manualshive.com logo in svg

Huawei AR2200-S Series, Configuration Manual

Share
Download
Huawei AR2200-S Series Configuration Manual Download Page 86

Example

After the configuration, run the 

display vrrp

 

interface

 

vlanif

 command, and you can view the

VRRP status on the VLANIF interface.

<Huawei> 

display vrrp interface vlanif 1

Vlanif1 | Virtual Router 3                                                    
    State : Master                                                          
    Virtual IP : 100.1.1.111                                                   
    Master IP : 100.1.1.1                                                       
    Send VRRP packet to subvlan : all                                           
    PriorityRun : 100                                                           
    PriorityConfig : 100                                                        
    MasterPriority : 100                                                          
    Preempt : YES   Delay Time : 0                                              
    TimerRun : 1 s                                                              
    TimerConfig : 1 s                                                           
    Auth Type : NONE                                                            
    Virtual Mac :  0000-5e00-0103                                               
    Check TTL : YES                                                             
    Config type : normal-vrrp                                                   
    Create time : 2007-11-22 08:50:56                                           
    Last change time : 0000-00-00 00:00:00   

2.6 Configuring VRRP Security

On a network at security risks, by configuring an authentication mode of VRRP packets, you
can protect devices against attacks.

2.6.1 Establishing the Configuration Task

Before configuring VRRP security authentication, familiarize yourself with the applicable
environment and complete pre-configuration task of configuring a VRRP backup group.

Applicable Environment

In a secure network, by default, the router considers received and sent VRRP packets real and
valid without authenticating them. In this case, you do not need to configure an authentication
key.

VRRP provides simple text authentication and MD5 authentication for networks that are
vulnerable to attacks. In simple text authentication mode, a string of 1 to 8 characters can be
configured as the authentication key. In MD5 authentication mode, a string of 1 to 8 characters
in plain text or a string of 24 characters in encrypted text can be configured as the authentication
key.

The process of simple text authentication is as follows:

l

Device that sends packets adds the authentication key into VRRP packets.

l

Device that receives packets compares the received authentication key with the local
authentication key. If they are the same, VRRP packets are valid. Otherwise, the router
discards the received VRRP packets and sends a Trap packet to the Network Management
System (NMS).

The process of MD5 authentication is as follows:

l

The router adds the authentication key to the VRRP packet.

l

The receiver generates a summary based on the locally configured authentication key and
compares the summary of the received VRRP packet with the locally generated summary.

Huawei AR2200-S Series Enterprise Routers
Configuration Guide - Reliability

2 VRRP Configuration

Issue 01 (2012-01-06)

Huawei Proprietary and Confidential

Copyright © Huawei Technologies Co., Ltd.

78

Summary of Contents for AR2200-S Series

Page 1: ...Huawei AR2200 S Series Enterprise Routers V200R001C01 Configuration Guide Reliability Issue 01 Date 2012 01 06 HUAWEI TECHNOLOGIES CO LTD ...

Page 2: ...be within the purchase scope or the usage scope Unless otherwise specified in the contract all statements information and recommendations in this document are provided AS IS without warranties guarantees or representations of any kind either express or implied The information in this document is subject to change without notice Every effort has been made in the preparation of this document to ensu...

Page 3: ...dicates a hazard with a high level of risk which if not avoided will result in death or serious injury WARNING Indicates a hazard with a medium or low level of risk which if not avoided could result in minor or moderate injury CAUTION Indicates a potentially hazardous situation which if not avoided could result in equipment damage data loss performance degradation or unexpected results TIP Indicat...

Page 4: ...of all items can be selected x y Optional items are grouped in brackets and separated by vertical bars Several items or no item can be selected 1 n The parameter before the sign can be repeated 1 to n times A line starting with the sign is comments Interface Numbering Conventions Interface numbers used in this manual are examples In device configuration use the existing interface numbers on device...

Page 5: ...Backup in Active Standby Mode to Implement Ethernet Link Backup 18 1 6 2 Example for Configuring Interface Backup in Load Balancing Mode to Implement Ethernet Link Backup 20 1 6 3 Example for Configuring Interface Backup in Active Standby Mode on an ISDN Network 23 1 6 4 Example for Configuring ADSL Link Backup in Interface Backup Mode on a 3G Network C DCC 26 1 6 5 Example for Configuring Associa...

Page 6: ...ode of VRRP Packets 79 2 6 3 Checking the Configuration 80 2 7 Adjusting and Optimizing VRRP 80 2 7 1 Establishing the Configuration Task 81 2 7 2 Configuring the Interval for Sending VRRP Advertising Messages 81 2 7 3 Configuring the Preemption Delay Time of Backup Group Routers 82 2 7 4 Enabling the Reachability Test of the Virtual IP Address 83 2 7 5 Disabling a Router from Checking Number of H...

Page 7: ...lly 147 3 3 3 Setting Up a BFD Session 147 3 3 4 Checking the Configuration 148 3 4 Configuring a BFD Session with Automatically Negotiated Discriminators 149 3 4 1 Establishing the Configuration Task 149 3 4 2 Enabling BFD Globally 150 3 4 3 Configuring a BFD Session with Automatically Negotiated Discriminators 150 3 4 4 Checking the Configuration 151 3 5 Configuring the Delay of a BFD Session to...

Page 8: ...he TTL Globally 170 3 11 3 Checking the Configuration 171 3 12 Maintaining BFD 171 3 12 1 Clearing BFD Statistics 172 3 12 2 Monitoring BFD Status 172 3 13 Configuration Examples 172 3 13 1 Example for Configuring Single hop BFD for a Layer 3 Physical Link 173 3 13 2 Example for Configuring Single hop BFD for VLANIF Interfaces 175 3 13 3 Example for Configuring Multi Hop BFD 179 3 13 4 Example for...

Page 9: ...e is faulty a backup interface with the highest priority is started to transmit services 1 4 Configuring Interface Backup in Load Balancing Mode This section describes how to configure interface backup in load balancing mode When the traffic volume on the primary interface exceeds the upper threshold the backup interface with the highest priority is selected to load balance services This improves ...

Page 10: ... Backup interface A backup interface is a backup of the primary interface Interface Types Supported by AR2200 S The primary interfaces can be a Layer 3 Ethernet interface Layer 3 Ethernet subinterface dialer interface ATM interface BRI interface Async interface cellular interface MP group interface MFR interface MFR subinterface serial interface or serial subinterface The backup interfaces can be ...

Page 11: ...ecovers traffic is switched back to the primary interface As shown in Figure 1 2 RouterA connects to the IP network through Interface1 The link between Interface1 and the IP network is used as the primary link RouterA connects to the 3G ISDN network through Interface2 The link between Interface2 and the 3G ISDN network is used as the backup link In active standby mode the link between RouterC and ...

Page 12: ...the NQA test instance only supports the ICMP type Association between interface backup and BFD This mode is applicable to networks that require high reliability and low delay It can detect link failures and trigger an active standby switchover quickly but requires high stability and performance on a network The configuration of this mode is complex because a BFD session must be configured on route...

Page 13: ...affic volume falls below the upper threshold l When the traffic volume falls below the lower threshold the backup interface that has the lowest priority in use is shut down This process is repeated until the traffic volume is above the lower threshold NOTE l The upper and lower thresholds determine whether to use the active standby mode or load balancing mode If the thresholds are set the load bal...

Page 14: ... is specified and the priority of the backup interface is set By default the priority of a backup interface is 0 4 Optional The switchover delay prevents frequent switchovers between the primary and backup interfaces because of unstable interface status Run standby timer delay enable delay disable delay The switchover delay is set By default the delay is 5s When the values of enable delay and disa...

Page 15: ...nfigured on RouterA to test the primary link status Generally RouterA communicates with RouterB through Interface1 To prevent service interruption due to link faults a backup link is used to improve system reliability When the NQA test instance on RouterA detects that the route on the primary link is unreachable it requests RouterA to start Interface2 to transmit service traffic When the NQA test ...

Page 16: ... number nexthop address preference preference tag tag track nqa admin name test name description text Association between the IPv4 static route of the primary link and an NQA test instance is configured or route priorities of the primary and backup links are set NOTE l If the primary and backup links use dynamic routes skip 2 l If the primary and backup links use static routes perform 2 to configu...

Page 17: ... Destination Mask Route State BackupInterface State Below is NQA Information Instance Name BackupInterface State user test ERR GigabitEthernet2 0 0 UP 1 3 3 Configuring Association Between Interface Backup and BFD To ensure nonstop traffic forwarding associate interface backup with BFD When the BFD session detects faults on the primary link it reports faults to the interface backup module The inte...

Page 18: ...ckup links use static routes When the primary link is faulty data traffic will be lost because routes cannot be switched immediately To speed up data traffic switching set the route priority of the backup link to be higher than that of the primary link or configure BFD for static routes When the BFD session detects that the route on the primary link is unreachable it deletes the static route corre...

Page 19: ...p interfaces Example Run the display standby state command to check the status of the BFD session and the backup interface Huawei display standby state Interface Interfacestate Backupstate Backupflag Pri Loadstate Backup flag meaning M MAIN B BACKUP V MOVED U USED D LOAD P PULLED Below is track BFD information Bfd Name Bfd State BackupInterface State test OK GigabitEthernet2 0 0 STANDBY Below is t...

Page 20: ...outerA cannot detect the route change caused by the link failure As a result service traffic is lost The preceding problem can be solved by associating interface backup with routing After being associated with the routing module the interface backup module monitors the routing entry of the uplink to the Internet If the routing entry is deleted or becomes inactive the interface backup module starts...

Page 21: ...LED Below is track BFD information Bfd Name Bfd State BackupInterface State Below is track IP route information Destination Mask Route State BackupInterface State 4 1 1 0 24 OK GigabitEthernet2 0 0 STANDBY Below is track NQA Information Instance Name BackupInterface State According to the preceding information the route status is OK and the status of backup interface GigabitEthernet2 0 0 is STANDB...

Page 22: ... Applicable Environment Compared with the active standby mode the load balancing mode improves link use efficiency but is difficult to configure In load balancing mode if the service volume on the primary interface exceeds the configured upper threshold the backup interface starts to load balance services with the primary interface Pre configuration Tasks Before configuring interface backup in loa...

Page 23: ... To configure multiple backup interfaces for a primary interface run the standby interface command multiple times l A primary interface can be configured with a maximum of three backup interfaces l A backup interface can be configured for only one primary interface l A maximum of 10 primary interfaces can be configured on an AR End 1 4 3 Optional Setting the Maximum Bandwidth on Primary Interface ...

