no community attribute is set for BGP routes.
By default, no cost is set for routes.
By default, no cost type is set for routes.
By default, no extended community attribute is set for BGP routes.
344
Step Command
9. Set the next hop for routes.
•
Set the next hop for IPv4 routes: apply ip-address next-hop
ip-address [ public | vpn-instance
vpn-instance-name ]
•
Set the next hop for IPv6 routes: apply ipv6 next-hop
ipv6-address
10. Redistribute routes to a specified ISIS level.
11. Set a local preference for BGP routes.
12. Set the ORIGIN attribute for
BGP routes.
13. Set a preference.
14. Set a preferred value for BGP routes.
15. Set a tag value for RIP, OSPF, and IS-IS route.
Remarks
By default, no next hop is set for
IPv4/IPv6 routes.
The apply ip-address next-hop and apply ipv6 next-hop commands do not apply to redistributed IPv4 and
IPv6 routes. apply isis { level-1 | level-1-2 | level-2 } apply local-preference
preference apply origin { egp as-number | igp | incomplete } apply preference preference apply preferred-value
preferred-value apply tag value
By default, routes are not redistributed into a specified IS-IS level.
By default, no local preference is set for BGP routes.
By default, no ORIGIN attribute is set for BGP routes.
By default, no preference is set.
By default, no preferred value is set for BGP routes.
By default, no tag value is set for RIP,
OSPF, and IS-IS routes.
16. Set a backup link for fast reroute (FRR). apply fast-reroute backup-interface interface-type
interface-number
[ backup-nexthop ip-address ]
By default, no backup link is set for
FRR.
Configuring a continue clause
Follow these guidelines when you configure a continue clause:
•
If you configure the same type of apply clauses that set different values on nodes that are combined by the continue clause, and the apply clauses are not configured with the additive keyword, the apply clause configured on the last matching node takes effect. If the apply clauses are configured with the additive keyword (including the apply as-path clauses without the replace keyword, the apply cost clauses with the + or - keyword, the apply community clauses with the additive keyword, and the apply extcommunity clauses with the additive keyword), all the apply clauses configured on the matching nodes take effect.
•
If you configure the apply community clause for multiple nodes that are combined by the continue clause, the apply comm-list delete clause configured on the current node cannot delete the community attributes set by preceding nodes.
To configure a continue clause:
1. Enter system view. system-view N/A
345
2. Enter routing policy node view. route-policy route-policy-name
N/A
3. Specify the next node to be matched. continue [ node-number ]
By default, no continue clause is configured.
The specified next node must have a larger number than the current node.
Displaying and maintaining the routing policy
Execute display commands in any view and reset commands in user view.
Task Command
Display BGP AS path list information. display ip as-path [ as-path-number ]
Display BGP community list information. display ip community-list [ basic-community-list-number |
adv-community-list-number | comm-list-name ] [ | { begin | exclude
| include } regular-expression ]
Display BGP extended community list information.
Display IPv4 prefix list statistics.
Display IPv6 prefix list statistics.
Display routing policy information.
Clear IPv4 prefix list statistics.
Clear IPv6 prefix list statistics. display ip extcommunity-list [ ext-comm-list-number ] display ip prefix-list [ prefix-list-name ] display ipv6 prefix-list [ prefix-list-name ] display route-policy [ route-policy-name ] reset ip prefix-list [ prefix-list-name ] reset ipv6 prefix-list [ prefix-list-name ]
Routing policy configuration examples
Applying a routing policy to IPv4 route redistribution
Network Requirements
, Switch B exchanges routing information with Switch A by using OSPF and with
Switch C by using IS-IS.
On Switch B, enable route redistribution from IS-IS to OSPF, and use a routing policy to set the cost of route 172.17.1.0/24 to 100 and the tag of route 172.17.2.0/24 to 20.
346
Figure 84 Network diagram
OSPF
IS-IS
Vlan-int100
192.168.1.2/24
Switch B
Vlan-int200
192.168.2.2/24
Vlan-int201
172.17.1.1/24
Vlan-int100
192.168.1.1/24
Vlan-int200
192.168.2.1/24
Vlan-int202
172.17.2.1/24
Switch A Switch C
Configuration procedure
1.
2.
Specify IP addresses for interfaces. (Details not shown.)
Configure IS-IS:
# Configure Switch C.
<SwitchC> system-view
Vlan-int203
172.17.3.1/24
3.
[SwitchC] isis
[SwitchC-isis-1] is-level level-2
[SwitchC-isis-1] network-entity 10.0000.0000.0001.00
[SwitchC-isis-1] quit
[SwitchC] interface vlan-interface 200
[SwitchC-Vlan-interface200] isis enable
[SwitchC-Vlan-interface200] quit
[SwitchC] interface vlan-interface 201
[SwitchC-Vlan-interface201] isis enable
[SwitchC-Vlan-interface201] quit
[SwitchC] interface vlan-interface 202
[SwitchC-Vlan-interface202] isis enable
[SwitchC-Vlan-interface202] quit
[SwitchC] interface vlan-interface 203
[SwitchC-Vlan-interface203] isis enable
[SwitchC-Vlan-interface203] quit
# Configure Switch B.
<SwitchB> system-view
[SwitchB] isis
[SwitchB-isis-1] is-level level-2
[SwitchB-isis-1] network-entity 10.0000.0000.0002.00
[SwitchB-isis-1] quit
[SwitchB] interface vlan-interface 200
[SwitchB-Vlan-interface200] isis enable
[SwitchB-Vlan-interface200] quit
Configure OSPF and route redistribution:
# Configure OSPF on Switch A.
<SwitchA> system-view
347
4.
5.
[SwitchA] ospf
[SwitchA-ospf-1] area 0
[SwitchA-ospf-1-area-0.0.0.0] network 192.168.1.0 0.0.0.255
[SwitchA-ospf-1-area-0.0.0.0] quit
[SwitchA-ospf-1] quit
# On Switch B, configure OSPF and enable route redistribution from IS-IS.
[SwitchB] ospf
[SwitchB-ospf-1] area 0
[SwitchB-ospf-1-area-0.0.0.0] network 192.168.1.0 0.0.0.255
[SwitchB-ospf-1-area-0.0.0.0] quit
[SwitchB-ospf-1] import-route isis 1
[SwitchB-ospf-1] quit
# Display the OSPF routing table on Switch A to view redistributed routes.
[SwitchA] display ospf routing
OSPF Process 1 with Router ID 192.168.1.1
Routing Tables
Routing for Network
Destination Cost Type NextHop AdvRouter Area
192.168.1.0/24 1 Stub 192.168.1.1 192.168.1.1 0.0.0.0
Routing for ASEs
Destination Cost Type Tag NextHop AdvRouter
172.17.1.0/24 1 Type2 1 192.168.1.2 192.168.2.2
172.17.2.0/24 1 Type2 1 192.168.1.2 192.168.2.2
172.17.3.0/24 1 Type2 1 192.168.1.2 192.168.2.2
Total Nets: 4
Intra Area: 1 Inter Area: 0 ASE: 3 NSSA: 0
Configure filtering lists:
# Configure ACL 2002 to permit route 172.17.2.0/24.
[SwitchB] acl number 2002
[SwitchB-acl-basic-2002] rule permit source 172.17.2.0 0.0.0.255
[SwitchB-acl-basic-2002] quit
# Configure IP prefix list prefix-a to permit route 172.17.1.0/24.
[SwitchB] ip prefix-list prefix-a index 10 permit 172.17.1.0 24
Configure a routing policy.
[SwitchB] route-policy isis2ospf permit node 10
[SwitchB-route-policy-isis2ospf-10] if-match ip address prefix-list prefix-a
[SwitchB-route-policy-isis2ospf-10] apply cost 100
[SwitchB-route-policy-isis2ospf-10] quit
[SwitchB] route-policy isis2ospf permit node 20
[SwitchB-route-policy-isis2ospf-20] if-match ip address acl 2002
[SwitchB-route-policy-isis2ospf-20] apply tag 20
[SwitchB-route-policy-isis2ospf-20] quit
[SwitchB] route-policy isis2ospf permit node 30
348
6.
[SwitchB-route-policy-isis2ospf-30] quit
Apply the routing policy to route redistribution:
# On Switch B, enable route redistribution from IS-IS and apply the routing policy.
[SwitchB] ospf
[SwitchB-ospf-1] import-route isis 1 route-policy isis2ospf
[SwitchB-ospf-1] quit
# Display the OSPF routing table on Switch A.
[SwitchA] display ospf routing
OSPF Process 1 with Router ID 192.168.1.1
Routing Tables
Routing for Network
Destination Cost Type NextHop AdvRouter Area
192.168.1.0/24 1 Transit 192.168.1.1 192.168.1.1 0.0.0.0
Routing for ASEs
Destination Cost Type Tag NextHop AdvRouter
172.17.1.0/24 100 Type2 1 192.168.1.2 192.168.2.2
172.17.2.0/24 1 Type2 20 192.168.1.2 192.168.2.2
172.17.3.0/24 1 Type2 1 192.168.1.2 192.168.2.2
Total Nets: 4
Intra Area: 1 Inter Area: 0 ASE: 3 NSSA: 0
The output shows that the cost of route 172.17.1.0/24 is 100 and the tag of route
172.17.2.0/24 is 20.
Applying a routing policy to IPv6 route redistribution
Network requirements
•
, run RIPng on Switch A and Switch B.
•
On Switch A, configure three static routes, and apply a routing policy to static route redistribution to permit routes 20::0/32 and 40::0/32 and deny route 30::0/32.
Figure 85 Network diagram
Configuration procedure
1.
Configure Switch A:
# Configure IPv6 addresses for VLAN-interface 100 and VLAN-interface 200.
<SwitchA> system-view
349
2.
[SwitchA] interface vlan-interface 100
[SwitchA-Vlan-interface100] ipv6 address 10::1 32
[SwitchA-Vlan-interface100] quit
[SwitchA] interface vlan-interface 200
[SwitchA-Vlan-interface200] ipv6 address 11::1 32
[SwitchA-Vlan-interface200] quit
# Enable RIPng on VLAN-interface 100.
[SwitchA] interface vlan-interface 100
[SwitchA-Vlan-interface100] ripng 1 enable
[SwitchA-Vlan-interface100] quit
# Configure three static routes with next hop 11::2, and make sure that the static routes are active.
[SwitchA] ipv6 route-static 20:: 32 11::2
[SwitchA] ipv6 route-static 30:: 32 11::2
[SwitchA] ipv6 route-static 40:: 32 11::2
# Configure a routing policy.
[SwitchA] ipv6 prefix-list a index 10 permit 30:: 32
[SwitchA] route-policy static2ripng deny node 0
[SwitchA-route-policy-static2ripng-0] if-match ipv6 address prefix-list a
[SwitchA-route-policy-static2ripng-0] quit
[SwitchA] route-policy static2ripng permit node 10
[SwitchA-route-policy-static2ripng-10] quit
# Enable RIPng and apply the routing policy to static route redistribution.
[SwitchA] ripng
[SwitchA-ripng-1] import-route static route-policy static2ripng
Configure Switch B:
# Configure the IPv6 address for VLAN-interface 100.
<SwitchB> system-view
[SwitchB] interface vlan-interface 100
[SwitchB-Vlan-interface100] ipv6 address 10::2 32
# Enable RIPng.
[SwitchB] ripng
[SwitchB-ripng-1] quit
# Enable RIPng on VLAN-interface 100.
[SwitchB] interface vlan-interface 100
[SwitchB-Vlan-interface100] ripng 1 enable
[SwitchB-Vlan-interface100] quit
Verifying the configuration
# Display the RIPng routing table on Switch B.
[SwitchB] display ripng 1 route
Route Flags: A - Aging, S - Suppressed, G - Garbage-collect
----------------------------------------------------------------
Peer FE80::7D58:0:CA03:1 on Vlan-interface 100
Destination 10::/32,
via FE80::7D58:0:CA03:1, cost 1, tag 0, A, 18 secs
Destination 20::/32,
350
via FE80::7D58:0:CA03:1, cost 1, tag 0, A, 8 secs
Destination 40::/32,
via FE80::7D58:0:CA03:1, cost 1, tag 0, A, 3 secs
351
Support and other resources
Contacting HP
For worldwide technical support information, see the HP support website: http://www.hp.com/support
Before contacting HP, collect the following information:
• Product model names and numbers
•
Technical support registration number (if applicable)
•
Product serial numbers
• Error messages
•
Operating system type and revision level
•
Detailed questions
Subscription service
HP recommends that you register your product at the Subscriber's Choice for Business website: http://www.hp.com/go/wwalerts
After registering, you will receive email notification of product enhancements, new driver versions, firmware updates, and other product resources.
Related information
Documents
To find related documents, browse to the Manuals page of the HP Business Support Center website: http://www.hp.com/support/manuals
• For related documentation, navigate to the Networking section, and select a networking category.
•
For a complete list of acronyms and their definitions, see HP FlexNetwork Technology Acronyms.
Websites
• HP.com http://www.hp.com
• HP Networking http://www.hp.com/go/networking
•
HP manuals http://www.hp.com/support/manuals
•
HP download drivers and software http://www.hp.com/support/downloads
• HP software depot http://www.software.hp.com
•
HP Education http://www.hp.com/learn
352
Conventions
This section describes the conventions used in this documentation set.
Command conventions
Convention Description
Boldface Bold text represents commands and keywords that you enter literally as shown.
Italic
[ ]
{ x | y | ... }
[ x | y | ... ]
{ x | y | ... } *
[ x | y | ... ] *
&<1-n>
Italic text represents arguments that you replace with actual values.
Square brackets enclose syntax choices (keywords or arguments) that are optional.
Braces enclose a set of required syntax choices separated by vertical bars, from which you select one.
Square brackets enclose a set of optional syntax choices separated by vertical bars, from which you select one or none.
Asterisk-marked braces enclose a set of required syntax choices separated by vertical bars, from which you select at least one.
Asterisk-marked square brackets enclose optional syntax choices separated by vertical bars, from which you select one choice, multiple choices, or none.
The argument or keyword and argument combination before the ampersand (&) sign can be entered 1 to n times.
A line that starts with a pound (#) sign is comments. #
GUI conventions
Symbols
Convention Description
Boldface
Window names, button names, field names, and menu items are in bold text. For example, the New User window appears; click OK.
> Multi-level menus are separated by angle brackets. For example, File > Create > Folder.
Convention Description
WARNING
An alert that calls attention to important information that if not understood or followed can result in personal injury.
CAUTION
An alert that calls attention to important information that if not understood or followed can result in data loss, data corruption, or damage to hardware or software.
