HP HSR6800 Routers Layer 3 - IP Routing Configuration Guide Part number: 5998-4492 Software version: HSR6800-CMW520-R3303P05 Document version: 6PW105-20140507
Legal and notice information © Copyright 2014 Hewlett-Packard Development Company, L.P. No part of this documentation may be reproduced or transmitted in any form or by any means without prior written consent of Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
Contents IP routing basics ··························································································································································· 1 Routing table ······································································································································································ 1 Dynamic routing protocols ······················································································································
Tuning and optimizing RIP networks ···························································································································· 30 Configuration prerequisites ·································································································································· 30 Configuring RIP timers··········································································································································· 30 Configuring split hori
Configuring the P2MP network type for an interface ························································································ 71 Configuring the P2P network type for an interface ··························································································· 72 Configuring OSPF route control ··································································································································· 72 Configuration prerequisites ······························
Configuring BFD for OSPF ································································································································· 119 Troubleshooting OSPF configuration ························································································································· 123 No OSPF neighbor relationship established ···································································································· 123 Incorrect routing information ···············
Configuring BFD for IS-IS············································································································································· 160 Configuring IS-IS MTR ·················································································································································· 160 Displaying and maintaining IS-IS ······························································································································· 162 IS-
Enabling quick reestablishment of direct EBGP session ·················································································· 231 Enabling MD5 authentication for BGP peers ··································································································· 231 Configuring BGP load balancing ······················································································································ 232 Forbidding session establishment with a peer or peer group ············
Configuring interface PBR on a VLAN interface ······························································································ 289 Configuring IPv6 static routing ······························································································································· 291 Overview······································································································································································· 291 Configuring IPv6 stati
Configuring an OSPFv3 virtual link ··················································································································· 318 Configuring OSPFv3 network types ··························································································································· 319 Configuration prerequisites ································································································································ 319 Configuring the OSPFv3 network type
Configuration prerequisites ································································································································ 365 Specifying an IPv6 BGP peer ····························································································································· 366 Injecting a local IPv6 route ································································································································· 366 Configuring a preferred value
Configuring IPv6 policy-based routing ·················································································································· 406 Introduction to IPv6 policy-based routing ·················································································································· 406 What is policy-based routing ····························································································································· 406 Policy ····························
Displaying and maintaining MTR ······························································································································· 439 Support and other resources ·································································································································· 440 Contacting HP ······························································································································································ 440 Subscrip
IP routing basics IP routing directs the forwarding of IP packets on routers based on a routing table. This book focuses on unicast routing protocols. For more information about multicast routing protocols, see IP Multicast Configuration Guide. Routing table A router maintains at least two routing tables: one global routing table and one forwarding information base (FIB). The FIB table contains only the optimal routes, and the global routing table contains all routes.
• Destination—IP address of the destination host or network. • Mask—Mask length of the IP address. • Pre—Preference of the route. Among routes to the same destination, the one with the highest preference is optimal. • Cost—When multiple routes to a destination have the same preference, the one with the smallest cost becomes the optimal route. • NextHop—Next hop. • Interface—Output interface.
Table 3 Route types and their default route preferences Routing type Preference Direct route 0 OSPF 10 IS-IS 15 Static route 60 RIP 100 OSPF ASE 150 OSPF NSSA 150 IBGP 255 EBGP 255 Unknown (route from an untrusted source) 256 Load sharing A routing protocol might find multiple optimal equal-cost routes to the same destination. You can use these routes to implement equal-cost multi-path (ECMP) load sharing.
Displaying and maintaining a routing table Task Command Remarks Display the routing table. display ip routing-table [ multiple-topology topology-name | vpn-instance vpn-instance-name ] [ verbose ] [ | { begin | exclude | include } regular-expression ] Available in any view. Display routes matching an IPv4 basic ACL.
Task Command Display IPv6 routing table information. display ipv6 routing-table [ vpn-instance vpn-instance-name ] [ verbose ] [ | { begin | exclude | include } regular-expression ] Display routes matching an IPv6 ACL. display ipv6 routing-table [ vpn-instance vpn-instance-name ] acl acl6-number [ verbose ] [ | { begin | exclude | include } regular-expression ] Available in any view. Display routing information for a specified destination IPv6 address.
Configuring static routing Static routes are manually configured. If a network's topology is simple, you only need to configure static routes for the network to work correctly. Static routes cannot adapt to network topology changes. If a fault or a topological change occurs in the network, the network administrator must modify the static routes manually. Configuring a static route Before you configure a static route, complete the following tasks: • Configure physical parameters for related interfaces.
Step Command Remarks • Method 1: ip route-static dest-address { mask | mask-length } { next-hop-address [ track track-entry-number ] | interface-type interface-number [ next-hop-address ] | vpn-instance d-vpn-instance-name next-hop-address [ track track-entry-number ] } [ preference preference-value ] [ tag tag-value ] [ permanent ] [ description description-text ] • Method 2: 2. Configure a static route.
Step 1. Enter system view. Command Remarks system-view N/A • Method 1: 2. Configure a static route and enable BFD control packet mode for it.
Step Command Remarks • Method 1: 3. Enable BFD echo packet mode for static routes. ip route-static dest-address { mask | mask-length } interface-type interface-number next-hop-address bfd echo-packet [ preference preference-value ] [ tag tag-value ] [ description description-text ] Use either method.
Configuration procedure To configure static route FRR: Step 1. Enter system view. Command Remarks system-view N/A Not configured by default. 2. Configure the source address of BFD echo packets. bfd echo-source-ip ip-address 3. Configure static route FRR. ip route-static [ vpn-instance vpn-instance-name ] fast-reroute route-policy route-policy-name For more information about this command, see High Availability Command Reference. Not configured by default.
Figure 2 Network diagram Host B 1.1.6.2/24 GE2/1/3 1.1.6.1/24 GE2/1/1 1.1.4.2/30 GE2/1/2 1.1.5.5/30 Router B GE2/1/2 1.1.5.6/30 GE2/1/2 1.1.4.1/30 GE2/1/1 1.1.2.3/24 Router C Router A Host A 1.1.2.2/24 GE2/1/1 1.1.3.1/24 Host C 1.1.3.2/24 Configuration procedure 1. Configure IP addresses for interfaces. (Details not shown.) 2. Configure static routes: # Configure a default route on Router A. system-view [RouterA] ip route-static 0.0.0.0 0.0.0.0 1.1.4.
# Display the IP routing table of Router B. [RouterB] display ip routing-table Routing Tables: Public Destinations : 10 Destination/Mask Proto 1.1.2.0/24 Routes : 10 Pre Cost NextHop Interface Static 60 0 1.1.4.1 GE2/1/1 1.1.3.0/24 Static 60 0 1.1.5.6 GE2/1/2 1.1.4.0/30 Direct 0 0 1.1.4.2 GE2/1/1 1.1.4.2/32 Direct 0 0 127.0.0.1 InLoop0 1.1.5.0/30 Direct 0 0 1.1.5.5 GE2/1/2 1.1.5.5/32 Direct 0 0 127.0.0.1 InLoop0 127.0.0.0/8 Direct 0 0 127.0.0.1 InLoop0 127.0.0.
BFD for static routes configuration example (direct next hop) Network requirements In Figure 3, configure a static route to subnet 120.1.1.0/24 on Router A, configure a static route to subnet 121.1.1.0/24 on Router B, and enable BFD for both routes. Configure a static route to subnet 120.1.1.0/24 and a static route to subnet 121.1.1.0/24 on Router C.
[RouterB-GigabitEthernet2/1/1] bfd detect-multiplier 9 [RouterB-GigabitEthernet2/1/1] quit [RouterB] ip route-static 121.1.1.0 24 GigabitEthernet 2/1/1 12.1.1.1 bfd control-packet [RouterB] ip route-static 121.1.1.0 24 GigabitEthernet 2/1/2 13.1.1.2 preference 65 [RouterB] quit # Configure static routes on Router C. system-view [RouterC] ip route-static 120.1.1.0 24 GigabitEthernet 2/1/2 13.1.1.1 [RouterC] ip route-static 121.1.1.0 24 GigabitEthernet 2/1/1 10.1.1.102 3.
*Jul 27 10:18:19:172 2007 RouterA BFD/7/EVENT:Receive Delete-sess, [Src:12.1.1.1,Dst:12.1.1.2,GigabitEthernet2/1/1,Ctrl], Direct, Instance:0x0, Proto:STATIC #*Jul 27 10:18:19:172 2007 RouterA BFD/7/EVENT:Notify driver to stop receiving bf # Display the static route information again. Router A communicates with Router B over the static route passing Router C now.
Router C GE2/1/1 10.1.1.100/24 GE2/1/2 13.1.1.2/24 Router D GE2/1/1 12.1.1.2/24 GE2/1/2 11.1.1.1/24 Configuration procedure 1. Configure IP addresses for the interfaces. (Details not shown.) 2. Configure static routes and BFD: # Configure static routes on Router A and enable BFD control packet mode for the static route through Router D.
LD/RD SourceAddr DestAddr State Holdtime Interface 4/7 1.1.1.9 2.2.2.9 Up 2000ms Loop1 # Display the static route information on Router A. display ip routing-table protocol static Public Routing Table : Static Summary Count : 2 Static Routing table Status : Summary Count : 1 Destination/Mask Proto Pre 120.1.1.0/24 Static 60 Cost NextHop Interface 0 2.2.2.9 GE2/1/1 Cost NextHop Interface 0 10.1.1.
Static route FRR configuration example Network requirements As shown in Figure 5, configure static routes on Router S, Router A, and Router D, and configure static route FRR so that when Link A fails, traffic can be switched to Link B immediately. Figure 5 Network diagram Router A /1 /24 2/1 2.1 GE .12.1 12 Loop 0 1.1.1.1/32 Router S /1 2/1 4 GE .2/2 .12 .12 12 GE 24 2/1/ .24 2 .24 .2/ 24 Link B Link A GE2/1/2 13.13.13.1/24 24 .24 GE2 .24 /1/1 .4/ 24 GE2/1/2 13.13.13.2/24 Router D Loop 0 4.4.4.
[RouterD-route-policy] apply fast-reroute backup-interface GigabitEthernet 2/1/1 backup-nexthop 24.24.24.2 [RouterD-route-policy] quit [RouterD] ip route-static fast-reroute route-policy frr 4. Verify the configuration: # Display route 4.4.4.4/32 on Router S to view the backup next hop information. [RouterS] display ip routing-table 4.4.4.4 verbose Routing Table : Public Summary Count : 1 Destination: 4.4.4.4/32 Protocol: Static Process ID: 0 Preference: 60 IpPrecedence: Cost: 0 QosLcId: NextHop: 13.
Configuring a default route A default route is used to forward packets that match no entry in the routing table. Without a default route, a packet that does not match any routing entries is discarded. A default route can be configured in either of the following ways: • The network administrator can configure a default route with both destination and mask being 0.0.0.0.
Configuring RIP Routing Information Protocol (RIP) is a distance-vector simple interior gateway protocol suited to small-sized networks. It employs UDP to exchange route information through port 520. Overview RIP uses a hop count to measure the distance to a destination. The hop count from a router to a directly connected network is 0. The hop count from a router to a directly connected router is 1. To limit convergence time, RIP restricts the metric range from 0 to 15.
• Counting to infinity—A destination with a metric value of 16 is considered unreachable. When a routing loop occurs, the metric value of a route will increment to 16 to avoid endless loopings. • Split horizon—Disables RIP from sending routing information on the interface from which the information was learned to prevent routing loops and save bandwidth.
RIP can serve as the IGP running between CE and PE on a BGP/MPLS VPN network. For related information, see MPLS Configuration Guide. • RIP FRR • BFD RIP periodically sends route update requests to neighbors. If no route update response for a route is received within the specified interval, RIP considers the route unreachable. This mechanism cannot detect link faults quickly.
Task Remarks Configuring the RIP packet sending rate Optional. Configuring RIP FRR Configuring BFD for RIP Optional. Enabling single-hop echo detection (for a directly connected RIP neighbor) Optional. Configuring single-hop echo detection (for a specific destination) Optional. Enabling bidirectional control detection Optional. Configuring basic RIP Before you configure basic RIP settings, complete the following tasks: • Configure the link layer protocol.
Step Command Remarks N/A 5. Enter interface view. interface interface-type interface-number 6. Enable the interface to receive RIP messages. rip input Enable the interface to send RIP messages. rip output 7. Optional. Enabled by default. Optional. Enabled by default. Configuring a RIP version A RIPv1-enabled interface sends RIPv1 broadcasts, and can receive RIPv1 broadcasts and unicasts.
Step Command Remarks Optional. Specify a RIP version for the interface. 6. rip version { 1 | 2 [ broadcast | multicast ] } By default, if an interface has no RIP version specified, the global version takes effect. If no global RIP version is specified, the interface can send RIPv1 broadcasts, and receive RIPv1 broadcasts and unicasts, and RIPv2 broadcasts, multicasts, and unicasts.
Enabling RIPv2 automatic route summarization Automatic summarization enables RIPv2 to generate a natural network for contiguous subnets. For example, suppose there are three subnet routes 10.1.1.0/24, 10.1.2.0/24, and 10.1.3.0/24. Automatic summarization automatically creates and advertises a summary route 10.0.0.0/8 instead of the more specific routes. To enable RIPv2 automatic route summarization: Step Command Remarks 1. Enter system view. system-view N/A 2. Enter RIP view.
Step Command Remarks 1. Enter system view. system-view N/A 2. Enter RIP view. rip [ process-id ] [ vpn-instance vpn-instance-name ] N/A 3. Disable RIP from receiving host routes. undo host-route By default, RIP receives host routes. Advertising a default route You can advertise a default route on all RIP interfaces in RIP view or a specific RIP interface in interface view. The interface view setting takes precedence over the RIP view settings.
Step Command Remarks 1. Enter system view. system-view N/A 2. Enter RIP view. rip [ process-id ] [ vpn-instance vpn-instance-name ] N/A Configure the filtering of received routes. filter-policy { acl-number | gateway ip-prefix-name | ip-prefix ip-prefix-name [ gateway ip-prefix-name ] } import [ interface-type interface-number ] 3. 4. Configure the filtering of redistributed routes.
Step 3. 4. Command Configure a default metric for redistributed routes. default cost value Redistribute routes from other routing protocols. import-route protocol [ process-id | all-processes | allow-ibgp ] [ cost cost | route-policy route-policy-name | tag tag ] * Remarks Optional. The default setting is 0. By default, route redistribution is disabled.
On NBMA networks such as FR and X.25 where multiple VCs are configured on the primary and secondary interfaces, disable split horizon to ensure correct route advertisement. For more information, see Layer 2—WAN Configuration Guide. Disabling split horizon on point-to-point links does not take effect. To enable split horizon: Step Command Remarks 1. Enter system view. system-view N/A 2. Enter interface view. interface interface-type interface-number N/A 3. Enable split horizon.
value, RIPv1 does not process the message. If you are certain that all messages are trustworthy, disable zero field check to save CPU resources. This feature does not apply to RIPv2 packets, because they have no zero fields. To enable zero field check on incoming RIPv1 messages: Step Command Remarks 1. Enter system view. system-view N/A 2. Enter RIP view. rip [ process-id ] [ vpn-instance vpn-instance-name ] N/A 3. Enable zero field check on incoming RIPv1 messages. checkzero Optional.
Step Command 1. Enter system view. system-view 2. Enter interface view. interface interface-type interface-number 3. Configure RIPv2 authentication. rip authentication-mode { md5 { rfc2082 [ cipher ] key-string key-id | rfc2453 [ cipher ] key-string } | simple [ cipher ] password } Specifying a RIP neighbor Usually, RIP sends messages to broadcast or multicast addresses. On non-broadcast or multicast links, you must manually specify RIP neighbors.
Configuring the RIP packet sending rate Perform this task to specify the interval for sending RIP packets and the maximum number of RIP packets that can be sent at each interval. This feature can avoid excessive RIP packets from affecting system performance and consuming too much bandwidth. To configure the RIP packet sending rate: Step Command Remarks 1. Enter system view. system-view N/A 2. Enter RIP view. rip [ process-id ] [ vpn-instance vpn-instance-name ] N/A 3.
Configuration procedure To configure RIP FRR: Step Command Remarks 1. Enter system view. system-view N/A 2. Configure the source address of echo packets. bfd echo-source-ip ip-address Not configured by default. 3. Enter RIP view. rip [ process-id ] [ vpn-instance vpn-instance-name ] N/A 4. Enable RIP FRR and reference a routing policy to designate a backup next hop. fast-reroute route-policy route-policy-name Disabled by default.
Configuring single-hop echo detection (for a specific destination) Configure this feature when the peer device does not support BFD. When a unidirectional link occurs between the local device and a specific neighbor, BFD can detect the failure and the local device does not receive or send any RIP packets through the interface connected to the neighbor to improve convergence speed. When the link recovers, the interface can send RIP packets again.
Displaying and maintaining RIP Task Command Remarks Display RIP current status and configuration information. display rip [ process-id | vpn-instance vpn-instance-name ] [ | { begin | exclude | include } regular-expression ] Available in any view. Display all active routes in RIP database. display rip process-id database [ | { begin | exclude | include } regular-expression ] Available in any view. Display RIP interface information.
[RouterA-rip-1] network 2.0.0.0 [RouterA-rip-1] network 3.0.0.0 [RouterA-rip-1] quit # Configure Router B. system-view [RouterB] rip [RouterB-rip-1] network 1.0.0.0 [RouterB-rip-1] network 10.0.0.0 [RouterB-rip-1] quit # Display the RIP routing table on Router A. [RouterA] display rip 1 route Route Flags: R - RIP, T - TRIP P - Permanent, A - Aging, S - Suppressed, G - Garbage-collect -------------------------------------------------------------------------Peer 1.1.1.
Configuring RIP route redistribution Network requirements As shown in Figure 8, Router B communicates with Router A through RIP 100 and with Router C through RIP 200. Configure RIP 200 to redistribute direct routes and routes from RIP 100 on Router B so Router C can learn routes destined for 10.2.1.0/24 and 11.1.1.0/24. Router A cannot learn routes destined for 12.3.1.0/24 and 16.4.1.0/24. Configure Router B to not advertise route 10.2.1.1/24 to Router C. Figure 8 Network diagram Configuration procedure 1.
[RouterC-rip-200] version 2 [RouterC-rip-200] undo summary [RouterC-rip-200] quit # Display the routing table on Router C. [RouterC] display ip routing-table Routing Tables: Public Destinations : 6 3. Routes : 6 Destination/Mask Proto Cost NextHop Interface 12.3.1.0/24 Direct 0 Pre 0 12.3.1.2 GE2/1/1 12.3.1.2/32 Direct 0 0 127.0.0.1 InLoop0 16.4.1.0/24 Direct 0 0 16.4.1.1 GE2/1/2 16.4.1.1/32 Direct 0 0 127.0.0.1 InLoop0 127.0.0.0/8 Direct 0 0 127.0.0.1 InLoop0 127.0.0.
11.1.1.0/24 RIP 1 12.3.1.1 GE2/1/1 12.3.1.0/24 Direct 0 100 0 12.3.1.2 GE2/1/1 12.3.1.2/32 Direct 0 0 127.0.0.1 InLoop0 16.4.1.0/24 Direct 0 0 16.4.1.1 GE2/1/2 16.4.1.1/32 Direct 0 0 127.0.0.1 InLoop0 127.0.0.0/8 Direct 0 0 127.0.0.1 InLoop0 127.0.0.1/32 Direct 0 0 127.0.0.1 InLoop0 Configuring an additional metric for a RIP interface Network requirements As shown in Figure 9, run RIPv2 on all the interfaces of Router A, Router B, Router C, Router D, and Router E.
[RouterC-rip-1] network 1.0.0.0 [RouterC-rip-1] version 2 [RouterC-rip-1] undo summary # Configure Router D. system-view [RouterD] rip [RouterD-rip-1] network 1.0.0.0 [RouterD-rip-1] version 2 [RouterD-rip-1] undo summary # Configure Router E. system-view [RouterE] rip [RouterE-rip-1] network 1.0.0.0 [RouterE-rip-1] version 2 [RouterE-rip-1] undo summary # Display the IP routing table on Router A. [RouterA] display rip 1 database 1.0.0.0/8, cost 0, ClassfulSumm 1.1.1.
Configuring RIP to advertise a summary route Network requirements As shown in Figure 10, Router A and Router B run OSPF; Router D runs RIP; and Router C runs OSPF and RIP. Configure RIP to redistribute OSPF routes on Router C so Router D can learn routes destined for networks 10.1.1.0/24, 10.2.1.0/24, 10.5.1.0/24, and 10.6.1.0/24. To reduce the routing table size of Router D, configure route summarization on Router C to advertise only the summary route 10.0.0.0/8 to Router D.
[RouterC-ospf-1] quit 3. Configure basic RIP: # Configure Router C. [RouterC] rip 1 [RouterC-rip-1] network 11.3.1.0 [RouterC-rip-1] version 2 [RouterC-rip-1] undo summary # Configure Router D. system-view [RouterD] rip 1 [RouterD-rip-1] network 11.0.0.0 [RouterD-rip-1] version 2 [RouterD-rip-1] undo summary [RouterD-rip-1] quit # Configure RIP to redistribute the routes from OSPF process 1 and direct routes on Router C.
11.3.1.2/32 Direct 0 0 127.0.0.1 InLoop0 11.4.1.0/24 Direct 0 0 11.4.1.2 GE2/1/2 11.4.1.2/32 Direct 0 0 127.0.0.1 InLoop0 127.0.0.0/8 Direct 0 0 127.0.0.1 InLoop0 127.0.0.1/32 Direct 0 0 127.0.0.1 InLoop0 Configuring RIP FRR Network requirements As shown in Figure 11, Router S, Router A, and Router D run RIPv2. Configure RIP FRR so that when Link A fails, traffic can be switched to Link B immediately. Figure 11 Network diagram Configuration procedure 1.
[RouterD-route-policy] apply fast-reroute backup-interface GigabitEthernet 2/1/1 backup-nexthop 24.24.24.2 [RouterD-route-policy] quit [RouterD] rip 1 [RouterD-rip-1] fast-reroute route-policy frr [RouterD-rip-1] quit 3. Verify the configuration: # Display route 4.4.4.4/32 on Router S, then you can view the backup next hop information. [RouterS] display ip routing-table 4.4.4.4 verbose Routing Table : Public Summary Count : 1 Destination: 4.4.4.
Configure a static route destined for 100.1.1.1/24 and enable static route redistribution into RIP on Router C so Router A can learn two routes destined for 100.1.1.1/24 through GigabitEthernet 2/1/1 and GigabitEthernet 2/1/2, respectively, and uses the one through GigabitEthernet 2/1/1. Enable BFD for RIP on GigabitEthernet 2/1/1 of Router A.
3. Configure the BFD parameters on GigabitEthernet 2/1/1 of Router A: [RouterA] bfd session init-mode active [RouterA] bfd echo-source-ip 11.11.11.11 [RouterA] interface GigabitEthernet 2/1 [RouterA-GigabitEthernet2/1/1] bfd min-echo-transmit-interval 500 [RouterA-GigabitEthernet2/1/1] bfd min-receive-interval 500 [RouterA-GigabitEthernet2/1/1] bfd detect-multiplier 7 [RouterA-GigabitEthernet2/1/1] return 4. Configure a static route on Router C: [RouterC] ip route-static 100.1.1.1 24 null 0 5.
%Jan 19 10:41:51:203 2008 RouterA BFD/4/LOG:Sess[192.168.1.1/192.168.1.2, GE2/1/1,Ctrl], Sta: UP->DOWN, Diag: 1 *Jan 19 10:33:12:813 2008 RouterA RM/6/RMDEBUG: RIP-BFD: Message Type Disable, Connect Type Direct-connect, Pkt Type Echo, Src IP Address 192.168.1.1, Src IFIndex4, Nbr IP Address 192.168.1.2. # Display the BFD information of Router A. display bfd session The output shows that Router A has deleted the BFD session to Router C and displays no output.
and does not receive or send any packets on GigabitEthernet 2/1/2. When the route learned from Router A ages out, Router B uses the route destined for 100.1.1.1/24 through GigabitEthernet 2/1/2. Figure 13 Network diagram Router B GE2/1/1 192.168.2.2/24 GE2/1/2 192.168.3.1/24 GE2/1/2 192.168.3.2/24 Router C Router A RIP packets Fault BFD session Configuration procedure 1. Configure IP addresses for interfaces. (Details not shown.) 2.
# Configure a static route on Router A. [RouterA] ip route-static 100.1.1.0 24 null 0 # Configure a static route on Router C. [RouterC] ip route-static 100.1.1.0 24 null 0 5. Verify the configuration: # Display the BFD session information on Router A. display bfd session Total session number: 1 Up session number: 1 Init Mode: Active IPv4 session working under Echo mode: LD SourceAddr DestAddr State Holdtime Interface 3 192.168.2.1 192.168.2.
display bfd session Total session number: 1 Up session number: 0 Init Mode: Active IPv4 session working under Echo mode: LD SourceAddr DestAddr State Holdtime 3 192.168.2.1 192.168.2.2 Down / Interface GE2/1/2 The output shows that the BFD session to the specified destination is down. # Display routes destined for 100.1.1.0/24 on Router B when the route learned from Router A ages out. display ip routing-table 100.1.1.
