HP 6125 Blade Switch Series Layer 3 - IP Routing Configuration Guide Part number: 5998-3157 Software version: Release 2103 Document version: 6W100-20120907...
Page 2
HEWLETT-PACKARD COMPANY MAKES NO WARRANTY OF ANY KIND WITH REGARD TO THIS MATERIAL, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. Hewlett-Packard shall not be liable for errors contained herein or for incidental or consequential damages in connection with the furnishing, performance, or use of this material.
Page 4
Configuring RIP route redistribution ····················································································································· 27 Tuning and optimizing RIP networks ···························································································································· 27 Configuring RIP timers ··········································································································································· 28 Configuring split horizon and poison reverse ···································································································· 28 Configuring the maximum number of ECMP routes ·························································································· 29 Enabling zero field check on incoming RIPv1 messages ··················································································...
Page 5
Configuring ABR Type-3 LSA filtering ················································································································· 74 Configuring an OSPF cost for an interface ········································································································ 74 Configuring the maximum number of OSPF routes ··························································································· 75 Configuring the maximum number of ECMP routes ·························································································· 75 Configuring OSPF preference ······························································································································ 76 ...
Page 6
BGP route selection ············································································································································· 124 BGP and IGP synchronization···························································································································· 125 Settlements for problems in large scale BGP networks ··················································································· 126 BGP GR ································································································································································ 129 MP-BGP ································································································································································· 130 Protocols and standards ····································································································································· 130 BGP configuration task list ·········································································································································· 131 ...
Page 7
Enabling logging of peer state changes ···················································································································· 158 Configuring BFD for BGP ············································································································································ 158 Displaying and maintaining BGP ······························································································································· 158 Displaying BGP ···················································································································································· 158 Resetting BGP connections ································································································································· 160 Clearing BGP information ·································································································································· 160 BGP configuration examples ······································································································································...
Page 9
Disabling session establishment to an IPv6 peer or peer group ···································································· 233 Logging IPv6 peer or peer group state changes ······························································································ 233 Controlling route distribution and reception ············································································································· 233 Configuration prerequisites ································································································································ 234 Configuring IPv6 BGP route redistribution ········································································································ 234 ...
Page 10
Defining apply clauses ········································································································································ 259 Defining a continue clause ································································································································· 260 Displaying and maintaining the routing policy ········································································································· 261 Routing policy configuration examples ······················································································································ 261 Applying a routing policy to IPv6 route redistribution ····················································································· 261 Applying a routing policy to filter received BGP routes ··················································································...
IP routing basics Overview IP routing directs the forwarding of IP packets on routers based on a routing table. This book focuses on unicast routing protocols. For more information about multicast routing protocols, see IP Multicast Configuration Guide. The term "router" in this chapter refers to both routers and Layer 3 switches. The types of interfaces that appear in any figures other than the network diagrams for configuration examples are for illustration only.
80.1.1.0/24 OSPF 80.1.1.1 Vlan13 … A route entry includes the following key items: • Destination—IP address of the destination host or network. Mask—Mask length of the IP address. • Pre—Preference of the route. Among routes to the same destination, the one with the highest •...
The preference of a direct route is always 0 and cannot be changed. You can manually configure preferences for any other route type. Each static route can be configured with a different preference. The following table lists the types of routes and the default preferences. The smaller the preference value, the higher the preference.
Route redistribution Route redistribution enables routing protocols to learn route information from each other. A dynamic routing protocol can redistribute routes from other protocols including direct routes and static routes. For more information, see the respective chapters on those routing protocols in this configuration guide. Displaying and maintaining a routing table Task Command...
Page 15
Task Command Remarks display ipv6 routing-table [ vpn-instance Display routing information vpn-instance-name ] acl acl6-number Available in any view permitted by an IPv6 ACL. [ verbose ] [ | { begin | exclude | include } regular-expression ] display ipv6 routing-table [ vpn-instance vpn-instance-name ] ipv6-address Display routing information for a prefix-length [ longer-match ] [ verbose ]...
Configuring static routing Introduction Static route Static routes are manually configured. If a network's topology is simple, you only need to configure static routes for the network to work properly. The proper configuration and usage of static routes can improve network performance and ensure bandwidth for important network applications.
Other attributes • You can configure different priorities for different static routes so that route management policies can be more flexible. For example, specifying the same priority for different routes to the same destination enables load sharing, but specifying different priorities for these routes enables route backup.
Step Command Remarks Configure the Optional. ip route-static default-preference default preference default-preference-value 60 by default. for static routes. Configuring BFD for static routes Bidirectional forwarding detection (BFD) provides a general-purpose, standard, medium-, and protocol-independent fast failure detection mechanism. It can uniformly and quickly detect the failures of the bidirectional forwarding paths between two routers for protocols, such as routing protocols.
Task Command Remarks display ip routing-table protocol static [ inactive | Display information of static Available in any verbose ] [ | { begin | exclude | include } routes. view regular-expression ] delete [ vpn-instance vpn-instance-name ] Available in Delete all the static routes.
Page 21
Configure the default gateways of hosts A, B, and C as 1.1.2.3, 1.1.6.1, and 1.1.3.1. (Details not shown.) Verify the configuration: # Display the IP routing table on Switch A. [SwitchA] display ip routing-table Routing Tables: Public Destinations : 7 Routes : 7 Destination/Mask Proto...
Minimum = 1ms, Maximum = 1ms, Average = 1ms # Use the tracert command on Host B to test the reachability of Host A. C:\Documents and Settings\Administrator>tracert 1.1.2.2 Tracing route to 1.1.2.2 over a maximum of 30 hops <1 ms <1 ms <1 ms 1.1.6.1...
Page 23
[SwitchA] ip route-static 120.1.1.0 24 vlan-interface 10 12.1.1.2 bfd control-packet [SwitchA] ip route-static 120.1.1.0 24 vlan-interface 11 10.1.1.100 preference 65 [SwitchA] quit # Configure static routes on Switch B and enable BFD control mode for the static route that traverses the Layer 2 switch. <SwitchB>...
<SwitchA> display ip routing-table protocol static Public Routing Table : Static Summary Count : 1 Static Routing table Status : <Active> Summary Count : 1 Destination/Mask Proto Cost NextHop Interface 120.1.1.0/24 Static 65 10.1.1.100 Vlan11 Static Routing table Status : <Inactive> Summary Count : 0 The output shows that Switch A communicates with Switch B through VLAN-interface 11 now.
Page 25
[SwitchA] interface loopback 1 [SwitchA-LoopBack1] bfd min-transmit-interval 500 [SwitchA-LoopBack1] bfd min-receive-interval 500 [SwitchA-LoopBack1] bfd detect-multiplier 9 [SwitchA-LoopBack1] quit [SwitchA] ip route-static 120.1.1.0 24 2.2.2.9 bfd control-packet bfd-source 1.1.1.9 [SwitchA] ip route-static 120.1.1.0 24 vlan-interface 11 10.1.1.100 preference 65 [SwitchA] quit # Configure static routes on Switch B and enable BFD control mode for the static route that traverses Switch D.
Page 26
Static Routing table Status : <Inactive> Summary Count : 1 Destination/Mask Proto Cost NextHop Interface 120.1.1.0/24 Static 65 10.1.1.100 Vlan11 The output shows that Switch A communicates with Switch B through VLAN-interface 10. When the link over VLAN-interface 10 fails, Switch A can quickly detect the failure. # Display static routes on Switch A again.
Configuring RIP Overview Routing Information Protocol (RIP) is a distance-vector interior gateway protocol suited to small-sized networks. It employs UDP to exchange route information through port 520. The term "router" in this chapter refers to both routers and Layer 3 switches. RIP route entries RIP stores routing entries in a database.
Split horizon—Disables RIP from sending routing information on the interface from which the • information was learned to prevent routing loops and save bandwidth. Poison reverse—Enables RIP to set the metric of routes received from a neighbor to 16 and sends •...
Page 29
RIPv1 message format Figure 4 RIPv1 message format Command—Type of message. 1 indicates request, which is used to request all or part of the routing • information from the neighbor; 2 indicates response, which contains all or part of the routing information.
Figure 6 RIPv2 authentication message Command Version Unused 0xFFFF Authentication type Authentication (16 octets) • Authentication Type—A value of 2 represents simple authentication. A value of 3 represents MD5. RFC 1723 only defines simple authentication. For more information about MD5 authentication, see RFC 2453, RIP Version 2.
If a physical interface is attached to multiple networks, you cannot advertise these networks in • different RIP processes. To enable RIP: Step Command Remarks Enter system view. system-view Enable a RIP process and rip [ process-id ] [ vpn-instance Disabled by default.
To configure a RIP version: Step Command Remarks Enter system view. system-view rip [ process-id ] [ vpn-instance Enter RIP view. vpn-instance-name ] Optional. By default, if an interface has a RIP version specified, the version takes precedence over the global one. If no RIP version is specified for an Specify a global RIP version.
Configuring RIP route control In complex networks, you must configure advanced RIP features. Before you configure RIP routing feature, complete the following tasks: • Configure IP addresses for interfaces, and make sure that all neighboring routers can reach each other. Configure RIP basic functions.
Step Command Remarks Optional. Enabled by default. Enable RIPv2 automatic route If the subnet routes in the routing summary summarization. table are not consecutive, disable automatic route summarization to avoid black hole routing. Advertising a summary route Disable RIPv2 route automatic summarization before advertising a summary route on an interface. To configure RIPv2 to advertise a summary route on the specified interface: Step Command...
If a RIP process is enabled to advertise a default route, to disable an interface of the RIP process • from default route advertisement, you can use the rip default-route no-originate command on the interface. To configure RIP to advertise a default route: Step Command Remarks...
Configure IP addresses for interfaces, and make sure that all neighboring nodes can reach each • other. Configure RIP basic functions. • Configuring RIP timers You can change the RIP network convergence speed by adjusting RIP timers. Based on network performance, make RIP timers of RIP routers identical to each other to avoid unnecessary traffic or route oscillation.
Step Command Remarks Enter system view. system-view interface interface-type Enter interface view. interface-number Enable poison reverse. rip poison-reverse Disabled by default. Configuring the maximum number of ECMP routes Perform this task to implement load sharing over ECMP routes. To configure the maximum number of ECMP routes: Step Command Remarks...
To enable source IP address check on incoming RIP updates: Step Command Remarks Enter system view. system-view rip [ process-id ] [ vpn-instance Enter RIP view. vpn-instance-name ] Enable source IP address Optional. check on incoming RIP validate-source-address Enabled by default. messages.
Configuring RIP-to-MIB binding This task allows you to enable a specific RIP process to receive SNMP requests. To bind RIP to MIB: Step Command Remarks Enter system view. system-view Optional. Bind RIP to MIB. rip mib-binding process-id By default, MIB is bound to RIP process 1.
Step Command Remarks Configure the source IP By default, no source IP address is bfd echo-source-ip ip-address address of BFD echo packets. configured for BFD echo packets. interface interface-type Enter interface view. interface-number Enable BFD on the RIP rip bfd enable Disabled by default.
10.0.0.0/8 192.168.1.2 The output shows that RIPv1 uses a natural mask. Configure RIP version: # Configure RIPv2 on Switch A. [SwitchA] rip [SwitchA-rip-1] version 2 [SwitchA-rip-1] undo summary [SwitchA-rip-1] quit # Configure RIPv2 on Switch B. [SwitchB] rip [SwitchB-rip-1] version 2 [SwitchB-rip-1] undo summary # Display the RIP routing table on Switch A.
Page 45
Configuration procedure Configure an IP address for each interface. (Details not shown.) Configure basic RIP functions: # Enable RIP 100 and specify RIP version 2 on Switch A. <SwitchA> system-view [SwitchA] rip 100 [SwitchA-rip-100] network 10.0.0.0 [SwitchA-rip-100] network 11.0.0.0 [SwitchA-rip-100] version 2 [SwitchA-rip-100] undo summary [SwitchA-rip-100] quit # Enable RIP 100 and RIP 200 and specify RIP version 2 on Switch B.
