Contents Configuring basic IP routing ··········································································· 1 Routing table ······················································································································································ 1 Dynamic routing protocols·································································································································· 2 Route preference ··············································································································································· 2 Load sharing ······················································································································································ 3 Route backup ····················································································································································· 3 Route recursion ·················································································································································· 3 Route redistribution ············································································································································ 3 Extension attribute redistribution ························································································································ 3 Setting the maximum lifetime for routes and labels in the RIB···········································································...
Page 4
Setting a preference for RIP ····················································································································· 31 Configuring RIP route redistribution ········································································································· 31 Tuning and optimizing RIP networks ··············································································································· 32 Configuration prerequisites ······················································································································ 32 Setting RIP timers ···································································································································· 32 Enabling split horizon and poison reverse ······························································································· 33 Setting the maximum number of RIP ECMP routes ················································································· 33 Enabling zero field check on incoming RIPv1 messages ·········································································...
Page 5
Configuration prerequisites ······················································································································ 76 Configuring the broadcast network type for an interface·········································································· 76 Configuring the NBMA network type for an interface ··············································································· 76 Configuring the P2MP network type for an interface················································································ 77 Configuring the P2P network type for an interface··················································································· 78 Configuring OSPF route control ·······················································································································...
Page 6
OSPF stub area configuration example ································································································· 111 OSPF NSSA area configuration example ······························································································ 113 OSPF DR election configuration example ······························································································ 115 OSPF virtual link configuration example ································································································ 119 OSPF GR configuration example ··········································································································· 121 OSPF NSR configuration example········································································································· 124 BFD for OSPF configuration example ···································································································· 126 OSPF FRR configuration example ·········································································································...
Page 8
Enabling immediate re-establishment of direct EBGP connections upon link failure ····························· 261 Enabling 4-byte AS number suppression ······························································································· 262 Enabling MD5 authentication for BGP peers ························································································· 263 Enabling keychain authentication for BGP peers ··················································································· 264 Configuring BGP load balancing ············································································································ 265 Disabling BGP to establish a session to a peer or peer group ·······························································...
Page 9
Configuring PBR ························································································ 358 Overview ························································································································································ 358 Policy ······················································································································································ 358 PBR and Track ······································································································································· 359 PBR configuration task list ····························································································································· 359 Configuring a policy········································································································································ 360 Creating a node ······································································································································ 360 Setting match criteria for a node ············································································································ 360 Configuring actions for a node ··············································································································· 361 Specifying a policy for PBR ····························································································································...
Configuring basic IP routing IP routing directs IP packet forwarding on routers based on a routing table. This chapter focuses on unicast routing protocols. For more information about multicast routing protocols, see IP Multicast Configuration Guide. Routing table A RIB contains the global routing information and related information, including route recursion, route redistribution, and route extension information.
• Cost—If multiple routes to a destination have the same preference, the one with the smallest cost is the optimal route. • NextHop—Next hop. • Interface—Output interface. Dynamic routing protocols Static routes work well in small, stable networks. They are easy to configure and require fewer system resources.
Route type Preference OSPF ASE OSPF NSSA IBGP EBGP Unknown (route from an untrusted source) Load sharing A routing protocol might find multiple optimal equal-cost routes to the same destination. You can use these routes to implement equal-cost multi-path (ECMP) load sharing. Static routing, IPv6 static routing, RIP, RIPng, OSPF, OSPFv3, BGP, IPv6 BGP, IS-IS, and IPv6 IS-IS support ECMP load sharing.
The RIB records extended attributes of each routing protocol and redistribution relationships of different routing protocol extended attributes. Setting the maximum lifetime for routes and labels in the RIB Perform this task to prevent routes of a certain protocol from being aged out due to slow protocol convergence resulting from a large number of route entries or long GR period.
Step Command Remarks By default, the maximum Set the maximum lifetime for fib lifetime seconds lifetime for routes in the FIB IPv4 routes in the FIB. is 600 seconds. To set the maximum lifetime for routes in the FIB (IPv6): Step Command Remarks...
Step Command Remarks By default, RIB NSR is Enable IPv6 RIB NSR. non-stop-routing disabled. Configuring inter-protocol FRR CAUTION: This feature uses the next hop of a route from a different protocol as the backup next hop for the faulty route, which might cause loops. Inter-protocol fast reroute (FRR) enables fast rerouting between routes of different protocols.
Enabling the IPv4 enhanced ECMP mode When one or multiple ECMP routes fail, the default ECMP mode enables the device to reallocate all traffic to the remaining routes. The IPv4 enhanced ECMP mode enables the device to reallocate only the traffic of the failed routes to the remaining routes, which ensures forwarding continuity.
Configuring static routing Static routes are manually configured. If a network's topology is simple, you only need to configure static routes for the network to work correctly. Static routes cannot adapt to network topology changes. If a fault or a topological change occurs in the network, the network administrator must modify the static routes manually.
Step Command Remarks (Optional.) Configure route-static default-preference The default setting is 60. default preference default-preference for static routes. (Optional.) Delete all To delete one static route, static routes, delete [ vpn-instance vpn-instance-name ] undo including the default static-routes all route-static command. route.
Configuring static route FRR A link or router failure on a path can cause packet loss and even routing loop. Static route fast reroute (FRR) enables fast rerouting to minimize the impact of link or node failures. Figure 1 Network diagram Backup nexthop: Router C Router A Router B...
Configuring static route FRR to automatically select a backup next hop Step Command Remarks Enter system view. system-view Configure static route FRR to By default, static route FRR is automatically select ip route-static fast-reroute auto disabled from automatically backup next hop. selecting a backup next hop.
Static route configuration examples Basic static route configuration example Network requirements As shown in Figure 2, configure static routes on the switches for interconnections between any two hosts. Figure 2 Network diagram Host B 1.1.6.2/24 Vlan-int100 1.1.6.1/24 Vlan-int500 Vlan-int600 1.1.4.2/30 1.1.5.5/30 Switch B Vlan-int500...
Destination/Mask Proto Cost NextHop Interface 0.0.0.0/0 Static 60 1.1.4.2 Vlan500 Static Routing table Status : <Inactive> Summary Count : 0 # Display static routes on Switch B. [SwitchB] display ip routing-table protocol static Summary Count : 2 Static Routing table Status : <Active> Summary Count : 2 Destination/Mask Proto...
Page 28
• Configure a static route to subnet 120.1.1.0/24 on Switch A. • Configure a static route to subnet 121.1.1.0/24 on Switch B. • Enable BFD for both routes. • Configure a static route to subnet 120.1.1.0/24 and a static route to subnet 121.1.1.0/24 on Switch C.
Static Routing table Status : <Inactive> Summary Count : 0 The output shows that Switch A communicates with Switch B through VLAN-interface 11. BFD for static routes configuration example (indirect next hop) Network requirements Figure 4 shows the network topology as follows: •...
Page 31
Device Interface IP address Switch C VLAN-interface 11 10.1.1.100/24 Switch C VLAN-interface 13 13.1.1.2/24 Switch D VLAN-interface 10 12.1.1.2/24 Switch D VLAN-interface 12 11.1.1.2/24 Configuration procedure Configure IP addresses for interfaces. (Details not shown.) Configure static routes and BFD: # Configure static routes on Switch A and enable BFD control mode for the static route that traverses Switch D.
# Display the static routes on Switch A. <SwitchA> display ip routing-table protocol static Summary Count : 1 Static Routing table Status : <Active> Summary Count : 1 Destination/Mask Proto Cost NextHop Interface 120.1.1.0/24 Static 60 12.1.1.2 Vlan10 Static Routing table Status : <Inactive> Summary Count : 0 The output shows that Switch A communicates with Switch B through VLAN-interface 10.
Page 33
Table 6 Interface and IP address assignment Device Interface IP address Switch A VLAN-interface 100 12.12.12.1/24 Switch A VLAN-interface 200 13.13.13.1/24 Switch A Loopback 0 1.1.1.1/32 Switch B VLAN-interface 101 24.24.24.4/24 Switch B VLAN-interface 200 13.13.13.2/24 Switch B Loopback 0 4.4.4.4/32 Switch C VLAN-interface 100...
Configuring a default route A default route is used to forward packets that do not match any specific routing entry in the routing table. Without a default route, packets that do not match any routing entries are discarded. A default route can be configured in either of the following ways: •...
Configuring RIP Overview Routing Information Protocol (RIP) is a distance-vector IGP suited to small-sized networks. It employs UDP to exchange route information through port 520. RIP uses a hop count to measure the distance to a destination. The hop count from a router to a directly connected network is 0.
RIP versions There are two RIP versions, RIPv1 and RIPv2. RIPv1 is a classful routing protocol. It advertises messages only through broadcast. RIPv1 messages do not carry mask information, so RIPv1 can only recognize natural networks such as Class A, B, and C. For this reason, RIPv1 does not support discontiguous subnets. RIPv2 is a classless routing protocol.
(Optional.) Tuning and optimizing RIP networks: • Setting RIP timers • Enabling split horizon and poison reverse • Setting the maximum number of RIP ECMP routes • Enabling zero field check on incoming RIPv1 messages • Enabling source IP address check on incoming RIP updates •...
Step Command Remarks By default, RIP is disabled on a network. network network-address The network 0.0.0.0 command Enable RIP on a network. [ wildcard-mask ] can enable RIP on all interfaces in a single process, but does not apply to multiple RIP processes. Enabling RIP on an interface Step Command...
An interface preferentially uses the interface-specific RIP version. If no interface-specific version is specified, the interface uses the global RIP version. If neither a global nor interface-specific RIP version is configured, the interface sends RIPv1 broadcasts and can receive the following: •...
Step Command Remarks interface interface-type Enter interface view. interface-number Specify inbound metricin route-policy The default setting is 0. additional routing metric. route-policy-name ] value Specify outbound metricout [ route-policy The default setting is 1. additional routing metric. route-policy-name ] value Configuring RIPv2 route summarization Perform this task to summarize contiguous subnets into a summary network and sends the network to neighbors.
Step Command Remarks summary-address By default, no summary route is Configure a summary route. ip-address { mask-length | mask } configured. Disabling host route reception Perform this task to disable RIPv2 from receiving host routes from the same network to save network resources.
To configure route filtering: Step Command Remarks Enter system view. system-view rip [ process-id ] [ vpn-instance Enter RIP view. vpn-instance-name ] default, filtering received routes filter-policy ipv4-acl-number configured. gateway prefix-list-name | prefix-list Configure the filtering of prefix-list-name gateway This command filters received received routes.
Step Command Remarks rip [ process-id ] [ vpn-instance Enter RIP view. vpn-instance-name ] By default, the maximum number Set the maximum number of maximum load-balancing of RIP ECMP routes equals the RIP ECMP routes. number maximum number ECMP routes supported by the system. Enabling zero field check on incoming RIPv1 messages Some fields in the RIPv1 message must be set to zero.
Step Command Remarks Enter system view. system-view vpn-instance process-id Enter RIP view. vpn-instance-name ] By default, RIP does not Specify a RIP neighbor. peer ip-address unicast updates to any peer. Disable source default, source address check undo validate-source-address address check on inbound inbound RIP updates RIP updates is enabled.
Setting the maximum length of RIP packets CAUTION: The supported maximum length of RIP packets varies by vendor. Use this feature with caution to avoid compatibility issues. The packet length of RIP packets determines how many routes can be carried in a RIP packet. Set the maximum length of RIP packets to make good use of link bandwidth.
With the GR feature, the restarting router (known as the GR restarter) can notify the event to its GR capable neighbors. GR capable neighbors (known as GR helpers) maintain their adjacencies with the router within a GR interval. During this process, the FIB table of the router does not change. After the restart, the router contacts its neighbors to retrieve its FIB.
task to enable BFD for RIP. For more information about BFD, see High Availability Configuration Guide. RIP supports the following BFD detection modes: • Single-hop echo detection—Detection mode for a direct neighbor. In this mode, a BFD session is established only when the directly connected neighbor has route information to send. •...
Configuring bidirectional control detection Step Command Remarks Enter system view. system-view rip [ process-id ] [ vpn-instance Enter RIP view. vpn-instance-name ] By default, RIP does not unicast updates to any peer. Because undo peer command does not remove the Specify a RIP neighbor.
Configuration prerequisites You must specify a next hop by using the apply fast-reroute backup-interface command in a routing policy and reference the routing policy for FRR. For more information about routing policy configuration, see "Configuring routing policies." Configuring RIP FRR Step Command Remarks...
Page 55
[SwitchB-Vlan-interface101] rip 1 enable [SwitchB-Vlan-interface101] quit [SwitchB] interface vlan-interface 102 [SwitchB-Vlan-interface102] rip 1 enable [SwitchB-Vlan-interface102] quit # Display the RIP routing table of Switch A. [SwitchA] display rip 1 route Route Flags: R - RIP, T - TRIP P - Permanent, A - Aging, S - Suppressed, G - Garbage-collect D - Direct, O - Optimal, F - Flush to RIB ---------------------------------------------------------------------------- Peer 1.1.1.2 on Vlan-interface100...
Page 56
The output shows that RIPv2 uses classless subnet masks. NOTE: After RIPv2 is configured, RIPv1 routes might still exist in the routing table until they are aged out. # Display the RIP routing table on Switch B. [SwitchB] display rip 1 route Route Flags: R - RIP, T - TRIP P - Permanent, A - Aging, S - Suppressed, G - Garbage-collect D - Direct, O - Optimal, F - Flush to RIB...
Peer 1.1.1.1 on Vlan-interface100 Destination/Mask Nexthop Cost Flags 2.1.1.0/24 1.1.1.3 RAOF Local route Destination/Mask Nexthop Cost Flags 1.1.1.0/24 0.0.0.0 RDOF 10.1.1.0/24 0.0.0.0 RDOF 10.2.1.0/24 0.0.0.0 RDOF Configuring RIP route redistribution Network requirements As shown in Figure 8, Switch B communicates with Switch A through RIP 100 and with Switch C through RIP 200.
Page 58
[SwitchB-rip-200] quit # Enable RIP 200, and configure RIPv2 on Switch C. <SwitchC> system-view [SwitchC] rip 200 [SwitchC-rip-200] network 12.0.0.0 [SwitchC-rip-200] network 16.0.0.0 [SwitchC-rip-200] version 2 [SwitchC-rip-200] undo summary [SwitchC-rip-200] quit # Display the IP routing table on Switch C. [SwitchC] display ip routing-table Destinations : 13 Routes : 13...
16.4.1.0/32 Direct 0 16.4.1.1 Vlan400 16.4.1.1/32 Direct 0 127.0.0.1 InLoop0 16.4.1.255/32 Direct 0 16.4.1.1 Vlan400 127.0.0.0/8 Direct 0 127.0.0.1 InLoop0 127.0.0.0/32 Direct 0 127.0.0.1 InLoop0 127.0.0.1/32 Direct 0 127.0.0.1 InLoop0 127.255.255.255/32 Direct 0 127.0.0.1 InLoop0 Configuring an additional metric for a RIP interface Network requirements As shown in Figure...
[SwitchC-rip-1] undo summary # Configure Switch D. <SwitchD> system-view [SwitchD] rip 1 [SwitchD-rip-1] network 1.0.0.0 [SwitchD-rip-1] version 2 [SwitchD-rip-1] undo summary # Configure Switch E. <SwitchE> system-view [SwitchE] rip 1 [SwitchE-rip-1] network 1.0.0.0 [SwitchE-rip-1] version 2 [SwitchE-rip-1] undo summary # Display all active routes in the RIP database on Switch A. [SwitchA] display rip 1 database 1.0.0.0/8, auto-summary 1.1.1.0/24, cost 0, nexthop 1.1.1.1, RIP-interface...
Page 61
Figure 10 Network diagram Vlan-int500 Vlan-int200 10.6.1.2/24 10.1.1.1/24 Switch B Vlan-int200 OSPF 10.1.1.2/24 Vlan-int600 Vlan-int100 Vlan-int300 10.5.1.2/24 10.2.1.2/24 11.3.1.1/24 Vlan-int100 10.2.1.1/24 Switch C Switch A Vlan-int400 Vlan-int300 11.4.1.2/24 11.3.1.2/24 Switch D Configuration procedure Configure IP addresses for interfaces. (Details not shown.) Configure basic OSPF: # Configure Switch A.
Page 62
[SwitchD-rip-1] network 11.0.0.0 [SwitchD-rip-1] version 2 [SwitchD-rip-1] undo summary [SwitchD-rip-1] quit # Configure RIP to redistribute routes from OSPF process 1 and direct routes on Switch C. [SwitchC-rip-1] import-route direct [SwitchC-rip-1] import-route ospf 1 [SwitchC-rip-1] quit # Display the IP routing table on Switch D. [SwitchD] display ip routing-table Destinations : 15 Routes : 15...
127.0.0.0/32 Direct 0 127.0.0.1 InLoop0 127.0.0.1/32 Direct 0 127.0.0.1 InLoop0 127.255.255.255/32 Direct 0 127.0.0.1 InLoop0 Configuring RIP GR Network requirements As shown in Figure 11, Switch A, Switch B, and Switch C all run RIPv2. • Enable GR on Switch A. Switch A acts as the GR restarter. •...
Configuring RIP NSR Network requirements As shown in Figure 12, Switch A, Switch B, and Switch S all run RIPv2. Enable RIP NSR on Switch S to ensure correct routing when an active/standby switchover occurs on Switch S. Figure 12 Network diagram Loop 0 Loop 0 22.22.22.22/32...
Version : RIPv2 Last update: 00h00m13s Relay nbr : No BFD session: None Bad packets: 0 Bad routes : 0 [SwitchA] display rip 1 route Route Flags: R - RIP, T - TRIP P - Permanent, A - Aging, S - Suppressed, G - Garbage-collect D - Direct, O - Optimal, F - Flush to RIB ---------------------------------------------------------------------------- Peer 12.12.12.2 on Vlan-interface200...
Page 66
• Configure a static route destined for 100.1.1.1/24 and enable static route redistribution into RIP on Switch C. This allows Switch A to learn two routes destined for 100.1.1.1/24 through VLAN-interface 100 and VLAN-interface 200 respectively, and uses the one through VLAN-interface 100.
Configuring BFD for RIP (single hop echo detection for a specific destination) Network requirements As shown in Figure 14, VLAN-interface 100 of Switch A and Switch B runs RIP process 1. VLAN-interface 200 of Switch B and Switch C runs RIP process 1. •...