Figure 14 Network diagram Configuration procedure 1. Configure IP addresses for interfaces. (Details not shown.) 2. Configure basic RIP basic and enable static route redistribution into RIP so Router A and Router C have routes to send to each other: # Configure Router A. system-view [RouterA] rip 1 [RouterA-rip-1] network 192.168.1.0 [RouterA-rip-1] peer 192.168.2.
[RouterD] rip 1 [RouterD-rip-1] network 192.168.3.0 [RouterD-rip-1] network 192.168.4.0 [RouterD-rip-1] quit 3. Configure BFD parameters for the interfaces: # Configure Router A. [RouterA] bfd session init-mode active [RouterA] interface GigabitEthernet 2/1/1 [RouterA-GigabitEthernet2/1/1] ip address 192.168.3.1 24 [RouterA-GigabitEthernet2/1/1] quit [RouterA] interface GigabitEthernet 2/1/2 [RouterA-GigabitEthernet2/1/2] ip address 192.168.1.
5. Verify the configuration: # Display the BFD session information of Router A. display bfd session Total Session Num: 1 Init Mode: Active Session Working Under Ctrl Mode: LD/RD SourceAddr DestAddr State Holdtime Interface 6/1 192.168.1.1 192.168.2.2 Up 1700ms GE2/1/2 # Display RIP routes destined for 100.1.1.0/24 learned on Router A. display ip routing-table 100.1.1.0 verbose Routing Table : Public Summary Count : 2 Destination: 100.1.1.
display rip 1 route Route Flags: R - RIP, T - TRIP P - Permanent, A - Aging, S - Suppressed, G - Garbage-collect ---------------------------------------------------------------------------- The output shows that the RIP route learned from Router C no longer exists. # Display the RIP route destined for 100.1.1.0/24 on Router A. display ip routing-table 100.1.1.0 verbose Routing Table : Public Summary Count : 1 Destination: 100.1.1.
Analysis In the RIP network, make sure that all the same timers within the entire network are identical and have logical relationships between them. For example, the timeout timer value should be greater than the update timer value. Solution • Use the display rip command to verify the configuration of RIP timers. • Use the timers command to adjust timers.
Configuring OSPF This chapter describes how to configure OSPF. Overview Open Shortest Path First (OSPF) is a link state interior gateway protocol developed by the OSPF working group of the IETF. OSPF version 2 is used for IPv4. Unless otherwise stated, OSPF refers to OSPFv2 (defined in RFC 2328) throughout this document. OSPF has the following features: • Wide scope—Supports various network sizes and up to several hundred routers in an OSPF routing domain.
LSA types OSPF advertises routing information in Link State Advertisements (LSAs). The following describes some commonly used LSAs: • Router LSA—Type-1 LSA, originated by all routers and flooded throughout a single area only. This LSA describes the collected states of the router's interfaces to an area. • Network LSA—Type-2 LSA, originated for broadcast and NBMA networks by the designated router, and flooded throughout a single area only. This LSA contains the list of routers connected to the network.
Figure 15 Area based OSPF network partition Backbone area and virtual links Each AS has a backbone area that distributes routing information between non-backbone areas. Routing information between non-backbone areas must be forwarded by the backbone area. OSPF requires the following: • All non-backbone areas must maintain connectivity to the backbone area. • The backbone area must maintain connectivity within itself. In practice, the requirements might not be met due to lack of physical links.
Figure 17 Virtual link application 2 The virtual link between the two ABRs acts as a point-to-point connection. You can configure interface parameters, such as hello interval, on the virtual link as they are configured on a physical interface. The two ABRs on the virtual link unicast OSPF packets to each other, and the OSPF routers in between convey these OSPF packets as normal IP packets.
Router types OSPF classifies routers into the following types based on their positions in the AS: • Internal router—All interfaces on an internal router belong to one OSPF area. • Area Border Router (ABR)—Belongs to more than two areas, one of which must be the backbone area. An ABR connects the backbone area to a non-backbone area. An ABR and the backbone area can be connected through a physical or logical link.
A Type-2 external route has low credibility. OSPF considers the cost from the ASBR to the destination of a Type-2 external route is much greater than the cost from the ASBR to an OSPF internal router. The cost from the internal router to the destination of the Type-2 external route = the cost from the ASBR to the destination of the Type-2 external route.
The DR and BDR mechanisms can solve this problem. • DR—Elected to advertise routing information among other routers. If the DR fails, routers on the network must elect another DR and synchronize information with the new DR. Using this mechanism alone is time-consuming and prone to route calculation errors. • BDR—Elected along with the DR to establish adjacencies with all other routers. When the DR fails, the BDR immediately becomes the new DR, and other routers elect a new BDR.
• RFC 3101, OSPF Not-So-Stubby Area (NSSA) Option • RFC 3137, OSPF Stub Router Advertisement • RFC 3630, Traffic Engineering Extensions to OSPF Version 2 • RFC 4811, OSPF Out-of-Band LSDB Resynchronization • RFC 4812, OSPF Restart Signaling • RFC 4813, OSPF Link-Local Signaling OSPF configuration task list To run OSPF in a routing domain, you must first enable OSPF on the routers. Make a proper configuration plan to avoid wrong settings that can result in route blocking and routing loops.
Task Remarks Adding the interface MTU into DD packets Optional. Configuring the maximum number of external LSAs in LSDB Optional. Enabling compatibility with RFC 1583 Optional. Logging neighbor state changes Optional . Configuring OSPF network management Optional. Enabling message logging Optional. Enabling the advertisement and reception of opaque LSAs Optional. Configuring OSPF to give priority to receiving and processing hello packets Optional.
If you specify no router ID when creating the OSPF process, the global router ID is used. HP recommends specifying a router ID when you create the OSPF process. • OSPF can run multiple processes and supports VPNs. • To run multiple OSPF processes, you must specify an ID for each process. The process IDs take effect locally and has no influence on packet exchange between routers. Two routers with different process IDs can exchange packets. • VPN support enables an OSPF process to run in a specified VPN.
Configuration prerequisites Before you configure an OSPF area, complete the following tasks: • Configure IP addresses for interfaces. • Enable OSPF. Configuring a stub area You can configure a non-backbone area at an AS edge as a stub area. To do so, issue the stub command on all the routers attached to the area. The routing table size is reduced because Type-5 LSAs are not flooded within the stub area.
To configure an NSSA area, issue the nssa command on all the routers attached to the area. To configure a totally NSSA area, you also need to configure the nssa no-summary command on the ABR. The ABR of a totally NSSA area does not advertise inter-area routes into the area. To configure an NSSA area: Step Command Remarks 1. Enter system view. system-view N/A 2. Enter OSPF view. ospf [ process-id | router-id router-id | vpn-instance vpn-instance-name ] * N/A 3. Enter area view.
Step Command Remarks Configure this command on both ends of a virtual link. 4. vlink-peer router-id [ hello seconds | retransmit seconds | trans-delay seconds | dead seconds | { simple [ plain | cipher ] password | { md5 | hmac-md5 } key-id [ plain | cipher ] password } ] * Configure a virtual link. hello and dead intervals must be identical on both ends of the virtual link.
Step 3. 4. Command Remarks Configure the OSPF network type for the interface as broadcast. ospf network-type broadcast By default, the network type of an interface depends on the link layer protocol. Configure a router priority for the interface. ospf dr-priority priority Optional. The default router priority is 1.
Step Enter interface view. 2. Command Remarks interface interface-type interface-number N/A By default, the network type of an interface depends on the link layer protocol. After you configure the OSPF network type for an interface as P2MP unicast, all packets are unicast over the interface. The interface cannot broadcast hello packets to discover neighbors, so you must manually specify the neighbors. Configure the OSPF network type for the interface as P2MP. ospf network-type p2mp [ unicast ] 4.
Configure filters if routing information filtering is needed. • Configuring OSPF route summarization You can configure route summarization on an ABR or ASBR to summarize routes with the same prefix into a single route and distribute it to other areas. Route summarization reduces the routing information exchanged between areas and the sizes of routing tables, improving router performance.
Configuring OSPF inbound route filtering OSPF calculates routes by using LSAs. The calculated routes can be filtered and only permitted routes are installed into the OSPF routing table. OSPF provides the following filtering methods: • Filters routing information by destination address through ACLs and IP address prefixes. • Filters routing information by next hop through the filtering criteria configured with the gateway keyword.
Configure a bandwidth reference value for the interface. OSPF computes the cost with this formula: Interface OSPF cost = Bandwidth reference value (100 Mbps)/Interface bandwidth (Mbps). If the calculated cost is greater than 65,535, the value of 65,535 is used. If the calculated cost is less than 1, the value of 1 is used. If no cost or bandwidth reference value is configured for an interface, OSPF computes the interface cost based on the interface bandwidth and default bandwidth reference value.
Configuring OSPF preference A router can run multiple routing protocols, and each protocol is assigned a preference. When the routing protocols find routes to the same destination, the route found by the protocol with the highest preference is selected as the best route. To configure OSPF preference: Step Command Remarks 1. Enter system view. system-view N/A 2. Enter OSPF view. ospf [ process-id | router-id router-id | vpn-instance vpn-instance-name ] * N/A Optional. 3.
Configuring OSPF to redistribute a default route The import-route command cannot redistribute a default external route. Perform this task to redistribute a default external route. To configure OSPF to redistribute a default external route: Step Command Remarks 1. Enter system view. system-view N/A 2. Enter OSPF view. ospf [ process-id | router-id router-id | vpn-instance vpn-instance-name ] * N/A Not redistributed by default. 3. Redistribute a default route.
Step Command Remarks 1. Enter system view. system-view N/A 2. Enter OSPF view. ospf [ process-id | router-id router-id | vpn-instance vpn-instance-name ] * N/A 3. Enter area view. area area-id N/A 4. Advertise a host route. host-advertise ip-address cost Not advertised by default. Tuning and optimizing OSPF networks You can optimize an OSPF network in the following ways: • Change OSPF packet timers to adjust the convergence speed and network load.
Step Command Remarks Optional. 3. Specify the hello interval. ospf timer hello seconds The hello interval defaults to 10 seconds on P2P and broadcast interfaces, and defaults to 30 seconds on P2MP and NBMA interfaces. The default hello interval is restored when the network type for an interface is changed. 4. Specify the poll interval. ospf timer poll seconds Optional. The poll interval defaults to 120 seconds. Optional. 5. Specify the dead interval.
Step Command Remarks 1. Enter system view. system-view N/A 2. Enter OSPF view. ospf [ process-id | router-id router-id | vpn-instance vpn-instance-name ] * N/A 3. Specify the SPF calculation interval. spf-schedule-interval maximum-interval [ minimum-interval [ incremental-interval ] ] Optional. By default, the interval is 5 seconds.
Step Command Remarks Optional. Configure the LSA generation interval. 3. lsa-generation-interval maximum-interval [minimum-interval [ incremental-interval ] ] By default, the maximum interval is 5 seconds, the minimum interval is 0 milliseconds, and the incremental interval is 5000 milliseconds.
Configuring OSPF authentication Configure OSPF packet authentication to ensure the security of packet exchange. After authentication is configured, OSPF only receives packets that pass authentication. Failed packets cannot establish neighboring relationships. You must configure the same authentication mode and password on all routers on the same network segment. If you configure OSPF authentication for both an area and an interface in that area, the interface uses the OSPF authentication configured on it.
Step Command Remarks • Configure simple authentication: 3. Configure interface authentication mode. ospf authentication-mode simple [ cipher | plain ] password • Configure MD5 authentication: ospf authentication-mode { hmac-md5 | md5 } key-id [ cipher | plain ] password Use either method. By default, no authentication is configured. Adding the interface MTU into DD packets By default, an interface adds 0 into the interface MTU field of a DD packet to be sent rather than the interface MTU.
To avoid routing loops, configure all the routers in a routing domain to be either compatible or incompatible with RFC 1583. To make them compatible: Step Command Remarks 1. Enter system view. system-view N/A 2. Enter OSPF view. ospf [ process-id | router-id router-id | vpn-instance vpn-instance-name ] * N/A 3. Enable compatibility with RFC 1583. rfc1583 compatible Optional. Enabled by default.
Step Command Remarks Optional. 2. 3. Bind OSPF MIB to an OSPF process. ospf mib-binding process-id Enable OSPF trap generation.
can configure OSPF to give priority to receiving and processing Hello packets to ensure stable neighbor relationships. To configure OSPF to give priority to receiving and processing Hello packets: Step Command Remarks 1. Enter system view. system-view N/A 2. Configure OSPF to give priority to receiving and processing hello packets. ospf packet-process prioritized-treatment Not configured by default.
Configuring OSPF FRR When a link fails, the packets on the link are discarded, and a routing loop might occur until OSPF completes routing convergence based on the new network topology. You can enable OSPF fast reroute (FRR) to resolve this issue. Figure 21 Network diagram for OSPF FRR In Figure 21, after you enable FRR on Router B, OSPF automatically calculates or designates a backup next hop when a link failure is detected. Packets are directed to the backup next hop.
Configuring OSPF FRR to designate a backup next hop with a routing policy Before configuring this task, you need to use the apply fast-reroute backup-interface command to specify a backup next hop in the routing policy to be referenced. For more information about the apply fast-reroute backup-interface command and routing policy configuration, see "Configuring routing policies." To configure OSPF FRR: Step Command Remarks 1. Enter system view. system-view N/A 2.
Step Command Remarks 7. Enable opaque LSA advertisement capability. opaque-capability enable Disabled by default. 8. Enable the IETF standard Graceful Restart capability. graceful-restart ietf Disabled by default. 9. Configure the GR interval. graceful-restart interval interval-value Optional. 120 seconds by default. Configuring the non-IETF standard OSPF GR restarter Step Command Remarks 10. Enter system view. system-view N/A 11. Enable OSPF and enter its view.
Configuring the non-IETF standard OSPF GR helper Step Command Remarks 20. Enter system view. system-view N/A 21. Enable OSPF and enter its view. ospf [ process-id | router-id router-id | vpn-instance vpn-instance-name ] * N/A 22. Enable the link-local signaling capability. enable link-local-signaling Disabled by default. 23. Enable the out-of-band re-synchronization capability. enable out-of-band-resynchronization Disabled by default. 24.
Step Command Remarks 1. Enter system view. system-view N/A 2. Enable OSPF NSR. ospf non-stop-routing By default, OSPF NSR is disabled. Configuring BFD for OSPF Bidirectional forwarding detection (BFD) provides a single mechanism to quickly detect and monitor the connectivity of links between OSPF neighbors, reducing network convergence time. For more information about BFD, see High Availability Configuration Guide.
Step Command Remarks 3. Enable an OSPF process and enter OSPF view. ospf [ process-id | router-id router-id | vpn-instance vpn-instance-name ] * N/A 4. Specify a network to enable the interface attached to the network to run the OSPF process in the area. network ip-address wildcard-mask N/A 5. Exit to system view. quit N/A 6. Enter interface view. interface interface-type interface-number N/A 7. Enable BFD echo packet single-hop detection on the interface.
Task Command Remarks Display OSPF retransmission queue information. display ospf [ process-id ] retrans-queue [ interface-type interface-number ] [ neighbor-id ] [ | { begin | exclude | include } regular-expression ] Available in any view. Display OSPF ABR and ASBR information. display ospf [ process-id ] abr-asbr [ | { begin | exclude | include } regular-expression ] Available in any view. Display OSPF interface information.
Figure 22 Network diagram Configuration procedure 1. Configure IP addresses for interfaces. (Details not shown.) 2. Configure OSPF basic functions: # Configure Router A. system-view [RouterA] ospf [RouterA-ospf-1] area 0 [RouterA-ospf-1-area-0.0.0.0] network 10.1.1.0 0.0.0.255 [RouterA-ospf-1-area-0.0.0.0] quit [RouterA-ospf-1] area 1 [RouterA-ospf-1-area-0.0.0.1] network 10.2.1.0 0.0.0.255 [RouterA-ospf-1-area-0.0.0.1] quit [RouterA-ospf-1] quit # Configure Router B.
[RouterD-ospf-1] area 2 [RouterD-ospf-1-area-0.0.0.2] network 10.3.1.0 0.0.0.255 [RouterD-ospf-1-area-0.0.0.2] network 10.5.1.0 0.0.0.255 [RouterD-ospf-1-area-0.0.0.2] quit [RouterD-ospf-1] quit 3. Verify the configuration: # Display the OSPF neighbors of Router A. [RouterA] display ospf peer verbose OSPF Process 1 with Router ID 10.2.1.1 Neighbors Area 0.0.0.0 interface 10.1.1.1(GigabitEthernet2/1/1)'s neighbors Router ID: 10.3.1.1 State: Full DR: 10.1.1.1 Address: 10.1.1.
OSPF Process 1 with Router ID 10.2.1.1 Link State Database Area: 0.0.0.0 Type LinkState ID AdvRouter Age Len Sequence Metric Router 10.2.1.1 10.2.1.1 1069 36 80000012 0 Router 10.3.1.1 10.3.1.1 780 36 80000011 0 Network 10.1.1.1 10.2.1.1 1069 32 80000010 0 Sum-Net 10.5.1.0 10.3.1.1 780 28 80000003 1 Sum-Net 10.2.1.0 10.2.1.1 1069 28 8000000F 2 Sum-Net 10.3.1.0 10.3.1.1 780 28 80000014 2 Sum-Net 10.4.1.0 10.2.1.1 769 28 8000000F 1 Area: 0.0.0.
5 packet(s) transmitted 5 packet(s) received 0.00% packet loss round-trip min/avg/max = 1/1/2 ms Configuring OSPF route redistribution Network requirements • Enable OSPF on all the routers, and split the AS into three areas. • Configure Router A and Router B as ABRs. • Configure Router C as an ASBR to redistribute external routes (static routes). Figure 23 Network diagram Configuration procedure 1. Configure IP addresses for interfaces. (Details not shown.) 2.
display ospf routing OSPF Process 1 with Router ID 10.5.1.1 Routing Tables Routing for Network Destination Cost Type NextHop AdvRouter Area 10.2.1.0/24 22 Inter 10.3.1.1 10.3.1.1 0.0.0.2 10.3.1.0/24 10 Transit 10.3.1.2 10.3.1.1 0.0.0.2 10.4.1.0/24 25 Inter 10.3.1.1 10.3.1.1 0.0.0.2 10.5.1.0/24 10 Stub 10.5.1.1 10.5.1.1 0.0.0.2 10.1.1.0/24 12 Inter 10.3.1.1 10.3.1.1 0.0.0.2 Destination Cost Type Tag NextHop AdvRouter 3.1.2.0/24 1 Type2 1 10.3.1.1 10.
Configuration procedure 1. Configure IP addresses for interfaces. (Details not shown.) 2. Configure OSPF basic functions: # Configure Router A. system-view [RouterA] ospf [RouterA-ospf-1] area 0 [RouterA-ospf-1-area-0.0.0.0] network 11.2.1.0 0.0.0.255 [RouterA-ospf-1-area-0.0.0.0] quit [RouterA-ospf-1] quit # Configure Router B. system-view [RouterB] ospf [RouterB-ospf-1] area 0 [RouterB-ospf-1-area-0.0.0.0] network 11.2.1.0 0.0.0.255 [RouterB-ospf-1-area-0.0.0.
[RouterB-bgp] quit # Configure Router C. [RouterC] bgp 100 [RouterC-bgp] peer 11.1.1.1 as-number 200 [RouterC-bgp] import-route ospf [RouterC-bgp] import-route direct [RouterC-bgp] quit 4. Configure Router B and Router C to redistribute BGP routes into OSPF: # Configure OSPF to redistribute routes from BGP on Router B. [RouterB] ospf [RouterB-ospf-1] import-route bgp # Configure OSPF to redistribute routes from BGP on Router C.
Configuring an OSPF stub area Network requirements • Enable OSPF on all routers, split the AS into three areas. • Configure Router A and Router B as ABRs to forward routing information between areas. • Configure Router D as the ASBR to redistribute static routes. • Configure Area 1 as a stub area to reduce LSAs advertised without influencing reachability. Figure 25 Network diagram Configuration procedure 1. Configure IP addresses for interfaces. (Details not shown.) 2.
Routing for Network Destination Cost Type 10.2.1.0/24 3 10.3.1.0/24 7 10.4.1.0/24 10.5.1.0/24 10.1.1.0/24 NextHop AdvRouter Area Transit 10.2.1.2 10.2.1.1 0.0.0.1 Inter 10.2.1.1 10.2.1.1 0.0.0.1 3 Stub 10.4.1.1 10.4.1.1 0.0.0.1 17 Inter 10.2.1.1 10.2.1.1 0.0.0.1 5 Inter 10.2.1.1 10.2.1.1 0.0.0.1 Destination Cost Type Tag NextHop AdvRouter 3.1.2.0/24 1 Type2 1 10.2.1.1 10.5.1.
After the area where Router C resides is configured as a stub area, a default route replaces the AS external route. # Configure the area as a totally stub area by filtering Type-3 LSAs out of the Stub area. [RouterA] ospf [RouterA-ospf-1] area 1 [RouterA-ospf-1-area-0.0.0.1] stub no-summary [RouterA-ospf-1-area-0.0.0.1] quit # Display OSPF routing information on Router C. [RouterC] display ospf routing OSPF Process 1 with Router ID 10.4.1.
2. Configuring OSPF basic functions (see "Configuring OSPF basic functions"). 3. Configure Area 1 as an NSSA area: # Configure Router A. system-view [RouterA] ospf [RouterA-ospf-1] area 1 [RouterA-ospf-1-area-0.0.0.1] nssa [RouterA-ospf-1-area-0.0.0.1] quit # Configure Router C. system-view [RouterC] ospf [RouterC-ospf-1] area 1 [RouterC-ospf-1-area-0.0.0.1] nssa [RouterC-ospf-1-area-0.0.0.
OSPF Process 1 with Router ID 10.5.1.1 Routing Tables Routing for Network Destination Cost Type NextHop AdvRouter Area 10.2.1.0/24 22 Inter 10.3.1.1 10.3.1.1 0.0.0.2 10.3.1.0/24 10 Transit 10.3.1.2 10.3.1.1 0.0.0.2 10.4.1.0/24 25 Inter 10.3.1.1 10.3.1.1 0.0.0.2 10.5.1.0/24 10 Stub 10.5.1.1 10.5.1.1 0.0.0.2 10.1.1.0/24 12 Inter 10.3.1.1 10.3.1.1 0.0.0.2 Destination Cost Type Tag NextHop AdvRouter 3.1.2.0/24 1 Type2 1 10.3.1.1 10.2.1.
[RouterA-ospf-1-area-0.0.0.0] quit [RouterA-ospf-1] quit # Configure Router B. system-view [RouterB] router id 2.2.2.2 [RouterB] ospf [RouterB-ospf-1] area 0 [RouterB-ospf-1-area-0.0.0.0] network 192.168.1.0 0.0.0.255 [RouterB-ospf-1-area-0.0.0.0] quit [RouterB-ospf-1] quit # Configure Router C. system-view [RouterC] router id 3.3.3.3 [RouterC] ospf [RouterC-ospf-1] area 0 [RouterC-ospf-1-area-0.0.0.0] network 192.168.1.0 0.0.0.255 [RouterC-ospf-1-area-0.0.0.
State: Full Mode: Nbr is Master DR: 192.168.1.4 Priority: 1 BDR: 192.168.1.3 Dead timer due in 31 MTU: 0 sec Neighbor is up for 00:01:28 Authentication Sequence: [ 0 ] The output shows that Router D is the DR and Router C is the BDR. 3. Configure router priorities on interfaces: # Configure Router A. [RouterA] interface GigabitEthernet 2/1/1 [RouterA-GigabitEthernet2/1/1] ospf dr-priority 100 [RouterA-GigabitEthernet2/1/1] quit # Configure Router B.
The DR and BDR are not changed, because the new router priority settings do not take effect immediately. 4. Restart the OSPF process: # Restart the OSPF process on Router D. reset ospf 1 process Warning : Reset OSPF process? [Y/N]:y # Display neighbor information on Router D. display ospf peer verbose OSPF Process 1 with Router ID 4.4.4.4 Neighbors Area 0.0.0.0 interface 192.168.1.4(GigabitEthernet2/1/1)'s neighbors Router ID: 1.1.1.1 State: Full Address: 192.168.1.
OSPF Process 1 with Router ID 2.2.2.2 Interfaces Area: 0.0.0.0 IP Address Type 192.168.1.2 Broadcast DROther State Cost Pri DR BDR 1 0 192.168.1.1 192.168.1.3 The interface state DROther means the interface is not the DR or BDR. Configuring OSPF virtual links Network requirements Configure a virtual link between Router B and Router C to connect Area 2 to the backbone area. After configuration, Router B can learn routes to Area 2. Figure 28 Network diagram Configuration procedure 1.