IMPORTANT
NOTE
An alert that calls attention to essential information.
An alert that contains additional or supplementary information.
TIP
An alert that provides helpful information.
353
Network topology icons
Represents a generic network device, such as a router, switch, or firewall.
Represents a routing-capable device, such as a router or Layer 3 switch.
Port numbering in examples
Represents a generic switch, such as a Layer 2 or Layer 3 switch, or a router that supports
Layer 2 forwarding and other Layer 2 features.
The port numbers in this document are for illustration only and might be unavailable on your device.
354
Index
4-byte
ABR
BGP AS number suppression, 208
OSPF ABR Type-3 LSA filtering configuration, 64
OSPF route summarization configuration, 62
ABR (OSPF), 51 action (IPv6 node), 336 action (PBR node configuration), 269 adding OSPF interface MTU into DD packets, 72 additional routing metric, 285 address
BGP address family view, 167
IS-IS area, 109
IS-IS format, 108
IS-IS NSAP format, 108
IS-IS routing method, 109
MP-BGP address family, 167
RIP source IP address check, 30 adjacencies, establish, 53 advertisement controlling RIP reception on interfaces, 23 advertising
BGP default route to peer/peer group, 183 configuring RIP summary route advertisement,
40 default route, 26 fake AS number to a peer/peer group, 201
IS-IS default route, 121
IS-IS routes, 122
OSPF host route, 67
OSPF summary route advertisement configuration, 85 rules for routes (BGP), 162, 183 summary route, 25 advertising RIPng default route, 286 advertising, broadcast only, 21 age (IS-IS), 125 apply clause (IPv6 PBR), 334 apply clause (PBR), 267 apply clause (routing policy), 340, 344 area configuring OSPF area, 57 configuring OSPF NSSA area, 58 configuring OSPF stub area, 58 configuring OSPFv3 parameter, 299 configuring stub area, 299
IS-IS, 110
IS-IS area address, 109
IS-IS area authentication, 131
OSPF NSSA area configuration, 90
OSPF stub area configuration, 88 area-based network partition feature (OSPF), 48 areas
IDs (OSPF), 49 arrival interval (OSPF LSA), 69, 70
AS
IS-IS authentication configuration (on switch),
147
IS-IS basic configuration, 116
IS-IS basic configuration (on switch), 135
IS-IS configuration, 108, 115
IS-IS configuration (on switch), 135
IS-IS DIS election configuration (on switch), 140
355
IS-IS route redistribution configuration (on switch), 144
AS_PATH advertising a fake AS number to a peer/peer group, 201
BGP attribute configuration, 200 disabling BGP consideration of AS_PATH in best route selection, 201 ignoring the first AS number of EBGP route updates, 204 permittinBGP g local AS number to appear in peer/peer group routes, 200 removing BGP private AS numbers from updates sent to an EBGP peer/peer group, 203 routing policy list, 339 routing policy list configuration, 341
ASBR
OSPF route summarization configuration, 63
ASBR (OSPF), 51 attribute advertising a fake AS number to a peer/peer group, 201 configuring BGP AS number substitution, 202 configuring BGP AS_PATH attribute, 200 configuring BGP NEXT_HOP attribute, 198 disabling BGP consideration of AS_PATH in best route selection, 201
MP-BGP extended attribute, 166 permitting BGP local AS number to appear in peer/peer group routes, 200 removing BGP private AS numbers from updates sent to an EBGP peer/peer group, 203 authentication configuring BGP MD5 authentication, 209 configuring RIPv2, 31
IS-IS area authentication, 131
IS-IS authentication configuration (on switch),
147
IS-IS neighbor relationship authentication, 131
356
IS-IS network security enhancement, 130
IS-IS routing domain authentication, 131
OSPF configuration, 71 authentication feature (OSPF), 48 automatic
BGP automatic route summarization configuration, 182 backbone enabling OSPF RFC 1583 compatibility, 73 backbone area (OSPF), 50 backbone router (OSPF), 51 backup routes (IP routing), 3 basic IPv6 static route configuration, 275
BDR
OSPF election, 54
BDR (OSPF), 53
BFD
BGP configuration, 221, 252 bidirectional control mode, 7 configuration guideline, 9 configuring bidirectional control mode, 273 configuring IPv6 static route, 272 configuring IS-IS BFD, 133 configuring single-hop echo mode, 274 configuring static route, 7
IPv6 BGP configuration, 261
IPv6 IS-IS configuration, 326
IPv6 IS-IS configuration (on switch), 331
IS-IS BFD configuration (on switch), 151
OSPF BFD bidirectional control detection configuration, 77
OSPF BFD configuration, 101
OSPF BFD single-hop echo detection configuration, 77
OSPF configuration, 77
OSPFv3 configuration, 308, 321
RIP BFD single-hop echo detection, 42
RIP configuration, 32 single-hop echo mode, 8 static route configuration example (direct next hop), 12 static route configuration example (indirect next hop), 14
BFD for IPv6 static route (direct next hop) configuration, 276
BFD for IPv6 static route (indirect next hop)
BGP configuration, 279 address family view, 167 advertising a fake AS number to a peer/peer group, 201 advertising default route to peer/peer group,
183 basic configuration, 171, 225
BFD configuration, 252
BFD configuration, 221 community, 163 confederation, 163 configuration, 157, 225, 256 configuration tasks, 168 configuring AS number substitution, 202 configuring AS_PATH attribute, 200 configuring automatic route summarization, 182 configuring BGP-IGP route redistribution, 229 configuring community, 216 configuring community, 238 configuring confederation, 218 configuring confederation, 243 configuring confederation compatibility, 219 configuring default local preference, 193 configuring default MED value, 194 configuring GR, 250
357 configuring holdtime, 205 configuring keepalive interval, 205 configuring load balancing, 235 configuring manual route summarization, 182 configuring MED attribute, 194 configuring NEXT_HOP attribute, 198 configuring path selection, 247 configuring route dampening, 190 configuring route distribution filtering policy,
185 configuring route filtering policies, 185 configuring route preference, 192 configuring route reception filtering policy, 188 configuring route reflector, 218 configuring route summarization, 232 configuring route summarization, 182 configuring update send interval, 206 controlling path selection, 191 controlling route distribution, 181 controlling route reception, 181 disabling BGP to establish a session to a peer/peer group, 211 disabling consideration of AS_PATH in best route selection, 201 displaying, 222 enabling, 171 enabling 4-byte AS number suppression, 208 enabling BGP session state change logging,
221 enabling BGP to establish an EBGP session over multiple hops, 207 enabling immediate reestablishment of direct
EBGP connections upon link failure, 208 enabling MED comparison for comparison from different ASs, 195 enabling MED comparison for routes from confederation peer, 197
enabling MED comparison for routes on a per-AS basis, 196 enabling trap, 220 generating route, 179
GR configuration, 219
GR Helper configuration, 219
GR Restarter configuration, 219 ignoring first AS number of EBGP route updates,
204 injecting local network, 180
IPv4 peer configuration, 171
IPv6 basic configuration, 256
IPv6 peer configuration, 172 large scale network management, 163 large-scale network configuration, 216 load balancing, 162 load balancing configuration, 210 maintaining, 222 manual soft-reset configuration, 214 message types. See BGP message types
MP-BGP, 166
MP-BGP address family, 167
MP-BGP extended attribute, 166 network optimization, 205 path attributes. See BGP path attributes peer configuration, 171 peer group, 163 peer group configuration, 173 peer group, EBGP, 174 peer group, IBGP, 173 permitting local AS number to appear in peer/peer group routes, 200 protecting an EBGP peer when memory usage reaches level 2 threshold, 215 protocols, 168 redistributing IGP routing information, 180
358 removing private AS numbers from updates sent to an EBGP peer/peer group, 203 route advertisement, 162, 183 route dampening, 163 route recursion, 162 route reflector, 163 route reflector configuration, 241 route selection, 162 route summarization, 163 saving updates, 213 soft reset configuration, 211 soft-reset configuration, 212 specifying received route preferred value, 191 specifying TCP connection source interface, 178 standards, 168 tuning network, 205
VPN instance view, 167
BGP message types keepalive, 157 notification, 157 open, 157 route-refresh, 157 update, 157
BGP path attributes as_path, 158 origin, 158
BGP peer, 157
BGP speaker, 157 bidirectional control mode, 7 forwarding detection. See BFD bidirectional control mode configuring BFD for IPv6 static route, 272 bidirectional forwarding detection. Use BFD, Use
BFD
Border Gateway Protocol. See BGP
broadcast
OSPF DR/BDR election, 54
OSPF interface network type configuration, 60
OSPF network type configuration, 59 broadcast IS-IS network type, 112 broadcast networks (OSPF), 53 calculating
OSPF FRR backup next hop calculation using the
LFA algorithm, 78
OSPF SPF calculation interval specification, 69 classful routing protocol (RIPv1), 21 classless inter-domain routing. See CIDR classless routing protocol (RIPv2), 21
CLV IS-IS PDU, 114 community
BGP, 163
BGP community configuration, 216
BGP configuration, 238
BGP route reflector configuration, 218 routing policy extended community list, 339 routing policy extended community list configuration, 342 routing policy list, 339 routing policy list configuration, 341 confederation
BGP, 163
BGP compatibility configuration, 219
BGP configuration, 218, 243 enabling BGP MED comparison for routes from confederation peer, 197 configuration
BGP troubleshooting, 265 default route, 19 guideline, 9
IP routing basics, 1
IPv6 default route, 282
IPv6 static routing, 272
OSPF details, 48
OSPF troubleshooting, 106
OSPFv3 details, 296
OSPFv3 procedure, 298 prerequisites RIP, 28 prerequisites, RIP route control, 33 restrictions and guidelines, 33
RIP, 20
RIP route control, 24
RIP version, 23
RIPv2 route summarization, 25 task list (BGP), 168 task list (OSPF), 55 task list (OSPFv3), 297 task list (RIP), 21 configuration example static route FRR, 17 configuration view
BGP address family, 167
BGP VPN instance, 167 configuring a preference for RIP, 27 a RIP version, 23 an additional routing metric, 24 an EBGP peer group, 174 an IBGP peer group, 173 an IPv4 BGP peer, 171 an IPv6 BGP peer, 172 basic BGP, 171, 225 basic IPv6 IS-IS (on switch), 327 basic IPv6 static route, 275 basic IS-IS, 116 basic IS-IS (on switch), 135 basic OSPF, 80
359
basic RIP, 22, 34 basic RIPng, 284 basic RIPng (on switch), 290
BFD bidirectional control mode, 273
BFD for IPv6 static route, 272
BFD for IPv6 static route (direct next hop), 276
BFD for IPv6 static route (indirect next hop), 279
BFD for static route, 7
BFD single-hop echo mode, 274
BGP, 157, 225, 256
BGP AS number substitution, 202
BGP AS_PATH attribute, 200
BGP automatic route redistribution, 182
BGP BFD, 221, 252
BGP community, 216, 238
BGP confederation, 218, 243
BGP confederation compatibility, 219
BGP default local preference, 193
BGP default MED value, 194
BGP GR, 219, 250
BGP GR Helper, 219
BGP GR Restarter, 219
BGP large-scale network, 216
BGP load balancing, 210, 235
BGP manual route redistribution, 182
BGP manual soft-reset, 214
BGP MD5 authentication, 209
BGP MED attribute, 194
BGP NEXT_HOP attribute, 198
BGP path selection, 247
BGP peer, 171
BGP peer group, 173
BGP route dampening, 190
BGP route distribution filtering policy, 185
BGP route filtering policies, 185
360
BGP route preference, 192
BGP route reception filtering policy, 188
BGP route redistribution, 182
BGP route reflector, 218, 241
BGP route summarization, 232
BGP soft reset, 211
BGP update send interval, 206
BGP-IGP route redistribution, 229 bidirectional control mode, 7 holdtime, 205 inbound/outbound route filtering, 26
Inter-Area-Prefix-LSA filtering, 302
IPv6 BGP basic, 256
IPv6 BGP BFD, 261
IPv6 BGP route reflector, 259
IPv6 IS-IS, 324
IPv6 IS-IS (on switch), 327
IPv6 IS-IS basic function, 324
IPv6 IS-IS BFD, 326
IPv6 IS-IS BFD (on switch), 331
IPv6 IS-IS route control, 325
IPv6 node action, 336
IPv6 node match criteria, 335
IPv6 PBR, 334, 335, 336
IPv6 policy, 335
IPv6 static route, 272
IPv6 static routing, 275
IS-IS, 108, 115
IS-IS (on switch), 135
IS-IS area authentication, 131
IS-IS authentication (on switch), 147
IS-IS BFD, 133
IS-IS BFD (on switch), 151
IS-IS circuit level, 117
IS-IS DIS election (on switch), 140
IS-IS dynamic system ID mapping to host name,
129
IS-IS FRR, 133
IS-IS FRR (on switch), 154
IS-IS FRR automatic backup next hop calculation,
134
IS-IS FRR routing policy use, 134
IS-IS global cost, 119
IS-IS GR, 132
IS-IS GR (on switch), 150
IS-IS interface cost, 118
IS-IS interface DIS priority, 124
IS-IS interface P2P network type, 117
IS-IS IS level, 117
IS-IS link cost, 118
IS-IS LSP parameters, 125
IS-IS LSP-calculated route filtering, 122
IS-IS neighbor relationship authentication, 131
IS-IS redistributed route filtering, 122
IS-IS route control, 118
IS-IS route convergence priority, 128
IS-IS route filtering, 121
IS-IS route redistribution, 121
IS-IS route redistribution (on switch), 144
IS-IS route summarization, 120
IS-IS routing domain authentication, 131
IS-IS static system ID mapping to host name, 129
IS-IS system ID mapping to host name, 129 keepalive interval, 205
LSP timer (IS-IS), 125 max number IS-IS ECMP routes, 120 maximum number of ECMP routes, 4
OSPF ABR route summarization, 62
OSPF ABR Type-3 LSA filtering, 64
OSPF area, 57
OSPF ASBR route summarization, 63
361
OSPF authentication, 71
OSPF BFD, 77, 101
OSPF BFD bidirectional control detection, 77
OSPF BFD single-hop echo detection, 77
OSPF default parameter for route redistribution,
67
OSPF default route redistribution, 66
OSPF DR election, 92
OSPF exit overflow interval, 72
OSPF FRR, 78, 104
OSPF FRR backup next hop calculation using the
LFA algorithm, 78
OSPF FRR backup next hop designation by using routing policy, 79
OSPF GR, 75, 98
OSPF GR Helper, 76
OSPF GR Restarter, 75
OSPF IETF GR Helper, 76
OSPF IETF GR Restarter, 75
OSPF inbound route filtering, 63
OSPF interface broadcast network type, 60
OSPF interface cost, 64
OSPF interface NBMA network type, 60