Tunnel ID: Invalid Interface: vlan-interface 100 BkTunnel ID: Invalid BkInterface: N/A FtnIndex: 0x0 TrafficIndex: N/A Connector: N/A # Display routes destined for 100.1.1.0/24 on Switch B when the link between Switch A and Switch B fails. <SwitchB> display ip routing-table 100.1.1.0 24 verbose Summary Count : 1 Destination: 100.1.1.0/24 Protocol: RIP...
Page 71
Figure 15 Network diagram Switch D Vlan-int300 Vlan-int400 101.1.1.0/24 100.1.1.0/24 Vlan-int300 Vlan-int400 Switch B Vlan-int100 Vlan-int200 Vlan-int100 Vlan-int200 Switch A Switch C Table 7 Interface and IP address assignment Device Interface IP address Switch A VLAN-interface 300 192.168.3.1/24 Switch A VLAN-interface 100 192.168.1.1/24 Switch B...
Verifying the configuration # Display the BFD session information on Switch A. <SwitchA> display bfd session Total Session Num: 1 Up Session Num: 1 Init Mode: Active IPv4 session working under Ctrl mode: LD/RD SourceAddr DestAddr State Holdtime Interface 513/513 192.168.1.1 192.168.2.2 1700ms...
Page 74
Device Interface IP address Switch A VLAN-interface 200 13.13.13.1/24 Switch A Loopback 0 1.1.1.1/32 Switch B VLAN-interface 101 24.24.24.4/24 Switch B VLAN-interface 200 13.13.13.2/24 Switch B Loopback 0 4.4.4.4/32 Switch C VLAN-interface 100 12.12.12.2/24 Switch C VLAN-interface 101 24.24.24.2/24 Configuration procedure Configure IP addresses and subnet masks for interfaces on the switches.
Configuring OSPF Overview Open Shortest Path First (OSPF) is a link-state IGP developed by the OSPF working group of the IETF. OSPF version 2 is used for IPv4. OSPF refers to OSPFv2 throughout this chapter. OSPF has the following features: •...
• Network LSA—Type-2 LSA, originated for broadcast and NBMA networks by the designated router, and flooded throughout a single area only. This LSA contains the list of routers connected to the network. • Network Summary LSA—Type-3 LSA, originated by Area Border Routers (ABRs), and flooded throughout the LSA's associated area.
Page 78
Backbone area and virtual links Each AS has a backbone area that distributes routing information between non-backbone areas. Routing information between non-backbone areas must be forwarded by the backbone area. OSPF has the following requirements: • All non-backbone areas must maintain connectivity to the backbone area. •...
routes. It advertises a default route in a Type-3 LSA so that the routers in the area can reach external networks through the default route. NSSA area and totally NSSA area An NSSA area does not import AS external LSAs (Type-5 LSAs) but can import Type-7 LSAs generated by the NSSA ASBR.
• Each router transforms the LSDB to a weighted directed graph that shows the topology of the area. All the routers within the area have the same graph. • Each router uses the SPF algorithm to compute a shortest path tree that shows the routes to the nodes in the area.
Figure 22 DR and BDR in a network DR other DR other DR other Physical links Adjacencies NOTE: In OSPF, neighbor and adjacency are different concepts. After startup, OSPF sends a hello packet on each OSPF interface. A receiving router checks parameters in the packet. If the parameters match its own, the receiving router considers the sending router an OSPF neighbor.
Page 83
Tasks at a glance (Required.) Enabling OSPF (Optional.) Configuring OSPF areas: • Configuring a stub area • Configuring an NSSA area • Configuring a virtual link (Optional.) Configuring OSPF network types: • Configuring the broadcast network type for an interface •...
Configuration guidelines To enable OSPF on an interface, you can enable OSPF on the network where the interface resides or directly enable OSPF on that interface. If you configure both, the latter takes precedence. You can specify a global router ID, or specify a router ID when you create an OSPF process. •...
Enabling OSPF on an interface Step Command Remarks Enter system view. system-view interface interface-type Enter interface view. interface-number By default, OSPF is disabled on an interface. If the specified OSPF process and area do Enable an OSPF process ospf process-id area not exist, the command creates the OSPF on the interface.
Configuring an NSSA area A stub area cannot import external routes, but an NSSA area can import external routes into the OSPF routing domain while retaining other stub area characteristics. Do not configure the backbone area as an NSSA area or totally NSSA area. To configure an NSSA area, configure the nssa command on all the routers attached to the area.
Configuring OSPF network types OSPF classifies networks into the following types based on the link layer protocol: • Broadcast—When the link layer protocol is Ethernet or FDDI, OSPF classifies the network type as broadcast by default. • NBMA—When the link layer protocol is Frame Relay, ATM, or X.25, OSPF classifies the network type as NBMA by default.
Step Command Remarks Enter system view. system-view interface interface-type Enter interface view. interface-number Configure OSPF By default, the network type of an network type ospf network-type nbma interface depends on the link layer interface as NBMA. protocol. The default setting is 1. (Optional.) Set a router ospf dr-priority priority The router priority configured with this...
Step Command Remarks By default, no neighbor is specified. (Optional.) Specify This step must be performed if the peer ip-address cost neighbor and set its router network type is P2MP unicast, and cost-value ] priority. is optional if the network type is P2MP.
Step Command Remarks ospf router-id process-id Enter OSPF view. router-id vpn-instance vpn-instance-name ] * Enter OSPF area view. area area-id abr-summary ip-address Configure route By default, route summarization is { mask-length | mask } [ advertise | summarization. not configured on an ABR. not-advertise ] [ cost cost-value ] Configuring route summarization on an ASBR Perform this task to enable an ASBR to summarize external routes within the specified address...
Step Command Remarks filter-policy { ipv4-acl-number [ gateway Configure OSPF to prefix-list-name ] | gateway prefix-list-name By default, OSPF accepts all filter routes | prefix-list prefix-list-name [ gateway routes calculated using received calculated using prefix-list-name route-policy LSAs. received LSAs. route-policy-name } import Configuring Type-3 LSA filtering Perform this task to filter Type-3 LSAs advertised to an area on an ABR.
Step Command Remarks Enter system view. system-view ospf [ process-id | router-id Enter OSPF view. router-id vpn-instance vpn-instance-name ] * bandwidth bandwidth-reference value The default setting is 100 Mbps. reference value. Setting the maximum number of ECMP routes Perform this task to implement load sharing over ECMP routes. To set the maximum number of ECMP routes: Step Command...
Step Command Remarks default-route-advertise [ [ always | By default, no default route is permit-calculate-other cost redistributed. cost-value route-policy Redistribute default This command is applicable route-policy-name | type type ] * route. only to VPNs. The PE router default-route-advertise summary advertises a default route in a cost cost-value ] Type-3 LSA to a CE router.
Tuning and optimizing OSPF networks You can use one of the following methods to optimize an OSPF network: • Change OSPF packet timers to adjust the convergence speed and network load. On low-speed links, consider the delay time for sending LSAs. •...
Step Command Remarks By default: • The dead interval on P2P and broadcast interfaces seconds. • The dead interval on P2MP and NBMA interfaces is 120 seconds. Set the dead interval. ospf timer dead seconds The dead interval must be a minimum of four times the hello interval on an interface.
Step Command Remarks By default: • The maximum interval is 5 spf-schedule-interval seconds. maximum-interval • The minimum interval is 50 calculation interval. minimum-interval milliseconds. [ incremental-interval ] ] • The incremental interval is 200 milliseconds. Setting the LSA arrival interval If OSPF receives an LSA that has the same LSA type, LS ID, and router ID as the previously received LSA within the LSA arrival interval, OSPF discards the LSA to save bandwidth and route resources.
Disabling interfaces from receiving and sending OSPF packets To enhance OSPF adaptability and reduce resource consumption, you can set an OSPF interface to "silent." A silent OSPF interface blocks OSPF packets and cannot establish any OSPF neighbor relationship. However, other interfaces on the router can still advertise direct routes of the interface in Router LSAs.
Configuring OSPF authentication Perform this task to configure OSPF area and interface authentication. OSPF adds the configured key into sent packets, and uses the key to authenticate received packets. Only packets that pass the authentication can be received. If a packet fails the authentication, the OSPF neighbor relationship cannot be established.
Adding the interface MTU into DD packets By default, an OSPF interface adds a value of 0 into the interface MTU field of a DD packet rather than the actual interface MTU. You can enable an interface to add its MTU into DD packets. To add the interface MTU into DD packets: Step Command...
Step Command Remarks Enter system view. system-view ospf [ process-id | router-id router-id | Enter OSPF view. vpn-instance vpn-instance-name ] * The default setting is 300 seconds. Set the OSPF exit overflow lsdb-overflow-interval interval The value of 0 indicates that interval.
Configuring OSPF network management This task involves the following configurations: • Bind an OSPF process to MIB so that you can use network management software to manage the specified OSPF process. • Enable SNMP notifications for OSPF to report important events. •...
Step Command Remarks Enter system view. system-view ospf [ process-id | router-id router-id | Enter OSPF view. vpn-instance vpn-instance-name ] * By default, an OSPF interface sends a maximum of three transmit-pacing interval interval count count transmit rate. packets every milliseconds.
• On P2P and P2MP networks, OSPF does not advertise Type-3 links in Type-1 LSAs. Other routing information can still be advertised to ensure traffic forwarding. • On broadcast and NBMA networks, the DR generates Type-2 LSAs with a mask length of 32 to suppress network routes.
Step Command Remarks ospf [ process-id | router-id router-id | Enter OSPF view. vpn-instance vpn-instance-name ] * Enable prefix By default, prefix prioritization prefix-priority route-policy route-policy-name prioritization. is disabled. Configuring OSPF PIC Prefix Independent Convergence (PIC) enables the device to speed up network convergence by ignoring the number of prefixes.
Step Command Remarks interface interface-type Enter interface view. interface-number Enable BFD echo packet ospf primary-path-detect bfd By default, BFD echo packet mode for OSPF PIC. echo mode for OSPF PIC is disabled. Setting the number of OSPF logs OSPF logs include LSA aging logs, route calculation logs, and neighbor logs. To set the number of OSPF logs: Step Command...
Step Command Remarks database-filter peer ip-address { all Filter LSAs for the | { ase [ acl ipv4-acl-number ] | nssa By default, the LSAs for the specified specified neighbor. [ acl ipv4-acl-number ] | summary neighbor are not filtered. [ acl ipv4-acl-number ] } * } Configuring GTSM for OSPF The Generalized TTL Security Mechanism (GTSM) protects the device by comparing the TTL value...
Configuring OSPF GR GR ensures forwarding continuity when a routing protocol restarts or an active/standby switchover occurs. Two routers are required to complete a GR process. The following are router roles in a GR process: • GR restarter—Graceful restarting router. It must have GR capability. •...
Step Command Remarks graceful-restart [ nonstandard ] default, non-IETF Enable non-IETF GR. [ global | planned-only ] * capability is disabled. (Optional.) By default, the GR interval is 120 graceful-restart interval interval interval. seconds. Configuring OSPF GR helper You can configure the IETF or non-IETF OSPF GR helper. Configuring the IETF OSPF GR helper Step Command...
Task Command reset ospf [ process-id ] process graceful-restart Trigger OSPF GR. Configuring OSPF NSR Nonstop routing (NSR) backs up OSPF link state information from the active process to the standby process. After an active/standby switchover, NSR can complete link state recovery and route regeneration without tearing down adjacencies or impacting forwarding services.
Step Command Remarks By default, BFD bidirectional control detection is disabled. Enable bidirectional ospf bfd enable Both ends of a BFD session must be control detection. on the same network segment and in the same area. Configuring single-hop echo detection Step Command Remarks...
Configuration guidelines • Do not use the fast-reroute lfa command together with the vlink-peer command. • When both OSPF PIC and OSPF FRR are configured, OSPF FRR takes effect. Configuration procedure Configuring OSPF FRR to calculate a backup next hop using the LFA algorithm Step Command Remarks...
Step Command Remarks interface interface-type Enter interface view. interface-number By default, BFD control packet Enable BFD control packet ospf primary-path-detect bfd ctrl mode OSPF mode for OSPF FRR. disabled. To configure BFD echo packet mode for OSPF FRR: Step Command Remarks Enter system view.
OSPF configuration examples Basic OSPF configuration example Network requirements As shown in Figure • Enable OSPF on all switches, and split the AS into three areas. • Configure Switch A and Switch B as ABRs. Figure 24 Network diagram Area 0 Switch A Switch B Vlan-int100...
Page 117
# Configure Switch C. <SwitchC> system-view [SwitchC] router id 10.4.1.1 [SwitchC] ospf [SwitchC-ospf-1] area 1 [SwitchC-ospf-1-area-0.0.0.1] network 10.2.1.0 0.0.0.255 [SwitchC-ospf-1-area-0.0.0.1] network 10.4.1.0 0.0.0.255 [SwitchC-ospf-1-area-0.0.0.1] quit [SwitchC-ospf-1] quit # Configure Switch D. <SwitchD> system-view [SwitchD] router id 10.5.1.1 [SwitchD] ospf [SwitchD-ospf-1] area 2 [SwitchD-ospf-1-area-0.0.0.2] network 10.3.1.0 0.0.0.255 [SwitchD-ospf-1-area-0.0.0.2] network 10.5.1.0 0.0.0.255 [SwitchD-ospf-1-area-0.0.0.2] quit...
Routing Table Routing for network Destination Cost Type NextHop AdvRouter Area 10.2.1.0/24 Transit 10.2.1.1 10.2.1.1 0.0.0.1 10.3.1.0/24 Inter 10.1.1.2 10.3.1.1 0.0.0.0 10.4.1.0/24 Stub 10.2.1.2 10.4.1.1 0.0.0.1 10.5.1.0/24 Inter 10.1.1.2 10.3.1.1 0.0.0.0 10.1.1.0/24 Transit 10.1.1.1 10.2.1.1 0.0.0.0 Total nets: 5 Intra area: 3 Inter area: 2 ASE: 0 NSSA: 0...
Page 119
• Configure Switch A and Switch B as ABRs. • Configure Switch C as an ASBR to redistribute external routes (static routes). Figure 25 Network diagram Switch A Area 0 Switch B Vlan-int100 10.1.1.1/24 Vlan-int100 10.1.1.2/24 Vlan-int200 Vlan-int200 10.3.1.1/24 10.2.1.1/24 Vlan-int200 Vlan-int200 Area 1...
10.5.1.0/24 Stub 10.5.1.1 10.5.1.1 0.0.0.2 10.1.1.0/24 Inter 10.3.1.1 10.3.1.1 0.0.0.2 Routing for ASEs Destination Cost Type NextHop AdvRouter 3.1.2.0/24 Type2 10.3.1.1 10.4.1.1 Total nets: 6 Intra area: 2 Inter area: 3 ASE: 1 NSSA: 0 OSPF route summarization configuration example Network requirements As shown in Figure...
Page 121
[SwitchA-ospf-1-area-0.0.0.0] quit [SwitchA-ospf-1] quit # Configure Switch B. <SwitchB> system-view [SwitchB] router id 11.2.1.1 [SwitchB] ospf [SwitchB-ospf-1] area 0 [SwitchB-ospf-1-area-0.0.0.0] network 11.2.1.0 0.0.0.255 [SwitchB-ospf-1-area-0.0.0.0] quit [SwitchB-ospf-1] quit # Configure Switch C. <SwitchC> system-view [SwitchC] router id 11.1.1.2 [SwitchC] ospf [SwitchC-ospf-1] area 0 [SwitchC-ospf-1-area-0.0.0.0] network 10.1.1.0 0.0.0.255 [SwitchC-ospf-1-area-0.0.0.0] network 10.2.1.0 0.0.0.255 [SwitchC-ospf-1-area-0.0.0.0] quit...
Page 122
[SwitchC-bgp] peer 11.1.1.1 as 200 [SwitchC-bgp] address-family ipv4 unicast [SwitchC-bgp-ipv4] import-route ospf [SwitchC-bgp-ipv4]import-route direct [SwitchC-bgp-ipv4] quit [SwitchC-bgp] quit Configure Switch B and Switch C to redistribute BGP routes into OSPF: # Configure OSPF to redistribute routes from BGP on Switch B. [SwitchB] ospf [SwitchB-ospf-1] import-route bgp # Configure OSPF to redistribute routes from BGP on Switch C.
11.2.1.0/32 Direct 0 11.2.1.2 Vlan100 11.2.1.2/32 Direct 0 127.0.0.1 InLoop0 11.2.1.255/32 Direct 0 11.2.1.2 Vlan100 127.0.0.0/8 Direct 0 127.0.0.1 InLoop0 127.0.0.0/32 Direct 0 127.0.0.1 InLoop0 127.0.0.1/32 Direct 0 127.0.0.1 InLoop0 127.255.255.255/32 Direct 0 127.0.0.1 InLoop0 224.0.0.0/4 Direct 0 0.0.0.0 NULL0 224.0.0.0/24 Direct 0 0.0.0.0...
Page 124
OSPF Process 1 with Router ID 10.4.1.1 Routing Table to ABR and ASBR Type Destination Area Cost Nexthop RtType Intra 10.2.1.1 0.0.0.1 10.2.1.1 Inter 10.5.1.1 0.0.0.1 10.2.1.1 ASBR # Display OSPF routing table on Switch C. <SwitchC> display ospf routing OSPF Process 1 with Router ID 10.4.1.1 Routing Table Routing for network...
Routing for network Destination Cost Type NextHop AdvRouter Area 0.0.0.0/0 Inter 10.2.1.1 10.2.1.1 0.0.0.1 10.2.1.0/24 Transit 0.0.0.0 10.2.1.1 0.0.0.1 10.3.1.0/24 Inter 10.2.1.1 10.2.1.1 0.0.0.1 10.4.1.0/24 Stub 10.4.1.1 10.4.1.1 0.0.0.1 10.5.1.0/24 Inter 10.2.1.1 10.2.1.1 0.0.0.1 10.1.1.0/24 Inter 10.2.1.1 10.2.1.1 0.0.0.1 Total nets: 6 Intra area: 2 Inter area: 4 ASE: 0...