[RouterC-ospf-1] area 1 [RouterC-ospf-1-area-0.0.0.1] network 10.2.1.0 0.0.0.255 [RouterC-ospf-1-area-0.0.0.1] quit [RouterC-ospf-1] area 2 [RouterC–ospf-1-area-0.0.0.2] network 10.3.1.0 0.0.0.255 [RouterC–ospf-1-area-0.0.0.2] quit [RouterC-ospf-1] quit # Configure Router D. system-view [RouterD] ospf 1 router-id 4.4.4.4 [RouterD-ospf-1] area 2 [RouterD-ospf-1-area-0.0.0.2] network 10.3.1.0 0.0.0.255 [RouterD-ospf-1-area-0.0.0.2] quit # Display OSPF routing information on Router B.
10.1.1.0/24 2 Transit 10.1.1.2 2.2.2.2 0.0.0.0 Total Nets: 3 Intra Area: 2 Inter Area: 1 ASE: 0 NSSA: 0 Router B has learned the route 10.3.1.0/24 to Area 2. Configuring OSPF GR Network requirements • As shown in Figure 29, Router A, Router B, and Router C that belong to the same autonomous system and the same OSPF routing domain are GR capable. • Router A acts as the non-IETF standard GR restarter.
system-view [RouterC] router id 3.3.3.3 [RouterC] ospf 100 [RouterC-ospf-100] area 0 [RouterC-ospf-100-area-0.0.0.0] network 192.1.1.0 0.0.0.255 [RouterC-ospf-100-area-0.0.0.0] quit 3. Configure OSPF GR: # Configure Router A as the non-IETF standard OSPF GR restarter: enable the link-local signaling capability, the out-of-band re-synchronization capability, and non-IETF standard Graceful Restart capability for OSPF process 100.
OSPF 100 deleted GR wait timer. OSPF 100 deleted GR Interval timer. OSPF 100 GR Completed for OSPF Router OSPF 100 notified RM that OSPF process left GR. RM notified that all protocol left GR. OSPF 100 started flushing STALE LSA after all protocol left GR. OSPF 100: Flush Stale Area LSAs OSPF 100: Start Flush Stale ASE + NSSA LSAs OSPF 100: End Flush Stale ASE + NSSA LSAs Router A completes GR with the help of Router B.
# Display OSPF neighbors and routes on Router A. display ospf peer OSPF Process 1 with Router ID 192.168.1.40 Neighbor Brief Information Area: 0.0.0.0 Router ID Address Pri Dead-Time Interface 192.168.1.41 12.12.12.2 1 40 GE2/1/1 State Full/BDR display ospf routing OSPF Process 1 with Router ID 192.168.1.40 Routing Tables Routing for Network Destination Cost Type NextHop AdvRouter Area 44.44.44.44/32 2 Stub 12.12.12.2 44.44.44.44 0.0.0.0 14.14.14.
The output shows that when an active/standby switchover occurs on Router S, the neighbor relationships and routing information on Router A and Router B have not changed and the traffic from Router A to Router B has not been impacted. Configuring route filtering Network requirements • In Figure 31, all the routers in the network run OSPF. The AS is divided into three areas. • Router A works as the ABR between Area 0 and Area 1. Router B works as the ABR between Area 0 and Area 2.
4. Destination/Mask Proto Pre Cost NextHop Interface 3.1.1.0/24 O_ASE 150 1 10.2.1.2 GE2/1/2 3.1.2.0/24 O_ASE 150 1 10.2.1.2 GE2/1/2 3.1.3.0/24 O_ASE 150 1 10.2.1.2 GE2/1/2 10.1.1.0/24 Direct 0 0 10.1.1.1 GE2/1/1 10.1.1.1/32 Direct 0 0 127.0.0.1 InLoop0 10.2.1.0/24 Direct 0 0 10.2.1.1 GE2/1/2 10.2.1.1/32 Direct 0 0 127.0.0.1 InLoop0 10.3.1.0/24 OSPF 10 4 10.1.1.2 GE2/1/1 10.4.1.0/24 OSPF 10 13 10.2.1.2 GE2/1/2 10.5.1.0/24 OSPF 10 14 10.1.1.
[RouterA-acl-basic-2000] rule 1 permit source any [RouterA-acl-basic-2000] quit # Use the ACL to filter route 10.5.1.0/24. [RouterA] ospf 1 [RouterA-ospf-1] filter-policy 2000 import [RouterA-ospf-1] quit # Display the OSPF routing table of Router A. [RouterA] display ip routing-table Routing Tables: Public Destinations : 10 Routes : 10 Destination/Mask Proto Pre Cost NextHop Interface 3.1.1.0/24 O_ASE 150 1 10.2.1.2 GE2/1/2 3.1.2.0/24 O_ASE 150 1 10.2.1.2 GE2/1/2 10.1.1.
Configure OSPF on the routers, ensuring that Router S, Router A, and Router D can communicate with each other at Layer 3. (Details not shown.) 2. Configure OSPF FRR: You can enable OSPF FRR to either automatically calculate a backup next hop, or designate a backup next hop by using a routing policy. { Method 1: Enable OSPF FRR to automatically calculate a backup next hop. # Configure Router S. system-view [RouterS] bfd echo-source-ip 1.1.1.
Summary Count : 1 Destination: 4.4.4.4/32 Protocol: OSPF Process ID: 1 Preference: 10 IpPrecedence: Cost: 1 QosLcId: NextHop: 13.13.13.2 Interface: GigabitEthernet2/1/2 BkNextHop: 12.12.12.2 BkInterface: GigabitEthernet2/1/1 RelyNextHop: 0.0.0.0 Neighbor : 0.0.0.0 Tunnel ID: 0x0 Label: NULL BKTunnel ID: 0x0 BKLabel: NULL State: Active Adv Age: 00h01m27s Tag: 0 # Display route 1.1.1.1/32 on Router D. You can find the backup next hop information. [RouterD] display ip routing-table 1.1.1.
Figure 33 Network diagram Device Interface IP address Device Interface IP address Router A GE2/1/1 192.168.0.102/24 Router B GE2/1/1 192.168.0.100/24 GE2/1/2 10.1.1.102/24 GE2/1/2 13.1.1.1/24 Router C GE2/1/1 10.1.1.100/24 GE2/1/2 13.1.1.2/24 Configuration procedure 1. Configure IP addresses for the interfaces. (Details not shown.) 2. Configure OSPF basic functions: # Configure Router A. system-view [RouterA] ospf [RouterA-ospf-1] area 0 [RouterA-ospf-1-area-0.0.0.
[RouterC-ospf-1] area 0 [RouterC-ospf-1-area-0.0.0.0] network 10.1.1.0 0.0.0.255 [RouterC-ospf-1-area-0.0.0.0] network 13.1.1.0 0.0.0.255 [RouterC-ospf-1-area-0.0.0.0] quit [RouterC-ospf-1] quit 3. Configure BFD: # Enable BFD on Router A and configure BFD parameters.
Protocol: OSPF Process ID: 1 Preference: 10 Cost: 4 IpPrecedence: NextHop: 10.1.1.100 BkNextHop: 0.0.0.0 RelyNextHop: 0.0.0.0 QosLcId: Interface: GigabitEthernet2/1/2 BkInterface: Neighbor : 0.0.0.0 Tunnel ID: 0x0 Label: NULL BKTunnel ID: 0x0 BKLabel: NULL State: Invalid Adv Age: 00h58m05s Tag: 0 # Enable BFD debugging on Router A.
# Display routes to 120.1.1.0/24 on Router A, and you can see that Router A communicates with Router B through Router C. display ip routing-table 120.1.1.0 verbose Routing Table : Public Summary Count : 2 Destination: 120.1.1.0/24 Protocol: OSPF Process ID: 1 Preference: 10 IpPrecedence: NextHop: 10.1.1.100 BkNextHop: 0.0.0.0 RelyNextHop: 0.0.0.0 Cost: 4 QosLcId: Interface: GigabitEthernet2/1/2 BkInterface: Neighbor : 0.0.0.
5. On an NBMA network, use the peer ip-address command to manually specify the neighbor. 6. At least one interface must have a router priority higher than 0 on an NBMA or a broadcast network. Incorrect routing information Symptom OSPF cannot find routes to other areas. Analysis The backbone area must maintain connectivity to all other areas. If a router connects to more than one area, at least one area must be connected to the backbone. The backbone cannot be configured as a stub area.
Configuring IS-IS This chapter describes how to configure IS-IS for an IPv4 network. Overview Intermediate System-to-Intermediate System (IS-IS) is a dynamic routing protocol designed by the International Organization for Standardization (ISO) to operate on the connectionless network protocol (CLNP). IS-IS was modified and extended in RFC 1195 by the IETF for application in both TCP/IP and OSI reference models, and the new one is called "Integrated IS-IS" or "Dual IS-IS.
The DSP includes the high order part of DSP (HO-DSP), System ID, and SEL, where the HO-DSP identifies the area, the System ID identifies the host, and the SEL identifies the type of service. The IDP and DSP are variable in length. The length of an NSAP address varies from 8 bytes to 20 bytes. Figure 34 NSAP address format Area address The area address comprises the IDP and the HO-DSP of the DSP, which identify the area and the routing domain. Different routing domains cannot have the same area address.
• Area ID—Has a length of 1 to 13 bytes. • System ID—A system ID uniquely identifies a host or router in the area and has a fixed length of 6-byte. • SEL—Has a value of 0 and a fixed length of 1-byte. For example, for a NET is ab.cdef.1234.5678.9abc.00, the area ID is ab.cdef, the system ID is 1234.5678.9abc, and the SEL is 00. Typically, a router only needs one NET, but it can have a maximum of three NETs for smooth area merging and partitioning.
Figure 35 IS-IS topology 1 Figure 36 shows another IS-IS topology. The Level-1-2 routers connect to the Level-1 and Level-2 routers, and form the IS-IS backbone together with the Level-2 routers. No area is defined as the backbone in this topology. The backbone comprises all contiguous Level-2 and Level-1-2 routers in different areas. Figure 36 IS-IS topology 2 NOTE: The IS-IS backbone does not need to be a specific area.
router does not advertise the routing information of other Level-1 areas and the Level-2 area to a Level-1 area, so a Level-1 router sends packets destined for other areas to the nearest Level-1-2 router. The path passing through the Level-1-2 router might not be the best. To solve this problem, IS-IS provides the route leaking feature.
A pseudonode represents a virtual node on the broadcast network. It is not a real router. In IS-IS, it is identified by the system ID of the DIS and a one-byte Circuit ID (a non-zero value). Using pseudonodes can reduce the resources consumed by SPF and simplify network topology. NOTE: On an IS-IS broadcast networks, all routers establish adjacency relationships, but they synchronize their LSDBs through the DIS. IS-IS PDUs PDU IS-IS PDUs are encapsulated in link layer frames.
Table 4 PDU types Type PDU Type Acronym 15 Level-1 LAN IS-IS hello PDU L1 LAN IIH 16 Level-2 LAN IS-IS hello PDU L2 LAN IIH 17 Point-to-Point IS-IS hello PDU P2P IIH 18 Level-1 Link State PDU L1 LSP 20 Level-2 Link State PDU L2 LSP 24 Level-1 Complete Sequence Numbers PDU L1 CSNP 25 Level-2 Complete Sequence Numbers PDU L2 CSNP 26 Level-1 Partial Sequence Numbers PDU L1 PSNP 27 Level-2 Partial Sequence Numbers PDU L2 PSNP Hello PDU IS-to-IS hello PDUs (IIHs) are used by routers
• Holding time—If no hello packets are received from the neighbor within the holding time, the neighbor is considered down. • PDU length—Total length of the PDU in bytes. • Priority—DIS priority. • LAN ID—Includes the system ID and a one-byte pseudonode ID. Figure 41 shows the hello packet format on the point-to-point networks. Figure 41 P2P IIH format Instead of the priority and LAN ID fields in the LAN IIH, the P2P IIH has a Local Circuit ID field.
Figure 42 L1/L2 LSP format Major fields of the L1/L2 LSP are as follows: • PDU length—Total length of the PDU in bytes. • Remaining lifetime—LSP remaining lifetime in seconds. • LSP ID—Consists of the system ID, the pseudonode ID (one byte) and the LSP fragment number (one byte). • Sequence number—LSP sequence number. • Checksum—LSP checksum. • P (Partition)—Partition bit that is only for L2 LSPs. This field indicates whether the router supports partition repair.
Figure 43 LSDB overload SNP A sequence number PDU (SNP) describes the complete or partial LSPs for LSDB synchronization. SNPs include Complete SNP (CSNP) and Partial SNP (PSNP), which are further divided into Level-1 CSNP, Level-2 CSNP, Level-1 PSNP and Level-2 PSNP. A CSNP describes the summary of all LSPs for LSDB synchronization between neighboring routers. On broadcast networks, CSNPs are sent by the DIS periodically (10 seconds by default).
Figure 45 L1/L2 PSNP format No. of Octets 1 Intradomain routing protocol discriminator R Length indicator 1 Version/Protocol ID extension 1 ID length 1 R R 1 PDU type Version 1 Reserved 1 Maximum area address 1 PDU length 2 Source ID ID length+1 Variable length fields CLV The variable fields of PDU comprise multiple Code-Length-Value (CLV) triplets. Figure 46 CLV format Table 35 shows that different PDUs contain different CLVs.
CLV Code Name PDU Type 132 IP Interface Address IIH, LSP Supported IS-IS features Multiple instances and processes IS-IS supports multiple instances and processes. Multiple processes allow an IS-IS process to work in concert with a group of interfaces. A router can run multiple IS-IS processes, and each process corresponds to a unique group of interfaces.
• In IRF mode, NSR backs up IS-IS link state information from the global active MPU to the global standby MPU. When a global active/standby MPU switchover occurs, NSR can complete link state recovery and route regeneration without requiring the cooperation of other devices. IS-IS TE IS-IS traffic engineering (TE) creates and maintains the Label Switched Path (LSP). When creating the Constraint-based Routed LSP (CR LSP), MPLS must get the traffic attributes of all links in the local area.
a router connected to the originating system in the network, but the virtual systems are reachable through the originating system only. The IS-IS routers not supporting LSP fragment extension can operate correctly without modifying the extended LSP fragments received, but some limitation is imposed on the link state information in the extended LSP fragments advertised by the virtual systems. { Mode-2—Applicable to a network where all the routers support LSP fragment extension.
• RFC 2973, IS-IS Mesh Groups • RFC 3277, IS-IS Transient Blackhole Avoidance • RFC 3358, Optional Checksums in ISIS • RFC 3373, Three-Way Handshake for IS-IS Point-to-Point Adjacencies • RFC 3567, Intermediate System to Intermediate System (IS-IS) Cryptographic Authentication • RFC 3719, Recommendations for Interoperable Networks using IS-IS • RFC 3786, Extending the Number of IS-IS LSP Fragments Beyond the 256 Limit • RFC 3787, Recommendations for Interoperable IP Networks using IS-IS • R
Task Remarks Enhancing IS-IS network security Configuring neighbor relationship authentication Optional. Configuring area authentication Optional. Configuring routing domain authentication Optional. Configuring IS-IS GR Optional. Configuring IS-IS NSR Optional. Configuring IS-IS FRR Optional. Enabling IS-IS SNMP trap Optional. Binding an IS-IS process with MIBs Optional. Configuring BFD for IS-IS Optional. Configuring IS-IS MTR Optional.
• Configure the IS level of all routers as Level-1 or Level-2 rather than different levels because the routers do not need to maintain two identical LSDBs. • Configure the IS level as Level-2 on all routers in an IP network for good scalability. For an interface of a Level-1 (or Level-2) router, the circuit level can only be Level-1 (or Level-2).
Configuring IS-IS routing information control Perform the tasks in this section to affect IS-IS route selection. Configuration prerequisites Before the configuration, complete the following tasks: • Configure IP addresses for all interfaces, and make sure that all neighboring nodes are reachable to each other at the network layer. • Enable IS-IS. Configuring IS-IS link cost The IS-IS cost of an interface is determined in the following order: 1. IS-IS cost specified in interface view. 2.
Step 6. Command Specify a cost for the interface. Remarks isis [ ipv4-unicast topology-name | ipv6-unicast ] cost value [ level-1 | level-2 ] Optional. No cost is specified for the interface by default. Configuring a global IS-IS cost Step Command Remarks 1. Enter system view. system-view N/A 2. Enter IS-IS view. isis [ process-id ] [ vpn-instance vpn-instance-name ] N/A 3. Specify an IS-IS cost style.
Configuring the maximum number of ECMP routes Perform this task to implement load sharing over ECMP routes. To configure the maximum number of ECMP routes: Step Command Remarks 1. Enter system view. system-view N/A 2. Enter IS-IS view. isis [ process-id ] [ vpn-instance vpn-instance-name ] N/A 3. Specify the maximum number of ECMP routes for load balancing. [ ipv4-unicast topology-name ] maximum load-balancing number By default, the maximum number of ECMP routes is 8.
Step Command Remarks 2. Enter IS-IS view. isis [ process-id ] [ vpn-instance vpn-instance-name ] N/A 3. Advertise a default route. [ ipv4-unicast topology-name ] default-route-advertise [ route-policy route-policy-name | [ level-1 | level-1-2 | level-2 ] ] * By default, the function is disabled. Configuring IS-IS route redistribution Redistributing large numbers of routes on a device might affect the performance of other devices in the network.
Step Command Remarks 1. Enter system view. system-view N/A 2. Enter IS-IS view. isis [ process-id ] [ vpn-instance vpn-instance-name ] N/A 3. Filter routes calculated from received LSPs. [ ipv4-unicast topology-name ] filter-policy { acl-number | ip-prefix ip-prefix-name | route-policy route-policy-name } import No filtering is configured by default.
Tuning and optimizing IS-IS networks Configuration prerequisites Before the configuration, complete the following tasks: • Configure IP addresses for all interfaces, and make sure that all neighboring nodes are reachable to each other at the network layer. • Enable IS-IS. Specifying intervals for sending IS-IS hello and CSNP packets Step Command Remarks 1. Enter system view. system-view N/A 2. Enter interface view. interface interface-type interface-number N/A 3.
Configuring a DIS priority for an interface On a broadcast network, ISIS must elect a router as the DIS at a routing level. You can specify a DIS priority at a level for an interface. The greater the interface's priority, the more likely it becomes the DIS. If multiple routers in the broadcast network have the same highest DIS priority, the router with the highest MAC address becomes the DIS. To specify a DIS priority for an interface: Step Command Remarks 1. Enter system view. system-view N/A 2.
Step 2. Enter interface view. 3. Disable hello source address check for the PPP interface. Command Remarks interface interface-type interface-number N/A isis peer-ip-ignore The command only applies to the PPP interface. By default, hello source address check is enabled. Enabling an interface to send small hello packets IS-IS messages cannot be fragmented at the IP layer because they are directly encapsulated into frames. Any two IS-IS neighboring routers must negotiate a common MTU.
When the network topology changes, for example, a neighbor is down or up, or the interface metric, system ID, or area ID is changed, the router generates an LSP after a configurable interval. If such a change occurs frequently, excessive LSPs are generated, consuming a large amount of router resources and bandwidth. To resolve this issue, you can adjust the LSP generation interval. To specify the LSP refresh interval and generation interval: Step Command Remarks 1. Enter system view.
Step Command Remarks 1. Enter system view. system-view N/A 2. Enter IS-IS view. isis [ process-id ] [ vpn-instance vpn-instance-name ] N/A 3. Specify the maximum length of generated Level-1 LSPs or Level-2 LSPs. lsp-length originate size [ level-1 | level-2 ] 1497 bytes by default. Specify the maximum length of received LSPs. lsp-length receive size 1497 bytes by default. 4. Enabling LSP flash flooding Changed LSPs can trigger SPF recalculation.
2/1/2 to Router B and Router C. However, Router B and Router C have already received the LSP from Router A. LSP flooding consumes extra bandwidth. Figure 47 Network diagram of a fully meshed network To avoid this, configure some interfaces as a mesh group, configure the blocked interfaces, or both. • After receiving an LSP, a member interface in a mesh group floods it out of the interfaces that do not belong to the mesh group.
Step 3. Command Configure the SPF calculation interval. Remarks timer spf maximum-interval [ initial-interval [ second-wait-interval ] ] Optional. The default SPF calculation interval is 10 seconds. Assigning a high priority to IS-IS routes An IS-IS topology change causes network convergence. By assigning a high priority to specific IS-IS routes, you can achieve faster network convergence. To assign a high priority to IS-IS routes: Step Command Remarks 1. Enter system view. system-view N/A 2.
Configuring system ID to host name mappings In IS-IS, a system ID identifies a router or host uniquely. A system ID has a fixed length of 6 bytes. When an administrator needs to view IS-IS neighbor information, routing table, or LSDB information, using the system IDs in dotted decimal notation is not convenient. To solve it, configure the mappings between system IDs and host names, as host names are easier to remember and use. Such mappings can be configured manually or dynamically.
Step Command Remarks Optional. Not configured by default. Configure a DIS name. 6. isis dis-name symbolic-name This command takes effect only on a router with dynamic system ID to host name mapping configured. This command is not supported on P2P interfaces. Enabling the logging of neighbor state changes Logging of neighbor state changes enables the router to output neighbor state changes to the console terminal. To enable the logging of neighbor state changes: Step Command Remarks 1.
• If you configure an authentication mode and a password without specifying a level, the authentication mode and password apply to both Level-1 and Level-2. • If neither ip nor osi is specified, the OSI related fields in LSPs are checked. To configure neighbor relationship authentication: Step Command Remarks 1. Enter system view. system-view N/A 2. Enter interface view. interface interface-type interface-number N/A 3. Specify the authentication mode and password.
Configuring IS-IS GR Restarting IS-IS on a router will cause network disconnections and route reconvergence. With the GR feature, the restarting router (known as the "GR restarter") can notify the event to its GR capable neighbors. GR capable neighbors (known as "GR helpers") keep their adjacencies with the router within a configurable GR interval. After the restart, the router contacts its neighbors to retrieve its routing table. During this process, the network keeps stable.
To configure IS-IS NSR: Step Command Remarks 1. Enter system view system-view N/A 2. Enter IS-IS view. isis [ process-id ] [ vpn-instance vpn-instance-name ] N/A 3. Enable IS-IS NSR. non-stop-routing Disabled by default. 4. Set the NSR interval. non-stop-routing interval interval-value 0 seconds by default, that is, no NSR interval is configured.
Step Command Remarks 2. Configure the source address of echo packets. bfd echo-source-ip ip-address Not configured by default. 3. Enter IS-IS view. isis [ process-id ] [ vpn-instance vpn-instance-name ] N/A 4. Enable IS-IS FRR to automatically calculate a backup next hop. fast-reroute auto Not configured by default.
Step Command Remarks 1. Enter system view. system-view N/A 2. Enter IS-IS view. isis [ process-id ] [ vpn-instance vpn-instance-name ] N/A 3. Bind the IS-IS process with MIBs. isis mib-binding process-id By default, MIBs are bound with IS-IS process 1. Configuring BFD for IS-IS To enable BFD on an IS-IS interface: Step Command Remarks 1. Enter system view. system-view N/A 2. Enter interface view. interface interface-type interface-number N/A 3. Enable IS-IS on the interface.
Figure 49 Network diagram for IS-IS MTR As shown in Figure 49, the base topology is split into two topologies, topology A and topology B. You can forward voice traffic through topology A and video traffic through topology B. Router B does not belong to topology A. In topology B, the links between Router A and Router D and between Router B and Router C do not exist. Route calculation and traffic forwarding are performed in each topology independently.
Step 7. Enable an IS-IS IPv4 unicast topology on the interface. Command Remarks isis multiple-topology ipv4-unicast topology-name Not enabled default. Displaying and maintaining IS-IS Task Command Remarks Display brief IS-IS configuration information. display isis brief [ process-id | vpn-instance vpn-instance-name ] [ | { begin | exclude | include } regular-expression ] Available in any view. Display the status of IS-IS debug switches.
Task Command Remarks Display IS-IS statistics. display isis statistics [ level-1 | level-1-2 | level-2 ] [ process-id | vpn-instance vpn-instance-name ] [ | { begin | exclude | include } regular-expression ] Available in any view. Clear IS-IS process data structure information. reset isis all [ process-id | vpn-instance vpn-instance-name ] Available in user view. Clear the data structure information of an IS-IS neighbor.
[RouterA-Serial2/2/0] quit # Configure Router B. system-view [RouterB] isis 1 [RouterB-isis-1] is-level level-1 [RouterB-isis-1] network-entity 10.0000.0000.0002.00 [RouterB-isis-1] quit [RouterB] interface serial 2/2/0 [RouterB-Serial2/2/0] isis enable 1 [RouterB-Serial2/2/0] quit # Configure Router C. system-view [RouterC] isis 1 [RouterC-isis-1] network-entity 10.0000.0000.0003.
