HP 6600/HSR6600 Routers Layer 3 - IP Routing Configuration Guide Part number: 5998-1505 Software version: A6602-CMW520-R3303P05 A6600-CMW520-R3303P05-RPE A6600-CMW520-R3303P05-RSE HSR6602_MCP-CMW520-R3303P05 Document version: 6PW105-20140507
Legal and notice information © Copyright 2014 Hewlett-Packard Development Company, L.P. No part of this documentation may be reproduced or transmitted in any form or by any means without prior written consent of Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
Contents IP routing basics ··························································································································································· 1 Routing table ······································································································································································ 1 Dynamic routing protocols ······················································································································
Tuning and optimizing RIP networks ···························································································································· 30 Configuration prerequisites ·································································································································· 30 Configuring RIP timers··········································································································································· 30 Configuring split hori
Configuring the P2MP network type for an interface ························································································ 71 Configuring the P2P network type for an interface ··························································································· 72 Configuring OSPF route control ··································································································································· 72 Configuration prerequisites ······························
Configuring BFD for OSPF ································································································································· 120 Troubleshooting OSPF configuration ························································································································· 124 No OSPF neighbor relationship established ···································································································· 124 Incorrect routing information ···············
Configuring BFD for IS-IS············································································································································· 161 Configuring IS-IS MTR ·················································································································································· 161 Displaying and maintaining IS-IS ······························································································································· 163 IS-
Enabling quick reestablishment of direct EBGP session ·················································································· 231 Enabling MD5 authentication for BGP peers ··································································································· 232 Configuring BGP load balancing ······················································································································ 232 Forbidding session establishment with a peer or peer group ············
Configuring interface PBR on a VLAN interface ······························································································ 289 Configuring IPv6 static routing ······························································································································· 291 Overview······································································································································································· 291 Configuring IPv6 stati
Configuring an OSPFv3 virtual link ··················································································································· 318 Configuring OSPFv3 network types ··························································································································· 319 Configuration prerequisites ································································································································ 319 Configuring the OSPFv3 network type
Configuration prerequisites ································································································································ 365 Specifying an IPv6 BGP peer ····························································································································· 366 Injecting a local IPv6 route ································································································································· 366 Configuring a preferred value
Configuring IPv6 policy-based routing ·················································································································· 406 Introduction to IPv6 policy-based routing ·················································································································· 406 What is policy-based routing ····························································································································· 406 Policy ····························
Displaying and maintaining MTR ······························································································································· 439 Support and other resources ·································································································································· 440 Contacting HP ······························································································································································ 440 Subscrip
IP routing basics IP routing directs the forwarding of IP packets on routers based on a routing table. This book focuses on unicast routing protocols. For more information about multicast routing protocols, see IP Multicast Configuration Guide. Routing table A router maintains at least two routing tables: one global routing table and one forwarding information base (FIB). The FIB table contains only the optimal routes, and the global routing table contains all routes.
• Destination—IP address of the destination host or network. • Mask—Mask length of the IP address. • Pre—Preference of the route. Among routes to the same destination, the one with the highest preference is optimal. • Cost—When multiple routes to a destination have the same preference, the one with the smallest cost becomes the optimal route. • NextHop—Next hop. • Interface—Output interface.
Table 3 Route types and their default route preferences Routing type Preference Direct route 0 OSPF 10 IS-IS 15 Static route 60 RIP 100 OSPF ASE 150 OSPF NSSA 150 IBGP 255 EBGP 255 Unknown (route from an untrusted source) 256 Load sharing A routing protocol might find multiple optimal equal-cost routes to the same destination. You can use these routes to implement equal-cost multi-path (ECMP) load sharing.
Displaying and maintaining a routing table Task Command Remarks Display the routing table. display ip routing-table [ multiple-topology topology-name | vpn-instance vpn-instance-name ] [ verbose ] [ | { begin | exclude | include } regular-expression ] Available in any view. Display routes matching an IPv4 basic ACL.
Task Command Remarks Display IPv6 routing table information. display ipv6 routing-table [ vpn-instance vpn-instance-name ] [ verbose ] [ | { begin | exclude | include } regular-expression ] Available in any view. Display routes matching an IPv6 ACL. display ipv6 routing-table [ vpn-instance vpn-instance-name ] acl acl6-number [ verbose ] [ | { begin | exclude | include } regular-expression ] Available in any view. Display routing information for a specified destination IPv6 address.
Configuring static routing Static routes are manually configured. If a network's topology is simple, you only need to configure static routes for the network to work correctly. Static routes cannot adapt to network topology changes. If a fault or a topological change occurs in the network, the network administrator must modify the static routes manually. Configuring a static route Before you configure a static route, complete the following tasks: • Configure physical parameters for related interfaces.
Step Command Remarks • Method 1: ip route-static dest-address { mask | mask-length } { next-hop-address [ track track-entry-number ] | interface-type interface-number [ next-hop-address ] | vpn-instance d-vpn-instance-name next-hop-address [ track track-entry-number ] } [ preference preference-value ] [ tag tag-value ] [ permanent ] [ description description-text ] • Method 2: 2. Configure a static route.
Step 1. Enter system view. Command Remarks system-view N/A • Method 1: 2. Configure a static route and enable BFD control packet mode for it.
Step Command Remarks • Method 1: 3. Enable BFD echo packet mode for static routes. ip route-static dest-address { mask | mask-length } interface-type interface-number next-hop-address bfd echo-packet [ preference preference-value ] [ tag tag-value ] [ description description-text ] Use either method.
Configuration procedure To configure static route FRR: Step 1. Enter system view. Command Remarks system-view N/A Not configured by default. 2. Configure the source address of BFD echo packets. bfd echo-source-ip ip-address 3. Configure static route FRR. ip route-static [ vpn-instance vpn-instance-name ] fast-reroute route-policy route-policy-name For more information about this command, see High Availability Command Reference. Not configured by default.
Figure 2 Network diagram Host B 1.1.6.2/24 GE2/1/3 1.1.6.1/24 GE2/1/1 1.1.4.2/30 GE2/1/2 1.1.5.5/30 Router B GE2/1/2 1.1.5.6/30 GE2/1/2 1.1.4.1/30 GE2/1/1 1.1.2.3/24 Router C Router A Host A 1.1.2.2/24 GE2/1/1 1.1.3.1/24 Host C 1.1.3.2/24 Configuration procedure 1. Configure IP addresses for interfaces. (Details not shown.) 2. Configure static routes: # Configure a default route on Router A. system-view [RouterA] ip route-static 0.0.0.0 0.0.0.0 1.1.4.
# Display the IP routing table of Router B. [RouterB] display ip routing-table Routing Tables: Public Destinations : 10 Destination/Mask Proto 1.1.2.0/24 Routes : 10 Pre Cost NextHop Interface Static 60 0 1.1.4.1 GE2/1/1 1.1.3.0/24 Static 60 0 1.1.5.6 GE2/1/2 1.1.4.0/30 Direct 0 0 1.1.4.2 GE2/1/1 1.1.4.2/32 Direct 0 0 127.0.0.1 InLoop0 1.1.5.0/30 Direct 0 0 1.1.5.5 GE2/1/2 1.1.5.5/32 Direct 0 0 127.0.0.1 InLoop0 127.0.0.0/8 Direct 0 0 127.0.0.1 InLoop0 127.0.0.
BFD for static routes configuration example (direct next hop) Network requirements In Figure 3, configure a static route to subnet 120.1.1.0/24 on Router A, configure a static route to subnet 121.1.1.0/24 on Router B, and enable BFD for both routes. Configure a static route to subnet 120.1.1.0/24 and a static route to subnet 121.1.1.0/24 on Router C.
[RouterB-GigabitEthernet2/1/1] bfd detect-multiplier 9 [RouterB-GigabitEthernet2/1/1] quit [RouterB] ip route-static 121.1.1.0 24 GigabitEthernet 2/1/1 12.1.1.1 bfd control-packet [RouterB] ip route-static 121.1.1.0 24 GigabitEthernet 2/1/2 13.1.1.2 preference 65 [RouterB] quit # Configure static routes on Router C. system-view [RouterC] ip route-static 120.1.1.0 24 GigabitEthernet 2/1/2 13.1.1.1 [RouterC] ip route-static 121.1.1.0 24 GigabitEthernet 2/1/1 10.1.1.102 3.
*Jul 27 10:18:19:172 2007 RouterA BFD/7/EVENT:Receive Delete-sess, [Src:12.1.1.1,Dst:12.1.1.2,GigabitEthernet2/1/1,Ctrl], Direct, Instance:0x0, Proto:STATIC #*Jul 27 10:18:19:172 2007 RouterA BFD/7/EVENT:Notify driver to stop receiving bf # Display the static route information again. Router A communicates with Router B over the static route passing Router C now.
Router C GE2/1/1 10.1.1.100/24 GE2/1/2 13.1.1.2/24 Router D GE2/1/1 12.1.1.2/24 GE2/1/2 11.1.1.1/24 Configuration procedure 1. Configure IP addresses for the interfaces. (Details not shown.) 2. Configure static routes and BFD: # Configure static routes on Router A and enable BFD control packet mode for the static route through Router D.
LD/RD SourceAddr DestAddr State Holdtime Interface 4/7 1.1.1.9 2.2.2.9 Up 2000ms Loop1 # Display the static route information on Router A. display ip routing-table protocol static Public Routing Table : Static Summary Count : 2 Static Routing table Status : Summary Count : 1 Destination/Mask Proto Pre 120.1.1.0/24 Static 60 Cost NextHop Interface 0 2.2.2.9 GE2/1/1 Cost NextHop Interface 0 10.1.1.
Static route FRR configuration example Network requirements As shown in Figure 5, configure static routes on Router S, Router A, and Router D, and configure static route FRR so that when Link A fails, traffic can be switched to Link B immediately. Figure 5 Network diagram Router A /1 /24 2/1 2.1 GE .12.1 12 Loop 0 1.1.1.1/32 Router S /1 2/1 4 GE .2/2 .12 .12 12 GE 24 2/1/ .24 2 .24 .2/ 24 Link B Link A GE2/1/2 13.13.13.1/24 24 .24 GE2 .24 /1/1 .4/ 24 GE2/1/2 13.13.13.2/24 Router D Loop 0 4.4.4.
[RouterD-route-policy] apply fast-reroute backup-interface GigabitEthernet 2/1/1 backup-nexthop 24.24.24.2 [RouterD-route-policy] quit [RouterD] ip route-static fast-reroute route-policy frr 4. Verify the configuration: # Display route 4.4.4.4/32 on Router S to view the backup next hop information. [RouterS] display ip routing-table 4.4.4.4 verbose Routing Table : Public Summary Count : 1 Destination: 4.4.4.4/32 Protocol: Static Process ID: 0 Preference: 60 IpPrecedence: Cost: 0 QosLcId: NextHop: 13.
Configuring a default route A default route is used to forward packets that match no entry in the routing table. Without a default route, a packet that does not match any routing entries is discarded. A default route can be configured in either of the following ways: • The network administrator can configure a default route with both destination and mask being 0.0.0.0.
Configuring RIP Routing Information Protocol (RIP) is a distance-vector simple interior gateway protocol suited to small-sized networks. It employs UDP to exchange route information through port 520. Overview RIP uses a hop count to measure the distance to a destination. The hop count from a router to a directly connected network is 0. The hop count from a router to a directly connected router is 1. To limit convergence time, RIP restricts the metric range from 0 to 15.
• Counting to infinity—A destination with a metric value of 16 is considered unreachable. When a routing loop occurs, the metric value of a route will increment to 16 to avoid endless loopings. • Split horizon—Disables RIP from sending routing information on the interface from which the information was learned to prevent routing loops and save bandwidth.
RIP can serve as the IGP running between CE and PE on a BGP/MPLS VPN network. For related information, see MPLS Configuration Guide. • RIP FRR • BFD RIP periodically sends route update requests to neighbors. If no route update response for a route is received within the specified interval, RIP considers the route unreachable. This mechanism cannot detect link faults quickly.
Task Remarks Configuring RIP-to-MIB binding Optional. Configuring the RIP packet sending rate Optional. Configuring RIP FRR Configuring BFD for RIP Optional. Enabling single-hop echo detection(for a directly connected RIP neighbor) Optional. Configuring single-hop echo detection (for a specific destination) Optional. Enabling bidirectional control detection Optional.
Step Command Remarks Disable the specified interface from sending routing updates (the interfaces can still receive updates). silent-interface { interface-type interface-number | all } 4. Return to system view. quit N/A 5. Enter interface view. interface interface-type interface-number N/A 6. Enable the interface to receive RIP messages. rip input Enable the interface to send RIP messages. rip output 3. 7. Optional. All interfaces can send routing updates by default. Optional.
Step Enter interface view. 5. Command Remarks interface interface-type interface-number N/A Optional. Specify a RIP version for the interface. 6. rip version { 1 | 2 [ broadcast | multicast ] } By default, if an interface has no RIP version specified, the global version takes effect. If no global RIP version is specified, the interface can send RIPv1 broadcasts, and receive RIPv1 broadcasts and unicasts, and RIPv2 broadcasts, multicasts, and unicasts.
Enabling RIPv2 automatic route summarization Automatic summarization enables RIPv2 to generate a natural network for contiguous subnets. For example, suppose there are three subnet routes 10.1.1.0/24, 10.1.2.0/24, and 10.1.3.0/24. Automatic summarization automatically creates and advertises a summary route 10.0.0.0/8 instead of the more specific routes. To enable RIPv2 automatic route summarization: Step Command Remarks 1. Enter system view. system-view N/A 2. Enter RIP view.
Step Command Remarks 1. Enter system view. system-view N/A 2. Enter RIP view. rip [ process-id ] [ vpn-instance vpn-instance-name ] N/A 3. Disable RIP from receiving host routes. undo host-route By default, RIP receives host routes. Advertising a default route You can advertise a default route on all RIP interfaces in RIP view or a specific RIP interface in interface view. The interface view setting takes precedence over the RIP view settings.
Step Command Remarks 1. Enter system view. system-view N/A 2. Enter RIP view. rip [ process-id ] [ vpn-instance vpn-instance-name ] N/A Configure the filtering of received routes. filter-policy { acl-number | gateway ip-prefix-name | ip-prefix ip-prefix-name [ gateway ip-prefix-name ] } import [ interface-type interface-number ] 3. 4. Configure the filtering of redistributed routes.
Step 3. 4. Command Configure a default metric for redistributed routes. default cost value Redistribute routes from other routing protocols. import-route protocol [ process-id | all-processes | allow-ibgp ] [ cost cost | route-policy route-policy-name | tag tag ] * Remarks Optional. The default setting is 0. By default, route redistribution is disabled.
On NBMA networks such as FR and X.25 where multiple VCs are configured on the primary and secondary interfaces, disable split horizon to ensure correct route advertisement. For more information, see Layer 2—WAN Configuration Guide. Disabling split horizon on point-to-point links does not take effect. To enable split horizon: Step Command Remarks 1. Enter system view. system-view N/A 2. Enter interface view. interface interface-type interface-number N/A 3. Enable split horizon.
value, RIPv1 does not process the message. If you are certain that all messages are trustworthy, disable zero field check to save CPU resources. This feature does not apply to RIPv2 packets, because they have no zero fields. To enable zero field check on incoming RIPv1 messages: Step Command Remarks 1. Enter system view. system-view N/A 2. Enter RIP view. rip [ process-id ] [ vpn-instance vpn-instance-name ] N/A 3. Enable zero field check on incoming RIPv1 messages. checkzero Optional.
Step Command 1. Enter system view. system-view 2. Enter interface view. interface interface-type interface-number 3. Configure RIPv2 authentication. rip authentication-mode { md5 { rfc2082 [ cipher ] key-string key-id | rfc2453 [ cipher ] key-string } | simple [ cipher ] password } Specifying a RIP neighbor Usually, RIP sends messages to broadcast or multicast addresses. On non-broadcast or multicast links, you must manually specify RIP neighbors.
Configuring the RIP packet sending rate Perform this task to specify the interval for sending RIP packets and the maximum number of RIP packets that can be sent at each interval. This feature can avoid excessive RIP packets from affecting system performance and consuming too much bandwidth. To configure the RIP packet sending rate: Step Command Remarks 1. Enter system view. system-view N/A 2. Enter RIP view. rip [ process-id ] [ vpn-instance vpn-instance-name ] N/A 3.
Configuration procedure To configure RIP FRR: Step Command Remarks 1. Enter system view. system-view N/A 2. Configure the source address of echo packets. bfd echo-source-ip ip-address Not configured by default. 3. Enter RIP view. rip [ process-id ] [ vpn-instance vpn-instance-name ] N/A 4. Enable RIP FRR and reference a routing policy to designate a backup next hop. fast-reroute route-policy route-policy-name Disabled by default.
Configuring single-hop echo detection (for a specific destination) Configure this feature when the peer device does not support BFD. When a unidirectional link occurs between the local device and a specific neighbor, BFD can detect the failure and the local device does not receive or send any RIP packets through the interface connected to the neighbor to improve convergence speed. When the link recovers, the interface can send RIP packets again.
Displaying and maintaining RIP Task Command Remarks Display RIP current status and configuration information. display rip [ process-id | vpn-instance vpn-instance-name ] [ | { begin | exclude | include } regular-expression ] Available in any view. Display all active routes in RIP database. display rip process-id database [ | { begin | exclude | include } regular-expression ] Available in any view. Display RIP interface information.
[RouterA-rip-1] network 2.0.0.0 [RouterA-rip-1] network 3.0.0.0 [RouterA-rip-1] quit # Configure Router B. system-view [RouterB] rip [RouterB-rip-1] network 1.0.0.0 [RouterB-rip-1] network 10.0.0.0 [RouterB-rip-1] quit # Display the RIP routing table on Router A. [RouterA] display rip 1 route Route Flags: R - RIP, T - TRIP P - Permanent, A - Aging, S - Suppressed, G - Garbage-collect -------------------------------------------------------------------------Peer 1.1.1.
Configuring RIP route redistribution Network requirements As shown in Figure 8, Router B communicates with Router A through RIP 100 and with Router C through RIP 200. Configure RIP 200 to redistribute direct routes and routes from RIP 100 on Router B so Router C can learn routes destined for 10.2.1.0/24 and 11.1.1.0/24. Router A cannot learn routes destined for 12.3.1.0/24 and 16.4.1.0/24. Configure Router B to not advertise route 10.2.1.1/24 to Router C. Figure 8 Network diagram Configuration procedure 1.
[RouterC-rip-200] version 2 [RouterC-rip-200] undo summary [RouterC-rip-200] quit # Display the routing table on Router C. [RouterC] display ip routing-table Routing Tables: Public Destinations : 6 3. Routes : 6 Destination/Mask Proto Cost NextHop Interface 12.3.1.0/24 Direct 0 Pre 0 12.3.1.2 GE2/1/1 12.3.1.2/32 Direct 0 0 127.0.0.1 InLoop0 16.4.1.0/24 Direct 0 0 16.4.1.1 GE2/1/2 16.4.1.1/32 Direct 0 0 127.0.0.1 InLoop0 127.0.0.0/8 Direct 0 0 127.0.0.1 InLoop0 127.0.0.
11.1.1.0/24 RIP 1 12.3.1.1 GE2/1/1 12.3.1.0/24 Direct 0 100 0 12.3.1.2 GE2/1/1 12.3.1.2/32 Direct 0 0 127.0.0.1 InLoop0 16.4.1.0/24 Direct 0 0 16.4.1.1 GE2/1/2 16.4.1.1/32 Direct 0 0 127.0.0.1 InLoop0 127.0.0.0/8 Direct 0 0 127.0.0.1 InLoop0 127.0.0.1/32 Direct 0 0 127.0.0.1 InLoop0 Configuring an additional metric for a RIP interface Network requirements As shown in Figure 9, run RIPv2 on all the interfaces of Router A, Router B, Router C, Router D, and Router E.
[RouterC-rip-1] network 1.0.0.0 [RouterC-rip-1] version 2 [RouterC-rip-1] undo summary # Configure Router D. system-view [RouterD] rip [RouterD-rip-1] network 1.0.0.0 [RouterD-rip-1] version 2 [RouterD-rip-1] undo summary # Configure Router E. system-view [RouterE] rip [RouterE-rip-1] network 1.0.0.0 [RouterE-rip-1] version 2 [RouterE-rip-1] undo summary # Display the IP routing table on Router A. [RouterA] display rip 1 database 1.0.0.0/8, cost 0, ClassfulSumm 1.1.1.
Configuring RIP to advertise a summary route Network requirements As shown in Figure 10, Router A and Router B run OSPF; Router D runs RIP; and Router C runs OSPF and RIP. Configure RIP to redistribute OSPF routes on Router C so Router D can learn routes destined for networks 10.1.1.0/24, 10.2.1.0/24, 10.5.1.0/24, and 10.6.1.0/24. To reduce the routing table size of Router D, configure route summarization on Router C to advertise only the summary route 10.0.0.0/8 to Router D.
[RouterC-ospf-1] quit 3. Configure basic RIP: # Configure Router C. [RouterC] rip 1 [RouterC-rip-1] network 11.3.1.0 [RouterC-rip-1] version 2 [RouterC-rip-1] undo summary # Configure Router D. system-view [RouterD] rip 1 [RouterD-rip-1] network 11.0.0.0 [RouterD-rip-1] version 2 [RouterD-rip-1] undo summary [RouterD-rip-1] quit # Configure RIP to redistribute the routes from OSPF process 1 and direct routes on Router C.
11.3.1.2/32 Direct 0 0 127.0.0.1 InLoop0 11.4.1.0/24 Direct 0 0 11.4.1.2 GE2/1/2 11.4.1.2/32 Direct 0 0 127.0.0.1 InLoop0 127.0.0.0/8 Direct 0 0 127.0.0.1 InLoop0 127.0.0.1/32 Direct 0 0 127.0.0.1 InLoop0 Configuring RIP FRR Network requirements As shown in Figure 11, Router S, Router A, and Router D run RIPv2. Configure RIP FRR so that when Link A fails, traffic can be switched to Link B immediately. Figure 11 Network diagram Configuration procedure 1.
[RouterD-route-policy] apply fast-reroute backup-interface GigabitEthernet 2/1/1 backup-nexthop 24.24.24.2 [RouterD-route-policy] quit [RouterD] rip 1 [RouterD-rip-1] fast-reroute route-policy frr [RouterD-rip-1] quit 3. Verify the configuration: # Display route 4.4.4.4/32 on Router S, then you can view the backup next hop information. [RouterS] display ip routing-table 4.4.4.4 verbose Routing Table : Public Summary Count : 1 Destination: 4.4.4.
Configure a static route destined for 100.1.1.1/24 and enable static route redistribution into RIP on Router C so Router A can learn two routes destined for 100.1.1.1/24 through GigabitEthernet 2/1/1 and GigabitEthernet 2/1/2, respectively, and uses the one through GigabitEthernet 2/1/1. Enable BFD for RIP on GigabitEthernet 2/1/1 of Router A.
3. Configure the BFD parameters on GigabitEthernet 2/1/1 of Router A: [RouterA] bfd session init-mode active [RouterA] bfd echo-source-ip 11.11.11.11 [RouterA] interface GigabitEthernet 2/1 [RouterA-GigabitEthernet2/1/1] bfd min-echo-transmit-interval 500 [RouterA-GigabitEthernet2/1/1] bfd min-receive-interval 500 [RouterA-GigabitEthernet2/1/1] bfd detect-multiplier 7 [RouterA-GigabitEthernet2/1/1] return 4. Configure a static route on Router C: [RouterC] ip route-static 100.1.1.1 24 null 0 5.
%Jan 19 10:41:51:203 2008 RouterA BFD/4/LOG:Sess[192.168.1.1/192.168.1.2, GE2/1/1,Ctrl], Sta: UP->DOWN, Diag: 1 *Jan 19 10:33:12:813 2008 RouterA RM/6/RMDEBUG: RIP-BFD: Message Type Disable, Connect Type Direct-connect, Pkt Type Echo, Src IP Address 192.168.1.1, Src IFIndex4, Nbr IP Address 192.168.1.2. # Display the BFD information of Router A. display bfd session The output shows that Router A has deleted the BFD session to Router C and displays no output.
and does not receive or send any packets on GigabitEthernet 2/1/2. When the route learned from Router A ages out, Router B uses the route destined for 100.1.1.1/24 through GigabitEthernet 2/1/2. Figure 13 Network diagram Router B GE2/1/1 192.168.2.2/24 GE2/1/2 192.168.3.1/24 GE2/1/2 192.168.3.2/24 Router C Router A RIP packets Fault BFD session Configuration procedure 1. Configure IP addresses for interfaces. (Details not shown.) 2.
# Configure a static route on Router A. [RouterA] ip route-static 100.1.1.0 24 null 0 # Configure a static route on Router C. [RouterC] ip route-static 100.1.1.0 24 null 0 5. Verify the configuration: # Display the BFD session information on Router A. display bfd session Total session number: 1 Up session number: 1 Init Mode: Active IPv4 session working under Echo mode: LD SourceAddr DestAddr State Holdtime Interface 3 192.168.2.1 192.168.2.
display bfd session Total session number: 1 Up session number: 0 Init Mode: Active IPv4 session working under Echo mode: LD SourceAddr DestAddr State Holdtime 3 192.168.2.1 192.168.2.2 Down / Interface GE2/1/2 The output shows that the BFD session to the specified destination is down. # Display routes destined for 100.1.1.0/24 on Router B when the route learned from Router A ages out. display ip routing-table 100.1.1.
