HPE FlexNetwork HSR6800 Configuration Manual
  1. Manuals
  2. Brands
  3. HPE Manuals
  4. Network Router
  5. FlexNetwork HSR6800 series
  6. Configuration manual

HPE FlexNetwork HSR6800 Configuration Manual

Layer 3-ip routing configuration guide
Hide thumbs Also See for FlexNetwork HSR6800:
1
2
Table Of Contents
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
Table of Contents

Advertisement

Quick Links

Download this manual See also: Configuration Manual
HPE FlexNetwork HSR6800 Routers
Layer 3—IP Routing Configuration Guide
Part number:5998-4492R
Software version: HSR6800-CMW520-R3303P25
Document version: 6W105-20151231

Advertisement

Table of Contents
loading

Related Manuals for HPE FlexNetwork HSR6800

Summary of Contents for HPE FlexNetwork HSR6800

  • Page 1 HPE FlexNetwork HSR6800 Routers Layer 3—IP Routing Configuration Guide Part number:5998-4492R Software version: HSR6800-CMW520-R3303P25 Document version: 6W105-20151231...
  • Page 2 © Copyright 2015 Hewlett Packard Enterprise Development LP The information contained herein is subject to change without notice. The only warranties for Hewlett Packard Enterprise products and services are set forth in the express warranty statements accompanying such products and services. Nothing herein should be construed as constituting an additional warranty. Hewlett Packard Enterprise shall not be liable for technical or editorial errors or omissions contained herein.

  • Page 3: Table Of Contents

    Contents IP routing basics ····························································································· 1 Routing table ······················································································································································ 1 Dynamic routing protocols ································································································································· 2 Route preference ··············································································································································· 2 Load sharing ······················································································································································ 3 Route backup ····················································································································································· 3 Route recursion ·················································································································································· 3 Route redistribution ············································································································································ 3 Displaying and maintaining a routing table ········································································································ 3 Configuring static routing ················································································...
  • Page 4 Configuring RIPv2 message authentication ····························································································· 30 Specifying a RIP neighbor ························································································································ 31 Configuring RIP-to-MIB binding ··············································································································· 31 Configuring the RIP packet sending rate ································································································· 31 Configuring RIP FRR ······································································································································· 32 Configuring BFD for RIP ·································································································································· 33 Enabling single-hop echo detection (for a directly connected RIP neighbor) ··········································· 33 Configuring single-hop echo detection (for a specific destination) ···························································...
  • Page 5 Configuring OSPF packet timers ·············································································································· 74 Specifying LSA transmission delay ·········································································································· 75 Specifying SPF calculation interval ·········································································································· 75 Specifying the LSA arrival interval ··········································································································· 76 Specifying the LSA generation interval ···································································································· 76 Disabling interfaces from receiving and sending OSPF packets ····························································· 76 Configuring stub routers ···························································································································...
  • Page 6 Configuration prerequisites ···················································································································· 135 Configuring IS-IS link cost ······················································································································ 135 Specifying a priority for IS-IS ·················································································································· 136 Configuring the maximum number of ECMP routes ··············································································· 137 Configuring IS-IS route summarization ·································································································· 137 Advertising a default route ····················································································································· 137 Configuring IS-IS route redistribution ····································································································· 138 Configuring IS-IS route filtering ··············································································································...
  • Page 7 Configuring a BGP peer group ··············································································································· 198 Configuring the BGP dynamic peer feature ··························································································· 201 Specifying the source interface for TCP connections ············································································ 202 Controlling route generation ··························································································································· 203 Configuration prerequisites ···················································································································· 203 Injecting a local network ························································································································· 203 Redistributing IGP routes ······················································································································· 204 Controlling route distribution and reception ···································································································...
  • Page 8 Configuring policy-based routing ································································ 266 Overview ························································································································································ 266 Policy ······················································································································································ 266 PBR and track ········································································································································ 268 PBR configuration task list ····························································································································· 268 Configuring a policy ······································································································································· 268 Creating a node ······································································································································ 268 Configuring match criteria for a node ····································································································· 268 Configuring actions for a node ···············································································································...
  • Page 9 Packets ·················································································································································· 302 LSA types ··············································································································································· 302 Timers ···················································································································································· 303 Supported features ································································································································· 304 Protocols and standards ························································································································ 304 OSPFv3 configuration task list ······················································································································· 304 Enabling OSPFv3 ·········································································································································· 305 Configuration prerequisites ···················································································································· 305 Enabling OSPFv3 ··································································································································· 305 Configuring OSPFv3 area parameters ··········································································································· 306 Configuration prerequisites ····················································································································...
  • Page 10 Configuring IPv6 IS-IS MTR ··················································································································· 349 Configuring IPv6 BGP ················································································· 352 IPv6 BGP overview ········································································································································ 352 IPv6 BGP configuration task list ····················································································································· 352 Configuring IPv6 BGP basic functions ··········································································································· 353 Configuration prerequisites ···················································································································· 353 Specifying an IPv6 BGP peer ················································································································· 353 Injecting a local IPv6 route ·····················································································································...
  • Page 11 What is policy-based routing ·················································································································· 393 Policy ······················································································································································ 393 IPv6 PBR configuration task list ····················································································································· 394 Configuring an IPv6 policy ····························································································································· 395 Creating an IPv6 node ··························································································································· 395 Configuring match criteria for an IPv6 node ··························································································· 395 Defining the actions for an IPv6 node ···································································································· 395 Configuring IPv6 PBR ····································································································································...
  • Page 12 Accessing updates ········································································································································· 428 Websites ················································································································································ 429 Customer self repair ······························································································································· 429 Remote support ······································································································································ 429 Documentation feedback ······················································································································· 429 Index ··········································································································· 431...

  • Page 13: Ip Routing Basics

    IP routing basics IP routing directs the forwarding of IP packets on routers based on a routing table. This book focuses on unicast routing protocols. For more information about multicast routing protocols, see IP Multicast Configuration Guide. Routing table A router maintains at least two routing tables: one global routing table and one forwarding information base (FIB).

  • Page 14: Dynamic Routing Protocols

    • Pre—Preference of the route. Among routes to the same destination, the one with the highest preference is optimal. • Cost—When multiple routes to a destination have the same preference, the one with the smallest cost becomes the optimal route. •...

  • Page 15: Load Sharing

    Routing type Preference IS-IS Static route OSPF ASE OSPF NSSA IBGP EBGP Unknown (route from an untrusted source) Load sharing A routing protocol might find multiple optimal equal-cost routes to the same destination. You can use these routes to implement equal-cost multi-path (ECMP) load sharing. Static routing, IPv6 static routing, RIP/RIPng, OSPF/OSPFv3, BGP/IPv6 BGP, and IS-IS/IPv6 IS-IS support ECMP load sharing.
  • Page 16 Task Command Remarks display ip routing-table [ multiple-topology topology-name | vpn-instance vpn-instance-name ] Display the routing table. Available in any view. [ verbose ] [ | { begin | exclude | include } regular-expression ] display ip routing-table [ multiple-topology topology-name | Display routes matching an IPv4 vpn-instance vpn-instance-name ] acl Available in any view.
  • Page 17 Task Command Remarks display ipv6 routing-table Display routing information for a [ vpn-instance vpn-instance-name ] specified destination IPv6 ipv6-address [ prefix-length ] Available in any view. address. [ longer-match ] [ verbose ] [ | { begin | exclude | include } regular-expression ] display ipv6 routing-table [ vpn-instance vpn-instance-name ] Display IPv6 routes with...

  • Page 18: Configuring Static Routing

    Configuring static routing Static routes are manually configured. If a network's topology is simple, you only need to configure static routes for the network to work correctly. Static routes cannot adapt to network topology changes. If a fault or a topological change occurs in the network, the network administrator must modify the static routes manually.

  • Page 19: Configuring Bfd For Static Routes

    Step Command Remarks Configure the Optional. ip route-static default-preference default preference default-preference-value 60 by default. for static routes. Delete all static delete [ multiple-topology topology-name | routes, including Optional. vpn-instance vpn-instance-name ] static-routes all the default route. Configuring BFD for static routes Bidirectional forwarding detection (BFD) provides a general-purpose, standard, medium-, and protocol-independent fast failure detection mechanism.

  • Page 20: Bfd Echo Packet Mode

    Step Command Remarks • Method 1: ip route-static dest-address { mask | mask-length } next-hop-address bfd control-packet bfd-source ip-address [ preference preference-value ] [ tag Configure a static tag-value ] [ description description-text ] route and enable Use either • Method 2: BFD control packet method.

  • Page 21: Configuration Prerequisites

    Figure 1 Network diagram for static route FRR As shown in Figure 1, upon a link failure, FRR designates a backup next hop by using a routing policy for routes matching the specified criteria. Packets are directed to the backup next hop to avoid traffic interruption.

  • Page 22: Static Route Configuration Examples

    Static route configuration examples Basic static route configuration example Network requirements Configure static routes in Figure 2 for interconnections between any two hosts. Figure 2 Network diagram Host B 1.1.6.2/24 GE2/1/3 1.1.6.1/24 GE2/1/1 GE2/1/2 1.1.4.2/30 1.1.5.5/30 Router B GE2/1/2 GE2/1/2 1.1.5.6/30 1.1.4.1/30 GE2/1/1...
  • Page 23 1.1.2.0/24 Direct 0 1.1.2.3 GE2/1/1 1.1.2.3/32 Direct 0 127.0.0.1 InLoop0 1.1.4.0/30 Direct 0 1.1.4.1 GE2/1/2 1.1.4.1/32 Direct 0 127.0.0.1 InLoop0 127.0.0.0/8 Direct 0 127.0.0.1 InLoop0 127.0.0.1/32 Direct 0 127.0.0.1 InLoop0 # Display the IP routing table of Router B. [RouterB] display ip routing-table Routing Tables: Public Destinations : 10 Routes : 10...

  • Page 24: Bfd For Static Routes Configuration Example (Direct Next Hop)

    BFD for static routes configuration example (direct next hop) Network requirements Figure 3, configure a static route to subnet 120.1.1.0/24 on Router A, configure a static route to subnet 121.1.1.0/24 on Router B, and enable BFD for both routes. Configure a static route to subnet 120.1.1.0/24 and a static route to subnet 121.1.1.0/24 on Router C.
  • Page 25 [RouterB] ip route-static 121.1.1.0 24 GigabitEthernet 2/1/1 12.1.1.1 bfd control-packet [RouterB] ip route-static 121.1.1.0 24 GigabitEthernet 2/1/2 13.1.1.2 preference 65 [RouterB] quit # Configure static routes on Router C. <RouterC> system-view [RouterC] ip route-static 120.1.1.0 24 GigabitEthernet 2/1/2 13.1.1.1 [RouterC] ip route-static 121.1.1.0 24 GigabitEthernet 2/1/1 10.1.1.102 Verify the configuration: # Display BFD sessions on Router A.

  • Page 26: Bfd For Static Routes Configuration Example (Indirect Next Hop)

    # Display the static route information again. Router A communicates with Router B over the static route passing Router C now. <RouterA> display ip routing-table protocol static Public Routing Table : Static Summary Count : 2 Static Routing table Status : <Active> Summary Count : 1 Destination/Mask Proto...
  • Page 27 Configuration procedure Configure IP addresses for the interfaces. (Details not shown.) Configure static routes and BFD: # Configure static routes on Router A and enable BFD control packet mode for the static route through Router D. <RouterA> system-view [RouterA] interface loopback 1 [RouterA-LoopBack1] bfd min-transmit-interval 500 [RouterA-LoopBack1] bfd min-receive-interval 500 [RouterA-LoopBack1] bfd detect-multiplier 9...
  • Page 28 Summary Count : 2 Static Routing table Status : <Active> Summary Count : 1 Destination/Mask Proto Cost NextHop Interface 120.1.1.0/24 Static 60 2.2.2.9 GE2/1/1 Static Routing table Status : <Inactive> Summary Count : 1 Destination/Mask Proto Cost NextHop Interface 120.1.1.0/24 Static 65 10.1.1.100 GE2/1/2...

  • Page 29: Static Route Frr Configuration Example

    Static route FRR configuration example Network requirements As shown in Figure 5, configure static routes on Router S, Router A, and Router D, and configure static route FRR so that when Link A fails, traffic can be switched to Link B immediately. Figure 5 Network diagram Router A Link B...
  • Page 30 [RouterD-route-policy] quit [RouterD] ip route-static fast-reroute route-policy frr Verify the configuration: # Display route 4.4.4.4/32 on Router S to view the backup next hop information. [RouterS] display ip routing-table 4.4.4.4 verbose Routing Table : Public Summary Count : 1 Destination: 4.4.4.4/32 Protocol: Static Process ID: 0 Preference: 60...

  • Page 31: Configuring A Default Route

    Configuring a default route A default route is used to forward packets that match no entry in the routing table. Without a default route, a packet that does not match any routing entries is discarded. A default route can be configured in either of the following ways: •...

  • Page 32: Configuring Rip

    Configuring RIP Routing Information Protocol (RIP) is a distance-vector simple interior gateway protocol suited to small-sized networks. It employs UDP to exchange route information through port 520. Overview RIP uses a hop count to measure the distance to a destination. The hop count from a router to a directly connected network is 0.

  • Page 33: Rip Operation

    • Poison reverse—Enables RIP to set the metric of routes received from a neighbor to 16 and sends back these routes to the neighbor so the neighbor can delete such information from its routing table to prevent routing loops. • Triggered updates—RIP immediately advertises triggered updates for topology changes to reduce the possibility of routing loops and to speed up convergence.

  • Page 34: Protocols And Standards

    Protocols and standards • RFC 1058, Routing Information Protocol • RFC 1723, RIP Version 2 - Carrying Additional Information • RFC 1721, RIP Version 2 Protocol Analysis • RFC 1722, RIP Version 2 Protocol Applicability Statement • RFC 1724, RIP Version 2 MIB Extension •...

  • Page 35: Enabling Rip

    • Configure the link layer protocol. • Configure IP addresses for interfaces to ensure IP connectivity between neighboring routers. Enabling RIP Perform this task to create a RIP process and enable the RIP process on the interface attached to the specified network. An interface that is not on the specified network does not run RIP. If you configure RIP settings in interface view before enabling RIP, the settings do not take effect until RIP is enabled.

  • Page 36: Configuring Rip Route Control

    A RIPv2-enabled broadcast interface sends RIPv2 broadcasts and can receive RIPv1 unicasts and broadcasts, and RIPv2 broadcasts, multicasts, and unicasts. You can configure a global RIP version in RIP view or an interface-specific RIP version in interface view. An interface preferentially uses the interface-specific RIP version. If no interface-specific version is specified, the interface uses the global RIP version.

  • Page 37: Configuring Ripv2 Route Summarization

    An inbound additional metric is added to the metric of a received route before the route is added into the routing table, and the route's metric is changed. If the sum of the additional metric and the original metric is greater than 16, the metric of the route becomes 16. To configure additional routing metrics: Step Command...

  • Page 38: Disabling Host Route Reception

    Step Command Remarks Enter system view. system-view rip [ process-id ] [ vpn-instance Enter RIP view. vpn-instance-name ] Disable RIPv2 automatic By default, RIPv2 automatic route undo summary route summarization. summarization is enabled. Return to system view. quit interface interface-type Enter interface view.

  • Page 39: Configuring Received/Redistributed Route Filtering

    Step Command Remarks Optional. rip default-route { { only | By default, a RIP interface can Configure the RIP interface originate } [ cost cost ] | advertise a default route if the RIP to advertise a default route. no-originate } process is configured with default route advertisement.

  • Page 40: Configuring Rip Route Redistribution

    Configuring RIP route redistribution Perform this task to configure RIP to redistribute routes from other routing protocols, including OSPF, IS-IS, BGP, static, and direct routes. Only active routes can be redistributed. To display active routes, use the display ip routing-table protocol command. To configure RIP route redistribution: Step Command...

  • Page 41: Configuring Split Horizon And Poison Reverse

    Configuring split horizon and poison reverse The split horizon and poison reverse functions can prevent routing loops. If both split horizon and poison reverse are configured, only the poison reverse function takes effect. Enabling split horizon Split horizon disables RIP from sending routes through the interface where the routes were learned to prevent routing loops between adjacent routers.

  • Page 42: Enabling Zero Field Check On Incoming Ripv1 Messages

    Enabling zero field check on incoming RIPv1 messages Some fields in the RIPv1 message must be set to zero. These fields are called "zero fields." You can enable zero field check on incoming RIPv1 messages. If a zero field of a message contains a non-zero value, RIPv1 does not process the message.

  • Page 43: Specifying A Rip Neighbor

    To configure RIPv2 message authentication: Step Command Enter system view. system-view Enter interface view. interface interface-type interface-number rip authentication-mode { md5 { rfc2082 [ cipher ] Configure RIPv2 authentication. key-string key-id | rfc2453 [ cipher ] key-string } | simple [ cipher ] password } Specifying a RIP neighbor Usually, RIP sends messages to broadcast or multicast addresses.

  • Page 44: Configuring Rip Frr

    To configure the RIP packet sending rate: Step Command Remarks Enter system view. system-view rip [ process-id ] [ vpn-instance Enter RIP view. vpn-instance-name ] Specify the interval for Optional. sending RIP packets and the By default, an interface sends up maximum number of RIP output-delay time count count to three RIP packets every 20...

  • Page 45: Configuring Bfd For Rip

    Step Command Remarks rip [ process-id ] [ vpn-instance Enter RIP view. vpn-instance-name ] Enable RIP FRR and reference a routing policy to fast-reroute route-policy Disabled by default. designate a backup next route-policy-name hop. Configuring BFD for RIP BFD for RIP provides the following link detection modes: •...

  • Page 46: Enabling Bidirectional Control Detection

    Step Command Remarks Enter system view. system-view Configure the source IP By default, no source IP address address of BFD echo is configured for BFD echo bfd echo-source-ip ip-address packets. packets. interface interface-type Enter interface view. interface-number By default, BFD for RIP is disabled.

  • Page 47: Rip Configuration Examples

    Task Command Remarks display rip process-id database Display all active routes in RIP [ | { begin | exclude | include } Available in any view. database. regular-expression ] display rip process-id interface [ interface-type interface-number ] Display RIP interface information. Available in any view.

  • Page 48: Configuring Rip Route Redistribution

    # Display the RIP routing table on Router A. [RouterA] display rip 1 route Route Flags: R - RIP, T - TRIP P - Permanent, A - Aging, S - Suppressed, G - Garbage-collect -------------------------------------------------------------------------- Peer 1.1.1.2 on GigabitEthernet2/1/1 Destination/Mask Nexthop Cost Flags...
  • Page 49 Figure 8 Network diagram Configuration procedure Configure IP addresses for interfaces. (Details not shown.) Configure basic RIP basic functions: # Enable RIP 100, and configure a RIPv2 on Router A. <RouterA> system-view [RouterA] rip 100 [RouterA-rip-100] network 10.0.0.0 [RouterA-rip-100] network 11.0.0.0 [RouterA-rip-100] version 2 [RouterA-rip-100] undo summary [RouterA-rip-100] quit...
  • Page 50 16.4.1.1/32 Direct 0 127.0.0.1 InLoop0 127.0.0.0/8 Direct 0 127.0.0.1 InLoop0 127.0.0.1/32 Direct 0 127.0.0.1 InLoop0 Configure RIP route redistribution: # Configure RIP 200 to redistribute direct routes and routes from RIP 100 on Router B. [RouterB] rip 200 [RouterB-rip-200] import-route rip 100 [RouterB-rip-200] import-route direct [RouterB-rip-200] quit # Display the routing table of Router C.

  • Page 51: Configuring An Additional Metric For A Rip Interface

    Configuring an additional metric for a RIP interface Network requirements As shown in Figure 9, run RIPv2 on all the interfaces of Router A, Router B, Router C, Router D, and Router E. Router A has two links to Router D. The link from Router B to Router D is more stable than that from Router C to Router D.

  • Page 52: Configuring Rip To Advertise A Summary Route

    # Configure Router E. <RouterE> system-view [RouterE] rip [RouterE-rip-1] network 1.0.0.0 [RouterE-rip-1] version 2 [RouterE-rip-1] undo summary # Display the IP routing table on Router A. [RouterA] display rip 1 database 1.0.0.0/8, cost 0, ClassfulSumm 1.1.1.0/24, cost 0, nexthop 1.1.1.1, Rip-interface 1.1.2.0/24, cost 0, nexthop 1.1.2.1, Rip-interface 1.1.3.0/24, cost 1, nexthop 1.1.1.2 1.1.4.0/24, cost 1, nexthop 1.1.2.2...
  • Page 53 Figure 10 Network diagram Configuration procedure Configure IP addresses for interfaces. (Details not shown.) Configure basic OSPF: # Configure Router A. <RouterA> system-view [RouterA] ospf [RouterA-ospf-1] area 0 [RouterA-ospf-1-area-0.0.0.0] network 10.5.1.0 0.0.0.255 [RouterA-ospf-1-area-0.0.0.0] network 10.2.1.0 0.0.0.255 [RouterA-ospf-1-area-0.0.0.0] quit # Configure Router B. <RouterB>...

  • Page 54: Configuring Rip Frr

    [RouterD-rip-1] version 2 [RouterD-rip-1] undo summary [RouterD-rip-1] quit # Configure RIP to redistribute the routes from OSPF process 1 and direct routes on Router C. [RouterC-rip-1] import-route direct [RouterC-rip-1] import-route ospf 1 [RouterC-rip-1] quit # Display the IP routing table on Router D. [RouterD] display ip routing-table Routing Tables: Public Destinations : 10...
  • Page 55 Figure 11 Network diagram Configuration procedure Configure IP addresses for the interfaces on each router and configure RIPv2: Follow Figure 11 to configure the IP address and subnet mask of each interface on the routers. (Details not shown.) Configure RIPv2 on the routers, ensuring that Router A, Router D, and Router S can communicate with each other at Layer 3.

  • Page 56: Configuring Bfd For Rip (Single-Hop Echo Detection)

    Protocol: RIP Process ID: 1 Preference: 100 Cost: 1 IpPrecedence: QosLcId: NextHop: 13.13.13.2 Interface: GigabitEthernet2/1/2 BkNextHop: 12.12.12.2 BkInterface: GigabitEthernet2/1/1 RelyNextHop: 0.0.0.0 Neighbor : 0.0.0.0 Tunnel ID: 0x0 Label: NULL BKTunnel ID: 0x0 BKLabel: NULL State: Active Adv Age: 00h01m27s Tag: 0 # Display route 1.1.1.1/32 on Router D.
  • Page 57 Figure 12 Network diagram Configuration procedure Configure IP addresses for interfaces. (Details not shown.) Configure basic RIP and enable BFD on the interfaces: # Configure Router A. <RouterA> system-view [RouterA] rip 1 [RouterA-rip-1] network 192.168.1.0 [RouterA-rip-1] quit [RouterA] interface GigabitEthernet 2//1 [RouterA-GigabitEthernet2/1/1] rip bfd enable [RouterA-GigabitEthernet2/1/1] quit [RouterA] rip 2...
  • Page 58 Configure a static route on Router C: [RouterC] ip route-static 100.1.1.1 24 null 0 Verify the configuration: # Display the BFD session information of Router A. <RouterA> display bfd session Total Session Num: 1 Init Mode: Active Session Working Under Echo Mode: SourceAddr DestAddr State...

  • Page 59: Configure Bfd For Rip (Single-Hop Echo Detection For A Specified Destination)

    # Display the RIP routes of RIP process 1 on Router A. <RouterA> display rip 1 route Route Flags: R - RIP, T - TRIP P - Permanent, A - Aging, S - Suppressed, G - Garbage-collect ---------------------------------------------------------------------------- The output shows that the RIP route learned from Router C no longer exists. # Display the RIP route destined for 100.1.1.0/24 on Router A.
  • Page 60 Figure 13 Network diagram Router B GE2/1/1 GE2/1/2 192.168.2.2/24 192.168.3.1/24 GE2/1/2 192.168.3.2/24 Router A Router C RIP packets Fault BFD session Configuration procedure Configure IP addresses for interfaces. (Details not shown.) Configure basic RIP and enable BFD on the interfaces: # Configure Router A.
  • Page 61 Verify the configuration: # Display the BFD session information on Router A. <RouterA> display bfd session Total session number: 1 Up session number: 1 Init Mode: Active IPv4 session working under Echo mode: SourceAddr DestAddr State Holdtime Interface 192.168.2.1 192.168.2.2 2000ms GE2/1/2 # Display routes destined for 100.1.1.0/24 on Router B.

  • Page 62: Configuring Bfd For Rip (Bidirectional Control Detection)

    # Display routes destined for 100.1.1.0/24 on Router B when the route learned from Router A ages out. <RouterB> display ip routing-table 100.1.1.0 24 verbose Routing Table : Public Summary Count : 1 Destination: 100.1.1.0/24 Protocol: RIP Process ID: 1 Preference: 100 Cost: 4 IpPrecedence:...
  • Page 63 Configuration procedure Configure IP addresses for interfaces. (Details not shown.) Configure basic RIP basic and enable static route redistribution into RIP so Router A and Router C have routes to send to each other: # Configure Router A. <RouterA> system-view [RouterA] rip 1 [RouterA-rip-1] network 192.168.1.0 [RouterA-rip-1] peer 192.168.2.2...

