Download Print this page

H3C S9500 Series Operation Manual

Routing switches

Hide thumbs Also See for S9500 Series:

Command manual (1842 pages)

,

Operation manual (1014 pages)

,

Operating manual (76 pages)

Table of Contents

Advertisement

Quick Links

Download this manual See also: Command Manual, Installation Manual

H3C S9500 Series Routing Switches

Operation Manual

Hangzhou H3C Technologies Co., Ltd.

http://www.h3c.com

Manual Version: T2-08165E-20081225-C-1.24

Product Version: S9500-CMW310-R1648

Table of Contents

Advertisement

Chapters

Table of Contents

Troubleshooting

Need help?

Need help?

Do you have a question about the S9500 Series and is the answer not in the manual?

Questions and answers

Summary of Contents for H3C S9500 Series

Page 1 H3C S9500 Series Routing Switches Operation Manual Hangzhou H3C Technologies Co., Ltd. http://www.h3c.com Manual Version: T2-08165E-20081225-C-1.24 Product Version: S9500-CMW310-R1648...
Page 2 Copyright © 2007-2008, Hangzhou H3C Technologies Co., Ltd. and its licensors All Rights Reserved No part of this manual may be reproduced or transmitted in any form or by any means without prior written consent of Hangzhou H3C Technologies Co., Ltd.
Page 3: About This Manual
About This Manual Organization H3C S9500 Series Routing Switches Configuration Manual is organized as follows: Part Contents includes Obtaining Documentation, Product 00 Product Overview Features, and Features. includes Ethernet Port Configuration, Port Configuration, Link Aggregation Configuration, Port Isolation Configuration, VLAN Configuration, MAC...
Page 4 Part Contents includes Command Line Interface Configuration, Login and User Interface Configuration, FTP and TFTP Configuration, HA Configuration, NQA Configuration, NetStream Configuration, NTP Configuration, RMON Configuration, SNMP Configuration, Packet Statistics Accounting Configuration, Device Management 08 System Volume Configuration, Configuration File Management Configuration, File System Management Configuration, Cluster...
Page 5: Chapter 3 Features
Caution data loss or damage to equipment. Note Means a complementary description. Related Documentation In addition to this manual, each H3C S9500 Series Routing Switches documentation set includes the following: Manual Description It introduces the installation procedure, H3C S9500 Series Routing Switches...
Page 6 [Technical Support & Document > Product Support > Software]: Provides the documentation released with the software version. Documentation Feedback You can e-mail your comments about product documentation to info@h3c.com. We appreciate your comments.
Page 7: Table Of Contents
Operation Manual – Product Overview H3C S9500 Series Routing Switches Table of Contents Table of Contents Chapter 1 Obtaining the Documentation ..................1-1 1.1 CD-ROMs Shipped with the Devices................. 1-1 1.2 H3C Website........................1-1 1.3 Software Release Notes ....................1-1 Chapter 2 Product Features ......................
Page 8: Chapter 1 Obtaining The Documentation
The contents in the manual are subject to update on an irregular basis due to product version upgrade or some other reasons. Therefore, the contents in the CD-ROM may not be the latest version. For the latest software documentation, go to the H3C website. 1.2 H3C Website Perform the following steps to query and download the product documentation from the H3C website.
Page 9: Chapter 2 Product Features
Chapter 2 Product Features 2.1 Introduction to Product The S9500 Series Routing Switches (hereinafter referred to as the S9500 series) are developed by Hangzhou H3C Technologies Co., Ltd. (H3C) for use on business-oriented enterprise networks, the distribution layer of large MANs, the core layer of small MANs, and the backbone of large enterprise networks and campus networks.
Page 10 Operation Manual – Product Overview H3C S9500 Series Routing Switches Chapter 2 Product Features Volume Features Multicast Common IGMP IGMP Overview Multicast Snooping IP Multicast Volume Multicast MSDP MBGP VLAN MPLS MPLS VLL MPLS VPLS MPLS L3VPN MPLS VPN MPLS Hybrid...
Page 11: Access Volume
Operation Manual – Product Overview H3C S9500 Series Routing Switches Chapter 3 Features Chapter 3 Features The following sections provide an overview of the main features of each module supported by the S9500 series. 3.1 Access Volume Table 3-1 Features in Access volume...
Page 12 Operation Manual – Product Overview H3C S9500 Series Routing Switches Chapter 3 Features Features (operation Description manual) GVRP is a GARP application. The volume describes: Introduction to GARP and GVRP GVRP GVRP configuration GARP timer overview and configuration QinQ is a technique that enables packets to be transmitted across the operators’...
Page 13: Ip Services Volume
Operation Manual – Product Overview H3C S9500 Series Routing Switches Chapter 3 Features Features (operation Description manual) With the continuous increase of network users, the current number of MAC addresses that a switch can learn may no longer meet the actual demands. HVRP was introduced to HVRP address the problem.
Page 14 Operation Manual – Product Overview H3C S9500 Series Routing Switches Chapter 3 Features Features (operation Description manual) The Virtual Router Redundancy Protocol (VRRP) is a fault-tolerant protocol. The volume describes: VRRP Introduction to VRRP VRRP configuration DHCP is built on a client-server model, in which the client...
Page 15: Ip Routing Volume
Operation Manual – Product Overview H3C S9500 Series Routing Switches Chapter 3 Features 3.3 IP Routing Volume Table 3-3 Features in the IP Routing volume Features (operation Description manual) The volume describes: IP Routing Protocol Introduction to IP routing and routing table...
Page 16: Ip Multicast Volume
Operation Manual – Product Overview H3C S9500 Series Routing Switches Chapter 3 Features Features (operation Description manual) When the size of the routing table increases to some degree, you can set the specifications of routing tables and VRFs (VPN routing and forwarding instances) in the current system Route Capacity to maintain performance.
Page 17: Mpls Vpn Volume
Operation Manual – Product Overview H3C S9500 Series Routing Switches Chapter 3 Features Features (operation Description manual) PIM is widely used multicast routing protocols. It discovers multicast source and delivers information to the receivers. The volume describes: Introduction to PIM-DM and PIM-SM...
Page 18: Qos Acl Volume
Operation Manual – Product Overview H3C S9500 Series Routing Switches Chapter 3 Features Features (operation Description manual) MPLS VLL provides transparently transmission of Layer 2 data of users over an MPLS network. The volume describes: MPLS VLL overview MPLS VLL...
Page 19: Security Volume
AAA configuration RADIUS configuration HWTACACS configuration S9500 series switches provide the password control function. Before a user can log in to the switch, a system login password must be configured. After a password is configured, the user must enter the password each time he or she wants to log in to the switch.
Page 20 Operation Manual – Product Overview H3C S9500 Series Routing Switches Chapter 3 Features Features (operation Description manual) When a user telnets to the switch from an insecure network, the SSH feature can provide secure information and powerful authentication functionality, thereby protecting the switch from attacks.
Page 21: System Volume
3.8 System Volume Table 3-8 Features in the System volume Features (operation Description manual) The S9500 series provide a series of configuration commands and command line interfaces for configuring and managing the switch. The volume describes: Command Line Interface Command line interface...
Page 22 Operation Manual – Product Overview H3C S9500 Series Routing Switches Chapter 3 Features Features (operation Description manual) Network Time Protocol (NTP) is the TCP/IP that advertises the accurate time throughout the network. The volume describes: NTP overview NTP configuration Remote Monitoring (RMON) is a type of Internet Engineering Task Force (IETF)-defined MIB.
Page 23 Operation Manual – Product Overview H3C S9500 Series Routing Switches Chapter 3 Features Features (operation Description manual) Cluster management enables management devices to administrate switches in a centralized way and allows switch cascading. The volume describes: Cluster Management HGMP V1 overview...
Page 24 Operation Manual – Product Overview H3C S9500 Series Routing Switches Chapter 3 Features Features (operation Description manual) Open Application Platform (OAP) is developed based on Open Application Architecture (OAA). It can be an independent network device, or a board used as an extended part of a device.
Page 25 Operation Manual H3C S9500 Series Routing Switches Access Volume Organization Manual Version T2-08165E-20081225-C-1.24 Product Version S9500-CMW310-R1648 Organization The Access Volume is organized as follows: Features (operation Description manual) The volume describes: Ethernet Port Ethernet port overview Ethernet port configuration Packet over SONET/SDH (POS) is a technology used in MAN (metropolitan area network) and WAN (wide area network) for data packet transmission.
Page 26 Operation Manual H3C S9500 Series Routing Switches Access Volume Organization Features (operation Description manual) A switch maintains a MAC address table for fast forwarding packets. The volume describes: MAC Address MAC address table overview Table MAC address table management Management...
Page 27 Operation Manual H3C S9500 Series Routing Switches Access Volume Organization Features (operation Description manual) MSTP is compatible with STP and RSTP. The volume describes: MSTP Introduction to MSTP MSTP configuration The BPDU tunneling feature enables geographically segmented customer network to transmit BPDU packets...
Page 28 Operation Manual – Ethernet Port H3C S9500 Series Routing Switches Table of Contents Table of Contents Chapter 1 Ethernet Port Configuration ..................1-1 1.1 Ethernet Port Overview...................... 1-1 1.2 Ethernet Port Configuration ....................1-1 1.2.1 Entering Ethernet Port View..................1-2 1.2.2 Enabling/Disabling an Ethernet Port ...............
Page 29: Chapter 1 Ethernet Port Configuration
Troubleshooting Ethernet Ports 1.1 Ethernet Port Overview The S9500 series can provide conventional Ethernet ports, fast Ethernet ports, 1,000 Mbps Ethernet ports and 10 Gbps Ethernet ports. The configurations of these Ethernet ports are basically the same, which will be described in the following sections.
Page 30: Entering Ethernet Port View
Operation Manual – Ethernet Port H3C S9500 Series Routing Switches Chapter 1 Ethernet Port Configuration 1.2.1 Entering Ethernet Port View Before configuring an Ethernet port, enter Ethernet port view first. Perform the following configuration in system view. To do …...
Page 31: Setting Speed On The Ethernet Port
Operation Manual – Ethernet Port H3C S9500 Series Routing Switches Chapter 1 Ethernet Port Configuration To do … Use the command … Set duplex attribute for the Ethernet port duplex { auto | full | half } Restore the default duplex attribute of the...
Page 32: Setting The Cable Type For The Ethernet Port
Operation Manual – Ethernet Port H3C S9500 Series Routing Switches Chapter 1 Ethernet Port Configuration To do … Use the command … Set Ethernet port speed speed { 10 | 100 | 1000 | 10000 | auto } Restore the default speed on the...
Page 33: Enabling/Disabling Flow Control For The Ethernet Port
Operation Manual – Ethernet Port H3C S9500 Series Routing Switches Chapter 1 Ethernet Port Configuration To do … Use the command … Set the type of the cable connected to the mdi { across | auto | normal } Ethernet port...
Page 34: Permitting/Denying Jumbo Frames
Operation Manual – Ethernet Port H3C S9500 Series Routing Switches Chapter 1 Ethernet Port Configuration To do … Use the command … Remarks Set the interval for Required performing statistics on flow-interval interval 300 seconds by default the port 1.2.9 Permitting/Denying Jumbo Frames During large throughput data switching, like in file transmission, a card may encounter jumbo frames larger than the standard Ethernet frame length.
Page 35: Setting The Network Mode Of An Ethernet Port
Operation Manual – Ethernet Port H3C S9500 Series Routing Switches Chapter 1 Ethernet Port Configuration To do … Use the command … Configure broadcast suppression on the broadcast-suppression { ratio | Ethernet port bandwidth bandwidth } Restore the default setting of broadcast...
Page 36: Setting The Link Type For The Ethernet Port
Operation Manual – Ethernet Port H3C S9500 Series Routing Switches Chapter 1 Ethernet Port Configuration To do … Use the command … Set the network mode of the Ethernet port port-mode { wan | lan } Restore the default network mode undo port-mode By default, Ethernet ports work in LAN mode.
Page 37: Adding The Ethernet Port To Specified Vlans
Operation Manual – Ethernet Port H3C S9500 Series Routing Switches Chapter 1 Ethernet Port Configuration 1.2.13 Adding the Ethernet Port to Specified VLANs The following commands are used for adding an Ethernet port to a specified VLAN. The access port can only be added to one VLAN, while the hybrid and trunk ports can be added to multiple VLANs.
Page 38: Setting The Vlan Vpn Feature On A Port
Operation Manual – Ethernet Port H3C S9500 Series Routing Switches Chapter 1 Ethernet Port Configuration To do … Use the command … Set the default VLAN ID for the hybrid port port hybrid pvid vlan vlan-id Set the default VLAN ID for the trunk port...
Page 39: Enabling/Disabling The Vlan Filtering Function On An Ethernet Port
Operation Manual – Ethernet Port H3C S9500 Series Routing Switches Chapter 1 Ethernet Port Configuration To do … Use the command … Enable the port VLAN VPN feature vlan-vpn enable Disable the port VLAN VPN feature undo vlan-vpn Note that if GVRP, STP, or 802.1x has been enabled on the port, you will be unable to enable the VLAN VPN feature.
Page 40 Operation Manual – Ethernet Port H3C S9500 Series Routing Switches Chapter 1 Ethernet Port Configuration Table 1-1 Configurations that can be copied Attribute Detailed Setting Enable/disable STP Port priority Path cost Link attributes(point-to-point or not) Port mCheck STP settings Max transmission speed...
Page 41: Setting The Link-State Hold Time
Operation Manual – Ethernet Port H3C S9500 Series Routing Switches Chapter 1 Ethernet Port Configuration Note: Using the copy configuration command will clear protocol VLAN attributes of the destination port, but it will not copy the protocol VLAN attributes of the source port to the destination port.
Page 42: Setting The Ethernet Port In Loopback Mode
Remove loopback configuration on the port undo loopback Note: At present, the Ethernet ports of the S9500 series switches do not support the external loopback mode. By default, the Ethernet port is not in loopback mode. 1.3 Displaying and Maintaining Ethernet Port Configuration To do …...
Page 43: Ethernet Port Configuration Example
Operation Manual – Ethernet Port H3C S9500 Series Routing Switches Chapter 1 Ethernet Port Configuration To do … Use the command … Remarks Display Jumbo frame display jumboframe Available in any view configuration on all cards configuration Display the current alarm...
Page 44: Troubleshooting Ethernet Ports
# Configure GigabitEthernet 2/1/1 as a trunk port permitting packets of VLAN 2, VLAN 6 through VLAN 50, and VLAN 100. [H3C-GigabitEthernet2/1/1] port link-type trunk [H3C-GigabitEthernet2/1/1] port trunk permit vlan 2 6 to 50 100 [H3C-GigabitEthernet2/1/1] quit # Create VLAN 100.
Page 45 Operation Manual – Ethernet Port H3C S9500 Series Routing Switches Chapter 1 Ethernet Port Configuration Solution: Check that The cable connection is correct and the optical fibers are correctly connected. The port has not been administratively shut down. The correct optical module is used.
Page 46 Operation Manual – POS Port H3C S9500 Series Routing Switches Table of Contents Table of Contents Chapter 1 POS Port Configuration ....................1-1 1.1 POS Port Overview......................1-1 1.2 POS Port Configuration ..................... 1-1 1.2.1 Entering POS Port View..................1-2 1.2.2 Adding/Deleting POS Ports into/from VLAN ............
Page 47 Packet over SONET/SDH (POS) is a technology used in MAN (metropolitan area network) and WAN (wide area network) for data packet transmission. S9500 series use SDH and SONET as its physical layer protocol, maps data packets of varying lengths into SDH/SONET synchronous load, and provides a type of high-speed and reliable point-to-point data connections.
Page 48 Operation Manual – POS Port H3C S9500 Series Routing Switches Chapter 1 POS Port Configuration Setting the State Polling Timer on a POS Port Setting the CRC Check Bit Length on a POS Port Setting the Loopback Mode of a POS Port...
Page 49 Operation Manual – POS Port H3C S9500 Series Routing Switches Chapter 1 POS Port Configuration To do … Use the command … Enable POS port shutdown Disable POS port undo shutdown By default, POS ports are enabled. 1.2.4 Configuring POS Port Description Perform the following configuration in POS port view.
Page 50 Operation Manual – POS Port H3C S9500 Series Routing Switches Chapter 1 POS Port Configuration 1.2.7 Setting Alarm Thresholds for a POS Port You can use the threshold command to set the SD (signal degrade) threshold or SF (signal fail) threshold for a POS port.
Page 51 Operation Manual – POS Port H3C S9500 Series Routing Switches Chapter 1 POS Port Configuration 1.2.9 Setting the State Polling Timer on a POS Port You may configure the state polling timer on a POS port to have the protocol running on it (PPP for example) regularly send ECHO Requests.
Page 52 Operation Manual – POS Port H3C S9500 Series Routing Switches Chapter 1 POS Port Configuration Perform the following configuration in POS port view. To do … Use the command … Set the loopback mode of the POS port to internal...
Page 53 Operation Manual – POS Port H3C S9500 Series Routing Switches Chapter 1 POS Port Configuration By default, c2 is 0x16 (hexadecimal); J0 and J1 are default. C2, J0 and J1 configuration should be consistent at both ends. Otherwise, the system may give alarms.
Page 54 Operation Manual – POS Port H3C S9500 Series Routing Switches Chapter 1 POS Port Configuration 1.3 Displaying and Maintaining POS Port Configuration Operation Command Remarks Display all information display interface pos Available in any about POS port(s) [ interface-number ]...
Page 55 Operation Manual – POS Port H3C S9500 Series Routing Switches Chapter 1 POS Port Configuration # Add the POS port to the VLAN. [Switch A] interface pos 2/1/1 [Switch A-Pos2/1/1] pos access vlan 2 Configure Switch B # Create a VLAN interface with an IP address for the VLAN to which the POS port is to be assigned.
Page 56 Operation Manual – POS Port H3C S9500 Series Routing Switches Chapter 1 POS Port Configuration Symptom 3: Serious IP packet loss. Solution: Check that: The clock configuration on the POS ports is correct (otherwise, a large amount of CRC errors may result).
Page 57 Operation Manual – Link Aggregation H3C S9500 Series Routing Switches Table of Contents Table of Contents Chapter 1 Link Aggregation Configuration ................1-1 1.1 Overview ..........................1-1 1.2 LACP..........................1-2 1.3 Link Aggregation Types ..................... 1-2 1.3.1 Manual Aggregation and Static LACP Aggregation ..........1-2 1.3.2 Dynamic LACP Aggregation ...................
Page 58 VLAN types and default VLAN ID. The port attribute settings include port link type, such as trunk, hybrid, access, and detection group-related configuration. A device of the S9500 series can support up to 920 aggregation group IDs. IDs 1 though 31 indicate manual or static aggregation groups. IDs 32 through 192 are reserved.
Page 59: Link Aggregation Types
H3C S9500 Series Routing Switches Chapter 1 Link Aggregation Configuration Note: S9500 series also support inter-board aggregation. The inter-board aggregation is the same as the intra-board aggregation. 1.2 LACP Link Aggregation Control Protocol (LACP) based on the IEEE802.3ad standard can be used for dynamic link aggregation.
Page 60: Dynamic Lacp Aggregation
Operation Manual – Link Aggregation H3C S9500 Series Routing Switches Chapter 1 Link Aggregation Configuration ignored. In an aggregation group, the selected port with the least port number serves as the master port, while others as member ports. In a manual aggregation group, the ports that cannot be aggregated with the master port due to hardware limits (such as inter-board aggregation is unavailable) are in standby state.
Page 61 1.4.1 Types of Load Sharing A link aggregation group can be a load balancing aggregation group or a non-load balancing aggregation group. The S9500 series perform load sharing for IP packets (packets with the ETYPE field being 0800) based on destination and source IP addresses and for non-IP packets based on source and destination MAC addresses.
Page 62: Port States
Operation Manual – Link Aggregation H3C S9500 Series Routing Switches Chapter 1 Link Aggregation Configuration 1.4.2 Port States In an aggregation group, ports can be in selected or standby state. Only the selected ports can transmit and receive user service packets. The selected port with the least port number serves as the master port, while others as member ports (also known as slave ports).
Page 63 Operation Manual – Link Aggregation H3C S9500 Series Routing Switches Chapter 1 Link Aggregation Configuration Note: When configuring a link aggregation group, the GVRP configuration on the master port is reserved, but GVRP will be disabled on the slave ports.
Page 64 Operation Manual – Link Aggregation H3C S9500 Series Routing Switches Chapter 1 Link Aggregation Configuration 1.5.2 Configuring the LACP Slow Period Timer The slow period timer determines the interval for sending/receiving LACPDUs and the aging time when LACP negotiation is stable.
Page 65 Operation Manual – Link Aggregation H3C S9500 Series Routing Switches Chapter 1 Link Aggregation Configuration Caution: If the aggregation group that you are creating already exists but contains no member port, its type changes to the new one you set. When you change a static LACP aggregation group to a manual aggregation group, LACP are disabled on the member ports in the group automatically.
Page 66 Operation Manual – Link Aggregation H3C S9500 Series Routing Switches Chapter 1 Link Aggregation Configuration To do… Use the command… Remarks link-aggregation interface-type Aggregate Ethernet ports interface-number1 to Available in system view interface-type interface-number2 [ both ] Caution: You cannot add mirrored ports, ports configured with a static MAC address, ports with 802.1x enabled, POS ports, or VPN ports to an aggregation group.
Page 67: Configuring System Priority
Operation Manual – Link Aggregation H3C S9500 Series Routing Switches Chapter 1 Link Aggregation Configuration Note: As for the aggregation resource extension function, note that: The function is unavailable to devices containing C-type LPUs. The function cannot be disabled when special port link aggregations are allocated the aggregation resources numbered from 7 to 31.
Page 68: Configuring Port Priority
Operation Manual – Link Aggregation H3C S9500 Series Routing Switches Chapter 1 Link Aggregation Configuration To do… Use the command… Remarks Configure the system lacp system-priority Available in system view priority system-priority-value Restore the default undo lacp Available in system view...
Page 69: Link Aggregation Configuration Example
Operation Manual – Link Aggregation H3C S9500 Series Routing Switches Chapter 1 Link Aggregation Configuration To do… Use the command… Remarks display link-aggregation Display detailed link interface interface-type Available in any aggregation information interface-number [ to view on specified port(s)
Page 70 Operation Manual – Link Aggregation H3C S9500 Series Routing Switches Chapter 1 Link Aggregation Configuration IV. Configuration procedure The following only lists the configuration for switch A, and that on switch B is similar. Manual aggregation # Create aggregation group 1.
Page 71 Operation Manual – Link Aggregation H3C S9500 Series Routing Switches Chapter 1 Link Aggregation Configuration Note: In the above example, the LACP-enabled ports must have the same basic configuration, rate and duplex mode to be in the same dynamic aggregation group;...
Page 72 Operation Manual – Port Isolation H3C S9500 Series Routing Switches Table of Contents Table of Contents Chapter 1 Port Isolation Configuration ..................1-1 1.1 Port Isolation Overview...................... 1-1 1.2 Configuring Port Isolation ....................1-1 1.2.1 Configuring an Isolation Group ................1-1 1.2.2 Configuring the Uplink Port in the Isolation Group..........
Page 73: Port Isolation Overview
Operation Manual – Port Isolation H3C S9500 Series Routing Switches Chapter 1 Port Isolation Configuration Chapter 1 Port Isolation Configuration Caution: The LSB1XP4CA0 and LSB1XP4B0 boards do not support port isolation. When configuring port isolation, go to these sections for information you are interested...
Page 74 Operation Manual – Port Isolation H3C S9500 Series Routing Switches Chapter 1 Port Isolation Configuration To do … Use the command … Remarks Enter system view system-view — Required Ports in the isolation group can only Configure an port-isolate group communicate with the uplink port.
Page 75: Port Isolation Configuration Example
Operation Manual – Port Isolation H3C S9500 Series Routing Switches Chapter 1 Port Isolation Configuration To do … Use the command … Remarks Enter Ethernet port interface interface-type Required view or RPR port view interface-number Required Before assign isolated ports to an isolation group, you must create the group first.
Page 76 VLAN 100. <H3C> system-view System View: return to User View with Ctrl+Z. [H3C] vlan 100 [H3C-vlan100] port Ethernet 4/1/1 to Ethernet 4/1/3 [H3C-vlan100] quit # Create isolation group 1. [H3C] port-isolate group 1 # Add Ethernet 4/1/1, Ethernet 4/1/2, and Ethernet 4/1/3 to isolation group 1.
Page 77 Operation Manual – VLAN H3C S9500 Series Routing Switches Table of Contents Table of Contents Chapter 1 VLAN Configuration ....................1-1 1.1 VLAN Overview........................1-1 1.2 Configuring VLAN ......................1-1 1.2.1 Creating/Deleting a VLAN ..................1-2 1.2.2 Specifying a Description for a VLAN or VLAN interface ......... 1-2 1.2.3 Naming the Current VLAN ..................
Page 78: Vlan Overview
Operation Manual – VLAN H3C S9500 Series Routing Switches Chapter 1 VLAN Configuration Chapter 1 VLAN Configuration When configuring VLAN, go to these sections for information you are interested in: VLAN Overview Configuring VLAN Displaying and Maintaining VLAN Overview of Protocol-Based VLAN and IP Subnet-Based VLAN...
Page 79 Operation Manual – VLAN H3C S9500 Series Routing Switches Chapter 1 VLAN Configuration Configuring Port-Based VLAN 1.2.1 Creating/Deleting a VLAN You can use the following commands to create/delete a VLAN. If the VLAN to be created exists, the system will enter the VLAN view directly. Otherwise, the system will create the VLAN first, and then enter the VLAN view.
Page 80: Displaying And Maintaining Vlan
Operation Manual – VLAN H3C S9500 Series Routing Switches Chapter 1 VLAN Configuration 1.2.3 Naming the Current VLAN To do… Use the command… Remarks Name the current VLAN name string Available in VLAN view Restore the default name undo name...
Page 81 Operation Manual – VLAN H3C S9500 Series Routing Switches Chapter 1 VLAN Configuration To do… Use the command… Remarks Display information about display vlan [ vlan-id to vlan-id | Available in any the specified VLAN(s) all | static | dynamic ]...
Page 82 Operation Manual – VLAN H3C S9500 Series Routing Switches Chapter 1 VLAN Configuration 1.5 Configuring Protocol-Based VLAN 1.5.1 Configuration Task List Complete the following tasks to configure a protocol-based VLAN: Task Remarks Configuring a Protocol VLAN Required Applying a Protocol-Based VLAN to a Port Required 1.5.2 Configuring a Protocol VLAN...
Page 83 Operation Manual – VLAN H3C S9500 Series Routing Switches Chapter 1 VLAN Configuration To do… Use the command… Remarks Display the configuration display protocol-vlan interface Available in information { interface-list | all } any view Caution: The port must be of Hybrid type and belong to the protocol-based VLAN to be applied.
Page 84 Operation Manual – VLAN H3C S9500 Series Routing Switches Chapter 1 VLAN Configuration To do… Use the command… Remarks ip-subnet-vlan [ index ] ip Assign an IP subnet to the ip-address { net-mask | Required VLAN net-mask-length } Display the configuration...
Page 85: Vlan Configuration Examples
Operation Manual – VLAN H3C S9500 Series Routing Switches Chapter 1 VLAN Configuration 1.8 Displaying and Maintaining IP Subnet-Based VLAN Configuration To do… Use the command… Remarks Display the configuration information display ip-subnet-vlan Available in any of the specified IP subnet-based...
Page 86 # Configure an egress port. [H3C] vlan 30 [H3C-vlan30] port ethernet 2/1/5 [H3C-vlan30] quit # Configure an ingress port. [H3C]interface ethernet 2/1/48 [H3C-Ethernet2/1/48] port link-type hybrid [H3C-Ethernet2/1/48] port hybrid vlan 10 20 30 untagged [H3C-Ethernet2/1/48] port hybrid pvid vlan 30...
Page 87 Operation Manual – VLAN H3C S9500 Series Routing Switches Chapter 1 VLAN Configuration # Apply the protocol to a port. [H3C-Ethernet2/1/48] port hybrid ip-subnet-vlan vlan 10 [H3C-Ethernet2/1/48] port hybrid protocol-vlan vlan 20 all 1-10...
Page 88: Chapter 2 Super Vlan Configuration
Operation Manual – VLAN H3C S9500 Series Routing Switches Chapter 2 Super VLAN Configuration Chapter 2 Super VLAN Configuration When configuring super VLAN, go to these sections for information you are interested Super VLAN Overview Configuring a Super VLAN Super VLAN Configuration Example 2.1 Super VLAN Overview...
Page 89 Operation Manual – VLAN H3C S9500 Series Routing Switches Chapter 2 Super VLAN Configuration Follow these steps to configure a super VLAN: To do… Use the command… Remarks Enter system view system-view — Enter VLAN view vlan vlan-id Required Required...
Page 90: Super Vlan Configuration Example
Operation Manual – VLAN H3C S9500 Series Routing Switches Chapter 2 Super VLAN Configuration Caution: A Super VLAN cannot contain ports. After you set the VLAN type to super VLAN, proxy ARP is automatically enabled on the VLAN interface. The default VLAN cannot be set to a super VLAN.
Page 91 Operation Manual – VLAN H3C S9500 Series Routing Switches Chapter 2 Super VLAN Configuration III. Configuration procedure <H3C>system-view System View: return to User View with Ctrl+Z. [H3C] vlan 10 [H3C-vlan10] supervlan [H3C-vlan10] vlan 2 [H3C-vlan2] port ethernet3/1/1 ethernet3/1/2 [H3C-vlan2] arp proxy enable...
Page 92 Operation Manual – VLAN H3C S9500 Series Routing Switches Chapter 3 Isolate-User-VLAN Configuration Chapter 3 Isolate-User-VLAN Configuration When configuring an isolate-user-VLAN, go to these sections for information you are interested in: Isolate-User-VLAN Overview Configuring an Isolate-User-VLAN Displaying and Maintaining Isolate-User-VLANs Isolate-User-VLAN Configuration Example 3.1 Isolate-User-VLAN Overview...
Page 93 Operation Manual – VLAN H3C S9500 Series Routing Switches Chapter 3 Isolate-User-VLAN Configuration 3.2 Configuring an Isolate-User-VLAN 3.2.1 Configuration Task List Complete these tasks to configure an isolate-user-VLAN: Task Remarks Configuring an Isolate-User-VLAN Required Configuring a Secondary VLAN Required Mapping an Isolate-User-VLAN to Secondary VLANs Required 3.2.2 Configuring an Isolate-User-VLAN...
Page 94 Operation Manual – VLAN H3C S9500 Series Routing Switches Chapter 3 Isolate-User-VLAN Configuration To do… Use the command… Remarks Optional Assign ports to the You can assign multiple ports to a port interface-list secondary VLAN secondary VLAN, excluding the uplink port.
Page 95 Operation Manual – VLAN H3C S9500 Series Routing Switches Chapter 3 Isolate-User-VLAN Configuration As for access ports, the switch synchronizes their configurations and assigns them as hybrid ports in untagged mode to the isolate-user-VLAN and the secondary VLANs and use the isolate-user-VLAN ID as their default VLAN ID.
Page 96 Operation Manual – VLAN H3C S9500 Series Routing Switches Chapter 3 Isolate-User-VLAN Configuration 3.4 Isolate-User-VLAN Configuration Example I. Network requirements Switch A is connected to Switch B and Switch C at the downstream. On Switch B VLAN 5 is an isolate-user-VLAN, containing an uplink port (Ethernet 2/1/1) and two secondary VLANs, VLAN 2 and VLAN 3.
Page 97 [H3C-vlan3] port ethernet2/1/3 [H3C-vlan3] vlan 2 [H3C-vlan2] port ethernet2/1/2 # Configure the mapping between the isolate-user-VLAN and the secondary VLANs. [H3C-vlan2] quit [H3C] isolate-user-vlan 5 secondary 2 to 3 Configuration on Switch C # Configure the isolate-user-VLAN. <H3C> system-view [H3C] vlan 6...
Page 98 Operation Manual – MAC Address Table Management H3C S9500 Series Routing Switches Table of Contents Table of Contents Chapter 1 MAC Address Table Management................1-1 1.1 MAC Address Table Management Overview ..............1-1 1.2 MAC Address Table Management Configuration .............. 1-2 1.2.1 Setting MAC Address Table Entries................
Page 99: Chapter 1 Mac Address Table Management
Operation Manual – MAC Address Table Management H3C S9500 Series Routing Switches Chapter 1 MAC Address Table Management Chapter 1 MAC Address Table Management When configuring MAC address table management, go to these sections for information you are interested in:...
Page 100: Mac Address Table Management Configuration
Operation Manual – MAC Address Table Management H3C S9500 Series Routing Switches Chapter 1 MAC Address Table Management MAC address Port MAC A MAC B MAC C MAC D MAC A MAC C MAC B MAC D Port 1 Port 2 Figure 1-1 The switch forwards packets with MAC address table The switch also provides the function of MAC address aging.
Page 101: Setting Mac Address Aging Time
Operation Manual – MAC Address Table Management H3C S9500 Series Routing Switches Chapter 1 MAC Address Table Management To do… Use the command… undo mac-address [ static | dynamic ] [ mac-addr Delete an address [ interface interface-type interface-number ] vlan vlan-id |...
Page 102 1.2.4 Configuring MAC Learning Limit for a VLAN The MAC address learning function enables an S9500 series switch to learn the MAC addresses of the devices assigned to a VLAN. To prevent the MAC address table from getting so large that the forwarding performance decreases, you can limit the number of MAC addresses that can be learned in a VLAN.
Page 103 Operation Manual – MAC Address Table Management H3C S9500 Series Routing Switches Chapter 1 MAC Address Table Management To do… Use the command… Remarks Enter system view system-view — Enter VLAN view vlan vlan-id — Optional Set the maximum number...
Page 104 Operation Manual – MAC Address Table Management H3C S9500 Series Routing Switches Chapter 1 MAC Address Table Management 1.2.6 Configuring a Source MAC Address for a Port When an S9500 switch forwards a packet at Layer 3, it generally uses the MAC address of the VLAN interface where the egress port resides as the source MAC address of the packet.
Page 105: Configuring Mac Address Table Management
# Enter the system view of the switch. <H3C> system-view # Add a MAC address (specify the native VLAN, port and state). [H3C] mac-address static 000f-e201-0101 interface ethernet 2/1/2 vlan 10 # Set the address aging time to 500 seconds. [H3C] mac-address timer 500...
Page 106 Operation Manual – MAC Address Table Management H3C S9500 Series Routing Switches Chapter 1 MAC Address Table Management [H3C] display mac-address interface Ethernet 2/1/2 MAC ADDR VLAN ID STATE PORT INDEX AGING TIME(s) 000f-e201-0101 Config static Ethernet 2/1/2 NOAGING 0600-0002-0265...
Page 107 Operation Manual – MAC Address Table Management Chapter 2 Static Multicast MAC Address H3C S9500 Series Routing Switches Group Configuration Chapter 2 Static Multicast MAC Address Group Configuration When configuring a static multicast MAC address group, go to these sections for...
Page 108 Operation Manual – MAC Address Table Management Chapter 2 Static Multicast MAC Address H3C S9500 Series Routing Switches Group Configuration To do… Use the command… Remarks Enter system view system-view — mac-address multicast mac-addr Configure a static interface { { interface-type...
Page 109 Figure 2-1 Network diagram for static multicast MAC address group III. Configuration procedure # Enter system view. <H3C> system-view # Configure a static multicast MAC address group, and add multiple ports to the group. [H3C] mac-address multicast 0100-5e01-018d interface ethernet 2/1/1 to ethernet 2/1/3 vlan 2...
Page 110 Operation Manual – GVRP H3C S9500 Series Routing Switches Table of Contents Table of Contents Chapter 1 GVRP Configuration ....................1-1 1.1 Overview ..........................1-1 1.1.1 Introduction to GARP ....................1-1 1.1.2 Introduction to GVRP ....................1-2 1.2 Configuring GVRP ......................1-3 1.2.1 Enabling/Disabling Global GVRP................
Page 111: Chapter 1 Gvrp Configuration
Operation Manual – GVRP H3C S9500 Series Routing Switches Chapter 1 GVRP Configuration Chapter 1 GVRP Configuration When configuring GVRP, go to these sections for information you are interested in: Overview Configuring GVRP Displaying and Maintaining GVRP GVRP Configuration Example 1.1 Overview...
Page 112: Introduction To Gvrp
GVRP is described in details in the IEEE 802.1Q standard. H3C series switches fully support the GARP compliant with the IEEE standards. Configuring GVRP primarily involves the following tasks:...
Page 113: Configuring Gvrp
Operation Manual – GVRP H3C S9500 Series Routing Switches Chapter 1 GVRP Configuration Note: After an aggregation group is created, although the GVRP-related configuration of the port operating as the master port remains unchanged and is synchronized to the slave ports, GVRP is not enabled on the slave ports.
Page 114: Setting The Gvrp Registration Type
Operation Manual – GVRP H3C S9500 Series Routing Switches Chapter 1 GVRP Configuration To do … Use the command … Enable port GVRP gvrp Disable port GVRP undo gvrp Before enabling port GVRP, you must enable global GVRP. Note that GVRP can only be enabled on trunk ports.
Page 115 Operation Manual – GVRP H3C S9500 Series Routing Switches Chapter 1 GVRP Configuration message has not been acknowledged before the Join timer expires, the GARP participant sends the second Join message. Leave timer –– Starts upon receipt of a Leave message sent for deregistering some attribute information.
Page 116: Displaying And Maintaining Gvrp
Operation Manual – GVRP H3C S9500 Series Routing Switches Chapter 1 GVRP Configuration 1.3 Displaying and Maintaining GVRP To do … Use the command … Remarks Display GARP statistics display garp statistics Available in any view information [ interface interface-list ]...
Page 117 Operation Manual – GVRP H3C S9500 Series Routing Switches Chapter 1 GVRP Configuration IV. Configuration procedure Configure Switch A # Enable GVRP globally. <H3C> system-view System View: return to User View with Ctrl+Z. [H3C] gvrp # Configure Ethernet 1/1/1 as a trunk port and allow the packets of all the VLANs to pass through.
Page 118 Operation Manual – QinQ H3C S9500 Series Routing Switches Table of Contents Table of Contents Chapter 1 QinQ Configuration ..................... 1-1 1.1 QinQ Overview........................1-1 1.1.1 Introduction to QinQ ....................1-1 1.1.2 Implementation of QinQ ..................1-2 1.1.3 Adjusting TPID Values of QinQ Packets..............1-2 1.2 Configuring VLAN VPN on a Port ..................
Page 119: Chapter 1 Qinq Configuration
Operation Manual – QinQ H3C S9500 Series Routing Switches Chapter 1 QinQ Configuration Chapter 1 QinQ Configuration When configuring QinQ, go to these sections for the information you are interested in: QinQ Overview Configuring VLAN VPN on a Port Configuring Traffic Classification-Based Nested VLAN...
Page 120 Figure 1-2 The structure of the VLAN Tag field of an Ethernet frame By default, a S9500 series switch uses 0x8100 as the value of the TPID field, which is defined by IEEE 802.1Q. But S9500 series switches can also adjust the TPID values of QinQ packets.
Page 121 Operation Manual – QinQ H3C S9500 Series Routing Switches Chapter 1 QinQ Configuration To modify the TPID values of packets, you need to set the ports connecting to the public networks to be VLAN-VPN uplink ports, whose TPID value can be configured by users.
Page 122 Operation Manual – QinQ H3C S9500 Series Routing Switches Chapter 1 QinQ Configuration Caution: VLAN VPN is unavailable to ports on which GVRP, STP, NTP, 802.1x, or RRPP is enabled. VLAN VPN cannot be enabled on a port if the VLAN which the port belongs to has IGMP Snooping enabled or its VLAN interface has IGMP enabled.
Page 123 Operation Manual – QinQ H3C S9500 Series Routing Switches Chapter 1 QinQ Configuration Operation Command Remarks traffic-redirect inbound ip-group { acl-number | acl-name } [ rule rule [ system-index index ] ] Deliver a nested-vlan nested-vlanid Layer 3 [ interface interface-type...
Page 124 Operation Manual – QinQ H3C S9500 Series Routing Switches Chapter 1 QinQ Configuration Operation Command Remarks Deliver a traffic-redirect inbound ip-group Layer 3 { acl-number | acl-name } [ rule rule traffic [ system-index index ] ] classification modified-vlan modified-vlanid...
Page 125 Operation Manual – QinQ H3C S9500 Series Routing Switches Chapter 1 QinQ Configuration 1.4.2 Configuration Procedure Table 1-3 Configure the TPID to be used in the outer tag Operation Command Remarks Enter system view system-view — The value argument ranges from 1 to 0xFFFF and defaults to 0x8100.
Page 126 Operation Manual – QinQ H3C S9500 Series Routing Switches Chapter 1 QinQ Configuration As shown in Figure 1-3, the service provider network comprises packet input and output devices. The customer networks include network A and network B. Through the configuration on the devices at both ends of the service provider network, the...
