manualshive.com logo in svg

HP VSR1000, Configuration Manual

The HP VSR1000 Configuration Manual is an essential resource for users seeking to optimize their networking experience. This comprehensive manual is available for free download from manualshive.com, providing step-by-step instructions, troubleshooting tips, and comprehensive setup guidance. Empower yourself with this invaluable resource to unlock the full potential of your HP VSR1000.

Share
Download
background image

 

402 

reference IPsec transform set 

trans

, and set the SPIs of the inbound and outbound SAs to 

123

 and 

the keys for the inbound and outbound SAs to

 abc

 using ESP. 

[RouterA] ipsec transform-set trans 

[RouterA-ipsec-transform-set-trans] encapsulation-mode transport 

[RouterA-ipsec-transform-set-trans] esp encryption-algorithm 3des-cbc 

[RouterA-ipsec-transform-set-trans] esp authentication-algorithm md5 

[RouterA-ipsec-transform-set-trans] ah authentication-algorithm md5 

[RouterA-ipsec-transform-set-trans] quit 

[RouterA] ipsec profile profile001 manual 

[RouterA-ipsec-profile-profile001-manual] transform-set trans 

[RouterA-ipsec-profile-profile001-manual] sa spi inbound ah 100000 

[RouterA-ipsec-profile-profile001-manual] sa spi outbound ah 100000 

[RouterA-ipsec-profile-profile001-manual] sa spi inbound esp 200000 

[RouterA-ipsec-profile-profile001-manual] sa spi outbound esp 200000 

[RouterA-ipsec-profile-profile001-manual] sa string-key inbound ah simple abc 

[RouterA-ipsec-profile-profile001-manual] sa string-key outbound ah simple abc 

[RouterA-ipsec-profile-profile001-manual] sa string-key inbound esp simple 123 

[RouterA-ipsec-profile-profile001-manual] sa string-key outbound esp simple 123 

[RouterA-ipsec-profile-profile001-manual] quit 

# On Router B, create an IPsec transform set named 

trans

, and set the encapsulation mode to 

transport mode, the security protocol to ESP, the encryption algorithm to 3DES, and authentication 

algorithm to MD5. Create an IPsec profile named 

profile001

, specify the manual mode for it, 

reference IPsec transform set 

trans

, and set the SPIs of the inbound and outbound SAs to 

123

 and 

the keys for the inbound and outbound SAs using ESP to 

abc

[RouterB] ipsec transform-set trans 

[RouterB-ipsec-transform-set-trans] encapsulation-mode transport 

[RouterB-ipsec-transform-set-trans] esp encryption-algorithm 3des-cbc  

[RouterB-ipsec-transform-set-trans] esp authentication-algorithm md5  

[RouterB-ipsec-transform-set-trans] ah authentication-algorithm md5  

[RouterB-ipsec-transform-set-trans] quit 

[RouterB] ipsec profile profile001 manual 

[RouterB-ipsec-profile-profile001-manual] transform-set trans 

[RouterB-ipsec-profile-profile001-manual] sa spi inbound ah 100000 

[RouterB-ipsec-profile-profile001-manual] sa spi outbound ah 100000 

[RouterB-ipsec-profile-profile001-manual] sa spi inbound esp 200000 

[RouterB-ipsec-profile-profile001-manual] sa spi outbound esp 200000 

[RouterB-ipsec-profile-profile001-manual] sa string-key inbound ah simple abc 

[RouterB-ipsec-profile-profile001-manual] sa string-key outbound ah simple abc 

[RouterB-ipsec-profile-profile001-manual] sa string-key inbound esp simple 123 

[RouterB-ipsec-profile-profile001-manual] sa string-key outbound esp simple 123 

[RouterB-ipsec-profile-profile001-manual] quit 

[RouterB] ipsec profile profile002 manual 

[RouterB-ipsec-profile-profile002-manual] transform-set trans 

[RouterB-ipsec-profile-profile002-manual] sa spi inbound ah 400000 

[RouterB-ipsec-profile-profile002-manual] sa spi outbound ah 400000 

[RouterB-ipsec-profile-profile002-manual] sa spi inbound esp 256 

[RouterB-ipsec-profile-profile002-manual] sa spi outbound esp 256 

[RouterB-ipsec-profile-profile002-manual] sa string-key inbound ah simple hello 

Summary of Contents for VSR1000

Page 1: ...HP VSR1000 Virtual Services Router Layer 3 IP Routing Configuration Guide Part number 5998 6025 Software version VSR1000_HP CMW710 R0202 X64 Document version 6W100 20140418 ...

Page 2: ...MATERIAL INCLUDING BUT NOT LIMITED TO THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE Hewlett Packard shall not be liable for errors contained herein or for incidental or consequential damages in connection with the furnishing performance or use of this material The only warranties for HP products and services are set forth in the express warranty statements accompan...

Page 3: ...guration examples 12 Basic static route configuration example 12 BFD for static routes configuration example direct next hop 14 BFD for static routes configuration example indirect next hop 16 Static route FRR configuration example 19 Configuring a default route 21 Configuring RIP 22 Overview 22 RIP route entries 22 Routing loop prevention 22 RIP operation 22 RIP versions 23 Protocols and standard...

Page 4: ...ng and maintaining RIP 38 RIP configuration examples 38 Configuring basic RIP 38 Configuring RIP route redistribution 41 Configuring an additional metric for a RIP interface 43 Configuring RIP to advertise a summary route 45 Configuring BFD for RIP single hop echo detection for a directly connected neighbor 48 Configure BFD for RIP single hop echo detection for a specific destination 50 Configurin...

Page 5: ...interface MTU into DD packets 83 Configuring a DSCP value for OSPF packets 84 Configuring the maximum number of external LSAs in LSDB 84 Configuring OSPF exit overflow interval 84 Enabling compatibility with RFC 1583 85 Logging neighbor state changes 85 Configuring OSPF network management 85 Configuring the LSU transmit rate 86 Enabling OSPF ISPF 87 Configuring prefix suppression 87 Configuring pr...

Page 6: ...134 Configuring the maximum number of ECMP routes 135 Configuring IS IS route summarization 135 Advertising a default route 136 Configuring IS IS route redistribution 136 Configuring IS IS route filtering 137 Configuring IS IS route leaking 137 Tuning and optimizing IS IS networks 138 Configuration prerequisites 138 Specifying the interval for sending IS IS hello packets 138 Specifying the IS IS h...

Page 7: ... BGP peer 179 BGP message types 179 BGP path attributes 180 BGP route selection 184 BGP route advertisement rules 184 BGP load balancing 185 Settlements for problems in large scale BGP networks 186 MP BGP 189 BGP configuration views 190 Protocols and standards 191 BGP configuration task list 192 Configuring basic BGP 194 Enabling BGP 194 Configuring a BGP peer 195 Configuring a BGP peer group 197 ...

Page 8: ...iguring BGP GR 258 Enabling SNMP notifications for BGP 259 Enabling logging of session state changes 260 Configuring BFD for BGP 260 Configuring BGP FRR 261 Configuring 6PE 264 Configuring basic 6PE 265 Configuring optional 6PE capabilities 265 Displaying and maintaining BGP 267 Resetting BGP sessions 270 Clearing BGP information 270 IPv4 BGP configuration examples 271 Basic BGP configuration exam...

Page 9: ...routing configuration examples 343 Basic IPv6 static route configuration example 343 BFD for IPv6 static routes configuration example direct next hop 346 BFD for IPv6 static routes configuration example indirect next hop 348 Configuring an IPv6 default route 351 Configuring RIPng 352 Overview 352 RIPng route entries 352 RIPng packets 352 Protocols and standards 353 RIPng configuration task list 35...

Page 10: ... routes 376 Configuring a preference for OSPFv3 376 Configuring OSPFv3 route redistribution 376 Tuning and optimizing OSPFv3 networks 377 Configuration prerequisites 377 Configuring OSPFv3 timers 377 Specifying LSA transmission delay 378 Specifying SPF calculation interval 378 Specifying the LSA generation interval 379 Configuring a DR priority for an interface 379 Ignoring MTU check for DD packet...

Page 11: ...424 Configuring match criteria for an IPv6 node 424 Configuring actions for an IPv6 node 425 Configuring IPv6 PBR 426 Configuring IPv6 local PBR 426 Configuring IPv6 interface PBR 426 Enabling IPv6 PBR notification sending 427 Displaying and maintaining IPv6 PBR 427 IPv6 PBR configuration examples 428 Packet type based IPv6 local PBR configuration example 428 Packet type based IPv6 interface PBR c...

Page 12: ...outing policy to IPv4 route redistribution 442 Applying a routing policy to IPv6 route redistribution 445 Support and other resources 447 Contacting HP 447 Subscription service 447 Related information 447 Documents 447 Websites 447 Conventions 448 Index 450 ...

Page 13: ... subnet mask is 32 bits Whether the destination is directly connected Direct route The destination is directly connected Indirect route The destination is indirectly connected Origin Direct route A direct route is discovered by the data link protocol on an interface and is also called an interface route Static route A static route is manually configured by an administrator Dynamic route A dynamic ...

Page 14: ...de RIP OSPF and IS IS EGPs Work between ASs The most popular EGP is BGP Routing algorithm Distance vector protocols Examples include RIP and BGP BGP is also considered a path vector protocol Link state protocols Examples include OSPF and IS IS Destination address type Unicast routing protocols Examples include RIP OSPF BGP and IS IS Multicast routing protocols Examples include PIM SM and PIM DM IP...

Page 15: ...he highest priority is the primary route and others are secondary routes The router forwards matching packets through the primary route When the primary route fails the route with the highest preference among the secondary routes is selected to forward packets When the primary route recovers the router uses it to forward packets Route recursion To use a BGP static or RIP route that has an indirect...

Page 16: ...protocol convergence resulting from a large number of route entries or long GR period The configuration takes effect at the next protocol or RIB process switchover To configure the maximum lifetime for routes and labels in the RIB IPv4 Step Command Remarks 1 Enter system view system view N A 2 Enter RIB view rib N A 3 Create a RIB IPv4 address family and enter RIB IPv4 address family view address ...

Page 17: ...d Remarks 1 Enter system view system view N A 2 Enter RIB view rib N A 3 Create a RIB IPv6 address family and enter its view address family ipv6 By default no RIB IPv6 address family is created 4 Configure the maximum lifetime for IPv6 routes in the FIB fib lifetime seconds By default the maximum lifetime for routes in the FIB is 600 seconds Displaying and maintaining a routing table Execute displ...

Page 18: ...nce name ipv6 address prefix length longer match verbose Display information about routes permitted by an IPv6 basic ACL display ipv6 routing table vpn instance vpn instance name acl acl6 number verbose Display information about routes to a range of IPv6 destination addresses display ipv6 routing table vpn instance vpn instance name ipv6 address1 to ipv6 address2 verbose Display information about ...

Page 19: ... Guide To configure a static route Step Command Remarks 1 Enter system view system view N A 2 Configure a static route Method 1 ip route static dest address mask length mask interface type interface number next hop address next hop address track track entry number vpn instance d vpn instance name next hop address track track entry number permanent preference preference value tag tag value descript...

Page 20: ...igure a static route and enable BFD control mode use one of the following methods Specify an output interface and a direct next hop Specify an indirect next hop and a specific BFD packet source address for the static route To configure BFD control mode for a static route direct next hop Step Command Remarks 1 Enter system view system view N A 2 Configure BFD control mode for a static route Method ...

Page 21: ...ackets to the destination device which loops the packets back to test the link reachability IMPORTANT Do not use BFD for a static route with the output interface in spoofing state To configure BFD echo mode for a static route Step Command Remarks 1 Enter system view system view N A 2 Configure the source address of echo packets bfd echo source ip ip address By default the source address of echo pa...

Page 22: ...onfigured in advance Configuration guidelines Do not use static route FRR and BFD for a static route at the same time Static route does not take effect when the backup output interface is unavailable Equal cost routes do not support static route FRR The backup output interface and next hop cannot be modified and cannot be the same as the primary output interface and next hop Static route FRR is av...

Page 23: ...xt hop Step Command Remarks 1 Enter system view system view N A 2 Configure static route FRR to automatically select a backup next hop ip route static fast reroute auto By default static route FRR is disabled Enabling BFD echo packet mode for static route FRR By default static route FRR does not use BFD to select primary link failures Perform this task to enable static route FRR to use BFD echo pa...

Page 24: ... routers for interconnections between any two hosts Figure 2 Network diagram Configuration procedure 1 Configure IP addresses for interfaces Details not shown 2 Configure static routes Configure a default route on Router A RouterA system view RouterA ip route static 0 0 0 0 0 0 0 0 1 1 4 2 Configure two static routes on Router B RouterB system view RouterB ip route static 1 1 2 0 255 255 255 0 1 1...

Page 25: ... 0 1 1 3 0 24 Static 60 0 1 1 5 6 GE2 0 Static Routing table Status Inactive Summary Count 0 Use the ping command on Host B to test the reachability of Host A Windows XP runs on the two hosts C Documents and Settings Administrator ping 1 1 2 2 Pinging 1 1 2 2 with 32 bytes of data Reply from 1 1 2 2 bytes 32 time 1ms TTL 126 Reply from 1 1 2 2 bytes 32 time 1ms TTL 126 Reply from 1 1 2 2 bytes 32 ...

Page 26: ...e Layer 2 switch fails BFD can detect the failure immediately Router A then communicates with Router B through Router C Figure 3 Network diagram Table 4 Interface and IP address assignment Device Interface IP address Router A GigabitEthernet 1 0 12 1 1 1 24 Router A GigabitEthernet 2 0 10 1 1 102 24 Router B GigabitEthernet 1 0 12 1 1 2 24 Router B GigabitEthernet 2 0 13 1 1 1 24 Router C GigabitE...

Page 27: ...terB GigabitEthernet1 0 bfd detect multiplier 9 RouterB GigabitEthernet1 0 quit RouterB ip route static 121 1 1 0 24 gigabitethernet 1 0 12 1 1 1 bfd control packet RouterB ip route static 121 1 1 0 24 gigabitethernet 2 0 13 1 1 2 preference 65 RouterB quit Configure static routes on Router C RouterC system view RouterC ip route static 120 1 1 0 24 13 1 1 1 RouterC ip route static 121 1 1 0 24 10 ...

Page 28: ...irements As shown in Figure 4 Router A has a route to interface Loopback 1 2 2 2 9 32 on Router B with the output interface GigabitEthernet 1 0 Router B has a route to interface Loopback 1 1 1 1 9 32 on Router A with the output interface GigabitEthernet 1 0 Router D has a route to 1 1 1 9 32 with the output interface GigabitEthernet 1 0 and a route to 2 2 2 9 32 with the output interface GigabitEt...

Page 29: ...etails not shown 2 Configure static routes and BFD Configure static routes on Router A and enable BFD control mode for the static route that traverses Router D RouterA system view RouterA bfd multi hop min transmit interval 500 RouterA bfd multi hop min receive interval 500 RouterA bfd multi hop detect multiplier 9 RouterA ip route static 120 1 1 0 24 2 2 2 9 bfd control packet bfd source 1 1 1 9 ...

Page 30: ... Init Mode Active IPv4 Session Working Under Ctrl Mode LD RD SourceAddr DestAddr State Holdtime Interface 4 7 1 1 1 9 2 2 2 9 Up 2000ms N A The output shows that the BFD session has been created Display static routes on Router A RouterA display ip routing table protocol static Summary Count 1 Static Routing table Status Active Summary Count 1 Destination Mask Proto Pre Cost NextHop Interface 120 1...

Page 31: ...RouterS system view RouterS ip route static 4 4 4 4 32 gigabitethernet 2 0 13 13 13 2 backup interface gigabitethernet 1 0 backup nexthop 12 12 12 2 Configure a static route on Router D and specify GigabitEthernet 1 0 as the backup output interface and 24 24 24 2 as the backup next hop RouterD system view RouterD ip route static 1 1 1 1 32 gigabitethernet 2 0 13 13 13 1 backup interface gigabiteth...

Page 32: ...D 0xffffffff Neighbor 0 0 0 0 Flags 0x1008c OrigNextHop 13 13 13 2 Label NULL RealNextHop 13 13 13 2 BkLabel NULL BkNextHop 12 12 12 2 Tunnel ID Invalid Interface GigabitEthernet2 0 BkTunnel ID Invalid BkInterface GigabitEthernet1 0 Display route 1 1 1 1 32 on Router D to view the backup next hop information RouterS display ip routing table 1 1 1 1 verbose Summary Count 1 Destination 1 1 1 1 32 Pr...

Page 33: ...owing ways The network administrator can configure a default route with both destination and mask being 0 0 0 0 For more information see Configuring a static route Some dynamic routing protocols such as OSPF RIP and IS IS can generate a default route For example an upstream router running OSPF can generate a default route and advertise it to other routers These routers install the default route wi...

Page 34: ...st update The time is reset to 0 when the routing entry is updated Route tag Used for route control For more information see Configuring routing policies Routing loop prevention RIP uses the following mechanisms to prevent routing loops Counting to infinity A destination with a metric value of 16 is considered unreachable When a routing loop occurs the metric value of a route will increment to 16 ...

Page 35: ...llowing advantages over RIPv1 Supports route tags to implement flexible route control through routing policies Supports masks route summarization and CIDR Supports designated next hops to select the best ones on broadcast networks Supports multicasting route updates so only RIPv2 routers can receive these updates to reduce resource consumption Supports plain text authentication and MD5 authenticat...

Page 36: ...RIPv2 message authentication Specifying a RIP neighbor Configuring RIP network management Configuring the RIP packet sending rate Setting the maximum length of RIP packets Optional Configuring BFD for RIP Optional Configuring RIP FRR Configuring basic RIP Before you configure basic RIP settings complete the following tasks Configure the link layer protocol Configure IP addresses for interfaces to ...

Page 37: ... 2 Enable RIP and enter RIP view rip process id vpn instance vpn instance name By default RIP is disabled 3 Return to system view quit N A 4 Enter interface view interface interface type interface number N A 5 Enable RIP on the interface rip process id enable exclude subip By default RIP is disabled on an interface Controlling RIP reception and advertisement on interfaces Step Command Remarks 1 En...

Page 38: ...nfigure a RIP version Step Command Remarks 1 Enter system view system view N A 2 Enter RIP view rip process id vpn instance vpn instance name N A 3 Specify a global RIP version version 1 2 By default no global version is specified and an interface sends RIPv1 broadcasts and can receive RIPv1 broadcasts and unicasts and RIPv2 broadcasts multicasts and unicasts 4 Return to system view quit N A 5 Ent...

Page 39: ...name value The default setting is 1 Configuring RIPv2 route summarization Perform this task to summarize contiguous subnets into a summary network and sends the network to neighbors The smallest metric among all summarized routes is used as the metric of the summary route Enabling RIPv2 automatic route summarization Automatic summarization enables RIPv2 to generate a natural network for contiguous...

Page 40: ...isabling host route reception Perform this task to disable RIPv2 from receiving host routes from the same network to save network resources This feature does not apply to RIPv1 To disable RIP from receiving host routes Step Command Remarks 1 Enter system view system view N A 2 Enter RIP view rip process id vpn instance vpn instance name N A 3 Disable RIP from receiving host routes undo host route ...

Page 41: ... view system view N A 2 Enter RIP view rip process id vpn instance vpn instance name N A 3 Configure the filtering of received routes filter policy acl number gateway prefix list name prefix list prefix list name gateway prefix list name import interface type interface number By default the filtering of received routes is not configured This command filters received routes Filtered routes are not ...

Page 42: ...allow ibgp allow direct cost cost route policy route policy name tag tag By default RIP route redistribution is disabled This command can redistribute only active routes To view active routes use the display ip routing table protocol command 4 Optional Configure a default cost for redistributed routes default cost value The default setting is 0 Tuning and optimizing RIP networks Configuration prer...

Page 43: ...ollect garbage collect value suppress suppress value timeout timeout value update update value By default The garbage collect timer is 120 seconds The suppress timer is 120 seconds The timeout timer is 180 seconds The update timer is 30 seconds Configuring split horizon and poison reverse The split horizon and poison reverse functions can prevent routing loops If both split horizon and poison reve...

Page 44: ...ero fields You can enable zero field check on incoming RIPv1 messages If a zero field of a message contains a non zero value RIP does not process the message If you are certain that all messages are trustworthy disable zero field check to save CPU resources This feature does not apply to RIPv2 packets because they have no zero fields To enable zero field check on incoming RIPv1 messages Step Comma...

Page 45: ...n To configure RIPv2 message authentication Step Command Remarks 1 Enter system view system view N A 2 Enter interface view interface interface type interface number N A 3 Configure RIPv2 authentication rip authentication mode md5 rfc2082 cipher cipher string plain plain string key id rfc2453 cipher cipher string plain plain string simple cipher cipher string plain plain string By default RIPv2 au...

Page 46: ...allest process ID Configuring the RIP packet sending rate Perform this task to specify the interval for sending RIP packets and the maximum number of RIP packets that can be sent at each interval This feature can avoid excessive RIP packets from affecting system performance and consuming too much bandwidth To configure the RIP packet sending rate Step Command Remarks 1 Enter system view system vie...

Page 47: ...or a route within a certain time RIP considers the route unreachable This detection mechanism is not fast enough To speed up convergence perform this task to enable BFD for RIP For more information about BFD see High Availability Configuration Guide RIP supports the following BFD detection modes Single hop echo detection Detection mode for a direct neighbor In this mode a BFD session is establishe...

Page 48: ...gure the source IP address of BFD echo packets bfd echo source ip ip address By default no source IP address is configured for BFD echo packets 3 Enter interface view interface interface type interface number N A 4 Enable BFD for RIP rip bfd enable destination ip address By default BFD for RIP is disabled Configuring bidirectional control detection Step Command Remarks 1 Enter system view system v...

Page 49: ...s RIP FRR takes effect only for RIP routes learned from directly connected neighbors Do not use RIP FRR and BFD for RIP at the same time Otherwise FRR might fail to work RIP FRR is available only when the state of primary link with Layer 3 interfaces staying up changes from bidirectional to unidirectional or down Configuration prerequisites You must specify a next hop by using the apply fast rerou...

Page 50: ... any view and execute reset commands in user view Task Command Display RIP current status and configuration information display rip process id Display active routes in RIP database display rip process id database ip address mask length mask Display RIP interface information display rip process id interface interface type interface number Display routing information about a specified RIP process di...

Page 51: ...1 0 rip 1 enable RouterB rip 1 quit RouterB interface gigabitethernet 2 0 RouterB GigabitEthernet2 0 rip 1 enable RouterB rip 1 quit RouterB interface gigabitethernet 3 0 RouterB GigabitEthernet3 0 rip 1 enable RouterB rip 1 quit Display the RIP routing table on Router A RouterA display rip 1 route Route Flags R RIP A Aging S Suppressed G Garbage collect D Direct O Optimal F Flush to RIB Peer 1 1 ...

Page 52: ...te Destination Mask Nexthop Cost Tag Flags Sec 1 1 1 0 24 0 0 0 0 0 0 RDOF 2 1 1 0 24 0 0 0 0 0 0 RDOF 3 1 1 0 24 0 0 0 0 0 0 RDOF The output shows that RIPv2 uses classless subnet masks NOTE After RIPv2 is configured RIPv1 routes might still exist in the routing table until they are aged out Display the RIP routing table on Router B RouterB display rip 1 route Route Flags R RIP A Aging S Suppress...

Page 53: ... 0 0 RDOF 10 1 1 0 24 0 0 0 0 0 0 RDOF 10 2 1 0 24 0 0 0 0 0 0 RDOF Display the RIP routing table on Router B RouterB display rip 1 route Route Flags R RIP A Aging S Suppressed G Garbage collect D Direct O Optimal F Flush to RIB Peer 1 1 1 1 on GigabitEthernet1 0 Destination Mask Nexthop Cost Tag Flags Sec 2 1 1 0 24 1 1 1 1 1 0 RAOF 19 Local route Destination Mask Nexthop Cost Tag Flags Sec 1 1 1...

Page 54: ...00 RouterB rip 100 network 11 0 0 0 RouterB rip 100 version 2 RouterB rip 100 undo summary RouterB rip 100 quit RouterB rip 200 RouterB rip 200 network 12 0 0 0 RouterB rip 200 version 2 RouterB rip 200 undo summary RouterB rip 200 quit Enable RIP 200 and configure RIPv2 on Router C RouterC system view RouterC rip 200 RouterC rip 200 network 12 0 0 0 RouterC rip 200 network 16 0 0 0 RouterC rip 20...