Figure 14 Network diagram Configuration procedure 1. Configure IP addresses for interfaces. (Details not shown.) 2. Configure basic RIP basic and enable static route redistribution into RIP so Router A and Router C have routes to send to each other: # Configure Router A. system-view [RouterA] rip 1 [RouterA-rip-1] network 192.168.1.0 [RouterA-rip-1] peer 192.168.2.
[RouterD] rip 1 [RouterD-rip-1] network 192.168.3.0 [RouterD-rip-1] network 192.168.4.0 [RouterD-rip-1] quit 3. Configure BFD parameters for the interfaces: # Configure Router A. [RouterA] bfd session init-mode active [RouterA] interface GigabitEthernet 2/1/1 [RouterA-GigabitEthernet2/1/1] ip address 192.168.3.1 24 [RouterA-GigabitEthernet2/1/1] quit [RouterA] interface GigabitEthernet 2/1/2 [RouterA-GigabitEthernet2/1/2] ip address 192.168.1.
5. Verify the configuration: # Display the BFD session information of Router A. display bfd session Total Session Num: 1 Init Mode: Active Session Working Under Ctrl Mode: LD/RD SourceAddr DestAddr State Holdtime Interface 6/1 192.168.1.1 192.168.2.2 Up 1700ms GE2/1/2 # Display RIP routes destined for 100.1.1.0/24 learned on Router A. display ip routing-table 100.1.1.0 verbose Routing Table : Public Summary Count : 2 Destination: 100.1.1.
display rip 1 route Route Flags: R - RIP, T - TRIP P - Permanent, A - Aging, S - Suppressed, G - Garbage-collect ---------------------------------------------------------------------------- The output shows that the RIP route learned from Router C no longer exists. # Display the RIP route destined for 100.1.1.0/24 on Router A. display ip routing-table 100.1.1.0 verbose Routing Table : Public Summary Count : 1 Destination: 100.1.1.
Analysis In the RIP network, make sure that all the same timers within the entire network are identical and have logical relationships between them. For example, the timeout timer value should be greater than the update timer value. Solution • Use the display rip command to verify the configuration of RIP timers. • Use the timers command to adjust timers.
Configuring OSPF This chapter describes how to configure OSPF. Overview Open Shortest Path First (OSPF) is a link state interior gateway protocol developed by the OSPF working group of the IETF. OSPF version 2 is used for IPv4. Unless otherwise stated, OSPF refers to OSPFv2 (defined in RFC 2328) throughout this document. OSPF has the following features: • Wide scope—Supports various network sizes and up to several hundred routers in an OSPF routing domain.
LSA types OSPF advertises routing information in Link State Advertisements (LSAs). The following describes some commonly used LSAs: • Router LSA—Type-1 LSA, originated by all routers and flooded throughout a single area only. This LSA describes the collected states of the router's interfaces to an area. • Network LSA—Type-2 LSA, originated for broadcast and NBMA networks by the designated router, and flooded throughout a single area only. This LSA contains the list of routers connected to the network.
Figure 15 Area based OSPF network partition Backbone area and virtual links Each AS has a backbone area that distributes routing information between non-backbone areas. Routing information between non-backbone areas must be forwarded by the backbone area. OSPF requires the following: • All non-backbone areas must maintain connectivity to the backbone area. • The backbone area must maintain connectivity within itself. In practice, the requirements might not be met due to lack of physical links.
Figure 17 Virtual link application 2 The virtual link between the two ABRs acts as a point-to-point connection. You can configure interface parameters, such as hello interval, on the virtual link as they are configured on a physical interface. The two ABRs on the virtual link unicast OSPF packets to each other, and the OSPF routers in between convey these OSPF packets as normal IP packets.
Router types OSPF classifies routers into the following types based on their positions in the AS: • Internal router—All interfaces on an internal router belong to one OSPF area. • Area Border Router (ABR)—Belongs to more than two areas, one of which must be the backbone area. An ABR connects the backbone area to a non-backbone area. An ABR and the backbone area can be connected through a physical or logical link.
A Type-2 external route has low credibility. OSPF considers the cost from the ASBR to the destination of a Type-2 external route is much greater than the cost from the ASBR to an OSPF internal router. The cost from the internal router to the destination of the Type-2 external route = the cost from the ASBR to the destination of the Type-2 external route.
The DR and BDR mechanisms can solve this problem. • DR—Elected to advertise routing information among other routers. If the DR fails, routers on the network must elect another DR and synchronize information with the new DR. Using this mechanism alone is time-consuming and prone to route calculation errors. • BDR—Elected along with the DR to establish adjacencies with all other routers. When the DR fails, the BDR immediately becomes the new DR, and other routers elect a new BDR.
• RFC 3101, OSPF Not-So-Stubby Area (NSSA) Option • RFC 3137, OSPF Stub Router Advertisement • RFC 3630, Traffic Engineering Extensions to OSPF Version 2 • RFC 4811, OSPF Out-of-Band LSDB Resynchronization • RFC 4812, OSPF Restart Signaling • RFC 4813, OSPF Link-Local Signaling OSPF configuration task list To run OSPF in a routing domain, you must first enable OSPF on the routers. Make a proper configuration plan to avoid wrong settings that can result in route blocking and routing loops.
Task Remarks Adding the interface MTU into DD packets Optional. Configuring the maximum number of external LSAs in LSDB Optional. Enabling compatibility with RFC 1583 Optional. Logging neighbor state changes Optional . Configuring OSPF network management Optional. Enabling message logging Optional. Enabling the advertisement and reception of opaque LSAs Optional. Configuring OSPF to give priority to receiving and processing hello packets Optional.
If you specify no router ID when creating the OSPF process, the global router ID is used. HP recommends specifying a router ID when you create the OSPF process. • OSPF can run multiple processes and supports VPNs. • To run multiple OSPF processes, you must specify an ID for each process. The process IDs take effect locally and has no influence on packet exchange between routers. Two routers with different process IDs can exchange packets. • VPN support enables an OSPF process to run in a specified VPN.
Configuration prerequisites Before you configure an OSPF area, complete the following tasks: • Configure IP addresses for interfaces. • Enable OSPF. Configuring a stub area You can configure a non-backbone area at an AS edge as a stub area. To do so, issue the stub command on all the routers attached to the area. The routing table size is reduced because Type-5 LSAs are not flooded within the stub area.
To configure an NSSA area, issue the nssa command on all the routers attached to the area. To configure a totally NSSA area, you also need to configure the nssa no-summary command on the ABR. The ABR of a totally NSSA area does not advertise inter-area routes into the area. To configure an NSSA area: Step Command Remarks 1. Enter system view. system-view N/A 2. Enter OSPF view. ospf [ process-id | router-id router-id | vpn-instance vpn-instance-name ] * N/A 3. Enter area view.
Step Command Remarks Configure this command on both ends of a virtual link. 4. vlink-peer router-id [ hello seconds | retransmit seconds | trans-delay seconds | dead seconds | { simple [ plain | cipher ] password | { md5 | hmac-md5 } key-id [ plain | cipher ] password } ] * Configure a virtual link. hello and dead intervals must be identical on both ends of the virtual link.
Step 3. 4. Command Remarks Configure the OSPF network type for the interface as broadcast. ospf network-type broadcast By default, the network type of an interface depends on the link layer protocol. Configure a router priority for the interface. ospf dr-priority priority Optional. The default router priority is 1.
Step Enter interface view. 2. Command Remarks interface interface-type interface-number N/A By default, the network type of an interface depends on the link layer protocol. After you configure the OSPF network type for an interface as P2MP unicast, all packets are unicast over the interface. The interface cannot broadcast hello packets to discover neighbors, so you must manually specify the neighbors. Configure the OSPF network type for the interface as P2MP. ospf network-type p2mp [ unicast ] 4.
Configure filters if routing information filtering is needed. • Configuring OSPF route summarization You can configure route summarization on an ABR or ASBR to summarize routes with the same prefix into a single route and distribute it to other areas. Route summarization reduces the routing information exchanged between areas and the sizes of routing tables, improving router performance.
Configuring OSPF inbound route filtering OSPF calculates routes by using LSAs. The calculated routes can be filtered and only permitted routes are installed into the OSPF routing table. OSPF provides the following filtering methods: • Filters routing information by destination address through ACLs and IP address prefixes. • Filters routing information by next hop through the filtering criteria configured with the gateway keyword.
Configure a bandwidth reference value for the interface. OSPF computes the cost with this formula: Interface OSPF cost = Bandwidth reference value (100 Mbps)/Interface bandwidth (Mbps). If the calculated cost is greater than 65,535, the value of 65,535 is used. If the calculated cost is less than 1, the value of 1 is used. If no cost or bandwidth reference value is configured for an interface, OSPF computes the interface cost based on the interface bandwidth and default bandwidth reference value.
Configuring OSPF preference A router can run multiple routing protocols, and each protocol is assigned a preference. When the routing protocols find routes to the same destination, the route found by the protocol with the highest preference is selected as the best route. To configure OSPF preference: Step Command Remarks 1. Enter system view. system-view N/A 2. Enter OSPF view. ospf [ process-id | router-id router-id | vpn-instance vpn-instance-name ] * N/A Optional. 3.
Configuring OSPF to redistribute a default route The import-route command cannot redistribute a default external route. Perform this task to redistribute a default external route. To configure OSPF to redistribute a default external route: Step Command Remarks 1. Enter system view. system-view N/A 2. Enter OSPF view. ospf [ process-id | router-id router-id | vpn-instance vpn-instance-name ] * N/A Not redistributed by default. 3. Redistribute a default route.
Step Command Remarks 2. Enter OSPF view. ospf [ process-id | router-id router-id | vpn-instance vpn-instance-name ] * N/A 3. Enter area view. area area-id N/A 4. Advertise a host route. host-advertise ip-address cost Not advertised by default. Tuning and optimizing OSPF networks You can optimize an OSPF network in the following ways: • Change OSPF packet timers to adjust the convergence speed and network load. On low-speed links, consider the delay time for sending LSAs.
Step Command Remarks Optional. 3. Specify the hello interval. ospf timer hello seconds The hello interval defaults to 10 seconds on P2P and broadcast interfaces, and defaults to 30 seconds on P2MP and NBMA interfaces. The default hello interval is restored when the network type for an interface is changed. 4. Specify the poll interval. ospf timer poll seconds Optional. The poll interval defaults to 120 seconds. Optional. 5. Specify the dead interval.
Step Command Remarks 1. Enter system view. system-view N/A 2. Enter OSPF view. ospf [ process-id | router-id router-id | vpn-instance vpn-instance-name ] * N/A 3. Specify the SPF calculation interval. spf-schedule-interval maximum-interval [ minimum-interval [ incremental-interval ] ] Optional. By default, the interval is 5 seconds.
Step Command Remarks Optional. Configure the LSA generation interval. 3. lsa-generation-interval maximum-interval [ minimum-interval [ incremental-interval ] ] By default, the maximum interval is 5 seconds, the minimum interval is 0 milliseconds, and the incremental interval is 5000 milliseconds.
Configuring OSPF authentication Configure OSPF packet authentication to ensure the security of packet exchange. After authentication is configured, OSPF only receives packets that pass authentication. Failed packets cannot establish neighboring relationships. You must configure the same authentication mode and password on all routers on the same network segment. If you configure OSPF authentication for both an area and an interface in that area, the interface uses the OSPF authentication configured on it.
Step Command Remarks • Configure simple authentication: 3. Configure interface authentication mode. ospf authentication-mode simple [ cipher | plain ] password • Configure MD5 authentication: ospf authentication-mode { hmac-md5 | md5 } key-id [ cipher | plain ] password Use either method. By default, no authentication is configured. Adding the interface MTU into DD packets By default, an interface adds 0 into the interface MTU field of a DD packet to be sent rather than the interface MTU.
To avoid routing loops, configure all the routers in a routing domain to be either compatible or incompatible with RFC 1583. To make them compatible: Step Command Remarks 1. Enter system view. system-view N/A 2. Enter OSPF view. ospf [ process-id | router-id router-id | vpn-instance vpn-instance-name ] * N/A 3. Enable compatibility with RFC 1583. rfc1583 compatible Optional. Enabled by default.
Step Command Remarks Optional. 2. 3. Bind OSPF MIB to an OSPF process. ospf mib-binding process-id Enable OSPF trap generation.
can configure OSPF to give priority to receiving and processing Hello packets to ensure stable neighbor relationships. To configure OSPF to give priority to receiving and processing Hello packets: Step Command Remarks 1. Enter system view. system-view N/A 2. Configure OSPF to give priority to receiving and processing hello packets. ospf packet-process prioritized-treatment Not configured by default.
Configuring OSPF FRR When a link fails, the packets on the link are discarded, and a routing loop might occur until OSPF completes routing convergence based on the new network topology. You can enable OSPF fast reroute (FRR) to resolve this issue. Figure 21 Network diagram for OSPF FRR In Figure 21, after you enable FRR on Router B, OSPF automatically calculates or designates a backup next hop when a link failure is detected. Packets are directed to the backup next hop.
Configuring OSPF FRR to designate a backup next hop with a routing policy Before configuring this task, you need to use the apply fast-reroute backup-interface command to specify a backup next hop in the routing policy to be referenced. For more information about the apply fast-reroute backup-interface command and routing policy configuration, see "Configuring routing policies." To configure OSPF FRR: Step Command Remarks 1. Enter system view. system-view N/A 2.
Step Command Remarks 2. Enable OSPF and enter its view. ospf [ process-id | router-id router-id | vpn-instance vpn-instance-name ] * N/A 3. Enable opaque LSA advertisement capability. opaque-capability enable Disabled by default. 4. Enable the IETF standard Graceful restart capability. graceful-restart ietf Disabled by default. 5. Configure the Graceful restart interval. graceful-restart interval interval-value Optional. 120 seconds by default.
Configuring the non-IETF standard OSPF GR helper Step Command Remarks 1. Enter system view. system-view N/A 2. Enable OSPF and enter its view. ospf [ process-id | router-id router-id | vpn-instance vpn-instance-name ] * N/A 3. Enable the link-local signaling capability. enable link-local-signaling Disabled by default. 4. Enable the out-of-band re-synchronization capability. enable out-of-band-resynchronization Disabled by default. 5.
GR requires the cooperation of neighboring devices to recover routing information during the active/standby switchover period. NSR does not require that, and is more popular in practice. IMPORTANT: Do not configure OSPF NSR on a device acting as GR restarter. To enable OSPF NSR: Step Command Remarks 1. Enter system view. system-view N/A 2. Enable OSPF NSR. ospf non-stop-routing By default, OSPF NSR is disabled.
Configuring echo packet single-hop detection Step Command Remarks 1. Enter system view. system-view N/A 2. Configure the source address of echo packets. bfd echo-source-ip ip-address Not configured by default. 3. Enable an OSPF process and enter OSPF view. ospf [ process-id | router-id router-id | vpn-instance vpn-instance-name ] * N/A 4. Specify a network to enable the interface attached to the network to run the OSPF process in the area. network ip-address wildcard-mask N/A 5.
Task Command Remarks Display virtual link information. display ospf [ process-id ] vlink [ | { begin | exclude | include } regular-expression ] Available in any view. Display OSPF request queue information. display ospf [ process-id ] request-queue [ interface-type interface-number ] [ neighbor-id ] [ | { begin | exclude | include } regular-expression ] Available in any view. Display OSPF retransmission queue information.
Configuring OSPF basic functions Network requirements • Enable OSPF on all routers, and split the AS into three areas. • Configure Router A and Router B as ABRs. Figure 22 Network diagram Configuration procedure 1. Configure IP addresses for interfaces. (Details not shown.) 2. Configure OSPF basic functions: # Configure Router A. system-view [RouterA] ospf [RouterA-ospf-1] area 0 [RouterA-ospf-1-area-0.0.0.0] network 10.1.1.0 0.0.0.255 [RouterA-ospf-1-area-0.0.0.
[RouterC-ospf-1-area-0.0.0.1] network 10.4.1.0 0.0.0.255 [RouterC-ospf-1-area-0.0.0.1] quit [RouterC-ospf-1] quit # Configure Router D. system-view [RouterD] ospf [RouterD-ospf-1] area 2 [RouterD-ospf-1-area-0.0.0.2] network 10.3.1.0 0.0.0.255 [RouterD-ospf-1-area-0.0.0.2] network 10.5.1.0 0.0.0.255 [RouterD-ospf-1-area-0.0.0.2] quit [RouterD-ospf-1] quit 3. Verify the configuration: # Display the OSPF neighbors of Router A. [RouterA] display ospf peer verbose OSPF Process 1 with Router ID 10.
10.1.1.0/24 1 Transit 10.1.1.1 10.2.1.1 0.0.0.0 Total Nets: 5 Intra Area: 3 Inter Area: 2 ASE: 0 NSSA: 0 # Display the Link State Database on Router A. [RouterA] display ospf lsdb OSPF Process 1 with Router ID 10.2.1.1 Link State Database Area: 0.0.0.0 Type LinkState ID AdvRouter Age Len Sequence Router 10.2.1.1 10.2.1.1 1069 36 80000012 Metric 0 Router 10.3.1.1 10.3.1.1 780 36 80000011 0 Network 10.1.1.1 10.2.1.1 1069 32 80000010 0 Sum-Net 10.5.1.0 10.3.1.
Reply from 10.4.1.1: bytes=56 Sequence=2 ttl=253 time=1 ms Reply from 10.4.1.1: bytes=56 Sequence=3 ttl=253 time=1 ms Reply from 10.4.1.1: bytes=56 Sequence=4 ttl=253 time=1 ms Reply from 10.4.1.1: bytes=56 Sequence=5 ttl=253 time=1 ms --- 10.4.1.1 ping statistics --5 packet(s) transmitted 5 packet(s) received 0.00% packet loss round-trip min/avg/max = 1/1/2 ms Configuring OSPF route redistribution Network requirements • Enable OSPF on all the routers, and split the AS into three areas.
Routing Table to ABR and ASBR Type Destination Area Cost Nexthop RtType Intra 10.3.1.1 0.0.0.2 10 10.3.1.1 ABR Inter 10.4.1.1 0.0.0.2 22 10.3.1.1 ASBR # Display the OSPF routing table of Router D. display ospf routing OSPF Process 1 with Router ID 10.5.1.1 Routing Tables Routing for Network Destination Cost Type NextHop AdvRouter Area 10.2.1.0/24 22 Inter 10.3.1.1 10.3.1.1 0.0.0.2 10.3.1.0/24 10 Transit 10.3.1.2 10.3.1.1 0.0.0.2 10.4.1.0/24 25 Inter 10.3.1.
Figure 24 Network diagram Configuration procedure 1. Configure IP addresses for interfaces. (Details not shown.) 2. Configure OSPF basic functions: # Configure Router A. system-view [RouterA] ospf [RouterA-ospf-1] area 0 [RouterA-ospf-1-area-0.0.0.0] network 11.2.1.0 0.0.0.255 [RouterA-ospf-1-area-0.0.0.0] quit [RouterA-ospf-1] quit # Configure Router B. system-view [RouterB] ospf [RouterB-ospf-1] area 0 [RouterB-ospf-1-area-0.0.0.0] network 11.2.1.0 0.0.0.
[RouterD-ospf-1] area 0 [RouterD-ospf-1-area-0.0.0.0] network 10.1.1.0 0.0.0.255 [RouterD-ospf-1-area-0.0.0.0] network 10.3.1.0 0.0.0.255 [RouterD-ospf-1-area-0.0.0.0] quit # Configure Router E. system-view [RouterE] ospf [RouterE-ospf-1] area 0 [RouterE-ospf-1-area-0.0.0.0] network 10.2.1.0 0.0.0.255 [RouterE-ospf-1-area-0.0.0.0] network 10.4.1.0 0.0.0.255 [RouterE-ospf-1-area-0.0.0.0] quit [RouterE-ospf-1] quit 3.
5. Configure summary route 10.0.0.0/8 on Router B and advertise it: [RouterB-ospf-1] asbr-summary 10.0.0.0 8 # Display the routing table of Router A. [RouterA] display ip routing-table Routing Tables: Public Destinations : 5 Routes : 5 Destination/Mask Proto Pre Cost NextHop Interface 10.0.0.0/8 O_ASE 150 2 11.2.1.1 GE2/1/1 11.2.1.0/24 Direct 0 0 11.2.1.2 GE2/1/1 11.2.1.2/32 Direct 0 0 127.0.0.1 InLoop0 127.0.0.0/8 Direct 0 0 127.0.0.1 InLoop0 127.0.0.1/32 Direct 0 0 127.0.
[RouterD-ospf-1] quit # Display ABR/ASBR information on Router C. display ospf abr-asbr OSPF Process 1 with Router ID 10.4.1.1 Routing Table to ABR and ASBR Type Destination Area Cost Nexthop RtType Intra 10.2.1.1 0.0.0.1 3 10.2.1.1 ABR Inter 10.3.1.1 0.0.0.1 5 10.2.1.1 ABR Inter 10.5.1.1 0.0.0.1 7 10.2.1.1 ASBR # Display OSPF routing information on Router C. display ospf routing OSPF Process 1 with Router ID 10.4.1.
# Display routing information on Router C. [RouterC] display ospf routing OSPF Process 1 with Router ID 10.4.1.1 Routing Tables Routing for Network Destination Cost Type NextHop AdvRouter Area 0.0.0.0/0 4 Inter 10.2.1.1 10.2.1.1 0.0.0.1 10.2.1.0/24 3 Transit 10.2.1.2 10.2.1.1 0.0.0.1 10.3.1.0/24 7 Inter 10.2.1.1 10.2.1.1 0.0.0.1 10.4.1.0/24 3 Stub 10.4.1.1 10.4.1.1 0.0.0.1 10.5.1.0/24 17 Inter 10.2.1.1 10.2.1.1 0.0.0.1 10.1.1.0/24 5 Inter 10.2.1.1 10.2.1.1 0.0.0.
• Configure Area 1 as an NSSA area and configure Router C as an ASBR to redistribute static routes into the AS. Figure 26 Network diagram Configuration procedure 1. Configure IP addresses for interfaces. (Details not shown.) 2. Configuring OSPF basic functions (see "Configuring OSPF basic functions"). 3. Configure Area 1 as an NSSA area: # Configure Router A. system-view [RouterA] ospf [RouterA-ospf-1] area 1 [RouterA-ospf-1-area-0.0.0.1] nssa [RouterA-ospf-1-area-0.0.0.
Destination Cost Type AdvRouter Area 10.2.1.0/24 3 Transit 10.2.1.2 NextHop 10.4.1.1 0.0.0.1 10.3.1.0/24 7 Inter 10.2.1.1 10.2.1.1 0.0.0.1 10.4.1.0/24 3 Stub 10.4.1.1 10.4.1.1 0.0.0.1 10.5.1.0/24 17 Inter 10.2.1.1 10.2.1.1 0.0.0.1 10.1.1.0/24 5 Inter 10.2.1.1 10.2.1.1 0.0.0.1 Total Nets: 5 Intra Area: 2 4. Inter Area: 3 ASE: 0 NSSA: 0 Configure a static route and configure OSPF to redistribute the static route on Router C: [RouterC] ip route-static 3.1.2.1 24 10.4.1.
Figure 27 Network diagram Configuration procedure 1. Configure IP addresses for interfaces. (Details not shown.) 2. Configure OSPF basic functions: # Configure Router A. system-view [RouterA] router id 1.1.1.1 [RouterA] ospf [RouterA-ospf-1] area 0 [RouterA-ospf-1-area-0.0.0.0] network 192.168.1.0 0.0.0.255 [RouterA-ospf-1-area-0.0.0.0] quit [RouterA-ospf-1] quit # Configure Router B. system-view [RouterB] router id 2.2.2.
[RouterD-ospf-1] return # Display neighbor information on Router A. [RouterA] display ospf peer verbose OSPF Process 1 with Router ID 1.1.1.1 Neighbors Area 0.0.0.0 interface 192.168.1.1(GigabitEthernet2/1/1)'s neighbors Router ID: 2.2.2.2 State: 2-Way Address: 192.168.1.2 Mode: None DR: 192.168.1.4 Priority: 1 BDR: 192.168.1.3 Dead timer due in 38 GR State: Normal MTU: 0 sec Neighbor is up for 00:01:31 Authentication Sequence: [ 0 ] Router ID: 3.3.3.3 State: Full Address: 192.168.1.
Area 0.0.0.0 interface 192.168.1.4(GigabitEthernet2/1/1)'s neighbors Router ID: 1.1.1.1 State: Full Address: 192.168.1.1 Mode:Nbr is DR: 192.168.1.4 Slave BDR: 192.168.1.3 Dead timer due in 31 GR State: Normal Priority: 100 MTU: 0 sec Neighbor is up for 00:11:17 Authentication Sequence: [ 0 ] Router ID: 2.2.2.2 State: Full Address: 192.168.1.2 Mode:Nbr is DR: 192.168.1.4 Slave Priority: 0 BDR: 192.168.1.