Page 127: Qinq Configuration Examples
Operation Manual – QinQ H3C S9500 Series Routing Switches Chapter 1 QinQ Configuration 1.6 Displaying and Maintaining QinQ Configuration To do … Use the command … Remarks Display the configuration display atm vlan-vpn information of VLAN [ interface atm VPN-enabled PVCs of an...
Page 128 # Configure QinQ so that when the packets of VLAN 100 to 512 leave the uplink port GigabitEthernet 4/1/1, they need to be tagged with the exterior tag of VLAN 100. [H3C] acl number 4000 [H3C-acl-link-4000] rule 0 permit s-tag-vlan 100 to 512 [H3C-GigabitEthernet4/1/2] traffic-redirect inbound link-group 4000 rule 0 nested-vlan 1000...
Page 129 1.7.2 TPID Value Configuration Example I. Network requirements Switch A and Switch C are S9500 series switches. Switch B is a switch produced by other vendor. It uses TPID value of 0x9100. Two networks are connected to the GigabitEthernet 2/1/1 ports of Switch A and Switch C respectively.
Page 130 Operation Manual – QinQ H3C S9500 Series Routing Switches Chapter 1 QinQ Configuration # Configure the GigabitEthernet 2/1/2 port to be a VLAN-VPN uplink port and add it to VLAN 10 (a trunk port). [SwitchA]interface GigabitEthernet2/1/2 [SwitchA-GigabitEthernet2/1/2]port link-type trunk [SwitchA-GigabitEthernet2/1/2]port trunk permit vlan 10...
Page 131 1.7.3 VLAN-VPN Tunneling Configuration Example I. Network requirements S9500 series switches, namely Switch C and D in the network diagram, serve as devices used to access the service provider network. S2000 series switches, namely Switch C and D in the network diagram, serve as devices used to access the customer network.
Page 132 Operation Manual – QinQ H3C S9500 Series Routing Switches Chapter 1 QinQ Configuration # Set the port to a trunk port and allow the packets of VLAN 10 to pass the port. [H3C] vlan 10 [H3C-Ethernet0/1] port link-type trunk [H3C-Ethernet0/1]port trunk permit vlan 10 Configure switch C.
Page 133 Operation Manual – QinQ H3C S9500 Series Routing Switches Chapter 1 QinQ Configuration # Set Ethernet 3/1/3 to a trunk port and add this port to all the VLANs. [H3C] interface Ethernet3/1/3 [H3C-Ethernet3/1/3] port link-type trunk [H3C-Ethernet3/1/3] port trunk permit vlan all Caution: STP must be enabled on VLAN-VPN tunneling-enabled devices;...
Page 134 Operation Manual – Ethernet Port Loopback Detection H3C S9500 Series Routing Switches Table of Contents Table of Contents Chapter 1 Ethernet Port Loopback Detection ................1-1 1.1 Overview ..........................1-1 1.2 Configuring the Loopback Detection Function..............1-1 1.3 Displaying and Maintaining Loopback Detection............... 1-2...
Page 135: Configuring The Loopback Detection Function
Operation Manual – Ethernet Port Loopback Detection H3C S9500 Series Routing Switches Chapter 1 Ethernet Port Loopback Detection Chapter 1 Ethernet Port Loopback Detection When configuring Ethernet port loopback detection, go to these sections for information you are interested in:...
Page 136 Operation Manual – Ethernet Port Loopback Detection H3C S9500 Series Routing Switches Chapter 1 Ethernet Port Loopback Detection To do … Use the command … Remarks interface interface-type Enter Ethernet port view — interface-number Enable the control loopback-detection function of port loopback...
Page 137 Operation Manual – DLDP H3C S9500 Series Routing Switches Table of Contents Table of Contents Chapter 1 DLDP Configuration ....................1-1 1.1 Introduction to DLDP ......................1-1 1.1.1 DLDP Fundamentals....................1-2 1.1.2 Notes on DLDP Configuration................. 1-7 1.2 DLDP Configuration......................1-8 1.2.1 Basic DLDP Configuration Tasks................
Page 138: Chapter 1 Dldp Configuration
Operation Manual – DLDP H3C S9500 Series Routing Switches Chapter 1 DLDP Configuration Chapter 1 DLDP Configuration When configuring DLDP, go to these sections for information that you are interested in: Introduction to DLDP DLDP Configuration DLDP Configuration Example 1.1 Introduction to DLDP Sometimes, unidirectional links may appear in networks.
Page 139: Dldp Fundamentals
Operation Manual – DLDP H3C S9500 Series Routing Switches Chapter 1 DLDP Configuration Switch A GE2/1/1 GE2/1/2 GE2/1/1 GE2/1/2 Switch B Figure 1-2 Unidirectional fiber link: fiber not connected or disconnected As a data link layer protocol, DLDP cooperates with physical layer protocols to monitor the link status of a device.
Page 140 Operation Manual – DLDP H3C S9500 Series Routing Switches Chapter 1 DLDP Configuration Table 1-1 DLDP states State Indicates… Initial DLDP is disabled. Inactive DLDP is enabled but the link is down. DLDP is enabled and the link is up, or the neighbor entries have Active been cleared.
Page 141 Operation Manual – DLDP H3C S9500 Series Routing Switches Chapter 1 DLDP Configuration Timer Description A neighbor entry is created when a new neighbor is added; at the same time, an aging timer starts for the entry. When the device receives packets from its neighbors, the...
Page 142 Operation Manual – DLDP H3C S9500 Series Routing Switches Chapter 1 DLDP Configuration Whether to check the Starts an entry Starts the enhanced DLDP existence of a neighbor aging timer to timer when the operation when the corresponding age a neighbor...
Page 143 Operation Manual – DLDP H3C S9500 Series Routing Switches Chapter 1 DLDP Configuration Table 1-5 Actions performed upon receipt of a DLDP packet Packet Action type If the corresponding neighbor entry does not exist, Extract the DLDP creates the neighbor entry, starts the entry neighbor aging timer, and transits to the probe state.
Page 144 Operation Manual – DLDP H3C S9500 Series Routing Switches Chapter 1 DLDP Configuration Packet Action type Check whether Drop the packet the local device is operatin RecoverP g in the robe disable state or Send a RecoverEcho packet advertise ment...
Page 145: Dldp Configuration
Operation Manual – DLDP H3C S9500 Series Routing Switches Chapter 1 DLDP Configuration The interval for DLDP advertisement is tunable allowing DLDP to respond in time to link failures in different network environments. If the interval is too long, STP loops may occur before unidirectional links are terminated;...
Page 146 Operation Manual – DLDP H3C S9500 Series Routing Switches Chapter 1 DLDP Configuration Caution: DLDP takes effect only when the local port and the peer port are configured with the same authentication mode and password. 1.2.2 Resetting DLDP Configuration Note: You can reset the DLDP state for the ports shut down by DLDP due to unidirectional links to enable DLDP detection again.
Page 147: Dldp Configuration Example
Operation Manual – DLDP H3C S9500 Series Routing Switches Chapter 1 DLDP Configuration 1.3 DLDP Configuration Example I. Network requirements The two DLDP-capable switches are connected through two pairs of optical fibers. Configure DLDP on the switches to meet the following requirements: When DLDP detects a unidirectional link, DLDP disconnects the unidirectional link automatically.
Page 148 Operation Manual – DLDP H3C S9500 Series Routing Switches Chapter 1 DLDP Configuration [SwitchA-GigabitEthernet2/1/3] quit [SwitchA] interface gigabitethernet 2/1/4 [SwitchA-GigabitEthernet2/1/4] dldp enable # Set the interval for sending DLDP packets to 15 seconds. [SwitchA-GigabitEthernet2/1/4] quit [SwitchA] dldp interval 15 # Configure the switch to operate in enhanced DLDP mode.
Page 149 Operation Manual – DLDP H3C S9500 Series Routing Switches Chapter 1 DLDP Configuration If the switches are correctly connected, the output information should indicate that the links between the switch and its neighbors are bi-directionally reachable (two way links). Otherwise, the output information will indicate that the links are unidirectional (one way links).
Page 150 Operation Manual – Ethernet OAM H3C S9500 Series Routing Switches Table of Contents Table of Contents Chapter 1 Ethernet OAM Configuration ..................1-1 1.1 Ethernet OAM Overview ....................1-1 1.1.1 Establishing OAM Connection ................1-3 1.1.2 Link Monitor......................1-4 1.1.3 Diagnosing Remote Faults..................1-4 1.1.4 Remote Loopback ....................
Page 151: Ethernet Oam Overview
Operation Manual – Ethernet OAM H3C S9500 Series Routing Switches Chapter 1 Ethernet OAM Configuration Chapter 1 Ethernet OAM Configuration When configuring Ethernet OAM, go to these sections for information you are interested in: Ethernet OAM Overview Configuring OAM Displaying and Maintaining OAM OAM Configuration Example 1.1 Ethernet OAM Overview...
Page 152 Operation Manual – Ethernet OAM H3C S9500 Series Routing Switches Chapter 1 Ethernet OAM Configuration Support the link fault event Support or not (packet delivery remote Name Description ratio when a unidirectional loopback or link presents) 24-port Gigabit LSB1GT24 Ethernet electrical...
Page 153 Operation Manual – Ethernet OAM H3C S9500 Series Routing Switches Chapter 1 Ethernet OAM Configuration Support the link fault event Support or not (packet delivery remote Name Description ratio when a unidirectional loopback or link presents) 8-port Gigabit electrical interface +...
Page 154: Link Monitor
Operation Manual – Ethernet OAM H3C S9500 Series Routing Switches Chapter 1 Ethernet OAM Configuration Processing capability Active DTE Passive DTE Yes, but the peer DTE is required to Send variable response OAMPDUs be in the active mode. Send loopback control OAMPDUs...
Page 155: Remote Loopback
Operation Manual – Ethernet OAM H3C S9500 Series Routing Switches Chapter 1 Ethernet OAM Configuration link event supported by OAM. Currently, OAM defines the link fault event, which occurs when the local end can send data, but cannot receive data. In this case, OAMPDUs are sent once every second.
Page 156 Operation Manual – Ethernet OAM H3C S9500 Series Routing Switches Chapter 1 Ethernet OAM Configuration II. Event notification OAMPDU The event notification OAMPDU is used for link monitoring and is used to notify the remote OAM entity that a fault has occurred to the link.
Page 157 Operation Manual – Ethernet OAM H3C S9500 Series Routing Switches Chapter 1 Ethernet OAM Configuration To do … Use the command … Remarks Optional oam ethernet mode Set OAM mode By default, OAM is set to { active | passive } the passive mode.
Page 158 Operation Manual – Ethernet OAM H3C S9500 Series Routing Switches Chapter 1 Ethernet OAM Configuration To do … Use the command … Remarks Enter system view system-view — oam ethernet Optional Configure the error signal errored-symbol period detection interval The default is 1 second.
Page 159 Operation Manual – Ethernet OAM H3C S9500 Series Routing Switches Chapter 1 Ethernet OAM Configuration Note: If the number of error frames detected on a port over a detection interval is equal to or greater than the error threshold, an error frame event is created.
Page 160 Operation Manual – Ethernet OAM H3C S9500 Series Routing Switches Chapter 1 Ethernet OAM Configuration To do … Use the command … Remarks Enter system view system-view — oam ethernet Optional Configure the error frame errored-frame-seconds second detection interval The default is 60 seconds.
Page 161 Operation Manual – Ethernet OAM H3C S9500 Series Routing Switches Chapter 1 Ethernet OAM Configuration Note: The oam ethernet loopback command just triggers loopback, and buildrun is not performed. You can perform remote loopback only after establishing the OAM connection;...
Page 162 Operation Manual – Ethernet OAM H3C S9500 Series Routing Switches Chapter 1 Ethernet OAM Configuration Note: After an OAM link times out, the local end of the Ethernet OAM will age out its connection to the remote OAM entity, resulting in disconnection of the OAM link. In normal conditions, you are recommended to set the timeout time to be longer than the interval for sending Ethernet OAM hello PDUs.
Page 163: Oam Configuration Example
# Configure the error frame detection interval. [H3C] oam ethernet errored-frame period 20 # Configure the error threshold for creating an error frame event. [H3C] oam ethernet errored frame threshold 10 # Display the global configuration information of OAM [H3C] display oam ethernet configuration...
Page 164 Operation Manual – Ethernet OAM H3C S9500 Series Routing Switches Chapter 1 Ethernet OAM Configuration Errored-frame Event threshold 10(f) Errored-frame-period Event period 1000(ms) Errored-frame-period Event threshold 1(f) Errored-frame-seconds Event period 60(s) Errored-frame-seconds Event threshold : 1(s) Configure Switch B # Enable OAM on Ethernet 1/1/1. The default OAM mode is Active.
Page 165 Operation Manual – Smart Link and Monitor Link H3C S9500 Series Routing Switches Table of Contents Table of Contents Chapter 1 Smart Link Configuration.................... 1-1 1.1 Smart Link Overview......................1-1 1.1.1 Basic Smart Link Concepts ..................1-1 1.1.2 Operating Mechanism of Smart Link............... 1-3 1.2 Smart Link Configuration ....................
Page 166: Smart Link Overview
Operation Manual – Smart Link and Monitor Link H3C S9500 Series Routing Switches Chapter 1 Smart Link Configuration Chapter 1 Smart Link Configuration When configuring Smart Link, go to these sections for information that you are interested in: Smart Link Overview...
Page 167 Operation Manual – Smart Link and Monitor Link H3C S9500 Series Routing Switches Chapter 1 Smart Link Configuration connection fault, or presence of unidirectional link for example, the standby port becomes active to take over while the original active port transits to the blocked state.
Page 168: Operating Mechanism Of Smart Link
Operation Manual – Smart Link and Monitor Link H3C S9500 Series Routing Switches Chapter 1 Smart Link Configuration Note: As flush messages are transmitted in the control VLAN, you need to make sure the control VLAN is properly created, which can be done in one of the following two ways.
Page 169 Operation Manual – Smart Link and Monitor Link H3C S9500 Series Routing Switches Chapter 1 Smart Link Configuration In the first approach, update is triggered by bidirectional traffic; it is suitable where the device is working with devices of other vendors. The second approach requires that all the uplink devices be able to recognize smart link flush messages for MAC address and ARP table update.
Page 170 Operation Manual – Smart Link and Monitor Link H3C S9500 Series Routing Switches Chapter 1 Smart Link Configuration To do... Use the command... Remarks Configure a port as the port interface-type master port of the smart interface-number master link group...
Page 171 Operation Manual – Smart Link and Monitor Link H3C S9500 Series Routing Switches Chapter 1 Smart Link Configuration Caution: Make sure the ports (or aggregation groups) to be configured as smart link group member ports are not monitor link group member ports.
Page 172: Displaying And Maintaining Smart Link
Operation Manual – Smart Link and Monitor Link H3C S9500 Series Routing Switches Chapter 1 Smart Link Configuration 1.3 Displaying and Maintaining Smart Link To do... Use the command... Remarks Display the information of display smart-link Available in any view...
Page 173 Operation Manual – Smart Link and Monitor Link H3C S9500 Series Routing Switches Chapter 1 Smart Link Configuration [H3C] vlan 4092 [H3C-vlan 4092] quit [H3C] smart-link group 1 [H3C-smlk-group1] protected-instance 0 to 48 [H3C-smlk-group1] port ethernet1/1/1 master [H3C-smlk-group1] port ethernet1/1/2 slave...
Page 174 Operation Manual – Smart Link and Monitor Link H3C S9500 Series Routing Switches Chapter 1 Smart Link Configuration Assign ports Ethernet1/1/1 and Ethernet1/1/2 to smart link group 1 as the master and the slave respectively and to smart link group 2 as the slave and the master respectively.
Page 175 [H3C-Ethernet1/1/2] port trunk permit vlan 1 to 1000 4092 [H3C-Ethernet1/1/2] quit [H3C] stp region-configuration [H3C-mst-region] instance 1 vlan 1 to 200 801 to 1000 4092 Info: The new configuration won't be active until you activate it. [H3C-mst-region] instance 25 vlan 201 to 800 Info: The new configuration won't be active until you activate it.
Page 176: Introduction To Monitor Link
Operation Manual – Smart Link and Monitor Link H3C S9500 Series Routing Switches Chapter 2 Monitor Link Configuration Chapter 2 Monitor Link Configuration When configuring Monitor Link, go to these sections for information you are interested Introduction to Monitor Link...
Page 177: Monitor Link Configuration
Operation Manual – Smart Link and Monitor Link H3C S9500 Series Routing Switches Chapter 2 Monitor Link Configuration 2.1.2 Typical Monitor Link Network Diagram Switch A Switch B Switch D Switch C Switch E Figure 2-1 A Monitor Link implementation On Switch B, port 21 is configured as the uplink port of a monitor link group.
Page 178: Displaying And Maintaining Monitor Link
Operation Manual – Smart Link and Monitor Link H3C S9500 Series Routing Switches Chapter 2 Monitor Link Configuration To do... Use the command... Remarks Enter system view system-view — Create a monitor link group and monitor-link group id Required enter monitor link group view...
Page 179 Operation Manual – Smart Link and Monitor Link H3C S9500 Series Routing Switches Chapter 2 Monitor Link Configuration II. Network diagram Switch A Eth1/1/1 Eth1/1/2 Eth1/1/1 Eth1/1/1 Switch B Switch D Eth1/1/2 Eth1/1/2 Eth1/1/3 Eth1/1/3 Eth1/1/1 Eth1/1/1 Eth1/1/2 Eth1/1/2 Switch C...
Page 180 Operation Manual – Smart Link and Monitor Link Chapter 3 Smart Link and Monitor Link H3C S9500 Series Routing Switches Configuration Example Chapter 3 Smart Link and Monitor Link Configuration Example 3.1 Network Requirements As shown in Figure 3-1, Switch C and Switch E are dually uplinked to Switch B and Switch D.
Page 181 Operation Manual – Smart Link and Monitor Link Chapter 3 Smart Link and Monitor Link H3C S9500 Series Routing Switches Configuration Example [H3C-smlk-group] port ethernet1/1/2 slave [H3C-smlk-group] flush enable control-vlan 4092 [H3C-smlk-group] quit [H3C] interface ethernet1/1/1 [H3C- Ethernet1/1/1] port link-type trunk...
Page 182 Operation Manual – Smart Link and Monitor Link Chapter 3 Smart Link and Monitor Link H3C S9500 Series Routing Switches Configuration Example [H3C] interface GigabitEthernet2/1/3 [H3C-GigabitEthernet2/1/3] port link-type trunk [H3C-GigabitEthernet2/1/3] port trunk permit vlan 4092 [H3C-Ethernet2/1/3] quit [H3C] smart-link flush enable control-vlan 4092...
Page 183: Configuring Monitor Link
Operation Manual – Smart Link and Monitor Link Chapter 3 Smart Link and Monitor Link H3C S9500 Series Routing Switches Configuration Example 3.3.2 Configuring Monitor Link # Configure a monitor link group on Switch B. Add Port 21, Port 22, and Port 23 to the monitor link group (assuming that Port 21 is GigabitEthernet2/1/1, port 22 is GigabitEthernet2/1/2, and port 23 is GigabitEthernet2/1/3).
Page 184 Operation Manual – MSTP H3C S9500 Series Routing Switches Table of Contents Table of Contents Chapter 1 MSTP Configuration ....................1-1 1.1 Introduction to MSTP ......................1-1 1.1.1 MSTP Concepts ...................... 1-1 1.1.2 How MSTP Works ....................1-6 1.1.3 MSTP Implementation on the Switch ..............1-11 1.2 MSTP Configuration Tasks....................
Page 185: Introduction To Mstp
Operation Manual – MSTP H3C S9500 Series Routing Switches Chapter 1 MSTP Configuration Chapter 1 MSTP Configuration When configuring MSTP, go to these sections for the information you are interested in: Introduction to MSTP MSTP Configuration Tasks Displaying and Debugging MSTP Typical MSTP Configuration Examples 1.1 Introduction to MSTP...
Page 186 Operation Manual – MSTP H3C S9500 Series Routing Switches Chapter 1 MSTP Configuration Figure 1-1 Basic MSTP concepts I. MST region Multiple Spanning Tree Regions: A multiple spanning tree region contains several switches and the network segments between them. These MSTP switches share the same region name, VLAN-spanning tree mapping configuration, and MSTP revision level configuration, and are connected directly.
Page 187 Operation Manual – MSTP H3C S9500 Series Routing Switches Chapter 1 MSTP Configuration Tree (CIST) for the entire switching network. The IST in a MST region is a fragment of the CIST. For example, every MST region in Figure 1-1 has an IST, which is a fragment of CIST.
Page 188 Operation Manual – MSTP H3C S9500 Series Routing Switches Chapter 1 MSTP Configuration The root port is the one through which the data are forwarded to the root. The designated port is the one through which the data are forwarded to the downstream network segment or switch.
Page 189 Operation Manual – MSTP H3C S9500 Series Routing Switches Chapter 1 MSTP Configuration MSTP modules communicate with each other among bridges by MSTP BPDU packets. The following figure shows the MSTP BPDU packet format: Figure 1-3 MSTP BPDU packet format...
Page 190: How Mstp Works
Operation Manual – MSTP H3C S9500 Series Routing Switches Chapter 1 MSTP Configuration The second and third bits together indicate MSTP port role. TC packet A TC packet is also an MSTP BPDU packet, but the lowest bit of its flags field is set to 1, which endows the TC packet with special meaning.
Page 191 Operation Manual – MSTP H3C S9500 Series Routing Switches Chapter 1 MSTP Configuration Classification Designated bridge Designated port The port through which The device responsible for the designated bridge For a LAN forwarding BPDUs to this LAN forwards BPDUs to this...
Page 192 Operation Manual – MSTP H3C S9500 Series Routing Switches Chapter 1 MSTP Configuration To facilitate the descriptions, only the first four parts of the configuration BPDU are described in the example. They are root ID (expressed as switch priority), path cost to the root, designated bridge ID (expressed as switch priority) and the designated port ID (expressed as the port number).
Page 193 Operation Manual – MSTP H3C S9500 Series Routing Switches Chapter 1 MSTP Configuration Determine the root and designated ports, and update the configuration BPDU of designated ports. The port receiving the optimum configuration BPDU is designated to be the root port, whose configuration BPDU remains unchanged.
Page 194 Operation Manual – MSTP H3C S9500 Series Routing Switches Chapter 1 MSTP Configuration Then, all the designated ports of Switch B transmit the configuration BPDUs regularly. Switch C: CP2 receives from the BP2 of Switch B the configuration BPDU {1, 0, 1, BP2} that has not been updated and then the updating process is launched.
Page 195: Mstp Implementation On The Switch
MSTP is compatible with STP and RSTP. The MSTP switch can recognize both the STP and RSTP packets and calculate the spanning tree with them. Besides the basic MSTP functions, H3C Ethernet Switch Series also provide some features easy to manage from users’ point of view. These features include root bridge hold, secondary root bridge, ROOT protection, BPDU protection, loop protection, hot swapping of the interface boards, master/slave switchover, and so on.
Page 196 Operation Manual – MSTP H3C S9500 Series Routing Switches Chapter 1 MSTP Configuration 1.2 MSTP Configuration Tasks MSTP configuration tasks include: Configuring the MST Region for a Switch Specifying the Switch as a Primary or a Secondary Root bridge Configuring the MSTP Running Mode...
Page 197: Configuring The Mst Region For A Switch
Operation Manual – MSTP H3C S9500 Series Routing Switches Chapter 1 MSTP Configuration 1.2.1 Configuring the MST Region for a Switch Which MST region a switch belongs to is determined with the configurations of the region name, VLAN mapping table, and MSTP revision level. You can perform the following configurations to put a switch into an MST region.
Page 198 Operation Manual – MSTP H3C S9500 Series Routing Switches Chapter 1 MSTP Configuration A user manually activates the configured parameters related to the MST region, using the active region-configuration command. A user enables MSTP using the stp enable command. By default, the MST region name is the switch MAC address, all the VLANs in the MST region are mapped to the STI 0, and the MSTP region revision level is 0.
Page 199: Specifying The Switch As A Primary Or A Secondary Root Bridge
Operation Manual – MSTP H3C S9500 Series Routing Switches Chapter 1 MSTP Configuration To do... Use the command... Manually activate the MST region configuration active region-configuration Exit MST region view quit 1.2.2 Specifying the Switch as a Primary or a Secondary Root bridge MSTP can determine the spanning tree root through calculation.
Page 200: Configuring The Mstp Running Mode
Operation Manual – MSTP H3C S9500 Series Routing Switches Chapter 1 MSTP Configuration When configuring the primary and secondary switches, you can also configure the network diameter and hello time of the specified switching network. For detailed information, refer to section...
Page 201: Configuring The Bridge Priority For A Switch
Operation Manual – MSTP H3C S9500 Series Routing Switches Chapter 1 MSTP Configuration automatically transit back to MSTP mode after the STP switch is removed. In this case, you can execute the stp mcheck command to restore the MSTP mode.
Page 202 Operation Manual – MSTP H3C S9500 Series Routing Switches Chapter 1 MSTP Configuration Perform the following configuration in system view. Table 1-9 Configure the max hops in an MST region To do... Use the command... Configure the max hops in an MST region...
Page 203: Configuring The Time Parameters Of A Switch
Operation Manual – MSTP H3C S9500 Series Routing Switches Chapter 1 MSTP Configuration Note: The stp bridge-diameter command configures the switched network diameter and determines the three MSTP time parameters (Hello Time, Forward Delay, and Max Age) accordingly. 1.2.7 Configuring the Time Parameters of a Switch The switch has three time parameters, Forward Delay, Hello Time, and Max Age.
Page 204: Setting The Timeout Factor Of A Specific Bridge
Operation Manual – MSTP H3C S9500 Series Routing Switches Chapter 1 MSTP Configuration Every switch on the switching network adopts the values of the time parameters configured on the root bridge of the CIST. Caution: The Forward Delay configured on a switch depends on the switching network diameter.
Page 205: Configuring The Max Transmission Speed On A Port
Operation Manual – MSTP H3C S9500 Series Routing Switches Chapter 1 MSTP Configuration busy. In this case, you can set the timeout interval to a bigger value to avoid this kind of unwanted recalculation. You can use the following command to set the multiple value of hello time of a specified bridge.
Page 206 Operation Manual – MSTP H3C S9500 Series Routing Switches Chapter 1 MSTP Configuration Table 1-14 Configure the max transmission speed on a port To do... Use the command... Configure the max transmission speed on a port stp transmit-limit packetnum Restore the default max transmission speed on a...
Page 207: Configuring The Path Cost Of A Port
Operation Manual – MSTP H3C S9500 Series Routing Switches Chapter 1 MSTP Configuration Table 1-16 Configure a port as an edge port or a non-edge port To do... Use the command... Configure a port as an edge port stp edged-port enable...
Page 208: Stp Path Cost Calculation Standards On Stp Port
Operation Manual – MSTP H3C S9500 Series Routing Switches Chapter 1 MSTP Configuration I. Configuration in system view Perform the following configuration in system view. Table 1-17 Configure the path cost of a port To do... Use the command... stp interface interface-list [ instance...
Page 209: Configuring The Priority Of A Port
Operation Manual – MSTP H3C S9500 Series Routing Switches Chapter 1 MSTP Configuration Table 1-19 Port rates and corresponding path costs Legacy Port rate Duplex status 802.1D-1998 IEEE 802.1t standard — 65535 200,000,000 200,000 Half-Duplex 2,000,000 2,000 Full-Duplex 2,000,000 2,000...
Page 210 Operation Manual – MSTP H3C S9500 Series Routing Switches Chapter 1 MSTP Configuration different priorities in different STIs and plays different roles respectively. Thus the traffic from different VLANs can run over different physical links, thereby implementing the VLAN-based load-balancing.
Page 211 Operation Manual – MSTP H3C S9500 Series Routing Switches Chapter 1 MSTP Configuration Table 1-23 Configure all ports as being (being not) on point-to-point links To do... Use the command... Configure all ports as being on point-to-point stp interface interface-list...
Page 212: Configuring The Mcheck Variable Of A Port
Operation Manual – MSTP H3C S9500 Series Routing Switches Chapter 1 MSTP Configuration This configuration takes effect on the CIST and all the MSTIs. Note that a temporary loop may be introduced if you configure a port as being on a point-to-point link by force while it is physically not.
Page 213 Operation Manual – MSTP H3C S9500 Series Routing Switches Chapter 1 MSTP Configuration Table 1-26 Configure the mCheck variable of a port To do... Use the command... Perform mCheck operation on a port stp mcheck You can configure mCheck variable on a port with either of the earlier-mentioned measures.
Page 214 Operation Manual – MSTP H3C S9500 Series Routing Switches Chapter 1 MSTP Configuration II. Root protection The primary and secondary root bridges of the spanning tree, especially those of CIST, shall be located in the same region. It is because the primary and secondary roots of CIST are generally placed in the core region with a high bandwidth in network design.
Page 215 Operation Manual – MSTP H3C S9500 Series Routing Switches Chapter 1 MSTP Configuration You can use the following command to configure the protection functions of the switch. Perform the following configuration in corresponding configuration modes. Table 1-28 Configure the switch protection function To do...
Page 216 Operation Manual – MSTP H3C S9500 Series Routing Switches Chapter 1 MSTP Configuration Caution: If the equipment connected to the port of the switch cannot send STP packets to the switch, do not configure the loop-protection command. Otherwise, the port may be congested for a long time.
Page 217 Operation Manual – MSTP H3C S9500 Series Routing Switches Chapter 1 MSTP Configuration Note: The port configured with loop protection can only turn into discarding state on every instance. That such a port receives no configuration message for a long time indicates that it is about to change its state and role.
Page 218 Operation Manual – MSTP H3C S9500 Series Routing Switches Chapter 1 MSTP Configuration Note that, disabling MSTP on Ethernet ports may result in redundant paths. MSTP can be enabled/disabled on a port through the following ways. Configuration in system view Table 1-30 Enable/Disable MSTP on a port To do...
Page 219 Operation Manual – MSTP H3C S9500 Series Routing Switches Chapter 1 MSTP Configuration Caution: It is recommended that after enabling STP, you disable the broadcasting function of BPDU to prevent the BPDU packets, which are received by ports that did not participate in the generation of spanning trees, from being forwarded to other ports, (which can cause errors during STP generations).
Page 220: Configuring Digest Snooping
Currently, S9500 series routing switches support legacy and standard MSTP packet format. When a switch connects to H3C devices, the switch will adopt the legacy STP packet format. When connecting to devices supporting standard STP, the switch will adopt standard STP packet format.
Page 221 Operation Manual – MSTP H3C S9500 Series Routing Switches Chapter 1 MSTP Configuration Note that: When implementing digest snooping in an MSTP region, make sure that the region configurations of the switches of different manufacturers are exactly the same to prevent possible broadcast storm caused by otherwise inconsistent mapping relationships between VLANs and VPN instances of each switch.
Page 222 Chapter 1 MSTP Configuration III. Digest snooping configuration example Network requirements All switches in Figure 1-9 are MSTP-enabled and have the same region configuration. All the switches except switch A are H3C switches. Network diagram Switch A GE2/1/1 GE2/1/2 GE1/1/1...
Page 223 Operation Manual – MSTP H3C S9500 Series Routing Switches Chapter 1 MSTP Configuration Agreement: Accepts the fast transition proposal of the opposite end. RSTP and MSTP request that a designated port of the upstream switch can perform fast transition after receiving the agreement packet from the downstream switch. RSTP...
Page 224 II. Configuring fast state transition Configuration prerequisites The S9500 series routing switch Switch A serves as the downstream switch and the switch from another vendor serves as the upstream switch. They have been connected correctly, as shown in Figure 1-12.
Page 225: Displaying And Debugging Mstp
Operation Manual – MSTP H3C S9500 Series Routing Switches Chapter 1 MSTP Configuration Table 1-36 Configure fast transition in system view To do... Use the command... Remarks Enter system view system-view — Required stp interface interface-type Enable fast transition interface-number...
Page 226 Operation Manual – MSTP H3C S9500 Series Routing Switches Chapter 1 MSTP Configuration To do... Use the command... Display the configuration information display stp region-configuration about the region display stp [ instance instanceid ] tc Display TC statistics { all | detected | received | sent }...
Page 227: Typical Mstp Configuration Example
Operation Manual – MSTP H3C S9500 Series Routing Switches Chapter 1 MSTP Configuration To do... Use the command... Enable debugging of the state machine debugging stp state-machine prt for port role transition Disable debugging of the state machine undo debugging stp state-machine...
Page 228 Operation Manual – MSTP H3C S9500 Series Routing Switches Chapter 1 MSTP Configuration access layer only. So the root of instance 1 can be configured as Switch A, root of instance 3 can be Switch B, and root of instance 4 can be Switch C.
Page 229 1.4.2 MSTP Hybrid Networking Configuration Example I. Network requirements Four switches form a mesh network. Three are S9500 series routing switches supporting MSTP and the other is an RSTP-capable switch from another vendor. The ports and VLANs are configured as shown in Figure 1-14.
Page 230 Operation Manual – MSTP H3C S9500 Series Routing Switches Chapter 1 MSTP Configuration II. Network diagram S9500 A S9500 B VLAN 100, 200 Eth3/1/1 Eth2/1/1 Eth3/1/2 Eth2/1/3 GE4/1/1 Eth2/1/2 VLAN 100 VLAN 200 Eth1/1/2 Eth3/1/2 Eth1/1/1 Eth3/1/1 Switch Eth1/1/3 S9500 C...
Page 231 Operation Manual – MSTP H3C S9500 Series Routing Switches Chapter 1 MSTP Configuration # Enable MSTP in system view. <S9500B> system-view [S9500B] stp enable # Configure the VLAN-to-MSTI mapping and region name of the MSTP region. Activate the MSTP region configuration.
Page 232 Operation Manual – BPDU Tunnel H3C S9500 Series Routing Switches Table of Contents Table of Contents Chapter 1 BPDU Tunneling Configuration.................. 1-1 1.1 BPDU Tunneling Overview ....................1-1 1.2 Configuring BPDU Tunneling..................... 1-2 1.2.1 Configuration Prerequisite..................1-2 1.2.2 Configuring BPDU Tunneling .................. 1-2...
Page 233 Note: At present, the S9500 series switches only support BPDU tunneling for STP packets (in a broad sense). For description about STP packets in a broad sense, refer to the MSTP Configuration in the Access Volume.
Page 234 Operation Manual – BPDU Tunnel H3C S9500 Series Routing Switches Chapter 1 BPDU Tunneling Configuration Figure 1-1 BPDU tunneling implementation 1.2 Configuring BPDU Tunneling 1.2.1 Configuration Prerequisite Ensure that MSTP is properly enabled on the customer networks. 1.2.2 Configuring BPDU Tunneling...
Page 235: Bpdu Tunneling Configuration Example
Operation Manual – BPDU Tunnel H3C S9500 Series Routing Switches Chapter 1 BPDU Tunneling Configuration Operation Command Description Required Enable BPDU tunneling bpdu-tunnel dot1q stp on the Ethernet port Disabled by default. 1.3 BPDU Tunneling Configuration Example I. Network requirements The switches Provider A, Provider B and Provider C act as the access devices of the service provider network.
Page 236 Operation Manual – BPDU Tunnel H3C S9500 Series Routing Switches Chapter 1 BPDU Tunneling Configuration [H3C] interface GigabitEthernet 1/1/1 [H3C-GigabitEthernet1/1/1] port link-type trunk [H3C-GigabitEthernet1/1/1] port trunk permit vlan 2 [H3C-GigabitEthernet1/1/1] port trunk pvid vlan 5 [H3C-GigabitEthernet1/1/1] interface GigabitEthernet 1/1/2 [H3C-GigabitEthernet1/1/2] port link-type trunk...
Page 237 Operation Manual – BPDU Tunnel H3C S9500 Series Routing Switches Chapter 1 BPDU Tunneling Configuration [H3C-GigabitEthernet3/1/2] port trunk pvid vlan 5 [H3C-GigabitEthernet3/1/2] interface GigabitEthernet 3/1/1 [H3C-GigabitEthernet3/1/1] port link-type trunk [H3C-GigabitEthernet3/1/1] port trunk permit vlan 2 [H3C-GigabitEthernet3/1/1] port trunk pvid vlan 5...
Page 238 Operation Manual – HVRP H3C S9500 Series Routing Switches Table of Contents Table of Contents Chapter 1 HVRP Configuration ....................1-1 1.1 Introduction to HVRP ......................1-1 1.1.1 Background ......................1-1 1.1.2 Basic Concepts of HVRP ..................1-1 1.1.3 Operating Mechanism of HVRP ................1-2 1.1.4 Network Topologies Supported by HVRP...............
Page 239 Operation Manual – HVRP H3C S9500 Series Routing Switches Chapter 1 HVRP Configuration Chapter 1 HVRP Configuration When configuring HVRP, go to these sections for information you are interested in: Introduction to HVRP Configuring HVRP Displaying and Maintaining HVRP Configuration HVRP Configuration Example 1.1 Introduction to HVRP...
Page 240 Operation Manual – HVRP H3C S9500 Series Routing Switches Chapter 1 HVRP Configuration IV. Designated HVRP ports A port with HVRP configured, also configured as a designated port on a spanning tree. V. Local VLANs Local VLANs are the VLANs to which the ports with HVRP disabled belong.
Page 241 Operation Manual – HVRP H3C S9500 Series Routing Switches Chapter 1 HVRP Configuration Figure 1-1 Illustrate HVRP VLAN Registration Each device sends out its local VLAN information periodically through the HVRP root port. Each device forwards the received local VLAN information through its root port, and in the meantime registers the local VLAN information received through the designated port on the receiving port.
Page 242 Operation Manual – HVRP H3C S9500 Series Routing Switches Chapter 1 HVRP Configuration HVRP-enabled port state changes (port up or down events), the system sends restore packets to have all the switches in the network reregister the aged VLANs on their previous ports.
Page 243 Operation Manual – HVRP H3C S9500 Series Routing Switches Chapter 1 HVRP Configuration The link between Switch 3 and Switch 4 is blocked by STP. The clients illustrated in Figure 1-2 include all clients connected with the device, including terminal clients and DSLAM clients.
Page 244 Operation Manual – HVRP H3C S9500 Series Routing Switches Chapter 1 HVRP Configuration 1.2.1 Configuring HVRP HVRP can be enabled in system view or in Ethernet port view. When HVRP is disabled globally in system view or disabled in Ethernet port view, all the other HVRP-dependent configurations will be disabled as a result.
Page 245 Operation Manual – HVRP H3C S9500 Series Routing Switches Chapter 1 HVRP Configuration Caution: HVRP enabled ports must be Trunk ports. Before enabling HVRP on a port, it is recommended to remove VLAN 1 from the port. You can enable HVRP for an Ethernet port only after enabling HVRP globally.
Page 246 Operation Manual – HVRP H3C S9500 Series Routing Switches Chapter 1 HVRP Configuration Caution: The VLAN registration timer must be smaller than the registered-VLAN aging interval. It is recommended that the latter be at least three times the former. On a ring topology, all devices must have the same VLAN registration timer.
Page 247 Operation Manual – HVRP H3C S9500 Series Routing Switches Chapter 1 HVRP Configuration A switch located on the intersection point of the intersected rings must be configured to age all the VLANs. Follow these steps to configure the system to age all the VLANs: To do …...
Page 248 <H3C> system-view System View: return to User View with Ctrl+Z. [H3C] interface Ethernet 3/1/1 [H3C-Ethernet3/1/1] port link-type trunk [H3C-Ethernet3/1/1] port trunk permit vlan 401 to 500 # Enable STP globally. [H3C-Ethernet3/1/1] quit [H3C] stp enable # Enable HVRP globally.
Page 249 Operation Manual – HVRP H3C S9500 Series Routing Switches Chapter 1 HVRP Configuration [H3C-Ethernet3/1/2] port trunk permit vlan 200 to 600 # Enable HVRP for Ethernet 3/1/2. [H3C-Ethernet3/1/2] hvrp enable The configuration of any other port in the STP ring is similar to that of Ethernet 3/1/2, and the configuration of a port directly connecting to a user is similar to that of Ethernet 3/1/1.
Page 250 Operation Manual – RRPP H3C S9500 Series Routing Switches Table of Contents Table of Contents Chapter 1 RRPP Configuration ....................1-1 1.1 RRPP Overview ......................... 1-1 1.1.1 Basic Concepts of RRPP ..................1-2 1.1.2 RRPP Packet Type ....................1-5 1.1.3 Typical RRPP Network Topologies ................. 1-5 1.1.4 Basic Principles of RRPP..................
Page 251: Rrpp Overview
Operation Manual – RRPP H3C S9500 Series Routing Switches Chapter 1 RRPP Configuration Chapter 1 RRPP Configuration Caution: The LSB1XP4CA0 and LSB1XP4B0 boards do not support RRPP. When configuring RRPP, go to these sections for information you are interested in:...
Page 252 Operation Manual – RRPP H3C S9500 Series Routing Switches Chapter 1 RRPP Configuration 1.1.1 Basic Concepts of RRPP Domain 1 Switch A Switch B Edge node Port 1 Port 1 Port 3 Master node Port 2 Port 2 Master node...
Page 253 Operation Manual – RRPP H3C S9500 Series Routing Switches Chapter 1 RRPP Configuration A data VLAN is used to transfer data packets. A data VLAN contains both the ports connected with the Ethernet ring and other ports. IV. Node Every switch on an Ethernet ring network is a node. A node can play any of the following roles: Master node: The node that initiates ring test and performs data loops prevention.