  • Page 64: Configure Static Routes

    # Configure Router B. <RouterB> system-view [RouterB] interface GigabitEthernet 2/1/2 [RouterB-GigabitEthernet2/1/2] ip address 192.168.1.2 24 [RouterB-GigabitEthernet2/1/2] quit [RouterB] interface GigabitEthernet 2/1/1 [RouterB-GigabitEthernet2/1/1] ip address 192.168.2.1 24 # Configure Router C. [RouterC] bfd session init-mode active [RouterC] interface GigabitEthernet 2/1/1 [RouterC-GigabitEthernet2/1/1] ip address 192.168.2.2 24 [RouterC-GigabitEthernet2/1/1] bfd min-transmit-interval 500 [RouterC-GigabitEthernet2/1/1] bfd min-receive-interval 500 [RouterC-GigabitEthernet2/1/1] bfd detect-multiplier 6...
  • Page 65 BkNextHop: 0.0.0.0 BkInterface: RelyNextHop: 192.168.1.2 Neighbor : 192.168.2.2 Tunnel ID: 0x0 Label: NULL BKTunnel ID: 0x0 BKLabel: NULL State: Active Adv GotQ Age: 00h04m02s Tag: 0 Destination: 100.1.1.0/24 Protocol: RIP Process ID: 2 Preference: 100 Cost: 2 IpPrecedence: QosLcId: NextHop: 192.168.3.2 Interface: GigabitEthernet2/1/1 BkNextHop: 0.0.0.0 BkInterface:...

  • Page 66: Troubleshooting Rip

    Tunnel ID: 0x0 Label: NULL BKTunnel ID: 0x0 BKLabel: NULL State: Active Adv Age: 00h10m35s Tag: 0 Troubleshooting RIP No RIP updates received Symptom No RIP updates are received when the links work correctly. Analysis After enabling RIP, use the network command to enable corresponding interfaces. Make sure no interfaces are disabled from handling RIP messages.

  • Page 67: Configuring Ospf

    Configuring OSPF This chapter describes how to configure OSPF. Overview Open Shortest Path First (OSPF) is a link state interior gateway protocol developed by the OSPF working group of the IETF. OSPF version 2 is used for IPv4. Unless otherwise stated, OSPF refers to OSPFv2 (defined in RFC 2328) throughout this document.

  • Page 68: Ospf Area

    • Network LSA—Type-2 LSA, originated for broadcast and NBMA networks by the designated router, and flooded throughout a single area only. This LSA contains the list of routers connected to the network. • Network Summary LSA—Type-3 LSA, originated by ABRs (Area Border Routers), and flooded throughout the LSA's associated area.
  • Page 69 Backbone area and virtual links Each AS has a backbone area that distributes routing information between non-backbone areas. Routing information between non-backbone areas must be forwarded by the backbone area. OSPF requires the following: • All non-backbone areas must maintain connectivity to the backbone area. •...

  • Page 70: Router Types

    routes. It advertises a default route in a Type-3 LSA so that the routers in the area can reach external networks through the default route. NSSA area and totally NSSA area A Not-So-Stubby Area (NSSA) area does not import AS external LSAs (Type-5 LSAs) but it can import Type-7 LSAs generated by the NSSA ASBR.

  • Page 71: Route Types

    Figure 19 OSPF router types IS-IS ASBR Area 1 Area 4 Backbone router Internal router Area 0 Area 3 Area 2 Route types OSPF prioritizes routes into the following levels: • Intra-area route • Inter-area route • Type-1 external route •...

  • Page 72: Ospf Network Types

    • Each OSPF router collects LSAs from other routers to compose an LSDB. An LSA describes the network topology around a router, and the LSDB describes the entire network topology of the area. • Each router transforms the LSDB to a weighted directed graph that shows the topology of the area.

  • Page 73: Protocols And Standards

    Figure 20 DR and BDR in a network DR other DR other DR other In OSPF, "neighbor" and "adjacency" are different concepts. After startup, OSPF sends a hello packet on each OSPF interface. A receiving router checks parameters in the packet. If the parameters match its own, the receiving router considers the sending router an OSPF neighbor.
  • Page 74 Task Remarks Enabling OSPF Required. Configuring a stub area Configuring OSPF areas Configuring an NSSA area Optional. Configuring a virtual link Configuring the broadcast network type for an interface Optional. Configuring the NBMA network type for an interface Optional. Configuring OSPF network types Configuring the P2MP network type for an interface Optional.

  • Page 75: Enabling Ospf

    Task Remarks Configuring the OSPF GR helper Optional. Triggering OSPF GR Optional. Configuring OSPF NSR Optional. Configuring BFD for OSPF Optional. Enabling OSPF Enable OSPF before you perform other OSPF configuration tasks. Configuration prerequisites Configure the link layer protocol and IP addresses for interfaces so that neighboring nodes can communicate with each other.

  • Page 76: Configuring Ospf Areas

    Step Command Remarks Optional. Not configured by default. If no global router ID is configured, the Configure a global router highest loopback interface IP address, if router id router-id any, is used as the router ID. If no loopback interface IP address is available, the highest physical interface IP address is used, regardless of the interface status.

  • Page 77: Configuring An Nssa Area

    Step Command Remarks Enter system view. system-view ospf [ process-id | router-id Enter OSPF view. router-id | vpn-instance vpn-instance-name ] * Enter area view. area area-id Not configured by default. You cannot configure the backbone area as a stub or totally stub Configure the area as a stub area.

  • Page 78: Configuring A Virtual Link

    NOTE: Virtual links cannot transit a stub area or totally stub areas. Configuring a virtual link Non-backbone areas exchange routing information through the backbone area. Connectivity between the backbone and non-backbone areas and within the backbone must be available. You can configure virtual links to ensure the connectivity when physical links are not enough. Virtual links cannot transit a stub area, a totally stub area, an NSSA area, or a totally NSSA area.

  • Page 79: Configuration Prerequisites

    Two broadcast-, NBMA-, P2MP-type interfaces can establish a neighbor relationship only when they are on the same network segment. Configuration prerequisites Before you configure OSPF network types, complete the following tasks: • Configure IP addresses for interfaces so neighboring nodes can reach each other at network layer.

  • Page 80: Configuring The P2Mp Network Type For An Interface

    Step Command Remarks Exit to system view. quit ospf [ process-id | router-id Enter OSPF view. router-id | vpn-instance vpn-instance-name ] * Specify a neighbor and its peer ip-address [ cost value | By default, no neighbor is specified. router priority. dr-priority dr-priority ] Configuring the P2MP network type for an interface Step...

  • Page 81: Configuring Ospf Route Control

    Configuring OSPF route control This section describes how to control the advertisement and reception of OSPF routing information, as well as route redistribution from other protocols. Configuration prerequisites Before you configure OSPF route control, complete the following tasks: • Configure IP addresses for interfaces. •...

  • Page 82: Configuring Ospf Inbound Route Filtering

    Step Command Remarks Enter system view. system-view ospf [ process-id | router-id Enter OSPF view. router-id | vpn-instance vpn-instance-name ]* The command is available on an asbr-summary ip-address { mask | Configure ASBR route ASBR only. mask-length } [ tag tag | summarization.

  • Page 83: Configuring An Ospf Cost For An Interface

    Configuring an OSPF cost for an interface You can configure an OSPF cost for an interface by using either of the following methods: • Configure the cost value in interface view • Configure a bandwidth reference value for the interface. OSPF computes the cost with this formula: Interface OSPF cost = Bandwidth reference value (100 Mbps)/Interface bandwidth (Mbps).

  • Page 84: Configuring Ospf Preference

    Configuring OSPF preference A router can run multiple routing protocols, and each protocol is assigned a preference. When the routing protocols find routes to the same destination, the route found by the protocol with the highest preference is selected as the best route. To configure OSPF preference: Step Command...

  • Page 85: Advertising A Host Route

    Step Command Remarks Enter system view. system-view ospf [ process-id | router-id router-id | Enter OSPF view. vpn-instance vpn-instance-name ] * Not redistributed by default. default-route-advertise [ [ [ always | default-route-advertise Redistribute a default permit-calculate-other ] | cost cost | summary cost command route.

  • Page 86: Tuning And Optimizing Ospf Networks

    Tuning and optimizing OSPF networks You can optimize an OSPF network in the following ways: • Change OSPF packet timers to adjust the convergence speed and network load. On low-speed links, consider the delay time for sending LSAs. • Change the SPF calculation interval to reduce resource consumption caused by frequent network changes.

  • Page 87: Specifying Lsa Transmission Delay

    Step Command Remarks Optional. The default dead interval is 40 seconds on Specify the dead P2P and broadcast interfaces and 120 ospf timer dead seconds interval. seconds on P2MP and NBMA interfaces. The default dead interval is restored when the network type for an interface is changed.

  • Page 88: Specifying The Lsa Arrival Interval

    Specifying the LSA arrival interval If OSPF receives an LSA that has the same LSA type, LS ID, and router ID as the previously received LSA within the LSA arrival interval, OSPF discards the LSA to save bandwidth and route resources. To configure the LSA arrival interval: Step Command...

  • Page 89: Configuring Stub Routers

    • After an OSPF interface is set to "silent," other interfaces on the router can still advertise direct routes of the interface in Router LSAs, but the interface cannot send any packet. This configuration can enhance OSPF networking adaptability and reduce resource consumption. To disable interfaces from receiving and sending routing information: Step Command...

  • Page 90: Adding The Interface Mtu Into Dd Packets

    Configure the new MD5/HMAC-MD5 authentication key on all neighbor devices. When the local device receives packets with the new key from all neighbor devices, it exits MD5 key rollover. Delete the old MD5/HMAC-MD5 authentication key from the local device and all its neighbors. This operation helps prevent attacks from devices that use the old key for communication and reduces system resources and bandwidth consumption caused by key rollover.

  • Page 91: Configuring The Maximum Number Of External Lsas In Lsdb

    Configuring the maximum number of external LSAs in LSDB To configure the maximum number of external LSAs in the LSDB: Step Command Remarks Enter system view. system-view ospf [ process-id | router-id router-id | Enter OSPF view. vpn-instance vpn-instance-name ] * Optional.

  • Page 92: Enabling Message Logging

    • Level-3—Fault traps • Level-4—Alarm traps • Level-5—Normal but important traps • Level-6—Notification traps The generated traps are sent to the information center of the device. The output rules of the traps (whether to output the traps and the output direction) are determined according to the information center configuration.

  • Page 93: Configuring Ospf To Give Priority To Receiving And Processing Hello Packets

    Step Command Remarks Optional. Enable the advertisement and reception of opaque opaque-capability enable By default, the LSAs. function is disabled. Configuring OSPF to give priority to receiving and processing hello packets To ensure OSPF runs correctly, a router receives and processes hello packets and other protocol packets at the same time.

  • Page 94: Configuring Ospf Frr

    Step Command Remarks ospf [ process-id | router-id router-id | Enter OSPF view. vpn-instance vpn-instance-name ] * Optional. Enable OSPF ISPF. ispf enable By default, OSPF ISPF is disabled. Configuring OSPF FRR When a link fails, the packets on the link are discarded, and a routing loop might occur until OSPF completes routing convergence based on the new network topology.

  • Page 95: Configuring Ospf Gr

    Step Command Remarks ospf [ process-id | router-id Enter OSPF view. router-id | vpn-instance vpn-instance-name ] * Not configured by default. Enable OSPF FRR to If abr-only is specified, the route to automatically calculate a fast-reroute auto [ abr-only ] the ABR is selected as the backup backup next hop.

  • Page 96: Configuring The Ospf Gr Helper

    Configuring the IETF standard OSPF GR restarter Step Command Remarks Enter system view. system-view ospf [ process-id | router-id Enable OSPF and enter router-id | vpn-instance its view. vpn-instance-name ] * Enable opaque LSA Disabled by default. opaque-capability enable advertisement capability. Enable the IETF standard Disabled by default.

  • Page 97: Triggering Ospf Gr

    Configuring the non-IETF standard OSPF GR helper Step Command Remarks Enter system view. system-view ospf [ process-id | router-id 21. Enable OSPF and enter its router-id | vpn-instance view. vpn-instance-name ] * 22. Enable the link-local Disabled by default. enable link-local-signaling signaling capability.

  • Page 98: Configuring Bfd For Ospf

    Step Command Remarks By default, OSPF NSR is Enable OSPF NSR. ospf non-stop-routing disabled. Configuring BFD for OSPF Bidirectional forwarding detection (BFD) provides a single mechanism to quickly detect and monitor the connectivity of links between OSPF neighbors, reducing network convergence time. For more information about BFD, see High Availability Configuration Guide.

  • Page 99: Displaying And Maintaining Ospf

    Step Command Remarks Exit to system view. quit interface interface-type Enter interface view. interface-number Enable BFD echo packet single-hop Not enabled by ospf bfd enable echo detection on the interface. default. Displaying and maintaining OSPF Task Command Remarks display ospf [ process-id ] brief [ | { begin | Available in any Display OSPF brief information.

  • Page 100: Ospf Configuration Examples

    Task Command Remarks display ospf [ process-id ] error [ | { begin | Available in any Display OSPF error information. exclude | include } regular-expression ] view. display ospf [ process-id ] asbr-summary Display OSPF ASBR Available in any [ ip-address { mask | mask-length } ] [ | { begin | summarization information.
  • Page 101 [RouterA-ospf-1] area 0 [RouterA-ospf-1-area-0.0.0.0] network 10.1.1.0 0.0.0.255 [RouterA-ospf-1-area-0.0.0.0] quit [RouterA-ospf-1] area 1 [RouterA-ospf-1-area-0.0.0.1] network 10.2.1.0 0.0.0.255 [RouterA-ospf-1-area-0.0.0.1] quit [RouterA-ospf-1] quit # Configure Router B. <RouterB> system-view [RouterB] ospf [RouterB-ospf-1] area 0 [RouterB-ospf-1-area-0.0.0.0] network 10.1.1.0 0.0.0.255 [RouterB-ospf-1-area-0.0.0.0] quit [RouterB-ospf-1] area 2 [RouterB-ospf-1-area-0.0.0.2] network 10.3.1.0 0.0.0.255 [RouterB-ospf-1-area-0.0.0.2] quit [RouterB-ospf-1] quit...
  • Page 102 Neighbors Area 0.0.0.1 interface 10.2.1.1(GigabitEthernet2/1/2)'s neighbors Router ID: 10.4.1.1 Address: 10.2.1.2 GR State: Normal State: Full Mode: Nbr is Master Priority: 1 DR: 10.2.1.1 BDR: 10.2.1.2 MTU: 0 Dead timer due in 32 Neighbor is up for 06:03:12 Authentication Sequence: [ 0 ] Neighbor state change count: 5 # Display OSPF routing information on Router A.

  • Page 103: Configuring Ospf Route Redistribution

    Sum-Net 10.1.1.0 10.2.1.1 1069 8000000F Sum-Asbr 10.3.1.1 10.2.1.1 1069 8000000F # Display OSPF routing information on Router D. [RouterD] display ospf routing OSPF Process 1 with Router ID 10.5.1.1 Routing Tables Routing for Network Destination Cost Type NextHop AdvRouter Area 10.2.1.0/24 Inter 10.3.1.1...
  • Page 104 Figure 23 Network diagram Configuration procedure Configure IP addresses for interfaces. (Details not shown.) Configure OSPF basic functions (see "Configuring OSPF basic functions"). Configure OSPF to redistribute routes: # On Router C, configure a static route destined for network 3.1.2.0/24. <RouterC>...

  • Page 105: Configuring Ospf To Advertise A Summary Route

    Destination Cost Type NextHop AdvRouter 3.1.2.0/24 Type2 10.3.1.1 10.4.1.1 Total Nets: 6 Intra Area: 2 Inter Area: 3 ASE: 1 NSSA: 0 Configuring OSPF to advertise a summary route Network requirements • Configure OSPF on Router A and Router B in AS 200. •...
  • Page 106 [RouterB-ospf-1-area-0.0.0.0] network 11.2.1.0 0.0.0.255 [RouterB-ospf-1-area-0.0.0.0] quit [RouterB-ospf-1] quit # Configure Router C. <RouterC> system-view [RouterC] ospf [RouterC-ospf-1] area 0 [RouterC-ospf-1-area-0.0.0.0] network 10.1.1.0 0.0.0.255 [RouterC-ospf-1-area-0.0.0.0] network 10.2.1.0 0.0.0.255 [RouterC-ospf-1-area-0.0.0.0] quit [RouterC-ospf-1] quit # Configure Router D. <RouterD> system-view [RouterD] ospf [RouterD-ospf-1] area 0 [RouterD-ospf-1-area-0.0.0.0] network 10.1.1.0 0.0.0.255 [RouterD-ospf-1-area-0.0.0.0] network 10.3.1.0 0.0.0.255 [RouterD-ospf-1-area-0.0.0.0] quit...

  • Page 107: Configuring An Ospf Stub Area

    [RouterA] display ip routing-table Routing Tables: Public Destinations : 8 Routes : 8 Destination/Mask Proto Cost NextHop Interface 10.1.1.0/24 O_ASE 11.2.1.1 GE2/1/1 10.2.1.0/24 O_ASE 11.2.1.1 GE2/1/1 10.3.1.0/24 O_ASE 11.2.1.1 GE2/1/1 10.4.1.0/24 O_ASE 11.2.1.1 GE2/1/1 11.2.1.0/24 Direct 0 11.2.1.2 GE2/1/1 11.2.1.2/32 Direct 0 127.0.0.1 InLoop0...
  • Page 108 Figure 25 Network diagram Configuration procedure Configure IP addresses for interfaces. (Details not shown.) Configure OSPF basic functions (see "Configuring OSPF basic functions"). Configure Router D to redistribute static routes: <RouterD> system-view [RouterD] ip route-static 3.1.2.1 24 10.5.1.2 [RouterD] ospf [RouterD-ospf-1] import-route static [RouterD-ospf-1] quit # Display ABR/ASBR information on Router C.
  • Page 109 3.1.2.0/24 Type2 10.2.1.1 10.5.1.1 Total Nets: 6 Intra Area: 2 Inter Area: 3 ASE: 1 NSSA: 0 Because Router C resides in a normal OSPF area, its routing table contains an AS external route. Configure Area 1 as a stub area: # Configure Router A.

  • Page 110: Configuring An Ospf Nssa Area

    OSPF Process 1 with Router ID 10.4.1.1 Routing Tables Routing for Network Destination Cost Type NextHop AdvRouter Area 0.0.0.0/0 Inter 10.2.1.1 10.2.1.1 0.0.0.1 10.2.1.0/24 Transit 10.2.1.2 10.4.1.1 0.0.0.1 10.4.1.0/24 Stub 10.4.1.1 10.4.1.1 0.0.0.1 Total Nets: 3 Intra Area: 2 Inter Area: 1 ASE: 0 NSSA: 0 The output shows that inter-area routes are removed, and only one external route (a default...
  • Page 111 [RouterC-ospf-1] area 1 [RouterC-ospf-1-area-0.0.0.1] nssa [RouterC-ospf-1-area-0.0.0.1] quit [RouterC-ospf-1] quit NOTE: • To allow Router C in the NSSA area to reach other areas within the AS, you must provide the keyword default-route-advertise for the nssa command issued on Router A (the ABR) so Router C can obtain a default route.

  • Page 112: Configuring Ospf Dr Election

    Destination Cost Type NextHop AdvRouter 3.1.2.0/24 Type2 10.3.1.1 10.2.1.1 Total Nets: 6 Intra Area: 2 Inter Area: 3 ASE: 1 NSSA: 0 The output shows an external route imported from the NSSA area on Router D. Configuring OSPF DR election Network requirements •...
  • Page 113 [RouterC] ospf [RouterC-ospf-1] area 0 [RouterC-ospf-1-area-0.0.0.0] network 192.168.1.0 0.0.0.255 [RouterC-ospf-1-area-0.0.0.0] quit [RouterC-ospf-1] quit # Configure Router D. <RouterD> system-view [RouterD] router id 4.4.4.4 [RouterD] ospf [RouterD-ospf-1] area 0 [RouterD-ospf-1-area-0.0.0.0] network 192.168.1.0 0.0.0.255 [RouterD-ospf-1-area-0.0.0.0] quit [RouterD-ospf-1] return # Display neighbor information on Router A. [RouterA] display ospf peer verbose OSPF Process 1 with Router ID 1.1.1.1 Neighbors...
  • Page 114 [RouterB-GigabitEthernet2/1/1] ospf dr-priority 0 [RouterB-GigabitEthernet2/1/1] quit # Configure Router C. [RouterC] interface GigabitEthernet 2/1/1 [RouterC-GigabitEthernet2/1/1] ospf dr-priority 2 [RouterC-GigabitEthernet2/1/1] quit # Display information about neighbors on Router D. <RouterD> display ospf peer verbose OSPF Process 1 with Router ID 4.4.4.4 Neighbors Area 0.0.0.0 interface 192.168.1.4(GigabitEthernet2/1/1)'s neighbors Router ID: 1.1.1.1...

  • Page 115: Configuring Ospf Virtual Links

    DR: 192.168.1.1 BDR: 192.168.1.3 MTU: 0 Dead timer due in 39 Neighbor is up for 00:01:40 Authentication Sequence: [ 0 ] Router ID: 2.2.2.2 Address: 192.168.1.2 GR State: Normal State: 2-Way Mode: None Priority: 0 DR: 192.168.1.1 BDR: 192.168.1.3 MTU: 0 Dead timer due in 35 Neighbor is up for 00:01:44 Authentication Sequence: [ 0 ]...
  • Page 116 Figure 28 Network diagram Configuration procedure Configure IP addresses for interfaces. (Details not shown.) Configure OSPF basic functions: # Configure Router A. <RouterA> system-view [RouterA] ospf 1 router-id 1.1.1.1 [RouterA-ospf-1] area 0 [RouterA-ospf-1-area-0.0.0.0] network 10.1.1.0 0.0.0.255 [RouterA-ospf-1-area-0.0.0.0] quit # Configure Router B. <RouterB>...

  • Page 117: Configuring Ospf Gr

    OSPF Process 1 with Router ID 2.2.2.2 Routing Tables Routing for Network Destination Cost Type NextHop AdvRouter Area 10.2.1.0/24 Transit 10.2.1.1 3.3.3.3 0.0.0.1 10.1.1.0/24 Transit 10.1.1.2 2.2.2.2 0.0.0.0 Total Nets: 2 Intra Area: 2 Inter Area: 0 ASE: 0 NSSA: 0 Area 0 has no direct connection to Area 2, so the OSPF routing table of Router B has no route to Area 2.
  • Page 118 Figure 29 Network diagram Configuration procedure Configure IP address for interfaces. (Details not shown.) Configure OSPF basic functions: # Configure Router A <RouterA> system-view [RouterA] router id 1.1.1.1 [RouterA] ospf 100 [RouterA-ospf-100] area 0 [RouterA-ospf-100-area-0.0.0.0] network 192.1.1.0 0.0.0.255 [RouterA-ospf-100-area-0.0.0.0] quit # Configure Router B <RouterB>...
  • Page 119 # Configure Router B as the GR helper: enable the link-local signaling capability and the out-of-band re-synchronization capability for OSPF process 100. [RouterB-ospf-100] enable link-local-signaling [RouterB-ospf-100] enable out-of-band-resynchronization # Configure Router C as the GR helper: enable the link-local signaling capability and the out-of-band re-synchronization capability for OSPF process 100.

  • Page 120: Configuring Ospf Nsr

    Configuring OSPF NSR Network requirements As shown in Figure 30, Router S, Router A, and Router B belong to the same OSPF routing domain. Enable OSPF NSR on Router S to ensure correct routing when an active/standby switchover occurs on Router S. Router S is an HSR6802, HSR6804, or HSR6808 router. Figure 30 Network diagram Configuration procedure Configure IP addresses for the interfaces on each router and configure OSPF:...

  • Page 121: Configuring Route Filtering

    Routing for Network Destination Cost Type NextHop AdvRouter Area 44.44.44.44/32 Stub 12.12.12.2 44.44.44.44 0.0.0.0 14.14.14.0/24 Transit 12.12.12.2 192.168.1.41 0.0.0.0 22.22.22.22/32 Stub 22.22.22.22 192.168.1.40 0.0.0.0 12.12.12.0/24 Transit 12.12.12.1 192.168.1.40 0.0.0.0 Total Nets: 4 Intra Area: 4 Inter Area: 0 ASE: 0 NSSA: 0 # Display OSPF neighbors and routes on Router B.
  • Page 122 Figure 31 Network diagram Configuration procedure Configure IP addresses for interfaces. (Details not shown.) Configure OSPF basic functions (see "Configuring OSPF basic functions"). Configure OSPF to redistribute routes: # On Router C, configure a static route destined for network 3.1.1.0/24. <RouterC>...
  • Page 123 # Configure the IPv4 prefix list. [RouterC] ip ip-prefix prefix1 index 1 deny 3.1.3.0 24 [RouterC] ip ip-prefix prefix1 index 2 permit 3.1.1.0 24 [RouterC] ip ip-prefix prefix1 index 3 permit 3.1.2.0 24 # Reference the prefix list to filter out the route 3.1.3.0/24. [RouterC] ospf 1 [RouterC-ospf-1] filter-policy ip-prefix prefix1 export static # Display the OSPF routing table of Router A.