Page 55: ...able on Router C RouterC display ip routing table Destinations 15 Routes 15 Destination Mask Proto Pre Cost NextHop Interface 0 0 0 0 32 Direct 0 0 127 0 0 1 InLoop0 10 2 1 0 24 RIP 100 1 12 3 1 1 GE1 0 11 1 1 0 24 RIP 100 1 12 3 1 1 GE1 0 12 3 1 0 24 Direct 0 0 12 3 1 2 GE1 0 12 3 1 0 32 Direct 0 0 12 3 1 2 GE1 0 12 3 1 2 32 Direct 0 0 127 0 0 1 InLoop0 12 3 1 255 32 Direct 0 0 12 3 1 2 GE1 0 16 ...

Page 56: ... 1 undo summary RouterA rip 1 quit Configure Router B RouterB system view RouterB rip RouterB rip 1 network 1 0 0 0 RouterB rip 1 version 2 RouterB rip 1 undo summary Configure Router C RouterC system view RouterB rip RouterC rip 1 network 1 0 0 0 RouterC rip 1 version 2 RouterC rip 1 undo summary Configure Router D RouterD system view RouterD rip RouterD rip 1 network 1 0 0 0 RouterD rip 1 versio...

Page 57: ...rnet2 0 rip metricin 3 Display all active routes in the RIP database on Router A RouterA GigabitEthernet2 0 display rip 1 database 1 0 0 0 8 auto summary 1 1 1 0 24 cost 0 nexthop 1 1 1 1 RIP interface 1 1 2 0 24 cost 0 nexthop 1 1 2 1 RIP interface 1 1 3 0 24 cost 1 nexthop 1 1 1 2 1 1 4 0 24 cost 2 nexthop 1 1 1 2 1 1 5 0 24 cost 2 nexthop 1 1 1 2 The output shows that only one RIP route reaches...

Page 58: ... RouterB ospf RouterB ospf 1 area 0 RouterB ospf 1 area 0 0 0 0 network 10 1 1 0 0 0 0 255 RouterB ospf 1 area 0 0 0 0 network 10 6 1 0 0 0 0 255 RouterB ospf 1 area 0 0 0 0 quit Configure Router C RouterC system view RouterC ospf RouterC ospf 1 area 0 RouterC ospf 1 area 0 0 0 0 network 10 1 1 0 0 0 0 255 RouterC ospf 1 area 0 0 0 0 network 10 2 1 0 0 0 0 255 RouterC ospf 1 area 0 0 0 0 quit Rout...

Page 59: ...0 1 InLoop0 11 4 1 0 24 Direct 0 0 11 4 1 2 GE2 0 11 4 1 0 32 Direct 0 0 11 4 1 2 GE2 0 11 4 1 2 32 Direct 0 0 127 0 0 1 InLoop0 127 0 0 0 8 Direct 0 0 127 0 0 1 InLoop0 127 0 0 0 32 Direct 0 0 127 0 0 1 InLoop0 127 0 0 1 32 Direct 0 0 127 0 0 1 InLoop0 127 255 255 255 32 Direct 0 0 127 0 0 1 InLoop0 4 Configure route summarization Configure route summarization on Router C to advertise only the su...

Page 60: ...C so Router A can learn two routes destined for 100 1 1 1 24 through GigabitEthernet 1 0 and GigabitEthernet 2 0 respectively and uses the one through GigabitEthernet 1 0 Enable BFD for RIP on GigabitEthernet 1 0 of Router A When the link over GigabitEthernet 1 0 fails BFD can quickly detect the failure and notify it to RIP so RIP deletes the neighbor relationship and route information learned on ...

Page 61: ...e ip 11 11 11 11 RouterA interface gigabitethernet 1 0 RouterA GigabitEthernet1 0 bfd min transmit interval 500 RouterA GigabitEthernet1 0 bfd min receive interval 500 RouterA GigabitEthernet1 0 bfd detect multiplier 7 RouterA GigabitEthernet1 0 return 3 Configure a static route on Router C RouterC ip route static 120 1 1 1 24 null 0 Verifying the configuration Display the BFD session information ...

Page 62: ...0x2 OrigAs 0 NBRID 0x26000002 LastAs 0 AttrID 0xffffffff Neighbor 192 168 2 2 Flags 0x1008c OrigNextHop 192 168 2 2 Label NULL RealNextHop 192 168 2 2 BkLabel NULL BkNextHop N A Tunnel ID Invalid Interface GigabitEthernet2 0 BkTunnel ID Invalid BkInterface N A The output shows that Router A communicates with Router C through GigabitEthernet 2 0 Configure BFD for RIP single hop echo detection for a...

Page 63: ...iagram Configuration procedure 1 Configure IP addresses for interfaces Details not shown 2 Configure basic RIP and enable BFD on the interfaces Configure Router A RouterA system view RouterA rip 1 RouterA rip 1 network 192 168 2 0 RouterA rip 1 import route static RouterA rip 1 quit RouterA interface gigabitethernet 2 0 RouterA GigabitEthernet2 0 rip bfd enable destination 192 168 2 2 RouterA Giga...

Page 64: ... routes destined for 100 1 1 0 24 on Router B RouterB display ip routing table 100 1 1 0 24 verbose Summary Count 1 Destination 100 1 1 0 24 Protocol RIP Process ID 1 SubProtID 0x1 Age 00h02m47s Cost 1 Preference 100 Tag 0 State Active Adv OrigTblID 0x0 OrigVrf default vrf TableID 0x2 OrigAs 0 NBRID 0x12000002 LastAs 0 AttrID 0xffffffff Neighbor 192 168 2 1 Flags 0x1008c OrigNextHop 192 168 2 1 La...

Page 65: ... 1 1 0 24 on Router A configure a static route destined for 101 1 1 0 24 on Router C and enable static route redistribution into RIP on Router A and Router C so Router A can learn two routes destined for 100 1 1 0 24 through GigabitEthernet 2 0 and GigabitEthernet 1 0 respectively and uses the one through GigabitEthernet 2 0 Enable BFD for RIP on GigabitEthernet 2 0 of Router A and GigabitEthernet...

Page 66: ...etwork 101 1 1 0 RouterA rip 1 peer 192 168 2 2 RouterA rip 1 undo validate source address RouterA rip 1 import route static RouterA rip 1 quit RouterA interface gigabitethernet 2 0 RouterA GigabitEthernet2 0 rip bfd enable RouterA GigabitEthernet2 0 quit RouterA rip 2 RouterA rip 2 version 2 RouterA rip 2 undo summary RouterA rip 2 network 192 168 3 0 RouterA rip 2 quit Configure Router C RouterC...

Page 67: ...0 RouterB GigabitEthernet2 0 ip address 192 168 1 2 24 RouterB GigabitEthernet2 0 quit RouterB interface gigabitethernet 1 0 RouterB GigabitEthernet1 0 ip address 192 168 2 1 24 Configure Router C RouterC bfd session init mode active RouterC interface gigabitethernet 1 0 RouterC GigabitEthernet1 0 ip address 192 168 2 2 24 RouterC GigabitEthernet1 0 bfd min transmit interval 500 RouterC GigabitEth...

Page 68: ...ummary Count 1 Destination 100 1 1 0 24 Protocol RIP Process ID 1 SubProtID 0x1 Age 00h04m02s Cost 1 Preference 100 Tag 0 State Active Adv OrigTblID 0x0 OrigVrf default vrf TableID 0x2 OrigAs 0 NBRID 0x12000002 LastAs 0 AttrID 0xffffffff Neighbor 192 168 2 2 Flags 0x1008c OrigNextHop 192 168 2 2 Label NULL RealNextHop 192 168 1 2 BkLabel NULL BkNextHop N A Tunnel ID Invalid Interface GigabitEthern...

Page 69: ...r S can communicate with each other at the network layer Details not shown 3 Configure RIP FRR Configure Router S RouterS system view RouterS ip prefix list abc index 10 permit 4 4 4 4 32 RouterS route policy frr permit node 10 RouterS route policy frr 10 if match ip address prefix list abc RouterS route policy frr 10 apply fast reroute backup interface gigabitethernet 1 0 backup nexthop 12 12 12 ...

Page 70: ...Hop 13 13 13 2 BkLabel NULL BkNextHop 12 12 12 2 Tunnel ID Invalid Interface GigabitEthernet2 0 BkTunnel ID Invalid BkInterface GigabitEthernet1 0 Display route 1 1 1 1 32 on Router D to view the backup next hop information RouterS display ip routing table 1 1 1 1 verbose Summary Count 1 Destination 1 1 1 1 32 Protocol RIP Process ID 1 SubProtID 0x1 Age 04h20m37s Cost 1 Preference 100 Tag 0 State ...

Page 71: ...ype 1 and external Type 2 routes Authentication Supports area and interface based packet authentication to ensure secure packet exchange Support for multicasting Multicasts protocol packets on some types of links to avoid impacting other devices OSPF packets OSPF messages are carried directly over IP The protocol number is 89 OSPF uses the following packet types Hello Periodically sent to find and...

Page 72: ...external LSA describes a route to another AS NSSA LSA Type 7 LSA as defined in RFC 1587 originated by ASBRs in NSSAs and flooded throughout a single NSSA NSSA LSAs describe routes to other ASs Opaque LSA A proposed type of LSA Its format consists of a standard LSA header and application specific information Opaque LSAs are used by the OSPF protocol or by some applications to distribute information...

Page 73: ...f physical links OSPF virtual links can solve this issue A virtual link is established between two ABRs through a non backbone area It must be configured on both ABRs to take effect The non backbone area is called a transit area In Figure 16 Area 2 has no direct physical link to the backbone Area 0 You can configure a virtual link between the two ABRs to connect Area 2 to the backbone area Figure ...

Page 74: ...a does no advertise inter area routes or external routes It advertises a default route in a Type 3 LSA so that the routers in the area can reach external networks through the default route NSSA area and totally NSSA area An NSSA area does not import AS external LSAs Type 5 LSAs but can import Type 7 LSAs generated by the NSSA ASBR The NSSA ABR translates Type 7 LSAs into Type 5 LSAs and advertises...

Page 75: ...tizes routes into the following route levels Intra area route Inter area route Type 1 external route Type 2 external route The intra area and inter area routes describe the network topology of the AS The external routes describe routes to external ASs A Type 1 external route has high credibility The cost of a Type 1 external route the cost from the router to the corresponding ASBR the cost from th...

Page 76: ...r to 224 0 0 6 that identifies the DR DD packets and LSR packets are unicast NBMA If the link layer protocol is Frame Relay ATM or X 25 OSPF considers the network type as NBMA by default OSPF packets are unicast on a NBMA network P2MP No link is P2MP type by default P2MP must be a conversion from other network types such as NBMA On a P2MP network OSPF packets are multicast to 224 0 0 5 P2P If the ...

Page 77: ...he packet If the parameters match its own the receiving router considers the sending router an OSPF neighbor Two OSPF neighbors establish an adjacency relationship after they synchronize their LSDBs through exchange of DD packets and LSAs DR and BDR election DR election is performed on broadcast or NBMA networks but not on P2P and P2MP networks Routers in a broadcast or NBMA network elect the DR a...

Page 78: ...Configuring OSPF network types Configuring the broadcast network type for an interface Configuring the NBMA network type for an interface Configuring the P2MP network type for an interface Configuring the P2P network type for an interface Optional Configuring OSPF route control Configuring OSPF route summarization Configuring route summarization on an ABR Configuring route summarization on an ASBR...

Page 79: ...LSU transmit rate Enabling OSPF ISPF Configuring prefix suppression Configuring prefix prioritization Configuring OSPF PIC Configuring the number of OSPF logs Optional Configuring OSPF GR Configuring the OSPF GR restarter Configuring OSPF GR helper Triggering OSPF GR Optional Configuring BFD for OSPF Optional Configuring OSPF FRR Enabling OSPF Enable OSPF before you perform other OSPF configuratio...

Page 80: ...er ID is configured the highest loopback interface IP address if any is used as the router ID If no loopback interface IP address is available the highest physical interface IP address is used regardless of the interface status up or down 3 Enable an OSPF process and enter OSPF view ospf process id router id router id vpn instance vpn instance name By default OSPF is disabled 4 Optional Configure ...

Page 81: ...nto the stub area so all packets destined outside of the AS are sent through the default route To further reduce the routing table size and routing information exchanged in the stub area configure a totally stub area by using the stub no summary command on the ABR AS external routes and inter area routes will not be distributed into the area All the packets destined outside of the AS or area will ...

Page 82: ... router id router id vpn instance vpn instance name N A 3 Enter area view area area id N A 4 Configure the area as an NSSA area nssa default route advertise cost cost nssa only route policy route policy name type type no import route no summary suppress fa translate always translate never translator stability interval value By default no area is configured as an NSSA area 5 Optional Specify a cost...

Page 83: ...default When you change the network type of an interface follow these guidelines When an NBMA network becomes fully meshed change the network type to broadcast to avoid manual configuration of neighbors If any routers in a broadcast network do not support multicasting change the network type to NBMA An NBMA network must be fully meshed OSPF requires that an NBMA network be fully meshed If a networ...

Page 84: ...pe for the interface as NBMA ospf network type nbma By default the network type of an interface depends on the link layer protocol 4 Optional Configure a router priority for the interface ospf dr priority priority The default setting is 1 The router priority configured with this command is for DR election 5 Return to system view quit N A 6 Enter OSPF view ospf process id router id router id vpn in...

Page 85: ...ighbor and its router priority peer ip address cost value By default no neighbor is specified This step must be performed if the network type is P2MP unicast and is optional if the network type is P2MP Configuring the P2P network type for an interface Step Command Remarks 1 Enter system view system view N A 2 Enter interface view interface interface type interface number N A 3 Configure the OSPF n...

Page 86: ... vpn instance name N A 3 Enter OSPF area view area area id N A 4 Configure ABR route summarization abr summary ip address mask length mask advertise not advertise cost cost By default no route summarization is configured The command takes effect only on an ABR Configuring route summarization on an ASBR Without route summarization an ASBR advertises each redistributed route in a separate ASE LSA Af...

Page 87: ... route policy route policy name import By default OSPF accepts all routes calculated using received LSAs Configuring Type 3 LSA filtering Perform this task to filter Type 3 LSAs advertised to an area on an ABR To configure Type 3 LSA filtering Step Command Remarks 1 Enter system view system view N A 2 Enter OSPF view ospf process id router id router id vpn instance vpn instance name N A 3 Enter ar...

Page 88: ...ew N A 2 Enter OSPF view ospf process id router id router id vpn instance vpn instance name N A 3 Configure a bandwidth reference value bandwidth reference value The default setting is 100 Mbps Configuring the maximum number of ECMP routes Perform this task to implement load sharing over ECMP routes To configure the maximum number of ECMP routes Step Command Remarks 1 Enter system view system view...

Page 89: ...cause routing loops use it with caution Configuring OSPF to redistribute routes from another routing protocol Step Command Remarks 1 Enter system view system view N A 2 Enter OSPF view ospf process id router id router id vpn instance vpn instance name N A 3 Configure OSPF to redistribute routes from another routing protocol import route protocol process id all processes allow ibgp allow direct cos...

Page 90: ...e default parameters for redistributed routes Step Command Remarks 1 Enter system view system view N A 2 Enter OSPF view ospf process id router id router id vpn instance vpn instance name N A 3 Configure the default parameters for redistributed routes cost upper limit tag and type default cost cost tag tag type type By default the cost is 1 the tag is 1 and the type is Type 2 Advertising a host ro...

Page 91: ...cknowledgement packets after sending a LSA to the neighbor it retransmits the LSA To configure OSPF timers Step Command Remarks 1 Enter system view system view N A 2 Enter interface view interface interface type interface number N A 3 Specify the hello interval ospf timer hello seconds By default The hello interval on P2P and broadcast interfaces is 10 seconds The hello interval on P2MP and NBMA i...

Page 92: ...PF calculation interval LSDB changes result in SPF calculations When the topology changes frequently a large amount of network and router resources are occupied by SPF calculation You can adjust the SPF calculation interval to reduce the impact When network changes are infrequent the minimum interval is adopted If network changes become frequent the SPF calculation interval is incremented by incre...

Page 93: ...requent LSAs are generated at the minimum interval If network changes become frequent the LSA generation interval is incremented by incremental interval 2n 2 n is the number of generation times for each generation until the maximum interval is reached To configure the LSA generation interval Step Command Remarks 1 Enter system view system view N A 2 Enter OSPF view ospf process id router id router...

Page 94: ...pecify the include stub keyword in the stub router command A value of 1 2 or 4 means a point to point link a link to a transit network or a virtual link On such links a maximum cost value of 65535 is used Neighbors do not send packets to the stub router as long as they have a route with a smaller cost To configure a router as a stub router Step Command Remarks 1 Enter system view system view N A 2...

Page 95: ...th the local interface and its peer interface To configure OSPF interface authentication Step Command Remarks 1 Enter system view system view N A 2 Enter interface view interface interface type interface number N A 3 Configure interface authentication mode Configure simple authentication ospf authentication mode simple cipher cipher string plain plain string Configure MD5 authentication ospf authe...

Page 96: ... Specify the maximum number of external LSAs in the LSDB lsdb overflow limit number By default the maximum number of external LSAs in the LSDB is not limited Configuring OSPF exit overflow interval When the number of LSAs in the LSDB exceeds the upper limit the LSDB is in an overflow state To save resources OSPF does not receive any external LSAs and deletes the external LSAs generated by itself w...

Page 97: ...compatibility with RFC 1583 Step Command Remarks 1 Enter system view system view N A 2 Enter OSPF view ospf process id router id router id vpn instance vpn instance name N A 3 Enable compatibility with RFC 1583 rfc1583 compatible By default this feature is enabled Logging neighbor state changes Perform this task to enable output of neighbor state change logs to the information center The informati...

Page 98: ... neighbor state change nssatranslator status change retransmit virt authentication failure virt bad packet virt config error virt retransmit virtgrhelper status change virtif state change virtneighbor state change By default SNMP notifications for OSPF is enabled 4 Enter OSPF view ospf process id router id router id vpn instance vpn instance name N A 5 Configure the SNMP notification output interv...

Page 99: ...venting IP routing toward the suppressed networks When prefix suppression is enabled On P2P and P2MP networks OSPF does not advertise Type 3 links in Router LSAs Other routing information can still be advertised to ensure traffic forwarding On broadcast and NBMA networks the DR generates Network LSAs with a mask length of 32 to suppress network routes Other routing information can still be adverti...

Page 100: ...tization This feature enables the device to install prefixes in descending priority order critical high medium and low The prefix priorities are assigned through routing policies When a route is assigned multiple prefix priorities the route uses the highest priority By default the 32 bit OSPF host routes have a medium priority and other routes a low priority To configure prefix prioritization Step...

Page 101: ... view interface interface type interface number N A 4 Enable BFD for OSPF PIC ospf primary path detect bfd echo By default BFD for OSPF PIC is disabled Configuring the number of OSPF logs OSPF logs include route calculation logs and neighbor logs To configure the number of OSPF logs Step Command Remarks 1 Enter system view system view N A 2 Enter OSPF view ospf process id router id router id vpn i...

Page 102: ...nt capability is enabled 4 Enable the IETF GR graceful restart ietf global planned only By default the IETF GR capability is disabled 5 Optional Configure GR interval graceful restart interval interval value The default setting is 120 seconds Configuring the non IETF OSPF GR restarter Step Command Remarks 1 Enter system view system view N A 2 Enable OSPF and enter its view ospf process id router i...

Page 103: ...is disabled Configuring the non IETF OSPF GR helper Step Command Remarks 1 Enter system view system view N A 2 Enable OSPF and enter its view ospf process id router id router id vpn instance vpn instance name N A 3 Enable the link local signaling capability enable link local signaling By default the link local signaling capability is disabled 4 Enable the out of band re synchronization capability ...

Page 104: ...A 3 Enable BFD bidirectional control detection ospf bfd enable By default BFD bidirectional control detection is disabled Both ends of a BFD session must be on the same network segment and in the same area Configuring single hop echo detection Step Command Remarks 1 Enter system view system view N A 2 Configure the source address of echo packets bfd echo source ip ip address By default the source ...

Page 105: ...ivity between neighboring nodes Enable OSPF Configuration guidelines Do not use FRR and BFD at the same time Otherwise FRR might fail to take effect Do not use the fast reroute lfa command together with the vlink peer or sham link see MPLS Command Reference command When both OSPF PIC and OSPF FRR are configured OSPF FRR takes effect Configuration procedure Configuring OSPF FRR to calculate a backu...

Page 106: ...a routing policy fast reroute route policy route policy name By default OSPF FRR is not configured Configuring BFD for OSPF FRR By default OSPF FRR does not use BFD to detect primary link failures To speed up OSPF convergence enable BFD single hop echo detection for OSPF FRR to detect primary link failures To configure BFD for OSPF FRR Step Command Remarks 1 Enter system view system view N A 2 Con...

Page 107: ...k Display OSPF request queue information display ospf process id request queue interface type interface number neighbor id Display OSPF retransmission queue information display ospf process id retrans queue interface type interface number neighbor id Display OSPF ABR and ASBR information display ospf process id abr asbr verbose Display summary route information on the OSPF ABR display ospf process...

Page 108: ...1 RouterA ospf RouterA ospf 1 area 0 RouterA ospf 1 area 0 0 0 0 network 10 1 1 0 0 0 0 255 RouterA ospf 1 area 0 0 0 0 quit RouterA ospf 1 area 1 RouterA ospf 1 area 0 0 0 1 network 10 2 1 0 0 0 0 255 RouterA ospf 1 area 0 0 0 1 quit RouterA ospf 1 quit Configure Router B RouterB system view RouterB router id 10 3 1 1 RouterB ospf RouterB ospf 1 area 0 RouterB ospf 1 area 0 0 0 0 network 10 1 1 0...

Page 109: ...outer A RouterA display ospf peer verbose OSPF Process 1 with Router ID 10 2 1 1 Neighbors Area 0 0 0 0 interface 10 1 1 1 GigabitEthernet1 0 s neighbors Router ID 10 3 1 1 Address 10 1 1 2 GR State Normal State Full Mode Nbr is Master Priority 1 DR 10 1 1 1 BDR 10 1 1 2 MTU 0 Options is 0x02 E Dead timer due in 37 sec Neighbor is up for 06 03 59 Authentication Sequence 0 Neighbor state change cou...

Page 110: ... 10 3 1 1 0 0 0 2 10 4 1 0 24 4 Inter 10 3 1 1 10 3 1 1 0 0 0 2 10 5 1 0 24 1 Stub 10 5 1 1 10 5 1 1 0 0 0 2 10 1 1 0 24 2 Inter 10 3 1 1 10 3 1 1 0 0 0 2 Total Nets 5 Intra Area 2 Inter Area 3 ASE 0 NSSA 0 Ping 10 4 1 1 to test reachability RouterD ping 10 4 1 1 Ping 10 4 1 1 10 4 1 1 56 data bytes press CTRL_C to break 56 bytes from 10 4 1 1 icmp_seq 0 ttl 253 time 1 549 ms 56 bytes from 10 4 1 ...

Page 111: ... 2 On Router C configure OSPF to redistribute the static route RouterC ospf 1 RouterC ospf 1 import route static Verifying the configuration Display the ABR ASBR information on Router D RouterD display ospf abr asbr OSPF Process 1 with Router ID 10 5 1 1 Routing Table to ABR and ASBR Type Destination Area Cost Nexthop RtType Intra 10 3 1 1 0 0 0 2 10 10 3 1 1 ABR Inter 10 4 1 1 0 0 0 2 22 10 3 1 1...

Page 112: ...tion example Network requirements Configure OSPF on Router A and Router B in AS 200 Configure OSPF on Router C Router D and Router E in AS 100 Configure an EBGP connection between Router B and Router C Configure Router B and Router C to redistribute OSPF routes and direct routes into BGP and BGP routes into OSPF Configure Router B to advertise only summary route 10 0 0 0 8 to Router A Figure 24 Ne...