0000.0000.0001.00-00* 0x0000000d 0xb184 879 68 0/0/0 0000.0000.0002.00-00 0x0000000c 0xcf65 493 68 0/0/0 0000.0000.0003.00-00 0x00000013 0x2f38 594 111 1/0/0 *-Self LSP, +-Self LSP(Extended), ATT-Attached, P-Partition, OL-Overload [RouterB] display isis lsdb Database information for ISIS(1) -------------------------------- Level-1 Link State Database LSPID Seq Num Checksum Holdtime Length ATT/P/OL -------------------------------------------------------------------------0000.0000.
Database information for ISIS(1) -------------------------------Level-2 Link State Database LSPID Seq Num Checksum Holdtime Length ATT/P/OL -----------------------------------------------------------------------0000.0000.0003.00-00 0x00000013 0xbb56 910 100 0/0/0 0000.0000.0004.00-00* 0x00000005 0xd086 791 84 0/0/0 *-Self LSP, +-Self LSP(Extended), ATT-Attached, P-Partition, OL-Overload # Display the IS-IS routing information on each router.
ISIS(1) IPv4 Level-2 Forwarding Table ------------------------------------- IPV4 Destination IntCost ExtCost ExitInterface NextHop Flags -------------------------------------------------------------------------10.1.1.0/24 10 NULL S2/2/1 Direct D/L/- 10.1.2.0/24 10 NULL S2/2/0 Direct D/L/- 192.168.0.0/24 10 NULL S2/2/2 Direct D/L/- 172.16.0.0/16 20 NULL S2/2/2 192.168.0.
Figure 51 Network diagram Router A L1/L2 GE2/1/1 10.1.1.1/24 GE2/1/1 10.1.1.3/24 Router C L1 Router B L1/L2 GE2/1/1 10.1.1.2/24 GE2/1/1 10.1.1.4/24 Router D L2 Configuration procedure 1. Configure an IP address for each interface. (Details not shown.) 2. Enable IS-IS: # Configure Router A. system-view [RouterA] isis 1 [RouterA-isis-1] network-entity 10.0000.0000.0001.
[RouterD] isis 1 [RouterD-isis-1] network-entity 10.0000.0000.0004.00 [RouterD-isis-1] is-level level-2 [RouterD-isis-1] quit [RouterD] interface gigabitethernet 2/1/1 [RouterD-GigabitEthernet2/1/1] isis enable 1 [RouterD-GigabitEthernet2/1/1] quit # Display information about IS-IS neighbors of Router A. [RouterA] display isis peer Peer information for ISIS(1) ---------------------------- System Id: 0000.0000.0002 Interface: GigabitEthernet2/1/1 State: Up HoldTime: 21s Circuit Id: 0000.0000.0003.
--------------------------------Interface: GigabitEthernet2/1/1 Id IPV4.State 001 Up IPV6.State Down MTU Type DIS 1497 L1/L2 No/Yes By using the default DIS priority, Router C is the Level-1 DIS, and Router D is the Level-2 DIS. The pseudonodes of Level-1 and Level-2 are 0000.0000.0003.01 and 0000.0000.0004.01, respectively. 3.
System Id: 0000.0000.0001 Interface: GigabitEthernet2/1/1 State: Up HoldTime: 7s Circuit Id: 0000.0000.0001.01 Type: L1 PRI: 100 System Id: 0000.0000.0002 Interface: GigabitEthernet2/1/1 State: Up HoldTime: 23s Circuit Id: 0000.0000.0001.01 Type: L1 PRI: 64 [RouterC] display isis interface Interface information for ISIS(1) --------------------------------Interface: GigabitEthernet2/1/1 Id IPV4.State IPV6.
Figure 52 Network diagram Router A L1 S2/2/0 10.1.1.2/24 S2/2/1 10.1.1.1/24 S2/2/0 10.1.2.1/24 Router C L1/L2 S2/2/0 192.168.0.2/24 S2/2/0 10.1.2.2/24 Router B L1 GE2/1/1 10.1.4.1/24 GE2/1/1 10.1.4.2/24 S2/2/2 192.168.0.1/24 Router D L2 RIP Router E Area 20 Area 10 Configuration procedure 1. Configure IP addresses for interfaces. (Details not shown.) 2. Configure IS-IS basic functions: # Configure Router A.
[RouterC] interface serial 2/2/2 [RouterC-Serial2/2/2] isis enable 1 [RouterC-Serial2/2/2] quit # Configure Router D. system-view [RouterD] isis 1 [RouterD-isis-1] is-level level-2 [RouterD-isis-1] network-entity 20.0000.0000.0004.00 [RouterD-isis-1] quit [RouterD] interface serial 2/2/0 [RouterD-Serial2/2/0] isis enable 1 [RouterD-Serial2/2/0] quit # Display IS-IS routing information on each router.
------------------------------------- IPV4 Destination IntCost ExtCost ExitInterface NextHop Flags -------------------------------------------------------------------------10.1.1.0/24 10 NULL S2/2/1 Direct D/L/- 10.1.2.0/24 10 NULL S2/2/0 Direct D/L/- 192.168.0.
ISIS(1) IPv4 Level-1 Forwarding Table ------------------------------------IPV4 Destination IntCost ExtCost ExitInterface NextHop Flags -------------------------------------------------------------------------10.1.1.0/24 10 NULL S2/2/1 Direct D/L/- 10.1.2.0/24 10 NULL S2/2/0 Direct D/L/- 192.168.0.
Configure IS-IS on the routers, ensuring that Router A, Router B, and Router C can communicate with each other at Layer 3 and dynamic route update can be implemented among them with IS-IS. (Details not shown.) 2. Configure IS-IS Graceful Restart: # Enable IS-IS Graceful Restart on Router A and configure the Graceful Restart interval.
IS-IS NSR configuration example Network requirements Router S, Router A, and Router B belong to the same IS-IS routing domain as illustrated in Figure 54. Enable IS-IS NSR on Router S to ensure correct routing when an active/standby switchover occurs on Router S. Figure 54 Network diagram Configuration procedure 1. Configure IP addresses for the interfaces on each router and configure IS-IS: Follow Figure 54 to configure the IP address and subnet mask of each interface on the routers. (Details not shown.
System Id: 0000.0000.0001 Interface: GE2/1/1 State: Up Circuit Id: 0000.0000.0001.01 HoldTime: 25s Type: L1(L1L2) PRI: 64 System Id: 0000.0000.0001 Interface: GE2/1/1 State: Up Circuit Id: 0000.0000.0001.
----------------------------ISIS(1) IPv4 Level-1 Forwarding Table ------------------------------------IPV4 Destination IntCost ExtCost ExitInterface NextHop Flags -------------------------------------------------------------------------14.14.14.0/24 10 NULL GE2/1/1 Direct 44.44.44.44/32 10 NULL Loop0 12.12.12.0/32 10 NULL GE2/1/1 14.14.14.4 R/L/- 22.22.22.22/32 10 NULL GE2/1/1 14.14.14.
Follow Figure 55 to configure the IP address and subnet mask of each interface on the routers. (Details not shown.) Configure IS-IS on the routers, ensuring that Router A, Router D, and Router S can communicate with each other at Layer 3. (Details not shown.) 2. Configure IS-IS FRR: Enable IS-IS FRR to either automatically calculate a backup next hop, or designate a backup next hop by using a routing policy. { Method 1: Enable IS-IS FRR to automatically calculate a backup next hop. # Configure Router S.
# Display route 4.4.4.4/32 on Router S to view the backup next hop information. [RouterS] display ip routing-table 4.4.4.4 verbose Routing Table : Public Summary Count : 1 Destination: 4.4.4.4/32 Protocol: ISIS Process ID: 1 Preference: 10 IpPrecedence: Cost: 10 QosLcId: NextHop: 13.13.13.2 Interface: gigabitethernet2/1/2 BkNextHop: 12.12.12.2 BkInterface: gigabitethernet2/1/1 RelyNextHop: 0.0.0.0 Neighbor : 0.0.0.
Figure 56 Network diagram Configuration procedure 1. Configure IP addresses for interfaces. (Details not shown.) 2. Configure IS-IS basic functions: # Configure Router A. system-view [RouterA] isis 1 [RouterA-isis-1] network-entity 10.0000.0000.0001.00 [RouterA-isis-1] is-level level-1 [RouterA-isis-1] quit [RouterA] interface gigabitethernet 2/1/1 [RouterA-GigabitEthernet2/1/1] isis enable 1 [RouterA-GigabitEthernet2/1/1] quit # Configure Router B.
[RouterC] interface gigabitethernet 2/1/3 [RouterC-GigabitEthernet2/1/3] isis enable 1 [RouterC-GigabitEthernet2/1/3] quit # Configure Router D. system-view [RouterD] isis 1 [RouterD-isis-1] network-entity 20.0000.0000.0001.00 [RouterD-isis-1] quit [RouterD] interface gigabitethernet 2/1/1 [RouterD-GigabitEthernet2/1/1] isis enable 1 [RouterD-GigabitEthernet2/1/1] quit 3.
5. Configure routing domain authentication. Specify the MD5 authentication mode and password 1020Sec on Router C and Router D: [RouterC] isis 1 [RouterC-isis-1] domain-authentication-mode md5 1020Sec [RouterC-isis-1] quit [RouterD] isis 1 [RouterD-isis-1] domain-authentication-mode md5 1020Sec [RouterD-isis-1] isis 1 Configuring BFD for IS-IS Network requirements • As shown in Figure 57, IS-IS is enabled on Router A, Router B and Router C that are reachable to each other at the network layer.
[RouterA-GigabitEthernet2/1/1] quit [RouterA] interface gigabitethernet 2/1/2 [RouterA-GigabitEthernet2/1/2] isis enable [RouterA-GigabitEthernet2/1/2] quit # Configure Router B. system-view [RouterB] isis [RouterB-isis-1] network-entity 10.0000.0000.0002.
Session Working Under Ctrl Mode: LD/RD SourceAddr DestAddr State Holdtime Interface 3/1 192.168.0.102 192.168.0.100 Up 1700ms GE2/1/1 # Display route 120.1.1.0/24 on Router A, and you can see that Router A and Router B communicate through the Layer-2 switch. display ip routing-table 120.1.1.0 verbose Routing Table : Public Summary Count : 2 Destination: 120.1.1.0/24 Protocol: ISIS Process ID: 0 Preference: 0 IpPrecedence: NextHop: 192.168.0.100 BkNextHop: 0.0.0.0 RelyNextHop: 0.0.0.
%Aug 8 14:54:05:367 2008 RouterA ISIS/4/ADJLOG:ISIS-1-ADJCHANGE: Adjacency To 0000.0000.0002 (GE2/1/1) DOWN, Level-2 Adjacency clear. %Aug 8 14:54:05:368 2008 RouterA ISIS/4/ADJLOG:ISIS-1-ADJCHANGE: Adjacency To 0000.0000.0002 (GE2/1/1) DOWN, Level-1 Circuit Down. %Aug 8 14:54:05:369 2008 RouterA ISIS/4/ADJLOG:ISIS-1-ADJCHANGE: Adjacency To 0000.0000.0002 (GE2/1/1) DOWN, Level-1 Adjacency clear. *Aug 8 14:54:05:370 2008 RouterA ISIS/6/ISIS: ISIS-1-BFD: Success to send msg. Msg type 1 delete session.
Figure 58 Network diagram Device Interface IP address Device Interface IP address Router A GE2/2/1 4.4.4.20/24 Router B GE2/2/1 5.1.1.21/24 GE2/2/2 3.1.1.20/24 Router C Router D GE2/2/2 3.1.1.21/24 GE2/2/3 6.1.1.21/22 GE2/2/1 5.1.1.23/24 GE2/2/1 4.4.4.21/24 GE2/2/2 7.1.1.23/24 GE2/2/2 7.1.1.22/24 Loop0 4.4.4.4/32 GE2/2/3 6.1.1.22/22 Configuration procedure 1. Configure IP addresses for the interfaces on each router and configure IS-IS.
[RouterA-address-family ipv4] multiple-topology video [RouterA-multiple-topology-video] acl 3002 [RouterA-multiple-topology-video] quit [RouterA-address-family ipv4] quit # Enable topology voice for GigabitEthernet 2/2/1, and video for GigabitEthernet 2/2/2.
[RouterC-isis-1] multiple-topology ipv4-unicast voice 4000 [RouterC-isis-1] multiple-topology ipv4-unicast video 2000 [RouterC-isis-1] quit [RouterC] interface gigabitethernet 2/2/2 [RouterC-GigabitEthernet2/2/2] multiple-topology video enable [RouterC-GigabitEthernet2/2/2] multiple-topology voice enable [RouterC-GigabitEthernet2/2/2] isis multiple-topology ipv4-unicast voice [RouterC-GigabitEthernet2/2/2] isis multiple-topology ipv4-unicast video [RouterC-GigabitEthernet2/2/2] quit [RouterC] interface loop
IPV4 Destination IntCost ExtCost ExitInterface NextHop Flags -------------------------------------------------------------------------------4.0.0.0/24 10 NULL GE2/2/1 Direct D/L/- 7.0.0.0/24 20 NULL GE2/2/1 4.0.0.22 R/L/- 4.4.4.4/32 20 NULL GE2/2/1 4.0.0.
Flags: D-Direct, R-Added to RM, L-Advertised in LSPs, U-Up/Down Bit Set The outgoing interface of route 4.4.4.4/32 is GigabitEthernet 2/2/2.
Configuring BGP Overview Border Gateway Protocol (BGP) is an exterior gateway protocol. It is called internal BGP (IBGP) when it runs within an AS and called external BGP (EBGP) when it runs between ASs. The current version in use is BGP-4 (RFC 4271). Unless otherwise stated, BGP refers to BGP-4 in this document. BGP has the following characteristics: • Focuses on route control and the selection rather than route discovery and calculation. • Uses TCP to enhance reliability.
• Notification—BGP sends a Notification message upon detecting an error and immediately closes the connection. BGP path attributes BGP uses the following path attributes in update messages for route filtering and selection: • ORIGIN The ORIGIN attribute identifies the origin of routing information (how a route became a BGP route). This attribute has the following types: { IGP—Has the highest priority. Routes generated in the local AS have the IGP attribute. { EGP—Has the second highest priority.
passing AS 40 for sending data to the destination 8.0.0.0. In some applications, you can apply a routing policy to control BGP route selection by modifying the AS_PATH length. { • Filter routes—By configuring an AS path filtering list, you can filter routes based on AS numbers contained in the AS_PATH attribute. For more information about routing policies and AS path filtering lists, see "Configuring routing policies.
Figure 61 MED attribute MED = 0 Router B 2.1.1.1 D = 9.0.0.0 Next_hop = 2.1.1.1 MED = 0 EBGP IBGP 9.0.0.0 IBGP Router A D = 9.0.0.0 Next_hop = 3.1.1.1 MED = 100 AS 10 EBGP Router D IBGP 3.1.1.1 Router C AS 20 MED = 100 Generally, BGP only compares MEDs of routes received from the same AS. You can also use the compare-different-as-med command to force BGP to compare MED values of routes received from different ASs.
Figure 62 LOCAL_PREF attribute • COMMUNITY The COMMUNITY attribute identifies the community of BGP routes. A BGP community is a group of routes with the same characteristics. It has no geographical boundaries. Routes of different ASs can belong to the same community. A route can carry one or more COMMUNITY attribute values (each of which is represented by a four-byte integer).
BGP route selection BGP discards routes with unreachable NEXT_HOPs. If multiple routes to the same destination are available, BGP selects the best route in the following sequence: 1. Highest Preferred_value 2. Highest LOCAL_PREF 3. Summary route 4. Shortest AS_PATH 5. IGP, EGP, or INCOMPLETE route in turn 6. Lowest MED value 7. Learned from EBGP, confederation, or IBGP in turn 8. Smallest next hop metric 9. Shortest CLUSTER_LIST 10. Smallest ORIGINATOR_ID 11.
the same number of next hops to forward packets. BGP load balancing based on route recursion is always enabled by the system rather than configured by using commands. • BGP load balancing through route selection BGP differs from IGP in the implementation of load balancing in the following ways: { { IGP routing protocols, such as RIP and OSPF, compute metrics of routes, and then implement load balancing over routes with the same metric and to the same destination. The route selection criterion is metric.
The system supports both manual and automatic route summarization. Manual route summarization allows you to determine the attribute of a summary route and whether to advertise more specific routes. • Route dampening BGP route dampening solves the issue of route instability such as route flaps—a route comes up and disappears in the routing table frequently.
IBGP peers must be fully meshed to maintain connectivity. If n routers exist in an AS, the number of IBGP connections is n(n-1)/2. If a large number of IBGP peers exist, large amounts of network and CPU resources are consumed to maintain sessions. Using route reflectors can solve this issue. In an AS, a router acts as a route reflector, and other routers act as clients connecting to the route reflector. The route reflector forwards the routing information received from a client to other clients.
• Confederation Confederation is another method to manage growing IBGP connections in an AS. It splits an AS into multiple sub ASs. In each sub AS, IBGP peers are fully meshed. As shown in Figure 67, intra-confederation EBGP connections are established between sub Ass in AS 200. Figure 67 Confederation network diagram A non-confederation BGP speaker does not need to know sub ASs in the confederation. It considers the confederation as one AS, and the confederation ID as the AS number.
• MP_UNREACH_NLRI—Multiprotocol Unreachable NLRI, for carrying prefixes of unfeasible routes for multiple network layer protocols. Such routes can then be withdrawn. MP-BGP uses these attributes to advertise feasible and unfeasible routes of different network layer protocols. BGP speakers not supporting MP-BGP ignore updates containing these attributes and do not forward them to its peers.
If you configure a BGP setting for a peer group and a peer in the group, the last configuration takes effect. Complete the following tasks to configure BGP: Task Remarks Enabling BGP Required. Configuring a BGP peer Perform one of the tasks. Configuring a BGP peer group HP recommends that you configure BGP peer groups on large scale BGP networks for easy configuration and maintenance.
Task Remarks Configuring a large scale BGP network Forbidding session establishment with a peer or peer group Optional. Configuring GTSM for BGP Optional. Disabling BGP route advertisement to a peer or peer group Optional. Configuring BGP soft-reset Optional. Disabling BGP routing policies from automatically taking effect Optional. Configuring BGP community Optional. Configuring a BGP route reflector Optional. Configuring a BGP confederation Optional. Configuring BGP GR Optional.
Step Command Remarks Optional. By default, no global router ID is configured. BGP uses the highest loopback interface IP address as the router ID. If no loopback interface IP address is available, BGP uses the highest physical interface IP address as the router ID regardless of the interface status. 2. Configure a global router ID. 3. Enable BGP and enter BGP view. bgp as-number 4. Specify a router ID. router-id router-id By default, the global router ID is used.
Configuring a BGP peer group In a large-scale network, grouping peers that use the same route selection policy simplifies overall configuration. When you modify the policy of the group, the modification applies to all peers in the group. However, if a peer group already contains peers, you cannot remove or change its AS number. A peer group is an IBGP peer group if peers in it belong to the local AS, and is an EBGP peer group if peers in it belong to different ASs.
To configure an EBGP peer group by using Method 1: Step 1. Enter system view. Command Remarks system-view N/A • Enter BGP view: bgp as-number 2. Enter BGP view or BGP-VPN instance view. • Enter BGP-VPN instance view: a. bgp as-number Use either method. b. ipv4-family vpn-instance vpn-instance-name 3. Create an EBGP peer group. group group-name external By default, no EBGP peer group is created. 4. Specify the AS number for the group.
Step Command Enable the default use of IPv4 unicast address family for the peers that are established using the peer as-number command. default ipv4-unicast 7. Enable a peer. peer ip-address enable 8. Configure a description for a peer group. peer group-name description description-text 6. Remarks Optional. Enabled by default. This command is not supported in BGP-VPN instance view. Optional. Enabled by default. Optional. By default, no description is configured for the peer group.
Step Command Remarks • Enter BGP view: bgp as-number 2. Enter BGP view or BGP-VPN instance view. • Enter BGP-VPN instance view: a. bgp as-number b. 3. Create a BGP peer group. Use either method. ipv4 family vpn-instance vpn-instance-name group group-name [ external | internal ] By default, no BGP peer group exists on the device. Deleting a BGP peer group also deletes the BGP dynamic peers in the group. Optional for an IBGP peer group and required for an EBGP peer group. 4.
of the output interface as the source IP address of TCP connections. You can change the source interface (primary IP address) for TCP connections in the following scenarios: • If the peer's IP address belongs to an interface indirectly connected to the local router, you must specify that interface as the source interface for TCP connections on the peer. For example, interface A on the local end is directly connected to interface B on the peer. If you execute the peer x.x.x.
To inject a local network: Step 1. Enter system view. Command Remarks system-view N/A • Enter BGP view: bgp as-number 2. Enter BGP view or BGP-VPN instance view. • Enter BGP-VPN instance view: a. bgp as-number Use either method. b. ipv4-family vpn-instance vpn-instance-name Optional. 3. Inject a local network to the BGP routing table. network ip-address [ mask | mask-length ] route-policy route-policy-name Not injected by default.
Controlling route distribution and reception Configuring BGP route summarization To reduce the number of routes to be redistributed and the routing table size on medium and large BGP networks, configure route summarization on BGP routers. BGP supports the following summarization modes: automatic and manual. Manual summary routes have a higher priority than automatic ones.
Step Configure manual route summarization. 3. Command Remarks aggregate ip-address { mask | mask-length } [ as-set | attribute-policy route-policy-name | detail-suppressed | origin-policy route-policy-name | suppress-policy route-policy-name ]* Not configured by default. Advertising a default route to a peer or peer group Perform this task to advertise a default BGP route with the next hop being the advertising router to a peer or peer group.
Use routing policy, ACL, AS-path ACL, or IP prefix list to filter routing information advertised to the specified peer or peer group. • You can configure a filtering policy as needed. If several filtering policies are configured, they are applied in the following sequence: 1. filter-policy export 2. peer filter-policy export 3. peer as-path-acl export 4. peer ip-prefix export 5.
Step Command Remarks • Configure the filtering of redistributed routes advertised to all peers: filter-policy { acl-number | ip-prefix ip-prefix-name } export [ direct | isis process-id | ospf process-id | rip process-id | | static ] • Reference a routing policy to filter advertisements to a peer or peer group: peer { group-name | ip-address } route-policy route-policy-name export 3. Configure BGP route distribution filtering policies.
Step 1. Enter system view. Command Remarks system-view N/A • Enter BGP view: bgp as-number 2. Enter BGP view or BGP-VPN instance view. • Enter BGP-VPN instance view: a. bgp as-number Use either method. b.
Figure 68 IBGP and IGP synchronization For this example, if synchronization is enabled, and the route 8.0.0.0/24 received from Router B is available in its IGP routing table, Router D advertises the IBGP route when the following conditions are met: • The next hop of the route is reachable. • An active route with the same destination network segment is available in the IGP routing table (use the display ip routing-table protocol command to check the IGP route state).
Step 1. Enter system view. Command Remarks system-view N/A • Enter BGP view: bgp as-number 2. Enter BGP view or BGP-VPN instance view. • Enter BGP-VPN instance view: a. bgp as-number Use either method. b. ipv4-family vpn-instance vpn-instance-name 3. Specify the maximum number of routes that a router can receive from a peer or peer group.
Step 1. Enter system view. Command Remarks system-view N/A • Enter BGP view: bgp as-number 2. Enter BGP view or BGP-VPN instance view. • Enter BGP-VPN instance view: a. bgp as-number Use either method. b. ipv4-family vpn-instance vpn-instance-name 3. Specify a preferred value for routes received from a peer or peer group. peer { group-name | ip-address } preferred-value value Optional. By default, the preferred value is 0.
This task allows you to specify the default local preference for routes sent to IBGP peers. To specify the default local preference: Step 1. Enter system view. Command Remarks system-view N/A • Enter BGP view: bgp as-number 2. Enter BGP view or BGP-VPN instance view. • Enter BGP-VPN instance view: a. bgp as-number Use either method. b. ipv4-family vpn-instance vpn-instance-name 3. Configure the default local preference. Optional.
Step 3. Enable the comparison of MED of routes from different ASs. Command Remarks compare-different-as-med Not enabled by default. Enabling the comparison of MEDs for routes on a per-AS basis Route learning sequence might affect optimal route selection. Figure 69 Route selection based on MED As shown in Figure 69, Router D learns network 10.0.0.0 from both Router A and Router B. Because Router B has a smaller router ID, the route learned from it is optimal. Network *>i 10.0.0.
*>i 2.2.2.2 50 0 300e * i 10.0.0.0 3.3.3.3 50 0 200e * i 1.1.1.1 60 0 200e BGP load balancing cannot be implemented because load balanced routes must have the same AS-path attribute. To enable the comparison of MED of routes from each AS: Step 1. Enter system view. Command Remarks system-view N/A • Enter BGP view: bgp as-number 2. Enter BGP view or BGP-VPN instance view. • Enter BGP-VPN instance view: a. bgp as-number Use either method. b.