  • Page 124: Configuring Ospf Frr

    10.2.1.0/24 Direct 0 10.2.1.1 GE2/1/2 10.2.1.1/32 Direct 0 127.0.0.1 InLoop0 10.3.1.0/24 OSPF 10.1.1.2 GE2/1/1 10.4.1.0/24 OSPF 10.2.1.2 GE2/1/2 127.0.0.0/8 Direct 0 127.0.0.1 InLoop0 127.0.0.1/32 Direct 0 127.0.0.1 InLoop0 The route to 10.5.1.1/24 is filtered out. Configuring OSPF FRR Network requirements Router S, Router A, and Router D belong to the same OSPF domain as shown in Figure Configure OSPF FRR so that when the link between Router S and Router D fails, traffic is...
  • Page 125 # Configure Router S. <RouterS> system-view [RouterS] bfd echo-source-ip 1.1.1.1 [RouterS] ip ip-prefix abc index 10 permit 4.4.4.4 32 [RouterS] route-policy frr permit node 10 [RouterS-route-policy] if-match ip-prefix abc [RouterS-route-policy] apply fast-reroute backup-interface GigabitEthernet 2/1/1 backup-nexthop 12.12.12.2 [RouterS-route-policy] quit [RouterS] ospf 1 [RouterS-ospf-1] fast-reroute route-policy frr [RouterS-ospf-1] quit # Configure Router D.

  • Page 126: Configuring Bfd For Ospf

    Preference: 10 Cost: 1 IpPrecedence: QosLcId: NextHop: 13.13.13.1 Interface: GigabitEthernet2/1/2 BkNextHop: 24.24.24.2 BkInterface: GigabitEthernet2/1/1 RelyNextHop: 0.0.0.0 Neighbor : 0.0.0.0 Tunnel ID: 0x0 Label: NULL BKTunnel ID: 0x0 BKLabel: NULL State: Active Adv Age: 00h01m27s Tag: 0 Configuring BFD for OSPF Network requirements As shown in Figure...
  • Page 127 [RouterA-ospf-1-area-0.0.0.0] network 121.1.1.0 0.0.0.255 [RouterA-ospf-1-area-0.0.0.0] quit [RouterA-ospf-1] quit [RouterA] interface GigabitEthernet 2//2 [RouterA-GigabitEthernet2/1/2] ospf cost 2 # Configure Router B. <RouterB> system-view [RouterB] ospf [RouterB-ospf-1] area 0 [RouterB-ospf-1-area-0.0.0.0] network 192.168.0.0 0.0.0.255 [RouterB-ospf-1-area-0.0.0.0] network 13.1.1.0 0.0.0.255 [RouterB-ospf-1-area-0.0.0.0] network 120.1.1.0 0.0.0.255 [RouterB-ospf-1-area-0.0.0.0] quit [RouterB-ospf-1] quit [RouterB] interface GigabitEthernet 2/1/2 [RouterB-GigabitEthernet2/1/2] ospf cost 2...
  • Page 128 192.168.0.102 192.168.0.100 1700ms GE2/1/1 # Display routes to 120.1.1.0/24 on Router A, and you can see that Router A communicates with Router B through the Layer 2 switch. <RouterA> display ip routing-table 120.1.1.0 verbose Routing Table : Public Summary Count : 2 Destination: 120.1.1.0/24 Protocol: OSPF Process ID: 0...
  • Page 129 *0.50673829 RouterA BFD/8/EVENT:Receive Delete-sess, [Src:192.168.0.102, Dst:192.168.0.100,GigabitEthernet2/1/1], Direct, Proto:OSPF *0.50673830 RouterA BFD/8/SCM:Sess[192.168.0.102/192.168.0.100,GE2/1/1], Oper: Del application(OSPF) *0.50673831 RouterA BFD/8/SCM:No application in session, delete session[192.168.0.102/192.168.0.100,GE2/1/1] *0.50673831 RouterA BFD/8/SCM:Sess[192.168.0.102/192.168.0.100,GE2/1/1], Oper: Delete *0.50673832 RouterA BFD/8/SCM:Delete send-packet timer *0.50673833 RouterA BFD/8/SCM:Delete session entry *0.50673833 RouterA BFD/8/SCM:Delete session from IP hash table *0.50673834 RouterA BFD/8/SCM:Delete session from bfd interface *0.50673834 RouterA BFD/8/SCM:No session under bfd-int[GigabitEthernet2/1/1] with default configuration, delete bfd-if...

  • Page 130: Troubleshooting Ospf Configuration

    Troubleshooting OSPF configuration No OSPF neighbor relationship established Symptom No OSPF neighbor relationship can be established. Analysis If the physical link and lower layer protocols work well, check OSPF parameters configured on interfaces. Two neighbors must have the same parameters, such as the area ID, network segment, and mask (a P2P or virtual link might have different network segments and masks).

  • Page 131: Configuring Is-Is

    Configuring IS-IS This chapter describes how to configure IS-IS for an IPv4 network. Overview Intermediate System-to-Intermediate System (IS-IS) is a dynamic routing protocol designed by the International Organization for Standardization (ISO) to operate on the connectionless network protocol (CLNP). IS-IS was modified and extended in RFC 1195 by the IETF for application in both TCP/IP and OSI reference models, and the new one is called "Integrated IS-IS"...

  • Page 132: Net

    Figure 34 NSAP address format Area address The area address comprises the IDP and the HO-DSP of the DSP, which identify the area and the routing domain. Different routing domains cannot have the same area address. Typically, a router only needs one area address, and all nodes in the same area must have the same area address.

  • Page 133: Is-Is Area

    Typically, a router only needs one NET, but it can have a maximum of three NETs for smooth area merging and partitioning. When you configure multiple NETs, make sure their system IDs are the same. IS-IS area IS-IS has a two-level hierarchy to support large-scale networks. A large-scale routing domain is divided into multiple areas.

  • Page 134: Is-Is Network Types

    Figure 36 shows another IS-IS topology. The Level-1-2 routers connect to the Level-1 and Level-2 routers, and form the IS-IS backbone together with the Level-2 routers. No area is defined as the backbone in this topology. The backbone comprises all contiguous Level-2 and Level-1-2 routers in different areas.

  • Page 135: Is-Is Pdus

    The Level-1 and Level-2 DISs are elected separately. You can assign different priorities to a router for different level DIS elections. The higher the router priority, the more likely the router becomes the DIS. If multiple routers with the same highest DIS priority exist, the one with the highest SNPA (Subnetwork Point of Attachment) address (MAC address on a broadcast network) will be elected.
  • Page 136 Common header format Figure 39 PDU common header format No. of Octets Intradomain routing protocol discriminator Length indicator Version/Protocol ID extension ID length PDU type Version Reserved Maximum area address Major fields of the PDU common header are as follows: •...
  • Page 137 Figure 40 L1/L2 LAN IIH format Major fields of the L1/L2 LAN IIH are as follows: • Reserved/Circuit type—The first six bits are reserved with a value of 0. The last two bits indicate the router type—00 means reserved, 01 indicates L1, 10 indicates L2, and 11 indicates L1/2.
  • Page 138 Figure 41 P2P IIH format Instead of the priority and LAN ID fields in the LAN IIH, the P2P IIH has a Local Circuit ID field. The Link State PDUs (LSPs) carry link state information. LSPs include Level-1 LSPs and Level-2 LSP.
  • Page 139 Major fields of the L1/L2 LSP are as follows: • PDU length—Total length of the PDU in bytes. • Remaining lifetime—LSP remaining lifetime in seconds. • LSP ID—Consists of the system ID, the pseudonode ID (one byte) and the LSP fragment number (one byte).
  • Page 140 Figure 44 L1/L2 CSNP format A PSNP only contains the sequence numbers of one or multiple latest received LSPs. It can acknowledge multiple LSPs at one time. When LSDBs are not synchronized, a PSNP is used to request missing LSPs from a neighbor. Figure 45 L1/L2 PSNP format No.

  • Page 141: Supported Is-Is Features

    Table 5 shows that different PDUs contain different CLVs. Code 1 through 10 of are defined in ISO 10589 (code 3 and 5 are not shown in the table), and others are defined in RFC 1195. Table 5 CLV codes and PDU types CLV Code Name PDU Type...
  • Page 142 • GR helper—A neighbor of the GR restarter. It helps the GR restarter to complete the GR process. After an IS-IS GR restarter restarts, it must complete the following tasks to synchronize the LSDB with its neighbors: • Obtain IS-IS neighbor information without changing adjacencies. •...

  • Page 143: Protocols And Standards

    Original LSP—The LSP generated by the originating system. The system ID in its LSP ID field is the system ID of the originating system. Extended LSP—Extended LSPs are generated by virtual systems. The system ID in its LSP ID field is the virtual system ID.

  • Page 144: Is-Is Configuration Task List

    • ISO 8348/Ad2, Network Services Access Points • RFC 1195, Use of OSI IS-IS for Routing in TCP/IP and Dual Environments • RFC 2763, Dynamic Hostname Exchange Mechanism for IS-IS • RFC 2966, Domain-wide Prefix Distribution with Two-Level IS-IS • RFC 2973, IS-IS Mesh Groups •...

  • Page 145: Configuring Is-Is Basic Functions

    Task Remarks Setting the LSDB overload bit Optional. Configuring system ID to host name mappings Optional. Enabling the logging of neighbor state changes Optional. Configuring neighbor relationship authentication Optional. Enhancing IS-IS Configuring area authentication Optional. network security Configuring routing domain authentication Optional.

  • Page 146: Configuring The Is Level And Circuit Level

    Configuring the IS level and circuit level If only one area exists, perform the following operations: • Configure the IS level of all routers as Level-1 or Level-2 rather than different levels because the routers do not need to maintain two identical LSDBs. •...

  • Page 147: Configuring Is-Is Routing Information Control

    Configuring IS-IS routing information control Perform the tasks in this section to affect IS-IS route selection. Configuration prerequisites Before the configuration, complete the following tasks: • Configure IP addresses for all interfaces, and make sure that all neighboring nodes are reachable to each other at the network layer.

  • Page 148: Specifying A Priority For Is-Is

    Step Command Remarks Optional. isis [ ipv4-unicast topology-name | Specify a cost for the ipv6-unicast ] cost value [ level-1 | No cost is specified for the interface. level-2 ] interface by default. Configuring a global IS-IS cost Step Command Remarks Enter system view.

  • Page 149: Configuring The Maximum Number Of Ecmp Routes

    Configuring the maximum number of ECMP routes Perform this task to implement load sharing over ECMP routes. To configure the maximum number of ECMP routes: Step Command Remarks Enter system view. system-view isis [ process-id ] [ vpn-instance Enter IS-IS view. vpn-instance-name ] Specify the maximum By default, the...

  • Page 150: Configuring Is-Is Route Redistribution

    Step Command Remarks [ ipv4-unicast topology-name ] Advertise a default default-route-advertise [ route-policy By default, the function is route. route-policy-name | [ level-1 | level-1-2 | disabled. level-2 ] ] * Configuring IS-IS route redistribution Redistributing large numbers of routes on a device might affect the performance of other devices in the network.

  • Page 151: Configuring Is-Is Route Leaking

    Step Command Remarks Filter routes [ ipv4-unicast topology-name ] filter-policy No filtering is configured by calculated from { acl-number | ip-prefix ip-prefix-name | default. received LSPs. route-policy route-policy-name } import Filtering redistributed routes IS-IS can redistribute routes from other routing protocols or other IS-IS processes, add them into the IS-IS routing table, and advertise them in LSPs.

  • Page 152: Specifying Intervals For Sending Is-Is Hello And Csnp Packets

    • Configure IP addresses for all interfaces, and make sure that all neighboring nodes are reachable to each other at the network layer. • Enable IS-IS. Specifying intervals for sending IS-IS hello and CSNP packets Step Command Remarks Enter system view. system-view interface interface-type Enter interface view.

  • Page 153: Disabling An Interface From Sending/Receiving Is-Is Packets

    Step Command Remarks Enter system view. system-view interface interface-type Enter interface view. interface-number Optional. Specify a DIS priority for the isis dis-priority value [ level-1 | interface. level-2 ] 64 by default. Disabling an interface from sending/receiving IS-IS packets After being disabled from sending and receiving hello packets, an interface cannot form any neighbor relationship, but can advertise directly connected networks in LSPs through other interfaces.

  • Page 154: Configuring Lsp Parameters

    To enable an interface to send small hello packets: Step Command Remarks Enter system view. system-view interface interface-type Enter interface view. interface-number Enable the interface to send Standard hello packets are sent small hello packets without isis small-hello by default. CLVs.
  • Page 155 If a change occurs in the LSDB, IS-IS advertises the changed LSP to neighbors. You can specify the minimum interval for sending such LSPs. On a P2P link, IS-IS requires an advertised LSP be acknowledged. If no acknowledgement is received within a configurable interval, IS-IS will retransmit the LSP. To configure LSP sending intervals: Step Command...
  • Page 156 Step Command Remarks isis [ process-id ] [ vpn-instance Enter IS-IS view. vpn-instance-name ] flash-flood [ flood-count flooding-count | Enable LSP flash Not enabled by max-timer-interval flooding-interval | [ level-1 | flooding. default. level-2 ] ] * Enabling LSP fragment extension After LSP fragment extension is enabled for an IS-IS process, the MTUs of all the interfaces running the IS-IS process must not be less than 512.

  • Page 157: Configuring Spf Parameters

    Before you configure this task, you must consider redundancy for interfaces in case that LSP packets cannot be flooded due to link failures. To add an interface into a mesh group and block an interface: Step Command Remarks Enter system view. system-view interface interface-type Enter interface view.

  • Page 158: Setting The Lsdb Overload Bit

    Step Command Remarks Optional. Not assigned by default. If no IS-IS route is assigned a high Assign a high priority to IS-IS priority high { ip-prefix priority, IS-IS host routes are routes. prefix-name | tag tag-value } processed first in network convergence because they have higher priority than other types of IS-IS routes.

  • Page 159: Enabling The Logging Of Neighbor State Changes

    Configuring dynamic system ID to host name mapping You must configure a static system ID to host name mapping for any other router in a network. When a new router is added into the network or a mapping must be modified, perform configuration on all routers.

  • Page 160: Configuration Prerequisites

    Configuration prerequisites Before the configuration, complete the following tasks: • Configure network layer addresses for interfaces to make neighboring nodes accessible to each other at the network layer. • Enable IS-IS. Configuring neighbor relationship authentication With neighbor relationship authentication configured, an interface adds the password in the specified mode into hello packets to the peer and checks the password in the received hello packets.

  • Page 161: Configuring Routing Domain Authentication

    Configuring routing domain authentication Routing domain authentication prevents untrusted routing information from entering into a routing domain. A router with the authentication configured encapsulates the password in the specified mode into Level-2 packets (LSP, CSNP, and PSNP) and check the password in received Level-2 packets.

  • Page 162: Configuring Is-Is Nsr

    Configuring IS-IS NSR According to the GR feature, after an active/standby MPU switchover in standalone mode or a global active/standby MPU switchover, the GR restarter obtains routing information from its neighbors, and the IS-IS process must learn all routes. If the network topology has changed during the switchover period, removed routes cannot be updated to the device, which might cause blackhole routes.

  • Page 163: Enabling Is-Is Snmp Trap

    • Configure network layer addresses for interfaces to make the neighboring nodes reachable at the network layer. • Enable IS-IS. Configuration guidelines • Do not use FRR and BFD at the same time. Otherwise, FRR might fail to take effect. •...

  • Page 164: Binding An Is-Is Process With Mibs

    Step Command Remarks Enable SNMP trap. Enabled by default. is-snmp-traps enable Binding an IS-IS process with MIBs This task allows you to bind MIB with an IS-IS process to send and collect information. For more information about MIB, see Network Management and Monitoring Configuration Guide. To bind an IS-IS process with MIBs: Step Command...
  • Page 165 Figure 49 Network diagram for IS-IS MTR As shown in Figure 49, the base topology is split into two topologies, topology A and topology B. You can forward voice traffic through topology A and video traffic through topology B. Router B does not belong to topology A. In topology B, the links between Router A and Router D and between Router B and Router C do not exist.

  • Page 166: Displaying And Maintaining Is-Is

    Displaying and maintaining IS-IS Task Command Remarks display isis brief [ process-id | vpn-instance Display brief IS-IS configuration Available in any vpn-instance-name ] [ | { begin | exclude | information. view. include } regular-expression ] display isis debug-switches { process-id | Display the status of IS-IS debug Available in any vpn-instance vpn-instance-name } [ | { begin |...

  • Page 167: Is-Is Configuration Examples

    IS-IS configuration examples IS-IS basic configuration Network requirements As shown in Figure 50, Routers A, B, C, and D reside in an autonomous system. They are interconnected through IS-IS. Router A and Router B are Level-1 routers, Router D is a Level-2 router, and Router C is a Level-1-2 router connecting two areas.
  • Page 168 <RouterC> system-view [RouterC] isis 1 [RouterC-isis-1] network-entity 10.0000.0000.0003.00 [RouterC-isis-1] quit [RouterC] interface serial 2/2/0 [RouterC-Serial2/2/0] isis enable 1 [RouterC-Serial2/2/0] quit [RouterC] interface serial 2/2/1 [RouterC-Serial2/2/1] isis enable 1 [RouterC-Serial2/2/1] quit [RouterC] interface serial 2/2/2 [RouterC-Serial2/2/2] isis enable 1 [RouterC-Serial2/2/2] quit # Configure Router D.
  • Page 169 LSPID Seq Num Checksum Holdtime Length ATT/P/OL -------------------------------------------------------------------------- 0000.0000.0001.00-00 0x0000000d 0xb184 0/0/0 0000.0000.0002.00-00* 0x0000000c 0xcd66 1167 0/0/0 0000.0000.0003.00-00 0x00000013 0x2d39 1136 1/0/0 *-Self LSP, +-Self LSP(Extended), ATT-Attached, P-Partition, OL-Overload [RouterC] display isis lsdb Database information for ISIS(1) -------------------------------- Level-1 Link State Database LSPID Seq Num Checksum...
  • Page 170 # Display the IS-IS routing information on each router. The routing table of Level-1 routers must contain a default route with the next hop being the Level-1-2 router. The routing table of Level-2 router must contain all Level-1 and Level-2 routes. [RouterA] display isis route Route information for ISIS(1) -----------------------------...

  • Page 171: Dis Election Configuration

    Route information for ISIS(1) ----------------------------- ISIS(1) IPv4 Level-2 Forwarding Table ------------------------------------- IPV4 Destination IntCost ExtCost ExitInterface NextHop Flags -------------------------------------------------------------------------- 192.168.0.0/24 NULL S2/2/0 Direct D/L/- 10.1.1.0/24 NULL S2/2/0 192.168.0.1 R/-/- 10.1.2.0/24 NULL S2/2/0 192.168.0.1 R/-/- 172.16.0.0/16 NULL GE2/1/1 Direct D/L/- Flags: D-Direct, R-Added to RM, L-Advertised in LSPs, U-Up/Down Bit Set DIS election configuration Network requirements As shown in...
  • Page 172 [RouterA] interface gigabitethernet 2/1/1 [RouterA-GigabitEthernet2/1/1] isis enable 1 [RouterA-GigabitEthernet2/1/1] quit # Configure Router B. <RouterB> system-view [RouterB] isis 1 [RouterB-isis-1] network-entity 10.0000.0000.0002.00 [RouterB-isis-1] quit [RouterB] interface gigabitethernet 2/1/1 [RouterB-GigabitEthernet2/1/1] isis enable 1 [RouterB-GigabitEthernet2/1/1] quit # Configure Router C. <RouterC> system-view [RouterC] isis 1 [RouterC-isis-1] network-entity 10.0000.0000.0003.00 [RouterC-isis-1] is-level level-1...
  • Page 173 Interface: GigabitEthernet2/1/1 Circuit Id: 0000.0000.0004.01 State: Up HoldTime: 23s Type: L2 PRI: 64 # Display information about IS-IS interfaces of Router A. [RouterA] display isis interface Interface information for ISIS(1) --------------------------------- Interface: GigabitEthernet2/1/1 IPV4.State IPV6.State Type Down 1497 L1/L2 No/No # Display IS-IS interfaces of Router C.
  • Page 174 State: Up HoldTime: 22s Type: L2(L1L2) PRI: 64 System Id: 0000.0000.0004 Interface: GigabitEthernet2/1/1 Circuit Id: 0000.0000.0001.01 State: Up HoldTime: 22s Type: L2 PRI: 64 # Display information about IS-IS interfaces of Router A. [RouterA] display isis interface Interface information for ISIS(1) --------------------------------- Interface: GigabitEthernet2/1/1 IPV4.State...

  • Page 175: Configuring Is-Is Route Redistribution

    State: Up HoldTime: 26s Type: L2 PRI: 64 [RouterD] display isis interface Interface information for ISIS(1) --------------------------------- Interface: GigabitEthernet2/1/1 IPV4.State IPV6.State Type Down 1497 L1/L2 No/No Configuring IS-IS route redistribution Network requirements As shown in Figure 52, Router A, Router B, Router C, and Router D reside in the same AS. They use IS-IS to interconnect.
  • Page 176 [RouterB-isis-1] quit [RouterB] interface serial 2/2/0 [RouterB-Serial2/2/0] isis enable 1 [RouterB-Serial2/2/0] quit # Configure Router C. <RouterC> system-view [RouterC] isis 1 [RouterC-isis-1] network-entity 10.0000.0000.0003.00 [RouterC-isis-1] quit [RouterC] interface serial 2/2/0 [RouterC-Serial2/2/0] isis enable 1 [RouterC-Serial2/2/0] quit [RouterC] interface serial 2/2/1 [RouterC-Serial2/2/1] isis enable 1 [RouterC-Serial2/2/1] quit [RouterC] interface serial 2/2/2...
  • Page 177 ----------------------------- ISIS(1) IPv4 Level-1 Forwarding Table ------------------------------------- IPV4 Destination IntCost ExtCost ExitInterface NextHop Flags -------------------------------------------------------------------------- 10.1.1.0/24 NULL S2/2/1 Direct D/L/- 10.1.2.0/24 NULL S2/2/0 Direct D/L/- 192.168.0.0/24 NULL S2/2/2 Direct D/L/- Flags: D-Direct, R-Added to RM, L-Advertised in LSPs, U-Up/Down Bit Set ISIS(1) IPv4 Level-2 Forwarding Table ------------------------------------- IPV4 Destination...

  • Page 178: Is-Is Gr Configuration Example

    [RouterE] rip 1 [RouterE-rip-1] network 10.0.0.0 [RouterE-rip-1] version 2 [RouterE-rip-1] undo summary # Configure route redistribution from RIP to IS-IS on Router D. [RouterD-rip-1] quit [RouterD] isis 1 [RouterD–isis-1] import-route rip level-2 # Display IS-IS routing information on Router C. [RouterC] display isis route Route information for ISIS(1) -----------------------------...
  • Page 179 Figure 53 Network diagram Configuration procedure Configure IP addresses of the interfaces on each router and configure IS-IS: Follow Figure 53 to configure the IP address and subnet mask of each interface on the router. (Details not shown.) Configure IS-IS on the routers, ensuring that Router A, Router B, and Router C can communicate with each other at Layer 3 and dynamic route update can be implemented among them with IS-IS.

  • Page 180: Is-Is Nsr Configuration Example

    Remaining Time: 59 IS-IS(1) Level-2 Restart Status Restart Interval: 150 SA Bit Supported Total Number of Interfaces = 1 Restart Status: RESTARTING Number of LSPs Awaited: 3 T3 Timer Status: Remaining Time: 140 T2 Timer Status: Remaining Time: 59 IS-IS NSR configuration example Network requirements Router S, Router A, and Router B belong to the same IS-IS routing domain as illustrated in Figure...
  • Page 181 [RouterS] slave switchover enable [RouterS] slave switchover Caution!!! Confirm to switch slave to master? [Y/N]:Y # Display IS-IS neighbors and routes on Router A. <RouterA> display isis peer Peer information for ISIS(1) ---------------------------- System Id: 0000.0000.0001 Interface: GE2/1/1 Circuit Id: 0000.0000.0001.01 State: Up HoldTime: 25s Type: L1(L1L2)

  • Page 182: Is-Is Frr Configuration Example

    System Id: 0000.0000.0001 Interface: GE2/1/1 Circuit Id: 0000.0000.0001.01 State: Up HoldTime: 25s Type: L1(L1L2) PRI: 64 System Id: 0000.0000.0001 Interface: GE2/1/1 Circuit Id: 0000.0000.0001.01 State: Up HoldTime: 27s Type: L2(L1L2) PRI: 64 <RouterB> display isis route Route information for ISIS(1) ----------------------------- ISIS(1) IPv4 Level-1 Forwarding Table -------------------------------------...
  • Page 183 Figure 55 Network diagram Configuration procedure Configure IP addresses for the interfaces on each router and configure IS-IS. Follow Figure 55 to configure the IP address and subnet mask of each interface on the routers. (Details not shown.) Configure IS-IS on the routers, ensuring that Router A, Router D, and Router S can communicate with each other at Layer 3.
  • Page 184 [RouterD] bfd echo-source-ip 4.4.4.4 [RouterD] ip ip-prefix abc index 10 permit 1.1.1.1 32 [RouterD] route-policy frr permit node 10 [RouterD-route-policy] if-match ip-prefix abc [RouterD-route-policy] apply fast-reroute backup-interface gigabitethernet 2/1/1 backup-nexthop 24.24.24.2 [RouterD-route-policy] quit [RouterD] isis 1 [RouterD-isis-1] fast-reroute route-policy frr [RouterD-isis-1] quit Verify the configuration: # Display route 4.4.4.4/32 on Router S to view the backup next hop information.

