HPE FlexNetwork 5510 HI Series Configuration Manual
  1. Manuals
  2. Brands
  3. HPE Manuals
  4. Switch
  5. FlexNetwork 5510 HI Series
  6. Configuration manual

HPE FlexNetwork 5510 HI Series Configuration Manual

Layer 3 - ip routing
Hide thumbs Also See for FlexNetwork 5510 HI Series:
1
2
Table Of Contents
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
Table of Contents

Advertisement

Quick Links

See also: Installation Manual
HPE FlexNetwork 5510 HI Switch Series
Layer 3—IP Routing

Configuration Guide

Part number: 5200-3624
Software version: Release 13xx
Document version: 6W100-20170315

Advertisement

Table of Contents
loading
Need help?

Need help?

Do you have a question about the FlexNetwork 5510 HI Series and is the answer not in the manual?

Questions and answers

Related Manuals for HPE FlexNetwork 5510 HI Series

Summary of Contents for HPE FlexNetwork 5510 HI Series

  • Page 1: Configuration Guide

    HPE FlexNetwork 5510 HI Switch Series Layer 3—IP Routing Configuration Guide Part number: 5200-3624 Software version: Release 13xx Document version: 6W100-20170315...
  • Page 2 © Copyright 2015, 2017 Hewlett Packard Enterprise Development LP The information contained herein is subject to change without notice. The only warranties for Hewlett Packard Enterprise products and services are set forth in the express warranty statements accompanying such products and services. Nothing herein should be construed as constituting an additional warranty. Hewlett Packard Enterprise shall not be liable for technical or editorial errors or omissions contained herein.

  • Page 3: Table Of Contents

    Contents Configuring basic IP routing ································································ 1 Routing table ···························································································································· 1 Dynamic routing protocols ············································································································ 2 Route preference ······················································································································· 2 Load sharing ····························································································································· 3 Route backup ···························································································································· 3 Route recursion ························································································································· 3 Route redistribution ···················································································································· 3 Extension attribute redistribution ··································································································· 4 Setting the maximum lifetime for routes and labels in the RIB ······························································...
  • Page 4 Configuring RIPv2 route summarization ················································································· 31 Disabling host route reception ······························································································ 32 Advertising a default route ··································································································· 32 Configuring received/redistributed route filtering ······································································· 32 Setting a preference for RIP ································································································ 33 Configuring RIP route redistribution ······················································································· 33 Tuning and optimizing RIP networks ···························································································· 34 Configuration prerequisites ··································································································...
  • Page 5 Configuring a stub area ······································································································ 76 Configuring an NSSA area ·································································································· 76 Configuring a virtual link ······································································································ 77 Configuring OSPF network types ································································································· 77 Configuration prerequisites ·································································································· 78 Configuring the broadcast network type for an interface ····························································· 78 Configuring the NBMA network type for an interface ································································· 78 Configuring the P2MP network type for an interface ··································································...
  • Page 6 OSPF configuration examples ·································································································· 105 Basic OSPF configuration example ····················································································· 105 OSPF route redistribution configuration example ···································································· 108 OSPF route summarization configuration example ································································· 109 OSPF stub area configuration example ················································································ 112 OSPF NSSA area configuration example ·············································································· 114 OSPF DR election configuration example ············································································· 116 OSPF virtual link configuration example ···············································································...
  • Page 7 Enhancing IS-IS network security ······························································································ 159 Configuration prerequisites ································································································ 159 Configuring neighbor relationship authentication ···································································· 159 Configuring area authentication ·························································································· 160 Configuring routing domain authentication ············································································ 160 Configuring IS-IS GR ·············································································································· 161 Configuring IS-IS NSR ············································································································ 162 Configuring BFD for IS-IS ········································································································ 162 Configuring IS-IS FRR ············································································································...
  • Page 8 Ignoring IGP metrics during optimal route selection ································································ 257 Configuring the SoO attribute ····························································································· 257 Tuning and optimizing BGP networks ························································································· 258 Configuring the keepalive interval and hold time ····································································· 259 Configuring the interval for sending updates for the same route ················································· 260 Enabling BGP to establish an EBGP session over multiple hops ···············································...
  • Page 9 IPv6 BGP route reflector configuration example ····································································· 347 6PE configuration example ································································································ 350 BFD for IPv6 BGP configuration example ············································································· 353 IPsec for IPv6 BGP packets configuration example ································································· 356 IPv6 BGP FRR configuration example ················································································· 361 IPv6 multicast BGP configuration example ············································································ 365 Troubleshooting BGP ··············································································································...
  • Page 10 Configuring RIPng GR ············································································································ 395 Configuring RIPng NSR ··········································································································· 396 Configuring RIPng FRR ··········································································································· 396 Configuration restrictions and guidelines ·············································································· 397 Configuration prerequisites ································································································ 397 Configuring RIPng FRR ···································································································· 397 Enabling BFD for RIPng FRR ····························································································· 397 Applying an IPsec profile ········································································································· 398 Displaying and maintaining RIPng ·····························································································...
  • Page 11 Configuring OSPFv3 NSR ········································································································ 430 Configuring BFD for OSPFv3 ···································································································· 431 Configuring OSPFv3 FRR ········································································································ 431 Configuration prerequisites ································································································ 432 Configuration guidelines ··································································································· 432 Configuration procedure ··································································································· 432 Applying an IPsec profile ········································································································· 433 Displaying and maintaining OSPFv3 ·························································································· 435 OSPFv3 configuration examples ·······························································································...
  • Page 12 Configuring routing policies ···························································· 492 Overview ······························································································································ 492 Filters ··························································································································· 492 Routing policy ················································································································· 493 Configuring filters ··················································································································· 493 Configuration prerequisites ································································································ 493 Configuring an IP prefix list ································································································ 493 Configuring an AS path list ································································································ 494 Configuring a community list ······························································································ 494 Configuring an extended community list ···············································································...

  • Page 13: Configuring Basic Ip Routing

    Configuring basic IP routing IP routing directs IP packet forwarding on routers based on a routing table. This chapter focuses on unicast routing protocols. For more information about multicast routing protocols, see IP Multicast Configuration Guide. Routing table A RIB contains the global routing information and related information, including route recursion, route redistribution, and route extension information.

  • Page 14: Dynamic Routing Protocols

    • Cost—If multiple routes to a destination have the same preference, the one with the smallest cost is the optimal route. • NextHop—Next hop. • Interface—Output interface. Dynamic routing protocols Static routes work well in small, stable networks. They are easy to configure and require fewer system resources.

  • Page 15: Load Sharing

    Route type Preference Unicast static route OSPF ASE OSPF NSSA IBGP EBGP Unknown (route from an untrusted source) Load sharing A routing protocol might find multiple optimal equal-cost routes to the same destination. You can use these routes to implement equal-cost multi-path (ECMP) load sharing. Static routing, IPv6 static routing, RIP, RIPng, OSPF, OSPFv3, BGP, IPv6 BGP, IS-IS, and IPv6 IS-IS support ECMP load sharing.

  • Page 16: Extension Attribute Redistribution

    Extension attribute redistribution Extension attribute redistribution enables routing protocols to learn route extension attributes from each other, including BGP extended community attributes, OSPF area IDs, route types, and router IDs. The RIB records extended attributes of each routing protocol and redistribution relationships of different routing protocol extended attributes.

  • Page 17: Enabling The Rib To Flush Route Attribute Information To The Fib

    Step Command Remarks Enter system view. system-view Enter RIB view. Create the RIB IPv4 address By default, no RIB IPv4 address-family ipv4 family and enter its view. address family exists. By default, the maximum Set the maximum lifetime for lifetime for routes in the FIB fib lifetime seconds IPv4 routes in the FIB.

  • Page 18: Enabling The Enhanced Ecmp Mode

    Step Command Remarks Enter system view. system-view Set the maximum number of By default, the maximum max-ecmp-num number ECMP routes. number of ECMP routes is 8. Enabling the enhanced ECMP mode When one or multiple ECMP routes fail, the default ECMP mode enables the device to reallocate all traffic to the remaining routes.

  • Page 19: Configuring Ipv6 Rib Nsr

    Configuring IPv6 RIB NSR Step Command Remarks Enter system view. system-view Enter RIB view. Create the RIB IPv6 address By default, no RIB IPv6 address-family ipv6 family and enter its view. address family exists. By default, RIB NSR is Enable IPv6 RIB NSR. non-stop-routing disabled.

  • Page 20: Enabling Support For Ipv6 Routes With Prefixes Longer Than 64 Bits

    Step Command Remarks Create the RIB IPv6 address By default, no RIB IPv6 address-family ipv6 family and enter its view. address family exists. By default, inter-protocol FRR is disabled. Enable IPv6 RIB If you do not specify a VPN inter-protocol fast-reroute inter-protocol FRR.
  • Page 21 Task Command Display the IPv4 and IPv6 ECMP display ecmp mode mode. display ip routing-table [ vpn-instance vpn-instance-name ] Display routing table information. [ verbose ] Display information about routes display ip routing-table [ vpn-instance vpn-instance-name ] acl permitted by an IPv4 basic ACL. ipv4-acl-number [ verbose ] Display information about routes to a display ip routing-table [ vpn-instance vpn-instance-name ]...
  • Page 22 Task Command Display route attribute information in display ipv6 rib attribute [ attribute-id ] the IPv6 RIB. Display IPv6 RIB GR state display ipv6 rib graceful-restart information. display ipv6 rib nib [ self-originated ] [ nib-id ] [ verbose ] Display next hop information in the IPv6 RIB.

  • Page 23: Configuring Static Routing

    Configuring static routing Static routes are manually configured. If a network's topology is simple, you only need to configure static routes for the network to work correctly. Static routes cannot adapt to network topology changes. If a fault or a topological change occurs in the network, the network administrator must modify the static routes manually.

  • Page 24: Configuring Bfd For Static Routes

    Step Command Remarks (Optional.) Configure the ip route-static default-preference The default setting is 60. default preference default-preference for static routes. (Optional.) Delete all To delete one static route, static routes, delete [ vpn-instance vpn-instance-name ] use the undo ip including the default static-routes all route-static command.

  • Page 25: Single-Hop Echo Mode

    Step Command Remarks • Method 1: ip route-static dest-address { mask-length | mask } { next-hop-address bfd control-packet bfd-source ip-address | vpn-instance d-vpn-instance-name next-hop-address bfd control-packet bfd-source ip-address } [ preference preference ] [ tag tag-value ] [ description text ] Configure BFD By default, BFD control •...

  • Page 26: Configuring Static Route Frr

    Configuring static route FRR A link or router failure on a path can cause packet loss and even routing loop. Static route fast reroute (FRR) enables fast rerouting to minimize the impact of link or node failures. Figure 1 Network diagram Backup nexthop: Router C Router A Router B...

  • Page 27: Configuring Static Route Frr To Automatically Select A Backup Next Hop

    Configuring static route FRR to automatically select a backup next hop Step Command Remarks Enter system view. system-view Configure static route FRR to By default, static route FRR is automatically select a disabled from automatically ip route-static fast-reroute auto backup next hop. selecting a backup next hop.

  • Page 28: Static Route Configuration Examples

    Static route configuration examples Basic static route configuration example Network requirements As shown in Figure 2, configure static routes on the switches for interconnections between any two hosts. Figure 2 Network diagram Host B 1.1.6.2/24 Vlan-int100 1.1.6.1/24 Vlan-int500 Vlan-int600 1.1.4.2/30 1.1.5.5/30 Switch B Vlan-int500...

  • Page 29: Bfd For Static Routes Configuration Example (Direct Next Hop)

    Destination/Mask Proto Cost NextHop Interface 0.0.0.0/0 Static 60 1.1.4.2 Vlan500 Static Routing table Status : <Inactive> Summary Count : 0 # Display static routes on Switch B. [SwitchB] display ip routing-table protocol static Summary Count : 2 Static Routing table Status : <Active> Summary Count : 2 Destination/Mask Proto...
  • Page 30 • Configure a static route to subnet 120.1.1.0/24 on Switch A. • Configure a static route to subnet 121.1.1.0/24 on Switch B. • Enable BFD for both routes. • Configure a static route to subnet 120.1.1.0/24 and a static route to subnet 121.1.1.0/24 on Switch C.
  • Page 31 [SwitchB-vlan-interface10] bfd min-transmit-interval 500 [SwitchB-vlan-interface10] bfd min-receive-interval 500 [SwitchB-vlan-interface10] bfd detect-multiplier 9 [SwitchB-vlan-interface10] quit [SwitchB] ip route-static 121.1.1.0 24 vlan-interface 10 12.1.1.1 bfd control-packet [SwitchB] ip route-static 121.1.1.0 24 vlan-interface 13 13.1.1.2 preference 65 [SwitchB] quit # Configure static routes on Switch C. <SwitchC>...

  • Page 32: Bfd For Static Routes Configuration Example (Indirect Next Hop)

    Static Routing table Status : <Inactive> Summary Count : 0 The output shows that Switch A communicates with Switch B through VLAN-interface 11. BFD for static routes configuration example (indirect next hop) Network requirements Figure 4 shows the network topology as follows: •...
  • Page 33 Device Interface IP address Switch C VLAN-interface 11 10.1.1.100/24 Switch C VLAN-interface 13 13.1.1.2/24 Switch D VLAN-interface 10 12.1.1.2/24 Switch D VLAN-interface 12 11.1.1.2/24 Configuration procedure Configure IP addresses for interfaces. (Details not shown.) Configure static routes and BFD: # Configure static routes on Switch A and enable BFD control mode for the static route that traverses Switch D.

  • Page 34: Static Route Frr Configuration Example

    # Display the static routes on Switch A. <SwitchA> display ip routing-table protocol static Summary Count : 1 Static Routing table Status : <Active> Summary Count : 1 Destination/Mask Proto Cost NextHop Interface 120.1.1.0/24 Static 60 12.1.1.2 Vlan10 Static Routing table Status : <Inactive> Summary Count : 0 The output shows that Switch A communicates with Switch B through VLAN-interface 10.
  • Page 35 Table 6 Interface and IP address assignment Device Interface IP address Switch A VLAN-interface 100 12.12.12.1/24 Switch A VLAN-interface 200 13.13.13.1/24 Switch A Loopback 0 1.1.1.1/32 Switch B VLAN-interface 101 24.24.24.4/24 Switch B VLAN-interface 200 13.13.13.2/24 Switch B Loopback 0 4.4.4.4/32 Switch C VLAN-interface 100...
  • Page 36 Destination: 4.4.4.4/32 Protocol: Static Process ID: 0 SubProtID: 0x0 Age: 04h20m37s Cost: 0 Preference: 60 IpPre: N/A QosLocalID: N/A Tag: 0 State: Active Adv OrigTblID: 0x0 OrigVrf: default-vrf TableID: 0x2 OrigAs: 0 NibID: 0x26000002 LastAs: 0 AttrID: 0xffffffff Neighbor: 0.0.0.0 Flags: 0x1008c OrigNextHop: 13.13.13.2 Label: NULL...

  • Page 37: Configuring A Default Route

    Configuring a default route A default route is used to forward packets that do not match any specific routing entry in the routing table. Without a default route, packets that do not match any routing entries are discarded. A default route can be configured in either of the following ways: •...

  • Page 38: Configuring Rip

    Configuring RIP Overview Routing Information Protocol (RIP) is a distance-vector IGP suited to small-sized networks. It employs UDP to exchange route information through port 520. RIP uses a hop count to measure the distance to a destination. The hop count from a router to a directly connected network is 0.

  • Page 39: Rip Versions

    RIP versions There are two RIP versions, RIPv1 and RIPv2. RIPv1 is a classful routing protocol. It advertises messages only through broadcast. RIPv1 messages do not carry mask information, so RIPv1 can only recognize natural networks such as Class A, B, and C. For this reason, RIPv1 does not support discontiguous subnets. RIPv2 is a classless routing protocol.

  • Page 40: Configuring Basic Rip

    Tasks at a glance • Enabling zero field check on incoming RIPv1 messages • Enabling source IP address check on incoming RIP updates • Configuring RIPv2 message authentication • Setting the RIP triggered update interval • Specifying a RIP neighbor •...

  • Page 41: Controlling Rip Reception And Advertisement On Interfaces

    Step Command Remarks a single process, but does not apply to multiple RIP processes. Enabling RIP on an interface Step Command Remarks Enter system view. system-view Enable RIP and enter RIP rip [ process-id ] [ vpn-instance By default, RIP is disabled. view.

  • Page 42: Configuring Rip Route Control

    • RIPv2 broadcasts, multicasts, and unicasts. To configure a RIP version: Step Command Remarks Enter system view. system-view rip [ process-id ] [ vpn-instance Enter RIP view. vpn-instance-name ] By default, no global version is specified. An interface sends RIPv1 broadcasts, and can Specify a global RIP version.

  • Page 43: Configuring Ripv2 Route Summarization

    Step Command Remarks route-policy-name ] value Configuring RIPv2 route summarization Perform this task to summarize contiguous subnets into a summary network and sends the network to neighbors. The smallest metric among all summarized routes is used as the metric of the summary route.

  • Page 44: Disabling Host Route Reception

    Disabling host route reception Perform this task to disable RIPv2 from receiving host routes from the same network to save network resources. This feature does not apply to RIPv1. To disable RIP from receiving host routes: Step Command Remarks Enter system view. system-view rip [ process-id ] [ vpn-instance Enter RIP view.

  • Page 45: Setting A Preference For Rip

    Step Command Remarks Enter system view. system-view rip [ process-id ] [ vpn-instance Enter RIP view. vpn-instance-name ] By default, the filtering of received routes is not filter-policy { ipv4-acl-number | configured. gateway prefix-list-name | prefix-list Configure the filtering of prefix-list-name [ gateway This command filters received received routes.

  • Page 46: Tuning And Optimizing Rip Networks

    Step Command Remarks tag tag ] * routing-table protocol command. (Optional.) Set a default cost The default setting is 0. default cost cost-value for redistributed routes. Tuning and optimizing RIP networks Configuration prerequisites Before you tune and optimize RIP networks, complete the following tasks: •...

  • Page 47: Enabling Split Horizon And Poison Reverse

    Enabling split horizon and poison reverse The split horizon and poison reverse functions can prevent routing loops. If both split horizon and poison reverse are configured, only the poison reverse function takes effect. Enabling split horizon Split horizon disables RIP from sending routes through the interface where the routes were learned to prevent routing loops between adjacent routers.

  • Page 48: Enabling Source Ip Address Check On Incoming Rip Updates

    non-zero value, RIP does not process the message. If you are certain that all messages are trustworthy, disable zero field check to save CPU resources. This feature does not apply to RIPv2 packets, because they have no zero fields. To enable zero field check on incoming RIPv1 messages: Step Command Remarks...

  • Page 49: Setting The Rip Triggered Update Interval

    Setting the RIP triggered update interval Perform this task to avoid network overhead and reduce system resource consumption caused by frequent RIP triggered updates. You can use the timer triggered command to set the maximum interval, minimum interval, and incremental interval for sending RIP triggered updates. •...

  • Page 50: Configuring Rip Network Management

    Configuring RIP network management You can use network management software to manage the RIP process to which MIB is bound. To configure RIP network management: Step Command Remarks Enter system view. system-view By default, MIB is bound to the Bind MIB to a RIP RIP process with the smallest rip mib-binding process-id process.

  • Page 51: Setting The Dscp Value For Outgoing Rip Packets

    • For MD5 authentication (with packet format defined in RFC 2082), the maximum length of RIP packets must be no less than 72 bytes. To set the maximum length of RIP packets: Step Command Remarks Enter system view. system-view interface interface-type Enter interface view.

  • Page 52: Enabling Rip Nsr

    Step Command Remarks rip [ process-id ] [ vpn-instance Enter RIP view. vpn-instance-name ] Enable GR for RIP. By default, RIP GR is disabled. graceful-restart (Optional.) Set the GR By default, the GR interval is 60 graceful-restart interval interval interval. seconds.

  • Page 53: Configuring Single-Hop Echo Detection (For A Directly Connected Rip Neighbor)

    Configuring single-hop echo detection (for a directly connected RIP neighbor) Step Command Remarks Enter system view. system-view Configure the source IP By default, the source IP address address of BFD echo of BFD echo packets is not bfd echo-source-ip ip-address packets.

  • Page 54: Configuring Rip Frr

    Step Command Remarks immediately, executing the command cannot bring down the BFD session immediately. interface interface-type Enter interface view. interface-number Enable BFD on the RIP By default, BFD is disabled on a rip bfd enable interface. RIP interface. Configuring RIP FRR A link or router failure on a path can cause packet loss and even routing loop until RIP completes routing convergence based on the new network topology.

  • Page 55: Enabling Bfd For Rip Frr

    Step Command Remarks fast-reroute route-policy Configure RIP FRR. By default, RIP FRR is disabled. route-policy-name Enabling BFD for RIP FRR By default, RIP FRR does not use BFD to detect primary link failures. To speed up RIP convergence, enable BFD single-hop echo detection for RIP FRR to detect primary link failures. To configure BFD for RIP FRR: Step Command...

  • Page 56: Rip Configuration Examples

    RIP configuration examples Configuring basic RIP Network requirements As shown in Figure 7, enable RIPv2 on all interfaces on Switch A and Switch B. Configure Switch B to not advertise route 10.2.1.0/24 to Switch A, and to accept only route 2.1.1.0/24 from Switch A. Figure 7 Network diagram Vlan-int101 Vlan-int101...
  • Page 57 Local route Destination/Mask Nexthop Cost Flags 1.1.1.0/24 0.0.0.0 RDOF 2.1.1.0/24 0.0.0.0 RDOF 3.1.1.0/24 0.0.0.0 RDOF The output shows that RIPv1 uses a natural mask. Configure a RIP version: # Configure RIPv2 on Switch A. [SwitchA] rip [SwitchA-rip-1] version 2 [SwitchA-rip-1] undo summary [SwitchA-rip-1] quit # Configure RIPv2 on Switch B.
  • Page 58 2.1.1.0/24 192.168.1.3 RAOF 3.1.1.0/24 192.168.1.3 RAOF Local route Destination/Mask Nexthop Cost Flags 1.1.1.0/24 0.0.0.0 RDOF 10.1.1.0/24 0.0.0.0 RDOF 10.2.1.0/24 0.0.0.0 RDOF Configure route filtering: # Reference IP prefix lists on Switch B to filter received and redistributed routes. [SwitchB] ip prefix-list aaa index 10 permit 2.1.1.0 24 [SwitchB] ip prefix-list bbb index 10 permit 10.1.1.0 24 [SwitchB] ip prefix-list bbb index 11 permit 0.0.0.0 0 less-equal 32 [SwitchB] rip 1...

  • Page 59: Configuring Rip Route Redistribution

    Configuring RIP route redistribution Network requirements As shown in Figure 8, Switch B communicates with Switch A through RIP 100 and with Switch C through RIP 200. Configure RIP 200 to redistribute direct routes and routes from RIP 100 on Switch B so Switch C can learn routes destined for 10.2.1.0/24 and 11.1.1.0/24.
  • Page 60 # Display the IP routing table on Switch C. [SwitchC] display ip routing-table Destinations : 13 Routes : 13 Destination/Mask Proto Cost NextHop Interface 0.0.0.0/32 Direct 0 127.0.0.1 InLoop0 12.3.1.0/24 Direct 0 12.3.1.2 Vlan200 12.3.1.0/32 Direct 0 12.3.1.2 Vlan200 12.3.1.2/32 Direct 0 127.0.0.1 InLoop0...

  • Page 61: Configuring An Additional Metric For A Rip Interface

    Configuring an additional metric for a RIP interface Network requirements As shown in Figure 9, run RIPv2 on all the interfaces of Switch A, Switch B, Switch C, Switch D, and Switch E. Switch A has two links to Switch D. The link from Switch B to Switch D is more stable than that from Switch C to Switch D.

  • Page 62: Configuring Rip To Advertise A Summary Route

    # Configure Switch E. <SwitchE> system-view [SwitchE] rip 1 [SwitchE-rip-1] network 1.0.0.0 [SwitchE-rip-1] version 2 [SwitchE-rip-1] undo summary # Display all active routes in the RIP database on Switch A. [SwitchA] display rip 1 database 1.0.0.0/8, auto-summary 1.1.1.0/24, cost 0, nexthop 1.1.1.1, RIP-interface 1.1.2.0/24, cost 0, nexthop 1.1.2.1, RIP-interface 1.1.3.0/24, cost 1, nexthop 1.1.1.2 1.1.4.0/24, cost 1, nexthop 1.1.2.2...
  • Page 63 Figure 10 Network diagram Vlan-int500 Vlan-int200 10.6.1.2/24 10.1.1.1/24 Switch B Vlan-int200 10.1.1.2/24 OSPF Vlan-int600 Vlan-int100 Vlan-int300 10.5.1.2/24 10.2.1.2/24 11.3.1.1/24 Vlan-int100 10.2.1.1/24 Switch C Switch A Vlan-int400 Vlan-int300 11.4.1.2/24 11.3.1.2/24 Switch D Configuration procedure Configure IP addresses for interfaces. (Details not shown.) Configure basic OSPF: # Configure Switch A.
  • Page 64 [SwitchD-rip-1] network 11.0.0.0 [SwitchD-rip-1] version 2 [SwitchD-rip-1] undo summary [SwitchD-rip-1] quit # Configure RIP to redistribute routes from OSPF process 1 and direct routes on Switch C. [SwitchC-rip-1] import-route direct [SwitchC-rip-1] import-route ospf 1 [SwitchC-rip-1] quit # Display the IP routing table on Switch D. [SwitchD] display ip routing-table Destinations : 15 Routes : 15...

  • Page 65: Configuring Rip Gr

    127.0.0.0/32 Direct 0 127.0.0.1 InLoop0 127.0.0.1/32 Direct 0 127.0.0.1 InLoop0 127.255.255.255/32 Direct 0 127.0.0.1 InLoop0 Configuring RIP GR Network requirements As shown in Figure 11, Switch A, Switch B, and Switch C all run RIPv2. • Enable GR on Switch A. Switch A acts as the GR restarter. •...

  • Page 66: Configuring Rip Nsr

    Configuring RIP NSR Network requirements As shown in Figure 12, Switch A, Switch B, and Switch S all run RIPv2. Enable RIP NSR on Switch S to ensure correct routing when an active/standby switchover occurs on Switch S. Figure 12 Network diagram Loop 0 Loop 0 22.22.22.22/32...

  • Page 67: Configuring Bfd For Rip (Single-Hop Echo Detection For A Directly Connected Neighbor)

    Version : RIPv2 Last update: 00h00m13s Relay nbr : No BFD session: None Bad packets: 0 Bad routes : 0 [SwitchA] display rip 1 route Route Flags: R - RIP, T - TRIP P - Permanent, A - Aging, S - Suppressed, G - Garbage-collect D - Direct, O - Optimal, F - Flush to RIB ---------------------------------------------------------------------------- Peer 12.12.12.2 on Vlan-interface200...
  • Page 68 • Configure a static route destined for 100.1.1.1/24 and enable static route redistribution into RIP on Switch C. This allows Switch A to learn two routes destined for 100.1.1.1/24 through VLAN-interface 100 and VLAN-interface 200 respectively, and uses the one through VLAN-interface 100.
  • Page 69 # Configure Switch C. <SwitchC> system-view [SwitchC] rip 1 [SwitchC-rip-1] version 2 [SwitchC-rip-1] undo summary [SwitchC-rip-1] network 192.168.1.0 [SwitchC-rip-1] network 192.168.3.0 [SwitchC-rip-1] import-route static [SwitchC-rip-1] quit Configure BFD parameters on VLAN-interface 100 of Switch A. [SwitchA] bfd echo-source-ip 11.11.11.11 [SwitchA] interface vlan-interface 100 [SwitchA-Vlan-interface100] bfd min-transmit-interval 500 [SwitchA-Vlan-interface100] bfd min-receive-interval 500 [SwitchA-Vlan-interface100] bfd detect-multiplier 7...

  • Page 70: Configuring Bfd For Rip (Single Hop Echo Detection For A Specific Destination)

    Configuring BFD for RIP (single hop echo detection for a specific destination) Network requirements As shown in Figure 14, VLAN-interface 100 of Switch A and Switch B runs RIP process 1. VLAN-interface 200 of Switch B and Switch C runs RIP process 1. •...
  • Page 71 [SwitchB-rip-1] network 192.168.3.0 [SwitchB-rip-1] quit # Configure Switch C. <SwitchC> system-view [SwitchC] rip 1 [SwitchC-rip-1] network 192.168.3.0 [SwitchC-rip-1] import-route static cost 3 [SwitchC-rip-1] quit Configure BFD parameters on VLAN-interface 100 of Switch A. [SwitchA] bfd echo-source-ip 11.11.11.11 [SwitchA] interface vlan-interface 100 [SwitchA-Vlan-interface100] bfd min-echo-receive-interval 500 [SwitchA-Vlan-interface100] return Configure static routes:...