For example, as shown in Figure 70, Router A and Router B establish an EBGP neighbor relationship, and Router B and Router C establish an IBGP neighbor relationship. When Router B advertises a network learned from Router A to Router C, if Router C has no route to IP address 1.1.1.1/24, you need to configure Router B to set itself as the next hop (3.1.1.1/24) for the route to be sent to Router C.
Configuring the AS_PATH attribute Permitting local AS number to appear in routes from a peer or peer group In general, BGP checks whether the AS_PATH attribute of a route from a peer contains the local AS number. If so, it discards the route to avoid routing loops. However, in certain network environments (a Hub&Spoke network in MPLS L3VPN, for example), the AS_PATH attribute of a route from a peer must be allowed to contain the local AS number; otherwise, the route cannot be advertised correctly.
Step 1. Enter system view. Command Remarks system-view N/A • Enter BGP view: bgp as-number 2. Enter BGP view or BGP-VPN instance view. • Enter BGP-VPN instance view: a. bgp as-number Use either method. b. ipv4-family vpn-instance vpn-instance-name Optional. 3. Specify a fake AS number for a peer or peer group. peer { group-name | ip-address } fake-as as-number Not specified by default. This command is only applicable to an EBGP peer or peer group.
Step 3. Replace the AS number of a peer or peer group in the AS_PATH attribute as the local AS number. Command Remarks peer { group-name | ip-address } substitute-as Not configured by default. Removing private AS numbers from updates to a peer or peer group Private AS numbers are typically used in test networks, and need not be transmitted in public networks. The range of private AS numbers is from 64512 to 65535. To remove private AS numbers from updates to a peer or peer group: Step 1.
Tuning and optimizing BGP networks Configuring the BGP keepalive interval and holdtime After establishing a BGP session, two routers send keepalive messages at the specified keepalive interval to each other to keep the session. If a router receives no keepalive or update message from the peer within the holdtime, it tears down the session. You can configure the keepalive interval and holdtime globally or for a specific peer or peer group.
Step Command Remarks • Configure the global keepalive interval and holdtime: timer keepalive keepalive hold holdtime 3. Configure BGP keepalive interval and holdtime. • Configure the keepalive interval and holdtime for a peer or peer group: peer { group-name | ip-address } timer keepalive keepalive hold holdtime Optional. By default, the keepalive interval is 60 seconds, and holdtime is 180 seconds.
whether to carry non-standard ORF information in the packets). After completing the negotiation process and establishing the BGP session, the BGP router and its BGP peer can exchange ORF information through specific route-refresh messages. For the parameters configured on both sides for ORF capability negotiation, see Table 37. To enable the BGP ORF capability: Step 1. Enter system view. Command Remarks system-view N/A • Enter BGP view: bgp as-number 2. Enter BGP view or BGP-VPN instance view.
After you enable the 4-byte AS number suppression function, the peer device can then process the Open message even though it does not support 4-byte AS numbers, and the BGP session can be established. If the peer device supports 4-byte AS numbers, do not enable the 4-byte AS number suppression function; otherwise, the BGP peer relationship cannot be established. To enable 4-byte AS number suppression: Step Enter system view. 1.
To enable MD5 authentication for BGP peers: Step 1. Enter system view. Command Remarks system-view N/A • Enter BGP view: bgp as-number 2. Enter BGP view or BGP-VPN instance view. • Enter BGP-VPN instance view: a. bgp as-number Use either method. b. ipv4-family vpn-instance vpn-instance-name 3. Enable MD5 authentication for BGP peers. peer { group-name | ip-address } password { cipher | simple } password Not enabled by default.
Step Command Remarks • Enter BGP view: bgp as-number 2. Enter BGP view or BGP-VPN instance view. • Enter BGP-VPN instance view: a. bgp as-number Use either method. b. ipv4-family vpn-instance vpn-instance-name 3. Forbid session establishment with a peer or peer group. peer { group-name | ip-address } ignore Not forbidden by default.
Disabling BGP route advertisement to a peer or peer group To disable BGP from sending routing updates to the specified peer or peer group: Step Command Remarks 1. Enter system view. system-view N/A 2. Enter BGP view. bgp as-number N/A 3. Disable BGP from sending routing updates to the specified peer or peer group. peer { group-name | ip-address } update-no-advertise By default, BGP sends routing updates to peers.
Step Command Remarks • Enter BGP view: bgp as-number 2. Enter BGP view or BGP-VPN instance view. • Enter BGP-VPN instance view: a. bgp as-number Use either method. b. ipv4-family vpn-instance vpn-instance-name 3. Enable BGP route refresh for a peer or peer group. peer { group-name | ip-address } capability-advertise route-refresh Optional. Enabled by default.
• peer as-path-acl • peer filter-policy • peer ip-prefix • peer route-policy • filter-policy export • filter-policy import • peer default-route-advertise • rr-filter (see MPLS Command Reference) • peer upe route-policy (see MPLS Command Reference) To disable BGP routing policies from automatically taking effect: Step Command Remarks 1. Enter system view. system-view N/A 2. Enter BGP view. bgp as-number N/A 3. Disable BGP routing policies from automatically taking effect.
Step 1. Enter system view. Command Remarks system-view N/A • Enter BGP view: bgp as-number 2. Enter BGP view or BGP-VPN instance view. • Enter BGP-VPN instance view: a. bgp as-number Use either method. b. ipv4-family vpn-instance vpn-instance-name • Advertise the community 3. 4. Advertise the community attribute or extended community attribute to a peer or peer group. Apply a routing policy to routes advertised to a peer or peer group.
Step Command Remarks Not configured by default. 3. Configure the router as a route reflector and specify a peer or peer group as its client. peer { group-name | ip-address } reflect-client 4. Enable route reflection between clients. reflect between-clients Configure the cluster ID of the route reflector. 5. The peer reflect-client command can be configured in both BGP view and BGP-VPNv4 subaddress family view.
Step Command Remarks 2. Enter BGP view. bgp as-number N/A 3. Configure a confederation ID. confederation id as-number Not configured by default. 4. Specify peering sub ASs in the confederation. confederation peer-as as-number-list Not configured by default. Configuring confederation compatibility If some other routers in the confederation do not comply with RFC 3065, you must enable confederation compatibility to allow the router to work with those routers.
information exchange interval by configuring the graceful-restart timer wait-for-rib command. If routing information exchange is not completed within the time, the GR restarter does not receive new routes; instead, it updates its routing table and forwarding table with the BGP routes already learned to complete BGP routing convergence. The GR helper then removes the stale routes. Follow these guidelines when you configure BGP GR: • The GR and NSR features are mutually exclusive.
IMPORTANT: The NSR and GR features are mutually exclusive. Do not configure them at the same time. To configure BGP NSR: Step Command Remarks 1. Enter system view. system-view N/A 2. Enter BGP view. bgp as-number N/A 3. Enable BGP NSR. non-stop-routing Disabled by default. Enabling trap After trap is enabled for BGP, BGP generates Level-4 traps to report important events. The generated traps are sent to the information center of the device.
Configuring BFD for BGP BGP maintains neighbor relationships based on the keepalive timer and holdtime timer, which are set in seconds. BGP defines that the holdtime interval must be at least three times the keepalive interval. This mechanism makes link failure detection rather slow; once a failure occurs on a high-speed link, a large quantity of packets are dropped. BFD resolves this issue by detecting links between neighbors quickly to reduce convergence time upon link failures.
Task Command Remarks Display AS path information. display bgp paths [ as-regular-expression | | { begin | exclude | include } regular-expression ] Available in any view. Display BGP peer or peer group information. display bgp peer [ ip-address { log-info | verbose } | group-name log-info | verbose ] [ | { begin | exclude | include } regular-expression ] Available in any view. Display the prefix information in the ORF message from the specified BGP peer.
Task Command Remarks Display labeled BGP routing information. display bgp routing-table label [ | { begin | exclude | include } regular-expression ] Available in any view. Display routing information to or from a peer. display bgp routing-table peer ip-address { advertised-routes | received-routes } [ network-address [ mask | mask-length ] | statistic ] [ | { begin | exclude | include } regular-expression ] Available in any view. Display routing information matching a regular expression.
BGP configuration examples BGP basic configuration Network requirements In Figure 73, run EBGP between Router A and Router B, and run IBGP between Router B and Router C so that Router C can access the network 8.1.1.0/24 connected to Router A. Figure 73 Network diagram Configuration procedure 1. Configure IP addresses for interfaces. (Details not shown.) 2. Configure IBGP: { { { To prevent route flapping caused by port state changes, this example uses loopback interfaces to establish IBGP connections.
[RouterC-bgp] peer 2.2.2.2 connect-interface loopback 0 [RouterC-bgp] quit [RouterC] ospf 1 [RouterC-ospf-1] area 0 [RouterC-ospf-1-area-0.0.0.0] network 3.3.3.3 0.0.0.0 [RouterC-ospf-1-area-0.0.0.0] network 9.1.1.0 0.0.0.255 [RouterC-ospf-1-area-0.0.0.0] quit [RouterC-ospf-1] quit [RouterC] display bgp peer BGP local router ID : 3.3.3.3 Local AS number : 65009 Total number of peers : 1 Peer 2.2.2.
The output shows that Router B has established an IBGP peer relationship with Router C and an EBGP peer relationship with Router A. # Display the BGP routing table on Router A. [RouterA] display bgp routing-table Total Number of Routes: 1 BGP Local router ID is 1.1.1.1 Status codes: * - valid, ^ - VPNv4 best, > - best, d - damped, h - history, i - internal, s - suppressed, S - Stale Origin : i - IGP, e - EGP, ? - incomplete *> Network NextHop MED 8.1.1.0/24 0.0.0.
# Configure Router B. [RouterB] bgp 65009 [RouterB-bgp] import-route direct # Display the BGP routing table on Router A. [RouterA] display bgp routing-table Total Number of Routes: 4 BGP Local router ID is 1.1.1.1 Status codes: * - valid, ^ - VPNv4 best, > - best, d - damped, h - history, i - internal, s - suppressed, S - Stale Origin : i - IGP, e - EGP, ? – incomplete Network NextHop MED LocPrf PrefVal Path/Ogn *> 2.2.2.2/32 3.1.1.1 0 0 65009? * 3.1.1.0/24 3.1.1.1 0 0 65009? *> 8.1.
5 packet(s) transmitted 5 packet(s) received 0.00% packet loss round-trip min/avg/max = 2/2/2 ms BGP and IGP synchronization configuration Network requirements As shown in Figure 74, all devices of company A reside in AS 65008 while all devices of company B reside in AS 65009. AS 65008 and AS 65009 are connected through Router A and Router B. It is required that Router A can access network 9.1.2.0/24 in AS 65009, and Router C can access network 8.1.1.0/24 in AS 65008.
system-view [RouterA] bgp 65008 [RouterA-bgp] router-id 1.1.1.1 [RouterA-bgp] peer 3.1.1.1 as-number 65009 [RouterA-bgp] network 8.1.1.0 24 [RouterA-bgp] quit # Configure Router B. [RouterB] bgp 65009 [RouterB-bgp] router-id 2.2.2.2 [RouterB-bgp] peer 3.1.1.2 as-number 65008 4. Configure BGP and IGP synchronization: { { Configure BGP to redistribute routes from OSPF on Router B, so Router A can obtain the route to 9.1.2.0/24.
5. 9.1.1.2/32 Direct 0 0 127.0.0.1 InLoop0 9.1.2.0/24 Direct 0 0 9.1.2.1 GE2/1/1 9.1.2.1/32 Direct 0 0 127.0.0.1 InLoop0 127.0.0.0/8 Direct 0 0 127.0.0.1 InLoop0 127.0.0.1/32 Direct 0 0 127.0.0.1 InLoop0 Verify the configuration: # Use ping for verification. [RouterA] ping -a 8.1.1.1 9.1.2.1 PING 9.1.2.1: 56 data bytes, press CTRL_C to break Reply from 9.1.2.1: bytes=56 Sequence=1 ttl=254 time=15 ms Reply from 9.1.2.1: bytes=56 Sequence=2 ttl=254 time=31 ms Reply from 9.1.2.
Figure 75 Network diagram Configuration procedure 1. Configure IP addresses for interfaces. (Details not shown.) 2. Configure BGP connections: { { { On Router A, establish EBGP connections with Router B and Router C, respectively; configure BGP to advertise network 8.1.1.0/24 to Router B and Router C, so Router B and Router C can access the internal network connected to Router A.
# Configure Router C. system-view [RouterC] bgp 65009 [RouterC-bgp] router-id 3.3.3.3 [RouterC-bgp] peer 3.1.2.2 as-number 65008 [RouterC-bgp] peer 2.2.2.2 as-number 65009 [RouterC-bgp] peer 2.2.2.2 connect-interface loopback 0 [RouterC-bgp] network 9.1.1.0 24 [RouterC-bgp] quit [RouterC] ip route-static 2.2.2.2 32 9.1.1.1 # Display the BGP routing table on Router A. [RouterA] display bgp routing-table Total Number of Routes: 3 BGP Local router ID is 1.1.1.
Network *> *> 8.1.1.0/24 9.1.1.0/24 *> { { NextHop MED 0.0.0.0 LocPrf 0 PrefVal Path/Ogn 0 i 3.1.1.1 0 0 65009i 3.1.2.1 0 0 65009i The output shows two valid routes to the destination 9.1.1.0/24, and both of them are marked with a greater-than sign (>), indicating they are the best routes. By using the display ip routing-table command, you can find two routes to 9.1.1.0/24: one with next hop 3.1.1.1 and outbound interface S2/2/0, the other with next hop 3.1.2.
[RouterB] ip route-static 192.168.74.0 24 192.168.212.161 [RouterB] ip route-static 192.168.99.0 24 192.168.212.161 3. Configure OSPF between Router B and Router C, and configure OSPF on Router B to redistribute static routes: # Configure OSPF to advertise the local network, and enable OSPF to redistribute static routes on Router B. [RouterB] ospf [RouterB-ospf-1] area 0 [RouterB-ospf-1-area-0.0.0.0] network 172.17.100.0 0.0.0.255 [RouterB-ospf-1-area-0.0.0.
[RouterD] bgp 64631 [RouterD-bgp] router-id 4.4.4.4 [RouterD-bgp] peer 10.220.2.16 as-number 65106 [RouterD-bgp] quit # Display routing table information on Router D. [RouterD] display ip routing-table Routing Tables: Public Destinations : 8 Destination/Mask Proto 4.4.4.4/32 10.220.2.0/24 Routes : 8 Pre Cost NextHop Interface Direct 0 0 127.0.0.1 InLoop0 Direct 0 0 10.220.2.217 S2/2/0 10.220.2.217/32 Direct 0 0 127.0.0.1 InLoop0 127.0.0.0/8 Direct 0 0 127.0.0.1 InLoop0 127.0.0.
The output shows that Router C has a summary route 192.168.64.0/18 with the output interface Null0. # Display the IP routing table information on Router D. [RouterD] display ip routing-table Routing Tables: Public Destinations : 6 Destination/Mask Proto 4.4.4.4/32 10.220.2.0/24 Routes : 6 Pre Cost NextHop Interface Direct 0 0 127.0.0.1 InLoop0 Direct 0 0 10.220.2.217 S2/2/0 10.220.2.217/32 Direct 0 0 127.0.0.1 InLoop0 127.0.0.0/8 Direct 0 0 127.0.0.1 InLoop0 127.0.0.
[RouterA-bgp] peer 200.1.2.2 as-number 20 [RouterA-bgp] network 9.1.1.0 255.255.255.0 [RouterA-bgp] quit # Configure Router B. system-view [RouterB] bgp 20 [RouterB-bgp] router-id 2.2.2.2 [RouterB-bgp] peer 200.1.2.1 as-number 10 [RouterB-bgp] peer 200.1.3.2 as-number 30 [RouterB-bgp] quit # Configure Router C. system-view [RouterC] bgp 30 [RouterC-bgp] router-id 3.3.3.3 [RouterC-bgp] peer 200.1.3.1 as-number 20 [RouterC-bgp] quit # Display BGP routing table information on Router B.
# Configure a routing policy. [RouterA] route-policy comm_policy permit node 0 [RouterA-route-policy] apply community no-export [RouterA-route-policy] quit # Apply the routing policy. [RouterA] bgp 10 [RouterA-bgp] peer 200.1.2.2 route-policy comm_policy export [RouterA-bgp] peer 200.1.2.2 advertise-community # Display BGP routing table information on Router B. [RouterB] display bgp routing-table 9.1.1.0 BGP local router ID : 2.2.2.
Configuration procedure 1. Configure IP addresses for interfaces. (Details not shown.) 2. Configure BGP connections: # Configure Router A. system-view [RouterA] bgp 100 [RouterA-bgp] peer 192.1.1.2 as-number 200 # Inject network 1.0.0.0/8 to the BGP routing table. [RouterA-bgp] network 1.0.0.0 [RouterA-bgp] quit # Configure Router B. system-view [RouterB] bgp 200 [RouterB-bgp] peer 192.1.1.1 as-number 100 [RouterB-bgp] peer 193.1.1.1 as-number 200 [RouterB-bgp] peer 193.1.1.
*> 1.0.0.0 192.1.1.1 0 0 100i # Display the BGP routing table on Router D. [RouterD] display bgp routing-table Total Number of Routes: 1 BGP Local router ID is 200.1.2.1 Status codes: * - valid, ^ - VPNv4 best, > - best, d - damped, h - history, i - internal, s - suppressed, S - Stale Origin : i - IGP, e - EGP, ? - incomplete Network i 1.0.0.0 NextHop MED LocPrf PrefVal Path/Ogn 193.1.1.2 0 100 0 100i Router D learned the route 1.0.0.0/8 from Router C.
2. Configure the BGP confederation: # Configure Router A. system-view [RouterA] bgp 65001 [RouterA-bgp] router-id 1.1.1.1 [RouterA-bgp] confederation id 200 [RouterA-bgp] confederation peer-as 65002 65003 [RouterA-bgp] peer 10.1.1.2 as-number 65002 [RouterA-bgp] peer 10.1.1.2 next-hop-local [RouterA-bgp] peer 10.1.2.2 as-number 65003 [RouterA-bgp] peer 10.1.2.2 next-hop-local [RouterA-bgp] quit # Configure Router B. system-view [RouterB] bgp 65002 [RouterB-bgp] router-id 2.2.2.
[RouterE-bgp] router-id 5.5.5.5 [RouterE-bgp] confederation id 200 [RouterE-bgp] peer 10.1.4.1 as-number 65001 [RouterE-bgp] peer 10.1.5.1 as-number 65001 [RouterE-bgp] quit 4. Configure the EBGP connection between AS 100 and AS 200: # Configure Router A. [RouterA] bgp 65001 [RouterA-bgp] peer 200.1.1.2 as-number 100 [RouterA-bgp] quit # Configure Router F. system-view [RouterF] bgp 100 [RouterF-bgp] router-id 6.6.6.6 [RouterF-bgp] peer 200.1.1.1 as-number 200 [RouterF-bgp] network 9.1.1.0 255.
Total Number of Routes: 1 BGP Local router ID is 4.4.4.4 Status codes: * - valid, ^ - VPNv4 best, > - best, d - damped, h - history, i - internal, s - suppressed, S - Stale Origin : i - IGP, e - EGP, ? - incomplete Network *>i NextHop 9.1.1.0/24 MED 10.1.3.1 0 LocPrf 100 PrefVal Path/Ogn 0 100i [RouterD] display bgp routing-table 9.1.1.0 BGP local router ID : 4.4.4.4 Local AS number : 65001 Paths: 1 available, 1 best BGP routing table entry information of 9.1.1.0/24: From : 10.1.3.1 (1.1.1.
Figure 80 Network diagram AS 200 AS 100 S2/2/0 GE2/1/1 S2/2/1 Router B S2/2/1 S2/2/0 S2/2/0 S2/2/1 Router D Router A S2/2/0 S2/2/1 Router C Device Interface IP address Device Interface IP address Router A GE2/1/1 1.0.0.0/8 Router D S2/2/0 195.1.1.1/24 S2/2/0 192.1.1.1/24 S2/2/1 194.1.1.1/24 S2/2/1 193.1.1.1/24 Router C S2/2/0 195.1.1.2/24 S2/2/0 192.1.1.2/24 S2/2/1 193.1.1.2/24 S2/2/1 194.1.1.2/24 Router B Configuration procedure 1.
# Configure Router A. system-view [RouterA] bgp 100 [RouterA-bgp] peer 192.1.1.2 as-number 200 [RouterA-bgp] peer 193.1.1.2 as-number 200 # Inject network 1.0.0.0/8 into the BGP routing table of Router A. [RouterA-bgp] network 1.0.0.0 8 [RouterA-bgp] quit # Configure Router B. [RouterB] bgp 200 [RouterB-bgp] peer 192.1.1.1 as-number 100 [RouterB-bgp] peer 194.1.1.1 as-number 200 [RouterB-bgp] quit # Configure Router C. [RouterC] bgp 200 [RouterC-bgp] peer 193.1.1.
# Display the BGP routing table on Router D. [RouterD] display bgp routing-table Total Number of Routes: 2 BGP Local router ID is 194.1.1.1 Status codes: * - valid, ^ - VPNv4 best, > - best, d – damped, h – history, i – internal, s – suppressed, S – Stale Origin : i – IGP, e – EGP, ? – incomplete Network NextHop MED LocPrf PrefVal Path/Ogn *>i 1.0.0.0 193.1.1.1 50 100 0 100i * i 192.1.1.1 100 100 0 100i The route 1.0.0.0/8 learned from Router C is the optimal.
BGP GR configuration Network requirements In Figure 81 are all BGP routers. EBGP runs between Router A and Router B. IBGP runs between router B and Router C. Enable GR capability for BGP so that the communication between Router A and Router C cannot be affected when an active/standby switchover occurs on Router B. Figure 81 Network diagram AS 65008 AS 65009 GE2/1/1 8.1.1.1/8 S2/2/1 200.1.1.2/24 Router A (GR helper) S2/2/1 200.1.1.1/24 S2/2/0 9.1.1.1/24 Router B (GR Restarter) S2/2/0 9.1.1.
# Configure the IBGP connection. system-view [RouterC] bgp 65009 [RouterC-bgp] router-id 3.3.3.3 [RouterC-bgp] peer 9.1.1.1 as-number 65009 # Enable GR capability for BGP. [RouterC-bgp] graceful-restart 4. Verify the configuration: Ping Router C on Router A. Meanwhile, perform an active/standby switchover on Router B. The ping operation is successful during the whole switchover process.
# Create ACL 2000 to permit 1.1.1.0/24 to pass. [RouterA] acl number 2000 [RouterA-acl-basic-2000] rule permit source 1.1.1.0 0.0.0.255 [RouterA-acl-basic-2000] quit # Create two route policies, apply_med_50 and apply_med_100. Policy apply_med_50 sets the MED for route 1.1.1.0/24 to 50. Policy apply_med_100 sets that to 100.
[RouterC-GigabitEthernet2/1] return 6. Verify the configuration: The following operations are made on Router C. Operations on Router A are similar. # Display detailed BFD session information. display bfd session verbose Total Session Num: 1 Init Mode: Active IP Session Working Under Ctrl Mode: Local Discr: 17 Remote Discr: 13 Source IP: 3.0.2.2 Destination IP: 3.0.1.
State: Active Adv Age: 00h08m54s Tag: 0 Destination: 1.1.1.0/24 Protocol: BGP Process ID: 0 Preference: 0 NextHop: 2.0.1.1 BkNextHop: 0.0.0.0 RelyNextHop: 2.0.2.1 Cost: 100 Interface: GigabitEthernet2/1/2 BkInterface: Neighbor : 2.0.1.1 Tunnel ID: 0x0 Label: NULL State: Invalid Adv Age: 00h08m54s Tag: 0 The output shows that Router C has two routes to reach network 1.1.1.
The output shows that Router C has one route to reach network 1.1.1.0/24, that is, Router C<—>Router D<—>Router A. BGP dynamic peer configuration Network diagram All routers run BGP. Router A needs to establish an IBGP connection with Router B, Router C, and Router D, respectively. Configure the BGP dynamic peer feature to simply the IBGP peer configuration. Configure Router A as the route reflector to reflect routes among Router B, Router C, and Router D. Figure 83 Network diagram GE2/1/1 10.1.1.
[RouterD] bgp 200 [RouterD-bgp] router-id 4.4.4.4 [RouterD-bgp] peer 10.1.3.1 as-number 200 # Display information about BGP peers on Router A. [RouterA] display bgp peer BGP local router ID : 1.1.1.1 Local AS number : 200 Total number of peers : 3 Peers in established state : 3 * - Dynamically created peer Peer AS MsgRcvd MsgSent OutQ PrefRcv Up/Down State *10.1.1.2 200 7 10 0 0 00:06:09 Established *10.1.2.2 200 7 10 0 0 00:06:09 Established *10.1.3.
