HP 6125G Configuration Manual
  1. Manuals
  2. Brands
  3. HP Manuals
  4. Switch
  5. 6125G
  6. Configuration manual
HP 6125G Configuration Manual

HP 6125G Configuration Manual

Layer 3 - ip routing
Hide thumbs Also See for 6125G:
Table of Contents

Advertisement

Quick Links

Download this manual See also: Configuration Manual, Installation Manual
HP 6125 Blade Switch Series
Layer 3 - IP Routing

Configuration Guide

Part number: 5998-3157
Software version: Release 2103
Document version: 6W100-20120907

Advertisement

Table of Contents
loading

Related Manuals for HP 6125G

Summary of Contents for HP 6125G

  • Page 1: Configuration Guide

    HP 6125 Blade Switch Series Layer 3 - IP Routing Configuration Guide Part number: 5998-3157 Software version: Release 2103 Document version: 6W100-20120907...
  • Page 2 HEWLETT-PACKARD COMPANY MAKES NO WARRANTY OF ANY KIND WITH REGARD TO THIS MATERIAL, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. Hewlett-Packard shall not be liable for errors contained herein or for incidental or consequential damages in connection with the furnishing, performance, or use of this material.

  • Page 3: Table Of Contents

    Contents IP routing basics ··························································································································································· 1   Overview ············································································································································································ 1   Routing table ······································································································································································ 1   Dynamic routing protocols ··············································································································································· 2   Routing preference ···························································································································································· 2   Load sharing ······································································································································································ 3   Route backup ····································································································································································· 3   Route recursion ·································································································································································· 3  ...
  • Page 4 Configuring RIP route redistribution ····················································································································· 27   Tuning and optimizing RIP networks ···························································································································· 27   Configuring RIP timers ··········································································································································· 28   Configuring split horizon and poison reverse ···································································································· 28   Configuring the maximum number of ECMP routes ·························································································· 29   Enabling zero field check on incoming RIPv1 messages ··················································································...
  • Page 5 Configuring ABR Type-3 LSA filtering ················································································································· 74   Configuring an OSPF cost for an interface ········································································································ 74   Configuring the maximum number of OSPF routes ··························································································· 75   Configuring the maximum number of ECMP routes ·························································································· 75   Configuring OSPF preference ······························································································································ 76  ...
  • Page 6 BGP route selection ············································································································································· 124   BGP and IGP synchronization···························································································································· 125   Settlements for problems in large scale BGP networks ··················································································· 126   BGP GR ································································································································································ 129   MP-BGP ································································································································································· 130   Protocols and standards ····································································································································· 130   BGP configuration task list ·········································································································································· 131  ...
  • Page 7 Enabling logging of peer state changes ···················································································································· 158   Configuring BFD for BGP ············································································································································ 158   Displaying and maintaining BGP ······························································································································· 158   Displaying BGP ···················································································································································· 158   Resetting BGP connections ································································································································· 160   Clearing BGP information ·································································································································· 160   BGP configuration examples ······································································································································...
  • Page 8 OSPFv3 LSA types ··············································································································································· 207   OSPFv3 timers ····················································································································································· 207   OSPFv3 features supported ································································································································ 208   Protocols and standards ····································································································································· 208   OSPFv3 configuration task list ···································································································································· 208   Enabling OSPFv3 ························································································································································· 209   Configuration prerequisites ································································································································ 209   Enabling OSPFv3 ················································································································································...
  • Page 9 Disabling session establishment to an IPv6 peer or peer group ···································································· 233   Logging IPv6 peer or peer group state changes ······························································································ 233   Controlling route distribution and reception ············································································································· 233   Configuration prerequisites ································································································································ 234   Configuring IPv6 BGP route redistribution ········································································································ 234  ...
  • Page 10 Defining apply clauses ········································································································································ 259   Defining a continue clause ································································································································· 260   Displaying and maintaining the routing policy ········································································································· 261   Routing policy configuration examples ······················································································································ 261   Applying a routing policy to IPv6 route redistribution ····················································································· 261   Applying a routing policy to filter received BGP routes ··················································································...

  • Page 11: Ip Routing Basics

    IP routing basics Overview IP routing directs the forwarding of IP packets on routers based on a routing table. This book focuses on unicast routing protocols. For more information about multicast routing protocols, see IP Multicast Configuration Guide. The term "router" in this chapter refers to both routers and Layer 3 switches. The types of interfaces that appear in any figures other than the network diagrams for configuration examples are for illustration only.

  • Page 12: Dynamic Routing Protocols

    80.1.1.0/24 OSPF 80.1.1.1 Vlan13 … A route entry includes the following key items: • Destination—IP address of the destination host or network. Mask—Mask length of the IP address. • Pre—Preference of the route. Among routes to the same destination, the one with the highest •...

  • Page 13: Load Sharing

    The preference of a direct route is always 0 and cannot be changed. You can manually configure preferences for any other route type. Each static route can be configured with a different preference. The following table lists the types of routes and the default preferences. The smaller the preference value, the higher the preference.

  • Page 14: Route Redistribution

    Route redistribution Route redistribution enables routing protocols to learn route information from each other. A dynamic routing protocol can redistribute routes from other protocols including direct routes and static routes. For more information, see the respective chapters on those routing protocols in this configuration guide. Displaying and maintaining a routing table Task Command...
  • Page 15 Task Command Remarks display ipv6 routing-table [ vpn-instance Display routing information vpn-instance-name ] acl acl6-number Available in any view permitted by an IPv6 ACL. [ verbose ] [ | { begin | exclude | include } regular-expression ] display ipv6 routing-table [ vpn-instance vpn-instance-name ] ipv6-address Display routing information for a prefix-length [ longer-match ] [ verbose ]...

  • Page 16: Configuring Static Routing

    Configuring static routing Introduction Static route Static routes are manually configured. If a network's topology is simple, you only need to configure static routes for the network to work properly. The proper configuration and usage of static routes can improve network performance and ensure bandwidth for important network applications.

  • Page 17: Configuring A Static Route

    Other attributes • You can configure different priorities for different static routes so that route management policies can be more flexible. For example, specifying the same priority for different routes to the same destination enables load sharing, but specifying different priorities for these routes enables route backup.

  • Page 18: Configuring Bfd For Static Routes

    Step Command Remarks Configure the Optional. ip route-static default-preference default preference default-preference-value 60 by default. for static routes. Configuring BFD for static routes Bidirectional forwarding detection (BFD) provides a general-purpose, standard, medium-, and protocol-independent fast failure detection mechanism. It can uniformly and quickly detect the failures of the bidirectional forwarding paths between two routers for protocols, such as routing protocols.

  • Page 19: Bfd Echo Mode

    Step Command Remarks • Approach 1: ip route-static dest-address { mask | mask-length } next-hop-address bfd control-packet bfd-source ip-address [ preference preference-value ] [ tag tag-value ] [ description description-text ] Configure BFD Use either control mode for a • Approach 2: command.

  • Page 20: Static Route Configuration Examples

    Task Command Remarks display ip routing-table protocol static [ inactive | Display information of static Available in any verbose ] [ | { begin | exclude | include } routes. view regular-expression ] delete [ vpn-instance vpn-instance-name ] Available in Delete all the static routes.
  • Page 21 Configure the default gateways of hosts A, B, and C as 1.1.2.3, 1.1.6.1, and 1.1.3.1. (Details not shown.) Verify the configuration: # Display the IP routing table on Switch A. [SwitchA] display ip routing-table Routing Tables: Public Destinations : 7 Routes : 7 Destination/Mask Proto...

  • Page 22: Bfd For Static Routes Configuration Example (Direct Next Hop)

    Minimum = 1ms, Maximum = 1ms, Average = 1ms # Use the tracert command on Host B to test the reachability of Host A. C:\Documents and Settings\Administrator>tracert 1.1.2.2 Tracing route to 1.1.2.2 over a maximum of 30 hops <1 ms <1 ms <1 ms 1.1.6.1...
  • Page 23 [SwitchA] ip route-static 120.1.1.0 24 vlan-interface 10 12.1.1.2 bfd control-packet [SwitchA] ip route-static 120.1.1.0 24 vlan-interface 11 10.1.1.100 preference 65 [SwitchA] quit # Configure static routes on Switch B and enable BFD control mode for the static route that traverses the Layer 2 switch. <SwitchB>...

  • Page 24: Bfd For Static Routes Configuration Example (Indirect Next Hop)

    <SwitchA> display ip routing-table protocol static Public Routing Table : Static Summary Count : 1 Static Routing table Status : <Active> Summary Count : 1 Destination/Mask Proto Cost NextHop Interface 120.1.1.0/24 Static 65 10.1.1.100 Vlan11 Static Routing table Status : <Inactive> Summary Count : 0 The output shows that Switch A communicates with Switch B through VLAN-interface 11 now.
  • Page 25 [SwitchA] interface loopback 1 [SwitchA-LoopBack1] bfd min-transmit-interval 500 [SwitchA-LoopBack1] bfd min-receive-interval 500 [SwitchA-LoopBack1] bfd detect-multiplier 9 [SwitchA-LoopBack1] quit [SwitchA] ip route-static 120.1.1.0 24 2.2.2.9 bfd control-packet bfd-source 1.1.1.9 [SwitchA] ip route-static 120.1.1.0 24 vlan-interface 11 10.1.1.100 preference 65 [SwitchA] quit # Configure static routes on Switch B and enable BFD control mode for the static route that traverses Switch D.
  • Page 26 Static Routing table Status : <Inactive> Summary Count : 1 Destination/Mask Proto Cost NextHop Interface 120.1.1.0/24 Static 65 10.1.1.100 Vlan11 The output shows that Switch A communicates with Switch B through VLAN-interface 10. When the link over VLAN-interface 10 fails, Switch A can quickly detect the failure. # Display static routes on Switch A again.

  • Page 27: Configuring Rip

    Configuring RIP Overview Routing Information Protocol (RIP) is a distance-vector interior gateway protocol suited to small-sized networks. It employs UDP to exchange route information through port 520. The term "router" in this chapter refers to both routers and Layer 3 switches. RIP route entries RIP stores routing entries in a database.

  • Page 28: Rip Operation

    Split horizon—Disables RIP from sending routing information on the interface from which the • information was learned to prevent routing loops and save bandwidth. Poison reverse—Enables RIP to set the metric of routes received from a neighbor to 16 and sends •...
  • Page 29 RIPv1 message format Figure 4 RIPv1 message format Command—Type of message. 1 indicates request, which is used to request all or part of the routing • information from the neighbor; 2 indicates response, which contains all or part of the routing information.

  • Page 30: Supported Rip Features

    Figure 6 RIPv2 authentication message Command Version Unused 0xFFFF Authentication type Authentication (16 octets) • Authentication Type—A value of 2 represents simple authentication. A value of 3 represents MD5. RFC 1723 only defines simple authentication. For more information about MD5 authentication, see RFC 2453, RIP Version 2.

  • Page 31: Configuring Rip Basic Functions

    Task Remarks Configuring RIP basic functions Required Configuring an additional routing metric Optional Configuring RIPv2 route summarization Optional Disabling host route reception Optional Configuring RIP route Advertising a default route Optional control Configuring inbound or outbound route filtering Optional Configuring a priority for RIP Optional Configuring RIP route redistribution Optional...

  • Page 32: Configuring The Interface Behavior

    If a physical interface is attached to multiple networks, you cannot advertise these networks in • different RIP processes. To enable RIP: Step Command Remarks Enter system view. system-view Enable a RIP process and rip [ process-id ] [ vpn-instance Disabled by default.

  • Page 33: Setting The Dscp Value For Rip Packets

    To configure a RIP version: Step Command Remarks Enter system view. system-view rip [ process-id ] [ vpn-instance Enter RIP view. vpn-instance-name ] Optional. By default, if an interface has a RIP version specified, the version takes precedence over the global one. If no RIP version is specified for an Specify a global RIP version.

  • Page 34: Configuring Rip Route Control

    Configuring RIP route control In complex networks, you must configure advanced RIP features. Before you configure RIP routing feature, complete the following tasks: • Configure IP addresses for interfaces, and make sure that all neighboring routers can reach each other. Configure RIP basic functions.

  • Page 35: Disabling Host Route Reception

    Step Command Remarks Optional. Enabled by default. Enable RIPv2 automatic route If the subnet routes in the routing summary summarization. table are not consecutive, disable automatic route summarization to avoid black hole routing. Advertising a summary route Disable RIPv2 route automatic summarization before advertising a summary route on an interface. To configure RIPv2 to advertise a summary route on the specified interface: Step Command...

  • Page 36: Configuring Inbound Or Outbound Route Filtering

    If a RIP process is enabled to advertise a default route, to disable an interface of the RIP process • from default route advertisement, you can use the rip default-route no-originate command on the interface. To configure RIP to advertise a default route: Step Command Remarks...

  • Page 37: Configuring A Priority For Rip

    Step Command Remarks Not configured by default. filter-policy { acl-number | The filter-policy export command Configure the filtering of ip-prefix ip-prefix-name } export filters outgoing routes, including outgoing routes. [ protocol [ process-id ] | routes redistributed with the interface-type interface-number ] import-route command.

  • Page 38: Configuring Rip Timers

    Configure IP addresses for interfaces, and make sure that all neighboring nodes can reach each • other. Configure RIP basic functions. • Configuring RIP timers You can change the RIP network convergence speed by adjusting RIP timers. Based on network performance, make RIP timers of RIP routers identical to each other to avoid unnecessary traffic or route oscillation.

  • Page 39: Configuring The Maximum Number Of Ecmp Routes

    Step Command Remarks Enter system view. system-view interface interface-type Enter interface view. interface-number Enable poison reverse. rip poison-reverse Disabled by default. Configuring the maximum number of ECMP routes Perform this task to implement load sharing over ECMP routes. To configure the maximum number of ECMP routes: Step Command Remarks...

  • Page 40: Configuring Ripv2 Message Authentication

    To enable source IP address check on incoming RIP updates: Step Command Remarks Enter system view. system-view rip [ process-id ] [ vpn-instance Enter RIP view. vpn-instance-name ] Enable source IP address Optional. check on incoming RIP validate-source-address Enabled by default. messages.

  • Page 41: Configuring Rip-To-Mib Binding

    Configuring RIP-to-MIB binding This task allows you to enable a specific RIP process to receive SNMP requests. To bind RIP to MIB: Step Command Remarks Enter system view. system-view Optional. Bind RIP to MIB. rip mib-binding process-id By default, MIB is bound to RIP process 1.

  • Page 42: Bidirectional Control Detection Mode

    Step Command Remarks Configure the source IP By default, no source IP address is bfd echo-source-ip ip-address address of BFD echo packets. configured for BFD echo packets. interface interface-type Enter interface view. interface-number Enable BFD on the RIP rip bfd enable Disabled by default.

  • Page 43: Rip Configuration Examples

    Task Command Remarks display rip process-id route [ ip-address { mask | mask-length } Display routing information about | peer ip-address | statistics ] [ | Available in any view a specified RIP process. { begin | exclude | include } regular-expression ] Reset a RIP process.