  • Page 72: Configuring Bfd For Rip (Bidirectional Detection In Bfd Control Packet Mode)

    Tunnel ID: Invalid Interface: vlan-interface 100 BkTunnel ID: Invalid BkInterface: N/A FtnIndex: 0x0 TrafficIndex: N/A Connector: N/A # Display routes destined for 100.1.1.0/24 on Switch B when the link between Switch A and Switch B fails. <SwitchB> display ip routing-table 100.1.1.0 24 verbose Summary Count : 1 Destination: 100.1.1.0/24 Protocol: RIP...
  • Page 73 Figure 15 Network diagram Switch D Vlan-int300 Vlan-int400 101.1.1.0/24 100.1.1.0/24 Vlan-int300 Vlan-int400 Switch B Vlan-int100 Vlan-int200 Vlan-int100 Vlan-int200 Switch A Switch C Table 7 Interface and IP address assignment Device Interface IP address Switch A VLAN-interface 300 192.168.3.1/24 Switch A VLAN-interface 100 192.168.1.1/24 Switch B...
  • Page 74 [SwitchA-rip-2] undo summary [SwitchA-rip-2] network 192.168.3.0 [SwitchA-rip-2] quit # Configure Switch C. <SwitchC> system-view [SwitchC] rip 1 [SwitchC-rip-1] version 2 [SwitchC-rip-1] undo summary [SwitchC-rip-1] network 192.168.2.0 [SwitchC-rip-1] network 192.168.4.0 [SwitchC-rip-1] network 100.1.1.0 [SwitchC-rip-1] peer 192.168.1.1 [SwitchC-rip-1] undo validate-source-address [SwitchC-rip-1] import-route static [SwitchC-rip-1] quit [SwitchC] interface vlan-interface 200 [SwitchC-Vlan-interface200] rip bfd enable...

  • Page 75: Configuring Rip Frr

    Verifying the configuration # Display the BFD session information on Switch A. <SwitchA> display bfd session Total Session Num: 1 Up Session Num: 1 Init Mode: Active IPv4 session working under Ctrl mode: LD/RD SourceAddr DestAddr State Holdtime Interface 513/513 192.168.1.1 192.168.2.2 1700ms...
  • Page 76 Device Interface IP address Switch A VLAN-interface 200 13.13.13.1/24 Switch A Loopback 0 1.1.1.1/32 Switch B VLAN-interface 101 24.24.24.4/24 Switch B VLAN-interface 200 13.13.13.2/24 Switch B Loopback 0 4.4.4.4/32 Switch C VLAN-interface 100 12.12.12.2/24 Switch C VLAN-interface 101 24.24.24.2/24 Configuration procedure Configure IP addresses and subnet masks for interfaces on the switches.
  • Page 77 SubProtID: 0x1 Age: 04h20m37s Cost: 1 Preference: 100 IpPre: N/A QosLocalID: N/A Tag: 0 State: Active Adv OrigTblID: 0x0 OrigVrf: default-vrf TableID: 0x2 OrigAs: 0 NibID: 0x26000002 LastAs: 0 AttrID: 0xffffffff Neighbor: 13.13.13.2 Flags: 0x1008c OrigNextHop: 13.13.13.2 Label: NULL RealNextHop: 13.13.13.2 BkLabel: NULL BkNextHop: 12.12.12.2 Tunnel ID: Invalid...

  • Page 78: Configuring Ospf

    Configuring OSPF Overview Open Shortest Path First (OSPF) is a link-state IGP developed by the OSPF working group of the IETF. OSPF version 2 is used for IPv4. OSPF refers to OSPFv2 throughout this chapter. OSPF has the following features: •...

  • Page 79: Ospf Areas

    • Network LSA—Type-2 LSA, originated for broadcast and NBMA networks by the designated router, and flooded throughout a single area only. This LSA contains the list of routers connected to the network. • Network Summary LSA—Type-3 LSA, originated by Area Border Routers (ABRs), and flooded throughout the LSA's associated area.
  • Page 80 Backbone area and virtual links Each AS has a backbone area that distributes routing information between non-backbone areas. Routing information between non-backbone areas must be forwarded by the backbone area. OSPF has the following requirements: • All non-backbone areas must maintain connectivity to the backbone area. •...

  • Page 81: Router Types

    routes. It advertises a default route in a Type-3 LSA so that the routers in the area can reach external networks through the default route. NSSA area and totally NSSA area An NSSA area does not import AS external LSAs (Type-5 LSAs) but can import Type-7 LSAs generated by the NSSA ASBR.

  • Page 82: Route Types

    Figure 21 OSPF router types IS-IS ASBR Area 1 Area 4 Backbone router Internal router Area 0 Area 3 Area 2 Route types OSPF prioritizes routes into the following route levels: • Intra-area route. • Inter-area route. • Type-1 external route. •...

  • Page 83: Ospf Network Types

    • Each router transforms the LSDB to a weighted directed graph that shows the topology of the area. All the routers within the area have the same graph. • Each router uses the SPF algorithm to compute a shortest path tree that shows the routes to the nodes in the area.

  • Page 84: Protocols And Standards

    Figure 22 DR and BDR in a network DR other DR other DR other Physical links Adjacencies NOTE: In OSPF, neighbor and adjacency are different concepts. After startup, OSPF sends a hello packet on each OSPF interface. A receiving router checks parameters in the packet. If the parameters match its own, the receiving router considers the sending router an OSPF neighbor.
  • Page 85 Tasks at a glance (Required.) Enabling OSPF (Optional.) Configuring OSPF areas: • Configuring a stub area • Configuring an NSSA area Configuring a virtual link • (Optional.) Configuring OSPF network types: • Configuring the broadcast network type for an interface •...

  • Page 86: Enabling Ospf

    Tasks at a glance • Setting the number of OSPF logs • Filtering outbound LSAs on an interface • Filtering LSAs for the specified neighbor • Configuring GTSM for OSPF (Optional.) Configuring OSPF GR • Configuring OSPF GR restarter • Configuring OSPF GR helper •...

  • Page 87: Enabling Ospf On An Interface

    Step Command Remarks If no global router ID is configured, the highest loopback interface IP address, if any, is used as the router ID. If no loopback interface IP address is available, the highest physical interface IP address is used, regardless of the interface status (up or down).

  • Page 88: Configuring A Stub Area

    Configuring a stub area You can configure a non-backbone area at an AS edge as a stub area. To do so, execute the stub command on all routers attached to the area. The routing table size is reduced because Type-5 LSAs will not be flooded within the stub area.

  • Page 89: Configuring A Virtual Link

    Step Command Remarks type type ] * | no-import-route | no-summary | suppress-fa | [ [ [ translate-always ] [ translate-ignore-checking-bac kbone ] ] | translate-never ] | translator-stability-interval value ] * The default setting is 1. (Optional.) Set a cost for This command takes effect only on the default route advertised default-cost cost-value...

  • Page 90: Configuration Prerequisites

    • If a router on an NBMA network has only one neighbor, you can change the network type to P2P to save costs. Two broadcast-, NBMA-, and P2MP-interfaces can establish a neighbor relationship only when they are on the same network segment. Configuration prerequisites Before you configure OSPF network types, perform the following tasks: •...

  • Page 91: Configuring The P2Mp Network Type For An Interface

    Step Command Remarks set its router priority. priority ] The priority configured with this command indicates whether a neighbor has the election right or not. If you configure the router priority for a neighbor as 0, the local router determines the neighbor has no election right, and does not send hello packets to this neighbor.

  • Page 92: Configuring Ospf Route Control

    Configuring OSPF route control This section describes how to control the advertisement and reception of OSPF routing information, as well as route redistribution from other protocols. Configuration prerequisites Before you configure OSPF route control, perform the following tasks: • Configure IP addresses for interfaces to ensure IP connectivity between neighboring nodes. •...

  • Page 93: Configuring Received Ospf Route Filtering

    Step Command Remarks Enter system view. system-view ospf [ process-id | router-id router-id Enter OSPF view. | vpn-instance vpn-instance-name ] asbr-summary ip-address Configure ASBR route { mask-length | mask } [ cost By default, route summarization is summarization. cost-value | not-advertise | not configured on an ASBR.

  • Page 94: Setting An Ospf Cost For An Interface

    Setting an OSPF cost for an interface Set an OSPF cost for an interface by using either of the following methods: • Set the cost value in interface view. • Set a bandwidth reference value for the interface. OSPF computes the cost with this formula: Interface OSPF cost = Bandwidth reference value (100 Mbps) / Expected interface bandwidth (Mbps).

  • Page 95: Setting Ospf Preference

    Setting OSPF preference A router can run multiple routing protocols, and each protocol is assigned a preference. If multiple routes are available to the same destination, the one with the highest protocol preference is selected as the best route. To set OSPF preference: Step Command Remarks...
  • Page 96 Step Command Remarks ospf [ process-id | router-id router-id | Enter OSPF view. vpn-instance vpn-instance-name ] * By default, no route import-route protocol [ as-number ] redistribution is configured. [ process-id | all-processes | Configure OSPF to This command redistributes only allow-ibgp ] [ allow-direct | cost redistribute routes from active routes.

  • Page 97: Advertising A Host Route

    Advertising a host route Step Command Remarks Enter system view. system-view ospf [ process-id | router-id Enter OSPF view. router-id | vpn-instance vpn-instance-name ] * Enter area view. area area-id By default, no host route is Advertise a host route. host-advertise ip-address cost advertised.

  • Page 98: Setting Lsa Transmission Delay

    • LSA retransmission timer—Interval within which if the interface does not receive any acknowledgment packets after sending an LSA to the neighbor, it retransmits the LSA. To set OSPF timers: Step Command Remarks Enter system view. system-view interface interface-type Enter interface view. interface-number By default: •...

  • Page 99: Setting Spf Calculation Interval

    Setting SPF calculation interval LSDB changes result in SPF calculations. When the topology changes frequently, a large amount of network and router resources are occupied by SPF calculation. You can adjust the SPF calculation interval to reduce the impact. For a stable network, the minimum interval is used. If network changes become frequent, the SPF calculation interval is incremented by the incremental interval ×...

  • Page 100: Disabling Interfaces From Receiving And Sending Ospf Packets

    To set the LSA generation interval: Step Command Remarks Enter system view. system-view ospf [ process-id | router-id router-id | Enter OSPF view. vpn-instance vpn-instance-name ] * By default: • The maximum interval is 5 seconds. lsa-generation-interval Set the LSA maximum-interval [ minimum-interval •...

  • Page 101: Configuring Ospf Authentication

    To configure a router as a stub router: Step Command Remarks Enter system view. system-view ospf [ process-id | router-id router-id | Enter OSPF view. vpn-instance vpn-instance-name ] * stub-router [ external-lsa By default, the router is not [ max-metric-value ] | include-stub | configured as a stub router.

  • Page 102: Adding The Interface Mtu Into Dd Packets

    Step Command Remarks • Configure simple authentication: ospf authentication-mode simple { cipher | plain } string By default, no authentication is • Configure MD5 authentication: configured. Configure interface ospf authentication-mode authentication mode. { hmac-md5 | md5 } key-id { cipher | For information about plain } string keychain, see Security...

  • Page 103: Setting Ospf Exit Overflow Interval

    Step Command Remarks LSDB is not limited. Setting OSPF exit overflow interval When the number of LSAs in the LSDB exceeds the upper limit, the LSDB is in an overflow state. To save resources, OSPF does not receive any external LSAs and deletes the external LSAs generated by itself when in this state.

  • Page 104: Logging Neighbor State Changes

    Logging neighbor state changes Perform this task to enable output of neighbor state change logs to the information center. The information center processes the logs according to user-defined output rules (whether and where to output logs). For more information about the information center, see Network Management and Monitoring Configuration Guide.

  • Page 105: Setting The Lsu Transmit Rate

    Step Command Remarks vpn-instance vpn-instance-name ] * Configure the SNMP notification output interval By default, OSPF outputs a and the maximum number maximum of seven SNMP snmp trap rate-limit interval of SNMP notifications that notifications within 10 trap-interval count trap-number can be output at each seconds.

  • Page 106: Configuring Prefix Suppression

    To enable OSPF ISPF: Step Command Remarks Enter system view. system-view ospf [ process-id | router-id router-id | Enter OSPF view. vpn-instance vpn-instance-name ] * By default, OSPF ISPF is Enable OSPF ISPF. ispf enable enabled. Configuring prefix suppression By default, an OSPF interface advertises all of its prefixes in LSAs. To speed up OSPF convergence, you can suppress interfaces from advertising all of their prefixes.

  • Page 107: Configuring Prefix Prioritization

    Step Command Remarks Enable prefix By default, prefix suppression suppression for the ospf prefix-suppression [ disable ] is disabled on an interface. interface. Configuring prefix prioritization This feature enables the device to install prefixes in descending priority order: critical, high, medium, and low.

  • Page 108: Setting The Number Of Ospf Logs

    To configure BFD echo packet mode for OSPF PIC: Step Command Remarks Enter system view. system-view By default, the source IP address of BFD echo packets is not configured. Configure the source IP The source IP address cannot be address of BFD echo on the same network segment as bfd echo-source-ip ip-address packets.

  • Page 109: Filtering Lsas For The Specified Neighbor

    Filtering LSAs for the specified neighbor On an P2MP network, a router might have multiple OSPF neighbors with the P2MP type. Perform this task to prevent the router from sending LSAs to the specified neighbor. To filter LSAs for the specified neighbor: Step Command Remarks...

  • Page 110: Configuring Ospf Gr

    Step Command Remarks Enter system view. system-view interface interface-type Enter interface view. interface-number Enable GTSM for the ospf ttl-security [ hops hop-count By default, GTSM is disabled for interface. | disable ] the interface. Configuring OSPF GR GR ensures forwarding continuity when a routing protocol restarts or an active/standby switchover occurs.

  • Page 111: Configuring Ospf Gr Helper

    Configuring the non-IETF OSPF GR restarter Step Command Remarks Enter system view. system-view ospf [ process-id | router-id Enable OSPF and enter its router-id | vpn-instance view. vpn-instance-name ] * Enable the link-local By default, the link-local signaling enable link-local-signaling signaling capability.

  • Page 112: Triggering Ospf Gr

    Step Command Remarks (Optional.) Enable strict LSA By default, strict LSA checking for graceful-restart helper checking for the GR helper. the GR helper is disabled. strict-lsa-checking Triggering OSPF GR OSPF GR is triggered by an active/standby switchover or when the following command is executed. To trigger OSPF GR, perform the following command in user view: Task Command...

  • Page 113: Configuring Bidirectional Control Detection

    Configuring bidirectional control detection Step Command Remarks Enter system view. system-view interface interface-type Enter interface view. interface-number By default, BFD bidirectional control detection is disabled. Enable BFD bidirectional Both ends of a BFD session must be ospf bfd enable control detection. on the same network segment and in the same area.

  • Page 114: Configuration Prerequisites

    Configuration prerequisites Before you configure OSPF FRR, perform the following tasks: • Configure IP addresses for interfaces to ensure IP connectivity between neighboring nodes. • Enable OSPF. Configuration guidelines • Do not use the fast-reroute lfa command together with the vlink-peer command. •...

  • Page 115: Advertising Ospf Link State Information To Bgp

    Configuring BFD for OSPF FRR By default, OSPF FRR does not use BFD to detect primary link failures. To speed up OSPF convergence, enable BFD for OSPF FRR to detect primary link failures. To configure BFD control packet mode for OSPF FRR: Step Command Remarks...

  • Page 116: Displaying And Maintaining Ospf

    Displaying and maintaining OSPF Execute display commands in any view and reset commands in user view. Task Command Display OSPF process information. display ospf [ process-id ] [ verbose ] Display OSPF GR information. display ospf [ process-id ] graceful-restart [ verbose ] Display OSPF FRR backup next hop display ospf [ process-id ] [ area area-id ] fast-reroute information.

  • Page 117: Ospf Configuration Examples

    Task Command Clear OSPF log information. reset ospf [ process-id ] event-log [ lsa-flush | peer | spf ] Restart an OSPF process. reset ospf [ process-id ] process [ graceful-restart ] Re-enable OSPF route reset ospf [ process-id ] redistribution redistribution.
  • Page 118 [SwitchB-ospf-1] area 0 [SwitchB-ospf-1-area-0.0.0.0] network 10.1.1.0 0.0.0.255 [SwitchB-ospf-1-area-0.0.0.0] quit [SwitchB-ospf-1] area 2 [SwitchB-ospf-1-area-0.0.0.2] network 10.3.1.0 0.0.0.255 [SwitchB-ospf-1-area-0.0.0.2] quit [SwitchB-ospf-1] quit # Configure Switch C. <SwitchC> system-view [SwitchC] router id 10.4.1.1 [SwitchC] ospf [SwitchC-ospf-1] area 1 [SwitchC-ospf-1-area-0.0.0.1] network 10.2.1.0 0.0.0.255 [SwitchC-ospf-1-area-0.0.0.1] network 10.4.1.0 0.0.0.255 [SwitchC-ospf-1-area-0.0.0.1] quit [SwitchC-ospf-1] quit # Configure Switch D.
  • Page 119 Neighbor is up for 06:03:12 Authentication Sequence: [ 0 ] Neighbor state change count: 5 # Display OSPF routing information on Switch A. [SwitchA] display ospf routing OSPF Process 1 with Router ID 10.2.1.1 Routing Table Routing for network Destination Cost Type NextHop...

  • Page 120: Ospf Route Redistribution Configuration Example

    OSPF route redistribution configuration example Network requirements As shown in Figure • Enable OSPF on all the switches. • Split the AS into three areas. • Configure Switch A and Switch B as ABRs. • Configure Switch C as an ASBR to redistribute external routes (static routes). Figure 25 Network diagram Switch A Switch B...

  • Page 121: Ospf Route Summarization Configuration Example

    Routing for network Destination Cost Type NextHop AdvRouter Area 10.2.1.0/24 Inter 10.3.1.1 10.3.1.1 0.0.0.2 10.3.1.0/24 Transit 10.3.1.2 10.3.1.1 0.0.0.2 10.4.1.0/24 Inter 10.3.1.1 10.3.1.1 0.0.0.2 10.5.1.0/24 Stub 10.5.1.1 10.5.1.1 0.0.0.2 10.1.1.0/24 Inter 10.3.1.1 10.3.1.1 0.0.0.2 Routing for ASEs Destination Cost Type NextHop AdvRouter 3.1.2.0/24...
  • Page 122 # Configure Switch A. <SwitchA> system-view [SwitchA] router id 11.2.1.2 [SwitchA] ospf [SwitchA-ospf-1] area 0 [SwitchA-ospf-1-area-0.0.0.0] network 11.2.1.0 0.0.0.255 [SwitchA-ospf-1-area-0.0.0.0] quit [SwitchA-ospf-1] quit # Configure Switch B. <SwitchB> system-view [SwitchB] router id 11.2.1.1 [SwitchB] ospf [SwitchB-ospf-1] area 0 [SwitchB-ospf-1-area-0.0.0.0] network 11.2.1.0 0.0.0.255 [SwitchB-ospf-1-area-0.0.0.0] quit [SwitchB-ospf-1] quit # Configure Switch C.
  • Page 123 [SwitchB-bgp-ipv4] import-route ospf [SwitchB-bgp-ipv4] import-route direct [SwitchB-bgp ipv4] quit [SwitchB-bgp] quit # Configure Switch C. [SwitchC] bgp 100 [SwitchC-bgp] peer 11.1.1.1 as 200 [SwitchC-bgp] address-family ipv4 unicast [SwitchC-bgp-ipv4] import-route ospf [SwitchC-bgp-ipv4]import-route direct [SwitchC-bgp-ipv4] quit [SwitchC-bgp] quit Configure Switch B and Switch C to redistribute BGP routes into OSPF: # Configure OSPF to redistribute routes from BGP on Switch B.

  • Page 124: Ospf Stub Area Configuration Example

    Destinations : 13 Routes : 13 Destination/Mask Proto Cost NextHop Interface 0.0.0.0/32 Direct 0 127.0.0.1 InLoop0 10.0.0.0/8 O_ASE2 150 11.2.1.1 Vlan100 11.2.1.0/24 Direct 0 11.2.1.2 Vlan100 11.2.1.0/32 Direct 0 11.2.1.2 Vlan100 11.2.1.2/32 Direct 0 127.0.0.1 InLoop0 11.2.1.255/32 Direct 0 11.2.1.2 Vlan100 127.0.0.0/8 Direct 0...
  • Page 125 [SwitchD] ospf [SwitchD-ospf-1] import-route static [SwitchD-ospf-1] quit # Display ABR/ASBR information on Switch C. <SwitchC> display ospf abr-asbr OSPF Process 1 with Router ID 10.4.1.1 Routing Table to ABR and ASBR Type Destination Area Cost Nexthop RtType Intra 10.2.1.1 0.0.0.1 10.2.1.1 Inter 10.5.1.1...

  • Page 126: Ospf Nssa Area Configuration Example

    # Display OSPF routing information on Switch C [SwitchC] display ospf routing OSPF Process 1 with Router ID 10.4.1.1 Routing Table Routing for network Destination Cost Type NextHop AdvRouter Area 0.0.0.0/0 Inter 10.2.1.1 10.2.1.1 0.0.0.1 10.2.1.0/24 Transit 0.0.0.0 10.2.1.1 0.0.0.1 10.3.1.0/24 Inter 10.2.1.1...
  • Page 127 • Configure Area 1 as an NSSA area and configure Switch C as an ASBR to redistribute static routes into the AS. Figure 28 Network diagram Switch A Switch B Area 0 Vlan-int100 10.1.1.1/24 Vlan-int100 Vlan-int200 10.1.1.2/24 Vlan-int200 10.3.1.1/24 10.2.1.1/24 Area 1 Vlan-int200 Vlan-int200...

  • Page 128: Ospf Dr Election Configuration Example

    Intra area: 2 Inter area: 3 ASE: 0 NSSA: 0 Configure route redistribution: # Configure Switch C to redistribute static routes. [SwitchC] ip route-static 3.1.3.1 24 10.4.1.2 [SwitchC] ospf [SwitchC-ospf-1] import-route static [SwitchC-ospf-1] quit # Display OSPF routing information on Switch D. <SwitchD>...
  • Page 129 Configuration procedure Configure IP addresses for interfaces. (Details not shown.) Enable OSPF: # Configure Switch A. <SwitchA> system-view [SwitchA] router id 1.1.1.1 [SwitchA] ospf [SwitchA-ospf-1] area 0 [SwitchA-ospf-1-area-0.0.0.0] network 192.168.1.0 0.0.0.255 [SwitchA-ospf-1-area-0.0.0.0] quit [SwitchA-ospf-1] quit # Configure Switch B. <SwitchB> system-view [SwitchB] router id 2.2.2.2 [SwitchB] ospf [SwitchB-ospf-1] area 0...
  • Page 130 Authentication Sequence: [ 0 ] Neighbor state change count: 6 BFD status: Disabled Router ID: 3.3.3.3 Address: 192.168.1.3 GR State: Normal State: Full Mode: Nbr is master Priority: 1 DR: 192.168.1.4 BDR: 192.168.1.3 MTU: 0 Options is 0x02 (-|-|-|-|-|-|E|-) Dead timer due in 31 Neighbor is up for 00:01:28 Authentication Sequence: [ 0 ] Neighbor state change count: 6...
  • Page 131 Dead timer due in 31 Neighbor is up for 00:11:17 Authentication Sequence: [ 0 ] Neighbor state change count: 6 BFD status: Disabled Router ID: 2.2.2.2 Address: 192.168.1.2 GR State: Normal State: Full Mode:Nbr is slave Priority: 0 DR: 192.168.1.4 BDR: 192.168.1.3 MTU: 0 Options is 0x02 (-|-|-|-|-|-|E|-)

  • Page 132: Ospf Virtual Link Configuration Example

    Router ID: 2.2.2.2 Address: 192.168.1.2 GR State: Normal State: 2-Way Mode: None Priority: 0 DR: 192.168.1.1 BDR: 192.168.1.3 MTU: 0 Options is 0x02 (-|-|-|-|-|-|E|-) Dead timer due in 35 Neighbor is up for 00:01:44 Authentication Sequence: [ 0 ] Neighbor state change count: 6 BFD status: Disabled Router ID: 3.3.3.3 Address: 192.168.1.3...
  • Page 133 Figure 30 Network diagram Area 0 Switch B Vlan-int300 10.1.1.2/24 Switch A Vlan-int300 Area 1 10.1.1.1/24 Vlan-int200 10.2.1.1/24 Vlan-int100 Vlan-int200 10.3.1.1/24 10.2.1.2/24 Vlan-int100 10.3.1.2/24 Switch D Switch C Area 2 Configuration procedure Configure IP addresses for interfaces. (Details not shown.) Enable OSPF: # Configure Switch A.

  • Page 134: Ospf Gr Configuration Example

    # Display the OSPF routing table on Switch B. [SwitchB] display ospf routing OSPF Process 1 with Router ID 2.2.2.2 Routing Table Routing for network Destination Cost Type NextHop AdvRouter Area 10.2.1.0/24 Transit 10.2.1.1 3.3.3.3 0.0.0.1 10.1.1.0/24 Transit 10.1.1.2 2.2.2.2 0.0.0.0 Total nets: 2 Intra area: 2...
  • Page 135 • Switch A acts as the non-IETF GR restarter. Switch B and Switch C are the GR helpers, and synchronize their LSDBs with Switch A through OOB communication of GR. Figure 31 Network diagram Router ID: 1.1.1.1 GR restarter Switch A Vlan-int100 192.1.1.1/24 Vlan-int100...
  • Page 136 [SwitchA-ospf-100] graceful-restart [SwitchA-ospf-100] quit # Configure Switch B as the GR helper: enable the link-local signaling capability and the out-of-band re-synchronization capability for OSPF process 100. [SwitchB-ospf-100] enable link-local-signaling [SwitchB-ospf-100] enable out-of-band-resynchronization # Configure Switch C as the GR helper: enable the link-local signaling capability and the out-of-band re-synchronization capability for OSPF process 100.

  • Page 137: Ospf Nsr Configuration Example

    %Oct 21 15:29:33:815 2011 SwitchA OSPF/5/OSPF_NBR_CHG: OSPF 100 Neighbor 192.1.1.3(Vlan-interface100) from Loading to Full. %Oct 21 15:29:35:578 2011 SwitchA OSPF/5/OSPF_NBR_CHG: OSPF 100 Neighbor 192.1.1.2(Vlan-interface100) from Loading to Full. The output shows that Switch A completes GR. OSPF NSR configuration example Network requirements As shown in Figure...
  • Page 138 Re-optimization of the placement complete. Use 'display placement' to view the new placement # During the switchover period, display OSPF neighbors on Switch A to verify the neighbor relationship between Switch A and Switch S. <SwitchA> display ospf peer OSPF Process 1 with Router ID 2.2.2.1 Neighbor Brief Information Area: 0.0.0.0 Router ID...

  • Page 139: Bfd For Ospf Configuration Example

    14.14.14.0/24 Transit 14.14.14.1 4.4.4.1 0.0.0.0 22.22.22.22/32 Stub 14.14.14.2 2.2.2.1 0.0.0.0 12.12.12.0/24 Transit 14.14.14.2 2.2.2.1 0.0.0.0 Total nets: 4 Intra area: 4 Inter area: 0 ASE: 0 NSSA: 0 The output shows the following when an active/standby switchover occurs on Switch S: •...
  • Page 140 Configuration procedure Configure IP addresses for interfaces. (Details not shown.) Enable OSPF: # Configure Switch A. <SwitchA> system-view [SwitchA] ospf [SwitchA-ospf-1] area 0 [SwitchA-ospf-1-area-0.0.0.0] network 192.168.0.0 0.0.0.255 [SwitchA-ospf-1-area-0.0.0.0] network 10.1.1.0 0.0.0.255 [SwitchA-ospf-1-area-0.0.0.0] network 121.1.1.1 0.0.0.0 [SwitchA-ospf-1-area-0.0.0.0] quit [SwitchA-ospf-1] quit # Configure Switch B. <SwitchB>...
  • Page 141 Verifying the configuration # Display the BFD information on Switch A. <SwitchA> display bfd session Total Session Num: 1 Up Session Num: 1 Init Mode: Active IPv4 Session Working Under Ctrl Mode: LD/RD SourceAddr DestAddr State Holdtime Interface 192.168.0.102 192.168.0.100 1700ms Vlan10 # Display routes destined for 120.1.1.1/32 on Switch A.

  • Page 142: Ospf Frr Configuration Example

    TableID: 0x2 OrigAs: 0 NibID: 0x26000002 LastAs: 0 AttrID: 0xffffffff Neighbor: 0.0.0.0 Flags: 0x1008c OrigNextHop: 10.1.1.100 Label: NULL RealNextHop: 10.1.1.100 BkLabel: NULL BkNextHop: N/A Tunnel ID: Invalid Interface: Vlan-interface11 BkTunnel ID: Invalid BkInterface: N/A FtnIndex: 0x0 TrafficIndex: N/A Connector: N/A The output shows that Switch A communicates with Switch B through VLAN-interface 11.
  • Page 143 You can enable OSPF FRR to either calculate a backup next hop by using the LFA algorithm, or specify a backup next hop by using a routing policy. (Method 1.) Enable OSPF FRR to calculate the backup next hop by using the LFA algorithm: ...

  • Page 144: Troubleshooting Ospf Configuration

    Tag: 0 State: Active Adv OrigTblID: 0x0 OrigVrf: default-vrf TableID: 0x2 OrigAs: 0 NibID: 0x26000002 LastAs: 0 AttrID: 0xffffffff Neighbor: 0.0.0.0 Flags: 0x1008c OrigNextHop: 13.13.13.2 Label: NULL RealNextHop: 13.13.13.2 BkLabel: NULL BkNextHop: 12.12.12.2 Tunnel ID: Invalid Interface: Vlan-interface200 BkTunnel ID: Invalid BkInterface: Vlan-interface100 FtnIndex: 0x0 TrafficIndex: N/A...

  • Page 145: Incorrect Routing Information

    Solution To resolve the problem: Use the display ospf peer command to verify OSPF neighbor information. Use the display ospf interface command to verify OSPF interface information. Ping the neighbor router's IP address to verify that the connectivity is normal. Verify OSPF timers.