  • Page 185: Is-Is Authentication Configuration Example

    IS-IS authentication configuration example Network requirements As shown in Figure 56, Router A, Router B, Router C, and Router D reside in the same IS-IS routing domain. Router A, Router B, and Router C belong to Area 10, and Router D belongs to Area 20. Configure neighbor relationship authentication between neighbors.
  • Page 186 <RouterC> system-view [RouterC] isis 1 [RouterC-isis-1] network-entity 10.0000.0000.0003.00 [RouterC-isis-1] quit [RouterC] interface gigabitethernet 2/1/1 [RouterC-GigabitEthernet2/1/1] isis enable 1 [RouterC-GigabitEthernet2/1/1] quit [RouterC] interface gigabitethernet 2/1/2 [RouterC-GigabitEthernet2/1/2] isis enable 1 [RouterC-GigabitEthernet2/1/2] quit [RouterC] interface gigabitethernet 2/1/3 [RouterC-GigabitEthernet2/1/3] isis enable 1 [RouterC-GigabitEthernet2/1/3] quit # Configure Router D.

  • Page 187: Configuring Bfd For Is-Is

    [RouterA-isis-1] area-authentication-mode md5 10Sec [RouterA-isis-1] quit [RouterB] isis 1 [RouterB-isis-1] area-authentication-mode md5 10Sec [RouterB-isis-1] quit [RouterC] isis 1 [RouterC-isis-1] area-authentication-mode md5 10Sec [RouterC-isis-1] quit Configure routing domain authentication. Specify the MD5 authentication mode and password 1020Sec on Router C and Router D: [RouterC] isis 1 [RouterC-isis-1] domain-authentication-mode md5 1020Sec [RouterC-isis-1] quit...
  • Page 188 # Configure Router A. <RouterA> system-view [RouterA] isis [RouterA-isis-1] network-entity 10.0000.0000.0001.00 [RouterA-isis-1] quit [RouterA] interface gigabitethernet 2/1/1 [RouterA-GigabitEthernet2/1/1] isis enable [RouterA-GigabitEthernet2/1/1] quit [RouterA] interface gigabitethernet 2/1/2 [RouterA-GigabitEthernet2/1/2] isis enable [RouterA-GigabitEthernet2/1/2] quit # Configure Router B. <RouterB> system-view [RouterB] isis [RouterB-isis-1] network-entity 10.0000.0000.0002.00 [RouterB-isis-1] quit [RouterB] interface gigabitethernet 2/1/1 [RouterB-GigabitEthernet2/1/1] isis enable...
  • Page 189 Verify the configuration: The following configurations are made on Router A. Configurations for Router B are similar. (Details not shown.) # Display the BFD information of Router A. <RouterA> display bfd session Total Session Num: 1 Init Mode: Active Session Working Under Ctrl Mode: LD/RD SourceAddr DestAddr...

  • Page 190: Configuring Is-Is Mtr

    #Aug 8 14:54:05:364 2008 RouterA ISIS/4/ADJ_CHANGE:TrapID(1.3.6.1.2.1.138.0.17<isisAdjacencyChange>), ISIS Level-1 Adjencency IN Circuit-983041 State Change. %Aug 8 14:54:05:365 2008 RouterA IFNET/4/LINK UPDOWN: GigabitEthernet2/1/1 link status is DOWN %Aug 8 14:54:05:366 2008 RouterA IFNET/4/UPDOWN: Line protocol on the interface GigabitEthernet2/1/1 is DOWN %Aug 8 14:54:05:367 2008 RouterA ISIS/4/ADJLOG:ISIS-1-ADJCHANGE: Adjacency To 0000.0000.0002 (GE2/1/1) DOWN, Level-2 Circuit Down.
  • Page 191 Figure 58 Network diagram Device Interface IP address Device Interface IP address Router A GE2/2/1 4.4.4.20/24 Router B GE2/2/1 5.1.1.21/24 GE2/2/2 3.1.1.20/24 GE2/2/2 3.1.1.21/24 GE2/2/3 6.1.1.21/22 Router C GE2/2/1 5.1.1.23/24 Router D GE2/2/1 4.4.4.21/24 GE2/2/2 7.1.1.23/24 GE2/2/2 7.1.1.22/24 Loop0 4.4.4.4/32 GE2/2/3 6.1.1.22/22 Configuration procedure...
  • Page 192 [RouterA-multiple-topology-video] acl 3002 [RouterA-multiple-topology-video] quit [RouterA-address-family ipv4] quit # Enable topology voice for GigabitEthernet 2/2/1, and video for GigabitEthernet 2/2/2. [RouterA] interface gigabitethernet 2/2/2 [RouterA-GigabitEthernet2/2/2] multiple-topology video enable [RouterA-GigabitEthernet2/2/2] quit [RouterA] interface gigabitethernet 2/2/1 [RouterA-GigabitEthernet2/2/1] multiple-topology voice enable [RouterA-GigabitEthernet2/2/1] quit Configurations on other routers are similar.
  • Page 193 [RouterC] interface gigabitethernet 2/2/2 [RouterC-GigabitEthernet2/2/2] multiple-topology video enable [RouterC-GigabitEthernet2/2/2] multiple-topology voice enable [RouterC-GigabitEthernet2/2/2] isis multiple-topology ipv4-unicast voice [RouterC-GigabitEthernet2/2/2] isis multiple-topology ipv4-unicast video [RouterC-GigabitEthernet2/2/2] quit [RouterC] interface loopback 0 [RouterC-LoopBack0] multiple-topology video enable [RouterC-LoopBack0] multiple-topology voice enable [RouterC-LoopBack0] isis multiple-topology ipv4-unicast voice [RouterC-LoopBack0] isis multiple-topology ipv4-unicast video [RouterC-LoopBack0] quit # Configure Router D.
  • Page 194 7.0.0.0/24 NULL GE2/2/1 4.0.0.22 R/L/- 4.4.4.4/32 NULL GE2/2/1 4.0.0.22 R/L/- Flags: D-Direct, R-Added to RM, L-Advertised in LSPs, U-Up/Down Bit Set ISIS(1) IPv4 MT(voice-4000) Level-2 Forwarding Table ------------------------------------------------- IPV4 Destination IntCost ExtCost ExitInterface NextHop Flags -------------------------------------------------------------------------------- 4.0.0.0/24 NULL GE2/2/1 Direct D/L/- 7.0.0.0/24 NULL...

  • Page 196: Configuring Bgp

    Configuring BGP Overview Border Gateway Protocol (BGP) is an exterior gateway protocol. It is called internal BGP (IBGP) when it runs within an AS and called external BGP (EBGP) when it runs between ASs. The current version in use is BGP-4 (RFC 4271). Unless otherwise stated, BGP refers to BGP-4 in this document.
  • Page 197 • ORIGIN The ORIGIN attribute identifies the origin of routing information (how a route became a BGP route). This attribute has the following types: IGP—Has the highest priority. Routes generated in the local AS have the IGP attribute. EGP—Has the second highest priority. Routes obtained through EGP have the EGP attribute. INCOMPLETE—Has the lowest priority.
  • Page 198 When a BGP speaker advertises a self-originated route to a BGP peer, it sets the address of the sending interface as the NEXT_HOP. When a BGP speaker sends a received route to an EBGP peer, it sets the address of the sending interface as the NEXT_HOP.
  • Page 199 Figure 61 MED attribute MED = 0 Router B 2.1.1.1 D = 9.0.0.0 Next_hop = 2.1.1.1 EBGP IBGP MED = 0 9.0.0.0 IBGP Router A Router D D = 9.0.0.0 EBGP IBGP Next_hop = 3.1.1.1 MED = 100 AS 10 3.1.1.1 Router C AS 20...
  • Page 200 Figure 62 LOCAL_PREF attribute • COMMUNITY The COMMUNITY attribute identifies the community of BGP routes. A BGP community is a group of routes with the same characteristics. It has no geographical boundaries. Routes of different ASs can belong to the same community. A route can carry one or more COMMUNITY attribute values (each of which is represented by a four-byte integer).

  • Page 201: Bgp Route Selection

    BGP route selection BGP discards routes with unreachable NEXT_HOPs. If multiple routes to the same destination are available, BGP selects the best route in the following sequence: Highest Preferred_value Highest LOCAL_PREF Summary route Shortest AS_PATH IGP, EGP, or INCOMPLETE route in turn Lowest MED value Learned from EBGP, confederation, or IBGP in turn Smallest next hop metric...

  • Page 202: Settlements For Problems In Large-Scale Bgp Networks

    BGP differs from IGP in the implementation of load balancing in the following ways: IGP routing protocols, such as RIP and OSPF, compute metrics of routes, and then implement load balancing over routes with the same metric and to the same destination. The route selection criterion is metric.
  • Page 203 When a route flap occurs, the routing protocol sends an update to its neighbor, and then the neighbor recalculates routes and modifies the routing table. Frequent route flaps consume too many resources and affect other operations. In most cases, BGP runs in complex networks, where route changes are more frequent. To solve the problem caused by route flapping, you can use BGP route dampening to suppress unstable routes.
  • Page 204 Figure 65 Network diagram for a route reflector The route reflector and clients form a cluster. Typically a cluster has one route reflector. The ID of the route reflector is the Cluster_ID. You can configure more than one route reflector in a cluster to improve availability as shown in Figure 66.

  • Page 205: Mp-Bgp

    Figure 67 Confederation network diagram A non-confederation BGP speaker does not need to know sub ASs in the confederation. It considers the confederation as one AS, and the confederation ID as the AS number. In the above figure, AS 200 is the confederation ID. Confederation has a deficiency.

  • Page 206: Protocols And Standards

    The system supports multiple MP-BGP extensions, including VPN extension (see MPLS Configuration Guide), IPv6 extension (see "Configuring IPv6 BGP"), and multicast extension (see IP Multicast Configuration Guide). Address family MP-BGP uses address families and subsequent address families to differentiate network layer protocols of routes contained in the MP_REACH_NLRI and MP_UNREACH_NLRI attributes.
  • Page 207 Task Remarks Enterprise recommends that you configure BGP peer groups on large scale Configuring the BGP dynamic peer feature BGP networks for easy configuration and maintenance. Specifying the source interface for TCP Optional. connections Injecting a local network Required. Controlling route generation Use at least one method.
  • Page 208 Task Remarks taking effect During network optimization upgrade, each change routing policies triggers route refreshing, which burdens BGP routers the network. This task disables policies from automatically taking effect. After modifying all policies, execute refresh or reset bgp command make the new polices take effect.

  • Page 209: Configuring Basic Bgp

    Task Remarks Configuring BGP GR Optional. Configuring BGP NSR Optional. Enabling trap Optional. Enabling logging of session state changes Optional. Configuring BFD for BGP Optional. Configuring basic BGP This section describes the tasks required for a BGP network to work. Enabling BGP A router ID is the unique identifier of a BGP router in an AS.

  • Page 210: Configuring A Bgp Peer Group

    Step Command Remarks Enter system view. system-view • Enter BGP view: bgp as-number • Enter BGP-VPN instance view: Enter BGP view or Use either method. BGP-VPN instance view. a. bgp as-number b. ipv4-family vpn-instance vpn-instance-name Create a BGP peer and peer as-number ip-address...
  • Page 211 Step Command Remarks By default, no peer exists in the peer group. peer ip-address group Add a peer into the IBGP group-name [ as-number To use the as-number peer group. as-number ] as-number option, you must specify the local AS number. Optional.
  • Page 212 Step Command Remarks Optional. Configure a description for a peer group-name description By default, no description is peer group. description-text configured for the peer group. To configure an EBGP peer group by using Method 2: Step Command Remarks Enter system view. system-view •...

  • Page 213: Configuring The Bgp Dynamic Peer Feature

    Step Command Remarks peer ip-address group Add a peer into the EBGP group-name as-number peer group. as-number Optional. Enable a peer. peer ip-address enable Enabled by default. Optional. Configure a description for a peer group-name description By default, no description is peer group.

  • Page 214: Specifying The Source Interface For Tcp Connections

    Step Command Remarks By default, MD5 authentication is not configured for the BGP peer group. To prevent illegal neighbors Configure MD5 peer group-name password from attacking the device, authentication for the BGP { cipher | simple } password Hewlett Packard Enterprise peer group.

  • Page 215: Controlling Route Generation

    Step Command Remarks • Enter BGP view: bgp as-number • Enter BGP-VPN instance view: Enter BGP view or Use either method. BGP-VPN instance view. a. bgp as-number b. ipv4-family vpn-instance vpn-instance-name By default, BGP uses the outbound Specify the source interface of the best route to the peer { group-name | ip-address } interface for establishing...

  • Page 216: Redistributing Igp Routes

    Redistributing IGP routes Perform this task to configure route redistribution from an IGP to BGP. By default, BGP does not redistribute default IGP routes. You can use the default-route imported command to redistribute default IGP routes into the BGP routing table. The origin attribute of BGP routes redistributed from IGPs is INCOMPLETE.

  • Page 217: Advertising A Default Route To A Peer Or Peer Group

    Step Command Remarks • Enter BGP view: bgp as-number • Enter BGP-VPN instance view: Enter BGP view or Use either method. BGP-VPN instance view. a. bgp as-number b. ipv4-family vpn-instance vpn-instance-name Configure automatic route Not configured by default. summary automatic summarization.

  • Page 218: Configuring Bgp Route Distribution/Reception Filtering Policies

    Step Command Remarks Enter system view. system-view • Enter BGP view: bgp as-number • Enter BGP-VPN instance view: Enter BGP view or Use either method. BGP-VPN instance view. a. bgp as-number b. ipv4-family vpn-instance vpn-instance-name peer { group-name | ip-address } Advertise a default route to a default-route-advertise Not advertised by default.
  • Page 219 Step Command Remarks • Enter BGP view: bgp as-number • Enter BGP-VPN instance view: Enter BGP view or Use either method. BGP-VPN instance view. a. bgp as-number b. ipv4-family vpn-instance vpn-instance-name • Configure the filtering of redistributed routes advertised to all peers: filter-policy { acl-number | ip-prefix ip-prefix-name } export...

  • Page 220: Enabling Bgp And Igp Route Synchronization

    Only routes passing all the configured policies can be received. To configure BGP route reception filtering policies: Step Command Remarks Enter system view. system-view • Enter BGP view: bgp as-number • Enter BGP-VPN instance view: Enter BGP view or Use either method. BGP-VPN instance view.

  • Page 221: Limiting Prefixes Received From A Peer Or Peer Group

    IGP, Router D forwards the packet to Router C through route recursion. Router C does not know the route 8.0.0.0/8, so it discards the packet. Figure 68 IBGP and IGP synchronization For this example, if synchronization is enabled, and the route 8.0.0.0/24 received from Router B is available in its IGP routing table, Router D advertises the IBGP route when the following conditions are met: •...

  • Page 222: Configuring Bgp Route Dampening

    Step Command Remarks Enter system view. system-view • Enter BGP view: bgp as-number • Enter BGP-VPN instance view: Enter BGP view or Use either method. BGP-VPN instance view. a. bgp as-number b. ipv4-family vpn-instance vpn-instance-name peer { group-name | ip-address } Specify the maximum By default, the number of routes route-limit prefix-number...

  • Page 223: Configuring Preferences For Bgp Routes

    Step Command Remarks Enter system view. system-view • Enter BGP view: bgp as-number • Enter BGP-VPN instance view: Enter BGP view or Use either method. BGP-VPN instance view. a. bgp as-number b. ipv4-family vpn-instance vpn-instance-name Optional. Specify a preferred value for peer { group-name | ip-address } routes received from a peer By default, the preferred value is...

  • Page 224: Configure The Default Local Preference

    Configure the default local preference The local preference is used to determine the best route for traffic leaving the local AS. When a BGP router obtains from several IBGP peers multiple routes to the same destination but with different next hops, it considers the route with the highest local preference as the best route.
  • Page 225 Step Command Remarks • Enter BGP view: bgp as-number • Enter BGP-VPN instance view: Enter BGP view or Use either method. BGP-VPN instance view. a. bgp as-number b. ipv4-family vpn-instance vpn-instance-name Enable the comparison of MED of routes from different Not enabled by default.
  • Page 226 To resolve this issue, configure the bestroute compare-med command on Router D. After that, Router D puts routes received from the same AS into a group. Router D then selects the route with the lowest MED from the same group, and compares routes from different groups. The following output is the BGP routing table on Router D after the comparison of MED of routes from each AS is enabled.

  • Page 227: Configuring The Next_Hop Attribute

    Configuring the NEXT_HOP attribute By default, when advertising routes to an IBGP peer or peer group, a BGP router does not set itself as the next hop. However, to ensure a BGP peer can find the correct next hop in some cases, you need to configure the router as the next hop for routes sent to the peer.

  • Page 228: Configuring The As_Path Attribute

    Step Command Remarks Optional. By default, the router sets it as the Specify the router as the next hop for routes sent to an peer { group-name | ip-address } next hop of routes sent to a EBGP peer or peer group, but next-hop-local peer or peer group.
  • Page 229 Specifying a fake AS number for a peer or peer group When Router A in AS 2 is moved to AS 3, you can configure Router A to specify a fake AS number of 2 for created connections to EBGP peers or peer groups. In this way, these EBGP peers still think Router A is in AS 2 and need not change their configurations.
  • Page 230 Step Command Remarks • Enter BGP view: bgp as-number • Enter BGP-VPN instance view: Enter BGP view or Use either method. BGP-VPN instance view. a. bgp as-number b. ipv4-family vpn-instance vpn-instance-name Replace the AS number of a peer or peer group in the peer { group-name | ip-address } Not configured by default.

  • Page 231: Tuning And Optimizing Bgp Networks

    Tuning and optimizing BGP networks Configuring the BGP keepalive interval and holdtime After establishing a BGP session, two routers send keepalive messages at the specified keepalive interval to each other to keep the session. If a router receives no keepalive or update message from the peer within the holdtime, it tears down the session.

  • Page 232: Configuring The Interval For Sending The Same Update

    Configuring the interval for sending the same update A BGP router sends an update message to its peers when a route is changed. If the route changes frequently, the BGP router sends a large number of updates for the route, which can cause route flaps.

  • Page 233: Enabling 4-Byte As Number Suppression

    Step Command Remarks • Enter BGP view: bgp as-number • Enter BGP-VPN instance view: Enter BGP view or Use either method. BGP-VPN instance view. a. bgp as-number b. ipv4-family vpn-instance vpn-instance-name peer { group-name | ip-address } Enable BGP route refresh for Enabled by default.

  • Page 234: Enabling Quick Reestablishment Of Direct Ebgp Session

    Step Command Remarks • Enter BGP view: bgp as-number • Enter BGP-VPN instance view: Enter BGP view or Use either method. BGP-VPN instance view. a. bgp as-number b. ipv4-family vpn-instance vpn-instance-name peer { group-name | ip-address } Enable 4-byte AS number Disabled by default.

  • Page 235: Configuring Bgp Load Balancing

    Step Command Remarks • Enter BGP view: bgp as-number • Enter BGP-VPN instance view: Enter BGP view or Use either method. BGP-VPN instance view. a. bgp as-number b. ipv4-family vpn-instance vpn-instance-name peer { group-name | ip-address } Enable MD5 authentication password { cipher | simple } Not enabled by default.

  • Page 236: Configuring Gtsm For Bgp

    Step Command Remarks • Enter BGP view: bgp as-number • Enter BGP-VPN instance view: Enter BGP view or Use either method. BGP-VPN instance view. a. bgp as-number b. ipv4-family vpn-instance vpn-instance-name Forbid session peer { group-name | ip-address } establishment with a peer or Not forbidden by default.

  • Page 237: Disabling Bgp Route Advertisement To A Peer Or Peer Group

    Disabling BGP route advertisement to a peer or peer group To disable BGP from sending routing updates to the specified peer or peer group: Step Command Remarks Enter system view. system-view Enter BGP view. bgp as-number Disable BGP from sending peer { group-name | ip-address } By default, BGP sends routing routing updates to the...

  • Page 238: Disabling Bgp Routing Policies From Automatically Taking Effect

    Step Command Remarks peer { group-name | ip-address } Optional. Enable BGP route refresh for capability-advertise a peer or peer group. Enabled by default. route-refresh Configuring manual soft-reset If a BGP peer does not support route-refresh, you must save updates from the peer on the local router by using the peer keep-all-routes command, and use the refresh bgp command to refresh the BGP routing table.

  • Page 239: Configuring A Large Scale Bgp Network

    • rr-filter (see MPLS Command Reference) • peer upe route-policy (see MPLS Command Reference) To disable BGP routing policies from automatically taking effect: Step Command Remarks Enter system view. system-view Enter BGP view. bgp as-number By default, when a BGP routing Disable BGP routing policies policy is changed, BGP from automatically taking...

  • Page 240: Configuring A Bgp Route Reflector

    Step Command Remarks • Advertise the community attribute to a peer or peer group: peer { group-name | ip-address } Advertise the community Use either method. attribute or extended advertise-community community attribute to a peer • Advertise the extended Not configured by default. or peer group.

  • Page 241: Configuring A Bgp Confederation

    Step Command Remarks Not configured by default. The peer reflect-client command can be configured in both BGP view and BGP-VPNv4 subaddress family view. In BGP view, the command enables the router to reflect routes of the Configure the router as a public network;...

  • Page 242: Configuring Bgp Gr

    Step Command Remarks Configure a confederation Not configured by default. confederation id as-number Specify peering sub ASs in confederation peer-as Not configured by default. the confederation. as-number-list Configuring confederation compatibility If some other routers in the confederation do not comply with RFC 3065, you must enable confederation compatibility to allow the router to work with those routers.

  • Page 243: Configuring Bgp Nsr

    BGP routes already learned to complete BGP routing convergence. The GR helper then removes the stale routes. Follow these guidelines when you configure BGP GR: • The GR and NSR features are mutually exclusive. Do not configure them at the same time. •...

  • Page 244: Enabling Trap

    Step Command Remarks Enter system view. system-view Enter BGP view. bgp as-number Enable BGP NSR. Disabled by default. non-stop-routing Enabling trap After trap is enabled for BGP, BGP generates Level-4 traps to report important events. The generated traps are sent to the information center of the device. The output rules of the traps (whether to output the traps and the output direction) are determined according to the information center configuration.

  • Page 245: Displaying And Maintaining Bgp

    IMPORTANT: • Before you configure BFD for BGP, you must enable BGP. • After a link failure occurs, BFD can detect the failure before the system performs GR. As a result, GR will fail. If GR capability is enabled for BGP, use BFD with caution. If GR and BFD are both enabled, do not disable BFD during a GR process;...
  • Page 246 Task Command Remarks display bgp routing-table [ ip-address [ { mask | mask-length } Display BGP routing information. [ longer-prefixes ] ] ] [ | { begin | Available in any view. exclude | include } regular-expression ] display bgp routing-table Display routing information as-path-acl as-path-acl-number [ | Available in any view.

  • Page 247: Resetting Bgp Session

    Task Command Remarks display bgp routing-table Display routing information Available in any view. regular-expression matching a regular expression. as-regular-expression display bgp routing-table statistic [ | Display BGP routing statistics. { begin | exclude | include } Available in any view. regular-expression ] display router id [ | { begin | exclude | Display the global router ID.
  • Page 248 Figure 73 Network diagram Configuration procedure Configure IP addresses for interfaces. (Details not shown.) Configure IBGP: To prevent route flapping caused by port state changes, this example uses loopback interfaces to establish IBGP connections. Because loopback interfaces are virtual interfaces, you need to use the peer connect-interface command to specify the loopback interface as the source interface for establishing BGP connections.
  • Page 249 Total number of peers : 1 Peers in established state : 1 Peer MsgRcvd MsgSent OutQ PrefRcv Up/Down State 2.2.2.2 65009 0 00:06:09 Established The output shows that Router C has established an IBGP peer relationship with Router B. Configure EBGP: The EBGP peers, Router A and Router B (usually belong to different ISPs), are located in different ASs.
  • Page 250 *> 8.1.1.0/24 0.0.0.0 # Display the BGP routing table on Router B. [RouterB] display bgp routing-table Total Number of Routes: 1 BGP Local router ID is 2.2.2.2 Status codes: * - valid, ^ - VPNv4 best, > - best, d - damped, h - history, i - internal, s - suppressed, S - Stale Origin : i - IGP, e - EGP, ? - incomplete...

  • Page 251: Bgp And Igp Synchronization Configuration

    *> 2.2.2.2/32 3.1.1.1 65009? 3.1.1.0/24 3.1.1.1 65009? *> 8.1.1.0/24 0.0.0.0 *> 9.1.1.0/24 3.1.1.1 65009? Two routes 2.2.2.2/32 and 9.1.1.0/24 have been added in the routing table of Router A. # Display the BGP routing table on Router C. [RouterC] display bgp routing-table Total Number of Routes: 4 BGP Local router ID is 3.3.3.3 Status codes: * - valid, ^ - VPNv4 best, >...

