HP 6125XLG Blade Switch Layer 3 - IP Routing Configuration Guide Part number: 5998-5372a Software version: Release 240x Document version: 6W101-20150515...
Page 2
The only warranties for HP products and services are set forth in the express warranty statements accompanying such products and services. Nothing herein should be construed as constituting an additional warranty.
Page 4
Configuring a preference for RIP ························································································································· 29 Configuring RIP route redistribution ····················································································································· 30 Tuning and optimizing RIP networks ···························································································································· 30 Configuration prerequisites ·································································································································· 30 Configuring RIP timers ··········································································································································· 30 Configuring split horizon and poison reverse ···································································································· 31 ...
Page 5
Configuring the NBMA network type for an interface ······················································································ 72 Configuring the P2MP network type for an interface ························································································ 73 Configuring the P2P network type for an interface ··························································································· 73 Configuring OSPF route control ··································································································································· 74 Configuration prerequisites ··································································································································...
Page 6
OSPF NSSA area configuration example ········································································································ 107 OSPF DR election configuration example ········································································································· 109 OSPF virtual link configuration example ··········································································································· 113 OSPF GR configuration example ······················································································································· 115 OSPF NSR configuration example ···················································································································· 117 BFD for OSPF configuration example ··············································································································· 119 ...
Page 8
Configuring the AS_PATH attribute ··················································································································· 225 Tuning and optimizing BGP networks ························································································································ 230 Configuring the keepalive interval and hold time ···························································································· 230 Configuring the interval for sending updates for the same route ··································································· 232 Enabling BGP to establish an EBGP session over multiple hops ···································································· 232 ...
Page 9
Configuring a policy ···················································································································································· 316 Creating a node ·················································································································································· 316 Configuring match criteria for a node ·············································································································· 316 Configuring actions for a node ·························································································································· 316 Configuring PBR ··························································································································································· 317 Configuring local PBR ········································································································································· 317 Configuring interface PBR ··································································································································...
Page 10
Protocols and standards ····································································································································· 351 OSPFv3 configuration task list ···································································································································· 351 Enabling OSPFv3 ························································································································································· 352 Configuring OSPFv3 area parameters ······················································································································ 353 Configuration prerequisites ································································································································ 353 Configuring a stub area ····································································································································· 353 Configuring an NSSA area ································································································································ 353 ...
Page 11
Applying a routing policy to IPv4 route redistribution ····················································································· 422 Applying a routing policy to IPv6 route redistribution ····················································································· 425 Support and other resources ·································································································································· 428 Contacting HP ······························································································································································ 428 Subscription service ············································································································································ 428 Related information ······················································································································································ 428 ...
Page 12
Index ········································································································································································ 431 ...
Configuring basic IP routing The term "interface" in the routing features collectively refers to Layer 3 interfaces, including VLAN interfaces and Layer 3 Ethernet interfaces. You can set an Ethernet port as a Layer 3 interface by using the port link-mode route command (see Layer 2—LAN Switching Configuration Guide). IP routing directs IP packet forwarding on routers based on a routing table.
A route entry includes the following key items: • Destination—IP address of the destination host or network. Mask—Mask length of the IP address. • Pre—Preference of the route. Among routes to the same destination, the route with the highest • preference is optimal.
Table 3 Route types and default route preferences Route type Preference Direct route Multicast static route OSPF IS-IS Unicast static route OSPF ASE OSPF NSSA IBGP EBGP Unknown (route from an untrusted source) Load sharing A routing protocol might find multiple optimal equal-cost routes to the same destination. You can use these routes to implement equal-cost multi-path (ECMP) load sharing.
Route redistribution Route redistribution enables routing protocols to learn routing information from each other. A dynamic routing protocol can redistribute routes from other routing protocols, including direct and static routing. For more information, see the respective chapters on those routing protocols in this configuration guide. The RIB records redistribution relationships of routing protocols.
Configuring the maximum lifetime for routes in the When GR or NSR is disabled, FIB entries must be retained for some time after a protocol process switchover or RIB process switchover. When GR or NSR is enabled, FIB entries must be removed immediately after a protocol or RIB process switchover to avoid routing issues.
Enabling the enhanced ECMP mode In the default ECMP mode, when one or multiple ECMP routes fail, the device reallocates all traffic to the remaining routes. The enhanced ECMP mode enables the device to reallocate only the traffic of the failed routes to the remaining routes, ensuring forwarding continuity.
Page 19
Task Command Display next hop information for direct display route-direct nib [ nib-id ] [ verbose ] routes. reset ip routing-table statistics protocol [ vpn-instance Clear IPv4 route statistics. vpn-instance-name ] { protocol | all } display ipv6 routing-table [ vpn-instance vpn-instance-name ] Display IPv6 routing table information.
Configuring static routing Static routes are manually configured. If a network's topology is simple, you only need to configure static routes for the network to work correctly. Static routes cannot adapt to network topology changes. If a fault or a topological change occurs in the network, the network administrator must modify the static routes manually.
Step Command Remarks (Optional.) Delete all To delete one static route, static routes, delete [ vpn-instance vpn-instance-name ] use the undo ip route-static including the default static-routes all command. route. Configuring BFD for static routes IMPORTANT: Enabling BFD for a flapping route could worsen the situation. BFD provides a general-purpose, standard, medium-, and protocol-independent fast failure detection mechanism.
Configuring static route FRR A link or router failure on a path can cause packet loss and even routing loop. Static route fast reroute (FRR) uses BFD to detect failures and enables fast rerouting to minimize the impact of link or node failures. Figure 1 Network diagram As shown in Figure...
Step Command Remarks • Method 1: ip route-static dest-address { mask-length | mask } interface-type interface-number [ next-hop-address [ backup-interface interface-type interface-number [ backup-nexthop backup-nexthop-address ] ] ] [ permanent ] Use either method. Configure static route • Method 2: By default, static route FRR is FRR.
Page 25
Figure 2 Network diagram Configuration procedure Configure IP addresses for interfaces. (Details not shown.) Configure static routes: # Configure a default route on Switch A. <SwitchA> system-view [SwitchA] ip route-static 0.0.0.0 0.0.0.0 1.1.4.2 # Configure two static routes on Switch B. <SwitchB>...
Summary Count : 2 Static Routing table Status : <Active> Summary Count : 2 Destination/Mask Proto Cost NextHop Interface 1.1.2.0/24 Static 60 1.1.4.1 Vlan500 Static Routing table Status : <Inactive> Summary Count : 0 # Use the ping command on Host B to test the reachability of Host A (Windows XP runs on the two hosts). C:\Documents and Settings\Administrator>ping 1.1.2.2 Pinging 1.1.2.2 with 32 bytes of data: Reply from 1.1.2.2: bytes=32 time=1ms TTL=126...
Page 27
Figure 3 Network diagram Device Interface IP address Device Interface IP address Switch A Vlan-int10 12.1.1.1/24 Switch B Vlan-int10 12.1.1.2/24 Vlan-int11 10.1.1.102/24 Vlan-int13 13.1.1.1/24 Switch C Vlan-int11 10.1.1.100/24 Vlan-int13 13.1.1.2/24 Configuration procedure Configure IP addresses for the interfaces. (Details not shown.) Configure static routes and BFD: # Configure static routes on Switch A and enable BFD control mode for the static route that traverses the Layer 2 switch.
Page 28
Verifying the configuration # Display BFD sessions on Switch A. <SwitchA> display bfd session Total Session Num: 1 Up Session Num: 1 Init Mode: Active IPv4 Session Working Under Ctrl Mode: LD/RD SourceAddr DestAddr State Holdtime Interface 12.1.1.1 12.1.1.2 2000ms Vlan10 The output shows that the BFD session has been created.
BFD for static routes configuration example (indirect next hop) Network requirements Figure 4, Switch A has a route to interface Loopback 1 (2.2.2.9/32) on Switch B, with the output interface VLAN-interface 10. Switch B has a route to interface Loopback 1 (1.1.1.9/32) on Switch A, with the output interface VLAN-interface 12.
Summary Count : 1 Destination/Mask Proto Cost NextHop Interface 120.1.1.0/24 Static 65 10.1.1.100 Vlan11 Static Routing table Status : <Inactive> Summary Count : 0 The output shows that Switch A communicates with Switch B through VLAN-interface 1 1. Static route FRR configuration example Network requirements As shown in Figure...
Configuring a default route A default route is used to forward packets that do not match any specific routing entry in the routing table. Without a default route, packets that do not match any routing entries are discarded. A default route can be configured in either of the following ways: The network administrator can configure a default route with both destination and mask being •...
Configuring RIP Routing Information Protocol (RIP) is a distance-vector IGP suited to small-sized networks. It employs UDP to exchange route information through port 520. Overview RIP uses a hop count to measure the distance to a destination. The hop count from a router to a directly connected network is 0.
RIP uses the received responses to update the local routing table and sends triggered update messages to its neighbors. All RIP routers on the network do this to learn latest routing information. RIP periodically sends the local routing table to its neighbors. After a RIP neighbor receives the message, it updates its routing table, selects optimal routes, and sends an update to other neighbors.
If you configure RIP settings in interface view before enabling RIP, the settings do not take effect until RIP is enabled. If a physical interface is attached to multiple networks, you cannot advertise these networks in different RIP processes. You cannot enable multiple RIP processes on a physical interface. Enabling RIP on a network You can enable RIP on a network and specify a wildcard mask for the network.
Step Command Remarks interface interface-type Enter interface view. interface-number Enable an interface to receive By default, a RIP-enabled interface rip input RIP messages. can receive RIP messages. Enable an interface to send By default, a RIP-enabled interface rip output RIP messages. can send RIP messages.
Configuring an additional routing metric An additional routing metric (hop count) can be added to the metric of an inbound or outbound RIP route. An outbound additional metric is added to the metric of a sent route, and it does not change the route's metric in the routing table.
For example, suppose contiguous subnets routes 10.1.1.0/24, 10.1.2.0/24, and 10.1.3.0/24 exist in the routing table. You can create a summary route 10.1.0.0/16 on VLAN-interface 1 to advertise the summary route instead of the more specific routes. To configure a summary route: Step Command Remarks...
Step Command Remarks Enable RIP to advertise a default-route { only | originate } By default, RIP does not advertise a default route. [ cost cost ] default route. Return to system view. quit interface interface-type Enter interface view. interface-number By default, a RIP interface can rip default-route { { only | Configure the RIP interface to...
To configure a preference for RIP: Step Command Remarks Enter system view. system-view rip [ process-id ] [ vpn-instance Enter RIP view. vpn-instance-name ] Configure a preference for preference [ route-policy The default setting is 100. RIP. route-policy-name ] value Configuring RIP route redistribution Perform this task to configure RIP to redistribute routes from other routing protocols, including OSPF, IS-IS, BGP, static, and direct.
Suppress timer—Specifies how long a RIP route stays in suppressed state. When the metric of a • route is 16, the route enters the suppressed state. A suppressed route can be replaced by an updated route that is received from the same neighbor before the suppress timer expires and has a metric less than 16.
Step Command Remarks Enter system view. system-view interface interface-type Enter interface view. interface-number By default, poison reverse is Enable poison reverse. rip poison-reverse disabled. Configuring the maximum number of ECMP routes Perform this task to implement load sharing over ECMP routes. To configure the maximum number of ECMP routes: Step Command...
Enabling source IP address check on incoming RIP updates Perform this task to enable source IP address check on incoming RIP updates. Upon receiving a message on an Ethernet interface, RIP compares the source IP address of the message with the IP address of the interface. If they are not in the same network segment, RIP discards the message.
If the specified neighbor is not directly connected, disable source address check on incoming • updates. To specify a RIP neighbor: Step Command Remarks Enter system view. system-view rip [ process-id ] [ vpn-instance Enter RIP view. vpn-instance-name ] By default, RIP does not Specify a RIP neighbor.
Setting the maximum length of RIP packets NOTE: The supported maximum length of RIP packets varies by vendor. Use this feature with caution to avoid compatibility issues. The packet length of RIP packets determines how many routes can be carried in a RIP packet. Set the maximum length of RIP packets to make good use of link bandwidth.
Step Command Remarks rip [ process-id ] [ vpn-instance Enter RIP view. vpn-instance-name ] Enable GR for RIP. graceful-restart By default, RIP GR is disabled. Configuring BFD for RIP RIP detects route failures by periodically sending requests. If it receives no response for a route within a certain time, RIP considers the route unreachable.
Step Command Remarks Enter system view. system-view Configure the source IP By default, no source IP address is bfd echo-source-ip ip-address address of BFD echo packets. configured for BFD echo packets. interface interface-type Enter interface view. interface-number rip bfd enable destination Enable BFD for RIP.
Figure 6, configure FRR on Router B by using a routing policy to specify a backup next hop. When the primary link fails, RIP directs packets to the backup next hop. At the same time, RIP calculates the shortest path based on the new network topology, and forwards packets over that path after network convergence.
RIP configuration examples Configuring basic RIP Network requirements As shown in Figure 7, enable RIPv2 on all interfaces on Switch A and Switch B. Configure Switch B to not advertise route 10.2.1.0/24 to Switch A, and to accept only route 2.1.1.0/24 from Switch A. Figure 7 Network diagram Configuration procedure Configure IP addresses for interfaces.
Page 52
Destination/Mask Nexthop Cost Flags 10.0.0.0/8 1.1.1.2 RAOF The output shows that RIPv1 uses a natural mask. Configure a RIP version: # Configure RIPv2 on Switch A. [SwitchA] rip [SwitchA-rip-1] version 2 [SwitchA-rip-1] undo summary [SwitchA-rip-1] quit # Configure RIPv2 on Switch B. [SwitchB] rip [SwitchB-rip-1] version 2 [SwitchB-rip-1] undo summary...
[SwitchB-rip-1] quit # Display the RIP routing table on Switch A. [SwitchA] display rip 100 route Route Flags: R - RIP A - Aging, S - Suppressed, G - Garbage-collect O - Optimal, F - Flush to RIB ---------------------------------------------------------------------------- Peer 1.1.1.2 on Vlan-interface100 Destination/Mask Nexthop Cost...
Page 54
[SwitchA-rip-100] undo summary [SwitchA-rip-100] quit # Enable RIP 100 and RIP 200, and configure RIPv2 on Switch B. <SwitchB> system-view [SwitchB] rip 100 [SwitchB-rip-100] network 11.0.0.0 [SwitchB-rip-100] version 2 [SwitchB-rip-100] undo summary [SwitchB-rip-100] quit [SwitchB] rip 200 [SwitchB-rip-200] network 12.0.0.0 [SwitchB-rip-200] version 2 [SwitchB-rip-200] undo summary [SwitchB-rip-200] quit...
# Display the IP routing table on Switch C. [SwitchC] display ip routing-table Destinations : 15 Routes : 15 Destination/Mask Proto Cost NextHop Interface 0.0.0.0/32 Direct 0 127.0.0.1 InLoop0 10.2.1.0/24 12.3.1.1 Vlan200 11.1.1.0/24 12.3.1.1 Vlan200 12.3.1.0/24 Direct 0 12.3.1.2 Vlan200 12.3.1.0/32 Direct 0 12.3.1.2...
1.0.0.0/8, auto-summary 1.1.1.0/24, cost 0, nexthop 1.1.1.1, RIP-interface 1.1.2.0/24, cost 0, nexthop 1.1.2.1, RIP-interface 1.1.3.0/24, cost 1, nexthop 1.1.1.2 1.1.4.0/24, cost 2, nexthop 1.1.1.2 1.1.5.0/24, cost 2, nexthop 1.1.1.2 The output shows that only one RIP route reaches network 1.1.5.0/24, with the next hop as Switch B (1.1.1.2) and a cost of 2.
Page 58
[SwitchB-ospf-1-area-0.0.0.0] quit # Configure Switch C. <SwitchC> system-view [SwitchC] ospf [SwitchC-ospf-1] area 0 [SwitchC-ospf-1-area-0.0.0.0] network 10.1.1.0 0.0.0.255 [SwitchC-ospf-1-area-0.0.0.0] network 10.2.1.0 0.0.0.255 [SwitchC-ospf-1-area-0.0.0.0] quit [SwitchC-ospf-1] quit Configure basic RIP: # Configure Switch C. [SwitchC] rip 1 [SwitchC-rip-1] network 11.3.1.0 [SwitchC-rip-1] version 2 [SwitchC-rip-1] undo summary # Configure Switch D.
Configure route summarization: # Configure route summarization on Switch C and advertise only the summary route 10.0.0.0/8. [SwitchC] interface vlan-interface 300 [SwitchC-Vlan-interface300] rip summary-address 10.0.0.0 8 # Display the IP routing table on Switch D. [SwitchD] display ip routing-table Destinations : 12 Routes : 12 Destination/Mask Proto...
