Page of 424
Download Table of ContentsContents Print This PagePrint Bookmark
   
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 272 273 274 275 276 277 278 279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 336 337 338 339 340 341 342 343 344 345 346 347 348 349 350 351 352 353 354 355 356 357 358 359 360 361 362 363 364 365 366 367 368 369 370 371 372 373 374 375 376 377 378 379 380 381 382 383 384 385 386 387 388 389 390 391 392 393 394 395 396 397 398 399 400 401 402 403 404 405 406 407 408 409 410 411 412 413 414 415 416 417 418 419 420 421 422 423 424
HP MSR2000/3000/4000 Router Series
Layer 3 - IP Routing
Configuration Guide (V7)
Part number: 5998-3992
Software version: CMW710-R0007P02
Document version: 6PW100-20130927

Advertising

   Summary of Contents for HP 5500 EI series

  • Page 1

    HP MSR2000/3000/4000 Router Series Layer 3 - IP Routing Configuration Guide (V7) Part number: 5998-3992 Software version: CMW710-R0007P02 Document version: 6PW100-20130927...

  • Page 2

    The only warranties for HP products and services are set forth in the express warranty statements accompanying such products and services. Nothing herein should be construed as constituting an additional warranty.

  • Page 3: Table Of Contents

    Contents IP routing basics ··························································································································································· 1   Routing table ······································································································································································ 1   Dynamic routing protocols ··············································································································································· 2   Route preference ······························································································································································· 2   Load sharing ······································································································································································ 3   Route backup ····································································································································································· 3   Route recursion ·································································································································································· 3   Route redistribution ··························································································································································· 4  ...

  • Page 4: Table Of Contents

    Tuning and optimizing RIP networks ···························································································································· 29   Configuration prerequisites ·································································································································· 29   Configuring RIP timers ··········································································································································· 29   Configuring split horizon and poison reverse ···································································································· 30   Configuring the maximum number of ECMP routes ·························································································· 31   Enabling zero field check on incoming RIPv1 messages ·················································································· 31  ...

  • Page 5: Table Of Contents

    Configuring the P2P network type for an interface ··························································································· 72   Configuring OSPF route control ··································································································································· 72   Configuration prerequisites ·································································································································· 72   Configuring OSPF route summarization ············································································································· 73   Configuring received OSPF route filtering ·········································································································· 74   Configuring Type-3 LSA filtering ·························································································································· 74  ...

  • Page 6: Table Of Contents

    OSPF DR election configuration example ········································································································· 107   OSPF virtual link configuration example ··········································································································· 111   OSPF GR configuration example ······················································································································· 113   BFD for OSPF configuration example ··············································································································· 115   OSPF FRR configuration example ······················································································································ 118   Troubleshooting OSPF configuration ························································································································· 120  ...

  • Page 7: Table Of Contents

    Configuring routing domain authentication ······································································································ 148   Configuring IS-IS GR ···················································································································································· 148   Configuring BFD for IS-IS············································································································································· 149   Configuring IS-IS FRR ··················································································································································· 149   Configuration prerequisites ································································································································ 150   Configuration guidelines ···································································································································· 150   Configuring IS-IS FRR to automatically calculate a backup next hop ···························································· 150  ...

  • Page 8: Table Of Contents

    Configuring the interval for sending updates for the same route ··································································· 225   Enabling BGP to establish an EBGP session over multiple hops ···································································· 225   Enabling immediate reestablishment of direct EBGP connections upon link failure····································· 226   Enabling 4-byte AS number suppression ·········································································································· 227  ...

  • Page 9: Table Of Contents

    Configuring interface PBR ·································································································································· 302   Displaying and maintaining PBR ································································································································ 303   PBR configuration examples ········································································································································ 303   Packet type-based local PBR configuration example ······················································································· 303   Packet type-based interface PBR configuration example ················································································ 305   Packet length-based interface PBR configuration example ············································································· 306  ...

  • Page 10: Table Of Contents

    Configuring a stub area ····································································································································· 341   Configuring an OSPFv3 virtual link ··················································································································· 341   Configuring OSPFv3 network types ··························································································································· 342   Configuration prerequisites ································································································································ 342   Configuring the OSPFv3 network type for an interface ·················································································· 342   Configuring an NBMA or P2MP neighbor ······································································································· 343  ...

  • Page 11: Table Of Contents

    Applying a routing policy to IPv4 route redistribution ····················································································· 404   Applying a routing policy to IPv6 route redistribution ····················································································· 407   Support and other resources ·································································································································· 409   Contacting HP ······························································································································································ 409   Subscription service ············································································································································ 409   Related information ······················································································································································ 409  ...

  • Page 12: Routing Table

    IP routing basics IP routing directs IP packet forwarding on routers based on a routing table. This chapter focuses on unicast routing protocols. For more information about multicast routing protocols, see IP Multicast Configuration Guide. Routing table A RIB contains the global routing information and related information, including route recursion, route redistribution, and route extension information.

  • Page 13: Dynamic Routing Protocols

    Pre—Preference of the route. Among routes to the same destination, the route with the highest • preference is optimal. Cost—If multiple routes to a destination have the same preference, the one with the smallest cost is • the optimal route. NextHop—Next hop.

  • Page 14: Load Sharing, Route Recursion

    Route type Preference Multicast static route OSPF IS-IS Unicast static route OSPF ASE OSPF NSSA IBGP EBGP Unknown (route from an untrusted source) Load sharing A routing protocol might find multiple optimal equal-cost routes to the same destination. You can use these routes to implement equal-cost multi-path (ECMP) load sharing.

  • Page 15: Route Redistribution

    Route redistribution Route redistribution enables routing protocols to learn route information from each other. A dynamic routing protocol can redistribute routes from other routing protocols, including direct and static routing. For more information, see the respective chapters on those routing protocols in this configuration guide. The RIB records redistribution relationships of routing protocols.

  • Page 16: Displaying And Maintaining A Routing Table

    Configuring the maximum lifetime for routes in the When GR or NSR is disabled, FIB entries must be retained for some time after a protocol process switchover or RIB process switchover. When GR or NSR is enabled, FIB entries must be removed immediately after a protocol or RIB process switchover to avoid routing issues.

  • Page 17

    Task Command Display information about routes to a display ip routing-table [ vpn-instance vpn-instance-name ] range of destination addresses. ip-address1 to ip-address2 [ verbose ] Display information about routes display ip routing-table [ vpn-instance vpn-instance-name ] prefix-list permitted by an IP prefix list. prefix-list-name [ verbose ] Display information about routes display ip routing-table [ vpn-instance vpn-instance-name ] protocol...

  • Page 18: Configuring Static Routing, Configuring A Static Route

    Configuring static routing Static routes are manually configured. If a network's topology is simple, you only need to configure static routes for the network to work correctly. Static routes cannot adapt to network topology changes. If a fault or a topological change occurs in the network, the network administrator must modify the static routes manually.

  • Page 19: Configuring Bfd For Static Routes

    Step Command Remarks (Optional.) Delete all To delete one static route, static routes, delete [ vpn-instance vpn-instance-name ] use the undo ip route-static including the default static-routes all command. route. Configuring BFD for static routes IMPORTANT: Enabling BFD for a flapping route could worsen the situation. BFD provides a general-purpose, standard, medium-, and protocol-independent fast failure detection mechanism.

  • Page 20: Single-hop Echo Mode

    Step Command Remarks • Method 1: ip route-static dest-address { mask | mask-length } { next-hop-address bfd control-packet bfd-source ip-address | vpn-instance d-vpn-instance-name next-hop-address bfd control-packet bfd-source ip-address } [ preference preference-value ] [ tag Use either method. tag-value ] [ description description-text ] Configure BFD By default, BFD control control mode for a...

  • Page 21: Configuring Static Route Frr

    Configuring static route FRR A link or router failure on a path can cause packet loss and even routing loop. Static route fast reroute (FRR) enables fast rerouting to minimize the impact of link or node failures. Figure 1 Network diagram As shown in Figure 1, upon a link failure, FRR specifies a backup next hop by using a routing policy for...

  • Page 22: Displaying And Maintaining Static Routes, Static Route Configuration Examples, Basic Static Route Configuration Example

    Step Command Remarks • Method 1: ip route-static dest-address { mask | mask-length } interface-type interface-number [ next-hop-address [ backup-interface interface-type interface-number [ backup-nexthop backup-nexthop-address ] ] ] [ permanent ] Use either method. Configure static route • Method 2: By default, static route FRR is FRR.

  • Page 23

    Figure 2 Network diagram Configuration procedure Configure IP addresses for interfaces. (Details not shown.) Configure static routes: # Configure a default route on Router A. <RouterA> system-view [RouterA] ip route-static 0.0.0.0 0.0.0.0 1.1.4.2 # Configure two static routes on Router B. <RouterB>...

  • Page 24: Bfd For Static Routes Configuration Example (direct Next Hop)

    Summary Count : 2 Static Routing table Status : <Active> Summary Count : 2 Destination/Mask Proto Cost NextHop Interface 1.1.2.0/24 Static 60 1.1.4.1 Eth1/1 1.1.3.0/24 Static 60 1.1.5.6 Eth1/2 Static Routing table Status : <Inactive> Summary Count : 0 # Use the ping command on Host B to test the reachability of Host A (Windows XP runs on the two hosts). C:\Documents and Settings\Administrator>ping 1.1.2.2 Pinging 1.1.2.2 with 32 bytes of data: Reply from 1.1.2.2: bytes=32 time=1ms TTL=126...

  • Page 25

    Figure 3 Network diagram 121.1.1.0/24 120.1.1.0/24 Router A L2 Switch Router B Eth1/1 Eth1/1 Eth1/2 Eth1/2 Eth1/1 Eth1/2 Router C Device Interface IP address Device Interface IP address Router A Eth1/1 12.1.1.1/24 Router B Eth1/1 12.1.1.2/24 Eth1/2 10.1.1.102/24 Eth1/2 13.1.1.1/24 Router C Eth1/1 10.1.1.100/24...

  • Page 26

    Verifying the configuration # Display BFD sessions on Router A. <RouterA> display bfd session Total Session Num: 1 Up Session Num: 1 Init Mode: Active IPv4 Session Working Under Ctrl Mode: LD/RD SourceAddr DestAddr State Holdtime Interface 12.1.1.1 12.1.1.2 2000ms Eth1/1 The output shows that the BFD session has been created.

  • Page 27: Bfd For Static Routes Configuration Example (indirect Next Hop)

    BFD for static routes configuration example (indirect next hop) Network requirements Figure 4, Router A has a route to interface Loopback 1 (2.2.2.9/32) on Router B, with the output interface Ethernet 1/1. Router B has a route to interface Loopback 1 (1.1.1.9/32) on Router A, with the output interface Ethernet 1/1.

  • Page 28

    [RouterB] bfd multi-hop min-transmit-interval 500 [RouterB] bfd multi-hop min-receive-interval 500 [RouterB] bfd multi-hop detect-multiplier 9 [RouterB] ip route-static 121.1.1.0 24 1.1.1.9 bfd control-packet bfd-source 2.2.2.9 [RouterB] ip route-static 121.1.1.0 24 ethernet 1/2 13.1.1.2 preference 65 [RouterB] quit # Configure static routes on Router C. <RouterC>...

  • Page 29: Static Route Frr Configuration Example

    Summary Count : 1 Destination/Mask Proto Cost NextHop Interface 120.1.1.0/24 Static 65 10.1.1.100 Eth1/2 Static Routing table Status : <Inactive> Summary Count : 0 The output shows that Router A communicates with Router B through Ethernet 1/2. Static route FRR configuration example Network requirements As shown in Figure...

  • Page 30

    [RouterS] display ip routing-table 4.4.4.4 verbose Summary Count : 1 Destination: 4.4.4.4/32 Protocol: Static Process ID: 0 SubProtID: 0x0 Age: 04h20m37s Cost: 0 Preference: 60 Tag: 0 State: Active Adv OrigTblID: 0x0 OrigVrf: default-vrf TableID: 0x2 OrigAs: 0 NBRID: 0x26000002 LastAs: 0 AttrID: 0xffffffff Neighbor: 0.0.0.0...

  • Page 31: Configuring A Default Route

    Configuring a default route A default route is used to forward packets that do not match any specific routing entry in the routing table. Without a default route, packets that do not match any routing entries are discarded and an ICMP destination-unreachable packet is sent to the source.

  • Page 32: Configuring Rip

    Configuring RIP Routing Information Protocol (RIP) is a distance-vector IGP suited to small-sized networks. It employs UDP to exchange route information through port 520. Overview RIP uses a hop count to measure the distance to a destination. The hop count from a router to a directly connected network is 0.

  • Page 33: Rip Versions

    RIP uses the received responses to update the local routing table and sends triggered update messages to its neighbors. All RIP routers on the network do this to learn latest routing information. RIP periodically sends the local routing table to its neighbors. After a RIP neighbor receives the message, it updates its routing table, selects optimal routes, and sends an update to other neighbors.

  • Page 34: Enabling Rip

    Tasks at a glance (Optional.) Configuring RIP route control: • Configuring an additional routing metric • Configuring RIPv2 route summarization • Disabling host route reception • Advertising a default route • Configuring received/redistributed route filtering • Configuring a preference for RIP •...

  • Page 35: Controlling Rip Reception And Advertisement On Interfaces

    Step Command Remarks Enter system view. system-view rip [ process-id ] [ vpn-instance Enable RIP and enter RIP view. By default, RIP is disabled. vpn-instance-name ] By default, RIP is disabled on a network. network network-address The network 0.0.0.0 command Enable RIP on a network.

  • Page 36: Configuring Rip Route Control

    Configuring a RIP version You can configure a global RIP version in RIP view or an interface-specific RIP version in interface view. An interface preferentially uses the interface-specific RIP version. If no interface-specific version is specified, the interface uses the global RIP version. If neither global nor interface-specific RIP version is configured, the interface sends RIPv1 broadcasts, and can receive RIPv1 broadcasts and unicasts, and RIPv2 broadcasts, multicasts, and unicasts.

  • Page 37: Configuring Ripv2 Route Summarization

    To configure additional routing metrics: Step Command Remarks Enter system view. system-view interface interface-type Enter interface view. interface-number Specify an inbound rip metricin [ route-policy The default setting is 0. additional routing metric. route-policy-name ] value Specify an outbound rip metricout [ route-policy The default setting is 1.

  • Page 38: Disabling Host Route Reception

    Step Command Remarks Disable RIPv2 automatic route By default, RIPv2 automatic route undo summary summarization. summarization is enabled. Return to system view. Quit interface interface-type Enter interface view. interface-number rip summary-address ip-address By default, no summary route is Configure a summary route. { mask | mask-length } configured.

  • Page 39: Configuring Received/redistributed Route Filtering

    Step Command Remarks By default, a RIP interface can rip default-route { { only | Configure the RIP interface to advertise a default route if the RIP originate } [ cost cost ] | advertise a default route. process is enabled to advertise a no-originate } default route.

  • Page 40: Configuring Rip Route Redistribution

    Step Command Remarks Configure a preference for preference [ route-policy The default setting is 100. RIP. route-policy-name ] value Configuring RIP route redistribution Perform this task to configure RIP to redistribute routes from other routing protocols, including OSPF, IS-IS, BGP, static, and direct. To configure RIP route redistribution: Step Command...

  • Page 41: Configuring Split Horizon And Poison Reverse

    Garbage-collect timer—Specifies the interval from when the metric of a route becomes 16 to when • it is deleted from the routing table. RIP advertises the route with a metric of 16. If no update is announced for that route before the garbage-collect timer expires, the route is deleted from the routing table.

  • Page 42: Enabling Zero Field Check On Incoming Ripv1 Messages

    Step Command Remarks interface interface-type Enter interface view. interface-number By default, poison reverse is Enable poison reverse. rip poison-reverse disabled. Configuring the maximum number of ECMP routes Perform this task to implement load sharing over ECMP routes. To configure the maximum number of ECMP routes: Step Command Remarks...

  • Page 43: Configuring Ripv2 Message Authentication, Specifying A Rip Neighbor

    To enable source IP address check on incoming RIP updates: Step Command Remarks Enter system view. system-view rip [ process-id ] [ vpn-instance Enter RIP view. vpn-instance-name ] Enable source IP address check on incoming RIP validate-source-address By default, this function is enabled. messages.

  • Page 44: Configuring The Rip Packet Sending Rate

    Step Command Remarks By default, RIP does not Specify a RIP neighbor. peer ip-address unicast updates to any peer. Disable source IP By default, source IP address check on undo validate-source-address address check on inbound inbound RIP updates RIP updates is enabled. Configuring RIP network management You can use network management software to manage the RIP process to which MIB is bound.

  • Page 45: Configuring Bfd For Rip

    When authentication is enabled, follow these guidelines to ensure packet forwarding: • For simple authentication, the maximum length of RIP packets must be no less than 52 bytes. For MD5 authentication (with packet format defined in RFC 2453), the maximum length of RIP •...

  • Page 46: Configuring Single-hop Echo Detection (for A Directly Connected Rip Neighbor)

    up convergence, perform this task to enable BFD for RIP. For more information about BFD, see High Availability Configuration Guide. RIP supports the following BFD detection modes: Single-hop echo detection—Detection mode for a direct neighbor. In this mode, a BFD session is •...

  • Page 47: Configuring Bidirectional Control Detection

    Configuring bidirectional control detection Step Command Remarks Enter system view. system-view rip [ process-id ] [ vpn-instance Enter RIP view. vpn-instance-name ] By default, RIP does not unicast updates to any peer. Because the undo peer command does not remove the neighbor Specify a RIP neighbor.

  • Page 48: Displaying And Maintaining Rip, Rip Configuration Examples

    Configuration prerequisites You must specify a next hop by using the apply fast-reroute backup-interface command in a routing policy and reference the routing policy for FRR. For more information about routing policy configuration, see "Configuring routing policies." Configuration procedure To configure RIP FRR: Step Command Remarks...

  • Page 49

    Figure 7 Network diagram Configuration procedure Configure IP addresses for interfaces. (Details not shown.) Configure basic RIP by using either of the following methods: (Method 1) # Enable RIP on the specified networks on Router A. <RouterA> system-view [RouterA] rip [RouterA-rip-1] network 1.0.0.0 [RouterA-rip-1] network 2.0.0.0 [RouterA-rip-1] network 3.0.0.0...

  • Page 50

    # Configure RIPv2 on Router B. [RouterB] rip [RouterB-rip-1] version 2 [RouterB-rip-1] undo summary [RouterB-rip-1] quit # Display the RIP routing table on Router A. [RouterA] display rip 1 route Route Flags: R - RIP A - Aging, S - Suppressed, G - Garbage-collect O - Optimal, F - Flush to RIB ---------------------------------------------------------------------------- Peer 1.1.1.2...

  • Page 51

    2.1.1.0/24 1.1.1.1 RAOF 3.1.1.0/24 1.1.1.1 RAOF # Display the RIP routing table on Router B. [RouterB] display rip 1 route Route Flags: R - RIP A - Aging, S - Suppressed, G - Garbage-collect O - Optimal, F - Flush to RIB ---------------------------------------------------------------------------- Peer 1.1.1.1 on Ethernet1/1 Destination/Mask...

  • Page 52

    [RouterB-rip-100] quit [RouterB] rip 200 [RouterB-rip-200] network 12.0.0.0 [RouterB-rip-200] version 2 [RouterB-rip-200] undo summary [RouterB-rip-200] quit # Enable RIP 200, and configure RIPv2 on Router C. <RouterC> system-view [RouterC] rip 200 [RouterC-rip-200] network 12.0.0.0 [RouterC-rip-200] network 16.0.0.0 [RouterC-rip-200] version 2 [RouterC-rip-200] undo summary [RouterC-rip-200] quit # Display the IP routing table on Router C.

  • Page 53: Configuring An Additional Metric For A Rip Interface

    11.1.1.0/24 12.3.1.1 Eth1/1 12.3.1.0/24 Direct 0 12.3.1.2 Eth1/1 12.3.1.0/32 Direct 0 12.3.1.2 Eth1/1 12.3.1.2/32 Direct 0 127.0.0.1 InLoop0 12.3.1.255/32 Direct 0 12.3.1.2 Eth1/1 16.4.1.0/24 Direct 0 16.4.1.1 Eth1/2 16.4.1.0/32 Direct 0 16.4.1.1 Eth1/2 16.4.1.1/32 Direct 0 127.0.0.1 InLoop0 16.4.1.255/32 Direct 0 16.4.1.1 Eth1/2 127.0.0.0/8...

  • Page 54

    [RouterB] rip [RouterB-rip-1] network 1.0.0.0 [RouterB-rip-1] version 2 [RouterB-rip-1] undo summary # Configure Router C. <RouterC> system-view [RouterB] rip [RouterC-rip-1] network 1.0.0.0 [RouterC-rip-1] version 2 [RouterC-rip-1] undo summary # Configure Router D. <RouterD> system-view [RouterD] rip [RouterD-rip-1] network 1.0.0.0 [RouterD-rip-1] version 2 [RouterD-rip-1] undo summary # Configure Router E.

  • Page 55: Configuring Rip To Advertise A Summary Route

    Configuring RIP to advertise a summary route Network requirements As shown in Figure 10, Router A and Router B run OSPF, Router D runs RIP, and Router C runs OSPF and RIP. Configure RIP to redistribute OSPF routes on Router C so Router D can learn routes destined for networks 10.1.1.0/24, 10.2.1.0/24, 10.5.1.0/24, and 10.6.1.0/24.

  • Page 56

    [RouterC-ospf-1] quit Configure basic RIP: # Configure Router C. [RouterC] rip 1 [RouterC-rip-1] network 11.3.1.0 [RouterC-rip-1] version 2 [RouterC-rip-1] undo summary # Configure Router D. <RouterD> system-view [RouterD] rip 1 [RouterD-rip-1] network 11.0.0.0 [RouterD-rip-1] version 2 [RouterD-rip-1] undo summary [RouterD-rip-1] quit # Configure RIP to redistribute routes from OSPF process 1 and direct routes on Router C.

