HP FlexFabric 7900 Switch Series Layer 3 - IP Routing Configuration Guide Part number: 5998-4283 Software version: Release 2109 Document version: 6W100-20140122
Legal and notice information © Copyright 2014 Hewlett-Packard Development Company, L.P. No part of this documentation may be reproduced or transmitted in any form or by any means without prior written consent of Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
Contents Configuring basic IP routing········································································································································ 1 Routing table ······································································································································································ 1 Dynamic routing protocols ·······························································································································
Configuring RIP route redistribution····················································································································· 28 Tuning and optimizing RIP networks ···························································································································· 28 Configuration prerequisites ·································································································································· 28 Configuring RIP timers········
Configuring the P2MP network type for an interface ························································································ 71 Configuring the P2P network type for an interface ··························································································· 71 Configuring OSPF route control ··································································································································· 71 Configuration prerequisites ······························
OSPF NSSA area configuration example ········································································································ 103 OSPF DR election configuration example ········································································································· 105 OSPF virtual link configuration example ··········································································································· 109 OSPF GR configuration example ···································
Configuring routing domain authentication······································································································ 145 Configuring IS-IS GR ···················································································································································· 145 Configuring BFD for IS-IS············································································································································· 146 Configuring IS-IS F
Enabling immediate reestablishment of direct EBGP connections upon link failure····································· 201 Enabling 4-byte AS number suppression ·········································································································· 202 Enabling MD5 authentication for BGP peers ··································································································· 202 Configuring BGP load balancing ·································································
Configuring filters ························································································································································· 258 Configuration prerequisites ································································································································ 258 Configuring an IP prefix list ································································································································ 258 Configurin
Configuring basic IP routing The term "interface" in the routing features collectively refers to Layer 3 interfaces, including VLAN interfaces and Layer 3 Ethernet interfaces. You can set an Ethernet port as a Layer 3 interface by using the port link-mode route command (see Layer 2—LAN Switching Configuration Guide). IP routing directs IP packet forwarding on routers based on a routing table. This chapter focuses on unicast routing protocols.
A route entry includes the following key items: • Destination—IP address of the destination host or network. • Mask—Mask length of the IP address. • Pre—Preference of the route. Among routes to the same destination, the route with the highest preference is optimal. • Cost—If multiple routes to a destination have the same preference, the one with the smallest cost is the optimal route. • NextHop—Next hop. • Interface—Output interface.
Table 3 Route types and default route preferences Route type Preference Direct route 0 Multicast static route 1 OSPF 10 IS-IS 15 Unicast static route 60 RIP 100 OSPF ASE 150 OSPF NSSA 150 IBGP 255 EBGP 255 Unknown (route from an untrusted source) 256 Load sharing A routing protocol might find multiple optimal equal-cost routes to the same destination. You can use these routes to implement equal-cost multi-path (ECMP) load sharing.
The RIB records redistribution relationships of routing protocols. Extension attribute redistribution Extension attribute redistribution enables routing protocols to learn route extension attributes from each other, including BGP extended community attributes, OSPF area IDs, route types, and router IDs. The RIB records extended attributes of each routing protocol and redistribution relationships of different routing protocol extended attributes.
Step 8. Configure the maximum lifetime for IPv4 routes in the FIB. Command Remarks fib lifetime seconds By default, the maximum lifetime for routes in the FIB is 600 seconds. Configuring the maximum number of ECMP routes This configuration takes effect at next reboot. Make sure the reboot does not impact your network. To configure the maximum number of ECMP routes: Step Command Remarks 1. Enter system view. system-view N/A 2. Configure the maximum number of ECMP routes.
Task Command Clear IPv4 route statistics.
Configuring static routing Static routes are manually configured. If a network's topology is simple, you only need to configure static routes for the network to work correctly. Static routes cannot adapt to network topology changes. If a fault or a topological change occurs in the network, the network administrator must modify the static routes manually. Configuring a static route Before you configure a static route, complete the following tasks: • Configure the physical parameters for related interfaces.
Configuring BFD for static routes IMPORTANT: Enabling BFD for a flapping route could worsen the situation. BFD provides a general-purpose, standard, medium-, and protocol-independent fast failure detection mechanism. It can uniformly and quickly detect the failures of the bidirectional forwarding paths between two routers for protocols, such as routing protocols. For more information about BFD, see High Availability Configuration Guide.
Single-hop echo mode With BFD echo mode enabled for a static route, the output interface sends BFD echo packets to the destination device, which loops the packets back to test the link reachability. IMPORTANT: Do not use BFD for a static route with the output interface in spoofing state. To configure BFD echo mode for a static route: Step 1. 2. 3. Enter system view. Command Remarks system-view N/A By default, the source address of echo packets is not configured.
As shown in Figure 1, upon a link failure, FRR specifies a backup next hop by using a routing policy for routes matching the specified criteria. Packets are directed to the backup next hop to avoid traffic interruption. Configuration guidelines • Do not use static route FRR and BFD (for a static route) at the same time. • Static route does not take effect when the backup output interface is unavailable. • Equal-cost routes do not support static route FRR.
Static route configuration examples Basic static route configuration example Network requirements Configure static routes on the switches in Figure 2 for interconnections between any two hosts. Figure 2 Network diagram Configuration procedure 1. Configure IP addresses for interfaces. (Details not shown.) 2. Configure static routes: # Configure a default route on Switch A. system-view [SwitchA] ip route-static 0.0.0.0 0.0.0.0 1.1.4.2 # Configure two static routes on Switch B.
Destination/Mask Proto Pre 0.0.0.0/0 Static 60 Cost NextHop Interface 0 1.1.4.2 Vlan500 Static Routing table Status : Summary Count : 0 # Display static routes on Switch B. [SwitchB] display ip routing-table protocol static Summary Count : 2 Static Routing table Status : Summary Count : 2 Destination/Mask Proto 1.1.2.0/24 Static 60 Pre Cost NextHop Interface 0 1.1.4.
BFD for static routes configuration example (direct next hop) Network requirements In Figure 3, configure a static route to subnet 120.1.1.0/24 on Switch A, and configure a static route to subnet 121.1.1.0/24 on Switch B. Enable BFD for both routes. Configure a static route to subnet 120.1.1.0/24 and a static route to subnet 121.1.1.0/24 on Switch C.
[SwitchB] ip route-static 121.1.1.0 24 vlan-interface 10 12.1.1.1 bfd control-packet [SwitchB] ip route-static 121.1.1.0 24 vlan-interface 13 13.1.1.2 preference 65 [SwitchB] quit # Configure static routes on Switch C. system-view [SwitchC] ip route-static 120.1.1.0 24 13.1.1.1 [SwitchC] ip route-static 121.1.1.0 24 10.1.1.102 Verifying the configuration # Display BFD sessions on Switch A.
The output shows that Switch A communicates with Switch B through VLAN-interface 11. BFD for static routes configuration example (indirect next hop) Network requirements In Figure 4, Switch A has a route to interface Loopback 1 (2.2.2.9/32) on Switch B, with the output interface VLAN-interface 10. Switch B has a route to interface Loopback 1 (1.1.1.9/32) on Switch A, with the output interface VLAN-interface 12. Switch D has a route to 1.1.1.
system-view [SwitchB] bfd multi-hop min-transmit-interval 500 [SwitchB] bfd multi-hop min-receive-interval 500 [SwitchB] bfd multi-hop detect-multiplier 9 [SwitchB] ip route-static 121.1.1.0 24 1.1.1.9 bfd control-packet bfd-source 2.2.2.9 [SwitchB] ip route-static 121.1.1.0 24 vlan-interface 13 13.1.1.2 preference 65 [SwitchB] quit # Configure static routes on Switch C. system-view [SwitchC] ip route-static 120.1.1.0 24 13.1.1.1 [SwitchC] ip route-static 121.1.1.0 24 10.1.1.
Static Routing table Status : Summary Count : 1 Destination/Mask Proto Pre 120.1.1.0/24 Static 65 Cost NextHop Interface 0 10.1.1.100 Vlan11 Static Routing table Status : Summary Count : 0 The output shows that Switch A communicates with Switch B through VLAN-interface 11.
Verifying the configuration # Display route 4.4.4.4/32 on Switch S to view the backup next hop information. [SwitchS] display ip routing-table 4.4.4.4 verbose Summary Count : 1 Destination: 4.4.4.4/32 Protocol: Static SubProtID: 0x0 Cost: 0 Tag: 0 OrigTblID: 0x0 TableID: 0x2 NBRID: 0x26000002 AttrID: 0xffffffff Process ID: 0 Age: 04h20m37s Preference: 60 State: Active Adv OrigVrf: default-vrf OrigAs: 0 LastAs: 0 Neighbor: 0.0.0.0 Flags: 0x1008c OrigNextHop: 13.13.13.2 Label: NULL RealNextHop: 13.13.
Configuring a default route A default route is used to forward packets that do not match any specific route entry in the routing table. Without a default route, packets that do not match any route entries are discarded. A default route can be configured in either of the following ways: • The network administrator can configure a default route with both destination and mask being 0.0.0.0. For more information, see "Configuring a static route.
Configuring RIP Routing Information Protocol (RIP) is a distance-vector IGP suited to small-sized networks. It employs UDP to exchange route information through port 520. Overview RIP uses a hop count to measure the distance to a destination. The hop count from a router to a directly connected network is 0. The hop count from a router to a directly connected router is 1. To limit convergence time, RIP restricts the metric range from 0 to 15.
2. RIP uses the received responses to update the local routing table and sends triggered update messages to its neighbors. All RIP routers on the network do this to learn latest routing information. 3. RIP periodically sends the local routing table to its neighbors. After a RIP neighbor receives the message, it updates its routing table, selects optimal routes, and sends an update to other neighbors. RIP ages routes to keep only valid routes. RIP versions There are two RIP versions, RIPv1 and RIPv2.
RIP configuration task list Tasks at a glance Configuring basic RIP: • (Required.) Enabling RIP • (Optional.) Controlling RIP reception and advertisement on interfaces • (Optional.) Configuring a RIP version (Optional.
If you configure RIP settings in interface view before enabling RIP, the settings do not take effect until RIP is enabled. If a physical interface is attached to multiple networks, you cannot advertise these networks in different RIP processes. You cannot enable multiple RIP processes on a physical interface. Enabling RIP on a network You can enable RIP on a network and specify a wildcard mask for the network. After that, only the interface attached to the network runs RIP.
Step Command Remarks 6. Enable an interface to receive RIP messages. rip input By default, a RIP-enabled interface can receive RIP messages. 7. Enable an interface to send RIP messages. rip output By default, a RIP-enabled interface can send RIP messages. Configuring a RIP version You can configure a global RIP version in RIP view or an interface-specific RIP version in interface view. An interface preferentially uses the interface-specific RIP version.
Configuring an additional routing metric An additional routing metric (hop count) can be added to the metric of an inbound or outbound RIP route. An outbound additional metric is added to the metric of a sent route, and it does not change the route's metric in the routing table. An inbound additional metric is added to the metric of a received route before the route is added into the routing table, and the route's metric is changed.
For example, suppose contiguous subnets routes 10.1.1.0/24, 10.1.2.0/24, and 10.1.3.0/24 exist in the routing table. You can create a summary route 10.1.0.0/16 on Ethernet 1/1 to advertise the summary route instead of the more specific routes. To configure a summary route: Step Command Remarks 1. Enter system view. system-view N/A 2. Enter RIP view. rip [ process-id ] N/A 3. Disable RIPv2 automatic route summarization. undo summary By default, RIPv2 automatic route summarization is enabled.
Step Command Remarks 3. Enable RIP to advertise a default route. default-route { only | originate } [ cost cost ] By default, RIP does not advertise a default route. 4. Return to system view. quit N/A 5. Enter interface view. interface interface-type interface-number N/A 6. Configure the RIP interface to advertise a default route.
Step Command Remarks 1. Enter system view. system-view N/A 2. Enter RIP view. rip [ process-id ] N/A 3. Configure a preference for RIP. preference [ route-policy route-policy-name ] value The default setting is 100. Configuring RIP route redistribution Perform this task to configure RIP to redistribute routes from other routing protocols, including OSPF, IS-IS, BGP, static, and direct. To configure RIP route redistribution: Step Command Remarks 1. Enter system view. system-view N/A 2.
updated route that is received from the same neighbor before the suppress timer expires and has a metric less than 16. Garbage-collect timer—Specifies the interval from when the metric of a route becomes 16 to when it is deleted from the routing table. RIP advertises the route with a metric of 16. If no update is announced for that route before the garbage-collect timer expires, the route is deleted from the routing table.
Step Command Remarks 1. Enter system view. system-view N/A 2. Enter interface view. interface interface-type interface-number N/A 3. Enable poison reverse. rip poison-reverse By default, poison reverse is disabled. Configuring the maximum number of ECMP routes Perform this task to implement load sharing over ECMP routes. To configure the maximum number of ECMP routes: Step Command Remarks 1. Enter system view. system-view N/A 2. Enter RIP view. rip [ process-id ] N/A 3.
Upon receiving a message on an Ethernet interface, RIP compares the source IP address of the message with the IP address of the interface. If they are not in the same network segment, RIP discards the message. Upon receiving a message on a serial interface, RIP checks whether the source address of the message is the IP address of the peer interface. If not, RIP discards the message. To enable source IP address check on incoming RIP updates: Step Command Remarks 1. Enter system view.
Step Command Remarks 1. Enter system view. system-view N/A 2. Enter RIP view. rip [ process-id ] N/A 3. Specify a RIP neighbor. peer ip-address By default, RIP does not unicast updates to any peer. 4. Disable source IP address check on inbound RIP updates undo validate-source-address By default, source IP address check on inbound RIP updates is enabled. Configuring RIP network management You can use network management software to manage the RIP process to which MIB is bound.
The packet length of RIP packets determines how many routes can be carried in a RIP packet. Set the maximum length of RIP packets to make good use of link bandwidth. When authentication is enabled, follow these guidelines to ensure packet forwarding: • For simple authentication, the maximum length of RIP packets must be no less than 52 bytes. • For MD5 authentication (with packet format defined in RFC 2453), the maximum length of RIP packets must be no less than 56 bytes.
Configuring BFD for RIP RIP detects route failures by periodically sending requests. If it receives no response for a route within a certain time, RIP considers the route unreachable. This detection mechanism is not fast enough. To speed up convergence, perform this task to enable BFD for RIP. For more information about BFD, see High Availability Configuration Guide. RIP supports the following BFD detection modes: • Single-hop echo detection—Detection mode for a direct neighbor.
Step Command Remarks 3. Enter interface view. interface interface-type interface-number N/A 4. Enable BFD for RIP. rip bfd enable destination ip-address By default, BFD for RIP is disabled. Configuring bidirectional control detection Step Command Remarks 1. Enter system view. system-view N/A 2. Enter RIP view. rip [ process-id ] N/A By default, RIP does not unicast updates to any peer.
Configuration restrictions and guidelines • RIP FRR takes effect only for RIP routes learned from directly connected neighbors. • Do not use RIP FRR and BFD for RIP at the same time. Otherwise, FRR might fail to work. • RIP FRR is available only when the state of primary link (with Layer 3 interfaces staying up) changes from bidirectional to unidirectional or down.
RIP configuration examples Configuring basic RIP Network requirements As shown in Figure 7, enable RIPv2 on all interfaces on Switch A and Switch B. Configure Switch B to not advertise route 10.2.1.0/24 to Switch A, and to accept only route 2.1.1.0/24 from Switch A. Figure 7 Network diagram Configuration procedure 1. Configure IP addresses for interfaces. (Details not shown.) 2. Configure basic RIP by using either of the following methods: (Method 1) # Enable RIP on the specified networks on Switch A.
Destination/Mask Nexthop Cost Tag Flags Sec 10.0.0.0/8 192.168.1.2 1 0 RAOF 11 The output shows that RIPv1 uses a natural mask. 3. Configure a RIP version: # Configure RIPv2 on Switch A. [SwitchA] rip [SwitchA-rip-1] version 2 [SwitchA-rip-1] undo summary [SwitchA-rip-1] quit # Configure RIPv2 on Switch B. [SwitchB] rip [SwitchB-rip-1] version 2 [SwitchB-rip-1] undo summary [SwitchB-rip-1] quit # Display the RIP routing table on Switch A.
[SwitchB-rip-1] quit # Display the RIP routing table on Switch A. [SwitchA] display rip 100 route Route Flags: R - RIP A - Aging, S - Suppressed, G - Garbage-collect O - Optimal, F - Flush to RIB ---------------------------------------------------------------------------Peer 192.168.1.2 on Vlan-interface100 Destination/Mask Nexthop Cost Tag Flags Sec 10.1.1.0/24 192.168.1.2 1 0 RAOF 19 # Display the RIP routing table on Switch B.
[SwitchA-rip-100] undo summary [SwitchA-rip-100] quit # Enable RIP 100 and RIP 200, and configure RIPv2 on Switch B. system-view [SwitchB] rip 100 [SwitchB-rip-100] network 11.0.0.0 [SwitchB-rip-100] version 2 [SwitchB-rip-100] undo summary [SwitchB-rip-100] quit [SwitchB] rip 200 [SwitchB-rip-200] network 12.0.0.0 [SwitchB-rip-200] version 2 [SwitchB-rip-200] undo summary [SwitchB-rip-200] quit # Enable RIP 200, and configure RIPv2 on Switch C.