Page 254 Operation Manual – RRPP H3C S9500 Series Routing Switches Chapter 1 RRPP Configuration The primary port and secondary port of the master node are the same in functionality. Both are used for transmitting RRPPDUs and data packets of the RRPP ring.
Page 255 Operation Manual – RRPP H3C S9500 Series Routing Switches Chapter 1 RRPP Configuration Hello timer: Defines the time interval at which the primary port of the master node sends the health detection packet. Fail timer: Defines the timeout time for the secondary port of the master node to receive health detection packets.
Page 256 Operation Manual – RRPP H3C S9500 Series Routing Switches Chapter 1 RRPP Configuration I. Single ring Domain 1 Device A Device B Transit node Master node Ring 1 Transit node Transit node Device C Device D Figure 1-2 Single ring There is only one ring in the network topology.
Page 257 Operation Manual – RRPP H3C S9500 Series Routing Switches Chapter 1 RRPP Configuration III. Dual homed rings Domain 1 Edge node Switch A Switch B Switch E Ring 2 Master node Master node Ring 1 Master node Transit node Ring 3...
Page 258 Operation Manual – RRPP H3C S9500 Series Routing Switches Chapter 1 RRPP Configuration RRPP domain, and configure one ring as the primary ring and the other rings as subrings. V. Cross-domain intersecting rings Domain 2 Domain 1 Master node Transit node...
Page 259 Operation Manual – RRPP H3C S9500 Series Routing Switches Chapter 1 RRPP Configuration If the secondary port of the master node receives the health detection packet, this indicates that the ring link is complete, and the master node will keep the secondary port blocked.
Page 260: Master Node Configuration
Operation Manual – RRPP H3C S9500 Series Routing Switches Chapter 1 RRPP Configuration Domain 1 Switch A Switch B Edge node Master node Master node Ring 1 Ring 2 Switch E Transit node Switch C Switch D Assistant edge node...
Page 261 Operation Manual – RRPP H3C S9500 Series Routing Switches Chapter 1 RRPP Configuration To do ... Use the command ... Remarks Required Specify the current switch pri-port and sec-port each as the master node of a ring ring-id node-mode can be either a single port...
Page 262: Master Node Configuration Example
Operation Manual – RRPP H3C S9500 Series Routing Switches Chapter 1 RRPP Configuration Note: You are not recommended to configure a loopback port in the RRPP ring network, and you must not configure an RRPP port as a loopback port.
Page 263: Transit Node Configuration
Operation Manual – RRPP H3C S9500 Series Routing Switches Chapter 1 RRPP Configuration 1.3 Transit Node Configuration 1.3.1 Configuration Prerequisites The switch ports on the Ethernet ring have been configured as trunk ports which allow data VLAN packets to pass.
Page 264 Operation Manual – RRPP H3C S9500 Series Routing Switches Chapter 1 RRPP Configuration To clear the RRPP statistics information, use the reset rrpp statistics domain domain-id [ ring ring-id ] command. Caution: The control VLAN for the RRPP domain must not be a VLAN you have created on the switch, and you are not recommended to configure the same VLAN as both control VLAN and remote-probe VLAN.
Page 265: Edge Node Configuration
[H3C-Ethernet1/1/3] port link-aggregation group 2 Please wait... Done. [H3C-Ethernet1/1/3] quit [H3C] rrpp domain 1 [H3C-RRPP-Domain1] control-vlan 4092 [H3C-RRPP-Domain1] ring 1 node-mode transit primary-port Ethernet1/1/1 secondary-port link-aggregation 2 level 0 [H3C-RRPP-Domain1] ring 1 enable [H3C-RRPP-Domain1] quit [H3C] rrpp enable 1.4 Edge Node Configuration 1.4.1 Configuration Prerequisites...
Page 266 Operation Manual – RRPP H3C S9500 Series Routing Switches Chapter 1 RRPP Configuration To do ... Use the command ... Remarks Enter system view system-view — Required Create an RRPP domain, The command prompt of and enter RRPP domain rrpp domain domain-id...
Page 267: Edge Node Configuration Example
Operation Manual – RRPP H3C S9500 Series Routing Switches Chapter 1 RRPP Configuration To clear the RRPP statistics information, use the reset rrpp statistics domain domain-id [ ring ring-id ] command. Caution: The control VLAN for the RRPP domain must not be a VLAN you have created on the switch, and you are not recommended to configure the same VLAN as both control VLAN and remote-probe VLAN.
Page 268: Assistant Edge Node Configuration
[H3C] rrpp domain 1 [H3C-RRPP-Domain1] control-vlan 4092 [H3C-RRPP-Domain1] ring 1 node-mode transit primary-port Ethernet1/1/1 secondary-port link-aggregation 2 level 0 [H3C-RRPP-Domain1] ring 2 node-mode edge common-port link-aggregation 2 edge-port Ethernet 1/1/4 [H3C-RRPP-Domain1] ring 1 enable [H3C-RRPP-Domain1] ring 2 enable [H3C-RRPP-Domain1] quit [H3C] rrpp enable 1.5 Assistant Edge Node Configuration...
Page 269 Operation Manual – RRPP H3C S9500 Series Routing Switches Chapter 1 RRPP Configuration To do ... Use the command ... Remarks Enter system view system-view — Required Create an RRPP domain, The command prompt of and enter RRPP domain rrpp domain domain-id...
Page 270: Assistant Edge Node Configuration Example
Operation Manual – RRPP H3C S9500 Series Routing Switches Chapter 1 RRPP Configuration To clear the RRPP statistics information, use the reset rrpp statistics domain domain-id [ ring ring-id ] command. Caution: The control VLAN for the RRPP domain must not be a VLAN you have created on the switch, and you are not recommended to configure the same VLAN as both control VLAN and remote-probe VLAN.
Page 271: Displaying And Maintaining Rrpp
<H3C> system-view [H3C] rrpp domain 1 [H3C-RRPP-Domain1] control-vlan 4092 [H3C-RRPP-Domain1] ring 1 node-mode transit primary-port Ethernet1/1/1 secondary-port Ethernet1/1/2 level 0 [H3C-RRPP-Domain1] ring 2 node-mode assistant-edge common-port Ethernet 1/1/2 edge-port Ethernet 1/1/4 [H3C-RRPP-Domain1] ring 1 enable [H3C-RRPP-Domain1] ring 2 enable [H3C-RRPP-Domain1] quit [H3C] rrpp enable 1.6 Displaying and Maintaining RRPP...
Page 272 Operation Manual – RRPP H3C S9500 Series Routing Switches Chapter 1 RRPP Configuration 1.7 RRPP Configuration Examples Caution: For an RRPP ring network carrying VPLS traffic, you are not recommended to configure any port in the RRPP rings as a private VPLS network port. If this is necessary, be sure not to configure the secondary port of the RRPP master node as a private VPLS network port.
Page 273 [H3C-RRPP-Domain1] quit [H3C] rrpp enable Configure Switch B <H3C> system-view [H3C] rrpp domain 1 [H3C-RRPP-Domain1] control-vlan 4092 [H3C-RRPP-Domain1] ring 1 node-mode transit primary-port Ethernet1/1/1 secondary-port Ethernet1/1/2 level 0 [H3C-RRPP-Domain1] ring 1 enable [H3C-RRPP-Domain1] quit [H3C] rrpp enable Configure Switch C <H3C>...
Page 274 Operation Manual – RRPP H3C S9500 Series Routing Switches Chapter 1 RRPP Configuration [H3C-RRPP-domain1] ring 1 enable [H3C-RRPP-domain1] quit [H3C] rrpp enable Note: After the above configuration, you can use the display commands to view the RRPP configuration and packet statistics.
Page 275 Ethernet1/1/1 secondary-port Ethernet1/1/2 level 0 [H3C-RRPP-domain1] ring 1 enable [H3C-RRPP-domain1] quit [H3C] rrpp enable Configure Switch B <H3C> system-view [H3C] rrpp domain 1 [H3C-RRPP-domain1] control-vlan 4092 [H3C-RRPP-domain1] ring 1 node-mode transit primary-port Ethernet1/1/1 secondary-port Ethernet1/1/2 level 0 1-25...
Page 276 Operation Manual – RRPP H3C S9500 Series Routing Switches Chapter 1 RRPP Configuration [H3C-rrpp-domain1] ring 2 node-mode edge common-port ethernet 1/1/2 edge-port ethernet 1/1/3 [H3C-RRPP-domain1] ring 1 enable [H3C-RRPP-domain1] ring 2 enable [H3C-RRPP-domain1] quit [H3C] rrpp enable Configure Switch C <H3C>...
Page 277 Operation Manual – RRPP H3C S9500 Series Routing Switches Chapter 1 RRPP Configuration 1.7.3 Cross-Domain Intersecting Ring Network Configuration Example I. Network requirements Switch A, Switch B, Switch C, Switch D form RRPP domain 1; Switch E, Switch F, Switch C, and Switch B form RRPP domain 2.
Page 278 Operation Manual – RRPP H3C S9500 Series Routing Switches Chapter 1 RRPP Configuration III. Configuration procedure Caution: The switch ports on the Ethernet rings have been configured as trunk ports which allow data VLAN packets to pass. To make sure the data VLANs in different domains are not the same, especially the ports in VLAN 1 (the default VLAN) do not form a ring, execute the undo port trunk permit vlan 1 command on each RRPP port.
Page 279 Operation Manual – RRPP H3C S9500 Series Routing Switches Chapter 1 RRPP Configuration [SwitchC-rrpp-domain1] quit [SwitchC] rrpp domain 2 [SwitchC-rrpp-domain2] control-vlan 4092 [SwitchC-rrpp-domain2] ring 2 node-mode transit primary-port ethernet 1/1/3 secondary-port ethernet 1/1/2 level 0 [SwitchC-rrpp-domain2] ring 2 enable [SwitchC-rrpp-domain2] quit...
Page 280 Operation Manual – RPR H3C S9500 Series Routing Switches Table of Contents Table of Contents Chapter 1 RPR Port Configuration ....................1-1 1.1 Introduction ........................1-1 1.1.1 RPR Overview......................1-1 1.1.2 RPR Port Overview ....................1-1 1.2 RPR Ports Configuration ....................1-2 1.2.1 Configuration Prerequisites..................
Page 281 Operation Manual – RPR H3C S9500 Series Routing Switches Table of Contents Chapter 5 Distributed RPR Configuration .................. 5-1 5.1 Introduction ........................5-1 5.1.1 Distributed RPR Overview ..................5-1 5.1.2 Distributed RPR Mechanism ................... 5-1 5.1.3 Mate Port Overview....................5-1 5.2 Distributed RPR Configuration...................
Page 282 Operation Manual – RPR H3C S9500 Series Routing Switches Chapter 1 RPR Port Configuration Chapter 1 RPR Port Configuration When configuring RPR, go to these sections for information you are interested in: Introduction RPR Ports Configuration RPR Layer 2 Tunnel Overview...
Page 283 Operation Manual – RPR H3C S9500 Series Routing Switches Chapter 1 RPR Port Configuration 1.2 RPR Ports Configuration 1.2.1 Configuration Prerequisites Note: Many configuration commands for an RPR logical interface are the same as configuration commands for an RPR port. An RPR logical interface can adopt the...
Page 284 Operation Manual – RPR H3C S9500 Series Routing Switches Chapter 1 RPR Port Configuration To do… Use the command… Remarks Optional Note that: receiving sending sub-rings for port 1 on the panel are Ringlet0 and Ringlet1 respectively. receiving and sending...
Page 285 Operation Manual – RPR H3C S9500 Series Routing Switches Chapter 1 RPR Port Configuration To do… Use the command… Remarks Optional Set protection recovery rpr reversion-mode The default RPR mode { revertive | non-revertive} protection recovery mode is revertive. Optional...
Page 286 Operation Manual – RPR H3C S9500 Series Routing Switches Chapter 1 RPR Port Configuration To do… Use the command… Remarks Optional By default, the MAC address of the RPR Change the MAC station is the MAC address of the RPR...
Page 287 Operation Manual – RPR H3C S9500 Series Routing Switches Chapter 1 RPR Port Configuration To do… Use the command… Remarks Optional display rpr defect Display all RPR [ { RprPos | Rpr10GE | This command can be defects. RprGE } interface-number ] executed in any view.
Page 288 Operation Manual – RPR H3C S9500 Series Routing Switches Chapter 1 RPR Port Configuration 1.2.3 RPR Configuration Example I. Network requirements Use a pair of optic fiber cables to connect the RPR ports of Node A, Node B, Node C and Node D.
Page 289 Operation Manual – RPR H3C S9500 Series Routing Switches Chapter 1 RPR Port Configuration 1.3 RPR Layer 2 Tunnel Overview In the current RPR data forwarding mode, the protocol forwards Layer 2 traffic in flooding mode, that is, broadcasts traffic on the ring. In this mode, every node replicates one copy to itself when receiving a packet and then continues to forward this packet until this packet goes back to the source node.
Page 290 1.3.3 RPR Layer 2 Tunneling Configuration Example I. Network requirements H3C A, H3C B, H3C C and H3C D form a ring through RPR interfaces. Assign the RPR ports of H3C A and H3C C to VLAN 500. Configure station names DUTA, DUTB, DUTC, and DUTD for each station respectively.
Page 291: Troubleshooting
Operation Manual – RPR H3C S9500 Series Routing Switches Chapter 1 RPR Port Configuration # Add RPR ports and GE ports to this VLAN. [H3C_A-vlan500] port GigabitEthernet 2/1/1 [H3C_A-vlan500] quit [H3C_A] interface RprPos 4/1/1 [H3C_A-RprPos4/1/1] port link-type trunk [H3c_A-RprPos] undo port trunk permit vlan 1 [H3C_A-RprPos4/1/1] port trunk permit vlan 500 # Configure the station name DUTA for this RPR station.
Page 292 Operation Manual – RPR H3C S9500 Series Routing Switches Chapter 1 RPR Port Configuration Check to see if the RPR eastbound physical port is connected to the RPR westbound physical port. Symptom 2: RPR Layer 2 tunnels do not take effect.
Page 293 Operation Manual – RPR H3C S9500 Series Routing Switches Chapter 1 RPR Port Configuration To do… Use the command… Remarks Display the traffic display rpr statistics statistics information of { dmac | smac } mac packets from other nodes address [ { RprPos | —...
Page 294 Operation Manual – RPR Chapter 2 RPR Layer 2 Extended Application H3C S9500 Series Routing Switches Configuration Chapter 2 RPR Layer 2 Extended Application Configuration When configuring RPR Layer 2 extended applications, go to these sections for information you are interested in:...
Page 295 Operation Manual – RPR Chapter 2 RPR Layer 2 Extended Application H3C S9500 Series Routing Switches Configuration corresponding Layer 2 tunnels. The two configurations (that is, binding ports and creating Layer 2 tunnels) can be performed separately. Follow these steps to configure RPR Layer 2 tunnel-BAS collaboration: To do…...
Page 296 Operation Manual – RPR Chapter 2 RPR Layer 2 Extended Application H3C S9500 Series Routing Switches Configuration To do… Use the command… Remarks display rpr tunnel-track { all | rpr-interface Optional Display the information interface-type about RPR Layer 2 interface-number [ to...
Page 297 VLAN 300. [H3C] interface GigabitEthernet 2/1/1 [H3C-GigabitEthernet2/1/1] port link-type trunk [H3C-GigabitEthernet2/1/1] undo port trunk permit vlan 1 [H3C-GigabitEthernet2/1/1] port trunk permit vlan 2 to 300 [H3C-GigabitEthernet2/1/1] quit [H3C] interface RprPos 4/1/1 [H3C-RprPos4/1/1] port link-type trunk [H3C-RprPos4/1/1] undo port trunk permit vlan 1 [H3C-RprPos4/1/1] port trunk permit vlan 2 to 300 # Configure the name of the RPR station as DUTA.
Page 298 [H3C-RprPos4/1/1] rpr tunnel vlan 2 range 299 dest-mac 00e0-fc01-0103 ringlet0 # Bind the tunnel created for VLAN 2 through VLAN 300 to GigabitEthernet 2/1/1. [H3C] rpr tunnel track GigabitEthernet2/1/1 to RprPos 4/1/1 vlan 2 to 300 trigger-shutdown Configure Switch B.
Page 299 [H3C-RprPos4/1/1] rpr tunnel vlan 2 range 299 dest-mac 00e0-fc01-0103 ringlet0 # Bind the tunnel created for VLAN 2 through VLAN 300 to GigabitEthernet 2/1/1. [H3C] rpr tunnel track GigabitEthernet2/1/1 to RprPos4/1/1 vlan 2 to 300 trigger-shutdown 2.2 RPR Tunnel-Ringlet Force Binding 2.2.1 Introduction...
Page 300 Operation Manual – RPR Chapter 2 RPR Layer 2 Extended Application H3C S9500 Series Routing Switches Configuration 2.2.2 Tunnel-Ringlet Force Binding Configuration Follow these steps to configure RPR tunnel-ringlet force binding: To do… Use the command… Remarks Enter system view system-view —...
Page 301 Operation Manual – RPR Chapter 2 RPR Layer 2 Extended Application H3C S9500 Series Routing Switches Configuration Note: Do not specify the member port of an aggregation port as a collaboration port. Make sure one collaboration port maps to only one VLAN tunnel.
Page 302 # Configure packets of VLAN 100 to be tunneled to the destination address station, bind tunnel to ringlet0 and configure GigabitEthernet 2/1/1 as a collaboration port. [H3C-RprPos4/1/1] rpr tunnel vlan 100 dest-mac 00e0-fc01-0101 ringlet0 force-ringlet monitor-port GigabitEthernet2/1/1 # Configure packets of VLAN 200 to be tunneled to the destination address station, bind tunnel to ringlet1 and configure GigabitEthernet 2/1/2 as a collaboration port.
Page 303 Operation Manual – RPR Chapter 2 RPR Layer 2 Extended Application H3C S9500 Series Routing Switches Configuration In case of link failure between Switch A and Switch B, GigabitEthernet 2/1/1 on Switch A automatically shuts down and GigabitEthernet 2/1/2 automatically goes up so that traffic from VLAN 100 is forwarded through VLAN 200.
Page 304 Operation Manual – RPR H3C S9500 Series Routing Switches Chapter 3 VRRP over RPR Configuration Chapter 3 VRRP over RPR Configuration When configuring VRRP over RPR, go to these sections for information you are interested in: Introduction VRRP over RPR Configuration Configuration Example 3.1 Introduction...
Page 305 Operation Manual – RPR H3C S9500 Series Routing Switches Chapter 3 VRRP over RPR Configuration II. Basic concepts of RPR RPR operates on Layer 2 of the OSI (open system interconnection) protocol stack. It enables flexible and effective MAN solutions.
Page 306 Operation Manual – RPR H3C S9500 Series Routing Switches Chapter 3 VRRP over RPR Configuration Follow these steps to configure VRRP over RPR: To do… Use the command… Remarks Enter system view system-view — Create a VLAN vlan vlan-id Required...
Page 307 System View: return to User View with Ctrl+Z. [H3C] vlan 10 [H3C-vlan10] port RprPos4/1/1 [H3C-vlan10] interface Vlan-interface 10 [H3C-Vlan-interface10] ip address 10.10.10.10 255.255.255.0 [H3C-Vlan-interface10] vrrp vrid 10 virtual-ip 10.10.10.1 [H3C-Vlan-interface10] vrrp vrid 10 priority 200 [H3C-Vlan-interface10] vrrp vrid 10 track interface Vlan-interface20 reduced [H3C-Vlan-interface10] quit...
Page 308 VRRP group 10 (assuming that the MAC address of the adjacent node, Node C, is 00e0-fc5a-edbc). Bind RPRPOS 7/1/1 to VRRP group 20. [H3C] interface RprPos4/1/1 [H3C-RprPos4/1/1] Rpr vrrp vird 10 vlan 10 mate 00e0-fc5a-edbc group 1 [H3C-RprPos4/1/1] interface RprPos7/1/1 [H3C-RprPos7/1/1] Rpr vrrp vird 20 vlan 20 mate 00e0-fc5a-edbc group 1 Configure Node C # Create VRRP groups on VLAN-interface10 and VLAN-interface20.
Page 309 VRRP group 10 (assuming that the MAC address of the adjacent node, Node B, is 00e0-fc01-8504). Bind RPRPOS 7/1/1 to VRRP group 20. [H3C] interface RprPos3/1/1 [H3C-RprPos3/1/1] Rpr vrrp vird 10 vlan 10 mate 00e0-fc01-8504 group 1 [H3C-RprPos3/1/1] interface RprPos7/1/1 [H3C-RprPos7/1/1] Rpr vrrp vird 20 vlan 20 mate 00e0-fc01-8504 group 1 Configure Node A <H3C>...
Page 310 : 10 Mate MAC : 00e0-fc5a-edbc State : Master Local Pri : 200 Remote Pri : 100 <H3C> display rpr vrrp RprPos7/1/1 group 1 Group ID Interface : RprPos7/1/1 Vlan ID : 20 VRID : 20 Mate MAC : 00e0-fc5a-edbc...
Page 311 Operation Manual – RPR H3C S9500 Series Routing Switches Chapter 4 RPR Intersecting Rings Configuration Chapter 4 RPR Intersecting Rings Configuration When configuring RPR intersecting rings, go to these sections for information you are interested in: Introduction RPR Intersecting Rings Configuration Configuration Example 4.1 Introduction...
Page 312 Operation Manual – RPR H3C S9500 Series Routing Switches Chapter 4 RPR Intersecting Rings Configuration forwarding. However, if the slave ring on the master device fails, switching will not occur and the slave port on the slave device forwards data.
Page 313 Operation Manual – RPR H3C S9500 Series Routing Switches Chapter 4 RPR Intersecting Rings Configuration To do… Use the command… Remarks interface { RprPos | Enter RPR logical Rpr10GE } — interface view interface-number Optional By default, an RPR logical interface is not configured as a master or slave ring.
Page 314 Operation Manual – RPR H3C S9500 Series Routing Switches Chapter 4 RPR Intersecting Rings Configuration Note: The member port of an aggregation group can serve as the collaboration port of an instance. However, only the status of this port rather than the status of the aggregation group participates in the role calculation.
Page 315 [H3C-mst-region] quit # Assign the RPR ports and GE port to the specified VLANs respectively as required. [H3C] interface GigabitEthernet0/1/1 [H3C-GigabitEthernet0/1/1] port link-type trunk [H3C-GigabitEthernet0/1/1] undo port trunk permit vlan 1 [H3C-GigabitEthernet0/1/1] port trunk permit vlan 2 to 100 [H3C-GigabitEthernet0/1/1] quit...
Page 316 Chapter 4 RPR Intersecting Rings Configuration [H3C] interface RprPos 3/1/1 [H3C-RprPos3/1/1] port link-type trunk [H3C-RprPos3/1/1] undo port trunk permit vlan 1 [H3C-RprPos3/1/1] port trunk permit vlan 2 to 100 [H3C-RprPos3/1/1] port trunk permit vlan 2000 to 3000 [H3C-RprPos3/1/1] quit [H3C] interface RprPos 4/1/1...
Page 317 # Assign the RPR ports and GE port to the specified VLANs respectively as required. [H3C] interface GigabitEthernet5/1/1 [H3C-GigabitEthernet5/1/1] port link-type trunk [H3C-GigabitEthernet5/1/1] undo port trunk permit vlan 1 [H3C-GigabitEthernet5/1/1] port trunk permit vlan 2 to 100 [H3C-GigabitEthernet5/1/1] quit [H3C] interface RprPos 0/1/1 [H3C-RprPos0/1/1] port link-type trunk...
Page 318 # Assign RPRPOS 5/1/1 to VLAN 2000 through VLAN 3000. [H3C] interface RprPos 5/1/1 [H3C-RprPos5/1/1] port link-type trunk [H3C-RprPos5/1/1] undo port trunk permit vlan 1 [H3C-RprPos5/1/1] port trunk permit vlan 2000 to 3000 Configure Switch D # Create VLAN 2000 through VLAN 3000. <H3C> system-view [H3C] vlan 2000 to 3000 # Assign RPRPOS 0/1/1 to VLAN 2000 through VLAN 3000.
Page 319 Operation Manual – RPR H3C S9500 Series Routing Switches Chapter 4 RPR Intersecting Rings Configuration [H3C-GigabitEthernet0/1/1] port trunk permit vlan 2 to 100 [H3C-GigabitEthernet0/1/1] quit [H3C] interface RprPos 3/1/1 [H3C-RprPos3/1/1] port link-type trunk [H3C-RprPos3/1/1] undo port trunk permit vlan 1...
Page 320 RPR is a high-reliability ring-network technology. With RPR employed, link switchover can be completed within 50 ms. The RPR station fails when the card where the two RPR physical ports are located goes down. For better performance, S9500 series implement the distributed RPR feature.
Page 321 Operation Manual – RPR H3C S9500 Series Routing Switches Chapter 5 Distributed RPR Configuration Figure 5-1 Distributed RPR In this way, if the RPR ringlet on Switch A fails (Line 1 or Line 2 in Figure 5-2), Switch A automatically detects the fault and turns down the RPR logical interfaces RPRPOS 3/1/1 and RPRPOS 5/1/1.
Page 322 I. Network requirements H3C A, H3C B, H3C C, and H3C D form an RPR. Configure distributed RPR on H3C A. The RPR logical interfaces of the two RPR boards are RPRPOS 3/1/1 and RPRPOS 5/1/1. Connect the mate ports RPRPOS...
Page 323 Operation Manual – RPR H3C S9500 Series Routing Switches Chapter 5 Distributed RPR Configuration II. Network diagram Figure 5-3 Network diagram for distributed RPR III. Configuration procedure Note: Only distributed RPR-related configurations are listed. <H3C> system-view [H3C] link-aggregation group 1 mode manual...
Page 324 Operation Manual H3C S9500 Series Routing Switches IP Services Volume Organization Manual Version T2-08165E-20081225-C-1.24 Product Version S9500-CMW310-R1648 Organization The IP Services Volume is organized as follows: Features (operation Description manual) Address Resolution Protocol (ARP) is used to resolve an IP address into a data link layer address.
Page 325 Operation Manual H3C S9500 Series Routing Switches IP Services Volume Organization Features (operation Description manual) UDP Helper (UDPH) functions as a relay agent that converts UDP broadcast packets into unicast packets and forwards them to a specified server. The volume describes:...
Page 326 Operation Manual – ARP H3C S9500 Series Routing Switches Table of Contents Table of Contents Chapter 1 ARP Configuration....................... 1-1 1.1 Introduction to ARP......................1-1 1.2 Configuring ARP ........................ 1-3 1.2.1 Enabling/Disabling ARP Entry Checking ..............1-3 1.2.2 Adding/Deleting a Static ARP Entry ................ 1-3 1.2.3 Configuring the Dynamic ARP Aging Timer............
Page 327: Chapter 1 Arp Configuration
Operation Manual – ARP H3C S9500 Series Routing Switches Chapter 1 ARP Configuration Chapter 1 ARP Configuration When configuring ARP, go to these sections for information you are interested in: Introduction to ARP Configuring ARP Displaying and Debugging ARP 1.1 Introduction to ARP Address resolution protocol (ARP) is used to resolve an IP address into a MAC address.
Page 328 IP address of Host B. After obtaining the MAC address of Host B, the gateway sends the packet to Host B. III. ARP concepts ARP entries used in S9500 series routing switches include dynamic ARP entries and static ARP entries. Dynamic ARP entries are automatically created and maintained by the ARP protocol through ARP packets.
Page 329: Configuring Arp
Operation Manual – ARP H3C S9500 Series Routing Switches Chapter 1 ARP Configuration 1.2 Configuring ARP The ARP table can be maintained dynamically or manually. Usually, the manually configured mappings are known as static ARP entries. The user can display, add or delete such entries with commands.
Page 330: Configuring The Dynamic Arp Aging Timer
Operation Manual – ARP H3C S9500 Series Routing Switches Chapter 1 ARP Configuration As long as a switch operates, its static ARP entries remain valid unless you change or remove a VLAN interface, remove a VLAN, or remove a port from a VLAN.
Page 331 Operation Manual – ARP H3C S9500 Series Routing Switches Chapter 1 ARP Configuration To do… Use the command… Remarks Enter system view system-view — Add a port for the arp static ip-address mac-address vlan-id multicast ARP multi-port interface-type interface-number —...
Page 332: Proxy Arp Configuration
Operation Manual – ARP H3C S9500 Series Routing Switches Chapter 1 ARP Configuration 1.2.5 Proxy ARP Configuration I. Enable proxy ARP for Sub-VLANs With the super VLAN function enabled, a device also needs to be enabled with the proxy ARP function for Layer 3 communications between sub-VLANs. If you enable the proxy ARP function on a device that is connected to two sub-VLANs, the device forwards packets between the sub-VLANs at Layer 3.
Page 333 Operation Manual – ARP H3C S9500 Series Routing Switches Chapter 1 ARP Configuration III. Enable local proxy ARP With local proxy ARP enabled, the device directly sends back an ARP response if it receives an ARP request whose sender and target IP addresses are on the same network segment as the receiving VLAN interface.
Page 334: Displaying And Debugging Arp
Operation Manual – ARP H3C S9500 Series Routing Switches Chapter 1 ARP Configuration II. Gratuitous ARP packet learning configuration Follow these steps to configure the gratuitous ARP packet learning function: To do… Use the command… Remarks Enter system view system-view —...
Page 335 Operation Manual – ARP H3C S9500 Series Routing Switches Chapter 1 ARP Configuration To do… Use the command… Remarks reset arp [ dynamic | static | Clear specified ARP entries interface { interface-type interface-number } | all ] Available in...
Page 336: Introduction To Arp Table Size Configuration
Operation Manual – ARP H3C S9500 Series Routing Switches Chapter 2 ARP Table Size Configuration Chapter 2 ARP Table Size Configuration When configuring the ARP table size, go to these sections for information you are interested in: Introduction to ARP Table Size Configuration...
Page 337 Operation Manual – ARP H3C S9500 Series Routing Switches Chapter 2 ARP Table Size Configuration Note: You can distinguish the model suffix of a card by the silkscreen at the upper right corner of the front panel. For example, the silkscreen of the LSB1GP12B0 card is GP12B, and so the suffix of this card is B.
Page 338: Displaying Arp Table Size Configuration
2.4 ARP Table Size Configuration Example I. Network requirements A host is connected to an S9500 series routing switch. The model names of all the cards in the switch system are suffixed with C, CA, or CB.
Page 339 Operation Manual – ARP H3C S9500 Series Routing Switches Chapter 2 ARP Table Size Configuration II. Network diagram Switch Figure 2-1 Diagram for ARP table size configuration III. Configuration procedure # Configure the maximum number of ARP entries supported by the whole switch as 64K.
Page 340 Operation Manual – ARP H3C S9500 Series Routing Switches Chapter 3 ARP Attack Prevention Configuration Chapter 3 ARP Attack Prevention Configuration When configuring ARP attack prevention, go to these sections for information you are interested in: ARP Spoofing Attack Prevention...
Page 341 By forging the ARP packets from A, the attacker B changes the ARP entry of A on G, thereby disconnecting A from G. To prevent ARP source address spoofing attacks, the S9500 series switches provide the following methods. I. Fixed MAC addresses For a dynamic ARP entry already learned by the switch, the corresponding MAC address cannot be modified by learning a new MAC address through ARP.
Page 342 As a result, the hosts are unable to access the network. Such an attack is called an ARP duplicate gateway attack. To prevent such attacks, S9500 series switches provide the duplicate gateway attack prevention function. If any of the following conditions occurs, the system generates an...
Page 343 MAC address is just one kind of attacks, which affects ARP entry learning of the switch. S9500 series switches can detect and prevent such ARP packet attacks. If the number of ARP packets with a fixed source MAC address received by the switch CPU reaches the set threshold within a certain period, the user with this MAC address is considered an attacker.
Page 344 Operation Manual – ARP H3C S9500 Series Routing Switches Chapter 3 ARP Attack Prevention Configuration 3.3.2 Configuring ARP Packet Attack Prevention Follow these steps to configure ARP packet attack prevention: To do… Use the command… Remarks Enter system view system-view —...
Page 345 Operation Manual – ARP H3C S9500 Series Routing Switches Chapter 3 ARP Attack Prevention Configuration 3.4 ARP Attack Prevention Configuration Example I. Network requirements An S9500 switch (Switch 1) is connected to two low-end switches Switch 3 and Switch 2 through Ethernet 1/1/1 and Ethernet 1/1/2, respectively.
Page 346 Operation Manual – ARP H3C S9500 Series Routing Switches Chapter 3 ARP Attack Prevention Configuration [Switch1] anti-attack arp threshold 40 # Configure the aging time for ARP packet attack prevention entries to 300 seconds. [Switch1] anti-attack arp aging-time 300 # Configure the protective MAC address for ARP packet attack prevention to 0-0-1.
Page 347 With the expansion of the Internet and the increase of Internet users, network devices are susceptible to attacks. You can configure the IP packet attack prevention function on S9500 series switches to defend against IP packet attacks or unknown multicast attacks.
Page 348 Operation Manual – ARP H3C S9500 Series Routing Switches Chapter 4 IP Packet Attack Prevention Configuration Note: Currently, the anti-attack ttl1 enable slot command is supported only on the cards suffixed with DB or DC.
Page 349 Operation Manual – IP Address H3C S9500 Series Routing Switches Table of Contents Table of Contents Chapter 1 IP Address Configuration ................... 1-1 1.1 Introduction to IP Addresses....................1-1 1.1.1 IP Address Classification and Representation............1-1 1.1.2 Subnet and Mask ....................1-3 1.2 Configuring IP Addresses ....................
Page 350: Introduction To Ip Addresses
Operation Manual – IP Address H3C S9500 Series Routing Switches Chapter 1 IP Address Configuration Chapter 1 IP Address Configuration When configuring IP address, go to these sections for information you are interested in: Introduction to IP Addresses Configuring IP Addresses...
Page 351 Operation Manual – IP Address H3C S9500 Series Routing Switches Chapter 1 IP Address Configuration The IP address is in dotted decimal format. Each IP address contains four integers in dotted decimal notation. Each integer corresponds to one byte, for example, 10.110.50.101.
Page 352: Subnet And Mask
Operation Manual – IP Address H3C S9500 Series Routing Switches Chapter 1 IP Address Configuration Network class Address range Note Addresses of class D are multicast addresses, among which: IP address 224.0.0.0 is reserved and will not be allocated. Those from 224.0.0.1 to 224.0.0.255 are reserved for routing...
Page 353: Configuring Ip Addresses
Operation Manual – IP Address H3C S9500 Series Routing Switches Chapter 1 IP Address Configuration ClassB ClassB 10001010, 00100110, 000 00000, 00000000 10001010, 00100110, 000 00000, 00000000 138.38.0.0 138.38.0.0 Standard Standard Standard Standard Standard 11111111, 11111111, 000 00000, 00000000 11111111, 11111111, 000 00000, 00000000...
Page 354 Operation Manual – IP Address H3C S9500 Series Routing Switches Chapter 1 IP Address Configuration addresses for an interface at most, so that it can be connected to more subnets. Among these IP addresses, one is the primary IP address and all others are secondary.
Page 355 Operation Manual – IP Address H3C S9500 Series Routing Switches Chapter 1 IP Address Configuration 1.2.3 IP Address Protection Configuration I. How IP address protection works The IP address protection function stores IP-MAC bindings for legal users to filter illegal users.
Page 356: Ip Address Configuration Example
Operation Manual – IP Address H3C S9500 Series Routing Switches Chapter 1 IP Address Configuration Caution: The MAC address auto filling function is enabled only after the IP address protection function is enabled on the interface. Once an auto-fill ARP entry is filled with a MAC address, the entry becomes a normal static ARP entry and cannot be filled again.
Page 357: Troubleshooting Ip Address Configuration
Operation Manual – IP Address H3C S9500 Series Routing Switches Chapter 1 IP Address Configuration [H3C-Vlan-interface1] ip address 129.2.2.1 255.255.255.0 1.5 Troubleshooting IP Address Configuration Fault 1: The switch cannot ping through a certain host in the LAN. Troubleshooting can be performed as follows: Check the configuration of the switch.
Page 358 Operation Manual – VRRP H3C S9500 Series Routing Switches Table of Contents Table of Contents Chapter 1 VRRP Configuration ....................1-1 1.1 Introduction to VRRP ......................1-1 1.2 Configuring VRRP ......................1-2 1.2.1 Configuring the Function of Pinging the Virtual IP Address........1-3 1.2.2 Configuring the TTL Value Check for VRRP Packets..........
Page 359: Introduction To Vrrp
Operation Manual – VRRP H3C S9500 Series Routing Switches Chapter 1 VRRP Configuration Chapter 1 VRRP Configuration When configuring VRRP, go to these sections for information you are interested in: Introduction to VRRP Configuring VRRP Displaying and Debugging VRRP VRRP Configuration Examples Troubleshooting VRRP 1.1 Introduction to VRRP...
Page 360: Configuring Vrrp
Operation Manual – VRRP H3C S9500 Series Routing Switches Chapter 1 VRRP Configuration Network Actual IP address10.100.10.3 Actual IP address10.100.10.2 Master Backup Virtual IP address10.100.10.1 Virtual IP address10.100.10.1 Ethernet 10.100.10.7 10.100.10.8 10.100.10.9 Host 1 Host 2 Host 3 Figure 1-2 Network diagram for virtual router This virtual router has its own IP address: 10.100.10.1 (which can be the interface...
Page 361 Depending on the chips installed, some switches support mapping one virtual IP address to multiple MAC addresses. S9500 series not only guarantee correct data forwarding in the subnet, but also allow you to specify a mapping mode, either virtual IP address to real MAC address mapping or virtual IP address to virtual MAC address mapping.
Page 362 Operation Manual – VRRP H3C S9500 Series Routing Switches Chapter 1 VRRP Configuration To do… Use the command… Specify a mapping mode for the virtual vrrp method { real-mac | virtual-mac } IP address Restore the default undo vrrp method By default, the virtual IP address of the virtual router corresponds to the virtual MAC address.
Page 363 Operation Manual – VRRP H3C S9500 Series Routing Switches Chapter 1 VRRP Configuration To do… Use the command… Configure a priority for the switch in the vrrp vrid virtual-router-id priority virtual router. priority Remove the priority setting of the switch undo vrrp vrid virtual-router-id priority The priority ranges from 0 to 255.
Page 364: Configuring Authentication Type And Authentication Key
Operation Manual – VRRP H3C S9500 Series Routing Switches Chapter 1 VRRP Configuration The delay in seconds ranges from 0 to 255. By default, the preemption mode is enabled with a delay of 0 seconds. Note: If preemption mode is disabled, the delay will automatically become 0 seconds.
Page 365 Operation Manual – VRRP H3C S9500 Series Routing Switches Chapter 1 VRRP Configuration Note: The same authentication type and authentication key should be configured for all VLAN interfaces that belong to the virtual router. 1.2.8 Configuring the Interval for Sending VRRP Packets on the Master The master switch advertises its normal operation state to the backup switch by sending VRRP packets regularly (at adver-interval).
Page 366 Operation Manual – VRRP H3C S9500 Series Routing Switches Chapter 1 VRRP Configuration specified by value-reduced. Then the backup switch with the highest priority becomes the new master. Perform the following configuration in VLAN interface view to configure the switch to track a specified interface: To do…...
Page 367 Operation Manual – VRRP H3C S9500 Series Routing Switches Chapter 1 VRRP Configuration Caution: Before you configure VRRP link monitoring, it is required that no physical loop exists and the spanning tree protocol (STP) is not enabled on the network.
Page 368 This mechanism causes delay in state switching and is not applicable to network environments that require fast state switching because it may interrupt traffic temporarily. To solve this problem, S9500 series switches support the fast switch function for the virtual router.
Page 369: Displaying And Debugging Vrrp
Operation Manual – VRRP H3C S9500 Series Routing Switches Chapter 1 VRRP Configuration Perform the following configuration in VLAN interface view to enable/disable the fast switch function for a virtual router: To do… Use the command… Enable the fast switch function...
Page 370: Vrrp Configuration Examples
Operation Manual – VRRP H3C S9500 Series Routing Switches Chapter 1 VRRP Configuration 1.4 VRRP Configuration Examples 1.4.1 Single VRRP Group Configuration Example I. Network requirements Host A takes the VRRP virtual router containing switch A and switch B as its default gateway to access host B on the Internet.
Page 371: Vrrp Interface Tracking Configuration Example
Operation Manual – VRRP H3C S9500 Series Routing Switches Chapter 1 VRRP Configuration [LSW_A-vlan-interface2] vrrp vrid 1 priority 110 [LSW-A-vlan-interface2] vrrp vrid 1 preempt-mode Configure switch B # Configure VLAN2. [LSW-B] vlan 2 [LSW-B-vlan2] interface vlan 2 [LSW-B-vlan-interface2] ip address 202.38.160.2 255.255.255.0 [LSW-B-vlan-interface2] quit # Configure VRRP.
Page 372 Operation Manual – VRRP H3C S9500 Series Routing Switches Chapter 1 VRRP Configuration [H3CLSW-A ] vrrp ping-enable # Create the VRRP virtual router. [LSW-A] interface vlan 2 [LSW_A-vlan-interface2] vrrp vrid 1 virtual-ip 202.38.160.111 # Set the priority for the virtual router.
Page 373 Operation Manual – VRRP H3C S9500 Series Routing Switches Chapter 1 VRRP Configuration No physical loops exist between Switch A, Switch B and Host Server, and STP is not enabled. Switch A is the master while Switch B is the backup. No physical link is available between Switch A and Host Server.
Page 374 Operation Manual – VRRP H3C S9500 Series Routing Switches Chapter 1 VRRP Configuration # Set the VRRP priority for Switch A. [LSW-A-vlan-interface2] vrrp vrid 1 priority 110 Configure Switch B # Configure VLAN 2. <LSW-B> system-view [LSW-B] vlan 2 [LSW-B-vlan2] interface vlan 2 [LSW-B-vlan-interface2] ip address 10.1.1.2 255.255.255.0...
Page 375 Operation Manual – VRRP H3C S9500 Series Routing Switches Chapter 1 VRRP Configuration III. Configuration procedure Configure Switch A # Configure VLAN 2. [Switch A] vlan 2 [Switch A-vlan2] interface vlan-interface 2 [Switch A-Vlan-interface2] ip address 202.38.160.1 255.255.255.0 [Switch A-Vlan-interface2] quit # Enable OAM.
Page 376 Operation Manual – VRRP H3C S9500 Series Routing Switches Chapter 1 VRRP Configuration [Switch B] interface vlan 2 [Switch B-Vlan-interface2] vrrp vrid 1 virtual-ip 202.38.160.111 # Set the authentication mode and authentication key for the virtual router. [Switch B-Vlan-interface2] vrrp vrid 1 authentication-mode md5 switch # Configure IFM tracking, and set the increased value to 10.
Page 377: Troubleshooting Vrrp
Operation Manual – VRRP H3C S9500 Series Routing Switches Chapter 1 VRRP Configuration # Create virtual router 2. [LSW_A-vlan-interface2] vrrp vrid 2 virtual-ip 202.38.160.112 Configure switch B # Configure VLAN2. [LSW-B] vlan 2 [LSW-B-vlan2] interface vlan 2 [LSW-B-vlan-interface2] ip address 202.38.160.2 255.255.255.0 # Create virtual router 1.
Page 378 Operation Manual – VRRP H3C S9500 Series Routing Switches Chapter 1 VRRP Configuration VRRP configuration. For the configuration of the same VRRP virtual router, complete consistency for the number of virtual IP addresses, each virtual IP address, timer duration and authentication type must be guaranteed.
Page 379 Operation Manual – DHCP H3C S9500 Series Routing Switches Table of Contents Table of Contents Chapter 1 DHCP Overview......................1-1 1.1 DHCP Principles ........................ 1-1 1.1.1 BOOTP Relay Agent ....................1-3 1.1.2 DHCP and BOOTP Relay Agent................1-4 1.2 General DHCP Configuration .................... 1-4 1.2.1 Enabling/Disabling DHCP ..................
Page 380 Operation Manual – DHCP H3C S9500 Series Routing Switches Table of Contents 4.1.3 DHCP Snooping Support for Option 82 ..............4-3 4.2 DHCP Snooping Configuration ..................4-4 4.2.1 Configuration Guidelines..................4-6 4.3 Displaying and Maintaining DHCP Snooping ..............4-7 4.4 DHCP Snooping Configuration Example................4-7...