  • Page 57: Configuring Bfd For Rip (single-hop Echo Detection For A Directly Connected Neighbor)

    Destination/Mask Proto Cost NextHop Interface 0.0.0.0/32 Direct 0 127.0.0.1 InLoop0 10.0.0.0/8 11.3.1.1 Eth1/1 11.3.1.0/24 Direct 0 11.3.1.2 Eth1/1 11.3.1.0/32 Direct 0 11.3.1.2 Eth1/1 11.3.1.2/32 Direct 0 127.0.0.1 InLoop0 11.4.1.0/24 Direct 0 11.4.1.2 Eth1/2 11.4.1.0/32 Direct 0 11.4.1.2 Eth1/2 11.4.1.2/32 Direct 0 127.0.0.1 InLoop0 127.0.0.0/8...

  • Page 58

    [RouterA-rip-1] version 2 [RouterA-rip-1] undo summary [RouterA-rip-1] network 192.168.1.0 [RouterA-rip-1] quit [RouterA] interface ethernet 1/1 [RouterA-Ethernet1/1] rip bfd enable [RouterA-Ethernet1/1] quit [RouterA] rip 2 [RouterA-rip-2] network 192.168.2.0 [RouterA-rip-2] quit # Configure Router B. <RouterB> system-view [RouterB] rip 1 [RouterB-rip-1] version 2 [RouterB-rip-1] undo summary [RouterB-rip-1] network 192.168.2.0 [RouterB-rip-1] network 192.168.3.0...

  • Page 59

    # Display RIP routes destined for 120.1.1.0/24 on Router A. <RouterA> display ip routing-table 120.1.1.0 24 verbose Summary Count : 1 Destination: 120.1.1.0/24 Protocol: RIP Process ID: 1 SubProtID: 0x1 Age: 04h20m37s Cost: 1 Preference: 100 Tag: 0 State: Active Adv OrigTblID: 0x0 OrigVrf: default-vrf TableID: 0x2...

  • Page 60: Configure Bfd For Rip (single-hop Echo Detection For A Specific Destination)

    Configure BFD for RIP (single-hop echo detection for a specific destination) Network requirements As shown in Figure 12, Ethernet 1/2 of Router A and Ethernet 1/1 of Router B run RIP process 1. Ethernet 1/2 of Router B and Router C runs RIP process 1. Configure a static route destined for 100.1.1.0/24 and enable static route redistribution into RIP on both Router A and Router C so Router B can learn two routes destined for 100.1.1.0/24 through Ethernet 1/1 and Ethernet 1/2.

  • Page 61

    [RouterB-rip-1] network 192.168.2.0 [RouterB-rip-1] network 192.168.3.0 [RouterB-rip-1] quit # Configure Router C. <RouterC> system-view [RouterC] rip 1 [RouterC-rip-1] network 192.168.3.0 [RouterC-rip-1] import-route static cost 3 [RouterC-rip-1] quit Configure BFD parameters on Ethernet 1/2 of Router A. [RouterA] bfd echo-source-ip 11.11.11.11 [RouterA] interface ethernet 1/2 [RouterA-Ethernet1/2] bfd min-echo-receive-interval 500 [RouterA-Ethernet1/2] quit...

  • Page 62: Configuring Bfd For Rip (bidirectional Control Detection)

    Tunnel ID: Invalid Interface: Ethernet1/1 BkTunnel ID: Invalid BkInterface: N/A # Display routes destined for 100.1.1.0/24 on Router B when the link between Router A and Router B fails. <RouterB> display ip routing-table 100.1.1.0 24 verbose Summary Count : 1 Destination: 100.1.1.0/24 Protocol: RIP Process ID: 1...

  • Page 63

    Figure 13 Network diagram Router D Eth1/1 Eth1/2 101.1.1.0/24 100.1.1.0/24 Eth1/2 Router B Eth1/1 Eth1/2 Eth1/1 Eth1/2 Eth1/1 Router A Router C Device Interface IP address Device Interface IP address Router A Eth1/1 192.168.3.1/24 Router B Eth1/1 192.168.2.1/24 Eth1/2 192.168.1.1/24 Eth1/2 192.168.1.2/24 Router C...

  • Page 64

    [RouterC-rip-1] version 2 [RouterC-rip-1] undo summary [RouterC-rip-1] network 192.168.2.0 [RouterC-rip-1] network 192.168.4.0 [RouterC-rip-1] network 100.1.1.0 [RouterC-rip-1] peer 192.168.1.1 [RouterC-rip-1] undo validate-source-address [RouterC-rip-1] import-route static [RouterC-rip-1] quit [RouterC] interface ethernet 1/1 [RouterC-Ethernet1/1] rip bfd enable [RouterC-Ethernet1/1] quit # Configure Router D. <RouterD>...

  • Page 65

    [RouterC] interface ethernet 1/2 [RouterC-Ethernet1/2] ip address 192.168.4.2 24 [RouterC-Ethernet1/2] quit # Configure Router D. [RouterD] interface ethernet 1/2 [RouterD-Ethernet1/2] ip address 192.168.4.1 24 [RouterD-Ethernet1/2] quit [RouterD] interface ethernet 1/1 [RouterD-Ethernet1/1] ip address 192.168.3.2 24 [RouterD-Ethernet1/1] quit Configure static routes: # Configure a static route to Router C on Router A.

  • Page 66: Configuring Rip Frr

    # Display RIP routes destined for 100.1.1.0/24 on Router A when the link between Router B and Router C fails. <RouterA> display ip routing-table 100.1.1.0 verbose Summary Count : 1 Destination: 100.1.1.0/24 Protocol: RIP Process ID: 2 SubProtID: 0x1 Age: 00h10m35s Cost: 2 Preference: 100 Tag: 0...

  • Page 67

    [RouterS-route-policy-frr-10] if-match ip address prefix-list abc [RouterS-route-policy-frr-10] apply fast-reroute backup-interface ethernet 1/1 backup-nexthop 12.12.12.2 [RouterS-route-policy-frr-10] quit [RouterS] rip 1 [RouterS-rip-1] fast-reroute route-policy frr [RouterS-rip-1] quit # Configure Router D. <RouterD> system-view [RouterD] bfd echo-source-ip 4.4.4.4 [RouterD] ip prefix-list abc index 10 permit 1.1.1.1 32 [RouterD] route-policy frr permit node 10 [RouterD-route-policy-frr-10] if-match ip address prefix-list abc [RouterD-route-policy-frr-10] apply fast-reroute backup-interface ethernet 1/1...

  • Page 68

    OrigTblID: 0x0 OrigVrf: default-vrf TableID: 0x2 OrigAs: 0 NBRID: 0x26000002 LastAs: 0 AttrID: 0xffffffff Neighbor: 13.13.13.1 Flags: 0x1008c OrigNextHop: 13.13.13.1 Label: NULL RealNextHop: 13.13.13.1 BkLabel: NULL BkNextHop: 24.24.24.2 Tunnel ID: Invalid Interface: Ethernet1/2 BkTunnel ID: Invalid BkInterface: Ethernet1/1...

  • Page 69: Configuring Ospf, Ospf Packets

    Configuring OSPF Open Shortest Path First (OSPF) is a link-state IGP developed by the OSPF working group of the IETF. OSPF version 2 is used for IPv4. OSPF refers to OSPFv2 throughout this chapter. Overview OSPF has the following features: Wide scope—Supports various network sizes and up to several hundred routers in an OSPF routing •...

  • Page 70: Lsa Types, Ospf Areas

    LSA types OSPF advertises routing information in Link State Advertisements (LSAs). The following LSAs are commonly used: • Router LSA—Type- 1 LSA, originated by all routers and flooded throughout a single area only. This LSA describes the collected states of the router's interfaces to an area. Network LSA—Type-2 LSA, originated for broadcast and NBMA networks by the designated router, •...

  • Page 71

    Figure 15 Area-based OSPF network partition Area 4 Area 1 Area 0 Area 2 Area 3 Backbone area and virtual links Each AS has a backbone area that distributes routing information between non-backbone areas. Routing information between non-backbone areas must be forwarded by the backbone area. OSPF has the following requirements: •...

  • Page 72: Router Types

    Figure 17 Virtual link application 2 Area 1 Virtual link Area 0 The virtual link between the two ABRs acts as a point-to-point connection. You can configure interface parameters, such as hello interval, on the virtual link as they are configured on a physical interface. The two ABRs on the virtual link unicast OSPF packets to each other, and the OSPF routers in between convey these OSPF packets as normal IP packets.

  • Page 73: Route Types

    Internal router—All interfaces on an internal router belong to one OSPF area. • • ABR—Belongs to more than two areas, one of which must be the backbone area. ABR connects the backbone area to a non-backbone area. An ABR and the backbone area can be connected through a physical or logical link.

  • Page 74: Ospf Network Types, Dr And Bdr

    destination of the Type-2 external route. If two Type-2 routes to the same destination have the same cost, OSPF takes the cost from the router to the ASBR into consideration to determine the best route. Route calculation OSPF computes routes in an area as follows: Each router generates LSAs based on the network topology around itself, and sends them to other •...

  • Page 75: Protocols And Standards

    BDR—Elected along with the DR to establish adjacencies with all other routers. If the DR fails, the • BDR immediately becomes the new DR, and other routers elect a new BDR. Routers other than the DR and BDR are called "DROthers." They do not establish adjacencies with one another, so the number of adjacencies is reduced.

  • Page 76: Ospf Configuration Task List

    RFC 3137, OSPF Stub Router Advertisement • • RFC 481 1, OSPF Out-of-Band LSDB Resynchronization RFC 4812, OSPF Restart Signaling • RFC 4813, OSPF Link-Local Signaling • OSPF configuration task list To run OSPF, you must first enable OSPF on the router. Make a proper configuration plan to avoid incorrect settings that can result in route blocking and routing loops.

  • Page 77: Enabling Ospf

    Tasks at a glance (Optional.) Tuning and optimizing OSPF networks: • Configuring OSPF timers • Specifying LSA transmission delay • Specifying SPF calculation interval • Specifying the LSA arrival interval • Specifying the LSA generation interval • Disabling interfaces from receiving and sending OSPF packets •...

  • Page 78: Enabling Ospf On An Interface

    • different router IDs. A common practice is to specify the IP address of an interface as the router ID. If you specify no router ID when you create the OSPF process, the global router ID is used. HP •...

  • Page 79: Configuring Ospf Areas

    Step Command Remarks interface interface-type Enter interface view. interface-number By default, OSPF is disabled on an interface. If the specified OSPF process and area do Enable an OSPF process on ospf process-id area area-id not exist, the command creates the OSPF the interface.

  • Page 80: Configuring An Nssa Area

    Configuring an NSSA area A stub area cannot import external routes, but an NSSA area can import external routes into the OSPF routing domain while retaining other stub area characteristics. Do not configure the backbone area as an NSSA area or totally NSSA area. To configure an NSSA area, configure the nssa command on all the routers attached to the area.

  • Page 81: Configuring Ospf Network Types

    Step Command Remarks vlink-peer router-id [ dead seconds By default, no virtual link is | hello seconds | { { hmac-md5 | configured. md5 } key-id { cipher cipher-string Configure this command on both Configure a virtual link. | plain plain-string } | simple ends of a virtual link, and the hello { cipher cipher-string | plain and dead intervals must be identical...

  • Page 82: Configuring The Nbma Network Type For An Interface

    Step Command Remarks Configure the OSPF network By default, the network type of an type for the interface as ospf network-type broadcast interface depends on the link layer broadcast. protocol. (Optional.) Configure a router ospf dr-priority priority The default router priority is 1. priority for the interface.

  • Page 83: Configuring Ospf Route Control

    Configuring the P2MP network type for an interface Step Command Remarks Enter system view. system-view interface interface-type Enter interface view. interface-number By default, the network type of an interface depends on the link layer protocol. After you configure the OSPF Configure the OSPF network network type for an interface as type for the interface as...

  • Page 84: Configuring Ospf Route Summarization

    Enable OSPF. • • Configure filters if routing information filtering is needed. Configuring OSPF route summarization Configure route summarization on an ABR or ASBR to summarize contiguous networks into a single network and distribute it to other areas. Route summarization reduces the routing information exchanged between areas and the size of routing tables, and improves routing performance.

  • Page 85: Configuring An Ospf Cost For An Interface

    Configuring received OSPF route filtering Perform this task to filter routes calculated using received LSAs. The following filtering methods are available: Use an ACL or IP prefix list to filter routing information by destination address. • • Use the gateway keyword to filter routing information by next hop. Use an ACL or IP prefix list to filter routing information by destination address and at the same time •...

  • Page 86

    value is configured for an interface, OSPF computes the interface cost based on the interface bandwidth and default bandwidth reference value. To configure an OSPF cost for an interface: Step Command Remarks Enter system view. system-view interface interface-type Enter interface view. interface-number By default, the OSPF cost is calculated Configure an OSPF cost...

  • Page 87: Configuring Ospf Route Redistribution

    Step Command Remarks ospf [ process-id | router-id router-id Enter OSPF view. | vpn-instance vpn-instance-name ] * By default, the preference of OSPF Configure a preference [ ase ] [ route-policy internal routes is 10 and the preference preference for OSPF. route-policy-name ] value of OSPF external routes is 150.

  • Page 88: Advertising A Host Route

    Step Command Remarks ospf [ process-id | router-id router-id | Enter OSPF view. vpn-instance vpn-instance-name ] * By default, no default route is redistributed. default-route-advertise [ [ [ always | Redistribute a default permit-calculate-other ] | cost cost | This command is applicable route.

  • Page 89: Configuring Ospf Timers

    Change OSPF packet timers to adjust the convergence speed and network load. On low-speed • links, consider the delay time for sending LSAs. Change the SPF calculation interval to reduce resource consumption caused by frequent network • changes. Configure OSPF authentication to improve security. •...

  • Page 90: Specifying Lsa Transmission Delay

    Step Command Remarks By default: • The dead interval on P2P and broadcast interfaces is 40 seconds. • The dead interval on P2MP and NBMA Specify the dead interfaces is 120 seconds. ospf timer dead seconds interval. The dead interval must be at least four times the hello interval on an interface.

  • Page 91: Specifying The Lsa Arrival Interval

    Step Command Remarks By default: • The maximum interval is 5 seconds. spf-schedule-interval Specify the SPF • The minimum interval is 50 maximum-interval [ minimum-interval calculation interval. milliseconds. [ incremental-interval ] ] • The incremental interval is 200 milliseconds. Specifying the LSA arrival interval If OSPF receives an LSA that has the same LSA type, LS ID, and router ID as the previously received LSA within the LSA arrival interval, OSPF discards the LSA to save bandwidth and route resources.

  • Page 92: Configuring Stub Routers

    Step Command Remarks By default: • The maximum interval is 5 seconds. lsa-generation-interval Configure the LSA maximum-interval [ minimum-interval • The minimum interval is 0 generation interval. [ incremental-interval ] ] milliseconds. • The incremental interval is 0 milliseconds. Disabling interfaces from receiving and sending OSPF packets To enhance OSPF adaptability and reduce resource consumption, you can set an OSPF interface to "silent."...

  • Page 93: Configuring Ospf Authentication

    Step Command Remarks ospf [ process-id | router-id router-id | Enter OSPF view. vpn-instance vpn-instance-name ] * stub-router [ external-lsa By default, the router is not [ max-metric-value ] | include-stub | configured as a stub router. Configure the router as a on-startup { seconds | wait-for-bgp stub router.

  • Page 94: Adding The Interface Mtu Into Dd Packets

    Step Command Remarks • Configure simple authentication: ospf authentication-mode simple { cipher Use either method. cipher-string | plain plain-string } Configure interface By default, no • Configure MD5 authentication: authentication mode. authentication is ospf authentication-mode { hmac-md5 | configured. md5 } key-id { cipher cipher-string | plain plain-string } Adding the interface MTU into DD packets By default, an OSPF interface adds a value of 0 into the interface MTU field of a DD packet rather than...

  • Page 95: Configuring The Maximum Number Of External Lsas In Lsdb

    Selects the route with the lower cost if two routes have equal preference. Selects the route with the larger originating area ID if two routes have equal cost. To avoid routing loops, HP recommends setting identical RFC 1583-compatibility on all routers in a routing domain.

  • Page 96: Logging Neighbor State Changes, Configuring Ospf Network Management

    To enable compatibility with RFC 1583: Step Command Remarks Enter system view. system-view ospf [ process-id | router-id router-id | Enter OSPF view. vpn-instance vpn-instance-name ] * Enable compatibility rfc1583 compatible By default, this feature is enabled. with RFC 1583. Logging neighbor state changes Perform this task to enable output of neighbor state change logs to the information center.

  • Page 97: Configuring The Lsu Transmit Rate

    Step Command Remarks snmp-agent trap enable ospf [ authentication-failure | bad-packet | config-error | grhelper-status-change | grrestarter-status-change | if-state-change | lsa-maxage | lsa-originate | Enable SNMP lsdb-approaching-overflow | By default, SNMP notifications for notifications for lsdb-overflow | neighbor-state-change | OSPF is enabled. OSPF.

  • Page 98: Configuring Prefix Suppression

    OSPF does not advertise the host routes of loopback interfaces. • IMPORTANT: If you want to use prefix suppression, HP recommends that you configure prefix suppression on all OSPF routers. Configuring prefix suppression for an OSPF process Enabling prefix suppression for an OSPF process does not suppress the prefixes of secondary IP addresses, loopback interfaces, and passive interfaces.

  • Page 99: Configuring Prefix Prioritization

    Step Command Remarks Enter system view. system-view Enter interface view. interface interface-type interface-number Enable prefix By default, prefix suppression suppression on the ospf prefix-suppression [ disable ] is disabled on an interface. interface. Configuring prefix prioritization This feature enables the device to install prefixes in descending priority order: critical, high, medium, and low.

  • Page 100: Configuring Ospf Gr Restarter

    Two routers are required to complete a GR process. The following are router roles in a GR process. • GR restarter—Graceful restarting router. It must have GR capability. GR helper—A neighbor of the GR restarter. It helps the GR restarter to complete the GR process. •...

  • Page 101: Configuring Ospf Gr Helper

    Configuring OSPF GR helper You can configure the IETF or non IETF OSPF GR helper. Configuring the IETF OSPF GR helper Step Command Remarks Enter system view. system-view ospf [ process-id | router-id Enable OSPF and enter its router-id | vpn-instance view.

  • Page 102: Configuring Bfd For Ospf, Configuring Ospf Frr

    Configuring BFD for OSPF BFD provides a single mechanism to quickly detect and monitor the connectivity of links between OSPF neighbors, which improves the network convergence speed. For more information about BFD, see High Availability Configuration Guide. OSPF supports the following BFD detection modes: Bidirectional control detection—Requires BFD configuration to be made on both OSPF routers on •...

  • Page 103

    Figure 21 Network diagram for OSPF FRR Figure 21, configure FRR on Router B by using a routing policy to specify a backup next hop. When the primary link fails, OSPF directs packets to the backup next hop. At the same time, OSPF calculates the shortest path based on the new network topology, and forwards packets over the path after network convergence.

  • Page 104: Configuring Ospf Frr To Specify A Backup Next Hop Using A Routing Policy

    Step Command Remarks ospf [ process-id | router-id Enter OSPF view. router-id | vpn-instance vpn-instance-name ] * By default, OSPF FRR is not configured. Enable OSPF FRR to calculate a backup next hop by using fast-reroute lfa [ abr-only ] If abr-only is specified, the route to the the LFA algorithm.

  • Page 105

    Task Command display ospf [ process-id ] lsdb [ area area-id | brief | [ { asbr | ase | Display OSPF LSDB information network | nssa | opaque-area | opaque-as | opaque-link | router | (MSR4000). summary } [ link-state-id ] ] [ originate-router advertising-router-id | self-originate ] ] [ standby slot slot-number ] Display OSPF next hop display ospf [ process-id ] nexthop...

  • Page 106: Ospf Configuration Examples, Basic Ospf Configuration Example

    Task Command Clear OSPF statistics. reset ospf [ process-id ] counters Reset an OSPF process. reset ospf [ process-id ] process [ graceful-restart ] Re-enable OSPF route reset ospf [ process-id ] redistribution redistribution. OSPF configuration examples Basic OSPF configuration example Network requirements Enable OSPF on all routers, and split the AS into three areas.

  • Page 107

    [RouterB] ospf [RouterB-ospf-1] area 0 [RouterB-ospf-1-area-0.0.0.0] network 10.1.1.0 0.0.0.255 [RouterB-ospf-1-area-0.0.0.0] quit [RouterB-ospf-1] area 2 [RouterB-ospf-1-area-0.0.0.2] network 10.3.1.0 0.0.0.255 [RouterB-ospf-1-area-0.0.0.2] quit [RouterB-ospf-1] quit # Configure Router C. <RouterC> system-view [RouterC] router id 10.4.1.1 [RouterC] ospf [RouterC-ospf-1] area 1 [RouterC-ospf-1-area-0.0.0.1] network 10.2.1.0 0.0.0.255 [RouterC-ospf-1-area-0.0.0.1] network 10.4.1.0 0.0.0.255 [RouterC-ospf-1-area-0.0.0.1] quit [RouterC-ospf-1] quit...

  • Page 108

    DR: 10.2.1.1 BDR: 10.2.1.2 MTU: 0 Options is 0x02 (-|-|-|-|-|-|E|-) Dead timer due in 32 Neighbor is up for 06:03:12 Authentication Sequence: [ 0 ] Neighbor state change count: 5 # Display OSPF routing information on Router A. [RouterA] display ospf routing OSPF Process 1 with Router ID 10.2.1.1 Routing Tables Routing for Network...

  • Page 109: Ospf Route Redistribution Configuration Example

    --- Ping statistics for 10.4.1.1 --- 5 packet(s) transmitted, 5 packet(s) received, 0.0% packet loss round-trip min/avg/max/std-dev = 0.779/1.408/1.702/0.323 ms OSPF route redistribution configuration example Network requirements Enable OSPF on all the routers. • Split the AS into three areas. •...

  • Page 110: Ospf Summary Route Advertisement Configuration Example

    # Display the OSPF routing information on Router D. <RouterD> display ospf routing OSPF Process 1 with Router ID 10.5.1.1 Routing Tables Routing for Network Destination Cost Type NextHop AdvRouter Area 10.2.1.0/24 Inter 10.3.1.1 10.3.1.1 0.0.0.2 10.3.1.0/24 Transit 10.3.1.2 10.3.1.1 0.0.0.2 10.4.1.0/24 Inter...