  • Page 44: Configuring Rip Route Redistribution

    10.0.0.0/8 192.168.1.2 The output shows that RIPv1 uses a natural mask. Configure RIP version: # Configure RIPv2 on Switch A. [SwitchA] rip [SwitchA-rip-1] version 2 [SwitchA-rip-1] undo summary [SwitchA-rip-1] quit # Configure RIPv2 on Switch B. [SwitchB] rip [SwitchB-rip-1] version 2 [SwitchB-rip-1] undo summary # Display the RIP routing table on Switch A.
  • Page 45 Configuration procedure Configure an IP address for each interface. (Details not shown.) Configure basic RIP functions: # Enable RIP 100 and specify RIP version 2 on Switch A. <SwitchA> system-view [SwitchA] rip 100 [SwitchA-rip-100] network 10.0.0.0 [SwitchA-rip-100] network 11.0.0.0 [SwitchA-rip-100] version 2 [SwitchA-rip-100] undo summary [SwitchA-rip-100] quit # Enable RIP 100 and RIP 200 and specify RIP version 2 on Switch B.

  • Page 46: Configuring An Additional Metric For A Rip Interface

    [SwitchB-rip-200] import-route direct [SwitchB-rip-200] quit # Display the routing table of Switch C. [SwitchC] display ip routing-table Routing Tables: Public Destinations : 8 Routes : 8 Destination/Mask Proto Cost NextHop Interface 10.2.1.0/24 12.3.1.1 Vlan200 11.1.1.0/24 12.3.1.1 Vlan200 12.3.1.0/24 Direct 0 12.3.1.2 Vlan200 12.3.1.2/32...
  • Page 47 Figure 9 Network diagram Configuration procedure Configure IP addresses for the interfaces. (Details not shown.) Configure RIP basic functions: # Configure Switch A. <SwitchA> system-view [SwitchA] rip 1 [SwitchA-rip-1] network 1.0.0.0 [SwitchA-rip-1] version 2 [SwitchA-rip-1] undo summary [SwitchA-rip-1] quit # Configure Switch B. <SwitchB>...

  • Page 48: Configuring Rip To Advertise A Summary Route

    [SwitchA] display rip 1 database 1.0.0.0/8, cost 0, ClassfulSumm 1.1.1.0/24, cost 0, nexthop 1.1.1.1, Rip-interface 1.1.2.0/24, cost 0, nexthop 1.1.2.1, Rip-interface 1.1.3.0/24, cost 1, nexthop 1.1.1.2 1.1.4.0/24, cost 1, nexthop 1.1.2.2 1.1.5.0/24, cost 2, nexthop 1.1.1.2 1.1.5.0/24, cost 2, nexthop 1.1.2.2 The output shows that two RIP routes can reach network 1.1.5.0/24.
  • Page 49 Configuration procedure Configure IP addresses for interfaces. (Details not shown.) Configure OSPF basic functions: # Configure Switch A. <SwitchA> system-view [SwitchA] ospf [SwitchA-ospf-1] area 0 [SwitchA-ospf-1-area-0.0.0.0] network 10.5.1.0 0.0.0.255 [SwitchA-ospf-1-area-0.0.0.0] network 10.2.1.0 0.0.0.255 [SwitchA-ospf-1-area-0.0.0.0] quit # Configure Switch B. <SwitchB> system-view [SwitchB] ospf [SwitchB-ospf-1] area 0 [SwitchB-ospf-1-area-0.0.0.0] network 10.1.1.0 0.0.0.255...

  • Page 50: Configuring Bfd For Rip (Single-Hop Echo Detection Mode)

    Destinations : 10 Routes : 10 Destination/Mask Proto Cost NextHop Interface 10.1.1.0/24 11.3.1.1 Vlan300 10.2.1.0/24 11.3.1.1 Vlan300 10.5.1.0/24 11.3.1.1 Vlan300 10.6.1.0/24 11.3.1.1 Vlan300 11.3.1.0/24 Direct 0 11.3.1.2 Vlan300 11.3.1.2/32 Direct 0 127.0.0.1 InLoop0 11.4.1.0/24 Direct 0 11.4.1.2 Vlan400 11.4.1.2/32 Direct 0 127.0.0.1 InLoop0 127.0.0.0/8...
  • Page 51 learns the static route sent by Switch C with the output interface being the interface connected to Switch Figure 11 Network diagram Configuration procedure Configure IP addresses for interfaces. (Details not shown.) Configure RIP basic functions: # Configure Switch A. <SwitchA>...
  • Page 52 [SwitchC-rip-1] undo summary [SwitchC-rip-1] network 192.168.1.0 [SwitchC-rip-1] network 192.168.3.0 [SwitchC-rip-1] import-route static [SwitchC-rip-1] quit Configure BFD parameters on Switch A. [SwitchA] bfd session init-mode active [SwitchA] bfd echo-source-ip 11.11.11.11 [SwitchA] interface vlan-interface 100 [SwitchA-Vlan-interface100] bfd min-transmit-interval 500 [SwitchA-Vlan-interface100] bfd min-receive-interval 500 [SwitchA-Vlan-interface100] bfd detect-multiplier 7 [SwitchA-Vlan-interface100] quit [SwitchA] quit...

  • Page 53: Configuring Bfd For Rip (Bidirectional Control Detection Mode)

    State: Inactive Adv Age: 00h12m50s Tag: 0 When the link over VLAN-interface 100 fails, Switch A can quickly detect the change. # Display the BFD session information on Switch A. <SwitchA> display bfd session Switch A has deleted the BFD session on VLAN-interface 100 to Switch C and displays no output. # Display the RIP routes of RIP process 1 on Switch A.
  • Page 54 relationship with Switch C and the route information received from Switch C. Then, Switch A learns the static route sent by Switch C, the output interface of the route is the interface connected to Switch D. Figure 12 Network diagram Configuration procedure Configure IP addresses for interfaces.

  • Page 55: Configure Static Routes

    [SwitchC-rip-1] peer 192.168.1.1 [SwitchC-rip-1] undo validate-source-address [SwitchC-rip-1] import-route static [SwitchC-rip-1] quit [SwitchC] interface vlan-interface 200 [SwitchC-Vlan-interface200] rip bfd enable [SwitchC-Vlan-interface200] quit # Configure Switch D. <SwitchD> system-view [SwitchD] rip 1 [SwitchD-rip-1] version 2 [SwitchD-rip-1] undo summary [SwitchD-rip-1] network 192.168.3.0 [SwitchD-rip-1] network 192.168.4.0 Configure BFD parameters: # Configure Switch A.
  • Page 56 LD/RD SourceAddr DestAddr State Holdtime Interface 192.168.1.1 192.168.2.2 1700ms vlan100 # Display routes destined for 100.1.1.0/24 on Switch A. <SwitchA> display ip routing-table 100.1.1.0 24 verbose Routing Table : Public Summary Count : 2 Destination: 100.1.1.0/24 Protocol: RIP Process ID: 1 Preference: 100 Cost: 1 IpPrecedence:...

  • Page 57: Troubleshooting Rip

    NextHop: 192.168.3.2 Interface: vlan-interface 300 BkNextHop: 0.0.0.0 BkInterface: RelyNextHop: 0.0.0.0 Neighbor : 192.168.3.2 Tunnel ID: 0x0 Label: NULL BKTunnel ID: 0x0 BKLabel: NULL State: Active Adv Age: 00h18m40s Tag: 0 Troubleshooting RIP No RIP updates received Symptom No RIP updates are received when the links function. Analysis After enabling RIP, you must use the network command to enable corresponding interfaces.

  • Page 58: Configuring Ospf

    Configuring OSPF Overview Open Shortest Path First (OSPF) is a link state interior gateway protocol developed by the OSPF working group of the IETF. Now, OSPF version 2 (RFC 2328) is used. Unless otherwise noted, OSPF refers to OSPFv2 throughout this chapter. The term "router" in this chapter refers to both routers and Layer 3 switches.
  • Page 59 Router ID An OSPF process running on a router must have its own router ID. This ID is a 32-bit unsigned integer that uniquely identifies the router in the AS. OSPF packets OSPF uses the following types of packets: Hello—Periodically sent to find and maintain neighbors, containing the values of some timers, •...

  • Page 60: Area Based Ospf Network Partition

    Area based OSPF network partition Network partition In a large OSPF routing domain, the LSDB becomes very huge and SPF computation consumes many storage and CPU resources. In addition, because topology changes can easily occur, OSPF packets generated for route information synchronization are enormous, occupying excessive bandwidth.
  • Page 61 Figure 14 Virtual link application 1 Virtual links can also be used to provide redundant links. If the backbone area cannot maintain internal connectivity due to the failure of a physical link, you can configure a virtual link to replace the failed physical link, as shown in Figure Figure 15 Virtual link application 2...
  • Page 62 NSSA area Similar to a stub area, an NSSA area does not import AS external LSAs (Type-5 LSAs), but can import Type-7 LSAs generated by the NSSA ASBR. The NSSA ABR translates Type-7 LSAs into Type-5 LSAs and advertises the Type-5 LSAs to other areas. In the following figure, the OSPF AS contains Area 1, Area 2, and Area 0.

  • Page 63: Router Types

    Router types Router classification The following are OSPF router types and their positions in the AS: Internal router—All interfaces on an internal router belong to one OSPF area. • • Area Border Router (ABR)—An ABR belongs to more than two areas, one of which must be the backbone area.

  • Page 64: Ospf Network Classification

    OSPF classifies external routes as Type- 1 or Type-2. A Type- 1 external route has high credibility. The cost from a router to the destination of the Type- 1 external route = the cost from the router to the corresponding ASBR + the cost from the ASBR to the destination of the external route.

  • Page 65: Dr And Bdr

    DR and BDR Introduction On a broadcast or NBMA network, any two routers need to establish an adjacency to exchange routing information with each other. If n routers are present on the network, n(n- 1 )/2 adjacencies are required. In addition, any topology change on the network results in traffic for route synchronization, which consumes many system and bandwidth resources.

  • Page 66: Ospf Packet Formats

    OSPF packet formats OSPF packets are directly encapsulated into IP packets. OSPF uses the IP protocol number 89. The format of an OSPF LSU packet is shown in Figure Figure 20 OSPF packet format OSPF packet header OSPF packets are classified into five types that have the same packet header. Figure 21 OSPF packet header Major fields of the OSPF packet header are as follows: •...
  • Page 67 Figure 22 Hello packet format Version Packet length Router ID Area ID Checksum AuType Authentication Authentication Network mask HelloInterval Options Rtr Pri RouterDeadInterval Designated router Backup designated router Neighbor Neighbor Major fields of the hello packet are as follows: Network mask—Network mask associated with the router’s sending interface. If two routers have •...
  • Page 68 Figure 23 DD packet format Major fields of the DD packets are as follows: • Interface MTU—Specifies the largest IP datagram in bytes that the interface can send without fragmentation. I (Initial)—The Init bit, which is set to 1 if the packet is the first DD packet. It is set to 0 if not. •...
  • Page 69 Figure 24 LSR packet format Version Packet length Router ID Area ID Checksum AuType Authentication Authentication LS type Link state ID Advertising router Major fields of the LSR packets are as follows: LS type—Type of the LSA to be requested. Type 1 for example indicates the Router LSA. •...
  • Page 70 Figure 26 LSAck packet format LSA header format All LSAs have the same header. Figure 27 LSA header format Major fields of the LSA header are as follows: LS age—Time, in seconds, elapsed since the LSA was originated. An LSA ages in the LSDB (added •...
  • Page 71 Figure 28 Router LSA format LS age Options Link state ID Advertising router LS sequence number LS checksum Length # Links Link ID Link data Type #TOS Metric TOS metric Link ID Link data Major fields of the Router LSA are as follows: Link state ID—ID of the router that originated the LSA.
  • Page 72 Figure 29 Network LSA format Major fields of the Network LSA are as follows: Link state ID—The interface address of the DR. Network mask—The mask of the network (a broadcast or NBMA network). Attached router—The IDs of the routers, which are adjacent to the DR, including the DR itself. •...
  • Page 73 An AS external LSA is originated by an ASBR, and describes routing information to a destination outside the AS. Figure 31 AS external LSA format Major fields of the AS external LSA are as follows: Link state ID—The IP address of another AS to be advertised. When describing a default route, the Link state ID is always set to default destination (0.0.0.0) and the network mask is set to 0.0.0.0 Network mask—The IP address mask for the advertised destination...

  • Page 74: Supported Features

    Figure 32 NSSA external LSA format Supported features Multi-process This feature allows multiple OSPF processes to run on a router both simultaneously and independently. Routing information interactions between different processes simulate interactions between different routing protocols. Multiple OSPF processes can use the same RID. An interface of a router can only belong to a single OSPF process.

  • Page 75: Protocols And Standards

    Bidirectional forwarding detection (BFD) provides a single mechanism to quickly detect and monitor the connectivity of links between OSPF neighbors, reducing network convergence time. For more information about BFD, see High Availability Configuration Guide. Protocols and standards RFC 1765, OSPF Database Overflow •...

  • Page 76: Enabling Ospf

    Task Remarks Configuring OSPF route redistribution Optional Configuring OSPF packet timers Optional Specifying LSA transmission delay Optional Specifying SPF calculation interval Optional Specifying the LSA arrival interval Optional Specifying the LSA generation interval Optional Disabling interfaces from receiving and sending OSPF Optional packets Configuring stub routers...

  • Page 77: Configuration Procedure

    Configuration procedure To enable OSPF on a router, create an OSPF process and specify areas with which the process is associated, and the network segments contained in each area. If an interface’s IP address resides on a network segment of an area, the interface belongs to the area and is enabled with OSPF, and OSPF advertises the direct route of the interface.

  • Page 78: Configuring Ospf Areas

    Configuring OSPF areas After splitting an OSPF AS into multiple areas, configure some areas as stub areas or NSSA areas as needed. If no connection can be achieved between the backbone and a non-backbone area, or within the backbone itself, you can configure virtual links to solve it. Configuration prerequisites Before you configure an OSPF area, complete the following tasks: Configure IP addresses for interfaces, and make sure that all neighboring nodes can reach each...

  • Page 79: Configuring An Nssa Area

    NOTE: Virtual links cannot transit totally stub areas. Configuring an NSSA area A stub area cannot redistribute routes. Configure the area as an NSSA area to allow for route redistribution by keeping other stub area characteristics. To configure an NSSA area: Step Command Remarks...

  • Page 80: Configuring Ospf Network Types

    Step Command Remarks vlink-peer router-id [ hello seconds You must configure this command on | retransmit seconds | trans-delay both ends of a virtual link. seconds | dead seconds | simple Configure a virtual link. hello and dead intervals must be [ plain | cipher ] password | { md5 identical on both ends of the virtual | hmac-md5 } key-id [ plain |...

  • Page 81: Configuring The Nbma Network Type For An Interface

    Step Command Remarks Configure the OSPF network By default, the network type of an type for the interface as ospf network-type broadcast interface depends on the link layer broadcast. protocol. Optional. Configure a router priority for ospf dr-priority priority the interface. The default router priority is 1.

  • Page 82: Configuring The P2P Network Type For An Interface

    Step Command Remarks interface interface-type Enter interface view. interface-number By default, the network type of an interface depends on the link layer protocol. After you configure the OSPF Configure the OSPF network network type for an interface as type for the interface as ospf network-type p2mp [ unicast ] P2MP unicast, all packets are unicast P2MP.

  • Page 83: Configuring Ospf Route Summarization

    Configuring OSPF route summarization Route summarization is when an ABR or ASBR summarizes routes with the same prefix into a single route and distributes it to other areas. Route summarization reduces the traffic of routing information exchanged between areas and the sizes of routing tables on routers, improving route calculation speed on routers.