Page 63
Figure 12 Network diagram Configuration procedure Configure IP addresses for interfaces. (Details not shown.) Configure basic RIP and enable BFD on the interfaces: # Configure Switch A. <SwitchA> system-view [SwitchA] rip 1 [SwitchA-rip-1] network 192.168.2.0 [SwitchA-rip-1] import-route static [SwitchA-rip-1] quit [SwitchA] interface vlan-interface 100 [SwitchA-Vlan-interface100] rip bfd enable destination 192.168.2.2 [SwitchA-Vlan-interface100] quit...
Page 64
# Configure a static route on Switch C. [SwitchA] ip route-static 100.1.1.0 24 null 0 Verifying the configuration # Display BFD session information on Switch A. <SwitchA> display bfd session Total Session Num: 1 Up Session Num: 1 Init Mode: Active IPv4 session working under Echo mode: SourceAddr DestAddr...
Label: NULL RealNextHop: 192.168.3.2 BkLabel: NULL BkNextHop: N/A Tunnel ID: Invalid Interface: vlan-interface 200 BkTunnel ID: Invalid BkInterface: N/A Configuring BFD for RIP (bidirectional detection in BFD control packet mode) Network requirements As shown in Figure 13, VLAN-interface 100 of Switch A and VLAN-interface 200 of Switch C run RIP process 1.
Configuring OSPF Open Shortest Path First (OSPF) is a link-state IGP developed by the OSPF working group of the IETF. OSPF version 2 is used for IPv4. OSPF refers to OSPFv2 throughout this chapter. Overview OSPF has the following features: Wide scope—Supports various network sizes and up to several hundred routers in an OSPF routing •...
LSA types OSPF advertises routing information in Link State Advertisements (LSAs). The following LSAs are commonly used: • Router LSA—Type- 1 LSA, originated by all routers and flooded throughout a single area only. This LSA describes the collected states of the router's interfaces to an area. Network LSA—Type-2 LSA, originated for broadcast and NBMA networks by the designated router, •...
Page 73
Figure 15 Area-based OSPF network partition Area 4 Area 1 Area 0 Area 2 Area 3 Backbone area and virtual links Each AS has a backbone area that distributes routing information between non-backbone areas. Routing information between non-backbone areas must be forwarded by the backbone area. OSPF has the following requirements: •...
Figure 17 Virtual link application 2 Area 1 Virtual link Area 0 The virtual link between the two ABRs acts as a point-to-point connection. You can configure interface parameters, such as hello interval, on the virtual link as they are configured on a physical interface. The two ABRs on the virtual link unicast OSPF packets to each other, and the OSPF routers in between convey these OSPF packets as normal IP packets.
Internal router—All interfaces on an internal router belong to one OSPF area. • • ABR—Belongs to more than two areas, one of which must be the backbone area. ABR connects the backbone area to a non-backbone area. An ABR and the backbone area can be connected through a physical or logical link.
destination of the Type-2 external route. If two Type-2 routes to the same destination have the same cost, OSPF takes the cost from the router to the ASBR into consideration to determine the best route. Route calculation OSPF computes routes in an area as follows: Each router generates LSAs based on the network topology around itself, and sends them to other •...
BDR—Elected along with the DR to establish adjacencies with all other routers. If the DR fails, the • BDR immediately becomes the new DR, and other routers elect a new BDR. Routers other than the DR and BDR are called "DROthers." They do not establish adjacencies with one another, so the number of adjacencies is reduced.
RFC 3137, OSPF Stub Router Advertisement • • RFC 481 1, OSPF Out-of-Band LSDB Resynchronization RFC 4812, OSPF Restart Signaling • RFC 4813, OSPF Link-Local Signaling • OSPF configuration task list To run OSPF, you must first enable OSPF on the router. Make a proper configuration plan to avoid incorrect settings that can result in route blocking and routing loops.
If you specify a router ID when you create an OSPF process, any two routers in an AS must have different router IDs. A common practice is to specify the IP address of an interface as the router ID. If you specify no router ID when you create the OSPF process, the global router ID is used. HP •...
Enabling OSPF on an interface Step Command Remarks Enter system view. system-view interface interface-type Enter interface view. interface-number By default, OSPF is disabled on an interface. If the specified OSPF process and area do Enable an OSPF process on ospf process-id area area-id not exist, the command creates the OSPF the interface.
Step Command Remarks The default setting is 1. (Optional.) Specify a cost The default-cost cost command takes for the default route default-cost cost effect only on the ABR of a stub area or advertised to the stub area. totally stub area. Configuring an NSSA area A stub area cannot import external routes, but an NSSA area can import external routes into the OSPF routing domain while retaining other stub area characteristics.
Step Command Remarks ospf [ process-id | router-id Enter OSPF view. router-id | vpn-instance vpn-instance-name ] * Enter area view. area area-id vlink-peer router-id [ dead seconds By default, no virtual link is | hello seconds | { { hmac-md5 | configured.
Configuring the broadcast network type for an interface Step Command Remarks Enter system view. system-view interface interface-type Enter interface view. interface-number Configure the OSPF network By default, the network type of an type for the interface as ospf network-type broadcast interface depends on the link layer broadcast.
Step Command Remarks By default, no neighbor is specified. The priority configured with this command indicates whether a neighbor has the election right or not. If you configure the router priority for a Specify a neighbor and its peer ip-address [ dr-priority neighbor as 0, the local router router priority.
Step Command Remarks By default, the network type of an Configure the OSPF network ospf network-type p2p interface depends on the link layer type for the interface as P2P. [ peer-address-check ] protocol. Configuring OSPF route control This section describes how to control the advertisement and reception of OSPF routing information, as well as route redistribution from other protocols.
Page 87
Configuring route summarization when redistributing routes into OSPF on an ASBR Without route summarization, an ASBR advertises each redistributed route in a separate ASE LSA. After you configure a summary route, the ASBR advertises only the summary route in an ASE LSA instead of more specific routes, reducing the number of LSAs in the LSDB.
Configuring received OSPF route filtering Perform this task to filter routes calculated using received LSAs. The following filtering methods are available: Use an ACL or IP prefix list to filter routing information by destination address. • • Use the gateway keyword to filter routing information by next hop. Use an ACL or IP prefix list to filter routing information by destination address and at the same time •...
used. If the calculated cost is less than 1, the value of 1 is used. If no cost or bandwidth reference value is configured for an interface, OSPF computes the interface cost based on the interface bandwidth and default bandwidth reference value. To configure an OSPF cost for an interface: Step Command...
Configuring OSPF preference A router can run multiple routing protocols, and each protocol is assigned a preference. If multiple routes are available to the same destination, the one with the highest protocol preference is selected as the best route. To configure OSPF preference: Step Command Remarks...
Configuring OSPF to redistribute a default route The import-route command cannot redistribute a default external route. Perform this task to redistribute a default route. To redistribute a default route: Step Command Remarks Enter system view. system-view ospf [ process-id | router-id router-id | Enter OSPF view.
Tuning and optimizing OSPF networks You can use one of the following methods to optimize an OSPF network: • Change OSPF packet timers to adjust the convergence speed and network load. On low-speed links, consider the delay time for sending LSAs. Change the SPF calculation interval to reduce resource consumption caused by frequent network •...
Step Command Remarks By default: • The dead interval on P2P and broadcast interfaces is 40 seconds. • The dead interval on P2MP and NBMA Specify the dead interfaces is 120 seconds. ospf timer dead seconds interval. The dead interval must be at least four times the hello interval on an interface.
Step Command Remarks By default: • The maximum interval is 5 seconds. spf-schedule-interval Specify the SPF • The minimum interval is 50 maximum-interval [ minimum-interval calculation interval. milliseconds. [ incremental-interval ] ] • The incremental interval is 200 milliseconds. Specifying the LSA arrival interval If OSPF receives an LSA that has the same LSA type, LS ID, and router ID as the previously received LSA within the LSA arrival interval, OSPF discards the LSA to save bandwidth and route resources.
Step Command Remarks By default: • The maximum interval is 5 seconds. lsa-generation-interval Configure the LSA maximum-interval [ minimum-interval • The minimum interval is 50 generation interval. [ incremental-interval ] ] milliseconds. • The incremental interval is 200 milliseconds. Disabling interfaces from receiving and sending OSPF packets To enhance OSPF adaptability and reduce resource consumption, you can set an OSPF interface to "silent."...
Step Command Remarks ospf [ process-id | router-id router-id | Enter OSPF view. vpn-instance vpn-instance-name ] * stub-router [ external-lsa By default, the router is not [ max-metric-value ] | include-stub | configured as a stub router. Configure the router as a on-startup { seconds | wait-for-bgp stub router.
Step Command Remarks • Configure simple authentication: ospf authentication-mode simple { cipher Use either method. cipher-string | plain plain-string } Configure interface By default, no • Configure MD5 authentication: authentication mode. authentication is ospf authentication-mode { hmac-md5 | configured. md5 } key-id { cipher cipher-string | plain plain-string } Adding the interface MTU into DD packets By default, an OSPF interface adds a value of 0 into the interface MTU field of a DD packet rather than...
Selects the route with lower cost if two routes have equal preference. Selects the route with larger originating area ID if two routes have equal cost. To avoid routing loops, HP recommends setting identical RFC 1583-compatibility on all routers in a routing domain.
Step Command Remarks ospf [ process-id | router-id router-id | Enter OSPF view. vpn-instance vpn-instance-name ] * Enable compatibility rfc1583 compatible By default, this feature is enabled. with RFC 1583. Logging neighbor state changes Perform this task to enable output of neighbor state change logs to the information center. The information center processes the logs according to user-defined output rules (whether to output logs and where to output).
If no neighbors exist, the DR does not advertise the primary IP addresses of interfaces in Router LSAs. IMPORTANT: If you want to use prefix suppression, HP recommends that you configure prefix suppression on all OSPF routers. Configuring prefix suppression for an OSPF process Enabling prefix suppression for an OSPF process does not suppress the prefixes of secondary IP addresses, loopback interfaces, and passive interfaces.
Step Command Remarks Enable prefix By default, prefix suppression suppression on the ospf prefix-suppression [ disable ] is disabled on an interface. interface. Configuring prefix prioritization This feature enables the device to install prefixes in descending priority order: critical, high, medium, and low.
GR helper—A neighbor of the GR restarter. It helps the GR restarter to complete the GR process. • OSPF GR has the following types: IETF GR—Uses Opaque LSAs to implement GR. • Non-IETF GR—Uses link local signaling (LLS) to advertise GR capability and uses out of band •...
Configuring OSPF GR helper You can configure the IETF or non IETF OSPF GR helper. Configuring the IETF OSPF GR helper Step Command Remarks Enter system view. system-view ospf [ process-id | router-id Enable OSPF and enter its router-id | vpn-instance view.
Configuring OSPF NSR Nonstop routing (NSR) backs up OSPF link state information from the active process to the standby process. After an active/standby switchover, NSR can complete link state recovery and route regeneration without tearing down adjacencies or impacting forwarding services. NSR does not require the cooperation of neighboring devices to recover routing information, and is used more often than GR.
Configuring single-hop echo detection Step Command Remarks Enter system view. system-view By default, the source address Configure the source address of echo bfd echo-source-ip ip-address of echo packets is not packets. configured. interface interface-type Enter interface view. interface-number Enable BFD single-hop echo By default, BFD single-hop ospf bfd enable echo detection.
When both OSPF PIC and OSPF FRR are configured, OSPF FRR takes effect. • Configuring OSPF FRR to calculate a backup next hop using the LFA algorithm Step Command Remarks Enter system view. system-view Configure the source address By default, the source address of echo bfd echo-source-ip ip-address of echo packets.
Task Command Re-enable OSPF route reset ospf [ process-id ] redistribution redistribution. OSPF configuration examples These configuration examples only cover commands for OSPF configuration. Basic OSPF configuration example Network requirements Enable OSPF on all switches, and split the AS into three areas. •...
Page 110
[SwitchB-ospf-1] area 0 [SwitchB-ospf-1-area-0.0.0.0] network 10.1.1.0 0.0.0.255 [SwitchB-ospf-1-area-0.0.0.0] quit [SwitchB-ospf-1] area 2 [SwitchB-ospf-1-area-0.0.0.2] network 10.3.1.0 0.0.0.255 [SwitchB-ospf-1-area-0.0.0.2] quit [SwitchB-ospf-1] quit # Configure Switch C. <SwitchC> system-view [SwitchC] router id 10.4.1.1 [SwitchC] ospf [SwitchC-ospf-1] area 1 [SwitchC-ospf-1-area-0.0.0.1] network 10.2.1.0 0.0.0.255 [SwitchC-ospf-1-area-0.0.0.1] network 10.4.1.0 0.0.0.255 [SwitchC-ospf-1-area-0.0.0.1] quit [SwitchC-ospf-1] quit # Configure Switch D.
Page 111
Dead timer due in 32 Neighbor is up for 06:03:12 Authentication Sequence: [ 0 ] Neighbor state change count: 5 # Display OSPF routing information on Switch A. [SwitchA] display ospf routing OSPF Process 1 with Router ID 10.2.1.1 Routing Tables Routing for Network Destination Cost...
round-trip min/avg/max/std-dev = 0.779/1.408/1.702/0.323 ms OSPF route redistribution configuration example Network requirements • Enable OSPF on all the switches. Split the AS into three areas. • • Configure Switch A and Switch B as ABRs. Configure Switch C as an ASBR to redistribute external routes (static routes). •...
OSPF Process 1 with Router ID 10.5.1.1 Routing Tables Routing for Network Destination Cost Type NextHop AdvRouter Area 10.2.1.0/24 Inter 10.3.1.1 10.3.1.1 0.0.0.2 10.3.1.0/24 Transit 10.3.1.2 10.3.1.1 0.0.0.2 10.4.1.0/24 Inter 10.3.1.1 10.3.1.1 0.0.0.2 10.5.1.0/24 Stub 10.5.1.1 10.5.1.1 0.0.0.2 10.1.1.0/24 Inter 10.3.1.1 10.3.1.1 0.0.0.2...
Page 114
Configuration procedure Configure IP addresses for interfaces. (Details not shown.) Enable OSPF: # Configure Switch A. <SwitchA> system-view [SwitchA] router id 11.2.1.2 [SwitchA] ospf [SwitchA-ospf-1] area 0 [SwitchA-ospf-1-area-0.0.0.0] network 11.2.1.0 0.0.0.255 [SwitchA-ospf-1-area-0.0.0.0] quit [SwitchA-ospf-1] quit # Configure Switch B. <SwitchB> system-view [SwitchB] router id 11.2.1.1 [SwitchB] ospf [SwitchB-ospf-1] area 0...
Page 115
# Configure Switch B. [SwitchB] bgp 200 [SwitchB-bgp] peer 11.1.1.2 as 100 [SwitchB-bgp] address-family ipv4 unicast [SwitchB-bgp-ipv4] import-route ospf [SwitchB-bgp-ipv4] import-route direct [SwitchB-bgp ipv4] quit [SwitchB-bgp] quit # Configure Switch C. [SwitchC] bgp 100 [SwitchC-bgp] peer 11.1.1.1 as 200 [SwitchC-bgp] address-family ipv4 unicast [SwitchC-bgp-ipv4] import-route ospf [SwitchC-bgp-ipv4]import-route direct [SwitchC-bgp-ipv4] quit...
# Configure route summarization on Switch B to advertise a summary route 10.0.0.0/8. [SwitchB-ospf-1] asbr-summary 10.0.0.0 8 # Display the IP routing table on Switch A. [SwitchA] display ip routing-table Destinations : 13 Routes : 13 Destination/Mask Proto Cost NextHop Interface 0.0.0.0/32 Direct 0...
Page 117
Enable OSPF (see "Basic OSPF configuration example"). Configure route redistribution: # Configure Switch D to redistribute static routes. <SwitchD> system-view [SwitchD] ip route-static 3.1.2.1 24 10.5.1.2 [SwitchD] ospf [SwitchD-ospf-1] import-route static [SwitchD-ospf-1] quit # Display ABR/ASBR information on Switch C. <SwitchC>...
Page 118
<SwitchC> system-view [SwitchC] ospf [SwitchC-ospf-1] area 1 [SwitchC-ospf-1-area-0.0.0.1] stub [SwitchC-ospf-1-area-0.0.0.1] quit [SwitchC-ospf-1] quit # Display OSPF routing information on Switch C [SwitchC] display ospf routing OSPF Process 1 with Router ID 10.4.1.1 Routing Tables Routing for Network Destination Cost Type NextHop AdvRouter Area...
OSPF NSSA area configuration example Network requirements Configure OSPF on all switches and split AS into three areas. • Configure Switch A and Switch B as ABRs to forward routing information between areas. • Configure Area 1 as an NSSA area and configure Switch C as an ASBR to redistribute static routes •...