Router ID: 3.3.3.3 State: Full Address: 192.168.1.3 Mode: Nbr is Slave DR: 192.168.1.1 Priority: 2 BDR: 192.168.1.3 Dead timer due in 39 GR State: Normal MTU: 0 sec Neighbor is up for 00:01:41 Authentication Sequence: [ 0 ] The output shows that Router A becomes the DR and Router C becomes the BDR. The full neighbor state means an adjacency has been established. The 2-way neighbor state means the two routers are not the DR or BDR, and they do not exchange LSAs.
Configuration procedure 1. Configure IP addresses for interfaces. (Details not shown.) 2. Configure OSPF basic functions: # Configure Router A. system-view [RouterA] ospf 1 router-id 1.1.1.1 [RouterA-ospf-1] area 0 [RouterA-ospf-1-area-0.0.0.0] network 10.1.1.0 0.0.0.255 [RouterA-ospf-1-area-0.0.0.0] quit # Configure Router B. system-view [RouterB] ospf 1 router-id 2.2.2.2 [RouterB-ospf-1] area 0 [RouterB-ospf-1-area-0.0.0.0] network 10.1.1.0 0.0.0.255 [RouterB-ospf-1-area-0.0.0.
Area 0 has no direct connection to Area 2, so the OSPF routing table of Router B has no route to Area 2. 3. Configure a virtual link: # Configure Router B. [RouterB] ospf [RouterB-ospf-1] area 1 [RouterB-ospf-1-area-0.0.0.1] vlink-peer 3.3.3.3 [RouterB-ospf-1-area-0.0.0.1] quit [RouterB-ospf-1] quit # Configure Router C. [RouterC] ospf [RouterC-ospf-1] area 1 [RouterC-ospf-1-area-0.0.0.1] vlink-peer 2.2.2.2 [RouterC-ospf-1-area-0.0.0.1] quit # Display OSPF routing information on Router B.
Figure 29 Network diagram Configuration procedure 1. Configure IP address for interfaces. (Details not shown.) 2. Configure OSPF basic functions: # Configure Router A system-view [RouterA] router id 1.1.1.1 [RouterA] ospf 100 [RouterA-ospf-100] area 0 [RouterA-ospf-100-area-0.0.0.0] network 192.1.1.0 0.0.0.255 [RouterA-ospf-100-area-0.0.0.0] quit # Configure Router B system-view [RouterB] router id 2.2.2.2 [RouterB] ospf 100 [RouterB-ospf-100] area 0 [RouterB-ospf-100-area-0.0.0.
# Configure Router B as the GR helper: enable the link-local signaling capability and the out-of-band re-synchronization capability for OSPF process 100. [RouterB-ospf-100] enable link-local-signaling [RouterB-ospf-100] enable out-of-band-resynchronization # Configure Router C as the GR helper: enable the link-local signaling capability and the out-of-band re-synchronization capability for OSPF process 100.
Configuring OSPF NSR Network requirements As shown in Figure 30, Router S, Router A, and Router B belong to the same OSPF routing domain. Enable OSPF NSR on Router S to ensure correct routing when an active/standby switchover occurs on Router S. Router S is an 6604, 6608, or 6616 router that has an RPE or RSE MPU installed. Figure 30 Network diagram Configuration procedure 1.
display ospf routing OSPF Process 1 with Router ID 192.168.1.40 Routing Tables Routing for Network Destination Cost Type NextHop AdvRouter Area 44.44.44.44/32 2 Stub 12.12.12.2 44.44.44.44 0.0.0.0 14.14.14.0/24 2 Transit 12.12.12.2 192.168.1.41 0.0.0.0 22.22.22.22/32 0 Stub 192.168.1.40 0.0.0.0 12.12.12.0/24 1 Transit 12.12.12.1 192.168.1.40 0.0.0.0 22.22.22.
• Configure Router C as an ASBR to redistribute external routes (static routes), and configure a filter policy on Router C to filter out route 3.1.3.0/24. • Configure a routing policy on Router A to filter route 10.5.1.0/24. Figure 31 Network diagram Configuration procedure 1. Configure IP addresses for interfaces. (Details not shown.) 2. Configure OSPF basic functions (see "Configuring OSPF basic functions"). 3.
4. 10.4.1.0/24 OSPF 10 13 10.2.1.2 GE2/1/2 10.5.1.0/24 OSPF 10 14 10.1.1.2 GE2/1/1 127.0.0.0/8 Direct 0 0 127.0.0.1 InLoop0 127.0.0.1/32 Direct 0 0 127.0.0.1 InLoop0 Configure Router C to filter out the route 3.1.3.0/24: # Configure the IPv4 prefix list. [RouterC] ip ip-prefix prefix1 index 1 deny 3.1.3.0 24 [RouterC] ip ip-prefix prefix1 index 2 permit 3.1.1.0 24 [RouterC] ip ip-prefix prefix1 index 3 permit 3.1.2.0 24 # Reference the prefix list to filter out the route 3.1.3.0/24.
Destinations : 10 Routes : 10 Destination/Mask Proto Pre Cost NextHop Interface 3.1.1.0/24 O_ASE 150 1 10.2.1.2 GE2/1/2 3.1.2.0/24 O_ASE 150 1 10.2.1.2 GE2/1/2 10.1.1.0/24 Direct 0 0 10.1.1.1 GE2/1/1 10.1.1.1/32 Direct 0 0 127.0.0.1 InLoop0 10.2.1.0/24 Direct 0 0 10.2.1.1 GE2/1/2 10.2.1.1/32 Direct 0 0 127.0.0.1 InLoop0 10.3.1.0/24 OSPF 10 4 10.1.1.2 GE2/1/1 10.4.1.0/24 OSPF 10 13 10.2.1.2 GE2/1/2 127.0.0.0/8 Direct 0 0 127.0.0.1 InLoop0 127.0.0.
[RouterS] ospf 1 [RouterS-ospf-1] fast-reroute auto [RouterS-ospf-1] quit # Configure Router D. system-view [RouterD] bfd echo-source-ip 4.4.4.4 [RouterD] ospf 1 [RouterD-ospf-1] fast-reroute auto [RouterD-ospf-1] quit { Method 2: Enable OSPF FRR to designate a backup next hop by using a routing policy. # Configure Router S. system-view [RouterS] bfd echo-source-ip 1.1.1.1 [RouterS] ip ip-prefix abc index 10 permit 4.4.4.
Tunnel ID: 0x0 Label: NULL BKTunnel ID: 0x0 BKLabel: NULL State: Active Adv Age: 00h01m27s Tag: 0 # Display route 1.1.1.1/32 on Router D. You can find the backup next hop information. [RouterD] display ip routing-table 1.1.1.1 verbose Routing Table : Public Summary Count : 1 Destination: 1.1.1.1/32 Protocol: OSPF Process ID: 1 Preference: 10 Cost: 1 IpPrecedence: QosLcId: NextHop: 13.13.13.1 Interface: GigabitEthernet2/1/2 BkNextHop: 24.24.24.
Router C GE2/1/1 10.1.1.100/24 GE2/1/2 13.1.1.2/24 Configuration procedure 1. Configure IP addresses for the interfaces. (Details not shown.) 2. Configure OSPF basic functions: # Configure Router A. system-view [RouterA] ospf [RouterA-ospf-1] area 0 [RouterA-ospf-1-area-0.0.0.0] network 192.168.0.0 0.0.0.255 [RouterA-ospf-1-area-0.0.0.0] network 10.1.1.0 0.0.0.255 [RouterA-ospf-1-area-0.0.0.0] network 121.1.1.0 0.0.0.255 [RouterA-ospf-1-area-0.0.0.
[RouterB] bfd session init-mode active [RouterB] interface GigabitEthernet 2/1/1 [RouterB-GigabitEthernet2/1/1] ospf bfd enable [RouterB-GigabitEthernet2/1/1] bfd min-transmit-interval 500 [RouterB-GigabitEthernet2/1/1] bfd min-receive-interval 500 [RouterB-GigabitEthernet2/1/1] bfd detect-multiplier 6 4. Verify the configuration: The following operations are performed on Router A. The operations on Router B and Router C are similar. (Details not shown.) # Display BFD information on Router A.
# After the link over which Router A and Router B communicates through the Layer 2 switch fails, Router A quickly detects the change on Router B. %Nov 12 18:34:48:823 2005 RouterA BFD/5/LOG: Sess[192.168.0.102/192.168.0.100, GE2/1/1], Sta : UP->DOWN, Diag: 1 %Nov 12 18:34:48:824 2005 RouterA RM/4/RMLOG:OSPF-NBRCHANGE: Process 1, Neighbour 192.168.0.102 (GigabitEthernet2/1/1) from Full to Down *0.50673825 RouterA BFD/8/SCM:Sess[192.168.0.102/192.168.0.100,GE2/1/1],Oper: Reset *0.
Destination: 120.1.1.0/24 Protocol: OSPF Process ID: 0 Preference: 0 Cost: 2 IpPrecedence: QosLcId: NextHop: 192.168.0.100 BkNextHop: 0.0.0.0 Interface: GigabitEthernet2/1/1 BkInterface: RelyNextHop: 0.0.0.0 Neighbor : 0.0.0.0 Tunnel ID: 0x0 Label: NULL BKTunnel ID: 0x0 BKLabel: NULL State: Invalid Adv Age: 00h58m05s Tag: 0 Troubleshooting OSPF configuration No OSPF neighbor relationship established Symptom No OSPF neighbor relationship can be established.
Solution 1. Use the display ospf peer command to verify neighbor information. 2. Use the display ospf interface command to verify OSPF interface information. 3. Use the display ospf lsdb command to verify the LSDB. 4. Use the display current-configuration configuration ospf command to verify area configuration. If more than two areas are configured, at least one area is connected to the backbone. 5. In a stub area, all routers attached are configured with the stub command.
Configuring IS-IS This chapter describes how to configure IS-IS for an IPv4 network. Overview Intermediate System-to-Intermediate System (IS-IS) is a dynamic routing protocol designed by the International Organization for Standardization (ISO) to operate on the connectionless network protocol (CLNP). IS-IS was modified and extended in RFC 1195 by the IETF for application in both TCP/IP and OSI reference models, and the new one is called "Integrated IS-IS" or "Dual IS-IS.
The DSP includes the high order part of DSP (HO-DSP), System ID, and SEL, where the HO-DSP identifies the area, the System ID identifies the host, and the SEL identifies the type of service. The IDP and DSP are variable in length. The length of an NSAP address varies from 8 bytes to 20 bytes. Figure 34 NSAP address format Area address The area address comprises the IDP and the HO-DSP of the DSP, which identify the area and the routing domain. Different routing domains cannot have the same area address.
• Area ID—Has a length of 1 to 13 bytes. • System ID—A system ID uniquely identifies a host or router in the area and has a fixed length of 6-byte. • SEL—Has a value of 0 and a fixed length of 1-byte. For example, for a NET is ab.cdef.1234.5678.9abc.00, the area ID is ab.cdef, the system ID is 1234.5678.9abc, and the SEL is 00. Typically, a router only needs one NET, but it can have a maximum of three NETs for smooth area merging and partitioning.
Figure 35 IS-IS topology 1 Figure 36 shows another IS-IS topology. The Level-1-2 routers connect to the Level-1 and Level-2 routers, and form the IS-IS backbone together with the Level-2 routers. No area is defined as the backbone in this topology. The backbone comprises all contiguous Level-2 and Level-1-2 routers in different areas. Figure 36 IS-IS topology 2 NOTE: The IS-IS backbone does not need to be a specific area.
router does not advertise the routing information of other Level-1 areas and the Level-2 area to a Level-1 area, so a Level-1 router sends packets destined for other areas to the nearest Level-1-2 router. The path passing through the Level-1-2 router might not be the best. To solve this problem, IS-IS provides the route leaking feature.
A pseudonode represents a virtual node on the broadcast network. It is not a real router. In IS-IS, it is identified by the system ID of the DIS and a one-byte Circuit ID (a non-zero value). Using pseudonodes can reduce the resources consumed by SPF and simplify network topology. NOTE: On an IS-IS broadcast networks, all routers establish adjacency relationships, but they synchronize their LSDBs through the DIS. IS-IS PDUs PDU IS-IS PDUs are encapsulated in link layer frames.
Table 4 PDU types Type PDU Type Acronym 15 Level-1 LAN IS-IS hello PDU L1 LAN IIH 16 Level-2 LAN IS-IS hello PDU L2 LAN IIH 17 Point-to-Point IS-IS hello PDU P2P IIH 18 Level-1 Link State PDU L1 LSP 20 Level-2 Link State PDU L2 LSP 24 Level-1 Complete Sequence Numbers PDU L1 CSNP 25 Level-2 Complete Sequence Numbers PDU L2 CSNP 26 Level-1 Partial Sequence Numbers PDU L1 PSNP 27 Level-2 Partial Sequence Numbers PDU L2 PSNP Hello PDU IS-to-IS hello PDUs (IIHs) are used by routers
• Holding time—If no hello packets are received from the neighbor within the holding time, the neighbor is considered down. • PDU length—Total length of the PDU in bytes. • Priority—DIS priority. • LAN ID—Includes the system ID and a one-byte pseudonode ID. Figure 41 shows the hello packet format on the point-to-point networks. Figure 41 P2P IIH format Instead of the priority and LAN ID fields in the LAN IIH, the P2P IIH has a Local Circuit ID field.
Figure 42 L1/L2 LSP format Major fields of the L1/L2 LSP are as follows: • PDU length—Total length of the PDU in bytes. • Remaining lifetime—LSP remaining lifetime in seconds. • LSP ID—Consists of the system ID, the pseudonode ID (one byte) and the LSP fragment number (one byte). • Sequence number—LSP sequence number. • Checksum—LSP checksum. • P (Partition)—Partition bit that is only for L2 LSPs. This field indicates whether the router supports partition repair.
Figure 43 LSDB overload SNP A sequence number PDU (SNP) describes the complete or partial LSPs for LSDB synchronization. SNPs include Complete SNP (CSNP) and Partial SNP (PSNP), which are further divided into Level-1 CSNP, Level-2 CSNP, Level-1 PSNP and Level-2 PSNP. A CSNP describes the summary of all LSPs for LSDB synchronization between neighboring routers. On broadcast networks, CSNPs are sent by the DIS periodically (10 seconds by default).
Figure 45 L1/L2 PSNP format No. of Octets 1 Intradomain routing protocol discriminator R Length indicator 1 Version/Protocol ID extension 1 ID length 1 R R 1 PDU type Version 1 Reserved 1 Maximum area address 1 PDU length 2 Source ID ID length+1 Variable length fields CLV The variable fields of PDU comprise multiple Code-Length-Value (CLV) triplets. Figure 46 CLV format Table 5 shows that different PDUs contain different CLVs.
CLV Code Name PDU Type 132 IP Interface Address IIH, LSP Supported IS-IS features Multiple instances and processes IS-IS supports multiple instances and processes. Multiple processes allow an IS-IS process to work in concert with a group of interfaces. A router can run multiple IS-IS processes, and each process corresponds to a unique group of interfaces.
Management tag Management tag simplifies routing information management by carrying the management information of the IP address prefixes (to control route redistribution from other routing protocols) and BGP community and extended community attributes. LSP fragment extension IS-IS advertises link state information by flooding LSPs. Because one LSP carries a limited amount of link state information, IS-IS fragments LSPs.
The operation mode of LSP fragment extension is configured based on area and routing level. Mode-1 allows the routers supporting and not supporting LSP fragment extension to interoperate with each other, but it restricts the link state information in the extended fragments. Mode-2 does not restrict the link state information in the extended fragments, and is recommended for an area where all the routers are at the same routing level and support LSP fragment extension.
• RFC 3784, IS-IS extensions for Traffic Engineering • RFC 3847, Restart signaling for IS-IS IS-IS configuration task list Task Remarks Enabling IS-IS Configuring IS-IS basic functions Configuring the IS level and circuit level Required. Configuring the network type of an interface as P2P Configuring IS-IS routing information control Configuring a DIS priority for an interface Enhancing IS-IS network security Configuring IS-IS link cost Optional. Specifying a priority for IS-IS Required.
Task Remarks Binding an IS-IS process with MIBs Optional. Configuring BFD for IS-IS Optional. Configuring IS-IS MTR Optional. Configuring IS-IS basic functions This section describes the basic settings required for an IS-IS network to run. Configuration prerequisites Before the configuration, complete the following tasks: • Configure the link layer protocol. • Configure IP addresses for all interfaces, and make sure that all neighboring nodes are reachable to each other at the network layer.
Step Command Remarks 1. Enter system view. system-view N/A 2. Enter IS-IS view. isis [ process-id ] [ vpn-instance vpn-instance-name ] N/A 3. Specify the IS level. is-level { level-1 | level-1-2 | level-2 } Optional. 4. Return to system view. quit N/A 5. Enter interface view. interface interface-type interface-number N/A The default is Level-1-2. Optional. 6. Specify the circuit level.
• Configure IP addresses for all interfaces, and make sure that all neighboring nodes are reachable to each other at the network layer. • Enable IS-IS. Configuring IS-IS link cost The IS-IS cost of an interface is determined in the following order: 1. IS-IS cost specified in interface view. 2. IS-IS cost specified in system view. The cost is applied to the interfaces associated with the IS-IS process. 3. Automatically calculated cost.
Step Command Remarks 1. Enter system view. system-view N/A 2. Enter IS-IS view. isis [ process-id ] [ vpn-instance vpn-instance-name ] N/A 3. Specify an IS-IS cost style. cost-style { narrow | wide | wide-compatible | { compatible | narrow-compatible } [ relax-spf-limit ] } Optional. Specify a global IS-IS cost. circuit-cost value [ level-1 | level-2 ] 4. narrow by default. No global cost is specified by default. Enabling automatic IS-IS cost calculation Step Command Remarks 1.
Step Command Remarks 1. Enter system view. system-view N/A 2. Enter IS-IS view. isis [ process-id ] [ vpn-instance vpn-instance-name ] N/A 3. Specify the maximum number of ECMP routes for load balancing. [ ipv4-unicast topology-name ] maximum load-balancing number By default, the maximum number of ECMP routes is 8.
Configuring IS-IS route redistribution Redistributing large numbers of routes on a device might affect the performance of other devices in the network. If this happens, you can configure a limit on the number of redistributed routes in order to limit the number of routes to be advertised. Only active routes can be redistributed. To verify route state, use the display ip routing-table protocol command. To configure IS-IS route redistribution from other routing protocols: Step Command Remarks 1.
Filtering redistributed routes IS-IS can redistribute routes from other routing protocols or other IS-IS processes, add them into the IS-IS routing table, and advertise them in LSPs. By reference a configured ACL, IP prefix list, or routing policy, you can filter redistributed routes and only the routes matching the filter can be added into the IS-IS routing table and advertised to neighbors. To configure the filtering of redistributed routes: Step Command Remarks 1. Enter system view.
Specifying intervals for sending IS-IS hello and CSNP packets Step Command Remarks 1. Enter system view. system-view N/A 2. Enter interface view. interface interface-type interface-number N/A 3. Specify the interval for sending hello packets. isis timer hello seconds [ level-1 | level-2 ] Optional. Specify the interval for sending CSNP packets on the DIS of a broadcast network. isis timer csnp seconds [ level-1 | level-2 ] Optional. 4. 10 seconds by default. 10 seconds by default.
Step Command Remarks 1. Enter system view. system-view N/A 2. Enter interface view. interface interface-type interface-number N/A 3. Specify a DIS priority for the interface. isis dis-priority value [ level-1 | level-2 ] Optional. 64 by default.
Enabling an interface to send small hello packets IS-IS messages cannot be fragmented at the IP layer because they are directly encapsulated into frames. Any two IS-IS neighboring routers must negotiate a common MTU. To avoid sending big hellos for saving bandwidth, enable the interface to send small hello packets without CLVs. To enable an interface to send small hello packets: Step Command Remarks 1. Enter system view. system-view N/A 2. Enter interface view.
Step Command Remarks Optional. 3. Specify the LSP refresh interval. timer lsp-refresh seconds The default interval is 900 seconds. 4. Specify the LSP generation interval. timer lsp-generation maximum-interval [ initial-interval [ second-wait-interval ] ] [ level-1 | level-2 ] Optional. 3. The default interval is 2 seconds. Specify LSP sending intervals If a change occurs in the LSDB, IS-IS advertises the changed LSP to neighbors. You can specify the minimum interval for sending such LSPs.
Step 4. Specify the maximum length of received LSPs. Command Remarks lsp-length receive size 1497 bytes by default. Enabling LSP flash flooding Changed LSPs can trigger SPF recalculation. To advertise the changed LSPs before the router recalculates routes for faster network convergence, enable LSP flash flooding. To enable LSP flash flooding: Step Command Remarks 1. Enter system view. system-view N/A 2. Enter IS-IS view. isis [ process-id ] [ vpn-instance vpn-instance-name ] N/A 3.
Figure 47 Network diagram of a fully meshed network To avoid this, configure some interfaces as a mesh group, configure the blocked interfaces, or both. • After receiving an LSP, a member interface in a mesh group floods it out of the interfaces that do not belong to the mesh group. • If an interface is blocked, it does not send LSPs unless the neighbor sends LSP requests to it.
Step 3. Command Configure the SPF calculation interval. Remarks timer spf maximum-interval [ initial-interval [ second-wait-interval ] ] Optional. The default SPF calculation interval is 10 seconds. Assigning a high priority to IS-IS routes An IS-IS topology change causes network convergence. By assigning a high priority to specific IS-IS routes, you can achieve faster network convergence. To assign a high priority to IS-IS routes: Step Command Remarks 1. Enter system view. system-view N/A 2.
Configuring system ID to host name mappings In IS-IS, a system ID identifies a router or host uniquely. A system ID has a fixed length of 6 bytes. When an administrator needs to view IS-IS neighbor information, routing table, or LSDB information, using the system IDs in dotted decimal notation is not convenient. To solve it, configure the mappings between system IDs and host names, as host names are easier to remember and use. Such mappings can be configured manually or dynamically.
Step Command Remarks Optional. Not configured by default. Configure a DIS name. 6. isis dis-name symbolic-name This command takes effect only on a router with dynamic system ID to host name mapping configured. This command is not supported on P2P interfaces. Enabling the logging of neighbor state changes Logging of neighbor state changes enables the router to output neighbor state changes to the console terminal. To enable the logging of neighbor state changes: Step Command Remarks 1.
• If you configure an authentication mode and a password without specifying a level, the authentication mode and password apply to both Level-1 and Level-2. • If neither ip nor osi is specified, the OSI related fields in LSPs are checked. To configure neighbor relationship authentication: Step Command Remarks 1. Enter system view. system-view N/A 2. Enter interface view. interface interface-type interface-number N/A 3. Specify the authentication mode and password.
Configuring IS-IS GR Restarting IS-IS on a router will cause network disconnections and route reconvergence. With the GR feature, the restarting router (known as the "GR restarter") can notify the event to its GR capable neighbors. GR capable neighbors (known as "GR helpers") keep their adjacencies with the router within a configurable GR interval. After the restart, the router contacts its neighbors to retrieve its routing table. During this process, the network keeps stable.
The IS-IS NSR and IS-IS GR features are mutually exclusive. To configure IS-IS NSR: Step Command Remarks 1. Enter system view system-view N/A 2. Enter IS-IS view. isis [ process-id ] [ vpn-instance vpn-instance-name ] N/A 3. Enable IS-IS NSR. non-stop-routing Disabled by default. 4. Set the NSR interval. non-stop-routing interval interval-value 0 seconds by default, that is, no NSR interval is configured.
Step Command Remarks 1. Enter system view. system-view N/A 2. Configure the source address of echo packets. bfd echo-source-ip ip-address Not configured by default. 3. Enter IS-IS view. isis [ process-id ] [ vpn-instance vpn-instance-name ] N/A 4. Enable IS-IS FRR to automatically calculate a backup next hop. fast-reroute auto Not configured by default.
To bind an IS-IS process with MIBs: Step Command Remarks 1. Enter system view. system-view N/A 2. Enter IS-IS view. isis [ process-id ] [ vpn-instance vpn-instance-name ] N/A 3. Bind the IS-IS process with MIBs. isis mib-binding process-id By default, MIBs are bound with IS-IS process 1. Configuring BFD for IS-IS To enable BFD on an IS-IS interface: Step Command Remarks 1. Enter system view. system-view N/A 2. Enter interface view. interface interface-type interface-number N/A 3.
Figure 49 Network diagram for IS-IS MTR As shown in Figure 49, the base topology is split into two topologies, topology A and topology B. You can forward voice traffic through topology A and video traffic through topology B. Router B does not belong to topology A. In topology B, the links between Router A and Router D and between Router B and Router C do not exist. Route calculation and traffic forwarding are performed in each topology independently.
Step 7. Enable an IS-IS IPv4 unicast topology on the interface. Command Remarks isis multiple-topology ipv4-unicast topology-name Not enabled default. Displaying and maintaining IS-IS Task Command Remarks Display brief IS-IS configuration information. display isis brief [ process-id | vpn-instance vpn-instance-name ] [ | { begin | exclude | include } regular-expression ] Available in any view. Display the status of IS-IS debug switches.