  • Page 84: Configuring Ospf Inbound Route Filtering

    Configuring OSPF inbound route filtering OSPF calculates routes by using LSAs. The calculated routes can be filtered and only permitted routes are installed into the OSPF routing table. OSPF provides the following filtering methods: • Filters routing information by destination address through ACLs and IP address prefixes Filters routing information by next hop through the filtering criteria configured with the gateway •...

  • Page 85: Configuring The Maximum Number Of Ospf Routes

    calculated cost is greater than 65535, the value of 65535 is used. If the calculated cost is less than 1, the value of 1 is used. If the cost value is not configured for an interface, OSPF computes the interface cost automatically. To configure an OSPF cost for an interface: Step Command...

  • Page 86: Configuring Ospf Preference

    Step Command Remarks ospf [ process-id | router-id router-id | Enter OSPF view. vpn-instance vpn-instance-name ] * Optional. Configure the maximum maximum load-balancing maximum number of ECMP routes. 8 by default. Configuring OSPF preference A router can run multiple routing protocols, and each protocol is assigned a preference. When the routing protocols find routes to the same destination, the route found by the protocol with the highest preference is selected as the best route.
  • Page 87 Step Command Remarks import-route protocol [ process-id | Configure OSPF to all-processes | allow-ibgp ] [ cost cost | type redistribute routes from Not configured by default type | tag tag | route-policy another protocol. route-policy-name ] * Configure OSPF to filter filter-policy { acl-number | ip-prefix Optional redistributed routes before...

  • Page 88: Advertising A Host Route

    Step Command Remarks Optional. The default cost is 1, the Configure the default default maximum number parameters for default { cost cost | limit limit | tag tag | type of routes redistributed per redistributed routes (cost, type } * time is 1000, the default upper limit, tag, and tag is 1, and default type...

  • Page 89: Specifying Lsa Transmission Delay

    Dead timer—Interval within which if the interface receives no hello packet from the neighbor, it • declares the neighbor is down. The dead interval must be at least four times the hello interval on an interface. • LSA retransmission timer—Interval within which if the interface receives no acknowledgement packets after sending an LSA to the neighbor, it retransmits the LSA.

  • Page 90: Specifying Spf Calculation Interval

    Specifying SPF calculation interval LSDB changes lead to SPF calculations. When the topology changes frequently, a large amount of network and router resources are occupied by SPF calculation. Adjust the SPF calculation interval to reduce the impact. When network changes are not frequent, the minimum-interval is adopted. If network changes become frequent, the SPF calculation interval is incremented by incremental-interval ×...

  • Page 91: Disabling Interfaces From Receiving And Sending Ospf Packets

    Step Command Remarks Enter system view. system-view ospf [ process-id | router-id router-id | Enter OSPF view. vpn-instance vpn-instance-name ] * Optional. lsa-generation-interval By default, the maximum interval is 5 Configure the LSA maximum-interval [ initial-interval seconds, the minimum interval is 0 generation interval.

  • Page 92: Configuring Ospf Authentication

    Step Command Remarks Configure the router as a By default, the router is not a stub stub-router stub router. router in any OSPF process. Configuring OSPF authentication You can configure OSPF packet authentication to ensure the security of packet exchanges. After authentication is configured, OSPF only receives packets that pass authentication.

  • Page 93: Configuring The Maximum Number Of External Lsas In Lsdb

    Step Command Remarks Optional. Enable the interface to add its ospf mtu-enable MTU into DD packets. Not enabled by default. Configuring the maximum number of external LSAs in LSDB Step Command Remarks Enter system view. system-view ospf [ process-id | router-id router-id | Enter OSPF view.

  • Page 94: Configuring Ospf Network Management

    Configuring OSPF network management With trap generation enabled, OSPF generates traps to report important events. Traps fall into the following levels. Level-3—Fault traps • • Level-4—Alarm traps Level-5—Normal but important traps • Level-6—Notification traps • The generated traps are sent to the information center of the device. The output rules of the traps such as whether to output the traps and the output direction are determined according to the information center configuration.

  • Page 95: Configuring Ospf To Give Priority To Receiving And Processing Hello Packets

    Step Command Remarks Enter system view. system-view ospf [ process-id | router-id router-id | Enter OSPF view. vpn-instance vpn-instance-name ] * Optional. Enable the advertisement and opaque-capability enable reception of opaque LSAs. Disabled by default. Configuring OSPF to give priority to receiving and processing hello packets To ensure OSPF runs properly, a router receives and processes hello packets and other protocol packets at the same time.

  • Page 96: Setting The Dscp Value For Ospf Packets

    Setting the DSCP value for OSPF packets An IPv4 packet header contains an 8-bit TOS field. As defined in RFC 2474, the first six bits set the Differentiated Services Code Point (DSCP) value and the last two bits are reserved. Network devices use the DSCP value as a reference to determine the packet priority for transmission.

  • Page 97: Configuring The Ospf Gr Helper

    Step Command Remarks Enter system view. system-view ospf [ process-id | router-id Enable OSPF and enter its router-id | vpn-instance view. vpn-instance-name ] * Enable opaque LSA opaque-capability enable Disabled by default. advertisement capability. Enable the IETF standard graceful-restart ietf Disabled by default.

  • Page 98: Triggering Ospf Graceful Restart

    Step Command Remarks Optional. Configure the neighbors for graceful-restart help { acl-number The router can serve as a GR which the router can serve as | prefix prefix-list } Helper for any OSPF neighbor by a GR Helper. default. Configuring the non IETF standard OSPF GR Helper Step Command Remarks...

  • Page 99: Configuring Echo Packet Single-Hop Detection

    To enable BFD control packet bidirectional detection on an OSPF interface: Step Command Description Enter system view. system-view interface interface-type Enter interface view. interface-number Enable BFD control packet bidirectional Not enabled by ospf bfd enable detection on the interface. default. Configuring echo packet single-hop detection Step Command...

  • Page 100: Ospf Configuration Examples

    Task Command Remarks display ospf [ process-id ] routing [ interface interface-type interface-number ] [ nexthop Available in any Display routing table information. nexthop-address ] [ | { begin | exclude | include } view regular-expression ] display ospf [ process-id ] vlink [ | { begin | Available in any Display virtual link information.
  • Page 101 Figure 33 Network diagram Area 0 Switch A Switch B Vlan-int100 10.1.1.1/24 Vlan-int100 Vlan-int200 10.1.1.2/24 Vlan-int200 10.3.1.1/24 10.2.1.1/24 Vlan-int200 Area 1 Area 2 Vlan-int200 10.3.1.2/24 10.2.1.2/24 Vlan-int300 Vlan-int300 10.4.1.1/24 10.5.1.1/24 Switch C Switch D Configuration procedure Configure IP addresses for interfaces. (Details not shown.) Configure OSPF basic functions: # Configure Switch A.
  • Page 102 [SwitchD-ospf-1] area 2 [SwitchD-ospf-1-area-0.0.0.2] network 10.3.1.0 0.0.0.255 [SwitchD-ospf-1-area-0.0.0.2] network 10.5.1.0 0.0.0.255 [SwitchD-ospf-1-area-0.0.0.2] quit [SwitchD-ospf-1] quit Verify the configuration: # Display information about neighbors on Switch A. [SwitchA] display ospf peer verbose OSPF Process 1 with Router ID 10.2.1.1 Neighbors Area 0.0.0.0 interface 10.1.1.1(Vlan-interface100)'s neighbors Router ID: 10.3.1.1 Address: 10.1.1.2 GR State: Normal...
  • Page 103 [SwitchA] display ospf lsdb OSPF Process 1 with Router ID 10.2.1.1 Link State Database Area: 0.0.0.0 Type LinkState ID AdvRouter Sequence Metric Router 10.2.1.1 10.2.1.1 1069 80000012 Router 10.3.1.1 10.3.1.1 80000011 Network 10.1.1.1 10.2.1.1 1069 80000010 Sum-Net 10.5.1.0 10.3.1.1 80000003 Sum-Net 10.2.1.0 10.2.1.1...

  • Page 104: Configuring Ospf Route Redistribution

    --- 10.4.1.1 ping statistics --- 5 packet(s) transmitted 5 packet(s) received 0.00% packet loss round-trip min/avg/max = 1/1/2 ms Configuring OSPF route redistribution Network requirements As shown in Figure 34, all the switches run OSPF, and the AS is divided into three areas. Switch A and Switch B act as ABRs to forward routes between areas.

  • Page 105: Configuring Ospf To Advertise A Summary Route

    <SwitchD> display ospf routing OSPF Process 1 with Router ID 10.5.1.1 Routing Tables Routing for Network Destination Cost Type NextHop AdvRouter Area 10.2.1.0/24 Inter 10.3.1.1 10.3.1.1 0.0.0.2 10.3.1.0/24 Transit 10.3.1.2 10.3.1.1 0.0.0.2 10.4.1.0/24 Inter 10.3.1.1 10.3.1.1 0.0.0.2 10.5.1.0/24 Stub 10.5.1.1 10.5.1.1 0.0.0.2 10.1.1.0/24...
  • Page 106 Figure 35 Network diagram Configuration procedure Configure IP addresses for interfaces. (Details not shown.) Configure OSPF basic functions: # Configure Switch A. <SwitchA> system-view [SwitchA] ospf [SwitchA-ospf-1] area 0 [SwitchA-ospf-1-area-0.0.0.0] network 11.2.1.0 0.0.0.255 [SwitchA-ospf-1-area-0.0.0.0] quit [SwitchA-ospf-1] quit # Configure Switch B. <SwitchB>...
  • Page 107 [SwitchD-ospf-1] area 0 [SwitchD-ospf-1-area-0.0.0.0] network 10.1.1.0 0.0.0.255 [SwitchD-ospf-1-area-0.0.0.0] network 10.3.1.0 0.0.0.255 [SwitchD-ospf-1-area-0.0.0.0] quit # Configure Switch E. <SwitchE> system-view [SwitchE] ospf [SwitchE-ospf-1] area 0 [SwitchE-ospf-1-area-0.0.0.0] network 10.2.1.0 0.0.0.255 [SwitchE-ospf-1-area-0.0.0.0] network 10.4.1.0 0.0.0.255 [SwitchE-ospf-1-area-0.0.0.0] quit [SwitchE-ospf-1] quit Configure BGP to redistribute OSPF routes and direct routes: # Configure Switch B.

  • Page 108: Configuring An Ospf Stub Area

    Configure summary route 10.0.0.0/8 on Switch B and advertise it: [SwitchB-ospf-1] asbr-summary 10.0.0.0 8 # Display the OSPF routing table of Switch A. [SwitchA] display ip routing-table Routing Tables: Public Destinations : 5 Routes : 5 Destination/Mask Proto Cost NextHop Interface 10.0.0.0/8 O_ASE...
  • Page 109 [SwitchD-ospf-1] quit # Display ABR/ASBR information on Switch C. <SwitchC> display ospf abr-asbr OSPF Process 1 with Router ID 10.4.1.1 Routing Table to ABR and ASBR Type Destination Area Cost Nexthop RtType Intra 10.2.1.1 0.0.0.1 10.2.1.1 Inter 10.3.1.1 0.0.0.1 10.2.1.1 Inter 10.5.1.1 0.0.0.1...

  • Page 110: Configuring An Ospf Nssa Area

    [SwitchC-ospf-1] quit # Display OSPF routing information on Switch C [SwitchC] display ospf routing OSPF Process 1 with Router ID 10.4.1.1 Routing Tables Routing for Network Destination Cost Type NextHop AdvRouter Area 0.0.0.0/0 Inter 10.2.1.1 10.2.1.1 0.0.0.1 10.2.1.0/24 Transit 10.2.1.2 10.2.1.1 0.0.0.1 10.3.1.0/24...
  • Page 111 Configure Area 1 as an NSSA area and configure Switch C as the ASBR to redistribute static routes into the AS. Figure 37 Network diagram Configuration procedure Configure IP addresses for interfaces. Configure OSPF basic functions. (See "Configuring OSPF basic functions") Configure Area 1 as an NSSA area: # Configure Switch A.

  • Page 112: Configuring Ospf Dr Election

    Routing for Network Destination Cost Type NextHop AdvRouter Area 0.0.0.0/0 65536 Inter 10.2.1.1 10.2.1.1 0.0.0.1 10.2.1.0/24 65535 Transit 10.2.1.2 10.4.1.1 0.0.0.1 10.4.1.0/24 Stub 10.4.1.1 10.4.1.1 0.0.0.1 Total Nets: 3 Intra Area: 2 Inter Area: 1 ASE: 0 NSSA: 0 Configure route redistribution: # Configure Switch C to redistribute static routes.
  • Page 113 Figure 38 Network diagram Configuration procedure Configure IP addresses for interfaces. (Details not shown.) Configure OSPF basic functions: # Configure Switch A. <SwitchA> system-view [SwitchA] router id 1.1.1.1 [SwitchA] ospf [SwitchA-ospf-1] area 0 [SwitchA-ospf-1-area-0.0.0.0] network 192.168.1.0 0.0.0.255 [SwitchA-ospf-1-area-0.0.0.0] quit [SwitchA-ospf-1] quit # Configure Switch B.
  • Page 114 [SwitchD-ospf-1] return # Display OSPF neighbor information on Switch A. [SwitchA] display ospf peer verbose OSPF Process 1 with Router ID 1.1.1.1 Neighbors Area 0.0.0.0 interface 192.168.1.1(Vlan-interface1)'s neighbors Router ID: 2.2.2.2 Address: 192.168.1.2 GR State: Normal State: 2-Way Mode: None Priority: 1 DR: 192.168.1.4 BDR: 192.168.1.3...
  • Page 115 Area 0.0.0.0 interface 192.168.1.4(Vlan-interface1)'s neighbors Router ID: 1.1.1.1 Address: 192.168.1.1 GR State: Normal State: Full Mode:Nbr is Slave Priority: 100 DR: 192.168.1.4 BDR: 192.168.1.3 MTU: 0 Dead timer due in 31 Neighbor is up for 00:11:17 Authentication Sequence: [ 0 ] Router ID: 2.2.2.2 Address: 192.168.1.2 GR State: Normal...

  • Page 116: Configuring Ospf Virtual Links

    Router ID: 3.3.3.3 Address: 192.168.1.3 GR State: Normal State: Full Mode: Nbr is Slave Priority: 2 DR: 192.168.1.1 BDR: 192.168.1.3 MTU: 0 Dead timer due in 39 Neighbor is up for 00:01:41 Authentication Sequence: [ 0 ] Switch A becomes the DR, and Switch C is the BDR. The full neighbor state means an adjacency has been established.
  • Page 117 Configuration procedure Configure IP addresses for interfaces. (Details not shown.) Configure OSPF basic functions: # Configure Switch A. <SwitchA> system-view [SwitchA] ospf 1 router-id 1.1.1.1 [SwitchA-ospf-1] area 0 [SwitchA-ospf-1-area-0.0.0.0] network 10.1.1.0 0.0.0.255 [SwitchA-ospf-1-area-0.0.0.0] quit # Configure Switch B. <SwitchB> system-view [SwitchB] ospf 1 router-id 2.2.2.2 [SwitchB-ospf-1] area 0 [SwitchB-ospf-1-area-0.0.0.0] network 10.1.1.0 0.0.0.255...