Destinations : 10 Routes : 10 Destination/Mask Proto Cost NextHop Interface 10.1.1.0/24 11.3.1.1 Vlan300 10.2.1.0/24 11.3.1.1 Vlan300 10.5.1.0/24 11.3.1.1 Vlan300 10.6.1.0/24 11.3.1.1 Vlan300 11.3.1.0/24 Direct 0 11.3.1.2 Vlan300 11.3.1.2/32 Direct 0 127.0.0.1 InLoop0 11.4.1.0/24 Direct 0 11.4.1.2 Vlan400 11.4.1.2/32 Direct 0 127.0.0.1 InLoop0 127.0.0.0/8...
Page 51
learns the static route sent by Switch C with the output interface being the interface connected to Switch Figure 11 Network diagram Configuration procedure Configure IP addresses for interfaces. (Details not shown.) Configure RIP basic functions: # Configure Switch A. <SwitchA>...
State: Inactive Adv Age: 00h12m50s Tag: 0 When the link over VLAN-interface 100 fails, Switch A can quickly detect the change. # Display the BFD session information on Switch A. <SwitchA> display bfd session Switch A has deleted the BFD session on VLAN-interface 100 to Switch C and displays no output. # Display the RIP routes of RIP process 1 on Switch A.
Page 54
relationship with Switch C and the route information received from Switch C. Then, Switch A learns the static route sent by Switch C, the output interface of the route is the interface connected to Switch D. Figure 12 Network diagram Configuration procedure Configure IP addresses for interfaces.
NextHop: 192.168.3.2 Interface: vlan-interface 300 BkNextHop: 0.0.0.0 BkInterface: RelyNextHop: 0.0.0.0 Neighbor : 192.168.3.2 Tunnel ID: 0x0 Label: NULL BKTunnel ID: 0x0 BKLabel: NULL State: Active Adv Age: 00h18m40s Tag: 0 Troubleshooting RIP No RIP updates received Symptom No RIP updates are received when the links function. Analysis After enabling RIP, you must use the network command to enable corresponding interfaces.
Configuring OSPF Overview Open Shortest Path First (OSPF) is a link state interior gateway protocol developed by the OSPF working group of the IETF. Now, OSPF version 2 (RFC 2328) is used. Unless otherwise noted, OSPF refers to OSPFv2 throughout this chapter. The term "router" in this chapter refers to both routers and Layer 3 switches.
Page 59
Router ID An OSPF process running on a router must have its own router ID. This ID is a 32-bit unsigned integer that uniquely identifies the router in the AS. OSPF packets OSPF uses the following types of packets: Hello—Periodically sent to find and maintain neighbors, containing the values of some timers, •...
Area based OSPF network partition Network partition In a large OSPF routing domain, the LSDB becomes very huge and SPF computation consumes many storage and CPU resources. In addition, because topology changes can easily occur, OSPF packets generated for route information synchronization are enormous, occupying excessive bandwidth.
Page 61
Figure 14 Virtual link application 1 Virtual links can also be used to provide redundant links. If the backbone area cannot maintain internal connectivity due to the failure of a physical link, you can configure a virtual link to replace the failed physical link, as shown in Figure Figure 15 Virtual link application 2...
Page 62
NSSA area Similar to a stub area, an NSSA area does not import AS external LSAs (Type-5 LSAs), but can import Type-7 LSAs generated by the NSSA ASBR. The NSSA ABR translates Type-7 LSAs into Type-5 LSAs and advertises the Type-5 LSAs to other areas. In the following figure, the OSPF AS contains Area 1, Area 2, and Area 0.
Router types Router classification The following are OSPF router types and their positions in the AS: Internal router—All interfaces on an internal router belong to one OSPF area. • • Area Border Router (ABR)—An ABR belongs to more than two areas, one of which must be the backbone area.
OSPF classifies external routes as Type- 1 or Type-2. A Type- 1 external route has high credibility. The cost from a router to the destination of the Type- 1 external route = the cost from the router to the corresponding ASBR + the cost from the ASBR to the destination of the external route.
DR and BDR Introduction On a broadcast or NBMA network, any two routers need to establish an adjacency to exchange routing information with each other. If n routers are present on the network, n(n- 1 )/2 adjacencies are required. In addition, any topology change on the network results in traffic for route synchronization, which consumes many system and bandwidth resources.
OSPF packet formats OSPF packets are directly encapsulated into IP packets. OSPF uses the IP protocol number 89. The format of an OSPF LSU packet is shown in Figure Figure 20 OSPF packet format OSPF packet header OSPF packets are classified into five types that have the same packet header. Figure 21 OSPF packet header Major fields of the OSPF packet header are as follows: •...
Page 67
Figure 22 Hello packet format Version Packet length Router ID Area ID Checksum AuType Authentication Authentication Network mask HelloInterval Options Rtr Pri RouterDeadInterval Designated router Backup designated router Neighbor Neighbor Major fields of the hello packet are as follows: Network mask—Network mask associated with the router’s sending interface. If two routers have •...
Page 68
Figure 23 DD packet format Major fields of the DD packets are as follows: • Interface MTU—Specifies the largest IP datagram in bytes that the interface can send without fragmentation. I (Initial)—The Init bit, which is set to 1 if the packet is the first DD packet. It is set to 0 if not. •...
Page 69
Figure 24 LSR packet format Version Packet length Router ID Area ID Checksum AuType Authentication Authentication LS type Link state ID Advertising router Major fields of the LSR packets are as follows: LS type—Type of the LSA to be requested. Type 1 for example indicates the Router LSA. •...
Page 70
Figure 26 LSAck packet format LSA header format All LSAs have the same header. Figure 27 LSA header format Major fields of the LSA header are as follows: LS age—Time, in seconds, elapsed since the LSA was originated. An LSA ages in the LSDB (added •...
Page 71
Figure 28 Router LSA format LS age Options Link state ID Advertising router LS sequence number LS checksum Length # Links Link ID Link data Type #TOS Metric TOS metric Link ID Link data Major fields of the Router LSA are as follows: Link state ID—ID of the router that originated the LSA.
Page 72
Figure 29 Network LSA format Major fields of the Network LSA are as follows: Link state ID—The interface address of the DR. Network mask—The mask of the network (a broadcast or NBMA network). Attached router—The IDs of the routers, which are adjacent to the DR, including the DR itself. •...
Page 73
An AS external LSA is originated by an ASBR, and describes routing information to a destination outside the AS. Figure 31 AS external LSA format Major fields of the AS external LSA are as follows: Link state ID—The IP address of another AS to be advertised. When describing a default route, the Link state ID is always set to default destination (0.0.0.0) and the network mask is set to 0.0.0.0 Network mask—The IP address mask for the advertised destination...
Figure 32 NSSA external LSA format Supported features Multi-process This feature allows multiple OSPF processes to run on a router both simultaneously and independently. Routing information interactions between different processes simulate interactions between different routing protocols. Multiple OSPF processes can use the same RID. An interface of a router can only belong to a single OSPF process.
Bidirectional forwarding detection (BFD) provides a single mechanism to quickly detect and monitor the connectivity of links between OSPF neighbors, reducing network convergence time. For more information about BFD, see High Availability Configuration Guide. Protocols and standards RFC 1765, OSPF Database Overflow •...
Configuration procedure To enable OSPF on a router, create an OSPF process and specify areas with which the process is associated, and the network segments contained in each area. If an interface’s IP address resides on a network segment of an area, the interface belongs to the area and is enabled with OSPF, and OSPF advertises the direct route of the interface.
Configuring OSPF areas After splitting an OSPF AS into multiple areas, configure some areas as stub areas or NSSA areas as needed. If no connection can be achieved between the backbone and a non-backbone area, or within the backbone itself, you can configure virtual links to solve it. Configuration prerequisites Before you configure an OSPF area, complete the following tasks: Configure IP addresses for interfaces, and make sure that all neighboring nodes can reach each...
NOTE: Virtual links cannot transit totally stub areas. Configuring an NSSA area A stub area cannot redistribute routes. Configure the area as an NSSA area to allow for route redistribution by keeping other stub area characteristics. To configure an NSSA area: Step Command Remarks...
Step Command Remarks vlink-peer router-id [ hello seconds You must configure this command on | retransmit seconds | trans-delay both ends of a virtual link. seconds | dead seconds | simple Configure a virtual link. hello and dead intervals must be [ plain | cipher ] password | { md5 identical on both ends of the virtual | hmac-md5 } key-id [ plain |...
Step Command Remarks Configure the OSPF network By default, the network type of an type for the interface as ospf network-type broadcast interface depends on the link layer broadcast. protocol. Optional. Configure a router priority for ospf dr-priority priority the interface. The default router priority is 1.
Step Command Remarks interface interface-type Enter interface view. interface-number By default, the network type of an interface depends on the link layer protocol. After you configure the OSPF Configure the OSPF network network type for an interface as type for the interface as ospf network-type p2mp [ unicast ] P2MP unicast, all packets are unicast P2MP.
Configuring OSPF route summarization Route summarization is when an ABR or ASBR summarizes routes with the same prefix into a single route and distributes it to other areas. Route summarization reduces the traffic of routing information exchanged between areas and the sizes of routing tables on routers, improving route calculation speed on routers.
Configuring OSPF inbound route filtering OSPF calculates routes by using LSAs. The calculated routes can be filtered and only permitted routes are installed into the OSPF routing table. OSPF provides the following filtering methods: • Filters routing information by destination address through ACLs and IP address prefixes Filters routing information by next hop through the filtering criteria configured with the gateway •...
calculated cost is greater than 65535, the value of 65535 is used. If the calculated cost is less than 1, the value of 1 is used. If the cost value is not configured for an interface, OSPF computes the interface cost automatically. To configure an OSPF cost for an interface: Step Command...
Step Command Remarks ospf [ process-id | router-id router-id | Enter OSPF view. vpn-instance vpn-instance-name ] * Optional. Configure the maximum maximum load-balancing maximum number of ECMP routes. 8 by default. Configuring OSPF preference A router can run multiple routing protocols, and each protocol is assigned a preference. When the routing protocols find routes to the same destination, the route found by the protocol with the highest preference is selected as the best route.
Page 87
Step Command Remarks import-route protocol [ process-id | Configure OSPF to all-processes | allow-ibgp ] [ cost cost | type redistribute routes from Not configured by default type | tag tag | route-policy another protocol. route-policy-name ] * Configure OSPF to filter filter-policy { acl-number | ip-prefix Optional redistributed routes before...
Step Command Remarks Optional. The default cost is 1, the Configure the default default maximum number parameters for default { cost cost | limit limit | tag tag | type of routes redistributed per redistributed routes (cost, type } * time is 1000, the default upper limit, tag, and tag is 1, and default type...
Dead timer—Interval within which if the interface receives no hello packet from the neighbor, it • declares the neighbor is down. The dead interval must be at least four times the hello interval on an interface. • LSA retransmission timer—Interval within which if the interface receives no acknowledgement packets after sending an LSA to the neighbor, it retransmits the LSA.
Specifying SPF calculation interval LSDB changes lead to SPF calculations. When the topology changes frequently, a large amount of network and router resources are occupied by SPF calculation. Adjust the SPF calculation interval to reduce the impact. When network changes are not frequent, the minimum-interval is adopted. If network changes become frequent, the SPF calculation interval is incremented by incremental-interval ×...
Step Command Remarks Enter system view. system-view ospf [ process-id | router-id router-id | Enter OSPF view. vpn-instance vpn-instance-name ] * Optional. lsa-generation-interval By default, the maximum interval is 5 Configure the LSA maximum-interval [ initial-interval seconds, the minimum interval is 0 generation interval.