Page 120
NOTE: To allow Switch C in the NSSA area to reach other areas within the AS, you must provide the • keyword default-route-advertise for the nssa command issued on Switch A (the ABR) so that Switch C can obtain a default route. Configuring the nssa command with the keyword no-summary on Switch A can reduce the routing •...
Intra Area: 2 Inter Area: 3 ASE: 1 NSSA: 0 The output shows an external route imported from the NSSA area exists on Switch D. OSPF DR election configuration example Network requirements Enable OSPF on Switches A, B, C, and D on the same network. •...
Page 122
[SwitchC-ospf-1-area-0.0.0.0] quit [SwitchC-ospf-1] quit # Configure Switch D. <SwitchD> system-view [SwitchD] router id 4.4.4.4 [SwitchD] ospf [SwitchD-ospf-1] area 0 [SwitchD-ospf-1-area-0.0.0.0] network 192.168.1.0 0.0.0.255 [SwitchD-ospf-1-area-0.0.0.0] quit [SwitchD-ospf-1] return # Display OSPF neighbor information of Switch A. [SwitchA] display ospf peer verbose OSPF Process 1 with Router ID 1.1.1.1 Neighbors Area 0.0.0.0 interface 192.168.1.1(Vlan-interface1)'s neighbors...
Page 123
[SwitchB] interface vlan-interface 1 [SwitchB-Vlan-interface1] ospf dr-priority 0 [SwitchB-Vlan-interface1] quit # Configure Switch C. [SwitchC] interface vlan-interface 1 [SwitchC-Vlan-interface1] ospf dr-priority 2 [SwitchC-Vlan-interface1] quit # Display neighbor information of Switch D. <SwitchD> display ospf peer verbose OSPF Process 1 with Router ID 4.4.4.4 Neighbors Area 0.0.0.0 interface 192.168.1.4(Vlan-interface1)'s neighbors Router ID: 1.1.1.1...
Page 124
Neighbors Area 0.0.0.0 interface 192.168.1.4(Vlan-interface1)'s neighbors Router ID: 1.1.1.1 Address: 192.168.1.1 GR State: Normal State: Full Mode: Nbr is Slave Priority: 100 DR: 192.168.1.1 BDR: 192.168.1.3 MTU: 0 Options is 0x02 (-|-|-|-|-|-|E|-) Dead timer due in 39 Neighbor is up for 00:01:40 Authentication Sequence: [ 0 ] Router ID: 2.2.2.2 Address: 192.168.1.2...
OSPF virtual link configuration example Network requirements Configure a virtual link between Switch B and Switch C to connect Area 2 to the backbone area. After configuration, Switch B can learn routes to Area 2. Figure 28 Network diagram Configuration procedure Configure IP addresses for interfaces.
Page 126
<SwitchD> system-view [SwitchD] ospf 1 router-id 4.4.4.4 [SwitchD-ospf-1] area 2 [SwitchD-ospf-1-area-0.0.0.2] network 10.3.1.0 0.0.0.255 [SwitchD-ospf-1-area-0.0.0.2] quit # Display the OSPF routing table on Switch B. [SwitchB] display ospf routing OSPF Process 1 with Router ID 2.2.2.2 Routing Tables Routing for Network Destination Cost Type...
OSPF GR configuration example Network requirements As shown in Figure 29, Switch A, Switch B, and Switch C that belong to the same AS and the same • OSPF routing domain are GR capable. Switch A acts as the non-IETF GR restarter; Switch B and Switch C are the GR helpers and •...
Page 128
# Configure Switch A as the non-IETF OSPF GR restarter: enable the link-local signaling capability, the out-of-band re-synchronization capability, and non-IETF GR capability for OSPF process 100. [SwitchA-ospf-100] enable link-local-signaling [SwitchA-ospf-100] enable out-of-band-resynchronization [SwitchA-ospf-100] graceful-restart [SwitchA-ospf-100] return # Configure Switch B as the GR helper: enable the link-local signaling capability and the out-of-band re-synchronization capability for OSPF process 100.
OSPF 100 deleted GR Interval timer. *Oct 21 15:29:30:912 2011 SwitchA OSPF/7/DEBUG: OSPF 100 deleted GR wait timer. %Oct 21 15:29:30:920 2011 SwitchA OSPF/5/OSPF_NBR_CHG: OSPF 100 Neighbor 192.1.1.2(Vlan-interface100) from Full to Down. %Oct 21 15:29:30:921 2011 SwitchA OSPF/5/OSPF_NBR_CHG: OSPF 100 Neighbor 192.1.1.3(Vlan-interface100) from Full to Down.
Page 130
--------------------------------------------------------------------- slsp rib6 routepolicy staticroute6 staticroute eviisis ospf Continue? [y/n]:y Re-optimization of the placement start. You will be notified on completion Re-optimization of the placement complete. Use 'display placement' to view the new placement # Display OSPF neighbors and routes on Switch A. <SwitchA>...
Page 133
[SwitchB-Vlan-interface10] bfd min-transmit-interval 500 [SwitchB-Vlan-interface10] bfd min-receive-interval 500 [SwitchB-Vlan-interface10] bfd detect-multiplier 6 Verifying the configuration # Display the BFD information on Switch A. <SwitchA> display bfd session Total Session Num: 1 Up Session Num: 1 Init Mode: Active IPv4 Session Working Under Ctrl Mode: LD/RD SourceAddr DestAddr...
Page 137
Analysis The backbone area must maintain connectivity to all other areas. If a router connects to more than one area, at least one area must be connected to the backbone. The backbone cannot be configured as a stub area. In a stub area, all routers cannot receive external routes, and all interfaces connected to the stub area must belong to the stub area.
Configuring IS-IS This chapter describes how to configure IS-IS for IPv4 networks. Overview Intermediate System-to-Intermediate System (IS-IS) is a dynamic routing protocol designed by the ISO to operate on the connectionless network protocol (CLNP). IS-IS was modified and extended in RFC 1 195 by the IETF for application in both TCP/IP and OSI reference models, called "Integrated IS-IS"...
System ID—Identifies the host. • • SEL—Identifies the type of service. The IDP and DSP are variable in length. The length of an NSAP address ranges from 8 bytes to 20 bytes. Figure 33 NSAP address format Area address The area address comprises the IDP and the HO-DSP of the DSP, which identify the area and the routing domain.
Area ID—Has a length of 1 to 13 bytes. • • System ID—A system ID uniquely identifies a host or router in the area and has a fixed length of 6 bytes. SEL—Has a value of 0 and a fixed length of 1 byte. •...
Page 141
Figure 34 IS-IS topology 1 Area 3 Area 2 L1/L2 L1/L2 Area 1 Area 5 L1/L2 L1/L2 Area 4 Figure 35 shows another IS-IS topology. The Level- 1 -2 routers connect to the Level- 1 and Level-2 routers, and form the IS-IS backbone together with the Level-2 routers. No area is defined as the backbone in this topology.
passing through the Level- 1 -2 router might not be the best. To solve this problem, IS-IS provides the route leaking feature. Route leaking enables a Level- 1 -2 router to advertise the routes of other Level- 1 areas and the Level-2 area to the connected Level- 1 area so that the Level- 1 routers can select the optimal routes for packets.
NOTE: On an IS-IS broadcast network, all routers establish adjacency relationships, but they synchronize their LSDBs through the DIS. IS-IS PDUs IS-IS PDUs are encapsulated into link layer frames. An IS-IS PDU has two parts, the headers and the variable length fields. The headers comprise the PDU common header and the PDU specific header. All PDUs have the same PDU common header.
A CSNP describes the summary of all LSPs for LSDB synchronization between neighboring routers. On broadcast networks, CSNPs are sent by the DIS periodically (every 10 seconds by default). On point-to-point networks, CSNPs are sent only during the first adjacency establishment. A PSNP only contains the sequence numbers of one or multiple latest received LSPs.
Level-2) neighbor relationships, configure the circuit level for its interfaces as Level- 1 (or Level-2) to limit neighbor relationship establishment. To configure the IS level and circuit level: Step Command Remarks Enter system view. system-view isis [ process-id ] [ vpn-instance Enter IS-IS view.
Enable IS-IS. • Configuring IS-IS link cost The IS-IS cost of an interface is determined in the following order: IS-IS cost specified in interface view. IS-IS cost specified in system view. The cost is applied to the interfaces associated with the IS-IS process. Automatically calculated cost.
Step Command Remarks Enter system view. system-view isis [ process-id ] [ vpn-instance Enter IS-IS view. vpn-instance-name ] By default, the maximum number of IS-IS ECMP routes equals the maximum number of ECMP routes supported by the system. Use the max-ecmp-num Specify the maximum number maximum load-balancing number command to configure the...
Step Command Remarks default-route-advertise [ [ level-1 | level-1-2 Advertise a default By default, IS-IS does not advertise | level-2 ] | route-policy route-policy-name ] route. a default route. Configuring IS-IS route redistribution Perform this task to redistribute routes from other routing protocols into IS-IS. You can specify a cost for redistributed routes and specify the maximum number of redistributed routes.
Step Command Remarks filter-policy { acl-number | prefix-list Filter routes calculated By default, IS-IS route prefix-list-name | route-policy using received LSPs. filtering is not configured. route-policy-name } import Filtering redistributed routes IS-IS can redistribute routes from other routing protocols or other IS-IS processes, add them to the IS-IS routing table, and advertise them in LSPs.
Tuning and optimizing IS-IS networks Configuration prerequisites Before you tune and optimize IS-IS networks, complete the following tasks: Configure IP addresses for interfaces to ensure IP connectivity between neighboring nodes. • Enable IS-IS. • Specifying the interval for sending IS-IS hello packets If a neighbor does not receive any hello packets from the router within the advertised hold time, it considers the router down and recalculates the routes.
Step Command Remarks isis timer holding-multiplier value The default setting is Specify the hello multiplier. [ level-1 | level-2 ] Specifying the interval for sending IS-IS CSNP packets On a broadcast network, perform this task on the DIS that uses CSNP packets to synchronize LSDBs. To specify the interval for sending IS-IS CSNP packets: Step Command...
Step Command Remarks interface interface-type Enter interface view. interface-number Disable the interface from By default, the interface can send sending and receiving IS-IS isis silent and receive IS-IS packets. packets. Enabling an interface to send small hello packets IS-IS messages cannot be fragmented at the IP layer because they are directly encapsulated in frames. Any two IS-IS neighboring routers must negotiate a common MTU.
Page 156
IS-IS routers in an area must send LSPs smaller than the smallest interface MTU in the area. If the IS-IS routers have different interface MTUs, HP recommends configuring the maximum size of generated LSP packets to be smaller than the smallest interface MTU in the area. Otherwise, the routers...
Page 157
must dynamically adjust the LSP packet size to fit the smallest interface MTU, which takes time and affects other services. To specify LSP lengths: Step Command Remarks Enter system view. system-view isis [ process-id ] [ vpn-instance Enter IS-IS view. vpn-instance-name ] Specify the maximum length By default, the maximum length...
Controlling SPF calculation interval Based on the LSDB, an IS-IS router uses the SPF algorithm to calculate the shortest path tree with itself being the root, and uses the shortest path tree to determine the next hop to a destination network. By adjusting the SPF calculation interval, you can prevent bandwidth and router resources from being over consumed due to frequent topology changes.
When an IS-IS router cannot record the complete LSDB, for example, because of memory insufficiency, it will calculate wrong routes. To make troubleshooting easier, temporarily isolate the router from the IS-IS network by setting the overload bit. To set the LSDB overload bit: Step Command Remarks...
Step Command Remarks Enter system view. system-view isis [ process-id ] [ vpn-instance Enter IS-IS view. vpn-instance-name ] Specify a host name for the IS and enable By default, no host name is specified for is-name sys-name dynamic system ID to the router.
Step Command Remarks Enable IS-IS ISPF. ispf enable By default, IS-IS is disabled. Configuring IS-IS network management This task includes the following configurations: Bind an IS-IS process to MIB so that you can use network management software to manage the •...
Enhancing IS-IS network security To enhance the security of an IS-IS network, you can configure IS-IS authentication. IS-IS authentication involves neighbor relationship authentication, area authentication, and routing domain authentication. Configuration prerequisites Before the configuration, complete the following tasks: Configure IP addresses for interfaces to ensure IP connectivity between neighboring nodes. •...
Step Command Remarks area-authentication-mode { md5 | simple | gca key-id { hmac-sha-1 | Specify the area hmac-sha-224 | hmac-sha-256 | By default, no area authentication authentication mode and hmac-sha-384 | hmac-sha-512 } } is configured. password. { cipher cipher-string | plain plain-string } [ ip | osi ] Configuring routing domain authentication Routing domain authentication prevents untrusted routing information from entering into a routing...
T2 timer—Specifies the LSDB synchronization interval. Each LSDB has a T2 timer. The Level- 1 -2 router • has two T2 timers: a Level- 1 timer and a Level-2 timer. If the LSDBs have not synchronized before the two timers expire, the GR process fails. •...
Step Command Remarks Enter system view. system-view isis [ process-id ] [ vpn-instance Enter IS-IS view. vpn-instance-name ] Enable IS-IS NSR. non-stop-routing By default, IS-IS NSR is disabled. Configuring BFD for IS-IS BFD provides a single mechanism to quickly detect and monitor the connectivity of links between OSPF neighbors, reducing network convergence time.
Configuration prerequisites Before you configure IS-IS FRR, complete the following tasks: • Configure IP addresses for interfaces to ensure IP connectivity between neighboring nodes. Enable IS-IS. • Configuration guidelines Do not use FRR and BFD at the same time. Otherwise, FRR might fail to take effect. •...
IS-IS configuration examples Basic IS-IS configuration example Network requirements As shown in Figure 40, Switch A, Switch B, Switch C, and Switch D reside in an IS-IS AS. Switch A and B are Level- 1 switches, Switch D is a Level-2 switch, and Switch C is a Level- 1 -2 switch. Switch A, Switch B, and Switch C are in Area 10, and Switch D is in Area 20.
Down 1497 L1/L2 No/No # Display information about IS-IS neighbors and interfaces on Switch D. [SwitchD] display isis peer Peer information for IS-IS(1) ---------------------------- System Id: 0000.0000.0001 Interface: Vlan-interface100 Circuit Id: 0000.0000.0001.01 State: Up HoldTime: 9s Type: L2 PRI: 100 System Id: 0000.0000.0002 Interface: Vlan-interface100 Circuit Id: 0000.0000.0001.01...
Page 178
Level-1 IPv4 Forwarding Table ----------------------------- IPv4 Destination IntCost ExtCost ExitInterface NextHop Flags ------------------------------------------------------------------------------- 10.1.1.0/24 NULL VLAN100 Direct D/L/- 10.1.2.0/24 NULL VLAN100 10.1.1.1 R/-/- 192.168.0.0/24 NULL VLAN100 10.1.1.1 R/-/- 0.0.0.0/0 NULL VLAN100 10.1.1.1 R/-/- Flags: D-Direct, R-Added to Rib, L-Advertised in LSPs, U-Up/Down Bit Set [SwitchC] display isis route Route information for IS-IS(1) ------------------------------...
Page 179
192.168.0.0/24 NULL VLAN300 Direct D/L/- 10.1.1.0/24 NULL VLAN300 192.168.0.1 R/-/- 10.1.2.0/24 NULL VLAN300 192.168.0.1 R/-/- Flags: D-Direct, R-Added to Rib, L-Advertised in LSPs, U-Up/Down Bit Set Run RIPv2 between Switch D and Switch E, and configure IS-IS to redistribute RIP routes on Switch # Configure RIPv2 on Switch D.
10.1.5.0/24 NULL VLAN300 192.168.0.2 R/L/- 10.1.6.0/24 NULL VLAN300 192.168.0.2 R/L/- Flags: D-Direct, R-Added to Rib, L-Advertised in LSPs, U-Up/Down Bit Set IS-IS authentication configuration example Network requirements As shown in Figure 43, Switch A, Switch B, Switch C, and Switch D reside in the same IS-IS routing domain.
[SwitchD-Vlan-interface300] isis authentication-mode md5 plain hSec [SwitchD-Vlan-interface300] quit Configure the area authentication mode as MD5 and set the plaintext password to 10Sec on Switch A, Switch B, and Switch C. [SwitchA] isis 1 [SwitchA-isis-1] area-authentication-mode md5 plain 10Sec [SwitchA-isis-1] quit [SwitchB] isis 1 [SwitchB-isis-1] area-authentication-mode md5 plain 10Sec [SwitchB-isis-1] quit...
Verifying the configuration After Switch A establishes adjacencies with Switch B and Switch C, they begin to exchange routing information. Restart IS-IS on Switch A, which enters the restart state and sends connection requests to its neighbors through the GR mechanism to synchronize the LSDB. To display the IS-IS GR status on Switch A, use the display isis graceful-restart status command.
