53-1003033-02 9 December, 2013 Multi-Service IronWare Routing Configuration Guide Supporting Multi-Service IronWare R05.6.
Copyright © 2013 Brocade Communications Systems, Inc. All Rights Reserved. ADX, AnyIO, Brocade, Brocade Assurance, the B-wing symbol, DCX, Fabric OS, ICX, MLX, MyBrocade, OpenScript, VCS, VDX, and Vyatta are registered trademarks, and HyperEdge, The Effortless Network, and The On-Demand Data Center are trademarks of Brocade Communications Systems, Inc., in the United States and/or in other countries. Other brands, products, or service names mentioned may be trademarks of their respective owners.
Contents About This Document Audience . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xxiii Supported hardware and software . . . . . . . . . . . . . . . . . . . . . . . . . xxiv Supported software . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xxiv Document conventions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .xxv Text formatting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
BGP router reflector . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21 Configuring BGP router reflector. . . . . . . . . . . . . . . . . . . . . . . . . 22 Disabling or re-enabling client-to-client route reflection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25 Configuring a route reflector. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25 Enabling or disabling comparison of device IDs . . . . . . . . . . . . . . . .
Using the IP default route as a valid next-hop for a BGP4 route . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 64 Enabling next-hop recursion. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 65 Modifying redistribution parameters . . . . . . . . . . . . . . . . . . . . . . . . . 67 Using a table map to set the tag value . . . . . . . . . . . . . . . . . . . . . . . 70 Changing the Keep Alive Time and Hold Time . . . . . . . . . . . . . . . . .
Displaying BGP4 information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 117 Displaying summary BGP4 information . . . . . . . . . . . . . . . . . . 117 Displaying the active BGP4 configuration . . . . . . . . . . . . . . . .120 Displaying summary neighbor information . . . . . . . . . . . . . . .120 Displaying BGP4 neighbor information. . . . . . . . . . . . . . . . . . .122 Displaying peer group information . . . . . . . . . . . . . . . . . . . . . .
Configuring OSPF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .167 Configuration rules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .167 OSPF parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .167 Enable OSPF on the router . . . . . . . . . . . . . . . . . . . . . . . . . . . .168 Assign OSPF areas . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .169 Assign a totally stubby area. . . . . . . . . . . . . .
Adding additional parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . . .196 Disabling configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .197 OSPF distribute list . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .198 Modify SPF timers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .200 Modify redistribution metric type . . . . . . . . . . . . . . . . . . . . . . .201 Modify administrative distance. . . . . . . . . . . . . . . . . . .
Chapter 3 IS-IS (IPv4) Relationship to IP route table . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .249 Intermediate systems and end systems. . . . . . . . . . . . . . . . . .249 Domain and areas . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .250 Level-1 routing and Level-2 routing . . . . . . . . . . . . . . . . . . . . .250 Neighbors and adjacencies. . . . . . . . . . . . . . . . . . . . . . . . . . . .251 Designated IS . . . . . . . . . . . . . . . . . . . . . . . . .
Configuring IS-IS point-to-point over Ethernet . . . . . . . . . . . . . . . . .275 Brocade IS-IS Router A configuration . . . . . . . . . . . . . . . . . . . .275 Brocade IS-IS Router B configuration . . . . . . . . . . . . . . . . . . . .275 Displaying IS-IS point-to-point configuration . . . . . . . . . . . . . . 276 Configuring IS-IS over a GRE IP tunnel . . . . . . . . . . . . . . . . . . . . . . 276 Configuration considerations . . . . . . . . . . . . . . . . . . . . . . . . . .
Configuring RIP parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .318 Enabling RIP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .318 Configuring metric parameters . . . . . . . . . . . . . . . . . . . . . . . . .318 Changing the administrative distance . . . . . . . . . . . . . . . . . . .319 Configuring redistribution . . . . . . . . . . . . . . . . . . . . . . . . . . . . .319 Configuring route learning and advertising parameters . . . . .
Configuring MBGP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .347 Setting the maximum number of multicast routes supported . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .347 Enabling MBGP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .348 Adding MBGP neighbors . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .349 Optional configuration tasks . . . . . . . . . . . . . . . . . . . . . . . . . . .
Chapter 9 Management VRF Management VRF overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .395 Source interface and management VRF compatibility . . . . . .396 Supported management applications . . . . . . . . . . . . . . . . . . .396 Configuring a global management VRF . . . . . . . . . . . . . . . . . . . . . .399 Configuration notes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
ECMP load sharing for IPv6 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .429 Disabling or re-enabling ECMP load sharing for IPv6 . . . . . . .429 Changing the maximum number of load sharing paths for IPv6 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .430 DHCP relay agent for IPv6 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .430 DHCPv6 Relay Agent Prefix Delegation Notification . . . . . . . .430 Configuring DHCP for IPv6 relay agent . . . . . .
Limiting the number of hops an IPv6 packet can traverse . . . . . .458 QoS for IPv6 traffic . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .458 Configuring the rate limit for IPv6 subnet traffic. . . . . . . . . . . . . . .459 Clearing global IPv6 information . . . . . . . . . . . . . . . . . . . . . . . . . . .459 Clearing the IPv6 cache. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .459 Clearing IPv6 neighbor information . . . . . . . . . . . . . . . . . . . . .
Using the IPv6 ncopy command. . . . . . . . . . . . . . . . . . . . . . . . . . . .500 Copying a primary or secondary boot image from flash memory to an IPv6 TFTP server. . . . . . . . . . . . . . . . . . . .500 Copying the running or startup configuration to an IPv6 TFTP server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .501 Uploading files from an IPv6 TFTP server . . . . . . . . . . . . . . . .501 Using the IPv6 ping command . . . . . . . . . . . . . . . . . . . . . . . . . . .
Displaying BGP4+ information . . . . . . . . . . . . . . . . . . . . . . . . . . . . .531 Displaying the BGP4+ route table. . . . . . . . . . . . . . . . . . . . . . .531 Displaying BGP4+ route information . . . . . . . . . . . . . . . . . . . .537 Displaying BGP4+ route-attribute entries. . . . . . . . . . . . . . . . .538 Displaying the BGP4+ running configuration. . . . . . . . . . . . . .540 Displaying dampened BGP4+ paths. . . . . . . . . . . . . . . . . . . . .
Displaying OSPFv3 information . . . . . . . . . . . . . . . . . . . . . . . . . . . .668 General OSPF configuration information . . . . . . . . . . . . . . . . .669 Displaying OSPFv3 area information . . . . . . . . . . . . . . . . . . . .669 Displaying OSPFv3 database information . . . . . . . . . . . . . . . .670 Displaying IPv6 interface information. . . . . . . . . . . . . . . . . . . .676 Displaying IPv6 OSPFv3 interface information . . . . . . . . . . . .677 Displaying OSPFv3 memory usage . . . . . .
Configuring IPv6 specific address family route parameters . . . . . 715 Changing the maximum number of load sharing paths . . . . . 715 Enabling advertisement of a default route . . . . . . . . . . . . . . . 715 Changing the administrative distance for IPv6 IS-IS . . . . . . . . 716 Configuring summary prefixes . . . . . . . . . . . . . . . . . . . . . . . . . 717 Redistributing routes into IPv6 IS-IS . . . . . . . . . . . . . . . . . . . . . 717 Changing the default redistribution metric . . . . . . . . .
Chapter 18 RIPng (IPv6) Configuring RIPng . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .750 Enabling RIPng . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .750 Configuring RIPng timers. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .751 Configuring route learning and advertising parameters . . . . .752 Redistributing routes into RIPng . . . . . . . . . . . . . . . . . . . . . . . .753 Controlling distribution of routes through RIPng . . . .
Chapter 20 VRRP and VRRP-E Overview of VRRP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 774 Standard VRRP. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 774 Enhancements to VRRP. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .777 Overview of VRRP-E. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .782 ARP behavior with VRRP-E. . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Configuration examples . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .809 VRRP example for IPv4 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .809 VRRP example for IPv6 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .810 VRRP-E example for IPv4 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .812 VRRP-E example for IPv6 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .813 VRRP-E Extension for Server Virtualization . . . . . . . . . . . . . .
About This Document Audience This document is designed for system administrators with a working knowledge of Layer 2 and Layer 3 switching and routing. If you are using a Brocade device, you should be familiar with the following protocols if applicable to your network – IP, RIP, OSPF, BGP, ISIS, IGMP, PIM, MPLS, and VRRP.
Supported hardware and software The following hardware platforms are supported by this release of this guide: TABLE 1 Supported devices Brocade NetIron XMR Series Brocade MLX Series NetIron CES 2000 and NetIron CER 2000 Series Brocade NetIron XMR 4000 Brocade MLX-4 Brocade NetIron CES 2024C Brocade NetIron XMR 8000 Brocade MLX-8 Brocade NetIron CES 2024F Brocade NetIron XMR 16000 Brocade MLX-16 Brocade NetIron CES 2048C Brocade NetIron XMR 32000 Brocade MLX-32 Brocade NetIron CES 2048CX Br
Document conventions This section describes text formatting conventions and important notice formats used in this document.
Notice to the reader This document may contain references to the trademarks of the following corporations. These trademarks are the properties of their respective companies and corporations. These references are made for informational purposes only.
Getting technical help or reporting errors To contact Technical Support, go to http://www.brocade.com/services-support/index.page for the latest e-mail and telephone contact information.
xxviii Multi-Service IronWare Routing Configuration Guide 53-1003033-02
Chapter 1 BGP (IPv4) Table 2 displays the individual devices and the BGP4 features they support.
BGP (IPv4) TABLE 2 2 Supported BGP4 features (Continued) Features supported Brocade NetIron XMR Series Brocade MLX Series Brocade NetIron CES 2000 Series BASE package Brocade NetIron CES 2000 Series ME_PREM package Brocade NetIron CES 2000 Series L3_PREM package Brocade NetIron CER 2000 Series Base package Brocade NetIron CER 2000 Series Advanced Services package Enhanced per-neighbor debug statements and new per-neighbor BGP4 debug filters Yes Yes No No No No No BGP4 Peer Notification D
BGP (IPv4) TABLE 2 Supported BGP4 features (Continued) Features supported Brocade NetIron XMR Series Brocade MLX Series Brocade NetIron CES 2000 Series BASE package Brocade NetIron CES 2000 Series ME_PREM package Brocade NetIron CES 2000 Series L3_PREM package Brocade NetIron CER 2000 Series Base package Brocade NetIron CER 2000 Series Advanced Services package BGP4 Processing Optimization for Administrativel y Down Peers Yes Yes No No Yes Yes Yes BGP4 Outbound Policy Processing Optimizat
Overview of BGP4 Overview of BGP4 BGP4 is the standard Exterior Gateway Protocol (EGP) used on the Internet to route traffic between Autonomous Systems (AS) and to maintain loop-free routing. An autonomous system is a collection of networks that share the same routing and administration characteristics. For example, a corporate Intranet consisting of several networks under common administrative control might be considered an AS.
Overview of BGP4 NOTE If IP load sharing is enabled and you enable multiple equal-cost paths for BGP4, BGP4 can select more than one equal-cost path to a destination. A BGP4 route consists of the following information: • Network number (prefix) – A value comprised of the network mask bits and an IP address (IP address/ mask bits); for example, 10.215.129.0/18 indicates a network mask of 18 bits applied to the IP address 10.215.129.0.
Overview of BGP4 4. Prefer the route that was originated locally (by this device). 5. If the local preferences are the same, prefer the path with the shortest AS-path. An AS-SET counts as 1. A confederation path length, if present, is not counted as part of the path length. NOTE This step can be skipped if BGP4-as-path-ignore is configured. 6. If the AS-path lengths are the same, prefer the path with the lowest origin type. From low to high, route origin types are valued as follows: • IGP is lowest.
Overview of BGP4 NOTE The device supports BGP4 load sharing among multiple equal-cost paths. BGP4 load sharing enables the device to balance traffic across the multiple paths instead of choosing just one path based on device ID. For EBGP routes, load sharing applies only when the paths are from neighbors within the same remote AS. EBGP paths from neighbors in different ASs are not compared, unless multipath multi-as is enabled. 11.
Overview of BGP4 • BGP4 Identifier – The device ID. The BGP4 Identifier (device ID) identifies the BGP4 device to other BGP4 devices. The device use the same device ID for OSPF and BGP4. If you do not set a device ID, the software uses the IP address on the lowest numbered loopback interface configured on the device. If the device does not have a loopback interface, the default device ID is the lowest numbered IP address configured on the device.
Implementation of BGP4 NOTIFICATION message When you close the BGP4 session with a neighbor, the device detects an error in a message received from the neighbor, or an error occurs on the device, the device sends a NOTIFICATION message to the neighbor. No further communication takes place between the BGP4 device that sent the NOTIFICATION and the neighbors that received the NOTIFICATION. REFRESH message BGP4 sends a REFRESH message to a neighbor to request that the neighbor resend route updates.
BGP4 Restart Grouping of RIB-out peers To improve efficiency in the calculation of outbound route filters, the device groups BGP4 peers together based on their outbound policies. To reduce RIB-out memory usage, the device then groups the peers within an outbound policy group according to their RIB-out routes. All peers sharing a single RIB-out route (up to 32 peers per group) also share a single physical RIB-out entry, resulting in as much as a 30-fold memory usage reduction.
BGP4 Restart BGP4 Peer notification during a management module switchover The BGP4 Peer notification process restores BGP4 adjacency quickly and allows packet forwarding between the newly active management module and the BGP4 peers. The handling of TCP packets with an MD5 digest prevents the silent dropping of TCP packets without triggering a RESET packet.
BGP4 Restart If the active management module fails due to a fault, the management module does not have the opportunity to reset BGP4 sessions with neighbors as described for intentional failovers, and illustrated in Figure 2. In this situation the management module will reboot, or the standby management module becomes the new active management module.
BGP4 Restart FIGURE 4 Example of Local AS configured on ISP-B A Local AS is configured using the BGP4 neighbor command, as described in “Configuring BGP4 neighbors” on page 47. To confirm that a Local AS has been configured use the show ip bgp neighbors command, as described in “Displaying BGP4 neighbor information” on page 122. BGP4 null0 routing BGP4 considers the null0 route in the routing table (for example, static route) as a valid route, and can use the null0 route to resolve the next hop.
Configuring BGP4 Figure 5 shows a topology for a null0 routing application example. FIGURE 5 SAMPLE null0 routing application Refer to “Configuring BGP4 null0 routing” on page 112 for an example of how to configure a null0 routing application to stop denial of service attacks from remote hosts on the Internet. Configuring BGP4 Once you activate BGP4, you can configure the BGP4 options. There are two configuration levels: global and address family.
Configuring BGP4 Table 3 shows the commands that are available at the various BGP4 configuration levels.
Configuring BGP4 TABLE 3 IPv4 BGP4 commands for different configuration levels (Continued) Command Global (iPv4 and IPv6) IPv4 address IPv4 address family unicast family multicast log-dampening-debug x maxas-limit x maximum-paths x med-missing-as-worst “Configuring BGP4 multipath load sharing” on page 43 x “Configuring paths without MEDs as the least favorable” on page 46 multipath x next-hop-mpls x neighbor “Configuring paths without MEDs as the least favorable” on page 46 x x “Conf
Configuring BGP4 • • • • • • • • • • • • • • Enable or disable MED (metric) comparison. Require the first AS in an update from an EBGP neighbor to be the neighbor AS. Change MED comparison parameters. Disable comparison of the AS-Path length. Enable comparison of the device ID. Enable next-hop recursion. Change the default metric. Disable or re-enable route reflection. Configure confederation parameters. Disable or re-enable load sharing. Change the maximum number of load sharing paths.
Enabling and disabling BGP4 Enabling and disabling BGP4 BGP4 is disabled by default. To enable BGP4, you must perform the following steps. 1. Enable the BGP4 protocol. 2. Set the local AS number. NOTE BGP4 is not functional until you specify the local AS number. 3. Add each BGP4 neighbor (peer BGP4 device) and identify the AS the neighbor is in. 4. Save the BGP4 configuration information to the system configuration file. For example, enter commands such as the following.
Entering and exiting the address family configuration level If you are testing a BGP4 configuration and may need to disable and re-enable the protocol, you should make a backup copy of the startup configuration file containing the BGP4 configuration information. If you remove the configuration information by saving the configuration after disabling the protocol, you can restore the BGP4 configuration by copying the backup copy of the startup configuration file onto the flash memory.
Configuring the device to always compare Multi-Exit Discriminators The ip-addr and ip-mask parameters specify the aggregate value for the networks. Specify 0 for the host portion and for the network portion that differs among the networks in the aggregate. For example, to aggregate 10.0.1.0/24, 10.0.2.0/24, and 10.0.3.0/24, enter the IP address 10.0.0.0 and the network mask 255.255.0.0.
Disabling or re-enabling comparison of the AS-Path length Syntax: [no] always-compare-med The following BGP4 command directs BGP4 to take the MED value into consideration even if the route has an empty as-path path attribute. Brocade(config)# router bgp Brocade(config-bgp-router)# compare-med-empty-aspath Syntax: [no] compare-med-empty-aspath Disabling or re-enabling comparison of the AS-Path length AS-Path comparison is Step 5 in the algorithm that BGP4 uses to select the next path for a route.
BGP router reflector However, in certain configurations it is possible that the total number of preferred BGP4 routes may exceed the RTM route table size limit. Therefore, some preferred BGP4 routes may not be installed in the RTM, and the BGP router is not able to forward traffic correctly for those BGP4 routes. Those BGP4 routes are not considered as the best BGP4 routes, and are not advertised to other BGP4 neighbors because traffic miss-forwarding or packet drop can occur.
BGP router reflector 3. Enter the rib-route-limit command to set the maximum number of BGP4 rib routes that can be installed in the RTM. Brocade(config-bgp)#rib-route-limit 500 Syntax: rib-route-limit decimal The decimal variable specifies the maximum number of BGP4 rib routes that can be installed in the RTM. The user may enter any number for the decimal variable for the rib-route-limit command. By default, there is no limit.
BGP router reflector Brocade(config-bgp)# show ip bgp route Total number of BGP Routes: 333422 Status A:AGGREGATE B:BEST b:NOT-INSTALLED-BEST C:CONFED_EBGP D:DAMPED E:EBGP H:HISTORY I:IBGP L:LOCAL M:MULTIPATH m:NOT-INSTALLED-MULTIPATH S:SUPPRESSED F:FILTERED s:STALE Prefix Next Hop MED LocPrf Weight Status …5 10.12.0.0/24 10.100.100.
Disabling or re-enabling client-to-client route reflection always-propagate command, the router is now able to advertise those preferred BGP4 routes to other BGP4 neighbors. In the following example, the Status field displays “bE” indicating that the route is now considered the best BGP4 route for forwarding and will be advertised to other BGP4 neighbors. Brocade(config-bgp)# show ip bgp route 10.12.0.
Enabling or disabling comparison of device IDs NOTE If the cluster contains more than one route reflector, you need to configure the same cluster ID on all the route reflectors in the cluster. The cluster ID helps route reflectors avoid loops within the cluster. Enabling or disabling comparison of device IDs Device ID comparison is Step 11 in the algorithm BGP4 uses to select the next path for a route. NOTE Comparison of device IDs is applicable only when BGP4 load sharing is disabled.
Configuring confederations To configure a confederation, configure groups of BGP4 devices into sub-ASs. A sub-AS is simply an AS. The term “sub-AS” distinguishes ASs within a confederation from ASs that are not in a confederation. For the viewpoint of remote ASs, the confederation ID is the AS ID. Remote ASs do not know that the AS represents multiple sub-ASs with unique AS IDs. NOTE You can use any valid AS numbers for the sub-ASs.
Configuring confederations • Configure the local AS number. The local AS number indicates membership in a sub-AS. All BGP4 devices with the same local AS number are members of the same sub-AS. BGP4 devices use the local AS number when communicating with other BGP4 devices in the confederation. • Configure the confederation ID. The confederation ID is the AS number by which BGP4 devices outside the confederation recognize the confederation.
Four-byte Autonomous System Numbers (AS4) Commands for Device C BrocadeC(config)# router bgp BrocadeC(config-bgp)# local-as 64513 BrocadeC(config-bgp)# confederation identifier 10 BrocadeC(config-bgp)# confederation peers 64512 64513 BrocadeC(config-bgp)# write memory Commands for Device D BrocadeD(config)# router bgp BrocadeD(config-bgp)# local-as 64513 BrocadeD(config-bgp)# confederation identifier 10 BrocadeD(config-bgp)# confederation peers 64512 64513 BrocadeD(config-bgp)# write memory Four-byte Aut
Four-byte Autonomous System Numbers (AS4) Normally, AS4s are sent only to a device, peer group, or neighbor that is similarly configured for AS4s. If a AS4 is configured for a local-AS, the system signals this configuration by sending AS_TRANS in the My Autonomous System field of the OPEN message. However, if the AS4 capability for a neighbor is disabled, the local device does not send the four-octet Autonomous System number capability to the neighbor.
Four-byte Autonomous System Numbers (AS4) The no form of the neighbor command with the capability as4 keywords deletes the neighbor-enable for AS4s. The consequences of using the enable or disable keywords are reflected in the output of the show running configuration command. However, if the neighbor configuration omits an explicit AS4 argument, the show running configuration output will not contain AS4 information.
Four-byte Autonomous System Numbers (AS4) You can specify a route target (rt) or a site of origin (soo) for an extended community, as shown in the following example. Brocade(config-routemap test)# set extcommunity rt 7701000:10 Syntax: [no] set extcommunity rt asn:nn | ip-address:nn | soo asn:nn | ip-address:nn The rt keyword specifies a route target in the form of a route ID. The route ID can be an ASN or IP address. The second part of the route ID is a user-specific numeric variable nn.
Four-byte Autonomous System Numbers (AS4) NOTE Use soft-outbound only if the outbound policy is changed. The soft-outbound parameter updates all outbound routes by applying the new or changed filters. However, the device sends to the neighbor only the existing routes that are affected by the new or changed filters.
BGP4 AS4 attribute errors To specify asdot notation before displaying IP BGP4 information, use the as-format command. Brocade(config)# as-format asdot Brocade(config)# show ip bgp Total number of BGP Routes: 1 Status codes: s suppressed, d damped, h history, * valid, > best, i internal, S stale Origin codes: i - IGP, e - EGP, ? - incomplete Network Next Hop Metric LocPrf Weight Path *> 10.1.1.0/24 192.168.1.5 1 100 0 1.24464 100 200 65535 1.0 1.1 1.2 1.3 1.
Specifying a maximum AS path length Attribute flag error (ignore the AS4_PATH) SYSLOG: Sep 9 19:02:03:<11>mu2, BGP: From Peer 192.168.1.1 received invalid AS4_PATH attribute flag (0x40) - entire AS4_PATH ignored Confederation segments after AS_SEQ/AS_SET (ignore the AS4_PATH) SYSLOG: Sep 9 19:02:03:<11>mu2, BGP: From Peer 192.168.1.
BGP4 max-as error messages In a case where a neighbor has no maximum AS limit, a peer group has a value of 3 configured, and the system has a value of 9 configured, all of the routers in the peer group will only use the peer group value; the global value will never be used. Setting a global maximum AS path limit The syntax for the global maximum AS path limit command is: [no] maxas-limit in num The maxas-limit keyword specifies the limit on the AS numbers in the as-path attribute.
Configuring route flap dampening H= AS_CONFED_SET(4) 1 2 3 AS_CONFED_SEQUENCE(3) 4 AS_SET(1) 5 6 7 AS_SEQ(2) 8 9 attribute length (9) Exceeded internal memory limit NOTE The router generates a log message one time every two minutes. Because of this rate limit, it is possible that some errors might not appear in the log. In this case, you can use the debug ip bgp events command to view errors pertaining to the maxas-limit value and the actual AS path attributes received.
Originating the default route Originating the default route By default, the device does not originate and advertise a default route using BGP4. A BGP4 default route is the IP address 0.0.0.0 and the route prefix 0 or network mask 0.0.0.0. For example, 0.0.0.0/0 is a default route. NOTE The device checks for the existence of an IGP route for 0.0.0.0/0 in the IP route table before creating a local BGP4 route for 0.0.0.0/0.
Changing the default metric used for redistribution Changing the default metric used for redistribution The device can redistribute directly connected routes, static IP routes, RIP routes, IS-IS routes, and OSPF routes into BGP4. By default, BGP4 uses zero (0) for direct connected routes and the metric (MED) value of IGP routes in the IP route table. The MED is a global parameter that specifies the cost that will be applied to all routes, if assigned, when they are redistributed into BGP4.
Requiring the first AS to be the neighbor AS When selecting a route from among different sources (BGP4, OSPF, RIP, IS-IS, static routes, and so on), the software compares the routes on the basis of the administrative distance for each route. If the administrative distance of the paths is lower than the administrative distance of paths from other sources (such as static IP routes, RIP, or OSPF), the BGP4 paths are installed in the IP route table.
Requiring the first AS to be the neighbor AS When you configure the device to require that the AS an EBGP neighbor is in be the same as the first AS in the AS_SEQUENCE field of an update from the neighbor, the device accepts the update only if the AS numbers match. If the AS numbers do not match, the device sends a notification message to the neighbor and closes the session. The requirement applies to all updates received from EBGP neighbors.
Enabling fast external fallover Enabling fast external fallover BGP4 devices rely on KEEPALIVE and UPDATE messages from neighbors to signify that the neighbors are alive. For BGP4 neighbors that are two or more hops away, such messages are the only indication that the BGP4 protocol has concerning the alive state of the neighbors.
Configuring BGP4 multipath load sharing The local-as command is available under the “global BGP” CLI level and “address- family ipv4 unicast vrf” CLI level. To set the local as number for a VRF, enter commands such as the following. Brocade(config-bgp)#address-family ipv4 unicast vrf vrf-name Brocade(config-bgp)#local-as num Syntax: [no] local-as num The num parameter specifies a local AS number in the range 1 – 4294967295. It has no default.
Configuring BGP4 multipath load sharing Syntax: [no] maximum-paths number | use-load-sharing The number parameter specifies the maximum number of paths across which the device can balance traffic to a given BGP4 destination. The number value range is 2 to 32 and the default is 1. NOTE The maximum number of paths supported by the BR-MLX-10Gx24-DM module is 16.
Configuring a static BGP4 network The number variable specifies the number of equal-cost multipath IBGP routes that will be selected. The range is 2 to 32. If the value is set to 1, BGP4 level equal-cost multipath is disabled for IBGP routes. To set the number of equal-cost multipath EBGP routes or paths that will be selected, enter commands such as the following.
Configuring paths without MEDs as the least favorable Brocade(config)# router bgp Brocade(config-bgp)# static-network 10.157.22.26/16 distance 100 Syntax: [no] static-network ipAddressPrefix/mask distance distance-value The ipAddress/mask variable is the IPv4 address prefix and mask of the static BGP4 network for which you are setting an administrative distance. The distance-value sets the administrative distance of the static BGP4 network route. The range for this value is 1 – 255.
Configuring BGP4 neighbors Configuring BGP4 neighbors Because BGP4 does not contain a peer discovery process, for each BGP4 neighbor (peer), you must indicate the IP address and the AS number of each neighbor. Neighbors that are in different ASs communicate using EBGP. Neighbors within the same AS communicate using IBGP. NOTE If the device has multiple neighbors with similar attributes, you can simplify configuration by configuring a peer group, then adding individual neighbors to it.
Configuring BGP4 neighbors [route-map in | out map-name] [route-reflector-client] [send-community] [shutdown [generate-rib-out] ] [soft-reconfiguration inbound] [static-network-edge] [timers keep-alive num hold-time num] [unsuppress-map map-name] [update-source ip-addr | ethernet slot/portnum | loopback num | ve num] [weight num] [send-label] } The ip-addr | peer-group-name parameter indicates whether you are configuring an individual neighbor or a peer group.
Configuring BGP4 neighbors distribute-list in | out num,num,... specifies a distribute list to be applied to updates to or from the specified neighbor. The in | out keywords specify whether the list is applied on updates received from the neighbor, or sent to the neighbor. The num,num,... parameter specifies the list of address-list filters. The device applies the filters in the order in which you list them and stops applying the filters in the distribute list when a match is found.
Configuring BGP4 neighbors maxas-limit in num |disable specifies that the router discard routes that exceed a maximum AS path length received in UPDATE messages. You can specify a value from 0 – 300. The default value is 300. The disable keyword is used to stop a neighbor from inheriting the configuration from the peer-group or global and to the use system default value.
Configuring BGP4 neighbors remove-private-as configures the device to remove private AS numbers from update messages the device sends to this neighbor. The device will remove AS numbers 64512 – 65535 (the well-known BGP4 private AS numbers) from the AS-path attribute in update messages the device sends to the neighbor. This option is disabled by default. route-map in | out map-name specifies a route map the device will apply to updates sent to or received from the specified neighbor.
Configuring BGP4 neighbors Auto shutdown of BGP4 neighbors on initial configuration You can use the global auto-shutdown-new-neighbors command within the router bgp configuration to disable establishment of the BGP4 connection with a remote peer when the peer is first configured, as follows.
Configuring BGP4 neighbors Removing route dampening from suppressed routes You can selectively unsuppress specific routes that have been suppressed due to aggregation, and allow these routes to be advertised to a specific neighbor or peer group. Brocade(config-bgp)# aggregate-address 10.1.0.0 255.255.0.0 summary-only Brocade(config-bgp)# show ip bgp route 10.1.0.
Configuring BGP4 neighbors Brocade(config-bgp)# show ip bgp route 10.1.44.0/24 Number of BGP Routes matching display condition : 1 Status A:AGGREGATE B:BEST b:NOT-INSTALLED-BEST C:CONFED_EBGP D:DAMPED E:EBGP H:HISTORY I:IBGP L:LOCAL M:MULTIPATH S:SUPPRESSED F:FILTERED Prefix Next Hop MED LocPrf Weight Status 1 10.1.44.0/24 10.2.0.1 1 101 32768 BLS AS_PATH: Route is advertised to 1 peers: 10.1.0.
Configuring BGP4 neighbors The BGP4 configuration commands appear in the following format as a result of the show ip bgp configuration command. Brocade(config-bgp)# show ip bgp configuration Current BGP configuration: router bgp local-as 2 neighbor xyz peer-group neighbor xyz password 2 $b24tbw== neighbor 10.10.200.102 peer-group xyz neighbor 10.10.200.102 remote-as 1 neighbor 10.10.200.
Configuring BGP4 neighbors Advertising IPv4 routes between IPv6 BGP peers This feature transports IPv6 routes over an IPv4 BGP session. If you have an existing IPv4 BGP mesh, you can use it to transport IPv6 routes instead of creating a new IPv6 BGP mesh. First, configure peering using the IPv4 addresses under IPv6 address family, i.e enabling the IPv6 address family for the IPv4 neighbor.
Configuring BGP4 neighbors Configuring BGP IPv6 over BGP IPv4 neighbor settings Use the neighbor command in the bgp ipv6 unicast address family level to configure various BGP IPv6 over IPv4 neighbor settings. Syntax: neighbor x.x.x.x [activate] [allowas-in] [capability] [filter-list] [maximum-prefix] [peer-group] [prefix-list] [remote-as] [route-map] [route-reflector-client] [send-community] [unsuppress-map] [weight] The x.x.x.x parameter is the IP address in the x.x.x.x format.
Configuring BGP4 neighbors To display IPv6 unicast router information with respect to the IPv4 neighbor, enter the show ip bgp ipv6 neighbors command: R1(config-bgp)#show ip bgp ipv6 neighbors Total number of BGP Neighbors: 1 1 IP Address: 192.168.1.2, AS: 2 (EBGP), RouterID: 10.1.1.2, VRF: default-vrf State: ESTABLISHED, Time: 0h8m33s, KeepAliveTime: 60, HoldTime: 180 KeepAliveTimer Expire in 17 seconds, HoldTimer Expire in 135 seconds UpdateSource: Loopback 1 RefreshCapability: Received …….
Configuring BGP4 neighbors To display IPv6 multicast route information with respect to IPv4 neighbors, enter the show ip mbgp ipv6 neighbors command. Syntax: show ip mbgp ipv6 neighbors [summary] [last-packet-with-error] [routes-summary] [x.x.x.x] The summary parameter displays a summary of BGP neighbor status. The last-packet-with-error parameter displays the last packet received with error. The routes-summary parameter displays routes summary for a neighbor. The x.x.x.
Configuring a BGP4 peer group The neighbor parameter has the following sub-parameters: as number identifies neighbors with the specified AS number, 1-4294967295 A.B.C.D identifies the neighbor IP address peer group name clears the peer group name identified using ASCII string all clears all BGP neighbors To clear IPv6 multicast route information with respect to IPv4 neighbor, enter the clear ip mbgp ipv6 neighbor command. Syntax: clear ip mgbp ipv6 [neighbor as number] | [A.B.C.
Configuring a BGP4 peer group • If you remove a parameter from a peer group, the value for that parameter is reset to the default for all the neighbors within the peer group, unless you have explicitly set that parameter on individual neighbors. In this case, the value you set on the individual neighbors applies to those neighbors, while the default value applies to neighbors for which you have not explicitly set the value.
Configuring a BGP4 peer group Syntax: [no] neighbor ip-addr |peer-group-name [default-originate [route-map map-name]] [description string] [distribute-list in | out num,num,... | acl-num in | out] [ebgp-multihop [num]] [filter-list in | out num,num,...
Administratively shutting down a session with a BGP4 neighbor NOTE You must add the peer group before you can add neighbors to it. Administratively shutting down a session with a BGP4 neighbor You can prevent the device from starting a BGP4 session with a neighbor by administratively shutting down the neighbor. This option is very useful for situations in which you want to configure parameters for a neighbor, but are not ready to use the neighbor.
Using the IP default route as a valid next-hop for a BGP4 route The route-map map-name parameter specifies the name of the route map you want to use to set or change BGP4 attributes for the network you are advertising. The route map must already be configured. If it is not, the default action is to deny redistribution. The weight num parameter specifies a weight to be added to routes to this network.
Enabling next-hop recursion Enabling next-hop recursion For each BGP4 route learned, the device performs a route lookup to obtain the IP address of the next-hop for the route. A BGP4 route is eligible for addition in the IP route table only if the following conditions are true: • The lookup succeeds in obtaining a valid next-hop IP address for the route. • The path to the next-hop IP address is an IGP path or a static route path.
Enabling next-hop recursion Brocade# show ip bgp route Total number of BGP Routes: 5 Status A:AGGREGATE B:BEST b:NOT-INSTALLED-BEST C:CONFED_EBGP D:DAMPED H:HISTORY I:IBGP L:LOCAL M:MULTIPATH S:SUPPRESSED Prefix Next Hop MED LocPrf Weight Status 1 0.0.0.0/0 10.1.0.2 0 100 0 BI AS_PATH: 65001 4355 701 80 2 10.10.0.0/24 10.0.0.1 1 100 0 BI AS_PATH: 65001 4355 1 3 10.40.0.0/24 10.1.0.2 0 100 0 BI AS_PATH: 65001 4355 701 1 189 4 10.0.0.0/24 10.0.0.1 1 100 0 I AS_PATH: 65001 4355 3356 7170 1455 5 10.25.0.
Modifying redistribution parameters The first lookup results in an IBGP route, to network 10.0.0.0/24. Brocade# show ip route 10.0.0.1 Total number of IP routes: 38 Network Address Gateway 10.0.0.0 10.0.0.1 AS_PATH: 65001 4355 1 Port 1/1 Cost 1 Type B Since the route to 10.0.0.1/24 is not an IGP route, the device cannot reach the next hop through IP, and so cannot use the BGP4 route.
Modifying redistribution parameters Brocade(config)# router bgp Brocade(config-bgp)# redistribute ospf Brocade(config-bgp)# redistribute connected Brocade(config-bgp)# write memory Syntax: [no] redistribute connected | ospf | rip | isis | static The connected parameter indicates that you are redistributing routes to directly attached devices into BGP4. The ospf parameter indicates that you are redistributing OSPF routes into BGP4. NOTE Entering redistribute ospf simply redistributes internal OSPF routes.
Modifying redistribution parameters NOTE The route map you specify must already be configured on the device. Refer to “Defining route maps” on page 81 for information about defining route maps. Redistributing OSPF external routes To configure the device to redistribute OSPF external type 1 routes, enter the following command.
Using a table map to set the tag value The route-map map-name parameter specifies a route map to be consulted before adding the OSPF route to the BGP4 route table. Redistributing static routes To configure the device to redistribute static routes, enter the following command. Brocade(config-bgp)# redistribute static Syntax: [no] redistribute static [metric num] [route-map map-name] The static parameter indicates that you are redistributing static routes into BGP4.
Changing the Keep Alive Time and Hold Time Changing the Keep Alive Time and Hold Time The Keep Alive Time specifies how frequently the device will send KEEPALIVE messages to its BGP4 neighbors. The Hold Time specifies how long the device will wait for a KEEPALIVE or UPDATE message from a neighbor before concluding that the neighbor is dead. When the device concludes that a BGP4 neighbor is dead, the device ends the BGP4 session and closes the TCP connection to the neighbor.
Adding a loopback interface • If the device has loopback interfaces, the default device ID is the IP address on the lowest numbered loopback interface configured on the device. For example, if you configure loopback interfaces 1, 2, and 3 as follows, the default device ID is 10.9.9.9/24: - Loopback interface 1, 10.9.9.9/24 Loopback interface 2, 10.4.4.4/24 Loopback interface 3, 10.1.1.
Changing the maximum number of paths for BGP4 load sharing Changing the maximum number of paths for BGP4 load sharing Load sharing enables the device to balance traffic to a route across multiple equal-cost paths of the same route type (EBGP or IBGP). To configure the device to perform BGP4 load sharing: • Enable IP load sharing if it is disabled. • Set the maximum number of BGP4 load sharing paths. The default maximum number is 1, which means no BGP4 load sharing takes place by default.
Configuring route reflection parameters NOTE If the cluster contains more than one route reflector, you need to configure the same cluster ID on all the route reflectors in the cluster. The cluster ID helps route reflectors avoid loops within the cluster. • A route reflector is an IGP device configured to send BGP4 route information to all the clients (other BGP4 devices) within the cluster.