Page 126
Figure 28 Network diagram Switch A Area 0 Switch B Vlan-int100 10.1.1.1/24 Vlan-int100 Vlan-int200 10.1.1.2/24 Vlan-int200 10.3.1.1/24 10.2.1.1/24 Area 1 Vlan-int200 Vlan-int200 Area 2 NSSA 10.3.1.2/24 10.2.1.2/24 ASBR Vlan-int300 Vlan-int300 10.5.1.1/24 Switch C Switch D 10.4.1.1/24 Configuration procedure Configure IP addresses for interfaces. Enable OSPF (see "...
Configure route redistribution: # Configure Switch C to redistribute static routes. [SwitchC] ip route-static 3.1.3.1 24 10.4.1.2 [SwitchC] ospf [SwitchC-ospf-1] import-route static [SwitchC-ospf-1] quit # Display OSPF routing information on Switch D. <SwitchD> display ospf routing OSPF Process 1 with Router ID 10.5.1.1 Routing Table Routing for network Destination...
Page 128
Configuration procedure Configure IP addresses for interfaces. (Details not shown.) Enable OSPF: # Configure Switch A. <SwitchA> system-view [SwitchA] router id 1.1.1.1 [SwitchA] ospf [SwitchA-ospf-1] area 0 [SwitchA-ospf-1-area-0.0.0.0] network 192.168.1.0 0.0.0.255 [SwitchA-ospf-1-area-0.0.0.0] quit [SwitchA-ospf-1] quit # Configure Switch B. <SwitchB> system-view [SwitchB] router id 2.2.2.2 [SwitchB] ospf [SwitchB-ospf-1] area 0...
Page 129
Authentication Sequence: [ 0 ] Neighbor state change count: 6 BFD status: Disabled Router ID: 3.3.3.3 Address: 192.168.1.3 GR State: Normal State: Full Mode: Nbr is master Priority: 1 DR: 192.168.1.4 BDR: 192.168.1.3 MTU: 0 Options is 0x02 (-|-|-|-|-|-|E|-) Dead timer due in 31 Neighbor is up for 00:01:28 Authentication Sequence: [ 0 ] Neighbor state change count: 6...
Page 130
Dead timer due in 31 Neighbor is up for 00:11:17 Authentication Sequence: [ 0 ] Neighbor state change count: 6 BFD status: Disabled Router ID: 2.2.2.2 Address: 192.168.1.2 GR State: Normal State: Full Mode:Nbr is slave Priority: 0 DR: 192.168.1.4 BDR: 192.168.1.3 MTU: 0 Options is 0x02 (-|-|-|-|-|-|E|-)
Router ID: 2.2.2.2 Address: 192.168.1.2 GR State: Normal State: 2-Way Mode: None Priority: 0 DR: 192.168.1.1 BDR: 192.168.1.3 MTU: 0 Options is 0x02 (-|-|-|-|-|-|E|-) Dead timer due in 35 Neighbor is up for 00:01:44 Authentication Sequence: [ 0 ] Neighbor state change count: 6 BFD status: Disabled Router ID: 3.3.3.3 Address: 192.168.1.3...
Page 132
Figure 30 Network diagram Area 0 Switch B Vlan-int300 10.1.1.2/24 Switch A Area 1 Vlan-int300 10.1.1.1/24 Vlan-int200 10.2.1.1/24 Vlan-int100 Vlan-int200 10.3.1.1/24 10.2.1.2/24 Vlan-int100 10.3.1.2/24 Switch D Switch C Area 2 Configuration procedure Configure IP addresses for interfaces. (Details not shown.) Enable OSPF: # Configure Switch A.
# Display the OSPF routing table on Switch B. [SwitchB] display ospf routing OSPF Process 1 with Router ID 2.2.2.2 Routing Table Routing for network Destination Cost Type NextHop AdvRouter Area 10.2.1.0/24 Transit 10.2.1.1 3.3.3.3 0.0.0.1 10.1.1.0/24 Transit 10.1.1.2 2.2.2.2 0.0.0.0 Total nets: 2 Intra area: 2...
Page 134
• Switch A acts as the non-IETF GR restarter. Switch B and Switch C are the GR helpers, and synchronize their LSDBs with Switch A through OOB communication of GR. Figure 31 Network diagram Router ID: 1.1.1.1 GR restarter Switch A Vlan-int100 192.1.1.1/24 Vlan-int100...
Page 135
[SwitchA-ospf-100] graceful-restart [SwitchA-ospf-100] quit # Configure Switch B as the GR helper: enable the link-local signaling capability and the out-of-band re-synchronization capability for OSPF process 100. [SwitchB-ospf-100] enable link-local-signaling [SwitchB-ospf-100] enable out-of-band-resynchronization # Configure Switch C as the GR helper: enable the link-local signaling capability and the out-of-band re-synchronization capability for OSPF process 100.
%Oct 21 15:29:33:815 2011 SwitchA OSPF/5/OSPF_NBR_CHG: OSPF 100 Neighbor 192.1.1.3(Vlan-interface100) from Loading to Full. %Oct 21 15:29:35:578 2011 SwitchA OSPF/5/OSPF_NBR_CHG: OSPF 100 Neighbor 192.1.1.2(Vlan-interface100) from Loading to Full. The output shows that Switch A completes GR. OSPF NSR configuration example Network requirements As shown in Figure...
Page 137
Re-optimization of the placement complete. Use 'display placement' to view the new placement # During the switchover period, display OSPF neighbors on Switch A to verify the neighbor relationship between Switch A and Switch S. <SwitchA> display ospf peer OSPF Process 1 with Router ID 2.2.2.1 Neighbor Brief Information Area: 0.0.0.0 Router ID...
14.14.14.0/24 Transit 14.14.14.1 4.4.4.1 0.0.0.0 22.22.22.22/32 Stub 14.14.14.2 2.2.2.1 0.0.0.0 12.12.12.0/24 Transit 14.14.14.2 2.2.2.1 0.0.0.0 Total nets: 4 Intra area: 4 Inter area: 0 ASE: 0 NSSA: 0 The output shows the following when an active/standby switchover occurs on Switch S: •...
Ping the neighbor router's IP address to verify that the connectivity is normal. Verify OSPF timers. The dead interval on an interface must be a minimum of four times the hello interval. On an NBMA network, use the peer ip-address command to manually specify the neighbor. A minimum of one interface must have a router priority higher than 0 on an NBMA or a broadcast network.
Configuring IS-IS Overview Intermediate System-to-Intermediate System (IS-IS) is a dynamic routing protocol designed by the ISO to operate on the connectionless network protocol (CLNP). IS-IS was modified and extended in RFC 1195 by the IETF for application in both TCP/IP and OSI reference models, called "Integrated IS-IS"...
Figure 35 NSAP address format HO-DSP System ID (6 octet) SEL (1 octet) Area address Area address The area address comprises the IDP and the HO-DSP of the DSP, which identify the area and the routing domain. Different routing domains cannot have the same area address. Typically, a router only needs one area address, and all nodes in the same area must have the same area address.
Typically, a router only needs one NET, but it can have a maximum of three NETs for smooth area merging and partitioning. When you configure multiple NETs, make sure the system IDs are the same. IS-IS area IS-IS has a 2-level hierarchy to support large-scale networks. A large-scale routing domain is divided into multiple areas.
backbone in this topology. The backbone comprises all contiguous Level-2 and Level-1-2 routers in different areas. The IS-IS backbone does not need to be a specific area. Figure 37 IS-IS topology 2 Area 1 Area 4 Area 2 L1/L2 L1/L2 Area 3 Both the Level-1 and Level-2 routers use the SPF algorithm to generate the shortest path tree.
As shown in Figure 38, the same level routers on a network, including non-DIS routers, establish adjacency with each other. Figure 38 DIS in the IS-IS broadcast network L1/L2 L1/L2 L2 adjacencies L1 adjacencies The DIS creates and updates pseudonodes, and generates LSPs for the pseudonodes, to describe all routers on the network.
Page 150
Type PDU Type Acronym Level-1 Partial Sequence Numbers PDU L1 PSNP Level-2 Partial Sequence Numbers PDU L2 PSNP Hello PDU IS-to-IS hello (IIH) PDUs are used by routers to establish and maintain neighbor relationships. On broadcast networks, Level-1 routers use Level-1 LAN IIHs, and Level-2 routers use Level-2 LAN IIHs. The P2P IIHs are used on point-to-point networks.
CLV Code Name PDU Type Authentication Information IIH, LSP, SNP IP Internal Reachability Information Protocols Supported IIH, LSP IP External Reachability Information L2 LSP Inter-Domain Routing Protocol Information L2 LSP IP Interface Address IIH, LSP MT-ISN M-Topologies IIH, LSP MT IP. Reach MT IPv6 IP.
Tasks at a glance (Optional.) Configuring IS-IS route control: • Configuring IS-IS link cost • Specifying a preference for IS-IS • Configuring the maximum number of ECMP routes • Configuring IS-IS route summarization • Advertising a default route • Configuring IS-IS route redistribution •...
Enabling IS-IS Step Command Remarks Enter system view. system-view isis process-id Enable IS-IS and enter IS-IS vpn-instance By default, IS-IS is disabled. view. vpn-instance-name ] Assign a NET. network-entity net By default, NET is not assigned. Return to system view. quit interface interface-type...
If only two routers exist on a broadcast network, set the network type of attached interfaces to P2P. This avoids DIS election and CSNP flooding, saving network bandwidth and speeding up network convergence. To configure P2P network type for an interface: Step Command Remarks...
Configuring an IS-IS cost for an interface Step Command Remarks Enter system view. system-view isis process-id vpn-instance Enter IS-IS view. vpn-instance-name ] cost-style narrow wide (Optional.) Specify an By default, the IS-IS cost wide-compatible compatible IS-IS cost style. type is narrow. narrow-compatible } [ relax-spf-limit ] } Return to system view.
Advertising a default route IS-IS cannot redistribute a default route to its neighbors. This task enables IS-IS to advertise a default route of 0.0.0.0/0 in an LSP to the same-level neighbors. Upon receiving the default route, the neighbors add it into their routing table. To advertise a default route: Step Command...
Filtering routes calculated from received LSPs IS-IS saves LSPs received from neighbors in the LSDB, and uses the SPF algorithm to calculate the shortest path tree with itself as the root. IS-IS installs the calculated routes to the IS-IS routing table and the optimal routes to the IP routing table.
On a P2P link, Level-1 and Level-2 hello packets are advertised in P2P hello packets. You do not need to specify Level-1 or Level-2. To specify the IS-IS hello multiplier: Step Command Remarks Enter system view. system-view interface interface-type Enter interface view. interface-number isis timer holding-multiplier value The default setting is...
To disable an interface from sending and receiving IS-IS packets: Step Command Remarks Enter system view. system-view interface interface-type Enter interface view. interface-number Disable the interface from By default, the interface can send sending and receiving IS-IS isis silent and receive IS-IS packets. packets.
Page 162
occurs frequently, excessive LSPs are generated, consuming a large amount of router resources and bandwidth. To solve the problem, you can adjust the LSP generation interval. When network changes are not frequent, the minimum-interval is adopted. If network changes become frequent, the LSP generation interval is incremented by incremental-interval × 2n-2 (n is the number of calculation times) each time a generation occurs until the maximum-interval is reached.
To specify LSP lengths: Step Command Remarks Enter system view. system-view isis [ process-id ] [ vpn-instance Enter IS-IS view. vpn-instance-name ] default, maximum Specify the maximum length lsp-length originate size [ level-1 | length of generated Level-1 of generated Level-1 LSPs or level-2 ] LSPs or Level-2 LSPs is 1497 Level-2 LSPs.
network. By adjusting the SPF calculation interval, you can prevent bandwidth and router resources from being over consumed due to frequent topology changes. When network changes are not frequent, the minimum-interval is adopted. If network changes become frequent, the SPF calculation interval is incremented by incremental-interval × 2 (n is the number of calculation times) each time a calculation occurs until the maximum-interval is reached.
To set the LSDB overload bit: Step Command Remarks Enter system view. system-view isis process-id vpn-instance Enter IS-IS view. vpn-instance-name ] set-overload on-startup [ [ start-from-nbr system-id [ timeout1 By default, the overload bit is Set the overload bit. [ nbr-timeout ] ] ] | timeout2 | wait-for-bgp not set.
Step Command Remarks Configure By default, the tag value of value isis tag tag interface interface. configured. Configuring system ID to host name mappings A 6-byte system ID in hexadecimal notation uniquely identifies a router or host in an IS-IS network. To make a system ID easy to read, the system allows you to use host names to identify devices.
Step Command Remarks interface interface-type Enter interface view. interface-number By default, no DIS name is configured. This command takes effect only on a Configure router enabled with dynamic system ID isis dis-name symbolic-name name. to host name mapping. This command is not available on P2P interfaces.
Step Command Remarks Enter interface view. interface interface-type interface-number default, prefix suppression is disabled on Enable prefix the interface. suppression on the isis prefix-suppression This command also interface. applicable to the secondary IP address of the interface. Configuring IS-IS network management This task includes the following configurations: •...
Configuring IS-IS PIC Prefix Independent Convergence (PIC) enables the device to speed up network convergence by ignoring the number of prefixes. When both IS-IS PIC and IS-IS FRR are configured, IS-IS FRR takes effect. IS-IS PIC applies only to LSPs sent by neighbors. Enabling IS-IS PIC Step Command...
Enhancing IS-IS network security To enhance the security of an IS-IS network, you can configure IS-IS authentication. IS-IS authentication involves neighbor relationship authentication, area authentication, and routing domain authentication. Configuration prerequisites Before the configuration, complete the following tasks: • Configure IP addresses for interfaces to ensure IP connectivity between neighboring nodes. •...
• GR restarter—Graceful restarting router. It must have GR capability. • GR helper—A neighbor of the GR restarter. It assists the GR restarter to complete the GR process. By default, the device acts as the GR helper. Configure IS-IS GR on the GR restarter. GR restarter uses the following timers: •...
NSR solves the problem by backing up IS-IS link state information from the active process to the standby process. After an active/standby switchover, NSR can complete link state recovery and route regeneration without requiring the cooperation of other devices. IMPORTANT: IS-IS NSR and IS-IS GR are mutually exclusive.
Figure 41, after you enable FRR on Router B, IS-IS automatically calculates or designates a backup next hop when a link failure is detected. In this way, packets are directed to the backup next hop to reduce traffic recovery time. Meanwhile, IS-IS calculates the shortest path based on the new network topology, and forwards packets over the path after network convergence.
Step Command Remarks Enter system view. system-view Enter interface view. interface interface-type interface-number By default, the interface (Optional.) Disable LFA participates calculation isis fast-reroute lfa-backup exclude calculation, and can be interface. elected backup interface. Return to system view. quit isis [ process-id ] [ vpn-instance vpn-instance-name ] Enter IS-IS IPv4 unicast address family view.
Page 176
Task Command Display IS-IS process information. display isis [ process-id ] (In standalone mode.) Display IS-IS display isis event-log graceful-restart slot slot-number GR log information. (In IRF mode.) Display IS-IS GR log display isis event-log graceful-restart chassis chassis-number slot slot-number information.
192.168.0.0/24 NULL Vlan300 Direct D/L/- 10.1.1.0/24 NULL Vlan100 Direct D/L/- 10.1.2.0/24 NULL Vlan200 Direct D/L/- Flags: D-Direct, R-Added to Rib, L-Advertised in LSPs, U-Up/Down Bit Set Level-2 IPv4 Forwarding Table ----------------------------- IPv4 Destination IntCost ExtCost ExitInterface NextHop Flags ------------------------------------------------------------------------------- 192.168.0.0/24 NULL D/L/- 10.1.1.0/24...
Page 182
Figure 43 Network diagram Switch A Switch B L1/L2 L1/L2 Vlan-int100 Vlan-int100 10.1.1.1/24 10.1.1.2/24 Vlan-int100 Vlan-int100 10.1.1.3/24 10.1.1.4/24 Switch C Switch D Configuration procedure Configure IP addresses for interfaces. (Details not shown.) Enable IS-IS: # Configure Switch A. <SwitchA> system-view [SwitchA] isis 1 [SwitchA-isis-1] network-entity 10.0000.0000.0001.00 [SwitchA-isis-1] quit...
Page 183
[SwitchD-isis-1] quit [SwitchD] interface vlan-interface 100 [SwitchD-Vlan-interface100] isis enable 1 [SwitchD-Vlan-interface100] quit # Display information about IS-IS neighbors on Switch A. [SwitchA] display isis peer Peer information for IS-IS(1) ---------------------------- System Id: 0000.0000.0002 Interface: Vlan-interface100 Circuit Id: 0000.0000.0003.01 State: Up HoldTime: 21s Type: L1(L1L2) PRI: 64...
Page 184
Interface: Vlan-interface100 Index IPv4.State IPv6.State CircuitID Type 00001 Down 1497 L1/L2 No/Yes The output shows that when the default DIS priority is used, Switch C is the DIS for Level-1, and Switch D is the DIS for Level-2. The pseudonodes of Level-1 and Level-2 are 0000.0000.0003.01 and 0000.0000.0004.01.
----------------------------- IPv4 Destination IntCost ExtCost ExitInterface NextHop Flags ------------------------------------------------------------------------------- 10.1.1.0/24 NULL VLAN100 Direct D/L/- 10.1.2.0/24 NULL VLAN200 Direct D/L/- 192.168.0.0/24 NULL VLAN300 Direct D/L/- Flags: D-Direct, R-Added to Rib, L-Advertised in LSPs, U-Up/Down Bit Set Level-2 IPv4 Forwarding Table ----------------------------- IPv4 Destination IntCost ExtCost ExitInterface...
Page 190
Figure 45 Network diagram Switch A Vlan-int100 10.1.1.2/24 Vlan-int100 Vlan-int300 10.1.1.1/24 10.1.3.1/24 Vlan-int300 Vlan-int200 10.1.3.2/24 Switch C 10.1.2.1/24 Switch D L1/L2 Vlan-int200 10.1.2.2/24 Area 20 Switch B Area 10 Configuration procedure Configure IP addresses for interfaces. (Details not shown.) Configure basic IS-IS: # Configure Switch A.
