Login
- Table of Contents
- Related Documents
-
| Title | Size | Download |
|---|---|---|
| 01-Text | 3.42 MB |
Extension attribute redistribution
Configuring the maximum lifetime for routes and labels in the RIB
Configuring the maximum lifetime for routes in the FIB
Enabling the enhanced ECMP mode
Displaying and maintaining a routing table
Configuring BFD for static routes
Displaying and maintaining static routes
Static route configuration examples
Basic static route configuration example
BFD for static routes configuration example (direct next hop)
BFD for static routes configuration example (indirect next hop)
Static route FRR configuration example
Controlling RIP reception and advertisement on interfaces
Configuring an additional routing metric
Configuring RIPv2 route summarization·
Disabling host route reception
Configuring received/redistributed route filtering
Configuring RIP route redistribution
Tuning and optimizing RIP networks
Configuring split horizon and poison reverse
Setting the maximum number of ECMP routes
Enabling zero field check on incoming RIPv1 messages
Enabling source IP address check on incoming RIP updates
Configuring RIPv2 message authentication
Configuring RIP network management
Configuring the RIP packet sending rate·
Setting the maximum length of RIP packets
Configuring single-hop echo detection (for a directly connected RIP neighbor)
Configuring single-hop echo detection (for a specific destination)
Configuring bidirectional control detection
Configuration restrictions and guidelines
Displaying and maintaining RIP
Configuring RIP route redistribution
Configuring an additional metric for a RIP interface
Configuring RIP to advertise a summary route
Configuring BFD for RIP (single-hop echo detection for a directly connected neighbor)
Configure BFD for RIP (single hop echo detection for a specific destination)
Configuring BFD for RIP (bidirectional detection in BFD control packet mode)
Configuring OSPF network types
Configuring the broadcast network type for an interface
Configuring the NBMA network type for an interface
Configuring the P2MP network type for an interface
Configuring the P2P network type for an interface
Configuring OSPF route control
Configuring OSPF route summarization·
Configuring received OSPF route filtering·
Configuring Type-3 LSA filtering
Configuring an OSPF cost for an interface
Configuring the maximum number of ECMP routes
Configuring OSPF route redistribution·
Tuning and optimizing OSPF networks
Specifying LSA transmission delay
Specifying SPF calculation interval
Specifying the LSA arrival interval
Specifying the LSA generation interval
Disabling interfaces from receiving and sending OSPF packets
Configuring OSPF authentication
Adding the interface MTU into DD packets·
Configuring a DSCP value for OSPF packets
Configuring the maximum number of external LSAs in LSDB
Configuring OSPF exit overflow interval
Enabling compatibility with RFC 1583
Logging neighbor state changes
Configuring OSPF network management
Configuring the LSU transmit rate
Configuring prefix suppression
Configuring prefix prioritization
Configuring the number of OSPF logs·
Configuring the OSPF GR restarter
Configuring bidirectional control detection
Configuring single-hop echo detection
Displaying and maintaining OSPF
Basic OSPF configuration example
OSPF route redistribution configuration example
OSPF summary route advertisement configuration example
OSPF stub area configuration example
OSPF NSSA area configuration example
OSPF DR election configuration example
OSPF virtual link configuration example
BFD for OSPF configuration example
OSPF FRR configuration example
Troubleshooting OSPF configuration
No OSPF neighbor relationship established
Configuring the IS level and circuit level
Configuring P2P network type for an interface
Configuring IS-IS route control
Specifying a preference for IS-IS·
Configuring the maximum number of ECMP routes
Configuring IS-IS route summarization·
Configuring IS-IS route redistribution·
Configuring IS-IS route filtering
Configuring IS-IS route leaking
Tuning and optimizing IS-IS networks
Specifying the interval for sending IS-IS hello packets
Specifying the IS-IS hello multiplier
Specifying the interval for sending IS-IS CSNP packets
Configuring a DIS priority for an interface
Disabling an interface from sending/receiving IS-IS packets
Enabling an interface to send small hello packets
Controlling SPF calculation interval
Configuring convergence priorities for specific routes
Configuring system ID to host name mappings
Enabling the logging of neighbor state changes
Configuring IS-IS network management
Enhancing IS-IS network security
Configuring neighbor relationship authentication
Configuring area authentication
Configuring routing domain authentication
Configuring IS-IS FRR to automatically calculate a backup next hop
Configuring IS-IS FRR using a routing policy
Displaying and maintaining IS-IS
Basic IS-IS configuration example
DIS election configuration example
IS-IS route redistribution configuration example
IS-IS authentication configuration example
IS-IS GR configuration example
BFD for IS-IS configuration example
IS-IS FRR configuration example
BGP route advertisement rules·
Settlements for problems in large-scale BGP networks
Specifying the source address of TCP connections
Controlling route distribution and reception
Configuring BGP route summarization
Advertising optimal routes in the IP routing table
Advertising a default route to a peer or peer group
Limiting routes received from a peer or peer group
Configuring BGP route filtering policies
Configuring BGP update advertisement delay
Configuring BGP route dampening
Controlling BGP path selection
Specifying a preferred value for routes received
Configuring preferences for BGP routes
Configuring the default local preference
Configuring the NEXT_HOP attribute
Configuring the AS_PATH attribute
Tuning and optimizing BGP networks
Configuring the keepalive interval and hold time
Configuring the interval for sending updates for the same route
Enabling BGP to establish an EBGP session over multiple hops
Enabling immediate re-establishment of direct EBGP connections upon link failure
Enabling 4-byte AS number suppression
Enabling MD5 authentication for BGP peers
Configuring BGP load balancing
Disabling BGP to establish a session to a peer or peer group
Protecting an EBGP peer when memory usage reaches level 2 threshold
Configuring a large-scale BGP network
Configuring BGP route reflection
Configuring a BGP confederation
Enabling SNMP notifications for BGP
Enabling logging for session state changes
Enabling logging for BGP route flapping
Displaying and maintaining BGP
Basic BGP configuration example
BGP and IGP route redistribution configuration example
BGP route summarization configuration example
BGP load balancing configuration example
BGP community configuration example
BGP route reflector configuration example
BGP confederation configuration example
BGP path selection configuration example
BFD for BGP configuration example
Setting match criteria for a node·
Configuring actions for a node
Configuring egress interface PBR
Displaying and maintaining PBR
Packet type-based local PBR configuration example
Packet type-based interface PBR configuration example
Egress interface PBR configuration example
Configuring an extended community list
Displaying and maintaining the routing policy
Configuring basic IP routing
The term "interface" in the routing features collectively refers to Layer 3 interfaces, including VLAN interfaces and Layer 3 Ethernet interfaces. You can set an Ethernet port as a Layer 3 interface by using the port link-mode route command (see Layer 2—LAN Switching Configuration Guide).
IP routing directs IP packet forwarding on routers based on a routing table. This chapter focuses on unicast routing protocols. For more information about multicast routing protocols, see IP Multicast Configuration Guide.
Routing table
A RIB contains the global routing information and related information, including route recursion, route redistribution, and route extension information. The router selects optimal routes from the routing table and puts them into the FIB table, and it uses the FIB table to forward packets. For more information about the FIB table, see Layer 3—IP Services Configuration Guide.
Table 1 categorizes routes by different criteria.
|
Criterion |
Categories |
|
Destination |
· Network route—The destination is a network. The subnet mask is less than 32 bits. · Host route—The destination is a host. The subnet mask is 32 bits. |
|
Whether the destination is directly connected |
· Direct route—The destination is directly connected. · Indirect route—The destination is indirectly connected. |
|
Origin |
· Direct route—A direct route is discovered by the data link protocol on an interface, and is also called an "interface route." · Static route—A static route is manually configured by an administrator. · Dynamic route—A dynamic route is dynamically discovered by a routing protocol. |
To view brief information about a routing table, use the display ip routing-table command:
<Sysname> display ip routing-table
Destinations : 19 Routes : 19
Destination/Mask Proto Pre Cost NextHop Interface
0.0.0.0/32 Direct 0 0 127.0.0.1 InLoop0
1.1.1.0/24 Direct 0 0 1.1.1.1 Eth1/1
1.1.1.0/32 Direct 0 0 1.1.1.1 Eth1/1
1.1.1.1/32 Direct 0 0 127.0.0.1 InLoop0
1.1.1.255/32 Direct 0 0 1.1.1.1 Eth1/1
2.2.2.0/24 Static 60 0 12.2.2.2 Eth1/2
80.1.1.0/24 OSPF 10 2 80.1.1.1 Eth1/3
...
A route entry includes the following key items:
· Destination—IP address of the destination host or network.
· Mask—Mask length of the IP address.
· Pre—Preference of the route. Among routes to the same destination, the route with the highest preference is optimal.
· Cost—If multiple routes to a destination have the same preference, the one with the smallest cost is the optimal route.
· NextHop—Next hop.
· Interface—Output interface.
Dynamic routing protocols
Static routes work well in small, stable networks. They are easy to configure and require fewer system resources. However, in networks where topology changes occur frequently, a typical practice is to configure a dynamic routing protocol. Compared with static routing, a dynamic routing protocol is complicated to configure, requires more routers resources, and consumes more network resources.
Dynamic routing protocols dynamically collect and report reachability information to adapt to topology changes. They are suitable for large networks.
Dynamic routing protocols can be classified by different criteria, as shown in Table 2.
Table 2 Categories of dynamic routing protocols
|
Criterion |
Categories |
|
Operation scope |
· IGPs—Work within an AS. Examples include RIP, OSPF, and IS-IS. · EGPs—Work between ASs. The most popular EGP is BGP. |
|
Routing algorithm |
· Distance-vector protocols—Examples include RIP and BGP. BGP is also considered a path-vector protocol. · Link-state protocols—Examples include OSPF and IS-IS. |
|
Destination address type |
· Unicast routing protocols—Examples include RIP, OSPF, BGP, and IS-IS. · Multicast routing protocols—Examples include PIM-SM and PIM-DM. |
An AS refers to a group of routers that use the same routing policy and work under the same administration.
Route preference
Routing protocols, including static and direct routing, each by default have a preference. If they find multiple routes to the same destination, the router selects the route with the highest preference as the optimal route.
The preference of a direct route is always 0 and cannot be changed. You can configure a preference for each static route and each dynamic routing protocol. The following table lists the route types and default preferences. The smaller the value, the higher the preference.
Table 3 Route types and default route preferences
|
Route type |
Preference |
|
Direct route |
0 |
|
Multicast static route |
1 |
|
OSPF |
10 |
|
IS-IS |
15 |
|
Unicast static route |
60 |
|
RIP |
100 |
|
OSPF ASE |
150 |
|
OSPF NSSA |
150 |
|
IBGP |
255 |
|
EBGP |
255 |
|
Unknown (route from an untrusted source) |
256 |
Load sharing
A routing protocol might find multiple optimal equal-cost routes to the same destination. You can use these routes to implement equal-cost multi-path (ECMP) load sharing.
Static routing, RIP, OSPF, BGP, IS-IS, and support ECMP load sharing.
You can configure per-flow load sharing by executing the ip load-sharing mode per-flow command in system view. For more information about per-flow load sharing, see Layer 3—IP Services Configuration Guide.
Route backup
Route backup can improve network availability. Among multiple routes to the same destination, the route with the highest priority is the primary route and others are secondary routes.
The router forwards matching packets through the primary route. When the primary route fails, the route with the highest preference among the secondary routes is selected to forward packets. When the primary route recovers, the router uses it to forward packets.
Route recursion
To use a route that has an indirectly connected next hop, a router must perform route recursion to find the outgoing interface to reach the next hop.
The RIB records and saves route recursion information, including brief information about related routes, recursive paths, and recursion depth.
Route redistribution
Route redistribution enables routing protocols to learn routing information from each other. A dynamic routing protocol can redistribute routes from other routing protocols, including direct and static routing. For more information, see the respective chapters on those routing protocols in this configuration guide.
The RIB records redistribution relationships of routing protocols.
Extension attribute redistribution
Extension attribute redistribution enables routing protocols to learn route extension attributes from each other, including BGP extended community attributes, OSPF area IDs, route types, and router IDs.
The RIB records extended attributes of each routing protocol and redistribution relationships of different routing protocol extended attributes.
Configuring the maximum lifetime for routes and labels in the RIB
Perform this task to prevent routes of a certain protocol from being aged out due to slow protocol convergence resulting from a large number of route entries or long GR period.
The configuration takes effect at the next protocol or RIB process switchover.
To configure the maximum lifetime for routes and labels in the RIB:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter RIB view. |
rib |
N/A |
|
3. Create a RIB IPv4 address family and enter RIB IPv4 address family view. |
address-family ipv4 |
By default, no RIB IPv4 address family is created. |
|
4. Configure the maximum lifetime for routes and labels in the RIB. |
protocol protocol lifetime seconds |
By default, the maximum lifetime for routes and labels in the RIB is 480 seconds. |
Configuring the maximum lifetime for routes in the FIB
When GR or NSR is disabled, FIB entries must be retained for some time after a protocol process switchover or RIB process switchover. When GR or NSR is enabled, FIB entries must be removed immediately after a protocol or RIB process switchover to avoid routing issues. Perform this task to meet such requirements.
To configure the maximum lifetime for routes in the FIB:
|
Step |
Command |
Remarks |
|
5. Enter system view. |
system-view |
N/A |
|
6. Enter RIB view. |
rib |
N/A |
|
7. Create a RIB IPv4 address family and enter its view. |
address-family ipv4 |
By default, no RIB IPv4 address family is created. |
|
8. Configure the maximum lifetime for routes in the FIB. |
fib lifetime seconds |
By default, the maximum lifetime for routes in the FIB is 600 seconds. |
Enabling the enhanced ECMP mode
When one or multiple ECMP routes fail, the default ECMP mode enables the device to reallocate all traffic to the remaining routes.
The enhanced ECMP mode enables the device to reallocate only the traffic of the failed routes to the remaining routes.
This configuration takes effect at reboot. Make sure the reboot does not impact your network.
To enable the enhanced ECMP mode:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enable the enhanced ECMP mode. |
ecmp mode enhanced |
By default, the enhanced ECMP mode is disabled. |
Displaying and maintaining a routing table
Execute display commands in any view and reset commands in user view.
|
Task |
Command |
|
Display the ECMP mode. |
display ecmp mode |
|
Display routing table information (in standalone mode). |
display ip routing-table [ vpn-instance vpn-instance-name ] [ verbose ] [ standby slot slot-number ] |
|
Display routing table information (in IRF mode). |
display ip routing-table [ vpn-instance vpn-instance-name ] [ verbose ] [ standby chassis chassis-number slot slot-number ] |
|
Display information about routes permitted by a basic ACL (in standalone mode). |
display ip routing-table [ vpn-instance vpn-instance-name ] acl acl-number [ verbose ] [ standby slot slot-number ] |
|
Display information about routes permitted by a basic ACL (in IRF mode). |
display ip routing-table [ vpn-instance vpn-instance-name ] acl acl-number [ verbose ] [ standby chassis chassis-number slot slot-number ] |
|
Display information about routes to a specific destination address (in standalone mode). |
display ip routing-table [ vpn-instance vpn-instance-name ] ip-address [ mask | mask-length ] [ longer-match ] [ verbose ] [ standby slot slot-number ] |
|
Display information about routes to a specific destination address (in IRF mode). |
display ip routing-table [ vpn-instance vpn-instance-name ] ip-address [ mask | mask-length ] [ longer-match ] [ verbose ] [ standby chassis chassis-number slot slot-number ] |
|
Display information about routes to a range of destination addresses (in standalone mode). |
display ip routing-table [ vpn-instance vpn-instance-name ] ip-address1 to ip-address2 [ verbose ] [ standby slot slot-number ] |
|
Display information about routes to a range of destination addresses (in IRF mode). |
display ip routing-table [ vpn-instance vpn-instance-name ] ip-address1 to ip-address2 [ verbose ] [ standby chassis chassis-number slot slot-number ] |
|
Display information about routes permitted by an IP prefix list (in standalone mode). |
|
|
Display information about routes permitted by an IP prefix list (in IRF mode). |
display ip routing-table [ vpn-instance vpn-instance-name ] prefix-list prefix-list-name [ verbose ] [ standby chassis chassis-number slot slot-number ] |
|
Display information about routes installed by a protocol (in standalone mode). |
display ip routing-table [ vpn-instance vpn-instance-name ] protocol protocol [ inactive | verbose ] [ standby slot slot-number ] |
|
Display information about routes installed by a protocol (in IRF mode). |
|
|
Display route statistics (in standalone mode). |
display ip routing-table [ vpn-instance vpn-instance-name ] statistics[ standby slot slot-number ] |
|
Display route statistics (in IRF mode). |
|
|
Display route attribute information in the RIB (in standalone mode). |
display rib attribute [ attribute-id ] [ standby slot slot-number ] |
|
Display route attribute information in the RIB (in IRF mode). |
display rib attribute [ attribute-id ] [ standby chassis chassis-number slot slot-number ] |
|
Display RIB GR state information. |
|
|
Display next hop information in the RIB (in standalone mode). |
display rib nib [ self-originated ] [ nib-id ] [ verbose ] [ standby slot slot-number ] display rib nib protocol protocol-name [ verbose ] [ standby slot slot-number ] |
|
Display next hop information in the RIB (in IRF mode). |
|
|
Display next hop information for direct routes. |
|
|
Clear route statistics (in standalone mode). |
|
|
Clear route statistics (in IRF mode). |
Configuring static routing
Static routes are manually configured. If a network's topology is simple, you only need to configure static routes for the network to work correctly.
Static routes cannot adapt to network topology changes. If a fault or a topological change occurs in the network, the network administrator must modify the static routes manually.
Configuring a static route
Before you configure a static route, complete the following tasks:
· Configure the physical parameters for related interfaces.
· Configure the link-layer attributes for related interfaces.
· Configure the IP addresses for related interfaces.
You can associate Track with a static route to monitor the reachability of the next hops. For more information about Track, see High Availability Configuration Guide.
To configure a static route:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Configure a static route. |
·
Method 1: ·
Method 2: |
Use either method. By default, no static route is configured. |
|
3. (Optional.) Configure the default preference for static routes. |
ip route-static default-preference default-preference-value |
The default setting is 60. |
|
4. (Optional.) Delete all static routes, including the default route. |
delete [ vpn-instance vpn-instance-name ] static-routes all |
To delete one static route, use the undo ip route-static command. |
Configuring BFD for static routes
|
|
IMPORTANT: Enabling BFD for a flapping route could worsen the situation. |
BFD provides a general-purpose, standard, medium-, and protocol-independent fast failure detection mechanism. It can uniformly and quickly detect the failures of the bidirectional forwarding paths between two routers for protocols, such as routing protocols.
For more information about BFD, see High Availability Configuration Guide.
Bidirectional control mode
To use BFD bidirectional control detection between two devices, enable BFD control mode for each device's static route destined to the peer.
To configure a static route and enable BFD control mode for it, specify an output interface and a direct next hop, or specify an indirect next hop and a specific BFD packet source address for the static route.
To configure BFD control mode for a static route (direct next hop):
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Configure BFD control mode for a static route. |
·
Method 1: ·
Method 2: |
Use either method. By default, BFD control mode for a static route is not configured. |
To configure BFD control mode for a static route (indirect next hop):
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Configure BFD control mode for a static route. |
·
Method 1: ·
Method 2: |
Use either method. By default, BFD control mode for a static route is not configured. |
Single-hop echo mode
With BFD echo mode enabled for a static route, the output interface sends BFD echo packets to the destination device, which loops the packets back to test the link reachability.
|
|
IMPORTANT: Do not use BFD for a static route with the output interface in spoofing state. |
To configure BFD echo mode for a static route:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Configure the source address of echo packets. |
bfd echo-source-ip ip-address |
By default, the source address of echo packets is not configured. For more information about this command, see High Availability Command Reference. |
|
3. Configure BFD echo mode for a static route. |
·
Method 1: ·
Method 2: |
Use either method. By default, BFD echo mode for a static route is not configured. |
Configuring static route FRR
A link or router failure on a path can cause packet loss and even routing loop. Static route fast reroute (FRR) uses BFD to detect failures and enables fast rerouting to minimize the impact of link or node failures.
As shown in Figure 1, upon a link failure, FRR specifies a backup next hop by using a routing policy for routes matching the specified criteria. Packets are directed to the backup next hop to avoid traffic interruption.
Configuration guidelines
· Do not use static route FRR and BFD (for a static route) at the same time.
· Static route does not take effect when the backup output interface is unavailable.
· Equal-cost routes do not support static route FRR.
· The backup output interface and next hop cannot be modified, and cannot be the same as the primary output interface and next hop.
· Static route FRR is available only when the state of primary link (with Layer 3 interfaces staying up) changes from bidirectional to unidirectional or down.
Configuration procedure
Configuring static route FRR
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Configure the source address of BFD echo packets. |
bfd echo-source-ip ip-address |
By default, the source address of BFD echo packets is not configured. For more information about this command, see High Availability Command Reference. |
|
3. Configure static route FRR. |
·
Method 1: ·
Method 2: |
Use either method. By default, static route FRR is not configured. |
Enabling BFD echo packet mode for static route FRR
By default, static route FRR does not use BFD to detect primary link failures. Perform this task to enable static route FRR to use BFD echo packet mode for fast failure detection on the primary link.
To enable BFD echo packet mode for static route FRR:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
N/A |
|
|
2. Configure the source IP address of BFD echo packets. |
By default, the source IP address of BFD echo packets is not configured. |
|
|
3. Enable BFD echo packet mode for static route FRR. |
By default, BFD echo mode for static route FRR is disabled. |
Displaying and maintaining static routes
Execute display commands in any view.
|
Task |
Command |
|
Display static route information. |
display ip routing-table protocol static [ inactive | verbose ] |
|
Display static route next hop information. |
display route-static nib [ nib-id ] [ verbose ] |
|
Display static routing table information. |
display route-static routing-table [ vpn-instance vpn-instance-name ] [ ip-address { mask-length | mask } ] |
Static route configuration examples
Basic static route configuration example
Network requirements
Configure static routes on the switches in Figure 2 for interconnections between any two hosts.
Configuration procedure
1. Configure IP addresses for interfaces. (Details not shown.)
2. Configure static routes:
# Configure a default route on Switch A.
<SwitchA> system-view
[SwitchA] ip route-static 0.0.0.0 0.0.0.0 1.1.4.2
# Configure two static routes on Switch B.
<SwitchB> system-view
[SwitchB] ip route-static 1.1.2.0 255.255.255.0 1.1.4.1
[SwitchB] ip route-static 1.1.3.0 255.255.255.0 1.1.5.6
# Configure a default route on Switch C.
<SwitchC> system-view
[SwitchC] ip route-static 0.0.0.0 0.0.0.0 1.1.5.5
Verifying the configuration
# Display static routes on Switch A.
[SwitchA] display ip routing-table protocol static
Summary Count : 1
Static Routing table Status : <Active>
Summary Count : 1
Destination/Mask Proto Pre Cost NextHop Interface
0.0.0.0/0 Static 60 0 1.1.4.2 Vlan500
Static Routing table Status : <Inactive>
Summary Count : 0
# Display static routes on Switch B.
[SwitchB] display ip routing-table protocol static
Summary Count : 2
Static Routing table Status : <Active>
Summary Count : 2
Destination/Mask Proto Pre Cost NextHop Interface
1.1.2.0/24 Static 60 0 1.1.4.1 Vlan500
Static Routing table Status : <Inactive>
Summary Count : 0
# Use the ping command on Host B to test the reachability of Host A (Windows XP runs on the two hosts).
C:\Documents and Settings\Administrator>ping 1.1.2.2
Pinging 1.1.2.2 with 32 bytes of data:
Reply from 1.1.2.2: bytes=32 time=1ms TTL=126
Reply from 1.1.2.2: bytes=32 time=1ms TTL=126
Reply from 1.1.2.2: bytes=32 time=1ms TTL=126
Reply from 1.1.2.2: bytes=32 time=1ms TTL=126
Ping statistics for 1.1.2.2:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 1ms, Maximum = 1ms, Average = 1ms
# Use the tracert command on Host B to test the reachability of Host A.
C:\Documents and Settings\Administrator>tracert 1.1.2.2
Tracing route to 1.1.2.2 over a maximum of 30 hops
1 <1 ms <1 ms <1 ms 1.1.6.1
2 <1 ms <1 ms <1 ms 1.1.4.1
3 1 ms <1 ms <1 ms 1.1.2.2
Trace complete.
BFD for static routes configuration example (direct next hop)
Network requirements
In Figure 3, configure a static route to subnet 120.1.1.0/24 on Switch A, and configure a static route to subnet 121.1.1.0/24 on Switch B. Enable BFD for both routes. Configure a static route to subnet 120.1.1.0/24 and a static route to subnet 121.1.1.0/24 on Switch C. When the link between Switch A and Switch B through the Layer 2 switch fails, BFD can detect the failure immediately and inform Switch A and Switch B to communicate through Switch C.
Figure 3 Network diagram
Table 4 Interface and IP address assignment
|
Device |
Interface |
IP address |
|
Switch A |
VLAN-interface 10 |
12.1.1.1/24 |
|
Switch A |
VLAN-interface 11 |
10.1.1.102/24 |
|
Switch B |
VLAN-interface 10 |
12.1.1.2/24 |
|
Switch B |
VLAN-interface 13 |
13.1.1.1/24 |
|
Switch C |
VLAN-interface 11 |
10.1.1.100/24 |
|
Switch C |
VLAN-interface 13 |
13.1.1.2/24 |
Configuration procedure
1. Configure IP addresses for the interfaces. (Details not shown.)
2. Configure static routes and BFD:
# Configure static routes on Switch A and enable BFD control mode for the static route that traverses the Layer 2 switch.
<SwitchA> system-view
[SwitchA] interface vlan-interface 10
[SwitchA-vlan-interface10] bfd min-transmit-interval 500
[SwitchA-vlan-interface10] bfd min-receive-interval 500
[SwitchA-vlan-interface10] bfd detect-multiplier 9
[SwitchA-vlan-interface10] quit
[SwitchA] ip route-static 120.1.1.0 24 vlan-interface 10 12.1.1.2 bfd control-packet
[SwitchA] ip route-static 120.1.1.0 24 vlan-interface 11 10.1.1.100 preference 65
[SwitchA] quit
# Configure static routes on Switch B and enable BFD control mode for the static route that traverses the Layer 2 switch.
<SwitchB> system-view
[SwitchB] interface vlan-interface 10
[SwitchB-vlan-interface10] bfd min-transmit-interval 500
[SwitchB-vlan-interface10] bfd min-receive-interval 500
[SwitchB-vlan-interface10] bfd detect-multiplier 9
[SwitchB-vlan-interface10] quit
[SwitchB] ip route-static 121.1.1.0 24 vlan-interface 10 12.1.1.1 bfd control-packet
[SwitchB] ip route-static 121.1.1.0 24 vlan-interface 13 13.1.1.2 preference 65
[SwitchB] quit
# Configure static routes on Switch C.
<SwitchC> system-view
[SwitchC] ip route-static 120.1.1.0 24 13.1.1.1
[SwitchC] ip route-static 121.1.1.0 24 10.1.1.102
Verifying the configuration
# Display BFD sessions on Switch A.
<SwitchA> display bfd session
Total Session Num: 1 Up Session Num: 1 Init Mode: Active
IPv4 Session Working Under Ctrl Mode:
LD/RD SourceAddr DestAddr State Holdtime Interface
4/7 12.1.1.1 12.1.1.2 Up 2000ms Vlan10
The output shows that the BFD session has been created.
# Display the static routes on Switch A.
<SwitchA> display ip routing-table protocol static
Summary Count : 1
Static Routing table Status : <Active>
Summary Count : 1
Destination/Mask Proto Pre Cost NextHop Interface
120.1.1.0/24 Static 60 0 12.1.1.2 Vlan10
Static Routing table Status : <Inactive>
Summary Count : 0
The output shows that Switch A communicates with Switch B through VLAN-interface 10. Then the link over VLAN-interface 10 fails.
# Display static routes on Switch A.
<SwitchA> display ip routing-table protocol static
Summary Count : 1
Static Routing table Status : <Active>
Summary Count : 1
Destination/Mask Proto Pre Cost NextHop Interface
120.1.1.0/24 Static 65 0 10.1.1.100 Vlan11
Static Routing table Status : <Inactive>
Summary Count : 0
The output shows that Switch A communicates with Switch B through VLAN-interface 11.
BFD for static routes configuration example (indirect next hop)
Network requirements
In Figure 4, Switch A has a route to interface Loopback 1 (2.2.2.9/32) on Switch B, with the output interface VLAN-interface 10. Switch B has a route to interface Loopback 1 (1.1.1.9/32) on Switch A, with the output interface VLAN-interface 12. Switch D has a route to 1.1.1.9/32, with the output interface VLAN-interface 10, and a route to 2.2.2.9/32, with the output interface VLAN-interface 12.
Configure a static route to subnet 120.1.1.0/24 on Switch A, and configure a static route to subnet 121.1.1.0/24 on Switch B. Enable BFD for both routes. Configure a static route to subnet 120.1.1.0/24 and a static route to subnet 121.1.1.0/24 on both Switch C and Switch D. When the link between Switch A and Switch B through Switch D fails, BFD can detect the failure immediately and inform Switch A and Switch B to communicate through Switch C.
Table 5 Interface and IP address assignment
|
Device |
Interface |
IP address |
|
Switch A |
VLAN-interface 10 |
12.1.1.1/24 |
|
Switch A |
VLAN-interface 11 |
10.1.1.102/24 |
|
Switch A |
Loopback 1 |
1.1.1.9/32 |
|
Switch B |
VLAN-interface 12 |
11.1.1.1/24 |
|
Switch B |
VLAN-interface 13 |
13.1.1.1/24 |
|
Switch B |
Loopback 1 |
2.2.2.9/32 |
|
Switch C |
VLAN-interface 11 |
10.1.1.100/24 |
|
Switch C |
VLAN-interface 13 |
13.1.1.2/24 |
|
Switch D |
VLAN-interface 10 |
12.1.1.2/24 |
|
Switch D |
VLAN-interface 12 |
11.1.1.2/24 |
Configuration procedure
1. Configure IP addresses for interfaces. (Details not shown.)
2. Configure static routes and BFD:
# Configure static routes on Switch A and enable BFD control mode for the static route that traverses Switch D.
<SwitchA> system-view
[SwitchA] bfd multi-hop min-transmit-interval 500
[SwitchA] bfd multi-hop min-receive-interval 500
[SwitchA] bfd multi-hop detect-multiplier 9
[SwitchA] ip route-static 120.1.1.0 24 2.2.2.9 bfd control-packet bfd-source 1.1.1.9
[SwitchA] ip route-static 120.1.1.0 24 vlan-interface 11 10.1.1.100 preference 65
[SwitchA] quit
# Configure static routes on Switch B and enable BFD control mode for the static route that traverses Switch D.
<SwitchB> system-view
[SwitchB] bfd multi-hop min-transmit-interval 500
[SwitchB] bfd multi-hop min-receive-interval 500
[SwitchB] bfd multi-hop detect-multiplier 9
[SwitchB] ip route-static 121.1.1.0 24 1.1.1.9 bfd control-packet bfd-source 2.2.2.9
[SwitchB] ip route-static 121.1.1.0 24 vlan-interface 13 13.1.1.2 preference 65
[SwitchB] quit
# Configure static routes on Switch C.
<SwitchC> system-view
[SwitchC] ip route-static 120.1.1.0 24 13.1.1.1
[SwitchC] ip route-static 121.1.1.0 24 10.1.1.102
# Configure static routes on Switch D.
<SwitchD> system-view
[SwitchD] ip route-static 120.1.1.0 24 11.1.1.1
[SwitchD] ip route-static 121.1.1.0 24 12.1.1.1
Verifying the configuration
# Display BFD sessions on Switch A.
<SwitchA> display bfd session
Total Session Num: 1 Up Session Num: 1 Init Mode: Active
IPv4 Session Working Under Ctrl Mode:
LD/RD SourceAddr DestAddr State Holdtime Interface
4/7 1.1.1.9 2.2.2.9 Up 2000ms N/A
The output shows that the BFD session has been created.
# Display the static routes on Switch A.
<SwitchA> display ip routing-table protocol static
Summary Count : 1
Static Routing table Status : <Active>
Summary Count : 1
Destination/Mask Proto Pre Cost NextHop Interface
120.1.1.0/24 Static 60 0 12.1.1.2 Vlan10
Static Routing table Status : <Inactive>
Summary Count : 0
The output shows that Switch A communicates with Switch B through VLAN-interface 10. Then the link over VLAN-interface 10 fails.
# Display static routes on Switch A.
<SwitchA> display ip routing-table protocol static
Summary Count : 1
Static Routing table Status : <Active>
Summary Count : 1
Destination/Mask Proto Pre Cost NextHop Interface
120.1.1.0/24 Static 65 0 10.1.1.100 Vlan11
Static Routing table Status : <Inactive>
Summary Count : 0
The output shows that Switch A communicates with Switch B through VLAN-interface 11.
Static route FRR configuration example
Network requirements
As shown in Figure 5, configure static routes on Switch S, Switch A, and Switch D, and configure static route FRR so when Link A becomes unidirectional, traffic can be switched to Link B immediately.
Configuration procedure
1. Configure IP addresses for interfaces. (Details not shown.)
2. Configure static routes FRR on link A:
# Configure a static route on Switch S, and specify VLAN-interface 100 as the backup output interface and 12.12.12.2 as the backup next hop.
<SwitchS> system-view
[SwitchS] bfd echo-source-ip 2.2.2.2
[SwitchS] ip route-static 4.4.4.4 32 vlan-interface 200 13.13.13.2 backup-interface vlan-interface 100 backup-nexthop 12.12.12.2
# Configure a static route on Switch D, and specify VLAN-interface 101 as the backup output interface and 24.24.24.2 as the backup next hop.
<SwitchD> system-view
[SwitchD] bfd echo-source-ip 3.3.3.3
[SwitchD] ip route-static 1.1.1.1 32 vlan-interface 200 13.13.13.1 backup-interface vlan-interface 101 backup-nexthop 24.24.24.2
3. Configure static routes on Switch A.
<SwitchA> system-view
[SwitchA] ip route-static 4.4.4.4 32 vlan-interface 101 24.24.24.4
[SwitchA] ip route-static 1.1.1.1 32 vlan-interface 100 12.12.12.1
Verifying the configuration
# Display route 4.4.4.4/32 on Switch S to view the backup next hop information.
[SwitchS] display ip routing-table 4.4.4.4 verbose
Summary Count : 1
Destination: 4.4.4.4/32
Protocol: Static Process ID: 0
SubProtID: 0x0 Age: 04h20m37s
Cost: 0 Preference: 60
Tag: 0 State: Active Adv
OrigTblID: 0x0 OrigVrf: default-vrf
TableID: 0x2 OrigAs: 0
NBRID: 0x26000002 LastAs: 0
AttrID: 0xffffffff Neighbor: 0.0.0.0
Flags: 0x1008c OrigNextHop: 13.13.13.2
Label: NULL RealNextHop: 13.13.13.2
BkLabel: NULL BkNextHop: 12.12.12.2
Tunnel ID: Invalid Interface: Vlan-interface200
BkTunnel ID: Invalid BkInterface: Vlan-interface100
# Display route 1.1.1.1/32 on Switch D to view the backup next hop information.
[SwitchD] display ip routing-table 1.1.1.1 verbose
Summary Count : 1
Destination: 1.1.1.1/32
Protocol: Static Process ID: 0
SubProtID: 0x0 Age: 04h20m37s
Cost: 0 Preference: 60
Tag: 0 State: Active Adv
OrigTblID: 0x0 OrigVrf: default-vrf
TableID: 0x2 OrigAs: 0
NBRID: 0x26000002 LastAs: 0
AttrID: 0xffffffff Neighbor: 0.0.0.0
Flags: 0x1008c OrigNextHop: 13.13.13.1
Label: NULL RealNextHop: 13.13.13.1
BkLabel: NULL BkNextHop: 24.24.24.2
Tunnel ID: Invalid Interface: Vlan-interface200
BkTunnel ID: Invalid BkInterface: Vlan-interface101
Configuring a default route
A default route is used to forward packets that do not match any specific route entry in the routing table. Without a default route, packets that do not match any route entries are discarded.
A default route can be configured in either of the following ways:
· The network administrator can configure a default route with both destination and mask being 0.0.0.0. For more information, see "Configuring a static route."
· Some dynamic routing protocols, such as OSPF, RIP, and IS-IS, can generate a default route. For example, an upstream router running OSPF can generate a default route and advertise it to other routers, which install the default route with the next hop being the upstream router. For more information, see the respective chapters on these routing protocols in this configuration guide.
Configuring RIP
Routing Information Protocol (RIP) is a distance-vector IGP suited to small-sized networks. It employs UDP to exchange route information through port 520.
Overview
RIP uses a hop count to measure the distance to a destination. The hop count from a router to a directly connected network is 0. The hop count from a router to a directly connected router is 1. To limit convergence time, RIP restricts the value range of the metric from 0 to 15. A destination with a metric value of 16 (or greater) is considered unreachable. For this reason, RIP is not suitable for large-sized networks.
RIP route entries
RIP stores route entries in a database. Each route entry contains the following elements:
· Destination address—IP address of a destination host or a network.
· Next hop—IP address of the next hop.
· Egress interface—Egress interface of the route.
· Metric—Cost from the local router to the destination.
· Route time—Time elapsed since the last update. The time is reset to 0 when the route entry is updated.
· Route tag—Used for route control. For more information, see "Configuring routing policies."
Routing loop prevention
RIP uses the following mechanisms to prevent routing loops:
· Counting to infinity—A destination with a metric value of 16 is considered unreachable. When a routing loop occurs, the metric value of a route will increment to 16 to avoid endless looping.
· Triggered updates—RIP immediately advertises triggered updates for topology changes to reduce the possibility of routing loops and to speed up convergence.
· Split horizon—Disables RIP from sending routing information on the interface from which the information was learned to prevent routing loops and save bandwidth.
· Poison reverse—Enables RIP to set the metric of routes received from a neighbor to 16 and sends these routes back to the neighbor so the neighbor can delete such information from its routing table to prevent routing loops.
RIP operation
RIP works as follows:
1. RIP sends request messages to neighboring routers. Neighboring routers return response messages that contain their routing tables.
2. RIP uses the received responses to update the local routing table and sends triggered update messages to its neighbors. All RIP routers on the network do this to learn latest routing information.
3. RIP periodically sends the local routing table to its neighbors. After a RIP neighbor receives the message, it updates its routing table, selects optimal routes, and sends an update to other neighbors. RIP ages routes to keep only valid routes.
RIP versions
There are two RIP versions, RIPv1 and RIPv2.
RIPv1 is a classful routing protocol. It advertises messages through broadcast only. RIPv1 messages do not carry mask information, so RIPv1 can only recognize natural networks such as Class A, B, and C. For this reason, RIPv1 does not support discontiguous subnets.
RIPv2 is a classless routing protocol. It has the following advantages over RIPv1:
· Supports route tags to implement flexible route control through routing policies.
· Supports masks, route summarization, and CIDR.
· Supports designated next hops to select the best ones on broadcast networks.
· Supports multicasting route updates so only RIPv2 routers can receive these updates to reduce resource consumption.
· Supports plain text authentication and MD5 authentication to enhance security.
RIPv2 supports two transmission modes: broadcast and multicast. Multicast is the default mode using 224.0.0.9 as the multicast address. An interface operating in RIPv2 broadcast mode can also receive RIPv1 messages.