  • Page 111

    Figure 24 Network diagram Eth1/2 Eth1/2 10.4.1.1/24 10.3.1.1/24 Eth1/1 Eth1/1 10.1.1.1/24 10.2.1.2/24 Router E Router D Eth1/1 Eth1/3 10.1.1.2/24 10.2.1.1/24 Router C AS 100 Eth1/2 11.1.1.2/24 EBGP Eth1/2 11.1.1.1/24 Router B Eth1/1 11.2.1.1/24 Eth1/1 11.2.1.2/24 AS 200 Router A Configuration procedure Configure IP addresses for interfaces.

  • Page 112

    # Configure Router D. <RouterD> system-view [RouterD] router id 10.3.1.1 [RouterD] ospf [RouterD-ospf-1] area 0 [RouterD-ospf-1-area-0.0.0.0] network 10.1.1.0 0.0.0.255 [RouterD-ospf-1-area-0.0.0.0] network 10.3.1.0 0.0.0.255 [RouterD-ospf-1-area-0.0.0.0] quit # Configure Router E. <RouterE> system-view [RouterE] router id 10.4.1.1 [RouterE] ospf [RouterE-ospf-1] area 0 [RouterE-ospf-1-area-0.0.0.0] network 10.2.1.0 0.0.0.255 [RouterE-ospf-1-area-0.0.0.0] network 10.4.1.0 0.0.0.255 [RouterE-ospf-1-area-0.0.0.0] quit...

  • Page 113: Ospf Stub Area Configuration Example

    0.0.0.0/32 Direct 0 127.0.0.1 InLoop0 10.1.1.0/24 OSPF 11.2.1.1 Eth1/1 10.2.1.0/24 OSPF 11.2.1.1 Eth1/1 10.3.1.0/24 OSPF 11.2.1.1 Eth1/1 10.4.1.0/24 OSPF 11.2.1.1 Eth1/1 11.2.1.0/24 Direct 0 11.2.1.2 Eth1/1 11.2.1.0/32 Direct 0 11.2.1.2 Eth1/1 11.2.1.2/32 Direct 0 127.0.0.1 InLoop0 11.2.1.255/32 Direct 0 11.2.1.2 Eth1/1 127.0.0.0/8 Direct 0...

  • Page 114

    Configure Router D as the ASBR to redistribute static routes. • • Configure Area 1 as a stub area to reduce advertised LSAs without influencing reachability. Figure 25 Network diagram Area 0 Router A Router B Eth1/1 10.1.1.1/24 Eth1/1 10.1.1.2/24 Eth1/2 Eth1/2 10.3.1.1/24...

  • Page 115

    10.1.1.0/24 Inter 10.2.1.1 10.2.1.1 0.0.0.1 Routing for ASEs Destination Cost Type NextHop AdvRouter 3.1.2.0/24 Type2 10.2.1.1 10.5.1.1 Total Nets: 6 Intra Area: 2 Inter Area: 3 ASE: 1 NSSA: 0 Because Router C resides in a normal OSPF area, its routing table contains an AS external route. Configure Area 1 as a stub area: # Configure Router A.

  • Page 116: Ospf Nssa Area Configuration Example

    [RouterA-ospf-1-area-0.0.0.1] quit # Display OSPF routing information on Router C. [RouterC] display ospf routing OSPF Process 1 with Router ID 10.4.1.1 Routing Tables Routing for Network Destination Cost Type NextHop AdvRouter Area 0.0.0.0/0 Inter 10.2.1.1 10.2.1.1 0.0.0.1 10.2.1.0/24 Transit 10.2.1.2 10.4.1.1 0.0.0.1 10.4.1.0/24...

  • Page 117

    [RouterA-ospf-1-area-0.0.0.1] nssa [RouterA-ospf-1-area-0.0.0.1] quit # Configure Router C. <RouterC> system-view [RouterC] ospf [RouterC-ospf-1] area 1 [RouterC-ospf-1-area-0.0.0.1] nssa [RouterC-ospf-1-area-0.0.0.1] quit [RouterC-ospf-1] quit NOTE: To allow Router C in the NSSA area to reach other areas within the AS, you must provide the keyword •...

  • Page 118: Ospf Dr Election Configuration Example

    10.3.1.0/24 Transit 10.3.1.2 10.3.1.1 0.0.0.2 10.4.1.0/24 Inter 10.3.1.1 10.3.1.1 0.0.0.2 10.5.1.0/24 Stub 10.5.1.1 10.5.1.1 0.0.0.2 10.1.1.0/24 Inter 10.3.1.1 10.3.1.1 0.0.0.2 Routing for ASEs Destination Cost Type NextHop AdvRouter 3.1.2.0/24 Type2 10.3.1.1 10.2.1.1 Total Nets: 6 Intra Area: 2 Inter Area: 3 ASE: 1 NSSA: 0 The output shows an AS external route imported from the NSSA area exists on Router D.

  • Page 119

    [RouterB-ospf-1] area 0 [RouterB-ospf-1-area-0.0.0.0] network 192.168.1.0 0.0.0.255 [RouterB-ospf-1-area-0.0.0.0] quit [RouterB-ospf-1] quit # Configure Router C. <RouterC> system-view [RouterC] router id 3.3.3.3 [RouterC] ospf [RouterC-ospf-1] area 0 [RouterC-ospf-1-area-0.0.0.0] network 192.168.1.0 0.0.0.255 [RouterC-ospf-1-area-0.0.0.0] quit [RouterC-ospf-1] quit # Configure Router D. <RouterD> system-view [RouterD] router id 4.4.4.4 [RouterD] ospf [RouterD-ospf-1] area 0...

  • Page 120

    Neighbor is up for 00:01:28 Authentication Sequence: [ 0 ] The output shows that Router D is the DR and Router C is the BDR. Configure router priorities on interfaces: # Configure Router A. [RouterA] interface ethernet 1/1 [RouterA-Ethernet1/1] ospf dr-priority 100 [RouterA-Ethernet1/1] quit # Configure Router B.

  • Page 121

    The output shows that the DR and BDR are not changed, because the new router priority settings do not take effect immediately. Restart the OSPF process: # Restart the OSPF process on Router D. <RouterD> reset ospf 1 process Warning : Reset OSPF process? [Y/N]:y # Display neighbor information of Router D.

  • Page 122: Ospf Virtual Link Configuration Example

    192.168.1.1 Broadcast DR 192.168.1.1 192.168.1.3 [RouterB] display ospf interface OSPF Process 1 with Router ID 2.2.2.2 Interfaces Area: 0.0.0.0 IP Address Type State Cost 192.168.1.2 Broadcast DROther 192.168.1.1 192.168.1.3 The interface state DROther means the interface is not the DR or BDR. OSPF virtual link configuration example Network requirements Configure a virtual link between Router B and Router C to connect Area 2 to the backbone area.

  • Page 123

    # Configure Router C. <RouterC> system-view [RouterC] ospf 1 router-id 3.3.3.3 [RouterC-ospf-1] area 1 [RouterC-ospf-1-area-0.0.0.1] network 10.2.1.0 0.0.0.255 [RouterC-ospf-1-area-0.0.0.1] quit [RouterC-ospf-1] area 2 [RouterC–ospf-1-area-0.0.0.2] network 10.3.1.0 0.0.0.255 [RouterC–ospf-1-area-0.0.0.2] quit [RouterC-ospf-1] quit # Configure Router D. <RouterD> system-view [RouterD] ospf 1 router-id 4.4.4.4 [RouterD-ospf-1] area 2 [RouterD-ospf-1-area-0.0.0.2] network 10.3.1.0 0.0.0.255 [RouterD-ospf-1-area-0.0.0.2] quit...

  • Page 124: Ospf Gr Configuration Example

    Routing for Network Destination Cost Type NextHop AdvRouter Area 10.2.1.0/24 Transit 10.2.1.1 3.3.3.3 0.0.0.1 10.3.1.0/24 Inter 10.2.1.2 3.3.3.3 0.0.0.0 10.1.1.0/24 Transit 10.1.1.2 2.2.2.2 0.0.0.0 Total Nets: 3 Intra Area: 2 Inter Area: 1 ASE: 0 NSSA: 0 The output shows that Router B has learned the route 10.3.1.0/24 to Area 2. OSPF GR configuration example Network requirements As shown in...

  • Page 125

    [RouterB-ospf-100] area 0 [RouterB-ospf-100-area-0.0.0.0] network 192.1.1.0 0.0.0.255 [RouterB-ospf-100-area-0.0.0.0] quit # Configure Router C <RouterC> system-view [RouterC] router id 3.3.3.3 [RouterC] ospf 100 [RouterC-ospf-100] area 0 [RouterC-ospf-100-area-0.0.0.0] network 192.1.1.0 0.0.0.255 [RouterC-ospf-100-area-0.0.0.0] quit Configure OSPF GR: # Configure Router A as the non-IETF OSPF GR restarter: enable the link-local signaling capability, the out-of-band re-synchronization capability, and non-IETF GR for OSPF process 100.

  • Page 126: Bfd For Ospf Configuration Example

    %Oct 21 15:29:29:902 2011 RouterA OSPF/5/OSPF_NBR_CHG: -MDC=1; OSPF 100 Neighbor 192.1.1.2(Ethernet1/1) from Loading to Full. *Oct 21 15:29:29:902 2011 RouterA OSPF/7/DEBUG: -MDC=1; OSPF 100 deleted OOB Progress timer for neighbor 192.1.1.2. %Oct 21 15:29:30:897 2011 RouterA OSPF/5/OSPF_NBR_CHG: -MDC=1; OSPF 100 Neighbor 192.1.1.3(Ethernet1/1) from Loading to Full.

  • Page 127

    Router C Eth 1/1 10.1.1.100/24 Eth 1/2 13.1.1.2/24 Configuration procedure Configure IP addresses for interfaces. (Details not shown.) Enable OSPF: # Configure Router A. <RouterA> system-view [RouterA] ospf [RouterA-ospf-1] area 0 [RouterA-ospf-1-area-0.0.0.0] network 192.168.0.0 0.0.0.255 [RouterA-ospf-1-area-0.0.0.0] network 10.1.1.0 0.0.0.255 [RouterA-ospf-1-area-0.0.0.0] network 121.1.1.0 0.0.0.255 [RouterA-ospf-1-area-0.0.0.0] quit [RouterA-ospf-1] quit [RouterA] interface ethernet 1/2...

  • Page 128

    [RouterB] bfd session init-mode active [RouterB] interface ethernet 1/1 [RouterB-Ethernet1/1] ospf bfd enable [RouterB-Ethernet1/1] bfd min-transmit-interval 500 [RouterB-Ethernet1/1] bfd min-receive-interval 500 [RouterB-Ethernet1/1] bfd detect-multiplier 6 Verifying the configuration # Display the BFD information on Router A. <RouterA> display bfd session Total Session Num: 1 Up Session Num: 1 Init Mode: Active...

  • Page 129: Ospf Frr Configuration Example

    OrigTblID: 0x0 OrigVrf: default-vrf TableID: 0x2 OrigAs: 0 NBRID: 0x26000002 LastAs: 0 AttrID: 0xffffffff Neighbor: 0.0.0.0 Flags: 0x1008c OrigNextHop: 10.1.1.100 Label: NULL RealNextHop: 10.1.1.100 BkLabel: NULL BkNextHop: N/A Tunnel ID: Invalid Interface: Ethernet1/2 BkTunnel ID: Invalid BkInterface: N/A The output shows that Router A communicates with Router B through Ethernet 1/2. OSPF FRR configuration example Network requirements As shown in...

  • Page 130

    [RouterD-ospf-1] quit (Method 2.) Enable OSPF FRR to specify a backup next hop by using a routing policy: # Configure Router S. <RouterS> system-view [RouterS] bfd echo-source-ip 1.1.1.1 [RouterS] ip prefix-list abc index 10 permit 4.4.4.4 32 [RouterS] route-policy frr permit node 10 [RouterS-route-policy-frr-10] if-match ip address prefix-list abc [RouterS-route-policy-frr-10] apply fast-reroute backup-interface ethernet 1/1 backup-nexthop 12.12.12.2...

  • Page 131: Troubleshooting Ospf Configuration

    [RouterD] display ip routing-table 1.1.1.1 verbose Summary Count : 1 Destination: 1.1.1.1/32 Protocol: OSPF Process ID: 1 SubProtID: 0x1 Age: 04h20m37s Cost: 1 Preference: 10 Tag: 0 State: Active Adv OrigTblID: 0x0 OrigVrf: default-vrf TableID: 0x2 OrigAs: 0 NBRID: 0x26000002 LastAs: 0 AttrID: 0xffffffff Neighbor: 0.0.0.0...

  • Page 132

    Analysis The backbone area must maintain connectivity to all other areas. If a router connects to more than one area, at least one area must be connected to the backbone. The backbone cannot be configured as a stub area. In a stub area, all routers cannot receive external routes, and all interfaces connected to the stub area must belong to the stub area.

  • Page 133: Configuring Is-is

    Configuring IS-IS This chapter describes how to configure IS-IS for IPv4 networks. Overview Intermediate System-to-Intermediate System (IS-IS) is a dynamic routing protocol designed by the ISO to operate on the connectionless network protocol (CLNP). IS-IS was modified and extended in RFC 1 195 by the IETF for application in both TCP/IP and OSI reference models, called "Integrated IS-IS"...

  • Page 134

    System ID—Identifies the host. • • SEL—Identifies the type of service. The IDP and DSP are variable in length. The length of an NSAP address ranges from 8 bytes to 20 bytes. Figure 32 NSAP address format Area address The area address comprises the IDP and the HO-DSP of the DSP, which identify the area and the routing domain.

  • Page 135: Is-is Area

    Area ID—Has a length of 1 to 13 bytes. • • System ID—A system ID uniquely identifies a host or router in the area and has a fixed length of 6 bytes. SEL—Has a value of 0 and a fixed length of 1 byte. •...

  • Page 136

    Figure 33 IS-IS topology 1 Area 3 Area 2 L1/L2 L1/L2 Area 1 Area 5 L1/L2 L1/L2 Area 4 Figure 34 shows another IS-IS topology. The Level- 1 -2 routers connect to the Level- 1 and Level-2 routers, and form the IS-IS backbone together with the Level-2 routers. No area is defined as the backbone in this topology.

  • Page 137: Is-is Network Types

    passing through the Level- 1 -2 router might not be the best. To solve this problem, IS-IS provides the route leaking feature. Route leaking enables a Level- 1 -2 router to advertise the routes of other Level- 1 areas and the Level-2 area to the connected Level- 1 area so that the Level- 1 routers can select the optimal routes for packets.

  • Page 138: Is-is Pdus

    NOTE: On an IS-IS broadcast network, all routers establish adjacency relationships, but they synchronize their LSDBs through the DIS. IS-IS PDUs IS-IS PDUs are encapsulated into link layer frames. An IS-IS PDU has two parts, the headers and the variable length fields. The headers comprise the PDU common header and the PDU specific header. All PDUs have the same PDU common header.

  • Page 139

    A CSNP describes the summary of all LSPs for LSDB synchronization between neighboring routers. On broadcast networks, CSNPs are sent by the DIS periodically (every 10 seconds by default). On point-to-point networks, CSNPs are sent only during the first adjacency establishment. A PSNP only contains the sequence numbers of one or multiple latest received LSPs.

  • Page 140: Is-is Configuration Task List

    RFC 2966, Domain-wide Prefix Distribution with Two-Level IS-IS • • RFC 2973, IS-IS Mesh Groups RFC 3277, IS-IS Transient Blackhole Avoidance • RFC 3358, Optional Checksums in ISIS • • RFC 3373, Three-Way Handshake for IS-IS Point-to-Point Adjacencies RFC 3567, Intermediate System to Intermediate System (IS-IS) Cryptographic Authentication •...

  • Page 141: Configuring Basic Is-is

    Tasks at a glance (Optional.) Tuning and optimizing IS-IS networks: • Specifying the interval for sending IS-IS hello packets • Specifying the IS-IS hello multiplier • Specifying the interval for sending IS-IS CSNP packets • Configuring a DIS priority for an interface •...

  • Page 142: Configuring The Is Level And Circuit Level

    Step Command Remarks interface interface-type Enter interface view. interface-number Enable an IS-IS process on the By default, no IS-IS process is isis enable [ process-id ] interface. enabled. Configuring the IS level and circuit level Follow these guidelines when you configure the IS level for routers in only one area: Configure the IS level of all routers as Level- 1 or Level-2 rather than different levels because the •...

  • Page 143: Configuring Is-is Route Control

    Step Command Remarks Enter system view. system-view interface interface-type Enter interface view. interface-number By default, the network type of an Configure P2P network type for an interface depends on the physical isis circuit-type p2p interface. media. The network type of a VLAN interface is broadcast.

  • Page 144: Specifying A Preference For Is-is

    Configuring an IS-IS cost for an interface Step Command Remarks Enter system view. system-view isis [ process-id ] [ vpn-instance Enter IS-IS view. vpn-instance-name ] cost-style { narrow | wide | wide-compatible (Optional.) Specify an By default, the IS-IS cost type | { compatible | narrow-compatible } IS-IS cost style.

  • Page 145

    To configure a preference for IS-IS: Step Command Remarks Enter system view. system-view isis [ process-id ] [ vpn-instance Enter IS-IS view. vpn-instance-name ] Configure a preference for preference { preference | route-policy The default setting is IS-IS. route-policy-name } * Configuring the maximum number of ECMP routes Perform this task to implement load sharing over ECMP routes.

  • Page 146: Configuring Is-is Route Redistribution

    To advertise a default route: Step Command Remarks Enter system view. system-view isis [ process-id ] [ vpn-instance Enter IS-IS view. vpn-instance-name ] default-route-advertise [ [ level-1 | level-1-2 Advertise a default By default, IS-IS does not advertise | level-2 ] | route-policy route-policy-name ] route.

  • Page 147: Configuring Is-is Route Leaking

    Step Command Remarks Enter system view. system-view isis [ process-id ] [ vpn-instance Enter IS-IS view. vpn-instance-name ] filter-policy { acl-number | prefix-list Filter routes calculated By default, IS-IS route prefix-list-name | route-policy using received LSPs. filtering is not configured. route-policy-name } import Filtering redistributed routes IS-IS can redistribute routes from other routing protocols or other IS-IS processes, add them to the IS-IS...

  • Page 148: Tuning And Optimizing Is-is Networks

    Tuning and optimizing IS-IS networks Configuration prerequisites Before you tune and optimize IS-IS networks, complete the following tasks: Configure IP addresses for interfaces to ensure IP connectivity between neighboring nodes. • Enable IS-IS. • Specifying the interval for sending IS-IS hello packets If a neighbor does not receive any hello packets from the router within the advertised hold time, it considers the router down and recalculates the routes.

  • Page 149: Configuring A Dis Priority For An Interface

    Step Command Remarks isis timer holding-multiplier value The default setting is Specify the hello multiplier. [ level-1 | level-2 ] Specifying the interval for sending IS-IS CSNP packets On a broadcast network, perform this task on the DIS that uses CSNP packets to synchronize LSDBs. To specify the interval for sending IS-IS CSNP packets: Step Command...

  • Page 150: Enabling An Interface To Send Small Hello Packets

    Step Command Remarks Enter system view. system-view interface interface-type Enter interface view. interface-number By default, a PPP interface checks the Disable source address source IP address in hello packets. check for hello packets on isis peer-ip-ignore The command applies only to PPP a PPP interface.

  • Page 151: Configuring Lsp Parameters

    Configuring LSP parameters Configuring LSP timers Specify the maximum age of LSPs. Each LSP has an age that decreases in the LSDB. Any LSP with an age of 0 is deleted from the LSDB. You can adjust the age value based on the scale of a network. To specify the maximum age of LSPs: Step Command...

  • Page 152

    IS-IS routers in an area must send LSPs smaller than the smallest interface MTU in the area. If the IS-IS routers have different interface MTUs, HP recommends configuring the maximum size of generated LSP packets to be smaller than the smallest interface MTU in the area. Otherwise, the routers must dynamically adjust the LSP packet size to fit the smallest interface MTU, which takes time and affects other services.

  • Page 153

    Enabling LSP fragment extension Perform this task to enable IS-IS fragment extension for an IS-IS process. The MTUs of all interfaces running the IS-IS process must not be less than 512. Otherwise, LSP fragment extension does not take effect. To enable LSP fragment extension: Step Command Remarks...

  • Page 154: Controlling Spf Calculation Interval

    Step Command Remarks Enter system view. system-view interface interface-type Enter interface view. interface-number Use either method. • Add the interface to a mesh group: By default, the interface does not isis mesh-group Add the interface to a mesh belong to any mesh group and is mesh-group-number group or block the interface.

  • Page 155: Setting The Lsdb Overload Bit, Configuring System Id To Host Name Mappings

    Step Command Remarks Enter system view. system-view isis [ process-id ] [ vpn-instance Enter IS-IS view. vpn-instance-name ] priority { critical | high | medium } By default, IS-IS routes, except IS-IS Assign convergence priorities { prefix-list prefix-list-name | tag host routes, have the low to specific IS-IS routes.

  • Page 156: Enabling The Logging Of Neighbor State Changes

    Step Command Remarks Configure a system ID to host A system ID can correspond to only name mapping for a remote is-name map sys-id map-sys-name one host name. Configuring dynamic system ID to host name mapping Static system ID to host name mapping requires you to manually configure a mapping for each router in the network.

  • Page 157: Enabling Is-is Ispf

    Step Command Remarks isis [ process-id ] [ vpn-instance Enter IS-IS view. vpn-instance-name ] By default, the logging of Enable the logging of log-peer-change neighbor state changes is neighbor state changes. enabled. Enabling IS-IS ISPF When the network topology changes, Incremental Shortest Path First (ISPF) computes only the affected part of the SPT, instead of the entire SPT.

  • Page 158: Configuring Neighbor Relationship Authentication, Configuring Area Authentication

    Enhancing IS-IS network security To enhance the security of an IS-IS network, you can configure IS-IS authentication. IS-IS authentication involves neighbor relationship authentication, area authentication, and routing domain authentication. Configuration prerequisites Before the configuration, complete the following tasks: Configure IP addresses for interfaces to ensure IP connectivity between neighboring nodes. •...