Page 191
# Configure Switch D. <SwitchD> system-view [SwitchD] isis 1 [SwitchD-isis-1] network-entity 20.0000.0000.0001.00 [SwitchD-isis-1] quit [SwitchD] interface vlan-interface 300 [SwitchD-Vlan-interface300] isis enable 1 [SwitchD-Vlan-interface300] quit Configure neighbor relationship authentication between neighbors: # Set the authentication mode to MD5 and set the plaintext key to eRq on VLAN-interface 100 of Switch A and on VLAN-interface 100 of Switch C.
[SwitchD] isis 1 [SwitchD-isis-1] domain-authentication-mode md5 plain 1020Sec IS-IS GR configuration example Network requirements As shown in Figure 46, Switch A, Switch B, and Switch C belong to the same IS-IS routing domain. Figure 46 Network diagram GR restarter Switch A Vlan-int100 10.0.0.1/24 Vlan-int100...
Level-2 restart information --------------------------- Total number of interfaces: 1 Number of waiting LSPs: 0 IS-IS NSR configuration example Network requirements As shown in Figure 47, Switch S, Switch A, and Switch B belong to the same IS-IS routing domain. • Run IS-IS on all the switches to interconnect them with each other.
Page 194
ip6addr ipaddr trange tunnel lagg slsp usr6 ethbase ipcim ip6base ipbase ifnet isis Continue? [y/n]:y Re-optimization of the placement start. You will be notified on completion Re-optimization of the placement complete. Use 'display placement' to view the new placement # During the switchover period, display IS-IS neighbor information on Switch A to verify the neighborship between Switch A and Switch S.
Page 195
------------------------------------------------------------------------------- 12.12.12.0/24 NULL vlan100 Direct D/L/- 22.22.22.22/32 NULL Loop0 Direct D/-/- 14.14.14.0/32 NULL vlan100 12.12.12.2 R/L/- 44.44.44.44/32 NULL vlan100 12.12.12.2 R/L/- Flags: D-Direct, R-Added to Rib, L-Advertised in LSPs, U-Up/Down Bit Set Level-2 IPv4 Forwarding Table ----------------------------- IPv4 Destination IntCost ExtCost ExitInterface NextHop Flags...
Page 200
Configuration procedure Configure IP addresses and subnet masks for interfaces on the switches. (Details not shown.) Configure IS-IS on the switches to make sure Switch A, Switch B, and Switch C can communicate with each other at Layer 3. (Details not shown.) Configure IS-IS FRR: Enable IS-IS FRR to calculate a backup next hop through LFA calculation, or designate a backup next hop by using a referenced routing policy.
Page 201
[SwitchB-isis-1-ipv4] quit [SwitchB-isis-1] quit Verifying the configuration # Display route 4.4.4.4/32 on Switch A to view the backup next hop information. [SwitchA] display ip routing-table 4.4.4.4 verbose Summary Count : 1 Destination: 4.4.4.4/32 Protocol: IS_L1 Process ID: 1 SubProtID: 0x1 Age: 04h20m37s Cost: 10 Preference: 10...
Configuring BGP Overview Border Gateway Protocol (BGP) is an exterior gateway protocol (EGP). It is called internal BGP (IBGP) when it runs within an AS and called external BGP (EBGP) when it runs between ASs. The current version in use is BGP-4 (RFC 4271). BGP has the following characteristics: •...
Page 204
The ORIGIN attribute specifies the origin of BGP routes. This attribute has the following types: IGP—Has the highest priority. Routes generated in the local AS have the IGP attribute. EGP—Has the second highest priority. Routes obtained through EGP have the EGP ...
Page 205
When a BGP speaker sends a received route to an EBGP peer, it sets the address of the sending interface as the NEXT_HOP. When a BGP speaker sends a route received from an EBGP peer to an IBGP peer, it does ...
Page 206
Generally BGP only compares MEDs of routes received from the same AS. You can also use the compare-different-as-med command to force BGP to compare MED values of routes received from different ASs. • LOCAL_PREF The LOCAL_PREF attribute is exchanged between IBGP peers only, and is not advertised to any other AS.
• Extended community attribute To meet new demands, BGP defines the extended community attribute. The extended community attribute has the following advantages over the COMMUNITY attribute: Provides more attribute values by extending the attribute length to eight bytes. Allows for using different types of extended community attributes in different scenarios to ...
• When multiple feasible routes to a destination exist, BGP advertises only the optimal route to its peers. If the advertise-rib-active command is configured, BGP advertises the optimal route in the IP routing table. If not, BGP advertises the optimal route in the BGP routing table. •...
Figure 54 Network diagram Router A Router D Router C AS 200 AS 100 9.0.0.0/24 Router B Router E Settlements for problems in large-scale BGP networks You can use the following methods to facilitate management and improve route distribution efficiency on a large-scale BGP network.
Page 210
Figure 55 BGP route dampening Penalty value Suppress threshold Reusable threshold Suppression time Time Half-life • Peer group You can organize BGP peers with the same attributes into a group to simplify their configurations. When a peer joins the peer group, the peer obtains the same configuration as the peer group. If the configuration of the peer group is changed, the configuration of group members is changed.
Page 211
The route reflector and clients form a cluster. Typically a cluster has one route reflector. The ID of the route reflector is the Cluster_ID. You can configure more than one route reflector in a cluster to improve availability, as shown in Figure 57.
A non-confederation BGP speaker does not need to know sub-ASs in the confederation. It considers the confederation as one AS, and the confederation ID as the AS number. In the above figure, AS 200 is the confederation ID. Confederation has a deficiency. When you change an AS into a confederation, you must reconfigure the routers, and the topology will be changed.
BGP multi-instance A BGP router can run multiple BGP processes. Each BGP process corresponds to a BGP instance. BGP maintains an independent routing table for each BGP instance. You can enable session multithreading for each BGP process. The session multithreading feature implements the parallel processing of sessions for different BGP peers on different threads.
Page 214
View names Ways to enter the views Remarks Configurations in this view apply to <Sysname> system-view VPNv4 routes and peers of the [Sysname] bgp 100 instance abc specified BGP instance. BGP VPNv4 address family [Sysname-bgp-abc] view For more information about BGP address-family vpnv4 VPNv4 address family view, see [Sysname-bgp-abc-vpnv4]...
Page 216
Tasks at a glance Remarks (Optional.) Controlling route distribution and reception: • Configuring BGP route summarization • BGP cannot advertise Advertising optimal routes in the IP routing table optimal routes in the IP • Advertising a default route to a peer or peer group routing table for IPv4 •...
Page 217
Tasks at a glance Remarks BGP does not support (Optional.) Configuring BGP FRR FRR for IPv4 multicast routes. (Optional.) Configuring BGP LS To configure BGP, perform the following tasks (IPv6 unicast): Tasks at a glance Remarks Configuring basic BGP: • As a best practice, (Required.) Enabling BGP...
Tasks at a glance Remarks (Optional.) Tuning and optimizing BGP networks: • Configuring the keepalive interval and hold time • Configuring the interval for sending updates for the same route • Enabling BGP to establish an EBGP session over multiple hops •...
• To modify a non-zero router ID of a BGP instance , use the router-id command in BGP instance view, rather than the router id command in system view. • If you specify a router ID in BGP instance view and then remove the interface that owns the router ID, the router does not select a new router ID.
Page 220
Step Command Remarks • Enter BGP instance view: bgp as-number [ instance instance-name [ multi-session-thread ] • Enter BGP-VPN instance view: Enter BGP instance view or BGP-VPN instance view. a. bgp as-number instance instance-name [ multi-session-thread ] b. ip vpn-instance vpn-instance-name Create an IPv4 BGP peer peer ipv4-address as-number...
Configuring a BGP peer (IPv4 multicast address family) Step Command Remarks Enter system view. system-view as-number instance Enter BGP instance view instance-name [ multi-session-thread ] Create an IPv4 BGP peer peer ipv4-address as-number By default, no IPv4 BGP peers and specify its AS number. as-number exist.
Page 222
Step Command Remarks Create the BGP IPv4 By default, no BGP IPv4 unicast address family or unicast address family BGP-VPN IPv4 unicast address-family ipv4 [ unicast ] BGP-VPN IPv4 unicast address family and enter address family exists. its view. Enable BGP to exchange default, cannot IPv4...
Step Command Remarks (Optional.) Configure a By default, no description is peer ipv4-address mask-length description for dynamic configured for dynamic BGP description text BGP peers. peers. Create the BGP IPv4 By default, no BGP IPv4 multicast address family address-family ipv4 multicast multicast address family exists.
Page 224
Step Command Remarks Create the BGP IPv4 unicast By default, no BGP IPv4 unicast address family or BGP-VPN address-family ipv4 [ unicast ] address family or BGP-VPN IPv4 IPv4 unicast address family unicast address family exists. and enter its view. Enable router exchange...
Page 225
Step Command Remarks By default, no IBGP peer groups Create an IBGP peer group. group group-name [ internal ] exist. By default, no peer exists in the peer group. peer ipv4-address [ mask-length ] Add an IPv4 peer into the group group-name [ as-number as-number as-number...
Page 226
Step Command Remarks By default, no AS number is specified. Specify the AS number of the peer as-number group-name If a peer group contains peers, group. as-number you cannot remove or change its AS number. By default, no peers exist in the peer group.
Page 227
Step Command Remarks By default, no peers exist in the peer group. peer ipv6-address [ prefix-length ] as-number as-number Add a peer into the EBGP group group-name [ as-number option, if used, must specify the peer group. as-number ] same AS number as the peer group-name as-number as-number command.
Page 228
Step Command Remarks Enter system view. system-view • Enter BGP instance view: bgp as-number [ instance instance-name [ multi-session-thread ] • Enter BGP-VPN instance view: Enter BGP instance view or BGP-VPN instance view. a. bgp as-number instance instance-name [ multi-session-thread ] b.
Page 229
Step Command Remarks • Enter BGP instance view: bgp as-number [ instance instance-name [ multi-session-thread ] • Enter BGP-VPN instance view: Enter BGP instance view or BGP-VPN instance view. a. bgp as-number instance instance-name [ multi-session-thread ] b. ip vpn-instance vpn-instance-name By default, no EBGP peer groups Create an EBGP peer group.
Page 230
Step Command Remarks By default, no peers exist in the peer group. as-number as-number peer ipv4-address [ mask-length ] Add the peer into the EBGP option, if used, must specify the group group-name [ as-number peer group. same AS number as the peer as-number ] ipv4-address mask-length...
Page 231
To configure an EBGP peer group by using Method 3 (IPv6 unicast address family): Step Command Remarks Enter system view. system-view • Enter BGP instance view: bgp as-number [ instance instance-name [ multi-session-thread ] • Enter BGP-VPN instance view: Enter BGP instance view or BGP-VPN instance view.
Step Command Remarks Enable router By default, the router cannot exchange IPv4 unicast exchange IPv4 unicast routing routing information used for peer group-name enable information used for RPF check RPF check with peers in the with the peers. specified peer group. Specifying the source address of TCP connections By default, BGP uses the primary IPv4/IPv6 address of the output interface in the optimal route to a peer or peer group as the source address of TCP connections to the peer or peer group.
Step Command Remarks network ipv6-address Configure BGP to advertise a default, does prefix-length route-policy local network. advertise local networks. route-policy-name ] Redistributing IGP routes Perform this task to configure route redistribution from an IGP to BGP. By default, BGP does not redistribute default IGP routes. You can use the default-route imported command to redistribute default IGP routes into the BGP routing table.
Step Command Remarks Enter system view. system-view • Enter BGP IPv6 unicast address family view: a. bgp as-number instance instance-name [ multi-session-thread ] b. address-family ipv6 [ unicast ] Enter BGP IPv6 unicast • address family view Enter BGP-VPN IPv6 unicast BGP-VPN IPv6 unicast...
Page 237
Step Command Remarks Enter system view. system-view • Enter BGP IPv4 unicast address family view: a. bgp as-number instance instance-name [ multi-session-thread ] b. address-family ipv4 [ unicast ] • Enter BGP-VPN IPv4 unicast address family view: c. bgp as-number Enter BGP IPv4 unicast instance...
Page 238
Step Command Remarks • Enter BGP IPv4 unicast address family view: a. bgp as-number instance instance-name [ multi-session-thread ] b. address-family ipv4 [ unicast ] • Enter BGP-VPN IPv4 unicast address family view: c. bgp as-number Enter BGP IPv4 unicast instance address family...
Step Command Remarks Enable BGP to advertise optimal routes in the IP By default, the setting is the same advertise-rib-active routing table of the address as that in BGP instance view. family in the VPN instance. To enable BGP to advertise optimal routes in the IPv6 routing table (IPv6 unicast): Step Command Remarks...
Page 241
Step Command Remarks • Enter BGP IPv4 unicast address family view: a. bgp as-number instance instance-name [ multi-session-thread ] b. address-family ipv4 [ unicast ] • Enter BGP-VPN IPv4 unicast address family view: c. bgp as-number Enter BGP IPv4 unicast instance address family...
Step Command Remarks peer { group-name | ipv6-address Advertise a default route to a prefix-length By default, no default route is peer or peer group. default-route-advertise advertised. [ route-policy route-policy-name ] Limiting routes received from a peer or peer group This feature can prevent attacks that send a large number of BGP routes to the router.
Step Command Remarks peer { group-name | ipv4-address Specify maximum [ mask-length ] } route-limit By default, the number of routes number of routes that a prefix-number [ { alert-only | that a router can receive from a router can receive from a discard reconnect peer or peer group is not limited.
Page 244
If you configure multiple filtering policies, apply them in the following sequence: filter-policy export peer filter-policy export peer as-path-acl export peer prefix-list export peer route-policy export Only routes passing all the configured policies can be advertised. To configure BGP route distribution filtering policies (IPv4 unicast/multicast address family): Step Command Remarks...
Page 245
Step Command Remarks • Reference an ACL or IP prefix list to filter advertised routes: filter-policy ipv4-acl-number prefix-list prefix-list-name } export direct isis process-id | ospf process-id | rip process-id | static ] • Reference a routing policy to filter BGP routes advertised to a peer or peer group: peer group-name...
Page 246
Step Command Remarks • Enter BGP IPv6 unicast address family view: a. bgp as-number instance instance-name [ multi-session-thread ] b. address-family ipv6 [ unicast ] Enter BGP IPv6 unicast • address family view Enter BGP-VPN IPv6 unicast BGP-VPN IPv6 unicast address family view: address family view.
Page 247
Configuring BGP route reception filtering policies You can use the following methods to configure BGP route reception filtering policies: • Use an ACL or prefix list to filter routing information received from all peers. • Use a routing policy, ACL, AS path list, or prefix list to filter routing information received from a peer or peer group.
Page 248
Step Command Remarks • Reference an ACL or IP prefix list to filter BGP routes received from peers: filter-policy { ipv4-acl-number | prefix-list prefix-list-name import • Reference a routing policy to filter BGP routes received from a peer peer group: peer { group-name | ipv4-address [ mask-length ] } route-policy route-policy-name import...
Configuring BGP route dampening Route dampening enables BGP to not select unstable routes as optimal routes. This feature applies to EBGP routes but not to IBGP routes. If an EBGP peer goes down after you configure this feature, routes coming from the peer are dampened but not deleted.
Step Command Remarks Set a preferred value for peer { group-name | ipv6-address routes received from a peer [ prefix-length ] } preferred-value The default preferred value is 0. or peer group. value Configuring preferences for BGP routes Routing protocols each have a default preference. If they find multiple routes destined for the same network, the route found by the routing protocol with the highest preference is selected as the optimal route.
Step Command Remarks Configure an EBGP route as network ipv4-address By default, an EBGP route has a a shortcut route. [ mask-length | mask ] short-cut preference of 255. To configure preferences for BGP routes (IPv6 unicast address family): Step Command Remarks Enter system view.
Page 255
Step Command Remarks • Enter BGP IPv4 unicast address family view: a. bgp as-number instance instance-name [ multi-session-thread ] b. address-family ipv4 [ unicast ] • Enter BGP-VPN IPv4 unicast address family view: c. bgp as-number Enter BGP IPv4 unicast instance address family...
Configuring the MED attribute BGP uses MED to determine the optimal route for traffic going into an AS. When a BGP router obtains multiple routes with the same destination but with different next hops, it considers the route with the smallest MED value as the optimal route if other conditions are the same. Configuring the default MED value To configure the default MED value (IPv4 unicast/multicast address family): Step...
Page 257
Step Command Remarks • Enter BGP IPv6 unicast address family view: a. bgp as-number instance instance-name [ multi-session-thread ] b. address-family ipv6 [ unicast ] Enter BGP IPv6 unicast • address family view Enter BGP-VPN IPv6 unicast BGP-VPN IPv6 unicast address family view: address family view.
Page 258
Figure 59 Route selection based on MED (in an IPv4 network) AS 400 Router E 10.0.0.0 AS 300 AS 200 Router C Router B Router A Loop0 Loop0 Loop0 3.3.3.3/32 1.1.1.1/32 2.2.2.2/32 GE1/0/1 GE1/0/1 GE1/0/1 13.1.1.2/24 12.1.1.2/24 11.1.1.2/24 GE1/0/1 GE1/0/3 GE1/0/2 Router D AS 100...
Page 259
1.1.1.1 200 400e To enable MED comparison for routes on a per-AS basis: Step Command Remarks Enter system view. system-view • Enter BGP instance view: bgp as-number [ instance instance-name [ multi-session-thread ] • Enter BGP-VPN instance view: Enter BGP instance view or BGP-VPN instance view.
Configuring the NEXT_HOP attribute By default, a BGP router does not set itself as the next hop for routes advertised to an IBGP peer or peer group. In some cases, however, you must configure the advertising router as the next hop to ensure that the BGP peer can find the correct next hop.
Page 261
Step Command Remarks • Enter BGP IPv4 unicast address family view: a. bgp as-number instance instance-name [ multi-session-thread ] b. address-family ipv4 [ unicast ] • Enter BGP-VPN IPv4 unicast address family view: c. bgp as-number Enter BGP IPv4 unicast instance address family...
Step Command Remarks By default, the router sets itself as the next hop for routes sent to an Specify the router as the next peer { group-name | ipv6-address EBGP peer peer group. hop for routes sent to a peer [ prefix-length ] } next-hop-local However, it does not set itself as or peer group.
Page 263
To permit the local AS number to appear in routes from a peer or peer group and specify the appearance times (IPv6 unicast address family): Step Command Remarks Enter system view. system-view • Enter BGP IPv6 unicast address family view: a.