# Display the IP routing table on Switch C. [SwitchC] display ip routing-table Destinations : 15 Routes : 15 Destination/Mask Proto 0.0.0.0/32 10.2.1.0/24 Pre Cost NextHop Interface Direct 0 0 127.0.0.1 InLoop0 RIP 100 1 12.3.1.1 Vlan200 11.1.1.0/24 RIP 100 1 12.3.1.1 Vlan200 12.3.1.0/24 Direct 0 0 12.3.1.2 Vlan200 12.3.1.0/32 Direct 0 0 12.3.1.2 Vlan200 12.3.1.2/32 Direct 0 0 127.0.0.1 InLoop0 12.3.1.255/32 Direct 0 0 12.3.1.2 Vlan200 16.4.1.
[SwitchA] rip 1 [SwitchA-rip-1] network 1.0.0.0 [SwitchA-rip-1] version 2 [SwitchA-rip-1] undo summary [SwitchA-rip-1] quit # Configure Switch B. system-view [SwitchB] rip 1 [SwitchB-rip-1] network 1.0.0.0 [SwitchB-rip-1] version 2 [SwitchB-rip-1] undo summary # Configure Switch C. system-view [SwitchB] rip 1 [SwitchC-rip-1] network 1.0.0.0 [SwitchC-rip-1] version 2 [SwitchC-rip-1] undo summary # Configure Switch D. system-view [SwitchD] rip 1 [SwitchD-rip-1] network 1.0.0.
1.0.0.0/8, auto-summary 1.1.1.0/24, cost 0, nexthop 1.1.1.1, RIP-interface 1.1.2.0/24, cost 0, nexthop 1.1.2.1, RIP-interface 1.1.3.0/24, cost 1, nexthop 1.1.1.2 1.1.4.0/24, cost 2, nexthop 1.1.1.2 1.1.5.0/24, cost 2, nexthop 1.1.1.2 The output shows that only one RIP route reaches network 1.1.5.0/24, with the next hop as Switch B (1.1.1.2) and a cost of 2.
[SwitchB-ospf-1-area-0.0.0.0] quit # Configure Switch C. system-view [SwitchC] ospf [SwitchC-ospf-1] area 0 [SwitchC-ospf-1-area-0.0.0.0] network 10.1.1.0 0.0.0.255 [SwitchC-ospf-1-area-0.0.0.0] network 10.2.1.0 0.0.0.255 [SwitchC-ospf-1-area-0.0.0.0] quit [SwitchC-ospf-1] quit 3. Configure basic RIP: # Configure Switch C. [SwitchC] rip 1 [SwitchC-rip-1] network 11.3.1.0 [SwitchC-rip-1] version 2 [SwitchC-rip-1] undo summary # Configure Switch D.
4. Configure route summarization: # Configure route summarization on Switch C and advertise only the summary route 10.0.0.0/8. [SwitchC] interface vlan-interface 300 [SwitchC-Vlan-interface300] rip summary-address 10.0.0.0 8 # Display the IP routing table on Switch D. [SwitchD] display ip routing-table Destinations : 12 Routes : 12 Destination/Mask Proto Cost NextHop Interface 0.0.0.0/32 Direct 0 Pre 0 127.0.0.1 InLoop0 10.0.0.0/8 RIP 1 11.3.1.1 Vlan300 11.3.1.0/24 Direct 0 0 11.3.1.
Figure 11 Network diagram Configuration procedure 1. Configure IP addresses for interfaces. (Details not shown.) 2. Configure basic RIP: # Configure Switch A. system-view [SwitchA] rip 1 [SwitchA-rip-1] version 2 [SwitchA-rip-1] undo summary [SwitchA-rip-1] network 192.168.1.
[SwitchC-rip-1] network 192.168.3.0 [SwitchC-rip-1] import-route static [SwitchC-rip-1] quit Configure BFD parameters on VLAN-interface 100 of Switch A. 3. [SwitchA] bfd session init-mode active [SwitchA] bfd echo-source-ip 11.11.11.
display ip routing-table 120.1.1.0 24 verbose Summary Count : 1 Destination: 120.1.1.0/24 Protocol: RIP SubProtID: 0x1 Cost: 1 Tag: 0 OrigTblID: 0x0 TableID: 0x2 NBRID: 0x26000002 AttrID: 0xffffffff Process ID: 2 Age: 04h20m37s Preference: 100 State: Active Adv OrigVrf: default-vrf OrigAs: 0 LastAs: 0 Neighbor: 192.168.2.2 Flags: 0x1008c OrigNextHop: 192.168.2.2 Label: NULL RealNextHop: 192.168.2.
Figure 12 Network diagram Configuration procedure 1. Configure IP addresses for interfaces. (Details not shown.) 2. Configure basic RIP and enable BFD on the interfaces: # Configure Switch A. system-view [SwitchA] rip 1 [SwitchA-rip-1] network 192.168.2.0 [SwitchA-rip-1] import-route static [SwitchA-rip-1] quit [SwitchA] interface vlan-interface 100 [SwitchA-Vlan-interface100] rip bfd enable destination 192.168.2.2 [SwitchA-Vlan-interface100] quit # Configure Switch B.
# Configure a static route on Switch C. [SwitchA] ip route-static 100.1.1.0 24 null 0 Verifying the configuration # Display BFD session information on Switch A. display bfd session Total Session Num: 1 Up Session Num: 1 Init Mode: Active IPv4 session working under Echo mode: LD SourceAddr DestAddr State Holdtime Interface 3 192.168.2.1 192.168.2.2 Up 2000ms vlan100 # Display routes destined for 100.1.1.0/24 on Switch B. display ip routing-table 100.1.1.
Label: NULL RealNextHop: 192.168.3.2 BkLabel: NULL BkNextHop: N/A Tunnel ID: Invalid BkTunnel ID: Invalid Interface: vlan-interface 200 BkInterface: N/A Configuring BFD for RIP (bidirectional detection in BFD control packet mode) Network requirements As shown in Figure 13, VLAN-interface 100 of Switch A and VLAN-interface 200 of Switch C run RIP process 1. VLAN-interface 300 of Switch A runs RIP process 2.
# Configure Switch A. system-view [SwitchA] rip 1 [SwitchA-rip-1] version 2 [SwitchA-rip-1] undo summary [SwitchA-rip-1] network 192.168.1.0 [SwitchA-rip-1] network 101.1.1.0 [SwitchA-rip-1] peer 192.168.2.
[SwitchA-Vlan-interface100] bfd detect-multiplier 7 [SwitchA-Vlan-interface100] quit # Configure Switch C. [SwitchC] bfd session init-mode active [SwitchC] interface vlan-interface 200 [SwitchC-Vlan-interface200] bfd min-transmit-interval 500 [SwitchC-Vlan-interface200] bfd min-receive-interval 500 [SwitchC-Vlan-interface200] bfd detect-multiplier 7 [SwitchC-Vlan-interface200] quit 4. Configure static routes: # Configure a static route to Switch C on Switch A. [SwitchA] ip route-static 192.168.2.
display ip routing-table 100.1.1.0 24 verbose Summary Count : 1 Destination: 100.1.1.0/24 Protocol: RIP Process ID: 2 SubProtID: 0x1 Cost: 2 Tag: 0 OrigTblID: 0x0 TableID: 0x2 NBRID: 0x12000003 AttrID: 0xffffffff Age: 00h18m40s Preference: 100 State: Active Adv OrigVrf: default-vrf OrigAs: 0 LastAs: 0 Neighbor: 192.168.3.2 Flags: 0x1008c OrigNextHop: 192.168.3.2 Label: NULL RealNextHop: 192.168.3.
[SwitchS-route-policy-frr-10] apply fast-reroute backup-interface vlan-interface 100 backup-nexthop 12.12.12.2 [SwitchS-route-policy-frr-10] quit [SwitchS] rip 1 [SwitchS-rip-1] fast-reroute route-policy frr [SwitchS-rip-1] quit # Configure Switch D. system-view [SwitchD] bfd echo-source-ip 3.3.3.3 [SwitchD] ip prefix-list abc index 10 permit 1.1.1.
Tag: 0 OrigTblID: 0x0 TableID: 0x2 NBRID: 0x26000002 AttrID: 0xffffffff State: Active Adv OrigVrf: default-vrf OrigAs: 0 LastAs: 0 Neighbor: 13.13.13.1 Flags: 0x1008c OrigNextHop: 13.13.13.1 Label: NULL RealNextHop: 13.13.13.1 BkLabel: NULL BkNextHop: 24.24.24.
Configuring OSPF Open Shortest Path First (OSPF) is a link-state IGP developed by the OSPF working group of the IETF. OSPF version 2 is used for IPv4. OSPF refers to OSPFv2 throughout this chapter. Overview OSPF has the following features: • Wide scope—Supports various network sizes and up to several hundred routers in an OSPF routing domain. • Fast convergence—Advertises routing updates instantly upon network topology changes. • Loop free—Computes routes with the SPF algorithm to avoid routing loops.
LSA types OSPF advertises routing information in Link State Advertisements (LSAs). The following LSAs are commonly used: • Router LSA—Type-1 LSA, originated by all routers and flooded throughout a single area only. This LSA describes the collected states of the router's interfaces to an area. • Network LSA—Type-2 LSA, originated for broadcast and NBMA networks by the designated router, and flooded throughout a single area only. This LSA contains the list of routers connected to the network.
Figure 15 Area-based OSPF network partition Area 4 Area 1 Area 0 Area 2 Area 3 Backbone area and virtual links Each AS has a backbone area that distributes routing information between non-backbone areas. Routing information between non-backbone areas must be forwarded by the backbone area. OSPF has the following requirements: • All non-backbone areas must maintain connectivity to the backbone area. • The backbone area must maintain connectivity within itself.
Figure 17 Virtual link application 2 Area 1 Virtual link R2 R1 Area 0 The virtual link between the two ABRs acts as a point-to-point connection. You can configure interface parameters, such as hello interval, on the virtual link as they are configured on a physical interface. The two ABRs on the virtual link unicast OSPF packets to each other, and the OSPF routers in between convey these OSPF packets as normal IP packets.
• Internal router—All interfaces on an internal router belong to one OSPF area. • ABR—Belongs to more than two areas, one of which must be the backbone area. ABR connects the backbone area to a non-backbone area. An ABR and the backbone area can be connected through a physical or logical link. • Backbone router—At least one interface of a backbone router must reside in the backbone area. All ABRs and internal routers in Area 0 are backbone routers.
destination of the Type-2 external route. If two Type-2 routes to the same destination have the same cost, OSPF takes the cost from the router to the ASBR into consideration to determine the best route. Route calculation OSPF computes routes in an area as follows: • Each router generates LSAs based on the network topology around itself, and sends them to other routers in update packets. • Each OSPF router collects LSAs from other routers to compose an LSDB.
• BDR—Elected along with the DR to establish adjacencies with all other routers. If the DR fails, the BDR immediately becomes the new DR, and other routers elect a new BDR. Routers other than the DR and BDR are called "DROthers." They do not establish adjacencies with one another, so the number of adjacencies is reduced. The role of a router is subnet (or interface) specific. It might be a DR on one interface and a BDR or DROther on another interface.
• RFC 3137, OSPF Stub Router Advertisement • RFC 4811, OSPF Out-of-Band LSDB Resynchronization • RFC 4812, OSPF Restart Signaling • RFC 4813, OSPF Link-Local Signaling OSPF configuration task list To run OSPF, you must first enable OSPF on the router. Make a proper configuration plan to avoid incorrect settings that can result in route blocking and routing loops. To configure OSPF, perform the following tasks: Tasks at a glance (Required.) Enabling OSPF (Optional.
Tasks at a glance (Optional.
• If you specify a router ID when you create an OSPF process, any two routers in an AS must have different router IDs. A common practice is to specify the IP address of an interface as the router ID. • If you specify no router ID when you create the OSPF process, the global router ID is used. HP recommends specifying a router ID when you create the OSPF process. Enabling OSPF on a network Step 1. Enter system view. Command Remarks system-view N/A By default, no global router ID is configured. 2.
Step Command Remarks By default, OSPF is disabled on an interface. Enable an OSPF process on the interface. 3. ospf process-id area area-id [ exclude-subip ] If the specified OSPF process and area do not exist, the command creates the OSPF process and area. Disabling an OSPF process on an interface does not delete the OSPF process or the area.
Configuring an NSSA area A stub area cannot import external routes, but an NSSA area can import external routes into the OSPF routing domain while retaining other stub area characteristics. Do not configure the backbone area as an NSSA area or totally NSSA area. To configure an NSSA area, configure the nssa command on all the routers attached to the area. To configure a totally NSSA area, configure the nssa command on all the routers attached to the area and configure the nssa no-summary command on the ABR.
Step Command Remarks By default, no virtual link is configured. 4. vlink-peer router-id [ dead seconds | hello seconds | { { hmac-md5 | md5 } key-id { cipher cipher-string | plain plain-string } | simple { cipher cipher-string | plain plain-string } } | retransmit seconds | trans-delay seconds ] * Configure a virtual link. Configure this command on both ends of a virtual link, and the hello and dead intervals must be identical on both ends of the virtual link.
Step 3. 4. Command Remarks Configure the OSPF network type for the interface as broadcast. ospf network-type broadcast By default, the network type of an interface depends on the link layer protocol. (Optional.) Configure a router priority for the interface. ospf dr-priority priority The default router priority is 1.
Configuring the P2MP network type for an interface Step Command Remarks 1. Enter system view. system-view N/A 2. Enter interface view. interface interface-type interface-number N/A By default, the network type of an interface depends on the link layer protocol. After you configure the OSPF network type for an interface as P2MP unicast, all packets are unicast over the interface. The interface cannot broadcast hello packets to discover neighbors, so you must manually specify the neighbors.
• Enable OSPF. • Configure filters if routing information filtering is needed. Configuring OSPF route summarization Configure route summarization on an ABR or ASBR to summarize contiguous networks into a single network and distribute it to other areas. Route summarization reduces the routing information exchanged between areas and the size of routing tables, and improves routing performance. For example, three internal networks 19.1.1.0/24, 19.1.2.0/24, and 19.1.3.0/24 are available within an area.
Configuring discard routes for summary networks Discard routes help prevent routing black holes when route summarization is configured on ABRs and ASBRs. During route summarization, an ABR or ASBR generates a discard route for the summary network. The destination and output interface of the discard route is the summary network and interface Null 0.
Step Configure OSPF to filter routes calculated using received LSAs. 3. Command Remarks filter-policy { acl-number [ gateway prefix-list-name ] | gateway prefix-list-name | prefix-list prefix-list-name [ gateway prefix-list-name ] | route-policy route-policy-name } import By default, OSPF accepts all routes calculated using received LSAs. Configuring Type-3 LSA filtering Perform this task to filter Type-3 LSAs advertised to an area on an ABR.
Step Command Remarks 1. Enter system view. system-view N/A 2. Enter OSPF view. ospf [ process-id | router-id router-id ] * N/A 3. Configure a bandwidth reference value. bandwidth-reference value The default setting is 100 Mbps. Configuring the maximum number of ECMP routes Perform this task to implement load sharing over ECMP routes. To configure the maximum number of ECMP routes: Step Command Remarks 1. Enter system view. system-view N/A 2. Enter OSPF view.
Type-7 LSAs. In addition, you can configure OSPF to filter redistributed routes so that OSPF advertises only permitted routes. IMPORTANT: The import-route bgp command redistributes only EBGP routes. Because the import-route bgp allow-ibgp command redistributes both EBGP and IBGP routes, and might cause routing loops, use it with caution. Configuring OSPF to redistribute routes from another routing protocol Step Command Remarks 1. Enter system view. system-view N/A 2. Enter OSPF view.
Step Command Remarks 2. Enter OSPF view. ospf [ process-id | router-id router-id ] * N/A 3. Configure the default parameters for redistributed routes (cost, upper limit, tag, and type). default { cost cost | tag tag | type type } * By default, the cost is 1, the tag is 1, and the type is Type-2. Advertising a host route Step Command Remarks 1. Enter system view. system-view N/A 2. Enter OSPF view. ospf [ process-id | router-id router-id ] * N/A 3. Enter area view.
LSA retransmission timer—Interval within which if the interface receives no acknowledgement packets after sending a LSA to the neighbor, it retransmits the LSA. • To configure OSPF timers: Step Command Remarks 1. Enter system view. system-view N/A 2. Enter interface view. interface interface-type interface-number N/A By default: • The hello interval on P2P and broadcast 3. Specify the hello interval. interfaces is 10 seconds.
Specifying SPF calculation interval LSDB changes result in SPF calculations. When the topology changes frequently, a large amount of network and router resources are occupied by SPF calculation. You can adjust the SPF calculation interval to reduce the impact. When network changes are not frequent, the minimum-interval is adopted.
the number of generation times) each time a LSA generation occurs until the maximum-interval is reached. To configure the LSA generation interval: Step Command Remarks 1. Enter system view. system-view N/A 2. Enter OSPF view. ospf [ process-id | router-id router-id ] * N/A By default: • The maximum interval is 5 3. Configure the LSA generation interval. lsa-generation-interval maximum-interval [ minimum-interval [ incremental-interval ] ] seconds. • The minimum interval is 50 milliseconds.
link, a link to a transit network, or a virtual link. On such links, a maximum cost value of 65535 is used. Neighbors do not send packets to the stub router as long as they have a route with a smaller cost. To configure a router as a stub router: Step Command Remarks 1. Enter system view. system-view N/A 2. Enter OSPF view. ospf [ process-id | router-id router-id ] * N/A Configure the router as a stub router.
Step 2. Enter interface view. Command Remarks interface interface-type interface-number N/A • Configure simple authentication: 3. Configure interface authentication mode. ospf authentication-mode simple { cipher cipher-string | plain plain-string } • Configure MD5 authentication: ospf authentication-mode { hmac-md5 | md5 } key-id { cipher cipher-string | plain plain-string } Use either method. By default, no authentication is configured.