  • Page 252: Configure Ospf

    Figure 74 Network diagram AS 65009 AS 65008 Loop0 Loop0 Loop0 1.1.1.1/32 2.2.2.2/32 3.3.3.3/32 GE2/1/1 EBGP OSPF GE2/1/1 8.1.1.1/24 9.1.2.1/24 S2/2/1 S2/2/1 S2/2/0 S2/2/0 3.1.1.2/24 3.1.1.1/24 9.1.1.1/24 9.1.1.2/24 Router A Router B Router C Configuration procedure Configure IP addresses for interfaces. (Details not shown.) Configure OSPF: Enable OSPF in AS 65009, so that Router B can obtain the route to 9.1.2.0/24.
  • Page 253 Configure OSPF to redistribute routes from BGP on Router B, so that Router C can obtain the route to 8.1.1.0/24. # Configure BGP to redistribute routes from OSPF on Router B. [RouterB-bgp] import-route ospf 1 [RouterB-bgp] quit [RouterB] ospf 1 [RouterB-ospf-1] import-route bgp [RouterB-ospf-1] quit # Display the BGP routing table on Router A.

  • Page 254: Bgp Load Balancing Configuration

    --- 9.1.2.1 ping statistics --- 5 packet(s) transmitted 5 packet(s) received 0.00% packet loss round-trip min/avg/max = 15/37/47 ms [RouterC] ping -a 9.1.2.1 8.1.1.1 PING 8.1.1.1: 56 data bytes, press CTRL_C to break Reply from 8.1.1.1: bytes=56 Sequence=1 ttl=254 time=2 ms Reply from 8.1.1.1: bytes=56 Sequence=2 ttl=254 time=2 ms Reply from 8.1.1.1: bytes=56 Sequence=3 ttl=254 time=2 ms Reply from 8.1.1.1: bytes=56 Sequence=4 ttl=254 time=2 ms...
  • Page 255 On Router B, establish an EBGP connection with Router A and an IBGP connection with Router C; configure BGP to advertise network 9.1.1.0/24 to Router A, so Router A can access the intranet through Router B; configure a static route to interface loopback 0 on Router C (or use a routing protocol like OSPF) to establish the IBGP connection.

  • Page 256: Bgp Route Summarization Configuration

    *> 9.1.1.0/24 3.1.1.1 65009i 3.1.2.1 65009i The output shows two valid routes to destination 9.1.1.0/24: the route with next hop 3.1.1.1 is marked with a greater-than sign (>), indicating it is the best route; the route with next hop 3.1.2.1 is marked with only an asterisk (*), indicating it is a valid route, but not the best.
  • Page 257 Figure 76 Network diagram Configuration procedure Configure IP addresses for interfaces. (Details not shown.) Configure static routing between Router A and Router B: # Configure a default route with the next hop 192.168.212.1 on Router A. <RouterA> system-view [RouterA] ip route-static 0.0.0.0 0 192.168.212.1 # Configure static routes to 192.168.64.0/24, 192.168.74.0/24, and 192.168.99.0/24 with the same next hop 192.168.212.161 on Router B.
  • Page 258 Destination/Mask Proto Cost NextHop Interface 3.3.3.3/32 Direct 0 127.0.0.1 InLoop0 10.220.2.0/24 Direct 0 10.220.2.16 S2/2/0 10.220.2.16/32 Direct 0 127.0.0.1 InLoop0 127.0.0.0/8 Direct 0 127.0.0.1 InLoop0 127.0.0.1/32 Direct 0 127.0.0.1 InLoop0 172.17.100.0/24 Direct 0 172.17.100.2 S2/2/1 172.17.100.2/32 Direct 0 127.0.0.1 InLoop0 192.168.64.0/24 O_ASE 172.17.100.1...

  • Page 259: Bgp Community Configuration

    # Summarize 192.168.64.0/24, 192.168.74.0/24, and 192.168.99.0/24 into a single route 192.168.64.0/18 on Router C and disable advertisement of the specific routes. [RouterC-bgp] aggregate 192.168.64.0 18 detail-suppressed [RouterC-bgp] quit Verify the configuration: # Display IP routing table information on Router C. [RouterC] display ip routing-table Routing Tables: Public Destinations : 11...
  • Page 260 Figure 77 Network diagram Configuration procedure Configure IP addresses for interfaces. (Details not shown.) Configure EBGP connections: # Configure Router A. <RouterA> system-view [RouterA] bgp 10 [RouterA-bgp] router-id 1.1.1.1 [RouterA-bgp] peer 200.1.2.2 as-number 20 [RouterA-bgp] network 9.1.1.0 255.255.255.0 [RouterA-bgp] quit # Configure Router B.
  • Page 261 Origin : igp Attribute value : MED 0, pref-val 0, pre 255 State : valid, external, best, Advertised to such 1 peers: 200.1.3.2 Router B has advertised the route to Router C in AS 30. # Display BGP routing table information on Router C. [RouterC] display bgp routing-table Total Number of Routes: 1 BGP Local router ID is 3.3.3.3...

  • Page 262: Bgp Route Reflector Configuration

    BGP route reflector configuration Network requirements As shown in Figure 78, all routers run BGP. • EBGP runs between Router A and Router B. IBGP runs between Router C and Router B, and between Router C and Router D. • Router C is a route reflector with clients Router B and D.

  • Page 263: Bgp Confederation Configuration

    [RouterD-bgp] peer 194.1.1.1 as-number 200 [RouterD-bgp] quit Configure the route reflector: # Configure Router C as the route reflector. [RouterC] bgp 200 [RouterC-bgp] peer 193.1.1.2 reflect-client [RouterC-bgp] peer 194.1.1.2 reflect-client [RouterC-bgp] quit Verify the configuration: # Display the BGP routing table on Router B. [RouterB] display bgp routing-table Total Number of Routes: 1 BGP Local router ID is 200.1.2.2...
  • Page 264 Figure 79 Network diagram Router C Router B GE2/1/1 GE2/1/1 GE2/1/1 AS 65002 AS 65003 S2/2/0 Router F GE2/1/4 AS 100 S2/2/1 GE2/1/1 GE2/1/2 GE2/1/2 Router A GE2/1/1 GE2/1/3 Router D AS 65001 GE2/1/2 GE2/1/1 Router E AS 200 Device Interface IP address Device...
  • Page 265 [RouterC] bgp 65003 [RouterC-bgp] router-id 3.3.3.3 [RouterC-bgp] confederation id 200 [RouterC-bgp] confederation peer-as 65001 65002 [RouterC-bgp] peer 10.1.2.1 as-number 65001 [RouterC-bgp] quit Configure IBGP connections in AS 65001: # Configure Router A. [RouterA] bgp 65001 [RouterA-bgp] peer 10.1.3.2 as-number 65001 [RouterA-bgp] peer 10.1.3.2 next-hop-local [RouterA-bgp] peer 10.1.4.2 as-number 65001 [RouterA-bgp] peer 10.1.4.2 next-hop-local...
  • Page 266 BGP Local router ID is 2.2.2.2 Status codes: * - valid, ^ - VPNv4 best, > - best, d - damped, h - history, i - internal, s - suppressed, S - Stale Origin : i - IGP, e - EGP, ? - incomplete Network NextHop LocPrf...

  • Page 267: Bgp Path Selection Configuration

    State : valid, internal, best, Not advertised to any peers yet The output indicates the following: Router F can send route information to Router B and Router C through the confederation by establishing only an EBGP connection with Router A. Router B and Router D are in the same confederation, but belong to different sub ASs.
  • Page 268 # Configure Router C. <RouterC> system-view [RouterC] ospf [RouterC-ospf] area 0 [RouterC-ospf-1-area-0.0.0.0] network 193.1.1.0 0.0.0.255 [RouterC-ospf-1-area-0.0.0.0] network 195.1.1.0 0.0.0.255 [RouterC-ospf-1-area-0.0.0.0] quit [RouterC-ospf-1] quit # Configure Router D. <RouterD> system-view [RouterD] ospf [RouterD-ospf] area 0 [RouterD-ospf-1-area-0.0.0.0] network 194.1.1.0 0.0.0.255 [RouterD-ospf-1-area-0.0.0.0] network 195.1.1.0 0.0.0.255 [RouterD-ospf-1-area-0.0.0.0] quit [RouterD-ospf-1] quit Configure BGP connections:...
  • Page 269 # Define routing policy apply_med_50 that sets the MED value of route 1.0.0.0/8 to 50, and routing policy apply_med_100 that sets the MED value of route 1.0.0.0/8 to 100. [RouterA] route-policy apply_med_50 permit node 10 [RouterA-route-policy] if-match acl 2000 [RouterA-route-policy] apply cost 50 [RouterA-route-policy] quit [RouterA] route-policy apply_med_100 permit node 10 [RouterA-route-policy] if-match acl 2000...

  • Page 270: Bgp Gr Configuration

    Total Number of Routes: 2 BGP Local router ID is 194.1.1.1 Status codes: * - valid, ^ - VPNv4 best, > - best, d - damped, h - history, i - internal, s - suppressed, S - Stale Origin : i - IGP, e - EGP, ? - incomplete Network NextHop LocPrf...

  • Page 271: Bfd For Bgp Configuration

    # Configure the IBGP connection. [RouterB-bgp] peer 9.1.1.2 as-number 65009 # Inject networks 200.1.1.0/24 and 9.1.1.0/24 to the BGP routing table. [RouterB-bgp] network 200.1.1.0 24 [RouterB-bgp] network 9.1.1.0 24 # Enable GR capability for BGP. [RouterB-bgp] graceful-restart Configure Router C: # Configure IP addresses for interfaces.
  • Page 272 Configure OSPF so that Router A and Router C are reachable to each other. (Details not shown.) Configure BGP on Router A: # Establish two IBGP connections to Router C. <RouterA> system-view [RouterA] bgp 200 [RouterA-bgp] peer 3.0.2.2 as-number 200 [RouterA-bgp] peer 2.0.2.2 as-number 200 [RouterA-bgp] quit # Create ACL 2000 to permit 1.1.1.0/24 to pass.
  • Page 273 [RouterA-GigabitEthernet2/1/2] bfd detect-multiplier 7 # Configure Router C. [RouterC] bfd session init-mode active [RouterC] interface gigabitethernet 2/1 [RouterC-GigabitEthernet2/1] bfd min-transmit-interval 500 [RouterC-GigabitEthernet2/1] bfd min-receive-interval 500 [RouterC-GigabitEthernet2/1] bfd detect-multiplier 7 [RouterC-GigabitEthernet2/1] return Verify the configuration: The following operations are made on Router C. Operations on Router A are similar. # Display detailed BFD session information.
  • Page 274 Protocol: BGP Process ID: 0 Preference: 0 Cost: 50 NextHop: 3.0.1.1 Interface: GigabitEthernet2/1/1 BkNextHop: 0.0.0.0 BkInterface: RelyNextHop: 3.0.2.1 Neighbor : 3.0.1.1 Tunnel ID: 0x0 Label: NULL State: Active Adv Age: 00h08m54s Tag: 0 Destination: 1.1.1.0/24 Protocol: BGP Process ID: 0 Preference: 0 Cost: 100 NextHop: 2.0.1.1...

  • Page 275: Bgp Dynamic Peer Configuration

    BkNextHop: 0.0.0.0 BkInterface: RelyNextHop: 2.0.2.1 Neighbor : 2.0.1.1 Tunnel ID: 0x0 Label: NULL State: Active Adv Age: 00h09m54s Tag: 0 The output shows that Router C has one route to reach network 1.1.1.0/24, that is, Router C<—>Router D<—>Router A. BGP dynamic peer configuration Network diagram All routers run BGP.
  • Page 276 [RouterC-bgp] peer 10.1.2.1 as-number 200 # On Router D, configure Router A as an IBGP peer. <RouterD> system-view [RouterD] bgp 200 [RouterD-bgp] router-id 4.4.4.4 [RouterD-bgp] peer 10.1.3.1 as-number 200 # Display information about BGP peers on Router A. [RouterA] display bgp peer BGP local router ID : 1.1.1.1 Local AS number : 200 Total number of peers : 3...

  • Page 277: Troubleshooting Bgp

    Troubleshooting BGP BGP peer relationship not established Symptom Display BGP peer information by using the display bgp peer command. The state of the connection to a peer cannot become established. Analysis To become BGP peers, any two routers must establish a TCP session using port 179 and exchange Open messages successfully.

  • Page 278: Configuring Policy-Based Routing

    Configuring policy-based routing Overview Different from destination-based routing, policy-based routing (PBR) uses user-defined policies to route packets based on the source address, packet length, and other criteria. A policy can specify the output interface, next hop, default output interface, default next hop, and other parameters for packets that match specific criteria such as ACLs or have specific lengths.
  • Page 279 Clause Meaning Priority If this clause is configured, other apply clauses, except the apply ip-df zero clause, are not executed. apply access-vpn If a packet matches a forwarding entry of a specified Sets VPN instances. vpn-instance VPN instance, it is forwarded in the VPN instance. If it does not match any entry in all VPN instances specified, it is discarded.

  • Page 280: Pbr And Track

    PBR and track You can use track to monitor the output interface, default output interface, next hop, and default next hop for PBR so that PBR can discover link failures faster. PBR takes effect when the status of the associated track entry is positive or invalid. For more information about track-PBR collaboration, see High Availability Configuration Guide.

  • Page 281: Configuring Actions For A Node

    Step Command Remarks Configure a packet length Optional. if-match packet-length min-len max-len match criterion. Configure a reverse input if-match reverse-input-interface Optional. interface match criterion. interface-type interface-number Configuring actions for a node Step Command Remarks Enter system view. system-view policy-based-route policy-name Enter policy node view.

  • Page 282: Configuring Pbr

    Step Command Remarks Optional. 11. Set two default next hops to apply ip-address default By default, both default next hops operate in active/standby next-hop standby take effect to achieve load mode. sharing. Optional. 12. Match packets against the Use this command only when the next node upon match apply fail-action continue match mode of the node is...

  • Page 283: Displaying And Maintaining Pbr

    Step Command Remarks interface interface-type Enter interface view. interface-number Apply a policy on the ip policy-based-route Not applied by default. interface. policy-name Displaying and maintaining PBR Task Command Remarks display policy-based-route Available in any Display PBR configuration for a policy. [ policy-name ] [ | { begin | exclude view.

  • Page 284: Pbr Configuration Examples

    PBR configuration examples Configuring local PBR based on packet type Network requirements As shown in Figure 84, configure local PBR on Router A to forward all locally generated TCP packets through Serial 2/2/0. Router A forwards other packets according to the routing table. Figure 84 Network diagram Configuration procedure Configure Router A:...

  • Page 285: Configuring Interface Pbr Based On Packet Type

    [RouterC-Serial2/2/1] ip address 1.1.3.2 255.255.255.0 [RouterC-Serial2/2/1] quit Verify the configuration: # Telnet to Router B (1.1.2.2/24) from Router A. The operation succeeds. # Telnet to Router C (1.1.3.2/24) from Router A. The operation fails. # Ping Router C (1.1.3.2/24) from Router A. The operation succeeds. Telnet uses TCP, and ping uses ICMP.

  • Page 286: Configuring Interface Pbr Based On Packet Length

    [RouterA-pbr-aaa-5] quit # Configure interface PBR by applying the policy aaa on GigabitEthernet 2/1/1. [RouterA] interface GigabitEthernet 2/1/1 [RouterA-GigabitEthernet2/1/1] ip address 10.110.0.10 255.255.255.0 [RouterA-GigabitEthernet2/1/1] ip policy-based-route aaa [RouterA-GigabitEthernet2/1/1] quit # Configure the IP addresses of the serial interfaces. [RouterA] interface serial 2/2/0 [RouterA-Serial2/2/0] ip address 1.1.2.1 255.255.255.0 [RouterA-Serial2/2/0] quit [RouterA] interface serial 2/2/1...
  • Page 287 Figure 86 Network diagram Configuration procedure Configure Router A: # Configure RIP. <RouterA> system-view [RouterA] rip [RouterA-rip-1] network 192.1.1.0 [RouterA-rip-1] network 150.1.0.0 [RouterA-rip-1] network 151.1.0.0 [RouterA-rip-1] quit # Configure Node 10 for policy lab1 to forward packets with a length of 64 to 100 bytes to the next hop 150.1.1.2, and packets with a length of 101 to 1000 bytes to the next hop 151.1.1.2.
  • Page 288 [RouterB-rip-1] network 151.1.0.0 # Configure the IP addresses of the serial interfaces. [RouterB] interface serial 2/2/0 [RouterB-Serial2/2/0] ip address 150.1.1.2 255.255.255.0 [RouterB-Serial2/2/0] quit [RouterB] interface serial 2/2/1 [RouterB-Serial2/2/1] ip address 151.1.1.2 255.255.255.0 [RouterB-Serial2/2/1] quit # Configure the loopback interface address. [RouterB] interface loopback 0 [RouterB-LoopBack0] ip address 10.1.1.1 32 Verify the configuration:...

  • Page 289: Configuring Interface Pbr Based On Reverse Input Interface

    Reply from 10.1.1.1: bytes=200 time<1ms TTL=255 Reply from 10.1.1.1: bytes=200 time<1ms TTL=255 Reply from 10.1.1.1: bytes=200 time<1ms TTL=255 Ping statistics for 10.1.1.1: Packets: Sent = 4, Received = 4, Lost = 0 (0% loss), Approximate round trip times in milli-seconds: Minimum = 0ms, Maximum = 0ms, Average = 0ms The debugging information about PBR displayed on Router A is as follows: <RouterA>...
  • Page 290 Figure 87 Network diagram Configuration procedure # Configure IP addresses for the interfaces on Router A and make sure that Router A can reach the public network. (Details not shown.) # Configure an NAT internal server on interface Serial 2/2/0, and specify 2.1.1.100/16 (on the same network segment as the IP address of Serial 2/2/0 on Router A) as the public address of the HTTP server 192.168.1.2/24.

  • Page 291: Configuring Interface Pbr On A Vlan Interface

    Configuring interface PBR on a VLAN interface Network requirements Figure 88. Router A is configured with SAP modules. Configure Router A to operate in gateway mode, create VLAN 100 and VLAN 200 on it, and configure interface PBR on VLAN-interface 200 so that packets from VLAN 200 to VLAN 100 are forwarded through GigabitEthernet 2/0/2.
  • Page 292 [Route A-acl-adv-3000] quit # Create a policy and define node 1, setting the next hop to 30.1.1.2 for packets matching ACL 3000. [Route A] policy-based-route aaa node 1 [Route A-pbr-aaa-1] if-match acl 3000 [Route A-pbr-aaa-1] apply ip-address next-hop 30.1.1.2 [Route A-pbr-aaa-1] quit # Configure interface PBR on VLAN-interface 200.

  • Page 293: Configuring Ipv6 Static Routing

    Configuring IPv6 static routing Overview Static routes are manually configured. If a network's topology is simple, you only need to configure static routes for the network to work correctly. Proper configuration and use can improve network performance and ensure enough bandwidth for important applications. Static routes cannot adapt to network topology changes.

  • Page 294: Displaying And Maintaining Ipv6 Static Routes

    Displaying and maintaining IPv6 static routes Task Command Remarks display ipv6 routing-table Display IPv6 static route protocol static [ inactive | Available in any view. information. verbose ] [ | { begin | exclude | include } regular-expression ] For more information about the display ipv6 routing-table protocol static [ inactive | verbose ] [ | { begin | exclude | include } regular-expression ] command, see Layer 3—IP Routing Command Reference.
  • Page 295 <RouterC> system-view [RouterC] ipv6 [RouterC] ipv6 route-static :: 0 5::2 Configure the IPv6 addresses of hosts and gateways: Configure the IPv6 addresses of all the hosts based on the network diagram, and configure the default gateway of Host A as 1::1, Host B as 2::1, and Host C as 3::1. Verify the configuration: # Display the IPv6 routing table on Router A.
  • Page 296 round-trip min/avg/max = 62/62/63 ms...

  • Page 297: Configuring An Ipv6 Default Route

    Configuring an IPv6 default route An IPv6 default route is used to forward packets that match no entry in the routing table. An IPv6 default route can be configured in either of the following ways: • The network administrator can configure a default route with a destination prefix of ::/0. For more information, see "Configuring IPv6 static routing."...

  • Page 298: Configuring Ripng

    Configuring RIPng Overview RIP next generation (RIPng) is an extension of RIP-2 for IPv4. Most RIP concepts are applicable in RIPng. RIPng for IPv6 has the following basic differences from RIP: • UDP port number—RIPng uses UDP port 521 for sending and receiving routing information. •...

  • Page 299: Ripng Packet Processing Procedure

    Figure 90 RIPng basic packet format Packet header description: • Command—Type of message. 0x01 indicates Request, 0x02 indicates Response. • Version—Version of RIPng. It can only be 0x01. • RTE—Route table entry. It is 20 bytes for each entry. RTE format The following are types of RTEs in RIPng: •...

  • Page 300: Protocols And Standards

    the entire routing table information in response messages. If multiple RTEs exist in the request message, the RIPng router examines each RTE, update its metric, and send the requested routing information to the requesting router in the response packet. Response packet The response packet containing the local routing table information is generated as follows: •...

  • Page 301: Configuration Prerequisites

    Configuration prerequisites Before you configure RIPng basic functions, complete the following tasks: • Enable IPv6 packet forwarding. • Configure an IP address for each interface, and make sure all nodes are reachable to one another. Configuration procedure To configure the basic RIPng functions: Step Command Remarks...

  • Page 302: Configuring Ripng Route Summarization

    Step Command Remarks Enter system view. system-view interface interface-type Enter interface view. interface-number Optional. Specify an inbound ripng metricin value routing additional metric. 0 by default. Optional. Specify an outbound ripng metricout value routing additional metric. 1 by default. Configuring RIPng route summarization Step Command Enter system view.

  • Page 303: Configuring A Priority For Ripng

    Step Command Remarks filter-policy { acl6-number | Configure a filter policy By default, RIPng does not filter ipv6-prefix ipv6-prefix-name } export to filter outgoing routes. outgoing routing information. [ protocol [ process-id ] ] Configuring a priority for RIPng Routing protocols have their own protocol priorities used for optimal route selection. You can set a priority for RIPng manually.

  • Page 304: Configuring Split Horizon And Poison Reverse

    When adjusting RIPng timers, consider the network performance, and perform unified configurations on routers running RIPng to avoid unnecessary network traffic or route oscillation. To configure RIPng timers: Step Command Remarks Enter system view. system-view ripng [ process-id ] Enter RIPng view. [ vpn-instance vpn-instance-name ] Optional.

  • Page 305: Configuring Zero Field Check On Ripng Packets

    Step Command Remarks Enable the poison reverse Disabled by default. ripng poison-reverse function. Configuring zero field check on RIPng packets Some fields in the RIPng packet must be zero, which are called "zero fields." With zero field check on RIPng packets enabled, if such a field contains a non-zero value, the entire RIPng packet is discarded.

  • Page 306: Displaying And Maintaining Ripng

    Configuration prerequisites Before you apply an IPsec policy for RIPng, complete following tasks: • Create an IPsec proposal. • Create an IPsec policy. For more information about IPsec policy configuration, see Security Configuration Guide. Configuration procedure To apply an IPsec policy in a process: Step Command Remarks...

  • Page 307: Ripng Configuration Examples

    RIPng configuration examples Configuring RIPng basic functions Network requirements As shown in Figure 93, all routers learn IPv6 routing information through RIPng. Configure Router B to filter the route (3::/64) learned from Router C, which means the route is not added to the routing table of Router B, and Router B does not forward it to Router A.
  • Page 308 [RouterC-Gigabitethernet2/1/2] ripng 1 enable [RouterC-Gigabitethernet2/1/2] quit [RouterC] interface gigabitethernet 2/1/3 [RouterC-Gigabitethernet2/1/3] ripng 1 enable [RouterC-Gigabitethernet2/1/3] quit # Display the routing table of Router B. [RouterB] display ripng 1 route Route Flags: A - Aging, S - Suppressed, G - Garbage-collect ---------------------------------------------------------------- Peer FE80::20F:E2FF:FE23:82F5 on Gigabitethernet2/1/1...

  • Page 309: Configuring Ripng Route Redistribution

    ---------------------------------------------------------------- Peer FE80::20F:E2FF:FE00:1235 on Gigabitethernet2/1/1 Dest 1::/64, via FE80::20F:E2FF:FE00:1235, cost 1, tag 0, A, 2 Sec Dest 4::/64, via FE80::20F:E2FF:FE00:1235, cost 2, tag 0, A, 2 Sec Dest 5::/64, via FE80::20F:E2FF:FE00:1235, cost 2, tag 0, A, 2 Sec Configuring RIPng route redistribution Network requirements •...
  • Page 310 [RouterB-Gigabitethernet2/1/1] ripng 200 enable # Enable RIPng 200 on Router C. <RouterC> system-view [RouterC] ripng 200 [RouterC] interface gigabitethernet 2/1/1 [RouterC-Gigabitethernet2/1/1] ripng 200 enable [RouterC-Gigabitethernet2/1/1] quit [RouterC] interface gigabitethernet 2/1/2 [RouterC-Gigabitethernet2/1/2] ripng 200 enable [RouterC-Gigabitethernet2/1/2] quit # Display the routing table of Router A. [RouterA] display ipv6 routing-table Routing Table : Destinations : 6...

  • Page 311: Configuring Ripng Ipsec Policies

    [RouterA] display ipv6 routing-table Routing Table : Destinations : 7 Routes : 7 Destination: ::1/128 Protocol : Direct NextHop : ::1 Preference: 0 Interface : InLoop0 Cost Destination: 1::/64 Protocol : Direct NextHop : 1::1 Preference: 0 Interface : GE2/1/2 Cost Destination: 1::1/128 Protocol...
  • Page 312 # Configure Router A. <RouterA> system-view [RouterA] ripng 1 [RouterA-ripng-1] quit [RouterA] interface gigabitethernet 2/1/1 [RouterA-Gigabitethernet2/1/1] ripng 1 enable [RouterA-Gigabitethernet2/1/1] quit # Configure Router B. <RouterB> system-view [RouterB] ripng 1 [RouterB-ripng-1] quit [RouterB] interface gigabitethernet 2/1/1 [RouterB-Gigabitethernet2/1/1] ripng 1 enable [RouterB-Gigabitethernet2/1/1] quit [RouterB] interface gigabitethernet 2/1/2 [RouterB-Gigabitethernet2/1/2] ripng 1 enable...
  • Page 313 [RouterB-ipsec-transform-set-tran1] transform esp [RouterB-ipsec-transform-set-tran1] esp encryption-algorithm des [RouterB-ipsec-transform-set-tran1] esp authentication-algorithm sha1 [RouterB-ipsec-transform-set-tran1] quit [RouterB] ipsec policy policy001 10 manual [RouterB-ipsec-policy-manual-policy001-10] transform-set tran1 [RouterB-ipsec-policy-manual-policy001-10] sa spi outbound esp 12345 [RouterB-ipsec-policy-manual-policy001-10] sa spi inbound esp 12345 [RouterB-ipsec-policy-manual-policy001-10] sa string-key outbound esp abcdefg [RouterB-ipsec-policy-manual-policy001-10] sa string-key inbound esp abcdefg [RouterB-ipsec-policy-manual-policy001-10] quit # On Router C, create an IPsec proposal named tran1, and set the encapsulation mode to...

  • Page 314: Configuring Ospfv3

    Configuring OSPFv3 Overview Open Shortest Path First version 3 (OSPFv3) supports IPv6 and complies with RFC 5340 (OSPF for IPv6). OSPFv3 and OSPFv2 have the following similarities: • A 32-bits router ID and area ID • Packets, including Hello, DD (Data Description), LSR (Link State Request), LSU (Link State Update), LSAck (Link State Acknowledgment) •...

  • Page 315: Timers

    • Network-LSA—Originated for broadcast and NBMA networks by the Designated Router. This LSA contains the list of routers connected to the network, and is flooded throughout a single area only. • Inter-Area-Prefix-LSA—Originated by Area Border Routers (ABRs), and flooded throughout the LSA's associated area.

  • Page 316: Supported Features

    SPF timer Whenever the LSDB changes, an SPF calculation happens. If recalculations become frequent, a large amount of resources are occupied. You can adjust the SPF calculation interval and delay time to protect networks from being overloaded due to frequent changes. GR timer If a failure to establish adjacencies occurs during a GR, the device is in the GR process for a long time.

  • Page 317: Enabling Ospfv3

    Task Remarks optimizing Configuring a DR priority for an interface Optional. OSPFv3 networks Ignoring MTU check for DD packets Optional. Disabling interfaces from receiving and sending OSPFv3 Optional. packets Enabling the logging of neighbor state changes Optional. Configuring GR restarter Optional.

  • Page 318: Configuring Ospfv3 Area Parameters

    Configuring OSPFv3 area parameters The stub area, NSSA area, and virtual link features of OSPFv3 are the same as OSPFv2. Splitting an OSPFv3 AS into multiple areas reduces the number of LSAs and extends OSPFv3 applications. For those non-backbone areas residing on the AS boundary, configure them as stub areas to further reduce the size of routing tables and the number of LSAs.

  • Page 319: Configuring An Ospfv3 Virtual Link

    Step Command Remarks Enter OSPFv3 area view. area area-id nssa [ default-route-advertise [ cost cost | type type ] * | no-import-route | no-summary | Configure the area as an By default, no area is configured suppress-fa | { translate-always NSSA area.

  • Page 320: Configuration Prerequisites

    Configuration prerequisites Before you configure OSPFv3 network types, complete the following tasks: • Configure IPv6 functions. • Configure OSPFv3 basic functions. Configuring the OSPFv3 network type for an interface Step Command Remarks Enter system view. system-view interface interface-type Enter interface view. interface-number Optional.

  • Page 321: Configuring Ospfv3 Inbound Route Filtering

    route. Any LSA falling into the specified network segment will not be advertised, reducing the LSDB size in other areas. To configure route summarization: Step Command Remarks Enter system view. system-view Enter OSPFv3 view. ospfv3 [ process-id ] Enter OSPFv3 area view. area area-id Not configured by default.

  • Page 322: Configuring The Maximum Number Of Ospfv3 Ecmp Routes

    Step Command Remarks Optional. The default cost depends on the interface Configure an OSPFv3 ospfv3 cost value type: 1 for a VLAN interface; 0 for a loopback cost for the interface. [ instance instance-id ] interface; computed according to the bandwidth for other interfaces.

  • Page 323: Tuning And Optimizing Ospfv3 Networks

    • Executing the import-route or default-route-advertise command on a router makes it become an ASBR. • You can only inject and advertise a default route by using the default-route-advertise command. • Because OSPFv3 is a link state routing protocol, it cannot directly filter LSAs to be advertised; you must filter redistributed routes first.

  • Page 324: Configuring Ospfv3 Timers

    Configuring OSPFv3 timers Make sure that the dead interval set on neighboring interfaces is not too short; otherwise, a neighbor is easily considered down. Also, make sure that the LSA retransmission interval is not too short; otherwise, unnecessary retransmissions might occur. To configure OSPFv3 timers: Step Command...

  • Page 325: Ignoring Mtu Check For Dd Packets

    Step Command Remarks Enter system view. system-view Enter interface view. interface interface-type interface-number Optional. ospfv3 dr-priority priority [ instance Configure a DR priority. instance-id ] Defaults to 1. Ignoring MTU check for DD packets When LSAs are few in DD packets, it is unnecessary to check the MTU in DD packets to improve efficiency.

  • Page 326: Configuring Ospfv3 Gr

    Step Command Remarks Enter OSPFv3 view. ospfv3 [ process-id ] Enable the logging of Enabled by default. log-peer-change neighbor state changes. Configuring OSPFv3 GR GR ensures the continuity of packet forwarding when a routing protocol restarts, an active/standby MPU switchover occurs in standalone mode, or a global active/standby MPU switchover occurs in IRF mode.

  • Page 327: Configuring Bfd For Ospfv3

    Step Command Remarks Enter system view. system-view Enter OSPFv3 view. ospfv3 [ process-id ] Optional. Enable the GR graceful-restart helper enable helper capability. Enabled by default. Optional. Enable strict LSA graceful-restart helper checking. strict-lsa-checking Disabled by default. Configuring BFD for OSPFv3 Bidirectional forwarding detection (BFD) provides a mechanism to quickly detect the connectivity of links between OSPFv3 neighbors, thus to improve the convergence speed of OSPFv3.
  • Page 328 • To implement interface-based IPsec protection, configure the same IPsec policy on the interfaces between two neighboring routers. • To implement virtual link-based IPsec protection, configure the same IPsec policy on the two routers connected over the virtual link. If an interface and its area each have an IPsec policy configured, the interface uses its own IPsec policy.

  • Page 329: Displaying And Maintaining Ospfv3

    Displaying and maintaining OSPFv3 Task Command Remarks Display OSPFv3 process brief display ospfv3 [ process-id ] [ | { begin | exclude | information. include } regular-expression ] display ospfv3 interface [ interface-type Display OSPFv3 interface interface-number | statistic ] [ | { begin | exclude | information.

  • Page 330: Ospfv3 Configuration Examples

    OSPFv3 configuration examples Configuring OSPFv3 areas Network requirements As shown in Figure • Enable OSPFv3 on all routers. • Split the AS into three areas. • Configure Router B and Router C as ABRs to forward routing information between areas. •...
  • Page 331 [RouterA-ospfv3-1] area 1 [RouterA-ospfv3-1-area-0.0.0.1] nssa [RouterB-ospfv3-1] quit [RouterB] interface GigabitEthernet 2/2/0 [RouterB-GigabitEthernet2/2/0] ospfv3 1 area 0 [RouterB-GigabitEthernet2/2/0] quit [RouterB] interface GigabitEthernet 2/2/1 [RouterB-GigabitEthernet2/2/1] ospfv3 1 area 1 [RouterB-GigabitEthernet2/2/1] quit # Configure Router C. <RouterC> system-view [RouterC] ipv6 [RouterC] ospfv3 1 [RouterC-ospfv3-1] router-id 3.3.3.3 [RouterC-ospfv3-1] quit [RouterC] interface GigabitEthernet 2/2/0...
  • Page 332 Neighbor ID State Dead Time Interface Instance ID 2.2.2.2 Full/DR 00:00:35 GE2/2/0 OSPFv3 Area ID 0.0.0.2 (Process 1) ---------------------------------------------------------------------- Neighbor ID State Dead Time Interface Instance ID 4.4.4.4 Full/Backup 00:00:36 GE2/2/1 # Display OSPFv3 routing information on Router D. [RouterD] display ospfv3 routing - Intra area route, E1 - Type 1 external route, N1 –...
  • Page 333 OSPFv3 Router with ID (4.4.4.4) (Process 1) ------------------------------------------------------------------------ *Destination: ::/0 Type : IA Cost : 11 NextHop : FE80::F40D:0:93D0:1 Interface: GE2/2/1 *Destination: 2001::/64 Type : IA Cost NextHop : FE80::F40D:0:93D0:1 Interface: GE2/2/1 *Destination: 2001:1::/64 Type : IA Cost NextHop : FE80::F40D:0:93D0:1 Interface: GE2/2/1 *Destination: 2001:2::/64 Type...

  • Page 334: Configuring Ospfv3 Dr Election

    Configuring OSPFv3 DR election Network requirements • As shown in Figure 98, the priority of Router A is 100, the highest priority on the network, so it becomes the DR. • The priority of Router C is 2, the second highest priority on the network, so it becomes the BDR. •...
  • Page 335 [RouterC] ospfv3 [RouterC-ospfv3-1] router-id 3.3.3.3 [RouterC-ospfv3-1] quit [RouterC] interface GigabitEthernet 2/1/1 [RouterC-GigabitEthernet2/1/1] ospfv3 1 area 0 [RouterC-GigabitEthernet2/1/1] quit # Configure Router D. <RouterD> system-view [RouterD] ipv6 [RouterD] ospfv3 [RouterD-ospfv3-1] router-id 4.4.4.4 [RouterD-ospfv3-1] quit [RouterD] interface GigabitEthernet 2/1/1 [RouterD-GigabitEthernet2/1/1] ospfv3 1 area 0 [RouterD-GigabitEthernet2/1/1] quit # Display neighbor information on Router A.

  • Page 336: Configuring Ospfv3 Route Redistribution

    OSPFv3 Area ID 0.0.0.0 (Process 1) ---------------------------------------------------------------------- Neighbor ID State Dead Time Interface Instance ID 2.2.2.2 2-Way/DROther 00:00:38 GE2/1/1 3.3.3.3 Full/Backup 00:00:32 GE2/1/1 4.4.4.4 Full/DR 00:00:36 GE2/1/1 # Display neighbor information on Router D. Router D is still the DR. [RouterD] display ospfv3 peer OSPFv3 Area ID 0.0.0.0 (Process 1) ----------------------------------------------------------------------...
  • Page 337 Figure 99 Network diagram Configuration procedure Configure IPv6 addresses for interfaces. (Details not shown.) Configure OSPFv3 basic functions: # Enable OSPFv3 process 1 on Router A. <RouterA> system-view [RouterA] ipv6 [RouterA] ospfv3 1 [RouterA-ospfv3-1] router-id 1.1.1.1 [RouterA-ospfv3-1] quit [RouterA] interface GigabitEthernet 2/1/2 [RouterA-GigabitEthernet2/1/2] ospfv3 1 area 2 [RouterA-GigabitEthernet2/1/2] quit [RouterA] interface GigabitEthernet 2/1/1...
  • Page 338 [RouterC-GigabitEthernet2/1/2] ospfv3 2 area 2 [RouterC-GigabitEthernet2/1/2] quit [RouterC] interface GigabitEthernet 2/1/1 [RouterC-GigabitEthernet2/1/1] ospfv3 2 area 2 [RouterC-GigabitEthernet2/1/1] quit # Display the routing table of Router C. [RouterC] display ipv6 routing-table Routing Table : Destinations : 6 Routes : 6 Destination: ::1/128 Protocol : Direct NextHop...

  • Page 339: Configuring Ospfv3 Gr

    Interface : InLoop0 Cost Destination: 1::/64 Protocol : OSPFv3 NextHop : FE80::200:CFF:FE01:1C03 Preference: 150 Interface : GE2/1/2 Cost Destination: 2::/64 Protocol : OSPFv3 NextHop : FE80::200:CFF:FE01:1C03 Preference: 150 Interface : GE2/1/2 Cost Destination: 3::/64 Protocol : Direct NextHop : 3::2 Preference: 0 Interface : GE2/1/2...
  • Page 340 Figure 100 Network diagram Configuration procedure Configure IPv6 addresses for interfaces. (Details not shown.) Configure OSPFv3 basic functions: # On Router A, enable OSPFv3 process 1, enable GR, and set the router ID to 1.1.1.1. <RouterA> system-view [RouterA] ipv6 [RouterA] ospfv3 1 [RouterA-ospfv3-1] router-id 1.1.1.1 [RouterA-ospfv3-1] graceful-restart enable [RouterA-ospfv3-1] quit...

  • Page 341: Configuring Bfd For Ospfv3

    Verify the configuration: # After all routers function correctly, perform a master/backup switchover on Router A to trigger an OSPFv3 GR operation. Configuring BFD for OSPFv3 Network requirements As shown in Figure 101: • Configure OSPFv3 on Router A, Router B and Router C and configure BFD over the link Router A<—>L2 Switch<—>Router B.
  • Page 342 <RouterB> system-view [RouterB] ipv6 [RouterB] ospfv3 1 [RouterB-ospfv3-1] router-id 2.2.2.2 [RouterB-ospfv3-1] quit [RouterB] interface gigabitethernet 2/1/1 [RouterB-Gigabitethernet2/1/1] ospfv3 1 area 0 [RouterB-Gigabitethernet2/1/1] quit [RouterB] interface gigabitethernet 2/1/2 [RouterB-Gigabitethernet2/1/2] ospfv3 1 area 0 [RouterB-Gigabitethernet2/1/2] quit # Configure Router C. Enable OSPFv3 and configure the router ID as 3.3.3.3. <RouterC>...
  • Page 343 Source IP: FE80::20F:FF:FE00:1202 (link-local address of Gigabitethernet2/1/1 on Router A) Destination IP: FE80::20F:FF:FE00:1200 (link-local address of Gigabitethernet2/1/1 on Router B) Session State: Up Interface: GE2/1/1 Hold Time: # Display routes to 2001:4::0/64 on Router A, and you can see that Router A communicates with Router B through the Layer 2 switch.

  • Page 344: Configuring Ospfv3 Ipsec Policies

    # Display routes to 2001::4/64 on Router A, and you can see that Router A communicates with Router B through Router C. <RouterA> display ipv6 routing-table 2001:4::0 64 verbose Routing Table : Summary Count : 1 Destination : 2001:4:: PrefixLength : 64 NextHop : 2001:2::2 Preference...
  • Page 345 # Configure Router B: enable OSPFv3 and configure the Router ID as 2.2.2.2. <RouterB> system-view [RouterB] ipv6 [RouterB] ospfv3 1 [RouterB-ospfv3-1] router-id 2.2.2.2 [RouterB-ospfv3-1] quit [RouterB] interface GigabitEthernet 2/2/1 [RouterB-GigabitEthernet2/2/1] ospfv3 1 area 1 [RouterB-GigabitEthernet2/2/1] quit [RouterB] interface GigabitEthernet 2/2/0 [RouterB-GigabitEthernet2/2/0] ospfv3 1 area 0 [RouterB-GigabitEthernet2/2/0] quit # Configure Router C: enable OSPFv3 and configure the Router ID as 3.3.3.3.
  • Page 346 [RouterB] ipsec transform-set tran1 [RouterB-ipsec-transform-set-tran1] encapsulation-mode transport [RouterB-ipsec-transform-set-tran1] transform esp [RouterB-ipsec-transform-set-tran1] esp encryption-algorithm des [RouterB-ipsec-transform-set-tran1] esp authentication-algorithm sha1 [RouterB-ipsec-transform-set-tran1] quit [RouterB] ipsec policy policy001 10 manual [RouterB-ipsec-policy-manual-policy001-10] transform-set tran1 [RouterB-ipsec-policy-manual-policy001-10] sa spi outbound esp 12345 [RouterB-ipsec-policy-manual-policy001-10] sa spi inbound esp 12345 [RouterB-ipsec-policy-manual-policy001-10] sa string-key outbound esp abcdefg [RouterB-ipsec-policy-manual-policy001-10] sa string-key inbound esp abcdefg [RouterB-ipsec-policy-manual-policy001-10] quit...

  • Page 347: Troubleshooting Ospfv3 Configuration

    [RouterA-ospfv3-1-area-0.0.0.1] quit [RouterA-ospfv3-1] quit # Configure Router B. [RouterB] ospfv3 1 [RouterB-ospfv3-1] area 0 [RouterB-ospfv3-1-area-0.0.0.0] enable ipsec-policy policy002 [RouterB-ospfv3-1-area-0.0.0.0] quit [RouterB-ospfv3-1] area 1 [RouterB-ospfv3-1-area-0.0.0.1] enable ipsec-policy policy001 [RouterB-ospfv3-1-area-0.0.0.1] quit [RouterB-ospfv3-1] quit # Configure Router C. [RouterC] ospfv3 1 [RouterC-ospfv3-1] area 0 [RouterC-ospfv3-1-area-0.0.0.0] enable ipsec-policy policy002 [RouterC-ospfv3-1-area-0.0.0.0] quit [RouterC-ospfv3-1] quit...
  • Page 348 Analysis The backbone area must maintain connectivity to all other areas. If a router connects to more than one area, at least one area must be connected to the backbone. The backbone cannot be configured as a stub area. In a stub area, all routers cannot receive external routes, and interfaces connected to the stub area must be associated with the stub area.

  • Page 349: Configuring Ipv6 Is-Is

    Configuring IPv6 IS-IS This chapter describes how to configure IPv6 IS-IS, which supports all IPv4 IS-IS features except that it advertises IPv6 routing information. For information about IS-IS, see "Configuring IS-IS." Overview Intermediate System-to-Intermediate System (IS-IS) supports multiple network protocols, including IPv6.

  • Page 350: Configuring Ipv6 Is-Is Route Control

    Step Command Remarks Enable IPv6 for an IS-IS isis ipv6 enable [ process-id ] Disabled by default. process on the interface. Configuring IPv6 IS-IS route control Before you configure IPv6 IS-IS route control, complete basic IPv6 IS-IS configuration. For information about ACL, see ACL and QoS Configuration Guide. For information about routing policy and IPv6 prefix list, see "Configuring routing policies."...

  • Page 351: Configuring Bfd For Ipv6 Is-Is

    NOTE: The ipv6 filter-policy export command is usually used in combination with the ipv6 import-route command. If no protocol is specified for the ipv6 filter-policy export command, routes redistributed from all routing protocols are filtered before advertisement. If a protocol is specified, only routes redistributed from the routing protocol are filtered for advertisement.

  • Page 352: Displaying And Maintaining Ipv6 Is-Is

    Figure 103 Network diagram Router A Router B IPv6 IPv6 IPv6 IPv4 IPv6 IPv4 IPv4 IPv4 Router C Router D Figure 103, the numbers refer to the link costs. Router A, Router B, and Router D support both IPv4 and IPv6. Router C supports only IPv4 and cannot forward IPv6 packets. Enable IPv6 IS-IS MTR on Router A, Router B, Router C, and Router D to make them perform route calculation separately in IPv4 and IPv6 topologies.

  • Page 353: Ipv6 Is-Is Configuration Examples

    Task Command Remarks display isis interface [ statistics | [ interface-type interface-number ] Display IS-IS enabled interface [ verbose ] ] [ process-id | vpn-instance Available in any view. information. vpn-instance-name ] [ | { begin | exclude | include } regular-expression ] display isis lsdb [ [ l1 | l2 | level-1 | level-2 ] | [ [ lsp-id lsp-id | lsp-name lspname | local ] | verbose ] * ] *...
  • Page 354 Figure 104 Network diagram Configuration procedure Configure IPv6 addresses for interfaces. (Details not shown.) Configure IPv6 IS-IS: # Configure Router A. <RouterA> system-view [RouterA] ipv6 [RouterA] isis 1 [RouterA-isis-1] is-level level-1 [RouterA-isis-1] network-entity 10.0000.0000.0001.00 [RouterA-isis-1] ipv6 enable [RouterA-isis-1] quit [RouterA] interface serial 2/2/0 [RouterA-Serial2/2/0] isis ipv6 enable 1 [RouterA-Serial2/2/0] quit # Configure Router B.
  • Page 355 [RouterC-Serial2/2/0] quit [RouterC] interface serial 2/2/1 [RouterC-Serial2/2/1] isis ipv6 enable 1 [RouterC-Serial2/2/1] quit [RouterC] interface serial 2/2/2 [RouterC-Serial2/2/2] isis ipv6 enable 1 [RouterC-Serial2/2/2] quit # Configure Router D. <RouterD> system-view [RouterD] ipv6 [RouterD] isis 1 [RouterD-isis-1] is-level level-2 [RouterD-isis-1] network-entity 20.0000.0000.0004.00 [RouterD-isis-1] ipv6 enable [RouterD-isis-1] quit [RouterD] interface serial 2/2/0...
  • Page 356 [RouterB] display isis route ipv6 Route information for ISIS(1) ----------------------------- ISIS(1) IPv6 Level-1 Forwarding Table ------------------------------------- Destination: :: PrefixLen: 0 Flag : R/-/- Cost : 10 Next Hop : FE80::200:FF:FE0F:4 Interface: S2/2/0 Destination: 2001:1:: PrefixLen: 64 Flag : D/L/- Cost : 10 Next Hop : FE80::200:FF:FE0F:4...
  • Page 357 ------------------------------------- Destination: 2001:1:: PrefixLen: 64 Flag : D/L/- Cost : 10 Next Hop : Direct Interface: S2/2/1 Destination: 2001:2:: PrefixLen: 64 Flag : D/L/- Cost : 10 Next Hop : Direct Interface: S2/2/0 Destination: 2001:3:: PrefixLen: 64 Flag : D/L/- Cost : 10 Next Hop...

  • Page 358: Configuring Bfd For Ipv6 Is-Is

    Configuring BFD for IPv6 IS-IS Network requirements As shown in Figure 105, configure IPv6 IS-IS on Router A, Router B, and Router C and configure BFD over the link Router A<—>L2 Switch<—>Router B. When the link between Router B and the Layer-2 switch fails, BFD can quickly detect the failure and notify IPv6 IS-IS of the failure.

  • Page 359: Verify Configuration

    [RouterB-isis-1] is-level level-1 [RouterB-isis-1] network-entity 10.0000.0000.0002.00 [RouterB-isis-1] ipv6 enable [RouterB-isis-1] quit [RouterB] interface gigabitethernet 2/1/1 [RouterB-GigabitEthernet2/1/1] isis ipv6 enable 1 [RouterB-GigabitEthernet2/1/1] quit [RouterB] interface gigabitethernet 2/1/2 [RouterB-GigabitEthernet2/1/2] isis ipv6 enable 1 [RouterB-GigabitEthernet2/1/2] quit # Configure Router C. <RouterC> system-view [RouterC] ipv6 [RouterC] isis 1 [RouterC-isis-1] network-entity 10.0000.0000.0003.00 [RouterC-isis-1] ipv6 enable...
  • Page 360 Source IP: FE80::20F:FF:FE00:1202 (link-local address of GigabitEthernet2/1/1 on Router A) Destination IP: FE80::20F:FF:FE00:1200 (link-local address of GigabitEthernet2/1/1 on Router B) Session State: Up Interface: GE2/1/1 Hold Time: # Display route 2001:4::0/64 on Router A, and you can see that Router A and Router B communicate through the Layer-2 switch.

  • Page 361: Configuring Ipv6 Is-Is Mtr

    %Aug 8 14:54:05:366 2008 RouterA IFNET/4/UPDOWN: Line protocol on the interface Ethernet0/1 is DOWN %Aug 8 14:54:05:367 2009 RouterA ISIS/4/ADJLOG:ISIS-1-ADJCHANGE: Adjacency To 0000.0000.0002 (GE2/1/1) DOWN, Level-2 Circuit Down. %Aug 8 14:54:05:367 2009 RouterA ISIS/4/ADJLOG:ISIS-1-ADJCHANGE: Adjacency To 0000.0000.0002 (GE2/1/1) DOWN, Level-2 Adjacency clear. %Aug 8 14:54:05:368 2009 RouterA ISIS/4/ADJLOG:ISIS-1-ADJCHANGE: Adjacency To 0000.0000.0002 (GE2/1/1) DOWN, Level-1 Circuit Down.
  • Page 362 Figure 106 Network diagram Configuration procedure Configure IPv4 and IPv6 addresses for the interfaces on each router and configure IS-IS: Follow Figure 106 to configure the IPv4 and IPv6 address and subnet mask of each interface on the routers. (Details not shown.) Configure IS-IS on the routers, making sure that Router A, Router B, Router C, and Router D can communicate with each other at Layer 3 and dynamic route update can be implemented among them with IS-IS.
  • Page 363 Next Hop : Direct Interface: GE2/1/1 Destination: 44::1 PrefixLen: 128 Flag : R/L/- Cost : 36 Next Hop : FE80::200:5EFF:FE00:F11 Interface: GE2/1/2 Destination: 14:: PrefixLen: 64 Flag : D/L/- Cost : 36 Next Hop : Direct Interface: GE2/1/2 Flags: D-Direct, R-Added to RM, L-Advertised in LSPs, U-Up/Down Bit Set ISIS(1) IPv6 Level-2 Forwarding Table ------------------------------------- Destination: 12::...

  • Page 364: Configuring Ipv6 Bgp

    Configuring IPv6 BGP This chapter describes only configuration for IPv6 BGP. For BGP-related information, see "Configuring BGP." IPv6 BGP overview BGP-4 can only carry IPv4 routing information. To support multiple network layer protocols, IETF extended BGP-4 by introducing Multiprotocol Border Gateway Protocol (MP-BGP). MP-BGP for IPv6 is called "IPv6 BGP" for short. IPv6 BGP puts IPv6 network layer information into the attributes of Network Layer Reachability Information (NLRI) and NEXT_HOP.

  • Page 365: Configuring Ipv6 Bgp Basic Functions

    Task Remarks Configuring IPv6 BGP and IGP route Optional. synchronization Configuring route dampening Optional. Configuring IPv6 BGP preference and default Optional. LOCAL_PREF and NEXT_HOP attributes Configuring IPv6 BGP route attributes Configuring the MED attribute Optional. Configuring the AS_PATH attribute Optional. Configuring IPv6 BGP timers Optional.

  • Page 366: Injecting A Local Ipv6 Route

    Step Command Remarks Optional. Specify a router ID. router-id router-id Required, if no IP addresses are configured for any interfaces. Enter IPv6 address family ipv6-family [ vpn-instance view or IPv6 BGP-VPN vpn-instance-name ] instance view. peer ipv6-address as-number Specify an IPv6 peer. as-number Injecting a local IPv6 route Step...

  • Page 367: Specifying The Source Interface For Establishing Tcp Connections

    Specifying the source interface for establishing TCP connections IPv6 BGP uses TCP as the transport layer protocol. By default, IPv6 BGP uses the output interface of the optimal route to a peer or peer group as the source interface for establishing TCP connections to the peer or peer group.

  • Page 368: Disabling Session Establishment To An Ipv6 Peer Or Peer Group

    Step Command Remarks Enter system view. system-view Enter BGP view. bgp as-number Enter IPv6 address family ipv6-family view. Optional. Not configured by default. Configure a description for peer { ipv6-group-name | ipv6-address } The peer group to be an IPv6 peer or peer group. description description-text configured with a description must have been...

  • Page 369: Configuration Prerequisites

    Configuration prerequisites Before you configure route distribution and reception control, complete the following tasks: • Enable IPv6. • Configure IPv6 BGP basic functions. Configuring IPv6 BGP route redistribution IMPORTANT: If the default-route imported command is not configured, using the import-route command cannot redistribute an IGP default route.

  • Page 370: Configuring Outbound Route Filtering

    Step Command Remarks Enter system view. system-view Enter BGP view. bgp as-number Enter IPv6 address family ipv6-family view. Advertise a default route peer { ipv6-group-name | ipv6-address } Not advertised by to an IPv6 peer or peer default-route-advertise [ route-policy default.

  • Page 371: Configuring Inbound Route Filtering

    Configuring inbound route filtering Only routes passing the configured filtering can be added into the local IPv6 BGP routing table. Members of a peer group can have different inbound route filtering policies. To configure inbound route filtering: Step Command Remarks Enter system view.

  • Page 372: Configuring Route Dampening

    Step Command Remarks Enable route synchronization Not enabled by default. synchronization between IPv6 BGP and IGP. Configuring route dampening Step Command Remarks Enter system view. system-view Enter BGP view. bgp as-number Enter IPv6 address family ipv6-family view. Optional. dampening [ half-life-reachable Configure IPv6 BGP route half-life-unreachable reuse suppress ceiling | Not configured by...

  • Page 373: Configuring The Med Attribute

    Step Command Remarks Enter system view. system-view Enter BGP view. bgp as-number Enter IPv6 address family ipv6-family [ vpn-instance view or IPv6 BGP-VPN vpn-instance-name ] instance view. preference Optional. { external-preference Configure preference values internal-preference The default preference values of for IPv6 BGP external, local-preference | external, internal, and local routes...

  • Page 374: Configuring The As_Path Attribute

    Configuring the AS_PATH attribute Step Command Remarks Enter system view. system-view Enter BGP view. bgp as-number Enter IPv6 address family ipv6-family view. Allow the local AS number to appear in AS_PATH of peer { ipv6-group-name | Optional. routes from a peer or peer ipv6-address } allow-as-loop Not allowed by default.

  • Page 375: Configuration Prerequisites

    Configuration prerequisites Before you configure IPv6 BGP timers, complete the following tasks: • Enable IPv6. • Configure IPv6 BGP basic functions. Configuring IPv6 BGP timers To configure IPv6 BGP timers: Step Command Remarks Enter system view. system-view Enter BGP view. bgp as-number Enter IPv6 address family ipv6-family...

  • Page 376: Enabling The Ipv6 Bgp Orf Capability

    Step Command Remarks Optional. peer { ipv6-group-name | ipv6-address } Enable route refresh. capability-advertise route-refresh Enabled by default. Performing manual soft-reset Step Command Remarks Enter system view. system-view Enter BGP view. bgp as-number Enter IPv6 address family ipv6-family view. Save all routes from an IPv6 Optional.

  • Page 377: Enabling 4-Byte As Number Suppression

    Step Command Remarks peer { group-name | Enable BGP route refresh for ipv6-address } Enabled by default. a peer or peer group. capability-advertise route-refresh Optional. peer { group-name | Enable the non-standard ipv6-address } By default, standard BGP ORF ORF capability for a BGP capability-advertise orf capability defined in RFC 5291 peer or peer group.

  • Page 378: Configuring The Maximum Number Of Ecmp Routes

    Step Command Remarks peer { group-name | ipv6-address } Enable 4-byte AS Disabled by default. capability-advertise number suppression. suppress-4-byte-as Configuring the maximum number of ECMP routes Step Command Remarks Enter system view. system-view Enter BGP view. bgp as-number Enter IPv6 address family ipv6-family [ vpn-instance view or IPv6 BGP-VPN vpn-instance-name ]...

  • Page 379: Configuring Gtsm For Ipv6 Bgp

    Configuration prerequisites Before applying an IPsec policy to a peer or peer group, complete the following tasks: • Create an IPsec proposal. • Create an IPsec policy. For more information about IPsec policy configuration, see Security Configuration Guide. Configuration procedure An IPsec policy used for IPv6 BGP can be only in manual mode.

  • Page 380: Configuring A Large-Scale Ipv6 Bgp Network

    NOTE: • The peer ttl-security hops command and the peer ebgp-max-hop command are mutually exclusive. • You must configure GTSM on both the local and peer devices, and you can specify different hop-count values in a valid range for them. Configuring a large-scale IPv6 BGP network In a large-scale IPv6 BGP network, configuration and maintenance become inconvenient because of too many peers.

  • Page 381: Configuring Ipv6 Bgp Community

    Step Command Remarks Enter BGP view. bgp as-number Enter IPv6 address family ipv6-family view. Create an EBGP peer group. group ipv6-group-name external Configure the AS number for peer ipv6-group-name Not configured by default. the peer group. as-number as-number Add an IPv6 peer into the peer ipv6-address group Not added by default.

  • Page 382: Configuring An Ipv6 Bgp Route Reflector

    Step Command Remarks Advertise extended peer { ipv6-group-name | community attribute to an ipv6-address } Not advertised by default. IPv6 peer or peer group. advertise-ext-community Applying a routing policy to routes advertised to a peer or peer group When configuring IPv6 BGP community, you must configure a routing policy to define the community attribute, and apply the routing policy to route advertisement.

  • Page 383: Configuring 6Pe

    Configuring 6PE IPv6 provider edge (6PE) is a transition technology with which Internet service providers (ISPs) can use existing IPv4 backbone networks to provide access capability for sparsely populated IPv6 networks, allowing customer edge (CE) routers in these isolated IPv6 networks to communicate with IPv4 PE routers.

  • Page 384: Configuring Optional 6Pe Capabilities

    Step Command Remarks Enable the 6PE peer or peer { ipv4-group-name | Not enabled by default. peer group. ipv4-address | ipv6-address } enable Enable the router to exchange labeled IPv6 peer { ipv4-group-name | Not enabled by default. routes with the 6PE peer or ipv4-address } label-route-capability peer group.

  • Page 385: Configuring Bfd For Ipv6 Bgp

    Step Command Remarks 14. Keep all routes from the 6PE Optional. peer or peer group, including peer { group-name | ipv4-address } routes not passing the keep-all-routes Not kept by default. inbound filtering policy. 15. Configure the device as a Optional.

  • Page 386: Displaying And Maintaining Ipv6 Bgp

    Step Command Remarks Enable BGP and enter BGP Not enabled by default. bgp as-number view. Enter IPv6 address family ipv6-family [ vpn-instance view or IPv6 BGP-VPN vpn-instance-name ] instance view. Enable BFD for the specified Not enabled for any BGP peer by peer ipv6-address bfd BGP peer.

  • Page 387: Resetting Ipv6 Bgp Connections

    Task Command Remarks display bgp ipv6 routing-table dampening Display IPv6 BGP dampening parameter [ | { begin | exclude | include } Available in any view. parameter information. regular-expression ] Display IPv6 BGP routing display bgp ipv6 routing-table information originated from different-origin-as [ | { begin | exclude | Available in any view.

  • Page 388: Ipv6 Bgp Configuration Examples

    IPv6 BGP configuration examples Some examples for IPv6 BGP configuration are similar to those of BGP. For more information, see "Configuring BGP." IPv6 BGP basic configuration Network requirements All routers in Figure 108 run IPv6 BGP. Between Router A and Router B is an EBGP connection. Router B, Router C, and Router D are fully meshed through IBGP connections.
  • Page 389 <RouterD> system-view [RouterD] ipv6 [RouterD] bgp 65009 [RouterD-bgp] router-id 4.4.4.4 [RouterD-bgp] ipv6-family [RouterD-bgp-af-ipv6] peer 9:1::1 as-number 65009 [RouterD-bgp-af-ipv6] peer 9:2::1 as-number 65009 [RouterD-bgp-af-ipv6] quit [RouterD-bgp] quit Configure the EBGP connection: # Configure Router A. <RouterA> system-view [RouterA] ipv6 [RouterA] bgp 65008 [RouterA-bgp] router-id 1.1.1.1 [RouterA-bgp] ipv6-family [RouterA-bgp-af-ipv6] peer 10::1 as-number 65009...

  • Page 390: Ipv6 Bgp Route Reflector Configuration

    Router A and Router B have established an EBGP connection. Router B, C, and D have established IBGP connections to each other. IPv6 BGP route reflector configuration Network requirements Figure 109, Router B receives an EBGP update and sends it to Router C, which is configured as a route reflector with two clients: Router B and Router D.

  • Page 391: 6Pe Configuration

    [RouterC-bgp] ipv6-family [RouterC-bgp-af-ipv6] peer 101::2 as-number 200 [RouterC-bgp-af-ipv6] peer 102::2 as-number 200 # Configure Router D. <RouterD> system-view [RouterD] ipv6 [RouterD] bgp 200 [RouterD-bgp] router-id 4.4.4.4 [RouterD-bgp] ipv6-family [RouterD-bgp-af-ipv6] peer 102::1 as-number 200 Configure route reflector: # Configure Router C as a route reflector, and configure Router B and Router D as its clients. [RouterC-bgp-af-ipv6] peer 101::2 reflect-client [RouterC-bgp-af-ipv6] peer 102::2 reflect-client Verify the configuration:...
  • Page 392 <CE1> system-view [CE1] ipv6 # Specify IP addresses for interfaces. [CE1] interface serial 2/2/0 [CE1-Serial2/2/0] ipv6 address auto link-local [CE1-Serial2/2/0] quit [CE1] interface loopback0 [CE1-LoopBack0] ipv6 address 1::1/128 [CE1-LoopBack0] quit # Configure an IPv6 static route to PE 1. [CE1] ipv6 route-static :: 0 serial2/2/0 Configure PE 1: # Enable IPv6 packet forwarding, MPLS, and LDP.
  • Page 393 # Configure the static route to CE 1. [PE1] ipv6 route-static 1::1 128 serial2/2/0 # Configure OSPF for LSP establishment. [PE1] ospf [PE1-ospf-1] area 0 [PE1-ospf-1-area-0.0.0.0] network 2.2.2.2 0.0.0.0 [PE1-ospf-1-area-0.0.0.0] network 1.1.0.0 0.0.255.255 [PE1-ospf-1-area-0.0.0.0] quit [PE1-ospf-1] quit [PE1] Configure PE 2: <PE2>...
  • Page 394 [PE1-ospf-1-area-0.0.0.0] network 3.3.3.3 0.0.0.0 [PE1-ospf-1-area-0.0.0.0] network 1.1.0.0 0.0.255.255 [PE1-ospf-1-area-0.0.0.0] quit [PE1-ospf-1] quit [PE1] Configure CE 2: # Enable IPv6 packet forwarding and specify IP addresses for interfaces. <CE2> system-view [CE2] ipv6 [CE2] interface serial 2/2/0 [CE2-Serial2/2/0] ipv6 address auto link-local [CE2-Serial2/2/0] quit [CE2] interface loopback 0 [CE2-LoopBack0] ipv6 address 4::4/128...

  • Page 395: Ipv6 Bgp Ipsec Policy Configuration

    NextHop : FE80::E142:0:4607:1 LocPrf PrefVal : 0 Label : NULL Path/Ogn: ? *> Network : 2::2 PrefixLen : 128 NextHop : ::1 LocPrf PrefVal : 0 Label : NULL Path/Ogn: ? *>i Network : 3::3 PrefixLen : 128 NextHop : ::FFFF:3.3.3.3 LocPrf : 100 PrefVal : 0...
  • Page 396 [RouterA-bgp-af-ipv6] group ibgp internal [RouterA-bgp-af-ipv6] peer 1::2 group ibgp [RouterA-bgp-af-ipv6] quit [RouterA-bgp] quit # Configure Router B. <RouterB> system-view [RouterB] ipv6 [RouterB] bgp 65008 [RouterB-bgp] router-id 2.2.2.2 [RouterB-bgp] ipv6-family [RouterB-bgp-af-ipv6] group ibgp internal [RouterB-bgp-af-ipv6] peer 1::1 group ibgp [RouterB-bgp-af-ipv6] quit [RouterB-bgp] quit Configure the EBGP connection: # Configure Router C.
  • Page 397 [RouterA-ipsec-policy-manual-policy001-10] sa string-key outbound esp abcdefg [RouterA-ipsec-policy-manual-policy001-10] sa string-key inbound esp abcdefg [RouterA-ipsec-policy-manual-policy001-10] quit # On Router B, create an IPsec proposal named tran1, and set the encapsulation mode to transport mode, the security protocol to ESP, the encryption algorithm to DES, and authentication algorithm to SHA1.
  • Page 398 [RouterC-ipsec-policy-manual-policy002-10] proposal tran2 [RouterC-ipsec-policy-manual-policy002-10] sa spi outbound esp 54321 [RouterC-ipsec-policy-manual-policy002-10] sa spi inbound esp 54321 [RouterC-ipsec-policy-manual-policy002-10] sa string-key outbound esp gfedcba [RouterC-ipsec-policy-manual-policy002-10] sa string-key inbound esp gfedcba [RouterC-ipsec-policy-manual-policy002-10] quit Apply IPsec policies to IBGP peers: # Configure Router A. [RouterA] bgp 65008 [RouterA-bgp] ipv6-family [RouterA-bgp-af-ipv6] peer 1::2 ipsec-policy policy001 [RouterA-bgp-af-ipv6] quit...
  • Page 399 Address family IPv4 Unicast: advertised and received Received: Total 0 messages, Update messages 0 Sent: Total 0 messages, Update messages 0 Maximum allowed prefix number: 4294967295 Threshold: 75% Minimum time between advertisement runs is 30 seconds Optional capabilities: Route refresh capability has been enabled ORF advertise capability based on prefix (type 64): Local: both Negotiated: send...

  • Page 400: Configuring Bfd For Ipv6 Bgp

    Configuring BFD for IPv6 BGP Network requirements • As shown in Figure 112, configure OSPFv3 as the IGP in AS 200. • Establish two IBGP connections between Router A and Router C. When both links are working, Router C adopts the link Router A<—>Router B<—>Router C to exchange packets with network 1200::0/64.
  • Page 401 [RouterA-route-policy] apply cost 50 [RouterA-route-policy] quit [RouterA] route-policy apply_med_100 permit node 10 [RouterA-route-policy] if-match ipv6 address acl 2000 [RouterA-route-policy] apply cost 100 [RouterA-route-policy] quit Apply routing policy apply_med_50 to routes outgoing to peer 3002::2, and apply routing policy apply_med_100 to routes outgoing to peer 2002::2. [RouterA] bgp 200 [RouterA-bgp] ipv6-family [RouterA-bgp-af-ipv6] peer 3002::2 route-policy apply_med_50 export...
  • Page 402 Configure the detect multiplier as 7. [RouterC-GigabitEthernet2/1/1] bfd detect-multiplier 7 Configure the BFD authentication mode as plain-text authentication, and set the authentication key to ibgpbfd. [RouterC-GigabitEthernet2/1/1] bfd authentication-mode simple 1 ibgpbfd [RouterC-GigabitEthernet2/1/1] return Verify the configuration: The following operations are made on Router C. Operations on Router A and Router B are similar.
  • Page 403 RelayNextHop : 3002::1 : 0H Neighbor : 3001::1 ProcessID Interface : GigabitEthernet2/1/1 Protocol : BGP4+ State : Active Adv Cost : 50 Tunnel ID : 0x0 Label : NULL : 4538sec Destination : 1200:: PrefixLength : 64 NextHop : 2001::1 Preference : 255 RelayNextHop : 2002::1...
  • Page 404 : 4635sec The output shows that Router C has one route to reach network 1200::0/64, that is, Router C<—>Router D<—>Router A.

  • Page 405: Configuring Ipv6 Policy-Based Routing

    Configuring IPv6 policy-based routing Introduction to IPv6 policy-based routing What is policy-based routing Different from destination-based routing, policy-based routing (PBR) uses user-defined policies to route packets based on the source address, packet length, and other criteria. A policy can specify the output interface, next hop, default output interface, default next hop, and other parameters for packets that match specific criteria such as ACLs or have specific lengths.

  • Page 406: Ipv6 Pbr Configuration Task List

    Clause Meaning Priority apply The apply output-interface clause takes output-interface Sets the output interface precedence over the apply ipv6-address next-hop and apply and sets the next hop. clause. Only the apply output-interface clause is ipv6-address executed when both are configured. next-hop The apply default output-interface clause takes precedence over the apply ipv6-address default...

  • Page 407: Configuring An Ipv6 Policy

    Task Remarks Perform one of the tasks. Configuring IPv6 interface PBR Configuring an IPv6 policy Creating an IPv6 node Step Command Enter system view. system-view Create an IPv6 policy or policy node ipv6 policy-based-route policy-name [ deny | permit ] node and enter IPv6 policy node view.

  • Page 408: Configuring Ipv6 Pbr

    Step Command Remarks Optional. Set a next hop for permitted apply ipv6-address next-hop You can define five next hops IPv6 packets. ipv6-address at most for load balancing. Optional. Set a default output interface apply default output-interface You can specify up to five for permitted IPv6 packets.

  • Page 409: Displaying And Maintaining Ipv6 Pbr Configuration

    You can apply the same IPv6 policy on multiple interfaces. If the specified policy does not exist, the IPv6 interface PBR configuration succeeds, but it does not take effect until the policy is created. To configure IPv6 interface PBR: Step Command Remarks Enter system view.

  • Page 410: Ipv6 Pbr Configuration Examples

    IPv6 PBR configuration examples Configuring IPv6 local PBR based on packet type Network requirements As shown in Figure 113, configure IPv6 local PBR on Router A to forward all locally generated TCP packets through Serial 2/2/0. Router A forwards other IPv6 packets according to the routing table. Figure 113 Network diagram Configuration procedure Configure Router A:...

  • Page 411: Configuring Ipv6 Interface Pbr Based On Packet Type

    [RouterC] interface serial 2/2/1 [RouterC-Serial2/2/1] ipv6 address 2::2 64 Verify the configuration: # Telnet to Router B (1::2/64) from Router A. The operation succeeds. # Telnet to Router C (2::2/64) from Router A. The operation fails. # Ping Router C (2::2/64) from Router A. The operation succeeds. Telnet uses TCP, and ping uses ICMP.
  • Page 412 [RouterA] interface serial 2/2/1 [RouterA-Serial2/2/1] ipv6 address 2::1 64 [RouterA-Serial2/2/1] ripng 1 enable [RouterA-Serial2/2/1] quit # Configure ACL 3001 to match TCP packets. [RouterA] acl ipv6 number 3001 [RouterA-acl6-adv-3001] rule permit tcp [RouterA-acl6-adv-3001] quit # Configure Node 5 for policy aaa to forward TCP packets through Serial 2/2/0. [RouterA] ipv6 policy-based-route aaa permit node 5 [RouterA-pbr6-aaa-5] if-match acl6 3001 [RouterA-pbr6-aaa-5] apply output-interface serial 2/2/0...

  • Page 413: Configuring Ipv6 Interface Pbr Based On Packet Length

    Telnet uses TCP, and ping uses ICMP. The preceding results show that all TCP packets received on GigabitEthernet 2/1/1 of Router A are forwarded through Serial 2/2/0, and other packets are forwarded through Serial 2/2/1. The IPv6 interface PBR configuration is effective. Configuring IPv6 interface PBR based on packet length Network requirements As shown in...
  • Page 414 [RouterA-pbr6-lab1-20] quit # Configure IPv6 interface PBR by applying policy lab1 to GigabitEthernet 2/1/1. [RouterA] interface gigabitethernet 2/1/1 [RouterA-GigabitEthernet2/1/1] ipv6 address 192::1 64 [RouterA-GigabitEthernet2/1/1] undo ipv6 nd ra halt [RouterA-GigabitEthernet2/1/1] ripng 1 enable [RouterA-GigabitEthernet2/1/1] ipv6 policy-based-route lab1 [RouterA-GigabitEthernet2/1/1] return Configure Router B: # Configure RIPng.
  • Page 415 Approximate round trip times in milli-seconds: Minimum = 1ms, Maximum = 5ms, Average = 2ms The debugging information about PBR displayed on Router A is as follows: <RouterA> *Jun 7 16:03:28:946 2009 RouterA PBR6/7/IPv6-POLICY-ROUTING: IPv6 Policy routin g success : POLICY_ROUTEMAP_IPV6 : lab1, Node : 10, Packet sent with next-hop 0150::0002 *Jun 7 16:03:29:950 2009 RouterA PBR6/7/IPv6-POLICY-ROUTING: IPv6 Policy routin...

  • Page 417: Configuring Routing Policies

    Configuring routing policies Routing policies control routing paths by filtering and modifying routing information. This chapter describes both IPv4 and IPv6 routing policies. Overview Routing policies can filter advertised, received, and redistributed routes, and modify attributes for specific routes. To configure a routing policy: Configure filters based on route attributes, such as destination address and the advertising router's address.

  • Page 418: Configuring Filters

    Routing policy A routing policy can comprise multiple nodes, which are in a logical OR relationship. A node with a smaller number is matched first. A route that matches one node matches the routing policy. A node can comprise a set of if-match, apply, and continue clauses. •...

  • Page 419: Configuring An As Path List

    Configuring an IPv6 prefix list Step Command Remarks Enter system view. system-view ip ipv6-prefix ipv6-prefix-name [ index Configure an IPv6 index-number ] { deny | permit } ipv6-address Not configured by prefix list. prefix-length [ greater-equal min-prefix-length ] default. [ less-equal max-prefix-length ] If all items are set to deny mode, no routes can pass the IPv6 prefix list.

  • Page 420: Configuring An Extended Community List

    Configuring an extended community list You can configure multiple items for an extended community list that is identified by number. The relationship between items is logic OR. A route that matches one item matches the extended community list. To configure an extended community list: Step Command Remarks...
  • Page 421 generated. These clauses have a logical OR relationship. A route only needs to match one of them. • You can specify no or multiple if-match clauses for a routing policy node. If no if-match clause is specified for a permit-mode node, all routing information can pass the node. If no if-match clause is specified for a deny-mode node, no routing information can pass the node.

  • Page 422: Configuring Apply Clauses

    Step Command Remarks Optional. 10. Match routing information having if-match mpls-label Not configured by MPLS labels. default. if-match route-type { external-type1 | external-type1or2 | external-type2 | Optional. 11. Match routing information having the internal | is-is-level-1 | is-is-level-2 | Not configured by specified route type.

  • Page 423: Configuring A Continue Clause

    Step Command Remarks • Set the next hop for IPv4 routes: apply ip-address next-hop Optional. ip-address Set the next hop. • Set the next hop for IPv6 Not set by default. routes: apply ipv6 next-hop ipv6-address Optional. apply ip-precedence 10. Set the IP precedence. ip-precedence-value Not set by default.

  • Page 424: Displaying And Maintaining The Routing Policy

    Step Command Remarks Enter system view. system-view route-policy route-policy-name Create a routing policy and { deny | permit } node Not created by default. enter routing policy view. node-number Optional. Not configured by default. Specify the next node to be continue [ node-number ] matched.
  • Page 425 Figure 116 Network diagram Configuration procedure Configure IP addresses for interfaces. (Details not shown.) Configure IS-IS: # Configure Router C. <RouterC> system-view [RouterC] isis [RouterC-isis-1] is-level level-2 [RouterC-isis-1] network-entity 10.0000.0000.0001.00 [RouterC-isis-1] quit [RouterC] interface Serial 2/2/1 [RouterC-Serial2/2/1] isis enable [RouterC-Serial2/2/1] quit [RouterC] interface gigabitethernet 2/1/1 [RouterC-GigabitEthernet2/1/1] isis enable [RouterC-GigabitEthernet2/1/1] quit...
  • Page 426 [RouterA-ospf-1-area-0.0.0.0] network 192.168.1.0 0.0.0.255 [RouterA-ospf-1-area-0.0.0.0] quit [RouterA-ospf-1] quit # On Router B, configure OSPF and enable route redistribution from IS-IS. [RouterB] ospf [RouterB-ospf-1] area 0 [RouterB-ospf-1-area-0.0.0.0] network 192.168.1.0 0.0.0.255 [RouterB-ospf-1-area-0.0.0.0] quit [RouterB-ospf-1] import-route isis 1 [RouterB-ospf-1] quit # Display the OSPF routing table on Router A. The redistributed routes are available. [RouterA] display ospf routing OSPF Process 1 with Router ID 192.168.1.1 Routing Tables...

  • Page 427: Applying A Routing Policy To Ipv6 Route Redistribution

    # On Router B, enable route redistribution from IS-IS and apply the routing policy. [RouterB] ospf [RouterB-ospf-1] import-route isis 1 route-policy isis2ospf [RouterB-ospf-1] quit # Display OSPF routing table information on Router A. The cost of route 172.17.1.0/24 is 100, and the tag of route 172.17.2.0/24 is 20.
  • Page 428 [RouterA-GigabitEthernet2/1/1] quit [RouterA] interface gigabitethernet 2/1/2 [RouterA-GigabitEthernet2/1/2] ipv6 address 11::1 32 [RouterA-GigabitEthernet2/1/2] quit # Enable RIPng on GigabitEthernet 2/1/1. [RouterA] interface gigabitethernet 2/1/1 [RouterA-GigabitEthernet2/1/1] ripng 1 enable [RouterA-GigabitEthernet2/1/1] quit # Configure three static routes with next hop 11::2, and make sure that the static routes are active.

  • Page 429: Applying A Routing Policy To Filter Received Bgp Routes

    Applying a routing policy to filter received BGP routes Network requirements • All the routers in Figure 118 run BGP. Router C establishes EBGP connections with other routers. • Configure a routing policy on Router D to reject routes from AS 200. Figure 118 Network diagram Configuration procedure Configure IP addresses for interfaces.
  • Page 430 [RouterD-bgp] peer 1.1.3.1 as-number 300 [RouterD-bgp] quit # Inject routes 4.4.4.4/24, 5.5.5.5/24, and 6.6.6.6/24 on Router A. [RouterA-bgp] network 4.4.4.4 24 [RouterA-bgp] network 5.5.5.5 24 [RouterA-bgp] network 6.6.6.6 24 # Inject routes 7.7.7.7/24, 8.8.8.8/24, and 9.9.9.9/24 on Router B. [RouterB-bgp] network 7.7.7.7 24 [RouterB-bgp] network 8.8.8.8 24 [RouterB-bgp] network 9.9.9.9 24 # Display the BGP routing table information of Router D.

  • Page 431: Troubleshooting Routing Policy Configuration

    BGP Local router ID is 4.4.4.4 Status codes: * - valid, > - best, d - damped, h - history, i - internal, s - suppressed, S - Stale Origin : i - IGP, e - EGP, ? - incomplete Network NextHop LocPrf...

  • Page 432: Configuring Qos Policy Routing

    Configuring QoS policy routing Overview QoS policy routing is a technique used to make routing decisions based on user-defined QoS policies. Different from destination-based routing, QoS policy routing makes routing decisions based on the source address and other criteria. For more information about QoS policies, see ACL and QoS Configuration Guide.

  • Page 433: Qos Policy Routing Configuration Examples

    Step Command Remarks Enter system view. system-view • Enter Layer 2 Ethernet interface Use either method. view: Settings made in interface view take interface Enter Layer 2 Ethernet interface effect on the current interface only. interface-type view or port group view. Settings made in port group view interface-number take effect on all ports in the port...

  • Page 434: Ipv6 Qos Policy Routing Configuration Example

    [RouterA] acl number 2000 [RouterA-acl-basic-2000] rule 0 permit source any [RouterA-acl-basic-2000] quit # Define a match criterion for the class a to match ACL 2000. [RouterA] traffic classifier a [RouterA-classifier-a] if-match acl 2000 [RouterA-classifier-a] quit # Configure the action of redirecting traffic to GigabitEthernet 2/0/3 for the behavior a. [RouterA] traffic behavior a [RouterA-behavior-a] redirect interface gigabitethernet2/0/3 [RouterA-behavior-a] quit...

  • Page 435: Verifying The Configuration

    [RouterA] traffic classifier a [RouterA-classifier-a] if-match acl ipv6 2000 [RouterA-classifier-a] quit # Configure the action of redirecting traffic to GigabitEthernet 2/0/3 for the behavior a. [RouterA] traffic behavior a [RouterA-behavior-a] redirect interface gigabitethernet2/0/3 [RouterA-behavior-a] quit # Associate the class a with the behavior a in the QoS policy a. [RouterA] qos policy a [RouterA-qospolicy-a] classifier a behavior a [RouterA-qospolicy-a] quit...

  • Page 436: Configuring Mtr

    Configuring MTR MTR overview Multi-Topology Routing (MTR) splits a base topology into multiple topologies, which might intersect or overlap with one another. Route calculation is performed on a per-topology basis. For example, IS-IS MTR splits an IS-IS routing domain into multiple independent IP topologies, such as an IPv4 topology and an IPv6 topology.

  • Page 437: Displaying And Maintaining Mtr

    Step Command Remarks Enter IPv4 address address-family ipv4 family view. Create a topology and Not created by default. multiple-topology topology-name enter topology view. Specify an ACL for acl acl-number the topology. Configure the maximum number of routing-table limit number Optional. routes supported by { warn-threshold | simply-alert } the topology.

  • Page 438: Document Conventions And Icons

    Document conventions and icons Conventions This section describes the conventions used in the documentation. Port numbering in examples The port numbers in this document are for illustration only and might be unavailable on your device. Command conventions Convention Description Bold text represents commands and keywords that you enter literally as shown. Boldface Italic text represents arguments that you replace with actual values.

  • Page 439: Network Topology Icons

    Network topology icons Convention Description Represents a generic network device, such as a router, switch, or firewall. Represents a routing-capable device, such as a router or Layer 3 switch. Represents a generic switch, such as a Layer 2 or Layer 3 switch, or a router that supports Layer 2 forwarding and other Layer 2 features.

  • Page 440: Support And Other Resources

    Support and other resources Accessing Hewlett Packard Enterprise Support • For live assistance, go to the Contact Hewlett Packard Enterprise Worldwide website: www.hpe.com/assistance • To access documentation and support services, go to the Hewlett Packard Enterprise Support Center website: www.hpe.com/support/hpesc Information to collect •...

  • Page 441: Websites

    For more information and device support details, go to the following website: www.hpe.com/info/insightremotesupport/docs Documentation feedback Hewlett Packard Enterprise is committed to providing documentation that meets your needs. To help us improve the documentation, send any errors, suggestions, or comments to Documentation Feedback (docsfeedback@hpe.com). When submitting your feedback, include the document title,...
  • Page 442 part number, edition, and publication date located on the front cover of the document. For online help content, include the product name, product version, help edition, and publication date located on the legal notices page.

  • Page 443: Index

    Index applying Numerics IPsec policy to IPv6 BGP peer/peer group, 366 4-byte IPv6 BGP policy to advertised routes, 370 BGP AS number suppression, 221 OSPFv3 IPsec policy, 315, 332 IPv6 BGP AS number suppression, 365 RIPng IPsec policy, 293 routing policy BGP route filter, 417 configuration (IPv6 BGP), 371, 379 routing policy to IPv4 route redistribution, 412 routing policy to IPv6 route redistribution, 415...
  • Page 444 OSPF router, 58 enabling OSPF RFC 1583 compatibility, 79 AS-external-LSA type (OSPFv3), 302 OSPF backbone router, 58 assigning IS-IS high priority to routes, 145 backup attribute IS-IS FRR backup next hop calculation, 151 configuring BGP AS number substitution, 217 IS-IS FRR backup next hop calculation with a routing policy, 151 configuring BGP NEXT_HOP attribute, 215 route backup), 3...
  • Page 445 configuring hold time, 219 injecting local network, 203 configuring keepalive interval, 219 IPv6 BGP. See IPv6 BGP configuring load balancing, 242 large scale network configuration, 227 configuring manual route summarization, 205 large scale network management, 190 configuring MED attribute, 212 limiting prefixes from peer/peer group, 209 configuring NEXT_HOP attribute, 215 load balancing, 189...
  • Page 446 IS-IS pseudonode, 122 confederation OSPF DR/BDR, 60 BGP, 190 OSPF DR/BDR election, 61 BGP compatibility configuration, 230 OSPF interface network type configuration, 67 BGP configuration, 229, 229, 251 OSPF network classification, 60 enabling BGP MED route comparison from confederation peer, 214 OSPF network type configuration, 66 configuring 6PE (IPv6 BGP), 371, 379...
  • Page 447 EBGP peer group, 199 IS-IS DIS election, 159 GTSM for IPv6 BGP, 367 IS-IS dynamic system-ID-to-host-name mapping, 147 IBGP peer group, 198 IS-IS filtering routes calculated from received interface PBR, 270 LSP, 138 IPv6 BGP, 352 IS-IS FRR, 150, 170 IPv6 BGP AS_PATH attribute, 362 IS-IS FRR authentication, 173 IPv6 BGP basic functions, 353...
  • Page 448 OSPF FRR, 82, 112 OSPFv3 GR helper, 314 OSPF FRR automatic backup next hop OSPFv3 GR restarter, 314 calculation, 82 OSPFv3 inbound route filtering, 309 OSPF FRR backup next hop designation by OSPFv3 interface cost, 309 routing policy, 83 OSPFv3 interface network type, 308 OSPF GR, 83, 105 OSPFv3 max number ECMP routes, 310 OSPF GR helper, 84...
  • Page 449 RIPng packet zero field verification, 293 IPv6 IS-IS routing information control configuration, 338 RIPng poison reverse, 292, 292 IS-IS routing information control RIPng priority, 291 configuration, 135 RIPng route control, 289 OSPF route control configuration, 69 RIPng route filtering policy, 290 RIP route control configuration, 24 RIPng route redistribution, 291, 297 RIPng route control configuration, 289...
  • Page 450 detecting distributing BGP BFD configuration, 232 BGP route distribution control, 204 OSPF BFD configuration, 86 BGP route distribution filtering policy, 206, 206 OSPF BFD control packet bidirectional domain detection configuration, 86 IS-IS area, 121 OSPF BFD echo packet single-hop detection IS-IS FRR automatic backup next hop configuration, 86 calculation, 151...
  • Page 451 IS-IS DIS election configuration, 159 static route configuration, 10 IS-IS interface DIS priority configuration, 140 extended attribute (MP-BGP), 193 OSPF DR election configuration, 100 Exterior Gateway Protocol. See EGP enabling external BGP. See EBGP BGP, 197 BGP 4-byte AS number suppression, 221 fast reroute.
  • Page 452 format GR restarter IETF standard configuration, 84 IS-IS PDU CLV, 128 GR restarter non-IETF standard configuration, 84 IS-IS PDU hello packet, 124 IS-IS configuration, 149 IS-IS PDU LSP packet, 126 IS-IS packet forwarding, 129 IS-IS PDU SNP, 127 OSPF configuration, 105 RIPng basic packet format, 286 OSPFv3 configuration, 314, 327 RIPng RTE packet format, 287...
  • Page 453 IS-IS dynamic host name mapping, 131 OSPFv3 inter-area-prefix-LSA type, 302 IS-IS system ID, 120 OSPFv3 inter-area-router-LSA type, 302 RIPv2 route reception, 26 interface OSPF interface authentication configuration, 78 interface (RIP behavior), 23 IBGP intermediate system. See IS BGP speaker, 184 intermediate system-to-intermediate system.
  • Page 454 BGP default local preference configuring IS-IS P2P interface network type, 134 configuration, 212 configuring IS-IS SPF parameter, 145 BGP default MED value configuration, 212 configuring RIP interface behavior, 23 BGP default route to peer/peer group controlling BGP path selection, 210 advertisement, 205 controlling BGP route distribution, 204 BGP dynamic peer configuration, 201, 263...
  • Page 455 IPv6 BGP inbound route filtering IPv6 IS-IS BFD configuration, 339 configuration, 359 IPv6 IS-IS configuration, 337 IPv6 BGP IPsec policy configuration, 383 IPv6 IS-IS MTR configuration, 339 IPv6 BGP large-scale network, 368 IPv6 IS-IS routing information control IPv6 BGP local route injection, 354 configuration, 338 IPv6 BGP manual soft reset, 364 IPv6 local PBR configuration, 396...
  • Page 456 IS-IS LSP fragment extension, 130 OSPF backbone area, 57 IS-IS LSP parameter configuration, 142 OSPF basic configuration, 88 IS-IS management tag, 130 OSPF BFD configuration, 86, 114 IS-IS max number ECMP routes OSPF BFD control packet bidirectional detection configuration, 137 configuration, 86 IS-IS MTR configuration, 178, 349 OSPF BFD echo packet single-hop detection...
  • Page 457 OSPF message logging enable, 80 OSPFv3 GR restarter configuration, 314 OSPF neighbor state change logging OSPFv3 inbound route filtering configuration, 309 enable, 79 OSPFv3 interface cost configuration, 309 OSPF network classification, 60 OSPFv3 interface network type configuration, 308 OSPF network management configuration, 79 OSPFv3 max number ECMP route OSPF network optimization, 74 configuration, 310...
  • Page 458 RIP split horizon configuration, 29 specifying BGP TCP connection source interface, 202 RIP summary route advertisement configuration, 40 specifying IS-IS LSP length, 143 RIP timer configuration, 28 specifying IS-IS LSP max age, 142 RIP timers, 20 specifying IS-IS LSP refresh interval, 142 RIP version configuration, 23, 35 specifying IS-IS LSP sending interval, 142 RIPng basic configuration, 295...
  • Page 459 community attribute advertisement to TCP connection source interface peer/peer group, 369 specification, 355 community configuration, 369 timer configuration, 363 configuration, 352 IPv6 IS-IS configuring preference, 360 basic configuration, 337, 341 default LOCAL_PREF attribute BFD configuration, 339, 346 configuration, 360 configuration, 337 displaying, 374 displaying, 340 EBGP indirect connection establishment, 355...
  • Page 460 RIPng request packet, 287 configuring route redistribution, 138, 163 RIPng response packet, 288 configuring route summarization, 137 RIPng route control configuration, 289 configuring routing domain authentication, 149 RIPng route filtering policy configuration, 290 configuring routing information control, 135 RIPng route redistribution configuring SPF parameter, 145 configuration, 291, 297 configuring static system-ID-to-host-name...
  • Page 461 specifying hello packet send interval, 140 LOCAL_PREF specifying LSP length, 143 IPv6 BGP attribute, 360 specifying LSP max age, 142 logging specifying LSP refresh interval, 142 enabling BGP session state change logging, 232 specifying LSP send interval, 142 enabling IS-IS neighbor state change logging, 147 specifying priority, 136 enabling OSPF message logging, 80...
  • Page 462 IS-IS fragment extension, 130 enabling BGP route comparison from different ASs, 212 IS-IS PDU packet format, 126 IPv6 BGP configuration, 361 specifying IS-IS LSP length, 143 message specifying IS-IS LSP sending interval, 142 enabling OSPF message logging, 80 specifying IS-IS max age, 142 RIPv2 authentication, 30 specifying IS-IS refresh interval, 142 metric...
  • Page 463 enabling IS-IS neighbor state change configuring BGP manual route logging, 147 summarization, 205 enabling OSPF neighbor state change configuring BGP manual soft reset, 226 logging, 79 configuring BGP MED attribute, 212 enabling OSPFv3 neighbor state change configuring BGP NEXT_HOP attribute, 215 logging, 313 configuring BGP NSR, 231 specifying RIP neighbor, 31...
  • Page 464 configuring OSPFv3 inbound route enabling OSPF neighbor state change logging, 79 filtering, 309 enabling OSPF RFC 1583 compatibility, 79 configuring OSPFv3 interface cost, 309 enabling OSPFv3 neighbor state change configuring OSPFv3 interface network logging, 313 type, 308 enabling quick EBGP session configuring OSPFv3 max number ECMP re-establishment, 222 routes, 310...
  • Page 465 OSPF area-based network split, 56 OSPF max number LSDB external LSAs configuration, 79 OSPF ASBR route summarization configuration, 69 OSPF message logging enable, 80 OSPF authentication configuration, 77 OSPF NBMA classification, 60 OSPF backbone area, 57 OSPF network type configuration, 66 OSPF broadcast classification, 60 OSPF NSR configuration, 85 OSPF classification, 60...
  • Page 466 specifying BGP received route preferred IS-IS FRR configuration, 170 value, 210 IS-IS route redistribution configuration, 163 specifying BGP TCP connection source IS-IS topology, 121 interface, 202 OSPF basic configuration, 88, 88 specifying IS-IS CSNP packet send OSPF BFD configuration, 114, 114 interval, 140 OSPF configuration, 55 specifying IS-IS hello multiplier, 140...
  • Page 467 tuning RIPng network, 291 configuring ABR route summarization, 69 next hop configuring ABR Type-3 LSA filtering, 70 BGP NEXT_HOP attribute configuration, 215 configuring area, 64 IPv6 BGP NEXT_HOP, 360 configuring ASBR route summarization, 69 OSPF FRR automatic backup calculation configuring authentication, 77 configuration, 82 configuring BFD, 86 OSPF FRR backup designation by routing...
  • Page 468 configuring stub router, 77 virtual link configuration, 103 configuring traps, 79 OSPFv3 configuring virtual link, 66 area parameter configuration, 306 disabling interface packet send/receive, 76 areas, configuration example, 318 displaying, 87 BFD configuration, 315, 329 DR election configuration, 100 configuration, 302 DR/BDR, 60 configuring max number load-balanced routes, 310...
  • Page 469 PBR packet type-based interface configuration, 273 P2MP PBR packet type-based local configuration, 272 OSPF interface network type configuration, 68 PBR reverse input interface-based local OSPF network classification, 60 configuration, 277 RIPng basic format, 286 configuring IS-IS P2P interface network RIPng packet request, 287 type, 134 RIPng processing, 287 OSPF interface network type configuration, 68...
  • Page 470 IS-IS LSP packet format, 126 permitting BGP local AS number to appear in peer/peer group routes, 216 IS-IS PDU hello packet format, 124 point-to-multipoint. See P2MP IS-IS SNP format, 127 point-to-point. See P2P peer poison reverse advertising BGP default route to peer/peer group, 205 enabling RIP, 29 applying IPsec policy to IPv6 BGP peer/peer...
  • Page 471 routing policy BGP route filtering policy advertising IPv6 BGP community attribute to application, 417 peer/peer group, 369 routing policy configuration, 405, 408 advertising IPv6 BGP peer/peer group default route, 357 routing policy continue clause configuration, 411 advertising IS-IS default route, 137 routing policy creation, 408 advertising OSPF host route, 73 routing policy filter, 405...
  • Page 472 configuring BGP MED attribute, 212 configuring IPv6 BGP route attribute, 360 configuring BGP NEXT_HOP attribute, 215 configuring IPv6 BGP route dampening, 360 configuring BGP NSR, 231 configuring IPv6 BGP route reflector, 370, 378 configuring BGP path selection, 255 configuring IPv6 BGP route summarization, 357 configuring BGP peer, 197 configuring IPv6 BGP soft reset, 363 configuring BGP peer group, 198...
  • Page 473 configuring IS-IS route summarization, 137 configuring OSPF interface P2MP network type, 68 configuring IS-IS routing domain authentication, 149 configuring OSPF interface P2P network type, 68 configuring IS-IS routing information configuring OSPF ISPF, 81 control, 135 configuring OSPF LSU transmission rate, 81 configuring IS-IS SPF parameter, 145 configuring OSPF max number ECMP routes, 71 configuring IS-IS static...
  • Page 474 configuring OSPFv3 stub area, 306 configuring RIPng route control, 289 configuring OSPFv3 timer, 312 configuring RIPng route filtering policy, 290 configuring OSPFv3 virtual link, 307 configuring RIPng route redistribution, 291, 297 configuring packet length-based interface configuring RIPng split horizon, 292 PBR, 274 configuring RIPng timer, 291 configuring packet length-based IPv6...
  • Page 475 displaying BGP, 233 enabling OSPFv3 neighbor state change logging, 313 displaying IPv6 BGP, 374 enabling quick EBGP session displaying IPv6 IS-IS, 340 re-establishment, 222 displaying IS-IS, 154 enabling RIP poison reverse, 29 displaying MTR, 425 enabling RIP source IP address check, 30 displaying OSPF, 87 enabling RIP split horizon, 29 displaying OSPFv3, 317...
  • Page 476 specifying BGP received route preferred configuration, 420 value, 210 QoS policy routing specifying BGP TCP connection source configuration, 420, 420 interface, 202 configuration (IPv4), 421 specifying IPv6 BGP peer, 353 configuration (IPv6), 422 specifying IPv6 BGP TCP connection source interface, 355 specifying IS-IS CSNP packet send rate interval, 140...
  • Page 477 RFC 1583 (OSPF compatibility), 79 configuring additional routing metric, 289 configuring garbage-collect timer, 291 advertising default route, 26 configuring max number ECMP routes, 293 advertising RIPv2 summary route, 25 configuring packet zero field verification, 293 BFD configuration, 33 configuring route control, 289 configuration, 20 configuring route filtering policy, 290 configuring garbage-collect timer, 28...
  • Page 478 static, 1 apply clause configuration, 410 static configuration, 6 AS_PATH list, 405 static route BFD configuration, 7 AS_PATH list configuration, 407 router BGP route filter policy application, 417 IS-IS Level-1, 121 community list, 405 IS-IS Level-1-2, 121 community list configuration, 407 IS-IS Level-2, 121 configuration, 405, 408 IS-IS system ID, 120...
  • Page 479 configuring BGP path selection, 255 state controlling BGP path selection, 210 enabling BGP session state change logging, 232 sequence number PDU. See SNP enabling OSPF neighbor state change logging, 79 session logging IPv6 BGP peer/peer group state change, 356 BGP session state change logging, 232 static IPv6 BGP peer/peer group session establishment, 356...
  • Page 480 suppressing IPv6 BGP-IGP route synchronization, 359 enabling BGP 4-byte AS number system (IS-IS mapping), 146, 146, 147 suppression, 221 IPv6 BGP 4-byte AS number suppression, 365 IS-IS management, 130 RIP suppress timer, 20, 28 task list RIPng suppress timer configuration, 291 IPv6 PBR, 394 switching advertising RIP default route, 26...
  • Page 481 RIPng garbage-collect timer RIPng network, 291 configuration, 291 type RIPng suppress timer configuration, 291 configuring IS-IS P2P interface network type, 134 RIPng timeout timer configuration, 291 configuring OSPF interface broadcast network RIPng update timer configuration, 291 type, 67 topology configuring OSPF interface NBMA network type, 67 IPv6 default route configuration, 285 configuring OSPF interface P2MP network...
  • Page 482 specifying BGP received route preferred value, 210 version configuring RIP, 35 RIP configuration, 23 virtual link OSPF, 57 OSPF configuration, 66, 103 OSPFv3 configuration, 307 zero RIPng packet zero field verification, 293 RIPv1 field check, 30...

Table of Contents