OSPF interface P2MP network type, 61
OSPF interface P2P network type, 62
OSPF ISPF, 74
OSPF LSU transmission rate, 74
OSPF max number ECMP routes, 65
OSPF max number LSDB external LSAs, 72
OSPF network management, 73
OSPF network type, 59
OSPF non-IETF GR Helper, 76
OSPF non-IETF GR Restarter, 75
OSPF NSSA area, 58
OSPF NSSA area function, 90
OSPF packet timer, 68
OSPF preference, 65
OSPF route control, 62
OSPF route redistribution, 65
OSPF route redistribution from other routing protocols, 66
OSPF route redistribution function, 83
OSPF route summarization, 62
OSPF stub area, 58
OSPF stub area function, 88
OSPF stub router, 71
OSPF summary route advertisement function, 85
OSPF virtual link, 59, 96
OSPFv3, 310
OSPFv3 area parameter, 299
OSPFv3 BFD, 308, 321
OSPFv3 DR interface priority, 306
OSPFv3 GR, 307, 320
OSPFv3 GR Helper, 308
OSPFv3 GR Restarter, 308
OSPFv3 inbound route filtering, 301
OSPFv3 interface cost, 302
OSPFv3 interface network type, 300
OSPFv3 max number ECMP routes, 303
OSPFv3 NBMA neighbor, 301
OSPFv3 network type, 300
OSPFv3 P2MP neighbor, 301
OSPFv3 preference, 303
OSPFv3 route control, 301
OSPFv3 route redistribution, 303, 317
OSPFv3 route summarization, 301
OSPFv3 timer, 304
OSPFv3 virtual link, 299 packet type-based interface PBR (on switch),
270 packet-type-based IPv6 PBR (on switch), 337
PBR, 267, 268, 269
362
PBR node actions, 269
PBR node match criteria, 268
RIP, 34
RIP BFD, 32
RIP BFD single-hop echo detection, 42
RIP FRR, 32, 45
RIP Graceful Restart, 31
RIP maximum number of ECMP routes, 29
RIP packet sending rate, 31
RIP route redistribution, 27, 36
RIP routing metric, 38
RIP summary route advertisement, 40
RIPng, 283, 284
RIPng (on switch), 290
RIPng additional routing metric, 285
RIPng GR, 289
RIPng inbound/outbound route filtering, 286
RIPng max number ECMP routes, 289
RIPng packet zero field check, 288
RIPng poison reverse, 288
RIPng preference, 286
RIPng route control, 285
RIPng route redistribution, 287
RIPng route redistribution (on switch), 292
RIPng route summarization, 285
RIPng split horizon, 288
RIPng timer, 287
RIPv2 message authentication, 31 routing policy, 339, 342 routing policy (on switch), 346 routing policy application to IPv4 route redistribution (on switch), 346 routing policy application to IPv6 route redistribution (on switch), 349 routing policy apply clause, 344 routing policy AS_PATH list, 341
routing policy community list, 341 routing policy continue clause, 345 routing policy extended community list, 342 routing policy filter, 340 routing policy if-match clause, 343 routing policy IP prefix list, 340 routing policy IPv4 prefix list, 340 routing policy IPv6 prefix list, 341
Single-hop echo mode, 8 static route, 6, 10 static route FRR, 9 static routing, 6 stub area, 299 connection specifying BGP TCP connection source interface,
178 continue clause (routing policy), 340, 345 control bidirectional mode, 7 control packet
OSPF BFD bidirectional control detection configuration, 77
OSPF BFD configuration, 77 controlling
BGP route distribution, 181
BGP route reception, 181
OSPF route control configuration, 62
RIP reception and advertisement on interfaces,
23 controlling IS-IS SPF calculation interval, 127 convergence priority (IS-IS route), 128 convergence speed, changing (RIP), 28 cost
OSPF interface cost configuration, 64 creating peer group (BGP), 174 creating IPv6 node, 335 creating node, 268 creating routing policy, 342 dampening
BGP route dampening, 163, 190
DD adding OSPF interface MTU into DD packets,
72 dead (OSPF packet timer), 68 default advertising BGP default route to peer/peer group, 183
BGP default local preference configuration, 193
BGP MED attribute configuration, 194 configuring BGP default MED value, 194
OSPF default parameter for route redistribution configuration, 67
OSPF default route redistribution configuration,
66 default route advertising, 26 configuration details, 19 default route advertisement, 286 default route advertisement (IS-IS), 121 default route configuration, IPv6, 282 delay
OSPF LSA transmission delay, 68
OSPFv3 LSA delay timer, 304 specifying LSA transmission delay, 305 deny match mode (routing policy), 340 destination address (RIP), 20 detecting
BGP BFD configuration, 221 configuring RIP BFD single-hop echo detection,
42
OSPF BFD bidirectional control detection configuration, 77
363
device configuring OSPF stub router, 71 direct next hop
BFD for static routes configuration example, 12
DIS
OSPF BFD configuration, 77
OSPF BFD single-hop echo detection configuration, 77 configuring IS-IS interface DIS priority, 124
IS-IS DIS election, 112
IS-IS DIS election configuration (on switch), 140 disabling
BGP consideration of AS_PATH in best route selection, 201 host route reception, 26
OSPF interface packet sending/receiving, 70
OSPFv3 interface packet sending, 307 session establishment to a BGP peer/peer group,
211 disabling IS-IS interface packet send/receive, 124 displaying
BGP, 222
IPv6 static route, 274
OSPF, 79
OSPFv3, 309
RIP, 33 routing table, 4 static routes, 10 displaying IPv6 IS-IS, 326 displaying IPv6 PBR configuration, 336 displaying IS-IS, 134 displaying PBR, 269 displaying RIPng, 290 displaying routing policy, 346 distributing
BGP route distribution control, 181
364
BGP route distribution filtering policy, 185 distributing information backbone to non-backbone (OSPF), 50 domain
IS-IS routing domain, 110
IS-IS routing domain authentication, 131
DR
OSPF DR election configuration, 92
OSPF election, 54
OSPFv3 DR interface priority configuration, 306
DR (OSPF), 53
DSP (IS-IS area address), 109
EBGP ignoring first AS number of route updates, 204
EBGP peers, 157 echo single-hop mode, 8 echo packet
OSPF BFD configuration, 77
OSPF BFD single-hop echo detection, 77
ECM routes (IS-IS), 120
ECMP
OSPF max number ECMP routes configuration,
65
RIP maximum number of ECMP routes configuration, 29
ECMP route (RIPng), 289
ECMP routing feature (OSPF), 48 egress interface (RIP), 20 electing
OSPF DR election configuration, 92 enabling
BGP, 171
BGP 4-byte AS number suppression, 208
BGP MED comparison for routes from confederation peer, 197
BGP MED comparison for routes from different
ASs, 195
BGP MED comparison for routes on a per-AS basis, 196
BGP session state change logging, 221
BGP to establish an EBGP session over multiple hops, 207
BGP trap, 220 immediate reestablishment of direct EBGP connections upon link failure, 208
IS-IS, 116
IS-IS automatic cost calculation, 119
IS-IS interface hello packet send, 124
IS-IS ISPF, 130
IS-IS LSP flash flooding, 127
IS-IS LSP fragment extension, 127
IS-IS neighbor state change logging, 130
OSPF, 56
OSPF neighbor state change logging, 73
OSPF RFC 1583 compatibility, 73
OSPFv3 neighbor state change logging, 307
RIP, 22
RIP poison reverse, 29
RIP source IP address check, 30
RIP split horizon, 29
RIPv1 zero field check, 30
RIPv2 automatic route summarization, 25 soft reset, 212 enhancing IS-IS network security, 130 entry
RIP route, 20 entry (RIPng route), 283 equal-cost routes (IP routing), 3 example areas configuration (OSPFv3), 310
DR election configuration (OSPFv3), 314 examples
365 static route configuration, 10 exchange routing information over TCP, 157 exit overflow interval
OSPF configuration, 72 extended attribute (MP-BGP), 166
Exterior Gateway Protocol. See EGP external BGP. See EBGP fast reroute. Use FRR fault detection
IPv6 IS-IS BFD configuration, 326
IPv6 IS-IS BFD configuration (on switch), 331
FIB routing table, 1 field check (RIPv1 zero field check), 30 filtering configuring BGP route distribution filtering policy,
185 configuring BGP route reception filtering policy,
188 configuring OSPFv3 inbound route filtering, 301
Inter-Area-Prefix-LSA filtering configuration, 302
IS-IS LSP-calculated routes, 122
IS-IS redistributed routes, 122
IS-IS routes, 121
OSPF ABR Type-3 LSA filtering configuration, 64
OSPF inbound route filtering configuration, 63
OSPF interface cost configuration, 64 routing policy, 339 routing policy ACLs, 339 routing policy application to IPv4 route redistribution (on switch), 346 routing policy application to IPv6 route redistribution (on switch), 349 routing policy apply clause configuration, 344 routing policy AS_PATH list, 339 routing policy AS_PATH list configuration, 341 routing policy community list, 339
routing policy community list configuration, 341 routing policy configuration, 339, 342 routing policy configuration (on switch), 346 routing policy continue clause configuration,
345 routing policy creation, 342 routing policy extended community list, 339 routing policy extended community list configuration, 342 routing policy filter configuration, 340 routing policy if-match clause configuration,
343 routing policy IP prefix list, 339 routing policy IP prefix list configuration, 340 filtering RIPng inbound/outbound routes, 286 flooding
IS-IS flash flooding, 127 format
IS-IS address format, 108
IS-IS NSAP address format, 108 forwarding (IPv6 static route configuration), 272 fragment extension (IS-IS), 127
FRR configuration guideline, 9 configuring IS-IS FRR automatic backup next hop calculation, 134 configuring OSPF FRR backup next hop calculation using the LFA algorithm, 78 configuring OSPF FRR backup next hop designation by using routing policy, 79 configuring routing policy use, 134 configuring static route, 9
IS-IS configuration, 133
IS-IS FRR configuration (on switch), 154
OSPF configuration, 78
OSPF FRR configuration, 104
RIP configuration, 32, 45 static route configuration example, 17 garbage-collect timer (RIPng), 287 generating
BGP route, 179
GR configuring IS-IS GR, 132 configuring IS-IS GR Helper, 132 configuring IS-IS GR Restarter, 132
IS-IS GR configuration (on switch), 150
GR (RIPng configuration), 289
GR Helper
OSPF configuration, 76
OSPF IETF configuration, 76
OSPF non-IETF configuration, 76
OSPFv3 configuration, 308
GR Helper (IS-IS GR), 132
GR Helper (RIPng), 289
GR Restarter
OSPF configuration, 75
OSPF IETF configuration, 75
OSPF non-IETF configuration, 75
OSPFv3 configuration, 308
GR Restarter (IS-IS GR), 132
GR Restarter (RIPng GR), 289
Graceful Restart. Use GR
RIP configuration, 31
Graceful Restart (GR)
BGP configuration, 219, 250 configuration, 75
GR Helper configuration, 76
GR Helper IETF configuration, 76
GR Helper non-IETF configuration, 76
GR Restarter configuration, 75
GR Restarter IETF configuration, 75
GR Restarter non-IETF configuration, 75
366
OSPF configuration, 98
OSPFv3 configuration, 307, 320
OSPFv3 GR Helper configuration, 308
OSPFv3 GR Restarter configuration, 308 triggering OSPF GR, 77 group
BGP peer group configuration, 173 guideline configuration, 9 hello configuring OSPF hello packet timer, 68 enabling IS-IS interface hello packet send, 124
IS-IS PDU type, 113 specifying IS-IS multiplier, 123 specifying IS-IS send interval, 123
HO-DSP (IS-IS area address), 109 holdtime (BGP), 205 hop configuring OSPF FRR backup next hop calculation using the LFA algorithm, 78 configuring OSPF FRR backup next hop designation by using routing policy, 79
OSPF BFD single-hop echo detection configuration, 77
RIP BFD single-hop echo detection configuration,
42 host
RIP interface metric configuration, 38 advertising OSPF host route, 67 host route disabling reception, 26
IBGP peers, 157
IDP (IS-IS area address), 109
IETF
OSPF GR Helper configuration, 76
OSPF GR Helper IETF configuration, 76
OSPF GR Helper non-IETF configuration, 76
367 if-match clause (IPv6 PBR), 334 if-match clause (PBR), 267 if-match clause (routing policy), 340, 343 ignoring first AS number of EBGP route updates, 204
OSPFv3 DD packet MTU verification, 306
IGP
OSPF GR Restarter configuration, 75
OSPF GR Restarter IETF configuration, 75
OSPF GR Restarter non-IETF configuration, 75 configuring basic RIP, 34 configuring BGP-IGP route redistribution, 229 configuring RIP BFD single-hop echo detection,
42 configuring RIP packet sending rate, 31 configuring RIP route redistribution, 36 configuring RIP routing metric, 38 configuring RIP summary route advertisement,
40
IS-IS authentication configuration (on switch),
147
IS-IS basic configuration, 116
IS-IS basic configuration (on switch), 135
IS-IS configuration, 108, 115
IS-IS configuration (on switch), 135
IS-IS DIS election configuration (on switch), 140
IS-IS route redistribution configuration (on switch), 144
RIP configuration, 34
RIP FRR configuration, 32, 45 inbound configuring an additional routing metric, 24 inbound route filtering (RIPng), 286 inbound/outbound route filtering configuring, 26
Incremental Shortest Path First. Use ISPF indirect next hop
BFD for static routes configuration example, 14 injecting
BGP local network, 180 interface controlling RIP reception and advertisement on interfaces, 23 interfaces outgoing, find, 3
Intermediate System-to-Intermediate System. Use IS-IS,
Use IS-IS internal
BGP. See IBGP internal router (OSPF), 51 interval configuring BGP soft reset, 211 configuring BGP update send interval, 206 configuring keepalive interval, 205 specifying IS-IS CSNP packet send interval, 123 specifying IS-IS hello multiplier, 123 specifying IS-IS hello packet send interval, 123 specifying IS-IS LSP length, 126 specifying IS-IS LSP refresh interval, 125 specifying IS-IS LSP sending interval, 125 specifying LSA generation interval, 306 specifying OSPF LSA arrival interval, 69 specifying OSPF LSA generation interval, 70 specifying OSPF SPF calculation interval, 69 specifying SPF calculation interval, 305
IP protocol identifer (IS-IS N-SEL), 109
IP routing adding OSPF interface MTU into DD packets,
72 advertising a fake AS number to a peer/peer group, 201 basic BGP configuration, 171, 225 basic OSPF configuration, 80 basic RIP configuration, 34
368
BGP AS_PATH attribute configuring, 200
BGP automatic route summarization configuration, 182
BGP BFD configuration, 221, 252
BGP community, 163
BGP community configuration, 216, 238
BGP confederation, 163
BGP confederation compatibility configuration,
219
BGP confederation configuration, 218, 243
BGP configuration, 157, 225, 256
BGP configuration views, 167
BGP default local preference configuration, 193
BGP default MED value configuration, 194
BGP default route to peer/peer group advertisement, 183
BGP enabling, 171