Step Specify the maximum number of external LSAs in the LSDB. 3. Command Remarks lsdb-overflow-limit number By default, the maximum number of external LSAs in the LSDB is not limited. Configuring OSPF exit overflow interval When the number of LSAs in the LSDB exceeds the upper limit, the LSDB is in an overflow state. To save resources, OSPF does not receive any external LSAs and deletes the external LSAs generated by itself when in this state.
Step Enable compatibility with RFC 1583. 3. Command Remarks rfc1583 compatible By default, this feature is enabled. Logging neighbor state changes Perform this task to enable output of neighbor state change logs to the information center. The information center processes the logs according to user-defined output rules (whether to output logs and where to output). For more information about the information center, see Network Management and Monitoring Configuration Guide.
Step Command Remarks By default, SNMP notifications for OSPF is enabled. 3. Enable SNMP notifications for OSPF.
Configuring prefix suppression An OSPF interface by default advertises all its prefixes in LSAs. You can suppress interfaces from advertising all its prefixes to speed up OSPF convergence. This function also helps improve the network security by preventing IP routing toward the suppressed networks. When prefix suppression is enabled: • On P2P and P2MP networks, OSPF does not advertise Type-3 links in Router LSAs. Other routing information can still be advertised to ensure traffic forwarding.
Configuring prefix prioritization This feature enables the device to install prefixes in descending priority order: critical, high, medium, and low. The prefix priorities are assigned through routing policies. When a route is assigned multiple prefix priorities, the route uses the highest priority. By default, the 32-bit OSPF host routes have a medium priority and other routes a low priority. To configure prefix prioritization: Step Command Remarks 1. Enter system view. system-view N/A 2.
Configuring the OSPF GR restarter You can configure the IETF or non IETF OSPF GR restarter. Configuring the IETF OSPF GR restarter Step Command Remarks 1. Enter system view. system-view N/A 2. Enable OSPF and enter its view. ospf [ process-id | router-id router-id ] * N/A 3. Enable opaque LSA reception and advertisement capability. opaque-capability enable By default, opaque LSA reception and advertisement capability is enabled. 4. Enable the IETF GR.
Step Command Remarks 3. Enable opaque LSA reception and advertisement capability. opaque-capability enable By default, opaque LSA reception and advertisement capability is enabled. 4. (Optional.) Enable GR helper capability. graceful-restart helper enable [ planned-only ] By default, GR helper capability is enabled. 5. (Optional.) Enable strict LSA checking for the GR helper. graceful-restart helper strict-lsa-checking By default, strict LSA checking for the GR helper is disabled.
Configuring bidirectional control detection Step Command Remarks 1. Enter system view. system-view N/A 2. Enter interface view. interface interface-type interface-number N/A 3. Enable BFD bidirectional control detection. By default, BFD bidirectional control detection is disabled. ospf bfd enable Both ends of a BFD session must be on the same network segment and in the same area. Configuring single-hop echo detection Step Command Remarks 1. Enter system view. system-view N/A 2.
You can configure OSPF FRR to calculate a backup next hop by using the loop free alternate (LFA) algorithm, or specify a backup next hop by using a routing policy. Configuration prerequisites Before you configure OSPF FRR, complete the following tasks: • Configure IP addresses for interfaces to ensure IP connectivity between neighboring nodes. • Enable OSPF. Configuration guidelines Do not use FRR and BFD at the same time. Otherwise, FRR might fail to take effect.
Step Command Remarks 1. Enter system view. system-view N/A 2. Configure the source address of echo packets. bfd echo-source-ip ip-address By default, the source address of echo packets is not configured. 3. Enter OSPF view. ospf [ process-id | router-id router-id ] * N/A 4. Enable OSPF FRR to specify a backup next hop by using a routing policy. fast-reroute route-policy route-policy-name By default, OSPF FRR is not configured.
Task Command Display OSPF topology information. display ospf [ process-id ] [ area area-id ] spf-tree [ verbose ] Display OSPF statistics. display ospf [ process-id ] statistics [ error ] Display OSPF virtual link information (in standalone mode). display ospf [ process-id ] vlink [ standby slot slot-number ] Display OSPF virtual link information (in IRF mode). display ospf [ process-id ] vlink [ standby chassis chassis-number slot slot-number ] Display OSPF request queue information.
Figure 22 Network diagram Switch A Area 0 Vlan-int100 10.1.1.2/24 Vlan-int200 10.2.1.1/24 Area 1 Switch B Vlan-int100 10.1.1.1/24 Vlan-int200 10.2.1.2/24 Switch C Vlan-int300 10.4.1.1/24 Vlan-int200 10.3.1.1/24 Vlan-int200 10.3.1.2/24 Area 2 Vlan-int300 10.5.1.1/24 Switch D Configuration procedure 1. Configure IP addresses for interfaces. (Details not shown.) 2. Enable OSPF: # Configure Switch A. system-view [SwitchA] router id 10.2.1.
# Configure Switch D. system-view [SwitchD] router id 10.5.1.1 [SwitchD] ospf [SwitchD-ospf-1] area 2 [SwitchD-ospf-1-area-0.0.0.2] network 10.3.1.0 0.0.0.255 [SwitchD-ospf-1-area-0.0.0.2] network 10.5.1.0 0.0.0.255 [SwitchD-ospf-1-area-0.0.0.2] quit [SwitchD-ospf-1] quit Verifying the configuration # Display information about neighbors on Switch A. [SwitchA] display ospf peer verbose OSPF Process 1 with Router ID 10.2.1.1 Neighbors Area 0.0.0.0 interface 10.1.1.
10.4.1.0/24 2 Stub 10.2.1.2 10.4.1.1 0.0.0.1 10.5.1.0/24 3 Inter 10.1.1.2 10.3.1.1 0.0.0.0 10.1.1.0/24 1 Transit 10.1.1.1 10.2.1.1 0.0.0.0 AdvRouter Area Total Nets: 5 Intra Area: 3 Inter Area: 2 ASE: 0 NSSA: 0 # Display OSPF routing information on Switch D. [SwitchD] display ospf routing OSPF Process 1 with Router ID 10.5.1.1 Routing Tables Routing for Network Destination Cost Type NextHop 10.2.1.0/24 10.3.1.0/24 3 Inter 10.3.1.1 10.3.1.1 0.0.0.2 1 Transit 10.3.1.2 10.
Figure 23 Network diagram Configuration procedure 1. Configure IP addresses for interfaces. (Details not shown.) 2. Enable OSPF (see "Basic OSPF configuration example"). 3. Configure OSPF to redistribute routes: # On Switch C, configure a static route destined for network 3.1.2.0/24. system-view [SwitchC] ip route-static 3.1.2.1 24 10.4.1.2 # On Switch C, configure OSPF to redistribute static routes.
Routing for ASEs Destination Cost Type Tag NextHop AdvRouter 3.1.2.0/24 1 Type2 1 10.3.1.1 10.4.1.1 Total Nets: 6 Intra Area: 2 Inter Area: 3 ASE: 1 NSSA: 0 OSPF summary route advertisement configuration example Network requirements • Configure OSPF on Switch A and Switch B in AS 200. • Configure OSPF on Switch C, Switch D, and Switch E in AS 100. • Configure an EBGP connection between Switch B and Switch C.
# Configure Switch B. system-view [SwitchB] router id 11.2.1.1 [SwitchB] ospf [SwitchB-ospf-1] area 0 [SwitchB-ospf-1-area-0.0.0.0] network 11.2.1.0 0.0.0.255 [SwitchB-ospf-1-area-0.0.0.0] quit [SwitchB-ospf-1] quit # Configure Switch C. system-view [SwitchC] router id 11.1.1.2 [SwitchC] ospf [SwitchC-ospf-1] area 0 [SwitchC-ospf-1-area-0.0.0.0] network 10.1.1.0 0.0.0.255 [SwitchC-ospf-1-area-0.0.0.0] network 10.2.1.0 0.0.0.255 [SwitchC-ospf-1-area-0.0.0.
[SwitchC-bgp-ipv4] import-route ospf [SwitchC-bgp-ipv4]import-route direct [SwitchC-bgp-ipv4] quit [SwitchC-bgp] quit 4. Configure Switch B and Switch C to redistribute BGP routes into OSPF: # Configure OSPF to redistribute routes from BGP on Switch B. [SwitchB] ospf [SwitchB-ospf-1] import-route bgp # Configure OSPF to redistribute routes from BGP on Switch C. [SwitchC] ospf [SwitchC-ospf-1] import-route bgp # Display the OSPF routing table on Switch A.
11.2.1.2/32 Direct 0 0 127.0.0.1 InLoop0 11.2.1.255/32 Direct 0 0 11.2.1.2 Vlan100 127.0.0.0/8 Direct 0 0 127.0.0.1 InLoop0 127.0.0.0/32 Direct 0 0 127.0.0.1 InLoop0 127.0.0.1/32 Direct 0 0 127.0.0.1 InLoop0 127.255.255.255/32 Direct 0 0 127.0.0.1 InLoop0 224.0.0.0/4 Direct 0 0 0.0.0.0 NULL0 224.0.0.0/24 Direct 0 0 0.0.0.0 NULL0 255.255.255.255/32 Direct 0 0 127.0.0.1 InLoop0 The output shows that routes 10.1.1.0/24, 10.2.1.0/24, 10.3.1.0/24 and 10.4.1.
OSPF Process 1 with Router ID 10.4.1.1 Routing Table to ABR and ASBR Type Destination Area Cost Nexthop RtType Intra 10.2.1.1 0.0.0.1 3 10.2.1.1 ABR Inter 10.5.1.1 0.0.0.1 7 10.2.1.1 ASBR # Display OSPF routing table on Switch C. display ospf routing OSPF Process 1 with Router ID 10.4.1.1 Routing Tables Routing for Network Destination Cost Type AdvRouter Area 10.2.1.0/24 3 Transit 10.2.1.2 NextHop 10.2.1.1 0.0.0.1 10.3.1.0/24 7 Inter 10.2.1.1 10.2.1.1 0.0.0.
Routing for Network Destination Cost Type NextHop AdvRouter Area 0.0.0.0/0 4 Inter 10.2.1.1 10.2.1.1 0.0.0.1 10.2.1.0/24 3 Transit 10.2.1.2 10.2.1.1 0.0.0.1 10.3.1.0/24 7 Inter 10.2.1.1 10.2.1.1 0.0.0.1 10.4.1.0/24 3 Stub 10.4.1.1 10.4.1.1 0.0.0.1 10.5.1.0/24 17 Inter 10.2.1.1 10.2.1.1 0.0.0.1 10.1.1.0/24 5 Inter 10.2.1.1 10.2.1.1 0.0.0.
Figure 26 Network diagram Configuration procedure 1. Configure IP addresses for interfaces. 2. Enable OSPF (see "Basic OSPF configuration example"). 3. Configure Area 1 as an NSSA area: # Configure Switch A. system-view [SwitchA] ospf [SwitchA-ospf-1] area 1 [SwitchA-ospf-1-area-0.0.0.1] nssa default-route-advertise no-summary [SwitchA-ospf-1-area-0.0.0.1] quit [SwitchA-ospf-1] quit # Configure Switch C. system-view [SwitchC] ospf [SwitchC-ospf-1] area 1 [SwitchC-ospf-1-area-0.0.
Destination Cost Type NextHop AdvRouter Area 0.0.0.0/0 65536 Inter 10.2.1.1 10.2.1.1 0.0.0.1 10.2.1.0/24 65535 Transit 10.2.1.2 10.4.1.1 0.0.0.1 10.4.1.0/24 3 Stub 10.4.1.1 0.0.0.1 10.4.1.1 Total Nets: 3 Intra Area: 2 4. Inter Area: 1 ASE: 0 NSSA: 0 Configure route redistribution: # Configure Switch C to redistribute static routes. [SwitchC] ip route-static 3.1.3.1 24 10.4.1.
Figure 27 Network diagram Configuration procedure 1. Configure IP addresses for interfaces. (Details not shown.) 2. Enable OSPF: # Configure Switch A. system-view [SwitchA] router id 1.1.1.1 [SwitchA] ospf [SwitchA-ospf-1] area 0 [SwitchA-ospf-1-area-0.0.0.0] network 192.168.1.0 0.0.0.255 [SwitchA-ospf-1-area-0.0.0.0] quit [SwitchA-ospf-1] quit # Configure Switch B. system-view [SwitchB] router id 2.2.2.2 [SwitchB] ospf [SwitchB-ospf-1] area 0 [SwitchB-ospf-1-area-0.0.0.
[SwitchD-ospf-1] return # Display OSPF neighbor information of Switch A. [SwitchA] display ospf peer verbose OSPF Process 1 with Router ID 1.1.1.1 Neighbors Area 0.0.0.0 interface 192.168.1.1(Vlan-interface1)'s neighbors Router ID: 2.2.2.2 State: 2-Way Address: 192.168.1.2 Mode: None DR: 192.168.1.4 GR State: Normal Priority: 1 BDR: 192.168.1.3 MTU: 0 Options is 0x02 (-|-|-|-|-|-|E|-) Dead timer due in 38 sec Neighbor is up for 00:01:31 Authentication Sequence: [ 0 ] Router ID: 3.3.3.
OSPF Process 1 with Router ID 4.4.4.4 Neighbors Area 0.0.0.0 interface 192.168.1.4(Vlan-interface1)'s neighbors Router ID: 1.1.1.1 State: Full Address: 192.168.1.1 Mode:Nbr is DR: 192.168.1.4 Slave GR State: Normal Priority: 100 BDR: 192.168.1.3 MTU: 0 Options is 0x02 (-|-|-|-|-|-|E|-) Dead timer due in 31 sec Neighbor is up for 00:11:17 Authentication Sequence: [ 0 ] Router ID: 2.2.2.2 State: Full Address: 192.168.1.2 Mode:Nbr is DR: 192.168.1.
Router ID: 2.2.2.2 State: 2-Way Address: 192.168.1.2 Mode: None DR: 192.168.1.1 GR State: Normal Priority: 0 BDR: 192.168.1.3 MTU: 0 Options is 0x02 (-|-|-|-|-|-|E|-) Dead timer due in 35 sec Neighbor is up for 00:01:44 Authentication Sequence: [ 0 ] Router ID: 3.3.3.3 State: Full Address: 192.168.1.3 Mode: Nbr is Slave DR: 192.168.1.1 GR State: Normal Priority: 2 BDR: 192.168.1.
Figure 28 Network diagram Configuration procedure 1. Configure IP addresses for interfaces. (Details not shown.) 2. Enable OSPF: # Configure Switch A. system-view [SwitchA] ospf 1 router-id 1.1.1.1 [SwitchA-ospf-1] area 0 [SwitchA-ospf-1-area-0.0.0.0] network 10.1.1.0 0.0.0.255 [SwitchA-ospf-1-area-0.0.0.0] quit # Configure Switch B. system-view [SwitchB] ospf 1 router-id 2.2.2.2 [SwitchB-ospf-1] area 0 [SwitchB-ospf-1-area-0.0.0.0] network 10.1.1.0 0.0.0.255 [SwitchB-ospf-1-area-0.
[SwitchB] display ospf routing OSPF Process 1 with Router ID 2.2.2.2 Routing Tables Routing for Network Destination Cost Type 10.2.1.0/24 2 10.1.1.0/24 2 NextHop AdvRouter Area Transit 10.2.1.1 3.3.3.3 0.0.0.1 Transit 10.1.1.2 2.2.2.2 0.0.0.0 Total Nets: 2 Intra Area: 2 Inter Area: 0 ASE: 0 NSSA: 0 Area 0 has no direct connection to Area 2, so the routing table of Switch B has no route to Area 2. 3. Configure a virtual link: # Configure Switch B.
• Switch A acts as the non-IETF GR restarter; Switch B and Switch C are the GR helpers and re-synchronize their LSDB with Switch A through OOB communication of GR. Figure 29 Network diagram Configuration procedure 1. Configure IP addresses for interfaces. (Details not shown.) 2. Enable OSPF: # Configure Switch A. SwitchA> system-view [SwitchA] router id 1.1.1.1 [SwitchA] ospf 100 [SwitchA-ospf-100] area 0 [SwitchA-ospf-100-area-0.0.0.0] network 192.1.1.0 0.0.0.255 [SwitchA-ospf-100-area-0.0.0.
# Configure Switch B as the GR helper: enable the link-local signaling capability and the out-of-band re-synchronization capability for OSPF process 100. [SwitchB-ospf-100] enable link-local-signaling [SwitchB-ospf-100] enable out-of-band-resynchronization # Configure Switch C as the GR helper: enable the link-local signaling capability and the out-of-band re-synchronization capability for OSPF process 100.
%Oct 21 15:29:30:921 2011 SwitchA OSPF/5/OSPF_NBR_CHG: -MDC=1; OSPF 100 Neighbor 192.1.1.3(Vlan-interface100) from Full to Down. %Oct 21 15:29:33:815 2011 SwitchA OSPF/5/OSPF_NBR_CHG: -MDC=1; OSPF 100 Neighbor 192.1.1.3(Vlan-interface100) from Loading to Full. %Oct 21 15:29:35:578 2011 SwitchA OSPF/5/OSPF_NBR_CHG: -MDC=1; OSPF 100 Neighbor 192.1.1.2(Vlan-interface100) from Loading to Full. The output shows that Switch A completes GR.
[SwitchA] interface vlan 11 [SwitchA-Vlan-interface11] ospf cost 2 [SwitchA-Vlan-interface11] quit # Configure Switch B. system-view [SwitchB] ospf [SwitchB-ospf-1] area 0 [SwitchB-ospf-1-area-0.0.0.0] network 192.168.0.0 0.0.0.255 [SwitchB-ospf-1-area-0.0.0.0] network 13.1.1.0 0.0.0.255 [SwitchB-ospf-1-area-0.0.0.0] network 120.1.1.0 0.0.0.255 [SwitchB-ospf-1-area-0.0.0.