  • Page 118: Configuring Ospf Graceful Restart

    Area 0 has no direct connection to Area 2, so the routing table of Switch B has no route to Area Configure a virtual link: # Configure Switch B. [SwitchB] ospf [SwitchB-ospf-1] area 1 [SwitchB-ospf-1-area-0.0.0.1] vlink-peer 3.3.3.3 [SwitchB-ospf-1-area-0.0.0.1] quit [SwitchB-ospf-1] quit # Configure Switch C.
  • Page 119 Figure 40 Network diagram Configuration procedure Configure IP addresses for interfaces. (Details not shown.) Configure OSPF basic functions: # Configure Switch A <SwitchA> system-view [SwitchA] router id 1.1.1.1 [SwitchA] ospf 100 [SwitchA-ospf-100] area 0 [SwitchA-ospf-100-area-0.0.0.0] network 192.1.1.0 0.0.0.255 [SwitchA-ospf-100-area-0.0.0.0] quit # Configure Switch B <SwitchB>...

  • Page 120: Configuring Route Filtering

    [SwitchB-ospf-100] enable link-local-signaling [SwitchB-ospf-100] enable out-of-band-resynchronization # Configure Switch C as the GR Helper: enable the link-local signaling capability and the out-of-band re-synchronization capability for OSPF process 100. [SwitchC-ospf-100] enable link-local-signaling [SwitchC-ospf-100] enable out-of-band-resynchronization Verify the configuration: # After the configurations on Switch A, Switch B, and Switch C are completed and the switches are running steadily, enable OSPF Graceful Restart event debugging and then restart the OSPF process using GR on Switch A.
  • Page 121 All the switches in the network run OSPF. The AS is divided into three areas. • • Switch A and Switch B work as ABRs. Configure Switch C as an ASBR to redistribute external routes (static routes), and configure a filter policy on Switch C to filter out redistributed route 3.1.3.0/24.
  • Page 122 10.2.1.0/24 Direct 0 10.2.1.1 Vlan200 10.2.1.1/32 Direct 0 127.0.0.1 InLoop0 10.3.1.0/24 OSPF 10.1.1.2 Vlan100 10.4.1.0/24 OSPF 10.2.1.2 Vlan200 10.5.1.0/24 OSPF 10.1.1.2 Vlan100 127.0.0.0/8 Direct 0 127.0.0.1 InLoop0 127.0.0.1/32 Direct 0 127.0.0.1 InLoop0 On Switch C, filter out route 3.1.3.0/24: # Configure the IPv4 prefix list. [SwitchC] ip ip-prefix prefix1 index 1 deny 3.1.3.0 24 [SwitchC] ip ip-prefix prefix1 index 2 permit 3.1.1.0 24 [SwitchC] ip ip-prefix prefix1 index 3 permit 3.1.2.0 24...

  • Page 123: Configuring Bfd For Ospf

    [SwitchA] display ip routing-table Routing Tables: Public Destinations : 10 Routes : 10 Destination/Mask Proto Cost NextHop Interface 3.1.1.0/24 O_ASE 10.2.1.2 Vlan200 3.1.2.0/24 O_ASE 10.2.1.2 Vlan200 10.1.1.0/24 Direct 0 10.1.1.1 Vlan100 10.1.1.1/32 Direct 0 127.0.0.1 InLoop0 10.2.1.0/24 Direct 0 10.2.1.1 Vlan200 10.2.1.1/32 Direct 0...
  • Page 124 Configure OSPF basic functions: # Configure Switch A. <SwitchA> system-view [SwitchA] ospf [SwitchA-ospf-1] area 0 [SwitchA-ospf-1-area-0.0.0.0] network 10.1.0.0 0.0.0.255 [SwitchA-ospf-1-area-0.0.0.0] network 11.1.1.0 0.0.0.255 [SwitchA-ospf-1-area-0.0.0.0] network 121.1.1.0 0.0.0.255 [SwitchA-ospf-1-area-0.0.0.0] quit [SwitchA-ospf-1] quit [SwitchA] interface vlan 11 [SwitchA-Vlan-interface11] ospf cost 2 [SwitchA-Vlan-interface11] quit # Configure Switch B.
  • Page 125 [SwitchB-Vlan-interface10] bfd min-transmit-interval 500 [SwitchB-Vlan-interface10] bfd min-receive-interval 500 [SwitchB-Vlan-interface10] bfd detect-multiplier 6 Verify the configuration: # Display the BFD information on Switch A. <SwitchA> display bfd session Total Session Num: 1 Init Mode: Active Session Working Under Ctrl Mode: LD/RD SourceAddr DestAddr State Holdtime Interface...

  • Page 126: Troubleshooting Ospf Configuration

    Troubleshooting OSPF configuration No OSPF neighbor relationship established Symptom No OSPF neighbor relationship can be established. Analysis If the physical link and lower layer protocols work well, verify OSPF parameters configured on interfaces. Two neighbors must have the same parameters, such as the area ID, network segment, and mask (a P2P or virtual link may have different network segments and masks).

  • Page 127: Configuring Bgp

    Configuring BGP BGP overview The Border Gateway Protocol (BGP) is a dynamic inter-AS Exterior Gateway Protocol. The three early BGP versions are BGP- 1 (RFC 1 105), BGP-2 (RFC 1 163) and BGP-3 (RFC 1267). The current version is BGP-4 (RFC 4271), and is the Internet exterior gateway protocol. The term "router" in this chapter refers to both routers and Layer 3 switches, and BGP refers to BGP-4 in this chapter.
  • Page 128 Figure 43 BGP message header Marker—The 16-byte field is used to delimit BGP messages. The Marker must be all ones. • Length—The two-byte unsigned integer indicates the total length of the message. • Type—This one-byte unsigned integer indicates the type code of the message. The following type •...
  • Page 129 Figure 45 BGP update message format Each update message can advertise a group of feasible routes with identical attributes, and the routes are contained in the network layer reachability information (NLRI) field. The path attributes field carries the attributes of these routes. Each update message can also carry multiple withdrawn routes in the withdrawn routes field.

  • Page 130: Bgp Path Attributes

    Figure 47 BGP route-refresh message format AFI—Address family identifier. • Res—Reserved; set to 0. • • SAFI—Subsequent address family identifier. BGP path attributes Path attributes classification BGP path attributes are a group of parameters encapsulated in the path attributes field of update messages.
  • Page 131 ORIGIN is a well-known mandatory attribute that defines the origin of routing information (how a route became a BGP route). This attribute has the following types: IGP—Has the highest priority. Routes added to the BGP routing table using the network command have the IGP attribute.
  • Page 132 NEXT_HOP • Different from IGP, the NEXT_HOP attribute may not be the IP address of a directly connected router. It involves the following types of values, as shown in Figure When advertising a self-originated route to an EBGP peer, a BGP speaker sets the NEXT_HOP for the route to the address of its sending interface.
  • Page 133 In general, BGP compares MEDs of routes received from the same AS only. NOTE: The current implementation supports using the compare-different-as-med command to force BGP to compare MED values of routes received from different ASs. LOCAL_PREF • The LOCAL_PREF attribute is exchanged between IBGP peers only; therefore, it is not advertised to any other AS.

  • Page 134: Bgp Route Selection

    BGP route selection Route selection rules BGP discards routes with unreachable NEXT_HOPs. If multiple routes to the same destination are available, BGP selects the best route in the following sequence: The route with the highest Preferred_value The route with the highest LOCAL_PREF The route originated by the local router The route with the shortest AS-PATH The IGP, EGP, or INCOMPLETE route in turn...

  • Page 135: Bgp And Igp Synchronization

    Figure 52 Network diagram for BGP load balancing In the above figure, Router D and Router E are IBGP peers of Router C. Router A and Router B both advertise a route destined for the same destination to Router C. If load balancing is configured and the two routes have the same AS_PATH attribute, ORIGIN attribute, LOCAL_PREF and MED, Router C installs both the two routes to its route table for load balancing.

  • Page 136: Settlements For Problems In Large Scale Bgp Networks

    Figure 53 BGP and IGP synchronization in an AS For this example, if synchronization is enabled, and the route 8.0.0.0/24 received from Router B is available in its IGP routing table, Router D adds the route into its BGP routing table and advertises the route to the EBGP peer.
  • Page 137 Figure 54 BGP route dampening Peer group You can organize BGP peers with the same attributes into a group to simplify their configurations. When a peer joins the peer group, the peer obtains the same configuration as the peer group. If the configuration of the peer group is changed, the configuration of group members is changed.
  • Page 138 Figure 55 Network diagram for a route reflector The route reflector and clients form a cluster. In some cases, you can configure more than one route reflector in a cluster to improve network reliability and prevent a single point of failure, as shown in the following figure.

  • Page 139: Bgp Gr

    Figure 57 Confederation network diagram AS 65002 AS 65003 EBGP EBGP EBGP IBGP AS 100 IBGP IBGP AS 65004 AS 200 A non-confederation BGP speaker is not required to know sub-ASs in the confederation. The ID of the confederation is the number of the AS. In the above figure, AS 200 is the confederation ID. The deficiency of confederation is as follows: When changing an AS into a confederation, you must reconfigure your routers.

  • Page 140: Mp-Bgp

    MP-BGP Overview BGP-4 supports IPv4 unicasts, but does not support other network layer protocols, such as IPv6. To support more network layer protocols, IETF extended BGP-4 by introducing Multiprotocol Extensions for BGP-4 (MP-BGP) in RFC 4760. Routers supporting MP-BGP can communicate with routers not supporting MP-BGP. MP-BGP extended attributes In BGP-4, the attributes for IPv4 address format are NLRI, NEXT_HOP and AGGREGATOR (AGGREGATOR contains the IP address of the speaker generating the summary route).

  • Page 141: Bgp Configuration Task List

    BGP configuration task list Task Remarks Creating a BGP connection Required. Specifying the source interface for TCP Configuring BGP basic Optional. connections functions Allowing establishment of EBGP connection to an Optional. indirectly connected peer or peer group Injecting a local network Required.

  • Page 142: Configuring Bgp Basic Functions

    Task Remarks Configuring the interval for sending the same Optional. update Configuring BGP soft-reset Optional. Enabling the BGP ORF capability Optional. Enabling 4-byte AS number suppression Optional. Setting the DSCP value for BGP packets Optional. Enabling quick EBGP session reestablishment Optional.

  • Page 143: Specifying The Source Interface For Tcp Connections

    Step Command Remarks Enter system view. system-view Optional. Not configured by default. If no global router ID is configured, the highest loopback interface IP Configure a global router ID. router id router-id address—if any—is used as the router ID. If no loopback interface IP address is available, the highest physical interface IP address is used, regardless of the interface status.

  • Page 144: Allowing Establishment Of Ebgp Connection To An Indirectly Connected Peer Or Peer Group

    Step Command Remarks Enter system view. system-view Enter BGP view. bgp as-number By default, BGP uses the outbound Specify the source interface interface of the best route to the BGP peer { group-name | ip-address } for establishing TCP peer or peer group as the source connect-interface interface-type connections to a peer or peer interface for establishing a TCP...

  • Page 145: Configuring Bgp Route Redistribution

    Step Command Remarks Enter system view. system-view Enter BGP view. bgp as-number network ip-address [ mask | Optional. Inject a network to the BGP mask-length ] route-policy routing table. Not injected by default. route-policy-name Configuring BGP route redistribution BGP does not find routes by itself. Rather, it redistributes routing information in the local AS from other routing protocols.

  • Page 146: Controlling Route Distribution And Reception

    Controlling route distribution and reception Configuration prerequisites BGP connections must be created. Configuring BGP route summarization To reduce the routing table size on medium and large BGP networks, you need to configure route summarization on BGP routers. BGP supports automatic and manual summarization modes. Manual summary routes have a higher priority than automatic ones.

  • Page 147: Configuring Bgp Route Distribution/Reception Filtering Policies

    To advertise a default route to a peer or peer group: Step Command Remarks Enter system view. system-view Enter BGP view. bgp as-number peer { group-name | ip-address } Advertise a default route to a Not advertised by default-route-advertise [ route-policy peer or peer group.
  • Page 148 Step Command Remarks • Configure the filtering of redistributed routes: filter-policy { acl-number | ip-prefix ip-prefix-name } export [ direct | ospf process-id | rip process-id | static ] Configure at least one command. • Reference a routing policy to filter Not configured by default.

  • Page 149: Enabling Bgp And Igp Route Synchronization

    Step Command Remarks • Filter incoming routes with an ACL or IP prefix list: filter-policy { acl-number | ip-prefix ip-prefix-name } import • Reference a routing policy to filter routes from a peer or peer group: Configure at least one command. peer { group-name | ip-address } No route reception filtering is route-policy route-policy-name...

  • Page 150: Configuring Bgp Route Dampening

    Step Command Remarks • Specify the maximum number of prefixes that can be received from a peer or peer group: Use one of the commands. peer { group-name | No limit is configured by default. ip-address } route-limit prefix-number If the specified maximum number is [ percentage-value ] reached: •...

  • Page 151: Configuring Bgp Route Attributes

    Step Command Remarks Optional. network ip-address [ mask | mask-length ] By default, an EBGP Configure a shortcut route. short-cut route received has a priority of 255. Configuring BGP route attributes Configuration prerequisites BGP connections must be created. Specifying a preferred value for routes received By default, routes received from a peer have a preferred value of 0.

  • Page 152: Configuring The Default Local Preference

    Configuring the default local preference The local preference is used to determine the best route for traffic leaving the local AS. When a BGP router obtains from several IBGP peers multiple routes to the same destination but with different next hops, it considers the route with the highest local preference as the best route.
  • Page 153 Figure 58 Route selection based on MED As shown in Figure 58, Router D learns network 10.0.0.0 from both Router A and Router B. Because Router B has a smaller router ID, the route learned from it is optimal. Network NextHop LocPrf PrefVal Path/Ogn...

  • Page 154: Configuring The Next_Hop Attribute

    Enabling the comparison of MED of routes from confederation peers The MED attributes of routes from confederation peers are not compared if their AS_PATH attributes contain AS numbers that do not belong to the confederation, such as these three routes: AS_PATH attributes of them are 65006 65009, 65007 65009, and 65008 65009;...

  • Page 155: Configuring The As_Path Attribute

    If you have configured BGP load balancing on a BGP router, the router will set it as the next hop for routes sent to an IBGP peer or peer group. This is done regardless of whether the peer next-hop-local command is configured.
  • Page 156 Specifying a fake AS number for a peer or peer group When Router A in AS 2 is moved to AS 3, you can configure Router A to specify a fake AS number of 2 for created connections to EBGP peers or peer groups. In this way, these EBGP peers still think Router A is in AS 2 and need not change their configurations.

  • Page 157: Tuning And Optimizing Bgp Networks

    Removing private AS numbers from updates to a peer or peer group Step Command Remarks Enter system view. system-view Enter BGP view. bgp as-number Configure BGP to remove private AS peer { group-name | ip-address } By default, BGP updates numbers from the AS_PATH attribute of public-as-only carry private AS numbers.

  • Page 158: Configuring The Interval For Sending The Same Update

    If the router has established a neighbor relationship with a peer, you must reset the BGP connection • to validate the new set timers. The timer command takes effect for only new connections. • After peer timer command is executed, the peer connection is closed at once, and a new •...