Page 381 Operation Manual – DHCP H3C S9500 Series Routing Switches Chapter 1 DHCP Overview Chapter 1 DHCP Overview 1.1 DHCP Principles The fast expansion and growing complexity of networks result in scarce IP addresses assignable to hosts. Meanwhile, with the wide application of wireless networks, the frequent movements of laptops across networks require that the IP addresses be changed accordingly.
Page 382 Operation Manual – DHCP H3C S9500 Series Routing Switches Chapter 1 DHCP Overview Automatic IP address assignment. The DHCP server automatically assigns fixed IP addresses to DHCP clients when they are connected to the network for the first time. After that, the IP addresses are always occupied by the DHCP clients.
Page 383: Bootp Relay Agent
Operation Manual – DHCP H3C S9500 Series Routing Switches Chapter 1 DHCP Overview DHCP_Request packet. The packet contains the IP address carried in the accepted DHCP_Offer packet. Acknowledgement. Upon receiving the DHCP_Request packet, the DHCP server that owns the IP address the DHCP_Request packet carries sends a DHCP_ACK packet to the DHCP client.
Page 384 Operation Manual – DHCP H3C S9500 Series Routing Switches Chapter 1 DHCP Overview 1.1.2 DHCP and BOOTP Relay Agent Like BOOTP, DHCP also works in the Client/Server mode. A DHCP client can obtain the configuration information dynamically from a DHCP server, including important parameters such as an IP address and mask.
Page 385: Configuring Processing Method Of Dhcp Packets
Operation Manual – DHCP H3C S9500 Series Routing Switches Chapter 1 DHCP Overview 1.2.2 Configuring Processing Method of DHCP Packets You can perform the configurations listed in the following tables on your switch. After these configurations, the switch processes the DHCP packets it receives from DHCP clients in the methods you have configured.
Page 386 Operation Manual – DHCP H3C S9500 Series Routing Switches Chapter 1 DHCP Overview To do… Use the command… undo dhcp select { interface Restore the default vlan-interface vlan-id [ to vlan-interface vlan-id ] | all } By default, DHCP packets are processed in global method. That is, DHCP packets are forwarded to the local DHCP server and IP addresses in global address pools are assigned.
Page 387: Configuring The Dhcp Server
Operation Manual – DHCP H3C S9500 Series Routing Switches Chapter 2 DHCP Server Configuration Chapter 2 DHCP Server Configuration When configuring the DHCP server, go to these sections for information you are interested in: Configuring the DHCP Server Displaying and Debugging the DHCP Server DHCP Server Configuration Example 2.1 Configuring the DHCP Server...
Page 388: Creating A Global Dhcp Ip Address Pool
Operation Manual – DHCP H3C S9500 Series Routing Switches Chapter 2 DHCP Server Configuration Note: In a VRRP network, A global address pool is recommended. You are recommended to configure the virtual IP address of the VRRP group as either the gateway in the global address pool or a reserved address, because some DHCP clients (for example, Linux devices serving as clients) do not perform address collision detection after obtaining addresses through DHCP.
Page 389 Operation Manual – DHCP H3C S9500 Series Routing Switches Chapter 2 DHCP Server Configuration To do… Use the command… undo dhcp server ip-pool Remove a DHCP address pool pool-name By default, no global DHCP address pool is created. Note that a VLAN interface address pool is created by the system after you assign a legal unicast IP address to the VLAN interface and configure the dhcp select interface command in VLAN interface view.
Page 390 Operation Manual – DHCP H3C S9500 Series Routing Switches Chapter 2 DHCP Server Configuration Note: The static-bind ip-address command and the static-bind mac-address command must be used together to configure a static binding. The new configuration overwrites the previous one.
Page 391 Operation Manual – DHCP H3C S9500 Series Routing Switches Chapter 2 DHCP Server Configuration To do… Use the command… Remove an dynamic assignment undo network address range By default, no IP address range is configured for dynamic IP address assignment.
Page 392 Operation Manual – DHCP H3C S9500 Series Routing Switches Chapter 2 DHCP Server Configuration I. Configuring a lease time for a global DHCP address pool Perform the following configuration in DHCP address pool view to configure a lease time for a global DHCP address pool: To do…...
Page 393 Operation Manual – DHCP H3C S9500 Series Routing Switches Chapter 2 DHCP Server Configuration To do… Use the command… Configure a DHCP client domain name domain-name domain-name for the global DHCP address pool Remove the DHCP client domain name undo domain-name from the global DHCP address pool II.
Page 394 Operation Manual – DHCP H3C S9500 Series Routing Switches Chapter 2 DHCP Server Configuration must also send a DNS server address to the client. At present, you can configure up to eight DNS server addresses for one DHCP address pool.
Page 395 Operation Manual – DHCP H3C S9500 Series Routing Switches Chapter 2 DHCP Server Configuration 2.1.7 Configuring NetBIOS Server Addresses for DHCP Clients For clients running a Windows operating system and communicating through the NetBIOS protocol, the translation between host name and IP address are carried out by Windows Internet Naming Service (WINS) servers.
Page 396 Operation Manual – DHCP H3C S9500 Series Routing Switches Chapter 2 DHCP Server Configuration To do… Use the command… Remove one or all NetBIOS server undo dhcp server nbns-list addresses from specified DHCP { ip-address | all } { interface...
Page 397: Configuring Custom Dhcp Options
Operation Manual – DHCP H3C S9500 Series Routing Switches Chapter 2 DHCP Server Configuration II. Configuring a NetBIOS node type in a VLAN interface address pool Perform the following configuration in VLAN interface view to configure a NetBIOS node type in the VLAN interface address pool: To do…...
Page 398 Operation Manual – DHCP H3C S9500 Series Routing Switches Chapter 2 DHCP Server Configuration II. Configuring a custom DHCP option in a VLAN interface address pool Perform the following configuration in VLAN interface view to configure a custom DHCP option in the VLAN interface address pool: To do…...
Page 399: Configuring Parameters For Dhcp Server To Send Ping Packets
Operation Manual – DHCP H3C S9500 Series Routing Switches Chapter 2 DHCP Server Configuration To do… Use the command… Remove one or all outbound gateway undo gateway-list { ip-address | all } addresses By default, no outbound gateway address is configured for DHCP clients.
Page 400: Displaying And Debugging The Dhcp Server
Operation Manual – DHCP H3C S9500 Series Routing Switches Chapter 2 DHCP Server Configuration 2.2 Displaying and Debugging the DHCP Server Displaying the DHCP server: To do… Use the command… Remarks Display the statistics display dhcp server conflict { all |...
Page 401: Dhcp Server Configuration Example
Operation Manual – DHCP H3C S9500 Series Routing Switches Chapter 2 DHCP Server Configuration Debugging the DHCP server: To do… Use the command… Remarks Disable debugging for the undo debugging dhcp server { all | DHCP server error | event | packet }...
Page 402 Operation Manual – DHCP H3C S9500 Series Routing Switches Chapter 2 DHCP Server Configuration # Create VLAN2. [H3C] vlan 2 # Enter VLAN interface view. [H3C] interface Vlan-interface 2 # Assign an IP address to Vlan-interface 2. [H3C-Vlan-interface2] ip address 10.110.1.1 255.255.0.0 # Specify to assign IP addresses in the interface address pool to DHCP clients.
Page 403: Configuring The Dhcp Relay Agent
Operation Manual – DHCP H3C S9500 Series Routing Switches Chapter 3 DHCP Relay Agent Configuration Chapter 3 DHCP Relay Agent Configuration When configuring the DHCP relay agent, go to these sections for information you are interested in: Configuring the DHCP Relay Agent DHCP Option 82 Configuration 3.1 Configuring the DHCP Relay Agent...
Page 404 Operation Manual – DHCP H3C S9500 Series Routing Switches Chapter 3 DHCP Relay Agent Configuration If a DHCP server exists in the network, it processes the request packet directly without the help of a DHCP relay agent. If no DHCP server exists in the network, the network device serving as a DHCP relay agent in the network appropriately processes the request packet and forwards it to a specified DHCP server located in another network.
Page 405 Operation Manual – DHCP H3C S9500 Series Routing Switches Chapter 3 DHCP Relay Agent Configuration Note that when configuring a new DHCP server for a VLAN interface, the newly configured one does not overwrite the existing ones. Both the new and the old ones are valid.
Page 406 Operation Manual – DHCP H3C S9500 Series Routing Switches Chapter 3 DHCP Relay Agent Configuration Note: The DHCP client applies for an IP address through the DHCP relay agent. When the packet from the DHCP client arrives at the DHCP relay agent, the DHCP relay agent adds its primary IP address in the packet and forwards the packet to the DHCP server.
Page 407 Operation Manual – DHCP H3C S9500 Series Routing Switches Chapter 3 DHCP Relay Agent Configuration V. Releasing the IP address of a client through DHCP relay agent in interface view When you configure this function in interface view: If you do not specify a DHCP server, the DHCP relay agent will send a release packet to all the DHCP servers in the DHCP server group associated with this interface.
Page 408 Operation Manual – DHCP H3C S9500 Series Routing Switches Chapter 3 DHCP Relay Agent Configuration The address check is disabled on a relay agent-enabled VLAN interface by default. Caution: After the address check feature is enabled on a DHCP relay agent enabled VLAN interface, the client that has already obtained an IP address will lose its access right and has to apply for an IP address again.
Page 409: Dhcp Relay Agent Configuration Example
Operation Manual – DHCP H3C S9500 Series Routing Switches Chapter 3 DHCP Relay Agent Configuration To do… Use the command… Remarks Enter system view system-view — Enable DHCP relay agent dhcp relay security Enabled by default. handshake function tracker enable...
Page 410 Operation Manual – DHCP H3C S9500 Series Routing Switches Chapter 3 DHCP Relay Agent Configuration II. Network diagram DHCP client DHCP client DHCP Server 202.38.1.2 10.110.0.0 Ethernet 202.38.1.1 10.110.1.1 Ethernet Internet 202.38.0.0 Switch ( DHCP Relay) Figure 3-2 Network diagram for DHCP relay agent configuration III.
Page 411: Dhcp Option 82 Configuration
Operation Manual – DHCP H3C S9500 Series Routing Switches Chapter 3 DHCP Relay Agent Configuration Caution: Do not change or delete the IP address of the interface enabled with the DHCP Relay agent; otherwise users will be unable to obtain IP addresses.
Page 412 Operation Manual – DHCP H3C S9500 Series Routing Switches Chapter 3 DHCP Relay Agent Configuration Sub-option 2 also belongs to Option 82 and defines the Remote ID. This option identifies the MAC address of the relay agent. Generally, sub-option 1 and sub-option 2 are used together to identify a DHCP client.
Page 413 Operation Manual – DHCP H3C S9500 Series Routing Switches Chapter 3 DHCP Relay Agent Configuration Figure 3-4 Sub-option structure SubOpt: Indicates the number of the sub-option. Sub-options contained in this packet are sub-option 1, sub-option 2 and sub-option 5. They have the following meanings: Sub-option 1 defines the Circuit ID.
Page 414 Operation Manual – DHCP H3C S9500 Series Routing Switches Chapter 3 DHCP Relay Agent Configuration The node identifier in the sub-option1 of Option82 is a string, which adopts the MAC address of the administration port of the device by default, in the form of 00-E0-FC-0D-DC-EC.
Page 415 Operation Manual – DHCP H3C S9500 Series Routing Switches Chapter 3 DHCP Relay Agent Configuration packet contains the MAC address and VLAN ID of the receiving port of the switch, and the MAC address of the DHCP relay agent. After receiving the DHCP request packet forwarded by the DHCP relay agent, the DHCP server records the information carried by the option.
Page 416 Operation Manual – DHCP H3C S9500 Series Routing Switches Chapter 3 DHCP Relay Agent Configuration II. Enabling Option 82 support on DHCP relay agent Follow these steps to enable Option 82 support on the DHCP relay agent enabled VLAN interface in VLAN interface view: To do…...
Page 417 [H3C] interface vlan-interface 100 [H3C-vlan-interface 100] dhcp select relay [H3C-vlan-interface 100] ip relay address 202.38.1.2 [H3C-vlan-interface 100] dhcp relay information enable [H3C-vlan-interface 100] dhcp relay information strategy keep [H3C-vlan-interface 100] dhcp relay information format verbose [H3C-vlan-interface 100] dhcp...
Page 418 Operation Manual – DHCP H3C S9500 Series Routing Switches Chapter 3 DHCP Relay Agent Configuration The configuration of the DHCP server is omitted here. 3-16...
Page 419: Dhcp Snooping Overview
Operation Manual – DHCP H3C S9500 Series Routing Switches Chapter 4 DHCP Snooping Configuration Chapter 4 DHCP Snooping Configuration When configuring DHCP snooping, go to these sections for information you are interested in: DHCP Snooping Overview DHCP Snooping Configuration Displaying and Maintaining DHCP Snooping...
Page 420 Operation Manual – DHCP H3C S9500 Series Routing Switches Chapter 4 DHCP Snooping Configuration If the client’s IP address is manually configured, no matching DHCP snooping entry can be found. Thus, the client cannot receive any ARP reply and will fail to access the network.
Page 421: Dhcp Snooping Support For Option
Operation Manual – DHCP H3C S9500 Series Routing Switches Chapter 4 DHCP Snooping Configuration Caution: After you configure DHCP snooping, any modification to a use-defined flow template may conflict with the DHCP snooping related ACLs, resulting in failure of implementing DHCP snooping features.
Page 422: Dhcp Snooping Configuration
Operation Manual – DHCP H3C S9500 Series Routing Switches Chapter 4 DHCP Snooping Configuration The DHCP snooping device which is located in the same network segment with the DHCP client checks whether Option 82 exists in the packet. If yes, the DHCP snooping device processes the packet according to the configured strategy: it may drop the packet, replace the original Option 82 with its own Option 82, or keep the original Option 82 unchanged.
Page 423 Operation Manual – DHCP H3C S9500 Series Routing Switches Chapter 4 DHCP Snooping Configuration To do… Use the command… Remarks Required You need to configure a port that is connected to an authorized DHCP server as trusted to ensure that...
Page 424: Configuration Guidelines
Operation Manual – DHCP H3C S9500 Series Routing Switches Chapter 4 DHCP Snooping Configuration To do… Use the command… Remarks reset dhcp-snooping entry { mac mac-address | vlan vlan-id | ip ip-address | Optional Remove DHCP snooping interface port-type entries...
Page 425: Displaying And Maintaining Dhcp Snooping
Operation Manual – DHCP H3C S9500 Series Routing Switches Chapter 4 DHCP Snooping Configuration 4.3 Displaying and Maintaining DHCP Snooping To do… Use the command… Remarks display dhcp-snooping entry { vlan Display DHCP vlan-id [ to vlan-id ] | interface port-type...
Page 426 Operation Manual – DHCP H3C S9500 Series Routing Switches Chapter 4 DHCP Snooping Configuration [H3C] dhcp-snooping enable # Create VLAN 100 and add Ethernet 1/1/1, Ethernet 1/1/2 and Ethernet 1/1/3 into the VLAN. [H3C] vlan 100 [H3C-vlan100] quit [H3C] interface ethernet1/1/1...
Page 427 Operation Manual – DHCP H3C S9500 Series Routing Switches Chapter 4 DHCP Snooping Configuration Note: To ensure the DHCP client to obtain an IP address from the DHCP server, you need to complete other configurations on the DHCP client and DHCP server. The configuration procedure is omitted because it varies depending on the device model.
Page 428 Operation Manual – DNS H3C S9500 Series Routing Switches Table of Contents Table of Contents Chapter 1 DNS Configuration....................... 1-1 1.1 Introduction to DNS ......................1-1 1.1.1 Static Domain Name Resolution ................1-1 1.1.2 Dynamic Domain Name Resolution ................ 1-1 1.2 Configuring Domain Name Resolution ................
Page 429: Introduction To Dns
Operation Manual – DNS H3C S9500 Series Routing Switches Chapter 1 DNS Configuration Chapter 1 DNS Configuration When configuring DNS, go to these sections for information you are interested in: Introduction to DNS Configuring Domain Name Resolution Displaying and Debugging Domain Name Resolution...
Page 430: Configuring Domain Name Resolution
When the domain name suffix is used, if the input domain name does not include “.”, like “h3c”, the system regards it as a host name and add a domain name suffix to search. After all the domain names are failed to be searched out in this way, the system finally searches with the primarily input domain name.
Page 431: Configuring Dynamic Domain Name Resolution
Operation Manual – DNS H3C S9500 Series Routing Switches Chapter 1 DNS Configuration 1.2.2 Configuring Dynamic Domain Name Resolution Dynamic domain name resolution configuration includes: Enabling/disabling static domain name resolution Configuring the IP address of a domain name server Configuring domain name suffix I.
Page 432: Displaying And Debugging Domain Name Resolution
Operation Manual – DNS H3C S9500 Series Routing Switches Chapter 1 DNS Configuration To do… Use the command… Configure domain name suffix dns domain domain-name Delete domain name suffix undo dns domain [ domain-name ] 1.3 Displaying and Debugging Domain Name Resolution To do…...
Page 433: Troubleshooting Domain Name Resolution Configuration
Operation Manual – DNS H3C S9500 Series Routing Switches Chapter 1 DNS Configuration # Configure the IP address of the domain name server to 172.16.1.1. [H3C] dns server 172.16.1.1 # Configure the domain name suffix as com. [H3C] dns domain com # Ping a host with the specified domain name.
Page 434 Operation Manual – UDP Helper H3C S9500 Series Routing Switches Table of Contents Table of Contents Chapter 1 UDP Helper Configuration ..................1-1 1.1 Overview ..........................1-1 1.2 Configuring UDP Helper ....................1-1 1.2.1 Configuration Prerequisites..................1-1 1.2.2 Configuration Procedure ..................1-1...
Page 435: Configuring Udp Helper
Operation Manual – UDP Helper H3C S9500 Series Routing Switches Chapter 1 UDP Helper Configuration Chapter 1 UDP Helper Configuration When configuring UDP Helper, go to these sections for information you are interested Overview Configuring UDP Helper Displaying UDP Helper 1.1 Overview...
Page 436 Operation Manual – UDP Helper H3C S9500 Series Routing Switches Chapter 1 UDP Helper Configuration To do… Use the command… Remarks Optional When the function is enabled, the broadcast packets with the default UDP ports are unicast to the corresponding destination server.
Page 437: Displaying Udp Helper
Operation Manual – UDP Helper H3C S9500 Series Routing Switches Chapter 1 UDP Helper Configuration Note that: You cannot specify the UDP ports before the function of forwarding UDP broadcast packets is enabled. Otherwise, the system displays error information. The dns | netbios-ds | netbios-ns | tacacs | tftp | time keyword refers to six default UDP ports.
Page 438 Operation Manual – NAT H3C S9500 Series Routing Switches Table of Contents Table of Contents Chapter 1 NAT Configuration....................... 1-1 1.1 NAT Overview........................1-1 1.1.1 Introduction to NAT ....................1-1 1.2 Configuring NAT ........................ 1-6 1.2.1 Configuring an Address Pool .................. 1-6 1.2.2 Configuring NAT......................
Page 439: Nat Overview
Operation Manual – NAT H3C S9500 Series Routing Switches Chapter 1 NAT Configuration Chapter 1 NAT Configuration When configuring NAT, go to these sections for information you are interested in: NAT Overview Configuring NAT Displaying NAT Configuration NAT Configuration Examples...
Page 440 Operation Manual – NAT H3C S9500 Series Routing Switches Chapter 1 NAT Configuration ：： Datagram 1 ：： Datagram 1 ： Source IP 192.168.1.3 Source IP ：： 202.120.10.2 202.169.10.1 192.168.1.3 ： Destination IP 202.120.10.2 Destination IP ： 202.120.10.2 ：...
Page 441 Operation Manual – NAT H3C S9500 Series Routing Switches Chapter 1 NAT Configuration I. NAT and NAT control According to the NAT procedure illustrated in Figure 1-1, when an internal host tries to access the external networks, NAT selects a proper public address and substitutes it for the source address in the packets.
Page 442 Operation Manual – NAT H3C S9500 Series Routing Switches Chapter 1 NAT Configuration Many-to-many NAT can be implemented by defining an address pool, and the control of NAT can be achieved by employing access control lists (ACLs). An address pool is a collection of public IP addresses for NAT. Its configuration depends on the number of available public IP addresses, the number of internal hosts, and the practical application.
Page 443 Operation Manual – NAT H3C S9500 Series Routing Switches Chapter 1 NAT Configuration Packets 1 and 2 are from the same internal address but have different source port numbers. Packets 3 and 4 are from different internal addresses but have the same source port number.
Page 444: Configuring Nat
Operation Manual – NAT H3C S9500 Series Routing Switches Chapter 1 NAT Configuration The AnyServer feature can only translate packets of the specified protocol (TCP, UDP or ICMP) and is mainly used for internal hosts to provide services to the public network.
Page 445 Operation Manual – NAT H3C S9500 Series Routing Switches Chapter 1 NAT Configuration To do… Use the command… Remarks Enter system view system-view — Required An address pool is a collection of nat address-group consecutive public IP addresses. If its...
Page 446 Operation Manual – NAT H3C S9500 Series Routing Switches Chapter 1 NAT Configuration To do… Use the command… Remarks nat outbound Required acl-number By configuring the Configure one-to-one address-group association between group-number no-pat ACLs and the NAT slot slot-no address pool (or the...
Page 447 Operation Manual – NAT H3C S9500 Series Routing Switches Chapter 1 NAT Configuration Caution: Do not often execute the undo nat outbound command after the configuration is stable. Make sure you configure the nat vpn limit command to limit the maximum number of users and connections before configuring the nat outbound command in NAPT mode.
Page 448 Operation Manual – NAT H3C S9500 Series Routing Switches Chapter 1 NAT Configuration To do… Use the command… Remarks nat server protocol { tcp | udp } global global-addr Configure an internal global-port inside [ vpn-name ] server host-addr host-port slot...
Page 449 Operation Manual – NAT H3C S9500 Series Routing Switches Chapter 1 NAT Configuration Caution: Up to 256 internal server translation commands can be configured for a VLAN interface. Up to 4,096 internal servers can be configured for a VLAN interface.
Page 450: Configuring Static Nat
Operation Manual – NAT H3C S9500 Series Routing Switches Chapter 1 NAT Configuration 1.2.4 Configuring Static NAT A static NAT entry is created using the nat static command, which includes the public network address, private network address, VPN of the private network address (if the private network address belongs to a VPN), and the slot where the NAT service board is located.
Page 451 Operation Manual – NAT H3C S9500 Series Routing Switches Chapter 1 NAT Configuration 1.2.5 Configuring NAT Blacklist Attributes Follow these steps to enable/disable the NAT blacklist feature on a slot: To do… Use the command… Remarks Enter system view system-view —...
Page 452 Operation Manual – NAT H3C S9500 Series Routing Switches Chapter 1 NAT Configuration 1.2.6 Configuring the Aging Time of NAT Connections Follow these steps to configure the aging time of NAT connections: To do… Use the command… Remarks Enter system view system-view —...
Page 453 Operation Manual – NAT H3C S9500 Series Routing Switches Chapter 1 NAT Configuration To do… Use the command… Remarks Optional Record the active time of ip userlog nat the NAT stream log active-time minutes Not enabled by default. Set the address and port...
Page 454: Nat Configuration Examples
Operation Manual – NAT H3C S9500 Series Routing Switches Chapter 1 NAT Configuration 1.3 Displaying NAT Configuration To do… Use the command… Remarks Display the configuration of the display nat address-group address pool [ group-number ] Display the aging time of NAT table...
Page 455 [H3C-Vlan-interface200] ip address 200.1.1.100 255.255.255.0 [H3C-Vlan-interface200] quit # Configure ACL 3000. [H3C] acl number 3000 [H3C-acl-adv-3000] rule permit ip source 10.1.1.1 0.0.0.255 [H3C-acl-adv-3000] quit # Configure NAT address pool 0. [H3C] nat address-group 0 200.1.1.101 200.1.1.111 # Configure a NAT binding on VLAN-interface 200. The NAT LPU is located in slot 3.
Page 456 # Customize a flow template (the default flow template does not check the packet’s destination MAC address), and apply the flow template to Ethernet 4/1/1. The interface card is located in slot 4. [H3C] flow-template user-defined slot 4 sip 0.0.0.0 dip 0.0.0.0 dmac 0-0-0 vlanid [H3C] interface Ethernet4/1/1...
Page 457 [H3C-Vlan-interface200] ip address 200.1.1.100 255.255.255.0 [H3C-Vlan-interface200] quit # Configure ACL 3000. [H3C] acl number 3000 [H3C-acl-adv-3000] rule permit ip source 10.1.2.1 0.0.0.255 [H3C-acl-adv-3000] quit # Configure internal servers on VLAN-interface 200. The NAT LPU is located in slot 3. [H3C] interface Vlan-interface 200...
Page 458: Static Nat Configuration Example
# Define a flow template (the default flow template does not check the packet’s destination MAC address), and apply the flow template to Ethernet 4/1/1. The interface card is located in slot 4. [H3C] flow-template user-defined slot 4 sip 0.0.0.0 dip 0.0.0.0 dmac 0-0-0 vlanid [H3C] interface Ethernet4/1/1...
Page 459 [H3C] acl number 3000 [H3C-acl-adv-3000] rule permit ip source 10.1.3.1 0.0.0.255 [H3C-acl-adv-3000] quit # Configure static NAT entries on VLAN-interface 200. The NAT LPU is located in slot 3. [H3C] interface Vlan-interface 200 [H3C-Vlan-interface200] nat static global 200.1.1.102 inside 10.1.3.2 slot 3 1-21...
Page 460 # Define a flow template (the default flow template does not check the packet’s destination MAC address), and apply the flow template to Ethernet 4/1/1. The interface card is located in slot 4. [H3C] flow-template user-defined slot 4 sip 0.0.0.0 dip 0.0.0.0 dmac 0-0-0 vlanid [H3C] interface Ethernet4/1/1...
Page 461 Operation Manual – NAT H3C S9500 Series Routing Switches Chapter 1 NAT Configuration II. Network diagram Private Network Public Network 10.1.1.2/24 Corporation A 10.1.1.3/24 Convergence Switch VPN - a VLAN 100 10.1.1.4/24 Ethernet 4/1 /1 10. 1. 1. 1/ 24...
Page 462 Operation Manual – NAT H3C S9500 Series Routing Switches Chapter 1 NAT Configuration [PE] vlan 200 [PE-vlan200] port ethernet4/1/2 [PE-vlan200] quit [PE] interface Vlan-interface 200 [PE-Vlan-interface200] ip address 200.1.1.100 255.255.255.0 # Configure ACL 3000. [PE] acl number 3000 [PE-acl-adv-3000] rule permit ip vpn-instance VPN-a source 10.1.1.1 0.0.0.255 [PE-acl-adv-3000] quit # Configure the maximum numbers of users and connections of VPN-a.
Page 463 Operation Manual – NAT H3C S9500 Series Routing Switches Chapter 1 NAT Configuration # Reference the ACLs to redirect the packets that needs address translation to the NAT LPU. Ethernet 4/1/1 is the inbound interface on the private network side, and the VLAN ID is 100.
Page 464 Operation Manual – NAT H3C S9500 Series Routing Switches Chapter 1 NAT Configuration MPLS Hybrid Insertion Configuration in the MPLS VPN Volume for detailed information. There is a route from VPN 1 to the public network in the routing table of PE 1.
Page 465 Operation Manual – NAT H3C S9500 Series Routing Switches Chapter 1 NAT Configuration # Configure BGP and MPLS. Refer to the section Configuring PE Router in MPLS L3VPN Configuration of the MPLS VPN Volume for detailed configuration information. # Customize a flow template, and then apply it to Ethernet 4/1/1, where 4 indicates the slot in which the LPU is located.
Page 466 Operation Manual – NAT H3C S9500 Series Routing Switches Chapter 1 NAT Configuration [PE1-Ethernet4/1/1] traffic-redirect inbound ip-group 3001 link-group 4000 rule 0 slot 3 designated-vlan 192 # Configure an ACL rule to be referenced by NAT. [PE1] acl number 3100 [PE1-acl-adv-3100] rule permit ip vpn-instance VPN1 source 192.168.1.0...
Page 467 Operation Manual – NAT H3C S9500 Series Routing Switches Chapter 1 NAT Configuration Note: Choose one of the following three methods to advertise the VPN routes (the first method is recommended): Execute the export route-policy command in VPN instance view to advertise the routes configured with public network addresses, and then execute the import direct command to import directed connected routes in BGP view.
Page 468 Operation Manual – NAT H3C S9500 Series Routing Switches Chapter 1 NAT Configuration II. Network diagram 202.231.X.0/24 Global IP 10.X.0.0/16 Private IP VLAN1001 G3/1/2 VLAN1000 VPN2 G3/1/1 rt:65000:2 VPN1 NAT:pool1 rt:65000:1 NAT:pool2 10.0.0.0/16 202.231.11.0/24 202.231.2.0/24 10.0.0.0/16 Figure 1-8 Network diagram for VPN NAT configuration III.
Page 469 Operation Manual – NAT H3C S9500 Series Routing Switches Chapter 1 NAT Configuration Configure the routing protocol on CE 2. IV. Configuration procedure Configure PE # Create VPN 1, and configure VPN 1 to redistribute routes from VPN 2. <PE> system-view...
Page 470 Operation Manual – NAT H3C S9500 Series Routing Switches Chapter 1 NAT Configuration # Configure the maximum numbers of users and connections allowed in VPN 1 (set the values based on the actual number of hosts in VPN 1). [PE] nat vpn limit vpn-instance VPN1 1000 100000 # Apply NAT address pool 100 to VLAN-interface 1001 that connects to CE 2.
Page 471 Operation Manual – NAT H3C S9500 Series Routing Switches Chapter 1 NAT Configuration II. Network diagram Backbone Paradigm Server VLAN 100 G3 / 1 / 1 NAT 1：PooL 1 NATServer 1 NAT 2： POOL 2 VPN2 VLAN 1001 VPN 1...
Page 472 Operation Manual – NAT H3C S9500 Series Routing Switches Chapter 1 NAT Configuration Configure a NAT address pool for hosts in VPN 1 on VLAN-interface 100 that connects to the backbone. Configure the NAT internal server mapping of VPN1 on VLAN-interface 100 that connects to the backbone.
Page 473 Operation Manual – NAT H3C S9500 Series Routing Switches Chapter 1 NAT Configuration [PE-Vlan-interface1000] ip binding vpn-instance VPN1 [PE-Vlan-interface1000] ip address 202.231.11.1 255.255.255.0 [PE-Vlan-interface1000] ip address 10.0.1.254 255.255.255.0 sub [PE-Vlan-interface1000] quit # Configure a routing protocol. Select a routing protocol based on actual needs.
Page 474 Operation Manual – IP Performance H3C S9500 Series Routing Switches Table of Contents Table of Contents Chapter 1 IP Performance Configuration..................1-1 1.1 Configuring IP Performance ....................1-1 1.1.1 Configuring TCP Attributes ..................1-1 1.1.2 Configuring the Switch Whether to Send a Time Exceeded ICMP Packet..... 1-2 1.2 Displaying and Maintaining IP Performance..............
Page 475: Configuring Ip Performance
Operation Manual – IP Performance H3C S9500 Series Routing Switches Chapter 1 IP Performance Configuration Chapter 1 IP Performance Configuration When configuring IP performance, go to these sections for information you are interested in: Configuring IP Performance Displaying and Maintaining IP Performance Troubleshooting IP Performance 1.1 Configuring IP Performance...
Page 476: Displaying And Maintaining Ip Performance
Operation Manual – IP Performance H3C S9500 Series Routing Switches Chapter 1 IP Performance Configuration To do… Use the command… Restore the socket receiving/sending undo tcp window buffer size of TCP to default value 1.1.2 Configuring the Switch Whether to Send a Time Exceeded ICMP Packet The switch will return a destination unreachable packet to the sender when receiving a packet whose TTL is "1”.
Page 477 Operation Manual – IP Performance H3C S9500 Series Routing Switches Chapter 1 IP Performance Configuration To do… Use the command… Remarks Display ICMP statistics information display icmp statistics display ip socket Display the current socket information [ socktype sock-type ]...
Page 478: Troubleshooting Ip Performance
Operation Manual – IP Performance H3C S9500 Series Routing Switches Chapter 1 IP Performance Configuration To do… Use the command… Remarks Disable the debugging of IP undo debugging ip packet packets Enable the debugging of ICMP debugging ip icmp packets...
Page 479 Operation Manual – IP Performance H3C S9500 Series Routing Switches Chapter 1 IP Performance Configuration Destination port: 4296 task = ROUT(15) socketid = 6, src = 192.168.1.1:520, dst = 255.255.255.255:520, datalen = 24 Use the debugging tcp packet command to enable the TCP debugging to trace the TCP packets.
Page 480 Operation Manual – URPF H3C S9500 Series Routing Switches Table of Contents Table of Contents Chapter 1 URPF Configuration ....................1-1 1.1 URPF Overview ......................... 1-1 1.2 Configuring URPF......................1-2 1.3 URPF Configuration Examples..................1-3 1.3.1 Example I ........................ 1-3...
Page 481: Urpf Overview
Operation Manual – URPF H3C S9500 Series Routing Switches Chapter 1 URPF Configuration Chapter 1 URPF Configuration When configuring URPF, go to these sections for information you are interested in: URPF Overview Configuring URPF URPF Configuration Examples Note: The service processor boards mentioned in the chapter refer to LSB1NAMB0 boards.
Page 482: Configuring Urpf
Operation Manual – URPF H3C S9500 Series Routing Switches Chapter 1 URPF Configuration 1.2 Configuring URPF The following section describes the URPF configuration tasks: Configure packet redirection Enable URPF on ports Display port configuration information Clear URPF statistical counters to zero Use the urpf enable command to enable URPF for a certain VLAN port and specify the service processor board where the port locates.
Page 483 Operation Manual – URPF H3C S9500 Series Routing Switches Chapter 1 URPF Configuration To do… Use the command… Remarks Quit to system view quit — Enter VLAN interface interface vlan-interface — view vlan-id Required. Enable URPF in VLAN interface view. Specify...
Page 484 [H3C-acl-link-4000] rule 0 permit ip egress 01-02-03 00-00-00 # Configure packet redirecting on the corresponding Ethernet port. [H3C] interface ethernet 3/1/30 [H3C-Ethernet3/1/30] flow-template user-defined [H3C-Ethernet3/1/30] traffic-redirect inbound link-group 4000 slot 5 vlan 1000 [H3C-Ethernet3/1/30] quit [H3C] interface GigabitEthernet 6/1/2 [H3C-GigabitEthernet6/1/2] flow-template user-defined...
Page 485 [H3C] acl number 4000 # Permit the IP packets going into VLAN 1000 and the DMAC must be the interface MAC000f-e239-a9b8. [H3C-acl-link-4000] rule 0 permit ip ingress 1000 egress 000f-e239-a9b8 0000-0000-0000 # Permit the IP packets going into VLAN 1001.
Page 486 Operation Manual – URPF H3C S9500 Series Routing Switches Chapter 1 URPF Configuration [H3C-acl-link-4000] rule 1 permit ip ingress 1001 egress 000f-e239-a9b8 0000-0000-0000 # Configure a user-defined flow template. [H3C] flow-template user-defined slot 6 vlanid ethernet-protocol dmac 00-00-00 # Apply the flow template on port Ethernet 6/1/1 and configure traffic redirection.
Page 487 Operation Manual H3C S9500 Series Routing Switches IP Routing Volume Organization Manual Version T2-08165E-20081225-C-1.24 Product Version S9500-CMW310-R1648 Organization The IP Routing Volume is organized as follows: Features (operation Description manual) The volume describes: IP Routing Protocol Introduction to IP routing and routing table...
Page 488 Operation Manual H3C S9500 Series Routing Switches IP Routing Volume Organization Features (operation Description manual) Border gateway protocol (BGP) is an inter-autonomous system (inter-AS) dynamic route discovery protocol. The volume describes: Introduction to BGP and MBGP BGP configuration For implementing the route policy, you need to define a set of matching rules by specifying the characteristics of the routing information to be filtered.
Page 489 Operation Manual – IP Routing Protocol Overview H3C S9500 Series Routing Switches Table of Contents Table of Contents Chapter 1 IP Routing Protocol Overview ..................1-1 1.1 Introduction to IP Route and Routing Table ..............1-1 1.1.1 IP Route and Route Segment ................. 1-1 1.1.2 Route Selection through the Routing Table ............
Page 490: Introduction To Ip Route And Routing Table
Operation Manual – IP Routing Protocol Overview H3C S9500 Series Routing Switches Chapter 1 IP Routing Protocol Overview Chapter 1 IP Routing Protocol Overview Go to these sections for information you are interested in: Introduction to IP Route and Routing Table...
Page 491: Route Selection Through The Routing Table
Operation Manual – IP Routing Protocol Overview H3C S9500 Series Routing Switches Chapter 1 IP Routing Protocol Overview Figure 1-1 The concept of route segment As the networks may have different sizes, the segment lengths connected between two different pairs of routers are also different. The number of route segments multiplies a weighted coefficient can serve as a weighted measurement for the actual length of the signal transmission path.
Page 492 Operation Manual – IP Routing Protocol Overview H3C S9500 Series Routing Switches Chapter 1 IP Routing Protocol Overview Output interface: It indicates an interface through which an IP packet should be forwarded. Next hop address: It indicates the IP address of the next router that an IP packet will pass through.
Page 493: Routing Management Policy
1.2 Routing Management Policy For S9500 series, you can configure manually the static route to a specific destination, and configure dynamic routing protocol to interact with other routers on the network. The routing algorithm can also be used to discover routes. For the configured static routes and dynamic routes discovered by the routing protocol, the S9500 series implement unified management.
Page 494: Supporting Load Sharing And Route Backup
By far, the S9500 series support eight routes to implement load sharing. II. Route backup The S9500 series support route backup. When the main route fails, the system will automatically switch to a backup route to improve the network reliability.
Page 495: Routes Shared Between Routing Protocols
The S9500 series support the import of routes discovered by one routing protocol into another. Each protocol has its own route importing mechanism. For details, refer to the description about importing an external route in the operation manual of the corresponding routing protocol.
Page 496 Operation Manual – Static Route H3C S9500 Series Routing Switches Table of Contents Table of Contents Chapter 1 Static Route Configuration ..................1-1 1.1 Introduction to Static Route ....................1-1 1.1.1 Static Route......................1-1 1.1.2 Default Route ......................1-2 1.2 Configuring Static Route....................1-2 1.2.1 Configuring a Static Route ..................
Page 497: Introduction To Static Route
Operation Manual – Static Route H3C S9500 Series Routing Switches Chapter 1 Static Route Configuration Chapter 1 Static Route Configuration When configuring static route, go to these sections for information you are interested in: Introduction to Static Route Configuring Static Route...
Page 498: Default Route
Operation Manual – Static Route H3C S9500 Series Routing Switches Chapter 1 Static Route Configuration address, and any IP packets addressed to this destination are dropped without notifying the source host. The attributes reject and blackhole are usually used to control the range of reachable destinations of this router, and help troubleshoot the network.
Page 499: Configuring A Default Route
Operation Manual – Static Route H3C S9500 Series Routing Switches Chapter 1 Static Route Configuration To do... Use the command... undo ip route-static ip-address { mask | mask-length } { interface-type interface-number } [ nexthop-ip-address ] [ preference preference-value ]...
Page 500: Deleting All The Static Routes
Operation Manual – Static Route H3C S9500 Series Routing Switches Chapter 1 Static Route Configuration To do... Use the command... ip route-static 0.0.0.0 { 0.0.0.0 | 0 } { interface-type Configure a default route interface-number | gateway-address } [ preference value ] [ reject | blackhole ] undo ip route-static 0.0.0.0 { 0.0.0.0 | 0 }...
Page 501: Displaying And Debugging Static Route
1.4 Static Route Configuration Example I. Network requirements As shown in Figure 1-1, the masks of all the IP addresses are 255.255.255.0. It is required that all the hosts or S9500 series routing switches can be interconnected in pairs by static route configuration.
Page 502 Operation Manual – Static Route H3C S9500 Series Routing Switches Chapter 1 Static Route Configuration II. Network diagram H ost 1 .1 .5.1 1.1 .5 .2/2 4 1.1 .3.1 /2 4 1 .1 .2.2 /24 S witch C 1.1 .3 .2/2 4 1 .1.2 .1 /24...
Page 503 Operation Manual – Static Route H3C S9500 Series Routing Switches Chapter 1 Static Route Configuration Solution: Use the display ip routing-table protocol static command to view whether the configured static route is correct and in effect.
Page 504 Operation Manual – RIP H3C S9500 Series Routing Switches Table of Contents Table of Contents Chapter 1 RIP Configuration ......................1-1 1.1 Introduction to RIP ......................1-1 1.1.1 RIP Operation Mechanism ..................1-1 1.1.2 RIP Enabling and Running..................1-2 1.2 Configuring RIP........................1-3 1.2.1 Enabling RIP and Entering RIP View ..............
Page 505: Introduction To Rip
Operation Manual – RIP H3C S9500 Series Routing Switches Chapter 1 RIP Configuration Chapter 1 RIP Configuration When configuring RIP, go to these sections for information you are interested in: Introduction to RIP Configuring RIP Displaying and Debugging RIP RIP Configuration Example...
Page 506: Rip Enabling And Running
Operation Manual – RIP H3C S9500 Series Routing Switches Chapter 1 RIP Configuration II. RIP route database Each router running RIP manages a route database, which contains routing entries to all the reachable destinations in the network. These routing entries contain the following information: Destination address: IP address of a host or a network.