Configuring route reflection parameters Support for RFC 4456 Route reflection is based on RFC 4456. This updated RFC helps eliminate routing loops that are possible in some implementations of the older specification, RFC 1966. These instances include: • The device adds the route reflection attributes only if it is a route reflector, and only when advertising IBGP route information to other IBGP neighbors. The attributes are not used when communicating with EBGP neighbors.
Filtering Filtering This section describes how to configure filters for AS-paths, communities, and other BGP4 attributes. Filtering AS-paths You can filter updates received from BGP4 neighbors based on the contents of the AS-path list accompanying the updates. For example, to deny routes that have the AS 10.3.2.1 in the AS-path from entering the BGP4 route table, you can define a filter.
Filtering The regular-expression parameter specifies the AS path information you want to permit or deny to routes that match any of the match clauses within the ACL. You can enter a specific AS number or use a regular expression. The neighbor command uses the filter-list parameter to apply the AS-path ACL to the neighbor. Refer to “Configuring BGP4 neighbors” on page 47 and “Configuring a BGP4 peer group” on page 60.
Filtering TABLE 4 BGP4 special characters for regular expressions (Continued) Character Operation $ A dollar sign matches on the end of an input string.
Filtering A community is an optional attribute that identifies the route as a member of a user-defined class of routes. Community names are arbitrary values made of two five-digit integers joined by a colon. You determine what the name means when you create the community name as a route attribute. Each string in the community name can be a number from 0 – 65535. This format allows you to easily classify community names.
Filtering The deny | permit parameters specify the action the software takes if a route community list matches a match clause in this ACL. To configure the community-list match clauses in a route map, use the match community command. Refer to “Matching based on community ACL” on page 85. The community-num parameter specifies the community type or community number.
Filtering The network-addr/mask-bits parameters specify the network number and the number of bits in the network mask. You can specify a range of prefix length for prefixes that are more specific than network-addr/mask-bits. The prefix-list matches only on this network unless you use the ge ge-value or le le-value parameters. • If you specify only ge ge-value, the mask-length range is from ge-value to 32. • If you specify only le le-value, the mask-length range is from length to le-value.
Filtering • If the route map contains a deny action, a route that matches a match statement is denied. • If a route does not match any match statements in the route map, the route is denied. This is the default action. To change the default action, configure the last match statement in the last instance of the route map to permit any any. • If there is no match statement, the software considers the route to be a match.
Filtering Entering the route map into the software To add instance 1 of a route map named “GET_ONE” with a permit action, enter the following command. Brocade(config)# route-map GET_ONE permit 1 Brocade(config-routemap GET_ONE)# Syntax: [no] route-map map-name permit | deny num As shown in this example, the command prompt changes to the route map level. You can enter the match and set clauses at this level.
Filtering Specifying the match conditions Use the following command to define the match conditions for instance 1 of the route map GET_ONE. This instance compares the route updates against BGP4 address filter 11.
Filtering The protocol bgp external parameter matches on eBGP (external) routes. The protocol bgp internal parameter matches on iBGP (internal) routes. The following sections contain examples of how to configure route maps that include match statements that match on ACLs. Matching based on AS-path ACL To construct a route map that matches based on AS-path ACL 1, enter the following commands.
Filtering The ACL-name-or-num parameter with the first command specifies an IP ACL and can be a number from 1 – 199 or the ACL name if it is a named ACL. Multiple ACLs may be added when separated by spaces. To configure an IP ACL, use the ip access-list or access-list command. The name parameter with the second command specifies an IP prefix list name. To configure an IP prefix list, refer to “Defining and applying IP prefix lists” on page 80.
Filtering The first command configures a community ACL that contains community number 12:34 and community name no-export. The remaining commands configure a route map that matches the community attributes field in BGP4 routes against the set of communities in the ACL. A route matches the route map only if the route contains all the communities in the ACL and no other communities. Syntax: [no] match community acl exact-match The acl parameter specifies the name of a community list ACL.
Filtering • The match interface option can be applied to other types of redistribution such as redistributing OSPF routes to BGP4, or filtering out all OSPF routes that point to a specific interface. To configure the match-interface option, use the following command. Brocade(config)# route-map test-route permit 99 Brocade(config-routemap test-route)# match interface ethernet 1/1 eth 3/2 Brocade(config-routemap test-route)# exit Syntax: [no] match interface interface interface...
Filtering The community parameter sets the community attribute for the route to the number or well-known type you specify. The dampening [half-life reuse suppress max-suppress-time] parameter sets route dampening parameters for the route. The half-life parameter specifies the number of minutes after which the route penalty becomes half its value. The reuse parameter specifies how low a route penalty must become before the route becomes eligible for use again after being suppressed.
Filtering Setting a BGP4 route MED to equal the next-hop route IGP metric To set a route's MED to the same value as the IGP metric of the BGP4 next-hop route, when advertising the route to a neighbor, enter commands such as the following. Brocade(config)# access-list 1 permit 192.168.9.0 0.0.0.
Filtering The first command configures a community ACL containing community numbers 12:99 and 12:86. The remaining commands configure a route map that matches on routes whose destination network is specified in ACL 1, and deletes communities 12:99 and 12:86 from those routes. The route does not need to contain all the specified communities in order for them to be deleted. For example, if a route contains communities 12:86, 33:44, and 66:77, community 12:86 is deleted.
Filtering Brocade(config-bgp)# route-map test permit 1 Brocade(config-routemap test)# match metric 10 Brocade(config-routemap test)# set weight 10 Brocade(config-routemap test)# continue 2 Brocade(config-routemap test)# route-map test permit 2 Brocade(config-routemap test)# match tag 10 Brocade(config-routemap test)# set weight 20 Brocade(config-routemap test)# continue 3 Brocade(config-routemap test)# router bgp Brocade(config-bgp)# exit Brocade(config-bgp)# show route-map test route-map test permit 1 mat
Filtering The continue command is entered in the context of a route-map instance. The [no] form of the command deletes the continue clause specified by instance-number. The instance number range is 0 – 4294967295, and the occurrences of instance-number must be in ascending numeric order. If you specify a continue clause without an instance number, it means “continue to the next route-map instance.
Filtering When a route filter is changed (created, modified or deleted) by a user, the filter change notification will be sent to all relevant protocols, so that protocols can take appropriate actions. For example if BGP4 is using a route-map (say MapX) to control the routes advertised to a particular peer, the change of route-map (MapX) will cause BGP4 to re-evaluate the advertised routes, and make the appropriate advertisements or withdrawals according to the new route-map policy.
Filtering This command forces an immediate filter update regardless of the filter-change-update-delay setting. It can also be used to simultaneously submit multiple change notifications when the filter-change-update-delay is set to 0. When changes are complete, run the clear filter-change-update command to update protocols. NOTE There may be delays in sending route filter change notifications to applications, and delays in applying the new or updated filter to all existing routes retroactively.
Filtering Configuring cooperative BGP4 route filtering By default, the device performs all filtering of incoming routes locally, on the device itself. You can use cooperative BGP4 route filtering to cause the filtering to be performed by a neighbor before it sends the routes to the device. Cooperative filtering conserves resources by eliminating unnecessary route updates and filter processing.
Filtering Syntax: [no] neighbor ip-addr | peer-group-name capability orf prefixlist [send | receive] The ip-addr | peer-group-name parameters specify the IP address of a neighbor or the name of a peer group of neighbors. The send | receive parameters specify the support you are enabling: • send – The device sends the IP prefix lists to the neighbor. • receive – The device accepts filters from the neighbor. If you do not specify the capability, both capabilities are enabled.
Filtering Displaying cooperative filtering information You can display the following cooperative filtering information: • The cooperative filtering configuration on the device. • The ORFs received from neighbors. To display the cooperative filtering configuration on the device, enter a command such as the following. The line shown in bold type shows the cooperative filtering status. Brocade# show ip bgp neighbor 10.10.10.1 1 IP Address: 10.10.10.1, AS: 65200 (IBGP), RouterID: 10.10.10.
Filtering Route flap dampening is disabled by default. You can enable the feature globally or on an individual route basis using route maps. NOTE The device applies route flap dampening only to routes learned from EBGP neighbors. The route flap dampening mechanism is based on penalties. When a route exceeds a configured penalty value, the device stops using that route and stops advertising it to other devices. The mechanism also allows route penalties to reduce over time if route stability improves.
Filtering • Configure an empty route map with no match or set clauses. This route map does not specify particular routes for dampening but does allow you to enable dampening globally when you refer to this route map from within the BGP4 configuration level. • Configure another route map that explicitly enables dampening. Use a set clause within the route map to enable dampening.
Filtering The ip-addr parameter specifies a particular network. The ip-mask parameter specifies the network’s mask. To un-suppress a specific route, enter a command such as the following. Brocade# clear ip bgp dampening 10.157.22.0 255.255.255.0 This command un-suppresses only the routes for network 10.157.22.0/24. Displaying and clearing route flap dampening statistics The software provides many options for displaying and clearing route flap statistics.
Filtering This display shows the following information. TABLE 6 Route flap dampening statistics This field... Displays... Total number of flapping routes The total number of routes in the BGP4 route table that have changed state and have been marked as flapping routes. Status code Indicates the dampening status of the route, which can be one of the following: • > – This is the best route among those in the BGP4 route table to the route destination.
Filtering Updating route information and resetting a neighbor session The following sections describe how to update route information with a neighbor, reset a session with a neighbor, and close a session with a neighbor. Any change to a policy (ACL, route map, and so on) is automatically applied to outbound routes that are learned from a BGP4 neighbor or peer group after the policy change occurs. However, you must reset the neighbor to update existing outbound routes.
Filtering Syntax: [no] neighbor ip-addr | peer-group-name soft-reconfiguration inbound NOTE The syntax related to soft reconfiguration is shown. For complete command syntax, refer to “Configuring BGP4 neighbors” on page 47 and “Configuring a BGP4 peer group” on page 60. Placing a policy change into effect To place policy changes into effect, enter a command such as the following. Brocade(config-bgp)# clear ip bgp neighbor 10.10.200.
Filtering The detail parameter displays detailed information for the routes. (The example shows summary information.) You can specify any of the other options after detail to further refine the display request. The prefix-list string parameter specifies an IP prefix list. Only routes permitted by the prefix list are displayed. If you also use the optional longer-prefixes parameter, then all statistics for routes that match the specified route or have a longer prefix than the specified route are displayed.
Filtering • RFC 2842. This RFC specifies the Capability Advertisement, which a BGP4 device uses to dynamically negotiate a capability with a neighbor. • RFC 2858 for Multi-protocol Extension. • RFC 2918, which describes the dynamic route refresh capability The dynamic route refresh capability is enabled by default and cannot be disabled.
Filtering NOTE The soft-outbound parameter updates all outbound routes by applying the new or changed filters, but sends only the existing routes affected by the new or changed filters to the neighbor. The soft out parameter updates all outbound routes, then sends the entire BGP4 route table for the device (Adj-RIB-Out) to the neighbor, after changing or excluding the routes affected by the filters. Use soft-outbound if only the outbound policy is changed.
Filtering Brocade(config-bgp)# show ip bgp neighbor 10.4.0.2 1 IP Address: 10.4.0.2, AS: 5 (EBGP), RouterID: 100.0.0.1 Description: neighbor 10.4.0.
Filtering You can specify a single neighbor or a peer group. To close a neighbor session and thus flush all the routes exchanged by the device and the neighbor, enter the following command. Brocade# clear ip bgp neighbor all Syntax: clear ip bgp neighbor all | ip-addr | peer-group-name | as-num [soft-outbound | soft [in | out]] The all | ip-addr | peer-group-name | as-num parameters specify the neighbor. The ip-addr parameter specifies a neighbor by its IP interface with the device.
Filtering To clear all the route dampening statistics, enter the following command at any level of the CLI. Brocade# clear ip bgp flap-statistics Syntax: clear ip bgp flap-statistics [regular-expression regular-expression | address mask | neighbor ip-addr] The parameters are the same as those for the show ip bgp flap-statistics command (except the longer-prefixes option is not supported). Refer to “Displaying route flap dampening statistics” on page 141.
Filtering You can clear the buffers for all neighbors, for an individual neighbor, or for all the neighbors within a specific peer group. To clear these buffers for neighbor 10.0.0.1, enter the following commands. Brocade# clear ip bgp neighbor 10.0.0.1 last-packet-with-error Brocade# clear ip bgp neighbor 10.0.0.
Filtering Syntax: [no] graceful-restart restart-time seconds The seconds variable sets the maximum restart wait time advertised to neighbors. Possible values are 1 - 3600 seconds. The default value is 120 seconds. Configuring BGP4 Restart stale routes timer Use the following command to specify the maximum amount of time a helper device will wait for an end-of-RIB message from a peer before deleting routes from that peer.
Filtering 8. On device 6, configure the network prefixes associated with the traffic you want to drop. The static route IP address references a destination address. You must point the static route to the egress port, (for example, Ethernet 3/7), and specify the tag 50, matching the route-map configuration. Configuration examples Device 6 The following configuration defines specific prefixes to filter: Brocade(config)# ip route 10.0.0.40/29 ethernet 3/7 tag 50 Brocade(config)# ip route 10.0.0.
Filtering Brocade(config)# ip route 192.168.0.
Filtering Device 6 Show BGP4 routing table output for Device-6 Brocade#show ip bgp route Total number of BGP Routes: 126 Status A:AGGREGATE B:BEST b:NOT-INSTALLED-BEST C:CONFED_EBGP D:DAMPED E:EBGP H:HISTORY I:IBGP L:LOCAL M:MULTIPATH S:SUPPRESSED s: STALE Prefix Next Hop MED LocPrf Weight Status 1 10.0.1.0/24 10.4.1.3 0 100 0 BI AS_PATH: . .. . . . 9 10.0.0.16/30 10.9.1.3 100 0 I AS_PATH: 85 10 10.0.0.40/29 192.168.0.1 1 1000000 32768 BL AS_PATH: 11 10.0.0.80/28 10.9.1.3 100 0 I . .. . . . . .. . . .
Generalized TTL Security Mechanism support Device 1 and 2 The show ip route output for device 1 and device 2 shows “drop” under the Port column for the network prefixes you configured with null0 routing Brocade#show ip route Total number of IP routes: 133 Type Codes - B:BGP D:Connected S:Static R:RIP O:OSPF; Cost Destination Gateway Port Cost 1 10.9.1.24/32 DIRECT loopback 1 0/0 D 2 10.30.1.0/24 DIRECT eth 2/7 0/0 3 10.40.1.0/24 DIRECT eth 2/1 0/0 . 13 10.110.0.6/31 10.90.1.3 eth 2/2 20/1 14 10.110.0.
Displaying BGP4 information Displaying BGP4 information You can display the following configuration information and statistics for BGP4 protocol: • • • • • • • • • • • Summary BGP4 configuration information for the device Active BGP4 configuration information (the BGP4 information in the running configuration) Neighbor information Peer-group information Information about the paths from which BGP4 selects routes Summary BGP4 route information The device’s BGP4 route table Route flap dampening statistics A
Displaying BGP4 information This display shows the following information. TABLE 7 118 BGP4 summary information This field... Displays... Router ID The device’s device ID. Local AS Number The BGP4 AS number for the device. Confederation Identifier The AS number of the confederation in which the device resides. Confederation Peers The numbers of the local ASs contained in the confederation. This list matches the confederation peer list you configure on the device.
Displaying BGP4 information TABLE 7 BGP4 summary information (Continued) This field... Displays... State The state of device sessions with each neighbor. The states are from this perspective of the device, not the neighbor. State values are based on the BGP4 state machine values described in RFC 1771 and can be one of the following for each device: • IDLE – The BGP4 process is waiting to be started. Usually, enabling BGP4 or establishing a neighbor session starts the BGP4 process.
Displaying BGP4 information TABLE 7 BGP4 summary information (Continued) This field... Displays... Sent The number of BGP4 routes the device has sent to the neighbor. ToSend The number of routes the device has queued to advertise and withdraw to a neighbor. Displaying the active BGP4 configuration To view the active BGP4 configuration information contained in the running configuration without displaying the entire running configuration, enter the following command at any level of the CLI.
Displaying BGP4 information Brocade# show ip bgp neighbor 192.168.4.211 routes-summary 1 IP Address: 192.168.4.211 Routes Accepted/Installed:1, Filtered/Kept:11, Filtered:11 Routes Selected as BEST Routes:1 BEST Routes not Installed in IP Forwarding Table:0 Unreachable Routes (no IGP Route for NEXTHOP):0 History Routes:0 NLRIs Received in Update Message:24, Withdraws:0 (0), Replacements:1 NLRIs Discarded due to Maximum Prefix Limit:0, AS Loop:0 Invalid Nexthop:0, Invalid Nexthop Address:0.0.0.
Displaying BGP4 information TABLE 8 BGP4 route summary information for a neighbor (Continued) This field... Displays... NLRIs Discarded due to Indicates the number of times the device discarded an NLRI for the neighbor due to the following reasons: • Maximum Prefix Limit – The configured maximum prefix amount had been reached. • AS Loop – An AS loop occurred. An AS loop occurs when the BGP4 AS-path attribute contains the local AS number.
Displaying BGP4 information Brocade(config-bgp)# show ip bgp neighbor 10.4.0.2 Total number of BGP neighbors: 1 IP Address: 10.4.0.2, AS: 5 (EBGP), RouterID: 10.0.0.1 Description: neighbor 10.4.0.
Displaying BGP4 information The attribute-entries option shows the attribute-entries associated with routes received from the neighbor. The flap-statistics option shows the route flap statistics for routes received from or sent to the neighbor. The last-packet-with-error option displays the last packet from the neighbor that contained an error. The packet contents are displayed in decoded (human-readable) format.
Displaying BGP4 information TABLE 9 BGP4 neighbor information (Continued) This field... Displays... RouterID The neighbor device ID. Description The description you gave the neighbor when you configured it on the device. Local AS The value (if any) of the Local AS configured. State The state of the session with the neighbor. The states are from the device perspective, not the neighbor perspective.
Displaying BGP4 information TABLE 9 Displays... MaximumPrefixLimit Maximum number of prefixes the device will accept from this neighbor. RemovePrivateAs Whether this option is enabled for the neighbor. RefreshCapability Whether this device has received confirmation from the neighbor that the neighbor supports the dynamic refresh capability. CooperativeFilteringCapability Whether the neighbor is enabled for cooperative route filtering.
Displaying BGP4 information TABLE 9 BGP4 neighbor information (Continued) This field... Displays... Last Connection Reset Reason The reason the previous session with this neighbor ended.
Displaying BGP4 information TABLE 9 128 BGP4 neighbor information (Continued) This field... Displays... Notification Sent If the device receives a notification message from the neighbor, the message contains an error code corresponding to one of the following errors. Some errors have subcodes that clarify the reason for the error. Where applicable, the subcode messages are listed underneath the error code messages.
Displaying BGP4 information TABLE 9 BGP4 neighbor information (Continued) This field... Displays... TCP Connection state The state of the connection with the neighbor. The connection can have one of the following states: • LISTEN – Waiting for a connection request. • SYN-SENT – Waiting for a matching connection request after having sent a connection request. • SYN-RECEIVED – Waiting for a confirming connection request acknowledgment after having both received and sent a connection request.
Displaying BGP4 information TABLE 9 BGP4 neighbor information (Continued) This field... Displays... SendQue The number of sequence numbers in the send queue. RcvQue The number of sequence numbers in the receive queue. CngstWnd The number of times the window has changed. Displaying route information for a neighbor You can display routes based on the following criteria: • A summary of the routes for a specific neighbor.
Displaying BGP4 information Displaying the routes with destinations that are unreachable To display BGP4 routes with destinations that are unreachable using any of the BGP4 paths in the BGP4 route table, enter a command such as the following at any level of the CLI: Brocade(config-bgp)# show ip bgp neighbor 192.168.4.211 routes unreachable Syntax: show ip bgp neighbor ip-addr routes unreachable For information about the fields in this display, refer to Table 10.
Displaying BGP4 information Brocade# show ip bgp routes summary Total number of BGP routes (NLRIs) Installed Distinct BGP destination networks Filtered BGP routes for soft reconfig Routes originated by this router Routes selected as BEST routes BEST routes not installed in IP forwarding table Unreachable routes (no IGP route for NEXTHOP) IBGP routes selected as best routes EBGP routes selected as best routes : : : : : : : : : 20 20 100178 2 19 1 1 0 17 Syntax: show ip bgp routes summary This display sho
Displaying BGP4 information Brocade# show ip bgp routes Total number of BGP Routes: 97371 Status A:AGGREGATE B:BEST b:NOT-INSTALLED-BEST C:CONFED_EBGP D:DAMPED E:EBGP H:HISTORY I:IBGP L:LOCAL M:MULTIPATH S:SUPPRESSED Prefix Next Hop MED LocPrf Weight Status 1 10.3.0.0/8 192.168.4.106 100 0 BE AS_PATH: 65001 4355 701 80 2 10.4.0.0/8 192.168.4.106 100 0 BE AS_PATH: 65001 4355 1 3 10.60.212.0/22 192.168.4.106 100 0 BE AS_PATH: 65001 4355 701 1 189 4 10.6.0.0/8 192.168.4.
Displaying BGP4 information The not-installed-best option displays the routes received from the neighbor that are the best BGP4 routes to their destinations, but were not installed in the IP route table because the device received better routes from other sources (such as OSPF, RIP, or static IP routes). The prefix-list string parameter filters the display using the specified IP prefix list. The regular-expression regular-expression option filters the display based on a regular expression.
Displaying BGP4 information For information about the fields in this display, refer to Table 10. The fields in this display also appear in the show ip bgp display. Displaying information for a specific route To display BGP4 network information by specifying an IP address within the network, enter a command such as the following at any level of the CLI. Brocade# show ip bgp 10.3.4.
Displaying BGP4 information TABLE 11 BGP4 network information (Continued) This field... Displays... LocPrf The degree of preference for this route relative to other routes in the local AS. When the BGP4 algorithm compares routes on the basis of local preferences, the route with the higher local preference is chosen. The preference can have a value from 0 – 4294967295. Weight The value that this device associates with routes from a specific neighbor.
Displaying BGP4 information Displaying route details This example shows the information displayed when you use the detail option. In this example, the information for one route is shown. Brocade# show ip bgp routes detail Total number of BGP Routes: 2 Status A:AGGREGATE B:BEST b:NOT-INSTALLED-BEST C:CONFED_EBGP D:DAMPED E:EBGP H:HISTORY I:IBGP L:LOCAL M:MULTIPATH S:SUPPRESSED 1 Prefix: 10.5.0.0/24, Status: BME, Age: 0h28m28s NEXT_HOP: 10.1.1.2, Learned from Peer: 10.1.0.
Displaying BGP4 information TABLE 12 BGP4 route information (Continued) This field... Displays... Next_Hop The next-hop device for reaching the network. Learned from Peer The IP address of the neighbor that sent this route. Local_Pref The degree of preference for this route relative to other routes in the local AS. When the BGP4 algorithm compares routes on the basis of local preferences, the route with the higher local preference is chosen. The preference can have a value from 0 – 4294967295.
Displaying BGP4 information Displaying BGP4 route-attribute entries The route-attribute entries table lists the sets of BGP4 attributes stored in device memory. Each set of attributes is unique and can be associated with one or more routes. In fact, the device typically has fewer route attribute entries than routes. To display the IP route table, enter the following command.
Displaying BGP4 information TABLE 13 BGP4 route-attribute entries information (Continued) This field... Displays... Atomic Whether the network information in this set of attributes has been aggregated and this aggregation has resulted in information loss. • TRUE – Indicates information loss has occurred • FALSE – Indicates no information loss has occurred NOTE: Information loss under these circumstances is a normal part of BGP4 and does not indicate an error.
Displaying BGP4 information Displaying route flap dampening statistics To display route dampening statistics or all the dampened routes, enter the following command at any level of the CLI. Brocade# show ip bgp flap-statistics Total number of flapping routes: 414 Status Code >:best d:damped h:history *:valid Network From Flaps Since h> 10.50.206.0/23 10.90.213.77 1 0 :0 :13 h> 10.255.192.0/20 10.90.213.77 1 0 :0 :13 h> 10.252.165.0/24 10.90.213.77 1 0 :0 :13 h> 10.50.208.0/23 10.90.213.77 1 0 :0 :13 h> 10.
Displaying BGP4 information You can display all dampened routes by entering the show ip bgp dampened-paths.command. Displaying the active route map configuration You can view the active route map configuration (contained in the running configuration) without displaying the entire running configuration.by entering the following command at any level of the CLI.
Displaying BGP4 information Displaying BGP4 restart neighbor information To display BGP4 restart information for BGP4 neighbors, enter the show ip bgp neighbors command. Brocade# show ip bgp neighbors Total number of BGP Neighbors: 6 1 IP Address: 10.50.50.10, AS: 20 (EBGP), RouterID: 10.10.10.
Displaying BGP4 information Brocade# show ip bgp neighbors neighbors Details on TCP and BGP neighbor connections Total number of BGP Neighbors: 1 1 IP Address: 192.168.1.1, AS: 7701000 (IBGP), RouterID: 192.168.1.
Displaying BGP4 information TABLE 15 Output parameters of the show ip bgp neighbors command (Continued) Field Description VRF Shows the status of the VRF instance. State Shows the state of the router session with the neighbor. The states are from the router’s perspective of the session, not the neighbor’s perspective. The state can be one of the following values: • IDLE – The BGP4 process is waiting to be started. Usually, enabling BGP4 or establishing a neighbor session starts the BGP4 process.
Displaying BGP4 information TABLE 15 146 Output parameters of the show ip bgp neighbors command (Continued) Field Description Last Connection Reset Reason Shows the reason for ending the previous session with this neighbor. The reason can be one of the following: • No abnormal error has occurred.
Displaying BGP4 information TABLE 15 Output parameters of the show ip bgp neighbors command (Continued) Field Description Notification Sent Shows an error code corresponding to one of the following errors if the device sends a Notification message from the neighbor. Some errors have subcodes that clarify the reason for the error. The subcode messages are listed underneath the error code messages, wherever applicable.
Displaying BGP4 information TABLE 15 148 Output parameters of the show ip bgp neighbors command (Continued) Field Description As-path attribute count Shows the count of the AS-path attribute. Outbound Policy Group Shows the ID and the count used in the outbound policy group. TCP Connection state Shows the state of the connection with the neighbor. The connection can have one of the following states: • LISTEN – Waiting for a connection request.
Displaying BGP4 information TABLE 15 Output parameters of the show ip bgp neighbors command (Continued) Field Description SendWnd Shows the size of the send window. TotalRcv Shows the count of the sequence numbers received from the neighbor. DupliRcv Shows the count of the duplicate sequence numbers received from the neighbor. RcvWnd Shows the size of the receive window. SendQue Shows the count of the sequence numbers in the send queue.
Displaying BGP4 information AS-path prepend and extended community information The AS-path prepend and extended community information is shown in this example of the show route-map command. Brocade# show route-map route-map test permit 1 match ip address 1 set as-path prepend 75000 set extcommunity RT 100000:123 set extcommunity SOO 150000:456 route-map test permit 2 match ip address 2 set as-path prepend 80000 Syntax: show route-map [name] The optional name parameter lets you name a specific route.
Displaying BGP4 information Formats of AS4s in show command output To display the asdot and asdot+ notation for AS4s, enter the as-format asdot or as-format asdot+ commands before you enter the show ip bgp command. Brocade# as-format asdot Brocade-mu2(config)# show ip bgp Total number of BGP Routes: 1 Status codes: s suppressed, d damped, h history, * valid, > best, i internal, S stale Origin codes: i - IGP, e - EGP,? - incomplete Network Next Hop Metric LocPrf Weight Path *> 10.1.1.0/24 192.168.1.
Displaying BGP4 information Brocade# show route-map test route-map test permit 1 set weight 10 continue 2 route-map test permit 2 set metric 20 continue 3 route-map test permit 3 set community 10:20 continue 4 route-map test permit 4 set community 30:40 continue 5 route-map test permit 5 set as-path prepend 300 continue 6 Brocade(config-routemap test)# show ip bgp route Total number of BGP Routes: 1 Status A:AGGREGATE B:BEST b:NOT-INSTALLED-BEST C:CONFED_EBGP D:DAMPED E:EBGP H:HISTORY I:IBGP L:LOCAL M:MULT
Displaying BGP4 information Brocade# show route-map test route-map test permit 1 set weight 10 continue 5 route-map test permit 2 set metric 20 continue 3 route-map test permit 3 set community 10:20 continue 4 route-map test permit 4 set community 30:40 continue 5 route-map test permit 5 set as-path prepend 300 continue 6 route-map test permit 6 set as-path prepend 100 continue 7 route-map test permit 7 set community none set local-preference 70 continue 8 route-map test deny 8 match metric 60 set metric 4
Displaying BGP4 information Brocade# show route-map test route-map test permit 1 set weight 10 continue 5 route-map test permit 2 set metric 20 continue 3 route-map test permit 3 set community 10:20 continue 4 route-map test permit 4 set community 30:40 continue 5 route-map test permit 5 set as-path prepend 300 continue 6 route-map test permit 6 set as-path prepend 100 continue 7 route-map test permit 7 set community none set local-preference 70 continue 8 Brocade(config-routemap test)#route-map test deny
Chapter 2 OSPF version 2 (IPv4) Table 16 displays the individual devices and the OSPF features they support.
OSPF version 2 (IPv4) TABLE 16 Supported OSPF features (Continued) Features supported Brocade NetIron XMR Series Brocade MLX Series Brocade NetIron CES 2000 Series BASE package Brocade NetIron CES 2000 Series ME_PREM package Brocade NetIron CES 2000 Series L3_PREM package Brocade NetIron CER 2000 Series Base package Brocade NetIron CER 2000 Series Advanced Services package OSPF Distribute List Yes Yes No Yes Yes Yes Yes OSPF Administrative Distance Control Using Route Maps Yes Yes No
OSPF version 2 (IPv4) • • • • • • Router link Network link Summary link Autonomous system (AS) summary link AS external link Not-So-Stubby Area (NSSA) external link OSPF is built upon a hierarchy of network components. The highest level of the hierarchy is the Autonomous System (AS). An autonomous system is defined as a number of networks, all of which share the same routing and administration characteristics. An AS can be divided into multiple areas as shown in Figure 8 on page 158.
OSPF point-to-point links FIGURE 8 OSPF operating in a network OSPF point-to-point links In an OSPF point-to-point network, where a direct Layer 3 connection exists between a single pair of OSPF routers, there is no need for Designated and Backup Designated Routers, as is the case in OSPF multi-access networks. Without the need for Designated and Backup Designated routers, a point-to-point network establishes adjacency and converges faster.
OSPF point-to-point links Designated router election in multi-access networks In a network with no designated router and no backup designated router, the neighboring router with the highest priority is elected as the DR, and the router with the next largest priority is elected as the BDR, as shown in Figure 9 FIGURE 9 Designated and backup router election If the DR goes off-line, the BDR automatically becomes the DR. The router with the next highest priority becomes the new BDR.
OSPF point-to-point links When multiple routers on the same network are declaring themselves as DRs, then both priority and router ID are used to select the designated router and backup designated routers. When only one router on the network claims the DR role despite neighboring routers with higher priorities or router IDs, this router remains the DR. This is also true for BDRs.
OSPF point-to-point links FIGURE 11 AS External LSA reduction Notice that both Router D and Router E have a route to the other routing domain through Router F. OSPF eliminates the duplicate AS External LSAs.
OSPF point-to-point links • A second ASBR that is already on-line begins advertising an equivalent route to the same destination. In either case above, the router with the higher router ID floods the AS External LSAs and the other router flushes its equivalent AS External LSAs. For example, if Router D is offline, Router E is the only source for a route to the external routing domain.
OSPF graceful restart 2. Compare the networks that have the same network address, to determine which network is more specific. The more specific network is the one that has more contiguous one bits in its network mask. For example, network 10.0.0.0 255.255.0.0 is more specific than network 10.0.0.0 255.0.0.0, because the first network has 16 ones bits (255.255.0.0) whereas the second network has only 8 ones bits (255.0.0.0). • For the less specific network, use the networks address as the ID.
OSPF graceful restart Hitless upgrade support for OSPF graceful restart OSPF graceful restart experiences minimal packet loss during hitless upgrade on a non-default VRF. On a default VRF, there is no packet loss during hitless upgrade. OSPF Stub Router Advertisement OSPFv2 Stub Router Advertisement is an open standard based feature and it is specified in RFC 3137. This feature, introduced in version 03.2.
OSPF graceful restart times until a configured maximum delay time value is reached or no event occurs (which resets the router to the initial hold time). The maximum value is then held until the hold time expires without a topology change event occurring. At any time that a hold time expires without a topology change event occurring, the router reverts to the initial hold value and begins the process all over again.
OSPF VRF-Lite for customer-edge routers Dynamic OSPF activation and configuration OSPF is automatically activated when you enable it. The protocol does not require a software reload.
Configuring OSPF Configuring OSPF To begin using OSPF on the router, perform the steps outlined below. 1. Enable OSPF on the router. 2. Assign the areas to which the router will be attached. 3. Assign individual interfaces to the OSPF areas. 4. Configure route map for route redistribution, if desired. 5. Enable redistribution, if desired. 6. Modify default global and port parameters as required. 7. Modify OSPF standard compliance, if desired.
Configuring OSPF • • • • Modify OSPF Traps generated. Modify database overflow interval. Stub Router advertisement Set all the OSPFv2 interfaces to the passive state. Interface parameters The interface OSPF parameters are as follows: • • • • • • • • • Assign interfaces to an area. Define the authentication key for the interface. Change the authentication-change interval Modify the cost for a link. Modify the dead interval. Modify MD5 authentication key parameters. Modify the priority of the interface.
Configuring OSPF If you are testing an OSPF configuration and are likely to disable and re-enable the protocol, you might want to make a backup copy of the startup configuration file containing the protocol’s configuration information. This way, if you remove the configuration information by saving the configuration after disabling the protocol, you can restore the configuration by copying the backup copy of the startup configuration file onto the flash memory.
Configuring OSPF Assign a totally stubby area By default, the device sends summary LSAs (LSA type 3) into stub areas. You can further reduce the number of link state advertisements (LSA) sent into a stub area by configuring the device to stop sending summary LSAs (type 3 LSAs) into the area. You can disable the summary LSAs when you are configuring the stub area or later after you have configured the area.
Configuring OSPF Figure 12 shows an example of an OSPF network containing an NSSA. FIGURE 12 OSPF network containing an NSSA This example shows two routing domains, a RIP domain and an OSPF domain. The ASBR inside the NSSA imports external routes from RIP into the NSSA as Type-7 LSAs, which the ASBR floods throughout the NSSA. The ABR translates the Type-7 LSAs into Type-5 LSAs.
Configuring OSPF The default-information-originate metric metric-value parameter indicates the cost of the default LSA that originated into the NSSA area. The range is from 1 to 16777215. The default-information-originate metric-type type-value parameter indicates the default external LSA type that originated into the NSSA area. The default type is type-2. The no-summary option directs the router to not import type-3 summary LSAs into the NSSA area.
Configuring OSPF Syntax: [no] area num | ip-addr range ip-addr ip-mask [advertise | not-advertise] The num | ip-addr parameter specifies the area number, which can be in IP address format. If you specify a number, the number can be from 0 – 2,147,483,647. The range ip-addr parameter specifies the IP address portion of the range. The software compares the address with the significant bits in the mask. All network addresses that match this comparison are summarized in a single route advertised by the router.
Configuring OSPF Example Creates an area range entry with ip address 10.1.1.1 and network mask 255.255.255.0 with the area-id 10. Brocade(config)# router ospf Brocade(config-ospf-router)# area 10 range 10.1.1.1 255.255.255.0 Modifies the address range status to DoNotAdvertise. Neither the individual intra-area routes falling under range nor the ranged prefix is advertised as summary LSA. Brocade(config)# router ospf Brocade(config-ospf-router)# area 10 range 10.1.1.1 255.255.255.
Configuring OSPF The not-advertise parameter sets the address range status to DoNotAdvertise. Neither the individual intra-area routes falling under range nor the ranged prefix is advertised as summary LSA. The cost cost-value parameter specifies the cost-value to be used while generating type-3 summary LSA. If the cost value is configured, then configured cost is used while generating the summary LSA. If the cost value is not configured, then computed range cost will be used.
Configuring OSPF • • • • • • • ip ospf md5-authentication key-activation-wait-time num | key-id num key string ip ospf mtu-ignore ip ospf passive ip ospf active ip ospf priority value ip ospf retransmit-interval value ip ospf transmit-delay value For a complete description of these parameters, see the summary of OSPF port parameters in the next section. OSPF interface parameters The following parameters apply to OSPF interfaces: TABLE 17 OSPF interface parameter output descriptions. Table 0.
Configuring OSPF Table 0.1: dead-interval: Indicates the number of seconds that a neighbor router waits for a hello packet from the current router before declaring the router down. The value can be from 40– 65535 seconds. The default is 40 seconds. Beginning with version 03.2.00 of the Multi-Service IronWare software, the rules described in “Rules for OSPF dead interval and hello interval timers” on page 178 apply regarding this timer.
Configuring OSPF Table 0.1: active When you configure an OSPFv2 interface to be active, that interface sends or receives all the control packets and forms the adjacency. By default, the ip ospf active command is disabled. Whenever you configure the OSPF interfaces to be passive using the default-passive-interface command, all the OSPF interfaces stop sending and receiving control packets. To send and receive packets over specific interfaces, you can use the ip ospf active command.
Configuring OSPF • Simple text password • MD5 authentication • No authentication • Configuring a new simple text password or MD5 authentication key • Changing an existing simple text password or MD5 authentication key To change the authentication-change interval, enter a command such as the following at the interface configuration level of the CLI.
Configuring OSPF The all parameter directs the router to block all outbound LSAs on the OSPF interface. The all-external option (introduced in version 03.6.00) directs the router to allow the following LSAs: Router, Network, Opq-Area-TE, Opq-Link-Graceful and Type-3 Summary while it blocks all Type-4 and Type-5 LSAs unless directed by one of the following keywords: allow-default – allows only Type-5 default LSAs. allow-default-and-type4 – allows Type-5 default LSAs and all Type 4 LSAs.