IPv4 Session Working Under Ctrl Mode: LD/RD SourceAddr DestAddr State Holdtime Interface 3/1 192.168.0.102 192.168.0.100 Up 1700ms Vlan10 # Display routes destined for 120.1.1.0/24 on Switch A. display ip routing-table 120.1.1.0 verbose Summary Count : 1 Destination: 120.1.1.
OSPF FRR configuration example Network requirements As shown in Figure 31, Switch S, Switch A, and Switch D reside in the same OSPF domain. Configure OSPF FRR so that when the link between Switch S and Switch D fails, traffic is immediately switched to Link B. Figure 31 Network diagram Configuration procedure 1. Configure IP addresses and subnet masks for interfaces on the switches. (Details not shown.) 2.
[SwitchS-route-policy-frr-10] quit [SwitchS] ospf 1 [SwitchS-ospf-1] fast-reroute route-policy frr [SwitchS-ospf-1] quit # Configure Switch D. system-view [SwitchD] bfd echo-source-ip 3.3.3.3 [SwitchD] ip prefix-list abc index 10 permit 1.1.1.1 32 [SwitchD] route-policy frr permit node 10 [SwitchD-route-policy-frr-10] if-match ip address prefix-list abc [SwitchD-route-policy-frr-10] apply fast-reroute backup-interface vlan-interface 101 backup-nexthop 24.24.24.
TableID: 0x2 NBRID: 0x26000002 AttrID: 0xffffffff OrigAs: 0 LastAs: 0 Neighbor: 0.0.0.0 Flags: 0x1008c OrigNextHop: 13.13.13.1 Label: NULL RealNextHop: 13.13.13.1 BkLabel: NULL BkNextHop: 24.24.24.2 Tunnel ID: Invalid Interface: Vlan-interface200 BkTunnel ID: Invalid BkInterface: Vlan-interface101 Troubleshooting OSPF configuration No OSPF neighbor relationship established Symptom No OSPF neighbor relationship can be established.
3. Use the display ospf lsdb command to verify the LSDB. 4. Use the display current-configuration configuration ospf command to verify area configuration. If more than two areas are configured, at least one area is connected to the backbone. 5. In a stub area, all routers attached are configured with the stub command. In an NSSA area, all routers attached are configured with the nssa command. 6.
Configuring IS-IS This chapter describes how to configure IS-IS for IPv4 networks. Overview Intermediate System-to-Intermediate System (IS-IS) is a dynamic routing protocol designed by the ISO to operate on the connectionless network protocol (CLNP). IS-IS was modified and extended in RFC 1195 by the IETF for application in both TCP/IP and OSI reference models, called "Integrated IS-IS" or "Dual IS-IS." IS-IS is an IGP used within an AS. It uses the SPF algorithm for route calculation.
• System ID—Identifies the host. • SEL—Identifies the type of service. The IDP and DSP are variable in length. The length of an NSAP address ranges from 8 bytes to 20 bytes. Figure 32 NSAP address format Area address The area address comprises the IDP and the HO-DSP of the DSP, which identify the area and the routing domain. Different routing domains cannot have the same area address. Typically, a router only needs one area address, and all nodes in the same area must have the same area address.
• Area ID—Has a length of 1 to 13 bytes. • System ID—A system ID uniquely identifies a host or router in the area and has a fixed length of 6 bytes. • SEL—Has a value of 0 and a fixed length of 1 byte. For example, for a NET ab.cdef.1234.5678.9abc.00, the area ID is ab.cdef, the system ID is 1234.5678.9abc, and the SEL is 00. Typically, a router only needs one NET, but it can have a maximum of three NETs for smooth area merging and partitioning.
Figure 33 IS-IS topology 1 Area 3 Area 2 L1/L2 L1/L2 L2 L2 L1 Area 1 L2 L2 Area 5 L1/L2 Area 4 L1 L1/L2 L1 L1 L1 L1 Figure 34 shows another IS-IS topology. The Level-1-2 routers connect to the Level-1 and Level-2 routers, and form the IS-IS backbone together with the Level-2 routers. No area is defined as the backbone in this topology. The backbone comprises all contiguous Level-2 and Level-1-2 routers in different areas. The IS-IS backbone does not need to be a specific area.
passing through the Level-1-2 router might not be the best. To solve this problem, IS-IS provides the route leaking feature. Route leaking enables a Level-1-2 router to advertise the routes of other Level-1 areas and the Level-2 area to the connected Level-1 area so that the Level-1 routers can select the optimal routes for packets. IS-IS network types Network types IS-IS supports the broadcast network (for example, Ethernet and Token Ring) and the point-to-point network (for example, PPP and HDLC).
NOTE: On an IS-IS broadcast network, all routers establish adjacency relationships, but they synchronize their LSDBs through the DIS. IS-IS PDUs PDU IS-IS PDUs are encapsulated into link layer frames. An IS-IS PDU has two parts, the headers and the variable length fields. The headers comprise the PDU common header and the PDU specific header. All PDUs have the same PDU common header. The specific headers vary by PDU type.
A CSNP describes the summary of all LSPs for LSDB synchronization between neighboring routers. On broadcast networks, CSNPs are sent by the DIS periodically (every 10 seconds by default). On point-to-point networks, CSNPs are sent only during the first adjacency establishment. A PSNP only contains the sequence numbers of one or multiple latest received LSPs. It can acknowledge multiple LSPs at one time. When LSDBs are not synchronized, a PSNP is used to request missing LSPs from a neighbor.
• RFC 2966, Domain-wide Prefix Distribution with Two-Level IS-IS • RFC 2973, IS-IS Mesh Groups • RFC 3277, IS-IS Transient Blackhole Avoidance • RFC 3358, Optional Checksums in ISIS • RFC 3373, Three-Way Handshake for IS-IS Point-to-Point Adjacencies • RFC 3567, Intermediate System to Intermediate System (IS-IS) Cryptographic Authentication • RFC 3719, Recommendations for Interoperable Networks using IS-IS • RFC 3786, Extending the Number of IS-IS LSP Fragments Beyond the 256 Limit • RFC 37
Tasks at a glance (Optional.) Enhancing IS-IS network security: • Configuring neighbor relationship authentication • Configuring area authentication • Configuring routing domain authentication (Optional.) Configuring IS-IS GR (Optional.) Configuring BFD for IS-IS (Optional.) Configuring IS-IS FRR Configuring basic IS-IS Configuration prerequisites Before the configuration, complete the following tasks: • Configure the link layer protocol.
To configure the IS level and circuit level: Step Command Remarks 1. Enter system view. system-view N/A 2. Enter IS-IS view. isis [ process-id ] N/A 3. Specify the IS level. is-level { level-1 | level-1-2 | level-2 } By default, the IS level is Level-1-2. 4. Return to system view. quit N/A 5. Enter interface view. interface interface-type interface-number N/A 6. Specify the circuit level.
Configuring IS-IS link cost The IS-IS cost of an interface is determined in the following order: 1. IS-IS cost specified in interface view. 2. IS-IS cost specified in system view. The cost is applied to the interfaces associated with the IS-IS process. 3. Automatically calculated cost. If the cost style is wide or wide-compatible, IS-IS automatically calculates the cost using the formula: Interface cost = (Bandwidth reference value / Expected interface bandwidth) × 10, in the range of 1 to 16777214.
Step Command Remarks 3. (Optional.) Specify an IS-IS cost style. cost-style { narrow | wide | wide-compatible | { compatible | narrow-compatible } [ relax-spf-limit ] } By default, the IS-IS cost style is narrow. 4. Specify a global IS-IS cost. circuit-cost value [ level-1 | level-2 ] By default, no global cost is specified. Enabling automatic IS-IS cost calculation Step Command Remarks 1. Enter system view. system-view N/A 2. Enter IS-IS view. isis [ process-id ] N/A 3.
Step 3. Command Specify the maximum number of ECMP routes. maximum load-balancing number Remarks By default, the maximum number of ECMP routes is the same as that configured in the max-ecmp-num command. For more information about the max-ecmp-num command, see Layer 3—IP Routing Command Reference. Configuring IS-IS route summarization Perform this task to summarize specific routes, including IS-IS routes and redistributed routes, into a single route.
To configure IS-IS route redistribution from other routing protocols: Step Command Remarks 1. Enter system view. system-view N/A 2. Enter IS-IS view. isis [ process-id ] N/A By default, no route is redistributed. 3. 4. Redistribute routes from other routing protocols or other IS-IS processes.
Step Command Remarks 1. Enter system view. system-view N/A 2. Enter IS-IS view. isis [ process-id ] N/A 3. Filter routes redistributed from other routing protocols or IS-IS processes. filter-policy { acl-number | prefix-list prefix-list-name | route-policy route-policy-name } export [ protocol [ process-id ] ] By default, IS-IS route filtering is not configured. Configuring IS-IS route leaking Perform this task to control route advertisement (route leaking) between Level-1 and Level-2.
Step 2. Enter interface view. Command Remarks interface interface-type interface-number N/A The default setting is 10 seconds. 3. Specify the interval for sending hello packets. isis timer hello seconds [ level-1 | level-2 ] The interval between hello packets sent by the DIS is 1/3 the hello interval set with the isis timer hello command. Specifying the IS-IS hello multiplier The hello multiplier is the number of hello packets a neighbor must miss before it declares that the router is down.
Configuring a DIS priority for an interface On a broadcast network, IS-IS must elect a router as the DIS at a routing level. You can specify a DIS priority at a level for an interface. The greater the interface's priority, the more likely it becomes the DIS. If multiple routers in the broadcast network have the same highest DIS priority, the router with the highest MAC address becomes the DIS. To configure a DIS priority for an interface: Step Command Remarks 1. Enter system view. system-view N/A 2.
Step Enable the interface to send small hello packets without CLVs. 3. Command Remarks isis small-hello By default, the interface can send standard hello packets. Configuring LSP parameters Configuring LSP timers 1. Specify the maximum age of LSPs. Each LSP has an age that decreases in the LSDB. Any LSP with an age of 0 is deleted from the LSDB. You can adjust the age value based on the scale of a network. To specify the maximum age of LSPs: Step Command Remarks 1. Enter system view.
3. Specify LSP sending intervals. If a change occurs in the LSDB, IS-IS advertises the changed LSP to neighbors. You can specify the minimum interval for sending these LSPs to control the amount of LSPs on the network. On a P2P link, IS-IS requires an advertised LSP be acknowledged. If no acknowledgement is received within a configurable interval, IS-IS will retransmit the LSP. To configure LSP sending intervals: Step Command Remarks 1. Enter system view. system-view N/A 2. Enter interface view.
Step Command Remarks 2. Enter IS-IS view. isis [ process-id ] N/A 3. Enable LSP flash flooding. flash-flood [ flood-count flooding-count | max-timer-interval flooding-interval | [ level-1 | level-2 ] ] * By default, LSP flash flooding is disabled. Enabling LSP fragment extension Perform this task to enable IS-IS fragment extension for an IS-IS process. The MTUs of all interfaces running the IS-IS process must not be less than 512. Otherwise, LSP fragment extension does not take effect.
Configuring convergence priorities for specific routes A topology change causes IS-IS routing convergence. To improve convergence speed, you can assign convergence priorities to IS-IS routes. Convergence priority levels are critical, high, medium, and low. The higher the convergence priority, the faster the convergence speed. By default, IS-IS host routes have medium convergence priority, and other IS-IS routes have low convergence priority.
Configuring a static system ID to host name mapping Step Command Remarks 1. Enter system view. system-view N/A 2. Enter IS-IS view. isis [ process-id ] N/A 3. Configure a system ID to host name mapping for a remote IS. is-name map sys-id map-sys-name A system ID can correspond to only one host name. Configuring dynamic system ID to host name mapping Static system ID to host name mapping requires you to manually configure a mapping for each router in the network.
Step Command Remarks 1. Enter system view. system-view N/A 2. Enter IS-IS view. isis [ process-id ] N/A 3. Enable the logging of neighbor state changes. log-peer-change By default, the logging of neighbor state changes is enabled. Enabling IS-IS ISPF When the network topology changes, Incremental Shortest Path First (ISPF) computes only the affected part of the SPT, instead of the entire SPT. To enable IS-IS ISPF: Step Command Remarks 1. Enter system view. system-view N/A 2.
Step Command Remarks 4. Enter IS-IS view. isis [ process-id ] N/A 5. Configure the context name for the SNMP object for managing IS-IS. snmp context-name context-name By default, no context name is set for the SNMP object for managing IS-IS. Enhancing IS-IS network security To enhance the security of an IS-IS network, you can configure IS-IS authentication. IS-IS authentication involves neighbor relationship authentication, area authentication, and routing domain authentication.
Step Command Remarks 1. Enter system view. system-view N/A 2. Enter IS-IS view. isis [ process-id ] N/A 3. Specify the area authentication mode and password. area-authentication-mode { md5 | simple } { cipher cipher-string | plain plain-string } [ ip | osi ] By default, no area authentication is configured. Configuring routing domain authentication Routing domain authentication prevents untrusted routing information from entering into a routing domain.
completed within the holdtime, the neighbors tear down the neighbor relationship and the GR process fails. To configure GR on the GR restarter: Step Command Remarks 1. Enter system view. system-view N/A 2. Enable IS-IS and enter IS-IS view. isis [ process-id ] N/A 3. Enable IS-IS GR. graceful-restart By default, the GR capability for IS-IS is disabled. 4. (Optional.) Suppress the SA bit during restart. graceful-restart suppress-sa 5. (Optional.) Configure the T1 timer.
Figure 38 Network diagram for IS-IS FRR In Figure 38, after you enable FRR on Router B, IS-IS automatically calculates or designates a backup next hop when a link failure is detected. In this way, packets are directed to the backup next hop to reduce traffic recovery time. Meanwhile, IS-IS calculates the shortest path based on the new network topology, and forwards packets over the path after network convergence.
FRR. For more information about the apply fast-reroute backup-interface command and routing policy configurations, see "Configuring routing policies." To configure IS-IS FRR using a routing policy: Step Command Remarks 1. Enter system view. system-view N/A 2. Configure the source address of echo packets. bfd echo-source-ip ip-address By default, the source address of echo packets is not configured. 3. Enter IS-IS view. isis [ process-id ] N/A 4. Enable IS-IS FRR using a routing policy.
Task Command Display IS-IS IPv4 routing information. display isis route [ ipv4 [ ip-address mask-length ] ] [ [ level-1 | level-2 ] | verbose ] * [ process-id ] Display IS-IS IPv4 topology information. display isis spf-tree [ ipv4 ] [ [ level-1 | level-2 ] | verbose ] * [ process-id ] Display IS-IS statistics. display isis statistics [ level-1 | level-1-2 | level-2 ] [ process-id ] Display OSI connection information (in standalone mode).
Figure 39 Network diagram Configuration procedure 1. Configure IP addresses for interfaces. (Details not shown.) 2. Configure IS-IS: # Configure Switch A. system-view [SwitchA] isis 1 [SwitchA-isis-1] is-level level-1 [SwitchA-isis-1] network-entity 10.0000.0000.0001.00 [SwitchA-isis-1] quit [SwitchA] interface vlan-interface 100 [SwitchA-Vlan-interface100] isis enable 1 [SwitchA-Vlan-interface100] quit # Configure Switch B.
[SwitchC] interface vlan-interface 300 [SwitchC-Vlan-interface300] isis enable 1 [SwitchC-Vlan-interface300] quit # Configure Switch D. system-view [SwitchD] isis 1 [SwitchD-isis-1] is-level level-2 [SwitchD-isis-1] network-entity 20.0000.0000.0004.
0000.0000.0003.00-00 0x00000014 0x194a 1190 111 1/0/0 0000.0000.0003.01-00 0x00000002 0xabdb 995 55 0/0/0 *-Self LSP, +-Self LSP(Extended), ATT-Attached, P-Partition, OL-Overload [SwitchC] display isis lsdb Database information for IS-IS(1) --------------------------------Level-1 Link State Database --------------------------LSPID Seq Num Checksum Holdtime Length ATT/P/OL -------------------------------------------------------------------------0000.0000.0001.
[SwitchA] display isis route Route information for IS-IS(1) ------------------------------ Level-1 IPv4 Forwarding Table ----------------------------- IPv4 Destination IntCost ExtCost ExitInterface NextHop Flags ------------------------------------------------------------------------------10.1.1.0/24 10 NULL Vlan100 Direct D/L/- 10.1.2.0/24 20 NULL Vlan100 10.1.1.1 R/-/- 192.168.0.0/24 20 NULL Vlan100 10.1.1.1 R/-/- 0.0.0.0/0 10 NULL Vlan100 10.1.1.
Level-2 IPv4 Forwarding Table ----------------------------IPv4 Destination IntCost ExtCost ExitInterface NextHop Flags ------------------------------------------------------------------------------192.168.0.0/24 10 NULL Vlan300 Direct D/L/- 10.1.1.0/24 20 NULL Vlan300 192.168.0.1 R/-/- 10.1.2.0/24 20 NULL Vlan300 192.168.0.1 R/-/- 172.16.0.
[SwitchA-Vlan-interface100] quit # Configure Switch B. system-view [SwitchB] isis 1 [SwitchB-isis-1] network-entity 10.0000.0000.0002.00 [SwitchB-isis-1] quit [SwitchB] interface vlan-interface 100 [SwitchB-Vlan-interface100] isis enable 1 [SwitchB-Vlan-interface100] quit # Configure Switch C. system-view [SwitchC] isis 1 [SwitchC-isis-1] network-entity 10.0000.0000.0003.