Page 507: Configuring Rip
Operation Manual – RIP H3C S9500 Series Routing Switches Chapter 1 RIP Configuration RIP broadcasts its routing table to the adjacent routers every 30 seconds. The adjacent routers will maintain their own routing table after receiving the packets and will select an optimal route, and then advertise the modification information to their respective adjacent network so as to make the updated route globally known.
Page 508: Enabling Rip And Entering Rip View
Operation Manual – RIP H3C S9500 Series Routing Switches Chapter 1 RIP Configuration Specifying the Operating State of the Interface Setting RIP-2 Packet Authentication 1.2.1 Enabling RIP and Entering RIP View Perform the following configurations in system view to enable/disable RIP: To do…...
Page 509: Configuring Split Horizon
Operation Manual – RIP H3C S9500 Series Routing Switches Chapter 1 RIP Configuration To do... Use the command... Specify the RIP neighbor peer ip-address Remove the RIP neighbor undo peer ip-address By default, RIP does not send any packets to any unicast addresses.
Page 510: Configuring Route Filtering
Operation Manual – RIP H3C S9500 Series Routing Switches Chapter 1 RIP Configuration By default, the additional routing metric added to the route when RIP sends a packet is 1. The additional routing metric when RIP receives the packet is 0 by default.
Page 511 Operation Manual – RIP H3C S9500 Series Routing Switches Chapter 1 RIP Configuration To do... Use the command... Configure RIP to filter the received filter-policy gateway ip-prefix-name routing information advertised by the import specified address Cancel filtering the received routing...
Page 512: Setting The Rip Preference
Operation Manual – RIP H3C S9500 Series Routing Switches Chapter 1 RIP Configuration 1.2.8 Disabling RIP from Receiving Host Route In some special cases, the router can receive a lot of host routes, and these routes are of little help in routing but consume a lot of network resources. Routers can be configured to reject host routes with the undo host-route command.
Page 513: Specifying Rip Version Of The Interface
Operation Manual – RIP H3C S9500 Series Routing Switches Chapter 1 RIP Configuration Perform the following configuration in RIP view to set/restore the RIP preference: To do… Use the command... Set the RIP Preference preference value Restore the default value of RIP preference undo preference By default, the preference of RIP is 100.
Page 514 Operation Manual – RIP H3C S9500 Series Routing Switches Chapter 1 RIP Configuration To do... Use the command... timers { update update-timer-length | Configure RIP timers timeout timeout-timer-length } * Restore the default settings of RIP timers undo timers { update | timeout } * The modification of RIP timers is validated immediately.
Page 515: Specifying The Operating State Of The Interface
Operation Manual – RIP H3C S9500 Series Routing Switches Chapter 1 RIP Configuration 1.2.14 Specifying the Operating State of the Interface In interface view, you can specify the operating state of RIP on the interface. For example, whether RIP operates on the interface, namely, whether RIP update packets are sent and received on the interface.
Page 516: Displaying And Debugging Rip
As shown in Figure 1-1, the S9500 series routing switch C connects to the subnet 117.102.0.0 through the Ethernet port. The Ethernet ports of the S9500 series routing switches A and Switch B are respectively connected to the network 155.10.1.0 and 1-12...
Page 517 Operation Manual – RIP H3C S9500 Series Routing Switches Chapter 1 RIP Configuration 196.38.165.0. Switch C, Switch A and Switch B are connected via Ethernet 110.11.2.0. Correctly configure RIP to ensure that Switch C, Switch A and Switch B can interconnect with each other.
Page 518: Troubleshooting Rip
[Switch C-rip] network 110.11.2.0 1.5 Troubleshooting RIP Symptom: The S9500 series cannot receive the update packets when the physical connection to the peer routing device is normal. Solution: RIP is not running on the corresponding interface (for example, the undo rip work command is executed) or this interface is not enabled through the network command.
Page 519 1.1.3 OSPF Packets......................1-2 1.1.4 LSA Type......................... 1-3 1.1.5 Basic Concepts Related to OSPF ................1-4 1.1.6 OSPF Features Supported by the S9500 Series ............ 1-6 1.2 OSPF GR Overview......................1-6 1.2.1 Working Mechanism of OSPF GR ................1-7 1.2.2 Packet Format of OSPF GR..................1-8 1.2.3 OSPF GR Features Supported by CMW ..............
Page 520 Operation Manual – OSPF H3C S9500 Series Routing Switches Table of Contents 1.3.26 Resetting the OSPF Process ................1-34 1.4 Displaying and Debugging OSPF ..................1-35 1.5 OSPF Configuration Example..................1-36 1.5.1 Configuring DR Election Based on OSPF Priority ..........1-36 1.5.2 Configuring OSPF Virtual Link ................
Page 521: Ospf Overview
Operation Manual – OSPF H3C S9500 Series Routing Switches Chapter 1 OSPF Configuration Chapter 1 OSPF Configuration When configuring OSPF, go to these sections for information you are interested in: OSPF Overview OSPF GR Overview Configuring OSPF Displaying and Debugging OSPF...
Page 522: Process Of Ospf Route Calculation
Operation Manual – OSPF H3C S9500 Series Routing Switches Chapter 1 OSPF Configuration Authentication: It supports the interface-based packet authentication so as to guarantee the security of the route calculation. Multicast transmission: Support multicast address to receive and send packets.
Page 523: Lsa Type
Operation Manual – OSPF H3C S9500 Series Routing Switches Chapter 1 OSPF Configuration When two routers synchronize their databases, they use the DD packets to describe their own LSDBs, including the digest of each LSA. The digest refers to the HEAD of LSA, which uniquely identifies the LSA.
Page 524: Basic Concepts Related To Ospf
Operation Manual – OSPF H3C S9500 Series Routing Switches Chapter 1 OSPF Configuration According to RFC1587, Type-7 LSAs differ from Type-5 LSAs as follows: Type-7 LSAs are generated and released within a Not-So-Stubby Area (NSSA). Type-5 LSAs cannot be generated or released within a NSSA.
Page 525 Operation Manual – OSPF H3C S9500 Series Routing Switches Chapter 1 OSPF Configuration III. Area The network size grows increasingly larger. If all the routers on a huge network are running OSPF, the large number of routers will result in an enormous LSDB, which will consume an enormous storage space, complicate the SPF algorithm, and add the CPU load as well.
Page 526: Ospf Gr Overview
19.1.2. 0/24 Area 8 Figure 1-1 Area and route summary 1.1.6 OSPF Features Supported by the S9500 Series The S9500 series support the following OSPF features: Support stub areas: OSPF defines stub areas to decrease the overhead when the routers within the area receive ASE routes.
Page 527 Operation Manual – OSPF H3C S9500 Series Routing Switches Chapter 1 OSPF Configuration 1.2.1 Working Mechanism of OSPF GR 1. Implementation standard of OSPF GR RFC3623: Graceful OSPF Restart IETF drafts: draft-nguyen-ospf-lls-05; draft-nguyen-ospf-oob-resync-05; draft-nguyen-ospf-restart-05; 2. Work mechanism of RFC3623 RFC3623 defines two main principles for GR: the network topology must remain stable and the forwarding tables can be kept when a router is being restarted.
Page 528 Operation Manual – OSPF H3C S9500 Series Routing Switches Chapter 1 OSPF Configuration When a protocol is restarted, the protocol will notify the peer that it will be restarted and let the peer keep the neighbor relationship through the RS_bit set in the EO_TLV of a HELLO packet.
Page 529 Operation Manual – OSPF H3C S9500 Series Routing Switches Chapter 1 OSPF Configuration III. Option fields extended by LLS Figure 1-4 Option fields with L-bit IV. Format of LLS data Figure 1-5 Format of LLS data V. TLV structure: EO_TLV and CA_TLV...
Page 530 Operation Manual – OSPF H3C S9500 Series Routing Switches Chapter 1 OSPF Configuration Figure 1-8 Format of CA_TLV The meaning of each field in the CA_TLV: The type field refers to the type of CA_TLV, and the type of CA_TLV is 2;...
Page 531 Operation Manual – OSPF H3C S9500 Series Routing Switches Chapter 1 OSPF Configuration Figure 1-9 Format of DD Packets with R-bit set 1.2.3 OSPF GR Features Supported by CMW The two GR methods above are supported in the implementation of CMW.
Page 532: Configuring A Router Id
Operation Manual – OSPF H3C S9500 Series Routing Switches Chapter 1 OSPF Configuration Configuring OSPF Route Filtering Configuring the Route Summary of OSPF Some OSPF configurations Setting OSPF Route Preference Configuring OSPF Timers Configuring the Network Type of the OSPF Interface...
Page 533: Enabling Ospf
Operation Manual – OSPF H3C S9500 Series Routing Switches Chapter 1 OSPF Configuration the user should determine the division of router IDs and manually configure them when planning the network. 1.3.2 Enabling OSPF Perform the following configuration in system view to enable/disable OSPF: To do...
Page 534: Specifying An Interface To Run Ospf
Operation Manual – OSPF H3C S9500 Series Routing Switches Chapter 1 OSPF Configuration 1.3.4 Specifying an Interface to Run OSPF After using the ospf command to enable OSPF in system view, you must specify the network to run OSPF. An ABR router can be in different areas, while a network segment can only belong to an area.
Page 535 Operation Manual – OSPF H3C S9500 Series Routing Switches Chapter 1 OSPF Configuration I. Configure OSPF route redistribution Perform the following configuration in OSPF view to enable/disable OSPF route redistribution: To do... Use the command... import-route protocol [ cost value |...
Page 536 Operation Manual – OSPF H3C S9500 Series Routing Switches Chapter 1 OSPF Configuration default route cost and default tag of route distribution. Route tag can be used to identify the protocol-related information. For example, OSPF can use it to identify the AS number when receiving BGP.
Page 537 Operation Manual – OSPF H3C S9500 Series Routing Switches Chapter 1 OSPF Configuration By default, the interval for importing external routes is 1 second. The upper limit is 1000 at a time. 1.3.6 Configuring OSPF to Advertise Default Routes By default, there are no default routes in a common OSPF area (either a backbone area or a non-backbone area).
Page 538: Configuring Ospf Route Filtering
Operation Manual – OSPF H3C S9500 Series Routing Switches Chapter 1 OSPF Configuration If the router is not the ABR in the NSSA area, the command generates a default Type-7 LSA only when the default route exists in the routing table.
Page 539 Operation Manual – OSPF H3C S9500 Series Routing Switches Chapter 1 OSPF Configuration To do... Use the command... Enable OSPF to filter the routes filter-policy { acl-number | ip-prefix advertised by other routing protocols ip-prefix-name } export [ routing-protocol ]...
Page 540: Configuring The Route Summary Of Ospf
Operation Manual – OSPF H3C S9500 Series Routing Switches Chapter 1 OSPF Configuration To do... Use the command... Enable an OSPF area to filter Type-3 filter-policy { acl-number | ip-prefix LSAs advertised to other areas ip-prefix-name } export Disable an OSPF area from filtering...
Page 541: Setting Ospf Route Preference
By default, route summary is disabled on ABRs. II. Configuring summarization of imported routes by OSPF OSPF of the S9500 series supports route summary of imported routes. Perform the following configurations in OSPF view to configure/cancel summarization of imported routes by OSPF: To do...
Page 542: Configuring Ospf Timers
Operation Manual – OSPF H3C S9500 Series Routing Switches Chapter 1 OSPF Configuration To do... Use the command... Configure a preference for OSPF for comparing preference [ ase ] preference with the other routing protocols Restore the default protocol preference...
Page 543 Operation Manual – OSPF H3C S9500 Series Routing Switches Chapter 1 OSPF Configuration By default, the dead interval for the neighboring routers of p2p or broadcast interfaces is 40 seconds and that for the neighboring routers of p2mp or nbma interfaces is 120 seconds.
Page 544: Configuring Nbma Neighbors For Ospf
Operation Manual – OSPF H3C S9500 Series Routing Switches Chapter 1 OSPF Configuration NBMA means that a network is non-broadcast and multi-accessible. ATM is a typical example for it. The user can configure the polling interval to specify the interval for sending polling hello packets before the adjacency of the neighboring routers is formed.
Page 545: Setting The Interface Priority For Dr Election
Operation Manual – OSPF H3C S9500 Series Routing Switches Chapter 1 OSPF Configuration Perform the following configuration in OSPF view to configure/remove the NBMA neighbors for OSPF: To do... Use the command... peer ip-address [ dr-priority Configure the NBMA neighbors for OSPF...
Page 546: Configuring An Interval Required For Sending Lsu Packets
Operation Manual – OSPF H3C S9500 Series Routing Switches Chapter 1 OSPF Configuration DR election is only required for the broadcast or NBMA interfaces. For the p2p or p2mp interfaces, DR election is not required. Perform the following configuration in interface view to set/restore the interface priority for DR election: To do...
Page 547 For S9500 series, the default cost for running OSPF on the VLAN interface is 10. 1.3.16 Configuring to Fill the MTU Field When an Interface Transmits DD Packets OSPF-running routers use Database Description (DD) packets to describe their own LSDBs during LSDB synchronization.
Page 548: Disabling The Interface To Send Ospf Packets
Operation Manual – OSPF H3C S9500 Series Routing Switches Chapter 1 OSPF Configuration By default, the interval of SPF recalculation is five seconds. 1.3.18 Disabling the Interface to Send OSPF Packets To prevent OSPF routing information from being acquired by the routers on a certain network, use the silent-interface command to disable the interface to transmit OSPF packets.
Page 549 Operation Manual – OSPF H3C S9500 Series Routing Switches Chapter 1 OSPF Configuration By default, the area does not support packet authentication. II. Configuring OSPF packet authentication OSPF supports simple authentication or MD5 authentication between neighboring routers. The authentication type configured on an interface takes effect only after the area to which the interface belongs is configured with the corresponding authentication type.
Page 550: Configuring Stub Area Of Ospf
Operation Manual – OSPF H3C S9500 Series Routing Switches Chapter 1 OSPF Configuration physical interfaces, you can also configure various interface parameters on this link, such as hello timer. The "logic channel" means that the routers running OSPF between two ABRs only take...
Page 551: Configuring Nssa Area Of Ospf
Operation Manual – OSPF H3C S9500 Series Routing Switches Chapter 1 OSPF Configuration To do... Use the command... Configure an area to be the stub area stub [ no-summary ] Remove the configured stub area undo stub Configure the cost of the default route transmitted by...
Page 552 Operation Manual – OSPF H3C S9500 Series Routing Switches Chapter 1 OSPF Configuration Perform the following configuration in OSPF area view to configure/cancel NSSA of OSPF: To do... Use the command... nssa [ default-route-advertise | Configure an area to be the NSSA area...
Page 553 Operation Manual – OSPF H3C S9500 Series Routing Switches Chapter 1 OSPF Configuration To do... Use the command... Description Enter system view system-view — ospf [ process-id [ router-id router-id Enter OSPF view Required | vpn-instance vpn-instance-name] ] Required Set the switch for...
Page 554: Resetting The Ospf Process
Operation Manual – OSPF H3C S9500 Series Routing Switches Chapter 1 OSPF Configuration To do... Use the command... undo snmp-agent trap enable ospf [ process-id ] [ ifstatechange | virifstatechange | nbrstatechange | Disable OSPF TRAP virnbrstatechange | ifcfgerror | virifcfgerror | ifauthfail...
Page 555: Displaying And Debugging Ospf
Operation Manual – OSPF H3C S9500 Series Routing Switches Chapter 1 OSPF Configuration To do... Use the command... Reset one or all OSPF processes reset ospf [ statistics ] { all | process-id } Resetting the OSPF process can immediately clear invalid LSAs, and make the modified router ID effective or the DR and BDR are re-elected.
Page 556: Ospf Configuration Example
1.5.1 Configuring DR Election Based on OSPF Priority I. Network requirements Four the S9500 series switches, Switch A, Switch B, Switch C and Switch D, which can perform the router functions and run OSPF, are located on the same segment, as shown in the following figure.
Page 557 Operation Manual – OSPF H3C S9500 Series Routing Switches Chapter 1 OSPF Configuration III. Configuration procedure # Configure Switch A. [Switch A] interface Vlan-interface 1 [Switch A-Vlan-interface1] ip address 196.1.1.1 255.255.255.0 [Switch A-Vlan-interface1] ospf dr-priority 100 [Switch A] router id 1.1.1.1...
Page 558 Operation Manual – OSPF H3C S9500 Series Routing Switches Chapter 1 OSPF Configuration # Change the priority of Switch B to 200. [Switch B-Vlan-interface2000] ospf dr-priority 200 On Switch A, execute the display ospf peer command to show its OSPF neighbors.
Page 559 Operation Manual – OSPF H3C S9500 Series Routing Switches Chapter 1 OSPF Configuration [Switch A-ospf-1] area 0 [Switch A-ospf-1-area-0.0.0.0] network 196.1.1.0 0.0.0.255 # Configure Switch B. [Switch B] interface vlan-interface 7 [Switch B-Vlan-interface7] ip address 196.1.1.2 255.255.255.0 [Switch B] interface vlan-interface 8 [Switch B-Vlan-interface8] ip address 197.1.1.2 255.255.255.0...
Page 560 Operation Manual – OSPF H3C S9500 Series Routing Switches Chapter 1 OSPF Configuration II. Network diagram S9500A S 9500C GigabitEthernet3/1/1 GigabitEthernet3/1/1 192.168.1.1/24 192.168.1.3/24 Vlan- interface 192 Vlan -interface 192 Vlan -inter face 192 GigabitEthernet3/1/1 192.168.1.2/24 GigabitEther net3/1/2 S 9500B Figure 1-13 Network diagram III.
Page 561: Troubleshooting Ospf Configuration
Operation Manual – OSPF H3C S9500 Series Routing Switches Chapter 1 OSPF Configuration [S9500C-vlan192] port GigabitEthernet 3/1/1 [S9500C-vlan192] interface vlan 192 [S9500C-Vlan-interface192] ip address 192.168.1.3 24 [S9500C-Vlan-interface192] quit [S9500C] ospf 1 [S9500C-ospf-1] graceful-restart 180 [S9500C-ospf-1] area 0 [S9500C-ospf-1-area-0.0.0.0] network 192.168.1.0 0.0.0.255 1.6 Troubleshooting OSPF Configuration...
Page 562 Operation Manual – OSPF H3C S9500 Series Routing Switches Chapter 1 OSPF Configuration If more than two areas are configured, at least one area should be configured as the backbone area (that is to say, the area ID is 0).
Page 563 Operation Manual – ISIS H3C S9500 Series Routing Switches Table of Contents Table of Contents Chapter 1 IS-IS Configuration ...................... 1-1 1.1 Introduction to IS-IS ......................1-1 1.1.1 Terms of IS-IS Routing Protocol ................1-1 1.1.2 Two-level Structure of IS-IS Routing Protocol ............1-2 1.1.3 NSAP Structure of IS-IS Routing Protocol ..............
Page 564 Operation Manual – ISIS H3C S9500 Series Routing Switches Chapter 1 IS-IS Configuration Chapter 1 IS-IS Configuration When configuring IS-IS, go to these sections for information you are interested in: Introduction to IS-IS Configuring IS-IS Displaying and Debugging IS-IS IS-IS Configuration Example Note: The term “router”...
Page 565 Operation Manual – ISIS H3C S9500 Series Routing Switches Chapter 1 IS-IS Configuration Link State DataBase (LSDB). All the link states in the network form the LSDB. In an IS, at least one LSDB is available. The IS uses the SPF algorithm and the LSDB to generate its own routes.
Page 566 Operation Manual – ISIS H3C S9500 Series Routing Switches Chapter 1 IS-IS Configuration Level-1-2 router A Level-1-2 router is both a Level-1 router and a Level-2 router. At least one Level-1-2 router in each area connects the area to the backbone network. A Level-1-2 router maintains two LSDBs: the Level-1 LSDB for intra- area route and Level-2 LSDB for inter-area route.
Page 567 System ID System ID uniquely identifies terminal system or router in a route area. You can select length for it. For S9500 series, System ID length is 48 bits (6 bytes). In general, you can obtain System ID according to Router_ID.
Page 568 Operation Manual – ISIS H3C S9500 Series Routing Switches Chapter 1 IS-IS Configuration NSAP selector (SEL or N-SEL) functions as the protocol identifier of an IP address. Different transmission protocols correspond to different identifiers. In IS-IS, SELs are Because the address structure defines clearly an area, a Level-1 router can easily identify the packets not sent to the area where it is located.
Page 569 Operation Manual – ISIS H3C S9500 Series Routing Switches Chapter 1 IS-IS Configuration III. SNP Sequence Number Packet (SNP) can confirm the LSPs last received from neighbors. SNPs function as acknowledge packets, but SNPs function more efficiently. SNP includes complete SNP (CSNP) and partial SNP (PSNP). SNP can be further divided into Level-1 CSNP, Level-2 CSNP, Level-1 PSNP and Level-2 PSNP.
Page 570: Setting Network Entity Title
Operation Manual – ISIS H3C S9500 Series Routing Switches Chapter 1 IS-IS Configuration Setting the Mesh Group of the Interface Setting Overload Flag Bit Enabling to Log the Peer Changes Enabling/Disabling IS-IS Packet Transmission Configuring IS-IS GR Some operation commands...
Page 571: Setting Priority For Dis Election
Operation Manual – ISIS H3C S9500 Series Routing Switches Chapter 1 IS-IS Configuration To do... Use the command... Enable IS-IS on the specified Interface isis enable [ tag ] Cancel this designation undo isis enable [ tag ] 1.2.4 Setting Priority for DIS Election In the broadcast network, IS-IS needs to elect a DIS from all the routers.
Page 572: Setting Interface Circuit Level
Operation Manual – ISIS H3C S9500 Series Routing Switches Chapter 1 IS-IS Configuration 1.2.6 Setting Interface Circuit Level Perform the following configuration in interface view to set/restore the interface circuit level: To do... Use the command... isis circuit-level [ level-1 | level-1-2 |...
Page 573 Operation Manual – ISIS H3C S9500 Series Routing Switches Chapter 1 IS-IS Configuration If the level is not specified in the command for redistributing the route, it defaults to redistributing the routes into level-2. protocol specifies the routing protocol sources that can be redistributed, which can be direct, static, rip, bgp, ospf, OSPF-ASE, OSPF-NSSA, and NAT.
Page 574 Operation Manual – ISIS H3C S9500 Series Routing Switches Chapter 1 IS-IS Configuration Note: The filter-policy import command only filters the IS-IS routes received from the neighbors, and routes that cannot pass the filter will not be added to the routing table.
Page 575: Setting To Generate Default Route
Operation Manual – ISIS H3C S9500 Series Routing Switches Chapter 1 IS-IS Configuration 1.2.11 Setting to Generate Default Route In the IS-IS route domain, the Level-1 router only has the LSDB of the local area, so it can only generate the routes in the local areas. But the Level-2 router has the backbone LSDB in the IS-IS route domains and generates the backbone network routes only.
Page 576 Operation Manual – ISIS H3C S9500 Series Routing Switches Chapter 1 IS-IS Configuration Perform the following configuration in IS-IS view to configure/restore the style for route metric values of IS-IS packets: To do... Use the command... cost-style { narrow | wide |...
Page 577 Operation Manual – ISIS H3C S9500 Series Routing Switches Chapter 1 IS-IS Configuration To do... Use the command... Set Hello packet interval, measured in isis timer hello seconds [ level-1 | seconds level-2 ] Restore the default Hello packet interval...
Page 578 Operation Manual – ISIS H3C S9500 Series Routing Switches Chapter 1 IS-IS Configuration To do... Use the command... Restore the default CSNP packet undo isis timer csnp [ level-1 | level-2 ] broadcast interval on the interface If the level is not specified, it defaults to setting CSNP packet broadcast interval for Level-1.
Page 579 Operation Manual – ISIS H3C S9500 Series Routing Switches Chapter 1 IS-IS Configuration Perform the following configuration in interface view to set/restore LSP packet retransmission interval: To do... Use the command... Set the retransmission interval of the isis timer retransmit seconds...
Page 580: Configuring Spf Parameters
Operation Manual – ISIS H3C S9500 Series Routing Switches Chapter 1 IS-IS Configuration 1.2.17 Setting the Age of LSPs When a router generates an LSP, it fills the maximum age into the LSP. When other routers receive this LSP, its age begins to decrease. If no updated LSP is received with the age time, this LSP will be deleted from the LSDB.
Page 581 Operation Manual – ISIS H3C S9500 Series Routing Switches Chapter 1 IS-IS Configuration To do… Use the command… Set the SPF calculation duration for each slice spf-slice-size seconds Restore the default undo spf-slice-size By default, an SPF calculation is not divided into slices but runs until it ends, which can also be implemented by setting the seconds argument to 0.
Page 582 Operation Manual – ISIS H3C S9500 Series Routing Switches Chapter 1 IS-IS Configuration To do... Use the command... Delete authentication-mode undo isis authentication-mode { simple | password md5 } By default, the interface is not configured with any authentication password nor performs authentication.
Page 583: Setting The Mesh Group Of The Interface
Operation Manual – ISIS H3C S9500 Series Routing Switches Chapter 1 IS-IS Configuration Perform the following configuration in IS-IS view to configure IS-IS to use the MD5 algorithm compatible with that of the other vendors: To do... Use the command...
Page 584: Setting Overload Flag Bit
Operation Manual – ISIS H3C S9500 Series Routing Switches Chapter 1 IS-IS Configuration 1.2.21 Setting Overload Flag Bit Sometimes, the router in the IS-IS domain may encounter some problems in operation thus errors may occur in the whole routing area. In order to avoid this problem, you can set the overload flag bit for this router.
Page 585 Operation Manual – ISIS H3C S9500 Series Routing Switches Chapter 1 IS-IS Configuration To do... Use the command... Enable the interface to send IS-IS undo silent-interface interface-type packets interface-number By default, the interface is allowed to receive and send IS-IS packets.
Page 586 Operation Manual – ISIS H3C S9500 Series Routing Switches Chapter 1 IS-IS Configuration To do... Use the command... Description display isis You can execute the Display the IS-IS graceful display command in any graceful-restart status restart status [ l1 | l2 | level-1 | level-2 ] view.
Page 587 Operation Manual – ISIS H3C S9500 Series Routing Switches Chapter 1 IS-IS Configuration 1.3 Displaying and Debugging IS-IS To do... Use the command... Remarks display isis Display the IS-IS graceful graceful-restart status Available in any view restart status [ l1 | l2 | level-1 | level-2 ]...
Page 588 Operation Manual – ISIS H3C S9500 Series Routing Switches Chapter 1 IS-IS Configuration To do... Use the command... Remarks undo debugging isis { adjacency | all | authentication-error | checksum-error | circuit-information | configuration-error | datalink-receiving-pack et | datalink-sending-packet | general-error |...
Page 589 Operation Manual – ISIS H3C S9500 Series Routing Switches Chapter 1 IS-IS Configuration [Switch A] isis [Switch A-isis] network-entity 86.0001.0000.0000.0005.00 [Switch A] interface vlan-interface 100 [Switch A-Vlan-interface100] ip address 100.10.0.1 255.255.255.0 [Switch A-Vlan-interface100] isis enable [Switch A] interface vlan-interface 101 [Switch A-Vlan-interface101] ip address 100.0.0.1 255.255.255.0...
Page 590 Operation Manual – BGP H3C S9500 Series Routing Switches Table of Contents Table of Contents Chapter 1 BGP Configuration ...................... 1-1 1.1 BGP/MBGP Overview......................1-1 1.1.1 Introduction to BGP....................1-1 1.1.2 BGP Message Types ....................1-2 1.1.3 BGP Routing Mechanism..................1-2 1.1.4 MBGP........................
Page 591: Introduction To Bgp
Operation Manual – BGP H3C S9500 Series Routing Switches Chapter 1 BGP Configuration Chapter 1 BGP Configuration When configuring BGP, go to these sections for information you are interested in: BGP/MBGP Overview Configuring BGP Displaying and Debugging BGP BGP Configuration Examples...
Page 592: Bgp Message Types
Operation Manual – BGP H3C S9500 Series Routing Switches Chapter 1 BGP Configuration BGP-4 can be extended easily to support new developments of the network. Note: CIDR handles IP addresses in an entirely new way, that is, it does not distinguish networks of Class A, Class B and Class C.
Page 593 Multiple related peers compose a peer group. I. Route advertisement policy In the implementation of the S9500 series, these policies are used by BGP when advertising routes: If there are multiple routes available, a BGP speaker only selects the optimum one.
Page 594: Bgp Peer And Peer Group
Operation Manual – BGP H3C S9500 Series Routing Switches Chapter 1 BGP Configuration inter-AS routing when used in the application of other network layer protocols (such as IPv6 etc). In order to support multiple network layer protocols, IETF extended BGP-4 and formed MBGP (Multiprotocol Extensions for BGP-4, multiple protocols extension of BGP-4).
Page 595: Configuring Bgp
II. Relationship between peer configuration and peer group configuration In S9500 series, a BGP peer must belong to a peer group. If you want to configure a BGP peer, you need first to create a peer group and then add a peer into the group.
Page 596: Enabling Bgp
Operation Manual – BGP H3C S9500 Series Routing Switches Chapter 1 BGP Configuration Others Clearing BGP Connection Refreshing BGP Routes 1.2.1 Enabling BGP To enable BGP, local AS number should be specified. After the enabling of BGP, local router listens to BGP connection requests sent by adjacent routers. To make the local router send BGP connection requests to adjacent routers, refer to the configuration of the peer command.
Page 597 Operation Manual – BGP H3C S9500 Series Routing Switches Chapter 1 BGP Configuration II. Configuring AS number of an EBGP peer group You can specify AS number for an EBGP peer group, but IBGP needs no AS number. When a peer group is specified with an AS number, all its member peers inherit the AS number.
Page 598 Operation Manual – BGP H3C S9500 Series Routing Switches Chapter 1 BGP Configuration To do... Use the command... Enable a peer/peer group peer { group-name | peer-address } enable Disable a peer/peer group undo peer { group-name | peer-address } enable By default, only BGP peer groups of IPv4 unicast address family are enabled.
Page 599 Operation Manual – BGP H3C S9500 Series Routing Switches Chapter 1 BGP Configuration To do... Use the command... peer { group-name | peer-address } Configure description of a peer (group) description description-line undo peer { group-name | Delete description of a peer (group) peer-address } description By default, no BGP peer (group) description is set.
Page 600 Operation Manual – BGP H3C S9500 Series Routing Switches Chapter 1 BGP Configuration 1.2.3 Configuring Application Features of a BGP Peer (Group) I. Configuring to permit connections with EBGP peer groups on indirectly connected networks Generally, EBGP peers must be connected physically. Otherwise the command below can be used to perform the configuration to make them communicate with each other normally.
Page 601 Operation Manual – BGP H3C S9500 Series Routing Switches Chapter 1 BGP Configuration To do... Use the command... Configure to send default route peer group-name default-route-advertise to a peer group Configure not to send default undo peer group-name default-route-advertise route to a peer group By default, a BGP speaker does not send default route to any peer group.
Page 602 Operation Manual – BGP H3C S9500 Series Routing Switches Chapter 1 BGP Configuration To do... Use the command... Remove private AS numbers while peer group-name public-as-only transmitting BGP update messages Include private AS numbers while undo peer group-name public-as-only transmitting BGP update messages By default, the private AS numbers are included during BGP update messages transmission.
Page 603 The multicast extension configured in BGP view is also available in MBGP, since they use the same TCP link. 1.2.4 Configuring Route Filtering of a Peer (Group) H3C S9500 series support filtering imported and advertised routes for peers (groups) through Route-policy, AS path list, ACL and ip prefix list. 1-13...
Page 604 Operation Manual – BGP H3C S9500 Series Routing Switches Chapter 1 BGP Configuration The route filtering policy of advertised routes configured for each member of a peer group must be same with that of the peer group but their route filtering policies of ingress routes may be different.
Page 605: Configuring Network Routes For Bgp Distribution
Operation Manual – BGP H3C S9500 Series Routing Switches Chapter 1 BGP Configuration To do... Use the command... Configure the ingress route filtering peer { group-name | peer-address } policy based on AS path list for a peer as-path-acl acl-number import...
Page 606 Operation Manual – BGP H3C S9500 Series Routing Switches Chapter 1 BGP Configuration To do... Use the command... Configure the local network route for network ip-address address-mask BGP distribution [ route-policy policy-name ] undo network ip-address Remove the local network route for BGP...
Page 607: Configuring Bgp Route Aggregation
Operation Manual – BGP H3C S9500 Series Routing Switches Chapter 1 BGP Configuration To do... Use the command... Configure to permit BGP to filter the default undo default-route imported routes of a protocol when this protocol is imported By default, BGP does not import the default routes of other protocols when BGP is importing the routes of other protocols.
Page 608: Configuring Bgp Route Filtering
Operation Manual – BGP H3C S9500 Series Routing Switches Chapter 1 BGP Configuration To do... Use the command... aggregate address mask [ as-set | attribute-policy route-policy-name | Enable local route aggregation detail-suppressed | origin-policy route-policy-name | suppress-policy route-policy-name ]* undo aggregate address mask [ as-set...
Page 609: Configuring Bgp Route Dampening
Operation Manual – BGP H3C S9500 Series Routing Switches Chapter 1 BGP Configuration To do... Use the command... undo filter-policy Cancel the filtering of the routes acl-number | ip-prefix ip-prefix-name } advertised by other routing protocols export [ routing-protocol ] By default, BGP does not receive the routing information advertised by other routing protocols.
Page 610: Configuring Bgp Preference
Operation Manual – BGP H3C S9500 Series Routing Switches Chapter 1 BGP Configuration Perform the following configuration in BGP view to enable/disable BGP route dampening: To do... Use the command... dampening [ half-life-reachable Configure BGP route half-life-unreachable reuse suppress ceiling ]...
Page 611: Configuring The Local Preference
Operation Manual – BGP H3C S9500 Series Routing Switches Chapter 1 BGP Configuration When a router establishes a BGP connection with a peer, the router will compare their holdtime values and uses the smaller time as the negotiated holdtime. If the negotiation result is 0, the router will not send Keepalive message and will not detect whether the holdtime expires.
Page 612: Comparing The Med Routing Metrics From The Peers In Different Ass
Operation Manual – BGP H3C S9500 Series Routing Switches Chapter 1 BGP Configuration Perform the following configuration in BGP view to configure/restore an MED metric for the system: To do... Use the command... Configure an MED metric for the system...
Page 613 Operation Manual – BGP H3C S9500 Series Routing Switches Chapter 1 BGP Configuration Figure 1-1 The route reflector diagram Figure 1-1, Router C is a route reflector with two peer clients: Router A and Router B. Router A sends to Router C the update packet from an external peer. Router C sends the update packet to Router B.
Page 614 Operation Manual – BGP H3C S9500 Series Routing Switches Chapter 1 BGP Configuration II. Configuring the route reflection between clients Perform the following configuration in BGP view to enable/disable route reflection between clients: To do... Use the command... Enable route reflection between clients...
Page 615 Operation Manual – BGP H3C S9500 Series Routing Switches Chapter 1 BGP Configuration topology be basically changed. Furthermore, the path selected via confederation may not be the best path if there is no manually-set BGP policy. I. Configuring confederation_ID In the eye of the BGP speakers that are not included in the confederation, multiple sub-ASs that belong to the same confederation are a whole.
Page 616: Configuring Bgp Load Balancing
Operation Manual – BGP H3C S9500 Series Routing Switches Chapter 1 BGP Configuration Perform the following configuration in BGP view to configure/cancel AS confederation attribute compatible with nonstandard: To do... Use the command... Configure AS confederation attribute confederation nonstandard compatible with nonstandard router...
Page 617 Operation Manual – BGP H3C S9500 Series Routing Switches Chapter 1 BGP Configuration As shown in Figure 1-2, Router D and Router E are IBGP peers of Router C. When Router A and Router B simultaneously advertise two routes to the same destination to...
Page 618: Clearing Bgp Connection
Operation Manual – BGP H3C S9500 Series Routing Switches Chapter 1 BGP Configuration 1.2.21 Clearing BGP Connection After the user changes BGP policy or protocol configuration, they must cut off the current connection so as to enable the new configuration.
Page 619 Operation Manual – BGP H3C S9500 Series Routing Switches Chapter 1 BGP Configuration To do... Use the command... Remarks Display BGP dampened display bgp routing-table dampened paths Display the routing display bgp routing-table peer information the specified peer-address { advertised | received }...
Page 620: Bgp Configuration Examples
Operation Manual – BGP H3C S9500 Series Routing Switches Chapter 1 BGP Configuration To do... Use the command... Remarks Enable/disable debugging [ undo ] debugging bgp all of all BGP packets Enable/disable BGP event [ undo ] debugging bgp event...
Page 621 Operation Manual – BGP H3C S9500 Series Routing Switches Chapter 1 BGP Configuration II. Network diagram A S10 0 AS1 00 1 S witch A A S10 02 Switch B 172.68.10.1 172.68.10.2 Ethernet 172.68.10.3 A S10 03 172.68.1.1 172.68.1.2 Switch C Switch D 156.10.1.1...
Page 622 Operation Manual – BGP H3C S9500 Series Routing Switches Chapter 1 BGP Configuration [Switch C-bgp] confederation id 100 [Switch C-bgp] confederation peer-as 1001 1002 [Switch C-bgp] group confed1001 external [Switch C-bgp] peer confed1001 as-number 1001 [Switch C-bgp] group confed1002 external [Switch C-bgp] peer confed1002 as-number 1002 [Switch C-bgp] peer 172.68.10.1 group confed1001...
Page 623 Operation Manual – BGP H3C S9500 Series Routing Switches Chapter 1 BGP Configuration [Switch A-bgp] peer 192.1.1.2 group ex as-number 200 Configure Switch B. # Configure VLAN 2. [Switch B] interface Vlan-interface 2 [Switch B-Vlan-interface2] ip address 192.1.1.2 255.255.255.0 # Configure VLAN 3.
Page 624: Configuring Bgp Routing
Operation Manual – BGP H3C S9500 Series Routing Switches Chapter 1 BGP Configuration Using the display bgp routing-table command, you can view the BGP routing table on Switch D. Note: Switch D also knows the existence of network 1.0.0.0. 1.4.3 Configuring BGP Routing I.
Page 625 Operation Manual – BGP H3C S9500 Series Routing Switches Chapter 1 BGP Configuration [Switch A-bgp] quit # Configure the MED attribute of Switch A. Add ACL on Switch A and permit network 1.0.0.0. [Switch A] acl number 2000 [Switch A-acl-basic-2000] rule permit source 1.0.0.0 0.255.255.255...
Page 626 Operation Manual – BGP H3C S9500 Series Routing Switches Chapter 1 BGP Configuration [Switch C-Vlan-interface5] ip address 195.1.1.2 255.255.255.0 [Switch C] ospf [Switch C-ospf-1] area 0 [Switch C-ospf-1-area-0.0.0.0] network 193.1.1.0 0.0.0.255 [Switch C-ospf-1-area-0.0.0.0] network 195.1.1.0 0.0.0.255 [Switch C] bgp 200 [Switch C-bgp] group ex external [Switch C-bgp] peer 193.1.1.1 group ex as-number 100...
Page 627: Troubleshooting Bgp
Operation Manual – BGP H3C S9500 Series Routing Switches Chapter 1 BGP Configuration [Switch C-route-policy] if-match acl 2000 [Switch C-route-policy] apply local-preference 200 [Switch C-route-policy] route-policy localpref permit node 20 [Switch C-route-policy] apply local-preference 100 [Switch C-route-policy] quit Apply this route policy to ingress traffic from BGP neighbor 193.1.1.1 (Switch A).
Page 628 Operation Manual – BGP H3C S9500 Series Routing Switches Chapter 1 BGP Configuration the interface. Consequently, the network command will fail to, or incorrectly, import routes, which can cause routing errors when some network faults exist. 1-38...
Page 629 Operation Manual – IP Route Policy H3C S9500 Series Routing Switches Table of Contents Table of Contents Chapter 1 IP Route Policy Configuration ..................1-1 1.1 Introduction to IP Route Policy ..................1-1 1.1.1 Filter ........................1-1 1.1.2 Route Policy Application ..................1-3 1.2 Configuring IP Route Policy....................
Page 630: Introduction To Ip Route Policy
1.1.1 Filter In the S9500 series, five filters, Route-policy, ACL, AS-path, Community-list, and IP-prefix, are provided to be used by the routing protocols. The following sections introduce these filters respectively.
Page 631 Operation Manual – IP Route Policy H3C S9500 Series Routing Switches Chapter 1 IP Route Policy Configuration I. ACL The access control lists (ACLs) used by route policy can be divided into the following types: Number-based basic ACLs Name-based basic ACLs...
Page 632: Route Policy Application