BGP GR configuration, 219, 250
BGP GR Helper configuration, 219
BGP GR Restarter configuration, 219
BGP IGP routing information redistribution, 180
BGP large scale network management, 163
BGP large-scale network configuration, 216
BGP load balancing, 162
BGP load balancing configuration, 210, 235
BGP manual route summarization configuration,
182
BGP manual soft-reset configuration, 214
BGP MED attribute configuration, 194
BGP network optimization, 205
BGP NEXT_HOP attribute configuration, 198
BGP path selection configuration, 247
BGP peer configuration, 171
BGP peer group, 163
BGP peer group configuration, 173
BGP route dampening, 163
BGP route distribution filtering policy configuration, 185
BGP route reception filtering policy configuration, 188
BGP route recursion, 162
BGP route reflector configuration, 218, 241
BGP route selection, 162
BGP route summarization, 163
BGP route summarization configuration, 182,
232
BGP soft reset configuration, 211
BGP update send interval configuration, 206
BGP-IGP route redistribution configuration, 229 configuration basics, 1 configuring BGP AS number substitution, 202 configuring BGP MD5 authentication, 209 configuring BGP route dampening, 190 configuring BGP route preference, 192 controlling BGP path selection, 191 controlling BGP route distribution, 181 controlling BGP route reception, 181 disabling BGP consideration of AS_PATH in best route selection, 201 disabling BGP to establish a session to a peer/peer group, 211 disabling OSPF interface packet sending/receiving, 70 enabling BGP 4-byte AS number suppression,
208 enabling BGP MED comparison for routes from different ASs, 195 enabling BGP MED comparison for routes on a per-AS basis, 196 enabling BGP session state change logging,
221 enabling BGP trap, 220 enabling RIP source IP address check, 30 enabling route-refresh, 212 equal-cost routes, 3
369 generating BGP route, 179 holdtime configuration, 205 ignoring first AS number of EBGP route updates,
204 ignoring OSPFv3 DD packet MTU verification,
306 injecting BGP local network, 180
IPv6 BGP basic configuration, 256
IPv6 BGP BFD configuration, 261
IPv6 BGP route reflector configuration, 259 keepalive interval configuration, 205 load sharing, 3
MP-BGP address family, 167
MP-BGP extended attribute, 166
OSPF ABR route summarization configuration,
62
OSPF ABR Type-3 LSA filtering configuration, 64
OSPF area configuration, 57
OSPF ASBR route summarization configuration,
63
OSPF authentication configuration, 71
OSPF BFD bidirectional control detection configuration, 77
OSPF BFD configuration, 77, 101
OSPF BFD single-hop echo detection configuration, 77
OSPF default parameter for route redistribution configuration, 67
OSPF default route redistribution configuration,
66
OSPF DR election configuration, 92
OSPF DR/BDR election, 54
OSPF enable, 56
OSPF exit overflow interval configuration, 72
OSPF FRR backup next hop calculation using the
LFA algorithm, 78
OSPF FRR backup next hop designation by using routing policy, 79
OSPF FRR configuration, 78, 104
OSPF GR configuration, 75, 98
OSPF GR Helper configuration, 76
OSPF GR Helper IETF configuration, 76
OSPF GR Helper non-IETF configuration, 76
OSPF GR Restarter configuration, 75
OSPF GR trigger, 77
OSPF host route advertisement, 67
OSPF IETF GR Restarter configuration, 75
OSPF inbound route filtering configuration, 63
OSPF interface broadcast network type configuration, 60
OSPF interface cost configuration, 64
OSPF interface NBMA network type configuration, 60
OSPF interface P2MP network type configuration, 61
OSPF interface P2P network type configuration,
62
OSPF ISPF configuration, 74
OSPF LSA transmission delay specification, 68
OSPF LSU transmission rate configuration, 74
OSPF max number ECMP routes configuration,
65
OSPF max number LSDB external LSA configuration, 72
OSPF neighbor state change logging enable,
73
OSPF network management configuration, 73
OSPF network optimization, 67
OSPF network tuning, 67
OSPF network type configuration, 59
OSPF non-IETF GR Restarter configuration, 75
OSPF NSSA area configuration, 58, 90
OSPF packet timer configuration, 68
OSPF preference configuration, 65
OSPF route control configuration, 62
OSPF route redistribution configuration, 65, 83
370
OSPF route redistribution from other routing protocols configuration, 66
OSPF route summarization configuration, 62
OSPF SPF calculation interval configuration, 69
OSPF stub area configuration, 58, 88
OSPF stub router configuration, 71
OSPF summary route advertisement configuration, 85
OSPF virtual link configuration, 59, 96
OSPFv3 area parameter configuration, 299
OSPFv3 BFD configuration, 308, 321
OSPFv3 configuration, 310
OSPFv3 disable interface packet sending, 307
OSPFv3 DR interface priority configuration, 306
OSPFv3 GR configuration, 307, 320
OSPFv3 GR Helper configuration, 308
OSPFv3 GR Restarter configuration, 308
OSPFv3 inbound route filtering configuration,
301
OSPFv3 interface network type configuration,
300
OSPFv3 max number ECMP route configuration,
303
OSPFv3 NBMA neighbor configuration, 301
OSPFv3 neighbor state change logging enable,
307
OSPFv3 network optimization, 304
OSPFv3 network tuning, 304
OSPFv3 network type configuration, 300
OSPFv3 preference configuration, 303
OSPFv3 route redistribution configuration, 303,
317
OSPFv3 route summarization configuration, 301
OSPFv3 timer configuration, 304
OSPFv3 virtual link configuration, 299 overview, 1 permitting BGP local AS number to appear in peer/peer group routes, 200
protocols, dynamic, 2 removing BGP private AS numbers from updates sent to an EBGP peer/peer group, 203
RIP BFD configuration, 32
RIP BFD single-hop echo detection configuration,
42
RIP configuration, 34
RIP FRR configuration, 32, 45
RIP Graceful Restart configuration, 31
RIP maximum number of ECMP routes configuration, 29
RIP packet sending rate configuration, 31
RIP route redistribution configuration, 36
RIP routing metric configuration, 38
RIP summary route advertisement configuration,
40
RIPv2 message authentication configuration, 31 route backup, 3 route preference, 2 route recursion, 3 route redistribution, 3 routing table, 1 saving updates, 213 specifying BGP received route preferred value,
191 specifying BGP TCP connection source interface,
178 static route configuration, 6, 10 static routing configuration, 6 stub area configuration, 299
IP routing table
IPv4 optimal routes, advertising in (BGP), 183
BGP peer configuration, 171
IS-IS authentication configuration (on switch),
147
IS-IS basic configuration, 116
IS-IS basic configuration (on switch), 135
371
IS-IS configuration, 108, 115
IS-IS configuration (on switch), 135
IS-IS DIS election configuration (on switch), 140
IS-IS enable, 116
IS-IS route redistribution configuration (on switch), 144 routing policy ACLs, 339 routing policy application to IPv4 route redistribution (on switch), 346 routing policy apply clause configuration, 344 routing policy configuration, 339, 342 routing policy configuration (on switch), 346 routing policy continue clause configuration,
345 routing policy creation, 342 routing policy filter configuration, 340 routing policy if-match clause configuration,
343 routing policy IP prefix list configuration, 340 routing policy prefix list, 339
IPv6
BGP peer configuration, 172 configuring BFD for IPv6 static route, 272 optimizing RIPng network, 287
RIPng additional routing metric configuration,
285
RIPng basic configuration, 284
RIPng basic configuration (on switch), 290
RIPng configuration, 283, 284
RIPng configuration (on switch), 290
RIPng default route advertisement, 286
RIPng GR configuration, 289
RIPng inbound/outbound route filtering configuration, 286
RIPng max number ECMP routes configuration,
289
RIPng packet zero field check configuration, 288
RIPng poison reverse configuration, 288
RIPng preference configuration, 286
RIPng route control configuration, 285
RIPng route entries, 283
RIPng route redistribution configuration, 287
RIPng route redistribution configuration (on switch), 292
RIPng route summarization configuration, 285
RIPng split horizon configuration, 288
RIPng timer configuration, 287 routing policy ACLs, 339 routing policy application to IPv6 route redistribution (on switch), 349 routing policy apply clause configuration, 344 routing policy configuration, 339, 342 routing policy configuration (on switch), 346 routing policy continue clause configuration,
345 routing policy creation, 342 routing policy filter configuration, 340 routing policy if-match clause configuration,
343 routing policy IP prefix list configuration, 340 routing policy prefix list, 339 tuning RIPng network, 287
IPv6 BGP
BFD configuration, 261 route reflector configuration, 259
IPv6 default route configuration details, 282
IPv6 IS-IS basic configuration, 324 basic configuration (on switch), 327
BFD configuration, 326
BFD configuration (on switch), 331 configuration, 324 configuration (on switch), 327 displaying, 326
372 maintaining, 326 route control configuration, 325
IPv6 PBR apply clause, 334 configuration, 334, 335, 336 displaying configuration, 336 if-match clause, 334 maintaining configuration, 336 node action configuration, 336 node creation, 335 node match criteria configuration, 335 packet-type-based configuration (on switch),
337 policy, 334 policy configuration, 335 track, 335
IPv6 static route displaying, 274 maintaining, 274
IPv6 static routing configuration, 275 configuration details, 272
IS-IS network topology changes, 272 route configuration, 272 address format, 108 area, 110 area address, 109 area authentication, 131 authentication configuration (on switch), 147 basic configuration, 116 basic configuration (on switch), 135
BFD configuration, 133
BFD configuration (on switch), 151 broadcast network type, 112 circuit level configuration, 117
configuration, 108, 115 configuration (on switch), 135 configuring dynamic system ID mapping to host name, 129 configuring FRR automatic backup next hop calculation, 134 configuring FRR routing policy use, 134 configuring GR, 132 configuring interface DIS priority, 124 configuring LSP parameters, 125 configuring LSP timer, 125 configuring max number ECMP routes, 120 configuring route convergence priority, 128 configuring route summarization, 120 configuring static system ID mapping to host name, 129 configuring system ID mapping to host name,
129 controlling SPF calculation interval, 127 default route advertisement, 121
DIS election, 112
DIS election configuration (on switch), 140 disabling interface packet send/receive, 124 displaying, 134 enabling, 116 enabling automatic cost calculation, 119 enabling interface hello packet send, 124 enabling ISPF, 130 enabling LSP flash flooding, 127 enabling LSP fragment extension, 127 enabling neighbor state change logging, 130
FRR configuration, 133
FRR configuration (on switch), 154 global cost configuration, 119
GR configuration (on switch), 150 interface cost configuration, 118 interface P2P network type configuration, 117
373
IS level configuration, 117
Level-1 router, 110
Level-1-2 router, 110
Level-2 router, 110 link cost configuration, 118
LSP-calculated route filtering, 122 maintaining, 134 neighbor relationship authentication, 131
NET, 109 network security enhancement, 130
NSAP address format, 108
N-SEL, 109 optimizing network, 123
PDU CLVs, 114
PDU hello type, 113
PDU LSP type, 113
PDU SNP type, 114
PDU types, 113 point-to-point network type, 112 preference specification, 119 protocols and standards, 114 pseudonode, 112 redistributed route filtering, 122 route advertisement configuration, 122 route control configuration, 118 route filtering, 121 route leaking, 112 route redistribution, 121 route redistribution configuration (on switch),
144 routing method, 109 setting LSDB overload bit, 128 specifying CSNP packet send interval, 123 specifying hello multiplier, 123 specifying hello packet send interval, 123 specifying LSP length, 126
specifying LSP max age, 125 specifying LSP refresh interval, 125 specifying LSP sending interval, 125 system ID, 109 terminology, 108 tuning network, 123
ISPF configuration (OSPF), 74 keepalive (BGP interval), 205 keepalive messages (BGP), 157
LFA
OSPF FRR backup next hop calculation configuration, 78 limiting routes received from a peer or peer group, 184 link
BGP BFD configuration, 221 configuring OSPF virtual link, 59 configuring OSPFv3 virtual link, 299
OSPF BFD bidirectional control detection configuration, 77
OSPF BFD configuration, 77
OSPF BFD single-hop echo detection configuration, 77
OSPF virtual link configuration, 96 link cost
IS-IS automatic cost calculation enable, 119
IS-IS configuration, 118
IS-IS global cost configuration, 119
IS-IS interface cost configuration, 118 link failure enabling immediate reestablishment of direct
EBGP connection, 208 link utilization, improving, 3 list routing policy AS_PATH list, 339 routing policy AS_PATH list configuration, 341 routing policy community list, 339
374 routing policy community list configuration, 341 routing policy extended community list, 339 routing policy extended community list configuration, 342 routing policy IP prefix list, 339 routing policy IP prefix list configuration, 340 load balancing. See also ECMP
BGP, 162
BGP configuration, 210, 235
OSPFv3 max number ECMP routes configuration, 303
RIP maximum number of ECMP routes configuration, 29 load balancing (RIPng ECMP routes), 289 load sharing (IP routing), 3 load sharing IS-IS ECMP routes, 120 logging enabling BGP session state change logging,
221 enabling OSPF neighbor state change logging,
73 enabling OSPFv3 neighbor state change logging, 307 logging IS-IS neighbor state changes, 130 loop
OSPF FRR configuration, 78 loop free feature (OSPF), 48
LSA configuring OSPF LSA retransmission packet timer, 68 configuring OSPF max number LSDB external
LSAs, 72 filtering configuration, 302 ignoring OSPFv3 DD packet MTU verification,
306
OSPF ABR Type-3 LSA filtering configuration, 64
OSPFv3 LSA delay timer, 304 specifying OSPF LSA arrival interval, 69
specifying OSPF LSA generation interval, 70 specifying OSPF LSA transmission delay, 68
LSAs
AS external (OSPF), 48
AS external (OSPFv3), 296