# Display information about IS-IS interfaces on Switch A. [SwitchA] display isis interface Interface information for IS-IS(1) ---------------------------------Interface: Vlan-interface100 Id IPv4.State IPv6.State MTU Type DIS 001 Up Down 1497 L1/L2 No/No # Display information about IS-IS interfaces on Switch C. [SwitchC] display isis interface Interface information for IS-IS(1) ---------------------------------- Interface: Vlan-interface100 Id IPv4.State IPv6.
System Id: 0000.0000.0002 Interface: Vlan-interface100 Circuit Id: 0000.0000.0001.01 State: Up Type: L2(L1L2) HoldTime: 28s PRI: 64 System Id: 0000.0000.0004 Interface: Vlan-interface100 Circuit Id: 0000.0000.0001.01 State: Up Type: L2 HoldTime: 30s PRI: 64 # Display information about IS-IS interfaces on Switch A. [SwitchA] display isis interface Interface information for IS-IS(1) ---------------------------------Interface: Vlan-interface100 Id IPv4.State IPv6.
System Id: 0000.0000.0002 Interface: Vlan-interface100 Circuit Id: 0000.0000.0001.01 State: Up Type: L2 HoldTime: 28s PRI: 64 [SwitchD] display isis interface Interface information for IS-IS(1) ---------------------------------- Interface: Vlan-interface100 Id IPv4.State IPv6.State MTU Type DIS 001 Up Down 1497 L1/L2 No/No IS-IS route redistribution configuration example Network requirements As shown in Figure 41, Switch A, Switch B, Switch C, and Switch D reside in the same AS.
# Configure Switch B. system-view [SwitchB] isis 1 [SwitchB-isis-1] is-level level-1 [SwitchB-isis-1] network-entity 10.0000.0000.0002.00 [SwitchB-isis-1] quit [SwitchB] interface vlan-interface 200 [SwitchB-Vlan-interface200] isis enable 1 [SwitchB-Vlan-interface200] quit # Configure Switch C. system-view [SwitchC] isis 1 [SwitchC-isis-1] network-entity 10.0000.0000.0003.
Flags: D-Direct, R-Added to Rib, L-Advertised in LSPs, U-Up/Down Bit Set [SwitchC] display isis route Route information for IS-IS(1) -----------------------------Level-1 IPv4 Forwarding Table ----------------------------IPv4 Destination IntCost ExtCost ExitInterface NextHop Flags ------------------------------------------------------------------------------10.1.1.0/24 10 NULL VLAN100 Direct D/L/- 10.1.2.0/24 10 NULL VLAN200 Direct D/L/- 192.168.0.
[SwitchD-rip-1] undo summary # Configure RIPv2 on Switch E. [SwitchE] rip 1 [SwitchE-rip-1] network 10.0.0.0 [SwitchE-rip-1] version 2 [SwitchE-rip-1] undo summary # Configure IS-IS to redistribute RIP routes on Switch D. [SwitchD-rip-1] quit [SwitchD] isis 1 [SwitchD–isis-1] import-route rip level-2 # Display IS-IS routing information on Switch C.
Configure neighbor relationship authentication between neighbors. Configure area authentication in Area 10 to prevent untrusted routes from entering into the area. Configure routing domain authentication on Switch C and Switch D to prevent untrusted routes from entering the routing domain. Figure 42 Network diagram Configuration procedure 1. Configure IP addresses for interfaces. (Details not shown.) 2. Configure basic IS-IS: # Configure Switch A.
[SwitchC-Vlan-interface300] quit [SwitchC] interface vlan-interface 300 [SwitchC-Vlan-interface300] isis enable 1 [SwitchC-Vlan-interface300] quit # Configure Switch D. system-view [SwitchD] isis 1 [SwitchD-isis-1] network-entity 20.0000.0000.0001.00 [SwitchD-isis-1] quit [SwitchD] interface vlan-interface 300 [SwitchD-Vlan-interface300] isis enable 1 [SwitchD-Vlan-interface300] quit 3.
[SwitchC-isis-1] quit 5. Configure routing domain authentication mode as MD5 and set the plaintext password to 1020Sec on Switch C and Switch D. [SwitchC] isis 1 [SwitchC-isis-1] domain-authentication-mode md5 plain 1020Sec [SwitchC-isis-1] quit [SwitchD] isis 1 [SwitchD-isis-1] domain-authentication-mode md5 plain 1020Sec IS-IS GR configuration example Network requirements As shown in Figure 43, Switch A, Switch B, and Switch C belong to the same IS-IS routing domain.
Restart information for IS-IS(1) -------------------------------Restart status: COMPLETE Restart phase: Finish Restart t1: 3, count 10; Restart t2: 60; Restart t3: 300 SA Bit: supported Level-1 restart information --------------------------Total number of interfaces: 1 Number of waiting LSPs: 0 Level-2 restart information --------------------------Total number of interfaces: 1 Number of waiting LSPs: 0 BFD for IS-IS configuration example Network requirements • As shown in Figure 44, run IS-IS on Switch A
# Configure Switch A. system-view [SwitchA] isis [SwitchA-isis-1] network-entity 10.0000.0000.0001.00 [SwitchA-isis-1] quit [SwitchA] interface vlan-interface 10 [SwitchA-Vlan-interface10] isis enable [SwitchA-Vlan-interface10] quit [SwitchA] interface vlan-interface 11 [SwitchA-Vlan-interface11] isis enable [SwitchA-Vlan-interface11] quit # Configure Switch B. system-view [SwitchB] isis [SwitchB-isis-1] network-entity 10.0000.0000.0002.
[SwitchB-Vlan-interface10] bfd detect-multiplier 8 [SwitchB-Vlan-interface10] return Verifying the configuration # Display the BFD session information on Switch A. display bfd session Total Session Num: 1 Up Session Num: 1 Init Mode: Active IPv4 Session Working Under Ctrl Mode: LD/RD SourceAddr DestAddr State Holdtime Interface 3/1 192.168.0.102 192.168.0.100 Up 1700ms Vlan10 # Display routes destined for 120.1.1.0/24 on Switch A. display ip routing-table 120.1.1.
Flags: 0x1008c OrigNextHop: 10.1.1.100 Label: NULL RealNextHop: 10.1.1.100 BkLabel: NULL BkNextHop: N/A Tunnel ID: Invalid Interface: Vlan-interface11 BkTunnel ID: Invalid BkInterface: N/A The output shows that Switch A and Switch B communicate through VLAN-interface 11. IS-IS FRR configuration example Network requirements As shown in Figure 45, Switch S, Switch A, and Switch D belong to the same IS-IS routing domain.
system-view [SwitchS] bfd echo-source-ip 1.1.1.1 [SwitchS] ip prefix-list abc index 10 permit 4.4.4.4 32 [SwitchS] route-policy frr permit node 10 [SwitchS-route-policy-frr-10] if-match ip address prefix-list abc [SwitchS-route-policy-frr-10] apply fast-reroute backup-interface vlan-interface 100 backup-nexthop 12.12.12.2 [SwitchS-route-policy-frr-10] quit [SwitchS] isis 1 [SwitchS-isis-1] fast-reroute route-policy frr [SwitchS-isis-1] quit # Configure Switch D.
Destination: 1.1.1.1/32 Protocol: ISIS SubProtID: 0x1 Cost: 10 Tag: 0 OrigTblID: 0x0 TableID: 0x2 NBRID: 0x26000002 AttrID: 0xffffffff Process ID: 1 Age: 04h20m37s Preference: 10 State: Active Adv OrigVrf: default-vrf OrigAs: 0 LastAs: 0 Neighbor: 0.0.0.0 Flags: 0x1008c OrigNextHop: 13.13.13.1 Label: NULL RealNextHop: 13.13.13.1 BkLabel: NULL BkNextHop: 24.24.24.
Configuring BGP Overview Border Gateway Protocol (BGP) is an exterior gateway protocol (EGP). It is called internal BGP (IBGP) when it runs within an AS and called external BGP (EBGP) when it runs between ASs. The current version in use is BGP-4 (RFC 4271). BGP has the following characteristics: • Focuses on route control and selection rather than route discovery and calculation. • Uses TCP to enhance reliability.
BGP path attributes BGP uses the following path attributes in update messages for route filtering and selection: • ORIGIN The ORIGIN attribute specifies the origin of BGP routes. This attribute has the following types: { IGP—Has the highest priority. Routes generated in the local AS have the IGP attribute. { EGP—Has the second highest priority. Routes obtained through EGP have the EGP attribute. { • INCOMPLETE—Has the lowest priority. The source of routes with this attribute is unknown.
{ • Filter routes—By using an AS path list, you can filter routes based on AS numbers contained in the AS_PATH attribute. For more information about AS path list, see "Configuring routing policies." NEXT_HOP The NEXT_HOP attribute might not be the IP address of a directly-connected router. Its value is determined as follows: { { { When a BGP speaker advertises a self-originated route to a BGP peer, it sets the address of the sending interface as the NEXT_HOP.
MED attribute MED = 0 Router B 2.1.1.1 D = 9.0.0.0 Next_hop = 2.1.1.1 MED = 0 EBGP IBGP 9.0.0.0 IBGP Router A D = 9.0.0.0 Next_hop = 3.1.1.1 MED = 100 AS 10 EBGP Router D IBGP 3.1.1.1 Router C MED = 100 AS 20 Generally BGP only compares MEDs of routes received from the same AS. You can also use the compare-different-as-med command to force BGP to compare MED values of routes received from different ASs.
LOCAL_PREF attribute • COMMUNITY The COMMUNITY attribute identifies the community of BGP routes. A BGP community is a group of routes with the same characteristics. It has no geographical boundaries. Routes of different ASs can belong to the same community. A route can carry one or more COMMUNITY attribute values (each of which is represented by a 4-byte integer).
BGP route selection BGP discards routes with unreachable NEXT_HOPs. If multiple routes to the same destination are available, BGP selects the best route in the following sequence: 1. The route with the highest Preferred_value. 2. The route with the highest LOCAL_PREF. 3. The route generated by the network command, the route redistributed by the import-route command, or the summary route in turn. 4. The route with the shortest AS_PATH. 5. The IGP, EGP, or INCOMPLETE route in turn. 6.
The system supports BGP load balancing based on route recursion. If multiple recursive routes to the same destination are load balanced (suppose three direct next hop addresses), BGP generates the same number of next hops to forward packets. BGP load balancing based on route recursion is always enabled by the system rather than configured by using commands. • BGP load balancing through route selection.
Settlements for problems in large-scale BGP networks You can use the following methods to facilitate management and improve route distribution efficiency on a large-scale BGP network. • Route summarization Route summarization can reduce the BGP routing table size by advertising summary routes rather than more specific routes. The system supports both manual and automatic route summarization.
• Community You can apply a community list or an extended community list to a routing policy for route control. For more information, see "BGP path attributes." • Route reflector IBGP peers must be fully meshed to maintain connectivity. If n routers exist in an AS, the number of IBGP connections is n(n-1)/2. If a large number of IBGP peers exist, large amounts of network and CPU resources are consumed to maintain sessions. Using route reflectors can solve this issue.
When the BGP routers in an AS are fully meshed, route reflection is unnecessary because it consumes more bandwidth resources. You can use commands to disable route reflection instead of modifying network configuration or changing network topology. After route reflection is disabled between clients, routes can still be reflected between a client and a non-client. • Confederation Confederation is another method to manage growing IBGP connections in an AS. It splits an AS into multiple sub-ASs.
• RFC 4271, A Border Gateway Protocol 4 (BGP-4) • RFC 4724, Graceful Restart Mechanism for BGP • RFC 4360, BGP Extended Communities Attribute BGP configuration task list In a basic BGP network, you only need to perform the following configurations: • Enable BGP. • Configure BGP peers or peer groups. If you configure a BGP setting at both the peer group and the peer level, the most recent configuration takes effect on the peer. • Control BGP route generation.
Tasks at a glance Remarks (Optional.
Step Command Remarks router id router-id By default, no global router ID is configured, and BGP uses the highest loopback interface IP address—if any—as the router ID. If no loopback interface IP address is available, BGP uses the highest physical interface IP address as the route ID regardless of the interface status. 2. Configure a global router ID. 3. Enable BGP and enter BGP view. bgp as-number 4. Configure the router ID. router-id router-id By default, BGP is not enabled.
Configuring an IBGP peer group After you create an IBGP peer group and then add a peer into it, the system creates the peer in BGP view and specifies the local AS number for the peer. To configure an IBGP peer group: Step Command Remarks 1. Enter system view. system-view N/A 2. Enter BGP view. bgp as-number N/A 3. Create an IBGP peer group. group group-name [ internal ] By default, no IBGP peer group is created. By default, no peer exists in the peer group. 4.
Step 4. Command Specify the AS number for the group. peer group-name as-number as-number Remarks By default, no AS number is specified. If a peer group contains peers, you cannot remove or change its AS number. By default, no peer exists in the peer group. 5. Add a peer into the EBGP peer group. peer ip-address group group-name [ as-number as-number ] The as-number as-number option, if used, must specify the same AS number as the peer group-name as-number as-number command. 6. (Optional.
Step Command Remarks 1. Enter system view. system-view N/A 2. Enter BGP view. bgp as-number N/A 3. Create an EBGP peer group. group group-name external By default, no EBGP peer group is created. 4. Add a peer into the EBGP peer group. peer ip-address group group-name as-number as-number By default, no peer exists in the peer group. 5. (Optional.) Configure a description for the peer group.
Step Specify the source interface for establishing TCP connections to a peer or peer group. 3. Command Remarks peer { group-name | ip-address } connect-interface interface-type interface-number By default, BGP uses the outbound interface of the best route to the BGP peer or peer group as the source interface for establishing a TCP connection to the peer or peer group. Generating BGP routes BGP can generate routes in the following ways: • Advertise local networks. • Redistribute IGP routes.
Step Command Remarks 1. Enter system view. system-view N/A 2. Enter BGP view. bgp as-number N/A 3. Enter BGP IPv4 unicast address family view. address-family ipv4 [ unicast ] N/A 4. Enable route redistribution from the specified IGP into BGP. import-route protocol [ { process-id | all-processes } [ med med-value | route-policy route-policy-name ] * ] By default, BGP does not redistribute IGP routes. 5. (Optional.) Enable default route redistribution into BGP.
Step Command Remarks 1. Enter system view. system-view N/A 2. Enter BGP view. bgp as-number N/A 3. Enter BGP IPv4 unicast address family view. address-family ipv4 [ unicast ] N/A Create a summary route in the BGP routing table. aggregate ip-address { mask | mask-length } [ as-set | attribute-policy route-policy-name | detail-suppressed | origin-policy route-policy-name | suppress-policy route-policy-name ] * By default, no summary route is configured. 4.
Limiting routes received from a peer or peer group This feature can prevent attacks that send a large number of BGP routes to the router. If the number of routes received from a peer or peer group exceeds the upper limit, the router takes one of the following actions based on your configuration: • Tear down the BGP session to the peer or peer group. • Continue to receive routes from the peer or peer group and generate an alarm message.
3. peer as-path-acl export 4. peer prefix-list export 5. peer route-policy export Only routes passing all the configured policies can be advertised. To configure BGP route distribution filtering policies: Step Command Remarks 1. Enter system view. system-view N/A 2. Enter BGP view. bgp as-number N/A 3. Enter BGP IPv4 unicast address family view.
If you configure multiple filtering policies, apply them in the following sequence: 1. filter-policy import 2. peer filter-policy import 3. peer as-path-acl import 4. peer prefix-list import 5. peer route-policy import Only routes passing all the configured policies can be received. To configure BGP route reception filtering policies (IPv4): Step Command Remarks 1. Enter system view. system-view N/A 2. Enter BGP view. bgp as-number N/A 3. Enter BGP IPv4 unicast address family view.
Step Command Remarks 1. Enter system view. system-view N/A 2. Enter BGP view. bgp as-number N/A 3. Enter BGP IPv4 unicast address family view. address-family ipv4 [ unicast ] N/A 4. Configure BGP route dampening. dampening [ half-life-reachable half-life-unreachable reuse suppress ceiling | route-policy route-policy-name ] * By default, BGP route dampening is not configured. Controlling BGP path selection By configuring BGP path attributes, you can control BGP path selection.
Step Command Remarks 1. Enter system view. system-view N/A 2. Enter BGP view. bgp as-number N/A 3. Enter BGP IPv4 unicast address family view. address-family ipv4 [ unicast ] N/A 4. Configure preferences for EBGP, IBGP, and local BGP routes. preference { external-preference internal-preference local-preference | route-policy route-policy-name } The default preferences for EBGP, IBGP, and local BGP routes are 255, 255, and 130. 5. Configure an EBGP route as a shortcut route.
Step Configure the default MED value. 4. Command Remarks default med med-value The default MED value is 0. Enabling MED comparison for routes from different ASs This task enables BGP to compare the MEDs of routes from different ASs. To enable MED comparison for routes from different ASs: Step Command Remarks 1. Enter system view. system-view N/A 2. Enter BGP view. bgp as-number N/A 3. Enter BGP IPv4 unicast address family view. address-family ipv4 [ unicast ] N/A 4.
NextHop MED *>i Network 10.0.0.0 1.1.1.1 60 0 200e * i 10.0.0.0 2.2.2.2 50 0 300e 3.3.3.3 50 0 200e * i LocPrf PrefVal Path/Ogn However, Router C and Router A reside in the same AS, and Router C has a greater MED, so network 10.0.0.0 learned from Router C should not be optimal. You can configure the bestroute compare-med command to enable MED comparison for routes from the same AS on Router D.