  • Page 159: Configuring Routing Domain Authentication

    Configuring routing domain authentication Routing domain authentication prevents untrusted routing information from entering into a routing domain. A router with the authentication configured encapsulates the password in the specified mode into Level-2 packets (LSP, CSNP, and PSNP) and check the password in received Level-2 packets. All the routers in the backbone must have the same authentication mode and password.

  • Page 160: Configuring Bfd For Is-is

    Step Command Remarks Enable IS-IS and isis [ process-id ] [ vpn-instance enter IS-IS view. vpn-instance-name ] By default, the GR capability for IS-IS is Enable IS-IS GR. graceful-restart disabled. By default, the SA bit is not suppressed. (Optional.) Suppress By enabling the GR restarter to suppress the the SA bit during graceful-restart suppress-sa...

  • Page 161

    Figure 39 Network diagram for IS-IS FRR Figure 39, after you enable FRR on Router B, IS-IS automatically calculates or designates a backup next hop when a link failure is detected. In this way, packets are directed to the backup next hop to reduce traffic recovery time.

  • Page 162: Displaying And Maintaining Is-is

    FRR. For more information about the apply fast-reroute backup-interface command and routing policy configurations, see "Configuring routing policies." To configure IS-IS FRR using a routing policy: Step Command Remarks Enter system view. system-view Configure the source address By default, the source address of bfd echo-source-ip ip-address of echo packets.

  • Page 163: Is-is Configuration Examples

    Task Command Display IS-IS backup neighbor display isis peer [ statistics | verbose ] [ process-id ] [ standby slot information (MSR4000). slot-number ] Display IS-IS redistributed route display isis redistribute [ ipv4 [ ip-address mask-length ] ] [ level-1 | information level-2 ] [ process-id ] display isis route [ ipv4 [ ip-address mask-length ] ] [ [ level-1 |...

  • Page 164

    Figure 40 Network diagram Configuration procedure Configure IP addresses for interfaces. (Details not shown.) Configure IS-IS: # Configure Router A <RouterA> system-view [RouterA] isis 1 [RouterA-isis-1] is-level level-1 [RouterA-isis-1] network-entity 10.0000.0000.0001.00 [RouterA-isis-1] quit [RouterA] interface ethernet 1/1 [RouterA-Ethernet1/1] isis enable 1 [RouterA-Ethernet1/1] quit # Configure Router B.

  • Page 165

    [RouterC] interface ethernet 1/2 [RouterC-Ethernet1/2] isis enable 1 [RouterC-Ethernet1/2] quit # Configure Router D <RouterD> system-view [RouterD] isis 1 [RouterD-isis-1] is-level level-2 [RouterD-isis-1] network-entity 20.0000.0000.0004.00 [RouterD-isis-1] quit [RouterD] interface ethernet 1/1 [RouterD-Ethernet1/1] isis enable 1 [RouterD-Ethernet1/1] quit [RouterD] interface ethernet 1/2 [RouterD-Ethernet1/2] isis enable 1 [RouterD-Ethernet1/2] quit Verifying the configuration...

  • Page 166

    0000.0000.0003.00-00 0x00000014 0x194a 1190 1/0/0 0000.0000.0003.01-00 0x00000002 0xabdb 0/0/0 *-Self LSP, +-Self LSP(Extended), ATT-Attached, P-Partition, OL-Overload [RouterC] display isis lsdb Database information for ISIS(1) -------------------------------- Level-1 Link State Database --------------------------- LSPID Seq Num Checksum Holdtime Length ATT/P/OL -------------------------------------------------------------------------- 0000.0000.0001.00-00 0x00000006 0xdb60 0/0/0 0000.0000.0002.00-00...

  • Page 167

    [RouterA] display isis route Route information for IS-IS(1) ------------------------------ Level-1 IPv4 Forwarding Table ----------------------------- IPv4 Destination IntCost ExtCost ExitInterface NextHop Flags ------------------------------------------------------------------------------- 10.1.1.0/24 NULL Eth1/1 Direct D/L/- 10.1.2.0/24 NULL Eth1/1 10.1.1.1 R/-/- 192.168.0.0/24 NULL Eth1/1 10.1.1.1 R/-/- 0.0.0.0/0 NULL Eth1/1 10.1.1.1 R/-/- Flags: D-Direct, R-Added to Rib, L-Advertised in LSPs, U-Up/Down Bit Set...

  • Page 168: Dis Election Configuration Example

    Level-2 IPv4 Forwarding Table ----------------------------- IPv4 Destination IntCost ExtCost ExitInterface NextHop Flags ------------------------------------------------------------------------------- 192.168.0.0/24 NULL Eth1/2 Direct D/L/- 10.1.1.0/24 NULL Eth1/2 192.168.0.1 R/-/- 10.1.2.0/24 NULL Eth1/2 192.168.0.1 R/-/- 172.16.0.0/16 NULL Eth1/1 Direct D/L/- Flags: D-Direct, R-Added to Rib, L-Advertised in LSPs, U-Up/Down Bit Set The output shows that the routing table of Level- 1 routers contains a default route with the next hop as the Level- 1 -2 router, and the routing table of Level-2 router contains all Level- 1 and Level-2 routes.

  • Page 169

    [RouterA] interface ethernet 1/1 [RouterA-Ethernet1/1] isis enable 1 [RouterA-Ethernet1/1] quit # Configure Router B. <RouterB> system-view [RouterB] isis 1 [RouterB-isis-1] network-entity 10.0000.0000.0002.00 [RouterB-isis-1] quit [RouterB] interface ethernet 1/1 [RouterB-Ethernet1/1] isis enable 1 [RouterB-Ethernet1/1] quit # Configure Router C. <RouterC> system-view [RouterC] isis 1 [RouterC-isis-1] network-entity 10.0000.0000.0003.00 [RouterC-isis-1] is-level level-1...

  • Page 170

    Interface: Ethernet1/1 Circuit Id: 0000.0000.0004.01 State: Up HoldTime: 23s Type: L2 PRI: 64 # Display information about IS-IS interfaces of Router A. [RouterA] display isis interface Interface information for IS-IS(1) --------------------------------- Interface: Ethernet1/1 IPv4.State IPv6.State Type Down 1497 L1/L2 No/No # Display IS-IS interfaces of Router C.

  • Page 171

    State: Up HoldTime: 22s Type: L1 PRI: 64 System Id: 0000.0000.0002 Interface: Ethernet1/1 Circuit Id: 0000.0000.0001.01 State: Up HoldTime: 22s Type: L2(L1L2) PRI: 64 System Id: 0000.0000.0004 Interface: Ethernet1/1 Circuit Id: 0000.0000.0001.01 State: Up HoldTime: 22s Type: L2 PRI: 64 # Display information about IS-IS interfaces of Router A.

  • Page 172: Is-is Route Redistribution Configuration Example

    Interface: Ethernet1/1 Circuit Id: 0000.0000.0001.01 State: Up HoldTime: 7s Type: L2 PRI: 100 System Id: 0000.0000.0002 Interface: Ethernet1/1 Circuit Id: 0000.0000.0001.01 State: Up HoldTime: 26s Type: L2 PRI: 64 [RouterD] display isis interface Interface information for IS-IS(1) --------------------------------- Interface: Ethernet1/1 IPv4.State IPv6.State Type...

  • Page 173

    [RouterA] interface ethernet 1/1 [RouterA-Ethernet1/1] isis enable 1 [RouterA-Ethernet1/1] quit # Configure Router B. <RouterB> system-view [RouterB] isis 1 [RouterB-isis-1] is-level level-1 [RouterB-isis-1] network-entity 10.0000.0000.0002.00 [RouterB-isis-1] quit [RouterB] interface ethernet 1/1 [RouterB-Ethernet1/1] isis enable 1 [RouterB-Ethernet1/1] quit # Configure Router C. <RouterC>...

  • Page 174

    192.168.0.0/24 NULL Eth1/1 10.1.1.1 R/-/- 0.0.0.0/0 NULL Eth1/1 10.1.1.1 R/-/- Flags: D-Direct, R-Added to Rib, L-Advertised in LSPs, U-Up/Down Bit Set [RouterC] display isis route Route information for IS-IS(1) ----------------------------- Level-1 IPv4 Forwarding Table ----------------------------- IPv4 Destination IntCost ExtCost ExitInterface NextHop Flags -------------------------------------------------------------------------------...

  • Page 175

    # Configure RIPv2 on Router D. [RouterD] rip 1 [RouterD-rip-1] network 10.0.0.0 [RouterD-rip-1] version 2 [RouterD-rip-1] undo summary # Configure RIPv2 on Router E. [RouterE] rip 1 [RouterE-rip-1] network 10.0.0.0 [RouterE-rip-1] version 2 [RouterE-rip-1] undo summary # On Router D, configure IS-IS to redistribute routes from RIP. [RouterD-rip-1] quit [RouterD] isis 1 [RouterD–isis-1] import-route rip level-2...

  • Page 176: Is-is Authentication Configuration Example

    IS-IS authentication configuration example Network requirements As shown in Figure 43, Router A, Router B, Router C, and Router D reside in the same IS-IS routing domain. Router A, Router B, and Router C belong to Area 10, and Router D belongs to Area 20. Configure neighbor relationship authentication between neighbors.

  • Page 177

    # Configure Router C. <RouterC> system-view [RouterC] isis 1 [RouterC-isis-1] network-entity 10.0000.0000.0003.00 [RouterC-isis-1] quit [RouterC] interface ethernet 1/1 [RouterC-Ethernet1/1] isis enable 1 [RouterC-Ethernet1/1] quit [RouterC] interface ethernet 1/2 [RouterC-Ethernet1/2] isis enable 1 [RouterC-Ethernet1/2] quit [RouterC] interface ethernet 1/3 [RouterC-Ethernet1/3] isis enable 1 [RouterC-Ethernet1/3] quit # Configure Router D.

  • Page 178: Is-is Gr Configuration Example

    Configure the area authentication mode as MD5 and set the plaintext password to 10Sec on Router A, Router B, and Router C. [RouterA] isis 1 [RouterA-isis-1] area-authentication-mode md5 plain 10Sec [RouterA-isis-1] quit [RouterB] isis 1 [RouterB-isis-1] area-authentication-mode md5 plain 10Sec [RouterB-isis-1] quit [RouterC] isis 1 [RouterC-isis-1] area-authentication-mode md5 plain 10Sec...

  • Page 179: Bfd For Is-is Configuration Example

    Verifying the configuration After Router A establishes adjacencies with Router B and Router C, they begin to exchange routing information. Restart IS-IS on Router A, which enters the restart state and sends connection requests to its neighbors through the GR mechanism to synchronize the LSDB. To display the IS-IS GR status on Router A, use the display isis graceful-restart status command.

  • Page 180

    Figure 45 Network diagram Device Interface IP address Device Interface IP address Router A Eth1/1 192.168.0.102/24 Router B Eth1/1 192.168.0.100/24 Eth1/2 10.1.1.102/24 Eth1/2 13.1.1.1/24 Router C Eth1/1 10.1.1.100/24 Eth1/2 13.1.1.2/24 Configuration procedure Configure IP addresses for interfaces. (Details not shown.) Configure basic IS-IS: # Configure Router A.

  • Page 181

    [RouterC-isis-1] network-entity 10.0000.0000.0003.00 [RouterC-isis-1] quit [RouterC] interface ethernet 1/1 [RouterC-Ethernet1/1] isis enable [RouterC-Ethernet1/1] quit [RouterC] interface ethernet 1/2 [RouterC-Ethernet1/2] isis enable [RouterC-Ethernet1/2] quit Configure BFD functions: # Enable BFD and configure BFD parameters on Router A. [RouterA] bfd session init-mode active [RouterA] interface ethernet 1/1 [RouterA-Ethernet1/1] isis bfd enable [RouterA-Ethernet1/1] bfd min-receive-interval 500...

  • Page 182: Is-is Frr Configuration Example

    Flags: 0x1008c OrigNextHop: 192.168.0.100 Label: NULL RealNextHop: 192.168.0.100 BkLabel: NULL BkNextHop: N/A Tunnel ID: Invalid Interface: Ethernet1/1 BkTunnel ID: Invalid BkInterface: N/A The output shows that Router A and Router B communicate through Ethernet 1/1. Then the link over Ethernet 1/1 fails. # Display routes destined for 120.1.1.0/24 on Router A.

  • Page 183

    Configuration procedure Configure IP addresses and subnet masks for interfaces on the routers. (Details not shown.) Configure IS-IS on the routers to make sure Router A, Router D, and Router S can communicate with each other at the network layer. (Details not shown.) Configure IS-IS FRR: Enable IS-IS FRR to automatically calculate a backup next hop, or designate a backup next hop by using a routing policy.

  • Page 184

    Verifying the configuration # Display route 4.4.4.4/32 on Router S to view the backup next hop information. [RouterS] display ip routing-table 4.4.4.4 verbose Summary Count : 1 Destination: 4.4.4.4/32 Protocol: ISIS Process ID: 1 SubProtID: 0x1 Age: 04h20m37s Cost: 10 Preference: 10 Tag: 0 State: Active Adv...

  • Page 185: Configuring Bgp, Bgp Message Types

    Configuring BGP Overview Border Gateway Protocol (BGP) is an exterior gateway protocol (EGP). It is called internal BGP (IBGP) when it runs within an AS and called external BGP (EBGP) when it runs between ASs. The current version in use is BGP-4 (RFC 4271). BGP has the following characteristics: Focuses on route control and selection rather than route discovery and calculation.

  • Page 186: Bgp Path Attributes

    BGP path attributes BGP uses the following path attributes in update messages for route filtering and selection: • ORIGIN The ORIGIN attribute specifies the origin of BGP routes. This attribute has the following types: IGP—Has the highest priority. Routes generated in the local AS have the IGP attribute. EGP—Has the second highest priority.

  • Page 187

    Filter routes—By using an AS path list, you can filter routes based on AS numbers contained in the AS_PATH attribute. For more information about AS path list, see "Configuring routing policies." • NEXT_HOP The NEXT_HOP attribute might not be the IP address of a directly-connected router. Its value is determined as follows: When a BGP speaker advertises a self-originated route to a BGP peer, it sets the address of the sending interface as the NEXT_HOP.

  • Page 188

    Figure 49 MED attribute MED = 0 Router B 2.1.1.1 D = 9.0.0.0 Next_hop = 2.1.1.1 EBGP IBGP MED = 0 9.0.0.0 IBGP Router A Router D D = 9.0.0.0 EBGP IBGP Next_hop = 3.1.1.1 MED = 100 AS 10 3.1.1.1 Router C AS 20...

  • Page 189

    Figure 50 LOCAL_PREF attribute • COMMUNITY The COMMUNITY attribute identifies the community of BGP routes. A BGP community is a group of routes with the same characteristics. It has no geographical boundaries. Routes of different ASs can belong to the same community. A route can carry one or more COMMUNITY attribute values (each of which is represented by a 4-byte integer).

  • Page 190: Bgp Route Selection

    The device supports the Route-Target attribute for VPN and Site of Origin (SoO) attribute. For more information, see MPLS Configuration Guide. BGP route selection BGP discards routes with unreachable NEXT_HOPs. If multiple routes to the same destination are available, BGP selects the best route in the following sequence: The route with the highest Preferred_value.

  • Page 191: Settlements For Problems In Large-scale Bgp Networks

    directly-connected next hop through IGP. The matching route with the direct next hop is called the "recursive route." The process of finding a recursive route is route recursion. The system supports BGP load balancing based on route recursion. If multiple recursive routes to the same destination are load balanced (suppose three direct next hop addresses), BGP generates the same number of next hops to forward packets.

  • Page 192

    Route summarization • Route summarization can reduce the BGP routing table size by advertising summary routes rather than more specific routes. The system supports both manual and automatic route summarization. Manual route summarization allows you to determine the attribute of a summary route and whether to advertise more specific routes.

  • Page 193

    IBGP peers must be fully meshed to maintain connectivity. If n routers exist in an AS, the number of IBGP connections is n(n-1)/2. If a large number of IBGP peers exist, large amounts of network and CPU resources are consumed to maintain sessions. Using route reflectors can solve this issue.

  • Page 194: Mp-bgp

    Confederation • Confederation is another method to manage growing IBGP connections in an AS. It splits an AS into multiple sub-ASs. In each sub-AS, IBGP peers are fully meshed. As shown in Figure intra-confederation EBGP connections are established between sub-ASs in AS 200. Figure 55 Confederation network diagram A non-confederation BGP speaker does not need to know sub-ASs in the confederation.

  • Page 195: Bgp Configuration Views

    MP-BGP uses these two attributes to advertise feasible and unfeasible routes for different network layer protocols. BGP speakers not supporting MP-BGP ignore updates containing these attributes and do not forward them to its peers. The current MP-BGP implementation supports multiple protocol extensions, including VPN, IPv6, and multicast.

  • Page 196

    View names Ways to enter the views Remarks Configurations in this view are <Sysname> system-view effective for VPNv6 routes and peers. [Sysname] bgp 100 BGP VPNv6 address family For more information about BGP view [Sysname-bgp] address-family VPNv6 address family view, see vpnv6 MPLS Configuration Guide.

  • Page 197: Bgp Configuration Task List

    To control BGP route distribution and path selection, you must perform additional configuration tasks. To configure BGP, perform the following tasks (IPv4): Tasks at a glance Remarks Configuring basic BGP: HP recommends • (Required.) Enabling BGP configuring BGP peer •...

  • Page 198

    (Optional.) Configuring BFD for BGP To configure BGP, perform the following tasks (IPv6): Tasks at a glance Remarks Configuring basic BGP: HP recommends • (Required.) Enabling BGP configuring BGP peer • (Required.) Perform one of the following tasks: groups on large scale...

  • Page 199: Enabling Bgp

    Tasks at a glance Remarks (Optional.) Controlling BGP path selection: • Specifying a preferred value for routes received • Configuring preferences for BGP routes • Configuring the default local preference • Configuring the MED attribute • Configuring the NEXT_HOP attribute •...

  • Page 200: Configuring A Bgp Peer

    To enable BGP: Step Command Remarks Enter system view. system-view By default, no global router ID is configured, and BGP uses the highest loopback interface IP address—if any—as the router ID. If Configure a global router ID. no loopback interface IP address is router id router-id available, BGP uses the highest physical interface IP address as the...

  • Page 201: Configuring A Bgp Peer Group

    Step Command Remarks Create and enter BGP IPv4 By default, the BGP IPv4 unicast unicast address family view or address family view and BGP-VPN address-family ipv4 [ unicast ] BGP-VPN IPv4 unicast IPv4 unicast address family view address family view. are not created.

  • Page 202

    Step Command Remarks Enter system view. system-view • Enter BGP view: bgp as-number • Enter BGP-VPN instance view: Enter BGP view or BGP-VPN instance view. bgp as-number ip vpn-instance vpn-instance-name By default, no IBGP peer group is Create an IBGP peer group. group group-name [ internal ] created.

  • Page 203

    Step Command Remarks Create and enter BGP IPv6 By default, the BGP IPv6 unicast unicast address family view or address family view and BGP-VPN address-family ipv6 [ unicast ] BGP-VPN IPv6 unicast IPv6 unicast address family view address family view. are not created.

  • Page 204

    Step Command Remarks (Optional.) Configure a peer group-name description By default, no description is description for a peer group. description-text configured for the peer group. Create and enter BGP IPv4 By default, the BGP IPv4 unicast unicast address family view or address family view and BGP-VPN address-family ipv4 [ unicast ] BGP-VPN IPv4 unicast...

  • Page 205

    Step Command Remarks Enter system view. system-view • Enter BGP view: bgp as-number • Enter BGP view or BGP-VPN Enter BGP-VPN instance view: instance view. bgp as-number ip vpn-instance vpn-instance-name By default, no EBGP peer group is Create an EBGP peer group. group group-name external created.

  • Page 206

    Step Command Remarks By default, no peer exists in the peer group. peer ipv6-address group Add the peer into the EBGP The as-number as-number option, group-name [ as-number peer group. if used, must specify the same AS as-number ] number as the peer ip-address as-number as-number command.

  • Page 207: Specifying The Source Interface For Tcp Connections

    Step Command Remarks • Enter BGP view: bgp as-number • Enter BGP view or BGP-VPN Enter BGP-VPN instance view: instance view. bgp as-number ip vpn-instance vpn-instance-name By default, no EBGP peer group is Create an EBGP peer group. group group-name external created.

  • Page 208: Injecting A Local Network

    Step Command Remarks • Enter BGP view: bgp as-number • Enter BGP-VPN instance view: Enter BGP view or BGP-VPN instance view. bgp as-number ip vpn-instance vpn-instance-name By default, BGP uses the outbound Specify the source interface interface of the best route to the peer { group-name | ip-address } for establishing TCP BGP peer or peer group as the...

  • Page 209: Redistributing Igp Routes

    Step Command Remarks Enter system view. system-view • Enter BGP view: bgp as-number • Enter BGP view or BGP-VPN Enter BGP-VPN instance view: instance view. bgp as-number ip vpn-instance vpn-instance-name Enter BGP IPv4 unicast address family view or address-family ipv4 [ unicast ] BGP-VPN IPv4 unicast address family view.

  • Page 210: Controlling Route Distribution And Reception, Configuring Bgp Route Summarization

    Step Command Remarks • Enter BGP view: bgp as-number • Enter BGP view or BGP-VPN Enter BGP-VPN instance view: instance view. bgp as-number ip vpn-instance vpn-instance-name Enter BGP IPv4 unicast address family view or address-family ipv4 [ unicast ] BGP-VPN IPv4 unicast address family view.

  • Page 211

    The output interface of a BGP summary route is Null 0 on the originating router. Therefore, a summary route must not be an optimal route on the originating router. Otherwise, BGP will fail to forward packets matching the route. If a summarized specific route has the same mask as the summary route, but has a lower priority, the summary route becomes the optimal route.

  • Page 212: Advertising A Default Route To A Peer Or Peer Group

    Step Command Remarks aggregate ip-address { mask | mask-length } [ as-set | attribute-policy route-policy-name Create a summary route in the By default, no summary route is | detail-suppressed | origin-policy BGP routing table. configured. route-policy-name | suppress-policy route-policy-name ] * To configure BGP manual route summarization (IPv6): Step Command...