Configuring OSPF FIGURE 13 Defining OSPF virtual links within a network Example Figure 13 shows an OSPF area border router, Device A, that is cut off from the backbone area (area 0). To provide backbone access to Device A, you can add a virtual link between Device A and Device C using area 1 as a transit area. To configure the virtual link, you define the link on the router that is at each end of the link. No configuration for the virtual link is required on the routers in the transit area.
Configuring OSPF The virtual-link router-id parameter specifies the router ID of the OSPF router at the remote end of the virtual link. To display the router ID on a device, enter the show ip command. Refer to “Modify virtual link parameters” on page 182 for descriptions of the optional parameters. Modify virtual link parameters OSPF has some parameters that you can modify for virtual links. Notice that these are the same parameters as the ones you can modify for physical interfaces.
Configuring OSPF Table 0.2: transmit-delay num The period of time it takes to transmit Link State Update packets on the interface. The range is 0 – 3600 seconds. The default is 1 second. authentication-key string This parameter allows you to assign different authentication encryption methods on a port-by-port basis. OSPF supports three methods of authentication for each interface: none, simple encryption, and base 64 encryption. Only one encryption method can be active on an interface at a time.
Configuring OSPF Changing the reference bandwidth for the cost on OSPF interfaces Each interface on which OSPF is enabled has a cost associated with it. The device advertises its interfaces and their costs to OSPF neighbors. For example, if an interface has an OSPF cost of ten, the device advertises the interface with a cost of ten to other OSPF routers. By default, an interface’s OSPF cost is based on the port speed of the interface.
Configuring OSPF Changing the reference bandwidth To change the reference bandwidth, enter a command such as the following at the OSPF configuration level of the CLI. Brocade(config)# router ospf Brocade(config-ospf-router)# auto-cost reference-bandwidth 500 The reference bandwidth specified in this example results in the following costs: • 10 Mbps port’s cost = 500/10 = 50 • 100 Mbps port’s cost = 500/100 = 5 • 1000 Mbps port’s cost = 500/1000 = 0.
Configuring OSPF NOTE The ASBR must be running both RIP and OSPF protocols to support this activity. FIGURE 14 Redistributing OSPF and static routes to RIP routes You also have the option of specifying import of just IS-IS, RIP, OSPF, BGP4, or static routes, as well as specifying that only routes for a specific network or with a specific cost (metric) be imported, as shown in the command syntax below.
Configuring OSPF Modify default metric for redistribution The default metric is a global parameter that specifies the cost applied to all OSPF routes by default. The default value is 10. You can assign a cost from 1 – 65535. NOTE You also can define the cost on individual interfaces. The interface cost overrides the default cost. To assign a default metric of 4 to all routes imported into OSPF, enter the following commands.
Configuring OSPF The match command in the route map matches on routes that have 5 for their metric value (cost). The set command changes the metric in routes that match the route map to 8. The redistribute static command enables redistribution of static IP routes into OSPF, and uses route map “abc“ to control the routes that are redistributed.
Configuring OSPF NOTE For an external route that is redistributed into OSPF through a route map, the metric value of the route remains the same unless the metric is set by a set metric command inside the route map. The default-metric num command has no effect on the route. This behavior is different from a route that is redistributed without using a route map. For a route redistributed without using a route map, the metric is set by the default-metric num command.
Configuring OSPF NOTE The device is not source routing in these examples. The device is concerned only with the paths to the next-hop routers, not the entire paths to the destination hosts. OSPF load sharing is enabled by default when IP load sharing is enabled.
Configuring OSPF The ip-addr parameter specifies the network address. The ip-mask parameter specifies the network mask. To display the configured summary addresses, enter the following command at any level of the CLI. Brocade)# show ip ospf config OSPF Redistribution Address Ranges currently defined: Range-Address Subnetmask 10.0.0.0 255.0.0.0 10.0.1.0 255.255.255.0 10.0.2.0 255.255.255.
Configuring OSPF The always parameter advertises the default route regardless of whether the router has a default route. This option is disabled by default. The metric value parameter specifies a metric for the default route. If this option is not used, the default metric is used for the route. The metric-type type parameter specifies the external link type associated with the default route advertised into the OSPF routing domain.
OSPF non-stop routing TABLE 20 Set Conditions Set Conditions: metric metricValue metric-type type1/type2 tag routeTagValue OSPF non-stop routing The graceful restart feature supported by open shortest path first (OSPF) maintains area topology and dataflow. Though the network requires neighboring routers to support graceful restart and perform hitless failover, the graceful restart feature may not be supported by all routers in the network.
Synchronization of critical OSPF elements LSA syncing and packing When the LSA processing is completed on the active management module and the decision is made to install the LSA in its link state database (LSDB), OSPF synchronizes that LSA to the standby module. OSPF checks the current state of the database entry whether or not it is marked for deletion.
BFD with OSPF NSR BFD with OSPF NSR Bidirectional forwarding detection (BFD) supports MP switchover and all BFD sessions for OSPF with graceful OSPF NSR, which are in the up state after the switchover. The BFD sessions for OSPF that do not use OSPF NSR are cleared before the switchover and then re-established on the new active MP after the MP switchover.
Enabling and disabling NSR Enabling and disabling NSR To enable NSR for OSPF, enter the following command. Brocade(config)# router ospf Brocade(config-ospf-router)# nonstop-routing To disable NSR for OSPF, enter the following command.
Adding additional parameters Example Brocade(config-ospf-router)#default-information-originate route-map defaultToOspf Brocade(config-ospf-router)#default-information-originate always Brocade(config-ospf-router)#default-information-originate metric 200 In the above example, default-information-originate’ is enabled with the route-map parameter for the first CLI and then the always and metric is appended to the existing configuration.
Adding additional parameters NOTE If you specify a metric and metric type, the values you specify are used even if you do not use the always option. The route-map parameter overrides other options. If set commands for metric and metric-type are specified in the route-map, the command-line values of metric and metric-type if specified, are ignored for clarification. The route-map rmap parameter specifies the route map reference.
Adding additional parameters In the following example, the first three commands configure an extended ACL that denies routes to any 172.31.39.x destination network and allows all other routes for eligibility to be installed in the IP route table. The last three commands change the CLI to the OSPF configuration level and configure an OSPF distribution list that uses the ACL as input. The distribution list prevents routes to any 172.31.39.x destination network from entering the IP route table.
Adding additional parameters Brocade(config-routemap setdistance)# set distance 200 Brocade(config-routemap setdistance)# exit Brocade(config)# router ospf Brocade(config-ospf-router)# area 0 Brocade(config-ospf-router)# area 1 Brocade(config-ospf-router)# distribute-list route-map setdistance in Brocade(config-ospf-router)# exit Once this configuration is implemented, the routes identified by the ip prefix-list command and matched in the Route Map will have their OSPF Admin Distance set to 200.
Adding additional parameters • SPF hold time – The device waits for a specific amount of time between consecutive SPF calculations. By default, the device waits zero seconds. You can configure the SPF hold time to a value from 0 – 65535 seconds. If you set the SPF hold time to 0 seconds, the software does not wait between consecutive SPF calculations. You can set the delay and hold time to lower values to cause the device to change to alternate paths more quickly in the event of a route failure.
Adding additional parameters Configuring administrative distance based on route type You can configure a unique administrative distance for each type of OSPF route. For example, you can use this feature to prefer a static route over an OSPF inter-area route but you also want to prefer OSPF intra-area routes to static routes. The distance you specify influences the choice of routes when the device has multiple routes for the same network from different protocols.
Adding additional parameters Usage guidelines The pacing interval is inversely proportional to the number of LSAs the device is refreshing and aging. For example, if you have approximately 10,000 LSAs, decreasing the pacing interval enhances performance. If you have a very small database (40 – 100 LSAs), increasing the pacing interval to 10 – 20 minutes might enhance performance slightly. Changing the LSA pacing interval To change the LSA pacing interval, use the following CLI method.
Adding additional parameters TABLE 21 Behavior for prefix list configurations IP prefix list OSPF area prefix list Event Filtering done XXX Not defined None No (permit all) Not defined Defined None Yes (deny all) Not defined Defined IP prefix list defined Recalculation Defined (no rules configured) Defined None Implicit deny (deny all) Defined (rules configured) Defined IP prefix list deleted Recalculation and deny all Defined (rules configured) Defined IP prefix list rule added
Adding additional parameters Defining and applying IP prefix lists An IP prefix list specifies a list of networks. When you apply an IP prefix list to an area, the Brocade device sends or receives only a route whose destination is in the IP prefix list. The software interprets the prefix lists in order, beginning with the lowest sequence number. To configure an IP prefix list and apply it to an area, enter commands such as the following. Brocade(config)# ip prefix-list Routesfor20 permit 20.20.0.
Adding additional parameters Brocade(config)# show ip ospf config Router OSPF: Enabled Graceful Restart: Disabled, timer 120 Graceful Restart Helper: Enabled Redistribution: Disabled Default OSPF Metric: 10 OSPF Auto-cost Reference Bandwidth: Disabled OSPF Redistribution Metric: Type2 OSPF External LSA Limit: 14447047 OSPF Database Overflow Interval: 0 RFC 1583 Compatibility: Enabled Router id: 10.5.5.
Adding additional parameters These commands are at the OSPF router Level of the CLI. Here is a summary of OSPF traps supported on device, their corresponding CLI commands, and their associated MIB objects from RFC 1850.
Adding additional parameters Modify exit overflow interval If a database overflow condition occurs on a router, the router eliminates the condition by removing entries that originated on the router. The exit overflow interval allows you to set how often a device checks to see if the overflow condition has been eliminated. The default value is 0. The range is 0 – 86400 seconds (24 hours).
Adding additional parameters The memory option logs abnormal OSPF memory usage. This option is enabled by default. The retransmit option logs OSPF retransmission activities. This option is disabled by default. Configuring an OSPF network type To configure an OSPF network, enter commands such as the following. Brocade(config)# interface eth 1/5 Brocade(config-if-1/5)# ip ospf network point-to-point This command configures an OSPF point-to-point link on Interface 5 in slot 1.
Adding additional parameters • Configuring OSPF Graceful Restart for the Global Instance – In this configuration all OSPF neighbors other than those used by VRFs are made subject to the Graceful Restart capability. The restart timer set globally does not apply to Graceful Restart on a configured VRF. • Configuring OSPF Graceful Restart per VRF – In this configuration all OSPF neighbors for the specified VRF are made subject to the Graceful Restart capability.
Adding additional parameters Brocade(config)# router ospf vrf blue Brocade(config-ospf-router)# graceful-restart Syntax: [no] graceful-restart Configuring OSPF Graceful Restart time per VRF Use the following command to specify the maximum amount of time advertised to an OSPF neighbor router to maintain routes from and forward traffic to a restarting router.
Adding additional parameters The on-startup parameter specifies that the OSPF router advertisement be performed at the next system startup. This is an optional parameter. When using the on-startup option you can set a time in seconds for which the specified links in Router LSA will be advertised with the metric set to a maximum value of 0xFFFF. Optional values for time are 5 to 86400 seconds. There is no default value for time.
Adding additional parameters Brocade(config)# router ospf Brocade(config-ospf-router)# max-metric router-lsa summary-lsa 16777214 link all The following command turns off the advertisement of special metric values in all Router, Summary, and External LSAs. Brocade(config)# router ospf Brocade(config-ospf-router)# no max-metric router-lsa Configuring OSPF shortest path first throttling To set OSPF shortest path first throttling to the values in the previous example, use the following command.
Displaying OSPF information External LSA Limit 14447047 Database Overflow Interval 0 Database Overflow State : NOT OVERFLOWED RFC 1583 Compatibility : Enabled Originating router-LSAs with maximum metric Condition: Always Current State: Active Link Type: PTP STUB TRANSIT Additional LSAs originated with maximum metric: LSA Type Metric Value AS-External 16711680 Type 3 Summary 16711680 Type 4 Summary 16711680 Opaque-TE 4294967295 Displaying OSPF information You can display the following OSPF information: •
Displaying OSPF information Displaying general OSPF configuration information To display general OSPF configuration information, enter the following command at any CLI level.
Displaying OSPF information TABLE 22 Output parameters of the show ip ospf config command Field Description Router OSPF Shows whether or not the router OSPF is enabled. Nonstop Routing Shows whether or not the non-stop routing is enabled. Graceful Restart Shows whether or not the graceful restart is enabled. Graceful Restart Helper Shows whether or not the OSPF graceful restart helper mode is enabled. Graceful Restart Time Shows the maximum restart wait time advertised to neighbors.
Displaying OSPF information TABLE 22 Output parameters of the show ip ospf config command (Continued) Field Description Ethernet Interface Shows the OSPF interface. ip ospf md5-authentication-keyactivation-wait-time Shows the wait time of the device until placing a new MD5 key into effect. ip ospf area Shows the area of the interface. ip ospf cost Shows the overhead required to send a packet across an interface.
Displaying OSPF information Displaying CPU utilization and other OSPF tasks You can display CPU utilization statistics for OSPF and other tasks. To display CPU utilization statistics, enter the following command.
Displaying OSPF information The displayed information shows the following: TABLE 23 CLI display of show tasks This field... Displays... Task Name Name of task running on the device. Pri Priority of the task in comparison to other tasks State Current state of the task PC current instruction for the task Stack Stack location for the task Size Stack size of the task CPU Usage(%) Percentage of the CPU being used by the task task id Task’s ID number assigned by the operating system.
Displaying OSPF information TABLE 24 CLI display of OSPF area information (Continued) This field... Displays... LSA The LSA number. Chksum(Hex) The checksum for the LSA packet. The checksum is based on all the fields in the packet except the age field. The device uses the checksum to verify that the packet is not corrupted. Displaying OSPF neighbor information To display OSPF neighbor information, enter the following command at any CLI level.
Displaying OSPF information TABLE 25 CLI display of OSPF neighbor information (Continued) Field Description State The state of the conversation between the device and the neighbor. This field can have one of the following values: • Down – The initial state of a neighbor conversation. This value indicates that there has been no recent information received from the neighbor. • Attempt – This state is only valid for neighbors attached to non-broadcast networks.
Displaying OSPF information Displaying OSPF interface information To display OSPF interface information, enter the following command at any CLI level Brocade# show ip ospf interface ethernet 1/11 Ethernet 1/11 admin up, oper up IP Address 10.1.1.15, Area 0 Database Filter: Not Configured State active(default passive), Pri 1, Cost 1, Options 2,Type broadcast Events 2 Timers(sec): Transmit 1, Retrans 5, Hello 10, Dead 40 DR: Router ID 192.168.254.1 Interface Address 10.1.1.1 BDR: Router ID 10.0.0.
Displaying OSPF information TABLE 26 Output of the show ip ospf interface command (Continued) This field Displays Database Filter The router’s configuration for blocking outbound LSAs on an OSPF interface as described in “Block flooding of outbound LSAs on specific OSPF interfaces” on page 179. If Not Configured is displayed, there is no outbound LSA filter configured. This is the default condition. State The state of the interface.
Displaying OSPF information TABLE 26 Output of the show ip ospf interface command (Continued) This field Displays DR The router ID (IPv4 address) of the DR. BDR The router ID (IPv4 address) of the BDR. Neighbor Count The number of neighbors to which the interface is connected. Adjacent Neighbor Count The number of adjacent neighbor routers. Neighbor: The IP address of the neighbor. Displaying OSPF interface brief information The following command introduced in version 03.3.
Displaying OSPF information TABLE 27 Output of the show ip ospf interface brief command (Continued) This field Displays State The state of the conversation between the router and the neighbor. This field can have one of the following values: • Down – The initial state of a neighbor conversation. This value indicates that there has been no recent information received from the neighbor. • Attempt – This state is only valid for neighbors attached to non-broadcast networks.
Displaying OSPF information Displaying OSPF route information To display OSPF route information, enter the following command at any CLI level. Brocade#show ip ospf route OSPF Area 0x00000000 ASBR Routes 1: Destination Mask 10.65.12.1 255.255.255.255 Adv_Router Link_State 10.65.12.1 10.65.12.1 Paths Out_Port Next_Hop 1 v49 10.1.49.2 2 v12 10.1.12.2 3 v11 10.1.11.2 4 v10 10.1.10.
Displaying OSPF information This display shows the following information. TABLE 28 CLI display of OSPF route information This field... Displays... Destination The IP address of the route's destination. Mask The network mask for the route. Path_Cost The cost of this route path. (A route can have multiple paths. Each path represents a different exit port for the device.) Type2_Cost The type 2 cost of this path.
Displaying OSPF information Displaying the routes that have been redistributed into OSPF You can display the routes that have been redistributed into OSPF. To display the redistributed routes, enter the following command at any level of the CLI. Brocade# show ip ospf redistribute route 10.0.0 255.255.0.0 static 10.1.0.0 255.255.0.0 static 10.11.61.0 255.255.255.0 connected 10.1.0.0 255.255.0.0 static In this example, four routes have been redistributed.
Displaying OSPF information TABLE 29 CLI display of OSPF database information (Continued) This field... Displays... Prd Grace Period: The number of seconds that the router's neighbors should continue to advertise the router as fully adjacent, regardless of the state of database synchronization between the router and its neighbors.
Displaying OSPF information Displaying OSPF external link state information To display external link state information, enter the following command at any CLI level. Brocade#show Index Aging 1 591 2 591 3 591 4 591 5 592 6 592 7 592 ip ospf database external-link-state LS ID Router Netmask 10.65.13.0 10.65.12.1 ffffff00 10.65.16.0 10.65.12.1 ffffff00 10.65.14.0 10.65.12.1 ffffff00 10.65.17.0 10.65.12.1 ffffff00 10.65.12.0 10.65.12.1 ffffff00 10.65.15.0 10.65.12.1 ffffff00 10.65.18.0 10.65.12.
Displaying OSPF information Displaying OSPF database-summary information To display database-summary information, enter the following command at any CLI level. Brocade#show Area ID 0.0.0.0 AS External Total ip ospf database database-summary Router Network Sum-Net Sum-ASBR 104 184 19 42 104 184 19 42 NSSA-Ext 0 0 Opq-Area 0 0 Subtotal 349 308 657 Syntax: show ip ospf database database-summary TABLE 31 CLI display of OSPF database summary information This field... Displays...
Displaying OSPF information The advertise num parameter displays the hexadecimal data in the specified LSA packet. The num parameter identifies the LSA packet by its position in the router’s LSA table. To determine an LSA packet’s position in the table, enter the show ip ospf link-state command to display the table. The asbr option shows ASBR LSAs. The extensive option displays the LSAs in decrypted format. NOTE You cannot use the extensive option in combination with other display options.
Displaying OSPF information The ip-addr parameter displays the ABR and ASBR entries for the specified IP address. Brocade# show ip ospf border-routers 1 1 1 1 router ID 10.65.12.1 10.65.12.1 10.65.12.1 10.65.12.1 router type next hop router ABR 10.1.49.2 ASBR 10.1.49.2 ABR 10.65.2.251 ASBR 10.65.2.251 outgoing interface v49 v49 v201 v201 Area 0 0 65 65 Syntax: show ip ospf border-routers TABLE 33 CLI display of OSPF border routers This field... Displays...
Displaying OSPF information Brocade# show ip ospf interface 192.168.1.1 Ethernet 2/1,OSPF enabled IP Address 192.168.1.1, Area 0 OSPF state ptr2ptr, Pri 1, Cost 1, Options 2, Type pt-2-pt Events 1 Timers(sec): Transit 1, Retrans 5, Hello 10, Dead 40 DR: Router ID 0.0.0.0 Interface Address 0.0.0.0 BDR: Router ID 0.0.0.0 Interface Address 0.0.0.0 Neighbor Count = 0, Adjacent Neighbor Count= 1 Neighbor: 10.2.2.
Displaying OSPF information Displaying OSPF virtual neighbor and link information You can display OSPF virtual neighbor and virtual link information. For example, the following show run display shows the configuration in Figure 16. Brocade#show run Current configuration: ! ver V2.2.
Displaying OSPF information Displaying OSPF virtual neighbor Use the show ip ospf virtual neighbor command to display OSPF virtual neighbor information. The following example relates to the configuration in Figure 16. Brocade# show ip ospf virtual neighbor Indx Transit Area Router ID Neighbor address options 1 1 10.1.1.10 10.14.1.10 2 Port Address state events count 6/2 10.11.1.
Displaying OSPF information Graceful Link States Area Interface Adv Rtr Age Seq(Hex) Prd Rsn 0 eth 1/2 10.2.2.2 7 80000001 60 SW Nbr Intf IP 10.1.1.2 This display shows the following information. TABLE 35 CLI display of OSPF database grace link state information This field... Displays... Area The OSPF area that the interface configured for OSPF graceful restart is in. Interface The interface that is configured for OSPF graceful restart. Adv Rtr ID of the advertised route.
Displaying OSPF information Originating router-LSAs with maximum metric Condition: Always Current State: Active Link Type: PTP STUB TRANSIT Additional LSAs originated with maximum metric: LSA Type Metric Value AS-External 16711680 Type 3 Summary 16711680 Type 4 Summary 16711680 Opaque-TE 4294967295 The 03.5.
Clearing OSPF information Clearing OSPF information You can use the clear ip ospf commands to clear OSPF data on an router as described in the following: • neighbor information – refer to “Clearing OSPF neighbors” on page 239. • reset the OSPF process – “Disabling and re-enabling the OSPF process” on page 239. • clear and re-add OSPF routes – “Clearing OSPF routes” on page 239.
Commands Commands The following commands support the features described in this chapter: • area prefix-list • ip prefix-list • show ip prefix-lists 240 Multi-Service IronWare Routing Configuration Guide 53-1003033-02
area prefix-list area prefix-list Filters prefixes advertised in type 3 link-state advertisements (LSAs) between Open Shortest Path First (OSPF) areas of an Area Border Router (ABR). The no form of this command changes or cancels the filter. Syntax area {area-id | area_ip} prefix-list prefix-list-name {in | out} no area {area-id | area_ip} prefix-list prefix-list-name {in | out} Command Default Parameters area-id Identifies the area where filtering is configured in number format.
area prefix-list Related Commands 242 area range Multi-Service IronWare Routing Configuration Guide 53-1003033-02
ip prefix-list ip prefix-list Creates a prefix list or adds a prefix-list entry. The no form of this command deletes a prefix-list entry. Syntax ip prefix-list name [seq seq-value] [description string] {deny | permit} network-addr/mask-bits [ge ge-value] [le le-value] no ip prefix-list name [seq seq-value] [description string] {deny | permit} network-addr/mask-bits [ge ge-value] [le le-value] Command Default Parameters name Specifies the prefix list name.
ip prefix-list Examples The following example configures an IP prefix list “Routesfor20”, which permits routes to network “20.20.0.0/24”. The area command configures the device to use the IP prefix list “Routesfor20” to determine which routes to send to area “10.10.10.1”. The device sends routes that go to “20.20.x.x” to area “10.10.10.1” because the IP prefix list explicitly permits these routes to be sent to the area. Brocade(config)# ip prefix-list Routesfor20 permit 20.20.0.
show ip prefix-lists show ip prefix-lists Displays information about configured prefix lists / a specific prefix list Syntax show ip prefix-lists [prefix-list-name] Command Default Parameters Command Modes prefix-list-name Name of a specific prefix list User EXEC mode Privileged EXEC mode Usage Guidelines Command Output Examples The show ip prefix-lists command displays the following information: Output field Description ip prefix-list Name of the prefix list, number of entries on the prefix lis
show ip prefix-lists 246 Multi-Service IronWare Routing Configuration Guide 53-1003033-02
Chapter 3 IS-IS (IPv4) Table 37 displays the individual Brocade devices and the IPv4 IS-IS features they support.
IS-IS (IPv4) TABLE 37 Supported Brocade IPv4 IS-IS features (Continued) Features supported Brocade NetIron XMR Series Brocade MLX Series Brocade NetIron CES 2000 Series BASE package Brocade NetIron CES 2000 Series ME_PREM package Brocade NetIron CES 2000 Series L3_PREM package Brocade NetIron CER 2000 Series Base package Brocade NetIron CER 2000 Series Advanced Services package Priority for Designated IS Election Yes Yes No Yes Yes Yes Yes Limiting Access Yes to Adjacencies With a Neighbo
Relationship to IP route table • RFC 2763 – “Dynamic Host Name Exchange Mechanism for IS-IS”, 2000. • RFC 2966 – “Domain-wide Prefix Distribution with Two-Level IS-IS”, 2000 • RFC 3373 – “Three-Way Handshake for Intermediate System to Intermediate System (IS-IS) Point-to-Point Adjacencies”, 2002 • Portions of the Internet Draft “IS-IS extensions for Traffic Engineering” draft-ieff-isis-traffic-02.txt (dated 2000).
Relationship to IP route table Figure 17 shows an example of an IS-IS network. FIGURE 17 An IS-IS network contains Intermediate Systems (ISs) and host systems NOTE Since the implementation of IS-IS does not route OSI traffic but instead routes IP traffic, IP hosts are shown instead of ESs. The other basic IS-IS concepts illustrated in this figure are explained in the following sections. Domain and areas IS-IS is an IGP, and thus applies only to routes within a single routing domain.
Relationship to IP route table • Level-2 – A Level-2 router routes traffic between areas within a domain. In Figure 17 on page 250, Routers A and B are Level-1s only. Routers C and D are Level-1 and Level-2 ISs. Router E is a Level-1 IS only. Neighbors and adjacencies A Brocade device configured for IS-IS forms an adjacency with each of the IS-IS devices to which it is directly connected.
Relationship to IP route table Figure 18 shows an example of the results of Designated IS elections. For simplicity, this example shows four of the five routers in Figure 17 on page 250, with the same domain and areas.
IS-IS CLI levels Three-way handshake for point-to-point adjacencies Support was provided for Three-Way Handshake for Point-to-Point adjacencies as described in RFC 3373. This feature provides three-way handshake mechanisms on point-to-point interfaces for the following benefits: • Identifies neighbor restarts within the holding time period • Identifies uni-directional link failures and stops forming of an adjacency with a peer where such link failures occur.
IS-IS CLI levels Address family configuration level The Brocade device’s implementation of IS-IS includes the address family configuration level. Address families allow you to configure IPv4 IS-IS unicast settings that are separate and distinct from IPv6 IS-IS unicast settings (when IPv6 is supported). Under the address family level, Brocade devices currently support the unicast address family configuration level only.
Globally configuring IS-IS on a device 2. If you have not already configured a NET for IS-IS, enter commands such as the following. Brocade(config-isis-router)# net 49.2211.0000.00bb.cccc.00 Brocade(config-isis-router)# The commands in the example above configure a NET that has the area ID 49.2211, the system ID 0000.00bb.cccc (the device’s base MAC address), and SEL value 00. Syntax: [no] net area-id.system-id.sel The area-id parameter specifies the area and has the format xx or xx.xxxx.
Globally configuring IS-IS on a device Setting the overload bit If an IS’s resources are overloaded and are preventing the IS from properly performing IS-IS routing, the IS can inform other ISs of this condition by setting the overload bit in LSPDUs sent to other ISs from 0 (off) to 1 (on). When an IS is overloaded, other ISs will not use the overloaded IS to forward traffic.
Globally configuring IS-IS on a device Configuring authentication By default, a Brocade device does not authenticate packets sent to or received from an end system (ES) or other intermediate system (IS). In previous releases, the Multi-Service IronWare software let you configure area, domain, and circuit passwords to direct the Brocade device to check for a password in packets sent from the device.
Globally configuring IS-IS on a device Brocade(config-isis-router)# auth-mode md5 level-1 Brocade(config-isis-router)# auth-key supervisor level-1 Brocade(config-isis-router)# auth-key supervisor level-2 Syntax: [no] auth-key string [ level-1 | level-2 ] The string variable specifies a text string that is used as an authentication password. The authentication mode must be configured before this value can be configured. By default, the authentication key is encrypted.
Globally configuring IS-IS on a device Configuring IS-IS MD5 authentication on a specified interface To configure IS-IS MD5 authentication on a specified interface on a Brocade device, you must perform the following tasks: • Configure IS-IS Interface Authentication Mode for a Specified Interface • Configure IS-IS Authentication Key on the Interface • Disable IS-IS Authentication Check on an Interface (optional) Configuring IS-IS authentication mode for a specified interface The following commands configur
Globally configuring IS-IS on a device NOTE The isis auth-key command allows the user to configure more 80 characters, but only the first 80 characters are used. Disabling IS-IS authentication checking on a specified interface When transitioning from one authentication mode to another, changing the authentication mode can cause packets to drop because only some of the routers have been reconfigured.
Globally configuring IS-IS on a device The Brocade device’s hostname is displayed in each CLI command prompt, for example. Brocade(config-isis-router)# The name mapping feature is enabled by default. If you want to disable name mapping, enter the following command. Brocade(config-isis-router)# no hostname Syntax: [no] hostname To display the name mappings, enter the show isis hostname command.
Globally configuring IS-IS on a device NOTE The max-lsp-lifetime and the lsp-refresh-interval must be set in such a way that the LSPs are refreshed before the max-lsp-lifetime expires; otherwise, the Brocade device's originated LSPs may be timed out by it's neighbors. Refer to “Changing the LSP refresh interval” on page 262. Changing the LSP refresh interval The LSP refresh interval is the maximum number of seconds the Brocade device waits between sending updated LSPs to its IS-IS neighbors.
Globally configuring IS-IS on a device Changing the SPF timer Every IS maintains a Shortest Path First (SPF) tree, which is a representation of the states of each of the IS’s links to ESs and other ISs. If the IS is both a Level-1 and Level-2 IS, it maintains separate SPF trees for each level. To ensure that the SPF tree remains current, the IS updates the tree at regular intervals following a change in network topology or the link state database.
Globally configuring IS-IS on a device The second-wait variable is an optional value that specifies the wait time between the first and second PSPF calculations. If this optional value is configured, it will be doubled with each PSPF recalculation until the value is equal to the spf-max-wait value. The range of acceptable values is 0 – 120000 milliseconds. The default for this variable is value of the max-wait time.
Globally configuring IS-IS on a device The point-to-point option enables hello PDU padding on Point-to-Point interfaces. To disable hello padding on an interface, refer to “Disabling and enabling hello padding on an interface” on page 287. Logging adjacency changes The Brocade device can be configured to log changes in the status of an adjacency with another IS. Logging of the adjacency changes is disabled by default. To enable or disable them, use either of the following methods.
Globally configuring IS-IS on a device Disabling incremental SPF optimizations In the event of certain topology changes (for instance non-local adjacency flaps), IS-IS employs incremental SPF optimizations to efficiently update the routing table. An incremental SPF is faster and takes fewer CPU cycles than a full SPF. You can optionally configure IS-IS to perform a full SPF calculation when any network topology change occurs by using the disable-incremental-spf-opt command.
Configuring IPv4 address family route parameters To restore incremental shortcut LSP SPF optimization, use the no form of this command. Configuring IPv4 address family route parameters This section describes how to modify the IS-IS parameters for the IS-IS IPv4 unicast address family. To enter the IPv4 unicast address family, refer to the “Address family configuration level” on page 254. Changing the metric style The metric style specifies the Types, Lengths, and Values (TLVs) an IS-IS LSP can have.
Configuring IPv4 address family route parameters To return to the default number of maximum paths, enter the no form of this command. Enabling advertisement of a default route By default, the Brocade device does not generate or advertise a default route to its neighboring ISs. A default route is not advertised even if the device’s IPv4 route table contains a default route. You can enable the device to advertise a default route to all neighboring ISs using one of the following methods.
Configuring IPv4 address family route parameters Matching based on IS-IS protocol type The match option has been added to the route-map command that allows IS-IS routes to be matched based on level-1 or level-2 or all IS-IS routes. Brocade(config-routemap test)# match protocol isis level-1 Syntax: [no] match protocol isis {level-1|level-2} The match protocol isis level-1 option can be used to match the IS-IS Level-1 routes.
Configuring IPv4 address family route parameters Configuring summary addresses You can configure summary addresses to aggregate IS-IS route information. Summary addresses can enhance performance by reducing the size of the Link State database, reducing the amount of data the Brocade device needs to send to its neighbors, and reducing the CPU cycles used for IS-IS. When you configure a summary address, the address applies only to Level-2 routes by default.
Configuring IPv4 address family route parameters The device attempts to use the redistributed route’s metric as the route’s IPv4 IS-IS metric. For example, if an OSPF route has an OSPF cost of 20, the device uses 20 as the route’s IPv4 IS-IS metric. The device uses the redistributed route’s metric as the IPv4 IS-IS metric unless the route does not a have a valid metric. In this case, the device assigns the default metric value to the route.
Configuring IPv4 address family route parameters Syntax: [no] default-link-metric value [level-1 | level-2] The value parameter is the default-link-metric value to be set for the given address-family. This is a required parameter for this command. There is no default value for this parameter. For metric-style narrow: 1 to 63. For metric-style wide: 1 to 16777215. The level parameter is an optional parameter used to set the default-metric for only one of the levels.
Configuring IPv4 address family route parameters The metric num parameter changes the metric. You can specify a value from 0 - 4294967295. The metric-type external | internal parameter restricts redistribution to one of the following: • external – The metric value is not comparable to an IPv4 IS-IS internal metric and is always higher than the IPv4 IS-IS internal metric. • internal – The metric value is comparable to metric values used by IPv4 IS-IS. This is the default.
Configuring IPv4 address family route parameters Syntax: [no] redistribute ospf [level-1 | level-1-2 | level-2 ] | match [external1 | external2 | internal] | metric number | metric-type [external | internal] | route-map name Most of the parameters are the same as the parameters for the redistribute static command. However, the redistribute ospf command also has the match external1 | external2 | internal parameter. This parameter specifies the OSPF route type you want to redistribute into IPv4 IS-IS.
Configuring IS-IS point-to-point over Ethernet Configuring IS-IS point-to-point over Ethernet IS-IS uses its neighbor’s MAC address to form an adjacency and stores the neighbors MAC address to recognize the adjacency in the future. This is no problem with directly adjacent routers but can become a problem when adjacency is required between routers that are more than one hop away.
Configuring IS-IS over a GRE IP tunnel Displaying IS-IS point-to-point configuration Use the show isis interface command to determine if IS-IS point-to-point is configured on an interface. In the example below, the lines in bold identify IS-IS point-to-point configuration.
Configuring IS-IS over a GRE IP tunnel Configuration considerations The configuration considerations are as follows: • When a GRE tunnel is configured, you cannot configure the same routing protocol on the tunnel through which the device learns the route to the tunnel destination. For example, if a device learns the tunnel destination route through the OSPF protocol, you cannot configure the OSPF protocol on the same Tunnel and vice-versa.
Configuring IS-IS over a GRE IP tunnel Brocade IS-IS Router B configuration To configure Brocade IS-IS Router B for the IS-IS Point-to-Point feature use the following commands. Brocade(config)# interface ethernet 1/1 Brocade(config-if-e10000-1/1)# ip router isis Brocade(config-if-e10000-1/1)# ip address 10.10.2.2 Brocade(config-if-e10000-1/1)# isis point-to-point Brocade C configuration To configure the Brocade C router for the IS-IS over a GRE IP tunnel feature, use the following commands.
IS-IS Non-Stop Routing Level-1 Designated IS: XMR1-02 Level-1 DIS Changes: 0 Level-2 Metric: 10, Level-2 Priority: 50 Level-2 Hello Interval: 10 Level-2 Hello Multiplier: 3 Level-2 Designated IS: MLX2-02 Level-2 DIS Changes: 0 Circuit State Changes: 1 Circuit Adjacencies State Changes: 1 Rejected Adjacencies: 0 Circuit Authentication L1 failures: 0 Circuit Authentication L2 failures: 0 Bad LSPs 0 Control Messages Sent: 318 Control Messages Received: 229 IP Enabled: TRUE IP Address and Subnet Mask: 10.50.
IS-IS Non-Stop Routing IS-IS Non-Stop Routing (NSR) enables the IS-IS router to maintain topology and data flow to avoid re-convergence in the network during a processor switchover or hitless-reload event. The IS-IS Bidirectional Forwarding Detection (BFD) sessions survive the switchover and hitless-reload conditions. In general, a router restart causes its peer to remove the routes originated from the router and reinstalls them.
IS-IS Non-Stop Routing Disabling and enabling IS-IS graceful restart helper mode Graceful Restart allows for the forwarding of data packets to continue along known routes while the routing protocol information is being restored following a processor switchover. NOTE The ISIS GR helper mode is enabled by default on the the router and there is no configuration required. To disable ISIS graceful restart (GR) helper mode, enter the following commands.
IS-IS Non-Stop Routing No ISIS Shortcuts Configured BFD: Disabled NSR: Enabled NSR State: Normal Standby MP: Ready Sync State: Enabled Interfaces with IPv4 IS-IS configured: ethernet 2/1 ve 20 ve 165 loopback 1 loopback 2 loopback 3 The following table describes the output of the show isis command. TABLE 38 Output from the show isis command This field... Displays...
IS-IS Non-Stop Routing TABLE 38 Output from the show isis command (Continued) This field... Displays...
IS-IS Non-Stop Routing TABLE 38 Output from the show isis command (Continued) This field... Displays... Second-wait This fields indicates the wait time between the first and second PSPF calculations.
Configuring ISIS properties on an interface TABLE 38 Output from the show isis command (Continued) This field... Displays... BFD The value can be: • Enabled • Disabled Interfaces with IPv4 IS-IS configured This field specifies the interfaces on which IPv4 IS-IS is configured. NSR state This field indicates the state of the IS-IS NSR and takes the following values: • Normal - This indicates that the switchover is either compete or the switchover event is not triggerd.
Configuring ISIS properties on an interface Syntax: [no] ip router isis Disabling or re-enabling formation of adjacencies When you enable IS-IS on any type of interface except a loopback interface, the interface also is enabled to send advertisements and form an adjacency with an IS at the other end of the link by default. Adjacency formation and advertisements are disabled by default on loopback interfaces. You can enable or disable adjacency formation and advertisements on an interface.
Configuring ISIS properties on an interface Limiting access to adjacencies with a neighbor In addition to limiting access to an area (level-1) or domain (level-2), you can limit access to forming an IS-IS adjacency on a specific interface by entering a password at the interface configuration level. To enter this password, enter a command such as the following.