Task Command Remarks Display IS-IS statistics. display isis statistics [ level-1 | level-1-2 | level-2 ] [ process-id | vpn-instance vpn-instance-name ] [ | { begin | exclude | include } regular-expression ] Available in any view. Clear IS-IS process data structure information. reset isis all [ process-id | vpn-instance vpn-instance-name ] Available in user view. Clear the data structure information of an IS-IS neighbor.
[RouterA-Serial2/2/0] quit # Configure Router B. system-view [RouterB] isis 1 [RouterB-isis-1] is-level level-1 [RouterB-isis-1] network-entity 10.0000.0000.0002.00 [RouterB-isis-1] quit [RouterB] interface serial 2/2/0 [RouterB-Serial2/2/0] isis enable 1 [RouterB-Serial2/2/0] quit # Configure Router C. system-view [RouterC] isis 1 [RouterC-isis-1] network-entity 10.0000.0000.0003.
0000.0000.0001.00-00* 0x0000000d 0xb184 879 68 0/0/0 0000.0000.0002.00-00 0x0000000c 0xcf65 493 68 0/0/0 0000.0000.0003.00-00 0x00000013 0x2f38 594 111 1/0/0 *-Self LSP, +-Self LSP(Extended), ATT-Attached, P-Partition, OL-Overload [RouterB] display isis lsdb Database information for ISIS(1) -------------------------------- Level-1 Link State Database LSPID Seq Num Checksum Holdtime Length ATT/P/OL -------------------------------------------------------------------------0000.0000.
Database information for ISIS(1) -------------------------------Level-2 Link State Database LSPID Seq Num Checksum Holdtime Length ATT/P/OL -----------------------------------------------------------------------0000.0000.0003.00-00 0x00000013 0xbb56 910 100 0/0/0 0000.0000.0004.00-00* 0x00000005 0xd086 791 84 0/0/0 *-Self LSP, +-Self LSP(Extended), ATT-Attached, P-Partition, OL-Overload # Display the IS-IS routing information on each router.
ISIS(1) IPv4 Level-2 Forwarding Table ------------------------------------- IPV4 Destination IntCost ExtCost ExitInterface NextHop Flags -------------------------------------------------------------------------10.1.1.0/24 10 NULL S2/2/1 Direct D/L/- 10.1.2.0/24 10 NULL S2/2/0 Direct D/L/- 192.168.0.0/24 10 NULL S2/2/2 Direct D/L/- 172.16.0.0/16 20 NULL S2/2/2 192.168.0.
Figure 51 Network diagram Router A L1/L2 GE2/1/1 10.1.1.1/24 GE2/1/1 10.1.1.3/24 Router C L1 Router B L1/L2 GE2/1/1 10.1.1.2/24 GE2/1/1 10.1.1.4/24 Router D L2 Configuration procedure 1. Configure an IP address for each interface. (Details not shown.) 2. Enable IS-IS: # Configure Router A. system-view [RouterA] isis 1 [RouterA-isis-1] network-entity 10.0000.0000.0001.
[RouterD] isis 1 [RouterD-isis-1] network-entity 10.0000.0000.0004.00 [RouterD-isis-1] is-level level-2 [RouterD-isis-1] quit [RouterD] interface gigabitethernet 2/1/1 [RouterD-GigabitEthernet2/1/1] isis enable 1 [RouterD-GigabitEthernet2/1/1] quit # Display information about IS-IS neighbors of Router A. [RouterA] display isis peer Peer information for ISIS(1) ---------------------------- System Id: 0000.0000.0002 Interface: GigabitEthernet2/1/1 State: Up HoldTime: 21s Circuit Id: 0000.0000.0003.
--------------------------------Interface: GigabitEthernet2/1/1 Id IPV4.State 001 Up IPV6.State Down MTU Type DIS 1497 L1/L2 No/Yes By using the default DIS priority, Router C is the Level-1 DIS, and Router D is the Level-2 DIS. The pseudonodes of Level-1 and Level-2 are 0000.0000.0003.01 and 0000.0000.0004.01, respectively. 3.
System Id: 0000.0000.0001 Interface: GigabitEthernet2/1/1 State: Up HoldTime: 7s Circuit Id: 0000.0000.0001.01 Type: L1 PRI: 100 System Id: 0000.0000.0002 Interface: GigabitEthernet2/1/1 State: Up HoldTime: 23s Circuit Id: 0000.0000.0001.01 Type: L1 PRI: 64 [RouterC] display isis interface Interface information for ISIS(1) --------------------------------Interface: GigabitEthernet2/1/1 Id IPV4.State IPV6.
Figure 52 Network diagram Router A L1 S2/2/0 10.1.1.2/24 S2/2/1 10.1.1.1/24 S2/2/0 10.1.2.1/24 Router C L1/L2 S2/2/0 192.168.0.2/24 S2/2/0 10.1.2.2/24 Router B L1 GE2/1/1 10.1.4.1/24 GE2/1/1 10.1.4.2/24 S2/2/2 192.168.0.1/24 Router D L2 RIP Router E Area 20 Area 10 Configuration procedure 1. Configure IP addresses for interfaces. (Details not shown.) 2. Configure IS-IS basic functions: # Configure Router A.
[RouterC] interface serial 2/2/2 [RouterC-Serial2/2/2] isis enable 1 [RouterC-Serial2/2/2] quit # Configure Router D. system-view [RouterD] isis 1 [RouterD-isis-1] is-level level-2 [RouterD-isis-1] network-entity 20.0000.0000.0004.00 [RouterD-isis-1] quit [RouterD] interface serial 2/2/0 [RouterD-Serial2/2/0] isis enable 1 [RouterD-Serial2/2/0] quit # Display IS-IS routing information on each router.
------------------------------------- IPV4 Destination IntCost ExtCost ExitInterface NextHop Flags -------------------------------------------------------------------------10.1.1.0/24 10 NULL S2/2/1 Direct D/L/- 10.1.2.0/24 10 NULL S2/2/0 Direct D/L/- 192.168.0.
ISIS(1) IPv4 Level-1 Forwarding Table ------------------------------------IPV4 Destination IntCost ExtCost ExitInterface NextHop Flags -------------------------------------------------------------------------10.1.1.0/24 10 NULL S2/2/1 Direct D/L/- 10.1.2.0/24 10 NULL S2/2/0 Direct D/L/- 192.168.0.
Configure IS-IS on the routers, ensuring that Router A, Router B, and Router C can communicate with each other at Layer 3 and dynamic route update can be implemented among them with IS-IS. (Details not shown.) 2. Configure IS-IS Graceful Restart: # Enable IS-IS Graceful Restart on Router A and configure the Graceful Restart interval.
IS-IS NSR configuration example Network requirements Router S, Router A, and Router B belong to the same IS-IS routing domain as illustrated in Figure 54. Enable IS-IS NSR on Router S to ensure correct routing when an active/standby switchover occurs on Router S. Figure 54 Network diagram Configuration procedure 1. Configure IP addresses for the interfaces on each router and configure IS-IS: Follow Figure 54 to configure the IP address and subnet mask of each interface on the routers. (Details not shown.
System Id: 0000.0000.0001 Interface: GE2/1/1 State: Up Circuit Id: 0000.0000.0001.01 HoldTime: 25s Type: L1(L1L2) PRI: 64 System Id: 0000.0000.0001 Interface: GE2/1/1 State: Up Circuit Id: 0000.0000.0001.
----------------------------ISIS(1) IPv4 Level-1 Forwarding Table ------------------------------------IPV4 Destination IntCost ExtCost ExitInterface NextHop Flags -------------------------------------------------------------------------14.14.14.0/24 10 NULL GE2/1/1 Direct 44.44.44.44/32 10 NULL Loop0 12.12.12.0/32 10 NULL GE2/1/1 14.14.14.4 R/L/- 22.22.22.22/32 10 NULL GE2/1/1 14.14.14.
Follow Figure 55 to configure the IP address and subnet mask of each interface on the routers. (Details not shown.) Configure IS-IS on the routers, ensuring that Router A, Router D, and Router S can communicate with each other at Layer 3. (Details not shown.) 2. Configure IS-IS FRR: Enable IS-IS FRR to either automatically calculate a backup next hop, or designate a backup next hop by using a routing policy. { Method 1: Enable IS-IS FRR to automatically calculate a backup next hop. # Configure Router S.
# Display route 4.4.4.4/32 on Router S to view the backup next hop information. [RouterS] display ip routing-table 4.4.4.4 verbose Routing Table : Public Summary Count : 1 Destination: 4.4.4.4/32 Protocol: ISIS Process ID: 1 Preference: 10 IpPrecedence: Cost: 10 QosLcId: NextHop: 13.13.13.2 Interface: gigabitethernet2/1/2 BkNextHop: 12.12.12.2 BkInterface: gigabitethernet2/1/1 RelyNextHop: 0.0.0.0 Neighbor : 0.0.0.
Figure 56 Network diagram Configuration procedure 1. Configure IP addresses for interfaces. (Details not shown.) 2. Configure IS-IS basic functions: # Configure Router A. system-view [RouterA] isis 1 [RouterA-isis-1] network-entity 10.0000.0000.0001.00 [RouterA-isis-1] is-level level-1 [RouterA-isis-1] quit [RouterA] interface gigabitethernet 2/1/1 [RouterA-GigabitEthernet2/1/1] isis enable 1 [RouterA-GigabitEthernet2/1/1] quit # Configure Router B.
[RouterC] interface gigabitethernet 2/1/3 [RouterC-GigabitEthernet2/1/3] isis enable 1 [RouterC-GigabitEthernet2/1/3] quit # Configure Router D. system-view [RouterD] isis 1 [RouterD-isis-1] network-entity 20.0000.0000.0001.00 [RouterD-isis-1] quit [RouterD] interface gigabitethernet 2/1/1 [RouterD-GigabitEthernet2/1/1] isis enable 1 [RouterD-GigabitEthernet2/1/1] quit 3.
5. Configure routing domain authentication. Specify the MD5 authentication mode and password 1020Sec on Router C and Router D: [RouterC] isis 1 [RouterC-isis-1] domain-authentication-mode md5 1020Sec [RouterC-isis-1] quit [RouterD] isis 1 [RouterD-isis-1] domain-authentication-mode md5 1020Sec [RouterD-isis-1] isis 1 Configuring BFD for IS-IS Network requirements • As shown in Figure 57, IS-IS is enabled on Router A, Router B and Router C that are reachable to each other at the network layer.
[RouterA-GigabitEthernet2/1/1] quit [RouterA] interface gigabitethernet 2/1/2 [RouterA-GigabitEthernet2/1/2] isis enable [RouterA-GigabitEthernet2/1/2] quit # Configure Router B. system-view [RouterB] isis [RouterB-isis-1] network-entity 10.0000.0000.0002.
Session Working Under Ctrl Mode: LD/RD SourceAddr DestAddr State Holdtime Interface 3/1 192.168.0.102 192.168.0.100 Up 1700ms GE2/1/1 # Display route 120.1.1.0/24 on Router A, and you can see that Router A and Router B communicate through the Layer-2 switch. display ip routing-table 120.1.1.0 verbose Routing Table : Public Summary Count : 2 Destination: 120.1.1.0/24 Protocol: ISIS Process ID: 0 Preference: 0 IpPrecedence: NextHop: 192.168.0.100 BkNextHop: 0.0.0.0 RelyNextHop: 0.0.0.
%Aug 8 14:54:05:367 2008 RouterA ISIS/4/ADJLOG:ISIS-1-ADJCHANGE: Adjacency To 0000.0000.0002 (GE2/1/1) DOWN, Level-2 Adjacency clear. %Aug 8 14:54:05:368 2008 RouterA ISIS/4/ADJLOG:ISIS-1-ADJCHANGE: Adjacency To 0000.0000.0002 (GE2/1/1) DOWN, Level-1 Circuit Down. %Aug 8 14:54:05:369 2008 RouterA ISIS/4/ADJLOG:ISIS-1-ADJCHANGE: Adjacency To 0000.0000.0002 (GE2/1/1) DOWN, Level-1 Adjacency clear. *Aug 8 14:54:05:370 2008 RouterA ISIS/6/ISIS: ISIS-1-BFD: Success to send msg. Msg type 1 delete session.
Figure 58 Network diagram Device Interface IP address Device Interface IP address Router A GE2/2/1 4.4.4.20/24 Router B GE2/2/1 5.1.1.21/24 GE2/2/2 3.1.1.20/24 Router C Router D GE2/2/2 3.1.1.21/24 GE2/2/3 6.1.1.21/22 GE2/2/1 5.1.1.23/24 GE2/2/1 4.4.4.21/24 GE2/2/2 7.1.1.23/24 GE2/2/2 7.1.1.22/24 Loop0 4.4.4.4/32 GE2/2/3 6.1.1.22/22 Configuration procedure 1. Configure IP addresses for the interfaces on each router and configure IS-IS.
[RouterA-address-family ipv4] multiple-topology video [RouterA-multiple-topology-video] acl 3002 [RouterA-multiple-topology-video] quit [RouterA-address-family ipv4] quit # Enable topology voice for GigabitEthernet 2/2/1, and video for GigabitEthernet 2/2/2.
[RouterC-isis-1] multiple-topology ipv4-unicast voice 4000 [RouterC-isis-1] multiple-topology ipv4-unicast video 2000 [RouterC-isis-1] quit [RouterC] interface gigabitethernet 2/2/2 [RouterC-GigabitEthernet2/2/2] multiple-topology video enable [RouterC-GigabitEthernet2/2/2] multiple-topology voice enable [RouterC-GigabitEthernet2/2/2] isis multiple-topology ipv4-unicast voice [RouterC-GigabitEthernet2/2/2] isis multiple-topology ipv4-unicast video [RouterC-GigabitEthernet2/2/2] quit [RouterC] interface loop
IPV4 Destination IntCost ExtCost ExitInterface NextHop Flags -------------------------------------------------------------------------------4.0.0.0/24 10 NULL GE2/2/1 Direct D/L/- 7.0.0.0/24 20 NULL GE2/2/1 4.0.0.22 R/L/- 4.4.4.4/32 20 NULL GE2/2/1 4.0.0.
Flags: D-Direct, R-Added to RM, L-Advertised in LSPs, U-Up/Down Bit Set The outgoing interface of route 4.4.4.4/32 is GigabitEthernet 2/2/2.
Configuring BGP Overview Border Gateway Protocol (BGP) is an exterior gateway protocol. It is called internal BGP (IBGP) when it runs within an AS and called external BGP (EBGP) when it runs between ASs. The current version in use is BGP-4 (RFC 4271). Unless otherwise stated, BGP refers to BGP-4 in this document. BGP has the following characteristics: • Focuses on route control and the selection rather than route discovery and calculation. • Uses TCP to enhance reliability.
• Notification—BGP sends a Notification message upon detecting an error and immediately closes the connection. BGP path attributes BGP uses the following path attributes in update messages for route filtering and selection: • ORIGIN The ORIGIN attribute identifies the origin of routing information (how a route became a BGP route). This attribute has the following types: { IGP—Has the highest priority. Routes generated in the local AS have the IGP attribute. { EGP—Has the second highest priority.
passing AS 40 for sending data to the destination 8.0.0.0. In some applications, you can apply a routing policy to control BGP route selection by modifying the AS_PATH length. { • Filter routes—By configuring an AS path filtering list, you can filter routes based on AS numbers contained in the AS_PATH attribute. For more information about routing policies and AS path filtering lists, see "Configuring routing policies.
Figure 61 MED attribute MED = 0 Router B 2.1.1.1 D = 9.0.0.0 Next_hop = 2.1.1.1 MED = 0 EBGP IBGP 9.0.0.0 IBGP Router A D = 9.0.0.0 Next_hop = 3.1.1.1 MED = 100 AS 10 EBGP Router D IBGP 3.1.1.1 Router C AS 20 MED = 100 Generally, BGP only compares MEDs of routes received from the same AS. You can also use the compare-different-as-med command to force BGP to compare MED values of routes received from different ASs.
Figure 62 LOCAL_PREF attribute • COMMUNITY The COMMUNITY attribute identifies the community of BGP routes. A BGP community is a group of routes with the same characteristics. It has no geographical boundaries. Routes of different ASs can belong to the same community. A route can carry one or more COMMUNITY attribute values (each of which is represented by a four-byte integer).
BGP route selection BGP discards routes with unreachable NEXT_HOPs. If multiple routes to the same destination are available, BGP selects the best route in the following sequence: 1. Highest Preferred_value 2. Highest LOCAL_PREF 3. Summary route 4. Shortest AS_PATH 5. IGP, EGP, or INCOMPLETE route in turn 6. Lowest MED value 7. Learned from EBGP, confederation, or IBGP in turn 8. Smallest next hop metric 9. Shortest CLUSTER_LIST 10. Smallest ORIGINATOR_ID 11.
the same number of next hops to forward packets. BGP load balancing based on route recursion is always enabled by the system rather than configured by using commands. • BGP load balancing through route selection BGP differs from IGP in the implementation of load balancing in the following ways: { { IGP routing protocols, such as RIP and OSPF, compute metrics of routes, and then implement load balancing over routes with the same metric and to the same destination. The route selection criterion is metric.
The system supports both manual and automatic route summarization. Manual route summarization allows you to determine the attribute of a summary route and whether to advertise more specific routes. • Route dampening BGP route dampening solves the issue of route instability such as route flaps—a route comes up and disappears in the routing table frequently.
IBGP peers must be fully meshed to maintain connectivity. If n routers exist in an AS, the number of IBGP connections is n(n-1)/2. If a large number of IBGP peers exist, large amounts of network and CPU resources are consumed to maintain sessions. Using route reflectors can solve this issue. In an AS, a router acts as a route reflector, and other routers act as clients connecting to the route reflector. The route reflector forwards the routing information received from a client to other clients.
• Confederation Confederation is another method to manage growing IBGP connections in an AS. It splits an AS into multiple sub ASs. In each sub AS, IBGP peers are fully meshed. As shown in Figure 67, intra-confederation EBGP connections are established between sub Ass in AS 200. Figure 67 Confederation network diagram A non-confederation BGP speaker does not need to know sub ASs in the confederation. It considers the confederation as one AS, and the confederation ID as the AS number.
• MP_UNREACH_NLRI—Multiprotocol Unreachable NLRI, for carrying prefixes of unfeasible routes for multiple network layer protocols. Such routes can then be withdrawn. MP-BGP uses these attributes to advertise feasible and unfeasible routes of different network layer protocols. BGP speakers not supporting MP-BGP ignore updates containing these attributes and do not forward them to its peers.
If you configure a BGP setting for a peer group and a peer in the group, the last configuration takes effect. Complete the following tasks to configure BGP: Task Remarks Enabling BGP Required. Configuring a BGP peer Perform one of the tasks. Configuring a BGP peer group HP recommends that you configure BGP peer groups on large scale BGP networks for easy configuration and maintenance.
Task Remarks Configuring a large scale BGP network Forbidding session establishment with a peer or peer group Optional. Configuring GTSM for BGP Optional. Disabling BGP route advertisement to a peer or peer group Optional. Configuring BGP soft-reset Optional. Disabling BGP routing policies from automatically taking effect Optional. Configuring BGP community Optional. Configuring a BGP route reflector Optional. Configuring a BGP confederation Optional. Configuring BGP GR Optional.
Step Command Remarks Optional. By default, no global router ID is configured. BGP uses the highest loopback interface IP address as the router ID. If no loopback interface IP address is available, BGP uses the highest physical interface IP address as the router ID regardless of the interface status. 2. Configure a global router ID. 3. Enable BGP and enter BGP view. bgp as-number 4. Specify a router ID. router-id router-id By default, the global router ID is used.
Configuring a BGP peer group In a large-scale network, grouping peers that use the same route selection policy simplifies overall configuration. When you modify the policy of the group, the modification applies to all peers in the group. However, if a peer group already contains peers, you cannot remove or change its AS number. A peer group is an IBGP peer group if peers in it belong to the local AS, and is an EBGP peer group if peers in it belong to different ASs.
To configure an EBGP peer group by using Method 1: Step 1. Enter system view. Command Remarks system-view N/A • Enter BGP view: bgp as-number 2. Enter BGP view or BGP-VPN instance view. • Enter BGP-VPN instance view: a. bgp as-number Use either method. b. ipv4-family vpn-instance vpn-instance-name 3. Create an EBGP peer group. group group-name external By default, no EBGP peer group is created. 4. Specify the AS number for the group.
Step Command Enable the default use of IPv4 unicast address family for the peers that are established using the peer as-number command. default ipv4-unicast 7. Enable a peer. peer ip-address enable 8. Configure a description for a peer group. peer group-name description description-text 6. Remarks Optional. Enabled by default. This command is not supported in BGP-VPN instance view. Optional. Enabled by default. Optional. By default, no description is configured for the peer group.
Step Command Remarks • Enter BGP view: bgp as-number 2. Enter BGP view or BGP-VPN instance view. • Enter BGP-VPN instance view: a. bgp as-number b. 3. Create a BGP peer group. Use either method. ipv4 family vpn-instance vpn-instance-name group group-name [ external | internal ] By default, no BGP peer group exists on the device. Deleting a BGP peer group also deletes the BGP dynamic peers in the group. Optional for an IBGP peer group and required for an EBGP peer group. 4.
of the output interface as the source IP address of TCP connections. You can change the source interface (primary IP address) for TCP connections in the following scenarios: • If the peer's IP address belongs to an interface indirectly connected to the local router, you must specify that interface as the source interface for TCP connections on the peer. For example, interface A on the local end is directly connected to interface B on the peer. If you execute the peer x.x.x.
To inject a local network: Step 1. Enter system view. Command Remarks system-view N/A • Enter BGP view: bgp as-number 2. Enter BGP view or BGP-VPN instance view. • Enter BGP-VPN instance view: a. bgp as-number Use either method. b. ipv4-family vpn-instance vpn-instance-name Optional. 3. Inject a local network to the BGP routing table. network ip-address [ mask | mask-length ] route-policy route-policy-name Not injected by default.
Controlling route distribution and reception Configuring BGP route summarization To reduce the number of routes to be redistributed and the routing table size on medium and large BGP networks, configure route summarization on BGP routers. BGP supports the following summarization modes: automatic and manual. Manual summary routes have a higher priority than automatic ones.
Step Configure manual route summarization. 3. Command Remarks aggregate ip-address { mask | mask-length } [ as-set | attribute-policy route-policy-name | detail-suppressed | origin-policy route-policy-name | suppress-policy route-policy-name ]* Not configured by default. Advertising a default route to a peer or peer group Perform this task to advertise a default BGP route with the next hop being the advertising router to a peer or peer group.
Use routing policy, ACL, AS-path ACL, or IP prefix list to filter routing information advertised to the specified peer or peer group. • You can configure a filtering policy as needed. If several filtering policies are configured, they are applied in the following sequence: 1. filter-policy export 2. peer filter-policy export 3. peer as-path-acl export 4. peer ip-prefix export 5.
Use routing policy, ACL, AS-path ACL, or IP prefix list to filter routing information received by the specified peer or peer group. • If several filtering policies are configured, they are applied in the following sequence: 1. filter-policy import 2. peer filter-policy import 3. peer as-path-acl import 4. peer ip-prefix import 5. peer route-policy import Only routes passing all the configured policies can be received. To configure BGP route reception filtering policies: Step 1.
Enabling BGP and IGP route synchronization Routing information synchronization between IBGP and IGP avoids giving wrong directions to routers outside of the local AS. By default, upon receiving an IBGP route, a BGP router checks the route's next hop. If the next hop is reachable, the BGP router advertises the route to EBGP peers. If a non-BGP router works in an AS, it can discard a packet due to an unreachable destination. As shown in Figure 68, Router E has learned a route of 8.0.0.
If the number of routes received from a peer or peer group exceeds the upper limit, the router takes one of the following actions based on your configuration: • Tear down the BGP session to the peer or peer group. • Display an alarm message. • Tear down the BGP session to the peer or peer group and, after a specified period of time, reestablishes a BGP session to the peer or peer group. You can specify the threshold value for the router to display an alarm message.
Controlling BGP path selection By configuring BGP path attributes, you can control BGP path selection. Specifying a preferred value for routes received This task allows you to modify the preferred value of a route to control BGP path selection. Among multiple routes that have the same destination/mask and are learned from different peers, the one with the greatest preferred value is selected as the route to the destination. To specify a preferred value for routes from a peer or peer group: Step 1.
Step Command Remarks Optional. 3. Configure preferences for external, internal, local BGP routes. preference { external-preference internal-preference local-preference | route-policy route-policy-name } 4. Increase the preference of a received EBGP route. network ip-address [ mask | mask-length ] short-cut The default preferences of external, internal, and local BGP routes are 255, 255, and 130, respectively. Optional. By default, an EBGP route received has a preference of 255.
Step Command Remarks • Enter BGP view: bgp as-number 2. Enter BGP view or BGP-VPN instance view. • Enter BGP-VPN instance view: a. bgp as-number Use either method. b. ipv4-family vpn-instance vpn-instance-name 3. Configure the default MED value. default med med-value Optional. 0 by default. Enabling the comparison of MED of routes from different ASs Step 1. Enter system view. Command Remarks system-view N/A • Enter BGP view: bgp as-number 2. Enter BGP view or BGP-VPN instance view.