  • Page 213: Limiting Routes Received From A Peer Or Peer Group

    Step Command Remarks Enter system view. system-view • Enter BGP view: bgp as-number • Enter BGP view or BGP-VPN Enter BGP-VPN instance view: instance view. bgp as-number ip vpn-instance vpn-instance-name Enter BGP IPv4 unicast address family view or address-family ipv4 [ unicast ] BGP-VPN IPv4 unicast address family view.

  • Page 214: Configuring Bgp Route Filtering Policies

    Step Command Remarks • Enter BGP view: bgp as-number • Enter BGP view or BGP-VPN Enter BGP-VPN instance view: instance view. bgp as-number ip vpn-instance vpn-instance-name Enter BGP IPv4 unicast address family view or address-family ipv4 [ unicast ] BGP-VPN IPv4 unicast address family view.

  • Page 215

    If you configure multiple filtering policies, apply them in the following sequence: filter-policy export peer filter-policy export peer as-path-acl export peer prefix-list export peer route-policy export Only routes passing all the configured policies can be advertised. To configure BGP route distribution filtering policies (IPv4): Step Command Remarks...

  • Page 216

    Step Command Remarks • Reference an ACL or IP prefix list to filter advertised BGP routes: filter-policy { acl-number | prefix-list prefix-list-name } export [ direct | isis process-id | ospf process-id | rip process-id | static ] • Reference a routing policy to filter BGP routes advertised to a peer or peer group: peer { group-name |...

  • Page 217

    Step Command Remarks • Reference an ACL or IPv6 prefix list to filter advertised BGP routes: filter-policy { acl6-number | prefix-list ipv6-prefix-name } export [ direct | isisv6 process-id | ospfv3 process-id | ripng process-id | static ] • Reference a routing policy to filter BGP routes advertised to a peer or peer group: peer { group-name |...

  • Page 218

    Step Command Remarks Enter system view. system-view • Enter BGP view: bgp as-number • Enter BGP view or BGP-VPN Enter BGP-VPN instance view: instance view. bgp as-number ip vpn-instance vpn-instance-name Enter BGP IPv4 unicast address family view or address-family ipv4 [ unicast ] BGP-VPN IPv4 unicast address family view.

  • Page 219: Configuring Bgp Route Dampening

    Step Command Remarks Enter BGP IPv6 unicast address family view or address-family ipv6 [ unicast ] BGP-VPN IPv6 unicast address family view. • Reference ACL or IPv6 prefix list to filter BGP routes received from all peers: filter-policy { acl6-number | prefix-list ipv6-prefix-name } import •...

  • Page 220: Controlling Bgp Path Selection

    Step Command Remarks dampening [ half-life-reachable Configure BGP route half-life-unreachable reuse suppress By default, BGP route dampening dampening. ceiling | route-policy is not configured. route-policy-name ] * To configure BGP route dampening (IPv6): Step Command Remarks Enter system view. system-view •...

  • Page 221: Configuring Preferences For Bgp Routes

    Step Command Remarks Enter BGP IPv4 unicast address family view or address-family ipv4 [ unicast ] BGP-VPN IPv4 unicast address family view. Specify a preferred value for peer { group-name | ip-address } routes received from a peer or The default preferred value is 0. preferred-value value peer group.

  • Page 222: Configuring The Default Local Preference

    Step Command Remarks • Enter BGP view: bgp as-number • Enter BGP view or BGP-VPN Enter BGP-VPN instance view: instance view. bgp as-number ip vpn-instance vpn-instance-name Enter BGP IPv4 unicast address family view or address-family ipv4 [ unicast ] BGP-VPN IPv4 unicast address family view.

  • Page 223: Configuring The Med Attribute

    Step Command Remarks Enter system view. system-view • Enter BGP view: bgp as-number • Enter BGP view or BGP-VPN Enter BGP-VPN instance view: instance view. bgp as-number ip vpn-instance vpn-instance-name Enter BGP IPv4 unicast address family view or address-family ipv4 [ unicast ] BGP-VPN IPv4 unicast address family view.

  • Page 224

    Step Command Remarks • Enter BGP view: bgp as-number • Enter BGP-VPN instance view: Enter BGP view or BGP-VPN instance view. bgp as-number ip vpn-instance vpn-instance-name Enter BGP IPv4 unicast address family view or address-family ipv4 [ unicast ] BGP-VPN IPv4 unicast address family view.

  • Page 225

    Step Command Remarks Enable MED comparison for compare-different-as-med By default, this feature is disabled. routes from different ASs. To enable MED comparison for routes from different ASs (IPv6): Step Command Remarks Enter system view. system-view Enter BGP view. bgp as-number Enter BGP IPv6 unicast address-family ipv6 [ unicast ] address family view.

  • Page 226

    3.3.3.3 200e However, Router C and Router A reside in the same AS, and Router C has a greater MED, so network 10.0.0.0 learned from Router C should not be optimal. You can configure the bestroute compare-med command to enable MED comparison for routes from the same AS on Router D.

  • Page 227: Configuring The Next_hop Attribute

    not belong to the confederation, BGP does not compare it with other routes. As a result, the first route becomes the optimal route. To enable MED comparison for routes from confederation peers (IPv4): Step Command Remarks Enter system view. system-view •...

  • Page 228

    Figure 57 NEXT_HOP attribute configuration If a BGP router has two peers on a broadcast network, it does not set itself as the next hop for routes sent to an EBGP peer by default. As shown in Figure 58, Router A and Router B establish an EBGP neighbor relationship, and Router B and Router C establish an IBGP neighbor relationship.

  • Page 229: Configuring The As_path Attribute

    To configure the NEXT_HOP attribute (IPv6): Step Command Remarks Enter system view. system-view Enter BGP view. bgp as-number Enter BGP IPv6 unicast address-family ipv6 [ unicast ] address family view. By default, the router sets itself as the next hop for routes sent to an Specify the router as the next peer { group-name | EBGP peer or peer group, but does...

  • Page 230

    Step Command Remarks Enter system view. system-view • Enter BGP view: bgp as-number • Enter BGP view or BGP-VPN Enter BGP-VPN instance view: instance view. bgp as-number ip vpn-instance vpn-instance-name Enter BGP IPv6 unicast address family view or address-family ipv6 [ unicast ] BGP-VPN IPv6 unicast address family view.

  • Page 231

    Step Command Remarks Enter BGP IPv6 unicast address family view or address-family ipv6 [ unicast ] BGP-VPN IPv6 unicast address family view. Disable BGP from considering By default, BGP considers AS_PATH during best route bestroute as-path-neglect AS_PATH during best route selection.

  • Page 232

    Configuring AS number substitution IMPORTANT: Do not configure AS number substitution in normal circumstances. Otherwise, routing loops might occur. To use BGP between PE and CE in MPLS L3VPN, VPN sites in different geographical areas should have different AS numbers. Otherwise, BGP discards route updates containing the local AS number. If two CEs connected to different PEs use the same AS number, you must configure AS number substitution on each PE to replace the AS number in route updates originated by the remote CE as its own AS number before advertising them to the connected CE.

  • Page 233

    Step Command Remarks • Enter BGP view: bgp as-number • Enter BGP view or BGP-VPN Enter BGP-VPN instance view: instance view. bgp as-number ip vpn-instance vpn-instance-name Configure AS number peer { group-name | By default, AS number substitution substitution for a peer or peer ipv6-address } substitute-as is not configured.

  • Page 234: Tuning And Optimizing Bgp Networks

    Step Command Remarks Configure BGP to remove By default, this feature is not private AS numbers from the configured. peer { group-name | AS_PATH attribute of updates ipv6-address } public-as-only This command is only applicable to sent to an EBGP peer or peer EBGP peers or peer groups.

  • Page 235

    Step Command Remarks • Enter BGP view: bgp as-number • Enter BGP view or BGP-VPN Enter BGP-VPN instance view: instance view. bgp as-number ip vpn-instance vpn-instance-name Use either method. By default, the keepalive interval is • Configure the global keepalive 60 seconds, and hold time is 180 interval and hold time: seconds.

  • Page 236: Configuring The Interval For Sending Updates For The Same Route

    Configuring the interval for sending updates for the same route A BGP router sends an update message to its peers when a route is changed. If the route changes frequently, the BGP router keeps sending updates for the same route, resulting route flapping. To prevent this situation, perform this task to configure the interval for sending updates for the same route to a peer or peer group.

  • Page 237: Enabling Immediate Reestablishment Of Direct Ebgp Connections Upon Link Failure

    Step Command Remarks • Enter BGP view: bgp as-number • Enter BGP view or BGP-VPN Enter BGP-VPN instance view: instance view. bgp as-number ip vpn-instance vpn-instance-name Enable BGP to establish an By default, BGP cannot establish EBGP session to an peer { group-name | ip-address } an EBGP session to an indirectly-connected peer or...

  • Page 238: Enabling 4-byte As Number Suppression

    Enabling 4-byte AS number suppression BGP supports 4-byte AS numbers. The 4-byte AS number occupies four bytes, in the range of 1 to 4294967295. By default, a device sends an Open message to the peer device for session establishment. The Open message indicates that the device supports 4-byte AS numbers. If the peer device supports 2-byte AS numbers instead of 4-byte AS numbers, the session cannot be established.

  • Page 239: Configuring Bgp Load Balancing

    Step Command Remarks Enter system view. system-view • Enter BGP view: bgp as-number • Enter BGP-VPN instance view: Enter BGP view or BGP-VPN Use either method. instance view. bgp as-number ip vpn-instance vpn-instance-name peer { group-name | ip-address } Enable MD5 authentication By default, MD5 authentication is password { cipher | simple } for a BGP peer group or peer.

  • Page 240: Configuring Ipsec For Ipv6 Bgp

    Step Command Remarks Specify the maximum number By default, load balancing is of BGP ECMP routes for load balance number disabled. balancing. To specify the maximum number of BGP ECMP routes for load balancing (IPv6): Step Command Remarks Enter system view. system-view •...

  • Page 241: Disabling Bgp To Establish A Session To A Peer Or Peer Group

    Step Command Remarks By default, no IPsec profile is configured for any IPv6 BGP peer peer { group-name | Apply the IPsec profile to an or peer group. ipv6-address } ipsec-profile IPv6 BGP peer or peer group. profile-name This command supports only IPsec profiles in manual mode.

  • Page 242

    To avoid tearing down BGP sessions, you can use one of the following soft-reset methods to apply the new policy: Enabling route-refresh—The BGP router advertises a route-refresh message to the specified peer, • and the peer resends its routing information to the router. After receiving the routing information, the router filters the routing information by using the new policy.

  • Page 243

    Step Command Remarks • Enter BGP view: bgp as-number • Enter BGP view or BGP-VPN Enter BGP-VPN instance view: instance view. bgp as-number ip vpn-instance vpn-instance-name • Enable BGP route refresh for the specified peer or peer group: peer { group-name | ipv6-address } capability-advertise route-refresh...

  • Page 244

    Step Command Remarks Enter BGP IPv6 unicast address-family ipv6 [ unicast ] address family view. By default, the routes are not saved. Save all route updates from peer { group-name | This command takes effect only for the peer or peer group. ipv6-address } keep-all-routes the routes received after this command is executed.

  • Page 245: Protecting An Ebgp Peer When Memory Usage Reaches Level 2 Threshold

    Step Command Remarks • Enter BGP view: bgp as-number • Enter BGP view or BGP-VPN Enter BGP-VPN instance view: instance view. bgp as-number ip vpn-instance vpn-instance-name • Enable BGP route refresh for the specified peer or peer group: peer { group-name | ipv6-address } capability-advertise route-refresh...

  • Page 246: Configuring Bgp Community

    Step Command Remarks • Enter BGP view: bgp as-number • Enter BGP view or BGP-VPN Enter BGP-VPN instance view: instance view. bgp as-number ip vpn-instance vpn-instance-name Configure BGP to protect an By default, BGP periodically tears EBGP peer or peer group peer { group-name | ip-address } down an EBGP session to release when the memory usage...

  • Page 247

    Step Command Remarks Enter system view. system-view • Enter BGP view: bgp as-number • Enter BGP view or BGP-VPN Enter BGP-VPN instance view: instance view. bgp as-number ip vpn-instance vpn-instance-name Enter BGP IPv4 unicast address family view or address-family ipv4 [ unicast ] BGP-VPN IPv4 unicast address family view.

  • Page 248: Configuring Bgp Route Reflection

    Step Command Remarks (Optional.) Apply a routing peer { group-name | By default, no routing policy is policy to routes advertised to ipv6-address } route-policy applied. a peer or peer group. route-policy-name export Configuring BGP route reflection Configuring a BGP route reflector Perform this task to configure a BGP route reflector and its clients.

  • Page 249

    Step Command Remarks Enable route reflection By default, route reflection reflect between-clients between clients. between clients is enabled. (Optional.) Configure the reflector cluster-id { cluster-id | By default, a route reflector uses its cluster ID of the route reflector. ip-address } own router ID as the cluster ID.

  • Page 250: Configuring A Bgp Confederation

    Step Command Remarks By default, BGP does ignore ORIGINATOR_ID attribute. Ignore the ORIGINATOR_ID peer { group-name | ip-address } Make sure that this attribute. ignore-originatorid command does result in a routing loop. After you execute this command, BGP also ignores the CLUSTER_LIST attribute.

  • Page 251: Configuring Bgp Gr

    Step Command Remarks Enter system view. system-view Enter BGP view. bgp as-number By default, no confederation ID is Configure a confederation ID. confederation id as-number configured. Specify peering sub-ASs in the confederation peer-as By default, no peering sub-AS is confederation. as-number-list specified.

  • Page 252: Enabling Snmp Notifications For Bgp

    exchange is not completed within the time, the GR restarter does not receive new routes. Instead, the GR restarter updates its routing table and forwarding table with the BGP routes already learned to complete BGP route convergence. The GR helper removes the stale routes. Follow these guidelines when you configure BGP GR: The End-Of-RIB indicates the end of route updates.

  • Page 253: Configuring Bfd For Bgp

    unicast log-info command. The logs are sent to the information center. The output rules of the logs (whether to output the logs and where to output) are determined by the information center configuration. For more information about information center configuration, see Network Management and Monitoring Configuration Guide.

  • Page 254: Configuring 6pe

    Step Command Remarks • Enter BGP view: bgp as-number Enter BGP view or BGP-VPN • Enter BGP-VPN instance view: instance view. bgp as-number ip vpn-instance vpn-instance-name Enable BFD to detect the link to the By default, BFD is peer ipv6-address bfd specified IPv6 BGP peer.

  • Page 255: Configuring Optional 6pe Capabilities

    Configure basic MPLS on 6PE devices (see MPLS Configuration Guide). • • Configure BGP on 6PE devices so that they can advertise tagged IPv6 routing information through BGP sessions. The following describes only BGP configurations on 6PE devices. To configure basic 6PE: Step Command Remarks...

  • Page 256: Displaying And Maintaining Bgp

    Step Command Remarks Specify an IPv6 prefix list to peer { group-name | ip-address } filter routes advertised to or By default, no IPv6 prefix list is prefix-list ipv6-prefix-name { export | received from the 6PE peer or specified. import } peer group.

  • Page 257

    Task Command Display BGP IPv4 unicast peer group display bgp group ipv4 [ unicast ] [ vpn-instance information. vpn-instance-name ] [ group-name ] display bgp peer ipv4 [ unicast ] [ vpn-instance Display BGP IPv4 unicast peer or peer vpn-instance-name ] [ ip-address { log-info | verbose } | group information.

  • Page 258

    Task Command reset bgp flap-info ipv4 [ unicast ] [ vpn-instance Clear BGP IPv4 unicast route flap vpn-instance-name ] [ network-address [ mask | mask-length ] | information. as-path-acl as-path-acl-number | peer peer-address ] Execute display commands in any view and reset commands in user view (IPv6). Task Command Display BGP IPv6 unicast peer group...

  • Page 259: Ipv4 Bgp Configuration Examples

    Task Command Display information about routes advertised by the network command and display bgp network ipv6 [ unicast ] [ vpn-instance shortcut routes configured by the network vpn-instance-name ] short-cut command. Display BGP path attribute information. display bgp paths [ as-regular-expression ] display bgp update-group ipv6 [ unicast ] [ ip-address | ipv6-address ] Display BGP IPv6 unicast address family...

  • Page 260

    The EBGP peers, Router A and Router B (usually in different ISPs), are located in different ASs. Typically, their loopback interfaces are not reachable to each other, so directly connected interfaces are used for establishing BGP sessions. To enable Router C to access the network 8.1.1.0/24 connected directly to Router A, inject network 8.1.1.0/24 to the BGP routing table of Router A.

  • Page 261

    2.2.2.2 65009 0 00:06:09 Established The output shows that Router C has established an IBGP peer relationship with Router B. Configure EBGP: # Configure Router A. <RouterA> system-view [RouterA] bgp 65008 [RouterA-bgp] router-id 1.1.1.1 [RouterA-bgp] peer 3.1.1.1 as-number 65009 [RouterA-bgp] address-family ipv4 unicast [RouterA-bgp-ipv4] peer 3.1.1.1 enable [RouterA-bgp-ipv4] network 8.1.1.0 24 [RouterA-bgp-ipv4] quit...

  • Page 262

    [RouterB] display bgp routing-table ipv4 Total number of routes: 1 BGP local router ID is 2.2.2.2 Status codes: * - valid, > - best, d - damped, h - history, s - suppressed, S - Stale, i - internal, e - external Origin: i - IGP, e - EGP, ? - incomplete Network NextHop...

  • Page 263: Bgp And Igp Route Redistribution Configuration Example

    * >e 2.2.2.2/32 3.1.1.1 65009? e 3.1.1.0/24 3.1.1.1 65009? * > 8.1.1.0/24 8.1.1.1 * >e 9.1.1.0/24 3.1.1.1 65009? Two routes 2.2.2.2/32 and 9.1.1.0/24 have been added in Router A's routing table. # Display the BGP routing table on Router C. [RouterC] display bgp routing-table ipv4 Total number of routes: 4 BGP local router ID is 3.3.3.3...

  • Page 264

    Figure 63 Network diagram AS 65009 AS 65008 Loop0 Loop0 Loop0 1.1.1.1/32 2.2.2.2/32 3.3.3.3/32 Eth1/1 EBGP OSPF Eth1/2 8.1.1.1/24 9.1.2.1/24 Eth1/2 Eth1/1 Eth1/2 Eth1/1 3.1.1.2/24 3.1.1.1/24 9.1.1.1/24 9.1.1.2/24 Router A Router B Router C Configuration considerations Configure BGP to redistribute routes from OSPF on Router B, so Router A can obtain the route to 9.1.2.0/24.

  • Page 265

    # Configure Router B. [RouterB] bgp 65009 [RouterB-bgp] router-id 2.2.2.2 [RouterB-bgp] peer 3.1.1.2 as-number 65008 [RouterB-bgp] address-family ipv4 unicast [RouterB-bgp-ipv4] peer 3.1.1.2 enable Configure BGP and IGP route redistribution: # Configure route redistribution between BGP and OSPF on Router B. [RouterB-bgp-ipv4] import-route ospf 1 [RouterB-bgp-ipv4] quit [RouterB-bgp] quit...

  • Page 266: Bgp Route Summarization Configuration Example

    Verifying the configuration # Use ping to test connectivity. [RouterA] ping -a 8.1.1.1 9.1.2.1 Ping 9.1.2.1 (9.1.2.1) from 8.1.1.1: 56 data bytes, press escape sequence to break 56 bytes from 9.1.2.1: icmp_seq=0 ttl=254 time=10.000 ms 56 bytes from 9.1.2.1: icmp_seq=1 ttl=254 time=12.000 ms 56 bytes from 9.1.2.1: icmp_seq=2 ttl=254 time=2.000 ms 56 bytes from 9.1.2.1: icmp_seq=3 ttl=254 time=7.000 ms 56 bytes from 9.1.2.1: icmp_seq=4 ttl=254 time=9.000 ms...

  • Page 267

    Figure 64 Network diagram Configuration procedure Configure IP addresses for interfaces. (Details not shown.) Configure static routing between Router A and Router B: # Configure a default route with the next hop 192.168.212.1 on Router A. <RouterA> system-view [RouterA] ip route-static 0.0.0.0 0 192.168.212.1 # Configure static routes to 192.168.64.0/24, 192.168.74.0/24, and 192.168.99.0/24 with the same next hop 192.168.212.161 on Router B.

  • Page 268

    Summary Count : 5 OSPF Routing table Status : <Active> Summary Count : 3 Destination/Mask Proto Cost NextHop Interface 192.168.64.0/24 OSPF 172.17.100.1 Eth1/1 192.168.74.0/24 OSPF 172.17.100.1 Eth1/1 192.168.99.0/24 OSPF 172.17.100.1 Eth1/1 OSPF Routing table Status : <Inactive> Summary Count : 2 Destination/Mask Proto Cost...

  • Page 269: Bgp Load Balancing Configuration Example

    192.168.99.0/24 10.220.2.16 Eth1/1 BGP Routing table Status : <Inactive> Summary Count : 0 The output shows that Router D has learned routes to 192.168.64.0/24, 192.168.74.0/24, and 192.168.99.0/24 through BGP. After the above configurations, ping the hosts on networks 192.168.64.0/24, 192.168.74.0/24, and 192.168.99.0/24 from Router D. The ping operations succeed. Configure route summarization on Router C to summarize 192.168.64.0/24, 192.168.74.0/24, and 192.168.99.0/24 into a single route 192.168.64.0/18 and disable advertisement of the more specific routes.

  • Page 270

    Figure 65 Network diagram Configuration considerations On Router A, establish EBGP connections with Router B and Router C. Configure BGP to advertise network 8.1.1.0/24 to Router B and Router C, so that Router B and Router C can access the internal network connected to Router A.

  • Page 271

    [RouterB-bgp] router-id 2.2.2.2 [RouterB-bgp] peer 3.1.1.2 as-number 65008 [RouterB-bgp] peer 3.3.3.3 as-number 65009 [RouterB-bgp] peer 3.3.3.3 connect-interface loopback 0 [RouterB-bgp] address-family ipv4 unicast [RouterB-bgp-ipv4] peer 3.1.1.2 enable [RouterB-bgp-ipv4] peer 3.3.3.3 enable [RouterB-bgp-ipv4] network 9.1.1.0 24 [RouterB-bgp-ipv4] quit [RouterB-bgp] quit [RouterB] ip route-static 3.3.3.3 32 9.1.1.2 # Configure Router C.