Configuring ISIS properties on an interface Changing the hello interval The hello interval controls how often an IS-IS interface sends hello messages to its IS-IS neighbors. The default interval is 10 seconds for Level-1 and Level-2. You can change the hello interval for one or both levels to a value from 1 – 65535 seconds. To change the hello interval for Ethernet interface 2/8, enter commands such as the following.
Displaying IPv4 IS-IS information The Brocade device applies the interface-level metric to routes originated on the interface and also when calculating routes. The Brocade device does not apply the metric to link-state information that the Brocade device receives from one IS and floods to other ISs. The default interface metric is 10.
Displaying IPv4 IS-IS information Brocade#show isis IS-IS Routing Protocol Operation State: Enabled IS-Type: Level-1-2 System ID: 0000.0011.
Displaying IPv4 IS-IS information TABLE 39 IS-IS neighbor information (Continued) This field... Level-1-2 Database State Displays... The state of the Level 1-2 Database: On Off • • Administrative Distance The current setting of the IS-IS administrative distance. Maximum Paths The number of paths IS-IS can calculate and install in the forwarding table Default redistribution metric The value of the default redistribution metric, which is the IS-IS cost of redistributing the route into IS-IS.
Displaying IPv4 IS-IS information TABLE 39 IS-IS neighbor information (Continued) This field... SPF run status. Displays... This field is not specifically labeled but is displayed directly under the SPF timers.) It can any of the three values shown below: • SPF is running • SPF will run in sec where the sec variable is a value in seconds until the next time that SPF will be run. • SPF is not scheduled Timers: PSPF: max-wait The maximum time gap that will occur between running of PSPF calculations.
Displaying IPv4 IS-IS information TABLE 39 IS-IS neighbor information (Continued) This field... Global Hello Padding Global Hello Padding For Point to Point Circuits Displays...
Displaying IPv4 IS-IS information Displaying the name mappings To display the mappings, enter the following command at any level of the CLI. Brocade# show isis hostname Total number of entries in IS-IS Hostname Table: 1 System ID Hostname * = local IS * 0000.00cc.dddd XMR Syntax: show isis hostname The table in this example contains one mapping, for this Brocade device. The Brocade device’s IS-IS system ID is “0000.00cc.dddd“ and its hostname is “XMR”.
Displaying IPv4 IS-IS information TABLE 40 IS-IS neighbor information (Continued) This field... Displays... Type The IS-IS type of the adjacency. The type can be one of the following: • ISL1 – Level-1 IS • ISL2 – Level-2 IS • ES – ES NOTE: The Brocade device forms a separate adjacency for each IS-IS type. Thus, if the Brocade device has both types of IS-IS adjacencies with the neighbor, the display contains a separate row of information for each adjacency.
Displaying IPv4 IS-IS information TABLE 41 IS-IS neighbor information (Continued) This field... Displays... Type The IS-IS type of the adjacency. The type can be one of the following: • ISL1 – Level-1 IS • ISL2 – Level-2 IS • ES – ES NOTE: The Brocade device forms a separate adjacency for each IS-IS type. Thus, if the Brocade device has both types of IS-IS adjacencies with the neighbor, the display contains a separate row of information for each adjacency.
Displaying IPv4 IS-IS information To display Syslog entries, enter the following command at any level of the CLI. Brocade# show logging Syslog logging: enabled (0 messages dropped, 0 Buffer logging: level ACDMEINW, 3 messages level code: A=alert C=critical D=debugging I=informational N=notification flushes, 0 overruns) logged M=emergency E=error W=warning Static Log Buffer: Dynamic Log Buffer (50 lines): 00d00h00m42s:N:BGP Peer 10.147.202.10 UP (ESTABLISHED) 00d00h00m18s:N:ISIS L2 ADJACENCY UP 0000.0034.
Displaying IPv4 IS-IS information IPv6 Enabled: TRUE IPv6 Addresses: 1000::1/32 IPv6 Link-Local Addresses: fe80::200:ff:fe02:c000 MPLS TE Enabled: FALSE The following is an example of the show isis interface command for a POS Interface module configured with a Circuit Type: PTP.
Displaying IPv4 IS-IS information TABLE 42 IS-IS interface information (Continued) This field... Displays... Circuit Type The type of IS-IS circuit running on the interface. The circuit type can be one of the following: • BCAST (broadcast). • PTP (Point-to-Point) Passive State The passive state determines whether the interface is allowed to form an IS-IS adjacency with the IS at the other end of the circuit. The state can be one of the following: • FALSE – The passive option is disabled.
Displaying IPv4 IS-IS information TABLE 42 IS-IS interface information (Continued) This field... Displays... Level-2 Hello Multiplier The number by which the software multiplies the hello interval to calculate the hold time set for Level-2 Hello PDUs sent on this circuit. This parameter is not displayed for interfaces that are configured with a Point-to-Point circuit type. This is because separate Level-2 Hello messages are not sent on Point-to-Point interfaces.
Displaying IPv4 IS-IS information TABLE 42 IS-IS interface information (Continued) This field... Displays... IPv6 Enabled If set to TRUE, the IPv6 protocol is enabled for this circuit. IPv6 Address and Subnet Mask The IPv6 address and subnet mask for this interface. Ipv6 Link-Local Addresses The IPv6 link local address for this interface. MPLS TE Enabled: If set to TRUE, MPLS Traffic Engineering protocol is enabled for this circuit.
Displaying IPv4 IS-IS information TABLE 43 IS-IS route information (Continued) This field... Displays... Tag The tag value associated with the route. Path The path number in the table. The IS-IS route table can contain multiple equal-cost paths to the same destination, in which case the paths are numbered consecutively. When IP load sharing is enabled, the Brocade device can load balance traffic to the destination across the multiple paths.
Displaying IPv4 IS-IS information The l1 and level1 parameters display the Level-1 LSPs only. You can use either parameter. The l2 and level2 parameters display the Level-2 LSPs only. You can use either parameter. The show isis database summary display shows the following information. TABLE 44 IS-IS summary LSP database information This field... Displays... LSPID The LSP ID, which consists of the source ID (6 bytes), the pseudonode (1 byte), and LSPID (1 byte).
Displaying IPv4 IS-IS information Displaying detailed information To display detailed information for all the LSPs in the Brocade device’s LSP databases, enter the following command at any level of the CLI. Brocade# show isis database detail IS-IS Level-1 Link State Database LSPID LSP Seq Num LSP Checksum XMR.00-00* 0x0000000b 0x23fb Area Address: 49 NLPID: CC(IP) Hostname: XMR14 IP Address: 10.1.1.1 IPv6 Address: 2001:db8::14 Metric: 10 IP-Internal 10.1.1.0/24 Metric: 10 IS XMR.
Displaying IPv4 IS-IS information TABLE 45 IS-IS detailed LSP database information (Continued) This field... Displays... Destination addresses The rows of information below the IP address row are the destinations advertised by the LSP. The Brocade device can reach these destinations by using the IP address listed above as the next hop.
Displaying IPv4 IS-IS information Table 46 defines the fields shown in the above example output of the show ip ospf interface brief command. TABLE 46 Output of the show isis database summary command This field Displays Number of LSPs Total number of LSPs in database (includes those in the loading state). Number of LSPs loading Number of LSPs pending a full LSP update. This value is generally non-zero during adjacency formation.
Displaying IPv4 IS-IS information TABLE 47 IS-IS traffic statistics (Continued) This field... Displays... Level-2 LSP The number of Level-2 link-state PDUs sent and received by the Brocade device. Level-1 CSNP The number of Level-1 Complete Sequence Number PDUs (CSNPs) sent and received by the Brocade device. Level-2 CSNP The number of Level-2 CSNPs sent and received by the Brocade device.
Displaying IPv4 IS-IS information TABLE 48 IS-IS error statistics (Continued) This field... Displays... LSP Sequence Number Skipped The number of times the Brocade device received an LSP with a sequence number that was more than 1 higher than the sequence number of the previous LSP received from the same neighbor.
Displaying IPv4 IS-IS information TABLE 48 IS-IS error statistics (Continued) This field... Displays... Length Too Long The number of PDUs dropped at both Level-1 and Level-2 because the received PDU length is greater than the MTU of the link. This counter will only be displayed if it has a value greater than zero. Max Area Check Failure The number of PDUs dropped at both Level-1 and Level-2 because the received PDU has a maximum area count different than what is configured on this IS-IS router.
Displaying IPv4 IS-IS information Displaying the IS-IS SPF Log The show isis spf-log command displays the ISIS Log, as shown in the following. Brocade#show isis spf-log detail ISIS Level-1 SPF Log When Duration Nodes Count Last-Trigger-LSP Trigger 0h1m57s 0 3 2 mu1.00-00 Adjacency Change Ipv4 Route updates: 4000 Ipv6 Route updates: 0 First Trigger: 0h1m45s Adj TLV Changed in LSP mu2.00-00 Last Trigger : 0h1m45s Adj TLV Changed in LSP mu1.00-00 0h2m3s 0 3 2 mu2.
Displaying IPv4 IS-IS information TABLE 49 IS-IS SPF log information (Continued) This field... Displays... Last Trigger LSP When a full SPF calculation is triggered by the arrival of a new LSP, the router stores the LSP ID. The LSP ID can provide a clue about the source of routing instability in an area. If multiple LSPs in a single level are causing SPF runs, only the LSP ID of the last received LSP is recorded. Triggers The reason that a full SPF calculations was triggered.
Clearing the IS-IS SPF Log TABLE 50 Trigger types and description (Continued) Trigger Description ISTCT_SPF Computation The user issued the disable-incremental-stct-spf-opt command. User Cleared IS-IS All The user issued the clear isis all command. Interface Config Change ISIS was enabled or disabled on a port. User Trigger The user issued the clear isis spf-trigger command.
Clearing IS-IS information When the level-1 or level-2 options are used, the SPF calculation is only triggered for the specified level. If not specified, the SPF calculation will be triggered for both. Clearing IS-IS information To clear the IS-IS information that the Brocade device has accumulated since the last time you cleared information or reloaded the software, use either of the following methods.
Clearing a specified LSP from IS-IS database This command directs the router to clear the IS-IS neighbor specified by the sys-id variable on all possible interfaces or to clear the IS-IS neighbor specified by the sys-id variable on an interface specified using one of the following options: ethernet slot/port – clears the specified IS-IS neighbor on the specified Ethernet interface. pos slot/port – clears the specified IS-IS neighbor on the specified POS interface.
Chapter 4 RIP (IPv4) Table 51 displays the individual Brocade devices and the RIP features they support.
RIP parameters and defaults A Brocade device can receive multiple paths to a destination. The software evaluates the paths, selects the best path, and saves the path in the IP route table as the route to the destination. Typically, the best path is the path with the fewest hops. A hop is another router through which packets must travel to reach the destination.
RIP parameters and defaults TABLE 52 RIP global parameters (Continued) Parameter Description Default See page... Redistribution RIP can redistribute routes from other routing protocols such as OSPF and BGP4 into RIP. A redistributed route is one that a router learns through another protocol, then distributes into RIP. Disabled page 319 Redistribution metric RIP assigns a RIP metric (cost) to each external route redistributed from another routing protocol into RIP.
Configuring RIP parameters TABLE 53 RIP interface parameters (Continued) Parameter Description Default See page... Loop prevention The method a Brocade device uses to prevent routing loops caused by advertising a route on the same interface as the one on which the Brocade device learned the route. • Split horizon – The Brocade device does not advertise a route on the same interface as the one on which the Brocade device learned the route.
Configuring RIP parameters Changing the cost of routes learned or advertised on a port By default, a Brocade device port increases the cost of a RIP route that is learned on the port. The Brocade device increases the cost by adding one to the route’s metric before storing the route. You can change the amount that an individual port adds to the metric of RIP routes learned on the port. To increase the metric for learned routes, enter commands such as the following.
Configuring RIP parameters Configuring redistribution filters RIP redistribution filters apply to all interfaces. Use route maps to define how you want to deny or permit redistribution. NOTE The default redistribution action is permit, even after you configure and apply redistribution filters to the virtual routing interface. If you want to tightly control redistribution, apply a filter to deny all routes as the last filter (the filter with the highest ID), then apply filters to allow specific routes.
Configuring RIP parameters Matching based on RIP protocol type The match option has been added to the route-map command that allows statically configured routes or the routes learned from the IGP protocol RIP. To configure the route map to match to RIP, enter a command such as the following.
Configuring RIP parameters Configuring a RIP neighbor filter By default, a Brocade device learns RIP routes from all its RIP neighbors. Neighbor filters allow you to specify the neighbor routers from which the Brocade device can receive RIP routes. Neighbor filters apply globally to all ports. To configure a RIP neighbor filters, enter a command such as the following.
Configuring RIP parameters You can configure the Brocade device to avoid routing loops by advertising local RIP routes with a cost of 16 (“infinite” or “unreachable”) when these routes go down. Brocade(config-rip-router)# poison-local-routes Syntax: [no] poison-local-routes Suppressing RIP route advertisement on a VRRP or VRRPE backup interface NOTE This section applies only if you configure the Brocade device for Virtual Router Redundancy Protocol (VRRP) or VRRP Extended (VRRPE).
Configuring RIP parameters The prefix lists permit routes to three networks, and deny the route to one network. Since the default action is permit, all other routes (routes not explicitly permitted or denied by the filters) can be learned or advertised. Syntax: [no] ip prefix-list name permit | deny source-ip-address | any source-mask | any To apply a prefix list at the global level of RIP, enter commands such as the following.
Displaying RIP Information Displaying RIP Information To display RIP filters, enter the following command at any CLI level.
Displaying RIP Information To display RIP filters for a specific interface, enter the following command.
Displaying RIP Information TABLE 54 CLI display of neighbor filter information (Continued) This field... Displays... Action The action the Brocade device takes for RIP route packets to or from the specified neighbor: • deny – If the filter is applied to an interface’s outbound filter group, the filter prevents the Brocade device from advertising RIP routes to the specified neighbor on that interface.
Displaying RIP Information To display current running configuration for ve 20, enter the following command. Brocade#show running-config interface ve 20 interface ve 20 ip ospf area 1 ip rip v1-only ip rip poison-reverse ip address 10.2.0.
Chapter 5 Policy-Based Routing (IPv4) Table 55 displays the individual Brocade devices and the Policy-Based Routing features they support.
Configuration considerations Policy-Based Routing (PBR) allows you to use ACLs and route maps to selectively modify and route IP packets in hardware. The ACLs classify the traffic. Route maps that match on the ACLs set routing attributes for the traffic. A PBR policy specifies the next hop for traffic that matches the policy. Using standard ACLs with PBR, you can route IP packets based on their source IP address.
Configuring a PBR policy • If an IPv4 option packet matches a permit ACL filter with the option keyword, it is hardware-forwarded based on its PBR next-hop (if available). If no PBR next-hop is available, the packet is either software or hardware-forwarded (depending on whether ignore-options is configured), based on an IP forwarding decision. • Policy Based Routing (PBR) currently does not support the IPv4 and IPv6 features for changing the MTU.
Configuring a PBR policy NOTE If none of the clauses of an IPv4 PBR routemap definition contains both 'match' and 'set' statements together, PBR doesn't work and normal routing takes place. To configure a PBR route map, enter commands such as the following: Brocade(config)# route-map test-route permit 99 Brocade(config-routemap test-route)# match ip address 99 Brocade(config-routemap test-route)# set ip next-hop 192.168.2.
Configuring a PBR policy • Setting the Next Hop to VLAN Flooding Setting the next hop to an IP address You can set the next hop to an IP address as shown in the following: Brocade(config)# route-map net10web permit 101 Brocade(config-routemap net10web)# match ip address 101 Brocade(config-routemap net10web)# set ip next-hop 10.1.1.
Configuring a PBR policy Setting the next hop to a Null0 interface NOTE This feature is not currently supported on the Brocade NetIron CES or Brocade NetIron CER. Sending traffic to a NullO Interface drops the traffic. You can set the next hop to a Null0 interface as shown in the following.
Configuring a PBR policy The no set next-hop-flood-vlan vlan-id outgoing-da mac-address command deletes only the outgoing-da option from the set statement. It does not delete the set statement itself. To delete the set statement, the user would have to specify the no set next-hop-flood-vlan vlan-id command. In the case of traffic incoming on MPLS uplink, PBR to VLAN flooding is only supported for IPv4 traffic, and not for MPLS traffic.
Configuration examples Configuration examples This section presents configuration examples for: • • • • “Basic example” on page 336 “Setting the next hop” on page 336 “Setting the output interface to the null interface” on page 338 “Selectively applying normal routing to packets” on page 338 Basic example The following commands configure and apply a PBR policy that routes HTTP traffic received on virtual routing interface 1 from the 10.10.10.x/24 network to 10.5.5.x/24 through next-hop IP address 10.1.
Configuration examples Brocade(config-mpls-lsp-t3)# to 10.1.1.1 Brocade(config-mpls-lsp-t3)# enable Brocade(config)# route-map pbrmap permit 10 Brocade(config-routemap pbrmap)# match ip address 101 Brocade(config-routemap pbrmap)# set next-hop-lsp t3 The following commands configure three entries in a route map called “test-route”. The first entry (permit 50) matches on the IP address information in ACL 50 above. For IP traffic from subnet 10.157.23.
Configuration examples Brocade(config)# interface tunnel 1 Brocade(config-tnif-1)# tunnel mode gre ip Brocade(config-tnif-1)# tunnel source ethernet 1/2 Brocade(config-tnif-1)# tunnel destination 10.0.8.108 Brocade(config-tnif-1)# ip address 10.10.3.2/24 Brocade(config-tnif-1)# exit Brocade(config)# interface tunnel 2 Brocade(config-tnif-2)# tunnel mode gre ip Brocade(config-tnif-2)# tunnel source ethernet 2/2 Brocade(config-tnif-2)# tunnel destination 10.0.9.108 Brocade(config-tnif-2)# ip address 10.10.4.
Configuration examples Brocade(config)# access-list 112 deny tcp host 192.168.2.2 any Brocade(config)# access-list 112 permit ip host 192.168.2.2 any Brocade(config)# route-map mymap2 permit 10 Brocade(config-routemap mymap2)# match ip address 112 Brocade(config-routemap mymap2)# set ip next-hop 10.1.1.2 Applying IPv6 PBR next hop VLAN flooding This example demonstrates how to configure matched traffic to be flooded on all ports of the VLAN except the incoming physical port.
Policy based routing with the preserve VLAN option Policy based routing with the preserve VLAN option When an IP packet matches the PBR policy with the preserve-vlan option, the Layer 2 and Layer 3 information is retained (for example, the VLAN information and the MAC address are retained). TTL is not decremented. A packet is sent to the configured next hop. IP packets not matching the PBR policy with preserve-vlan will be dropped.
Configuration examples Brocade(config-routemap test)# rule-name test permit 20 Syntax: [no] rule-name rule_name The rule_name parameter is the name assigned to a specific instance in a route-map. The rule-name may be up to 127 characters in length. The [no] version of the command removes the name assigned to this instance.
Configuration examples Brocade(config-if-e1000-1/1)# ip policy route-map map4 Brocade(config-if-e1000-1/1)# exit Brocade(config)# int ve 20 Brocade(config-vif-20)# ip policy route-map map4 Preserve VLAN IDs and replicate to multiple ports within a VLAN 1. Configure the route map with set policies to preserve VLAN for IPv4 traffic.
Policy-based routing support for preserve VLAN Output examples The following example shows the output of the show telemetry rule-name command.
Policy-based routing support for preserve VLAN The PBR TVF VLAN egress ports can be in strict tagged VLAN mode or dual VLAN mode. When PBR TVF VLAN egress ports are in strict tagged VLAN mode, the ingress tagged packets flood as "tagged" with the original VLAN ID and priority preserved. The ingress untagged packets flood as "tagged" with the default VLAN ID.
Chapter 6 MBGP Table 57 displays the individual Brocade devices and the Multi-protocol Border Gateway Protocol (MBGP) features they support.
MBGP This chapter provides details on how to configure Multi-protocol Border Gateway Protocol (MBGP). MBGP is an extension to BGP that allows a router to support separate unicast and multicast topologies. BGP4 cannot support a multicast network topology that differs from the network’s unicast topology. MBGP allows you to support a multicast topology that is distinct from the network’s unicast topology.
Configuration considerations Configuration considerations The configuration considerations are as follows: • MBGP does not redistribute DVMRP routes. It redistributes static routes only. • You cannot redistribute MBGP routes into BGP4. • By default, the Brocade device does not place a limit any limit on the number of multicast routes. You can configure the device to place a limit on the number of multicast routes by using the ip max-mroute command.
Configuring MBGP These commands increase the maximum number of multicast routes supported, save the configuration change to the startup-config file, and reload the software to place the change into effect. Syntax: [no] ip max-mroute num The num parameter specifies the number of multicast routes and can be from 1024 – 153,600. To define the maximum number of multicast routes for a specified VRF, use the following commands.
Configuring MBGP Adding MBGP neighbors To add an MBGP neighbor, enter a command such as the following. Brocade(config-bgp-ipv4m)#neighbor 10.2.3.4 remote-as 44 This command adds a router with IP address 10.2.3.4 as an MBGP neighbor. The remote-as 44 parameter specifies that the neighbor is in remote BGP4 AS 44. The Brocade device will exchange only multicast routes with the neighbor.
Configuring MBGP Optional configuration tasks The following sections describe how to perform some optional BGP4 configuration tasks. NOTE This section shows some of the more common optional tasks, including all the tasks that require you to specify that they are for MBGP. Most tasks are configured only for BGP4 but apply both to BGP4 and MBGP.
Configuring MBGP The weight num parameter specifies a weight to be added to routes to this network. Enabling redistribution of directly-connected multicast routes into MBGP To redistribute a directly-connected multicast route into MBGP enable redistribution of directly-connected routes into MBGP, using a route map to specify the routes to be redistributed. Example Brocade(config)# access-list 10 permit 10.95.22.0 0.0.0.
Configuring MBGP Syntax: [no] ip mroute ip-addr ip-mask [next-hop-ip-addr | ethernet slot/port | ve nu | tunnel num | null0] [cost] [distance num] The ip-addr and ip-mask parameters specifies the PIM source for the route. Also, for IPv6 address family, make sure you enter the IP address in IPv6 format. The ethernet slot/port parameter specifies a physical port. The ve num parameter specifies a virtual interface. The tunnel num parameter specifies a GRE tunnel interface that is being configured.
Displaying MBGP information NOTE For the suppress-map, advertise-map, and attribute-map parameters, the route map must already be defined. Displaying MBGP information All of the BGP show commands have MBGP equivalents. Use mbgp instead of bgp in the command syntax. For example, to display the MBGP route table, enter the show ip mbgp routes command instead of the show ip bgp routes command. Table 58 lists the MBGP show commands and describes their output.
Displaying MBGP information TABLE 59 MBGP show commands for IPv6 (Continued) Command Description show ipv6 mbgp flap-statistics Displays route flap dampening statistics. show ipv6 mbgp filtered-routes Displays routes that have been filtered out. The following sections show examples of some of the MBGP show commands. An example of the show ip mroute and the show ipv6 mroute commands are also included. Both of the commands display the multicast route table.
Displaying MBGP information Brocade# show ip mbgp config Current BGP configuration: router bgp local-as 200 neighbor 10.1.1.2 remote-as 200 address-family ipv4 unicast no neighbor 10.1.1.2 activate exit-address-family address-family ipv4 multicast redistribute connected redistribute static neighbor 10.1.1.
Displaying MBGP information Displaying MBGP neighbors To view MBGP IPv4 neighbor information including the values for all the configured parameters, enter the show ip mbgp neighbor command. This display is similar to the show ip bgp neighbor display but has additional fields that apply only to MBGP. These fields are shown in bold type in the example and are explained below. NOTE The display shows all the configured parameters for the neighbor.
Displaying MBGP information Brocade # show ipv6 mbgp neighbor 2001:db8::2 1 IP Address: 2001:db8::2, AS: 200 (EBGP), RouterID: 10.2.2.
Displaying MBGP information Displaying MBGP routes To display the MBGP IPv4 route table, enter the following command. Brocade#show ip mbgp route Total number of BGP Routes: 2 Status A:AGGREGATE B:BEST b:NOT-INSTALLED-BEST C:CONFED_EBGP D:DAMPED E:EBGP H:HISTORY I:IBGP L:LOCAL M:MULTIPATH S:SUPPRESSED s:STALE Prefix Next Hop Metric LocPrf Weight Status 1 10.8.8.0/24 10.1.1.2 0 100 0 BI AS_PATH: 2 10.1.1.0/24 10.1.1.
Displaying MBGP information The ip-addr ip-mask options display IPv4 multicast route information for a specific destination address only. The bgp parameter displays IPv4 multicast route information for BGP routes only. The static parameter displays IPv4 multicast route information for static routes only. To display the IPv6 multicast route table, enter the following command.
Displaying MBGP information Syntax: show ip mbgp attribute-entries To display MBPG attributes for IPv6, enter the following command. Brocade#show ipv6 mbgp attribute-entries Total number of BGP Attribute Entries: 10 1 Next Hop :2001:db8::1 Metric :100 Originator:0.0.0.0 Cluster List:None Aggregator:AS Number :0 Router-ID:0.0.0.
Displaying MBGP information To display MBGP dampened paths for IPv6.
Displaying MBGP information Displaying MBGP flap statistics To display MBGP flap statistics for IPv4. Brocade#show ip mbgp flap-statistics Total number of flapping routes: 10 Status Code >:best d:damped h:history Network From Flp *d 10.108.1.0/24 10.4.4.1 5 0 *d 10.101.1.0/24 10.4.4.1 5 0 *d 10.106.1.0/24 10.4.4.1 5 0 *d 10.10.1.0/24 10.4.4.1 5 0 *d 10.104.1.0/24 10.4.4.1 5 0 *d 10.109.1.0/24 10.4.4.1 5 0 *d 10.107.1.0/24 10.4.4.1 5 0 *d 10.105.1.0/24 10.4.4.1 5 0 *d 10.110.1.0/24 10.4.4.1 5 0 *d 10.103.1.
Displaying MBGP information Displaying MBGP peer groups To display MBGP Peer Groups for IPv4.
Clearing MBGP information Clearing MBGP information Use the commands in this section to clear MBGP information. Clearing route flap dampening information To clear MBGP IPv4 route flap dampening information, enter the following command. Brocade#clear ip mbgp dampening Syntax: clear ip mbgp dampening To clear MBGP IPv6 route flap dampening information, enter the following command.
Clearing MBGP information Syntax: clear ip mbgp local To clear MBGP IPv6 local information, enter the following command. Brocade#clear ipv6 mbgp local Syntax: clear ipv6 mbgp local Clearing BGP neighbor information To clear MBGP IPv4 BGP neighbor, enter the following command. Brocade#clear ip mbgp neighbor Syntax: clear ip mbgp neighbor To clear MBGP IPv6 BGP neighbor, enter the following command.
Clearing MBGP information 366 Multi-Service IronWare Routing Configuration Guide 53-1003033-02
Chapter 7 Multi-VRF Overview of Multi-VRF Table 60 displays the individual Brocade devices and the Multi-VRF features they support.
Overview of Multi-VRF Secure VPNs require traffic to be encrypted and authenticated and are most important when communication occurs across an infrastructure that is not trusted (e.g. over the public Internet). The most commonly deployed types of secure VPNs are IPSec VPNs and SSL (Secure Sockets Layer) VPNs. Both offer encryption of data streams.
Overview of Multi-VRF FIGURE 23 A Network deploying Multi-VRF Multi-VRF and BGP or MPLS VPNs share some common aspects. For instance, in both cases the edge router maintains a VRF for all directly connected sites that are part of the same VPN. Also in both cases, the PE and CE routers share customer route information using a variety of PE-CE routing protocols, such as OSPF, RIP, E-BGP or static routes. Overlapping address spaces among different VPNs are allowed for both.
Overview of Multi-VRF TABLE 61 Comparison between Multi-VRF and BGP or MPLS VPNs Overlapping Private Addresses allowed over VPNs? Yes Yes Scalability Reasonably Scalable Highly Scalable MPLS Required No Yes Benefits and applications of Multi-VRF Multi-VRF provides a reliable mechanism for a network administrator to maintain multiple virtual routers on the same device.
Overview of Multi-VRF FIGURE 24 Example of Multi-VRF usage in an enterprise data center application Example of Multi-VRF usage in a service provider network Figure 25 depicts the use of Multi-VRF in a typical service provider application. This service provider owns a Layer 2 network connecting the PEs and offers managed VPN services to end users. As shown in Figure 25, a host of PE-CE routing protocols can be used-E-BGP, OSPF, RIP or Static Routing.
Configuring Multi-VRF FIGURE 25 Multi-VRF in a service provider application Summary Multi-VRF provides a reliable mechanism for trusted virtual private networks to be built over a shared infrastructure. The ability to maintain multiple virtual routing or forwarding tables allows overlapping private IP addresses to be maintained across VPNs and accomplish goals very similar to that those of more complex VPN technologies such as BGP or MPLS VPNs.
Configuring Multi-VRF FIGURE 26 Example network topology with both RED and GREEN VPNs In the diagram in Figure 26, CE1 and CE4 are customer edge (CE) routers for the “green” VPN, while CE2 and CE3 belong to “red” VPN. These CE routers can be any routers or layer 3 switches that are capable of running one or many dynamic routing protocols such as BGP, OSPF or RIP or even simple static routing.
Configuring Multi-VRF Configuration 1 As shown in Figure 27, eBGP is configured between PE1 and PE2 and OSPF (Area 0) is configured between PEs and CEs. FIGURE 27 eBGP configured between PE1 and PE2 with OSPF (Area 0) configured between PEs and CEs The following configuration examples for PE1, PE2, CE1, CE2, CE3, and CE4 describe how to create the example shown in Figure 27. PE1 configuration In this configuration, VLANs 10 and 20 are created as a link on a tagged port (e 1/10) between PE1 and PE2.
Configuring Multi-VRF Brocade(config)# vlan 10 Brocade(config-vlan-10)# tagged e 1/1 Brocade(config-vlan-10)# router-interface ve 10 Brocade(config-vlan-10)# vlan 20 Brocade(config-vlan-20)# tagged e 1/1 Brocade(config-vlan-20)# router-interface ve 20 Brocade(config-vlan-20)# exit Brocade(config)# vrf green Brocade(config-vrf-green) rd 10:10 Brocade(config-vrf-green) vrf red Brocade(config-vrf-red) rd 20:20 Brocade(config-vrf-red) exit-vrf Brocade(config)# router bgp Brocade(config-bgp)# local-as 1 Brocade
Configuring Multi-VRF Brocade(config)# vlan 10 Brocade(config-vlan-10)# tagged e 1/1 Brocade(config-vlan-10)# router-interface ve 10 Brocade(config-vlan-10)# vlan 20 Brocade(config-vlan-20)# tagged e 1/1 Brocade(config-vlan-20)# router-interface ve 20 Brocade(config-vlan-20)# exit-vrf Brocade(config)# vrf green Brocade(config-vrf-green) rd 10:10 Brocade(config-vrf-green) vrf red Brocade(config-vrf-red) rd 20:20 Brocade(config-vrf-red) exit Brocade(config)# router bgp Brocade(config-bgp)# local-as 1 Brocade
Configuring Multi-VRF Brocade(config)# router ospf Brocade(config-ospf-router)# area 0 Brocade(config-ospf-router)# redistribution connected Brocade(config-ospf-router)# exit Brocade(config)# interface loopback 1 Brocade(config-lbif-1)# ip address 10.1.2.1/32 Brocade(config-lbif-1)# ip address 10.1.3.1/32 Brocade(config-lbif-1)# interface ethernet 1/1 Brocade(config-if-e1000-1/1)# ip ospf area 0 Brocade(config-if-e1000-1/1)# ip address 10.1.1.
Configuring Multi-VRF FIGURE 28 OSPF (Area 0) configured between PE1 and PE2 with OSPF (Area 1 and Area 2) configured between PEs and CEs The following configuration examples for PE1, PE2, CE1, CE2, CE3, and CE4 describe how to create the example shown in Figure 28. PE1 configuration: In this configuration, VLANs 10 and 20 are created as a link on a tagged port (e 1/10) between PE1 and PE2. Two VRFs (“RED” and “GREEN”) are then defined with each having a unique Route Distinguisher (RD).
Configuring Multi-VRF Brocade(config-vrf-red) rd 20:20 Brocade(config-vrf-red) exit-vrf Brocade(config)# router ospf vrf green Brocade(config-ospf-router-vrf-green)# area 0 Brocade(config-ospf-router-vrf-green)# area 1 Brocade(config-ospf-router-vrf-green)# exit Brocade(config)# router ospf vrf red Brocade(config-ospf-router-vrf-red)# area 0 Brocade(config-ospf-router-vrf-red)# area 1 Brocade(config-ospf-router-vrf-red)# exit Brocade(config)# interface ethernet 1/2 Brocade(config-if-e1000-1/2)# vrf forward
Configuring Multi-VRF Brocade(config-if-e1000-1/3)# vrf forwarding green Brocade(config-if-e1000-1/3)# ip ospf area 2 Brocade(config-if-e1000-1/3)# ip address 10.2.1.1/24 Brocade(config-if-e1000-1/3)# exit Brocade(config)# interface ve 10 Brocade(config-vif-10)# vrf forwarding green Brocade(config-vif-10)# ip ospf area 0 Brocade(config-vif-10)# ip address 10.3.1.
Chapter 8 Inter-VRF Routing Table 62 displays the individual Brocade devices and the Inter-VRF Routing features they support.
Features & benefits FIGURE 29 A Network deploying Inter-VRF Following are the route entries and routing tables in Router R1. FIGURE 30 Router R1 route-entries and route-tables Features & benefits Inter-VRF routing feature allows customers to selectively access each other’s networks through configuration. It allows all VRFs to share the same path to the external domain while keeping internal routing information separate.
Features & benefits FIGURE 31 Inter-VRF routing topology To import routes from multiple VRFs, multiple import commands need to be defined. The filtering criteria for routes to be imported are specified using route-maps by the user. Routes can be filtered based on BGP attributes, interfaces, IP addresses, next hops, metrics, metric types, protocols, route types and tags which are supported by our existing route-map infrastructure.
Configuration considerations TABLE 63 IPv4 Route-map handling Attributes used for filtering routes Attributes set using a route map IP address (Prefix list, Access list) Next hop (Prefix list, Access list) Metric value Metric value Nexthop Tag type Distance Route type Tag BGP attributes (AS path, Community, Ext community access list) Interface type Protocol type TABLE 64 IPv6 Route-map handling Attributes used for filtering routes Attributes set using a route map IP address (Prefix list) N
Maximum route limitations • If the metric value is the same, then routes learned in local VRF will be used to break the tie. • If the metric value is the same, and a local VRF route is not available, then the lowest nexthop address will be used to break the tie. • If the nexthop address is the same, then the oldest route will be used to break the tie.
Configuring Inter-VRF routing TABLE 65 Route-map for non-default & default VRF This field... Displays src-vrf The source VRF from where the routes have been imported to the destination VRF. The "-" in the src-vrf column output denotes the route is local route. import-map Route-map which has clauses to filter the routes coming from src-vrf. Defaults By default no routes will be imported in to dest-vrf. Range User can configure a maximum of 50 import commands for a given VRF per address-family.
Configuring Inter-VRF routing Displaying the IP route table for a specified VRF To display the IP routes for a specified VRF, enter the following command at any CLI level for IPv4 and IPv6 respectively.
Configuring Inter-VRF routing TABLE 66 CLI display of IP route-table This field... Displays Uptime The amount of time since the route was last modified.
Configuring Inter-VRF routing Displaying IPv4 routes in VRF one import To display IP information for a specified VRF import, enter the following command at any level of the CLI. Brocade(config)#show ip route vrf one import Type Codes - B:BGP D:Connected I:ISIS O:OSPF R:RIP S:Static; Cost - Dist/Metric BGP Codes - i:iBGP e:eBGP ISIS Codes - L1:Level-1 L2:Level-2 OSPF Codes - i:Inter Area 1:External Type 1 2:External Type 2 s:Sham Link Destination Gateway Port Cost Type Uptime src-vrf 1 10.0.0.0/8 10.25.104.
Configuring Inter-VRF routing Brocade# Brocade# Brocade# Brocade# route-map import-map permit 10 match ip address prefix-list export route-map import-map permit 15 match ip address prefix-list loop NOTE If the configuration of a route-map is changed, then the VRFs which are configured to use the respective route-map will be processed again.
Clearing IP routes Clearing IP routes You can clear the entire routing-table or specific individual routes as needed. To clear all routes from the IPv4 routing-table, enter the following command at any level of the CLI. Brocade# clear ip route To clear route 10.157.22.0/24 from the IPv4 routing table, enter: Brocade# clear ip route 10.157.22.
Configuring the number of VRFs for IPv4 and IPv6 Clears the imported IPv6 routes for the specified nexthop ID on the interface module (LP). Configuring the number of VRFs for IPv4 and IPv6 To limit the number of imported IPv4 or IPv6 routes into any VRF including the default VRF, the following command is available in the global configuration mode and not available in any individual VRF mode. Changes in the value in the global configuration mode will be effective in all VRFs.
Modified CLI commands 1. OSPF->OSPF a. route-map option 2. BGP->BGP a. route-map option b. Metric option 3. RIP->RIP a. route-map option b. Metric option • IPv6 1. OSPF->OSPF a. route-map option Prior to this release in non-default VRF, redistribution of BGP, RIP and IS-IS routes into OSPFv3 is not supported. Similarly, in non-default VRF redistribution of IS-IS routes into BGP is also not supported. This support is added during the implementation of this feature Inter-vrf Routing.
Modified CLI commands 394 Multi-Service IronWare Routing Configuration Guide 53-1003033-02
Chapter 9 Management VRF Table 67 displays the individual devices and the management Virtual Routing and Forwarding (VRF) features they support.
Management VRF overview • • • • • • • • • • SNMP server SNMP trap generator Telnet server SSH server Telnet client RADIUS client TACACS+ client TFTP SCP Syslog NOTE The management VRF is not applicable to inbound and outbound traffic of the ping and traceroute commands. These commands use the VRF specified in the command or the default VRF, if no VRF is specified. Source interface and management VRF compatibility There is a source interface configuration associated with the management applications.