  • Page 146: Configuring Is-Is

    Configuring IS-IS Overview Intermediate System-to-Intermediate System (IS-IS) is a dynamic routing protocol designed by the ISO to operate on the connectionless network protocol (CLNP). IS-IS was modified and extended in RFC 1195 by the IETF for application in both TCP/IP and OSI reference models, called "Integrated IS-IS"...

  • Page 147: Net

    Figure 35 NSAP address format HO-DSP System ID (6 octet) SEL (1 octet) Area address Area address The area address comprises the IDP and the HO-DSP of the DSP, which identify the area and the routing domain. Different routing domains cannot have the same area address. Typically, a router only needs one area address, and all nodes in the same area must have the same area address.

  • Page 148: Is-Is Area

    Typically, a router only needs one NET, but it can have a maximum of three NETs for smooth area merging and partitioning. When you configure multiple NETs, make sure the system IDs are the same. IS-IS area IS-IS has a 2-level hierarchy to support large-scale networks. A large-scale routing domain is divided into multiple areas.

  • Page 149: Is-Is Network Types

    backbone in this topology. The backbone comprises all contiguous Level-2 and Level-1-2 routers in different areas. The IS-IS backbone does not need to be a specific area. Figure 37 IS-IS topology 2 Area 1 Area 4 Area 2 L1/L2 L1/L2 Area 3 Both the Level-1 and Level-2 routers use the SPF algorithm to generate the shortest path tree.

  • Page 150: Is-Is Pdus

    As shown in Figure 38, the same level routers on a network, including non-DIS routers, establish adjacency with each other. Figure 38 DIS in the IS-IS broadcast network L1/L2 L1/L2 L2 adjacencies L1 adjacencies The DIS creates and updates pseudonodes, and generates LSPs for the pseudonodes, to describe all routers on the network.
  • Page 151 Type PDU Type Acronym Level-1 Partial Sequence Numbers PDU L1 PSNP Level-2 Partial Sequence Numbers PDU L2 PSNP Hello PDU IS-to-IS hello (IIH) PDUs are used by routers to establish and maintain neighbor relationships. On broadcast networks, Level-1 routers use Level-1 LAN IIHs, and Level-2 routers use Level-2 LAN IIHs.

  • Page 152: Protocols And Standards

    CLV Code Name PDU Type Authentication Information IIH, LSP, SNP IP Internal Reachability Information Protocols Supported IIH, LSP IP External Reachability Information L2 LSP Inter-Domain Routing Protocol Information L2 LSP IP Interface Address IIH, LSP MT-ISN M-Topologies IIH, LSP MT IP. Reach MT IPv6 IP.

  • Page 153: Configuring Basic Is-Is

    Tasks at a glance (Optional.) Configuring IS-IS route control: • Configuring IS-IS link cost • Specifying a preference for IS-IS • Configuring the maximum number of ECMP routes • Configuring IS-IS route summarization • Advertising a default route • Configuring IS-IS route redistribution •...

  • Page 154: Enabling Is-Is

    Enabling IS-IS Step Command Remarks Enter system view. system-view isis [ process-id ] Enable IS-IS and enter IS-IS [ vpn-instance By default, IS-IS is disabled. view. vpn-instance-name ] Assign a NET. By default, NET is not assigned. network-entity net Return to system view. quit interface interface-type Enter interface view.

  • Page 155: Configuring Is-Is Route Control

    If only two routers exist on a broadcast network, set the network type of attached interfaces to P2P. This avoids DIS election and CSNP flooding, saving network bandwidth and speeding up network convergence. To configure P2P network type for an interface: Step Command Remarks...

  • Page 156: Specifying A Preference For Is-Is

    Configuring an IS-IS cost for an interface Step Command Remarks Enter system view. system-view isis [ process-id ] [ vpn-instance Enter IS-IS view. vpn-instance-name ] cost-style { narrow | wide | (Optional.) Specify an By default, the IS-IS cost wide-compatible | { compatible | IS-IS cost style.

  • Page 157: Configuring The Maximum Number Of Ecmp Routes

    Step Command Remarks isis [ process-id ] [ vpn-instance Enter IS-IS IPv4 unicast vpn-instance-name ] address family view. address-family ipv4 [ unicast ] Configure a preference for preference { preference | route-policy The default setting is IS-IS. route-policy-name } * Configuring the maximum number of ECMP routes Perform this task to implement load sharing over ECMP routes.

  • Page 158: Advertising A Default Route

    Advertising a default route IS-IS cannot redistribute a default route to its neighbors. This task enables IS-IS to advertise a default route of 0.0.0.0/0 in an LSP to the same-level neighbors. Upon receiving the default route, the neighbors add it into their routing table. To advertise a default route: Step Command...

  • Page 159: Configuring Is-Is Route Filtering

    Configuring IS-IS route filtering You can use an ACL, IP prefix list, or routing policy to filter routes calculated using received LSPs and routes redistributed from other routing protocols. Filtering routes calculated from received LSPs IS-IS saves LSPs received from neighbors in the LSDB, and uses the SPF algorithm to calculate the shortest path tree with itself as the root.

  • Page 160: Advertising Is-Is Link State Information To Bgp

    To configure IS-IS route leaking: Step Command Remarks Enter system view. system-view isis [ process-id ] [ vpn-instance Enter IS-IS IPv4 vpn-instance-name ] unicast address family view. address-family ipv4 [ unicast ] import-route isis level-1 into level-2 Configure route By default, IS-IS [ filter-policy { ipv4-acl-number | prefix-list leaking from Level-1 advertises routes from...

  • Page 161: Specifying The Is-Is Hello Multiplier

    Step Command Remarks Enter system view. system-view interface interface-type Enter interface view. interface-number The default setting is 10 seconds. The interval between hello Specify the interval for isis timer hello seconds packets sent by the DIS is 1/3 the sending hello packets. [ level-1 | level-2 ] hello interval set with the isis timer hello command.

  • Page 162: Configuring A Dis Priority For An Interface

    Configuring a DIS priority for an interface On a broadcast network, IS-IS must elect a router as the DIS at a routing level. You can specify a DIS priority at a level for an interface. The greater the interface's priority, the more likely it becomes the DIS.

  • Page 163: Configuring Lsp Parameters

    Configuring LSP parameters Configuring LSP timers Specify the maximum age of LSPs. Each LSP has an age that decreases in the LSDB. Any LSP with an age of 0 is deleted from the LSDB. You can adjust the age value based on the scale of a network. To specify the maximum age of LSPs: Step Command...
  • Page 164 To configure LSP sending intervals: Step Command Remarks Enter system view. system-view interface interface-type Enter interface view. interface-number Specify the minimum By default, the minimum interval is interval for sending LSPs isis timer lsp time [ count 33 milliseconds, and the maximum and the maximum LSP count ] LSP number that can be sent at a...

  • Page 165: Controlling Spf Calculation Interval

    Enabling LSP fragment extension Perform this task to enable IS-IS fragment extension for an IS-IS process. The MTUs of all interfaces running the IS-IS process must not be less than 512. Otherwise, LSP fragment extension does not take effect. To enable LSP fragment extension: Step Command Remarks...

  • Page 166: Setting The Lsdb Overload Bit

    To assign convergence priorities to specific IS-IS routes: Step Command Remarks Enter system view. system-view isis [ process-id ] [ vpn-instance Enter IS-IS IPv4 unicast vpn-instance-name ] address family view. address-family ipv4 [ unicast ] • Method 1: prefix-priority { critical | high | By default, IS-IS routes, medium } { prefix-list Assign convergence...

  • Page 167: Configuring The Tag Value For An Interface

    Setting the ATT bit of Level-1 LSPs Step Command Remarks Enter system view. system-view isis [ process-id ] [ vpn-instance Enter IS-IS view vpn-instance-name ] Set the ATT bit of Level-1 By default, the ATT bit is not set set-att { always | never } LSPs.

  • Page 168: Enabling The Logging Of Neighbor State Changes

    Configuring dynamic system ID to host name mapping Static system ID to host name mapping requires you to manually configure a mapping for each router in the network. When a new router is added to the network or a mapping must be modified, you must configure all routers manually.

  • Page 169: Enabling Is-Is Ispf

    Enabling IS-IS ISPF When the network topology changes, Incremental Shortest Path First (ISPF) computes only the affected part of the SPT, instead of the entire SPT. To enable IS-IS ISPF: Step Command Remarks Enter system view. system-view isis [ process-id ] [ vpn-instance Enter IS-IS view.

  • Page 170: Configuring Is-Is Pic

    Step Command Remarks snmp-agent trap enable isis [ adjacency-state-change | area-mismatch | authentication | authentication-type | buffsize-mismatch | id-length-mismatch | lsdboverload-state-change | Enable IS-IS By default, IS-IS notification lsp-corrupt | lsp-parse-error | notification sending. sending is enabled. lsp-size-exceeded | manual-address-drop | max-seq-exceeded | maxarea-mismatch | own-lsp-purge | protocol-support | rejected-adjacency |...

  • Page 171: Enhancing Is-Is Network Security

    Step Command Remarks Enter system view. system-view By default, the source IP address of BFD echo packets is not configured. The source IP address cannot Configure the source IP be on the same network bfd echo-source-ip ip-address address of BFD echo packets. segment as any local interface's IP address.

  • Page 172: Configuring Area Authentication

    Step Command Remarks isis authentication-mode { { gca key-id { hmac-sha-1 | hmac-sha-224 | hmac-sha-256 | hmac-sha-384 | By default, no Specify the authentication hmac-sha-512 } [ nonstandard ] | md5 authentication is mode and key. | simple } { cipher | plain } string | configured.

  • Page 173: Configuring Is-Is Gr

    To configure routing domain authentication: Step Command Remarks Enter system view. system-view isis [ process-id ] [ vpn-instance Enter IS-IS view. vpn-instance-name ] domain-authentication-mode { { gca key-id { hmac-sha-1 | Specify the routing domain hmac-sha-224 | hmac-sha-256 | By default, no routing domain authentication mode and hmac-sha-384 | hmac-sha-512 } authentication is configured.

  • Page 174: Configuring Is-Is Nsr

    Step Command Remarks Enable IS-IS and isis [ process-id ] [ vpn-instance enter IS-IS view. vpn-instance-name ] By default, the GR capability for IS-IS is Enable IS-IS GR. graceful-restart disabled. By default, the SA bit is not suppressed. By enabling the GR restarter to suppress (Optional.) Suppress the Suppress-Advertisement (SA) bit in the the SA bit during...

  • Page 175: Configuring Is-Is Frr

    To configure BFD for IS-IS: Step Command Remarks Enter system view. system-view interface interface-type Enter interface view. interface-number Enable IS-IS on an interface. isis enable [ process-id ] By default, an IS-IS Enable BFD on an IS-IS interface is not enabled isis bfd enable interface.

  • Page 176: Configuration Procedure

    Configuration procedure Configuring IS-IS FRR to calculate a backup next hop through LFA calculation Step Command Remarks Enter system view. system-view Enter interface view. interface interface-type interface-number By default, the (Optional.) Disable LFA interface participates in calculation on the LFA calculation, and isis fast-reroute lfa-backup exclude interface.

  • Page 177: Displaying And Maintaining Is-Is

    To enable BFD control packet mode for IS-IS FRR: Step Command Remarks Enter system view. system-view interface interface-type Enter interface view. interface-number Enable BFD control packet By default, BFD control packet isis primary-path-detect bfd ctrl mode for IS-IS FRR. mode is disabled for IS-IS FRR. To enable BFD echo packet mode for IS-IS FRR: Step Command...

  • Page 178: Is-Is Configuration Examples

    Task Command Display IS-IS redistributed route display isis redistribute [ ipv4 [ ip-address mask-length ] ] [ level-1 information. | level-2 ] [ process-id ] Display IS-IS IPv4 routing display isis route [ ipv4 [ ip-address mask-length ] ] [ [ level-1 | information.
  • Page 179 Figure 42 Network diagram Switch A Vlan-int100 10.1.1.2/24 Vlan-int100 Vlan-int100 Vlan-int300 10.1.1.1/24 172.16.1.1/16 192.168.0.1/24 Vlan-int300 Vlan-int200 192.168.0.2/24 10.1.2.1/24 Switch D Switch C L1/L2 Vlan-int200 Area 20 10.1.2.2/24 Switch B Area 10 Configuration procedure Configure IP addresses for interfaces. (Details not shown.) Configure IS-IS: # Configure Switch A.
  • Page 180 [SwitchC-Vlan-interface300] isis enable 1 [SwitchC-Vlan-interface300] quit # Configure Switch D. <SwitchD> system-view [SwitchD] isis 1 [SwitchD-isis-1] is-level level-2 [SwitchD-isis-1] network-entity 20.0000.0000.0004.00 [SwitchD-isis-1] quit [SwitchD] interface vlan-interface 100 [SwitchD-Vlan-interface100] isis enable 1 [SwitchD-Vlan-interface100] quit [SwitchD] interface vlan-interface 300 [SwitchD-Vlan-interface300] isis enable 1 [SwitchD-Vlan-interface300] quit Verifying the configuration # Display the IS-IS LSDB on each switch to verify the LSPs.
  • Page 181 *-Self LSP, +-Self LSP(Extended), ATT-Attached, P-Partition, OL-Overload [SwitchC] display isis lsdb Database information for IS-IS(1) --------------------------------- Level-1 Link State Database --------------------------- LSPID Seq Num Checksum Holdtime Length ATT/P/OL -------------------------------------------------------------------------- 0000.0000.0001.00-00 0x00000006 0xdb60 0/0/0 0000.0000.0002.00-00 0x00000008 0xe651 1053 0/0/0 0000.0000.0002.01-00 0x00000005 0xd2b3 1052 0/0/0...
  • Page 182 Route information for IS-IS(1) ------------------------------ Level-1 IPv4 Forwarding Table ----------------------------- IPv4 Destination IntCost ExtCost ExitInterface NextHop Flags ------------------------------------------------------------------------------- 10.1.1.0/24 NULL Vlan100 Direct D/L/- 10.1.2.0/24 NULL Vlan100 10.1.1.1 R/-/- 192.168.0.0/24 NULL Vlan100 10.1.1.1 R/-/- 0.0.0.0/0 NULL Vlan100 10.1.1.1 R/-/- Flags: D-Direct, R-Added to Rib, L-Advertised in LSPs, U-Up/Down Bit Set [SwitchC] display isis route Route information for IS-IS(1) ------------------------------...

  • Page 183: Dis Election Configuration Example

    IPv4 Destination IntCost ExtCost ExitInterface NextHop Flags ------------------------------------------------------------------------------- 192.168.0.0/24 NULL Vlan300 Direct D/L/- 10.1.1.0/24 NULL Vlan300 192.168.0.1 R/-/- 10.1.2.0/24 NULL Vlan300 192.168.0.1 R/-/- 172.16.0.0/16 NULL Vlan100 Direct D/L/- Flags: D-Direct, R-Added to Rib, L-Advertised in LSPs, U-Up/Down Bit Set The output shows that the routing table of Level-1 switches contains a default route with the next hop as the Level-1-2 switch.
  • Page 184 [SwitchB] isis 1 [SwitchB-isis-1] network-entity 10.0000.0000.0002.00 [SwitchB-isis-1] quit [SwitchB] interface vlan-interface 100 [SwitchB-Vlan-interface100] isis enable 1 [SwitchB-Vlan-interface100] quit # Configure Switch C. <SwitchC> system-view [SwitchC] isis 1 [SwitchC-isis-1] network-entity 10.0000.0000.0003.00 [SwitchC-isis-1] is-level level-1 [SwitchC-isis-1] quit [SwitchC] interface vlan-interface 100 [SwitchC-Vlan-interface100] isis enable 1 [SwitchC-Vlan-interface100] quit # Configure Switch D.
  • Page 185 ---------------------------------- Interface: Vlan-interface100 Index IPv4.State IPv6.State CircuitID Type 00001 Down 1497 L1/L2 No/No # Display information about IS-IS interfaces on Switch C. [SwitchC] display isis interface Interface information for IS-IS(1) ---------------------------------- Interface: Vlan-interface100 Index IPv4.State IPv6.State CircuitID Type 00001 Down 1497 L1/L2 Yes/No...
  • Page 186 System Id: 0000.0000.0004 Interface: Vlan-interface100 Circuit Id: 0000.0000.0001.01 State: Up HoldTime: 30s Type: L2 PRI: 64 # Display information about IS-IS interfaces on Switch A. [SwitchA] display isis interface Interface information for IS-IS(1) ---------------------------------- Interface: Vlan-interface100 Index IPv4.State IPv6.State CircuitID Type 00001 Down...

  • Page 187: Is-Is Route Redistribution Configuration Example

    Interface information for IS-IS(1) ---------------------------------- Interface: Vlan-interface100 Index IPv4.State IPv6.State CircuitID Type 00001 Down 1497 L1/L2 No/No IS-IS route redistribution configuration example Network requirements As shown in Figure 44, Switch A, Switch B, Switch C, and Switch D reside in the same AS. They use IS-IS to interconnect.
  • Page 188 [SwitchB-Vlan-interface200] isis enable 1 [SwitchB-Vlan-interface200] quit # Configure Switch C. <SwitchC> system-view [SwitchC] isis 1 [SwitchC-isis-1] network-entity 10.0000.0000.0003.00 [SwitchC-isis-1] quit [SwitchC] interface vlan-interface 200 [SwitchC-Vlan-interface200] isis enable 1 [SwitchC-Vlan-interface200] quit [SwitchC] interface vlan-interface 100 [SwitchC-Vlan-interface100] isis enable 1 [SwitchC-Vlan-interface100] quit [SwitchC] interface vlan-interface 300 [SwitchC-Vlan-interface300] isis enable 1 [SwitchC-Vlan-interface300] quit...
  • Page 189 ------------------------------ Level-1 IPv4 Forwarding Table ----------------------------- IPv4 Destination IntCost ExtCost ExitInterface NextHop Flags ------------------------------------------------------------------------------- 10.1.1.0/24 NULL VLAN100 Direct D/L/- 10.1.2.0/24 NULL VLAN200 Direct D/L/- 192.168.0.0/24 NULL VLAN300 Direct D/L/- Flags: D-Direct, R-Added to Rib, L-Advertised in LSPs, U-Up/Down Bit Set Level-2 IPv4 Forwarding Table ----------------------------- IPv4 Destination...

  • Page 190: Is-Is Authentication Configuration Example

    [SwitchE-rip-1] version 2 [SwitchE-rip-1] undo summary # Configure IS-IS to redistribute RIP routes on Switch D. [SwitchD-rip-1] quit [SwitchD] isis 1 [SwitchD–isis-1] address-family ipv4 [SwitchD–isis-1-ipv4] import-route rip level-2 # Display IS-IS routing information on Switch C. [SwitchC] display isis route Route information for IS-IS(1) ------------------------------ Level-1 IPv4 Forwarding Table...
  • Page 191 • Configure routing domain authentication on Switch C and Switch D to prevent untrusted routes from entering the routing domain. Figure 45 Network diagram Switch A Vlan-int100 10.1.1.2/24 Vlan-int100 Vlan-int300 10.1.1.1/24 10.1.3.1/24 Vlan-int300 Vlan-int200 10.1.3.2/24 Switch C 10.1.2.1/24 Switch D L1/L2 Vlan-int200 10.1.2.2/24...
  • Page 192 [SwitchC-Vlan-interface300] isis enable 1 [SwitchC-Vlan-interface300] quit # Configure Switch D. <SwitchD> system-view [SwitchD] isis 1 [SwitchD-isis-1] network-entity 20.0000.0000.0001.00 [SwitchD-isis-1] quit [SwitchD] interface vlan-interface 300 [SwitchD-Vlan-interface300] isis enable 1 [SwitchD-Vlan-interface300] quit Configure neighbor relationship authentication between neighbors: # Set the authentication mode to MD5 and set the plaintext key to eRq on VLAN-interface 100 of Switch A and on VLAN-interface 100 of Switch C.

  • Page 193: Is-Is Gr Configuration Example

    [SwitchC-isis-1] domain-authentication-mode md5 plain 1020Sec [SwitchC-isis-1] quit [SwitchD] isis 1 [SwitchD-isis-1] domain-authentication-mode md5 plain 1020Sec IS-IS GR configuration example Network requirements As shown in Figure 46, Switch A, Switch B, and Switch C belong to the same IS-IS routing domain. Figure 46 Network diagram GR restarter Switch A...

  • Page 194: Is-Is Nsr Configuration Example

    Number of waiting LSPs: 0 Level-2 restart information --------------------------- Total number of interfaces: 1 Number of waiting LSPs: 0 IS-IS NSR configuration example Network requirements As shown in Figure 47, Switch S, Switch A, and Switch B belong to the same IS-IS routing domain. •...
  • Page 195 track ip6addr ipaddr trange tunnel lagg slsp usr6 ethbase ipcim ip6base ipbase ifnet isis Continue? [y/n]:y Re-optimization of the placement start. You will be notified on completion Re-optimization of the placement complete. Use 'display placement' to view the new placement # During the switchover period, display IS-IS neighbor information on Switch A to verify the neighborship between Switch A and Switch S.
  • Page 196 IPv4 Destination IntCost ExtCost ExitInterface NextHop Flags ------------------------------------------------------------------------------- 12.12.12.0/24 NULL vlan100 Direct D/L/- 22.22.22.22/32 NULL Loop0 Direct D/-/- 14.14.14.0/32 NULL vlan100 12.12.12.2 R/L/- 44.44.44.44/32 NULL vlan100 12.12.12.2 R/L/- Flags: D-Direct, R-Added to Rib, L-Advertised in LSPs, U-Up/Down Bit Set Level-2 IPv4 Forwarding Table ----------------------------- IPv4 Destination IntCost...

  • Page 197: Bfd For Is-Is Configuration Example

    44.44.44.44/32 NULL Loop0 Direct D/-/- 12.12.12.0/32 NULL vlan200 14.14.14.4 R/L/- 22.22.22.22/32 NULL vlan200 14.14.14.4 R/L/- Flags: D-Direct, R-Added to Rib, L-Advertised in LSPs, U-Up/Down Bit Set Level-2 IPv4 Forwarding Table ----------------------------- IPv4 Destination IntCost ExtCost ExitInterface NextHop Flags ------------------------------------------------------------------------------- 14.14.14.0/24 NULL vlan200 Direct...
  • Page 198 Device Interface IP address Device Interface IP address Switch C Vlan-int11 11.1.1.2/24 Vlan-int13 13.1.1.2/24 Configuration procedure Configure IP addresses for interfaces. (Details not shown.) Configure basic IS-IS: # Configure Switch A. <SwitchA> system-view [SwitchA] isis [SwitchA-isis-1] network-entity 10.0000.0000.0001.00 [SwitchA-isis-1] quit [SwitchA] interface loopback 0 [SwitchA-LoopBack0] isis enable [SwitchA-LoopBack0] quit...
  • Page 199 # Enable BFD and configure BFD parameters on Switch A. [SwitchA] bfd session init-mode passive [SwitchA] interface vlan-interface 10 [SwitchA-Vlan-interface10] isis bfd enable [SwitchA-Vlan-interface10] bfd min-receive-interval 500 [SwitchA-Vlan-interface10] bfd min-transmit-interval 500 [SwitchA-Vlan-interface10] bfd detect-multiplier 7 # Enable BFD and configure BFD parameters on Switch B. [SwitchB] bfd session init-mode active [SwitchB] interface vlan-interface 10 [SwitchB-Vlan-interface10] isis bfd enable...

  • Page 200: Is-Is Frr Configuration Example

    The output shows that Switch A and Switch B communicate through VLAN-interface 10. Then the link over VLAN-interface 10 fails. # Display routes destined for 120.1.1.1/32 on Switch A. <SwitchA> display ip routing-table 120.1.1.1 verbose Summary Count : 1 Destination: 120.1.1.1/32 Protocol: IS_L1 Process ID: 1 SubProtID: 0x1...
  • Page 201 Device Interface IP address Device Interface IP address Loop0 1.1.1.1/32 Loop0 4.4.4.4/32 Switch C Vlan-int100 12.12.12.2/24 Vlan-int101 24.24.24.2/24 Configuration procedure Configure IP addresses and subnet masks for interfaces on the switches. (Details not shown.) Configure IS-IS on the switches to make sure Switch A, Switch B, and Switch C can communicate with each other at Layer 3.
  • Page 202 [SwitchB-route-policy-frr-10] apply fast-reroute backup-interface vlan-interface 101 backup-nexthop 24.24.24.2 [SwitchB-route-policy-frr-10] quit [SwitchB] isis 1 [SwitchB-isis-1] address-family ipv4 [SwitchB-isis-1-ipv4] fast-reroute route-policy frr [SwitchB-isis-1-ipv4] quit [SwitchB-isis-1] quit Verifying the configuration # Display route 4.4.4.4/32 on Switch A to view the backup next hop information. [SwitchA] display ip routing-table 4.4.4.4 verbose Summary Count : 1 Destination: 4.4.4.4/32...
  • Page 203 Flags: 0x1008c OrigNextHop: 13.13.13.1 Label: NULL RealNextHop: 13.13.13.1 BkLabel: NULL BkNextHop: 24.24.24.2 Tunnel ID: Invalid Interface: Vlan-interface200 BkTunnel ID: Invalid BkInterface: Vlan-interface101 FtnIndex: 0x0 TrafficIndex: N/A Connector: N/A...

  • Page 204: Configuring Bgp

    Configuring BGP Overview Border Gateway Protocol (BGP) is an exterior gateway protocol (EGP). It is called internal BGP (IBGP) when it runs within an AS and called external BGP (EBGP) when it runs between ASs. The current version in use is BGP-4 (RFC 4271). BGP has the following characteristics: •...
  • Page 205 The ORIGIN attribute specifies the origin of BGP routes. This attribute has the following types: IGP—Has the highest priority. Routes generated in the local AS have the IGP attribute.  EGP—Has the second highest priority. Routes obtained through EGP have the EGP ...
  • Page 206 When a BGP speaker sends a received route to an EBGP peer, it sets the address of the  sending interface as the NEXT_HOP. When a BGP speaker sends a route received from an EBGP peer to an IBGP peer, it does ...
  • Page 207 Generally BGP only compares MEDs of routes received from the same AS. You can also use the compare-different-as-med command to force BGP to compare MED values of routes received from different ASs. • LOCAL_PREF The LOCAL_PREF attribute is exchanged between IBGP peers only, and is not advertised to any other AS.

  • Page 208: Bgp Route Selection

    • Extended community attribute To meet new demands, BGP defines the extended community attribute. The extended community attribute has the following advantages over the COMMUNITY attribute: Provides more attribute values by extending the attribute length to eight bytes.  Allows for using different types of extended community attributes in different scenarios to ...

  • Page 209: Bgp Load Balancing

    • When multiple feasible routes to a destination exist, BGP advertises only the optimal route to its peers. If the advertise-rib-active command is configured, BGP advertises the optimal route in the IP routing table. If not, BGP advertises the optimal route in the BGP routing table. •...

  • Page 210: Settlements For Problems In Large-Scale Bgp Networks

    Figure 54 Network diagram Router A Router D Router C AS 200 AS 100 9.0.0.0/24 Router B Router E Settlements for problems in large-scale BGP networks You can use the following methods to facilitate management and improve route distribution efficiency on a large-scale BGP network.
  • Page 211 Figure 55 BGP route dampening Penalty value Suppress threshold Reusable threshold Suppression time Time Half-life • Peer group You can organize BGP peers with the same attributes into a group to simplify their configurations. When a peer joins the peer group, the peer obtains the same configuration as the peer group. If the configuration of the peer group is changed, the configuration of group members is changed.
  • Page 212 The route reflector and clients form a cluster. Typically a cluster has one route reflector. The ID of the route reflector is the Cluster_ID. You can configure more than one route reflector in a cluster to improve availability, as shown in Figure 57.

  • Page 213: Mp-Bgp

    Confederation has a deficiency. When you change an AS into a confederation, you must reconfigure the routers, and the topology will be changed. In large-scale BGP networks, you can use both route reflector and confederation. MP-BGP BGP-4 can only advertise IPv4 unicast routing information. Multiprotocol Extensions for BGP-4 (MP-BGP) can advertise routing information for the following address families: •...

  • Page 214: Bgp Multi-Instance

    BGP multi-instance A BGP router can run multiple BGP processes. Each BGP process corresponds to a BGP instance. BGP maintains an independent routing table for each BGP instance. You can create multiple public address families for a BGP instance. However, each public address family (except for public IPv4 unicast, public VPNv4, and public VPNv6 address families) can belong to only one BGP instance.
  • Page 215 View names Ways to enter the views Remarks Configurations in this view apply to <Sysname> system-view VPNv4 routes and peers of the [Sysname] bgp 100 instance abc specified BGP instance. BGP VPNv4 address family view [Sysname-bgp-abc] For more information about BGP address-family vpnv4 VPNv4 address family view, see [Sysname-bgp-abc-vpnv4]...

  • Page 216: Protocols And Standards

    View names Ways to enter the views Remarks Configurations in this view apply to <Sysname> system-view IPv4 RT filter routes and peers of the [Sysname] bgp 100 instance abc specified BGP instance. BGP IPv4 RT filter address family view [Sysname-bgp-abc] For more information about BGP address-family ipv4 rtfilter IPv4 RT filter address family view,...
  • Page 217 Tasks at a glance Remarks Perform at least one of the following tasks to generate BGP routes: • Injecting a local network • Redistributing IGP routes (Optional.) Controlling route distribution and reception: • Configuring BGP route summarization • Advertising optimal routes in the IP routing table BGP cannot advertise •...
  • Page 218 Tasks at a glance Remarks (Optional.) Enabling SNMP notifications for BGP (Optional.) Enabling logging for session state changes (Optional.) Enabling logging for BGP route flapping (Optional.) Configuring BFD for BGP BGP does not support (Optional.) Configuring BGP FRR FRR for IPv4 multicast routes.