Page 184
Configure IS-IS on the switches to make sure Switch S, Switch A, and Switch B can communicate with each other at Layer 3 and dynamic route update can be implemented among them with IS-IS. (Details not shown.) Enable IS-IS NSR on Switch S. <SwitchS>...
Page 185
ipbase eviisis ifnet isis Continue? [y/n]:y Re-optimization of the placement start. You will be notified on completion Re-optimization of the placement complete. Use 'display placement' to view the new placement # Display IS-IS neighbor information and routing information on Switch A. <SwitchA>...
Page 186
Flags: D-Direct, R-Added to Rib, L-Advertised in LSPs, U-Up/Down Bit Set # Display IS-IS neighbor information and routing information on Switch B. <SwitchB> display isis peer Peer information for ISIS(1) ---------------------------- System Id: 0000.0000.0001 Interface: vlan200 Circuit Id: 0000.0000.0001.01 State: Up HoldTime: Type: L1(L1L2) PRI: 64...
BFD for IS-IS configuration example Network requirements As shown in Figure 46, run IS-IS on Switch A, Switch B and Switch C so that can reach each other • at the network layer. After the link over which Switch A and Switch B communicate through the Layer-2 switch fails, BFD •...
Page 190
Figure 47 Network diagram Switch A Link B Link A Loop 0 Loop 0 1.1.1.1/32 4.4.4.4/32 Vlan-int200 Vlan-int200 13.13.13.1/24 13.13.13.2/24 Switch S Switch D Configuration procedure Configure IP addresses and subnet masks for interfaces on the switches. (Details not shown.) Configure IS-IS on the switches to make sure Switch A, Switch D, and Switch S can communicate with each other at Layer 3.
Page 191
[SwitchD] bfd echo-source-ip 4.4.4.4 [SwitchD] ip prefix-list abc index 10 permit 1.1.1.1 32 [SwitchD] route-policy frr permit node 10 [SwitchD-route-policy-frr-10] if-match ip address prefix-list abc [SwitchD-route-policy-frr-10] apply fast-reroute backup-interface vlan-interface 101 backup-nexthop 24.24.24.2 [SwitchD-route-policy-frr-10] quit [SwitchD] isis 1 [SwitchD-isis-1] fast-reroute route-policy frr [SwitchD-isis-1] quit Verifying the configuration # Display route 4.4.4.4/32 on Switch S to view the backup next hop information.
Configuring BGP Overview Border Gateway Protocol (BGP) is an exterior gateway protocol (EGP). It is called internal BGP (IBGP) when it runs within an AS and called external BGP (EBGP) when it runs between ASs. The current version in use is BGP-4 (RFC 4271). BGP has the following characteristics: Focuses on route control and selection rather than route discovery and calculation.
BGP path attributes BGP uses the following path attributes in update messages for route filtering and selection: • ORIGIN The ORIGIN attribute specifies the origin of BGP routes. This attribute has the following types: IGP—Has the highest priority. Routes generated in the local AS have the IGP attribute. EGP—Has the second highest priority.
Page 195
Filter routes—By using an AS path list, you can filter routes based on AS numbers contained in the AS_PATH attribute. For more information about AS path list, see "Configuring routing policies." NEXT_HOP • The NEXT_HOP attribute may not be the IP address of a directly-connected router. Its value is determined as follows: When a BGP speaker advertises a self-originated route to a BGP peer, it sets the address of the sending interface as the NEXT_HOP.
Page 196
Figure 50 MED attribute MED = 0 Router B 2.1.1.1 D = 9.0.0.0 Next_hop = 2.1.1.1 EBGP IBGP MED = 0 9.0.0.0 IBGP Router A Router D D = 9.0.0.0 EBGP IBGP Next_hop = 3.1.1.1 MED = 100 AS 10 3.1.1.1 Router C AS 20...
Page 197
Figure 51 LOCAL_PREF attribute • COMMUNITY The COMMUNITY attribute identifies the community of BGP routes. A BGP community is a group of routes with the same characteristics. It has no geographical boundaries. Routes of different ASs can belong to the same community. A route can carry one or more COMMUNITY attribute values (each of which is represented by a 4-byte integer).
Currently, the device supports the Route-Target attribute for VPN and Site of Origin (SoO) attribute. For more information, see MPLS Configuration Guide. BGP route selection BGP discards routes with unreachable NEXT_HOPs. If multiple routes to the same destination are available, BGP selects the best route in the following sequence: The route with the highest Preferred_value.
Page 199
directly-connected next hop through IGP. The matching route with the direct next hop is called the "recursive route." The process of finding a recursive route is route recursion. The system supports BGP load balancing based on route recursion. If multiple recursive routes to the same destination are load balanced (suppose three direct next hop addresses), BGP generates the same number of next hops to forward packets.
Settlements for problems in large-scale BGP networks You can use the following methods to facilitate management and improve route distribution efficiency on a large-scale BGP network. • Route summarization Route summarization can reduce the BGP routing table size by advertising summary routes rather than more specific routes.
Page 201
Community • You can apply a community list or an extended community list to a routing policy for route control. For more information, see "BGP path attributes." Route reflector • IBGP peers must be fully meshed to maintain connectivity. If n routers exist in an AS, the number of IBGP connections is n(n-1)/2.
When the BGP routers in an AS are fully meshed, route reflection is unnecessary because it consumes more bandwidth resources. You can use commands to disable route reflection instead of modifying network configuration or changing network topology. After route reflection is disabled between clients, routes can still be reflected between a client and a non-client.
MP_REACH_NLRI—Carries feasible route prefixes and next hops for multiple network layer • protocols. MP_UNREACH_NLRI—Carries unfeasible route prefixes for multiple network layer protocols. • MP-BGP uses these two attributes to advertise feasible and unfeasible routes for different network layer protocols. BGP speakers not supporting MP-BGP ignore updates containing these attributes and do not forward them to its peers.
View names Ways to enter the views Remarks Configurations in this apply to <Sysname> system-view VPNv6 routes and peers. [Sysname] bgp 100 BGP VPNv6 address family For more information about BGP view [Sysname-bgp] address-family VPNv6 address family view, see vpnv6 MPLS Configuration Guide.
To control BGP route distribution and path selection, you must perform additional configuration tasks. To configure BGP, perform the following tasks (IPv4): Tasks at a glance Remarks Configuring basic BGP: HP recommends that • (Required.) Enabling BGP you configure BGP peer •...
Page 206
(Optional.) Configuring BGP FRR To configure BGP, perform the following tasks (IPv6): Tasks at a glance Remarks Configuring basic BGP: HP recommends that • (Required.) Enabling BGP you configure BGP peer • (Required.) Perform one of the following tasks: groups on large scale...
Tasks at a glance Remarks (Optional.) Controlling BGP path selection: • Specifying a preferred value for routes received • Configuring preferences for BGP routes • Configuring the default local preference • Configuring the MED attribute • Configuring the NEXT_HOP attribute •...
To modify a non-zero router ID of BGP, use the router-id command in BGP view, rather than the • router id command in system view. If you specify a router ID in BGP view and then remove the interface that owns the router ID, the •...
Step Command Remarks Create an IPv4 BGP peer and peer ip-address as-number By default, no IPv4 BGP peer is specify its AS number. as-number created. (Optional.) Configure a peer ip-address description By default, no description is description for a peer. description-text configured for a peer.
Page 210
Configuring an IBGP peer group After you create an IBGP peer group and then add a peer into it, the system creates the peer in BGP view and specifies the local AS number for the peer. To configure an IBGP peer group (IPv4): Step Command Remarks...
Page 211
Step Command Remarks By default, no peer exists in the peer group. peer ipv6-address group Add a peer into the IBGP peer group-name [ as-number To use the as-number as-number group. as-number ] option, you must specify the local AS number. (Optional.) Configure a peer group-name description By default, no description is...
Page 212
Step Command Remarks By default, no peer exists in the peer group. Add a peer into the EBGP peer ip-address group group-name The as-number as-number option, peer group. [ as-number as-number ] if used, must specify the same AS number as the peer group-name as-number as-number command.
Page 213
Step Command Remarks Enable the router to exchange By default, the router cannot IPv6 unicast routing peer group-name enable exchange IPv6 unicast routing information with peers in the information with the peers. specified peer group. To configure an EBGP peer group by using Method 2 (IPv4): Step Command Remarks...
Page 214
Step Command Remarks By default, no EBGP peer group is Create an EBGP peer group. group group-name external created. Create an IPv6 BGP peer and peer ipv6-address as-number By default, no IPv6 BGP peer is specify its AS number. as-number created.
Step Command Remarks Enter system view. system-view • Enter BGP view: bgp as-number • Enter BGP view or BGP-VPN Enter BGP-VPN instance view: instance view. bgp as-number ip vpn-instance vpn-instance-name By default, no EBGP peer group is Create an EBGP peer group. group group-name external created.
Step Command Remarks • Enter BGP view: bgp as-number • Enter BGP-VPN instance view: Enter BGP view or BGP-VPN instance view. bgp as-number ip vpn-instance vpn-instance-name By default, BGP uses the outbound Specify the source interface interface of the best route to the peer { group-name | ip-address } for establishing TCP BGP peer or peer group as the...
Step Command Remarks Enter system view. system-view • Enter BGP view: bgp as-number • Enter BGP view or BGP-VPN Enter BGP-VPN instance view: instance view. bgp as-number ip vpn-instance vpn-instance-name Enter BGP IPv4 unicast address family view or address-family ipv4 [ unicast ] BGP-VPN IPv4 unicast address family view.
Step Command Remarks • Enter BGP view: bgp as-number • Enter BGP view or BGP-VPN Enter BGP-VPN instance view: instance view. bgp as-number ip vpn-instance vpn-instance-name Enter BGP IPv4 unicast address family view or address-family ipv4 [ unicast ] BGP-VPN IPv4 unicast address family view.
Page 219
The output interface of a BGP summary route is Null 0 on the originating router. Therefore, a summary route must not be an optimal route on the originating router. Otherwise, BGP will fail to forward packets matching the route. If a summarized specific route has the same mask as the summary route, but has a lower priority, the summary route becomes the optimal route.
Step Command Remarks Enter system view. system-view • Enter BGP view: bgp as-number • Enter BGP view or BGP-VPN Enter BGP-VPN instance view: instance view. bgp as-number ip vpn-instance vpn-instance-name Enter BGP IPv4 unicast address family view or address-family ipv4 [ unicast ] BGP-VPN IPv4 unicast address family view.
Step Command Remarks • Enter BGP view: bgp as-number • Enter BGP view or BGP-VPN Enter BGP-VPN instance view: instance view. bgp as-number ip vpn-instance vpn-instance-name Enter BGP IPv4 unicast address family view or address-family ipv4 [ unicast ] BGP-VPN IPv4 unicast address family view.
Page 223
If you configure multiple filtering policies, apply them in the following sequence: filter-policy export peer filter-policy export peer as-path-acl export peer prefix-list export peer route-policy export Only routes passing all the configured policies can be advertised. To configure BGP route distribution filtering policies (IPv4): Step Command Remarks...
Page 224
Step Command Remarks • Reference an ACL or IP prefix list to filter advertised BGP routes: filter-policy { acl-number | prefix-list prefix-list-name } export [ direct | isis process-id | ospf process-id | rip process-id | static ] • Reference a routing policy to filter BGP routes advertised to a peer or peer group: peer { group-name |...
Page 225
Step Command Remarks • Reference an ACL or IPv6 prefix list to filter advertised BGP routes: filter-policy { acl6-number | prefix-list ipv6-prefix-name } export [ direct | isisv6 process-id | ospfv3 process-id | ripng process-id | static ] • Reference a routing policy to filter BGP routes advertised to a peer or peer group: peer { group-name |...
Page 226
Step Command Remarks Enter system view. system-view • Enter BGP view: bgp as-number • Enter BGP view or BGP-VPN Enter BGP-VPN instance view: instance view. bgp as-number ip vpn-instance vpn-instance-name Enter BGP IPv4 unicast address family view or address-family ipv4 [ unicast ] BGP-VPN IPv4 unicast address family view.
Step Command Remarks Enter BGP IPv6 unicast address family view or address-family ipv6 [ unicast ] BGP-VPN IPv6 unicast address family view. • Reference ACL or IPv6 prefix list to filter BGP routes received from all peers: filter-policy { acl6-number | prefix-list ipv6-prefix-name } import •...
Step Command Remarks • Enter BGP view: bgp as-number • Enter BGP view or BGP-VPN Enter BGP-VPN instance view: instance view. bgp as-number ip vpn-instance vpn-instance-name Enter BGP IPv4 unicast address family view or address-family ipv4 [ unicast ] BGP-VPN IPv4 unicast address family view.
Step Command Remarks Enter system view. system-view • Enter BGP view: bgp as-number • Enter BGP view or BGP-VPN Enter BGP-VPN instance view: instance view. bgp as-number ip vpn-instance vpn-instance-name Enter BGP IPv4 unicast address family view or address-family ipv4 [ unicast ] BGP-VPN IPv4 unicast address family view.
To specify the default local preference (IPv4): Step Command Remarks Enter system view. system-view • Enter BGP view: bgp as-number • Enter BGP-VPN instance view: Enter BGP view or BGP-VPN instance view. bgp as-number ip vpn-instance vpn-instance-name Enter BGP IPv4 unicast address family view or address-family ipv4 [ unicast ] BGP-VPN IPv4 unicast...
Page 232
Step Command Remarks • Enter BGP view: bgp as-number • Enter BGP-VPN instance view: Enter BGP view or BGP-VPN instance view. bgp as-number ip vpn-instance vpn-instance-name Enter BGP IPv4 unicast address family view or address-family ipv4 [ unicast ] BGP-VPN IPv4 unicast address family view.
Page 233
Step Command Remarks Enable MED comparison for compare-different-as-med By default, this feature is disabled. routes from different ASs. To enable MED comparison for routes from different ASs (IPv6): Step Command Remarks Enter system view. system-view Enter BGP view. bgp as-number Enter BGP IPv6 unicast address-family ipv6 [ unicast ] address family view.
Page 234
3.3.3.3 200e However, Router C and Router A reside in the same AS, and Router C has a greater MED, so network 10.0.0.0 learned from Router C should not be optimal. You can configure the bestroute compare-med command to enable MED comparison for routes from the same AS on Router D.
not belong to the confederation, BGP does not compare it with other routes. As a result, the first route becomes the optimal route. To enable MED comparison for routes from confederation peers (IPv4): Step Command Remarks Enter system view. system-view •...
Page 236
Figure 58 NEXT_HOP attribute configuration If a BGP router has two peers on a broadcast network, it does not set itself as the next hop for routes sent to an EBGP peer by default. As shown in Figure 59, Router A and Router B establish an EBGP neighbor relationship, and Router B and Router C establish an IBGP neighbor relationship.
To configure the NEXT_HOP attribute (IPv6): Step Command Remarks Enter system view. system-view Enter BGP view. bgp as-number Enter BGP IPv6 unicast address-family ipv6 [ unicast ] address family view. By default, the router sets itself as the next hop for routes sent to an Specify the router as the next peer { group-name | EBGP peer or peer group, but does...
Page 238
Step Command Remarks Enter system view. system-view • Enter BGP view: bgp as-number • Enter BGP view or BGP-VPN Enter BGP-VPN instance view: instance view. bgp as-number ip vpn-instance vpn-instance-name Enter BGP IPv6 unicast address family view or address-family ipv6 [ unicast ] BGP-VPN IPv6 unicast address family view.
Page 239
Step Command Remarks Enter BGP IPv6 unicast address family view or address-family ipv6 [ unicast ] BGP-VPN IPv6 unicast address family view. Disable BGP from considering By default, BGP considers AS_PATH during best route bestroute as-path-neglect AS_PATH during best route selection.
Page 240
Configuring AS number substitution IMPORTANT: Do not configure AS number substitution in normal circumstances. Otherwise, routing loops might occur. To use BGP between PE and CE in MPLS L3VPN, VPN sites in different geographical areas should have different AS numbers. Otherwise, BGP discards route updates containing the local AS number. If two CEs connected to different PEs use the same AS number, you must configure AS number substitution on each PE to replace the AS number in route updates originated by the remote CE as its own AS number before advertising them to the connected CE.
Page 241
Step Command Remarks • Enter BGP view: bgp as-number • Enter BGP view or BGP-VPN Enter BGP-VPN instance view: instance view. bgp as-number ip vpn-instance vpn-instance-name Configure AS number peer { group-name | By default, AS number substitution substitution for a peer or peer ipv6-address } substitute-as is not configured.
Step Command Remarks Configure BGP to remove By default, this feature is not private AS numbers from the configured. peer { group-name | AS_PATH attribute of updates ipv6-address } public-as-only This command is only applicable to sent to an EBGP peer or peer EBGP peers or peer groups.