Page 113: ...igure Router D RouterD system view RouterD router id 10 3 1 1 RouterD ospf RouterD ospf 1 area 0 RouterD ospf 1 area 0 0 0 0 network 10 1 1 0 0 0 0 255 RouterD ospf 1 area 0 0 0 0 network 10 3 1 0 0 0 0 255 RouterD ospf 1 area 0 0 0 0 quit Configure Router E RouterE system view RouterE router id 10 4 1 1 RouterE ospf RouterE ospf 1 area 0 RouterE ospf 1 area 0 0 0 0 network 10 2 1 0 0 0 0 255 Rout...

Page 114: ...rface 0 0 0 0 32 Direct 0 0 127 0 0 1 InLoop0 10 1 1 0 24 O_ASE2 150 1 11 2 1 1 GE1 0 10 2 1 0 24 O_ASE2 150 1 11 2 1 1 GE1 0 10 3 1 0 24 O_ASE2 150 1 11 2 1 1 GE1 0 10 4 1 0 24 O_ASE2 150 1 11 2 1 1 GE1 0 11 2 1 0 24 Direct 0 0 11 2 1 2 GE1 0 11 2 1 0 32 Direct 0 0 11 2 1 2 GE1 0 11 2 1 2 32 Direct 0 0 127 0 0 1 InLoop0 11 2 1 255 32 Direct 0 0 11 2 1 2 GE1 0 127 0 0 0 8 Direct 0 0 127 0 0 1 InLo...

Page 115: ...utes 10 1 1 0 24 10 2 1 0 24 10 3 1 0 24 and 10 4 1 0 24 are summarized into a single route 10 0 0 0 8 OSPF stub area configuration example Network requirements Enable OSPF on all routers and split the AS into three areas Configure Router A and Router B as ABRs to forward routing information between areas Configure Router D as the ASBR to redistribute static routes Configure Area 1 as a stub area ...

Page 116: ... 0 24 3 Stub 10 4 1 1 10 4 1 1 0 0 0 1 10 5 1 0 24 17 Inter 10 2 1 1 10 2 1 1 0 0 0 1 10 1 1 0 24 5 Inter 10 2 1 1 10 2 1 1 0 0 0 1 Routing for ASEs Destination Cost Type Tag NextHop AdvRouter 3 1 2 0 24 1 Type2 1 10 2 1 1 10 5 1 1 Total Nets 6 Intra Area 2 Inter Area 3 ASE 1 NSSA 0 Because Router C resides in a normal OSPF area its routing table contains an AS external route 4 Configure Area 1 as...

Page 117: ...ltering Type 3 LSAs out of the stub area RouterA ospf RouterA ospf 1 area 1 RouterA ospf 1 area 0 0 0 1 stub no summary RouterA ospf 1 area 0 0 0 1 quit Display OSPF routing information on Router C RouterC display ospf routing OSPF Process 1 with Router ID 10 4 1 1 Routing Tables Routing for Network Destination Cost Type NextHop AdvRouter Area 0 0 0 0 0 4 Inter 10 2 1 1 10 2 1 1 0 0 0 1 10 2 1 0 2...

Page 118: ... system view RouterC ospf RouterC ospf 1 area 1 RouterC ospf 1 area 0 0 0 1 nssa RouterC ospf 1 area 0 0 0 1 quit RouterC ospf 1 quit NOTE To allow Router C in the NSSA area to reach other areas within the AS you must provide the keyword default route advertise for the nssa command on Router A the ABR so that Router C can obtain a default route Configuring the nssa command with the keyword no summ...

Page 119: ...isplay ospf routing OSPF Process 1 with Router ID 10 5 1 1 Routing Tables Routing for Network Destination Cost Type NextHop AdvRouter Area 10 2 1 0 24 22 Inter 10 3 1 1 10 3 1 1 0 0 0 2 10 3 1 0 24 10 Transit 10 3 1 2 10 3 1 1 0 0 0 2 10 4 1 0 24 25 Inter 10 3 1 1 10 3 1 1 0 0 0 2 10 5 1 0 24 10 Stub 10 5 1 1 10 5 1 1 0 0 0 2 10 1 1 0 24 12 Inter 10 3 1 1 10 3 1 1 0 0 0 2 Routing for ASEs Destinat...

Page 120: ...w RouterB router id 2 2 2 2 RouterB ospf RouterB ospf 1 area 0 RouterB ospf 1 area 0 0 0 0 network 192 168 1 0 0 0 0 255 RouterB ospf 1 area 0 0 0 0 quit RouterB ospf 1 quit Configure Router C RouterC system view RouterC router id 3 3 3 3 RouterC ospf RouterC ospf 1 area 0 RouterC ospf 1 area 0 0 0 0 network 192 168 1 0 0 0 0 255 RouterC ospf 1 area 0 0 0 0 quit RouterC ospf 1 quit Configure Route...

Page 121: ...r 00 01 28 Authentication Sequence 0 Router ID 4 4 4 4 Address 192 168 1 4 GR State Normal State Full Mode Nbr is Master Priority 1 DR 192 168 1 4 BDR 192 168 1 3 MTU 0 Options is 0x02 E Dead timer due in 31 sec Neighbor is up for 00 01 28 Authentication Sequence 0 The output shows that Router D is the DR and Router C is the BDR 3 Configure router priorities on interfaces Configure Router A Router...

Page 122: ...168 1 3 GR State Normal State Full Mode Nbr is Slave Priority 2 DR 192 168 1 4 BDR 192 168 1 3 MTU 0 Options is 0x02 E Dead timer due in 33 sec Neighbor is up for 00 11 15 Authentication Sequence 0 The output shows that the DR and BDR are not changed because the new router priority settings do not take effect immediately 4 Restart the OSPF process Restart the OSPF process on Router D RouterD reset...

Page 123: ...een established The 2 way neighbor state means the two routers are not the DR or BDR and they do not exchange LSAs Display OSPF interface information RouterA display ospf interface OSPF Process 1 with Router ID 1 1 1 1 Interfaces Area 0 0 0 0 IP Address Type State Cost Pri DR BDR 192 168 1 1 Broadcast DR 1 100 192 168 1 1 192 168 1 3 RouterB display ospf interface OSPF Process 1 with Router ID 2 2...

Page 124: ... 0 0 0 quit RouterB ospf 1 area 1 RouterB ospf 1 area 0 0 0 1 network 10 2 1 0 0 0 0 255 RouterB ospf 1 area 0 0 0 1 quit RouterB ospf 1 quit Configure Router C RouterC system view RouterC ospf 1 router id 3 3 3 3 RouterC ospf 1 area 1 RouterC ospf 1 area 0 0 0 1 network 10 2 1 0 0 0 0 255 RouterC ospf 1 area 0 0 0 1 quit RouterC ospf 1 area 2 RouterC ospf 1 area 0 0 0 2 network 10 3 1 0 0 0 0 255...

Page 125: ...onfigure Router C RouterC ospf RouterC ospf 1 area 1 RouterC ospf 1 area 0 0 0 1 vlink peer 2 2 2 2 RouterC ospf 1 area 0 0 0 1 quit Display OSPF routing information on Router B RouterB display ospf routing OSPF Process 1 with Router ID 2 2 2 2 Routing Tables Routing for Network Destination Cost Type NextHop AdvRouter Area 10 2 1 0 24 2 Transit 10 2 1 1 3 3 3 3 0 0 0 1 10 3 1 0 24 5 Inter 10 2 1 2...

Page 126: ...igure Router B RouterB system view RouterB router id 2 2 2 2 RouterB ospf 100 RouterB ospf 100 area 0 RouterB ospf 100 area 0 0 0 0 network 192 1 1 0 0 0 0 255 RouterB ospf 100 area 0 0 0 0 quit Configure Router C RouterC system view RouterC router id 3 3 3 3 RouterC ospf 100 RouterC ospf 100 area 0 RouterC ospf 100 area 0 0 0 0 network 192 1 1 0 0 0 0 255 RouterC ospf 100 area 0 0 0 0 quit 3 Conf...

Page 127: ...DEBUG MDC 1 OSPF 100 nonstandard GR Started for OSPF Router Oct 21 15 29 28 735 2011 RouterA OSPF 7 DEBUG MDC 1 OSPF 100 created GR wait timer timeout interval is 40 s Oct 21 15 29 28 735 2011 RouterA OSPF 7 DEBUG MDC 1 OSPF 100 created GR Interval timer timeout interval is 120 s Oct 21 15 29 28 758 2011 RouterA OSPF 7 DEBUG MDC 1 OSPF 100 created OOB Progress timer for neighbor 192 1 1 3 Oct 21 1...

Page 128: ... Router A and Router B communicate through a Layer 2 switch fails BFD can quickly detect the failure and notify OSPF of the failure Router A and Router B then communicate through Router C Figure 30 Network diagram Table 7 Interface and IP address assignment Device Interface IP address Device Interface IP address Router A GE1 0 192 168 0 102 24 Router B GE2 0 13 1 1 1 24 Router A GE2 0 10 1 1 102 2...

Page 129: ... area 0 0 0 0 quit RouterC ospf 1 quit 3 Configure BFD Enable BFD on Router A and configure BFD parameters RouterA bfd session init mode active RouterA interface gigabitethernet 1 0 RouterA GigabitEthernet1 0 ospf bfd enable RouterA GigabitEthernet1 0 bfd min transmit interval 500 RouterA GigabitEthernet1 0 bfd min receive interval 500 RouterA GigabitEthernet1 0 bfd detect multiplier 7 RouterA Gig...

Page 130: ... Interface GigabitEthernet1 0 BkTunnel ID Invalid BkInterface N A The output shows that Router A communicates with Router B through GigabitEthernet 1 0 Then the link over GigabitEthernet 1 0 fails Display routes destined for 120 1 1 0 24 on Router A RouterA display ip routing table 120 1 1 0 verbose Summary Count 1 Destination 120 1 1 0 24 Protocol OSPF Process ID 1 SubProtID 0x1 Age 04h20m37s Cos...

Page 131: ... next hop by using a routing policy Method 1 Enable OSPF FRR to calculate a backup next hop by using the LFA algorithm Configure Router S RouterS system view RouterS ospf 1 RouterS ospf 1 fast reroute lfa RouterS ospf 1 quit Configure Router D RouterD system view RouterD ospf 1 RouterD ospf 1 fast reroute lfa RouterD ospf 1 quit Method 2 Enable OSPF FRR to specify a backup next hop by using a rout...

Page 132: ...ummary Count 1 Destination 4 4 4 4 32 Protocol OSPF Process ID 1 SubProtID 0x1 Age 04h20m37s Cost 1 Preference 10 Tag 0 State Active Adv OrigTblID 0x0 OrigVrf default vrf TableID 0x2 OrigAs 0 NBRID 0x26000002 LastAs 0 AttrID 0xffffffff Neighbor 0 0 0 0 Flags 0x1008c OrigNextHop 13 13 13 2 Label NULL RealNextHop 13 13 13 2 BkLabel NULL BkNextHop 12 12 12 2 Tunnel ID Invalid Interface GigabitEtherne...

Page 133: ...dead interval on an interface must be at least four times the hello interval 5 On an NBMA network use the peer ip address command to manually specify the neighbor 6 At least one interface must have a router priority higher than 0 on an NBMA or a broadcast network Incorrect routing information Symptom OSPF cannot find routes to other areas Analysis The backbone area must maintain connectivity to al...

Page 134: ...rs attached are configured with the stub command In an NSSA area all routers attached are configured with the nssa command 6 If a virtual link is configured use the display ospf vlink command to verify the state of the virtual link ...

Page 135: ...r by using the same routing protocol Area An IS IS routing domain can be split into multiple areas Link State Database All link states in the network form the LSDB Each IS has at least one LSDB An IS uses the SPF algorithm and LSDB to generate IS IS routes Link State Protocol Data Unit or Link State Packet An IS advertises link state information in an LSP Network Protocol Data Unit An NPDU is a ne...

Page 136: ... 0s from the left such as 168 010 001 001 2 Divide the extended IP address into three sections that each has four digits to get the system ID 1680 1000 1001 If you use other methods to define a system ID make sure that it can uniquely identify the host or router SEL The N SEL or the NSAP selector SEL is similar to the protocol identifier in IP Different transport layer protocols correspond to diff...

Page 137: ... packets destined for external areas to the nearest Level 1 2 router Level 1 routers in different areas cannot establish neighbor relationships Level 2 router A Level 2 router establishes neighbor relationships with Level 2 and Level 1 2 routers in the same area or in different areas It maintains a Level 2 LSDB containing inter area routing information All the Level 2 and Level 1 2 routers must be...

Page 138: ...ers form a Level 2 area An IS IS routing domain comprises only one Level 2 area and multiple Level 1 areas A Level 1 area must connect to the Level 2 area rather than other Level 1 area The routing information of each Level 1 area is sent to the Level 2 area through a Level 1 2 router so a Level 2 router knows the routing information of the entire IS IS routing domain By default a Level 2 router d...

Page 139: ... If multiple routers with the same highest DIS priority exist the one with the highest SNPA Subnetwork Point of Attachment address MAC address on a broadcast network will be elected A router can be the DIS for different levels IS IS DIS election differs from OSPF DIS election in the following ways A router with priority 0 can also participate in the DIS election When a router with a higher priorit...

Page 140: ...l 1 Complete Sequence Numbers PDU L1 CSNP 25 Level 2 Complete Sequence Numbers PDU L2 CSNP 26 Level 1 Partial Sequence Numbers PDU L1 PSNP 27 Level 2 Partial Sequence Numbers PDU L2 PSNP Hello PDU IS to IS hello IIH PDUs are used by routers to establish and maintain neighbor relationships On broadcast networks Level 1 routers use Level 1 LAN IIHs and Level 2 routers use Level 2 LAN IIHs The P2P II...

Page 141: ... that different PDUs contain different CLVs Codes 1 through 10 are defined in ISO 10589 code 3 and 5 are not shown in the table Codes 128 through 132 are defined in RFC 1 195 Codes 222 through 237 are defined in RFC 5120 Table 9 CLV codes and PDU types CLV Code Name PDU Type 1 Area Addresses IIH LSP 2 IS Neighbors LSP LSP 4 Partition Designated Level 2 IS L2 LSP 6 IS Neighbors MAC Address LAN IIH ...

Page 142: ...it RFC 3787 Recommendations for Interoperable IP Networks using IS IS RFC 3847 Restart Signaling for IS IS RFC 4444 Management Information Base for Intermediate System to Intermediate System IS IS RFC 5120 Multi Topology MT Routing in Intermediate System to Intermediate Systems IS ISs RFC 5303 Three Way Handshake for IS IS Point to Point Adjacencies RFC 5310 IS IS Generic Cryptographic Authenticat...

Page 143: ...ing system ID to host name mappings Enabling the logging of neighbor state changes Enabling IS IS ISPF Enabling prefix suppression Configuring IS IS network management Optional Enhancing IS IS network security Configuring neighbor relationship authentication Configuring area authentication Configuring routing domain authentication Optional Configuring IS IS GR Optional Configuring BFD for IS IS Op...

Page 144: ...to limit neighbor relationship establishment To configure the IS level and circuit level Step Command Remarks 1 Enter system view system view N A 2 Enter IS IS view isis process id vpn instance vpn instance name N A 3 Specify the IS level is level level 1 level 1 2 level 2 By default the IS level is Level 1 2 4 Return to system view quit N A 5 Enter interface view interface interface type interfac...

Page 145: ...is determined in the following order 1 IS IS cost specified in interface view 2 IS IS cost specified in system view The cost is applied to the interfaces associated with the IS IS process 3 Automatically calculated cost If the cost style is wide or wide compatible IS IS automatically calculates the cost using the formula Interface cost Bandwidth reference value Expected interface bandwidth 10 in t...

Page 146: ...nstance vpn instance name N A 3 Specify a global IS IS cost circuit cost value level 1 level 2 By default no global cost is specified Enabling automatic IS IS cost calculation Step Command Remarks 1 Enter system view system view N A 2 Enter IS IS view isis process id vpn instance vpn instance name N A 3 Enable automatic IS IS cost calculation auto cost enable By default automatic IS IS cost calcul...

Page 147: ...ximum number of ECMP routes maximum load balancing number By default the maximum number of ECMP routes is 8 Configuring IS IS route summarization Perform this task to summarize specific routes including IS IS routes and redistributed routes into a single route Route summarization can reduce the routing table size and the LSDB scale Route summarization applies only to locally generated LSPs The cos...

Page 148: ...es and specify the maximum number of redistributed routes To configure IS IS route redistribution from other routing protocols Step Command Remarks 1 Enter system view system view N A 2 Enter IS IS IPv4 unicast address family view 1 isis process id vpn instance vpn instance name 2 cost style wide wide compatible 3 address family ipv4 unicast N A 3 Redistribute routes from other routing protocols o...

Page 149: ... unicast N A 3 Filter routes calculated using received LSPs filter policy acl number prefix list prefix list name route policy route policy name import By default IS IS route filtering is not configured Filtering redistributed routes IS IS can redistribute routes from other routing protocols or other IS IS processes add them to the IS IS routing table and advertise them in LSPs Perform this task t...

Page 150: ...By default IS IS does not advertise routes from Level 2 to Level 1 Tuning and optimizing IS IS networks Configuration prerequisites Before you tune and optimize IS IS networks complete the following tasks Configure IP addresses for interfaces to ensure IP connectivity between neighboring nodes Enable IS IS Specifying the interval for sending IS IS hello packets If a neighbor does not receive any h...

Page 151: ...ding multiplier value level 1 level 2 The default setting is 3 Specifying the interval for sending IS IS CSNP packets On a broadcast network perform this task on the DIS that uses CSNP packets to synchronize LSDBs To specify the interval for sending IS IS CSNP packets Step Command Remarks 1 Enter system view system view N A 2 Enter interface view interface interface type interface number N A 3 Spe...

Page 152: ...o PPP interfaces Disabling an interface from sending receiving IS IS packets After being disabled from sending and receiving hello packets an interface cannot form any neighbor relationship but can advertise directly connected networks in LSPs through other interfaces This can save bandwidth and CPU resources and ensures that other routers know networks directly connected to the interface To disab...

Page 153: ...gurable interval and send them to other routers to prevent valid routes from aging out A smaller refresh interval speeds up network convergence but consumes more bandwidth When the network topology changes for example a neighbor is down or up or the interface metric system ID or area ID is changed the router generates an LSP after a configurable interval If such a change occurs frequently excessiv...

Page 154: ... By default the minimum interval is 33 milliseconds and the maximum LSP number that can be sent at a time is 5 4 Specify the LSP retransmission interval on a P2P link isis timer retransmit seconds By default the LSP retransmission interval on a P2P link is 5 seconds Specifying LSP lengths IS IS messages cannot be fragmented at the IP layer because they are directly encapsulated in frames IS IS rou...

Page 155: ...process must not be less than 128 Otherwise LSP fragment extension does not take effect To enable LSP fragment extension Step Command Remarks 1 Enter system view system view N A 2 Enter IS IS view isis process id vpn instance vpn instance name N A 3 Enable LSP fragment extension lsp fragments extend level 1 level 1 2 level 2 By default this feature is disabled 4 Configure a virtual system ID virtu...

Page 156: ... default the interface does not belong to any mesh group and is not blocked The mesh group feature takes effect only on P2P interfaces Controlling SPF calculation interval Based on the LSDB an IS IS router uses the SPF algorithm to calculate the shortest path tree with itself being the root and uses the shortest path tree to determine the next hop to a destination network By adjusting the SPF calc...

Page 157: ...S IS routes Step Command Remarks 1 Enter system view system view N A 2 Enter IS IS IPv4 unicast address family view 1 isis process id vpn instance vpn instance name 2 cost style wide wide compatible 3 address family ipv4 unicast N A 3 Assign convergence priorities to specific IS IS routes priority critical high medium prefix list prefix list name tag tag value By default IS IS routes except IS IS ...

Page 158: ...e ATT bit to calculate the default route Setting the ATT bit of Level 1 LSPs Step Command Remarks 1 Enter system view system view N A 2 Enter IS IS view isis process id vpn instance vpn instance name N A 3 Set the ATT bit of Level 1 LSPs set att always never By default the ATT bit is not set for Level 1 LSPs Configuring the tag value for an interface Perform this task when the link cost style is w...

Page 159: ... sys name A system ID can correspond to only one host name Configuring dynamic system ID to host name mapping Static system ID to host name mapping requires you to manually configure a mapping for each router in the network When a new router is added to the network or a mapping must be modified you must configure all routers manually When you use dynamic system ID to host name mapping you only nee...

Page 160: ...m view system view N A 2 Enter IS IS view isis process id vpn instance vpn instance name N A 3 Enable the logging of neighbor state changes log peer change By default the logging of neighbor state changes is enabled Enabling IS IS ISPF When the network topology changes Incremental Shortest Path First ISPF computes only the affected part of the SPT instead of the entire SPT To enable IS IS ISPF Ste...

Page 161: ...ot manage IS IS and TRILL at the same time According to the management for multiple OSPF instances defined in RFC 4750 you can set a context name for the SNMP object for managing TRILL In this way the SNMP requests for managing IS IS and the SNMP requests for managing TRILL from NMS can be distinguished Because the context name is a concept specific to SNMPv3 the community names are mapped to cont...

Page 162: ...IC By default IS IS PIC does not use BFD to detect primary link failures To speed up IS IS convergence enable BFD single hop echo detection for IS IS PIC to detect primary link failures To configure BFD for IS IS PIC Step Command Remarks 1 Enter system view system view N A 2 Configure the source IP address of BFD echo packets bfd echo source ip ip address By default the source IP address of BFD ec...

Page 163: ... hmac sha 256 hmac sha 384 hmac sha 512 cipher cipher string plain plain string level 1 level 2 ip osi By default no authentication is configured 4 Optional Configure the interface not to check the authentication information in the received hello packets isis authentication send only level 1 level 2 When the authentication mode and password are configured the interface checks the authentication in...

Page 164: ...de and password To prevent packet exchange failure in case of an authentication password change configure IS IS not to check the authentication information in the received packets To configure routing domain authentication Step Command Remarks 1 Enter system view system view N A 2 Enter IS IS view isis process id vpn instance vpn instance name N A 3 Specify the routing domain authentication mode a...

Page 165: ...not completed within the holdtime the neighbors tear down the neighbor relationship and the GR process fails To configure GR on the GR restarter Step Command Remarks 1 Enter system view system view N A 2 Enable IS IS and enter IS IS view isis process id vpn instance vpn instance name N A 3 Enable IS IS GR graceful restart By default the GR capability for IS IS is disabled 4 Optional Suppress the S...

Page 166: ... a link failure is detected In this way packets are directed to the backup next hop to reduce traffic recovery time Meanwhile IS IS calculates the shortest path based on the new network topology and forwards packets over the path after network convergence You can either enable IS IS FRR to calculate a backup next hop automatically or designate a backup next hop with a routing policy for routes mat...

Page 167: ...ckup interface command to specify a backup next hop in a routing policy for routes matching specific criteria and perform this task to reference the routing policy for IS IS FRR For more information about the apply fast reroute backup interface command and routing policy configurations see Configuring routing policies To configure IS IS FRR using a routing policy Step Command Remarks 1 Enter syste...

Page 168: ... GR status display isis graceful restart status level 1 level 2 process id Display IS IS interface information display isis interface interface type interface number verbose statistics process id Display IS IS LSDB information display isis lsdb level 1 level 2 local lsp id lspid lsp name lspname verbose process id Display IS IS mesh group information display isis mesh group process id Display the ...

Page 169: ...Router B Router C and Router D reside in an AS Router A and Router B are Level 1 routers Router D is a Level 2 router and Router C is a Level 1 2 router connecting two areas Router A Router B and Router C are in area 10 and Router D is in area 20 Figure 40 Network diagram Configuration procedure 1 Configure IP addresses for interfaces Details not shown 2 Configure IS IS Configure Router A RouterA ...

Page 170: ...C GigabitEthernet1 0 isis enable 1 RouterC GigabitEthernet1 0 quit RouterC interface gigabitethernet 2 0 RouterC GigabitEthernet2 0 isis enable 1 RouterC GigabitEthernet2 0 quit Configure Router D RouterD system view RouterD isis 1 RouterD isis 1 is level level 2 RouterD isis 1 network entity 20 0000 0000 0004 00 RouterD isis 1 quit RouterD interface gigabitethernet 1 0 RouterD GigabitEthernet1 0 ...

Page 171: ...0 0x00000005 0xd2b3 1188 55 0 0 0 0000 0000 0003 00 00 0x00000014 0x194a 1190 111 1 0 0 0000 0000 0003 01 00 0x00000002 0xabdb 995 55 0 0 0 Self LSP Self LSP Extended ATT Attached P Partition OL Overload RouterC display isis lsdb Database information for ISIS 1 Level 1 Link State Database LSPID Seq Num Checksum Holdtime Length ATT P OL 0000 0000 0001 00 00 0x00000006 0xdb60 847 68 0 0 0 0000 0000 ...

Page 172: ...Extended ATT Attached P Partition OL Overload Display the IS IS routing information on each router RouterA display isis route Route information for IS IS 1 Level 1 IPv4 Forwarding Table IPv4 Destination IntCost ExtCost ExitInterface NextHop Flags 10 1 1 0 24 10 NULL GE1 0 Direct D L 10 1 2 0 24 20 NULL GE1 0 10 1 1 1 R 192 168 0 0 24 20 NULL GE1 0 10 1 1 1 R 0 0 0 0 0 10 NULL GE1 0 10 1 1 1 R Flag...

Page 173: ... Direct D L 10 1 1 0 24 20 NULL GE2 0 192 168 0 1 R 10 1 2 0 24 20 NULL GE2 0 192 168 0 1 R 172 16 0 0 16 10 NULL GE1 0 Direct D L Flags D Direct R Added to Rib L Advertised in LSPs U Up Down Bit Set The output shows that the routing table of Level 1 routers contains a default route with the next hop as the Level 1 2 router and the routing table of Level 2 router contains all Level 1 and Level 2 r...

Page 174: ...1 RouterB isis 1 network entity 10 0000 0000 0002 00 RouterB isis 1 quit RouterB interface gigabitethernet 1 0 RouterB GigabitEthernet1 0 isis enable 1 RouterB GigabitEthernet1 0 quit Configure Router C RouterC system view RouterC isis 1 RouterC isis 1 network entity 10 0000 0000 0003 00 RouterC isis 1 is level level 1 RouterC isis 1 quit RouterC interface gigabitethernet 1 0 RouterC GigabitEthern...

Page 175: ... State Up HoldTime 6s Type L1 PRI 64 System Id 0000 0000 0002 Interface GigabitEthernet1 0 Circuit Id 0000 0000 0004 01 State Up HoldTime 23s Type L2 L1L2 PRI 64 System Id 0000 0000 0004 Interface GigabitEthernet1 0 Circuit Id 0000 0000 0004 01 State Up HoldTime 23s Type L2 PRI 64 Display information about IS IS interfaces of Router A RouterA display isis interface Interface information for IS IS ...

Page 176: ...1 0 Circuit Id 0000 0000 0001 01 State Up HoldTime 29s Type L1 L1L2 PRI 64 System Id 0000 0000 0003 Interface GigabitEthernet1 0 Circuit Id 0000 0000 0001 01 State Up HoldTime 22s Type L1 PRI 64 System Id 0000 0000 0002 Interface GigabitEthernet1 0 Circuit Id 0000 0000 0001 01 State Up HoldTime 22s Type L2 L1L2 PRI 64 System Id 0000 0000 0004 Interface GigabitEthernet1 0 Circuit Id 0000 0000 0001 ...

Page 177: ...display isis peer Peer information for IS IS 1 System Id 0000 0000 0001 Interface GigabitEthernet1 0 Circuit Id 0000 0000 0001 01 State Up HoldTime 7s Type L2 PRI 100 System Id 0000 0000 0002 Interface GigabitEthernet1 0 Circuit Id 0000 0000 0001 01 State Up HoldTime 26s Type L2 PRI 64 RouterD display isis interface Interface information for IS IS 1 Interface GigabitEthernet1 0 Id IPv4 State IPv6 ...

Page 178: ... 1 RouterA GigabitEthernet1 0 quit Configure Router B RouterB system view RouterB isis 1 RouterB isis 1 is level level 1 RouterB isis 1 network entity 10 0000 0000 0002 00 RouterB isis 1 quit RouterB interface gigabitethernet 1 0 RouterB GigabitEthernet1 0 isis enable 1 RouterB GigabitEthernet1 0 quit Configure Router C RouterC system view RouterC isis 1 RouterC isis 1 network entity 10 0000 0000 ...

Page 179: ...te information for IS IS 1 Level 1 IPv4 Forwarding Table IPv4 Destination IntCost ExtCost ExitInterface NextHop Flags 10 1 1 0 24 10 NULL GE1 0 Direct D L 10 1 2 0 24 20 NULL GE1 0 10 1 1 1 R 192 168 0 0 24 20 NULL GE1 0 10 1 1 1 R 0 0 0 0 0 10 NULL GE1 0 10 1 1 1 R Flags D Direct R Added to Rib L Advertised in LSPs U Up Down Bit Set RouterC display isis route Route information for IS IS 1 Level 1...

Page 180: ...92 168 0 1 R Flags D Direct R Added to Rib L Advertised in LSPs U Up Down Bit Set 3 Configure RIPv2 on Router D and Router E and configure IS IS to redistribute RIP routes on Router D Configure RIPv2 on Router D RouterD rip 1 RouterD rip 1 network 10 0 0 0 RouterD rip 1 version 2 RouterD rip 1 undo summary Configure RIPv2 on Router E RouterE rip 1 RouterE rip 1 network 10 0 0 0 RouterE rip 1 versi...

Page 181: ...10 1 5 0 24 20 NULL GE2 0 192 168 0 2 R L 10 1 6 0 24 20 NULL GE2 0 192 168 0 2 R L Flags D Direct R Added to Rib L Advertised in LSPs U Up Down Bit Set IS IS authentication configuration example Network requirements As shown in Figure 43 Router A Router B Router C and Router D reside in the same IS IS routing domain Router A Router B and Router C belong to Area 10 and Router D belongs to Area 20 ...

Page 182: ...igure Router B RouterB system view RouterB isis 1 RouterB isis 1 network entity 10 0000 0000 0002 00 RouterB isis 1 is level level 1 RouterB isis 1 quit RouterB interface gigabitethernet 1 0 RouterB GigabitEthernet1 0 isis enable 1 RouterB GigabitEthernet1 0 quit Configure Router C RouterC system view RouterC isis 1 RouterC isis 1 network entity 10 0000 0000 0003 00 RouterC isis 1 quit RouterC int...

Page 183: ...Hr on GigabitEthernet 1 0 of Router B and on GigabitEthernet 1 0 of Router C RouterB interface gigabitethernet 1 0 RouterB GigabitEthernet1 0 isis authentication mode md5 plain t5Hr RouterB GigabitEthernet1 0 quit RouterC interface gigabitethernet 1 0 RouterC GigabitEthernet1 0 isis authentication mode md5 plain t5Hr RouterC GigabitEthernet1 0 quit Configure the authentication mode as MD5 and set ...

Page 184: ...not shown 2 Configure IS IS on the routers to make sure Router A Router B and Router C can communicate with each other at Layer 3 and dynamic route update can be implemented among them with IS IS Details not shown 3 Enable IS IS GR on Router A RouterA system view RouterA isis 1 RouterA isis 1 graceful restart RouterA isis 1 return Verifying the configuration After Router A establishes adjacencies ...

Page 185: ...ple Network requirements As shown in Figure 45 run IS IS on Router A Router B and Router C so that they can reach each other at the network layer After the link over which Router A and Router B communicate through the Layer 2 switch fails BFD can quickly detect the failure and notify IS IS of the failure Router A and Router B then communicate through Router C Figure 45 Network diagram Device Inter...

Page 186: ... interface gigabitethernet 2 0 RouterB GigabitEthernet2 0 isis enable RouterB GigabitEthernet2 0 quit Configure Router C RouterC system view RouterC isis RouterC isis 1 network entity 10 0000 0000 0003 00 RouterC isis 1 quit RouterC interface gigabitethernet 1 0 RouterC GigabitEthernet1 0 isis enable RouterC GigabitEthernet1 0 quit RouterC interface gigabitethernet 2 0 RouterC GigabitEthernet2 0 i...

Page 187: ...ummary Count 1 Destination 120 1 1 0 24 Protocol ISIS Process ID 1 SubProtID 0x1 Age 04h20m37s Cost 10 Preference 10 Tag 0 State Active Adv OrigTblID 0x0 OrigVrf default vrf TableID 0x2 OrigAs 0 NBRID 0x26000002 LastAs 0 AttrID 0xffffffff Neighbor 0 0 0 0 Flags 0x1008c OrigNextHop 192 168 0 100 Label NULL RealNextHop 192 168 0 100 BkLabel NULL BkNextHop N A Tunnel ID Invalid Interface GigabitEther...

Page 188: ...s traffic can be switched to Link B immediately Figure 46 Network diagram Configuration procedure 1 Configure IP addresses and subnet masks for interfaces on the routers Details not shown 2 Configure IS IS on the routers to make sure Router A Router D and Router S can communicate with each other at the network layer Details not shown 3 Configure IS IS FRR Enable IS IS FRR to automatically calculat...

Page 189: ...ix list abc index 10 permit 1 1 1 1 32 RouterD route policy frr permit node 10 RouterD route policy frr 10 if match ip address prefix list abc RouterD route policy frr 10 apply fast reroute backup interface gigabitethernet 1 0 backup nexthop 24 24 24 2 RouterD route policy frr 10 quit RouterD isis 1 RouterD isis 1 address family ipv4 RouterD isis 1 ipv4 fast reroute route policy frr RouterD isis 1...

Page 190: ...se Summary Count 1 Destination 1 1 1 1 32 Protocol ISIS Process ID 1 SubProtID 0x1 Age 04h20m37s Cost 10 Preference 10 Tag 0 State Active Adv OrigTblID 0x0 OrigVrf default vrf TableID 0x2 OrigAs 0 NBRID 0x26000002 LastAs 0 AttrID 0xffffffff Neighbor 0 0 0 0 Flags 0x1008c OrigNextHop 13 13 13 1 Label NULL RealNextHop 13 13 13 1 BkLabel NULL BkNextHop 24 24 24 2 Tunnel ID Invalid Interface GigabitEt...

Page 191: ...ltering and selection Has good scalability BGP speaker and BGP peer A router running BGP is a BGP speaker A BGP speaker establishes peer relationships with other BGP speakers to exchange routing information over TCP connections BGP peers include the following types IBGP peers Reside in the same AS as the local router EBGP peers Reside in different ASs from the local router BGP message types BGP us...

Page 192: ... attribute so the receiver can determine ASs to route the message back The AS_PATH attribute has the following types AS_SEQUENCE Arranges AS numbers in sequence As shown in Figure 47 the number of the AS closest to the receiver s AS is leftmost AS_SET Arranges AS numbers randomly Figure 47 AS_PATH attribute BGP uses the AS_PATH attribute to implement the following functions Avoid routing loops A B...

Page 193: ...peer to an IBGP peer it does not modify the NEXT_HOP attribute If load balancing is configured BGP modifies the NEXT_HOP attribute for the equal cost routes For load balancing information see BGP load balancing Figure 48 NEXT_HOP attribute MED MULTI_EXIT_DISC BGP advertises the MED attribute between two neighboring ASs each of which does not advertise the attribute to any other AS Similar to metri...

Page 194: ...uter BGP uses LOCAL_PREF to determine the best route for traffic leaving the local AS When a BGP router obtains from several IBGP peers multiple routes to the same destination but with different next hops it considers the route with the highest LOCAL_PREF value as the best route As shown in Figure 50 traffic from AS 20 to AS 10 travels through Router C that is selected according to LOCAL_PREF D 9 ...

Page 195: ...RT Routes with this attribute cannot be advertised out of the local AS or out of the local confederation but can be advertised to other sub ASs in the confederation For confederation information see Settlements for problems in large scale BGP networks No_ADVERTISE Routes with this attribute cannot be advertised to other BGP peers No_EXPORT_SUBCONFED Routes with this attribute cannot be advertised ...

Page 196: ...P EGP or INCOMPLETE route in turn 6 The route with the lowest MED value 7 The route learned from EBGP confederation EBGP confederation IBGP or IBGP in turn 8 The route with the smallest next hop metric 9 The route with the shortest CLUSTER_LIST 10 The route with the smallest ORIGINATOR_ID 11 The route advertised by the router with the smallest router ID 12 The route advertised by the peer with the...

Page 197: ... commands BGP load balancing through route selection IGP routing protocols such as RIP and OSPF compute the metrics of routes and implement load balancing over the routes with the same metric and to the same destination The route selection criterion is metric BGP has no route computation algorithm so it cannot perform load balancing according to the metrics of routes BGP implements load balancing ...

Page 198: ...P runs in complex networks where route changes are more frequent To solve the problem caused by route flapping you can use BGP route dampening to suppress unstable routes BGP route dampening uses a penalty value to judge the stability of a route The bigger the value the less stable the route Each time a route state change from reachable to unreachable occurs or a reachable route s attribute change...

Page 199: ...sions Using route reflectors can solve this issue In an AS a router acts as a route reflector and other routers act as clients connecting to the route reflector The route reflector forwards routing information received from a client to other clients In this way all clients can receive routing information from one another without establishing BGP sessions A router that is neither a route reflector ...

Page 200: ...is another method to manage growing IBGP connections in an AS It splits an AS into multiple sub ASs In each sub AS IBGP peers are fully meshed As shown in Figure 55 intra confederation EBGP connections are established between sub ASs in AS 200 Figure 55 Confederation network diagram A non confederation BGP speaker does not need to know sub ASs in the confederation It considers the confederation as...

Page 201: ...For more information about multicast VPN see IP Multicast Configuration Guide MP BGP extended attributes Prefixes and next hops are key routing information BGP 4 uses update messages to carry feasible route prefixes in the Network Layer Reachability Information NLRI field unfeasible route prefixes in the withdrawn routes field and next hops in the NEXT_HOP attribute These attributes cannot carry r...

Page 202: ...amily view Sysname system view Sysname bgp 100 Sysname bgp address family ipv6 unicast Sysname bgp ipv6 Configurations in this view apply to IPv6 unicast routes and peers on the public network BGP IPv4 multicast address family view Sysname system view Sysname bgp 100 Sysname bgp address family ipv4 multicast Sysname bgp mul ipv4 Configurations in this view apply to IPv4 multicast routes and peers ...

Page 203: ... bgp 100 Sysname bgp ip vpn instance vpn1 Sysname bgp vpn1 address family ipv6 unicast Sysname bgp ipv6 vpn1 Configurations in this view apply to IPv6 unicast routes and peers in the specified VPN instance BGP VPN VPNv4 address family view Sysname system view Sysname bgp 100 Sysname bgp ip vpn instance vpn1 Sysname bgp vpn1 address family vpnv4 Sysname bgp vpnv4 vpn1 Configurations in this view ap...

Page 204: ...nfiguring basic BGP Required Enabling BGP Required Perform one of the following tasks Configuring a BGP peer Configuring a BGP peer group Optional Specifying the source address of TCP connections HP recommends that you configure BGP peer groups on large scale BGP networks for easy configuration and maintenance Perform at least one of the following tasks to generate BGP routes Injecting a local net...

Page 205: ...iguring BGP GR N A Optional Enabling SNMP notifications for BGP N A Optional Enabling logging of session state changes N A Optional Configuring BFD for BGP N A Optional Configuring BGP FRR N A To configure BGP perform the following tasks IPv6 unicast IPv6 multicast Tasks at a glance Remarks Configuring basic BGP Required Enabling BGP Required Perform one of the following tasks Configuring a BGP pe...

Page 206: ...tication for BGP peers Configuring BGP load balancing Configuring IPsec for IPv6 BGP Disabling BGP to establish a session to a peer or peer group Configuring GTSM for BGP Configuring BGP soft reset Protecting an EBGP peer when memory usage reaches level 2 threshold N A Optional Configuring a large scale BGP network Configuring BGP community Configuring BGP route reflection Ignoring the ORIGINATOR_...

Page 207: ...e IP address if any as the router ID If no loopback interface IP address is available BGP uses the highest physical interface IP address as the route ID regardless of the interface status 3 Enable BGP and enter BGP view or BGP VPN instance view Enable BGP and enter BGP view bgp as number Enable BGP and enter BGP VPN instance view a bgp as number b ip vpn instance vpn instance name By default BGP i...

Page 208: ...r Configuring a BGP peer IPv6 unicast address family Step Command Remarks 1 Enter system view system view N A 2 Enter BGP view or BGP VPN instance view Enter BGP view bgp as number Enter BGP VPN instance view a bgp as number b ip vpn instance vpn instance name N A 3 Create an IPv6 BGP peer and specify its AS number peer ipv6 address as number as number By default no IPv6 BGP peer is created 4 Opti...

Page 209: ...ify its AS number peer ipv6 address as number as number By default no IPv6 BGP peer is created 4 Optional Configure a description for the peer peer ipv6 address description description text By default no description is configured for a peer 5 Create the BGP IPv6 multicast address family and enter its view address family ipv6 multicast By default the BGP IPv6 multicast address family is not created...

Page 210: ... Optional Configure a description for a peer group peer group name description description text By default no description is configured for the peer group 6 Create the BGP IPv4 unicast address family or BGP VPN IPv4 unicast address family and enter its view address family ipv4 unicast By default the BGP IPv4 unicast address family or BGP VPN IPv4 unicast address family is not created 7 Enable the ...

Page 211: ...marks 1 Enter system view system view N A 2 Enter BGP view bgp as number N A 3 Create an IBGP peer group group group name internal By default no IBGP peer group is created 4 Add an IPv4 peer into the IBGP peer group peer ip address group group name as number as number By default no peer exists in the peer group The as number as number option must specify the local AS number 5 Optional Configure a ...

Page 212: ...ng to the same external AS the EBGP peer group is a pure EBGP peer group If not it is a mixed EBGP peer group Use one of the following methods to configure an EBGP peer group Method 1 Create an EBGP peer group specify its AS number and add peers into it All the added peers have the same AS number All peers in the peer group have the same AS number as the peer group You can specify an AS number for...

Page 213: ...peers in the specified peer group peer group name enable By default the router cannot exchange IPv4 unicast routing information with the peers To configure an EBGP peer group by using Method 1 IPv6 unicast address family Step Command Remarks 1 Enter system view system view N A 2 Enter BGP view or BGP VPN instance view Enter BGP view bgp as number Enter BGP VPN instance view a bgp as number b ip vp...

Page 214: ...er 5 Add an IPv4 BGP peer into the EBGP peer group peer ip address group group name as number as number By default no peer exists in the peer group The as number as number option if used must specify the same AS number as the peer group name as number as number command 6 Optional Configure a description for the peer group peer group name description description text By default no description is co...

Page 215: ... the specified peer group peer group name enable By default the router cannot exchange IPv6 unicast routing information used for RPF check with the peers in the group To configure an EBGP peer group by using Method 2 IPv4 unicast address family Step Command Remarks 1 Enter system view system view N A 2 Enter BGP view or BGP VPN instance view Enter BGP view bgp as number Enter BGP VPN instance view...

Page 216: ...er ipv6 address as number as number By default no IPv6 BGP peer is created 5 Add the peer into the EBGP peer group peer ipv6 address group group name as number as number By default no peer exists in the peer group The as number as number option if used must specify the same AS number as the peer ip address as number as number command 6 Optional Configure a description for the peer group peer group...

Page 217: ...fied peer group peer group name enable By default the router cannot exchange IPv4 unicast routing information used for RPF check with the peers in the group To configure an EBGP peer group by using Method 2 IPv6 multicast address family Step Command Remarks 1 Enter system view system view N A 2 Enter BGP view bgp as number N A 3 Create an EBGP peer group group group name external By default no EBG...

Page 218: ...r group name description description text By default no description is configured for the peer group 6 Create the BGP IPv4 unicast address family or BGP VPN IPv4 unicast address family and enter its view address family ipv4 unicast By default the BGP IPv4 unicast address family or BGP VPN IPv4 unicast address family is not created 7 Enable the router to exchange IPv4 unicast routing information wi...

Page 219: ...ption for the peer group peer group name description description text By default no description is configured for the peer group 6 Create the BGP IPv4 multicast address family and enter its view address family ipv4 multicast By default the BGP IPv4 multicast address family is not created 7 Enable the router to exchange IPv4 unicast routing information used for RPF check with peers in the specified...

Page 220: ...tions To avoid this problem use a loopback interface as the source interface or use the IP address of a loopback interface as the source address If the BGP sessions use the IP addresses of different interfaces specify a source address or source interface for each peer to establish multiple BGP sessions to a router Specify a source address for each peer if the BGP sessions use the different address...

Page 221: ...nterface for establishing TCP connections to a peer or peer group peer group name ipv6 address connect interface interface type interface number Generating BGP routes BGP can generate routes in the following ways Advertise local networks Redistribute IGP routes Injecting a local network Perform this task to inject a network in the local routing table to the BGP routing table so BGP can advertise t...

Page 222: ... view BGP VPN IPv6 unicast address family view or BGP IPv6 multicast address family view Enter BGP IPv6 unicast address family view a bgp as number b address family ipv6 unicast Enter BGP VPN IPv6 unicast address family view a bgp as number b ip vpn instance vpn instance name c address family ipv6 unicast Enter BGP IPv6 multicast address family view a bgp as number b address family ipv6 multicast ...

Page 223: ...e route policy route policy name By default BGP does not redistribute IGP routes 4 Optional Enable default route redistribution into BGP default route imported By default BGP does not redistribute default routes To configure BGP to redistribute IGP routes IPv6 unicast multicast address family Step Command Remarks 1 Enter system view system view N A 2 Enter BGP IPv6 unicast address family view BGP ...

Page 224: ... has a lower priority the summary route becomes the optimal route In this case you must change the priority of the summary or the specific route to make the specific route as the optimal route Configuring automatic route summarization Automatic route summarization enables BGP to summarize IGP subnet routes redistributed by the import route command so BGP advertises only natural network routes To c...

Page 225: ...as number b address family ipv4 multicast N A 3 Create a summary route in the BGP routing table aggregate ip address mask mask length as set attribute policy route policy name detail suppressed origin policy route policy name suppress policy route policy name By default no summary route is configured To configure BGP manual route summarization IPv6 unicast multicast address family Step Command Rem...

Page 226: ...ame b address family ipv4 unicast Use either method 5 Enable BGP to advertise optimal routes in the IP routing table of the address family in the VPN instance advertise rib active By default the setting is the same as that in BGP view To enable BGP to advertise optimal routes in the IPv6 routing table IPv6 unicast Step Command Remarks 1 Enter system view system view N A 2 Enter BGP view bgp as num...

Page 227: ...ess family ipv4 multicast N A 3 Advertise a default route to a peer or peer group peer group name ip address default route advertise route policy route policy name By default no default route is advertised To advertise a default route to a peer or peer group IPv6 unicast multicast address family Step Command Remarks 1 Enter system view system view N A 2 Enter BGP IPv6 unicast address family view o...

Page 228: ...ter BGP IPv4 unicast address family view BGP VPN IPv4 unicast address family view or BGP IPv4 multicast address family view Enter BGP IPv4 unicast address family view a bgp as number b address family ipv4 unicast Enter BGP VPN IPv4 unicast address family view a bgp as number b ip vpn instance vpn instance name c address family ipv4 unicast Enter BGP IPv4 multicast address family view a bgp as numb...

Page 229: ...guring routing policies AS path list see Configuring routing policies Configuring BGP route distribution filtering policies To configure BGP route distribution filtering policies use the following methods Use an ACL or prefix list to filter routing information advertised to all peers Use a routing policy ACL AS path list or prefix list to filter routing information advertised to a peer or peer gro...

Page 230: ...s process id ospf process id rip process id static Reference a routing policy to filter BGP routes advertised to a peer or peer group peer group name ip address route policy route policy name export Reference an ACL to filter BGP routes advertised to a peer or peer group peer group name ip address filter policy acl number export Reference an AS path list to filter BGP routes advertised to a peer o...

Page 231: ...eer or peer group peer group name ipv6 address route policy route policy name export Reference an ACL to filter BGP routes advertised to a peer or peer group peer group name ipv6 address filter policy acl6 number export Reference an AS path list to filter BGP routes advertised to a peer or peer group peer group name ipv6 address as path acl as path acl number export Reference an IPv6 prefix list t...

Page 232: ... family ipv4 multicast N A 3 Configure BGP route reception filtering policies Reference an ACL or IP prefix list to filter BGP routes received from all peers filter policy acl number prefix list prefix list name import Reference a routing policy to filter BGP routes received from a peer or peer group peer group name ip address route policy route policy name import Reference an ACL to filter BGP ro...

Page 233: ...filter BGP routes received from a peer or peer group peer group name ipv6 address route policy route policy name import Reference an ACL to filter BGP routes received from a peer or peer group peer group name ipv6 address filter policy acl6 number import Reference an AS path list to filter BGP routes received from a peer or peer group peer group name ipv6 address as path acl as path acl number imp...

Page 234: ...figure BGP route dampening IPv6 unicast multicast address family Step Command Remarks 1 Enter system view system view N A 2 Enter BGP IPv6 unicast address family view BGP VPN IPv6 unicast address family view or BGP IPv6 multicast address family view Enter BGP IPv6 unicast address family view a bgp as number b address family ipv6 unicast Enter BGP VPN IPv6 unicast address family view a bgp as numbe...

Page 235: ...w a bgp as number b ip vpn instance vpn instance name c address family ipv4 unicast Enter BGP IPv4 multicast address family view a bgp as number b address family ipv4 multicast N A 3 Specify a preferred value for routes received from a peer or peer group peer group name ip address preferred value value The default preferred value is 0 To specify a preferred value for routes from a peer or peer gro...

Page 236: ...nce as the local BGP route so that the EBGP route will more likely become the optimal route To configure preferences for BGP routes IPv4 unicast multicast address family Step Command Remarks 1 Enter system view system view N A 2 Enter BGP IPv4 unicast address family view BGP VPN IPv4 unicast address family view or BGP IPv4 multicast address family view Enter BGP IPv4 unicast address family view a ...

Page 237: ...al preference The local preference is used to determine the best route for traffic leaving the local AS When a BGP router obtains from several IBGP peers multiple routes to the same destination but with different next hops it considers the route with the highest local preference as the best route This task allows you to specify the default local preference for routes sent to IBGP peers To specify ...

Page 238: ... the best route for traffic going into an AS When a BGP router obtains from EBGP peers multiple routes to the same destination but with different next hops it considers the route with the smallest MED value as the best route if other conditions are the same Configuring the default MED value To configure the default MED value IPv4 unicast multicast address family Step Command Remarks 1 Enter system...

Page 239: ...ask enables BGP to compare the MEDs of routes from different ASs To enable MED comparison for routes from different ASs IPv4 unicast multicast address family Step Command Remarks 1 Enter system view system view N A 2 Enter BGP IPv4 unicast address family view BGP VPN IPv4 unicast address family view or BGP IPv4 multicast address family view Enter BGP IPv4 unicast address family view a bgp as numbe...

Page 240: ...oute selection based on MED in an IPv4 network As shown in Figure 56 Router D learns network 10 0 0 0 from both Router A and Router B Because Router B has a smaller router ID the route learned from Router B is optimal Network NextHop MED LocPrf PrefVal Path Ogn i 10 0 0 0 2 2 2 2 50 0 300e i 3 3 3 3 50 0 200e When Router D learns network 10 0 0 0 from Router C it compares the route with the optima...

Page 241: ...ew N A 2 Enter BGP IPv4 unicast address family view BGP VPN IPv4 unicast address family view or BGP IPv4 multicast address family view Enter BGP IPv4 unicast address family view a bgp as number b address family ipv4 unicast Enter BGP VPN IPv4 unicast address family view a bgp as number b ip vpn instance vpn instance name c address family ipv4 unicast Enter BGP IPv4 multicast address family view a ...

Page 242: ...ew N A 2 Enter BGP IPv4 unicast address family view BGP VPN IPv4 unicast address family view or BGP IPv4 multicast address family view Enter BGP IPv4 unicast address family view a bgp as number b address family ipv4 unicast Enter BGP VPN IPv4 unicast address family view a bgp as number b ip vpn instance vpn instance name c address family ipv4 unicast Enter BGP IPv4 multicast address family view a ...

Page 243: ...t network it does not set itself as the next hop for routes sent to an EBGP peer by default As shown in Figure 58 Router A and Router B establish an EBGP neighbor relationship and Router B and Router C establish an IBGP neighbor relationship They are on the same broadcast network 1 1 1 0 24 When Router B sends EBGP routes to Router A it does not set itself as the next hop by default However you ca...

Page 244: ... To configure the NEXT_HOP attribute IPv6 unicast multicast address family Step Command Remarks 1 Enter system view system view N A 2 Enter BGP IPv6 unicast address family view or BGP IPv6 multicast address family view Enter BGP IPv6 unicast address family view a bgp as number b address family ipv6 unicast Enter BGP IPv6 multicast address family view a bgp as number b address family ipv6 multicast...

Page 245: ...t Enter BGP IPv4 multicast address family view a bgp as number b address family ipv4 multicast N A 3 Permit the local AS number to appear in routes from a peer or peer group and specify the appearance times peer group name ip address allow as loop number By default the local AS number is not allowed in routes from a peer or peer group To permit the local AS number to appear in routes from a peer o...

Page 246: ...s family view BGP VPN IPv4 unicast address family view or BGP IPv4 multicast address family view Enter BGP IPv4 unicast address family view a bgp as number b address family ipv4 unicast Enter BGP VPN IPv4 unicast address family view a bgp as number b ip vpn instance vpn instance name c address family ipv4 unicast Enter BGP IPv4 multicast address family view a bgp as number b address family ipv4 mu...

Page 247: ... 2 to AS 3 for example you have to modify the AS number of the router on all its EBGP peers To avoid such modifications you can configure the router to advertise a fake AS number 2 to its EBGP peers so that the EBGP peers still think that Router A is in AS 2 To advertise a fake AS number to a peer or peer group IPv4 unicast multicast address family Step Command Remarks 1 Enter system view system v...

Page 248: ...te updates containing the local AS number Figure 59 AS number substitution configuration in an IPv4 network For example as shown in Figure 59 CE 1 and CE 2 use the same AS number 800 To implement bidirectional communication between the two sites configure AS number substitution on PE 2 to replace AS 800 as AS 100 for the BGP route update originated from CE 1 before advertising it to CE 2 and perfo...

Page 249: ...group IPv4 unicast multicast address family Step Command Remarks 1 Enter system view system view N A 2 Enter BGP IPv4 unicast address family view BGP VPN IPv4 unicast address family view or BGP IPv4 multicast address family view Enter BGP IPv4 unicast address family view a bgp as number b address family ipv4 unicast Enter BGP VPN IPv4 unicast address family view a bgp as number b ip vpn instance v...

Page 250: ...ther the first AS number in the AS_PATH attribute of a route update received from a peer is the AS number of that peer If not BGP discards the route update To ignore the first AS number of EBGP route updates Step Command Remarks 1 Enter system view system view N A 2 Enter BGP view bgp as number N A 3 Configure BGP to ignore the first AS number of EBGP route updates ignore first as By default BGP c...

Page 251: ...p To configure the SoO attribute IPv6 unicast multicast address family Step Command Remarks 1 Enter system view system view N A 2 Enter BGP IPv6 unicast address family view BGP VPN IPv6 unicast address family view or BGP IPv6 multicast address family view Enter BGP IPv6 unicast address family view a bgp as number b address family ipv6 unicast Enter BGP VPN IPv6 unicast address family view a bgp as...

Page 252: ...between 1 3 of the hold time and the keepalive interval To configure the keepalive interval and hold time IPv4 unicast multicast address family Step Command Remarks 1 Enter system view system view N A 2 Enter BGP view or BGP VPN instance view Enter BGP view bgp as number Enter BGP VPN instance view a bgp as number b ip vpn instance vpn instance name N A 3 Configure the keepalive interval and hold ...

Page 253: ...te A BGP router sends an update message to its peers when a route is changed If the route changes frequently the BGP router keeps sending updates for the same route resulting route flapping To prevent this situation perform this task to configure the interval for sending updates for the same route to a peer or peer group To configure the interval for sending the same update to a peer or peer group...

Page 254: ...ax hop command When the BGP GTSM function is enabled two peers can establish an EBGP session after passing GTSM check regardless of whether the maximum number of hops is reached To enable BGP to establish an indirect EBGP session IPv4 unicast multicast address family Step Command Remarks 1 Enter system view system view N A 2 Enter BGP view or BGP VPN instance view Enter BGP view bgp as number Ente...

Page 255: ...ebgp interface sensitive By default this feature is enabled Enabling 4 byte AS number suppression BGP supports 4 byte AS numbers The 4 byte AS number occupies four bytes in the range of 1 to 4294967295 By default a device sends an Open message to the peer device for session establishment The Open message indicates that the device supports 4 byte AS numbers If the peer device supports 2 byte AS num...

Page 256: ...tion for BGP peers MD5 authentication provides the following benefits Peer authentication makes sure that only BGP peers that have the same password can establish TCP connections Integrity check makes sure that BGP packets exchanged between peers are intact To enable MD5 authentication for BGP peers IPv4 unicast multicast address family Step Command Remarks 1 Enter system view system view N A 2 En...

Page 257: ...ep Command Remarks 1 Enter system view system view N A 2 Enter BGP IPv4 unicast address family view BGP VPN IPv4 unicast address family view or BGP IPv4 multicast address family view Enter BGP IPv4 unicast address family view a bgp as number b address family ipv4 unicast Enter BGP VPN IPv4 unicast address family view a bgp as number b ip vpn instance vpn instance name c address family ipv4 unicast...

Page 258: ...ulates an IPv6 BGP packet with IPsec before sending it to Device B If Device B successfully receives and de encapsulates the packet it establishes an IPv6 BGP peer relationship with Device A and learns IPv6 BGP routes from Device A If Device B receives but fails to de encapsulate the packet or receives a packet not protected by IPsec it discards the packet To configure IPsec for IPv6 BGP packets I...

Page 259: ... group IPv6 unicast multicast address family Step Command Remarks 1 Enter system view system view N A 2 Enter BGP view or BGP VPN instance view Enter BGP view bgp as number Enter BGP VPN instance view a bgp as number b ip vpn instance vpn instance name N A 3 Disable BGP to establish a session to a peer or peer group peer group name ipv6 address ignore By default BGP can establish a session to a pe...

Page 260: ... 3 Configure GTSM for the specified BGP peer or peer group peer group name ipv6 address ttl security hops hop count By default GTSM is not configured Configuring BGP soft reset After you modify the route selection policy for example modify the preferred value you must reset BGP sessions to apply the new policy The reset operation tears down and re establishes BGP sessions To avoid tearing down BGP...

Page 261: ...BGP view bgp as number Enter BGP VPN instance view a bgp as number b ip vpn instance vpn instance name N A 3 Enable BGP route refresh for a peer or peer group Enable BGP route refresh for the specified peer or peer group peer group name ip address capability advertise route refresh Enable BGP route refresh and multi protocol extension capability for the specified peer or peer group undo peer group...

Page 262: ...r BGP IPv4 unicast address family view BGP VPN IPv4 unicast address family view or BGP IPv4 multicast address family view Enter BGP IPv4 unicast address family view a bgp as number b address family ipv4 unicast Enter BGP VPN IPv4 unicast address family view a bgp as number b ip vpn instance vpn instance name c address family ipv4 unicast Enter BGP IPv4 multicast address family view a bgp as number...

Page 263: ... 1 Enter system view system view N A 2 Enter BGP view or BGP VPN instance view Enter BGP view bgp as number Enter BGP VPN instance view a bgp as number b ip vpn instance vpn instance name N A 3 Enable BGP route refresh for a peer or peer group Enable BGP route refresh for the specified peer or peer group peer group name ip address capability advertise route refresh Enable BGP route refresh and mul...

Page 264: ...pv6 address all external group group name internal export import ipv6 multicast unicast vpn instance vpn instance name N A Protecting an EBGP peer when memory usage reaches level 2 threshold Memory usage includes the following threshold levels normal level 1 level 2 and level 3 When the level 2 threshold is reached BGP periodically tears down an EBGP session to release memory resources until the m...

Page 265: ...ars down an EBGP session to release memory resources periodically when level 2 threshold is reached Configuring a large scale BGP network In a large network the number of BGP connections is huge and BGP configuration and maintenance are complicated To simply BGP configuration you can use the peer group community route reflector and confederation features as needed For more information about config...

Page 266: ...or peer group peer group name ip address advertise community Advertise the extended community attribute to a peer or peer group peer group name ip address advertise ext community By default the COMMUNITY or extended community attribute is not advertised 4 Optional Apply a routing policy to routes advertised to a peer or peer group peer group name ip address route policy route policy name export By...

Page 267: ...ute updates among its clients To improve availability you can specify multiple route reflectors for a cluster The route reflectors in the cluster must have the same cluster ID to avoid routing loops To configure a BGP route reflector IPv4 unicast multicast address family Step Command Remarks 1 Enter system view system view N A 2 Enter BGP IPv4 unicast address family view BGP VPN IPv4 unicast addre...

Page 268: ...t no route reflector or client is configured 4 Enable route reflection between clients reflect between clients By default route reflection between clients is enabled 5 Optional Configure the cluster ID of the route reflector reflector cluster id cluster id ip address By default a route reflector uses its own router ID as the cluster ID Ignoring the ORIGINATOR_ID attribute By default BGP drops inco...

Page 269: ...t result in a routing loop After you execute this command BGP also ignores the CLUSTER_LIST attribute Configuring a BGP confederation BGP confederation provides another way to reduce IBGP connections in an AS A confederation contains sub ASs In each sub AS IBGP peers are fully meshed Sub ASs establish EBGP connections in between Configuring a BGP confederation After you split an AS into multiple s...

Page 270: ...1 The BGP GR restarter and helper exchange Open messages for GR capability negotiation If both parties have the GR capability they establish a GR capable session The GR restarter sends the GR timer set by the graceful restart timer restart command to the GR helper in an Open message 2 When BGP restarts the GR restarter does not remove existing BGP routes and it still uses these routes for packet f...

Page 271: ...eful restart timer restart timer The default setting is 150 seconds The time that a peer waits to reestablish a session must be less than the hold time 5 Configure the maximum time to wait for the End of RIB marker graceful restart timer wait for rib timer The default setting is 180 seconds Enabling SNMP notifications for BGP This feature enables generating SNMP notifications for BGP upon neighbor...

Page 272: ...erforms GR which will result in GR failure If you have enabled both BFD and GR for BGP do not disable BFD during a GR process to avoid GR failure BGP maintains neighbor relationships based on the keepalive timer and hold timer in seconds It requires that the hold time must be at least three times the keepalive interval This mechanism makes link failure detection slow Once a failure occurs on a hig...

Page 273: ... Router D fails BGP directs packets to the backup next hop At the same time BGP calculates a new optimal route and forwards packets over the optimal route There are two methods to configure BGP FRR Method 1 Execute the pic command in BGP address family view BGP calculates a backup next hop for each BGP route in the address family if there are two or more unequal cost routes that reaches the destin...

Page 274: ... when Method 2 is used to enable BGP FRR For more information about this command see Layer 3 IP Routing Command Reference 4 Set the backup next hop for FRR apply fast reroute backup nexthop ip address By default no backup next hop is set This step is required when Method 2 is used to enable BGP FRR For more information about this command see Layer 3 IP Routing Command Reference 5 Return to system ...

Page 275: ...Create a routing policy and enter routing policy view route policy route policy name permit node node number By default no routing policy is created This step is required when Method 2 is used to enable BGP FRR For more information about this command see Layer 3 IP Routing Command Reference 3 Set the backup next hop for FRR apply ipv6 fast reroute backup nexthop ipv6 address By default no backup n...

Page 276: ...abel to IPv6 routing information received from a CE router and sends the labeled IPv6 routing information to the peer 6PE device through an MP BGP session The peer 6PE device then forwards the IPv6 routing information to the attached customer site 6PE provides tunnels over the IPv4 backbone so the IPv4 backbone can forward packets for IPv6 networks The tunnels can be GRE tunnels MPLS LSPs or MPLS ...

Page 277: ...s with the 6PE peer or peer group peer group name ip address label route capability This function is disabled by default Configuring optional 6PE capabilities Step Command Remarks 1 Enter system view system view N A 2 Enter BGP view bgp as number N A 3 Enter BGP IPv6 unicast address family view address family ipv6 unicast N A 4 Advertise COMMUNITY attribute to the 6PE peer or peer group peer group...

Page 278: ...e 6PE peer or peer group peer group name ip address route limit prefix number alert only discard reconnect reconnect time percentage value By default the number of routes that a router can receive from the 6PE peer or peer group is not limited 15 Specify a preferred value for routes received from the 6PE peer or peer group peer group name ip address preferred value value By default the preferred v...

Page 279: ...play BGP dampening parameter information display bgp dampening parameter ipv4 unicast vpn instance vpn instance name Display BGP IPv4 unicast routing flap statistics display bgp routing table flap info ipv4 unicast vpn instance vpn instance name network address mask mask length longest match as path acl as path acl number Display information about routes advertised by the network command and short...

Page 280: ...whole match adv community list number Display dampened BGP IPv6 unicast routing information display bgp routing table dampened ipv6 unicast vpn instance vpn instance name Display BGP dampening parameter information display bgp dampening parameter ipv6 unicast vpn instance vpn instance name Display BGP IPv6 unicast routing flap statistics display bgp routing table flap info ipv6 unicast vpn instanc...

Page 281: ...isplay bgp network ipv4 multicast Display BGP path attribute information display bgp paths as regular expression Display BGP IPv4 multicast address family update group information display bgp update group ipv4 multicast ip address Execute display commands in any view IPv6 multicast address family Task Command Display BGP IPv6 multicast peer group information display bgp group ipv6 multicast group ...

Page 282: ...dress family reset bgp as number ip address all external group group name internal ipv4 multicast Reset BGP sessions for IPv6 multicast address family reset bgp as number ipv6 address all external group group name internal ipv6 multicast Clearing BGP information Execute reset commands in user view Task Command Clear dampening information for BGP IPv4 unicast routes and release suppressed BGP IPv4 ...

Page 283: ...Router B and Router C so that Router C can access the network 8 1 1 0 24 connected to Router A Figure 62 Network diagram Configuration considerations To prevent route flapping caused by port state changes this example uses loopback interfaces to establish IBGP connections Because loopback interfaces are virtual interfaces you need to use the peer connect interface command to specify the loopback i...

Page 284: ...nect interface loopback 0 RouterC bgp address family ipv4 unicast RouterC bgp ipv4 peer 2 2 2 2 enable RouterC bgp ipv4 quit RouterC bgp quit RouterC ospf 1 RouterC ospf 1 area 0 RouterC ospf 1 area 0 0 0 0 network 3 3 3 3 0 0 0 0 RouterC ospf 1 area 0 0 0 0 network 9 1 1 0 0 0 0 255 RouterC ospf 1 area 0 0 0 0 quit RouterC ospf 1 quit RouterC display bgp peer ipv4 BGP local router ID 3 3 3 3 Loca...

Page 285: ... Established 3 1 1 2 65008 3 3 0 1 00 00 08 Established The output shows that Router B has established an IBGP peer relationship with Router C and an EBGP peer relationship with Router A Display the BGP routing table on Router A RouterA display bgp routing table ipv4 Total number of routes 1 BGP local router ID is 1 1 1 1 Status codes valid best d dampened h history s suppressed S stale i internal...

Page 286: ...t routes on Router B so Router A can obtain the route to 9 1 1 0 24 and Router C can obtain the route to 3 1 1 0 24 Configure Router B RouterB bgp 65009 RouterB bgp address family ipv4 unicast RouterB bgp ipv4 import route direct RouterB bgp ipv4 quit RouterB bgp quit Display the BGP routing table on Router A RouterA display bgp routing table ipv4 Total number of routes 4 BGP local router ID is 1 ...

Page 287: ... 2 ttl 255 time 0 000 ms 56 bytes from 8 1 1 1 icmp_seq 3 ttl 255 time 0 000 ms 56 bytes from 8 1 1 1 icmp_seq 4 ttl 255 time 1 000 ms Ping statistics for 8 1 1 1 5 packet s transmitted 5 packet s received 0 0 packet loss round trip min avg max std dev 0 000 0 600 2 000 0 800 ms BGP and IGP route redistribution configuration example Network requirements As shown in Figure 63 all devices of company...

Page 288: ...outerC ospf 1 import route direct RouterC ospf 1 area 0 RouterC ospf 1 area 0 0 0 0 network 9 1 1 0 0 0 0 255 RouterC ospf 1 area 0 0 0 0 quit RouterC ospf 1 quit 3 Configure the EBGP connection Configure the EBGP connection and inject network 8 1 1 0 24 to the BGP routing table of Router A so Router B can obtain the route to 8 1 1 0 24 Configure Router A RouterA system view RouterA bgp 65008 Rout...

Page 289: ...Router C RouterC display ospf routing OSPF Process 1 with Router ID 3 3 3 3 Routing Tables Routing for Network Destination Cost Type NextHop AdvRouter Area 9 1 1 0 24 1 Transit 9 1 1 2 3 3 3 3 0 0 0 0 2 2 2 2 32 1 Stub 9 1 1 1 2 2 2 2 0 0 0 0 Routing for ASEs Destination Cost Type Tag NextHop AdvRouter 8 1 1 0 24 1 Type2 1 9 1 1 1 2 2 2 2 Total Nets 3 Intra Area 2 Inter Area 0 ASE 1 NSSA 0 Verifyi...

Page 290: ... avg max std dev 3 000 4 400 9 000 2 332 ms BGP route summarization configuration example Network requirements As shown in Figure 64 run EBGP between Router C and Router D so the internal network and external network can communicate with each other In AS 65106 configure static routing between Router A and Router B configure OSPF between Router B and Router C and configure OSPF to redistribute stat...

Page 291: ...import route static RouterB ospf 1 quit Configure OSPF to advertise local networks on Router C RouterC ospf RouterC ospf 1 area 0 RouterC ospf 1 area 0 0 0 0 network 172 17 100 0 0 0 0 255 RouterC ospf 1 area 0 0 0 0 network 10 220 2 0 0 0 0 255 RouterC ospf 1 area 0 0 0 0 quit RouterC ospf 1 quit Display the IP routing table on Router C RouterC display ip routing table protocol ospf Summary Count...

Page 292: ...outing table Status Active Summary Count 3 Destination Mask Proto Pre Cost NextHop Interface 192 168 64 0 24 BGP 255 1 10 220 2 16 GE1 0 192 168 74 0 24 BGP 255 1 10 220 2 16 GE1 0 192 168 99 0 24 BGP 255 1 10 220 2 16 GE1 0 BGP Routing table Status Inactive Summary Count 0 The output shows that Router D has learned routes to 192 168 64 0 24 192 168 74 0 24 and 192 168 99 0 24 through BGP After th...

Page 293: ...utput shows that Router D has only one route 192 168 64 0 18 to AS 65106 After the above configurations ping the hosts on subnets 192 168 64 0 24 192 168 74 0 24 and 192 168 99 0 24 from Router D The ping operations succeed BGP load balancing configuration example Network requirements As shown in Figure 65 run EBGP between Router A and Router B and between Router A and Router C Run IBGP between Ro...

Page 294: ...rA system view RouterA bgp 65008 RouterA bgp router id 1 1 1 1 RouterA bgp peer 3 1 1 1 as number 65009 RouterA bgp peer 3 1 2 1 as number 65009 RouterA bgp address family ipv4 unicast RouterA bgp ipv4 peer 3 1 1 1 enable RouterA bgp ipv4 peer 3 1 2 1 enable RouterA bgp ipv4 network 8 1 1 1 24 RouterA bgp ipv4 quit RouterA bgp quit Configure Router B RouterB system view RouterB bgp 65009 RouterB b...

Page 295: ...han sign indicating it is the best route The route with next hop 3 1 2 1 is marked with an asterisk indicating it is a valid route but not the best By using the display ip routing table command you can find there is only one route to 9 1 1 0 24 with next hop 3 1 1 1 and outbound interface GigabitEthernet 2 0 3 On Router A configure the maximum number of ECMP routes destined for AS 65009 as 2 to im...