Configuring the NEXT_HOP attribute By default, a BGP router does not set itself as the next hop for routes advertised to an IBGP peer or peer group. In some cases, however, you must configure the advertising router as the next hop to make sure the BGP peer can find the correct next hop. For example, as shown in Figure 56, Router A and Router B establish an EBGP neighbor relationship, and Router B and Router C establish an IBGP neighbor relationship. If Router C has no route destined for IP address 1.1.1.
Step 4. Specify the router as the next hop for routes sent to a peer or peer group. Command Remarks peer { group-name | ip-address } next-hop-local By default, the router sets itself as the next hop for routes sent to an EBGP peer or peer group, but does not set itself as the next hop for routes sent to an IBGP peer or peer group.
Step Command Remarks 1. Enter system view. system-view N/A 2. Enter BGP view. bgp as-number N/A 3. Advertise a fake AS number to a peer or peer group. peer { group-name | ip-address } fake-as as-number By default, no fake AS number is advertised to a peer or peer group. This command applies to only EBGP peers or EBGP peer groups. Configuring AS number substitution IMPORTANT: Do not configure AS number substitution in normal circumstances. Otherwise, routing loops might occur.
Step Command Remarks 1. Enter system view. system-view N/A 2. Enter BGP view. bgp as-number N/A 3. Configure BGP to ignore the first AS number of EBGP route updates. ignore-first-as By default, BGP checks the first AS number of EBGP route updates. Tuning and optimizing BGP networks This section describes how to tune and optimize BGP networks. Configuring the keepalive interval and hold time BGP sends keepalive messages at a specific interval to keep the BGP session between two routers.
Configuring the interval for sending updates for the same route A BGP router sends an update message to its peers when a route is changed. If the route changes frequently, the BGP router keeps sending updates for the same route, resulting route flapping. To prevent this situation, perform this task to configure the interval for sending updates for the same route to a peer or peer group. To configure the interval for sending the same update to a peer or peer group: Step Command Remarks 1.
Step Command Remarks 2. Enter BGP view. bgp as-number N/A 3. Enable immediate reestablishment of direct EBGP connections upon link failure. ebgp-interface-sensitive By default, this feature is enabled. Enabling 4-byte AS number suppression BGP supports 4-byte AS numbers. The 4-byte AS number occupies four bytes, in the range of 1 to 4294967295. By default, a device sends an Open message to the peer device for session establishment.
Configuring BGP load balancing Perform this task to specify the maximum number of BGP ECMP routes for load balancing. To specify the maximum number of BGP ECMP routes for load balancing: Step Command Remarks 1. Enter system view. system-view N/A 2. Enter BGP view. bgp as-number N/A 3. Enter BGP IPv4 unicast address family view. address-family ipv4 [ unicast ] N/A 4. Specify the maximum number of BGP ECMP routes for load balancing. balance number By default, load balancing is disabled.
Saving updates—Use the peer keep-all-routes command to save all route updates from the specified peer. After modifying the route selection policy, filter routing information by using the new policy. • This method does not require that the local router and the peer support route refresh but it uses more memory resources to save routes.
Step Command Remarks • Enable BGP route refresh for the specified peer or peer group: peer { group-name | ip-address } capability-advertise route-refresh Enable BGP route refresh for a peer or peer group. • Enable BGP route refresh and By default, BGP route refresh is enabled. 4. Return to user view. return N/A 5. Perform manual soft-reset. refresh bgp { ip-address | all | external | group group-name | internal } { export | import } ipv4 [ unicast ] N/A 3.
Configuring BGP community By default, a router does not advertise the COMMUNITY or extended community attribute to its peers or peer groups. When the router receives a route carrying the COMMUNITY or extended community attribute, it removes the attribute before advertising the route to other peers or peer groups. Perform this task to enable a router to advertise the COMMUNITY or extended community attribute to its peers for route filtering and control.
Step Command Remarks 4. Configure the router as a route reflector and specify a peer or peer group as its client. peer { group-name | ip-address } reflect-client By default, no route reflector or client is configured. 5. Enable route reflection between clients. reflect between-clients By default, route reflection between clients is enabled. 6. (Optional.) Configure the cluster ID of the route reflector.
To configure a BGP confederation: Step Command Remarks 1. Enter system view. system-view N/A 2. Enter BGP view. bgp as-number N/A 3. Configure a confederation ID. confederation id as-number By default, no confederation ID is configured. 4. Specify peering sub-ASs in the confederation. confederation peer-as as-number-list By default, no peering sub-AS is specified.
Routing-Information-Base) marker, and control the route convergence speed. If routing information exchange is not completed within the time, the GR restarter does not receive new routes. Instead, the GR restarter updates its routing table and forwarding table with the BGP routes already learned to complete BGP route convergence. The GR helper removes the stale routes. Follow these guidelines when you configure BGP GR: • The End-Of-RIB indicates the end of route updates.
Enabling logging of session state changes Perform this task to enable BGP to log BGP session establishment and disconnection events. To view the log information, use the display bgp peer ipv4 unicast log-info command. The logs are sent to the information center. The output rules of the logs (whether to output the logs and where to output) are determined by the information center configuration.
Configuring BGP FRR When a link fails, the packets on the link are discarded, and a routing loop might occur until BGP completes routing convergence based on the new network topology. You can enable BGP fast reroute (FRR) to resolve this issue. Figure 50 Network diagram for BGP FRR Backup nexthop: Router C Router A Router B Nexthop: Router D Router E After you configure FRR on Router B as shown in Figure 58, BGP generates a backup next hop Router C for the primary route.
Step Command Remarks By default, no backup next hop is set. 4. Set the backup next hop for FRR. apply fast-reroute backup-nexthop ip-address 5. Return to system view. quit N/A 6. Enter BGP view. bgp as-number N/A 7. Enter BGP IPv4 unicast address family view. address-family ipv4 [ unicast ] N/A 8. Enable BGP FRR for the address family. pic For more information about this command, see Layer 3—IP Routing Command Reference. By default, BGP FRR is disabled.
Task Command Display dampened BGP IPv4 unicast routing information. display bgp routing-table dampened ipv4 [ unicast ] Display BGP dampening parameter information. display bgp dampening parameter ipv4 [ unicast ] Display BGP IPv4 unicast routing flap statistics.
Configuration considerations To prevent route flapping caused by port state changes, this example uses loopback interfaces to establish IBGP connections. Because loopback interfaces are virtual interfaces, use the peer connect-interface command to specify the loopback interface as the source interface for establishing BGP connections. Enable OSPF in AS 65009 to make sure that Switch B can communicate with Switch C through loopback interfaces.
BGP local router ID : 3.3.3.3 Local AS number : 65009 Total number of peers : 1 Peer 2.2.2.2 Peers in established state : 1 AS MsgRcvd 65009 2 MsgSent OutQ PrefRcv Up/Down 2 0 State 0 00:00:13 Established The output shows that Switch C has established an IBGP peer relationship with Switch B. 3. Configure EBGP: # Configure Switch A. system-view [SwitchA] bgp 65008 [SwitchA-bgp] router-id 1.1.1.1 [SwitchA-bgp] peer 3.1.1.
s - suppressed, S - Stale, i - internal, e - external Origin: i - IGP, e - EGP, ? - incomplete * > Network NextHop MED 8.1.1.0/24 8.1.1.1 0 LocPrf PrefVal Path/Ogn 0 i # Display the BGP routing table on Switch B. [SwitchB] display bgp routing-table ipv4 Total number of routes: 1 BGP local router ID is 2.2.2.2 Status codes: * - valid, > - best, d - damped, h - history, s - suppressed, S - Stale, i - internal, e - external Origin: i - IGP, e - EGP, ? - incomplete Network * >e 8.1.1.
BGP local router ID is 1.1.1.1 Status codes: * - valid, > - best, d - damped, h - history, s - suppressed, S - Stale, i - internal, e - external Origin: i - IGP, e - EGP, ? - incomplete Network NextHop MED * >e 2.2.2.2/32 3.1.1.1 0 0 65009? e 3.1.1.0/24 3.1.1.1 0 0 65009? 8.1.1.0/24 8.1.1.1 0 0 i * >e 9.1.1.0/24 3.1.1.1 0 0 65009? * > LocPrf PrefVal Path/Ogn Two routes, 2.2.2.2/32 and 9.1.1.0/24, have been added in Switch A's routing table.
BGP and IGP route redistribution configuration example Network requirements As shown in Figure 60, all devices of company A belong to AS 65008, and all devices of company B belong to AS 65009. AS 65008 and AS 65009 are connected through Switch A and Switch B. It is required that Switch A can access network 9.1.2.0/24 in AS 65009, and Switch C can access network 8.1.1.0/24 in AS 65008.
system-view [SwitchA] bgp 65008 [SwitchA-bgp] router-id 1.1.1.1 [SwitchA-bgp] peer 3.1.1.1 as-number 65009 [SwitchA-bgp] address-family ipv4 unicast [SwitchA-bgp-ipv4] peer 3.1.1.1 enable [SwitchA-bgp-ipv4] network 8.1.1.0 24 [SwitchA-bgp-ipv4] quit [SwitchA-bgp] quit # Configure Switch B. [SwitchB] bgp 65009 [SwitchB-bgp] router-id 2.2.2.2 [SwitchB-bgp] peer 3.1.1.2 as-number 65008 [SwitchB-bgp] address-family ipv4 unicast [SwitchB-bgp-ipv4] peer 3.1.1.2 enable 4.
2.2.2.2/32 1 Stub 9.1.1.1 2.2.2.2 0.0.0.0 Destination Cost Type Tag NextHop AdvRouter 8.1.1.0/24 1 Type2 1 9.1.1.1 2.2.2.2 Routing for ASEs Total Nets: 3 Intra Area: 2 Inter Area: 0 ASE: 1 NSSA: 0 Verifying the configuration # Use ping for verification. [SwitchA] ping -a 8.1.1.1 9.1.2.1 Ping 9.1.2.1 (9.1.2.1) from 8.1.1.1: 56 data bytes, press CTRL_C to break 56 bytes from 9.1.2.1: icmp_seq=0 ttl=254 time=10.000 ms 56 bytes from 9.1.2.1: icmp_seq=1 ttl=254 time=12.
Figure 53 Network diagram Configuration procedure 1. Configure IP addresses for interfaces. (Details not shown.) 2. Configure static routing between Switch A and Switch B: # Configure a default route with the next hop 192.168.212.1 on Switch A. system-view [SwitchA] ip route-static 0.0.0.0 0 192.168.212.1 # Configure static routes to 192.168.64.0/24, 192.168.74.0/24, and 192.168.99.0/24 with the same next hop 192.168.212.161 on Switch B. system-view [SwitchB] ip route-static 192.
Summary Count : 5 OSPF Routing table Status : Summary Count : 3 Destination/Mask Proto Pre Cost NextHop Interface 192.168.64.0/24 OSPF 150 1 172.17.100.1 Vlan100 192.168.74.0/24 OSPF 150 1 172.17.100.1 Vlan100 192.168.99.0/24 OSPF 150 1 172.17.100.1 Vlan100 OSPF Routing table Status : Summary Count : 2 Destination/Mask Proto Pre Cost NextHop Interface 10.220.2.0/24 OSPF 10 1 10.220.2.16 Vlan200 172.17.100.0/24 OSPF 10 1 172.17.100.
192.168.99.0/24 BGP 255 1 10.220.2.16 Vlan200 BGP Routing table Status : Summary Count : 0 The output shows that Switch D has learned routes to 192.168.64.0/24, 192.168.74.0/24, and 192.168.99.0/24 through BGP. # Ping hosts on networks 192.168.74.0/24, 192.168.99.0/24, and 192.168.64.0/18 from Switch D. The ping operations succeed. 5. Configure route summarization on Switch C to summarize 192.168.64.0/24, 192.168.74.0/24, and 192.168.99.0/24 into a single route 192.168.64.
Figure 54 Network diagram Configuration considerations On Switch A, establish EBGP connections with Switch B and Switch C. Configure BGP to advertise network 8.1.1.0/24 to Switch B and Switch C, so that Switch B and Switch C can access the internal network connected to Switch A. On Switch B, establish an EBGP connection with Switch A and an IBGP connection with Switch C. Configure BGP to advertise network 9.1.1.0/24 to Switch A, so that Switch A can access the intranet through Switch B.
[SwitchB] bgp 65009 [SwitchB-bgp] router-id 2.2.2.2 [SwitchB-bgp] peer 3.1.1.2 as-number 65008 [SwitchB-bgp] peer 3.3.3.3 as-number 65009 [SwitchB-bgp] peer 3.3.3.3 connect-interface loopback 0 [SwitchB-bgp] address-family ipv4 unicast [SwitchB-bgp-ipv4] peer 3.1.1.2 enable [SwitchB-bgp-ipv4] peer 3.3.3.3 enable [SwitchB-bgp-ipv4] network 9.1.1.0 24 [SwitchB-bgp-ipv4] quit [SwitchB-bgp] quit [SwitchB] ip route-static 3.3.3.3 32 9.1.1.2 # Configure Switch C.
Because Switch A has two routes to reach AS 65009, configuring load balancing over the two BGP routes on Switch A can improve link usage. # Configure Switch A. [SwitchA] bgp 65008 [SwitchA-bgp] address-family ipv4 unicast [SwitchA-bgp-ipv4] balance 2 [SwitchA-bgp-ipv4] quit [SwitchA-bgp] quit Verifying the configuration # Display the BGP routing table on Switch A. [SwitchA] display bgp routing-table ipv4 Total number of routes: 3 BGP local router ID is 1.1.1.
Figure 55 Network diagram Configuration procedure 1. Configure IP addresses for interfaces. (Details not shown.) 2. Configure EBGP: # Configure Switch A. system-view [SwitchA] bgp 10 [SwitchA-bgp] router-id 1.1.1.1 [SwitchA-bgp] peer 200.1.2.2 as-number 20 [SwitchA-bgp] address-family ipv4 unicast [SwitchA-bgp-ipv4] peer 200.1.2.2 enable [SwitchA-bgp-ipv4] network 9.1.1.0 255.255.255.0 [SwitchA-bgp] quit # Configure Switch B. system-view [SwitchB] bgp 20 [SwitchB-bgp] router-id 2.2.
[SwitchB] display bgp routing-table ipv4 9.1.1.0 BGP local router ID: 2.2.2.2 Local AS number: 20 Paths: 1 available, 1 best BGP routing table information of 9.1.1.0/24: From : 200.1.2.1 (1.1.1.1) Relay nexthop : 200.1.2.1 Original nexthop: 200.1.2.1 OutLabel : NULL AS-path : 10 Origin : igp Attribute value : pref-val 0 State : valid, external, best, # Display advertisement information of network 9.1.1.0 on Switch B. [SwitchB] display bgp routing-table ipv4 9.1.1.
[SwitchA-route-policy-comm_policy-0] quit # Apply the routing policy. [SwitchA] bgp 10 [SwitchA-bgp] address-family ipv4 unicast [SwitchA-bgp-ipv4] peer 200.1.2.2 route-policy comm_policy export [SwitchA-bgp-ipv4] peer 200.1.2.2 advertise-community Verifying the configuration # Display the routing table on Switch B. [SwitchB] display bgp routing-table ipv4 9.1.1.0 BGP local router ID: 2.2.2.2 Local AS number: 20 Paths: 1 available, 1 best BGP routing table information of 9.1.1.0/24: From : 200.1.2.
• Between Switch A and Switch B is an EBGP connection, between Switch C and Switch B, and between Switch C and Switch D are IBGP connections. • Switch C is a route reflector with clients Switch B and D. • Switch D can learn route 20.0.0.0/8 from Switch C. Figure 56 Network diagram Configuration procedure 1. Configure IP addresses for interfaces. (Details not shown.) 2. Configure BGP connections: # Configure Switch A. system-view [SwitchA] bgp 100 [SwitchA-bgp] router-id 1.1.1.
[SwitchC-bgp] router-id 3.3.3.3 [SwitchC-bgp] peer 193.1.1.2 as-number 200 [SwitchC-bgp] peer 194.1.1.2 as-number 200 [SwitchC-bgp] address-family ipv4 unicast [SwitchC-bgp-ipv4] peer 193.1.1.2 enable [SwitchC-bgp-ipv4] peer 194.1.1.2 enable [SwitchC-bgp-ipv4] quit [SwitchC-bgp] quit # Configure Switch D. system-view [SwitchD] bgp 200 [SwitchD-bgp] router-id 4.4.4.4 [SwitchD-bgp] peer 194.1.1.1 as-number 200 [SwitchD-bgp] address-family ipv4 unicast [SwitchD-bgp-ipv4] peer 194.1.1.
Network i 20.0.0.0 NextHop MED LocPrf PrefVal Path/Ogn 193.1.1.2 0 100 0 100i Switch D has learned route 20.0.0.0/8 from Switch C. BGP confederation configuration example Network requirements As shown in Figure 65, to reduce IBGP connections, AS 200 is split into three sub-ASs: AS65001, AS65002, and AS65003. Switches in AS65001 are fully meshed.
[SwitchA-bgp] address-family ipv4 unicast [SwitchA-bgp-ipv4] peer 10.1.1.2 enable [SwitchA-bgp-ipv4] peer 10.1.2.2 enable [SwitchA-bgp-ipv4] peer 10.1.1.2 next-hop-local [SwitchA-bgp-ipv4] peer 10.1.2.2 next-hop-local [SwitchA-bgp-ipv4] quit [SwitchA-bgp] quit # Configure Switch B. system-view [SwitchB] bgp 65002 [SwitchB-bgp] router-id 2.2.2.2 [SwitchB-bgp] confederation id 200 [SwitchB-bgp] confederation peer-as 65001 65003 [SwitchB-bgp] peer 10.1.1.