Management VRF overview NOTE The SNMP source interface configuration command snmp-server trap-source must be compatible with the management VRF configuration. Refer to “Source interface and management VRF compatibility” on page 396. Telnet server When the management VRF is configured, the incoming Telnet connection requests are allowed only from the ports belonging to the management VRF and from the out-of-band management port.
Management VRF overview Syntax: telnet vrf vrf-name IPv4 address | ipv6 IPv6 address The vrf-name variable specifies the name of the pre-configured VRF. NOTE The IPv6 management VRF is not supported on Brocade NetIron CES and Brocade NetIron CER devices. RADIUS client When the management VRF is configured, the RADIUS client will sends RADIUS requests or receives responses only through the ports belonging to the management VRF and through the out-of-band management port.
Configuring a global management VRF SCP SCP uses SSH as underlying transport. The behavior of SCP is similar to the SSH server. For more information, refer to “SSH server” on page 397. Syslog When the management VRF is configured, the Syslog module sends log messages only through the ports belonging to the management VRF and the out-of-band management port. Any change in the management VRF configuration will be immediately effective for Syslog.
Displaying the management VRF information • The deletion or modification of the VRF will fail if the specified VRF is currently configured as the management VRF. Attempting to do so causes the system to return the following error message. Brocade(config)# no vrf mvrf Error - Cannot modify/delete a VRF which is configured as management-vrf Configuring Management interface under a user defined VRF You can add the management interface to a VRF instance of your choice.
Displaying the management VRF information Total number of IPv4 unicast route for all non-default VRF is 12 Total number of IPv6 unicast route for all non-default VRF is 2 Brocade#show vrf a VRF a, default RD 1:1, Table ID 1 IFL ID 131071 Label: (Not Allocated), Label-Switched Mode: OFF Configured as management-vrf IP Router-Id: 10.2.2.
Displaying the management VRF information TABLE 68 Output from the show vrf command (Continued) This field... Displays... import route-map The name of the import route-map, if any, that is configured for this management VRF. export route-map The name of the export route-map if a route-map has been configured for this management VRF. The show who command displays information about the management VRF from which the Telnet and SSH connection has been established.
Displaying the management VRF information 16 closed Syntax: show who To display the packets and sessions rejection statistics due to failure in management VRF validation, enter the following command.
Displaying the management VRF information 404 Multi-Service IronWare Routing Configuration Guide 53-1003033-02
Chapter 10 Basic IPv6 Connectivity Table 70 displays the individual Brocade devices and the basic IPv6 Connectivity features they support.
Basic IPv6 Connectivity TABLE 70 Supported basic IPv6 connectivity features (Continued) Features supported Brocade NetIron XMR Series Brocade MLX Series Brocade NetIron CES 2000 Series BASE package Brocade NetIron CES 2000 Series ME_PREM package Brocade NetIron CES 2000 Series L3_PREM package Brocade NetIron CER 2000 Series Base package Brocade NetIron CER 2000 Series Advanced Services package Limiting the Number of Hops an IPv6 Packet Can Traverse Yes Yes No Yes Yes Yes Yes QoS for IPv6
Basic IPv6 Connectivity • • • • • • • • Configure IPv6 Domain Name Server (DNS) resolver. Configure equal-cost mulitpath (ECMP) routing Load Sharing for IPv6. Configure IPv6 Internet Control Message Protocol (ICMP). Configure the IPv6 neighbor discovery feature. Change the IPv6 maximum transmission unit (MTU). Configure static neighbor entries. Limit the hop count of an IPv6 packet. Configure Quality of Service (QoS) for IPv6 traffic.
Enabling IPv6 routing Enabling IPv6 routing By default, IPv6 routing is enabled. If forwarding of IPv6 traffic globally on the device has been disabled, you can enable it by entering the following command. Brocade(config)# ipv6 unicast-routing Syntax: [no] ipv6 unicast-routing To disable the forwarding of IPv6 traffic globally on the device, enter the no form of this command. NOTE Downgrading from release 04.1.00 to an earlier release of the software can impact IPv6 routing.
Configuring IPv6 on each interface • Solicited-node multicast group FF02:0:0:0:0:1:FF00::/104 for each unicast address assigned to the interface. • All-nodes link-local multicast group FF02::1 • All-routers link-local multicast group FF02::2 The neighbor discovery feature sends messages to these multicast groups. For more information, refer to “Configuring IPv6 neighbor discovery” on page 443.
Configuring IPv6 on each interface Configuring a link-local IPv6 address To explicitly enable IPv6 on an interface without configuring a global or unique local unicast address for the interface, enter commands such as the following. Brocade(config)# interface ethernet 3/1 Brocade(config-if-e100-3/1)# ipv6 enable These commands enable IPv6 on Ethernet interface 3/1 and specify that the interface is assigned an automatically computed link-local address.
Configuring the management port for an IPv6 automatic address configuration Configuring IPv6 127 bit mask address With 127 bit mask we will have 127 bits in the network part of the address, and 1 bit in the host part of the address. With 1 bit in the host part, we can have only two IPv6 addresses, one for each host. With 127 bit mask we consider 0 and 1 as host address and eliminates subnet-anycast for the configured network from that link.
IPv6 host support NOTE Automatic IPv6 address configuration is supported, however, automatic configuration of an IPv6 global address is supported only if there is an IPv6 router present on the network. Manual IPv6 address configuration is not supported.
IPv6 host support Restricting Telnet access by specifying an IPv6 ACL You can specify an IPv6 ACL to restrict Telnet access to management functions on the device. Enter commands similar to the following.
IPv6 host support Restricting Web management access by specifying an IPv6 ACL You can configure an IPv6 ACL to restrict Web management access to management functions on the device. Enter commands such as the following.
IPv6 host support The string specifies the SNMP community string you must enter for SNMP access. The ro parameter indicates that the community string is for read-only (“get”) access. The rw parameter indicates the community string is for read-write (“set”) access. The ipv6 parameter indicates that you are applying an IPv6 access list. The ipv6-acl-name variable specifies the IPv6 access list name.
IPv6 host support Viewing IPv6 SNMP server addresses Many show commands display IPv6 addresses for IPv6 SNMP servers. This example shows output for the show snmp server command. Brocade# show snmp server Contact: Location: Community(ro): .....
IPv6 Non stop routing and graceful restart IPv6 Non stop routing and graceful restart At times, routers may need to restart or may undergo failover. Traditionally during a restart or failover, sessions with the restarting devices are tore down and re-established. Traffic is disrupted due to route deletion and addition in the forwarding plane. Graceful Restart (GR) and Non Stop Routing (NSR) are two different mechanisms to prevent routing protocol re-convergence during a processor switchover.
IPv6 Non stop routing and graceful restart Supported protocols The following protocols support both failover and Hitless Operating system Switchover (HLOS) for each protocol.
IPv6 Non stop routing and graceful restart Syntax: [no] graceful-restart ipv6 protocols-converge-timer convergence-interval The hold-time variable is the maximum hold time in seconds before management routing modules sync up new forwarding information to interface modules during restart. The range of permissible values is 0 to 1200 seconds. The default value is 5 seconds. Configuring NSR and graceful restart on OSPFv3 OSPFv3 supports nonstop routing and graceful-restart helper mode.
IPv6 Non stop routing and graceful restart Syntax: show running-config Show ipv6 ospf This command shows the IPv6 OSPF configuration. Brocade#show ipv6 ospf OSPFv3 Process number 0 with Router ID 0x10010101(10.1.1.
IPv6 Non stop routing and graceful restart Show ipv6 ospf database This command shows the IPv6 OSPF database configuration. Brocade#show ipv6 ospf database LSA Key - Rtr:Router Net:Network Inap:InterPrefix Inar:InterRouter Extn:ASExternal Grp:GroupMembership Typ7:Type7 Link:Link Iap:IntraPrefix Grc:Grace Area ID 0 0 0 Type Rtr Iap Grc LSID 0 0 1 Adv Rtr 10.1.1.1 10.1.1.1 10.2.2.
IPv6 Non stop routing and graceful restart Configuring Non Stop Routing on IS-IS NOTE IPv6 IS-IS NSR is not supported on the Brocade NetIron CES and Brocade NetIron CER platforms. IS-IS IPv6 supports nonstop routing. The following command is used to configure NSR. Further configuration details are available in Chapter 54. Brocade(config-isis-router)#nononstop-routing Syntax: [no] nonstop-routing The nonstop routing command enables nonstop routing in IS-IS IPv6.
IPv6 Non stop routing and graceful restart The restart-time command is used to configure the maximum restart time advertised to neighbors in seconds. The stale-routes-time command is used to configure the maximum wait time in seconds for BGP EOR marker. Show commands Show running-configuration This command shows the running configuration.
IPv6 Non stop routing and graceful restart Received: 1 0 164 0 0 Last Update Time: NLRI Withdraw NLRI Tx: ----Rx: --Last Connection Reset Reason:Unknown Notification Sent: Unspecified Notification Received: Unspecified Neighbor NLRI Negotiation: Peer Negotiated IPV6 unicast capability Peer configured for IPV6 unicast Routes Neighbor ipv6 MPLS Label Capability Negotiation: Neighbor AS4 Capability Negotiation: Outbound Policy Group: ID: 2, Use Count: 1 BFD:Disabled TCP Connection state: ESTABLISHED, flags:00
IPv6 Non stop routing and graceful restart IPv6 Hitless OS upgrade OSPFv3, IS-IS IPv6, and BGP IPv6 support both failover and Hitless Operating System Switchover (HLOS). HLOS provides a platform support mechanism to upgrade image without disrupting routing and forwarding service. The process of syncing routes between a new MP and its LPs using the new timers are illustrated in Figure 32 and described in the following steps. FIGURE 32 IPv6 HLOS operation 1.
Configuring IPv4 and IPv6 protocol stacks 6. The LP restores the complete IPv6 routes using the information synced from the Active MP to the LP and the backed up information on the LP. 7. HLOS complete. Configuring IPv4 and IPv6 protocol stacks If a device is deployed as an endpoint for an IPv6 over IPv4 tunnel, you must configure the device to support IPv4 and IPv6 protocol stacks. Each interface that sends and receives IPv4 and IPv6 traffic must be configured with an IPv4 address and an IPv6 address.
Configuring IPv6 Domain Name Server (DNS) resolver Configuring IPv6 Domain Name Server (DNS) resolver The Domain Name Server (DNS) resolver feature lets you use a host name to perform Telnet, ping, and traceroute commands. You can also define a DNS domain on a device to recognize all hosts within that domain. After you define a domain name, the device automatically appends the appropriate domain to the host and forwards it to the domain name server. For example, if the domain “example.
IPv6 Non-Stop Routing support For example, in a configuration where ftp6.example.com is a server with an IPv6 protocol stack, when a user pings ftp6.example.com, the device attempts to resolve the AAAA DNS record. In addition, if the DNS server does not have an IPv6 address, as long as it is able to resolve AAAA records, it can still respond to DNS queries. DNS queries of IPv4 and IPv6 DNS servers IPv4 and IPv6 DNS record queries search through IPv4 and IPv6 DNS servers are described here.
ECMP load sharing for IPv6 Configuring IPv6 NSR support Use the following commands to configure IPv6 Non-Stop Routing support. The graceful-restart ipv6 max-hold-timer sets the hold interval. Brocade(config)#graceful-restart ipv6 max-hold-timer 100 Syntax: [no] graceful-restart ipv6 max-hold-timer hold-interval The acceptable range for the maximum hold time before sync up forwarding information is 30 to 3600 seconds. The default is 300 seconds.
DHCP relay agent for IPv6 Changing the maximum number of load sharing paths for IPv6 By default, IPv6 ECMP load sharing balances traffic across up to four equal paths. You can change the maximum number of paths to a value between 2 and 32. To change the number of ECMP load sharing paths for IPv6, enter the following command: Brocade(config)# ipv6 load-sharing 8 Syntax: [no] ipv6 load-sharing number The number parameter specifies the number of ECMP load sharing paths.
DHCP relay agent for IPv6 This feature description is shown in Figure 33. FIGURE 33 DHCPv6 Relay Agent Prefix Delegation Notification A route is added to the IPv6 route table on the provider edge router (PE) for the delegated prefix to be delegated to requesting routers. The delegating router chooses a prefix for delegation and responds with it to the requesting router. to the external network and to enable the correct forwarding of the IPv6 packets for the delegated IPv6 prefix.
DHCP relay agent for IPv6 Upgrade and downgrade considerations • When a router is upgraded to the version of software that supports this feature, the saved information about delegated prefixes will be examined and if the delegated prefix lifetime is not expired, then the prefix will be added to the IPv6 static route table. • When a router is downgraded to the version of software that does not support this feature, the saved information about delegated prefixes is retained and it cannot be used.
DHCP relay agent for IPv6 Enabling DHCPv6 Relay Agent Prefix Delegation notification on an interface To set the number of delegated prefixes that can be learned at the interface level, use the ipv6 dhcp-relay maximum-delegated-prefixes command. This command limits the maximum number of prefixes that can be learnt on the interface.
DHCP relay agent for IPv6 Displaying the DHCPv6 Relay Agent Prefix Delegation Notification information Enter the show ipv6 dhcp-relay delegated-prefixes command to display information about the delegated prefixes.
DHCP relay agent for IPv6 Brocade#show ipv6 dhcp-relay destinations DHCPv6 Relay Destinations: Interface ve 100: Destination OutgoingInterface 2001:db8:1::39 NA Interface ve 101: Destination OutgoingInterface 2001:db8:1::39 NA Interface ve 102: Destination OutgoingInterface 2001:db8:1::39 NA Syntax: show ipv6 dhcp-relay destinations Table 74 describes the fields from the output of show ipv6 dhcp-relay destinations command.
DHCP relay agent for IPv6 Brocade#show DHCPv6 Relay Interface ve 100 ve 101 ve 102 ve 103 ve 104 ve 105 ipv6 dhcp prefix-delegation-information Prefix Delegation Notification Information: Current Maximum AdminDistance 20 20000 10 4000 20000 10 0 20000 10 0 20000 10 0 20000 10 0 20000 10 Syntax: show ipv6 dhcp-relay prefix-delegation-information Table 76 describes the fields from the output of the show ipv6 dhcp-relay prefix-delegation-information command.
DHCP relay agent for IPv6 Table 77 describes the fields from the output of the show ipv6 dhcp-relay interface command. TABLE 77 Output from the show ipv6 dhcp-relay interface command Field Destinations Description The DHCPv6 relay destination configured on the interface. Destination: The configured destination IPv6 address. OutgoingInterface: The interface on which packet will be relayed if the destination relay address is link local or multicast.
DHCP relay agent for IPv6 Enabling support for network-based ECMP load sharing for IPv6 If network-based ECMP load sharing is configured, traffic is distributed across equal-cost paths based on the destination network address. Routes to each network are stored in CAM and accessed when a path to a network is required. Because multiple hosts are likely to reside on a network, this method uses fewer CAM entries than load sharing by host.
Configuring IPv6 ICMP Configured Static Mroutes: 66 RIP: enabled OSPF (default VRF): enabled BGP: enabled, 1 active neighbor(s) configured Syntax: show ipv6 You can display the entries in the IPv6 forwarding cache by entering the show ipv6 cache command.
Configuring IPv6 ICMP • The interval at which tokens are added to the bucket. The default is 100 milliseconds. • The maximum number of tokens in the bucket. The default is 10 tokens. For example, to adjust the interval to 1000 milliseconds and the number of tokens to 100 tokens, enter the following command.
Configuring IPv6 ICMP Disabling or re-enabling ICMP redirect messages You can disable or re-enable a device to transmit ICMP redirect messages from an interface. By default, a device sends an ICMP redirect message to a neighboring host to inform it of a better first-hop device on a path to a destination. No further configuration is required to enable the sending of ICMP redirect messages.
Configuring IPv6 ICMP Use the no parameter in front of the ipv6 icmp unreachable address command to disable the sending of ICMPv6 destination unreachable messages with the code is address unreachable. Enabling ICMP messages for an unreachable route By default, the ICMPv6 destination unreachable messages with the code for an unreachable route are not sent for a discarded IPv6 packet. You can enable the sending of these messages by using the ipv6 icmp unreachable route command.
Configuring IPv6 neighbor discovery For example, to enable a device to send the ICMPv6 Packet Too Big error messages for the IPv6 packets sent to multicast address destination, enter the following command: Brocade(config)#ipv6 icmp packet-too-big-for-multicast Syntax: [no] ipv6 icmp packet-too-big-for-multicast Use the show running-configuration command to see if this is enabled or disabled.
Configuring IPv6 neighbor discovery • Router advertisement messages: • Interval between router advertisement messages. • Value that indicates a device is advertised as a default device (for use by all nodes on a given link). • Prefixes advertised in router advertisement messages. • Flags for host stateful autoconfiguration. • The time that an IPv6 node considers a remote node reachable (for use by all nodes on a given link).
Configuring IPv6 neighbor discovery Each configured interface on a link sends out a router advertisement message, which has a value of 134 in the Type field of the ICMP packet header, periodically to the all-nodes link-local multicast address (FF02::1). A configured interface can also send a router advertisement message in response to a router solicitation message from a node on the same link. This message is sent to the unicast IPv6 address of the node that sent the router solicitation message.
Configuring IPv6 neighbor discovery • The interval in seconds at which duplicate address detection sends a neighbor solicitation message on an interface. By default, duplicate address detection sends a neighbor solicitation message every 1 second. NOTE For the interval at which duplicate address detection sends a neighbor solicitation message on an interface, the device uses seconds as the unit of measure instead of milliseconds.
Configuring IPv6 neighbor discovery Syntax: [no] ipv6 nd ra-lifetime number The number parameter in both commands indicates any numerical value. Possible range value for ipv6 nd ra-interval number is 3 to 1800 seconds. Possible range value for ipv6 nd ra-lifetime number is 3 to 1800 seconds. To restore the default interval or device lifetime value, use the no form of the respective command.
Configuring IPv6 neighbor discovery Configuring the Domain Name of DNS suffix This section provides information about the IPv6 RA option that allows IPv6 routers to advertise domain names of DNS suffixes (the DNS name excluding the host) to IPv6 hosts in a local area network. This option to configure domain names is valid for any network that supports the use of ND6. The domain names that are advertised by routers are sent through RA messages to IPv6 hosts.
Configuring IPv6 neighbor discovery Configuration considerations • A maximum of 4 recursive DNS server addresses and their corresponding lifetime-multiplier values can be configured at the global configuration level. • A maximum of 4 recursive DNS server addresses and their corresponding lifetime-multiplier values can be configured per interface.
IPv6 source routing security enhancements Brocade(config)# interface ethernet 3/1 Brocade(config-if-e100-3/1)# ipv6 nd managed-config-flag Brocade(config-if-e100-3/1)# ipv6 nd other-config-flag Syntax: [no] ipv6 nd managed-config-flag Syntax: [no] ipv6 nd other-config-flag To remove either flag from router advertisement messages sent on an interface, use the no form of the respective command.
IPv6 source routing security enhancements • Hardware – IPv6 source-routed packets that contain a type 0 routing extension header immediately after the IPv6 header are dropped in hardware by default. • Software – IPv6 source-routed packets addressed to any IPv6 address on a device (regardless of where the routing extension header is located) are dropped in software by default. Details of hardware and software filtering of IPv6 source-routed packets is provided in the following.
IPv6 source routing security enhancements Selective filtering of IPv6 source-routed packets using ACLs You can selectively filter IPv6 source-routed packets using ACLs. This is accomplished by creating an IPv6 ACL that specifies a type 0 routing extension header. This is done using the routing-header-type option when configuring an IPv6 ACL. An example of an IPv6 ACL that selectively drops IPv6 source-routed packets is shown in the following.
IPv6 source routing security enhancements Additionally, you must also enable forwarding using the ipv6 forward-source-route and ipv6 source-route commands (as shown in the following) to allow any forwarding of IPv6 source-routed packets.
IPv6 source routing security enhancements Dropping all IPv6 source-routed packets on all ports By default, all IPv6 source-routed packets received on all device ports are dropped. Dropping all IPv6 source-routed packets on a specified port The following example shows a configuration that will drop all IPv6 source-routed packets received on port 1/1 of a device. In this example, the IPv6 ACL is configured to drop any IPv6 packet with a type 0 routing header immediately after the IPv6 header.
IPv6 source routing security enhancements Brocade(config)# ipv6 access-list deny-access2 Brocade(config-ipv6-access-list deny-access2)# deny host 2001:DB8:1 any routing-header-type 0 Brocade(config-ipv6-access-list deny-access2)# permit ipv6 any any Brocade(config-ipv6-access-list deny-access2)# exit The IPv6 ACL is then applied globally to the device for inbound traffic using the ipv6 access-class command as shown.
Changing the IPv6 MTU Brocade(config)# interface ethernet 1/2 Brocade(config-if-e100-1/2)# ipv6 traffic-filter drop-access in Brocade(config-if-e100-1/2)#exit ... The IPv6 ACL “drop-access” must be bound to all other interfaces on the device. By default, the device drops all IPv6 source-routed packets in hardware and software as described in “Complete filtering of IPv6 source-routed packets” on page 450.
Configuring static neighbor entries NOTE If the size of a jumbo packet received on a port is equal to the maximum frame size of - 18 (Layer 2 MAC header + CRC) and if this value is greater than the IPv4/IPv6 MTU of the outgoing port, it will be forwarded to the CPU.
Limiting the number of hops an IPv6 packet can traverse Limiting the number of hops an IPv6 packet can traverse By default, the maximum number of hops an IPv6 packet can traverse is 64. You can change this value to between 1 – 255 hops. For example, to change the maximum number of hops to 70, enter the following command. Brocade(config)# ipv6 hop-limit 70 Syntax: [no] ipv6 hop-limit number The number of hops can be from 1 – 255.
Configuring the rate limit for IPv6 subnet traffic Configuring the rate limit for IPv6 subnet traffic To set the rate limit for IPv6 subnet addresses, enter the ipv6 rate-limit subnet policy-map command. Brocade(config)# ipv6 rate-limit subnet policy-map policy1 Syntax: [no] ipv6 rate-limit subnet policy-map policy-map The policy-map variable is the name you will use to reference the policy map and it can be a character string up to 64 characters long.
Clearing global IPv6 information Clearing IPv6 neighbor information You can remove all entries from the IPv6 neighbor table or specify an entry based on the following: • IPv6 prefix. • IPv6 address. • Interface type. For example, to remove entries for Ethernet interface 3/1, enter the following command at the Privileged EXEC level or any of the CONFIG levels of the CLI.
Displaying global IPv6 information Clearing statistics for IPv6 subnet rate limiting To clear the rate limit statistics for IPv6 subnet addresses, enter the clear rate-limit ipv6 subnet command at the configuration level. Syntax: clear rate-limit ipv6 subnet Displaying global IPv6 information You can display output for the following global IPv6 parameters: • • • • • • • • IPv6 cache. IPv6 interfaces. IPv6 neighbors. IPv6 route table. Local IPv6 routers.
Displaying global IPv6 information The vrf vrf-name parameter specifies the VRF for which you want to display the cache entry. If a vrf parameter is not entered, then the default VRF is used. If you specify an Ethernet interface, also specify the port number associated with the interface. If you specify a VE interface, you must also specify the VE number. If you specify a tunnel interface, you must also specify the tunnel number. This display shows the following information.
Displaying global IPv6 information TABLE 79 General IPv6 interface information fields (Continued) This field... Displays... Routing The routing protocols enabled on the interface. Global Unicast Address The global unicast address of the interface. Displaying IPv6 interface information for a specified interface To display detailed information for a specific interface, enter a command such as the following at any CLI level.
Displaying global IPv6 information TABLE 80 Detailed IPv6 interface information fields This field... Displays... ICMP The setting of the ICMP redirect parameter for the interface. ND The setting of the various neighbor discovery parameters for the interface. Access List The inbound and outbound access lists applied to the interface. Routing protocols The routing protocols enabled on the interface. RxPkts The number of packets received at the specified port.
Displaying global IPv6 information Clearing the interface counters Use the following command to clear all interface counters on a Brocade device. Brocade# clear ipv6 interface counters Syntax: clear ipv6 interface counters Use the following command to clear the interface counters for a specified port. Brocade# clear ipv6 interface ethernet 3/2 Syntax: clear ipv6 interface ethernet port-number The port-number variable specifies the slot and port number for which you want to clear the interface counters.
Displaying global IPv6 information Brocade(config)# show ipv neighbor ethernet 3/11 Total number of Neighbor entries: 1 Entries on interface eth 3/11 : IPv6 Address VLAN LinkLayer-Addr 1 128:: 1 0024.3898.0f0a Brocade(config)# Brocade(config)# show ipv neighbor ethernet 3/11 Total number of Neighbor entries: 1 Entries on interface eth 3/11 : IPv6 Address VLAN LinkLayer-Addr 1 128:: 1 0024.3898.
Displaying global IPv6 information The interface parameter restricts the display to the entries for the specified Brocade device interface. For this parameter, you can specify the Ethernet or VE keywords. If you specify an Ethernet interface, you must also specify the port number associated with the interface. If you specify a VE interface, you must also specify the VE number. This display shows the following information. TABLE 82 IPv6 neighbor information fields This field... Displays...
Displaying global IPv6 information The ipv6-prefix/prefix-length parameters restrict the display to the entries for the specified IPv6 prefix. You must specify the ipv6-prefix parameter in hexadecimal using 16-bit values between colons as documented in RFC 2373. You must specify the prefix-length parameter as a decimal value. A slash mark (/) must follow the ipv6-prefix parameter and precede the prefix-length parameter. The bgp keyword restricts the display to entries for BGP4+ routes.
Displaying global IPv6 information Brocade# show ipv6 route summary IPv6 Routing Table - 7 entries: 4 connected, 2 static, 0 RIP, 1 OSPF, 0 BGP Number of prefixes: /16: 1 /32: 1 /64: 3 /128: 2 Table 84 lists the information displayed by the show ipv6 route summary command. TABLE 84 IPv6 route table summary fields This field... Displays... Number of entries The number of entries in the IPv6 route table. Number of route types The number of entries for each route type.
Displaying global IPv6 information Table 85 describes the output parameters of the show ipv6 route tags command. TABLE 85 Output parameters of the show ipv6 route tags command Field Description Number of entries Shows the number of entries in the IPv6 route table. Type Codes Shows the route type, which can be one of the following: B – The route is learned from BGP4+. C – The destination is directly connected to the router. I – The route is learned from IPv6 IS-IS.
Displaying global IPv6 information Brocade# show ipv6 route nexthop Total number of IPv6 nexthop entries: 261; Forwarding Use: 259 NextHopIp Port RefCount ID Age 1 :: eth 1/2 1/1 1 973 2 :: drop 1/1 65536 1013 5 :: ve 257 1/1 898 973 6 :: ve 279 1/1 920 973 7 :: ve 299 1/1 940 973 8 192::1 eth 1/2 255959/255960 65538 1109 … Syntax: show ipv6 route nexthop nexthop_id The nexthop_id is under the column labeled ID in the output of the show ip route nexthop command.
Displaying global IPv6 information TABLE 86 show ipv6 route nexthop ref-routes information fields This field... Displays... Destination The destination network of the IPv6 route. Gateway The next-hop router. Port The port through which this device sends packets to reach the route's destination. Cost The route’s cost. Type The route type, which can be one of the following: • B – The route was learned from BGP. • D – The destination is directly connected to this Brocade device.
Displaying global IPv6 information From the IPv6 host, you can display information about IPv6 devices to which the host is connected. The host learns about the devices through their router advertisement messages. To display information about the IPv6 devices connected to an IPv6 host, enter the following command at any CLI level.
Displaying global IPv6 information To display general information about each TCP connection on the device, enter the following command at any CLI level. Brocade# show ipv6 tcp connections Local IP address:port <-> Remote IP address:port 192.168.182.110:23 <-> 192.168.8.186:4933 192.168.182.110:8218 <-> 192.168.182.106:179 192.168.182.110:8039 <-> 192.168.2.119:179 192.168.182.110:8159 <-> 192.168.2.
Displaying global IPv6 information TABLE 88 General IPv6 TCP connection fields (Continued) This field... Displays... FREE TCB QUEUE BUFFER = percentage The percentage of free TCB queue buffer space. FREE TCB SEND BUFFER = percentage The percentage of free TCB send buffer space. FREE TCB RECEIVE BUFFER = percentage The percentage of free TCB receive buffer space. FREE TCB OUT OF SEQUENCE BUFFER = percentage The percentage of free TCB out of sequence buffer space.
Displaying global IPv6 information TABLE 89 476 Specific IPv6 TCP connection fields This field... Displays... TCB = location The location of the TCB. local-ip-address local-port-number remote-ip-address remote-port-number state port This field provides a general summary of the following: • The local IPv4 or IPv6 address and port number. • The remote IPv4 or IPv6 address and port number. • The state of the TCP connection. For information on possible states, refer to Table 88 on page 474.
Displaying global IPv6 information Displaying IPv6 traffic statistics To display IPv6 traffic statistics, enter the following command at any CLI level.
Displaying global IPv6 information TABLE 90 IPv6 traffic statistics fields (Continued) This field... Displays... bad vers The number of IPv6 packets dropped by the device because the version number is not 6. bad scope The number of IPv6 packets dropped by the device because of a bad address scope. bad options The number of IPv6 packets dropped by the device because of bad options. too many hdr The number of IPv6 packets dropped by the device because the packets had too many headers.
Displaying global IPv6 information TABLE 90 IPv6 traffic statistics fields (Continued) This field... Displays... mem query The number of Group Membership Query messages sent or received by the device. mem report The number of Membership Report messages sent or received by the device. mem red The number of Membership Reduction messages sent or received by the device. router soli The number of Router Solicitation messages sent or received by the device.
Displaying global IPv6 information TABLE 90 IPv6 traffic statistics fields (Continued) This field... Displays... nextheader The number of Next Header errors sent by the device. option The number of Option errors sent by the device. redirect The number of Redirect errors sent by the device. unknown The number of Unknown errors sent by the device. UDP statistics received The number of UDP packets received by the device. sent The number of UDP packets sent by the device.
Displaying global IPv6 information TABLE 91 Output from the show rate-limit ipv6 subnet command Field Description Fwd IPv6 traffic that has been forwarded after the device was started or the counter was reset due to the rate limit policy. Drop IPv6 traffic that has been dropped after the device was started or the counter was reset due to the rate limit policy.
Displaying global IPv6 information Brocade# show ipv6 Global Settings IPv6 Router-Id: 2.2.2.
Commands Brocade# show ipv6 interface ethernet 2/1 Interface Ethernet 2/1 is up, line protocol is up IPv6 is enabled, link-local address is fe80::224:38ff:fe90:e430 [Preferred] Global unicast address(es): 7:7:7::1 [Preferred], subnet is 7:7:7::/64 7:7:7:: [Anycast], subnet is 7:7:7::/64 Joined group address(es): ff02::1:ff00:1 ff02::1:ff00:0 ff02::1:ff90:e430 ff02::2 ff02::1 Port belongs to VRF: default-vrf MTU is 1500 bytes ICMP redirects are disabled ND DAD is enabled, number of DAD attempts: 3 ND reacha
ipv6 nd ra-dns-server ipv6 nd ra-dns-server Advertises the recursive Domain Name System (DNS) server address and the lifetime multiplier information to IPv6 hosts in the Router Advertisement (RA) message. The no form of this command disables the advertisement of the specified server address in the RA message.
ipv6 nd ra-domain-name ipv6 nd ra-domain-name Configures the domain name of the Domain Name System (DNS) suffix and the lifetime multiplier information to IPv6 hosts in the Router Advertisement (RA) message. The no form of this command disables the advertisement of the specified domain name of DNS suffix in the RA message.
ipv6 nd ra-domain-name 486 Multi-Service IronWare Routing Configuration Guide 53-1003033-02
Chapter 11 IPv6 Addressing IPv6 addressing overview Table 93 displays the individual devices and the IPv6 Addressing features they support.
IPv6 addressing overview FIGURE 34 IPv6 address format As shown in Figure 34, HHHH is a 16-bit hexadecimal value, while H is a 4-bit hexadecimal value. The following is an example of an IPv6 address: 2001:DB8:0000:0000:002D:D0FF:FE48:4672 Note that the sample IPv6 address includes hexadecimal fields of zeros. To make the address less cumbersome, you can do the following: • Omit the leading zeros; for example, 2001:DB8:0:0:2D:D0FF:FE48:4672.
IPv6 stateless auto-configuration TABLE 94 IPv6 address types Address type Description Address structure Unicast An address for a single interface. A packet sent to a unicast address is delivered to the interface identified by the address. Multicast An address for a set of interfaces belonging to different nodes. Sending a packet to a multicast address results in the delivery of the packet to all interfaces in the set. A multicast address has a fixed prefix of FF00::/8 (1111 1111).
IPv6 stateless auto-configuration The automatic configuration of a host interface works in the following way: a router on a local link periodically sends router advertisement messages containing network-type information, such as the 64-bit prefix of the local link and the default route, to all nodes on the link. When a host on the link receives the message, it takes the local link prefix from the message and appends a 64-bit interface ID, thereby automatically configuring its interface.
Chapter 12 IPv6 Prefix List Table 95 displays the individual devices and the IPv6 Prefix List features they support.
Displaying prefix list information These commands permit the inclusion of routes with the IPv6 prefix 2001:db8::/32 in RIPng routing updates sent from Ethernet interface 3/1. Syntax: [no] ipv6 prefix-list name [seq sequence-number] deny ipv6-prefix/prefix-length | permit ipv6-prefix/prefix-length | description string [ge ge-value] [le le-value] The name parameter specifies the prefix list name. You use this name when using the prefix list as input to command or route map.
IPv6 ND Prefix Suppress IPv6 ND Prefix Suppress Brocade devices support IPv6 ND Prefix Suppress, which is useful in an LAN where multiple hosts are connected to router(s). Prefix Suppress performs these functions: • Advertisement of on-link prefix information is suppressed in router advertisement (RA) messages. • • • • Hosts are prevented from auto configuring based on the prefix in the RA message. DHCPv6 is used for security and accountability.
IPv6 ND Prefix Suppress ND router advertisements live for 1800 seconds ND suppress-ra disabled ND address-prefixes suppressed in router advertisement - all ND address-prefixes suppressed in router advertisement 300::1/64 Router-A# Command syntax for debugging IPv6 Prefix Suppress: Router-A# debug ipv6 ra NOTE No additional debug commands are added for this feature. Debug commands available for IPv6 ND can be used for this feature.
IPv6 ND Prefix Suppress Users sometimes require the ability to quickly turn off the sending of IPv6 ND Router Advertisement message on an IPv6 enabled interfaces. This is achieved by providing the following additional configuration command at interface level: Brocade(config-if-e10000-1/1)#no ipv6 nd suppress-ra The ipv6 nd send-ra command is a new interface level command added as part of this enhancement.
IPv6 ND Prefix Suppress 496 Multi-Service IronWare Routing Configuration Guide 53-1003033-02
Chapter 13 Managing a Device Over IPv6 Table 96 displays the individual Brocade devices and the supported features on how to Manage a Device Over IPv6.
Using the IPv6 copy command Copying a file to an IPv6 TFTP server You can copy a file from the following sources to an IPv6 TFTP server: • Flash memory. • Running configuration. • Startup configuration. Copying a file from flash memory For example, to copy the primary or secondary boot image from the device’s flash memory to an IPv6 TFTP server, enter a command such as the following. Brocade# copy flash tftp ipv6 2001:db8:e0ff:7837::3 test.
Using the IPv6 copy command Copying a file from an IPv6 TFTP server You can copy a file from an IPv6 TFTP server to the following destinations: • Flash memory. • Running configuration. • Startup configuration. Copying a file to flash memory For example, to copy a boot image from an IPv6 TFTP server to the primary or secondary storage location in the device’s flash memory, enter a command such as the following. Brocade# copy tftp flash ipv6 2001:db8:e0ff:7837::3 test.
Using the IPv6 ncopy command The overwrite keyword specifies that the device should overwrite the current configuration file with the copied file. If you do not specify this parameter, the device copies the file into the current running or startup configuration but does not overwrite the current configuration. NOTE You cannot use the overwrite option from non-console sessions, because it will disconnect the session.
Using the IPv6 ncopy command Copying the running or startup configuration to an IPv6 TFTP server For example, to copy a device’s running or startup configuration to an IPv6 TFTP server, enter a command such as the following. Brocade# ncopy running-config tftp ipv6 2001:db8:e0ff:7837::3 bakrun.cfg This command copies a device’s running configuration to a TFTP server with the IPv6 address of 2001:db8:e0ff:7837::3 and names the destination file bakrun.cfg.
Using the IPv6 ping command Uploading a running or startup configuration from an IPv6 TFTP server For example to upload a running or startup configuration from an IPv6 TFTP server to a device, enter a command such as the following. Brocade# ncopy tftp ipv6 2001:db8:e0ff:7837::3 newrun.cfg running-config This command uploads a file named newrun.cfg from a TFTP server with the IPv6 address of 2001:db8:e0ff:7837::3 to the device.
Using the IPv6 traceroute command The ttl number parameter specifies the maximum number of hops. You can specify a TTL from 1 255. The default is 64. The size bytes parameter specifies the size of the ICMP data portion of the packet. This is the payload and does not include the header. You can specify from 0 - 4000. The default is 16. The no-fragment keyword turns on the “don't fragment” bit in the IPv6 header of the ping packet. This option is disabled by default.
Using Telnet Using Telnet This section explains how to do the following: • Use the telnet command to establish a Telnet session from the device to a remote IPv6 host. • Establish a Telnet session from a remote IPv6 host to the device. Using the IPv6 Telnet command The telnet command allows a Telnet connection from a device to a remote IPv6 host using the console. Up to five read-access and one write-access inbound Telnet session are supported on the router at one time.
Using Secure Shell The ipv6-address parameter specifies the address of a remote host. You must specify this address in hexadecimal using 16-bit values between colons as documented in RFC 2373. The port-number parameter specifies the port number on which the device establishes the Telnet connection. You can specify a value between 1 - 65535. If you do not specify a port number, the device establishes the Telnet connection on port 23.