As shown in Figure 69, Router D learns network 10.0.0.0 from both Router A and Router B. Because Router B has a smaller router ID, the route learned from it is optimal. Network *>i 10.0.0.0 * i NextHop MED LocPrf PrefVal Path/Ogn 2.2.2.2 50 0 300e 3.3.3.3 50 0 200e When Router D learns network 10.0.0.0 from Router C, it compares the route with the optimal route in its routing table. Because Router C and Router B reside in different ASs, BGP will not compare the MEDs of the two routes.
To enable the comparison of MED of routes from confederation peers: Step 1. Enter system view. Command Remarks system-view N/A • Enter BGP view: bgp as-number 2. Enter BGP view or BGP-VPN instance view. • Enter BGP-VPN instance view: a. bgp as-number Use either method. b. ipv4-family vpn-instance vpn-instance-name 3. Enable the comparison of MED of routes from confederation peers. bestroute med-confederation Optional. Not enabled by default.
IMPORTANT: If you have configured BGP load balancing, the router sets itself as the next hop for routes sent to an IBGP peer or peer group regardless of whether the peer next-hop-local command is configured. To configure the NEXT_HOP attribute: Step 1. Enter system view. Command Remarks system-view N/A • Enter BGP view: bgp as-number 2. Enter BGP view or BGP-VPN instance view. • Enter BGP-VPN instance view: a. bgp as-number Use either method. b. ipv4-family vpn-instance vpn-instance-name Optional.
Disabling BGP from considering AS_PATH during best route selection Step 1. Enter system view. Command Remarks system-view N/A • Enter BGP view: bgp as-number 2. Enter BGP view or BGP-VPN instance view. • Enter BGP-VPN instance view: a. bgp as-number Use either method. b. ipv4-family vpn-instance vpn-instance-name 3. Disable BGP from considering AS_PATH during best route selection. Optional. bestroute as-path-neglect By default, BGP considers AS_PATH during best route selection.
Figure 72 AS number substitution configuration As shown in the above figure, CE 1 and CE 2 use the same AS number of 800. If AS number substitution for CE 2 is configured on PE 2, and PE 2 receives a BGP update sent from CE 1, PE 2 replaces AS number 800 as its own AS number 100. Similar configuration must also be made on PE 1. Use AS number substitution only in the specific scenario. Improper configuration can result in routing loops. To configure AS number substitution for a peer or peer group: Step 1.
Step Configure BGP to remove private AS numbers from the AS_PATH attribute of updates to a peer or peer group. 3. Command Remarks peer { group-name | ip-address } public-as-only By default, BGP updates carry private AS numbers. Ignoring the first AS number of EBGP route updates Typically, BGP checks the AS_PATH attribute of a route update received from a peer. If the first AS number is not that of the BGP peer, the BGP router discards the route update.
• If the router has established a BGP session with a peer, you must reset the BGP session to validate the new set timers. • The timer command takes effect for only new BGP sessions. • After you set new intervals with the peer timer command, the existing BGP session is closed at once, and a new session to the peer is negotiated by using the configured holdtime. To configure BGP keepalive interval and holdtime: Step 1. Enter system view.
Step Command Remarks Optional. 3. Configure the interval for sending the same update to a peer or peer group. peer { group-name | ip-address } route-update-interval interval By default, the intervals for sending the same update to an IBGP peer and an EBGP peer are 15 seconds and 30 seconds, respectively. If the interval is set to 0, the same update is sent to a BGP peer immediately when a route is changed.
Table 7 Description of the both, send, and receive parameters and the negotiation result Local parameter Peer parameter Negotiation result send • receive • both The local end can only send ORF information, and the peer end can only receive ORF information. receive • send • both The local end can only receive ORF information, and the peer end can only send ORF information. both both Both the local and peer ends can send and receive ORF information.
Step Enter system view. 1. Command Remarks system-view N/A • Enter BGP view: bgp as-number Enter BGP view or BGP-VPN instance view. 2. • Enter BGP-VPN instance view: a. bgp as-number Use either method. b. ipv4-family vpn-instance vpn-instance-name Enable quick reestablishment of direct EBGP session. 3. ebgp-interface-sensitive Optional. Not enabled by default.
Step Command Remarks • Enter BGP view: bgp as-number 2. Enter BGP view or BGP-VPN instance view. • Enter BGP-VPN instance view: a. bgp as-number Use either method. b. ipv4-family vpn-instance vpn-instance-name 3. Configure the maximum number of BGP routes for load balancing. balance [ ebgp | ibgp ] number By default, load balancing is not enabled.
IMPORTANT: • The peer ttl-security hops command and the peer ebgp-max-hop command are mutually exclusive. • You must configure GTSM on both the local and peer devices, and you can specify different hop-count values in a valid range for them. To configure GTSM for BGP: Step Enter system view. 1. Command Remarks system-view N/A • Enter BGP view: bgp as-number Enter BGP view or BGP-VPN instance view. 2. • Enter BGP-VPN instance view: a. bgp as-number Use either method. b.
information, the router filters the routing information by using the new policy. This method requires that both the local router and the peer support route refresh. Manual soft-reset—Use the peer keep-all-routes command to save all route updates from the peer. After modifying the route selection policy, use the refresh bgp command to filter routing information by using the new policy.
Step Perform manual soft-reset on BGP sessions. 5. Command Remarks refresh bgp { all | ip-address | group group-name | external | internal } { export | import } N/A Disabling BGP routing policies from automatically taking effect During BGP network optimization or upgrade, each change of BGP routing policies triggers route refreshing, which burdens BGP routers and the network. This task disables the policies from automatically taking effect.
Configuration prerequisites Peering nodes are accessible to each other at the network layer. Configuring BGP community By default, a router does not send the community or extended community attribute to its peers or peer groups. When the router receives a route carrying the community or extended community attribute, it removes the attribute before advertising the route to its peers or peer groups.
In general, it is not required to make clients of a route reflector fully meshed. The route reflector forwards routing information between clients. If clients are fully meshed, disable route reflection between clients to reduce routing costs. To configure a BGP route reflector: Step 1. Enter system view. Command Remarks system-view N/A • Enter BGP view: bgp as-number 2. Enter BGP view or BGP-VPN instance view. • Enter BGP-VPN instance view: a. bgp as-number Use either method. b.
2. Specify the confederation ID. From an outsider's perspective, the sub ASs of the confederation is a single AS, which is identified by the confederation ID. 3. If the router needs to establish EBGP connections to other sub ASs, you must specify the peering sub ASs in the confederation. A confederation contains a maximum of 32 sub ASs. The AS number of a sub AS is effective only in the confederation. To configure a BGP confederation: Step Command Remarks 1. Enter system view. system-view N/A 2.
learned from the GR restarter as stale, instead of deleting them; it still uses these routes for packet forwarding. During the GR process, packet forwarding is not interrupted. 3. After the active/standby switchover is completed, the GR restarter reestablishes a GR session with the GR helper. If no BGP session is established within the interval set with the graceful-restart timer restart command, the GR helper removes the stale routes. 4.
BGP GR and nonstop routing (NSR) are used to ensure continuous routing upon a switchover from the active MPU to the standby MPU. GR has been used earlier and is more mature. However, GR requires the cooperation of neighboring devices to recover routing information. The new active MPU needs to learn all routes after an active/standby switchover. This affects the convergence speed. BGP NSR can overcome this problem.
Step Command Enable the logging of session state changes globally. log-peer-change 4. Enter BGP-VPN instance view. ipv4-family vpn-instance vpn-instance-name 5. Enable the logging of session state changes for a peer or peer group. peer { group-name | ip-address } log-change 3. Remarks Optional. Enabled by default. Optional. Optional. Enabled by default. Configuring BFD for BGP BGP maintains neighbor relationships based on the keepalive timer and holdtime timer, which are set in seconds.
Task Command Remarks Display peer group information. display bgp group [ group-name ] [ | { begin | exclude | include } regular-expression ] Available in any view. Display advertised BGP routing information. display bgp network [ | { begin | exclude | include } regular-expression ] Available in any view. Display the running status of BGP NSR. (See the following table to view the feature and router compatibility.
Task Command Remarks Display BGP routing information originating from different ASs. display bgp routing-table different-origin-as [ | { begin | exclude | include } regular-expression ] Available in any view. Display BGP routing flap statistics. display bgp routing-table flap-info [ regular-expression as-regular-expression | [ as-path-acl as-path-acl-number | ip-address [ { mask | mask-length } [ longer-match ] ] ] [ | { begin | exclude | include } regular-expression ] ] Available in any view.
Clearing BGP information Task Command Remarks Clear dampened BGP routing information and release suppressed routes. reset bgp dampening [ ip-address [ mask | mask-length ] ] Available in user view. Clear route flap information. reset bgp flap-info [ ip-address [ mask-length | mask ] | as-path-acl as-path-acl-number | regexp as-path-regular-expression ] Available in user view.
[RouterB-bgp] peer 3.3.3.3 as-number 65009 [RouterB-bgp] peer 3.3.3.3 connect-interface loopback 0 [RouterB-bgp] quit [RouterB] ospf 1 [RouterB-ospf-1] area 0 [RouterB-ospf-1-area-0.0.0.0] network 2.2.2.2 0.0.0.0 [RouterB-ospf-1-area-0.0.0.0] network 9.1.1.1 0.0.0.255 [RouterB-ospf-1-area-0.0.0.0] quit [RouterB-ospf-1] quit # Configure Router C. system-view [RouterC] bgp 65009 [RouterC-bgp] router-id 3.3.3.3 [RouterC-bgp] peer 2.2.2.2 as-number 65009 [RouterC-bgp] peer 2.2.2.
[RouterB-bgp] peer 3.1.1.2 as-number 65008 [RouterB-bgp] quit # Display BGP peer information on Router B. [RouterB] display bgp peer BGP local router ID : 2.2.2.2 Local AS number : 65009 Total number of peers : 2 Peer Peers in established state : 2 AS MsgRcvd MsgSent OutQ PrefRcv Up/Down State 3.3.3.3 65009 12 10 0 3 00:09:16 Established 3.1.1.
Status codes: * - valid, ^ - VPNv4 best, > - best, d - damped, h - history, i - internal, s - suppressed, S - Stale Origin : i - IGP, e - EGP, ? - incomplete Network NextHop MED LocPrf PrefVal Path/Ogn i 8.1.1.0/24 3.1.1.2 0 100 0 65008i The output shows that Router A has learned no route to AS 65009, and Router C has learned network 8.1.1.0 but the next hop 3.1.1.2 is unreachable. Therefore, the route is invalid. 4.
*>i 8.1.1.0/24 3.1.1.2 0 100 0 65008i * i 9.1.1.0/24 2.2.2.2 0 100 0 ? The output shows that the route 8.1.1.0 becomes valid with the next hop as Router A. 5. Verify the configuration: # Ping 8.1.1.1 on Router C. [RouterC] ping 8.1.1.1 PING 8.1.1.1: 56 data bytes, press CTRL_C to break Reply from 8.1.1.1: bytes=56 Sequence=1 ttl=254 time=2 ms Reply from 8.1.1.1: bytes=56 Sequence=2 ttl=254 time=2 ms Reply from 8.1.1.1: bytes=56 Sequence=3 ttl=254 time=2 ms Reply from 8.1.1.
[RouterB-ospf-1] quit # Configure Router C. system-view [RouterC] ospf 1 [RouterC-ospf-1] import-route direct [RouterC-ospf-1] area 0 [RouterC-ospf-1-area-0.0.0.0] network 9.1.1.0 0.0.0.255 [RouterC-ospf-1-area-0.0.0.0] quit [RouterC-ospf-1] quit 3. Configure the EBGP connection: Configure the EBGP connection and inject network 8.1.1.0/24 to the BGP routing table of Router A, so that Router B can obtain the route to 8.1.1.0/24. # Configure Router A.
*> 3.3.3.3/32 3.1.1.1 1 0 65009? *> 8.1.1.0/24 0.0.0.0 0 0 i *> 9.1.2.0/24 3.1.1.1 1 0 65009? # Display the routing table on Router C. [RouterC] display ip routing-table Routing Tables: Public Destinations : 9 5. Routes : 9 Destination/Mask Proto Pre Cost NextHop Interface 2.2.2.2/32 OSPF 10 1 9.1.1.1 S2/2/0 3.3.3.3/32 Direct 0 0 127.0.0.1 InLoop0 8.1.1.0/24 O_ASE 1 9.1.1.1 S2/2/0 9.1.1.0/24 Direct 0 0 9.1.1.2 S2/2/0 9.1.1.2/32 Direct 0 0 127.0.0.
BGP load balancing configuration Network requirements As shown in Figure 75, all routers run BGP, and Router A resides in AS 65008, and Router B and Router C reside in AS 65009. EBGP runs between Router A and Router B, and between Router A and Router C. IBGP runs between Router B and Router C. Configure two routes on Router A for load balancing. Figure 75 Network diagram Configuration procedure 1. Configure IP addresses for interfaces. (Details not shown.) 2.
[RouterB-bgp] router-id 2.2.2.2 [RouterB-bgp] peer 3.1.1.2 as-number 65008 [RouterB-bgp] peer 3.3.3.3 as-number 65009 [RouterB-bgp] peer 3.3.3.3 connect-interface loopback 0 [RouterB-bgp] network 9.1.1.0 24 [RouterB-bgp] quit [RouterB] ip route-static 3.3.3.3 32 9.1.1.2 # Configure Router C. system-view [RouterC] bgp 65009 [RouterC-bgp] router-id 3.3.3.3 [RouterC-bgp] peer 3.1.2.2 as-number 65008 [RouterC-bgp] peer 2.2.2.2 as-number 65009 [RouterC-bgp] peer 2.2.2.
Total Number of Routes: 3 BGP Local router ID is 1.1.1.1 Status codes: * - valid, ^ - VPNv4 best, > - best, d - damped, h - history, i - internal, s - suppressed, S - Stale Origin : i - IGP, e - EGP, ? - incomplete Network *> *> 8.1.1.0/24 9.1.1.0/24 *> { { NextHop MED 0.0.0.0 0 LocPrf PrefVal Path/Ogn 0 i 3.1.1.1 0 0 65009i 3.1.2.1 0 0 65009i The output shows two valid routes to the destination 9.1.1.
# Configure a default route with the next hop 192.168.212.1 on Router A. system-view [RouterA] ip route-static 0.0.0.0 0 192.168.212.1 # Configure static routes to 192.168.64.0/24, 192.168.74.0/24, and 192.168.99.0/24 with the same next hop 192.168.212.161 on Router B. system-view [RouterB] ip route-static 192.168.64.0 18 192.168.212.161 [RouterB] ip route-static 192.168.74.0 24 192.168.212.161 [RouterB] ip route-static 192.168.99.0 24 192.168.212.161 3.
# On Router C, enable BGP, specify Router D as an EBGP peer, and configure BGP to redistribute OSPF routes. [RouterC] bgp 65106 [RouterC-bgp] router-id 3.3.3.3 [RouterC-bgp] peer 10.220.2.217 as-number 64631 [RouterC-bgp] import-route ospf # Enable BGP, and configure Router C as an EBGP peer on Router D. [RouterD] bgp 64631 [RouterD-bgp] router-id 4.4.4.4 [RouterD-bgp] peer 10.220.2.16 as-number 65106 [RouterD-bgp] quit # Display routing table information on Router D.
127.0.0.1/32 Direct 0 0 127.0.0.1 InLoop0 172.17.100.0/24 Direct 0 0 172.17.100.2 S2/2/1 172.17.100.2/32 Direct 0 0 127.0.0.1 InLoop0 192.168.64.0/18 BGP 130 0 127.0.0.1 NULL0 192.168.64.0/24 O_ASE 150 1 172.17.100.1 S2/2/1 192.168.74.0/24 O_ASE 150 1 172.17.100.1 S2/2/1 192.168.99.0/24 O_ASE 150 1 172.17.100.1 S2/2/1 The output shows that Router C has a summary route 192.168.64.0/18 with the output interface Null0.
Configuration procedure 1. Configure IP addresses for interfaces. (Details not shown.) 2. Configure EBGP connections: # Configure Router A. system-view [RouterA] bgp 10 [RouterA-bgp] router-id 1.1.1.1 [RouterA-bgp] peer 200.1.2.2 as-number 20 [RouterA-bgp] network 9.1.1.0 255.255.255.0 [RouterA-bgp] quit # Configure Router B. system-view [RouterB] bgp 20 [RouterB-bgp] router-id 2.2.2.2 [RouterB-bgp] peer 200.1.2.1 as-number 10 [RouterB-bgp] peer 200.1.3.
Status codes: * - valid, ^ - VPNv4 best, > - best, d - damped, h - history, i - internal, s - suppressed, S - Stale Origin : i - IGP, e - EGP, ? - incomplete *> Network NextHop MED 9.1.1.0/24 200.1.3.1 0 LocPrf PrefVal Path/Ogn 0 20 10i Router C has learned the route to the destination 9.1.1.0/24 from Router B. 3. Configure BGP community attribute: # Configure a routing policy.
Figure 78 Network diagram Configuration procedure 1. Configure IP addresses for interfaces. (Details not shown.) 2. Configure BGP connections: # Configure Router A. system-view [RouterA] bgp 100 [RouterA-bgp] peer 192.1.1.2 as-number 200 # Inject network 1.0.0.0/8 to the BGP routing table. [RouterA-bgp] network 1.0.0.0 [RouterA-bgp] quit # Configure Router B. system-view [RouterB] bgp 200 [RouterB-bgp] peer 192.1.1.1 as-number 100 [RouterB-bgp] peer 193.1.1.
4. Verify the configuration: # Display the BGP routing table on Router B. [RouterB] display bgp routing-table Total Number of Routes: 1 BGP Local router ID is 200.1.2.2 Status codes: * - valid, ^ - VPNv4 best, > - best, d - damped, h - history, i - internal, s - suppressed, S - Stale Origin : i - IGP, e - EGP, ? - incomplete *> Network NextHop MED 1.0.0.0 192.1.1.1 0 LocPrf PrefVal Path/Ogn 0 100i # Display the BGP routing table on Router D.
Device Interface IP address Device Interface IP address Router A S2/2/1 200.1.1.1/24 Router D GE2/1/1 10.1.5.1/24 GE2/1/1 10.1.2.1/24 GE2/1/2 10.1.3.2/24 GE2/1/2 10.1.3.1/24 GE2/1/1 10.1.5.2/24 GE2/1/3 10.1.4.1/24 GE2/1/2 10.1.4.2/24 GE2/1/4 10.1.1.1/24 Router B GE2/1/1 10.1.1.2/24 Router C GE2/1/1 10.1.2.2/24 Router E Router F Configuration procedure 1. Configure IP addresses for interfaces. (Details not shown.) 2. Configure the BGP confederation: # Configure Router A.
[RouterA-bgp] quit # Configure Router D. system-view [RouterD] bgp 65001 [RouterD-bgp] router-id 4.4.4.4 [RouterD-bgp] confederation id 200 [RouterD-bgp] peer 10.1.3.1 as-number 65001 [RouterD-bgp] peer 10.1.5.2 as-number 65001 [RouterD-bgp] quit # Configure Router E. system-view [RouterE] bgp 65001 [RouterE-bgp] router-id 5.5.5.5 [RouterE-bgp] confederation id 200 [RouterE-bgp] peer 10.1.4.1 as-number 65001 [RouterE-bgp] peer 10.1.5.1 as-number 65001 [RouterE-bgp] quit 4.
Paths: 1 available, 1 best BGP routing table entry information of 9.1.1.0/24: From : 10.1.1.1 (1.1.1.1) Relay Nexthop : 0.0.0.0 Original nexthop: 10.1.1.1 AS-path : (65001) 100 Origin : igp Attribute value : MED 0, localpref 100, pref-val 0, pre 255 State : valid, external-confed, best, Not advertised to any peers yet # Display BGP routing table information on Router D. [RouterD] display bgp routing-table Total Number of Routes: 1 BGP Local router ID is 4.4.4.
BGP path selection configuration Network requirements • In Figure 80, all routers run BGP. EBGP runs between Router A and Router B, and between Router A and Router C. IBGP runs between Router B and Router D, and between Router D and Router C. • OSPF is the IGP protocol in AS 200. • Configure routing policies to make Router D give priority to the route 1.0.0.0/8 learned from Router C.
[RouterC-ospf-1] quit # Configure Router D. system-view [RouterD] ospf [RouterD-ospf] area 0 [RouterD-ospf-1-area-0.0.0.0] network 194.1.1.0 0.0.0.255 [RouterD-ospf-1-area-0.0.0.0] network 195.1.1.0 0.0.0.255 [RouterD-ospf-1-area-0.0.0.0] quit [RouterD-ospf-1] quit 3. Configure BGP connections: # Configure Router A. system-view [RouterA] bgp 100 [RouterA-bgp] peer 192.1.1.2 as-number 200 [RouterA-bgp] peer 193.1.1.2 as-number 200 # Inject network 1.0.0.
[RouterA-route-policy] quit [RouterA] route-policy apply_med_100 permit node 10 [RouterA-route-policy] if-match acl 2000 [RouterA-route-policy] apply cost 100 [RouterA-route-policy] quit # Apply routing policy apply_med_50 to the route advertised to 193.1.1.2 (Router C), and apply routing policy apply_med_100 to the route advertised to 192.1.1.2 (Router B). [RouterA] bgp 100 [RouterA-bgp] peer 193.1.1.2 route-policy apply_med_50 export [RouterA-bgp] peer 192.1.1.
Status codes: * - valid, ^ - VPNv4 best, > - best, d - damped, h - history, i - internal, s - suppressed, S - Stale Origin : i - IGP, e - EGP, ? - incomplete Network NextHop MED LocPrf PrefVal Path/Ogn *>i 1.0.0.0 193.1.1.1 0 200 0 100i * i 192.1.1.1 0 100 0 100i The route 1.0.0.0/8 learned from Router C is the optimal. BGP GR configuration Network requirements In Figure 81 are all BGP routers. EBGP runs between Router A and Router B. IBGP runs between router B and Router C.
# Inject networks 200.1.1.0/24 and 9.1.1.0/24 to the BGP routing table. [RouterB-bgp] network 200.1.1.0 24 [RouterB-bgp] network 9.1.1.0 24 # Enable GR capability for BGP. [RouterB-bgp] graceful-restart 3. Configure Router C: # Configure IP addresses for interfaces. (Details not shown.) # Configure the IBGP connection. system-view [RouterC] bgp 65009 [RouterC-bgp] router-id 3.3.3.3 [RouterC-bgp] peer 9.1.1.1 as-number 65009 # Enable GR capability for BGP. [RouterC-bgp] graceful-restart 4.
3. Configure BGP on Router A: # Establish two IBGP connections to Router C. system-view [RouterA] bgp 200 [RouterA-bgp] peer 3.0.2.2 as-number 200 [RouterA-bgp] peer 2.0.2.2 as-number 200 [RouterA-bgp] quit # Create ACL 2000 to permit 1.1.1.0/24 to pass. [RouterA] acl number 2000 [RouterA-acl-basic-2000] rule permit source 1.1.1.0 0.0.0.255 [RouterA-acl-basic-2000] quit # Create two route policies, apply_med_50 and apply_med_100. Policy apply_med_50 sets the MED for route 1.1.1.0/24 to 50.
[RouterA-GigabitEthernet2/1/2] bfd detect-multiplier 7 # Configure Router C. [RouterC] bfd session init-mode active [RouterC] interface gigabitethernet 2/1 [RouterC-GigabitEthernet2/1] bfd min-transmit-interval 500 [RouterC-GigabitEthernet2/1] bfd min-receive-interval 500 [RouterC-GigabitEthernet2/1] bfd detect-multiplier 7 [RouterC-GigabitEthernet2/1] return 6. Verify the configuration: The following operations are made on Router C. Operations on Router A are similar.
Destination: 1.1.1.0/24 Protocol: BGP Process ID: 0 Preference: 0 NextHop: 3.0.1.1 BkNextHop: 0.0.0.0 RelyNextHop: 3.0.2.1 Cost: 50 Interface: GigabitEthernet2/1/1 BkInterface: Neighbor : 3.0.1.1 Tunnel ID: 0x0 Label: NULL State: Active Adv Age: 00h08m54s Tag: 0 Destination: 1.1.1.0/24 Protocol: BGP Process ID: 0 Preference: 0 NextHop: 2.0.1.1 BkNextHop: 0.0.0.0 RelyNextHop: 2.0.2.1 Cost: 100 Interface: GigabitEthernet2/1/2 BkInterface: Neighbor : 2.0.1.
Preference: 0 Cost: 100 NextHop: 2.0.1.1 BkNextHop: 0.0.0.0 Interface: GigabitEthernet2/1/2 BkInterface: RelyNextHop: 2.0.2.1 Neighbor : 2.0.1.1 Tunnel ID: 0x0 Label: NULL State: Active Adv Age: 00h09m54s Tag: 0 The output shows that Router C has one route to reach network 1.1.1.0/24, that is, Router C<—>Router D<—>Router A. BGP dynamic peer configuration Network diagram All routers run BGP. Router A needs to establish an IBGP connection with Router B, Router C, and Router D, respectively.