[SwitchD-bgp] peer 10.1.5.2 as-number 65001 [SwitchD-bgp] address-family ipv4 unicast [SwitchD-bgp-ipv4] peer 10.1.3.1 enable [SwitchD-bgp-ipv4] peer 10.1.5.2 enable [SwitchD-bgp-ipv4] quit [SwitchD-bgp] quit # Configure Switch E. system-view [SwitchE] bgp 65001 [SwitchE-bgp] router-id 5.5.5.5 [SwitchE-bgp] confederation id 200 [SwitchE-bgp] peer 10.1.4.1 as-number 65001 [SwitchE-bgp] peer 10.1.5.1 as-number 65001 [SwitchE-bgp] address-family ipv4 unicast [SwitchE-bgp-ipv4] peer 10.1.4.
Network * >i 9.1.1.0/24 NextHop MED LocPrf PrefVal Path/Ogn 10.1.1.1 0 100 0 (65001) 100i [SwitchB] display bgp routing-table ipv4 9.1.1.0 BGP local router ID: 2.2.2.2 Local AS number: 65002 Paths: 1 available, 1 best BGP routing table information of 9.1.1.0/24: From : 10.1.1.1 (1.1.1.1) Relay nexthop : 10.1.1.1 Original nexthop: 10.1.1.
State : valid, internal-confed, best, The output indicates the following: • Switch F can send route information to Switch B and Switch C through the confederation by establishing only an EBGP connection with Switch A. • Switch B and Switch D are in the same confederation, but belong to different sub-ASs. They obtain external route information from Switch A and generate identical BGP route entries although they have no direct connection in between.
# Configure Switch C. system-view [SwitchC] ospf [SwitchC-ospf] area 0 [SwitchC-ospf-1-area-0.0.0.0] network 193.1.1.0 0.0.0.255 [SwitchC-ospf-1-area-0.0.0.0] network 195.1.1.0 0.0.0.255 [SwitchC-ospf-1-area-0.0.0.0] quit [SwitchC-ospf-1] quit # Configure Switch D. system-view [SwitchD] ospf [SwitchD-ospf] area 0 [SwitchD-ospf-1-area-0.0.0.0] network 194.1.1.0 0.0.0.255 [SwitchD-ospf-1-area-0.0.0.0] network 195.1.1.0 0.0.0.255 [SwitchD-ospf-1-area-0.0.0.0] quit [SwitchD-ospf-1] quit 3.
# Configure Switch D. [SwitchD] bgp 200 [SwitchD-bgp] peer 194.1.1.2 as-number 200 [SwitchD-bgp] peer 195.1.1.2 as-number 200 [SwitchD-bgp] address-family ipv4 unicast [SwitchD-bgp-ipv4] peer 194.1.1.2 enable [SwitchD-bgp-ipv4] peer 195.1.1.2 enable [SwitchD-bgp-ipv4] quit [SwitchD-bgp] quit 4. Configure attributes for route 1.0.0.0/8, making Switch D give priority to the route learned from Switch C: { (Method 1.) Configure a higher MED value for the route 1.0.0.0/8 advertised from Switch A to peer 192.
* >i 1.0.0.0 193.1.1.1 50 100 0 100i * 192.1.1.1 100 100 0 100i i Route 1.0.0.0/8 is the optimal. { (Method 2.) Configure different local preferences on Switch B and C for route 1.0.0.0/8, making Switch D give priority to the route from Switch C: # Define an ACL numbered 2000 on Switch C, permitting route 1.0.0.0/8. [SwitchC] acl number 2000 [SwitchC-acl-basic-2000] rule permit source 1.0.0.0 0.255.255.
Figure 59 Network diagram Configuration procedure 1. Configure Switch A: # Configure IP addresses for interfaces. (Details not shown.) # Configure the EBGP connection. system-view [SwitchA] bgp 65008 [SwitchA-bgp] router-id 1.1.1.1 [SwitchA-bgp] peer 200.1.1.1 as-number 65009 # Enable GR capability for BGP. [SwitchA-bgp] graceful-restart # Inject network 8.0.0.0/8 to the BGP routing table. [SwitchA-bgp] address-family ipv4 [SwitchA-bgp-ipv4] network 8.0.0.
system-view [SwitchC] bgp 65009 [SwitchC-bgp] router-id 3.3.3.3 [SwitchC-bgp] peer 9.1.1.1 as-number 65009 # Enable GR capability for BGP. [SwitchC-bgp] graceful-restart # Enable Switch C to exchange IPv4 unicast routing information with Switch B. [SwitchC-bgp-ipv4] peer 9.1.1.1 enable Verifying the configuration Ping Switch C on Switch A. Meanwhile, perform an active/standby switchover on Switch B. The ping operation is successful during the whole switchover process.
Configuration procedure 1. Configure IP addresses for interfaces. (Details not shown.) 2. Configure OSPF to make sure that Switch A and Switch C are reachable to each other. (Details not shown.) 3. Configure BGP on Switch A: # Establish two IBGP connections to Switch C. system-view [SwitchA] bgp 200 [SwitchA-bgp] peer 3.0.2.2 as-number 200 [SwitchA-bgp] peer 2.0.2.2 as-number 200 [SwitchA-bgp] address-family ipv4 unicast [SwitchA-bgp-ipv4] peer 3.0.2.2 enable [SwitchA-bgp-ipv4] peer 2.0.2.
[SwitchC-bgp-ipv4] peer 3.0.1.1 enable [SwitchC-bgp-ipv4] peer 2.0.1.1 enable [SwitchC-bgp-ipv4] quit [SwitchC-bgp] quit # Enable BFD for peer 3.0.1.1. [SwitchC-bgp] peer 3.0.1.1 bfd [SwitchC-bgp] quit [SwitchC] quit Verifying the configuration # Display detailed BFD session information on Switch C. display bfd session verbose Total Session Num: 1 Up Session Num: 1 Init Mode: Active IPv4 Session Working Under Ctrl Mode: Local Discr: 513 Remote Discr: 513 Source IP: 3.0.2.
Destination: 1.1.1.0/24 Protocol: BGP SubProtID: 0x1 Cost: 50 Tag: 0 OrigTblID: 0x1 TableID: 0x2 NBRID: 0x15000001 AttrID: 0x1 Process ID: 0 Age: 00h00m09s Preference: 255 State: Active Adv OrigVrf: default-vrf OrigAs: 0 LastAs: 0 Neighbor: 3.0.1.1 Flags: 0x10060 OrigNextHop: 3.0.1.1 Label: NULL RealNextHop: 3.0.2.1 BkLabel: NULL Tunnel ID: Invalid BkTunnel ID: Invalid BkNextHop: N/A Interface: Vlan-interface101 BkInterface: N/A The output shows that Switch C communicates with network 1.1.1.
Figure 61 Network diagram Loop0 2.2.2.2/32 Vlan-int 100 10.1.1.2/24 Switch B Vlan-int 100 10.1.1.1/24 Vlan-int 200 30.1.1.1/24 Switch D Loop0 4.4.4.4/32 AS 100 AS 200 Vlan-int 101 20.1.1.4/24 Link B Loop0 1.1.1.1/32 Switch A Vlan-int 101 20.1.1.2/24 Vlan-int 201 40.1.1.4/24 Link A Switch C Vlan-int 200 30.1.1.3/24 Vlan-int 201 40.1.1.3/24 Loop0 3.3.3.3/32 Configuration procedure 1. Configure IP addresses for interfaces. (Details not shown.) 2.
# Configure Switch C to establish an EBGP session with Switch A, and an IBGP session with Switch D. system-view [SwitchC] bgp 200 [SwitchC-bgp] router-id 3.3.3.3 [SwitchC-bgp] peer 30.1.1.1 as-number 100 [SwitchC-bgp] peer 4.4.4.4 as-number 200 [SwitchC-bgp] peer 4.4.4.4 connect-interface loopback 0 [SwitchC-bgp] address-family ipv4 unicast [SwitchC-bgp-ipv4] peer 30.1.1.1 enable [SwitchC-bgp-ipv4] peer 4.4.4.4 enable [SwitchC-bgp-ipv4] peer 4.4.4.
[SwitchA-bgp] address-family ipv4 unicast [SwitchA-bgp-ipv4] fast-reroute route-policy frr [SwitchA-bgp-ipv4] quit [SwitchA-bgp] quit # On Switch D, configure the source address of BFD echo packets as 44.1.1.1, create routing policy frr to set a backup next hop 3.3.3.3 (Switch C) for the route destined for 1.1.1.1/32, and apply the routing policy to BGP FRR for BGP IPv4 unicast address family. [SwitchD] bfd echo-source-ip 44.1.1.1 [SwitchD] ip prefix-list abc index 10 permit 1.1.1.
Destination: 1.1.1.1/32 Protocol: BGP Process ID: 0 SubProtID: 0x1 Age: 00h00m36s Cost: 0 Preference: 255 IpPre: N/A QosLocalID: N/A Tag: 0 State: Active Adv OrigTblID: 0x0 OrigVrf: default-vrf TableID: 0x2 OrigAs: 100 NibID: 0x15000003 LastAs: 100 AttrID: 0x1 Neighbor: 2.2.2.2 Flags: 0x10060 OrigNextHop: 2.2.2.2 Label: NULL RealNextHop: 20.1.1.2 BkLabel: NULL BkNextHop: 40.1.1.
Configuring PBR Introduction to PBR Policy-based routing (PBR) uses user-defined policies to route packets. A policy can specify the next hop and other parameters for packets that match specific criteria such as ACLs. A device forwards received packets using the following process: 1. The device uses PBR to forward matching packets. 2. If the packets do not match the PBR policy or the PBR-based forwarding fails, the device uses the routing table, excluding the default route, to forward the packets. 3.
Relationship between the match mode and clauses on the node Does a packet match all the if-match clauses on the node? Match mode Permit Deny • If the node is configured with an apply clause, PBR executes the apply clause on the node without matching the packet against the next node. Yes. • If the node is configured with no The packet is forwarded according to the routing table. apply clause, the packet is forwarded according to the routing table. PBR matches the packet against the next node. No.
Step 2. Create a node for a policy, and enter policy node view. Command Remarks policy-based-route policy-name [ deny | permit ] node node-number By default, no policy node is created. Configuring match criteria for a node Step Command Remarks 1. Enter system view. system-view N/A 2. Enter policy node view. policy-based-route policy-name [ deny | permit ] node node-number N/A 3. Configure an ACL match criterion.
Do not configure local PBR unless required. To configure local PBR: Step Command Remarks 1. Enter system view. system-view N/A 2. Apply a policy locally. ip local policy-based-route policy-name By default, no policy is locally applied. Configuring interface PBR Configure PBR by applying a policy to an interface. PBR uses the policy to guide the forwarding of packets received on the interface. The specified policy must already exist. Otherwise, the interface PBR configuration fails.
PBR configuration examples Packet type-based local PBR configuration example Network requirements As shown in Figure 70, configure PBR on Switch A to forward all TCP packets to the next hop 1.1.2.2. Switch A forwards other packets according to the routing table. Figure 62 Network diagram Switch B Switch A Vlan-int10 1.1.2.1/24 Vlan-int10 1.1.2.2/24 Vlan-int20 1.1.3.1/24 Vlan-int20 1.1.3.2/24 Switch C Configuration procedure 1. Configure Switch A: # Create VLAN 10 and VLAN 20.
[SwitchB] vlan 10 [SwitchB-vlan10] quit # Configure the IP address of VLAN-interface 10. [SwitchB] interface vlan-interface 10 [SwitchB-Vlan-interface10] ip address 1.1.2.2 24 3. Configure Switch C: # Create VLAN 20. system-view [SwitchC] vlan 20 [SwitchC-vlan20] quit # Configure the IP address of VLAN-interface 20. [SwitchC] interface vlan-interface 20 [SwitchC-Vlan-interface20] ip address 1.1.3.2 24 Verifying the configuration # Telnet to Switch B on Switch A. The operation succeeds.
Figure 63 Network diagram Configuration procedure 1. Configure Switch A: # Create VLAN 10 and VLAN 20. system-view [SwitchA] vlan 10 [SwitchA-vlan10] quit [SwitchA] vlan 20 [SwitchA-vlan20] quit # Configure the IP addresses of VLAN-interface 10 and VLAN-interface 20. [SwitchA] interface vlan-interface 10 [SwitchA-Vlan-interface10] ip address 1.1.2.1 24 [SwitchA-Vlan-interface10] quit [SwitchA] interface vlan-interface 20 [SwitchA-Vlan-interface20] ip address 1.1.3.
[SwitchA-Vlan-interface11] ip address 10.110.0.10 24 [SwitchA-Vlan-interface11] ip policy-based-route aaa [SwitchA-Vlan-interface11] quit 2. Configure Switch B: # Create VLAN 10. system-view [SwitchB] vlan 10 [SwitchB-vlan10] quit # Configure the IP address of VLAN-interface 10. [SwitchB] interface vlan-interface 10 [SwitchB-Vlan-interface10] ip address 1.1.2.2 24 [SwitchB-Vlan-interface10] quit # Configure a static route to subnet 10.110.0.0/24. [SwitchB] ip route-static 10.110.0.0 24 1.1.2.
Configuring routing policies Routing policies control routing paths by filtering and modifying routing information. Overview Routing policies can filter advertised, received, and redistributed routes, and modify attributes for specific routes. To configure a routing policy: 1. Configure filters based on route attributes, such as destination address and the advertising router's address. 2. Create a routing policy and apply filters to the routing policy.
Routing policy A routing policy can comprise multiple nodes, which are in a logical OR relationship. A node with a smaller number is matched first. A route (except the route configured with the continue clauses) that matches one node matches the routing policy. Each node has a match mode of permit or deny. • permit—Specifies the permit match mode for a routing policy node.
Step Command Remarks 1. Enter system view. system-view N/A 2. Configure an IPv4 prefix list. ip prefix-list prefix-list-name [ index index-number ] { deny | permit } ip-address mask-length [ greater-equal min-mask-length ] [ less-equal max-mask-length ] By default, no IPv4 prefix list is configured. Configuring an AS path list You can configure multiple items for an AS path list that is identified by a number. The relationship between items is logical OR.
Step Command Remarks 1. Enter system view. system-view N/A 2. Configure an extended community list. ip extcommunity-list ext-comm-list-number { deny | permit } { rt route-target }&<1-32> By default, no extended community list is configured. Configuring a routing policy Configuration prerequisites Configure filters and routing protocols, and determine the routing policy name, node numbers, match criteria, and the attributes to be modified.
Step Command Remarks By default, no ACL or prefix list match criterion is configured. 3. Match routes whose destination, next hop, or source matches an ACL or prefix list. if-match ip { address | next-hop | route-source } { acl acl-number | prefix-list prefix-list-name } If the ACL used by an if-match clause does not exist, the clause is always matched. If no rules of the specified ACL are matched or the match rules are inactive, the clause is not matched. 4.
Step Command Remarks 2. Enter routing policy node view. route-policy route-policy-name { deny | permit } node node-number N/A 3. Set the AS_PATH attribute for BGP routes. apply as-path as-number&<1-32> [ replace ] By default, no AS_PATH attribute is set for BGP routes. 4. Delete the specified COMMUNITY attribute for BGP routes. apply comm-list { comm-list-number | comm-list-name } delete By default, no COMMUNITY attribute is deleted for BGP routes. 5.
Configuring a continue clause Follow these guidelines when you configure a continue clause: • If you configure the same type of apply clauses that set different values on nodes that are combined by the continue clause, and the apply clauses are not configured with the additive keyword, the apply clause configured on the last matching node takes effect.
Routing policy configuration examples Applying a routing policy to IPv4 route redistribution Network Requirements As shown in Figure 72, Switch B exchanges routing information with Switch A by using OSPF and with Switch C by using IS-IS. On Switch B, enable route redistribution from IS-IS to OSPF, and use a routing policy to set the cost of route 172.17.1.0/24 to 100 and the tag of route 172.17.2.0/24 to 20. Figure 64 Network diagram IS-IS OSPF Vlan-int100 192.168.1.2/24 Switch B Vlan-int200 192.168.2.
# Configure Switch B. system-view [SwitchB] isis [SwitchB-isis-1] is-level level-2 [SwitchB-isis-1] network-entity 10.0000.0000.0002.00 [SwitchB-isis-1] quit [SwitchB] interface vlan-interface 200 [SwitchB-Vlan-interface200] isis enable [SwitchB-Vlan-interface200] quit 3. Configure OSPF and route redistribution: # Configure OSPF on Switch A. system-view [SwitchA] ospf [SwitchA-ospf-1] area 0 [SwitchA-ospf-1-area-0.0.0.0] network 192.168.1.0 0.0.0.255 [SwitchA-ospf-1-area-0.0.0.
# Configure IP prefix list prefix-a to permit route 172.17.1.0/24. [SwitchB] ip prefix-list prefix-a index 10 permit 172.17.1.0 24 5. Configure a routing policy.
Support and other resources Contacting HP For worldwide technical support information, see the HP support website: http://www.hp.
Conventions This section describes the conventions used in this documentation set. Command conventions Convention Description Boldface Bold text represents commands and keywords that you enter literally as shown. Italic Italic text represents arguments that you replace with actual values. [] Square brackets enclose syntax choices (keywords or arguments) that are optional. { x | y | ... } Braces enclose a set of required syntax choices separated by vertical bars, from which you select one.
Network topology icons Represents a generic network device, such as a router, switch, or firewall. Represents a routing-capable device, such as a router or Layer 3 switch. Represents a generic switch, such as a Layer 2 or Layer 3 switch, or a router that supports Layer 2 forwarding and other Layer 2 features. Represents an access controller, a unified wired-WLAN module, or the switching engine on a unified wired-WLAN switch. Represents an access point.