Step Command Remarks Configure the router as a By default, the router is not a stub stub-router stub router. router in any OSPF process. Configuring OSPF authentication You can configure OSPF packet authentication to ensure the security of packet exchanges. After authentication is configured, OSPF only receives packets that pass authentication.
Step Command Remarks Optional. Enable the interface to add its ospf mtu-enable MTU into DD packets. Not enabled by default. Configuring the maximum number of external LSAs in LSDB Step Command Remarks Enter system view. system-view ospf [ process-id | router-id router-id | Enter OSPF view.
Configuring OSPF network management With trap generation enabled, OSPF generates traps to report important events. Traps fall into the following levels. Level-3—Fault traps • • Level-4—Alarm traps Level-5—Normal but important traps • Level-6—Notification traps • The generated traps are sent to the information center of the device. The output rules of the traps such as whether to output the traps and the output direction are determined according to the information center configuration.
Step Command Remarks Enter system view. system-view ospf [ process-id | router-id router-id | Enter OSPF view. vpn-instance vpn-instance-name ] * Optional. Enable the advertisement and opaque-capability enable reception of opaque LSAs. Disabled by default. Configuring OSPF to give priority to receiving and processing hello packets To ensure OSPF runs properly, a router receives and processes hello packets and other protocol packets at the same time.
Setting the DSCP value for OSPF packets An IPv4 packet header contains an 8-bit TOS field. As defined in RFC 2474, the first six bits set the Differentiated Services Code Point (DSCP) value and the last two bits are reserved. Network devices use the DSCP value as a reference to determine the packet priority for transmission.
Step Command Remarks Enter system view. system-view ospf [ process-id | router-id Enable OSPF and enter its router-id | vpn-instance view. vpn-instance-name ] * Enable opaque LSA opaque-capability enable Disabled by default. advertisement capability. Enable the IETF standard graceful-restart ietf Disabled by default.
Step Command Remarks Optional. Configure the neighbors for graceful-restart help { acl-number The router can serve as a GR which the router can serve as | prefix prefix-list } Helper for any OSPF neighbor by a GR Helper. default. Configuring the non IETF standard OSPF GR Helper Step Command Remarks...
To enable BFD control packet bidirectional detection on an OSPF interface: Step Command Description Enter system view. system-view interface interface-type Enter interface view. interface-number Enable BFD control packet bidirectional Not enabled by ospf bfd enable detection on the interface. default. Configuring echo packet single-hop detection Step Command...
Task Command Remarks display ospf [ process-id ] routing [ interface interface-type interface-number ] [ nexthop Available in any Display routing table information. nexthop-address ] [ | { begin | exclude | include } view regular-expression ] display ospf [ process-id ] vlink [ | { begin | Available in any Display virtual link information.
Page 101
Figure 33 Network diagram Area 0 Switch A Switch B Vlan-int100 10.1.1.1/24 Vlan-int100 Vlan-int200 10.1.1.2/24 Vlan-int200 10.3.1.1/24 10.2.1.1/24 Vlan-int200 Area 1 Area 2 Vlan-int200 10.3.1.2/24 10.2.1.2/24 Vlan-int300 Vlan-int300 10.4.1.1/24 10.5.1.1/24 Switch C Switch D Configuration procedure Configure IP addresses for interfaces. (Details not shown.) Configure OSPF basic functions: # Configure Switch A.
Page 102
[SwitchD-ospf-1] area 2 [SwitchD-ospf-1-area-0.0.0.2] network 10.3.1.0 0.0.0.255 [SwitchD-ospf-1-area-0.0.0.2] network 10.5.1.0 0.0.0.255 [SwitchD-ospf-1-area-0.0.0.2] quit [SwitchD-ospf-1] quit Verify the configuration: # Display information about neighbors on Switch A. [SwitchA] display ospf peer verbose OSPF Process 1 with Router ID 10.2.1.1 Neighbors Area 0.0.0.0 interface 10.1.1.1(Vlan-interface100)'s neighbors Router ID: 10.3.1.1 Address: 10.1.1.2 GR State: Normal...
Page 103
[SwitchA] display ospf lsdb OSPF Process 1 with Router ID 10.2.1.1 Link State Database Area: 0.0.0.0 Type LinkState ID AdvRouter Sequence Metric Router 10.2.1.1 10.2.1.1 1069 80000012 Router 10.3.1.1 10.3.1.1 80000011 Network 10.1.1.1 10.2.1.1 1069 80000010 Sum-Net 10.5.1.0 10.3.1.1 80000003 Sum-Net 10.2.1.0 10.2.1.1...
--- 10.4.1.1 ping statistics --- 5 packet(s) transmitted 5 packet(s) received 0.00% packet loss round-trip min/avg/max = 1/1/2 ms Configuring OSPF route redistribution Network requirements As shown in Figure 34, all the switches run OSPF, and the AS is divided into three areas. Switch A and Switch B act as ABRs to forward routes between areas.
Configure summary route 10.0.0.0/8 on Switch B and advertise it: [SwitchB-ospf-1] asbr-summary 10.0.0.0 8 # Display the OSPF routing table of Switch A. [SwitchA] display ip routing-table Routing Tables: Public Destinations : 5 Routes : 5 Destination/Mask Proto Cost NextHop Interface 10.0.0.0/8 O_ASE...
Page 109
[SwitchD-ospf-1] quit # Display ABR/ASBR information on Switch C. <SwitchC> display ospf abr-asbr OSPF Process 1 with Router ID 10.4.1.1 Routing Table to ABR and ASBR Type Destination Area Cost Nexthop RtType Intra 10.2.1.1 0.0.0.1 10.2.1.1 Inter 10.3.1.1 0.0.0.1 10.2.1.1 Inter 10.5.1.1 0.0.0.1...
[SwitchC-ospf-1] quit # Display OSPF routing information on Switch C [SwitchC] display ospf routing OSPF Process 1 with Router ID 10.4.1.1 Routing Tables Routing for Network Destination Cost Type NextHop AdvRouter Area 0.0.0.0/0 Inter 10.2.1.1 10.2.1.1 0.0.0.1 10.2.1.0/24 Transit 10.2.1.2 10.2.1.1 0.0.0.1 10.3.1.0/24...
Page 111
Configure Area 1 as an NSSA area and configure Switch C as the ASBR to redistribute static routes into the AS. Figure 37 Network diagram Configuration procedure Configure IP addresses for interfaces. Configure OSPF basic functions. (See "Configuring OSPF basic functions") Configure Area 1 as an NSSA area: # Configure Switch A.
Routing for Network Destination Cost Type NextHop AdvRouter Area 0.0.0.0/0 65536 Inter 10.2.1.1 10.2.1.1 0.0.0.1 10.2.1.0/24 65535 Transit 10.2.1.2 10.4.1.1 0.0.0.1 10.4.1.0/24 Stub 10.4.1.1 10.4.1.1 0.0.0.1 Total Nets: 3 Intra Area: 2 Inter Area: 1 ASE: 0 NSSA: 0 Configure route redistribution: # Configure Switch C to redistribute static routes.
Page 113
Figure 38 Network diagram Configuration procedure Configure IP addresses for interfaces. (Details not shown.) Configure OSPF basic functions: # Configure Switch A. <SwitchA> system-view [SwitchA] router id 1.1.1.1 [SwitchA] ospf [SwitchA-ospf-1] area 0 [SwitchA-ospf-1-area-0.0.0.0] network 192.168.1.0 0.0.0.255 [SwitchA-ospf-1-area-0.0.0.0] quit [SwitchA-ospf-1] quit # Configure Switch B.
Page 114
[SwitchD-ospf-1] return # Display OSPF neighbor information on Switch A. [SwitchA] display ospf peer verbose OSPF Process 1 with Router ID 1.1.1.1 Neighbors Area 0.0.0.0 interface 192.168.1.1(Vlan-interface1)'s neighbors Router ID: 2.2.2.2 Address: 192.168.1.2 GR State: Normal State: 2-Way Mode: None Priority: 1 DR: 192.168.1.4 BDR: 192.168.1.3...
Page 115
Area 0.0.0.0 interface 192.168.1.4(Vlan-interface1)'s neighbors Router ID: 1.1.1.1 Address: 192.168.1.1 GR State: Normal State: Full Mode:Nbr is Slave Priority: 100 DR: 192.168.1.4 BDR: 192.168.1.3 MTU: 0 Dead timer due in 31 Neighbor is up for 00:11:17 Authentication Sequence: [ 0 ] Router ID: 2.2.2.2 Address: 192.168.1.2 GR State: Normal...
Router ID: 3.3.3.3 Address: 192.168.1.3 GR State: Normal State: Full Mode: Nbr is Slave Priority: 2 DR: 192.168.1.1 BDR: 192.168.1.3 MTU: 0 Dead timer due in 39 Neighbor is up for 00:01:41 Authentication Sequence: [ 0 ] Switch A becomes the DR, and Switch C is the BDR. The full neighbor state means an adjacency has been established.
Page 117
Configuration procedure Configure IP addresses for interfaces. (Details not shown.) Configure OSPF basic functions: # Configure Switch A. <SwitchA> system-view [SwitchA] ospf 1 router-id 1.1.1.1 [SwitchA-ospf-1] area 0 [SwitchA-ospf-1-area-0.0.0.0] network 10.1.1.0 0.0.0.255 [SwitchA-ospf-1-area-0.0.0.0] quit # Configure Switch B. <SwitchB> system-view [SwitchB] ospf 1 router-id 2.2.2.2 [SwitchB-ospf-1] area 0 [SwitchB-ospf-1-area-0.0.0.0] network 10.1.1.0 0.0.0.255...
Area 0 has no direct connection to Area 2, so the routing table of Switch B has no route to Area Configure a virtual link: # Configure Switch B. [SwitchB] ospf [SwitchB-ospf-1] area 1 [SwitchB-ospf-1-area-0.0.0.1] vlink-peer 3.3.3.3 [SwitchB-ospf-1-area-0.0.0.1] quit [SwitchB-ospf-1] quit # Configure Switch C.
Page 119
Figure 40 Network diagram Configuration procedure Configure IP addresses for interfaces. (Details not shown.) Configure OSPF basic functions: # Configure Switch A <SwitchA> system-view [SwitchA] router id 1.1.1.1 [SwitchA] ospf 100 [SwitchA-ospf-100] area 0 [SwitchA-ospf-100-area-0.0.0.0] network 192.1.1.0 0.0.0.255 [SwitchA-ospf-100-area-0.0.0.0] quit # Configure Switch B <SwitchB>...
[SwitchB-ospf-100] enable link-local-signaling [SwitchB-ospf-100] enable out-of-band-resynchronization # Configure Switch C as the GR Helper: enable the link-local signaling capability and the out-of-band re-synchronization capability for OSPF process 100. [SwitchC-ospf-100] enable link-local-signaling [SwitchC-ospf-100] enable out-of-band-resynchronization Verify the configuration: # After the configurations on Switch A, Switch B, and Switch C are completed and the switches are running steadily, enable OSPF Graceful Restart event debugging and then restart the OSPF process using GR on Switch A.
Page 121
All the switches in the network run OSPF. The AS is divided into three areas. • • Switch A and Switch B work as ABRs. Configure Switch C as an ASBR to redistribute external routes (static routes), and configure a filter policy on Switch C to filter out redistributed route 3.1.3.0/24.