Operation Manual – IP Route Policy H3C S9500 Series Routing Switches Chapter 1 IP Route Policy Configuration 1.1.2 Route Policy Application Two route policy applications are as follows: When advertising/receiving routing information, the router filters the information according to the route policy, and receives or advertises the routing information which can meet the specified condition only.
Page 633 Operation Manual – IP Route Policy H3C S9500 Series Routing Switches Chapter 1 IP Route Policy Configuration To do... Use the command... route-policy route-policy-name { permit Enter Route policy view | deny } node node-number undo route-policy route-policy-name Remove the specified route-policy...
Page 634 Operation Manual – IP Route Policy H3C S9500 Series Routing Switches Chapter 1 IP Route Policy Configuration To do... Use the command... Disable matching the community undo if-match community attribute of the BGP routing information Match the destination address of the...
Page 635 Operation Manual – IP Route Policy H3C S9500 Series Routing Switches Chapter 1 IP Route Policy Configuration III. Defining apply clauses for a route-policy The apply clauses specify actions, which are the configuration commands executed after a route satisfies the filtering conditions specified by the if-match clauses. Thereby, some attributes of the route can be modified.
Page 636 Operation Manual – IP Route Policy H3C S9500 Series Routing Switches Chapter 1 IP Route Policy Configuration To do... Use the command... Set the route origin of the BGP routing apply origin { igp | egp as-number | information incomplete }...
Page 637: Configuring The As Path List
Operation Manual – IP Route Policy H3C S9500 Series Routing Switches Chapter 1 IP Route Policy Configuration Note that if more than one ip-prefix item are defined, then the match mode of at least one list item should be the permit mode. The list items of the deny mode can be firstly defined to rapidly filter the routing information not satisfying the requirement, but if all the items are in the deny mode, no route will pass the ip-prefix filtering.
Page 638 Operation Manual – IP Route Policy H3C S9500 Series Routing Switches Chapter 1 IP Route Policy Configuration To do... Use the command... Cancel a undo ip community-list { basic-comm-list-number | community-list adv-comm-list-number } By default, a BGP community attribute list is not configured.
Page 639 Operation Manual – IP Route Policy H3C S9500 Series Routing Switches Chapter 1 IP Route Policy Configuration To do... Use the command... undo filter-policy { acl-number | Cancel the filtering of the received global ip-prefix ip-prefix-name [ gateway routing information ip-prefix-name] } import II.
Page 640: Ip Route Policy Configuration Example
Operation Manual – IP Route Policy H3C S9500 Series Routing Switches Chapter 1 IP Route Policy Configuration To do… Use the command… Remarks Display the address prefix display ip ip-prefix Available in any view list information [ ip-prefix-name ] 1.4 IP Route Policy Configuration Example 1.4.1 Configuring to Filter the Received Routing Information...
Page 641 Operation Manual – IP Route Policy H3C S9500 Series Routing Switches Chapter 1 IP Route Policy Configuration [Switch A] router id 1.1.1.1 [Switch A] ospf [Switch A-ospf-1] area 0 [Switch A-ospf-1-area-0.0.0.0] network 10.0.0.0 0.255.255.255 # Redistribute the static routes. [Switch A-ospf-1] import-route static Configure Switch B.
Page 642 Operation Manual – IP Route Policy H3C S9500 Series Routing Switches Chapter 1 IP Route Policy Configuration as to let all the other routes pass the filtering (If less-equal 32 is not specified, only the default route will be matched).
Page 643 Operation Manual – Route Capacity H3C S9500 Series Routing Switches Table of Contents Table of Contents Chapter 1 Route Capacity Configuration ..................1-1 1.1 Introduction to Route Capacity ..................1-1 1.2 Route Capacity Configuration.................... 1-1 1.2.1 Route Capacity Configuration Task List..............1-1 1.2.2 Setting the Maximum Number of Route Entries Supported by the System ....
Page 644: Route Capacity Configuration
Operation Manual – Route Capacity H3C S9500 Series Routing Switches Chapter 1 Route Capacity Configuration Chapter 1 Route Capacity Configuration When configuring route capacity, go to these sections for information you are interested Introduction to Route Capacity Route Capacity Configuration Note: The term “router”...
Page 645 Operation Manual – Route Capacity H3C S9500 Series Routing Switches Chapter 1 Route Capacity Configuration 1.2.2 Setting the Maximum Number of Route Entries Supported by the System Follow these steps to set the maximum number of route entries supported by the system: To do…...
Page 646 Operation Manual – Recursive Routing H3C S9500 Series Routing Switches Table of Contents Table of Contents Chapter 1 Recursive Routing Configuration ................1-1 1.1 Recursive Routing Overview ..................... 1-1 1.2 Recursive Routing Configuration ..................1-1...
Page 647: Recursive Routing Configuration
Operation Manual – Recursive Routing H3C S9500 Series Routing Switches Chapter 1 Recursive Routing Configuration Chapter 1 Recursive Routing Configuration When configuring recursive routing, go to these sections for information you are interested in: Recursive Routing Overview Recursive Routing Configuration Note: The term “router”...
Page 648 Operation Manual H3C S9500 Series Routing Switches IP Multicast Volume Organization Manual Version T2-08165E-20081225-C-1.24 Product Version S9500-CMW310-R1648 Organization The IP Multicast Volume is organized as follows: Features (operation Description manual) The volume describes the main concepts in multicast: Multicast basics...
Page 649 Operation Manual H3C S9500 Series Routing Switches IP Multicast Volume Organization Features (operation Description manual) When users in different VLANs request the service, multicast flow is duplicated in each VLAN and thus a great deal of bandwidth is wasted. To solve this problem, you can add...
Page 650 Operation Manual – Multicast Overview H3C S9500 Series Routing Switches Table of Contents Table of Contents Chapter 1 Multicast Overview ...................... 1-1 1.1 IP Multicast Overview ......................1-1 1.1.1 Comparison of Three Information Transmission Technologies ......1-1 1.1.2 Application of Multicast ................... 1-4 1.2 Implementation of IP Multicast...................
Page 651: Ip Multicast Overview
Operation Manual – Multicast Overview H3C S9500 Series Routing Switches Chapter 1 Multicast Overview Chapter 1 Multicast Overview Note: An Ethernet switch functions as a router when it runs IP multicast protocol. The term “router” in this document refers to a router in a generic sense or a Layer 3 Ethernet switch that running the IP multicast protocol.
Page 652 Operation Manual – Multicast Overview H3C S9500 Series Routing Switches Chapter 1 Multicast Overview Host A Receiver Host B Source Host C Server Receiver Host D Receiver Packets for Host B Packets for Host D Host E Packets for Host E...
Page 653 Operation Manual – Multicast Overview H3C S9500 Series Routing Switches Chapter 1 Multicast Overview Figure 1-2 Data transmission in broadcast mode Suppose Host B, Host D and Host E need the information and the information source Server broadcasts the information through the router. User A and User C can also receive the information.
Page 654: Application Of Multicast
Operation Manual – Multicast Overview H3C S9500 Series Routing Switches Chapter 1 Multicast Overview Figure 1-3 Data transmission in multicast mode Assume that Host B, Host D and Host E need the information. To receive the information, these users need to join a receiver group. The multicast source sends only one copy of the information to the multicast group.
Page 655: Implementation Of Ip Multicast
Operation Manual – Multicast Overview H3C S9500 Series Routing Switches Chapter 1 Multicast Overview service area, such as online live show, Web TV, tele-education, telemedicine, network radio station and real-time audio/video conferencing. Multicast applications mainly include: Multimedia and streaming media application...
Page 656 Operation Manual – Multicast Overview H3C S9500 Series Routing Switches Chapter 1 Multicast Overview Table 1-1 Ranges and meanings of Class D addresses Class D address range Description Reserved multicast addresses (permanent 224.0.0.0 to 224.0.0.255 multicast addresses). All but 224.0.0.0 are assigned to routing protocols.
Page 657: Ip Multicast Protocols
Operation Manual – Multicast Overview H3C S9500 Series Routing Switches Chapter 1 Multicast Overview II. Ethernet multicast MAC addresses When a unicast IP packet is transmitted on an Ethernet, the destination MAC address is the MAC address of the receiver. However, for a multicast packet, the destination is no longer a specific receiver but a group with unspecific members.
Page 658 Operation Manual – Multicast Overview H3C S9500 Series Routing Switches Chapter 1 Multicast Overview Figure 1-5 Positions of Layer 3 multicast protocols Multicast group management protocols Internet Group Management Protocol (IGMP) is the IPv4 multicast group management protocol, which runs between receiver hosts and routers directly connected with receivers.
Page 659: Rpf Mechanism For Ip Multicast Packets
Operation Manual – Multicast Overview H3C S9500 Series Routing Switches Chapter 1 Multicast Overview For the SSM model, multicast routes are not divided into inter-domain routes and intra-domain routes. Because receivers are aware of the position of the multicast source, dedicated multicast forwarding paths are established through PIM-SM for multicast transmission.
Page 660 Operation Manual – Multicast Overview H3C S9500 Series Routing Switches Chapter 1 Multicast Overview mechanism is the basis for most multicast routing protocols to perform multicast forwarding, and is known as Reverse Path Forwarding (RPF) check. A multicast router uses the source address of a received multicast packet to query the unicast routing table or the independent multicast routing table to determine that the receiving interface is on the shortest path from the receiving station to the source.
Page 661 Operation Manual – Common Multicast H3C S9500 Series Routing Switches Table of Contents Table of Contents Chapter 1 Common Multicast Configuration................1-1 1.1 Introduction to Common Multicast Configuration............... 1-1 1.2 Common Multicast Configuration..................1-1 1.2.1 Enabling Multicast Routing..................1-1 1.2.2 Configuring the Capacity Threshold for a Multicast Routing Table......1-2 1.2.3 Clearing MFC Forwarding Entries or Its Statistic Information.........
Page 662: Introduction To Common Multicast Configuration
Operation Manual – Common Multicast H3C S9500 Series Routing Switches Chapter 1 Common Multicast Configuration Chapter 1 Common Multicast Configuration 1.1 Introduction to Common Multicast Configuration The multicast common configuration is for both the multicast group management protocol and the multicast routing protocol. The configuration includes enabling IP multicast routing, displaying multicast routing table and multicast forwarding table, etc.
Page 663: Clearing Mfc Forwarding Entries Or Its Statistic Information
Operation Manual – Common Multicast H3C S9500 Series Routing Switches Chapter 1 Common Multicast Configuration 1.2.2 Configuring the Capacity Threshold for a Multicast Routing Table A limit setting to the capacity of a multicast routing table can prevent the router memory from being exhausted by overuse.
Page 664: Clearing Route Entries From The Core Multicast Routing Table
Operation Manual – Common Multicast H3C S9500 Series Routing Switches Chapter 1 Common Multicast Configuration To do... Use the command... Clear MFC reset multicast forwarding-table [ statistics ] { all | forwarding { group-address [ mask { group-mask | group-mask-length } ] |...
Page 665: Displaying And Maintaining Common Multicast Configuration
Operation Manual – Common Multicast H3C S9500 Series Routing Switches Chapter 1 Common Multicast Configuration Caution: You cannot enable both broadcast suppression and multicast suppression simultaneously on the same card (broadcast suppression is enabled by default). Namely, once you have enabled broadcast suppression on some ports of a card, you cannot enable multicast suppression on the other ports of the card, and vice versa.
Page 666 Operation Manual – Common Multicast H3C S9500 Series Routing Switches Chapter 1 Common Multicast Configuration To do... Use the command... Remarks Enable multicast forwarding debugging multicast Available in status debugging user view status-forwarding Disable multicast forwarding undo debugging multicast Available in...
Page 667 Operation Manual – IGMP Snooping H3C S9500 Series Routing Switches Table of Contents Table of Contents Chapter 1 IGMP Snooping Configuration ................... 1-1 1.1 IGMP Snooping Overview ....................1-1 1.1.1 IGMP Snooping Principle ..................1-1 1.1.2 IGMPv3 Snooping ....................1-2 1.1.3 Implementing IGMP Snooping ................
Page 668: Igmp Snooping Overview
Operation Manual – IGMP Snooping H3C S9500 Series Routing Switches Chapter 1 IGMP Snooping Configuration Chapter 1 IGMP Snooping Configuration When configuring IGMP Snooping, go to the following sections for the information you are interested in: IGMP Snooping Overview IGMP Snooping Configuration Tasks...
Page 669: Igmpv3 Snooping
Note: S9500 series switches support IGMPv1 and IGMPv2, but they do not support IGMPv3 currently. IGMP queries fall into general queries and group-specific queries. This section mainly introduces IGMPv3 messages that are different from in IGMPv2.
Page 670 Operation Manual – IGMP Snooping H3C S9500 Series Routing Switches Chapter 1 IGMP Snooping Configuration The size of an IGMPv2 group-specific query is eight bytes and that of an IGMPv3 general query is equal to or greater than twelve bytes.
Page 671 Operation Manual – IGMP Snooping H3C S9500 Series Routing Switches Chapter 1 IGMP Snooping Configuration type = 0x16 type = 0x16 type = 0x22 type = 0x22 0x00 0x00 Reserved Reserved Checksum Checksum Checksum Checksum Record Type Record Type Group Address...
Page 672 Operation Manual – IGMP Snooping H3C S9500 Series Routing Switches Chapter 1 IGMP Snooping Configuration MAC multicast group: The multicast group is identified by MAC multicast address and maintained by the Ethernet switch. Router port aging time: Time set on the router port aging timer. If the switch has not received any IGMP general query message when the timer expires, it considers the port no longer as a router port.
Page 673 Operation Manual – IGMP Snooping H3C S9500 Series Routing Switches Chapter 1 IGMP Snooping Configuration If the corresponding MAC multicast group exists but does not contain the port received the report message, the switch adds the port into the multicast group and starts the port aging timer.
Page 674: Enabling Igmp Snooping
Operation Manual – IGMP Snooping H3C S9500 Series Routing Switches Chapter 1 IGMP Snooping Configuration 1.2.1 Enabling IGMP Snooping You can control the creation and maintenance of MAC multicast tables at Layer 2 by enabling IGMP Snooping. I. Configuration prerequisites Make sure Layer 2 and Layer 3 multicast protocols are not enabled in the same VLAN or on the same VLAN interface.
Page 675: Configuring Igmp Snooping Parameters
Operation Manual – IGMP Snooping H3C S9500 Series Routing Switches Chapter 1 IGMP Snooping Configuration 1.2.2 Configuring IGMP Snooping Parameters IGMP Snooping parameters include: Router port aging time Maximum response time Multicast group member port aging time I. Configuration prerequisites IGMP Snooping is enabled globally.
Page 676 Operation Manual – IGMP Snooping H3C S9500 Series Routing Switches Chapter 1 IGMP Snooping Configuration II. Configuration procedure Follow these steps to disable flooding of unknown multicast packets in the VLAN on a general board: To do... Use the command...
Page 677 Operation Manual – IGMP Snooping H3C S9500 Series Routing Switches Chapter 1 IGMP Snooping Configuration Caution: If the ACL applied to a VLAN does not exist or contain any rule, the host cannot join any multicast group. The rules of the ACL for filtering multicast groups are not limited by the ACL. This function applies to all the members in the specified VLAN.
Page 678 Operation Manual – IGMP Snooping H3C S9500 Series Routing Switches Chapter 1 IGMP Snooping Configuration Caution: The fast leave function cannot take effect if the specified VLAN does not exist, the port does not belong to the specified VLAN, or IGMP Snooping is not enabled in the VLAN.
Page 679: Static Router Port Configuration
Operation Manual – IGMP Snooping H3C S9500 Series Routing Switches Chapter 1 IGMP Snooping Configuration IGMP query messages are continually forwarded to other ports of Switch A, devices attached to these ports keep responding to the queries, thus affecting the operation of normal services.
Page 680 Operation Manual – IGMP Snooping H3C S9500 Series Routing Switches Chapter 1 IGMP Snooping Configuration To do... Use the command... Remarks The port-number argument is in the format of interface-type interface-number, where the multicast Configure a static interface-type argument can only...
Page 681 Operation Manual – IGMP Snooping H3C S9500 Series Routing Switches Chapter 1 IGMP Snooping Configuration Caution: You will fail to configure a port to be a static router port if the port identified by the port-number argument does not exist, or the port does not belong to the VLAN.
Page 682 Operation Manual – IGMP Snooping H3C S9500 Series Routing Switches Chapter 1 IGMP Snooping Configuration To do... Use the command... Remarks Enable IGMP Snooping igmp-snooping enable Required Enable IGMP Snooping igmp-snooping Required non-flooding nonflooding-enable Optional Configure aging time point igmp-snooping...
Page 683 Operation Manual – IGMP Snooping H3C S9500 Series Routing Switches Chapter 1 IGMP Snooping Configuration Configuring the interval at which the IGMP Snooping querier sends general queries in a VLAN Configuring a maximum response time of IGMP general queries in a VLAN...
Page 684 IGMP reports for the same multicast group to the Layer 3 device. This helps reduce the traffic over the network. Note: Currently, S9500 series switches do not support suppression of IGMPv3 report messages. The IGMP report relay suppression feature is effective only for a VLAN with IGMP Snooping enabled.
Page 685 Layer 2 multicast devices are cascaded or connected in a ring, IGMP leave relay may cause mutual influence between multicast streams on different devices. To address this problem, the S9500 series switches provide an IGMP leave relay suppression mechanism. In a cascaded or ring network, IGMP leave messages are suppressed in IGMP Snooping–enabled VLANs to eliminate influence on multicast...
Page 686 Operation Manual – IGMP Snooping H3C S9500 Series Routing Switches Chapter 1 IGMP Snooping Configuration Note: Currently, S9500 series switches do not support suppression of IGMPv3 leave messages. The IGMP leave relay suppression feature is effective only for a VLAN with IGMP Snooping enabled.
Page 687 Operation Manual – IGMP Snooping H3C S9500 Series Routing Switches Chapter 1 IGMP Snooping Configuration 1.2.12 Multicast Forwarding on Demand I. Overview Figure 1-6 Network diagram for multicast forwarding on demand As shown in Figure 1-6, Switch A and Switch B are connected through a trunk link, which allows packets of VLAN 9 through VLAN 12 to pass.
Page 688: Displaying And Maintaining Igmp Snooping
Operation Manual – IGMP Snooping H3C S9500 Series Routing Switches Chapter 1 IGMP Snooping Configuration To do... Use the command... Remarks Enter system view system-view — Required Enable IGMP snooping igmp-snooping enable This function is disabled by default. Required Enable the IGMP...
Page 689: Igmp Snooping Configuration Example
Figure 1-7, Router A connects to the multicast source (Source in the figure) through Ethernet 1/1/2 and to Switch A (an S9500 series switch) through Ethernet 1/1/1. IGMPv2 is required between Router A and Switch A, IGMP Snooping is required on Switch A, and PIM-DM is required on Router A.
Page 690: Troubleshooting Igmp Snooping
Operation Manual – IGMP Snooping H3C S9500 Series Routing Switches Chapter 1 IGMP Snooping Configuration [RouterA-Ethernet1/1/1] igmp version 2 [RouterA-Ethernet1/1/1] pim dm [RouterA-Ethernet1/1/1] quit [RouterA] interface ethernet 1/1/2 [RouterA-Ethernet1/1/2] pim dm [RouterA-Ethernet1/1/2] quit Note: The configuration on Router A given above is for reference only and may differ from the actual configuration on your devices.
Page 691 Operation Manual – IGMP Snooping H3C S9500 Series Routing Switches Chapter 1 IGMP Snooping Configuration If the multicast group created by IGMP Snooping is not correct, contact maintenance personnel for help. Continue with diagnosis 3 if the second step is completed.
Page 692 Operation Manual – IGMP H3C S9500 Series Routing Switches Table of Contents Table of Contents Chapter 1 IGMP Configuration ..................... 1-1 1.1 IGMP Overview........................1-1 1.2 IGMP Proxy........................1-2 1.2.1 Introduction to IGMP Proxy ..................1-2 1.2.2 IGMP Proxy Configuration ..................1-4 1.3 IGMP Configuration ......................
Page 693: Igmp Overview
Operation Manual – IGMP H3C S9500 Series Routing Switches Chapter 1 IGMP Configuration Chapter 1 IGMP Configuration When configuring IGMP, go to the following sections for the information you are interested in: IGMP Overview IGMP Proxy IGMP Configuration Displaying and Maintaining IGMP IGMP Configuration Examples 1.1 IGMP Overview...
Page 694: Igmp Proxy
Operation Manual – IGMP H3C S9500 Series Routing Switches Chapter 1 IGMP Configuration membership query messages. In this case, the router election mechanism is required to specify a router as the querier. In IGMP Version 1, selection of the querier is determined by the multicast routing protocol.
Page 695 Operation Manual – IGMP H3C S9500 Series Routing Switches Chapter 1 IGMP Configuration I. Configuration description Figure 1-1 A schematic diagram of IGMP proxy Figure 1-1 illustrates how IGMP proxy works. Switch B is configured as follows: Multicast is enabled.
Page 696 Operation Manual – IGMP H3C S9500 Series Routing Switches Chapter 1 IGMP Configuration After receiving a normal group or a specific group querying message from Switch A, Switch B changes the source address of the querying message to the address of the outbound interface leading to hosts.
Page 697: Igmp Configuration
Operation Manual – IGMP H3C S9500 Series Routing Switches Chapter 1 IGMP Configuration 1.3 IGMP Configuration Caution: After multicast routing is enabled, you must enable IGMP on the interface before you can perform other IGMP configurations. 1.3.1 IGMP Basic Configuration...
Page 698: Igmp Advanced Configuration
Operation Manual – IGMP H3C S9500 Series Routing Switches Chapter 1 IGMP Configuration Caution: If the VLAN VPN is enabled on a port, the IGMP Snooping feature cannot be enabled on the VLAN to which the port belongs, and the IGMP feature cannot be enabled on the corresponding interface either.
Page 699 { 1 | 2 } Restore the default setting undo igmp version The default IGMP version is version 2 on S9500 series switches. Caution: The system does not support automatic switching between different IGMP versions. Therefore, all devices on a subnet must be configured to run the same IGMP version.
Page 700 Operation Manual – IGMP H3C S9500 Series Routing Switches Chapter 1 IGMP Configuration Caution: The newly configured IGMP query interval has effect on those multicast groups that receive new reports after this configuration. Other multicast groups do not conform to the new aging time until they receive new reports.
Page 701 Operation Manual – IGMP H3C S9500 Series Routing Switches Chapter 1 IGMP Configuration By default, the interval is 1 second. Configuring the times of sending IGMP group-specific queries Perform the following configuration to configure the times of sending IGMP group-specific queries in VLAN interface view: To do...
Page 702 Operation Manual – IGMP H3C S9500 Series Routing Switches Chapter 1 IGMP Configuration Perform the following configuration to configure the maximum response time for IGMP query message in interface view: To do... Use the command... Configure the maximum response time...
Page 703 Operation Manual – IGMP H3C S9500 Series Routing Switches Chapter 1 IGMP Configuration interface receives IGMP query packet, the router will respond, thus ensuring that the network segment where the interface located can normally receive multicast packets. For an Ethernet switch, you can configure a port in a switch interface to join a multicast group.
Page 704 Operation Manual – IGMP H3C S9500 Series Routing Switches Chapter 1 IGMP Configuration Perform the following configuration to delete multicast groups joined on an interface in user view: To do... Use the command... Delete multicast groups reset igmp group { all | interface vlan-interface...
Page 705 Operation Manual – IGMP H3C S9500 Series Routing Switches Chapter 1 IGMP Configuration Caution: If an inexistent ACL is bound to the VLAN, or if the bound ACL is not configured with a rule, a host is not allowed to join any multicast group.
Page 706: Displaying And Maintaining Igmp
Operation Manual – IGMP H3C S9500 Series Routing Switches Chapter 1 IGMP Configuration Caution: If the specified VLANs do not exists, the port does not belongs to any of the specified VLANs, or the VLANs do not have IGMP enabled, you can still configure the fast leave feature, but the configuration will not take effect.
Page 707 Operation Manual – IGMP H3C S9500 Series Routing Switches Chapter 1 IGMP Configuration Enable IGMP and PIM-DM for the related VLAN interfaces on Switch A. Enable multicast on Switch B. Enable PIM for the interfaces of VLAN 100 and VLAN 200. Configure VLAN-interface 100 as the proxy interface of VLAN-interface 200.
Page 708 Operation Manual – IGMP H3C S9500 Series Routing Switches Chapter 1 IGMP Configuration [SwitchB] interface vlan-interface 100 [SwitchB-Vlan-interface 100] ip address 33.33.33.2 24 [SwitchB-Vlan-interface 100] igmp enable [SwitchB-Vlan-interface 100] pim dm [SwitchB-Vlan-interface 100] quit # Configure VLAN-interface 100 to be the IGMP proxy interface of VLAN-interface 200.
Page 709 Operation Manual – PIM H3C S9500 Series Routing Switches Table of Contents Table of Contents Chapter 1 PIM-DM Configuration ....................1-1 1.1 PIM-DM Overview......................1-1 1.1.1 Introduction to PIM-DM ................... 1-1 1.1.2 PIM-DM Working Principle ..................1-1 1.2 PIM-DM Configuration ....................... 1-3 1.2.1 Enabling Multicast Routing..................
Page 710 Operation Manual – PIM H3C S9500 Series Routing Switches Table of Contents 2.2.16 Configuring SSM Mapping .................. 2-11 2.2.17 Clearing Multicast Route Entries from PIM Routing Table ......... 2-12 2.2.18 Clearing PIM Neighbors ..................2-12 2.3 Displaying and Maintaining PIM-SM................2-12...
Page 711 Operation Manual – PIM H3C S9500 Series Routing Switches Chapter 1 PIM-DM Configuration Chapter 1 PIM-DM Configuration When configuring PIM-DM, go to the following sections for the information you are interested in: PIM-DM Overview PIM-DM Configuration Displaying and Debugging PIM-DM PIM-DM Configuration Example 1.1 PIM-DM Overview...
Page 712 Operation Manual – PIM H3C S9500 Series Routing Switches Chapter 1 PIM-DM Configuration This process is called “flood & prune” process. In addition, nodes that are pruned provide timeout mechanism. Each router re-starts the “flood & prune” process upon pruning timeout. The “flood & prune” process of PIM-DM is performed periodically.
Page 713 If there is a tie in route metric to the source, the router with a higher IP address of the local interface wins. Note: Currently the assert mechanism is not supported on H3C S9500 series routing switches. IV. Graft When the pruned downstream node needs to be restored to the forwarding state, the node will send a graft packet to inform the upstream node.
Page 714 Operation Manual – PIM H3C S9500 Series Routing Switches Chapter 1 PIM-DM Configuration Perform the following operations in VLAN interface view to enable/disable PIM-DM: To do... Use the command... Enable PIM-DM on an interface pim dm Disable PIM-DM on an interface undo pim dm It’s recommended to configure PIM-DM on all interfaces in non-special cases.
Page 715 Operation Manual – PIM H3C S9500 Series Routing Switches Chapter 1 PIM-DM Configuration Perform the following operations to enter PIM view or return to system view: To do... Use the command... Enter PIM view Clear the configuration performed in PIM view and...
Page 716 Operation Manual – PIM H3C S9500 Series Routing Switches Chapter 1 PIM-DM Configuration 1.2.7 Configuring the Maximum Number of PIM Neighbors on an Interface The maximum number of PIM neighbors of a router interface can be configured to avoid exhausting the memory of the router or router faults. The maximum number of PIM neighbors of a router is defined by the system, and is not open for modification.
Page 717 Operation Manual – PIM H3C S9500 Series Routing Switches Chapter 1 PIM-DM Configuration 1.3 Displaying and Debugging PIM-DM To do... Use the command... Remarks display pim routing-table [ { { *g [ group-address [ mask { mask-length | mask } ] ] | **rp [ rp-address [ mask...
Page 718 Operation Manual – PIM H3C S9500 Series Routing Switches Chapter 1 PIM-DM Configuration Switch A connects to the network that comprises the multicast source through VLAN-interface 300; Switch B connects to N1 through VLAN-interface 100; Switch C connects to N2 through VLAN-interface 200.
Page 719 Operation Manual – PIM H3C S9500 Series Routing Switches Chapter 1 PIM-DM Configuration <SwitchB> system-view [SwitchB] multicast routing-enable [SwitchB] interface vlan-interface 100 [SwitchB-Vlan-interface100] igmp enable [SwitchB-Vlan-interface100] pim dm [SwitchBA-Vlan-interface100] quit [SwitchB] interface vlan-interface 103 [SwitchB-Vlan-interface103] pim dm [SwitchB-Vlan-interface103] return The configuration on Switch C is similar to that on Switch B.
Page 720 Operation Manual – PIM H3C S9500 Series Routing Switches Chapter 2 PIM-SM Configuration Chapter 2 PIM-SM Configuration When configuring PIM-SM, go to the following sections for the information you are interested in: PIM-SM Overview PIM-SM Configuration Displaying and Maintaining PIM-SM PIM-SM Configuration Example 2.1 PIM-SM Overview...
Page 721 Operation Manual – PIM H3C S9500 Series Routing Switches Chapter 2 PIM-SM Configuration I. RPT building When hosts join a multicast group G, the designated routers (DRs) connecting with the hosts send IGMP messages to learn the receivers of multicast group G. In this way, the leaf routers calculate the corresponding RP for multicast group G and then send join messages to the node of the next level toward the RP.
Page 722 Operation Manual – PIM H3C S9500 Series Routing Switches Chapter 2 PIM-SM Configuration 2.1.3 Configuration Prerequisites I. Configuring candidate RPs In a PIM-SM network, multiple candidate-RPs (C-RPs) can be configured. Each C-RP is responsible for forwarding multicast packets with the destination addresses in a certain range.
Page 723 Operation Manual – PIM H3C S9500 Series Routing Switches Chapter 2 PIM-SM Configuration 2.2 PIM-SM Configuration Basic PIM-SM configuration includes: Enabling Multicast Routing Enabling PIM-SM Configuring the Hello Interval Configuring Candidate-BSRs Configuring Candidate-RPs Configuring a Static RP Advanced PIM-SM configuration includes:...
Page 724 Operation Manual – PIM H3C S9500 Series Routing Switches Chapter 2 PIM-SM Configuration Repeat the pim sm command to enable PIM-SM on other interfaces. Only one multicast routing protocol can be enabled on an interface at a time. Once PIM-SM is enabled on an interface, PIM-DM cannot be enabled on the same interface and vice versa.
Page 725 Operation Manual – PIM H3C S9500 Series Routing Switches Chapter 2 PIM-SM Configuration Candidate-BSRs should be configured on the routers in the backbone network. By default, no BSR is set. The default priority is 0. Caution: One router can only be configured with one candidate-BSR. When a candidate-BSR is configured on another interface, it will replace the previous one.
Page 726 Operation Manual – PIM H3C S9500 Series Routing Switches Chapter 2 PIM-SM Configuration To do... Use the command... Remarks Enter system view system-view — Enter PIM view — Configure static RP static-rp rp-address [ acl-number ] Required Caution: When the RP elected by BSR mechanism is effective, static RP does not work.
Page 727 Operation Manual – PIM H3C S9500 Series Routing Switches Chapter 2 PIM-SM Configuration Refer to section 1.2.7 “Configuring the Maximum Number of PIM Neighbors on an Interface”. 2.2.11 Configuring Filtering of the Register Messages from DRs In the PIM-SM network, the register message filtering mechanism can control sources to send messages to groups on the RP, i.e., the RP can filter the register messages...
Page 728 Operation Manual – PIM H3C S9500 Series Routing Switches Chapter 2 PIM-SM Configuration Configure at least one PIM-SM interface. Caution: Aging time of PIM-SM routing table entries needs to be configured only when necessary; otherwise, some routing entries may be deleted by mistake.
Page 729 Operation Manual – PIM H3C S9500 Series Routing Switches Chapter 2 PIM-SM Configuration Caution: If you need to configure the aging time of PIM-SM routing table entries on the RP, do it according to the number of PIM-SM routing table entries. A larger number of entries requires a longer aging time, the minimum aging time must not be smaller than the register suppression period (60 seconds) of PIM-SM;...
Page 730: Configuring Ssm Mapping
RPT to SPT, which is the shortest forwarding path. If an S9500 series routing switch acts as the receiver-side DR, it initiates an RPT-to-SPT switchover process (by default) upon receiving the first multicast packet along the RPT.
Page 731: Clearing Multicast Route Entries From Pim Routing Table
Operation Manual – PIM H3C S9500 Series Routing Switches Chapter 2 PIM-SM Configuration To do… Use the command… Remarks Required Configure an ssm-mapping group-address SSM mapping { mask | mask-length } No SSM mapping is configured rule source-address by default.
Page 732 Operation Manual – PIM H3C S9500 Series Routing Switches Chapter 2 PIM-SM Configuration To do... Use the command... Remarks debugging pim sm { all | mbr { alert | fresh } | verbose | mrt | msdp | timer Enable the PIM-SM...
Page 733 Operation Manual – PIM H3C S9500 Series Routing Switches Chapter 2 PIM-SM Configuration II. Network diagram Receiver Host A Vlan-int101 Switch B Host B Receiver Vlan-int104 Source Host C Switch A Vlan-int102 PIM-SM Switch C Host D Device Interface IP address...
Page 734 Operation Manual – PIM H3C S9500 Series Routing Switches Chapter 2 PIM-SM Configuration [SwitchA-LoopBack0] pim sm # Enable PIM-SM on all VLAN interfaces. [SwitchA] interface vlan-interface 104 [SwitchA-Vlan-interface104] pim sm [SwitchA-Vlan-interface104] quit [SwitchA] interface vlan-interface 10 [SwitchA-Vlan-interface10] pim sm [SwitchA-Vlan-interface10] quit...
Page 735 Operation Manual – PIM H3C S9500 Series Routing Switches Chapter 2 PIM-SM Configuration [SwitchC-Vlan-interface102] igmp enable [SwitchC-Vlan-interface102] quit [SwitchC] interface vlan-interface 20 [SwitchC-Vlan-interface20] pim sm [SwitchC-Vlan-interface20] quit [SwitchC] interface vlan-interface 30 [SwitchC-Vlan-interface30] pim sm Note: You should enable PIM-SM on all interfaces with equal-cost routes, if any.
Page 736 Operation Manual – Multicast VLAN H3C S9500 Series Routing Switches Table of Contents Table of Contents Chapter 1 Multicast VLAN Configuration..................1-1 1.1 Multicast VLAN Overview ....................1-1 1.2 Configuring Multicast VLAN....................1-1 1.3 Multicast VLAN Configuration Examples................1-2 1.4 Introduction to Multicast VLAN PLUS ................1-4 1.5 Configuring Multicast VLAN PLUS ..................
Page 737: Multicast Vlan Overview
Operation Manual – Multicast VLAN H3C S9500 Series Routing Switches Chapter 1 Multicast VLAN Configuration Chapter 1 Multicast VLAN Configuration When configuring IGMP Snooping, go to the following sections for the information you are interested in: Multicast VLAN Overview Configuring Multicast VLAN...
Page 738: Multicast Vlan Configuration Examples
Operation Manual – Multicast VLAN H3C S9500 Series Routing Switches Chapter 1 Multicast VLAN Configuration To do… Use the command… Remarks Define the port type to hybrid port link-type hybrid Required port hybrid vlan Add the port to corresponding VLANs...
Page 739 Operation Manual – Multicast VLAN H3C S9500 Series Routing Switches Chapter 1 Multicast VLAN Configuration III. Configuration procedure Configure Switch A # Configure the IP address of VLAN-interface 2 as 168.10.1.1/24. Enable the PIM-DM protocol. <SwitchA> system-view System View: return to User View with Ctrl+Z.
Page 740 Operation Manual – Multicast VLAN H3C S9500 Series Routing Switches Chapter 1 Multicast VLAN Configuration # Configure VLAN 10 as multicast VLAN. Enable IGMP Snooping. [SwitchB] vlan 10 [SwitchB-vlan10] igmp-snooping enable [SwitchB-vlan10] service-type multicast [SwitchB-vlan10] quit # Define Ethernet 1/1/10 as a trunk port and add the port to VLAN 10.
Page 741 Operation Manual – Multicast VLAN H3C S9500 Series Routing Switches Chapter 1 Multicast VLAN Configuration To address this situation, the multicast VLAN PLUS feature was developed, which provides a user interface for Layer 2 multicast configuration while supporting Layer 3 multicast forwarding.
Page 742 Operation Manual – Multicast VLAN H3C S9500 Series Routing Switches Chapter 1 Multicast VLAN Configuration Note: A multicast VLAN interconnects with Layer 3 devices. Sub-VLANs are connected with users. The device supports up to five multicast VLANs. The device supports up to 64 sub-VLANs for a multicast VLAN.
Page 743 Operation Manual – Multicast VLAN H3C S9500 Series Routing Switches Chapter 1 Multicast VLAN Configuration II. Network diagram Eth1/1/1 Switch A Eth1/1/ 10 WorkStation Eth1/1/ 10 Switch B Eth1/1/1 Eth1/1/2 Receiver Receiver VLAN 20 VLAN 30 Figure 1-2 Network diagram for multicast VLAN PLUS configuration III.
Page 744 Operation Manual – Multicast VLAN H3C S9500 Series Routing Switches Chapter 1 Multicast VLAN Configuration # Enabling IGMP snooping. <SwitchB> system-view System View: return to User View with Ctrl+Z. [SwitchB] igmp-snooping enable [SwitchB] vlan 10 20 30 # Configure VLAN 10 as a multicast VLAN and enable IGMP Snooping.
Page 745 Operation Manual – Multicast VLAN H3C S9500 Series Routing Switches Chapter 1 Multicast VLAN Configuration To do… Use the command… Remarks Enter system view system-view — Enter Ethernet port interface interface-type view/RPR logical port Required interface-number view Required Disable layer-3 multicast...
Page 746 Operation Manual – MSDP H3C S9500 Series Routing Switches Table of Contents Table of Contents Chapter 1 MSDP Configuration....................1-1 1.1 MSDP Overview......................... 1-1 1.1.1 Introduction......................1-1 1.1.2 Working Principle ....................1-2 1.2 MSDP Configuration ......................1-4 1.2.1 Enabling MSDP ....................... 1-4 1.2.2 Configuring MSDP Peers ..................
Page 747: Msdp Overview
Operation Manual – MSDP H3C S9500 Series Routing Switches Chapter 1 MSDP Configuration Chapter 1 MSDP Configuration When configuring MSDP, go to these sections for information you are interested in: MSDP Overview MSDP Configuration Displaying and Maintaining MSDP MSDP Configuration Examples 1.1 MSDP Overview...
Page 748: Working Principle
Operation Manual – MSDP H3C S9500 Series Routing Switches Chapter 1 MSDP Configuration By initiating registration and RPT joining to the nearest RP, MSDP implements RP load sharing. Once an RP turns invalid, its original registered source and receivers will select another nearest RP, implementing redundant RP backup.
Page 749 Operation Manual – MSDP H3C S9500 Series Routing Switches Chapter 1 MSDP Configuration message. Besides, the RP in domain 1 encapsulates the first received multicast data into this SA message. If there is any group member in the domain of an MSDP peer (in the figure, it is PIM-SM domain 3), the RP in this domain sends the multicast data encapsulated in the SA message to group members along the RPT and the join message to multicast source.
Page 750: Msdp Configuration
Operation Manual – MSDP H3C S9500 Series Routing Switches Chapter 1 MSDP Configuration If the SA message is sent from a MSDP peer in the same domain, and the peer is the next hop along the optimal path to the RP in the domain of source, it is received and forwarded to other peers (for example, from Switch E to Switch F).
Page 751: Configuring Msdp Peers
Operation Manual – MSDP H3C S9500 Series Routing Switches Chapter 1 MSDP Configuration 1.2.2 Configuring MSDP Peers To run MSDP, you need to configure MSDP peers locally. Perform the following operations in MSDP view to configure MSDP peers: To do...
Page 752: Configuring Originating Rp
Operation Manual – MSDP H3C S9500 Series Routing Switches Chapter 1 MSDP Configuration Using rp-policy parameters universally: Multiple static RPF peers take effect at the same time and SA messages are filtered by the RP addresses contained according to the configured prefix list. If multiple static RPF peers using the same rp-policy parameter are configured, any peer that receives an SA message will forward it to the other peers.
Page 753: Configuring The Maximum Number Of Sa Caching
Operation Manual – MSDP H3C S9500 Series Routing Switches Chapter 1 MSDP Configuration 1.2.6 Configuring the Maximum Number of SA Caching To prevent Deny of Service (DoS) attacks, you can set the maximum number of SAs cached on the router.
Page 754: Controlling The Source Information Forwarded
Operation Manual – MSDP H3C S9500 Series Routing Switches Chapter 1 MSDP Configuration qualified (S, G) entries in the multicast routing table when creating SA messages, that is, to control the (S,G) entries imported from the multicast routing table to the domain.