Page 24: ...n interface interface type interface number The primary interface view is displayed Step 3 Run standby threshold enable threshold disable threshold The higher and lower thresholds are set NOTE l By default the system does not support the load balancing function That is the higher and lower thresholds are not required l If backup interfaces have the same priority the system starts or shuts down the...

Page 25: ...ackup interfaces and in standby state The priority of GigabitEthernet1 0 0 is 30 and the priority of GigabitEthernet2 0 0 is 20 1 5 Maintaining Interface Backup This section describes how to maintain the interface backup function Detailed operations include monitoring the operation status of interface backup and debugging the interface backup function when a fault occurs 1 5 1 Monitoring the Runni...

Page 26: ...rface backup in active standby mode RouterA RouterB GE1 0 0 2 2 2 1 24 GE1 0 0 2 2 2 2 24 GE2 0 0 1 1 1 1 24 GE2 0 0 1 1 1 2 24 GE3 0 0 3 3 3 1 24 GE3 0 0 3 3 3 2 24 192 168 1 0 24 192 168 2 0 24 HostA 192 168 1 2 24 HostB 192 168 2 2 24 Configuration Roadmap The configuration roadmap is as follows 1 Configure GE2 0 0 on RouterA as the primary interface to transmit all the services 2 Configure GE1...

Page 27: ...erA GigabitEthernet2 0 0 standby interface gigabitethernet 3 0 0 20 RouterA GigabitEthernet2 0 0 quit 3 Set the switchover delay on RouterA Set the switchover delay to 10s RouterA system view RouterA interface gigabitethernet 2 0 0 RouterA GigabitEthernet2 0 0 standby timer delay 10 10 RouterA GigabitEthernet2 0 0 quit 4 Verify the configuration View the status information about primary and backup...

Page 28: ...Backup in Load Balancing Mode to Implement Ethernet Link Backup In load balancing mode the primary interface and backup interfaces load balance services Networking Requirements As shown in Figure 1 8 RouterA is connected to RouterB Multiple interfaces on RouterA back up each other l GE2 0 0 functions as the primary interface l GE1 0 0 and GE3 0 0 function as backup interfaces l The maximum bandwid...

Page 29: ...ou need the following data l Link attributes of interfaces l IP addresses and subnet masks of interfaces l Priorities of backup interfaces l Higher and lower thresholds and maximum bandwidth of the primary interface Procedure 1 Configure static routes On RouterA configure a static route to the network segment where HostB is located Huawei system view Huawei sysname RouterA RouterA ip route static ...

Page 30: ...bitEthernet2 0 0 standby threshold 80 20 RouterA GigabitEthernet2 0 0 quit 5 Verify the configuration View the status information about primary and backup interfaces on RouterA You can see that GE2 0 0 is in Up state and GE1 0 0 and GigabitEthernet3 0 0 are in standby state RouterA display standby state Interface Interfacestate Backupstate Backupflag Pri Loadstate GigabitEthernet2 0 0 UP MUP MUD T...

Page 31: ... and PRI2 0 0 15 and an IP network through GigabitEthernet2 0 0 RouterA is the egress gateway of the headquarters RouterB is located in a branch RouterA communicates with RouterB over an IP network However if GigabitEthernet2 0 0 of RouterA is faulty the headquarters and the branch cannot exchange data To prevent this fault the enterprise leases an ISDN line as a backup of the IP network The ISDN ...

Page 32: ... 1 ip permit RouterA dialer rule quit Configure the physical interface RouterA controller e1 1 0 0 RouterA E1 1 0 0 pri set RouterA E1 1 0 0 quit Assign an IP address to PRI1 0 0 15 enable C DCC and configure the dialer number RouterA interface Serial 1 0 0 15 RouterA Serial1 0 0 15 ip address 20 1 1 1 24 RouterA Serial1 0 0 15 dialer enable circular RouterA Serial1 0 0 15 dialer group 1 RouterA S...

Page 33: ...ar group 0 RouterB Serial1 0 0 15 quit RouterB interface Serial 2 0 0 15 RouterB Serial2 0 0 15 dialer circular group 0 RouterB Serial2 0 0 15 quit Configure a routing protocol RouterB rip RouterB rip 1 network 20 0 0 0 RouterB rip 1 import route direct RouterB rip 1 quit End Configuration Files Configuration file of RouterA sysname RouterA controller E1 1 0 0 pri set interface Serial1 0 0 15 link...

Page 34: ...interface backup mode on a 3G network Networking Requirements As shown in Figure 1 10 RouterA is an egress gateway of an enterprise RouterA connects to an IP network using an ADSL interface in normal situations However if the ADSL interface is faulty enterprise users cannot connect to the IP network To prevent this fault the enterprise uses the backup interface a 3G interface in Figure 1 10 to con...

Page 35: ...mber IP address segment on which IP addresses need to be translated using NAT backup interface number and interface switching delay l Uplink backup interface interface number IP address segment on which IP addresses need to be translated using NAT dial up parameters including the dial rule allowed idle duration dial group number and dial string l Static route destination IP address mask and outbou...

Page 36: ... quit Step 3 Configure the uplink backup interface of RouterA In this example the connected 3G network is a WCDMA network To connect to the PS region of the WCDMA network set the dial string to 99 The APN name must be the same as that of the carrier In this example the name of the connected APN is wcdma NOTE Before configuring interface backup ensure that a 3G modem and the SIM UIM card are proper...

Page 37: ...imer delay 10 10 interface Virtual Template10 ip address ppp negotiate nat outbound 3002 dialer rule dialer rule 1 ip permit ip route static 0 0 0 0 0 0 0 0 Virtual Template 10 ip route static 0 0 0 0 0 0 0 0 cellular 0 0 0 return 1 6 5 Example for Configuring Association Between Interface Backup and NQA to Implement Ethernet Link Backup This section describes how to configure association between ...

Page 38: ... 4 1 1 2 24 GE2 0 0 5 1 1 2 24 HostA HostB Configuration Roadmap The configuration roadmap is as follows 1 Configure an NQA test instance on RouterA 2 Configure association between interface backup and NQA on backup interface GE2 0 0 of RouterA Data Preparation To complete the configuration you need the following data as shown in Figure 1 11 l IP addresses and static routes of interfaces on Router...

Page 39: ... 0 RouterA GigabitEthernet2 0 0 standby track nqa user test 4 Verify the configuration Run the display nqa results test instance user test command The command output shows that the NQA test instance status is success RouterA display nqa results test instance user test NQA entry user test testflag is active testtype is icmp 1 Test 1 result The test is finished Send operation times 3 Receive respons...

Page 40: ...on number 0 Connection fail number 0 Operation sequence errors number 0 RTT Stats errors number 0 Destination ip address 4 1 1 2 Min Max Average Completion Time 0 0 0 Sum Square Sum Completion Time 0 0 Last Good Probe Time 0000 00 00 00 00 00 0 Lost packet ratio 100 After 20 seconds run the display standby state command on RouterA The command output shows that the NQA test instance status is ERR a...

Page 41: ... Instance Name BackupInterface State user test OK GigabitEthernet2 0 0 STANDBY Below is BFD Information Instance Name BackupInterface State Configuration Files l Configuration file of RouterA sysname RouterA interface GigabitEthernet1 0 0 ip address 2 1 1 1 255 255 255 0 interface GigabitEthernet2 0 0 ip address 3 1 1 1 255 255 255 0 standby track nqa user test ip route static 4 1 1 0 255 255 255 ...

Page 42: ...ssociation between interface backup and BFD to implement fast switching between the primary link and the backup link Networking Requirements As shown in Figure 1 12 the link RouterA RouterB RouterD is the primary link and the link RouterA RouterC RouterD is the backup link Interface backup in common active standby mode monitors the status of the physical link between two directly connected routers...

Page 43: ...1 12 l IP addresses and static routes of interfaces on RouterA RouterB RouterC and RouterD l BFD session name l Peer IP address for a BFD session l Local and remote discriminators of the BFD session Configuration Procedure 1 Configure connectivity at the network layer Assign an IP address to each interface Use RouterA as an example Huawei system view Huawei sysname RouterA RouterA interface gigabi...

Page 44: ...erface GE2 0 0 of RouterA RouterA system view RouterA interface gigabitethernet2 0 0 RouterA GigabitEthernet2 0 0 standby track bfd session session name test 4 Verify the configuration Run the display bfd session all verbose command on RouterA The command output shows that the BFD session status is Up RouterA display bfd session all verbose Session MIndex 256 Multi Hop State Up Name test Local Dis...

Page 45: ...tate Down Name test Local Discriminator 10 Remote Discriminator 100 Session Detect Mode Asynchronous Mode Without Echo Function BFD Bind Type Peer Ip Address Bind Session Type Static Bind Peer Ip Address 4 1 1 2 Bind Interface FSM Board Id 0 TOS EXP 7 Min Tx Interval ms 1000 Min Rx Interval ms 1000 Actual Tx Interval ms 1000 Actual Rx Interval ms 1000 Local Detect Multi 3 Detect Interval ms 3000 E...

Page 46: ...ommand on GE2 0 0 of RouterB After GE2 0 0 goes to Up wait 10 seconds and run the display standby state command on RouterA The command output shows that the BFD session status is OK and backup interface GigabitEthernet2 0 0 switches to the standby state RouterA display standby state Interface Interfacestate Backupstate Backupflag Pri Loadstate Backup flag meaning M MAIN B BACKUP V MOVED U USED D L...

Page 47: ...ss 4 1 1 1 255 255 255 0 return l Configuration file of RouterC sysname RouterC interface GigabitEthernet1 0 0 ip address 3 1 1 2 255 255 255 0 interface GigabitEthernet2 0 0 ip address 5 1 1 1 255 255 255 0 return l Configuration file of RouterD sysname RouterD interface GigabitEthernet1 0 0 ip address 4 1 1 2 255 255 255 0 interface GigabitEthernet2 0 0 ip address 5 1 1 2 255 255 255 0 ip route ...

Page 48: ... inactive the interface backup module starts the backup interface so that traffic is switched to the backup link quickly Figure 1 13 Networking diagram of association between interface backup and routing RouterA RouterC GE2 0 0 4 1 1 1 24 GE2 0 0 3 1 1 1 24 RouterB RouterD GE1 0 0 3 1 1 2 24 GE1 0 0 2 1 1 2 24 GE1 0 0 2 1 1 1 24 GE2 0 0 5 1 1 1 24 GE1 0 0 4 1 1 2 24 GE2 0 0 5 1 1 2 24 HostA HostB ...