Page 122
10.2.1.0/24 Direct 0 10.2.1.1 Vlan200 10.2.1.1/32 Direct 0 127.0.0.1 InLoop0 10.3.1.0/24 OSPF 10.1.1.2 Vlan100 10.4.1.0/24 OSPF 10.2.1.2 Vlan200 10.5.1.0/24 OSPF 10.1.1.2 Vlan100 127.0.0.0/8 Direct 0 127.0.0.1 InLoop0 127.0.0.1/32 Direct 0 127.0.0.1 InLoop0 On Switch C, filter out route 3.1.3.0/24: # Configure the IPv4 prefix list. [SwitchC] ip ip-prefix prefix1 index 1 deny 3.1.3.0 24 [SwitchC] ip ip-prefix prefix1 index 2 permit 3.1.1.0 24 [SwitchC] ip ip-prefix prefix1 index 3 permit 3.1.2.0 24...
Page 125
[SwitchB-Vlan-interface10] bfd min-transmit-interval 500 [SwitchB-Vlan-interface10] bfd min-receive-interval 500 [SwitchB-Vlan-interface10] bfd detect-multiplier 6 Verify the configuration: # Display the BFD information on Switch A. <SwitchA> display bfd session Total Session Num: 1 Init Mode: Active Session Working Under Ctrl Mode: LD/RD SourceAddr DestAddr State Holdtime Interface...
Troubleshooting OSPF configuration No OSPF neighbor relationship established Symptom No OSPF neighbor relationship can be established. Analysis If the physical link and lower layer protocols work well, verify OSPF parameters configured on interfaces. Two neighbors must have the same parameters, such as the area ID, network segment, and mask (a P2P or virtual link may have different network segments and masks).
Configuring BGP BGP overview The Border Gateway Protocol (BGP) is a dynamic inter-AS Exterior Gateway Protocol. The three early BGP versions are BGP- 1 (RFC 1 105), BGP-2 (RFC 1 163) and BGP-3 (RFC 1267). The current version is BGP-4 (RFC 4271), and is the Internet exterior gateway protocol. The term "router" in this chapter refers to both routers and Layer 3 switches, and BGP refers to BGP-4 in this chapter.
Page 128
Figure 43 BGP message header Marker—The 16-byte field is used to delimit BGP messages. The Marker must be all ones. • Length—The two-byte unsigned integer indicates the total length of the message. • Type—This one-byte unsigned integer indicates the type code of the message. The following type •...
Page 129
Figure 45 BGP update message format Each update message can advertise a group of feasible routes with identical attributes, and the routes are contained in the network layer reachability information (NLRI) field. The path attributes field carries the attributes of these routes. Each update message can also carry multiple withdrawn routes in the withdrawn routes field.
Figure 47 BGP route-refresh message format AFI—Address family identifier. • Res—Reserved; set to 0. • • SAFI—Subsequent address family identifier. BGP path attributes Path attributes classification BGP path attributes are a group of parameters encapsulated in the path attributes field of update messages.
Page 131
ORIGIN is a well-known mandatory attribute that defines the origin of routing information (how a route became a BGP route). This attribute has the following types: IGP—Has the highest priority. Routes added to the BGP routing table using the network command have the IGP attribute.
Page 132
NEXT_HOP • Different from IGP, the NEXT_HOP attribute may not be the IP address of a directly connected router. It involves the following types of values, as shown in Figure When advertising a self-originated route to an EBGP peer, a BGP speaker sets the NEXT_HOP for the route to the address of its sending interface.
Page 133
In general, BGP compares MEDs of routes received from the same AS only. NOTE: The current implementation supports using the compare-different-as-med command to force BGP to compare MED values of routes received from different ASs. LOCAL_PREF • The LOCAL_PREF attribute is exchanged between IBGP peers only; therefore, it is not advertised to any other AS.
BGP route selection Route selection rules BGP discards routes with unreachable NEXT_HOPs. If multiple routes to the same destination are available, BGP selects the best route in the following sequence: The route with the highest Preferred_value The route with the highest LOCAL_PREF The route originated by the local router The route with the shortest AS-PATH The IGP, EGP, or INCOMPLETE route in turn...
Figure 52 Network diagram for BGP load balancing In the above figure, Router D and Router E are IBGP peers of Router C. Router A and Router B both advertise a route destined for the same destination to Router C. If load balancing is configured and the two routes have the same AS_PATH attribute, ORIGIN attribute, LOCAL_PREF and MED, Router C installs both the two routes to its route table for load balancing.
Figure 53 BGP and IGP synchronization in an AS For this example, if synchronization is enabled, and the route 8.0.0.0/24 received from Router B is available in its IGP routing table, Router D adds the route into its BGP routing table and advertises the route to the EBGP peer.
Page 137
Figure 54 BGP route dampening Peer group You can organize BGP peers with the same attributes into a group to simplify their configurations. When a peer joins the peer group, the peer obtains the same configuration as the peer group. If the configuration of the peer group is changed, the configuration of group members is changed.
Page 138
Figure 55 Network diagram for a route reflector The route reflector and clients form a cluster. In some cases, you can configure more than one route reflector in a cluster to improve network reliability and prevent a single point of failure, as shown in the following figure.
Figure 57 Confederation network diagram AS 65002 AS 65003 EBGP EBGP EBGP IBGP AS 100 IBGP IBGP AS 65004 AS 200 A non-confederation BGP speaker is not required to know sub-ASs in the confederation. The ID of the confederation is the number of the AS. In the above figure, AS 200 is the confederation ID. The deficiency of confederation is as follows: When changing an AS into a confederation, you must reconfigure your routers.
MP-BGP Overview BGP-4 supports IPv4 unicasts, but does not support other network layer protocols, such as IPv6. To support more network layer protocols, IETF extended BGP-4 by introducing Multiprotocol Extensions for BGP-4 (MP-BGP) in RFC 4760. Routers supporting MP-BGP can communicate with routers not supporting MP-BGP. MP-BGP extended attributes In BGP-4, the attributes for IPv4 address format are NLRI, NEXT_HOP and AGGREGATOR (AGGREGATOR contains the IP address of the speaker generating the summary route).
BGP configuration task list Task Remarks Creating a BGP connection Required. Specifying the source interface for TCP Configuring BGP basic Optional. connections functions Allowing establishment of EBGP connection to an Optional. indirectly connected peer or peer group Injecting a local network Required.
Task Remarks Configuring the interval for sending the same Optional. update Configuring BGP soft-reset Optional. Enabling the BGP ORF capability Optional. Enabling 4-byte AS number suppression Optional. Setting the DSCP value for BGP packets Optional. Enabling quick EBGP session reestablishment Optional.
Step Command Remarks Enter system view. system-view Optional. Not configured by default. If no global router ID is configured, the highest loopback interface IP Configure a global router ID. router id router-id address—if any—is used as the router ID. If no loopback interface IP address is available, the highest physical interface IP address is used, regardless of the interface status.
Step Command Remarks Enter system view. system-view Enter BGP view. bgp as-number By default, BGP uses the outbound Specify the source interface interface of the best route to the BGP peer { group-name | ip-address } for establishing TCP peer or peer group as the source connect-interface interface-type connections to a peer or peer interface for establishing a TCP...
Step Command Remarks Enter system view. system-view Enter BGP view. bgp as-number network ip-address [ mask | Optional. Inject a network to the BGP mask-length ] route-policy routing table. Not injected by default. route-policy-name Configuring BGP route redistribution BGP does not find routes by itself. Rather, it redistributes routing information in the local AS from other routing protocols.
Controlling route distribution and reception Configuration prerequisites BGP connections must be created. Configuring BGP route summarization To reduce the routing table size on medium and large BGP networks, you need to configure route summarization on BGP routers. BGP supports automatic and manual summarization modes. Manual summary routes have a higher priority than automatic ones.
To advertise a default route to a peer or peer group: Step Command Remarks Enter system view. system-view Enter BGP view. bgp as-number peer { group-name | ip-address } Advertise a default route to a Not advertised by default-route-advertise [ route-policy peer or peer group.
Page 148
Step Command Remarks • Configure the filtering of redistributed routes: filter-policy { acl-number | ip-prefix ip-prefix-name } export [ direct | ospf process-id | rip process-id | static ] Configure at least one command. • Reference a routing policy to filter Not configured by default.
Step Command Remarks • Filter incoming routes with an ACL or IP prefix list: filter-policy { acl-number | ip-prefix ip-prefix-name } import • Reference a routing policy to filter routes from a peer or peer group: Configure at least one command. peer { group-name | ip-address } No route reception filtering is route-policy route-policy-name...
Step Command Remarks • Specify the maximum number of prefixes that can be received from a peer or peer group: Use one of the commands. peer { group-name | No limit is configured by default. ip-address } route-limit prefix-number If the specified maximum number is [ percentage-value ] reached: •...
Step Command Remarks Optional. network ip-address [ mask | mask-length ] By default, an EBGP Configure a shortcut route. short-cut route received has a priority of 255. Configuring BGP route attributes Configuration prerequisites BGP connections must be created. Specifying a preferred value for routes received By default, routes received from a peer have a preferred value of 0.
Configuring the default local preference The local preference is used to determine the best route for traffic leaving the local AS. When a BGP router obtains from several IBGP peers multiple routes to the same destination but with different next hops, it considers the route with the highest local preference as the best route.
Page 153
Figure 58 Route selection based on MED As shown in Figure 58, Router D learns network 10.0.0.0 from both Router A and Router B. Because Router B has a smaller router ID, the route learned from it is optimal. Network NextHop LocPrf PrefVal Path/Ogn...
Enabling the comparison of MED of routes from confederation peers The MED attributes of routes from confederation peers are not compared if their AS_PATH attributes contain AS numbers that do not belong to the confederation, such as these three routes: AS_PATH attributes of them are 65006 65009, 65007 65009, and 65008 65009;...
If you have configured BGP load balancing on a BGP router, the router will set it as the next hop for routes sent to an IBGP peer or peer group. This is done regardless of whether the peer next-hop-local command is configured.
Page 156
Specifying a fake AS number for a peer or peer group When Router A in AS 2 is moved to AS 3, you can configure Router A to specify a fake AS number of 2 for created connections to EBGP peers or peer groups. In this way, these EBGP peers still think Router A is in AS 2 and need not change their configurations.
Removing private AS numbers from updates to a peer or peer group Step Command Remarks Enter system view. system-view Enter BGP view. bgp as-number Configure BGP to remove private AS peer { group-name | ip-address } By default, BGP updates numbers from the AS_PATH attribute of public-as-only carry private AS numbers.
If the router has established a neighbor relationship with a peer, you must reset the BGP connection • to validate the new set timers. The timer command takes effect for only new connections. • After peer timer command is executed, the peer connection is closed at once, and a new •...
Configuring automatic soft-reset After route refresh is enabled for peers and a policy is modified, the router advertises a route-refresh message to the peers, which then resend their routing information to the router. After receiving the routing information, the router performs dynamic route update by using the new policy. To enable BGP route refresh for a peer or peer group: Step Command...
whether to carry non-standard ORF information in the packets). After completing the negotiation process and establishing the neighboring relationship, the BGP router and its BGP peer can exchange ORF information through specific route-refresh messages. For the parameters configured on both sides for ORF capability negotiation, see Table To enable the BGP ORF capability: Step...
Step Command Remarks Enter system view. system-view Enter BGP view. bgp as-number Enable 4-byte AS peer { group-name | ip-address } Disabled by default. number suppression. capability-advertise suppress-4-byte-as Setting the DSCP value for BGP packets An IPv4 packet header contains an 8-bit Type of Service (TOS) field. As defined in RFC 2474, the first six bits set the Differentiated Services Code Point (DSCP) value and the last two bits are reserved.
Enabling MD5 authentication for TCP connections BGP employs TCP as the transport protocol. To increase security, configure BGP to perform MD5 authentication when establishing a TCP connection. The two parties must have the same password configured to establish TCP connections. BGP MD5 authentication is not for BGP packets, but for TCP connections.
Configuring a large scale BGP network In a large-scale BGP network, configuration and maintenance become difficult because of the large numbers of BGP peers. To facilitate configuration, you can configure peer group, community, route reflector, or confederation as needed. Configuration prerequisites Peering nodes are accessible to each other at the network layer.