Protocols and standards
· RFC 1058, Routing Information Protocol
· RFC 1723, RIP Version 2 - Carrying Additional Information
· RFC 1721, RIP Version 2 Protocol Analysis
· RFC 1722, RIP Version 2 Protocol Applicability Statement
· RFC 1724, RIP Version 2 MIB Extension
· RFC 2082, RIPv2 MD5 Authentication
· RFC 2091, Triggered Extensions to RIP to Support Demand Circuits
RIP configuration task list
Configuring basic RIP
Before you configure basic RIP settings, complete the following tasks:
· Configure the link layer protocol.
· Configure IP addresses for interfaces to ensure IP connectivity between neighboring routers.
Enabling RIP
To enable multiple RIP processes on a router, you must specify an ID for each process. A RIP process ID has only local significance. Two RIP routers having different process IDs can also exchange RIP packets.
If you configure RIP settings in interface view before enabling RIP, the settings do not take effect until RIP is enabled. If a physical interface is attached to multiple networks, you cannot advertise these networks in different RIP processes. You cannot enable multiple RIP processes on a physical interface.
Enabling RIP on a network
You can enable RIP on a network and specify a wildcard mask for the network. After that, only the interface attached to the network runs RIP.
To enable RIP on a network:
|
Command |
Remarks |
|
|
1. Enter system view. |
system-view |
N/A |
|
2. Enable RIP and enter RIP view. |
rip [ process-id ] [ vpn-instance vpn-instance-name ] |
By default, RIP is disabled. |
|
3. Enable RIP on a network. |
network network-address [ wildcard-mask ] |
By default, RIP is disabled on a network. The network 0.0.0.0 command can enable RIP on all interfaces in a single process, but does not apply to multiple RIP processes. |
Enabling RIP on an interface
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enable RIP and enter RIP view. |
rip [ process-id ] [ vpn-instance vpn-instance-name ] |
By default, RIP is disabled. |
|
3. Return to system view. |
quit |
N/A |
|
4. Enter interface view. |
interface interface-type interface-number |
N/A |
|
5. Enable RIP on the interface. |
rip process-id enable [ exclude-subip ] |
By default, RIP is disabled on an interface. |
Controlling RIP reception and advertisement on interfaces
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter RIP view. |
rip [ process-id ] [ vpn-instance vpn-instance-name ] |
N/A |
|
3. Disable an interface from sending RIP messages. |
silent-interface { interface-type interface-number | all } |
By default, all RIP-enabled interfaces can send RIP messages. The disabled interface can still receive RIP messages and respond to unicast requests containing unknown ports. |
|
4. Return to system view. |
quit |
N/A |
|
5. Enter interface view. |
interface interface-type interface-number |
N/A |
|
6. Enable an interface to receive RIP messages. |
rip input |
By default, a RIP-enabled interface can receive RIP messages. |
|
7. Enable an interface to send RIP messages. |
rip output |
By default, a RIP-enabled interface can send RIP messages. |
Configuring a RIP version
You can configure a global RIP version in RIP view or an interface-specific RIP version in interface view.
An interface preferentially uses the interface-specific RIP version. If no interface-specific version is specified, the interface uses the global RIP version. If neither global nor interface-specific RIP version is configured, the interface sends RIPv1 broadcasts, and can receive RIPv1 broadcasts and unicasts, and RIPv2 broadcasts, multicasts, and unicasts.
To configure a RIP version:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter RIP view. |
rip [ process-id ] [ vpn-instance vpn-instance-name ] |
N/A |
|
3. Specify a global RIP version. |
version { 1 | 2 } |
By default, no global version is specified, and an interface sends RIPv1 broadcasts, and can receive RIPv1 broadcasts and unicasts, and RIPv2 broadcasts, multicasts, and unicasts. |
|
4. Return to system view. |
quit |
N/A |
|
5. Enter interface view. |
interface interface-type interface-number |
N/A |
|
6. Specify a RIP version for the interface. |
rip version { 1 | 2 [ broadcast | multicast ] } |
By default, no interface-specific RIP version is specified, and the interface sends RIPv1 broadcasts, and can receive RIPv1 broadcasts and unicasts, and RIPv2 broadcasts, multicasts, and unicasts. |
Configuring RIP route control
Before you configure RIP route control, complete the following tasks:
· Configure IP addresses for interfaces to ensure IP connectivity between neighboring routers.
· Configure basic RIP.
Configuring an additional routing metric
An additional routing metric (hop count) can be added to the metric of an inbound or outbound RIP route.
An outbound additional metric is added to the metric of a sent route, and it does not change the route's metric in the routing table.
An inbound additional metric is added to the metric of a received route before the route is added into the routing table, and the route's metric is changed. If the sum of the additional metric and the original metric is greater than 16, the metric of the route is 16.
To configure additional routing metrics:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter interface view. |
interface interface-type interface-number |
N/A |
|
3. Specify an inbound additional routing metric. |
rip metricin [ route-policy route-policy-name ] value |
The default setting is 0. |
|
4. Specify an outbound additional routing metric. |
rip metricout [ route-policy route-policy-name ] value |
The default setting is 1. |
Configuring RIPv2 route summarization
Perform this task to summarize contiguous subnets into a summary network and sends the network to neighbors. The smallest metric among all summarized routes is used as the metric of the summary route.
Enabling RIPv2 automatic route summarization
Automatic summarization enables RIPv2 to generate a natural network for contiguous subnets. For example, suppose there are three subnet routes 10.1.1.0/24, 10.1.2.0/24, and 10.1.3.0/24. Automatic summarization automatically creates and advertises a summary route 10.0.0.0/8 instead of the more specific routes.
To enable RIPv2 automatic route summarization:
|
Command |
Remarks |
|
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter RIP view. |
rip [ process-id ] [ vpn-instance vpn-instance-name ] |
N/A |
|
3. (Optional.) Enable RIPv2 automatic route summarization. |
summary |
By default, RIPv2 automatic route summarization is enabled. If subnets in the routing table are not contiguous, disable automatic route summarization to advertise more specific routes. |
Advertising a summary route
Perform this task to manually configure a summary route.
For example, suppose contiguous subnets routes 10.1.1.0/24, 10.1.2.0/24, and 10.1.3.0/24 exist in the routing table. You can create a summary route 10.1.0.0/16 on Ethernet 1/1 to advertise the summary route instead of the more specific routes.
To configure a summary route:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter RIP view. |
rip [ process-id ] [ vpn-instance vpn-instance-name ] |
N/A |
|
3. Disable RIPv2 automatic route summarization. |
undo summary |
By default, RIPv2 automatic route summarization is enabled. |
|
4. Return to system view. |
Quit |
N/A |
|
5. Enter interface view. |
interface interface-type interface-number |
N/A |
|
6. Configure a summary route. |
rip summary-address ip-address { mask-length | mask } |
By default, no summary route is configured. |
Disabling host route reception
Perform this task to disable RIPv2 from receiving host routes from the same network to save network resources. This feature does not apply to RIPv1.
To disable RIP from receiving host routes:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter RIP view. |
rip [ process-id ] [ vpn-instance vpn-instance-name ] |
N/A |
|
3. Disable RIP from receiving host routes. |
undo host-route |
By default, RIP receives host routes. |
Advertising a default route
You can advertise a default route on all RIP interfaces in RIP view or on a specific RIP interface in interface view. The interface view setting takes precedence over the RIP view settings.
To disable an interface from advertising a default route, use the rip default-route no-originate command on the interface.
To configure RIP to advertise a default route:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter RIP view. |
rip [ process-id ] [ vpn-instance vpn-instance-name ] |
N/A |
|
3. Enable RIP to advertise a default route. |
default-route { only | originate } [ cost cost ] |
By default, RIP does not advertise a default route. |
|
4. Return to system view. |
quit |
N/A |
|
5. Enter interface view. |
interface interface-type interface-number |
N/A |
|
6. Configure the RIP interface to advertise a default route. |
rip default-route { { only | originate } [ cost cost ] | no-originate } |
By default, a RIP interface can advertise a default route if the RIP process is enabled to advertise a default route. |
|
|
NOTE: The router enabled to advertise a default route does not accept default routes from RIP neighbors. |
Configuring received/redistributed route filtering
Perform this task to filter received and redistributed routes by using an IP prefix list. You can also configure RIP to receive routes only from a specified neighbor.
To configure route filtering:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter RIP view. |
rip [ process-id ] [ vpn-instance vpn-instance-name ] |
N/A |
|
3. Configure the filtering of received routes. |
filter-policy { acl-number | gateway prefix-list-name | prefix-list prefix-list-name [ gateway prefix-list-name ] } import [ interface-type interface-number ] |
By default, the filtering of received routes is not configured. This command filters received routes. Filtered routes are not installed into the routing table or advertised to neighbors. |
|
4. Configure the filtering of redistributed routes. |
filter-policy { acl-number | prefix-list prefix-list-name } export [ protocol [ process-id ] | interface-type interface-number ] |
By default, the filtering of redistributed routes is not configured. This command filters redistributed routes, including routes redistributed with the import-route command. |
Setting a preference for RIP
If multiple IGPs find routes to the same destination, the route found by the IGP that has the highest priority is selected as the optimal route. Perform this task to assign a preference to RIP. The smaller the preference value, the higher the priority.
To set a preference for RIP:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter RIP view. |
rip [ process-id ] [ vpn-instance vpn-instance-name ] |
N/A |
|
3. Set a preference for RIP. |
preference [ route-policy route-policy-name ] value |
The default setting is 100. |
Configuring RIP route redistribution
Perform this task to configure RIP to redistribute routes from other routing protocols, including OSPF, IS-IS, BGP, static, and direct.
To configure RIP route redistribution:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter RIP view. |
rip [ process-id ] [ vpn-instance vpn-instance-name ] |
N/A |
|
3. Redistribute routes from another routing protocol. |
import-route protocol [ process-id | all-processes | allow-ibgp ] [ cost cost | route-policy route-policy-name | tag tag ] * |
By default, RIP route redistribution is disabled. This command can redistribute only active routes. To view active routes, use the display ip routing-table protocol command. |
|
4. (Optional.) Set a default cost for redistributed routes. |
default cost value |
The default setting is 0. |
Tuning and optimizing RIP networks
Configuration prerequisites
Before you tune and optimize RIP networks, complete the following tasks:
· Configure IP addresses for interfaces to ensure IP connectivity between neighboring nodes.
· Configure basic RIP.
Configuring RIP timers
You can change the RIP network convergence speed by adjusting the following RIP timers:
· Update timer—Specifies the interval between route updates.
· Timeout timer—Specifies the route aging time. If no update for a route is received within the aging time, the metric of the route is set to 16.
· Suppress timer—Specifies how long a RIP route stays in suppressed state. When the metric of a route is 16, the route enters the suppressed state. A suppressed route can be replaced by an updated route that is received from the same neighbor before the suppress timer expires and has a metric less than 16.
· Garbage-collect timer—Specifies the interval from when the metric of a route becomes 16 to when it is deleted from the routing table. RIP advertises the route with a metric of 16. If no update is announced for that route before the garbage-collect timer expires, the route is deleted from the routing table.
|
|
IMPORTANT: To avoid unnecessary traffic or route flapping, configure identical RIP timer settings on RIP routers. |
To configure RIP timers:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter RIP view. |
rip [ process-id ] [ vpn-instance vpn-instance-name ] |
N/A |
|
3. Configure RIP timers. |
timers { garbage-collect garbage-collect-value | suppress suppress-value | timeout timeout-value | update update-value } * |
By default: · The garbage-collect timer is 120 seconds. · The suppress timer is 120 seconds. · The timeout timer is 180 seconds. · The update timer is 30 seconds. |
Configuring split horizon and poison reverse
The split horizon and poison reverse functions can prevent routing loops.
If both split horizon and poison reverse are configured, only the poison reverse function takes effect.
Enabling split horizon
Split horizon disables RIP from sending routes through the interface where the routes were learned to prevent routing loops between adjacent routers.
To enable split horizon:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter interface view. |
interface interface-type interface-number |
N/A |
|
3. Enable split horizon. |
rip split-horizon |
By default, split horizon is enabled. |
Enabling poison reverse
Poison reverse allows RIP to send routes through the interface where the routes were learned, but the metric of these routes is always set to 16 (unreachable) to avoid routing loops between neighbors.
To enable poison reverse:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter interface view. |
interface interface-type interface-number |
N/A |
|
3. Enable poison reverse. |
rip poison-reverse |
By default, poison reverse is disabled. |
Setting the maximum number of ECMP routes
Perform this task to implement load sharing over ECMP routes.
To set the maximum number of ECMP routes:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter RIP view. |
rip [ process-id ] [ vpn-instance vpn-instance-name ] |
N/A |
|
3. Set the maximum number of ECMP routes. |
maximum load-balancing number |
By default, the maximum number of ECMP routes is 128. |
Enabling zero field check on incoming RIPv1 messages
Some fields in the RIPv1 message must be set to zero. These fields are called "zero fields." You can enable zero field check on incoming RIPv1 messages. If a zero field of a message contains a non-zero value, RIP does not process the message. If you are certain that all messages are trustworthy, disable zero field check to save CPU resources.
This feature does not apply to RIPv2 packets, because they have no zero fields.
To enable zero field check on incoming RIPv1 messages:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter RIP view. |
rip [ process-id ] [ vpn-instance vpn-instance-name ] |
N/A |
|
3. Enable zero field check on incoming RIPv1 messages. |
checkzero |
The default setting is enabled. |
Enabling source IP address check on incoming RIP updates
Perform this task to enable source IP address check on incoming RIP updates.
Upon receiving a message on an Ethernet interface, RIP compares the source IP address of the message with the IP address of the interface. If they are not in the same network segment, RIP discards the message.
Upon receiving a message on a serial interface, RIP checks whether the source address of the message is the IP address of the peer interface. If not, RIP discards the message.
To enable source IP address check on incoming RIP updates:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter RIP view. |
rip [ process-id ] [ vpn-instance vpn-instance-name ] |
N/A |
|
3. Enable source IP address check on incoming RIP messages. |
validate-source-address |
By default, this function is enabled. |
Configuring RIPv2 message authentication
Perform this task to enable authentication on RIPv2 messages. This feature does not apply to RIPv1 because RIPv1 does not support authentication. Although you can specify an authentication mode for RIPv1 in interface view, the configuration does not take effect.
RIPv2 supports two authentication modes: simple authentication and MD5 authentication.
To configure RIPv2 message authentication:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter interface view. |
interface interface-type interface-number |
N/A |
|
3. Configure RIPv2 authentication. |
rip authentication-mode { md5 { rfc2082 { cipher cipher-string | plain plain-string } key-id | rfc2453 { cipher cipher-string | plain plain-string } } | simple { cipher cipher-string | plain plain-string } } |
By default, RIPv2 authentication is not configured. |
Specifying a RIP neighbor
Typically RIP messages are sent in broadcast or multicast. To enable RIP on a link that does not support broadcast or multicast, you must manually specify RIP neighbors.
Follow these guidelines when you specify a RIP neighbor:
· Do not use the peer ip-address command when the neighbor is directly connected. Otherwise, the neighbor might receive both unicast and multicast (or broadcast) messages of the same routing information.
· If the specified neighbor is not directly connected, disable source address check on incoming updates.
To specify a RIP neighbor:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter RIP view. |
rip [ process-id ] [ vpn-instance vpn-instance-name ] |
N/A |
|
3. Specify a RIP neighbor. |
peer ip-address |
By default, RIP does not unicast updates to any peer. |
|
4. Disable source IP address check on inbound RIP updates |
undo validate-source-address |
By default, source IP address check on inbound RIP updates is enabled. |
Configuring RIP network management
You can use network management software to manage the RIP process to which MIB is bound.
To configure RIP network management:
|
Command |
Remarks |
|
|
1. Enter system view. |
system-view |
N/A |
|
2. Bind MIB to a RIP process. |
rip mib-binding process-id |
By default, MIB is bound to the RIP process with the smallest process ID. |
Configuring the RIP packet sending rate
Perform this task to set the interval for sending RIP packets and the maximum number of RIP packets that can be sent at each interval. This feature can avoid excessive RIP packets from affecting system performance and consuming too much bandwidth.
To configure the RIP packet sending rate:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter RIP view. |
rip [ process-id ] [ vpn-instance vpn-instance-name ] |
N/A |
|
3. Set the interval for sending RIP packets and the maximum number of RIP packets that can be sent at each interval. |
output-delay time count count |
By default, an interface sends up to three RIP packets every 20 milliseconds. |
Setting the maximum length of RIP packets
|
|
NOTE: The supported maximum length of RIP packets varies by vendor. Use this feature with caution to avoid compatibility issues. |
The packet length of RIP packets determines how many routes can be carried in a RIP packet. Set the maximum length of RIP packets to make good use of link bandwidth.
When authentication is enabled, follow these guidelines to ensure packet forwarding:
· For simple authentication, the maximum length of RIP packets must be no less than 52 bytes.
· For MD5 authentication (with packet format defined in RFC 2453), the maximum length of RIP packets must be no less than 56 bytes.
· For MD5 authentication (with packet format defined in RFC 2082), the maximum length of RIP packets must be no less than 72 bytes.
To set the maximum length of RIP packets:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter interface view. |
interface interface-type interface-number |
N/A |
|
3. Set the maximum length of RIP packets. |
rip max-packet-length value |
By default, the maximum length of RIP packets is 512 bytes. |
Configuring RIP GR
GR ensures forwarding continuity when a routing protocol restarts or an active/standby switchover occurs.
Two routers are required to complete a GR process. The following are router roles in a GR process.
· GR restarter—Graceful restarting router. It must have GR capability.
· GR helper—A neighbor of the GR restarter. It helps the GR restarter to complete the GR process.
After RIP restarts on a router, the router must learn RIP routes again and update its FIB table, which causes network disconnections and route reconvergence.
With the GR feature, the restarting router (known as the "GR restarter") can notify the event to its GR capable neighbors. GR capable neighbors (known as "GR helpers") keep their adjacencies with the router within a GR interval. During this process, the FIB table of the router does not change. After the restart, the router contacts its neighbors to retrieve its FIB.
By default, a RIP-enabled device acts as the GR helper. Perform this task on the GR restarter.
To configure GR on the GR restarter:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter RIP view. |
rip [ process-id ] [ vpn-instance vpn-instance-name ] |
N/A |
|
3. Enable GR for RIP. |
graceful-restart |
By default, RIP GR is disabled. |
Configuring BFD for RIP
RIP detects route failures by periodically sending requests. If it receives no response for a route within a certain time, RIP considers the route unreachable. This detection mechanism is not fast enough. To speed up convergence, perform this task to enable BFD for RIP. For more information about BFD, see High Availability Configuration Guide.
RIP supports the following BFD detection modes:
· Single-hop echo detection—Detection mode for a direct neighbor. In this mode, a BFD session is established only when the directly connected neighbor has route information to send.
· Single-hop echo detection for a specific destination—In this mode, a BFD session is established to the specified RIP neighbor when RIP is enabled on the local interface.
· Bidirectional control detection—Detection mode for an indirect neighbor. In this mode, a BFD session is established only when both ends have routes to send and BFD is enabled on the receiving interface.
Configuring single-hop echo detection (for a directly connected RIP neighbor)
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Configure the source IP address of BFD echo packets. |
bfd echo-source-ip ip-address |
By default, the source IP address of BFD echo packets is not configured. |
|
3. Enter interface view. |
interface interface-type interface-number |
N/A |
|
4. Enable BFD for RIP. |
rip bfd enable |
By default, BFD for RIP is disabled. |
Configuring single-hop echo detection (for a specific destination)
When a unidirectional link occurs between the local device and a specific neighbor, BFD can detect the failure and the local device does not receive or send any RIP packets through the interface connected to the neighbor to improve convergence speed. When the link recovers, the interface can send RIP packets again.
This feature applies to RIP neighbors that are directly connected.
To configure BFD for RIP (single hop echo detection for a specific destination):
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Configure the source IP address of BFD echo packets. |
bfd echo-source-ip ip-address |
By default, no source IP address is configured for BFD echo packets. |
|
3. Enter interface view. |
interface interface-type interface-number |
N/A |
|
4. Enable BFD for RIP. |
rip bfd enable destination ip-address |
By default, BFD for RIP is disabled. |
Configuring bidirectional control detection
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter RIP view. |
rip [ process-id ] [ vpn-instance vpn-instance-name ] |
N/A |
|
3. Specify a RIP neighbor. |
peer ip-address |
By default, RIP does not unicast updates to any peer. Because the undo peer command does not remove the neighbor relationship immediately, executing the command cannot bring down the BFD session immediately. |
|
4. Enter interface view. |
interface interface-type interface-number |
N/A |
|
5. Enable BFD on the RIP interface. |
rip bfd enable |
By default, BFD is disabled on a RIP interface. |
Configuring RIP FRR
A link or router failure on a path can cause packet loss and even routing loop until RIP completes routing convergence based on the new network topology. FRR uses BFD to detect failures and enables fast rerouting to minimize the impact of link or node failures.
Figure 6 Network diagram for RIP FRR
In Figure 6, configure FRR on Router B by using a routing policy to specify a backup next hop. When the primary link fails, RIP directs packets to the backup next hop. At the same time, RIP calculates the shortest path based on the new network topology, and forwards packets over that path after network convergence.
Configuration restrictions and guidelines
· RIP FRR takes effect only for RIP routes learned from directly connected neighbors.
· Do not use RIP FRR and BFD for RIP at the same time. Otherwise, FRR might fail to work.
· RIP FRR is available only when the state of primary link (with Layer 3 interfaces staying up) changes from bidirectional to unidirectional or down.
Configuration prerequisites
You must specify a next hop by using the apply fast-reroute backup-interface command in a routing policy and reference the routing policy for FRR. For more information about routing policy configuration, see "Configuring routing policies."
Configuration procedure
Configuring RIP FRR
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Configure the source IP address of BFD echo packets. |
bfd echo-source-ip ip-address |
By default, the source IP address of BFD echo packets is not configured. |
|
3. Enter RIP view. |
rip [ process-id ] [ vpn-instance vpn-instance-name ] |
N/A |
|
4. Configure RIP FRR. |
fast-reroute route-policy route-policy-name |
By default, RIP FRR is disabled. |
Enabling BFD for RIP FRR
By default, RIP FRR does not use BFD to detect primary link failures. To speed up RIP convergence, enable BFD single-hop echo detection for RIP FRR to detect primary link failures.
To configure BFD for RIP FRR:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Configure the source IP address of BFD echo packets. |
bfd echo-source-ip ip-address |
By default, the source IP address of BFD echo packets is not configured. |
|
3. Enter interface view. |
N/A |
|
|
4. Enable BFD for RIP FRR. |
By default, BFD for RIP FRR is disabled. |
Displaying and maintaining RIP
Execute display commands in any view and execute reset commands in user view.
|
Command |
|
|
Display RIP current status and configuration information. |
display rip [ process-id ] |
|
Display active routes in RIP database. |
display rip process-id database [ ip-address { mask-length | mask } ] |
|
Display RIP interface information. |
display rip process-id interface [ interface-type interface-number ] |
|
Display routing information about a specified RIP process. |
display rip process-id route [ ip-address { mask-length | mask } [ verbose ] | peer ip-address | statistics ] |
|
Reset a RIP process. |
reset rip process-id process |
|
Clear the statistics of a RIP process. |
reset rip process-id statistics |
RIP configuration examples
Configuring basic RIP
Network requirements
As shown in Figure 7, enable RIPv2 on all interfaces on Switch A and Switch B. Configure Switch B to not advertise route 10.2.1.0/24 to Switch A, and to accept only route 2.1.1.0/24 from Switch A.
Configuration procedure
1. Configure IP addresses for interfaces. (Details not shown.)
2. Configure basic RIP by using either of the following methods:
(Method 1) # Enable RIP on the specified networks on Switch A.
<SwitchA> system-view
[SwitchA] rip
[SwitchA-rip-1] network 192.168.1.0
[SwitchA-rip-1] network 172.16.0.0
[SwitchA-rip-1] network 172.17.0.0
[SwitchA-rip-1] quit
(Method 2) # Enable RIP on the specified interfaces on Switch B.
<SwitchB> system-view
[SwitchB] rip
[SwitchB-rip-1] quit
[SwitchB] interface vlan-interface 100
[SwitchB-Vlan-interface100] rip 1 enable
[SwitchB-Vlan-interface100] quit
[SwitchB] interface vlan-interface 101
[SwitchB-Vlan-interface101] rip 1 enable
[SwitchB-Vlan-interface101] quit
[SwitchB] interface vlan-interface 102
[SwitchB-Vlan-interface102] rip 1 enable
[SwitchB-Vlan-interface102] quit
# Display the RIP routing table of Switch A.
[SwitchA] display rip 1 route
Route Flags: R - RIP
A - Aging, S - Suppressed, G - Garbage-collect
O - Optimal, F - Flush to RIB
----------------------------------------------------------------------------
Peer 192.168.1.2 on Vlan-interface100
Destination/Mask Nexthop Cost Tag Flags Sec
10.0.0.0/8 192.168.1.2 1 0 RAOF 11
The output shows that RIPv1 uses a natural mask.
3. Configure a RIP version:
# Configure RIPv2 on Switch A.
[SwitchA] rip
[SwitchA-rip-1] version 2
[SwitchA-rip-1] undo summary
[SwitchA-rip-1] quit
# Configure RIPv2 on Switch B.
[SwitchB] rip
[SwitchB-rip-1] version 2
[SwitchB-rip-1] undo summary
[SwitchB-rip-1] quit
# Display the RIP routing table on Switch A.
[SwitchA] display rip 1 route
Route Flags: R - RIP
A - Aging, S - Suppressed, G - Garbage-collect
O - Optimal, F - Flush to RIB
----------------------------------------------------------------------------
Peer 192.168.1.2 on Vlan-interface100
Destination/Mask Nexthop Cost Tag Flags Sec
10.0.0.0/8 192.168.1.2 1 0 RAOF 50
10.2.1.0/24 192.168.1.2 1 0 RAOF 16
10.1.1.0/24 192.168.1.2 1 0 RAOF 16
The output shows that RIPv2 uses classless subnet masks.
|
|
NOTE: After RIPv2 is configured, RIPv1 routes might still exist in the routing table until they are aged out. |
# Display the RIP routing table on Switch B.
Route Flags: R - RIP
A - Aging, S - Suppressed, G - Garbage-collect
O - Optimal, F - Flush to RIB
----------------------------------------------------------------------------
Peer 192.168.1.3 on Vlan-interface100
Destination/Mask Nexthop Cost Tag Flags Sec
172.16.1.0/24 192.168.1.3 1 0 RAOF 19
172.17.1.0/24 192.168.1.3 1 0 RAOF 19
4. Configure route filtering:
# Reference IP prefix lists on Switch B to filter received and redistributed routes.
[SwitchB] ip prefix-list aaa index 10 permit 172.16.1.0 24
[SwitchB] ip prefix-list bbb index 10 permit 10.1.1.0 24
[SwitchB] rip 1
[SwitchB-rip-1] filter-policy prefix-list aaa import
[SwitchB-rip-1] filter-policy prefix-list bbb export
[SwitchB-rip-1] quit
# Display the RIP routing table on Switch A.
[SwitchA] display rip 100 route
Route Flags: R - RIP
A - Aging, S - Suppressed, G - Garbage-collect
O - Optimal, F - Flush to RIB
----------------------------------------------------------------------------
Peer 192.168.1.2 on Vlan-interface100
Destination/Mask Nexthop Cost Tag Flags Sec
10.1.1.0/24 192.168.1.2 1 0 RAOF 19
# Display the RIP routing table on Switch B.
[SwitchB] display rip 1 route
Route Flags: R - RIP
A - Aging, S - Suppressed, G - Garbage-collect
O - Optimal, F - Flush to RIB
----------------------------------------------------------------------------
Peer 192.168.1.3 on Vlan-interface100
Destination/Mask Nexthop Cost Tag Flags Sec
172.16.1.0/24 192.168.1.3 1 0 RAOF 19
Configuring RIP route redistribution
Network requirements
As shown in Figure 8, Switch B communicates with Switch A through RIP 100 and with Switch C through RIP 200.
Configure RIP 200 to redistribute direct routes and routes from RIP 100 on Switch B so Switch C can learn routes destined for 10.2.1.0/24 and 11.1.1.0/24. Switch A cannot learn routes destined for 12.3.1.0/24 and 16.4.1.0/24.
Configuration procedure
1. Configure IP addresses for interfaces. (Details not shown.)
2. Configure basic RIP:
# Enable RIP 100, and configure RIPv2 on Switch A.
<SwitchA> system-view
[SwitchA] rip 100
[SwitchA-rip-100] network 10.0.0.0
[SwitchA-rip-100] network 11.0.0.0
[SwitchA-rip-100] version 2
[SwitchA-rip-100] undo summary
[SwitchA-rip-100] quit
# Enable RIP 100 and RIP 200, and configure RIPv2 on Switch B.
<SwitchB> system-view
[SwitchB] rip 100
[SwitchB-rip-100] network 11.0.0.0
[SwitchB-rip-100] version 2
[SwitchB-rip-100] undo summary
[SwitchB-rip-100] quit
[SwitchB] rip 200
[SwitchB-rip-200] network 12.0.0.0
[SwitchB-rip-200] version 2
[SwitchB-rip-200] undo summary
[SwitchB-rip-200] quit
# Enable RIP 200, and configure RIPv2 on Switch C.
<SwitchC> system-view
[SwitchC] rip 200
[SwitchC-rip-200] network 12.0.0.0
[SwitchC-rip-200] network 16.0.0.0
[SwitchC-rip-200] version 2
[SwitchC-rip-200] undo summary
[SwitchC-rip-200] quit
# Display the IP routing table on Switch C.
[SwitchC] display ip routing-table
Destinations : 13 Routes : 13
Destination/Mask Proto Pre Cost NextHop Interface
0.0.0.0/32 Direct 0 0 127.0.0.1 InLoop0
12.3.1.0/24 Direct 0 0 12.3.1.2 Vlan200
12.3.1.0/32 Direct 0 0 12.3.1.2 Vlan200
12.3.1.2/32 Direct 0 0 127.0.0.1 InLoop0
12.3.1.255/32 Direct 0 0 12.3.1.2 Vlan200
16.4.1.0/24 Direct 0 0 16.4.1.1 Vlan400
16.4.1.0/32 Direct 0 0 16.4.1.1 Vlan400
16.4.1.1/32 Direct 0 0 127.0.0.1 InLoop0
16.4.1.255/32 Direct 0 0 16.4.1.1 Vlan400
127.0.0.0/8 Direct 0 0 127.0.0.1 InLoop0
127.0.0.0/32 Direct 0 0 127.0.0.1 InLoop0
127.0.0.1/32 Direct 0 0 127.0.0.1 InLoop0
127.255.255.255/32 Direct 0 0 127.0.0.1 InLoop0
3. Configure route redistribution:
# Configure RIP 200 to redistribute routes from RIP 100 and direct routes on Switch B.
[SwitchB] rip 200
[SwitchB-rip-200] import-route rip 100
[SwitchB-rip-200] import-route direct
[SwitchB-rip-200] quit
# Display the IP routing table on Switch C.
[SwitchC] display ip routing-table
Destinations : 15 Routes : 15
Destination/Mask Proto Pre Cost NextHop Interface
0.0.0.0/32 Direct 0 0 127.0.0.1 InLoop0
10.2.1.0/24 RIP 100 1 12.3.1.1 Vlan200
11.1.1.0/24 RIP 100 1 12.3.1.1 Vlan200
12.3.1.0/24 Direct 0 0 12.3.1.2 Vlan200
12.3.1.0/32 Direct 0 0 12.3.1.2 Vlan200
12.3.1.2/32 Direct 0 0 127.0.0.1 InLoop0
12.3.1.255/32 Direct 0 0 12.3.1.2 Vlan200
16.4.1.0/24 Direct 0 0 16.4.1.1 Vlan400
16.4.1.0/32 Direct 0 0 16.4.1.1 Vlan400
16.4.1.1/32 Direct 0 0 127.0.0.1 InLoop0
16.4.1.255/32 Direct 0 0 16.4.1.1 Vlan400
127.0.0.0/8 Direct 0 0 127.0.0.1 InLoop0
127.0.0.0/32 Direct 0 0 127.0.0.1 InLoop0
127.0.0.1/32 Direct 0 0 127.0.0.1 InLoop0
127.255.255.255/32 Direct 0 0 127.0.0.1 InLoop0
Configuring an additional metric for a RIP interface
Network requirements
As shown in Figure 9, run RIPv2 on all the interfaces of Switch A, Switch B, Switch C, Switch D, and Switch E.
Switch A has two links to Switch D. The link from Switch B to Switch D is more stable than that from Switch C to Switch D. Configure an additional metric for RIP routes received from VLAN-interface 200 on Switch A so Switch A prefers route 1.1.5.0/24 learned from Switch B.
Configuration procedure
1. Configure IP addresses for interfaces. (Details not shown.)
2. Configure basic RIP:
# Configure Switch A.
<SwitchA> system-view
[SwitchA] rip 1
[SwitchA-rip-1] network 1.0.0.0
[SwitchA-rip-1] version 2
[SwitchA-rip-1] undo summary
[SwitchA-rip-1] quit
# Configure Switch B.
<SwitchB> system-view
[SwitchB] rip 1
[SwitchB-rip-1] network 1.0.0.0
[SwitchB-rip-1] version 2
[SwitchB-rip-1] undo summary
# Configure Switch C.
<SwitchC> system-view
[SwitchB] rip 1
[SwitchC-rip-1] network 1.0.0.0
[SwitchC-rip-1] version 2
[SwitchC-rip-1] undo summary
# Configure Switch D.
<SwitchD> system-view
[SwitchD] rip 1
[SwitchD-rip-1] network 1.0.0.0
[SwitchD-rip-1] version 2
[SwitchD-rip-1] undo summary
# Configure Switch E.
<SwitchE> system-view
[SwitchE] rip 1
[SwitchE-rip-1] network 1.0.0.0
[SwitchE-rip-1] version 2
[SwitchE-rip-1] undo summary
# Display all active routes in the RIP database on Switch A.
[SwitchA] display rip 1 database
1.0.0.0/8, auto-summary
1.1.1.0/24, cost 0, nexthop 1.1.1.1, RIP-interface
1.1.2.0/24, cost 0, nexthop 1.1.2.1, RIP-interface
1.1.3.0/24, cost 1, nexthop 1.1.1.2
1.1.4.0/24, cost 1, nexthop 1.1.2.2
1.1.5.0/24, cost 2, nexthop 1.1.1.2
1.1.5.0/24, cost 2, nexthop 1.1.2.2
The output shows two RIP routes destined for network 1.1.5.0/24, with the next hops as Switch B (1.1.1.2) and Switch C (1.1.2.2), and with the same cost of 2.
3. Configure an additional metric for a RIP interface:
# Configure an additional metric of 3 for RIP-enabled interface VLAN-interface 200 on Switch A.
[SwitchA] interface vlan-interface 200
[SwitchA-Vlan-interface200] rip metricin 3
# Display all active routes in the RIP database on Switch A.
[SwitchA-Vlan-interface200] display rip 1 database
1.0.0.0/8, auto-summary
1.1.1.0/24, cost 0, nexthop 1.1.1.1, RIP-interface
1.1.2.0/24, cost 0, nexthop 1.1.2.1, RIP-interface
1.1.3.0/24, cost 1, nexthop 1.1.1.2
1.1.4.0/24, cost 2, nexthop 1.1.1.2
1.1.5.0/24, cost 2, nexthop 1.1.1.2
The output shows that only one RIP route reaches network 1.1.5.0/24, with the next hop as Switch B (1.1.1.2) and a cost of 2.
Configuring RIP to advertise a summary route
Network requirements
As shown in Figure 10, Switch A and Switch B run OSPF, Switch D runs RIP, and Switch C runs OSPF and RIP. Configure RIP to redistribute OSPF routes on Switch C so Switch D can learn routes destined for networks 10.1.1.0/24, 10.2.1.0/24, 10.5.1.0/24, and 10.6.1.0/24.
To reduce the routing table size of Switch D, configure route summarization on Switch C to advertise only the summary route 10.0.0.0/8 to Switch D.
Configuration procedure
1. Configure IP addresses for interfaces. (Details not shown.)
2. Configure basic OSPF:
# Configure Switch A.
<SwitchA> system-view
[SwitchA] ospf
[SwitchA-ospf-1] area 0
[SwitchA-ospf-1-area-0.0.0.0] network 10.5.1.0 0.0.0.255
[SwitchA-ospf-1-area-0.0.0.0] network 10.2.1.0 0.0.0.255
[SwitchA-ospf-1-area-0.0.0.0] quit
# Configure Switch B.
<SwitchB> system-view
[SwitchB] ospf
[SwitchB-ospf-1] area 0
[SwitchB-ospf-1-area-0.0.0.0] network 10.1.1.0 0.0.0.255
[SwitchB-ospf-1-area-0.0.0.0] network 10.6.1.0 0.0.0.255
[SwitchB-ospf-1-area-0.0.0.0] quit
# Configure Switch C.
<SwitchC> system-view
[SwitchC] ospf
[SwitchC-ospf-1] area 0
[SwitchC-ospf-1-area-0.0.0.0] network 10.1.1.0 0.0.0.255
[SwitchC-ospf-1-area-0.0.0.0] network 10.2.1.0 0.0.0.255
[SwitchC-ospf-1-area-0.0.0.0] quit
[SwitchC-ospf-1] quit
3. Configure basic RIP:
# Configure Switch C.
[SwitchC] rip 1
[SwitchC-rip-1] network 11.3.1.0
[SwitchC-rip-1] version 2
[SwitchC-rip-1] undo summary
# Configure Switch D.
<SwitchD> system-view
[SwitchD] rip 1
[SwitchD-rip-1] network 11.0.0.0
[SwitchD-rip-1] version 2
[SwitchD-rip-1] undo summary
[SwitchD-rip-1] quit
# Configure RIP to redistribute routes from OSPF process 1 and direct routes on Switch C.
[SwitchC-rip-1] import-route direct
[SwitchC-rip-1] import-route ospf 1
[SwitchC-rip-1] quit
# Display the IP routing table on Switch D.
[SwitchD] display ip routing-table
Destinations : 15 Routes : 15
Destination/Mask Proto Pre Cost NextHop Interface
0.0.0.0/32 Direct 0 0 127.0.0.1 InLoop0
10.1.1.0/24 RIP 100 1 11.3.1.1 Vlan300
10.2.1.0/24 RIP 100 1 11.3.1.1 Vlan300
10.5.1.0/24 RIP 100 1 11.3.1.1 Vlan300
10.6.1.0/24 RIP 100 1 11.3.1.1 Vlan300
11.3.1.0/24 Direct 0 0 11.3.1.2 Vlan300
11.3.1.0/32 Direct 0 0 11.3.1.2 Vlan300
11.3.1.2/32 Direct 0 0 127.0.0.1 InLoop0
11.4.1.0/24 Direct 0 0 11.4.1.2 Vlan400
11.4.1.0/32 Direct 0 0 11.4.1.2 Vlan400
11.4.1.2/32 Direct 0 0 127.0.0.1 InLoop0
127.0.0.0/8 Direct 0 0 127.0.0.1 InLoop0
127.0.0.0/32 Direct 0 0 127.0.0.1 InLoop0
127.0.0.1/32 Direct 0 0 127.0.0.1 InLoop0
127.255.255.255/32 Direct 0 0 127.0.0.1 InLoop0
4. Configure route summarization:
# Configure route summarization on Switch C and advertise only the summary route 10.0.0.0/8.
[SwitchC] interface vlan-interface 300
[SwitchC-Vlan-interface300] rip summary-address 10.0.0.0 8
# Display the IP routing table on Switch D.
[SwitchD] display ip routing-table
Destinations : 12 Routes : 12
Destination/Mask Proto Pre Cost NextHop Interface
0.0.0.0/32 Direct 0 0 127.0.0.1 InLoop0
10.0.0.0/8 RIP 100 1 11.3.1.1 Vlan300
11.3.1.0/24 Direct 0 0 11.3.1.2 Vlan300
11.3.1.0/32 Direct 0 0 11.3.1.2 Vlan300
11.3.1.2/32 Direct 0 0 127.0.0.1 InLoop0
11.4.1.0/24 Direct 0 0 11.4.1.2 Vlan400
11.4.1.0/32 Direct 0 0 11.4.1.2 Vlan400
11.4.1.2/32 Direct 0 0 127.0.0.1 InLoop0
127.0.0.0/8 Direct 0 0 127.0.0.1 InLoop0
127.0.0.0/32 Direct 0 0 127.0.0.1 InLoop0
127.0.0.1/32 Direct 0 0 127.0.0.1 InLoop0
127.255.255.255/32 Direct 0 0 127.0.0.1 InLoop0
Configuring BFD for RIP (single-hop echo detection for a directly connected neighbor)
Network requirements
As shown in Figure 11, VLAN-interface 100 of Switch A and Switch C runs RIP process 1. VLAN-interface 200 of Switch A runs RIP process 2. VLAN-interface 300 of Switch C and VLAN-interface 200 and VLAN-interface 300 of Switch B run RIP process 1.