ASBR summary (OSPF), 48 inter-area-prefix (OSPFv3), 296 inter-area-router (OSPFv3), 296 intra-area-prefix (OSPFv3), 296 link (OSPFv3), 296 network (OSPF), 48 network (OSPFv3), 296 network summary (OSPF), 48
NSSA (OSPF), 48 opaque (OSPF), 48 router (OSPF), 48 router (OSPFv3), 296
LSDB configuring OSPF max number LSDB external
LSAs, 72 specifying OSPF SPF calculation interval, 69
LSDB overload bit (IS-IS), 128
LSP configuring IS-IS LSP parameters, 125 configuring LSP parameter (IS-IS), 125 enabling IS-IS LSP flash flooding, 127 enabling IS-IS LSP fragment extension, 127
IS-IS PDU type, 113
IS-IS route summarization, 120 specifying IS-IS LSP length, 126 specifying IS-IS LSP refresh interval, 125 specifying IS-IS LSP sending interval, 125 specifying max age (IS-IS), 125
LSU configuring OSPF LSU transmission rate, 74 maintaining
375
BGP, 222
IPv6 static route, 274
OSPF, 79
OSPFv3, 309
RIP, 33 routing table, 4 static routes, 10 maintaining IPv6 IS-IS, 326 maintaining IPv6 PBR configuration, 336 maintaining IS-IS, 134 maintaining PBR, 269 maintaining RIPng, 290 maintaining routing policy, 346 management
BGP large scale network management, 163 manual
BGP manual route summarization configuration,
182
BGP manual soft-reset configuration, 214 mapping
IS-IS dynamic system ID to host name, 129
IS-IS static system ID to host name, 129
IS-IS system ID to host name, 129 match criteria (IPv6 node), 335 match mode
PBR deny, 267
PBR node match criteria configuration, 268
PBR permit, 267 routing policy deny, 340 routing policy permit, 340
MD5 configuring BGP MD5 authentication, 209
MED attribute
BGP configuration, 194 configuring BGP default MED value, 194
enabling BGP MED comparison for routes on a per-AS basis, 196 enabling BGP route comparison from confederation peer, 197 enabling BGP route comparison from different
ASs, 195 memory protecting an EBGP peer when memory usage reaches level 2 threshold, 215 message
RIPv2 authentication, 31 message types
BGP, 157 metric
RIP routing metric configuration, 38 metric (RIP), 20 mode bidirectional control, 7
PBR deny match mode, 267
PBR permit match mode, 267
MP-BGP address family, 167 extended attribute, 166 overview, 166
MTU (OSPF interface), 72 multicast support (OSPF), 48
NBMA
OSPF DR/BDR election, 54
OSPF interface network type configuration, 60
OSPF network type configuration, 59
NBMA networks (OSPF), 53 neighbor
BGP BFD configuration, 221 configuring OSPFv3 NBMA neighbor, 301 configuring OSPFv3 P2MP neighbor, 301 enabling OSPF neighbor state change logging,
73
376 enabling OSPFv3 neighbor state change logging, 307
IPv6 static route configuration, 272 neighbor state change logging (IS-IS), 130 network adding OSPF interface MTU into DD packets,
72 advertising a fake AS number to a peer/peer group, 201 advertising BGP default route to peer/peer group, 183
BGP community, 163
BGP confederation, 163
BGP configuration views, 167
BGP enabling, 171
BGP large scale network management, 163
BGP load balancing, 162
BGP optimization, 205
BGP peer configuration, 171
BGP peer group, 163
BGP peer group configuration, 173
BGP route dampening, 163
BGP route recursion, 162
BGP route reflector, 163
BGP route selection, 162
BGP route summarization, 163 configuring BGP AS number substitution, 202 configuring BGP AS_PATH attribute, 200 configuring BGP automatic route summarization,
182 configuring BGP BFD, 221 configuring BGP community, 216 configuring BGP confederation, 218 configuring BGP confederation compatibility,
219 configuring BGP default local preference, 193 configuring BGP default MED value, 194
configuring BGP GR, 219 configuring BGP GR Helper, 219 configuring BGP GR Restarter, 219 configuring BGP large-scale network, 216 configuring BGP load balancing, 210 configuring BGP manual route summarization,
182 configuring BGP manual soft-reset, 214 configuring BGP MED attribute, 194 configuring BGP NEXT_HOP attribute, 198 configuring BGP route dampening, 190 configuring BGP route distribution filtering policy,
185 configuring BGP route preference, 192 configuring BGP route reception filtering policy,
188 configuring BGP route reflector, 218 configuring BGP route summarization, 182 configuring BGP soft reset, 211 configuring BGP update send interval, 206 configuring holdtime, 205 configuring IS-IS dynamic system ID mapping to host name, 129 configuring IS-IS FRR automatic backup next hop calculation, 134 configuring IS-IS FRR routing policy use, 134 configuring IS-IS GR, 132 configuring IS-IS interface DIS priority, 124 configuring IS-IS LSP parameters, 125 configuring IS-IS route convergence priority, 128 configuring IS-IS static system ID mapping to host name, 129 configuring IS-IS system ID mapping to host name, 129 configuring keepalive interval, 205 configuring LSP timer (IS-IS), 125 configuring OSPF BFD, 77
377 configuring OSPF BFD bidirectional control detection, 77 configuring OSPF BFD single-hop echo detection, 77 configuring OSPF LSU transmission rate, 74 configuring OSPF network management, 73 configuring OSPFv3 BFD, 308, 321 configuring OSPFv3 DR interface priority, 306 configuring OSPFv3 GR, 320 configuring OSPFv3 inbound route filtering, 301 configuring OSPFv3 interface network type,
300 configuring OSPFv3 max number ECMP routes,
303 configuring OSPFv3 NBMA neighbor, 301 configuring OSPFv3 network type, 300 configuring OSPFv3 P2MP neighbor, 301 configuring OSPFv3 preference, 303 configuring OSPFv3 route redistribution, 303,
317 configuring OSPFv3 route summarization, 301 configuring OSPFv3 timer, 304 controlling BGP path selection, 191 controlling BGP route distribution, 181 controlling BGP route reception, 181 controlling IS-IS SPF calculation interval, 127 disabling BGP consideration of AS_PATH in best route selection, 201 disabling BGP to establish a session to a peer/peer group, 211 disabling IS-IS interface packet send/receive,
124 disabling OSPF interface packet sending/receiving, 70 disabling OSPFv3 interface packet sending,
307 enabling BGP 4-byte AS number suppression,
208
enabling BGP MED comparison for routes from confederation peer, 197 enabling BGP MED comparison for routes from different ASs, 195 enabling BGP MED comparison for routes on a per-AS basis, 196 enabling BGP session state change logging,
221 enabling BGP trap, 220 enabling IS-IS interface hello packet send, 124 enabling IS-IS LSP flash flooding, 127 enabling IS-IS LSP fragment extension, 127 enabling OSPF, 56 enabling OSPF neighbor state change logging,
73 enabling OSPF RFC 1583 compatibility, 73 enabling OSPFv3 neighbor state change logging, 307 enabling route-refresh, 212 generating BGP route, 179 ignoring OSPFv3 DD packet MTU verification,
306 injecting BGP local network, 180
IPv6 IS-IS basic configuration, 324
IPv6 IS-IS route control configuration, 325
IS-IS area, 110
IS-IS area authentication, 131
IS-IS automatic cost calculation enable, 119
IS-IS BFD configuration, 133
IS-IS broadcast type, 112
IS-IS circuit level configuration, 117
IS-IS DIS election, 112
IS-IS enable, 116
IS-IS FRR configuration, 133
IS-IS global cost configuration, 119
IS-IS interface cost configuration, 118
IS-IS interface P2P network type configuration,
117
378
IS-IS IS level configuration, 117
IS-IS ISPF enable, 130
IS-IS link cost configuration, 118
IS-IS neighbor relationship authentication, 131
IS-IS neighbor state change logging, 130
IS-IS point-to-point type, 112
IS-IS preference specification, 119
IS-IS pseudonode, 112
IS-IS route control configuration, 118
IS-IS route leaking, 112
IS-IS routing domain, 110
IS-IS routing domain authentication, 131
IS-IS security enhancement, 130
MP-BGP, 166
MP-BGP address family, 167
MP-BGP extended attribute, 166 optimizing IS-IS network, 123
OSPF ABR route summarization configuration,
62
OSPF ABR Type-3 LSA filtering configuration, 64
OSPF area configuration, 57
OSPF ASBR route summarization configuration,
63
OSPF authentication configuration, 71
OSPF default parameter for route redistribution configuration, 67
OSPF default route redistribution configuration,
66
OSPF DR/BDR election, 54
OSPF exit overflow interval configuration, 72
OSPF FRR backup next hop calculation using the
LFA algorithm, 78
OSPF FRR backup next hop designation by using routing policy, 79
OSPF FRR configuration, 78
OSPF GR configuration, 75
OSPF GR Helper configuration, 76
OSPF GR Helper IETF configuration, 76
OSPF GR Helper non-IETF configuration, 76
OSPF GR Restarter configuration, 75
OSPF GR Restarter IETF configuration, 75
OSPF GR Restarter non-IETF configuration, 75
OSPF GR trigger, 77
OSPF host route advertisement, 67
OSPF inbound route filtering configuration, 63
OSPF interface broadcast network type configuration, 60
OSPF interface cost configuration, 64
OSPF interface NBMA network type configuration, 60
OSPF interface P2MP network type configuration, 61
OSPF interface P2P network type configuration,
62
OSPF ISPF configuration, 74
OSPF LSA arrival interval specification, 69
OSPF LSA generation interval specification, 70
OSPF max number ECMP routes configuration,
65
OSPF max number LSDB external LSAs configuration, 72
OSPF network type configuration, 59
OSPF NSSA area configuration, 58
OSPF optimization, 67
OSPF packet timer configuration, 68
OSPF preference configuration, 65
OSPF route control configuration, 62
OSPF route redistribution configuration, 65
OSPF route redistribution from other routing protocols configuration, 66
OSPF route summarization configuration, 62
OSPF stub area configuration, 58
OSPF stub router configuration, 71
OSPF tuning, 67
OSPF virtual link configuration, 59
379
OSPFv3 GR configuration, 307
OSPFv3 GR Helper configuration, 308
OSPFv3 GR Restarter configuration, 308
OSPFv3 optimization, 304
OSPFv3 tuning, 304
PBR node action configuration, 269
PBR node creation, 268
PBR node match criteria configuration, 268 permitting BGP local AS number to appear in peer/peer group routes, 200 redistributing BGP IGP routing information, 180 removing BGP private AS numbers from updates sent to an EBGP peer/peer group, 203 saving updates, 213 setting IS-IS LSDB overload bit, 128 specifying BGP received route preferred value,
191 specifying BGP TCP connection source interface,
178 specifying IS-IS CSNP packet send interval, 123 specifying IS-IS hello multiplier, 123 specifying IS-IS hello packet send interval, 123 specifying IS-IS LSP length, 126 specifying IS-IS LSP refresh interval, 125 specifying IS-IS LSP sending interval, 125 specifying LSP max age (IS-IS), 125 specifying OSPF LSA transmission delay, 68 specifying OSPF SPF calculation interval, 69 tuning BGP, 205 tuning IS-IS network, 123 network availability, improving, 3 network entity title. Use NET network management basic BGP configuration, 171, 225 basic IPv6 static route configuration, 275 basic OSPF configuration, 80 basic RIP configuration, 34
BFD for IPv6 static route configuration (direct next hop), 276
BFD for IPv6 static route configuration (indirect next hop), 279
BGP BFD configuration, 252
BGP community configuration, 238
BGP confederation configuration, 243
BGP configuration, 157, 225, 256
BGP GR configuration, 250
BGP load balancing configuration, 235
BGP path selection configuration, 247
BGP route reflector configuration, 241
BGP route summarization configuration, 232
BGP-IGP route redistribution configuration, 229
IPv6 BGP basic configuration, 256
IPv6 BGP BFD configuration, 261
IPv6 BGP route reflector configuration, 259
IPv6 IS-IS basic configuration (on switch), 327
IPv6 IS-IS configuration, 324
IPv6 IS-IS configuration (on switch), 327
IPv6 node action configuration, 336
IPv6 node creation, 335
IPv6 node match criteria configuration, 335
IPv6 PBR and track, 335
IPv6 PBR configuration, 334, 335, 336
IPv6 PBR packet-type-based configuration (on switch), 337
IPv6 policy configuration, 335
IPv6 static routing configuration, 275
IS-IS authentication configuration (on switch),
147
IS-IS basic configuration, 116
IS-IS basic configuration (on switch), 135
IS-IS BFD configuration (on switch), 151
IS-IS configuration, 108, 115
IS-IS configuration (on switch), 135
IS-IS DIS election configuration (on switch), 140
380
IS-IS FRR configuration (on switch), 154
IS-IS GR configuration (on switch), 150
IS-IS route redistribution configuration (on switch), 144 optimizing RIPng network, 287
OSPF BFD configuration, 101
OSPF DR election configuration, 92
OSPF FRR configuration, 104
OSPF GR configuration, 98
OSPF network management configuration, 73
OSPF NSSA area configuration, 90
OSPF route redistribution configuration, 83
OSPF stub area configuration, 88
OSPF summary route advertisement configuration, 85
OSPF virtual link configuration, 96
OSPFv3 BFD configuration, 321
OSPFv3 configuration, 310
OSPFv3 GR configuration, 320
OSPFv3 route redistribution configuration, 317
PBR configuration, 267, 268, 269
PBR packet type-based interface configuration
(on switch), 270
PBR policy concept, 267
RIP BFD single-hop echo detection configuration,
42
RIP configuration, 34
RIP FRR configuration, 32, 45
RIP interface metric configuration, 38
RIP route redistribution configuration, 36
RIP summary route advertisement configuration,
40
RIPng additional routing metric configuration,
285
RIPng basic configuration, 284
RIPng basic configuration (on switch), 290
RIPng configuration, 283, 284
RIPng configuration (on switch), 290
RIPng default route advertisement, 286
RIPng GR configuration, 289
RIPng inbound/outbound route filtering configuration, 286
RIPng max number ECMP routes configuration,
289
RIPng packet zero field check configuration, 288
RIPng poison reverse configuration, 288
RIPng preference configuration, 286
RIPng route control configuration, 285
RIPng route redistribution configuration, 287
RIPng route redistribution configuration (on switch), 292
RIPng route summarization configuration, 285
RIPng split horizon configuration, 288
RIPng timer configuration, 287 routing policy application to IPv4 route redistribution (on switch), 346 routing policy application to IPv6 route redistribution (on switch), 349 routing policy apply clause configuration, 344 routing policy configuration, 339, 342 routing policy configuration (on switch), 346 routing policy continue clause configuration,