  • Page 159: Enabling The Bgp Orf Capability

    Configuring automatic soft-reset After route refresh is enabled for peers and a policy is modified, the router advertises a route-refresh message to the peers, which then resend their routing information to the router. After receiving the routing information, the router performs dynamic route update by using the new policy. To enable BGP route refresh for a peer or peer group: Step Command...

  • Page 160: Enabling 4-Byte As Number Suppression

    whether to carry non-standard ORF information in the packets). After completing the negotiation process and establishing the neighboring relationship, the BGP router and its BGP peer can exchange ORF information through specific route-refresh messages. For the parameters configured on both sides for ORF capability negotiation, see Table To enable the BGP ORF capability: Step...

  • Page 161: Setting The Dscp Value For Bgp Packets

    Step Command Remarks Enter system view. system-view Enter BGP view. bgp as-number Enable 4-byte AS peer { group-name | ip-address } Disabled by default. number suppression. capability-advertise suppress-4-byte-as Setting the DSCP value for BGP packets An IPv4 packet header contains an 8-bit Type of Service (TOS) field. As defined in RFC 2474, the first six bits set the Differentiated Services Code Point (DSCP) value and the last two bits are reserved.

  • Page 162: Enabling Md5 Authentication For Tcp Connections

    Enabling MD5 authentication for TCP connections BGP employs TCP as the transport protocol. To increase security, configure BGP to perform MD5 authentication when establishing a TCP connection. The two parties must have the same password configured to establish TCP connections. BGP MD5 authentication is not for BGP packets, but for TCP connections.

  • Page 163: Configuring A Large Scale Bgp Network

    Configuring a large scale BGP network In a large-scale BGP network, configuration and maintenance become difficult because of the large numbers of BGP peers. To facilitate configuration, you can configure peer group, community, route reflector, or confederation as needed. Configuration prerequisites Peering nodes are accessible to each other at the network layer.
  • Page 164 Step Command Enter system view. system-view Enter BGP view. bgp as-number Create an EBGP peer group. group group-name external Specify the AS number for the peer group-name as-number as-number group. Add the peer into the group. peer ip-address group group-name NOTE: Do not specify any AS number for a peer before adding it into the peer group.

  • Page 165: Configuring Bgp Community

    NOTE: Do not specify any AS number for a peer before adding it into the peer group. • Peers added in the group can have different AS numbers. • Configuring BGP community A BGP community is a group of destinations with the same characteristics. It has no geographical boundaries and is independent of ASs.

  • Page 166: Configuring A Bgp Confederation

    Step Command Remarks Enter system view. system-view Enter BGP view. bgp as-number Configure the router as a route peer { group-name | ip-address } reflector and specify a peer or Not configured by default. reflect-client peer group as its client. Optional.

  • Page 167: Configuring Bgp Gr

    To configure confederation compatibility: Step Command Remarks Enter system view. system-view Enter BGP view. bgp as-number Enable compatibility with routers not Optional. compliant with RFC 3065 in the confederation nonstandard Not enabled by default. confederation. Configuring BGP GR Perform the following configuration on the GR Restarter and GR Helper. Follow these guidelines when you configure BGP GR: •...

  • Page 168: Enabling Logging Of Peer State Changes

    Enabling logging of peer state changes Step Command Remarks Enter system view. system-view Enter BGP view. bgp as-number Optional. Enable the logging of peer log-peer-change state changes globally. Enabled by default. Enable the logging of peer Optional. peer { group-name | ip-address } state changes for a peer or log-change Enabled by default.
  • Page 169 Task Command Remarks Display advertised BGP routing display bgp network [ | { begin | exclude | include } Available in information. regular-expression ] any view display bgp paths [ as-regular-expression | | { begin | Available in Display AS path information. exclude | include } regular-expression ] any view display bgp peer [ ip-address { log-info | verbose } |...

  • Page 170: Resetting Bgp Connections

    Task Command Remarks display bgp routing-table statistic [ | { begin | exclude Available in Display BGP routing statistics. | include } regular-expression ] any view display router id [ | { begin | exclude | include } Available in Display the global router ID.
  • Page 171 Figure 62 Network diagram Configuration procedure Configure IP addresses for interfaces. (Details not shown.) Configure IBGP: To prevent route flapping caused by port state changes, this example uses loopback interfaces to establish IBGP connections. Because loopback interfaces are virtual interfaces, you need to use the peer connect-interface command to specify the loopback interface as the source interface for establishing BGP connections.
  • Page 172 BGP local router ID : 3.3.3.3 Local AS number : 65009 Total number of peers : 1 Peers in established state : 1 Peer MsgRcvd MsgSent OutQ PrefRcv Up/Down State 2.2.2.2 65009 0 00:00:13 Established The output shows that Switch C has established an IBGP peer relationship with Switch B. Configure EBGP: The EBGP peers, Switch A and Switch B (usually belong to different carriers), are located in different ASs.
  • Page 173 Origin : i - IGP, e - EGP, ? - incomplete Network NextHop LocPrf PrefVal Path/Ogn *> 8.1.1.0/24 0.0.0.0 # Display the BGP routing table on Switch B. [SwitchB] display bgp routing-table Total Number of Routes: 1 BGP Local router ID is 2.2.2.2 Status codes: * - valid, ^ - VPNv4 best, >...

  • Page 174: Bgp And Igp Synchronization Configuration Example

    Origin : i - IGP, e - EGP, ? – incomplete Network NextHop LocPrf PrefVal Path/Ogn *> 2.2.2.2/32 3.1.1.1 65009? 3.1.1.0/24 3.1.1.1 65009? *> 8.1.1.0/24 0.0.0.0 *> 9.1.1.0/24 3.1.1.1 65009? Two routes 2.2.2.2/32 and 9.1.1.0/24 have been added in Switch A’s routing table. # Display the BGP routing table on Switch C.
  • Page 175 A must be able to access network 9.1.2.0/24 in AS 65009, and Switch C must access network 8.1.1.0/24 in AS 65008. Figure 63 Network diagram Configuration procedure Configure IP addresses for interfaces. (Details not shown.) Configure OSPF: Enable OSPF in AS 65009, so that Switch B can obtain the route to 9.1.2.0/24. # Configure Switch B.
  • Page 176 Configure BGP and IGP synchronization: Configure BGP to redistribute routes from OSPF on Switch B, so that Switch A can obtain the route to 9.1.2.0/24. Configure OSPF to redistribute routes from BGP on Switch B, so that Switch C can obtain the route to 8.1.1.0/24.

  • Page 177: Bgp Load Balancing Configuration Example

    Reply from 9.1.2.1: bytes=56 Sequence=2 ttl=254 time=31 ms Reply from 9.1.2.1: bytes=56 Sequence=3 ttl=254 time=47 ms Reply from 9.1.2.1: bytes=56 Sequence=4 ttl=254 time=46 ms Reply from 9.1.2.1: bytes=56 Sequence=5 ttl=254 time=47 ms --- 9.1.2.1 ping statistics --- 5 packet(s) transmitted 5 packet(s) received 0.00% packet loss round-trip min/avg/max = 15/37/47 ms...
  • Page 178 Configuration procedure Configure IP addresses for interfaces. (Details not shown.) Configure BGP connections: On Switch A, establish EBGP connections with Switch B and Switch C; configure BGP to advertise network 8.1.1.0/24 to Switch B and Switch C, so that Switch B and Switch C can access the internal network connected to Switch A.
  • Page 179 BGP Local router ID is 1.1.1.1 Status codes: * - valid, ^ - VPNv4 best, > - best, d - damped, h - history, i - internal, s - suppressed, S - Stale Origin : i - IGP, e - EGP, ? – incomplete Network NextHop LocPrf...

  • Page 180: Bgp Community Configuration Example

    BGP community configuration example Network requirements As shown in Figure 65, Switch B establishes EBGP connections with Switch A and C. Configure NO_EXPORT community attribute on Switch A to make routes from AS 10 not advertised by AS 20 to any other AS.
  • Page 181 Local AS number : 20 Paths: 1 available, 1 best BGP routing table entry information of 9.1.1.0/24: From : 200.1.2.1 (1.1.1.1) Original nexthop: 200.1.2.1 AS-path : 10 Origin : igp Attribute value : MED 0, pref-val 0, pre 255 State : valid, external, best, Advertised to such 1 peers: 200.1.3.2...

  • Page 182: Bgp Route Reflector Configuration Example

    Attribute value : MED 0, pref-val 0, pre 255 State : valid, external, best, Not advertised to any peers yet The route 9.1.1.0/24 is not available in the routing table of Switch C. BGP route reflector configuration example Network requirements Figure 66, all switches run BGP.
  • Page 183 # Configure Switch C. <SwitchC> system-view [SwitchC] bgp 200 [SwitchC-bgp] router-id 3.3.3.3 [SwitchC-bgp] peer 193.1.1.2 as-number 200 [SwitchC-bgp] peer 194.1.1.2 as-number 200 [SwitchC-bgp] quit # Configure Switch D. <SwitchD> system-view [SwitchD] bgp 200 [SwitchD-bgp] router-id 4.4.4.4 [SwitchD-bgp] peer 194.1.1.1 as-number 200 [SwitchD-bgp] quit Configure the route reflector: # Configure Switch C.

  • Page 184: Bgp Confederation Configuration Example

    BGP confederation configuration example Network requirements Figure 67, to reduce IBGP connections in AS 200, split it into three sub-ASs: AS65001, AS65002, and AS65003. Switches in AS65001 are fully meshed. Figure 67 Network diagram Switch C Switch B Switch F Vlan-int600 Vlan-int300 Vlan-int200...
  • Page 185 [SwitchB-bgp] confederation id 200 [SwitchB-bgp] confederation peer-as 65001 65003 [SwitchB-bgp] peer 10.1.1.1 as-number 65001 [SwitchB-bgp] quit # Configure Switch C. <SwitchC> system-view [SwitchC] bgp 65003 [SwitchC-bgp] router-id 3.3.3.3 [SwitchC-bgp] confederation id 200 [SwitchC-bgp] confederation peer-as 65001 65002 [SwitchC-bgp] peer 10.1.2.1 as-number 65001 [SwitchC-bgp] quit Configure IBGP connections in AS65001: # Configure Switch A.
  • Page 186 [SwitchF-bgp] quit Verify the configuration: # Display the routing table on Switch B. [SwitchB] display bgp routing-table Total Number of Routes: 1 BGP Local router ID is 2.2.2.2 Status codes: * - valid, ^ - VPNv4 best, > - best, d - damped, h - history, i - internal, s - suppressed, S - Stale Origin : i - IGP, e - EGP, ? - incomplete...

  • Page 187: Bgp Path Selection Configuration Example

    From : 10.1.3.1 (1.1.1.1) Relay Nexthop : 0.0.0.0 Original nexthop: 10.1.3.1 AS-path : 100 Origin : igp Attribute value : MED 0, localpref 100, pref-val 0, pre 255 State : valid, internal, best, Not advertised to any peers yet The output shows the following: Switch F can send route information to Switch B and Switch C through the confederation by establishing only an EBGP connection with Switch A.
  • Page 188 [SwitchB] ospf [SwitchB-ospf] area 0 [SwitchB-ospf-1-area-0.0.0.0] network 192.1.1.0 0.0.0.255 [SwitchB-ospf-1-area-0.0.0.0] network 194.1.1.0 0.0.0.255 [SwitchB-ospf-1-area-0.0.0.0] quit [SwitchB-ospf-1] quit # Configure Switch C. <SwitchC> system-view [SwitchC] ospf [SwitchC-ospf] area 0 [SwitchC-ospf-1-area-0.0.0.0] network 193.1.1.0 0.0.0.255 [SwitchC-ospf-1-area-0.0.0.0] network 195.1.1.0 0.0.0.255 [SwitchC-ospf-1-area-0.0.0.0] quit [SwitchC-ospf-1] quit # Configure Switch D.
  • Page 189 Configure attributes for route 1.0.0.0/8, making Switch D give priority to the route learned from Switch C: (Method I.) Configure a higher MED value for the route 1.0.0.0/8 advertised from Switch A to peer 192.1.1.2: # Define an ACL numbered 2000 to permit route 1.0.0.0/8. [SwitchA] acl number 2000 [SwitchA-acl-basic-2000] rule permit source 1.0.0.0 0.255.255.255 [SwitchA-acl-basic-2000] quit...

  • Page 190: Bgp Gr Configuration Example

    [SwitchC-route-policy] if-match acl 2000 [SwitchC-route-policy] apply local-preference 200 [SwitchC-route-policy] quit # Apply routing policy localpref to routes from peer 193.1.1.1. [SwitchC] bgp 200 [SwitchC-bgp] peer 193.1.1.1 route-policy localpref import [SwitchC-bgp] quit # Display the routing table on Switch D. [SwitchD] display bgp routing-table Total Number of Routes: 2 BGP Local router ID is 194.1.1.1 Status codes: * - valid, ^ - VPNv4 best, >...

  • Page 191: Bfd For Bgp Configuration Example

    # Inject network 8.0.0.0/8 to the BGP routing table. [SwitchA-bgp] network 8.0.0.0 # Enable GR capability for BGP. [SwitchA-bgp] graceful-restart Configure Switch B: # Configure IP addresses for interfaces. (Details not shown.) # Configure the EBGP connection. <SwitchB> system-view [SwitchB] bgp 65009 [SwitchB-bgp] router-id 2.2.2.2 [SwitchB-bgp] peer 200.1.1.2 as-number 65008 # Configure the IBGP connection.
  • Page 192 Figure 70 Network diagram Switch B Vlan-int100 Vlan-int101 AS 100 Vlan-int100 Vlan-int101 Vlan-int30 Vlan-int30 AS 200 AS 300 1.1.1.0/24 Vlan-int200 Vlan-int201 Switch E Switch A Switch C Vlan-int200 Vlan-int201 Switch D Device Interface IP address Device Interface IP address Switch A Vlan-int100 3.0.1.1/24 Switch C...
  • Page 193 Create two route policies, apply_med_50 and apply_med_100. Policy apply_med_50 sets the MED for route 1.1.1.0/24 to 50. Policy apply_med_100 sets that to 100. [SwitchA] route-policy apply_med_50 permit node 10 [SwitchA-route-policy] if-match acl 2000 [SwitchA-route-policy] apply cost 50 [SwitchA-route-policy] quit [SwitchA] route-policy apply_med_100 permit node 10 [SwitchA-route-policy] if-match acl 2000 [SwitchA-route-policy] apply cost 100 [SwitchA-route-policy] quit...
  • Page 194 [SwitchA] interface vlan-interface 100 Configure the minimum interval for transmitting BFD control packets as 500 milliseconds. [SwitchA-Vlan-interface100] bfd min-transmit-interval 500 Configure the minimum interval for receiving BFD control packets as 500 milliseconds. [SwitchA-Vlan-interface100] bfd min-receive-interval 500 Configure the detect multiplier as 7. [SwitchA-Vlan-interface100] bfd detect-multiplier 7 Configure the BFD authentication mode as plain-text authentication, and set the authentication key to ibgpbfd.
  • Page 195 2.0.1.1 0 00:01:05 Established 3.0.1.1 0 00:01:34 Established The output shows that Switch C has established two BGP neighborships with Switch A. # Display route 1.1.1.0/24 on Switch C. <SwitchC> display ip routing-table 1.1.1.0 24 verbose Routing Table : Public Summary Count : 4 Destination: 1.1.1.0/24 Protocol: BGP...