Page 49: ...thernet1 0 0 isis enable 1 Set the IS IS NET of RouterB to 10 0000 0000 0002 00 RouterB isis 1 RouterB isis 1 network entity 10 0000 0000 0002 00 RouterB isis 1 quit RouterB interface gigabitethernet 1 0 0 RouterB GigabitEthernet1 0 0 isis enable 1 RouterB interface gigabitethernet 2 0 0 RouterB GigabitEthernet2 0 0 isis enable 1 Set the IS IS NET of RouterD to 10 0000 0000 0003 00 RouterD isis 1 ...

Page 50: ...by track ip route 4 1 1 0 255 255 255 0 5 Verify the configuration After the configuration is complete RouterA can ping the destination IP address 4 1 1 2 24 RouterA ping 4 1 1 2 PING 4 1 1 2 56 data bytes press CTRL_C to break Reply from 4 1 1 2 bytes 56 Sequence 1 ttl 255 time 1 ms Reply from 4 1 1 2 bytes 56 Sequence 2 ttl 255 time 5 ms Reply from 4 1 1 2 bytes 56 Sequence 3 ttl 255 time 1 ms R...

Page 51: ...status is ERR and the status of GigabitEthernet2 0 0 is Up indicating that the backup interface has started RouterA display standby state Interface Interfacestate Backupstate Backupflag Pri Loadstate Backup flag meaning M MAIN B BACKUP V MOVED U USED D LOAD P PULLED Below is track BFD information Bfd Name Bfd State BackupInterface State Below is track IP route information Destination Mask Route St...

Page 52: ...tion Mask Route State BackupInterface State 4 1 1 0 24 OK GigabitEthernet2 0 0 STANDBY Below is track NQA Information Instance Name BackupInterface State Configuration Files l Configuration file of RouterA sysname RouterA isis 1 is level level 1 network entity 10 0000 0000 0001 00 interface GigabitEthernet1 0 0 ip address 2 1 1 1 255 255 255 0 isis enable 1 interface GigabitEthernet2 0 0 ip addres...

Page 53: ... of an Ethernet Interface This section provides an example showing how to associate interface backup with NQA Networking Requirements As shown in Figure 1 14 the egress gateway RouterA in the headquarters of company A connects to the IP network through GE1 0 0 The link between GE1 0 0 and the IP network is used as the primary link and the link between PRI1 0 0 15 ISDN interface and the ISDN is use...

Page 54: ...ith NQA on backup interface PRI1 0 0 15 of RouterA Data Preparation To complete the configuration you need the following data l IP addresses of interfaces on RouterA RouterB RouterC and RouterD dialer numbers and static routes l Administrator and name of the NQA test instance l NQA test instance type the NQA test instance can only be ICMP l Destination IP address of the NQA test instance l Start a...

Page 55: ...1 1 0 0 RouterA E1 1 0 0 pri set RouterA E1 1 0 0 quit Assign an IP address to PRI1 0 0 15 enable C DCC and configure the dialer number RouterA interface Serial 1 0 0 15 RouterA Serial1 0 0 15 ip address 3 1 1 1 24 RouterA Serial1 0 0 15 dialer enable circular RouterA Serial1 0 0 15 dialer group 1 RouterA Serial1 0 0 15 dialer route ip 3 1 1 2 600502 RouterA Serial1 0 0 15 quit Configure a static ...

Page 56: ...mpletion success RTD OverThresholds number 0 Attempts number 1 Drop operation number 0 Disconnect operation number 0 Operation timeout number 0 System busy operation number 0 Connection fail number 0 Operation sequence errors number 0 RTT Stats errors number 0 Destination ip address 4 1 1 2 Min Max Average Completion Time 60 90 80 Sum Square Sum Completion Time 240 19800 Last Good Probe Time 2011 ...

Page 57: ...0 Destination ip address 4 1 1 2 Min Max Average Completion Time 0 0 0 Sum Square Sum Completion Time 0 0 Last Good Probe Time 0000 00 00 00 00 00 0 Lost packet ratio 100 After 10s run the display standby state command on RouterA The command output shows that the NQA test instance status is ERR and the status of backup interface Serial 1 0 0 15 is Up indicating that the backup interface has starte...

Page 58: ... Name Bfd State BackupInterface State Below is track IP route information Destination Mask Route State BackupInterface State Below is track NQA Information Instance Name BackupInterface State user test OK Serial 1 0 0 15 STANDBY Configuration Files l Configuration file of RouterA sysname RouterA controller E1 1 0 0 pri set interface Serial1 0 0 15 link protocol ppp ip address 3 1 1 1 255 255 255 0...

Page 59: ...rence 80 ip route static 3 1 1 0 255 255 255 0 Serial 1 0 0 15 preference 60 return l Configuration file of RouterC sysname RouterC interface GigabitEthernet1 0 0 ip address 2 1 1 2 255 255 255 0 return l Configuration file of RouterD sysname RouterD interface GigabitEthernet1 0 0 ip address 4 1 1 1 255 255 255 0 ip route static 2 1 1 0 255 255 255 0 4 1 1 1 preference 80 ip route static 3 1 1 0 2...

Page 60: ...ISDN PRI1 0 0 15 IP 3 1 1 1 24 ISDN 600501 Headquarters of company A Primary link Backup link Configuration Roadmap The configuration roadmap is as follows 1 Configure IP addresses for interfaces on routes along the primary link and static routes to ensure connectivity at the network layer 2 Configure C DCC on RouterA and RouterB and configure dialer numbers 600501 and 600502 so that RouterA can i...

Page 61: ... 1 2 preference 80 On RouterB configure a static route to 2 1 1 0 24 of RouterA RouterB ip route static 2 1 1 0 255 255 255 0 4 1 1 1 preference 80 2 Configure C DCC on RouterA Create dialer group 1 and configure a dialer rule in the group RouterA dialer rule RouterA dialer rule dialer rule 1 ip permit RouterA dialer rule quit Configure a serial interface RouterA controller e1 1 0 0 RouterA E1 1 0...

Page 62: ...test commit RouterB bfd session test quit 5 Configure association between interface backup and BFD on backup interface PRI1 0 0 15 RouterA interface Serial 1 0 0 15 RouterA Serial1 0 0 15 standby track bfd session session name test RouterA Serial1 0 0 15 quit 6 Verify the configuration Run the display bfd session all verbose command on RouterA The command output shows that the BFD session status i...

Page 63: ...down command on GigabitEthernet1 0 0 of RouterB to simulate a link fault Run the display bfd session all verbose command on RouterA The command output shows that the BFD session status is Down RouterA display bfd session all verbose Session MIndex 256 Multi Hop State Down Name test Local Discriminator 10 Remote Discriminator 100 Session Detect Mode Asynchronous Mode Without Echo Function BFD Bind ...

Page 64: ...LED Below is track BFD information Bfd Name Bfd State BackupInterface State test ERR Serial 1 0 0 15 UP Below is track IP route information Destination Mask Route State BackupInterface State Below is track NQA Information Instance Name BackupInterface State Run the undo shutdown command on GigabitEthernet1 0 0 of RouterB to make the interface Up After 10s run the display standby state command on R...

Page 65: ... dialer route ip 3 1 1 2 600502 standby track bfd session session name test dialer rule dialer rule 1 ip permit interface GigabitEthernet1 0 0 ip address 2 1 1 1 255 255 255 0 ip route static 4 1 1 0 255 255 255 0 2 1 1 2 preference 80 ip route static 3 1 1 0 255 255 255 0 Serial 1 0 0 15 preference 60 bfd bfd test bind peer ip 4 1 1 2 discriminator local 10 discriminator remote 100 commit return ...

Page 66: ...r Configuring Association Between Interface Backup and Routing on an ISDN Network This section describes how to configure association between interface backup and routing Networking Requirements As shown in Figure 1 16 the egress gateway RouterA of the headquarters of company A connects to the IP network through GE1 0 0 The link between GE1 0 0 and the IP network is used as the primary link The li...

Page 67: ... Configure association between interface backup and routing on backup interface PRI1 0 0 15 of RouterA Data Preparation To complete the configuration you need the following data l IP addresses and dialer numbers of interfaces on RouterA RouterB RouterC and RouterD l Static route on the backup link l Destination IP address of the route associated with interface backup 4 1 1 0 24 Procedure 1 Assign ...

Page 68: ...rB ospf 1 area 0 0 0 0 quit Configure RouterC RouterC ospf RouterC ospf 1 area 0 RouterC ospf 1 area 0 0 0 0 network 2 1 1 0 0 0 0 255 RouterC ospf 1 area 0 0 0 0 quit Configure RouterD RouterD ospf RouterD ospf 1 area 0 RouterD ospf 1 area 0 0 0 0 network 4 1 1 0 0 0 0 255 RouterD ospf 1 area 0 0 0 0 quit After the configuration is complete run the display ospf routing command on RouterA to view ...

Page 69: ... e1 1 0 0 RouterB E1 1 0 0 pri set RouterB E1 1 0 0 quit Assign an IP address to PRI1 0 0 15 enable C DCC and configure the dialer number RouterB interface Serial 1 0 0 15 RouterB Serial1 0 0 15 ip address 3 1 1 2 24 RouterB Serial1 0 0 15 dialer enable circular RouterB Serial1 0 0 15 dialer group 2 RouterB Serial1 0 0 15 dialer route ip 3 1 1 1 600501 RouterB Serial1 0 0 15 quit Configure a stati...

Page 70: ... route information Destination Mask Route State BackupInterface State 4 1 1 0 24 OK PRI1 0 0 15 STANDBY Below is track NQA Information Instance Name BackupInterface State Run the shutdown command on GigabitEthernet1 0 0 of RouterA to simulate a link fault After 10s run the display standby state command on RouterA The command output shows that the NQA test instance status is ERR and the status of b...

Page 71: ...face Serial 1 0 0 15 has switched to the standby state RouterA display standby state Interface Interfacestate Backupstate Backupflag Pri Loadstate Backup flag meaning M MAIN B BACKUP V MOVED U USED D LOAD P PULLED Below is track BFD information Bfd Name Bfd State BackupInterface State Below is track IP route information Destination Mask Route State BackupInterface State Below is track NQA Informat...

Page 72: ...255 255 0 Serial4 0 0 15 return l Configuration file of RouterB sysname RouterB controller E1 1 0 0 pri set interface Serial1 0 0 15 link protocol ppp ip address 3 1 1 2 255 255 255 0 dialer enable circular dialer group 2 dialer route ip 3 1 1 1 600501 interface GigabitEthernet1 0 0 ip address 4 1 1 2 255 255 255 0 dialer rule dialer rule 2 ip permit ospf 1 area 0 0 0 0 network 4 1 1 0 0 0 0 255 i...