Page 243
Step Command Remarks • Enter BGP view: bgp as-number • Enter BGP view or BGP-VPN Enter BGP-VPN instance view: instance view. bgp as-number ip vpn-instance vpn-instance-name Use either method. By default, the keepalive interval is • Configure the global keepalive 60 seconds, and hold time is 180 interval and hold time: seconds.
Configuring the interval for sending updates for the same route A BGP router sends an update message to its peers when a route is changed. If the route changes frequently, the BGP router keeps sending updates for the same route, resulting route flapping. To prevent this situation, perform this task to configure the interval for sending updates for the same route to a peer or peer group.
Step Command Remarks • Enter BGP view: bgp as-number • Enter BGP view or BGP-VPN Enter BGP-VPN instance view: instance view. bgp as-number ip vpn-instance vpn-instance-name Enable BGP to establish an By default, BGP cannot establish EBGP session to an peer { group-name | ip-address } an EBGP session to an indirectly-connected peer or...
Enabling 4-byte AS number suppression BGP supports 4-byte AS numbers. The 4-byte AS number occupies four bytes, in the range of 1 to 4294967295. By default, a device sends an Open message to the peer device for session establishment. The Open message indicates that the device supports 4-byte AS numbers. If the peer device supports 2-byte AS numbers instead of 4-byte AS numbers, the session cannot be established.
Step Command Remarks Enter system view. system-view • Enter BGP view: bgp as-number • Enter BGP-VPN instance view: Enter BGP view or BGP-VPN Use either method. instance view. bgp as-number ip vpn-instance vpn-instance-name peer { group-name | ip-address } Enable MD5 authentication By default, MD5 authentication is password { cipher | simple } for a BGP peer group or peer.
Step Command Remarks Specify the maximum number By default, load balancing is of BGP ECMP routes for load balance number disabled. balancing. By default, BGP does not perform load balancing over routes with (Optional.) Enable BGP to different AS_PATH attributes. implement load balancing balance as-path-neglect over routes with different...
Step Command Remarks Enter system view. system-view Configure an IPsec transform By default, no IPsec transform set or set and a manual IPsec See Security Configuration Guide. manual IPsec profile exists. profile. • Enter BGP view: bgp as-number • Enter BGP-VPN instance view: Enter BGP view or BGP-VPN Use either method.
Step Command Remarks Disable BGP to establish a peer { group-name | By default, BGP can establish a session to a peer or peer ipv6-address } ignore session to a peer. group. Configuring BGP soft-reset After you modify the route selection policy (for example, modify the preferred value), you must reset BGP sessions to apply the new policy.
Page 251
Step Command Remarks • Enable BGP route refresh for the specified peer or peer group: peer { group-name | ip-address } capability-advertise route-refresh Use either method. Enable BGP route refresh for a • Enable BGP route refresh and By default, BGP route refresh is peer or peer group.
Page 252
Step Command Remarks • Enter BGP view: bgp as-number • Enter BGP view or BGP-VPN Enter BGP-VPN instance view: instance view. bgp as-number ip vpn-instance vpn-instance-name Enter BGP IPv4 unicast address family view or address-family ipv4 [ unicast ] BGP-VPN IPv4 unicast address family view.
Page 253
Step Command Remarks • Enable BGP route refresh for the specified peer or peer group: peer { group-name | ip-address } capability-advertise route-refresh Enable BGP route refresh for a • By default, BGP route refresh is Enable BGP route refresh and peer or peer group.
Configuring a large-scale BGP network In a large network, the number of BGP connections is huge and BGP configuration and maintenance are complicated. To simply BGP configuration, you can use the peer group, community, route reflector, and confederation features as needed. For more information about configuring peer groups, see "Configuring a BGP peer group."...
Step Command Remarks Enter system view. system-view Enter BGP view. bgp as-number Enter BGP IPv6 unicast address-family ipv6 [ unicast ] address family view. • Advertise the COMMUNITY attribute to a peer or peer group: peer { group-name | ipv6-address } Advertise the COMMUNITY By default, the COMMUNITY or advertise-community...
Page 257
Step Command Remarks Enable route reflection By default, route reflection reflect between-clients between clients. between clients is enabled. (Optional.) Configure the reflector cluster-id { cluster-id | By default, a route reflector uses its cluster ID of the route reflector. ip-address } own router ID as the cluster ID.
Step Command Remarks Enter system view. system-view • Enter BGP view: bgp as-number • Enter BGP view or BGP-VPN Enter BGP-VPN instance view: instance view. bgp as-number ip vpn-instance vpn-instance-name By default, BGP does not ignore the ORIGINATOR_ID attribute. Make sure this command does not Ignore the ORIGINATOR_ID peer { group-name | result in a routing loop.
To configure confederation compatibility: Step Command Remarks Enter system view. system-view Enter BGP view. bgp as-number Enable confederation By default, confederation confederation nonstandard compatibility. compatibility is disabled. Configuring BGP GR GR ensures forwarding continuous when a routing protocol restarts or an active/standby switchover occurs.
Step Command Remarks Enter BGP view. bgp as-number By default, GR capability is Enable GR capability for BGP. graceful-restart disabled for BGP. The default setting is 150 seconds. graceful-restart timer restart The time that a peer waits to Configure the GR timer. timer reestablish a session must be less than the hold time.
Configuring BFD for BGP IMPORTANT: If you have enabled GR, use BFD with caution because BFD might detect a failure before the system performs GR, which will result in GR failure. If you have enabled both BFD and GR for BGP, do not disable BFD during a GR process to avoid GR failure.
Page 262
You can enable BGP fast reroute (FRR) to resolve this issue. Figure 61 Network diagram for BGP FRR Backup nexthop: Router C Router A Router B Nexthop: Router D Router E After you configure FRR on Router B as shown in Figure 61, BGP generates a backup next hop Router C for the primary route.
Page 263
Step Command Remarks • Enter BGP view: bgp as-number • Enter BGP-VPN view: Enter BGP view or BGP-VPN view. bgp as-number ip vpn-instance vpn-instance-name Enter BGP IPv4 unicast address family view or address-family ipv4 [ unicast ] BGP-VPN IPv4 unicast address family view.
Step Command Remarks By default, BGP FRR is disabled. Enable BGP FRR for the This method might result in routing address family. loops. Use it with caution. By default, no routing policy is referenced. The apply fast-reroute Reference a routing policy to fast-reroute route-policy backup-nexthop and apply ipv6 specify a backup next hop for...
Configuring basic 6PE Before you configure 6PE, complete the following tasks: • Establish tunnels in the IPv4 backbone network (see Layer 3—IP Services Configuration Guide). Configure basic MPLS on 6PE devices (see MPLS Configuration Guide). • Configure BGP on 6PE devices so that they can advertise tagged IPv6 routing information through •...
Page 266
Step Command Remarks Specify an IPv6 ACL to filter peer { group-name | ip-address } routes advertised to or filter-policy acl6-number { export | By default, no ACL is specified. received from the 6PE peer or import } peer group. Specify an IPv6 prefix list to peer { group-name | ip-address } filter routes advertised to or...
Task Command Display the incoming label of BGP IPv6 display bgp routing-table ipv6 [ unicast ] inlabel unicast routing information. Display the outgoing label of BGP IPv6 display bgp routing-table ipv6 [ unicast ] outlabel unicast routing information. Display information about routes advertised by the network command and display bgp network ipv6 [ unicast ] [ vpn-instance shortcut routes configured by the network...
Page 270
connect-interface command to specify the loopback interface as the source interface for establishing BGP connections. Enable OSPF in AS 65009 to make sure that Switch B can communicate with Switch C through loopback interfaces. The EBGP peers, Switch A and Switch B (usually belong to different carriers), are located in different ASs. Typically, their loopback interfaces are not reachable to each other, so directly connected interfaces are used for establishing BGP sessions.
Page 271
Peer MsgRcvd MsgSent OutQ PrefRcv Up/Down State 2.2.2.2 65009 0 00:00:13 Established The output shows that Switch C has established an IBGP peer relationship with Switch B. Configure EBGP: # Configure Switch A. <SwitchA> system-view [SwitchA] bgp 65008 [SwitchA-bgp] router-id 1.1.1.1 [SwitchA-bgp] peer 3.1.1.1 as-number 65009 [SwitchA-bgp] address-family ipv4 unicast [SwitchA-bgp-ipv4] peer 3.1.1.1 enable...
Page 272
* > 8.1.1.0/24 8.1.1.1 32768 # Display the BGP routing table on Switch B. [SwitchB] display bgp routing-table ipv4 Total number of routes: 1 BGP local router ID is 2.2.2.2 Status codes: * - valid, > - best, d - dampened, h - history, s - suppressed, S - stale, i - internal, e - external Origin: i - IGP, e - EGP, ? - incomplete Network...
Figure 64 Network diagram Configuration considerations Configure BGP to redistribute routes from OSPF on Switch B, so Switch A can obtain the route to 9.1.2.0/24. Configure OSPF to redistribute routes from BGP on Switch B, so Switch C can obtain the route to 8.1.1.0/24.
Page 275
# Configure Switch B. [SwitchB] bgp 65009 [SwitchB-bgp] router-id 2.2.2.2 [SwitchB-bgp] peer 3.1.1.2 as-number 65008 [SwitchB-bgp] address-family ipv4 unicast [SwitchB-bgp-ipv4] peer 3.1.1.2 enable Configure BGP and IGP route redistribution: # Configure route redistribution between BGP and OSPF on Switch B. [SwitchB-bgp-ipv4] import-route ospf 1 [SwitchB-bgp-ipv4] quit [SwitchB-bgp] quit...
Verifying the configuration # Use ping for verification. [SwitchA] ping -a 8.1.1.1 9.1.2.1 Ping 9.1.2.1 (9.1.2.1) from 8.1.1.1: 56 data bytes, press CTRL_C to break 56 bytes from 9.1.2.1: icmp_seq=0 ttl=254 time=10.000 ms 56 bytes from 9.1.2.1: icmp_seq=1 ttl=254 time=12.000 ms 56 bytes from 9.1.2.1: icmp_seq=2 ttl=254 time=2.000 ms 56 bytes from 9.1.2.1: icmp_seq=3 ttl=254 time=7.000 ms 56 bytes from 9.1.2.1: icmp_seq=4 ttl=254 time=9.000 ms...
Page 277
Figure 65 Network diagram Configuration procedure Configure IP addresses for interfaces. (Details not shown.) Configure static routing between Switch A and Switch B: # Configure a default route with the next hop 192.168.212.1 on Switch A. <SwitchA> system-view [SwitchA] ip route-static 0.0.0.0 0 192.168.212.1 # Configure static routes to 192.168.64.0/24, 192.168.74.0/24, and 192.168.99.0/24 with the same next hop 192.168.212.161 on Switch B.
BGP Routing table Status : <Inactive> Summary Count : 0 The output shows that Switch D has learned routes to 192.168.64.0/24, 192.168.74.0/24, and 192.168.99.0/24 through BGP. After the above configurations, ping hosts on networks 192.168.74.0/24, 192.168.99.0/24, and 192.168.64.0/18 from Switch D. The ping operations succeed. Configure route summarization on Switch C to summarize 192.168.64.0/24, 192.168.74.0/24, and 192.168.99.0/24 into a single route 192.168.64.0/18 on Switch C, and disable advertisement of the specific routes.
Page 280
Figure 66 Network diagram Configuration considerations On Switch A, establish EBGP connections with Switch B and Switch C. Configure BGP to advertise network 8.1.1.0/24 to Switch B and Switch C, so that Switch B and Switch C can access the internal network connected to Switch A.
Because Switch A has two routes to reach AS 65009, configuring load balancing over the two BGP routes on Switch A can improve link usage. # Configure Switch A. [SwitchA] bgp 65008 [SwitchA-bgp] address-family ipv4 unicast [SwitchA-bgp-ipv4] balance 2 [SwitchA-bgp-ipv4] quit [SwitchA-bgp] quit Verifying the configuration # Display the BGP routing table on Switch A.
[SwitchA-route-policy-comm_policy-0] quit # Apply the routing policy. [SwitchA] bgp 10 [SwitchA-bgp] address-family ipv4 unicast [SwitchA-bgp-ipv4] peer 200.1.2.2 route-policy comm_policy export [SwitchA-bgp-ipv4] peer 200.1.2.2 advertise-community Verifying the configuration # Display the routing table on Switch B. [SwitchB] display bgp routing-table ipv4 9.1.1.0 BGP local router ID: 2.2.2.2 Local AS number: 20 Paths:...
Page 286
Between Switch A and Switch B is an EBGP connection, between Switch C and Switch B, and • between Switch C and Switch D are IBGP connections. Switch C is a route reflector with clients Switch B and D. • Switch D can learn route 20.0.0.0/8 from Switch C.
Network NextHop LocPrf PrefVal Path/Ogn i 20.0.0.0 193.1.1.2 100i Switch D has learned route 20.0.0.0/8 from Switch C. BGP confederation configuration example Network requirements As shown in Figure 69, to reduce IBGP connections, AS 200 is split into three sub-ASs: AS65001, AS65002, and AS65003.
State : valid, internal-confed, best, The output indicates the following: Switch F can send route information to Switch B and Switch C through the confederation by • establishing only an EBGP connection with Switch A. • Switch B and Switch D are in the same confederation, but belong to different sub-ASs. They obtain external route information from Switch A and generate identical BGP route entries although they have no direct connection in between.
Page 294
# Configure Switch D. [SwitchD] bgp 200 [SwitchD-bgp] peer 194.1.1.2 as-number 200 [SwitchD-bgp] peer 195.1.1.2 as-number 200 [SwitchD-bgp] address-family ipv4 unicast [SwitchD-bgp-ipv4] peer 194.1.1.2 enable [SwitchD-bgp-ipv4] peer 195.1.1.2 enable [SwitchD-bgp-ipv4] quit [SwitchD-bgp] quit Configure attributes for route 1.0.0.0/8, making Switch D give priority to the route learned from Switch C: (Method 1.) Configure a higher MED value for the route 1.0.0.0/8 advertised from Switch A to peer 192.1.1.2:...
* >i 1.0.0.0 193.1.1.1 100i 192.1.1.1 100i Route 1.0.0.0/8 is the optimal. (Method 2.) Configure different local preferences on Switch B and C for route 1.0.0.0/8, making Switch D give priority to the route from Switch C: # Define an ACL numbered 2000 on Switch C, permitting route 1.0.0.0/8. [SwitchC] acl number 2000 [SwitchC-acl-basic-2000] rule permit source 1.0.0.0 0.255.255.255 [SwitchC-acl-basic-2000] quit...
Page 296
Figure 71 Network diagram Configuration procedure Configure Switch A: # Configure IP addresses for interfaces. (Details not shown.) # Configure the EBGP connection. <SwitchA> system-view [SwitchA] bgp 65008 [SwitchA-bgp] router-id 1.1.1.1 [SwitchA-bgp] peer 200.1.1.1 as-number 65009 # Enable GR capability for BGP. [SwitchA-bgp] graceful-restart # Inject network 8.0.0.0/8 to the BGP routing table.
<SwitchC> system-view [SwitchC] bgp 65009 [SwitchC-bgp] router-id 3.3.3.3 [SwitchC-bgp] peer 9.1.1.1 as-number 65009 # Enable GR capability for BGP. [SwitchC-bgp] graceful-restart # Enable Switch C to exchange IPv4 unicast routing information with Switch B. [SwitchC-bgp-ipv4] peer 9.1.1.1 enable Verifying the configuration Ping Switch C on Switch A.
Page 298
Configuration procedure Configure IP addresses for interfaces. (Details not shown.) Configure OSPF to make sure that Switch A and Switch C are reachable to each other. (Details not shown.) Configure BGP on Switch A: # Establish two IBGP connections to Switch C. <SwitchA>...
Page 299
[SwitchC-bgp-ipv4] peer 3.0.1.1 enable [SwitchC-bgp-ipv4] peer 2.0.1.1 enable [SwitchC-bgp-ipv4] quit [SwitchC-bgp] quit # Enable BFD for peer 3.0.1.1. [SwitchC-bgp] peer 3.0.1.1 bfd [SwitchC-bgp] quit [SwitchC] quit Verifying the configuration # Display detailed BFD session information on Switch C. <SwitchC> display bfd session verbose Total Session Num: 1 Up Session Num: 1 Init Mode: Active...
Page 301
Figure 73 Network diagram Loop0 2.2.2.2/32 Vlan-int 100 Vlan-int 101 AS 200 10.1.1.2/24 20.1.1.2/24 Switch B Vlan-int 100 Vlan-int 101 10.1.1.1/24 20.1.1.4/24 Switch A Switch D Link B Vlan-int 200 AS 100 Vlan-int 201 Link A 30.1.1.1/24 40.1.1.4/24 Switch C Vlan-int 200 Vlan-int 201 30.1.1.3/24...