  • Page 196: Troubleshooting Bgp

    BKTunnel ID: 0x0 BKLabel: NULL State: Inactive Adv Age: 00h14m10s Tag: 1 The output shows that Switch A and Switch C communicate through Switch B, and Switch C has two routes to reach network 1.1.1.0/24: Switch C<—>Switch B<—>Switch A, which is the active route;...
  • Page 197 Check whether an ACL is applied to disable TCP port 179.

  • Page 198: Configuring Ipv6 Static Routing

    Configuring IPv6 static routing Overview Static routes are manually configured. They work well in simple networks. Proper configuration and use can improve network performance and ensure enough bandwidth for important applications. Static routes cannot adapt to network topology changes. If a fault or a topological change occurs in the network, the network administrator has to modify the static routes manually.

  • Page 199: Displaying And Maintaining Ipv6 Static Routes

    Step Command Remarks Required. ipv6 route-static ipv6-address prefix-length { interface-type interface-number The default Configure an IPv6 static route. [ next-hop-address ] | next-hop-address } preference of IPv6 [ preference preference-value ] static routes is 60. NOTE: If you specify a broadcast interface, such as a VLAN interface, as the output interface for a static route, you must specify the next hop address.
  • Page 200 Figure 71 Network diagram Configuration procedure Configure the IPv6 addresses for all VLAN interfaces. (Details not shown.) Configure IPv6 static routes: # Enable IPv6 and configure a default IPv6 static route on Switch A. <SwitchA> system-view [SwitchA] ipv6 [SwitchA] ipv6 route-static :: 0 4::2 # Enable IPv6 and configure two IPv6 static routes on Switch B.
  • Page 201 Destination : 1::/64 Protocol : Direct NextHop : 1::1 Preference Interface : Vlan100 Cost Destination : 1::1/128 Protocol : Direct NextHop : ::1 Preference Interface : InLoop0 Cost Destination : FE80::/10 Protocol : Direct NextHop : :: Preference Interface : NULL0 Cost # Verify the connectivity with the ping command.

  • Page 202: Configuring Ripng

    Configuring RIPng Introduction to RIPng RIP next generation (RIPng) is an extension of RIP-2 for IPv4. Most RIP concepts are applicable in RIPng. The term "router" in this chapter refers to both routers and Layer 3 switches. RIPng for IPv6 has the following basic differences from RIP: •...

  • Page 203: Ripng Packet Format

    RIPng packet format Basic format A RIPng packet consists of a header and multiple route table entries (RTEs). The maximum number of RTEs in a packet depends on the IPv6 MTU of the sending interface. Figure 72 RIPng basic packet format Command Version Must be zero...

  • Page 204: Ripng Packet Processing Procedure

    RIPng packet processing procedure Request packet When a RIPng router first starts or needs to update entries in its routing table, usually a multicast request packet is sent to ask for needed routes from neighbors. The receiving RIPng router processes RTEs in the request. If only one RTE exists with the IPv6 prefix and prefix length both being 0, and with a metric value of 16, the RIPng router will respond with the entire routing table information in response messages.

  • Page 205: Configuring Ripng Basic Functions

    Configuring RIPng basic functions This section presents the information to configure the basic RIPng features. You must enable RIPng first before configuring other tasks, but it is not necessary for RIPng-related interface configurations, such as assigning an IPv6 address. Before you configure RIPng basic functions, complete the following tasks: Enable IPv6 packet forwarding.

  • Page 206: Configuring Ripng Route Summarization

    Step Command Remarks Enter system view. system-view Enter interface view. interface interface-type interface-number Optional. Specify an inbound routing ripng metricin value additional metric. 0 by default. Optional. Specify an outbound ripng metricout value routing additional metric. 1 by default. Configuring RIPng route summarization Step Command Enter system view.

  • Page 207: Configuring A Priority For Ripng

    Step Command Remarks filter-policy { acl6-number | Configure a filter policy to By default, RIPng does not filter ipv6-prefix ipv6-prefix-name } filter outgoing routes. outgoing routing information. export [ protocol [ process-id ] ] Configuring a priority for RIPng Any routing protocol has its own protocol priority used for optimal route selection. You can set a priority for RIPng manually.

  • Page 208: Configuring Split Horizon And Poison Reverse

    To configure RIPng timers: Step Command Remarks Enter system view. system-view Enter RIPng view. ripng [ process-id ] Optional. timers { garbage-collect The RIPng timers have the following defaults: garbage-collect-value | suppress Configure RIPng • 30 seconds for the update timer suppress-value | timeout timers.

  • Page 209: Configuring Zero Field Check On Ripng Packets

    Configuring zero field check on RIPng packets Some fields in the RIPng packet must be zero, which are called "zero fields". With zero field check on RIPng packets enabled, if such a field contains a non-zero value, the entire RIPng packet is discarded. If you are sure that all packets are trustworthy, disable the zero field check to reduce the CPU processing time.

  • Page 210: Ripng Configuration Examples

    RIPng configuration examples Configuring RIPng basic functions Network requirements Figure 75, all switches run RIPng. Configure Switch B to filter the route (3::/64) learned from Switch C, which means the route will not be added to the routing table of Switch B, and Switch B will not forward it to Switch A.
  • Page 211 [SwitchC] interface vlan-interface 500 [SwitchC-Vlan-interface500] ripng 1 enable [SwitchC-Vlan-interface500] quit [SwitchC] interface vlan-interface 600 [SwitchC-Vlan-interface600] ripng 1 enable [SwitchC-Vlan-interface600] quit # Display the routing table on Switch B. [SwitchB] display ripng 1 route Route Flags: A - Aging, S - Suppressed, G - Garbage-collect ---------------------------------------------------------------- Peer FE80::20F:E2FF:FE23:82F5 on Vlan-interface100...

  • Page 212: Configuring Ripng Route Redistribution

    # Display routing tables of Switch B and Switch A. [SwitchB] display ripng 1 route Route Flags: A - Aging, S - Suppressed, G - Garbage-collect ---------------------------------------------------------------- Peer FE80::20F:E2FF:FE23:82F5 on Vlan-interface100 Dest 1::/64, via FE80::20F:E2FF:FE23:82F5, cost 1, tag 0, A, 2 Sec Dest 2::/64, via FE80::20F:E2FF:FE23:82F5, cost 1, tag 0, A, 2 Sec...
  • Page 213 # Enable RIPng 100 on Switch A. <SwitchA> system-view [SwitchA] ripng 100 [SwitchA-ripng-100] quit [SwitchA] interface vlan-interface 100 [SwitchA-Vlan-interface100] ripng 100 enable [SwitchA-Vlan-interface100] quit [SwitchA] interface vlan-interface 200 [SwitchA-Vlan-interface200] ripng 100 enable [SwitchA-Vlan-interface200] quit # Enable RIP 100 and RIP 200 on Switch B. <SwitchB>...
  • Page 214 Destination: 2::/64 Protocol : Direct NextHop : 2::1 Preference: 0 Interface : Vlan200 Cost Destination: 2::1/128 Protocol : Direct NextHop : ::1 Preference: 0 Interface : InLoop0 Cost Destination: FE80::/10 Protocol : Direct NextHop : :: Preference: 0 Interface : NULL0 Cost Configure RIPng route redistribution: # Configure route redistribution between the two RIPng processes on Switch B.
  • Page 215 Destination: FE80::/10 Protocol : Direct NextHop : :: Preference: 0 Interface : NULL0 Cost : 0d...

  • Page 216: Configuring Ospfv3

    Configuring OSPFv3 Introduction to OSPFv3 OSPFv3 overview Open Shortest Path First version 3 (OSPFv3) supports IPv6 and complies with RFC 2740 (OSPF for IPv6). The term "router" in this chapter refers to both routers and Layer 3 switches. OSPFv3 and OSPFv2 have the following similarities: 32-bits router ID and area ID •...

  • Page 217: Ospfv3 Lsa Types

    OSPFv3 LSA types OSPFv3 sends routing information in LSAs, which, as defined in RFC 2740, have the following types: Router-LSA—Originated by all routers. This LSA describes the collected states of the router's • interfaces to an area, and is flooded throughout a single area only. •...

  • Page 218: Ospfv3 Features Supported

    LSA delay time Each LSA has an age in the local LSDB (incremented by one per second), but an LSA does not age on transmission. You must add an LSA delay time into the age time before transmission, which is important for low-speed networks.

  • Page 219: Enabling Ospfv3

    Task Remarks networks Configuring a DR priority for an interface Optional Ignoring MTU check for DD packets Optional Disabling interfaces from receiving and sending Optional OSPFv3 packets Enabling the logging of neighbor state changes Optional Configuring GR Restarter Optional Configuring OSPFv3 GR Configuring GR Helper Optional Enabling OSPFv3...

  • Page 220: Configuration Prerequisites

    Non-backbone areas exchange routing information through the backbone area. The backbone and non-backbone areas—including the backbone itself—must be contiguous. In practice, necessary physical links may not be available for this connectivity. You can configure virtual links to address the problem. Configuration prerequisites Before you configure OSPFv3 area parameters, complete the following tasks: Enable IPv6 packet forwarding.

  • Page 221: Configuring Ospfv3 Network Types

    Step Command Enter system view. system-view Enter OSPFv3 view. ospfv3 [ process-id ] Enter OSPFv3 area view. area area-id vlink-peer router-id [ hello seconds | retransmit seconds | trans-delay Configure a virtual link. seconds | dead seconds | instance instance-id ] * Configuring OSPFv3 network types OSPFv3 classifies networks into the following types by the link layer protocol.

  • Page 222: Configuring Ospfv3 Routing Information Control

    To configure an NBMA or P2MP (unicast) neighbor and its DR priority: Step Command Enter system view. system-view Enter interface view. interface interface-type interface-number Specify an NBMA or P2MP (unicast) neighbor and its ospfv3 peer ipv6-address [ dr-priority dr-priority ] [ instance instance-id ] DR priority.

  • Page 223: Configuring An Ospfv3 Cost For An Interface

    Step Command Remarks Not configured by default. The filter-policy import command Configure inbound filter-policy { acl-number | ipv6-prefix can only filter routes computed by route filtering. ipv6-prefix-name } import OSPFv3. Only routes not filtered out can be added into the local routing table.

  • Page 224: Configuring A Priority For Ospfv3

    Step Command Remarks Enter system view. system-view Enter OSPFv3 view. ospfv3 [ process-id ] Optional. Specify the maximum number maximum load-balancing of ECMP routes. maximum 8 by default. Configuring a priority for OSPFv3 A router may run multiple routing protocols. The system assigns a priority to each protocol. When these routing protocols find the same route, the route found by the protocol with the highest priority is selected.

  • Page 225: Tuning And Optimizing Ospfv3 Networks

    Step Command Remarks Optional. default-route-advertise [ always | cost value | Inject a default route. Not injected by type type | route-policy route-policy-name ] * default. Optional. filter-policy { acl6-number | ipv6-prefix Filter redistributed routes. ipv6-prefix-name } export [ ospfv3 process-id | Not configured by ripng process-id | bgp4+ | direct | static ] default.

  • Page 226: Configuring A Dr Priority For An Interface

    Step Command Remarks Optional. By default, the dead interval on P2P, broadcast interfaces is 40 ospfv3 timer dead seconds seconds. Configure the dead interval. [ instance instance-id ] The dead interval set on neighboring interfaces cannot be too short. Otherwise, a neighbor is easily considered down.

  • Page 227: Ignoring Mtu Check For Dd Packets

    Ignoring MTU check for DD packets When LSAs are few in DD packets, it is unnecessary to check the MTU in DD packets to improve efficiency. To ignore MTU check for DD packets: Step Command Remarks Enter system view. system-view interface interface-type Enter interface view.

  • Page 228: Configuring Gr Restarter

    IMPORTANT: You cannot configure OSPFv3 GR after configuring OSPFv3 virtual links, because they are not supported at the same time. Graceful Restart ensures the continuity of packet forwarding when a routing protocol restarts or a master/slave switchover occurs: • GR Restarter—Graceful restarting router. It must be Graceful Restart capable. GR Helper—The neighbor of the GR Restarter.

  • Page 229: Displaying And Maintaining Ospfv3

    Displaying and maintaining OSPFv3 Task Command Remarks Display OSPFv3 process brief display ospfv3 [ process-id ] [ | { begin | exclude | Available in information. include } regular-expression ] any view display ospfv3 interface [ interface-type Display OSPFv3 interface Available in interface-number | statistic ] [ | { begin | exclude | information.

  • Page 230: Ospfv3 Configuration Examples

    OSPFv3 configuration examples Configuring OSPFv3 areas Network requirements Figure 78, all switches run OSPFv3. The AS is split into three areas, in which, Switch B and Switch C act as ABRs to forward routing information between areas. Configure Area 2 as a stub area in order to reduce LSAs in the area without affecting route reachability. Figure 78 Network diagram Configuration procedure Configure IPv6 addresses for interfaces.
  • Page 231 [SwitchB] interface vlan-interface 200 [SwitchB-Vlan-interface200] ospfv3 1 area 1 [SwitchB-Vlan-interface200] quit # Configure Switch C. <SwitchC> system-view [SwitchC] ipv6 [SwitchC] ospfv3 [SwitchC-ospfv3-1] router-id 3.3.3.3 [SwitchC-ospfv3-1] quit [SwitchC] interface vlan-interface 100 [SwitchC-Vlan-interface100] ospfv3 1 area 0 [SwitchC-Vlan-interface100] quit [SwitchC] interface vlan-interface 400 [SwitchC-Vlan-interface400] ospfv3 1 area 2 [SwitchC-Vlan-interface400] quit # Configure Switch D.
  • Page 232 # Display OSPFv3 routing table information on Switch D. [SwitchD] display ospfv3 routing E1 - Type 1 external route, IA - Inter area route, - Intra area route E2 - Type 2 external route, - Selected route OSPFv3 Router with ID (4.4.4.4) (Process 1) ------------------------------------------------------------------------ *Destination: 2001::/64 Type...

  • Page 233: Configuring Ospfv3 Dr Election

    *Destination: 2001:1::/64 Type : IA Cost NextHop : FE80::F40D:0:93D0:1 Interface: Vlan400 *Destination: 2001:2::/64 Type Cost NextHop : directly-connected Interface: Vlan400 *Destination: 2001:3::/64 Type : IA Cost NextHop : FE80::F40D:0:93D0:1 Interface: Vlan400 Configure Area 2 as a totally stub area: # Configure Area 2 as a totally stub area on Switch C. [SwitchC-ospfv3-1-area-0.0.0.2] stub no-summary # Display OSPFv3 routing table information on Switch D.
  • Page 234 Figure 79 Network diagram Configuration procedure Configure IPv6 addresses for interfaces. (Details not shown.) Configure OSPFv3 basic functions: # Configure Switch A. <SwitchA> system-view [SwitchA] ipv6 [SwitchA] ospfv3 [SwitchA-ospfv3-1] router-id 1.1.1.1 [SwitchA-ospfv3-1] quit [SwitchA] interface vlan-interface 100 [SwitchA-Vlan-interface100] ospfv3 1 area 0 [SwitchA-Vlan-interface100] quit # Configure Switch B.
  • Page 235 [SwitchD] ospfv3 [SwitchD-ospfv3-1] router-id 4.4.4.4 [SwitchD-ospfv3-1] quit [SwitchD] interface vlan-interface 200 [SwitchD-Vlan-interface200] ospfv3 1 area 0 [SwitchD-Vlan-interface200] quit # Display neighbor information on Switch A. The switches have the same default DR priority 1. Then, Switch D (the switch with the highest Router ID) is elected as the DR, and Switch C is the BDR. [SwitchA] display ospfv3 peer OSPFv3 Area ID 0.0.0.0 (Process 1) ----------------------------------------------------------------------...