Page 264
Step Command Remarks Enter system view. system-view • Enter BGP instance view: bgp as-number [ instance instance-name [ multi-session-thread ] • Enter BGP-VPN instance view: Enter BGP instance view or BGP-VPN instance view. a. bgp as-number instance instance-name [ multi-session-thread ] b.
Page 265
Figure 62 AS number substitution configuration (in an IPv4 network) AS 100 PE 1 PE 2 MPLS backbone EBGP_Update: 10.1.0.0/16 EBGP_Update: 10.1.0.0/16 VPNv4_Update: 10.1.0.0/16 AS_PATH: 100, 100 AS_PATH: 800 RD: 100:1 AS_PATH: 800 CE 1 CE 2 AS 800 AS 800 As shown in Figure 62, CE 1 and CE 2 use the same AS number 800.
Page 266
Removing private AS numbers from updates sent to an EBGP peer or peer group Private AS numbers are typically used in test networks, and should not be transmitted in public networks. The range of private AS numbers is from 64512 to 65535. To remove private AS numbers from updates sent to an EBGP peer or peer group (IPv4 unicast/multicast address family): Step...
Step Command Remarks By default, no SoO attribute is Configure the SoO attribute peer { group-name | ipv6-address configured for a peer or peer for a peer or peer group. [ prefix-length ] } soo site-of-origin group. Tuning and optimizing BGP networks This section describes how to tune and optimize BGP networks.
Step Command Remarks Use at least one method. • Configure global By default, the keepalive interval keepalive interval and hold is 60 seconds, and hold time is time: 180 seconds. timer keepalive keepalive The timer command takes effect hold holdtime for new BGP sessions and does •...
To configure the interval for sending the same update to a peer or peer group (IPv4 unicast/multicast address family): Step Command Remarks Enter system view. system-view • Enter BGP instance view: bgp as-number [ instance instance-name [ multi-session-thread ] • Enter BGP-VPN instance...
Step Command Remarks instance as-number Enter BGP instance view. instance-name [ multi-session-thread ] Enable immediate default, immediate re-establishment direct ebgp-interface-sensitive re-establishment of direct EBGP EBGP connections upon link connections is enabled. failure. Enabling 4-byte AS number suppression BGP supports 4-byte AS numbers. The 4-byte AS number occupies four bytes, in the range of 1 to 4294967295.
Step Command Remarks (Optional.) Enable BGP to By default, BGP does not ignore ignore AS_PATH balance as-path-neglect the AS_PATH attribute when it attribute when it implements implements load balancing. load balancing. To specify the maximum number of BGP ECMP routes for load balancing (IPv6 unicast address family): Step Command...
To configure GTSM for BGP (IPv4 unicast/multicast address family): Step Command Remarks Enter system view. system-view • Enter BGP instance view: bgp as-number [ instance instance-name [ multi-session-thread ] • Enter BGP-VPN instance Enter BGP instance view or view: BGP-VPN instance view. a.
Page 281
This method does not require that the local router and the peer support route refresh but it uses more memory resources to save routes. • Manual soft-reset—Use the refresh bgp command to enable BGP to send local routing information or advertise a route-refresh message to the specified peer. The peer then resends its routing information.
Page 282
Step Command Remarks • Enter BGP instance view: bgp as-number [ instance instance-name [ multi-session-thread ] • Enter BGP-VPN instance view: Enter BGP instance view or BGP-VPN instance view. a. bgp as-number instance instance-name [ multi-session-thread ] b. ip vpn-instance vpn-instance-name •...
Page 283
Step Command Remarks • Enter BGP IPv4 unicast address family view: a. bgp as-number instance instance-name [ multi-session-thread ] b. address-family ipv4 [ unicast ] • Enter BGP-VPN IPv4 unicast address family view: c. bgp as-number Enter BGP IPv4 unicast instance address family...
Page 284
Step Command Remarks By default, the routes are not saved. Save all route updates from peer { group-name | ipv6-address This command takes effect only the peer or peer group. [ prefix-length ] } keep-all-routes for the routes received after this command is executed.
Page 285
Step Command Remarks Enter system view. system-view • Enter BGP instance view: bgp as-number [ instance instance-name [ multi-session-thread ] • Enter BGP-VPN instance view: Enter BGP instance view or BGP-VPN instance view. a. bgp as-number instance instance-name [ multi-session-thread ] b.
Step Command Remarks bgp as-number [ instance Enter BGP instance view. instance-name [ multi-session-thread ] Configure an update delay for By default, the update delay is 60 retain local-label retain-time local MPLS labels. seconds. Flushing the suboptimal BGP route to the RIB This feature flushes the suboptimal BGP route to the RIB when the following conditions are met: •...
Step Command Remarks • Enter instance view: as-number instance instance-name [ multi-session-thread ] Enter BGP instance view • Enter BGP-VPN instance view: or BGP-VPN instance a. bgp as-number [ instance view. instance-name [ multi-session-thread ] b. ip vpn-instance vpn-instance-name peer { group-name | ipv4-address Set a DSCP value for By default, the DSCP value for mask-length...
Configuring a large-scale BGP network In a large network, the number of BGP connections is huge and BGP configuration and maintenance are complicated. To simply BGP configuration, you can use the peer group, community, route reflector, and confederation features as needed. For more information about configuring peer groups, "Configuring a BGP peer group."...
Page 291
Step Command Remarks • Advertise the COMMUNITY attribute to a peer or peer group: peer group-name ipv4-address mask-length Advertise the COMMUNITY By default, the COMMUNITY or advertise-community extended community extended community attribute is • attribute to a peer or peer Advertise extended not advertised.
Configuring BGP route reflection Configuring a BGP route reflector Perform this task to configure a BGP route reflector and its clients. The route reflector and its clients automatically form a cluster identified by the router ID of the route reflector. The route reflector forwards route updates among its clients.
Page 293
Step Command Remarks • Enter BGP IPv6 unicast address family view: a. bgp as-number instance instance-name [ multi-session-thread ] b. address-family ipv6 [ unicast ] Enter BGP IPv6 unicast • address family view Enter BGP-VPN IPv6 unicast BGP-VPN IPv6 unicast address family view: address family view.
Step Command Remarks By default, BGP does not ignore the ORIGINATOR_ID attribute. peer { group-name | ipv4-address Make sure this command does not Ignore the ORIGINATOR_ID mask-length result in a routing loop. attribute. ignore-originatorid After you execute this command, also ignores CLUSTER_LIST attribute.
Step Command Remarks Enter system view. system-view instance as-number Enter BGP instance view. instance-name [ multi-session-thread ] Configure a confederation By default, no confederation ID is confederation id as-number configured. Specify confederation peer confederation peer-as By default, no confederation peer sub-ASs as-number-list sub-ASs are specified.
Both the GR restarter and the GR helper start the End-Of-RIB marker waiting timer. The End-Of-RIB marker waiting time is set by the graceful-restart timer wait-for-rib command. If routing information exchange is not completed within the time, the GR restarter does not receive new routes.
To use BGP NSR in MPLS L3VPN, you must enable RIB NSR. For information about RIB NSR, see "Configuring basic IP routing." To configure BGP NSR: Step Command Remarks Enter system view. system-view as-number instance Enter BGP instance view. instance-name [ multi-session-thread ] Enable BGP NSR.
Step Command Remarks Enable logging for session By default, logging for session peer { group-name | ipv4-address state changes for a peer or state changes is enabled for all [ mask-length ] } log-change peer group. peers or peer groups. To enable logging for session state changes (IPv6 unicast): Step Command...
Page 299
Step Command Remarks • Enter BGP IPv4 unicast address family view: a. bgp as-number instance instance-name [ multi-session-thread ] b. address-family ipv4 [ unicast ] • Enter BGP-VPN IPv4 unicast address family view: c. bgp as-number Enter BGP IPv4 unicast instance address family...
Step Command Remarks log-route-flap monitor-time Enable logging for BGP By default, logging for BGP route monitor-count [ log-count-limit | route flapping. flapping is disabled. route-policy route-policy-name ] * Configuring BFD for BGP IMPORTANT: If you have enabled GR, use BFD with caution because BFD might detect a failure before the system performs GR, which will result in GR failure.
Step Command Remarks • Enter instance view: as-number instance instance-name [ multi-session-thread ] • Enter BGP-VPN instance view: Enter BGP instance view BGP-VPN instance view. a. bgp as-number [ instance instance-name [ multi-session-thread ] b. ip vpn-instance vpn-instance-name Enable BFD to detect the link to the peer { group-name | ipv6-address By default, BFD is specified IPv6 BGP peer or peer...
Page 302
Step Command Remarks Enter system view. system-view By default, no source address is specified for echo packets. This step is required when echo-mode BFD is used to detect the connectivity to the next hop of the primary route. Configure source bfd echo-source-ip ipv4-address address of echo packets.
Page 303
Step Command Remarks default, disabled. Method 1 might result in routing • (Method 1) Enable BGP FRR loops. Use it with caution. address family: By default, no routing policy is applied. • (Method 2) Apply a routing 10. Enable BGP FRR. policy to FRR for the address apply fast-reroute...
Step Command Remarks By default, BGP FRR is disabled. • (Method 1) Enable BGP Method 1 might result in routing loops. FRR for the address Use it with caution. family: By default, no routing policy is applied. • (Method Apply Enable BGP FRR.
• Configure BGP on 6PE devices so that they can advertise tagged IPv6 routing information through BGP sessions. The following describes only BGP configurations on 6PE devices. To configure basic 6PE: Step Command Remarks Enter system view. system-view as-number instance Enter BGP instance view.
Page 306
Step Command Remarks Specify an IPv6 prefix list to peer { group-name | ipv4-address filter routes advertised to or By default, no IPv6 prefix list is prefix-list mask-length received from the 6PE peer specified. ipv6-prefix-name { export | import } or peer group.
Configuring BGP LS The BGP Link State (LS) feature implements inter-domain and inter-AS advertisement of link state database (LSDB) and TE database (TEDB) information. The device sends the collected link state information to the controller, which implements end-to-end traffic management and scheduling, and meets the requirements of intended applications. Configuring basic BGP LS Step Command...
Specifying an AS number and a router ID for BGP LS messages Perform this task to ensure that LS messages sent by devices in the same AS have the same AS number and router ID. To specify an AS number and a router ID for BGP LS messages: Step Command Remarks...
Page 315
Network NextHop LocPrf PrefVal Path/Ogn * >e 8.1.1.0/24 3.1.1.2 65008i # Display the BGP routing table on Switch C. [SwitchC] display bgp routing-table ipv4 Total number of routes: 1 BGP local router ID is 3.3.3.3 Status codes: * - valid, > - best, d - dampened, h - history, s - suppressed, S - stale, i - internal, e - external Origin: i - IGP, e - EGP, ? - incomplete Network...
Total number of routes: 4 BGP local router ID is 3.3.3.3 Status codes: * - valid, > - best, d - dampened, h - history, s - suppressed, S - stale, i - internal, e - external Origin: i - IGP, e - EGP, ? - incomplete Network NextHop LocPrf...
Configuration procedure Configure IP addresses for interfaces. (Details not shown.) Configure OSPF: Enable OSPF in AS 65009, so Switch B can obtain the route to 9.1.2.0/24. # Configure Switch B. <SwitchB> system-view [SwitchB] ospf 1 [SwitchB-ospf-1] area 0 [SwitchB-ospf-1-area-0.0.0.0] network 2.2.2.2 0.0.0.0 [SwitchB-ospf-1-area-0.0.0.0] network 9.1.1.0 0.0.0.255 [SwitchB-ospf-1-area-0.0.0.0] quit [SwitchB-ospf-1] quit...
Page 318
# Display the BGP routing table on Switch A. [SwitchA] display bgp routing-table ipv4 Total number of routes: 3 BGP local router ID is 1.1.1.1 Status codes: * - valid, > - best, d - dampened, h - history, s - suppressed, S - stale, i - internal, e - external Origin: i - IGP, e - EGP, ? - incomplete Network NextHop...
56 bytes from 8.1.1.1: icmp_seq=1 ttl=254 time=4.000 ms 56 bytes from 8.1.1.1: icmp_seq=2 ttl=254 time=3.000 ms 56 bytes from 8.1.1.1: icmp_seq=3 ttl=254 time=3.000 ms 56 bytes from 8.1.1.1: icmp_seq=4 ttl=254 time=3.000 ms --- Ping statistics for 8.1.1.1 --- 5 packet(s) transmitted, 5 packet(s) received, 0.0% packet loss round-trip min/avg/max/std-dev = 3.000/4.400/9.000/2.332 ms BGP route summarization configuration example Network requirements...
Page 320
[SwitchB] ip route-static 192.168.99.0 24 192.168.212.161 Configure OSPF between Switch B and Switch C and configure OSPF on Switch B to redistribute static routes: # Configure OSPF to advertise the local network and enable OSPF to redistribute static routes on Switch B. [SwitchB] ospf [SwitchB-ospf-1] area 0 [SwitchB-ospf-1-area-0.0.0.0] network 172.17.100.0 0.0.0.255...
Page 321
# Enable BGP, and configure Switch C as an EBGP peer on Switch D. [SwitchD] bgp 64631 [SwitchD-bgp-default] router-id 4.4.4.4 [SwitchD-bgp-default] peer 10.220.2.16 as-number 65106 [SwitchD-bgp-default] address-family ipv4 unicast [SwitchD-bgp-default-ipv4] peer 10.220.2.16 enable [SwitchD-bgp-default-ipv4] quit [SwitchD-bgp-default] quit # Display the IP routing table on Switch D. [SwitchD] display ip routing-table protocol bgp Summary count : 3 BGP Routing table Status : <Active>...
Summary count : 1 Destination/Mask Proto Cost NextHop Interface 192.168.64.0/18 10.220.2.16 Vlan200 BGP Routing table Status : <Inactive> Summary count : 0 The output shows that Switch D has only one route 192.168.64.0/18 to AS 65106. # Verify that Switch D can ping the hosts on networks 192.168.64.0/24, 192.168.74.0/24, and 192.168.99.0/24.
Page 323
• Configure BGP to advertise network 9.1.1.0/24 to Switch A, so that Switch A can access the intranet through Switch C. • Configure a static route to interface loopback 0 on Switch B (or use another protocol like OSPF) to establish the IBGP connection. Configure load balancing on Switch A.
Page 324
[SwitchC] ip route-static 2.2.2.2 32 9.1.1.1 # Display the BGP routing table on Switch A. [SwitchA] display bgp routing-table ipv4 Total number of routes: 3 BGP local router ID is 1.1.1.1 Status codes: * - valid, > - best, d - dampened, h - history, s - suppressed, S - stale, i - internal, e - external Origin: i - IGP, e - EGP, ? - incomplete Network...
• The route 9.1.1.0/24 has two next hops, 3.1.1.1 and 3.1.2.1, both of which are marked with a greater-than sign (>), indicating that they are the optimal routes. • By using the display ip routing-table command, you can find two routes to 9.1.1.0/24. One has next hop 3.1.1.1 and output interface VLAN-interface 200, and the other has next hop 3.1.2.1 and output interface VLAN-interface 300.
Page 326
[SwitchB-bgp-default] quit # Configure Switch C. <SwitchC> system-view [SwitchC] bgp 30 [SwitchC-bgp-default] router-id 3.3.3.3 [SwitchC-bgp-default] peer 200.1.3.1 as-number 20 [SwitchC-bgp-default] address-family ipv4 unicast [SwitchC-bgp-default-ipv4] peer 200.1.3.1 enable [SwitchC-bgp-default-ipv4] quit [SwitchC-bgp-default] quit # Display the BGP routing table on Switch B. [SwitchB] display bgp routing-table ipv4 9.1.1.0 BGP local router ID: 2.2.2.2 Local AS number: 20...
Page 327
BGP local router ID is 3.3.3.3 Status codes: * - valid, > - best, d - dampened, h - history, s - suppressed, S - stale, i - internal, e - external Origin: i - IGP, e - EGP, ? - incomplete Network NextHop LocPrf...
Paths: 1 best BGP routing table information of 9.1.1.0/24: Not advertised to any peers yet # Display the BGP routing table on Switch C. [SwitchC] display bgp routing-table ipv4 Total number of routes: 0 The output shows that BGP has not learned any route. BGP route reflector configuration example Network requirements As shown in...
* >e 20.0.0.0 192.1.1.1 100i # Display the BGP routing table on Switch D. [SwitchD] display bgp routing-table ipv4 Total number of routes: 1 BGP local router ID is 4.4.4.4 Status codes: * - valid, > - best, d - dampened, h - history, s - suppressed, S - stale, i - internal, e - external Origin: i - IGP, e - EGP, ? - incomplete Network...
Page 331
Device Interface IP address Device Interface IP address Switch C Vlan-int300 10.1.2.2/24 Configuration procedure Configure IP addresses for interfaces. (Details not shown.) Configure BGP confederation: # Configure Switch A. <SwitchA> system-view [SwitchA] bgp 65001 [SwitchA-bgp-default] router-id 1.1.1.1 [SwitchA-bgp-default] confederation id 200 [SwitchA-bgp-default] confederation peer-as 65002 65003 [SwitchA-bgp-default] peer 10.1.1.2 as-number 65002 [SwitchA-bgp-default] peer 10.1.2.2 as-number 65003...
Page 333
[SwitchF-bgp-default-ipv4] quit [SwitchF-bgp-default] quit Verifying the configuration # Display the routing table on Switch B. [SwitchB] display bgp routing-table ipv4 Total number of routes: 1 BGP local router ID is 2.2.2.2 Status codes: * - valid, > - best, d - dampened, h - history, s - suppressed, S - stale, i - internal, e - external Origin: i - IGP, e - EGP, ? - incomplete Network...
* >i 9.1.1.0/24 10.1.3.1 100i [SwitchD] display bgp routing-table ipv4 9.1.1.0 BGP local router ID: 4.4.4.4 Local AS number: 65001 Paths: 1 available, 1 best BGP routing table information of 9.1.1.0/24: From : 10.1.3.1 (1.1.1.1) Rely nexthop : 10.1.3.1 Original nexthop: 10.1.3.1 OutLabel : NULL AS-path...