Configure a static route destined for 100.1.1.1/24 and enable static route redistribution into RIP on Switch C so Switch A can learn two routes destined for 100.1.1.1/24 through VLAN-interface 100 and VLAN-interface 200 respectively, and uses the one through VLAN-interface 100.
Enable BFD for RIP on VLAN-interface 100 of Switch A. When the link over VLAN-interface 100 fails, BFD can quickly detect the failure and notify it to RIP so RIP deletes the neighbor relationship and route information learned on VLAN-interface 100, and uses the route destined for 100.1.1.1 24 through VLAN-interface 200.
Configuration procedure
1. Configure IP addresses for interfaces. (Details not shown.)
2. Configure basic RIP:
# Configure Switch A.
<SwitchA> system-view
[SwitchA] rip 1
[SwitchA-rip-1] version 2
[SwitchA-rip-1] undo summary
[SwitchA-rip-1] network 192.168.1.0
[SwitchA-rip-1] quit
[SwitchA] interface vlan-interface 100
[SwitchA-Vlan-interface100] rip bfd enable
[SwitchA-Vlan-interface100] quit
[SwitchA] rip 2
[SwitchA-rip-2] version 2
[SwitchA-rip-2] undo summary
[SwitchA-rip-2] network 192.168.2.0
[SwitchA-rip-2] quit
# Configure Switch B.
<SwitchB> system-view
[SwitchB] rip 1
[SwitchB-rip-1] version 2
[SwitchB-rip-1] undo summary
[SwitchB-rip-1] network 192.168.2.0
[SwitchB-rip-1] network 192.168.3.0
[SwitchB-rip-1] quit
# Configure Switch C.
<SwitchC> system-view
[SwitchC] rip 1
[SwitchC-rip-1] version 2
[SwitchC-rip-1] undo summary
[SwitchC-rip-1] network 192.168.1.0
[SwitchC-rip-1] network 192.168.3.0
[SwitchC-rip-1] import-route static
[SwitchC-rip-1] quit
3. Configure BFD parameters on VLAN-interface 100 of Switch A.
[SwitchA] bfd session init-mode active
[SwitchA] bfd echo-source-ip 11.11.11.11
[SwitchA] interface vlan-interface 100
[SwitchA-Vlan-interface100] bfd min-transmit-interval 500
[SwitchA-Vlan-interface100] bfd min-receive-interval 500
[SwitchA-Vlan-interface100] bfd detect-multiplier 7
[SwitchA-Vlan-interface100] quit
[SwitchA] quit
4. Configure a static route on Switch C.
[SwitchC] ip route-static 120.1.1.1 24 null 0
Verifying the configuration
# Display the BFD session information on Switch A.
<SwitchA> display bfd session
Total Session Num: 1 Up Session Num: 1 Init Mode: Active
IPv4 Session Working Under Echo Mode:
LD SourceAddr DestAddr State Holdtime Interface
4 192.168.1.1 192.168.1.2 Up 2000ms Vlan100
# Display RIP routes destined for 120.1.1.0/24 on Switch A.
<SwitchA> display ip routing-table 120.1.1.0 24 verbose
Summary Count : 1
Destination: 120.1.1.0/24
Protocol: RIP Process ID: 1
SubProtID: 0x1 Age: 04h20m37s
Cost: 1 Preference: 100
Tag: 0 State: Active Adv
OrigTblID: 0x0 OrigVrf: default-vrf
TableID: 0x2 OrigAs: 0
NBRID: 0x26000002 LastAs: 0
AttrID: 0xffffffff Neighbor: 192.168.1.2
Flags: 0x1008c OrigNextHop: 192.168.1.2
Label: NULL RealNextHop: 192.168.1.2
BkLabel: NULL BkNextHop: N/A
Tunnel ID: Invalid Interface: Vlan-interface100
BkTunnel ID: Invalid BkInterface: N/A
The output shows that Switch A communicates with Switch C through VLAN-interface 100. Then the link over VLAN-interface 100 fails.
# Display RIP routes destined for 120.1.1.0/24 on Switch A.
<SwitchA> display ip routing-table 120.1.1.0 24 verbose
Summary Count : 1
Destination: 120.1.1.0/24
Protocol: RIP Process ID: 2
SubProtID: 0x1 Age: 04h20m37s
Cost: 1 Preference: 100
Tag: 0 State: Active Adv
OrigTblID: 0x0 OrigVrf: default-vrf
TableID: 0x2 OrigAs: 0
NBRID: 0x26000002 LastAs: 0
AttrID: 0xffffffff Neighbor: 192.168.2.2
Flags: 0x1008c OrigNextHop: 192.168.2.2
Label: NULL RealNextHop: 192.168.2.2
BkLabel: NULL BkNextHop: N/A
Tunnel ID: Invalid Interface: Vlan-interface200
BkTunnel ID: Invalid BkInterface: N/A
The output shows that Switch A communicates with Switch C through VLAN-interface 200.
Configure BFD for RIP (single hop echo detection for a specific destination)
Network requirements
As shown in Figure 12, VLAN-interface 100 of Switch A and Switch B runs RIP process 1. VLAN-interface 200 of Switch B and Switch C runs RIP process 1.
Configure a static route destined for 100.1.1.0/24 and enable static route redistribution into RIP on both Switch A and Switch C so Switch B can learn two routes destined for 100.1.1.0/24 through VLAN-interface 100 and VLAN-interface 200. The route redistributed from Switch A has a smaller cost than that redistributed from Switch C, so Switch B uses the route through VLAN-interface 200.
Enable BFD for RIP on VLAN-interface 100 of Switch A, and specify VLAN-interface 100 of Switch B as the destination. When a unidirectional link occurs (packets from Switch A can reach Switch B, but packets from Switch B cannot reach Switch A), BFD can quickly detect the link failure and notify RIP. Switch B then deletes the neighbor relationship and the route information learned on VLAN-interface 100, and does not receive or send any packets from VLAN-interface 100. When the route learned from Switch A ages out, Switch B uses the route destined for 100.1.1.1 24 through VLAN-interface 200.
Configuration procedure
1. Configure IP addresses for interfaces. (Details not shown.)
2. Configure basic RIP and enable BFD on the interfaces:
# Configure Switch A.
<SwitchA> system-view
[SwitchA] rip 1
[SwitchA-rip-1] network 192.168.2.0
[SwitchA-rip-1] import-route static
[SwitchA-rip-1] quit
[SwitchA] interface vlan-interface 100
[SwitchA-Vlan-interface100] rip bfd enable destination 192.168.2.2
[SwitchA-Vlan-interface100] quit
# Configure Switch B.
<SwitchB> system-view
[SwitchB] rip 1
[SwitchB-rip-1] network 192.168.2.0
[SwitchB-rip-1] network 192.168.3.0
[SwitchB-rip-1] quit
# Configure Switch C.
<SwitchC> system-view
[SwitchC] rip 1
[SwitchC-rip-1] network 192.168.3.0
[SwitchC-rip-1] import-route static cost 3
[SwitchC-rip-1] quit
3. Configure BFD parameters on VLAN-interface 100 of Switch A.
[SwitchA] bfd echo-source-ip 11.11.11.11
[SwitchA] interface vlan-interface 100
[SwitchA-Vlan-interface100] bfd min-echo-receive-interval 500
[SwitchA-Vlan-interface100] return
4. Configure static routes:
# Configure a static route on Switch A.
[SwitchA] ip route-static 100.1.1.0 24 null 0
# Configure a static route on Switch C.
[SwitchA] ip route-static 100.1.1.0 24 null 0
Verifying the configuration
# Display BFD session information on Switch A.
<SwitchA> display bfd session
Total Session Num: 1 Up Session Num: 1 Init Mode: Active
IPv4 session working under Echo mode:
LD SourceAddr DestAddr State Holdtime Interface
3 192.168.2.1 192.168.2.2 Up 2000ms vlan100
# Display routes destined for 100.1.1.0/24 on Switch B.
<SwitchB> display ip routing-table 100.1.1.0 24 verbose
Summary Count : 1
Destination: 100.1.1.0/24
Protocol: RIP Process ID: 1
SubProtID: 0x1 Age: 00h02m47s
Cost: 1 Preference: 100
Tag: 0 State: Active Adv
OrigTblID: 0x0 OrigVrf: default-vrf
TableID: 0x2 OrigAs: 0
NBRID: 0x12000002 LastAs: 0
AttrID: 0xffffffff Neighbor: 192.168.2.1
Flags: 0x1008c OrigNextHop: 192.168.2.1
Label: NULL RealNextHop: 192.168.2.1
BkLabel: NULL BkNextHop: N/A
Tunnel ID: Invalid Interface: vlan-interface 100
BkTunnel ID: Invalid BkInterface: N/A
# Display routes destined for 100.1.1.0/24 on Switch B when the link between Switch A and Switch B fails.
<SwitchB> display ip routing-table 100.1.1.0 24 verbose
Summary Count : 1
Destination: 100.1.1.0/24
Protocol: RIP Process ID: 1
SubProtID: 0x1 Age: 00h21m23s
Cost: 4 Preference: 100
Tag: 0 State: Active Adv
OrigTblID: 0x0 OrigVrf: default-vrf
TableID: 0x2 OrigAs: 0
NBRID: 0x12000002 LastAs: 0
AttrID: 0xffffffff Neighbor: 192.168.3.2
Flags: 0x1008c OrigNextHop: 192.168.3.2
Label: NULL RealNextHop: 192.168.3.2
BkLabel: NULL BkNextHop: N/A
Tunnel ID: Invalid Interface: vlan-interface 200
BkTunnel ID: Invalid BkInterface: N/A
Configuring BFD for RIP (bidirectional detection in BFD control packet mode)
Network requirements
As shown in Figure 13, VLAN-interface 100 of Switch A and VLAN-interface 200 of Switch C run RIP process 1.
VLAN-interface 300 of Switch A runs RIP process 2. VLAN-interface 400 of Switch C, and VLAN-interface 300 and VLAN-interface 400 of Switch D run RIP process 1.
Configure a static route destined for 100.1.1.0/24 on Switch A, configure a static route destined for 101.1.1.0/24 on Switch C, and enable static route redistribution into RIP on Switch A and Switch C so Switch A can learn two routes destined for 100.1.1.0/24 through VLAN-interface 100 and VLAN-interface 300, and uses the one through VLAN-interface 100.
Enable BFD on VLAN-interface 100 of Switch A and VLAN-interface 200 of Switch C. When the link over VLAN-interface 100 fails, BFD can quickly detect the link failure and notify RIP so RIP deletes the neighbor relationship and the route information received learned on VLAN-interface 100, and uses the route destined for 100.1.1.0/24 through VLAN-interface 300.
Table 6 Interface and IP address assignment
|
Device |
Interface |
IP address |
|
Switch A |
VLAN-interface 300 |
192.168.3.1/24 |
|
Switch A |
VLAN-interface 100 |
192.168.1.1/24 |
|
Switch B |
VLAN-interface 100 |
192.168.1.2/24 |
|
Switch B |
VLAN-interface 200 |
192.168.2.1/24 |
|
Switch C |
VLAN-interface 200 |
192.168.2.2/24 |
|
Switch C |
VLAN-interface 400 |
192.168.4.2/24 |
|
Switch D |
VLAN-interface 300 |
192.168.3.2/24 |
|
Switch D |
VLAN-interface 400 |
192.168.4.1/24 |
Configuration procedure
1. Configure IP addresses for interfaces. (Details not shown.)
2. Configure basic RIP and enable static route redistribution into RIP so Switch A and Switch C have routes to send to each other:
# Configure Switch A.
<SwitchA> system-view
[SwitchA] rip 1
[SwitchA-rip-1] version 2
[SwitchA-rip-1] undo summary
[SwitchA-rip-1] network 192.168.1.0
[SwitchA-rip-1] network 101.1.1.0
[SwitchA-rip-1] peer 192.168.2.2
[SwitchA-rip-1] undo validate-source-address
[SwitchA-rip-1] import-route static
[SwitchA-rip-1] quit
[SwitchA] interface vlan-interface 100
[SwitchA-Vlan-interface100] rip bfd enable
[SwitchA-Vlan-interface100] quit
[SwitchA] rip 2
[SwitchA-rip-2] version 2
[SwitchA-rip-2] undo summary
[SwitchA-rip-2] network 192.168.3.0
[SwitchA-rip-2] quit
# Configure Switch C.
<SwitchC> system-view
[SwitchC] rip 1
[SwitchC-rip-1] version 2
[SwitchC-rip-1] undo summary
[SwitchC-rip-1] network 192.168.2.0
[SwitchC-rip-1] network 192.168.4.0
[SwitchC-rip-1] network 100.1.1.0
[SwitchC-rip-1] peer 192.168.1.1
[SwitchC-rip-1] undo validate-source-address
[SwitchC-rip-1] import-route static
[SwitchC-rip-1] quit
[SwitchC] interface vlan-interface 200
[SwitchC-Vlan-interface200] rip bfd enable
[SwitchC-Vlan-interface200] quit
# Configure Switch D.
<SwitchD> system-view
[SwitchD] rip 1
[SwitchD-rip-1] version 2
[SwitchD-rip-1] undo summary
[SwitchD-rip-1] network 192.168.3.0
[SwitchD-rip-1] network 192.168.4.0
3. Configure BFD parameters:
# Configure Switch A.
[SwitchA] bfd session init-mode active
[SwitchA] interface vlan-interface 100
[SwitchA-Vlan-interface100] bfd min-transmit-interval 500
[SwitchA-Vlan-interface100] bfd min-receive-interval 500
[SwitchA-Vlan-interface100] bfd detect-multiplier 7
[SwitchA-Vlan-interface100] quit
# Configure Switch C.
[SwitchC] bfd session init-mode active
[SwitchC] interface vlan-interface 200
[SwitchC-Vlan-interface200] bfd min-transmit-interval 500
[SwitchC-Vlan-interface200] bfd min-receive-interval 500
[SwitchC-Vlan-interface200] bfd detect-multiplier 7
[SwitchC-Vlan-interface200] quit
4. Configure static routes:
# Configure a static route to Switch C on Switch A.
[SwitchA] ip route-static 192.168.2.0 24 vlan-interface 100 192.168.1.2
[SwitchA] quit
# Configure a static route to Switch A on Switch C.
[SwitchC] ip route-static 192.168.1.0 24 vlan-interface 200 192.168.2.1
Verifying the configuration
# Display the BFD session information on Switch A.
<SwitchA> display bfd session
Total Session Num: 1 Up Session Num: 1 Init Mode: Active
IPv4 session working under Ctrl mode:
LD/RD SourceAddr DestAddr State Holdtime Interface
513/513 192.168.1.1 192.168.2.2 Up 1700ms vlan100
# Display RIP routes destined for 100.1.1.0/24 on Switch A.
<SwitchB> display ip routing-table 100.1.1.0 24 verbose
Summary Count : 1
Destination: 100.1.1.0/24
Protocol: RIP Process ID: 1
SubProtID: 0x1 Age: 00h02m47s
Cost: 1 Preference: 100
Tag: 0 State: Active Adv
OrigTblID: 0x0 OrigVrf: default-vrf
TableID: 0x2 OrigAs: 0
NBRID: 0x12000002 LastAs: 0
AttrID: 0xffffffff Neighbor: 192.168.2.2
Flags: 0x1008c OrigNextHop: 192.168.2.2
Label: NULL RealNextHop: 192.168.1.2
BkLabel: NULL BkNextHop: N/A
Tunnel ID: Invalid Interface: vlan-interface 100
BkTunnel ID: Invalid BkInterface: N/A
# Display RIP routes destined for 100.1.1.0/24 on Switch A when the link between Switch B and Switch C fails.
<SwitchA> display ip routing-table 100.1.1.0 24 verbose
Summary Count : 1
Destination: 100.1.1.0/24
Protocol: RIP Process ID: 2
SubProtID: 0x1 Age: 00h18m40s
Cost: 2 Preference: 100
Tag: 0 State: Active Adv
OrigTblID: 0x0 OrigVrf: default-vrf
TableID: 0x2 OrigAs: 0
NBRID: 0x12000003 LastAs: 0
AttrID: 0xffffffff Neighbor: 192.168.3.2
Flags: 0x1008c OrigNextHop: 192.168.3.2
Label: NULL RealNextHop: 192.168.3.2
BkLabel: NULL BkNextHop: N/A
Tunnel ID: Invalid Interface: vlan-interface 300
BkTunnel ID: Invalid BkInterface: N/A
Configuring RIP FRR
Network requirements
As shown in Figure 14, Switch S, Switch A, and Switch D run RIPv2. Configure RIP FRR so that when Link A becomes unidirectional, services can be switched to Link B immediately.
Configuration procedure
1. Configure IP addresses and subnet masks for interfaces on the switches. (Details not shown.)
2. Configure RIPv2 on the switches to make sure Switch A, Switch D, and Switch S can communicate with each other at Layer 3. (Details not shown.)
3. Configure RIP FRR:
# Configure Switch S.
<SwitchS> system-view
[SwitchS] bfd echo-source-ip 2.2.2.2
[SwitchS] ip prefix-list abc index 10 permit 4.4.4.4 32
[SwitchS] route-policy frr permit node 10
[SwitchS-route-policy-frr-10] if-match ip address prefix-list abc
[SwitchS-route-policy-frr-10] apply fast-reroute backup-interface vlan-interface 100 backup-nexthop 12.12.12.2
[SwitchS-route-policy-frr-10] quit
[SwitchS] rip 1
[SwitchS-rip-1] fast-reroute route-policy frr
[SwitchS-rip-1] quit
# Configure Switch D.
<SwitchD> system-view
[SwitchD] bfd echo-source-ip 3.3.3.3
[SwitchD] ip prefix-list abc index 10 permit 1.1.1.1 32
[SwitchD] route-policy frr permit node 10
[SwitchD-route-policy-frr-10] if-match ip address prefix-list abc
[SwitchD-route-policy-frr-10] apply fast-reroute backup-interface vlan-interface 101 backup-nexthop 24.24.24.2
[SwitchD-route-policy-frr-10] quit
[SwitchD] rip 1
[SwitchD-rip-1] fast-reroute route-policy frr
[SwitchD-rip-1] quit
Verifying the configuration
# Display route 4.4.4.4/32 on Switch S to view the backup next hop information.
[SwitchS] display ip routing-table 4.4.4.4 verbose
Summary Count : 1
Destination: 4.4.4.4/32
Protocol: RIP Process ID: 1
SubProtID: 0x1 Age: 04h20m37s
Cost: 1 Preference: 100
Tag: 0 State: Active Adv
OrigTblID: 0x0 OrigVrf: default-vrf
TableID: 0x2 OrigAs: 0
NBRID: 0x26000002 LastAs: 0
AttrID: 0xffffffff Neighbor: 13.13.13.2
Flags: 0x1008c OrigNextHop: 13.13.13.2
Label: NULL RealNextHop: 13.13.13.2
BkLabel: NULL BkNextHop: 12.12.12.2
Tunnel ID: Invalid Interface: Vlan-interface200
BkTunnel ID: Invalid BkInterface: Vlan-interface100
# Display route 1.1.1.1/32 on Switch D to view the backup next hop information.
[SwitchD] display ip routing-table 1.1.1.1 verbose
Summary Count : 1
Destination: 1.1.1.1/32
Protocol: RIP Process ID: 1
SubProtID: 0x1 Age: 04h20m37s
Cost: 1 Preference: 100
Tag: 0 State: Active Adv
OrigTblID: 0x0 OrigVrf: default-vrf
TableID: 0x2 OrigAs: 0
NBRID: 0x26000002 LastAs: 0
AttrID: 0xffffffff Neighbor: 13.13.13.1
Flags: 0x1008c OrigNextHop: 13.13.13.1
Label: NULL RealNextHop: 13.13.13.1
BkLabel: NULL BkNextHop: 24.24.24.2
Tunnel ID: Invalid Interface: Vlan-interface200
BkTunnel ID: Invalid BkInterface: Vlan-interface101
Configuring OSPF
Open Shortest Path First (OSPF) is a link-state IGP developed by the OSPF working group of the IETF. OSPF version 2 is used for IPv4. OSPF refers to OSPFv2 throughout this chapter.
Overview
OSPF has the following features:
· Wide scope—Supports various network sizes and up to several hundred routers in an OSPF routing domain.
· Fast convergence—Advertises routing updates instantly upon network topology changes.
· Loop free—Computes routes with the SPF algorithm to avoid routing loops.
· Area-based network partition—Splits an AS into multiple areas to facilitate management. This feature reduces the LSDB size on routers to save memory and CPU resources, and reduces route updates transmitted between areas to save bandwidth.
· ECMP routing—Supports multiple equal-cost routes to a destination.
· Routing hierarchy—Supports a 4-level routing hierarchy that prioritizes routes into intra-area, inter-area, external Type-1, and external Type-2 routes.
· Authentication—Supports area- and interface-based packet authentication to ensure secure packet exchange.
· Support for multicasting—Multicasts protocol packets on some types of links to avoid impacting other devices.
OSPF packets
OSPF messages are carried directly over IP. The protocol number is 89.
OSPF uses the following packet types:
· Hello—Periodically sent to find and maintain neighbors, containing timer values, information about the DR, BDR, and known neighbors.
· Database description (DD)—Describes the digest of each LSA in the LSDB, exchanged between two routers for data synchronization.
· Link state request (LSR)—Requests needed LSAs from a neighbor. After exchanging the DD packets, the two routers know which LSAs of the neighbor are missing from their LSDBs. They then exchange LSR packets requesting the missing LSAs. LSR packets contain the digest of the missing LSAs.
· Link state update (LSU)—Transmits the requested LSAs to the neighbor.
· Link state acknowledgment (LSAck)—Acknowledges received LSU packets. It contains the headers of received LSAs (an LSAck packet can acknowledge multiple LSAs).
LSA types
OSPF advertises routing information in Link State Advertisements (LSAs). The following LSAs are commonly used:
· Router LSA—Type-1 LSA, originated by all routers and flooded throughout a single area only. This LSA describes the collected states of the router's interfaces to an area.
· Network LSA—Type-2 LSA, originated for broadcast and NBMA networks by the designated router, and flooded throughout a single area only. This LSA contains the list of routers connected to the network.
· Network Summary LSA—Type-3 LSA, originated by Area Border Routers (ABRs), and flooded throughout the LSA's associated area. Each summary-LSA describes a route to a destination outside the area, yet still inside the AS (an inter-area route).
· ASBR Summary LSA—Type-4 LSA, originated by ABRs and flooded throughout the LSA's associated area. Type 4 summary-LSAs describe routes to Autonomous System Boundary Router (ASBR).
· AS External LSA—Type-5 LSA, originated by ASBRs, and flooded throughout the AS (except stub and NSSA areas). Each AS-external-LSA describes a route to another AS.
· NSSA LSA—Type-7 LSA, as defined in RFC 1587, originated by ASBRs in NSSAs and flooded throughout a single NSSA. NSSA LSAs describe routes to other ASs.
· Opaque LSA—A proposed type of LSA. Its format consists of a standard LSA header and application specific information. Opaque LSAs are used by the OSPF protocol or by some applications to distribute information into the OSPF routing domain. The opaque LSA includes Type 9, Type 10, and Type 11. The Type 9 opaque LSA is flooded into the local subnet, the Type 10 is flooded into the local area, and the Type 11 is flooded throughout the AS.
OSPF areas
In large OSPF routing domains, SPF route computations consume too many storage and CPU resources, and enormous OSPF packets generated for route synchronization occupy excessive bandwidth.
To resolve these issues, OSPF splits an AS into multiple areas. Each area is identified by an area ID. The boundaries between areas are routers rather than links. A network segment (or a link) can only reside in one area as shown in Figure 15.
You can configure route summarization on ABRs to reduce the number of LSAs advertised to other areas and minimize the effect of topology changes.
Figure 15 Area-based OSPF network partition
Backbone area and virtual links
Each AS has a backbone area that distributes routing information between non-backbone areas. Routing information between non-backbone areas must be forwarded by the backbone area. OSPF has the following requirements:
· All non-backbone areas must maintain connectivity to the backbone area.
· The backbone area must maintain connectivity within itself.
In practice, these requirements might not be met due to lack of physical links. OSPF virtual links can solve this issue.
A virtual link is established between two ABRs through a non-backbone area. It must be configured on both ABRs to take effect. The non-backbone area is called a transit area.
As shown in Figure 16, Area 2 has no direct physical link to the backbone Area 0. You can configure a virtual link between the two ABRs to connect Area 2 to the backbone area.
Figure 16 Virtual link application 1
Virtual links can also be used to provide redundant links. If the backbone area cannot maintain internal connectivity because of the failure of a physical link, you can configure a virtual link to replace the failed physical link, as shown in Figure 17.
Figure 17 Virtual link application 2
The virtual link between the two ABRs acts as a point-to-point connection. You can configure interface parameters, such as hello interval, on the virtual link as they are configured on a physical interface.
The two ABRs on the virtual link unicast OSPF packets to each other, and the OSPF routers in between convey these OSPF packets as normal IP packets.
Stub area and totally stub area
A stub area does not distribute Type-5 LSAs to reduce the routing table size and LSAs advertised within the area. The ABR of the stub area advertises a default route in a Type-3 LSA so that the routers in the area can reach external networks through the default route.
To further reduce the routing table size and advertised LSAs, you can configure the stub area as a totally stub area. The ABR of a totally stub area does no advertise inter-area routes or external routes. It advertises a default route in a Type-3 LSA so that the routers in the area can reach external networks through the default route.
NSSA area and totally NSSA area
An NSSA area does not import AS external LSAs (Type-5 LSAs) but can import Type-7 LSAs generated by the NSSA ASBR. The NSSA ABR translates Type-7 LSAs into Type-5 LSAs and advertises the Type-5 LSAs to other areas.
As shown in Figure 18, the OSPF AS contains Area 1, Area 2, and Area 0. The other two ASs run RIP. Area 1 is an NSSA area where the ASBR redistributes RIP routes in Type-7 LSAs into Area 1. Upon receiving the Type-7 LSAs, the NSSA ABR translates them to Type-5 LSAs, and advertises the Type-5 LSAs to Area 0.
The ASBR of Area 2 redistributes RIP routes in Type-5 LSAs into the OSPF routing domain. However, Area 1 does not receive Type-5 LSAs because it is an NSSA area.
Router types
OSPF routers are classified into the following types based on their positions in the AS:
· Internal router—All interfaces on an internal router belong to one OSPF area.
· ABR—Belongs to more than two areas, one of which must be the backbone area. ABR connects the backbone area to a non-backbone area. An ABR and the backbone area can be connected through a physical or logical link.
· Backbone router—At least one interface of a backbone router must reside in the backbone area. All ABRs and internal routers in Area 0 are backbone routers.
· ASBR—Exchanges routing information with another AS is an ASBR. An ASBR might not reside on the border of the AS. It can be an internal router or an ABR.
Figure 19 OSPF router types
Route types
OSPF prioritizes routes into the following route levels:
· Intra-area route
· Inter-area route
· Type-1 external route
· Type-2 external route
The intra-area and inter-area routes describe the network topology of the AS. The external routes describe routes to external ASs.
A Type-1 external route has high credibility. The cost from a router to the destination of a Type-1 external route = the cost from the router to the corresponding ASBR + the cost from the ASBR to the destination of the external route.
A Type-2 external route has low credibility. OSPF considers the cost from the ASBR to the destination of a Type-2 external route is much greater than the cost from the ASBR to an OSPF internal router. The cost from the internal router to the destination of the Type-2 external route = the cost from the ASBR to the destination of the Type-2 external route. If two Type-2 routes to the same destination have the same cost, OSPF takes the cost from the router to the ASBR into consideration to determine the best route.
Route calculation
OSPF computes routes in an area as follows:
· Each router generates LSAs based on the network topology around itself, and sends them to other routers in update packets.
· Each OSPF router collects LSAs from other routers to compose an LSDB. An LSA describes the network topology around a router, and the LSDB describes the entire network topology of the area.
· Each router transforms the LSDB to a weighted directed graph that shows the topology of the area. All the routers within the area have the same graph.
· Each router uses the SPF algorithm to compute a shortest path tree that shows the routes to the nodes in the area. The router itself is the root of the tree.
OSPF network types
OSPF classifies networks into the following types, depending on different link layer protocols:
· Broadcast—If the link layer protocol is Ethernet or FDDI, OSPF considers the network type as broadcast by default. On a broadcast network, hello, LSU, and LSAck packets are multicast to 224.0.0.5 that identifies all OSPF routers or to 224.0.0.6 that identifies the DR; DD packets and LSR packets are unicast.
· NBMA—If the link layer protocol is Frame Relay, ATM, or X.25, OSPF considers the network type as NBMA by default. OSPF packets are unicast on a NBMA network.
· P2MP—No link is P2MP type by default. P2MP must be a conversion from other network types such as NBMA. On a P2MP network, OSPF packets are multicast to 224.0.0.5.
· P2P—If the link layer protocol is PPP or HDLC, OSPF considers the network type as P2P. On a P2P network, OSPF packets are multicast to 224.0.0.5.
The following are the differences between NBMA and P2MP networks:
· NBMA networks are fully meshed. P2MP networks are not required to be fully meshed.
· NBMA networks require DR and BDR election. P2MP networks do not have DR or BDR.
· On a NBMA network, OSPF packets are unicast, and neighbors are manually configured. On a P2MP network, OSPF packets are multicast by default, and you can configure OSPF to unicast protocol packets.
DR and BDR
DR and BDR mechanism
On a broadcast or NBMA network, any two routers must establish an adjacency to exchange routing information with each other. If n routers are present on the network, n(n-1)/2 adjacencies are established. Any topology change on the network results in an increase in traffic for route synchronization, consuming many system and bandwidth resources.
The DR and BDR mechanisms can solve this problem.
· DR—Elected to advertise routing information among other routers. If the DR fails, routers on the network must elect another DR and synchronize information with the new DR. Using this mechanism alone is time-consuming and prone to route calculation errors.
· BDR—Elected along with the DR to establish adjacencies with all other routers. If the DR fails, the BDR immediately becomes the new DR, and other routers elect a new BDR.
Routers other than the DR and BDR are called "DROthers." They do not establish adjacencies with one another, so the number of adjacencies is reduced.
The role of a router is subnet (or interface) specific. It might be a DR on one interface and a BDR or DROther on another interface.
As shown in Figure 20, solid lines are Ethernet physical links, and dashed lines represent OSPF adjacencies. With the DR and BDR, only seven adjacencies are established.
Figure 20 DR and BDR in a network
|
|
NOTE: In OSPF, "neighbor" and "adjacency" are different concepts. After startup, OSPF sends a hello packet on each OSPF interface. A receiving router checks parameters in the packet. If the parameters match its own, the receiving router considers the sending router an OSPF neighbor. Two OSPF neighbors establish an adjacency relationship after they synchronize their LSDBs through exchange of DD packets and LSAs. |
DR and BDR election
DR election is performed on broadcast or NBMA networks but not on P2P and P2MP networks.
Routers in a broadcast or NBMA network elect the DR and BDR by router priority and ID. Routers with a router priority value higher than 0 are candidates for DR and BDR election.
The election votes are hello packets. Each router sends the DR elected by itself in a hello packet to all the other routers. If two routers on the network declare themselves as the DR, the router with the higher router priority wins. If router priorities are the same, the router with the higher router ID wins.
If a router with a higher router priority is added to the network after DR and BDR election, the router cannot become the DR or BDR immediately as no DR election is performed for it. Therefore, the DR of a network might not be the router with the highest priority, and the BDR might not be the router with the second highest priority.
Protocols and standards
· RFC 1765, OSPF Database Overflow
· RFC 2328, OSPF Version 2
· RFC 3101, OSPF Not-So-Stubby Area (NSSA) Option
· RFC 3137, OSPF Stub Router Advertisement
· RFC 4811, OSPF Out-of-Band LSDB Resynchronization
· RFC 4812, OSPF Restart Signaling
· RFC 4813, OSPF Link-Local Signaling
OSPF configuration task list
To run OSPF, you must first enable OSPF on the router. Make a proper configuration plan to avoid incorrect settings that can result in route blocking and routing loops.
To configure OSPF, perform the following tasks:
Enabling OSPF
Enable OSPF before you perform other OSPF configuration tasks.
Configuration prerequisites
Configure the link layer protocol and IP addresses for interfaces to ensure IP connectivity between neighboring nodes.
Configuration guidelines
To enable OSPF on an interface, you can enable OSPF on the network where the interface resides or directly enable OSPF on that interface. If you configure both, the latter takes precedence.
You can specify a global router ID, or specify a router ID when you create an OSPF process:
· If you specify a router ID when you create an OSPF process, any two routers in an AS must have different router IDs. A common practice is to specify the IP address of an interface as the router ID.
· If you specify no router ID when you create the OSPF process, the global router ID is used. As a best practice, specify a router ID when you create the OSPF process.
Enabling OSPF on a network
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. (Optional.) Configure a global router ID. |
router id router-id |
By default, no global router ID is configured. If no global router ID is configured, the highest loopback interface IP address, if any, is used as the router ID. If no loopback interface IP address is available, the highest physical interface IP address is used, regardless of the interface status (up or down). |
|
3. Enable an OSPF process and enter OSPF view. |
ospf [ process-id | router-id router-id | vpn-instance vpn-instance-name ] * |
By default, OSPF is disabled. |
|
4. (Optional.) Configure a description for the OSPF process. |
description description |
By default, no description is configured for the OSPF process. As a best practice, configure a description for each OSPF process. |
|
5. Create an OSPF area and enter OSPF area view. |
area area-id |
By default, no OSPF area is created. |
|
6. (Optional.) Configure a description for the area. |
description description |
By default, no description is configured for the area. As a best practice, configure a description for each OSPF area. |
|
7. Specify a network to enable the interface attached to the network to run the OSPF process in the area. |
network ip-address wildcard-mask |
By default, no network is specified. A network can be added to only one area. |
Enabling OSPF on an interface
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter interface view. |
interface interface-type interface-number |
N/A |
|
3. Enable an OSPF process on the interface. |
ospf process-id area area-id [ exclude-subip ] |
By default, OSPF is disabled on an interface. If the specified OSPF process and area do not exist, the command creates the OSPF process and area. Disabling an OSPF process on an interface does not delete the OSPF process or the area. |
Configuring OSPF areas
Before you configure an OSPF area, perform the following tasks:
· Configure IP addresses for interfaces to ensure IP connectivity between neighboring nodes.
· Enable OSPF.
Configuring a stub area
You can configure a non-backbone area at an AS edge as a stub area. To do so, issue the stub command on all routers attached to the area. The routing table size is reduced because Type-5 LSAs will not be flooded within the stub area. The ABR generates a default route into the stub area so all packets destined outside of the AS are sent through the default route.
To further reduce the routing table size and routing information exchanged in the stub area, configure a totally stub area by using the stub [ no-summary ] command on the ABR. AS external routes and inter-area routes will not be distributed into the area. All the packets destined outside of the AS or area will be sent to the ABR for forwarding.
A stub or totally stub area cannot have an ASBR because external routes cannot be distributed into the area.
To configure an OSPF stub area:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter OSPF view. |
ospf [ process-id | router-id router-id | vpn-instance vpn-instance-name ] * |
N/A |
|
3. Enter area view. |
area area-id |
N/A |
|
4. Configure the area as a stub area. |
stub [ default-route-advertise-always | no-summary ] * |
By default, no stub area is configured. |
|
5. (Optional.) Specify a cost for the default route advertised to the stub area. |
default-cost cost |
The default setting is 1. The default-cost cost command takes effect only on the ABR of a stub area or totally stub area. |
Configuring an NSSA area
A stub area cannot import external routes, but an NSSA area can import external routes into the OSPF routing domain while retaining other stub area characteristics.
Do not configure the backbone area as an NSSA area or totally NSSA area.
To configure an NSSA area, configure the nssa command on all the routers attached to the area.
To configure a totally NSSA area, configure the nssa command on all the routers attached to the area and configure the nssa no-summary command on the ABR. The ABR of a totally NSSA area does not advertise inter-area routes into the area.
To configure an NSSA area:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter OSPF view. |
ospf [ process-id | router-id router-id | vpn-instance vpn-instance-name ] * |
N/A |
|
3. Enter area view. |
area area-id |
N/A |
|
4. Configure the area as an NSSA area. |
nssa [ default-route-advertise [ cost cost | nssa-only | route-policy route-policy-name | type type ] * | no-import-route | no-summary | suppress-fa | [ translate-always | translate-never ] | translator-stability-interval value ] * |
By default, no area is configured as an NSSA area. |
|
5. (Optional.) Specify a cost for the default route advertised to the NSSA area. |
default-cost cost |
The default setting is 1. This command takes effect only on the ABR/ASBR of an NSSA or totally NSSA area. |
Configuring a virtual link
Virtual links are configured for connecting backbone area routers that have no direct physical links.
To configure a virtual link:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter OSPF view. |
ospf [ process-id | router-id router-id | vpn-instance vpn-instance-name ] * |
N/A |
|
3. Enter area view. |
area area-id |
N/A |
|
4. Configure a virtual link. |
vlink-peer router-id [ dead seconds | hello seconds | { { hmac-md5 | md5 } key-id { cipher cipher-string | plain plain-string } | simple { cipher cipher-string | plain plain-string } } | retransmit seconds | trans-delay seconds ] * |
By default, no virtual link is configured. Configure this command on both ends of a virtual link, and the hello and dead intervals must be identical on both ends of the virtual link. |
Configuring OSPF network types
OSPF classifies networks into the following types based on the link layer protocol:
· Broadcast—When the link layer protocol is Ethernet or FDDI, OSPF classifies the network type as broadcast by default.
· NBMA—When the link layer protocol is Frame Relay, ATM, or X.25, OSPF classifies the network type as NBMA by default.
· P2P—When the link layer protocol is PPP, LAPB, or HDLC, OSPF classifies the network type as P2P by default.
When you change the network type of an interface, follow these guidelines:
· When an NBMA network becomes fully meshed, change the network type to broadcast to avoid manual configuration of neighbors.
· If any routers in a broadcast network do not support multicasting, change the network type to NBMA.