  • Page 219: Configuring Basic Bgp

    Tasks at a glance Remarks • Enabling MD5 authentication for BGP peers • Enabling keychain authentication for BGP peers • Configuring BGP load balancing • Configuring IPsec for IPv6 BGP • Disabling BGP to establish a session to a peer or peer group •...

  • Page 220: Configuring A Bgp Peer

    To enable BGP: Step Command Remarks Enter system view. system-view By default, no global router ID is configured, and BGP uses the highest loopback interface IP address—if any—as the router ID. If Configure a global router ID. no loopback interface IP address is router id router-id available, BGP uses the highest physical interface IP address as the...
  • Page 221 Step Command Remarks Create an IPv4 BGP peer By default, no IPv4 BGP peers peer ipv4-address as-number and specify its AS number. exist. as-number (Optional.) Configure a By default, no description is peer ipv4-address description description for a peer. configured for a peer. text Create the BGP IPv4 unicast By default, no BGP IPv4 unicast...

  • Page 222: Configuring Dynamic Bgp Peers

    Step Command Remarks Create the BGP IPv4 By default, no BGP IPv4 multicast multicast address family and address-family ipv4 multicast address family exists. enter its view. Enable the router to By default, the router cannot exchange IPv4 unicast exchange IPv4 unicast routing routing information used for peer ipv4-address enable information used for RPF check...
  • Page 223 Step Command Remarks • Enter BGP instance view: bgp as-number [ instance instance-name ] Enter BGP instance view • Enter BGP-VPN instance view: or BGP-VPN instance a. bgp as-number [ instance view. instance-name ] b. ip vpn-instance vpn-instance-name Specify devices in a network as dynamic BGP By default, no dynamic BGP peer ipv4-address mask-length...
  • Page 224 Step Command Remarks specified network. Configuring dynamic BGP peers (IPv4 multicast address family) Step Command Remarks Enter system view. system-view bgp as-number [ instance Enter BGP instance view. instance-name ] Specify devices in a network as dynamic BGP By default, no dynamic BGP peer ipv4-address mask-length peers and specify an AS peers exist.

  • Page 225: Configuring A Bgp Peer Group

    Configuring a BGP peer group The peers in a peer group use the same route selection policy. In a large-scale network, many peers can use the same route selection policy. You can configure a peer group and add these peers into this group. When you change the policy for the group, the modification also applies to the peers in the group.
  • Page 226 Step Command Remarks bgp as-number [ instance BGP-VPN instance view. instance-name ] • Enter BGP-VPN instance view: a. bgp as-number [ instance instance-name ] b. ip vpn-instance vpn-instance-name By default, no IBGP peer groups Create an IBGP peer group. group group-name [ internal ] exist.
  • Page 227 Step Command Remarks specified peer group. with the peers in the peer group. To configure an IBGP peer group (IPv6 multicast address family): Step Command Remarks Enter system view. system-view bgp as-number [ instance Enter BGP instance view. instance-name ] By default, no IBGP peer groups Create an IBGP peer group.
  • Page 228 Step Command Remarks a. bgp as-number [ instance instance-name ] b. ip vpn-instance vpn-instance-name By default, no EBGP peer groups Create an EBGP peer group. group group-name external exist. By default, no AS number is specified. Specify the AS number of the peer group-name as-number If a peer group contains peers, group.
  • Page 229 Step Command Remarks By default, no peers exist in the peer group. peer ipv6-address [ prefix-length ] The as-number as-number Add a peer into the EBGP group group-name [ as-number option, if used, must specify the peer group. as-number ] same AS number as the peer group-name as-number as-number command.
  • Page 230 Step Command Remarks Enter system view. system-view bgp as-number [ instance Enter BGP instance view. instance-name ] By default, no EBGP peer groups Create an EBGP peer group. group group-name external exist. By default, no AS number is specified. Specify the AS number of the peer group-name as-number If a peer group contains peers, group.
  • Page 231 Step Command Remarks ipv4-address [ mask-length ] as-number as-number command. (Optional.) Configure a By default, no description is peer group-name description description for the peer configured for the peer group. text group. Create the BGP IPv4 unicast By default, no BGP IPv4 unicast address family or BGP-VPN address-family ipv4 [ unicast ] address family or BGP-VPN IPv4...
  • Page 232 To configure an EBGP peer group by using Method 2 (IPv4 multicast address family): Step Command Remarks Enter system view. system-view bgp as-number [ instance Enter BGP instance view. instance-name ] By default, no EBGP peer groups Create an EBGP peer group. group group-name external exist.
  • Page 233 Step Command Remarks enter its view. address family exists. Enable the router to By default, the router cannot exchange IPv6 unicast exchange IPv6 unicast routing routing information used for peer group-name enable information used for RPF check RPF check with peers in the with the peers in the group.
  • Page 234 Step Command Remarks vpn-instance-name By default, no EBGP peer groups Create an EBGP peer group. group group-name external exist. peer ipv6-address [ prefix-length ] Add a peer into the EBGP By default, no peers exist in the group group-name as-number peer group.

  • Page 235: Specifying The Source Address Of Tcp Connections

    Step Command Remarks peer ipv6-address [ prefix-length ] Add an IPv6 BGP peer into By default, no peers exist in the group group-name as-number the EBGP peer group. peer group. as-number (Optional.) Configure a By default, no description is peer group-name description description for the peer configured for the peer group.

  • Page 236: Generating Bgp Routes

    Step Command Remarks or peer group. interface in the optimal route to a source-ipv4-address peer or peer group as the source address of TCP connections to the peer { group-name | ipv4-address Specify the source interface peer or peer group. [ mask-length ] } of TCP connections to a peer connect-interface interface-type...
  • Page 237 Step Command Remarks IPv4 multicast address family instance-name ] view. b. address-family ipv4 [ unicast ] • Enter BGP-VPN IPv4 unicast address family view: c. bgp as-number [ instance instance-name ] d. ip vpn-instance vpn-instance-name e. address-family ipv4 [ unicast ] •...

  • Page 238: Redistributing Igp Routes

    Redistributing IGP routes Perform this task to configure route redistribution from an IGP to BGP. By default, BGP does not redistribute default IGP routes. You can use the default-route imported command to redistribute default IGP routes into the BGP routing table. Only active routes can be redistributed.

  • Page 239: Controlling Route Distribution And Reception

    Step Command Remarks view. b. address-family ipv6 [ unicast ] • Enter BGP-VPN IPv6 unicast address family view: c. bgp as-number [ instance instance-name ] d. ip vpn-instance vpn-instance-name e. address-family ipv6 [ unicast ] • Enter BGP IPv6 multicast address family view: f.
  • Page 240 Step Command Remarks • Enter BGP IPv4 unicast address family view: a. bgp as-number [ instance instance-name ] b. address-family ipv4 [ unicast ] • Enter BGP-VPN IPv4 unicast address family view: Enter BGP IPv4 unicast c. bgp as-number address family view, [ instance BGP-VPN IPv4 unicast instance-name ]...

  • Page 241: Advertising Optimal Routes In The Ip Routing Table

    Step Command Remarks f. bgp as-number [ instance instance-name ] g. address-family ipv4 multicast aggregate ipv4-address { mask-length | mask } [ as-set | attribute-policy Create a summary route in route-policy-name | By default, no summary routes are the BGP routing table. detail-suppressed | configured.

  • Page 242: Advertising A Default Route To A Peer Or Peer Group

    To enable BGP to advertise optimal routes in the IP routing table (IPv4 unicast): Step Command Remarks Enter system view. system-view bgp as-number [ instance Enter BGP instance view. instance-name ] Enable BGP to advertise By default, BGP advertises optimal routes in the IP optimal routes in the BGP routing advertise-rib-active routing table.
  • Page 243 To advertise a default route to a peer or peer group (IPv4 unicast/multicast address family): Step Command Remarks Enter system view. system-view • Enter BGP IPv4 unicast address family view: a. bgp as-number [ instance instance-name ] b. address-family ipv4 [ unicast ] •...

  • Page 244: Limiting Routes Received From A Peer Or Peer Group

    Step Command Remarks f. bgp as-number [ instance instance-name ] g. address-family ipv6 multicast peer { group-name | ipv6-address Advertise a default route to a [ prefix-length ] } By default, no default route is peer or peer group. advertised. default-route-advertise [ route-policy route-policy-name ] Limiting routes received from a peer or peer group...

  • Page 245: Configuring Bgp Route Filtering Policies

    Step Command Remarks instance-name ] g. address-family ipv4 multicast peer { group-name | ipv4-address Specify the maximum [ mask-length ] } route-limit By default, the number of routes number of routes that a prefix-number [ { alert-only | that a router can receive from a router can receive from a discard | reconnect peer or peer group is not limited.
  • Page 246 • Routing policy (see "Configuring routing policies"). • AS path list (see "Configuring routing policies"). Configuring BGP route distribution filtering policies To configure BGP route distribution filtering policies, use the following methods: • Use an ACL or prefix list to filter routing information advertised to all peers. •...
  • Page 247 Step Command Remarks to a peer or peer group: peer { group-name | ipv4-address [ mask-length ] } route-policy route-policy-name export • Reference an ACL to filter BGP routes advertised to a peer or peer group: peer { group-name | ipv4-address [ mask-length ] } filter-policy ipv4-acl-number export...
  • Page 248 Step Command Remarks • Reference an ACL or IPv6 prefix list to filter advertised BGP routes: filter-policy { ipv6-acl-number | prefix-list ipv6-prefix-name } export [ direct | isisv6 process-id | ospfv3 process-id | ripng process-id | static ] • Reference a routing policy to filter BGP routes advertised to a peer or peer group: peer { group-name |...
  • Page 249 Step Command Remarks Enter system view. system-view • Enter BGP IPv4 unicast address family view: a. bgp as-number [ instance instance-name ] b. address-family ipv4 [ unicast ] • Enter BGP-VPN IPv4 unicast address family view: Enter BGP IPv4 unicast c.
  • Page 250 Step Command Remarks Enter system view. system-view • Enter BGP IPv6 unicast address family view: a. bgp as-number [ instance instance-name ] b. address-family ipv6 [ unicast ] • Enter BGP-VPN IPv6 unicast address family view: Enter BGP IPv6 unicast c.

  • Page 251: Configuring Bgp Route Update Delay

    Configuring BGP route update delay Perform this task to configure BGP to delay sending route updates on reboot to reduce traffic loss. With this feature enabled, BGP redistributes all routes from other neighbors on reboot, selects the optimal route, and then advertises it. To configure BGP route update delay: Step Command...

  • Page 252: Configuring Bgp Route Dampening

    Procedure Step Command Remarks Enter system view. system-view bgp as-number [ instance Enter BGP instance view. instance-name ] Specify the period after By default, the startup policy bgp apply-policy on-startup reboot within which the does not take effect. duration seconds startup policy is effective.

  • Page 253: Controlling Bgp Path Selection

    Step Command Remarks Enter system view. system-view • Enter BGP IPv6 unicast address family view: a. bgp as-number [ instance instance-name ] b. address-family ipv6 [ unicast ] • Enter BGP-VPN IPv6 unicast address family view: Enter BGP IPv6 unicast c.
  • Page 254 Step Command Remarks [ instance instance-name ] d. ip vpn-instance vpn-instance-name e. address-family ipv4 [ unicast ] • Enter BGP IPv4 multicast address family view: f. bgp as-number [ instance instance-name ] g. address-family ipv4 multicast Set a preferred value for peer { group-name | ipv4-address routes received from a peer [ mask-length ] } preferred-value...

  • Page 255: Configuring Preferences For Bgp Routes

    Configuring preferences for BGP routes Routing protocols each have a default preference. If they find multiple routes destined for the same network, the route found by the routing protocol with the highest preference is selected as the optimal route. You can use the preference command to modify preferences for EBGP, IBGP, and local BGP routes, or use a routing policy to set a preference for matching routes.

  • Page 256: Configuring The Default Local Preference

    Step Command Remarks address family view, address family view: BGP-VPN IPv6 unicast a. bgp as-number address family view, or BGP [ instance IPv6 multicast address family instance-name ] view. b. address-family ipv6 [ unicast ] • Enter BGP-VPN IPv6 unicast address family view: c.

  • Page 257: Configuring The Med Attribute

    Step Command Remarks d. ip vpn-instance vpn-instance-name e. address-family ipv4 [ unicast ] • Enter BGP IPv4 multicast address family view: f. bgp as-number [ instance instance-name ] g. address-family ipv4 multicast Configure the default local The default local preference is default local-preference value preference.
  • Page 258 Configuring the default MED value To configure the default MED value (IPv4 unicast/multicast address family): Step Command Remarks Enter system view. system-view • Enter BGP IPv4 unicast address family view: a. bgp as-number [ instance instance-name ] b. address-family ipv4 [ unicast ] •...
  • Page 259 Step Command Remarks f. bgp as-number [ instance instance-name ] g. address-family ipv6 multicast Configure the default MED The default MED value is 0. default med med-value value. Enabling MED comparison for routes from different ASs This task enables BGP to compare the MEDs of routes from different ASs. To enable MED comparison for routes from different ASs: Step Command...
  • Page 260 As shown in Figure 60, Router D establishes indirect EBGP peer relationships with Router A, Router B, and Router C, and learns addresses 1.1.1.1/32, 2.2.2.2/32, and 3.3.3.3/32 through OSPF. The following output shows the routing information on Router D. Destination/Mask Proto Pre Cost NextHop...

  • Page 261: Configuring The Next_Hop Attribute

    Enabling MED comparison for routes from confederation peers This task enables BGP to compare the MEDs of routes received from confederation peers. However, if a route received from a confederation peer has an AS number that does not belong to the confederation, BGP does not compare the route with other routes.
  • Page 262 Figure 62 NEXT_HOP attribute configuration 1.1.1.2/24 Router B 1.1.1.1/24 AS 100 AS 200 1.1.1.3/24 Router A Router C IMPORTANT: If you have configured BGP load balancing, the router sets itself as the next hop for routes sent to an IBGP peer or peer group regardless of whether the peer next-hop-local command is configured. To configure the NEXT_HOP attribute (IPv4 unicast/multicast address family): Step Command...

  • Page 263: Configuring The As_Path Attribute

    Step Command Remarks • Enter BGP IPv6 unicast address family view: a. bgp as-number [ instance instance-name ] b. address-family ipv6 [ unicast ] • Enter BGP-VPN IPv6 unicast address family view: Enter BGP IPv6 unicast c. bgp as-number address family view, [ instance BGP-VPN IPv6 unicast instance-name ]...
  • Page 264 Step Command Remarks address family view: c. bgp as-number [ instance instance-name ] d. ip vpn-instance vpn-instance-name e. address-family ipv4 [ unicast ] • Enter BGP IPv4 multicast address family view: f. bgp as-number [ instance instance-name ] g. address-family ipv4 multicast Permit the local AS number peer { group-name | ipv4-address...
  • Page 265 Ignoring the AS_PATH attribute during optimal route selection Step Command Remarks Enter system view. system-view • Enter BGP instance view: bgp as-number [ instance instance-name ] • Enter BGP-VPN instance Enter BGP instance view or view: BGP-VPN instance view. a. bgp as-number [ instance instance-name ] b.
  • Page 266 Step Command Remarks a. bgp as-number [ instance instance-name ] b. ip vpn-instance vpn-instance-name By default, no fake AS number is advertised to a peer or peer peer { group-name | ipv6-address group. Advertise a fake AS number [ prefix-length ] } fake-as to a peer or peer group.
  • Page 267 Step Command Remarks vpn-instance-name Configure AS number peer { group-name | ipv4-address By default, AS number substitution for a peer or peer [ mask-length ] } substitute-as substitution is not configured. group. To configure AS number substitution for a peer or peer group (IPv6 unicast/multicast address family): Step Command Remarks...
  • Page 268 Step Command Remarks instance-name ] g. address-family ipv4 multicast By default, BGP updates sent to Configure BGP to remove an EBGP peer or peer group can private AS numbers from the carry both public and private AS peer { group-name | ipv4-address AS_PATH attribute of numbers.

  • Page 269: Ignoring Igp Metrics During Optimal Route Selection

    Step Command Remarks Enter system view. system-view bgp as-number [ instance Enter BGP instance view. instance-name ] By default, BGP checks the Configure BGP to ignore the first AS first AS number of EBGP ignore-first-as number of EBGP route updates. route updates.

  • Page 270: Tuning And Optimizing Bgp Networks

    Step Command Remarks c. bgp as-number [ instance instance-name ] d. ip vpn-instance vpn-instance-name e. address-family ipv4 [ unicast ] • Enter BGP IPv4 multicast address family view: f. bgp as-number [ instance instance-name ] g. address-family ipv4 multicast By default, no SoO attribute is Configure the SoO attribute peer { group-name | ipv4-address configured for a peer or peer...

  • Page 271: Configuring The Keepalive Interval And Hold Time

    Configuring the keepalive interval and hold time BGP sends keepalive messages regularly to keep the BGP session between two routers. If a router receives no keepalive or update message from a peer within the hold time, it tears down the session. You can configure the keepalive interval and hold time globally or for a peer or peer group.

  • Page 272: Configuring The Interval For Sending Updates For The Same Route

    Step Command Remarks a. bgp as-number [ instance instance-name ] b. ip vpn-instance vpn-instance-name Use at least one method. • Configure the global By default, the keepalive interval keepalive interval and hold is 60 seconds, and hold time is time: 180 seconds.

  • Page 273: Enabling Bgp To Establish An Ebgp Session Over Multiple Hops

    Step Command Remarks Enter system view. system-view • Enter BGP instance view: bgp as-number [ instance instance-name ] • Enter BGP-VPN instance view: Enter BGP instance view or BGP-VPN instance view. a. bgp as-number [ instance instance-name ] b. ip vpn-instance vpn-instance-name Configure the interval for peer { group-name | ipv6-address...

  • Page 274: Enabling Immediate Re-Establishment Of Direct Ebgp Connections Upon Link Failure

    Step Command Remarks instance-name ] • Enter BGP-VPN instance view: a. bgp as-number [ instance instance-name ] b. ip vpn-instance vpn-instance-name Enable BGP to establish an EBGP session to an peer { group-name | ipv6-address By default, BGP cannot establish indirectly connected peer or [ prefix-length ] } ebgp-max-hop an EBGP session to an indirectly...
  • Page 275 Step Command Remarks Enter system view. system-view • Enter BGP IPv4 unicast address family view: a. bgp as-number [ instance instance-name ] b. address-family ipv4 [ unicast ] • Enter BGP-VPN IPv4 unicast Enter BGP IPv4 unicast address family view: address family view, c.

  • Page 276: Enabling 4-Byte As Number Suppression

    Enabling nonstandard BGP ORF capabilities Step Command Remarks Enter system view. system-view • Enter BGP instance view: bgp as-number [ instance instance-name ] Enter BGP instance view • Enter BGP-VPN instance view: or BGP-VPN instance a. bgp as-number [ instance view.

  • Page 277: Enabling Md5 Authentication For Bgp Peers

    Step Command Remarks Enter system view. system-view • Enter BGP instance view: bgp as-number [ instance instance-name ] • Enter BGP-VPN instance view: Enter BGP instance view or BGP-VPN instance view. a. bgp as-number [ instance instance-name ] b. ip vpn-instance vpn-instance-name peer { group-name | ipv6-address Enable 4-byte AS number...

  • Page 278: Enabling Keychain Authentication For Bgp Peers

    Step Command Remarks view: a. bgp as-number [ instance instance-name ] b. ip vpn-instance vpn-instance-name Enable MD5 authentication peer { group-name | ipv6-address By default, MD5 authentication is for a BGP peer group or [ prefix-length ] } password disabled. peer.

  • Page 279: Configuring Bgp Load Balancing

    Step Command Remarks • Enter BGP instance view: bgp as-number [ instance instance-name ] • Enter BGP-VPN instance view: Enter BGP instance view or BGP-VPN instance view. a. bgp as-number [ instance instance-name ] b. ip vpn-instance vpn-instance-name Enable keychain peer { group-name | ipv6-address By default, keychain authentication for a BGP...

  • Page 280: Configuring Ipsec For Ipv6 Bgp

    Step Command Remarks load balancing. (Optional.) Enable load By default, BGP cannot perform balancing for routes that load balancing for routes that balance as-path-relax have different AS_PATH have different AS_PATH attributes of the same length. attributes of the same length. To specify the maximum number of BGP ECMP routes for load balancing (IPv6 unicast/multicast address family): Step...

  • Page 281: Disabling Bgp To Establish A Session To A Peer Or Peer Group

    successfully receives and de-encapsulates the packet, it establishes an IPv6 BGP peer relationship with Device A and learns IPv6 BGP routes from Device A. If Device B receives but fails to de-encapsulate the packet, or receives a packet not protected by IPsec, it discards the packet. To configure IPsec for IPv6 BGP packets (IPv6 unicast/multicast address family): Step Command...

  • Page 282: Configuring Gtsm For Bgp

    Step Command Remarks Enter system view. system-view • Enter BGP instance view: bgp as-number [ instance instance-name ] • Enter BGP-VPN instance view: Enter BGP instance view or BGP-VPN instance view. a. bgp as-number [ instance instance-name ] b. ip vpn-instance vpn-instance-name Disable BGP to establish a peer { group-name | ipv6-address...

  • Page 283: Configuring Bgp Soft-Reset

    Step Command Remarks Enter system view. system-view • Enter BGP instance view: bgp as-number [ instance instance-name ] • Enter BGP-VPN instance Enter BGP instance view or view: BGP-VPN instance view. a. bgp as-number [ instance instance-name ] b. ip vpn-instance vpn-instance-name Configure GTSM for the peer { group-name | ipv6-address...
  • Page 284 Step Command Remarks vpn-instance-name • Enable BGP route refresh for the specified peer or peer group: peer { group-name | ipv4-address [ mask-length ] } capability-advertise By default, the BGP route refresh, route-refresh Enable BGP route refresh for multi-protocol extension, and •...
  • Page 285 Step Command Remarks Enter system view. system-view • Enter BGP IPv4 unicast address family view: a. bgp as-number [ instance instance-name ] b. address-family ipv4 [ unicast ] • Enter BGP-VPN IPv4 unicast address family view: Enter BGP IPv4 unicast c.
  • Page 286 Step Command Remarks f. bgp as-number [ instance instance-name ] g. address-family ipv6 multicast By default, the routes are not saved. Save all route updates from peer { group-name | ipv6-address This command takes effect only the peer or peer group. [ prefix-length ] } keep-all-routes for the routes received after this command is executed.
  • Page 287 To configure manual soft-reset (IPv6 unicast/multicast address family): Step Command Remarks Enter system view. system-view • Enter BGP instance view: bgp as-number [ instance instance-name ] • Enter BGP-VPN instance view: Enter BGP instance view or BGP-VPN instance view. a. bgp as-number [ instance instance-name ] b.

  • Page 288: Protecting An Ebgp Peer When Memory Usage Reaches Level 2 Threshold

    Step Command Remarks • Enter BGP instance view: bgp as-number [ instance instance-name ] • Enter BGP-VPN instance view: Enter BGP instance view or BGP-VPN instance view. a. bgp as-number [ instance instance-name ] b. ip vpn-instance vpn-instance-name • Enable BGP route refresh for the specified peer or peer group: peer { group-name |...

  • Page 289: Configuring An Update Delay For Local Mpls Labels

    Step Command Remarks • Enter BGP instance view: bgp as-number [ instance instance-name ] • Enter BGP-VPN instance view: Enter BGP instance view or BGP-VPN instance view. a. bgp as-number [ instance instance-name ] b. ip vpn-instance vpn-instance-name Configure BGP to protect an By default, BGP periodically tears peer { group-name | ipv4-address EBGP peer or peer group...

  • Page 290: Flushing The Suboptimal Bgp Route To The Rib

    Step Command Remarks local MPLS labels. seconds. Flushing the suboptimal BGP route to the RIB This feature flushes the suboptimal BGP route to the RIB when the following conditions are met: • The optimal route is generated by the network command or is redistributed by the import-route command.

  • Page 291: Enabling Per-Prefix Label Allocation

    Enabling per-prefix label allocation CAUTION: A change to the label allocation mode enables BGP to re-advertise all routes, which will cause service interruption. Use this command with caution. Perform this task to enable BGP to allocate a label to each route prefix. To enable per-prefix label allocation: Step Command...
  • Page 292 Step Command Remarks Enter system view. system-view • Enter BGP IPv4 unicast address family view: a. bgp as-number [ instance instance-name ] b. address-family ipv4 [ unicast ] • Enter BGP-VPN IPv4 unicast address family view: Enter BGP IPv4 unicast c.

  • Page 293: Configuring Bgp Route Reflection

    Step Command Remarks c. bgp as-number [ instance instance-name ] d. ip vpn-instance vpn-instance-name e. address-family ipv6 [ unicast ] • Enter BGP IPv6 multicast address family view: f. bgp as-number [ instance instance-name ] g. address-family ipv6 multicast • Advertise the COMMUNITY attribute to a peer or peer group:...
  • Page 294 Step Command Remarks instance-name ] d. ip vpn-instance vpn-instance-name e. address-family ipv4 [ unicast ] • Enter BGP IPv4 multicast address family view: f. bgp as-number [ instance instance-name ] g. address-family ipv4 multicast Configure the router as a route reflector and specify a peer { group-name | ipv4-address By default, no route reflector or peer or peer group as its...

  • Page 295: Configuring A Bgp Confederation

    Ignoring the ORIGINATOR_ID attribute By default, BGP drops incoming route updates whose ORIGINATOR_ID attribute is the same as the local router ID. Some special networks such as firewall networks require BGP to accept such route updates. To meet the requirement, you must configure BGP to ignore the ORIGINATOR_ID attribute. To ignore the ORIGINATOR_ID attribute (IPv4 unicast/multicast address family): Step Command...

  • Page 296: Configuring Bgp Gr

    A confederation contains sub-ASs. In each sub-AS, IBGP peers are fully meshed. Sub-ASs establish EBGP connections in between. Configuring a BGP confederation After you split an AS into multiple sub-ASs, configure a router in a sub-AS as follows: Enable BGP and specify the AS number of the router. For more information, see "Enabling BGP."...
  • Page 297 The BGP GR restarter and helper exchange Open messages for GR capability negotiation. If both parties have the GR capability, they establish a GR-capable session. The GR restarter sends the GR timer set by the graceful-restart timer restart command to the GR helper in an Open message.

  • Page 298: Configuring Bgp Nsr

    Configuring BGP NSR BGP nonstop routing (NSR) backs up BGP state and data information from the active BGP process to the standby BGP process. The standby BGP process takes over when any of the following events occurs: • The active BGP process restarts. •...

  • Page 299: Enabling Logging For Bgp Route Flapping

    Step Command Remarks Enter system view. system-view bgp as-number [ instance Enter BGP instance view. instance-name ] Enable logging for session By default, logging for session log-peer-change state changes globally. state changes is enabled globally. (Optional.) Enter BGP-VPN ip vpn-instance instance view.
  • Page 300 Step Command Remarks instance-name ] d. ip vpn-instance vpn-instance-name e. address-family ipv4 [ unicast ] • Enter BGP IPv4 multicast address family view: f. bgp as-number [ instance instance-name ] g. address-family ipv4 multicast log-route-flap monitor-time Enable logging for BGP route monitor-count [ log-count-limit | By default, logging for BGP route flapping.

  • Page 301: Configuring Bfd For Bgp

    Configuring BFD for BGP IMPORTANT: If you have enabled GR, use BFD with caution because BFD might detect a failure before the system performs GR, which will result in GR failure. If you have enabled both BFD and GR for BGP, do not disable BFD during a GR process to avoid GR failure.

  • Page 302: Configuring Bgp Frr

    Configuring BGP FRR When a link fails, the packets on the link are discarded, and a routing loop might occur until BGP completes routing convergence based on the new network topology. You can enable BGP fast reroute (FRR) to resolve this issue. Figure 64 Network diagram for BGP FRR Backup nexthop: Router C Router A...
  • Page 303 Step Command Remarks This step is required when Method 2 is used to enable BGP FRR. For more information about this command, see Layer 3—IP Routing Command Reference. By default, no backup next hop is set. This step is required when Set the backup next hop for Method 2 is used to enable BGP apply fast-reroute...

  • Page 304: Configuring 6Pe

    Step Command Remarks Command Reference. By default, no backup next hop is set. This step is required when Method 2 apply ipv6 fast-reroute Set the backup next hop for is used to enable BGP FRR. backup-nexthop FRR. For more information about this ipv6-address command, see Layer 3—IP Routing Command Reference.

  • Page 305: Configuring Basic 6Pe

    Figure 65 Network diagram for 6PE IPv4/MPLS network IBGP IPv6 network IPv6 network Customer site Customer site 6PE mainly performs the following operations: • 6PE assigns a label to IPv6 routing information received from a CE router, and sends the labeled IPv6 routing information to the peer 6PE device through an MP-BGP session.

  • Page 306: Configuring Optional 6Pe Capabilities

    Step Command Remarks labeled IPv6 routes with [ mask-length ] } default. the 6PE peer or peer label-route-capability group. Configuring optional 6PE capabilities Step Command Remarks Enter system view. system-view bgp as-number [ instance Enter BGP instance view. instance-name ] Enter BGP IPv6 unicast address-family ipv6 [ unicast ] address family view.

  • Page 307: Configuring Bgp Ls

    Step Command Remarks peer or peer group. reconnect reconnect-time } | group is not limited. percentage-value ] * 15. Specify a preferred value for peer { group-name | ipv4-address By default, the preferred value routes received from the 6PE [ mask-length ] } preferred-value is 0.