345 routing policy creation, 342 routing policy filter, 339 routing policy filter configuration, 340 routing policy if-match clause configuration,
343 routing policy IP prefix list filter configuration,
340 static route configuration, 6, 10 static routing configuration, 6 tuning RIPng network, 287 network topology changes (IPv6), 272 network types
381 broadcast (OSPF), 53
NBMA (OSPF), 53
P2MP (OSPF), 53
P2P (OSPF), 53 next hop
BGP NEXT_HOP attribute configuration, 198
OSPF FRR backup designation by using routing policy configuration, 79
OSPF FRR calculation using the LFA algorithm,
78 next hop (RIP), 20 node
IPv6 node action configuration, 336
IPv6 node creation, 335
IPv6 node match criteria configuration, 335
IS-IS pseudonode, 112
IS-IS route control configuration, 118
PBR apply clause, 267
PBR creation, 268
PBR if-match clause, 267
PBR match criteria configuration, 268
PBR node action configuration, 269
PBR policy, 267 notification messages (BGP), 157
NSAP
IS-IS address format, 108
NET, 109
N-SEL (IS-IS), 109
NSSA configuring OSPF NSSA area, 58
OSPF NSSA area configuration, 90
NSSA area (OSPF), 51 open messages (BGP), 157 operation
RIP, 20
optimal routes, advertising in IP routing table (BGP),
183 optimization using OSPF areas, 49 using totally stub area (OSPF), 51 optimizing
BGP network, 205
OSPF network, 67
OSPFv3 network, 304 tuning RIP network, 28 optimizing IS-IS networks, 123 optimizing RIPng network, 287 oscillation resolving with timers (RIP), 28
OSPF
ABR, 51 adding interface MTU into DD packets, 72 advertising host route, 67 area-based network partition, 48 areas, 49
ASBR, 51 authentication, 48 backbone area, 50 backbone router, 51 basic configuration, 80
BFD configuration, 101 configuration details, 48 configuration tasks, 55 configuring ABR route summarization, 62 configuring ABR Type-3 LSA filtering, 64 configuring area, 57 configuring ASBR route summarization, 63 configuring authentication, 71 configuring BFD, 77 configuring BFD bidirectional control detection,
77
382 configuring BFD single-hop echo detection, 77 configuring broadcast network type, 59 configuring default parameter for route redistribution, 67 configuring default route redistribution, 66 configuring exit overflow interval, 72 configuring FRR, 78 configuring FRR backup next hop calculation using the LFA algorithm, 78 configuring FRR backup next hop using routing policy, 79 configuring GR, 75 configuring GR Helper, 76 configuring GR Restarter, 75 configuring IETF GR Helper, 76 configuring IETF GR Restarter, 75 configuring inbound route filtering, 63 configuring interface broadcast network type,
60 configuring interface cost, 64 configuring interface NBMA network type, 60 configuring interface P2MP network type, 61 configuring interface P2P network type, 62 configuring ISPF, 74 configuring LSU transmission rate, 74 configuring max number ECMP routes, 65 configuring max number LSDB external LSAs, 72 configuring NBMA network type, 59 configuring network management, 73 configuring non-IETF GR Helper, 76 configuring non-IETF GR Restarter, 75 configuring NSSA area, 58 configuring P2P network type, 59 configuring packet timer, 68 configuring preference, 65 configuring route control, 62 configuring route redistribution, 65
configuring route redistribution from other routing protocols, 66 configuring route summarization, 62 configuring stub area, 58 configuring stub router, 71 configuring virtual link, 59 disabling interface packet sending/receiving,
70 displaying, 79
DR election configuration, 92
DR/BDR election, 54
ECMP routing, 48 enabling, 56 enabling neighbor state change logging, 73 enabling RFC 1583 compatibility, 73 fast convergence, 48 features, 48
FRR configuration, 104
GR configuration, 98 internal router, 51
IS-IS BFD configuration, 133
IS-IS DIS election, 112 loop free, 48
LSA types, 48 maintaining, 79 network types, 53
NSSA area, 51
NSSA area configuration, 90 optimization, 49 optimizing network, 67 packet types, 48 protocols, 54 route calculation, 53 route priority levels, 52 route redistribution configuration, 83 router types, 51
383 routing hierarchy, 48 specifying LSA arrival interval, 69 specifying LSA generation interval, 70 specifying LSA transmission delay, 68 specifying SPF calculation interval, 69 standards, 54 stub area, 51 stub area configuration, 88 summary route advertisement configuration, 85 support for multicasting, 48 total stub area, 51 totally NSSA area, 51 triggering GR, 77 troubleshooting configuration, 106 troubleshooting incorrect routing information,
106 troubleshooting no neighbor relationship established, 106 tuning network, 67 virtual link configuration, 96 virtual links, 50 wide scope, 48
OSPFv3 configuration tasks, 297
LSA types, 296
OSPFv3 configuration details, 296 features, 296 packet types, 296
OSPFv3 protocols, 297
OSPFv3 standards, 297
OSPFv3 configuration procedure, 298
OSPFv3
area parameter configuration, 299
OSPFv3 virtual link configuration, 299
OSPFv3 network type configuration, 300
OSPFv3 interface network type configuration, 300
OSPFv3 configuring NBMA neighbor, 301
OSPFv3 configuring P2MP neighbor, 301
OSPFv3 route control, 301
OSPFv3 route summarization configuration, 301
OSPFv3 inbound route filtering configuration, 301
OSPFv3 interface cost, 302
OSPFv3 configuring max number load-balanced routes,
303
OSPFv3 preference configuration, 303
OSPFv3 route redistribution configuration, 303
OSPFv3 network optimization, 304
OSPFv3 tuning network, 304
OSPFv3 packet timer, 304
OSPFv3
LSA delay timer, 304
OSPFv3
SPF timer, 304
384
OSPFv3 packet timer configuration, 304
OSPFv3
LSA delay timer configuration, 304
OSPFv3
SPF timer configuration, 304
OSPFv3
DR interface priority configuration, 306
OSPFv3 ignoring DD packet MTU verification, 306
OSPFv3 interface packet sending disable, 307
OSPFv3 neighbor state change logging enable, 307
OSPFv3
GR configuration, 307
OSPFv3
GR Restarter configuration, 308
OSPFv3
GR Helper configuration, 308
OSPFv3
BFD configuration, 308
OSPFv3 displaying, 309
OSPFv3 maintaining, 309
OSPFv3 configuration, 310
OSPFv3 areas, configuration example, 310
OSPFv3
DR election configuration example, 314
OSPFv3 route redistribution configuration, 317
OSPFv3
GR configuration, 320
OSPFv3
BFD configuration, 321 outbound configuring an additional routing metric, 24 outbound route filtering (RIPng), 286 outgoing interface, finding, 3 overview of IP routing, 1
P2MP
OSPF interface network type configuration, 61
P2MP networks (OSPF), 53
P2P
OSPF interface network type configuration, 62
OSPF network type configuration, 59
P2P network type (IS-IS), 117
P2P networks (OSPF), 53 packet adding OSPF interface MTU into DD packets,
72 configuring OSPF LSU transmission rate, 74 configuring OSPF packet timer, 68 configuring RIP BFD, 32 configuring RIP BFD single-hop echo detection,
42 configuring RIP packet sending rate, 31 disabling IS-IS interface packet send/receive,
124 disabling OSPF interface packet sending/receiving, 70 disabling OSPFv3 interface packet sending,
307 enabling IS-IS interface hello packet send, 124
IPv6 node creation, 335
IPv6 PBR configuration, 334, 335
IPv6 PBR packet-type-based configuration (on switch), 337
IPv6 PBR policy, 334
IPv6 policy configuration, 335
IPv6 static route configuration, 272
IS-IS PDU CLVs, 114
IS-IS PDU hello type, 113
IS-IS PDU LSP type, 113
IS-IS PDU SNP type, 114
IS-IS PDU types, 113
OSPF GR configuration, 75
OSPFv3 packet timer, 304
PBR configuration, 267, 268, 269
PBR packet type-based interface configuration
(on switch), 270
RIPng request, 283
RIPng response, 283
RIPng zero field check configuration, 288 specifying IS-IS CSNP packet send interval, 123 specifying IS-IS hello multiplier, 123 specifying IS-IS hello packet send interval, 123 packets
DD (OSPF), 48
DD (OSPFv3), 296 forwarding when routing table has no matching entry, 19 hello (OSPF), 48 hello (OSPFv3), 296
LSAck (OSPF), 48
LSAck (OSPFv3), 296
LSR (OSPF), 48
LSR (OSPFv3), 296
LSU (OSPF), 48
LSU (OSPFv3), 296 parameter configuring IS-IS LSP parameters, 125 configuring IS-IS route convergence priority, 128 configuring LSP parameter (IS-IS), 125 configuring OSPFv3 area parameter, 299
385
controlling IS-IS SPF calculation interval, 127
OSPF default parameter for route redistribution configuration, 67 setting IS-IS LSDB overload bit, 128 path configuring BGP selection, 247 controlling BGP path selection, 191 path attributes
BGP, 158
PBR apply clause, 267 apply clause, 267 configuration, 267, 268, 269 deny match mode, 267 displaying, 269 if-match clause, 267 if-match clause, 267 maintaining, 269 node action configuration, 269 node creation, 268 node match criteria configuration, 268 packet type-based interface configuration (on switch), 270 permit match mode, 267 policy, 267 track, 268
PDU
IS-IS CLVs, 114
IS-IS hello type, 113
IS-IS LSP type, 113
IS-IS SNP type, 114 peer
IS-IS types, 113 advertising BGP default route to peer/peer group, 183
BGP configuration, 171, 172
386
BGP group, 163
BGP peer group configuration, 173 disabling BGP to establish a session to a peer/peer group, 211 enabling BGP MED comparison for routes from confederation peer, 197 group, configuring (EBGP), 174 group, configuring (IBGP), 173 peers
BGP, 157 permit match mode (routing policy), 340 permitting BGP local AS number to appear in peer/peer group routes, 200 point-to-point IS-IS network type, 112 poison reverse configuring (RIP), 29 enabling RIP, 29 poison reverse (RIPng), 288 policy configuring BGP route distribution filtering policy,
185 configuring BGP route filtering policy, 185 configuring BGP route reception filtering policy,
188 configuring OSPF FRR backup next hop designation by using routing policy, 79 filtering by routing policy, 340
IPv6 configuration, 335
IPv6 PBR, 334
IPv6 PBR configuration, 334, 335, 336
IPv6 PBR if- apply clause, 334
IPv6 PBR if-match clause, 334
PBR, 267
PBR configuration, 267, 268, 269
PBR packet type-based interface configuration
(on switch), 270 routing policy application to IPv4 route redistribution (on switch), 346
routing policy application to IPv6 route redistribution (on switch), 349 routing policy apply clause configuration, 344 routing policy configuration, 339, 342 routing policy configuration (on switch), 346 routing policy continue clause configuration,
345 routing policy creation, 342 routing policy filter configuration, 340 routing policy if-match clause configuration,
343 routing policy IP prefix list configuration, 340 policy-based routing. Use PBR, Use PBR poll packet timer (OSPF), 68 preference configuring BGP default local preference, 193 configuring BGP route preference, 192 configuring RIP, 27
OSPF configuration, 65
OSPFv3 configuration, 303 preference (RIPng), 286 preference specification (IS-IS), 119 preferred value
BGP received route, 191 prevention
Routing loop, 20 priority configuring IS-IS interface DIS priority, 124 configuring IS-IS route convergence priority, 128 configuring IS-IS system ID mapping to host name, 129 configuring OSPFv3 DR interface priority, 306 procedure adding OSPF interface MTU into DD packets,
72 advertising a default route, 26
387 advertising a fake AS number to a peer/peer group, 201 advertising a summary route, 25 advertising BGP default route to peer/peer group, 183 advertising IS-IS default route, 121 advertising IS-IS routes, 122 advertising OSPF host route, 67 advertising RIPng default route, 286 bidirectional control mode, 7 configuring a preference for RIP, 27 configuring a RIP version, 23 configuring a stub area, 299 configuring an additional routing metric, 24 configuring an EBGP peer group, 174 configuring an IBGP peer group, 173 configuring an IPv4 BGP peer, 171 configuring an IPv6 BGP peer, 172 configuring automatic backup next hop calculation, 134 configuring basic BGP, 171, 225 configuring basic IPv6 IS-IS (on switch), 327 configuring basic IPv6 static route, 275 configuring basic IS-IS, 116 configuring basic IS-IS (on switch), 135 configuring basic OSPF, 80 configuring basic RIP, 22, 34 configuring basic RIPng, 284 configuring basic RIPng (on switch), 290 configuring BFD bidirectional control mode, 273 configuring BFD for IPv6 static route, 272 configuring BFD for IPv6 static route (direct next hop), 276 configuring BFD for IPv6 static route (indirect next hop), 279 configuring BFD for static route, 7 configuring BFD single-hop echo mode, 274
configuring BGP, 225, 256 configuring BGP AS number substitution, 202 configuring BGP AS_PATH attribute, 200 configuring BGP automatic route summarization,
182 configuring BGP BFD, 221, 252 configuring BGP community, 216, 238 configuring BGP confederation, 218, 243 configuring BGP confederation compatibility,
219 configuring BGP default local preference, 193 configuring BGP default MED value, 194 configuring BGP GR, 219, 250 configuring BGP GR Helper, 219 configuring BGP GR Restarter, 219 configuring BGP large-scale network, 216 configuring BGP load balancing, 210, 235 configuring BGP manual route summarization,
182 configuring BGP manual soft-reset, 214 configuring BGP MD5 authentication, 209 configuring BGP MED attribute, 194 configuring BGP NEXT_HOP attribute, 198 configuring BGP path selection, 247 configuring BGP peer, 171 configuring BGP peer group, 173 configuring BGP route dampening, 190 configuring BGP route distribution filtering policy,
185 configuring BGP route filtering policies, 185 configuring BGP route preference, 192 configuring BGP route reception filtering policy,
188 configuring BGP route reflector, 218, 241 configuring BGP route summarization, 182, 232 configuring BGP soft reset, 211 configuring BGP update send interval, 206
388 configuring BGP-IGP route redistribution, 229 configuring configuring LSP parameter (IS-IS),
125 configuring holdtime, 205 configuring inbound/outbound route filtering,