Index Numerics IPv4 BGP basic configuration, 213 4-byte IPv4 BGP BFD configuration, 241 IPv4 BGP COMMUNITY configuration, 206, 226 IPv4 BGP AS number suppression, 202 IPv4 BGP confederation configuration, 232 A IPv4 BGP configuration, 213 ABR IPv4 BGP fake AS number advertisement, 198 IP routing OSPF discard route configuration, 73 IPv4 BGP GR configuration, 239 IP routing OSPF route summarization on ABR, 72 IPv4 BGP load balancing configuration, 223 IPv4 BGP path selection configuration, 236
BGP path AS_SEQUENCE attribute, 172 BGP MED attribute configuration, 194 BGP path AS_SET attribute, 172 BGP path AS_PATH, 172 IP routing IS-IS basic configuration, 129, 149 BGP path COMMUNITY, 172 IP routing IS-IS configuration, 121, 128, 149 BGP path LOCAL_PREF, 172 IP routing IS-IS DIS election configuration, 154 BGP path MED, 172 IP routing OSPF areas, 58 BGP path NEXT_HOP, 172 IP routing OSPF AS External LSA, 58 BGP path ORIGIN, 172 IP routing policy AS_PATH list, 257 IPv4 BGP AS number s
backbone first AS number of EBGP route updates, 199 IP routing OSPF backbone area, 59 GR configuration, 208 IP routing OSPF router type, 60 GR helper configuration, 208 backing up GR restarter configuration, 208 IPv4 EBGP peer protection (low memory exemption), 205 IP routing route backup, 3 bandwidth large scale network management, 178 IP routing OSPF reference value, 74 large-scale network configuration, 205 BDR load balancing, 176 IP routing OSPF, 62 MED attribute configuration, 194 IP ro
IP routing RIP BFD configuration (bidirectional control detection), 35 confederating BGP confederation, 178, 207 IP routing RIP BFD configuration (bidirectional detection/control packet mode), 51 BGP confederation compatibility, 208 static route BFD bidirectional control mode (direct next hop), 8 IPv4 BGP MED AS route comparison (confederation peers), 196 static route BFD bidirectional control mode (indirect next hop), 8 IPv4 BGP confederation configuration, 232 configuring BGP, 171, 181 bidirectio
IP routing OSPF GR restarter, 88 IP routing IS-IS LSP parameters, 138 IP routing IS-IS LSP timer, 138 IP routing OSPF host route advertisement, 77 IP routing IS-IS LSP-calculated route filtering, 134 IP routing OSPF interface authentication, 81 IP routing IS-IS neighbor relationship authentication, 144 IP routing OSPF interface cost, 74 IP routing IS-IS network management, 143 IP routing OSPF LSDB max number external LSAs, 82 IP routing IS-IS redistributed route filtering, 134 IP routing OSPF LSU
IPv4 BGP keepalive interval, 200 IP routing policy filter, 258 IP routing policy if-match clause, 260 IPv4 BGP load balancing, 203, 223 IP routing policy IP prefix list, 258 IPv4 BGP manual soft reset, 204 IP routing RIB label max lifetime, 4 IPv4 BGP MED default value, 194 IP routing RIB route max lifetime, 4 IPv4 BGP NEXT_HOP attribute, 197 IP routing RIP, 20, 22, 37 IPv4 BGP path selection, 236 IP routing RIP additional routing metric, 25 IPv4 BGP route automatic summarization, 188 IP routin
IP routing RIP BFD configuration (bidirectional detection/control packet mode), 51 controlling BGP path selection, 193 IP routing RIP BFD configuration (single-hop echo detection/neighbor), 34 BGP route distribution, 188 BGP route reception, 188 IP routing RIP BFD configuration (single-hop echo detection/specific destination), 34, 48 IP routing IS-IS route control, 130 IP routing IS-IS SPF calculation interval, 140 IP routing RIP BFD single-hop echo detection, 34, 45 IP routing OSPF route control, 71
ISIS max number ECMP routes, 132 PBR, 252 static routes, 10 electing distributing BGP route distribution control, 188 IP routing OSPF DR election, 105 enabling IP routing extension attribute redistribution, 4 BGP, 182 IP routing route redistribution, 3 BGP session state change logging, 210 IPv4 BGP-IGP route redistribution, 218 BGP SNMP notification, 209 EBGP direct connections after link failure, 201 domain IP routing IS-IS routing domain, 123 IP routing IS-IS, 129 IP routing IS-IS routing dom
IPv4 BGP COMMUNITY configuration, 226 IP routing IS-IS LSP fragment extension, 140 Exterior Gateway Protocol. Use EGP IPv4 BGP confederation configuration, 232 external IPv4 BGP configuration, 213 IPv4 BGP FRR configuration (on switch), 244 IP routing OSPF LSDB max number external LSAs, 82 IPv4 BGP GR configuration, 239 external BGP. Use EBGP IPv4 BGP load balancing configuration, 223 F IPv4 BGP path selection configuration, 236 IPv4 BGP route distribution filtering policies, 190 fast reroute.
IP routing RIP BFD configuration (single-hop echo detection/neighbor), 34 static route FRR configuration, 9 static routing FRR configuration, 17 IP routing RIP BFD configuration (single-hop echo detection/specific destination), 34 G garbage-collect timer (RIP), 28 generating BGP route, 187 GR helper IP routing IS-IS GR configuration, 145 host IP routing RIP host route reception disable, 26 I IBGP BGP confederation, 207 IP routing OSPF configuration, 88 IPv4 BGP ORIGINATOR_ID attribute, 207 IP routing
BGP configuration, 171, 181 IPv4 BGP-IGP route redistribution, 218 BGP default route advertisement to peer/peer group, 189 INCOMPLETE BGP ORIGIN path attribute, 172 BGP first AS number of EBGP route updates, 199 Incremental Shortest Path First.
IS-IS CSNP packet send interval, 136 IS-IS system ID-host name mapping, 141 IS-IS default route advertisement, 133 IS-IS system ID-host name mapping (dynamic), 142 IS-IS DIS election configuration, 154 IS-IS system ID-host name mapping (static), 142 IS-IS ECMP routes max number, 132 load sharing, 3 IS-IS FRR automatic backup next hop calculation, 147 maintaining policy, 263 maintaining routing table, 5 IS-IS FRR configuration, 146, 168 OSPF area authentication configuration, 81 IS-IS FRR configu
OSPF P2MP network type configuration for interface, 71 RIP additional routing metric configuration, 25 RIP basic configuration, 22, 37 OSPF P2P network type configuration for interface, 71 RIP BFD configuration, 34 RIP BFD configuration (bidirectional control detection), 35 OSPF packet DSCP value, 82 OSPF PIC configuration, 87 RIP BFD configuration (bidirectional detection/control packet mode), 51 OSPF preference, 75 RIP BFD configuration (single-hop echo detection/neighbor), 34 OSPF prefix prioriti
route preference, 2 COMMUNITY configuration, 206, 226 route recursion, 3 confederation configuration, 232 route redistribution, 3 configuration, 213 routing table, 1 default local preference, 194 static route BFD bidirectional control mode (direct next hop), 8 displaying, 212 static route BFD bidirectional control mode (indirect next hop), 8 FRR configuration (on switch), 244 fake AS number advertisement, 198 GR configuration, 239 static route BFD configuration, 8 holdtime, 200 static route B
LSP-calculated route filtering, 134 IPv4 IBGP maintaining, 148 peer group configuration, 184 neighbor relationship authentication, 144 IS-IS address format, 121 neighbor state change logging, 142 area, 123 NET, 122 area address, 122 network management, 143 area authentication, 144 network optimization, 135 authentication, 161 network security enhancement, 144 basic configuration, 129, 149 network tuning, 135 BFD configuration, 146, 165 NSAP address format, 121 broadcast network type, 125
IP routing IS-IS ECMP routes max number, 132 L IP routing load sharing, 3 label IP routing RIB label max lifetime, 4 leaking IP routing RIP max number ECMP routes, 30 local IP routing IS-IS routes, 135 BGP LOCAL_PREF path attribute, 172 IPv4 EBGP peer protection (level 2 threshold exemption), 205 PBR local configuration, 251 IPv4 BGP default local preference, 194 level limiting PBR local configuration (packet type-based), 253 logging BGP session state change logging, 210 IPv4 BGP routes receive
LSR memory IP routing OSPF LSR packet, 57 IPv4 EBGP peer protection (low memory exemption), 205 LSU IP routing OSPF LSU packet, 57 message BGP notification, 171 IP routing OSPF LSU transmit rate, 85 BGP open, 171 M BGP route-refresh, 171 maintaining BGP update, 171 IP routing IS-IS, 148 IP routing RIPv1 message zero field check enable, 30 IP routing OSPF, 92 IP routing policy, 263 IP routing RIPv2 message authentication configuration, 31 IP routing RIP, 36 IP routing table, 5 metric IPv4 BG
BGP session state change logging, 210 Multiprotocol Extensions for BGP-4. See MP-BGP BGP SNMP notification enable, 209 N BGP soft reset, 203 NBMA BGP TCP connection source address, 186 IP routing OSPF network type, 62 entity title.
IP routing OSPF interface authentication configuration, 81 IP routing IS-IS network management, 143 IP routing IS-IS network optimization, 135 IP routing IS-IS network tuning, 135 IP routing OSPF interface cost, 74 IP routing IS-IS point-to-point type, 125 IP routing OSPF interface packet send/receive disable, 80 IP routing IS-IS preference specification, 132 IP routing OSPF ISPF enable, 85 IP routing IS-IS pseudonode, 125 IP routing OSPF LSA arrival interval, 79 IP routing IS-IS route control conf
IP routing RIP packet max length, 32 IP routing OSPF stub area configuration, 67 IP routing OSPF stub router configuration, 80 IP routing RIP packet send rate configuration, 32 IP routing OSPF timer configuration, 77 IP routing RIP poison reverse configuration, 29 IP routing OSPF tuning, 77 IP routing RIP preference configuration, 27 IP routing OSPF Type-3 LSA filtering, 74 IP routing RIP received/redistributed route filtering, 27 IP routing OSPF virtual link configuration, 68 IP routing RIP route
IPv4 BGP private AS number removal, 199 IP routing OSPF GR configuration, 111 IPv4 BGP received route preferred value, 193 IP routing OSPF NSSA area configuration, 103 IPv4 BGP route dampening, 192 IP routing OSPF route redistribution, 96 IPv4 BGP route distribution filtering policies, 190 IP routing OSPF stub area configuration, 101 IPv4 BGP route preference, 193 IP routing OSPF summary route advertisement, 98 IPv4 BGP route reception filtering policies, 191 IP routing OSPF virtual link configur
IP routing policy apply clause, 258 BGP route, 189 IP routing policy apply clause configuration, 261 IP routing policy continue clause, 258 IP routing FIB table optimal routes, 1 optimizing IP routing policy continue clause configuration, 263 BGP network, 200 IP routing IS-IS networks, 135 IP routing policy if-match clause, 258 IP routing policy if-match clause configuration, 260 PBR apply clause, 249 PBR creation, 250 PBR if-match clause, 249 IP routing OSPF network, 77 IP routing RIP networks, 28 O
IP routing IS-IS DIS election, 125 router types, 60 ISPF enable, 85 SPF calculation interval, 79 LSA arrival interval, 79 stub area, 60 LSA generation interval, 79 stub area configuration, 67, 101 LSA transmission delay, 78 stub router configuration, 80 LSA types, 58 summary route advertisement, 98 LSDB max number external LSAs, 82 timer configuration, 77 LSU transmit rate, 85 totally NSSA area, 60 maintaining, 92 totally stub area, 60 NBMA network type configuration for interface, 70 tro
IP routing OSPF basic configuration, 93 PBR local configuration (packet type-based), 253 IP routing OSPF BFD configuration, 89 IP routing OSPF configuration, 57, 64, 93 PBR policy configuration, 250 parameter IP routing OSPF DD, 57 IP routing IS-IS LSDB overload bit, 141 IP routing OSPF DD packet interface MTU, 82 IP routing IS-IS LSP parameters, 138 IP routing OSPF exit overflow interval, 83 IP routing IS-IS route convergence priority, 141 IP routing OSPF FRR configuration, 90 IP routing IS-IS S
peer IP routing policy if-match clause configuration, 260 BGP, 171 IP routing policy IP prefix list configuration, 258 BGP configuration, 183 IPv4 BGP route distribution filtering policy, 190 BGP default route advertisement to peer/peer group, 189 IPv4 BGP route reception filtering policy, 191 PBR, 249 BGP peer group, 178 PBR configuration, 249, 250, 250, 251, 253 BGP peer group configuration, 183 PBR interface configuration, 252 EBGP, 171 PBR interface configuration (packet type-based), 254 IB
configuring IP routing IS-IS GR, 145, 164 procedure configuring IP routing IS-IS interface cost, 131 advertising BGP default route to peer/peer group, 189 configuring IP routing IS-IS interface DIS priority, 137 advertising BGP optimal route, 189 configuring IP routing IS-IS interface P2P network type, 130 advertising IP routing IS-IS default route, 133 advertising IP routing RIP default route, 26 advertising IP routing RIPv2 summary route, 25 configuring IP routing IS-IS IS level, 129 advertising
configuring IP routing OSPF prefix suppression, 86 configuring IP routing OSPF broadcast network type for interface, 69 configuring IP routing OSPF prefix suppression (global), 86 configuring IP routing OSPF DD packet interface MTU, 82 configuring IP routing OSPF prefix suppression (on interface), 86 configuring IP routing OSPF default route redistribution, 76 configuring IP routing OSPF received route filtering, 73 configuring IP routing OSPF discard route, 73 configuring IP routing OSPF redistribu
configuring IP routing RIP BFD (bidirectional detection/control packet mode), 51 configuring IPv4 BGP NEXT_HOP attribute, 197 configuring IP routing RIP BFD (single-hop echo detection/neighbor), 34 configuring IPv4 BGP route automatic summarization, 188 configuring IPv4 BGP path selection, 236 configuring IP routing RIP BFD (single-hop echo detection/specific destination), 34, 48 configuring IPv4 BGP route dampening, 192 configuring IPv4 BGP route distribution filtering policies, 190 configuring IP r
controlling IP routing IS-IS SPF calculation interval, 140 enabling IP routing OSPF RFC 1583 compatibility, 83 controlling IP routing RIP interface advertisement, 23 enabling IP routing RIP, 22 controlling IP routing RIP interface reception, 23 enabling IP routing RIP split horizon, 29 enabling IP routing RIP poison reverse, 29 creating IP routing policy, 260 creating PBR node, 250 enabling IP routing RIP update source IP address check, 30 disabling IP routing IS-IS interface packet send/receive, 1
protecting IPv4 EBGP peer (low memory exemption), 205 IP routing OSPF RFC 1583 compatibility, 83 redistributing IPv4 BGP IGP routes, 187 MP-BGP, 180 removing IPv4 BGP private AS number from EBGP peer/peer group update, 199 saving IPv4 BGP route update, 204 IP routing RIP, 21 R receiving IPv4 BGP routes received from peer/peer group, 190 setting IP routing IS-IS LSDB overload bit, 141 setting IP routing RIP packet max length, 32 specifying BGP TCP connection source address, 186 specifying IP routing IS
BFD configuration (single-hop echo detection/specific destination), 34, 48 message zero field check enable, 30 BFD single-hop echo detection, 45 RIP basic configuration, 22 configuration, 20, 22, 37 RIP configuration, 20, 22, 37 protocols and standards, 21 configuration restrictions, 36 RIP versions, 21 default route advertisement, 26 displaying, 36 enabling, 22 version configuration, 24 RIPv2 automatic route summarization enable, 25 FRR configuration, 35, 54 message authentication configuration
IP routing OSPF discard route configuration, 73 IP routing route preference, 2 IP routing OSPF ECMP route max number configuration, 75 IP routing route redistribution, 3 IP routing OSPF host route advertisement, 77 IPv4 BGP IGP route redistribution, 187 IP routing route recursion, 3 IP routing OSPF preference configuration, 75 IPv4 BGP MED AS route comparison (confederation peers), 196 IP routing OSPF received route filtering, 73 IPv4 BGP MED AS route comparison (diff ASs), 195 IP routing OSPF re
IP routing OSPF ABR router type, 60 IP routing IS-IS routing domain authentication, 145 IP routing OSPF ASBR router type, 60 IP routing OSPF area authentication configuration, 81 IP routing OSPF backbone router type, 60 IP routing OSPF interface authentication configuration, 81 IP routing OSPF internal router type, 60 IP routing OSPF router LSA, 58 IP routing OSPF prefix prioritization, 87 IP routing OSPF stub router configuration, 80 routing displaying IP routing policy, 263 IP routing policy appli
IP routing RIPv2 automatic route summarization enable, 25 IP routing IS-IS calculation interval, 140 IP routing OSPF SPF calculation interval, 79 IP routing RIPv2 route summarization configuration, 25 split horizon, 29, 29 state IP routing RIPv2 summary route advertisement, 25 BGP session state change logging, 210 IPv4 BGP route automatic summarization, 188 IP routing OSPF neighbor state change logging, 84 static IP routing IS-IS system ID-host name mapping (static), 142 IPv4 BGP route manual summar
IPv4 EBGP peer protection (level 2 threshold exemption), 205 time IPv4 BGP holdtime, 200 timeout timer (RIP), 28 timer IP routing OSPF route type, 61 U UDP IP routing RIP configuration, 20, 22, 37 unicast IP routing configuration, 1 IP routing IS-IS LSP timers, 138 IP routing dynamic routing protocols, 2 IP routing OSPF dead packet timer, 77 IP routing ECMP route max number configuration, 5 IP routing OSPF hello packet timer, 77 IP routing extension attribute redistribution, 4 IP routing OSPF LSA re