  • Page 308: Configuring Bgp Ls Route Reflection

    Step Command Remarks peer { ipv4-address [ mask-length ] | ipv6-address [ prefix-length ] } Specify an AS number for By default, no AS number is as-number as-number an LS peer or peer group. specified. peer group-name as-number as-number Create the BGP LS address family and enter its address-family link-state view.

  • Page 309: Configuring Bmp

    Step Command Remarks Enter BGP LS address address-family link-state family view. Specify an AS number and By default, the AS number and domain-distinguisher a router ID for BGP LS router ID of the current BGP as-number:router-id messages. process are used. Configuring BMP The BGP monitoring protocol (BMP) enables a BGP router (BMP client) to send session status information of the specified peers to BMP servers for monitoring.
  • Page 310 Task Command status display bgp [ instance instance-name ] group ipv4 [ unicast ] Display BGP IPv4 unicast peer group [ vpn-instance vpn-instance-name ] [ group-name information. group-name ] display bgp [ instance instance-name ] peer ipv4 [ unicast ] Display BGP IPv4 unicast peer or peer [ vpn-instance vpn-instance-name ] [ ipv4-address mask-length group information.
  • Page 311 Task Command group information. prefix-length | { ipv6-address | group-name group-name } log-info | [ ipv6-address ] verbose ] display bgp [ instance instance-name ] peer ipv6 [ unicast ] [ ipv4-address mask-length | ipv4-address log-info | [ ipv4-address ] verbose ] display bgp [ instance instance-name ] routing-table ipv6 [ unicast ] [ vpn-instance vpn-instance-name ] [ ipv6-address prefix-length [ advertise-info ] | as-path-acl...
  • Page 312 Task Command Display BGP IPv4 multicast peer group display bgp [ instance instance-name ] group ipv4 multicast information. [ group-name group-name ] display bgp [ instance instance-name ] peer ipv4 multicast Display BGP IPv4 multicast peer or peer [ ipv4-address mask-length | { ipv4-address | group-name group information.
  • Page 313 Task Command ipv6-address { advertised-routes | received-routes } [ ipv6-address prefix-length | statistics ] | statistics ] Display dampened BGP IPv6 multicast display bgp [ instance instance-name ] routing-table routing information. dampened ipv6 multicast Display BGP dampening parameter display bgp [ instance instance-name ] dampening information.

  • Page 314: Resetting Bgp Sessions

    Resetting BGP sessions Execute reset commands in user view. Task Command Reset all BGP sessions. reset bgp [ instance instance-name ] all reset bgp [ instance instance-name ] { as-number | Reset BGP sessions for IPv4 unicast ipv4-address [ mask-length ] | all | external | group group-name address family.

  • Page 315: Ipv4 Bgp Configuration Examples

    Task Command IPv6 multicast routes and release multicast [ ipv6-address prefix-length ] suppressed BGP IPv6 multicast routes. reset bgp [ instance instance-name ] flap-info ipv6 multicast Clear flap information for BGP IPv6 [ ipv6-address prefix-length | as-path-acl as-path-acl-number | multicast routes. peer ipv6-address [ prefix-length ] ] reset bgp [ instance instance-name ] bmp server Clear BMP server statistics.
  • Page 316 [SwitchB-bgp-default-ipv4] peer 3.3.3.3 enable [SwitchB-bgp-default-ipv4] quit [SwitchB-bgp-default] quit [SwitchB] ospf 1 [SwitchB-ospf-1] area 0 [SwitchB-ospf-1-area-0.0.0.0] network 2.2.2.2 0.0.0.0 [SwitchB-ospf-1-area-0.0.0.0] network 9.1.1.0 0.0.0.255 [SwitchB-ospf-1-area-0.0.0.0] quit [SwitchB-ospf-1] quit # Configure Switch C. <SwitchC> system-view [SwitchC] bgp 65009 [SwitchC-bgp-default] router-id 3.3.3.3 [SwitchC-bgp-default] peer 2.2.2.2 as-number 65009 [SwitchC-bgp-default] peer 2.2.2.2 connect-interface loopback 0 [SwitchC-bgp-default] address-family ipv4 unicast [SwitchC-bgp-default-ipv4] peer 2.2.2.2 enable...
  • Page 317 [SwitchB] bgp 65009 [SwitchB-bgp-default] peer 3.1.1.2 as-number 65008 [SwitchB-bgp-default] address-family ipv4 unicast [SwitchB-bgp-default-ipv4] peer 3.1.1.2 enable [SwitchB-bgp-default-ipv4] quit [SwitchB-bgp-default] quit # Display BGP peer information on Switch B. [SwitchB] display bgp peer ipv4 BGP local router ID : 2.2.2.2 Local AS number : 65009 Total number of peers : 2 Peers in established state : 2 * - Dynamically created peer...
  • Page 318 Total number of routes: 1 BGP local router ID is 3.3.3.3 Status codes: * - valid, > - best, d - dampened, h - history, s - suppressed, S - stale, i - internal, e - external Origin: i - IGP, e - EGP, ? - incomplete Network NextHop LocPrf...

  • Page 319: Bgp And Igp Route Redistribution Configuration Example

    Network NextHop LocPrf PrefVal Path/Ogn * >i 2.2.2.2/32 2.2.2.2 * >i 3.1.1.0/24 2.2.2.2 * >i 8.1.1.0/24 3.1.1.2 65008i * >i 9.1.1.0/24 2.2.2.2 The output shows that the route 8.1.1.0 becomes valid with the next hop as Switch A. Verifying the configuration # Verify that Switch C can ping 8.1.1.1.
  • Page 320 <SwitchB> system-view [SwitchB] ospf 1 [SwitchB-ospf-1] area 0 [SwitchB-ospf-1-area-0.0.0.0] network 2.2.2.2 0.0.0.0 [SwitchB-ospf-1-area-0.0.0.0] network 9.1.1.0 0.0.0.255 [SwitchB-ospf-1-area-0.0.0.0] quit [SwitchB-ospf-1] quit # Configure Switch C. <SwitchC> system-view [SwitchC] ospf 1 [SwitchC-ospf-1] import-route direct [SwitchC-ospf-1] area 0 [SwitchC-ospf-1-area-0.0.0.0] network 9.1.1.0 0.0.0.255 [SwitchC-ospf-1-area-0.0.0.0] quit [SwitchC-ospf-1] quit Configure the EBGP connection: Configure the EBGP connection and inject network 8.1.1.0/24 to the BGP routing table of...
  • Page 321 Status codes: * - valid, > - best, d - dampened, h - history, s - suppressed, S - stale, i - internal, e - external Origin: i - IGP, e - EGP, ? - incomplete Network NextHop LocPrf PrefVal Path/Ogn * >e 3.3.3.3/32 3.1.1.1 65009?

  • Page 322: Bgp Route Summarization Configuration Example

    5 packet(s) transmitted, 5 packet(s) received, 0.0% packet loss round-trip min/avg/max/std-dev = 3.000/4.400/9.000/2.332 ms BGP route summarization configuration example Network requirements As shown in Figure 68, run EBGP between Switch C and Switch D, so the internal network and external network can communicate with each other. •...

  • Page 323: Ospf Routes

    [SwitchB-ospf-1] area 0 [SwitchB-ospf-1-area-0.0.0.0] network 172.17.100.0 0.0.0.255 [SwitchB-ospf-1-area-0.0.0.0] quit [SwitchB-ospf-1] import-route static [SwitchB-ospf-1] quit # Configure OSPF to advertise the local networks on Switch C. [SwitchC] ospf [SwitchC-ospf-1] area 0 [SwitchC-ospf-1-area-0.0.0.0] network 172.17.100.0 0.0.0.255 [SwitchC-ospf-1-area-0.0.0.0] network 10.220.2.0 0.0.0.255 [SwitchC-ospf-1-area-0.0.0.0] quit [SwitchC-ospf-1] quit # Display the IP routing table on Switch C.
  • Page 324 [SwitchD-bgp-default-ipv4] peer 10.220.2.16 enable [SwitchD-bgp-default-ipv4] quit [SwitchD-bgp-default] quit # Display the IP routing table on Switch D. [SwitchD] display ip routing-table protocol bgp Summary count : 3 BGP Routing table Status : <Active> Summary count : 3 Destination/Mask Proto Cost NextHop Interface 192.168.64.0/24...

  • Page 325: Bgp Load Balancing Configuration Example

    BGP Routing table Status : <Inactive> Summary count : 0 The output shows that Switch D has only one route 192.168.64.0/18 to AS 65106. # Verify that Switch D can ping the hosts on networks 192.168.64.0/24, 192.168.74.0/24, and 192.168.99.0/24. (Details not shown.) BGP load balancing configuration example Network requirements As shown in...
  • Page 326 Configuration procedure Configure IP addresses for interfaces. (Details not shown.) Configure BGP connections: # Configure Switch A. <SwitchA> system-view [SwitchA] bgp 65008 [SwitchA-bgp-default] router-id 1.1.1.1 [SwitchA-bgp-default] peer 3.1.1.1 as-number 65009 [SwitchA-bgp-default] peer 3.1.2.1 as-number 65009 [SwitchA-bgp-default] address-family ipv4 unicast [SwitchA-bgp-default-ipv4] peer 3.1.1.1 enable [SwitchA-bgp-default-ipv4] peer 3.1.2.1 enable [SwitchA-bgp-default-ipv4] network 8.1.1.0 24 [SwitchA-bgp-default-ipv4] quit...
  • Page 327 BGP local router ID is 1.1.1.1 Status codes: * - valid, > - best, d - dampened, h - history, s - suppressed, S - stale, i - internal, e - external Origin: i - IGP, e - EGP, ? - incomplete Network NextHop LocPrf...

  • Page 328: Bgp Community Configuration Example

    BGP community configuration example Network requirements As shown in Figure 70, Switch B establishes EBGP connections with Switch A and Switch C. Configure NO_EXPORT community attribute on Switch A to make routes from AS 10 not advertised by AS 20 to any other AS. Figure 70 Network diagram Loop0 1.1.1.1/32...
  • Page 329 [SwitchC-bgp-default] address-family ipv4 unicast [SwitchC-bgp-default-ipv4] peer 200.1.3.1 enable [SwitchC-bgp-default-ipv4] quit [SwitchC-bgp-default] quit # Display the BGP routing table on Switch B. [SwitchB] display bgp routing-table ipv4 9.1.1.0 BGP local router ID: 2.2.2.2 Local AS number: 20 Paths: 1 available, 1 best BGP routing table information of 9.1.1.0/24: From : 200.1.2.1 (1.1.1.1)
  • Page 330 * >e 9.1.1.0/24 200.1.3.1 20 10i The output shows that Switch C has learned route 9.1.1.0/24 from Switch B. Configure a BGP community: # Configure a routing policy. [SwitchA] route-policy comm_policy permit node 0 [SwitchA-route-policy-comm_policy-0] apply community no-export [SwitchA-route-policy-comm_policy-0] quit # Apply the routing policy.

  • Page 331: Bgp Route Reflector Configuration Example

    Total number of routes: 0 The output shows that BGP has not learned any route. BGP route reflector configuration example Network requirements As shown in Figure 71, all switches run BGP. Run EBGP between Switch A and Switch B, and run IBGP between Switch C and Switch B, and between Switch C and Switch D.
  • Page 332 [SwitchB-bgp-default-ipv4] peer 193.1.1.1 next-hop-local [SwitchB-bgp-default-ipv4] quit [SwitchB-bgp-default] quit # Configure Switch C. <SwitchC> system-view [SwitchC] bgp 200 [SwitchC-bgp-default] router-id 3.3.3.3 [SwitchC-bgp-default] peer 193.1.1.2 as-number 200 [SwitchC-bgp-default] peer 194.1.1.2 as-number 200 [SwitchC-bgp-default] address-family ipv4 unicast [SwitchC-bgp-default-ipv4] peer 193.1.1.2 enable [SwitchC-bgp-default-ipv4] peer 194.1.1.2 enable [SwitchC-bgp-default-ipv4] quit [SwitchC-bgp-default] quit # Configure Switch D.

  • Page 333: Bgp Confederation Configuration Example

    Total number of routes: 1 BGP local router ID is 4.4.4.4 Status codes: * - valid, > - best, d - dampened, h - history, s - suppressed, S - stale, i - internal, e - external Origin: i - IGP, e - EGP, ? - incomplete Network NextHop LocPrf...
  • Page 334 # Configure Switch A. <SwitchA> system-view [SwitchA] bgp 65001 [SwitchA-bgp-default] router-id 1.1.1.1 [SwitchA-bgp-default] confederation id 200 [SwitchA-bgp-default] confederation peer-as 65002 65003 [SwitchA-bgp-default] peer 10.1.1.2 as-number 65002 [SwitchA-bgp-default] peer 10.1.2.2 as-number 65003 [SwitchA-bgp-default] address-family ipv4 unicast [SwitchA-bgp-default-ipv4] peer 10.1.1.2 enable [SwitchA-bgp-default-ipv4] peer 10.1.2.2 enable [SwitchA-bgp-default-ipv4] peer 10.1.1.2 next-hop-local [SwitchA-bgp-default-ipv4] peer 10.1.2.2 next-hop-local [SwitchA-bgp-default-ipv4] quit...
  • Page 335 [SwitchA-bgp-default] quit # Configure Switch D. <SwitchD> system-view [SwitchD] bgp 65001 [SwitchD-bgp-default] router-id 4.4.4.4 [SwitchD-bgp-default] confederation id 200 [SwitchD-bgp-default] peer 10.1.3.1 as-number 65001 [SwitchD-bgp-default] peer 10.1.5.2 as-number 65001 [SwitchD-bgp-default] address-family ipv4 unicast [SwitchD-bgp-default-ipv4] peer 10.1.3.1 enable [SwitchD-bgp-default-ipv4] peer 10.1.5.2 enable [SwitchD-bgp-default-ipv4] quit [SwitchD-bgp-default] quit # Configure Switch E.
  • Page 336 Total number of routes: 1 BGP local router ID is 2.2.2.2 Status codes: * - valid, > - best, d - dampened, h - history, s - suppressed, S - stale, i - internal, e - external Origin: i - IGP, e - EGP, ? - incomplete Network NextHop LocPrf...

  • Page 337: Bgp Path Selection Configuration Example

    Paths: 1 available, 1 best BGP routing table information of 9.1.1.0/24: From : 10.1.3.1 (1.1.1.1) Rely nexthop : 10.1.3.1 Original nexthop: 10.1.3.1 OutLabel : NULL AS-path : 100 Origin : igp Attribute value : MED 0, localpref 100, pref-val 0, pre 255 State : valid, internal-confed, best IP precedence...
  • Page 338 Device Interface IP address Device Interface IP address Vlan-int200 193.1.1.1/24 Switch C Vlan-int400 195.1.1.2/24 Switch B Vlan-int100 192.1.1.2/24 Vlan-int200 193.1.1.2/24 Vlan-int300 194.1.1.2/24 Configuration procedure Configure IP addresses for interfaces. (Details not shown.) Configure OSPF on Switch B, Switch C, and Switch D: # Configure Switch B.
  • Page 339 [SwitchB] bgp 200 [SwitchB-bgp-default] peer 192.1.1.1 as-number 100 [SwitchB-bgp-default] peer 194.1.1.1 as-number 200 [SwitchB-bgp-default] address-family ipv4 unicast [SwitchB-bgp-default-ipv4] peer 192.1.1.1 enable [SwitchB-bgp-default-ipv4] peer 194.1.1.1 enable [SwitchB-bgp-default-ipv4] quit [SwitchB-bgp-default] quit # Configure Switch C. [SwitchC] bgp 200 [SwitchC-bgp-default] peer 193.1.1.1 as-number 100 [SwitchC-bgp-default] peer 195.1.1.1 as-number 200 [SwitchC-bgp-default] address-family ipv4 unicast [SwitchC-bgp-default-ipv4] peer 193.1.1.1 enable...

  • Page 340: Bgp Gr Configuration Example

    BGP local router ID is 195.1.1.1 Status codes: * - valid, > - best, d - dampened, h - history, s - suppressed, S - stale, i - internal, e - external Origin: i - IGP, e - EGP, ? - incomplete Network NextHop LocPrf...

  • Page 341: Bfd For Bgp Configuration Example

    [SwitchB] bgp 65009 [SwitchB-bgp-default] router-id 2.2.2.2 [SwitchB-bgp-default] peer 200.1.1.2 as-number 65008 # Configure the IBGP connection. [SwitchB-bgp-default] peer 9.1.1.2 as-number 65009 # Enable GR capability for BGP. [SwitchB-bgp-default] graceful-restart # Inject networks 200.1.1.0/24 and 9.1.1.0/24 to the BGP routing table. [SwitchB-bgp-default] address-family ipv4 [SwitchB-bgp-default-ipv4] network 200.1.1.0 24 [SwitchB-bgp-default-ipv4] network 9.1.1.0 24...
  • Page 342 Figure 75 Network diagram Switch B Vlan-int100 Vlan-int101 Vlan-int100 Vlan-int101 1.1.1.0/24 AS 100 AS 200 AS 300 Vlan-int200 Vlan-int201 Switch A Switch C Vlan-int200 Vlan-int201 Switch D Table 19 Interface and IP address assignment Device Interface IP address Device Interface IP address Switch A Vlan-int100...
  • Page 343 [SwitchA-route-policy-apply_med_50-10] if-match ip address acl 2000 [SwitchA-route-policy-apply_med_50-10] apply cost 50 [SwitchA-route-policy-apply_med_50-10] quit [SwitchA] route-policy apply_med_100 permit node 10 [SwitchA-route-policy-apply_med_100-10] if-match ip address acl 2000 [SwitchA-route-policy-apply_med_100-10] apply cost 100 [SwitchA-route-policy-apply_med_100-10] quit # Apply routing policy apply_med_50 to routes outgoing to peer 3.0.2.2, and apply routing policy apply_med_100 to routes outgoing to peer 2.0.2.2.
  • Page 344 Diag Info: No Diagnostic The output shows that a BFD session has been established between Switch A and Switch C. # Display BGP peer information on Switch C. <SwitchC> display bgp peer ipv4 BGP local router ID: 3.3.3.3 Local AS number: 200 Total number of peers: 2 Peers in established state: 2 * - Dynamically created peer...

  • Page 345: Bgp Frr Configuration Example

    Protocol: BGP Process ID: 0 SubProtID: 0x1 Age: 00h03m08s Cost: 100 Preference: 255 IpPre: N/A QosLocalID: N/A Tag: 0 State: Active Adv OrigTblID: 0x1 OrigVrf: default-vrf TableID: 0x2 OrigAs: 0 NibID: 0x15000000 LastAs: 0 AttrID: 0x0 Neighbor: 2.0.1.1 Flags: 0x10060 OrigNextHop: 2.0.1.1 Label: NULL RealNextHop: 2.0.2.1...
  • Page 346 <SwitchA> system-view [SwitchA] bgp 100 [SwitchA-bgp-default] router-id 1.1.1.1 [SwitchA-bgp-default] peer 10.1.1.2 as-number 200 [SwitchA-bgp-default] peer 30.1.1.3 as-number 200 [SwitchA-bgp-default] address-family ipv4 unicast [SwitchA-bgp-default-ipv4] peer 10.1.1.2 enable [SwitchA-bgp-default-ipv4] peer 30.1.1.3 enable [SwitchA-bgp-default-ipv4] network 1.1.1.1 32 # Configure Switch B to establish an EBGP session to Switch A, and an IBGP session to Switch <SwitchB>...
  • Page 347 [SwitchD-bgp-default-ipv4] network 4.4.4.4 32 Configure preferred values so Link B is used to forward traffic between Switch A and Switch D: # Configure Switch A to set the preferred value to 100 for routes received from Switch B. [SwitchA-bgp-default-ipv4] peer 10.1.1.2 preferred-value 100 [SwitchA-bgp-default-ipv4] quit [SwitchA-bgp-default] quit # Configure Switch D to set the preferred value to 100 for routes received from Switch B.
  • Page 348 Verifying the configuration # Display detailed information about the route to 4.4.4.4/32 on Switch A. The output shows the backup next hop for the route. [SwitchA] display ip routing-table 4.4.4.4 32 verbose Summary count : 1 Destination: 4.4.4.4/32 Protocol: BGP Process ID: 0 SubProtID: 0x2 Age: 00h01m52s...

  • Page 349: Multicast Bgp Configuration Example

    Multicast BGP configuration example Network requirements As shown in Figure 77, OSPF runs within AS 100 and AS 200 to ensure intra-AS connectivity. MBGP runs between the two ASs to exchange IPv4 unicast routes used for RPF check. • Configure the Loopback 0 interface of Switch A and Switch B as the C-BSR and C-RP. •...
  • Page 350 [SwitchA-mrib] quit [SwitchA] interface vlan-interface 100 [SwitchA-Vlan-interface100] pim sm [SwitchA-Vlan-interface100] quit [SwitchA] interface vlan-interface 101 [SwitchA-Vlan-interface101] pim sm [SwitchA-Vlan-interface101] quit # Configure Switch B and Switch D in the same way that Switch A was configured. # On Switch C, enable multicast routing globally. <SwitchC>...
  • Page 351 [SwitchB-pim] c-rp 2.2.2.2 [SwitchB-pim] quit Configure BGP to establish BGP IPv4 multicast peers and redistribute routes: # On Switch A, establish an EBGP session to Switch B. [SwitchA] bgp 100 [SwitchA-bgp-default] router-id 1.1.1.1 [SwitchA-bgp-default] peer 192.168.1.2 as-number 200 # Enable exchange of IPv4 unicast routes used for RPF check with Switch B. [SwitchA-bgp-default] address-family ipv4 multicast [SwitchA-bgp-default-mul-ipv4] peer 192.168.1.2 enable # Redistribute direct routes into BGP.

  • Page 352: Dynamic Bgp Peer Configuration Example

    Configured Established Listen Connect Shutdown Disabled Peer address State Up/Down time SA count Reset count 192.168.1.1 Established 00:07:17 Dynamic BGP peer configuration example Network requirements As shown in Figure 78, Switch A needs to establish IBGP peer relationships with Switch B, Switch C, and Switch D in network 10.1.0.0/16.
  • Page 353 [SwitchB-bgp-default] address-family ipv4 [SwitchB-bgp-default-ipv4] peer 10.1.1.1 enable # Configure Switch C to establish an IBGP peer relationship with Switch A. <SwitchC> system-view [SwitchC] bgp 200 [SwitchC-bgp-default] router-id 3.3.3.3 [SwitchC-bgp-default] peer 10.1.2.1 as-number 200 [SwitchC-bgp-default] address-family ipv4 [SwitchC-bgp-default-ipv4] peer 10.1.2.1 enable # Configure Switch D to establish an IBGP peer relationship with Switch A.

  • Page 354: Bgp Ls Configuration Example

    Network NextHop LocPrf PrefVal Path/Ogn * i 9.1.1.0/24 10.1.2.2 BGP LS configuration example Network requirements As shown in Figure 79, all switches run BGP. Run IBGP between Switch A and Switch B, between Switch B and Switch C, and between Switch B and Switch D. Configure Switch B as a route reflector with client Switch A to allow Switch A to learn LS information advertised by Switch C and Switch D.
  • Page 355 <SwitchC> system-view [SwitchC] bgp 100 [SwitchC-bgp-default] peer 193.1.1.2 as-number 100 [SwitchC-bgp-default] address-family link-state [SwitchC-bgp-default-ls] peer 193.1.1.2 enable [SwitchC-bgp-default-ls] quit [SwitchC-bgp-default] quit [SwitchC] ospf [SwitchC-ospf-1] distribute bgp-ls [SwitchC-ospf-1] area 0 [SwitchC-ospf-1-area-0.0.0.0] network 0.0.0.0 0.0.0.0 [SwitchC-ospf-1-area-0.0.0.0] quit [SwitchC-ospf-1] quit # Configure Switch D. <SwitchD>...

  • Page 356: Ipv6 Bgp Configuration Examples

    i if-address, n nbr-address, o OSPF Route-type, p IP-prefix d designated Switch address i Network : [V][O][I0x0][N[c100][b193.1.1.1][a0.0.0.0][r193.1.1.1]]/376 NextHop : 193.1.1.1 LocPrf : 100 PrefVal : 0 OutLabel : NULL Path/Ogn: i i Network : [V][O][I0x0][N[c100][b194.1.1.1][a0.0.0.0][r194.1.1.1]]/376 NextHop : 194.1.1.1 LocPrf : 100 PrefVal : 0 OutLabel : NULL...
  • Page 357 Configure IBGP: # Configure Switch B. <SwitchB> system-view [SwitchB] bgp 65009 [SwitchB-bgp-default] router-id 2.2.2.2 [SwitchB-bgp-default] peer 9::2 as-number 65009 [SwitchB-bgp-default] address-family ipv6 [SwitchB-bgp-default-ipv6] peer 9::2 enable [SwitchB-bgp-default-ipv6] quit # Configure Switch C. <SwitchC> system-view [SwitchC] bgp 65009 [SwitchC-bgp-default] router-id 3.3.3.3 [SwitchC-bgp-default] peer 9::1 as-number 65009 [SwitchC-bgp-default] address-family ipv6 [SwitchC-bgp-default-ipv6] peer 9::1 enable...
  • Page 358 BGP local router ID: 2.2.2.2 Local AS number: 65009 Total number of peers: 2 Peers in established state: 2 * - Dynamically created peer Peer MsgRcvd MsgSent OutQ PrefRcv Up/Down State 9::2 65009 1 00:29:00 Established 10::2 65008 2 00:27:20 Established The output shows that Switch A and Switch B have established an EBGP connection, and Switch B and Switch C have established an IBGP connection.

  • Page 359: Ipv6 Bgp Route Reflector Configuration Example

    Total number of routes: 4 BGP local router ID is 3.3.3.3 Status codes: * - valid, > - best, d - dampened, h - history, s - suppressed, S - stale, i - internal, e - external Origin: i - IGP, e - EGP, ? - incomplete * >...
  • Page 360 Figure 81 Network diagram Loop0 AS 200 Loop0 3.3.3.3/32 1.1.1.1/32 Vlan-int10 1::1/64 Vlan-int102 Vlan-int101 Vlan-int100 102::1/96 101::1/96 100::1/96 Switch C Switch A Loop0 Loop0 2.2.2.2/32 4.4.4.4/32 Vlan-int101 Vlan-int102 Vlan-int100 101::2/96 102::2/96 AS 100 100::2/96 Switch B Switch D Configuration procedure Configure IPv6 addresses for interfaces and IPv4 addresses for loopback interfaces.
  • Page 361 [SwitchC-bgp-default] address-family ipv6 [SwitchC-bgp-default-ipv6] peer 101::2 enable [SwitchC-bgp-default-ipv6] peer 102::2 enable [SwitchC-bgp-default-ipv6] network 101:: 96 [SwitchC-bgp-default-ipv6] network 102:: 96 # Configure Switch D. <SwitchD> system-view [SwitchD] bgp 200 [SwitchD-bgp-default] router-id 4.4.4.4 [SwitchD-bgp-default] peer 102::1 as-number 200 [SwitchD-bgp-default] address-family ipv6 [SwitchD-bgp-default-ipv6] peer 102::1 enable [SwitchD-bgp-default-ipv6] network 102:: 96 Configure Switch C as a route reflector, and configure Switch B and Switch D as its clients.

  • Page 362: 6Pe Configuration Example

    NextHop : :: LocPrf PrefVal : 32768 OutLabel : NULL Path/Ogn: i i Network : 102:: PrefixLen : 96 NextHop : 102::1 LocPrf : 100 PrefVal : 0 OutLabel : NULL Path/Ogn: i The output shows that Switch D has learned the network 1::/64 from Switch C through route reflection.
  • Page 363 [PE1] interface vlan-interface 30 [PE1-Vlan-interface30] mpls enable [PE1-Vlan-interface30] mpls ldp enable [PE1-Vlan-interface30] quit # Configure IBGP, enable the peer's 6PE capabilities, and redistribute IPv6 direct and static routes. [PE1] bgp 65100 [PE1-bgp-default] router-id 2.2.2.2 [PE1-bgp-default] peer 3.3.3.3 as-number 65100 [PE1-bgp-default] peer 3.3.3.3 connect-interface loopback 0 [PE1-bgp-default] address-family ipv6 [PE1-bgp-default-ipv6] import-route direct [PE1-bgp-default-ipv6] import-route static...
  • Page 364 [PE2-bgp-default-ipv6] peer 2.2.2.2 label-route-capability [PE2-bgp-default-ipv6] quit [PE2-bgp-default] quit # Configure the static route to CE 2. [PE2] ipv6 route-static 4::4 128 20::1 # Configure OSPF for the ISP. [PE2] ospf [PE2-ospf-1] area 0 [PE2-ospf-1-area-0.0.0.0] network 3.3.3.3 0.0.0.0 [PE2-ospf-1-area-0.0.0.0] network 1.1.0.0 0.0.255.255 [PE2-ospf-1-area-0.0.0.0] quit [PE2-ospf-1] quit Configure a static route on CE 1, with PE 1 as the default next hop.