Page 302
# Configure Switch C to establish an EBGP session with Switch A, and an IBGP session with Switch <SwitchC> system-view [SwitchC] bgp 200 [SwitchC-bgp] router-id 3.3.3.3 [SwitchC-bgp] peer 30.1.1.1 as-number 100 [SwitchC-bgp] peer 4.4.4.4 as-number 200 [SwitchC-bgp] peer 4.4.4.4 connect-interface loopback 0 [SwitchC-bgp] address-family ipv4 unicast [SwitchC-bgp-ipv4] peer 30.1.1.1 enable [SwitchC-bgp-ipv4] peer 4.4.4.4 enable...
Page 303
[SwitchA-bgp] address-family ipv4 unicast [SwitchA-bgp-ipv4] fast-reroute route-policy frr [SwitchA-bgp-ipv4] quit [SwitchA-bgp] quit # On Switch D, configure the source address of BFD echo packets as 44.1.1.1, create routing policy frr to set a backup next hop 3.3.3.3 (Switch C) for the route destined for 1.1.1.1/32, and apply the routing policy to BGP FRR for BGP IPv4 unicast address family.
Page 306
The output shows that Switch A and Switch B have established an EBGP connection, and Switch B and Switch C have established an IBGP connection. # Display IPv6 BGP routing table information on Switch A. [SwitchA] display bgp routing-table ipv6 Total number of routes: 4 BGP local router ID is 1.1.1.1 Status codes: * - valid, >...
Page 309
[SwitchC-bgp-ipv6] peer 102::2 reflect-client [SwitchC-bgp-ipv6] quit [SwitchC-bgp] quit Verifying the configuration # Execute the display bgp routing-table ipv6 command on Switch D. [SwitchD] display bgp routing-table ipv6 Total number of routes: 5 BGP local router ID is 4.4.4.4 Status codes: * - valid, > - best, d - dampened, h - history, s - suppressed, S - stale, i - internal, e - external Origin: i - IGP, e - EGP, ? - incomplete * >i Network : 1::...
6PE configuration example Network requirements Use 6PE to connect two isolated IPv6 networks over an IPv4/MPLS network: The ISP uses OSPF as the IGP. • PE 1 and PE 2 are edge devices of the ISP, and establish an IPv4 IBGP connection between them. •...
Page 311
[PE1-bgp-ipv6] import-route static [PE1-bgp-ipv6] peer 3.3.3.3 enable [PE1-bgp-ipv6] peer 3.3.3.3 label-route-capability [PE1-bgp-ipv6] quit [PE1-bgp] quit # Configure a static route to CE 1. [PE1] ipv6 route-static 1::1 128 10::1 # Configure OSPF for the ISP. [PE1] ospf [PE1-ospf-1] area 0 [PE1-ospf-1-area-0.0.0.0] network 2.2.2.2 0.0.0.0 [PE1-ospf-1-area-0.0.0.0] network 1.1.0.0 0.0.255.255 [PE1-ospf-1-area-0.0.0.0] quit...
Page 312
[PE2-ospf-1] quit Configure a static route on CE 1, with PE 1 as the default next hop. <CE1> system-view [CE1] ipv6 route-static :: 0 10::2 Configure a static route on CE 2, with PE 2 as the default next hop. <CE2>...
Path/Ogn: ? # Ping the IPv6 address 4::4 (loopback interface address) of CE 2 from CE 1. The ping operation succeeds. BFD for IPv6 BGP configuration example Network requirements As shown in Figure 77, configure OSPFv3 as the IGP in AS 200. Establish two IBGP connections between Switch A and Switch C.
BkLabel: NULL BkNextHop: N/A Tunnel ID: Invalid Interface: Vlan-interface101 BkTunnel ID: Invalid BkInterface: N/A The output shows that Switch C communicates with network 1200::0/64 through the path Switch C<—>Switch B<—>Switch A. # Break down the path Switch C<—>Switch B<—>Switch A and then display route 1200::0/64 on Switch C.
Page 317
Figure 78 Network diagram Configuration procedure Configure IPv6 addresses for interfaces. (Details not shown.) Configure OSPFv3 in AS 200 to ensure connectivity among Switch B, Switch C and Switch D. (Details not shown.) Configure BGP connections: # Configure Switch A to establish EBGP sessions with Switch B and Switch C, and advertise network 1::/64.
Page 318
[SwitchB-bgp] quit # Configure Switch C to establish an EBGP session with Switch A, and an IBGP session with Switch <SwitchC> system-view [SwitchC] bgp 200 [SwitchC] router-id 3.3.3.3 [SwitchC-bgp] peer 2001::1 as-number 100 [SwitchC-bgp] peer 2002::2 as-number 200 [SwitchC-bgp] address-family ipv6 unicast [SwitchC-bgp-ipv6] peer 2001::1 enable [SwitchC-bgp-ipv6] peer 2002::2 enable [SwitchC-bgp-ipv6] peer 2002::2 next-hop-local...
Page 319
[SwitchA-bgp-ipv6] quit [SwitchA-bgp] quit # On Switch D, create routing policy frr to set a backup next hop 2002::1 (Switch C) for the route destined for 1::/64, and apply the routing policy to BGP FRR for BGP IPv6 unicast address family. <SwitchD>...
Page 321
[SwitchB-bgp] peer 1::1 group ibgp [SwitchB-bgp] address-family ipv6 unicast [SwitchB-bgp-ipv6] peer ibgp enable [SwitchB-bgp-ipv6] quit Establish an EBGP connection between Switch B and Switch C: # Configure Switch C. <SwitchC> system-view [SwitchC] bgp 65009 [SwitchC-bgp] router-id 3.3.3.3 [SwitchC-bgp] group ebgp external [SwitchC-bgp] peer 3::1 as-number 65008 [SwitchC-bgp] peer 3::1 group ebgp [SwitchC-bgp] address-family ipv6 unicast...
Page 322
the encryption algorithm to DES, and authentication algorithm to SHA1. Create IPsec profile named policy002, specify the manual mode for it, reference IPsec transform set tran2, and set the SPIs of the inbound and outbound SAs to 54321 and the keys for the inbound and outbound SAs using ESP to gfedcba.
Page 323
[SwitchA-bgp] peer 1::2 ipsec-profile policy001 [SwitchA-bgp] quit # Configure Switch B. [SwitchB] bgp 65008 [SwitchB-bgp] peer 1::1 ipsec-profile policy001 [SwitchB-bgp] quit Configure IPsec to protect IPv6 BGP packets between Router B and Switch C: # Configure Switch C. [SwitchC] bgp 65009 [SwitchC-bgp] peer ebgp ipsec-profile policy002 [SwitchC-bgp] quit # Configure Switch B.
No routing policy is configured Peer: 3::2 Local: 2.2.2.2 Type: EBGP link BGP version 4, remote router ID 3.3.3.3 BGP current state: Established, Up for 00h05m00s BGP current event: KATimerExpired BGP last state: OpenConfirm Port: Local - 24897 Remote - 179 Configured: Active Hold Time: 180 sec Keepalive Time: 60 sec Received...
Solution Use the display current-configuration command to verify the current configuration, and verify that the peer's AS number is correct. Use the display bgp peer ipv4 unicast or display bgp peer ipv6 unicast command to verify that the peer's IP address/IPv6 address is correct. If a loopback interface is used, verify that the loopback interface is specified with the peer connect-interface command.
Configuring PBR Introduction to PBR Policy-based routing (PBR) uses user-defined policies to route packets. A policy can specify the next hop for packets that match specific criteria such as ACLs. A device forwards received packets using the following process: The device uses PBR to forward matching packets. If the packets do not match the PBR policy or the PBR-based forwarding fails, the device uses the routing table, excluding the default route, to forward the packets.
Relationship between the match mode and clauses on the node Does a packet match all Match mode the if-match clauses on Permit Deny the node? • If the node is configured with an apply clause, PBR executes the apply clause on the node. If PBR successfully guides the forwarding of the packet, PBR does not match the packet against...
Configuring a policy Creating a node Step Command Remarks Enter system view. system-view Create a node for a policy, and policy-based-route policy-name By default, no policy node is enter policy node view. [ deny | permit ] node node-number created. Configuring match criteria for a node Step Command...
Configuring PBR Configuring local PBR Configure PBR by applying a policy locally. PBR uses the policy to guide the forwarding of locally generated packets. The specified policy must already exist. Otherwise, the local PBR configuration fails. You can apply only one policy locally. Before you apply a new policy, you must first remove the current policy.
Configuring IPv6 static routing Static routes are manually configured and cannot adapt to network topology changes. If a fault or a topological change occurs in the network, the network administrator must modify the static routes manually. IPv6 static routing works well in a simple IPv6 network. Configuring an IPv6 static route Before you configure an IPv6 static route, complete the following tasks: Configure parameters for the related interfaces.
Configuring BFD for IPv6 static routes BFD provides a general purpose, standard, and medium- and protocol-independent fast failure detection mechanism. It can uniformly and quickly detect the failures of the bidirectional forwarding paths between two routers for protocols, such as routing protocols and MPLS. For more information about BFD, see High Availability Configuration Guide.
Step Command Remarks • Method 1: ipv6 route-static ipv6-address prefix-length interface-type interface-number next-hop-address bfd echo-packet Use either method. [ preference preference-value ] [ tag tag-value ] [ description description-text ] By default, BFD echo mode for Configure BFD echo • an IPv6 static route is not Method 2: mode for an IPv6...
Page 338
Figure 82 Network diagram Host B 2::2/64 Vlan-int400 2::1/64 Vlan-int200 Vlan-int300 4::2/64 5::2/64 Switch B Vlan-int200 Vlan-int300 4::1/64 5::1/64 Vlan-int100 Vlan-int500 1::1/64 3::1/64 Switch C Switch A Host C Host A 3::2/64 1::2/64 Configuration procedure Configure the IPv6 addresses for all VLAN interfaces. (Details not shown.) Configure IPv6 static routes: # Configure a default IPv6 static route on Switch A.
Static Routing table Status : < Inactive> Summary Count : 0 The output shows that Switch A communicates with Switch B through VLAN-interface 1 1. BFD for IPv6 static routes configuration example (indirect next hop) Network requirements Figure 84, Switch A has a route to interface Loopback 1 (2::9/128) on Switch B, with the output interface being VLAN-interface 10.
Page 343
<SwitchA> system-view [SwitchA] bfd multi-hop min-transmit-interval 500 [SwitchA] bfd multi-hop min-receive-interval 500 [SwitchA] bfd multi-hop detect-multiplier 9 [SwitchA] ipv6 route-static 120:: 64 2::9 bfd control-packet bfd-source 1::9 [SwitchA] ipv6 route-static 120:: 64 10::100 preference 65 [SwitchA] quit # Configure IPv6 static routes on Switch B and enable BFD control packet mode for the static route that traverses Switch D.
Page 344
Destination: 120::/64 Protocol : Static NextHop : 2::9 Preference: 60 Interface : Vlan10 Cost Static Routing table Status : <Inactive> Summary Count : 0 The output shows that Switch A communicates Switch B through VLAN-interface 10. The link over VLAN-interface 10 fails. # Display IPv6 static routes on Switch A again.
Configuring an IPv6 default route A default IPv6 route is used to forward packets that match no entry in the routing table. A default IPv6 route can be configured in either of the following ways: The network administrator can configure a default route with a destination prefix of ::/0. For more •...
Configuring RIPng RIP next generation (RIPng) is an extension of RIP-2 for support of IPv6. Most RIP concepts are applicable to RIPng. Overview RIPng is a distance vector routing protocol. It employs UDP to exchange route information through port 521. RIPng uses a hop count to measure the distance to a destination. The hop count is the metric or cost. The hop count from a router to a directly connected network is 0.
When a RIPng neighbor receives the request packet, it sends back a response packet that contains the local routing table. RIPng can also advertise route updates in response packets periodically or advertise a triggered update caused by a route change. After RIPng receives the response, it checks the validity of the response before adding routes to its routing table, such as whether the source IPv6 address is the link-local address and whether the port number is correct.
Step Command Remarks Return to system view. quit interface interface-type Enter interface view. interface-number By default, RIPng is disabled. If RIPng is not enabled on an Enable RIPng on the interface. ripng process-id enable interface, the interface does not send or receive any RIPng route.
For example, RIPng has two specific routes to be advertised through an interface: 1:1 1:1 1::24 with a metric of a 2 and 1:1 1:12::34 with a metric of 3. Configure route summarization on the interface, so RIPng advertises a single route 1 1::0/16 with a metric of 2. To configure RIPng route summarization: Step Command...
Configuring a preference for RIPng Routing protocols each have a preference. When they find routes to the same destination, the route found by the routing protocol with the highest preference is selected as the optimal route. You can manually set a preference for RIPng.
Configuring split horizon Split horizon disables RIPng from sending routes through the interface where the routes were learned to prevent routing loops between neighbors. HP recommends enabling split horizon to prevent routing loops in normal cases. To configure split horizon: Step...
RIPng does not process the packets. If you are certain that all packets are trustworthy, disable the zero field check to save CPU resources. To configure RIPng zero field check: Step Command Remarks Enter system view. system-view ripng [ process-id ] [ vpn-instance Enter RIPng view.
To configure GR on the GR restarter: Step Command Remarks Enter system view. system-view Enable RIPng and enter RIPng ripng [ process-id ] [ vpn-instance view. vpn-instance-name ] Enable the GR capability for graceful-restart By default, RIPng GR is disabled. RIPng.
Task Command Display configuration information of a RIPng display ripng [ process-id ] process. Display routes in the RIPng database. display ripng process-id database [ ipv6-address prefix-length ] Display the routing information of a specified display ripng process-id route [ ipv6-address prefix-length RIPng process.
Page 361
[SwitchB-ipsec-profile-profile001-manual] sa spi outbound esp 256 [SwitchB-ipsec-profile-profile001-manual] sa string-key inbound esp simple abc [SwitchB-ipsec-profile-profile001-manual] sa string-key outbound esp simple abc [SwitchB-ipsec-profile-profile001-manual] quit # On Switch C, create an IPsec transform set named protrf1, and set the encapsulation mode to transport mode, the security protocol to ESP, the encryption algorithm to 3DES, and authentication algorithm to MD5.
Configuring OSPFv3 This chapter describes how to configure RFC 2740-compliant Open Shortest Path First version 3 (OSPFv3) for an IPv6 network. For more information about OSPFv2, see "Configuring OSPF." OSPFv3 overview OSPFv3 and OSPFv2 have the following in common: 32-bit router ID and area ID •...
Inter-Area-Router LSA—Type-4 LSA, originated by ABRs and flooded throughout the LSA's • associated area. Each Inter-Area-Router LSA describes a route to ASBR. AS External LSA—Type-5 LSA, originated by ASBRs, and flooded throughout the AS, except stub • area. Each AS External LSA describes a route to another AS. A default route can be described by an AS External LSA.
Tasks at a glance (Optional.) Tuning and optimizing OSPFv3 networks: • Configuring OSPFv3 timers • Specifying LSA transmission delay • Configuring a DR priority for an interface • Specifying SPF calculation interval • Specifying the LSA generation interval • Ignoring MTU check for DD packets •...
Step Command Remarks Enable an OSPFv3 process on ospfv3 process-id area area-id No OSPFv3 process is enabled on the interface. [ instance instance-id ] an interface by default. Configuring OSPFv3 area parameters OSPFv3 has the same stub area and virtual link features as OSPFv2. After you split an OSPFv3 AS into multiple areas, the LSA number is reduced and OSPFv3 applications are extended.
To configure an NSSA area, configure the nssa command on all the routers attached to the area. To configure a totally NSSA area, configure the nssa no-summary command on the ABR. The ABR of a totally NSSA area does not advertise inter-area routes into the area. To configure an NSSA area: Step Command...
Configuring OSPFv3 network types OSPFv3 classifies networks into the following types by the link layer protocol: • Broadcast—When the link layer protocol is Ethernet or FDDI, OSPFv3 considers the network type as broadcast by default. • NBMA—When the link layer protocol is ATM, Frame Relay, or X.25, OSPFv3 considers the network type as NBMA by default.
Step Command Remarks Specify an NBMA or P2MP ospfv3 peer ipv6-address [ cost By default, no link-local (unicast) neighbor and its DR value | dr-priority dr-priority ] address is specified for the priority. [ instance instance-id ] neighbor interface. Configuring OSPFv3 route control Configuration prerequisites Before you configure OSPFv3 route control, complete the following tasks: Configure IPv6 addresses for interfaces to ensure IPv6 connectivity between neighboring nodes.
To configure route summarization on an ASBR: Step Command Remarks Enter system view. system-view ospfv3 [ process-id | vpn-instance Enter OSPFv3 view. vpn-instance-name ] * Configure route asbr-summary ipv6-address By default, route summarization is summarization on an prefix-length [ cost cost | not-advertise | not configured on an ASBR.