Using Secure Shell 506 Multi-Service IronWare Routing Configuration Guide 53-1003033-02
Chapter 14 Static IPv6 Routes Table 97 displays the individual Brocade devices and the IPv6 Routes features they support.
Configuring a static IPv6 route Brocade(config)# ipv6 route 2001:db8::0/32 ethernet 1 fe80::1 Syntax: [no] ipv6 route dest-ipv6-prefix/prefix-length [ ethernet slot/port | ve num | null0 ] next-hop-ipv6-address [metric] [ tag num] [distance number] To configure a static IPv6 route for a destination network with the prefix 2001:db8::0/32 and a next-hop gateway that the Brocade device can access through tunnel 1, enter the following command.
Configuring a IPv6 static multicast route TABLE 98 Static IPv6 route parameters (Continued) Parameter Configuration details Status Tag number This parameter specifies the tag value of the route. The possible values are 0 - 4294967295. The default is 0. The route’s administrative distance. You must specify the distance keyword and any numerical value. Optional for all static IPv6 routes. (The default administrative distance is 1.
BFD for Static Routes You can use the ethernet slot/portnum parameter to specify a physical port or the ve num parameter to specify a virtual interface. NOTE The ethernet slot/portnum parameter does not apply to PIM SM. The next-hop-enable-default parameter sets the default route to resolve the static route nexthop. The next-hop-recursion parameter sets the static route to resolve the static route nexthop. The distance num parameter sets the administrative distance for the route.
BFD for Static Routes • BFD for static routes will not support interface-based static routes for both IPv4 and IPv6. Configuring BFD for static routes The following example assumes the configured interface Ethernet 1/1 is as follows: interface ethernet 1/1 bfd interval 100 min-rx 100 multiplier 5 ip address 10.0.0.1/24 Single hop configuration To configure BFD for static routes, configure BFD neighbors using the following commands. BFD neighbors can be configured in unassociated mode using this command.
BFD for Static Routes The multi-hop BFD session to the next hop (BFD neighbor) 30.0.0.5 uses the TX and RX intervals of 90ms. When configuring multi-hop static route and multi-hop bfd neighbor, the protocol by which the nexthop is to be resolved must be stated using the IP route next-hop command. Show commands The show ip static route and show ipv6 static route command output indicates that BFD monitoring is enabled by the b next to the static route.
Chapter 15 BGP4+ (IPv6) Table 99 displays the individual Brocade devices and the BGP+ features they support.
Address family configuration level TABLE 99 Supported BGP4+ features Features supported Brocade NetIron XMR Series Brocade MLX Series Brocade NetIron CES 2000 Series BASE package Brocade NetIron CES 2000 Series ME_PREM package Brocade NetIron CES 2000 Series L3_PREM package Brocade NetIron CER 2000 Series Base package Brocade NetIron CER 2000 Series Advanced Services package BGP VPNv6 Support Yes Yes No Yes Yes No Yes BGP VRF6 Support Yes Yes Yes Yes Yes Yes Yes The implementation
Configuring BGP4+ NOTE Each address family configuration level allows you to access commands that apply to that particular address family only. To enable a feature in a particular address family, you must specify any associated commands for that feature in that particular address family. You cannot expect the feature, which you may have configured in the BGP4 unicast address family, to work in the BGP4+ unicast address family unless it is explicitly configured in the BGP4+ unicast address family.
Configuring BGP4+ Specify the AS number in which the device you are configuring resides.
Configuring BGP4+ Adding BGP4+ neighbors using link-local addresses To configure BGP4+ neighbors that use link-local addresses, you must do the following: • Add the IPv6 address of a neighbor in a remote AS to the BGP4+ neighbor table of the local device. • Identify the neighbor interface over which the neighbor and local device will exchange prefixes. • Configure a route map to set up a global next hop for packets destined for the neighbor.
Configuring BGP4+ Configuring a route map To configure a route map that filters routes advertised to a neighbor or sets up a global next hop for packets destined for the neighbor with the IPv6 link-local address fe80:4393:ab30:45de::1, enter commands such as the following (start at the BGP4+ unicast address family configuration level): Brocade(config-bgp-ipv6u)# Brocade(config-bgp-ipv6u)# Brocade(config)# route-map Brocade(config-route-map)# Brocade(config-route-map)# neighbor fe80:4398:ab30:45de::1 route
Configuring BGP4+ NOTE You can add IPv6 neighbors only to an IPv6 peer group. You cannot add an IPv4 neighbor to an IPv6 peer group and vice versa. IPv6 and IPv6 peer groups must remain separate. To configure a BGP4+ peer group, you must perform the tasks listed below. 1. Create a peer group. 2. Add a neighbor to the local device. 3. Assign the IPv6 neighbor to the peer group. 4. Activate the IPv6 neighbor and peer group.
Configuring BGP4+ Brocade(config-bgp-ipv6u)# neighbor 2001:db8:89::23 peer-group peer_group1 Syntax: neighbor ipv6-address peer-group peer-group-name The ipv6-address parameter specifies the IPv6 address of the neighbor. You must specify the ipv6-address parameter in hexadecimal using 16-bit values between colons as documented in RFC 2373. The peer-group peer-group-name parameter indicates the name of the already created peer group.
Configuring BGP4+ You can enable the BGP4+ device to advertise the default BGP4+ route by specifying the default-information-originate command at the BGP4+ unicast address family configuration level. Before entering this command, the default route ::/0 must be present in the IPv6 route table.
Configuring BGP4+ Redistributing prefixes into BGP4+ You can configure the device to redistribute routes from the following sources into BGP4+: • • • • • Static IPv6 routes Directly connected IPv6 networks OSPFv3 RIPng IS-IS You can redistribute routes in the following ways: • By route types, for example, the device redistributes all IPv6 static and RIPng routes.
Configuring BGP4+ The ipv6-prefix/prefix-length parameter specifies the aggregate value for the networks. You must specify the ipv6-prefix parameter in hexadecimal using 16-bit values between colons as documented in RFC 2373. You must specify the prefix-length parameter as a decimal value. A slash mark (/) must follow the ipv6-prefix parameter and precede the prefix-length parameter.
Configuring BGP4+ By default, the software performs only one lookup for the next-hop IP address for the BGP4+ route. If the next-hop lookup does not result in a valid next-hop IP address, or the path to the next-hop IP address is a BGP4+ path, the software considers the BGP4+ route destination to be unreachable. The route is not eligible to be added to the IP route table.
Clearing BGP4+ information Since the route to 10.102.0.1/24 is not an IGP route, the device cannot reach the next hop through IP, and so cannot use the BGP4+ route. In this case, since recursive next-hop lookups are enabled, the device next performs a lookup for the next-hop gateway to 10.102.0.0.1’s next-hop gateway, 10.0.0.1. The next-hop IP address for 10.102.0.1 is not an IGP route, which means the BGP4+ route destination still cannot be reached through IP.
Clearing BGP4+ information Brocade# clear ipv6 bgp dampening 2001:db8::/32 This command un-suppresses only the routes for network 2001:db8::/32. Clearing route flap dampening statistics The device allows you to clear all route flap dampening statistics or statistics for a specified IPv6 prefix or a regular expression. NOTE Clearing the dampening statistics for a route does not change the dampening status of the route.
Clearing BGP4+ information Clearing BGP4+ neighbor diagnostic buffers You can clear the following BGP4+ neighbor diagnostic information in buffers: • The first 400 bytes of the last packet that contained an error. • The last NOTIFICATION message either sent or received by the neighbor. To display these buffers, use the last-packet-with-error keyword with the show ipv6 bgp neighbors command. For more information about this command, refer to “Displaying last error packet from a BGP4+ neighbor” on page 557.
Clearing BGP4+ information If you use the soft in prefix-filter keyword, the device sends an updated IPv6 prefix list to the neighbor as part of its route refresh message to the neighbor. Closing or resetting a BGP4+ neighbor session You can close a neighbor session or resend route updates to a neighbor. You can specify all neighbors, a single neighbor, or all neighbors within a specific peer group or AS.
Clearing BGP4+ information Syntax: clear ipv6 bgp neighbor all | ipv6-address | peer-group-name | as-number traffic The all | ipv6-address | peer-group-name | as-number specifies the neighbor. The ipv6-address parameter specifies a neighbor by its IPv6 address. You must specify this address in hexadecimal using 16-bit values between colons as documented in RFC 2373. The peer-group-name specifies all neighbors in a specific peer group. The as-number parameter specifies all neighbors within the specified AS.
Clearing BGP4+ information Syntax: clear ipv6 bgp traffic Clearing BGP4+VPNv6 neighbor information To clear the local information for all BGP4+ VPNv6 neighbors, enter the following command.
Displaying BGP4+ information Syntax: clear ipv6 bgp vrf vrf-name traffic Displaying BGP4+ information You can display the following BGP4+ information: • • • • • • • • • • BGP4+ route table. BGP4+ route information. BGP4+ route-attribute entries. BGP4+ configuration information. Dampened BGP4+ paths. Filtered-out BGP4+ routes. BGP4+ route flap dampening statistics. BGP4+ neighbor information. BGP4+ peer group configuration information. BGP4+ summary information.
Displaying BGP4+ information AS_PATH: Table 100 describes the output parameters of the show ipv6 bgp routes command. TABLE 100 Output parameters of the show ipv6 bgp routes command Field Description Number of BGP4+ Routes The number of routes displayed by the command. Status codes A list of the characters the display uses to indicate the route’s status. The status code appears in the Status column of the display. The status codes are described in the command’s output. Prefix The route’s prefix.
Displaying BGP4+ information community-filter number | detail [option] | local | neighbor ipv6-address | nexthop ipv6-address | no-best | prefix-list name | regular-expression regular-expression | route-map name | summary | unreachable] You can use the following options with the show ipv6 bgp routes command to determine the content of the display: The ipv6-prefix/prefix-length parameter displays routes for a specific network.
Displaying BGP4+ information The summary keyword displays summary information for the routes. The unreachable keyword displays the routes that are unreachable because the device does not have a valid RIPng, OSPFv3, or static IPv6 route to the next hop. To display details about BGP4+ routes, enter the following command at any level of the CLI.
Displaying BGP4+ information TABLE 101 Output parameters of the show ipv6 bgp route detail command (Continued) Field Description LOCAL_PREF For information about this field, refer to Table 102 on page 538. MED The value of the advertised route’s MED attribute. If the route does not have a metric, this field is blank. Origin The source of the route information. The origin can be one of the following: • A – AGGREGATE. The route is an aggregate route for multiple networks. • B – BEST.
Displaying BGP4+ information Syntax: show ipv6 bgp routes detail [ipv6-prefix/prefix-length | table-entry-number | age seconds | as-path-access-list name | as-path-filter number | best | cidr-only | [community number | no-export | no-advertise | internet | local-as] | community-access-list name | community-filter number | local | neighbor ipv6-address | nexthop ipv6-address | no-best | prefix-list name | regular-expression regular-expression | route-map name | summary | unreachable] You can use the followi
Displaying BGP4+ information The route-map name parameter filters the display using the specified route map. The software displays only the routes that match the match statements in the route map. The software disregards the route map’s set statements. The summary keyword displays summary information for the routes. The unreachable keyword displays the routes that are unreachable because the device does not have a valid RIPng, OSPFv3 or static IPv6 route to the next hop.
Displaying BGP4+ information Brocade# show ipv6 bgp 2001:db8::/32 longer-prefixes Number of BGP Routes matching display condition : 3 Status codes: s suppressed, d damped, h history, * valid, > best, i internal Origin codes: i - IGP, e - EGP, ? - incomplete Network Next Hop MED LocPrf Weight Path *> 2001:db8::/32 :: 1 100 32768 ? *> 2001:db8:1234::/48 :: 1 100 32768 ? *> 2001:db8:e0ff::/48 :: 1 100 32768 ? Route is advertised to 1 peers: 2001:db8:4::110(65002) These displays show the following information
Displaying BGP4+ information Brocade# show ipv6 bgp attribute-entries Total number of BGP Attribute Entries: 378 1 Next Hop ::: MED :1 Origin:INCOMP Originator:0.0.0.0 Cluster List:None Aggregator:AS Number :0 Router-ID:0.0.0.0 Atomic:None Local Pref:100 Communities:Internet AS Path :(65002) 65001 4355 2548 3561 5400 6669 5548 Address: 0x27a4cdb0 Hash:877 (0x03000000) Reference Counts: 2:0:2 ... NOTE Portions of this display are truncated for brevity.
Displaying BGP4+ information TABLE 103 BGP4+ route-attribute entries information (Continued) This field... Displays... Communities The communities that routes with this set of attributes are in. AS Path The ASs through which routes with this set of attributes have passed. The local AS is shown in parentheses. Address For debugging purposes only. Hash For debugging purposes only. Reference Counts For debugging purposes only.
Displaying BGP4+ information Displaying dampened BGP4+ paths To display BGP4+ paths that have been dampened (suppressed) by route flap dampening, enter the following command at any level of the CLI.
Displaying BGP4+ information Brocade# show ipv6 bgp filtered-routes Searching for matching routes, use ^C to quit...
Displaying BGP4+ information TABLE 105 Summary of filtered-out BGP4+ route information (Continued) This field... Displays... Weight The value that this device associates with routes from a specific neighbor. For example, if the receives routes to the same destination from two BGP4+ neighbors, the prefers the route from the neighbor with the larger weight. Status The route’s status, which can be one or more of the following: A – AGGREGATE – The route is an aggregate route for multiple networks.
Displaying BGP4+ information To display detailed information about the routes that have been filtered out by BGP4+ route policies, enter the following command at any level of the CLI.
Displaying BGP4+ information This display shows the following information. TABLE 106 Detailed filtered-out BGP4+ route information This field... Displays... Status codes A list of the characters the display uses to indicate the route’s status. The Status field display an “F” for each filtered route. Prefix For information about this field, refer to Table 105 on page 542. Status For information about this field, refer to Table 105 on page 542. Age The age of the route, in seconds.
Displaying BGP4+ information Displaying route flap dampening statistics To display route dampening statistics for all dampened routes, enter the following command at any level of the CLI.
Displaying BGP4+ information TABLE 107 Route flap dampening statistics This field... Displays... Reuse The amount of time (in hh:mm:ss) after which the path is again available. Path The AS path of the route. You also can display all the dampened routes by using the show ipv6 bgp dampened-paths command. For more information, refer to “Displaying dampened BGP4+ paths” on page 541.
Displaying BGP4+ information Displaying IPv6 neighbor configuration information and statistics To display BGP4+ neighbor configuration information and statistics, enter the following command at any level of the CLI. Brocade# show ipv6 bgp neighbor 2001:db8::110 1 IP Address: 2001:db8::110, AS: 65002 (EBGP), RouterID: 10.1.1.
Displaying BGP4+ information This display shows the following information. TABLE 108 BGP4+ neighbor configuration information and statistics This field... Displays... IP Address The IPv6 address of the neighbor. AS The AS in which the neighbor resides. EBGP or IBGP Whether the neighbor session is an IBGP session, an EBGP session, or a confederation EBGP session: • EBGP – The neighbor is in another AS. • EBGP_Confed – The neighbor is a member of another sub-AS in the same confederation.
Displaying BGP4+ information TABLE 108 550 BGP4+ neighbor configuration information and statistics (Continued) This field... Displays... Last Update Time Lists the last time updates were sent and received for the following: • NLRIs • Withdraws Last Connection Reset Reason The reason the previous session with this neighbor ended. The reason can be one of the following: • No abnormal error has occurred.
Displaying BGP4+ information TABLE 108 BGP4+ neighbor configuration information and statistics (Continued) This field... Displays... Notification Sent If the device receives a NOTIFICATION message from the neighbor, the message contains an error code corresponding to one of the following errors. Some errors have subcodes that clarify the reason for the error. Where applicable, the subcode messages are listed underneath the error code messages.
Displaying BGP4+ information TABLE 108 552 BGP4+ neighbor configuration information and statistics (Continued) This field... Displays... TCP Connection state The state of the connection with the neighbor. The connection can have one of the following states: • LISTEN – Waiting for a connection request. • SYN-SENT – Waiting for a matching connection request after having sent a connection request.
Displaying BGP4+ information TABLE 108 BGP4+ neighbor configuration information and statistics (Continued) This field... Displays... RcvQue The number of sequence numbers in the receive queue. CngstWnd The number of times the window has changed. Displaying routes advertised to a BGP4+ neighbor You can display a summary or detailed information about the following: • All routes a device has advertised to a neighbor. • A specified route a device has advertised to a neighbor.
Displaying BGP4+ information TABLE 109 Summary of route information advertised to a BGP4+ neighbor (Continued) This field... Displays... LocPrf The degree of preference for the advertised route relative to other routes in the local AS. When the BGP4+ algorithm compares routes on the basis of local preferences, the route with the higher local preference is chosen. The preference range is 0 – 4294967295. Weight The value that this device associates with routes from a specific neighbor.
Displaying BGP4+ information TABLE 110 Detailed route information advertised to a BGP4+ neighbor (Continued) This field... Displays... Next Hop For information about this field, refer to Table 109 on page 553. Learned from Peer The IPv6 address of the neighbor from which this route is learned. “Local Router” indicates that the device itself learned the route. LOCAL_PREF For information about this field, refer to Table 109 on page 553. MED The value of the advertised route’s MED attribute.
Displaying BGP4+ information Syntax: show ipv6 bgp neighbor ipv6-address attribute-entries The ipv6-address parameter displays the route attribute entries for a specified neighbor. You must specify this address in hexadecimal using 16-bit values between colons as documented in RFC 2373. This display shows the following information. TABLE 111 BGP4+ neighbor route-attribute entries information This field... Displays...
Displaying BGP4+ information Displaying route flap dampening statistics for a BGP4+ neighbor To display route flap dampening statistics for a specified BGP4+ neighbor, enter the following command at any level of the CLI. Brocade# show ipv6 bgp neighbor 2001:db8::110 flap-statistics Total number of flapping routes: 14 Status Code >:best d:damped h:history *:valid Network From Flaps Since Reuse Path h> 2001:db8:2::/48 10.90.213.77 1 0 :0 :13 0 :0 :0 65001 4355 1 701 *> 2001:db8:34::/48 10.90.213.
Displaying BGP4+ information Brocade# show ipv6 bgp neighbor last-packet-with-error Total number of BGP Neighbors: 266 No received packet with error logged for any neighbor Syntax: show ipv6 bgp neighbor last-packet-with-error This display shows the following information. TABLE 113 Last error packet information for BGP4+ neighbors This field... Displays... Total number of BGP Neighbors The total number of configured neighbors for a device.
Displaying BGP4+ information Brocade# show ipv6 bgp neighbor 2001:db8::10 received-routes There are 4 received routes from neighbor 2001:db8::10 Searching for matching routes, use ^C to quit...
Displaying BGP4+ information TABLE 114 Summary of route information received from a BGP4+ neighbor (Continued) This field... Displays... Weight The value that this device associates with routes from a specific neighbor. For example, if the receives routes to the same destination from two BGP4+ neighbors, the prefers the route from the neighbor with the larger weight. Status The advertised route’s status, which can be one or more of the following: A – AGGREGATE.
Displaying BGP4+ information Brocade# show ipv6 bgp neighbor 2001:db8:1::1 received-routes detail There are 4 received routes from neighbor 2001:db8:1::1 Searching for matching routes, use ^C to quit...
Displaying BGP4+ information TABLE 115 Detailed route information received from a BGP4+ neighbor (Continued) This field... Displays... Adj RIB out count The number of routes in the device’s current BGP4+ Routing Information Base (Adj-RIB-Out) for a specified neighbor. Admin distance The administrative distance of the route.
Displaying BGP4+ information This display shows the following information. TABLE 116 Summary of RIB route information for a BGP4+ neighbor This field... Displays... Number of RIB_out routes for a specified neighbor (appears only in display for all RIB routes) The number of RIB routes displayed by the command. Status codes A list of the characters the display uses to indicate the route’s status. The status code appears in the Status column of the display.
Displaying BGP4+ information This display shows the following information. TABLE 117 Detailed RIB route information for a BGP4+ neighbor This field... Displays... Number of RIB_out routes for a specified neighbor (appears only in display for all routes) For information about this field, refer to Table 116 on page 563. Status codes For information about this field, refer to Table 116 on page 563. Prefix For information about this field, refer to Table 116 on page 563.
Displaying BGP4+ information Brocade# show ipv6 bgp neighbor 2001:db8::106 routes best There are 2 accepted routes from neighbor 2001:db8::106 Searching for matching routes, use ^C to quit...
Displaying BGP4+ information TABLE 118 This field... Status Summary of best and unreachable routes from a BGP4+ neighbor (Continued) Displays... The route’s status, which can be one or more of the following: A – AGGREGATE. The route is an aggregate route for multiple networks. B – BEST. BGP4+ has determined that this is the optimal route to the destination. • C – CONFED_EBGP. The route was learned from a neighbor in the same confederation and AS, but in a different sub-AS within the confederation.
Displaying BGP4+ information TABLE 119 Detailed best and unreachable routes from a BGP4+ neighbor (Continued) This field... Displays... Age The age of the route, in seconds. Next Hop For information about this field, refer to Table 118 on page 565. Learned from Peer The IPv6 address of the neighbor from which this route is learned. “Local Router” indicates that the device itself learned the route. LOCAL_PREF For information about this field, refer to Table 118 on page 565.
Displaying BGP4+ information Syntax: show ipv6 bgp neighbor [ipv6-address] routes-summary This display shows the following information. TABLE 120 BGP4+ neighbor route summary information This field... Displays... IP Address The IPv6 address of the neighbor Routes Received How many routes the device has received from the neighbor during the current BGP4+ session: • Accepted or Installed – Indicates how many of the received routes the device accepted and installed in the BGP4+ route table.
Displaying BGP4+ information TABLE 120 BGP4+ neighbor route summary information (Continued) This field... Displays... NLRIs Sent in Update Message The number of NLRIs for new routes the device has sent to this neighbor in UPDATE messages: • Withdraws – The number of routes the device has sent to the neighbor to withdraw. • Replacements – The number of routes the device has sent to the neighbor to replace routes the neighbor already has.
Displaying BGP4+ information Displaying BGP4+ summary To view summary BGP4+ information for the device, enter the following command at any level of the CLI. Brocade# show ipv6 bgp summary BGP4 Summary Router ID: 10.223.223.
Displaying BGP4+ information TABLE 121 BGP4+ summary information (Continued) This field... Displays... State The state of this neighbor session with each neighbor. The states are from this perspective of the session, not the neighbor’s perspective. The state values can be one of the following for each: • IDLE – The BGP4+ process is waiting to be started. Usually, enabling BGP4+ or establishing a neighbor session starts the BGP4+ process.
Displaying BGP4+ information Displaying BGP4+VPNv6 neighbor information To view BGP4+ configuration information and statistics for IPv4 neighbors with VPNv6 capability negotiated, enter the following command. Brocade(config-bgp-vpnv4u)#show ip bgp vpnv6 neighbors 1 IP Address: 40.0.0.4, AS: 100 (IBGP), RouterID: 4.4.4.
Displaying BGP4+ information TABLE 122 BGP4+ VPNv6 neighbor information (Continued) This field... Displays... State The state of the session with the neighbor. The states are from the perspective of this device of the session, not the perspective of the neighbor. The state values are based on the BGP4 state machine values described in RFC 1771 and can be one of the following for each device: • IDLE – The BGP4 process is waiting to be started.
Displaying BGP4+ information TABLE 122 BGP4+ VPNv6 neighbor information (Continued) 574 This field... Displays... Messages Received The number of messages this device has received from the neighbor. The message types are the same as for the Message Sent field. Last Update Time Lists the last time updates were sent and received for the following: • NLRIs • Withdraws Last Connection Reset Reason The reason the previous session with this neighbor ended.
Displaying BGP4+ information TABLE 122 BGP4+ VPNv6 neighbor information (Continued) This field... Displays... Notification Sent When the device receives a NOTIFICATION message from the neighbor, the message contains an error code corresponding to one of the following errors. Some errors have subcodes that clarify the reason for the error. Where applicable, the subcode messages are listed underneath the error code messages.
Displaying BGP4+ information TABLE 122 BGP4+ VPNv6 neighbor information (Continued) 576 This field... Displays... TCP Connection state The state of the connection with the neighbor. The connection can have one of the following states: • LISTEN – Waiting for a connection request. • SYN-SENT – Waiting for a matching connection request after having sent a connection request.
Displaying BGP4+ information TABLE 122 BGP4+ VPNv6 neighbor information (Continued) This field... Displays... TotalRcv The number of sequence numbers received from the neighbor. DupliRcv The number of duplicate sequence numbers received from the neighbor. RcvWnd The size of the receive window. SendQue The number of sequence numbers in the send queue. RcvQue The number of sequence numbers in the receive queue. CngstWnd The number of times the window has changed.
Displaying BGP4+ information TABLE 123 BGP4+ VPNv6 route information This field... Displays... Total number of BGP Routes The number of BGP4+ routes the Brocade device has installed in the BGP4 route table. Status The route status, which can be one or more of the following: A – AGGREGATE.The route is an aggregate route for multiple networks. B – BEST. BGP4 has determined that this is the optimal route to the destination.
Displaying BGP4+ information Brocade#show ip bgp vpnv6 tags Network Next Hop Route Distinguisher: 1:1 10::41/128 ::FFFF:40:0:0:2 30::/64 ::FFFF:40:0:0:2 40::/64 ::FFFF:40:0:0:2 100::/64 ::FFFF:40:0:0:2 In-Label Out-Label - 500002 500002 500002 500002 Syntax: show ip bgp vpnv6 tags Table 124 provides information about the command output. TABLE 124 BGP4+ VPNv6 route label information This field... Displays... Network IP address or mask of the destination network of the route.
Displaying BGP4+ information Table 125 provides information about the command output. TABLE 125 580 BGP4+ VPNv6 summary information This field... Displays... Router ID The device’s ID. Local AS Number The BGP4+ AS number for the device. Confederation Identifier The AS number of the confederation in which the device resides. Confederation Peers The numbers of the local ASs contained in the confederation. This list matches the confederation peer list you configure on the device.
Displaying BGP4+ information This field... Displays... State The state of the session with the neighbor. The states are from the perspective of this device of the session, not the perspective of the neighbor. The state values are based on the BGP4 state machine values described in RFC 1771 and can be one of the following for each device: • IDLE – The BGP4 process is waiting to be started. Usually, enabling BGP4 or establishing a neighbor session starts the BGP4 process.
Displaying BGP4+ information Displaying BGP4+VRF6 neighbor information To view BGP4+ configuration information about a specified VRF6’s neighbors, enter the following command. Brocade#show ipv6 bgp vrf abc neighbors Total number of BGP Neighbors: 1 1 IP Address: 3:3:3::3, AS: 100 (IBGP), RouterID: 3.3.3.
Displaying BGP4+ information TABLE 126 BGP4+ VRF6 neighbor information (Continued) This field... Displays... State The state of the session with the neighbor. The states are from the perspective of this device of the session, not the perspective of the neighbor. The state values are based on the BGP4 state machine values described in RFC 1771 and can be one of the following for each device: • IDLE – The BGP4 process is waiting to be started.
Displaying BGP4+ information TABLE 126 BGP4+ VRF6 neighbor information (Continued) 584 This field... Displays... Last Connection Reset Reason The reason the previous session with this neighbor ended.
Displaying BGP4+ information TABLE 126 BGP4+ VRF6 neighbor information (Continued) This field... Displays... Notification Sent When the device receives a NOTIFICATION message from the neighbor, the message contains an error code corresponding to one of the following errors. Some errors have subcodes that clarify the reason for the error. Where applicable, the subcode messages are listed underneath the error code messages.
Displaying BGP4+ information TABLE 126 BGP4+ VRF6 neighbor information (Continued) 586 This field... Displays... BFD Shows whether or not Bidirectional Forwarding Detection (BFD) is enabled on the device. TCP Connection state The state of the connection with the neighbor. The connection can have one of the following states: • LISTEN – Waiting for a connection request. • SYN-SENT – Waiting for a matching connection request after having sent a connection request.
Displaying BGP4+ information TABLE 126 BGP4+ VRF6 neighbor information (Continued) This field... Displays... RcvNext The next sequence number expected from the neighbor. SendWnd The size of the send window. TotalRcv The number of sequence numbers received from the neighbor. DupliRcv The number of duplicate sequence numbers received from the neighbor. RcvWnd The size of the receive window. SendQue The number of sequence numbers in the send queue.
Displaying BGP4+ information Displaying BGP4+ VRF6 peer group information To view BGP4+ VRF6 peer group information for a specified VRF6, enter the following command.
Displaying BGP4+ information Brocade#show ipv6 bgp vrf vrf2001 route Total number of BGP Routes: 13 Status A:AGGREGATE B:BEST b:NOT-INSTALLED-BEST C:CONFED_EBGP D:DAMPED E:EBGP H:HISTORY I:IBGP L:LOCAL M:MULTIPATH m:NOT-INSTALLED-MULTIPATH S:SUPPRESSED F:FILTERED s:STALE Prefix Next Hop MED LocPrf Weight Status 1 40:4:1::/64 :: 0 100 32768 BL AS_PATH: 2 44:4:1::/64 ::ffff:7.7.7.1 0 100 0 BI AS_PATH: 3 44:4:1::/64 ::ffff:12.2.1.10 0 100 0 I AS_PATH: 4 44:4:1::/64 ::ffff:12.2.1.
Displaying BGP4+ information This field... Displays... Total number of BGP Routes The number of BGP4+ routes the Brocade device has installed in the BGP4 route table. Status The route status, which can be one or more of the following: A – AGGREGATE.The route is an aggregate route for multiple networks. B – BEST. BGP4 has determined that this is the optimal route to the destination. • • NOTE: If the “b” is lowercase, the software was not able to install the route in the IP route table.
Displaying BGP4+ information Brocade#show ipv6 bgp vrf abc summary BGP4 Summary Router ID: 1.1.1.
Configuring BGP4+ graceful restart TABLE 128 BGP4+ VRF6 nexthop information (Continued) This field... Displays... State The state of the session with the neighbor. The states are from the perspective of this device of the session, not the perspective of the neighbor. The state values are based on the BGP4 state machine values described in RFC 1771 and can be one of the following for each device: • IDLE – The BGP4 process is waiting to be started.
Configuring BGP4+ graceful restart BGP4+ Graceful Restart can be executed in both IPv4 and IPv6 address families. Depending on the remote neighbor address family, the command and its parameters will be taken from the IPv4 family or IPv6 family. When the graceful restart command is enabled, the BGP graceful restart capability is negotiated with neighbors in the BGP OPEN message when the session is established.
Configuring BGP4+ graceful restart Brocade(config-bgp)# graceful-restart stale-routes-time 120 Syntax: [no] graceful-restart stale-routes-time seconds The seconds variable sets the maximum time before a helper device cleans up stale routes. The allowable range is 1 to 3600 seconds. The default value is 360 seconds. Configuring BGP4+ graceful restart purge timer Use the following command to specify the maximum amount of time a device will maintain stale routes in its routing table before purging them.
Commands Commands The following commands support the features described in this chapter: • address-family ipv6 unicast vrf • address-family vpnv6 unicast • clear ip bgp vpnv6 neighbor • clear ipv6 bgp vrf • neighbor capability orf • neighbor remote-as • show ip bgp vpnv6 neighbors • show ip bgp vpnv6 routes • show ip bgp vpnv6 summary • show ip bgp vpnv6 tags • show ipv6 bgp vrf neighbors • show ipv6 bgp vrf nexthop • show ipv6 bgp vrf peer-group • show ipv6 bgp vrf routes • show ipv6 bgp vrf summary Mul
address-family ipv6 unicast vrf address-family ipv6 unicast vrf Configures the BGP commands for a specific VRF neighbor. Syntax Command Default Parameters address-family ipv6 unicast vrf vrf-name None vrf-name The vrf option allows you to configure a unicast instance for the VRF specified by the vrf-name variable. Command Modes BGP interface configuration mode Usage Guidelines The address-family ipv6 unicast vrf command is used to configure the BGP commands for a specific VRF neighbor.
address-family vpnv6 unicast address-family vpnv6 unicast Configures the IPv6 address family and allows BGP peers to accept the address family-specific configuration. Syntax address-family vpnv6 unicast Command Default None Parameters None Command Modes BGP interface configuration mode Usage Guidelines The address-family vpnv6 unicast command is used to configure the IPv6 address family and for BGP peers to accept address family specific configuration.
clear ip bgp vpnv6 neighbor clear ip bgp vpnv6 neighbor Clears the information specific to BGP VPNv6 neighbors Syntax Command Default Parameters clear ip bgp vpnv6 neighbor { as-number { soft | soft-outbound } | ip-address { soft | soft-outbound } | all { soft | soft-outbound }} None as-number neighbors with the AS number ip-address Neighbor IP address all Clears all BGP neighbors soft Soft reconfiguration soft-outbound Soft reconfiguration outbound update, and send only updated routes Command M
clear ipv6 bgp vrf clear ipv6 bgp vrf Clears IPV6 neighbor information for a specific VRF Syntax clear ipv6 bgp local [routes] Command Default None Parameters routes Clears local route information local Clears local information Command Modes Global configuration mode Usage Guidelines The clear ipv6 bgp local command clears the local route information for IPv6 neighbor for a specific VPN routing/ forwarding instance. Examples The following clear commands are provided with the VRF option.
neighbor capability orf neighbor capability orf Configures outbound route filtering capability to neighbor.
neighbor capability orf this neighbor Brocade(config-bgp-vpnv6u)#neighbor 1.1::1.1 capability orf extended-community send-vrf-filter The following example explains configuring outbound route filtering capability to peers.
neighbor remote-as neighbor remote-as Configures the neighbor router in the VPNv6 unicast address family. Syntax Command Default Parameters neighbor ipv4-address remote-as as-number None ipv4-address Neighbor IP address remote-as Specifies a BGP neighbor as-number AS number of a remote neighbor Command Modes Global configuration mode Usage Guidelines The neighbor remote-as command is used to configure neighbor router in VPNv6 unicast address family. Only IPv4 neighbors are supported.
show ip bgp vpnv6 neighbors show ip bgp vpnv6 neighbors Displays BGP4+ configuration information for IPv4 neighbors Syntax Parameters show ip bgp vpnv6 neighbors None Command Modes Privileged EXEC mode Usage Guidelines The show ip bgp vpnv6 neighbors command displays BGP4+ configuration information and statistics for IPv4 neighbors with VPNv6 capability negotiated.
show ip bgp vpnv6 neighbors Output field Description Time The amount of time this session has been in its current state. KeepAliveTime The KeeAliveTime, which specifies how often this device sends keep alive messages to the neighbor. HoldTime The hold time, which specifies how many seconds the device waits for a KEEPALIVE or UPDATE message from a BGP4 neighbor before deciding that the neighbor is dead.
show ip bgp vpnv6 neighbors Output field Description Last Connection Reset Reason The reason the previous session with this neighbor ended.
show ip bgp vpnv6 neighbors 606 Output field Description Notification Sent When the device receives a NOTIFICATION message from the neighbor, the message contains an error code corresponding to one of the following errors. Some errors have subcodes that clarify the reason for the error. Where applicable, the subcode messages are listed underneath the error code messages.
show ip bgp vpnv6 neighbors Output field Description TCP Connection state The state of the connection with the neighbor. The connection can have one of the following states: • LISTEN – Waiting for a connection request. • SYN-SENT – Waiting for a matching connection request after having sent a connection request. • SYN-RECEIVED – Waiting for a confirming connection request acknowledgment after having both received and sent a connection request.
show ip bgp vpnv6 neighbors Examples The following example displays BGP4+ neighbor information: Brocade(config-bgp-vpnv4u)#show ip bgp vpnv6 neighbors 1 IP Address: 40.0.0.4, AS: 100 (IBGP), RouterID: 4.4.4.
show ip bgp vpnv6 routes show ip bgp vpnv6 routes Displays the BGP4+ VPNv6 routing table information for IPv4 neighbors Syntax Parameters show ip bgp vpnv6 routes None Command Modes Privileged EXEC mode Usage Guidelines The show ip bgp vpnv6 routes command displays the BGP4+ VPNv6 routing table information for IPv4 neighbors.
show ip bgp vpnv6 routes Examples Output field Description LocPrf The degree of preference for this route relative to other routes in the local AS. When the BGP4+ algorithm compares routes on the basis of local preferences, the route with the higher local preference is chosen. The preference can have a value from 0 – 4294967295. Weight The value that this route associates with routes from a specific neighbor.
show ip bgp vpnv6 summary show ip bgp vpnv6 summary Displays the BGP4+ VPNv6 overall information Syntax Parameters show ip bgp vpnv6 summary None Command Modes Privileged EXEC mode Usage Guidelines The show ip bgp vpnv6 summary command displays the BGP4+ VPNv6 overall information. Command Output The show ip bgp vpnv6 summary command displays the following information: Output field Description Router ID The device’s ID. Local AS Number The BGP4+ AS number for the device.
show ip bgp vpnv6 summary Output field Description State The state of the session with the neighbor. The states are from the perspective of this device of the session, not the perspective of the neighbor. The state values are based on the BGP4 state machine values described in RFC 1771 and can be one of the following for each device: • IDLE – The BGP4 process is waiting to be started. Usually, enabling BGP4 or establishing a neighbor session starts the BGP4 process.
show ip bgp vpnv6 summary History Release Command History Multi-Service IronWare R05.5.00 This command was introduced.
show ip bgp vpnv6 tags show ip bgp vpnv6 tags Displays the BGP4+ route label information for IPv4 neighbors Syntax Parameters show ip bgp vpnv6 tags None Command Modes Privileged EXEC mode Usage Guidelines The show ip bgp vpnv6 tags command displays the BGP4+ route label information for IPv4 neighbors.
show ip bgp vpnv6 tags show ip bgp vpnv6 summary Multi-Service IronWare Routing Configuration Guide 53-1003033-02 615
show ipv6 bgp vrf neighbors show ipv6 bgp vrf neighbors Displays BGP4+ configuration information about a specified VRF6’s neighbors Syntax Parameters show ipv6 bgp vrf vrf-name neighbors vrf-name Specifies the VRF6 name whose neighbor information needs to be displayed. Command Modes Privileged EXEC mode Usage Guidelines The show ipv6 bgp vrf neighbors command displays details about the BGP4+ VRF6’s neighbors.
show ipv6 bgp vrf neighbors Output field Description Time The amount of time this session has been in its current state. KeepAliveTime The KeeAliveTime, which specifies how often this device sends keep alive messages to the neighbor. HoldTime The hold time, which specifies how many seconds the device waits for a KEEPALIVE or UPDATE message from a BGP4 neighbor before deciding that the neighbor is dead. Messages Sent The number of messages this device has sent to the neighbor.
show ipv6 bgp vrf neighbors 618 Output field Description Last Connection Reset Reason (cont.) • Notification Sent When the device receives a NOTIFICATION message from the neighbor, the message contains an error code corresponding to one of the following errors. Some errors have subcodes that clarify the reason for the error. Where applicable, the subcode messages are listed underneath the error code messages.
show ipv6 bgp vrf neighbors Output field Description Neighbor IPv6 MPLS Label Capability Negotiation Shows the state of the router’s IPv6 MPLS label capability negotiation with the neighbor. The states can be one of the following: • Peer negotiated IPv6 MPLS Label capability • Peer configured for IPv6 MPLS Label capability Neighbor AS4 Capability Negotiation Shows the state of the router’s AS4 capability negotiation with the neighbor.
show ipv6 bgp vrf neighbors Examples Output field Description IRcvSeq The initial receive sequence number for the session. RcvNext The next sequence number expected from the neighbor. SendWnd The size of the send window. TotalRcv The number of sequence numbers received from the neighbor. DupliRcv The number of duplicate sequence numbers received from the neighbor. RcvWnd The size of the receive window. SendQue The number of sequence numbers in the send queue.
show ipv6 bgp vrf neighbors History Release Command History Multi-Service IronWare R05.5.00 This command was introduced.
show ipv6 bgp vrf nexthop show ipv6 bgp vrf nexthop Displays BGP4+ nexthop information for a specified VRF6 Syntax Parameters show ipv6 bgp vrf vrf-name nexthop vrf-name Specifies the VRF6 name whose nexthop information needs to be displayed. Command Modes Privileged EXEC mode Usage Guidelines The show ipv6 bgp vrf nexthop command displays details about the BGP4+ VRF6’s nexthop.
show ipv6 bgp vrf peer-group show ipv6 bgp vrf peer-group Displays BGP4+ peer-group information for a specified VRF6 Syntax Parameters show ipv6 bgp vrf vrf-name peer-group vrf-name Specifies the VRF6 name whose peer-group information needs to be displayed. Command Modes Privileged EXEC mode Usage Guidelines The show ipv6 bgp vrf peer-group command displays details about the BGP4+ VRF6’s peer-group.
show ipv6 bgp vrf peer-group show ipv6 bgp vrf nexthop show ipv6 bgp vrf routes show ipv6 bgp vrf summary 624 Multi-Service IronWare Routing Configuration Guide 53-1003033-02
show ipv6 bgp vrf routes show ipv6 bgp vrf routes Displays the VRF6 summary statistics for all the VRF6 routes Syntax Parameters show ipv6 bgp vrf vrf-name routes vrf-name Specifies the VRF6 name whose route information needs to be displayed. Command Modes Privileged EXEC mode Usage Guidelines The show ipv6 bgp vrf routes command displays the VRF6 route information for all the VRF6 routes in the device’s BGP4+ route table for a specified VRF.
show ipv6 bgp vrf routes Examples Output field Description LocPrf The degree of preference for this route relative to other routes in the local AS. When the BGP4+ algorithm compares routes on the basis of local preferences, the route with the higher local preference is chosen. The preference can have a value from 0 – 4294967295. Weight The value that this route associates with routes from a specific neighbor.
show ipv6 bgp vrf routes Related Commands show ipv6 bgp vrf neighbors show ipv6 bgp vrf nexthop show ipv6 bgp vrf summary show ipv6 bgp vrf peer-group Multi-Service IronWare Routing Configuration Guide 53-1003033-02 627
show ipv6 bgp vrf summary show ipv6 bgp vrf summary Displays the VRF6 summary statistics for all the VRF6 routes Syntax Parameters show ipv6 bgp vrf vrf-name summary vrf-name Specifies the VRF6 name whose summary statistics needs to be displayed. Command Modes Privileged EXEC mode Usage Guidelines The show ipv6 bgp vrf summary command displays the VRF6 summary statistics for all the VRF6 routes in the device’s BGP4+ route table for a specified VRF.
show ipv6 bgp vrf summary Output field Description State The state of the session with the neighbor. The states are from the perspective of this device of the session, not the perspective of the neighbor. The state values are based on the BGP4 state machine values described in RFC 1771 and can be one of the following for each device: • IDLE – The BGP4 process is waiting to be started. Usually, enabling BGP4 or establishing a neighbor session starts the BGP4 process.
show ipv6 bgp vrf summary Related Commands show ipv6 bgp vrf neighbors show ipv6 bgp vrf nexthop show ipv6 bgp vrf routes show ipv6 bgp vrf peer-group 630 Multi-Service IronWare Routing Configuration Guide 53-1003033-02
Chapter 16 OSPF version 3 (IPv6) Table 129 displays the individual Brocade devices and the OSPF Version 3 features they support.