· An NBMA network must be fully meshed. OSPF requires that an NBMA network be fully meshed. If a network is partially meshed, change the network type to P2MP.
· If a router on an NBMA network has only one neighbor, you can change the network type to P2P to save costs.
Two broadcast-, NBMA-, and P2MP-interfaces can establish a neighbor relationship only when they are on the same network segment.
Configuration prerequisites
Before you configure OSPF network types, perform the following tasks:
· Configure IP addresses for interfaces to ensure IP connectivity between neighboring nodes.
· Enable OSPF.
Configuring the broadcast network type for an interface
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter interface view. |
interface interface-type interface-number |
N/A |
|
3. Configure the OSPF network type for the interface as broadcast. |
ospf network-type broadcast |
By default, the network type of an interface depends on the link layer protocol. |
|
4. (Optional.) Configure a router priority for the interface. |
ospf dr-priority priority |
The default router priority is 1. |
Configuring the NBMA network type for an interface
After you configure the network type as NBMA, you must specify neighbors and their router priorities because NBMA interfaces cannot find neighbors by broadcasting hello packets.
To configure the NBMA network type for an interface:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter interface view. |
interface interface-type interface-number |
N/A |
|
3. Configure the OSPF network type for the interface as NBMA. |
ospf network-type nbma |
By default, the network type of an interface depends on the link layer protocol. |
|
4. (Optional.) Configure a router priority for the interface. |
ospf dr-priority priority |
The default setting is 1. The router priority configured with this command is for DR election. |
|
5. Return to system view. |
quit |
N/A |
|
6. Enter OSPF view. |
ospf [ process-id | router-id router-id | vpn-instance vpn-instance-name ] * |
N/A |
|
7. Specify a neighbor and its router priority. |
peer ip-address [ cost value | dr-priority dr-priority ] |
By default, no neighbor is specified. The priority configured with this command indicates whether a neighbor has the election right or not. If you configure the router priority for a neighbor as 0, the local router determines the neighbor has no election right, and does not send hello packets to this neighbor. However, if the local router is the DR or BDR, it still sends hello packets to the neighbor for neighbor relationship establishment. |
Configuring the P2MP network type for an interface
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter interface view. |
interface interface-type interface-number |
N/A |
|
3. Configure the OSPF network type for the interface as P2MP. |
ospf network-type p2mp [ unicast ] |
By default, the network type of an interface depends on the link layer protocol. After you configure the OSPF network type for an interface as P2MP unicast, all packets are unicast over the interface. The interface cannot broadcast hello packets to discover neighbors, so you must manually specify the neighbors. |
|
4. Return to system view. |
quit |
N/A |
|
5. Enter OSPF view. |
ospf [ process-id | router-id router-id | vpn-instance vpn-instance-name ] * |
N/A |
|
6. (Optional.) Specify a neighbor and its router priority. |
peer ip-address [ cost value | dr-priority dr-priority ] |
By default, no neighbor is specified. This step must be performed if the network type is P2MP unicast, and is optional if the network type is P2MP. |
Configuring the P2P network type for an interface
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter interface view. |
interface interface-type interface-number |
N/A |
|
3. Configure the OSPF network type for the interface as P2P. |
ospf network-type p2p [ peer-address-check ] |
By default, the network type of an interface depends on the link layer protocol. |
Configuring OSPF route control
This section describes how to control the advertisement and reception of OSPF routing information, as well as route redistribution from other protocols.
Configuration prerequisites
Before you configure OSPF route control, perform the following tasks:
· Configure IP addresses for interfaces to ensure IP connectivity between neighboring nodes.
· Enable OSPF.
· Configure filters if routing information filtering is needed.
Configuring OSPF route summarization
Configure route summarization on an ABR or ASBR to summarize contiguous networks into a single network and distribute it to other areas.
Route summarization reduces the routing information exchanged between areas and the size of routing tables, and improves routing performance. For example, three internal networks 19.1.1.0/24, 19.1.2.0/24, and 19.1.3.0/24 are available within an area. You can summarize the three networks into network 19.1.0.0/16, and advertise the summary network to other areas.
Configuring route summarization on an ABR
After you configure a summary route on an ABR, the ABR generates a summary LSA instead of more specific LSAs so that the scale of LSDBs on routers in other areas and the influence of topology changes are reduced.
To configure route summarization on an ABR:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter OSPF view. |
ospf [ process-id | router-id router-id | vpn-instance vpn-instance-name ] * |
N/A |
|
3. Enter OSPF area view. |
area area-id |
N/A |
|
4. Configure ABR route summarization. |
abr-summary ip-address { mask-length | mask } [ advertise | not-advertise ] [ cost cost ] |
By default, no route summarization is configured. The command takes effect only on an ABR. |
Configuring route summarization when redistributing routes into OSPF on an ASBR
Without route summarization, an ASBR advertises each redistributed route in a separate ASE LSA. After you configure a summary route, the ASBR advertises only the summary route in an ASE LSA instead of more specific routes, reducing the number of LSAs in the LSDB.
The ASBR summarizes redistributed Type-5 LSAs within the specified address range. If the ASBR is in an NSSA area, it also summarizes Type-7 LSAs within the specified address range. If the ASBR is also the ABR, it summarizes Type-5 LSAs translated from Type-7 LSAs.
To configure route summarization when redistributing routes into OSPF on an ASBR:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter OSPF view. |
ospf [ process-id | router-id router-id | vpn-instance vpn-instance-name ]* |
N/A |
|
asbr-summary ip-address { mask-length | mask } [ cost cost | not-advertise | nssa-only | tag tag ] * |
By default, no ASBR route summarization is configured. The command takes effect only on an ASBR. |
Configuring discard routes for summary networks
Discard routes help prevent routing black holes when route summarization is configured on ABRs and ASBRs.
During route summarization, an ABR or ASBR generates a discard route for the summary network. The destination and output interface of the discard route is the summary network and interface Null 0. When receiving packets destined for a nonexistent network that is a part of the summary network, the ABR or ASBR discards the packets according to the discard route.
For example, Router A summarizes networks 19.1.1.0/24, 19.1.2.0/24, and 19.1.3.0/24 into network 19.1.0.0/16, and advertises the summary network to Router B. When Router B receives a packet destined for 19.1.4.0/24, Router B forwards the packet to Router A according to the summary route. Because no specific route to 19.1.4.0/24 exists, Router A discards the packet according to the discard route.
To configure discard routes for summary networks:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter OSPF view. |
ospf [ process-id | router-id router-id ] * |
N/A |
|
3. Configure discard routes for summary networks. |
discard-route { external { external-preference | suppression } | internal { internal-preference | suppression } } * |
By default: · The ABR or ASBR generates discard routes for summary networks. · The preference of discard routes is 255. |
Configuring received OSPF route filtering
Perform this task to filter routes calculated using received LSAs.
The following filtering methods are available:
· Use an ACL or IP prefix list to filter routing information by destination address.
· Use the gateway keyword to filter routing information by next hop.
· Use an ACL or IP prefix list to filter routing information by destination address and at the same time use the gateway keyword to filter routing information by next hop.
· Use a routing policy to filter routing information.
To configure OSPF to filter routes calculated using received LSAs:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter OSPF view. |
ospf [ process-id | router-id router-id | vpn-instance vpn-instance-name ] * |
N/A |
|
3. Configure OSPF to filter routes calculated using received LSAs. |
filter-policy { acl-number [ gateway prefix-list-name ] | gateway prefix-list-name | prefix-list prefix-list-name [ gateway prefix-list-name ] | route-policy route-policy-name } import |
By default, OSPF accepts all routes calculated using received LSAs. |
Configuring Type-3 LSA filtering
Perform this task to filter Type-3 LSAs advertised to an area on an ABR.
To configure Type-3 LSA filtering:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter OSPF view. |
ospf [ process-id | router-id router-id | vpn-instance vpn-instance-name ] * |
N/A |
|
3. Enter area view. |
area area-id |
N/A |
|
4. Configure Type-3 LSA filtering. |
filter { acl-number | prefix-list prefix-list-name | route-policy route-policy-name } { export | import } |
By default, the ABR does not filter Type-3 LSAs. |
Configuring an OSPF cost for an interface
Configure an OSPF cost for an interface by using either of the following methods:
· Configure the cost value in interface view.
· Configure a bandwidth reference value for the interface. OSPF computes the cost with this formula: Interface OSPF cost = Bandwidth reference value (100 Mbps) / Expected interface bandwidth (Mbps). The expected bandwidth of an interface is configured with the bandwidth command (see Interface Command Reference). If the calculated cost is greater than 65535, the value of 65535 is used. If the calculated cost is less than 1, the value of 1 is used. If no cost or bandwidth reference value is configured for an interface, OSPF computes the interface cost based on the interface bandwidth and default bandwidth reference value.
To configure an OSPF cost for an interface:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter interface view. |
interface interface-type interface-number |
N/A |
|
3. Configure an OSPF cost for the interface. |
ospf cost value |
By default, the OSPF cost is calculated according to the interface bandwidth. For a loopback interface, the OSPF cost is 0 by default. |
To configure a bandwidth reference value:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter OSPF view. |
ospf [ process-id | router-id router-id | vpn-instance vpn-instance-name ] * |
N/A |
|
3. Configure a bandwidth reference value. |
bandwidth-reference value |
The default setting is 100 Mbps. |
Configuring the maximum number of ECMP routes
Perform this task to implement load sharing over ECMP routes.
To configure the maximum number of ECMP routes:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter OSPF view. |
ospf [ process-id | router-id router-id | vpn-instance vpn-instance-name ] * |
N/A |
|
3. Configure the maximum number of ECMP routes. |
maximum load-balancing maximum |
By default, the maximum number of ECMP routes is 128. |
Configuring OSPF preference
A router can run multiple routing protocols, and each protocol is assigned a preference. If multiple routes are available to the same destination, the one with the highest protocol preference is selected as the best route.
To configure OSPF preference:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter OSPF view. |
ospf [ process-id | router-id router-id | vpn-instance vpn-instance-name ] * |
N/A |
|
3. Configure a preference for OSPF. |
preference [ ase ] [ route-policy route-policy-name ] value |
By default, the preference of OSPF internal routes is 10 and the preference of OSPF external routes is 150. |
Configuring OSPF route redistribution
On a router running OSPF and other routing protocols, you can configure OSPF to redistribute routes from other protocols, such as RIP, IS-IS, BGP, static, and direct, and advertise them in Type-5 LSAs or Type-7 LSAs. In addition, you can configure OSPF to filter redistributed routes so that OSPF advertises only permitted routes.
|
|
IMPORTANT: The import-route bgp command redistributes only EBGP routes. Because the import-route bgp allow-ibgp command redistributes both EBGP and IBGP routes, and might cause routing loops, use it with caution. |
Configuring OSPF to redistribute routes from another routing protocol
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter OSPF view. |
ospf [ process-id | router-id router-id | vpn-instance vpn-instance-name ] * |
N/A |
|
3. Configure OSPF to redistribute routes from another routing protocol. |
import-route protocol [ process-id | all-processes | allow-ibgp ] [ cost cost | nssa-only | route-policy route-policy-name | tag tag | type type ] * |
By default, no route redistribution is configured. This command redistributes only active routes. To view information about active routes, use the display ip routing-table protocol command. |
|
4. (Optional.) Configure OSPF to filter redistributed routes. |
filter-policy { acl-number | prefix-list prefix-list-name } export [ protocol [ process-id ] ] |
By default, OSPF accepts all redistributed routes. |
Configuring OSPF to redistribute a default route
The import-route command cannot redistribute a default external route. Perform this task to redistribute a default route.
To redistribute a default route:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter OSPF view. |
ospf [ process-id | router-id router-id | vpn-instance vpn-instance-name ] * |
N/A |
|
3. Redistribute a default route. |
default-route-advertise [ [ [ always | permit-calculate-other ] | cost cost | route-policy route-policy-name | type type ] * |
By default, no default route is redistributed. |
Configuring default parameters for redistributed routes
Perform this task to configure default parameters for redistributed routes, including cost, tag, and type. Tags indicate information about protocols. For example, when redistributing BGP routes, OSPF uses tags to identify AS IDs.
To configure the default parameters for redistributed routes:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter OSPF view. |
ospf [ process-id | router-id router-id | vpn-instance vpn-instance-name ] * |
N/A |
|
3. Configure the default parameters for redistributed routes (cost, upper limit, tag, and type). |
default { cost cost | tag tag | type type } * |
By default, the cost is 1, the tag is 1, and the type is Type-2. |
Advertising a host route
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter OSPF view. |
ospf [ process-id | router-id router-id | vpn-instance vpn-instance-name ] * |
N/A |
|
3. Enter area view. |
area area-id |
N/A |
|
4. Advertise a host route. |
host-advertise ip-address cost |
By default, no host route is advertised. |
Tuning and optimizing OSPF networks
You can use one of the following methods to optimize an OSPF network:
· Change OSPF packet timers to adjust the convergence speed and network load. On low-speed links, consider the delay time for sending LSAs.
· Change the SPF calculation interval to reduce resource consumption caused by frequent network changes.
· Configure OSPF authentication to improve security.
Configuration prerequisites
Before you configure OSPF network optimization, perform the following tasks:
· Configure IP addresses for interfaces to ensure IP connectivity between neighboring nodes.
· Enable OSPF.
Configuring OSPF timers
An OSPF interface includes the following timers:
· Hello timer—Interval for sending hello packets. It must be identical on OSPF neighbors.
· Poll timer—Interval for sending hello packets to a neighbor that is down on the NBMA network.
· Dead timer—Interval within which if the interface receives no hello packet from the neighbor, it declares the neighbor is down.
· LSA retransmission timer—Interval within which if the interface receives no acknowledgement packets after sending a LSA to the neighbor, it retransmits the LSA.
To configure OSPF timers:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter interface view. |
interface interface-type interface-number |
N/A |
|
3. Specify the hello interval. |
ospf timer hello seconds |
By default: · The hello interval on P2P and broadcast interfaces is 10 seconds. The hello interval on P2MP and NBMA interfaces is 30 seconds.
The default hello interval is restored when the network type for an interface is changed. |
|
4. Specify the poll interval. |
ospf timer poll seconds |
The default setting is 120 seconds. The poll interval is at least four times the hello interval. |
|
5. Specify the dead interval. |
ospf timer dead seconds |
By default: · The dead interval on P2P and broadcast interfaces is 40 seconds. · The dead interval on P2MP and NBMA interfaces is 120 seconds. The dead interval must be at least four times the hello interval on an interface. The default dead interval is restored when the network type for an interface is changed. |
|
6. Specify the retransmission interval. |
ospf timer retransmit interval |
The default setting is 5 seconds. A retransmission interval setting that is too small can cause unnecessary LSA retransmissions. This interval is typically set bigger than the round-trip time of a packet between two neighbors. |
Specifying LSA transmission delay
To avoid LSAs from aging out during transmission, set an LSA retransmission delay especially for low speed links.
To specify the LSA transmission delay on an interface:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter interface view. |
interface interface-type interface-number |
N/A |
|
3. Specify the LSA transmission delay. |
ospf trans-delay seconds |
The default setting is 1 second. |
Specifying SPF calculation interval
LSDB changes result in SPF calculations. When the topology changes frequently, a large amount of network and router resources are occupied by SPF calculation. You can adjust the SPF calculation interval to reduce the impact.
When network changes are not frequent, the minimum-interval is adopted. If network changes become frequent, the SPF calculation interval is incremented by incremental-interval × 2n-2 (n is the number of calculation times) each time a calculation occurs until the maximum-interval is reached.
To configure the SPF calculation interval:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter OSPF view. |
ospf [ process-id | router-id router-id | vpn-instance vpn-instance-name ] * |
N/A |
|
3. Specify the SPF calculation interval. |
spf-schedule-interval maximum-interval [ minimum-interval [ incremental-interval ] ] |
By default: · The maximum interval is 5 seconds. · The minimum interval is 50 milliseconds. · The incremental interval is 200 milliseconds. |
Specifying the LSA arrival interval
If OSPF receives an LSA that has the same LSA type, LS ID, and router ID as the previously received LSA within the LSA arrival interval, OSPF discards the LSA to save bandwidth and route resources.
To configure the LSA arrival interval:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter OSPF view. |
ospf [ process-id | router-id router-id | vpn-instance vpn-instance-name ] * |
N/A |
|
3. Configure the LSA arrival interval. |
lsa-arrival-interval interval |
The default setting is 1000 milliseconds. Make sure this interval is smaller than or equal to the interval set with the lsa-generation-interval command. |
Specifying the LSA generation interval
Adjust the LSA generation interval to protect network resources and routers from being overwhelmed by LSAs at the time of frequent network changes.
When network changes are not frequent, LSAs are generated at the minimum-interval. If network changes become frequent, the LSA generation interval is incremented by incremental-interval × 2n-2 (n is the number of generation times) each time a LSA generation occurs until the maximum-interval is reached.
To configure the LSA generation interval:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter OSPF view. |
ospf [ process-id | router-id router-id | vpn-instance vpn-instance-name ] * |
N/A |
|
3. Configure the LSA generation interval. |
lsa-generation-interval maximum-interval [ minimum-interval [ incremental-interval ] ] |
By default: · The maximum interval is 5 seconds. · The minimum interval is 50 milliseconds. · The incremental interval is 200 milliseconds. |
Disabling interfaces from receiving and sending OSPF packets
To enhance OSPF adaptability and reduce resource consumption, you can set an OSPF interface to "silent." A silent OSPF interface blocks OSPF packets and cannot establish any OSPF neighbor relationship. However, other interfaces on the router can still advertise direct routes of the interface in Router LSAs.
To disable interfaces from receiving and sending routing information:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter OSPF view. |
ospf [ process-id | router-id router-id | vpn-instance vpn-instance-name ] * |
N/A |
|
3. Disable interfaces from receiving and sending OSPF packets. |
silent-interface { interface-type interface-number | all } |
By default, an OSPF interface can receive and send OSPF packets. The silent-interface command disables only the interfaces associated with the current process rather than other processes. Multiple OSPF processes can disable the same interface from receiving and sending OSPF packets. |
Configuring stub routers
A stub router is used for traffic control. It reports its status as a stub router to neighboring OSPF routers. The neighboring routers do not use the stub router to forward data although they have a route to it.
Router LSAs from the stub router might contain different link type values. A value of 3 means a link to a stub network, and the cost of the link will not be changed by default. To set the cost of the link to 65535, specify the include-stub keyword in the stub-router command. A value of 1, 2 or 4 means a point-to-point link, a link to a transit network, or a virtual link. On such links, a maximum cost value of 65535 is used. Neighbors do not send packets to the stub router as long as they have a route with a smaller cost.
To configure a router as a stub router:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter OSPF view. |
ospf [ process-id | router-id router-id | vpn-instance vpn-instance-name ] * |
N/A |
|
3. Configure the router as a stub router. |
stub-router [ external-lsa [ max-metric-value ] | include-stub | on-startup { seconds | wait-for-bgp [ seconds ] } | summary-lsa [ max-metric-value ] ] * |
By default, the router is not configured as a stub router. A stub router has no associations with a stub area. |
Configuring OSPF authentication
Perform this task to configure OSPF area and interface authentication.
OSPF adds the configured password into sent packets, and uses the password to authenticate received packets. Only packets that pass the authentication can be received. If a packet fails the authentication, the OSPF neighbor relationship cannot be established.
If you configure OSPF authentication for both an area and an interface in that area, the interface uses the OSPF authentication configured on it.
Configuring OSPF area authentication
You must configure the same authentication mode and password on all the routers in an area.
To configure OSPF area authentication:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter OSPF view. |
ospf [ process-id | router-id router-id | vpn-instance vpn-instance-name ] * |
N/A |
|
3. Enter area view. |
area area-id |
N/A |
|
4. Configure area authentication mode. |
·
Configure MD5 authentication: ·
Configure simple authentication: |
Use either method. By default, no authentication is configured. |
Configuring OSPF interface authentication
You must configure the same authentication mode and password on both the local interface and its peer interface.
To configure OSPF interface authentication:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter interface view. |
interface interface-type interface-number |
N/A |
|
3. Configure interface authentication mode. |
·
Configure simple authentication: ·
Configure MD5 authentication: |
Use either method. By default, no authentication is configured. |
Adding the interface MTU into DD packets
By default, an OSPF interface adds a value of 0 into the interface MTU field of a DD packet rather than the actual interface MTU. You can enable an interface to add its MTU into DD packets.
To add the interface MTU into DD packets:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter interface view. |
interface interface-type interface-number |
N/A |
|
3. Enable the interface to add its MTU into DD packets. |
ospf mtu-enable |
By default, the interface adds an MTU value of 0 into DD packets. |
Configuring a DSCP value for OSPF packets
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter OSPF view. |
ospf [ process-id | router-id router-id | vpn-instance vpn-instance-name ] * |
N/A |
|
3. Configure a DSCP value for OSPF packets. |
dscp dscp-value |
By default, the DSCP value for OSPF packets is 48. |
Configuring the maximum number of external LSAs in LSDB
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter OSPF view. |
ospf [ process-id | router-id router-id | vpn-instance vpn-instance-name ] * |
N/A |
|
3. Specify the maximum number of external LSAs in the LSDB. |
lsdb-overflow-limit number |
By default, the maximum number of external LSAs in the LSDB is not limited. |
Configuring OSPF exit overflow interval
When the number of LSAs in the LSDB exceeds the upper limit, the LSDB is in an overflow state. To save resources, OSPF does not receive any external LSAs and deletes the external LSAs generated by itself when in this state.
Perform this task to configure the interval that OSPF exits overflow state.
To configure the OSPF exit overflow interval:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter OSPF view. |
ospf [ process-id | router-id router-id | vpn-instance vpn-instance-name ] * |
N/A |
|
3. Configure the OSPF exit overflow interval. |
lsdb-overflow-interval interval |
The default setting is 300 seconds. The value of 0 indicates that OSPF does not exit overflow state. |
Enabling compatibility with RFC 1583
RFC 1583 specifies a different method than RFC 2328 for selecting the optimal route to a destination in another AS. When multiple routes are available to the ASBR, OSPF selects the optimal route by using the following procedure:
1. Selects the route with the highest preference:
? If RFC 2328 is compatible with RFC 1583, all these routes have equal preference.
? If RFC 2328 is not compatible with RFC 1583, the intra-area route in a non-backbone area is preferred to reduce the burden of the backbone area. The inter-area route and intra-area route in the backbone area have equal preference.
2. Selects the route with lower cost if two routes have equal preference.
3. Selects the route with larger originating area ID if two routes have equal cost.
To avoid routing loops, set identical RFC 1583-compatibility on all routers in a routing domain.
To enable compatibility with RFC 1583:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter OSPF view. |
ospf [ process-id | router-id router-id | vpn-instance vpn-instance-name ] * |
N/A |
|
3. Enable compatibility with RFC 1583. |
rfc1583 compatible |
By default, this feature is enabled. |
Logging neighbor state changes
Perform this task to enable output of neighbor state change logs to the information center. The information center processes the logs according to user-defined output rules (whether to output logs and where to output). For more information about the information center, see Network Management and Monitoring Configuration Guide.
To enable the logging of neighbor state changes:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter OSPF view. |
ospf [ process-id | router-id router-id | vpn-instance vpn-instance-name ] * |
N/A |
|
3. Enable the logging of neighbor state changes. |
log-peer-change |
By default, this feature is enabled. |
Configuring OSPF network management
This task involves the following configurations:
· Bind an OSPF process to MIB so that you can use network management software to manage the specified OSPF process.
· Enable SNMP notifications for OSPF to report important events.
· Configure the maximum number of output SNMP notifications within a specified time interval.
SNMP notifications are sent to the SNMP module, which outputs SNMP notifications according to the configured output rules. For more information about SNMP notifications, see Network Management and Monitoring Configuration Guide.
To configure OSPF network management:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Bind OSPF MIB to an OSPF process. |
ospf mib-binding process-id |
By default, OSPF MIB is bound to the process with the smallest process ID. |
|
3. Enable SNMP notifications for OSPF. |
snmp-agent trap enable ospf [ authentication-failure | bad-packet | config-error | grhelper-status-change | grrestarter-status-change | if-state-change | lsa-maxage | lsa-originate | lsdb-approaching-overflow | lsdb-overflow | neighbor-state-change | nssatranslator-status-change | retransmit | virt-authentication-failure | virt-bad-packet | virt-config-error | virt-retransmit | virtgrhelper-status-change | virtif-state-change | virtneighbor-state-change ] * |
By default, SNMP notifications for OSPF is enabled. |
|
4. Enter OSPF view. |
ospf [ process-id | router-id router-id | vpn-instance vpn-instance-name ] * |
N/A |
|
5. Configure the maximum number of output SNMP notifications within a specified time interval. |
snmp trap rate-limit interval trap-interval count trap-number |
By default, OSPF outputs up to seven SNMP notifications within 10 seconds. |
Configuring the LSU transmit rate
Sending large numbers of LSU packets affects router performance and consumes too much network bandwidth. You can configure the router to send LSU packets at a proper interval and limit the maximum number of LSU packets sent out of an OSPF interface each time.
To configure the LSU transmit rate:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter OSPF view. |
ospf [ process-id | router-id router-id | vpn-instance vpn-instance-name ] * |
N/A |
|
3. Configure the LSU transmit rate. |
transmit-pacing interval interval count count |
By default, an OSPF interface sends a maximum of three LSU packets every 20 milliseconds. |
Enabling OSPF ISPF
When the topology changes, Incremental Shortest Path First (ISPF) computes only the affected part of the SPT, instead of the entire SPT.
To enable OSPF ISPF:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter OSPF view. |
ospf [ process-id | router-id router-id | vpn-instance vpn-instance-name ] * |
N/A |
|
3. Enable OSPF ISPF. |
ispf enable |
By default, OSPF ISPF is enabled. |
Configuring prefix suppression
An OSPF interface by default advertises all its prefixes in LSAs. You can suppress interfaces from advertising all its prefixes to speed up OSPF convergence. This function also helps improve the network security by preventing IP routing toward the suppressed networks.
When prefix suppression is enabled:
· On P2P and P2MP networks, OSPF does not advertise Type-3 links in Router LSAs. Other routing information can still be advertised to ensure traffic forwarding.
· On broadcast and NBMA networks, the DR generates Network LSAs with a mask length of 32 to suppress network routes. Other routing information can still be advertised to ensure traffic forwarding. If no neighbors exist, the DR does not advertise the primary IP addresses of interfaces in Router LSAs.
|
|
IMPORTANT: As a best practice, configure prefix suppression on all OSPF routers if you want to use prefix suppression. |
Configuring prefix suppression for an OSPF process
Enabling prefix suppression for an OSPF process does not suppress the prefixes of secondary IP addresses, loopback interfaces, and passive interfaces. To suppress the prefixes of loopback interfaces and passive interfaces, enable prefix suppression on the interfaces.
To configure prefix suppression for an OSPF process:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter OSPF view. |
ospf [ process-id | router-id router-id | vpn-instance vpn-instance-name ] * |
N/A |
|
3. Enable prefix suppression for the OSPF process. |
prefix-suppression |
By default, prefix suppression is disabled for an OSPF process. |
Configuring prefix suppression on an interface
Interface prefix suppression does not suppress prefixes of secondary IP addresses.
To configure interface prefix suppression:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter interface view. |
interface interface-type interface-number |
N/A |
|
3. Enable prefix suppression on the interface. |
ospf prefix-suppression [ disable ] |
By default, prefix suppression is disabled on an interface. |
Configuring prefix prioritization
This feature enables the device to install prefixes in descending priority order: critical, high, medium, and low. The prefix priorities are assigned through routing policies. When a route is assigned multiple prefix priorities, the route uses the highest priority.
By default, the 32-bit OSPF host routes have a medium priority and other routes a low priority.
To configure prefix prioritization:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter OSPF view. |
ospf [ process-id | router-id router-id | vpn-instance vpn-instance-name ] * |
N/A |
|
3. Enable prefix prioritization. |
prefix-priority route-policy route-policy-name |
By default, prefix prioritization is disabled. |
Configuring OSPF PIC
Prefix Independent Convergence (PIC) enables the device to speed up network convergence by ignoring the number of prefixes.
When both OSPF PIC and OSPF FRR are configured, OSPF FRR takes effect.
OSPF PIC applies to only inter-area routes and external routes.
Enabling OSPF PIC
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter OSPF view. |
ospf [ process-id | router-id router-id | vpn-instance vpn-instance-name ] * |
N/A |
|
3. Enable PIC for OSPF. |
pic [ additional-path-always ] |
By default, OSPF PIC is enabled. |
Configuring BFD for OSPF PIC
By default, OSPF PIC does not use BFD to detect primary link failures. To speed up OSPF convergence, enable BFD single-hop echo detection for OSPF PIC to detect the primary link failures.
To configure BFD for OSPF PIC:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Configure the source IP address of BFD echo packets. |
bfd echo-source-ip ip-address |
By default, the source IP address of BFD echo packets is not configured. |
|
3. Enter interface view. |
interface interface-type interface-number |
N/A |
|
4. Enable BFD for OSPF PIC. |
ospf primary-path-detect bfd echo |
By default, BFD for OSPF PIC is disabled. |
Configuring the number of OSPF logs
OSPF logs include LSA aging logs, neighbor logs, and route calculation logs.
To configure the number of OSPF logs:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter OSPF view. |
ospf [ process-id | router-id router-id | vpn-instance vpn-instance-name ] * |
N/A |
|
3. Configure the number of OSPF logs. |
event-log { lsa-flush | peer | spf } size count |
By default, the number of LSA aging logs, neighbor logs, or route calculation logs is 10. |
Configuring OSPF GR
GR ensures forwarding continuity when a routing protocol restarts or an active/standby switchover occurs.
Two routers are required to complete a GR process. The following are router roles in a GR process.
· GR restarter—Graceful restarting router. It must have GR capability.
· GR helper—A neighbor of the GR restarter. It helps the GR restarter to complete the GR process.
OSPF GR has the following types:
· IETF GR—Uses Opaque LSAs to implement GR.
· Non-IETF GR—Uses link local signaling (LLS) to advertise GR capability and uses out of band synchronization to synchronize the LSDB.
A device can act as a GR restarter and GR helper at the same time.
Configuring the OSPF GR restarter
You can configure the IETF or non IETF OSPF GR restarter.
Configuring the IETF OSPF GR restarter
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enable OSPF and enter its view. |
ospf [ process-id | router-id router-id | vpn-instance vpn-instance-name ] * |
N/A |
|
3. Enable opaque LSA reception and advertisement capability. |
opaque-capability enable |
By default, opaque LSA reception and advertisement capability is enabled. |
|
4. Enable the IETF GR. |
graceful-restart ietf [ global | planned-only ] * |
By default, the IETF GR capability is disabled. |
|
5. (Optional.) Configure GR interval. |
graceful-restart interval interval-value |
The default setting is 120 seconds. |
Configuring the non-IETF OSPF GR restarter
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enable OSPF and enter its view. |
ospf [ process-id | router-id router-id | vpn-instance vpn-instance-name ] * |
N/A |
|
3. Enable the link-local signaling capability. |
enable link-local-signaling |
By default, the link-local signaling capability is disabled. |
|
4. Enable the out-of-band re-synchronization capability. |
enable out-of-band-resynchronization |
By default, the out-of-band re-synchronization capability is disabled. |
|
5. Enable non-IETF GR. |
graceful-restart [ nonstandard ] [ global | planned-only ] * |
By default, non-IETF GR capability is disabled. |
|
6. (Optional.) Configure GR interval. |
graceful-restart interval interval-value |
The default setting is 120 seconds. |
Configuring OSPF GR helper
You can configure the IETF or non IETF OSPF GR helper.
Configuring the IETF OSPF GR helper
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enable OSPF and enter its view. |
ospf [ process-id | router-id router-id | vpn-instance vpn-instance-name ] * |
N/A |
|
3. Enable opaque LSA reception and advertisement capability. |
opaque-capability enable |
By default, opaque LSA reception and advertisement capability is enabled. |
|
4. (Optional.) Enable GR helper capability. |
graceful-restart helper enable [ planned-only ] |
By default, GR helper capability is enabled. |
|
5. (Optional.) Enable strict LSA checking for the GR helper. |
graceful-restart helper strict-lsa-checking |
By default, strict LSA checking for the GR helper is disabled. |
Configuring the non-IETF OSPF GR helper
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enable OSPF and enter its view. |
ospf [ process-id | router-id router-id | vpn-instance vpn-instance-name ] * |
N/A |
|
3. Enable the link-local signaling capability. |
enable link-local-signaling |
By default, the link-local signaling capability is disabled. |
|
4. Enable the out-of-band re-synchronization capability. |
enable out-of-band-resynchronization |
By default, the out-of-band re-synchronization capability is disabled. |
|
5. (Optional.) Enable GR helper. |
graceful-restart helper enable |
By default, GR helper is enabled. |
|
6. (Optional.) Enable strict LSA checking for the GR helper. |
graceful-restart helper strict-lsa-checking |
By default, strict LSA checking for the GR helper is disabled. |
Triggering OSPF GR
OSPF GR is triggered by an active/standby switchover or when the following command is executed.
To trigger OSPF GR, perform the following command in user view:
|
Task |
Command |
|
Trigger OSPF GR. |
reset ospf [ process-id ] process graceful-restart |
Configuring BFD for OSPF
OSPF supports the following BFD detection modes:
· Bidirectional control detection—Requires BFD configuration to be made on both OSPF routers on the link.
· Single-hop echo detection—Requires BFD configuration to be made on one OSPF router on the link.
Configuring bidirectional control detection
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter interface view. |
interface interface-type interface-number |
N/A |
|
3. Enable BFD bidirectional control detection. |
ospf bfd enable |
By default, BFD bidirectional control detection is disabled. Both ends of a BFD session must be on the same network segment and in the same area. |
Configuring single-hop echo detection
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Configure the source address of echo packets. |
bfd echo-source-ip ip-address |
By default, the source address of echo packets is not configured. |
|
3. Enter interface view. |
interface interface-type interface-number |
N/A |
|
4. Enable BFD single-hop echo detection. |
ospf bfd enable echo |
By default, BFD single-hop echo detection is disabled. |
Configuring OSPF FRR
A link or router failure on a path can cause packet loss and even routing loop until OSPF completes routing convergence based on the new network topology. FRR uses BFD to detect failures and enables fast rerouting to minimize the impact of link or node failures.
Figure 21 Network diagram for OSPF FRR
As shown in Figure 21, configure FRR on Router B by using a routing policy to specify a backup next hop. When the primary link fails, OSPF directs packets to the backup next hop. At the same time, OSPF calculates the shortest path based on the new network topology, and forwards packets over the path after network convergence.
You can configure OSPF FRR to calculate a backup next hop by using the loop free alternate (LFA) algorithm, or specify a backup next hop by using a routing policy.
Configuration prerequisites
Before you configure OSPF FRR, perform the following tasks:
· Configure IP addresses for interfaces to ensure IP connectivity between neighboring nodes.
· Enable OSPF.
Configuration guidelines
· Do not use FRR and BFD at the same time. Otherwise, FRR might fail to take effect.
· Do not use the fast-reroute lfa command together with the vlink-peer command.
· When both OSPF PIC and OSPF FRR are configured, OSPF FRR takes effect.
Configuration procedure
Configuring OSPF FRR to calculate a backup next hop using the LFA algorithm
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Configure the source address of echo packets. |
bfd echo-source-ip ip-address |
By default, the source address of echo packets is not configured. |
|
3. Enter interface view. |
interface interface-type interface-number |
N/A |
|
4. Enable LFA calculation on an interface. |
ospf fast-reroute lfa-backup |
By default, the interface on which LFA calculation is enabled can be selected as a backup interface. |
|
5. Return to system view. |
quit |
N/A |
|
6. Enter OSPF view. |
ospf [ process-id | router-id router-id | vpn-instance vpn-instance-name ] * |
N/A |
|
7. Enable OSPF FRR to calculate a backup next hop by using the LFA algorithm. |
fast-reroute lfa [ abr-only ] |
By default, OSPF FRR is not configured. If abr-only is specified, the route to the ABR is selected as the backup path. |
Configuring OSPF FRR to specify a backup next hop using a routing policy
Before you configure this task, use the apply fast-reroute backup-interface command to specify a backup next hop in the routing policy to be referenced. For more information about the apply fast-reroute backup-interface command and routing policy configuration, see "Configuring routing policies."
To configure OSPF FRR to specify a backup next hop using a routing policy:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Configure the source address of echo packets. |
bfd echo-source-ip ip-address |
By default, the source address of echo packets is not configured. |
|
3. Enter OSPF view. |
ospf [ process-id | router-id router-id | vpn-instance vpn-instance-name ] * |
N/A |
|
4. Enable OSPF FRR to specify a backup next hop by using a routing policy. |
fast-reroute route-policy route-policy-name |
By default, OSPF FRR is not configured. |
Configuring BFD for OSPF FRR
By default, OSPF FRR does not use BFD to detect primary link failures. To speed up OSPF convergence, enable BFD single-hop echo detection for OSPF FRR to detect primary link failures.
To configure BFD for OSPF FRR:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Configure the source IP address of BFD echo packets. |
bfd echo-source-ip ip-address |
By default, the source IP address of BFD echo packets is not configured. |
|
3. Enter interface view. |
interface interface-type interface-number |
N/A |
|
4. Enable BFD for OSPF FRR. |
ospf primary-path-detect bfd echo |
By default, BFD for OSPF FRR is disabled. |
Displaying and maintaining OSPF
Execute display commands in any view and reset commands in user view.
|
Task |
Command |
|
Display OSPF process information (in standalone mode). |
display ospf [ process-id ] [ verbose ] [ standby slot slot-number ] |
|
Display OSPF process information (in IRF mode). |
display ospf [ process-id ] [ verbose ] [ standby chassis chassis-number slot slot-number ] |
|
Display OSPF GR information. |
display ospf [ process-id ] graceful-restart [ verbose ] |
|
Display OSPF FRR backup next hop information. |
display ospf [ process-id ] [ area area-id ] fast-reroute lfa-candidate |
|
Display OSPF LSDB information (in standalone mode). |
display ospf [ process-id ] lsdb [ area area-id | brief | [ { asbr | ase | network | nssa | opaque-area | opaque-as | opaque-link | router | summary } [ link-state-id ] ] [ originate-router advertising-router-id | self-originate ] ] [ standby slot slot-number ] |
|
Display OSPF LSDB information (in IRF mode). |
display ospf [ process-id ] lsdb [ area area-id | brief | [ { asbr | ase | network | nssa | opaque-area | opaque-as | opaque-link | router | summary } [ link-state-id ] ] [ originate-router advertising-router-id | self-originate ] ] [ standby chassis chassis-number slot slot-number ] |
|
Display OSPF next hop information. |
display ospf [ process-id ] nexthop |
|
Display OSPF neighbor information (in standalone mode). |
display ospf [ process-id ] peer [ verbose ] [ interface-type interface-number ] [ neighbor-id ] [ standby slot slot-number ] |
|
Display OSPF neighbor information (in IRF mode). |
display ospf [ process-id ] peer [ verbose ] [ interface-type interface-number ] [ neighbor-id ] [ standby chassis chassis-number slot slot-number ] |
|
Display neighbor statistics of OSPF areas (in standalone mode). |
display ospf [ process-id ] peer statistics [ standby slot slot-number ] |
|
Display neighbor statistics of OSPF areas (in IRF mode). |
display ospf [ process-id ] peer statistics [ standby chassis chassis-number slot slot-number ] |
|
Display OSPF routing table information. |
display ospf [ process-id ] routing [ ip-address { mask-length | mask } ] [ interface interface-type interface-number ] [ nexthop nexthop-address ] [ verbose ] |
|
Display OSPF topology information. |
display ospf [ process-id ] [ area area-id ] spf-tree [ verbose ] |
|
Display OSPF statistics. |
display ospf [ process-id ] statistics [ error | packet [ interface-type interface-number ] ] |
|
Display OSPF virtual link information (in standalone mode). |
display ospf [ process-id ] vlink [ standby slot slot-number ] |
|
Display OSPF virtual link information (in IRF mode). |
display ospf [ process-id ] vlink [ standby chassis chassis-number slot slot-number ] |
|
Display OSPF request queue information. |
display ospf [ process-id ] request-queue [ interface-type interface-number ] [ neighbor-id ] |
|
Display OSPF retransmission queue information. |
display ospf [ process-id ] retrans-queue [ interface-type interface-number ] [ neighbor-id ] |
|
Display OSPF ABR and ASBR information. |
display ospf [ process-id ] abr-asbr [ verbose ] |
|
Display summary route information on the OSPF ABR. |
display ospf [ process-id ] [ area area-id ] abr-summary [ ip-address { mask-length | mask } ] [ verbose ] |
|
Display OSPF interface information (in standalone mode). |
display ospf [ process-id ] interface [ interface-type interface-number | verbose ] [ standby slot slot-number ] |
|
Display OSPF interface information (in IRF mode). |
display ospf [ process-id ] interface [ interface-type interface-number | verbose ] [ standby chassis chassis-number slot slot-number ] |
|
Display OSPF log information. |
display ospf [ process-id ] event-log { lsa-flush | peer | spf } |
|
Display OSPF ASBR route summarization information. |
display ospf [ process-id ] asbr-summary [ ip-address { mask-length | mask } ] |
|
Display the global route ID. |
display router id |
|
Clear OSPF statistics. |
reset ospf [ process-id ] statistics |
|
Clear OSPF log information. |
reset ospf [ process-id ] event-log [ lsa-flush | peer | spf ] |
|
Reset an OSPF process. |
reset ospf [ process-id ] process [ graceful-restart ] |
|
Re-enable OSPF route redistribution. |
reset ospf [ process-id ] redistribution |
OSPF configuration examples
These configuration examples only cover commands for OSPF configuration.