Page 296: ...outer A and Router C Configure NO_EXPORT community attribute on Router A so that AS 20 does not advertise routes received from AS 10 to any other AS Figure 66 Network diagram Configuration procedure 1 Configure IP addresses for interfaces Details not shown 2 Configure EBGP connections Configure Router A RouterA system view RouterA bgp 10 RouterA bgp router id 1 1 1 1 RouterA bgp peer 200 1 2 2 as ...

Page 297: ...Router B RouterB display bgp routing table ipv4 9 1 1 0 BGP local router ID 2 2 2 2 Local AS number 20 Paths 1 available 1 best BGP routing table information of 9 1 1 0 24 From 200 1 2 1 1 1 1 1 Rely nexthop 200 1 2 1 Original nexthop 200 1 2 1 OutLabel NULL AS path 10 Origin igp Attribute value pref val 0 State valid external best IP precedence N A QoS local ID N A IP precedence N A QoS local ID ...

Page 298: ... COMMUNITY attribute Configure a routing policy RouterA route policy comm_policy permit node 0 RouterA route policy comm_policy 0 apply community no export RouterA route policy comm_policy 0 quit Apply the routing policy RouterA bgp 10 RouterA bgp address family ipv4 unicast RouterA bgp ipv4 peer 200 1 2 2 route policy comm_policy export RouterA bgp ipv4 peer 200 1 2 2 advertise community Verifyin...

Page 299: ...et Display the BGP routing table on Router C RouterC display bgp routing table ipv4 Total number of routes 0 The output shows the NO_EXPORT community attribute In this case Router B does not advertise the route 9 1 1 0 24 through BGP BGP route reflector configuration example Network requirements As shown in Figure 67 run EBGP between Router A and Router B run IBGP between Router C and Router B and...

Page 300: ...1 1 1 as number 200 RouterB bgp address family ipv4 unicast RouterB bgp ipv4 peer 192 1 1 1 enable RouterB bgp ipv4 peer 193 1 1 1 enable RouterB bgp ipv4 peer 193 1 1 1 next hop local RouterB bgp ipv4 quit RouterB bgp quit Configure Router C RouterC system view RouterC bgp 200 RouterC bgp router id 3 3 3 3 RouterC bgp peer 193 1 1 2 as number 200 RouterC bgp peer 194 1 1 2 as number 200 RouterC b...

Page 301: ...GP incomplete Network NextHop MED LocPrf PrefVal Path Ogn e 20 0 0 0 192 1 1 1 0 0 100i Display the BGP routing table on Router D RouterD display bgp routing table ipv4 Total number of routes 1 BGP local router ID is 4 4 4 4 Status codes valid best d dampened h history s suppressed S stale i internal e external Origin i IGP e EGP incomplete Network NextHop MED LocPrf PrefVal Path Ogn i 20 0 0 0 19...

Page 302: ...guration procedure 1 Configure IP addresses for interfaces Details not shown 2 Configure the BGP confederation Configure Router A RouterA system view RouterA bgp 65001 RouterA bgp router id 1 1 1 1 RouterA bgp confederation id 200 RouterA bgp confederation peer as 65002 65003 RouterA bgp peer 10 1 1 2 as number 65002 RouterA bgp peer 10 1 2 2 as number 65003 RouterA bgp address family ipv4 unicast...

Page 303: ...outerC bgp quit 3 Configure IBGP connections in AS65001 Configure Router A RouterA bgp 65001 RouterA bgp peer 10 1 3 2 as number 65001 RouterA bgp peer 10 1 4 2 as number 65001 RouterA bgp address family ipv4 unicast RouterA bgp ipv4 peer 10 1 3 2 enable RouterA bgp ipv4 peer 10 1 4 2 enable RouterA bgp ipv4 peer 10 1 3 2 next hop local RouterA bgp ipv4 peer 10 1 4 2 next hop local RouterA bgp ipv...

Page 304: ... quit RouterA bgp quit Configure Router F RouterF system view RouterF bgp 100 RouterF bgp router id 6 6 6 6 RouterF bgp peer 200 1 1 1 as number 200 RouterF bgp address family ipv4 unicast RouterF bgp ipv4 peer 200 1 1 1 enable RouterF bgp ipv4 network 9 1 1 0 255 255 255 0 RouterF bgp ipv4 quit RouterF bgp quit Verifying the configuration Display the BGP routing table on Router B RouterB display ...

Page 305: ...ting table on Router D RouterD display bgp routing table ipv4 Total number of routes 1 BGP local router ID is 4 4 4 4 Status codes valid best d dampened h history s suppressed S stale i internal e external Origin i IGP e EGP incomplete Network NextHop MED LocPrf PrefVal Path Ogn i 9 1 1 0 24 10 1 3 1 0 100 0 100i RouterD display bgp routing table ipv4 9 1 1 0 BGP local router ID 4 4 4 4 Local AS n...

Page 306: ...t connection in between BGP path selection configuration example Network requirements As shown in Figure 69 all routers run BGP EBGP runs between Router A and Router B and between Router A and Router C IBGP runs between Router B and Router D and between Router D and Router C OSPF is the IGP protocol in AS 200 Configure routing policies to make Router D give priority to the route 1 0 0 0 8 learned ...

Page 307: ...outerD system view RouterD ospf RouterD ospf area 0 RouterD ospf 1 area 0 0 0 0 network 194 1 1 0 0 0 0 255 RouterD ospf 1 area 0 0 0 0 network 195 1 1 0 0 0 0 255 RouterD ospf 1 area 0 0 0 0 quit RouterD ospf 1 quit 3 Configure BGP connections Configure Router A RouterA system view RouterA bgp 100 RouterA bgp peer 192 1 1 2 as number 200 RouterA bgp peer 193 1 1 2 as number 200 RouterA bgp addres...

Page 308: ... to permit the route 1 0 0 0 8 RouterA acl number 2000 RouterA acl basic 2000 rule permit source 1 0 0 0 0 255 255 255 RouterA acl basic 2000 quit Define routing policy apply_med_50 that sets the MED value of route 1 0 0 0 8 to 50 and routing policy apply_med_100 that sets the MED value of route 1 0 0 0 8 to 100 RouterA route policy apply_med_50 permit node 10 RouterA route policy apply_med_50 10 ...

Page 309: ...basic 2000 quit Define routing policy localpref on Router C to set the local preference of route 1 0 0 0 8 to 200 the default is 100 RouterC route policy localpref permit node 10 RouterC route policy localpref 10 if match ip address acl 2000 RouterC route policy localpref 10 apply local preference 200 RouterC route policy localpref 10 quit Apply the routing policy localpref to the route from the p...

Page 310: ...reach each other Details not shown 3 Configure BGP on Router A Establish two IBGP connections to Router C RouterA system view RouterA bgp 200 RouterA bgp peer 3 0 2 2 as number 200 RouterA bgp peer 2 0 2 2 as number 200 RouterA bgp address family ipv4 unicast RouterA bgp ipv4 peer 3 0 2 2 enable RouterA bgp ipv4 peer 2 0 2 2 enable RouterA bgp ipv4 quit Create ACL 2000 to permit 1 1 1 0 24 to pass...

Page 311: ... export RouterA bgp ipv4 quit Enable BFD for peer 3 0 2 2 RouterA bgp peer 3 0 2 2 bfd RouterA bgp quit 4 Configure BGP on Router C Establish two IBGP connections to Router A RouterC system view RouterC bgp 200 RouterC bgp peer 3 0 1 1 as number 200 RouterC bgp peer 2 0 1 1 as number 200 RouterC bgp address family ipv4 unicast RouterC bgp ipv4 peer 3 0 1 1 enable RouterC bgp ipv4 peer 2 0 1 1 enab...

Page 312: ...th connections are in Established state Display route 1 1 1 0 24 on Router C RouterC display ip routing table 1 1 1 0 24 verbose Summary Count 1 Destination 1 1 1 0 24 Protocol BGP Process ID 0 SubProtID 0x1 Age 00h00m09s Cost 50 Preference 255 Tag 0 State Active Adv OrigTblID 0x1 OrigVrf default vrf TableID 0x2 OrigAs 0 NBRID 0x15000001 LastAs 0 AttrID 0x1 Neighbor 3 0 1 1 Flags 0x10060 OrigNextH...

Page 313: ...ork requirements As shown in Figure 71 configure BGP FRR so that when Link B fails BGP uses Link A to forward traffic Figure 71 Network diagram Configuration procedure 1 Configure IP addresses for interfaces Details not shown 2 Configure OSPF in AS 200 to ensure connectivity among Router B Router C and Router D Details not shown 3 Configure BGP connections Configure Router A to establish EBGP sess...

Page 314: ... quit Configure Router C to establish an EBGP session with Router A and an IBGP session with Router D RouterC system view RouterC bgp 200 RouterC bgp router id 3 3 3 3 RouterC bgp peer 30 1 1 1 as number 100 RouterC bgp peer 4 4 4 4 as number 200 RouterC bgp peer 4 4 4 4 connect interface loopback 0 RouterC bgp address family ipv4 unicast RouterC bgp ipv4 peer 30 1 1 1 enable RouterC bgp ipv4 peer...

Page 315: ...p nexthop 30 1 1 3 RouterA route policy quit Use echo mode BFD to detect the connectivity to Router D RouterA bgp 100 RouterA bgp primary path detect bfd echo Apply the routing policy to BGP FRR for BGP IPv4 unicast address family RouterA bgp address family ipv4 unicast RouterA bgp ipv4 fast reroute route policy frr RouterA bgp ipv4 quit RouterA bgp quit On Router D configure the source address of...

Page 316: ... BkLabel NULL BkNextHop 30 1 1 3 Tunnel ID Invalid Interface GE1 0 BkTunnel ID Invalid BkInterface GE2 0 FtnIndex 0x0 Display detailed information about the route to 1 1 1 1 32 on Router D The output shows the backup next hop for the route RouterD display ip routing table 1 1 1 1 32 verbose Summary Count 1 Destination 1 1 1 1 32 Protocol BGP Process ID 0 SubProtID 0x1 Age 00h00m36s Cost 0 Preferen...

Page 317: ...ew RouterB bgp 65009 RouterB bgp router id 2 2 2 2 RouterB bgp peer 9 2 as number 65009 RouterB bgp address family ipv6 RouterB bgp ipv6 peer 9 2 enable RouterB bgp ipv6 quit Configure Router C RouterC system view RouterC bgp 65009 RouterC bgp router id 3 3 3 3 RouterC bgp peer 9 1 as number 65009 RouterC bgp address family ipv6 RouterC bgp ipv6 peer 9 1 enable 3 Configure EBGP Configure Router A ...

Page 318: ... bgp peer ipv6 BGP local router ID 2 2 2 2 Local AS number 65009 Total number of peers 2 Peers in established state 2 Peer AS MsgRcvd MsgSent OutQ PrefRcv Up Down State 9 2 65009 41 43 0 1 00 29 00 Established 10 2 65008 38 38 0 2 00 27 20 Established The output shows that Router A and Router B have established an EBGP connection and Router B and Router C have established an IBGP connection Displa...

Page 319: ...n of AS 65009 Display IPv6 BGP routing table information on Router C RouterC display bgp routing table ipv6 Total number of routes 4 BGP local router ID is 3 3 3 3 Status codes valid best d dampened h history s suppressed S stale i internal e external Origin i IGP e EGP incomplete Network 9 PrefixLen 64 NextHop LocPrf PrefVal 32768 OutLabel NULL MED 0 Path Ogn i i Network 9 PrefixLen 64 NextHop 9 ...

Page 320: ...ents Router B and D Figure 73 Network diagram Configuration procedure 1 Configure IPv6 addresses for interfaces and IPv4 addresses for loopback interfaces Details not shown 2 Configure IBGP and EBGP connections and advertise network routes through IPv6 BGP Configure Router A RouterA system view RouterA bgp 100 RouterA bgp router id 1 1 1 1 RouterA bgp peer 100 2 as number 200 RouterA bgp address f...

Page 321: ...Configure Router D RouterD system view RouterD bgp 200 RouterD bgp router id 4 4 4 4 RouterD bgp peer 102 1 as number 200 RouterD bgp address family ipv6 RouterD bgp ipv6 peer 102 1 enable RouterD bgp ipv6 network 102 96 3 Configure Router C as a route reflector and configure Router B and Router D as its clients RouterC bgp ipv6 peer 101 2 reflect client RouterC bgp ipv6 peer 102 2 reflect client ...

Page 322: ...00 PrefVal 0 OutLabel NULL MED 0 Path Ogn i The output shows that Router D has learned the network 1 64 from Router C through route reflection 6PE configuration example Network requirements Use 6PE to connect two isolated IPv6 networks over an IPv4 MPLS network The ISP uses OSPF as the IGP PE 1 and PE 2 are edge devices of the ISP and establish an IPv4 IBGP connection between them CE 1 and CE 2 ar...

Page 323: ...ldp enable PE1 GigabitEthernet2 0 quit Configure IBGP enable the peer s 6PE capabilities and redistribute IPv6 direct and static routes PE1 bgp 65100 PE1 bgp router id 2 2 2 2 PE1 bgp peer 3 3 3 3 as number 65100 PE1 bgp peer 3 3 3 3 connect interface loopback 0 PE1 bgp address family ipv6 PE1 bgp ipv6 import route direct PE1 bgp ipv6 import route static PE1 bgp ipv6 peer 3 3 3 3 enable PE1 bgp ip...

Page 324: ...r 65100 PE2 bgp peer 2 2 2 2 connect interface loopback 0 PE2 bgp address family ipv6 PE2 bgp ipv6 import route direct PE2 bgp ipv6 import route static PE2 bgp ipv6 peer 2 2 2 2 enable PE2 bgp ipv6 peer 2 2 2 2 label route capability PE2 bgp ipv6 quit PE2 bgp quit Configure the static route to CE 2 PE2 ipv6 route static 4 4 128 20 1 Configure OSPF for the ISP PE2 ospf PE2 ospf 1 area 0 PE2 ospf 1 ...

Page 325: ...ocPrf PrefVal 32768 OutLabel NULL MED 0 Path Ogn Network 10 2 PrefixLen 128 NextHop 1 LocPrf PrefVal 32768 OutLabel NULL MED 0 Path Ogn i Network 20 PrefixLen 64 NextHop FFFF 3 3 3 3 LocPrf 100 PrefVal 0 OutLabel 1278 MED 0 Path Ogn Ping the IPv6 address 4 4 loopback interface address of CE 2 from CE 1 The ping operation succeeds BFD for IPv6 BGP configuration example Network requirements As shown...

Page 326: ...ate IPv6 ACL 2000 to permit 1200 0 64 to pass RouterA acl ipv6 number 2000 RouterA acl6 basic 2000 rule permit source 1200 64 RouterA acl6 basic 2000 quit Create two routing policies to set the MED for route 1200 0 64 The policy apply_med_50 sets the MED to 50 and the policy apply_med_100 sets the MED to 100 RouterA route policy apply_med_50 permit node 10 RouterA route policy apply_med_50 10 if m...

Page 327: ... ipv6 RouterC bgp ipv6 peer 3001 1 enable RouterC bgp ipv6 peer 2001 1 enable RouterC bgp ipv6 quit Enable BFD for peer 3001 1 RouterC bgp peer 3001 1 bfd RouterC bgp quit RouterC quit Verifying the configuration Display detailed BFD session information on Router C RouterC display bfd session verbose Total Session Num 1 Up Session Num 1 Init Mode Active IPv6 Session Working Under Ctrl Mode Local D...

Page 328: ... Tag 0 State Active Adv OrigTblID 0x1 OrigVrf default vrf TableID 0xa OrigAs 0 NBRID 0x25000001 LastAs 0 AttrID 0x1 Neighbor 3001 1 Flags 0x10060 OrigNextHop 3001 1 Label NULL RealNextHop FE80 20C 29FF FE4A 3873 BkLabel NULL BkNextHop N A Tunnel ID Invalid Interface GigabitEthernet1 0 BkTunnel ID Invalid BkInterface N A The output shows that Router C communicates with network 1200 0 64 through the...

Page 329: ... interfaces Details not shown 2 Configure OSPFv3 in AS 200 to ensure connectivity among Router B Router C and Router D Details not shown 3 Configure BGP connections Configure Router A to establish EBGP sessions with Router B and Router C and advertise network 1 64 RouterA system view RouterA bgp 100 RouterA router id 1 1 1 1 RouterA bgp peer 3001 2 as number 200 RouterA bgp peer 2001 2 as number 2...

Page 330: ...terC bgp ipv6 peer 2001 1 enable RouterC bgp ipv6 peer 2002 2 enable RouterC bgp ipv6 peer 2002 2 next hop local RouterC bgp ipv6 quit RouterC bgp quit Configure Router D to establish IBGP sessions with Router B and Router C and advertise network 4 64 RouterD system view RouterD bgp 200 RouterD bgp peer 3002 1 as number 200 RouterD bgp peer 2002 1 as number 200 RouterD bgp address family ipv6 unic...

Page 331: ...e route destined for 1 64 RouterD system view RouterD ipv6 prefix list abc index 10 permit 1 64 RouterD route policy frr permit node 10 RouterD route policy if match ipv6 address prefix list abc RouterD route policy apply ipv6 fast reroute backup nexthop 2002 1 RouterD route policy quit Apply the routing policy to BGP FRR for BGP IPv6 unicast address family RouterD bgp 200 RouterD bgp address fami...

Page 332: ... OrigVrf default vrf TableID 0xa OrigAs 100 NibID 0x25000003 LastAs 100 AttrID 0x4 Neighbor 3002 1 Flags 0x10060 OrigNextHop 3002 1 Label NULL RealNextHop 3002 1 BkLabel NULL BkNextHop 2002 1 Tunnel ID Invalid Interface GE1 0 BkTunnel ID Invalid BkInterface GE2 0 FtnIndex 0x0 IPsec for IPv6 BGP packets configuration example Network requirements As shown in Figure 77 all routers run IPv6 BGP Establ...

Page 333: ...eer 3 1 group ebgp RouterC bgp address family ipv6 unicast RouterC bgp ipv6 peer ebgp enable RouterC bgp ipv6 quit RouterC bgp quit Configure Router B RouterB bgp group ebgp external RouterB bgp peer 3 2 as number 65009 RouterB bgp peer 3 2 group ebgp RouterB bgp address family ipv6 unicast RouterB bgp ipv6 peer ebgp enable RouterB bgp ipv6 quit RouterB bgp quit 4 Configure IPsec transform sets an...

Page 334: ... transport RouterB ipsec transform set tran1 esp encryption algorithm des RouterB ipsec transform set tran1 esp authentication algorithm sha1 RouterB ipsec transform set tran1 quit RouterB ipsec profile policy001 manual RouterB ipsec profile policy001 manual transform set tran1 RouterB ipsec profile policy001 manual sa spi outbound esp 12345 RouterB ipsec profile policy001 manual sa spi inbound es...

Page 335: ...A bgp 65008 RouterA bgp peer 1 2 ipsec profile policy001 RouterA bgp quit Configure Router B RouterB bgp 65008 RouterB bgp peer 1 1 ipsec profile policy001 RouterB bgp quit 6 Configure IPsec to protect IPv6 BGP packets between Router B and Router C Configure Router C RouterC bgp 65009 RouterC bgp peer ebgp ipsec profile policy002 RouterC bgp quit Configure Router B RouterB bgp 65008 RouterB bgp pe...

Page 336: ... 1 1 RouteRefresh 0 0 0 0 Total 2 2 3 5 Maximum allowed prefix number 4294967295 Threshold 75 Minimum time between advertisements is 15 seconds Optional capabilities Multi protocol extended capability has been enabled Route refresh capability has been enabled Peer preferred value 0 IPsec profile name policy001 Routing policy configured No routing policy is configured Peer 3 2 Local 2 2 2 2 Type EB...

Page 337: ...icast or display bgp peer ipv6 unicast command The state of the connection to a peer cannot become established Analysis To become BGP peers any two routers must establish a TCP connection using port 179 and exchange Open messages successfully Solution 1 Use the display current configuration command to verify the current configuration and verify that the peer s AS number is correct 2 Use the displa...

Page 338: ... as the ICMP packets generated by using the ping command Interface PBR guides the forwarding of packets received on an interface only Policy A policy contains match criteria and actions to be taken on the matching packets A policy can have one or multiple nodes as follows Each node is identified by a node number A smaller node number has a higher priority A node contains if match and apply clauses...

Page 339: ...tput interface takes over Load sharing mode Multiple next hops or output interfaces load share traffic on a per packet basis in turn according to the configuration order By default the primary backup mode applies apply access vpn vpn instance Sets VPN instances If a packet matches a forwarding entry of a specified VPN instance it is forwarded in the VPN instance apply next hop and apply output int...

Page 340: ...e The packet is forwarded according to the routing table No PBR matches the packet against the next node PBR matches the packet against the next node A node that has no if match clauses matches any packet PBR and Track PBR can work with the Track feature to dynamically adapt the availability status of an apply clause to the link status of a tracked object The tracked object can be a next hop outpu...

Page 341: ...y name deny permit node node number N A 3 Configure an ACL match criterion if match acl acl number acl number name acl name By default no ACL match criterion is configured 4 Configure a packet length match criterion if match packet length min len max len By default no packet length match criterion is configured NOTE Implementation of the permit or deny action and the time range of the specified AC...

Page 342: ...mand once or multiple times You can specify up to 16 output interfaces for a node 9 Enable load sharing among multiple output interfaces apply loadshare output interface By default the output interfaces operate in primary backup mode 10 Set default next hops apply default next hop vpn instance vpn instance name inbound vpn ip address direct track track entry number 1 n By default no default next h...

Page 343: ...To configure local PBR Step Command Remarks 1 Enter system view system view N A 2 Apply a policy locally ip local policy based route policy name By default no policy is locally applied Configuring interface PBR Configure PBR by applying a policy to an interface PBR uses the policy to guide the forwarding of packets received on the interface The specified policy must already exist Otherwise the int...

Page 344: ...Displaying and maintaining PBR Execute display commands in any view and reset commands in user view Task Command Display PBR policy information display ip policy based route policy policy name Display PBR configuration display ip policy based route setup Display local PBR configuration and statistics display ip policy based route local Display interface PBR configuration and statistics display ip ...

Page 345: ... configure an IP address for the interface RouterB system view RouterB interface gigabitethernet 1 0 RouterB GigabitEthernet1 0 ip address 1 1 2 2 24 3 On Router C configure an IP address for the interface RouterC system view RouterC interface gigabitethernet 2 0 RouterC GigabitEthernet2 0 ip address 1 1 3 2 24 Verifying the configuration Telnet to Router B on Router A The operation succeeds Telne...

Page 346: ...ure Node 5 for policy aaa to forward TCP packets to next hop 1 1 2 2 RouterA policy based route aaa permit node 5 RouterA pbr aaa 5 if match acl 3101 RouterA pbr aaa 5 apply next hop 1 1 2 2 RouterA pbr aaa 5 quit Configure interface PBR by applying policy aaa to GigabitEthernet 3 0 RouterA interface gigabitethernet 3 0 RouterA GigabitEthernet3 0 ip address 10 110 0 10 24 RouterA GigabitEthernet3 ...

Page 347: ... connected to Router A The operation succeeds On Host A Telnet to Router C that is directly connected to Router A The operation fails Ping Router C from Host A The operation succeeds Telnet uses TCP and ping uses ICMP The preceding results show that all TCP packets arriving on GigabitEthernet 3 0 of Router A are forwarded to the next hop 1 1 2 2 and other packets are forwarded through GigabitEther...

Page 348: ...100 RouterA pbr lab1 10 apply next hop 150 1 1 2 RouterA pbr lab1 10 quit RouterA policy based route lab1 permit node 20 RouterA pbr lab1 20 if match packet length 101 1000 RouterA pbr lab1 20 apply next hop 151 1 1 2 RouterA pbr lab1 20 quit Configure interface PBR by applying policy lab1 to GigabitEthernet 3 0 RouterA interface gigabitethernet 3 0 RouterA GigabitEthernet3 0 ip address 192 1 1 1 ...

Page 349: ...33 519 2012 RouterA PBR4 7 PBR Forward Info MDC 1 Policy lab1 Node 10 match succeeded Jun 26 12 04 33 519 2012 RouterA PBR4 7 PBR Forward Info MDC 1 apply next hop 150 1 1 2 The output shows that Router A sets the next hop for the received packets to 150 1 1 2 according to PBR The packets are forwarded through GigabitEthernet 1 0 Ping Loopback 0 of Router B from Host A and set the data length to 2...