Configure a bandwidth reference value for the interface, and OSPFv3 computes the cost • automatically based on the bandwidth reference value: Interface OSPFv3 cost = Bandwidth reference value (100 Mbps)/Interface bandwidth (Mbps). If the calculated cost is greater than 65535, the value of 65535 is used; if the calculated cost is smaller than 1, the value of 1 is used. If no cost is configured for an interface, OSPFv3 automatically computes the cost for the interface.
Configuring a preference for OSPFv3 A router can run multiple routing protocols. The system assigns a priority for each protocol. When these routing protocols find the same route, the route found by the protocol with the highest priority is selected. To configure a preference for OSPFv3: Step Command...
Step Command Remarks By default, OSPFv3 accepts all redistributed routes. This command filters only (Optional.) Configure filter-policy { acl6-number | prefix-list routes redistributed with the OSPFv3 to filter redistributed prefix-list-name } export [ protocol import-route command. If the routes. [ process-id ] ] import-route command is not configured, executing this command does not take...
Specifying LSA transmission delay Each LSA in the LSDB has an age that is incremented by 1 every second, but the age does not change during transmission. Therefore, it is necessary to add a transmission delay into the age time, especially for low-speed links.
To configure the LSA generation interval: Step Command Remarks Enter system view. system-view ospfv3 [ process-id | vpn-instance Enter OSPFv3 view. vpn-instance-name ] * By default, the maximum interval is 5 lsa-generation-interval Configure the LSA seconds, the minimum interval is 0 maximum-interval [ minimum-interval generation interval.
Step Command Remarks Enter system view. system-view ospfv3 [ process-id | vpn-instance Enter OSPFv3 view. vpn-instance-name ] * By default, the interfaces are able to receive and send OSPFv3 packets. Disable interfaces from This command disables only the silent-interface { interface-type receiving and sending interfaces associated with the interface-number | all }...
On P2P and P2MP networks, OSPFv3 does not advertise the prefixes of suppressed interfaces in • Type-9 LSAs that reference Type- 1 LSAs. IMPORTANT: If you want to use prefix suppression, HP recommends that you configure prefix suppression on all OSPFv3 routers.
Configuring prefix suppression for an OSPFv3 process Enabling prefix suppression for an OSPFv3 process does not suppress the prefixes of loopback interfaces and passive interfaces. To configure prefix suppression for an OSPFv3 process: Step Command Remarks Enter system view. system-view ospfv3 [ process-id | vpn-instance Enter OSPFv3 view.
Step Command Remarks Enter system view. system-view ospfv3 [ process-id | vpn-instance Enter OSPFv3 view. vpn-instance-name ] * By default, OSPFv3 GR restarter capability is disabled. graceful-restart enable [ global | Enable the GR capability. The global and planned-only planned-only ] * keywords are available in Release 2406P03 and later versions.
Nonstop routing (NSR) backs up OSPFv3 link state information from the active process to the standby process. After an active/standby switchover, NSR can complete link state recovery and route regeneration without tearing down adjacencies or impacting forwarding services. NSR does not require the cooperation of neighboring devices to recover routing information, and it is typically used more often than GR.
Applying an IPsec profile To protect routing information and prevent attacks, OSPFv3 can authenticate protocol packets by using an IPsec profile. For more information about IPsec profiles, see Security Configuration Guide. Outbound OSPFv3 packets carry the Security Parameter Index (SPI) defined in the relevant IPsec profile. A device uses the SPI carried in a received packet to match against the configured IPsec profile.
Step Command Remarks Enter OSPFv3 area view. area area-id vlink-peer router-id [ dead seconds | hello Apply an IPsec profile to a seconds | instance instance-id | retransmit By default, no IPsec profile is virtual link. seconds | trans-delay seconds | applied.
Purpose Command Restart an OSPFv3 process (available in reset ospfv3 [ process-id ] process [ graceful-restart ] Release 2406P03 and later versions). Restart OSPFv3 route redistribution (available in Release 2406P03 and later reset ospfv3 [ process-id ] redistribution versions). Clear OSPFv3 statistics (available in Release reset ospfv3 [ process-id ] statistics 2406P03 and later versions).
Page 383
[SwitchA] interface vlan-interface 200 [SwitchA-Vlan-interface200] ospfv3 1 area 1 [SwitchA-Vlan-interface200] quit # Configure Switch B: enable OSPFv3 and specify the router ID as 2.2.2.2. <SwitchB> system-view [SwitchB] ospfv3 [SwitchB-ospfv3-1] router-id 2.2.2.2 [SwitchB-ospfv3-1] quit [SwitchB] interface vlan-interface 100 [SwitchB-Vlan-interface100] ospfv3 1 area 0 [SwitchB-Vlan-interface100] quit [SwitchB] interface vlan-interface 200 [SwitchB-Vlan-interface200] ospfv3 1 area 1...
Page 384
# Display OSPFv3 neighbors on Switch C. [SwitchC] display ospfv3 peer OSPFv3 Process 1 with Router ID 3.3.3.3 Area: 0.0.0.0 ------------------------------------------------------------------------- Router ID Pri State Dead-Time InstID Interface 2.2.2.2 Full/DR 00:00:40 Vlan100 Area: 0.0.0.2 ------------------------------------------------------------------------- Router ID Pri State Dead-Time InstID Interface 4.4.4.4 Full/BDR 00:00:40...
Page 385
Configure Area 2 as a stub area: # Configure Switch D. [SwitchD] ospfv3 [SwitchD-ospfv3-1] area 2 [SwitchD-ospfv3-1-area-0.0.0.2] stub # Configure Switch C, and specify the cost of the default route sent to the stub area as 10. [SwitchC] ospfv3 [SwitchC-ospfv3-1] area 2 [SwitchC-ospfv3-1-area-0.0.0.2] stub [SwitchC-ospfv3-1-area-0.0.0.2] default-cost 10 # Display OSPFv3 routing table information on Switch D.
Total: 5 Intra area: 1 Inter area: 4 ASE: 0 The output shows that a default route is added, and its cost is the cost of a direct route plus the configured cost. Configure Area 2 as a totally stub area: # Configure Area 2 as a totally stub area on Switch C.
Page 387
Figure 89 Network diagram Configuration procedure Configure IPv6 addresses for interfaces. (Details not shown.) Configure basic OSPFv3 (see "OSPFv3 stub area configuration example"). Configure Area 1 as an NSSA area: # Configure Switch A. [SwitchA] ospfv3 [SwitchA-ospfv3-1] area 1 [SwitchA-ospfv3-1-area-0.0.0.1] nssa [SwitchA-ospfv3-1-area-0.0.0.1] quit [SwitchA-ospfv3-1] quit # Configure Switch B.
Page 388
Nexthop : :: Interface: Vlan200 AdvRouter : 1.1.1.1 Area : 0.0.0.1 Preference : 10 *Destination: 2001:2::/64 Type : IA Cost NextHop : FE80::20C:29FF:FE74:59C6 Interface: Vlan200 AdvRouter : 2.2.2.2 Area : 0.0.0.1 Preference : 10 Total: 3 Intra area: 1 Inter area: 2 ASE: 0 NSSA: 0 Configure route redistribution:...
AdvRouter : 2.2.2.2 Area : 0.0.0.2 Preference : 10 Total: 4 Intra area: 1 Inter area: 2 ASE: 1 NSSA: 0 The output shows an AS external route imported from the NSSA area exists on Switch D. OSPFv3 DR election configuration example Network requirements •...
Page 390
[SwitchB] interface vlan-interface 200 [SwitchB-Vlan-interface200] ospfv3 1 area 0 [SwitchB-Vlan-interface200] quit # Configure Switch C: enable OSPFv3 and specify the router ID as 3.3.3.3. <SwitchC> system-view [SwitchC] ospfv3 [SwitchC-ospfv3-1] router-id 3.3.3.3 [SwitchC-ospfv3-1] quit [SwitchC] interface vlan-interface 100 [SwitchC-Vlan-interface100] ospfv3 1 area 0 [SwitchC-Vlan-interface100] quit # Configure Switch D: enable OSPFv3 and specify the router ID as 4.4.4.4.
Page 391
# Configure the router priority of VLAN-interface 200 as 0 on Switch B. [SwitchB] interface vlan-interface 200 [SwitchB-Vlan-interface200] ospfv3 dr-priority 0 [SwitchB-Vlan-interface200] quit # Configure the router priority of VLAN-interface 100 of Switch C as 2. [SwitchC] interface Vlan-interface 100 [SwitchC-Vlan-interface100] ospfv3 dr-priority 2 [SwitchC-Vlan-interface100] quit # Display neighbor information on Switch A.
OSPFv3 Process 1 with Router ID 4.4.4.4 Area: 0.0.0.0 ------------------------------------------------------------------------- Router ID Pri State Dead-Time InstID Interface 1.1.1.1 100 Full/DR 00:00:30 Vlan100 2.2.2.2 2-Way/DROther 00:00:37 Vlan200 3.3.3.3 Full/BDR 00:00:31 Vlan100 The output shows that Switch A becomes the DR. OSPFv3 route redistribution configuration example Network requirements As shown in Figure...
Page 393
[SwitchA-Vlan-interface200] quit # Enable OSPFv3 process 1 and OSPFv3 process 2 on Switch B. <SwitchB> system-view [SwitchB] ospfv3 1 [SwitchB-ospfv3-1] router-id 2.2.2.2 [SwitchB-ospfv3-1] quit [SwitchB] interface vlan-interface 100 [SwitchB-Vlan-interface100] ospfv3 1 area 2 [SwitchB-Vlan-interface100] quit [SwitchB] ospfv3 2 [SwitchB-ospfv3-2] router-id 3.3.3.3 [SwitchB-ospfv3-2] quit [SwitchB] interface vlan-interface 300 [SwitchB-Vlan-interface300] ospfv3 2 area 2...
Page 394
NextHop : ::1 Preference: 0 Interface : InLoop0 Cost Destination: FE80::/10 Protocol : Direct NextHop : :: Preference: 0 Interface : NULL0 Cost Destination: FF00::/8 Protocol : Direct NextHop : :: Preference: 0 Interface : NULL0 Configure OSPFv3 route redistribution: # Configure OSPFv3 process 2 to redistribute direct routes and the routes from OSPFv3 process 1 on Switch B.
Page 399
Switch A acts as the GR restarter. Switch B and Switch C act as the GR helpers, and synchronize • their LSDBs with Switch A through out-of-band (OOB) communication of GR. Figure 93 Network diagram Configuration procedure Configure IPv6 addresses for interfaces. (Details not shown.) Configure basic OSPFv3: # On Switch A, enable OSPFv3 process 1, enable GR, and set the router ID to 1.1.1.1.
Verifying the configuration After all switches function correctly, perform a master/backup switchover on Switch A to trigger an OSPFv3 GR operation. OSPFv3 NSR configuration example Network requirements As shown in Figure 94, Switch S, Switch A, and Switch B belong to the same AS and OSPFv3 routing domain.
[SwitchS-Vlan-interface100] quit [SwitchS] interface vlan-interface 200 [SwitchS-Vlan-interface200] ospfv3 1 area 1 [SwitchS-Vlan-interface200] quit Verifying the configuration # Verify the following: • When an active/standby switchover occurs on Switch S, the neighbor relationships and routing information on Switch A and Switch B have not changed. (Details not shown.) The traffic from Switch A to Switch B has not been impacted.
Page 402
[SwitchA-ospfv3-1] router-id 1.1.1.1 [SwitchA-ospfv3-1] quit [SwitchA] interface vlan-interface 10 [SwitchA-Vlan-interface10] ospfv3 1 area 0 [SwitchA-Vlan-interface10] quit [SwitchA] interface vlan-interface 11 [SwitchA-Vlan-interface11] ospfv3 1 area 0 [SwitchA-Vlan-interface11] quit # On Switch B, enable OSPFv3 and specify the router ID as 2.2.2.2. <SwitchB>...
Verifying the configuration # Display the BFD information on Switch A. <SwitchA> display bfd session Total Session Num: 1 Init Mode: Active IPv6 Session Working Under Ctrl Mode: Local Discr: 1441 Remote Discr: 1450 Source IP: FE80::20F:FF:FE00:1202 (link-local address of VLAN-interface 10 on Switch A) Destination IP: FE80::20F:FF:FE00:1200 (link-local address of VLAN-interface 10 on Switch B)
Page 404
Figure 96 Network diagram OSPFv3 Switch B Switch C Area 0 Vlan-int100 2001::1/64 Vlan-int100 2001::2/64 Vlan-int200 2001:1::1/64 OSPFv3 Vlan-int200 Area 1 2001:1::2/64 Switch A Configuration procedure Configure IPv6 addresses for interfaces. (Details not shown.) Configure OSPFv3 basic functions: # On Switch A, enable OSPFv3 and configure the router ID as 1.1.1.1. <SwitchA>...
Page 405
algorithm to MD5. Create an IPsec profile named profile001, specify the manual mode for it, reference IPsec transform set trans, and set the SPIs of the inbound and outbound SAs to 123 and the keys for the inbound and outbound SAs using ESP to abc. [SwitchA] ipsec transform-set trans [SwitchA-ipsec-transform-set-trans] encapsulation-mode transport [SwitchA-ipsec-transform-set-trans] esp encryption-algorithm 3des-cbc...
Page 406
[SwitchB-ipsec-profile-profile002-manual] sa string-key outbound ah simple hello [SwitchB-ipsec-profile-profile002-manual] sa string-key inbound esp simple byebye [SwitchB-ipsec-profile-profile002-manual] sa string-key outbound esp simple byebye [SwitchB-ipsec-profile-profile002-manual] quit # On Switch C, create an IPsec transform set named trans, and set the encapsulation mode to transport mode, the security protocol to ESP, the encryption algorithm to 3DES, and authentication algorithm to MD5.
Page 407
Verifying the configuration OSPFv3 packets between Switches A, B, and C are protected by IPsec.
Configuring IPv6 IS-IS IPv6 IS-IS supports all IPv4 IS-IS features except that it advertises IPv6 routing information. This chapter describes only IPv6 IS-IS specific configuration tasks. For information about IS-IS, see "Configuring IS-IS." Overview Intermediate System-to-Intermediate System (IS-IS) supports multiple network protocols, including IPv6. To support IPv6, the IETF added two type-length-values (TLVs) and a new network layer protocol identifier (NLPID).
Configuring IPv6 IS-IS route control Before you configure IPv6 IS-IS route control, complete basic IPv6 IS-IS configuration. To configure IPv6 IS-IS route control: Step Command Remarks Enter system view. system-view isis [ process-id ] [ vpn-instance Enter IS-IS view. vpn-instance-name ] Specify a preference for ipv6 preference { route-policy By default, the default...
Step Command Remarks By default, the maximum number of IPv6 IS-IS ECMP routes equals the maximum number of ECMP routes supported by the system. Use the max-ecmp-num Specify the maximum command to configure the number of ECMP routes for ipv6 maximum load-balancing number maximum number of ECMP load balancing.
Step Command Remarks Enter system view. system-view Enable an IS-IS process and isis [ process-id ] [ vpn-instance enter IS-IS view. vpn-instance-name ] Configure the NET for the IS-IS network-entity net By default, no NET is configured. process. Enable IPv6 for the IS-IS By default, IPv6 for the IS-IS ipv6 enable process.
BFD for IPv6 IS-IS configuration example Network requirements As shown in Figure 98, configure IPv6 IS-IS on Switch A and Switch B so that they can reach other. • Enable BFD on VLAN-interface 10 of Switch A and Switch B. After the link between Switch B and •...
Page 418
Local Discr: 1441 Remote Discr: 1450 Source IP: FE80::20F:FF:FE00:1202 (link-local address of VLAN-interface 10 on Switch A) Destination IP: FE80::20F:FF:FE00:1200 (link-local address of VLAN-interface 10 on Switch B) Session State: Up Interface: Vlan10 Hold Time: 2319ms # Display routes destined for 2001:4::0/64 on Switch A. <SwitchA>...
Configuring IPv6 PBR Introduction to IPv6 PBR Policy-based routing (PBR) uses user-defined policies to route packets. A policy can specify the next hop for packets that match specific criteria such as ACLs. A device forwards received packets using the following process: The device uses PBR to forward matching packets.
Relationship between the match mode and clauses on the node Does a packet match all the Match mode if-match clauses on the In permit mode In deny mode node? • If the node is configured with an apply clause, IPv6 PBR executes the apply clause on the node.
Tasks at a glance (Required.) Configuring IPv6 PBR: • Configuring IPv6 local PBR • Configuring IPv6 interface PBR Configuring an IPv6 policy Creating an IPv6 node Step Command Remarks Enter system view. system-view Create an IPv6 policy or policy node, and ipv6 policy-based-route policy-name [ deny | By default, no IPv6 policy enter IPv6 policy...