OSPF Version 3 TABLE 129 Supported Brocade OSPF Version 3 features (Continued) Features supported Brocade Brocade NetIron XMR MLX Series Series Brocade NetIron CES 2000 Series BASE package Brocade NetIron CES 2000 Series ME_PREM package Brocade NetIron CES 2000 Series L3_PREM package Brocade NetIron CER 2000 Series Base package Brocade NetIron CER 2000 Series Advanced Services package New encryption code for passwords, authentication keys, and community strings Yes Yes No Yes Yes Yes Yes R
Link-state advertisement types for OSPFv3 • Ability to configure several IPv6 addresses on a device interface. (OSPFv3 imports all or none of the address prefixes configured on a router interface. You cannot select the addresses to import.) • Ability to run one instance of OSPF Version 2 and one instance of OSPFv3 concurrently on a link. • IPv6 link-state advertisements (LSAs). This section describes the commands that are specific to OSPFv3.
Configuring OSPFv3 • • • • • Modify how often the device checks on the elimination of the database overflow condition. Modify the external link state database limit. Modify the default values of OSPFv3 parameters for device interfaces. Disable or re-enable OSPFv3 event logging. Set all the OSPFv3 interfaces to the passive state. Enabling OSPFv3 Before enabling the device to run OSPFv3, you must perform the following steps.
Configuring OSPFv3 Once OSPFv3 is enabled on the system, you can assign areas. Assign an IPv6 address or number as the area ID for each area. The area ID is representative of all IP addresses (subnets) on a router port. Each port on a router can support one area. An area can be normal, a stub, or a Not-So-Stubby Area (NSSA): • Normal – OSPFv3 routers within a normal area can send and receive External Link State Advertisements (LSAs).
Configuring OSPFv3 When you disable the summary LSAs, the change takes effect immediately. If you apply the option to a previously configured area, the device flushes all of the summary LSAs it has generated (as an ABR) from the area. NOTE This feature applies only when the device is configured as an Area Border Router (ABR) for the area. To completely prevent summary LSAs from being sent to the area, disable the summary LSAs on each OSPF router that is an ABR for the area.
Configuring OSPFv3 Multi-Service IronWare Routing Configuration Guide 53-1003033-02 637
Configuring OSPFv3 The following example modifies the NSSA area 100 wherein type-7 NSSA external LSA will not be originated into NSSA area. But the type-3 summary LSAs will still be originated into NSSA area. Brocade(config-ospf6-router)# area 100 nssa no-redistribution The following example modifies the NSSA area 100 wherein origination of type-3 summary LSAs (apart from type-3 default summary) will be blocked into NSSA area.
Configuring OSPFv3 The no-redistribution parameter prevents an NSSA ABR from generating external (type-7) LSA into an NSSA area. This is used in the case where an ASBR should generate type-5 LSA into normal areas and should not generate type-7 LSA into NSSA area. By default, redistribution is enabled in a NSSA. The translator-always parameter configures the translator-role. When configured on an ABR, this causes the router to unconditionally assume the role of an NSSA translator.
Configuring OSPFv3 Assigning an area cost for OSPFv3 (optional parameter) You can assign a cost for an area, but it is not required. To consolidate and summarize routes at an area boundary, use the area range cost command in router configuration mode. If the cost parameter is specified, it will be used (overriding the computed cost) to generate the summary LSA.
Configuring OSPFv3 Syntax: [no] area num | ipv6-addr range ip-addr ip-mask [ advertise | not-advertise] cost cost-value The num | ipv6-addr parameter specifies the area number, which can be in IP address format. The range ipv6-addr parameter specifies the IP address portion of the range. The software compares the address with the significant bits in the mask. All network addresses that match this comparison are summarized in a single route advertised by the router.
Configuring OSPFv3 The point-to-point parameter specifies that the OSPF interface will support point-to-point networking. The broadcast parameter specifies that the OSPF interface will support broadcast networking. This is the default setting for Ethernet and VE interfaces. The no form of the command disables the command configuration. Configuring virtual links All ABRs must have either a direct or indirect link to an OSPF backbone area (0.0.0.0 or 0).
Configuring OSPFv3 Assigning a virtual link source address When routers at both ends of a virtual link communicate with one another, the source address included in the packets must be a global IPv6 address. The Multi-Service IronWare software automatically selects a global IPv6 address for each transit area and advertises this address into the transit area of the Intra-area-prefix LSA.
Configuring OSPFv3 Syntax: [no] area number | ipv4-address virtual-link router-id [dead-interval seconds | hello-interval seconds | retransmit-interval seconds | transmit-delay seconds] The area number | ipv4-address parameter specifies the transit area ID. The router-id parameter specifies the router ID of the OSPF router at the remote end of the virtual link. To display the router ID on a device, enter the show ip command.
Configuring OSPFv3 • The bandwidth for tunnel interfaces is 9 Kbps and is subject to the auto-cost feature. For example, to change the reference bandwidth to 500, enter the following command. Brocade(config-ospf6-router)# auto-cost reference-bandwidth 500 The reference bandwidth specified in this example results in the following costs: • • • • • • 10 Mbps port cost = 500/10 = 50 100 Mbps port cost = 500/100 = 5 1000 Mbps port cost = 500/1000 = 0.
Configuring OSPFv3 For example, to configure the redistribution of all IPv6 static, RIPng, and IPv6 IS-IS level-1 and level-2 routes, enter the following commands.
Configuring OSPFv3 The route-map map-name parameter specifies the route map name.
Configuring OSPFv3 To restore the default metric to the default value, use the no form of this command. Modifying metric type for routes redistributed into OSPF Version 3 The device uses the metric-type parameter by default for all routes redistributed into OSPFv3 unless you specify a different metric type for individual routes using the redistribute command. (For more information about using the redistribute command, refer to “Redistributing routes into OSPFv3” on page 645.
Configuring OSPFv3 NOTE This option affects only imported, type 5 external routes. A single type 5 LSA is generated and flooded throughout the AS for multiple external routes. To configure the summary address 2001:db8::/24 for routes redistributed into OSPFv3, enter the following command. Brocade(config-ospf6-router)# summary-address 2001:db8::/24 In this example, the summary prefix 2001:db8::/24 includes addresses 2001:db8::/1 through 2001:db8::/24.
Configuring OSPFv3 Brocade# show ipv6 ospf route Current Route count: 5 Intra: 3 Inter: 0 External: 2 (Type1 0/Type2 2) Equal-cost multi-path: 0 Destination Options Area Next Hop Router Outgoing Interface *IA 2001:db8:1::/64 --------- 10.0.0.1 :: ve 10 *E2 2001:db8:2::/64 --------- 0.0.0.0 fe80::2e0:52ff:fe00:10 ve 10 *IA 2001:db8:3::/64 V6E---R-- 0.0.0.0 fe80::2e0:52ff:fe00:10 ve 10 *IA 2001:db8:4::/64 --------- 0.0.0.0 :: ve 11 *E2 2001:db8:5::/64 --------- 0.0.0.
Configuring OSPFv3 The following commands specify an IPv6 prefix list called filterOspfRoutesVe that denies route 2001:db8:3::/64. Brocade(config)# ipv6 prefix-list filterOspfRoutesVe seq 5 deny 2001:db8:3::/64 Brocade(config)# ipv6 prefix-list filterOspfRoutesVe seq 10 permit ::/0 ge 1 le 128 The following commands configure a distribution list that applies the filterOspfRoutesVe prefix list to routes pointing to virtual interface 10.
Configuring OSPFv3 Brocade# show ipv6 ospf route Current Route count: 3 Intra: 3 Inter: 0 External: 0 (Type1 0/Type2 0) Equal-cost multi-path: 0 Destination Options Area Next Hop Router Outgoing Interface *IA 2001:db8:3001::/64 --------- 10.0.0.1 :: ve 10 *IA 2001:db8:3015::/64 V6E---R-- 0.0.0.0 fe80::2e0:52ff:fe00:10 ve 10 *IA 2001:db8:3020::/64 --------- 0.0.0.
Configuring OSPFv3 • 2 – Type 2 external route If you do not use this option, the default redistribution metric type is used for the route type. NOTE If you specify a metric and metric type, the values are used even if you do not use the always option. To disable default route origination, enter the no form of the command.
Configuring OSPFv3 The device selects one route over another based on the source of the route information. To do so, the device can use the administrative distances assigned to the sources. You can influence the device’s decision by changing the default administrative distance for OSPFv3 routes. Configuring administrative distance based on route type You can configure a unique administrative distance for each type of OSPFv3 route.
Configuring OSPFv3 The pacing interval, which is the interval at which the device refreshes an accumulated group of LSAs, is configurable to a range from 10 – 1800 seconds (30 minutes). The default is 240 seconds (four minutes). Thus, every four minutes, the device refreshes the group of accumulated LSAs and sends the group together in the same packets. The pacing interval is inversely proportional to the number of LSAs the device is refreshing and aging.
Configuring OSPFv3 To reset the maximum number of entries to its system default, enter the no form of this command. Setting all OSPFv3 interfaces to the passive state You can set all the Open Shortest Path First Version 3 (OSPFv3) interfaces to the default passive state using the default-passive-interface command. When you configure the interfaces as passive, the interfaces drop all the OSPFv3 control packets. To set all the OSPFv3 interfaces to passive, enter the following commands.
Configuring OSPFv3 • Active: When you configure an OSPFv3 interface to be active, that interface sends or receives all the control packets and forms the adjacency. By default, the ipv6 ospf active command is disabled. Whenever you configure the OSPFv3 interfaces to be passive using the default-passive-interface command, all the OSPFv3 interfaces stop sending and receiving control packets. To send and receive packets over specific interfaces, you can use the ipv6 ospf active command.
Configuring OSPFv3 • Interface • Area • Virtual link With respect to traffic classes, this implementation of IPSec uses a single security association (SA) between the source and destination to support all traffic classes and so does not differentiate between the different classes of traffic that the DSCP bits define. Instructions for configuring IPsec on these entities appear in “Configuring IPsec for OSPFv3” on page 658. IPsec on a virtual link is a global configuration.
Configuring OSPFv3 NOTE In the current release, certain keyword parameters must be entered even though only one keyword choice is possible for that parameter. For example, the only authentication algorithm in the current release is HMAC-SHA1-96, but you must nevertheless enter the keyword for this algorithm. Also, ESP currently is the only authentication protocol, but you must still enter the esp keyword. This section describes all keywords.
Configuring OSPFv3 If you configure IPsec for an area, all interfaces that utilize the area-wide IPsec (where interface-specific IPsec is not configured) nevertheless receive an SPD entry (and SPDID number) that is unique for the interface. The area-wide SPI that you specify is a constant for all interfaces in the area that use the area IPsec, but the use of different interfaces results in an SPDID and an SA that are unique to each interface.
Configuring OSPFv3 Syntax: [no] ipv6 ospf authentication ipsec key-add-remove-interval range The no form of this command sets the key-add-remove-interval back to a default of 300 seconds. The ipv6 command is available in the configuration interface context for a specific interface. The ospf keyword identifies OSPFv3 as the protocol to receive IPsec security. The authentication keyword enables authentication. The ipsec keyword specifies IPsec as the authentication protocol.
Configuring OSPFv3 The spi keyword and the spinum variable specify the security parameter that points to the security association. The near-end and far-end values for spinum must be the same. The range for spinum is decimal 256 – 4294967295. The mandatory esp keyword specifies ESP (rather than authentication header) as the protocol to provide packet-level security. In the current release, this parameter can be esp only. The sha1 keyword specifies the HMAC-SHA1-96 authentication algorithm.
Configuring OSPFv3 The ipsec keyword specifies that IPsec is the protocol that authenticates the packets. The spi keyword and the spinum variable specify the index that points to the security association. The near-end and far-end values for spinum must be the same. The range for spinum is decimal 256 – 4294967295. The mandatory esp keyword specifies ESP (rather than authentication header) as the protocol to provide packet-level security. In the current release, this parameter can be esp only.
Configuring OSPFv3 The mandatory esp keyword specifies ESP (rather than authentication header) as the protocol to provide packet-level security. In the current release, this parameter can be esp only. The sha1 keyword specifies the HMAC-SHA1-96 authentication algorithm. This mandatory parameter can be only the sha1 keyword in the current release. Including the optional no-encrypt keyword means that the 40-character key is not encrypted in show command displays.
Configuring OSPFv3 Clearing IPsec statistics This section describes the clear ipsec statistics command for clearing statistics related to IPsec. The command resets to 0 the counters (which you can view as a part of IP Security Packet Statistics). The counters hold IPsec packet statistics and IPsec error statistics. The following example illustrates the show ipsec statistics output.
Configuring OSPFv3 TABLE 130 OSPFv3 area information fields (Continued) Task Configuration example Enabling LSA checking option on the helper Brocade(config-ospf6-router)#graceful-resta rt helper strict-lsa-checking Enabling graceful restart per VRF Brocade(config-ospf6-router-vrf-red)#gracef ul-restart helper strict-lsa-checking NOTE: Graceful-restart-helper option can be enabled or disabled per VRF in OSPFv3. If configured outside VRF, then it is applicable to the default VRF instance of OSPFv3.
Configuring OSPFv3 To modify OSPFv3 to advertise summary type-3 and type-4 LSAs with the cost set to 10000, enter the following command. Executing this command will not alter the existing include-stub and external-lsa configuration. Brocade(config-ospf6-router)# max-metric router-lsa summary-lsa 10000 Although max-metric router LSA configuration is done in an incremental fashion, the show run command displays the configuration in just one line.
Displaying OSPFv3 information NOTE You cannot specify a maximum metric value with the include-stub parameter. If you specify include-stub, point-to-point and broadcast stub links in the intra-area-prefix LSA are advertised at a value of 65535. The summary-lsa [max-metric-value] parameter configures the maximum metric value for inter-area-prefix type-3 and type-4 LSAs. The range is from 1 through 16777215. The default value is 16711680.
Displaying OSPFv3 information General OSPF configuration information To indicate whether the Brocade device is operating as ASBR or not, enter the following command at any CLI level. Brocade#show ipv6 ospf OSPFv3 Process number 0 with Router ID 0x10010101(10.1.1.
Displaying OSPFv3 information TABLE 131 OSPFv3 area information fields This field... Displays... Area The area number. Interface attached to this area The router interfaces attached to the area. Number of Area scoped LSAs is N Number of LSAs (N) with a scope of the specified area. SPF algorithm executed is N The number of times (N) the OSPF Shortest Path First (SPF) algorithm is executed within the area.
Displaying OSPFv3 information The inter-prefix keyword displays detailed information about the inter-area prefix LSAs only. The inter-router keyword displays detailed information about the inter-area router LSAs only. The intra-prefix keyword displays detailed information about the intra-area prefix LSAs only. The link keyword displays detailed information about the link LSAs only. The link-id number parameter displays detailed information about the specified link LSAs only.
Displaying OSPFv3 information Brocade(config-ospf6-router)#show ipv6 ospf database advrtr 10.4.4.4 LSA Key - Rtr:Router Net:Network Inap:InterPrefix Inar:InterRouter Extn:ASExternal Grp:GroupMembership Typ7:Type7 Link:Link Iap:IntraPrefix Area ID Type LSID Adv Rtr 1 Iap 0 10.4.4.4 Number of Prefix: 1 Referenced LS Type: Router Referenced LS ID: 0 Referenced Advertising Router: 10.4.4.
Displaying OSPFv3 information For example, to display detailed information about all LSAs in the database, enter the following command at any CLI level. Brocade# show ipv6 ospf database extensive Area ID Type LS ID Adv Rtr Seq(Hex) Age 0 Link 00000031 10.1.1.1 80000001 35 Router Priority: 1 Options: V6E---R-LinkLocal Address: fe80::1 Number of Prefix: 1 Prefix Options: Prefix: 2001:db8:3002::/64 ... Area ID Type LS ID Adv Rtr Seq(Hex) Age 0 Iap 00000159 10.223.223.
Displaying OSPFv3 information The fields that display depend upon the LSA type as shown in the following. TABLE 133 OSPFv3 detailed database information fields This field... Displays... Router LSA (Type 1) (Rtr) Fields 674 Capability Bits A bit that indicates the capability of the device. The bit can be set to one of the following: B – The device is an area border router. E – The device is an AS boundary router. V – The device is a virtual link endpoint.
Displaying OSPFv3 information TABLE 133 OSPFv3 detailed database information fields (Continued) This field... Displays... Network LSA (Type 2) (Net) Fields Options A 24-bit field that enables IPv6 OSPF routers to support the optional capabilities. When set, the following bits indicate the following: V6 – The device should be included in IPv6 routing calculations. E – The device floods AS-external-LSAs as described in RFC 2740. MC – The device forwards multicast packets as described in RFC 1586.
Displaying OSPFv3 information TABLE 133 OSPFv3 detailed database information fields (Continued) This field... Displays... Prefix Options An 8-bit field of capabilities that serve as input to various routing calculations: NU – The prefix is excluded from IPv6 unicast calculations. LA – The prefix is an IPv6 interface address of the advertising router. MC – The prefix is included in IPv6 multicast routing calculations. P – NSSA area prefixes are readvertised at the NSSA area border.
Displaying OSPFv3 information TABLE 134 Summary of IPv6 interface information (Continued) Field Description Stat/Prot Shows the status of the link and the protocol for the interface. The status can be one of the following: • Up • Down IGPs Shows the type of the Interior Gateway Protocols (IGPs) enabled on the interface. IPv6 Address Shows the link local IPv6 address configured for the interface. VRF Specifies the VRF type applied to the interface.
Displaying OSPFv3 information TABLE 135 This field... State Nbrs (F/C) Summary of OSPFv3 interface brief information (Continued) Displays... The state of the interface. Possible states include the following: DR – The interface is functioning as the Designated Router for OSPFv3. BDR – The interface is functioning as the Backup Designated Router for OSPFv3. Loopback – The interface is functioning as a loopback interface. P2P – The interface is functioning as a point-to-point interface.
Displaying OSPFv3 information eth 2/2 is up, type POINT-TO-POINT IPv6 Address: 2001:db8:22:22::1/64 2001:db8:22:22::/64 2001:db8:202:202::1/64 2001:db8:202:202::/64 Instance ID 0, Router ID 10.1.1.
Displaying OSPFv3 information TABLE 136 Detailed OSPFv3 interface information (Continued) This field... State 680 Displays... The state of the interface. Possible states include the following: DR – The interface is functioning as the Designated Router for OSPFv3. BDR – The interface is functioning as the Backup Designated Router for OSPFv3. • Loopback – The interface is functioning as a loopback interface. • P2P – The interface is functioning as a point-to-point interface.
Displaying OSPFv3 information TABLE 136 Detailed OSPFv3 interface information (Continued) This field... Displays... Neighbor The router ID (IPv4 address) of the neighbor. This field also identifies the neighbor as a DR or BDR, if appropriate. Interface statistics The following statistics are provided for the interface: Unknown – The number of Unknown packets transmitted and received by the interface. Also, the total number of bytes associated with transmitted and received Unknown packets.
Displaying OSPFv3 information This display shows the following information. TABLE 137 682 OSPFv3 memory usage information This field... Displays... Total Static Memory Allocated A summary of the amount of static memory allocated, in bytes, to OSPFv3. Total Dynamic Memory Allocated A summary of the amount of dynamic memory allocated, in bytes, to OSPFv3. Memory Type The type of memory used by OSPFv3. (This information is for use by Brocade technical support in case of a problem.
Displaying OSPFv3 information Displaying OSPFv3 neighbor information You can display a summary of OSPFv3 neighbor information for the device or detailed information about a specified neighbor. To display a summary of OSPFv3 neighbor information for the device, enter the following command at any CLI level. Brocade# show ipv6 ospf neighbor RouterID Pri State DR BDR 10.1.1.1 1 Full 10.223.223.223 10.1.1.
Displaying OSPFv3 information For example, to display detailed information about a neighbor with the router ID of 10.1.1.1, enter the following command at any CLI level. Brocade# show ipv6 ospf neighbor router-id 10.3.3.3 RouterID Pri State DR BDR 10.3.3.3 1 Full 10.3.3.3 10.1.1.1 DbDesc bit for this neighbor: --s Nbr Ifindex of this router: 1 Nbr DRDecision: DR 10.3.3.3, BDR 10.1.1.
Displaying OSPFv3 information TABLE 139 Detailed OSPFv3 neighbor information (Continued) Field Description BadLSReq The number of times the neighbor received a bad link-state request from the device. One way received The number of times a hello packet, which does not mention the router, is received from the neighbor. This omission in the hello packet indicates that the communication with the neighbor is not bidirectional.
Displaying OSPFv3 information TABLE 140 OSPFv3 redistribution information (Continued) This field... Displays... Protocol The protocol from which the route is redistributed into OSPFv3. Redistributed protocols can be the following: • BGP – BGP4+. • RIP – RIPng. • IS-IS – IPv6 IS-IS. • Static – IPv6 static route table. • Connected – A directly connected network. Metric Type The metric type used for routes redistributed into OSPFv3.
Displaying OSPFv3 information Brocade# show ipv6 ospf route 2000:: Destination Cost E2Cost Tag Flags IA 2000::/64 1 0 0 00000003 Next_Hop_Router Outgoing_Interface Adv_Router :: eth 1/1 10.1.1.1 Dis 110 These displays show the following information. TABLE 141 OSPFv3 route information This field... Displays... Current Route Count (Displays with the entire OSPFv3 route table only) The number of route entries currently in the OSPFv3 route table.
Displaying OSPFv3 information For example, to display information about SPF nodes in area 0, enter the following command at any level of the CLI. Brocade# show ipv6 ospf spf node area 0 SPF node for Area 0 SPF node 10.223.223.223, cost: 0, hops: 0 nexthops to node: parent nodes: child nodes: 10.223.223.223:88 SPF node 10.223.223.223:88, cost: 1, nexthops to node: :: ethe 3/2 parent nodes: 10.223.223.223 child nodes: 10.1.1.1:0 hops: 1 SPF node 10.1.1.
Displaying OSPFv3 information For example, to display the SPF table for area 0, enter the following command at any level of the CLI. Brocade# show ipv6 ospf spf table area 0 SPF table for Area 0 Destination Bits Options Cost Nexthop R 10.1.1.1 ---- V6E---R1 fe80::2e0:52ff:fe91:bb37 N 10.223.223.223[88] ---- V6E---R1 :: Interface ethe 3/2 ethe 3/2 Syntax: show ipv6 ospf spf table area area-id The table parameter displays the SPF table. The area area-id parameter specifies a particular area.
Displaying OSPFv3 information For example, to display the SPF tree for area 0, enter the following command at any level of the CLI. Brocade# show ipv6 ospf spf tree area 0 SPF tree for Area 0 +- 10.223.223.223 cost 0 +- 10.223.223.223:88 cost 1 +- 10.1.1.1:0 cost 1 Syntax: show ipv6 ospf spf tree area area-id The tree keyword displays the SPF table. The area area-id parameter specifies a particular area. You can specify the area-id in the following formats: • As an IPv4 address; for example, 192.168.1.1.
Displaying OSPFv3 information Displaying OSPFv3 NSR information Run the show ipv6 ospf command to display information about the NSR support. Brocade# (config-ospf6-router)#show ipv6 ospf OSPFv3 Process number 0 with Router ID 0x10010101(10.1.1.
Displaying OSPFv3 information Brocade# show ipv6 ospf virtual-link Index Transit Area ID Router ID 1 1 10.1.1.1 Interface Address 201:db8::2 State P2P Syntax: show ipv6 ospf virtual-link This display shows the following information. TABLE 144 OSPFv3 virtual link information This field... Displays... Index An index number associated with the virtual link. Transit Area ID The ID of the shared area of two ABRs that serves as a connection point between the two routers.
Displaying OSPFv3 information TABLE 145 OSPFv3 virtual neighbor information (Continued) This field... Displays... State The state between the device and the virtual neighbor. The state can be one of the following: • Down • Attempt • Init • 2-Way • ExStart • Exchange • Loading • Full Interface The IPv6 address of the virtual neighbor. Option The bits set in the virtual-link hello or database descriptors. QCount The number of packets that are in the queue and ready for transmission.
Displaying OSPFv3 information Syntax: show ipsec sa Showing IPsec policy The show ipsec policy command displays the database for the IPsec security policies. The fields for this show command output appear in the screen output example that follows. However, you should understand the layout and column headings for the display before trying to interpret the information in the example screen.
Displaying OSPFv3 information TABLE 146 IPsec policy information (Continued) This field... Displays... Proto The only possible routing protocol for the security policy in the current release is OSPFv3. Source The source address consists of the IPv6 prefix and the TCP or UDP port identifier. Destination The destination address consists of the IPv6 prefix.
Displaying OSPFv3 information Syntax: show ipsec statistics This command takes no parameters. Displaying IPsec configuration for an area The show ipv6 ospf area [area-id] command includes information about IPsec for one area or all areas. In the following example, the IPsec information is in bold. IPsec is enabled in the first area (area 0) in this example but not in area 3. Note that in area 3, the IPsec key was specified as not encrypted.
Displaying OSPFv3 information Brocade(config-ospf6-router)#show ipv6 ospf area Area 0: Authentication: Not Configured Active interface(s)attached to this area: eth 1/1 Inactive interface(s)attached to this area: None Number of Area scoped LSAs is 2 Sum of Area LSAs Checksum is 00021139 Statistics of Area 1: SPF algorithm executed 1 times SPF last updated: 111 sec ago Current SPF node count: 1 Router: 1 Network: 0 Maximum of Hop count to nodes: 0 Area 1: Area is NSSA, no redistribution Authentication: Not C
Displaying OSPFv3 information • A numerical value in the range 0 – 2,147,483,647 TABLE 148 698 Area configuration of IPsec This field... Displays... Authentication This field shows whether or not authentication is configured. If this field says “Not Configured,” the IPsec-related fields (bold in example screen output) are not displayed at all. KeyRolloverTime The number of seconds between each initiation of a key rollover. This field shows the configured and current times.
Displaying OSPFv3 information Displaying IPsec for an interface To see IPsec configuration for a particular interface or all interfaces, use the show ipv6 ospf interface command as in the following example (IPsec information in bold). Brocade#show ipv6 ospf interface eth 1/3 is down, type BROADCAST Interface is disabled eth 1/8 is up, type BROADCAST IPv6 Address: 2001:db8:18:18:18::1/64 2001:db8:18:18::/64 Instance ID 255, Router ID 10.1.1.
Displaying OSPFv3 information TABLE 149 Area configuration of IPsec (Continued) This field... Displays... Current Shows current SPI, authentication algorithm (currently ESP only), encryption algorithm (currently SHA1 only), and the current key. New (Inbound or Outbound) Shows new SPI (if changed), authentication algorithm (currently ESP only), encryption algorithm (currently SHA1 only), and the new key.
Displaying OSPFv3 information Command for changing the key. Brocade(config-if-e10000-1/3)#ipv6 ospf auth ipsec spi 310 esp sha1 no-encrypt 989898989009876554321234567890aabbccddef Displaying IPv6 OSPF information for a VRF To display IPv6 OSPF information for a VRF or all VRF interfaces, use the show ipv6 ospf vrf command as in the following example. Brocade#show ipv6 ospf vrf red OSPFv3 Process number 0 with Router ID 0x10020202(10.2.2.
Displaying OSPFv3 information Brocade#show ipv6 ospf vrf red area Area 3: Authentication: Not Configured Interface attached to this area: Number of Area scoped LSAs is 3 Sum of Area LSAs Checksum is 0001a6c4 Statistics of Area 3: SPF algorithm executed 3 times SPF last updated: 302 sec ago Current SPF node count: 1 Router: 1 Network: 0 Maximum of Hop count to nodes: 0 Area 2: Authentication: Not Configured Interface attached to this area: Number of Area scoped LSAs is 3 Sum of Area LSAs Checksum is 000192d
OSPFv3 clear commands Use the show ipv6 ospf vrf neighbor command to display the currently selected neighbor for use by the Virtual Links in each transit area.
OSPFv3 clear commands Clearing all redistributed routes from OSPF You can use the ospf redistribution command to clear all redistributed routes from OSPF, as shown in the following.
Commands Clearing all OSPF counters You can clear all OSPF counters using the clear ipv6 counts command, as shown in the following. Brocade# clear ipv6 ospf counts Syntax: clear ipv6 ospf counts Clearing OSPF counters for a specified neighbor You can clear all OSPF counters for a specified neighbor using the clear ipv6 counts neighbor command, as shown in the following. Brocade# clear ipv6 ospf counts neighbor 10.10.10.
max-metric router-lsa max-metric router-lsa Configures a device that is running the Open Shortest Path First (OSPF) protocol to advertise its locally generated router LSAs with a maximum metric. The no form of this command removes the configuration.
max-metric router-lsa The following example modifies OSPFv3 to advertise intra-area-prefix LSAs with the cost of stubs set to 16777215 and the cost of external LSAs set to 16711680. Brocade(config-ospf6-router)# max-metric router-lsa include-stub external-lsa The following example modifies OSPFv3 to advertise summary type-3 and type-4 LSAs with the cost set to 10000.
max-metric router-lsa 708 Multi-Service IronWare Routing Configuration Guide 53-1003033-02
Chapter 17 IS-IS (IPv6) Table 150 displays the individual Brocade devices and the IPv6 IS-IS features they support.
IPv6 IS-IS single-topology mode IPv6 IS-IS single-topology mode IPv6 IS-IS supports single-topology mode, which means that you can run IPv6 IS-IS concurrently with other network protocols such as IPv4 IS-IS throughout a topology. However, when implementing a single topology, all routers in an area (Level 1 routing) or domain (Level 2 routing) must be configured with the same set of network protocols on all its interfaces, even on loopback interfaces.
IS-IS CLI levels FIGURE 36 IPv6 IS-IS CLI levels The IPv6 IS-IS CLI levels are as follows: • A global level for the configuration of the IS-IS protocol. At this level, all IS-IS configurations at this level apply to IPv4 and IPv6. You enter this layer using the router isis command. • Under the global level, you specify an address family. Address families separate the IS-IS configuration IPv6 and IPv4.
Configuring IPv6 IS-IS NOTE Each address family configuration level allows you to access commands that apply to that particular address family only. To enable a feature in a particular address family, you must specify any associated commands for that feature in that particular address family.
Configuring IPv6 IS-IS The area-id parameter specifies the area and has the format xx or xx.xxxx. For example, 49 and 49.2211 are valid area IDs. The system-id parameter specifies the device’s unique IS-IS router ID and has the format xxxx.xxxx.xxxx. You can specify any value for the system ID. A common practice is to use the device’s base MAC address as the system ID. The base MAC address is also the MAC address of port 1.
Configuring IPv6 IS-IS single topology The following configuration tasks are optional: • • • • Configure IPv6 route parameters. Redistribute routes from other route sources into IPv6 IS-IS. Perform IPv6 IS-IS adjacency checks. Disable partial SPF calculations. Configuring IPv6 IS-IS single topology If your IS-IS single topology will support both IPv6 and IPv4, you can configure both IPv6 and IPv4 on an IS-IS interface for Level 1, Level 2, or both Level 1 and Level 2.
Configuring IPv6 specific address family route parameters Configuring IPv6 specific address family route parameters This section describes how to modify the IS-IS the parameters for the IS-IS IPv6 address family. Changing the maximum number of load sharing paths By default, IPv6 IS-IS can calculate and install four equal-cost paths into the IPv6 forwarding table. You can change the number of paths IPv6 IS-IS can calculate and install in the IPv6 forwarding table to an amount from 1 – 8.
Configuring IPv6 specific address family route parameters NOTE The route map must be configured before you can use the route map as a parameter with the default-information-originate command.
Configuring IPv6 specific address family route parameters To change the administrative distance for IPv6 IS-IS routes, enter the following command at the IPv6 IS-IS unicast address family configuration level: Brocade(config-isis-router-ipv6u)# distance 100 Syntax: [no] distance number This command changes the administrative distance for all IPv6 IS-IS routes to 100. The number parameter specifies the administrative distance. You can specify a value from 1 – 255.
Configuring IPv6 specific address family route parameters Route redistribution from other sources into IPv6 IS-IS is disabled by default. When you enable redistribution, the device redistributes routes only into Level 2 by default. You can specify Level 1 only, Level 2 only, or Level 1 and Level 2 when you enable redistribution. The device automatically redistributes Level-1 routes into Level-2 routes. Thus, you do not need to enable this type of redistribution.
Configuring IPv6 specific address family route parameters Configuration example The following global configuration example is for the IPv4 address-family. It can be similarly configured for IPv6 address-family. Brocade(config)#router isis Brocade(config-isis-router)#address-family ipv4 unicast Brocade(config-isis-router-ipv4u)# default-link-metric 40 Syntax: [no] default-link-metric value [level-1 | level-2] The value parameter is the default-link-metric value to be set for the given address-family.
Configuring IPv6 specific address family route parameters ….. Default redistribution metric: 0 Default link metric for level-1: 15 Default link metric for level-2: 9 Protocol Routes redistributed into IS-IS: Redistributing static IPv6 routes into IPv6 IS-IS To redistribute static IPv6 routes from the IPv6 static route table into IPv6 IS-IS routes, enter the following command at the IPv6 IS-IS unicast address family configuration level.