Page 335
Table 18 Interface and IP address assignment Device Interface IP address Device Interface IP address Switch A Vlan-int101 1.0.0.1/8 Switch D Vlan-int400 195.1.1.1/24 Vlan-int100 192.1.1.1/24 Vlan-int300 194.1.1.1/24 Vlan-int200 193.1.1.1/24 Switch C Vlan-int400 195.1.1.2/24 Switch B Vlan-int100 192.1.1.2/24 Vlan-int200 193.1.1.2/24 Vlan-int300 194.1.1.2/24 Configuration procedure Configure IP addresses for interfaces.
[SwitchD] display bgp routing-table ipv4 Total number of routes: 2 BGP local router ID is 195.1.1.1 Status codes: * - valid, > - best, d - dampened, h - history, s - suppressed, S - stale, i - internal, e - external Origin: i - IGP, e - EGP, ? - incomplete Network NextHop...
# Configure IP addresses for interfaces. (Details not shown.) # Configure the EBGP connection. <SwitchB> system-view [SwitchB] bgp 65009 [SwitchB-bgp-default] router-id 2.2.2.2 [SwitchB-bgp-default] peer 200.1.1.2 as-number 65008 # Configure the IBGP connection. [SwitchB-bgp-default] peer 9.1.1.2 as-number 65009 # Enable GR capability for BGP. [SwitchB-bgp-default] graceful-restart # Inject networks 200.1.1.0/24 and 9.1.1.0/24 to the BGP routing table.
Page 339
Figure 74 Network diagram Switch B Vlan-int100 Vlan-int101 Vlan-int100 Vlan-int101 AS 100 1.1.1.0/24 AS 200 AS 300 Vlan-int200 Vlan-int201 Switch A Switch C Vlan-int200 Vlan-int201 Switch D Table 19 Interface and IP address assignment Device Interface IP address Device Interface IP address Switch A Vlan-int100...
Page 340
[SwitchA-route-policy-apply_med_50-10] if-match ip address acl 2000 [SwitchA-route-policy-apply_med_50-10] apply cost 50 [SwitchA-route-policy-apply_med_50-10] quit [SwitchA] route-policy apply_med_100 permit node 10 [SwitchA-route-policy-apply_med_100-10] if-match ip address acl 2000 [SwitchA-route-policy-apply_med_100-10] apply cost 100 [SwitchA-route-policy-apply_med_100-10] quit # Apply routing policy apply_med_50 to routes outgoing to peer 3.0.2.2, and apply routing policy apply_med_100 to routes outgoing to peer 2.0.2.2.
Page 341
Diag Info: No Diagnostic The output shows that a BFD session has been established between Switch A and Switch C. # Display BGP peer information on Switch C. <SwitchC> display bgp peer ipv4 BGP local router ID: 3.3.3.3 Local AS number: 200 Total number of peers: 2 Peers in established state: 2 * - Dynamically created peer...
Page 343
<SwitchA> system-view [SwitchA] bgp 100 [SwitchA-bgp-default] router-id 1.1.1.1 [SwitchA-bgp-default] peer 10.1.1.2 as-number 200 [SwitchA-bgp-default] peer 30.1.1.3 as-number 200 [SwitchA-bgp-default] address-family ipv4 unicast [SwitchA-bgp-default-ipv4] peer 10.1.1.2 enable [SwitchA-bgp-default-ipv4] peer 30.1.1.3 enable [SwitchA-bgp-default-ipv4] network 1.1.1.1 32 # Configure Switch B to establish an EBGP session to Switch A, and an IBGP session to Switch <SwitchB>...
Page 344
[SwitchD-bgp-default-ipv4] network 4.4.4.4 32 Configure preferred values so Link B is used to forward traffic between Switch A and Switch D: # Configure Switch A to set the preferred value to 100 for routes received from Switch B. [SwitchA-bgp-default-ipv4] peer 10.1.1.2 preferred-value 100 [SwitchA-bgp-default-ipv4] quit [SwitchA-bgp-default] quit # Configure Switch D to set the preferred value to 100 for routes received from Switch B.
Page 345
Verifying the configuration # Display detailed information about the route to 4.4.4.4/32 on Switch A. The output shows the backup next hop for the route. [SwitchA] display ip routing-table 4.4.4.4 32 verbose Summary count : 1 Destination: 4.4.4.4/32 Protocol: BGP Process ID: 0 SubProtID: 0x2 Age: 00h01m52s...
Multicast BGP configuration example Network requirements As shown in Figure 76, OSPF runs within AS 100 and AS 200 to ensure intra-AS connectivity. MBGP runs between the two ASs to exchange IPv4 unicast routes used for RPF check. • Configure the Loopback 0 interface of Switch A and Switch B as the C-BSR and C-RP. •...
Page 347
[SwitchA-mrib] quit [SwitchA] interface vlan-interface 100 [SwitchA-Vlan-interface100] pim sm [SwitchA-Vlan-interface100] quit [SwitchA] interface vlan-interface 101 [SwitchA-Vlan-interface101] pim sm [SwitchA-Vlan-interface101] quit # Configure Switch B and Switch D in the same way that Switch A was configured. # On Switch C, enable multicast routing globally. <SwitchC>...
Page 348
[SwitchB-pim] c-rp 2.2.2.2 [SwitchB-pim] quit Configure BGP to establish BGP IPv4 multicast peers and redistribute routes: # On Switch A, establish an EBGP session to Switch B. [SwitchA] bgp 100 [SwitchA-bgp-default] router-id 1.1.1.1 [SwitchA-bgp-default] peer 192.168.1.2 as-number 200 # Enable exchange of IPv4 unicast routes used for RPF check with Switch B. [SwitchA-bgp-default] address-family ipv4 multicast [SwitchA-bgp-default-mul-ipv4] peer 192.168.1.2 enable # Redistribute direct routes into BGP.
Configured Established Listen Connect Shutdown Disabled Peer address State Up/Down time SA count Reset count 192.168.1.1 Established 00:07:17 Dynamic BGP peer configuration example Network requirements As shown in Figure 77, Switch A needs to establish IBGP peer relationships with Switch B, Switch C, and Switch D in network 10.1.0.0/16.
Page 350
[SwitchB-bgp-default] address-family ipv4 [SwitchB-bgp-default-ipv4] peer 10.1.1.1 enable # Configure Switch C to establish an IBGP peer relationship with Switch A. <SwitchC> system-view [SwitchC] bgp 200 [SwitchC-bgp-default] router-id 3.3.3.3 [SwitchC-bgp-default] peer 10.1.2.1 as-number 200 [SwitchC-bgp-default] address-family ipv4 [SwitchC-bgp-default-ipv4] peer 10.1.2.1 enable # Configure Switch D to establish an IBGP peer relationship with Switch A.
Network NextHop LocPrf PrefVal Path/Ogn * i 9.1.1.0/24 10.1.2.2 BGP LS configuration example Network requirements As shown in Figure 78, all switches run BGP. Run IBGP between Switch A and Switch B, between Switch B and Switch C, and between Switch B and Switch D. Configure Switch B as a route reflector with client Switch A to allow Switch A to learn LS information advertised by Switch C and Switch D.
Page 355
BGP local router ID: 2.2.2.2 Local AS number: 65009 Total number of peers: 2 Peers in established state: 2 * - Dynamically created peer Peer MsgRcvd MsgSent OutQ PrefRcv Up/Down State 9::2 65009 1 00:29:00 Established 10::2 65008 2 00:27:20 Established The output shows that Switch A and Switch B have established an EBGP connection, and Switch B and Switch C have established an IBGP connection.
Total number of routes: 4 BGP local router ID is 3.3.3.3 Status codes: * - valid, > - best, d - dampened, h - history, s - suppressed, S - stale, i - internal, e - external Origin: i - IGP, e - EGP, ? - incomplete * >...
Page 357
Figure 80 Network diagram Loop0 AS 200 Loop0 3.3.3.3/32 1.1.1.1/32 Vlan-int10 1::1/64 Vlan-int102 Vlan-int101 Vlan-int100 102::1/96 101::1/96 100::1/96 Switch C Switch A Loop0 Loop0 2.2.2.2/32 4.4.4.4/32 Vlan-int101 Vlan-int102 Vlan-int100 101::2/96 102::2/96 100::2/96 AS 100 Switch B Switch D Configuration procedure Configure IPv6 addresses for interfaces and IPv4 addresses for loopback interfaces.
Page 358
[SwitchC-bgp-default] address-family ipv6 [SwitchC-bgp-default-ipv6] peer 101::2 enable [SwitchC-bgp-default-ipv6] peer 102::2 enable [SwitchC-bgp-default-ipv6] network 101:: 96 [SwitchC-bgp-default-ipv6] network 102:: 96 # Configure Switch D. <SwitchD> system-view [SwitchD] bgp 200 [SwitchD-bgp-default] router-id 4.4.4.4 [SwitchD-bgp-default] peer 102::1 as-number 200 [SwitchD-bgp-default] address-family ipv6 [SwitchD-bgp-default-ipv6] peer 102::1 enable [SwitchD-bgp-default-ipv6] network 102:: 96 Configure Switch C as a route reflector, and configure Switch B and Switch D as its clients.
NextHop : :: LocPrf PrefVal : 32768 OutLabel : NULL Path/Ogn: i i Network : 102:: PrefixLen : 96 NextHop : 102::1 LocPrf : 100 PrefVal : 0 OutLabel : NULL Path/Ogn: i The output shows that Switch D has learned the network 1::/64 from Switch C through route reflection.
Page 361
[PE2-bgp-default-ipv6] peer 2.2.2.2 label-route-capability [PE2-bgp-default-ipv6] quit [PE2-bgp-default] quit # Configure the static route to CE 2. [PE2] ipv6 route-static 4::4 128 20::1 # Configure OSPF for the ISP. [PE2] ospf [PE2-ospf-1] area 0 [PE2-ospf-1-area-0.0.0.0] network 3.3.3.3 0.0.0.0 [PE2-ospf-1-area-0.0.0.0] network 1.1.0.0 0.0.255.255 [PE2-ospf-1-area-0.0.0.0] quit [PE2-ospf-1] quit Configure a static route on CE 1, with PE 1 as the default next hop.
* > Network : 10::2 PrefixLen : 128 NextHop : ::1 LocPrf PrefVal : 32768 OutLabel : NULL Path/Ogn: ? * >i Network : 20:: PrefixLen : 64 NextHop : ::FFFF:3.3.3.3 LocPrf : 100 PrefVal : 0 OutLabel : 1278 Path/Ogn: ? # Verify that CE 1 can ping the IPv6 address 4::4 (loopback interface address) of CE 2.
Page 363
Device Interface IP address Device Interface IP address Vlan-int101 3001::2/64 Vlan-int201 2001::2/64 Configuration procedure Configure IPv6 addresses for interfaces. (Details not shown.) Configure OSPFv3 so that Switch A and Switch C can reach each other. (Details not shown.) Configure IPv6 BGP on Switch A: # Establish two IBGP connections to Switch C.
Page 364
[SwitchC-bgp-default] peer 2000::1 as-number 200 [SwitchC-bgp-default] address-family ipv6 [SwitchC-bgp-default-ipv6] peer 3000::1 enable [SwitchC-bgp-default-ipv6] peer 2000::1 enable [SwitchC-bgp-default-ipv6] quit # Enable BFD for peer 3001::1. [SwitchC-bgp-default] peer 3000::1 bfd [SwitchC-bgp-default] quit [SwitchC] quit Verifying the configuration # Display detailed BFD session information on Switch C. <SwitchC>...
Page 366
Figure 83 Network diagram Loop0 2.2.2.2/32 Vlan-int100 Vlan-int101 AS 200 3001::2/64 3002::1/64 Switch B Vlan-int100 Vlan-int101 3001::1/64 3002::2/64 Switch A Switch D Link B Vlan-int201 AS 100 Vlan-int200 Link A 2002::2/64 2001::1/64 Switch C Vlan-int200 Vlan-int201 2001::2/64 2002::1/64 Loop0 3.3.3.3/32 Configuration procedure Configure IPv6 addresses for interfaces.
Page 367
# Configure Switch C to establish an EBGP session to Switch A, and an IBGP session to Switch <SwitchC> system-view [SwitchC] bgp 200 [SwitchC] router-id 3.3.3.3 [SwitchC-bgp-default] peer 2001::1 as-number 100 [SwitchC-bgp-default] peer 2002::2 as-number 200 [SwitchC-bgp-default] address-family ipv6 unicast [SwitchC-bgp-default-ipv6] peer 2001::1 enable [SwitchC-bgp-default-ipv6] peer 2002::2 enable [SwitchC-bgp-default-ipv6] peer 2002::2 next-hop-local...
Page 368
[SwitchA-bgp-default] quit # On Switch D, create routing policy frr to set a backup next hop 2002::1 (Switch C) for the route destined for 1::/64. <SwitchD> system-view [SwitchD] ipv6 prefix-list abc index 10 permit 1:: 64 [SwitchD] route-policy frr permit node 10 [SwitchD-route-policy] if-match ipv6 address prefix-list abc [SwitchD-route-policy] apply ipv6 fast-reroute backup-nexthop 2002::1 [SwitchD-route-policy] quit...
Configuring PBR Overview Policy-based routing (PBR) uses user-defined policies to route packets. A policy can specify the next hop, default next hop, and precedence for packets that match specific criteria such as ACLs. The device forwards received packets using the following process: The device uses PBR to forward matching packets.
Table 22 Priorities and meanings of apply clauses Clause Meaning Priority apply precedence Sets an IP precedence. This clause is always executed. apply next-hop Sets next hops. This clause is always executed. This clause takes effect only when no next hop apply default-next-hop Sets default next hops.
Configuring a policy Creating a node Step Command Remarks Enter system view. system-view policy-based-route policy-name Create a node for a policy, and By default, no policy nodes deny permit node enter its view. exist. node-number Setting match criteria for a node Step Command Remarks...
Configuring actions for a node Step Command Remarks Enter system view. system-view policy-based-route policy-name Enter policy node view. deny permit node node-number By default, no IP precedence is Set an IP precedence. apply precedence { type | value } specified. By default, no next hop is specified.
Step Command Remarks Enter system view. system-view local policy-based-route By default, local PBR is not Specify a policy for local PBR. policy-name enabled. Specifying a policy for interface PBR You can specify only one policy for interface PBR and must make sure the specified policy already exists.
Step Command Remarks By default, no tunnel interfaces exist. Create a VXLAN tunnel interface tunnel tunnel-number interface and enter tunnel The endpoints of a tunnel must mode vxlan interface view. use the same tunnel mode to correctly transmit packets. By default, no policy is specified Specify policy policy-based-route...
Page 376
Configure PBR on Switch A to forward all TCP packets to the next hop 1.1.2.2 (Switch B). Figure 84 Network diagram Switch B Vlan-int10 Vlan-int10 Switch A 1.1.2.1/24 1.1.2.2/24 Vlan-int20 Vlan-int20 1.1.3.1/24 1.1.3.2/24 Switch C Configuration procedure Configure Switch A: # Create VLAN 10 and VLAN 20.
[SwitchC-vlan20] quit # Configure the IP address of VLAN-interface 20. [SwitchC] interface vlan-interface 20 [SwitchC-Vlan-interface20] ip address 1.1.3.2 24 Verifying the configuration # Telnet to Switch B on Switch A. The operation succeeds. (Details not shown.) # Telnet to Switch C on Switch A. The operation fails. (Details not shown.) # Ping Switch C from Switch A.
Page 378
[SwitchA] vlan 10 [SwitchA-vlan10] quit [SwitchA] vlan 20 [SwitchA-vlan20] quit # Configure the IP addresses of VLAN-interface 10 and VLAN-interface 20. [SwitchA] interface vlan-interface 10 [SwitchA-Vlan-interface10] ip address 1.1.2.1 24 [SwitchA-Vlan-interface10] quit [SwitchA] interface vlan-interface 20 [SwitchA-Vlan-interface20] ip address 1.1.3.1 24 [SwitchA-Vlan-interface20] quit # Configure ACL 3101 to match TCP packets.
Configuring IPv6 static routing Static routes are manually configured and cannot adapt to network topology changes. If a fault or a topological change occurs in the network, the network administrator must modify the static routes manually. IPv6 static routing works well in a simple IPv6 network. Configuring an IPv6 static route Before you configure an IPv6 static route, complete the following tasks: •...
Bidirectional control mode To use BFD bidirectional control detection between two devices, enable BFD control mode for each device's static route destined to the peer. To configure a static route and enable BFD control mode, use one of the following methods: •...
Step Command Remarks By default, the source address echo packets configured. The source address of echo Configure packets must be a global source address of bfd echo-source-ipv6 ipv6-address unicast address. echo packets. For more information about this command, High Availability Command Reference.
Page 382
Figure 86 Network diagram Host B 2::2/64 Vlan-int400 2::1/64 Vlan-int200 Vlan-int300 4::2/64 5::2/64 Switch B Vlan-int200 Vlan-int300 4::1/64 5::1/64 Vlan-int100 Vlan-int500 1::1/64 3::1/64 Switch C Switch A Host C Host A 3::2/64 1::2/64 Configuration procedure Configure the IPv6 addresses for all VLAN interfaces. (Details not shown.) Configure IPv6 static routes: # Configure a default IPv6 static route on Switch A.
The output shows that Switch A communicates with Switch B through VLAN-interface 11. BFD for IPv6 static routes configuration example (indirect next hop) Network requirements As shown in Figure • Switch A has a route to interface Loopback 1 (2::9/128) on Switch B, and the output interface is VLAN-interface 10.
Page 387
Device Interface IPv6 address Switch D Vlan-int10 12::2/64 Switch D Vlan-int12 11::1/64 Configuration procedure Configure IPv6 addresses for interfaces. (Details not shown.) Configure IPv6 static routes and BFD: # Configure IPv6 static routes on Switch A and enable BFD control packet mode for the IPv6 static route that traverses Switch D.
Page 388
Destination IP: 2::9 Session State: Up Interface: N/A Hold Time: 2012ms The output shows that the BFD session has been created. # Display the IPv6 static routes on Switch A. <SwitchA> display ipv6 routing-table protocol static Summary Count : 1 Static Routing table Status : <Active>...
Configuring an IPv6 default route A default IPv6 route is used to forward packets that match no entry in the routing table. A default IPv6 route can be configured in either of the following ways: • The network administrator can configure a default route with a destination prefix of ::/0. For more information, see "Configuring IPv6 static routing."...