Page 755: Controlling The Received Source Information
Operation Manual – MSDP H3C S9500 Series Routing Switches Chapter 1 MSDP Configuration Filtering off all the (S, G) entries Forwarding only the SA messages permitted by the advanced ACL Perform the following operations in MSDP view to use MSDP outbound filter to control the source information forwarded: To do...
Page 756: Configuring Msdp Mesh Group
Operation Manual – MSDP H3C S9500 Series Routing Switches Chapter 1 MSDP Configuration To do... Use the command... Receive the SA messages permitted by the peer peer-address sa-policy import advanced ACL from a specified MSDP peer acl acl-number Remove the filtering rule over received...
Page 757: Shutting Msdp Peers Down
Operation Manual – MSDP H3C S9500 Series Routing Switches Chapter 1 MSDP Configuration 1.2.13 Shutting MSDP Peers Down The session between MSDP peers can be cut off and re-activated as needed. If a session between MSDP peers is cut off, the TCP connection will terminate with no retry effort, but the configuration information will be reserved.
Page 758: Msdp Configuration Examples
Operation Manual – MSDP H3C S9500 Series Routing Switches Chapter 1 MSDP Configuration To do... Use the command... Remarks debugging msdp { all | connect | Available in Enable MSDP debugging event | packet | source-active } user view Caution: The display msdp sa-count command give output only after the cache-sa-enable command is executed.
Page 759 Operation Manual – MSDP H3C S9500 Series Routing Switches Chapter 1 MSDP Configuration After the configuration is complete, Switch D will only receive SA messages permitted by the corresponding filtering policy from its static RPF peers. II. Network diagram PIM-SM 1 10.1.1.1...
Page 760: Configuring Anycast Rp
Operation Manual – MSDP H3C S9500 Series Routing Switches Chapter 1 MSDP Configuration [SwitchD] msdp [SwitchD-msdp] peer 10.25.1.1 connect-interface Vlan-interface30 [SwitchD-msdp] static-rpf-peer 10.25.1.1 rp-policy list-c 1.4.2 Configuring Anycast RP I. Network requirements To configure Anycast RP in the PIM-SM domain, establish MSDP peer relationship between Switch A and Switch B;...
Page 761 Operation Manual – MSDP H3C S9500 Series Routing Switches Chapter 1 MSDP Configuration [SwitchB-vlan10] port ethernet1/1/2 [SwitchB-vlan10] quit [SwitchB] vlan 20 [SwitchB-vlan20] port ethernet1/1/3 [SwitchB-vlan20] quit # Enable multicast routing. [SwitchB] multicast routing-enable # Configure the IP address of interface Loopback 0.
Page 762 Operation Manual – MSDP H3C S9500 Series Routing Switches Chapter 1 MSDP Configuration [SwitchB-ospf-1] quit # Configure Switch A as its MSDP peer. [SwitchB] msdp [SwitchB-msdp] peer 10.21.1.1 connect-interface loopback 0 # Configure Originating RP. [SwitchB-msdp] originating-rp loopback0 [SwitchB-msdp] quit # Configure C-RP and BSR.
Page 763: Msdp Integrated Networking
Operation Manual – MSDP H3C S9500 Series Routing Switches Chapter 1 MSDP Configuration [SwitchA-Vlan-interface20] pim sm [SwitchA-Vlan-interface20] undo shutdown [SwitchA-Vlan-interface20] quit # Configure the IP address of VLAN-interface 10 and enable IGMP and PIM-SM. [SwitchA] interface Vlan-interface10 [SwitchA-Vlan-interface10] ip address 10.21.3.1 255.255.255.0...
Page 764 Operation Manual – MSDP H3C S9500 Series Routing Switches Chapter 1 MSDP Configuration II. Network diagram PIM-SM 2 Switch G Eth1/1/2 Eth:10.25.2.0 Eth1/1/3 Eth1/1/4 Switch A PIM-SM 1 SRC A Switch B SRC C Switch C Switch D SRC B Eth:10.26.2.0...
Page 765 Operation Manual – MSDP H3C S9500 Series Routing Switches Chapter 1 MSDP Configuration [SwitchA-vlan30] quit # Enable multicast. [SwitchA] multicast routing-enable # Configure the IP address of interface Loopback 0 and enable PIM-SM. [SwitchA] interface loopback0 [SwitchA-LoopBack0] ip address 10.25.1.1 255.255.255.255...
Page 766 Operation Manual – MSDP H3C S9500 Series Routing Switches Chapter 1 MSDP Configuration [SwitchA-bgp] peer 10.26.1.2 group in [SwitchA-bgp] peer 10.27.1.2 group in [SwitchA-bgp] peer in connect-interface loopback0 [SwitchA-bgp] ipv4-family multicast [SwitchA-bgp-af-mul] peer in enable [SwitchA-bgp-af-mul] peer 10.26.1.2 group in [SwitchA-bgp-af-mul] peer 10.27.1.2 group in...
Page 767 Operation Manual – MSDP H3C S9500 Series Routing Switches Chapter 1 MSDP Configuration [SwitchE-vlan20] quit # Enable multicast. [SwitchE] multicast routing-enable # Configure the IP address of interface Loopback 0 and enable PIM-SM. [SwitchE] interface loopback0 [SwitchE-LoopBack0] ip address 10.26.1.2 255.255.255.255...
Page 768 Operation Manual – MSDP H3C S9500 Series Routing Switches Chapter 1 MSDP Configuration [SwitchE-bgp] peer 10.25.1.1 group in [SwitchE-bgp] peer 10.27.1.2 group in [SwitchE-bgp] peer in connect-interface loopback0 [SwitchE-bgp] ipv4-family multicast [SwitchE-bgp-af-mul] peer in enable [SwitchE-bgp-af-mul] peer 10.25.1.1 group in [SwitchE-bgp-af-mul] peer 10.27.1.2 group in...
Page 769 Operation Manual – MBGP H3C S9500 Series Routing Switches Table of Contents Table of Contents Chapter 1 MBGP Multicast Extension Configuration ..............1-1 1.1 MBGP Multicast Extension Overview ................1-1 1.1.1 MBGP Extension Attributes for Multicast ..............1-1 1.1.2 MBGP Operating Mode and Message Type ............1-2 1.2 MBGP Multicast Extension Configuration................
Page 770: Mbgp Multicast Extension Overview
Operation Manual – MBGP Chapter 1 MBGP Multicast Extension H3C S9500 Series Routing Switches Configuration Chapter 1 MBGP Multicast Extension Configuration When configuring MBGP, go to these sections for information you are interested in: MBGP Multicast Extension Overview MBGP Multicast Extension Configuration...
Page 771: Mbgp Operating Mode And Message Type
Operation Manual – MBGP Chapter 1 MBGP Multicast Extension H3C S9500 Series Routing Switches Configuration Among the information carried by MP_REACH_NLRI and MP_UNREACH_NLRI, address family identifier (AFI) and subsequent address family identifier (SAFI) can identify the address family of the information. SAFI is a complement to network layer reachability information (NLRI), with the value 1 for the unicast mode of NLRI, and the value 2 for the multicast mode of NLRI.
Page 772: Mbgp Multicast Extension Configuration
Operation Manual – MBGP Chapter 1 MBGP Multicast Extension H3C S9500 Series Routing Switches Configuration Update Message: Most important information in the MBGP system, used to exchange routing information among peers. It consists of three parts at the most: MP_UNREACH_NLRI, Path Attributes, and MP_REACH_NLRI.
Page 773: Configuring The Med Value For An As
Operation Manual – MBGP Chapter 1 MBGP Multicast Extension H3C S9500 Series Routing Switches Configuration To do... Use the command... Enter the MBGP multicast address family view ipv4-family multicast Remove the MBGP multicast address family view undo ipv4-family multicast By default, the system does not run the MBGP multicast extension protocol.
Page 774: Configuring Mbgp Timer
Operation Manual – MBGP Chapter 1 MBGP Multicast Extension H3C S9500 Series Routing Switches Configuration next hops through different neighbors, it will choose the route with the highest local preference. The configuration works both in unicast and multicast. For details of this configuration, refer to BGP Configuration in the IP Routing Volume.
Page 775 Operation Manual – MBGP Chapter 1 MBGP Multicast Extension H3C S9500 Series Routing Switches Configuration To do... Use the command... Enable the specified peer (group) peer group-name enable Disable the specified peer (group) undo peer group-name enable III. Adding an MBGP peer to the group...
Page 776 Operation Manual – MBGP Chapter 1 MBGP Multicast Extension H3C S9500 Series Routing Switches Configuration VI. Configuring the local address as the next hop when advertising routes This involves removing the next hop configuration in the routing information advertised to a peer (group) and configuring the local address as the next hop address. It is valid only for IBGP peers/peer groups.
Page 777 Operation Manual – MBGP Chapter 1 MBGP Multicast Extension H3C S9500 Series Routing Switches Configuration To do... Use the command... undo peer group-name filter-policy Remove outgoing policy configuration acl-number export By default, a peer (group) does not perform route filtering based on the IP ACL.
Page 778: Configuring Mbgp Route Aggregation
Operation Manual – MBGP Chapter 1 MBGP Multicast Extension H3C S9500 Series Routing Switches Configuration To do... Use the command... peer { group-name | peer-address } Configure the maximum number of route-limit route-limit-value routes that can be received by a peer...
Page 779: Configure Mbgp Community Attributes
Operation Manual – MBGP Chapter 1 MBGP Multicast Extension H3C S9500 Series Routing Switches Configuration 1.2.11 Configure MBGP Community Attributes Within the MBGP, a community is a set of destinations with some characteristics in common. A community is not limited to a network, or an AS has no physical boundary.
Page 780: Resetting Bgp Connections
Operation Manual – MBGP Chapter 1 MBGP Multicast Extension H3C S9500 Series Routing Switches Configuration 1.2.15 Resetting BGP Connections After changing the MBGP policy or protocol configuration, users must disconnect the present BGP connection to make the new configuration effective.
Page 781: Mbgp Multicast Extension Configuration Example
Operation Manual – MBGP Chapter 1 MBGP Multicast Extension H3C S9500 Series Routing Switches Configuration 1.4 MBGP Multicast Extension Configuration Example I. Network requirement This example describes how the administrator uses the MBGP attributes to manage route selection. All switches are configured with MBGP. The IGP in AS200 uses OSPF.
Page 782 Operation Manual – MBGP Chapter 1 MBGP Multicast Extension H3C S9500 Series Routing Switches Configuration # Specify the target network for MBGP. [SwitchA-bgp-af-mul] network 1.0.0.0 [SwitchA-bgp-af-mul] network 2.0.0.0 [SwitchA-bgp-af-mul] quit # Configure peers relationship. [SwitchA-bgp] bgp 100 [SwitchA-bgp] group a1 external [SwitchA-bgp] peer 192.1.1.2 group a1 as-number 200...
Page 783 Operation Manual – MBGP Chapter 1 MBGP Multicast Extension H3C S9500 Series Routing Switches Configuration [SwitchB-Vlan-interface20] ip address 192.1.1.2 255.255.255.0 [SwitchB-Vlan-interface20] quit [SwitchB] vlan 40 [SwitchB-vlan40] port ethernet2/1/4 [SwitchB-vlan40] quit [SwitchB] interface vlan-interface 40 [SwitchB-Vlan-interface40] ip address 194.1.1.2 255.255.255.0 [SwitchB-Vlan-interface40] quit...
Page 784 Operation Manual – MBGP Chapter 1 MBGP Multicast Extension H3C S9500 Series Routing Switches Configuration [SwitchC-ospf-1-area-0.0.0.0] quit [SwitchC-ospf-1] quit [SwitchC] bgp 200 [SwitchC-bgp] undo synchronization [SwitchC-bgp] group c1 external [SwitchC-bgp] peer 193.1.1.1 group c1 as-number 100 [SwitchC-bgp] group c2 internal [SwitchC-bgp] peer 194.1.1.2 group c2...
Page 785 Operation Manual – MBGP Chapter 1 MBGP Multicast Extension H3C S9500 Series Routing Switches Configuration [SwitchD] interface vlan-interface 50 [SwitchD-Vlan-interface50] ip address 195.1.1.1 255.255.255.0 [SwitchD-Vlan-interface50] quit [SwitchD] ospf [SwitchD-ospf-1] area 0 [SwitchD-ospf-1-area-0.0.0.0] network 194.1.1.0 0.0.0.255 [SwitchD-ospf-1-area-0.0.0.0] network 195.1.1.0 0.0.0.255 [SwitchD-ospf-1-area-0.0.0.0] network 4.0.0.0 0.0.0.255 [SwitchD-ospf-1-area-0.0.0.0] quit...
Page 786 Operation Manual H3C S9500 Series Routing Switches MPLS VPN Volume Organization Manual Version T2-08165E-20081225-C-1.24 Product Version S9500-CMW310-R1648 Organization The MPLS VPN Volume is organized as follows: Features (operation Description manual) MPLS (Multiprotocol Label Switching) brings together the advantages of the connectionless control with IP and the connection-oriented forwarding with ATM.
Page 787 Operation Manual H3C S9500 Series Routing Switches MPLS VPN Volume Organization Features (operation Description manual) The MPLS hybrid insertion feature is used to enable deployment of MPLS VPN services on cards that do not support MPLS. The volume describes: MPLS Hybrid...
Page 788 Operation Manual – MPLS H3C S9500 Series Routing Switches Table of Contents Table of Contents Chapter 1 MPLS Architecture....................... 1-1 1.1 MPLS Overview ......................... 1-1 1.2 MPLS Basic Concepts ....................... 1-2 1.2.1 FEC ......................... 1-2 1.2.2 Label........................1-2 1.2.3 LDP ......................... 1-5 1.3 MPLS Architecture ......................
Page 789: Mpls Overview
MPLS Architecture Note: The H3C S9500 Series Routing Switches (hereinafter referred to as S9500 series) running MPLS can serve as routers. Routers mentioned in this manual can be either a router in common sense, or a layer 3 Ethernet switch running MPLS.
Page 790: Mpls Basic Concepts
Operation Manual – MPLS H3C S9500 Series Routing Switches Chapter 1 MPLS Architecture 1.2 MPLS Basic Concepts 1.2.1 FEC Forwarding Equivalence Class (FEC) is an important concept in MPLS. MPLS is actually a kind of classify-and-forward technology. It categorizes packets with the same forwarding strategy (same destination addresses, same forwarding routes and same QoS levels) into one class, which is called a FEC.
Page 791 Operation Manual – MPLS H3C S9500 Series Routing Switches Chapter 1 MPLS Architecture results into the label information base (LIB). In simple words, label mapping is to assign a label to a FEC. The second type is also called incoming label mapping (ILM), that is, to map each input label to a series of next hop label forwarding entries (NHLFE).
Page 792 Upstream and downstream are just on a relative basis: For a packet forwarding process, the transmit router serves as upstream LSR and receive router serves as downstream LSR. Currently, the S9500 series adopt the DU label distribution mode. Label assignment control mode There are two modes to control the assignment and distribution of labels: independent mode and ordered mode.
Page 793: Mpls Architecture
Operation Manual – MPLS H3C S9500 Series Routing Switches Chapter 1 MPLS Architecture 1.2.3 LDP Label distribution protocol (LDP) is the signaling control protocol in MPLS, which controls binding labels and FECs between LSRs and coordinates a series of procedures between LSRs.
Page 794: Establishing Lsp
Operation Manual – MPLS H3C S9500 Series Routing Switches Chapter 1 MPLS Architecture On the LSR along the LSP, the mapping table of the import/export labels has been established (the element of this table is referred to as Next Hop Label Forwarding Entry (NHLFE)).
Page 795 Operation Manual – MPLS H3C S9500 Series Routing Switches Chapter 1 MPLS Architecture Figure 1-4 Label distribution process For the label distribution mentioned previously, there are two modes: DoD and DU. The main difference between these two modes is that the label mapping messages are distributed actively or passively.
Page 796: Lsp Tunnel And Hierarchy
Operation Manual – MPLS H3C S9500 Series Routing Switches Chapter 1 MPLS Architecture When the value exceeds the threshold value, it is considered that a loop presents, and the process for establishing LSP is terminated. The path vector method refers to that the path information is recorded in the message bound with the forwarding label, and, for every hop, the corresponding router checks if its ID is contained in this record.
Page 797 Operation Manual – MPLS H3C S9500 Series Routing Switches Chapter 1 MPLS Architecture The labels are organized according to the principle of “last in first out” in the label stack, and MPLS processes the labels beginning from the top of the stack.
Page 798 Operation Manual – MPLS H3C S9500 Series Routing Switches Chapter 1 MPLS Architecture the management of VPN customers, establishing LSP connection between various PEs, route allocation among different branches of the same VPN customer. Usually the route allocation between PEs is implemented by using extended BGP.
Page 799: Mpls Basic Capability Overview
Operation Manual – MPLS H3C S9500 Series Routing Switches Chapter 2 MPLS Basic Capability Configuration Chapter 2 MPLS Basic Capability Configuration This chapter covers the following topics: MPLS Basic Capability Overview MPLS Configuration LDP Configuration Displaying and Debugging MPLS Basic Capability...
Page 800: Defining Mpls Lsr Id
Operation Manual – MPLS H3C S9500 Series Routing Switches Chapter 2 MPLS Basic Capability Configuration The following sections describe the optional configuration tasks for MPLS basic capability: Configuring the Topology-Driven LSP Setup Policy Configuring an LSP Setup Policy Configuring Static LSP 2.2.1 Defining MPLS LSR ID...
Page 801: Configuring Static Lsp
Operation Manual – MPLS H3C S9500 Series Routing Switches Chapter 2 MPLS Basic Capability Configuration To do... Use the command... Configure the topology-Driven LSP lsp-trigger { all | ip-prefix ip-prefix } setup policy Use the default value, which only allows...
Page 802: Ldp Configuration
Operation Manual – MPLS H3C S9500 Series Routing Switches Chapter 2 MPLS Basic Capability Configuration Perform the following configuration in MPLS view to set the local LSR to a node on a specified LSP: To do... Use the command... static-lsp ingress lsp-name...
Page 803 Operation Manual – MPLS H3C S9500 Series Routing Switches Chapter 2 MPLS Basic Capability Configuration To do... Use the command... Enable LDP protocol mpls ldp Disable LDP undo mpls ldp By default, LDP is disabled. 2.3.2 Enabling LDP on a VLAN interface To make the VLAN interface support LDP, you must enable LDP function on the interface in VLAN interface mode.
Page 804: Configuring Session Parameters
Operation Manual – MPLS H3C S9500 Series Routing Switches Chapter 2 MPLS Basic Capability Configuration II. Configuring an address for the Remote-peer You can specify the address of any LDP-enabled interface on the Remote-peer or the address of the Loopback interface on the LSR that has advertised the route as the address of the Remote-peer.
Page 805 Operation Manual – MPLS H3C S9500 Series Routing Switches Chapter 2 MPLS Basic Capability Configuration To do... Use the command... mpls ldp timer { session-hold Configure session hold-time session-holdtime | hello hello-holdtime } Return to the default value undo mpls ldp timer { session-hold | hello } By default, the session-holdtime is 60 seconds and hello-holdtime is 15 seconds.
Page 806: Configuring Ldp Loop Detection Control
Operation Manual – MPLS H3C S9500 Series Routing Switches Chapter 2 MPLS Basic Capability Configuration Caution: The interface with borrowed address is used on the LSR. You cannot use this interface address to set up the LDP session. You are recommended to use the LSR-ID instead.
Page 807 Operation Manual – MPLS H3C S9500 Series Routing Switches Chapter 2 MPLS Basic Capability Configuration II. Setting the maximum hop count for loop detection When maximum hop count mode is adopted for loop detection, the maximum hop-count value can be defined. And if the maximum value is exceeded, it is considered that a loop happens and the LSP establishment fails.
Page 808: Displaying And Debugging Mpls Basic Capability
Operation Manual – MPLS H3C S9500 Series Routing Switches Chapter 2 MPLS Basic Capability Configuration Caution: There can be only one LDP session between any two devices. If you configure both a basic session and a remote session on a device, you need to configure the same authentication password for the two sessions.
Page 809: Displaying And Debugging Ldp
Operation Manual – MPLS H3C S9500 Series Routing Switches Chapter 2 MPLS Basic Capability Configuration V. Debugging MPLS To do... Use the command... Remarks debugging mpls lspm { agent | all | Enable debugging for Available in user event | ftn | interface | packet | policy...
Page 810: Typical Mpls Configuration Example
Operation Manual – MPLS H3C S9500 Series Routing Switches Chapter 2 MPLS Basic Capability Configuration To do... Use the command... Remarks Display states and display mpls ldp parameters of LDP Available in any view session sessions II. LDP debugging commands To do...
Page 811 Operation Manual – MPLS H3C S9500 Series Routing Switches Chapter 2 MPLS Basic Capability Configuration II. Network diagram Sw itchD V LA N2 01 Sw itchB V L AN 20 3 S wi tch A 16 8 .1 .1.2 16 8 .1 .1.2 1 72 .1 7.1 .1...
Page 812 Operation Manual – MPLS H3C S9500 Series Routing Switches Chapter 2 MPLS Basic Capability Configuration [H3C] vlan 201 [H3C-vlan201] port gigabitethernet 2/1/1 [H3C-vlan201] quit [H3C] interface vlan-interface 201 [H3C-Vlan-interface201] ip address 168.1.1.2 255.255.0.0 [H3C-Vlan-interface201] mpls [H3C-Vlan-interface201] mpls ldp enable [H3C-Vlan-interface201] mpls ldp transport-ip interface # Configure IP address and enable MPLS and LDP for VLAN interface 203.
Page 813: Troubleshooting Mpls Configuration
Operation Manual – MPLS H3C S9500 Series Routing Switches Chapter 2 MPLS Basic Capability Configuration [H3C-mpls] quit [H3C] mpls ldp # Configure IP address and enable LDP and MPLS for VLAN interface 202. [H3C] vlan 202 [H3C-vlan202] port gigabitethernet 2/1/1...
Page 814 Operation Manual – MPLS H3C S9500 Series Routing Switches Chapter 2 MPLS Basic Capability Configuration Cause 1: Loop detection configuration is different at the two ends. Solution: Check loop detection configuration at both ends to see if one end is configured while the other end is not (this will result in session negotiation failure).
Page 815 Operation Manual – MPLS VLL H3C S9500 Series Routing Switches Table of Contents Table of Contents Chapter 1 MPLS VLL ........................1-1 1.1 MPLS VLL Overview......................1-2 1.1.1 Concepts in MPLS VLL ................... 1-2 1.1.2 Introduction to MPLS VLL ..................1-2 1.1.3 Packet Forwarding ....................
Page 816 Operation Manual – MPLS VLL H3C S9500 Series Routing Switches Chapter 1 MPLS VLL Chapter 1 MPLS VLL When configuring MPLS VLL, go to these sections for information you are interested in: MPLS VLL Overview CCC MPLS VLL Configuration Martini MPLS VLL Configuration...
Page 817 Operation Manual – MPLS VLL H3C S9500 Series Routing Switches Chapter 1 MPLS VLL 1.1 MPLS VLL Overview 1.1.1 Concepts in MPLS VLL MPLS Virtual Leased Line (MPLS VLL) provides transparently transmission of Layer 2 data of users over an MPLS network. From the users’ perspective, this MPLS network is a Layer switched network through which Layer 2 connections can be set up between different sites.
Page 818: Packet Forwarding
Operation Manual – MPLS VLL H3C S9500 Series Routing Switches Chapter 1 MPLS VLL Tunnel label Tunnel label VC label VC label Tunnel label Tunnel label VC label VC label L2 PDU L2 PDU L2 PDU L2 PDU Label Stack...
Page 819 Operation Manual – MPLS VLL H3C S9500 Series Routing Switches Chapter 1 MPLS VLL 1.1.4 Implementation At present, the official standard for MPLS VLL has not been established yet. However, the PPVPN (Provider-provisioned Virtual Private Network) group of IETF (Internet Engineering Task Force) defines multiple framework drafts, two of which are commonly used.
Page 820 Operation Manual – MPLS VLL H3C S9500 Series Routing Switches Chapter 1 MPLS VLL VPN type Implementation Feature Uses extended LDP as the signaling to transmit the VC information. Uses VC-TYPE and VC-ID to Local switching like CCC is not identify VCs.
Page 821 Operation Manual – MPLS VLL H3C S9500 Series Routing Switches Chapter 1 MPLS VLL Caution: MPLS VLL does not support NDP transparent transmission. It is not recommended to bind VLLs on the default VLAN interface. Martini VLL and Kompella VLL modes support multiport access mode, while CCC does not support this.
Page 822 Operation Manual – MPLS VLL H3C S9500 Series Routing Switches Chapter 1 MPLS VLL To do... Use the command... Remarks Required. Two types of CCC connections exist: local CCC connection and ccc ccc-connection-name remote CCC connection. Establish local CCC interface vlan-interface...
Page 823 Operation Manual – MPLS VLL H3C S9500 Series Routing Switches Chapter 1 MPLS VLL 1.2.2 CCC MPLS VLL Configuration Example (1) I. Network requirements CEs and the corresponding PEs shown in Figure 1-5 are interconnected through their GigabitEthernet ports. Data is encapsulated as Ethernet packets at the data link layer. A local connection is required between CE-A and CE-B, and a remote connection between CE-A and CE-C.
Page 824 # Configure a static LSP, with the out-label of 100 and the egress interface being the interface of VLAN 214. [H3C] mpls [H3C-mpls] static-lsp ingress PEA-PEB l2vpn nexthop 5.5.5.2 out-label 100 # Configure a static LSP, with the in-label of 211 and the ingress interface being the interface of VLAN 214.
Page 825 # Configure a static LSP, with the out-label of 200 and the egress interface being the interface of VLAN 212. [H3C-mpls] static-lsp ingress PEB-PEA l2vpn nexthop 6.6.6.2 out-label 200 # Configure a static LSP, with the in-label of 101 and the ingress interface being the interface of VLAN 212.
Page 826 Operation Manual – MPLS VLL H3C S9500 Series Routing Switches Chapter 1 MPLS VLL [H3C-mpls] static-lsp transit PEB-PEA l2vpn incoming-interface vlan-interface 212 in-label 200 nexthop 5.5.5.1 out-label 211 Caution: Following must be met to make a local CCC connection to go up: The interfaces of the two CE are physically up.
Page 827 Operation Manual – MPLS VLL H3C S9500 Series Routing Switches Chapter 1 MPLS VLL III. Configuration procedure Configure PE-A # Configure the LSR-ID. Enable MPLS and MPLS L2VPN. <PE-A> system-view [PE-A] mpls lsr-id 1.1.1.1 [PE-A] mpls [PE-A] mpls l2vpn # Create public network VLAN 12, configure a VLAN interface, and then enable MPLS for the VLAN interface.
Page 828 Operation Manual – MPLS VLL H3C S9500 Series Routing Switches Chapter 1 MPLS VLL <P> system-view [P-mpls] static-lsp transit P l2vpn incoming-interface Vlan-interface34 in-label 843 nexthop 192.168.14.1 out-label 814 1.3 Martini MPLS VLL Configuration 1.3.1 Configuring Martini MPLS VLL Follow these steps to configure Martini MPLS VLL: To do...
Page 829 Operation Manual – MPLS VLL H3C S9500 Series Routing Switches Chapter 1 MPLS VLL To do... Use the command... Remarks Required To configure a Martini MPLS mpls l2vc ip-address VLL in VLAN interface view vc-id on a PE, you need to provide...
Page 830 Operation Manual – MPLS VLL H3C S9500 Series Routing Switches Chapter 1 MPLS VLL To do... Use the command... Remarks display mpls l2vc [ interface { GigabitEthernet interface-number [ vlan vlan-id ] | Display the information vlan-interface Optional about Martini MPLS VLL...
Page 831 Operation Manual – MPLS VLL H3C S9500 Series Routing Switches Chapter 1 MPLS VLL configuration or an aggregation port. Other configurations, such other VLL connections, IGMP, and IGMP snooping, cannot be made on the specified VLAN interface; otherwise these configurations will not work normally. To allow normal operation of other services configured on the VLAN interface, you need to remove the Martini VLL configuration made on the port.
Page 832 [H3C-A] mpls ldp remote-peer 1 [H3C-A-remote-peer-1] remote-ip 192.1.1.2 # Configure a Martini MPLS VLL connection. [H3C-A] interface vlan-interface 212 [H3C-A-Vlan-interface212] mpls l2vc 192.1.1.2 20 encapsulation ethernet Configure PE-B. # Configure the LSR-ID. Enable MPLS, MPLS LDP, and MPLS VLL. [H3C-B] mpls lsr-id 192.1.1.2...
Page 833 [H3C-B] mpls ldp remote-peer 1 [H3C-B-mpls-remote1] remote-ip 192.1.1.1 # Configure a Martini MPLS VLL connection. [H3C-B] interface vlan-interface 212 [H3C-B-Vlan-interface212] mpls l2vc 192.1.1.1 20 encapsulation ethernet Configure P. # Configure the LSR-ID. Enable MPLS, and LDP. [H3C-P] mpls lsr-id 192.1.1.3...
Page 834 Operation Manual – MPLS VLL H3C S9500 Series Routing Switches Chapter 1 MPLS VLL [H3C-P-Vlan-interface21] ip address 168.1.1.2 255.255.0.0 [H3C-P-Vlan-interface21] quit [H3C-P] vlan 22 [H3C-P-vlan22 port gigabitethernet 2/1/2 [H3C-P-vlan22] quit [H3C-P] interface Vlan-interface 22 [H3C-P-Vlan-interface22] mpls [H3C-P-Vlan-interface22] mpls ldp enable [H3C-P-Vlan-interface22] ip address 169.1.1.2 255.255.0.0...
Page 835 Operation Manual – MPLS VLL H3C S9500 Series Routing Switches Chapter 1 MPLS VLL In system view, enable the primary connection auto-restore function. II. Network diagram P E 1 P E 3 CE 1 1 .1 .1.1 CE 3 3.3 .3 .3...
Page 836 Operation Manual – MPLS VLL H3C S9500 Series Routing Switches Chapter 1 MPLS VLL [PE1-mpls] static-lsp egress 2to1 incoming-interface Vlan-interface10 in-label 3 # Configure the peer relationship with PE2 so that the LDP remote session can be established between them.
Page 837 Operation Manual – MPLS VLL H3C S9500 Series Routing Switches Chapter 1 MPLS VLL [PE2] mpls [PE2-mpls]static-lsp ingress pe2-pe3 destination 3.3.3.3 nexthop 50.50.50.1 out-label 50 [PE2-mpls]static-lsp egress pe3-pe2 incoming-interface Vlan-interface50 in-label 180 [PE2-mpls]static-lsp ingress 2to1 destination 1.1.1.1 32 nexthop 10.10.10.1...
Page 838 Operation Manual – MPLS VLL H3C S9500 Series Routing Switches Chapter 1 MPLS VLL [PE3-Vlan-interface70] interface g5/1/1 [PE3-GigabitEthernet5/1/1] port link-type trunk [PE3-GigabitEthernet5/1/1] port trunk permit vlan 70 # Create a static LSP from PE3 to PE2. [PE3]mpls [PE3-mpls]static-lsp egress pe2-pe3...
Page 839 Operation Manual – MPLS VLL H3C S9500 Series Routing Switches Chapter 1 MPLS VLL [P-GigabitEthernet 4/1/18]q [P]vlan 50 [P-vlan50] interface vlan 50 [P-Vlan-interface50] ip address 50.50.50.1 255.255.255.0 [P-Vlan-interface50] mpls [P-Vlan-interface50] interface g4/1/17 [P-GigabitEthernet 4/1/17] port link-type trunk [P-GigabitEthernet 4/1/17] port trunk permit vlan 50 # Configure a transit LSP from PE2 to PE3 and a transit LSP from PE3 to PE2 on the P device.
Page 840 Operation Manual – MPLS VLL H3C S9500 Series Routing Switches Chapter 1 MPLS VLL [PE2-Vlan-interface101] quit # Restore the Martini MPLS VLL virtual connection to primary globally. [PE2] mpls l2vc manual-restore # In system view, enable the primary connection auto-restore function for Martini MPLS VLL virtual connections.
Page 841 Operation Manual – MPLS VLL H3C S9500 Series Routing Switches Chapter 1 MPLS VLL To do... Use the command... Remarks Required By default, only the peers of BGP peer { group-name | IPv4 unicast address families are Activate the peer or peer-address } active.
Page 842 Operation Manual – MPLS VLL H3C S9500 Series Routing Switches Chapter 1 MPLS VLL To do... Use the command... Remarks ce name [ id id Required Create a CE or modify [ range range ] Each CE created on a PE needs...
Page 843 Operation Manual – MPLS VLL H3C S9500 Series Routing Switches Chapter 1 MPLS VLL Caution: You can only change the CE range to a number larger than the existing one. For example, you can change a CE range from 10 to 20, rather than from 10 to 5. The only way to change a CE range to a smaller number is to remove the CE and create a new one.
Page 844 Operation Manual – MPLS VLL H3C S9500 Series Routing Switches Chapter 1 MPLS VLL II. Network diagram V L AN 21 2 V LA N2 1 V L AN 22 V LA N2 1 2 CE A P E A...
Page 845 [H3C] mpls l2vpn vpn1 encapsulation ethernet [H3C-mpls-l2vpn-vpn1] route-distinguisher 100:1 [H3C-mpls-l2vpn-vpn1] vpn-target 100:1 # Create CE1 and configure the corresponding connection. [H3C-mpls-l2vpn-vpn1] ce ce1 id 1 range 200 [H3C-mpls-l2vpn-vpn1-ce1] connection ce-offset 2 interface vlan-interface 212 [H3C-mpls-l2vpn-vpn1-ce1] quit # Enable OSPF. [H3C] ospf 1 router-id 1.1.1.1 [H3C-ospf-1] area 0.0.0.0...
Page 846 [H3C] mpls l2vpn vpn1 encapsulation ethernet [H3C-mpls-l2vpn-vpn1] route-distinguisher 100:1 [H3C-mpls-l2vpn-vpn1] vpn-target 100:1 # Create CE2 and configure the corresponding connection. [H3C-mpls-l2vpn-vpn1] ce ce2 id 2 range 200 [H3C-mpls-l2vpn-vpn1-ce2] connection ce-offset 1 interface vlan-interface 212 [H3C-mpls-l2vpn-vpn1-ce2] quit # Enable OSPF. [H3C] ospf 1 router-id 3.3.3.3 [H3C -ospf-1] area 0.0.0.0...
Page 847 Operation Manual – MPLS VLL H3C S9500 Series Routing Switches Chapter 1 MPLS VLL II. Network diagram Figure 1-10 Network diagram for Kompella MPLS VLL (2) III. Configuration procedure Configure PE-A. # Configure LSR ID and enable MPLS and LDP.
Page 848 Operation Manual – MPLS VLL H3C S9500 Series Routing Switches Chapter 1 MPLS VLL [PE-A-ospf-1-area-0.0.0.0] quit # Enable BGP and configure the BGP peer relationship with PE-B and PE-C, using the loopback interface as the source interface. [PE-A] bgp 100 [PE-A-bgp] group ibgp internal [PE-A-bgp] peer 1.1.1.2 group ibgp...
Page 849 Operation Manual – MPLS VLL H3C S9500 Series Routing Switches Chapter 1 MPLS VLL Configure a Loopback interface. Its IP address is used as the Router-ID. Enable OSPF and advertise the routes of the interfaces. 1.5 Displaying and Debugging MPLS VLL To do...
Page 850 Operation Manual – MPLS VLL H3C S9500 Series Routing Switches Chapter 1 MPLS VLL VC state being down indicates the encapsulation types or VC IDs of the two ends are not the same. Make sure the interface types (Access or Trunk) of the two PE interfaces and the VC IDs of the two ends are consistent.
Page 851 Operation Manual – MPLS VPLS H3C S9500 Series Routing Switches Table of Contents Table of Contents Chapter 1 VPLS Configuration..................... 1-1 1.1 VPLS Overview........................1-2 1.1.1 Introduction to VPLS ....................1-2 1.1.2 Basic VPLS Network Architectures ................. 1-2 1.1.3 VPLS Basic Transmission Components ..............1-5 1.2 VPLS Basic Configuration ....................
Page 852 Operation Manual – MPLS VPLS H3C S9500 Series Routing Switches Chapter 1 VPLS Configuration Chapter 1 VPLS Configuration When configuring VPLS, go to these sections for information you are interested in: VPLS Overview VPLS Basic Configuration Displaying and Debugging VPLS...
Page 853: Vpls Overview
With VPLS, users in different areas can be connected with each other through MAN/WAN just like they are in one LAN. S9500 series provide a VPLS solution. This solution uses MPLS-based virtual links as the links of Ethernet bridges and provides transparent transmission LAN services (TLS) over MPLS networks.
Page 854 Operation Manual – MPLS VPLS H3C S9500 Series Routing Switches Chapter 1 VPLS Configuration Figure 1-1 Network diagram for PW logically meshed VPLS network As shown in Figure 1-1, VPLS can provide point-to-multipoint connection service like a L3VPN. It can learn MAC addresses and exchange packets between multiple sites. In addition, it keeps the forwarding tables of the individual VPNs independent with each other and allows MAC address overlap between VPNs.
Page 855 MPLS edge network connected by LSP, or a simple Ethernet network for VLAN-VPN user access. The S9500 series routing switches support hierarchical VPLS (H-VPLS) networking. In a hierarchical VPLS network, the UPE and NPE devices can be interconnected through an MPLS edge network (by LSP connections) or through a simple Ethernet switched network (VLAN-VPN access) to provide link redundancy.
Page 856 Operation Manual – MPLS VPLS H3C S9500 Series Routing Switches Chapter 1 VPLS Configuration In the case of access through VLAN-VPN, MSTP needs to run between the UPE and NPE links. The two NPE devices connected with the UPE device only transparently transmit BPDUs between each other.
Page 857 Operation Manual – MPLS VPLS H3C S9500 Series Routing Switches Chapter 1 VPLS Configuration An attachment circuit (AC) is a virtual connection link between CE and PE. User’s Layer 2 and layer 3 data are transmitted to the peer site through AC without any modification.
Page 858: Vpls Basic Configuration
Operation Manual – MPLS VPLS H3C S9500 Series Routing Switches Chapter 1 VPLS Configuration 1.2 VPLS Basic Configuration 1.2.1 VPLS Configuration Task List To do... Use the command... Remarks Refer to the related sections in Configure routing protocol Operation Manual – Routing...
Page 859 Operation Manual – MPLS VPLS H3C S9500 Series Routing Switches Chapter 1 VPLS Configuration Caution: L2VPN VPLS does not support NDP transparent transmission. 1.2.2 Configuring Routing Protocols You must perform some basic routing configuration on your switch such that it can exchange routing information with other P and PE devices.
Page 860 Operation Manual – MPLS VPLS H3C S9500 Series Routing Switches Chapter 1 VPLS Configuration 1.2.5 Enabling L2VPN Enable L2VPN globally before you configure VPLS and VLL; otherwise you cannot configure VPLS and VLL. Perform the following configuration in system view to enable L2VPN: To do...
Page 861 Operation Manual – MPLS VPLS H3C S9500 Series Routing Switches Chapter 1 VPLS Configuration Perform the following configuration in VSI-LDP view to configure a VPLS instance: To do... Use the command... Specify a ID for the current VSI vsi-id vsi-id III.
Page 862 Operation Manual – MPLS VPLS H3C S9500 Series Routing Switches Chapter 1 VPLS Configuration with that of the VLAN bound with the Trunk. If convergence UPE makes H-VPLS access by LSP, you can bind a VPLS instance to a VLAN containing no port.
Page 863 Operation Manual – MPLS VPLS H3C S9500 Series Routing Switches Chapter 1 VPLS Configuration To do... Use the command... Batch delete the MAC undo mac-address vsi [ vsi-name [ peer { peer-ip | addresses of VPLS dual-npe } | vlan-interface vlan-id ] ] [ static |...
Page 864 Operation Manual – MPLS VPLS H3C S9500 Series Routing Switches Chapter 1 VPLS Configuration Caution: If GARP VLAN registration protocol (GVRP), spanning tree protocol (STP) or 802.1x protocol is enabled on a port, VLAN VPN on this port is not allowed to enable.
Page 865 In an ACL rule that defines a VPLS label range, the rang-id argument refers to the VPLS label range ID. On an S9500 series switch, the entire VPLS supported label range is divided into 8 label ranges with equal space. These 8 ranges correspond to range IDs 0 through 7.
Page 866 Operation Manual – MPLS VPLS H3C S9500 Series Routing Switches Chapter 1 VPLS Configuration Note: In the redirection command, the slotid specifies a VPLS service processing card, and vlanid specifies the VLAN ID that interfaces with the MPLS network. After you configure packet redirection, the ports of the public network add to the VLAN (specified join-vlan).
Page 867 Operation Manual – MPLS VPLS H3C S9500 Series Routing Switches Chapter 1 VPLS Configuration rate limitation to be 200, then the actual is 192, three times of 64. The actually supported rate limitation ranges from 64 kbps to 2,097,152 kbps (included), and if the value you set is above 2,097,152 kbps, no rate limitation is performed.
Page 868: Displaying And Debugging Vpls
Operation Manual – MPLS VPLS H3C S9500 Series Routing Switches Chapter 1 VPLS Configuration you can either use the CoS mapping table suggested by the protocol, or define user priority for PSN CoS mapping. Perform the following configuration in VSI view to configure the CoS level: To do...
Page 869: Vpls Configuration Examples
If this is not avoidable, be sure to use the secondary port of the RRPP master node as the VPLS private network port. I. Network requirements S9500 series switch support all kinds of VPLS architectures and networking. Figure 1-4 shows a simple back-to-back network diagram. Where, two sites of VPN1 connect to...
Page 870 Operation Manual – MPLS VPLS H3C S9500 Series Routing Switches Chapter 1 VPLS Configuration port E6/1/48 of the two PEs (PE1 and PE2) respectively. Both PEs are configured with the private VLAN 100 and public VLAN 10 connected through G4/1/1 to implement basic VPLS service.
Page 871 Operation Manual – MPLS VPLS H3C S9500 Series Routing Switches Chapter 1 VPLS Configuration [PE1-vlan-interface10] ip address 10.10.10.10 24 [PE1-vlan-interface10] mpls [PE1-vlan-interface10] mpls ldp enable # Configure OSPF to set up routes. [PE1] ospf [PE1-ospf-1] area 0 [PE1-ospf-1-area-0.0.0.0] network 5.6.7.8 0.0.0.0 [PE1-ospf-1-area-0.0.0.0] network 10.10.10.10 0.0.0.255...
Page 872 Operation Manual – MPLS VPLS H3C S9500 Series Routing Switches Chapter 1 VPLS Configuration # Define user flow template in port view and configure redirection rule to redirect VPLS packets back from the public network to the VPLS service processor card and specify the VLAN ID of the redirection flow.
Page 873 Operation Manual – MPLS VPLS H3C S9500 Series Routing Switches Chapter 1 VPLS Configuration [PE2] ospf [PE2-ospf-1] area 0 [PE2-ospf-1-area-0.0.0.0] network 1.2.3.4 0.0.0.0 [PE2-ospf-1-area-0.0.0.0] network 10.10.10.11 0.0.0.255 [PE2-ospf-1-area-0.0.0.0] quit [PE2-ospf-1] import-route direct [PE2-ospf-1] quit # Configure a LDP remote peer (PE1) to set up LDP session.
Page 874 Operation Manual – MPLS VPLS H3C S9500 Series Routing Switches Chapter 1 VPLS Configuration [PE2-GigabitEthernet4/1/1] traffic-redirect inbound link-group 4000 rule 0 slot 5 10 join vlan Note that, if a common interface card whose model is suffixed with “B” is seated in slot...
Page 875 Operation Manual – MPLS VPLS H3C S9500 Series Routing Switches Chapter 1 VPLS Configuration [PE-A] mpls [PE-A] mpls ldp [PE-A] mpls l2vpn # Create public network VLAN 12, configure the VLAN interface, and then enable MPLS and MPLS LDP for the VLAN interface.
Page 876 Operation Manual – MPLS VPLS H3C S9500 Series Routing Switches Chapter 1 VPLS Configuration [PE-A] vsi vpls100 static [PE-A-vsi-vpls100] pwsignal ldp [PE-A-vsi-vpls100-ldp] vsi-id 100 [PE-A-vsi-vpls100-ldp] peer 1.1.1.2 encapsulation ethernet [PE-A-vsi-vpls100-ldp] peer 1.1.1.3 encapsulation vlan [PE-A-vsi-vpls100-ldp] quit # Bind the VPLS instance to the private VLAN.
Page 877 Operation Manual – MPLS VPLS H3C S9500 Series Routing Switches Chapter 1 VPLS Configuration As an access device on the user side, UPE provides access to NPE1 and NPE2 by primary/backup PW. Users under the UPE can communicate with other users in the VPLS network through NPE1 or NPE2.
Page 878 Operation Manual – MPLS VPLS H3C S9500 Series Routing Switches Chapter 1 VPLS Configuration # Configure the public network interface, loopback interface, and routes. [NPE1] router id 1.1.1.1 [NPE1] interface LoopBack 0 [NPE1-LoopBack0] ip address 1.1.1.1 32 [NPE1-LoopBack0] quit [NPE1] vlan 16 [NPE1-vlan16] interface vlan-interface 16 [NPE1-Vlan-interface16] ip address 16.16.16.1 24...
Page 879 Operation Manual – MPLS VPLS H3C S9500 Series Routing Switches Chapter 1 VPLS Configuration [NPE1-GigabitEthernet5/1/1] flow-template user-defined [NPE1-GigabitEthernet5/1/1] traffic-redirect inbound link-group 4000 rule 0 slot 3 12 [NPE1-GigabitEthernet5/1/1] quit [NPE1] interface Ethernet 2/1/31 [NPE1-Ethernet2/1/31] flow-template user-defined [NPE1-Ethernet2/1/31] traffic-redirect inbound link-group 4000 rule 0 slot 3...