  • Page 272: Bgp Community Configuration Example

    [RouterA-bgp] address-family ipv4 unicast [RouterA-bgp-ipv4] balance 2 [RouterA-bgp-ipv4] quit [RouterA-bgp] quit Verifying the configuration # Display the BGP routing table on Router A. [RouterA] display bgp routing-table ipv4 Total number of routes: 3 BGP local router ID is 1.1.1.1 Status codes: * - valid, > - best, d - damped, h - history, s - suppressed, S - Stale, i - internal, e - external Origin: i - IGP, e - EGP, ? - incomplete Network...

  • Page 273

    Configuration procedure Configure IP addresses for interfaces. (Details not shown.) Configure EBGP connections: # Configure Router A. <RouterA> system-view [RouterA] bgp 10 [RouterA-bgp] router-id 1.1.1.1 [RouterA-bgp] peer 200.1.2.2 as-number 20 [RouterA-bgp] address-family ipv4 unicast [RouterA-bgp-ipv4] peer 200.1.2.2 enable [RouterA-bgp-ipv4] network 9.1.1.0 255.255.255.0 [RouterA-bgp-ipv4] quit [RouterA-bgp] quit # Configure Router B.

  • Page 274

    Origin : igp Attribute value : pref-val 0 State : valid, external, best, # Display advertisement information for the route 9.1.1.0 on Router B. [RouterB] display bgp routing-table ipv4 9.1.1.0 advertise-info BGP local router ID: 2.2.2.2 Local AS number: 20 Paths: 1 best BGP routing table information of 9.1.1.0/24:...

  • Page 275: Bgp Route Reflector Configuration Example

    Paths: 1 available, 1 best BGP routing table information of 9.1.1.0/24: From : 200.1.2.1 (1.1.1.1) Relay nexthop : 200.1.2.1 Original nexthop: 200.1.2.1 OutLabel : NULL Community : No-Export AS-path : 10 Origin : igp Attribute value : pref-val 0 State : valid, external, best, # Display advertisement information for the route 9.1.1.0 on Router B.

  • Page 276

    Figure 67 Network diagram Configuration procedure Configure IP addresses for interfaces. (Details not shown.) Configure BGP connections: # Configure Router A. <RouterA> system-view [RouterA] bgp 100 [RouterA-bgp] router-id 1.1.1.1 [RouterA-bgp] peer 192.1.1.2 as-number 200 [RouterA-bgp] address-family ipv4 unicast [RouterA-bgp-ipv4] peer 192.1.1.2 enable # Inject network 20.0.0.0/8 to the BGP routing table.

  • Page 277

    [RouterC-bgp-ipv4] peer 194.1.1.2 enable [RouterC-bgp-ipv4] quit [RouterC-bgp] quit # Configure Router D. <RouterD> system-view [RouterD] bgp 200 [RouterD-bgp] router-id 4.4.4.4 [RouterD-bgp] peer 194.1.1.1 as-number 200 [RouterD-bgp] address-family ipv4 unicast [RouterD-bgp-ipv4] peer 194.1.1.1 enable [RouterD-bgp-ipv4] quit [RouterD-bgp] quit Configure Router C as the route reflector. [RouterC] bgp 200 [RouterC-bgp] address-family ipv4 unicast [RouterC-bgp-ipv4] peer 193.1.1.2 reflect-client...

  • Page 278: Bgp Confederation Configuration Example

    Router D has learned the route 20.0.0.0/8 from Router C. BGP confederation configuration example Network requirements As shown in Figure 68, to reduce IBGP connections, AS 200 is split into three sub-ASs: AS65001, AS65002, and AS65003. Routers in AS65001 are fully meshed. Figure 68 Network diagram Router C Router B...

  • Page 279

    [RouterA-bgp-ipv4] peer 10.1.2.2 next-hop-local [RouterA-bgp-ipv4] quit [RouterA-bgp] quit # Configure Router B. <RouterB> system-view [RouterB] bgp 65002 [RouterB-bgp] router-id 2.2.2.2 [RouterB-bgp] confederation id 200 [RouterB-bgp] confederation peer-as 65001 65003 [RouterB-bgp] peer 10.1.1.1 as-number 65001 [RouterB-bgp] address-family ipv4 unicast [RouterB-bgp-ipv4] peer 10.1.1.1 enable [RouterB-bgp-ipv4] quit [RouterB-bgp] quit # Configure Router C.

  • Page 280

    [RouterD-bgp-ipv4] quit [RouterD-bgp] quit # Configure Router E. <RouterE> system-view [RouterE] bgp 65001 [RouterE-bgp] router-id 5.5.5.5 [RouterE-bgp] confederation id 200 [RouterE-bgp] peer 10.1.4.1 as-number 65001 [RouterE-bgp] peer 10.1.5.1 as-number 65001 [RouterE-bgp] address-family ipv4 unicast [RouterE-bgp-ipv4] peer 10.1.4.1 enable [RouterE-bgp-ipv4] peer 10.1.5.1 enable [RouterE-bgp-ipv4] quit [RouterE-bgp] quit Configure the EBGP connection between AS 100 and AS 200:...

  • Page 281

    [RouterB] display bgp routing-table ipv4 9.1.1.0 BGP local router ID: 2.2.2.2 Local AS number: 65002 Paths: 1 available, 1 best BGP routing table information of 9.1.1.0/24: From : 10.1.1.1 (1.1.1.1) Relay nexthop : 10.1.1.1 Original nexthop: 10.1.1.1 OutLabel : NULL AS-path : (65001) 100 Origin...

  • Page 282: Bgp Path Selection Configuration Example

    Router B and Router D are in the same confederation, but belong to different sub-ASs. They obtain • external route information from Router A and generate identical BGP route entries although they have no direct connection in between. BGP path selection configuration example Network requirements As shown in Figure...

  • Page 283

    [RouterC-ospf-1-area-0.0.0.0] network 195.1.1.0 0.0.0.255 [RouterC-ospf-1-area-0.0.0.0] quit [RouterC-ospf-1] quit # Configure Router D. <RouterD> system-view [RouterD] ospf [RouterD-ospf] area 0 [RouterD-ospf-1-area-0.0.0.0] network 194.1.1.0 0.0.0.255 [RouterD-ospf-1-area-0.0.0.0] network 195.1.1.0 0.0.0.255 [RouterD-ospf-1-area-0.0.0.0] quit [RouterD-ospf-1] quit Configure BGP connections: # Configure Router A. <RouterA> system-view [RouterA] bgp 100 [RouterA-bgp] peer 192.1.1.2 as-number 200 [RouterA-bgp] peer 193.1.1.2 as-number 200...

  • Page 284

    [RouterD-bgp-ipv4] peer 194.1.1.2 enable [RouterD-bgp-ipv4] peer 195.1.1.2 enable [RouterD-bgp-ipv4] quit [RouterD-bgp] quit Configure different attribute values for the route 1.0.0.0/8 to make Router D give priority to the route learned from Router C: (Method 1.) Specify a higher MED value for the route 1.0.0.0/8 advertised to 192.1.1.2 to make Router D give priority to the route learned from Router C: # Define ACL 2000 to permit the route 1.0.0.0/8.

  • Page 285: Bgp Gr Configuration Example

    # Define ACL 2000 to permit the route 1.0.0.0/8 on Router C. [RouterC] acl number 2000 [RouterC-acl-basic-2000] rule permit source 1.0.0.0 0.255.255.255 [RouterC-acl-basic-2000] quit # Define routing policy localpref on Router C to set the local preference of route 1.0.0.0/8 to 200 (the default is 100).

  • Page 286

    Configuration procedure Configure Router A: # Configure IP addresses for interfaces. (Details not shown.) # Configure the EBGP connection. <RouterA> system-view [RouterA] bgp 65008 [RouterA-bgp] router-id 1.1.1.1 [RouterA-bgp] peer 200.1.1.1 as-number 65009 # Enable GR capability for BGP. [RouterA-bgp] graceful-restart # Inject network 8.0.0.0/8 to the IPv4 BGP routing table.

  • Page 287: Bfd For Bgp Configuration Example

    [RouterC-bgp-ipv4] peer 9.1.1.1 enable Verifying the configuration Ping Router C on Router A. Meanwhile, perform an active/standby switchover on Router B. The ping operation is successful during the whole switchover process. BFD for BGP configuration example Network requirements As shown in Figure Run OSPF in AS 200.

  • Page 288

    [RouterA-acl-basic-2000] quit # Create two route policies, apply_med_50 and apply_med_100. Policy apply_med_50 sets the MED for route 1.1.1.0/24 to 50. Policy apply_med_100 sets that to 100. [RouterA] route-policy apply_med_50 permit node 10 [RouterA-route-policy-apply_med_50-10] if-match ip address acl 2000 [RouterA-route-policy-apply_med_50-10] apply cost 50 [RouterA-route-policy-apply_med_50-10] quit [RouterA] route-policy apply_med_100 permit node 10 [RouterA-route-policy-apply_med_100-10] if-match ip address acl 2000...

  • Page 289

    Session State: Up Interface: N/A Min Tx Inter: 500ms Act Tx Inter: 500ms Min Rx Inter: 500ms Detect Inter: 2500ms Rx Count: 135 Tx Count: 135 Connect Type: Indirect Running Up for: 00:00:58 Hold Time: 2457ms Auth mode: None Detect Mode: Async Slot: 0 Protocol: BGP Diag Info: No Diagnostic...

  • Page 290: Ipv6 Bgp Configuration Examples

    <RouterC> display ip routing-table 1.1.1.0 24 verbose Summary Count : 1 Destination: 1.1.1.0/24 Protocol: BGP Process ID: 0 SubProtID: 0x1 Age: 00h03m08s Cost: 100 Preference: 255 Tag: 0 State: Active Adv OrigTblID: 0x1 OrigVrf: default-vrf TableID: 0x2 OrigAs: 0 NBRID: 0x15000000 LastAs: 0 AttrID: 0x0 Neighbor: 2.0.1.1...

  • Page 291

    [RouterB-bgp] address-family ipv6 [RouterB-bgp-ipv6] peer 9::2 enable [RouterB-bgp-ipv6] quit # Configure Router C. <RouterC> system-view [RouterC] bgp 65009 [RouterC-bgp] router-id 3.3.3.3 [RouterC-bgp] peer 9::1 as-number 65009 [RouterC-bgp] address-family ipv6 [RouterC-bgp-ipv6] peer 9::1 enable Configure EBGP: # Configure Router A. <RouterA> system-view [RouterA] bgp 65008 [RouterA-bgp] router-id 1.1.1.1 [RouterA-bgp] peer 10::1 as-number 65009...

  • Page 292

    9::2 65009 1 00:29:00 Established 10::2 65008 2 00:27:20 Established The output shows that Router A and Router B have established an EBGP connection, and Router B and Router C have established an IBGP connection. # Display IPv6 BGP routing table information on Router A. [RouterA] display bgp routing-table ipv6 Total number of routes: 4 BGP local router ID is 1.1.1.1...

  • Page 293: Ipv6 Bgp Route Reflector Configuration Example

    Origin: i - IGP, e - EGP, ? - incomplete * > Network : 9:: PrefixLen : 64 NextHop : :: LocPrf PrefVal : 32768 OutLabel : NULL Path/Ogn: i i Network : 9:: PrefixLen : 64 NextHop : 9::1 LocPrf : 100 PrefVal : 0...

  • Page 294

    Configuration procedure Configure IPv6 addresses for interfaces and IPv4 addresses for loopback interfaces. (Details not shown.) Configure IBGP and EBGP connections and advertise network routes through IPv6 BGP: # Configure Router A. <RouterA> system-view [RouterA] bgp 100 [RouterA-bgp] router-id 1.1.1.1 [RouterA-bgp] peer 100::2 as-number 200 [RouterA-bgp] address-family ipv6 [RouterA-bgp-ipv6] peer 100::2 enable...

  • Page 295

    [RouterD-bgp-ipv6] network 102:: 96 Configure Router C as a route reflector, and configure Router B and Router D as its clients. [RouterC-bgp-ipv6] peer 101::2 reflect-client [RouterC-bgp-ipv6] peer 102::2 reflect-client [RouterC-bgp-ipv6] quit [RouterC-bgp] quit Verifying the configuration # Execute the display bgp routing-table ipv6 command on Router D. [RouterD] display bgp routing-table ipv6 Total number of routes: 5 BGP local router ID is 4.4.4.4...

  • Page 296: Pe Configuration Example

    6PE configuration example Network requirements Use 6PE to connect two isolated IPv6 networks over an IPv4/MPLS network: The ISP uses OSPF as the IGP. • PE 1 and PE 2 are edge devices of the ISP, and establish an IPv4 IBGP connection between them. •...

  • Page 297

    [PE1-bgp-ipv6] import-route static [PE1-bgp-ipv6] peer 3.3.3.3 enable [PE1-bgp-ipv6] peer 3.3.3.3 label-route-capability [PE1-bgp-ipv6] quit [PE1-bgp] quit # Configure the static route to CE 1. [PE1] ipv6 route-static 1::1 128 10::1 # Configure OSPF for the ISP. [PE1] ospf [PE1-ospf-1] area 0 [PE1-ospf-1-area-0.0.0.0] network 2.2.2.2 0.0.0.0 [PE1-ospf-1-area-0.0.0.0] network 1.1.0.0 0.0.255.255 [PE1-ospf-1-area-0.0.0.0] quit...

  • Page 298

    [PE2-ospf-1] quit Configure a static route, with PE 1 as the default next hop. <CE1> system-view [CE1] ipv6 route-static :: 0 10::2 Configure a static route on CE 2, with PE 2 as the default next hop. <CE2> system-view [CE2] ipv6 route-static :: 0 20::2 Verifying the configuration # Display the IPv6 BGP routing table on PE 1.

  • Page 299: Bfd For Ipv6 Bgp Configuration Example

    # Ping the IPv6 address 4::4 (loopback interface address) of CE 2 from CE 1. The ping operation succeeds. BFD for IPv6 BGP configuration example Network requirements As shown in Figure 75, configure OSPFv3 as the IGP in AS 200. Establish two IBGP connections between Router A and Router C.

  • Page 300

    [RouterA] route-policy apply_med_50 permit node 10 [RouterA-route-policy-apply_med_50-10] if-match ipv6 address acl 2000 [RouterA-route-policy-apply_med_50-10] apply cost 50 [RouterA-route-policy-apply_med_50-10] quit [RouterA] route-policy apply_med_100 permit node 10 [RouterA-route-policy-apply_med_100-10] if-match ipv6 address acl 2000 [RouterA-route-policy-apply_med_100-10] apply cost 100 [RouterA-route-policy-apply_med_100-10] quit # Apply routing policy apply_med_50 to routes outgoing to peer 3002::2, and apply routing policy apply_med_100 to routes outgoing to peer 2002::2.

  • Page 301

    Connect Type: Indirect Running Up for: 00:00:05 Hold Time: 2243ms Auth mode: None Detect Mode: Async Slot: 0 Protocol: BGP6 Diag Info: No Diagnostic The output shows that a BFD session has been established between Router A and Router C. # Display BGP peer information on Router C.

  • Page 302: Ipsec For Ipv6 Bgp Packets Configuration Example

    Destination: 1200::/64 Protocol: BGP4+ Process ID: 0 SubProtID: 0x1 Age: 00h00m57s Cost: 100 Preference: 255 Tag: 0 State: Active Adv OrigTblID: 0x1 OrigVrf: default-vrf TableID: 0xa OrigAs: 0 NBRID: 0x25000000 LastAs: 0 AttrID: 0x0 Neighbor: 2001::1 Flags: 0x10060 OrigNextHop: 2001::1 Label: NULL RealNextHop: FE80::20C:29FF:FE40:715 BkLabel: NULL...

  • Page 303

    [RouterB] bgp 65008 [RouterB-bgp] router-id 2.2.2.2 [RouterB-bgp] group ibgp internal [RouterB-bgp] peer 1::1 group ibgp [RouterB-bgp] address-family ipv6 unicast [RouterB-bgp-ipv6] peer ibgp enable [RouterB-bgp-ipv6] quit Establish an EBGP connection between Router B and Router C: # Configure Router C. <RouterC> system-view [RouterC] bgp 65009 [RouterC-bgp] router-id 3.3.3.3 [RouterC-bgp] group ebgp external...

  • Page 304

    algorithm to SHA1. Create IPsec profile named policy001, specify the manual mode for it, reference IPsec transform set tran1, and set the SPIs of the inbound and outbound SAs to 12345 and the keys for the inbound and outbound SAs using ESP to abcdefg. Create an IPsec transform set named tran2, and set the encapsulation mode to transport mode, the security protocol to ESP, the encryption algorithm to DES, and authentication algorithm to SHA1.

  • Page 305

    Configure IPsec to protect IPv6 BGP packets between Router A and Router B: # Configure Router A. [RouterA] bgp 65008 [RouterA-bgp] peer 1::2 ipsec-profile policy001 [RouterA-bgp] quit # Configure Router B. [RouterB] bgp 65008 [RouterB-bgp] peer 1::1 ipsec-profile policy001 [RouterB-bgp] quit Configure IPsec to protect IPv6 BGP packets between Router B and Router C: # Configure Router C.

  • Page 306: Troubleshooting Bgp

    Peer preferred value: 0 IPsec profile name: policy001 Routing policy configured: No routing policy is configured Peer: 3::2 Local: 2.2.2.2 Type: EBGP link BGP version 4, remote router ID 3.3.3.3 BGP current state: Established, Up for 00h05m00s BGP current event: KATimerExpired BGP last state: OpenConfirm Port: Local - 24897...

  • Page 307: Analysis

    Analysis To become BGP peers, any two routers must establish a TCP connection using port 179 and exchange Open messages successfully. Solution Use the display current-configuration command to verify the current configuration, and verify that the peer's AS number is correct. Use the display bgp peer ipv4 unicast or display bgp peer ipv6 unicast command to verify that the peer's IP address/IPv6 address is correct.

  • Page 308: Introduction To Pbr

    Configuring PBR Introduction to PBR Policy-based routing (PBR) uses user-defined policies to route packets. A policy can specify the next hop, output interface, default next hop, default output interface, and other parameters for packets that match specific criteria such as ACLs or that have specific lengths. A device forwards received packets using the following process: The device uses PBR to forward matching packets.

  • Page 309

    apply clause PBR supports the following types of apply clauses, as shown in Table 8. You can specify multiple apply clauses for a node, but some of them might not be executed. The apply clauses that determine the packet forwarding paths are apply access-vpn vpn-instance, apply next-hop, apply output-interface, apply default-next-hop, and apply default-output-interface in a descending priority order.

  • Page 310: Pbr And Track

    Relationship between the match mode and clauses on the node Does a packet match all Match mode the if-match clauses on permit Deny the node? • If the node is configured with an apply clause, PBR executes the apply clause on the node. If PBR successfully guides the forwarding of the packet, PBR does not match the packet against...

  • Page 311: Configuring A Policy

    Configuring a policy Creating a node Step Command Remarks Enter system view. system-view Create a node for a policy, and policy-based-route policy-name By default, no policy node is enter policy node view. [ deny | permit ] node node-number created. Configuring match criteria for a node Step Command...

  • Page 312

    Step Command Remarks By default, no VPN instance is specified. You can specify up to m VPN instances Set VPN apply access-vpn vpn-instance for a node. The matching packets are instances. vpn-instance-name&<1-n> forwarded according to the forwarding table of the first available VPN instance.

  • Page 313

    Step Command Remarks By default, no default output interface is specified. You can specify multiple default output Set default apply default-output-interface { interface-type interfaces for backup or load sharing output interface-number [ track by executing this command once or interfaces. track-entry-number ] }&<1-n>...

  • Page 314: Displaying And Maintaining Pbr

    You can apply only one policy to an interface. Before you apply a new policy, you must first remove the current policy from the interface. You can apply a policy to multiple interfaces. To configure interface PBR: Step Command Remarks Enter system system-view view.

  • Page 315

    Figure 77 Network diagram Configuration procedure Configure Router A: # Configure the IP addresses of the serial interfaces. <RouterA> system-view [RouterA] interface serial 2/0 [RouterA-Serial2/0] ip address 1.1.2.1 24 [RouterA-Serial2/0] quit [RouterA] interface serial 2/1 [RouterA-Serial2/1] ip address 1.1.3.1 24 [RouterA-Serial2/1] quit # Configure ACL 3101 to match TCP packets.

  • Page 316: Packet Type-based Interface Pbr Configuration Example

    Packet type-based interface PBR configuration example Network requirements As shown in Figure 78, configure PBR on Router A to forward all TCP packets received on Ethernet 1/1 to the next hop 1.1.2.2. Router A forwards other packets according to the routing table. Figure 78 Network diagram Router B Router C...

  • Page 317: Packet Length-based Interface Pbr Configuration Example

    [RouterA] interface ethernet 1/1 [RouterA-Ethernet1/1] ip address 10.110.0.10 24 [RouterA-Ethernet1/1] ip policy-based-route aaa [RouterA-Ethernet1/1] quit Configure Router B: # Configure the IP address of the serial interface. <RouterB> system-view [RouterB] interface serial 2/0 [RouterB-Serial2/0] ip address 1.1.2.2 24 [RouterB-Serial2/0] quit # Configure a static route to subnet 10.110.0.0/24.

  • Page 318

    Figure 79 Network diagram Configuration procedure Configure Router A: # Configure the IP addresses of the serial interfaces. <RouterA> system-view [RouterA] interface serial 2/0 [RouterA-Serial2/0] ip address 150.1.1.1 24 [RouterA-Serial2/0] quit [RouterA] interface serial 2/1 [RouterA-Serial2/1] ip address 151.1.1.1 24 [RouterA-Serial2/1] quit # Configure RIP.

  • Page 319

    [RouterB-Serial2/0] ip address 150.1.1.2 24 [RouterB-Serial2/0] quit [RouterB] interface serial 2/1 [RouterB-Serial2/1] ip address 151.1.1.2 24 [RouterB-Serial2/1] quit # Configure the loopback interface address. [RouterB] interface loopback 0 [RouterB-LoopBack0] ip address 10.1.1.1 32 [RouterB-LoopBack0] quit # Configure RIP. [RouterB] rip [RouterB-rip-1] network 10.0.0.0 [RouterB-rip-1] network 150.1.0.0 [RouterB-rip-1] network 151.1.0.0...