Basic OSPF configuration example
Network requirements
· Enable OSPF on all switches, and split the AS into three areas.
· Configure Switch A and Switch B as ABRs.
Configuration procedure
1. Configure IP addresses for interfaces. (Details not shown.)
2. Enable OSPF:
# Configure Switch A.
<SwitchA> system-view
[SwitchA] router id 10.2.1.1
[SwitchA] ospf
[SwitchA-ospf-1] area 0
[SwitchA-ospf-1-area-0.0.0.0] network 10.1.1.0 0.0.0.255
[SwitchA-ospf-1-area-0.0.0.0] quit
[SwitchA-ospf-1] area 1
[SwitchA-ospf-1-area-0.0.0.1] network 10.2.1.0 0.0.0.255
[SwitchA-ospf-1-area-0.0.0.1] quit
[SwitchA-ospf-1] quit
# Configure Switch B.
<SwitchB> system-view
[SwitchB] router id 10.3.1.1
[SwitchB] ospf
[SwitchB-ospf-1] area 0
[SwitchB-ospf-1-area-0.0.0.0] network 10.1.1.0 0.0.0.255
[SwitchB-ospf-1-area-0.0.0.0] quit
[SwitchB-ospf-1] area 2
[SwitchB-ospf-1-area-0.0.0.2] network 10.3.1.0 0.0.0.255
[SwitchB-ospf-1-area-0.0.0.2] quit
[SwitchB-ospf-1] quit
# Configure Switch C.
<SwitchC> system-view
[SwitchC] router id 10.4.1.1
[SwitchC] ospf
[SwitchC-ospf-1] area 1
[SwitchC-ospf-1-area-0.0.0.1] network 10.2.1.0 0.0.0.255
[SwitchC-ospf-1-area-0.0.0.1] network 10.4.1.0 0.0.0.255
[SwitchC-ospf-1-area-0.0.0.1] quit
[SwitchC-ospf-1] quit
# Configure Switch D.
<SwitchD> system-view
[SwitchD] router id 10.5.1.1
[SwitchD] ospf
[SwitchD-ospf-1] area 2
[SwitchD-ospf-1-area-0.0.0.2] network 10.3.1.0 0.0.0.255
[SwitchD-ospf-1-area-0.0.0.2] network 10.5.1.0 0.0.0.255
[SwitchD-ospf-1-area-0.0.0.2] quit
[SwitchD-ospf-1] quit
Verifying the configuration
# Display information about neighbors on Switch A.
[SwitchA] display ospf peer verbose
OSPF Process 1 with Router ID 10.2.1.1
Neighbors
Area 0.0.0.0 interface 10.1.1.1(Vlan-interface100)'s neighbors
Router ID: 10.3.1.1 Address: 10.1.1.2 GR State: Normal
State: Full Mode: Nbr is Master Priority: 1
DR: 10.1.1.1 BDR: 10.1.1.2 MTU: 0
Options is 0x02 (-|-|-|-|-|-|E|-)
Dead timer due in 37 sec
Neighbor is up for 06:03:59
Authentication Sequence: [ 0 ]
Neighbor state change count: 5
Neighbors
Area 0.0.0.1 interface 10.2.1.1(Vlan-interface200)'s neighbors
Router ID: 10.4.1.1 Address: 10.2.1.2 GR State: Normal
State: Full Mode: Nbr is Master Priority: 1
DR: 10.2.1.1 BDR: 10.2.1.2 MTU: 0
Options is 0x02 (-|-|-|-|-|-|E|-)
Dead timer due in 32 sec
Neighbor is up for 06:03:12
Authentication Sequence: [ 0 ]
Neighbor state change count: 5
# Display OSPF routing information on Switch A.
[SwitchA] display ospf routing
OSPF Process 1 with Router ID 10.2.1.1
Routing Tables
Routing for Network
Destination Cost Type NextHop AdvRouter Area
10.2.1.0/24 1 Transit 10.2.1.1 10.2.1.1 0.0.0.1
10.3.1.0/24 2 Inter 10.1.1.2 10.3.1.1 0.0.0.0
10.4.1.0/24 2 Stub 10.2.1.2 10.4.1.1 0.0.0.1
10.5.1.0/24 3 Inter 10.1.1.2 10.3.1.1 0.0.0.0
10.1.1.0/24 1 Transit 10.1.1.1 10.2.1.1 0.0.0.0
Total Nets: 5
Intra Area: 3 Inter Area: 2 ASE: 0 NSSA: 0
# Display OSPF routing information on Switch D.
[SwitchD] display ospf routing
OSPF Process 1 with Router ID 10.5.1.1
Routing Tables
Routing for Network
Destination Cost Type NextHop AdvRouter Area
10.2.1.0/24 3 Inter 10.3.1.1 10.3.1.1 0.0.0.2
10.3.1.0/24 1 Transit 10.3.1.2 10.3.1.1 0.0.0.2
10.4.1.0/24 4 Inter 10.3.1.1 10.3.1.1 0.0.0.2
10.5.1.0/24 1 Stub 10.5.1.1 10.5.1.1 0.0.0.2
10.1.1.0/24 2 Inter 10.3.1.1 10.3.1.1 0.0.0.2
Total Nets: 5
Intra Area: 2 Inter Area: 3 ASE: 0 NSSA: 0
# On Switch D, ping the IP address 10.4.1.1 to test reachability.
[SwitchD] ping 10.4.1.1
Ping 10.4.1.1 (10.4.1.1): 56 data bytes, press CTRL_C to break
56 bytes from 10.4.1.1: icmp_seq=0 ttl=253 time=1.549 ms
56 bytes from 10.4.1.1: icmp_seq=1 ttl=253 time=1.539 ms
56 bytes from 10.4.1.1: icmp_seq=2 ttl=253 time=0.779 ms
56 bytes from 10.4.1.1: icmp_seq=3 ttl=253 time=1.702 ms
56 bytes from 10.4.1.1: icmp_seq=4 ttl=253 time=1.471 ms
--- Ping statistics for 10.4.1.1 ---
5 packet(s) transmitted, 5 packet(s) received, 0.0% packet loss
round-trip min/avg/max/std-dev = 0.779/1.408/1.702/0.323 ms
OSPF route redistribution configuration example
Network requirements
· Enable OSPF on all the switches.
· Split the AS into three areas.
· Configure Switch A and Switch B as ABRs.
· Configure Switch C as an ASBR to redistribute external routes (static routes).
Configuration procedure
1. Configure IP addresses for interfaces. (Details not shown.)
2. Enable OSPF (see "Basic OSPF configuration example").
3. Configure OSPF to redistribute routes:
# On Switch C, configure a static route destined for network 3.1.2.0/24.
<SwitchC> system-view
[SwitchC] ip route-static 3.1.2.1 24 10.4.1.2
# On Switch C, configure OSPF to redistribute static routes.
[SwitchC] ospf 1
[SwitchC-ospf-1] import-route static
Verifying the configuration
# Display the ABR/ASBR information of Switch D.
<SwitchD> display ospf abr-asbr
OSPF Process 1 with Router ID 10.5.1.1
Routing Table to ABR and ASBR
Type Destination Area Cost Nexthop RtType
Intra 10.3.1.1 0.0.0.2 10 10.3.1.1 ABR
Inter 10.4.1.1 0.0.0.2 22 10.3.1.1 ASBR
# Display the OSPF routing table on Switch D.
<SwitchD> display ospf routing
OSPF Process 1 with Router ID 10.5.1.1
Routing Tables
Routing for Network
Destination Cost Type NextHop AdvRouter Area
10.2.1.0/24 22 Inter 10.3.1.1 10.3.1.1 0.0.0.2
10.3.1.0/24 10 Transit 10.3.1.2 10.3.1.1 0.0.0.2
10.4.1.0/24 25 Inter 10.3.1.1 10.3.1.1 0.0.0.2
10.5.1.0/24 10 Stub 10.5.1.1 10.5.1.1 0.0.0.2
10.1.1.0/24 12 Inter 10.3.1.1 10.3.1.1 0.0.0.2
Routing for ASEs
Destination Cost Type Tag NextHop AdvRouter
3.1.2.0/24 1 Type2 1 10.3.1.1 10.4.1.1
Total Nets: 6
Intra Area: 2 Inter Area: 3 ASE: 1 NSSA: 0
OSPF summary route advertisement configuration example
Network requirements
· Configure OSPF on Switch A and Switch B in AS 200.
· Configure OSPF on Switch C, Switch D, and Switch E in AS 100.
· Configure an EBGP connection between Switch B and Switch C. Configure Switch B and Switch C to redistribute OSPF routes and direct routes into BGP and BGP routes into OSPF.
· Configure Switch B to advertise only summary route 10.0.0.0/8 to Switch A.
Configuration procedure
1. Configure IP addresses for interfaces. (Details not shown.)
2. Enable OSPF:
# Configure Switch A.
<SwitchA> system-view
[SwitchA] router id 11.2.1.2
[SwitchA] ospf
[SwitchA-ospf-1] area 0
[SwitchA-ospf-1-area-0.0.0.0] network 11.2.1.0 0.0.0.255
[SwitchA-ospf-1-area-0.0.0.0] quit
[SwitchA-ospf-1] quit
# Configure Switch B.
<SwitchB> system-view
[SwitchB] router id 11.2.1.1
[SwitchB] ospf
[SwitchB-ospf-1] area 0
[SwitchB-ospf-1-area-0.0.0.0] network 11.2.1.0 0.0.0.255
[SwitchB-ospf-1-area-0.0.0.0] quit
[SwitchB-ospf-1] quit
# Configure Switch C.
<SwitchC> system-view
[SwitchC] router id 11.1.1.2
[SwitchC] ospf
[SwitchC-ospf-1] area 0
[SwitchC-ospf-1-area-0.0.0.0] network 10.1.1.0 0.0.0.255
[SwitchC-ospf-1-area-0.0.0.0] network 10.2.1.0 0.0.0.255
[SwitchC-ospf-1-area-0.0.0.0] quit
[SwitchC-ospf-1] quit
# Configure Switch D.
<SwitchD> system-view
[SwitchD] router id 10.3.1.1
[SwitchD] ospf
[SwitchD-ospf-1] area 0
[SwitchD-ospf-1-area-0.0.0.0] network 10.1.1.0 0.0.0.255
[SwitchD-ospf-1-area-0.0.0.0] network 10.3.1.0 0.0.0.255
[SwitchD-ospf-1-area-0.0.0.0] quit
# Configure Switch E.
<SwitchE> system-view
[SwitchE] router id 10.4.1.1
[SwitchE] ospf
[SwitchE-ospf-1] area 0
[SwitchE-ospf-1-area-0.0.0.0] network 10.2.1.0 0.0.0.255
[SwitchE-ospf-1-area-0.0.0.0] network 10.4.1.0 0.0.0.255
[SwitchE-ospf-1-area-0.0.0.0] quit
[SwitchE-ospf-1] quit
3. Configure BGP to redistribute OSPF routes and direct routes:
# Configure Switch B.
[SwitchB] bgp 200
[SwitchB-bgp] peer 11.1.1.2 as 100
[SwitchB-bgp] address-family ipv4 unicast
[SwitchB-bgp-ipv4] import-route ospf
[SwitchB-bgp-ipv4] import-route direct
[SwitchB-bgp ipv4] quit
[SwitchB-bgp] quit
# Configure Switch C.
[SwitchC] bgp 100
[SwitchC-bgp] peer 11.1.1.1 as 200
[SwitchC-bgp] address-family ipv4 unicast
[SwitchC-bgp-ipv4] import-route ospf
[SwitchC-bgp-ipv4]import-route direct
[SwitchC-bgp-ipv4] quit
[SwitchC-bgp] quit
4. Configure Switch B and Switch C to redistribute BGP routes into OSPF:
# Configure OSPF to redistribute routes from BGP on Switch B.
[SwitchB] ospf
[SwitchB-ospf-1] import-route bgp
# Configure OSPF to redistribute routes from BGP on Switch C.
[SwitchC] ospf
[SwitchC-ospf-1] import-route bgp
# Display the OSPF routing table on Switch A.
[SwitchA] display ip routing-table
Destinations : 16 Routes : 16
Destination/Mask Proto Pre Cost NextHop Interface
0.0.0.0/32 Direct 0 0 127.0.0.1 InLoop0
10.1.1.0/24 OSPF 150 1 11.2.1.1 Vlan100
10.2.1.0/24 OSPF 150 1 11.2.1.1 Vlan100
10.3.1.0/24 OSPF 150 1 11.2.1.1 Vlan100
10.4.1.0/24 OSPF 150 1 11.2.1.1 Vlan100
11.2.1.0/24 Direct 0 0 11.2.1.2 Vlan100
11.2.1.0/32 Direct 0 0 11.2.1.2 Vlan100
11.2.1.2/32 Direct 0 0 127.0.0.1 InLoop0
11.2.1.255/32 Direct 0 0 11.2.1.2 Vlan100
127.0.0.0/8 Direct 0 0 127.0.0.1 InLoop0
127.0.0.0/32 Direct 0 0 127.0.0.1 InLoop0
127.0.0.1/32 Direct 0 0 127.0.0.1 InLoop0
127.255.255.255/32 Direct 0 0 127.0.0.1 InLoop0
224.0.0.0/4 Direct 0 0 0.0.0.0 NULL0
224.0.0.0/24 Direct 0 0 0.0.0.0 NULL0
255.255.255.255/32 Direct 0 0 127.0.0.1 InLoop0
5. Configure route summarization:
# Configure route summarization on Switch B to advertise a summary route 10.0.0.0/8.
[SwitchB-ospf-1] asbr-summary 10.0.0.0 8
# Display the IP routing table on Switch A.
[SwitchA] display ip routing-table
Destinations : 13 Routes : 13
Destination/Mask Proto Pre Cost NextHop Interface
0.0.0.0/32 Direct 0 0 127.0.0.1 InLoop0
10.0.0.0/8 OSPF 150 2 11.2.1.1 Vlan100
11.2.1.0/24 Direct 0 0 11.2.1.2 Vlan100
11.2.1.0/32 Direct 0 0 11.2.1.2 Vlan100
11.2.1.2/32 Direct 0 0 127.0.0.1 InLoop0
11.2.1.255/32 Direct 0 0 11.2.1.2 Vlan100
127.0.0.0/8 Direct 0 0 127.0.0.1 InLoop0
127.0.0.0/32 Direct 0 0 127.0.0.1 InLoop0
127.0.0.1/32 Direct 0 0 127.0.0.1 InLoop0
127.255.255.255/32 Direct 0 0 127.0.0.1 InLoop0
224.0.0.0/4 Direct 0 0 0.0.0.0 NULL0
224.0.0.0/24 Direct 0 0 0.0.0.0 NULL0
255.255.255.255/32 Direct 0 0 127.0.0.1 InLoop0
The output shows that routes 10.1.1.0/24, 10.2.1.0/24, 10.3.1.0/24 and 10.4.1.0/24 are summarized into a single route 10.0.0.0/8.
OSPF stub area configuration example
Network requirements
· Enable OSPF on all switches, and split the AS into three areas.
· Configure Switch A and Switch B as ABRs to forward routing information between areas.
· Configure Switch D as the ASBR to redistribute static routes.
· Configure Area 1 as a stub area to reduce advertised LSAs without influencing reachability.
Configuration procedure
1. Configure IP addresses for interfaces. (Details not shown.)
2. Enable OSPF (see "Basic OSPF configuration example").
3. Configure route redistribution:
# Configure Switch D to redistribute static routes.
<SwitchD> system-view
[SwitchD] ip route-static 3.1.2.1 24 10.5.1.2
[SwitchD] ospf
[SwitchD-ospf-1] import-route static
[SwitchD-ospf-1] quit
# Display ABR/ASBR information on Switch C.
<SwitchC> display ospf abr-asbr
OSPF Process 1 with Router ID 10.4.1.1
Routing Table to ABR and ASBR
Type Destination Area Cost Nexthop RtType
Intra 10.2.1.1 0.0.0.1 3 10.2.1.1 ABR
Inter 10.5.1.1 0.0.0.1 7 10.2.1.1 ASBR
# Display OSPF routing table on Switch C.
<SwitchC> display ospf routing
OSPF Process 1 with Router ID 10.4.1.1
Routing Tables
Routing for Network
Destination Cost Type NextHop AdvRouter Area
10.2.1.0/24 3 Transit 10.2.1.2 10.2.1.1 0.0.0.1
10.3.1.0/24 7 Inter 10.2.1.1 10.2.1.1 0.0.0.1
10.4.1.0/24 3 Stub 10.4.1.1 10.4.1.1 0.0.0.1
10.5.1.0/24 17 Inter 10.2.1.1 10.2.1.1 0.0.0.1
10.1.1.0/24 5 Inter 10.2.1.1 10.2.1.1 0.0.0.1
Routing for ASEs
Destination Cost Type Tag NextHop AdvRouter
3.1.2.0/24 1 Type2 1 10.2.1.1 10.5.1.1
Total Nets: 6
Intra Area: 2 Inter Area: 3 ASE: 1 NSSA: 0
Because Switch C resides in a normal OSPF area, its routing table contains an AS external route.
4. Configure Area 1 as a stub area:
# Configure Switch A.
<SwitchA> system-view
[SwitchA] ospf
[SwitchA-ospf-1] area 1
[SwitchA-ospf-1-area-0.0.0.1] stub
[SwitchA-ospf-1-area-0.0.0.1] quit
[SwitchA-ospf-1] quit
# Configure Switch C.
<SwitchC> system-view
[SwitchC] ospf
[SwitchC-ospf-1] area 1
[SwitchC-ospf-1-area-0.0.0.1] stub
[SwitchC-ospf-1-area-0.0.0.1] quit
[SwitchC-ospf-1] quit
# Display OSPF routing information on Switch C
[SwitchC] display ospf routing
OSPF Process 1 with Router ID 10.4.1.1
Routing Tables
Routing for Network
Destination Cost Type NextHop AdvRouter Area
0.0.0.0/0 4 Inter 10.2.1.1 10.2.1.1 0.0.0.1
10.2.1.0/24 3 Transit 10.2.1.2 10.2.1.1 0.0.0.1
10.3.1.0/24 7 Inter 10.2.1.1 10.2.1.1 0.0.0.1
10.4.1.0/24 3 Stub 10.4.1.1 10.4.1.1 0.0.0.1
10.5.1.0/24 17 Inter 10.2.1.1 10.2.1.1 0.0.0.1
10.1.1.0/24 5 Inter 10.2.1.1 10.2.1.1 0.0.0.1
Total Nets: 6
Intra Area: 2 Inter Area: 4 ASE: 0 NSSA: 0
After the area where Switch C resides is configured as a stub area, a default route takes the place of the AS external route.
# Configure the area as a totally stub area by filtering Type-3 LSAs out of the stub area.
[SwitchA] ospf
[SwitchA-ospf-1] area 1
[SwitchA-ospf-1-area-0.0.0.1] stub no-summary
[SwitchA-ospf-1-area-0.0.0.1] quit
# Display OSPF routing information on Switch C.
[SwitchC] display ospf routing
OSPF Process 1 with Router ID 10.4.1.1
Routing Tables
Routing for Network
Destination Cost Type NextHop AdvRouter Area
0.0.0.0/0 4 Inter 10.2.1.1 10.2.1.1 0.0.0.1
10.2.1.0/24 3 Transit 10.2.1.2 10.4.1.1 0.0.0.1
10.4.1.0/24 3 Stub 10.4.1.1 10.4.1.1 0.0.0.1
Total Nets: 3
Intra Area: 2 Inter Area: 1 ASE: 0 NSSA: 0
After this configuration, inter-area routes are removed, and only one external route (a default route) exists.
OSPF NSSA area configuration example
Network requirements
· Configure OSPF on all switches and split AS into three areas.
· Configure Switch A and Switch B as ABRs to forward routing information between areas.
· Configure Area 1 as an NSSA area and configure Switch C as an ASBR to redistribute static routes into the AS.
Configuration procedure
1. Configure IP addresses for interfaces.
2. Enable OSPF (see "Basic OSPF configuration example").
3. Configure Area 1 as an NSSA area:
# Configure Switch A.
<SwitchA> system-view
[SwitchA] ospf
[SwitchA-ospf-1] area 1
[SwitchA-ospf-1-area-0.0.0.1] nssa default-route-advertise no-summary
[SwitchA-ospf-1-area-0.0.0.1] quit
[SwitchA-ospf-1] quit
# Configure Switch C.
<SwitchC> system-view
[SwitchC] ospf
[SwitchC-ospf-1] area 1
[SwitchC-ospf-1-area-0.0.0.1] nssa
[SwitchC-ospf-1-area-0.0.0.1] quit
[SwitchC-ospf-1] quit
|
|
NOTE: · To allow Switch C in the NSSA area to reach other areas within the AS, you must provide the keyword default-route-advertise for the nssa command issued on Switch A (the ABR) so that Switch C can obtain a default route. · Configuring the nssa command with the keyword no-summary on Switch A can reduce the routing table size on NSSA Switches. On other NSSA Switches, you only need to configure the nssa command. |
# Display OSPF routing information on Switch C.
[SwitchC] display ospf routing
OSPF Process 1 with Router ID 10.4.1.1
Routing Tables
Routing for Network
Destination Cost Type NextHop AdvRouter Area
0.0.0.0/0 65536 Inter 10.2.1.1 10.2.1.1 0.0.0.1
10.2.1.0/24 65535 Transit 10.2.1.2 10.4.1.1 0.0.0.1
10.4.1.0/24 3 Stub 10.4.1.1 10.4.1.1 0.0.0.1
Total Nets: 3
Intra Area: 2 Inter Area: 1 ASE: 0 NSSA: 0
4. Configure route redistribution:
# Configure Switch C to redistribute static routes.
[SwitchC] ip route-static 3.1.3.1 24 10.4.1.2
[SwitchC] ospf
[SwitchC-ospf-1] import-route static
[SwitchC-ospf-1] quit
# Display OSPF routing information on Switch D.
<SwitchD> display ospf routing
OSPF Process 1 with Router ID 10.5.1.1
Routing Tables
Routing for Network
Destination Cost Type NextHop AdvRouter Area
10.2.1.0/24 22 Inter 10.3.1.1 10.3.1.1 0.0.0.2
10.3.1.0/24 10 Transit 10.3.1.2 10.3.1.1 0.0.0.2
10.4.1.0/24 25 Inter 10.3.1.1 10.3.1.1 0.0.0.2
10.5.1.0/24 10 Stub 10.5.1.1 10.5.1.1 0.0.0.2
10.1.1.0/24 12 Inter 10.3.1.1 10.3.1.1 0.0.0.2
Routing for ASEs
Destination Cost Type Tag NextHop AdvRouter
3.1.3.0/24 1 Type2 1 10.3.1.1 10.2.1.1
Total Nets: 6
Intra Area: 2 Inter Area: 3 ASE: 1 NSSA: 0
The output shows an external route imported from the NSSA area exists on Switch D.
OSPF DR election configuration example
Network requirements
· Enable OSPF on Switches A, B, C, and D on the same network.
· Configure Switch A as the DR, and configure Switch C as the BDR.
Configuration procedure
1. Configure IP addresses for interfaces. (Details not shown.)
2. Enable OSPF:
# Configure Switch A.
<SwitchA> system-view
[SwitchA] router id 1.1.1.1
[SwitchA] ospf
[SwitchA-ospf-1] area 0
[SwitchA-ospf-1-area-0.0.0.0] network 192.168.1.0 0.0.0.255
[SwitchA-ospf-1-area-0.0.0.0] quit
[SwitchA-ospf-1] quit
# Configure Switch B.
<SwitchB> system-view
[SwitchB] router id 2.2.2.2
[SwitchB] ospf
[SwitchB-ospf-1] area 0
[SwitchB-ospf-1-area-0.0.0.0] network 192.168.1.0 0.0.0.255
[SwitchB-ospf-1-area-0.0.0.0] quit
[SwitchB-ospf-1] quit
# Configure Switch C.
<SwitchC> system-view
[SwitchC] router id 3.3.3.3
[SwitchC] ospf
[SwitchC-ospf-1] area 0
[SwitchC-ospf-1-area-0.0.0.0] network 192.168.1.0 0.0.0.255
[SwitchC-ospf-1-area-0.0.0.0] quit
[SwitchC-ospf-1] quit
# Configure Switch D.
<SwitchD> system-view
[SwitchD] router id 4.4.4.4
[SwitchD] ospf
[SwitchD-ospf-1] area 0
[SwitchD-ospf-1-area-0.0.0.0] network 192.168.1.0 0.0.0.255
[SwitchD-ospf-1-area-0.0.0.0] quit
[SwitchD-ospf-1] return
# Display OSPF neighbor information of Switch A.
[SwitchA] display ospf peer verbose
OSPF Process 1 with Router ID 1.1.1.1
Neighbors
Area 0.0.0.0 interface 192.168.1.1(Vlan-interface1)'s neighbors
Router ID: 2.2.2.2 Address: 192.168.1.2 GR State: Normal
State: 2-Way Mode: None Priority: 1
DR: 192.168.1.4 BDR: 192.168.1.3 MTU: 0
Options is 0x02 (-|-|-|-|-|-|E|-)
Dead timer due in 38 sec
Neighbor is up for 00:01:31
Authentication Sequence: [ 0 ]
Router ID: 3.3.3.3 Address: 192.168.1.3 GR State: Normal
State: Full Mode: Nbr is Master Priority: 1
DR: 192.168.1.4 BDR: 192.168.1.3 MTU: 0
Options is 0x02 (-|-|-|-|-|-|E|-)
Dead timer due in 31 sec
Neighbor is up for 00:01:28
Authentication Sequence: [ 0 ]
Router ID: 4.4.4.4 Address: 192.168.1.4 GR State: Normal
State: Full Mode: Nbr is Master Priority: 1
DR: 192.168.1.4 BDR: 192.168.1.3 MTU: 0
Options is 0x02 (-|-|-|-|-|-|E|-)
Dead timer due in 31 sec
Neighbor is up for 00:01:28
Authentication Sequence: [ 0 ]
The output shows that Switch D is the DR and Switch C is the BDR.
3. Configure router priorities on interfaces:
# Configure Switch A.
[SwitchA] interface vlan-interface 1
[SwitchA-Vlan-interface1] ospf dr-priority 100
[SwitchA-Vlan-interface1] quit
# Configure Switch B.
[SwitchB] interface vlan-interface 1
[SwitchB-Vlan-interface1] ospf dr-priority 0
[SwitchB-Vlan-interface1] quit
# Configure Switch C.
[SwitchC] interface vlan-interface 1
[SwitchC-Vlan-interface1] ospf dr-priority 2
[SwitchC-Vlan-interface1] quit
# Display neighbor information of Switch D.
<SwitchD> display ospf peer verbose
OSPF Process 1 with Router ID 4.4.4.4
Neighbors
Area 0.0.0.0 interface 192.168.1.4(Vlan-interface1)'s neighbors
Router ID: 1.1.1.1 Address: 192.168.1.1 GR State: Normal
State: Full Mode:Nbr is Slave Priority: 100
DR: 192.168.1.4 BDR: 192.168.1.3 MTU: 0
Options is 0x02 (-|-|-|-|-|-|E|-)
Dead timer due in 31 sec
Neighbor is up for 00:11:17
Authentication Sequence: [ 0 ]
Router ID: 2.2.2.2 Address: 192.168.1.2 GR State: Normal
State: Full Mode:Nbr is Slave Priority: 0
DR: 192.168.1.4 BDR: 192.168.1.3 MTU: 0
Options is 0x02 (-|-|-|-|-|-|E|-)
Dead timer due in 35 sec
Neighbor is up for 00:11:19
Authentication Sequence: [ 0 ]
Router ID: 3.3.3.3 Address: 192.168.1.3 GR State: Normal
State: Full Mode:Nbr is Slave Priority: 2
DR: 192.168.1.4 BDR: 192.168.1.3 MTU: 0
Options is 0x02 (-|-|-|-|-|-|E|-)
Dead timer due in 33 sec
Neighbor is up for 00:11:15
Authentication Sequence: [ 0 ]
The output shows that the DR and BDR are not changed, because the priority settings do not take effect immediately.
4. Restart OSPF process:
# Restart the OSPF process of Switch D.
<SwitchD> reset ospf 1 process
Warning : Reset OSPF process? [Y/N]:y
# Display neighbor information of Switch D.
<SwitchD> display ospf peer verbose
OSPF Process 1 with Router ID 4.4.4.4
Neighbors
Area 0.0.0.0 interface 192.168.1.4(Vlan-interface1)'s neighbors
Router ID: 1.1.1.1 Address: 192.168.1.1 GR State: Normal
State: Full Mode: Nbr is Slave Priority: 100
DR: 192.168.1.1 BDR: 192.168.1.3 MTU: 0
Options is 0x02 (-|-|-|-|-|-|E|-)
Dead timer due in 39 sec
Neighbor is up for 00:01:40
Authentication Sequence: [ 0 ]
Router ID: 2.2.2.2 Address: 192.168.1.2 GR State: Normal
State: 2-Way Mode: None Priority: 0
DR: 192.168.1.1 BDR: 192.168.1.3 MTU: 0
Options is 0x02 (-|-|-|-|-|-|E|-)
Dead timer due in 35 sec
Neighbor is up for 00:01:44
Authentication Sequence: [ 0 ]
Router ID: 3.3.3.3 Address: 192.168.1.3 GR State: Normal
State: Full Mode: Nbr is Slave Priority: 2
DR: 192.168.1.1 BDR: 192.168.1.3 MTU: 0
Options is 0x02 (-|-|-|-|-|-|E|-)
Dead timer due in 39 sec
Neighbor is up for 00:01:41
Authentication Sequence: [ 0 ]
If the neighbor state is full, Switch D has established an adjacency with the neighbor. If the neighbor state is 2-way, the two switches are not the DR or the BDR, and they do not exchange LSAs.
# Display OSPF interface information.
[SwitchA] display ospf interface
OSPF Process 1 with Router ID 1.1.1.1
Interfaces
Area: 0.0.0.0
IP Address Type State Cost Pri DR BDR
192.168.1.1 Broadcast DR 1 100 192.168.1.1 192.168.1.3
[SwitchB] display ospf interface
OSPF Process 1 with Router ID 2.2.2.2
Interfaces
Area: 0.0.0.0
IP Address Type State Cost Pri DR BDR
192.168.1.2 Broadcast DROther 1 0 192.168.1.1 192.168.1.3
The interface state DROther means the interface is not the DR or BDR.
OSPF virtual link configuration example
Network requirements
Configure a virtual link between Switch B and Switch C to connect Area 2 to the backbone area. After configuration, Switch B can learn routes to Area 2.
Configuration procedure
1. Configure IP addresses for interfaces. (Details not shown.)
2. Enable OSPF:
# Configure Switch A.
<SwitchA> system-view
[SwitchA] ospf 1 router-id 1.1.1.1
[SwitchA-ospf-1] area 0
[SwitchA-ospf-1-area-0.0.0.0] network 10.1.1.0 0.0.0.255
[SwitchA-ospf-1-area-0.0.0.0] quit
# Configure Switch B.
<SwitchB> system-view
[SwitchB] ospf 1 router-id 2.2.2.2
[SwitchB-ospf-1] area 0
[SwitchB-ospf-1-area-0.0.0.0] network 10.1.1.0 0.0.0.255
[SwitchB-ospf-1-area-0.0.0.0] quit
[SwitchB-ospf-1] area 1
[SwitchB–ospf-1-area-0.0.0.1] network 10.2.1.0 0.0.0.255
[SwitchB–ospf-1-area-0.0.0.1] quit
[SwitchB-ospf-1] quit
# Configure Switch C.
<SwitchC> system-view
[SwitchC] ospf 1 router-id 3.3.3.3
[SwitchC-ospf-1] area 1
[SwitchC-ospf-1-area-0.0.0.1] network 10.2.1.0 0.0.0.255
[SwitchC-ospf-1-area-0.0.0.1] quit
[SwitchC-ospf-1] area 2
[SwitchC–ospf-1-area-0.0.0.2] network 10.3.1.0 0.0.0.255
[SwitchC–ospf-1-area-0.0.0.2] quit
[SwitchC-ospf-1] quit
# Configure Switch D.
<SwitchD> system-view
[SwitchD] ospf 1 router-id 4.4.4.4
[SwitchD-ospf-1] area 2
[SwitchD-ospf-1-area-0.0.0.2] network 10.3.1.0 0.0.0.255
[SwitchD-ospf-1-area-0.0.0.2] quit
# Display the OSPF routing table on Switch B.
[SwitchB] display ospf routing
OSPF Process 1 with Router ID 2.2.2.2
Routing Tables
Routing for Network
Destination Cost Type NextHop AdvRouter Area
10.2.1.0/24 2 Transit 10.2.1.1 3.3.3.3 0.0.0.1
10.1.1.0/24 2 Transit 10.1.1.2 2.2.2.2 0.0.0.0
Total Nets: 2
Intra Area: 2 Inter Area: 0 ASE: 0 NSSA: 0
Area 0 has no direct connection to Area 2, so the routing table of Switch B has no route to Area 2.
3. Configure a virtual link:
# Configure Switch B.
[SwitchB] ospf
[SwitchB-ospf-1] area 1
[SwitchB-ospf-1-area-0.0.0.1] vlink-peer 3.3.3.3
[SwitchB-ospf-1-area-0.0.0.1] quit
[SwitchB-ospf-1] quit
# Configure Switch C.
[SwitchC] ospf 1
[SwitchC-ospf-1] area 1
[SwitchC-ospf-1-area-0.0.0.1] vlink-peer 2.2.2.2
[SwitchC-ospf-1-area-0.0.0.1] quit
# Display the OSPF routing table on Switch B.
[SwitchB] display ospf routing
OSPF Process 1 with Router ID 2.2.2.2
Routing Tables
Routing for Network
Destination Cost Type NextHop AdvRouter Area
10.2.1.0/24 2 Transit 10.2.1.1 3.3.3.3 0.0.0.1
10.3.1.0/24 5 Inter 10.2.1.2 3.3.3.3 0.0.0.0
10.1.1.0/24 2 Transit 10.1.1.2 2.2.2.2 0.0.0.0
Total Nets: 3
Intra Area: 2 Inter Area: 1 ASE: 0 NSSA: 0
The output shows that Switch B has learned the route 10.3.1.0/24 to Area 2.
OSPF GR configuration example
Network requirements
· As shown in Figure 29, Switch A, Switch B, and Switch C that belong to the same AS and the same OSPF routing domain are GR capable.
· Switch A acts as the non-IETF GR restarter; Switch B and Switch C are the GR helpers and re-synchronize their LSDB with Switch A through OOB communication of GR.
Configuration procedure
1. Configure IP addresses for interfaces. (Details not shown.)
2. Enable OSPF:
# Configure Switch A.
SwitchA> system-view
[SwitchA] router id 1.1.1.1
[SwitchA] ospf 100
[SwitchA-ospf-100] area 0
[SwitchA-ospf-100-area-0.0.0.0] network 192.1.1.0 0.0.0.255
[SwitchA-ospf-100-area-0.0.0.0] quit
# Configure Switch B.
<SwitchB> system-view
[SwitchB] router id 2.2.2.2
[SwitchB] ospf 100
[SwitchB-ospf-100] area 0
[SwitchB-ospf-100-area-0.0.0.0] network 192.1.1.0 0.0.0.255
[SwitchB-ospf-100-area-0.0.0.0] quit
# Configure Switch C.
<SwitchC> system-view
[SwitchC] router id 3.3.3.3
[SwitchC] ospf 100
[SwitchC-ospf-100] area 0
[SwitchC-ospf-100-area-0.0.0.0] network 192.1.1.0 0.0.0.255
[SwitchC-ospf-100-area-0.0.0.0] quit
3. Configure OSPF GR:
# Configure Switch A as the non-IETF OSPF GR restarter: enable the link-local signaling capability, the out-of-band re-synchronization capability, and non-IETF GR capability for OSPF process 100.
[SwitchA-ospf-100] enable link-local-signaling
[SwitchA-ospf-100] enable out-of-band-resynchronization
[SwitchA-ospf-100] graceful-restart
[SwitchA-ospf-100] return
# Configure Switch B as the GR helper: enable the link-local signaling capability and the out-of-band re-synchronization capability for OSPF process 100.
[SwitchB-ospf-100] enable link-local-signaling
[SwitchB-ospf-100] enable out-of-band-resynchronization
# Configure Switch C as the GR helper: enable the link-local signaling capability and the out-of-band re-synchronization capability for OSPF process 100.
[SwitchC-ospf-100] enable link-local-signaling
[SwitchC-ospf-100] enable out-of-band-resynchronization
Verifying the configuration
# After the configurations on Switch A, Switch B, and Switch C are complete and the switches are running steadily, enable OSPF GR event debugging and then restart the OSPF process using GR on Switch A.
<SwitchA> debugging ospf event graceful-restart
<SwitchA> terminal monitor
<SwitchA> terminal logging level 7
<SwitchA> reset ospf 100 process graceful-restart
Reset OSPF process? [Y/N]:y
%Oct 21 15:29:28:727 2011 SwitchA OSPF/5/OSPF_NBR_CHG: -MDC=1; OSPF 100 Neighbor 192.1.1.2(Vlan-interface100) from Full to Down.
%Oct 21 15:29:28:729 2011 SwitchA OSPF/5/OSPF_NBR_CHG: -MDC=1; OSPF 100 Neighbor 192.1.1.3(Vlan-interface100) from Full to Down.