Analysis To become BGP peers, any two routers must establish a TCP session using port 179 and exchange Open messages successfully. Solution 1. Use the display current-configuration command to verify that the peer's AS number is correct. 2. Use the display bgp peer command to verify that the peer's IP address is correct. 3. If a loopback interface is used, verify that the loopback interface is specified with the peer connect-interface command. 4.
Configuring policy-based routing Overview Different from destination-based routing, policy-based routing (PBR) uses user-defined policies to route packets based on the source address, packet length, and other criteria. A policy can specify the output interface, next hop, default output interface, default next hop, and other parameters for packets that match specific criteria such as ACLs or have specific lengths.
Table 8 Priorities and meanings of apply clauses Clause Meaning Priority apply ip-df zero Sets the DF (Don't Fragment) bit in the IP header to 0, which means the packet can be fragmented. This clause is always executed. If this clause is configured, other apply clauses, except the apply ip-df zero clause, are not executed. apply access-vpn vpn-instance Sets VPN instances. apply ip-precedence Sets an IP precedence.
If a node has no if-match or apply clauses configured, all packets can match the node and are forwarded according to the routing table. PBR and track You can use track to monitor the output interface, default output interface, next hop, and default next hop for PBR so that PBR can discover link failures faster. PBR takes effect when the status of the associated track entry is positive or invalid. For more information about track-PBR collaboration, see High Availability Configuration Guide.
Step Command Remarks 1. Enter system view. system-view N/A 2. Enter policy node view. policy-based-route policy-name [ deny | permit ] node node-number N/A 3. Configure an ACL match criterion. if-match acl acl-number Optional. 4. Configure a packet length match criterion. if-match packet-length min-len max-len Optional. 5. Configure a reverse input interface match criterion. if-match reverse-input-interface interface-type interface-number Optional.
Step Command Remarks Optional. 9. apply default output-interface interface-type interface-number [ track track-entry-number ] [ interface-type interface-number [ track track-entry-number ] ] Set default output interfaces. 10. Set default next hops. apply ip-address default next-hop ip-address [ direct ] [ track track-entry-number ] [ ip-address [ direct ] [ track track-entry-number ] ] 11. Set two default next hops to operate in active/standby mode. apply ip-address default next-hop standby 12.
If the specified policy does not exist, the interface PBR configuration succeeds, but it does not take effect until the policy is created. To configure interface PBR on a VLAN interface of an HSR6800 router that operates in gateway mode and is configured with SAP modules, use the redirect command to configure a traffic redirecting action for the VLAN. For more information about configuring traffic redirecting actions, see ACL and QoS Configuration Guide. You can apply the same policy on multiple interfaces.
Task Command Remarks Display PBR statistics (in IRF mode). display ip policy-based-route statistics { interface interface-type interface-number | local } [ chassis chassis-number slot slot-number ] [ | { begin | exclude | include } regular-expression ] Available in any view. Clear PBR statistics. reset policy-based-route statistics [ policy-name ] Available in user view.
[RouterA-Serial2/2/1] ip address 1.1.3.1 255.255.255.0 2. Configure Router B: # Configure the IP address of the serial interface. system-view [RouterB] interface serial 2/2/0 [RouterB-Serial2/2/0] ip address 1.1.2.2 255.255.255.0 [RouterB-Serial2/2/0] quit 3. Configure Router C: # Configure the IP address of the serial interface. system-view [RouterC] interface serial 2/2/1 [RouterC-Serial2/2/1] ip address 1.1.3.2 255.255.255.0 [RouterC-Serial2/2/1] quit 4.
Figure 85 Network diagram Router B Router C S2/2/0 1.1.2.2/24 S2/2/1 1.1.3.2/24 S2/2/0 1.1.2.1/24 Router A S2/2/1 1.1.3.1/24 GE2/1/1 10.110.0.10/24 Subnet 10.110.0.0/24 Host A Host B 10.110.0.20/24 Gateway: 10.110.0.10 Configuration procedure 1. Configure Router A: # Configure ACL 3101 to match TCP packets.
[RouterB] ip route-static 10.110.0.0 24 1.1.2.1 # Configure the IP address of the serial interface. [RouterB] interface serial 2/2/0 [RouterB-Serial2/2/0] ip address 1.1.2.2 255.255.255.0 3. Configure Router C: # Configure a static route to subnet 10.110.0.0/24. system-view [RouterC] ip route-static 10.110.0.0 24 1.1.3.1 # Configure the IP address of the serial interface. [RouterC] interface serial 2/2/1 [RouterC-Serial2/2/1] ip address 1.1.3.2 255.255.255.0 4.
[RouterA] rip [RouterA-rip-1] network 192.1.1.0 [RouterA-rip-1] network 150.1.0.0 [RouterA-rip-1] network 151.1.0.0 [RouterA-rip-1] quit # Configure Node 10 for policy lab1 to forward packets with a length of 64 to 100 bytes to the next hop 150.1.1.2, and packets with a length of 101 to 1000 bytes to the next hop 151.1.1.2. [RouterA] policy-based-route lab1 permit node 10 [RouterA-pbr-lab1-10] if-match packet-length 64 100 [RouterA-pbr-lab1-10] apply ip-address next-hop 150.1.1.
terminal debugging terminal monitor # Ping Loopback 0 of Router B from Host A, and set the data length to 80 bytes. C:\>ping -l 80 10.1.1.1 Pinging 10.1.1.1 with 80 bytes of data: Reply from 10.1.1.1: bytes=80 time<1ms TTL=255 Reply from 10.1.1.1: bytes=80 time<1ms TTL=255 Reply from 10.1.1.1: bytes=80 time<1ms TTL=255 Reply from 10.1.1.1: bytes=80 time<1ms TTL=255 Ping statistics for 10.1.1.
success : POLICY_ROUTEMAP : lab1, Node : 20, next-hop : 151.1.1.2 *Jun 7 12:06:49:627 2009 RouterA PBR/7/POLICY-ROUTING: IP policy based routing success : POLICY_ROUTEMAP : lab1, Node : 20, next-hop : 151.1.1.2 *Jun 7 12:06:50:627 2009 RouterA PBR/7/POLICY-ROUTING: IP policy based routing success : POLICY_ROUTEMAP : lab1, Node : 20, next-hop : 151.1.1.2 The preceding information shows that Router A sets the next hop for the received packets to 151.1.1.2 according to PBR.
# Configure an NAT internal server on interface Serial 2/2/1, and specify 2.2.1.100/16 (on the same network segment as the IP address of Serial 2/2/1 on Router A) as the public address of the HTTP server 192.168.1.2/24. [RouterA] interface serial 2/2/1 [RouterA-Serial2/2/1] nat server protocol tcp global 2.2.1.100 www inside 192.168.1.2 www [RouterA-Serial2/2/1] quit # Configure Node 10 for policy test to forward packets matching the reverse input interface Serial 2/2/0 to the next hop 2.1.1.2/16.
[RouterA-gigabitethernet2/0/1] port link-mode bridge [RouterA-gigabitethernet2/0/1] quit # Create VLAN 100 and VLAN 200 on Router A and assign GigabitEthernet 2/0/0 and GigabitEthernet 2/0/1 to VLAN 100 and VLAN 200 respectively.
Configuring IPv6 static routing Overview Static routes are manually configured. If a network's topology is simple, you only need to configure static routes for the network to work correctly. Proper configuration and use can improve network performance and ensure enough bandwidth for important applications. Static routes cannot adapt to network topology changes. If a fault or a topological change occurs in the network, the network administrator has to modify the static routes manually.
Displaying and maintaining IPv6 static routes Task Command Remarks Display IPv6 static route information. display ipv6 routing-table protocol static [ inactive | verbose ] [ | { begin | exclude | include } regular-expression ] Available in any view. For more information about the display ipv6 routing-table protocol static [ inactive | verbose ] [ | { begin | exclude | include } regular-expression ] command, see Layer 3—IP Routing Command Reference.
[RouterB] ipv6 route-static 3:: 64 5::1 # Enable IPv6 and configure the IPv6 default route on Router C. system-view [RouterC] ipv6 [RouterC] ipv6 route-static :: 0 5::2 3. Configure the IPv6 addresses of hosts and gateways: Configure the IPv6 addresses of all the hosts based on the network diagram, and configure the default gateway of Host A as 1::1, Host B as 2::1, and Host C as 3::1. 4. Verify the configuration: # Display the IPv6 routing table on Router A.
5 packet(s) transmitted 5 packet(s) received 0.
Configuring an IPv6 default route An IPv6 default route is used to forward packets that match no entry in the routing table. An IPv6 default route can be configured in either of the following ways: • The network administrator can configure a default route with a destination prefix of ::/0. For more information, see "Configuring IPv6 static routing." • Some dynamic routing protocols, such as OSPFv3, RIPng, and IPv6 IS-IS, can generate an IPv6 default route.
Configuring RIPng Overview RIP next generation (RIPng) is an extension of RIP-2 for IPv4. Most RIP concepts are applicable in RIPng. RIPng for IPv6 has the following basic differences from RIP: • UDP port number—RIPng uses UDP port 521 for sending and receiving routing information. • Multicast address—RIPng uses FF02::9 as the link-local-router multicast address. • Destination Prefix—128-bit destination address prefix. • Next hop—128-bit IPv6 address.
RIPng packet format Basic format A RIPng packet consists of a header and multiple route table entries (RTEs). The maximum number of RTEs in a packet depends on the IPv6 MTU of the sending interface. Figure 90 RIPng basic packet format Packet header description: • Command—Type of message. 0x01 indicates Request, 0x02 indicates Response. • Version—Version of RIPng. It can only be 0x01. • RTE—Route table entry. It is 20 bytes for each entry.
RIPng packet processing procedure Request packet When a RIPng router first starts or must update entries in its routing table, it usually sends a multicast request packet to ask for needed routes from neighbors. The receiving RIPng router processes RTEs in the request. If only one RTE exists with the IPv6 prefix and prefix length both being 0 and with a metric value of 16, the RIPng router responds with the entire routing table information in response messages.
Configuring RIPng basic functions This section presents the information to configure the basic RIPng features. You must enable RIPng first before you configure other tasks, but it is not necessary for RIPng-related interface configurations, such as assigning an IPv6 address. Configuration prerequisites Before you configure RIPng basic functions, complete the following tasks: • Enable IPv6 packet forwarding.
Configuring an additional routing metric An additional routing metric can be added to the metric of an inbound or outbound RIPng route. The outbound additional metric is added to the metric of a sent route. The route's metric in the routing table is not changed. The inbound additional metric is added to the metric of a received route before the route is added into the routing table, so the route's metric is changed. To configure an inbound or outbound additional routing metric: Step Command Remarks 1.
Configuring a RIPng route filtering policy You can reference a configured IPv6 ACL or prefix list to filter received or advertised routing information. You can also specify a routing protocol to filter outbound routes redistributed from the protocol. To configure a RIPng route filtering policy: Step Command Remarks 1. Enter system view. system-view N/A 2. Enter RIPng view. ripng [ process-id ] [ vpn-instance vpn-instance-name ] N/A 3. Configure a filter policy to filter incoming routes.
Tuning and optimizing the RIPng network This section describes how to tune and optimize the performance of the RIPng network, as well as applications under special network environments. Before tuning and optimizing the RIPng network, complete the following tasks: • Configure a network layer address for each interface. • Configure the basic RIPng functions. Configuring RIPng timers You can adjust RIPng timers to optimize the performance of the RIPng network.
Step Command Remarks N/A 2. Enter interface view. interface interface-type interface-number 3. Enable the split horizon function. ripng split-horizon Optional. Enabled by default. Configuring the poison reverse function The poison reverse function enables a route learned from an interface to be advertised through the interface. However, the metric of the route is set to 16, which means the route is unreachable. To configure poison reverse: Step Command Remarks 1. Enter system view.
Applying IPsec policies for RIPng To protect routing information and defend attacks, RIPng supports using an IPsec policy to authenticate protocol packets. Outbound RIPng packets carry the Security Parameter Index (SPI) defined in the relevant IPsec policy. A device uses the SPI carried in a received packet to match against the configured IPsec policy. If they match, the device accepts the packet. Otherwise, it discards the packet and does not establish a neighbor relationship with the sending device.
Task Command Remarks Display configuration information of a RIPng process. display ripng [ process-id | vpn-instance vpn-instance-name ] [ | { begin | exclude | include } regular-expression ] Available in any view. Display routes in the RIPng database. display ripng process-id database [ | { begin | exclude | include } regular-expression ] Available in any view. Display the routing information of a specified RIPng process.
[RouterA] interface gigabitethernet 2/1/2 [RouterA-Gigabitethernet2/1/2] ripng 1 enable [RouterA-Gigabitethernet2/1/2] quit # Configure Router B. system-view [RouterB] ripng 1 [RouterB-ripng-1] quit [RouterB] interface gigabitethernet 2/1/1 [RouterB-Gigabitethernet2/1/1] ripng 1 enable [RouterB-Gigabitethernet2/1/1] quit [RouterB] interface gigabitethernet 2/1/2 [RouterB-Gigabitethernet2/1/2] ripng 1 enable [RouterB-Gigabitethernet2/1/2] quit # Configure Router C.
[RouterB] ripng 1 [RouterB-ripng-1] filter-policy 2000 import [RouterB-ripng-1] filter-policy 2000 export # Display routing tables of Router B and Router A.
Configuration procedure 1. Configure IPv6 addresses for the interfaces. (Details not shown.) 2. Configure RIPng basic functions: # Enable RIPng 100 on Router A. system-view [RouterA] ripng 100 [RouterA-ripng-100] quit [RouterA] interface gigabitethernet 2/1/1 [RouterA-Gigabitethernet2/1/1] ripng 100 enable [RouterA-Gigabitethernet2/1/1] quit [RouterA] interface gigabitethernet 2/1/2 [RouterA-Gigabitethernet2/1/2] ripng 100 enable # Enable RIPng 100 and RIPng 200 on Router B.
Interface 3. : InLoop0 Cost : 0 Destination: 2::/64 Protocol : Direct NextHop : 2::1 Preference: 0 Interface : GE2/1/1 Cost : 0 Destination: 2::1/128 Protocol NextHop : ::1 Preference: 0 : Direct Interface : InLoop0 Cost : 0 Destination: FE80::/10 Protocol : Direct NextHop : :: Preference: 0 Interface : NULL0 Cost : 0 Configure RIPng route redistribution: # Configure route redistribution between the two RIPng processes on Router B.
NextHop : FE80::200:BFF:FE01:1C02 Interface : GE2/1/2 Preference: 100 Cost : 4 Destination: FE80::/10 Protocol : Direct NextHop : :: Preference: 0 Interface : NULL0 Cost : 0 Configuring RIPng IPsec policies Network requirements As shown in the following figure, • Configure RIPng on the routers. • Configure IPsec policies on the routers to authenticate and encrypt protocol packets. Figure 95 Network diagram Configuration procedure 1. Configure IPv6 addresses for interfaces.
3. Configure RIPng IPsec policies: # On Router A, create an IPsec proposal named tran1, and set the encapsulation mode to transport mode, the security protocol to ESP, the encryption algorithm to DES, and authentication algorithm to SHA1. Create an IPsec policy named policy001, specify the manual mode for it, reference IPsec proposal tran1, set the SPIs of the inbound and outbound SAs to 12345, and the keys for the inbound and outbound SAs using ESP to abcdefg.
[RouterC] ipsec policy policy001 10 manual [RouterC-ipsec-policy-manual-policy001-10] transform-set tran1 [RouterC-ipsec-policy-manual-policy001-10] sa spi outbound esp 12345 [RouterC-ipsec-policy-manual-policy001-10] sa spi inbound esp 12345 [RouterC-ipsec-policy-manual-policy001-10] sa string-key outbound esp abcdefg [RouterC-ipsec-policy-manual-policy001-10] sa string-key inbound esp abcdefg [RouterC-ipsec-policy-manual-policy001-10] quit 4.
Configuring OSPFv3 Overview Open Shortest Path First version 3 (OSPFv3) supports IPv6 and complies with RFC 5340 (OSPF for IPv6).
• Router-LSA—Originated by all routers. This LSA describes the collected states of the router's interfaces to an area, and is flooded throughout a single area only. • Network-LSA—Originated for broadcast and NBMA networks by the Designated Router. This LSA contains the list of routers connected to the network, and is flooded throughout a single area only. • Inter-Area-Prefix-LSA—Originated by Area Border Routers (ABRs), and flooded throughout the LSA's associated area.
LSA delay timer Each LSA has an age in the local link state database (LSDB) (incremented by one per second), but an LSA does not age on transmission. You must add an LSA delay time into the age time before transmission, which is important for low-speed networks. SPF timer Whenever the LSDB changes, an SPF calculation happens. If recalculations become frequent, a large amount of resources are occupied.
Task Remarks information control Tuning and optimizing OSPFv3 networks Configuring OSPFv3 GR Configuring an OSPFv3 cost for an interface Optional. Configuring the maximum number of OSPFv3 ECMP routes Optional. Configuring a priority for OSPFv3 Optional. Configuring OSPFv3 route redistribution Optional. Configuring OSPFv3 timers Optional. Configuring a DR priority for an interface Optional. Ignoring MTU check for DD packets Optional.
Step Command Remarks 3. Specify a router ID. router-id router-id N/A 4. Enter interface view. interface interface-type interface-number N/A 5. Enable an OSPFv3 process on the interface. ospfv3 process-id area area-id [ instance instance-id ] Not enabled by default. Configuring OSPFv3 area parameters The stub area, NSSA area, and virtual link features of OSPFv3 are the same as OSPFv2. Splitting an OSPFv3 AS into multiple areas reduces the number of LSAs and extends OSPFv3 applications.
Step 5. Command Specify a cost for the default route advertised to the stub area. Remarks Optional. default-cost value The cost for the default route advertised to the stub area is 1. Configuring an OSPFv3 NSSA area Step Command Remarks 1. Enter system view. system-view N/A 2. Enter OSPFv3 view. ospfv3 [ process-id ] N/A 3. Enter OSPFv3 area view. area area-id N/A 4. Configure the area as an NSSA area.
Configuring OSPFv3 network types OSPFv3 classifies networks into the following types by the link layer protocol: By default, the OSPFv3 interface network types vary with the link layer protocols of the interfaces: • When the link layer protocol is PPP, OSPFv3 considers the network type as P2P by default. • When the link layer protocol is Ethernet, OSPFv3 considers the network type as broadcast by default.
Step Command Specify an NBMA or P2MP (unicast) neighbor and its DR priority. 3. ospfv3 peer ipv6-address [ dr-priority dr-priority ] [ instance instance-id ] Configuring OSPFv3 routing information control This section describes how to configure the control of OSPFv3 routing information advertisement and reception, and redistribution from other protocols. Configuration prerequisites Before you configure OSPFv3 routing information control, complete the following tasks: • Enable IPv6 packet forwarding.
NOTE: The filter-policy import command can only filter routes computed by OSPFv3. Only routes not filtered out can be added into the local routing table. Configuring an OSPFv3 cost for an interface You can configure an OSPFv3 cost for an interface with one of the following methods: • Configure the cost value in interface view.
Step Command Specify the maximum number of ECMP routes. 3. Remarks Optional. maximum load-balancing maximum By default, he maximum number of ECMP routes is 8. Configuring a priority for OSPFv3 A router can run multiple routing protocols. The system assigns a priority to each protocol. When these routing protocols find the same route, the route found by the protocol with the highest priority is selected. To configure a priority for OSPFv3: Step Command Remarks 1. Enter system view.
Step Command 5. Inject a default route. default-route-advertise [ always | cost value | type type | route-policy route-policy-name ] * Filter redistributed routes. filter-policy { acl6-number | ipv6-prefix ipv6-prefix-name } export [ isisv6 process-id | ospfv3 process-id | ripng process-id | bgp4+ | direct | static ] 6. Remarks Optional. Not injected by default. Optional. Not configured by default.
Step Command Remarks 4. Specify the poll interval. ospfv3 timer poll seconds [ instance instance-id ] 5. Configure the dead interval. ospfv3 timer dead seconds [ instance instance-id ] 6. Configure the LSA retransmission interval. ospfv3 timer retransmit interval [ instance instance-id ] 7. Configure the LSA transmission delay. ospfv3 trans-delay seconds [ instance instance-id ] 8. Return to system view. quit N/A 9. Enter OSPFv3 view. ospfv3 [ process-id ] N/A Optional.
Step Command Remarks 1. Enter system view. system-view N/A 2. Enter interface view. interface interface-type interface-number N/A 3. Ignore MTU check for DD packets. ospfv3 mtu-ignore [ instance instance-id ] Not ignored by default. Disabling interfaces from receiving and sending OSPFv3 packets Follow these guidelines when you disable interfaces from receiving and sending OSPFv3 packets: • Multiple OSPFv3 processes can disable the same interface from receiving and sending OSPFv3 packets.
GR helper—The neighbor of the GR restarter. It helps the GR restarter to complete the GR process. • To prevent service interruption after an active/standby MPU switchover in standalone mode or a global active/standby MPU switchover in IRF mode, a GR restarter running OSPFv3 must complete the following tasks: • Keep the GR restarter forwarding entries stable during reboot. • Establish all adjacencies and obtain complete topology information after reboot.
Configuring BFD for OSPFv3 Bidirectional forwarding detection (BFD) provides a mechanism to quickly detect the connectivity of links between OSPFv3 neighbors, thus to improve the convergence speed of OSPFv3. After discovering neighbors by sending hello packets, OSPFv3 notifies BFD of the neighbor addresses, and BFD uses these addresses to establish sessions. Before a BFD session is established, it is in the down state.
Configuration prerequisites Before applying an IPsec policy for OSPFv3, complete the following tasks: • Create an IPsec proposal. • Create an IPsec policy. For more information about IPsec policy configuration, see Security Configuration Guide. Configuration procedure An IPsec policy used for OSPFv3 can only be in manual mode. For more information, see Security Configuration Guide. To apply an IPsec policy in an area: Step Command Remarks 1. Enter system view. system-view N/A 2.
Task Command Display OSPFv3 process brief information. display ospfv3 [ process-id ] [ | { begin | exclude | include } regular-expression ] Display OSPFv3 interface information. display ospfv3 interface [ interface-type interface-number | statistic ] [ | { begin | exclude | include } regular-expression ] Display OSPFv3 LSDB information.
OSPFv3 configuration examples Configuring OSPFv3 areas Network requirements As shown in Figure 97: • Enable OSPFv3 on all routers. • Split the AS into three areas. • Configure Router B and Router C as ABRs to forward routing information between areas. • Configure Area 1 as an NSSA area. • Configure Area 2 as a stub area to reduce LSAs in the area without affecting route reachability.
[RouterB] ospfv3 1 [RouterB-ospfv3-1] router-id 2.2.2.2 [RouterA-ospfv3-1] area 1 [RouterA-ospfv3-1-area-0.0.0.1] nssa [RouterB-ospfv3-1] quit [RouterB] interface GigabitEthernet 2/2/0 [RouterB-GigabitEthernet2/2/0] ospfv3 1 area 0 [RouterB-GigabitEthernet2/2/0] quit [RouterB] interface GigabitEthernet 2/2/1 [RouterB-GigabitEthernet2/2/1] ospfv3 1 area 1 [RouterB-GigabitEthernet2/2/1] quit # Configure Router C. system-view [RouterC] ipv6 [RouterC] ospfv3 1 [RouterC-ospfv3-1] router-id 3.3.3.
OSPFv3 Area ID 0.0.0.0 (Process 1) ---------------------------------------------------------------------Neighbor ID Pri State Dead Time Interface Instance ID 2.2.2.2 1 Full/DR 00:00:35 GE2/2/0 0 OSPFv3 Area ID 0.0.0.2 (Process 1) ---------------------------------------------------------------------Neighbor ID Pri State Dead Time Interface Instance ID 4.4.4.4 1 Full/Backup 00:00:36 GE2/2/1 0 # Display OSPFv3 routing information on Router D.
I - Intra area route, E1 - Type 1 external route, IA - Inter area route, E2 – Type 2 external route, E2 - Type 2 external route, * N1 – Type 1 NSSA route N2 – Type 2 NSSA route - Seleted route OSPFv3 Router with ID (4.4.4.
Configuring OSPFv3 DR election Network requirements • As shown in Figure 98, the priority of Router A is 100, the highest priority on the network, so it becomes the DR. • The priority of Router C is 2, the second highest priority on the network, so it becomes the BDR. • The priority of Router B is 0, so it cannot become a DR. • Router D has the default priority 1.
[RouterC] ipv6 [RouterC] ospfv3 [RouterC-ospfv3-1] router-id 3.3.3.3 [RouterC-ospfv3-1] quit [RouterC] interface GigabitEthernet 2/1/1 [RouterC-GigabitEthernet2/1/1] ospfv3 1 area 0 [RouterC-GigabitEthernet2/1/1] quit # Configure Router D. system-view [RouterD] ipv6 [RouterD] ospfv3 [RouterD-ospfv3-1] router-id 4.4.4.
# Display neighbor information on Router A. DR priorities have been updated, but the DR and BDR are not changed. [RouterA] display ospfv3 peer OSPFv3 Area ID 0.0.0.0 (Process 1) ---------------------------------------------------------------------Neighbor ID Pri State Dead Time Interface Instance ID 2.2.2.2 0 2-Way/DROther 00:00:38 GE2/1/1 0 3.3.3.3 2 Full/Backup 00:00:32 GE2/1/1 0 4.4.4.4 1 Full/DR 00:00:36 GE2/1/1 0 # Display neighbor information on Router D.
destined for 1::0/64 and 2::0/64, and Router A cannot learn the routes destined for 3::0/64 or 4::0/64. Figure 99 Network diagram Configuration procedure 1. Configure IPv6 addresses for interfaces. (Details not shown.) 2. Configure OSPFv3 basic functions: # Enable OSPFv3 process 1 on Router A. system-view [RouterA] ipv6 [RouterA] ospfv3 1 [RouterA-ospfv3-1] router-id 1.1.1.
[RouterC-ospfv3-2] router-id 4.4.4.4 [RouterC-ospfv3-2] quit [RouterC] interface GigabitEthernet 2/1/2 [RouterC-GigabitEthernet2/1/2] ospfv3 2 area 2 [RouterC-GigabitEthernet2/1/2] quit [RouterC] interface GigabitEthernet 2/1/1 [RouterC-GigabitEthernet2/1/1] ospfv3 2 area 2 [RouterC-GigabitEthernet2/1/1] quit # Display the routing table of Router C. [RouterC] display ipv6 routing-table Routing Table : Destinations : 6 3.
Destination: ::1/128 Protocol NextHop : ::1 Preference: 0 Interface : InLoop0 Cost : 0 Destination: 1::/64 Protocol : OSPFv3 NextHop : FE80::200:CFF:FE01:1C03 Preference: 150 Interface : GE2/1/2 Cost : Direct : 3 Destination: 2::/64 Protocol NextHop : FE80::200:CFF:FE01:1C03 Preference: 150 Interface : GE2/1/2 Cost : 3 Destination: 3::/64 Protocol : Direct NextHop : 3::2 Preference: 0 Interface : GE2/1/2 Cost : OSPFv3 : 0 Destination: 3::2/128 Protocol NextHop : ::
Figure 100 Network diagram Configuration procedure 1. Configure IPv6 addresses for interfaces. (Details not shown.) 2. Configure OSPFv3 basic functions: # On Router A, enable OSPFv3 process 1, enable GR, and set the router ID to 1.1.1.1. system-view [RouterA] ipv6 [RouterA] ospfv3 1 [RouterA-ospfv3-1] router-id 1.1.1.
[RouterC-GigabitEthernet2/1/1] quit 3. Verify the configuration: # After all routers function correctly, perform a master/backup switchover on Router A to trigger an OSPFv3 GR operation. Configuring BFD for OSPFv3 Network requirements As shown in Figure 101: • Configure OSPFv3 on Router A, Router B and Router C and configure BFD over the link Router A<—>L2 Switch<—>Router B. • After the link Router A<—>L2 Switch<—>Router B fails, BFD can quickly detect the failure and notify OSPFv3 of the failure.
[RouterA-Gigabitethernet2/1/2] ospfv3 1 area 0 [RouterA-Gigabitethernet2/1/2] quit # Configure Router B. Enable OSPFv3 and configure the router ID as 2.2.2.2. system-view [RouterB] ipv6 [RouterB] ospfv3 1 [RouterB-ospfv3-1] router-id 2.2.2.
IPv6 Session Working Under Ctrl Mode: Local Discr: 1441 Remote Discr: 1450 Source IP: FE80::20F:FF:FE00:1202 (link-local address of Gigabitethernet2/1/1 on Router A) Destination IP: FE80::20F:FF:FE00:1200 (link-local address of Gigabitethernet2/1/1 on Router B) Session State: Up Hold Time: Interface: GE2/1/1 / # Display routes to 2001:4::0/64 on Router A, and you can see that Router A communicates with Router B through the Layer 2 switch.
*Nov 5 11:37:43:062 2009 RouterA RM/6/RMDEBUG: OSPFv3 OSPFv3-BFD: Message Type delete session, Connect Type direct-connect, Src IP Address FE80::20F:FF:FE00:1202, Dst IP Address FE80::20F:FF:FE00:1200. # Display the BFD information of Router A. You can see that Router A has removed its neighbor relationship with Router B and therefore no information is output.
[RouterA] ipv6 [RouterA] ospfv3 1 [RouterA-ospfv3-1] router-id 1.1.1.1 [RouterA-ospfv3-1] quit [RouterA] interface GigabitEthernet 2/2/1 [RouterA-GigabitEthernet2/2/1] ospfv3 1 area 1 [RouterA-GigabitEthernet2/2/1] quit # Configure Router B: enable OSPFv3 and configure the Router ID as 2.2.2.2. system-view [RouterB] ipv6 [RouterB] ospfv3 1 [RouterB-ospfv3-1] router-id 2.2.2.
# On Router B, create an IPsec proposal named tran1, and set the encapsulation mode to transport mode, the security protocol to ESP, the encryption algorithm to DES, and authentication algorithm to SHA1. Create an IPsec policy named policy001, specify the manual mode for it, reference IPsec proposal tran1, set the SPIs of the inbound and outbound SAs to 12345, and the keys for the inbound and outbound SAs using ESP to abcdefg.
[RouterC-ipsec-policy-manual-policy002-10] sa spi inbound esp 54321 [RouterC-ipsec-policy-manual-policy002-10] sa string-key outbound esp gfedcba [RouterC-ipsec-policy-manual-policy002-10] sa string-key inbound esp gfedcba [RouterC-ipsec-policy-manual-policy002-10] quit 4. Apply the IPsec policies in areas: # Configure Router A. [RouterA] ospfv3 1 [RouterA-ospfv3-1] area 1 [RouterA-ospfv3-1-area-0.0.0.1] enable ipsec-policy policy001 [RouterA-ospfv3-1-area-0.0.0.
3. Ping the neighbor router's IP address to check connectivity. 4. Check OSPFv3 timers. The dead interval on an interface must be at least four times the hello interval. 5. On a broadcast network, at least one interface must have a DR priority higher than 0. Incorrect routing information Symptom OSPFv3 cannot find routes to other areas. Analysis The backbone area must maintain connectivity to all other areas.
Configuring IPv6 IS-IS This chapter describes how to configure IPv6 IS-IS, which supports all IPv4 IS-IS features except that it advertises IPv6 routing information. For information about IS-IS, see "Configuring IS-IS." Overview Intermediate System-to-Intermediate System (IS-IS) supports multiple network protocols, including IPv6. To support IPv6, the IETF added two type-length-values (TLVs) and a new network layer protocol identifier (NLPID).
Step Command Remarks 4. Enable IPv6 for the IS-IS process. ipv6 enable Disabled by default. 5. Return to system view. quit N/A 6. Enter interface view. interface interface-type interface-number N/A 7. Enable IPv6 for an IS-IS process on the interface. isis ipv6 enable [ process-id ] Disabled by default. Configuring IPv6 IS-IS route control Before you configure IPv6 IS-IS route control, complete basic IPv6 IS-IS configuration. For information about ACL, see ACL and QoS Configuration Guide.
Step Command Remarks 10. Enable route leaking. ipv6 import-route isisv6 level-2 into level-1 [ filter-policy { acl6-number | ipv6-prefix ipv6-prefix-name | route-policy route-policy-name } | tag tag ] * Optional. Not enabled by default. Optional. 11. Specify the maximum number of equal-cost load balanced routes. ipv6 maximum load-balancing number The default maximum number of equal-cost load balanced routes is 8.
different, routers supporting both IPv4 and IPv6 send IPv6 packets to routers that do not support IPv6, and thus packet loss occurs. To resolve this issue, configure IPv6 IS-IS Multi-Topology Routing (MTR) to perform route calculation separately in IPv4 and IPv6 topologies. Figure 103 Network diagram Router A Router B IPv6 IPv6 4 IPv6 IPv4 36 3 IPv6 IPv4 5 IPv4 IPv4 Router D Router C In Figure 103, the numbers refer to the link costs. Router A, Router B, and Router D support both IPv4 and IPv6.
Task Command Remarks Display brief IPv6 IS-IS information. display isis brief [ | { begin | exclude | include } regular-expression ] Available in any view. Display the status of the debug switches. display isis debug-switches { process-id | vpn-instance vpn-instance-name } [ | { begin | exclude | include } regular-expression ] Available in any view. Display IS-IS enabled interface information.
IPv6 IS-IS configuration examples IPv6 IS-IS basic configuration example Network requirements As shown in Figure 104, Router A, Router B, Router C, and Router D, all enabled with IPv6, reside in the same autonomous system. Configure IPv6 IS-IS on the routers so that they can reach each other. Router A and Router B are Level-1 routers, Router D is a Level-2 router, and Router C is a Level-1-2 router. Router A, Router B, and Router C belong to area 10, and Router D is in area 20.
[RouterB] interface serial 2/2/0 [RouterB-Serial2/2/0] isis ipv6 enable 1 [RouterB-Serial2/2/0] quit # Configure Router C. system-view [RouterC] ipv6 [RouterC] isis 1 [RouterC-isis-1] network-entity 10.0000.0000.0003.
Next Hop : Direct Interface: S2/2/0 Destination: 2001:2:: PrefixLen: 64 Flag : R/-/- Cost Next Hop : FE80::200:FF:FE0F:4 Interface: S2/2/0 : 20 Destination: 2001:3:: PrefixLen: 64 Flag : R/-/- Cost Next Hop : FE80::200:FF:FE0F:4 Interface: S2/2/0 : 20 Flags: D-Direct, R-Added to RM, L-Advertised in LSPs, U-Up/Down Bit Set # Display the IPv6 IS-IS routing table of Router B.
Destination: 2001:2:: PrefixLen: 64 Flag : D/L/- Cost Next Hop : Direct Interface: S2/2/0 : 10 Destination: 2001:3:: PrefixLen: 64 Flag : D/L/- Cost Next Hop : Direct Interface: S2/2/2 : 10 Flags: D-Direct, R-Added to RM, L-Advertised in LSPs, U-Up/Down Bit Set ISIS(1) IPv6 Level-2 Forwarding Table ------------------------------------Destination: 2001:1:: PrefixLen: 64 Flag : D/L/- Cost Next Hop : Direct Interface: S2/2/1 : 10 Destination: 2001:2:: PrefixLen: 64 Flag : D/L/-
Next Hop : Direct Interface: S2/2/0 Destination: 2001:4::1 PrefixLen: 128 Flag : D/L/- Cost Next Hop : Direct Interface: GE2/1/1 : 0 Flags: D-Direct, R-Added to RM, L-Advertised in LSPs, U-Up/Down Bit Set Configuring BFD for IPv6 IS-IS Network requirements As shown in Figure 105, configure IPv6 IS-IS on Router A, Router B, and Router C and configure BFD over the link Router A<—>L2 Switch<—>Router B.
[RouterA-GigabitEthernet2/1/1] isis ipv6 enable 1 [RouterA-GigabitEthernet2/1/1] quit [RouterA] interface gigabitethernet 2/1/2 [RouterA-GigabitEthernet2/1/2] isis ipv6 enable 1 [RouterA-GigabitEthernet2/1/2] quit # Configure Router B. system-view [RouterB] ipv6 [RouterB] isis 1 [RouterB-isis-1] is-level level-1 [RouterB-isis-1] network-entity 10.0000.0000.0002.
[RouterB-GigabitEthernet2/1/1] bfd detect-multiplier 6 4. Verify configuration: The following operations are made on Router A. Operations for Router B are similar. # Display BFD session information of Router A.
#Aug 8 14:54:05:362 2009 RouterA IFNET/4/INTERFACE UPDOWN: Trap 1.3.6.1.6.3.1.1.5.3: Interface 983041 is Down, ifAdminStatus is 1, ifOperStatus is 2 #Aug 8 14:54:05:363 2009 RouterA ISIS/4/ADJ_CHANGE:TrapID(1.3.6.1.2.1.138.0.17), ISIS Level-2 Adjencency IN Circuit-983041 State Change. #Aug 8 14:54:05:364 2008 RouterA ISIS/4/ADJ_CHANGE:TrapID(1.3.6.1.2.1.138.0.17), ISIS Level-1 Adjencency IN Circuit-983041 State Change.
Configuring IPv6 IS-IS MTR Network requirements As shown in Figure 106, enable IPv6 IS-IS MTR to make the routers perform route calculation separately in IPv4 and IPv6 topologies. Figure 106 Network diagram Configuration procedure 1. Configure IPv4 and IPv6 addresses for the interfaces on each router and configure IS-IS: Follow Figure 106 to configure the IPv4 and IPv6 address and subnet mask of each interface on the routers. (Details not shown.
Route information for ISIS(1) ----------------------------- ISIS(1) IPv6 Level-1 Forwarding Table ------------------------------------Destination: 12:: PrefixLen: 64 Flag : D/L/- Cost Next Hop : Direct Interface: GE2/1/1 : 4 Destination: 44::1 PrefixLen: 128 Flag : R/L/- Cost Next Hop : FE80::200:5EFF:FE00:F11 Interface: GE2/1/2 : 36 Destination: 14:: PrefixLen: 64 Flag : D/L/- Cost Next Hop : Direct Interface: GE2/1/2 : 36 Flags: D-Direct, R-Added to RM, L-Advertised in LSPs, U-
Configuring IPv6 BGP This chapter describes only configuration for IPv6 BGP. For BGP-related information, see "Configuring BGP." IPv6 BGP overview BGP-4 can only carry IPv4 routing information. To support multiple network layer protocols, IETF extended BGP-4 by introducing Multiprotocol Border Gateway Protocol (MP-BGP). MP-BGP for IPv6 is called "IPv6 BGP" for short. IPv6 BGP puts IPv6 network layer information into the attributes of Network Layer Reachability Information (NLRI) and NEXT_HOP.
Task Configuring IPv6 BGP route attributes Tuning and optimizing IPv6 BGP networks Configuring a large-scale IPv6 BGP network Configuring 6PE Remarks Advertising a default route to an IPv6 peer or peer group Optional. Configuring outbound route filtering Optional. Configuring inbound route filtering Optional. Configuring IPv6 BGP and IGP route synchronization Optional. Configuring route dampening Optional.
Specifying an IPv6 BGP peer Step Command Remarks 1. Enter system view. system-view N/A 2. Enter BGP view. bgp as-number N/A 3. Specify a router ID. router-id router-id 4. Enter IPv6 address family view or IPv6 BGP-VPN instance view. ipv6-family [ vpn-instance vpn-instance-name ] N/A Specify an IPv6 peer. peer ipv6-address as-number as-number N/A Optional. 5. Required, if no IP addresses are configured for any interfaces. Injecting a local IPv6 route Step Command Remarks 1.
Step 3. 4. Command Remarks Enter IPv6 address family view or IPv6 BGP-VPN instance view. ipv6-family [ vpn-instance vpn-instance-name ] N/A Configure a preferred value for routes received from an IPv6 peer or peer group. peer { ipv6-group-name | ipv6-address } preferred-value value By default, the preferred value is 0. IPv6 BGP-VPN instance view does not support the ipv6-group-name argument.
Step Command Remarks 2. Enter BGP view. bgp as-number N/A 3. Enter IPv6 address family view. ipv6-family N/A 4. Allow the establishment of EBGP connection to an indirectly connected peer or peer group. peer { ipv6-group-name | ipv6-address } ebgp-max-hop [ hop-count ] Not configured by default. Configuring a description for an IPv6 peer or peer group Step Command Remarks 1. Enter system view. system-view N/A 2. Enter BGP view. bgp as-number N/A 3. Enter IPv6 address family view.
Step Enter IPv6 address family view. 4. Command Remarks ipv6-family N/A Optional. Enable the state change logging for an IPv6 peer or peer group. 5. peer { ipv6-group-name | ipv6-address } log-change Enabled by default. For information about the command, see Layer 3—IP Routing Command Reference. Controlling route distribution and reception This task includes routing information filtering, routing policy application, and route dampening.
To configure IPv6 BGP route summarization: Step Command Remarks 1. Enter system view. system-view N/A 2. Enter BGP view. bgp as-number N/A 3. Enter IPv6 address family view. ipv6-family N/A 4. Configure manual route summarization. aggregate ipv6-address prefix-length [ as-set | attribute-policy route-policy-name | detail-suppressed | origin-policy route-policy-name | suppress-policy route-policy-name ] * Not configured by default.
Step Command Remarks Not applied by default. 5. Apply a routing policy to routes advertised to an IPv6 peer or peer group. peer { ipv6-group-name | ipv6-address } route-policy route-policy-name export 6. Specify an IPv6 ACL to filter routes advertised to an IPv6 peer or peer group. peer { ipv6-group-name | ipv6-address } filter-policy acl6-number export 7. Specify an AS path ACL to filter routes advertised to an IPv6 peer or peer group.
Step 7. 8. 9. Command Remarks Specify an AS path ACL to filter routing information imported from an IPv6 peer or peer group. peer { ipv6-group-name | ipv6-address } as-path-acl as-path-acl-number import Not specified by default. Specify an IPv6 prefix list to filter routing information imported from an IPv6 peer or peer group. peer { ipv6-group-name | ipv6-address } ipv6-prefix ipv6-prefix-name import Not specified by default.
Configuring IPv6 BGP route attributes This section describes how to use IPv6 BGP route attributes to modify BGP routing policy. The attributes include the following: • IPv6 BGP protocol preference • Default LOCAL_PREF attribute • MED attribute • NEXT_HOP attribute • AS_PATH attribute Configuration prerequisites Before you configure IPv6 BGP route attributes, complete the following tasks: • Enable IPv6 function. • Configure IPv6 BGP basic functions.
Step 6. Command Advertise routes to an IPv6 peer or peer group with the local router as the next hop. peer { ipv6-group-name | ipv6-address } next-hop-local Remarks By default, IPv6 BGP specifies the local router as the next hop for routes sent to an IPv6 EBGP peer or peer group, but does not change the next hop for routes sent to an IPv6 IBGP peer or peer group. The IPv6 BGP-VPN instance view does not support this command. Configuring the MED attribute Step Command Remarks 1. Enter system view.
Step 4. 5. 6. 7. 8. Command Remarks Allow the local AS number to appear in AS_PATH of routes from a peer or peer group and specify the repeat times. peer { ipv6-group-name | ipv6-address } allow-as-loop [ number ] Optional. Specify a fake AS number for an IPv6 peer or peer group. peer { ipv6-group-name | ipv6-address } fake-as as-number Optional. Disable IPv6 BGP from considering the AS_PATH during best route selection.
Configure IPv6 BGP basic functions. • Configuring IPv6 BGP timers To configure IPv6 BGP timers: Step Command Remarks 1. Enter system view. system-view N/A 2. Enter BGP view. bgp as-number N/A 3. Enter IPv6 address family view. ipv6-family N/A Optional. • Specify keepalive interval and holdtime: timer keepalive keepalive hold holdtime 4. Configure IPv6 BGP timers.
Performing manual soft-reset Step Command Remarks 1. Enter system view. system-view N/A 2. Enter BGP view. bgp as-number N/A 3. Enter IPv6 address family view. ipv6-family N/A 4. Save all routes from an IPv6 peer or peer group, not letting them go through the inbound policy. peer { ipv6-group-name | ipv6-address } keep-all-routes Optional. 5. Return to user view. return N/A 6. Soft-reset BGP connections manually.
Step Command Remarks 5. Enable the non-standard ORF capability for a BGP peer or peer group. peer { group-name | ipv6-address } capability-advertise orf non-standard 6. Enable the ORF IP prefix negotiation capability for a BGP peer or peer group. peer { group-name | ip-address | ipv6-address } capability-advertise orf ipv6-prefix { both | receive | send } Optional. By default, standard BGP ORF capability defined in RFC 5291 and RFC 5292 is supported. Not supported by default.
Configuring the maximum number of ECMP routes Step Command Remarks 1. Enter system view. system-view N/A 2. Enter BGP view. bgp as-number N/A 3. Enter IPv6 address family view or IPv6 BGP-VPN instance view. ipv6-family [ vpn-instance vpn-instance-name ] N/A Configure the maximum number of ECMP routes. balance [ ebgp | ibgp ] number By default, no load balancing is enabled. 4. Enabling MD5 authentication for TCP connections IPv6 BGP employs TCP as the transport protocol.
• Create an IPsec proposal. • Create an IPsec policy. For more information about IPsec policy configuration, see Security Configuration Guide. Configuration procedure An IPsec policy used for IPv6 BGP can be only in manual mode. For more information, see Security Configuration Guide. To apply an IPsec policy to a peer or peer group Step Command Remarks 1. Enter system view. system-view N/A 2. Enter BGP view. bgp as-number N/A 3. Enter IPv6 address family view. ipv6-family N/A 4.
NOTE: • The peer ttl-security hops command and the peer ebgp-max-hop command are mutually exclusive. • You must configure GTSM on both the local and peer devices, and you can specify different hop-count values in a valid range for them. Configuring a large-scale IPv6 BGP network In a large-scale IPv6 BGP network, configuration and maintenance become inconvenient because of too many peers. Configuring peer groups makes management easier and improves route distribution efficiency.
Step Command Remarks 1. Enter system view. system-view N/A 2. Enter BGP view. bgp as-number N/A 3. Enter IPv6 address family view. ipv6-family N/A 4. Create an EBGP peer group. group ipv6-group-name external N/A 5. Configure the AS number for the peer group. peer ipv6-group-name as-number as-number Not configured by default. 6. Add an IPv6 peer into the peer group. peer ipv6-address group ipv6-group-name Not added by default.
Step Command Remarks 4. Advertise community attribute to an IPv6 peer or peer group. peer { ipv6-group-name | ipv6-address } advertise-community Not advertised by default. 5. Advertise extended community attribute to an IPv6 peer or peer group. peer { ipv6-group-name | ipv6-address } advertise-ext-community Not advertised by default.
Step 6. Command Configure the cluster ID of the route reflector. Remarks Optional. reflector cluster-id cluster-id By default, a route reflector uses its router ID as the cluster ID. Configuring 6PE IPv6 provider edge (6PE) is a transition technology with which Internet service providers (ISPs) can use existing IPv4 backbone networks to provide access capability for sparsely populated IPv6 networks, allowing customer edge (CE) routers in these isolated IPv6 networks to communicate with IPv4 PE routers.
Step Command Remarks 1. Enter system view. system-view N/A 2. Enter BGP view. bgp as-number N/A 3. Specify the AS number for the 6PE peer or peer group. peer { ipv4-group-name | ipv4-address } as-number as-number Not specified by default. 4. Enter IPv6 address family view. ipv6-family N/A 5. Enable the 6PE peer or peer group. peer { ipv4-group-name | ipv4-address | ipv6-address } enable Not enabled by default. 6.
Step Command Remarks 12. Add a 6PE peer to an existing peer group. peer ipv4-address group group-name [ as-number as-number ] Optional. 13. Configure an inbound or outbound IPv6 prefix list based filtering policy for the 6PE peer or peer group. peer { group-name | ipv4-address } ipv6-prefix ipv6-prefix-name { import | export } Optional. 14. Keep all routes from the 6PE peer or peer group, including routes not passing the inbound filtering policy.
After a link failure occurs, BFD can detect the failure before the system performs GR and as a result, GR will fail. Therefore, if GR capability is enabled for IPv6 BGP, use BFD with caution. For more information about BFD, see High Availability Configuration Guide. To enable BFD for a BGP peer: Step Command Remarks 1. Enter system view. system-view N/A 2. Enable BGP and enter BGP view. bgp as-number Not enabled by default. 3. Enter IPv6 address family view or IPv6 BGP-VPN instance view.
Task Command Remarks Display IPv6 BGP routing information with the specified community attribute. display bgp ipv6 routing-table community [ aa:nn<1-13> ] [ no-advertise | no-export | no-export-subconfed ]* [ whole-match ] [ | { begin | exclude | include } regular-expression ] Available in any view. Display IPv6 BGP routing information matching an IPv6 BGP community list.
Task Command Remarks Reset IPv6 BGP connections. reset bgp ipv6 { as-number | ipv4-address | ipv6-address | all | external | group group-name | internal } Available in user view. Clearing IPv6 BGP information Task Command Remarks Clear dampened IPv6 BGP routing information and release suppressed routes. reset bgp ipv6 dampening [ ipv6-address prefix-length ] Available in user view. Clear IPv6 BGP route flap information.