# On Router C, configure Router A as an IBGP peer. system-view [RouterC] bgp 200 [RouterC-bgp] router-id 3.3.3.3 [RouterC-bgp] peer 10.1.2.1 as-number 200 # On Router D, configure Router A as an IBGP peer. system-view [RouterD] bgp 200 [RouterD-bgp] router-id 4.4.4.4 [RouterD-bgp] peer 10.1.3.1 as-number 200 # Display information about BGP peers on Router A. [RouterA] display bgp peer BGP local router ID : 1.1.1.
Troubleshooting BGP BGP peer relationship not established Symptom Display BGP peer information by using the display bgp peer command. The state of the connection to a peer cannot become established. Analysis To become BGP peers, any two routers must establish a TCP session using port 179 and exchange Open messages successfully. Solution 1. Use the display current-configuration command to verify that the peer's AS number is correct. 2.
Configuring policy-based routing Overview Different from destination-based routing, policy-based routing (PBR) uses user-defined policies to route packets based on the source address, packet length, and other criteria. A policy can specify the output interface, next hop, default output interface, default next hop, and other parameters for packets that match specific criteria such as ACLs or have specific lengths.
Table 8 Priorities and meanings of apply clauses Clause Meaning Priority apply ip-df zero Sets the DF (Don't Fragment) bit in the IP header to 0, which means the packet can be fragmented. This clause is always executed. If this clause is configured, other apply clauses, except the apply ip-df zero clause, are not executed. apply access-vpn vpn-instance Sets VPN instances. apply ip-precedence Sets an IP precedence.
If a node has no if-match or apply clauses configured, all packets can match the node and are forwarded according to the routing table. PBR and track You can use track to monitor the output interface, default output interface, next hop, and default next hop for PBR so that PBR can discover link failures faster. PBR takes effect when the status of the associated track entry is positive or invalid. For more information about track-PBR collaboration, see High Availability Configuration Guide.
Step Command Remarks 1. Enter system view. system-view N/A 2. Enter policy node view. policy-based-route policy-name [ deny | permit ] node node-number N/A 3. Configure an ACL match criterion. if-match acl acl-number Optional. 4. Configure a packet length match criterion. if-match packet-length min-len max-len Optional. 5. Configure a reverse input interface match criterion. if-match reverse-input-interface interface-type interface-number Optional.
Step Command Remarks Optional. 9. apply default output-interface interface-type interface-number [ track track-entry-number ] [ interface-type interface-number [ track track-entry-number ] ] Set default output interfaces. 10. Set default next hops. apply ip-address default next-hop ip-address [ direct ] [ track track-entry-number ] [ ip-address [ direct ] [ track track-entry-number ] ] 11. Set two default next hops to operate in active/standby mode. apply ip-address default next-hop standby 12.
If the specified policy does not exist, the interface PBR configuration succeeds, but it does not take effect until the policy is created. To configure interface PBR on a VLAN interface of an 6600 router that operates in gateway mode and is configured with SAP modules, use the redirect command to configure a traffic redirecting action for the VLAN. For more information about configuring traffic redirecting actions, see ACL and QoS Configuration Guide. You can apply the same policy on multiple interfaces.
PBR configuration examples Configuring local PBR based on packet type Network requirements As shown in Figure 84, configure local PBR on Router A to forward all locally generated TCP packets through Serial 2/2/0. Router A forwards other packets according to the routing table. Figure 84 Network diagram Configuration procedure 1. Configure Router A: # Configure ACL 3101 to match TCP packets.
system-view [RouterC] interface serial 2/2/1 [RouterC-Serial2/2/1] ip address 1.1.3.2 255.255.255.0 [RouterC-Serial2/2/1] quit 4. Verify the configuration: # Telnet to Router B (1.1.2.2/24) from Router A. The operation succeeds. # Telnet to Router C (1.1.3.2/24) from Router A. The operation fails. # Ping Router C (1.1.3.2/24) from Router A. The operation succeeds. Telnet uses TCP, and ping uses ICMP.
# Configure Node 5 for policy aaa to forward TCP packets through Serial 2/2/0. [RouterA] policy-based-route aaa permit node 5 [RouterA-pbr-aaa-5] if-match acl 3101 [RouterA-pbr-aaa-5] apply output-interface serial 2/2/0 [RouterA-pbr-aaa-5] quit # Configure interface PBR by applying the policy aaa on GigabitEthernet 2/1/1. [RouterA] interface GigabitEthernet 2/1/1 [RouterA-GigabitEthernet2/1/1] ip address 10.110.0.10 255.255.255.
• Forwards packets with a length of 64 to 100 bytes to the next hop 150.1.1.2/24. • Forwards packets with a length of 101 to 1000 to the next hop 151.1.1.2/24. All other packets are forwarded according to the routing table. Figure 86 Network diagram Configuration procedure 1. Configure Router A: # Configure RIP. system-view [RouterA] rip [RouterA-rip-1] network 192.1.1.0 [RouterA-rip-1] network 150.1.0.0 [RouterA-rip-1] network 151.1.0.
# Configure RIP. system-view [RouterB] rip [RouterB-rip-1] network 10.0.0.0 [RouterB-rip-1] network 150.1.0.0 [RouterB-rip-1] network 151.1.0.0 # Configure the IP addresses of the serial interfaces. [RouterB] interface serial 2/2/0 [RouterB-Serial2/2/0] ip address 150.1.1.2 255.255.255.0 [RouterB-Serial2/2/0] quit [RouterB] interface serial 2/2/1 [RouterB-Serial2/2/1] ip address 151.1.1.2 255.255.255.0 [RouterB-Serial2/2/1] quit # Configure the loopback interface address.
# Ping Loopback 0 of Router B from Host A, and set the data length to 200 bytes. C:\>ping -l 200 10.1.1.1 Pinging 10.1.1.1 with 200 bytes of data: Reply from 10.1.1.1: bytes=200 time<1ms TTL=255 Reply from 10.1.1.1: bytes=200 time<1ms TTL=255 Reply from 10.1.1.1: bytes=200 time<1ms TTL=255 Reply from 10.1.1.1: bytes=200 time<1ms TTL=255 Ping statistics for 10.1.1.
Figure 87 Network diagram Configuration procedure # Configure IP addresses for the interfaces on Router A and make sure that Router A can reach the public network. (Details not shown.) # Configure an NAT internal server on interface Serial 2/2/0, and specify 2.1.1.100/16 (on the same network segment as the IP address of Serial 2/2/0 on Router A) as the public address of the HTTP server 192.168.1.2/24.
Configuring interface PBR on a VLAN interface Network requirements See Figure 88. Router A is configured with SAP modules. Configure Router A to operate in gateway mode, create VLAN 100 and VLAN 200 on it, and configure interface PBR on VLAN-interface 200 so that packets from VLAN 200 to VLAN 100 are forwarded through GigabitEthernet 2/0/2. Host A belongs to VLAN 100, and Host B belongs to VLAN 200. VLAN 100 and VLAN 200 have a route to each other.
[Route A-acl-adv-3000]rule permit ip [Route A-acl-adv-3000] quit # Create a policy and define node 1, setting the next hop to 30.1.1.2 for packets matching ACL 3000. [Route A] policy-based-route aaa node 1 [Route A-pbr-aaa-1] if-match acl 3000 [Route A-pbr-aaa-1] apply ip-address next-hop 30.1.1.2 [Route A-pbr-aaa-1] quit # Configure interface PBR on VLAN-interface 200.
Configuring IPv6 static routing Overview Static routes are manually configured. If a network's topology is simple, you only need to configure static routes for the network to work correctly. Proper configuration and use can improve network performance and ensure enough bandwidth for important applications. Static routes cannot adapt to network topology changes. If a fault or a topological change occurs in the network, the network administrator has to modify the static routes manually.
Displaying and maintaining IPv6 static routes Task Command Remarks Display IPv6 static route information. display ipv6 routing-table protocol static [ inactive | verbose ] [ | { begin | exclude | include } regular-expression ] Available in any view. For more information about the display ipv6 routing-table protocol static [ inactive | verbose ] [ | { begin | exclude | include } regular-expression ] command, see Layer 3—IP Routing Command Reference.
[RouterB] ipv6 route-static 3:: 64 5::1 # Enable IPv6 and configure the IPv6 default route on Router C. system-view [RouterC] ipv6 [RouterC] ipv6 route-static :: 0 5::2 3. Configure the IPv6 addresses of hosts and gateways: Configure the IPv6 addresses of all the hosts based on the network diagram, and configure the default gateway of Host A as 1::1, Host B as 2::1, and Host C as 3::1. 4. Verify the configuration: # Display the IPv6 routing table on Router A.
5 packet(s) transmitted 5 packet(s) received 0.
Configuring an IPv6 default route An IPv6 default route is used to forward packets that match no entry in the routing table. An IPv6 default route can be configured in either of the following ways: • The network administrator can configure a default route with a destination prefix of ::/0. For more information, see "Configuring IPv6 static routing." • Some dynamic routing protocols, such as OSPFv3, RIPng, and IPv6 IS-IS, can generate an IPv6 default route.
Configuring RIPng Overview RIP next generation (RIPng) is an extension of RIP-2 for IPv4. Most RIP concepts are applicable in RIPng. RIPng for IPv6 has the following basic differences from RIP: • UDP port number—RIPng uses UDP port 521 for sending and receiving routing information. • Multicast address—RIPng uses FF02::9 as the link-local-router multicast address. • Destination Prefix—128-bit destination address prefix. • Next hop—128-bit IPv6 address.
RIPng packet format Basic format A RIPng packet consists of a header and multiple route table entries (RTEs). The maximum number of RTEs in a packet depends on the IPv6 MTU of the sending interface. Figure 90 RIPng basic packet format Packet header description: • Command—Type of message. 0x01 indicates Request, 0x02 indicates Response. • Version—Version of RIPng. It can only be 0x01. • RTE—Route table entry. It is 20 bytes for each entry.
RIPng packet processing procedure Request packet When a RIPng router first starts or must update entries in its routing table, it usually sends a multicast request packet to ask for needed routes from neighbors. The receiving RIPng router processes RTEs in the request. If only one RTE exists with the IPv6 prefix and prefix length both being 0 and with a metric value of 16, the RIPng router responds with the entire routing table information in response messages.
Configuring RIPng basic functions This section presents the information to configure the basic RIPng features. You must enable RIPng first before you configure other tasks, but it is not necessary for RIPng-related interface configurations, such as assigning an IPv6 address. Configuration prerequisites Before you configure RIPng basic functions, complete the following tasks: • Enable IPv6 packet forwarding.
The outbound additional metric is added to the metric of a sent route. The route's metric in the routing table is not changed. The inbound additional metric is added to the metric of a received route before the route is added into the routing table, so the route's metric is changed. To configure an inbound or outbound additional routing metric: Step Command Remarks 1. Enter system view. system-view N/A 2. Enter interface view. interface interface-type interface-number N/A 3.
Step Command Remarks 1. Enter system view. system-view N/A 2. Enter RIPng view. ripng [ process-id ] [ vpn-instance vpn-instance-name ] N/A 3. Configure a filter policy to filter incoming routes. filter-policy { acl6-number | ipv6-prefix ipv6-prefix-name } import By default, RIPng does not filter incoming routing information. 4. Configure a filter policy to filter outgoing routes.
Tuning and optimizing the RIPng network This section describes how to tune and optimize the performance of the RIPng network, as well as applications under special network environments. Before tuning and optimizing the RIPng network, complete the following tasks: • Configure a network layer address for each interface. • Configure the basic RIPng functions. Configuring RIPng timers You can adjust RIPng timers to optimize the performance of the RIPng network.
Step Command Remarks N/A 2. Enter interface view. interface interface-type interface-number 3. Enable the split horizon function. ripng split-horizon Optional. Enabled by default. Configuring the poison reverse function The poison reverse function enables a route learned from an interface to be advertised through the interface. However, the metric of the route is set to 16, which means the route is unreachable. To configure poison reverse: Step Command Remarks 1. Enter system view.
Applying IPsec policies for RIPng To protect routing information and defend attacks, RIPng supports using an IPsec policy to authenticate protocol packets. Outbound RIPng packets carry the Security Parameter Index (SPI) defined in the relevant IPsec policy. A device uses the SPI carried in a received packet to match against the configured IPsec policy. If they match, the device accepts the packet. Otherwise, it discards the packet and does not establish a neighbor relationship with the sending device.
Task Command Remarks Display configuration information of a RIPng process. display ripng [ process-id | vpn-instance vpn-instance-name ] [ | { begin | exclude | include } regular-expression ] Available in any view. Display routes in the RIPng database. display ripng process-id database [ | { begin | exclude | include } regular-expression ] Available in any view. Display the routing information of a specified RIPng process.
[RouterA] interface gigabitethernet 2/1/2 [RouterA-Gigabitethernet2/1/2] ripng 1 enable [RouterA-Gigabitethernet2/1/2] quit # Configure Router B. system-view [RouterB] ripng 1 [RouterB-ripng-1] quit [RouterB] interface gigabitethernet 2/1/1 [RouterB-Gigabitethernet2/1/1] ripng 1 enable [RouterB-Gigabitethernet2/1/1] quit [RouterB] interface gigabitethernet 2/1/2 [RouterB-Gigabitethernet2/1/2] ripng 1 enable [RouterB-Gigabitethernet2/1/2] quit # Configure Router C.
[RouterB] ripng 1 [RouterB-ripng-1] filter-policy 2000 import [RouterB-ripng-1] filter-policy 2000 export # Display routing tables of Router B and Router A.
Configuration procedure 1. Configure IPv6 addresses for the interfaces. (Details not shown.) 2. Configure RIPng basic functions: # Enable RIPng 100 on Router A. system-view [RouterA] ripng 100 [RouterA-ripng-100] quit [RouterA] interface gigabitethernet 2/1/1 [RouterA-Gigabitethernet2/1/1] ripng 100 enable [RouterA-Gigabitethernet2/1/1] quit [RouterA] interface gigabitethernet 2/1/2 [RouterA-Gigabitethernet2/1/2] ripng 100 enable # Enable RIPng 100 and RIPng 200 on Router B.
Interface 3. : InLoop0 Cost : 0 Destination: 2::/64 Protocol : Direct NextHop : 2::1 Preference: 0 Interface : GE2/1/1 Cost : 0 Destination: 2::1/128 Protocol NextHop : ::1 Preference: 0 : Direct Interface : InLoop0 Cost : 0 Destination: FE80::/10 Protocol : Direct NextHop : :: Preference: 0 Interface : NULL0 Cost : 0 Configure RIPng route redistribution: # Configure route redistribution between the two RIPng processes on Router B.
NextHop : FE80::200:BFF:FE01:1C02 Interface : GE2/1/2 Preference: 100 Cost : 4 Destination: FE80::/10 Protocol : Direct NextHop : :: Preference: 0 Interface : NULL0 Cost : 0 Configuring RIPng IPsec policies Network requirements As shown in the following figure, • Configure RIPng on the routers. • Configure IPsec policies on the routers to authenticate and encrypt protocol packets. Figure 95 Network diagram Configuration procedure 1. Configure IPv6 addresses for interfaces.
3. Configure RIPng IPsec policies: # On Router A, create an IPsec proposal named tran1, and set the encapsulation mode to transport mode, the security protocol to ESP, the encryption algorithm to DES, and authentication algorithm to SHA1. Create an IPsec policy named policy001, specify the manual mode for it, reference IPsec proposal tran1, set the SPIs of the inbound and outbound SAs to 12345, and the keys for the inbound and outbound SAs using ESP to abcdefg.
[RouterC] ipsec policy policy001 10 manual [RouterC-ipsec-policy-manual-policy001-10] transform-set tran1 [RouterC-ipsec-policy-manual-policy001-10] sa spi outbound esp 12345 [RouterC-ipsec-policy-manual-policy001-10] sa spi inbound esp 12345 [RouterC-ipsec-policy-manual-policy001-10] sa string-key outbound esp abcdefg [RouterC-ipsec-policy-manual-policy001-10] sa string-key inbound esp abcdefg [RouterC-ipsec-policy-manual-policy001-10] quit 4.
Configuring OSPFv3 Overview Open Shortest Path First version 3 (OSPFv3) supports IPv6 and complies with RFC 5340 (OSPF for IPv6).
• Router-LSA—Originated by all routers. This LSA describes the collected states of the router's interfaces to an area, and is flooded throughout a single area only. • Network-LSA—Originated for broadcast and NBMA networks by the Designated Router. This LSA contains the list of routers connected to the network, and is flooded throughout a single area only. • Inter-Area-Prefix-LSA—Originated by Area Border Routers (ABRs), and flooded throughout the LSA's associated area.
LSA delay timer Each LSA has an age in the local link state database (LSDB) (incremented by one per second), but an LSA does not age on transmission. You must add an LSA delay time into the age time before transmission, which is important for low-speed networks. SPF timer Whenever the LSDB changes, an SPF calculation happens. If recalculations become frequent, a large amount of resources are occupied.
Task Remarks information control Tuning and optimizing OSPFv3 networks Configuring OSPFv3 GR Configuring an OSPFv3 cost for an interface Optional. Configuring the maximum number of OSPFv3 ECMP routes Optional. Configuring a priority for OSPFv3 Optional. Configuring OSPFv3 route redistribution Optional. Configuring OSPFv3 timers Optional. Configuring a DR priority for an interface Optional. Ignoring MTU check for DD packets Optional.
Step Command Remarks 3. Specify a router ID. router-id router-id N/A 4. Enter interface view. interface interface-type interface-number N/A 5. Enable an OSPFv3 process on the interface. ospfv3 process-id area area-id [ instance instance-id ] Not enabled by default. Configuring OSPFv3 area parameters The stub area, NSSA area, and virtual link features of OSPFv3 are the same as OSPFv2. Splitting an OSPFv3 AS into multiple areas reduces the number of LSAs and extends OSPFv3 applications.
Step 5. Command Specify a cost for the default route advertised to the stub area. Remarks Optional. default-cost value The cost for the default route advertised to the stub area is 1. Configuring an OSPFv3 NSSA area Step Command Remarks 1. Enter system view. system-view N/A 2. Enter OSPFv3 view. ospfv3 [ process-id ] N/A 3. Enter OSPFv3 area view. area area-id N/A 4. Configure the area as an NSSA area.
Configuring OSPFv3 network types OSPFv3 classifies networks into the following types by the link layer protocol: By default, the OSPFv3 interface network types vary with the link layer protocols of the interfaces: • When the link layer protocol is PPP, OSPFv3 considers the network type as P2P by default. • When the link layer protocol is Ethernet, OSPFv3 considers the network type as broadcast by default.
Step Command Specify an NBMA or P2MP (unicast) neighbor and its DR priority. 3. ospfv3 peer ipv6-address [ dr-priority dr-priority ] [ instance instance-id ] Configuring OSPFv3 routing information control This section describes how to configure the control of OSPFv3 routing information advertisement and reception, and redistribution from other protocols. Configuration prerequisites Before you configure OSPFv3 routing information control, complete the following tasks: • Enable IPv6 packet forwarding.
NOTE: The filter-policy import command can only filter routes computed by OSPFv3. Only routes not filtered out can be added into the local routing table. Configuring an OSPFv3 cost for an interface You can configure an OSPFv3 cost for an interface with one of the following methods: • Configure the cost value in interface view.
Step Command Specify the maximum number of ECMP routes. 3. Remarks Optional. maximum load-balancing maximum By default, he maximum number of ECMP routes is 8. Configuring a priority for OSPFv3 A router can run multiple routing protocols. The system assigns a priority to each protocol. When these routing protocols find the same route, the route found by the protocol with the highest priority is selected. To configure a priority for OSPFv3: Step Command Remarks 1. Enter system view.
Step Command 5. Inject a default route. default-route-advertise [ always | cost value | type type | route-policy route-policy-name ] * Filter redistributed routes. filter-policy { acl6-number | ipv6-prefix ipv6-prefix-name } export [ isisv6 process-id | ospfv3 process-id | ripng process-id | bgp4+ | direct | static ] 6. Remarks Optional. Not injected by default. Optional. Not configured by default.
Step Command Remarks 4. Specify the poll interval. ospfv3 timer poll seconds [ instance instance-id ] 5. Configure the dead interval. ospfv3 timer dead seconds [ instance instance-id ] 6. Configure the LSA retransmission interval. ospfv3 timer retransmit interval [ instance instance-id ] 7. Configure the LSA transmission delay. ospfv3 trans-delay seconds [ instance instance-id ] 8. Return to system view. quit N/A 9. Enter OSPFv3 view. ospfv3 [ process-id ] N/A Optional.
Step Command Remarks 1. Enter system view. system-view N/A 2. Enter interface view. interface interface-type interface-number N/A 3. Ignore MTU check for DD packets. ospfv3 mtu-ignore [ instance instance-id ] Not ignored by default. Disabling interfaces from receiving and sending OSPFv3 packets Follow these guidelines when you disable interfaces from receiving and sending OSPFv3 packets: • Multiple OSPFv3 processes can disable the same interface from receiving and sending OSPFv3 packets.
GR helper—The neighbor of the GR restarter. It helps the GR restarter to complete the GR process. • To prevent service interruption after a master/backup switchover, a GR restarter running OSPFv3 must complete the following tasks: • Keep the GR restarter forwarding entries stable during reboot. • Establish all adjacencies and obtain complete topology information after reboot. After the active/standby switchover, the GR restarter sends a Grace-LSA to tell its neighbors that it performs a GR.
Step 3. 4. Command Remarks Enable the GR helper capability. graceful-restart helper enable Enable strict LSA checking. graceful-restart helper strict-lsa-checking Optional. Enabled by default. Optional. Disabled by default. Configuring BFD for OSPFv3 Bidirectional forwarding detection (BFD) provides a mechanism to quickly detect the connectivity of links between OSPFv3 neighbors, thus to improve the convergence speed of OSPFv3.
• To implement area-based IPsec protection, configure the same IPsec policy on the routers in the target area. • To implement interface-based IPsec protection, configure the same IPsec policy on the interfaces between two neighboring routers. • To implement virtual link-based IPsec protection, configure the same IPsec policy on the two routers connected over the virtual link. If an interface and its area each have an IPsec policy configured, the interface uses its own IPsec policy.
Step 4. Apply an IPsec policy on a virtual link. Command Remarks vlink-peer router-id [ hello seconds | retransmit seconds | trans-delay seconds | dead seconds | instance instance-id | ipsec-policy policy-name ] * Not configured by default. Displaying and maintaining OSPFv3 Task Command Display OSPFv3 process brief information. display ospfv3 [ process-id ] [ | { begin | exclude | include } regular-expression ] Display OSPFv3 interface information.
Task Command Remarks Display OSPFv3 link state retransmission list information. display ospfv3 [ process-id ] retrans-list [ { external | grace | inter-prefix | inter-router | intra-prefix | link | network | nssa | router } [ link-state-id ] [ originate-router ip-address ] | statistics ] [ | { begin | exclude | include } regular-expression ] Display OSPFv3 statistics.
[RouterA-ospfv3-1] area 1 [RouterA-ospfv3-1-area-0.0.0.1] nssa [RouterA-ospfv3-1] quit [RouterA] interface GigabitEthernet 2/1/1 [RouterA-GigabitEthernet2/1/1] ospfv3 1 area 1 [RouterA-GigabitEthernet2/1/1] quit [RouterA] interface GigabitEthernet 2/2/1 [RouterA-GigabitEthernet2/2/1] ospfv3 1 area 1 [RouterA-GigabitEthernet2/2/1] quit # Configure Router B. system-view [RouterB] ipv6 [RouterB] ospfv3 1 [RouterB-ospfv3-1] router-id 2.2.2.2 [RouterA-ospfv3-1] area 1 [RouterA-ospfv3-1-area-0.0.0.
---------------------------------------------------------------------Neighbor ID Pri State Dead Time Interface Instance ID 3.3.3.3 1 Full/Backup 00:00:34 GE2/2/0 0 OSPFv3 Area ID 0.0.0.1 (Process 1) ---------------------------------------------------------------------Neighbor ID Pri State Dead Time Interface Instance ID 1.1.1.1 1 Full/DR 00:00:35 GE2/2/1 0 # Display OSPFv3 neighbor information on Router C. [RouterC] display ospfv3 peer OSPFv3 Area ID 0.0.0.
[RouterD-ospfv3-1] area 2 [RouterD-ospfv3-1-area-0.0.0.2] stub # Configure Router C, and specify the cost of the default route sent to the stub area as 10. [RouterC] ospfv3 [RouterC-ospfv3-1] area 2 [RouterC-ospfv3-1-area-0.0.0.2] stub [RouterC-ospfv3-1-area-0.0.0.2] default-cost 10 # Display OSPFv3 routing information on Router D. A default route is added and its cost is the cost of a direct route plus the configured cost.
* - Selected route OSPFv3 Router with ID (4.4.4.4) (Process 1) -----------------------------------------------------------------------*Destination: ::/0 Type : IA Cost : 11 NextHop : FE80::F40D:0:93D0:1 Interface: GE2/2/1 *Destination: 2001:2::/64 Type : I Cost : 1 NextHop : directly-connected Interface: GE2/2/1 Configuring OSPFv3 DR election Network requirements • As shown in Figure 98, the priority of Router A is 100, the highest priority on the network, so it becomes the DR.