Configuring IPv6 specific address family route parameters Redistributing RIPng routes into IPv6 IS-IS To redistribute RIPng routes into IPv6 IS-IS, enter the following command at the IPv6 IS-IS unicast address family configuration level. Brocade(config-isis-router-ipv6u)# redistribute rip This command configures the device to redistribute all RIPng routes into Level-2 IS-IS.
Configuring IPv6 specific address family route parameters NOTE The device automatically redistributes Level 1 routes into Level 2 routes, even if you do not enable redistribution. For example, to redistribute all IPv6 IS-IS routes from Level 2 into Level 1, enter the following command at the IPv6 IS-IS unicast address family configuration level. Brocade(config-isis-router-ipv6u)# redistribute isis level-2 into level-1 The device automatically redistributes Level-1 routes into Level 2.
Configuring IS-IS properties on an interface Configuring IS-IS properties on an interface The parameter settings for configuring IS-IS properties on a device apply to both IS-IS IPv4 and IS-IS IPv6 except for “Changing the metric added to advertised routes” as described below.
IPv6 IS-IS Non-Stop Routing IPv6 IS-IS Non-Stop Routing (NSR) enables the IPv6 IS-IS router to maintain topology and data flow to avoid re-convergence in the network during a processor switchover or hitless-reload event. The IS-IS Bidirectional Forwarding Detection (BFD) sessions survive the switchover and hitless-reload conditions. In general, a router restart causes its peer to remove the routes originated from the router and reinstalls them.
Displaying IPv6 IS-IS information Displaying IPv6 IS-IS information You can display the following information about IPv6 IS-IS: • • • • • • • • • • • • General IPv6 IS-IS information. IPv6 IS-IS configuration information. IPv6 IS-IS error statistics. LSP database entries. IS-IS system ID to hostname mappings. IPv6 IS-IS interface information. IPv6 IS-IS memory usage information. IPv6 IS-IS neighbor information. IPv6 IS-IS path information. IPv6 IS-IS redistribution information.
Displaying IPv6 IS-IS information TABLE 151 IPv6 IS-IS information fields This field... IS-IS Routing Protocol Operation State Displays... The operating state of IPv6 IS-IS. Possible states include the following: Enabled – IPv6 IS-IS is enabled. Disabled – IPv6 IS-IS is disabled. • • IS Type The intermediate system type. Possible types include the following: • Level 1 only – The device routes traffic only within the area in which it resides.
Displaying IPv6 IS-IS information To display the IPv6 IS-IS configuration, enter the following command at any CLI level. Brocade# show ipv6 isis config Current ISIS configuration: router isis net 49.6561.0000.0022.2222.
Displaying IPv6 IS-IS information TABLE 152 IPv6 IS-IS error statistics (Continued) This field... Displays... Authentication Fail The number of times authentication failed because the device was configured to authenticate IPv6 IS-IS packets in the packet’s domain or area, but the packet did not contain the correct password. Corrupted LSP The number of times the device detected a corrupted LSP in the device’s memory.
Displaying IPv6 IS-IS information Brocade# show ipv6 isis database IS-IS Level-1 Link State Database LSPID LSP Seq Num Router1.00-00 0x00000003 Router2.00-00* 0x00000002 Router2.01-00* 0x00000001 LSP Checksum 0x9a6b 0x609d 0x0fcf LSP Holdtime 574 540 539 ATT/P/OL 0/0/0 0/0/0 0/0/0 IS-IS Level-2 Link State Database LSPID LSP Seq Num Router1.00-00 0x00000003 Router2.00-00* 0x00000002 Router2.
Displaying IPv6 IS-IS information TABLE 153 IPv6 IS-IS summary LSP database information (Continued) This field... Displays... ATT A 4-bit value extracted from bits 4 – 7 in the Attach field of the LSP. P The value in the Partition option field of the LSP. The field can have one of the following values: • 0 – The IS that sent the LSP does not support partition repair. • 1 – The IS that sent the LSP supports partition repair. OL The value in the LSP database overload field of the LSP.
Displaying IPv6 IS-IS information Metric: 10 IS-Extended Dist2.12 Metric: 10 IS-Extended Core2.3c Metric: 10 IS-Extended Core2.3d Metric: 10 IS-Extended Edge2.00 LSPID Seq Num Checksum Edge2.00-00* 0x00000190 0x88a9 Area Address: 00.0000 NLPID: IPv6 IP Topology: IPv6(Ovld:0 Att:0) IPv4 Hostname: Edge2 IP address: 101.1.1.2 IPv6 address: 2000:28:1::1:1:1 Metric: 10 IP-Extended 101.1.0.0/16 Up: 0 Metric: 10 IP-Extended 191.1.2.1/32 Up: 0 Metric: 10 IP-Extended 191.28.1.0/24 Up: 0 Metric: 10 IP-Extended 191.
Displaying IPv6 IS-IS information Metric: 10 IP-Extended 191.56.1.0/24 Up: 0 Subtlv: 0 Metric: 10 IP-Extended 191.25.1.0/24 Up: 0 Subtlv: 0 Metric: 10 IP-Extended 191.1.5.
Displaying IPv6 IS-IS information Metric: Metric: Metric: Metric: Metric: Metric: Metric: Metric: Metric: Metric: Metric: Metric: Metric: LSPID Dist2.12-00 Metric: Metric: 10 10 10 10 10 10 10 10 10 10 10 10 10 IP-Extended 191.1.6.1/32 Up: 0 Subtlv: 0 IP-Extended 192.68.1.
Displaying IPv6 IS-IS information TABLE 154 Output parameters of the show ipv6 isis database detail command (Continued) Field Description TLVs The remaining output displays the type, length, and value (TLV) parameters included in the LSPs. These parameters advertise reachability to IPv6 devices or networks. For example: • A router identified as an IS and with its host name can be reached using the default metric.
Displaying IPv6 IS-IS information This example contains two mappings for this device. The device’s IS-IS system ID is “2222.2222.2222“and its hostname is “Router2”. The display contains an entry for another router. The display contains one entry for each IS that supports name mapping. NOTE Name mapping is enabled by default. When name mapping is enabled, the output of the show ipv6 isis database and show ipv6 isis neighbor commands uses the hostname instead of the system ID.
Displaying IPv6 IS-IS information TABLE 155 IPv6 IS-IS interface information This field... Displays... Total number of IS-IS interfaces The number of interfaces on which IPv6 IS-IS is enabled. Interface The port or virtual interface number to which the information listed below applies. Local Circuit Number The ID that the instance of IPv6 IS-IS running on the interface applied to the circuit between this interface and the interface at the other end of the link.
Displaying IPv6 IS-IS information TABLE 155 IPv6 IS-IS interface information (Continued) This field... Displays... Next IS-IS LAN Level-1 Hello Number of seconds before next Level-1 Hello message will be transmitted by the device. Next IS-IS LAN Level-2 Hello Number of seconds before next Level-2 Hello message will be transmitted by the device. Number of active Level-1 adjacencies The number of ISs with which this interface has an active Level-1 adjacency.
Displaying IPv6 IS-IS information Syntax: show ipv6 isis memory This display shows the following information. TABLE 156 IPv6 IS-IS memory usage information This field... Displays... Total Static Memory Allocated A summary of the amount of static memory allocated, in bytes, to IPv6 IS-IS. Total Dynamic Memory Allocated A summary of the amount of dynamic memory allocated, in bytes, to IPv6 IS-IS. Memory Type The type of memory used by IPv6 IS-IS.
Displaying IPv6 IS-IS information TABLE 157 Summary of IPv6 IS-IS neighbor information (Continued) This field... Displays... State The state of the adjacency with the neighbor. The state can be one of the following: • DOWN – The adjacency is down. • INIT – The adjacency is being established and is not up yet. • UP – The adjacency is up. Holdtime The time between transmissions of IS-IS hello messages. Type The IS-IS type of the adjacency.
Displaying IPv6 IS-IS information TABLE 158 Detailed IPv6 IS-IS neighbor information (Continued) This field... Displays... StateChgeTime For information about this field, refer to Table 157 on page 738. Area Address(es) The address(es) of areas to which the neighbor interface belongs. IP Address(es) The IP address(es) assigned to the neighbor interface. IPv6 Address The IPv6 address(es) assigned to the neighbor interface.
Displaying IPv6 IS-IS information Brocade# show ipv6 isis routes ISIS IPv6 Routing Table Total Routes: 17 Level1: 17 Level2: 0 Equal-cost multi-path: 0 Type IPv6 Prefix Next Hop Router Interface L1 2001:db8:1:1000::/48 fe80::2e0:52ff:fe00:20 ethe 3/2 L1 2001:db8:1:2000::/48 fe80::2e0:52ff:fe00:20 ethe 3/2 L1 2001:db8:1:3000::/48 fe80::2e0:52ff:fe00:20 ethe 3/2 L1 2001:db8:1:4000::/48 fe80::2e0:52ff:fe00:20 ethe 3/2 L1 2001:db8:1:5000::/48 fe80::2e0:52ff:fe00:20 ethe 3/2 L1 2001:db8:2:1000::/48 fe80::2e0:52
IPv6 IS-IS Multi-Topology Syntax: show ipv6 isis traffic This display shows the following information. TABLE 161 IPv6 IS-IS traffic statistics This field... Displays... Level-1 Hellos The number of Level-1 hello PDUs sent and received by the device. Level-2 Hellos The number of Level-2 hello PDUs sent and received by the device. PTP Hellos The number of point-to-point hello PDUs sent and received by the device. Level-1 LSP The number of Level-1 link-state PDUs sent and received by the device.
IPv6 IS-IS Multi-Topology FIGURE 37 IS-IS non-congruent topology Configuration considerations for IPv6 IS-IS MT The following are the configuration considerations: • The wide metric style must be configured before enabling IPv6 IS-IS MT. • IPv4, IPv6, or IPv4 and IPv6 configured on the same interface must run on the same IS-IS level. • Enabling or disabling IPv6 IS-IS MT clears all adjacencies, LSP databases, and IPv6 IS-IS routes.
IPv6 IS-IS Multi-Topology Maintaining MT adjacencies With the extension of IPv6 IS-IS MT, the new type, length, and value (TLV) parameters are added into the IS to IS hello (IIH) packets that advertise the topologies of the interface. In IPv6 IS-IS MT, the router advertises its information using the new TLV parameters such as MT ID TLV, MT IS Reachability TLV, MT Reachable IPv4 TLV, and MT Reachable IPv6 TLV.
IPv6 IS-IS Multi-Topology The transition option allows the network to undergo transition from IPv6 IS-IS single-topology mode to IPv6 IS-IS MT mode. By default, the transition mode is off. The [no] form of the command disables the transition support. Configuring the IS-IS IPv6 PSPF exponential back-off feature The exponential back-off mechanism allows you to schedule PSPF processing for IPv6 IS-IS MT. An initial-hold-time interval is the wait time after an LSP change until the first PSPF calculation.
IPv6 IS-IS Multi-Topology The initial-hold-time variable specifies the initial time gap between an SPF event and the first running of SPF. The range is from 0 through 120000 milliseconds. The default value is 5000 milliseconds. The exponential-hold-time variable specifies the interval between two SPF calculations. The range is from 0 through 120000 milliseconds. The default value is 5000 milliseconds. The [no] form of the command resets all parameters to their default values.
IPv6 IS-IS Multi-Topology Configuration example to deploy IPv6 IS-IS MT Figure 38 shows an example of a non-congruent topology enabled with IPv6 IS-IS MT. Router D1 supports both the IPv4 and IPv6 topologies, router D2 supports both the IPv4 and IPv6 topologies, router E2 supports an IPv4 topology, and router C2 supports both the IPv4 and IPv6 topologies.
IPv6 IS-IS Multi-Topology Brocade(config-isis-router)# net 00.0000.001b.ed04.4000.
Chapter 18 RIPng (IPv6) Table 162 displays the individual Brocade devices and the RIPng features they support.
Configuring RIPng • How to clear RIPng information from the RIPng route table. • How to display RIPng information and statistics. Configuring RIPng To configure RIPng, you must do the following: • Enable RIPng globally on the Brocade device and on individual device interfaces. The following configuration tasks are optional: • • • • • Change the default settings of RIPng timers. Configure how the device learns and advertises routes. Configure which routes are redistributed into RIPng from other sources.
Configuring RIPng Enabling RIPng for a VRF instance To enable RIPng for a specific VRF instance, enter the following commands: Brocade(config)#ipv6 router rip vrf red Brocade(config-ripng-router-vrf-red)# Syntax: [no] ipv6 router rip vrf vrf-name vrf-name is the specified VRF name for the RIPng. If the vrf-name is not specified, RIPng is configured using the default VRF. To disable the RIPng for a specific VRF instance, use the no form of the command.
Configuring RIPng • Garbage-collection timer: 9 – 65535 seconds. NOTE You must enter a value for each timer, even if you want to retain the current setting of a particular timer. To return to the default values of the RIPng timers, use the no form of this command. Configuring route learning and advertising parameters You can configure the following learning and advertising parameters: • Learning and advertising of RIPng default routes. • Advertising of IPv6 address summaries.
Configuring RIPng For example, to advertise the summarized prefix 2001:db8::/36 instead of the IPv6 address 2001:db8:0:adff:8935:e838:78:e0ff with a prefix length of 64 bits from Ethernet interface 3/1, enter the following commands.
Configuring RIPng When configuring the device to redistribute routes, such as BGP4+ routes, you can optionally specify a metric for the redistributed routes. If you do not explicitly configure a metric, the default metric value of one is used. For example, to redistribute OSPFv3 routes into RIPng, enter the following command.
Clearing RIPng routes from IPv6 route table To enable poison reverse on the Brocade device, enter the following commands. Brocade(config)# ipv6 router rip Brocade(config-ripng-router)# poison-reverse Syntax: [no] poison-reverse To disable poison-reverse, use the no version of this command. By default, if a RIPng interface goes down, the device does not send a triggered update for the interface’s IPv6 networks.
Displaying RIPng information Brocade# show ipv6 rip IPv6 rip enabled, port 521 Administrative distance is 120 Updates every 30 seconds, expire after 180 Holddown lasts 180 seconds, garbage collect after 120 Split horizon is on; poison reverse is off Default routes are not generated Periodic updates 0, trigger updates 0 Distribute List, Inbound : Not set Distribute List, Outbound : Not set Redistribute: CONNECTED Syntax: show ipv6 rip This display shows the following information.
Displaying RIPng information Displaying RIPng configuration for a VRF instance To display the RIPng configuration information for a VRF instance, enter the following command: Brocade# show ipv6 rip vrf red IPv6 rip enabled, port 521 Administrative distance is 120 Updates every 30 seconds, expire after 180 Holddown lasts 180 seconds, garbage collect after 120 Split horizon is on; poison reverse is off Default originate routes are not generated Periodic updates 1137, trigger updates 6 Distribute List, Inboun
Displaying RIPng information TABLE 165 This field... Source of route RIPng routing table fields Displays... The source of the route information. The source can be one of the following: RIP – routes learned by RIPng. CONNECTED – IPv6 routes redistributed from directly connected networks. • STATIC – IPv6 static routes are redistributed into RIPng. • BGP – BGP4+ routes are redistributed into RIPng. • IS-IS – IPv6 IS-IS routes are redistributed into RIPng. • OSPF – OSPFv3 routes are redistributed into RIPng.
Chapter 19 Policy-Based Routing (IPv6) Table 166 displays the individual Brocade devices and the IPv6 Policy-Based Routing features they support.
Configuration considerations • IPv6 PBR policies are not supported on Layer 3 VPNs. • IPv6 PBR is applied to routed traffic only by default, except when the flood VLAN option is enabled. • IPv6 PBR can only be configured on physical ports, Link Aggregation Groups (LAG) ports, and Virtual Ethernet (VEs). • If IPv6 PBR is applied on a VE, it works only when the VE is enabled. When the VE is disabled, IPv6 PBR will not work and normal routing or switching takes place for the traffic received on the VE.
Configuring an IPv6 PBR policy Considerations specific to Brocade NetIron CES and Brocade NetIron CER • IPv6 PBR only supports routed traffic. Switched traffic is not supported. • IPv6 PBR on transit MPLS uplinks is not supported. IPv6 PBR on an Egress MPLS interface is supported. For example, an IPv6 PBR policy is applied on an MPLS interface.
Configuring an IPv6 PBR policy Syntax: [no] route-map map-name permit | deny num The map-name variable is a string of characters that names the map. Map names can be up to 80 characters in length. You can define an unlimited number of route maps on the Brocade device, as long as system memory is available.
Configuring an IPv6 PBR policy NOTE Do not use the IPv6 link-local address, unique local address, or the IPv6 address of the router as the IPv6 next hop address. Setting the next hop to a Null0 interface Sending traffic to a NullO interface drops the traffic. You can set the next hop to a Null0 interface as shown in the following example.
Configuring an IPv6 PBR policy In the case of traffic incoming on the MPLS uplink, IPv6 PBR to VLAN flooding is only supported for IPv6 traffic, and not for MPLS traffic. There is no Layer 3 header processing. For example, in the case of an IPv6 packet header, the hop-limit will not be decremented. Table 168 describes the difference in behavior between different brocade products.
Configuring an IPv6 PBR policy LAG formation When a LAG is formed, all ports must have the same PBR configuration before deployment. During deployment, the configuration on the primary port is replicated to all ports. On undeployment, each port inherits the same PBR configuration.
Configuration examples Configuration examples This section presents configuration examples for: • “Basic example” on page 766 • “Combined example” on page 766 • “Selectively applying normal routing to packets” on page 766 Basic example The following commands configure and apply an IPv6 PBR policy that routes HTTP traffic received on a virtual routing interface.
Displaying IPv6 PBR information Brocade(config-routemap v6pbr)#set next-hop-flood-vlan 200 outgoing-da 0000.0022.3333 Brocade(config-routemap v6pbr)# Brocade(config-routemap v6pbr)#interface ethernet 2/2 Brocade(config-if-e10000-2/2)#ipv6 address 2001:db8::1/64 Brocade(config-if-e10000-2/2)#ipv6 enable Brocade(config-if-e10000-2/2)#ipv6 policy route-map v6pbr To allow normal routing for certain traffic, a corresponding deny ACL filter can be added before any permit ACL filter.
Displaying IPv6 PBR information Displaying IPv6 PBR route map information Use the commands listed in the following sections to display the route map information used in the IPv6 PBR configuration. Displaying IPv6 route map information To view the route map information, use the show route-map command.
Policy based routing with the preserve VLAN option Syntax: show route-map [map-name] The map-name variable is the name of the route map you want to view. Displaying IPv6 PBR selected next hop information To view the PBR selected next hop information on the Brocade NetIron CES and Brocade NetIron CER use the show pbr inte ve command.
Configuration examples Configuration considerations • The command allow-all-vlan pbr cannot be configured when the physical port is configured with an IPv6 address, MPLS, VPLS, VLL, ICL, Layer 3 VPN; or when the port is part of other VLAN. • The route map with preserve-vlan set policies cannot be configured globally. • A route map used for PBR with a preserve VLAN policy must have the preserve-vlan keyword configured for each set policy.
Configuration examples Brocade(config)# int ve 40 Brocade(config-vif-40)# ipv6 policy route-map map6 Preserve VLAN IDs and forwarding to multiple ports within a VLAN 1. Configure the route map with set policies to preserve VLAN for IPv4/v6 traffic. Brocade(config)# route-map test permit 100 Brocade(config-routemap test)# match ipv6 address v6-acl Brocade(config-routemap test)# set next-hop-flood-vlan 200 preserve-vlan Brocade(config-routemap test)# exit 2. Apply the route map to physical or VE interface.
Policy-based routing support for preserve VLAN Policy-based routing support for preserve VLAN NOTE Policy-based routing support for preserve VLAN is supported only on Brocade NetIron XMR and Brocade MLX Series routers. This feature is now supported on the BR-MLX-10GX24 module. Previously, PBR transparent VLAN flooding (TVF) replaced the ingress traffic’s VLAN ID with the egress TVF VLAN ID, while flooding the egress TVF VLAN.
Chapter 20 VRRP and VRRP-E Table 169 displays the individual Brocade devices and the VRRP and VRRP-E features they support.
Overview of VRRP TABLE 169 Features supported Supported Brocade VRRP and VRRP-E features (Continued) Brocade NetIron XMR Series Brocade MLX Series Brocade NetIron CES 2000 Series BASE package Brocade NetIron CES 2000 Series ME_PREM package Brocade NetIron CES 2000 Series L3_PREM package Brocade NetIron CER 2000 Series Base package Brocade NetIron CER 2000 Series Advanced Services package VRRP-Extended Yes Slow Start Yes Yes Yes Yes Yes Yes VRRP-Extended Yes Scale Timer Yes Yes Yes Yes Y
Overview of VRRP FIGURE 39 Router1 is Host1’s default gateway but is a single point of failure As shown in this example, Host1 uses 192.53.5.1 on Router1 as the host’s default gateway out of the subnet. If this interface goes down, Host1 is cut off from the rest of the network. Router1 is thus a single point of failure for Host1’s access to other networks. If Router1 fails, you could configure Host1 to use Router2.
Overview of VRRP FIGURE 40 Router1 and Router2 configured as VRRP virtual routers for redundant network access for Host1 With VRRP, you configure virtual routers that span across the physical routers. A virtual router acts as a default router for hosts on a shared LAN. For example, Figure 40 has one virtual router configured (identified as VRID1).This virtual router ID (VRID) is associated with Router1 and Router2.
Overview of VRRP Master router election Virtual routers use the VRRP priority values associated with each VRRP router to determine which router becomes the Master. When you configure an Owner router, the VRRP priority is automatically set to 255, the highest VRRP priority. The router in the virtual router with the highest priority becomes the Master. Other routers become the Backup routers and can be assigned priorities from 3 through 254. The default priority value is 100.
Overview of VRRP If there is no manually configured virtual MAC address for a VRRP instance, the system automatically assigns one. For Brocade NetIron CES and Brocade NetIron CER platforms, you can configure a maximum of 255 virtual MAC addresses. This feature is subject to the following limitations: • This feature does not support configurable VRRP virtual MAC addresses over MCT. • This feature has no impact on short-path forwarding for VRRP-E.
Overview of VRRP Brocade#show ip vrrp-extended vrid 1 Interface 1/1 ---------------auth-type md5-authentication VRID 1 (index 1) interface 1/1 state master administrative-status disabled mode non-owner(backup) virtual mac aaaa.bbbb.cccc (configured) priority 100 current priority 100 track-priority 5 hello-interval 1 sec backup hello-interval 60 sec slow-start timer (configured) 30 sec advertise backup disabled dead-interval 0 ms preempt-mode true virtual ip address 10.20.1.
Overview of VRRP interface 1/1 state master administrative-status enabled mode non-owner(backup) virtual mac dddd.eeee.ffff (configured) priority 100 current priority 100 track-priority 5 hello-interval 1 sec backup hello-interval 60 sec advertise backup disabled dead-interval 0 ms preempt-mode true virtual ipv6 address 10:20:1::100 You can also identify configured virtual MAC addresses by entering the show running-config command, as shown in the following example.
Overview of VRRP Suppression of RIP advertisements for backed-up interfaces The Brocade implementation also enhances VRRP by allowing you to configure the protocol to suppress RIP advertisements for the backed-up paths from Backup routers. Normally, a VRRP Backup router includes route information for the interface it is backing up in RIP advertisements.
Overview of VRRP-E Overview of VRRP-E VRRP-E is proprietary version of VRRP that overcomes limitations in the standard protocol. Figure 41 shows an example of a VRRP-E configuration. FIGURE 41 Router1 and Router2 are configured to provide dual redundant network access for the host In this example, Router1 and Router2 use VRRP-E to load share as well as provide redundancy to the hosts. The load sharing is accomplished by creating two VRRP-E groups. Each group has its own virtual IP addresses.
Comparison of VRRP and VRRP-E ARP behavior with VRRP-E In the VRRP-E implementation, the source MAC address of the gratuitous ARP sent by the VRRP-E master router will be the VRRP-E virtual MAC address. When the router (either master or backup router) sends an ARP request or reply packet, the sender's MAC address will be the MAC address of the interface on the router.
VRRP and VRRP-E parameters • Hello packets: • VRRP sends Hello messages to IP Multicast address 224.0.0.18. • VRRP-E uses UDP to send Hello messages in IP multicast messages. The Hello packets use the interface’s actual MAC address and IP address as the source addresses. The destination MAC address is 00-00-00-00-00-02, and the destination IP address is 224.0.0.2 (the well-known IP multicast address for “all routers”). Both the source and destination UDP port number is 8888.
VRRP and VRRP-E parameters TABLE 170 VRRP and VRRP-E parameters (Continued) Parameter Description Default Refer page... Virtual Router IP address This is the address you are backing up. No default. • VRRP – The virtual router IP address must be a real IP address configured on the VRID interface on one of the VRRP routers. This router is the IP address Owner and is the default Master.
VRRP and VRRP-E parameters TABLE 170 786 VRRP and VRRP-E parameters (Continued) Parameter Description Default Refer page... Backup priority A numeric value that determines a Backup’s preferability for becoming the Master for the VRID. During negotiation, the router with the highest priority becomes the Master: • VRRP – The Owner has the highest priority (255); other routers can have a priority from 8 through 255. • VRRP-E – All routers are Backups and have the same priority by default.
Configuring parameters specific to VRRP TABLE 170 VRRP and VRRP-E parameters (Continued) Parameter Description Default Refer page... Backup preempt mode Prevents a Backup with a higher VRRP priority from taking control of the VRID from another Backup that has a lower priority but has already assumed control of the VRID. Enabled page 797 Slow Start Causes a specified amount of time to elapse between the time the original Master router is restored and when it takes over from the Backup router.
Configuring parameters specific to VRRP NOTE Mixed mode VRRP v2 and VRRP v3 is not supported in the same VRRP group. Configuring the Owner for IPv4 To configure the VRRP Owner router for IPv4, enter the following commands on the router. Brocade1(config)# router vrrp Brocade1(config)# interface ethernet 1/6 Brocade1(config-if-e10000-1/6)# ip address 10.53.5.1/24 Brocade1(config-if-e10000-1/6)# ip vrrp vrid 1 Brocade1(config-if-e10000-1/6-vrid-1)# owner Brocade1(config-if-e10000-1/6-vrid-1)# ip-address 10.
Configuring parameters specific to VRRP The IP address you assign to the Owner must be an IP address configured on an interface that belongs to the virtual router. Refer to “Configuration rules and feature limitations for VRRP” on page 790 for additional requirements. Configuring a Backup for IPv4 To configure the VRRP Backup router for IPv4, enter the following commands. Brocade2(config)# router vrrp Brocade2(config)# interface ethernet 1/5 Brocade2(config-if-e10000-1/5)# ip address 10.53.5.
Configuring parameters specific to VRRP-E Syntax: [no] ipv6-address ipv6-addr The num parameter specifies the virtual router ID. The ipv6-addr parameter specifies the IPv6 address of the Backup router. Refer to “Configuration rules and feature limitations for VRRP” on page 790 for additional requirements.
Configuring parameters specific to VRRP-E Brocade(config)# router vrrp-extended Brocade(config)# interface ethernet 1/5 Brocade(config-if-e10000-1/5)# ip address 10.53.5.3/24 Brocade(config-if-e10000-1/5)# ip vrrp-extended vrid 1 Brocade(config-if-e10000-1/5-vrid-1)# backup priority 50 track-priority 10 Brocade(config-if-e10000-1/5-vrid-1)# ip-address 10.53.5.
Configuring additional VRRP and VRRP-E parameters The ipv6-addr parameter specifies the IPv6 address of the router. Configuration rules and feature limitations for VRRP-E Consider the following rules when configuring VRRP-E: • The interfaces of all routers in a virtual router must be in the same IP subnet. • The IP address assigned to the virtual router cannot be configured on any of the Brocade devices. • • • • The Hello interval must be set to the same value on all the Brocade devices.
Configuring additional VRRP and VRRP-E parameters Authentication type If the interfaces on which you configure the virtual router use authentication, the VRRP or VRRP-E packets on those interfaces also must use the same authentication. Brocade’s implementation of VRRP and VRRP-E supports the following authentication types: • No authentication – The interfaces do not use authentication. This is the default for VRRP and VRRP-E.
Configuring additional VRRP and VRRP-E parameters To configure MD5 Authentication on VRRP-E IPv6, enter the following commands at the interface level: Brocade(config)#ipv6 vrrp-extended auth-type md5-auth ourpword Syntax: ip | ipv6 vrrp-extended auth-type [ md5-auth string ] The string variable specifies a text string that is used as an authentication password key. The maximum length of the key string is limited to 64 characters.
Configuring additional VRRP and VRRP-E parameters Hello interval The Master periodically sends Hello messages to the Backups. The Backups use the Hello messages as verification that the Master is still on-line. If the Backup routers stop receiving the Hello messages for the period of time specified by the Dead interval, the Backup routers determine that the Master router is dead. At this point, the Backup router with the highest priority becomes the new Master router.
Configuring additional VRRP and VRRP-E parameters Brocade(config-if-e10000-1/5)# ip vrrp vrid 1 Brocade(config-if-e10000-1/5-vrid-1)# dead-interval msec 600 Syntax: [no] dead-interval [msec] value The Dead interval can be from 100 through 84000 milliseconds. The default is 3500 milliseconds. The syntax is the same for VRRP and VRRP-E. NOTE VRRP-E does not support the Dead interval timer if it is set to milliseconds.
Configuring additional VRRP and VRRP-E parameters Track priority If you configure a virtual router to track the link state of interfaces and one of the tracked interface goes down, the software changes the VRRP or VRRP-E priority of the virtual router: • For VRRP, the software changes the priority of the virtual router to a track priority that is lower than that of the virtual router priority and lower than the priorities configured on the Backups.
Configuring additional VRRP and VRRP-E parameters The syntax is the same for VRRP and VRRP-E. Master router abdication and reinstatement To change the Master’s priority, enter the following commands. Brocade(config)# interface ethernet 1/6 Brocade(config-if-e10000-1/6)# ip vrrp vrid 1 Brocade(config-if-e10000-1/6-vrid-1)# owner priority 99 Syntax: [no] owner priority | track-priority num The num parameter specifies the new priority and can be a number from 1 through 254.
Configuring additional VRRP and VRRP-E parameters You can use the use-track-port and restart options to implement the slow start timer upon track port state changes. The use-track-port option implements a slow start timer for the first track port “up” state change, in addition to the VRRP-E initialization state. The restart option restarts the slow-start timer for subsequent track port “up” state changes. To set the VRRP-E slow start timer to 30 seconds, enter the following command.
Displaying VRRP and VRRP-E information for IPv4 Enable and Disable password display By default, the MD5 authentication password key is displayed as dots (...) for in the show running-configuration and show startup-configuration commands. For example: Brocade# show running-config interface ethernet 1/1 ... ipv6 vrrp-extended auth-type md5-auth ******** ... Use the enable password-display command to display the key password in original form, either encrypted or decrypted.
Displaying VRRP and VRRP-E information for IPv4 Syntax: show ip vrrp-extended [brief | ethernet slot/portnum | statistics | ve num | vrid id] The brief parameter displays the summary information. If you do not use this parameter, detailed information is displayed instead. Refer to “Displaying detailed information” on page 802. The ethernet slot/portnum parameter specifies an Ethernet port. If you use this parameter, the command displays IPv4 VRRP or VRRP-E information only for the specified port.
Displaying VRRP and VRRP-E information for IPv4 TABLE 171 CLI display of VRRP or VRRP-E summary information (Continued) This field... Displays... Backup addr The IP addresses of the router interfaces that are currently Backups for the virtual router. VIP The virtual IP address that is being backed up by the virtual router. Displaying detailed information To display detailed information for IPv4 VRRP or VRRP-E, enter the following command at any level of the CLI.
Displaying VRRP and VRRP-E information for IPv4 TABLE 172 CLI display of VRRP or VRRP-E detailed information (Continued) This field... Displays... Virtual Router parameters VRID The virtual router configured on this interface. If multiple virtual routers are configured on the interface, information for each virtual router is listed separately. state This Brocade device’s VRRP or VRRP-E state for the virtual router.
Displaying VRRP and VRRP-E information for IPv4 TABLE 172 CLI display of VRRP or VRRP-E detailed information (Continued) This field... Displays... advertise backup The IP addresses of Backups that have advertised themselves to this Brocade device by sending Hello messages. NOTE: Hello messages from Backups are disabled by default. You must enable the Hello messages on the Backup for the Backup to advertise itself to the current Master. Refer to “Hello interval” on page 795.
Displaying VRRP and VRRP-E information for IPv4 Displaying statistics To display IPv4 VRRP or VRRP-E statistics, enter the following command.
Displaying VRRP and VRRP-E information for IPv6 Displaying VRRP and VRRP-E information for IPv6 You can display the following information for IPv6 VRRP or VRRP-E: • • • • “Displaying summary information” on page 806 “Displaying detailed information” on page 807 “Displaying statistics” on page 807 “Displaying configuration information for VRRP and VRRP-E” on page 808 Displaying summary information To display summary information for IPv6 VRRP or VRRP-E, enter the following command at any level of the CLI.
Displaying VRRP and VRRP-E information for IPv6 Displaying detailed information To display detailed information for IPv6 VRRP or VRRP-E, enter the following command at any level of the CLI Brocade(config)# show ipv6 vrrp Total number of VRRP routers defined: 1 Interface 1/3 ---------------auth-type no authentication VRID 13 (index 2) interface 1/3 state master administrative-status enabled version v3 mode non-owner(backup) virtual mac 0000.5e00.
Displaying configuration information for VRRP and VRRP-E . . . . . . .
Clearing VRRP or VRRP-E statistics Clearing VRRP or VRRP-E statistics To clear IPv4 VRRP or VRRP-E statistics, enter the following command at the Privileged EXEC level or any configuration level of the CLI. Brocade(config)# clear ip vrrp statistics Syntax: clear ip vrrp statistics Syntax: clear ip vrrp-extended statistics To clear IPv6 VRRP or VRRP-E statistics, enter the following command at the Privileged EXEC level or any configuration level of the CLI.
Configuration examples Configuring router2 To configure Router2 in Figure 40 on page 776 after enabling VRRP, enter the following commands. Brocade(config)# router vrrp Brocade(config)# interface ethernet 1/5 Brocade(config-if-e10000-1/5)# ip address 10.53.5.3 Brocade(config-if-e10000-1/5)# ip vrrp vrid 1 Brocade(config-if-e10000-1/5-vrid-1)# backup priority 100 track-priority 19 Brocade(config-if-e10000-1/5-vrid-1)# track-port ethernet 3/2 Brocade(config-if-e10000-1/5-vrid-1)# ip-address 10.53.5.
Configuration examples Brocade(config)# ipv6 router vrrp Brocade(config)# interface ethernet 1/6 Brocade(config-if-e10000-1/6)# ipv6 address 1414:1414:1414::1/64 Brocade(config-if-e10000-1/6)# ipv6 vrrp vrid 1 Brocade(config-if-e10000-1/6-vrid-1)# owner track-priority 20 Brocade(config-if-e10000-1/6-vrid-1)# track-port ethernet 2/4 Brocade(config-if-e10000-1/6-vrid-1)# ipv6-address 1414:1414:1414::1/64 Brocade(config-if-e10000-1/6-vrid-1)# activate NOTE When you configure the Master (Owner), the address y
Configuration examples Syntax: backup [priority value] [track-priority value] Syntax: track-port ethernet slot/portnum ve num Syntax: ipv6-address ip-addr Syntax: activate VRRP-E example for IPv4 To implement the IPv4 VRRP-E configuration shown in Figure 41 on page 782, configure the VRRP Routers as shown in the following sections. Configuring router1 To configure VRRP Router1 in Figure 41 on page 782, enter the following commands.
Configuration examples Brocade(config-if-e10000-5/1-vrid-1)# exit Brocade(config)# interface ethernet 5/1 Brocade(config-if-e10000-5/1)# ip vrrp-extended vrid 2 Brocade(config-if-e10000-5/1-vrid-1)# backup priority 110 track-priority 20 Brocade(config-if-e10000-5/1-vrid-1)# track-port ethernet 2/4 Brocade(config-if-e10000-5/1-vrid-1)# ip-address 10.53.5.253 Brocade(config-if-e10000-5/1-vrid-1)# activate The backup command specifies that this router is a VRRP-E Backup for virtual router VRID1.
Configuration examples VRRP router 1 for this interface is activating Brocade(config-if-e10000-1/6-vrid-1)# exit Brocade(config)# interface ethernet 1/6 Brocade(config-if-e10000-1/6)# ipv6 vrrp-extended vrid 2 Brocade(config-if-e10000-1/6-vrid-1)# ipv6-address 1414:1414:1414::44 Brocade(config-if-e10000-1/6-vrid-1)# activate VRRP router 2 for this interface is activating NOTE The address you enter with the ipv6-address command cannot be the same as a real IP address configured on the interface.
VRRP-E Extension for Server Virtualization Syntax: [no] backup [priority value] [track-priority value] Syntax: [no] ipv6-address ip-addr Syntax: [no] activate VRRP-E Extension for Server Virtualization VRRP-E is enhanced with the VRRP-E extension for Server Virtualization feature so that the Brocade device attempts to bypass the VRRP-E master router and directly forward packets to their destination through interfaces on the Backup router.
VRRP-E Extension for Server Virtualization FIGURE 42 Short path forwarding VRRP-E Extension for server virtualization configuration example Under the VRRP-E VRID configuration level, there is an option to enable short-path-forwarding. To enable short-path-forwarding, enter the following commands. Brocade(config)# router vrrp-extended Brocade(config)# interface ve 10 Brocade(config-vif-10)# ip address 10.10.10.
VRRP-E Extension for Server Virtualization Packets from the local subnet of the virtual IP address If VRRP-E Extension for Server Virtualization is enabled, any packets coming from the local subnet of the virtual IP address will be routed to the VRRP-E master router. This is for the routes whose next-hop gateway is the master router at the Backup router. These routes are routed to the WAN instead of switching them to the master router.
VRRP-E Extension for Server Virtualization 818 Multi-Service IronWare Routing Configuration Guide 53-1003033-02