26 configuring Inter-Area-Prefix-LSA filtering, 302 configuring IPv6 BGP basics, 256 configuring IPv6 BGP BFD, 261 configuring IPv6 BGP route reflector, 259 configuring IPv6 IS-IS (on switch), 327 configuring IPv6 IS-IS basic function, 324 configuring IPv6 IS-IS BFD, 326 configuring IPv6 IS-IS BFD (on switch), 331 configuring IPv6 IS-IS route control, 325 configuring IPv6 node action, 336 configuring IPv6 node match criteria, 335 configuring IPv6 PBR, 335, 336 configuring IPv6 policy, 335 configuring IPv6 static route, 272 configuring IPv6 static routing, 275 configuring IS-IS, 115 configuring IS-IS (on switch), 135 configuring IS-IS area authentication, 131 configuring IS-IS authentication (on switch), 147 configuring IS-IS BFD, 133 configuring IS-IS BFD (on switch), 151 configuring IS-IS circuit level, 117 configuring IS-IS configuring interface DIS priority, 124 configuring IS-IS DIS election (on switch), 140 configuring IS-IS dynamic system ID mapping to host name, 129 configuring IS-IS FRR, 133 configuring IS-IS FRR (on switch), 154 configuring IS-IS FRR routing policy use, 134 configuring IS-IS global cost, 119
configuring IS-IS GR, 132 configuring IS-IS GR (on switch), 150 configuring IS-IS interface cost, 118 configuring IS-IS interface P2P network type, 117 configuring IS-IS IS level, 117 configuring IS-IS link cost, 118 configuring IS-IS LSP parameters, 125 configuring IS-IS LSP-calculated route filtering,
122 configuring IS-IS neighbor relationship authentication, 131 configuring IS-IS redistributed route filtering, 122 configuring IS-IS route control, 118 configuring IS-IS route convergence priority, 128 configuring IS-IS route filtering, 121 configuring IS-IS route redistribution, 121 configuring IS-IS route redistribution (on switch),
144 configuring IS-IS route summarization, 120 configuring IS-IS routing domain authentication,
131 configuring IS-IS static system ID mapping to host name, 129 configuring IS-IS system ID mapping to host name, 129 configuring keepalive interval, 205 configuring max number IS-IS ECMP routes, 120 configuring OSPF ABR route summarization, 62 configuring OSPF ABR Type-3 LSA filtering, 64 configuring OSPF area, 57 configuring OSPF ASBR route summarization,
63 configuring OSPF authentication, 71 configuring OSPF BFD, 77, 101 configuring OSPF BFD bidirectional control detection, 77 configuring OSPF BFD single-hop echo detection, 77
389 configuring OSPF default parameter for route redistribution, 67 configuring OSPF default route redistribution,
66 configuring OSPF DR election, 92 configuring OSPF exit overflow interval, 72 configuring OSPF FRR, 78, 104 configuring OSPF FRR backup next hop calculation using the LFA algorithm, 78 configuring OSPF FRR backup next hop designation by using routing policy, 79 configuring OSPF GR, 75, 98 configuring OSPF GR Helper, 76 configuring OSPF GR Restarter, 75 configuring OSPF IETF GR Helper, 76 configuring OSPF IETF GR Restarter, 75 configuring OSPF inbound route filtering, 63 configuring OSPF interface broadcast network type, 60 configuring OSPF interface cost, 64 configuring OSPF interface NBMA network type,
60 configuring OSPF interface P2MP network type,
61 configuring OSPF interface P2P network type,
62 configuring OSPF ISPF, 74 configuring OSPF LSU transmission rate, 74 configuring OSPF max number ECMP routes, 65 configuring OSPF max number LSDB external
LSAs, 72 configuring OSPF network management, 73 configuring OSPF network type, 59 configuring OSPF non-IETF GR Helper, 76 configuring OSPF non-IETF GR Restarter, 75 configuring OSPF NSSA area, 58, 90 configuring OSPF packet timer, 68 configuring OSPF preference, 65
configuring OSPF route control, 62 configuring OSPF route redistribution, 65 configuring OSPF route redistribution from other routing protocols, 66 configuring OSPF route redistribution function,
83 configuring OSPF route summarization, 62 configuring OSPF stub area, 58, 88 configuring OSPF stub router, 71 configuring OSPF summary route advertisement,
85 configuring OSPF virtual link, 59, 96 configuring OSPFv3, 310 configuring OSPFv3 area parameter, 299 configuring OSPFv3 BFD, 308, 321 configuring OSPFv3 DR interface priority, 306 configuring OSPFv3 GR, 307, 320 configuring OSPFv3 GR Helper, 308 configuring OSPFv3 GR Restarter, 308 configuring OSPFv3 inbound route filtering, 301 configuring OSPFv3 interface cost, 302 configuring OSPFv3 interface network type,
300 configuring OSPFv3 max number ECMP routes,
303 configuring OSPFv3 NBMA neighbor, 301 configuring OSPFv3 network type, 300 configuring OSPFv3 P2MP neighbor, 301 configuring OSPFv3 preference, 303 configuring OSPFv3 route control, 301 configuring OSPFv3 route redistribution, 303,
317 configuring OSPFv3 route summarization, 301 configuring OSPFv3 timer, 304 configuring OSPFv3 virtual link, 299 configuring packet type-based interface PBR (on switch), 270
390 configuring packet-type-based IPv6 PBR (on switch), 337 configuring PBR, 268, 269 configuring PBR node actions, 269 configuring PBR node match criteria, 268 configuring RIP, 34 configuring RIP BFD, 31, 32 configuring RIP BFD single-hop echo detection,
42 configuring RIP FRR, 32, 45 configuring RIP maximum number of ECMP routes, 29 configuring RIP packet sending rate, 31 configuring RIP route control, 24 configuring RIP route redistribution, 27, 36 configuring RIP routing metric, 38 configuring RIP summary route advertisement,
40 configuring RIPng, 284 configuring RIPng (on switch), 290 configuring RIPng additional routing metric, 285 configuring RIPng GR, 289 configuring RIPng inbound/outbound route filtering, 286 configuring RIPng max number ECMP routes,
289 configuring RIPng packet zero field check, 288 configuring RIPng poison reverse, 288 configuring RIPng preference, 286 configuring RIPng route control, 285 configuring RIPng route redistribution, 287 configuring RIPng route redistribution (on switch),
292 configuring RIPng route summarization, 285 configuring RIPng split horizon, 288 configuring RIPng timer, 287 configuring RIPv2 message authentication, 31 configuring routing policy, 342
configuring routing policy (on switch), 346 configuring routing policy application to IPv4 route redistribution (on switch), 346 configuring routing policy application to IPv6 route redistribution (on switch), 349 configuring routing policy apply clause, 344 configuring routing policy AS_PATH list, 341 configuring routing policy community list, 341 configuring routing policy continue clause, 345 configuring routing policy extended community list, 342 configuring routing policy filter, 340 configuring routing policy if-match clause, 343 configuring routing policy IP prefix list filter, 340 configuring routing policy IPv4 prefix list filter,
340 configuring routing policy IPv6 prefix list filter,
341 configuring static route, 6, 10 configuring static route FRR, 9 configuring the maximum number of ECMP routes, 4 controlling BGP path selection, 191 controlling BGP route distribution, 181 controlling BGP route reception, 181 controlling IS-IS SPF calculation interval, 127 controlling RIP reception and advertisement on interfaces, 23 creating IPv6 node, 335 creating node, 268 creating routing policy, 342 disabling BGP consideration of AS_PATH in best route selection, 201 disabling BGP to establish a session to a peer/peer group, 211 disabling host route reception, 26 disabling IS-IS interface packet send/receive,
124
391 disabling OSPF interface packet sending/receiving, 70 disabling OSPFv3 interface packet sending,
307 displaying and maintaining IPv6 static route,
274 displaying BGP, 222 displaying IPv6 IS-IS, 326 displaying IPv6 PBR configuration, 336 displaying IS-IS, 134 displaying OSPF, 79 displaying OSPFv3, 309 displaying PBR, 269 displaying RIP, 33 displaying RIPng, 290 displaying routing policy, 346 displaying static routing, 10 enabling BGP, 171 enabling BGP 4-byte AS number suppression,
208 enabling BGP MED comparison for routes from confederation peer, 197 enabling BGP MED comparison for routes from different ASs, 195 enabling BGP MED comparison for routes on a per-AS basis, 196 enabling BGP session state change logging,
221 enabling BGP to establish an EBGP session over multiple hops, 207 enabling BGP trap, 220 enabling immediate reestablishment of direct
EBGP connections upon link failure, 208 enabling IS-IS, 116 enabling IS-IS automatic cost calculation, 119 enabling IS-IS interface hello packet send, 124 enabling IS-IS ISPF, 130 enabling IS-IS LSP flash flooding, 127 enabling IS-IS LSP fragment extension, 127
enabling IS-IS neighbor state change logging,
130 enabling OSPF, 56 enabling OSPF neighbor state change logging,
73 enabling OSPF RFC 1583 compatibility, 73 enabling OSPFv3 neighbor state change logging, 307 enabling RIP, 22 enabling RIP poison reverse, 29 enabling RIP source IP address check, 30 enabling RIP split horizon, 29 enabling RIPv1 zero field check, 30 enabling RIPv2 automatic route summarization,
25 enabling route-refresh, 212 enhancing IS-IS network security, 130 example, static configuration, 10 generating BGP route, 179 ignoring first AS number of EBGP route updates,
204 ignoring OSPFv3 DD packet MTU verification,
306 injecting BGP local network, 180 limiting routes received from a peer or peer group, 184 maintaining BGP, 222 maintaining IPv6 IS-IS, 326 maintaining IPv6 PBR configuration, 336 maintaining IS-IS, 134 maintaining OSPF, 79 maintaining OSPFv3, 309 maintaining PBR, 269 maintaining RIP, 33 maintaining RIPng, 290 maintaining routing policy, 346 maintaining static routing, 10 optimizing BGP network, 205
392 optimizing IS-IS networks, 123 optimizing OSPF network, 67 optimizing OSPFv3 network, 304 optimizing RIPng network, 287
OSPFv3 configuration, 298 permitting BGP local AS number to appear in peer/peer group routes, 200 protecting an EBGP peer when memory usage reaches level 2 threshold, 215 redistributing BGP IGP routing information, 180 removing BGP private AS numbers from updates sent to an EBGP peer/peer group, 203 saving updates, 213 setting IS-IS LSDB overload bit, 128
Single-hop echo mode, 8 specifying BGP received route preferred value,
191 specifying BGP TCP connection source interface,
178 specifying IS-IS CSNP packet send interval, 123 specifying IS-IS hello multiplier, 123 specifying IS-IS hello packet send interval, 123 specifying IS-IS LSP length, 126 specifying IS-IS LSP refresh interval, 125 specifying IS-IS LSP sending interval, 125 specifying IS-IS preference, 119 specifying LSA generation interval, 306 specifying LSA transmission delay, 305 specifying LSP max age (IS-IS), 125 specifying OSPF LSA arrival interval, 69 specifying OSPF LSA generation interval, 70 specifying OSPF LSA transmission delay, 68 specifying OSPF SPF calculation interval, 69 specifying SPF calculation interval, 305 static configuration, 9 triggering OSPF GR, 77 tuning and optimizing RIP networks, 28
tuning BGP network, 205 tuning IS-IS network, 123 tuning OSPF network, 67 tuning OSPFv3 network, 304 tuning RIPng network, 287 process enabling RIP, 22 protecting
EBGP peer when memory usage reaches level 2 threshold, 215 protocols
BGP, 168 classful (RIPv1), 21 classless (RIPv2), 21 dynamic (IP routing), 2
OSPF, 54
OSPFv3, 297
RIP, 21 protocols and standards
BGP configuration, 157
OSPFv3 preference configuration, 303
RIPng, 284
RIPng configuration, 283 protocols and standards (IS-IS), 114 rate configuring OSPF LSU transmission rate, 74 configuring RIP packet sending rate, 31 reception controlling RIP advertisement on interfaces, 23 disabling host route, 26 recursion
BGP route recursion, 162 redistribute routes (IP routing), 3 redistributing
BGP IGP routing information, 180
393 configuring BGP automatic route summarization,
182 configuring BGP manual route summarization,
182 configuring BGP route summarization, 182
OSPF ASBR route summarization configuration,
63
OSPF default parameter for route redistribution configuration, 67
OSPF default route redistribution configuration,
66
OSPF route redistribution configuration, 65, 83
OSPF route redistribution from other routing protocols configuration, 66
OSPFv3 route redistribution, 303, 317
RIP route redistribution configuration, 36
RIPng route (on switch), 292
RIPng routes, 287 redistribution configuring BGP-IGP route redistribution, 229 reflector
BGP route reflector, 163
BGP route reflector configuration, 241
IPv6 BGP route reflector configuration, 259 removing BGP private AS numbers from updates sent to an EBGP peer/peer group, 203 request packet (RIPng), 283 response packet (RIPng), 283
RFC 1583 (OSPF compatibility), 73
RIP advertising a default route, 26 application, 20 basic configuration, 34
BFD configuration, 32 configuration, 34 configuration details, 20 configuration prerequisites, 28 configuration restrictions and guidelines, 33
configuration tasks, 21 configuring a preference, 27 configuring an additional routing metric, 24 configuring basic RIP, 22 configuring BFD single-hop echo detection, 42 configuring packet sending rate, 31 configuring route redistribution, 27, 36 configuring routing metric, 38 configuring summary route advertisement, 40 configuring the maximum number of ECMP routes, 29 controlling reception and advertisement on interfaces, 23 database entries, 20 disabling host route reception, 26 displaying, 33 enable a version, 23 enabling poison reverse, 29 enabling RIPv2 automatic route summarization,
25 enabling source IP address check, 30 enabling split horizon, 29
FRR configuration, 32, 45
Graceful Restart configuration, 31 maintaining, 33 operation, 20 optimizing, 28 poison revers configuration, 29 prerequisites, route control configuration, 33 protocols, 21 route control configuration, 24 route entry, 20 route summarization configuration, 25 route summarization, advertise, 25 routing loop prevention, 20 split horizon configuration, 29
394 standards, 21 tuning, 28 versions, 21
RIPng additional routing metric configuration, 285 basic configuration, 284 basic configuration (on switch), 290 configuration, 283, 284 configuration (on switch), 290 default route advertisement, 286 displaying, 290 garbage-collect timer configuration, 287
GR configuration, 289 inbound/outbound route filtering configuration,
286 maintaining, 290 max number ECMP routes configuration, 289 optimizing network, 287 packet, 283 packet zero field check configuration, 288 poison reverse configuration, 288 preference configuration, 286 protocols and standards, 284 route control configuration, 285 route entries, 283 route redistribution configuration, 287 route redistribution configuration (on switch),