Page 164
Step Command Enter system view. system-view Enter BGP view. bgp as-number Create an EBGP peer group. group group-name external Specify the AS number for the peer group-name as-number as-number group. Add the peer into the group. peer ip-address group group-name NOTE: Do not specify any AS number for a peer before adding it into the peer group.
NOTE: Do not specify any AS number for a peer before adding it into the peer group. • Peers added in the group can have different AS numbers. • Configuring BGP community A BGP community is a group of destinations with the same characteristics. It has no geographical boundaries and is independent of ASs.
Step Command Remarks Enter system view. system-view Enter BGP view. bgp as-number Configure the router as a route peer { group-name | ip-address } reflector and specify a peer or Not configured by default. reflect-client peer group as its client. Optional.
To configure confederation compatibility: Step Command Remarks Enter system view. system-view Enter BGP view. bgp as-number Enable compatibility with routers not Optional. compliant with RFC 3065 in the confederation nonstandard Not enabled by default. confederation. Configuring BGP GR Perform the following configuration on the GR Restarter and GR Helper. Follow these guidelines when you configure BGP GR: •...
Enabling logging of peer state changes Step Command Remarks Enter system view. system-view Enter BGP view. bgp as-number Optional. Enable the logging of peer log-peer-change state changes globally. Enabled by default. Enable the logging of peer Optional. peer { group-name | ip-address } state changes for a peer or log-change Enabled by default.
Page 169
Task Command Remarks Display advertised BGP routing display bgp network [ | { begin | exclude | include } Available in information. regular-expression ] any view display bgp paths [ as-regular-expression | | { begin | Available in Display AS path information. exclude | include } regular-expression ] any view display bgp peer [ ip-address { log-info | verbose } |...
Task Command Remarks display bgp routing-table statistic [ | { begin | exclude Available in Display BGP routing statistics. | include } regular-expression ] any view display router id [ | { begin | exclude | include } Available in Display the global router ID.
Page 171
Figure 62 Network diagram Configuration procedure Configure IP addresses for interfaces. (Details not shown.) Configure IBGP: To prevent route flapping caused by port state changes, this example uses loopback interfaces to establish IBGP connections. Because loopback interfaces are virtual interfaces, you need to use the peer connect-interface command to specify the loopback interface as the source interface for establishing BGP connections.
Page 172
BGP local router ID : 3.3.3.3 Local AS number : 65009 Total number of peers : 1 Peers in established state : 1 Peer MsgRcvd MsgSent OutQ PrefRcv Up/Down State 2.2.2.2 65009 0 00:00:13 Established The output shows that Switch C has established an IBGP peer relationship with Switch B. Configure EBGP: The EBGP peers, Switch A and Switch B (usually belong to different carriers), are located in different ASs.
Page 173
Origin : i - IGP, e - EGP, ? - incomplete Network NextHop LocPrf PrefVal Path/Ogn *> 8.1.1.0/24 0.0.0.0 # Display the BGP routing table on Switch B. [SwitchB] display bgp routing-table Total Number of Routes: 1 BGP Local router ID is 2.2.2.2 Status codes: * - valid, ^ - VPNv4 best, >...
Origin : i - IGP, e - EGP, ? – incomplete Network NextHop LocPrf PrefVal Path/Ogn *> 2.2.2.2/32 3.1.1.1 65009? 3.1.1.0/24 3.1.1.1 65009? *> 8.1.1.0/24 0.0.0.0 *> 9.1.1.0/24 3.1.1.1 65009? Two routes 2.2.2.2/32 and 9.1.1.0/24 have been added in Switch A’s routing table. # Display the BGP routing table on Switch C.
Page 175
A must be able to access network 9.1.2.0/24 in AS 65009, and Switch C must access network 8.1.1.0/24 in AS 65008. Figure 63 Network diagram Configuration procedure Configure IP addresses for interfaces. (Details not shown.) Configure OSPF: Enable OSPF in AS 65009, so that Switch B can obtain the route to 9.1.2.0/24. # Configure Switch B.
Page 176
Configure BGP and IGP synchronization: Configure BGP to redistribute routes from OSPF on Switch B, so that Switch A can obtain the route to 9.1.2.0/24. Configure OSPF to redistribute routes from BGP on Switch B, so that Switch C can obtain the route to 8.1.1.0/24.
Reply from 9.1.2.1: bytes=56 Sequence=2 ttl=254 time=31 ms Reply from 9.1.2.1: bytes=56 Sequence=3 ttl=254 time=47 ms Reply from 9.1.2.1: bytes=56 Sequence=4 ttl=254 time=46 ms Reply from 9.1.2.1: bytes=56 Sequence=5 ttl=254 time=47 ms --- 9.1.2.1 ping statistics --- 5 packet(s) transmitted 5 packet(s) received 0.00% packet loss round-trip min/avg/max = 15/37/47 ms...
Page 178
Configuration procedure Configure IP addresses for interfaces. (Details not shown.) Configure BGP connections: On Switch A, establish EBGP connections with Switch B and Switch C; configure BGP to advertise network 8.1.1.0/24 to Switch B and Switch C, so that Switch B and Switch C can access the internal network connected to Switch A.
Page 179
BGP Local router ID is 1.1.1.1 Status codes: * - valid, ^ - VPNv4 best, > - best, d - damped, h - history, i - internal, s - suppressed, S - Stale Origin : i - IGP, e - EGP, ? – incomplete Network NextHop LocPrf...
BGP community configuration example Network requirements As shown in Figure 65, Switch B establishes EBGP connections with Switch A and C. Configure NO_EXPORT community attribute on Switch A to make routes from AS 10 not advertised by AS 20 to any other AS.
Page 181
Local AS number : 20 Paths: 1 available, 1 best BGP routing table entry information of 9.1.1.0/24: From : 200.1.2.1 (1.1.1.1) Original nexthop: 200.1.2.1 AS-path : 10 Origin : igp Attribute value : MED 0, pref-val 0, pre 255 State : valid, external, best, Advertised to such 1 peers: 200.1.3.2...
Attribute value : MED 0, pref-val 0, pre 255 State : valid, external, best, Not advertised to any peers yet The route 9.1.1.0/24 is not available in the routing table of Switch C. BGP route reflector configuration example Network requirements Figure 66, all switches run BGP.
BGP confederation configuration example Network requirements Figure 67, to reduce IBGP connections in AS 200, split it into three sub-ASs: AS65001, AS65002, and AS65003. Switches in AS65001 are fully meshed. Figure 67 Network diagram Switch C Switch B Switch F Vlan-int600 Vlan-int300 Vlan-int200...
Page 186
[SwitchF-bgp] quit Verify the configuration: # Display the routing table on Switch B. [SwitchB] display bgp routing-table Total Number of Routes: 1 BGP Local router ID is 2.2.2.2 Status codes: * - valid, ^ - VPNv4 best, > - best, d - damped, h - history, i - internal, s - suppressed, S - Stale Origin : i - IGP, e - EGP, ? - incomplete...
From : 10.1.3.1 (1.1.1.1) Relay Nexthop : 0.0.0.0 Original nexthop: 10.1.3.1 AS-path : 100 Origin : igp Attribute value : MED 0, localpref 100, pref-val 0, pre 255 State : valid, internal, best, Not advertised to any peers yet The output shows the following: Switch F can send route information to Switch B and Switch C through the confederation by establishing only an EBGP connection with Switch A.
Page 189
Configure attributes for route 1.0.0.0/8, making Switch D give priority to the route learned from Switch C: (Method I.) Configure a higher MED value for the route 1.0.0.0/8 advertised from Switch A to peer 192.1.1.2: # Define an ACL numbered 2000 to permit route 1.0.0.0/8. [SwitchA] acl number 2000 [SwitchA-acl-basic-2000] rule permit source 1.0.0.0 0.255.255.255 [SwitchA-acl-basic-2000] quit...
# Inject network 8.0.0.0/8 to the BGP routing table. [SwitchA-bgp] network 8.0.0.0 # Enable GR capability for BGP. [SwitchA-bgp] graceful-restart Configure Switch B: # Configure IP addresses for interfaces. (Details not shown.) # Configure the EBGP connection. <SwitchB> system-view [SwitchB] bgp 65009 [SwitchB-bgp] router-id 2.2.2.2 [SwitchB-bgp] peer 200.1.1.2 as-number 65008 # Configure the IBGP connection.
Page 192
Figure 70 Network diagram Switch B Vlan-int100 Vlan-int101 AS 100 Vlan-int100 Vlan-int101 Vlan-int30 Vlan-int30 AS 200 AS 300 1.1.1.0/24 Vlan-int200 Vlan-int201 Switch E Switch A Switch C Vlan-int200 Vlan-int201 Switch D Device Interface IP address Device Interface IP address Switch A Vlan-int100 3.0.1.1/24 Switch C...
Page 193
Create two route policies, apply_med_50 and apply_med_100. Policy apply_med_50 sets the MED for route 1.1.1.0/24 to 50. Policy apply_med_100 sets that to 100. [SwitchA] route-policy apply_med_50 permit node 10 [SwitchA-route-policy] if-match acl 2000 [SwitchA-route-policy] apply cost 50 [SwitchA-route-policy] quit [SwitchA] route-policy apply_med_100 permit node 10 [SwitchA-route-policy] if-match acl 2000 [SwitchA-route-policy] apply cost 100 [SwitchA-route-policy] quit...
Page 194
[SwitchA] interface vlan-interface 100 Configure the minimum interval for transmitting BFD control packets as 500 milliseconds. [SwitchA-Vlan-interface100] bfd min-transmit-interval 500 Configure the minimum interval for receiving BFD control packets as 500 milliseconds. [SwitchA-Vlan-interface100] bfd min-receive-interval 500 Configure the detect multiplier as 7. [SwitchA-Vlan-interface100] bfd detect-multiplier 7 Configure the BFD authentication mode as plain-text authentication, and set the authentication key to ibgpbfd.
Page 195
2.0.1.1 0 00:01:05 Established 3.0.1.1 0 00:01:34 Established The output shows that Switch C has established two BGP neighborships with Switch A. # Display route 1.1.1.0/24 on Switch C. <SwitchC> display ip routing-table 1.1.1.0 24 verbose Routing Table : Public Summary Count : 4 Destination: 1.1.1.0/24 Protocol: BGP...
BKTunnel ID: 0x0 BKLabel: NULL State: Inactive Adv Age: 00h14m10s Tag: 1 The output shows that Switch A and Switch C communicate through Switch B, and Switch C has two routes to reach network 1.1.1.0/24: Switch C<—>Switch B<—>Switch A, which is the active route;...
Page 197
Check whether an ACL is applied to disable TCP port 179.
Configuring IPv6 static routing Overview Static routes are manually configured. They work well in simple networks. Proper configuration and use can improve network performance and ensure enough bandwidth for important applications. Static routes cannot adapt to network topology changes. If a fault or a topological change occurs in the network, the network administrator has to modify the static routes manually.
Step Command Remarks Required. ipv6 route-static ipv6-address prefix-length { interface-type interface-number The default Configure an IPv6 static route. [ next-hop-address ] | next-hop-address } preference of IPv6 [ preference preference-value ] static routes is 60. NOTE: If you specify a broadcast interface, such as a VLAN interface, as the output interface for a static route, you must specify the next hop address.
Page 200
Figure 71 Network diagram Configuration procedure Configure the IPv6 addresses for all VLAN interfaces. (Details not shown.) Configure IPv6 static routes: # Enable IPv6 and configure a default IPv6 static route on Switch A. <SwitchA> system-view [SwitchA] ipv6 [SwitchA] ipv6 route-static :: 0 4::2 # Enable IPv6 and configure two IPv6 static routes on Switch B.
Page 201
Destination : 1::/64 Protocol : Direct NextHop : 1::1 Preference Interface : Vlan100 Cost Destination : 1::1/128 Protocol : Direct NextHop : ::1 Preference Interface : InLoop0 Cost Destination : FE80::/10 Protocol : Direct NextHop : :: Preference Interface : NULL0 Cost # Verify the connectivity with the ping command.
Configuring RIPng Introduction to RIPng RIP next generation (RIPng) is an extension of RIP-2 for IPv4. Most RIP concepts are applicable in RIPng. The term "router" in this chapter refers to both routers and Layer 3 switches. RIPng for IPv6 has the following basic differences from RIP: •...
RIPng packet format Basic format A RIPng packet consists of a header and multiple route table entries (RTEs). The maximum number of RTEs in a packet depends on the IPv6 MTU of the sending interface. Figure 72 RIPng basic packet format Command Version Must be zero...
RIPng packet processing procedure Request packet When a RIPng router first starts or needs to update entries in its routing table, usually a multicast request packet is sent to ask for needed routes from neighbors. The receiving RIPng router processes RTEs in the request. If only one RTE exists with the IPv6 prefix and prefix length both being 0, and with a metric value of 16, the RIPng router will respond with the entire routing table information in response messages.
Configuring RIPng basic functions This section presents the information to configure the basic RIPng features. You must enable RIPng first before configuring other tasks, but it is not necessary for RIPng-related interface configurations, such as assigning an IPv6 address. Before you configure RIPng basic functions, complete the following tasks: Enable IPv6 packet forwarding.
Step Command Remarks Enter system view. system-view Enter interface view. interface interface-type interface-number Optional. Specify an inbound routing ripng metricin value additional metric. 0 by default. Optional. Specify an outbound ripng metricout value routing additional metric. 1 by default. Configuring RIPng route summarization Step Command Enter system view.
Step Command Remarks filter-policy { acl6-number | Configure a filter policy to By default, RIPng does not filter ipv6-prefix ipv6-prefix-name } filter outgoing routes. outgoing routing information. export [ protocol [ process-id ] ] Configuring a priority for RIPng Any routing protocol has its own protocol priority used for optimal route selection. You can set a priority for RIPng manually.
To configure RIPng timers: Step Command Remarks Enter system view. system-view Enter RIPng view. ripng [ process-id ] Optional. timers { garbage-collect The RIPng timers have the following defaults: garbage-collect-value | suppress Configure RIPng • 30 seconds for the update timer suppress-value | timeout timers.
Configuring zero field check on RIPng packets Some fields in the RIPng packet must be zero, which are called "zero fields". With zero field check on RIPng packets enabled, if such a field contains a non-zero value, the entire RIPng packet is discarded. If you are sure that all packets are trustworthy, disable the zero field check to reduce the CPU processing time.
RIPng configuration examples Configuring RIPng basic functions Network requirements Figure 75, all switches run RIPng. Configure Switch B to filter the route (3::/64) learned from Switch C, which means the route will not be added to the routing table of Switch B, and Switch B will not forward it to Switch A.
Page 211
[SwitchC] interface vlan-interface 500 [SwitchC-Vlan-interface500] ripng 1 enable [SwitchC-Vlan-interface500] quit [SwitchC] interface vlan-interface 600 [SwitchC-Vlan-interface600] ripng 1 enable [SwitchC-Vlan-interface600] quit # Display the routing table on Switch B. [SwitchB] display ripng 1 route Route Flags: A - Aging, S - Suppressed, G - Garbage-collect ---------------------------------------------------------------- Peer FE80::20F:E2FF:FE23:82F5 on Vlan-interface100...
# Display routing tables of Switch B and Switch A. [SwitchB] display ripng 1 route Route Flags: A - Aging, S - Suppressed, G - Garbage-collect ---------------------------------------------------------------- Peer FE80::20F:E2FF:FE23:82F5 on Vlan-interface100 Dest 1::/64, via FE80::20F:E2FF:FE23:82F5, cost 1, tag 0, A, 2 Sec Dest 2::/64, via FE80::20F:E2FF:FE23:82F5, cost 1, tag 0, A, 2 Sec...
Page 213
# Enable RIPng 100 on Switch A. <SwitchA> system-view [SwitchA] ripng 100 [SwitchA-ripng-100] quit [SwitchA] interface vlan-interface 100 [SwitchA-Vlan-interface100] ripng 100 enable [SwitchA-Vlan-interface100] quit [SwitchA] interface vlan-interface 200 [SwitchA-Vlan-interface200] ripng 100 enable [SwitchA-Vlan-interface200] quit # Enable RIP 100 and RIP 200 on Switch B. <SwitchB>...
Page 214
Destination: 2::/64 Protocol : Direct NextHop : 2::1 Preference: 0 Interface : Vlan200 Cost Destination: 2::1/128 Protocol : Direct NextHop : ::1 Preference: 0 Interface : InLoop0 Cost Destination: FE80::/10 Protocol : Direct NextHop : :: Preference: 0 Interface : NULL0 Cost Configure RIPng route redistribution: # Configure route redistribution between the two RIPng processes on Switch B.
Configuring OSPFv3 Introduction to OSPFv3 OSPFv3 overview Open Shortest Path First version 3 (OSPFv3) supports IPv6 and complies with RFC 2740 (OSPF for IPv6). The term "router" in this chapter refers to both routers and Layer 3 switches. OSPFv3 and OSPFv2 have the following similarities: 32-bits router ID and area ID •...
OSPFv3 LSA types OSPFv3 sends routing information in LSAs, which, as defined in RFC 2740, have the following types: Router-LSA—Originated by all routers. This LSA describes the collected states of the router's • interfaces to an area, and is flooded throughout a single area only. •...
LSA delay time Each LSA has an age in the local LSDB (incremented by one per second), but an LSA does not age on transmission. You must add an LSA delay time into the age time before transmission, which is important for low-speed networks.
Task Remarks networks Configuring a DR priority for an interface Optional Ignoring MTU check for DD packets Optional Disabling interfaces from receiving and sending Optional OSPFv3 packets Enabling the logging of neighbor state changes Optional Configuring GR Restarter Optional Configuring OSPFv3 GR Configuring GR Helper Optional Enabling OSPFv3...
Non-backbone areas exchange routing information through the backbone area. The backbone and non-backbone areas—including the backbone itself—must be contiguous. In practice, necessary physical links may not be available for this connectivity. You can configure virtual links to address the problem. Configuration prerequisites Before you configure OSPFv3 area parameters, complete the following tasks: Enable IPv6 packet forwarding.
Step Command Enter system view. system-view Enter OSPFv3 view. ospfv3 [ process-id ] Enter OSPFv3 area view. area area-id vlink-peer router-id [ hello seconds | retransmit seconds | trans-delay Configure a virtual link. seconds | dead seconds | instance instance-id ] * Configuring OSPFv3 network types OSPFv3 classifies networks into the following types by the link layer protocol.
To configure an NBMA or P2MP (unicast) neighbor and its DR priority: Step Command Enter system view. system-view Enter interface view. interface interface-type interface-number Specify an NBMA or P2MP (unicast) neighbor and its ospfv3 peer ipv6-address [ dr-priority dr-priority ] [ instance instance-id ] DR priority.
Step Command Remarks Not configured by default. The filter-policy import command Configure inbound filter-policy { acl-number | ipv6-prefix can only filter routes computed by route filtering. ipv6-prefix-name } import OSPFv3. Only routes not filtered out can be added into the local routing table.
Step Command Remarks Enter system view. system-view Enter OSPFv3 view. ospfv3 [ process-id ] Optional. Specify the maximum number maximum load-balancing of ECMP routes. maximum 8 by default. Configuring a priority for OSPFv3 A router may run multiple routing protocols. The system assigns a priority to each protocol. When these routing protocols find the same route, the route found by the protocol with the highest priority is selected.
Step Command Remarks Optional. By default, the dead interval on P2P, broadcast interfaces is 40 ospfv3 timer dead seconds seconds. Configure the dead interval. [ instance instance-id ] The dead interval set on neighboring interfaces cannot be too short. Otherwise, a neighbor is easily considered down.
Ignoring MTU check for DD packets When LSAs are few in DD packets, it is unnecessary to check the MTU in DD packets to improve efficiency. To ignore MTU check for DD packets: Step Command Remarks Enter system view. system-view interface interface-type Enter interface view.
IMPORTANT: You cannot configure OSPFv3 GR after configuring OSPFv3 virtual links, because they are not supported at the same time. Graceful Restart ensures the continuity of packet forwarding when a routing protocol restarts or a master/slave switchover occurs: • GR Restarter—Graceful restarting router. It must be Graceful Restart capable. GR Helper—The neighbor of the GR Restarter.
OSPFv3 configuration examples Configuring OSPFv3 areas Network requirements Figure 78, all switches run OSPFv3. The AS is split into three areas, in which, Switch B and Switch C act as ABRs to forward routing information between areas. Configure Area 2 as a stub area in order to reduce LSAs in the area without affecting route reachability. Figure 78 Network diagram Configuration procedure Configure IPv6 addresses for interfaces.
Page 232
# Display OSPFv3 routing table information on Switch D. [SwitchD] display ospfv3 routing E1 - Type 1 external route, IA - Inter area route, - Intra area route E2 - Type 2 external route, - Selected route OSPFv3 Router with ID (4.4.4.4) (Process 1) ------------------------------------------------------------------------ *Destination: 2001::/64 Type...
*Destination: 2001:1::/64 Type : IA Cost NextHop : FE80::F40D:0:93D0:1 Interface: Vlan400 *Destination: 2001:2::/64 Type Cost NextHop : directly-connected Interface: Vlan400 *Destination: 2001:3::/64 Type : IA Cost NextHop : FE80::F40D:0:93D0:1 Interface: Vlan400 Configure Area 2 as a totally stub area: # Configure Area 2 as a totally stub area on Switch C. [SwitchC-ospfv3-1-area-0.0.0.2] stub no-summary # Display OSPFv3 routing table information on Switch D.
Page 234
Figure 79 Network diagram Configuration procedure Configure IPv6 addresses for interfaces. (Details not shown.) Configure OSPFv3 basic functions: # Configure Switch A. <SwitchA> system-view [SwitchA] ipv6 [SwitchA] ospfv3 [SwitchA-ospfv3-1] router-id 1.1.1.1 [SwitchA-ospfv3-1] quit [SwitchA] interface vlan-interface 100 [SwitchA-Vlan-interface100] ospfv3 1 area 0 [SwitchA-Vlan-interface100] quit # Configure Switch B.
Page 235
[SwitchD] ospfv3 [SwitchD-ospfv3-1] router-id 4.4.4.4 [SwitchD-ospfv3-1] quit [SwitchD] interface vlan-interface 200 [SwitchD-Vlan-interface200] ospfv3 1 area 0 [SwitchD-Vlan-interface200] quit # Display neighbor information on Switch A. The switches have the same default DR priority 1. Then, Switch D (the switch with the highest Router ID) is elected as the DR, and Switch C is the BDR. [SwitchA] display ospfv3 peer OSPFv3 Area ID 0.0.0.0 (Process 1) ----------------------------------------------------------------------...
OSPFv3 Area ID 0.0.0.0 (Process 1) ---------------------------------------------------------------------- Neighbor ID State Dead Time Interface Instance ID 1.1.1.1 Full/DROther 00:00:33 Vlan100 2.2.2.2 Full/DROther 00:00:36 Vlan200 3.3.3.3 Full/Backup 00:00:40 Vlan100 Restart DR and BDR election: # Use the shutdown and undo shutdown commands on interfaces to restart DR and BDR election. (Details not shown.) # Display neighbor information on Switch A.
Page 237
Figure 80 Network diagram Configuration procedure Configure IPv6 addresses for interfaces. (Details not shown.) Configure OSPFv3 basic functions: # On Switch A, enable OSPFv3 process 1, enable GR, and set the router ID to 1.1.1.1. <SwitchA> system-view [SwitchA] ipv6 [SwitchA] ospfv3 1 [SwitchA-ospfv3-1] router-id 1.1.1.1 [SwitchA-ospfv3-1] graceful-restart enable [SwitchA-ospfv3-1] quit...
After all switches function properly, perform a master/slave switchover on Switch A to trigger an OSPFv3 GR operation. Troubleshooting OSPFv3 configuration No OSPFv3 neighbor relationship established Symptom No OSPF neighbor relationship can be established. Analysis If the physical link and lower protocol function properly, verify OSPF parameters configured on interfaces. The two neighboring interfaces must have the same parameters, such as the area ID, network segment and mask, and network type.
Configuring IPv6 BGP This chapter describes only configuration for IPv6 BGP. For BGP related information, see "Configuring BGP." The term "router" in this chapter refers to both routers and Layer 3 switches. IPv6 BGP overview BGP-4 was designed to carry only IPv4 routing information, so other network layer protocols such as IPv6 are not supported.
Step Command Remarks Enter system view. system-view Enter BGP view. bgp as-number Optional. Specify a router ID. router-id router-id Required if no IP addresses are configured for any interfaces. Enter IPv6 address family ipv6-family view. peer ipv6-address as-number Specify an IPv6 peer. as-number Injecting a local IPv6 route Step...
Specifying the source interface for establishing TCP connections IPv6 BGP uses TCP as the transport layer protocol. By default, IPv6 BGP uses the output interface of the optimal route to a peer or peer group as the source interface for establishing TCP connections to the peer or peer group.
Step Command Remarks Enter system view. system-view Enter BGP view. bgp as-number Enter IPv6 address family ipv6-family view. Optional. Not configured by default. Configure a description for an peer { ipv6-group-name | ipv6-address } The peer group to be IPv6 peer or peer group. description description-text configured with a description must have been...
Configuration prerequisites Before you configure route distribution and reception control, complete the following tasks: Enable IPv6. • Configure IPv6 BGP basic functions. • Configuring IPv6 BGP route redistribution To configure IPv6 BGP route redistribution: Step Command Remarks Enter system view. system-view Enter BGP view.
Step Command Remarks Enter system view. system-view Enter BGP view. bgp as-number Enter IPv6 address family ipv6-family view. Not advertised by default. With the peer default-route-advertise command executed, the Advertise a default route to peer { ipv6-group-name | ipv6-address } local router advertises a an IPv6 peer or peer default-route-advertise [ route-policy...
Configuring inbound route filtering Only routes passing the configured filtering can be added into the local IPv6 BGP routing table. Members of a peer group can have different inbound route filtering policies. To configure inbound route filtering: Step Command Remarks Enter system view.
Step Command Remarks Enter IPv6 address family view. ipv6-family Enable route synchronization between synchronization Not enabled by default. IPv6 BGP and IGP. Configuring route dampening Step Command Remarks Enter system view. system-view Enter BGP view. bgp as-number Enter IPv6 address family ipv6-family view.
In a third party next hop network where the two IPv6 EBGP peers reside in a common broadcast • subnet, the router does not change the next hop for routes sent to the IPv6 EBGP peer or peer group by default, unless the peer next-hop-local command is configured. To configure IPv6 BGP preference and default LOCAL_PREF and NEXT_HOP attributes: Step Command...
Step Command Remarks Enter system view. system-view Enter BGP view. bgp as-number Enter IPv6 address family ipv6-family view. Allow the local AS number to peer { ipv6-group-name | Optional. appear in AS_PATH of routes ipv6-address } allow-as-loop from a peer or peer group Not allowed by default.
Configuration prerequisites Before you configure IPv6 BGP timers, complete the following tasks: Enable IPv6. • Configure IPv6 BGP basic functions. • Configuring IPv6 BGP timers Step Command Remarks Enter system view. system-view Enter BGP view. bgp as-number Enter IPv6 address family view. ipv6-family Optional.
Step Command Remarks Enter system view. system-view Enter BGP view. bgp as-number Enter IPv6 address family ipv6-family view. Optional. Not saved by default. If the peer keep-all-routes command is used, all routes Save all routes from an IPv6 from the peer or peer group peer or peer group, not letting peer { ipv6-group-name | ipv6-address } are saved regardless of...
Step Command Remarks Optional. Enable the non-standard ORF peer { group-name | By default, standard BGP ORF capability for a BGP peer or ipv6-address } capability-advertise capability defined in RFC 5291 peer group. orf non-standard and RFC 5292 is supported. peer { group-name | ip-address | Enable the ORF IP prefix ipv6-address } capability-advertise...
Setting the DSCP value for IPv6 BGP packets An IPv6 packet header contains an 8-bit Traffic class field. This field identifies the service type of IPv6 packets. As defined in RFC 2474, the first six bits set the Differentiated Services Code Point (DSCP) value and the last two bits are reserved.
Step Command Remarks Enter BGP view. bgp as-number Enter IPv6 address family ipv6-family view. Enable MD5 authentication peer { ipv6-group-name | when establishing a TCP ipv6-address } password { cipher | Not enabled by default. connection to the peer or peer simple } password group.
Creating a pure EBGP peer group To create a pure EBGP peer group, specify an AS number for the peer group. If a peer was added into an EBGP peer group, you cannot specify any AS number for the peer group. To create a pure EBGP peer group: Step Command...
Step Command Remarks Enter system view. system-view Enter BGP view. bgp as-number Enter IPv6 address family ipv6-family view. Advertise COMMUNITY peer { ipv6-group-name | attribute to an IPv6 peer or ipv6-address } Not advertised by default. peer group. advertise-community Advertise extended peer { ipv6-group-name | community attribute to an IPv6 ipv6-address }...
Step Command Remarks Optional. Configure the cluster ID of the reflector cluster-id cluster-id By default, a route reflector uses its route reflector. router ID as the cluster ID. Displaying and maintaining IPv6 BGP Displaying BGP Task Command Remarks Display IPv6 BGP peer group display bgp ipv6 group [ ipv6-group-name ] [ | { begin Available in information.
IPv6 BGP basic configuration example Network requirements All switches in Figure 81 run IPv6 BGP. Between Switch A and Switch B is an EBGP connection. Switch B, Switch C, and Switch D are fully meshed through IBGP connections. Figure 81 Network diagram Configuration procedure Configure IPv6 addresses for interfaces.
IPv6 BGP route reflector configuration example Network requirements As shown in the following figure, Switch B receives an EBGP update and sends it to Switch C, which is configured as a route reflector with two clients: Switch B and Switch D. Switch B and Switch D do not need to establish an IBGP connection because Switch C reflects updates between them.
[SwitchC-bgp-af-ipv6] peer 101::2 as-number 200 [SwitchC-bgp-af-ipv6] peer 102::2 as-number 200 # Configure Switch D. <SwitchD> system-view [SwitchD] ipv6 [SwitchD] bgp 200 [SwitchD-bgp] router-id 4.4.4.4 [SwitchD-bgp] ipv6-family [SwitchD-bgp-af-ipv6] peer 102::1 as-number 200 Configure route reflector: # Configure Switch C as a route reflector, and configure Switch B and Switch D as its clients. [SwitchC-bgp-af-ipv6] peer 101::2 reflect-client [SwitchC-bgp-af-ipv6] peer 102::2 reflect-client Use the display bgp ipv6 routing-table command on Switch B and Switch D;...
Configuring routing policies Introduction to routing policy Routing policies are used to receive, advertise, and redistribute only specific routes and modify the attributes of some routes. Routing policy in this chapter involves both IPv4 routing policy and IPv6 routing policy. A routing policy is used to filter routes when they are received, advertised, or redistributed and modify the attributes of some routes.
Page 264
An IP prefix list, identified by name, can comprise multiple items. Each item, identified by an index number, can specify a prefix range to match. An item with a smaller index number is matched first. If one item is matched, the IP prefix list is passed, and the packet will not go to the next item. AS path list An AS path list, configured based on the BGP AS_PATH attribute, can only be used to match BGP routing information.
Defining filters Configuration prerequisites Before you configure this task, you must determine IP-prefix list name, matching address range, and extcommunity list sequence number. Defining an IP prefix list Defining an IPv4 prefix list Identified by name, an IPv4 prefix list can comprise multiple items. Each item specifies a prefix range to match and is identified by an index number.
Step Command Remarks ip ipv6-prefix ipv6-prefix-name [ index index-number ] Define an IPv6 { deny | permit } ipv6-address prefix-length Not defined by default. prefix list. [ greater-equal min-prefix-length ] [ less-equal max-prefix-length ] If all items are set to the deny mode, no routes can pass the IPv6 prefix list. You must define the permit :: 0 less-equal 128 item following multiple deny items to allow other IPv6 routing information to pass.
Defining an extended community list You can define multiple items for an extended community list that is identified by number. During matching, the relation between items is logic OR. If routing information matches one of these items, it passes the extended community list. To define an extended community list: Step Command...
To create a routing policy: Step Command Enter system view. system-view Create a routing policy, specify a node for it, and route-policy route-policy-name { deny | permit } node node-number enter routing policy view. Defining if-match clauses Follow these guidelines when you define if-match clauses: The if-match clauses of a routing policy node are in logic AND relationship.
Step Command Remarks Optional. Match BGP routing information whose if-match as-path AS_PATH attribute is specified in the AS Not configured by AS-PATH-number&<1-16> path lists. default. if-match community Optional. Match BGP routing information whose { { basic-community-list-number | COMMUNITY attribute is specified in the Not configured by comm-list-name } [ whole-match ] | community lists.
Step Command Remarks Optional. Set a cost for routing apply cost [ + | - ] value information. Not set by default. Optional. Set a cost type for routing apply cost-type [ internal | type-1 | information. type-2 ] Not set by default. Optional.
Step Command Remarks Enter system view. system-view Create a routing policy and route-policy route-policy-name Not created by default. enter routing policy view. { deny | permit } node node-number Optional. Not configured by default. Specify the next routing policy continue [ node-number ] The node number specified must node to be matched.
Page 272
Display RIPng routing table information on Switch B to verify the configuration. • Figure 83 Network diagram Configuration procedure Configure Switch A: # Configure IPv6 addresses for VLAN-interface 100 and VLAN-interface 200. <SwitchA> system-view [SwitchA] ipv6 [SwitchA] interface vlan-interface 100 [SwitchA-Vlan-interface100] ipv6 address 10::1 32 [SwitchA-Vlan-interface100] quit [SwitchA] interface vlan-interface 200...
[SwitchD] ip as-path 1 permit .*200.* # Create routing policy rt1 with node 1, and specify the match mode as deny to deny routes from AS 200. [SwitchD] route-policy rt1 deny node 1 [SwitchD-route-policy] if-match as-path 1 [SwitchD-route-policy] quit # Create routing policy rt1 with node 10, and specify the match mode as permit to permit routes from other ASs.
IPv6 routing information filtering failure Symptom The routing protocol is running properly, but filtering routing information failed. Analysis At least one item of the IPv6 prefix list must be configured as permit mode, and at least one node of the routing policy must be configured as permit mode.
Configuring MCE The term "router" in this document refers to both routers and Layer 3 switches. This chapter covers MCE related configuration. For information about routing protocols, see Layer 3—IP Services Configuration Guide. MCE overview MPLS L3VPN overview MPLS L3VPN is a type of PE-based L3VPN technology for service provider VPN solutions. It uses BGP to advertise VPN routes and uses MPLS to forward VPN packets on service provider backbones.
After a CE establishes adjacency with a directly connected PE, it advertises its VPN routes to the PE and learns remote VPN routes from the PE. A CE and a PE use BGP/IGP to exchange routing information. You can also configure static routes between them. After a PE learns the VPN routing information of a CE, it uses BGP to exchange VPN routing information with other PEs.