Page 73: ...l Configuration file of RouterD sysname RouterD interface GigabitEthernet1 0 0 ip address 4 1 1 1 255 255 255 0 ospf 1 area 0 0 0 0 network 4 1 1 0 0 0 0 255 return Huawei AR2200 S Series Enterprise Routers Configuration Guide Reliability 1 Interface Backup Configuration Issue 01 2012 01 06 Huawei Proprietary and Confidential Copyright Huawei Technologies Co Ltd 65 ...

Page 74: ...al networks 2 4 Configuring VRRP to Track the Status of an Interface By configuring a VRRP backup group to track the interface status you can implement the backup function when the interface fails 2 5 Configuring VRRP Applications in VLANIF By configuring a VRRP backup group on VLANIF interfaces you can perform the fast VRRP switchover 2 6 Configuring VRRP Security On a network at security risks b...

Page 75: ...ion Examples The following sections provide several examples for configuring VRRP to improve reliability Familiarize yourself with the configuration procedures against the networking diagram Each configuration example consists of the networking requirements configuration roadmap configuration procedures and configuration files Huawei AR2200 S Series Enterprise Routers Configuration Guide Reliabili...

Page 76: ...fined in RFC 3768 VRRP allows the hosts to select one of routes to multiple egress gateways by separating logical devices from physical devices On a LAN for example an Ethernet with multicast and broadcast capabilities VRRP uses logical gateways to provide high availability for transmission links preventing a gateway failure from interrupting services without changing the configuration of routing ...

Page 77: ...entication modes and authentication keys in the header of VRRP packets In a secure network you can adopt the default configuration That is the router does not authenticate the VRRP packets to be sent and received The router considers all the received packets as real and valid VRRP packets In this case no authentication key is required VRRP provides simple text authentication and MD5 authentication...

Page 78: ...roup 2 and the backup device in backup group 1 Some hosts on the network use backup group 1 as their gateway and others use backup group 2 as their gateway In this case they can back up each other and share the traffic NOTE The Ethernet interfaces GigabitEthernet interfaces Eth Trunk interfaces VLANIF interfaces and Ethernet sub interfaces support the VRRP features Pre configuration Tasks Before c...

Page 79: ...rtual IP addresses can be configured for a backup group For a VRRP backup working in load balancing mode you need to repeat the procedure to configure multiple backup groups on an interface At least two backup groups are required on an interface Backup groups are identified by VRIDs and their virtual IP addresses cannot be identical CAUTION To configure VRRP and static ARP simultaneously on a devi...

Page 80: ... VRRP backup group is configured By default the priority is 100 Priority 0 is reserved for special purpose Priority 255 is reserved for the IP address owner and this priority cannot be configured A priority ranges from 1 to 254 End 2 3 4 Checking the Configuration By viewing the VRRP backup group status you can check whether the configurations are successful Prerequisite The configurations of the ...

Page 81: ...11 21 19 46 09 GigabitEthernet1 0 0 Virtual Router 2 State Backup Virtual IP 10 137 217 2 Master IP 10 137 217 210 PriorityRun 120 PriorityConfig 120 MasterPriority 120 Preempt YES Delay Time 0 TimerRun 1 s TimerConfig 1 s Auth Type NONE Virtual Mac 0000 5e00 0102 Check TTL YES Config type normal vrrp Create time 2007 11 21 20 12 16 Last change time 2007 11 21 20 12 20 2 4 Configuring VRRP to Trac...

Page 82: ...ect to the network l Data Preparation To configure VRRP to track the status of an interface you need the following data No Data 1 VRRP Backup group ID the interfaces to be tracked priority that takes effect when the tracked interface becomes Down 2 4 2 Configuring VRRP to Track the Status of an Interface By configuring a VRRP backup group to track the interface status you can implement the fast VR...

Page 83: ...oup you can check whether the configurations are successful Prerequisite The configurations of enabling VRRP to track the status of an interface are complete Procedure l Run the display vrrp interface interface type interface number virtual router id brief command to check the VRRP status End Example Run the display vrrp command and you can view the Track IF field and the IF State field The Track ...

Page 84: ...ollowings tasks l Configuring physical parameters for interfaces l Configuring link layer attributes for interfaces l Configuring sub VLAN l Configuring super VLAN Data Preparation To configure VRRP on the VLANIF interface you need the following data No Data 1 Super VLAN ID 2 Sub VLAN ID 3 Backup group ID 4 Virtual IP address of the backup group 2 5 2 Configuring VRRP on VLANIF By creating a VRRP ...

Page 85: ...stem view is displayed Step 2 Run interface vlanif vlan id The VLANIF interface view is displayed Step 3 Run vrrp advertise send mode sub vlan id all The mode of sending VRRP advertising messages is configured End 2 5 4 Checking the Configuration By viewing the status of a VRRP backup group you can check whether the configurations are successful Prerequisite The configurations of the VRRP applicat...

Page 86: ...need to configure an authentication key VRRP provides simple text authentication and MD5 authentication for networks that are vulnerable to attacks In simple text authentication mode a string of 1 to 8 characters can be configured as the authentication key In MD5 authentication mode a string of 1 to 8 characters in plain text or a string of 24 characters in encrypted text can be configured as the ...

Page 87: ...s can be authenticated in simple text mode or MD5 mode Procedure Step 1 Run system view The system view is displayed Step 2 Run interface interface type interface number The interface view is displayed Step 3 Run vrrp vrid virtual router id virtual ip virtual address A backup group is created and its virtual IP address is specified Step 4 optional Run vrrp vrid virtual router id priority priority ...

Page 88: ...10 137 217 1 Master IP 10 137 217 210 PriorityRun 90 PriorityConfig 100 MasterPriority 90 Preempt YES Delay Time 0 TimerRun 1 s TimerConfig 1 s Auth Type MD5 Auth key 3MQ TZ O3KCQ Q MAF4 1 Virtual Mac 0000 5e00 0101 Check TTL YES Config type normal vrrp Track IF GigabitEthernet2 0 0 Priority reduced 10 IF State DOWN Create time 2007 11 21 19 46 05 Last change time 2007 11 21 19 46 09 According to ...

Page 89: ...e reachability of the virtual IP address you can ping the virtual IP address to check the network connectivity l By prohibiting the system from checking number of hops in VRRP packets you can improve the compatibility of Huawei routers with different vendors routers Pre configuration Tasks Before adjusting and optimizing VRRP complete the following tasks l Configuring network layer attributes for ...

Page 90: ...ion Delay Time of Backup Group Routers By setting the preemption delay time of routers in a VRRP backup group you can speed up or slow the master backup switchover Procedure Step 1 Run system view The system view is displayed Step 2 Run interface interface type interface number The interface view is displayed Step 3 Run vrrp vrid virtual router id preempt mode timer delay delay value The preemptio...

Page 91: ...e master router can ensure that the original primary link has enough time to restore and work stably and then switch back At the same time the backup link works normally If the data is switched back to the original primary link the application is not affected End 2 7 4 Enabling the Reachability Test of the Virtual IP Address By enabling the reachability test of a virtual IP address you can use the...

Page 92: ...rp un check ttl Checking TTLs in VRRP packets is disabled By default TTLs in VRRP packets are detected You can run the undo vrrp un check ttl command to enable the router to check TTLs in VRRP packets End 2 7 6 Configuring the Timeout Time of Sending Gratuitous ARP Packets by the Master router By adjusting the interval for sending gratuitous ARP packets on the master device you can reduce the numb...

Page 93: ...P advertisement packet is modified as 5 seconds The default interval is 1 second Huawei display vrrp GigabitEthernet1 0 0 Virtual Router 1 State Master Virtual IP 10 137 217 1 Master IP 10 137 217 210 PriorityRun 100 PriorityConfig 100 MasterPriority 100 Preempt YES Delay Time 100 TimerRun 5 s TimerConfig 5 s Auth Type NONE Virtual Mac 0000 5e00 0101 Check TTL NO Config type normal vrrp Create tim...

Page 94: ... Run system view The system view is displayed Step 2 Run vrrp version v3 The VRRP version of the current device is set to VRRPv3 Step 3 Optional Run vrrp version 3 send packet mode v2 only v3 only v2v3 both The mode for sending Advertisement packets in VRRPv3 is set The default VRRP version is v2 If the VRRP version is switched to v3 the default mode for sending advertisement packets is v3 only En...

Page 95: ...in BFD session is notified to the VRRP module to trigger a fast VRRP switchover A VRRP backup group tracks the following entities l Normal BFD session l Interface A VRRP backup group tracks multiple normal BFD sessions or multiple interfaces If the VRRP backup group tracks several BFD sessions a change in the status of a BFD session does not affect other BFD sessions status If the status of one BF...

Page 96: ...e increased reduced value reduced A normal BFD session is tracked by the VRRP backup group increased value increased specifies the value by which the priority level increases if the tracked BFD session goes Down The value ranges from 1 to 255 for the IP address owner reduced value reduced specifies the value by which the priority level decreases if the tracked BFD session goes Down The value range...

Page 97: ...ce reports the link status to the VRRP backup group This mechanism enables the VRRP backup group to monitor the link connecting the master AR2200 S to the external network If the link fails hosts on a LAN cannot access an external network through the master router NQA detects this fault and notifies VRRP of the fault The VRRP backup group lowers the master router s priority by a configured value T...

Page 98: ...s reserved If a VRRP Advertisement packet carrying the priority value of 0 is received the backup device immediately preempts the Master state End 2 9 4 Associating VRRP with a Route to Implement a Rapid Master Backup VRRP Switchover A VRRP backup group can track an uplink route connected to a network If the tracked route is withdrawn or becomes inactive the VRRP backup group is notified of the ch...

Page 99: ...ases if the tracked route is withdrawn or becomes inactive The value ranges from 1 to 255 The priority value 0 is reserved If a VRRP Advertisement packet carrying the priority value of 0 is received the backup device immediately preempts the Master state End 2 9 5 Checking the Configuration By viewing the status of a BFD session tracked by a VRRP backup group you can check whether the configuratio...

Page 100: ...ace type interface number virtual router id brief command in any view to check the current running status and parameters of VRRP End 2 11 Configuration Examples The following sections provide several examples for configuring VRRP to improve reliability Familiarize yourself with the configuration procedures against the networking diagram Each configuration example consists of the networking require...