  • Page 365: Bfd For Ipv6 Bgp Configuration Example

    * > Network : 10::2 PrefixLen : 128 NextHop : ::1 LocPrf PrefVal : 32768 OutLabel : NULL Path/Ogn: ? * >i Network : 20:: PrefixLen : 64 NextHop : ::FFFF:3.3.3.3 LocPrf : 100 PrefVal : 0 OutLabel : 1278 Path/Ogn: ? # Verify that CE 1 can ping the IPv6 address 4::4 (loopback interface address) of CE 2.
  • Page 366 Device Interface IP address Device Interface IP address Vlan-int101 3001::2/64 Vlan-int201 2001::2/64 Configuration procedure Configure IPv6 addresses for interfaces. (Details not shown.) Configure OSPFv3 so that Switch A and Switch C can reach each other. (Details not shown.) Configure IPv6 BGP on Switch A: # Establish two IBGP connections to Switch C.
  • Page 367 [SwitchC-bgp-default] peer 2000::1 as-number 200 [SwitchC-bgp-default] address-family ipv6 [SwitchC-bgp-default-ipv6] peer 3000::1 enable [SwitchC-bgp-default-ipv6] peer 2000::1 enable [SwitchC-bgp-default-ipv6] quit # Enable BFD for peer 3001::1. [SwitchC-bgp-default] peer 3000::1 bfd [SwitchC-bgp-default] quit [SwitchC] quit Verifying the configuration # Display detailed BFD session information on Switch C. <SwitchC>...

  • Page 368: Ipsec For Ipv6 Bgp Packets Configuration Example

    Destination: 1200::/64 Protocol: BGP4+ Process ID: 0 SubProtID: 0x1 Age: 00h01m07s Cost: 50 Preference: 255 IpPre: N/A QosLocalID: N/A Tag: 0 State: Active Adv OrigTblID: 0x1 OrigVrf: default-vrf TableID: 0xa OrigAs: 0 NibID: 0x25000001 LastAs: 0 AttrID: 0x1 Neighbor: 3000::1 Flags: 0x10060 OrigNextHop: 3000::1 Label: NULL...
  • Page 369 Figure 84 Network diagram AS 65008 AS 65009 Vlan-int100 Vlan-int200 1::1/64 3::1/64 Vlan-int100 Vlan-int200 1::2/64 3::2/64 Switch C Switch B Switch A Configuration procedure Configure IPv6 addresses for interfaces. (Details not shown.) Establish an IBGP connection between Switch A and Switch B: # Configure Switch A.
  • Page 370 [SwitchB-bgp-default-ipv6] quit [SwitchB-bgp-default] quit Configure IPsec transform sets and IPsec profiles: # On Switch A, create an IPsec transform set named tran1. [SwitchA] ipsec transform-set tran1 # Set the encapsulation mode to transport mode. [SwitchA-ipsec-transform-set-tran1] encapsulation-mode transport # Set the security protocol to ESP, the encryption algorithm to DES, and authentication algorithm to SHA1.
  • Page 371 # Set the security protocol to ESP, the encryption algorithm to DES, and authentication algorithm to SHA1. [SwitchB-ipsec-transform-set-tran2] esp encryption-algorithm des [SwitchB-ipsec-transform-set-tran2] esp authentication-algorithm sha1 [SwitchB-ipsec-transform-set-tran2] quit # Create IPsec profile named policy002, and specify the manual mode for it. [SwitchB] ipsec profile policy002 manual # Use IPsec transform set tran2.
  • Page 372 [SwitchC] bgp 65009 [SwitchC-bgp-default] peer ebgp ipsec-profile policy002 [SwitchC-bgp-default] quit # Configure Switch B. [SwitchB] bgp 65008 [SwitchB-bgp-default] peer ebgp ipsec-profile policy002 [SwitchB-bgp-default] quit Verifying the configuration # Display detailed information about IPv6 BGP peers on Switch B. [SwitchB] display bgp peer ipv6 verbose Peer: 1::1 Local: 2.2.2.2 Type: IBGP link...

  • Page 373: Ipv6 Bgp Frr Configuration Example

    Maximum allowed prefix number: 4294967295 Threshold: 75% Minimum time between advertisements is 15 seconds Optional capabilities: Multi-protocol extended capability has been enabled Route refresh capability has been enabled Peer preferred value: 0 IPsec profile name: policy001 Routing policy configured: No routing policy is configured Peer: 3::2 Local: 2.2.2.2 Type: EBGP link...
  • Page 374 Figure 85 Network diagram Loop0 2.2.2.2/32 Vlan-int100 Vlan-int101 AS 200 3001::2/64 3002::1/64 Switch B Vlan-int100 Vlan-int101 3001::1/64 3002::2/64 Switch A Switch D Link B Vlan-int201 Vlan-int200 AS 100 Link A 2002::2/64 2001::1/64 Switch C Vlan-int200 Vlan-int201 2001::2/64 2002::1/64 Loop0 3.3.3.3/32 Configuration procedure Configure IPv6 addresses for interfaces.
  • Page 375 # Configure Switch C to establish an EBGP session to Switch A, and an IBGP session to Switch <SwitchC> system-view [SwitchC] bgp 200 [SwitchC] router-id 3.3.3.3 [SwitchC-bgp-default] peer 2001::1 as-number 100 [SwitchC-bgp-default] peer 2002::2 as-number 200 [SwitchC-bgp-default] address-family ipv6 unicast [SwitchC-bgp-default-ipv6] peer 2001::1 enable [SwitchC-bgp-default-ipv6] peer 2002::2 enable [SwitchC-bgp-default-ipv6] peer 2002::2 next-hop-local...
  • Page 376 [SwitchA-bgp-default] quit # On Switch D, create routing policy frr to set a backup next hop 2002::1 (Switch C) for the route destined for 1::/64. <SwitchD> system-view [SwitchD] ipv6 prefix-list abc index 10 permit 1:: 64 [SwitchD] route-policy frr permit node 10 [SwitchD-route-policy] if-match ipv6 address prefix-list abc [SwitchD-route-policy] apply ipv6 fast-reroute backup-nexthop 2002::1 [SwitchD-route-policy] quit...

  • Page 377: Ipv6 Multicast Bgp Configuration Example

    IpPre: N/A QosLocalID: N/A Tag: 0 State: Active Adv OrigTblID: 0x0 OrigVrf: default-vrf TableID: 0xa OrigAs: 100 NibID: 0x25000003 LastAs: 100 AttrID: 0x4 Neighbor: 3002::1 Flags: 0x10060 OrigNextHop: 3002::1 Label: NULL RealNextHop: 3002::1 BkLabel: NULL BkNextHop: 2002::1 Tunnel ID: Invalid Interface: Vlan-interface 101 BkTunnel ID: Invalid BkInterface: Vlan-interface 201...
  • Page 378 Device Interface IP address Device Interface IP address Vlan-int104 3001::1/64 Configuration procedure Configure IPv6 addresses for interfaces and configure OSPFv3 (this example uses OSPFv3 process 1) in AS 200 to ensure intra-AS connectivity. (Details not shown.) Enable IPv6 multicast routing, IPv6 PIM-SM, and MLD, and configure BSR boundaries: # On Switch A, enable IPv6 multicast routing globally, and enable IPv6 PIM-SM on interfaces.
  • Page 379 [SwitchA-pim6] anycast-rp 1:1::1 1:1::2 [SwitchA-pim6] anycast-rp 1:1::1 2:2::2 [SwitchA-pim6] c-bsr 1:1::1 [SwitchA-pim6] c-rp 1:1::1 [SwitchA-pim6] quit # Configure Switch B. [SwitchB] ipv6 pim [SwitchB-pim6] anycast-rp 1:1::1 1:1::2 [SwitchB-pim6] anycast-rp 1:1::1 2:2::2 [SwitchB-pim6] c-bsr 1:1::1 [SwitchB-pim6] c-rp 1:1::1 [SwitchB-pim6] quit Configure BGP to establish BGP IPv6 multicast peers and redistribute routes: # On Switch A, establish an EBGP session to Switch B.

  • Page 380: Troubleshooting Bgp

    [SwitchB-bgp-default] quit Verifying the configuration # Verify the BGP IPv6 multicast peer information on Switch B. [SwitchB] display bgp peer ipv6 multicast BGP local router ID : 2.2.2.2 Local AS number : 200 Total number of peers : 3 Peers in established state : 3 Peer MsgRcvd MsgSent...
  • Page 381 g. Use the ping command to verify the connectivity to the peer. h. Use the display tcp verbose or display ipv6 tcp verbose command to verify the TCP connection. i. Verify that no ACL rule is applied to disable TCP port 179. If the problem persists, contact Hewlett Packard Enterprise Support.

  • Page 382: Configuring Pbr

    Configuring PBR Overview Policy-based routing (PBR) uses user-defined policies to route packets. A policy can specify the next hop for packets that match specific criteria such as ACLs. The device forwards received packets using the following process: The device uses PBR to forward matching packets. If the packets do not match the PBR policy or the PBR-based forwarding fails, the device uses the routing table, excluding the default route, to forward the packets.

  • Page 383: Pbr And Track

    Does a packet match Match mode all the if-match clauses Permit Deny on the node? PBR compares the packet with the next PBR compares the packet with the node. next node. A node that has no if-match clauses matches any packet. PBR and Track PBR can work with the Track feature to dynamically adapt the availability status of an apply clause to the link status of a tracked object.

  • Page 384: Configuring Actions For A Node

    Step Command Remarks node-number By default, no ACL match criterion is set. if-match acl { acl-number | name Set an ACL match criterion. acl-name } The ACL match criterion cannot match Layer 2 information. NOTE: If an ACL match criterion is defined, packets are compared with the ACL rule. The permit or deny action and the time range of the specified ACL are ignored.

  • Page 385: Specifying A Policy For Interface Pbr

    Specifying a policy for interface PBR You can specify only one policy for interface PBR and must make sure the specified policy already exists. Before you can apply a new policy to an interface, you must first remove the current policy from the interface.
  • Page 386 Figure 87 Network diagram Switch B Vlan-int10 Vlan-int10 Switch A 1.1.2.1/24 1.1.2.2/24 Vlan-int20 Vlan-int20 1.1.3.1/24 1.1.3.2/24 Switch C Configuration procedure Configure Switch A: # Create VLAN 10 and VLAN 20. <SwitchA> system-view [SwitchA] vlan 10 [SwitchA-vlan10] quit [SwitchA] vlan 20 [SwitchA-vlan20] quit # Configure the IP addresses of VLAN-interface 10 and VLAN-interface 20.

  • Page 387: Packet Type-Based Interface Pbr Configuration Example

    # Configure the IP address of VLAN-interface 20. [SwitchC] interface vlan-interface 20 [SwitchC-Vlan-interface20] ip address 1.1.3.2 24 Verifying the configuration # Telnet to Switch B on Switch A. The operation succeeds. (Details not shown.) # Telnet to Switch C on Switch A. The operation fails. (Details not shown.) # Ping Switch C from Switch A.
  • Page 388 [SwitchA] vlan 20 [SwitchA-vlan20] quit # Configure the IP addresses of VLAN-interface 10 and VLAN-interface 20. [SwitchA] interface vlan-interface 10 [SwitchA-Vlan-interface10] ip address 1.1.2.1 24 [SwitchA-Vlan-interface10] quit [SwitchA] interface vlan-interface 20 [SwitchA-Vlan-interface20] ip address 1.1.3.1 24 [SwitchA-Vlan-interface20] quit # Configure ACL 3101 to match TCP packets. [SwitchA] acl advanced 3101 [SwitchA-acl-ipv4-adv-3101] rule permit tcp [SwitchA-acl-ipv4-adv-3101] quit...

  • Page 389: Configuring Ipv6 Static Routing

    Configuring IPv6 static routing Static routes are manually configured and cannot adapt to network topology changes. If a fault or a topological change occurs in the network, the network administrator must modify the static routes manually. IPv6 static routing works well in a simple IPv6 network. Configuring an IPv6 static route Before you configure an IPv6 static route, complete the following tasks: •...

  • Page 390: Bidirectional Control Mode

    Bidirectional control mode To use BFD bidirectional control detection between two devices, enable BFD control mode for each device's static route destined to the peer. To configure a static route and enable BFD control mode, use one of the following methods: •...

  • Page 391: Displaying And Maintaining Ipv6 Static Routes

    Step Command Remarks Enter system view. system-view By default, the source address of echo packets is not configured. The source address of echo Configure the packets must be a global source address of bfd echo-source-ipv6 ipv6-address unicast address. echo packets. For more information about this command, see High Availability Command...
  • Page 392 Figure 89 Network diagram Host B 2::2/64 Vlan-int400 2::1/64 Vlan-int200 Vlan-int300 4::2/64 5::2/64 Switch B Vlan-int200 Vlan-int300 4::1/64 5::1/64 Vlan-int100 Vlan-int500 1::1/64 3::1/64 Switch C Host C Switch A Host A 3::2/64 1::2/64 Configuration procedure Configure the IPv6 addresses for all VLAN interfaces. (Details not shown.) Configure IPv6 static routes: # Configure a default IPv6 static route on Switch A.

  • Page 393: Bfd For Ipv6 Static Routes Configuration Example (Direct Next Hop)

    Summary Count : 2 Static Routing table Status : <Active> Summary Count : 2 Destination: 1::/64 Protocol : Static NextHop : 4::1 Preference: 60 Interface : Vlan-interface200 Cost Destination: 3::/64 Protocol : Static NextHop : 5::1 Preference: 60 Interface : Vlan-interface300 Cost Static Routing table Status : <Inactive>...
  • Page 394 Figure 90 Network diagram 121::/64 120::/64 Switch A L2 Switch Switch B Vlan-int10 Vlan-int10 Vlan-int11 Vlan-int13 Vlan-int11 Vlan-int13 Switch C Table 23 Interface and IP address assignment Device Interface IPv6 address Switch A Vlan-int10 12::1/64 Switch A Vlan-int11 10::102/64 Switch B Vlan-int10 12::2/64 Switch B...
  • Page 395 <SwitchC> system-view [SwitchC] ipv6 route-static 120:: 64 13::1 [SwitchC] ipv6 route-static 121:: 64 10::102 Verifying the configuration # Display the BFD sessions on Switch A. <SwitchA> display bfd session Total Session Num: 1 Up Session Num: 1 Init Mode: Active IPv6 Session Working Under Ctrl Mode: Local Discr: 513 Remote Discr: 33...

  • Page 396: Bfd For Ipv6 Static Routes Configuration Example (Indirect Next Hop)

    The output shows that Switch A communicates with Switch B through VLAN-interface 11. BFD for IPv6 static routes configuration example (indirect next hop) Network requirements As shown in Figure • Switch A has a route to interface Loopback 1 (2::9/128) on Switch B, and the output interface is VLAN-interface 10.
  • Page 397 Device Interface IPv6 address Switch D Vlan-int10 12::2/64 Switch D Vlan-int12 11::1/64 Configuration procedure Configure IPv6 addresses for interfaces. (Details not shown.) Configure IPv6 static routes and BFD: # Configure IPv6 static routes on Switch A and enable BFD control packet mode for the IPv6 static route that traverses Switch D.
  • Page 398 Destination IP: 2::9 Session State: Up Interface: N/A Hold Time: 2012ms The output shows that the BFD session has been created. # Display the IPv6 static routes on Switch A. <SwitchA> display ipv6 routing-table protocol static Summary Count : 1 Static Routing table Status : <Active>...

  • Page 399: Configuring An Ipv6 Default Route

    Configuring an IPv6 default route A default IPv6 route is used to forward packets that match no entry in the routing table. A default IPv6 route can be configured in either of the following ways: • The network administrator can configure a default route with a destination prefix of ::/0. For more information, see "Configuring IPv6 static routing."...

  • Page 400: Configuring Ripng

    Configuring RIPng Overview RIP next generation (RIPng) is an extension of RIP-2 for support of IPv6. Most RIP concepts are applicable to RIPng. RIPng is a distance vector routing protocol. It employs UDP to exchange route information through port 521. RIPng uses a hop count to measure the distance to a destination. The hop count is the metric or cost.

  • Page 401: Protocols And Standards

    A response packet that fails the check is discarded. Protocols and standards • RFC 2080, RIPng for IPv6 • RFC 2081, RIPng Protocol Applicability Statement RIPng configuration task list Tasks at a glance (Required.) Configuring basic RIPng (Optional.) Configuring RIPng route control: •...

  • Page 402: Configuring Ripng Route Control

    Step Command Remarks interface. If RIPng is not enabled on an interface, the interface does not send or receive any RIPng route. Configuring RIPng route control Before you configure RIPng, complete the following tasks: • Configure IPv6 addresses for interfaces to ensure IPv6 connectivity between neighboring nodes.

  • Page 403: Advertising A Default Route

    Step Command Remarks By default, the Advertise a summary IPv6 ripng summary-address ipv6-address summary IPv6 prefix prefix. prefix-length is not configured. Advertising a default route You can configure RIPng to advertise a default route with the specified cost to its neighbors. To configure RIPng to advertise a default route: Step Command...

  • Page 404: Configuring Ripng Route Redistribution

    Step Command Remarks Enter system view. system-view ripng [ process-id ] Enter RIPng view. [ vpn-instance vpn-instance-name ] preference { preference | By default, the preference of Set a preference for RIPng. route-policy route-policy-name } RIPng is 100. Configuring RIPng route redistribution Step Command Remarks...

  • Page 405: Configuring Split Horizon And Poison Reverse

    Step Command Remarks garbage-collect-value | • The update timer is 30 seconds. suppress suppress-value | • The timeout timer is 180 seconds. timeout timeout-value | update • The suppress timer is 120 seconds. update-value } * • The garbage-collect timer is 120 seconds.

  • Page 406: Setting The Maximum Number Of Ecmp Routes

    Step Command Remarks ripng [ process-id ] Enter RIPng view. [ vpn-instance vpn-instance-name ] By default, zero field check is Enable the zero field check enabled for incoming RIPng checkzero on incoming RIPng packets. packets. Setting the maximum number of ECMP routes Step Command Remarks...

  • Page 407: Setting The Interval For Sending Triggered Updates

    Setting the interval for sending triggered updates Perform this task to avoid network overhead and reduce system resource consumption caused by frequent RIPng triggered updates. You can use the timer triggered command to set the maximum interval, minimum interval, and incremental interval for sending RIPng triggered updates.

  • Page 408: Configuring Ripng Nsr

    Step Command Remarks vpn-instance-name ] Enable the GR capability for By default, RIPng GR is disabled. graceful-restart RIPng. (Optional.) Set the GR By default, the GR interval is 60 graceful-restart interval interval interval. seconds. Configuring RIPng NSR Nonstop routing (NSR) backs up RIPng routing information from the active process to the standby process.

  • Page 409: Configuration Restrictions And Guidelines

    RIPng calculates the shortest path based on the new network topology. Then, the device forwards packets over that path after network convergence. Configuration restrictions and guidelines • RIPng FRR is available only when the state of the primary link (with Layer 3 interfaces staying up) changes from bidirectional to unidirectional or down.

  • Page 410: Applying An Ipsec Profile

    Applying an IPsec profile To protect routing information and prevent attacks, RIPng supports using an IPsec profile to authenticate protocol packets. For more information about IPsec profiles, see Security Configuration Guide. Outbound RIPng packets carry the Security Parameter Index (SPI) defined in the relevant IPsec profile.

  • Page 411: Ripng Configuration Examples

    Task Command Display the routing information for a RIPng display ripng process-id route [ ipv6-address prefix-length process. [ verbose ] | peer ipv6-address | statistics ] Restart a RIPng process. reset ripng process-id process Clear statistics for a RIPng process. reset ripng process-id statistics RIPng configuration examples Basic RIPng configuration example...
  • Page 412 [SwitchC] ripng 1 [SwitchC-ripng-1] quit [SwitchC] interface vlan-interface 200 [SwitchC-Vlan-interface200] ripng 1 enable [SwitchC-Vlan-interface200] quit [SwitchC] interface vlan-interface 500 [SwitchC-Vlan-interface500] ripng 1 enable [SwitchC-Vlan-interface500] quit [SwitchC] interface vlan-interface 600 [SwitchC-Vlan-interface600] ripng 1 enable [SwitchC-Vlan-interface600] quit # Display the RIPng routing table on Switch B. [SwitchB] display ripng 1 route Route Flags: A - Aging, S - Suppressed, G - Garbage-collect, D –...

  • Page 413: Ripng Route Redistribution Configuration Example

    Configure route filtering: # Use IPv6 prefix lists on Switch B to filter received and redistributed routes. [SwitchB] ipv6 prefix-list aaa permit 4:: 64 [SwitchB] ipv6 prefix-list bbb deny 2:: 64 [SwitchB] ipv6 prefix-list bbb permit :: 0 less-equal 128 [SwitchB] ripng 1 [SwitchB-ripng-1] filter-policy prefix-list aaa export [SwitchB-ripng-1] filter-policy prefix-list bbb import...
  • Page 414 Figure 94 Network diagram RIPng 100 RIPng 200 Vlan-int400 Vlan-int200 Vlan-int100 Vlan-int300 4::1/64 2::1/64 1::1/64 3::1/64 Vlan-int300 Vlan-int100 3::2/64 1::2/64 Switch C Switch B Switch A Configuration procedure Configure IPv6 addresses for interfaces. (Details not shown.) Configure basic RIPng: # Enable RIPng 100 on Switch A. <SwitchA>...
  • Page 415 Destination: ::1/128 Protocol : Direct NextHop : ::1 Preference: 0 Interface : InLoop0 Cost Destination: 1::/64 Protocol : Direct NextHop : 1::1 Preference: 0 Interface : Vlan100 Cost Destination: 1::1/128 Protocol : Direct NextHop : ::1 Preference: 0 Interface : InLoop0 Cost Destination: 2::/64 Protocol...

  • Page 416: Ripng Gr Configuration Example

    Destination: 1::1/128 Protocol : Direct NextHop : ::1 Preference: 0 Interface : InLoop0 Cost Destination: 2::/64 Protocol : Direct NextHop : 2::1 Preference: 0 Interface : Vlan200 Cost Destination: 2::1/128 Protocol : Direct NextHop : ::1 Preference: 0 Interface : InLoop0 Cost Destination: 4::/64 Protocol...

  • Page 417: Ripng Nsr Configuration Example

    Dynamic route update can be implemented among them with RIPng.  Enable RIPng GR on Switch A. <SwitchA> system-view [SwitchA] ripng 1 [SwitchA-ripng-1] graceful-restart Verifying the configuration # Restart RIPng process 1 on Switch A. [SwitchA-ripng-1] return <SwitchA> reset ripng 1 process Reset RIPng process? [Y/N]:y # Display GR information on Switch A.
  • Page 418 Program Current location New location --------------------------------------------------------------------- slsp rib6 routepolicy staticroute6 staticroute ospf Continue? [y/n]:y Re-optimization of the placement start. You will be notified on completion Re-optimization of the placement complete. Use 'display placement' to view the new placement # During the switchover period, display RIPng neighbors on Switch A to verify the neighbor relationship between Switch A and Switch S.

  • Page 419: Configuring Ripng Frr

    Route Flags: A - Aging, S - Suppressed, G - Garbage-collect, D - Direct O - Optimal, F - Flush to RIB ---------------------------------------------------------------- Peer FE80::20C:29FF:FECE:6277 on Vlan-interface200 Destination 2002::2/128, via FE80::20C:29FF:FECE:6277, cost 2, tag 0, AOF, 24 secs Destination 1200:1::/64, via FE80::20C:29FF:FECE:6277, cost 1, tag 0, AOF, 24 secs Local route Destination 4004::4/128,...
  • Page 420 Configure RIPng on the switches to make sure Switch A, Switch B, and Switch C can communicate with each other at Layer 3. (Details not shown.) Configure RIPng FRR: # Configure Switch A. <SwitchA> system-view [SwitchA] ipv6 prefix-list abc index 10 permit 20:: 128 [SwitchA] route-policy frr permit node 10 [SwitchA-route-policy-frr-10] if-match ipv6 address prefix-list abc [SwitchA-route-policy-frr-10] apply ipv6 fast-reroute backup-interface...

  • Page 421: Ripng Ipsec Profile Configuration Example

    Connector: N/A # Display the route 10::1/128 on Switch B to view the backup next hop information. [SwitchB] display ipv6 routing-table 10::1 128 verbose Summary count : 1 Destination: 10::1/128 Protocol: RIPng Process ID: 1 SubProtID: 0x0 Age: 00h22m34s Cost: 1 Preference: 100 IpPre: N/A QosLocalID: N/A...
  • Page 422 <SwitchB> system-view [SwitchB] ripng 1 [SwitchB-ripng-1] quit [SwitchB] interface vlan-interface 200 [SwitchB-Vlan-interface200] ripng 1 enable [SwitchB-Vlan-interface200] quit [SwitchB] interface vlan-interface 100 [SwitchB-Vlan-interface100] ripng 1 enable [SwitchB-Vlan-interface100] quit # Configure Switch C. <SwitchC> system-view [SwitchC] ripng 1 [SwitchC-ripng-1] quit [SwitchC] interface vlan-interface 200 [SwitchC-Vlan-interface200] ripng 1 enable [SwitchC-Vlan-interface200] quit Configure RIPng IPsec profiles:...
  • Page 423 [SwitchB] ipsec profile profile001 manual # Reference IPsec transform set protrf1. [SwitchB-ipsec-profile-profile001-manual] transform-set protrf1 # Configure the inbound and outbound SPIs for ESP. [SwitchB-ipsec-profile-profile001-manual] sa spi inbound esp 256 [SwitchB-ipsec-profile-profile001-manual] sa spi outbound esp 256 # Configure the inbound and outbound SA keys for ESP. [SwitchB-ipsec-profile-profile001-manual] sa string-key inbound esp simple abc [SwitchB-ipsec-profile-profile001-manual] sa string-key outbound esp simple abc [SwitchB-ipsec-profile-profile001-manual] quit...

  • Page 424: Configuring Ospfv3

    Configuring OSPFv3 This chapter describes how to configure RFC 2740-compliant Open Shortest Path First version 3 (OSPFv3) for an IPv6 network. For more information about OSPFv2, see "Configuring OSPF." Overview OSPFv3 and OSPFv2 have the following in common: • 32-bit router ID and area ID. •...

  • Page 425: Protocols And Standards

    • AS External LSA—Type-5 LSA, originated by ASBRs, and flooded throughout the AS, except stub areas and Not-So-Stubby Areas (NSSAs). Each AS External LSA describes a route to another AS. A default route can be described by an AS External LSA. •...

  • Page 426: Enabling Ospfv3

    Tasks at a glance • Disabling interfaces from receiving and sending OSPFv3 packets • Enabling logging for neighbor state changes • Configuring OSPFv3 network management • Setting the LSU transmit rate • Configuring stub routers • Configuring prefix suppression • Setting the maximum number of OSPFv3 logs •...

  • Page 427: Configuring Ospfv3 Area Parameters

    Configuring OSPFv3 area parameters OSPFv3 has the same stub area, NSSA area, and virtual link features as OSPFv2. After you split an OSPFv3 AS into multiple areas, the LSA number is reduced and OSPFv3 applications are extended. To further reduce the size of routing tables and the number of LSAs, configure the non-backbone areas at an AS edge as stub areas.

  • Page 428: Configuring An Ospfv3 Virtual Link

    Step Command Remarks Enter system view. system-view ospfv3 [ process-id | Enter OSPFv3 view. vpn-instance vpn-instance-name ] * Enter OSPFv3 area view. area area-id nssa [ default-route-advertise [ cost cost-value | nssa-only | route-policy route-policy-name | tag tag | type type ] * | Configure the area as an By default, no area is configured as no-import-route | no-summary |...

  • Page 429: Configuration Prerequisites

    • P2P—When the link layer protocol is PPP, LAPB, HDLC, or POS, OSPFv3 considers the network type as P2P by default. Follow these guidelines when you change the network type of an OSPFv3 interface: • An NBMA network must be fully connected. Any two routers in the network must be directly reachable to each other through a virtual circuit.

  • Page 430: Configuring Ospfv3 Route Summarization

    • Enable OSPFv3. Configuring OSPFv3 route summarization Route summarization enables an ABR or ASBR to summarize contiguous networks into a single network and advertise it to other areas. Configuring route summarization on an ABR If contiguous network segments exist in an area, you can summarize them into one network segment on the ABR.

  • Page 431: Configuring Inter-Area-Prefix Lsa Filtering

    Step Command Remarks vpn-instance-name ] * By default, OSPFv3 accepts all filter-policy { ipv6-acl-number [ gateway routes calculated using received prefix-list-name ] | prefix-list LSAs. Configure OSPFv3 to prefix-list-name [ gateway filter routes calculated This command can only filter prefix-list-name ] | gateway using received LSAs.

  • Page 432: Setting The Maximum Number Of Ospfv3 Ecmp Routes

    Step Command Remarks Enter system view. system-view ospfv3 [ process-id | Enter OSPFv3 view. vpn-instance vpn-instance-name ] * Set a bandwidth reference The default setting is 100 Mbps. bandwidth-reference value value. Setting the maximum number of OSPFv3 ECMP routes Perform this task to implement load sharing over ECMP routes. To set the maximum number of ECMP routes: Step Command...
  • Page 433 IMPORTANT: The import-route bgp4+ command redistributes only EBGP routes. Because the import-route bgp4+ allow-ibgp command redistributes both EBGP and IBGP routes, and might cause routing loops, use it with caution. Redistributing routes from another routing protocol Step Command Remarks Enter system view. system-view ospfv3 [ process-id | vpn-instance Enter OSPFv3 view.

  • Page 434: Tuning And Optimizing Ospfv3 Networks

    Step Command Remarks ospfv3 [ process-id | vpn-instance Enter OSPFv3 view. vpn-instance-name ] * Set a tag for redistributed By default, the tag of default tag tag routes. redistributed routes is 1. Tuning and optimizing OSPFv3 networks This section describes configurations of OSPFv3 timers, interface DR priority, and the logging of neighbor state changes.

  • Page 435: Setting Spf Calculation Interval

    Step Command Remarks Enter system view. system-view interface interface-type Enter interface view. interface-number Set the LSA transmission By default, the LSA transmission ospfv3 trans-delay seconds delay. [ instance instance-id ] delay is 1 second. Setting SPF calculation interval LSDB changes result in SPF calculations. When the topology changes frequently, a large amount of network and router resources are occupied by SPF calculation.