[RouterA-GigabitEthernet2/1/1] quit # Configure Router B. system-view [RouterB] ipv6 [RouterB] ospfv3 [RouterB-ospfv3-1] router-id 2.2.2.2 [RouterB-ospfv3-1] quit [RouterB] interface GigabitEthernet 2/1/1 [RouterB-GigabitEthernet2/1/1] ospfv3 1 area 0 [RouterB-GigabitEthernet2/1/1] quit # Configure Router C. system-view [RouterC] ipv6 [RouterC] ospfv3 [RouterC-ospfv3-1] router-id 3.3.3.
[RouterA] interface GigabitEthernet 2/1/1 [RouterA-GigabitEthernet2/1/1] ospfv3 dr-priority 100 [RouterA-GigabitEthernet2/1/1] quit # Configure the DR priority of GigabitEthernet 2/1/1 as 0 on Router B. [RouterB] interface GigabitEthernet 2/1/1 [RouterB-GigabitEthernet2/1/1] ospfv3 dr-priority 0 [RouterB-GigabitEthernet2/1/1] quit # Configure the DR priority of GigabitEthernet 2/1/1 as 2 on Router C.
Configuring OSPFv3 route redistribution Network requirements • As shown in Figure 99, Router A, Router B, and Router C are in Area 2. • OSPFv3 process 1 and OSPFv3 process 2 are enabled on Router B. Router B communicates with Router A and Router C through OSPFv3 process 1 and OSPFv3 process 2, respectively. • Configure OSPFv3 process 2 to redistribute direct routes and the routes from OSPFv3 process 1 on Router B, and set the default metric for redistributed routes to 3.
[RouterB-ospfv3-2] router-id 3.3.3.3 [RouterB-ospfv3-2] quit [RouterB] interface GigabitEthernet 2/1/1 [RouterB-GigabitEthernet2/1/1] ospfv3 2 area 2 [RouterB-GigabitEthernet2/1/1] quit # Enable OSPFv3 process 2 on Router C. system-view [RouterC] ipv6 [RouterC] ospfv3 2 [RouterC-ospfv3-2] router-id 4.4.4.
[RouterB] ospfv3 2 [RouterB-ospfv3-2] default cost 3 [RouterB-ospfv3-2] import-route ospfv3 1 [RouterB-ospfv3-2] import-route direct [RouterB-ospfv3-2] quit # Display the routing table of Router C.
• Router A acts as the GR restarter. Router B and Router C are the GR helpers, and synchronize their LSDBs with Router A through out-of-band (OOB) communication of GR. Figure 100 Network diagram Configuration procedure 1. Configure IPv6 addresses for interfaces. (Details not shown.) 2. Configure OSPFv3 basic functions: # On Router A, enable OSPFv3 process 1, enable GR, and set the router ID to 1.1.1.1. system-view [RouterA] ipv6 [RouterA] ospfv3 1 [RouterA-ospfv3-1] router-id 1.1.1.
[RouterC] interface GigabitEthernet 2/1/1 [RouterC-GigabitEthernet2/1/1] ospfv3 1 area 1 [RouterC-GigabitEthernet2/1/1] quit 3. Verify the configuration: # After all routers function correctly, perform a master/backup switchover on Router A to trigger an OSPFv3 GR operation. Configuring BFD for OSPFv3 Network requirements As shown in Figure 101: • Configure OSPFv3 on Router A, Router B and Router C and configure BFD over the link Router A<—>L2 Switch<—>Router B.
[RouterA-Gigabitethernet2/1/1] quit [RouterA] interface gigabitethernet 2/1/2 [RouterA-Gigabitethernet2/1/2] ospfv3 1 area 0 [RouterA-Gigabitethernet2/1/2] quit # Configure Router B. Enable OSPFv3 and configure the router ID as 2.2.2.2. system-view [RouterB] ipv6 [RouterB] ospfv3 1 [RouterB-ospfv3-1] router-id 2.2.2.
display bfd session Total Session Num: 1 Init Mode: Active IPv6 Session Working Under Ctrl Mode: Local Discr: 1441 Remote Discr: 1450 Source IP: FE80::20F:FF:FE00:1202 (link-local address of Gigabitethernet2/1/1 on Router A) Destination IP: FE80::20F:FF:FE00:1200 (link-local address of Gigabitethernet2/1/1 on Router B) Session State: Up Hold Time: Interface: GE2/1/1 / # Display routes to 2001:4::0/64 on Router A, and you can see that Router A communicates with Router B through the Layer 2 s
*Nov 5 11:37:43:062 2009 RouterA RM/6/RMDEBUG: OSPFv3 OSPFv3-BFD: Message Type rcv BFD down, Connect Type direct-connect, Src IP Address FE80::20F:FF:FE00:1202, Dst IP Address FE80::20F:FF:FE00:1200. *Nov 5 11:37:43:062 2009 RouterA RM/6/RMDEBUG: OSPFv3 OSPFv3-BFD: Message Type delete session, Connect Type direct-connect, Src IP Address FE80::20F:FF:FE00:1202, Dst IP Address FE80::20F:FF:FE00:1200. # Display the BFD information of Router A.
# Configure Router A: enable OSPFv3 and configure the Router ID as 1.1.1.1. system-view [RouterA] ipv6 [RouterA] ospfv3 1 [RouterA-ospfv3-1] router-id 1.1.1.1 [RouterA-ospfv3-1] quit [RouterA] interface GigabitEthernet 2/2/1 [RouterA-GigabitEthernet2/2/1] ospfv3 1 area 1 [RouterA-GigabitEthernet2/2/1] quit # Configure Router B: enable OSPFv3 and configure the Router ID as 2.2.2.2. system-view [RouterB] ipv6 [RouterB] ospfv3 1 [RouterB-ospfv3-1] router-id 2.2.2.
[RouterA-ipsec-policy-manual-policy001-10] quit # On Router B, create an IPsec proposal named tran1, and set the encapsulation mode to transport mode, the security protocol to ESP, the encryption algorithm to DES, and authentication algorithm to SHA1. Create an IPsec policy named policy001, specify the manual mode for it, reference IPsec proposal tran1, set the SPIs of the inbound and outbound SAs to 12345, and the keys for the inbound and outbound SAs using ESP to abcdefg.
[RouterC-ipsec-policy-manual-policy002-10] sa spi outbound esp 54321 [RouterC-ipsec-policy-manual-policy002-10] sa spi inbound esp 54321 [RouterC-ipsec-policy-manual-policy002-10] sa string-key outbound esp gfedcba [RouterC-ipsec-policy-manual-policy002-10] sa string-key inbound esp gfedcba [RouterC-ipsec-policy-manual-policy002-10] quit 4. Apply the IPsec policies in areas: # Configure Router A. [RouterA] ospfv3 1 [RouterA-ospfv3-1] area 1 [RouterA-ospfv3-1-area-0.0.0.
3. Ping the neighbor router's IP address to check connectivity. 4. Check OSPFv3 timers. The dead interval on an interface must be at least four times the hello interval. 5. On a broadcast network, at least one interface must have a DR priority higher than 0. Incorrect routing information Symptom OSPFv3 cannot find routes to other areas. Analysis The backbone area must maintain connectivity to all other areas.
Configuring IPv6 IS-IS This chapter describes how to configure IPv6 IS-IS, which supports all IPv4 IS-IS features except that it advertises IPv6 routing information. For information about IS-IS, see "Configuring IS-IS." Overview Intermediate System-to-Intermediate System (IS-IS) supports multiple network protocols, including IPv6. To support IPv6, the IETF added two type-length-values (TLVs) and a new network layer protocol identifier (NLPID).
Step Command Remarks 4. Enable IPv6 for the IS-IS process. ipv6 enable Disabled by default. 5. Return to system view. quit N/A 6. Enter interface view. interface interface-type interface-number N/A 7. Enable IPv6 for an IS-IS process on the interface. isis ipv6 enable [ process-id ] Disabled by default. Configuring IPv6 IS-IS route control Before you configure IPv6 IS-IS route control, complete basic IPv6 IS-IS configuration. For information about ACL, see ACL and QoS Configuration Guide.
Step Command Remarks 10. Enable route leaking. ipv6 import-route isisv6 level-2 into level-1 [ filter-policy { acl6-number | ipv6-prefix ipv6-prefix-name | route-policy route-policy-name } | tag tag ] * Optional. Not enabled by default. Optional. 11. Specify the maximum number of equal-cost load balanced routes. ipv6 maximum load-balancing number The default maximum number of equal-cost load balanced routes is 8.
different, routers supporting both IPv4 and IPv6 send IPv6 packets to routers that do not support IPv6, and thus packet loss occurs. To resolve this issue, configure IPv6 IS-IS Multi-Topology Routing (MTR) to perform route calculation separately in IPv4 and IPv6 topologies. Figure 103 Network diagram Router A Router B IPv6 IPv6 4 IPv6 IPv4 36 3 IPv6 IPv4 5 IPv4 IPv4 Router D Router C In Figure 103, the numbers refer to the link costs. Router A, Router B, and Router D support both IPv4 and IPv6.
Displaying and maintaining IPv6 IS-IS Task Command Remarks Display brief IPv6 IS-IS information. display isis brief [ | { begin | exclude | include } regular-expression ] Available in any view. Display the status of the debug switches. display isis debug-switches { process-id | vpn-instance vpn-instance-name } [ | { begin | exclude | include } regular-expression ] Available in any view. Display IS-IS enabled interface information.
IPv6 IS-IS configuration examples IPv6 IS-IS basic configuration example Network requirements As shown in Figure 104, Router A, Router B, Router C, and Router D, all enabled with IPv6, reside in the same autonomous system. Configure IPv6 IS-IS on the routers so that they can reach each other. Router A and Router B are Level-1 routers, Router D is a Level-2 router, and Router C is a Level-1-2 router. Router A, Router B, and Router C belong to area 10, and Router D is in area 20.
[RouterB] interface serial 2/2/0 [RouterB-Serial2/2/0] isis ipv6 enable 1 [RouterB-Serial2/2/0] quit # Configure Router C. system-view [RouterC] ipv6 [RouterC] isis 1 [RouterC-isis-1] network-entity 10.0000.0000.0003.
Next Hop : Direct Interface: S2/2/0 Destination: 2001:2:: PrefixLen: 64 Flag : R/-/- Cost Next Hop : FE80::200:FF:FE0F:4 Interface: S2/2/0 : 20 Destination: 2001:3:: PrefixLen: 64 Flag : R/-/- Cost Next Hop : FE80::200:FF:FE0F:4 Interface: S2/2/0 : 20 Flags: D-Direct, R-Added to RM, L-Advertised in LSPs, U-Up/Down Bit Set # Display the IPv6 IS-IS routing table of Router B.
Destination: 2001:2:: PrefixLen: 64 Flag : D/L/- Cost Next Hop : Direct Interface: S2/2/0 : 10 Destination: 2001:3:: PrefixLen: 64 Flag : D/L/- Cost Next Hop : Direct Interface: S2/2/2 : 10 Flags: D-Direct, R-Added to RM, L-Advertised in LSPs, U-Up/Down Bit Set ISIS(1) IPv6 Level-2 Forwarding Table ------------------------------------Destination: 2001:1:: PrefixLen: 64 Flag : D/L/- Cost Next Hop : Direct Interface: S2/2/1 : 10 Destination: 2001:2:: PrefixLen: 64 Flag : D/L/-
Next Hop : Direct Interface: S2/2/0 Destination: 2001:4::1 PrefixLen: 128 Flag : D/L/- Cost Next Hop : Direct Interface: GE2/1/1 : 0 Flags: D-Direct, R-Added to RM, L-Advertised in LSPs, U-Up/Down Bit Set Configuring BFD for IPv6 IS-IS Network requirements As shown in Figure 105, configure IPv6 IS-IS on Router A, Router B, and Router C and configure BFD over the link Router A<—>L2 Switch<—>Router B.
[RouterA-GigabitEthernet2/1/1] isis ipv6 enable 1 [RouterA-GigabitEthernet2/1/1] quit [RouterA] interface gigabitethernet 2/1/2 [RouterA-GigabitEthernet2/1/2] isis ipv6 enable 1 [RouterA-GigabitEthernet2/1/2] quit # Configure Router B. system-view [RouterB] ipv6 [RouterB] isis 1 [RouterB-isis-1] is-level level-1 [RouterB-isis-1] network-entity 10.0000.0000.0002.
[RouterB-GigabitEthernet2/1/1] bfd detect-multiplier 6 4. Verify configuration: The following operations are made on Router A. Operations for Router B are similar. # Display BFD session information of Router A.
#Aug 8 14:54:05:362 2009 RouterA IFNET/4/INTERFACE UPDOWN: Trap 1.3.6.1.6.3.1.1.5.3: Interface 983041 is Down, ifAdminStatus is 1, ifOperStatus is 2 #Aug 8 14:54:05:363 2009 RouterA ISIS/4/ADJ_CHANGE:TrapID(1.3.6.1.2.1.138.0.17), ISIS Level-2 Adjencency IN Circuit-983041 State Change. #Aug 8 14:54:05:364 2008 RouterA ISIS/4/ADJ_CHANGE:TrapID(1.3.6.1.2.1.138.0.17), ISIS Level-1 Adjencency IN Circuit-983041 State Change.
Configuring IPv6 IS-IS MTR Network requirements As shown in Figure 106, enable IPv6 IS-IS MTR to make the routers perform route calculation separately in IPv4 and IPv6 topologies. Figure 106 Network diagram Configuration procedure 1. Configure IPv4 and IPv6 addresses for the interfaces on each router and configure IS-IS: Follow Figure 106 to configure the IPv4 and IPv6 address and subnet mask of each interface on the routers. (Details not shown.
[RouterA-isis-1] display isis route ipv6 Route information for ISIS(1) ----------------------------- ISIS(1) IPv6 Level-1 Forwarding Table ------------------------------------Destination: 12:: PrefixLen: 64 Flag : D/L/- Cost Next Hop : Direct Interface: GE2/1/1 : 4 Destination: 44::1 PrefixLen: 128 Flag : R/L/- Cost Next Hop : FE80::200:5EFF:FE00:F11 Interface: GE2/1/2 : 36 Destination: 14:: PrefixLen: 64 Flag : D/L/- Cost Next Hop : Direct Interface: GE2/1/2 : 36 Flags: D-Direc
Configuring IPv6 BGP This chapter describes only configuration for IPv6 BGP. For BGP-related information, see "Configuring BGP." IPv6 BGP overview BGP-4 can only carry IPv4 routing information. To support multiple network layer protocols, IETF extended BGP-4 by introducing Multiprotocol Border Gateway Protocol (MP-BGP). MP-BGP for IPv6 is called "IPv6 BGP" for short. IPv6 BGP puts IPv6 network layer information into the attributes of Network Layer Reachability Information (NLRI) and NEXT_HOP.
Task Configuring IPv6 BGP route attributes Tuning and optimizing IPv6 BGP networks Configuring a large-scale IPv6 BGP network Configuring 6PE Remarks Advertising a default route to an IPv6 peer or peer group Optional. Configuring outbound route filtering Optional. Configuring inbound route filtering Optional. Configuring IPv6 BGP and IGP route synchronization Optional. Configuring route dampening Optional.
Specifying an IPv6 BGP peer Step Command Remarks 1. Enter system view. system-view N/A 2. Enter BGP view. bgp as-number N/A 3. Specify a router ID. router-id router-id 4. Enter IPv6 address family view or IPv6 BGP-VPN instance view. ipv6-family [ vpn-instance vpn-instance-name ] N/A Specify an IPv6 peer. peer ipv6-address as-number as-number N/A Optional. 5. Required, if no IP addresses are configured for any interfaces. Injecting a local IPv6 route Step Command Remarks 1.
Step 3. 4. Command Remarks Enter IPv6 address family view or IPv6 BGP-VPN instance view. ipv6-family [ vpn-instance vpn-instance-name ] N/A Configure a preferred value for routes received from an IPv6 peer or peer group. peer { ipv6-group-name | ipv6-address } preferred-value value By default, the preferred value is 0. IPv6 BGP-VPN instance view does not support the ipv6-group-name argument.
Step Command Remarks 2. Enter BGP view. bgp as-number N/A 3. Enter IPv6 address family view. ipv6-family N/A 4. Allow the establishment of EBGP connection to an indirectly connected peer or peer group. peer { ipv6-group-name | ipv6-address } ebgp-max-hop [ hop-count ] Not configured by default. Configuring a description for an IPv6 peer or peer group Step Command Remarks 1. Enter system view. system-view N/A 2. Enter BGP view. bgp as-number N/A 3. Enter IPv6 address family view.
Step Enter IPv6 address family view. 4. Command Remarks ipv6-family N/A Optional. Enable the state change logging for an IPv6 peer or peer group. 5. peer { ipv6-group-name | ipv6-address } log-change Enabled by default. For information about the command, see Layer 3—IP Routing Command Reference. Controlling route distribution and reception This task includes routing information filtering, routing policy application, and route dampening.
To configure IPv6 BGP route summarization: Step Command Remarks 1. Enter system view. system-view N/A 2. Enter BGP view. bgp as-number N/A 3. Enter IPv6 address family view. ipv6-family N/A 4. Configure manual route summarization. aggregate ipv6-address prefix-length [ as-set | attribute-policy route-policy-name | detail-suppressed | origin-policy route-policy-name | suppress-policy route-policy-name ] * Not configured by default.
Step Command Remarks Not applied by default. 5. Apply a routing policy to routes advertised to an IPv6 peer or peer group. peer { ipv6-group-name | ipv6-address } route-policy route-policy-name export 6. Specify an IPv6 ACL to filter routes advertised to an IPv6 peer or peer group. peer { ipv6-group-name | ipv6-address } filter-policy acl6-number export 7. Specify an AS path ACL to filter routes advertised to an IPv6 peer or peer group.
Step 7. 8. 9. Command Remarks Specify an AS path ACL to filter routing information imported from an IPv6 peer or peer group. peer { ipv6-group-name | ipv6-address } as-path-acl as-path-acl-number import Not specified by default. Specify an IPv6 prefix list to filter routing information imported from an IPv6 peer or peer group. peer { ipv6-group-name | ipv6-address } ipv6-prefix ipv6-prefix-name import Not specified by default.
Configuring IPv6 BGP route attributes This section describes how to use IPv6 BGP route attributes to modify BGP routing policy. The attributes include the following: • IPv6 BGP protocol preference • Default LOCAL_PREF attribute • MED attribute • NEXT_HOP attribute • AS_PATH attribute Configuration prerequisites Before you configure IPv6 BGP route attributes, complete the following tasks: • Enable IPv6 function. • Configure IPv6 BGP basic functions.
Step 6. Command Advertise routes to an IPv6 peer or peer group with the local router as the next hop. peer { ipv6-group-name | ipv6-address } next-hop-local Remarks By default, IPv6 BGP specifies the local router as the next hop for routes sent to an IPv6 EBGP peer or peer group, but does not change the next hop for routes sent to an IPv6 IBGP peer or peer group. The IPv6 BGP-VPN instance view does not support this command. Configuring the MED attribute Step Command Remarks 1. Enter system view.
Step 4. 5. 6. 7. 8. Command Remarks Allow the local AS number to appear in AS_PATH of routes from a peer or peer group and specify the repeat times. peer { ipv6-group-name | ipv6-address } allow-as-loop [ number ] Optional. Specify a fake AS number for an IPv6 peer or peer group. peer { ipv6-group-name | ipv6-address } fake-as as-number Optional. Disable IPv6 BGP from considering the AS_PATH during best route selection.
Configure IPv6 BGP basic functions. • Configuring IPv6 BGP timers To configure IPv6 BGP timers: Step Command Remarks 1. Enter system view. system-view N/A 2. Enter BGP view. bgp as-number N/A 3. Enter IPv6 address family view. ipv6-family N/A Optional. • Specify keepalive interval and holdtime: timer keepalive keepalive hold holdtime 4. Configure IPv6 BGP timers.
Performing manual soft-reset Step Command Remarks 1. Enter system view. system-view N/A 2. Enter BGP view. bgp as-number N/A 3. Enter IPv6 address family view. ipv6-family N/A 4. Save all routes from an IPv6 peer or peer group, not letting them go through the inbound policy. peer { ipv6-group-name | ipv6-address } keep-all-routes Optional. 5. Return to user view. return N/A 6. Soft-reset BGP connections manually.
Step Command Remarks 5. Enable the non-standard ORF capability for a BGP peer or peer group. peer { group-name | ipv6-address } capability-advertise orf non-standard 6. Enable the ORF IP prefix negotiation capability for a BGP peer or peer group. peer { group-name | ip-address | ipv6-address } capability-advertise orf ipv6-prefix { both | receive | send } Optional. By default, standard BGP ORF capability defined in RFC 5291 and RFC 5292 is supported. Not supported by default.
Configuring the maximum number of ECMP routes Step Command Remarks 1. Enter system view. system-view N/A 2. Enter BGP view. bgp as-number N/A 3. Enter IPv6 address family view or IPv6 BGP-VPN instance view. ipv6-family [ vpn-instance vpn-instance-name ] N/A Configure the maximum number of ECMP routes. balance [ ebgp | ibgp ] number By default, no load balancing is enabled. 4. Enabling MD5 authentication for TCP connections IPv6 BGP employs TCP as the transport protocol.
• Create an IPsec proposal. • Create an IPsec policy. For more information about IPsec policy configuration, see Security Configuration Guide. Configuration procedure An IPsec policy used for IPv6 BGP can be only in manual mode. For more information, see Security Configuration Guide. To apply an IPsec policy to a peer or peer group Step Command Remarks 1. Enter system view. system-view N/A 2. Enter BGP view. bgp as-number N/A 3. Enter IPv6 address family view. ipv6-family N/A 4.
NOTE: • The peer ttl-security hops command and the peer ebgp-max-hop command are mutually exclusive. • You must configure GTSM on both the local and peer devices, and you can specify different hop-count values in a valid range for them. Configuring a large-scale IPv6 BGP network In a large-scale IPv6 BGP network, configuration and maintenance become inconvenient because of too many peers. Configuring peer groups makes management easier and improves route distribution efficiency.
Step Command Remarks 1. Enter system view. system-view N/A 2. Enter BGP view. bgp as-number N/A 3. Enter IPv6 address family view. ipv6-family N/A 4. Create an EBGP peer group. group ipv6-group-name external N/A 5. Configure the AS number for the peer group. peer ipv6-group-name as-number as-number Not configured by default. 6. Add an IPv6 peer into the peer group. peer ipv6-address group ipv6-group-name Not added by default.
Step Command Remarks 4. Advertise community attribute to an IPv6 peer or peer group. peer { ipv6-group-name | ipv6-address } advertise-community Not advertised by default. 5. Advertise extended community attribute to an IPv6 peer or peer group. peer { ipv6-group-name | ipv6-address } advertise-ext-community Not advertised by default.
Step 6. Command Configure the cluster ID of the route reflector. Remarks Optional. reflector cluster-id cluster-id By default, a route reflector uses its router ID as the cluster ID. Configuring 6PE IPv6 provider edge (6PE) is a transition technology with which Internet service providers (ISPs) can use existing IPv4 backbone networks to provide access capability for sparsely populated IPv6 networks, allowing customer edge (CE) routers in these isolated IPv6 networks to communicate with IPv4 PE routers.
Step Command Remarks 1. Enter system view. system-view N/A 2. Enter BGP view. bgp as-number N/A 3. Specify the AS number for the 6PE peer or peer group. peer { ipv4-group-name | ipv4-address } as-number as-number Not specified by default. 4. Enter IPv6 address family view. ipv6-family N/A 5. Enable the 6PE peer or peer group. peer { ipv4-group-name | ipv4-address | ipv6-address } enable Not enabled by default. 6.
Step Command Remarks 12. Add a 6PE peer to an existing peer group. peer ipv4-address group group-name [ as-number as-number ] Optional. 13. Configure an inbound or outbound IPv6 prefix list based filtering policy for the 6PE peer or peer group. peer { group-name | ipv4-address } ipv6-prefix ipv6-prefix-name { import | export } Optional. 14. Keep all routes from the 6PE peer or peer group, including routes not passing the inbound filtering policy.
After a link failure occurs, BFD can detect the failure before the system performs GR and as a result, GR will fail. Therefore, if GR capability is enabled for IPv6 BGP, use BFD with caution. For more information about BFD, see High Availability Configuration Guide. To enable BFD for a BGP peer: Step Command Remarks 1. Enter system view. system-view N/A 2. Enable BGP and enter BGP view. bgp as-number Not enabled by default. 3. Enter IPv6 address family view or IPv6 BGP-VPN instance view.
Task Command Remarks Display IPv6 BGP routing information with the specified community attribute. display bgp ipv6 routing-table community [ aa:nn<1-13> ] [ no-advertise | no-export | no-export-subconfed ]* [ whole-match ] [ | { begin | exclude | include } regular-expression ] Available in any view. Display IPv6 BGP routing information matching an IPv6 BGP community list.
Task Command Remarks Reset IPv6 BGP connections. reset bgp ipv6 { as-number | ipv4-address | ipv6-address | all | external | group group-name | internal } Available in user view. Clearing IPv6 BGP information Task Command Remarks Clear dampened IPv6 BGP routing information and release suppressed routes. reset bgp ipv6 dampening [ ipv6-address prefix-length ] Available in user view. Clear IPv6 BGP route flap information.