Page 279
VPN-IPv4 address Traditional BGP cannot process overlapping VPN routes. If, for example, both VPN 1 and VPN 2 use addresses on the segment 10.1 10.10.0/24 and each advertise a route to the segment, BGP selects only one of them, which results in the loss of the other route. PEs use MP-BGP to advertise VPN routes and use VPN-IPv4 address family to solve the problem with traditional BGP.
Export target attribute: A local PE sets this type of route target attribute for VPN-IPv4 routes learned • from directly connected sites before advertising them to other PEs. Import target attribute: A PE checks the export target attribute of VPN-IPv4 routes advertised by •...
Figure 87 Network diagram for the MCE function VPN 1 VPN 2 Site 1 Site 1 VLAN-int2 VLAN-int7 VLAN-int8 VLAN-int3 VPN 2 Site 2 Site 2 VPN 1 On the left-side network, there are two VPN sites, both of which are connected to the MPLS backbone through the MCE device.
Static routes An MCE can communicate with a site through static routes. As static routes configured for traditional CEs take effect globally, address overlapping between multiple VPNs remains a problem until the emergence of MCE. MCE allows static-route-to-VPN-instance binding, which isolates the static routes of different VPNs.
The following routing protocols can be used between MCE and PE devices for routing formation exchange: Static route • • OSPF • • IBGP EBGP • For information about routing protocol configuration and route import, see Layer 3—IP Routing Configuration Guide. Configuring an MCE Configuring VPN instances Configuring VPN instances is required in all MCE networking schemes.
Page 284
After creating and configuring a VPN instance, you associate the VPN instance with the interface for connecting different VPN sites. To associate a VPN instance with an interface: Step Command Remarks Enter system view. system-view interface interface-type Enter interface view. interface-number Associate the current interface ip binding vpn-instance...
Step Command Remarks Optional. Not configured by default. Configure the maximum Setting the maximum number of routing-table limit number number of routes for the VPN routes for a VPN instance to { warn-threshold | simply-alert } instance. support is for preventing too many routes from being redistributed into the PE.
Page 286
route with a VPN instance, so that the static routes of different VPN instances can be isolated from each other. To configure static routing between MCE and VPN site: Step Command Remarks Enter system view. system-view • ip route-static dest-address { mask | mask-length } { gateway-address | interface-type interface-number [ gateway-address ] | vpn-instance d-vpn-instance-name...
Page 287
Configuring OSPF between MCE and VPN site An OSPF process belongs to the public network or a single VPN instance. If you create an OSPF process without binding it to a VPN instance, the process belongs to the public network. By configuring OSPF process-to-VPN instance bindings on a MCE, you allow routes of different VPNs to be exchanged between the MCE and the sites through different OSPF processes, ensuring the separation and security of VPN routes.
Page 288
Step Command Remarks Enter BGP view. bgp as-number ipv4-family vpn-instance Enter BGP-VPN instance view. vpn-instance-name peer { group-name | ip-address } Configure an EBGP peer. as-number as-number Allow the local AS number to appear in the AS_PATH attribute of a received route, peer { group-name | ip-address } Optional.
Page 289
Configuring IBGP beween MCE and VPN site If IBGP is used for exchanging routing information between an MCE and VPN sites, you must configure a BGP peer for each VPN instance respectively, and redistribute the IGP routes of each VPN instance on the VPN sites.
Configuring routing between MCE and PE MCE-PE routing configuration includes these tasks: Bind the MCE-PE interfaces to VPN instances • Perform route configurations • Redistribute VPN routes into the routing protocol running between the MCE and the PE. • Configuring static routing between MCE and PE Step Command Remarks...
Page 291
Step Command Remarks Enter system view. system-view Create an OSPF process ospf [ process-id | router-id for a VPN instance and router-id | vpn-instance enter OSPF view. vpn-instance-name ] * Disabled by default. You must disable routing loop Disable routing loop detection for a VPN OSPF process on vpn-instance-capability simple detection.
Page 292
Step Command Remarks Optional. Configure a filtering filter-policy { acl-number | ip-prefix policy to filter the routes ip-prefix-name } export [ direct | ospf By default, BGP does not filter to be advertised. process-id | rip process-id | static ] the routes to be advertised.
Step Command Remarks Optional. Configure a filtering policy filter-policy { acl-number | ip-prefix By default, BGP does not filter to filter the received routes. ip-prefix-name } import the received routes. Resetting BGP connections When BGP configuration changes, you can use the soft reset function or reset BGP connections to make new configurations take effect.
Page 294
Task Command Remarks Display information about BGP display bgp vpnv4 vpn-instance VPNv4 routes injected into a vpn-instance-name network [ | { begin | Available in any view specific VPN instance or all VPN exclude | include } regular-expression ] instances. display bgp vpnv4 vpn-instance Display BGP VPNv4 AS path vpn-instance-name paths...
MCE configuration examples Using OSPF to advertise VPN routes to the PE Network requirements As shown in Figure 88, the MCE device is connected to VPN 1 through VLAN-interface 10 and to VPN 2 through VLAN-interface 20. RIP runs in VPN 2. Configure the MCE device to separate routes from different VPNs and advertise the VPN routes to PE 1 through OSPF.
Page 296
[MCE] ip vpn-instance vpn2 [MCE-vpn-instance-vpn2] route-distinguisher 20:1 [MCE-vpn-instance-vpn2] vpn-target 20:1 [MCE-vpn-instance-vpn2] quit # Create VLAN 10, add port GigabitEthernet 1/0/1 to VLAN 10, and create VLAN-interface 10. [MCE] vlan 10 [MCE-vlan10] port gigabitethernet 1/0/1 [MCE-vlan10] quit [MCE] interface vlan-interface 10 # Bind VLAN-interface 10 with VPN instance vpn1, and configure an IP address for VLAN-interface 10.
Page 297
[MCE] display ip routing-table vpn-instance vpn1 Routing Tables: vpn1 Destinations : 5 Routes : 5 Destination/Mask Proto Cost NextHop Interface 10.214.10.0/24 Direct 0 10.214.10.3 Vlan10 10.214.10.3/32 Direct 0 127.0.0.1 InLoop0 127.0.0.0/8 Direct 0 127.0.0.1 InLoop0 127.0.0.1/32 Direct 0 127.0.0.1 InLoop0 192.168.0.0/24 Static 60 10.214.10.2...
Page 298
# Configure port GigabitEthernet1/0/1 on the PE. [PE1] interface gigabitethernet 1/0/1 [PE1-GigabitEthernet1/0/1] port link-type trunk [PE1-GigabitEthernet1/0/1] port trunk permit vlan 30 40 [PE1-GigabitEthernet1/0/1] quit # On the MCE, create VLAN 30 and VLAN-interface 30, bind the VLAN interface with VPN instance vpn1, and configure an IP address for the VLAN interface.
[MCE-ospf-10-area-0.0.0.0] network 30.1.1.0 0.0.0.255 [MCE-ospf-10-area-0.0.0.0] quit [MCE-ospf-10] import-route static # On PE 1, start OSPF process 10, bind the process with VPN instance vpn1, set the domain ID to 10, and advertise subnet 30.1.1.0 in area 0. [PE1] ospf 10 router-id 100.100.10.1 vpn-instance vpn1 [PE1-ospf-10] domain-id 10 [PE1-ospf-10] area 0 [PE1-ospf-10-area-0.0.0.0] network 30.1.1.0 0.0.0.255...
Page 300
Figure 89 Network diagram Configuration procedure Configure VPN instances: # Create VPN instances on the MCE and PE 1, and bind the VPN instances with VLAN interfaces. For the configuration procedure, see "Using OSPF to advertise VPN routes to the PE."...
Page 301
127.0.0.0/8 Direct 0 127.0.0.1 InLoop0 127.0.0.1/32 Direct 0 127.0.0.1 InLoop0 192.168.0.0/24 OSPF 10.214.10.2 Vlan10 The output shows that the MCE has learned the private route of VPN 1 through OSPF process 10. # On MCE, bind OSPF process 20 with VPN instance vpn2 to learn the routes of VPN 2. The configuration procedure is similar to that for OSPF process 10.
Page 302
127.0.0.0/8 Direct 0 127.0.0.1 InLoop0 127.0.0.1/32 Direct 0 127.0.0.1 InLoop0 192.168.0.0/24 30.1.1.1 Vlan30 # Perform similar configuration on the MCE and PE 1 for VPN 2. Redistribute the OSPF routes of VPN instance vpn2 into the EBGP routing table. (Details not shown.) The following output shows that PE 1 has learned the private route of VPN 2 through BGP: [PE1] display ip routing-table vpn-instance vpn2 Routing Tables: vpn2...
Configuring policy-based routing Introduction to PBR Policy-based routing (PBR) is a routing mechanism based on user-defined policies. Different from the traditional destination-based routing mechanism, PBR enables you to use a policy (based on the source address or other criteria) to route packets. This Switch Series implements PBR by using a QoS policy.
Step Command Remarks Associate the class with classifier tcl-name behavior the traffic behavior in the behavior-name QoS policy. Applying the QoS policy When configuring PBR, you can apply a QoS policy to the following occasions: Applied globally—Affects the traffic sent or received on all ports. •...
Task Command Remarks display qos policy user-defined [ policy-name Display user-defined QoS policy Available in [ classifier tcl-name ] ] [ | { begin | exclude | configuration information. any view include } regular-expression ] Display QoS policy configuration on display qos policy interface [ interface-type Available in the specified interface or on all...
[SwitchA] traffic behavior a [SwitchA-behavior-a] redirect next-hop 202.1.1.2 [SwitchA-behavior-a] quit # Associate class a with behavior a in QoS policy a. [SwitchA] qos policy a [SwitchA-qospolicy-a] classifier a behavior a [SwitchA-qospolicy-a] quit # Apply QoS policy a to the incoming traffic of GigabitEthernet 1/0/1. [SwitchA] interface gigabitethernet 1/0/1 [SwitchA-GigabitEthernet1/0/1] qos apply policy a inbound Verifying the configuration...
Page 307
# Associate class a with behavior a in QoS policy a. [SwitchA] qos policy a [SwitchA-qospolicy-a] classifier a behavior a [SwitchA-qospolicy-a] quit # Apply QoS policy a to the incoming traffic of GigabitEthernet 1/0/1. [SwitchA] interface gigabitethernet 1/0/1 [SwitchA-GigabitEthernet1/0/1] qos apply policy a inbound Verifying th configuration After completing the configuration, verify that when Switch A receives packets with destination IP address 201::2, it forwards the packets to Switch C instead of Switch B.
Support and other resources Contacting HP For worldwide technical support information, see the HP support website: http://www.hp.com/support Before contacting HP, collect the following information: Product model names and numbers • • Technical support registration number (if applicable) Product serial numbers •...
Conventions This section describes the conventions used in this documentation set. Command conventions Convention Description Boldface Bold text represents commands and keywords that you enter literally as shown. Italic Italic text represents arguments that you replace with actual values. Square brackets enclose syntax choices (keywords or arguments) that are optional. Braces enclose a set of required syntax choices separated by vertical bars, from which { x | y | ...
Page 310
Network topology icons Represents a generic network device, such as a router, switch, or firewall. Represents a routing-capable device, such as a router or Layer 3 switch. Represents a generic switch, such as a Layer 2 or Layer 3 switch, or a router that supports Layer 2 forwarding and other Layer 2 features.
Index B C D E I L M O P R S T Controlling route distribution and reception,233 Controlling route generation,134 BGP configuration examples,160 Conventions,299 BGP configuration task list,131 overview,1 17 Default IPv6 route,188 Defining filters,255 Configuring a large scale BGP network,153 Displaying and maintaining a routing table,4...