H3C S5500-EI series Configuration Manual Download Page 41 | Manualshive

Page: 41 / 457

H3C S5500-EI series Configuration Manual Download Page 41

24

Differences from RIPv1:

•

Version–Version of RIP. For RIPv2 the value is 0x02.

•

Route tag

•

IP address—Destination IP address. It can be a natural network address, subnet address, or host
address.

•

Subnet mask—Mask of the destination address. Unlike RIPv1, RIPv2 can carry subnet information.

•

Next hop—If set to 0.0.0.0, it indicates that the originator of the route is the best next hop.
Otherwise, it indicates a next hop better than the originator of the route.

RIPv2 authentication message format

RIPv2 sets the AFI field of the first route entry to 0xFFFF to identify authentication information.

Figure 8

RIPv2 authentication message

•

Authentication Type—A value of 2 represents plain text authentication; a value of 3 represents
MD5.

•

Authentication—Authentication data, including password information when plain text
authentication is adopted or including key ID, MD5 authentication data length and sequence

number when MD5 authentication is adopted.

NOTE:

•

RFC 1723 only defines plain text authentication. For more information about MD5 authentication, see
RFC 2453,

RIP Version 2.

•

With RIPv1, you can configure the authentication mode in interface view; however, the configuration will
not take effect because RIPv1 does not support authentication.

Supported RIP features

The current implementation supports the following RIP features:

•

RIPv1 and RIPv2

•

RIP support for multi-VPN-instance

•

RIP FRR

•

BFD

RIP periodically sends route update requests to neighbors. If no route update response for a route is

received within the specified interval, RIP considers the route unreachable. This mechanism cannot detect
link faults quickly. After BFD is configured for RIP, and BFD detects a broken link, RIP can quickly age out

the unreachable route, thus avoiding interference to other services.

«
...
39
40
41
42
43
...
»

Summary of Contents for S5500-EI series

Page 1: ...H3C S5500 EI S5500 SI Switch Series Layer 3 IP Routing Configuration Guide Hangzhou H3C Technologies Co Ltd http www h3c com Software version Release 2210 Document version 6W100 20110915...

Page 2: ...re Secware Storware NQA VVG V2 G Vn G PSPT XGbus N Bus TiGem InnoVision and HUASAN are trademarks of Hangzhou H3C Technologies Co Ltd All other trademarks that may be mentioned in this manual are the...

Page 3: ...ntions About the S5500 EI S5500 SI documentation set Obtaining documentation Technical support Documentation feedback Audience This documentation is intended for Network planners Field technical suppo...

Page 4: ...n this documentation set Command conventions Convention Description Boldface Bold text represents commands and keywords that you enter literally as shown Italic Italic text represents arguments that y...

Page 5: ...ric network device such as a router switch or firewall Represents a routing capable device such as a router or Layer 3 switch Represents a generic switch such as a Layer 2 or Layer 3 switch or a route...

Page 6: ...es and configuration procedures Command references Provide a quick reference to all available commands Operations and maintenance H3C Series Ethernet Switches Login Password Recovery Manual Helps you...

Page 7: ...Documentation feedback You can e mail your comments about product documentation to info h3c com We appreciate your comments...

Page 8: ...ples 12 Basic static route configuration example 12 Static route FRR configuration example 14 BFD for static routes configuration example direct session 16 BFD for static routes configuration example...

Page 9: ...tion in BFD echo packet mode 48 Configuring BFD for RIP bidirectional detection in BFD control packet mode 51 Troubleshooting RIP 54 No RIP updates received 54 Route oscillation occurred 54 OSPF confi...

Page 10: ...2 Enabling message logging 93 Enabling the advertisement and reception of opaque LSAs 93 Configuring OSPF to give priority to receiving and processing hello packets 93 Configuring the LSU transmit rat...

Page 11: ...e IS IS hello multiplier 153 Configuring a DIS priority for an interface 153 Disabling an interface from sending or receiving IS IS packets 154 Enabling an interface to send small hello packets 154 Co...

Page 12: ...group 210 Configuring BGP route distribution reception filtering policies 210 Enabling BGP and IGP route synchronization 211 Limiting prefixes received from a peer or peer group 212 Configuring BGP ro...

Page 13: ...260 Features of IPv6 static routes 260 Default IPv6 route 260 Configuring an IPv6 static route 260 Configuration prerequisites 260 Configuration procedure 260 Displaying and maintaining IPv6 static r...

Page 14: ...n NBMA or P2MP neighbor 287 Configuring OSPFv3 routing information control 287 Configuration prerequisites 287 Configuring OSPFv3 route summarization 288 Configuring OSPFv3 inbound route filtering 288...

Page 15: ...direct eBGP connection 332 Configuring a description for an IPv6 peer or peer group 332 Disabling session establishment to an IPv6 peer or peer group 332 Logging IPv6 peer or peer group state changes...

Page 16: ...configuration task list 365 Defining filters 365 Prerequisites 365 Defining an IP prefix list 365 Defining an AS path list 366 Defining a community list 366 Defining an extended community list 367 Con...

Page 17: ...MCE and a PE 399 Configuring an MCE 399 Configuring VPN instances 399 Configuring routing on an MCE 401 Configuration prerequisites 402 Configuring routing between MCE and VPN site 402 Configuring rou...

Page 18: ...es the path information that guides the forwarding of packets Routes can be divided into the following categories by destination Network route The destination is a network The subnet mask is less than...

Page 19: ...n the destination address and the network mask yields the address of the destination network For example if the destination address is 129 102 8 10 and the mask 255 255 0 0 the address of the destinat...

Page 20: ...n This chapter focuses on unicast routing protocols For more information about multicast routing protocols see IP Multicast Configuration Guide Routing preference Different routing protocols can find...

Page 21: ...The next hops of some BGP routes except eBGP routes and static routes may not be directly connected The outgoing interface to reach the next hop must be available Route recursion is used to find the o...

Page 22: ...stance name statistics begin exclude include regular expression Available in any view Clear statistics for the routing table reset ip routing table statistics protocol vpn instance vpn instance name p...

Page 23: ...begin exclude include regular expression Available in any view Display IPv6 routing statistics display ipv6 routing table vpn instance vpn instance name statistics begin exclude include regular expre...

Page 24: ...he network administrator can configure a default route with both the destination and mask being 0 0 0 0 The router forwards any packet whose destination address fails to match any entry in the routing...

Page 25: ...ese steps to configure a static route To do Use the command Remarks Enter system view system view ip route static dest address mask mask length next hop address track track entry number interface type...

Page 26: ...A dynamic routing protocol notifies BFD of its neighbor information BFD uses such information to establish sessions with neighbors by sending BFD control packets Static routing has no neighbor discov...

Page 27: ...iew system view Configure the source address of echo packets bfd echo source ip ip address Required Not configured by default ip route static dest address mask mask length interface type interface num...

Page 28: ...ddress of echo packets bfd echo source ip ip address Required Not configured by default Configure static route FRR ip route static vpn instance vpn instance name fast reroute route policy route policy...

Page 29: ...tem view SwitchA ip route static 0 0 0 0 0 0 0 0 1 1 4 2 Configure two static routes on Switch B SwitchB system view SwitchB ip route static 1 1 2 0 255 255 255 0 1 1 4 1 SwitchB ip route static 1 1 3...

Page 30: ...0 0 127 0 0 1 InLoop0 127 0 0 0 8 Direct 0 0 127 0 0 1 InLoop0 127 0 0 1 32 Direct 0 0 127 0 0 1 InLoop0 1 1 6 0 24 Direct 0 0 1 1 6 1 Vlan100 1 1 6 1 32 Direct 0 0 127 0 0 1 InLoop0 Use the ping com...

Page 31: ...face on the switches Details not shown Configure static routes on Switch S Switch A and Switch D so that Switch S can reach Loopback 0 on Switch D and Switch D can reach Loopback 0 on Switch S Configu...

Page 32: ...ion SwitchS display ip routing table 4 4 4 4 verbose Routing Table Public Summary Count 1 Destination 4 4 4 4 32 Protocol Static Process ID 0 Preference 60 Cost 0 IpPrecedence QosLcId NextHop 13 13 13...

Page 33: ...P addresses for the interfaces Details not shown 2 Configure BFD Configure static routes on Switch A and enable BFD control packet mode for the static route through the Layer 2 switch SwitchA system v...

Page 34: ...n Mask Proto Pre Cost NextHop Interface 120 1 1 0 24 Static 60 0 12 1 1 2 Vlan10 Direct Routing table Status Inactive Summary Count 1 Destination Mask Proto Pre Cost NextHop Interface 120 1 1 0 24 Sta...

Page 35: ...subnet 121 1 1 0 24 on Switch B and static routes to subnets 120 1 1 0 24 and 121 1 1 0 24 on both Switch C and Switch D Enable BFD so that when the link between Switch A and Switch B through Switch D...

Page 36: ...121 1 1 0 24 vlan interface 13 13 1 1 2 preference 65 SwitchB quit Configure static routes on Switch C SwitchC system view SwitchC ip route static 120 1 1 0 24 vlan interface 13 13 1 1 1 SwitchC ip ro...

Page 37: ...s 1 1 1 9 2 2 2 9 Loop1 Ctrl Sta UP DOWN Diag 1 Oct 10 10 18 18 672 2010 SwitchA BFD 7 EVENT Send sess down Msg Src 1 1 1 9 Dst 2 2 2 9 Loop1 Ctrl instance 0 protocol STATIC Display the static route i...

Page 38: ...unreachable Because of this RIP is not suitable for large sized networks RIP prevents routing loops by implementing the split horizon and poison reverse functions RIP routing table A RIP router has a...

Page 39: ...routing table Triggered updates A router advertises updates once the metric of a route is changed instead of after the update period expires to speed up network convergence Operation of RIP The follo...

Page 40: ...Pv1 message format Command Type of message 1 indicates request which is used to request all or part of the routing information from the neighbor 2 indicates response which contains all or part of the...

Page 41: ...formation when plain text authentication is adopted or including key ID MD5 authentication data length and sequence number when MD5 authentication is adopted NOTE RFC 1723 only defines plain text auth...

Page 42: ...ring inbound or outbound route filtering Optional Configuring a priority for RIP Optional Configuring RIP route control Configuring RIP route redistribution Optional Configuring RIP timers Optional Co...

Page 43: ...g RIP then those configurations will take effect after RIP is enabled RIP runs only on the interfaces residing on the specified networks Specify the network after enabling RIP to validate RIP on a spe...

Page 44: ...d can receive RIPv1 broadcasts and RIPv1 unicasts With RIPv2 configured a multicast interface sends RIPv2 multicasts and can receive RIPv2 unicasts broadcasts and multicasts With RIPv2 configured a br...

Page 45: ...and the route s metric in the routing table is not changed The inbound additional metric is added to the metric of a received route before the route is added into the routing table and the route s met...

Page 46: ...Enter system view system view Enter RIP view rip process id vpn instance vpn instance name Disable RIPv2 automatic route summarization undo summary Required Enabled by default Return to system view q...

Page 47: ...dvertise a default route To do Use the command Remarks Enter system view system view Enter RIP view rip process id vpn instance vpn instance name Enable RIP to advertise a default route default route...

Page 48: ...lters outgoing routes including routes redistributed with the import route command Configuring a priority for RIP Multiple IGP protocols can run in a router If you want RIP routes to have a higher pri...

Page 49: ...asic functions Configuring RIP timers You can change the RIP network convergence speed by adjusting RIP timers Follow these steps to configure RIP timers To do Use the command Remarks Enter system vie...

Page 50: ...rip poison reverse Required Disabled by default Configuring the maximum number of load balanced routes This task allows you to implement load balancing over multiple equal cost RIP routes Follow thes...

Page 51: ...instance vpn instance name Enable source IP address check on incoming RIP messages validate source address Optional Enabled by default NOTE The source IP address check feature should be disabled if t...

Page 52: ...d because the neighbor may receive both the unicast and multicast or broadcast of the same routing information If a specified neighbor is not directly connected then disable the source address check o...

Page 53: ...affic recovery time Figure 9 Network diagram for RIP FRR In Figure 9 after you enable FRR on Router B RIP designates a backup next hop using a routing policy when a network failure is detected Packets...

Page 54: ...only when both ends have routes to send and BFD is enabled on the receiving interface Single hop detection in BFD echo packet mode Follow these steps to configure BFD for RIP single hop detection in...

Page 55: ...rmation display rip process id vpn instance vpn instance name begin exclude include regular expression Display all active routes in RIP database display rip process id database begin exclude include r...

Page 56: ...RIP T TRIP P Permanent A Aging S Suppressed G Garbage collect Peer 192 168 1 2 on Vlan interface100 Destination Mask Nexthop Cost Tag Flags Sec 10 0 0 0 8 192 168 1 2 1 0 RA 11 The output shows that R...

Page 57: ...d for 10 2 1 0 24 and 1 1 1 1 0 24 and Switch A cannot learn routes destined for 12 3 1 0 24 and 16 4 1 0 24 Configure a filtering policy on Switch B to filter out the route 10 2 1 1 24 from RIP 100 m...

Page 58: ...nfigure route redistribution On Switch B configure RIP 200 to redistribute direct routes and routes from RIP 100 SwitchB rip 200 SwitchB rip 200 import route rip 100 SwitchB rip 200 import route direc...

Page 59: ...0 0 127 0 0 1 InLoop0 Configuring an additional metric for a RIP interface Network requirements In the following figure RIP is enabled on all the interfaces of Switch A Switch B Switch C Switch D and...

Page 60: ...cost 0 nexthop 1 1 1 1 Rip interface 1 1 2 0 24 cost 0 nexthop 1 1 2 1 Rip interface 1 1 3 0 24 cost 1 nexthop 1 1 1 2 1 1 4 0 24 cost 1 nexthop 1 1 2 2 1 1 5 0 24 cost 2 nexthop 1 1 1 2 1 1 5 0 24 co...

Page 61: ...igure route summarization on Switch C and advertise only the summary route 10 0 0 0 8 reducing the routing table size of Switch D Figure 13 Network diagram Configuration procedure 1 Configure IP addre...

Page 62: ...f 1 Display the routing table information of Switch D SwitchD display ip routing table Routing Tables Public Destinations 10 Routes 10 Destination Mask Proto Pre Cost NextHop Interface 10 1 1 0 24 RIP...

Page 63: ...int200 13 13 13 1 24 Vlan int200 13 13 13 2 24 Vlan int100 12 12 12 2 24 Vlan int101 24 24 24 2 24 Vlan int101 24 24 24 4 24 Loop 0 4 4 4 4 32 Link A Link B Configuration procedure 1 Configure IP addr...

Page 64: ...outing Table Public Summary Count 1 Destination 4 4 4 4 32 Protocol RIP Process ID 1 Preference 100 Cost 1 IpPrecedence QosLcId NextHop 13 13 13 2 Interface vlan200 BkNextHop 12 12 12 2 BkInterface vl...

Page 65: ...of the route is the interface connected to the Layer 2 switch Configure BFD so that when the link between Switch C and the Layer 2 switch fails BFD can quickly detect the link failure and notify it to...

Page 66: ...chA quit 4 Configure a static route on Switch C SwitchC ip route static 100 1 1 1 24 null 0 5 Verify the configuration Display the BFD session information of Switch A SwitchA display bfd session Total...

Page 67: ...Echo Src IP Address 192 168 1 1 Src IFIndex4 Nbr IP Address 192 168 1 2 Display the BFD information of Switch A Switch A has deleted the neighbor relationship with Switch C and no output information...

Page 68: ...erface connected to Switch B Configure BFD so that when the link between Switch B and Switch C fails BFD can quickly detect the link failure and notify it to RIP and the BFD session goes down In respo...

Page 69: ...bfd session init mode active SwitchA interface vlan interface 100 SwitchA Vlan interface100 bfd min transmit interval 500 SwitchA Vlan interface100 bfd min receive interval 500 SwitchA Vlan interface...

Page 70: ...0 BkInterface RelyNextHop 0 0 0 0 Neighbor 192 168 1 2 Tunnel ID 0x0 Label NULL BKTunnel ID 0x0 BKLabel NULL State Active Adv Age 00h00m47s Tag 0 Destination 100 1 1 0 24 Protocol RIP Process ID 2 Pr...

Page 71: ...e 100 Cost 2 IpPrecedence QosLcId NextHop 192 168 3 2 Interface vlan interface 300 BkNextHop 0 0 0 0 BkInterface RelyNextHop 0 0 0 0 Neighbor 192 168 3 2 Tunnel ID 0x0 Label NULL BKTunnel ID 0x0 BKLab...

Page 72: ...he routing table Analysis In the RIP network make sure that all the same timers within the entire network are identical and have logical relationships between them For example the timeout timer value...

Page 73: ...table sizes Equal cost multi path ECMP routing Supports multiple equal cost routes to a destination Routing hierarchy Supports a four level routing hierarchy that prioritizes routes into intra area in...

Page 74: ...ginated for broadcast and NBMA networks by the designated router flooded throughout a single area only This LSA contains the list of routers connected to the network Network Summary LSA Type 3 LSA ori...

Page 75: ...routers rather than links A network segment or a link can only reside in one area An OSPF interface must be specified to belong to its attached area as shown in Figure 17 Figure 17 Area based OSPF net...

Page 76: ...configured on a physical interface The two ABRs on the virtual link unicast OSPF packets to each other and the OSPF routers in between convey these OSPF packets as normal IP packets Stub area A stub a...

Page 77: ...ng these Type 7 LSAs the NSSA ABR translates them to Type 5 LSAs and then advertises the Type 5 LSAs to Area 0 The ASBR of Area 2 redistributes RIP routes in Type 5 LSAs into the OSPF routing domain H...

Page 78: ...ABR and the backbone area can be physical or logical 3 Backbone router At least one interface of a backbone router must reside in the backbone area All ABRs and internal routers in area 0 are backbone...

Page 79: ...Access When the link layer protocol is Frame Relay ATM or X 25 OSPF considers the network type as NBMA by default OSPF packets are unicast on a NBMA network P2MP point to multipoint By default OSPF co...

Page 80: ...igure 23 solid lines are Ethernet physical links and dashed lines represent OSPF adjacencies In the network with the DR and BDR only seven adjacencies are needed Figure 23 DR and BDR in a network DR B...

Page 81: ...a ID ID of the area where the advertising router resides Checksum Checksum of the message AuType Authentication type ranging from 0 to 2 corresponding to non authentication simple plaintext authentica...

Page 82: ...neighbors Rtr Pri Router priority A value of 0 means the router cannot become the DR or BDR RouterDeadInterval Time before declaring a silent router down If two routers have different dead intervals t...

Page 83: ...to 0 if the packet is the last DD packet It is set to 1 if more DD packets are to follow MS Master Slave The Master Slave bit When set to 1 it indicates that the router is the master during the databa...

Page 84: ...e LSA LSU packet LSU Link State Update packets are used to send the requested LSAs to the peer Each packet carries a collection of LSAs Figure 29 LSU packet format Version 4 Router ID Area ID Checksum...

Page 85: ...was originated An LSA ages in the LSDB added by 1 per second but does not age during transmission LS type Type of the LSA Link state ID The contents of this field depend on the LSA s type LS sequence...

Page 86: ...pe Type Link type A value of 1 indicates a point to point link to a remote router a value of 2 indicates a link to a transit network a value of 3 indicates a link to a stub network and a value of 4 in...

Page 87: ...nated by ABRs Except for the Link state ID field the formats of Type 3 and 4 summary LSAs are identical Figure 34 Summary LSA format Major fields of the Summary LSA are as follows Link state ID For a...

Page 88: ...sed destination E External Metric The type of the external metric value which is set to 1 for type 2 external routes and set to 0 for type 1 external routes See Route types for a description of extern...

Page 89: ...ched to a network segment must be identical OSPF Graceful Restart Graceful Restart GR ensures the continuity of packet forwarding when a routing protocol restarts or an active standby switchover occur...

Page 90: ...meters such as the hello interval LSA delay timer and SPF calculation interval You can also configure them as needed OSPF routers should be configured on an area basis Wrong configurations may cause c...

Page 91: ...LSDB Optional Enabling compatibility with RFC 1583 Optional Logging neighbor state changes Optional Configuring OSPF network management Optional Enabling message logging Optional Enabling the adverti...

Page 92: ...akes effect locally and has no influence on packet exchange between routers Two routers having different process IDs can exchange packets OSPF support for VPNs enables an OSPF process to run in a spec...

Page 93: ...he AS edge as a stub area by configuring the stub command on all the routers attached to the area In this way Type 5 LSAs will not be flooded within the stub area reducing the routing table size The A...

Page 94: ...ce name Enter area view area area id Configure the area as an NSSA area nssa default route advertise no import route no summary translate always translator stability interval value Required Not config...

Page 95: ...ult The following are examples of how you can change the network type of an interface as needed When an NBMA network becomes fully meshed through address mapping any two routers in the network have a...

Page 96: ...nnot find neighbors via broadcasting hello packets you must specify neighbors and their router priorities A router priority of 0 means the router does not have the DR election right A router priority...

Page 97: ...e interface type interface number Configure the OSPF network type for the interface as P2MP ospf network type p2mp unicast Required By default the network type of an interface depends on the link laye...

Page 98: ...routers improving route calculation speed on routers For example there are three internal routes in an area 19 1 1 0 24 19 1 2 0 24 and 19 1 3 0 24 By configuring route summarization on the ABR the t...

Page 99: ...gured by default Configuring OSPF inbound route filtering NOTE For more information about IP prefix list and routing policy see the chapter Routing policy configuration OSPF calculates routes by using...

Page 100: ...alue 100 Mbps Interface bandwidth Mbps If the calculated cost is greater than 65535 the value of 65535 is used If the calculated cost is less than 1 the value of 1 is used If the cost value is not con...

Page 101: ...ks Enter system view system view Enter OSPF view ospf process id router id router id vpn instance vpn instance name Configure the maximum number of load balanced routes maximum load balancing maximum...

Page 102: ...tributed routes before advertisement filter policy acl number ip prefix ip prefix name export protocol process id Optional Not configured by default NOTE Only active routes can be redistributed Use th...

Page 103: ...1000 the default tag is 1 and default type of redistributed routes is Type 2 Advertising a host route Follow these steps to advertise a host route To do Use the command Remarks Enter system view syst...

Page 104: ...ter system view system view Enter interface view interface interface type interface number Specify the hello interval ospf timer hello seconds Optional The hello interval defaults to 10 seconds on P2P...

Page 105: ...ese steps to configure SPF calculation interval To do Use the command Remarks Enter system view system view Enter OSPF view ospf process id router id router id vpn instance vpn instance name Specify t...

Page 106: ...maximum interval initial interval incremental interval Optional By default the maximum interval is 5 seconds the minimum interval is 0 milliseconds and the incremental interval is 5000 milliseconds N...

Page 107: ...r have large costs that they will not send packets to the stub router for forwarding as long as another route with a smaller cost exists Follow these steps to configure a router as a stub router To do...

Page 108: ...rface MTU into DD packets To do Use the command Remarks Enter system view system view Enter interface view interface interface type interface number Enable the interface to add its MTU into DD packets...

Page 109: ...nges log peer change Optional Enabled by default Configuring OSPF network management With trap generation enabled OSPF generates traps to report important events Traps fall into the following levels L...

Page 110: ...paque LSAs Follow these steps to enable the advertisement and reception of opaque LSAs To do Use the command Remarks Enter system view system view Enter OSPF view ospf process id router id router id v...

Page 111: ...t Optional By default an OSPF interface sends up to three LSU packets every 20 milliseconds Enabling OSPF ISPF When a network topology is changed Incremental Shortest Path First ISPF allows the system...

Page 112: ...tem view system view Configure the source address of echo packets bfd echo source ip ip address Required Not configured by default Enter OSPF view ospf process id router id router id vpn instance vpn...

Page 113: ...OSPF GR Restarter Follow these steps to configure the standard IETF OSPF GR Restarter To do Use the command Remarks Enter system view system view Enable OSPF and enter its view ospf process id router...

Page 114: ...tion and advertisement opaque capability enable Required Not enabled by default Configure the neighbors for which the router can serve as a GR Helper graceful restart help acl number prefix prefix lis...

Page 115: ...ol packet bidirectional detection Follow these steps to enable BFD control packet bidirectional detection on an OSPF interface To do Use the command Description Enter system view system view Enter int...

Page 116: ...isplay ospf process id peer statistics begin exclude include regular expression Display next hop information display ospf process id nexthop begin exclude include regular expression Display routing ta...