Step Command Remarks By default, no next hop is specified. You can specify multiple next hops for Set next hops for apply next-hop [ vpn-instance backup or load sharing by executing permitted IPv6 vpn-instance-name ] { ipv6-address [ direct ] this command once or multiple times.
Configuring routing policies Routing policies control routing paths by filtering and modifying routing information. This chapter describes both IPv4 and IPv6 routing policies. Overview Routing policies can filter advertised, received, and redistributed routes, and modify attributes for specific routes. To configure a routing policy: Configure filters based on route attributes, such as destination address and the advertising router's address.
For more information about extended community lists, see MPLS Configuration Guide. Routing policy A routing policy can contain multiple nodes, which are in a logical OR relationship. A node with a smaller number is matched first. A route (except the route configured with the continue clauses) that matches one node matches the routing policy.
Step Command Remarks Enter system view. system-view ip prefix-list prefix-list-name [ index index-number ] Configure an IPv4 { deny | permit } ip-address mask-length By default, no IPv4 prefix prefix list. [ greater-equal min-mask-length ] [ less-equal list is configured. max-mask-length ] Configuring an IPv6 prefix list If all items are set to deny mode, no routes can pass the IPv6 prefix list.
Step Command Remarks • Configure a basic community list: ip community-list { basic-comm-list-num | basic basic-comm-list-name } { deny | permit } [ community-number&<1-32> | aa:nn&<1-32> ] Use either method. [ internet | no-advertise | no-export | Configure a community By default, no no-export-subconfed ] * list.
Configuring if-match clauses You can either specify no if-match clauses or multiple if-match clauses for a routing policy node. If no if-match clause is specified for a permit-mode node, all routing information can pass the node. If no if-match clause is specified for a deny-mode node, no routing information can pass the node. The if-match clauses of a routing policy node have a logical AND relationship.
Step Command Remarks By default, no local Match BGP routes having the if-match local-preference preference preference is configured for specified local preference. BGP routes. Match routes having MPLS By default, no MPLS label if-match mpls-label labels. match criterion is configured. if-match route-type { external-type1 | external-type1or2 | external-type2 | Match routes having the...
Step Command Remarks • Set the next hop for IPv4 routes: apply ip-address next-hop By default, no next hop is set for ip-address [ public | IPv4/IPv6 routes. vpn-instance The apply ip-address next-hop and Set the next hop for routes. vpn-instance-name ] apply ipv6 next-hop commands do •...
apply cost clauses with the + or - keyword, the apply community clauses with the additive keyword, and the apply extcommunity clauses with the additive keyword), all the apply clauses configured on the matching nodes take effect. • If you configure the apply community clause for multiple nodes that are combined by the continue clause, the apply comm-list delete clause configured on the current node cannot delete the community attributes set by preceding nodes.
Page 435
On Switch B, enable route redistribution from IS-IS to OSPF, and use a routing policy to set the cost of route 172.17.1.0/24 to 100 and the tag of route 172.17.2.0/24 to 20. Figure 101 Network diagram IS-IS OSPF Vlan-int100 Vlan-int200 192.168.1.2/24 192.168.2.2/24 Switch B...
Page 436
Configure OSPF and route redistribution: # Configure OSPF on Switch A. <SwitchA> system-view [SwitchA] ospf [SwitchA-ospf-1] area 0 [SwitchA-ospf-1-area-0.0.0.0] network 192.168.1.0 0.0.0.255 [SwitchA-ospf-1-area-0.0.0.0] quit [SwitchA-ospf-1] quit # On Switch B, configure OSPF and enable route redistribution from IS-IS. [SwitchB] ospf [SwitchB-ospf-1] area 0 [SwitchB-ospf-1-area-0.0.0.0] network 192.168.1.0 0.0.0.255 [SwitchB-ospf-1-area-0.0.0.0] quit...
Page 439
Peer FE80::7D58:0:CA03:1 on Vlan-interface 100 Destination 10::/32, via FE80::7D58:0:CA03:1, cost 1, tag 0, A, 18 secs Destination 20::/32, via FE80::7D58:0:CA03:1, cost 1, tag 0, A, 8 secs Destination 40::/32, via FE80::7D58:0:CA03:1, cost 1, tag 0, A, 3 secs...
Related information Documents To find related documents, browse to the Manuals page of the HP Business Support Center website: http://www.hp.com/support/manuals For related documentation, navigate to the Networking section, and select a networking category. •...
Conventions This section describes the conventions used in this documentation set. Command conventions Convention Description Boldface Bold text represents commands and keywords that you enter literally as shown. Italic Italic text represents arguments that you replace with actual values. Square brackets enclose syntax choices (keywords or arguments) that are optional. Braces enclose a set of required syntax choices separated by vertical bars, from which { x | y | ...
Page 442
Network topology icons Represents a generic network device, such as a router, switch, or firewall. Represents a routing-capable device, such as a router or Layer 3 switch. Represents a generic switch, such as a Layer 2 or Layer 3 switch, or a router that supports Layer 2 forwarding and other Layer 2 features.
Page 443
Index Numerics BGP configuration, 181, BGP default route to peer/peer group, 4-byte BGP optimal route, IPv4 BGP AS number suppression, BGP optimal route advertisement, IPv6 BGP AS number suppression, BGP route advertisement rules, BGP route generation, BGP 6PE basic configuration, IP routing IS-IS default route, BGP 6PE configuration, IP routing OSPF basic configuration,...
Page 444
IPv6 PBR apply clause, IPv4 BGP AS number substitution, OSPFv3 IPsec profile, IPv4 BGP basic configuration, PBR apply clause, IPv4 BGP BFD configuration, RIPng IPsec profile, IPv4 BGP COMMUNITY configuration, area IPv4 BGP confederation configuration, IP routing IS-IS, IPv4 BGP configuration, IP routing IS-IS area address, IPv4 BGP fake AS number advertisement, IP routing IS-IS area authentication,...
Page 445
IP routing OSPF redistributed route MP-BGP MP_UNREACH_NLRI extended summarization on ASBR, attribute, IP routing OSPF router type, authenticating OSPFv3 redistributed route summarization, IP routing IS-IS area authentication, assigning IP routing IS-IS authentication, IPv6 IS-IS route convergence priority, IP routing IS-IS neighbor relationship authentication, attribute IP routing IS-IS network security enhancement,...
Page 446
IP routing RIP BFD configuration, GR configuration, IP routing RIP BFD configuration (bidirectional GR helper configuration, control detection), GR restarter configuration, IP routing RIP BFD configuration (bidirectional IPv4 EBGP peer protection (low memory detection/control packet mode), exemption), IP routing RIP BFD configuration (single-hop IPv6 EBGP peer protection (low memory echo detection/neighbor), exemption),...
Page 447
IP routing OSPF BFD detection (bidirectional IP routing policy community list configuration, control), IP routing policy extended community list, IP routing OSPF BFD detection (single-hop IP routing policy extended community list echo), configuration, IP routing RIP BFD configuration (bidirectional IP routing policy list, control detection), IPv4 BGP COMMUNITY configuration, 243, IP routing RIP BFD configuration (bidirectional...
Page 448
BGP route filtering policies, IP routing IS-IS system ID-host name mapping (static), BGP route redistribution, IP routing max number ECMP routes, BGP route reflection, IP routing OSPF, 59, 66, BGP soft reset, IP routing OSPF area, IP routing, IP routing OSPF area authentication, IP routing FIB route max lifetime, IP routing OSPF authentication, IP routing IS-IS, 126, 133,...
Page 449
IP routing OSPF prefix prioritization, IP routing RIP BFD (single-hop echo detection/specific destination), 36, IP routing OSPF prefix suppression, IP routing RIP BFD single-hop echo detection, IP routing OSPF prefix suppression (global), IP routing RIP FRR, 37, IP routing OSPF prefix suppression (on interface), IP routing RIP GR, IP routing OSPF received route filtering,...
Page 451
PBR local (packet type-based), IP routing RIP additional routing metric configuration, PBR node action, IP routing RIP BFD configuration (bidirectional PBR node match criteria, detection/control packet mode), PBR policy, IP routing RIP interface advertisement, RIPng, 334, 335, IP routing RIP interface reception, 25, RIPng basics, 335, IP routing RIP route control configuration, RIPng GR,...
Page 452
RIPng default route advertisement, static route configuration. See under static IP routing IS-IS DIS election, routing IP routing IS-IS DIS election configuration, delaying IP routing IS-IS interface DIS priority, OSPFv3 LSA transmission delay, disabling detecting IP routing IS-IS interface packet send/receive, IP routing OSPF BFD configuration, IP routing OSPF interface packet send/receive IP routing OSPF BFD detection (bidirectional...
Page 453
OSPFv3 interface DR priority, BGP, DSCP BGP session state change logging, IP routing OSPF packet DSCP value, BGP SNMP notification, DSP (IS-IS area address), EBGP direct connections after link failure, dynamic IP routing enhanced ECMP mode, IP routing dynamic routing protocols, IP routing IS-IS, IP routing IS-IS system ID-host name mapping IP routing IS-IS automatic cost calculation,...
Page 454
enhancing IP routing policy configuration, 415, 418, IP routing IS-IS network security, IP routing policy continue clause configuration, establishing IP routing policy creation, IPv4 BGP multiple hop EBGP session IP routing policy extended community list, establishment, IP routing policy extended community list IPv4 BGP session establishment disable, configuration, IPv6 BGP multiple hop EBGP session...
Page 455
IP routing OSPF GR restarter configuration, BGP route, IP routing OSPF NSR configuration, 93, 1 17 OSPFv3 LSA generation interval, IPv6 IS-IS BFD configuration, 398, GR helper IPv6 PBR configuration, 407, 408, 410, 41 1 IP routing IS-IS GR configuration, IPv6 PBR interface configuration, IP routing OSPF configuration, IPv6 PBR interface configuration (packet...
Page 456
IP routing IS-IS PDU type, BGP first AS number of EBGP route updates, IP routing OSPF hello packet, IPv4 BGP ORIGINATOR_ID attribute, IP routing OSPF hello packet timer, IPv6 BGP ORIGINATOR_ID attribute, OSPFv3 packet type, OSPFv3 DD packet MTU check, HO-DSP (IS-IS area address), holdtime BGP ORIGIN path attribute, 182,...
Page 457
IP routing OSPF exit overflow interval, BGP peer configuration, IP routing OSPF LSA arrival interval, BGP peer group, IP routing OSPF LSA generation interval, BGP peer group configuration, IP routing OSPF LSU transmit rate, BGP route dampening, IP routing OSPF SPF calculation interval, BGP route distribution, IPv4 BGP keepalive interval, BGP route filtering policies,...
Page 458
IS-IS FRR automatic backup next hop IS-IS system ID-host name mapping (static), calculation, load sharing, IS-IS FRR configuration, 153, maintaining policy, IS-IS FRR configuration using routing policy, maintaining routing table, IS-IS global cost configuration, OSPF area authentication configuration, IS-IS GR configuration, 151, OSPF area configuration, IS-IS hello multiplier, OSPF authentication configuration,...
Page 459
OSPF P2MP network type configuration for OSPFv3 NBMA neighbor configuration, interface, OSPFv3 neighbor state change logging, OSPF P2P network type configuration for OSPFv3 network optimization, interface, OSPFv3 network tuning, OSPF packet DSCP value, OSPFv3 network type configuration, OSPF PIC configuration, OSPFv3 network type configuration (for OSPF preference, interface),...
Page 465
IP routing policy prefix list, IP routing OSPF network LSA, load balancing, 186, See also ECMP IP routing OSPF network summary LSA, BGP, IP routing OSPF NSSA LSA, IP routing ECMP route max number IP routing OSPF opaque LSA, configuration, IP routing OSPF router LSA, IP routing enhanced ECMP mode enable, IP routing OSPF Type-3 LSA filtering,...
Page 466
IP routing OSPF, IPv6 BGP MED AS route comparison (diff ASs), IP routing policy, IPv6 BGP MED AS route comparison (per-AS), IP routing RIP, IPv6 BGP MED default value, IP routing table, memory IPv4 BGP, IPv4 EBGP peer protection (low memory exemption), IPv6 BGP, IPv6 EBGP peer protection (low memory...
Page 468
BGP route reception, IP routing IS-IS LSP flash flooding, BGP route recursion, IP routing IS-IS LSP fragment extension, BGP route reflection configuration, IP routing IS-IS LSP length specification, BGP route reflector, IP routing IS-IS LSP parameters, BGP route selection, 186, IP routing IS-IS LSP timer, BGP route summarization, 188, IP routing IS-IS neighbor relationship...
Page 469
IP routing OSPF FRR configuration, IP routing OSPF route redistribution from different routing protocol, IP routing OSPF GR configuration, IP routing OSPF route summarization IP routing OSPF GR helper configuration, configuration, IP routing OSPF GR restarter configuration, IP routing OSPF route summarization on ABR, IP routing OSPF host route advertisement, IP routing OSPF route types, IP routing OSPF interface authentication...
Page 470
IP routing RIP network optimization, IPv4 BGP multiple hop EBGP session establishment, IP routing RIP network tuning, IPv4 BGP NEXT_HOP attribute, IP routing RIP operation, IPv4 BGP ORIGINATOR_ID attribute, IP routing RIP packet max length, IPv4 BGP peer MD5 authentication, IP routing RIP packet send rate configuration, IPv4 BGP private AS number removal, IP routing RIP poison reverse configuration,...
Page 476
IP routing load sharing, IPv6 PBR interface configuration, IP routing OSPF area authentication IPv6 PBR interface configuration (packet configuration, type-based), IP routing OSPF basic configuration, IPv6 PBR local configuration, IP routing OSPF BFD configuration, IPv6 PBR local configuration (packet type-based), 41 1 IP routing OSPF configuration, 59, 66, IPv6 PBR policy,...
Page 477
BGP path selection, BGP 6PE optional capabilities configuration, IP routing OSPF configuration, IPv6 BGP 6PE configuration, IPv4 BGP COMMUNITY configuration, peer IPv4 BGP MED AS route comparison BGP, (confederation peers), BGP configuration, IPv4 BGP MED AS route comparison (diff BGP default route advertisement to peer/peer ASs), group, IPv4 BGP MED AS route comparison...
Page 478
IP routing policy apply clause preference configuration, IP routing OSPF default route redistribution, IP routing policy AS_PATH list configuration, IP routing OSPF host route advertisement, IP routing policy community list IP routing OSPF protocol preference configuration, configuration, IP routing policy configuration, 415, 418, IP routing OSPF redistributed route default IP routing policy continue clause parameters,...
Page 479
applying IP routing policy to IPv6 route configuring IP routing IS-IS GR, 151, redistribution, configuring IP routing IS-IS interface cost, applying OSPFv3 IPsec profile, configuring IP routing IS-IS interface DIS applying RIPng IPsec profile, priority, assigning IPv6 IS-IS route convergence configuring IP routing IS-IS interface P2P network priority, type,...
Page 480
configuring IP routing OSPF broadcast network configuring IP routing OSPF prefix suppression, type for interface, configuring IP routing OSPF prefix suppression configuring IP routing OSPF DD packet interface (global), MTU, configuring IP routing OSPF prefix suppression (on configuring IP routing OSPF default route interface), redistribution, configuring IP routing OSPF received route...
Page 484
enabling IPv4 BGP load balancing, maintaining IP routing table, enabling IPv4 BGP MED AS route comparison maintaining IPv4 BGP, (confederation peers), maintaining IPv6 BGP, enabling IPv4 BGP MED AS route comparison maintaining IPv6 PBR, 41 1 (diff ASs), maintaining PBR, enabling IPv4 BGP MED AS route comparison maintaining RIPng, (per-AS),...
Page 485
specifying IPv4 BGP received route preferred BGP route generation, value, BGP route summarization, specifying IPv6 BGP received route preferred IP routing extension attribute redistribution, value, IP routing IS-IS route redistribution, 139, specifying OSPFv3 LSA generation interval, IP routing OSPF route redistribution, specifying OSPFv3 LSA transmission delay, IP routing RIP received/redistributed route specifying OSPFv3 SPF calculation interval,...
Page 486
GR helper configuration, network optimization, GR restarter configuration, network tuning, host route reception disable, packet, interface additional metric configuration, packet zero field check, interface advertisement control, poison reverse configuration, interface reception control, preference configuration, IPv6. See RIPng protocols and standards, maintaining, received/redistributed route filtering, max number ECMP routes,...
Page 487
BGP route summarization, IP routing RIP host route reception disable, BGP route-refresh message, IP routing RIP max number ECMP routes, IP routing ECMP route max number IP routing RIP poison reverse configuration, configuration, IP routing RIP preference configuration, IP routing FIB route max lifetime, IP routing RIP received/redistributed route IP routing FIB table optimal routes, filtering,...