Page 101: ...ation roadmap is as follows 1 Create the backup group 1 on the GE 2 0 0 on Router A and configure Router A with the highest priority in the backup group to be the master router Configure the preemption mode 2 Create backup group 1 on the GE 2 0 0 interface on Router B and use the default priority Data Preparation To complete the configuration you need the following data l Virtual router ID and vir...

Page 102: ...o use OSPF for interconnection For the details about the configuration see the configuration file Step 3 Verify the configuration l Check that the VRRP backup group can serve as a gateway After the previous configuration Host A can ping through Host B Running the display vrrp command on Router A you can view that the status of Router A is Master RouterA display vrrp GigabitEthernet2 0 0 Virtual Ro...

Page 103: ...as an example RouterB display ip routing table Route Flags R relied D download to fib Routing Tables Public Destinations 10 Routes 10 Destination Mask Proto Pre Cost Flags NextHop Interface 10 1 1 0 24 Direct 0 0 D 10 1 1 2 GigabitEthernet2 0 0 10 1 1 2 32 Direct 0 0 D 127 0 0 1 InLoopBack0 10 1 1 111 32 OSPF 10 2 D 10 1 1 1 GigabitEthernet2 0 0 20 1 1 0 24 OSPF 10 2 D 192 168 2 2 GigabitEthernet1...

Page 104: ...5 255 255 0 interface GigabitEthernet2 0 0 ip address 10 1 1 1 255 255 255 0 vrrp vrid 1 virtual ip 10 1 1 111 vrrp vrid 1 priority 120 vrrp vrid 1 preempt mode timer delay 20 ospf 1 area 0 0 0 0 network 192 168 1 0 0 0 0 255 network 10 1 1 0 0 0 0 255 return l Configuration file of Router B sysname RouterB interface GigabitEthernet1 0 0 ip address 192 168 2 1 255 255 255 0 interface GigabitEthern...

Page 105: ...r router of backup group 2 and the backup router of backup group 1 l Host A in the internal network takes backup group 1 as its gateway and Host C takes backup group 2 as its gateway to share the traffic and backup each other Figure 2 4 Networking diagram of configuring VRRP in load balancing mode 20 1 1 100 24 RouterB group 1 Backup group 2 Master Backup group 2 Virtual IP Address 10 1 1 112 Back...

Page 106: ...B configure the IP address of the interface create backup group 1 and configure the priority of Router B in this group with the default value 100 as the backup router Create backup group 2 and configure the priority of Router B in this backup group with 120 as the master router Huawei system view Huawei sysname RouterB RouterB interface gigabitethernet 2 0 0 RouterB GigabitEthernet2 0 0 ip address...

Page 107: ...group 2 RouterA display vrrp GigabitEthernet2 0 0 Virtual Router 1 State Master Virtual IP 10 1 1 111 Master IP 10 1 1 1 PriorityRun 120 PriorityConfig 120 MasterPriority 120 Preempt YES Delay Time 0 TimerRun 1 s TimerConfig 1 s Auth Type NONE Virtual Mac 0000 5e00 0101 Check TTL YES Config type normal vrrp Create time 2007 11 22 16 02 21 Last change time 2007 11 22 16 02 25 GigabitEthernet2 0 0 V...

Page 108: ...ss 192 168 1 2 255 255 255 0 interface GigabitEthernet2 0 0 ip address 192 168 2 2 255 255 255 0 interface GigabitEthernet3 0 0 ip address 20 1 1 1 255 255 255 0 ospf 1 area 0 0 0 0 network 192 168 1 0 0 0 0 255 network 192 168 2 0 0 0 0 255 network 20 1 1 0 0 0 0 255 return 2 11 3 Example for Associating BFD with VRRP In this example by tracking BFD sessions a VRRP group can use the backup device...

Page 109: ...diagram for association between BFD and VRRP RouterA RouterB SwitchA GE2 0 0 10 1 1 1 24 GE1 0 0 192 168 0 2 24 GE2 0 0 10 1 1 2 24 GE1 0 0 192 168 0 1 24 VRRP Backup group 10 Virtual IP address 10 1 1 3 GE2 0 0 GE2 0 1 Ineternet Primary link Backup link HostA HostB HostC NOTE If the peer device does not support BFD configure the BFD echo function on the BFD supporting device The BFD supporting de...

Page 110: ... group 10 on Router A and set the priority of RouterA in VRRP group 10 to 160 so that RouterA functions as the master in VRRP group 10 Huawei system view Huawei sysname RouterA RouterA interface gigabitethernet 2 0 0 RouterA GigabitEthernet2 0 0 vrrp vrid 10 virtual ip 10 1 1 3 RouterA GigabitEthernet2 0 0 vrrp vrid 10 priority 160 RouterA GigabitEthernet2 0 0 quit Create VRRP group 10 on RouterB ...

Page 111: ...umber 1 0 Step 4 Associate BFD with RRPP Track the BFD session on the backuprouter If the BFD session is Down the priority of Router B increases by 40 RouterB interface gigabitethernet 2 0 0 RouterB GigabitEthernet2 0 0 vrrp vrid 10 track bfd session 2 increased 40 RouterB GigabitEthernet2 0 0 quit Run the display vrrp command on Route A or Router B You can see that Router A is the master and Rout...

Page 112: ...ity 0 Preempt YES Delay Time 0 s TimerRun 1 s TimerConfig 1 s Auth Type NONE Virtual Mac 0000 5e00 0110 Check TTL YES Config type normal vrrp Create time 2010 06 22 17 32 56 Last change time 2010 06 22 17 33 06 Run the display vrrp command on Router B You can see that Router B becomes the master router and the BFD session when it is Down RouterB display vrrp GigabitEthernet2 0 0 Virtual Router 10 ...

Page 113: ...nator local 2 discriminator remote 1 min tx interval 50 min rx interval 50 commit return l Configuration file of SwitchA sysname SwitchA vlan batch 10 interface Vlanif10 ip address 10 1 1 4 255 255 255 0 interface GigabitEthernet2 0 1 port default vlan 10 interface GigabitEthernet2 0 0 port default vlan 10 return 2 11 4 Example for Associating a VRRP Backup Group with an NQA Test Instance In this ...

Page 114: ...aster router s priority by a configured value The backup router with the highest priority will become the new master router and take over traffic The process ensures that the communication between the hosts and the external network is not interrupted After the link recovers NQA detects the status change and instructs the VRRP backup group to restore the priority of the previous master router On th...

Page 115: ...0 by which router A s VRRP priority value decreases each time a fault occurs in the link connected to router A Procedure Step 1 Assign IP addresses to interfaces on Router A The configuration of Router A is similar to the configurations of the switch Router B and Router C For details about configurations see the configuration files Assign IP addresses to GE 1 0 0 and GE 2 0 0 Huawei system view Hu...

Page 116: ...e normal vrrp Create time 2011 04 19 16 18 13 Last change time 2011 04 19 16 18 13 Step 3 Configure an NQA test instance with the destination IP address of 20 1 1 1 24 on Router A RouterA nqa test instance admin test1 RouterA nqa admin test1 test type icmp RouterA nqa admin test1 destination address ipv4 20 1 1 1 RouterA nqa admin test1 ttl 10 RouterA nqa admin test1 frequency 20 RouterA nqa admin...

Page 117: ...end operation times 3 Receive response times 0 Completion failed RTD OverThresholds number 0 Attempts number 1 Drop operation number 3 Disconnect operation number 0 Operation timeout number 0 System busy operation number 0 Connection fail number 0 Operation sequence errors number 0 RTT Stats errors number 0 Destination ip address 20 1 1 1 Min Max Average Completion Time 0 0 0 Sum Square Sum Comple...

Page 118: ... 120 Preempt YES Delay Time 20 TimerRun 1 s TimerConfig 1 s Auth Type NONE Virtual Mac 0000 5e00 0101 Check TTL YES Config type normal vrrp Track NQA admin test1 Priority reduced 40 NQA state success Create time 2011 04 19 16 51 38 Last change time 2011 04 19 16 51 42 RouterB display vrrp GigabitEthernet1 0 0 Virtual Router 1 State Backup Virtual IP 10 1 1 10 Master IP 10 1 1 1 PriorityRun 100 Pri...

Page 119: ...al ip 10 1 1 10 interface GigabitEthernet2 0 0 ip address 192 168 2 1 255 255 255 0 ip route static 30 1 1 0 255 255 255 0 GigabitEthernet2 0 0 192 168 2 0 return l Configuration file of Router C sysname RouterC interface GigabitEthernet2 0 0 loopback local ip address 20 1 1 1 255 255 255 0 interface GigabitEthernet1 0 0 ip address 192 168 1 2 255 255 255 0 return l Configuration file of the switc...

Page 120: ...er B are two gateways and they form a VRRP backup group working in master backup mode Router A the master is associated with a route to Router C s interface connected to the network If the interface goes Down the RM module instructs the VRRP module to perform a master backup VRRP switchover After the interface goes Up traffic switches back to the previous master device Figure 2 7 Networking diagra...

Page 121: ...m view Huawei sysname RouterA RouterA interface gigabitethernet 1 0 0 RouterA GigabitEthernet1 0 0 ip address 10 1 1 1 24 RouterA GigabitEthernet1 0 0 quit RouterA interface gigabitethernet 2 0 0 RouterA GigabitEthernet2 0 0 ip address 192 168 1 1 24 RouterA GigabitEthernet2 0 0 quit Step 2 Configure basic functions of a VRRP backup group Configure a VRRP backup group with VRID of 1 on Router A an...

Page 122: ... quit RouterA interface gigabitethernet 1 0 0 RouterA GigabitEthernet1 0 0 isis enable 1 RouterA interface gigabitethernet 2 0 0 RouterA GigabitEthernet2 0 0 isis enable 1 Set the IS IS entity name to 10 0000 0000 0002 00 on Router C RouterC isis 1 RouterC isis 1 network entity 10 0000 0000 0002 00 RouterC isis 1 quit RouterC interface gigabitethernet 1 0 0 RouterC GigabitEthernet1 0 0 isis enable...

Page 123: ...1162 55 0 0 0 Total LSP s 3 In TLV Leaking Route By LSPID Self LSP Self LSP Extended ATT Attached P Partition OL Overload Run the display isis route command on Router C to view route information RouterC display isis route Route information for ISIS 1 ISIS 1 Level 1 Forwarding Table IPV4 Destination IntCost ExtCost ExitInterface NextHop Flags 192 168 1 0 24 10 NULL GE1 0 0 Direct D L 10 1 1 10 32 2...

Page 124: ...status of Router B is Master and that of Router A is Backup This means that a master backup VRRP switchover has been performed RouterA display vrrp GigabitEthernet1 0 0 Virtual Router 1 State Backup Virtual IP 10 1 1 10 Master IP 10 1 1 2 PriorityRun 80 PriorityConfig 120 MasterPriority 100 Preempt YES Delay Time 20 TimerRun 1 s TimerConfig 1 s Auth Type NONE Virtual Mac 0000 5e00 0101 Check TTL Y...

Page 125: ...1 10 Master IP 10 1 1 1 PriorityRun 100 PriorityConfig 100 MasterPriority 120 Preempt YES Delay Time 0 TimerRun 1 s TimerConfig 1 s Auth Type NONE Virtual Mac 0000 5e00 0101 Check TTL YES Config type normal vrrp Create time 2011 06 08 15 49 45 Last change time 2011 06 08 16 02 45 End Configuration Files l Configuration file of Router A sysname RouterA isis 1 is level level 1 network entity 10 0000...

Page 126: ... file of the switch sysname Switch vlan batch 10 interface Vlanif10 ip address 10 1 1 3 255 255 255 0 interface GigabitEthernet1 0 0 portswitch port default vlan 10 interface GigabitEthernet2 0 0 portswitch port default vlan 10 return 2 11 6 Example for Configuring VRRP on Dot1q Termination Subinterfaces In this example configure VRRP on Dot1q termination subinterfaces to ensure that terminal user...

Page 127: ...1 0 1 GE1 0 2 VLAN10 Host 100 1 1 3 24 GE2 0 0 GE1 0 0 Configuration Roadmap The configuration roadmap is as follows 1 Configure OSPF to enable RouterA RouterB and RouterC to communicate with each other 2 Configure Dot1q termination subinterfaces on RouterA and RouterB 3 Create backup group 1 on GE2 0 0 1 of RouterA Configure the highest priority for RouterA in the backup group to ensure that Rout...

Page 128: ... ip address 192 168 1 1 24 RouterB GigabitEthernet1 0 0 quit RouterB interface gigabitethernet 2 0 0 1 RouterB GigabitEthernet2 0 0 1 ip address 100 1 1 2 24 RouterB GigabitEthernet2 0 0 1 control vid 10 dot1q termination RouterB GigabitEthernet2 0 0 1 dot1q termination vid 10 RouterB GigabitEthernet2 0 0 1 arp broadcast enable RouterB GigabitEthernet2 0 0 1 quit RouterB ospf RouterB ospf 1 area 0...

Page 129: ...lt gateway as 100 1 1 111 Create backup group 1 on RouterA and set the priority of RouterA in this group to 120 RouterA functions as the master RouterA interface gigabitethernet 2 0 0 1 RouterA GigabitEthernet2 0 0 1 dot1q vrrp vid 10 RouterA GigabitEthernet2 0 0 1 vrrp vrid 1 virtual ip 100 1 1 111 RouterA GigabitEthernet2 0 0 1 vrrp vrid 1 priority 120 RouterA GigabitEthernet2 0 0 1 vrrp vrid 1 ...

Page 130: ...outerB to verify that RouterA functions as the master and RouterB functions as the backup RouterA display vrrp GigabitEthernet2 0 0 1 Virtual Router 1 State Master Virtual IP 100 1 1 111 Master IP 100 1 1 1 PriorityRun 120 PriorityConfig 120 MasterPriority 120 Preempt YES Delay time 20 TimerRun 1 TimerConfig 1 Auth type NONE Virtual MAC 0000 5e00 0101 Check TTL YES Config type normal vrrp RouterB ...

Page 131: ...t 0 0 D 127 0 0 1 InLoopBack0 127 0 0 1 32 Direct 0 0 D 127 0 0 1 InLoopBack0 192 168 1 0 24 Direct 0 0 D 192 168 1 1 GigabitEthernet1 0 0 192 168 1 1 32 Direct 0 0 D 127 0 0 1 GigabitEthernet1 0 0 192 168 1 2 32 Direct 0 0 D 192 168 1 2 GigabitEthernet1 0 0 192 168 2 0 30 OSPF 10 2 D 192 168 1 2 GigabitEthernet1 0 0 Verify that RouterB can function as the gateway when RouterA fails Run the shutdo...

Page 132: ...A functions as the master RouterA display vrrp GigabitEthernet2 0 0 1 Virtual Router 1 State Master Virtual IP 100 1 1 111 Master IP 100 1 1 1 PriorityRun 120 PriorityConfig 120 MasterPriority 100 Preempt YES Delay time 20 TimerRun 1 TimerConfig 1 Auth type NONE Virtual MAC 0000 5e00 0101 Check TTL YES Config type normal vrrp End Configuration Files l Configuration file of RouterA sysname RouterA ...

Page 133: ...erface GigabitEthernet1 0 1 ip address 192 168 1 2 255 255 255 0 ospf 1 area 0 0 0 0 network 192 168 1 0 0 0 0 255 network 192 168 2 0 0 0 0 255 return l Configuration file of Switch sysname Switch vlan batch 10 interface GigabitEthernet1 0 0 port default vlan 10 interface GigabitEthernet1 0 1 port trunk allow pass vlan 10 interface GigabitEthernet1 0 2 port trunk allow pass vlan 10 return 2 11 7 ...

Page 134: ...of QinQ termination subinterfaces supporting VRRP 192 168 2 1 24 IP Network RouterA GE2 0 0 1 100 1 1 1 24 GE2 0 0 2 200 1 1 1 24 RouterB SwitchA 192 168 1 1 24 GE1 0 0 192 168 1 2 24 GE1 0 0 192 168 2 2 24 Backup Group1 Virture IP address 100 1 1 111 24 RouterC GE1 0 1 GE1 0 1 GE2 0 0 GE1 0 0 Backup Group2 Virture IP address 200 1 1 111 24 GE2 0 0 1 100 1 1 2 24 GE2 0 0 2 200 1 1 2 24 SwitchB GE1...

Page 135: ... between the Routers Configure OSPF on RouterA RouterB and RouterC Configure RouterA Huawei system view Huawei sysname RouterA RouterA interface gigabitethernet 1 0 0 RouterA GigabitEthernet1 0 0 ip address 192 168 2 1 24 RouterA GigabitEthernet1 0 0 quit RouterA interface GigabitEthernet 2 0 0 1 RouterA GigabitEthernet2 0 0 1 ip address 100 1 1 1 24 RouterA GigabitEthernet2 0 0 1 control vid 1 qi...

Page 136: ...outerC ospf 1 area 0 0 0 0 network 192 168 1 0 0 0 0 255 RouterC ospf 1 area 0 0 0 0 network 192 168 2 0 0 0 0 255 RouterC ospf 1 area 0 0 0 0 quit RouterC ospf 1 quit After the preceding configurations are complete RouterA and RouterB can obtain the routes to the peer IP address using OSPF and can ping each other The following shows the output for RouterA RouterA display ip routing table Route Fl...

Page 137: ...itEthernet2 0 0 1 quit RouterB interface gigabitethernet 2 0 0 2 RouterB GigabitEthernet2 0 0 2 qinq vrrp pe vid 100 ce vid 20 RouterB GigabitEthernet2 0 0 2 vrrp vrid 2 virtual ip 200 1 1 111 RouterB GigabitEthernet2 0 0 2 quit NOTE When you run the qinq termination command on the same main interface the ce vid values of the two subinterfaces must be different if their pe vid values are the same ...

Page 138: ...kup group can function as the gateway Run the display vrrp command on RouterA and RouterB to verify that RouterA functions as the master and RouterB functions as the backup RouterA display vrrp GigabitEthernet2 0 0 1 Virtual Router 1 State Master Virtual IP 100 1 1 111 Master IP 100 1 1 1 PriorityRun 120 PriorityConfig 120 MasterPriority 120 Preempt YES Delay time 20 TimerRun 1 TimerConfig 1 Auth ...

Page 139: ... Direct 0 0 D 127 0 0 1 InLoopBack0 127 0 0 1 32 Direct 0 0 D 127 0 0 1 InLoopBack0 192 168 1 0 24 OSPF 10 2 D 100 1 1 2 GigabitEthernet2 0 0 1 OSPF 10 2 D 200 1 1 2 GigabitEthernet2 0 0 2 OSPF 10 2 D 192 168 2 2 GigabitEthernet1 0 0 192 168 2 0 24 Direct 0 0 D 192 168 2 1 GigabitEthernet1 0 0 192 168 2 1 32 Direct 0 0 D 127 0 0 1 GigabitEthernet1 0 0 192 168 2 2 32 Direct 0 0 D 192 168 2 2 Gigabi...

Page 140: ...tual Router 1 State Initialize Virtual IP 100 1 1 111 Master IP 100 1 1 1 PriorityRun 120 PriorityConfig 120 MasterPriority 0 Preempt YES Delay time 20 TimerRun 1 TimerConfig 1 Auth type NONE Virtual MAC 0000 5e00 0101 Check TTL YES Config type normal vrrp GigabitEthernet2 0 0 2 Virtual Router 2 State Master Virtual IP 200 1 1 111 Master IP 200 1 1 1 PriorityRun 120 PriorityConfig 120 MasterPriori...

Page 141: ...gabitEthernet2 0 0 2 Virtual Router 2 State Master Virtual IP 200 1 1 111 Master IP 200 1 1 1 PriorityRun 120 PriorityConfig 120 MasterPriority 120 Preempt YES Delay time 20 TimerRun 1 TimerConfig 1 Auth type NONE Virtual MAC 0000 5e00 0101 Check TTL YES Config type normal vrrp Wait for 20 seconds and run the display vrrp command on RouterA to view VRRP status The command output shows that RouterA...

Page 142: ...dress 200 1 1 1 255 255 255 0 vrrp vrid 2 virtual ip 200 1 1 111 vrrp vrid 2 priority 120 vrrp vrid 2 preempt mode timer delay 20 arp broadcast enable interface GigabitEthernet1 0 0 ip address 192 168 2 1 255 255 255 0 ospf 1 area 0 0 0 0 network 192 168 2 0 0 0 0 255 network 100 1 1 0 0 0 0 255 network 200 1 1 0 0 0 0 255 return l Configuration file of RouterB sysname RouterB interface GigabitEth...

Page 143: ...5 255 0 ospf 1 area 0 0 0 0 network 192 168 1 0 0 0 0 255 network 192 168 2 0 0 0 0 255 return l Configuration file of SwitchB sysname SwitchB vlan batch 10 interface GigabitEthernet1 0 0 port default vlan 10 interface GigabitEthernet1 0 1 port trunk allow pass vlan 10 return l Configuration file of SwitchC sysname SwitchC vlan batch 20 interface GigabitEthernet1 0 0 port default vlan 20 interface...

Page 144: ... scenarios a BFD session is configured to go Up after a delay Setting a delay for a BFD session status change to Up can prevent traffic loss that occurs if an interface goes Up before the routing protocol 3 6 Configuring a BFD Session with the One Arm Echo Function By configuring a BFD session with the one arm Echo function you can fast detect and monitor a direct link between a BFD capable device...

Page 145: ... helps you connect the current device and a device running an early version 3 12 Maintaining BFD This section describes how to maintain BFD by deleting BFD statistics and monitoring BFD operations 3 13 Configuration Examples The following sections provide several examples for configuring fast BFD link detection Familiarize yourself with the configuration procedures against the networking diagram E...

Page 146: ... means that a fault between interconnected systems is difficult to locate BFD is developed to resolve these problems BFD provides the following functions l Detects faults rapidly along paths between neighboring forwarding engines with light loads and high speeds l Uses a single mechanism to monitor any kind of medium and protocol layer in real time Detection time and costs vary 3 1 2 BFD Features ...

Page 147: ... s name is replaced by the static BFD session s name Smallest values of the parameters of the two BFD sessions are used At present a BFD session working as both a dynamic BFD session and a static BFD session with automatically negotiated discriminators is supported by BFD for OSPF and BFD for BGP Single hop BFD and Multi hop BFD The AR2200 S supports single hop BFD and multi hop BFD to detect the ...

Page 148: ... to single hop BFD sessions Figure 3 1 Networking diagram for the BFD echo function BFD capable RouterA RouterB BFD incapable As shown in Figure 3 1 RouterA supports BFD whereas RouterB does not support BFD The BFD echo function is configured on RouterA to detect the connectivity of the single hop path between RouterA and RouterB After RouterB receives a BFD echo packet from RouterA RouterB loops ...

Page 149: ...ce bound to the BFD session A BFD session must be bound to a main interface When the BFD session goes Down the BFD statuses of the bound interface and all sub interfaces go Down and the interface status change is reported to the application on the sub interfaces When the BFD session goes Up the BFD statuses of the bound interface and all sub interfaces go Up This function saves session resources i...

Page 150: ...structs BFD through the RM module to establish BFD sessions This can rapidly detect the neighbor relationship Detection parameters of BFD sessions are negotiated by both ends using the routing protocol When a BFD session detects a fault the BFD session becomes Down BFD triggers route convergence through the RM module When a neighbor becomes unreachable the routing protocol instructs BFD to delete ...

Page 151: ...is displayed Step 2 Run bfd BFD is enabled globally and the BFD view is displayed Step 3 Optional Run default ip address ip address The default multicast IP address of BFD is configured By default the multicast IP address used by BFD is 224 0 0 184 NOTE If more than one BFD session is created for the same link for example a Layer 3 interface is connected by BFD enabled Layer 2 switches different d...

Page 152: ...gotiated again only when the original link fails l On a Layer 2 interface Layer 3 interface or a Layer 3 sub interface run bfd cfg name bind peer ip default ip interface interface type interface number source ip source ip A multicast BFD session is created NOTE Before creating a multicast BFD session on a Layer 3 interface or a Layer 3 sub interface configure an IP address for the interface to ens...

Page 153: ...session all discriminator discr value dynamic peer ip peer ip vpn instance vpn instance name static verbose command to check information about a BFD session l Run the display bfd statistics command to check the global statistics of the BFD sessions l Run the display bfd statistics session all static dynamic discriminator discr value peer ip default ip peer ip vpn instance vpn instance name command...

Page 154: ...ti hop links on a network 3 3 1 Establishing the Configuration Task Before configuring a multi hop BFD session familiarize yourself with the applicable environment and data preparation Applicable Environment To rapidly detect the faults occur during IP router forwarding configure the multi hop BFD Pre configuration Tasks Before configuring multi hop BFD complete the following tasks l Correctly con...

Page 155: ...peer IP address to it After the BFD session is set up you cannot modify it l When the BFD configuration items are created the system checks only the format of the IP address rather than the correctness The BFD session cannot be established if incorrect peer IP address or source IP address is bound l When the BFD and URPF are used together URPF checks the source IP address of the received packets T...

Page 156: ...viewing the status and type of a BFD session you can check whether the configurations are successful Prerequisite The configurations of the multi hop BFD function are complete Context NOTE Only after the parameters of the session are set and the session is set up you can view the information on the session Procedure l Run the display bfd configuration all static name cfg name discriminator local d...

Page 157: ...0 RCV 0 IF 0 TOKEN 0 Session Description Total UP DOWN Session Number 1 0 3 4 Configuring a BFD Session with Automatically Negotiated Discriminators A static BFD session with automatically negotiated discriminators is configured to check the interworking between a device and another device on which a BFD session has been dynamically established The static BFD session with automatically negotiated ...

Page 158: ...er enabling BFD globally Context Perform the following procedure on the router that uses a static BFD session with automatically negotiated discriminators to detect link faults Procedure Step 1 Run system view The system view is displayed Step 2 Run bfd BFD is enabled globally and the BFD view is displayed End 3 4 3 Configuring a BFD Session with Automatically Negotiated Discriminators A static BF...

Page 159: ...tic dynamic discriminator discr value peer ip peer ip vpn instance vpn instance name verbose command to check information about a BFD session End Example After the configuration is complete run the display bfd session all verbose command You can see that a BFD session of the Static_Auto type has been established The local and remote discriminators of this BFD session are 8193 and 8192 respectively...

Page 160: ...ay for a BFD session status change to Up familiarize yourself with the applicable environment complete the pre configuration tasks and obtain the data required for the configuration Applicable Environment If BFD is Up on a network the interface bound to BFD goes Up and traffic can be switched back to the interface If the interface goes Up before the status of the routing protocol changes no route ...

Page 161: ...al BFD End Example After the configuration restart the router After the restart run the display bfd statistics command The System Session Delay Up Timer field in the command output This field displays the status of the current system delay Up time OFF indicates that the system is in the normal state Xs indicates that after X seconds the system recovers and the BFD session goes Up Huawei display bf...

Page 162: ... function you can fast detect and monitor a direct link between a BFD capable device and a BFD incapable device 3 6 1 Establishing the Configuration Task Before configuring the BFD session with the one arm Echo function familiarize yourself with the applicable environment complete the pre configuration tasks and obtain the required data This can help you complete the configuration task quickly and...

Page 163: ...y after BFD has been enabled globally Context Do as follows on the BFD supported device at one end of a link Procedure Step 1 Run system view The system view is displayed Step 2 Run bfd BFD is globally enabled and the BFD view is displayed End 3 6 3 Establishing a BFD Session By establishing a BFD session on a BFD capable device you can rapidly detect a direct link between the BFD capable device a...

Page 164: ...session with this function must be configured with a local discriminator rather than a remote discriminator Step 4 Optional Run min echo rx interval interval The minimum interval between receipt of BFD packets is set By default the minimum interval between receipt of BFD packets is 10 milliseconds Step 5 Run commit The configuration is committed NOTE After configuring the local discriminator param...

Page 165: ...o Local Discriminator 110 Remote Discriminator Session Detect Mode Asynchronous One arm echo Mode BFD Bind Type Interface GigabitEthernet1 0 0 Bind Session Type Static Bind Peer IP Address 195 168 1 2 NextHop Ip Address 195 168 1 2 Bind Interface GigabitEthernet1 0 0 FSM Board Id 0 TOS EXP 7 Echo Rx Interval ms 1000 Actual Tx Interval ms 1000 Actual Rx Interval ms 1000 Local Detect Multi 3 Detect ...

Page 166: ... BFD session If none of the preceding parameters is set the default configurations are used Pre configuration Tasks Before adjusting BFD parameters you need to set up a BFD session Data Preparation To adjust BFD parameters you need the following data No Data 1 BFD configuration name 2 Local intervals at which BFD packets are sent and received 3 Local BFD detection multiplier 3 7 2 Modifying the De...

Page 167: ...BFD control packets are sent and received to a random value larger than 1000 milliseconds After the BFD session goes Up the configured intervals recover NOTE To meet the requirement for fast detection BFD draft defines that the sending interval and the receiving interval are at microsecond level On most devices BFD detection is performed only at millisecond level and the processing inside the devi...

Page 168: ... The modification takes effect immediately without the commit command configured End 3 7 4 Adding the Description of a BFD Session Descriptions of BFD sessions help you distinguish between different BFD sessions Context NOTE The description command takes effect only on statically configured BFD sessions not on BFD sessions that are dynamically configured or BFD sessions that are created by using a...

Page 169: ...urations l Run the display bfd session all discriminator discr value dynamic peer ip peer ip vpn instance vpn instance name static verbose to check information about a BFD session End Example After the configuration is complete run the display bfd session all verbose command to see that Min Tx Interval is 1000 milliseconds Min Rx Interval is 1000 milliseconds WTR Interval is 60000 milliseconds and...

Page 170: ...onment The BFD control packet is encapsulated in the UDP packet for transmission using the source port in the range of 49152 to 65535 and destination port 3784 or 4784 According to the RFC5883 the destination port 4784 is used for the multi hop BFD control packet On the AR2200 S of the earlier version however destination port 3784 is used for the multi hop BFD control packet The destination port n...

Page 171: ...ully negotiate with the router on which destination port 4784 is used by the multi hop BFD control packets At the same time on the router that is configured with destination port 3784 destination port 3784 is automatically updated to destination port 4784 To change the destination port number from 4784 to 3784 run the shutdown command to terminate the BFD session on destination port 4784 then run ...

Page 172: ...Session Type Static Bind Peer IP Address 192 168 3 2 Bind Interface Track Interface FSM Board Id 0 TOS EXP 7 Min Tx Interval ms 1000 Min Rx Interval ms 1000 Actual Tx Interval ms 1000 Actual Rx Interval ms 1000 Local Detect Multi 3 Detect Interval ms 3000 Echo Passive Disable Acl Number Destination Port 3784 TTL 254 Proc Interface Status Disable WTR Interval ms Active Multi 3 Last Local Diagnostic...

Page 173: ...tus on the local interface is Down check whether the BFD configuration on the remote end is correct and the BFD session is shut down l If the BFD session must be synchronized to an interface immediately ensure that the BFD configurations on the two routers are the same and run the shutdown and undo shutdown commands on the BFD session When the undo shutdown command is executed for a BFD session a ...

Page 174: ...t address the local discriminator and the remote discriminator must be different Step 6 Run process interface status The BFD status is associated with and the status of the bound interface By default the BFD session status is not associated with the interface status That is the change of the BFD session status does not affect the interface status Step 7 Run commit The configuration is committed NO...

Page 175: ...sion Description Total UP DOWN Session Number 1 0 3 10 Configuring Association Between BFD Status and Sub interface Status Association between BFD status and sub interface status implements fast route convergence This function is applied to only to the single hop BFD session bound to default multicast IP address Applicable Environment If your network requires high reliability and a lot of services...

Page 176: ...cr value command to configure the remote discriminator NOTE l The local discriminator of the local system and the remote discriminator of the remote system are the same the remote discriminator of the local system and the local discriminator of the remote system are the same Otherwise BFD sessions cannot be established After the local discriminator and the remote discriminator are configured you c...

Page 177: ...atus the BFD configurations on two routers must be correct and matched If the BFD status on the local interface is Down check whether the BFD configuration on the remote end is correct and the BFD session is shut down End Example Run the display bfd session all verbose command The value of the Proc interface status field is Enable Sub If indicating that the BFD sessionaa has been associated with t...

Page 178: ...ork with Huawei devices running different AR2200 S versions and non Huawei devices Pre configuration Tasks Before configuring the TTL globally complete the following tasks l Connecting interfaces correctly l Configuring the IP address of each Layer 3 interface correctly Data Preparation To configure the TTL globally you need the following data No Data 1 Name and number of each interface 3 11 2 Con...

Page 179: ...l TTL in BFD control packets you can check whether the configurations are successful Prerequisite The configurations of the global TTL are completed Procedure l Run the display bfd session all discriminator discr value dynamic peer ip peer ip vpn instance vpn instance name static verbose command to view information about the BFD session l Run the display bfd ttl command to view information about t...

Page 180: ...any view to check information about an interface enabled with BFD l Run the display bfd session all static dynamic discriminator discr value peer ip peer ip vpn instance vpn instance name verbose command in any view to check information about a BFD session l Run the display bfd statistics command in any view to check statistics about global BFD l Run the display bfd statistics session all static d...

Page 181: ...n Router B and Router A Data Preparation To complete the configuration you need the following data l Peer IP address for a BFD session l Local interface sending and receiving BFD control packets l Local and remote discriminators of a BFD session NOTE Default values of the minimum sending interval minimum receiving interval and local detection multiplier for BFD control packets are used Procedure S...

Page 182: ...on Router A and Router B You can view that a single hop BFD session has been set up and its status is Up Use the display on Router A as an example RouterA display bfd session all verbose Session MIndex 64 One Hop State Up Name atob Local Discriminator 1 Remote Discriminator 2 Session Detect Mode Asynchronous Mode Without Echo Function BFD Bind Type Interface GigabitEthernet1 0 0 Bind Session Type ...

Page 183: ...e a single hop BFD session is configured on VLANIF interfaces to rapidly check direct links between the VLANIF interfaces Networking Requirements On the network shown in Figure 3 4 an Ethernet link exists between Router A and Router B Eth2 0 1 on Router A and Eth2 0 1 on Router B belong to the same VLAN A single hop BFD session needs to be set up to check the VLANIF interfaces Figure 3 4 Networkin...

Page 184: ... view RouterB interface ethernet 2 0 1 RouterB Ethernet2 0 1 port link type access RouterB Ethernet2 0 1 quit RouterB vlan 10 RouterB vlan10 port ethernet 2 0 1 RouterB vlan10 quit RouterB interface vlanif 10 RouterB Vlanif10 ip address 110 1 1 2 24 RouterB Vlanif10 quit After the configuration run the display interface vlanif command on Router A or Router B You can view that the interface is Up U...

Page 185: ... discriminator local 20 RouterB bfd session btoa discriminator remote 10 RouterB bfd session btoa commit RouterB bfd session btoa quit Step 3 Verify the configuration After the configurations run the display bfd session all verbose command on Router A and Router B You can view that a single hop BFD session has been set up and its status is Up Use the display on Router A as an example RouterA displ...

Page 186: ...Id 0 TOS EXP 7 Min Tx Interval ms 1000 Min Rx Interval ms 1000 Actual Tx Interval ms 12000 Actual Rx Interval ms 12000 Local Detect Multi 3 Detect Interval ms Echo Passive Disable Acl Number Destination Port 3784 TTL 255 Proc Interface Status Disable WTR Interval ms Active Multi 3 Last Local Diagnostic Neighbor Signaled Session Down Receive AdminDown Bind Application No Application Bind Session TX...

Page 187: ...i hop path to fast detect faults in the multi hop path Networking Requirements On the network shown in Figure 3 5 BFD in asynchronous mode is used to detect faults in multi hop routes between Router A and Router C Figure 3 5 Networking diagram of multi hop BFD RouterA RouterC RouterB GE1 0 0 10 1 1 1 24 GE1 0 0 10 1 1 2 24 GE2 0 0 10 2 1 1 24 GE1 0 0 10 2 1 2 24 Configuration Roadmap The configura...

Page 188: ... RouterA bfd session atoc commit RouterA bfd session atoc quit Configure a BFD session between Router C and Router A The interface is not bound to the BFD session RouterC system view RouterC bfd RouterC bfd quit RouterC bfd ctoa bind peer ip 10 1 1 1 RouterC bfd session ctoa discriminator local 20 RouterC bfd session ctoa discriminator remote 10 RouterC bfd session ctoa commit RouterC bfd session ...

Page 189: ...GigabitEthernet1 0 0 ip address 10 1 1 1 255 255 255 0 bfd atoc bind peer ip 10 2 1 2 discriminator local 10 discriminator remote 20 commit ip route static 10 2 1 0 255 255 255 0 10 1 1 2 return l Configuration file of Router B sysname RouterB interface GigabitEthernet1 0 0 ip address 10 1 1 2 255 255 255 0 interface GigabitEthernet2 0 0 ip address 10 2 1 1 255 255 255 0 return l Configuration fil...

Page 190: ...rmination on Router A and GE 2 0 0 1 is a sub interface for dot1q VLAN tag termination on Router B The networking requirements are as follows l A BFD session is configured on Router A and Router B to detect the link between Router A and Router B l VRRP backup group 1 is configured on Router A and Router B Router A functions as a master device and Router B functions as a backup device l VRRP backup...

Page 191: ... forwarding function on the switch 3 Configure interface modes on Router A and Router B as user termination 4 Configure sub interfaces for dot1q VLAN tag termination on Router A and Router B 5 Configure a BFD session on Router A and Router B to detect the link between Router A and Router B 6 Configure VRRP backup group 1 on GE 2 0 0 1 of Router A and GE 2 0 0 1 of Router B Router A functions as a ...

Page 192: ... 0 0 quit RouterB interface gigabitethernet 2 0 0 1 RouterB GigabitEthernet2 0 0 1 ip address 100 1 1 2 24 RouterB GigabitEthernet2 0 0 1 quit RouterB ospf 1 RouterB ospf 1 area 0 RouterB ospf 1 area 0 0 0 0 network 192 168 1 0 0 0 0 255 RouterB ospf 1 area 0 0 0 0 network 100 1 1 0 0 0 0 255 RouterB ospf 1 area 0 0 0 0 quit RouterB ospf 1 quit Configure Router C Huawei system view Huawei sysname ...

Page 193: ... Huawei sysname Switch Switch vlan 10 Switch vlan10 quit Switch interface GigabitEthernet 1 0 0 Switch GigabitEthernet1 0 0 port link type access Switch GigabitEthernet1 0 0 port default vlan 10 Switch GigabitEthernet1 0 0 quit Switch interface GigabitEthernet 1 0 1 Switch GigabitEthernet1 0 1 port link type trunk Switch GigabitEthernet1 0 1 port trunk allow pass vlan 10 Switch GigabitEthernet1 0 ...

Page 194: ... 3 Detect Interval ms 3000 Echo Passive Disable Acl Number Destination Port 3784 TTL 255 Proc Interface Status Disable Process PST Disable WTR Interval ms Active Multi 3 Last Local Diagnostic Control Detection Time Expired Bind Application No Application Bind Session TX TmrID Session Detect TmrID Session Init TmrID Session WTR TmrID Session Echo Tx TmrID PDT Index FSM B030000 RCV 0 IF B030000 TOKE...

Page 195: ...uterA bfd interface GigabitEthernet 1 0 0 ip address 192 168 2 1 24 interface GigabitEthernet2 0 0 1 control vid 1 dot1q termination dot1q termination vid 10 dot1q vrrp vid 10 ip address 100 1 1 1 24 vrrp vrid 1 virtual 100 1 1 100 vrrp vrid 1 priority 160 vrrp vrid 1 track bfd session 1 arp broadcast enable bfd atob bind peer ip 100 1 1 2 interface gigabitethernet 2 0 0 1 discriminator local 1 di...

Page 196: ... 2 0 0 0 0 255 return l Configuration file of the switch sysname Switch vlan 10 interface GigabitEthernet1 0 0 port link type access port default vlan 10 interface GigabitEthernet1 0 1 port link type access port default allow pass vlan 10 interface GigabitEthernet1 0 2 port link type access port default allow pass vlan 10 return 3 13 5 Example for Configuring a BFD Session with the One Arm Echo Fu...

Page 197: ...l Peer IP address to which a BFD session with the one arm Echo function is bound l Local discriminator of a BFD session with the one arm Echo function l The minimum interval between the receipt of BFD packets Procedure Step 1 Assign IP addresses to the interfaces directly connecting Router A and Router B Assign an IP address to the interface on Router A Huawei system view Huawei sysname RouterA Ro...

Page 198: ...p Address 10 1 1 2 Bind Interface EigabitEthernet1 0 0 FSM Board Id 0 TOS EXP 7 Echo Rx Interval ms 100 Actual Tx Interval ms 1000 Actual Rx Interval ms 1000 Local Detect Multi 3 Detect Interval ms 3000 Echo Passive Disable Acl Number Destination Port 3784 TTL 255 Proc Interface Status Disable Process PST Disable WTR Interval ms Local Demand Mode Disable Active Multi 3 Last Local Diagnostic Contro...

Page 199: ...ace gigabitethernet 1 0 0 undo shutdown ip address 10 1 1 2 255 255 255 0 return Huawei AR2200 S Series Enterprise Routers Configuration Guide Reliability 3 BFD Configuration Issue 01 2012 01 06 Huawei Proprietary and Confidential Copyright Huawei Technologies Co Ltd 191 ...

Reviews:

No comments

Brands by name

Popular brands

Load more brands