Page 350: ... 192 168 10 2 to 4 1 1 2 24 Set the next hop of other packets to 5 1 1 2 24 Figure 81 Network diagram Configuration procedure 1 Configure Router A Configure IP addresses for the interfaces RouterA system view RouterA interface gigabitethernet 1 0 RouterA GigabitEthernet1 0 ip address 4 1 1 1 24 RouterA GigabitEthernet1 0 quit RouterA interface gigabitethernet 2 0 RouterA GigabitEthernet2 0 ip addr...

Page 351: ...work 192 168 10 0 24 RouterB ip route static 192 168 10 0 24 4 1 1 1 3 Configure Router C Configure an IP address for the interface RouterC system view RouterC interface gigabitethernet 2 0 RouterC GigabitEthernet2 0 ip address 5 1 1 2 24 RouterC GigabitEthernet2 0 quit Configure a static route to network 192 168 10 0 24 RouterC ip route static 192 168 10 0 24 5 1 1 1 Verifying the configuration C...

Page 352: ...ddress prefix length interface type interface number next hop address next hop address vpn instance d vpn instance name next hop address permanent preference preference value tag tag value description description text Method 2 ipv6 route static vpn instance s vpn instance name ipv6 address prefix length interface type interface number next hop address next hop address public vpn instance d vpn ins...

Page 353: ...erface and a direct next hop Specify an indirect next hop and a BFD packet source address for the static route To configure BFD control mode for an IPv6 static route direct next hop Step Command Remarks 1 Enter system view system view N A 2 Configure BFD control mode for an IPv6 static route Method 1 ipv6 route static ipv6 address prefix length interface type interface number next hop address bfd ...

Page 354: ...alue tag tag value description description text Use either method By default BFD control mode for an IPv6 static route is not configured Single hop echo mode With BFD echo mode enabled for a static route the output interface sends BFD echo packets to the destination device which loops the packets back to test the link reachability IMPORTANT Do not use BFD for a static route with the output interfa...

Page 355: ...de for an IPv6 static route is not configured The next hop IPv6 address must be a global unicast address Displaying and maintaining IPv6 static routes Execute display commands in any view Task Command Display IPv6 static route information display ipv6 routing table protocol static inactive verbose Display IPv6 static route next hop information display ipv6 route static nib nib id verbose Display I...

Page 356: ...default IPv6 route on Router C RouterC system view RouterC ipv6 route static 0 5 2 3 Configure the IPv6 addresses for all hosts and configure the default gateway of Host A Host B and Host C as 1 1 2 1 and 3 1 Verifying the configuration Display the IPv6 static route information on Router A RouterA display ipv6 routing table protocol static Summary Count 1 Static Routing table Status Active Summary...

Page 357: ...mary Count 0 Use the ping command to test reachability RouterA ping ipv6 3 1 Ping6 104 40 8 56 bytes 4 1 3 1 press CTRL_C to break 56 bytes from 3 1 icmp_seq 0 hlim 62 time 0 700 ms 56 bytes from 3 1 icmp_seq 1 hlim 62 time 0 351 ms 56 bytes from 3 1 icmp_seq 2 hlim 62 time 0 338 ms 56 bytes from 3 1 icmp_seq 3 hlim 62 time 0 373 ms 56 bytes from 3 1 icmp_seq 4 hlim 62 time 0 316 ms Ping6 statisti...

Page 358: ... Router A GE2 0 10 102 64 Router C GE1 0 10 100 64 Router B GE1 0 12 2 64 Router C GE2 0 13 2 64 Configuration procedure 1 Configure IPv6 addresses for interfaces Details not shown 2 Configure IPv6 static routes and BFD Configure IPv6 static routes on Router A and enable BFD control mode for the IPv6 static route that traverses GigabitEthernet 1 0 RouterA system view RouterA interface gigabitether...

Page 359: ...1 Up Session Num 1 Init Mode Active IPv6 Session Working Under Ctrl Mode Local Discr 513 Remote Discr 33 Source IP FE80 2A0 FCFF FE00 580A link local address of GigabitEthernet1 0 on Router A Destination IP FE80 2E0 FCFF FE58 123E link local address of GigabitEthernet1 0 on Router B Session State Up Interface GE1 0 Hold Time 2012ms The output shows that the BFD session has been created Display IPv...

Page 360: ...er A with the output interface being GigabitEthernet 1 0 Router D has a route to 1 9 128 with the output interface being GigabitEthernet 1 0 and a route to 2 9 128 with the output interface being GigabitEthernet 2 0 Configure an IPv6 static route to subnet 120 64 on Router A and configure an IPv6 static route to subnet 121 64 on Router B Enable BFD for both routes Configure an IPv6 static route to...

Page 361: ... static 120 64 10 100 preference 65 RouterA quit Configure IPv6 static routes on Router B and enable BFD control mode for the IPv6 static route that traverses Router D RouterB system view RouterB bfd multi hop min transmit interval 500 RouterB bfd multi hop min receive interval 500 RouterB bfd multi hop detect multiplier 9 RouterB ipv6 route static 121 64 1 9 bfd control packet bfd source 2 9 Rout...

Page 362: ...otocol Static NextHop 2 9 Preference 60 Interface GE1 0 Cost 0 Static Routing table Status Inactive Summary Count 0 The output shows that Router A communicates with Router B through GigabitEthernet 1 0 The link over GigabitEthernet 1 0 fails Display IPv6 static routes on Router A RouterA display ipv6 routing table protocol static Summary Count 1 Static Routing table Status Active Summary Count 1 D...

Page 363: ...on prefix of 0 For more information see Configuring an IPv6 static route Some dynamic routing protocols such as OSPFv3 IPv6 IS IS and RIPng can generate a default IPv6 route For example an upstream router running OSPFv3 can generate a default IPv6 route and advertise it to other routers which install the default IPv6 route with the next hop being the upstream router For more information see the re...

Page 364: ... for IPv6 has the following differences from RIP UDP port number RIPng uses UDP port 521 to send and receive routing information Multicast address RIPng uses FF02 9 as the link local router multicast address Destination Prefix 128 bit destination address prefix Next hop 128 bit IPv6 address Source address RIPng uses FE80 10 as the link local source address RIPng route entries RIPng stores routing ...

Page 365: ...al Configuring RIPng route control Configuring an additional routing metric Configuring RIPng route summarization Advertising a default route Configuring received redistributed route filtering Configuring a preference for RIPng Configuring RIPng route redistribution Optional Tuning and optimizing the RIPng network Configuring RIPng timers Configuring split horizon and poison reverse Configuring ze...

Page 366: ...d into the routing table and the route s metric is changed To configure an inbound or outbound additional routing metric Step Command Remarks 1 Enter system view system view N A 2 Enter interface view interface interface type interface number N A 3 Specify an inbound additional routing metric ripng metricin value The default setting is 0 4 Specify an outbound additional routing metric ripng metric...

Page 367: ...d routes by using an IPv6 ACL or IPv6 prefix list You can also configure RIPng to filter routes redistributed from other routing protocols and routes from a specified neighbor To configure a RIPng route filtering policy Step Command Remarks 1 Enter system view system view N A 2 Enter RIPng view ripng process id vpn instance vpn instance name N A 3 Configure a filter policy to filter received route...

Page 368: ...ibuted routes default cost cost The default metric of redistributed routes is 0 Tuning and optimizing the RIPng network This section describes how to tune and optimize the performance of the RIPng network as well as applications under special network environments Before you tune and optimize the RIPng network complete the following tasks Configure IPv6 addresses for interfaces to ensure IPv6 conne...

Page 369: ...ce view interface interface type interface number N A 3 Enable split horizon ripng split horizon By default split horizon is enabled Configuring poison reverse The poison reverse function enables a route learned from an interface to be advertised through the interface However the metric of the route is set to 16 which means the route is unreachable To configure poison reverse Step Command Remarks ...

Page 370: ...efined in the relevant IPsec profile A device uses the SPI carried in a received packet to match against the configured IPsec profile If they match the device accepts the packet If they do not match the device discards the packet and does not establish a neighbor relationship with the sending device You can configure an IPsec profile for a RIPng process or interface The IPsec profile configured fo...

Page 371: ...6 address prefix length verbose peer ipv6 address statistics Display RIPng interface information display ripng process id interface interface type interface number Reset a RIPng process reset ripng process id process Clear statistics of a RIPng process reset ripng process id statistics RIPng configuration examples Basic RIPng configuration example Network requirements As shown in Figure 85 all rou...

Page 372: ... RouterC ripng 1 quit RouterC interface gigabitethernet 1 0 RouterC GigabitEthernet1 0 ripng 1 enable RouterC GigabitEthernet1 0 quit RouterC interface gigabitethernet 2 0 RouterC GigabitEthernet2 0 ripng 1 enable RouterC GigabitEthernet2 0 quit RouterC interface gigabitethernet 3 0 RouterC GigabitEthernet3 0 ripng 1 enable RouterC GigabitEthernet3 0 quit Display the RIPng routing table on Router ...

Page 373: ...ceived and redistributed routes RouterB ipv6 prefix list aaa permit 4 64 RouterB ipv6 prefix list bbb deny 2 64 RouterB ipv6 prefix list bbb permit 0 less equal 128 RouterB ripng 1 RouterB ripng 1 filter policy prefix list aaa export RouterB ripng 1 filter policy prefix list bbb import RouterB ripng 1 quit Display the RIPng routing tables on Router B and Router A RouterB display ripng 1 route Rout...

Page 374: ...own 2 Configure basic RIPng Enable RIPng 100 on Router A RouterA system view RouterA ripng 100 RouterA ripng 100 quit RouterA interface gigabitethernet 1 0 RouterA GigabitEthernet1 0 ripng 100 enable RouterA GigabitEthernet1 0 quit RouterA interface gigabitethernet 2 0 RouterA GigabitEthernet2 0 ripng 100 enable Enable RIPng 100 and RIPng 200 on Router B RouterB system view RouterB ripng 100 Route...

Page 375: ...Interface GE2 0 Cost 0 Destination 1 1 128 Protocol Direct NextHop 1 Preference 0 Interface InLoop0 Cost 0 Destination 2 64 Protocol Direct NextHop 2 1 Preference 0 Interface GE1 0 Cost 0 Destination 2 1 128 Protocol Direct NextHop 1 Preference 0 Interface InLoop0 Cost 0 Destination FE80 10 Protocol Direct NextHop Preference 0 Interface NULL0 Cost 0 Destination FF00 8 Protocol Direct NextHop Prefe...

Page 376: ...xtHop 2 1 Preference 0 Interface GE1 0 Cost 0 Destination 2 1 128 Protocol Direct NextHop 1 Preference 0 Interface InLoop0 Cost 0 Destination 4 64 Protocol RIPng NextHop FE80 200 BFF FE01 1C02 Preference 100 Interface GE2 0 Cost 1 Destination FE80 10 Protocol Direct NextHop Preference 0 Interface NULL0 Cost 0 Destination FF00 8 Protocol Direct NextHop Preference 0 Interface NULL0 Cost 0 Configurin...

Page 377: ...itethernet 1 0 RouterC GigabitEthernet1 0 ripng 1 enable RouterC GigabitEthernet1 0 quit 3 Configure RIPng IPsec profiles On Router A create an IPsec transform set named protrf1 and set the encapsulation mode to transport mode the security protocol to ESP the encryption algorithm to 3DES and authentication algorithm to MD5 Create an IPsec profile named profile001 specify the manual mode for it ref...

Page 378: ... esp simple abc RouterB ipsec profile profile001 manual sa string key outbound esp simple abc RouterB ipsec profile profile001 manual quit On Router C create an IPsec transform set named protrf1 and set the encapsulation mode to transport mode the security protocol to ESP the encryption algorithm to 3DES and authentication algorithm to MD5 Create an IPsec profile named profile001 specify the manua...

Page 379: ...367 Configure Router C RouterC ripng 1 RouterC ripng 1 enable ipsec profile profile001 RouterC ripng 1 quit Verifying the configuration RIPng packets between Routers A B and C are protected by IPsec ...

Page 380: ...wn neighbors DD Describes the digest of each LSA in the LSDB exchanged between two routers for data synchronization LSR Requests needed LSAs from the neighbor After exchanging the DD packets the two routers know which LSAs of the neighbor are missing from their LSDBs They then send an LSR packet to each other requesting the missing LSAs The LSA packet contains the digest of the missing LSAs LSU Tr...

Page 381: ...As and Network LSAs contain no address information Grace LSA Type 1 1 LSA generated by a GR Graceful Restart restarter at reboot and transmitted on the local link The GR restarter describes the cause and interval of the reboot in the Grace LSA to notify its neighbors that it performs a GR operation Protocols and standards RFC 5340 OSPF for IPv6 RFC 2328 OSPF Version 2 RFC 3101 OSPF Not So Stubby A...

Page 382: ... process on a router Enable the OSPFv3 process globally Assign the OSPFv3 process a router ID Enable the OSPFv3 process on related interfaces The router ID uniquely identifies the router within an AS If a router runs multiple OSPFv3 processes you must specify a unique router ID for each process An OSPFv3 process ID has only local significance Process 1 on a router can exchange packets with process...

Page 383: ...configured with the stub command The keyword no summary is only available on the ABR of the stub area If you use the stub command with the keyword no summary on an ABR the ABR advertises a default route in an Inter Area Prefix LSA into the stub area No AS External LSA Inter Area Prefix LSA or other Inter Area Router LSA is advertised in the area The stub area of this kind is also known as a totall...

Page 384: ...fault route advertised to the NSSA area default cost cost The default setting is 1 This command takes effect only on the ABR ASBR of an NSSA or totally NSSA area Configuring an OSPFv3 virtual link You can configure a virtual link to maintain connectivity between a non backbone area and the backbone or in the backbone itself IMPORTANT Both ends of a virtual link are ABRs that must be configured wit...

Page 385: ...es associated must be configured as P2MP or as P2P for interfaces with only one neighbor Configuration prerequisites Before you configure OSPFv3 network types enable OSPFv3 Configuring the OSPFv3 network type for an interface Step Command Remarks 1 Enter system view system view N A 2 Enter interface view interface interface type interface number N A 3 Configure a network type for the OSPFv3 interf...

Page 386: ...advertise only the summary route Any LSA on the specified network segment will not be advertised reducing the LSDB size in other areas To configure route summarization Step Command Remarks 1 Enter system view system view N A 2 Enter OSPFv3 view ospfv3 process id vpn instance vpn instance name N A 3 Enter OSPFv3 area view area area id N A 4 Configure route summarization abr summary ipv6 address pre...

Page 387: ... effect only on ABRs Configuring an OSPFv3 cost for an interface You can configure an OSPFv3 cost for an interface with one of the following methods Configure the cost value in interface view Configure a bandwidth reference value for the interface and OSPFv3 computes the cost automatically based on the bandwidth reference value Interface OSPFv3 cost Bandwidth reference value 100 Mbps Interface ban...

Page 388: ...otocols The system assigns a priority for each protocol When these routing protocols find the same route the route found by the protocol with the highest priority is selected To configure a preference for OSPFv3 Step Command Remarks 1 Enter system view system view N A 2 Enter OSPFv3 view ospfv3 process id vpn instance vpn instance name N A 3 Configure a preference for OSPFv3 preference ase route p...

Page 389: ...er redistributed routes filter policy acl6 number prefix list prefix list name export protocol process id By default OSPFv3 accepts all redistributed routes This command filters only routes redistributed with the import route command If the import route command is not configured executing this command does not take effect Tuning and optimizing OSPFv3 networks This section describes configurations ...

Page 390: ... the age time especially for low speed links To specify the LSA transmission delay on an interface Step Command Remarks 1 Enter system view system view N A 2 Enter interface view interface interface type interface number N A 3 Specify the LSA transmission delay ospfv3 trans delay seconds instance instance id By default the LSA transmission delay is 1 second Specifying SPF calculation interval LSDB...

Page 391: ...Command Remarks 1 Enter system view system view N A 2 Enter OSPFv3 view ospfv3 process id vpn instance vpn instance name N A 3 Configure the LSA generation interval lsa generation interval maximum interval minimum interval incremental interval By default the maximum interval is 5 seconds the minimum interval is 0 milliseconds and the incremental interval is 0 milliseconds Configuring a DR priority...

Page 392: ...ame N A 3 Disable interfaces from receiving and sending OSPFv3 packets silent interface interface type interface number all By default the interfaces are able to receive and send OSPFv3 packets This command disables only the interfaces associated with the current process though multiple OSPFv3 processes can disable the same interface from receiving and sending OSPFv3 packets Enabling the logging o...

Page 393: ...g router It must be Graceful Restart capable GR helper The neighbor of the GR restarter It helps the GR restarter to complete the GR process To prevent service interruption a GR restarter running OSPFv3 must complete the following tasks Keep the GR restarter forwarding entries stable during reboot Establish all adjacencies and obtain complete topology information after reboot The GR restarter send...

Page 394: ...figuration Guide After discovering neighbors by sending hello packets OSPFv3 notifies BFD of the neighbor addresses and BFD uses these addresses to establish sessions Before a BFD session is established it is in the down state In this state BFD control packets are sent at an interval of no less than 1 second to reduce BFD control packet traffic After the BFD session is established BFD control pack...

Page 395: ...ual link based IPsec protection configure the same IPsec profile on the two routers connected over the virtual link If an interface and its area each have an IPsec profile configured the interface uses its own IPsec profile If a virtual link and area 0 each have an IPsec profile configured the virtual link uses its own IPsec profile To apply an IPsec profile to an area Step Command Remarks 1 Enter...

Page 396: ...Display OSPFv3 LSDB information display ospfv3 process id lsdb external grace inter prefix inter router intra prefix link network nssa router unknown type link state id originate router router id self originate statistics total verbose Display OSPFv3 next hop information display ospfv3 process id nexthop Display OSPFv3 neighbor information display ospfv3 process id area area id peer interface type...

Page 397: ...own 2 Configure basic OSPFv3 Configure Router A enable OSPFv3 and specify the router ID as 1 1 1 1 RouterA system view RouterA ospfv3 1 RouterA ospfv3 1 router id 1 1 1 1 RouterA ospfv3 1 quit RouterA interface gigabitethernet 1 0 RouterA GigabitEthernet1 0 ospfv3 1 area 1 RouterA GigabitEthernet1 0 quit RouterA interface gigabitethernet 2 0 RouterA GigabitEthernet2 0 ospfv3 1 area 1 RouterA Gigab...

Page 398: ...ble OSPFv3 and specify the router ID as 4 4 4 4 RouterD system view RouterD ospfv3 1 RouterD ospfv3 1 router id 4 4 4 4 RouterD ospfv3 1 quit RouterD interface gigabitethernet 2 0 RouterD GigabitEthernet2 0 ospfv3 1 area 2 RouterD GigabitEthernet2 0 quit Display OSPFv3 neighbors on Router B RouterB display ospfv3 peer OSPFv3 Process 1 with Router ID 2 2 2 2 Area 0 0 0 0 Router ID Pri State Dead Ti...

Page 399: ...pe IA Cost 3 NextHop FE80 F40D 0 93D0 1 Interface GE2 0 AdvRouter 3 3 3 3 Area 0 0 0 0 Preference 10 Destination 2001 2 64 Type I Cost 1 Nexthop Interface GE2 0 AdvRouter 4 4 4 4 Area 0 0 0 2 Preference 10 Destination 2001 3 64 Type IA Cost 4 NextHop FE80 F40D 0 93D0 1 Interface GE2 0 AdvRouter 3 3 3 3 Area 0 0 0 0 Preference 10 Total 4 Intra area 1 Inter area 3 ASE 0 NSSA 0 3 Configure Area 2 as ...

Page 400: ...ter 3 3 3 3 Area 0 0 0 0 Preference 10 Destination 2001 1 64 Type IA Cost 3 NextHop FE80 F40D 0 93D0 1 Interface GE2 0 AdvRouter 3 3 3 3 Area 0 0 0 0 Preference 10 Destination 2001 2 64 Type I Cost 1 Nexthop Interface GE2 0 AdvRouter 4 4 4 4 Area 0 0 0 2 Preference 10 Destination 2001 3 64 Type IA Cost 4 NextHop FE80 F40D 0 93D0 1 Interface GE2 0 AdvRouter 3 3 3 3 Area 0 0 0 0 Preference 10 Total ...

Page 401: ...n 2001 2 64 Type I Cost 1 Nexthop Interface GE2 0 AdvRouter 4 4 4 4 Area 0 0 0 2 Preference 10 Total 2 Intra area 1 Inter area 1 ASE 0 NSSA 0 The output shows that route entries are reduced All indirect routes are removed except the default route OSPFv3 NSSA area configuration example Network requirements Configure OSPFv3 on all routers and split the AS into three areas Configure Router B and Rout...

Page 402: ...t provide the keyword default route advertise for the nssa command on Router B the ABR so that Router A can obtain a default route Configuring the nssa command with the keyword no summary on Router B can reduce the routing table size on NSSA routers On other NSSA routers you only need to configure the nssa command Display OSPFv3 routing information on Router A RouterA display ospfv3 1 routing OSPF...

Page 403: ...spfv3 1 routing OSPFv3 Process 1 with Router ID 4 4 4 4 I Intra area route E1 Type 1 external route N1 Type 1 NSSA route IA Inter area route E2 Type 2 external route N2 Type 2 NSSA route Selected route Destination 2001 64 Type IA Cost 2 NextHop FE80 20C 29FF FEB9 F2EF Interface GE2 0 AdvRouter 3 3 3 3 Area 0 0 0 2 Preference 10 Destination 2001 1 64 Type IA Cost 3 NextHop FE80 20C 29FF FEB9 F2EF I...

Page 404: ...guration procedure 1 Configure IPv6 addresses for interfaces Details not shown 2 Configure basic OSPFv3 Configure Router A enable OSPFv3 and specify the router ID as 1 1 1 1 RouterA system view RouterA ospfv3 RouterA ospfv3 1 router id 1 1 1 1 RouterA ospfv3 1 quit RouterA interface gigabitethernet 1 0 RouterA GigabitEthernet1 0 ospfv3 1 area 0 RouterA GigabitEthernet1 0 quit Configure Router B en...

Page 405: ...ospfv3 peer OSPFv3 Process 1 with Router ID 1 1 1 1 Area 0 0 0 0 Router ID Pri State Dead Time InstID Interface 2 2 2 2 1 2 Way DROther 00 00 36 0 GE1 0 3 3 3 3 1 Full BDR 00 00 35 0 GE1 0 4 4 4 4 1 Full DR 00 00 33 0 GE1 0 Display neighbors on Router D The neighbor states are all full RouterD display ospfv3 peer OSPFv3 Process 1 with Router ID 4 4 4 4 Area 0 0 0 0 Router ID Pri State Dead Time In...

Page 406: ... on Router D RouterD display ospfv3 peer OSPFv3 Process 1 with Router ID 4 4 4 4 Area 0 0 0 0 Router ID Pri State Dead Time InstID Interface 1 1 1 1 1 Full DROther 00 00 30 0 GE1 0 2 2 2 2 1 Full DROther 00 00 37 0 GE1 0 3 3 3 3 1 Full BDR 00 00 31 0 GE1 0 The output shows that the DR is still Router D 4 Enable DR BDR election Perform the shutdown and undo shutdown commands on each interface to en...

Page 407: ...process 2 to redistribute direct routes and the routes from OSPFv3 process 1 on Router B and set the default metric for redistributed routes to 3 Router C can then learn the routes destined for 1 0 64 and 2 0 64 and Router A cannot learn the routes destined for 3 0 64 or 4 0 64 Figure 91 Network diagram Configuration procedure 1 Configure IPv6 addresses for interfaces Details not shown 2 Configure...

Page 408: ...outer id 4 4 4 4 RouterC ospfv3 2 quit RouterC interface gigabitethernet 2 0 RouterC GigabitEthernet2 0 ospfv3 2 area 2 RouterC GigabitEthernet2 0 quit RouterC interface gigabitethernet 1 0 RouterC GigabitEthernet1 0 ospfv3 2 area 2 RouterC GigabitEthernet1 0 quit Display the routing table on Router C RouterC display ipv6 routing table Destinations 7 Routes 7 Destination 1 128 Protocol Direct Next...