[RouterB] bgp 65009 [RouterB-bgp] router-id 2.2.2.2 [RouterB-bgp] ipv6-family [RouterB-bgp-af-ipv6] peer 9:1::2 as-number 65009 [RouterB-bgp-af-ipv6] peer 9:3::2 as-number 65009 [RouterB-bgp-af-ipv6] quit [RouterB-bgp] quit # Configure Router C. system-view [RouterC] ipv6 [RouterC] bgp 65009 [RouterC-bgp] router-id 3.3.3.
Local AS number : 65009 Total number of peers : 3 Peer Peers in established state : 3 AS MsgRcvd MsgSent OutQ PrefRcv Up/Down State 10::2 65008 3 3 0 0 00:01:16 Established 9:3::2 65009 2 3 0 0 00:00:40 Established 9:1::2 65009 2 4 0 0 00:00:19 Established # Display IPv6 peer information on Router C. [RouterC] display bgp ipv6 peer BGP local router ID : 3.3.3.
system-view [RouterA] ipv6 [RouterA] bgp 100 [RouterA-bgp] router-id 1.1.1.1 [RouterA-bgp] ipv6-family [RouterA-bgp-af-ipv6] peer 100::2 as-number 200 [RouterA-bgp-af-ipv6] network 1:: 64 # Configure Router B system-view [RouterB] ipv6 [RouterB] bgp 200 [RouterB-bgp] router-id 2.2.2.2 [RouterB-bgp] ipv6-family [RouterB-bgp-af-ipv6] peer 100::1 as-number 100 [RouterB-bgp-af-ipv6] peer 101::1 as-number 200 [RouterB-bgp-af-ipv6] peer 101::1 next-hop-local # Configure Router C.
• Between the PE routers is the IPv4/MPLS network of an ISP. The two PEs establish an IPv4 IBGP connection in between, and the IGP used is OSPF. • The CEs reside in IPv6 networks. A CE and a PE exchange IPv6 packets through a static route • Connect the two IPv6 networks through the IPv4/MPLS network with the 6PE feature. Figure 110 Network diagram Configuration procedure 1. Configure CE 1: # Enable IPv6 packet forwarding. system-view [CE1] ipv6 # Specify IP addresses for interfaces.
[PE1-Serial2/2/0] quit # Configure an IP address for Serial 2/2/1 and enable MPLS and LDP. [PE1] interface serial 2/2/1 [PE1-Serial2/2/1] ip address 1.1.1.1 16 [PE1-Serial2/2/1] mpls [PE1-Serial2/2/1] mpls ldp [PE1-Serial2/2/1] quit # Configure IP addresses for Loopback 0. [PE1] interface loopback 0 [PE1-LoopBack0] ip address 2.2.2.2 32 [PE1-LoopBack0] ipv6 address 2::2/128 [PE1-LoopBack0] quit # Configure IBGP, enable the peer's 6PE capabilities, and redistribute IPv6 direct and static routes.
[PE2-Serial2/2/1] quit [PE2] interface serial 2/2/0 [PE2-Serial2/2/0] ipv6 address auto link-local [PE2-Serial2/2/0] quit [PE2] interface loopback 0 [PE2-LoopBack0] ip address 3.3.3.3 32 [PE2-LoopBack0] ipv6 address 3::3/128 [PE2-LoopBack0] quit # Configure IBGP, enable the peer's 6PE capabilities, and redistribute IPv6 direct and static routes. [PE2] bgp 65100 [PE2-bgp] peer 2.2.2.2 as-number 65100 [PE2-bgp] peer 2.2.2.
-------------------------------------------------------------FEC : 1::1 In Label : 1024 Out Label : ----- In Interface : ----- OutInterface : ----- Vrf Name : FEC : 2::2 In Label : 1025 Out Label : ----- In Interface : ----- OutInterface : ----- Vrf Name : --------------------------------------------------------------LSP Information: LDP LSP --------------------------------------------------------------FEC In/Out Label In/Out IF 3.3.3.3/32 NULL/3 -/S2/1 2.2.2.
Path/Ogn: ? After the above configuration, you can ping through the IPv6 address 4::4 of CE 2 from CE 1. IPv6 BGP IPsec policy configuration Network requirements • In Figure 111, configure IPv6 BGP on the routers. Routers A and B establish an IBGP relationship. Routers B and C establish an EBGP relationship. • Configure IPsec policies on the routers to authenticate and encrypt protocol packets. Figure 111 Network diagram Configuration procedure 1. Configure IPv6 addresses for interfaces.
[RouterC-bgp] ipv6-family [RouterC-bgp-af-ipv6] group ebgp external [RouterC-bgp-af-ipv6] peer 3::1 as-number 65008 [RouterC-bgp-af-ipv6] peer 3::1 group ebgp [RouterC-bgp-af-ipv6] quit [RouterC-bgp] quit # Configure Router B. [RouterB-bgp] ipv6-family [RouterB-bgp-af-ipv6] group ebgp external [RouterB-bgp-af-ipv6] peer 3::2 as-number 65009 [RouterB-bgp-af-ipv6] peer 3::2 group ebgp [RouterB-bgp-af-ipv6] quit [RouterB-bgp] quit 4.
[RouterB-ipsec-policy-manual-policy001-10] proposal tran1 [RouterB-ipsec-policy-manual-policy001-10] sa spi outbound esp 12345 [RouterB-ipsec-policy-manual-policy001-10] sa spi inbound esp 12345 [RouterB-ipsec-policy-manual-policy001-10] sa string-key outbound esp abcdefg [RouterB-ipsec-policy-manual-policy001-10] sa string-key inbound esp abcdefg [RouterB-ipsec-policy-manual-policy001-10] quit [RouterB] ipsec proposal tran2 [RouterB-ipsec-proposal-tran2] encapsulation-mode transport [RouterB-ipsec-proposal
[RouterB-bgp-af-ipv6] quit [RouterB-bgp] quit 6. Apply IPsec policies to EBGP peers: # Configure Router C. [RouterC] bgp 65009 [RouterC-bgp] ipv6-family [RouterC-bgp-af-ipv6] peer ebgp ipsec-policy policy002 [RouterC-bgp-af-ipv6] quit [RouterC-bgp] quit # Configure Router B. [RouterB] bgp 65008 [RouterB-bgp] ipv6-family [RouterB-bgp-af-ipv6] peer ebgp ipsec-policy policy002 [RouterB-bgp-af-ipv6] quit [RouterB-bgp] quit 7. Verify the configuration: # Display detailed IPv6 BGP peer information.
Type: EBGP link BGP version 4, remote router ID 3.3.3.
Figure 112 Network diagram Router B GE2/1/2 3001::2/64 GE2/1/1 3002::1/64 GE2/1/2 3001::1/64 AS 100 GE2/1/1 3002::2/64 AS 200 1200::0/64 Router A GE2/1/1 AS 300 Router C GE2/1/2 2002::2/64 2001::1/64 GE2/1/1 2001::2/64 GE2/1/2 2002::1/64 Router D Configuration procedure 1. Configure IP addresses for interfaces. (Details not shown.) 2. Configure OSPFv3 to make sure that Router A and Router C are reachable to each other. (Details not shown.) 3.
[RouterA] bgp 200 [RouterA-bgp] ipv6-family [RouterA-bgp-af-ipv6] peer 3002::2 route-policy apply_med_50 export [RouterA-bgp-af-ipv6] peer 2002::2 route-policy apply_med_100 export # Configure BFD over the link to peer 3002::2 so that when the link Router A<—>Router B<—>Router C fails, BFD can quickly detect the failure and notify it to IPv6 BGP, and then the link Router A<—>Router D<—>Router C takes effect immediately.
6. Verify the configuration: The following operations are made on Router C. Operations on Router A and Router B are similar. # Display detailed BFD session information.
Age : 4538sec Destination : 1200:: PrefixLength : 64 NextHop : 2001::1 Preference : 255 RelayNextHop : 2002::1 Tag : 0H Neighbor : 2001::1 ProcessID : 0 Interface : GigabitEthernet2/1/2 Protocol : BGP4+ State : Invalid Adv Cost : 100 Tunnel ID : 0x0 Label : NULL Age : 4515sec The output shows that Router C has two routes to reach network 1200::0/64: Router C<—>Router B<—>Router A, which is the currently active route, and Router C<—>Router D<—>Router A, which is the backup route
Configuring IPv6 policy-based routing Introduction to IPv6 policy-based routing What is policy-based routing Different from destination-based routing, policy-based routing (PBR) uses user-defined policies to route packets based on the source address, packet length, and other criteria. A policy can specify the output interface, next hop, default output interface, default next hop, and other parameters for packets that match specific criteria such as ACLs or have specific lengths.
Table 10 Priorities and meanings of the apply clauses Clause Meaning Priority apply ipv6-precedence Sets an IP precedence. If configured, this clause will always be executed. apply output-interface and apply ipv6-address next-hop Sets the output interface and sets the next hop. The apply output-interface clause takes precedence over the apply ipv6-address next-hop clause. Only the apply output-interface clause is executed when both are configured.
Task Remarks Creating an IPv6 node Configuring an IPv6 policy Configuring match criteria for an IPv6 node Required. Defining the actions for an IPv6 node Configuring IPv6 PBR Configuring IPv6 local PBR Required. Configuring IPv6 interface PBR Perform one of the tasks. Configuring an IPv6 policy Creating an IPv6 node Step Command 1. Enter system view. system-view 2. Create an IPv6 policy or policy node and enter IPv6 policy node view.
Step Command Remarks Optional. 3. Set a preference type or value for permitted IPv6 packets. apply ipv6-precedence { type | value } 4. Set an output interface for permitted IPv6 packets. apply output-interface interface-type interface-number 5. Set a next hop for permitted IPv6 packets. apply ipv6-address next-hop ipv6-address 6. Set a default output interface for permitted IPv6 packets. apply default output-interface interface-type interface-number Optional.
Step 2. Apply an IPv6 policy locally. Command Remarks ipv6 local policy-based-route policy-name Not applied by default. Configuring IPv6 interface PBR Configure PBR by applying an IPv6 policy on an interface. IPv6 PBR uses the policy to guide the forwarding of packets received on the interface. You can apply only one policy on an interface. If you perform the ipv6 policy-based-route command multiple times, only the last specified policy takes effect.
Task Command Remarks Display IPv6 PBR statistics (in IRF mode). display ipv6 policy-based-route statistics { interface interface-type interface-number | local } [ chassis chassis-number slot slot-number ] [ | { begin | exclude | include } regular-expression ] Available in any view. Display IPv6 PBR policy information (in standalone mode). display ipv6 config policy-based-route [ policy-name [ slot slot-number ] ] [ | { begin | exclude | include } regular-expression ] Available in any view.
[RouterA] ipv6 local policy-based-route aaa # Configure the IPv6 addresses for the serial ports. [RouterA] interface serial 2/2/0 [RouterA-Serial2/2/0] ipv6 address 1::1 64 [RouterA-Serial2/2/0] quit [RouterA] interface serial 2/2/1 [RouterA-Serial2/2/1] ipv6 address 2::1 64 2. Configure Router B: # Configure the IPv6 address for the serial port. system-view [RouterB] ipv6 [RouterB] interface serial 2/2/0 [RouterB-Serial2/2/0] ipv6 address 1::2 64 3.
Figure 114 Network diagram Configuration procedure 1. Configure Router A: # Configure RIPng. system-view [RouterA] ipv6 [RouterA] ripng 1 [RouterA-ripng-1] quit [RouterA] interface serial 2/2/0 [RouterA-Serial2/2/0] ipv6 address 1::1 64 [RouterA-Serial2/2/0] ripng 1 enable [RouterA-Serial2/2/0] quit [RouterA] interface serial 2/2/1 [RouterA-Serial2/2/1] ipv6 address 2::1 64 [RouterA-Serial2/2/1] ripng 1 enable [RouterA-Serial2/2/1] quit # Configure ACL 3001 to match TCP packets.
[RouterA-GigabitEthernet2/1/1] undo ipv6 nd ra halt [RouterA-GigabitEthernet2/1/1] ripng 1 enable [RouterA-GigabitEthernet2/1/1] ipv6 policy-based-route aaa 2. Configure Router B: # Configure RIPng. system-view [RouterB] ipv6 [RouterB] ripng 1 [RouterB-ripng-1] quit RouterB] interface serial 2/2/0 [RouterB-Serial2/2/0] ipv6 address 1::2 64 [RouterB-Serial2/2/0] ripng 1 enable 3. Configure Router C: # Configure RIPng.
Figure 115 Network diagram Configuration procedure 1. Configure Router A: # Configure RIPng.
[RouterB] ipv6 [RouterB] ripng 1 [RouterB-ripng-1] quit [RouterB] interface serial 2/2/0 [RouterB-Serial2/2/0] ipv6 address 150::2 64 [RouterB-Serial2/2/0] ripng 1 enable [RouterB-Serial2/2/0] quit [RouterB] interface serial 2/2/1 [RouterB-Serial2/2/1] ipv6 address 151::2 64 [RouterB-Serial2/2/1] ripng 1 enable [RouterB-Serial2/2/1] quit [RouterB] interface loopback 0 [RouterB-LoopBack0] ipv6 address 10::1 128 [RouterB-LoopBack0] ripng 1 enable 3.
*Jun 7 16:03:30:949 2009 RouterA PBR6/7/IPv6-POLICY-ROUTING: IPv6 Policy routin g success : POLICY_ROUTEMAP_IPV6 : lab1, Node : 10, Packet sent with next-hop 0150::0002 *Jun 7 16:03:31:949 2009 RouterA PBR6/7/IPv6-POLICY-ROUTING: IPv6 Policy routin g success : POLICY_ROUTEMAP_IPV6 : lab1, Node : 10, Packet sent with next-hop 0150::0002 The preceding information shows that Router A sets the next hop for the received packets to 150::2 according to PBR. The packets are forwarded through Serial 2/2/0.
Configuring routing policies Routing policies control routing paths by filtering and modifying routing information. This chapter describes both IPv4 and IPv6 routing policies. Overview Routing policies can filter advertised, received, and redistributed routes, and modify attributes for specific routes. To configure a routing policy: 1. Configure filters based on route attributes, such as destination address and the advertising router's address. 2.
Extended community list An extended community list matches the extended community attribute (Route-Target for VPN and Source of Origin) of BGP routing information. For more information about extended community list, see MPLS Configuration Guide. Routing policy A routing policy can comprise multiple nodes, which are in a logical OR relationship. A node with a smaller number is matched first. A route that matches one node matches the routing policy.
For example, the following configuration filters routes 10.1.0.0/16, 10.2.0.0/16, and 10.3.0.0/16, but allows other routes to pass. system-view [Sysname] ip ip-prefix abc index 10 deny 10.1.0.0 16 [Sysname] ip ip-prefix abc index 20 deny 10.2.0.0 16 [Sysname] ip ip-prefix abc index 30 deny 10.3.0.0 16 [Sysname] ip ip-prefix abc index 40 permit 0.0.0.0 0 less-equal 32 Configuring an IPv6 prefix list Step Command Remarks 1. Enter system view. system-view N/A 2.
Step Enter system view. 1. Command Remarks system-view N/A • Configure a basic community list: Configure a community list. 2. ip community-list basic-comm-list-num { deny | permit } [ community-number-list ] [ internet | no-advertise | no-export | no-export-subconfed ] * • Configure an advanced community list: Use either method. Not configured by default.
Step Command Remarks 1. Enter system view. system-view N/A 2. Create a routing policy and a node and enter routing policy view. route-policy route-policy-name { deny | permit } node node-number By default, no routing policy is created. Configuring if-match clauses Follow these guidelines when you configure if-match clauses: • The if-match clauses of a routing policy node have a logical AND relationship.
Step 5. 6. Command Remarks Optional. Match BGP routing information whose AS path attribute is specified in the AS path lists. if-match as-path AS-PATH-number&<1-16> Match BGP routing information whose community attribute is specified in the community lists. if-match community { basic-community-list-number [ whole-match ] | adv-community-list-number }&<1-16> Not configured by default. Not configured by default. Optional. 7. Match routes having the specified cost. if-match cost value 8.
Step 3. 4. 5. 6. 7. 8. Command Remarks Set the AS-PATH attribute for BGP routes. apply comm-list comm-list-number delete Optional. Delete the community attribute of BGP routing information using the community list. apply comm-list { comm-list-number | comm-list-name } delete Optional. Set the community attribute for BGP routes.
Step Command 18. Set a tag value for RIP, OSPF or IS-IS route. apply tag value 19. Configure FRR. apply fast-reroute backup-interface interface-type interface-number [ backup-nexthop ip-address ] Remarks Optional. Not set by default. Optional. Not configured by default.
Task Command Display IPv6 prefix list statistics. display ip ipv6-prefix [ ipv6-prefix-name ] [ | { begin | exclude | include } regular-expression ] Display routing policy information. display route-policy [ route-policy-name ] [ | { begin | exclude | include } regular-expression ] Clear IPv4 prefix list statistics. reset ip ip-prefix [ ip-prefix-name ] Clear IPv6 prefix list statistics. reset ip ipv6-prefix [ ipv6-prefix-name ] Remarks Available in user view.
[RouterC-GigabitEthernet2/1/1] isis enable [RouterC-GigabitEthernet2/1/1] quit [RouterC] interface gigabitethernet 2/1/2 [RouterC-GigabitEthernet2/1/2] isis enable [RouterC-GigabitEthernet2/1/2] quit [RouterC] interface gigabitethernet 2/1/3 [RouterC-GigabitEthernet2/1/3] isis enable [RouterC-GigabitEthernet2/1/3] quit # Configure Router B. [RouterB] isis [RouterB-isis-1] is-level level-2 [RouterB-isis-1] network-entity 10.0000.0000.0002.
Total Nets: 5 Intra Area: 1 4. Inter Area: 0 ASE: 4 NSSA: 0 Configure filtering lists on Router B: # Configure ACL 2002 to allow route 172.17.2.0/24 to pass. [RouterB] acl number 2002 [RouterB-acl-basic-2002] rule permit source 172.17.2.0 0.0.0.255 [RouterB-acl-basic-2002] quit # Configure IP prefix list prefix-a to allow route 172.17.1.0/24 to pass. [RouterB] ip ip-prefix prefix-a index 10 permit 172.17.1.0 24 5.
Applying a routing policy to IPv6 route redistribution Network requirements • In Figure 117, enable RIPng on Router A and Router B. • Configure three static routes on Router A • On Router A, enable static route redistribution into RIPng and apply a routing policy to permit routes 20::/32 and 40::/32 and deny route 30::/32. Figure 117 Network diagram Configuration procedure 1. Configure Router A: # Configure IPv6 addresses for interfaces GigabitEthernet 2/1/1 and GigabitEthernet 2/1/2.
2. Configure Router B: # Configure the IPv6 address of GigabitEthernet 2/1/1 system-view [RouterB] ipv6 [RouterB] interface gigabitethernet 2/1/1 [RouterB-GigabitEthernet2/1/1] ipv6 address 10::2 32 # Enable RIPng on the interface. [RouterB-GigabitEthernet2/1/1] ripng 1 enable [RouterB-GigabitEthernet2/1/1] quit # Enable RIPng. [RouterB] ripng # Display RIPng routing table information.
Configuration procedure 1. Configure IP addresses for interfaces. (Details not shown.) 2. Configure BGP: # Configure Router A. system-view [RouterA] bgp 100 [RouterA-bgp] router-id 1.1.1.1 [RouterA-bgp] peer 1.1.1.2 as-number 300 # Configure Router B. system-view [RouterB] bgp 200 [RouterB-bgp] router-id 2.2.2.2 [RouterB-bgp] peer 1.1.2.2 as-number 300 # Configure Router C. system-view [RouterC] bgp 300 [RouterC-bgp] router-id 3.3.3.3 [RouterC-bgp] peer 1.1.1.
*> 5.5.5.0/24 1.1.3.1 0 300 100i *> 6.6.6.0/24 1.1.3.1 0 300 100i *> 7.7.7.0/24 1.1.3.1 0 300 200i *> 8.8.8.0/24 1.1.3.1 0 300 200i *> 9.9.9.0/24 1.1.3.1 0 300 200i The output shows that Router D has learned routes 4.4.4.0/24, 5.5.5.0/24, and 6.6.6.0/24 from AS 100 and 7.7.7.0/24, 8.8.8.0/24, and 9.9.9.0/24 from AS 200. 3. Configure Router D to reject the routes from AS 200: # Configure AS path list 1. [RouterD] ip as-path 1 permit .*200.
Analysis At least one item of the IP prefix list must be configured as permit mode, and at least one node in the routing policy must be configured as permit mode. Solution 1. Use the display ip ip-prefix command to display IP prefix list information. 2. Use the display route-policy command to display routing policy information. IPv6 routing information filtering failure Symptom The routing protocol is running correctly, but filtering routing information failed.
Configuring QoS policy routing Overview QoS policy routing is a technique used to make routing decisions based on user-defined QoS policies. Different from destination-based routing, QoS policy routing makes routing decisions based on the source address and other criteria. For more information about QoS policies, see ACL and QoS Configuration Guide. QoS policy routing takes precedence over destination-based routing. If a packet meets the match criteria, QoS policy routing applies.
Applied to a VLAN, the QoS policy takes effect on the traffic received on all ports in the VLAN. • Applying the QoS policy to interfaces Step 1. Enter system view. Command Remarks system-view N/A • Enter Layer 2 Ethernet 2. Enter Layer 2 Ethernet interface view or port group view. interface view: interface interface-type interface-number • Enter port group view: Settings made in interface view take effect on the current interface only.
Figure 119 Network diagram Configuration procedure # Configure ACL 2000. system-view [RouterA] acl number 2000 [RouterA-acl-basic-2000] rule 0 permit source any [RouterA-acl-basic-2000] quit # Define a match criterion for the class a to match ACL 2000. [RouterA] traffic classifier a [RouterA-classifier-a] if-match acl 2000 [RouterA-classifier-a] quit # Configure the action of redirecting traffic to GigabitEthernet 2/0/3 for the behavior a.
Network diagram GE2/0/2 201::2 IP network GE2/0/1 200::1 GE2/0/2 201::1 Router B Router A GE2/0/3 202::1 GE2/0/3 202::2 Router C Configuration procedure # Configure IPv6 ACL 2000. system-view [RouterA] acl ipv6 number 2000 [RouterA-acl6-basic-2000] rule 0 permit source any [RouterA-acl6-basic-2000] quit # Define a match criterion for the class a to match IPv6 ACL 2000.
Configuring MTR MTR overview Multi-Topology Routing (MTR) splits a base topology into multiple topologies, which might intersect or overlap with one another. Route calculation is performed on a per-topology basis. For example, IS-IS MTR splits an IS-IS routing domain into multiple independent IP topologies, such as an IPv4 topology and an IPv6 topology. It enables IS-IS to perform separate route calculation in the IPv4 and IPv6 topologies.
Step Command Remarks 1. Enter system view. system-view N/A 2. Enter IPv4 address family view. address-family ipv4 N/A 3. Create a topology and enter topology view. multiple-topology topology-name Not created by default. 4. Specify an ACL for the topology. acl acl-number N/A 5. Configure the maximum number of routes supported by the topology. routing-table limit number { warn-threshold | simply-alert } Optional. 6. Return to system view. quit N/A 7. Enter interface view.
Support and other resources Contacting HP For worldwide technical support information, see the HP support website: http://www.hp.
Conventions This section describes the conventions used in this documentation set. Command conventions Convention Description Boldface Bold text represents commands and keywords that you enter literally as shown. Italic Italic text represents arguments that you replace with actual values. [] Square brackets enclose syntax choices (keywords or arguments) that are optional. { x | y | ... } Braces enclose a set of required syntax choices separated by vertical bars, from which you select one.
Network topology icons Represents a generic network device, such as a router, switch, or firewall. Represents a routing-capable device, such as a router or Layer 3 switch. Represents a generic switch, such as a Layer 2 or Layer 3 switch, or a router that supports Layer 2 forwarding and other Layer 2 features. Represents an access controller, a unified wired-WLAN module, or the switching engine on a unified wired-WLAN switch. Represents an access point.
Index ABCDEILMOPQRST Configuring IS-IS GR,157 A Configuring IS-IS MTR,160 Applying IPsec policies for OSPFv3,327 Configuring IS-IS NSR,157 Applying IPsec policies for RIPng,304 Configuring IS-IS routing information control,142 B Configuring MTR,438 BGP configuration examples,245 Configuring OSPF areas,67 BGP configuration task list,203 Configuring OSPF FRR,87 Binding an IS-IS process with MIBs,159 Configuring OSPF GR,88 C Configuring OSPF network types,70 Configuring OSPF NSR,90 Configuring
Displaying and maintaining IS-IS,162 Overview,291 Displaying and maintaining MTR,439 Overview,313 Displaying and maintaining OSPF,92 Overview,434 Displaying and maintaining OSPFv3,328 Overview,58 Displaying and maintaining PBR,281 Overview,193 Displaying and maintaining RIP,37 Overview,21 Displaying and maintaining RIPng,304 Overview,125 Displaying and maintaining static routes,10 Overview,276 Displaying and maintaining the routing policy,425 P Dynamic routing protocols,2 PBR configuratio