Configuring RIPng Overview RIP next generation (RIPng) is an extension of RIP-2 for support of IPv6. Most RIP concepts are applicable to RIPng. RIPng is a distance vector routing protocol. It employs UDP to exchange route information through port 521. RIPng uses a hop count to measure the distance to a destination. The hop count is the metric or cost.
A response packet that fails the check is discarded. Protocols and standards • RFC 2080, RIPng for IPv6 • RFC 2081, RIPng Protocol Applicability Statement RIPng configuration task list Tasks at a glance (Required.) Configuring basic RIPng (Optional.) Configuring RIPng route control: •...
Step Command Remarks By default, RIPng is disabled. Enable RIPng If RIPng is not enabled on an ripng process-id enable interface. interface, the interface does not send or receive any RIPng route. Configuring RIPng route control Before you configure RIPng, complete the following tasks: •...
Step Command Remarks Enter interface view. interface interface-type interface-number default, Advertise a summary IPv6 ripng summary-address ipv6-address summary IPv6 prefix prefix. prefix-length is not configured. Advertising a default route You can configure RIPng to advertise a default route with the specified cost to its neighbors. To configure RIPng to advertise a default route: Step Command...
Step Command Remarks Enter system view. system-view ripng process-id Enter RIPng view. vpn-instance vpn-instance-name ] preference preference By default, the preference of Set a preference for RIPng. route-policy route-policy-name } RIPng is 100. Configuring RIPng route redistribution Step Command Remarks Enter system view.
Step Command Remarks ripng process-id Enter RIPng view. vpn-instance vpn-instance-name ] By default, zero field check is Enable the zero field check checkzero enabled incoming RIPng on incoming RIPng packets. packets. Setting the maximum number of ECMP routes Step Command Remarks Enter system view.
Setting the interval for sending triggered updates Perform this task to avoid network overhead and reduce system resource consumption caused by frequent RIPng triggered updates. You can use the timer triggered command to set the maximum interval, minimum interval, and incremental interval for sending RIPng triggered updates.
Step Command Remarks ripng process-id Enable RIPng and enter vpn-instance RIPng view. vpn-instance-name ] Enable the GR capability for graceful-restart By default, RIPng GR is disabled. RIPng. (Optional.) By default, the GR interval is 60 graceful-restart interval interval interval. seconds. Configuring RIPng NSR Nonstop routing (NSR) backs up RIPng routing information from the active process to the standby process.
As shown in Figure 89, configure FRR on Router B by using a routing policy to specify a backup next hop. When the primary link fails, RIPng directs packets to the backup next hop. At the same time, RIPng calculates the shortest path based on the new network topology. Then, the device forwards packets over that path after network convergence.
Displaying and maintaining RIPng Execute display commands in any view and reset commands in user view. Task Command Display configuration information for a display ripng [ process-id ] RIPng process. display ripng database process-id ipv6-address Display routes in the RIPng database. prefix-length ] Display RIPng GR information.
Page 402
Route Flags: A - Aging, S - Suppressed, G - Garbage-collect, D – Direct O - Optimal, F - Flush to RIB ---------------------------------------------------------------- Peer FE80::200:2FF:FE64:8904 on Vlan-interface100 Destination 3::/64, via FE80::200:2FF:FE64:8904, cost 1, tag 0, AOF, 31 secs Destination 4::/64, via FE80::200:2FF:FE64:8904, cost 2, tag 0, AOF, 31 secs Destination 5::/64, via FE80::200:2FF:FE64:8904, cost 2, tag 0, AOF, 31 secs...
Peer FE80::2:100 on Vlan-interface100 Destination 4::/64, via FE80::1:100, cost 2, tag 0, AOF, 2 secs RIPng route redistribution configuration example Network requirements As shown in Figure 91, Switch B communicates with Switch A through RIPng 100 and with Switch C through RIPng 200.
Figure 92 Network diagram Router ID: 1.1.1.1 GR restarter Switch A Vlan-int100 2000::1/24 Vlan-int100 Vlan-int100 2000::2/24 2000::3/24 Switch B Switch C GR helper GR helper Router ID: 3.3.3.3 Router ID: 2.2.2.2 Configuration procedure Configure IPv6 addresses for interfaces. (Details not shown.) Configure RIPng on the switches to ensure the following: (Details not shown.) Switch A, Switch B, and Switch C can communicate with each other at Layer 3.
Page 407
Figure 93 Network diagram Loop 0 Loop 0 2002::2/128 4004::4/128 Switch S Vlan-int100 Vlan-int200 1200:1::1/64 1400:1::1/64 Vlan-int100 Vlan-int200 1200:1::2/64 1400:1::2/64 Switch B Switch A Configuration procedure Configure IPv6 addresses for interfaces. (Details not shown.) Configure RIPng on the switches to ensure the following: (Details not shown.) Switch S, Switch A, and Switch B can communicate with each other at Layer 3.
O - Optimal, F - Flush to RIB ---------------------------------------------------------------- Peer FE80::AE45:5CE7:422E:2867 on Vlan-interface100 Destination 1400:1::/64, via FE80::AE45:5CE7:422E:2867, cost 1, tag 0, AOF, 1 secs Destination 4004::4/128, via FE80::AE45:5CE7:422E:2867, cost 2, tag 0, AOF, 1 secs Local route Destination 2002::2/128, via ::, cost 0, tag 0, DOF Destination 1200:1::/64, via ::, cost 0, tag 0, DOF # Display RIPng neighbors on Switch B to verify the neighbor relationship between Switch B and...
Page 409
Figure 94 Network diagram Switch C Link B Link A Loop0 Loop0 Vlan-int200 Vlan-int200 Switch A Switch B Device Interface IP address Switch A VLAN-interface 100 1::1/64 Switch A VLAN-interface 200 2::1/64 Switch A Loopback 0 10::1/128 Switch B VLAN-interface 101 3::1/64 Switch B VLAN-interface 200...
Page 410
[SwitchB-ripng-1] quit Verifying the configuration # Display the route 20::1/128 on Switch A to view the backup next hop information. [SwitchA] display ipv6 routing-table 20::1 128 verbose Summary count : 1 Destination: 20::1/128 Protocol: RIPng Process ID: 1 SubProtID: 0x0 Age: 00h17m42s Cost: 1 Preference: 100...
Configuring OSPFv3 This chapter describes how to configure RFC 2740-compliant Open Shortest Path First version 3 (OSPFv3) for an IPv6 network. For more information about OSPFv2, see "Configuring OSPF." Overview OSPFv3 and OSPFv2 have the following in common: • 32-bit router ID and area ID. •...
• AS External LSA—Type-5 LSA, originated by ASBRs, and flooded throughout the AS, except stub areas and Not-So-Stubby Areas (NSSAs). Each AS External LSA describes a route to another AS. A default route can be described by an AS External LSA. •...
Step Command Remarks Enable an OSPFv3 process ospfv3 process-id area area-id By default, no OSPFv3 processes on the interface. [ instance instance-id ] are enabled on an interface. Configuring OSPFv3 area parameters OSPFv3 has the same stub area, NSSA area, and virtual link features as OSPFv2. After you split an OSPFv3 AS into multiple areas, the LSA number is reduced and OSPFv3 applications are extended.
To configure a totally NSSA area, configure the nssa no-summary command on the ABR. The ABR of a totally NSSA area does not advertise inter-area routes into the area. To configure an NSSA area: Step Command Remarks Enter system view. system-view ospfv3 process-id...
• Broadcast—When the link layer protocol is Ethernet or FDDI, OSPFv3 considers the network type as broadcast by default. • NBMA—When the link layer protocol is ATM, Frame Relay, or X.25, OSPFv3 considers the network type as NBMA by default. •...
Configuring OSPFv3 route control Configuration prerequisites Before you configure OSPFv3 route control, perform the following tasks: • Configure IPv6 addresses for interfaces to ensure IPv6 connectivity between neighboring nodes. • Enable OSPFv3. Configuring OSPFv3 route summarization Route summarization enables an ABR or ASBR to summarize contiguous networks into a single network and advertise it to other areas.
Step Command Remarks Configure route asbr-summary ipv6-address By default, route summarization is summarization on an prefix-length cost cost-value not configured on an ASBR. ASBR. not-advertise | nssa-only | tag tag ] * Configuring OSPFv3 received route filtering Step Command Remarks Enter system view.
Step Command Remarks interface interface-type Enter interface view. interface-number By default, the OSPFv3 cost is 1 for a VLAN interface, is 0 for a loopback Set an OSPFv3 cost for the ospfv3 cost cost-value interface. The OSPFv3 cost is interface. [ instance instance-id ] automatically computed according to the interface bandwidth for other...
Step Command Remarks By default, the preference of a preference preference [ ase ] { preference | OSPFv3 internal routes is 10, and OSPFv3. route-policy route-policy-name } * the priority of OSPFv3 external routes is 150. Configuring OSPFv3 route redistribution Because OSPFv3 is a link state routing protocol, it cannot directly filter LSAs to be advertised.
Step Command Remarks default-route-advertise [ [ always | Redistribute default permit-calculate-other cost By default, no default route is route. cost-value route-policy redistributed. route-policy-name | tag tag | type type ] * Setting tags for redistributed routes Perform this task to set tags for redistributed routes to identify information about protocols. For example, when redistributing IPv6 BGP routes, OSPFv3 uses tags to identify AS IDs.
Step Command Remarks The default setting is 5 seconds. ospfv3 timer retransmit Set the LSA retransmission The LSA retransmission interval cannot interval instance interval. be too short. Otherwise, unnecessary instance-id ] retransmissions will occur. Setting LSA transmission delay Each LSA in the LSDB has an age that is incremented by 1 every second, but the age does not change during transmission.
For a stable network, the minimum interval is used. If network changes become frequent, the LSA generation interval is incremented by the incremental interval × 2 for each generation until the maximum interval is reached. The value n is the number of generation times. To set the LSA generation interval: Step Command...
To disable interfaces from receiving and sending OSPFv3 packets: Step Command Remarks Enter system view. system-view ospfv3 [ process-id | vpn-instance Enter OSPFv3 view. vpn-instance-name ] * By default, the interfaces are able to receive and send OSPFv3 packets. This command disables only the Disable interfaces from silent-interface interface-type...
To configure OSPFv3 network management: Step Command Remarks Enter system view. system-view By default, MIB is bound to the Bind MIB to an OSPFv3 ospfv3 mib-binding process-id process with smallest process. process ID. snmp-agent trap enable ospfv3 grrestarter-status-change grhelper-status-change if-state-change if-cfg-error Enable SNMP notifications if-bad-pkt | neighbor-state-change |...
• Clear the R-bit of the Option field in Type-1 LSAs. When the R-bit is clear, the OSPFv3 router can participate in OSPFv3 topology distribution without forwarding traffic. • Use the OSPFv3 max-metric router LSA feature. This feature enables OSPFv3 to advertise its locally generated Type-1 LSAs with a maximum cost of 65535.
Step Command Remarks By default, prefix suppression Enable prefix suppression for prefix-suppression is disabled for an OSPFv3 the OSPFv3 process. process. Configuring prefix suppression for an interface Step Command Remarks Enter system view. system-view Enter interface view. interface interface-type interface-number Enable prefix ospfv3 prefix-suppression [ disable ]...
Step Command Remarks By default, no authentication is performed for the area. Specify an authentication authentication-mode keychain For more information about mode for the area. keychain-name keychains, Security Configuration Guide. Configuring OSPFv3 interface authentication Step Command Remarks Enter system view. system-view interface interface-type...
Step Command Remarks ospfv3 [ process-id | vpn-instance Enter OSPFv3 view. vpn-instance-name ] * graceful-restart enable [ global | By default, OSPFv3 GR restarter Enable the GR capability. planned-only ] * capability is disabled. (Optional.) Set the GR By default, the GR interval is 120 graceful-restart interval interval interval.
Step Command Remarks Enter system view. system-view ospfv3 [ process-id | vpn-instance Enter OSPFv3 view. vpn-instance-name ] * default, OSPFv3 disabled. This command takes effect only for Enable OSPFv3 NSR. non-stop-routing the current process. As a best practice, enable OSPFv3 NSR for each process if multiple OSPFv3 processes exist.
Figure 95 Network diagram for OSPFv3 FRR Backup nexthop: Router C Router A Router B Nexthop: Router D Router E As shown in Figure 95, configure FRR on Router B. OSPFv3 FRR automatically calculates a backup next hop or specifies a backup next hop by using a routing policy. When the primary link fails, OSPFv3 directs packets to the backup next hop.
Page 432
Configuring OSPFv3 FRR to specify a backup next hop using a routing policy Before you perform this task, use the apply ipv6 fast-reroute backup-interface command to specify a backup next hop in the routing policy to be used. For more information about the apply ipv6 fast-reroute backup-interface command and routing policy configuration, see "Configuring routing...
Step Command Remarks Enable BFD echo packet ospfv3 primary-path-detect bfd By default, BFD echo packet mode mode for OSPFv3 FRR. echo [ instance instance-id ] for OSPFv3 FRR is disabled. Displaying and maintaining OSPFv3 Execute display commands in any view and reset commands in user view. Task Command Display information about the routes...
OSPFv3 configuration examples OSPFv3 stub area configuration example Network requirements As shown in Figure • Enable OSPFv3 on all switches. • Split the AS into three areas. • Configure Switch B and Switch C as ABRs to forward routing information between areas. •...
Page 435
[SwitchB] interface vlan-interface 200 [SwitchB-Vlan-interface200] ospfv3 1 area 1 [SwitchB-Vlan-interface200] quit # On Switch C, enable OSPFv3 and specify the router ID as 3.3.3.3. <SwitchC> system-view [SwitchC] ospfv3 [SwitchC-ospfv3-1] router-id 3.3.3.3 [SwitchC-ospfv3-1] quit [SwitchC] interface vlan-interface 100 [SwitchC-Vlan-interface100] ospfv3 1 area 0 [SwitchC-Vlan-interface100] quit [SwitchC] interface vlan-interface 400 [SwitchC-Vlan-interface400] ospfv3 1 area 2...
Page 436
Router ID Pri State Dead-Time InstID Interface 4.4.4.4 Full/BDR 00:00:40 Vlan400 # Display OSPFv3 routing table information on Switch D. [SwitchD] display ospfv3 routing OSPFv3 Process 1 with Router ID 4.4.4.4 ------------------------------------------------------------------------- - Intra area route, E1 - Type 1 external route, N1 - Type 1 NSSA route IA - Inter area route, E2 - Type 2 external route,...
Page 437
[SwitchD] display ospfv3 routing OSPFv3 Process 1 with Router ID 4.4.4.4 ------------------------------------------------------------------------- - Intra area route, E1 - Type 1 external route, N1 - Type 1 NSSA route IA - Inter area route, E2 - Type 2 external route, N2 - Type 2 NSSA route - Selected route *Destination: ::/0 Type...
OSPFv3 Process 1 with Router ID 4.4.4.4 ------------------------------------------------------------------------- - Intra area route, E1 - Type 1 external route, N1 - Type 1 NSSA route IA - Inter area route, E2 - Type 2 external route, N2 - Type 2 NSSA route - Selected route *Destination: ::/0 Type...
Page 439
Configure Area 1 as an NSSA area: # Configure Switch A. [SwitchA] ospfv3 [SwitchA-ospfv3-1] area 1 [SwitchA-ospfv3-1-area-0.0.0.1] nssa [SwitchA-ospfv3-1-area-0.0.0.1] quit [SwitchA-ospfv3-1] quit # Configure Switch B. [SwitchB] ospfv3 [SwitchB-ospfv3-1] area 1 [SwitchB-ospfv3-1-area-0.0.0.1] nssa [SwitchB-ospfv3-1-area-0.0.0.1] quit [SwitchB-ospfv3-1] quit # Display OSPFv3 routing information on Switch A. [SwitchA] display ospfv3 1 routing OSPFv3 Process 1 with Router ID 1.1.1.1 -------------------------------------------------------------------------...
[SwitchA-ospfv3-1] quit # Display OSPFv3 routing information on Switch D. [SwitchD] display ospfv3 1 routing OSPFv3 Process 1 with Router ID 4.4.4.4 ------------------------------------------------------------------------- - Intra area route, E1 - Type 1 external route, N1 - Type 1 NSSA route IA - Inter area route, E2 - Type 2 external route, N2 - Type 2 NSSA route - Selected route...
Page 441
Figure 98 Network diagram Switch A Switch B Vlan-int100 Vlan-int200 2001::1/64 2001::2/64 Vlan-int100 Vlan-int200 2001::3/64 2001::4/64 Switch D Switch C Configuration procedure Configure IPv6 addresses for interfaces. (Details not shown.) Configure basic OSPFv3: # On Switch A, enable OSPFv3 and specify the router ID as 1.1.1.1. <SwitchA>...
Page 442
[SwitchD-Vlan-interface200] quit # Display neighbor information on Switch A. The switches have the same default DR priority 1, so Switch D (the switch with the highest router ID) is elected as the DR, and Switch C is the BDR. [SwitchA] display ospfv3 peer OSPFv3 Process 1 with Router ID 1.1.1.1 Area: 0.0.0.0 -------------------------------------------------------------------------...
3.3.3.3 Full/BDR 00:00:35 Vlan200 4.4.4.4 Full/DR 00:00:33 Vlan200 # Display neighbor information on Switch D. Switch D is still the DR. [SwitchD] display ospfv3 peer OSPFv3 Process 1 with Router ID 4.4.4.4 Area: 0.0.0.0 ------------------------------------------------------------------------- Router ID Pri State Dead-Time InstID Interface 1.1.1.1 100 Full/DROther 00:00:30...
Page 444
• Configure OSPFv3 process 2 to redistribute direct routes and the routes from OSPFv3 process 1 on Switch B, and set the default metric for redistributed routes to 3. Switch C can then learn the routes destined for 1::0/64 and 2::0/64, and Switch A cannot learn the routes destined for 3::0/64 or 4::0/64.
Page 445
[SwitchC] interface vlan-interface 300 [SwitchC-Vlan-interface300] ospfv3 2 area 2 [SwitchC-Vlan-interface300] quit [SwitchC] interface vlan-interface 400 [SwitchC-Vlan-interface400] ospfv3 2 area 2 [SwitchC-Vlan-interface400] quit # Display the routing table on Switch C. [SwitchC] display ipv6 routing-table Destinations : 7 Routes : 7 Destination: ::1/128 Protocol : Direct...