Page 880 Operation Manual – MPLS VPLS H3C S9500 Series Routing Switches Chapter 1 VPLS Configuration [NPE1-vsi-Hvpls] broadcast-restrain 100 [NPE1-vsi-Hvpls] bandwidth 1024000 [NPE1-vsi-Hvpls] quit # Bind the VPLS instance to the private network interface. [NPE1] vlan 3001 [NPE1-vlan3001] interface vlan-interface 3001 [NPE1-Vlan-interface3001] l2 binding vsi Hvpls access-mode ethernet [NPE1-Vlan-interface3001] quit Configure NPE2.
Page 881 Operation Manual – MPLS VPLS H3C S9500 Series Routing Switches Chapter 1 VPLS Configuration [NPE2-Ethernet2/1/26] quit [NPE2] vlan 12 [NPE2-vlan12] interface vlan-interface 12 [NPE2-Vlan-interface12] ip address 12.12.12.2 24 [NPE2-Vlan-interface12] quit [NPE2] interface GigabitEthernet 4/1/2 [NPE2-GigabitEthernet4/1/2] port link-type trunk [NPE2-GigabitEthernet4/1/2] port trunk permit vlan 12...
Page 882 Operation Manual – MPLS VPLS H3C S9500 Series Routing Switches Chapter 1 VPLS Configuration [NPE2-Ethernet2/1/15] traffic-redirect inbound link-group 4000 rule 1 slot 5 [NPE2-Ethernet2/1/15] quit # Enable MPLS on public network interfaces. [NPE2] interface vlan-interface 23 [NPE2-Vlan-interface23] mpls [NPE2-Vlan-interface23] mpls ldp enable...
Page 883 Operation Manual – MPLS VPLS H3C S9500 Series Routing Switches Chapter 1 VPLS Configuration Configure NPE3. Note: In this part of the example, slot 2 holds the MPLS card. If the access card on the public network side is an MPLS card, you simply need to redirect the VPLS packets to the VPLS service card for redirection, without using the join-vlan parameter.
Page 884 Operation Manual – MPLS VPLS H3C S9500 Series Routing Switches Chapter 1 VPLS Configuration [NPE3-ospf-1-area-0.0.0.0] network 6.6.6.6 0.0.0.0 [NPE3-ospf-1-area-0.0.0.0] network 26.26.26.0 0.0.0.255 [NPE3-ospf-1-area-0.0.0.0] network 16.16.16.0 0.0.0.255 # Configure redirection for the public network interface. [NPE3] flow-template user-defined slot 2 ethernet-protocol vlanid...
Page 885 Operation Manual – MPLS VPLS H3C S9500 Series Routing Switches Chapter 1 VPLS Configuration # Bind the VPLS instance to the private network interface. [NPE3] vlan 3001 [NPE3-vlan3001] interface vlan-interface 3001 [NPE3-Vlan-interface3001] l2 binding vsi Hvpls access-mode ethernet [NPE3-Vlan-interface3001] quit...
Page 886 Operation Manual – MPLS VPLS H3C S9500 Series Routing Switches Chapter 1 VPLS Configuration [UPE-Ethernet3/1/15] quit [UPE] vlan 13 [UPE-vlan13] interface vlan-interface 13 [UPE-Vlan-interface13] ip address 13.13.13.3 24 [UPE-Vlan-interface13] quit [UPE] interface Ethernet 3/1/33 [UPE-Ethernet3/1/33] port link-type trunk [UPE-Ethernet3/1/33] port trunk permit vlan 13...
Page 887 Operation Manual – MPLS VPLS H3C S9500 Series Routing Switches Chapter 1 VPLS Configuration [UPE-vsi-Hvpls] pwsignal ldp [UPE-vsi-Hvpls-ldp] vsi-id 1 [UPE-vsi-Hvpls-ldp] peer 1.1.1.1 dual-npe [UPE-vsi-Hvpls-ldp] peer 2.2.2.2 dual-npe [UPE-vsi-Hvpls-ldp] quit [UPE-vsi-Hvpls] broadcast-restrain 100 [UPE-vsi-Hvpls] bandwidth 1024000 [UPE-vsi-Hvpls] quit # Bind the VPLS instance to the private network interface.
Page 888 Operation Manual – MPLS VPLS H3C S9500 Series Routing Switches Chapter 1 VPLS Configuration III. Configuration procedure Configure the MTU device. # Enable STP globally. <MTU> system-view System View: return to User View with Ctrl+Z. [MTU] stp enable # Configure the access port for CE1, and enable QinQ on the port.
Page 889 Operation Manual – MPLS VPLS H3C S9500 Series Routing Switches Chapter 1 VPLS Configuration [NPE1] vlan 38 [NPE1-vlan38] interface vlan-interface 38 [NPE1-Vlan-interface38] ip address 192.168.38.3 24 [NPE1-Vlan-interface38] quit [NPE1] interface GigabitEthernet2/1/1 [NPE1-GigabitEthernet2/1/1] port link-type trunk [NPE1-GigabitEthernet2/1/1] port trunk permit vlan 38...
Page 890 Operation Manual – MPLS VPLS H3C S9500 Series Routing Switches Chapter 1 VPLS Configuration # Configure MPLS LDP remote sessions. [NPE1] mpls ldp remote-peer 2 [NPE1-mpls-remote2] remote-ip 1.0.0.17 [NPE1-mpls-remote2] quit [NPE1] mpls ldp remote-peer 3 [NPE1-mpls-remote3] remote-ip 1.0.0.18 [NPE1-mpls-remote3] quit # Perform the configuration concerning the VPN instance.
Page 891 Operation Manual – MPLS VPLS H3C S9500 Series Routing Switches Chapter 1 VPLS Configuration [NPE1] vsi stp static [NPE1-vsi-stp] pwsignal ldp [NPE1-vsi-stp-ldp]vsi-id 3 # Create a PW connection for transparent transmission of BPDUs between NPE1 and NPE2. [NPE1-vsi-stp-ldp] peer 1.0.0.18 vc-id 13...
Page 892 Chapter 1 VPLS Configuration 1.4.5 VPLS Load Sharing Configuration Example The S9500 series routing switches support load sharing among multiple VPLS cards. The card level load sharing feature can distribute services evenly to multiple VPLS cards to enhance the VPLS forwarding performance of the system. When a card fails, the services running on that card is automatically switched to a normally operating card.
Page 893 Operation Manual – MPLS VPLS H3C S9500 Series Routing Switches Chapter 1 VPLS Configuration II. Network diagram vlan 25 G 4 /1/8 G 10 /1/8 P E 1 P E2 Figure 1-8 Network diagram for VPLS load sharing configuration III. Configuration procedure Configure PE1 # Configure MPLS globally.
Page 894 Operation Manual – MPLS VPLS H3C S9500 Series Routing Switches Chapter 1 VPLS Configuration [PE1-acl-link-4100] rule 1 permit mpls l2label-range 1 ingress any egress any [PE1-acl-link-4100] rule 2 permit mpls l2label-range 2 ingress any egress any [PE1-acl-link-4100] rule 3 permit mpls l2label-range 3 ingress any egress any...
Page 895: Troubleshooting Vpls
Operation Manual – MPLS VPLS H3C S9500 Series Routing Switches Chapter 1 VPLS Configuration [PE1-vsi-vpn1] quit [PE1] interface Vlan-interface 100 [PE1-Vlan-interface100] l2 binding vsi vpn1 [PE1-vsi-vpn1]dis this vsi vpn1 static label-range 0 encapsulation ethernet broadcast-restrain 100 cos 1 pwsignal ldp vsi-id 1 peer 20.0.0.2 vc-id 1 encapsulation vlan...
Page 896 Operation Manual – MPLS VPLS H3C S9500 Series Routing Switches Chapter 1 VPLS Configuration The interface of the private VLAN is not bound with the corresponding VPLS instance, or is DOWN: make sure the interface is UP, or the PW to the UPE is UP.
Page 897 Operation Manual – MPLS L3VPN H3C S9500 Series Routing Switches Table of Contents Table of Contents Chapter 1 MPLS L3VPN Configuration..................1-1 1.1 MPLS L3VPN Overview..................... 1-1 1.1.1 MPLS L3VPN Model ....................1-2 1.1.2 MPLS L3VPN Implementation ................1-5 1.1.3 Nested MPLS L3VPN Implementation..............1-7 1.1.4 Hierarchical MPLS L3VPN Implementation ............
Page 898: Mpls L3Vpn Overview
VPN represents a different service, making the network able to transmit services of different types in a flexible way. The H3C S9500 series routing switches provide full MPLS L3VPN networking capabilities: Address isolation, allowing the overlap of addresses of different VPNs and public networks.
Page 899 Operation Manual – MPLS L3VPN H3C S9500 Series Routing Switches Chapter 1 MPLS L3VPN Configuration 1.1.1 MPLS L3VPN Model I. MPLS L3VPN model Figure 1-1 MPLS L3VPN model As shown in Figure 1-1, MPLS L3VPN model contains three parts: CE, PE and P.
Page 900 Operation Manual – MPLS L3VPN H3C S9500 Series Routing Switches Chapter 1 MPLS L3VPN Configuration operations when required by a user to adjust the relation between the user's internal VPNs. These disadvantages not only increase the network operating cost, but also bring relevant management and security issues.
Page 901 Operation Manual – MPLS L3VPN H3C S9500 Series Routing Switches Chapter 1 MPLS L3VPN Configuration each VPN-instance on the PE has an independent set of routing table and label forwarding table, in which the forwarding information of the message is saved...
Page 902 Operation Manual – MPLS L3VPN H3C S9500 Series Routing Switches Chapter 1 MPLS L3VPN Configuration When matching the VPN Target attribute carried by the route to filter the routing information received by the PE router, if the export VPN target set of the received route contains identical items with the import VPN target set of the local end, the route is imported into the VPN routing table and then advertised to the connected CE .
Page 903 Operation Manual – MPLS L3VPN H3C S9500 Series Routing Switches Chapter 1 MPLS L3VPN Configuration Between CE and PE A PE router can learn routing information about the CE connected to it through static route, RIP (supporting multi-instance), OSPF (supporting multi-instance) or EBGP, and imports it in a vpn-instance.
Page 904 Operation Manual – MPLS L3VPN H3C S9500 Series Routing Switches Chapter 1 MPLS L3VPN Configuration Layer 1 Layer1 Layer 2 Layer2 Layer 2 Layer2 1.1.1.2 1.1.1.2 1.1.1.2 1.1.1.2 1.1.1.2 1.1.1.2 1.1.1.2 1.1.1.2 1.1.1.1/24 Site 1 Site 2 1.1.1.2/24 Figure 1-4 Forwarding VPN packets Site 1 sends an IPv4 packet with the destination address 1.1.1.2 of to CE1.
Page 905 As PE is required to aggregate multiple VPN routes on a MPLS L3VPN, it is prone to forming a bottleneck in a large-scale deployment or in the case that PE capacity is small. To solve the problem, Hangzhou H3C Technologies Co., Ltd. introduced the HoVPN (Hierarchy of VPN, Hierarchical MPLS L3VPN) solution.
Page 906 Operation Manual – MPLS L3VPN H3C S9500 Series Routing Switches Chapter 1 MPLS L3VPN Configuration Figure 1-5 Hierarchical MPLS L3VPN 1.1.5 Introduction to OSPF Multi-Instance As one of the most popular IGP routing protocols, OSPF is used as an internal routing protocol in many VPNs.
Page 907 Operation Manual – MPLS L3VPN H3C S9500 Series Routing Switches Chapter 1 MPLS L3VPN Configuration VPN- GREEN CE31 Area 2 Site2 OSPF 100 VPN - GREEN OSPFArea2 VPN-RED CE11 VPN-RED Site1 Site2 OSPF Area0 OSPF Area1 Area0 CE21 MPLS VPN Backbone...
Page 908 Operation Manual – MPLS L3VPN H3C S9500 Series Routing Switches Chapter 1 MPLS L3VPN Configuration different from common hosts; it is implemented by specifying an interface of another VPN as the egress interface through a static route in a VPN; and thus allowing one logical interface to access multiple VPNs.
Page 909 Operation Manual – MPLS L3VPN H3C S9500 Series Routing Switches Chapter 1 MPLS L3VPN Configuration To do... Use the command... ip route-static [ vpn-instance vpn-instance-name-list ] ip-address { mask | mask-length } { interface-type Create a specified interface-number | vpn-instance vpn-instance-name...
Page 910: Configuring Pe Router
Operation Manual – MPLS L3VPN H3C S9500 Series Routing Switches Chapter 1 MPLS L3VPN Configuration 1.2.3 Configuring PE Router I. Configuring basic MPLS capability It includes configuring MPLS LSR ID, enable MPLS globally and enable MPLS in the corresponding VLAN interface view.
Page 911 Operation Manual – MPLS L3VPN H3C S9500 Series Routing Switches Chapter 1 MPLS L3VPN Configuration Perform the following configuration in VPN-instance view to configure VPN-instance description: To do... Use the command... Configure VPN-instance description description vpn-instance-description Delete VPN-instance description undo description...
Page 912 Operation Manual – MPLS L3VPN H3C S9500 Series Routing Switches Chapter 1 MPLS L3VPN Configuration Up to 16 VPN-targets can be configured with a command, and up to 20 vpn-targets can be configured for a VPN-instance. Limit the maximum number of routes in a VPN-instance This command is used to limit the maximum number of routes for a VPN-instance so as to avoid too many routes imported from a Site.
Page 913 Operation Manual – MPLS L3VPN H3C S9500 Series Routing Switches Chapter 1 MPLS L3VPN Configuration By default, the vlan-id range of MPLS/VPN VLANs is from 0 to 1023, and the default value of vlan-id is 0. The value range of vlan-id is from 1 to 3071.
Page 914 Operation Manual – MPLS L3VPN H3C S9500 Series Routing Switches Chapter 1 MPLS L3VPN Configuration Set the VPN range for the ports and set the range of MPLS/VPN VLAN vlan-id on the ports to 1 to 4094. Perform the following configuration in Ethernet interface view.
Page 915 Operation Manual – MPLS L3VPN H3C S9500 Series Routing Switches Chapter 1 MPLS L3VPN Configuration Configure an outgoing routing policy for a VPN instance By configuring an outgoing routing policy for a VPN instance, you can set specific extended community attributes for specific routes.
Page 916 Operation Manual – MPLS L3VPN H3C S9500 Series Routing Switches Chapter 1 MPLS L3VPN Configuration To do... Use the command... ipv4-family [ unicast ] vpn-instance Create PE-CE RIP instance vpn-instance-name undo ipv4-family [ unicast ] vpn-instance Delete PE-CE RIP instance vpn-instance-name Then configuring RIP multi-instance to import IBGP route.
Page 917 Operation Manual – MPLS L3VPN H3C S9500 Series Routing Switches Chapter 1 MPLS L3VPN Configuration Perform the following configuration in the OSPF view to configure Domain ID: To do... Use the command... Configure Domain ID domain-id { id-number | id-addr }...
Page 918 Operation Manual – MPLS L3VPN H3C S9500 Series Routing Switches Chapter 1 MPLS L3VPN Configuration Sham-links are required between two PEs when Backdoor links (that is, the OSPF links that do not pass through the MPLS backbone network) exist between the two PEs and data is expected to be transported over the MPLS backbone.
Page 919 Operation Manual – MPLS L3VPN H3C S9500 Series Routing Switches Chapter 1 MPLS L3VPN Configuration To do... Use the command... Configure AS number for a peer { group-name | [ peer-address group specific neighbor group-name ] } as-number as-number Delete the AS number of a...
Page 920 Operation Manual – MPLS L3VPN H3C S9500 Series Routing Switches Chapter 1 MPLS L3VPN Configuration By default, BGP is in asynchronous mode. Step 6: Permit route loop configuration in Hub&Spoke networking (optional) Generally speaking, PE-CE configuration is completed after you specify the AS number of neighbor;...
Page 921 Operation Manual – MPLS L3VPN H3C S9500 Series Routing Switches Chapter 1 MPLS L3VPN Configuration In general, BGP uses the best local address in TCP connection. To keep TCP connection available even when the interface involved fails, you can perform the following configuration to permit BGP session over any interface through which TCP connection with the peer can be set up.
Page 922 Operation Manual – MPLS L3VPN H3C S9500 Series Routing Switches Chapter 1 MPLS L3VPN Configuration To do... Use the command... Configure the local address as the next peer { group-name } next-hop-local hop in route advertisement undo peer { group-name }...
Page 923: Configuring P Router
Operation Manual – MPLS L3VPN H3C S9500 Series Routing Switches Chapter 1 MPLS L3VPN Configuration To do... Use the command... Configure BGP neighbor as the UPE of MPLS peer peer-address upe L3VPN Disable the configuration undo peer peer-address upe 1.2.4 Configuring P Router P router does not maintain VPN routes, but do keep connection with public network and coordinate with PE in creating LSPs.
Page 924 Operation Manual – MPLS L3VPN H3C S9500 Series Routing Switches Chapter 1 MPLS L3VPN Configuration III. Displaying VPN-instance related information After the above configuration, executing the display command in any view can display the VPN-instance related information, including its RD, description, the interfaces associated with it, and so on.
Page 925 VPNA includes CE1 and CE3; VPNB includes CE2 and CE4. Subscribers in different VPNs cannot access each other. The VPN-target attribute for VPNA is 111:1 and that for VPNB is 222:2. The PEs and P are H3C switches supporting MPLS, and CEs are common Layer 3 switches. Note: The configuration in this example is focused on: Configure EBGP to exchange VPN routing information between CEs and PEs.
Page 926 Operation Manual – MPLS L3VPN H3C S9500 Series Routing Switches Chapter 1 MPLS L3VPN Configuration II. Network diagram AS 65430 AS 65410 VLAN201 VLAN201 VLAN201 VLAN201 168.3.1.1/16 168.3.1.1/16 168.1.1.1/16 VPN - A VPN - A VPN - A VPN - A...
Page 927 Operation Manual – MPLS L3VPN H3C S9500 Series Routing Switches Chapter 1 MPLS L3VPN Configuration Note: The configuration on the other three CE switches (CE2 to CE4) is similar to that on CE1, the details are omitted here. Configure PE1 # Configure vpn-instance for VPNA on PE1, as well as other associated attributes to control advertisement of VPN routing information.
Page 928 Operation Manual – MPLS L3VPN H3C S9500 Series Routing Switches Chapter 1 MPLS L3VPN Configuration [PE1] mpls lsr-id 202.100.1.1 [PE1] mpls [PE1-mpls] quit [PE1] mpls ldp [PE1] vlan 201 [PE1-vlan201] port gigabitethernet 2/1/1 [PE1-vlan201] quit [PE1] interface Vlan-interface 201 [PE1-Vlan-interface201] ip address 172.1.1.1 255.255.0.0...
Page 929 Operation Manual – MPLS L3VPN H3C S9500 Series Routing Switches Chapter 1 MPLS L3VPN Configuration [P-LoopBack 0] quit [P] vlan 301 [P-vlan301] port gigabitethernet 3/1/1 [P-vlan301] quit [P] interface Vlan-interface 301 [P-Vlan-interface301] ip address 172.1.1.2 255.255.0.0 [P-Vlan-interface301] mpls [P-Vlan-interface301] mpls ldp enable...
Page 930 Operation Manual – MPLS L3VPN H3C S9500 Series Routing Switches Chapter 1 MPLS L3VPN Configuration [P-ospf-1] import-route direct Configure PE3 Note: The configuration on PE3 is similar to that on PE1, you should pay more attention to VPN routing attribute setting on PE3 to get information about how to control advertisement of a same VPN routing information (with same VPN-target) over MPLS network.
Page 931: Extranet Configuration Example
Operation Manual – MPLS L3VPN H3C S9500 Series Routing Switches Chapter 1 MPLS L3VPN Configuration [PE3] mpls lsr-id 202.100.1.3 [PE3] mpls [PE3-mpls] quit [PE3] mpls ldp [PE3] vlan 201 [PE3-vlan201] interface gigabitethernet 2/1/1 [PE3-vlan201] quit [PE3] interface Vlan-interface 201 [PE3-Vlan-interface201] ip address 172.3.1.1 255.255.0.0...
Page 932 Operation Manual – MPLS L3VPN H3C S9500 Series Routing Switches Chapter 1 MPLS L3VPN Configuration In this example, VPN function is provided by MPLS. There are some shared resources at the City C for the two VPNs. All subscribers in both VPNs can access the shared resources, but VPN subscribers in City A and City B cannot access each other.
Page 933 Operation Manual – MPLS L3VPN H3C S9500 Series Routing Switches Chapter 1 MPLS L3VPN Configuration III. Configuration procedure Note: This configuration procedure has omitted configurations between PE and P, and configurations on CEs. For these details refer to the former example.
Page 934 Operation Manual – MPLS L3VPN H3C S9500 Series Routing Switches Chapter 1 MPLS L3VPN Configuration [PE-A] mpls [PE-A-mpls] quit [PE-A] mpls ldp # Set up MP-IBGP adjacency between PEs to exchange inter-PE VPN routing information and activate MP-IBGP peer in VPNv4 sub-address family view.
Page 935 Operation Manual – MPLS L3VPN H3C S9500 Series Routing Switches Chapter 1 MPLS L3VPN Configuration [PE-C] interface loopback 0 [PE-C-LoopBack0] ip address 20.1.1.1 255.255.255.255 [PE-C-LoopBack0] quit # Configure MPLS basic capacity. [PE-C] mpls lsr-id 20.1.1.1 [PE-C] mpls [PE-C-mpls] quit [PE-C] mpls ldp # Set up MP-IBGP adjacency between PEs to exchange inter-PE VPN routing information and activate MP-IBGP peer in VPNv4 sub-address family view.
Page 936 Operation Manual – MPLS L3VPN H3C S9500 Series Routing Switches Chapter 1 MPLS L3VPN Configuration # Bind VPN-instance3 with the interface of VLAN301 which connects to CE-B. [PE-B] vlan 301 [PE-B-vlan301] port gigabitethernet 3/1/1 [PE-B-vlan301] quit [PE-B] interface Vlan-interface 301 [PE-B-Vlan-interface301] ip binding vpn-instance vpn-instance3 [PE-B-Vlan-interface301] ip address 172.17.0.1 255.255.0.0...
Page 937 Operation Manual – MPLS L3VPN H3C S9500 Series Routing Switches Chapter 1 MPLS L3VPN Configuration Hub&Spoke networking topology is used: CE2 and CE3 are spoke-sites, while CE1 is a hub-site in the bank data center. CE1 controls communication between CE2 and CE3.
Page 938 Operation Manual – MPLS L3VPN H3C S9500 Series Routing Switches Chapter 1 MPLS L3VPN Configuration II. Network diagram Figure 1-10 Network diagram for Hub&Spoke III. Configuration procedure Note: The following contents are omitted in this example: MPLS basic capacity configuration between PEs, configuration between PE and P, configuration between CEs.
Page 939 Operation Manual – MPLS L3VPN H3C S9500 Series Routing Switches Chapter 1 MPLS L3VPN Configuration # Set up EBGP adjacency between PE1 and CE1, import intra-CE1 VPN routes learned into MBGP VPN-instance address family, with one routing loop permitted. [PE1] bgp 100...
Page 940 Operation Manual – MPLS L3VPN H3C S9500 Series Routing Switches Chapter 1 MPLS L3VPN Configuration [PE1] bgp 100 [PE1-bgp] group 22 [PE1-bgp] peer 22.1.1.1 group 22 as-number 100 [PE1-bgp] peer 22.1.1.1 connect-interface loopback 0 [PE1-bgp] group 33 [PE1-bgp] peer 33.1.1.1 group 33 as-number 100 [PE1-bgp] peer 33.1.1.1 connect-interface loopback 0...
Page 941 Operation Manual – MPLS L3VPN H3C S9500 Series Routing Switches Chapter 1 MPLS L3VPN Configuration [PE2] interface loopback 0 [PE2-LoopBack0] ip address 22.1.1.1 255.255.255.255 [PE2-LoopBack0] quit # Set up MP-IBGP adjacency between PE2 and PE1 to exchange inter-PE VPN routing information and activate MP-IBGP peer in VPNv4 sub-address family view.
Page 942 Operation Manual – MPLS L3VPN H3C S9500 Series Routing Switches Chapter 1 MPLS L3VPN Configuration [PE3-Vlan-interface201] quit # Configure Loopback interface [PE3] interface loopback 0 [PE3-LoopBack0] ip address 33.1.1.1 255.255.255.255 [PE3-LoopBack0] quit # Set up MP-IBGP adjacency between PE3 and PE1 to exchange inter-PE VPN routing information and activate MP-IBGP peer in VPNv4 sub-address family view.
Page 943 Operation Manual – MPLS L3VPN H3C S9500 Series Routing Switches Chapter 1 MPLS L3VPN Configuration II. Network diagram AS:65003 AS:65004 VLAN211 VLAN211 192.168.13.2/24 192.168.13.2/24 VLAN211 VLAN211 192.168.23.2/24 192.168.23.2/24 VLAN314 VLAN314 Loopback0 Loopback0 VLAN311 VLAN311 192.168.23.1/24 192.168.23.1/24 3.3.3.3/32 192.168.13.1/24 192.168.13.1/24 VLAN312...
Page 944 Operation Manual – MPLS L3VPN H3C S9500 Series Routing Switches Chapter 1 MPLS L3VPN Configuration # Set up EBGP adjacency between PE1 and CE1 in VPN-instance 1, import intra-CE1 VPN routes learned into VPN-instance 1.1. [PE1] bgp 100 [PE1-bgp] ipv4-family vpn-instance vpn-instance1.1...
Page 945 Operation Manual – MPLS L3VPN H3C S9500 Series Routing Switches Chapter 1 MPLS L3VPN Configuration # Configure MPLS basic capacity, enable LDP on the interface connecting PE1 and PE2 and the interface connecting PE1 and PE3. [PE1] mpls lsr-id 1.1.1.1...
Page 946 Operation Manual – MPLS L3VPN H3C S9500 Series Routing Switches Chapter 1 MPLS L3VPN Configuration [PE1-bgp] peer 3.3.3.3 group 3 [PE1-bgp] peer 3.3.3.3 connect-interface loopback 0 [PE1-bgp] ipv4-family vpnv4 [PE1-bgp-af-vpn] peer 2 enable [PE1-bgp-af-vpn] peer 2.2.2.2 group 2 [PE1-bgp-af-vpn] peer 3 enable [PE1-bgp-af-vpn] peer 3.3.3.3 group 3...
Page 947 Operation Manual – MPLS L3VPN H3C S9500 Series Routing Switches Chapter 1 MPLS L3VPN Configuration [PE2-bgp-af-vpn-instance] peer 172.22.22.2 group 17222 as-number 65002 [PE2-bgp-af-vpn] quit [PE2-bgp] quit # Bind the interface connecting PE2 and CE1 to VPN-instance 2.1 and the interface connecting PE2 and CE2 to VPN-instance 2.2.
Page 948 Operation Manual – MPLS L3VPN H3C S9500 Series Routing Switches Chapter 1 MPLS L3VPN Configuration [PE3-bgp-af-vpn-instance] import-route direct [PE3-bgp-af-vpn-instance] import-route static [PE3-bgp-af-vpn-instance] group 192 external [PE3-bgp-af-vpn-instance] peer 192.168.13.2 group 192 as-number 65003 [PE3-bgp-af-vpn-instance] quit [PE3-bgp] quit # Set up EBGP adjacency between PE3 and CE4 in VPN-instance3.2, import intra-CE4 VPN routes learned into VPN-instance3.2.
Page 949 Operation Manual – MPLS L3VPN H3C S9500 Series Routing Switches Chapter 1 MPLS L3VPN Configuration II. Network diagram AS 100 AS 200 VLAN205 VLAN205 10.1.1.2/2 VLAN205 20.1.1.1/24 VLAN205 VLAN206 10.1.1.1/24 20.1.1.2/24 PE1:1.1.1.1/32 98.98.98.1/24 PE2:2.2.2.2/32 VLAN201 VLAN203 VLAN204 172.11.11.1/24 VLAN202 98.98.98.2/24 VLAN206 172.12.12.1/24...
Page 950 Operation Manual – MPLS L3VPN H3C S9500 Series Routing Switches Chapter 1 MPLS L3VPN Configuration [PE1] vlan 205 [PE1-vlan205] port gigabitethernet 2/2/1 [PE1-vlan205] quit [PE1] interface Vlan-interface 205 [PE1-Vlan-interface205] mpls [PE1-Vlan-interface205] mpls ldp enable [PE1-Vlan-interface205] ip address 10.1.1.2 255.255.255.0 # Bind the VLAN interface with the VPN-instance.
Page 951 Operation Manual – MPLS L3VPN H3C S9500 Series Routing Switches Chapter 1 MPLS L3VPN Configuration [PE2] mpls lsr-id 2.2.2.2 [PE2] mpls [PE2-mpls] quit [PE2] mpls ldp # Configure the VLAN interface connecting CE. [PE2] vlan 203 [PE2-vlan203] port gigabitethernet 2/1/1...
Page 952 Operation Manual – MPLS L3VPN H3C S9500 Series Routing Switches Chapter 1 MPLS L3VPN Configuration [PE2] bgp 200 [PE2-bgp] ipv4-family vpn-instance vpna [PE2-bgp-af-vpn-instance] import-route direct [PE2-bgp-af-vpn-instance] group 172-12 external [PE2-bgp-af-vpn-instance] peer 172.12.12.2 group 172-12 as-number 65012 [PE2-bgp] ipv4-family vpn-instance vpnb...
Page 953 Operation Manual – MPLS L3VPN H3C S9500 Series Routing Switches Chapter 1 MPLS L3VPN Configuration [P1-Vlan-interface206] mpls [P1-Vlan-interface206] ip address 98.98.98.1 255.255.255.0 [P1-Vlan-interface206] quit # Configure IBGP neighbors and EBGP neighbors. [P1] bgp 100 [P1-bgp] group 1 internal [P1-bgp] peer 1.1.1.1 group 1 [P1-bgp] peer 1.1.1.1 connect-interface loopback0...
Page 954 Operation Manual – MPLS L3VPN H3C S9500 Series Routing Switches Chapter 1 MPLS L3VPN Configuration II. Network diagram BGP/MPLS Backbone BGP/MPLS Backbone Loopback0 AS 100 AS 200 Loopback0 202.100.1.1/32 202.200.1.1/32 VLAN 210 VLAN 210 VLAN 310 192.1.1.2/24 162.1.1.1/16 VLAN 110 192.1.1.1/24...
Page 955 Operation Manual – MPLS L3VPN H3C S9500 Series Routing Switches Chapter 1 MPLS L3VPN Configuration [ASBR-PE1-LoopBack 0] ip address 202.100.1.1 255.255.255.255 [ASBR-PE1-LoopBack 0] quit [ASBR-PE1] vlan 110 [ASBR-PE1-vlan110] interface vlan 110 [ASBR-PE1-Vlan-interface110] ip address 172.1.1.1 255.255.0.0 [ASBR-PE1-Vlan-interface110] quit [ASBR-PE2] vlan 210 [ASBR-PE1-vlan210] interface vlan 210 [ASBR-PE1-Vlan-interface210] ip address 192.1.1.1 255.255.255.0...
Page 956 Operation Manual – MPLS L3VPN H3C S9500 Series Routing Switches Chapter 1 MPLS L3VPN Configuration [ASBR-PE2] ospf [ASBR-PE2-ospf-1] area 0 [ASBR-PE2-ospf-1-area-0.0.0.0] network 162.1.0.0 0.0.255.255 [ASBR-PE2-ospf-1-area-0.0.0.0] network 202.200.1.1 0.0.0.0 [ASBR-PE2-ospf-1-area-0.0.0.0] quit [ASBR-PE2-ospf-1] quit Configure basic MPLS capability on the MPLS backbone network to enable the network to forward VPN traffic.
Page 957 Operation Manual – MPLS L3VPN H3C S9500 Series Routing Switches Chapter 1 MPLS L3VPN Configuration [ASBR-PE2] mpls lsr-id 162.1.1.1 [ASBR-PE2-mpls] lsp-trigger all [ASBR-PE2-mpls] quit [ASBR-PE2] mpls ldp [ASBR-PE2-mpls-ldp] quit [ASBR-PE2] interface vlan 310 [ASBR-PE2-Vlan-interface310] mpls [ASBR-PE2-Vlan-interface310] mpls ldp enable [ASBR-PE2-Vlan-interface310] quit...
Page 958 Operation Manual – MPLS L3VPN H3C S9500 Series Routing Switches Chapter 1 MPLS L3VPN Configuration [CE2] vlan 510 [CE2-vlan510] interface vlan 510 [CE2-Vlan-interface510] ip address 168.2.2.2 255.255.0.0 [CE2-Vlan-interface510] quit # Create a VPN instance on PE2 and bind it to the interface connected to CE2...
Page 959 Operation Manual – MPLS L3VPN H3C S9500 Series Routing Switches Chapter 1 MPLS L3VPN Configuration [PE1-bgp-af-vpn-instance] import-route direct [PE1-bgp-af-vpn-instance] quit [PE1-bgp] group 20 [PE1-bgp] peer 20 label-route-capability [PE1-bgp] peer 202.100.1.1 group 20 [PE1-bgp] peer 202.100.1.1 connect-interface loopback0 [PE1-bgp] group 30 external [PE1-bgp] peer 30 ebgp-max-hop [PE1-bgp] peer 202.200.1.2 group 30 as-number 200...
Page 960 Operation Manual – MPLS L3VPN H3C S9500 Series Routing Switches Chapter 1 MPLS L3VPN Configuration [ASBR-PE1-bgp] peer 202.100.1.2 connect-interface loopback0 [ASBR-PE1-bgp] quit # Configure CE2. [CE2] bgp 65002 [CE2-bgp] group 10 external [CE2-bgp] peer 168.2.2.1 group 10 as-number 200 [CE2-bgp] quit # Configure PE2: set up EBGP peer relation with CE2, IBGP peer relation with ASBR-PE2, and Multihop MP-EBGP peer relation with PE1.
Page 961 Operation Manual – MPLS L3VPN H3C S9500 Series Routing Switches Chapter 1 MPLS L3VPN Configuration # Configure ASBR-PE2: set up EBGP peer relation with ASBR-PE1, and IBGP peer relation with PE2. [ASBR-PE2] bgp 200 [ASBR-PE2-bgp] import-route ospf [ASBR-PE2-bgp] group 10 external...
Page 962 Operation Manual – MPLS L3VPN H3C S9500 Series Routing Switches Chapter 1 MPLS L3VPN Configuration II. Network diagram MPLS Upper layer VPN backbone Loopback0: 1.0.0.2 VLAN201 10.0.0.1/8 VLAN301 10.0.0.2/8 Loopback0:1.0.0.1 Lower layer VPN VPN 2 VPN 1 VPN 1 Site 1...
Page 963 Operation Manual – MPLS L3VPN H3C S9500 Series Routing Switches Chapter 1 MPLS L3VPN Configuration [SPE-vlan201] quit [SPE] interface Vlan-interface 201 [SPE-Vlan-interface201] ip address 10.0.0.1 255.0.0.0 [SPE-Vlan-interface201] mpls [SPE-Vlan-interface201] mpls ldp enable [SPE-Vlan-interface201] quit [SPE] interface loopback0 [SPE-LoopBack 0] ip address 1.0.0.2 255.255.255.255...
Page 964 I. Network requirements As shown in the following picture, a company connects to a WAN through OSPF multi-instance function of H3C router. OSPF is bind to VPN1.MPLS VPN backbone runs between PEs and OSPF runs between PE and CE. Configure a Sham-link between PE1 and PE2 to ensure the traffic between CE1 and CE2 does not pass the Backdoor link that directly connects CE1 and CE2.
Page 965 Operation Manual – MPLS L3VPN H3C S9500 Series Routing Switches Chapter 1 MPLS L3VPN Configuration II. Network diagram LoopBack 0 : 3.3.3.3 LoopBack 0 : 3.3.3.3 LoopBack 0 : 3.3.3.3 LoopBack 0 : 3.3.3.3 LoopBack 0 : 1.1.1.1 CE 1...
Page 966 Operation Manual – MPLS L3VPN H3C S9500 Series Routing Switches Chapter 1 MPLS L3VPN Configuration [PE1-Vlan-interface201] quit [PE1] vlan 202 [PE1-vlan202] port gigabitethernet 2/1/2 [PE1-vlan202] quit [PE1] interface Vlan-interface 202 [PE1-Vlan-interface202] ip address 168.1.13.1 255.255.255.0 [PE1-Vlan-interface202] ospf cost 1 [PE1-Vlan-interface202] mpls...
Page 967 Operation Manual – MPLS L3VPN H3C S9500 Series Routing Switches Chapter 1 MPLS L3VPN Configuration [PE1-ospf-100-area-0.0.0.0] network 10.1.1.0 0.0.0.255 # Configuring Sham-link [PE1-ospf-100-area-0.0.0.1] sham-link 1.1.1.1 2.2.2.2 # Configure the routes distributed to PE2 and PE3. [PE1] ospf 1000 [PE1-ospf-1000] area 0 [H3C-ospf-1000-area-0.0.0.0] network 168.12.1.0 0.0.0.255...
Page 968 Operation Manual – MPLS L3VPN H3C S9500 Series Routing Switches Chapter 1 MPLS L3VPN Configuration [PE2-Vlan-interface202] ip address 168.1.23.2 255.255.255.0 [PE2-Vlan-interface202] ospf cost 1 [PE2-Vlan-interface202] mpls [PE2-Vlan-interface202] mpls ldp enable [PE2-Vlan-interface202] quit [PE2] interface LoopBack0 [PE2-LoopBack0] ip binding vpn-instance vpn1 [PE2-LoopBack0] ip address 2.2.2.2 255.255.255.255...
Page 969 Operation Manual – MPLS L3VPN H3C S9500 Series Routing Switches Chapter 1 MPLS L3VPN Configuration [PE2] ip route-static 50.1.1.1 255.255.255.255 168.1.12.1 [PE2] ip route-static 50.1.1.3 255.255.255.255 168.1.23.3 # Configure the routes distributed to PE1 and PE3. [PE1] ospf 1000 [PE1-ospf-1000]area 0 [H3C-ospf-1000-area-0.0.0.0] network 168.12.1.0 0.0.0.255...
Page 970 Operation Manual – MPLS L3VPN H3C S9500 Series Routing Switches Chapter 1 MPLS L3VPN Configuration [CE2] interface Vlan-interface 201 [CE2-Vlan-interface201] ip address 20.1.1.1 255.255.255.0 [CE2-Vlan-interface201] ospf cost 1 # Configure OSPF. [CE2] ospf 100 router-id 20.20.20.20 [CE2-ospf-100] area 0.0.0.0 [CE2-ospf-100-area-0.0.0.0] network 12.1.1.0 0.0.0.255 [CE2-ospf-100-area-0.0.0.0] network 20.1.1.0 0.0.0.255...
Page 971 Operation Manual – MPLS L3VPN H3C S9500 Series Routing Switches Chapter 1 MPLS L3VPN Configuration III. Configuration procedure Note: This procedure omits part of the configuration for CE router. Configure IGP on the service provider's backbone network. # Configure prov_pe1.
Page 972 Operation Manual – MPLS L3VPN H3C S9500 Series Routing Switches Chapter 1 MPLS L3VPN Configuration [prov_pe1] interface vlan 110 [prov_pe1- Vlan-interface110] mpls [prov_pe1- Vlan-interface110] mpls ldp enable [prov_pe1- Vlan-interface110] quit # Configure prov_pe2. [prov_pe2] mpls lsr-id 4.4.4.4 [prov_pe2] mpls ldp...
Page 973 Operation Manual – MPLS L3VPN H3C S9500 Series Routing Switches Chapter 1 MPLS L3VPN Configuration [prov_pe1-vpn-instance] quit [prov_pe1] ip vpn-instance vpn1 [prov_pe1-vpn-instance] route-distinguisher 1:1 [prov_pe1-vpn-instance] vpn-target 1:1 [prov_pe1-vpn-instance] vpn-target 3:3 [prov_pe1-vpn-instance] quit [prov_pe1] vlan 310 [prov_pe1] interface vlan 310 [prov_pe1-Vlan-interface310] ip binding vpn-instance customer_vpn [prov_pe1-Vlan-interface310] ip address 1.1.1.2 255.0.0.0...
Page 974 Operation Manual – MPLS L3VPN H3C S9500 Series Routing Switches Chapter 1 MPLS L3VPN Configuration [cust_pe2-LoopBack0] ip address 7.7.7.7 255.255.255.255 [cust_pe2-LoopBack0] quit [cust_pe2] mpls lsr-id 7.7.7.7 [cust_pe2] interface vlan 410 [cust_pe2-Vlan-interface410] ip address 2.1.1.1 255.0.0.0 [cust_pe2-Vlan-interface410] mpls [cust_pe2-Vlan-interface410] quit Configure EBGP between provider PE and customer PE.
Page 975 Operation Manual – MPLS L3VPN H3C S9500 Series Routing Switches Chapter 1 MPLS L3VPN Configuration [prov_pe2-bgp-af-vpn] peer 2.1.1.1 vpn-instance customer_vpn route-policy com2 import # Configure cust_pe1 [cust_pe1] bgp 600 [cust_pe1-bgp] group ebgp external [cust_pe1-bgp] undo peer ebgp enable [cust_pe1-bgp] peer 1.1.1.2 group ebgp as-number 100...
Page 976 Operation Manual – MPLS L3VPN H3C S9500 Series Routing Switches Chapter 1 MPLS L3VPN Configuration [cust_pe2] interface vlan 610 [cust_pe2-Vlan-interface610] ip binding vpn-instance vpn1 [cust_pe2-Vlan-interface610] ip address 16.1.1.2 255.0.0.0 [cust_pe2-Vlan-interface510] quit [cust_pe2] bgp 500 [cust_pe2-bgp] undo peer ebgp enable [cust_pe2-bgp] ipv4-family vpn-instance vpn1 [cust_pe2-bgp-af-vpn-instance] group cegroup external [cust_pe2-bgp-af-vpn-instance] peer 16.1.1.1 group cegroup as-number 50002...
Page 977 Operation Manual – MPLS L3VPN H3C S9500 Series Routing Switches Chapter 1 MPLS L3VPN Configuration [CE-vpn-vpn2] vpn-target 200:1 import-extcommunity # Configure VLAN201. [CE] vlan 201 [CE-vlan201] port gigabitethernet 2/1/1 [CE-vlan201] quit [CE] interface Vlan-interface 201 [CE-Vlan-interface201] ip binding vpn-instance vpn1 [CE-Vlan-interface201] ip address 10.1.1.2 255.255.255.0...
Page 978 Operation Manual – MPLS L3VPN H3C S9500 Series Routing Switches Chapter 1 MPLS L3VPN Configuration [CE-ospf-300] area 0.0.0.1 [CE-ospf-300-area-0.0.0.1] network 20.1.1.0 0.0.0.255 [CE-ospf-300-area-0.0.0.1] network 20.2.1.0 0.0.0.255 1.4.11 Multi-Role Host Configuration Example I. Network requirements CE1 and CE3 belong to VPN1, and CE2 belong to VPN2.
Page 979 Operation Manual – MPLS L3VPN H3C S9500 Series Routing Switches Chapter 1 MPLS L3VPN Configuration [PE1] vlan 110 [PE1-vlan110] interface vlan-interface 110 [PE1-Vlan-interface110] ip address 192.168.1.1 24 [PE1-Vlan-interface110] quit [PE1] ospf [PE1-ospf-1] area 0 [PE1-ospf-1-area-0.0.0.0] network 192.168.1.0 0.0.0.255 [PE1-ospf-1-area-0.0.0.0] network 1.1.1.9 0.0.0.0 [PE1-ospf-1-area-0.0.0.0] quit...
Page 980 Operation Manual – MPLS L3VPN H3C S9500 Series Routing Switches Chapter 1 MPLS L3VPN Configuration [PE1-vpn-vpn1] quit [PE1] ip vpn-instance vpn2 [PE1-vpn-vpn2] route-distinguisher 100:2 [PE1-vpn-vpn2] vpn-target 100:2 both [PE1-vpn-vpn2] quit [PE1] vlan 310 [PE1-vlan310] interface vlan-interface 310 [PE1-Vlan-interface310] ip binding vpn-instance vpn1 [PE1-Vlan-interface310] ip address 20.2.1.2 24...
Page 981 Operation Manual – MPLS L3VPN H3C S9500 Series Routing Switches Chapter 1 MPLS L3VPN Configuration [CE1-Vlan-interface310] ip address 20.2.1.1 24 [CE1-Vlan-interface310] quit [CE1] bgp 65410 [CE1-bgp] import-route direct [CE1-bgp] group 10 external [CE1-bgp] peer 20.2.1.2 group 10 as-number 100 [CE1-bgp] quit...
Page 982 Operation Manual – MPLS L3VPN H3C S9500 Series Routing Switches Chapter 1 MPLS L3VPN Configuration [PE1-bgp-af-vpn-instance] import-route direct [PE1-bgp-af-vpn-instance] import-route static # Configure PE2: set up IBGP peer relation with PE1 in BGP-VPNv4 sub-address family view; set up EBGP peer relation with CE3 in BGP-VPN instance view.
Page 983 Operation Manual – MPLS L3VPN H3C S9500 Series Routing Switches Chapter 1 MPLS L3VPN Configuration LSP is removed, the FIB entries generated by the dynamic routing protocol can be used for IP forwarding. II. Networking diagram 3.3.3.3 VLAN20 1.1.1.1 VLAN10 2.2.2.2...
Page 984 Operation Manual – MPLS L3VPN H3C S9500 Series Routing Switches Chapter 1 MPLS L3VPN Configuration [PE1-ospf-1] area 0 [PE1-ospf-1-area-0.0.0.0] network 1.1.1.1 0.0.0.0 [PE1-ospf-1-area-0.0.0.0] network 10.1.1.1 0.0.0.255 [PE1-ospf-1-area-0.0.0.0] quit [PE1-ospf-1] quit # Configure the static LSP to PE2. [PE1] mpls [PE1-mpls] static-lsp ingress lsp1 destination 3.3.3.3 32 nexthop 10.1.1.2...
Page 985 Operation Manual – MPLS L3VPN H3C S9500 Series Routing Switches Chapter 1 MPLS L3VPN Configuration [P] interface Vlan-interface 20 [P-Vlan-interface20] ip address 20.1.1.1 255.255.255.0 [P-Vlan-interface20] ospf cost 1 [P-Vlan-interface20] mpls [P-Vlan-interface20] quit # Enable OSPF on the loopback interface and the interfaces through which the P device connects to PE1 and PE2 for intra-MPLS domain interworking.
Page 986 Operation Manual – MPLS L3VPN H3C S9500 Series Routing Switches Chapter 1 MPLS L3VPN Configuration Check whether the routing attributes import/export relation of each VPN-instance is correct. Check from the hub PE that whether the routing information between two VPN instances can be learnt by each other.
Page 987 Operation Manual – MPLS L3VPN H3C S9500 Series Routing Switches Chapter 1 MPLS L3VPN Configuration Check whether the BGP information is correct on the PE at the peer end; check whether specified the local Loopback interface as the interface to create adjacent with the peer end;...
Page 988 Operation Manual – MPLS OAM H3C S9500 Series Routing Switches Table of Contents Table of Contents Chapter 1 MPLS OAM Configuration................... 1-1 1.1 MPLS OAM Overview......................1-1 1.1.1 MPLS OAM Background ..................1-1 1.1.2 MPLS OAM Packet Types and Formats ..............1-2 1.1.3 MPLS OAM Capabilities..................
Page 989 Typical MPLS OAM Configuration Example Troubleshooting MPLS OAM Note: Currently the H3C S9500 series routing switches do not support the FFD. 1.1 MPLS OAM Overview Operation, administration and maintenance (OAM) is a tool designed for monitoring and troubleshooting network problems. It provides an effective way of reducing network maintenance costs.
Page 990 Operation Manual – MPLS OAM H3C S9500 Series Routing Switches Chapter 1 MPLS OAM Configuration 1.1.2 MPLS OAM Packet Types and Formats MPLS OAM packets fall into four types: connectivity verification (CV), fast failure detection (FFD), forward defect indication (FDI) and backward defect indication (BDI).
Page 991 Operation Manual – MPLS OAM H3C S9500 Series Routing Switches Chapter 1 MPLS OAM Configuration II. OAM FFD packets Like CV packets, you also can verify the LSP connectivity by checking the OAM FFD packets sent from the ingress node of an LSP arrive at the egress node.
Page 992 Operation Manual – MPLS OAM H3C S9500 Series Routing Switches Chapter 1 MPLS OAM Configuration Function type (02Hex) Reserved (00Hex) Defect type TTSI (optional, if not used set to all 00Hex) (20 octets) Defect location (4 octets) Padding (all 00Hex)
Page 993 Operation Manual – MPLS OAM H3C S9500 Series Routing Switches Chapter 1 MPLS OAM Configuration Function type (03Hex) Reserved (00Hex) Defect type TTSI (optional, if not used set to all 00Hex) (20 octets) Defect location (4 octets) Padding (all 00Hex)
Page 994 Operation Manual – MPLS OAM H3C S9500 Series Routing Switches Chapter 1 MPLS OAM Configuration immediately. If a protection group is configured properly, the corresponding protection switching would also be triggered. When configuring MPLS OAM basic capability, you need to bind a reverse channel to the LSP to be verified.
Page 995: Mpls Oam Configuration
Operation Manual – MPLS OAM H3C S9500 Series Routing Switches Chapter 1 MPLS OAM Configuration Share mesh protection: This protection mode is designed for saving bandwidth in the mesh network topology. In short, an LSP is used as the secondary LSP for multiple LSPs.
Page 996 Operation Manual – MPLS OAM H3C S9500 Series Routing Switches Chapter 1 MPLS OAM Configuration Configure MPLS basic capabilities, refer to MPLS Configuration. Configure static LSPs, refer to MPLS Configuration. Data preparation To configure MPLS OAM basic capability, prepare the following data:...
Page 997 Operation Manual – MPLS OAM H3C S9500 Series Routing Switches Chapter 1 MPLS OAM Configuration Note: This operation also can be used for modifying MPLS OAM parameters. The configuration of MPLS OAM parameters takes effect only after the MPLS OAM function is enabled.
Page 998 Operation Manual – MPLS OAM H3C S9500 Series Routing Switches Chapter 1 MPLS OAM Configuration The data flow is on the primary LSP if both the primary and secondary LSPs in one protection group fail. When the primary LSP is in the up/no-defect state and the secondary LSP is in the down, in-defect, or down/in-defect state, the data flow is on the primary LSP.
Page 999 Operation Manual – MPLS OAM H3C S9500 Series Routing Switches Chapter 1 MPLS OAM Configuration To do… Use the command... Remarks Display MPLS OAM display mpls oam egress { all | Alailable in information on the egress lsp-name lsp-name } [ slot slot-id |...
Page 1000 Operation Manual – MPLS OAM H3C S9500 Series Routing Switches Chapter 1 MPLS OAM Configuration node Switch A of defect verification results, and switches data flows to the secondary LSP. In this case, only Switch A and Switch C need to support MPLS OAM, Switch B, Switch D and Switch E do not.