Page 409: ...y the routing table on Router C RouterC display ipv6 routing table Destinations 9 Routes 9 Destination 1 128 Protocol Direct NextHop 1 Preference 0 Interface InLoop0 Cost 0 Destination 1 64 Protocol O_ASE2 NextHop FE80 200 CFF FE01 1C03 Preference 150 Interface GE2 0 Cost 3 Destination 2 64 Protocol O_ASE2 NextHop FE80 200 CFF FE01 1C03 Preference 150 Interface GE2 0 Cost 3 Destination 3 64 Protoc...

Page 410: ...ls BFD can quickly detect the failure and notify OSPFv3 of the failure Then Router A and Router B communicate through Router C Figure 92 Network diagram Table 17 Interface and IP address assignment Device Interface IPv6 address Device Interface IPv6 address Router A GE1 0 2001 1 64 Router B GE2 0 2001 3 2 64 Router A GE2 0 2001 2 1 64 Router C GE1 0 2001 2 2 64 Router B GE1 0 2001 2 64 Router C GE...

Page 411: ...ter id 3 3 3 3 RouterC ospfv3 1 quit RouterC interface gigabitethernet 1 0 RouterC GigabitEthernet1 0 ospfv3 1 area 0 RouterC GigabitEthernet1 0 quit RouterC interface gigabitethernet 2 0 RouterC GigabitEthernet2 0 ospfv3 1 area 0 RouterC GigabitEthernet2 0 quit 3 Configure BFD Enable BFD and configure BFD parameters on Router A RouterA bfd session init mode active RouterA interface gigabitetherne...

Page 412: ...ination 2001 4 64 Protocol O_ASE2 NextHop FE80 20F FF FE00 1200 Preference 10 Interface GE1 0 Cost 1 The output shows that Router A communicates with Router B through GigabitEthernet 1 0 Then the link over GigabitEthernet 1 0 fails Display routes destined for 2001 4 0 64 on Router A RouterA display ipv6 routing table 2001 4 0 64 Summary Count 1 Destination 2001 4 64 Protocol O_ASE2 NextHop FE80 BA...

Page 413: ...erface gigabitethernet 1 0 RouterB GigabitEthernet1 0 ospfv3 1 area 0 RouterB GigabitEthernet1 0 quit RouterB interface gigabitethernet 2 0 RouterB GigabitEthernet2 0 ospfv3 1 area 1 RouterB GigabitEthernet2 0 quit On Router C enable OSPFv3 and configure the router ID as 3 3 3 3 RouterC system view RouterC ospfv3 1 RouterC ospfv3 1 router id 3 3 3 3 RouterC ospfv3 1 quit RouterC interface gigabite...

Page 414: ...he manual mode for it reference IPsec transform set trans and set the SPIs of the inbound and outbound SAs to 123 and the keys for the inbound and outbound SAs using ESP to abc RouterB ipsec transform set trans RouterB ipsec transform set trans encapsulation mode transport RouterB ipsec transform set trans esp encryption algorithm 3des cbc RouterB ipsec transform set trans esp authentication algor...

Page 415: ... manual transform set trans RouterC ipsec profile profile002 manual sa spi inbound ah 400000 RouterC ipsec profile profile002 manual sa spi outbound ah 400000 RouterC ipsec profile profile002 manual sa spi inbound esp 256 RouterC ipsec profile profile002 manual sa spi outbound esp 256 RouterC ipsec profile profile002 manual sa string key inbound ah simple hello RouterC ipsec profile profile002 man...

Page 416: ...404 Verifying the configuration OSPFv3 packets between Routers A B and C are protected by IPsec ...

Page 417: ...ch network layer protocol is supported For IPv6 the NLPID is 142 0x8E which must be carried in hello packets sent by IPv6 IS IS Configuring basic IPv6 IS IS Before you configure basic IPv6 IS IS complete the following tasks Configure IPv6 addresses for interfaces to ensure IPv6 connectivity between neighboring nodes Enable IS IS Basic IPv6 IS IS configuration can implement the interconnection of I...

Page 418: ...gure IPv6 IS IS to filter redistributed routes filter policy acl6 number prefix list prefix list name route policy route policy name export protocol process id By default IPv6 IS IS does not filter redistributed routes This command is usually used together with the import route command 8 Configure IPv6 IS IS to filter received routes filter policy acl6 number prefix list prefix list name route pol...

Page 419: ... N A 5 Enable IPv6 IS IS MTR multi topology compatible By default IPv6 IS IS MTR is disabled 6 Return to IS IS view quit N A 7 Return to system view quit N A 8 Enter interface view interface interface type interface number N A 9 Enable IPv6 for an IS IS process isis ipv6 enable process id By default IPv6 is disabled for an IS IS process 10 Specify an IPv6 cost for the IS IS interface isis ipv6 cos...

Page 420: ... you tune and optimize IPv6 IS IS networks complete basic IPv6 IS IS tasks Assigning a convergence priority to IPv6 IS IS routes A topology change causes IS IS routing convergence To improve convergence speed you can assign convergence priorities to IPv6 IS IS routes Convergence priority levels are critical high medium and low The higher the convergence priority the faster the convergence speed By...

Page 421: ... family view address family ipv6 unicast N A 5 Enable IPv6 IS IS MTR multi topology compatible By default IPv6 IS IS MTR is disabled 6 Set the overload bit set overload on startup start from nbr system id timeout1 nbr timeout timeout2 allow external interlevel By default the overload bit is not set Configuring a tag value on an interface Perform this task when the link cost style is wide wide comp...

Page 422: ...remental interval is 200 milliseconds Enabling IPv6 IS IS ISPF Step Command Remarks 1 Enter system view system view N A 2 Enter IS IS view isis process id vpn instance vpn instance name N A 3 Specify an IS IS cost style cost style wide wide compatible compatible By default the IS IS cost style is narrow 4 Enter IPv6 address family view address family ipv6 unicast N A 5 Enable IPv6 IS IS MTR multi ...

Page 423: ... IS process network entity net By default no NET is configured 4 Enter IPv6 address family view address family ipv6 unicast N A 5 Return to system view quit N A 6 Enter interface view interface interface type interface number N A 7 Enable IPv6 for an IS IS process isis ipv6 enable process id By default IPv6 is disabled for an IS IS process 8 Enable BFD for IPv6 IS IS isis ipv6 bfd enable By defaul...

Page 424: ...establish IS IS neighbors Configuration procedure To enable IPv6 IS IS MTR Step Command Remarks 1 Enter system view system view N A 2 Enter IS IS view isis process id vpn instance vpn instance name N A 3 Specify an IS IS cost style cost style wide wide compatible compatible By default the IS IS cost style is narrow 4 Enter IPv6 address family view address family ipv6 unicast N A 5 Enable IPv6 IS I...

Page 425: ...the routers so that they can reach each other Router A and Router B are Level 1 routers Router D is a Level 2 router and Router C is a Level 1 2 router Figure 95 Network diagram Configuration procedure 1 Configure IPv6 addresses for interfaces Details not shown 2 Configure IPv6 IS IS Configure Router A RouterA system view RouterA isis 1 RouterA isis 1 is level level 1 RouterA isis 1 network entity...

Page 426: ...tethernet 2 0 RouterC GigabitEthernet2 0 isis ipv6 enable 1 RouterC GigabitEthernet2 0 quit RouterC interface gigabitethernet 3 0 RouterC GigabitEthernet3 0 isis ipv6 enable 1 RouterC GigabitEthernet3 0 quit Configure Router D RouterD system view RouterD isis 1 RouterD isis 1 is level level 2 RouterD isis 1 network entity 20 0000 0000 0004 00 RouterD isis 1 address family ipv6 RouterD isis 1 ipv6 ...

Page 427: ...Bit Set Display the IPv6 IS IS routing table on Router B RouterB display isis route ipv6 Route information for IS IS 1 Level 1 IPv6 Forwarding Table Destination PrefixLen 0 Flag R Cost 10 Next Hop FE80 200 FF FE0F 4 Interface GE1 0 Destination 2001 1 PrefixLen 64 Flag D L Cost 10 Next Hop FE80 200 FF FE0F 4 Interface GE1 0 Destination 2001 2 PrefixLen 64 Flag R Cost 20 Next Hop Direct Interface GE...

Page 428: ...ed in LSPs U Up Down Bit Set Level 2 IPv6 Forwarding Table Destination 2001 1 PrefixLen 64 Flag D L Cost 10 Next Hop Direct Interface GE2 0 Destination 2001 2 PrefixLen 64 Flag D L Cost 10 Next Hop Direct Interface GE1 0 Destination 2001 3 PrefixLen 64 Flag D L Cost 10 Next Hop Direct Interface GE3 0 Destination 2001 4 1 PrefixLen 128 Flag R Cost 10 Next Hop FE80 20F E2FF FE3E FA3D Interface GE3 0...

Page 429: ... for IPv6 IS IS configuration example Network requirements As shown in Figure 96 configure IPv6 IS IS on Router A Router B and Router C so that they can reach each other Enable BFD on GigabitEthernet 1 0 of Router A and Router B When the link between Router B and the Layer 2 switch fails BFD can quickly detect the failure and notify IPv6 IS IS of the failure Then Router A and Router B communicate ...

Page 430: ...bitEthernet2 0 quit Configure Router B RouterB system view RouterB isis 1 RouterB isis 1 is level level 1 RouterB isis 1 network entity 10 0000 0000 0002 00 RouterB isis 1 address family ipv6 RouterB isis 1 ipv6 quit RouterB isis 1 quit RouterB interface gigabitethernet 1 0 RouterB GigabitEthernet1 0 isis ipv6 enable 1 RouterB GigabitEthernet1 0 quit RouterB interface gigabitethernet 2 0 RouterB G...

Page 431: ...itEthernet1 0 bfd detect multiplier 6 Verifying the configuration Display BFD session information on Router A RouterA display bfd session Total Session Num 1 Up Session Num 1 Init Mode Active IPv6 Session Working Under Ctrl Mode Local Discr 1441 Remote Discr 1450 Source IP FE80 20F FF FE00 1202 link local address of GigabitEthernet1 0 on Router A Destination IP FE80 20F FF FE00 1200 link local add...

Page 432: ...ummary Count 1 Destination 2001 4 64 Protocol ISISv6 NextHop FE80 BAAF 67FF FE27 DCD0 Preference 15 Interface GE2 0 Cost 20 The output shows that Router A and Router B communicate through GigabitEthernet 2 0 ...

Page 433: ... the ICMP packets generated by using the ping command Interface PBR guides the forwarding of packets received on an interface only Policy An IPv6 policy includes match criteria and actions to be taken on the matching packets A policy can have one or multiple nodes as follows Each node is identified by a node number A smaller node number has a higher priority A node contains if match and apply clau...

Page 434: ...le next hops or output interfaces load share traffic on a per packet basis in turn according to the configuration order By default the primary backup mode applies apply access vpn vpn instance Sets VPN instances If a packet matches a forwarding entry of a specified VPN instance it is forwarded in the VPN instance apply next hop and apply output interface Sets the next hop and sets the output inter...

Page 435: ...If the node is configured with no apply clauses the packet is forwarded according to the routing table The packet is forwarded according to the routing table No IPv6 PBR matches the packet against the next node IPv6 PBR matches the packet against the next node A node that has no if match clauses matches any packet PBR and Track PBR can work with the Track feature to dynamically adapt the availabil...

Page 436: ...olicy based route policy name deny permit node node number By default no IPv6 policy node is created Configuring match criteria for an IPv6 node Step Command Remarks 1 Enter system view system view N A 2 Enter IPv6 policy node view ipv6 policy based route policy name deny permit node node number N A 3 Configure an ACL match criterion if match acl acl6 number name acl6 name By default no ACL match ...

Page 437: ...d once or multiple times You can specify up to 16 next hops for a node 6 Enable load sharing among multiple next hops apply loadshare next hop By default the next hops operate in primary backup mode 7 Set output interfaces apply output interface interface type interface number track track entry number 1 n By default no output interface is specified You can specify multiple output interfaces for ba...

Page 438: ...not match packets against the next node upon match failure on the current node This command takes effect only when the match mode of the node is permit Configuring IPv6 PBR Configuring IPv6 local PBR Configure IPv6 PBR by applying a policy locally IPv6 PBR uses the policy to guide the forwarding of locally generated packets The specified policy must already exist Otherwise the IPv6 local PBR confi...

Page 439: ...nd on the SNMP notification configuration For more information about SNMP notifications see Network Management and Monitoring Configuration Guide To enable IPv6 PBR notification sending Step Command Remarks 1 Enter system view system view N A 2 Enable IPv6 PBR notification sending snmp agent trap enable policy based route By default IPv6 PBR notification sending is enabled Displaying and maintaini...

Page 440: ...RouterA GigabitEthernet2 0 quit Configure ACL 3001 to match TCP packets RouterA acl ipv6 number 3001 RouterA acl6 adv 3001 rule permit tcp RouterA acl6 adv 3001 quit Configure Node 5 for policy aaa to forward TCP packets to next hop 1 2 RouterA ipv6 policy based route aaa permit node 5 RouterA pbr6 aaa 5 if match acl 3001 RouterA pbr6 aaa 5 apply next hop 1 2 RouterA pbr6 aaa 5 quit Configure IPv6...

Page 441: ...ation example Network requirements As shown in Figure 98 configure IPv6 PBR on Router A to forward all TCP packets received on GigabitEthernet 3 0 to the next hop 1 2 Router A forwards other IPv6 packets according to the routing table Figure 98 Network diagram Configuration procedure 1 Configure Router A Configure RIPng RouterA system view RouterA ripng 1 RouterA ripng 1 quit RouterA interface gig...

Page 442: ...g 1 enable RouterA GigabitEthernet3 0 ipv6 policy based route aaa RouterA GigabitEthernet3 0 quit 2 Configure RIPng on Router B RouterB system view RouterB ripng 1 RouterB ripng 1 quit RouterB interface gigabitethernet 1 0 RouterB GigabitEthernet1 0 ipv6 address 1 2 64 RouterB GigabitEthernet1 0 ripng 1 enable RouterB GigabitEthernet1 0 quit 3 Configure RIPng on Router C RouterC system view Router...

Page 443: ...nfiguration procedure 1 Configure Router A Configure RIPng RouterA system view RouterA ripng 1 RouterA ripng 1 quit RouterA interface gigabitethernet 1 0 RouterA GigabitEthernet1 0 ipv6 address 150 1 64 RouterA GigabitEthernet1 0 ripng 1 enable RouterA GigabitEthernet1 0 quit RouterA interface gigabitethernet 2 0 RouterA GigabitEthernet2 0 ipv6 address 151 1 64 RouterA GigabitEthernet2 0 ripng 1 e...

Page 444: ... 151 2 64 RouterB GigabitEthernet2 0 ripng 1 enable RouterB GigabitEthernet2 0 quit RouterB interface loopback 0 RouterB LoopBack0 ipv6 address 10 1 128 RouterB LoopBack0 ripng 1 enable Verifying the configuration Execute the debugging ipv6 policy based route command on Router A RouterA debugging ipv6 policy based route RouterA terminal logging level 7 RouterA terminal monitor Install IPv6 protoco...

Page 445: ... 10 1 Pinging 10 1 with 200 bytes of data Reply from 10 1 time 1ms Ping statistics for 10 1 Packets Sent 1 Received 1 Lost 0 0 loss Approximate round trip times in milli seconds Minimum 1ms Maximum 1ms Average 1ms The debugging information about IPv6 PBR displayed on Router A is as follows RouterA Jun 26 13 20 33 619 2012 RouterA PBR6 7 PBR Forward Info MDC 1 Policy lab1 Node 20 match succeeded Ju...

Page 446: ...t IP prefix lists include IPv4 prefix lists and IPv6 prefix lists An IP prefix list matches the destination address of routes You can use the gateway option to receive routes only from specific routers For more information about the gateway option see Configuring RIP and Configuring OSPF An IP prefix list identified by name can contain multiple items Each item identified by an index number specifi...

Page 447: ...auses of a deny node are never executed If a route meets all the if match clauses of the node it is discarded and does not match against the next node If a route does not meet all the if match clauses of the node it matches against the next node A node can contain a set of if match apply and continue clauses if match clauses Specify the match criteria that match the attributes of routes The if mat...

Page 448: ...To configure an IPv6 prefix list Step Command Remarks 1 Enter system view system view N A 2 Configure an IPv6 prefix list ipv6 prefix list prefix list name index index number deny permit ipv6 address prefix length greater equal min prefix length less equal max prefix length By default no IPv6 prefix list is configured Configuring an AS path list You can configure multiple items for an AS path list...

Page 449: ... list To configure an extended community list Step Command Remarks 1 Enter system view system view N A 2 Configure an extended community list ip extcommunity list ext comm list number deny permit rt route target soo site of origin 1 32 By default no extended community list is configured Configuring a MAC list If all the items are set to deny mode no MAC address entries can pass the MAC list To per...

Page 450: ... of the same type are generated These clauses have a logical OR relationship A route only needs to meet one of them To configure if match clauses Step Command Remarks 1 Enter system view system view N A 2 Enter routing policy node view route policy route policy name deny permit node node number N A 3 Match routes whose destination next hop or source address matches an ACL or prefix list Match IPv4...

Page 451: ...r BGP routes 10 Match MAC addresses in EVI IS IS packets if match mac list mac list name By default no MAC list match criterion is configured 11 Match routes having MPLS labels if match mpls label By default no MPLS label match criterion is configured 12 Match routes having the specified route type if match route type external type1 external type1or2 external type2 internal is is level 1 is is lev...

Page 452: ...p is set for IPv4 IPv6 routes The apply ip address next hop and apply ipv6 next hop commands do not apply to redistributed IPv4 and IPv6 routes 10 Set an IP precedence for matching routes apply ip precedence value clear By default no IP precedence is set 11 Redistribute routes to a specified IS IS level apply isis level 1 level 1 2 level 2 By default routes are not redistributed into a specified I...

Page 453: ...he nodes the apply clause on each node takes effect apply as path without the replace keyword apply cost with the or keyword apply community with the additive keyword apply extcommunity with the additive keyword The apply comm list delete clause configured on the current node cannot delete the community attributes set by the apply community clauses of the preceding nodes To configure the continue ...

Page 454: ...splay route policy name route policy name Clear IPv4 prefix list statistics reset ip prefix list prefix list name Clear IPv6 prefix list statistics reset ipv6 prefix list prefix list name Clear MAC list statistics reset mac list mac list name Routing policy configuration examples Applying a routing policy to IPv4 route redistribution Network requirements As shown in Figure 100 Router B exchanges r...

Page 455: ...evel level 2 RouterB isis 1 network entity 10 0000 0000 0002 00 RouterB isis 1 quit RouterB interface gigabitethernet 2 0 RouterB GigabitEthernet2 0 isis enable RouterB GigabitEthernet2 0 quit 3 Configure OSPF and route redistribution Configure OSPF on Router A RouterA system view RouterA ospf RouterA ospf 1 area 0 RouterA ospf 1 area 0 0 0 0 network 192 168 1 0 0 0 0 255 RouterA ospf 1 area 0 0 0...

Page 456: ...outerB route policy isis2ospf 10 if match ip address prefix list prefix a RouterB route policy isis2ospf 10 apply cost 100 RouterB route policy isis2ospf 10 quit RouterB route policy isis2ospf permit node 20 RouterB route policy isis2ospf 20 if match ip address acl 2002 RouterB route policy isis2ospf 20 apply tag 20 RouterB route policy isis2ospf 20 quit RouterB route policy isis2ospf permit node ...

Page 457: ...Configuration procedure 1 Configure Router A Configure IPv6 addresses for interfaces GigabitEthernet 1 0 and GigabitEthernet 2 0 RouterA system view RouterA interface gigabitethernet 1 0 RouterA GigabitEthernet1 0 ipv6 address 10 1 32 RouterA GigabitEthernet1 0 quit RouterA interface gigabitethernet 2 0 RouterA GigabitEthernet2 0 ipv6 address 11 1 32 RouterA GigabitEthernet2 0 quit Enable RIPng on...

Page 458: ...ernet 1 0 RouterB system view RouterB interface gigabitethernet 1 0 RouterB GigabitEthernet1 0 ipv6 address 10 2 32 Enable RIPng RouterB ripng RouterB ripng 1 quit Enable RIPng on the interface RouterB interface gigabitethernet 1 0 RouterB GigabitEthernet1 0 ripng 1 enable RouterB GigabitEthernet1 0 quit Verifying the configuration Display the RIPng routing table on Router B RouterB display ripng ...

Page 459: ...ing you will receive email notification of product enhancements new driver versions firmware updates and other product resources Related information Documents To find related documents browse to the Manuals page of the HP Business Support Center website http www hp com support manuals For related documentation navigate to the Networking section and select a networking category For a complete list ...

Page 460: ...eparated by vertical bars from which you select one choice multiple choices or none 1 n The argument or keyword and argument combination before the ampersand sign can be entered 1 to n times A line that starts with a pound sign is comments GUI conventions Convention Description Boldface Window names button names field names and menu items are in bold text For example the New User window appears cl...

Page 461: ...r a unified wired WLAN module or the switching engine on a unified wired WLAN switch Represents an access point Represents a mesh access point Represents omnidirectional signals Represents directional signals Represents a security product such as a firewall UTM multiservice security gateway or load balancing device Represents a security card such as a firewall load balancing NetStream SSL VPN IPS ...

Page 462: ...89 Configuring OSPF network types 71 Configuring OSPF PIC 88 Configuring OSPF route control 73 Configuring OSPFv3 area parameters 371 Configuring OSPFv3 GR 381 Configuring OSPFv3 network types 373 Configuring OSPFv3 route control 374 Configuring PBR 331 Configuring prefix prioritization 88 Configuring prefix suppression 87 Configuring RIP FRR 37 Configuring RIP route control 26 Configuring RIPng r...

Page 463: ...nfiguration task list 66 OSPFv3 configuration examples 385 OSPFv3 configuration task list 369 OSPFv3 overview 368 Overview 22 Overview 59 Overview 179 Overview 405 Overview 352 Overview 434 Overview 123 P PBR configuration examples 332 PBR configuration task list 328 R Related information 447 RIP configuration examples 38 RIP configuration task list 24 RIPng configuration examples 359 RIPng config...

Reviews:

No comments

Related manuals for VSR1000

Canon Vb-C60 - Ptz Network Camera Setup Manual preview
Vb-C60 - Ptz Network Camera
Brand: Canon Pages: 30
Makita RF1101 Parts Breakdown preview
RF1101
Brand: Makita Pages: 2
IBM 11a Quick Start Manual preview
11a
Brand: IBM Pages: 32
Paradyne FrameSaver 9120 Installation Instruction Supplement preview
FrameSaver 9120
Brand: Paradyne Pages: 2
DCE ANS-205 User Manual preview
ANS-205
Brand: DCE Pages: 5
H3C S12500R-2L Installation, Quick Start preview
S12500R-2L
Brand: H3C Pages: 26
Aztech DSL1000EW(L) Speci?Cations preview
DSL1000EW(L)
Brand: Aztech Pages: 2
Alcatel Speed Touch 591s Technical User'S Manual preview
Speed Touch 591s
Brand: Alcatel Pages: 184
1&1 Homeserver+ Quick Start Manual preview
Homeserver+
Brand: 1&1 Pages: 32
Sparklan WNFB-265AXI(BT) User Manual preview
WNFB-265AXI(BT)
Brand: Sparklan Pages: 14
TP-Link TL-MR3220 Quick Installation Manual preview
TL-MR3220
Brand: TP-Link Pages: 87
StarTech.com ST1000SMPEX Instruction Manual preview
ST1000SMPEX
Brand: StarTech.com Pages: 9
NETGEAR RH328 Reference Manual preview
RH328
Brand: NETGEAR Pages: 142
B-G Instruments DataPlot CB1224 Manual preview
DataPlot CB1224
Brand: B-G Instruments Pages: 4
Network Critical SmartNA-X User Manual preview
SmartNA-X
Brand: Network Critical Pages: 200
Pakedge Device & Software RK-1 Quick Start Manual preview
RK-1
Brand: Pakedge Device & Software Pages: 14
PairGain PG-Flex FLC-704 Manual preview
PG-Flex FLC-704
Brand: PairGain Pages: 20
Netstor NA762TB3 User Manual preview
NA762TB3
Brand: Netstor Pages: 17

Brands by name

Popular brands

Load more brands