*Oct 21 15:29:28:735 2011 SwitchA OSPF/7/DEBUG: -MDC=1;
OSPF 100 nonstandard GR Started for OSPF Router
*Oct 21 15:29:28:735 2011 SwitchA OSPF/7/DEBUG: -MDC=1;
OSPF 100 created GR wait timer,timeout interval is 40(s).
*Oct 21 15:29:28:735 2011 SwitchA OSPF/7/DEBUG: -MDC=1;
OSPF 100 created GR Interval timer,timeout interval is 120(s).
*Oct 21 15:29:28:758 2011 SwitchA OSPF/7/DEBUG: -MDC=1;
OSPF 100 created OOB Progress timer for neighbor 192.1.1.3.
*Oct 21 15:29:28:766 2011 SwitchA OSPF/7/DEBUG: -MDC=1;
OSPF 100 created OOB Progress timer for neighbor 192.1.1.2.
%Oct 21 15:29:29:902 2011 SwitchA OSPF/5/OSPF_NBR_CHG: -MDC=1; OSPF 100 Neighbor 192.1.1.2(Vlan-interface100) from Loading to Full.
*Oct 21 15:29:29:902 2011 SwitchA OSPF/7/DEBUG: -MDC=1;
OSPF 100 deleted OOB Progress timer for neighbor 192.1.1.2.
%Oct 21 15:29:30:897 2011 SwitchA OSPF/5/OSPF_NBR_CHG: -MDC=1; OSPF 100 Neighbor 192.1.1.3(Vlan-interface100) from Loading to Full.
*Oct 21 15:29:30:897 2011 SwitchA OSPF/7/DEBUG: -MDC=1;
OSPF 100 deleted OOB Progress timer for neighbor 192.1.1.3.
*Oct 21 15:29:30:911 2011 SwitchA OSPF/7/DEBUG: -MDC=1;
OSPF GR: Process 100 Exit Restart,Reason : DR or BDR change,for neighbor : 192.1.1.3.
*Oct 21 15:29:30:911 2011 SwitchA OSPF/7/DEBUG: -MDC=1;
OSPF 100 deleted GR Interval timer.
*Oct 21 15:29:30:912 2011 SwitchA OSPF/7/DEBUG: -MDC=1;
OSPF 100 deleted GR wait timer.
%Oct 21 15:29:30:920 2011 SwitchA OSPF/5/OSPF_NBR_CHG: -MDC=1; OSPF 100 Neighbor 192.1.1.2(Vlan-interface100) from Full to Down.
%Oct 21 15:29:30:921 2011 SwitchA OSPF/5/OSPF_NBR_CHG: -MDC=1; OSPF 100 Neighbor 192.1.1.3(Vlan-interface100) from Full to Down.
%Oct 21 15:29:33:815 2011 SwitchA OSPF/5/OSPF_NBR_CHG: -MDC=1; OSPF 100 Neighbor 192.1.1.3(Vlan-interface100) from Loading to Full.
%Oct 21 15:29:35:578 2011 SwitchA OSPF/5/OSPF_NBR_CHG: -MDC=1; OSPF 100 Neighbor 192.1.1.2(Vlan-interface100) from Loading to Full.
The output shows that Switch A completes GR.
BFD for OSPF configuration example
Network requirements
As shown in Figure 30, run OSPF on Switch A, Switch B, and Switch C so that they are reachable to each other at the network layer. When the link over which Switch A and Switch B communicate through a Layer 2 switch fails, BFD can quickly detect the failure and notify OSPF of the failure. Switch A and Switch B then communicate through Switch C.
Table 7 Interface and IP address assignment
|
Device |
Interface |
IP address |
Device |
Interface |
IP address |
|
Switch A |
Vlan-int10 |
192.168.0.102/24 |
Switch B |
Vlan-int13 |
13.1.1.1/24 |
|
Switch A |
Vlan-int11 |
10.1.1.102/24 |
Switch C |
Vlan-int11 |
10.1.1.100/24 |
|
Switch B |
Vlan-int10 |
192.168.0.100/24 |
Switch C |
Vlan-int13 |
13.1.1.2/24 |
Configuration procedure
1. Configure IP addresses for interfaces. (Details not shown.)
2. Enable OSPF:
# Configure Switch A.
<SwitchA> system-view
[SwitchA] ospf
[SwitchA-ospf-1] area 0
[SwitchA-ospf-1-area-0.0.0.0] network 192.168.0.0 0.0.0.255
[SwitchA-ospf-1-area-0.0.0.0] network 10.1.1.0 0.0.0.255
[SwitchA-ospf-1-area-0.0.0.0] network 121.1.1.0 0.0.0.255
[SwitchA-ospf-1-area-0.0.0.0] quit
[SwitchA-ospf-1] quit
[SwitchA] interface vlan 11
[SwitchA-Vlan-interface11] ospf cost 2
[SwitchA-Vlan-interface11] quit
# Configure Switch B.
<SwitchB> system-view
[SwitchB] ospf
[SwitchB-ospf-1] area 0
[SwitchB-ospf-1-area-0.0.0.0] network 192.168.0.0 0.0.0.255
[SwitchB-ospf-1-area-0.0.0.0] network 13.1.1.0 0.0.0.255
[SwitchB-ospf-1-area-0.0.0.0] network 120.1.1.0 0.0.0.255
[SwitchB-ospf-1-area-0.0.0.0] quit
[SwitchB-ospf-1] quit
[SwitchB] interface vlan-interface 13
[SwitchB-Vlan-interface13] ospf cost 2
[SwitchA-Vlan-interface13] quit
# Configure Switch C.
<SwitchC> system-view
[SwitchC] ospf
[SwitchC-ospf-1] area 0
[SwitchC-ospf-1-area-0.0.0.0] network 10.1.1.0 0.0.0.255
[SwitchC-ospf-1-area-0.0.0.0] network 13.1.1.0 0.0.0.255
[SwitchC-ospf-1-area-0.0.0.0] quit
[SwitchC-ospf-1] quit
3. Configure BFD:
# Enable BFD on Switch A and configure BFD parameters.
[SwitchA] bfd session init-mode active
[SwitchA] interface vlan-interface 10
[SwitchA-Vlan-interface10] ospf bfd enable
[SwitchA-Vlan-interface10] bfd min-transmit-interval 500
[SwitchA-Vlan-interface10] bfd min-receive-interval 500
[SwitchA-Vlan-interface10] bfd detect-multiplier 7
[SwitchA-Vlan-interface10] quit
[SwitchA] quit
# Enable BFD on Switch B and configure BFD parameters.
[SwitchB] bfd session init-mode active
[SwitchB] interface vlan-interface 10
[SwitchB-Vlan-interface10] ospf bfd enable
[SwitchB-Vlan-interface10] bfd min-transmit-interval 500
[SwitchB-Vlan-interface10] bfd min-receive-interval 500
[SwitchB-Vlan-interface10] bfd detect-multiplier 6
Verifying the configuration
# Display the BFD information on Switch A.
<SwitchA> display bfd session
Total Session Num: 1 Up Session Num: 1 Init Mode: Active
IPv4 Session Working Under Ctrl Mode:
LD/RD SourceAddr DestAddr State Holdtime Interface
3/1 192.168.0.102 192.168.0.100 Up 1700ms Vlan10
# Display routes destined for 120.1.1.0/24 on Switch A.
<SwitchA> display ip routing-table 120.1.1.0 verbose
Summary Count : 1
Destination: 120.1.1.0/24
Protocol: OSPF Process ID: 1
SubProtID: 0x1 Age: 04h20m37s
Cost: 2 Preference: 10
Tag: 0 State: Active Adv
OrigTblID: 0x0 OrigVrf: default-vrf
TableID: 0x2 OrigAs: 0
NBRID: 0x26000002 LastAs: 0
AttrID: 0xffffffff Neighbor: 0.0.0.0
Flags: 0x1008c OrigNextHop: 192.168.0.100
Label: NULL RealNextHop: 192.168.0.100
BkLabel: NULL BkNextHop: N/A
Tunnel ID: Invalid Interface: Vlan-interface10
BkTunnel ID: Invalid BkInterface: N/A
The output shows that Switch A communicates with Switch B through VLAN-interface 10. Then the link over VLAN-interface 10 fails.
# Display routes destined for 120.1.1.0/24 on Switch A.
<SwitchA> display ip routing-table 120.1.1.0 verbose
Summary Count : 1
Destination: 120.1.1.0/24
Protocol: OSPF Process ID: 1
SubProtID: 0x1 Age: 04h20m37s
Cost: 4 Preference: 10
Tag: 0 State: Active Adv
OrigTblID: 0x0 OrigVrf: default-vrf
TableID: 0x2 OrigAs: 0
NBRID: 0x26000002 LastAs: 0
AttrID: 0xffffffff Neighbor: 0.0.0.0
Flags: 0x1008c OrigNextHop: 10.1.1.100
Label: NULL RealNextHop: 10.1.1.100
BkLabel: NULL BkNextHop: N/A
Tunnel ID: Invalid Interface: Vlan-interface11
BkTunnel ID: Invalid BkInterface: N/A
The output shows that Switch A communicates with Switch B through VLAN-interface 11.
OSPF FRR configuration example
Network requirements
As shown in Figure 31, Switch S, Switch A, and Switch D reside in the same OSPF domain. Configure OSPF FRR so that when the link between Switch S and Switch D fails, traffic is immediately switched to Link B.
Configuration procedure
1. Configure IP addresses and subnet masks for interfaces on the switches. (Details not shown.)
2. Configure OSPF on the switches to make sure Switch S, Switch A, and Switch D can communicate with each other at the network layer. (Details not shown.)
3. Configure OSPF FRR to automatically calculate the backup next hop:
You can enable OSPF FRR to either calculate a backup next hop by using the LFA algorithm, or specify a backup next hop by using a routing policy.
? (Method 1.) Enable OSPF FRR to calculate the backup next hop by using the LFA algorithm:
# Configure Switch S.
<SwitchS> system-view
[SwitchS] bfd echo-source-ip 2.2.2.2
[SwitchS] ospf 1
[SwitchS-ospf-1] fast-reroute lfa
[SwitchS-ospf-1] quit
# Configure Switch D.
<SwitchD> system-view
[SwitchD] bfd echo-source-ip 3.3.3.3
[SwitchD] ospf 1
[SwitchD-ospf-1] fast-reroute lfa
[SwitchD-ospf-1] quit
? (Method 2.) Enable OSPF FRR to designate a backup next hop by using a routing policy.
# Configure Switch S.
<SwitchS> system-view
[SwitchS] bfd echo-source-ip 2.2.2.2
[SwitchS] ip prefix-list abc index 10 permit 4.4.4.4 32
[SwitchS] route-policy frr permit node 10
[SwitchS-route-policy-frr-10] if-match ip address prefix-list abc
[SwitchS-route-policy-frr-10] apply fast-reroute backup-interface vlan-interface 100 backup-nexthop 12.12.12.2
[SwitchS-route-policy-frr-10] quit
[SwitchS] ospf 1
[SwitchS-ospf-1] fast-reroute route-policy frr
[SwitchS-ospf-1] quit
# Configure Switch D.
<SwitchD> system-view
[SwitchD] bfd echo-source-ip 3.3.3.3
[SwitchD] ip prefix-list abc index 10 permit 1.1.1.1 32
[SwitchD] route-policy frr permit node 10
[SwitchD-route-policy-frr-10] if-match ip address prefix-list abc
[SwitchD-route-policy-frr-10] apply fast-reroute backup-interface vlan-interface 101 backup-nexthop 24.24.24.2
[SwitchD-route-policy-frr-10] quit
[SwitchD] ospf 1
[SwitchD-ospf-1] fast-reroute route-policy frr
[SwitchD-ospf-1] quit
Verifying the configuration
# Display route 4.4.4.4/32 on Switch S to view the backup next hop information.
[SwitchS] display ip routing-table 4.4.4.4 verbose
Summary Count : 1
Destination: 4.4.4.4/32
Protocol: OSPF Process ID: 1
SubProtID: 0x1 Age: 04h20m37s
Cost: 1 Preference: 10
Tag: 0 State: Active Adv
OrigTblID: 0x0 OrigVrf: default-vrf
TableID: 0x2 OrigAs: 0
NBRID: 0x26000002 LastAs: 0
AttrID: 0xffffffff Neighbor: 0.0.0.0
Flags: 0x1008c OrigNextHop: 13.13.13.2
Label: NULL RealNextHop: 13.13.13.2
BkLabel: NULL BkNextHop: 12.12.12.2
Tunnel ID: Invalid Interface: Vlan-interface200
BkTunnel ID: Invalid BkInterface: Vlan-interface100
# Display route 1.1.1.1/32 on Switch D to view the backup next hop information.
[SwitchD] display ip routing-table 1.1.1.1 verbose
Summary Count : 1
Destination: 1.1.1.1/32
Protocol: OSPF Process ID: 1
SubProtID: 0x1 Age: 04h20m37s
Cost: 1 Preference: 10
Tag: 0 State: Active Adv
OrigTblID: 0x0 OrigVrf: default-vrf
TableID: 0x2 OrigAs: 0
NBRID: 0x26000002 LastAs: 0
AttrID: 0xffffffff Neighbor: 0.0.0.0
Flags: 0x1008c OrigNextHop: 13.13.13.1
Label: NULL RealNextHop: 13.13.13.1
BkLabel: NULL BkNextHop: 24.24.24.2
Tunnel ID: Invalid Interface: Vlan-interface200
BkTunnel ID: Invalid BkInterface: Vlan-interface101
Troubleshooting OSPF configuration
No OSPF neighbor relationship established
Symptom
No OSPF neighbor relationship can be established.
Analysis
If the physical link and lower layer protocols work well, verify OSPF parameters configured on interfaces. Two neighbors must have the same parameters, such as the area ID, network segment, and mask (a P2P or virtual link can have different network segments and masks).
Solution
To resolve the problem:
1. Use the display ospf peer command to verify OSPF neighbor information.
2. Use the display ospf interface command to verify OSPF interface information.
3. Ping the neighbor router's IP address to verify that the connectivity is normal.
4. Verify OSPF timers. The dead interval on an interface must be at least four times the hello interval.
5. On an NBMA network, use the peer ip-address command to manually specify the neighbor.
6. At least one interface must have a router priority higher than 0 on an NBMA or a broadcast network.
7. If the problem persists, contact H3C Support.
Incorrect routing information
Symptom
OSPF cannot find routes to other areas.
Analysis
The backbone area must maintain connectivity to all other areas. If a router connects to more than one area, at least one area must be connected to the backbone. The backbone cannot be configured as a stub area.
In a stub area, all routers cannot receive external routes, and all interfaces connected to the stub area must belong to the stub area.
Solution
To resolve the problem:
1. Use the display ospf peer command to verify neighbor information.
2. Use the display ospf interface command to verify OSPF interface information.
3. Use the display ospf lsdb command to verify the LSDB.
4. Use the display current-configuration configuration ospf command to verify area configuration. If more than two areas are configured, at least one area is connected to the backbone.
5. In a stub area, all routers attached are configured with the stub command. In an NSSA area, all routers attached are configured with the nssa command.
6. If a virtual link is configured, use the display ospf vlink command to verify the state of the virtual link.
7. If the problem persists, contact H3C Support.
Configuring IS-IS
This chapter describes how to configure IS-IS for IPv4 networks.
Overview
Intermediate System-to-Intermediate System (IS-IS) is a dynamic routing protocol designed by the ISO to operate on the connectionless network protocol (CLNP).
IS-IS was modified and extended in RFC 1195 by the IETF for application in both TCP/IP and OSI reference models, called "Integrated IS-IS" or "Dual IS-IS."
IS-IS is an IGP used within an AS. It uses the SPF algorithm for route calculation.
Terminology
· Intermediate system—Similar to a router in TCP/IP, IS is the basic unit used in an IS-IS routing domain to generate and propagate routing information. Throughout this chapter, an IS refers to a router.
· End system—Similar to a host in TCP/IP, an ES does not run IS-IS. ISO defines the ES-IS protocol for communication between an ES and an IS.
· Routing domain—An RD comprises a group of ISs that exchange routing information with each other by using the same routing protocol.
· Area—An IS-IS routing domain can be split into multiple areas.
· Link State Database—All link states in the network form the LSDB. Each IS has at least one LSDB. An IS uses the SPF algorithm and LSDB to generate IS-IS routes.
· Link State Protocol Data Unit or Link State Packet —An IS advertises link state information in an LSP.
· Network Protocol Data Unit—An NPDU is a network layer protocol packet in OSI, similar to an IP packet in TCP/IP.
· Designated IS—A DIS is elected on a broadcast network.
· Network service access point—An NSAP is an OSI network layer address. The NSAP identifies an abstract network service access point and describes the network address format in the OSI reference model.
IS-IS address format
NSAP
As shown in Figure 32, an NSAP address comprises the Initial Domain Part (IDP) and the Domain Specific Part (DSP). The IDP is analogous to the network ID of an IP address, and the DSP is analogous to the subnet and host ID.
The IDP includes the Authority and Format Identifier (AFI) and the Initial Domain Identifier (IDI).
The DSP includes:
· High Order Part of DSP (HO-DSP)—Identifies the area.
· System ID—Identifies the host.
· SEL—Identifies the type of service.
The IDP and DSP are variable in length. The length of an NSAP address ranges from 8 bytes to 20 bytes.
Figure 32 NSAP address format
Area address
The area address comprises the IDP and the HO-DSP of the DSP, which identify the area and the routing domain. Different routing domains cannot have the same area address.
Typically, a router only needs one area address, and all nodes in the same area must have the same area address. To support smooth area merging, partitioning, and switching, a router can have a maximum of three area addresses.
System ID
A system ID uniquely identifies a host or router. It has a fixed length of 48 bits (6 bytes).
The system ID of a device can be generated from the router ID. For example, suppose a router uses the IP address 168.10.1.1 of Loopback 0 as the router ID. The system ID can be obtained in the following steps:
1. Extend each decimal number of the IP address to three digits by adding 0s from the left, such as 168.010.001.001.
2. Divide the extended IP address into three sections that each has four digits to get the system ID 1680.1000.1001.
If you use other methods to define a system ID, make sure that it can uniquely identify the host or router.
SEL
The N-SEL, or the NSAP selector (SEL), is similar to the protocol identifier in IP. Different transport layer protocols correspond to different SELs. All SELs in IP are 00.
Routing method
The IS-IS address format identifies the area, so a Level-1 router can easily identify packets destined to other areas. IS-IS routers perform routing as follows:
· A Level-1 router performs intra-area routing according to the system ID. If the destination address of a packet does not belong to the local area, the Level-1 router forwards it to the nearest Level-1-2 router.
· A Level-2 router performs inter-area routing according to the area address.
NET
A network entity title (NET) identifies the network layer information of an IS. It does not include transport layer information. A NET is a special NSAP address with the SEL being 0. The length of a NET ranges from 8 bytes to 20 bytes, same as a NSAP address.
A NET includes the following parts:
· Area ID—Has a length of 1 to 13 bytes.
· System ID—A system ID uniquely identifies a host or router in the area and has a fixed length of 6 bytes.
· SEL—Has a value of 0 and a fixed length of 1 byte.
For example, for a NET ab.cdef.1234.5678.9abc.00, the area ID is ab.cdef, the system ID is 1234.5678.9abc, and the SEL is 00.
Typically, a router only needs one NET, but it can have a maximum of three NETs for smooth area merging and partitioning. When you configure multiple NETs, make sure the system IDs are the same.
IS-IS area
IS-IS has a 2-level hierarchy to support large-scale networks. A large-scale routing domain is divided into multiple areas. Typically, a Level-1 router is deployed within an area, a Level-2 router is deployed between areas, and a Level-1-2 router is deployed between Level-1 and Level-2 routers.
Level-1 and Level-2
· Level-1 router—A Level-1 router establishes neighbor relationships with Level-1 and Level-1-2 routers in the same area. It maintains an LSDB comprising intra-area routing information. A Level-1 router forwards packets destined for external areas to the nearest Level-1-2 router. Level-1 routers in different areas cannot establish neighbor relationships.
· Level-2 router—A Level-2 router establishes neighbor relationships with Level-2 and Level-1-2 routers in the same area or in different areas. It maintains a Level-2 LSDB containing inter-area routing information. All the Level-2 and Level-1-2 routers must be contiguous to form the backbone of the IS-IS routing domain. Level-2 routers can establish neighbor relationships even if they are in different areas.
· Level-1-2 router—A router with both Level-1 and Level-2 router functions is a Level-1-2 router. It can establish Level-1 neighbor relationships with Level-1 and Level-1-2 routers in the same area, and establish Level-2 neighbor relationships with Level-2 and Level-1-2 routers in different areas. A Level-1 router can reach other areas only through a Level-1-2 router. The Level-1-2 router maintains two LSDBs, a Level-1 LSDB for intra-area routing and a Level-2 LSDB for inter-area routing.
Figure 33 shows one IS-IS network topology. Area 1 is the backbone that comprises a set of Level-2 routers. The other four areas are non-backbone areas connected to the backbone through Level-1-2 routers.
Figure 34 shows another IS-IS topology. The Level-1-2 routers connect to the Level-1 and Level-2 routers, and form the IS-IS backbone together with the Level-2 routers. No area is defined as the backbone in this topology. The backbone comprises all contiguous Level-2 and Level-1-2 routers in different areas. The IS-IS backbone does not need to be a specific area.
Both the Level-1 and Level-2 routers use the SPF algorithm to generate the shortest path tree.
Route leaking
Level-2 and Level-1-2 routers form a Level-2 area. An IS-IS routing domain comprises only one Level-2 area and multiple Level-1 areas. A Level-1 area must connect to the Level-2 area rather than other Level-1 area.
The routing information of each Level-1 area is sent to the Level-2 area through a Level-1-2 router, so a Level-2 router knows the routing information of the entire IS-IS routing domain. By default, a Level-2 router does not advertise the routing information of other Level-1 areas and the Level-2 area to a Level-1 area, so a Level-1 router simply sends packets destined for other areas to the nearest Level-1-2 router. The path passing through the Level-1-2 router might not be the best. To solve this problem, IS-IS provides the route leaking feature.
Route leaking enables a Level-1-2 router to advertise the routes of other Level-1 areas and the Level-2 area to the connected Level-1 area so that the Level-1 routers can select the optimal routes for packets.
IS-IS network types
Network types
IS-IS supports the broadcast network (for example, Ethernet and Token Ring) and the point-to-point network (for example, PPP and HDLC).
For an NBMA interface, such as an ATM interface, you must configure point-to-point or broadcast subinterfaces. IS-IS cannot run on P2MP links.
DIS and pseudonodes
IS-IS routers on a broadcast network must elect a DIS.
The Level-1 and Level-2 DISs are elected separately. You can assign different priorities to a router for different level DIS elections. The higher the router priority, the more likely the router becomes the DIS. If multiple routers with the same highest DIS priority exist, the one with the highest SNPA (Subnetwork Point of Attachment) address (MAC address on a broadcast network) will be elected. A router can be the DIS for different levels.
IS-IS DIS election differs from OSPF DIS election in the following ways:
· A router with priority 0 can also participate in the DIS election.
· When a router with a higher priority is added to the network, an LSP flooding process is performed to elect the router as the new DIS.
As shown in Figure 35, the same level routers on a network, including non-DIS routers, establish adjacency with each other.
Figure 35 DIS in the IS-IS broadcast network
The DIS creates and updates pseudonodes, and generates LSPs for the pseudonodes, to describe all routers on the network.
A pseudonode represents a virtual node on the broadcast network. It is not a real router. In IS-IS, it is identified by the system ID of the DIS and a 1-byte Circuit ID (a non-zero value).
Using pseudonodes simplifies network topology and can reduce the amount of resources consumed by SPF.
|
|
NOTE: On an IS-IS broadcast network, all routers establish adjacency relationships, but they synchronize their LSDBs through the DIS. |
IS-IS PDUs
PDU
IS-IS PDUs are encapsulated into link layer frames. An IS-IS PDU has two parts, the headers and the variable length fields. The headers comprise the PDU common header and the PDU specific header. All PDUs have the same PDU common header. The specific headers vary by PDU type.
Figure 36 PDU format
Table 8 PDU types
|
Type |
PDU Type |
Acronym |
|
15 |
Level-1 LAN IS-IS hello PDU |
L1 LAN IIH |
|
16 |
Level-2 LAN IS-IS hello PDU |
L2 LAN IIH |
|
17 |
Point-to-Point IS-IS hello PDU |
P2P IIH |
|
18 |
Level-1 Link State PDU |
L1 LSP |
|
20 |
Level-2 Link State PDU |
L2 LSP |
|
24 |
Level-1 Complete Sequence Numbers PDU |
L1 CSNP |
|
25 |
Level-2 Complete Sequence Numbers PDU |
L2 CSNP |
|
26 |
Level-1 Partial Sequence Numbers PDU |
L1 PSNP |
|
27 |
Level-2 Partial Sequence Numbers PDU |
L2 PSNP |
Hello PDU
IS-to-IS hello (IIH) PDUs are used by routers to establish and maintain neighbor relationships. On broadcast networks, Level-1 routers use Level-1 LAN IIHs, and Level-2 routers use Level-2 LAN IIHs. The P2P IIHs are used on point-to-point networks.
LSP
The LSPs carry link state information. LSPs include Level-1 LSPs and Level-2 LSPs. The Level-2 LSPs are sent by the Level-2 routers, and the Level-1 LSPs are sent by the Level-1 routers. The Level-1-2 router can send both types of LSPs.
SNP
A sequence number PDU (SNP) describes the complete or partial LSPs for LSDB synchronization.
SNPs include CSNP and PSNP, which are further divided into Level-1 CSNP, Level-2 CSNP, Level-1 PSNP, and Level-2 PSNP.
A CSNP describes the summary of all LSPs for LSDB synchronization between neighboring routers. On broadcast networks, CSNPs are sent by the DIS periodically (every 10 seconds by default). On point-to-point networks, CSNPs are sent only during the first adjacency establishment.
A PSNP only contains the sequence numbers of one or multiple latest received LSPs. It can acknowledge multiple LSPs at one time. When LSDBs are not synchronized, a PSNP is used to request missing LSPs from a neighbor.
CLV
The variable fields of PDU comprise multiple Code-Length-Value (CLV) triplets.
Figure 37 CLV format
Table 9 shows that different PDUs contain different CLVs. Codes 1 through 10 are defined in ISO 10589 (code 3 and 5 are not shown in the table), and others are defined in RFC 1195.
Table 9 CLV codes and PDU types
|
CLV Code |
Name |
PDU Type |
|
1 |
Area Addresses |
IIH, LSP |
|
2 |
IS Neighbors (LSP) |
LSP |
|
4 |
Partition Designated Level 2 IS |
L2 LSP |
|
6 |
IS Neighbors (MAC Address) |
LAN IIH |
|
7 |
IS Neighbors (SNPA Address) |
LAN IIH |
|
8 |
Padding |
IIH |
|
9 |
LSP Entries |
SNP |
|
10 |
Authentication Information |
IIH, LSP, SNP |
|
128 |
IP Internal Reachability Information |
LSP |
|
129 |
Protocols Supported |
IIH, LSP |
|
130 |
IP External Reachability Information |
L2 LSP |
|
131 |
Inter-Domain Routing Protocol Information |
L2 LSP |
|
132 |
IP Interface Address |
IIH, LSP |
Protocols and standards
· ISO 10589 ISO IS-IS Routing Protocol
· ISO 9542 ES-IS Routing Protocol
· ISO 8348/Ad2 Network Services Access Points
· RFC 1195, Use of OSI IS-IS for Routing in TCP/IP and Dual Environments
· RFC 2763, Dynamic Hostname Exchange Mechanism for IS-IS
· RFC 2966, Domain-wide Prefix Distribution with Two-Level IS-IS
· RFC 2973, IS-IS Mesh Groups
· RFC 3277, IS-IS Transient Blackhole Avoidance
· RFC 3358, Optional Checksums in ISIS
· RFC 3373, Three-Way Handshake for IS-IS Point-to-Point Adjacencies
· RFC 3567, Intermediate System to Intermediate System (IS-IS) Cryptographic Authentication
· RFC 3719, Recommendations for Interoperable Networks using IS-IS
· RFC 3786, Extending the Number of IS-IS LSP Fragments Beyond the 256 Limit
· RFC 3787, Recommendations for Interoperable IP Networks using IS-IS
· RFC 3847, Restart Signaling for IS-IS
· RFC 4444, Management Information Base for Intermediate System to Intermediate System (IS-IS)
IS-IS configuration task list
Configuring basic IS-IS
Configuration prerequisites
Before the configuration, complete the following tasks:
· Configure the link layer protocol.
· Configure IP addresses for interfaces to ensure IP connectivity between neighboring nodes.
Enabling IS-IS
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Create an IS-IS process and enter its view. |
isis [ process-id ] [ vpn-instance vpn-instance-name ] |
By default, the IS-IS process is disabled. |
|
3. Assign a NET. |
network-entity net |
By default, NET is not assigned. |
|
4. Return to system view. |
quit |
N/A |
|
5. Enter interface view. |
interface interface-type interface-number |
N/A |
|
6. Enable an IS-IS process on the interface. |
isis enable [ process-id ] |
By default, no IS-IS process is enabled. |
Configuring the IS level and circuit level
Follow these guidelines when you configure the IS level for routers in only one area:
· Configure the IS level of all routers as Level-1 or Level-2 rather than different levels because the routers do not need to maintain two identical LSDBs.
· Configure the IS level as Level-2 on all routers in an IP network for good scalability.
For an interface of a Level-1 (or Level-2) router, the circuit level can only be Level-1 (or Level-2). For an interface of a Level-1-2 router, the default circuit level is Level-1-2; if the router only needs to form Level-1 (or Level-2) neighbor relationships, configure the circuit level for its interfaces as Level-1 (or Level-2) to limit neighbor relationship establishment.
To configure the IS level and circuit level:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter IS-IS view. |
isis [ process-id ] [ vpn-instance vpn-instance-name ] |
N/A |
|
3. Specify the IS level. |
is-level { level-1 | level-1-2 | level-2 } |
By default, the IS level is Level-1-2. |
|
4. Return to system view. |
quit |
N/A |
|
5. Enter interface view. |
interface interface-type interface-number |
N/A |
|
6. Specify the circuit level. |
isis circuit-level [ level-1 | level-1-2 | level-2 ] |
By default, an interface can establish either the Level-1 or Level-2 adjacency. |
Configuring P2P network type for an interface
Perform this task only for a broadcast network that has up to two attached routers.
Interfaces with different network types operate differently. For example, broadcast interfaces on a network must elect the DIS and flood CSNP packets to synchronize the LSDBs, but P2P interfaces on a network do not need to elect the DIS, and have a different LSDB synchronization mechanism.
If only two routers exist on a broadcast network, configure the network type of attached interfaces as P2P to avoid DIS election and CSNP flooding, saving network bandwidth and speeding up network convergence.
To configure P2P network type for an interface:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter interface view. |
interface interface-type interface-number |
N/A |
|
3. Configure P2P network type for an interface. |
isis circuit-type p2p |
By default, the network type of an interface depends on the physical media. The network type of a VLAN interface is broadcast. |
Configuring IS-IS route control
Configuration prerequisites
Before the configuration, complete the following tasks:
· Configure IP addresses for interfaces to ensure IP connectivity between neighboring nodes.
· Enable IS-IS.
Configuring IS-IS link cost
The IS-IS cost of an interface is determined in the following order:
1. IS-IS cost specified in interface view.
2. IS-IS cost specified in system view.
The cost is applied to the interfaces associated with the IS-IS process.
3. Automatically calculated cost.
If the cost style is wide or wide-compatible, IS-IS automatically calculates the cost using the formula: Interface cost = (Bandwidth reference value / Expected interface bandwidth) × 10, in the range of 1 to 16777214. For other cost styles, Table 10 applies.
Configure the expected bandwidth of an interface with the bandwidth command. For more information, see Interface Command Reference.
Table 10 Automatic cost calculation scheme for cost styles other than wide and wide-compatible
|
Interface bandwidth |
Interface cost |
|
≤ 10 Mbps |
60 |
|
≤ 100 Mbps |
50 |
|
≤ 155 Mbps |
40 |
|
≤ 622 Mbps |
30 |
|
≤ 2500 Mbps |
20 |
|
> 2500 Mbps |
10 |
If none of the above costs is used, a default cost of 10 applies.
Configuring an IS-IS cost for an interface
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter IS-IS view. |
isis [ process-id ] [ vpn-instance vpn-instance-name ] |
N/A |
|
3. (Optional.) Specify an IS-IS cost style. |
cost-style { narrow | wide | wide-compatible | { compatible | narrow-compatible } [ relax-spf-limit ] } |
By default, the IS-IS cost type is narrow. |
|
4. Return to system view. |
quit |
N/A |
|
5. Enter interface view. |
interface interface-type interface-number |
N/A |
|
6. (Optional.) Specify a cost for the IS-IS interface. |
isis cost value [ level-1 | level-2 ] |
By default, no cost for the interface is specified. |
Configuring a global IS-IS cost
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter IS-IS view. |
isis [ process-id ] [ vpn-instance vpn-instance-name ] |
N/A |
|
3. (Optional.) Specify an IS-IS cost style. |
cost-style { narrow | wide | wide-compatible | { compatible | narrow-compatible } [ relax-spf-limit ] } |
By default, the IS-IS cost style is narrow. |
|
4. Specify a global IS-IS cost. |
circuit-cost value [ level-1 | level-2 ] |
By default, no global cost is specified. |
Enabling automatic IS-IS cost calculation
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter IS-IS view. |
isis [ process-id ] [ vpn-instance vpn-instance-name ] |
N/A |
|
3. Specify an IS-IS cost style. |
cost-style { wide | wide-compatible } |
By default, the IS-IS cost is narrow. |
|
4. Enable automatic IS-IS cost calculation. |
auto-cost enable |
By default, automatic IS-IS cost calculation is disabled. |
|
5. (Optional.) Configure a bandwidth reference value for automatic IS-IS cost calculation. |
bandwidth-reference value |
The default setting is 100 Mbps. |
Specifying a preference for IS-IS
If multiple routing protocols find routes to the same destination, the route found by the routing protocol that has the highest preference is selected as the optimal route.
Perform this task to assign a preference to IS-IS directly or by using a routing policy. For more information about the routing policy, see " Configuring routing policies."
To configure a preference for IS-IS:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter IS-IS view. |
isis [ process-id ] [ vpn-instance vpn-instance-name ] |
N/A |
|
3. Configure a preference for IS-IS. |
preference { preference | route-policy route-policy-name } * |
The default setting is 15. |
Configuring the maximum number of ECMP routes
Perform this task to implement load sharing over ECMP routes.
To configure the maximum number of ECMP routes:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter IS-IS view. |
isis [ process-id ] [ vpn-instance vpn-instance-name ] |
N/A |
|
3. Specify the maximum number of ECMP routes. |
maximum load-balancing number |
By default, the maximum number of ECMP routes is 128. |
Configuring IS-IS route summarization
Perform this task to summarize specific routes, including IS-IS routes and redistributed routes, into a single route. Route summarization can reduce the routing table size and the LSDB scale.
Route summarization applies only to locally generated LSPs. The cost of the summary route is the lowest one among the costs of the more-specific routes.
To configure route summarization:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter IS-IS view. |
isis [ process-id ] [ vpn-instance vpn-instance-name ] |
N/A |
|
3. Configure IS-IS route summarization. |
summary ip-address { mask-length | mask } [ avoid-feedback | generate_null0_route | [ level-1 | level-1-2 | level-2 ] | tag tag ] * |
By default, route summarization is not configured. |
Advertising a default route
IS-IS cannot redistribute a default route to its neighbors. This task enables IS-IS to advertise a default route of 0.0.0.0/0 in an LSP to the same-level neighbors. Upon receiving the default route, the neighbors add it into their routing table.
To advertise a default route:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter IS-IS view. |
isis [ process-id ] [ vpn-instance vpn-instance-name ] |
N/A |
|
3. Advertise a default route. |
default-route-advertise [ [ level-1 | level-1-2 | level-2 ] | route-policy route-policy-name ] * |
By default, IS-IS does not advertise a default route. |
Configuring IS-IS route redistribution
Perform this task to redistribute routes from other routing protocols into IS-IS. You can specify a cost for redistributed routes and specify the maximum number of redistributed routes.
To configure IS-IS route redistribution from other routing protocols:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter IS-IS view. |
isis [ process-id ] [ vpn-instance vpn-instance-name ] |
N/A |
|
3. Redistribute routes from other routing protocols or other IS-IS processes. |
import-route protocol [ process-id | all-processes | allow-ibgp ] [ cost cost | cost-type { external | internal } | [ level-1 | level-1-2 | level-2 ] | route-policy route-policy-name | tag tag ] * |
By default, no route is redistributed. By default, if no level is specified, this command redistributes routes into the Level-2 routing table. This command redistributes only active routes. To display active routes, use the display ip routing-table protocol command. |
|
4. (Optional.) Configure the maximum number of redistributed Level 1/Level 2 IPv4 routes. |
import-route limit number |
By default, the maximum number of redistributed Level 1/Level 2 IPv4 routes is not configured. |
Configuring IS-IS route filtering
You can use an ACL, IP prefix list, or routing policy to filter routes calculated using received LSPs and routes redistributed from other routing protocols.
Filtering routes calculated from received LSPs
IS-IS saves LSPs received from neighbors in the LSDB, uses the SPF algorithm to calculate the shortest path tree with itself as the root, and installs the routes to the IS-IS routing table. IS-IS installs the optimal routes to the IP routing table.
Perform this task to filter calculated routes. Only routes that are not filtered can be added to the IP routing table. The filtered routes retain in the IS-IS routing table and can be advertised to neighbors.
To filter routes calculated using received LSPs:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter IS-IS view. |
isis [ process-id ] [ vpn-instance vpn-instance-name ] |
N/A |
|
3. Filter routes calculated using received LSPs. |
filter-policy { acl-number | prefix-list prefix-list-name | route-policy route-policy-name } import |
By default, IS-IS route filtering is not configured. |
Filtering redistributed routes
IS-IS can redistribute routes from other routing protocols or other IS-IS processes, add them to the IS-IS routing table, and advertise them in LSPs.
Perform this task to filter redistributed routes. Only routes that are not filtered can be added to the IS-IS routing table and advertised to neighbors.
To filter redistributed routes:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter IS-IS view. |
isis [ process-id ] [ vpn-instance vpn-instance-name ] |
N/A |
|
3. Filter routes redistributed from other routing protocols or IS-IS processes. |
filter-policy { acl-number | prefix-list prefix-list-name | route-policy route-policy-name } export [ protocol [ process-id ] ] |
By default, IS-IS route filtering is not configured. |
Configuring IS-IS route leaking
Perform this task to control route advertisement (route leaking) between Level-1 and Level-2.
You can configure IS-IS to advertise routes from Level-2 to Level-1, and to not advertise routes from Level-1 to Level-2.
To configure IS-IS route leaking:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter IS-IS view. |
isis [ process-id ] [ vpn-instance vpn-instance-name ] |
N/A |
|
3. Configure route leaking from Level-1 to Level-2. |
import-route isis level-1 into level-2 [ filter-policy { acl-number | prefix-list prefix-list-name | route-policy route-policy-name } | tag tag ] * |
By default, IS-IS advertises routes from Level-1 to Level-2. |
|
4. Configure route leaking from Level-2 to Level-1. |
import-route isis level-2 into level-1 [ filter-policy { acl-number | prefix-list prefix-list-name | route-policy route-policy-name } | tag tag ] * |
By default, IS-IS does not advertise routes from Level-2 to Level-1. |
Tuning and optimizing IS-IS networks
Configuration prerequisites
Before you tune and optimize IS-IS networks, complete the following tasks:
· Configure IP addresses for interfaces to ensure IP connectivity between neighboring nodes.