Page 447
• On Switch B, configure OSPFv3 process 2 to redistribute direct routes and the routes from OSPFv3 process 1. Switch C can then learn the routes destined for 2::/64, 2:1:1::/64, 2:1:2::/64, and 2:1:3::/64. • On Switch B, configure route summarization to advertise only summary route 2::/16 to Switch Figure 100 Network diagram Vlan-int200 Vlan-int400...
Page 448
<SwitchC> system-view [SwitchC] ospfv3 2 [SwitchC-ospfv3-2] router-id 4.4.4.4 [SwitchC-ospfv3-2] quit [SwitchC] interface vlan-interface 300 [SwitchC-Vlan-interface300] ospfv3 2 area 2 [SwitchC-Vlan-interface300] quit [SwitchC] interface vlan-interface 400 [SwitchC-Vlan-interface400] ospfv3 2 area 2 [SwitchC-Vlan-interface400] quit Configure OSPFv3 route redistribution: # Configure OSPFv3 process 2 to redistribute direct routes and the routes from OSPFv3 process 1 on Switch B.
[SwitchA-ospfv3-1] quit [SwitchA] interface vlan-interface 100 [SwitchA-Vlan-interface100] ospfv3 1 area 1 [SwitchA-Vlan-interface100] quit # On Switch B, enable OSPFv3 and set the router ID to 2.2.2.2. (By default, GR helper is enabled on Switch B.) <SwitchB> system-view [SwitchB] ospfv3 1 [SwitchB-ospfv3-1] router-id 2.2.2.2 [SwitchB-ospfv3-1] quit [SwitchB] interface vlan-interface 100...
[SwitchA-ospfv3-1] quit [SwitchA] interface vlan-interface 100 [SwitchA-Vlan-interface100] ospfv3 1 area 1 [SwitchA-Vlan-interface100] quit # On Switch B, enable OSPFv3, and set the router ID to 2.2.2.2. <SwitchB> system-view [SwitchB] ospfv3 1 [SwitchB-ospfv3-1] router-id 2.2.2.2 [SwitchB-ospfv3-1] quit [SwitchB] interface vlan-interface 200 [SwitchB-Vlan-interface200] ospfv3 1 area 1 [SwitchB-Vlan-interface200] quit # On Switch S, enable OSPFv3, set the router ID to 3.3.3.3, and enable NSR.
Page 453
Figure 103 Network diagram 2001:1::/64 2001:4::/64 Switch A Switch B Vlan-int10 Vlan-int10 Vlan-int11 Vlan-int13 L2 Switch Area 0 Vlan-int11 Vlan-int13 Switch C Table 25 Interface and IP address assignment Device Interface IPv6 address Switch A Vlan-int10 2001::1/64 Switch A Vlan-int11 2001:2::1/64 Switch B Vlan-int10...
Page 454
[SwitchB-Vlan-interface13] quit # On Switch C, enable OSPFv3 and specify the router ID as 3.3.3.3. <SwitchC> system-view [SwitchC] ospfv3 [SwitchC-ospfv3-1] router-id 3.3.3.3 [SwitchC-ospfv3-1] quit [SwitchC] interface vlan-interface 11 [SwitchC-Vlan-interface11] ospfv3 1 area 0 [SwitchC-Vlan-interface11] quit [SwitchC] interface vlan-interface 13 [SwitchC-Vlan-interface13] ospfv3 1 area 0 [SwitchC-Vlan-interface13] quit Configure BFD: # Enable BFD and configure BFD parameters on Switch A.
Destination: 2001:4::/64 Protocol : O_INTRA NextHop : FE80::20F:FF:FE00:1200 Preference: 10 Interface : Vlan10 Cost The output information shows that Switch A communicates with Switch B through VLAN-interface 10. The link over VLAN-interface 10 fails. # Display routes to 2001:4::0/64 on Switch A. <SwitchA>...
Page 456
You can enable OSPFv3 FRR to either calculate a backup next hop by using the LFA algorithm, or specify a backup next hop by using a routing policy. (Method 1.) Enable OSPFv3 FRR to calculate the backup next hop by using the LFA ...
Configuring IPv6 IS-IS Overview IPv6 IS-IS supports all IPv4 IS-IS features except that it advertises IPv6 routing information. This chapter describes only IPv6 IS-IS specific configuration tasks. For information about IS-IS, see "Configuring IS-IS." Intermediate System-to-Intermediate System (IS-IS) supports multiple network protocols, including IPv6.
Step Command Remarks default, maximum 13. Specify maximum number of ECMP routes equals number of ECMP routes maximum load-balancing number the maximum number of ECMP for load balancing. routes supported by the system. Configuring IPv6 IS-IS link cost Configuring an IPv6 IS-IS cost for an interface Step Command Remarks...
Setting the LSDB overload bit Step Command Remarks Enter system view. system-view isis [ process-id ] [ vpn-instance Enter IS-IS view. vpn-instance-name ] cost-style wide By default, the IS-IS cost style is Specify an IS-IS cost style. wide-compatible | compatible } narrow.
Step Command Remarks By default: • The maximum interval is 5 seconds. timer maximum-interval Set the SPF calculation • minimum-interval The minimum interval is interval. [ incremental-interval ] ] 50 milliseconds. • The incremental interval is 200 milliseconds. Enabling IPv6 IS-IS ISPF Step Command Remarks...
Step Command Remarks Enable an IS-IS process and isis [ process-id ] [ vpn-instance enter IS-IS view. vpn-instance-name ] Configure the NET for the network-entity net By default, no NET is configured. IS-IS process. Enter IPv6 address family address-family ipv6 [ unicast ] view.
Configuration procedure Configuring IPv6 IS-IS FRR to calculate a backup next hop through LFA calculation Step Command Remarks Enter system view. system-view interface interface-type Enter interface view. interface-number default, interface (Optional.) Disable isis ipv6 fast-reroute lfa-backup participates in LFA calculation calculation on the interface.
Step Command Remarks Enter system view. system-view interface interface-type Enter interface view. interface-number By default, BFD control packet Enable BFD control packet isis ipv6 primary-path-detect bfd mode for IPv6 IS-IS FRR is mode for IPv6 IS-IS FRR. ctrl disabled. To enable BFD echo packet mode for IPv6 IS-IS FRR: Step Command Remarks...
As shown in Figure 106, the numbers refer to the link costs. Router A, Router B, and Router D support both IPv4 and IPv6. Router C supports only IPv4 and cannot forward IPv6 packets. Enable IPv6 IS-IS MTR on Router A, Router B, Router C, and Router D to make them perform route calculation separately in IPv4 and IPv6 topologies.
Page 468
Switch A and Switch B are Level-1 switches, Switch D is a Level-2 switch, and Switch C is a Level-1-2 switch. Figure 107 Network diagram Switch A Vlan-int100 2001:1::2/64 Vlan-int301 Vlan-int100 Vlan-int300 2001:4::1/64 2001:1::1/64 2001:3::1/64 Vlan-int300 Vlan-int200 2001:3::2/64 2001:2::1/64 Switch D Switch C L1/L2 Area 20...
Page 470
Flags: D-Direct, R-Added to Rib, L-Advertised in LSPs, U-Up/Down Bit Set # Display the IPv6 IS-IS routing table on Switch B. [SwitchB] display isis route ipv6 Route information for IS-IS(1) ------------------------------ Level-1 IPv6 Forwarding Table ----------------------------- Destination : :: PrefixLen: 0 Flag : R/-/- Cost...
Page 471
Flags: D-Direct, R-Added to Rib, L-Advertised in LSPs, U-Up/Down Bit Set Level-2 IPv6 Forwarding Table ----------------------------- Destination : 2001:1:: PrefixLen: 64 Flag : D/L/- Cost : 10 Next Hop : Direct Interface: Vlan100 Destination : 2001:2:: PrefixLen: 64 Flag : D/L/- Cost : 10 Next Hop...
Flags: D-Direct, R-Added to Rib, L-Advertised in LSPs, U-Up/Down Bit Set BFD for IPv6 IS-IS configuration example Network requirements As shown in Figure 108: • Configure IPv6 IS-IS on Switch A and Switch B so that they can reach other. •...
Verifying the configuration # Display BFD session information on Switch A. <SwitchA> display bfd session Total Session Num: 1 Init Mode: Active IPv6 Session Working Under Ctrl Mode: Local Discr: 1441 Remote Discr: 1450 Source IP: FE80::20F:FF:FE00:1202 (link-local address of VLAN-interface 10 on Switch A) Destination IP: FE80::20F:FF:FE00:1200 (link-local address of VLAN-interface 10 on Switch B)
Page 475
Figure 109 Network diagram Switch C Link B Link A Loop0 Loop0 Vlan-int200 Vlan-int200 Switch A Switch B Table 28 Interface and IP address assignment Device Interface IP address Device Interface IP address Switch A Vlan-int100 1::1/64 Switch B Vlan-int101 3::1/64 Vlan-int200 2::1/64...
Configuring IPv6 PBR Overview Policy-based routing (PBR) uses user-defined policies to route packets. A policy can specify the next hop, default next hop, and precedence for packets that match specific criteria such as ACLs. A device forwards received packets using the following process: The device uses PBR to forward matching packets.
Relationship between the match mode and clauses on the node Does a packet match all Match mode the if-match clauses on the In permit mode In deny mode node? • If the node is configured with apply clauses, IPv6 PBR executes the apply clauses on node.
Step Command Remarks Create an IPv6 policy ipv6 policy-based-route policy-name [ deny | By default, no IPv6 policy or policy node and permit ] node node-number nodes exist. enter its view. Setting match criteria for an IPv6 node Step Command Remarks Enter system view.
Configuring IPv6 PBR Configuring IPv6 local PBR Configure IPv6 PBR by applying a policy locally. IPv6 PBR uses the policy to guide the forwarding of locally generated packets. The specified policy must already exist. Otherwise, the IPv6 local PBR configuration fails. You can apply only one policy locally.
Displaying and maintaining IPv6 PBR Execute display commands in any view and reset commands in user view. Task Command Display IPv6 PBR policy information. display ipv6 policy-based-route [ policy policy-name ] (In standalone mode.) Display the IPv6 PBR display ipv6 policy-based-route apply vlan-interface configuration and statistics for a VLAN interface-number [ slot slot-number ] interface.
Page 483
[SwitchA-vlan10] quit [SwitchA] vlan 20 [SwitchA-vlan20] quit # Configure the IPv6 addresses of VLAN-interface 10 and VLAN-interface 20. [SwitchA] interface vlan-interface 10 [SwitchA-Vlan-interface10] ipv6 address 1::1 64 [SwitchA-Vlan-interface10] quit [SwitchA] interface vlan-interface 20 [SwitchA-Vlan-interface20] ipv6 address 2::1 64 [SwitchA-Vlan-interface20] quit # Configure ACL 3001 to match TCP packets.
Packet type-based IPv6 interface PBR configuration example Network requirements As shown in Figure 111, Switch B and Switch C cannot reach each other. Configure IPv6 PBR on Switch A to forward all TCP packets received on VLAN-interface 11 to the next hop 1::2. Switch A forwards other IPv6 packets according to the routing table.
Page 485
[SwitchA] acl ipv6 advanced 3001 [SwitchA-acl-ipv6-adv-3001] rule permit tcp [SwitchA-acl-ipv6-adv-3001] quit # Configure Node 5 for policy aaa to forward TCP packets to next hop 1::2. [SwitchA] ipv6 policy-based-route aaa permit node 5 [SwitchA-pbr6-aaa-5] if-match acl 3001 [SwitchA-pbr6-aaa-5] apply next-hop 1::2 [SwitchA-pbr6-aaa-5] quit # Configure IPv6 interface PBR by applying policy aaa to VLAN-interface 11.
Page 486
# Ping Switch C from Host A. The operation succeeds. Telnet uses TCP, and ping uses ICMP. The results show the following: • All TCP packets arriving on VLAN-interface 11 of Switch A are forwarded to next hop 1::2. • Other packets are forwarded through VLAN-interface 20.
Configuring routing policies Overview Routing policies control routing paths by filtering and modifying routing information. This chapter describes both IPv4 and IPv6 routing policies. Routing policies can filter advertised, received, and redistributed routes, and modify attributes for specific routes. To configure a routing policy: Configure filters based on route attributes, such as destination address and the advertising router's address.
Each node has a match mode of permit or deny. • permit—Specifies the permit match mode for a routing policy node. If a route meets all the if-match clauses of the node, it is handled by the apply clauses of the node. The route is not compared with the next node unless the continue clause is configured.
To configure an IPv6 prefix list: Step Command Remarks Enter system view. system-view ipv6 prefix-list prefix-list-name index index-number ] { deny | permit } ipv6-address Configure an IPv6 default, IPv6 prefix-length inverse inverse-prefix-length prefix list. prefix lists exist. [ greater-equal min-prefix-length ] [ less-equal max-prefix-length ] } Configuring an AS path list You can configure multiple items for an AS path list that is identified by a number.
Step Command Remarks Configure extcommunity-list ext-comm-list-number By default, no extended extended community { deny | permit } { rt route-target | soo community lists exist. list. site-of-origin }&<1-32> Configuring a routing policy Configuration prerequisites Configure filters and routing protocols, and determine the routing policy name, node numbers, match criteria, and the attributes to be modified.
Page 491
Step Command Remarks By default, no ACL or prefix list match criterion configured. • Match IPv4 routes whose If the ACL used by an destination, next hop, or source if-match clause does not address matches an ACL or exist, the clause is always IPv4 prefix list:...
Configuring apply clauses Except for the apply commands used for setting the next hop for IPv4 and IPv6 routes, all apply commands are the same for IPv4 and IPv6 routing. To configure apply clauses: Step Command Remarks Enter system view. system-view route-policy Enter routing policy node...
Step Command Remarks 16. Set a preferred value for BGP apply preferred-value By default, no preferred value is set routes. preferred-value for BGP routes. By default, no prefix priority is set, apply prefix-priority { critical 17. Set a prefix priority. which means the prefix priority is | high | medium } low.
Step Command Remarks By default, no continue clause is configured. Specify the next node to be continue [ node-number ] The specified next node must matched. have a larger number than the current node. Displaying and maintaining the routing policy Execute display commands in any view and reset commands in user view.
Page 495
Figure 112 Network diagram IS-IS OSPF Vlan-int100 Vlan-int200 192.168.1.2/24 192.168.2.2/24 Switch B Vlan-int201 172.17.1.1/24 Vlan-int100 Vlan-int200 Vlan-int202 192.168.1.1/24 192.168.2.1/24 172.17.2.1/24 Switch C Switch A Vlan-int203 172.17.3.1/24 Configuration procedure Specify IP addresses for interfaces. (Details not shown.) Configure IS-IS: # Configure Switch C. <SwitchC>...
Page 496
[SwitchA] ospf [SwitchA-ospf-1] area 0 [SwitchA-ospf-1-area-0.0.0.0] network 192.168.1.0 0.0.0.255 [SwitchA-ospf-1-area-0.0.0.0] quit [SwitchA-ospf-1] quit # On Switch B, configure OSPF and enable route redistribution from IS-IS to OSPF. [SwitchB] ospf [SwitchB-ospf-1] area 0 [SwitchB-ospf-1-area-0.0.0.0] network 192.168.1.0 0.0.0.255 [SwitchB-ospf-1-area-0.0.0.0] quit [SwitchB-ospf-1] import-route isis 1 [SwitchB-ospf-1] quit # Display the OSPF routing table on Switch A to view redistributed routes.
Apply the routing policy to route redistribution: # On Switch B, enable route redistribution from IS-IS to OSPF and apply the routing policy. [SwitchB] ospf [SwitchB-ospf-1] import-route isis 1 route-policy isis2ospf [SwitchB-ospf-1] quit # Display the OSPF routing table on Switch A. [SwitchA] display ospf routing OSPF Process 1 with Router ID 192.168.1.1 Routing Tables...
Page 498
<SwitchA> system-view [SwitchA] interface vlan-interface 100 [SwitchA-Vlan-interface100] ipv6 address 10::1 32 [SwitchA-Vlan-interface100] quit [SwitchA] interface vlan-interface 200 [SwitchA-Vlan-interface200] ipv6 address 11::1 32 [SwitchA-Vlan-interface200] quit # Enable RIPng on VLAN-interface 100. [SwitchA] interface vlan-interface 100 [SwitchA-Vlan-interface100] ripng 1 enable [SwitchA-Vlan-interface100] quit # Configure three static routes with next hop 11::2, and make sure the static routes are active.
Page 499
via FE80::7D58:0:CA03:1, cost 1, tag 0, A, 3 secs Local route Destination 10::/32, via ::, cost 0, tag 0, DOF...
Document conventions and icons Conventions This section describes the conventions used in the documentation. Port numbering in examples The port numbers in this document are for illustration only and might be unavailable on your device. Command conventions Convention Description Boldface Bold text represents commands and keywords that you enter literally as shown.
Network topology icons Convention Description Represents a generic network device, such as a router, switch, or firewall. Represents a routing-capable device, such as a router or Layer 3 switch. Represents a generic switch, such as a Layer 2 or Layer 3 switch, or a router that supports Layer 2 forwarding and other Layer 2 features.
Hewlett Packard Enterprise Support Center More Information on Access to Support Materials page: www.hpe.com/support/AccessToSupportMaterials IMPORTANT: Access to some updates might require product entitlement when accessed through the Hewlett Packard Enterprise Support Center. You must have an HP Passport set up with relevant entitlements. Websites Website Link...
Page 515
enabling OSPF PIC, advertising OSPF link state information to OSPF RFC 1583 compatibility, BGP, OSPFv3, BGP, OSPFv3 neighbor state change logging, BGP 4-byte AS number suppression (IPv4), RIP (on interface), RIP (on network), BGP 4-byte AS number suppression (IPv6), RIP FRR BFD, RIP NSR, BGP MED route comparison (confederation RIP poison reverse,...
Page 519
BGP default route advertisement (peer/peer EBGP peer protection (low memory exemption), group), BGP display, excluding interfaces in an OSPF area from the base topology, BGP dynamic peer, extension attribute redistribution, BGP first AS number of EBGP route update ignore, FIB route max lifetime, BGP FRR, interface outbound PBR configuration, BGP GR,...