Page 117: ...pf process id process graceful restart Re enable OSPF route redistribution reset ospf process id redistribution Available in user view OSPF configuration examples NOTE These examples only cover comman...

Page 118: ...spf 1 area 1 SwitchC ospf 1 area 0 0 0 1 network 10 2 1 0 0 0 0 255 SwitchC ospf 1 area 0 0 0 1 network 10 4 1 0 0 0 0 255 SwitchC ospf 1 area 0 0 0 1 quit SwitchC ospf 1 quit Configure Switch D Switc...

Page 119: ...10 4 1 0 24 13 Stub 10 2 1 2 10 4 1 1 0 0 0 1 10 5 1 0 24 14 Inter 10 1 1 2 10 3 1 1 0 0 0 0 10 1 1 0 24 2 Transit 10 1 1 1 10 2 1 1 0 0 0 0 Total Nets 5 Intra Area 3 Inter Area 2 ASE 0 NSSA 0 Displa...

Page 120: ...SE 0 NSSA 0 On Switch D ping the IP address 10 4 1 1 to check connectivity SwitchD ping 10 4 1 1 PING 10 4 1 1 56 data bytes press CTRL_C to break Reply from 10 4 1 1 bytes 56 Sequence 2 ttl 253 time...

Page 121: ...isplay the ABR ASBR information of Switch D SwitchD display ospf abr asbr OSPF Process 1 with Router ID 10 5 1 1 Routing Table to ABR and ASBR Type Destination Area Cost Nexthop RtType Intra 10 3 1 1...

Page 122: ...ion is established between Switch B and Switch C Switch B and Switch C are configured to redistribute OSPF routes and direct routes into BGP and BGP routes into OSPF Switch B is configured with route...

Page 123: ...network 10 1 1 0 0 0 0 255 SwitchD ospf 1 area 0 0 0 0 network 10 3 1 0 0 0 0 255 SwitchD ospf 1 area 0 0 0 0 quit Configure Switch E SwitchE system view SwitchE ospf SwitchE ospf 1 area 0 SwitchE osp...

Page 124: ...0 0 0 8 on Switch B and advertise it SwitchB ospf 1 asbr summary 10 0 0 0 8 Display the OSPF routing table of Switch A SwitchA display ip routing table Routing Tables Public Destinations 5 Routes 5 D...

Page 125: ...import route static SwitchD ospf 1 quit Display ABR ASBR information on Switch C SwitchC display ospf abr asbr OSPF Process 1 with Router ID 10 4 1 1 Routing Table to ABR and ASBR Type Destination Are...

Page 126: ...spf 1 area 0 0 0 1 stub SwitchC ospf 1 area 0 0 0 1 quit SwitchC ospf 1 quit Display OSPF routing information on Switch C SwitchC display ospf routing OSPF Process 1 with Router ID 10 4 1 1 Routing Ta...

Page 127: ...Nets 3 Intra Area 2 Inter Area 1 ASE 0 NSSA 0 NOTE After this configuration routing entries on the stub router are further reduced containing only one default external route Configuring an OSPF NSSA...

Page 128: ...re the nssa command with the keyword no summary on Switch A to reduce the routing table size on NSSA switches On other NSSA switches you only need to configure the nssa command Display OSPF routing in...

Page 129: ...1 Type2 1 10 3 1 1 10 2 1 1 Total Nets 6 Intra Area 2 Inter Area 3 ASE 1 NSSA 0 NOTE The output shows that on Switch D an external route imported from the NSSA area Configuring OSPF DR election Networ...

Page 130: ...system view SwitchD router id 4 4 4 4 SwitchD ospf SwitchD ospf 1 area 0 SwitchD ospf 1 area 0 0 0 0 network 192 168 1 0 0 0 0 255 SwitchD ospf 1 area 0 0 0 0 quit SwitchD ospf 1 return Display OSPF n...

Page 131: ...an interface 1 SwitchC Vlan interface1 ospf dr priority 2 SwitchC Vlan interface1 quit Display neighbor information on Switch D SwitchD display ospf peer verbose OSPF Process 1 with Router ID 4 4 4 4...

Page 132: ...168 1 1 BDR 192 168 1 3 MTU 0 Dead timer due in 39 sec Neighbor is up for 00 01 40 Authentication Sequence 0 Router ID 2 2 2 2 Address 192 168 1 2 GR State Normal State 2 Way Mode None Priority 0 DR 1...

Page 133: ...2 has no direct connection to Area 0 and Area 1 acts as the Transit Area to connect Area 2 to Area 0 via a configured virtual link between Switch B and Switch C After configuration Switch B can learn...

Page 134: ...SwitchC ospf 1 area 0 0 0 2 quit SwitchC ospf 1 quit Configure Switch D SwitchD system view SwitchD ospf 1 router id 4 4 4 4 SwitchD ospf 1 area 2 SwitchD ospf 1 area 0 0 0 2 network 10 3 1 0 0 0 0 2...

Page 135: ...witch B has learned the route 10 3 1 0 24 to Area 2 Configuring OSPF Graceful Restart Network requirements As shown in Figure 45 Switch A Switch B and Switch C that belong to the same autonomous syste...

Page 136: ...able out of band resynchronization SwitchA ospf 100 graceful restart SwitchA ospf 100 return Configure Switch B as the GR Helper enable the link local signaling capability and the out of band re synch...

Page 137: ...OB Progress timer for neighbor 192 1 1 2 OSPF 100 deleted OOB Progress timer for neighbor 192 1 1 2 OSPF 100 Gr Wait Timeout timer fired OSPF 100 deleted GR wait timer OSPF 100 deleted GR Interval tim...

Page 138: ...1 3 0 24 10 4 1 2 On Switch C configure OSPF to redistribute static routes SwitchC ospf 1 SwitchC ospf 1 import route static SwitchC ospf 1 quit Display the OSPF routing table of Switch A SwitchA dis...

Page 139: ...2 Direct 0 0 127 0 0 1 InLoop0 10 2 1 0 24 Direct 0 0 10 2 1 1 Vlan200 10 2 1 1 32 Direct 0 0 127 0 0 1 InLoop0 10 3 1 0 24 OSPF 10 4 10 1 1 2 Vlan100 10 4 1 0 24 OSPF 10 13 10 2 1 2 Vlan200 10 5 1 0...

Page 140: ...Switch D Switch A Loop 0 1 1 1 1 32 Vlan int100 12 12 12 1 24 Vlan int200 13 13 13 1 24 Vlan int200 13 13 13 2 24 Vlan int100 12 12 12 2 24 Vlan int101 24 24 24 2 24 Vlan int101 24 24 24 4 24 Loop 0...

Page 141: ...itchD bfd echo source ip 4 4 4 4 SwitchD ip ip prefix abc index 10 permit 1 1 1 1 32 SwitchD route policy frr permit node 10 SwitchD route policy if match ip prefix abc SwitchD route policy apply fast...

Page 142: ...BFD for OSPF Network requirements As shown in Figure 48 OSPF is enabled on Switch A Switch B and Switch C that are reachable to each other at the network layer After the link over which Switch A and...

Page 143: ...0 0 0 0 quit SwitchB ospf 1 quit SwitchB interface vlan interface 13 SwitchB Vlan interface13 ospf cost 2 SwitchB Vlan interface13 quit Configure Switch C SwitchC system view SwitchC ospf SwitchC osp...

Page 144: ...120 1 1 0 verbose Routing Table Public Summary Count 2 Destination 120 1 1 0 24 Protocol OSPF Process ID 0 Preference 0 Cost 2 IpPrecedence QosLcId NextHop 192 168 0 100 Interface Vlan interface10 BkN...

Page 145: ...1 0 100 vlan10 0 50673831 SwitchA BFD 8 SCM Sess 10 1 0 102 10 1 0 100 vlan10 Oper Delete 0 50673832 SwitchA BFD 8 SCM Delete send packet timer 0 50673833 SwitchA BFD 8 SCM Delete session entry 0 506...

Page 146: ...mation using the display ospf peer command 2 Display OSPF interface information using the display ospf interface command 3 Ping the neighbor router s IP address to check connectivity 4 Check OSPF time...

Page 147: ...rmation about area configuration using the display current configuration configuration ospf command If more than two areas are configured at least one area is connected to the backbone 5 In a Stub are...

Page 148: ...to a router End system ES Refers to a host system in TCP IP ISO defines the ES IS protocol for communication between an ES and an IS An ES does not participate in the IS IS processing Routing domain...

Page 149: ...area merging partitioning and switching 3 System ID A system ID identifies a host or router uniquely It has a fixed length of 48 bits 6 bytes The system ID of a device can be generated from the Router...

Page 150: ...th Level 1 and Level 1 2 routers in the same area The LSDB maintained by the Level 1 router contains the local area routing information It directs the packets destined for an outside area to the neare...

Page 151: ...ous Level 2 and Level 1 2 routers which can reside in different areas Figure 51 IS IS topology 2 NOTE The IS IS backbone does not need to be a specific area Both the Level 1 and Level 2 routers use th...

Page 152: ...tem DIS The Level 1 and Level 2 DISs are elected respectively You can assign different priorities for different level DIS elections The higher a router s priority is the more likely the router becomes...

Page 153: ...header format Intradomain routing protocol discriminator Reserved Version R ID length Version Protocol ID extension Length indicator Maximum area address R R PDU type No of Octets 1 1 1 1 1 1 1 1 Maj...

Page 154: ...1 LAN IIHs and the Level 2 routers use the Level 2 LAN IIHs The P2P IIHs are used on point to point networks Figure 55 illustrates the hello packet format in broadcast networks where the blue fields...

Page 155: ...iority and LAN ID fields in the LAN IIH the P2P IIH has a Local Circuit ID field LSP packet format The Link State PDU LSP carries link state information LSP involves two types Level 1 LSP and Level 2...

Page 156: ...a L1 L1 router for L1 LSPs only it indicates that the router generating the LSP is connected to multiple areas OL LSDB Overload Indicates that the LSDB is not complete because the router has run out...

Page 157: ...PSNP CSNP covers the summary of all LSPs in the LSDB to synchronize the LSDB between neighboring routers On broadcast networks CSNP is sent by the DIS periodically 10s by default On point to point ne...

Page 158: ...ifferent CLVs Code 1 to 10 of CLV are defined in ISO 10589 code 3 and 5 are not shown in the table and others are defined in RFC 1 195 Table 3 CLV name and the corresponding PDU type CLV Code Name PDU...

Page 159: ...esponses from neighbors The GR Restarter then synchronizes the LSDB with all GR capable neighbors calculates routes updates its routing table and forwarding table and removes stale routes The IS IS ro...

Page 160: ...LSP fragment is advertised by a virtual system identified by an additional system ID 2 Operation modes The LSP fragment extension feature operates in the following modes Mode 1 Applicable to a networ...

Page 161: ...ISO IS IS Routing Protocol ISO 9542 ES IS Routing Protocol ISO 8348 Ad2 Network Services Access Points RFC 1 195 Use of OSI IS IS for Routing in TCP IP and Dual Environments RFC 2763 Dynamic Hostname...

Page 162: ...small hello packets Optional Configuring LSP parameters Optional Configuring SPF parameters Optional Assigning a high priority to IS IS routes Optional Setting the LSDB overload bit Optional Configuri...

Page 163: ...erent levels because the routers do not need to maintain two identical LSDBs Configure the IS level as Level 2 on all routers in an IP network for scalability For an interface of a Level 1 or Level 2...

Page 164: ...rface is broadcast NOTE You can only perform this configuration for a broadcast network with only two attached routers Configuring IS IS routing information control Configuration prerequisites Before...

Page 165: ...y a cost for the interface isis cost value level 1 level 2 Optional No cost is specified for the interface by default Configuring a global IS IS cost Follow these steps to configure a global IS IS cos...

Page 166: ...Specify a priority for IS IS preference route policy route policy name preference Required 15 by default Configuring the maximum number of equal cost routes If multiple equal cost routes reach the sa...

Page 167: ...vertise a default route To do Use the command Remarks Enter system view system view Enter IS IS view isis process id vpn instance vpn instance name Advertise a default route default route advertise ro...

Page 168: ...rithm to calculate the shortest path tree with itself as the root and installs the routes into the IS IS routing table By referencing a configured ACL IP prefix list or routing policy you can filter t...

Page 169: ...l 1 filter policy acl number ip prefix ip prefix name route policy route policy name tag tag Required Disabled by default NOTE If a filter policy is specified only routes passing it can be advertised...