  • Page 436: Setting A Dr Priority For An Interface

    Setting a DR priority for an interface The router priority is used for DR election. Interfaces having the priority 0 cannot become a DR or BDR. To configure a DR priority for an interface: Step Command Remarks Enter system view. system-view Enter interface view.

  • Page 437: Enabling Logging For Neighbor State Changes

    Step Command Remarks packets. Enabling logging for neighbor state changes With this feature enabled, the router delivers logs about neighbor state changes to its information center. The information center processes logs according to user-defined output rules (whether to output logs and where to output). For more information about the information center, see Network Management and Monitoring Configuration Guide.

  • Page 438: Setting The Lsu Transmit Rate

    Step Command Remarks virtif-bad-pkt | virtif-cfg-error | virtif-state-change | virtgrhelper-status-change | virtneighbor-state-change ]* ospfv3 [ process-id | vpn-instance Enter OSPFv3 view. vpn-instance-name ] * Configure an SNMP By default, no SNMP context is context for the OSPFv3 configured for the OSPFv3 snmp context-name context-name process.

  • Page 439: Configuring Prefix Suppression

    Step Command Remarks vpn-instance-name ] * • Method 1: stub-router r-bit [ include-stub | on-startup { seconds | wait-for-bgp [ seconds ] } ] * By default, the router is not • Method 2: configured as a stub router. Configure the router as stub-router max-metric a stub router.

  • Page 440: Setting The Maximum Number Of Ospfv3 Logs

    Step Command Remarks Enable prefix ospfv3 prefix-suppression [ disable ] By default, prefix suppression is suppression for the [ instance instance-id ] disabled for an interface. interface. Setting the maximum number of OSPFv3 logs OSPFv3 logs include route calculation logs, neighbor logs, and LSA aging logs. To set the maximum number of OSPFv3 logs: Step Command...

  • Page 441: Configuring Ospfv3 Gr

    Step Command Remarks By default, no authentication is performed for the interface. ospfv3 authentication-mode Specify an authentication keychain keychain-name [ instance For more information about mode for the interface. instance-id ] keychains, see Security Configuration Guide. Configuring OSPFv3 GR GR ensures forwarding continuity when a routing protocol restarts or an active/standby switchover occurs.

  • Page 442: Triggering Ospfv3 Gr

    Step Command Remarks Enter system view. system-view ospfv3 [ process-id | vpn-instance Enter OSPFv3 view. vpn-instance-name ] * Enable the GR By default, the GR helper capability is graceful-restart helper enable helper capability. [ planned-only ] enabled. Enable strict LSA By default, strict LSA checking is graceful-restart helper checking.

  • Page 443: Configuring Bfd For Ospfv3

    Configuring BFD for OSPFv3 Bidirectional forwarding detection (BFD) provides a mechanism to quickly detect the connectivity of links between OSPFv3 neighbors, improving the convergence speed of OSPFv3. For more information about BFD, see High Availability Configuration Guide. After discovering neighbors by sending hello packets, OSPFv3 notifies BFD of the neighbor addresses, and BFD uses these addresses to establish sessions.

  • Page 444: Configuration Prerequisites

    Configuration prerequisites Before you configure OSPFv3 FRR, perform the following tasks: • Configure IPv6 addresses for interfaces to ensure IP connectivity between neighboring nodes. • Enable OSPFv3. • Make sure the backup next hop is reachable. Configuration guidelines Do not use the fast-reroute lfa command together with the vlink-peer command. Configuration procedure Configuring OSPFv3 FRR to calculate a backup next hop using the LFA algorithm Step...

  • Page 445: Applying An Ipsec Profile

    Step Command Remarks Enable OSPFv3 FRR to By default, OSPFv3 FRR is fast-reroute route-policy specify a backup next hop by disabled. route-policy-name using a routing policy. Configuring BFD for OSPFv3 FRR By default, OSPFv3 FRR does not use BFD to detect primary link failures. To speed up OSPFv3 convergence, enable BFD for OSPFv3 FRR to detect primary link failures.
  • Page 446 • To implement virtual link-based IPsec protection, configure the same IPsec profile on the two routers connected over the virtual link. • To implement sham link-based IPsec protection, configure the same IPsec profile on the two routers connected over the sham link. For more information about sham links, see MPLS Configuration Guide.

  • Page 447: Displaying And Maintaining Ospfv3

    Step Command Remarks Enter OSPFv3 area view. area area-id sham-link source-ipv6-address destination-ipv6-address [ cost cost-value | dead dead-interval | hello Apply an IPsec profile to a By default, no IPsec profile is hello-interval | instance instance-id | sham link. applied. ipsec-profile profile-name | keychain keychain-name | retransmit retrans-interval | trans-delay delay ] *...

  • Page 448: Ospfv3 Configuration Examples

    Task Command Restart OSPFv3 route redistribution. reset ospfv3 [ process-id ] redistribution Clear OSPFv3 statistics. reset ospfv3 [ process-id ] statistics Clear OSPFv3 logs. reset ospfv3 [ process-id ] event-log [ lsa-flush | peer | spf ] OSPFv3 configuration examples OSPFv3 stub area configuration example Network requirements As shown in...
  • Page 449 [SwitchB] ospfv3 [SwitchB-ospfv3-1] router-id 2.2.2.2 [SwitchB-ospfv3-1] quit [SwitchB] interface vlan-interface 100 [SwitchB-Vlan-interface100] ospfv3 1 area 0 [SwitchB-Vlan-interface100] quit [SwitchB] interface vlan-interface 200 [SwitchB-Vlan-interface200] ospfv3 1 area 1 [SwitchB-Vlan-interface200] quit # On Switch C, enable OSPFv3 and specify the router ID as 3.3.3.3. <SwitchC>...
  • Page 450 ------------------------------------------------------------------------- Router ID Pri State Dead-Time InstID Interface 2.2.2.2 Full/DR 00:00:40 Vlan100 Area: 0.0.0.2 ------------------------------------------------------------------------- Router ID Pri State Dead-Time InstID Interface 4.4.4.4 Full/BDR 00:00:40 Vlan400 # Display OSPFv3 routing table information on Switch D. [SwitchD] display ospfv3 routing OSPFv3 Process 1 with Router ID 4.4.4.4 ------------------------------------------------------------------------- - Intra area route, E1 - Type 1 external route,...
  • Page 451 # Configure Switch C, and specify the cost of the default route sent to the stub area as 10. [SwitchC] ospfv3 [SwitchC-ospfv3-1] area 2 [SwitchC-ospfv3-1-area-0.0.0.2] stub [SwitchC-ospfv3-1-area-0.0.0.2] default-cost 10 # Display OSPFv3 routing table information on Switch D. [SwitchD] display ospfv3 routing OSPFv3 Process 1 with Router ID 4.4.4.4 ------------------------------------------------------------------------- - Intra area route,...

  • Page 452: Ospfv3 Nssa Area Configuration Example

    Configure Area 2 as a totally stub area: # Configure Area 2 as a totally stub area on Switch C. [SwitchC-ospfv3-1-area-0.0.0.2] stub no-summary # Display OSPFv3 routing table information on Switch D. [SwitchD] display ospfv3 routing OSPFv3 Process 1 with Router ID 4.4.4.4 ------------------------------------------------------------------------- - Intra area route, E1 - Type 1 external route,...
  • Page 453 Figure 101 Network diagram OSPFv3 Switch B Switch C Area 0 Vlan-int100 2001::1/64 Vlan-int100 2001::2/64 Vlan-int400 Vlan-int200 2001:2::1/64 2001:1::1/64 OSPFv3 OSPFv3 Vlan-int400 Vlan-int200 Area 1 2001:2::2/64 2001:1::2/64 Area 2 Vlan-int300 2001:3::1/64 Switch A Switch D Configuration procedure Configure IPv6 addresses for interfaces. (Details not shown.) Configure basic OSPFv3 (see "OSPFv3 stub area configuration example").
  • Page 454 AdvRouter : 1.1.1.1 Area : 0.0.0.1 Preference : 10 *Destination: 2001:2::/64 Type : IA Cost NextHop : FE80::20C:29FF:FE74:59C6 Interface: Vlan200 AdvRouter : 2.2.2.2 Area : 0.0.0.1 Preference : 10 Total: 3 Intra area: 1 Inter area: 2 ASE: 0 NSSA: 0 Configure route redistribution: # Configure an IPv6 static route, and configure OSPFv3 to redistribute the static route on Switch A.

  • Page 455: Ospfv3 Dr Election Configuration Example

    AdvRouter : 2.2.2.2 Area : 0.0.0.2 Preference : 10 Total: 4 Intra area: 1 Inter area: 2 ASE: 1 NSSA: 0 The output shows an AS external route imported from the NSSA area exists on Switch D. OSPFv3 DR election configuration example Network requirements As shown in Figure...
  • Page 456 [SwitchB] interface vlan-interface 200 [SwitchB-Vlan-interface200] ospfv3 1 area 0 [SwitchB-Vlan-interface200] quit # On Switch C, enable OSPFv3 and specify the router ID as 3.3.3.3. <SwitchC> system-view [SwitchC] ospfv3 [SwitchC-ospfv3-1] router-id 3.3.3.3 [SwitchC-ospfv3-1] quit [SwitchC] interface vlan-interface 100 [SwitchC-Vlan-interface100] ospfv3 1 area 0 [SwitchC-Vlan-interface100] quit # On Switch D, enable OSPFv3 and specify the router ID as 4.4.4.4.
  • Page 457 # Set the router priority of VLAN-interface 200 to 0 on Switch B. [SwitchB] interface vlan-interface 200 [SwitchB-Vlan-interface200] ospfv3 dr-priority 0 [SwitchB-Vlan-interface200] quit # Set the router priority of VLAN-interface 100 to 2 on Switch C. [SwitchC] interface Vlan-interface 100 [SwitchC-Vlan-interface100] ospfv3 dr-priority 2 [SwitchC-Vlan-interface100] quit # Display neighbor information on Switch A.

  • Page 458: Ospfv3 Route Redistribution Configuration Example

    OSPFv3 Process 1 with Router ID 4.4.4.4 Area: 0.0.0.0 ------------------------------------------------------------------------- Router ID Pri State Dead-Time InstID Interface 1.1.1.1 100 Full/DR 00:00:30 Vlan100 2.2.2.2 2-Way/DROther 00:00:37 Vlan200 3.3.3.3 Full/BDR 00:00:31 Vlan100 The output shows that Switch A becomes the DR. OSPFv3 route redistribution configuration example Network requirements As shown in Figure...
  • Page 459 [SwitchB] ospfv3 1 [SwitchB-ospfv3-1] router-id 2.2.2.2 [SwitchB-ospfv3-1] quit [SwitchB] interface vlan-interface 100 [SwitchB-Vlan-interface100] ospfv3 1 area 2 [SwitchB-Vlan-interface100] quit [SwitchB] ospfv3 2 [SwitchB-ospfv3-2] router-id 3.3.3.3 [SwitchB-ospfv3-2] quit [SwitchB] interface vlan-interface 300 [SwitchB-Vlan-interface300] ospfv3 2 area 2 [SwitchB-Vlan-interface300] quit # Enable OSPFv3 process 2 on Switch C. <SwitchC>...
  • Page 460 Destination: FE80::/10 Protocol : Direct NextHop : :: Preference: 0 Interface : NULL0 Cost Destination: FF00::/8 Protocol : Direct NextHop : :: Preference: 0 Interface : NULL0 Configure OSPFv3 route redistribution: # Configure OSPFv3 process 2 to redistribute direct routes and the routes from OSPFv3 process 1 on Switch B.

  • Page 461: Ospfv3 Route Summarization Configuration Example

    Destination: FE80::/10 Protocol : Direct NextHop : :: Preference: 0 Interface : NULL0 Cost Destination: FF00::/8 Protocol : Direct NextHop : :: Preference: 0 Interface : NULL0 OSPFv3 route summarization configuration example Network requirements As shown in Figure 104: • Switch A, Switch B, and Switch C are in Area 2.
  • Page 462 [SwitchA-Vlan-interface200] ospfv3 1 area 2 [SwitchA-Vlan-interface200] quit # Enable OSPFv3 process 1 and OSPFv3 process 2 on Switch B. <SwitchB> system-view [SwitchB] ospfv3 1 [SwitchB-ospfv3-1] router-id 2.2.2.2 [SwitchB-ospfv3-1] quit [SwitchB] interface vlan-interface 100 [SwitchB-Vlan-interface100] ospfv3 1 area 2 [SwitchB-Vlan-interface100] quit [SwitchB] ospfv3 2 [SwitchB-ospfv3-2] router-id 3.3.3.3 [SwitchB-ospfv3-2] quit...
  • Page 463 NextHop : FE80::200:CFF:FE01:1C03 Preference: 150 Interface : Vlan300 Cost Destination: 2:1:1::/64 Protocol : O_ASE2 NextHop : FE80::200:CFF:FE01:1C03 Preference: 150 Interface : Vlan300 Cost Destination: 2:1:2::/64 Protocol : O_ASE2 NextHop : FE80::200:CFF:FE01:1C03 Preference: 150 Interface : Vlan300 Cost Destination: 2:1:3::/64 Protocol : O_ASE2 NextHop : FE80::200:CFF:FE01:1C03...

  • Page 464: Ospfv3 Gr Configuration Example

    Destination: ::1/128 Protocol : Direct NextHop : ::1 Preference: 0 Interface : InLoop0 Cost Destination: 1::/64 Protocol : O_ASE2 NextHop : FE80::200:CFF:FE01:1C03 Preference: 150 Interface : Vlan300 Cost Destination: 2::/16 Protocol : O_ASE2 NextHop : FE80::200:CFF:FE01:1C03 Preference: 150 Interface : Vlan300 Cost Destination: 3::/64 Protocol...
  • Page 465 Figure 105 Network diagram Router ID: 1.1.1.1 GR restarter Switch A Vlan-int100 2000::1/24 Vlan-int100 Vlan-int100 2000::2/24 2000::3/24 Switch B Switch C GR helper GR helper Router ID: 3.3.3.3 Router ID: 2.2.2.2 Configuration procedure Configure IPv6 addresses for interfaces. (Details not shown.) Configure basic OSPFv3: # On Switch A, enable OSPFv3 process 1, enable GR, and set the router ID to 1.1.1.1.

  • Page 466: Ospfv3 Nsr Configuration Example

    OSPFv3 NSR configuration example Network requirements As shown in Figure 106, Switch S, Switch A, and Switch B belong to the same AS and OSPFv3 routing domain. Enable OSPFv3 NSR on Switch S to ensure correct routing when an active/standby switchover occurs on Switch S.

  • Page 467: Bfd For Ospfv3 Configuration Example

    Verifying the configuration # Verify the following: • When an active/standby switchover occurs on Switch S, the neighbor relationships and routing information on Switch A and Switch B have not changed. (Details not shown.) • The traffic from Switch A to Switch B has not been impacted. (Details not shown.) BFD for OSPFv3 configuration example Network requirements As shown in...
  • Page 468 [SwitchA-Vlan-interface10] ospfv3 1 area 0 [SwitchA-Vlan-interface10] quit [SwitchA] interface vlan-interface 11 [SwitchA-Vlan-interface11] ospfv3 1 area 0 [SwitchA-Vlan-interface11] quit # On Switch B, enable OSPFv3 and specify the router ID as 2.2.2.2. <SwitchB> system-view [SwitchB] ospfv3 [SwitchB-ospfv3-1] router-id 2.2.2.2 [SwitchB-ospfv3-1] quit [SwitchB] interface vlan-interface 10 [SwitchB-Vlan-interface10] ospfv3 1 area 0 [SwitchB-Vlan-interface10] quit...

  • Page 469: Ospfv3 Frr Configuration Example

    Total Session Num: 1 Init Mode: Active IPv6 Session Working Under Ctrl Mode: Local Discr: 1441 Remote Discr: 1450 Source IP: FE80::20F:FF:FE00:1202 (link-local address of VLAN-interface 10 on Switch A) Destination IP: FE80::20F:FF:FE00:1200 (link-local address of VLAN-interface 10 on Switch B) Session State: Up Interface: Vlan10 Hold Time: 2319ms...
  • Page 470 Table 26 Interface and IP address assignment Device Interface IP address Device Interface IP address Switch A Vlan-int100 1::1/64 Switch B Vlan-int101 3::1/64 Vlan-int200 2::1/64 Vlan-int200 2::2/64 Loop0 10::1/128 Loop0 20::1/128 Switch C Vlan-int100 1::2/64 Vlan-int101 3::2/64 Configuration procedure Configure IPv6 addresses and subnet masks for interfaces on the switches. (Details not shown.) Configure OSPFv3 on the switches to ensure that Switch A, Switch B, and Switch C can communicate with each other at the network layer.
  • Page 471 [SwitchB-route-policy-frr-10] apply ipv6 fast-reroute backup-interface vlan-interface 101 backup-nexthop 3::2/64 [SwitchB-route-policy-frr-10] quit [SwitchB] ospfv3 1 [SwitchB-ospfv3-1] fast-reroute route-policy frr [SwitchB-ospfv3-1] quit Verifying the configuration # Display the route 20::1/128 on Switch A to view the backup next hop information. [SwitchA] display ipv6 routing-table 20::1 128 verbose Summary count : 1 Destination: 20::1/128 Protocol: O_INTRA...

  • Page 472: Ospfv3 Ipsec Profile Configuration Example

    BkLabel: NULL BkNextHop: FE80::7685:45FF:FEAD:102 Tunnel ID: Invalid Interface: Vlan-interface200 BkTunnel ID: Invalid BkInterface: Vlan-interface101 FtnIndex: 0x0 TrafficIndex: N/A Connector: N/A OSPFv3 IPsec profile configuration example Network requirements As shown in Figure 109, all switches run OSPFv3, and the AS is divided into two areas. Configure IPsec profiles on the switches to authenticate and encrypt protocol packets.
  • Page 473 <SwitchC> system-view [SwitchC] ospfv3 1 [SwitchC-ospfv3-1] router-id 3.3.3.3 [SwitchC-ospfv3-1] quit [SwitchC] interface vlan-interface 100 [SwitchC-Vlan-interface100] ospfv3 1 area 0 [SwitchC-Vlan-interface100] quit Configure OSPFv3 IPsec profiles: On Switch A:  # Create an IPsec transform set named trans. [SwitchA] ipsec transform-set trans # Specify the encapsulation mode as transport.
  • Page 474 # Create a manual IPsec profile named profile001. [SwitchB] ipsec profile profile001 manual # Use IPsec transform set trans. [SwitchB-ipsec-profile-profile001-manual] transform-set trans # Configure the inbound and outbound SPIs for AH. [SwitchB-ipsec-profile-profile001-manual] sa spi inbound ah 111111111 [SwitchB-ipsec-profile-profile001-manual] sa spi outbound ah 111111111 # Configure the inbound and outbound SPIs for ESP.
  • Page 475 [SwitchC] ipsec profile profile002 manual # Use IPsec transform set trans. [SwitchC-ipsec-profile-profile002-manual] transform-set trans # Configure the inbound and outbound SPIs for AH. [SwitchC-ipsec-profile-profile002-manual] sa spi inbound ah 4294967295 [SwitchC-ipsec-profile-profile002-manual] sa spi outbound ah 4294967295 # Configure the inbound and outbound SPIs for ESP. [SwitchC-ipsec-profile-profile002-manual] sa spi inbound esp 256 [SwitchC-ipsec-profile-profile002-manual] sa spi outbound esp 256 # Configure the inbound and outbound SA keys for AH.

  • Page 476: Configuring Ipv6 Is-Is

    Configuring IPv6 IS-IS Overview IPv6 IS-IS supports all IPv4 IS-IS features except that it advertises IPv6 routing information. This chapter describes only IPv6 IS-IS specific configuration tasks. For information about IS-IS, see "Configuring IS-IS." Intermediate System-to-Intermediate System (IS-IS) supports multiple network protocols, including IPv6.

  • Page 477: Configuring Ipv6 Is-Is Route Control

    Configuring IPv6 IS-IS route control Before you configure IPv6 IS-IS route control, complete basic IPv6 IS-IS configuration. To configure IPv6 IS-IS route control: Step Command Remarks Enter system view. system-view isis [ process-id ] [ vpn-instance Enter IS-IS view. vpn-instance-name ] Enter IS-IS IPv6 address address-family ipv6 [ unicast ] family view.

  • Page 478: Configuring Ipv6 Is-Is Link Cost

    Step Command Remarks route-policy route-policy-name } | tag to Level-2. tag ] * By default, the maximum 13. Specify the maximum number of ECMP routes equals number of ECMP routes maximum load-balancing number the maximum number of ECMP for load balancing. routes supported by the system.

  • Page 479: Tuning And Optimizing Ipv6 Is-Is Networks

    Enabling automatic link cost calculation Step Command Remarks Enter system view. system-view isis [ process-id ] [ vpn-instance Enter IS-IS view. vpn-instance-name ] Specify an IS-IS cost cost-style { wide | By default, the IS-IS cost style is style. wide-compatible } narrow.

  • Page 480: Setting The Lsdb Overload Bit

    Step Command Remarks • Method 2: prefix-priority route-policy route-policy-name Setting the LSDB overload bit Step Command Remarks Enter system view. system-view isis [ process-id ] [ vpn-instance Enter IS-IS view. vpn-instance-name ] cost-style { wide | By default, the IS-IS cost style is Specify an IS-IS cost style.

  • Page 481: Enabling Ipv6 Is-Is Ispf

    Step Command Remarks family view. By default, IPv6 IS-IS MTR is Enable IPv6 IS-IS MTR. multi-topology [ compatible ] disabled. By default: • The maximum interval is 5 seconds. timer spf maximum-interval Set the SPF calculation [ minimum-interval • The minimum interval is interval.

  • Page 482: Configuring Ipv6 Is-Is Frr

    Step Command Remarks Enter system view. system-view Enable an IS-IS process and isis [ process-id ] [ vpn-instance enter IS-IS view. vpn-instance-name ] Configure the NET for the By default, no NET is configured. network-entity net IS-IS process. Enter IPv6 address family address-family ipv6 [ unicast ] view.

  • Page 483: Configuration Procedure

    • Enable IPv6 IS-IS. • Make sure the backup next hop is reachable. Configuration procedure Configuring IPv6 IS-IS FRR to calculate a backup next hop through LFA calculation Step Command Remarks Enter system view. system-view interface interface-type Enter interface view. interface-number By default, the interface (Optional.) Disable LFA...

  • Page 484: Enabling Ipv6 Is-Is Mtr

    Enabling BFD for IPv6 IS-IS FRR By default, IPv6 IS-IS FRR does not use BFD to detect primary link failures. To speed up IPv6 IS-IS convergence, enable BFD for IPv6 IS-IS FRR to detect primary link failures. To enable BFD control packet mode for IPv6 IS-IS FRR: Step Command Remarks...

  • Page 485: Displaying And Maintaining Ipv6 Is-Is

    Figure 111 Network diagram Router A Router B IPv6 IPv6 IPv6 IPv4 IPv6 IPv4 IPv4 IPv4 Router C Router D As shown in Figure 111, the numbers refer to the link costs. Router A, Router B, and Router D support both IPv4 and IPv6. Router C supports only IPv4 and cannot forward IPv6 packets. Enable IPv6 IS-IS MTR on Router A, Router B, Router C, and Router D to make them perform route calculation separately in IPv4 and IPv6 topologies.

  • Page 486: Ipv6 Is-Is Configuration Examples

    Task Command [ process-id ] display isis statistics ipv6 [ level-1 | level-1-2 | level-2 ] Display IPv6 IS-IS statistics. [ process-id ] Display IPv6 IS-IS route calculation log display isis event-log spf ipv6 [ [ level-1 | level-2 ] | information.
  • Page 487 [SwitchB] isis 1 [SwitchB-isis-1] is-level level-1 [SwitchB-isis-1] network-entity 10.0000.0000.0002.00 [SwitchB-isis-1] address-family ipv6 [SwitchB-isis-1-ipv6] quit [SwitchB-isis-1] quit [SwitchB] interface vlan-interface 200 [SwitchB-Vlan-interface200] isis ipv6 enable 1 [SwitchB-Vlan-interface200] quit # Configure Switch C. <SwitchC> system-view [SwitchC] isis 1 [SwitchC-isis-1] network-entity 10.0000.0000.0003.00 [SwitchC-isis-1] address-family ipv6 [SwitchC-isis-1-ipv6] quit [SwitchC-isis-1] quit [SwitchC] interface vlan-interface 100...
  • Page 488 Destination : :: PrefixLen: 0 Flag : R/-/- Cost : 10 Next Hop : FE80::200:FF:FE0F:4 Interface: Vlan100 Destination : 2001:1:: PrefixLen: 64 Flag : D/L/- Cost : 10 Next Hop : Direct Interface: Vlan100 Destination : 2001:2:: PrefixLen: 64 Flag : R/-/- Cost : 20...
  • Page 489 ------------------------------ Level-1 IPv6 Forwarding Table ----------------------------- Destination : 2001:1:: PrefixLen: 64 Flag : D/L/- Cost : 10 Next Hop : Direct Interface: Vlan100 Destination : 2001:2:: PrefixLen: 64 Flag : D/L/- Cost : 10 Next Hop : Direct Interface: Vlan200 Destination : 2001:3:: PrefixLen: 64 Flag...

  • Page 490: Bfd For Ipv6 Is-Is Configuration Example

    Destination : 2001:1:: PrefixLen: 64 Flag : R/-/- Cost : 20 Next Hop : FE80::200:FF:FE0F:4 Interface: Vlan300 Destination : 2001:2:: PrefixLen: 64 Flag : R/-/- Cost : 20 Next Hop : FE80::200:FF:FE0F:4 Interface: Vlan300 Destination : 2001:3:: PrefixLen: 64 Flag : D/L/- Cost : 10...
  • Page 491 Device Interface IPv6 address Switch C Vlan-int11 2001:2::2/64 Switch C Vlan-int13 2001:3::1/64 Configuration procedure Configure IPv6 addresses for interfaces. (Details not shown.) Configure IPv6 IS-IS: # Configure Switch A. <SwitchA> system-view [SwitchA] isis 1 [SwitchA-isis-1] is-level level-1 [SwitchA-isis-1] network-entity 10.0000.0000.0001.00 [SwitchA-isis-1] address-family ipv6 [SwitchA-isis-1-ipv6] quit [SwitchA-isis-1] quit...
  • Page 492 [SwitchC-Vlan-interface13] quit Configure BFD functions: # Enable BFD and configure BFD parameters on Switch A. [SwitchA] bfd session init-mode active [SwitchA] interface vlan-interface 10 [SwitchA-Vlan-interface10] isis ipv6 bfd enable [SwitchA-Vlan-interface10] bfd min-transmit-interval 500 [SwitchA-Vlan-interface10] bfd min-receive-interval 500 [SwitchA-Vlan-interface10] bfd detect-multiplier 7 [SwitchA-Vlan-interface10] return # Enable BFD and configure BFD parameters on Switch B.

  • Page 493: Ipv6 Is-Is Frr Configuration Example

    Destination: 2001:4::/64 Protocol : IS_L1 NextHop : FE80::BAAF:67FF:FE27:DCD0 Preference: 15 Interface : Vlan11 Cost : 20 The output shows that Switch A and Switch B communicate through VLAN-interface 11. IPv6 IS-IS FRR configuration example Network requirements As shown in Figure 114, Switch A, Switch B, and Switch C belong to the same IS-IS routing domain.
  • Page 494 [SwitchB-isis-1] address-family ipv6 [SwitchB-isis-1-ipv6] fast-reroute lfa (Method 2.) Enable IPv6 IS-IS FRR to designate a backup next hop by using a routing  policy: # Configure Switch A. <SwitchA> system-view [SwitchA] ipv6 prefix-list abc index 10 permit 20:: 128 [SwitchA] route-policy frr permit node 10 [SwitchA-route-policy-frr-10] if-match ipv6 address prefix-list abc [SwitchA-route-policy-frr-10] apply ipv6 fast-reroute backup-interface vlan-interface 100 backup-nexthop 1::2...
  • Page 495 Label: NULL RealNextHop: FE80::34CD:9FF:FE2F:D02 BkLabel: NULL BkNextHop: FE80::7685:45FF:FEAD:102 Tunnel ID: Invalid Interface: Vlan-interface200 BkTunnel ID: Invalid BkInterface: Vlan-interface100 FtnIndex: 0x0 TrafficIndex: N/A Connector: N/A # Display route 10::1/128 on Switch B to view the backup next hop information. [SwitchB] display ipv6 routing-table 10::1 128 verbose Summary count : 1 Destination: 10::1/128 Protocol: IS_L1...

  • Page 496: Configuring Ipv6 Pbr

    Configuring IPv6 PBR Overview Policy-based routing (PBR) uses user-defined policies to route packets. A policy can specify the next hop for packets that match specific criteria such as ACLs. A device forwards received packets using the following process: The device uses PBR to forward matching packets. If the packets do not match the PBR policy or the PBR-based forwarding fails, the device uses the routing table, excluding the default route, to forward the packets.

  • Page 497: Pbr And Track

    Does a packet match all Match mode the if-match clauses on the In permit mode In deny mode node? is forwarded according to the routing table. IPv6 PBR compares the packet IPv6 PBR compares the packet with the next node. with the next node.

  • Page 498: Configuring Actions For An Ipv6 Node

    Step Command Remarks Enter IPv6 policy ipv6 policy-based-route policy-name node view. [ deny | permit ] node node-number By default, no ACL match criterion is set. Set an ACL match if-match acl { ipv6-acl-number | name criterion. ipv6-acl-name } The ACL match criterion cannot match Layer 2 information.