· Enable IS-IS.
Specifying the interval for sending IS-IS hello packets
If a neighbor does not receive any hello packets from the router within the advertised hold time, it considers the router down and recalculates the routes. The hold time is the hello multiplier multiplied by the hello interval.
To specify the interval for sending hello packets:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter interface view. |
interface interface-type interface-number |
N/A |
|
3. Specify the interval for sending hello packets. |
isis timer hello seconds [ level-1 | level-2 ] |
The default setting is 10 seconds. The interval between hello packets sent by the DIS is 1/3 the hello interval set with the isis timer hello command. |
Specifying the IS-IS hello multiplier
The hello multiplier is the number of hello packets a neighbor must miss before it declares that the router is down.
If a neighbor receives no hello packets from the router within the advertised hold time, it considers the router down and recalculates the routes. The hold time is the hello multiplier multiplied by the hello interval.
On a broadcast link, Level-1 and Level-2 hello packets are advertised separately. You must set a hello multiplier for each level.
On a P2P link, Level-1 and Level-2 hello packets are advertised in P2P hello packets. You do not need to specify Level-1 or Level-2.
To specify the IS-IS hello multiplier:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter interface view. |
interface interface-type interface-number |
N/A |
|
3. Specify the hello multiplier. |
isis timer holding-multiplier value [ level-1 | level-2 ] |
The default setting is 3. |
Specifying the interval for sending IS-IS CSNP packets
On a broadcast network, perform this task on the DIS that uses CSNP packets to synchronize LSDBs.
To specify the interval for sending IS-IS CSNP packets:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter interface view. |
interface interface-type interface-number |
N/A |
|
3. Specify the interval for sending CSNP packets on the DIS of a broadcast network. |
isis timer csnp seconds [ level-1 | level-2 ] |
The default setting is 10 seconds. |
Configuring a DIS priority for an interface
On a broadcast network, IS-IS must elect a router as the DIS at a routing level. You can specify a DIS priority at a level for an interface. The greater the interface's priority, the more likely it becomes the DIS. If multiple routers in the broadcast network have the same highest DIS priority, the router with the highest MAC address becomes the DIS.
To configure a DIS priority for an interface:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter interface view. |
interface interface-type interface-number |
N/A |
|
3. Configure a DIS priority for the interface. |
isis dis-priority value [ level-1 | level-2 ] |
The default setting is 64. |
Disabling an interface from sending/receiving IS-IS packets
After being disabled from sending and receiving hello packets, an interface cannot form any neighbor relationship, but can advertise directly connected networks in LSPs through other interfaces. This can save bandwidth and CPU resources, and ensures that other routers know networks directly connected to the interface.
To disable an interface from sending and receiving IS-IS packets:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter interface view. |
interface interface-type interface-number |
N/A |
|
3. Disable the interface from sending and receiving IS-IS packets. |
isis silent |
By default, the interface can send and receive IS-IS packets. |
Enabling an interface to send small hello packets
IS-IS messages cannot be fragmented at the IP layer because they are directly encapsulated in frames. Any two IS-IS neighboring routers must negotiate a common MTU. To avoid sending big hellos to save bandwidth, enable the interface to send small hello packets without CLVs.
To enable an interface to send small hello packets:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter interface view. |
interface interface-type interface-number |
N/A |
|
3. Enable the interface to send small hello packets without CLVs. |
isis small-hello |
By default, the interface can send standard hello packets. |
Configuring LSP parameters
Configuring LSP timers
1. Specify the maximum age of LSPs.
Each LSP has an age that decreases in the LSDB. Any LSP with an age of 0 is deleted from the LSDB. You can adjust the age value based on the scale of a network.
To specify the maximum age of LSPs:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter IS-IS view. |
isis [ process-id ] [ vpn-instance vpn-instance-name ] |
N/A |
|
3. Specify the maximum LSP age. |
timer lsp-max-age seconds |
The default setting is 1200 seconds. |
2. Specify the LSP refresh interval and generation interval.
Each router needs to refresh its LSPs at a configurable interval and send them to other routers to prevent valid routes from aging out. A smaller refresh interval speeds up network convergence but consumes more bandwidth.
When the network topology changes, for example, a neighbor is down or up, or the interface metric, system ID, or area ID is changed, the router generates an LSP after a configurable interval. If such a change occurs frequently, excessive LSPs are generated, consuming a large amount of router resources and bandwidth. To solve the problem, you can adjust the LSP generation interval.
When network changes are not frequent, the minimum-interval is adopted. If network changes become frequent, the LSP generation interval is incremented by incremental-interval × 2n-2 (n is the number of calculation times) each time a generation occurs until the maximum-interval is reached.
To specify the LSP refresh interval and generation interval:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter IS-IS view. |
isis [ process-id ] [ vpn-instance vpn-instance-name ] |
N/A |
|
3. Specify the LSP refresh interval. |
timer lsp-refresh seconds |
By default, the LSP refresh interval is 900 seconds. |
|
4. Specify the LSP generation interval. |
timer lsp-generation maximum-interval [ minimum-interval [ incremental-interval ] ] [ level-1 | level-2 ] |
By default: · The maximum interval is 5 seconds. · The minimum interval is 20 milliseconds. · The incremental interval is 200 milliseconds. |
3. Specify LSP sending intervals.
If a change occurs in the LSDB, IS-IS advertises the changed LSP to neighbors. You can specify the minimum interval for sending these LSPs to control the amount of LSPs on the network.
On a P2P link, IS-IS requires an advertised LSP be acknowledged. If no acknowledgement is received within a configurable interval, IS-IS will retransmit the LSP.
To configure LSP sending intervals:
|
Step |
Command |
Remarks |
|
|
1. Enter system view. |
system-view |
N/A |
|
|
2. Enter interface view. |
interface interface-type interface-number |
N/A |
|
|
3. Specify the minimum interval for sending LSPs and the maximum LSP number that can be sent at a time. |
isis timer lsp time [ count count ] |
By default, the minimum interval is 33 milliseconds, and the maximum LSP number that can be sent at a time is 5. |
|
|
4. Specify the LSP retransmission interval on a P2P link. |
isis timer retransmit seconds |
By default, the LSP retransmission interval on a P2P link is 5 seconds. |
|
Specifying LSP lengths
IS-IS messages cannot be fragmented at the IP layer because they are directly encapsulated in frames. IS-IS routers in an area must send LSPs smaller than the smallest interface MTU in the area.
If the IS-IS routers have different interface MTUs, configure the maximum size of generated LSP packets to be smaller than the smallest interface MTU in the area as a best practice. Otherwise, the routers must dynamically adjust the LSP packet size to fit the smallest interface MTU, which takes time and affects other services.
To specify LSP lengths:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter IS-IS view. |
isis [ process-id ] [ vpn-instance vpn-instance-name ] |
N/A |
|
3. Specify the maximum length of generated Level-1 LSPs or Level-2 LSPs. |
lsp-length originate size [ level-1 | level-2 ] |
By default, the maximum length of generated Level-1 LSPs or Level-2 LSPs is 1497 bytes. |
|
4. Specify the maximum length of received LSPs. |
lsp-length receive size |
By default, the maximum length of received LSPs is 1497 bytes. |
Enabling LSP flash flooding
Changed LSPs can trigger SPF recalculation. To advertise the changed LSPs before the router recalculates routes for faster network convergence, enable LSP flash flooding.
To enable LSP flash flooding:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter IS-IS view. |
isis [ process-id ] [ vpn-instance vpn-instance-name ] |
N/A |
|
3. Enable LSP flash flooding. |
flash-flood [ flood-count flooding-count | max-timer-interval flooding-interval | [ level-1 | level-2 ] ] * |
By default, LSP flash flooding is disabled. |
Enabling LSP fragment extension
Perform this task to enable IS-IS fragment extension for an IS-IS process. The MTUs of all interfaces running the IS-IS process must not be less than 512. Otherwise, LSP fragment extension does not take effect.
To enable LSP fragment extension:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter IS-IS view. |
isis [ process-id ] [ vpn-instance vpn-instance-name ] |
N/A |
|
3. Enable LSP fragment extension. |
lsp-fragments-extend [ level-1 | level-1-2 | level-2 ] |
By default, this feature is disabled. |
|
4. Configure a virtual system ID. |
virtual-system virtual-system-id |
By default, no virtual system ID is configured. Configure at least one virtual system to generate extended LSP fragments. |
Controlling SPF calculation interval
Based on the LSDB, an IS-IS router uses the SPF algorithm to calculate the shortest path tree with itself being the root, and uses the shortest path tree to determine the next hop to a destination network. By adjusting the SPF calculation interval, you can prevent bandwidth and router resources from being over consumed due to frequent topology changes.
When network changes are not frequent, the minimum-interval is adopted. If network changes become frequent, the SPF calculation interval is incremented by incremental-interval × 2n-2 (n is the number of calculation times) each time a calculation occurs until the maximum-interval is reached.
To control SPF calculation interval:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter IS-IS view. |
isis [ process-id ] [ vpn-instance vpn-instance-name ] |
N/A |
|
3. Configure the SPF calculation interval. |
timer spf maximum-interval [ minimum-interval [ incremental-interval ] ] |
By default: · The maximum interval is 5 seconds. · The minimum interval is 50 milliseconds. · The incremental interval is 200 milliseconds. |
Configuring convergence priorities for specific routes
A topology change causes IS-IS routing convergence. To improve convergence speed, you can assign convergence priorities to IS-IS routes. Convergence priority levels are critical, high, medium, and low. The higher the convergence priority, the faster the convergence speed.
By default, IS-IS host routes have medium convergence priority, and other IS-IS routes have low convergence priority.
To assign convergence priorities to specific IS-IS routes:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter IS-IS view. |
isis [ process-id ] [ vpn-instance vpn-instance-name ] |
N/A |
|
3. Assign convergence priorities to specific IS-IS routes. |
priority { critical | high | medium } { prefix-list prefix-list-name | tag tag-value } |
By default, IS-IS routes, except IS-IS host routes, have the low convergence priority. |
Setting the LSDB overload bit
By setting the overload bit in sent LSPs, a router informs other routers of failures that make it unable to select routes and forward packets.
When an IS-IS router cannot record the complete LSDB, for example, because of memory insufficiency, it will calculate wrong routes. To make troubleshooting easier, temporarily isolate the router from the IS-IS network by setting the overload bit.
To set the LSDB overload bit:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter IS-IS view. |
isis [ process-id ] [ vpn-instance vpn-instance-name ] |
N/A |
|
3. Set the overload bit. |
set-overload [ on-startup [ [ start-from-nbr system-id [ timeout1 [ nbr-timeout ] ] ] | timeout2 ] [ allow { external | interlevel } * ] |
By default, the overload bit is not set. |
Configuring system ID to host name mappings
A 6-byte system ID in hexadecimal notation uniquely identifies a router or host in an IS-IS network. To make a system ID easy to read, the system allows you to use host names to identify devices and provides mappings between system IDs and host names.
The mappings can be configured manually or dynamically. Follow these guidelines when you configure the mappings:
· To view host names rather than system IDs by using the display isis lsdb command, you must enable dynamic system ID to host name mapping.
· If you configure both dynamic mapping and static mapping on a router, the host name specified for dynamic mapping applies.
Configuring a static system ID to host name mapping
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter IS-IS view. |
isis [ process-id ] [ vpn-instance vpn-instance-name ] |
N/A |
|
3. Configure a system ID to host name mapping for a remote IS. |
is-name map sys-id map-sys-name |
A system ID can correspond to only one host name. |
Configuring dynamic system ID to host name mapping
Static system ID to host name mapping requires you to manually configure a mapping for each router in the network. When a new router is added to the network or a mapping must be modified, you must configure all routers manually.
When you use dynamic system ID to host name mapping, you only need to configure a host name for each router in the network. Each router advertises the host name in a dynamic host name CLV to other routers so all routers in the network can have all mappings.
To help check the origin of LSPs in the LSDB, you can configure a name for the DIS in a broadcast network.
To configure dynamic system ID to host name mapping:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter IS-IS view. |
isis [ process-id ] [ vpn-instance vpn-instance-name ] |
N/A |
|
3. Specify a host name for the IS and enable dynamic system ID to host name mapping. |
is-name sys-name |
By default, no host name is specified for the router. |
|
4. Return to system view. |
quit |
N/A |
|
5. Enter interface view. |
interface interface-type interface-number |
N/A |
|
6. Configure a DIS name. |
isis dis-name symbolic-name |
By default, no DIS name is configured. This command takes effect only on a router enabled with dynamic system ID to host name mapping. This command is not available on P2P interfaces. |
Enabling the logging of neighbor state changes
With this feature enabled, the router delivers logs about neighbor state changes to its information center. The information center processes the logs according to user-defined output rules (whether to output logs and where to output). For more information about the information center, see Network Management and Monitoring Configuration Guide.
To enable the logging of neighbor state changes:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter IS-IS view. |
isis [ process-id ] [ vpn-instance vpn-instance-name ] |
N/A |
|
3. Enable the logging of neighbor state changes. |
log-peer-change |
By default, the logging of neighbor state changes is enabled. |
Enabling IS-IS ISPF
When the network topology changes, Incremental Shortest Path First (ISPF) computes only the affected part of the SPT, instead of the entire SPT.
To enable IS-IS ISPF:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter IS-IS view. |
isis [ process-id ] [ vpn-instance vpn-instance-name ] |
N/A |
|
3. Enable IS-IS ISPF. |
ispf enable |
By default, IS-IS is disabled. |
Configuring IS-IS network management
This task includes the following configurations:
· Bind an IS-IS process to MIB so that you can use network management software to manage the specified IS-IS process.
· Enable IS-IS notifications to report important events.
Notifications are delivered to the SNMP module, which outputs the notifications according to the configured output rules. For more information about SNMP notifications, see Network Management and Monitoring Configuration Guide.
To configure IS-IS network management:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Bind MIB to an IS-IS process. |
isis mib-binding process-id |
By default, MIB is bound to the IS-IS process with the smallest process ID. |
|
3. Enable IS-IS notification sending. |
snmp-agent trap enable isis [ adjacency-state-change | area-mismatch | authentication | authentication-type | buffsize-mismatch | id-length-mismatch | lsdboverload-state-change | lsp-corrupt | lsp-parse-error | lsp-size-exceeded | manual-address-drop | max-seq-exceeded | maxarea-mismatch | own-lsp-purge | protocol-support | rejected-adjacency | skip-sequence-number | version-skew ] * |
By default, IS-IS notification sending is enabled. |
|
4. Enter IS-IS view. |
isis [ process-id ] [ vpn-instance vpn-instance-name ] |
N/A |
|
5. Configure the context name for the SNMP object for managing IS-IS. |
snmp context-name context-name |
By default, no context name is set for the SNMP object for managing IS-IS. |
Enhancing IS-IS network security
To enhance the security of an IS-IS network, you can configure IS-IS authentication. IS-IS authentication involves neighbor relationship authentication, area authentication, and routing domain authentication.
Configuration prerequisites
Before the configuration, complete the following tasks:
· Configure IP addresses for interfaces to ensure IP connectivity between neighboring nodes.
· Enable IS-IS.
Configuring neighbor relationship authentication
With neighbor relationship authentication configured, an interface adds the password in the specified mode into hello packets to the peer and checks the password in the received hello packets. If the authentication succeeds, it forms the neighbor relationship with the peer.
The authentication mode and password at both ends must be identical.
To configure neighbor relationship authentication:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter interface view. |
interface interface-type interface-number |
N/A |
|
3. Specify the authentication mode and password. |
isis authentication-mode { md5 | simple } { cipher cipher-string | plain plain-string } [ level-1 | level-2 ] [ ip | osi ] |
By default, no authentication is configured. |
Configuring area authentication
Area authentication prevents the router from installing routing information from untrusted routers into the Level-1 LSDB. The router encapsulates the authentication password in the specified mode in Level-1 packets (LSP, CSNP, and PSNP) and checks the password in received Level-1 packets.
Routers in a common area must have the same authentication mode and password.
To configure area authentication:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter IS-IS view. |
isis [ process-id ] [ vpn-instance vpn-instance-name ] |
N/A |
|
3. Specify the area authentication mode and password. |
area-authentication-mode { md5 | simple } { cipher cipher-string | plain plain-string } [ ip | osi ] |
By default, no area authentication is configured. |
Configuring routing domain authentication
Routing domain authentication prevents untrusted routing information from entering into a routing domain. A router with the authentication configured encapsulates the password in the specified mode into Level-2 packets (LSP, CSNP, and PSNP) and check the password in received Level-2 packets.
All the routers in the backbone must have the same authentication mode and password.
To configure routing domain authentication:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter IS-IS view. |
isis [ process-id ] [ vpn-instance vpn-instance-name ] |
N/A |
|
3. Specify the routing domain authentication mode and password. |
domain-authentication-mode { md5 | simple } { cipher cipher-string | plain plain-string } [ ip | osi ] |
By default, no routing domain authentication is configured. |
Configuring IS-IS GR
GR ensures forwarding continuity when a routing protocol restarts or an active/standby switchover occurs.
Two routers are required to complete a GR process. The following are router roles in a GR process.
· GR restarter—Graceful restarting router. It must have GR capability.
· GR helper—A neighbor of the GR restarter. It assists the GR restarter to complete the GR process. By default, the device acts as the GR helper.
Configure IS-IS GR on the GR restarter.
GR restarter uses the following timers:
· T1 timer—Specifies the times that GR restarter can send a Restart TLV with the RR bit set. When rebooted, the GR restarter sends a Restart TLV with the RR bit set to its neighbor. If the GR restarter receives a Restart TLV with the RA set from its neighbor before the T1 timer expires, the GR process starts. Otherwise, the GR process fails.
· T2 timer—Specifies the LSDB synchronization interval. Each LSDB has a T2 timer. The Level-1-2 router has two T2 timers: a Level-1 timer and a Level-2 timer. If the LSDBs have not synchronized before the two timers expire, the GR process fails.
· T3 timer—Specifies the GR interval. The GR interval is set as the holdtime in hello PDUs. Within the interval, the neighbors maintain their adjacency with the GR restarter. If the GR process has not completed within the holdtime, the neighbors tear down the neighbor relationship and the GR process fails.
To configure GR on the GR restarter:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enable IS-IS and enter IS-IS view. |
isis [ process-id ] [ vpn-instance vpn-instance-name ] |
N/A |
|
3. Enable IS-IS GR. |
graceful-restart |
By default, the GR capability for IS-IS is disabled. |
|
4. (Optional.) Suppress the SA bit during restart. |
graceful-restart suppress-sa |
By default, the SA bit is not suppressed. By enabling the GR restarter to suppress the Suppress-Advertisement (SA) bit in the hello PDUs, the neighbors will still advertise their adjacency with the GR restarter. |
|
5. (Optional.) Configure the T1 timer. |
graceful-restart t1 seconds count count |
By default, the T1 timer is 3 seconds and can expire 10 times. |
|
6. (Optional.) Configure the T2 timer. |
graceful-restart t2 seconds |
By default, the T2 timer is 60 seconds. |
|
7. (Optional.) Configure the T3 timer. |
graceful-restart t3 seconds |
By default, the T2 timer is 300 seconds. |
Configuring BFD for IS-IS
BFD provides a single mechanism to quickly detect and monitor the connectivity of links between OSPF neighbors, reducing network convergence time. For more information about BFD, see High Availability Configuration Guide.
To configure BFD for IS-IS:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter interface view. |
interface interface-type interface-number |
N/A |
|
3. Enable IS-IS on an interface. |
isis enable [ process-id ] |
N/A |
|
4. Enable BFD on an IS-IS interface. |
isis bfd enable |
By default, an IS-IS interface is not enabled with BFD. |
Configuring IS-IS FRR
A link or router failure on a path can cause packet loss and routing loop. IS-IS FRR uses BFD to detect failures and enables fast rerouting to minimize the failover time.
Figure 38 Network diagram for IS-IS FRR
In Figure 38, after you enable FRR on Router B, IS-IS automatically calculates or designates a backup next hop when a link failure is detected. In this way, packets are directed to the backup next hop to reduce traffic recovery time. Meanwhile, IS-IS calculates the shortest path based on the new network topology, and forwards packets over the path after network convergence.
You can either enable IS-IS FRR to calculate a backup next hop automatically, or designate a backup next hop with a routing policy for routes matching specific criteria.
Configuration prerequisites
Before you configure IS-IS FRR, complete the following tasks:
· Configure IP addresses for interfaces to ensure IP connectivity between neighboring nodes.
· Enable IS-IS.
Configuration guidelines
· Do not use FRR and BFD at the same time. Otherwise, FRR might fail to take effect.
· The automatic backup next hop calculation of FRR and that of TE are mutually exclusive.
Configuring IS-IS FRR to automatically calculate a backup next hop
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Configure the source address of echo packets. |
bfd echo-source-ip ip-address |
By default, the source address of echo packets is not configured. |
|
3. Enter IS-IS view. |
isis [ process-id ] [ vpn-instance vpn-instance-name ] |
N/A |
|
4. Enable IS-IS FRR to automatically calculate a backup next hop. |
fast-reroute auto |
By default, IS-IS FRR is disabled. |
Configuring IS-IS FRR using a routing policy
You can use the apply fast-reroute backup-interface command to specify a backup next hop in a routing policy for routes matching specific criteria, and perform this task to reference the routing policy for IS-IS FRR. For more information about the apply fast-reroute backup-interface command and routing policy configurations, see " Configuring routing policies."
To configure IS-IS FRR using a routing policy:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Configure the source address of echo packets. |
bfd echo-source-ip ip-address |
By default, the source address of echo packets is not configured. |
|
3. Enter IS-IS view. |
isis [ process-id ] [ vpn-instance vpn-instance-name ] |
N/A |
|
4. Enable IS-IS FRR using a routing policy. |
fast-reroute route-policy route-policy-name |
By default, this feature is not enabled. |
Configuring BFD for IS-IS FRR
By default, IS-IS FRR does not use BFD to detect primary link failures. To speed up IS-IS convergence, enable BFD single-hop echo detection for IS-IS FRR to detect primary link failures.
To configure BFD for IS-IS FRR:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Configure the source IP address of BFD echo packets. |
bfd echo-source-ip ip-address |
By default, the source IP address of BFD echo packets is not configured. For more information, see High Availability Command Reference. |
|
3. Enter interface view. |
interface interface-type interface-number |
N/A |
|
4. Enable BFD for IS-IS FRR. |
isis primary-path-detect bfd echo |
By default, BFD for IS-IS FRR is disabled. |
Displaying and maintaining IS-IS
Execute display commands in any view and the reset command in user view.
|
Task |
Command |
|
Display brief IS-IS backup configuration information (in standalone mode). |
display isis brief [ process-id ] [ standby slot slot-number ] |
|
Display brief IS-IS backup configuration information (in IRF mode). |
display isis brief [ process-id ] [ standby chassis chassis-number slot slot-number ] |
|
Display IS-IS GR log information (in standalone mode). |
display isis graceful-restart event-log slot slot-number |
|
Display IS-IS GR log information (in IRF mode). |
display isis graceful-restart event-log chassis chassis-number slot slot-number |
|
Display the IS-IS GR status. |
display isis graceful-restart status [ level-1 | level-2 ] [ process-id ] |
|
Display IS-IS backup interface information (in standalone mode). |
display isis interface [ interface-type interface-number ] [ verbose ] [ process-id ] [ standby slot slot-number ] |
|
Display IS-IS backup interface information (in IRF mode). |
display isis interface [ interface-type interface-number ] [ verbose ] [ process-id ] [ standby chassis chassis-number slot slot-number ] |
|
Display IS-IS backup LSDB information (in standalone mode). |
display isis lsdb [ [ level-1 | level-2 ] | local | [ lsp-id lspid | lsp-name lspname ] | verbose ] * [ process-id ] [ standby slot slot-number ] |
|
Display IS-IS backup LSDB information (in IRF mode). |
display isis lsdb [ [ level-1 | level-2 ] | local | [ lsp-id lspid | lsp-name lspname ] | verbose ] * [ process-id ] [ standby chassis chassis-number slot slot-number ] |
|
Display the host name to system ID mapping table. |
display isis name-table [ process-id ] |
|
Display IS-IS backup neighbor information (in standalone mode). |
display isis peer [ statistics | verbose ] [ process-id ] [ standby slot slot-number ] |
|
Display IS-IS backup neighbor information (in IRF mode). |
display isis peer [ statistics | verbose ] [ process-id ] [ standby chassis chassis-number slot slot-number ] |
|
Display IS-IS redistributed route information |
display isis redistribute [ ipv4 [ ip-address mask-length ] ] [ level-1 | level-2 ] [ process-id ] |
|
Display IS-IS IPv4 routing information. |
display isis route [ ipv4 [ ip-address mask-length ] ] [ [ level-1 | level-2 ] | verbose ] * [ process-id ] |
|
Display IS-IS IPv4 topology information. |
display isis spf-tree [ ipv4 ] [ [ level-1 | level-2 ] | verbose ] * [ process-id ] |
|
Display IS-IS statistics. |
display isis statistics [ level-1 | level-1-2 | level-2 ] [ process-id ] |
|
Display OSI connection information (in standalone mode). |
display osi [ slot slot-number ] |
|
Display OSI connection information (in IRF mode). |
display osi [ chassis chassis-number slot slot-number ] |
|
Display OSI connection statistics (in standalone mode). |
display osi statistics [ slot slot-number ] |
|
Display OSI connection statistics (in IRF mode). |
display osi statistics [ chassis chassis-number slot slot-number ] |
|
Clear IS-IS process data structure information. |
reset isis all [ process-id ] [ graceful-restart ] |
|
Clear IS-IS GR log information (in standalone mode). |
reset isis graceful-restart event-log slot slot-number |
|
Clear IS-IS GR log information (in IRF mode). |
reset isis graceful-restart event-log chassis chassis-number slot slot-number |
|
Clear the data structure information of an IS-IS neighbor. |
reset isis peer system-id [ process-id ] |
|
Clear OSI connection statistics (in standalone mode). |
reset osi statistics |
|
Clear OSI connection statistics (in IRF mode). |
reset osi statistics |
IS-IS configuration examples
Basic IS-IS configuration example
Network requirements
As shown in Figure 39, Switch A, Switch B, Switch C, and Switch D reside in an IS-IS AS.
Switch A and B are Level-1 switches, Switch D is a Level-2 switch, and Switch C is a Level-1-2 switch. Switch A, Switch B, and Switch C are in Area 10, and Switch D is in Area 20.
Configuration procedure
1. Configure IP addresses for interfaces. (Details not shown.)
2. Configure IS-IS:
# Configure Switch A.
<SwitchA> system-view
[SwitchA] isis 1
[SwitchA-isis-1] is-level level-1
[SwitchA-isis-1] network-entity 10.0000.0000.0001.00
[SwitchA-isis-1] quit
[SwitchA] interface vlan-interface 100
[SwitchA-Vlan-interface100] isis enable 1
[SwitchA-Vlan-interface100] quit
# Configure Switch B.
<SwitchB> system-view
[SwitchB] isis 1
[SwitchB-isis-1] is-level level-1
[SwitchB-isis-1] network-entity 10.0000.0000.0002.00
[SwitchB-isis-1] quit
[SwitchB] interface vlan-interface 200
[SwitchB-Vlan-interface200] isis enable 1
[SwitchB-Vlan-interface200] quit
# Configure Switch C.
<SwitchC> system-view
[SwitchC] isis 1
[SwitchC-isis-1] network-entity 10.0000.0000.0003.00
[SwitchC-isis-1] quit
[SwitchC] interface vlan-interface 100
[SwitchC-Vlan-interface100] isis enable 1
[SwitchC-Vlan-interface100] quit
[SwitchC] interface vlan-interface 200
[SwitchC-Vlan-interface200] isis enable 1
[SwitchC-Vlan-interface200] quit
[SwitchC] interface vlan-interface 300
[SwitchC-Vlan-interface300] isis enable 1
[SwitchC-Vlan-interface300] quit
# Configure Switch D.
<SwitchD> system-view
[SwitchD] isis 1
[SwitchD-isis-1] is-level level-2
[SwitchD-isis-1] network-entity 20.0000.0000.0004.00
[SwitchD-isis-1] quit
[SwitchD] interface vlan-interface 100
[SwitchD-Vlan-interface100] isis enable 1
[SwitchD-Vlan-interface100] quit
[SwitchD] interface vlan-interface 300
[SwitchD-Vlan-interface300] isis enable 1
[SwitchD-Vlan-interface300] quit
Verifying the configuration
# Display the IS-IS LSDB on each switch to verify the LSPs.
[SwitchA] display isis lsdb
Database information for IS-IS(1)
---------------------------------
Level-1 Link State Database
---------------------------
LSPID Seq Num Checksum Holdtime Length ATT/P/OL
--------------------------------------------------------------------------
0000.0000.0001.00-00* 0x00000004 0xdf5e 1096 68 0/0/0
0000.0000.0002.00-00 0x00000004 0xee4d 1102 68 0/0/0
0000.0000.0002.01-00 0x00000001 0xdaaf 1102 55 0/0/0
0000.0000.0003.00-00 0x00000009 0xcaa3 1161 111 1/0/0
0000.0000.0003.01-00 0x00000001 0xadda 1112 55 0/0/0
*-Self LSP, +-Self LSP(Extended), ATT-Attached, P-Partition, OL-Overload
[SwitchB] display isis lsdb
Database information for IS-IS(1)
---------------------------------
Level-1 Link State Database
---------------------------
LSPID Seq Num Checksum Holdtime Length ATT/P/OL
--------------------------------------------------------------------------
0000.0000.0001.00-00 0x00000006 0xdb60 988 68 0/0/0
0000.0000.0002.00-00* 0x00000008 0xe651 1189 68 0/0/0
0000.0000.0002.01-00* 0x00000005 0xd2b3 1188 55 0/0/0
0000.0000.0003.00-00 0x00000014 0x194a 1190 111 1/0/0
0000.0000.0003.01-00 0x00000002 0xabdb 995 55 0/0/0
*-Self LSP, +-Self LSP(Extended), ATT-Attached, P-Partition, OL-Overload
[SwitchC] display isis lsdb
Database information for IS-IS(1)
---------------------------------
Level-1 Link State Database
---------------------------
LSPID Seq Num Checksum Holdtime Length ATT/P/OL
--------------------------------------------------------------------------
0000.0000.0001.00-00 0x00000006 0xdb60 847 68 0/0/0
0000.0000.0002.00-00 0x00000008 0xe651 1053 68 0/0/0
0000.0000.0002.01-00 0x00000005 0xd2b3 1052 55 0/0/0
0000.0000.0003.00-00* 0x00000014 0x194a 1051 111 1/0/0
0000.0000.0003.01-00* 0x00000002 0xabdb 854 55 0/0/0
*-Self LSP, +-Self LSP(Extended), ATT-Attached, P-Partition, OL-Overload
Level-2 Link State Database
---------------------------
LSPID Seq Num Checksum Holdtime Length ATT/P/OL
--------------------------------------------------------------------------
0000.0000.0003.00-00* 0x00000012 0xc93c 842 100 0/0/0
0000.0000.0004.00-00 0x00000026 0x331 1173 84 0/0/0
0000.0000.0004.01-00 0x00000001 0xee95 668 55 0/0/0
*-Self LSP, +-Self LSP(Extended), ATT-Attached, P-Partition, OL-Overload
[SwitchD] display isis lsdb
Database information for IS-IS(1)
---------------------------------
Level-2 Link State Database
---------------------------
LSPID Seq Num Checksum Holdtime Length ATT/P/OL
-------------------------------------------------------------------------------
0000.0000.0003.00-00 0x00000013 0xc73d 1003 100 0/0/0
0000.0000.0004.00-00* 0x0000003c 0xd647 1194 84 0/0/0
0000.0000.0004.01-00* 0x00000002 0xec96 1007 55 0/0/0
*-Self LSP, +-Self LSP(Extended), ATT-Attached, P-Partition, OL-Overload
# Display the IS-IS routing information on each switch.
[SwitchA] display isis route
Route information for IS-IS(1)
------------------------------
Level-1 IPv4 Forwarding Table
-----------------------------
IPv4 Destination IntCost ExtCost ExitInterface NextHop Flags
-------------------------------------------------------------------------------
10.1.1.0/24 10 NULL Vlan100 Direct D/L/-
10.1.2.0/24 20 NULL Vlan100 10.1.1.1 R/-/-
192.168.0.0/24 20 NULL Vlan100 10.1.1.1 R/-/-
0.0.0.0/0 10 NULL Vlan100 10.1.1.1 R/-/-
Flags: D-Direct, R-Added to Rib, L-Advertised in LSPs, U-Up/Down Bit Set
[SwitchC] display isis route
Route information for IS-IS(1)
------------------------------
Level-1 IPv4 Forwarding Table
-----------------------------
IPv4 Destination IntCost ExtCost ExitInterface NextHop Flags
-------------------------------------------------------------------------------
192.168.0.0/24 10 NULL Vlan300 Direct D/L/-
10.1.1.0/24 10 NULL Vlan100 Direct D/L/-
10.1.2.0/24 10 NULL Vlan200 Direct D/L/-
Flags: D-Direct, R-Added to Rib, L-Advertised in LSPs, U-Up/Down Bit Set
Level-2 IPv4 Forwarding Table
-----------------------------
IPv4 Destination IntCost ExtCost ExitInterface NextHop Flags
-------------------------------------------------------------------------------
192.168.0.0/24 10 NULL Vlan300 Direct D/L/-
10.1.1.0/24 10 NULL Vlan100 Direct D/L/-
10.1.2.0/24 10 NULL Vlan200 Direct D/L/-
172.16.0.0/16 20 NULL Vlan300 192.168.0.2 R/-/-
Flags: D-Direct, R-Added to Rib, L-Advertised in LSPs, U-Up/Down Bit Set
[SwitchD] display isis route
Route information for IS-IS(1)
------------------------------
Level-2 IPv4 Forwarding Table
-----------------------------
IPv4 Destination IntCost ExtCost ExitInterface NextHop Flags
-------------------------------------------------------------------------------
192.168.0.0/24 10 NULL Vlan300 Direct D/L/-
10.1.1.0/24 20 NULL Vlan300 192.168.0.1 R/-/-
10.1.2.0/24 20 NULL Vlan300 192.168.0.1 R/-/-
172.16.0.0/16 10 NULL Vlan100 Direct D/L/-
Flags: D-Direct, R-Added to Rib, L-Advertised in LSPs, U-Up/Down Bit Set
The output shows that the routing table of Level-1 switches contains a default route with the next hop as the Level-1-2 switch. The routing table of Level-2 switch contains both routing information of Level-1 and Level-2.
DIS election configuration example
Network requirements
As shown in Figure 40, Switches A, B, C, and D reside in IS-IS area 10 on a broadcast network (Ethernet). Switch A and Switch B are Level-1-2 switches, Switch C is a Level-1 switch, and Switch D is a Level-2 switch.
Change the DIS priority of Switch A to make it elected as the Level-1-2 DIS router.
Configuration procedure
1. Configure IP addresses for interfaces. (Details not shown.)
2. Enable IS-IS:
# Configure Switch A.
<SwitchA> system-view
[SwitchA] isis 1
[SwitchA-isis-1] network-entity 10.0000.0000.0001.00
[SwitchA-isis-1] quit
[SwitchA] interface vlan-interface 100
[SwitchA-Vlan-interface100] isis enable 1
[SwitchA-Vlan-interface100] quit
# Configure Switch B.
<SwitchB> system-view
[SwitchB] isis 1
[SwitchB-isis-1] network-entity 10.0000.0000.0002.00
[SwitchB-isis-1] quit
[SwitchB] interface vlan-interface 100
[SwitchB-Vlan-interface100] isis enable 1
[SwitchB-Vlan-interface100] quit
# Configure Switch C.
<SwitchC> system-view
[SwitchC] isis 1
[SwitchC-isis-1] network-entity 10.0000.0000.0003.00
[SwitchC-isis-1] is-level level-1
[SwitchC-isis-1] quit
[SwitchC] interface vlan-interface 100
[SwitchC-Vlan-interface100] isis enable 1
[SwitchC-Vlan-interface100] quit
# Configure Switch D.
<SwitchD> system-view
[SwitchD] isis 1
[SwitchD-isis-1] network-entity 10.0000.0000.0004.00
[SwitchD-isis-1] is-level level-2
[SwitchD-isis-1] quit
[SwitchD] interface vlan-interface 100
[SwitchD-Vlan-interface100] isis enable 1
[SwitchD-Vlan-interface100] quit
# Display information about IS-IS neighbors on Switch A.
[SwitchA] display isis peer
Peer information for IS-IS(1)
----------------------------
System Id: 0000.0000.0002
Interface: Vlan-interface100 Circuit Id: 0000.0000.0003.01
State: Up HoldTime: 21s Type: L1(L1L2) PRI: 64
System Id: 0000.0000.0003
Interface: Vlan-interface100 Circuit Id: 0000.0000.0003.01
State: Up HoldTime: 27s Type: L1 PRI: 64
System Id: 0000.0000.0002
Interface: Vlan-interface100 Circuit Id: 0000.0000.0004.01
State: Up HoldTime: 28s Type: L2(L1L2) PRI: 64
System Id: 0000.0000.0004
Interface: Vlan-interface100 Circuit Id: 0000.0000.0004.01
State: Up HoldTime: 30s Type: L2 PRI: 64
# Display information about IS-IS interfaces on Switch A.
[SwitchA] display isis interface
Interface information for IS-IS(1)
----------------------------------
Interface: Vlan-interface100
Id IPv4.State IPv6.State MTU Type DIS
001 Up Down 1497 L1/L2 No/No
# Display information about IS-IS interfaces on Switch C.
[SwitchC] display isis interface
Interface information for IS-IS(1)
----------------------------------
Interface: Vlan-interface100
Id IPv4.State IPv6.State MTU Type DIS
001 Up Down 1497 L1/L2 Yes/No
# Display information about IS-IS interfaces on Switch D.
[SwitchD] display isis interface
Interface information for IS-IS(1)
----------------------------------
Interface: Vlan-interface100
Id IPv4.State IPv6.State MTU Type DIS
001 Up Down 1497 L1/L2 No/Yes
The output shows that when the default DIS priority is used, Switch C is the DIS for Level-1, and Switch D is the DIS for Level-2. The pseudonodes of Level-1 and Level-2 are 0000.0000.0003.01 and 0000.0000.0004.01.
#Configure the DIS priority of Switch A.
[SwitchA] interface vlan-interface 100
[SwitchA-Vlan-interface100] isis dis-priority 100
[SwitchA-Vlan-interface100] quit
# Display IS-IS neighbors on Switch A.
[SwitchA] display isis peer
Peer information for IS-IS(1)
----------------------------
System Id: 0000.0000.0002
Interface: Vlan-interface100 Circuit Id: 0000.0000.0001.01
State: Up HoldTime: 21s Type: L1(L1L2) PRI: 64
System Id: 0000.0000.0003
Interface: Vlan-interface100 Circuit Id: 0000.0000.0001.01
State: Up HoldTime: 27s Type: L1 PRI: 64
System Id: 0000.0000.0002
Interface: Vlan-interface100 Circuit Id: 0000.0000.0001.01
State: Up HoldTime: 28s Type: L2(L1L2) PRI: 64
System Id: 0000.0000.0004
Interface: Vlan-interface100 Circuit Id: 0000.0000.0001.01
State: Up HoldTime: 30s Type: L2 PRI: 64
# Display information about IS-IS interfaces on Switch A.
[SwitchA] display isis interface
Interface information for IS-IS(1)
----------------------------------
Interface: Vlan-interface100
Id IPv4.State IPv6.State MTU Type DIS
001 Up Down 1497 L1/L2 Yes/Yes
The output shows that after the DIS priority configuration, Switch A becomes the DIS for Level-1-2, and the pseudonode is 0000.0000.0001.01.