  • Page 320

    Ping statistics for 10.1.1.1: Packets: Sent = 1, Received = 1, Lost = 0 (0% loss), Approximate round trip times in milli-seconds: Minimum = 1ms, Maximum = 1ms, Average = 1ms The debugging information about PBR displayed on Router A is as follows: <RouterA>...

  • Page 321: Configuring Ipv6 Static Routing, Configuring An Ipv6 Static Route

    Configuring IPv6 static routing Static routes are manually configured and cannot adapt to network topology changes. If a fault or a topological change occurs in the network, the network administrator must modify the static routes manually. IPv6 static routing works well in a simple IPv6 network. Configuring an IPv6 static route Before you configure an IPv6 static route, complete the following tasks: Configure parameters for the related interfaces.

  • Page 322: Configuring Bfd For Ipv6 Static Routes

    Configuring BFD for IPv6 static routes BFD provides a general purpose, standard, and medium- and protocol-independent fast failure detection mechanism. It can uniformly and quickly detect the failures of the bidirectional forwarding paths between two routers for protocols, such as routing protocols and MPLS. For more information about BFD, see High Availability Configuration Guide.

  • Page 323

    Step Command Remarks • Method 1: ipv6 route-static ipv6-address prefix-length { next-hop-address bfd control-packet bfd-source ipv6-address | vpn-instance d-vpn-instance-name Use either next-hop-address bfd control-packet bfd-source ip-address } method. [ preference preference-value ] [ tag tag-value ] [ description Configure BFD By default, BFD description-text ] control mode for an...

  • Page 324: Displaying And Maintaining Ipv6 Static Routes

    Step Command Remarks • Method 1: ipv6 route-static ipv6-address prefix-length interface-type interface-number next-hop-address bfd echo-packet Use either method. [ preference preference-value ] [ tag tag-value ] [ description description-text ] By default, BFD echo mode for Configure BFD echo • an IPv6 static route is not Method 2: mode for an IPv6...

  • Page 325

    Figure 80 Network diagram Configuration procedure Configure IPv6 addresses for interfaces. (Details not shown.) Configure IPv6 static routes: # Configure the default IPv6 route on Router A. <RouterA> system-view [RouterA] ipv6 route-static :: 0 4::2 # Configure two IPv6 static routes on Router B. <RouterB>...

  • Page 326

    [RouterB] display ipv6 routing-table protocol static Summary Count : 2 Static Routing table Status : <Active> Summary Count : 2 Destination: 1::/64 Protocol : Static NextHop : 4::1 Preference: 60 Interface : Eth1/1 Cost Destination: 3::/64 Protocol : Static NextHop : 5::1 Preference: 60 Interface...

  • Page 327: Bfd For Ipv6 Static Routes Configuration Example (direct Next Hop)

    BFD for IPv6 static routes configuration example (direct next hop) Network requirements Figure 81, configure an IPv6 static route to subnet 120::/64 on Router A, and configure an IPv6 static route to subnet 121::/64 on Router B. Enable BFD for both routes. Configure an IPv6 static route to subnet 120::/64 and an IPv6 static route to subnet 121::/64 on Router C.

  • Page 328

    [RouterB-Ethernet1/1] bfd min-receive-interval 500 [RouterB-Ethernet1/1] bfd detect-multiplier 9 [RouterB-Ethernet1/1] quit [RouterB] ipv6 route-static 121:: 64 ethernet 1/1 FE80::2A0:FCFF:FE00:580A bfd control-packet [RouterB] ipv6 route-static 121:: 64 13::2 preference 65 [RouterB] quit # Configure IPv6 static routes on Router C. <RouterC> system-view [RouterC] ipv6 route-static 120:: 64 13::1 [RouterC] ipv6 route-static 121:: 64 10::102 Verifying the configuration...

  • Page 329: Bfd For Ipv6 Static Routes Configuration Example (indirect Next Hop)

    Summary Count : 1 Static Routing table Status : <Active> Summary Count : 1 Destination: 120::/64 Protocol : Static NextHop : 10::100 Preference: 65 Interface : Eth1/2 Cost Static Routing table Status : <Inactive> Summary Count : 0 The output shows that Router A communicates with Router B through Ethernet 1/2. BFD for IPv6 static routes configuration example (indirect next hop) Network requirements...

  • Page 330

    Configuration procedure Configure IPv6 addresses for interfaces. (Details not shown.) Configure IPv6 static routes and BFD: # Configure IPv6 static routes on Router A and enable BFD control packet mode for the IPv6 static route that traverses Router D. <RouterA> system-view [RouterA] interface loopback 1 [RouterA-LoopBack1] bfd min-transmit-interval 500 [RouterA-LoopBack1] bfd min-receive-interval 500...

  • Page 331

    The output shows that the BFD session has been created. # Display IPv6 static routes on Router A. <RouterA> display ipv6 routing-table protocol static Summary Count : 1 Static Routing table Status : <Active> Summary Count : 1 Destination: 120::/64 Protocol : Static NextHop...

  • Page 332: Configuring An Ipv6 Default Route

    Configuring an IPv6 default route A default IPv6 route is used to forward packets that match no entry in the routing table. A default IPv6 route can be configured in either of the following ways: The network administrator can configure a default route with a destination prefix of ::/0. For more •...

  • Page 333: Configuring Ripng

    Configuring RIPng RIP next generation (RIPng) is an extension of RIP-2 for support of IPv6. Most RIP concepts are applicable to RIPng. Overview RIPng is a distance vector routing protocol. It employs UDP to exchange route information through port 521. RIPng uses a hop count to measure the distance to a destination. The hop count is the metric or cost. The hop count from a router to a directly connected network is 0.

  • Page 334: Ripng Configuration Task List, Configuring Basic Ripng

    When a RIPng neighbor receives the request packet, it sends back a response packet that contains the local routing table. RIPng can also advertise route updates in response packets periodically or advertise a triggered update caused by a route change. After RIPng receives the response, it checks the validity of the response before adding routes to its routing table, such as whether the source IPv6 address is the link-local address and whether the port number is correct.

  • Page 335: Configuring Ripng Route Control, Configuring Ripng Route Summarization

    Step Command Remarks Return to system view. quit interface interface-type Enter interface view. interface-number By default, RIPng is disabled. If RIPng is not enabled on an Enable RIPng on the interface. ripng process-id enable interface, the interface does not send or receive any RIPng route.

  • Page 336: Advertising A Default Route

    For example, RIPng has two specific routes to be advertised through an interface: 1:1 1:1 1::24 with a metric of a 2 and 1:1 1:12::34 with a metric of 3. Configure route summarization on the interface, so RIPng advertises a single route 1 1::0/16 with a metric of 2. To configure RIPng route summarization: Step Command...

  • Page 337: Configuring A Preference For Ripng

    Configuring a preference for RIPng Routing protocols each have a preference. When they find routes to the same destination, the route found by the routing protocol with the highest preference is selected as the optimal route. You can manually set a preference for RIPng.

  • Page 338: Configuring Zero Field Check On Ripng Packets

    Configuring split horizon Split horizon disables RIPng from sending routes through the interface where the routes were learned to prevent routing loops between neighbors. HP recommends enabling split horizon to prevent routing loops in normal cases. To configure split horizon: Step...

  • Page 339

    RIPng does not process the packets. If you are certain that all packets are trustworthy, disable the zero field check to save CPU resources. To configure RIPng zero field check: Step Command Remarks Enter system view. system-view ripng [ process-id ] [ vpn-instance Enter RIPng view.

  • Page 340: Displaying And Maintaining Ripng

    Applying an IPsec profile To protect routing information and prevent attacks, RIPng supports using an IPsec profile to authenticate protocol packets. For more information about IPsec profiles, see Security Configuration Guide. Outbound RIPng packets carry the Security Parameter Index (SPI) defined in the relevant IPsec profile. A device uses the SPI carried in a received packet to match against the configured IPsec profile.

  • Page 341: Ripng Configuration Examples

    Task Command Reset a RIPng process. reset ripng process-id process Clear statistics of a RIPng process. reset ripng process-id statistics RIPng configuration examples Basic RIPng configuration example Network requirements As shown in Figure 83, all routers learn IPv6 routing information through RIPng. Configure Router B to filter the route (2::/64) learned from Router A, which means the route will not be added to the routing table of Router B, and Router B forwards only the route 4::/64 to Router A.

  • Page 342

    # Configure Router C. <RouterC> system-view [RouterC] ripng 1 [RouterC-ripng-1] quit [RouterC] interface ethernet 1/1 [RouterC-Ethernet1/1] ripng 1 enable [RouterC-Ethernet1/1] quit [RouterC] interface ethernet 1/2 [RouterC-Ethernet1/2] ripng 1 enable [RouterC-Ethernet1/2] quit [RouterC] interface ethernet 1/3 [RouterC-Ethernet1/3] ripng 1 enable [RouterC-Ethernet1/3] quit # Display the RIPng routing table on Router B.

  • Page 343: Configuring Ripng Route Redistribution

    # Use IPv6 prefix lists on Router B to filter received and redistributed routes. [RouterB] ipv6 prefix-list aaa permit 4:: 64 [RouterB] ipv6 prefix-list bbb deny 2:: 64 [RouterB] ipv6 prefix-list bbb permit :: 0 less-equal 128 [RouterB] ripng 1 [RouterB-ripng-1] filter-policy prefix-list aaa export [RouterB-ripng-1] filter-policy prefix-list bbb import [RouterB-ripng-1] quit...

  • Page 344

    Figure 84 Network diagram Configuration procedure Configure IPv6 addresses for interfaces. (Details not shown.) Configure basic RIPng: # Enable RIPng 100 on Router A. <RouterA> system-view [RouterA] ripng 100 [RouterA-ripng-100] quit [RouterA] interface ethernet 1/1 [RouterA-Ethernet1/1] ripng 100 enable [RouterA-Ethernet1/1] quit [RouterA] interface ethernet 1/2 [RouterA-Ethernet1/2] ripng 100 enable # Enable RIPng 100 and RIPng 200 on Router B.

  • Page 345

    NextHop : ::1 Preference: 0 Interface : InLoop0 Cost Destination: 1::/64 Protocol : Direct NextHop : 1::1 Preference: 0 Interface : Eth1/2 Cost Destination: 1::1/128 Protocol : Direct NextHop : ::1 Preference: 0 Interface : InLoop0 Cost Destination: 2::/64 Protocol : Direct NextHop : 2::1...

  • Page 346: Configuring Ripng Ipsec Profiles

    NextHop : ::1 Preference: 0 Interface : InLoop0 Cost Destination: 2::/64 Protocol : Direct NextHop : 2::1 Preference: 0 Interface : Eth1/1 Cost Destination: 2::1/128 Protocol : Direct NextHop : ::1 Preference: 0 Interface : InLoop0 Cost Destination: 4::/64 Protocol : RIPng NextHop : FE80::200:BFF:FE01:1C02...

  • Page 347

    [RouterB] ripng 1 [RouterB-ripng-1] quit [RouterB] interface ethernet 1/1 [RouterB-Ethernet1/1] ripng 1 enable [RouterB-Ethernet1/1] quit [RouterB] interface ethernet 1/2 [RouterB-Ethernet1/2] ripng 1 enable [RouterB-Ethernet1/2] quit # Configure Router C. <RouterC> system-view [RouterC] ripng 1 [RouterC-ripng-1] quit [RouterC] interface ethernet 1/1 [RouterC-Ethernet1/1] ripng 1 enable [RouterC-Ethernet1/1] quit Configure RIPng IPsec profiles:...

  • Page 348

    [RouterB-ipsec-profile-profile001-manual] sa string-key outbound esp simple abc [RouterB-ipsec-profile-profile001-manual] quit # On Router C, create an IPsec transform set named protrf1, and set the encapsulation mode to transport mode, the security protocol to ESP, the encryption algorithm to 3DES, and authentication algorithm to MD5.

  • Page 349: Configuring Ospfv3, Ospfv3 Overview, Ospfv3 Packets, Ospfv3 Lsa Types

    Configuring OSPFv3 This chapter describes how to configure RFC 2740-compliant Open Shortest Path First version 3 (OSPFv3) for an IPv6 network. For more information about OSPFv2, see "Configuring OSPF." OSPFv3 overview OSPFv3 and OSPFv2 have the following in common: 32-bit router ID and area ID •...

  • Page 350: Ospfv3 Configuration Task List

    Inter-Area-Router LSA—Type-4 LSA, originated by ABRs and flooded throughout the LSA's • associated area. Each Inter-Area-Router LSA describes a route to ASBR. AS External LSA—Type-5 LSA, originated by ASBRs, and flooded throughout the AS, except stub • and NSSA areas. Each AS External LSA describes a route to another AS. A default route can be described by an AS External LSA.

  • Page 351: Enabling Ospfv3

    Tasks at a glance (Optional.) Tuning and optimizing OSPFv3 networks: • Configuring OSPFv3 timers • Specifying LSA transmission delay • Configuring a DR priority for an interface • Specifying SPF calculation interval • Specifying the LSA generation interval • Ignoring MTU check for DD packets •...

  • Page 352: Configuring Ospfv3 Area Parameters, Configuring An Ospfv3 Virtual Link

    Configuring OSPFv3 area parameters OSPFv3 has the same stub area and virtual link features as OSPFv2. After you split an OSPFv3 AS into multiple areas, the LSA number is reduced and OSPFv3 applications are extended. To further reduce the size of routing tables and the number of LSAs, configure the non-backbone areas at an AS edge as stub areas.

  • Page 353: Configuring Ospfv3 Network Types, Configuring The Ospfv3 Network Type For An Interface

    To configure a virtual link: Step Command Remarks Enter system view. system-view ospfv3 [ process-id | vpn-instance Enter OSPFv3 view. vpn-instance-name ] * Enter OSPFv3 area view. area area-id vlink-peer router-id [ dead seconds | hello seconds | instance instance-id | By default, no virtual link is Configure a virtual link.

  • Page 354: Configuring An Nbma Or P2mp Neighbor, Configuring Ospfv3 Route Summarization

    Configuring an NBMA or P2MP neighbor For NBMA and P2MP interfaces (only when in unicast mode), you must specify the link-local IP addresses of their neighbors because these interfaces cannot find neighbors through broadcasting hello packets. For NBMA interfaces, you can also specify DR priorities for neighbors. To configure an NBMA or P2MP (unicast) neighbor and its DR priority: Step Command...

  • Page 355: Configuring An Ospfv3 Cost For An Interface

    Configuring OSPFv3 received route filtering According to some rules, you can configure OSPFv3 to filter routes calculated using received LSAs. To configure OSPFv3 to filter routes calculated using received LSAs: Step Command Remarks Enter system view. system-view ospfv3 [ process-id | vpn-instance Enter OSPFv3 view.

  • Page 356: Configuring The Maximum Number Of Ospfv3 Ecmp Routes

    Step Command Remarks interface interface-type Enter interface view. interface-number By default, the OSPFv3 cost is 1 for a VLAN Configure an OSPFv3 ospfv3 cost value [ instance interface, is 0 for a loopback interface, and is cost for the interface. instance-id ] automatically computed according to the interface bandwidth for other interfaces.

  • Page 357: Configuring Ospfv3 Route Redistribution

    Configuring OSPFv3 route redistribution Because OSPFv3 is a link state routing protocol, it cannot directly filter LSAs to be advertised. OSPFv3 filters only redistributed routes. Only routes that are not filtered out can be advertised in LSAs. Executing the import-route or default-route-advertise command on a router makes it become an ASBR. To configure OSPFv3 route redistribution: Step Command...

  • Page 358: Configuring Ospfv3 Timers

    Configuring OSPFv3 timers Step Command Remarks Enter system view. system-view interface interface-type Enter interface view. interface-number ospfv3 timer hello seconds By default, the hello interval on P2P and Configure the hello interval. [ instance instance-id ] broadcast interfaces is 10 seconds. By default, the dead interval on P2P and broadcast interfaces is 40 seconds.

  • Page 359: Configuring A Dr Priority For An Interface

    To configure SPF calculation interval: Step Command Remarks Enter system view. system-view ospfv3 [ process-id | vpn-instance Enter OSPFv3 view. vpn-instance-name ] * By default: • The maximum interval is 5 seconds. spf-schedule-interval maximum-interval Specify the SPF [ minimum-interval • The minimum interval is 50 calculation interval.

  • Page 360: Ignoring Mtu Check For Dd Packets

    Ignoring MTU check for DD packets When LSAs are few in DD packets, it is unnecessary to check the MTU in DD packets to improve efficiency. To ignore MTU check for DD packets: Step Command Remarks Enter system view. system-view interface interface-type Enter interface view.

  • Page 361: Configuring Gr Restarter, Configuring Gr Helper

    Step Command Remarks Enter system view. system-view ospfv3 [ process-id | vpn-instance Enter OSPFv3 view. vpn-instance-name ] * Enable the logging of log-peer-change By default, this feature is enabled. neighbor state changes. Configuring OSPFv3 GR GR ensures forwarding continuity when a routing protocol restarts or an active/standby switchover occurs: Two routers are required to complete a GR process.

  • Page 362: Configuring Bfd For Ospfv3

    Step Command Remarks Enter system view. system-view ospfv3 [ process-id | vpn-instance Enter OSPFv3 view. vpn-instance-name ] * Enable the GR helper By default, the GR helper capability is graceful-restart helper enable capability. enabled. Enable strict LSA graceful-restart helper By default, strict LSA checking is checking.

  • Page 363

    match, the device accepts the packet. Otherwise, the device discards the packet and will not establish a neighbor relationship with the sending device. You can configure an IPsec profile for an area, an interface, or a virtual link. To implement area-based IPsec protection, configure the same IPsec profile on the routers in the •...

  • Page 364: Displaying And Maintaining Ospfv3, Ospfv3 Configuration Examples

    Displaying and maintaining OSPFv3 Execute display commands in any view. Purpose Command Display information about the routes to display ospfv3 [ process-id ] abr-asbr OSPFv3 ABR and ASBR. Display summary route information on display ospfv3 [ process-id ] [ area area-id ] abr-summary the OSPFv3 ABR.

  • Page 365

    Figure 86 Network diagram Configuration procedure Configure IPv6 addresses for interfaces. (Details not shown.) Configure basic OSPFv3: # Configure Router A: enable OSPFv3 and specify the router ID as 1.1.1.1. <RouterA> system-view [RouterA] ospfv3 1 [RouterA-ospfv3-1] router-id 1.1.1.1 [RouterA-ospfv3-1] quit [RouterA] interface ethernet 1/1 [RouterA-Ethernet1/1] ospfv3 1 area 1 [RouterA-Ethernet1/1] quit...

  • Page 366

    [RouterC-Ethernet1/2] ospfv3 1 area 2 [RouterC-Ethernet1/2] quit # Configure Router D: enable OSPFv3 and specify the router ID as 4.4.4.4. <RouterD> system-view [RouterD] ospfv3 1 [RouterD-ospfv3-1] router-id 4.4.4.4 [RouterD-ospfv3-1] quit [RouterD] interface ethernet 1/2 [RouterD-Ethernet1/2] ospfv3 1 area 2 [RouterD-Ethernet1/2] quit # Display OSPFv3 neighbors on Router B.

  • Page 367

    NextHop : FE80::F40D:0:93D0:1 Interface: Eth1/2 *Destination: 2001:1::/64 Type : IA Cost NextHop : FE80::F40D:0:93D0:1 Interface: Eth1/2 *Destination: 2001:2::/64 Type Cost NextHop : directly-connected Interface: Eth1/2 *Destination: 2001:3::/64 Type : IA Cost NextHop : FE80::F40D:0:93D0:1 Interface: Eth1/2 Total: 4 Intra area: 1 Inter area: 3 ASE: 0 Configure Area 2 as a stub area:...

  • Page 368: Configuring Ospfv3 Dr Election

    *Destination: 2001:2::/64 Type Cost NextHop : directly-connected Interface: Eth1/2 *Destination: 2001:3::/64 Type : IA Cost NextHop : FE80::F40D:0:93D0:1 Interface: Eth1/2 Total: 5 Intra area: 1 Inter area: 4 ASE: 0 The output shows that a default route is added and its cost is the cost of a direct route plus the configured cost.

  • Page 369

    Figure 87 Network diagram Router A Router B Eth1/1 Eth1/1 2001::1/64 2001::2/64 Eth1/1 Eth1/1 2001::3/64 2001::4/64 Router D Router C Configuration procedure Configure IPv6 addresses for interfaces. (Details not shown.) Configure basic OSPFv3: # Configure Router A: enable OSPFv3, and specify the router ID as 1.1.1.1. <RouterA>...

  • Page 370

    [RouterD] interface ethernet 1/1 [RouterD-Ethernet1/1] ospfv3 1 area 0 [RouterD-Ethernet1/1] quit # Display neighbors on Router A. The routers have the same default router priority 1, so Router D (the router with the highest Router ID) is elected as the DR, and Router C is the BDR. [RouterA] display ospfv3 peer OSPFv3 Process 1 with Router ID 1.1.1.1 Area: 0.0.0.0...

  • Page 371

    Router ID Pri State Dead-Time Interface Inst ID 2.2.2.2 2-Way/DROther 00:00:36 Eth1/1 3.3.3.3 Full/Backup 00:00:35 Eth1/1 4.4.4.4 Full/DR 00:00:33 Eth1/1 # Display neighbors on Router D. [RouterD] display ospfv3 peer OSPFv3 Process 1 with Router ID 4.4.4.4 Area: 0.0.0.0 ------------------------------------------------------------------------- Router ID Pri State Dead-Time Interface...

  • Page 372

    Configuring OSPFv3 route redistribution Network requirements As shown in Figure Router A, Router B, and Router C are in Area 2. • OSPFv3 process 1 and OSPFv3 process 2 run on Router B. Router B communicates with Router A • and Router C through OSPFv3 process 1 and OSPFv3 process 2.