  • Page 499: Configuring Ipv6 Interface Pbr

    Step Command Remarks applied. policy-name Configuring IPv6 interface PBR Configure IPv6 PBR by applying an IPv6 policy to an interface. IPv6 PBR uses the policy to guide the forwarding of IPv6 packets received on the interface. The specified policy must already exist. Otherwise, the IPv6 interface PBR configuration fails.
  • Page 500 Figure 115 Network diagram Switch B Vlan-int10 Vlan-int10 Switch A 1::1/64 1::2/64 Vlan-int20 Vlan-int20 2::1/64 2::2/64 Switch C Configuration procedure Configure Switch A: # Create VLAN 10 and VLAN 20. <SwitchA> system-view [SwitchA] vlan 10 [SwitchA-vlan10] quit [SwitchA] vlan 20 [SwitchA-vlan20] quit # Configure the IPv6 addresses of VLAN-interface 10 and VLAN-interface 20.

  • Page 501: Packet Type-Based Ipv6 Interface Pbr Configuration Example

    # Configure the IPv6 address of VLAN-interface 20. [SwitchC] interface vlan-interface 20 [SwitchC-Vlan-interface20] ipv6 address 2::2 64 Verifying the configuration # Telnet to Switch B on Switch A. The operation succeeds. # Telnet to Switch C on Switch A. The operation fails. # Ping Switch C from Switch A.
  • Page 502 [SwitchA-vlan20] quit # Configure RIPng. [SwitchA] ripng 1 [SwitchA-ripng-1] quit [SwitchA] interface vlan-interface 10 [SwitchA-Vlan-interface10] ipv6 address 1::1 64 [SwitchA-Vlan-interface10] ripng 1 enable [SwitchA-Vlan-interface10] quit [SwitchA] interface vlan-interface 20 [SwitchA-Vlan-interface20] ipv6 address 2::1 64 [SwitchA-Vlan-interface20] ripng 1 enable [SwitchA-Vlan-interface20] quit # Configure ACL 3001 to match TCP packets.
  • Page 503 [SwitchC] interface vlan-interface 20 [SwitchC-Vlan-interface20] ipv6 address 2::2 64 [SwitchC-Vlan-interface20] ripng 1 enable [SwitchC-Vlan-interface20] quit Verifying the configuration # Enable IPv6 and configure the IPv6 address 10::3 for Host A. C:\>ipv6 install Installing... Succeeded. C:\>ipv6 adu 4/10::3 # On Host A, Telnet to Switch B that is directly connected to Switch A. The operation succeeds. # On Host A, Telnet to Switch C that is directly connected to Switch A.

  • Page 504: Configuring Routing Policies

    Configuring routing policies Overview Routing policies control routing paths by filtering and modifying routing information. This chapter describes both IPv4 and IPv6 routing policies. Routing policies can filter advertised, received, and redistributed routes, and modify attributes for specific routes. To configure a routing policy: Configure filters based on route attributes, such as destination address and the advertising router's address.

  • Page 505: Routing Policy

    Routing policy A routing policy can contain multiple nodes, which are in a logical OR relationship. A node with a smaller number is matched first. A route matches the routing policy if it matches one node (except the node configured with the continue clause) in the routing policy. Each node has a match mode of permit or deny.

  • Page 506: Configuring An As Path List

    Step Command Remarks max-mask-length ] Configuring an IPv6 prefix list If all items are set to deny mode, no routes can pass the IPv6 prefix list. To permit unmatched IPv6 routes, you must configure the permit :: 0 less-equal 128 item following multiple deny items. To configure an IPv6 prefix list: Step Command...

  • Page 507: Configuring An Extended Community List

    Configuring an extended community list You can configure multiple items for an extended community list that is identified by a number. The relationship between the items is logical OR. A route matches the extended community list if it matches one item in the list. To configure an extended community list: Step Command...

  • Page 508: Configuring If-Match Clauses

    Configuring if-match clauses You can either specify no if-match clauses or multiple if-match clauses for a routing policy node. If no if-match clause is specified for a permit node, all routes can pass the node. If no if-match clause is specified for a deny node, no routes can pass the node. The if-match clauses of a routing policy node have a logical AND relationship.

  • Page 509: Configuring Apply Clauses

    Step Command Remarks specified output interface. interface-number }&<1-16> interface match criterion is configured. This command is not supported by BGP. By default, no local Match BGP routes having the if-match local-preference preference is configured for specified local preference. preference BGP routes. By default, no MAC list match criterion is configured.
  • Page 510 Step Command Remarks no-advertise | no-export | no-export-subconfed } * [ additive ] } Set a cost for routes. apply cost [ + | - ] cost-value By default, no cost is set for routes. apply cost-type { external | By default, no cost type is set for Set a cost type for routes.

  • Page 511: Configuring The Continue Clause

    Step Command Remarks { backup-interface interface-type interface-number [ backup-nexthop ipv6-address ] | backup-nexthop ipv6-address } Configuring the continue clause Follow these guidelines when you configure the continue clause to combine multiple nodes: • If you configure an apply clause that sets different attribute values on all the nodes, the apply clause of the node configured most recently takes effect.

  • Page 512: Routing Policy Configuration Examples

    Task Command Display MAC list statistics. display mac-list [ name mac-list-name ] Display routing policy information. display route-policy [ name route-policy-name ] Clear IPv4 prefix list statistics. reset ip prefix-list [ prefix-list-name ] Clear IPv6 prefix list statistics. reset ipv6 prefix-list [ prefix-list-name ] Clear MAC list statistics.
  • Page 513 [SwitchC-Vlan-interface201] isis enable [SwitchC-Vlan-interface201] quit [SwitchC] interface vlan-interface 202 [SwitchC-Vlan-interface202] isis enable [SwitchC-Vlan-interface202] quit [SwitchC] interface vlan-interface 203 [SwitchC-Vlan-interface203] isis enable [SwitchC-Vlan-interface203] quit # Configure Switch B. <SwitchB> system-view [SwitchB] isis [SwitchB-isis-1] is-level level-2 [SwitchB-isis-1] network-entity 10.0000.0000.0002.00 [SwitchB-isis-1] quit [SwitchB] interface vlan-interface 200 [SwitchB-Vlan-interface200] isis enable [SwitchB-Vlan-interface200] quit Configure OSPF and route redistribution:...
  • Page 514 Total Nets: 4 Intra Area: 1 Inter Area: 0 ASE: 3 NSSA: 0 Configure filtering lists: # Configure IPv4 basic ACL 2002 to permit route 172.17.2.0/24. [SwitchB] acl basic 2002 [SwitchB-acl-ipv4-basic-2002] rule permit source 172.17.2.0 0.0.0.255 [SwitchB-acl-ipv4-basic-2002] quit # Configure IP prefix list prefix-a to permit route 172.17.1.0/24. [SwitchB] ip prefix-list prefix-a index 10 permit 172.17.1.0 24 Configure a routing policy.

  • Page 515: Routing Policy Configuration Example For Ipv6 Route Redistribution

    Routing policy configuration example for IPv6 route redistribution Network requirements As shown in Figure 118: • Run RIPng on Switch A and Switch B. • Configure three static routes on Switch A. • On Switch A, apply a routing policy to redistribute static routes 20::/32 and 40::/32 and deny route 30::/32.
  • Page 516 Configure Switch B: # Configure the IPv6 address for VLAN-interface 100. <SwitchB> system-view [SwitchB] interface vlan-interface 100 [SwitchB-Vlan-interface100] ipv6 address 10::2 32 # Enable RIPng. [SwitchB] ripng [SwitchB-ripng-1] quit # Enable RIPng on VLAN-interface 100. [SwitchB] interface vlan-interface 100 [SwitchB-Vlan-interface100] ripng 1 enable [SwitchB-Vlan-interface100] quit Verifying the configuration # Display the RIPng routing table on Switch B.

  • Page 517: Document Conventions And Icons

    Document conventions and icons Conventions This section describes the conventions used in the documentation. Command conventions Convention Description Bold text represents commands and keywords that you enter literally as shown. Boldface Italic text represents arguments that you replace with actual values. Italic Square brackets enclose syntax choices (keywords or arguments) that are optional.

  • Page 518: Network Topology Icons

    Network topology icons Convention Description Represents a generic network device, such as a router, switch, or firewall. Represents a routing-capable device, such as a router or Layer 3 switch. Represents a generic switch, such as a Layer 2 or Layer 3 switch, or a router that supports Layer 2 forwarding and other Layer 2 features.

  • Page 519: Support And Other Resources

    Support and other resources Accessing Hewlett Packard Enterprise Support • For live assistance, go to the Contact Hewlett Packard Enterprise Worldwide website: www.hpe.com/assistance • To access documentation and support services, go to the Hewlett Packard Enterprise Support Center website: www.hpe.com/support/hpesc Information to collect •...

  • Page 520: Websites

    For more information and device support details, go to the following website: www.hpe.com/info/insightremotesupport/docs Documentation feedback Hewlett Packard Enterprise is committed to providing documentation that meets your needs. To help us improve the documentation, send any errors, suggestions, or comments to Documentation Feedback (docsfeedback@hpe.com). When submitting your feedback, include the document title,...
  • Page 521 part number, edition, and publication date located on the front cover of the document. For online help content, include the product name, product version, help edition, and publication date located on the legal notices page.

  • Page 522: Index

    Index BGP fake AS number (IPv4), Numerics BGP fake AS number (IPv6), 4-byte BGP optimal route (IPv4 unicast), BGP AS number suppression, BGP optimal route (IPv6 unicast), BGP route advertisement rules, BGP 6PE configuration, BGP route generation, BGP 6PE optional capabilities, IPv4 BGP basic configuration, IPv6 BGP 6PE configuration, IPv4 BGP BFD configuration,...
  • Page 523 OSPF area configuration (stub), 76, 112 IPv6 BGP FRR configuration, OSPF areas, IPv6 BGP route reflector configuration, IPv6 multicast BGP configuration, OSPF authentication (area), OSPF backbone, IS-IS authentication configuration, OSPF interface exclusion from base topology, IS-IS basic configuration, IS-IS basics configuration, OSPF network type, IS-IS configuration, 134, 140, 166...
  • Page 524 OSPF configuration, OSPF detection configuration (single-hop echo), OSPFv3 configuration, OSPF FRR configuration, RIPng IPsec profile application, OSPF PIC BFD, RIPv2 message authentication configuration, OSPFv3 BFD configuration, 431, 455 auto OSPFv3 FRR configuration, BGP route summarization (automatic)(IPv4), RIP BFD configuration, RIP BFD configuration (bidirectional control IPv6 IS-IS automatic link cost calculation, detection), IPv6 IS-IS FRR automatic backup next hop...
  • Page 525 EBGP direct connections after link failure, network optimization, EBGP peer protection (low memory NEXT_HOP attribute, exemption), nonstop routing (NSR) configuration, EBGP session establishment (multiple hop), optimal route advertisement, optimal route selection disable for labeled routes, enable, fake AS number advertisement, ORIGINATOR_ID attribute ignore, first AS number of EBGP route update ignore, OSPF BGP advertisement of link state...
  • Page 526 TCP connection source address, CLV (IS-IS PDU), troubleshoot, COMMUNITY BGP COMMUNITY path attribute, troubleshoot peer connection state, tuning network, community bidirectional routing policy extended community list, COMMUNITY IPv6 static route BFD control mode (direct next hop), BGP COMMUNITY configuration, IPv6 static route BFD control mode (indirect IPv4 BGP COMMUNITY configuration, next hop), community...
  • Page 527 BGP holdtime (IPv4), EBGP peer group (IPv6 multicast address), BGP holdtime (IPv6), EBGP peer group (IPv6 unicast address), IBGP peer group (IPv4 multicast address), BGP keepalive interval, BGP large-scale network, IBGP peer group (IPv4 unicast address), BGP link state (LS), IBGP peer group (IPv6 multicast address), IBGP peer group (IPv6 unicast address), BGP load balancing (IPv4),...
  • Page 528 IPv6 multicast BGP, IS-IS redistributed route filtering, IPv6 PBR, 484, 485, 486, 487 IS-IS route control, IS-IS route convergence priority, IPv6 PBR interface, IPv6 PBR interface (packet type-based), IS-IS route filtering, IPv6 PBR local, IS-IS route leaking, IS-IS route redistribution, 146, 175 IPv6 PBR local (packet type-based), IPv6 PBR node action,...
  • Page 529 OSPF redistributed route default parameters, OSPFv3 route redistribution (another routing protocol), OSPF redistributed route summarization (on OSPFv3 route redistribution (default route), ASBR), OSPFv3 route summarization, OSPF route control, OSPFv3 route summarization (on ABR), OSPF route redistribution, OSPFv3 route summarization (on ASBR), OSPF route summarization, OSPFv3 stub router, OSPF route summarization (on ABR),...
  • Page 530 RIPv2 message authentication, RIP BFD configuration (bidirectional detection/control packet mode), RIPv2 route summarization, RIP interface advertisement, routing policy, 492, 495, 500 RIP interface reception, 29, 29 routing policy (IPv4 route redistribution), RIP route control configuration, routing policy (IPv6 route redistribution), RIPng route control, routing policy apply clause, convergence priority (IPv6 IS-IS),...
  • Page 531 OSPFv3 LSA transmission delay, IPv6 static routing, detecting IPv6 static routing basics, IPv6 static routing BFD (direct next hop), BGP BFD, OSPF BFD, IPv6 static routing BFD (indirect next hop), OSPF BFD detection configuration IS-IS authentication configuration, (bidirectional control), IS-IS basics configuration, OSPF BFD detection configuration IS-IS BFD configuration, (single-hop echo),...
  • Page 532 RIP GR configuration, OSPFv3, RIP interface additional metric configuration, PBR, RIP, RIP NSR configuration, RIPng, RIP route redistribution, routing policy, RIP summary route advertisement static routing, configuration, distributing RIPng basic configuration, BGP IGP route redistribution, RIPng configuration, BGP route distribution control, RIPng FRR configuration, IP routing extension attribute redistribution, RIPng GR configuration,...
  • Page 533 session establishment (multiple hop), IP routing ECMP enhanced mode, echo IPv6 IS-IS automatic link cost calculation, IPv6 IS-IS FRR BFD, IPv6 static route BFD echo mode (single hop), IPv6 IS-IS ISPF, RIP BFD configuration (bidirectional IPv6 IS-IS MTR, detection/control packet mode), IPv6 IS-IS prefix suppression, RIP BFD configuration (single-hop echo IPv6 route support for 64 bits+ prefixes,...
  • Page 534 Exterior Gateway Protocol. Use EGP routing policy configuration (IPv6 route redistribution), external routing policy continue clause, OSPF LSDB external LSAs max, routing policy creation, external BGP. Use EGP routing policy extended community list, 492, 495 routing policy filter configuration, routing policy filters, IP routing table, routing policy if-match clause, filtering...
  • Page 535 PBR policy specification (local PBR), BGP NSR configuration, RIPng NSR, GR helper, GR restarter, RIPng NSR configuration, fragment IPv4 BGP GR configuration, IS-IS LSP fragment extension, IS-IS GR configuration, 161, 181 IS-IS GR helper, BFD enable, 43, 397 IS-IS GR restarter, BGP configuration, IS-IS NSR, IP routing inter-protocol FRR,...
  • Page 536 RIP BFD configuration (single-hop echo BGP ORIGIN path attribute, detection/specific destination), IPv4 BGP+IGP route redistribution, host IS-IS authentication configuration, IS-IS system ID > host name mapping, IS-IS basic configuration, OSPF host route advertisement, IS-IS basics configuration, host route reception, IS-IS configuration, 134, 140, 166 IS-IS DIS election configuration, IS-IS route redistribution,...
  • Page 537 OSPF SPF calculation interval, BGP route preference, OSPFv3 LSA generation interval, BGP route reception, BGP route recursion, OSPFv3 LSU transmit rate, OSPFv3 SPF calculation interval, BGP route reflection, RIP triggered update interval, BGP route selection, 196, 197 BGP route summarization, RIPng triggered update send interval, intra-area BGP route update delay,...
  • Page 538 IS-IS DIS election configuration, IS-IS system ID > host name mapping, IS-IS display, load sharing, MP-BGP, IS-IS ECMP routes max, IS-IS FRR, MP-BGP protocols and standards, IS-IS FRR configuration, OSPF area, OSPF area configuration (NSSA), 76, 114 IS-IS global cost, IS-IS GR, OSPF area configuration (stub), 76, 112...
  • Page 539 OSPF network management, OSPFv3 interface DR priority, OSPF network optimization, OSPFv3 interface packet send/receive disable, OSPF network tuning, OSPFv3 IPsec profile application, OSPF network type, OSPFv3 IPsec profile configuration, OSPF NSR, OSPFv3 LSA generation interval, OSPF NSR configuration, OSPFv3 LSA transmission delay, OSPF outbound LSA filtering (on interface), OSPFv3 LSU transmit rate, OSPFv3 maintain,...
  • Page 540 policy extended community list, RIP route control configuration, policy filter configuration, RIP route entries, RIP route redistribution, policy filtering, policy filters, RIP route redistribution configuration, policy if-match clause, RIP routing loop prevention, RIP split horizon configuration, policy IP prefix list, policy MAC list, RIP summary route advertisement configuration, policy maintain,...
  • Page 541 routing table, IBGP peer group configuration (IPv4 multicast address), routing table display, IBGP peer group configuration (IPv4 unicast routing table maintain, address), setting maximum number of OSPFv3 logs, IP routing FIB route max lifetime, IP routing RIB label max lifetime, static route display, IP routing RIB route max lifetime, static routing basic configuration,...
  • Page 542 fake AS number advertisement, EBGP peer protection (low memory exemption), FRR, 290, 290 EBGP session establishment (multiple hop), FRR configuration, IBGP peer group configuration (IPv6 multicast GR configuration, address), GTSM configuration, IBGP peer group configuration (IPv6 unicast holdtime, address), IGP metrics ignore, IP routing FIB route max lifetime, IGP route redistribution, IP routing RIB label max lifetime,...
  • Page 543 RIP, 388, RIPng private AS number removal, See also RIPng GR configuration, received route preferred value, route dampening, route support for 64 bits+ prefixes, routing policy ACLs, route distribution filtering policy, routing policy configuration, 492, 500 route flapping logging, route preference, routing policy configuration (IPv6 route redistribution), route reception filtering policy,...
  • Page 544 local configuration, FRR configuration (routing policy), local configuration (packet type-based), global cost configuration, GR configuration, 161, 181 local PBR, maintain, hello multiplier, match mode/node clause relationship, hello packet send interval, interface cost configuration, node action configuration, node creation, interface DIS priority, node match criteria, interface hello packet send enable, policy,...
  • Page 545 route convergence priority, IS-IS NSR, route filtering, OSPF BFD, OSPF BGP advertisement of link state route leaking, information, route leaking configuration, OSPF configuration, 66, 72 route redistribution, 146, 175 OSPF FRR, route summarization, OSPF virtual link, 68, 77 routing method, OSPF virtual link configuration, SPF calculation interval, OSPFv3 FRR,...
  • Page 546 basic BGP LS configuration, OSPF LSR packet, OSPFv3 packet type, BGP link state (LS) configuration, BGP LS route reflection configuration, IPv4 BGP link state (LS) configuration, OSPF LSU packet, OSPF LSU transmit rate, OSPF AS External LSA, OSPFv3 LSU transmit rate, OSPF ASBR summary LSA, OSPFv3 packet type, OSPF exit overflow interval,...
  • Page 547 BGP path attribute, IPv4 BGP+IGP route redistribution, memory IPv6 BGP basic configuration, IPv6 BGP BFD configuration, EBGP peer protection (low memory exemption), IPv6 BGP configuration, message IPv6 BGP FRR configuration, BGP notification, IPv6 BGP route reflector configuration, BGP open, overview, BGP route-refresh, protocols and standards, BGP update,...
  • Page 548 OSPF interface network type, BGP keepalive interval, OSPF network type, 71, 77 BGP large-scale network, BGP link state (LS) configuration, OSPFv3 NBMA neighbor, OSPFv3 network type, BGP load balancing, 197, 267 OSPFv3 network type (interface), BGP local network injection, BGP MED attribute, OSPFv3 BFD configuration, BGP MPLS local label update delay, OSPFv3 configuration,...
  • Page 549 IP routing FIB route max lifetime, IPv6 IS-IS network tuning, IP routing inter-protocol FRR, IPv6 IS-IS prefix suppression, IPv6 IS-IS route control, IP routing IPv4 RIB inter-protocol FRR, IP routing IPv6 RIB inter-protocol FRR, IPv6 IS-IS route convergence priority, IP routing load sharing, IPv6 IS-IS SPF calculation interval, IPv6 multicast BGP configuration, IP routing policy-based recursive lookup,...
  • Page 550 IS-IS hello multiplier, OSPF BGP advertisement of link state information, IS-IS hello packet send interval, OSPF DD packet interface MTU, IS-IS interface cost, OSPF DR election configuration, IS-IS interface DIS priority, OSPF ECMP routes max, IS-IS interface hello packet send, OSPF exit overflow interval, IS-IS interface P2P network type, OSPF FRR,...
  • Page 551 OSPF route summarization, OSPFv3 route summarization, 418, 449 OSPF route summarization configuration, OSPFv3 SPF calculation interval, OSPFv3 stub router, OSPF route types, OSPF SPF calculation interval, OSPFv3 timer, OSPF stub router, OSPFv3 virtual link, PBR node action, OSPF summary network discard route, OSPF timer set, PBR node creation, OSPF tuning,...
  • Page 552 RIP update source IP address check, static routing BFD bidirectional control mode (direct next hop), RIP version configuration, static routing BFD bidirectional control mode RIP versions, (indirect next hop), RIPng basic configuration, 389, 399 static routing BFD configuration, RIPng default route advertisement, static routing BFD configuration (direct next hop), RIPng ECMP route max, RIPng FRR configuration,...
  • Page 553 PBR apply clause, BGP AS number substitution, PBR creation, BGP fake AS number advertisement, BGP first AS number of EBGP route update PBR if-match clause, ignore, PBR match criteria, BGP local AS number appearance, PBR node action, BGP private AS number removal, PBR policy, PBR-Track collaboration, routing policy apply clause,...
  • Page 554 FRR backup next hop calculation (LFA received route filtering configuration, algorithm), redistributed route default parameters, FRR backup next hop specification (routing redistributed route summarization (on ASBR), policy), RFC 1583 compatibility, FRR configuration, 101, 130 route calculation, GR configuration, 98, 122 route control configuration, GR helper, route redistribution,...
  • Page 555 Inter-Area-Prefix LSA filtering, OSPFv3 network type (interface), interface cost configuration, packet interface PBR configuration (packet type-based), interface DR priority, interface packet send/receive disable, IP routing configuration, IPsec profile application, IP routing dynamic routing protocols, IPsec profile configuration, IP routing extension attribute redistribution, LSA generation interval, IP routing load sharing, LSA transmission delay,...
  • Page 556 OSPF LSU transmit rate, BGP MED attribute, OSPF outgoing packet DSCP value, BGP MED route comparison (confederation peers), OSPF RFC 1583 compatibility, BGP MED route comparison (diff ASs), OSPF stub router, BGP MED route comparison (per-AS), OSPFv3 area configuration (NSSA), BGP NEXT_HOP attribute, OSPFv3 area configuration (stub), BGP path attributes,...
  • Page 557 BGP peer keychain authentication, PBR node action, BGP peer MD5 authentication, PBR node creation, PBR node match criteria, BGP session establishment disable, EBGP, PBR policy specification, EBGP peer protection (low memory PBR policy specification (interface PBR), exemption), PBR policy specification (local PBR), IBGP, routing policy apply clause, IPv4 BGP dynamic peer configuration,...
  • Page 558 OSPF prefix priority configuration, configuring BGP default local preference (IPv6), OSPF route level priority, configuring BGP dynamic peer (IPv4 multicast OSPFv3 interface DR priority, address), procedure configuring BGP dynamic peer (IPv4 unicast adding OSPF DD packet interface MTU, address), advertising BGP default route (peer/peer configuring BGP dynamic peer (IPv6 multicast group)(IPv4), address),...
  • Page 559 configuring BGP route summarization configuring IPv4 BGP route summarization, (automatic)(IPv4), configuring IPv4 BGP+IGP route redistribution, configuring BGP route summarization (manual)(IPv4), configuring IPv4 multicast BGP, configuring BGP route summarization configuring IPv4 RIB inter-protocol FRR, (manual)(IPv6), configuring IPv4 RIB NSR, configuring BGP route update delay, configuring IPv6 BGP 6PE, configuring BGP route update interval (IPv4), configuring IPv6 BGP basics,...
  • Page 560 configuring IS-IS ATT bit default route configuring OSPF authentication (area), calculation, configuring OSPF authentication (interface), configuring IS-IS authentication, configuring OSPF basics, configuring IS-IS authentication (area), configuring OSPF BFD, 100, 127 configuring IS-IS authentication (neighbor configuring OSPF BFD detection (bidirectional relationship), control), configuring IS-IS authentication (routing configuring OSPF BFD detection (single-hop...
  • Page 561 configuring OSPF summary network discard configuring OSPFv3 route redistribution (default route, route), configuring OSPF Type-3 LSA filtering, configuring OSPFv3 route summarization, configuring OSPF virtual link, 77, 120 configuring OSPFv3 route summarization (on ABR), configuring OSPFv3, configuring OSPFv3 route summarization (on configuring OSPFv3 area (NSSA), 415, 440 ASBR),...
  • Page 562 configuring RIPng route redistribution, 392, creating IPv6 PBR node, creating PBR node, configuring RIPng route summarization, creating routing policy, configuring RIPng routing metric, disabling BGP optimal route selection for labeled configuring RIPng split horizon, routes, configuring RIPv2 message authentication, disabling BGP session establishment (IPv4), configuring RIPv2 route summarization, disabling BGP session establishment (IPv6), configuring routing policy,...
  • Page 563 enabling BGP route-refresh (IPv4), enabling RIP NSR, enabling BGP route-refresh (IPv6), enabling RIP poison reverse, 35, 35 enabling RIP split horizon, enabling BGP session state change logging (IPv4), enabling RIP update source IP address check, enabling BGP session state change logging enabling RIPng FRR BFD, (IPv6), enabling RIPv1 message zero field check,...
  • Page 564 optimizing RIPng network, setting OSPFv3 LSA transmission delay, permitting BGP local AS number appearance setting OSPFv3 SPF calculation interval, (IPv4), setting OSPFv3 timer, permitting BGP local AS number appearance setting PBR node match criteria, (IPv6), setting RIP ECMP route max number, protecting EBGP peer (low memory setting RIP outgoing packet DSCP value, exemption)(IPv4),...
  • Page 565 IP routing dynamic routing protocols, RIP routes, IS-IS, RIPng received/redistributed route filtering, RIPng route, MP-BGP, OSPF, RIPng route redistribution, OSPF preference, refreshing BGP route refresh enable, OSPF RFC 1583 compatibility, OSPFv3, removing RIP, BGP private AS number from EBGP peer/peer group update (IPv4), RIPng, BGP private AS number from EBGP peer/peer...
  • Page 566 interface additional metric configuration, network tuning, interface advertisement control, nonstop routing (NSR) configuration, 396, 405 packet, interface reception control, IPv6. See RIPng packet send rate configuration, maintain, packet zero field check, poison reverse configuration, neighbor specification, network management configuration, preference configuration, network optimization, protocols and standards, network tuning,...
  • Page 567 BGP route filtering policy, IPv6 static routing BFD (indirect next hop), BGP route flapping logging, IPv6 static routing configuration, 377, 379 IS-IS default route advertisement, BGP route generation, BGP route preference, IS-IS ECMP routes max, BGP route reception control, IS-IS LSP-calculated route filtering, IS-IS redistributed route filtering, BGP route reception filtering policy, BGP route recursion,...
  • Page 568 RIPng default route advertisement, OSPFv3 route redistribution, RIPng ECMP route max, policy-based routing. Use Routing Information Protocol. Use RIPng preference, RIPng received/redistributed route filtering, tuning BGP network, routing policy RIPng route control, display, RIPng route entry, maintain, RIPng route redistribution, 392, 401 rule RIPng route summarization,...
  • Page 569 OSPFv3 interface packet send/receive RIPng ECMP route max, disable, RIPng preference, RIPng packet send rate, RIPng timer, RIPng triggered update send interval, RIPng triggered update send interval, session SNMP BGP session establishment disable, BGP SNMP notification enable, BGP session state change logging, OSPF network management, EBGP session establishment (multiple hop), SNP IS-IS PDU type,...
  • Page 570 BFD configuration (indirect next hop), switch configuration, 11, 16 OSPFv3 configuration, system default route configuration, display, IS-IS system ID, FRR configuration, IS-IS system ID > host name mapping, IPv6. See IPv6 static routing routing configuration, table static routing BFD bidirectional control mode BGP optimal route advertisement, (direct next hop), IP routing,...
  • Page 571 RIP garbage-collect timer, tuning RIP suppress timer, BGP network, IPv6 IS-IS network, RIP timeout timer, RIP update timer, IS-IS network, RIPng timer configuration, OSPF network, OSPFv3 network, IPv6 Interface Address, RIP networks, IPv6 IS-IS basic configuration, RIPng network, IPv6 IS-IS BFD configuration, tunneling IPv6 IS-IS configuration, 464, 474...
  • Page 572 OSPF network type, updating BGP MPLS local label update delay, BGP route update delay, BGP route update interval, BGP route update save, BGP update message, RIP source IP address check, RIP triggered update interval, RIP update timer, RIPng triggered update send interval, value BGP MED default value, BGP outgoing packet DSCP value,...

Table of Contents