Page 170: ...a neighbor must miss before declaring the router is down isis timer holding multiplier value level 1 level 2 Optional 3 by default NOTE On a broadcast link Level 1 and Level 2 hello packets are adver...

Page 171: ...ulated into frames Any two IS IS neighboring routers must negotiate a common MTU To avoid sending big hellos for saving bandwidth enable the interface to send small hello packets without CLVs Follow t...

Page 172: ...interval second wait interval level 1 level 2 Optional 2 seconds by default 3 Specify LSP sending intervals If a change occurs in the LSDB IS IS advertises the changed LSP to neighbors You can specif...

Page 173: ...vergence Follow these steps to enable LSP flash flooding To do Use the command Remarks Enter system view system view Enter IS IS view isis process id vpn instance vpn instance name Enable LSP flash fl...

Page 174: ...s To do Use the command Remarks Enter system view system view Enter IS IS view isis process id vpn instance vpn instance name Assign a high priority to IS IS routes priority high ip prefix prefix name...

Page 175: ...a static system ID to host name mapping To do Use the command Remarks Enter system view system view Enter IS IS view isis process id vpn instance vpn instance name Configure a system ID to host name...

Page 176: ...the terminal for display Enhancing IS IS network security To enhance the security of an IS IS network you can configure IS IS authentication IS IS authentication involves neighbor relationship authent...

Page 177: ...t have the same authentication mode and password Follow these steps to configure area authentication To do Use the command Remarks Enter system view system view Enter IS IS view isis process id vpn in...

Page 178: ...capability for IS IS graceful restart Required Disabled by default Set the Graceful Restart interval graceful restart interval timer Required 300 seconds by default The Graceful Restart interval is se...

Page 179: ...Introduction When a link fails the packets on the path are discarded or a routing loop occurs until IS IS completes the routing convergence based on the new network topology You can enable IS IS fast...

Page 180: ...n about the apply fast reroute backup interface command and routing policy configurations see the chapter Routing policy configuration Follow these steps to configure IS IS FRR To do Use the command R...

Page 181: ...brief process id vpn instance vpn instance name begin exclude include regular expression Available in any view Display the status of IS IS debug switches display isis debug switches process id vpn ins...

Page 182: ...nce name begin exclude include regular expression Available in any view Display IS IS statistics display isis statistics level 1 level 1 2 level 2 process id vpn instance vpn instance name begin exclu...

Page 183: ...lan interface200 quit Configure Switch C SwitchC system view SwitchC isis 1 SwitchC isis 1 network entity 10 0000 0000 0003 00 SwitchC isis 1 quit SwitchC interface vlan interface 100 SwitchC Vlan int...

Page 184: ...display isis lsdb Database information for ISIS 1 Level 1 Link State Database LSPID Seq Num Checksum Holdtime Length ATT P OL 0000 0000 0001 00 00 0x00000006 0xdb60 988 68 0 0 0 0000 0000 0002 00 00 0...

Page 185: ...0 0 0 0000 0000 0004 00 00 0x0000003c 0xd647 1194 84 0 0 0 0000 0000 0004 01 00 0x00000002 0xec96 1007 55 0 0 0 Self LSP Self LSP Extended ATT Attached P Partition OL Overload Display the IS IS routin...

Page 186: ...2 168 0 0 24 10 NULL Vlan300 Direct D L 10 1 1 0 24 10 NULL Vlan100 Direct D L 10 1 2 0 24 10 NULL Vlan200 Direct D L 172 16 0 0 16 20 NULL Vlan300 192 168 0 2 R Flags D Direct R Added to RM L Adverti...

Page 187: ...tails not shown 2 Enable IS IS Configure Switch A SwitchA system view SwitchA isis 1 SwitchA isis 1 network entity 10 0000 0000 0001 00 SwitchA isis 1 quit SwitchA interface vlan interface 100 SwitchA...

Page 188: ...State Up HoldTime 21s Type L1 L1L2 PRI 64 System Id 0000 0000 0003 Interface Vlan interface100 Circuit Id 0000 0000 0003 01 State Up HoldTime 27s Type L1 PRI 64 System Id 0000 0000 0002 Interface Vla...

Page 189: ...e100 isis dis priority 100 SwitchA Vlan interface100 quit Display IS IS neighbors of Switch A SwitchA display isis peer Peer information for ISIS 1 System Id 0000 0000 0002 Interface Vlan interface100...

Page 190: ...tate Up HoldTime 7s Type L1 PRI 100 SwitchC display isis interface Interface information for ISIS 1 Interface Vlan interface100 Id IPV4 State IPV6 State MTU Type DIS 001 Up Down 1497 L1 L2 No No Displ...

Page 191: ...terfaces Details not shown 2 Configure IS IS basic functions Configure Switch A SwitchA system view SwitchA isis 1 SwitchA isis 1 is level level 1 SwitchA isis 1 network entity 10 0000 0000 0001 00 Sw...

Page 192: ...0004 00 SwitchD isis 1 quit SwitchD interface interface vlan interface 300 SwitchD Vlan interface300 isis enable 1 SwitchD Vlan interface300 quit Display IS IS routing information on each switch Switc...

Page 193: ...1 ISIS 1 IPv4 Level 2 Forwarding Table IPV4 Destination IntCost ExtCost ExitInterface NextHop Flags 192 168 0 0 24 10 NULL VLAN300 Direct D L 10 1 1 0 24 20 NULL VLAN300 192 168 0 1 R 10 1 2 0 24 20...

Page 194: ...tised in LSPs U Up Down Bit Set ISIS 1 IPv4 Level 2 Forwarding Table IPV4 Destination IntCost ExtCost ExitInterface NextHop Flags 10 1 1 0 24 10 NULL VLAN100 Direct D L 10 1 2 0 24 10 NULL VLAN200 Dir...

Page 195: ...estart SwitchA isis 1 graceful restart interval 150 SwitchA isis 1 return Configurations for Switch B and Switch C are similar therefore details are not shown 3 Verify the configuration After Router A...

Page 196: ...d configure IS IS Follow Figure 67 to configure the IP address and subnet mask of each interface on the switches Details not shown Configure IS IS on the switches ensuring that Switch S Switch A and S...

Page 197: ...SIS 1 ISIS 1 IPv4 Level 1 Forwarding Table IPV4 Destination IntCost ExtCost ExitInterface NextHop Flags 12 12 12 0 24 10 NULL vlan100 Direct D L 22 22 22 22 32 10 NULL Loop0 Direct D 14 14 14 0 32 10...

Page 198: ...in LSPs U Up Down Bit Set ISIS 1 IPv4 Level 2 Forwarding Table IPV4 Destination IntCost ExtCost ExitInterface NextHop Flags 14 14 14 0 24 10 NULL vlan200 Direct D L 44 44 44 44 32 10 NULL Loop0 Direct...

Page 199: ...op or to designate a backup next hop by using a referenced routing policy Method I Enable IS IS FRR to automatically calculate a backup next hop Configure Switch S SwitchS system view SwitchS bfd echo...

Page 200: ...Count 1 Destination 4 4 4 4 32 Protocol ISIS Process ID 1 Preference 10 Cost 10 IpPrecedence QosLcId NextHop 13 13 13 2 Interface Vlan interface200 BkNextHop 12 12 12 2 BkInterface Vlan interface100 R...

Page 201: ...ng the routing domain Figure 69 Network diagram for IS IS authentication configuration Configuration procedure 1 Configure IP addresses for interfaces Details not shown 2 Configure IS IS basic functio...

Page 202: ...interface100 isis authentication mode md5 eRg SwitchA Vlan interface100 quit SwitchC interface vlan interface 100 SwitchC Vlan interface100 isis authentication mode md5 eRg SwitchC Vlan interface100 q...

Page 203: ...etwork requirements As shown in Figure 70 IS IS is enabled on Switch A Switch B and Switch C that are reachable to each other at the network layer After the link over which Switch A and Switch B commu...

Page 204: ...isis SwitchC isis 1 network entity 10 0000 0000 0003 00 SwitchC isis 1 quit SwitchC interface vlan interface 11 SwitchC Vlan interface11 isis enable SwitchC Vlan interface11 quit SwitchC interface vl...

Page 205: ...Process ID 0 Preference 0 Cost 2 IpPrecedence QosLcId NextHop 192 168 0 100 Interface Vlan interface10 BkNextHop 0 0 0 0 BkInterface RelyNextHop 0 0 0 0 Neighbor 0 0 0 0 Tunnel ID 0x0 Label NULL BKTu...

Page 206: ...hA ISIS 4 ADJLOG ISIS 1 ADJCHANGE Adjacency To 0000 0000 0002 vlan10 DOWN Level 1 Adjacency clear Aug 8 14 54 05 370 2008 SwitchA ISIS 6 ISIS ISIS 1 BFD Success to send msg Msg type 1 delete session I...

Page 207: ...only incremental updates and is applicable to advertising a great amount of routing information on the Internet Eliminates routing loops completely by adding AS path information to BGP route advertis...

Page 208: ...irst message sent by each side is an open message for peer relationship establishment Figure 72 BGP open message format Major fields of the BGP open message are as follows Version This one byte unsign...

Page 209: ...a variable length field that contains a list of withdrawn IP prefixes Total path attribute length Total length of the path attributes field in bytes A value of 0 indicates that no NLRI field is prese...

Page 210: ...s and be included in every Update message Routing information errors occur without this attribute Well known discretionary Can be recognized by all BGP routers and optionally included in every Update...

Page 211: ...attribute 2 AS_PATH AS_PATH is a well known mandatory attribute This attribute identifies the autonomous systems through which routing information carried in this Update message has passed When a rou...

Page 212: ...dress of its sending interface When sending a received route to an eBGP peer a BGP speaker sets the NEXT_HOP for the route to the address of the sending interface When sending a route received from an...

Page 213: ...cates the priority of a BGP router LOCAL_PREF is used to determine the best route for traffic leaving the local AS When a BGP router obtains from several iBGP peers multiple routes to the same destina...

Page 214: ...elect the route learned from eBGP confederation or iBGP in turn 8 Select the route with the smallest next hop metric 9 Select the route with the shortest CLUSTER_LIST 10 Select the route with the smal...

Page 215: ...or BGP load balancing In the above figure Router D and Router E are iBGP peers of Router C Router A and Router B both advertise a route destined for the same destination to Router C If load balancing...

Page 216: ...acket to Router C through route recursion Router C is unaware of the route 8 0 0 0 8 so it discards the packet Figure 81 iBGP and IGP synchronization For this example if synchronization is enabled and...

Page 217: ...ecrease to half of the suppress value after a period of time This period is called Half life When the value decreases to the reusable threshold value the route is added into the routing table and adve...

Page 218: ...lients need not be established A router that is neither a route reflector nor a client is a non client which as shown in Figure 83 must establish BGP sessions to the route reflector and other non clie...

Page 219: ...nfederation is as follows When changing an AS into a confederation you must reconfigure your routers The topology is changed In large scale BGP networks both route reflector and confederation can be u...

Page 220: ...HOP and AGGREGATOR AGGREGATOR contains the IP address of the speaker generating the summary route They are all carried in updates To support multiple network layer protocols BGP 4 puts information abo...

Page 221: ...oup Optional Injecting a local network Configuring BGP route redistribution Required Use at least one approach Controlling route generation Enabling default route redistribution into BGP Optional Conf...

Page 222: ...P confederation Optional Configuring BGP GR Optional Enabling trap Optional Enabling logging of peer state changes Optional Configuring BFD for BGP Optional Configuring BGP basic functions NOTE This s...

Page 223: ...r as number command default ipv4 unicast Optional Enabled by default Enable a peer peer ip address enable Optional Enabled by default Configure a description for a peer peer group peer group name ip a...

Page 224: ...up Direct physical links must be available between eBGP peers If they are not use the peer ebgp max hop command to establish a TCP connection over multiple hops between two peers Follow these steps to...

Page 225: ...nfigure BGP to filter routing information from specific routing protocols The origin attribute of routes redistributed using the import route command is INCOMPLETE Follow these steps to configure BGP...

Page 226: ...zation modes Manual summary routes have a higher priority than automatic ones Configure automatic route summarization After automatic route summarization is configured BGP summarizes redistributed IGP...

Page 227: ...o do Use the command Remarks Enter system view system view Enter BGP view bgp as number Advertise a default route to a peer or peer group peer group name ip address default route advertise route polic...

Page 228: ...uting table The members of a peer group can have different route reception filtering policies from the peer group Follow these steps to configure BGP route reception filtering policies To do Use the c...

Page 229: ...If the number is reached the router breaks down the BGP connection to the peer peer group name ip address route limit prefix number percentage value Specify the maximum number of prefixes that can be...

Page 230: ...nfigure a shortcut route network ip address mask mask length short cut Optional By default an eBGP route received has a priority of 255 Configuring BGP route attributes Configuration prerequisites BGP...

Page 231: ...sed to determine the best route for traffic leaving the local AS When a BGP router obtains from several iBGP peers multiple routes to the same destination but with different next hops it considers the...

Page 232: ...Because Router B has a smaller router ID the route learned from it is optimal Network NextHop MED LocPrf PrefVal Path Ogn i 10 0 0 0 2 2 2 2 50 0 300e i 3 3 3 3 50 0 200e When Router D learns network...

Page 233: ...tion peers bestroute med confederation Optional Not enabled by default NOTE The MED attributes of routes from confederation peers are not compared if their AS path attributes contain AS numbers that d...

Page 234: ...it as the next hop for routes sent to an iBGP peer or peer group This is done regardless of whether the peer next hop local command is configured Follow these steps to configure the next hop attribute...

Page 235: ...u can configure Router A to specify a fake AS number of 2 for created connections to eBGP peers or peer groups In this way these eBGP peers still think Router A is in AS 2 and need not change their co...

Page 236: ...ip address substitute as Required Not configured by default CAUTION Improper AS number substitution configuration may cause route loops use this command with caution Remove private AS numbers from upd...

Page 237: ...interval and holdtime depend on the following cases If the holdtime settings on the local and peer routers are different the smaller one is used If the keepalive interval is 0 and the negotiated holdt...

Page 238: ...ip address route update interval interval Optional The intervals for sending the same update to an iBGP peer and an eBGP peer default to 15 seconds and 30 seconds respectively Configuring BGP soft res...

Page 239: ...xport import Required NOTE If the BGP peer does not support route refresh and the peer keep all routes command is not configured for it you need to decide whether to manually disconnect the peer to le...

Page 240: ...led on the peer send receive both The ORF receiving capability is enabled locally and the ORF sending capability is enabled on the peer both both Both the ORF sending and receiving capabilities are en...

Page 241: ...tions BGP employs TCP as the transport protocol To increase security configure BGP to perform MD5 authentication when establishing a TCP connection The two parties must have the same password configur...

Page 242: ...are accessible to each other at the network layer Configuring BGP peer groups A peer group is a group of peers with the same route selection policy In a large scale network many peers may use the same...

Page 243: ...add a peer into it with an AS number specified Follow these steps to configure an eBGP peer group using the first approach To do Use the command Remarks Enter system view system view Enter BGP view bg...

Page 244: ...it into the peer group Peers added in the group can have different AS numbers Configuring BGP community A BGP community is a group of destinations with the same characteristics It has no geographical...

Page 245: ...Required Not configured by default Enable route reflection between clients reflect between clients Optional Enabled by default Configure the cluster ID of the route reflector reflector cluster id clu...

Page 246: ...n ID confederation id as number Required Not configured by default Specify peering sub ASs in the confederation confederation peer as as number list Required Not configured by default Configure confed...

Page 247: ...l 4 traps to report important events The generated traps are sent to the information center of the device The trap output rules whether to output the traps and the output direction are determined acco...

Page 248: ...ail If GR capability is enabled for BGP use BFD with caution If GR and BFD are both enabled do not disable BFD during a GR process otherwise GR may fail For BFD configuration see High Availability Con...

Page 249: ...display bgp routing table different origin as begin exclude include regular expression Display BGP routing flap statistics display bgp routing table flap info regular expression as regular expression...

Page 250: ...basic configuration Network requirements In Figure 90 run eBGP between Switch A and Switch B and iBGP between Switch B and Switch C so that Switch C can access the network 8 1 1 0 24 connected to Rou...

Page 251: ...ospf 1 area 0 0 0 0 quit SwitchC ospf 1 quit SwitchC display bgp peer BGP local router ID 3 3 3 3 Local AS number 65009 Total number of peers 1 Peers in established state 1 Peer AS MsgRcvd MsgSent Out...

Page 252: ...ship with Switch A Display the BGP routing table on Switch A SwitchA display bgp routing table Total Number of Routes 1 BGP Local router ID is 1 1 1 1 Status codes valid VPNv4 best best d damped h his...

Page 253: ...route to 3 1 1 0 24 Configure Switch B SwitchB bgp 65009 SwitchB bgp import route direct Display the BGP routing table on Switch A SwitchA display bgp routing table Total Number of Routes 4 BGP Local...

Page 254: ...s 56 Sequence 4 ttl 254 time 2 ms Reply from 8 1 1 1 bytes 56 Sequence 5 ttl 254 time 2 ms 8 1 1 1 ping statistics 5 packet s transmitted 5 packet s received 0 00 packet loss round trip min avg max 2...

Page 255: ...A SwitchA system view SwitchA bgp 65008 SwitchA bgp router id 1 1 1 1 SwitchA bgp peer 3 1 1 1 as number 65009 SwitchA bgp network 8 1 1 0 24 SwitchA bgp quit Configure Switch B SwitchB bgp 65009 Swit...

Page 256: ...0 1 32 Direct 0 0 127 0 0 1 InLoop0 5 Verification Use ping for verification SwitchA ping a 8 1 1 1 9 1 2 1 PING 9 1 2 1 56 data bytes press CTRL_C to break Reply from 9 1 2 1 bytes 56 Sequence 1 ttl...

Page 257: ...configure BGP to advertise network 8 1 1 0 24 to Switch B and Switch C so that Switch B and Switch C can access the internal network connected to Switch A On Switch B establish an eBGP connection with...

Page 258: ...1 0 255 255 255 0 SwitchC bgp quit SwitchC ip route static 2 2 2 2 32 9 1 1 1 Display the BGP routing table on Switch A SwitchA display bgp routing table Total Number of Routes 3 BGP Local router ID...

Page 259: ...l Path Ogn 8 1 1 0 24 0 0 0 0 0 0 i 9 1 1 0 24 3 1 1 1 0 0 65009i 3 1 2 1 0 0 65009i The route 9 1 1 0 24 has two next hops 3 1 1 1 and 3 1 2 1 both of which are marked with a greater than sign indica...

Page 260: ...Configure Switch C SwitchC system view SwitchC bgp 30 SwitchC bgp router id 3 3 3 3 SwitchC bgp peer 200 1 3 1 as number 20 SwitchC bgp quit Display the BGP routing table on Switch B SwitchB display b...

Page 261: ...Display the routing table on Switch B SwitchB display bgp routing table 9 1 1 0 BGP local router ID 2 2 2 2 Local AS number 20 Paths 1 available 1 best BGP routing table entry information of 9 1 1 0...

Page 262: ...itch B SwitchB system view SwitchB bgp 200 SwitchB bgp router id 2 2 2 2 SwitchB bgp peer 192 1 1 1 as number 100 SwitchB bgp peer 193 1 1 1 as number 200 SwitchB bgp peer 193 1 1 1 next hop local Swi...

Page 263: ...p MED LocPrf PrefVal Path Ogn 1 0 0 0 192 1 1 1 0 0 100i Display the BGP routing table on Switch D SwitchD display bgp routing table Total Number of Routes 1 BGP Local router ID is 200 1 2 1 Status co...

Page 264: ...1 1 2 24 Switch B Vlan int200 10 1 1 2 24 Vlan int600 9 1 1 1 24 Switch C Vlan int300 10 1 2 2 24 Configuration procedure 1 Configure IP addresses for interfaces Details not shown 2 Configure BGP conf...

Page 265: ...ederation id 200 SwitchD bgp peer 10 1 3 1 as number 65001 SwitchD bgp peer 10 1 5 2 as number 65001 SwitchD bgp quit Configure Switch E SwitchE system view SwitchE bgp 65001 SwitchE bgp router id 5 5...

Page 266: ...100 Origin igp Attribute value MED 0 localpref 100 pref val 0 pre 255 State valid external confed best Not advertised to any peers yet Display the BGP routing table on Switch D SwitchD display bgp ro...

Page 267: ...ween Switch A and Switch C are eBGP connections Between Switch B and Switch D and between Switch D and Switch C are iBGP connections OSPF is the IGP protocol in AS 200 Configure routing policies makin...

Page 268: ...s Configure Switch A SwitchA system view SwitchA bgp 100 SwitchA bgp peer 192 1 1 2 as number 200 SwitchA bgp peer 193 1 1 2 as number 200 Inject network 1 0 0 0 8 to the BGP routing table on Switch A...

Page 269: ...B SwitchA bgp 100 SwitchA bgp peer 193 1 1 2 route policy apply_med_50 export SwitchA bgp peer 192 1 1 2 route policy apply_med_100 export SwitchA bgp quit Display the BGP routing table on Switch D Sw...

Page 270: ...1 0 0 0 193 1 1 1 0 200 0 100i i 192 1 1 1 0 100 0 100i Route 1 0 0 0 8 from Switch D to Switch C is the optimal BGP GR configuration Network requirements All switches run BGP in Figure 97 Between Sw...

Page 271: ...r interfaces Details not shown Configure the iBGP connection SwitchC system view SwitchC bgp 65009 SwitchC bgp router id 3 3 3 3 SwitchC bgp peer 9 1 1 1 as number 65009 Enable GR capability for BGP S...

Page 272: ...A system view SwitchA bgp 100 SwitchA bgp peer 3 0 2 2 as number 200 SwitchA bgp peer 2 0 2 2 as number 200 SwitchA bgp quit When the two links between Switch A and Switch C are both up Switch C adopt...

Page 273: ...onfigure BFD parameters you can use default BFD parameters instead Configure Switch A SwitchA bfd session init mode active SwitchA interface vlan interface 100 Configure the minimum interval for trans...

Page 274: ...e 100 and Switch C s VLAN interface 101 and that BFD runs properly Display BGP peer information on Switch C and you can see that Switch C has established two BGP neighborships with Switch A SwitchC di...

Page 275: ...l Sta UP DOWN Diag 1 Nov 5 11 42 24 172 2009 SwitchC BGP 5 BGP_STATE_CHANGED 3 0 1 1 state is changed from ESTABLISHED to IDLE Nov 5 11 42 24 187 2009 SwitchC RM 6 RMDEBUG BGP_BFD Recv BFD DOWN msg Sr...

Page 276: ...nd to check that the peer s AS number is correct 2 Use the display bgp peer command to check that the peer s IP address is correct 3 If a loopback interface is used check that the loopback interface i...

Page 277: ...Their major difference lies in the destination and next hop addresses IPv6 static routes use IPv6 addresses whereas IPv4 static routes use IPv4 addresses Default IPv6 route An IPv6 static route with a...

Page 278: ...ic route you must specify the next hop address Displaying and maintaining IPv6 static routes To do Use the command Remarks Display IPv6 static route information display ipv6 routing table protocol sta...

Page 279: ...5 1 Configure a default IPv6 static route on Switch C SwitchC system view SwitchC ipv6 SwitchC ipv6 route static 0 5 2 3 Configure the IPv6 addresses and gateways for hosts Configure the IPv6 addresse...

Page 280: ...ty with the ping command SwitchA ping ipv6 3 1 PING 3 1 56 data bytes press CTRL_C to break Reply from 3 1 bytes 56 Sequence 1 hop limit 254 time 63 ms Reply from 3 1 bytes 56 Sequence 2 hop limit 254...

Page 281: ...tly connected routers is 1 When the hop count is greater than or equal to 16 the destination network or host is unreachable By default the routing update is sent every 30 seconds If the router receive...

Page 282: ...at The following are types of RTEs in RIPng Next hop RTE Defines the IPv6 address of a next hop IPv6 prefix RTE Describes the destination IPv6 address route tag prefix length and metric in the RIPng r...

Page 283: ...outer checks the validity of the response before adding the route to its routing table such as whether the source IPv6 address is the link local address and whether the port number is correct The resp...

Page 284: ...cess id vpn instance vpn instance name Required Not created by default Return to system view quit Enter interface view interface interface type interface number Enable RIPng on the interface ripng pro...

Page 285: ...ify an inbound routing additional metric ripng metricin value Optional 0 by default Specify an outbound routing additional metric ripng metricout value Optional 1 by default Configuring RIPng route su...

Page 286: ...iguring a priority for RIPng Any routing protocol has its own protocol priority used for optimal route selection You can set a priority for RIPng manually The smaller the value the higher the priority...

Page 287: ...e the following defaults 30 seconds for the update timer 180 seconds for the timeout timer 120 seconds for the suppress timer 120 seconds for the garbage collect timer NOTE When adjusting RIPng timers...

Page 288: ...ields With zero field check on RIPng packets enabled if such a field contains a non zero value the entire RIPng packet is discarded If you are sure that all packets are trustworthy disable the zero fi...

Page 289: ...sec policy configured the interface uses its own IPsec policy Configuration prerequisites Before applying an IPsec policy for RIPng complete following tasks Create an IPsec proposal Create an IPsec po...

Page 290: ...exclude include regular expression Available in any view Reset a RIPng process reset ripng process id process Available in user view Clear statistics of a RIPng process reset ripng process id statist...

Page 291: ...ace200 quit SwitchC interface vlan interface 500 SwitchC Vlan interface500 ripng 1 enable SwitchC Vlan interface500 quit SwitchC interface vlan interface 600 SwitchC Vlan interface600 ripng 1 enable S...

Page 292: ...ripng 1 filter policy 2000 export Display routing tables of Switch B and Switch A SwitchB display ripng 1 route Route Flags A Aging S Suppressed G Garbage collect Peer FE80 20F E2FF FE23 82F5 on Vlan...

Page 293: ...itchA ripng 100 SwitchA ripng 100 quit SwitchA interface vlan interface 100 SwitchA Vlan interface100 ripng 100 enable SwitchA Vlan interface100 quit SwitchA interface vlan interface 200 SwitchA Vlan...

Page 294: ...0 Destination 2 64 Protocol Direct NextHop 2 1 Preference 0 Interface Vlan200 Cost 0 Destination 2 1 128 Protocol Direct NextHop 1 Preference 0 Interface InLoop0 Cost 0 Destination FE80 10 Protocol Di...

Page 295: ...BFF FE01 1C02 Preference 100 Interface Vlan100 Cost 4 Destination FE80 10 Protocol Direct NextHop Preference 0 Interface NULL0 Cost 0d Configuring RIPng IPsec policies Network requirements In the fol...

Page 296: ...l tran1 transform esp SwitchA ipsec proposal tran1 esp encryption algorithm des SwitchA ipsec proposal tran1 esp authentication algorithm sha1 SwitchA ipsec proposal tran1 quit SwitchA ipsec policy po...

Page 297: ...ipsec proposal tran1 encapsulation mode transport SwitchC ipsec proposal tran1 transform esp SwitchC ipsec proposal tran1 esp encryption algorithm des SwitchC ipsec proposal tran1 esp authentication...

Page 298: ...g OSPFv3 and OSPFv2 have the following differences OSPFv3 runs on a per link basis and OSPFv2 runs on a per IP subnet basis OSPFv3 supports multiple instances per link but OSPFv2 does not OSPFv3 ident...

Page 299: ...a route to another autonomous system A default route can be described by an AS external LSA Link LSA A router originates a separate Link LSA for each attached link Link LSAs have link local flooding...

Page 300: ...s GR timer If a failure to establish adjacencies occurs during a GR the device will be in the GR process for a long time To avoid this configure the GR timer for the device to exit the GR process when...

Page 301: ...bling OSPFv3 complete the following tasks Make neighboring nodes accessible with each other at the network layer Enable IPv6 packet forwarding Enabling OSPFv3 To enable an OSPFv3 process on a router y...

Page 302: ...reas exchange routing information through the backbone area The backbone and non backbone areas including the backbone itself must be contiguous In practice necessary physical links may not be availab...

Page 303: ...virtual link vlink peer router id hello seconds retransmit seconds trans delay seconds dead seconds instance instance id Required NOTE Both ends of a virtual link are ABRs that must be configured with...

Page 304: ...mode specify the link local IP addresses of their neighbors because these interfaces cannot find neighbors through broadcasting hello packets You can also specify DR priorities for neighbors Follow t...

Page 305: ...To do Use the command Remarks Enter system view system view Enter OSPFv3 view ospfv3 process id Configure inbound route filtering filter policy acl number ipv6 prefix ipv6 prefix name import Required...

Page 306: ...enabling load balancing among these routes can improve link utilization Follow these steps to configure the maximum number of load balanced routes To do Use the command Remarks Enter system view syst...

Page 307: ...ault route using the default route advertise command Because OSPFv3 is a link state routing protocol it cannot directly filter LSAs to be advertised You must filter redistributed routes first Routes t...

Page 308: ...d seconds instance instance id Optional Defaults to 40 seconds on P2P broadcast interfaces Configure the LSA retransmission interval ospfv3 timer retransmit interval instance instance id Optional Defa...

Page 309: ...MTU check for DD packets ospfv3 mtu ignore instance instance id Required Not ignored by default Disable interfaces from receiving and sending OSPFv3 packets Follow these steps to disable interfaces fr...

Page 310: ...ion after a master slave switchover a GR Restarter running OSPFv3 must complete the following tasks Keep the GR Restarter forwarding entries stable during reboot Establish all adjacencies and obtain c...

Page 311: ...s Before a BFD session is established it is in the down state In this state BFD control packets are sent at an interval of no less than one second to reduce BFD control packet traffic After the BFD se...

Page 312: ...er the virtual link If an interface and its area each have an IPsec policy configured the interface uses its own IPsec policy If a virtual link and area 0 each have an IPsec policy configured the virt...

Page 313: ...ix link network router grace link state id originate router router id total begin exclude include regular expression Display OSPFv3 LSDB statistics display ospfv3 lsdb statistic begin exclude include...

Page 314: ...tatistics display ospfv3 statistic begin exclude include regular expression Display the GR status of the specified OSPFv3 process display ospfv3 process id graceful restart status begin exclude includ...

Page 315: ...1 area 1 SwitchB Vlan interface200 quit Configure Switch C SwitchC system view SwitchC ipv6 SwitchC ospfv3 SwitchC ospfv3 1 router id 3 3 3 3 SwitchC ospfv3 1 quit SwitchC interface vlan interface 100...

Page 316: ...Switch D SwitchD display ospfv3 routing E1 Type 1 external route IA Inter area route I Intra area route E2 Type 2 external route Selected route OSPFv3 Router with ID 4 4 4 4 Process 1 Destination 200...

Page 317: ...2001 1 64 Type IA Cost 3 NextHop FE80 F40D 0 93D0 1 Interface Vlan400 Destination 2001 2 64 Type I Cost 1 NextHop directly connected Interface Vlan400 Destination 2001 3 64 Type IA Cost 4 NextHop FE80...

Page 318: ...108 Network diagram Configuration procedure 1 Configure IPv6 addresses for interfaces Details not shown 2 Configure OSPFv3 basic functions Configure Switch A SwitchA system view SwitchA ipv6 SwitchA...

Page 319: ...ace Instance ID 2 2 2 2 1 2 Way DROther 00 00 36 Vlan200 0 3 3 3 3 1 Full Backup 00 00 35 Vlan100 0 4 4 4 4 1 Full DR 00 00 33 Vlan200 0 Display neighbor information on Switch D The neighbor states ar...

Page 320: ...shutdown commands on interfaces to restart DR and BDR election Details not shown Display neighbor information on Switch A Switch C becomes the BDR SwitchA display ospfv3 peer OSPFv3 Area ID 0 0 0 0 P...

Page 321: ...uter id 1 1 1 1 SwitchA ospfv3 1 quit SwitchA interface vlan interface 100 SwitchA Vlan interface100 ospfv3 1 area 2 SwitchA Vlan interface100 quit SwitchA interface vlan interface 200 SwitchA Vlan in...

Page 322: ...0 Cost 0 Destination 3 64 Protocol Direct NextHop 3 2 Preference 0 Interface Vlan300 Cost 0 Destination 3 2 128 Protocol Direct NextHop 1 Preference 0 Interface InLoop0 Cost 0 Destination 4 64 Protoco...

Page 323: ...300 Cost 0 Destination 3 2 128 Protocol Direct NextHop 1 Preference 0 Interface InLoop0 Cost 0 Destination 4 64 Protocol Direct NextHop 4 1 Preference 0 Interface Vlan400 Cost 0 Destination 4 1 128 Pr...

Page 324: ...e100 quit Enable OSPFv3 on Switch B and set the router ID to 2 2 2 2 By default GR helper is enabled on Switch B SwitchB system view SwitchB ipv6 SwitchB ospfv3 1 SwitchB ospfv3 1 router id 2 2 2 2 Sw...

Page 325: ...lan int10 2001 1 64 Switch B Vlan int10 2001 2 64 Vlan int11 2001 2 1 64 Vlan int13 2001 3 2 64 Switch C Vlan int11 2001 2 2 64 Vlan int13 2001 3 1 64 Configuration procedure 1 Configure IP addresses...

Page 326: ...re BFD parameters SwitchA bfd session init mode active SwitchA interface vlan interface 10 SwitchA Vlan interface10 ospfv3 bfd enable SwitchA Vlan interface10 bfd min transmit interval 500 SwitchA Vla...

Page 327: ...rocessID 0 Interface Vlan interface11 Protocol OSPFv3 State Invalid Adv Cost 2 Tunnel ID 0x0 Label NULL Age 4515sec Enable BFD debugging on Switch A SwitchA debugging bfd scm SwitchA debugging bfd eve...

Page 328: ...elayNextHop Tag 0H Neighbor ProcessID 0 Interface Vlan interface11 Protocol OSPFv3 State Invalid Adv Cost 2 Tunnel ID 0x0 Label NULL Age 4610sec Configuring OSPFv3 IPsec policies Network requirements...

Page 329: ...orithm to SHA1 create an IPsec policy named policy001 specify the manual mode for it reference IPsec proposal tran1 set the SPIs of the inbound and outbound SAs to 12345 and the keys for the inbound a...

Page 330: ...algorithm des SwitchB ipsec proposal tran2 esp authentication algorithm sha1 SwitchB ipsec proposal tran2 quit SwitchB ipsec policy policy002 10 manual SwitchB ipsec policy manual policy002 10 propos...

Page 331: ...uration OSPFv3 traffic between Switches A B and C is protected by IPsec Troubleshooting OSPFv3 configuration No OSPFv3 neighbor relationship established Symptom No OSPF neighbor relationship can be es...

Page 332: ...th the stub area Solution 1 Use the display ospfv3 peer command to display OSPFv3 neighbors 2 Use the display ospfv3 interface command to display OSPFv3 interface information 3 Use the display ospfv3...

Page 333: ...LSP The TLVs include the following IPv6 Reachability Defines the prefix metric of routing information to indicate network reachability and has a type value of 236 0xEC IPv6 Interface Address Same as...

Page 334: ...do Use command to Remarks Enter system view system view Enter IS IS view isis process id Define the priority for IPv6 IS IS routes ipv6 preference route policy route policy name preference Optional 15...

Page 335: ...dvertisement If a protocol is specified only routes redistributed from the routing protocol are filtered for advertisement For information about ACL see ACL and QoS Configuration Guide For information...

Page 336: ...regular expression Available in any view Display the mapping table between the host name and system ID display isis name table process id vpn instance vpn instance name begin exclude include regular e...

Page 337: ...rk diagram Configuration procedure 1 Configure IPv6 addresses for interfaces Details not shown 2 Configure IPv6 IS IS Configure Switch A SwitchA system view SwitchA ipv6 SwitchA isis 1 SwitchA isis 1...

Page 338: ...300 isis ipv6 enable 1 SwitchC Vlan interface300 quit Configure Switch D SwitchD system view SwitchD ipv6 SwitchD isis 1 SwitchD isis 1 is level level 2 SwitchD isis 1 network entity 20 0000 0000 0004...

Page 339: ...e Destination PrefixLen 0 Flag R Cost 10 Next Hop FE80 200 FF FE0F 4 Interface Vlan200 Destination 2001 1 PrefixLen 64 Flag D L Cost 10 Next Hop FE80 200 FF FE0F 4 Interface Vlan200 Destination 2001 2...

Page 340: ...ace Vlan200 Destination 2001 3 PrefixLen 64 Flag D L Cost 10 Next Hop Direct Interface Vlan300 Destination 2001 4 1 PrefixLen 128 Flag R Cost 10 Next Hop FE80 20F E2FF FE3E FA3D Interface Vlan300 Flag...

Page 341: ...ailure and notify IPv6 IS IS of the failure Then Switch A and Switch B communicate through Switch C Figure 114 Network diagram Device Interface IPv6 address Device Interface IPv6 address Switch A Vlan...

Page 342: ...hC isis 1 ipv6 enable SwitchC isis 1 quit SwitchC interface vlan interface 11 SwitchC Vlan interface11 isis ipv6 enable 1 SwitchC Vlan interface11 quit SwitchC interface vlan interface 13 SwitchC Vlan...

Page 343: ...64 on Switch A and you can see that Switch A and Switch B communicate through the Layer 2 switch SwitchA display ipv6 routing table 2001 4 0 64 verbose Routing Table Summary Count 2 Destination 2001 4...

Page 344: ...2009 SwitchA ISIS 4 ADJLOG ISIS 1 ADJCHANGE Adjacency To 0000 0000 0002 vlan10 DOWN Level 1 Circuit Down Aug 8 14 54 05 369 2009 SwitchA ISIS 4 ADJLOG ISIS 1 ADJCHANGE Adjacency To 0000 0000 0002 vla...

Page 345: ...introducing Multiprotocol BGP MP BGP which is defined in RFC 2858 multiprotocol extensions for BGP 4 For brevity purposes MP BGP for IPv6 is called IPv6 BGP IPv6 BGP puts IPv6 network layer informati...

Page 346: ...oup Optional Configuring outbound route filtering Optional Configuring inbound route filtering Optional Configuring IPv6 BGP and IGP route synchronization Optional Controlling route distribution and r...

Page 347: ...e the command Remarks Enter system view system view Enter BGP view bgp as number Specify a router ID router id router id Optional Required if no IP addresses are configured for any interfaces Enter IP...

Page 348: ...t and the command apply preferred value preferred value in the chapter Routing policy configuration commands Specifying the source interface for establishing TCP connections IPv6 BGP uses TCP as the t...

Page 349: ...figured by default NOTE Direct links must be available between eBGP peers If not you can use the peer ebgp max hop command to establish a multi hop TCP connection in between However do not use this co...

Page 350: ...te change logging for an IPv6 peer or peer group peer ipv6 group name ipv6 address log change Optional Enabled by default NOTE See Layer 3 IP Routing Command Reference for information about the log pe...

Page 351: ...te ipv6 address prefix length as set attribute policy route policy name detail suppressed origin policy route policy name suppress policy route policy name Required Not configured by default Advertisi...

Page 352: ...oup peer ipv6 group name ipv6 address ipv6 prefix ipv6 prefix name export Required Not specified by default NOTE IPv6 BGP advertises routes passing the specified policy to peers Using the protocol arg...

Page 353: ...route s next hop If the next hop is reachable the IPv6 BGP router advertises the route to eBGP peers If the synchronization feature is configured in addition to the reachability check of the next hop...

Page 354: ...bgp as number Enter IPv6 address family view ipv6 family Configure preference values for IPv6 BGP external internal and local routes preference external preference internal preference local preference...

Page 355: ...med med value Optional Defaults to 0 Enable the comparison of MED for routes from different eBGP peers compare different as med Optional Not enabled by default Enable the comparison of MED for routes...

Page 356: ...is sent nor holdtime is checked IPv6 BGP connection soft reset After modifying a route selection policy you must reset IPv6 BGP connections to make the new one take effect The current IPv6 BGP impleme...

Page 357: ...ured using the timer command have lower priority than timers configured using the peer timer command The holdtime interval must be at least three times the keepalive interval Configuring IPv6 BGP soft...

Page 358: ...rry ORF information in messages If yes it will further determine whether to carry non standard ORF information in the packets After completing the negotiation process and establishing the neighboring...

Page 359: ...ports only 2 byte AS numbers the peer relationship cannot be established After you enable the 4 byte AS number suppression function the peer device can then process the Open message even though it doe...

Page 360: ...y to BGP packets The MD5 authentication requires that the two parties have the same authentication mode and password to establish a TCP connection otherwise no TCP connection can be established due to...

Page 361: ...a pure eBGP peer group and if not a mixed eBGP peer group In a peer group all members have a common policy Using the community attribute can make a set of IPv6 BGP routers in multiple ASs have the sam...

Page 362: ...ate a pure eBGP peer group specify an AS number for the peer group If a peer was added into an eBGP peer group you cannot specify any AS number for the peer group Creating a mixed eBGP peer group Foll...

Page 363: ...ystem view system view Enter BGP view bgp as number Enter IPv6 address family view ipv6 family Apply a routing policy to routes advertised to an IPv6 peer or peer group peer ipv6 group name ipv6 addre...

Page 364: ...keepalive interval This mechanism makes the detection of a link failure rather slow and thus causes a large quantity of packets to be dropped especially when the failed link is a high speed link You...

Page 365: ...uting table as path acl as path acl number begin exclude include regular expression Display IPv6 BGP routing information with the specified community attribute display bgp ipv6 routing table community...

Page 366: ...internal export import Reset IPv6 BGP connections reset bgp ipv6 as number ipv4 address ipv6 address flap info all external group group name internal Available in user view Clearing IPv6 BGP informati...

Page 367: ...pv6 quit SwitchB bgp quit Configure Switch C SwitchC system view SwitchC ipv6 SwitchC bgp 65009 SwitchC bgp router id 3 3 3 3 SwitchC bgp ipv6 family SwitchC bgp af ipv6 peer 9 3 1 as number 65009 Swi...

Page 368: ...ished 9 1 2 65009 2 4 0 0 00 00 19 Established Display IPv6 peer information on Switch C SwitchC display bgp ipv6 peer BGP local router ID 3 3 3 3 Local AS number 65009 Total number of peers 2 Peers i...

Page 369: ...B SwitchB system view SwitchB ipv6 SwitchB bgp 200 SwitchB bgp router id 2 2 2 2 SwitchB bgp ipv6 family SwitchB bgp af ipv6 peer 100 1 as number 100 SwitchB bgp af ipv6 peer 101 1 as number 200 Switc...

Page 370: ...Switches B and C establish an eBGP relationship Configure IPsec policies on the switches to authenticate and encrypt protocol packets Figure 117 Network diagram Configuration procedure 1 Configure IP...

Page 371: ...sec proposal tran1 transform esp SwitchA ipsec proposal tran1 esp encryption algorithm des SwitchA ipsec proposal tran1 esp authentication algorithm sha1 SwitchA ipsec proposal tran1 quit SwitchA ipse...

Page 372: ...10 sa spi outbound esp 54321 SwitchB ipsec policy manual policy002 10 sa spi inbound esp 54321 SwitchB ipsec policy manual policy002 10 sa string key outbound esp gfedcba SwitchB ipsec policy manual p...

Page 373: ...p quit 7 Verify the configuration Display detailed IPv6 BGP peer information SwitchB display bgp ipv6 peer verbose BGP Peer is 1 1 remote AS 65008 Type IBGP link BGP version 4 remote router ID 1 1 1 1...

Page 374: ...Total 0 messages Update messages 0 Sent Total 0 messages Update messages 0 Maximum allowed prefix number 4294967295 Threshold 75 Minimum time between advertisement runs is 30 seconds Optional capabil...

Page 375: ...P on Switch A Establish two iBGP connections between Switch A and Switch C SwitchA system view SwitchA bgp 200 SwitchA bgp ipv6 family SwitchA bgp af ipv6 peer 3001 3 as number 200 SwitchA bgp af ipv6...

Page 376: ...6 peer 3001 3 bfd SwitchA bgp af ipv6 quit SwitchA bgp quit 4 Configure IPv6 BGP on Switch C SwitchC system view SwitchC bgp 200 SwitchC bgp ipv6 family SwitchC bgp af ipv6 peer 3000 1 as number 200 S...

Page 377: ...3000ms Recv Pkt Num 57 Send Pkt Num 53 Hold Time 2200ms Connect Type Direct Running Up for 00 00 06 Auth mode none Protocol BGP6 Diag Info No Diagnostic The output shows that a BFD session is establi...

Page 378: ...ure on Switch B Nov 5 11 42 24 172 2009 SwitchC BFD 5 BFD_CHANGE_FSM Sess 3001 3 3000 1 13 17 VLAN101 Ctrl Sta UP DOWN Diag 1 Nov 5 11 42 24 172 2009 SwitchC BGP 5 BGP_STATE_CHANGED 3000 1 state is ch...

Page 379: ...ully Processing steps 1 Use the display current configuration command to check that the peer s AS number is correct 2 Use the display bgp ipv6 peer command to check that the peer s IPv6 address is cor...

Page 380: ...Filters redistributed routes Modifies or sets the attributes of some routes Routing policy implementation To configure a routing policy you must do the following 1 Define some filters based on the at...

Page 381: ...define its own match criteria A routing policy can comprise multiple nodes which are in logic OR relationship Each routing policy node is a match unit and a node with a smaller number is matched firs...

Page 382: ...to match and is identified by an index number An item with a smaller index number is matched first If one item is matched the IP prefix list is passed and the routing information will not go to the n...

Page 383: ...list You must define the permit 0 less equal 128 item following multiple deny items to allow other IPv6 routing information to pass For example the following configuration filters routes 2000 1 48 200...

Page 384: ...origin 1 16 Required Not defined by default Configuring a routing policy A routing policy is used to filter routing information and modify attributes of matching routing information The match criteria...

Page 385: ...t does not meet any node cannot pass the routing policy If all nodes of the routing policy are set with the deny keyword no routing information can pass it Defining if match clauses Follow these steps...

Page 386: ...igured by default NOTE The if match clauses of a routing policy node are in logic AND relationship Routing information must satisfy all of its if match clauses before being executed with its apply cla...

Page 387: ...uting apply extcommunity rt route target 1 16 additive soo site of origin additive Optional Not set by default for IPv4 routes apply ip address next hop ip address Optional Not set by default The sett...

Page 388: ...rger that the current node number NOTE If you configure the same type of apply clauses that set different values including the apply community and apply extcommunity clauses with the additive keyword...

Page 389: ...user view Routing policy configuration examples Applying a routing policy to IPv4 route redistribution Network requirements As shown in Figure 1 19 Switch B exchanges routing information with Switch A...

Page 390: ...face200 quit 3 Configure OSPF and route redistribution Configure OSPF on Switch A SwitchA system view SwitchA ospf SwitchA ospf 1 area 0 SwitchA ospf 1 area 0 0 0 0 network 192 168 1 0 0 0 0 255 Switc...

Page 391: ...tchB route policy isis2ospf permit node 20 SwitchB route policy if match acl 2002 SwitchB route policy apply tag 20 SwitchB route policy quit SwitchB route policy isis2ospf permit node 30 SwitchB rout...

Page 392: ...and VLAN interface 200 SwitchA system view SwitchA ipv6 SwitchA interface vlan interface 100 SwitchA Vlan interface100 ipv6 address 10 1 32 SwitchA Vlan interface100 quit SwitchA interface vlan interf...

Page 393: ...rface100 ripng 1 enable SwitchB Vlan interface100 quit Enable RIPng SwitchB ripng Display RIPng routing table information SwitchB ripng 1 display ripng 1 route Route Flags A Aging S Suppressed G Garba...

Page 394: ...er id 2 2 2 2 SwitchB bgp peer 1 1 2 2 as number 300 Configure Switch C SwitchC system view SwitchC bgp 300 SwitchC bgp router id 3 3 3 3 SwitchC bgp peer 1 1 1 1 as number 100 SwitchC bgp peer 1 1 2...

Page 395: ...D has learned routes 4 4 4 0 24 5 5 5 0 24 and 6 6 6 0 24 from AS 100 and 7 7 7 0 24 8 8 8 0 24 and 9 9 9 0 24 from AS 200 3 Configure Switch D to reject routes from AS 200 Configure AS_PATH list 1 S...

Page 396: ...the IP prefix list must be configured as permit mode and at least one node in the routing policy must be configured as permit mode Solution 1 Use the display ip ip prefix command to display IP prefix...

Page 397: ...PBR policy does not exist the matching packet is forwarded according to the routing table If a default next hop is configured in the PBR policy destination based routing takes precedence over PBR Usi...

Page 398: ...clauses Table 7 Relationship between the match mode and the clauses Then If a packet In permit mode In deny mode Matches all the if match clauses on a policy node The apply clause is executed and the...

Page 399: ...as the backup next hop Set default next hops apply ip address default next hop ip address track track entry number ip address track track entry number Optional You can specify two next hops at a time...

Page 400: ...e routing table Configuring local PBR Only one policy can be referenced for local PBR Follow these steps to configure local PBR To do Use the command Remarks Enter system view system view Configure lo...

Page 401: ...Configuring a QoS policy Follow these steps to configure traffic redirection To do Use the command Remarks Enter system view system view Create a class and enter class view traffic classifier tcl nam...

Page 402: ...e type interface number Enter interface view or port group view Enter port group view port group manual port group name Use either command Settings in interface view take effect on the current interfa...

Page 403: ...ts can pass the policy and then are forwarded according to the apply clauses if the permit keyword is specified for the node or are denied if the deny keyword is specified The packets will not go to t...

Page 404: ...igure Node 5 of policy aaa to forward TCP packets to next hop 1 1 2 2 SwitchA policy based route aaa permit node 5 SwitchA pbr aaa 5 if match acl 3101 SwitchA pbr aaa 5 apply ip address next hop 1 1 2...

Page 405: ...255 time 2 ms Reply from 1 1 3 2 bytes 56 Sequence 2 ttl 255 time 1 ms Reply from 1 1 3 2 bytes 56 Sequence 3 ttl 255 time 1 ms Reply from 1 1 3 2 bytes 56 Sequence 4 ttl 255 time 1 ms Reply from 1 1...

Page 406: ...icy based route aaa permit node 5 SwitchA pbr aaa 5 if match acl 3101 SwitchA pbr aaa 5 apply ip address next hop 1 1 2 2 SwitchA pbr aaa 5 quit Apply the policy aaa to VLAN interface 1 1 SwitchA inte...

Page 407: ...55 0 SwitchC Vlan interface20 quit Verification Configure the IP address of Host A as 10 1 10 0 20 24 and the gateway as 10 1 10 0 10 On Host A telnet to Switch B 1 1 2 2 that is directly connected to...

Page 408: ...ehavior a in QoS policy a SwitchA qos policy a SwitchA qospolicy a classifier a behavior a SwitchA qospolicy a quit Apply QoS policy a to the incoming traffic of GigabitEthernet 1 0 1 SwitchA interfac...

Page 409: ...chA traffic behavior a SwitchA behavior a redirect next hop 202 2 SwitchA behavior a quit Associate class a with behavior a in QoS policy a SwitchA qos policy a SwitchA qospolicy a classifier a behavi...

Page 410: ...VPN routes and uses MPLS to forward VPN packets on service provider backbones MPLS L3VPN provides flexible networking modes excellent scalability and convenient support for MPLS QoS and MPLS TE The MP...

Page 411: ...on When VPN traffic travels over the MPLS backbone the ingress PE functions as the ingress Label Switching Router LSR the egress PE functions as the egress LSR and P routers function as the transit LS...

Page 412: ...ocess overlapping VPN routes If for example both VPN 1 and VPN 2 use addresses on the segment 10 1 10 10 0 24 and each advertise a route to the segment BGP selects only one of them which results in th...

Page 413: ...ches the import target attribute of the VPN instance the PE adds the routes to the VPN routing table In other words VPN target attributes define which sites can receive VPN IPv4 routes and from which...

Page 414: ...information according to the number of the interface receiving the information It then maintains the corresponding routing table accordingly You must also bind the interfaces to the VPNs on PE 1 in th...

Page 415: ...n an OSPF route is imported to the BGP routing table as a BGP route on a PE some attributes of the OSPF route get lost When the BGP route is imported to the OSPF routing table on the remote CE not all...

Page 416: ...the VPN routing entries on MCE devices to the routing table of the routing protocol running between MCE and PEs The following routing protocols can be used between MCE and PE devices for routing form...

Page 417: ...es in the route calculation of the specified VPN After creating and configuring a VPN instance you associate the VPN instance with the interface for connecting different VPN sites Follow these steps t...

Page 418: ...stance export route policy route policy Optional By default all VPN instance routes permitted by the export target attribute can be redistributed NOTE Only when BGP runs between the MCE and PE can the...

Page 419: ...e static routes for a VPN instance ip route static vpn instance s vpn instance name 1 6 dest address mask mask length gateway address public interface type interface number gateway address vpn instanc...

Page 420: ...hrough different OSPF processes ensuring the separation and security of VPN routes Follow these steps to configure OSPF between MCE and VPN site To do Use the command Remarks Enter system view system...

Page 421: ...ecurity of VPN routes Follow these steps to configure IS IS between MCE and VPN site To do Use the command Remarks Enter system view system view Create an IS IS process for a VPN instance and enter IS...

Page 422: ...refix ip prefix name export direct isis process id ospf process id rip process id static Optional By default BGP does not filter the routes to be advertised Configure a filtering policy to filter the...

Page 423: ...sites 1 Configure the MCE Follow these steps to configure the MCE To do Use the command Remarks Enter system view system view Enter BGP view bgp as number Enter BGP VPN instance view ipv4 family vpn i...

Page 424: ...stances Perform route configurations Redistribute VPN routes into the routing protocol running between the MCE and the PE Configuring static routing between MCE and PE Follow these steps to configure...

Page 425: ...ps to configure OSPF between MCE and PE To do Use the command Remarks Enter system view system view Create an OSPF process for a VPN instance and enter OSPF view ospf process id router id router id vp...

Page 426: ...isis process id vpn instance vpn instance name Required Configure a network entity title network entity net Required Not configured by default Redistribute the VPN routes import route isis process id...

Page 427: ...import Optional By default BGP does not filter the received routes NOTE BGP runs within a VPN in the same way as it runs within a public network For more information about BGP see Layer 3 IP Routing C...

Page 428: ...on changes you can use the soft reset function or reset BGP connections to make new configurations take effect Soft reset requires that BGP peers have route refreshment capability supporting Route Ref...

Page 429: ...ance name paths as regular expression begin exclude include regular expression Available in any view Display information about BGP VPNv4 peers display bgp vpnv4 vpn instance vpn instance name peer gro...

Page 430: ...path regexp Available in user view NOTE For commands to display information about a routing table see Layer 3 IP Routing Command Reference MCE configuration examples Using OSPF to advertise VPN routes...

Page 431: ...E ip vpn instance vpn1 MCE vpn instance vpn1 route distinguisher 10 1 MCE vpn instance vpn1 vpn target 10 1 MCE vpn instance vpn1 quit MCE ip vpn instance vpn2 MCE vpn instance vpn2 route distinguishe...

Page 432: ...N 1 directly and no routing protocol is enabled in VPN 1 Therefore you can configure static routes On VR 1 assign IP address 10 214 10 2 24 to the interface connected to MCE and 192 168 0 1 24 to the...

Page 433: ...0 0 1 InLoop0 127 0 0 1 32 Direct 0 0 127 0 0 1 InLoop0 192 168 10 0 24 RIP 100 1 10 214 20 2 Vlan20 The output shows that the MCE has learned the private routes of VPN 2 The MCE maintains the routes...

Page 434: ...ce PE1 vlan 40 PE1 vlan40 quit PE1 interface vlan interface 40 PE1 Vlan interface40 ip binding vpn instance vpn2 PE1 Vlan interface40 ip address 40 1 1 2 24 PE1 Vlan interface40 quit Configure the IP...

Page 435: ...able of MCE The following output shows that PE 1 has learned the private route of VPN 2 through OSPF PE1 display ip routing table vpn instance vpn2 Routing Tables vpn2 Destinations 5 Routes 5 Destinat...

Page 436: ...t shown Configure OSPF on the MCE and bind OSPF process 10 with VPN instance vpn1 to learn the routes of VPN 1 MCE system view MCE ospf router id 10 214 10 3 10 vpn instance vpn1 MCE ospf 10 area 0 MC...

Page 437: ...tion procedure is similar to that described in Using OSPF to advertise VPN routes to the PE Details not shown Start BGP process 100 on the MCE and enter the IPv4 address family view of VPN instance vp...

Page 438: ...VPN 2 through BGP PE1 display ip routing table vpn instance vpn2 Routing Tables vpn2 Destinations 5 Routes 5 Destination Mask Proto Pre Cost NextHop Interface 40 1 1 0 24 Direct 0 0 40 1 1 2 Vlan40 40...

Page 439: ...ork scenarios besides MPLS L3VPNs Creating a VPN instance A VPN instance is associated with a site It is a collection of the VPN membership and routing rules of its associated site A VPN instance does...

Page 440: ...learned from a CE gets redistributed into BGP BGP associates it with a VPN target extended community attribute list which is usually the export target attribute of the VPN instance associated with th...

Page 441: ...sable route redistribution between routing protocols to save system resources Configuring routing between IPv6 MCE and VPN site Configuring static routing between IPv6 MCE and VPN site An IPv6 MCE can...

Page 442: ...te remote site routes advertised by the PE import route protocol process id allow ibgp cost cost route policy route policy name Required By default no route of any other routing protocol is redistribu...

Page 443: ...ting Configuration Guide Configuring IPv6 IS IS between IPv6 MCE and VPN site An IPv6 IS IS process belongs to the public network or a single IPv6 VPN instance If you create an IPv6 IS IS process with...

Page 444: ...h VPN instance on the IPv6 VPN sites If eBGP is used for route exchange you also can configure filtering policies to filter the received routes and the routes to be advertised 1 Configure the IPv6 MCE...

Page 445: ...Pv6 MCE PE routing configuration includes these tasks Bind the IPv6 MCE PE interfaces to IPv6 VPN instances Perform routing configurations Redistribute IPv6 VPN routes into the routing protocol runnin...

Page 446: ...onfiguration Guide Configuring OSPFv3 between IPv6 MCE and PE Follow these steps to configure OSPFv3 between IPv6 MCE and PE To do Use the command Remarks Enter system view system view Create an OSPFv...

Page 447: ...ot specify the route level in the command the command will redistribute routes to the level 2 routing table by default Configure a filtering policy to filter the redistributed routes ipv6 filter polic...

Page 448: ...an use the soft reset function or reset BGP connections to make new configurations take effect Soft reset requires that BGP peers have route refreshment capability supporting Route Refresh messages Us...

Page 449: ...tistic statistic begin exclude include regular expression Available in any view Display the BGP VPNv6 routing information of a specified RD display bgp vpnv6 route distinguisher route distinguisher ro...

Page 450: ...ces vpn1 and vpn2 and specify a RD and VPN targets for each VPN instance MCE system view MCE ip vpn instance vpn1 MCE vpn instance vpn1 route distinguisher 10 1 MCE vpn instance vpn1 vpn target 10 1 M...

Page 451: ...1 PE1 vpn instance vpn2 vpn target 20 1 PE1 vpn instance vpn2 quit 2 Configure routing between the MCE and VPN sites The MCE is connected with VPN 1 directly and no routing protocol is enabled in VPN...

Page 452: ...ce vpn1 Routing Table vpn1 Destinations 5 Routes 5 Destination 1 128 Protocol Direct NextHop 1 Preference 0 Interface InLoop0 Cost 0 Destination 2001 1 64 Protocol Direct NextHop 2001 1 1 Preference 0...

Page 453: ...runk port and configure it to permit packets of VLAN 30 and VLAN 40 to pass with VLAN tags PE1 interface gigabitethernet 1 0 1 PE1 GigabitEthernet1 0 1 port link type trunk PE1 GigabitEthernet1 0 1 po...

Page 454: ...process to VPN instance vpn1 and redistribute the IPv6 static route of VPN 1 MCE ospfv3 10 vpn instance vpn1 MCE ospf 10 router id 101 101 10 1 MCE ospf 10 import route static MCE ospf 10 quit Enable...

Page 455: ...of the MCE The following output shows that PE 1 has learned the private route of VPN 2 through OSPFv3 PE1 display ipv6 routing table vpn instance vpn2 Routing Table vpn2 Destinations 5 Routes 5 Destin...

Page 456: ...s 76 Configuring OSPF FRR 94 Configuring OSPF Graceful Restart 96 Configuring OSPF network types 78 Configuring OSPF route control 81 Configuring OSPFv3 area parameters 285 Configuring OSPFv3 GR 293 C...

Page 457: ...amples 413 MCE overview 393 O OSPF configuration examples 100 OSPF configuration task list 73 OSPFv3 configuration examples 297 OSPFv3 configuration task list 283 Overview 422 P PBR configuration exam...

Reviews:

No comments

Brands by name

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Popular brands

Load more brands