[RouterB] bgp 65009 [RouterB-bgp] router-id 2.2.2.2 [RouterB-bgp] ipv6-family [RouterB-bgp-af-ipv6] peer 9:1::2 as-number 65009 [RouterB-bgp-af-ipv6] peer 9:3::2 as-number 65009 [RouterB-bgp-af-ipv6] quit [RouterB-bgp] quit # Configure Router C. system-view [RouterC] ipv6 [RouterC] bgp 65009 [RouterC-bgp] router-id 3.3.3.
Local AS number : 65009 Total number of peers : 3 Peer Peers in established state : 3 AS MsgRcvd MsgSent OutQ PrefRcv Up/Down State 10::2 65008 3 3 0 0 00:01:16 Established 9:3::2 65009 2 3 0 0 00:00:40 Established 9:1::2 65009 2 4 0 0 00:00:19 Established # Display IPv6 peer information on Router C. [RouterC] display bgp ipv6 peer BGP local router ID : 3.3.3.
system-view [RouterA] ipv6 [RouterA] bgp 100 [RouterA-bgp] router-id 1.1.1.1 [RouterA-bgp] ipv6-family [RouterA-bgp-af-ipv6] peer 100::2 as-number 200 [RouterA-bgp-af-ipv6] network 1:: 64 # Configure Router B system-view [RouterB] ipv6 [RouterB] bgp 200 [RouterB-bgp] router-id 2.2.2.2 [RouterB-bgp] ipv6-family [RouterB-bgp-af-ipv6] peer 100::1 as-number 100 [RouterB-bgp-af-ipv6] peer 101::1 as-number 200 [RouterB-bgp-af-ipv6] peer 101::1 next-hop-local # Configure Router C.
• Between the PE routers is the IPv4/MPLS network of an ISP. The two PEs establish an IPv4 IBGP connection in between, and the IGP used is OSPF. • The CEs reside in IPv6 networks. A CE and a PE exchange IPv6 packets through a static route • Connect the two IPv6 networks through the IPv4/MPLS network with the 6PE feature. Figure 110 Network diagram Configuration procedure 1. Configure CE 1: # Enable IPv6 packet forwarding. system-view [CE1] ipv6 # Specify IP addresses for interfaces.
[PE1-Serial2/2/0] quit # Configure an IP address for Serial 2/2/1 and enable MPLS and LDP. [PE1] interface serial 2/2/1 [PE1-Serial2/2/1] ip address 1.1.1.1 16 [PE1-Serial2/2/1] mpls [PE1-Serial2/2/1] mpls ldp [PE1-Serial2/2/1] quit # Configure IP addresses for Loopback 0. [PE1] interface loopback 0 [PE1-LoopBack0] ip address 2.2.2.2 32 [PE1-LoopBack0] ipv6 address 2::2/128 [PE1-LoopBack0] quit # Configure IBGP, enable the peer's 6PE capabilities, and redistribute IPv6 direct and static routes.
[PE2-Serial2/2/1] quit [PE2] interface serial 2/2/0 [PE2-Serial2/2/0] ipv6 address auto link-local [PE2-Serial2/2/0] quit [PE2] interface loopback 0 [PE2-LoopBack0] ip address 3.3.3.3 32 [PE2-LoopBack0] ipv6 address 3::3/128 [PE2-LoopBack0] quit # Configure IBGP, enable the peer's 6PE capabilities, and redistribute IPv6 direct and static routes. [PE2] bgp 65100 [PE2-bgp] peer 2.2.2.2 as-number 65100 [PE2-bgp] peer 2.2.2.
-------------------------------------------------------------FEC : 1::1 In Label : 1024 Out Label : ----- In Interface : ----- OutInterface : ----- Vrf Name : FEC : 2::2 In Label : 1025 Out Label : ----- In Interface : ----- OutInterface : ----- Vrf Name : --------------------------------------------------------------LSP Information: LDP LSP --------------------------------------------------------------FEC In/Out Label In/Out IF 3.3.3.3/32 NULL/3 -/S2/1 2.2.2.
Path/Ogn: ? After the above configuration, you can ping through the IPv6 address 4::4 of CE 2 from CE 1. IPv6 BGP IPsec policy configuration Network requirements • In Figure 111, configure IPv6 BGP on the routers. Routers A and B establish an IBGP relationship. Routers B and C establish an EBGP relationship. • Configure IPsec policies on the routers to authenticate and encrypt protocol packets. Figure 111 Network diagram Configuration procedure 1. Configure IPv6 addresses for interfaces.
[RouterC-bgp] ipv6-family [RouterC-bgp-af-ipv6] group ebgp external [RouterC-bgp-af-ipv6] peer 3::1 as-number 65008 [RouterC-bgp-af-ipv6] peer 3::1 group ebgp [RouterC-bgp-af-ipv6] quit [RouterC-bgp] quit # Configure Router B. [RouterB-bgp] ipv6-family [RouterB-bgp-af-ipv6] group ebgp external [RouterB-bgp-af-ipv6] peer 3::2 as-number 65009 [RouterB-bgp-af-ipv6] peer 3::2 group ebgp [RouterB-bgp-af-ipv6] quit [RouterB-bgp] quit 4.
[RouterB-ipsec-policy-manual-policy001-10] proposal tran1 [RouterB-ipsec-policy-manual-policy001-10] sa spi outbound esp 12345 [RouterB-ipsec-policy-manual-policy001-10] sa spi inbound esp 12345 [RouterB-ipsec-policy-manual-policy001-10] sa string-key outbound esp abcdefg [RouterB-ipsec-policy-manual-policy001-10] sa string-key inbound esp abcdefg [RouterB-ipsec-policy-manual-policy001-10] quit [RouterB] ipsec proposal tran2 [RouterB-ipsec-proposal-tran2] encapsulation-mode transport [RouterB-ipsec-proposal
[RouterB-bgp-af-ipv6] quit [RouterB-bgp] quit 6. Apply IPsec policies to EBGP peers: # Configure Router C. [RouterC] bgp 65009 [RouterC-bgp] ipv6-family [RouterC-bgp-af-ipv6] peer ebgp ipsec-policy policy002 [RouterC-bgp-af-ipv6] quit [RouterC-bgp] quit # Configure Router B. [RouterB] bgp 65008 [RouterB-bgp] ipv6-family [RouterB-bgp-af-ipv6] peer ebgp ipsec-policy policy002 [RouterB-bgp-af-ipv6] quit [RouterB-bgp] quit 7. Verify the configuration: # Display detailed IPv6 BGP peer information.
Type: EBGP link BGP version 4, remote router ID 3.3.3.
Figure 112 Network diagram Router B GE2/1/2 3001::2/64 GE2/1/1 3002::1/64 GE2/1/2 3001::1/64 AS 100 GE2/1/1 3002::2/64 AS 200 1200::0/64 Router A GE2/1/1 AS 300 Router C GE2/1/2 2002::2/64 2001::1/64 GE2/1/1 2001::2/64 GE2/1/2 2002::1/64 Router D Configuration procedure 1. Configure IP addresses for interfaces. (Details not shown.) 2. Configure OSPFv3 to make sure that Router A and Router C are reachable to each other. (Details not shown.) 3.
[RouterA] bgp 200 [RouterA-bgp] ipv6-family [RouterA-bgp-af-ipv6] peer 3002::2 route-policy apply_med_50 export [RouterA-bgp-af-ipv6] peer 2002::2 route-policy apply_med_100 export # Configure BFD over the link to peer 3002::2 so that when the link Router A<—>Router B<—>Router C fails, BFD can quickly detect the failure and notify it to IPv6 BGP, and then the link Router A<—>Router D<—>Router C takes effect immediately.
6. Verify the configuration: The following operations are made on Router C. Operations on Router A and Router B are similar. # Display detailed BFD session information.
Age : 4538sec Destination : 1200:: PrefixLength : 64 NextHop : 2001::1 Preference : 255 RelayNextHop : 2002::1 Tag : 0H Neighbor : 2001::1 ProcessID : 0 Interface : GigabitEthernet2/1/2 Protocol : BGP4+ State : Invalid Adv Cost : 100 Tunnel ID : 0x0 Label : NULL Age : 4515sec The output shows that Router C has two routes to reach network 1200::0/64: Router C<—>Router B<—>Router A, which is the currently active route, and Router C<—>Router D<—>Router A, which is the backup route
Configuring IPv6 policy-based routing Introduction to IPv6 policy-based routing What is policy-based routing Different from destination-based routing, policy-based routing (PBR) uses user-defined policies to route packets based on the source address, packet length, and other criteria. A policy can specify the output interface, next hop, default output interface, default next hop, and other parameters for packets that match specific criteria such as ACLs or have specific lengths.
Table 10 Priorities and meanings of the apply clauses Clause Meaning Priority apply ipv6-precedence Sets an IP precedence. If configured, this clause will always be executed. apply output-interface and apply ipv6-address next-hop Sets the output interface and sets the next hop. The apply output-interface clause takes precedence over the apply ipv6-address next-hop clause. Only the apply output-interface clause is executed when both are configured.
IPv6 PBR configuration task list Task Remarks Creating an IPv6 node Configuring an IPv6 policy Configuring match criteria for an IPv6 node Required. Defining the actions for an IPv6 node Configuring IPv6 PBR Configuring IPv6 local PBR Required. Configuring IPv6 interface PBR Perform one of the tasks. Configuring an IPv6 policy Creating an IPv6 node Step Command 1. Enter system view. system-view 2. Create an IPv6 policy or policy node and enter IPv6 policy node view.
Step Command Remarks 1. Enter system view. system-view N/A 2. Enter IPv6 policy node view. ipv6 policy-based-route policy-name [ deny | permit ] node node-number Not created by default. 3. Set a preference type or value for permitted IPv6 packets. apply ipv6-precedence { type | value } Optional. 4. Set an output interface for permitted IPv6 packets. apply output-interface interface-type interface-number 5. Set a next hop for permitted IPv6 packets.
Step Command Remarks 1. Enter system view. system-view N/A 2. Apply an IPv6 policy locally. ipv6 local policy-based-route policy-name Not applied by default. Configuring IPv6 interface PBR Configure PBR by applying an IPv6 policy on an interface. IPv6 PBR uses the policy to guide the forwarding of packets received on the interface. You can apply only one policy on an interface. If you perform the ipv6 policy-based-route command multiple times, only the last specified policy takes effect.
IPv6 PBR configuration examples Configuring IPv6 local PBR based on packet type Network requirements As shown in Figure 113, configure IPv6 local PBR on Router A to forward all locally generated TCP packets through Serial 2/2/0. Router A forwards other IPv6 packets according to the routing table. Figure 113 Network diagram Configuration procedure 1. Configure Router A: # Configure ACL 3001 to match TCP packets.
system-view [RouterC] ipv6 [RouterC] interface serial 2/2/1 [RouterC-Serial2/2/1] ipv6 address 2::2 64 4. Verify the configuration: # Telnet to Router B (1::2/64) from Router A. The operation succeeds. # Telnet to Router C (2::2/64) from Router A. The operation fails. # Ping Router C (2::2/64) from Router A. The operation succeeds. Telnet uses TCP, and ping uses ICMP.
[RouterA] interface serial 2/2/0 [RouterA-Serial2/2/0] ipv6 address 1::1 64 [RouterA-Serial2/2/0] ripng 1 enable [RouterA-Serial2/2/0] quit [RouterA] interface serial 2/2/1 [RouterA-Serial2/2/1] ipv6 address 2::1 64 [RouterA-Serial2/2/1] ripng 1 enable [RouterA-Serial2/2/1] quit # Configure ACL 3001 to match TCP packets. [RouterA] acl ipv6 number 3001 [RouterA-acl6-adv-3001] rule permit tcp [RouterA-acl6-adv-3001] quit # Configure Node 5 for policy aaa to forward TCP packets through Serial 2/2/0.
On Host A, Telnet to Router B that is directly connected to Router A. The operation succeeds. On Host A, Telnet to Router C that is directly connected to Router A. The operation fails. Ping Router C from Host A. The operation succeeds. Telnet uses TCP, and ping uses ICMP. The preceding results show that all TCP packets received on GigabitEthernet 2/1/1 of Router A are forwarded through Serial 2/2/0, and other packets are forwarded through Serial 2/2/1. The IPv6 interface PBR configuration is effective.
[RouterA-pbr6-lab1-10] if-match packet-length 64 100 [RouterA-pbr6-lab1-10] apply ipv6-address next-hop 150::2 [RouterA-pbr6-lab1-10] quit [RouterA] ipv6 policy-based-route lab1 permit node 20 [RouterA-pbr6-lab1-20] if-match packet-length 101 1000 [RouterA-pbr6-lab1-20] apply ipv6-address next-hop 151::2 [RouterA-pbr6-lab1-20] quit # Configure IPv6 interface PBR by applying policy lab1 to GigabitEthernet 2/1/1.
Reply from 10::1: time=5ms Reply from 10::1: time=3ms Reply from 10::1: time=1ms Reply from 10::1: time=1ms Ping statistics for 10::1: Packets: Sent = 4, Received = 4, Lost = 0 (0% loss), Approximate round trip times in milli-seconds: Minimum = 1ms, Maximum = 5ms, Average = 2ms The debugging information about PBR displayed on Router A is as follows: *Jun 7 16:03:28:946 2009 RouterA PBR6/7/IPv6-POLICY-ROUTING: IPv6 Policy routin g success : POLICY_ROUTEMAP_IPV6 : lab1, Node : 10, Packet sent wi
g success : POLICY_ROUTEMAP_IPV6 : lab1, Node : 20, Packet sent with next-hop 0151::0002 *Jun 7 16:06:58:621 2009 RouterA PBR6/7/IPv6-POLICY-ROUTING: IPv6 Policy routin g success : POLICY_ROUTEMAP_IPV6 : lab1, Node : 20, Packet sent with next-hop 0151::0002 The preceding information indicates that Router A sets the next hop for the received packets to 151::2 according to PBR. The packets are forwarded through Serial 2/2/1.
Configuring routing policies Routing policies control routing paths by filtering and modifying routing information. This chapter describes both IPv4 and IPv6 routing policies. Overview Routing policies can filter advertised, received, and redistributed routes, and modify attributes for specific routes. To configure a routing policy: 1. Configure filters based on route attributes, such as destination address and the advertising router's address. 2.
Extended community list An extended community list matches the extended community attribute (Route-Target for VPN and Source of Origin) of BGP routing information. For more information about extended community list, see MPLS Configuration Guide. Routing policy A routing policy can comprise multiple nodes, which are in a logical OR relationship. A node with a smaller number is matched first. A route that matches one node matches the routing policy.
For example, the following configuration filters routes 10.1.0.0/16, 10.2.0.0/16, and 10.3.0.0/16, but allows other routes to pass. system-view [Sysname] ip ip-prefix abc index 10 deny 10.1.0.0 16 [Sysname] ip ip-prefix abc index 20 deny 10.2.0.0 16 [Sysname] ip ip-prefix abc index 30 deny 10.3.0.0 16 [Sysname] ip ip-prefix abc index 40 permit 0.0.0.0 0 less-equal 32 Configuring an IPv6 prefix list Step Command Remarks 1. Enter system view. system-view N/A 2.
Step Enter system view. 1. Command Remarks system-view N/A • Configure a basic community list: Configure a community list. 2. ip community-list basic-comm-list-num { deny | permit } [ community-number-list ] [ internet | no-advertise | no-export | no-export-subconfed ] * • Configure an advanced community list: Use either method. Not configured by default.
Step Command Remarks 1. Enter system view. system-view N/A 2. Create a routing policy and a node and enter routing policy view. route-policy route-policy-name { deny | permit } node node-number By default, no routing policy is created. Configuring if-match clauses Follow these guidelines when you configure if-match clauses: • The if-match clauses of a routing policy node have a logical AND relationship.
Step 5. 6. Command Remarks Optional. Match BGP routing information whose AS path attribute is specified in the AS path lists. if-match as-path AS-PATH-number&<1-16> Match BGP routing information whose community attribute is specified in the community lists. if-match community { basic-community-list-number [ whole-match ] | adv-community-list-number }&<1-16> Not configured by default. Not configured by default. Optional. 7. Match routes having the specified cost. if-match cost value 8.
Step 3. 4. 5. 6. 7. 8. Command Remarks Set the AS-PATH attribute for BGP routes. apply comm-list comm-list-number delete Optional. Delete the community attribute of BGP routing information using the community list. apply comm-list { comm-list-number | comm-list-name } delete Optional. Set the community attribute for BGP routes.
Step Command 18. Set a tag value for RIP, OSPF or IS-IS route. apply tag value 19. Configure FRR. apply fast-reroute backup-interface interface-type interface-number [ backup-nexthop ip-address ] Remarks Optional. Not set by default. Optional. Not configured by default.
Task Command Display IPv6 prefix list statistics. display ip ipv6-prefix [ ipv6-prefix-name ] [ | { begin | exclude | include } regular-expression ] Display routing policy information. display route-policy [ route-policy-name ] [ | { begin | exclude | include } regular-expression ] Clear IPv4 prefix list statistics. reset ip ip-prefix [ ip-prefix-name ] Clear IPv6 prefix list statistics. reset ip ipv6-prefix [ ipv6-prefix-name ] Remarks Available in user view.
[RouterC-GigabitEthernet2/1/1] isis enable [RouterC-GigabitEthernet2/1/1] quit [RouterC] interface gigabitethernet 2/1/2 [RouterC-GigabitEthernet2/1/2] isis enable [RouterC-GigabitEthernet2/1/2] quit [RouterC] interface gigabitethernet 2/1/3 [RouterC-GigabitEthernet2/1/3] isis enable [RouterC-GigabitEthernet2/1/3] quit # Configure Router B. [RouterB] isis [RouterB-isis-1] is-level level-2 [RouterB-isis-1] network-entity 10.0000.0000.0002.
Total Nets: 5 Intra Area: 1 4. Inter Area: 0 ASE: 4 NSSA: 0 Configure filtering lists on Router B: # Configure ACL 2002 to allow route 172.17.2.0/24 to pass. [RouterB] acl number 2002 [RouterB-acl-basic-2002] rule permit source 172.17.2.0 0.0.0.255 [RouterB-acl-basic-2002] quit # Configure IP prefix list prefix-a to allow route 172.17.1.0/24 to pass. [RouterB] ip ip-prefix prefix-a index 10 permit 172.17.1.0 24 5.
Applying a routing policy to IPv6 route redistribution Network requirements • In Figure 117, enable RIPng on Router A and Router B. • Configure three static routes on Router A • On Router A, enable static route redistribution into RIPng and apply a routing policy to permit routes 20::/32 and 40::/32 and deny route 30::/32. Figure 117 Network diagram Configuration procedure 1. Configure Router A: # Configure IPv6 addresses for interfaces GigabitEthernet 2/1/1 and GigabitEthernet 2/1/2.
2. Configure Router B: # Configure the IPv6 address of GigabitEthernet 2/1/1 system-view [RouterB] ipv6 [RouterB] interface gigabitethernet 2/1/1 [RouterB-GigabitEthernet2/1/1] ipv6 address 10::2 32 # Enable RIPng on the interface. [RouterB-GigabitEthernet2/1/1] ripng 1 enable [RouterB-GigabitEthernet2/1/1] quit # Enable RIPng. [RouterB] ripng # Display RIPng routing table information.
Configuration procedure 1. Configure IP addresses for interfaces. (Details not shown.) 2. Configure BGP: # Configure Router A. system-view [RouterA] bgp 100 [RouterA-bgp] router-id 1.1.1.1 [RouterA-bgp] peer 1.1.1.2 as-number 300 # Configure Router B. system-view [RouterB] bgp 200 [RouterB-bgp] router-id 2.2.2.2 [RouterB-bgp] peer 1.1.2.2 as-number 300 # Configure Router C. system-view [RouterC] bgp 300 [RouterC-bgp] router-id 3.3.3.3 [RouterC-bgp] peer 1.1.1.
*> 5.5.5.0/24 1.1.3.1 0 300 100i *> 6.6.6.0/24 1.1.3.1 0 300 100i *> 7.7.7.0/24 1.1.3.1 0 300 200i *> 8.8.8.0/24 1.1.3.1 0 300 200i *> 9.9.9.0/24 1.1.3.1 0 300 200i The output shows that Router D has learned routes 4.4.4.0/24, 5.5.5.0/24, and 6.6.6.0/24 from AS 100 and 7.7.7.0/24, 8.8.8.0/24, and 9.9.9.0/24 from AS 200. 3. Configure Router D to reject the routes from AS 200: # Configure AS path list 1. [RouterD] ip as-path 1 permit .*200.
Analysis At least one item of the IP prefix list must be configured as permit mode, and at least one node in the routing policy must be configured as permit mode. Solution 1. Use the display ip ip-prefix command to display IP prefix list information. 2. Use the display route-policy command to display routing policy information. IPv6 routing information filtering failure Symptom The routing protocol is running correctly, but filtering routing information failed.
Configuring QoS policy routing Overview QoS policy routing is a technique used to make routing decisions based on user-defined QoS policies. Different from destination-based routing, QoS policy routing makes routing decisions based on the source address and other criteria. For more information about QoS policies, see ACL and QoS Configuration Guide. QoS policy routing takes precedence over destination-based routing. If a packet meets the match criteria, QoS policy routing applies.
Feature 6602 HSR6602 6604/6608/6616 Applying a QoS policy No No Yes with SAP modules on routers installed with the RPE-X1 or RSE-X1 MPU You can apply a QoS policy globally, to interfaces, or to VLANs. The QoS policy used for configuring policy routing can be applied in only the inbound direction. • Applied to an interface, the QoS policy takes effect on the traffic received on the interface. • Applied to a VLAN, the QoS policy takes effect on the traffic received on all ports in the VLAN.
Figure 119 Network diagram Configuration procedure # Configure ACL 2000. system-view [RouterA] acl number 2000 [RouterA-acl-basic-2000] rule 0 permit source any [RouterA-acl-basic-2000] quit # Define a match criterion for the class a to match ACL 2000. [RouterA] traffic classifier a [RouterA-classifier-a] if-match acl 2000 [RouterA-classifier-a] quit # Configure the action of redirecting traffic to GigabitEthernet 2/0/3 for the behavior a.
Figure 120 Network diagram GE2/0/2 201::2 IP network GE2/0/1 200::1 GE2/0/2 201::1 Router B Router A GE2/0/3 202::1 GE2/0/3 202::2 Router C Configuration procedure # Configure IPv6 ACL 2000. system-view [RouterA] acl ipv6 number 2000 [RouterA-acl6-basic-2000] rule 0 permit source any [RouterA-acl6-basic-2000] quit # Define a match criterion for the class a to match IPv6 ACL 2000.
Configuring MTR MTR overview Multi-Topology Routing (MTR) splits a base topology into multiple topologies, which might intersect or overlap with one another. Route calculation is performed on a per-topology basis. For example, IS-IS MTR splits an IS-IS routing domain into multiple independent IP topologies, such as an IPv4 topology and an IPv6 topology. It enables IS-IS to perform separate route calculation in the IPv4 and IPv6 topologies.
Configuring MTR Step Command Remarks 1. Enter system view. system-view N/A 2. Enter IPv4 address family view. address-family ipv4 N/A 3. Create a topology and enter topology view. multiple-topology topology-name Not created by default. 4. Specify an ACL for the topology. acl acl-number N/A 5. Configure the maximum number of routes supported by the topology. routing-table limit number { warn-threshold | simply-alert } Optional. 6. Return to system view. quit N/A 7.
Support and other resources Contacting HP For worldwide technical support information, see the HP support website: http://www.hp.
Conventions This section describes the conventions used in this documentation set. Command conventions Convention Description Boldface Bold text represents commands and keywords that you enter literally as shown. Italic Italic text represents arguments that you replace with actual values. [] Square brackets enclose syntax choices (keywords or arguments) that are optional. { x | y | ... } Braces enclose a set of required syntax choices separated by vertical bars, from which you select one.
Network topology icons Represents a generic network device, such as a router, switch, or firewall. Represents a routing-capable device, such as a router or Layer 3 switch. Represents a generic switch, such as a Layer 2 or Layer 3 switch, or a router that supports Layer 2 forwarding and other Layer 2 features. Represents an access controller, a unified wired-WLAN module, or the switching engine on a unified wired-WLAN switch. Represents an access point.
Index ABCDEILMOPQRST Configuring IS-IS GR,158 A Configuring IS-IS MTR,161 Applying IPsec policies for OSPFv3,327 Configuring IS-IS NSR,158 Applying IPsec policies for RIPng,304 Configuring IS-IS routing information control,142 B Configuring MTR,439 BGP configuration examples,245 Configuring OSPF areas,67 BGP configuration task list,204 Configuring OSPF FRR,87 Binding an IS-IS process with MIBs,160 Configuring OSPF GR,88 C Configuring OSPF network types,70 Configuring OSPF NSR,90 Configuring
Displaying and maintaining OSPF,92 Overview,58 Displaying and maintaining OSPFv3,329 Overview,126 Displaying and maintaining PBR,281 Overview,349 Displaying and maintaining RIP,37 Overview,21 Displaying and maintaining RIPng,304 Overview,434 Displaying and maintaining static routes,10 Overview,418 Displaying and maintaining the routing policy,425 Overview,194 Dynamic routing protocols,2 P E PBR configuration examples,282 Enabling IS-IS SNMP trap,160 PBR configuration task list,278 Enabli