292 route summarization configuration, 285 split horizon configuration, 288 suppress timer configuration, 287 timeout timer configuration, 287 tuning network, 287 update timer configuration, 287
RIPv1, 21 enable, 23
enabling zero field check, 30
RIPv2, 21 configuring message authentication, 31 enable, 23 route
IS-IS default route advertisement, 121
IS-IS LSP-calculated route filtering, 122
IS-IS redistributed route filtering, 122
IS-IS route advertisement configuration, 122
IS-IS route filtering, 121
IS-IS route redistribution, 121
IS-IS route redistribution configuration (on switch), 144
IS-IS route summarization, 120 max number IS-IS ECMP routes, 120 static configuration, 6 route advertisement rules (BGP), 162, 183 route backup (IP routing), 3 route calculation (OSPF), 53 route information, learning, 3 route preference (IP routing), 2 route recursion (IP routing), 3 route redistribution configuring RIP, 27 route summarization advertising (RIPv2), 25 enabling RIPv2 automatic, 25 route tag (RIP), 20 route time (RIP), 20 router
IS-IS circuit level configuration, 117
IS-IS interface P2P network type configuration,
117
IS-IS IS level configuration, 117
IS-IS Level-1 router, 110
IS-IS Level-1-2 router, 110
395
IS-IS Level-2 router, 110
IS-IS route leaking, 112
IS-IS routing method, 109
IS-IS system ID, 109 route-refresh messages (BGP), 157 routers levels of priority (OSPF), 52 network types (OSPF), 53 route calculation (OSPF), 53 routes default, configuration, 19 static, configuration procedure, 9 static, example configuration, 10 routing
ACL filter (routing policy), 339 apply clause (PBR), 267
AS_PATH list (routing policy), 339
AS_PATH list configuration (routing policy), 341
BGP route reflector, 163 community list (routing policy), 339 community list configuration (routing policy),
341 configuring IS-IS dynamic system ID mapping to host name, 129 configuring IS-IS FRR automatic backup next hop calculation, 134 configuring IS-IS FRR routing policy use, 134 configuring IS-IS GR, 132 configuring IS-IS interface DIS priority, 124 configuring IS-IS LSP parameters, 125 configuring IS-IS route convergence priority, 128 configuring IS-IS static system ID mapping to host name, 129 configuring IS-IS system ID mapping to host name, 129 configuring LSP timer (IS-IS), 125 configuring OSPFv3 P2MP neighbor, 301
controlling IS-IS SPF calculation interval, 127 disabling IS-IS interface packet send/receive,
124 enabling BGP MED comparison for routes from confederation peer, 197 enabling IS-IS interface hello packet send, 124 enabling IS-IS LSP flash flooding, 127 enabling IS-IS LSP fragment extension, 127 enabling OSPF RFC 1583 compatibility, 73 extended community list (routing policy), 339 extended community list configuration (routing policy), 342 filters (routing policy), 339 if-match clause (PBR), 267
IP prefix list (routing policy), 339
IPv6 IS-IS basic configuration, 324
IPv6 IS-IS BFD configuration, 326
IPv6 IS-IS configuration, 324
IPv6 IS-IS route control configuration, 325
IPv6 node action configuration, 336
IPv6 node creation, 335
IPv6 node match criteria configuration, 335
IPv6 PBR and track, 335
IPv6 PBR apply clause, 334
IPv6 PBR configuration, 334, 335, 336
IPv6 PBR if-match clause, 334
IPv6 PBR policy, 334
IPv6 policy configuration, 335
IS-IS authentication configuration (on switch),
147
IS-IS automatic cost calculation enable, 119
IS-IS basic configuration, 116
IS-IS basic configuration (on switch), 135
IS-IS BFD configuration, 133
IS-IS BFD configuration (on switch), 151
IS-IS configuration, 108, 115
IS-IS configuration (on switch), 135
396
IS-IS default route advertisement, 121
IS-IS DIS election configuration (on switch), 140
IS-IS FRR configuration, 133
IS-IS FRR configuration (on switch), 154
IS-IS global cost configuration, 119
IS-IS GR configuration (on switch), 150
IS-IS interface cost configuration, 118
IS-IS ISPF enable, 130
IS-IS link cost configuration, 118
IS-IS LSP-calculated route filtering, 122
IS-IS PDU CLVs, 114
IS-IS PDU hello type, 113
IS-IS PDU LSP type, 113
IS-IS PDU SNP type, 114
IS-IS PDU types, 113
IS-IS preference specification, 119
IS-IS redistributed route filtering, 122
IS-IS route advertisement configuration, 122
IS-IS route control configuration, 118
IS-IS route filtering, 121
IS-IS route leaking, 112
IS-IS route redistribution, 121
IS-IS route redistribution configuration (on switch), 144
IS-IS route summarization, 120
IS-IS routing domain, 110
IS-IS routing domain authentication, 131 loop prevention, 20 max number IS-IS ECMP routes, 120
MP-BGP, 166 optimizing IS-IS networks, 123 optimizing RIPng network, 287 packet-type-based IPv6 PBR configuration (on switch), 337
PBR and track, 268
PBR policy concept, 267
RIPng additional routing metric configuration,
285
RIPng basic configuration, 284
RIPng basic configuration (on switch), 290
RIPng configuration, 283, 284
RIPng configuration (on switch), 290
RIPng default route advertisement, 286
RIPng GR configuration, 289
RIPng inbound/outbound route filtering configuration, 286
RIPng max number ECMP routes configuration,
289
RIPng packet, 283
RIPng packet zero field check configuration, 288
RIPng poison reverse configuration, 288
RIPng preference configuration, 286
RIPng route control configuration, 285
RIPng route entries, 283
RIPng route redistribution configuration, 287
RIPng route redistribution configuration (on switch), 292
RIPng route summarization configuration, 285
RIPng split horizon configuration, 288
RIPng timer configuration, 287 routing policy application to IPv4 route redistribution (on switch), 346 routing policy application to IPv6 route redistribution (on switch), 349 routing policy apply clause configuration, 344 routing policy configuration, 339, 342 routing policy configuration (on switch), 346 routing policy continue clause configuration,
345 routing policy creation, 342 routing policy filter configuration, 340 routing policy if-match clause configuration,
343 routing policy IP prefix list configuration, 340
397 setting IS-IS LSDB overload bit, 128 specifying IS-IS CSNP packet send interval, 123 specifying IS-IS hello multiplier, 123 specifying IS-IS hello packet send interval, 123 specifying IS-IS LSP length, 126 specifying IS-IS LSP refresh interval, 125 specifying IS-IS LSP sending interval, 125 specifying LSP max age (IS-IS), 125 specifying OSPF LSA arrival interval, 69 specifying OSPF LSA generation interval, 70 table, 1 tuning BGP network, 205 tuning IS-IS network, 123 tuning RIPng network, 287 routing hierarchy feature (OSPF), 48 routing loops avoiding (RIP), 29 routing policy
ACL filter, 339 apply clause configuration, 344 applying to IPv4 route redistribution (on switch),
346 applying to IPv6 route redistribution (on switch),
349
AS_PATH list, 339
AS_PATH list configuration, 341 community list, 339 community list configuration, 341 configuration, 339, 342 configuration (on switch), 346 continue clause configuration, 345 creation, 342 deny match mode, 340 displaying, 346 extended community list, 339 extended community list configuration, 342
filter, 339 filter configuration, 340 filtering, 340 if-match clause configuration, 343
IP prefix list, 339
IP prefix list configuration, 340
IPv4 prefix list configuration, 340
IPv6 prefix list configuration, 341 maintaining, 346 permit match mode, 340 routing table default routes, 19 displaying, 4 maintaining, 4 routing tables reducing size (RIPv2), 25 saving updates, 213 scalability, improving (RIPv2), 25 security
IS-IS area authentication, 131
IS-IS neighbor relationship authentication, 131
IS-IS network security enhancement, 130
IS-IS routing domain authentication, 131
SEL
IS-IS N-SEL, 109
NET, 109 selecting
BGP route, 162
BGP route selection, 162 configuring BGP path selection, 247 controlling BGP path selection, 191 session
BGP session state change logging, 221 setting IS-IS LSDB overload bit, 128
398 single-hop echo mode, 8 single-hop echo mode configuring BFD for IPv6 static route, 272 small networks
RIP, 20
SNP IS-IS PDU type, 114 soft reset
BGP configuration, 211 soft-reset
BGP configuration, 212
BGP manual configuration, 214 source IP address check (RIP), 30 speakers
BGP, 157 specifying
BGP received route preferred value, 191
BGP TCP connection source interface, 178
IS-IS CSNP packet send interval, 123
IS-IS hello multiplier, 123
IS-IS hello packet send interval, 123
IS-IS LSP length, 126
IS-IS LSP refresh interval, 125
IS-IS LSP sending interval, 125
IS-IS preference, 119
LSA generation interval, 306
LSA transmission delay, 305
LSP max age (IS-IS), 125
OSPF LSA arrival interval, 69
OSPF LSA generation interval, 70
OSPF LSA transmission delay, 68
OSPF SPF calculation interval, 69
SPF calculation interval, 305
SPF
OSPFv3 SPF timer, 304
specifying OSPF SPF calculation interval, 69
SPF (IS-IS calculation interval), 127 split horizon configuring (RIP), 29 enabling RIP, 29 split horizon (RIPng), 288 standards
BGP, 168
OSPF, 54 state
OSPFv3, 297 enabling BGP session state change logging,
221 enabling OSPF neighbor state change logging,
73 static route bidirectional control mode, 7 configuration example (direct next hop), 12 configuration example (indirect next hop), 14 configuration guideline, 9 configuring BFD, 7 configuring FRR, 9
FRR configuration example, 17
Single-hop echo mode, 8 static routes configuration example, 10 configuration procedure, 9 static routing configuration, 6, 10 displaying, 10 maintaining, 10 static route configuration, 6 static routing, IPv6, 272 stub configuring OSPF stub area, 58 configuring stub area, 299
399
OSPF router configuration, 71
OSPF stub area configuration, 88 stub area (OSPF), 51 summarizing
BGP route summarization, 163
BGP route summarization configuration, 232 configuring BGP automatic route summarization,
182 configuring BGP manual route summarization,
182 configuring BGP route summarization, 182
OSPF ABR route summarization configuration,
62
OSPF ASBR route summarization configuration,
63
OSPF route summarization configuration, 62
OSPF summary route advertisement configuration, 85 summarizing IS-IS routes, 120 summarizing RIPng routes, 285 suppress timer (RIPng), 287 suppressing enabling BGP 4-byte AS number suppression,
208 switch
IPv6 IS-IS basic configuration (on switch), 327
IPv6 IS-IS BFD configuration (on switch), 331
IPv6 IS-IS configuration (on switch), 327
IS-IS authentication configuration (on switch),
147
IS-IS basic configuration (on switch), 135
IS-IS configuration (on switch), 135
IS-IS DIS election configuration (on switch), 140
IS-IS route redistribution configuration (on switch), 144 switch configuration (packet-type-based IPv6 PBR),
337 system ID
IS-IS, 109 mapping dynamic to host name (IS-IS), 129 mapping static to host name (IS-IS), 129 mapping to host name (IS-IS), 129 table routing, 1
TCP specifying BGP TCP connection source interface,
178 terminology (IS-IS), 108 threshold protecting an EBGP peer when memory usage reaches level 2 threshold, 215 time configuring holdtime, 205 specifying OSPF LSA arrival interval, 69 specifying OSPF LSA generation interval, 70 specifying OSPF SPF calculation interval, 69 timeout timer (RIPng), 287 timer configuring OSPF dead packet timer, 68 configuring OSPF hello packet timer, 68 configuring OSPF LSA retransmission packet timer, 68 configuring OSPF packet timer, 68 configuring OSPF poll packet timer, 68
OSPFv3 configuration, 304
OSPFv3 LSA delay timer, 304
OSPFv3 packet timer, 304
OSPFv3 SPF timer, 304
RIPng garbage-collect timer configuration, 287
RIPng suppress timer configuration, 287
RIPng timeout timer configuration, 287
RIPng update timer configuration, 287 timers adjust (RIP), 28
400 garbage-collect (RIP), 28 suppress (RIP), 28 timeout (RIP), 28 update (RIP), 28
TLV
IPv6 IS-IS basic configuration (on switch), 327
IPv6 IS-IS configuration, 324
IPv6 IS-IS configuration (on switch), 327 topology
IPv6 static routing configuration, 275 topology (IS-IS ISPF), 130 totally NSSA area (OSPF), 51 totally stub area (OSPF), 51 track static route, 6 track (PBR), 268 track and IPv6 PBR collaboration, 335 transmission configuring OSPF LSU rate, 74 specifying OSPF LSA transmission delay, 68 trapping enabling BGP trap, 220 triggering
OSPF GR, 77 troubleshooting
BGP configuration, 265
OSPF configuration, 106
OSPF incorrect routing information, 106
OSPF no neighbor relationship established, 106 tuning
BGP network, 205 optimizing RIP network, 28
OSPF network, 67
OSPFv3 network, 304 tuning IS-IS network, 123
tuning RIPng network, 287 type configuring OSPF interface broadcast network type, 60 configuring OSPF interface NBMA network type,
60 configuring OSPF interface P2MP network type,
61 configuring OSPF interface P2P network type,
62 configuring OSPF network type, 59 configuring OSPFv3 interface network type,
300 configuring OSPFv3 network type, 300
OSPF ABR Type-3 LSA filtering configuration, 64
UDP optimizing RIPng network, 287
RIPng additional routing metric configuration,
285
RIPng basic configuration, 284
RIPng basic configuration (on switch), 290
RIPng configuration, 283, 284
RIPng configuration (on switch), 290
RIPng default route advertisement, 286
RIPng GR configuration, 289
RIPng inbound/outbound route filtering configuration, 286
RIPng max number ECMP routes configuration,
289
RIPng packet zero field check configuration, 288
RIPng poison reverse configuration, 288
RIPng preference configuration, 286
RIPng route control configuration, 285
RIPng route redistribution configuration, 287
RIPng route redistribution configuration (on switch), 292
RIPng route summarization configuration, 285
RIPng split horizon configuration, 288
RIPng timer configuration, 287 tuning RIPng network, 287 unicast configuring OSPFv3 NBMA neighbor, 301 configuring OSPFv3 P2MP neighbor, 301 update
BGP interval configuration, 206 update messages (BGP), 157 update timer (RIPng), 287 value configuring BGP default MED value, 194 specifying BGP received route preferred value,
191 version enable for RIP, 23 versions
RIP, 21 virtual link
OSPF configuration, 59, 96
OSPFv3 configuration, 299 virtual links (OSPF), 50
VPN (BGP VPN instance view), 167 wide scope feature (OSPF), 48 zero
RIPv1 field check, 30
401
advertisement
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
Related manuals
advertisement