  • Page 373

    [RouterB-ospfv3-2] router-id 3.3.3.3 [RouterB-ospfv3-2] quit [RouterB] interface ethernet 1/1 [RouterB-Ethernet1/1] ospfv3 2 area 2 [RouterB-Ethernet1/1] quit # Enable OSPFv3 process 2 on Router C. <RouterC> system-view [RouterC] ospfv3 2 [RouterC-ospfv3-2] router-id 4.4.4.4 [RouterC-ospfv3-2] quit [RouterC] interface ethernet 1/2 [RouterC-Ethernet1/2] ospfv3 2 area 2 [RouterC-Ethernet1/2] quit [RouterC] interface ethernet 1/1 [RouterC-Ethernet1/1] ospfv3 2 area 2...

  • Page 374

    Configure OSPFv3 route redistribution: # Configure OSPFv3 process 2 to redistribute direct routes and the routes from OSPFv3 process 1 on Router B. [RouterB] ospfv3 2 [RouterB-ospfv3-2] default cost 3 [RouterB-ospfv3-2] import-route ospfv3 1 [RouterB-ospfv3-2] import-route direct [RouterB-ospfv3-2] quit # Display the routing table on Router C. [RouterC] display ipv6 routing-table Destinations : 9 Routes : 9 Destination: ::1/128...

  • Page 375

    Configuring OSPFv3 GR Network requirements As shown in Figure 89, Router A, Router B, and Router C that reside in the same AS and the same • OSPFv3 routing domain are GR capable. Router A acts as the GR restarter. Router B and Router C act as GR helpers, and synchronize their •...

  • Page 376

    [RouterC] ospfv3 1 [RouterC-ospfv3-1] router-id 3.3.3.3 [RouterC-ospfv3-1] quit [RouterC] interface ethernet 1/1 [RouterC-Ethernet1/1] ospfv3 1 area 1 [RouterC-Ethernet1/1] quit Verifying the configuration After all routers function correctly, perform an active/standby switchover on Router A to trigger an OSPFv3 GR operation. Configuring BFD for OSPFv3 Network requirements As shown in...

  • Page 377

    [RouterA] interface ethernet 1/1 [RouterA-Ethernet1/1] ospfv3 1 area 0 [RouterA-Ethernet1/1] quit [RouterA] interface ethernet 1/2 [RouterA-Ethernet1/2] ospfv3 1 area 0 [RouterA-Ethernet1/2] quit # Enable OSPFv3 and set the router ID to 2.2.2.2 on Router B. <RouterB> system-view [RouterB] ospfv3 1 [RouterB-ospfv3-1] router-id 2.2.2.2 [RouterB-ospfv3-1] quit [RouterB] interface ethernet 1/1...

  • Page 378: Configuring Ospfv3 Ipsec Profiles

    <RouterA> display bfd session Total Session Num: 1 Up Session Num: 1 Init Mode: Active IPv6 Session Working Under Ctrl Mode: Local Discr: 1441 Remote Discr: 1450 Source IP: FE80::20F:FF:FE00:1202 (link-local address of Ethernet1/1 on Router Destination IP: FE80::20F:FF:FE00:1200 (link-local address of Ethernet1/1 on Router Session State: Up Interface: Eth1/1 Hold Time: 2319ms...

  • Page 379

    Figure 91 Network diagram Configuration procedure Configure IPv6 addresses for interfaces. (Details not shown.) Configure OSPFv3 basic functions: # On Router A, enable OSPFv3 and configure the router ID as 1.1.1.1. <RouterA> system-view [RouterA] ospfv3 1 [RouterA-ospfv3-1] router-id 1.1.1.1 [RouterA-ospfv3-1] quit [RouterA] interface ethernet 1/2 [RouterA-Ethernet1/2] ospfv3 1 area 1 [RouterA-Ethernet1/2] quit...

  • Page 380

    reference IPsec transform set trans, and set the SPIs of the inbound and outbound SAs to 123 and the keys for the inbound and outbound SAs to abc using ESP. [RouterA] ipsec transform-set trans [RouterA-ipsec-transform-set-trans] encapsulation-mode transport [RouterA-ipsec-transform-set-trans] esp encryption-algorithm 3des-cbc [RouterA-ipsec-transform-set-trans] esp authentication-algorithm md5 [RouterA-ipsec-transform-set-trans] ah authentication-algorithm md5 [RouterA-ipsec-transform-set-trans] quit...

  • Page 381

    [RouterB-ipsec-profile-profile002-manual] sa string-key outbound ah simple hello [RouterB-ipsec-profile-profile002-manual] sa string-key inbound esp simple byebye [RouterB-ipsec-profile-profile002-manual] sa string-key outbound esp simple byebye [RouterB-ipsec-profile-profile002-manual] quit # On Router C, create an IPsec transform set named trans, and set the encapsulation mode to transport mode, the security protocol to ESP, the encryption algorithm to 3DES, and authentication algorithm to MD5.

  • Page 382

    Verifying the configuration OSPFv3 packets between Routers A, B, and C are protected by IPsec.

  • Page 383: Configuring Ipv6 Is-is

    Configuring IPv6 IS-IS IPv6 IS-IS supports all IPv4 IS-IS features except that it advertises IPv6 routing information. This chapter describes only IPv6 IS-IS specific configuration tasks. For information about IS-IS, see "Configuring IS-IS." Overview Intermediate System-to-Intermediate System (IS-IS) supports multiple network protocols, including IPv6. To support IPv6, the IETF added two type-length-values (TLVs) and a new network layer protocol identifier (NLPID).

  • Page 384: Configuring Ipv6 Is-is Route Control

    Configuring IPv6 IS-IS route control Before you configure IPv6 IS-IS route control, complete basic IPv6 IS-IS configuration. To configure IPv6 IS-IS route control: Step Command Remarks Enter system view. system-view isis [ process-id ] [ vpn-instance Enter IS-IS view. vpn-instance-name ] Specify a preference for ipv6 preference { route-policy By default, the default...

  • Page 385: Tuning And Optimizing Ipv6 Is-is Networks

    Tuning and optimizing IPv6 IS-IS networks Configuration prerequisites Before you tune and optimize IPv6 IS-IS networks, complete basic IPv6 IS-IS tasks. Assigning a convergence priority to IPv6 IS-IS routes A topology change causes IS-IS routing convergence. To improve convergence speed, you can assign different convergence priorities to specific IPv6 IS-IS routes, including critical, high, medium, and low.

  • Page 386: Displaying And Maintaining Ipv6 Is-is

    Step Command Remarks By default, BFD for IPv6 IS-IS is Enable BFD for IPv6 IS-IS. isis ipv6 bfd enable disabled. Displaying and maintaining IPv6 IS-IS Execute display commands in any view. For other display and reset commands, see "Configuring IS-IS." Task Command Display information about routes...

  • Page 387

    Configuration procedure Configure IPv6 addresses for interfaces. (Details not shown.) Configure IPv6 IS-IS: # Configure Router A. <RouterA> system-view [RouterA] isis 1 [RouterA-isis-1] is-level level-1 [RouterA-isis-1] network-entity 10.0000.0000.0001.00 [RouterA-isis-1] ipv6 enable [RouterA-isis-1] quit [RouterA] interface ethernet 1/1 [RouterA-Ethernet1/1] isis ipv6 enable 1 [RouterA-Ethernet1/1] quit # Configure Router B.

  • Page 388

    [RouterD-Ethernet1/1] quit [RouterD] interface ethernet 1/2 [RouterD-Ethernet1/2] isis ipv6 enable 1 [RouterD-Ethernet1/2] quit Verifying the configuration # Display the IPv6 IS-IS routing table on Router A. [RouterA] display isis route ipv6 Route information for IS-IS(1) ------------------------------ Level-1 IPv6 Forwarding Table ----------------------------- Destination : :: PrefixLen: 0...

  • Page 389

    Next Hop : FE80::200:FF:FE0F:4 Interface: Eth1/1 Destination : 2001:2:: PrefixLen: 64 Flag : R/-/- Cost : 20 Next Hop : Direct Interface: Eth1/1 Destination : 2001:3:: PrefixLen: 64 Flag : R/-/- Cost : 20 Next Hop : FE80::200:FF:FE0F:4 Interface: Eth1/1 Flags: D-Direct, R-Added to Rib, L-Advertised in LSPs, U-Up/Down Bit Set # Display the IPv6 IS-IS routing table on Router C.

  • Page 390: Bfd For Ipv6 Is-is Configuration Example

    Destination : 2001:4::1 PrefixLen: 128 Flag : R/-/- Cost : 10 Next Hop : FE80::20F:E2FF:FE3E:FA3D Interface: Eth1/3 Flags: D-Direct, R-Added to Rib, L-Advertised in LSPs, U-Up/Down Bit Set # Display the IPv6 IS-IS routing table on Router D. [RouterD] display isis route ipv6 Route information for IS-IS(1) ------------------------------ Level-2 IPv6 Forwarding Table...

  • Page 391

    Figure 93 Network diagram Device Interface IPv6 address Device Interface IPv6 address Router A Eth1/1 2001::1/64 Router B Eth1/1 2001::2/64 Eth1/2 2001:2::1/64 Eth1/2 2001:3::2/64 Router C Eth1/1 2001:2::2/64 Eth1/2 2001:3::1/64 Configuration procedure Configure IP addresses for interfaces. (Details not shown.) Configure IPv6 IS-IS: # Configure Router A.

  • Page 392

    [RouterB-Ethernet1/2] quit # Configure Router C. <RouterC> system-view [RouterC] isis 1 [RouterC-isis-1] network-entity 10.0000.0000.0003.00 [RouterC-isis-1] ipv6 enable [RouterC-isis-1] quit [RouterC] interface ethernet 1/1 [RouterC-Ethernet1/1] isis ipv6 enable 1 [RouterC-Ethernet1/1] quit [RouterC] interface ethernet 1/2 [RouterC-Ethernet1/2] isis ipv6 enable 1 [RouterC-Ethernet1/2] quit Configure BFD functions: # Enable BFD and configure BFD parameters on Router A.

  • Page 393

    Summary Count : 2 Destination: 2001:4::/64 Protocol : ISISv6 NextHop : FE80::20F:FF:FE00:1200 Preference: 15 Interface : Eth1/1 Cost : 10 The output shows that Router A and Router B communicate through Ethernet 1/1. Then the link over Ethernet 1/1 fails. # Display routes destined for 2001:4::0/64 on Router A.

  • Page 394: Configuring Ipv6 Pbr

    Configuring IPv6 PBR Introduction to IPv6 PBR Policy-based routing (PBR) uses user-defined policies to route packets. A policy can specify the next hop, output interface, default next hop, default output interface, and other parameters for packets that match specific criteria such as ACLs or that have specific lengths. A device forwards received packets using the following process: The device uses PBR to forward matching packets.

  • Page 395

    apply clause IPv6 PBR supports the following types of apply clauses, as shown in Table 9. You can specify multiple apply clauses for a node, but some of them might not be executed. The apply clauses that determine the packet forwarding paths are apply access-vpn vpn-instance, apply next-hop, apply output-interface, apply default-next-hop, and apply default-output-interface in a descending priority order.

  • Page 396

    Relationship between the match mode and clauses on the node Does a packet match all the Match mode if-match clauses on the In permit mode In deny mode node? • If the node is configured with an apply clause, IPv6 PBR executes the apply clause on the node.

  • Page 397: Configuring An Ipv6 Policy

    Tasks at a glance (Required.) Configuring IPv6 PBR: • Configuring IPv6 local PBR • Configuring IPv6 interface PBR Configuring an IPv6 policy Creating an IPv6 node Step Command Remarks Enter system view. system-view Create an IPv6 policy or policy node, and ipv6 policy-based-route policy-name [ deny | By default, no IPv6 policy enter IPv6 policy...

  • Page 398

    Step Command Remarks By default, no VPN instance is specified. You can specify up to m VPN Set VPN apply access-vpn vpn-instance instances for a node. The matching instances. vpn-instance-name&<1-n> packets are forwarded according to the forwarding table of the first available VPN instance.

  • Page 399

    Step Command Remarks By default, no default output interface is specified. You can specify multiple default output interfaces for backup or load apply default-output-interface Set default output sharing by executing this command { interface-type interface-number [ track interfaces. once or multiple times. track-entry-number ] }&<1-n>...

  • Page 400: Displaying And Maintaining Ipv6 Pbr

    You can apply only one policy to an interface. Before you apply a new policy, you must first remove the current policy from the interface. You can apply a policy to multiple interfaces. To configure IPv6 interface PBR: Step Command Remarks Enter system view.

  • Page 401

    Figure 94 Network diagram Configuration procedure Configure Router A: # Configure the IPv6 addresses of the serial interfaces. <RouterA> system-view [RouterA] interface serial 2/0 [RouterA-Serial2/0] ipv6 address 1::1 64 [RouterA-Serial2/0] quit [RouterA] interface serial 2/1 [RouterA-Serial2/1] ipv6 address 2::1 64 [RouterA-Serial2/1] quit # Configure ACL 3001 to match TCP packets.

  • Page 402: Packet Type-based Ipv6 Interface Pbr Configuration Example (on Routers)

    Packet type-based IPv6 interface PBR configuration example (on routers) Network requirements As shown in Figure 95, configure IPv6 PBR on Router A to forward all TCP packets received on Ethernet 1/1 to the next hop 1::2. Router A forwards other IPv6 packets according to the routing table. Figure 95 Network diagram Configuration procedure Configure Router A:...

  • Page 403

    # Configure Node 5 for policy aaa to forward TCP packets to next hop 1::2. [RouterA] ipv6 policy-based-route aaa permit node 5 [RouterA-pbr6-aaa-5] if-match acl 3001 [RouterA-pbr6-aaa-5] apply next-hop 1::2 [RouterA-pbr6-aaa-5] quit # Configure IPv6 interface PBR by applying policy aaa to Ethernet 1/1. [RouterA] interface ethernet 1/1 [RouterA-Ethernet1/1] ipv6 address 10::2 64 [RouterA-Ethernet1/1] undo ipv6 nd ra halt...

  • Page 404: Packet Length-based Ipv6 Interface Pbr Configuration Example (on Routers)

    Packet length-based IPv6 interface PBR configuration example (on routers) Network requirements As shown in Figure 96, configure IPv6 interface PBR to guide the forwarding of packets received on Ethernet 1/1 of Router A as follows: Set the next hop of packets with a length of 64 to 100 bytes to 150::2/64. •...

  • Page 405

    [RouterA] interface ethernet 1/1 [RouterA-Ethernet1/1] ipv6 address 192::1 64 [RouterA-Ethernet1/1] undo ipv6 nd ra halt [RouterA-Ethernet1/1] ripng 1 enable [RouterA-Ethernet1/1] ipv6 policy-based-route lab1 [RouterA-Ethernet1/1] return Configure RIPng on Router B. <RouterB> system-view [RouterB] ripng 1 [RouterB-ripng-1] quit [RouterB] interface serial 2/0 [RouterB-Serial2/0] ipv6 address 150::2 64 [RouterB-Serial2/0] ripng 1 enable [RouterB-Serial2/0] quit...

  • Page 406

    *Jun 26 13:04:33:519 2012 RouterA PBR6/7/PBR Forward Info: -MDC=1; apply next-hop ::2. The output shows that Router A sets the next hop for the received packets to 150::2 according to IPv6 PBR. The packets are forwarded through Serial 2/0. # Ping Loopback 0 of Router B from Host A, and set the data length to 200 bytes. C:\>ping –n 1 -l 200 10::1 Pinging 10::1 with 200 bytes of data: Reply from 10::1: time=1ms...

  • Page 407: Configuring Routing Policies

    Configuring routing policies Routing policies control routing paths by filtering and modifying routing information. This chapter describes both IPv4 and IPv6 routing policies. Overview Routing policies can filter advertised, received, and redistributed routes, and modify attributes for specific routes. To configure a routing policy: Configure filters based on route attributes, such as destination address and the advertising router's address.

  • Page 408: Routing Policy

    For more information about extended community lists, see MPLS Configuration Guide. MAC list A MAC list matches the destination MAC address of EVI IS-IS routing information. A MAC list, identified by name, can comprise multiple items. Each item, identified by an index number, specifies a MAC address range.

  • Page 409: Configuring An Ip Prefix List

    Configuring an IP prefix list Configuring an IPv4 prefix list If all the items are set to deny mode, no routes can pass the IPv4 prefix list. To allow other IPv4 routing information to pass, you must configure the permit 0.0.0.0 0 less-equal 32 item following multiple deny items.

  • Page 410: Configuring A Routing Policy

    Step Command Remarks Enter system view. system-view • Configure a basic community list: ip community-list { basic-comm-list-num | basic basic-comm-list-name } { deny | permit } [ community-number&<1-32> | aa:nn&<1-32> ] Use either method. [ internet | no-advertise | no-export | Configure a community By default, no no-export-subconfed ] *...

  • Page 411: Creating A Routing Policy

    Creating a routing policy For a routing policy that has more than one node, configure at least one permit-mode node. A route that does not match any node cannot pass the routing policy. If all the nodes are in deny mode, no routing information can pass the routing policy.

  • Page 412: Configuring Apply Clauses

    Step Command Remarks if-match community Match BGP routes whose { { basic-community-list-number | By default, no COMMUNITY COMMUNITY attribute matches name comm-list-name } match criterion is matched. a specified community list. [ whole-match ] | adv-community-list-number }&<1-32> Match routes having the By default, no cost match if-match cost value specified cost.

  • Page 413

    Step Command Remarks route-policy route-policy-name Enter routing policy node view. { deny | permit } node node-number Set the AS_PATH attribute for apply as-path By default, no AS_PATH attribute is BGP routes. as-number&<1-32> [ replace ] set for BGP routes. Delete the specified apply comm-list By default, no COMMUNITY...

  • Page 414: Displaying And Maintaining The Routing Policy

    Step Command Remarks Set a tag value for RIP, OSPF, By default, no tag value is set for RIP, apply tag value and IS-IS route. OSPF, and IS-IS routes. apply fast-reroute Set a backup link for fast backup-interface interface-type By default, no backup link is set for reroute (FRR).

  • Page 415: Routing Policy Configuration Examples

    Task Command Display IPv6 prefix list statistics. display ipv6 prefix-list [ prefix-list-name ] Display MAC list statistics. display mac-list [ mac-list-name ] Display routing policy information. display route-policy [ route-policy-name ] Clear IPv4 prefix list statistics. reset ip prefix-list [ prefix-list-name ] Clear IPv6 prefix list statistics.

  • Page 416

    [RouterC-Ethernet1/1] quit [RouterC] interface ethernet 1/2 [RouterC-Ethernet1/2] isis enable [RouterC-Ethernet1/2] quit [RouterC] interface ethernet 1/3 [RouterC-Ethernet1/3] isis enable [RouterC-Ethernet1/3] quit [RouterC] interface ethernet 1/4 [RouterC-Ethernet1/4] isis enable [RouterC-Ethernet1/4] quit # Configure Router B. <RouterB> system-view [RouterB] isis [RouterB-isis-1] is-level level-2 [RouterB-isis-1] network-entity 10.0000.0000.0002.00 [RouterB-isis-1] quit [RouterB] interface ethernet 1/2...

  • Page 417

    172.17.2.0/24 Type2 192.168.1.2 192.168.2.2 172.17.3.0/24 Type2 192.168.1.2 192.168.2.2 Total Nets: 4 Intra Area: 1 Inter Area: 0 ASE: 3 NSSA: 0 Configure filtering lists on Router B: # Configure ACL 2002 to allow route 172.17.2.0/24 to pass. [RouterB] acl number 2002 [RouterB-acl-basic-2002] rule permit source 172.17.2.0 0.0.0.255 [RouterB-acl-basic-2002] quit # Configure IP prefix list prefix-a to allow route 172.17.1.0/24 to pass.

  • Page 418: Applying A Routing Policy To Ipv6 Route Redistribution

    The output shows that the cost of route 172.17.1.0/24 is 100 and the tag of route 172.17.2.0/24 is 20. Applying a routing policy to IPv6 route redistribution Network requirements • As shown in Figure 98, run RIPng on Router A and Router B. Configure three static routes on Router A.

  • Page 419

    [RouterA] ripng [RouterA-ripng-1] import-route static route-policy static2ripng Configure Router B: # Configure the IPv6 address of Ethernet 1/1. <RouterB> system-view [RouterB] interface ethernet 1/1 [RouterB-Ethernet1/1] ipv6 address 10::2 32 # Enable RIPng. [RouterB] ripng [RouterB-ripng-1] quit # Enable RIPng on the interface. [RouterB] interface ethernet 1/1 [RouterB-Ethernet1/1] ripng 1 enable [RouterB-Ethernet1/1] quit...

  • Page 420: Support And Other Resources, Subscription Service, Related Information

    Related information Documents To find related documents, browse to the Manuals page of the HP Business Support Center website: http://www.hp.com/support/manuals For related documentation, navigate to the Networking section, and select a networking category. •...

  • Page 421: Command Conventions

    Conventions This section describes the conventions used in this documentation set. Command conventions Convention Description Boldface Bold text represents commands and keywords that you enter literally as shown. Italic Italic text represents arguments that you replace with actual values. Square brackets enclose syntax choices (keywords or arguments) that are optional. Braces enclose a set of required syntax choices separated by vertical bars, from which { x | y | ...

  • Page 422

    Network topology icons Represents a generic network device, such as a router, switch, or firewall. Represents a routing-capable device, such as a router or Layer 3 switch. Represents a generic switch, such as a Layer 2 or Layer 3 switch, or a router that supports Layer 2 forwarding and other Layer 2 features.

  • Page 423: Index

    Configuring basic IS-IS,130 Configuring the maximum lifetime for routes in the Configuring basic RIP,23 FIB,5 Configuring basic RIPng,323 Contacting HP,409 Configuring BFD for BGP,242 Controlling BGP path selection,209 Configuring BFD for IPv6 IS-IS,374 Controlling route distribution and reception,199 Configuring BFD for IPv6 static...

  • Page 424

    Overview,372 Overview,396 Enabling logging of session state changes,241 Overview,174 Enabling OSPF,66 Overview,122 Enabling OSPFv3,340 Enabling SNMP notifications for BGP,241 Enhancing IS-IS network security,147 PBR configuration examples,303 Extension attribute redistribution,4 PBR configuration task list,299 Generating BGP routes,197 Related information,409 RIP configuration examples,37 RIP configuration task list,22...

This manual also for:

5500 si series

Comments to this Manuals

Symbols: 0
Latest comments: