Download Print this page

HPE Aruba 3810 Multicast And Routing Manual

HPE Aruba 3810 Multicast And Routing Manual

For arubaos-switch 16.08

Table Of Contents

page of 456

/ 456
Bookmarks

Advertisement

Quick Links

Aruba 3810 / 5400R Multicast and

Routing Guide for ArubaOS-Switch

16.08

Part Number: 5200-5492

Published: December 2018

Edition: 1

Advertisement

Need help?

Need help?

Do you have a question about the Aruba 3810 and is the answer not in the manual?

Questions and answers

Summary of Contents for HPE Aruba 3810

Page 1 Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS-Switch 16.08 Part Number: 5200-5492 Published: December 2018 Edition: 1...
Page 2 © Copyright 2018 Hewlett Packard Enterprise Development LP Notices The information contained herein is subject to change without notice. The only warranties for Hewlett Packard Enterprise products and services are set forth in the express warranty statements accompanying such products and services.
Page 3 Contents Chapter 1 About this guide................Applicable products..........................18 Switch prompts used in this guide......................Chapter 2 Multimedia traffic control with IP multicast (IGMP)....Overview of IGMP............................19 Enabling IGMP............................19 Configuring and displaying IGMP (CLI)....................show ip igmp vlan .........................19 Viewing the current IGMP configuration..................20 show ip igmp statistics........................
Page 4 Viewing PIM-specific information from the IP multicast routing table (MRT).........68 Viewing the PIM route entry information for the specified multicast group (flow)......69 Listing PIM neighbor information for all PIM neighbors connected to the routing switch....Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 5 PIM-DM..............................71 PIM-DM features........................... PIM-DM operation............................72 Multicast flow management......................73 Initial flood and prune......................Maintaining the prune state....................State-refresh packets and bandwidth conservation............General configuration elements....................Configuring PIM-DM..........................PIM-DM DT.................................... show distributed-trunking consistency-parameters global Error Log............................Exception..........................78 Operating notes............................PIM-DM operating rules........................
Page 6 Supporting a static RP as primary..................123 Operating rules for static RPs..................Configuration........................Operating rules and recommendations....................124 Configuration steps for PIM-SM......................124 Planning considerations......................Per-router global configuration context..................Per-VLAN PIM-SM configuration....................Router Pim configuration......................127 Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 7 Operating notes............................. Chapter 5 Routing Basics................130 Overview of IP routing..........................130 Viewing the IP route table........................Increasing ARP age timeout (CLI)......................Setting and viewing the arp-age value....................131 Reconfiguring the router ID (optional)....................132 Changing the router ID........................132 Enabling proxy ARP..........................132 Enabling local proxy ARP......................133 Configuring source MAC based ARP attack detection (ARP throttle)............134 ARP throttle...
Page 8 Viewing RIP redistribution filter (restrict) information..............RIP parameters and defaults......................... RIP global parameters........................ RIP interface parameters......................Configuring RIP redistribution........................ Defining RIP redistribution filters....................180 Changing the route loop prevention method..................180 Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 9 Chapter 9 RIPv2 MD5 authentication............182 Introduction............................Configuration commands........................Show commands........................... Operating notes............................. Error messages............................185 Chapter 10 RIPng..................RIPng for IPv6............................186 Configure RIPng............................ Enable/Disable RIPng global...................... Configure a RIPng setting......................Configure a default metric......................Configure the administrative distance for routes.................188 Redistribute router RIPng......................188 Configure RIPng timers.......................189...
Page 10 Interior routers........................Area border routers (ABRs)....................249 Autonomous system boundary router (ASBR)..............Designated routers (DRs)....................250 OSPF area types........................... Backbone area..........................Normal area..........................Not-so-stubby-area (NSSA)......................Stub area.............................253 OSPF RFC compliance..........................253 Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 11 Reducing AS external LSAs and Type-3 summary LSAs..............Algorithm for AS external LSA reduction..................254 Replacing type-3summary LSAs and type-7 default external LSAs with a type-3 default route LSA............................ Equal cost multi-path routing (ECMP)....................255 Dynamic OSPF activation and configuration..................General configuration steps for OSPF..................
Page 12 Configuring UDP broadcast forwarding on individual VLANs............. Viewing the current IP forward-protocol configuration..............311 Operating notes for UDP broadcast forwarding................Maximum number of entries.....................312 TCP/UDP port number ranges..................Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 13 Messages related to UDP broadcast forwarding.................312 UDP broadcast forwarding........................313 Subnet masking for UDP forwarding addresses..................Chapter 16 Virtual Router Redundancy Protocol (VRRP)......315 VRRP overview............................315 Configuring VRRP..........................315 Enabling VRRP in the global configuration context..............315 Creating a VR and entering the VR context................
Page 14 Assigning value of infinity to routes missing MED attribute............362 Setting BGP MED on routes when advertised to peers.............. Specifying a route's preference....................362 Enabling client-to-client route reflection..................Specifying cluster ID when BGP router is route-reflector............363 Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 15 BGP graceful restart..........................Configuring BGP graceful restart timers..................Enabling event logging........................364 Describing a neighbor......................... Neighbor configuration and neighbor policy configuration..............Adding an entry to the BGP neighbor table in router configuration mode........366 Enabling or disabling dynamic capabilities..................367 Specifying the IP address for local end of TCP connection with peer.........367 Specifying the number of times the autonomous system can appear in an AS path....
Page 16 Set BFD source IP address for echo packets................Enable BFD session........................437 Enable debug logging......................... Clear BFD statistics........................438 VXLAN show commands........................Show all BFD sessions....................... Show the details of a particular BFD session................441 Prerequisites............................Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 17 Chapter 19 Websites..................Chapter 20 Support and other resources..........Accessing Hewlett Packard Enterprise Support..................Accessing updates..........................444 Customer self repair..........................445 Remote support............................. Warranty information..........................445 Regulatory information...........................446 Documentation feedback........................Apple’s Bonjour and Google’s Chromecast..........Overview of Apple's Bonjour and Google's Chromecast............... mDNS Gateway.............................
Page 18 This guide provides information on how to configure IGMP, PIM and routing protocols. Applicable products This guide applies to these products: Aruba 3810 Switch Series (JL071A, JL072A, JL073A, JL074A, JL075A, JL076A) Aruba 5400R zl2 Switch Series (J9821A, J9822A, J9850A, J9851A, JL001A, JL002A, JL003A, JL095A) Switch prompts used in this guide Examples in this guide are representative and may not match your particular switch/environment.
Page 19 Chapter 2 Multimedia traffic control with IP multicast (IGMP) Overview of IGMP This chapter describes multimedia traffic control with IP multicast—Internet Group Management Protocol (IGMP). IGMP reduces unnecessary bandwidth usage on a per-port basis. More information IGMP general operation and features on page 29 Enabling IGMP IGMP is disabled in the default factory configuration.
Page 20 Forced fast leave timeout [0] : 4 Delayed flush timeout [0] : 0 VLAN ID VLAN Name IGMP Enabled Querier Allowed Querier Interval ------- ------------ ------------ --------------- ---------------- DEFAULT_VLAN Yes VLAN-2 VLAN-3 Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 21 The following version of the show ip igmp command includes the VLAN ID (vid) designation, and combines the above data with the IGMP per-port configuration: Figure 1: Listing of IGMP configuration for a specific VLAN show ip igmp statistics Use the command to view the IGMP high level statistics for all VLANs on the switch. Syntax show ip igmp statistics Displaying statistics for IGMP joined groups...
Page 22 22 group 239.20.255.7 IGMP Service Protocol Group Info VLAN ID: 22 VLAN NAME: VLAN-2 Filtered Group Address: 239.20.255.7 Last Reporter: 192.168.0.2 Up Time: 1 hr 14 min 5 sec Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 23 Port| Port Type | Port Mode | Expires | Access ----+---------------+ ----------+------------------------------------- | 100/1000T | Auto | 1hr 2min 5sec | Host ip igmp You can enable IGMP on a VLAN, along with the last-saved or default IGMP configuration (whichever was most recently set), or you can disable IGMP on a selected VLAN.
Page 24 This command must be issued in a VLAN context. Specifies the number of seconds between membership queries. The no form of the command sets the interval to the default of 125 seconds. Default: 125 seconds Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 25 For example, to set the querier interval to 300 seconds on ports in VLAN 8: switch(vlan-8)# ip igmp querier interval 300 ip igmp static-group Use this command to configure a group on the switch so that multicast traffic for that group can be forwarded with a receiver host.
Page 26 A reboot is required for the change to take effect. Default: Disabled Configuring IGMP proxy (CLI) For more information on IGMP proxy, see IGMP general operation and features on page 29. Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 27 Adding or leaving a multicast domain Syntax: [no] igmp-proxy-domain domain-name [border-router-ip-address | mcast-range | all] The no form of the command is used to remove a multicast domain. All VLANs associated with the domain must first be removed for this command to work. See the no form of igmp- proxy in the VLAN context command.
Page 28 Total number of multicast domains: 5 Multicast Domain Multicast Range Border Address Active entries --------------- ------------------- ---------------- ----- George 225.1.1.1/234.43.209.12 192.168.1.1 235.0.0.0/239.1.1.1 15.43.209.1 Jane 236.234.1.1/236.235.1.1 192.160.1.2 Bill 15.43.209.1 Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 29 Showing active IGMP proxy VLANs switch(config)# show igmp-proxy vlans IGMP PROXY VLANs Multicast Domain Active entries ------ ---------------- -------------- George Jane George George Bill IGMP general operation and features In a network where IP multicast traffic is transmitted for various multimedia applications, you can use the switch to reduce unnecessary bandwidth usage on a per-port basis by configuring IGMP.
Page 30 The multicast group running version 2 of IGMP uses three fundamental types of messages to communicate: Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 31 Query A message sent from the querier (multicast router or switch) asking for a response from each host belonging to the multicast group. If a multicast router supporting IGMP is not present, the switch must assume this function to elicit group membership information from the hosts on the network. If you need to disable the querier feature, do so through the CLI using the IGMP configuration CLI commands.
Page 32 IGMP leave and the Querier's processing of that leave. For more information on this topic, see Forced fast-leave IGMP on page 33. Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 33 If a switch port has the following characteristics, the fast-leave operation will apply: • Connected to only one end node. • The end node currently belongs to a multicast group, that is, is an IGMP client. • The end node subsequently leaves the multicast group. Then the switch does not need to wait for the Querier status update interval, but instead immediately removes the IGMP client from its IGMP table and ceases transmitting IGMP traffic to the client.
Page 34 The following example shows the multicast traffic being flooded to all queriers on all VLANs; this is the default behavior. The igmp filter-unknown-mcast command has not been executed. Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 35 Table 3: Multicast filter table on distribution switch VLAN ID Member Ports 0 (all VLANs) 1, 2, 3 Figure 3: Example of unknown multicast traffic flooding on all ports connected to a querier for any VLAN In the following example, igmp filter-unknown-mcast has been configured. The multicast traffic only goes to the querier on the same VLAN as the multicast server.
Page 36 The IGMP proxy is a way to propagate IGMP joins across router boundaries. The proxy triggers the boundary router connected to a PIM-SM domain to query for multicast flows and forward them to the PIM-DM domain. Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 37 IGMP needs to be configured on all VLAN interfaces on which the proxy is to be forwarded or received, and PIM- DM must be running for the traffic to be forwarded. You can configure an IGMP proxy on a selected VLAN that will forward IP joins (reports) and IGMP leaves to the upstream border router between the two multicast domains.
Page 38 It may be necessary to configure multiple overlapping domains if the multicast source address can generate the same multicast address and have different best paths to the PIM- DM domain. Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 39 CAUTION: Be careful to avoid configuring a IGMP forward loop, because this would leave the VLANs in a joined state forever once an initial join is sent from a host. For example, a join is issued from the host in VLAN 2 and Routing Switch 2 will proxy the join onto VLAN 1. Routing Switch 3 will then proxy the join back onto VLAN 2 and increment its internal count of the number of joins on VLAN 2.
Page 40 IGMP group is active. If the IGMP group subsequently deactivates, the switch returns filtering control to the static filter. Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 41 Reserved addresses excluded from IP multicast (IGMP) filtering Traffic to IP multicast groups in the IP address range of 224.0.0.0 to 224.0.0.255 will always be flooded because addresses in this range are "well known" or "reserved" addresses. Thus, if IP multicast is enabled, and there is an IP multicast group within the reserved address range, traffic to that group will be flooded instead of filtered by the switch.
Page 42 To first configure IGMPv3, the igmp lookup-mode must be changed from the default mac mode to ip mode. Use the ip igmp lookup-modecommand to set the IGMP snooping lookup mode. Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 43 NOTE: IGMPv2 works both in ip mode and mac mode. Lookup-mode is applicable with IGMP disabled on all VLANs. Syntax ip igmp lookup-mode Options mac: Uses MAC look-up. (Default value) ip: Uses IP look-up. igmp reload This command is used to reset the IGMP state on all interfaces. Syntax igmp reload Example output...
Page 44 The no version resets the value to its default value of 2. show ip igmp This command is used to show IGMP information for all VLANs Syntax show ip igmp Example output Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 45 Below is the output when version is set to 3. switch(vlan-60)# show ip igmp IGMP Service Protocol Info Total VLANs with IGMP enabled Current count of multicast groups joined IGMP Filter Unknown Multicast: Disabled IGMP Filter Unknown Multicast Status: Disabled VLAN ID : 1 VLAN Name : DEFAULT_VLAN IGMP version : 2...
Page 46 Show a list of all the IGMP groups on the specified port. switch(config)# show ip igmp vlan <vid> group <ip4-addr> source Show IGMP VLAN source address information. switch(config)# show ip igmp vlan <vid> group <ip4-addr> source Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 47 IPV4-ADDR Specify the source IPv4 address. switch(config)# show ipv4 igmp vlan <vid> group <ip4-addr> source <ip4-addr> switch(vlan-60)# show ip igmp vlan 60 group 235.6.6.6 IGMP ports and group information for group 235.6.6.6 VLAN ID : 60 VLAN Name : VLAN60 Group Address : 235.6.6.6 Last Reporter : 10.255.128.1 Group Type...
Page 48 VLAN ID : 60 NAME : VLAN60 ------------ ------------ V1 All Hosts Query V2 All Hosts Query V3 All Hosts Query V1 Group Specific Query V2 Group Specific Query Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 49 V3 Group Specific Query Group and Source Specific Query V3 Member Report V2 Member Report V1 Member Report V2 Member Leave Forward to Routers Forward to VLAN Errors: Unknown IGMP Type Unknown Packet Malformed Packet Bad Checksum Martian Source Packet received on IGMP-disabled Interface 0 Interface Wrong Version Query Port Counters: Fast Leave...
Page 50 ------- ---------- + --------- ----------------- ---------- 1000T | Auto 1000T | Auto 1000T | Auto show ip igmp config This command is used to show the global IGMP configuration. Syntax Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 51 show ip igmp config Example output Below is the output when version is set to 3. switch(vlan-60)# show ip igmp config IGMP Service Config Control unknown multicast [Yes] : Yes Forced fast leave timeout [0] : 4 Delayed flush timeout [0] : 0 Look-up Mode [mac] : ip VLAN ID VLAN Name IGMP Enabled Querier Allowed IGMP Version Querier Interval...
Page 52 Please disable IGMP on all VLANs or Issue the Command "igmp reload" to take it out of Error. Refer to your product manual for information on IGMP resource consumption. this is the ouput for igmp reload Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 53 Chapter 3 PIM-DM (Dense Mode) For introductory and general information, see the sections beginning with PIM-DM on page 71. For information on PIMv6 DM, see the IPv6 Guide for your switch. Overview of PIM-DM This chapter describes protocol-independent multicast (PIM) routing operation on the switches covered in this guide and how to configure it with the switch's built-in interfaces.
Page 54 To configure global-level PIM operation for the " #1" routing switch, you would use the commands shown in the following figure. Figure 8: Configuring PIM-DM on a routing switch at the global level Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 55 After configuring the global-level PIM operation on a routing switch, go to the device's VLAN context level for each VLAN you want to include in your multicast routing domain. For more information, see Viewing the current configuration for the specified VLAN (PIM interface) on page 67. PIM VLAN (interface) configuration context Enabling multicast routing on the VLAN interface to which the CLI is currently set...
Page 56 If the upstream router loses contact with the routing switch receiving the multicast traffic (that is, fails to receive a hello packet when expected), the shorter hello interval causes it to stop transmitting multicast traffic onto the VLAN sooner, resulting in less unnecessary bandwidth usage. Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 57 Changing maximum time before the routing switch transmits the initial PIM hello message on the VLAN Syntax: ip pim-dense [hello-delay 0-5] vlan [vid]ip pim-dense [hello-delay 0-5] Changes the maximum time in seconds before the routing switch actually transmits the initial PIM hello message on the current VLAN.
Page 58 If this happens, the upstream neighbor drops the prune pending state and continues forwarding the traffic. If no routers on the VLAN send a Join, the upstream router prunes group "X" from VLAN "Y" when the lan- prune-delay timer expires. Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 59 Setting the multicast datagram time-to-live (router hop-count) threshold for the VLAN Syntax: ip pim-dense [ttl-threshold[0-255]] vlan[vid]ip pim-dense [ttl-threshold[0-255]] Sets the multicast datagram time-to-live (router hop-count) threshold for the VLAN. Any IP multicast datagrams or state-refresh packets with a TTL less than this threshold will not be forwarded out the interface. The default value of 0 means all multicast packets are forwarded out the interface.
Page 60 10.38.10.1 switch(vlan-25-pim-dense)# vlan 27 switch(vlan-27)# ip igmp switch(vlan-27)# ip rip switch(vlan-27)# ip pim-dense switch(vlan-27-pim-dense)# vlan 29 switch(vlan-29)# ip igmp switch(vlan-29)# ip rip switch(vlan-29)# ip pim-dense switch(vlan-29-pim-dense)# write mem Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 61 switch(vlan-29-pim-dense)# exit switch(vlan-29)# exit Figure 10: Multicast routing configuration on switch #1 in Multicast network with a multinetted VLAN Switch(config)# show run Enables IP routing; required for multicast routing. ip routing ip multicast-routing vlan 29 name "VLAN29" untagged A11-A15,A17 ip address 10.29.30.1 255.255.255.0 ip igmp exit Multinetting and IGMP enabled in VLAN 25.
Page 62 • IP Address: Lists the IP addresses of the PIM interfaces (VLANs.) • Mode: Shows dense only. Output for routing switch “#1” switch(config)#show ip mroute interface PIM Interfaces Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 63 VLAN IP Address Mode ---- --------------- ------------ 102.1.1.3 sparse 103.1.1.3 sparse Viewing VLAN, protocol identity, and TTL settings Syntax: show ip [mroute] [interface vid] The show ip mroute interface command on routing switch "#2" in Multicast network with a multinetted VLAN switch(config)# show ip mroute interface 29 IP Multicast Interface VLAN...
Page 64 VLAN that the routing switch is using to send the outbound packets of the current multicast flow to the next-hop router. [state] Indicates whether the outbound VLAN and next-hop router for the current multicast flow are receiving datagrams. Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 65 Pruned The routing switch has not detected any joins from the current multicast flow and is not currently forwarding datagrams in the current VLAN. Forwarding The routing switch has received a join for the current multicast flow and is forwarding datagrams in the current VLAN.
Page 66 Lists the PIM interfaces (VLANs) currently configured in the routing switch. [VLAN] Lists the VID of each VLAN configured on the switch to support PIM-DM. [ip address] Lists the IP addresses of the PIM interfaces (VLANs.) Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 67 [mode] Shows dense only. Output for routing switch "#1" in Multicast network with a multinetted VLAN switch(config)# show ip pim interface PIM Interfaces VLAN IP Address Mode ---- --------------- ------------ 10.38.10.1 dense 10.27.30.1 dense 10.29.30.1 dense Viewing the current configuration for the specified VLAN (PIM interface) Syntax: show ip pim [interface [vid]] Displays the current configuration for the specified VLAN (PIM interface.)
Page 68 Viewing PIM-specific information from the IP multicast routing table (MRT) Syntax: show ip pim [mroute] This command displays exactly the same output as the command show ip [mroute] Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 69 Viewing the PIM route entry information for the specified multicast group (flow) Syntax: show ip pim [mroute [multicast-group-address multicast-source-address]] [Group Address] Lists the specified multicast group address. [Source Address] Lists the specified multicast source address. [Source Mask] Lists the network mask for the multicast source address. Metric Indicates the path cost upstream to the multicast source.
Page 70 60. The data identifies the first downstream neighbor (“routing switch #2”.) switch(config)# show ip pim neighbor PIM Neighbors IP Address VLAN Up Time (sec) Expire Time (sec) Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 71 --------------- ---- ------------------ ------------------ 10.29.30.2 Syntax: show ip pim [neighbor [ip-address]] Lists the same information as the show ip pim neighbor Showing a specific neighbor This example simulates output from routing switch “#1” in Figure 9: Multicast network with a multinetted VLAN on page 60.
Page 72 For the flow of a given multicast group, PIM-DM creates a tree structure between the source and the VLANs where hosts have joined the group as shown in the following figure. The tree structure consists of: Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 73 • Extended branches to VLANs with hosts that currently belong to the group. • Pruned branches to VLANs with no hosts that belong to the group. Figure 11: Example of multicast tree for a given flow When the routing switch detects a new multicast flow, it initially floods the traffic throughout the PIM-DM domain, then it prunes the traffic on the branches (network paths) where joins have not been received from individual hosts.
Page 74 Enable RIP or OSPF at both the global and VLAN levels on the routers where there are connected hosts that may issue multicast joins. ◦ Configure static routes to and from the destination subnets. • Enable IP multicast routing. Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 75 • Enable IGMP on each VLAN when that VLAN has hosts that you want to join multicast groups. Repeat this action on every switch and router belonging to the VLAN. • Enable PIM-DM at the global level on the routing switch and on the VLANs where you want to allow routed multicast traffic.
Page 76 PIM-DM-DT Enabled VLANs on Local PIM-DM-DT Enabled VLANs on Peer PIM-SM-DT Enabled VLANs on Local PIM-SM-DT Enabled VLANs on Peer DHCP-snooping Enabled on Local : No DHCP-snooping Enabled on Peer : No Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 77 DHCP-snooping Enabled VLANs on Local DHCP-snooping Enabled VLANs on Peer DHCP-snooping Max-Binding Configured on Local : No DHCP-snooping Max-Binding Configured on Peer : No DHCPv6-snooping Enabled on Local : No DHCPv6-snooping Enabled on Peer : No DHCPv6-snooping Enabled VLANs on Local DHCPv6-snooping Enabled VLANs on Peer DHCPv6-snooping Max-Binding Configured on Local : No DHCPv6-snooping Max-Binding Configured on Peer...
Page 78 The switches covered in this guide sense downstream multicast routers that do not have the state-refresh capability and will periodically flood active Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 79 multicast groups to these devices. This periodic flooding is not necessary if all downstream multicast routers are switches covered in this guide. Flow capacity The routing switch provides an ample multicast environment, supporting 2046 multicast flows in hardware across a maximum of 64 VLANs. (A flow comprises a unicast source address and a multicast group address, regardless of the number of active hosts belonging to the multicast group at any given time.) IGMP traffic high-priority disabled Enabling IP multicast routing to support PIM-DM operation has the effect of disabling IGMP traffic high-priority, if...
Page 80 Indicates an internal error. Report the incident to Failed to initialize text-str your customer care center and reinstall the router as a call back routine (counter) software. Table Continued Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 81 Message Meaning Indicates that the interface (VLAN) has been I/F configured with IP ip-address configured with the indicated IP address. At boot-up on vid vlan-id (counter) or when an IP address is changed, the switch generates this message for each PIM-configured VLAN.
Page 82 Differing versions are typically compatible, but features not supported from ip-address in both versions will not be available. , expected ver-num (counter) Table Continued Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 83 Message Meaning The router received a PIM packet with an Rcvd unkwn addr fmly addr-type unrecognized encoding. As of February 2004, the router recognizes IPv4 encoding. text-str pkt from ip-addr (counter) The router received a PIM packet carrying an Rcvd unkwn opt opt-nbr unknown PIM option.
Page 84 RFC 2932 - Multicast Routing MIB, with exceptions, see "Exceptions to Support for RFC 2932 - Multicast Routing MIB". • RFC 2933 - IGMP MIB • RFC 2934 - Protocol Independent Multicast MIB for IPv4 Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 85 Exceptions to Support for RFC 2932 - Multicast Routing These MIB objects are not supported: • ipMRouteInterfaceRateLimit • ipMRouteInterfaceInMcastOctets • ipMRouteInterfaceOutMcastOctets • ipMRouteInterfaceHCInMcastOctets • ipMRouteInterfaceHCOutMcastOctets • ipMRouteBoundaryTable • ipMRouteBoundaryEntry • ipMRouteBoundaryIfIndex • ipMRouteBoundaryAddress • ipMRouteBoundaryAddressMask • ipMRouteBoundaryStatus OBJECT-TYPE • ipMRouteScopeNameTable •...
Page 86 Tells the BSR how long it should expect the sending C-RP router to be operative. Default: 150; 0 if router rp-candidate hold-time [30-255] is not a candidate Table Continued Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 87 Options accessed in router PIM context Operation Changes the priority for the C-RP router. When multiple C-RPs are configured for the same multicast rp-candidate priority [0-255] groups, the priority determines which router becomes the RP for such groups. A smaller value means a higher priority.
Page 88 An IP routing protocol (RIP, OSPF, or static routing; use RIP for this example) Figure 13: PIM-SM domain with SPT active to support a host that has joined a multicast group Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 89 Global configuration for supporting PIM-SM operation switch(config)# ip routing switch(config)# ip multicast-routing switch(config)# router rip switch(rip)# exit switch(config)# router pim switch(pim)# exit switch(config)# Figure 14: Displaying the running configuration VLAN context commands for configuring PIM-SM PIM-SM must be configured on at least one VLAN in the router before it can be configured as a C-BSR or a C-RP. Enabling or disabling IGMP in a VLAN IGMP must be enabled in VLANs on edge routers where multicast receivers (end points) are connected and will be requesting to join multicast groups.
Page 90 VLAN. In cases where a new VLAN activates with connections to multiple routers, if all of the connected routers sent hello packets at the same time, the receiving router could become momentarily overloaded. This Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 91 value randomizes the transmission delay to a time between 0 and the hello delay setting. Using 0 means no delay. After the router sends the initial hello packet to a newly detected VLAN interface, it sends subsequent hello packets according to the current Hello Interval setting. Not used with the no form of the ip pim command.
Page 92 Figure 15: Example of Enabling PIM-SM in a VLAN Router PIM context commands for configuring PIM-SM operation This section describes the commands used in the Router PIM context to: Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 93 • Enable or disable SNMP trap status for PIM events (default: disabled) • Configure candidate BSR operation • Configure C-RP operation or the (optional) static RP operation NOTE: Before configuring BSR, RP, and SNMP trap operation for PIM-SM, it is necessary to enable PIM-SM on at least one VLAN on the router.
Page 94 An RP candidate advertises its availability, IP address, and the multicast group or range of groups it supports. The commands in this section are used to configure C-RP operation. The sequence of steps is as follows: Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 95 Procedure 1. Specify the source IP VLAN. 2. Enable C-RP operation. 3. Option: enable or disable specific multicast address groups. NOTE: Before configuring BSR, RP, and SNMP trap operation for PIM-SM, it is necessary to enable PIM-SM on at least one VLAN on the router. Specifying the source IP VLAN (optionally configuring multicast groups or range of groups) Specifying the source IP VLAN ID automatically configures the C-RP to support all multicast groups (unless you...
Page 96 Adding or deleting a multicast group address Use this command if you need to modify the multicast address group configuration for a C-RP on the router. Syntax: [no] rp-candidate group-prefix [group-addr | group-mask] Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 97 Adds a multicast group address to the current C-RP configuration. Requires that the source IP VLAN (See Specifying the source IP VLAN (optionally configuring multicast groups or range of groups) on page 95) is already configured. The no form of the command removes a multicast group address from the current C-RP configuration.
Page 98 See Restricting multicast traffic to RPTs on page 118. (Default: Enabled) Statically configuring an RP to accept multicast traffic A given static RP entry should be manually configured on all routers in the PIM-SM domain. Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 99 Syntax: router pim rp-address [rp-ip-addr] [group-addr/group-mask] [override] [no] router pim rp-address [rp-ip-addr][group-addr/group-mask] [overide] [rp-ip-addr] Statically specifies the IP address of the interface to use as an RP. Up to eight static RP IP addresses can be configured. (Each address can be entered multiple times for different multicast groups or group ranges.) [group-addr/group-mask] Specifies the multicast group or range of contiguous groups supported by the statically configured RP.
Page 100 120 bsr-candidate priority 1 rp-address 120.10.10.2 231.128.64.255 255.255.255.255 rp-candidate rp-candidate source-ip-vlan 120 rp-candidate group-prefix 230.255.1.1 255.255.255.255 rp-candidate group-prefix 231.128.64.0 255.255.192.0 rp-candidate hold-time 150 exit Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 101 PIM RPF override configuration Overview of PIM RPF Reverse Path Forward (RPF) checking is a core multicast routing mechanism which ensures that the multicast traffic received has arrived on the expected router interface derived from the L3 table prior to further processing. If the RPF check fails for a multicast packet, the packet is discarded.
Page 102 Lists the following data for all VLANs actively forwarding multicast traffic, or for VLANs receiving registered but non-forwarding traffic on an RP. Group Address The multicast group IP address of the specific flow (source-group pair.) Source Address The unicast address of the flow's source. Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 103 Neighbor The IP address of the upstream multicast router interface (VLAN) from which the multicast traffic is coming. A blank field for a given multicast group indicates that the multicast server is directly connected to the router. VLAN The interface on which the router received the multicast flow. The following examples display the show ip mroute output illustrating three different cases: Showing source-DR PIM router Source-DR PIM router.
Page 104 Indicates the path cost upstream to the multicast source. Used when multiple multicast routers contend to determine the best path to the multicast source. The lower the value, the better the path. Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 105 Metric pref Used when multiple multicast routers contend to determine the path to the multicast source. When this value differs between routers, PIM selects the router with the lowest value. If Metric pref is the same between contending multicast routers, then PIM selects the router with the lowest metric value to provide the path for the specified multicast traffic.
Page 106 The commands in this section display PIM-specific multicast routing information for IP multicast groups detected by the router. Viewing the current PIM status and global configuration Syntax: show ip pim Displays PIM status and global parameters. Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 107 PIM Status Shows either Enabled or Disabled. State Refresh Interval (sec) Applies only to PIM-DM operation. Join/Prune Interval Indicates the frequency with which the router transmits join and prune messages for the multicast groups the router is forwarding. SPT Threshold When Enabled, indicates that, for a given receiver joining a multicast group, an edge router changes from the RPT to the SPT after receiving the first packet of a multicast flow intended for a receiver connected to the router.
Page 108 PIM-SM neighbor notification on page 90. override interval (msec) 2500 vlan vid ip pim override-interval 500 - 6000 Propagation delay (msec) vlan vid ip pim propagation-delay 250-2000 Table Continued Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 109 Field Default Control command LAN prune delay vlan vid ip pim lan-prune-delay LAN delay enabled Shows Yes if all multicast routers on the current VLAN interface enabled LAN-prune-delay. Otherwise, shows No. DR priority ip pim-sparse dr-priority 0 - 4294967295 Showing a PIM-SM interface configured on VLAN 1 switch(config)# show ip pim interface 1 PIM Interface VLAN...
Page 110 (flow) address or all multicast groups known on the switch. A join remains in a pending state until traffic is received for the flow. The VLAN (PIM interface) on which each join was received is also displayed. Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 111 Incoming VLAN ID on which a join request is received. Source IPv4 Address IP address of the source of multicast traffic in an (S,G) group. Incoming VLAN VLAN ID from which a join request is received. Source IPv4 Address IP address of the source of multicast traffic in an (S,G) group. Displaying BSR data The router provides BSR information through both IP PIM and the running configuration.
Page 112 Displays only the learned C-RP assignments the router has learned from the latest BSR message. static Displays only the statically configured RP assignment(s) configured on the router. Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 113 Listing both the learned and static RP-set data Displaying only the learned RP-set data for the PIM-SM domain switch(config)# show ip pim rp-set learned Status and Counters - PIM-SM Learned RP-Set Information Group Address Group Mask RP Address Hold Time Expire Time --------------- --------------- --------------- --------- -------------- 231.100.128.0 255.255.240.0...
Page 114 Full C-RP configuration listing Listing non-default C-RP configuration settings The show running command includes the current non-default C-RP configuration settings on the router. Figure 19: Non-default C-RP configuration listing Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 115 PIM-SM overview In a network where IP multicast traffic is transmitted for multimedia applications, such traffic is blocked at routed interface (VLAN) boundaries unless a multicast routing protocol is running. Protocol Independent Multicast (PIM) is a family of routing protocols that form multicast trees to forward traffic from multicast sources to subnets that have used a protocol such as IGMP to request the traffic.
Page 116 (If the RP has no current join requests for the group, the traffic is dropped at the RP.) Figure 20: Example PIM-SM domain with RPT active to support a host joining a multicast group Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 117 Shortest-path tree (SPT) SPTs are especially useful in high data-rate applications where reducing unnecessary traffic concentrations and throughput delays are significant. In the default PIM-SM configuration, SPT operation is automatically enabled. (The software includes an option to disable SPT operation. Shortest-path tree operation In the default PIM-SM configuration, after an edge router receives the first packet of traffic for a multicast group requested by a multicast receiver on that router, it uses Reverse Path Forwarding (RPF) to learn the shortest path...
Page 118 A router elected as a RP for a multicast group receives requested multicast traffic from a DR and forwards it toward the multicast receiver(s) requesting the traffic. See RP on page 120. Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 119 Static RP (static RP): This option forwards traffic in the same way as an RP, but requires manual configuration on all routers in the domain to be effective. All of the above functions can be enabled on each of several routers in a PIMSM domain. In a VLAN populated by one or more routers running PIM-SM, one such router is elected the DR for that VLAN.
Page 120 Multicast address Mask Address range 224.0.0.0 240.0.0.0 224.0.0.0 - 239.255.255.255 An alternate way to express the above (default) address and mask is: Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 121 224.0.0.0/4 In non-default candidate configurations, an RP allows up to four ranges of contiguous multicast groups, and/or individual multicast groups, or both. For example: RP candidate configuration Supported range of multicast groups 235.0.240.0/12 235.0.240.1 — 235.0.255.255 235.0.0.1/28 235.0.0.1 — 235.0.0.15 235.0.0.128/32 235.0.0.128 only 235.0.0.77/32...
Page 122 A C-RP for the same group(s) is less reliable than another RP that would not normally be elected to support the group(s.) • Tighter traffic control or a higher priority is desired for specific multicast groups Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 123 NOTE: While the use of C-RPs and a BSR enable a dynamic selection of RPs for the multicast group traffic in a network, using static RPs involves manually configuring all routers in the domain to be aware of each static RP. This can increase the possibility of multicast traffic failure from to misconfigurations within the PIM-SM domain.
Page 124 Determine whether there are any bandwidth considerations that would call for disabling SPT operation. (If any routers in the domain have SPT operation disabled, it should be disabled on all RPs in the domain. See Operating rules for static RPs on page 123.) Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 125 • Determine the routers to configure as C-BSRs. In many applications, the best choice may be to configure all routers in the domain as candidates for this function. • Determine the multicast group support you want on each C-RP and any static RPs in the domain. The easiest option is to enable C-RP to support all possible multicast groups on all routers in the domain.
Page 126 Enables or disables the LAN prune delay feature on lan-prune-delay the interface. (Default: on) Resets the override interval of the LAN prune delay override-interval configured on the interface. (Default: 2500 milliseconds) Table Continued Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 127 Features accessed in VLAN- vid -pim-sparse Operation context Resets the delay interval for triggering LAN prune propagation-delay delay packets on the interface. (Default: 500 milliseconds) Resets the priority of the interface in the Designated dr-priority Router election process. (Default: 1)If you want one router on a given VLAN to have a higher priority for DR than other routers on the same VLAN, use the dr-priority command to reconfigure the DR...
Page 128 The router supports up to 2046 flows. A router acting as a DR or RP has a significantly higher CPU load than other routers in a PIM-SM domain. Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 129 IP addresses acquired through DHCP PIM-SM operation requires statically configured IP addresses and does not operate with IP addresses acquired from a DHCP server. Chapter 4 PIM-SM (Sparse Mode)
Page 130 3.2 years). An arp-age value of 0 (zero) is stored in the configuration file to indicate that infinite has been configured. This value also displays with the show commands and in the menu display (Switch Configuration IP Config). Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 131 Default: 20 minutes Setting the ARP age timeout to 1000 minutes switch(config)# ip arp-age 1000 Show IP command displaying ARP age To view the value of ARP age timer, enter the show ip command. The Arp Age time value is shown in bold below.
Page 132 Proxy ARP is disabled by default on routing switches. Enter the following commands from the VLAN context level in the CLI to enable proxy ARP: switch(config)# vlan 1 switch(vlan-1)# ip proxy-arp Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 133 To again disable IP proxy ARP, enter: switch(vlan-1)# no ip proxy-arp Syntax: [no] ip proxy-arp Enabling local proxy ARP When the local proxy ARP option is enabled, a switch responds with its MAC address to all ARP request on the VLAN.
Page 134 Assigns “blacklist” status to devices generating an excessive numbers of ARP packets within a five-second period. • Maintains a running total of the devices from which ARP packets are being received. Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 135 When ARP throttle is enabled in filter mode, the switch drops all ARP packet traffic received from blacklisted devices while continuing to perform the above three monitor actions. Example Configure the switch to drop ARP packet traffic received from blacklisted devices. switch(config)# ip arp-throttle remediation-mode filter ip arp-throttle aging-time Configures the time in seconds that a blacklisted device remains on the blacklist.
Page 136 Clients in Blacklist Clients Being Tracked : 189 show ip arp-throttle This command shows the current ARP throttle configuration, excluded MAC list, and client statistics. Syntax show ip arp-throttle Example Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 137 This output indicates ARP throttle is enabled, filtering ARP packets according to the default packet threshold and aging-time settings. ARP packets from a device identified as 000f20-aeaec0 are excluded from ARP throttling, and statistics indicate 4 blacklisted clients and the ARP packet traffic of 180 clients being tracked. switch# show ip arp-throttle Source MAC Based ARP Attack Detection Information Enabled...
Page 138 Enable IP directed broadcast forwarding for Wake-on-LAN support. An optional ACL can also be applied to control what packets are forwarded. Syntax switch(config)# ip directed-broadcast [access-group <ACL-ID>] access-group Apply the specified access control list. access-list-name-str ASCII string specifying an ACL Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 139 Example configuration switch(config)# ip directed-broadcast [access-group] <wol-acl> Example running configuration ; J9573A Configuration Editor; Created on release #KA.15.18.0000x ; Ver #06:7c.fd.ff.ff.3f.ef:57 hostname "switch-name" module 1 type j9573x ip access-list extended "wol-acl" ..10 permit ip 192.168.1.10 0.0.0.0 182.168.1.1 0.0.0.255 ..exit ip directed-broadcast access-group "wol-acl" ip routing snmp-server community "public"...
Page 140 The same ACL wol-acl can be applied to any other interface like VLAN, port and tunnel. <wol-acl> entries ip access-list extended <wol-acl> 10 permit ip 192.168.1.1 255.255.255.0 182.168.1.1 55.255.255.0 20 deny ip 172.168.1.1 255.255.255.0 162.168.1.1 255.255.255.0 Exit Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 141 Show commands IP directed broadcast hit counts for the associated access-list with can be displayed using the show command. Show statistics Show IPV4 ACL Statistics. Syntax switch # show statistics aclv4 <acl-id> Options port <port> vlan <vlan-id> vlan ip-directed-broadcast NOTE: Please note that the existing help text of all other parameters listed other than newly added ip-directed-broadcast will remain the same.
Page 142 Mask: 55.255.255.0 Port(s): ..Proto : IP ..TOS Precedence: - Action: deny ..Src IP: 172.168.1.1 Mask: 255.255.255.0 Port(s): ..Dst IP: 162.168.1.1 Mask: 255.255.255.0 Port(s): ..Proto : IP ..TOS Precedence: - Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 143 MIB object hpicfDBroadcastFwdAcl stores the access-list name associated with IP directed broadcast. • hpicfDBroadcastFwdEnable OBJECT-TYPE Syntax integer ◦ enabled (1) ◦ disabled (2) ◦ MAX-ACCESS read-write ◦ STATUS current Used to enable/disable IP directed broadcast feature on the device. When set to disable, hpicfDBroadcastFwdAcl is also cleared.
Page 144 For this type of entry, the MAC address is either the destination device's MAC address or the MAC address of the router interface that answered an ARP request on behalf of the device, using proxy ARP. Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 145 ARP cache The ARP cache contains dynamic (learned) entries. The software places a dynamic entry in the ARP cache when the routing switch learns a device's MAC address from an ARP request or ARP reply from the device. The software can learn an entry when the switch or routing switch receives an ARP request from another IP forwarding device or an ARP reply.
Page 146 Dynamic Host Configuration Protocol on page 291 IP global parameters for routing switches The following table lists the IP global parameters and the page where you can find more information about each parameter. Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 147 Table 11: IP global parameters for routing switches Parameter Description Default See page Changing the router ID Router ID The value that routers use The lowest-numbered IP on page 150 to identify themselves to address configured on the other routers when lowest-numbered routing exchanging route interface.
Page 148 IP interfaces. You also can enable or disable this parameter on an individual interface basis. See IP interface parameters for routing switches . Table Continued Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 149 Parameter Description Default See page ICMP Router Discovery An IP protocol that a Disabled A-21 A-159 Protocol (IRDP) router can use to advertise the IP addresses of its router interfaces to directly attached hosts. You can enable or disable the protocol at the Global CLI Config level.
Page 150 Some routing protocols, including OSPF, identify a routing switch by just one of the IP addresses configured on the routing switch, regardless of the interfaces that connect the routing switches. This IP address is the router ID. Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 151 NOTE: RIP does not use the router ID. If no router ID is configured, then, by default, the router ID on a routing switch is the first IP address that becomes physically active at reboot. This is usually the lowest numbered IP interface configured on the device. However, if no router ID is configured, and one or more user-configured loopback interfaces are detected at reboot, the lowest-numbered (user-configured) loopback interface becomes the router ID.
Page 152 (Ethernet cable), since MAC-layer broadcasts reach all the devices on the segment. Proxy ARP and local proxy ARP behavior When local proxy ARP is enabled, all valid ARP requests receive a response. Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 153 When proxy ARP is enabled, all valid ARP requests receive a response if the following conditions are met: There is a route to the target IP address in the ARP request (this can be a route or default route), and the VLAN (interface) the ARP request is received on does NOT match the interface for the next hop in the matched route to get to the target IP address.
Page 154 NOTE: Disabling an ICMP Unreachable message type does not change the device's ability to forward packets. Disabling ICMP Unreachable messages prevents the device from generating or forwarding the Unreachable messages. Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 155 Chapter 6 Static Routing This chapter describes how to add static and null routes to the IP route table. Configuring an IPv4 Route Static route Configure a static route to a specific network or host address Null route Configure a "null" route to discard IP traffic to a specific network or host address: •...
Page 156 Specifies a unique integer value for a given ECMP set (destination, metric, distance.) name <name-str> Assigns a name to a static route. The no form of the command deletes the specified route for the specified destination next-hop pair. Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 157 Examples Figure 24: Configuring Names for Static Routes for IPv4 Figure 25: Output Displaying Names of Static Routes Figure 26: Output for a Specified Named Static Route Figure 27: Detailed Output of Named Static Routes Chapter 6 Static Routing...
Page 158 Specifies a unique integer value for a given ECMP set (destination, metric, distance.) name <name-str> Assigns a name to a static route. The no form of the command deletes the specified static or null route from the routing table. Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 159 Examples Figure 28: Configuring Names for Static Routes for IPv6 Figure 29: Output for Unnamed Static Routes in IPv6 Figure 30: Output for Named Static Routes in IPv6 Figure 31: Output for a Specified Named Static Route in IPv6 Chapter 6 Static Routing...
Page 160 IP address of your ISP router, all non-local traffic could be directed to the ISP by entering this command: switch(config)# ip route 0.0.0.0/0 208.45.228.35 Static route types You can configure the following types of static IP routes: Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 161 Standard The static route consists of a destination network address or host, a corresponding network mask, and the IP address of the next-hop IP address. Null (discard) The null route consists of the destination network address or host, a corresponding network mask, and either the reject or blackhole keyword.
Page 162 For more information, see IPv6 Configuration Guide for your switch. switch(config)# ip route 127.10.144.21/24 10.10.10.2 metric 12 distance 10 switch(config)# ip route 127.10.144.21/24 10.10.10.3 metric 12 distance 10 Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 163 Chapter 7 Log violation of Blackhole route Overview of Blackhole routes Networking switches drop the received packet destined for blackhole routes without logging any packet information. Information like source IP, destination IP, VlanID and Port ID of the packets destined for the configured static blackhole routes is logged with this feature.
Page 164 2001::/64 blackhole logging [no] debug ip fib blackhole Within the config context: Syntax [no] debug ip fib blackhole Description Enables debug logs for IPv4 blackhole routes. Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 165 Parameters blackhole Enables debug logging of packets destined for blackhole routes. debug ip fib blackhole Enable blackhole logging. Switch(config)# debug ip fib blackhole switch(config) # debug ipv6 fib blackhole [no] debug ip fib blackhole Disable blackhole logging. Switch(config)# [no] debug ip fib blackhole Usage [no] debug ip fib blackhole [no] debug ipv6 fib blackhole...
Page 166 Description Enable blackhole logging Usage [no] debug ipv6 fib blackhole [no] sys-debug <DESTINATION> [logging | buffer] Syntax sys-debug <DESTINATION> [logging | buffer] [no] sys-debug <DESTINATION> [logging | buffer] Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 167 Description Configures persistent debug logging. Used to configure the destination for the debug messages. Options logging Send debug messages to the system event log and to any SYSLOG servers configured. buffer Send debug messages to a temporary buffer that is not saved across reboots. [no] sys-debug ip fib blackhole logging Disable persistent blackhole logging.
Page 168 No support for dynamic blackhole routes. • No support for sampling or time-interval based logging. All packets matching the blackhole route would be logged. • Performance and scale impact not considered. Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 169 Chapter 8 Routing Information Protocol (RIP) Overview of RIP Routing Information Protocol (RIP) is an IP route exchange protocol that uses a distance vector (a number representing distance) to measure the cost of a given route. The cost is a distance vector because the cost often is equivalent to the number of router hops between the routing switch and the destination network.
Page 170 Example Enter RIP router context switch(config)# router rip switch(rip)# Enable RIP routing switch(config)# router rip enable switch(rip)# Disable RIP routing switch(config)# router rip disable switch(rip)# Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 171 Delete all protocol-specific information from the global context and interface context and set all protocol parameters to default values switch(config)# no router rip switch(rip)# Enabling IP RIP on a VLAN To enable RIP on all IP addresses in a VLAN, use ip rip in the VLAN context. When the command is entered without specifying any IP address, it is enabled in all configured IP addresses of the VLAN.
Page 172 The default metric is a global parameter that specifies the cost applied to all RIP routes by default. The default value is 1. You can assign a cost from 1 to 15. Syntax: default-metric value The value can be from 1 to 15. The default is 1. Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 173 Example: To assign a default metric of 4 to all routes imported into RIP, enter the following commands: switch(config)# router rip switch(rip)# default-metric 4 Enabling RIP route redistribution The basic form of the redistribute command redistributes all routes of the selected type. For finer control over route selection and modification of route properties, you can specify the route-map parameter and the name of a route map.
Page 174 RIP protocol Status of the RIP protocol on the router. RIP must be enabled here and on the VLAN interface for RIP to be active. The default is disabled. Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 175 Auto-summary Status of auto-summary for all interfaces running RIP. If auto-summary is enabled, subnets will be summarized to a class network when advertising outside of the given network. Default metric Sets the default metric for imported routes. This is the metric that will be advertised with the imported route to other RIP peers.
Page 176 Example of show IP rip interface output by IP address To show the RIP interface information for the interface with IP address 100.2.0.1, enter the show ip rip interface command: switch# show ip rip interface 100.2.0.1 Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 177 RIP interface information for 100.2.0.1 IP Address : 100.2.0.1 Status : enabled Send Mode : V2-only Recv mode : V2-only Metric : 1 Auth : none Bad packets received : 0 Bad routes received Sent updates : 0 Viewing RIP peer information To display RIP peer information, enter the show ip rip peer command at any context level.
Page 178 The following table lists the global RIP parameters and their default values. Table 13: RIP global parameters Parameter Description Default RIP state Routing Information Protocol V2- Disabled only. auto-summary Enable/disable advertisement of Enabled summarized routes. Table Continued Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 179 Parameter Description Default metric Default metric for imported routes. redistribution RIP can redistribute static, Disabled connected, and OSPF routes. (RIP redistributes connected routes by default, when RIP is enabled.) RIP interface parameters The following table lists the VLAN interface RIP parameters and their default values. Table 14: RIP interface parameters Parameter Description...
Page 180 RIP routes into OSPF routes. Changing the route loop prevention method RIP can use the following methods to prevent routing loops: Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 181 • Split horizon -the routing switch does not advertise a route on the same interface as the one on which the routing switch learned the route. • Poison reverse - the routing switch assigns a cost of 16 ("infinity" or "unreachable") to a route before advertising it on the same interface as the one on which the routing switch learned the route.
Page 182 Configure MD5 authentication for RIPv2 and MD5 keychain for RIPv2 interfaces by using the following commands. Syntax [no] ip rip authentication-type none|text|md5 Enable, disable or configure RIP on the VLAN interface. When no is specified, the command disables RIP on the interface. Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 183 This command can be followed by a RIP configuration command. This is a VLAN context command that can be entered in a VLAN context or following the vlan enable/disable/configure RIP command on the VLAN interface. none Do not use authentication. text Use simple password.
Page 184 • When the MD5 authentication is working and you remove the used key-chain from global configuration, the request to remove the used keychain will fail. Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 185 • When the MD5 authentication is working and you remove the key from key-chain in the global configuration, the MD5 authentication will not work. NOTE: Hewlett Packard Enterprise recommends using a single key in the key-chain. • Only RIPv2 is allowed in supporting MD5 authentication. •...
Page 186 RIPng notifications/traps — Traps are generated as the result of finding an unusual condition while parsing an RIPng packet or a processing a timer event. Disabled by default. Limitations Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 187 Limits imposed on RIPng are as follows: IPv6 loop back addresses cannot be redistributed into RIPng Number of interfaces/VLANs on which RIPng may be run: Total number of routes supported: 5,000 Maximum number of IPv6 addresses per Vlan: Maximum number of IPv6 Vlans: Maximum number of IPv6 addresses: 2046 Starting from 16.01 onwards, the redistribution of OSPFv3 external routes (E1/E2/N1/N2) into RIPng is not...
Page 188 NOTE: Route-map option comes only after we specify the protocol (static/connected/ospf3). Usage [no] redistribute connected route-map NAME [no] redistribute ospf3 route-map NAME [no] redistribute static include-all route-map NAME Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 189 Configure RIPng timers Syntax router ripng timers Description Configure RIPng timers. Options garbage-collect Set the garbage-collect interval for the route. The default value is 120 seconds. timeout Set the interval for the route timeout. The default value is 180 seconds. update Set the interval for the update timer.
Page 190 If RIPng is not configured on the switch, any show commands related to RIPng are executed, the following output is displayed. switch(config) # show ipv6 ripng RIPng Configuration Information RIPng protocol : Disabled Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 191 Show IPv6 ripng general Syntax show ipv6 ripng general Description Displays RIPng global parameters only as shown below. RIPng global parameters switch(config)# show ipv6 ripng general RIPng global parameters RIPng protocol : Enabled Default metric : 1 Administrative distance : 120 Route changes : 1090 Queries : 134457 Update time : 30...
Page 192 List the protocols that are being redistributed into RIPng. RIPng redistributing without route-maps switch(config)#show ipv6 ripng redistribute RIPng redistributing Route type Route map Options ---------- ---------------------------------- ----------------- Connected Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 193 RIPng redistribute with route-maps switch(config)#show ipv6 ripng redistribute RIPng redistributing Route type Route map Options ---------- ------------------- --------------------------------------- Connected map2 static map1 Include blackhole and reject Show IPv6 RIPng traps Syntax show ipv6 ripng traps Description Display the enabled RIPng traps. RIPng Traps : Enabled switch(config)#show ipv6 ripng traps RIPng Traps : Enabled...
Page 194 Show RIPng events. trigger Show RIPng trigger messages. Usage debug ipv6 ripng database | events | trigger Additional commands Following CLI commands are enhanced to accommodate RIPng. Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 195 VLAN VLAN–ID IPv6 This is a VLAN context command. Syntax vlan VLAN-ID ipv6 ripng Description Enables/Disables/Configures RIPng protocol for IPv6 on the interface. The command no ipv6 ripng enable disables or disconfigures RIPng on the interface. This command can be followed by a RIPng configuration command.
Page 196 Shows the IPv6 ripng vlan configuration along with other vlan specific configuration. show running-config vlan switch (config)# show running-config vlan 15 vlan 15 name "VLAN15" tagged Trk10 no ip address ipv6 enable ipv6 address 3005::10/64 ipv6 ripng enable Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 197 Chapter 11 Open Shortest Path First Protocol (OSPF) OSPFv2 is the IPv4 implementation of the Open Shortest Path First protocol. (OSPFv3 is the IPv6 implementation of this protocol.) Beginning with software version K.15.01, the switches can be configured to run OSPFv2 either alone or simultaneously with OSPFv3.
Page 198 To disable RFC 1583 compatibility on a routing switch in an OSPF domain where RFC 2178 and RFC 2328 are universally supported: switch(config)# router ospf switch(ospf)# no rfc1583-compatibility Figure 34: Changing external route preference compatibility from RFC 1583 to RFC 2328 Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 199 Assigning the routing switch to OSPF areas For more information, see Assigning the routing switch to OSPF areas on page 259. Configuring an OSPF backbone or normal area Syntax: area [[ospf-area-id] | [backbone]] [normal] [[ospf-area-id] | [backbone]] After using router ospf to globally enable OSPF and enter the global OSPF context, execute this command to assign the routing switch to a backbone or other normal area.
Page 200 3 default route. Also specifies the type of internal cost metric to include in type-7 LSAs advertised for redistribution of external routes in the NSSA. (The redistribution—or external—cost metric is a global setting on the routing switch set by the default-metric command.) Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 201 The metric-type command specifies whether to include the redistribution cost in the cost metric calculation for a type-7 default LSA injected into the area. type1 Calculate external route cost for a type-7 default LSA as the sum of (1) the external route cost assigned by the ASBR plus (2) the internal cost from the router with traffic for the external route to the ASBR advertising the route.
Page 202 10.10.10.1 to OSPF area 5 • 10.10.11.1 to OSPF area 5 • 10.10.12.1 to OSPF area 6 The operator could use the following commands to configure the above assignments: switch(ospf)# vlan 10 Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 203 switch(vlan-10)# ip ospf 10.10.10.1 area 5 switch(vlan-10)# ip ospf 10.10.11.1 area 5 switch(vlan-10)# ip ospf 10.10.12.1 area 6 Assigning loopback addresses to an area Optional: After you define the OSPF areas to which the switch belongs, you can assign a user-defined loopback address to an OSPF area.
Page 204 In this example, a loopback address assigned to an area is displayed as an ospf intra-area (internal) route to its neighbor; a loopback address not assigned to a specific area is displayed as an ospf external route: switch(config)# show ip route IP Route Entries Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 205 Destination Gateway VLAN Type Sub-Type Metric Dist ----------- ------- ---- ---- -------- ------ ---- 20.0.15.1/32 25.0.67.131 ospf external2 20.0.16.2/32 25.0.67.131 ospf intra-area Configuring external route redistribution in an OSPF domain (optional) For more information, see Configuring for external route redistribution in an OSPF domain on page 259. Configuring redistribution filters Syntax: router ospf restrict ip-addr/mask-length...
Page 206 [type1 | type2] Globally reconfigures the redistribution metric type on an ASBR. type1 Specifies the OSPF metric plus the external metric for an external route. Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 207 type2 Specifies the external metric for an external route. Default: type2 Example: To change from the default setting on an ASBR to type 1, enter the following command: switch(config)# router ospf metric-type type1 Configuring ranges on an ABR to reduce advertising to the backbone Syntax: area [[ospf-area-id] | [backbone]] range [[ip-addr/mask-length]] [no-advertise]...
Page 208 Using the RFC standard ethod to determine the summarized cost to an NSSA area To change the configuration so that the 10.20.0.0/16 range uses the RFC standard method for determining the summarized cost, enter the following command. Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 209 switch(ospf)# area 10 range 10.10.0.0/16 type nssa You must execute write mem to preserve these settings across reboots. Output showing settings for summary costs The show ip ospf command displays information about summary costs. An entry of auto indicates that the cost is calculated by the OSPF standard for summarized networks.
Page 210 The no form disables the specified trap. Default: All OSPF traps disabled The table below summarizes OSPF traps supported on the switches, and their associated MIB objects from RFC 1850. Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 211 Table 15: OSPF traps and associated MIB objects OSPF trap name MIB object interface-authentication-failure ospflfAuthFailure interface-config-error ospflfConfigError interface-receive-bad-packet ospflfrxBadPacket interface-retransmit-packet ospfTxRetransmit interface-state-change neighbor-state-change ospfNbrStateChange originate-lsa ospfOriginateLsa originate-maxage-lsa ospfMaxAgeLsa virtual-interface-authentication- failure virtual-interface-config-error ospfVirtlfConfigError virtual-interface-state-change ospfVirtlfStateChange virtual-neighbor-state-change ospfVirtNbrStateChange virtual-interface-receive-bad-packet ospfVirtlfRxBad Packet virtual-interface-retransmit-packet ospfVirtlfTxRetransmit Example Enabling OSPF traps...
Page 212 Assigns the specified hello interval to all networks configured on the VLAN. ip ospf ip-address hello-interval 1-65535 Assigns the specified hello interval to the specified subnet on the VLAN. Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 213 ip ospf all hello-interval 1-65535 Assigns the specified hello interval to all networks configured on the VLAN. Operates the same as the ip ospf hello-interval option. Default: 10 seconds; range 1–65535 seconds Changing priority per-interface Syntax: ip ospf [ip-address | all] priority 1- 255 The priority is used when selecting the DR and backup DRs (BDRs.) The value can be from 0 to 255 (with 255 as the highest priority.) If you set the priority to 0, the routing switch does not participate in DR and BDR election.
Page 214 Used in the VLAN interface context to configure password authentication for all interfaces in the VLAN or for a specific subnet. The password takes effect immediately, and all OSPF packets transmitted on the interface Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 215 contain this password. All OSPF packets received on the interface are also checked for the password. If it is not present, the packet is dropped. To disable password authentication on an interface, use the no form of the command. When the switch is in enhanced secure mode, commands that take a secret key as a parameter have the echo of the secret typing replaced with asterisks.
Page 216 (area 0.) To provide backbone access to routing switch "A," you can add a virtual link between routing switch "A" and routing switch "C," using area 1 as a transit area. Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 217 To configure the virtual link, define it on the routers that are at each end of the link. No configuration for the virtual link is required on the other routers on the path through the transit area (such as routing switch "B" in this example.) Figure 37: Defining OSPF virtual links within a network To configure the virtual link on routing switch "A,"...
Page 218 Configuring a virtual link on page 216.) Use show ip ospf virtual-link ip-address to view the current setting. Default: 5 seconds; range: 1–3600 seconds Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 219 Changing the transit-delay on a virtual link Syntax: area area-id virtual link ip-address transit-delay [0-3600] Used in the router OSPF context on both ABRs in a virtual link to change the estimated number of seconds it takes to transmit a link state update packet over a virtual link. The transit-delay setting must be the same on both ABRs on a given virtual link.
Page 220 ----- --------- ---- -------- ------- 10.10.10.1 enabled 0.0.0.2 down none 10.12.13.1 enabled 0.0.0.2 wait none You can display the OSPF passive information for a particular VLAN as shown. Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 221 show ip ospf interface command for a specific VLAN with passive configured on an interface switch(config) show ip ospf interface vlan 4 OSPF configuration and statistics for VLAN 4 OSPF Interface Status for 10.10.10.1 IP Address: : 10.10.10.1 Status : enabled AreaID : 0.0.0.2 Passive : Yes...
Page 222 RFC 1583 compatability : compatible Intra-area distance : 110 Inter-area distance : 110 AS-external distance : 110 Default import metric : 10 Default import metric type : external type 2 Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 223 Area Border : no AS Border : no External LSA Count External LSA Checksum Sum : 0 Originate New LSA Count Receive New LSA Count Graceful Restart Interval : 120 Graceful Restart Strict-Lsa Checking : Enabled Nonstop forwarding : Disabled Log Neighbor Adjacency Changes : Enabled SPF Throttling Start Interval...
Page 224 [ospf-area-id] The [ospf-area-id] parameter shows information for the specified area. If no area is specified, information for all the OSPF areas configured is displayed. Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 225 The OSPF area display shows the information found in the table: Table 17: CLI display of OSPF area information Field Content Area ID Identifier for this area. Type Area type, which can be either "normal" or "stub". Cost Metric for the default route that the routing switch will inject into a stub area if the routing switch is an ABR for the area.
Page 226 Output for show ip ospf external-link-state advertise switch# show ip ospf external-link-state advertise OSPF External LSAs Advertisements ------------------------------------------------------------------------ 000302050a0307000a00082580000005d99f0024ffffff008000000a0000000000000000 000302050a0308000a00082580000005cea90024ffffff008000000a0000000000000000 000302050a0309000a00082580000005c3b30024ffffff008000000a0000000000000000 Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 227 000302050a030a000a00082580000005b8bd0024ffffff008000000a0000000000000000 000002050a0321000a000824800009cdb9dd0024ffffff00800000010000000000000000 Viewing OSPF interface information Syntax: show ip ospf interface [vlan vlan-id | ip-addr] ip-address Displays the OSPF interface information for the specified IP address. vlan-id Displays the OSPF interface information for the specified IP address. The following table shows the information displayed for the OSPF interface. Table 19: CLI display of OSPF interface information Field Content...
Page 228 --------------- --------------- -------- -------- ------ ----- --- 172.16.30.186 backbone enabled Pt-to-Pt none Viewing OSPF interface information for a specific VLAN or IP address Syntax: show ip ospf interface [vlan vlan-id | ip-addr] Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 229 To display OSPF interface information for a specific VLAN or IP address, enter the show ip ospf interface ip-addr command at any CLI level. Table 20: CLI display of OSPF interface information—VLAN or IP address Field Content Type Will always be BCAST for interfaces on this routing switch. Point-to-point or NBMA (frame relay or ATM) type interfaces are not supported on the switches.
Page 230 10.2.1.2 OSPF Neighbor Information for neighbor 10.2.1.2 IP Address : 10.2.1.2 Router ID : 2.2.2.2 Pri : n/a NbIfState : n/a State : FULL Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 231 Rxmt QLen : 0 Events : 7 Helper Status : None Helper Age : 0 show ospf interface configuration Admin Authen IP Address Area ID Status Type Type Cost --------------- --------------- -------- -------- ------ ----- --- 172.16.30.186 backbone enabled Pt-to-Pt none Viewing OSPF packet statistics for a subnet or VLAN Displays the statistics on OSPF packets sent and received on the interfaces in VLANs and/or subnets on an OSPF-enabled routing switch, including the number of errors that occurred during packet transmission.
Page 232 Table 22: CLI display of OSPF statistics for VLAN subnet traffic Per-subnet OSPF statistics Field Content IP Address IP address of subnet. Total Tx Total number of OSPF packets sent on each subnet interface. Table Continued Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 233 Per-subnet OSPF statistics Field Content Total Rx Total number of OSPF packets received on each subnet interface. Total Errors Total number of errors in OSPF packet transmission on each subnet interface. Clearing OSPF statistics for all VLAN interfaces on the switch Syntax: clear ip ospf statistics Clears the OSPF statistics for all VLAN interfaces on the switch and sets all VLAN/subnet counters for OSPF...
Page 234 10.0.8.34 10.0.8.34 1420 0x80000283 0x0000de4f Network 10.3.16.34 10.0.8.34 1735 0x80000005 0x00001465 The OSPF link-state display shows the following contents of the LSA database; one table for each area: Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 235 Table 23: CLI display of OSPF link-state information Field Content LSA Type The possible types are: • Router • Network • Summary • AsbSummary Link State ID LSA ID for this LSA. The meaning depends on the LSA type. Advertised Router ID Router ID of the router that originated this LSA.
Page 236 : E=1 MC=0 N/P=0 EA=0 DC=1 LSA Metric Output for show IP OSPF link-state detail for AS external LSA This example shows show ip ospf link-state detail for an AS external LSA. Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 237 switch(config)# show ip ospf link-state detail LSA Age : 971 LSA Type : 0x5 (AS External) Advertising Router : 2.2.2.3 Link State ID : 55.5.5.0 LSA Sequence : 0x80000001 LSA Checksum : 0xe17c LSA Option Bits : E=1 MC=0 N/P=0 EA=0 DC=0 LSA Metric : 10 Bit E...
Page 238 This neighbor is the elected designated router for the interface. This neighbor is the elected backup designated router for the interface. blank This neighbor is neither the DR or the BDR for the interface. Table Continued Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 239 Field Description State The state of the conversation (the adjacency) between your routing switch and the neighbor. The possible values are: INIT A Hello packet has recently been seen from the neighbor. However, bidirectional communication has not yet been established with the neighbor.
Page 240 Example of output for show ip ospf restrict switch# show ip ospf restrict OSPF restrict list IP Address Mask --------------- --------------- 10.0.8.0 255.255.248.0 15.0.0.0 255.0.0.0 This display shows the configured restrict entries. Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 241 Viewing OSPF virtual neighbor information If virtual links are configured on the routing switch, you can display OSPF virtual neighbor information. Syntax: show ip ospf virtual-neighbor [[area area-id] | [ip-address]] Output for the show ip ospf virtual-neighbor command OSPF Virtual Interface Neighbor Information Router ID Area ID State...
Page 242 In this display, these fields show the same type of information as described for the general OSPF virtual link display: Transit Area ID, Neighbor Router, Authentication, and Interface State. This display shows the following additional information: Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 243 Table 27: CLI display of OSPF virtual link information—Specific IP address Field Description Events The number of times the virtual link interface state has changed. Transit delay The configured transit delay for the virtual link. Rtr Interval The configured retransmit interval for the virtual link. Hello Interval The configured hello interval for the virtual link.
Page 244 Currently defined address ranges: Area ID LSA Type IP Network Network Mask Advertise Cost -------------- --------- ------------- -------------- --------- ---- 10.3.16.0 Summary 10.3.16.0 255.255.255.0 OSPF interface configuration: Admin Authen Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 245 IP Address Area ID Status Type Type Cost --------------- --------------- -------- ----- ------ ----- --- 10.3.2.35 backbone enabled BCAST none 10.3.3.35 backbone enabled BCAST none 10.3.16.35 10.3.16.0 enabled BCAST none 10.3.32.35 10.3.32.0 enabled BCAST none OSPF configured interface timers: Transit Retransmit Hello Dead IP Address Delay...
Page 246 Enabling load sharing among next-hop routes For more information, see OSPF equal-cost multipath (ECMP) for different subnets available through the same next-hop routes on page 262. Syntax: [no] ip load-sharing 2-4 Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 247 When OSPF is enabled and multiple, equal-cost, next-hop routes are available for traffic destinations on different subnets, this feature, by default, enables load-sharing among up to four next-hop routes. 1 - 4 : Specifies the maximum number of equal-cost next-hop paths the router allows. Default: 4;...
Page 248 Describes the route to a destination in another AS (external route.) NSSA Originated by ASBR in NSSA. ABR converts type-7 LSAs to type-5 LSAs for injection into the backbone area. Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 249 OSPF router types Interior routers This type of OSPF router belongs to only one area. Interior routers flood type-1 LSAs to all routers in the same area and maintain identical LSDBs. In the following example, the routers R1, R3, R4, and R6 are all interior routers because all of their links are to other routers in the same area.
Page 250 Figure 41: Example of DRs in an OSPF area To learn the router priority on an interface, use the show ip ospf interface command and check the Pri setting under OSPF interface configuration. Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 251 NOTE: By default, the router ID is typically the lowest-numbered IP address or the lowest-numbered (user-configured) loopback interface configured on the device. If multiple networks exist in the same OSPF area, the recommended approach is to ensure that each network uses a different router as its DR. Otherwise, if a router is a DR for more than one network, latency in the router could increase because of the increased traffic load resulting from multiple DR assignments.
Page 252 AS. The ABR also injects type-3 summary LSAs: Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 253 • From the NSSA into the backbone area • From the backbone into the NSSA If the ABR detects type-5 external LSAs on the backbone, it injects a corresponding type-7 LSA default route (0.0.0.0/0) into the NSSA You can also configure the NSSA ABR to do the following: •...
Page 254 You can enable this behavior when you first configure the stub area or NSSA, or at a later time. For the full command to use, see Configuring a stub or NSSA area on page 200. Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 255 The no-summary command does not affect intra-area advertisements, meaning the switch still accepts summary LSAs from OSPF neighbors within its area and floods them to other neighbors. The switch can form adjacencies with other routers regardless of whether summarization is enabled or disabled for areas on each switch. When you use no-summary, the change takes effect immediately.
Page 256 Traffic to host 10.10.0.3 passes through next-hop router 12.0.9.2. • Traffic to host 10.10.0.4 passes through next-hop router 14.0.9.4. Figure 44: Example of traffic distribution on ECMP next-hop routers Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 257 Dynamic OSPF activation and configuration OSPF automatically activates when enabled with router ospf. All configuration commands affecting OSPF (except reconfiguring the router ID) are dynamically implemented and can be used without restarting OSPF routing. NOTE: OSPF is automatically enabled without a system reset. General configuration steps for OSPF To begin using OSPF on the routing switch: Procedure...
Page 258 OSPF domain must support the same routing-loop prevention measures, if the domain includes any routers that support only RFC 1583 preference rules, all routers in the domain must be configured to support RFC 1583. Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 259 NOTE: The routing switch is configured, by default, to be compliant with the RFC 1583 OSPF V2 specification. (Use show ip ospf general to view the current RFC 1583 configuration setting.) All routes in an AS should be configured with the same compliance setting for preference rules affecting external routes.
Page 260 In the default configuration, OSPF authentication is disabled. All interfaces in the same network or subnet must have the same authentication method (password or MD5 key chain) and credentials. Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 261 Configuring an ABR to use a virtual link to the backbone All ABRs must have either a direct, physical or indirect, virtual link to the OSPF backbone area (0.0.0.0 or 0.) If an ABR does not have a physical link to the area backbone, the ABR can use a virtual link to provide a logical connection to another ABR having a direct physical connection to the area backbone.
Page 262 The switches support optional load-sharing across redundant links where the network offers two, three, or four equal-cost next-hop routes for traffic to different subnets. (All traffic for different hosts in the same subnet goes through the same next-hop router.) Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 263 For example, in the OSPF network shown in the following figure, IP load-sharing is enabled on router "A". In this case, OSPF calculates three equal-cost next-hop routes for each of the subnets and then distributes per-subnet route assignments across these three routes. Figure 45: Example of load-sharing traffic to different subnets through equal-cost next-hop routers Example of a routing table for the network in the preceding figure.
Page 264 4. Verify that the existing command implementation is not affected due to an automatic cost configuration on both the global and the VLAN level. 5. Check that the configuration is applied properly after uploading and downloading a saved configuration through TFTP. Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 265 6. Verify the configuration by saving the configuration write mem and rebooting the system. 7. When the area is already configured for VLAN, only OSPF cost will be applied. Chapter 11 Open Shortest Path First Protocol (OSPF)
Page 266 This value must be greater than or equal to min-length. If this optional parameter is not specified, its value defaults to prefix-length. (If you have specified a value for min-length that is greater than prefix- Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 267 length , you must explicitly specify le with a max-length value that is greater than or equal to min- length.) no [ip | ipv6 prefix-list name] Deletes the entire prefix list identified by name . no [ip | ipv6 prefix-list name] [seq seq-num] Deletes the entry with the specified sequence number from the prefix list identified by name .
Page 268 20 permit 10.1.4.1/24 ge 24 le 24 A summary of the prefix lists looks like this: switch# show ip prefix-list summary ip prefix-list Odd: Count:4, Range-entries: 4, Sequences: 5 - 20 Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 269 ip prefix-list Even: Count:4, Range-entries: 4, Sequences: 5 - 20 A detailed display of one of the prefix lists looks like this: switch# show ip prefix-list name Even detail ip prefix-list Even: Count:4, Range-entries: 4, Sequences: 5 - 20 seq 5 deny 10.1.1.1/24 ge 24 le 24 Description: Permit even-numbered subnets seq 10 permit 10.1.2.1/24 ge 24 le 24 seq 15 deny 10.1.3.1/24 ge 24 le 24...
Page 270 Specifies the ID number of the VLAN to match. [vid ...] Optional additional VLAN identifiers. A single command can specify multiple VLANs. A match succeeds if any of the VLANs matches (logical OR.) Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 271 Matching prefix lists Syntax: match [ip | ipv6] address prefix-list name no match [ip | ipv6] address prefix-list name Matches a prefix list. The no form of the command deletes the match clause from the sequence. [ip | ipv6] Specifies matching with a prefix list that contains either IPv4 (IP) or IPv6 addresses, respectively. name Specifies the name of the prefix list to match.
Page 272 Matches the protocol type of the destination prefix. The no form of the command deletes the match clause from the sequence. connected Matches directly connected routes. static Matches static routes. Matches RIP routes. ospf Matches OSPF routes. ospfv3 Matches OSPFv3 routes. Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 273 Matching tags Syntax: match tag value no match tag value Matches the specified tag value with that of the route. The no form of the command deletes the match clause from the sequence. value : Value of the route tag to match against. This is an integer value between 0 and the maximum number supported by the routing switch.
Page 274 Optional set statements allow changing properties of the route depending on the match. Typical uses for route policy include filtering and redistribution of routes. Figure 46: Route policy components Configuring route policy The steps in configuring a route policy are: Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 275 Procedure 1. (Optional) Create any prefix lists you will use to select routes for your policy. 2. Create a route map. 3. Include match statements in your route map to define the selection criteria for routes. 4. (Optional) Include set statements in your route map to modify properties of your routes. 5.
Page 276 , and match ipv6 next-hop IPv6-addr commands, multiple instances of those commands are permitted in a single sequence, because all instances of those commands in a sequence are concatenated internally into single commands, respectively. Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 277 Using route policy in route redistribution The following examples show some basic uses of route policy based on the figure below. (All subnets have 24-bit masks.) Figure 47: Network for redistribution example Baseline: Intra-domain routing using default settings Each of the routing domains in Figure 47: Network for redistribution example on page 277 is defined with simple VLANs and a basic routing configuration: •...
Page 278 "public" unrestricted vlan 21 ip rip 10.2.21.1 exit vlan 29 ip rip 10.2.29.1 exit vlan 31 ip ospf 10.3.31.2 area backbone exit vlan 33 Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 279 ip ospf 10.3.33.2 area backbone exit vlan 37 ip ospf 10.3.37.1 area backbone exit Items of particular interest are: • The ip routing command enables routing on the switch. • The router ospf command enables OSPF routing on the switch. The area backbone command establishes the backbone area (area 0.) •...
Page 280 Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 281 This causes extensive redistribution of routes within all three routing domains, adding a large number of routes to the route tables of all the routers. For example, the route table in the East router adds routes to subnets in both RIP domains, and looks like this: East(config)# show ip route IP Route Entries...
Page 282 East(config)# show ip route IP Route Entries Destination Gateway VLAN Type Sub-Type Metric Dist. --------------- --------------- ---- --------- ---------- ---------- ----- 10.1.11.0/24 10.3.32.1 ospf External2 10.1.13.0/24 10.3.32.1 ospf External2 Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 283 10.1.15.0/24 10.3.32.1 ospf External2 10.1.16.0/24 10.3.32.1 ospf External2 10.2.21.0/24 10.3.33.2 ospf External2 10.2.22.0/24 10.3.33.2 ospf External2 10.2.23.0/24 10.3.33.2 ospf External2 10.2.29.0/24 10.3.33.2 ospf External2 10.3.31.0/24 10.3.32.1 ospf IntraArea 10.3.31.0/24 10.3.33.2 ospf IntraArea 10.3.32.0/24 VLAN32 connected 10.3.33.0/24 VLAN33 connected 10.3.34.0/24 VLAN34 connected 10.3.37.0/24 10.3.33.2...
Page 284 --------------- --------------- ---- --------- ---------- ---------- ----- 10.1.11.0/24 10.2.21.1 10.1.13.0/24 10.2.21.1 10.1.15.0/24 10.2.21.1 10.1.16.0/24 10.2.21.1 10.2.21.0/24 VLAN21 connected 10.2.22.0/24 VLAN22 connected 10.2.23.0/24 VLAN23 connected 10.2.29.0/24 10.2.21.1 10.3.31.0/24 10.2.21.1 10.3.33.0/24 10.2.21.1 10.3.37.0/24 10.2.21.1 Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 285 127.0.0.0/8 reject static 127.0.0.1/32 connected You can solve this problem by adding a second sequence to the route map to deal with the routes from the OSPF domain. The expanded route map becomes: route-map "PermitOdds" permit seq 10 match ip address prefix-list "Odds" exit route-map "PermitOdds"...
Page 286 This allows you to propagate both the odd and the connected routes, but not the even routes, to the southern RIP domain. route-map "TagConn" permit seq 10 match source-protocol connected set tag 1 exit Redistribute the routes to the OSPF domain using the route maps: Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 287 router ospf area backbone redistribute connected route-map "TagConn" redistribute rip route-map "TagIn" exit On the South router set up a route map with three sequences: • One to permit routes with tag values of 1 • One to deny routes with tag values of 2 •...
Page 288 The preference can be a number from -4294967296 to 4294967295. The default is 0. Enabling IRDP globally Enter the following command: switch(config)# ip irdp Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 289 This command enables IRDP on the IP interfaces on all ports. Each port uses the default values for the IRDP parameters. Enabling IRDP on an individual VLAN interface To enable IRDP on an individual VLAN interface and configure IRDP parameters, enter commands such as the following: switch(config)# vlan 1 switch(vlan-1)# ip irdp maxadvertinterval 400...
Page 290 Min int Max int Holdtime Preference Address (sec) (sec) (sec) -------------- -------- ------------ ------- ------- -------- ----------- DEFAULT_VLAN Enabled multicast 1800 VLAN20 Enabled multicast 1800 VLAN30 Enabled multicast 1800 Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 291 Chapter 14 Dynamic Host Configuration Protocol The Dynamic Host Configuration Protocol (DHCP) is used for configuring hosts with IP address and other configuration parameters without user intervention. The protocol is composed of three components: • DHCP client • DHCP server •...
Page 292 VLANs and their configured BOOTP gateways display. The following example shows an IP address being assigned to a gateway for VLAN 22, and then displayed using the show dhcp-relay bootp-gateway command. Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 293 Assigning a gateway to an interface and then displaying the information switch(vlan-22)ip bootp-gateway 12.16.18.33 switch(vlan-22)# exit switch(config)# show dhcp-relay bootp-gateway vlan 22 BOOTP Gateway Entries VLAN BOOTP Gateway -------------------- --------------- VLAN 22 12.16.18.33 Operating notes • If the configured BOOTP gateway address becomes invalid, the DHCP relay agent returns to the default behavior (assigning the lowest-numbered IP address.) •...
Page 294 Viewing DHCP helper addresses This command displays the list of currently configured IP Helper addresses for a specified VLAN on the switch. Syntax: show ip helper-address [vlan vlan-id] Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 295 Displays the IP helper addresses of DHCP servers configured for all static VLANS in the switch or on a specified VLAN, regardless of whether the DHCP relay feature is enabled. The vlan vlan-id parameter specifies a VLAN ID number. Example The following command lists the currently configured IP Helper addresses for VLAN 1.
Page 296 Operates when the routing switch is configured with append, replace, or drop as a forwarding policy. With validate enabled, the routing switch applies stricter rules to an incoming Option 82 server response to Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 297 determine whether to forward or drop the response. For more information, see Validation of server response packets on page 306. [ip | mac | mgmt-vlan] Specifies the remote ID suboption that the switch uses in Option 82 fields added or appended to DHCP client packets.
Page 298 If the routing switch cannot add an Option 82 field to a client's DHCP request because the message size exceeds the MTU size, the request is forwarded to the DHCP server without Option 82 data and an error message is logged in the switch's Event Log. Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 299 • Because routing is not allowed between the management VLAN and other VLANs, a DHCP server must be available in the management VLAN if clients in the management VLAN require a DHCP server. • If the management VLAN IP address configuration changes after mgmt-vlan has been configured as the remote ID suboption, the routing switch dynamically adjusts to the new IP addressing for all future DHCP requests.
Page 300 However, Option 82 relay agents should be positioned at the DHCP policy boundaries in a network to provide maximum support and security for the IP addressing policies configured in the server. Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 301 For more information, see the documentation provided with the server application. Option 82 server support To apply DHCP Option 82, the routing switch must operate in conjunction with a server that supports Option 82. (DHCP servers that do not support Option 82 typically ignore Option 82 fields.) Also, the routing switch applies Option 82 functionality only to client request packets being routed to a DHCP server.
Page 302 On chassis switches, where a dedicated, sequential block of internal port numbers are reserved for each slot, regardless of whether a slot is occupied, Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 303 the circuit ID for a given port is the sequential index number for that port position in the slot. (To view the index number assignments for ports in the routing switch, use the walkmib ifname command.) Using walkmib to determine the circuit ID for a port on a chassis For example, the circuit ID for port B11 on a switch is "35”, as shown in the following example.
Page 304 This policy does not include the validate option (described in the next section) and allows forwarding of all server response packets arriving inbound on the routing switch (except those without a primary relay agent identifier.) Table Continued Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 305 Option 82 DHCP client request packet inbound to the routing switch configuration Packet has Packet includes an Option 82 field no Option 82 field Replace Replace Append an Option 82 field replaces any existing Option 82 fields from downstream relay agents (and/or the originating client) with an Option 82 field for the current relay agent.
Page 306 (or missing) Option 82 information. The following table describes relay agent management of DHCP server responses with optional validation enabled and disabled Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 307 Table 32: Relay agent management of DHCP server response packets. Response packet Option 82 configuration Validation Validation content enabled on the disabled (the relay agent default) append Valid DHCP server Drop the server Forward server response packet without response packet. response packet , replace, or drop an Option 82 field.
Page 308 All request packets from DHCP clients in the different subnets in the VLAN must be able to reach any DHCP server identified by the IP helper addresses configured on that VLAN. Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 309 Chapter 15 User Datagram Protocol For introductory information about user datagram protocol (UDP), see UDP broadcast forwarding on page 313. Configuring and enabling UDP broadcast forwarding To configure and enable UDP broadcast forwarding on the switch: Procedure 1. Enable routing. 2.
Page 310 Remote authentication dial-in user service (1645) Routing information protocol (520) snmp Simple network management protocol (161) snmp-trap Simple network management protocol (162) tftp Trivial file transfer protocol (69) timep Time protocol (37) Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 311 Example The following command configures the routing switch to forward UDP broadcasts from a client on VLAN 1 for a time protocol server: switch(vlan-1)# ip forward-protocol udp 15.75.11.155 timep Viewing the current IP forward-protocol configuration Syntax: show ip forward-protocol [vlan vid] Displays the current status of UDP broadcast forwarding and lists the UDP forwarding addresses configured on all static VLANS in the switch or on a specific VLAN.
Page 312 Appears in the Event Log and, if configured, in SNMP traps. Appears in the CLI if you attempt to disable routing UDP broadcast forwarder must be while UDP forwarding is enabled on the switch. disabled first. Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 313 UDP broadcast forwarding Some applications rely on client requests sent as limited IP broadcasts addressed to a UDP application port. If a server for the application receives such a broadcast, the server can reply to the client. Since typical router behavior, by default, does not allow broadcast forwarding, a client's UDP broadcast requests cannot reach a target server on a different subnet unless the router is configured to forward client UDP broadcasts to that server.
Page 314 UDP packet forwarding to subnet 15.75.11.0: Forwarding destination type IP address UDP unicast to a single device in the 15.75.11.0 subnet 15.75.11.X UDP broadcast to subnet 15.75.11.0 15.75.11.255 Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 315 Chapter 16 Virtual Router Redundancy Protocol (VRRP) VRRP overview In many networks, edge devices are often configured to send packets to a statically configured default router. If this router becomes unavailable, the devices that use it as their first-hop router become isolated from the network. Virtual Router Redundancy Protocol (VRRP) uses dynamic failover to ensure the availability of an end node's default router.
Page 316 The VLAN interface must be IP enabled for IPv4, and IPv6 enabled for IPv6. Example: To create VR 1 in VLAN 10 and enter the VR context, execute the following command: Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 317 switch(vlan-10)# vrrp vrid 1 switch(vlan-10-vrid-1)# Selecting a Version of VRRP The version command is configured in the IPv4 VR context. IPv4 virtual routers support VRRPv2 and VRRPv3. IPv6 virtual routers support only VRRPv3. The default is version 2. The show running-config command will display the version only when it is set at the non-default value of version 3 for IPv4.
Page 318 An owner is automatically assigned the highest priority, 255, which cannot be changed unless the owner status is reconfigured to backup. Default: 100; Range: 1 - 254, where 1 is the lowest precedence Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 319 Changing VR advertisement interval and source IP address Syntax: vrrp vrid vrid-numadvertise-interval 1-40 vrrp ipv6 vrid vrid-num advertise-interval 1-40 • When a VRRP router is operating as master, this value specifies the interval at which the router sends an advertisement notifying the other VRRP routers on the network or subnet that a master is active. •...
Page 320 10-12, Trk1 Configuring track VLAN NOTE: The VR's operating VLAN cannot be configured as a tracking VLAN for that VR. Syntax: [no] track vlan <vlan-id>range Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 321 Allows you to specify a VLAN or range of VLANs that will be tracked by this virtual router. If the VLAN is down, or if the VLAN or IP address has been deleted, the virtual router switches to the router specified by the priority value. The command is executed in VRID instance context.
Page 322 VIP when the backup VR is acting as master. Default: Response to virtual IP ping is disabled. Enabling the response to ping requests router1# config router1(config)# ip routing router1Router1(config)# router vrrp router1(config)# router vrrp virtual-ip-ping Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 323 Controlling ping responses Syntax: [no] virtual-ip-ping enabled Enables or disables the response to a ping request to a specific VR. The command applies to all VIPs on the VR. Must be executed in VRRP context (vlan vid vrrp vrid vrid ) NOTE: The VR should be configured as a backup.
Page 324 Display VRRP configuration information using the show vrrp config command. Example VRRP IPv4 configuration display showing VIP ping status switch# show vrrp config VRRP Global Configuration Information VRRP Enabled : Yes Traps Enabled : Yes Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 325 Virtual Routers Respond To Ping Requests : Yes VRRP Nonstop Enabled : No VRRP Virtual Router Configuration Information VLAN ID Virtual Router ID : 1 Administrative Status [Disabled] : Enabled Mode [Uninitialized] : backup Priority [100] : 150 Advertisement Interval [1] Preempt Mode [True] : True Preempt Delay Time [0] : 0 Respond To Virtual IP Ping Requests [Yes]...
Page 326: Table Of Contents
When virtual-ip-ping is enabled, the ping packets to the VIP are responded to with ping replies. switch(config)# show ip route Destination Gateway VLAN Type Sub-Type Metric Dist. ------------------ --------------- ---- --------- ---------- ---------- ----- 10.0.0.0/16 DEFAULT_VLAN connected 10.0.202.87/32 reject static Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 327: Reject
127.0.0.0/8 reject static 127.0.0.1/32 connected Operational notes • Jumbo frames are supported if they have been enabled for that VLAN. The VIP responds to ping requests if they are not fragmented and are not larger than the MTU. • Fragmented packets are not supported. All fragmented packets sent to a VIP are dropped and no response or error is sent.
Page 328 Respond To Virtual IP Ping Requests [Yes] : Yes Version [2] : 2 Null authentication compatibility [False] : False Primary IP Address : Lowest IP Address --------------- 10.10.20.100 Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 329: Enabled : Owner
Example VRRP IPv6 Configuration Listing switch# show vrrp ipv6 config VRRP Global Configuration Information VRRP Enabled : Yes Traps Enabled : Yes Virtual Routers Respond To Ping Requests : No VRRP Nonstop Enabled : No VRRP Virtual Router Configuration Information VLAN ID : 10 Virtual Router ID...
Page 330 Checksum Error Pkts Rx: VRRP packets received with a bad checksum • Bad Version Pkts Rx: VRRP advertisement packets received with a version number other than 2 or 3. • Virtual Routes Respond to Ping Requests [Yes/No] Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 331 Example Global VRRP statistics output The output is the same for IPv4 and IPv6. switch(config)# show vrrp statistics global VRRP Global Statistics Information VRRP Enabled : Yes Invalid VRID Pkts Rx Checksum Error Pkts Rx : 0 Bad Version Pkts Rx Virtual Routers Respond to Ping Requests : No Viewing statistics for all VRRP instances on the router Syntax:...
Page 332 Virtual Routers Respond to Ping Requests : No VRRP Virtual Router Statistics Information Vlan ID : 10 Virtual Router ID Protocol Version State : Master Up Time : 31 mins Virtual MAC Address : 00005e-000101 Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 333 Master's IP Address : 10.10.10.2 Associated IP Addr Count : 1 Near Failovers Advertise Pkts Rx : 1213 Become Master Zero Priority Rx Zero Priority Tx Bad Length Pkts Bad Type Pkts Mismatched Interval Pkts : 0 Mismatched Addr List Pkts : 0 Mismatched IP TTL Pkts Mismatched Auth Type Pkts : 0 Output for show vrrp ipv6 statistics command includes global and IPv6 VR statistics...
Page 334 The show vrrp or show vrrp ipv6 statistics command displays this statistic. Example Output The show vrrp command with statistics Near Failovers statistic displayed is shown in bold below. Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 335 switch(config)# show vrrp VRRP Global Statistics Information VRRP Enabled : Yes Invalid VRID Pkts Rx Checksum Error Pkts Rx : 0 Bad Version Pkts Rx Virtual Routers Respond to Ping Requests : No VRRP Virtual Router Statistics Information Vlan ID : 22 Virtual Router ID Protocol Version...
Page 336 The same MAC and VIPs are included in the VRRP configuration for the owner and all backup routers belonging to the same VR and are used as the source addresses for all traffic forwarded by the VR. Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 337 The following example shows a VR on VLAN 100 supported by Router 1 (R1) and Router 2 (R2.) Figure 55: Example of using VRRP to provide redundant network access VR parameter Router 1 VR Router 2 VR Operation configuration configuration VRID (Virtual Router ID) All routers in the same VR have the same VRID.
Page 338 A VR instance consists of one owner router and one or more backup routers belonging to the same network. Any VR instance exists within a specific VLAN, and all members of a given VR must belong to the same subnet. In a Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 339 multinetted VLAN, multiple VRs can be configured. The owner operates as the VR's master unless it becomes unavailable, in which case the highest-priority backup becomes the VR's master. A VR includes the following: • VR identification (VRID) configured on all VRRP routers in the same network or, in the case of a multinetted VLAN, on all routers in the same subnet .
Page 340 00-00-5E-00-01- VRid For example, the virtual router MAC address for the VR in Figure 55: Example of using VRRP to provide redundant network access on page 337 is 00-00-5E-00-01-01. Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 341 VRRP and ARP for IPv4 The master for a given VR responds to ARP requests for the VIPs with the VR's assigned MAC address. The virtual MAC address is also used as the source MAC address for the periodic advertisements sent by the current master.
Page 342 The VRRP backup router can respond to ping requests when the virtual-ip-ping feature is enabled. For more information, see Pinging the virtual IP of a backup router on page 346. Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 343 Steps for provisioning VRRP operation Basic configuration process This process assumes the following for VRRP operation: • VLANs on the selected routers are already configured and IP-enabled. • IP routing (IPv4) or IPv6 unicast-routing (IPv6) is enabled. • The network topology allows multiple paths for routed traffic between edge devices. Procedure 1.
Page 344 Priority [100] :255 Advertisement Interval [1] : 1 Preempt Mode [True] : True Preempt Delay time [0] : 0 Respond to Virtual IP Ping Requests [Yes] : Yes Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 345 Version [2] : 2 Null authentication compatibility [False] : False Primary IP Address : Lowest IP Address ---------------- 10.10.10.1 VRRP configuration for Router 2 (R2) in Example of a basic VRRP configuration switch(config)# router vrrp switch(config)# vlan 10 switch(vlan-10)# vrrp vrid 1 switch(vlan-10-vrid-1)# backup switch(vlan-10-vrid-1)# virtual-ip-address 10.10.10.1 switch(vlan-10-vrid-1)# enable...
Page 346 VIP. This makes it possible to test the availability of the default gateway with ping. A non-owner VR that is not master drops all packets to the VIP. Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 347 NOTE: This feature is not a part of RFC 3768. Enabling this feature results in non-compliance with RFC 3768 rules. Using the Pre-empt Delay Timer (PDT) To maintain availability of the default gateway router, the VRRP advertises a "virtual" router to the hosts. At least two other physical routers are configured to be virtual routers, but only one router provides the default router functionality at any given time.
Page 348 Once the router has rebooted and is in steady state VRRP operation, the PDT is not applicable if: • The VRRP VLAN goes down and comes back up. • The VR is disabled and re-enabled. • VRRP is globally disabled and then re-enabled. Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 349 Standards compliance VRRP on the switches includes the following: • Complies with RFC 3768 VRRP version 2. • Complies with RFC 5798 version 3 with two exceptions—advertisement intervals below one second are not supported, and accept mode is not supported (only ping application for virtual-ip-ping). •...
Page 350 Vlan ID : 21 Virtual Router ID : 21 Protocol Version State : Master Up Time : 27 hours Virtual MAC Address : 00005e-000115 Master's IP Address : 21.0.0.2 Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 351 Associated IP Addr Count : 1 Near Failovers Advertise Pkts Rx Become Master Zero Priority Rx Zero Priority Tx Bad Length Pkts Bad Type Pkts Mismatched Interval Pkts : 0 Mismatched Addr List Pkts : 0 Mismatched IP TTL Pkts Mismatched Auth Type Pkts : 0 BFD Administrative Status : Disabled...
Page 352 Preempt Mode [True] : True Preempt Delay Time [0] : 0 Respond To Virtual IP Ping Requests [Yes] : Yes Version [2] : 3 Null authentication compatibility [False] : False Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 353 IPv6 Address --------------- fe80::a21d:48ff:fe8f:a800 show vrrp ipv6 statistics Syntax show vrrp ipv6 statistics Description Displays VRRP virtual router statistics information. Example switch#show vrrp ipv6 statistics VRRP Global Statistics Information VRRP Enabled : Yes Invalid VRID Pkts Rx Checksum Error Pkts Rx : 0 Bad Version Pkts Rx VRRP Virtual Router Statistics Information Vlan ID...
Page 354 Vlan : 3503 VRID : 198 Up Time : 19 days Owner : Backup : True Master Addr : fe80::e207:1bff:fec2:b543 State : Backup Virtual Addr : aacc:3::55 fe80::3 Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 355 Error messages—Track interface Message Description Invalid input: out of range value You have to assign a valid port or trunk to the VR instance. Can't track a port that is part of a trunk You cannot configure tracking on a port that is a member of a trunk.
Page 356 When a BGP speaker peers with a BGP speaker that resides in a different autonomous system, the session is referred to as an eBGP session. Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 357 Configuring BGP globally Table 34: Global BGP configuration commands Command syntax Description Default CLI reference router bgp as-# Configuring a BGP Configures a BGP routing Not enabled. routing process on page process. no router bgp Configuring a fixed Configures a fixed router router ID for local BGP bgp router-id ID for the local Border...
Page 358 Re-enables the state contained within this node and all child nodes of the Border Gateway Protocol (BGP) process. The disable command disables the state contained within this node and all child nodes. The default is for the state to be disabled. Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 359 Configuring BGP policy globally Table 35: Global BGP policy configuration commands Command syntax Description Default CLI reference Delaying sending the Delays sending the BGP BGP open message on [no] bgp open-on- Open message until an page 361 accept OPEN message is received.
Page 360 The cluster ID default is when BGP router is [no] bgp cluster- be used when the BGP the router ID. route-reflector on page id ip-address router is used as a routereflector. Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 361 Delaying sending the BGP open message Syntax: [no] bgp open-on-accept Delays sending the BGP Open message until an OPEN message is received. When this command is specified, an OPEN message will be immediately sent when the TCP connection has completed for configured peers. If the peer is not configured (is matched by an allow clause, but not a peer command), it will continue to wait for the OPEN message from the remote peer before sending its own BGP OPEN message.
Page 362 When a route has been learned from more than one protocol, the active route will be selected from the protocol with the lowest preference. Each protocol has a default preference in this selection. This preference can be overridden by a preference value specified on the peer. Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 363 Enabling client-to-client route reflection Syntax: [no] bgp client-to-client-reflection Enables or disables client-to-client route reflection. When acting as a route-reflector, this functionality is enabled by default. Specifying cluster ID when BGP router is route-reflector Syntax: [no] bgp cluster-id ip-address Specifies the cluster ID to be used when the BGP router is used as a route-reflector. The cluster ID default is the router ID.
Page 364 AS with one [no] neighbor ipv4- our peer’s AS to be from an export on page addr as-override replaced with one from an export. Table Continued Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 365 Command syntax Description Default CLI reference Allowing BGP to keep Some routers are capable By default, BGP will drop routes without AS [no] neighbor ipv4- of propagating routes such routes. number on page 368 addr ignore- without appending their leading-as own autonomous system number to the AS Path.
Page 366 Open message sent to the peer. Adding an entry to the BGP neighbor table in router configuration mode Syntax: neighbor ipv4-addr remote-as as-# no neighbor ipv4-addr Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 367 Adds an entry to the BGP neighbor table in router configuration mode. To remove an entry from the table, use the no form of this command. Specifying a neighbor with an autonomous system number that matches the autonomous system number specified in the router bgp global configuration command identifies the neighbor as internal to the local autonomous system.
Page 368 Preferences are the first criteria of comparison for route selection. This value defaults to the globally configured preference if it is not specified. Sending a community's attribute to a BGP neighbor Syntax: [no] neighbor ipv4-addr send-community Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 369 To specify that a community’s attribute should be sent to a BGP neighbor, use the neighbor send-community command in address family or router configuration mode. To remove the entry, use the no form of this command. By default the communities attribute is sent to all peers. Processing sent and received MEDs Syntax: [no] neighbor ipv4-addr use-med...
Page 370 Enabling or disabling advertisement of route-refresh capability in open message Syntax: [no] neighbor ipv4-addr route-refresh Enables or disables the advertisement of route-refresh capability in the Open message sent to the peer. Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 371 Synchronizing BGP-IGP Table 38: BGP-IGP synchronization commands Command syntax Description CLI reference Specifying routes to export into Specifies routes to export into BGP. BGP on page 371 [no] redistribute This command causes routes from protocol [route-map route- the specified protocol to be map-name] considered for redistribution into BGP.
Page 372 Update message has passed. When a route is advertised from the local AS to another AS, each passed AS number is added into the AS_PATH attribute, allowing the receiver to determine the Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 373 ASs for routing back the message. The number of the AS closest to the receiver’s AS is leftmost, as shown in the following figure. Figure 58: AS_PATH attribute Usually a BGP router does not receive routes containing the local AS number to avoid routing loops. NOTE: The current implementation supports using the neighbor allow-as-loop command to receive routes containing the local AS number.
Page 374 In general, BGP compares MEDs of routes received from the same AS only. NOTE: The current implementation supports using the always-compare-med command to force BGP to compare MED values of routes received from different ASs. LOCAL_PREF Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 375 The LOCAL_PREF attribute is exchanged between iBGP peers only, and therefore is not advertised to any other AS. It indicates the priority of a BGP router. LOCAL_PREF is used to determine the best route for traffic leaving the local AS. When a BGP router obtains from several iBGP peers multiple routes to the same destination but with different next hops, it considers the route with the highest LOCAL_PREF value as the best route.
Page 376 BGP has no route computation algorithm, so it cannot implement load sharing according to metrics of routes. However, BGP has abundant route selection rules, through which it selects available routes for load sharing and adds load sharing to route selection rules. Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 377 NOTE: • BGP implements load sharing only on routes that have the same WEIGHT, LOCAL_PREF, ORIGIN, AS_PATH, MED and IGP COST. • BGP load sharing is applicable between eBGP peers and between iBGP peers. • If multiple routes to the same destination are available, BGP selects the configured number of routes for load sharing.
Page 378 OPEN message with GR Capability to the GR Restarter to establish a GR session. If neither party has the GR capability, the session established between them will not be GR capable. Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 379 3. The GR session between the GR Restarter and its peer goes down when the GR Restarter restarts BGP. The GR capable peer will mark all routes associated with the GR Restarter as stale. However, during the configured GR Time, it still uses these routes for packet forwarding. 4.
Page 380 Therefore, it is recommended to use a loopback interface as the source interface to enhance stability of BGP connections. Follow these steps to specify the source interface of TCP connections: Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 381 To do... Use the command... Remarks configuration Enter global configuration context bgp as-number Enter BGP context neighbor {ip-address} Specify the source interface for Required. By default, BGP uses the update-source {ip-address} establishing TCP connections to a outbound interface of the best route neighbor.
Page 382 Before configuring this task, you should have configured BGP basic functions. Configuration procedure You can configure BGP route attributes to influence BGP route selection. Follow these steps to configure BGP route attributes. Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 383 To do... Use the command... Remarks configuration Enter global configuration context bgp as-number Enter BGP context preference {external- Configure preferences for external, Optional. The default preferences of preference internal- internal, local routes external, internal, and local routes preference local- are 20, 200, and 200 respectively. preference} neighbor {ip-address} Configure weight to be assigned to...
Page 384 {ip-address} Configure the keepalive interval and Optional. By default, the keepalive timers {keepalive-time} holdtime for a peer interval is 60 seconds, and holdtime {hold-time} is 180 seconds. Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 385 CAUTION: • The maximum keepalive interval should be one third of the holdtime and no less than 1 second. The holdtime is no less than 3 seconds unless it is set to 0. • Intervals set with the neighbor timers command are preferred to those set with the timers command.
Page 386 The maximum time allowed for the peer (the GR restarter) to reestablish a BGP session should be less than the Holdtime carried in the OPEN message. The End-Of-RIB (End of Routing-Information-Base) indicates the end of route updates. Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 387 Displaying information about BGP configuration Displaying BGP information To do... Use the command... Remarks show ip bgp Display information about BGP Available in any view routes installed in the BGP routing information base (RIB) show ip bgp ipv4-addr/ Display specific information about masklen the route and the BGP path attributes of the route...
Page 388 BGP connections. c. Enable OSPF in AS 65009 to ensure that Switch B can communicate with Switch C through loopback interfaces. Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 389 # Configure Switch B switch(config)# router bgp 65009 switch(bgp)# bgp router-id 2.2.2.2 switch(bgp)# neighbor 3.3.3.3 remote-as 65009 switch(bgp)# exit switch(config)# router ospf switch(ospf)# enable switch(ospf)# area 0 switch(ospf)# network 2.2.2.2/32 switch(ospf)# network 9.1.1.1/24 switch(ospf)# exit switch(config)# vlan 300 switch(vlan-300)# ip ospf # Configure Switch C switch(config)# router bgp 65009 switch(bgp)# bgp router-id 3.3.3.3...
Page 390 Status codes: * - valid, > - best, i - internal, e - external, s - stale Origin codes: i - IGP, e - EGP, ? - incomplete Network Nexthop Metric LocalPref Weight AsPath Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 391 --------------------------------------------------------- *>i 8.1.1.0/24 65008i NOTE: From the above outputs, you see that Switch A has not learned a route to AS 65009, and Switch C has learned network 8.1.1.0 but the next hop 3.1.1.2 is unreachable, so the route is invalid. 14.
Page 392 20 switch(bgp)# bgp router-id 2.2.2.2 switch(bgp)# neighbor 200.1.2.1 remote-as 10 switch(bgp)# neighbor 200.1.3.2 remote-as 30 switch(bgp)# exit # Configure Switch C. switch(config)# bgp 30 switch(bgp)# bgp router-id 3.3.3.3 Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 393 switch(bgp)# neighbor 200.1.3.1 remote-as 20 switch(bgp)# exit # Display the BGP routing table on Switch B. switch(config)# show ip bgp 9.1.1.0 Local AS : 20 Local Router-id : 2.2.2.2 BGP Table Version Network : 9.1.1.0/24 Nexthop : 200.1.2.1 Peer : 200.1.2.1 Origin : igp Metric : 0...
Page 394 # Configure Switch A. switch(config)# router bgp 100 switch(bgp)# bgp router-id 1.1.1.1 switch(bgp)# neighbor 192.1.1.2 remote-as 200 # Add network 1.0.0.0/8 to the BGP routing table. switch(bgp)# network 1.0.0.0 switch(bgp)# exit Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 395 # Configure Switch B. switch(config)# router bgp 200 switch(bgp)# bgp router-id 2.2.2.2 switch(bgp)# neighbor 192.1.1.1 remote-as 100 switch(bgp)# neighbor 193.1.1.1 remote-as 200 switch(bgp)# neighbor 193.1.1.1 next-hop-self switch(bgp)# exit # Configure Switch C. switch(config)# router bgp 200 switch(bgp)# bgp router-id 3.3.3.3 switch(bgp)# neighbor 193.1.1.2 remote-as 200 switch(bgp)# neighbor 194.1.1.2 remote-as 200 switch(bgp)# exit...
Page 396 IP address Switch A Vlan101 1.0.0.0/8 Switch D Vlan400 195.1.1.1/24 Vlan100 192.1.1.1/24 Vlan300 194.1.1.1/24 Vlan200 193.1.1.1/24 Switch C Vlan400 195.1.1.2/24 Switch B Vlan100 192.1.1.2/24 Vlan200 193.1.1.2/24 Vlan300 194.1.1.2/24 Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 397 Configuration procedure Procedure Configure IP addresses for interfaces (omitted.) Configure OSPF on Switch B, C, and D. # Configure Switch B. switch(config)# router ospf switch(ospf)# area 0 switch(ospf)# network 192.1.1.0/ 0.0.0.255 switch(ospf)# network 194.1.1.0/ 0.0.0.255 switch(ospf)# exit # Configure Switch C. switch(config)# router ospf switch(ospf)# enable switch(ospf)# area 0...
Page 398 Status codes: * - valid, > - best, i - internal, e - external, s - stale Origin codes: i - IGP, e - EGP, ? - incomplete Network Nexthop Metric LocalPref Weight AsPath ------------------------------------------------------- *>e 1.0.0.0/24 194.1.1.2 100i Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 399 *>e 1.0.0.0/24 195.1.1.2 100i 18. You can ensure that route 1.0.0.0/8 is the optimal route. Configure different local preferences on Switch B and C for route 1.0.0.0/ 8, making Switch D give priority to the route from Switch C. 19. # Define an ip prefix-list on Router C, permitting route 1.0.0.0/8. switch(config)# ip prefix-list pl_1 permit 1.0.0.0/8 20.
Page 400 10. # Configure BGP GR restart-time and stalepath-timeout (Optional.) switch(bgp)# bgp graceful-restart restart-time 120 stalepath-time 360 switch(bgp)# bgp router-id 2.2.2.2 switch(bgp)# neighbor 200.1.1.2 remote-as 65008 11. # Configure the iBGP connection. Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 401 switch(bgp)# neighbor 9.1.1.2 remote-as 65009 12. # Configure BGP to redistribute direct routes. switch(bgp)# redistribute connected 13. # Enable GR capability for BGP Peers. switch(bgp)# neighbor 200.1.1.2 graceful-restart switch(bgp)# neighbor 9.1.1.2 graceful-restart 14. # Configure BGP for non-stop forwarding switch(bgp)# non-stop 15.
Page 402 Displays detailed information on the route if the route’s aspath information matches the supplied regular expression. This will filter both on the prefix/len and the regular expression. Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 403 switch(bgp)# show ip bgp 11.0.0.0/8 regexp 20 Local AS : 100 Local Router-id Network : 11.0.0.0/8 Nexthop : 10.0.102.40 Peer : 10.0.102.40 Origin : incomplete Metric Local Pref Weight Calc. Local Pref: 100 Best : No Valid : Yes Type : external Stale No AS-Path...
Page 404 Displays the routes whose community information matches exactly the supplied community numbers and also whose AS_PATH information matches the supplied regular expression. Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 405 switch(bgp)# show ip bgp community 200:20 100:50 exact regexp “2” Local AS : 100 Local Router-id : 10.0.102.138 Status codes: * - valid, > - best, i - internal, e - external, s - stale Origin codes: i - IGP, e - EGP, ? - incomplete Network Nexthop Metric...
Page 406 Inbound ------------------------------ --------- -------- Routemap Bad lead AS Exceeded Max-prefix Exceeded Allow-as in Total --------- -------- Number of NLRIs in the update sent Synopsis: show ip bgp as-path Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 407 Displays the list of AS_PATHs that BGP has learned from the routing information it has received. switch# show ip bgp as-path BGP AS-Path Information AS Path Metric RefCount ----------------------------------------- ---------- ----- 200 i 300 ? Synopsis: show ip bgp redistribute Displays the list of protocols whose routes are being redistributed into BGP.
Page 408 BGP communities. Devices at location B require AS path filtering. All locations within the BGP AS require the remaining “Foundation” features (Route Reflection, Refresh, Multihop, and so forth) Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 409 Additional Autonomous Systems may be configured within a network, resembling the Enterprise core module as shown in the diagram. With larger Enterprise customers, it is likely that an AS that is directly adjacent to IGP campus modules will be the location for foundation BGP solutions. See Figure 69: Multiple internal AS deployments with Campus iBGP solution on page 409.
Page 410 Troubleshooting BGP Debug log messages 1. Logs per-peer BGP State Transitions. 2. Logs per-peer arrivals of a new BGP update. Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 411 3. Logs per-peer Time-outs (Hold-time, Graceful Restart Timeout.) 4. Logs Memory problems in case buffer-allocations fail. No BGP peer relationship established Symptom Display BGP peer information using the show ip bgp neighbor command. A connection to a peer has not been established.
Page 412 Update the minimum echo receive interval of the BFD session. authentication Configure authentication mode and key for all BFD sessions under the current VLAN. Syntax bfd min-transmit-interval TXSECONDS min-receive-interval RXSECONDS detect-multiplierMULTIPLIER Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 413 Description Update BFD timer intervals for all the sessions under the current VLAN. Options min-transmit-interval Update the minimum transmit interval of the BFD session. min-receive-interval Update the minimum receive interval of the BFD session. detect-multiplier Update the detect multiplier count of the BFD session. txseconds The time interval, in the range 1 to 20 seconds, between the transmission of two BFD hello packets.
Page 414 0 indicates that the local end is not interested in receiving echo packets from the peer. Echo intervals configuration ; J9850A Configuration Editor; Created on release #KB.16.02.0000x Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 415 ; Ver #0b:fc.59.f4.7b.ff.ff.fc.ff.ff.3f.ef:0d hostname "switch-name" module A type j9989a module C type j9550a module F type j9987a snmp-server community "public" unrestricted oobm ip address dhcp-bootp exit vlan 1 name "DEFAULT_VLAN" untagged A2-A24,C1-C24,F1-F24 ip address dhcp-bootp exit ip routing router ospf area 0.0.0.2 area 0.0.0.3 area backbone...
Page 416 10 min-receive-interval 10 detect-multiplier 3 bfd min-echo-receive-interval 700 ip address 100.100.100.100 255.255.255.0 ip ospf 100.100.100.100 area backbone ip ospf 100.100.100.100 bfd exit Show BFD-session switch# show bfd-session 1 Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 417 BFD Session Information – Session 1 Min Tx Interval (sec) : 10 Min Rx Interval (sec) : 10 Min Echo Rx Interval (msec) : 700 Detect Multiplier Authentication Mode : NONE Password : "" Application : OSPF Local Discriminator Remote Discriminator Echo : Enabled Local Diagnostic...
Page 418 This command allows to specify authentication mode and key to be shared with BFD peer for all sessions under VLAN context. Syntax bfd authentication keyed-sha1 | meticulous-Keyed-sha1 KEY-ID key simple | encrypted password no bfd authentication keyed-sha1 | meticulous-Keyed-sha1 KEY-ID key simple | encrypted password Description Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 419 Configure authentication mode and key for all BFD sessions under the current VLAN. Options Configure Bidirectional Forwarding Detection (BFD) for the VLAN. authentication Configure authentication mode and key for all BFD sessions under the current VLAN. Keyed-sha1 Use authentication mode SHA-1. Meticulous keyed-sha1 Use authentication mode meticulous SHA-1.
Page 420 With Include and Encrypt credentials: ; J9850A Configuration Editor; Created on release #KB.16.02.0000x ; Ver #0b:fc.59.f4.7b.ff.ff.fc.ff.ff.3f.ef:0d hostname "switch-name" module A type j9989a module C type j9550a module F type j9987a encrypt-credentials include-credentials Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 421 snmp-server community "public" unrestricted oobm ip address dhcp-bootp exit vlan 1 name "DEFAULT_VLAN" untagged A2-A24,C1-C24,F1-F24 ip address dhcp-bootp exit ip routing router ospf area 0.0.0.2 area 0.0.0.3 area backbone enable exit bfd enable bfd echo-src-ip-address 2.2.2.2 vlan 20 untagged A1 bfd min-transmit-interval 10 min-receive-interval 10 detect-multiplier 3 bfd min-echo-receive-interval 700...
Page 422 The encrypted password in the config will be decrypted and encrypted form. used to update the protocol data structures. • Include credentials: Enabled BFD authentication password stored as encrypted. • Encrypt credentials: Enabled Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 423 BFD static routing NOTE: BFD static routing is available only on switches running KB software. BFD over IPv6 static routes is not supported. Bidirectional Forwarding Detection (BFD) provides short-duration detection of failures in the path between adjacent forwarding devices. You can now associate BFD with static routes to monitor the reachability of the next- hop gateway.
Page 424 BFD session results in a complete removal of the static route from the RIB until the BFD authentication mismatch is resolved. If a mismatch exists before the session is established, the session remains DOWN. The Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 425 route is undisturbed. BFD can take action only if the session is UP and then transitions to DOWN or vice- versa. Usage There are two distinct ways to configure the static route. BFD configuration is allowed on each type of static route configuration: •...
Page 426 10 name "VLAN10" untagged A1 bfd min-echo-receive-interval 700 ip address 172.16.4.2 255.255.255.0 exit no allow-v2-modules Switch(config)# show bfd Bidirectional Forwarding Detection (BFD) Information Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 427 Administrative Status : Enabled Echo Source IP : 3.3.3.3 Maximum number of sessions supported : 128 Number of sessions reserved for internal use : 0 Total Number of Sessions : 1 Number of Sessions Up Number of Sessions Down Global Statistics: Total Number of Control Packets Transmitted : 9138 Total Number of Control Packets Received...
Page 428 3.3.3.3 vlan 1 name "DEFAULT_VLAN" no untagged A1 untagged A2-A24 ip address dhcp-bootp exit vlan 10 name "VLAN10" untagged A1 ip address 172.16.4.2 255.255.255.0 bfd min-echo-receive-interval 700 Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 429 exit no allow-v2-modules Switch(config)# show bfd-session Bidirectional Forwarding Detection (BFD) Information Administrative Status : Enabled Echo Source IP : 3.3.3.3 Maximum number of sessions supported : 128 Number of sessions reserved for internal use : 0 Total Number of Sessions : 1 Number of Sessions Up Number of Sessions Down Global Statistics:...
Page 430 A type j9989a ip route 0.0.0.0 0.0.0.0 172.16.4.1 bfd source-ip 172.16.4.2 ip routing snmp-server community "public" unrestricted oobm ip address dhcp-bootp exit router ospf area backbone enable exit bfd enable Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 431 bfd echo-src-ip-address 3.3.3.3 vlan 1 name "DEFAULT_VLAN" no untagged A1 untagged A2-A24 ip address dhcp-bootp exit vlan 10 name "VLAN10" untagged A1 bfd min-echo-receive-interval 700 ip address 172.16.4.2 255.255.255.0 ip ospf 172.16.4.2 area backbone ip ospf 172.16.4.2 bfd exit no allow-v2-modules Switch(config)# show bfd Bidirectional Forwarding Detection (BFD) Information Administrative Status : Enabled...
Page 432 Maximum number of sessions supported : 128 Number of sessions reserved for internal use : 0 Total Number of Sessions : 1 Number of Sessions Up Number of Sessions Down Global Statistics: Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 433 Total Number of Control Packets Transmitted : 158 Total Number of Control Packets Received : 153 Total Number of Control Packets Dropped : 203 Session VLAN Source IP Destination IP Echo State Application -------- ------ ---------------- ---------------- ---------- ----------- ----------- 172.16.4.1 172.16.4.2 Enabled...
Page 434 State Application -------- ------ ---------------- ---------------- ---------- ----------- ----------- 172.16.4.1 172.16.4.2 Enabled STATIC Switch(config)# Switch(config)# Switch(config)# show bfd-session 1 BFD Session Information Min Tx (sec) Min Rx (sec) Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 435 Min Echo Rx (msec) : 500 Detect Multiplier Auth Mode : NONE Password : "" Application ID : STATIC Local Discriminator Remote Discriminator Echo : Enabled Local Diag : No diagnostics configured. VLAN Source IP Destination IP State Pkt In Pkt Drop Pkt Out -------- ---------------- ---------------- ----------- -------- -------- -------- 172.16.4.1...
Page 436 "public" unrestricted oobm ip address dhcp-bootp exit bfd enable bfd echo-src-ip-address 2.2.2.2 vlan 1 name "DEFAULT_VLAN" untagged A1-A24,F1-F24 ip address dhcp-bootp exit no allow-v2-modules Show BFD-session Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 437 switch# show bfd-session Bidirectional Forwarding Detection (BFD) Information Admin Status : Enabled Echo source IP : 2.2.2.2 Session VLAN Source IP Destination IP Echo State application ------ ------ ---------- --------------- ----- ---- ----------- switch# switch# show bfd-session 1 BFD Session Information BFD session 1 not found Enable BFD session Syntax...
Page 438 Display BFD state machine events. Clear BFD statistics This command helps to reset the specified BFD counter. Syntax clear statistics bfd SESS-ID Description Reset Bidirectional Forwarding Detection (BFD) statistics. Options Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 439 Reset Bidirectional Forwarding Detection (BFD) statistics. SESS-ID The id of the session whose statistics should be cleared. Clear BFD statistics: Before clearing statistics switch# sh bfd Bidirectional Forwarding Detection (BFD) Information Admin Status : Enabled Echo source IP : 2.2.2.2 Global Statistics: Total Number of Control Packets Transmitted : 13...
Page 440 Echo source IP : 2.2.2.2 Global Statistics: Total Number of Control Packets Transmitted : 42 Total Number of Control Packets Received : 42 Total Number of Control Packets Dropped Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 441 Session VLAN Source IP Destination IP Echo State Application ------- ---- --------------- --------------- -------- ---------- ----------- 100.100.100.100 100.100.100.101 Disabled Up OSPF Show the details of a particular BFD session This command displays the details of a particular BFD session on the switch. User can obtain VLAN to session ID mapping through show BFD session command.
Page 442 VRRP packet loss. WARNING: Do not clear IP host table using the clear arp command on a system with active BFD sessions, because this can lead to BFD sessions flapping. Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 443 Chapter 19 Websites Networking Websites Hewlett Packard Enterprise Networking Information Library www.hpe.com/networking/resourcefinder Hewlett Packard Enterprise Networking Software www.hpe.com/networking/software Hewlett Packard Enterprise Networking website www.hpe.com/info/networking Hewlett Packard Enterprise My Networking website www.hpe.com/networking/support Hewlett Packard Enterprise My Networking Portal www.hpe.com/networking/mynetworking Hewlett Packard Enterprise Networking Warranty www.hpe.com/networking/warranty...
Page 444 To view and update your entitlements, and to link your contracts and warranties with your profile, go to the Hewlett Packard Enterprise Support Center More Information on Access to Support Materials page: www.hpe.com/support/AccessToSupportMaterials Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 445 IMPORTANT: Access to some updates might require product entitlement when accessed through the Hewlett Packard Enterprise Support Center. You must have an HPE Passport set up with relevant entitlements. Customer self repair Hewlett Packard Enterprise customer self repair (CSR) programs allow you to repair your product. If a CSR part needs to be replaced, it will be shipped directly to you so that you can install it at your convenience.
Page 446 Documentation Feedback (docsfeedback@hpe.com). When submitting your feedback, include the document title, part number, edition, and publication date located on the front cover of the document. For online help content, include the product name, product version, help edition, and publication date located on the legal notices page.
Page 447 Appendix A Apple’s Bonjour and Google’s Chromecast Apple’s Bonjour and Google’s Chromecast Overview of Apple's Bonjour and Google's Chromecast The Aruba mDNS Gateway and Google Chromecast solution adds support for Apple’s Bonjour and Google’s Chromecast discovery from a switch. The solution uses mDNS protocol for discovery and is responsible for handling mDNS packets.
Page 448 Specific Filter — Switch 1 – VLAN 3 – Deny –outbound – service type – wireless printer. • Specific Filter — Switch 1 – VLAN 2 – Permit – inbound – instance name – Host 2. Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 449 Wireless printer service process Process overview of service for a wireless printer: Procedure Wireless Printer 1 sends an mDNS response advertising printer services in Switch 1 on VLAN 1. Switch 1 has no inbound filter in VLAN 1. The global filter set to permit all. Switch 1 checks the outbound filter in VLAN 1.
Page 450 1. iPhone 1 sends an mDNS query for printers in switch 1 on VLAN 1. 2. Switch 1 checks the inbound filter in VLAN 1. As there is no specific filters, it receives the query. Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 451 3. Switch 1 checks the outbound filter in VLAN 1. As there is no specific filter therefore it flood the packet in VLAN 1 (except the source port.) 4. Switch 1 checks the reflection status. The reflection is enabled on VLAN 2 and 3. 5.
Page 452 Sets rules for each mDNS profile. You can configure specific rule to permit or deny the mDNS packet. Command context config. This command is supported in the mDNS profile context. Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 453 Parameters rule Create or delete a rule for mDNS profile. instance Instance name of the client. service Service name of the client. action Specify the action for mDNS traffic. permit Permit the packet upon successful match. deny Deny the packet upon successful match. Set the specific mDNS profile for VLAN This command is supported in the mDNS profile context.
Page 454 Display the reflection VLAN list of the mDNS gateway. Options gateway mDNS gateway Example show mDNS gateway mDNS Gateway Configuration Gateway VLAN List: 1-10,12 Show mDNS profile configuration Syntax show mdns profile Description Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...
Page 455 Display mDNS profile configuration information. Options profile mDNS profile information Example mDNS profile configuration Profile Name: Students VLANs : 1-3,25 Rules: Instance Service Action --- ----------------- -------------------- ------ AppleTV Deny MyComputer Permit Profile Name: Professors VLANs : 3-6,10 Rules: Instance Service Action --- ----------------- -------------------- ------...
Page 456 Proposed Display: I 05/22/13 20:39:20 04633 mDNS: mDNS is disabled. RMON_mDNS_PKT_MAX_LIMIT Proposed Display: W 05/22/13 20:49:12 04635 mDNS: mDNS packets are dropped. It has exceeded the maximum limit of %d packets per second. Aruba 3810 / 5400R Multicast and Routing Guide for ArubaOS- Switch 16.08...

This manual is also suitable for:

Aruba 5400r