  • Page 236: Configuring Ospfv3 Gr

    OSPFv3 Area ID 0.0.0.0 (Process 1) ---------------------------------------------------------------------- Neighbor ID State Dead Time Interface Instance ID 1.1.1.1 Full/DROther 00:00:33 Vlan100 2.2.2.2 Full/DROther 00:00:36 Vlan200 3.3.3.3 Full/Backup 00:00:40 Vlan100 Restart DR and BDR election: # Use the shutdown and undo shutdown commands on interfaces to restart DR and BDR election. (Details not shown.) # Display neighbor information on Switch A.
  • Page 237 Figure 80 Network diagram Configuration procedure Configure IPv6 addresses for interfaces. (Details not shown.) Configure OSPFv3 basic functions: # On Switch A, enable OSPFv3 process 1, enable GR, and set the router ID to 1.1.1.1. <SwitchA> system-view [SwitchA] ipv6 [SwitchA] ospfv3 1 [SwitchA-ospfv3-1] router-id 1.1.1.1 [SwitchA-ospfv3-1] graceful-restart enable [SwitchA-ospfv3-1] quit...

  • Page 238: Troubleshooting Ospfv3 Configuration

    After all switches function properly, perform a master/slave switchover on Switch A to trigger an OSPFv3 GR operation. Troubleshooting OSPFv3 configuration No OSPFv3 neighbor relationship established Symptom No OSPF neighbor relationship can be established. Analysis If the physical link and lower protocol function properly, verify OSPF parameters configured on interfaces. The two neighboring interfaces must have the same parameters, such as the area ID, network segment and mask, and network type.

  • Page 239: Configuring Ipv6 Bgp

    Configuring IPv6 BGP This chapter describes only configuration for IPv6 BGP. For BGP related information, see "Configuring BGP." The term "router" in this chapter refers to both routers and Layer 3 switches. IPv6 BGP overview BGP-4 was designed to carry only IPv4 routing information, so other network layer protocols such as IPv6 are not supported.

  • Page 240: Configuring Ipv6 Bgp Basic Functions

    Task Remarks and reception Configuring IPv6 BGP route summarization Optional Advertising a default route to an IPv6 peer or peer Optional group Configuring outbound route filtering Optional Configuring inbound route filtering Optional Configuring IPv6 BGP and IGP route Optional synchronization Configuring route dampening Optional Configuring IPv6 BGP preference and default...

  • Page 241: Injecting A Local Ipv6 Route

    Step Command Remarks Enter system view. system-view Enter BGP view. bgp as-number Optional. Specify a router ID. router-id router-id Required if no IP addresses are configured for any interfaces. Enter IPv6 address family ipv6-family view. peer ipv6-address as-number Specify an IPv6 peer. as-number Injecting a local IPv6 route Step...

  • Page 242: Specifying The Source Interface For Establishing Tcp Connections

    Specifying the source interface for establishing TCP connections IPv6 BGP uses TCP as the transport layer protocol. By default, IPv6 BGP uses the output interface of the optimal route to a peer or peer group as the source interface for establishing TCP connections to the peer or peer group.

  • Page 243: Disabling Session Establishment To An Ipv6 Peer Or Peer Group

    Step Command Remarks Enter system view. system-view Enter BGP view. bgp as-number Enter IPv6 address family ipv6-family view. Optional. Not configured by default. Configure a description for an peer { ipv6-group-name | ipv6-address } The peer group to be IPv6 peer or peer group. description description-text configured with a description must have been...

  • Page 244: Configuration Prerequisites

    Configuration prerequisites Before you configure route distribution and reception control, complete the following tasks: Enable IPv6. • Configure IPv6 BGP basic functions. • Configuring IPv6 BGP route redistribution To configure IPv6 BGP route redistribution: Step Command Remarks Enter system view. system-view Enter BGP view.

  • Page 245: Configuring Outbound Route Filtering

    Step Command Remarks Enter system view. system-view Enter BGP view. bgp as-number Enter IPv6 address family ipv6-family view. Not advertised by default. With the peer default-route-advertise command executed, the Advertise a default route to peer { ipv6-group-name | ipv6-address } local router advertises a an IPv6 peer or peer default-route-advertise [ route-policy...

  • Page 246: Configuring Inbound Route Filtering

    Configuring inbound route filtering Only routes passing the configured filtering can be added into the local IPv6 BGP routing table. Members of a peer group can have different inbound route filtering policies. To configure inbound route filtering: Step Command Remarks Enter system view.

  • Page 247: Configuring Route Dampening

    Step Command Remarks Enter IPv6 address family view. ipv6-family Enable route synchronization between synchronization Not enabled by default. IPv6 BGP and IGP. Configuring route dampening Step Command Remarks Enter system view. system-view Enter BGP view. bgp as-number Enter IPv6 address family ipv6-family view.

  • Page 248: Configuring The Med Attribute

    In a third party next hop network where the two IPv6 EBGP peers reside in a common broadcast • subnet, the router does not change the next hop for routes sent to the IPv6 EBGP peer or peer group by default, unless the peer next-hop-local command is configured. To configure IPv6 BGP preference and default LOCAL_PREF and NEXT_HOP attributes: Step Command...

  • Page 249: Tuning And Optimizing Ipv6 Bgp Networks

    Step Command Remarks Enter system view. system-view Enter BGP view. bgp as-number Enter IPv6 address family ipv6-family view. Allow the local AS number to peer { ipv6-group-name | Optional. appear in AS_PATH of routes ipv6-address } allow-as-loop from a peer or peer group Not allowed by default.

  • Page 250: Configuration Prerequisites

    Configuration prerequisites Before you configure IPv6 BGP timers, complete the following tasks: Enable IPv6. • Configure IPv6 BGP basic functions. • Configuring IPv6 BGP timers Step Command Remarks Enter system view. system-view Enter BGP view. bgp as-number Enter IPv6 address family view. ipv6-family Optional.

  • Page 251: Enabling The Ipv6 Bgp Orf Capability

    Step Command Remarks Enter system view. system-view Enter BGP view. bgp as-number Enter IPv6 address family ipv6-family view. Optional. Not saved by default. If the peer keep-all-routes command is used, all routes Save all routes from an IPv6 from the peer or peer group peer or peer group, not letting peer { ipv6-group-name | ipv6-address } are saved regardless of...

  • Page 252: Enabling 4-Byte As Number Suppression

    Step Command Remarks Optional. Enable the non-standard ORF peer { group-name | By default, standard BGP ORF capability for a BGP peer or ipv6-address } capability-advertise capability defined in RFC 5291 peer group. orf non-standard and RFC 5292 is supported. peer { group-name | ip-address | Enable the ORF IP prefix ipv6-address } capability-advertise...

  • Page 253: Setting The Dscp Value For Ipv6 Bgp Packets

    Setting the DSCP value for IPv6 BGP packets An IPv6 packet header contains an 8-bit Traffic class field. This field identifies the service type of IPv6 packets. As defined in RFC 2474, the first six bits set the Differentiated Services Code Point (DSCP) value and the last two bits are reserved.

  • Page 254: Configuring A Large-Scale Ipv6 Bgp Network

    Step Command Remarks Enter BGP view. bgp as-number Enter IPv6 address family ipv6-family view. Enable MD5 authentication peer { ipv6-group-name | when establishing a TCP ipv6-address } password { cipher | Not enabled by default. connection to the peer or peer simple } password group.

  • Page 255: Configuring Ipv6 Bgp Community

    Creating a pure EBGP peer group To create a pure EBGP peer group, specify an AS number for the peer group. If a peer was added into an EBGP peer group, you cannot specify any AS number for the peer group. To create a pure EBGP peer group: Step Command...

  • Page 256: Configuring An Ipv6 Bgp Route Reflector

    Step Command Remarks Enter system view. system-view Enter BGP view. bgp as-number Enter IPv6 address family ipv6-family view. Advertise COMMUNITY peer { ipv6-group-name | attribute to an IPv6 peer or ipv6-address } Not advertised by default. peer group. advertise-community Advertise extended peer { ipv6-group-name | community attribute to an IPv6 ipv6-address }...

  • Page 257: Displaying And Maintaining Ipv6 Bgp

    Step Command Remarks Optional. Configure the cluster ID of the reflector cluster-id cluster-id By default, a route reflector uses its route reflector. router ID as the cluster ID. Displaying and maintaining IPv6 BGP Displaying BGP Task Command Remarks Display IPv6 BGP peer group display bgp ipv6 group [ ipv6-group-name ] [ | { begin Available in information.

  • Page 258: Resetting Ipv6 Bgp Connections

    Task Command Remarks display bgp ipv6 routing-table flap-info [ regular-expression as-regular-expression | Display IPv6 BGP routing flap Available in [ as-path-acl as-path-acl-number | ipv6-address statistics. any view prefix-length [ longer-match ] ] [ | { begin | exclude | include } regular-expression ] ] display bgp ipv6 routing-table peer { ipv4-address | Display BGP routing information ipv6-address } { advertised-routes | received-routes }...

  • Page 259: Ipv6 Bgp Basic Configuration Example

    IPv6 BGP basic configuration example Network requirements All switches in Figure 81 run IPv6 BGP. Between Switch A and Switch B is an EBGP connection. Switch B, Switch C, and Switch D are fully meshed through IBGP connections. Figure 81 Network diagram Configuration procedure Configure IPv6 addresses for interfaces.
  • Page 260 [SwitchD-bgp] ipv6-family [SwitchD-bgp-af-ipv6] peer 9:1::1 as-number 65009 [SwitchD-bgp-af-ipv6] peer 9:2::1 as-number 65009 [SwitchD-bgp-af-ipv6] quit [SwitchD-bgp] quit Configure the EBGP connection: # Configure Switch A. <SwitchA> system-view [SwitchA] ipv6 [SwitchA] bgp 65008 [SwitchA-bgp] router-id 1.1.1.1 [SwitchA-bgp] ipv6-family [SwitchA-bgp-af-ipv6] peer 10::1 as-number 65009 [SwitchA-bgp-af-ipv6] quit [SwitchA-bgp] quit # Configure Switch B.

  • Page 261: Ipv6 Bgp Route Reflector Configuration Example

    IPv6 BGP route reflector configuration example Network requirements As shown in the following figure, Switch B receives an EBGP update and sends it to Switch C, which is configured as a route reflector with two clients: Switch B and Switch D. Switch B and Switch D do not need to establish an IBGP connection because Switch C reflects updates between them.

  • Page 262: Troubleshooting Ipv6 Bgp Configuration

    [SwitchC-bgp-af-ipv6] peer 101::2 as-number 200 [SwitchC-bgp-af-ipv6] peer 102::2 as-number 200 # Configure Switch D. <SwitchD> system-view [SwitchD] ipv6 [SwitchD] bgp 200 [SwitchD-bgp] router-id 4.4.4.4 [SwitchD-bgp] ipv6-family [SwitchD-bgp-af-ipv6] peer 102::1 as-number 200 Configure route reflector: # Configure Switch C as a route reflector, and configure Switch B and Switch D as its clients. [SwitchC-bgp-af-ipv6] peer 101::2 reflect-client [SwitchC-bgp-af-ipv6] peer 102::2 reflect-client Use the display bgp ipv6 routing-table command on Switch B and Switch D;...

  • Page 263: Configuring Routing Policies

    Configuring routing policies Introduction to routing policy Routing policies are used to receive, advertise, and redistribute only specific routes and modify the attributes of some routes. Routing policy in this chapter involves both IPv4 routing policy and IPv6 routing policy. A routing policy is used to filter routes when they are received, advertised, or redistributed and modify the attributes of some routes.
  • Page 264 An IP prefix list, identified by name, can comprise multiple items. Each item, identified by an index number, can specify a prefix range to match. An item with a smaller index number is matched first. If one item is matched, the IP prefix list is passed, and the packet will not go to the next item. AS path list An AS path list, configured based on the BGP AS_PATH attribute, can only be used to match BGP routing information.

  • Page 265: Defining Filters

    Defining filters Configuration prerequisites Before you configure this task, you must determine IP-prefix list name, matching address range, and extcommunity list sequence number. Defining an IP prefix list Defining an IPv4 prefix list Identified by name, an IPv4 prefix list can comprise multiple items. Each item specifies a prefix range to match and is identified by an index number.

  • Page 266: Defining An As Path List

    Step Command Remarks ip ipv6-prefix ipv6-prefix-name [ index index-number ] Define an IPv6 { deny | permit } ipv6-address prefix-length Not defined by default. prefix list. [ greater-equal min-prefix-length ] [ less-equal max-prefix-length ] If all items are set to the deny mode, no routes can pass the IPv6 prefix list. You must define the permit :: 0 less-equal 128 item following multiple deny items to allow other IPv6 routing information to pass.

  • Page 267: Defining An Extended Community List

    Defining an extended community list You can define multiple items for an extended community list that is identified by number. During matching, the relation between items is logic OR. If routing information matches one of these items, it passes the extended community list. To define an extended community list: Step Command...

  • Page 268: Defining If-Match Clauses

    To create a routing policy: Step Command Enter system view. system-view Create a routing policy, specify a node for it, and route-policy route-policy-name { deny | permit } node node-number enter routing policy view. Defining if-match clauses Follow these guidelines when you define if-match clauses: The if-match clauses of a routing policy node are in logic AND relationship.

  • Page 269: Defining Apply Clauses

    Step Command Remarks Optional. Match BGP routing information whose if-match as-path AS_PATH attribute is specified in the AS Not configured by AS-PATH-number&<1-16> path lists. default. if-match community Optional. Match BGP routing information whose { { basic-community-list-number | COMMUNITY attribute is specified in the Not configured by comm-list-name } [ whole-match ] | community lists.

  • Page 270: Defining A Continue Clause

    Step Command Remarks Optional. Set a cost for routing apply cost [ + | - ] value information. Not set by default. Optional. Set a cost type for routing apply cost-type [ internal | type-1 | information. type-2 ] Not set by default. Optional.

  • Page 271: Displaying And Maintaining The Routing Policy

    Step Command Remarks Enter system view. system-view Create a routing policy and route-policy route-policy-name Not created by default. enter routing policy view. { deny | permit } node node-number Optional. Not configured by default. Specify the next routing policy continue [ node-number ] The node number specified must node to be matched.
  • Page 272 Display RIPng routing table information on Switch B to verify the configuration. • Figure 83 Network diagram Configuration procedure Configure Switch A: # Configure IPv6 addresses for VLAN-interface 100 and VLAN-interface 200. <SwitchA> system-view [SwitchA] ipv6 [SwitchA] interface vlan-interface 100 [SwitchA-Vlan-interface100] ipv6 address 10::1 32 [SwitchA-Vlan-interface100] quit [SwitchA] interface vlan-interface 200...

  • Page 273: Applying A Routing Policy To Filter Received Bgp Routes

    [SwitchB-Vlan-interface100] quit # Enable RIPng. [SwitchB] ripng # Display RIPng routing table information. [SwitchB-ripng-1] display ripng 1 route Route Flags: A - Aging, S - Suppressed, G - Garbage-collect ---------------------------------------------------------------- Peer FE80::7D58:0:CA03:1 on Vlan-interface 100 Dest 10::/32, via FE80::7D58:0:CA03:1, cost 1, tag 0, A, 18 Sec Dest 20::/32, via FE80::7D58:0:CA03:1, cost...
  • Page 274 # Configure Switch B. <SwitchB> system-view [SwitchB] bgp 200 [SwitchB-bgp] router-id 2.2.2.2 [SwitchB-bgp] peer 1.1.2.2 as-number 300 # Configure Switch C. <SwitchC> system-view [SwitchC] bgp 300 [SwitchC-bgp] router-id 3.3.3.3 [SwitchC-bgp] peer 1.1.1.1 as-number 100 [SwitchC-bgp] peer 1.1.2.1 as-number 200 [SwitchC-bgp] peer 1.1.3.2 as-number 400 # Configure Switch D.

  • Page 275: Troubleshooting Routing Policy Configuration

    [SwitchD] ip as-path 1 permit .*200.* # Create routing policy rt1 with node 1, and specify the match mode as deny to deny routes from AS 200. [SwitchD] route-policy rt1 deny node 1 [SwitchD-route-policy] if-match as-path 1 [SwitchD-route-policy] quit # Create routing policy rt1 with node 10, and specify the match mode as permit to permit routes from other ASs.

  • Page 276: Ipv6 Routing Information Filtering Failure

    IPv6 routing information filtering failure Symptom The routing protocol is running properly, but filtering routing information failed. Analysis At least one item of the IPv6 prefix list must be configured as permit mode, and at least one node of the routing policy must be configured as permit mode.

  • Page 277: Configuring Mce

    Configuring MCE The term "router" in this document refers to both routers and Layer 3 switches. This chapter covers MCE related configuration. For information about routing protocols, see Layer 3—IP Services Configuration Guide. MCE overview MPLS L3VPN overview MPLS L3VPN is a type of PE-based L3VPN technology for service provider VPN solutions. It uses BGP to advertise VPN routes and uses MPLS to forward VPN packets on service provider backbones.

  • Page 278: Mpls L3Vpn Concepts

    After a CE establishes adjacency with a directly connected PE, it advertises its VPN routes to the PE and learns remote VPN routes from the PE. A CE and a PE use BGP/IGP to exchange routing information. You can also configure static routes between them. After a PE learns the VPN routing information of a CE, it uses BGP to exchange VPN routing information with other PEs.
  • Page 279 VPN-IPv4 address Traditional BGP cannot process overlapping VPN routes. If, for example, both VPN 1 and VPN 2 use addresses on the segment 10.1 10.10.0/24 and each advertise a route to the segment, BGP selects only one of them, which results in the loss of the other route. PEs use MP-BGP to advertise VPN routes and use VPN-IPv4 address family to solve the problem with traditional BGP.

  • Page 280: Multi-Vpn-Instance Ce

    Export target attribute: A local PE sets this type of route target attribute for VPN-IPv4 routes learned • from directly connected sites before advertising them to other PEs. Import target attribute: A PE checks the export target attribute of VPN-IPv4 routes advertised by •...

  • Page 281: Configuring Routing On An Mce

    Figure 87 Network diagram for the MCE function VPN 1 VPN 2 Site 1 Site 1 VLAN-int2 VLAN-int7 VLAN-int8 VLAN-int3 VPN 2 Site 2 Site 2 VPN 1 On the left-side network, there are two VPN sites, both of which are connected to the MPLS backbone through the MCE device.

  • Page 282: Route Exchange Between An Mce And A Pe

    Static routes An MCE can communicate with a site through static routes. As static routes configured for traditional CEs take effect globally, address overlapping between multiple VPNs remains a problem until the emergence of MCE. MCE allows static-route-to-VPN-instance binding, which isolates the static routes of different VPNs.

  • Page 283: Configuring An Mce

    The following routing protocols can be used between MCE and PE devices for routing formation exchange: Static route • • OSPF • • IBGP EBGP • For information about routing protocol configuration and route import, see Layer 3—IP Routing Configuration Guide. Configuring an MCE Configuring VPN instances Configuring VPN instances is required in all MCE networking schemes.
  • Page 284 After creating and configuring a VPN instance, you associate the VPN instance with the interface for connecting different VPN sites. To associate a VPN instance with an interface: Step Command Remarks Enter system view. system-view interface interface-type Enter interface view. interface-number Associate the current interface ip binding vpn-instance...

  • Page 285: Configuring Routing On An Mce

    Step Command Remarks Optional. Not configured by default. Configure the maximum Setting the maximum number of routing-table limit number number of routes for the VPN routes for a VPN instance to { warn-threshold | simply-alert } instance. support is for preventing too many routes from being redistributed into the PE.
  • Page 286 route with a VPN instance, so that the static routes of different VPN instances can be isolated from each other. To configure static routing between MCE and VPN site: Step Command Remarks Enter system view. system-view • ip route-static dest-address { mask | mask-length } { gateway-address | interface-type interface-number [ gateway-address ] | vpn-instance d-vpn-instance-name...
  • Page 287 Configuring OSPF between MCE and VPN site An OSPF process belongs to the public network or a single VPN instance. If you create an OSPF process without binding it to a VPN instance, the process belongs to the public network. By configuring OSPF process-to-VPN instance bindings on a MCE, you allow routes of different VPNs to be exchanged between the MCE and the sites through different OSPF processes, ensuring the separation and security of VPN routes.
  • Page 288 Step Command Remarks Enter BGP view. bgp as-number ipv4-family vpn-instance Enter BGP-VPN instance view. vpn-instance-name peer { group-name | ip-address } Configure an EBGP peer. as-number as-number Allow the local AS number to appear in the AS_PATH attribute of a received route, peer { group-name | ip-address } Optional.
  • Page 289 Configuring IBGP beween MCE and VPN site If IBGP is used for exchanging routing information between an MCE and VPN sites, you must configure a BGP peer for each VPN instance respectively, and redistribute the IGP routes of each VPN instance on the VPN sites.

  • Page 290: Configuring Routing Between Mce And Pe

    Configuring routing between MCE and PE MCE-PE routing configuration includes these tasks: Bind the MCE-PE interfaces to VPN instances • Perform route configurations • Redistribute VPN routes into the routing protocol running between the MCE and the PE. • Configuring static routing between MCE and PE Step Command Remarks...
  • Page 291 Step Command Remarks Enter system view. system-view Create an OSPF process ospf [ process-id | router-id for a VPN instance and router-id | vpn-instance enter OSPF view. vpn-instance-name ] * Disabled by default. You must disable routing loop Disable routing loop detection for a VPN OSPF process on vpn-instance-capability simple detection.
  • Page 292 Step Command Remarks Optional. Configure a filtering filter-policy { acl-number | ip-prefix policy to filter the routes ip-prefix-name } export [ direct | ospf By default, BGP does not filter to be advertised. process-id | rip process-id | static ] the routes to be advertised.

  • Page 293: Resetting Bgp Connections

    Step Command Remarks Optional. Configure a filtering policy filter-policy { acl-number | ip-prefix By default, BGP does not filter to filter the received routes. ip-prefix-name } import the received routes. Resetting BGP connections When BGP configuration changes, you can use the soft reset function or reset BGP connections to make new configurations take effect.
  • Page 294 Task Command Remarks Display information about BGP display bgp vpnv4 vpn-instance VPNv4 routes injected into a vpn-instance-name network [ | { begin | Available in any view specific VPN instance or all VPN exclude | include } regular-expression ] instances. display bgp vpnv4 vpn-instance Display BGP VPNv4 AS path vpn-instance-name paths...

  • Page 295: Mce Configuration Examples

    MCE configuration examples Using OSPF to advertise VPN routes to the PE Network requirements As shown in Figure 88, the MCE device is connected to VPN 1 through VLAN-interface 10 and to VPN 2 through VLAN-interface 20. RIP runs in VPN 2. Configure the MCE device to separate routes from different VPNs and advertise the VPN routes to PE 1 through OSPF.
  • Page 296 [MCE] ip vpn-instance vpn2 [MCE-vpn-instance-vpn2] route-distinguisher 20:1 [MCE-vpn-instance-vpn2] vpn-target 20:1 [MCE-vpn-instance-vpn2] quit # Create VLAN 10, add port GigabitEthernet 1/0/1 to VLAN 10, and create VLAN-interface 10. [MCE] vlan 10 [MCE-vlan10] port gigabitethernet 1/0/1 [MCE-vlan10] quit [MCE] interface vlan-interface 10 # Bind VLAN-interface 10 with VPN instance vpn1, and configure an IP address for VLAN-interface 10.
  • Page 297 [MCE] display ip routing-table vpn-instance vpn1 Routing Tables: vpn1 Destinations : 5 Routes : 5 Destination/Mask Proto Cost NextHop Interface 10.214.10.0/24 Direct 0 10.214.10.3 Vlan10 10.214.10.3/32 Direct 0 127.0.0.1 InLoop0 127.0.0.0/8 Direct 0 127.0.0.1 InLoop0 127.0.0.1/32 Direct 0 127.0.0.1 InLoop0 192.168.0.0/24 Static 60 10.214.10.2...
  • Page 298 # Configure port GigabitEthernet1/0/1 on the PE. [PE1] interface gigabitethernet 1/0/1 [PE1-GigabitEthernet1/0/1] port link-type trunk [PE1-GigabitEthernet1/0/1] port trunk permit vlan 30 40 [PE1-GigabitEthernet1/0/1] quit # On the MCE, create VLAN 30 and VLAN-interface 30, bind the VLAN interface with VPN instance vpn1, and configure an IP address for the VLAN interface.

  • Page 299: Using Bgp To Advertise Vpn Routes To The Pe

    [MCE-ospf-10-area-0.0.0.0] network 30.1.1.0 0.0.0.255 [MCE-ospf-10-area-0.0.0.0] quit [MCE-ospf-10] import-route static # On PE 1, start OSPF process 10, bind the process with VPN instance vpn1, set the domain ID to 10, and advertise subnet 30.1.1.0 in area 0. [PE1] ospf 10 router-id 100.100.10.1 vpn-instance vpn1 [PE1-ospf-10] domain-id 10 [PE1-ospf-10] area 0 [PE1-ospf-10-area-0.0.0.0] network 30.1.1.0 0.0.0.255...
  • Page 300 Figure 89 Network diagram Configuration procedure Configure VPN instances: # Create VPN instances on the MCE and PE 1, and bind the VPN instances with VLAN interfaces. For the configuration procedure, see "Using OSPF to advertise VPN routes to the PE."...
  • Page 301 127.0.0.0/8 Direct 0 127.0.0.1 InLoop0 127.0.0.1/32 Direct 0 127.0.0.1 InLoop0 192.168.0.0/24 OSPF 10.214.10.2 Vlan10 The output shows that the MCE has learned the private route of VPN 1 through OSPF process 10. # On MCE, bind OSPF process 20 with VPN instance vpn2 to learn the routes of VPN 2. The configuration procedure is similar to that for OSPF process 10.
  • Page 302 127.0.0.0/8 Direct 0 127.0.0.1 InLoop0 127.0.0.1/32 Direct 0 127.0.0.1 InLoop0 192.168.0.0/24 30.1.1.1 Vlan30 # Perform similar configuration on the MCE and PE 1 for VPN 2. Redistribute the OSPF routes of VPN instance vpn2 into the EBGP routing table. (Details not shown.) The following output shows that PE 1 has learned the private route of VPN 2 through BGP: [PE1] display ip routing-table vpn-instance vpn2 Routing Tables: vpn2...

  • Page 303: Configuring Policy-Based Routing

    Configuring policy-based routing Introduction to PBR Policy-based routing (PBR) is a routing mechanism based on user-defined policies. Different from the traditional destination-based routing mechanism, PBR enables you to use a policy (based on the source address or other criteria) to route packets. This Switch Series implements PBR by using a QoS policy.

  • Page 304: Applying The Qos Policy

    Step Command Remarks Associate the class with classifier tcl-name behavior the traffic behavior in the behavior-name QoS policy. Applying the QoS policy When configuring PBR, you can apply a QoS policy to the following occasions: Applied globally—Affects the traffic sent or received on all ports. •...

  • Page 305: Pbr Configuration Examples

    Task Command Remarks display qos policy user-defined [ policy-name Display user-defined QoS policy Available in [ classifier tcl-name ] ] [ | { begin | exclude | configuration information. any view include } regular-expression ] Display QoS policy configuration on display qos policy interface [ interface-type Available in the specified interface or on all...

  • Page 306: Ipv6 Pbr Configuration Example

    [SwitchA] traffic behavior a [SwitchA-behavior-a] redirect next-hop 202.1.1.2 [SwitchA-behavior-a] quit # Associate class a with behavior a in QoS policy a. [SwitchA] qos policy a [SwitchA-qospolicy-a] classifier a behavior a [SwitchA-qospolicy-a] quit # Apply QoS policy a to the incoming traffic of GigabitEthernet 1/0/1. [SwitchA] interface gigabitethernet 1/0/1 [SwitchA-GigabitEthernet1/0/1] qos apply policy a inbound Verifying the configuration...
  • Page 307 # Associate class a with behavior a in QoS policy a. [SwitchA] qos policy a [SwitchA-qospolicy-a] classifier a behavior a [SwitchA-qospolicy-a] quit # Apply QoS policy a to the incoming traffic of GigabitEthernet 1/0/1. [SwitchA] interface gigabitethernet 1/0/1 [SwitchA-GigabitEthernet1/0/1] qos apply policy a inbound Verifying th configuration After completing the configuration, verify that when Switch A receives packets with destination IP address 201::2, it forwards the packets to Switch C instead of Switch B.

  • Page 308: Support And Other Resources

    Support and other resources Contacting HP For worldwide technical support information, see the HP support website: http://www.hp.com/support Before contacting HP, collect the following information: Product model names and numbers • • Technical support registration number (if applicable) Product serial numbers •...

  • Page 309: Conventions

    Conventions This section describes the conventions used in this documentation set. Command conventions Convention Description Boldface Bold text represents commands and keywords that you enter literally as shown. Italic Italic text represents arguments that you replace with actual values. Square brackets enclose syntax choices (keywords or arguments) that are optional. Braces enclose a set of required syntax choices separated by vertical bars, from which { x | y | ...
  • Page 310 Network topology icons Represents a generic network device, such as a router, switch, or firewall. Represents a routing-capable device, such as a router or Layer 3 switch. Represents a generic switch, such as a Layer 2 or Layer 3 switch, or a router that supports Layer 2 forwarding and other Layer 2 features.

  • Page 311: Index

    Index B C D E I L M O P R S T Controlling route distribution and reception,233 Controlling route generation,134 BGP configuration examples,160 Conventions,299 BGP configuration task list,131 overview,1 17 Default IPv6 route,188 Defining filters,255 Configuring a large scale BGP network,153 Displaying and maintaining a routing table,4...
  • Page 312 Load sharing,3 RIPng configuration task list,194 Route backup,3 Route recursion,3 MCE configuration examples,285 Route redistribution,4 overview,267 Routing policy configuration examples,261 Routing preference,2 Routing table,1 OSPF configuration examples,90 OSPF configuration task list,65 OSPFv3 configuration examples,220 Static route configuration examples,10 OSPFv3 configuration task list,208 Overview,48 Overview,17...

This manual is also suitable for:

6125 blade switch series

Table of Contents