# Display information about IS-IS neighbors and interfaces on Switch C.
[SwitchC] display isis peer
Peer information for IS-IS(1)
----------------------------
System Id: 0000.0000.0002
Interface: Vlan-interface100 Circuit Id: 0000.0000.0001.01
State: Up HoldTime: 25s Type: L1 PRI: 64
System Id: 0000.0000.0001
Interface: Vlan-interface100 Circuit Id: 0000.0000.0001.01
State: Up HoldTime: 7s Type: L1 PRI: 100
[SwitchC] display isis interface
Interface information for IS-IS(1)
----------------------------------
Interface: Vlan-interface100
Id IPv4.State IPv6.State MTU Type DIS
001 Up Down 1497 L1/L2 No/No
# Display information about IS-IS neighbors and interfaces on Switch D.
[SwitchD] display isis peer
Peer information for IS-IS(1)
----------------------------
System Id: 0000.0000.0001
Interface: Vlan-interface100 Circuit Id: 0000.0000.0001.01
State: Up HoldTime: 9s Type: L2 PRI: 100
System Id: 0000.0000.0002
Interface: Vlan-interface100 Circuit Id: 0000.0000.0001.01
State: Up HoldTime: 28s Type: L2 PRI: 64
[SwitchD] display isis interface
Interface information for IS-IS(1)
----------------------------------
Interface: Vlan-interface100
Id IPv4.State IPv6.State MTU Type DIS
001 Up Down 1497 L1/L2 No/No
IS-IS route redistribution configuration example
Network requirements
As shown in Figure 41, Switch A, Switch B, Switch C, and Switch D reside in the same AS. They use IS-IS to interconnect. Switch A and Switch B are Level-1 routers, Switch D is a Level-2 router, and Switch C is a Level-1-2 router.
Redistribute RIP routes into IS-IS on Switch D.
Configuration procedure
1. Configure IP addresses for interfaces. (Details not shown.)
2. Configure basic IS-IS:
# Configure Switch A.
<SwitchA> system-view
[SwitchA] isis 1
[SwitchA-isis-1] is-level level-1
[SwitchA-isis-1] network-entity 10.0000.0000.0001.00
[SwitchA-isis-1] quit
[SwitchA] interface vlan-interface 100
[SwitchA-Vlan-interface100] isis enable 1
[SwitchA-Vlan-interface100] quit
# Configure Switch B.
<SwitchB> system-view
[SwitchB] isis 1
[SwitchB-isis-1] is-level level-1
[SwitchB-isis-1] network-entity 10.0000.0000.0002.00
[SwitchB-isis-1] quit
[SwitchB] interface vlan-interface 200
[SwitchB-Vlan-interface200] isis enable 1
[SwitchB-Vlan-interface200] quit
# Configure Switch C.
<SwitchC> system-view
[SwitchC] isis 1
[SwitchC-isis-1] network-entity 10.0000.0000.0003.00
[SwitchC-isis-1] quit
[SwitchC] interface vlan-interface 200
[SwitchC-Vlan-interface200] isis enable 1
[SwitchC-Vlan-interface200] quit
[SwitchC] interface vlan-interface 100
[SwitchC-Vlan-interface100] isis enable 1
[SwitchC-Vlan-interface100] quit
[SwitchC] interface vlan-interface 300
[SwitchC-Vlan-interface300] isis enable 1
[SwitchC-Vlan-interface300] quit
# Configure Switch D.
<SwitchD> system-view
[SwitchD] isis 1
[SwitchD-isis-1] is-level level-2
[SwitchD-isis-1] network-entity 20.0000.0000.0004.00
[SwitchD-isis-1] quit
[SwitchD] interface interface vlan-interface 300
[SwitchD-Vlan-interface300] isis enable 1
[SwitchD-Vlan-interface300] quit
# Display IS-IS routing information on each switch.
[SwitchA] display isis route
Route information for IS-IS(1)
------------------------------
Level-1 IPv4 Forwarding Table
-----------------------------
IPv4 Destination IntCost ExtCost ExitInterface NextHop Flags
-------------------------------------------------------------------------------
10.1.1.0/24 10 NULL VLAN100 Direct D/L/-
10.1.2.0/24 20 NULL VLAN100 10.1.1.1 R/-/-
192.168.0.0/24 20 NULL VLAN100 10.1.1.1 R/-/-
0.0.0.0/0 10 NULL VLAN100 10.1.1.1 R/-/-
Flags: D-Direct, R-Added to Rib, L-Advertised in LSPs, U-Up/Down Bit Set
[SwitchC] display isis route
Route information for IS-IS(1)
------------------------------
Level-1 IPv4 Forwarding Table
-----------------------------
IPv4 Destination IntCost ExtCost ExitInterface NextHop Flags
-------------------------------------------------------------------------------
10.1.1.0/24 10 NULL VLAN100 Direct D/L/-
10.1.2.0/24 10 NULL VLAN200 Direct D/L/-
192.168.0.0/24 10 NULL VLAN300 Direct D/L/-
Flags: D-Direct, R-Added to Rib, L-Advertised in LSPs, U-Up/Down Bit Set
Level-2 IPv4 Forwarding Table
-----------------------------
IPv4 Destination IntCost ExtCost ExitInterface NextHop Flags
-------------------------------------------------------------------------------
10.1.1.0/24 10 NULL VLAN100 Direct D/L/-
10.1.2.0/24 10 NULL VLAN200 Direct D/L/-
192.168.0.0/24 10 NULL VLAN300 Direct D/L/-
Flags: D-Direct, R-Added to Rib, L-Advertised in LSPs, U-Up/Down Bit Set
[SwitchD] display isis route
Route information for IS-IS(1)
------------------------------
Level-2 IPv4 Forwarding Table
-----------------------------
IPv4 Destination IntCost ExtCost ExitInterface NextHop Flags
-------------------------------------------------------------------------------
192.168.0.0/24 10 NULL VLAN300 Direct D/L/-
10.1.1.0/24 20 NULL VLAN300 192.168.0.1 R/-/-
10.1.2.0/24 20 NULL VLAN300 192.168.0.1 R/-/-
Flags: D-Direct, R-Added to Rib, L-Advertised in LSPs, U-Up/Down Bit Set
3. Run RIPv2 between Switch D and Switch E, and configure IS-IS to redistribute RIP routes on Switch D:
# Configure RIPv2 on Switch D.
[SwitchD] rip 1
[SwitchD-rip-1] network 10.0.0.0
[SwitchD-rip-1] version 2
[SwitchD-rip-1] undo summary
# Configure RIPv2 on Switch E.
[SwitchE] rip 1
[SwitchE-rip-1] network 10.0.0.0
[SwitchE-rip-1] version 2
[SwitchE-rip-1] undo summary
# Configure IS-IS to redistribute RIP routes on Switch D.
[SwitchD-rip-1] quit
[SwitchD] isis 1
[SwitchD–isis-1] import-route rip level-2
# Display IS-IS routing information on Switch C.
[SwitchC] display isis route
Route information for IS-IS(1)
------------------------------
Level-1 IPv4 Forwarding Table
-----------------------------
IPv4 Destination IntCost ExtCost ExitInterface NextHop Flags
-------------------------------------------------------------------------------
10.1.1.0/24 10 NULL VLAN100 Direct D/L/-
10.1.2.0/24 10 NULL VLAN200 Direct D/L/-
192.168.0.0/24 10 NULL VLAN300 Direct D/L/-
Flags: D-Direct, R-Added to Rib, L-Advertised in LSPs, U-Up/Down Bit Set
Level-2 IPv4 Forwarding Table
-----------------------------
IPv4 Destination IntCost ExtCost ExitInterface NextHop Flags
-------------------------------------------------------------------------------
10.1.1.0/24 10 NULL VLAN100 Direct D/L/-
10.1.2.0/24 10 NULL VLAN200 Direct D/L/-
192.168.0.0/24 10 NULL VLAN300 Direct D/L/-
10.1.4.0/24 10 NULL VLAN300 192.168.0.2 R/L/-
10.1.5.0/24 20 NULL VLAN300 192.168.0.2 R/L/-
10.1.6.0/24 20 NULL VLAN300 192.168.0.2 R/L/-
Flags: D-Direct, R-Added to Rib, L-Advertised in LSPs, U-Up/Down Bit Set
IS-IS authentication configuration example
Network requirements
As shown in Figure 42, Switch A, Switch B, Switch C, and Switch D reside in the same IS-IS routing domain. Run IS-IS among them.
Switch A, Switch B, and Switch C belong to Area 10, and Switch D belongs to Area 20.
Configure neighbor relationship authentication between neighbors. Configure area authentication in Area 10 to prevent untrusted routes from entering into the area. Configure routing domain authentication on Switch C and Switch D to prevent untrusted routes from entering the routing domain.
Configuration procedure
1. Configure IP addresses for interfaces. (Details not shown.)
2. Configure basic IS-IS:
# Configure Switch A.
<SwitchA> system-view
[SwitchA] isis 1
[SwitchA-isis-1] network-entity 10.0000.0000.0001.00
[SwitchA-isis-1] quit
[SwitchA] interface vlan-interface 100
[SwitchA-Vlan-interface100] isis enable 1
[SwitchA-Vlan-interface100] quit
# Configure Switch B.
<SwitchB> system-view
[SwitchB] isis 1
[SwitchB-isis-1] network-entity 10.0000.0000.0002.00
[SwitchB-isis-1] quit
[SwitchB] interface vlan-interface 200
[SwitchB-Vlan-interface200] isis enable 1
[SwitchB-Vlan-interface200] quit
# Configure Switch C.
<SwitchC> system-view
[SwitchC] isis 1
[SwitchC-isis-1] network-entity 10.0000.0000.0003.00
[SwitchC-isis-1] quit
[SwitchC] interface vlan-interface 200
[SwitchC-Vlan-interface200] isis enable 1
[SwitchC-Vlan-interface200] quit
[SwitchC] interface vlan-interface 300
[SwitchC-Vlan-interface300] isis enable 1
[SwitchC-Vlan-interface300] quit
[SwitchC] interface vlan-interface 300
[SwitchC-Vlan-interface300] isis enable 1
[SwitchC-Vlan-interface300] quit
# Configure Switch D.
<SwitchD> system-view
[SwitchD] isis 1
[SwitchD-isis-1] network-entity 20.0000.0000.0001.00
[SwitchD-isis-1] quit
[SwitchD] interface vlan-interface 300
[SwitchD-Vlan-interface300] isis enable 1
[SwitchD-Vlan-interface300] quit
3. Configure neighbor relationship authentication between neighbors:
# Configure the authentication mode as MD5 and set the plaintext password to eRq on VLAN-interface 100 of Switch A and on VLAN-interface 100 of Switch C.
[SwitchA] interface vlan-interface 100
[SwitchA-Vlan-interface100] isis authentication-mode md5 plain eRg
[SwitchA-Vlan-interface100] quit
[SwitchC] interface vlan-interface 100
[SwitchC-Vlan-interface100] isis authentication-mode md5 plain eRg
[SwitchC-Vlan-interface100] quit
# Configure the authentication mode as MD5 and set the plaintext password to t5Hr on VLAN-interface 200 of Switch B and on VLAN-interface 200 of Switch C.
[SwitchB] interface vlan-interface 200
[SwitchB-Vlan-interface200] isis authentication-mode md5 plain t5Hr
[SwitchB-Vlan-interface200] quit
[SwitchC] interface vlan-interface 200
[SwitchC-Vlan-interface200] isis authentication-mode md5 plain t5Hr
[SwitchC-Vlan-interface200] quit
# Configure the authentication mode as MD5 and set the plaintext password to hSec on VLAN-interface 300 of Switch D and on VLAN-interface 300 of Switch C.
[SwitchC] interface vlan-interface 300
[SwitchC-Vlan-interface300] isis authentication-mode md5 plain hSec
[SwitchC-Vlan-interface300] quit
[SwitchD] interface vlan-interface 300
[SwitchD-Vlan-interface300] isis authentication-mode md5 plain hSec
[SwitchD-Vlan-interface300] quit
4. Configure the area authentication mode as MD5 and set the plaintext password to 10Sec on Switch A, Switch B, and Switch C.
[SwitchA] isis 1
[SwitchA-isis-1] area-authentication-mode md5 plain 10Sec
[SwitchA-isis-1] quit
[SwitchB] isis 1
[SwitchB-isis-1] area-authentication-mode md5 plain 10Sec
[SwitchB-isis-1] quit
[SwitchC] isis 1
[SwitchC-isis-1] area-authentication-mode md5 plain 10Sec
[SwitchC-isis-1] quit
5. Configure routing domain authentication mode as MD5 and set the plaintext password to 1020Sec on Switch C and Switch D.
[SwitchC] isis 1
[SwitchC-isis-1] domain-authentication-mode md5 plain 1020Sec
[SwitchC-isis-1] quit
[SwitchD] isis 1
[SwitchD-isis-1] domain-authentication-mode md5 plain 1020Sec
IS-IS GR configuration example
Network requirements
As shown in Figure 43, Switch A, Switch B, and Switch C belong to the same IS-IS routing domain.
Configuration procedure
1. Configure IP addresses and subnet masks for interfaces. (Details not shown.)
2. Configure IS-IS on the switches to make sure Switch A, Switch B, and Switch C can communicate with each other at layer 3 and dynamic route update can be implemented among them with IS-IS. (Details not shown.)
3. Enable IS-IS GR on Switch A.
<SwitchA> system-view
[SwitchA] isis 1
[SwitchA-isis-1] graceful-restart
[SwitchA-isis-1] return
Verifying the configuration
After Switch A establishes adjacencies with Switch B and Switch C, they begin to exchange routing information. Restart IS-IS on Switch A, which enters the restart state and sends connection requests to its neighbors through the GR mechanism to synchronize the LSDB. To display the IS-IS GR status on Switch A, use the display isis graceful-restart status command.
# Restart the IS-IS process on Switch A.
<SwitchA> reset isis all 1 graceful-restart
Reset IS-IS process? [Y/N]:y
# Check the GR status of IS-IS on Switch A.
<SwitchA> display isis graceful-restart status
Restart information for IS-IS(1)
--------------------------------
Restart status: COMPLETE
Restart phase: Finish
Restart t1: 3, count 10; Restart t2: 60; Restart t3: 300
SA Bit: supported
Level-1 restart information
---------------------------
Total number of interfaces: 1
Number of waiting LSPs: 0
Level-2 restart information
---------------------------
Total number of interfaces: 1
Number of waiting LSPs: 0
BFD for IS-IS configuration example
Network requirements
· As shown in Figure 44, run IS-IS on Switch A, Switch B and Switch C so that can reach each other at the network layer.
· After the link over which Switch A and Switch B communicate through the Layer-2 switch fails, BFD can quickly detect the failure and notify IS-IS of the failure. Switch A and Switch B then communicate through Switch C.
|
Device |
Interface |
IP address |
Device |
Interface |
IP address |
|
Switch A |
Vlan-int10 |
10.1.0.102/24 |
Switch B |
Vlan-int10 |
10.1.0.100/24 |
|
|
Vlan-int11 |
11.1.1.1/24 |
|
Vlan-int13 |
13.1.1.1/24 |
|
Switch C |
Vlan-int11 |
11.1.1.2/24 |
|
|
|
|
|
Vlan-int13 |
13.1.1.2/24 |
|
|
|
Configuration procedure
1. Configure IP addresses for interfaces. (Details not shown.)
2. Configure basic IS-IS:
# Configure Switch A.
<SwitchA> system-view
[SwitchA] isis
[SwitchA-isis-1] network-entity 10.0000.0000.0001.00
[SwitchA-isis-1] quit
[SwitchA] interface vlan-interface 10
[SwitchA-Vlan-interface10] isis enable
[SwitchA-Vlan-interface10] quit
[SwitchA] interface vlan-interface 11
[SwitchA-Vlan-interface11] isis enable
[SwitchA-Vlan-interface11] quit
# Configure Switch B.
<SwitchB> system-view
[SwitchB] isis
[SwitchB-isis-1] network-entity 10.0000.0000.0002.00
[SwitchB-isis-1] quit
[SwitchB] interface vlan-interface 10
[SwitchB-Vlan-interface10] isis enable
[SwitchB-Vlan-interface10] quit
[SwitchB] interface vlan-interface 13
[SwitchB-Vlan-interface13] isis enable
[SwitchB-Vlan-interface13] quit
# Configure Switch C.
<SwitchC> system-view
[SwitchC] isis
[SwitchC-isis-1] network-entity 10.0000.0000.0003.00
[SwitchC-isis-1] quit
[SwitchC] interface vlan-interface 11
[SwitchC-Vlan-interface11] isis enable
[SwitchC-Vlan-interface11] quit
[SwitchC] interface vlan-interface 13
[SwitchC-Vlan-interface13] isis enable
[SwitchC-Vlan-interface13] quit
3. Configure BFD functions:
# Enable BFD and configure BFD parameters on Switch A.
[SwitchA] bfd session init-mode passive
[SwitchA] interface vlan-interface 10
[SwitchA-Vlan-interface10] isis bfd enable
[SwitchA-Vlan-interface10] bfd min-receive-interval 500
[SwitchA-Vlan-interface10] bfd min-transmit-interval 500
[SwitchA-Vlan-interface10] bfd detect-multiplier 7
# Enable BFD and configure BFD parameters on Switch B.
[SwitchB] bfd session init-mode active
[SwitchB] interface vlan-interface 10
[SwitchB-Vlan-interface10] isis bfd enable
[SwitchB-Vlan-interface10] bfd min-receive-interval 500
[SwitchB-Vlan-interface10] bfd min-transmit-interval 500
[SwitchB-Vlan-interface10] bfd detect-multiplier 8
[SwitchB-Vlan-interface10] return
Verifying the configuration
# Display the BFD session information on Switch A.
<SwitchA> display bfd session
Total Session Num: 1 Up Session Num: 1 Init Mode: Active
IPv4 Session Working Under Ctrl Mode:
LD/RD SourceAddr DestAddr State Holdtime Interface
3/1 192.168.0.102 192.168.0.100 Up 1700ms Vlan10
# Display routes destined for 120.1.1.0/24 on Switch A.
<SwitchA> display ip routing-table 120.1.1.0 verbose
Summary Count : 1
Destination: 120.1.1.0/24
Protocol: ISIS Process ID: 1
SubProtID: 0x1 Age: 04h20m37s
Cost: 10 Preference: 10
Tag: 0 State: Active Adv
OrigTblID: 0x0 OrigVrf: default-vrf
TableID: 0x2 OrigAs: 0
NBRID: 0x26000002 LastAs: 0
AttrID: 0xffffffff Neighbor: 0.0.0.0
Flags: 0x1008c OrigNextHop: 192.168.0.100
Label: NULL RealNextHop: 192.168.0.100
BkLabel: NULL BkNextHop: N/A
Tunnel ID: Invalid Interface: Vlan-interface10
BkTunnel ID: Invalid BkInterface: N/A
The output shows that Switch A and Switch B communicate through VLAN-interface 10. Then the link over VLAN-interface 10 fails.
# Display routes destined for 120.1.1.0/24 on Switch A.
<SwitchA> display ip routing-table 120.1.1.0 verbose
Summary Count : 1
Destination: 120.1.1.0/24
Protocol: ISIS Process ID: 1
SubProtID: 0x1 Age: 04h20m37s
Cost: 20 Preference: 10
Tag: 0 State: Active Adv
OrigTblID: 0x0 OrigVrf: default-vrf
TableID: 0x2 OrigAs: 0
NBRID: 0x26000002 LastAs: 0
AttrID: 0xffffffff Neighbor: 0.0.0.0
Flags: 0x1008c OrigNextHop: 10.1.1.100
Label: NULL RealNextHop: 10.1.1.100
BkLabel: NULL BkNextHop: N/A
Tunnel ID: Invalid Interface: Vlan-interface11
BkTunnel ID: Invalid BkInterface: N/A
The output shows that Switch A and Switch B communicate through VLAN-interface 11.
IS-IS FRR configuration example
Network requirements
As shown in Figure 45, Switch S, Switch A, and Switch D belong to the same IS-IS routing domain. Configure IS-IS FRR so that when the Link A fails, traffic can be switched to Link B immediately.
Configuration procedure
1. Configure IP addresses and subnet masks for interfaces on the switches. (Details not shown.)
2. Configure IS-IS on the switches to make sure Switch A, Switch D, and Switch S can communicate with each other at Layer 3. (Details not shown.)
3. Configure IS-IS FRR:
Enable IS-IS FRR to automatically calculate a backup next hop, or designate a backup next hop by using a referenced routing policy.
? (Method 1.) Enable IS-IS FRR to automatically calculate a backup next hop:
# Configure Switch S.
<SwitchS> system-view
[SwitchS] bfd echo-source-ip 2.2.2.2
[SwitchS] isis 1
[SwitchS-isis-1] fast-reroute auto
[SwitchS-isis-1] quit
# Configure Switch D.
<SwitchD> system-view
[SwitchD] bfd echo-source-ip 3.3.3.3
[SwitchD] isis 1
[SwitchD-isis-1] fast-reroute auto
[SwitchD-isis-1] quit
? (Method 2.) Enable IS-IS FRR to designate a backup next hop by using a referenced routing policy:
# Configure Switch S.
<SwitchS> system-view
[SwitchS] bfd echo-source-ip 1.1.1.1
[SwitchS] ip prefix-list abc index 10 permit 4.4.4.4 32
[SwitchS] route-policy frr permit node 10
[SwitchS-route-policy-frr-10] if-match ip address prefix-list abc
[SwitchS-route-policy-frr-10] apply fast-reroute backup-interface vlan-interface 100 backup-nexthop 12.12.12.2
[SwitchS-route-policy-frr-10] quit
[SwitchS] isis 1
[SwitchS-isis-1] fast-reroute route-policy frr
[SwitchS-isis-1] quit
# Configure Switch D.
<SwitchD> system-view
[SwitchD] bfd echo-source-ip 4.4.4.4
[SwitchD] ip prefix-list abc index 10 permit 1.1.1.1 32
[SwitchD] route-policy frr permit node 10
[SwitchD-route-policy-frr-10] if-match ip address prefix-list abc
[SwitchD-route-policy-frr-10] apply fast-reroute backup-interface vlan-interface 101 backup-nexthop 24.24.24.2
[SwitchD-route-policy-frr-10] quit
[SwitchD] isis 1
[SwitchD-isis-1] fast-reroute route-policy frr
[SwitchD-isis-1] quit
Verifying the configuration
# Display route 4.4.4.4/32 on Switch S to view the backup next hop information.
[SwitchS] display ip routing-table 4.4.4.4 verbose
Summary Count : 1
Destination: 4.4.4.4/32
Protocol: ISIS Process ID: 1
SubProtID: 0x1 Age: 04h20m37s
Cost: 10 Preference: 10
Tag: 0 State: Active Adv
OrigTblID: 0x0 OrigVrf: default-vrf
TableID: 0x2 OrigAs: 0
NBRID: 0x26000002 LastAs: 0
AttrID: 0xffffffff Neighbor: 0.0.0.0
Flags: 0x1008c OrigNextHop: 13.13.13.2
Label: NULL RealNextHop: 13.13.13.2
BkLabel: NULL BkNextHop: 12.12.12.2
Tunnel ID: Invalid Interface: Vlan-interface200
BkTunnel ID: Invalid BkInterface: Vlan-interface100
# Display route 1.1.1.1/32 on Switch D to view the backup next hop information.
[SwitchD] display ip routing-table 1.1.1.1 verbose
Summary Count : 1
Destination: 1.1.1.1/32
Protocol: ISIS Process ID: 1
SubProtID: 0x1 Age: 04h20m37s
Cost: 10 Preference: 10
Tag: 0 State: Active Adv
OrigTblID: 0x0 OrigVrf: default-vrf
TableID: 0x2 OrigAs: 0
NBRID: 0x26000002 LastAs: 0
AttrID: 0xffffffff Neighbor: 0.0.0.0
Flags: 0x1008c OrigNextHop: 13.13.13.1
Label: NULL RealNextHop: 13.13.13.1
BkLabel: NULL BkNextHop: 24.24.24.2
Tunnel ID: Invalid Interface: Vlan-interface200
BkTunnel ID: Invalid BkInterface: Vlan-interface101
Configuring BGP
Overview
Border Gateway Protocol (BGP) is an exterior gateway protocol (EGP). It is called internal BGP (IBGP) when it runs within an AS and called external BGP (EBGP) when it runs between ASs.
The current version in use is BGP-4 (RFC 4271).
BGP has the following characteristics:
· Focuses on route control and selection rather than route discovery and calculation.
· Uses TCP to enhance reliability.
· Measures the distance of a route by using a list of ASs that the route must travel through to reach the destination. BGP is also called a path-vector protocol.
· Supports CIDR.
· Reduces bandwidth consumption by advertising only incremental updates. BGP is very suitable to advertise large numbers of routes on the Internet.
· Eliminates routing loops by adding AS path information to BGP route updates.
· Uses policies to implement flexible route filtering and selection.
· Has good scalability.
BGP speaker and BGP peer
A router running BGP is a BGP speaker. A BGP speaker establishes peer relationships with other BGP speakers to exchange routing information over TCP connections.
BGP peers include the following types:
· IBGP peers—Reside in the same AS as the local router.
· EBGP peers—Reside in different ASs from the local router.
BGP message types
BGP uses the following message types:
· Open—After establishing a TCP connection, BGP sends an Open message to establish a session with the peer.
· Update—BGP sends update messages to exchange routing information between peers. Each update message can advertise a group of feasible routes with identical attributes and multiple withdrawn routes.
· Keepalive—BGP sends Keepalive messages between peers to maintain connectivity.
· Route-refresh—BGP sends a Route-refresh message to request the routing information of a specified address family from a peer.
· Notification—BGP sends a Notification message upon detecting an error and immediately closes the connection.
BGP path attributes
BGP uses the following path attributes in update messages for route filtering and selection:
· ORIGIN
The ORIGIN attribute specifies the origin of BGP routes. This attribute has the following types:
? IGP—Has the highest priority. Routes generated in the local AS have the IGP attribute.
? EGP—Has the second highest priority. Routes obtained through EGP have the EGP attribute.
? INCOMPLETE—Has the lowest priority. The source of routes with this attribute is unknown. Routes redistributed from other routing protocols have the INCOMPLETE attribute.
· AS_PATH
The AS_PATH attribute identifies the ASs through which a route has passed. Before advertising a route to another AS, BGP adds the local AS number into the AS_PATH attribute, so the receiver can determine ASs to route the message back.
The AS_PATH attribute has the following types:
? AS_SEQUENCE—Arranges AS numbers in sequence. As shown in Figure 46, the number of the AS closest to the receiver's AS is leftmost.
? AS_SET—Arranges AS numbers randomly.
Figure 46 AS_PATH attribute
BGP uses the AS_PATH attribute to implement the following functions:
? Avoid routing loops—A BGP router does not receive routes containing the local AS number to avoid routing loops.
? Affect route selection—BGP gives priority to the route with the shortest AS_PATH length if other factors are the same. As shown in Figure 46, the BGP router in AS 50 gives priority to the route passing AS 40 for sending data to the destination 8.0.0.0. In some applications, you can apply a routing policy to control BGP route selection by modifying the AS_PATH length. For more information about routing policy, see "Configuring routing policies."
? Filter routes—By using an AS path list, you can filter routes based on AS numbers contained in the AS_PATH attribute. For more information about AS path list, see "Configuring routing policies."
· NEXT_HOP
The NEXT_HOP attribute might not be the IP address of a directly connected router. Its value is determined as follows:
? When a BGP speaker advertises a self-originated route to a BGP peer, it sets the address of the sending interface as the NEXT_HOP.
? When a BGP speaker sends a received route to an EBGP peer, it sets the address of the sending interface as the NEXT_HOP.
? When a BGP speaker sends a route received from an EBGP peer to an IBGP peer, it does not modify the NEXT_HOP attribute. If load balancing is configured, BGP modifies the NEXT_HOP attribute for the equal-cost routes. For load balancing information, see "BGP load balancing."
· MED (MULTI_EXIT_DISC)
BGP advertises the MED attribute between two neighboring ASs, each of which does not advertise the attribute to any other AS.
Similar to metrics used by IGPs, MED is used to determine the optimal route for traffic going into an AS. When a BGP router obtains multiple routes to the same destination, but with different next hops from different EBGP peers, it considers the route with the smallest MED value the optimal route given that other conditions are the same. As shown in Figure 48, traffic from AS 10 to AS 20 travels through Router B that is selected according to MED.
Figure 48 MED attribute
Generally BGP only compares MEDs of routes received from the same AS. You can also use the compare-different-as-med command to force BGP to compare MED values of routes received from different ASs.
· LOCAL_PREF
The LOCAL_PREF attribute is exchanged between IBGP peers only, and is not advertised to any other AS. It indicates the priority of a BGP router.
BGP uses LOCAL_PREF to determine the optimal route for traffic leaving the local AS. When a BGP router obtains from several IBGP peers multiple routes to the same destination but with different next hops, it considers the route with the highest LOCAL_PREF value as the optimal route. As shown in Figure 49, traffic from AS 20 to AS 10 travels through Router C that is selected according to LOCAL_PREF.
Figure 49 LOCAL_PREF attribute
· COMMUNITY
The COMMUNITY attribute identifies the community of BGP routes. A BGP community is a group of routes with the same characteristics. It has no geographical boundaries. Routes of different ASs can belong to the same community.
A route can carry one or more COMMUNITY attribute values (each of which is represented by a 4-byte integer). A router uses the COMMUNITY attribute to determine whether to advertise the route and the advertising scope without using complex filters such as ACLs. This mechanism simplifies routing policy configuration, management, and maintenance.
Well-known COMMUNITY attributes involve the following:
? INTERNET—By default, all routes belong to the Internet community. Routes with this attribute can be advertised to all BGP peers.
? NO_EXPORT—Routes with this attribute cannot be advertised out of the local AS or out of the local confederation, but can be advertised to other sub-ASs in the confederation. For confederation information, see "Settlements for problems in large-scale BGP networks."
? No_ADVERTISE—Routes with this attribute cannot be advertised to other BGP peers.
? No_EXPORT_SUBCONFED—Routes with this attribute cannot be advertised out of the local AS or other sub-ASs in the local confederation.
You can configure BGP community lists to filter BGP routes based on the BGP COMMUNITY attribute.
· Extended community attribute
To meet new demands, BGP defines the extended community attribute. The extended community attribute has the following advantages over the COMMUNITY attribute:
? Provides more attribute values by extending the attribute length to eight bytes.
? Allows for using different types of extended community attributes in different scenarios to enhance route filtering and control and simplify configuration and management.
BGP route selection
BGP discards routes with unreachable NEXT_HOPs. If multiple routes to the same destination are available, BGP selects the optimal route in the following sequence:
1. The route with the highest Preferred_value.
2. The route with the highest LOCAL_PREF.
3. The route generated by the network command, the route redistributed by the import-route command, or the summary route in turn.
4. The route with the shortest AS_PATH.
5. The IGP, EGP, or INCOMPLETE route in turn.
6. The route with the lowest MED value.
7. The route learned from EBGP, confederation EBGP, confederation IBGP, or IBGP in turn.
8. The route with the smallest next hop metric.
9. The route with the shortest CLUSTER_LIST.
10. The route with the smallest ORIGINATOR_ID.
11. The route advertised by the router with the smallest router ID.
12. The route advertised by the peer with the lowest IP address.
The CLUSTER_IDs of route reflectors form a CLUSTER_LIST. If a route reflector receives a route that contains its own CLUSTER ID in the CLUSTER_LIST, the router discards the route to avoid routing loops.
If load balancing is configured, the system selects available routes to implement load balancing.
BGP route advertisement rules
BGP follow these rules for route advertisement:
· When multiple feasible routes to a destination exist, BGP advertises only the optimal route to its peers. If the advertise-rib-active command is configured, BGP advertises the optimal route in the IP routing table; if not, BGP advertise the optimal route in the BGP routing table.
· BGP advertises only routes that it uses.
· BGP advertises routes learned from an EBGP peer to all BGP peers, including both EBGP and IBGP peers.
· BGP advertises routes learned from an IBGP peer to EBGP peers, rather than other IBGP peers.
· After establishing a session with a new BGP peer, BGP advertises all the routes matching the above rules to the peer. After that, BGP advertises only incremental updates to the peer.
BGP load balancing
BGP implements load balancing through route recursion and route selection.
· BGP load balancing through route recursion.
The next hop of a BGP route might not be directly connected. One of the reasons is next hops in routing information exchanged between IBGP peers are not modified. The BGP router must find the directly connected next hop through IGP. The matching route with the direct next hop is called the recursive route. The process of finding a recursive route is route recursion.
The system supports BGP load balancing based on route recursion. If multiple recursive routes to the same destination are load balanced (suppose three direct next hop addresses), BGP generates the same number of next hops to forward packets. BGP load balancing based on route recursion is always enabled by the system rather than configured by using commands.
· BGP load balancing through route selection.
IGP routing protocols, such as RIP and OSPF, compute the metrics of routes, and implement load balancing over the routes with the same metric and to the same destination. The route selection criterion is metric.
BGP has no route computation algorithm, so it cannot perform load balancing according to the metrics of routes. BGP implements load balancing over the routes that meet the following requirements:
? The routes have the same AS_PATH, ORIGIN, LOCAL_PREF, and MED attributes. (When the balance as-path-neglect command is executed, BGP implements load balancing over routes with different AS_PATH attributes. Make sure this command does not cause any rooting loops.)
? The routes are all reflected or not reflected by the route reflector.
BGP does not use the route selection rules described in "BGP route selection" for load balancing.
As shown in Figure 50, Router A and Router B are IBGP peers of Router C. Router D and Router E both advertise a route 9.0.0.0 to Router C. If load balancing with a maximum number of two routes is configured on Router C, and the two routes have the same AS_PATH, ORIGIN, LOCAL_PREF, and MED, Router C installs both the two routes to its routing table for load balancing. After that, Router C forwards to Router A and Router B a single route that has NEXT_HOP changed to Router C and other attributes changed to those of the optimal route.
|
|
NOTE: BGP load balancing is applicable between EBGP peers, between IBGP peers, and between confederations. |
Settlements for problems in large-scale BGP networks
You can use the following methods to facilitate management and improve route distribution efficiency on a large-scale BGP network.
· Route summarization
Route summarization can reduce the BGP routing table size by advertising summary routes rather than more specific routes.
The system supports both manual and automatic route summarization. Manual route summarization allows you to determine the attribute of a summary route and whether to advertise more specific routes.
· Route dampening
Route frapping (a route comes up and disappears in the routing table frequently) causes BGP to send many routing updates. It can consume too many resources and affect other operations.
In most cases, BGP runs in complex networks where route changes are more frequent. To solve the problem caused by route flapping, you can use BGP route dampening to suppress unstable routes.
BGP route dampening uses a penalty value to judge the stability of a route. The bigger the value, the less stable the route. Each time a route state change (from reachable to unreachable) occurs, or a reachable route's attribute changes, BGP adds a penalty value (1000, which is a fixed number and cannot be changed) to the route. When the penalty value of the route exceeds the suppress value, the route is suppressed and cannot become the optimal route. When the penalty value reaches the upper limit, no penalty value is added.
If the suppressed route does not flap, its penalty value gradually decreases to half of the suppress value after a period of time. This period is called "Half-life." When the value decreases to the reusable threshold value, the route is usable again.
Figure 51 BGP route dampening
· Peer group
You can organize BGP peers with the same attributes into a group to simplify their configurations.
When a peer joins the peer group, the peer obtains the same configuration as the peer group. If the configuration of the peer group is changed, the configuration of group members is changed.
· Community
You can apply a community list or an extended community list to a routing policy for route control. For more information, see "BGP path attributes."
· Route reflector
IBGP peers must be fully meshed to maintain connectivity. If n routers exist in an AS, the number of IBGP connections is n(n-1)/2. If a large number of IBGP peers exist, large amounts of network and CPU resources are consumed to maintain sessions.
Using route reflectors can solve this issue. In an AS, a router acts as a route reflector, and other routers act as clients connecting to the route reflector. The route reflector forwards routing information received from a client to other clients. In this way, all clients can receive routing information from one another without establishing BGP sessions.
A router that is neither a route reflector nor a client is a non-client, which, as shown in Figure 52, must establish BGP sessions to the route reflector and other non-clients.
Figure 52 Network diagram for a route reflector
The route reflector and clients form a cluster. Typically a cluster has one route reflector. The ID of the route reflector is the Cluster_ID. You can configure more than one route reflector in a cluster to improve availability, as shown in Figure 53. The configured route reflectors must have the same Cluster_ID to avoid routing loops.
Figure 53 Network diagram for route reflectors
When the BGP routers in an AS are fully meshed, route reflection is unnecessary because it consumes more bandwidth resources. You can use commands to disable route reflection instead of modifying network configuration or changing network topology.
After route reflection is disabled between clients, routes can still be reflected between a client and a non-client.
· Confederation
Confederation is another method to manage growing IBGP connections in an AS. It splits an AS into multiple sub-ASs. In each sub-AS, IBGP peers are fully meshed. As shown in Figure 54, intra-confederation EBGP connections are established between sub-ASs in AS 200.
Figure 54 Confederation network diagram
A non-confederation BGP speaker does not need to know sub-ASs in the confederation. It considers the confederation as one AS, and the confederation ID as the AS number. In the above figure, AS 200 is the confederation ID.
Confederation has a deficiency. When you change an AS into a confederation, you must reconfigure the routers, and the topology will be changed.
In large-scale BGP networks, you can use both route reflector and confederation.
BGP configuration views
BGP uses different views to manage routing information for different address families and different VPN instances. Most BGP commands are available in all BGP views. BGP supports multiple VPN instances by establishing a separate routing table for each VPN instance.
Table 11 describes different BGP configuration views.
Table 11 BGP configuration views
|
View names |
Ways to enter the views |
Remarks |
||
|
BGP view |
Configurations in this view apply to all address families on the public network and all VPN instances (such as confederation, GR, and logging configurations), or apply to all address families on the public network. |
|||
|
BGP IPv4 unicast address family view |
Configurations in this view apply to IPv4 unicast routes and peers on the public network. |
|||
|
BGP VPNv4 address family view |
This view is available in Release 1138P01 and later versions. Configurations in this view apply to VPNv4 routes and peers of the specified BGP instance. For more information about configurations in BGP VPNv4 address family view, see MPLS Configuration Guide. |
|||
|
BGP-VPN instance view |
Configurations in this view apply to all address families in the specified VPN instance. |
|||
|
BGP-VPN IPv4 unicast address family view |
Configurations in this view apply to IPv4 unicast routes and peers in the specified VPN instance. |
|||
|
BGP-VPN VPNv4 address family view |
This view is available in Release 1138P01 and later versions. Configurations in this view apply to VPNv4 routes and peers in the specified VPN instance of the specified BGP instance. For more information about configurations in BGP-VPN VPNv4 address family view, see MPLS Configuration Guide. |
|||
Protocols and standards
· RFC 1700, ASSIGNED NUMBERS
· RFC 1771, A Border Gateway Protocol 4 (BGP-4)
· RFC 2858, Multiprotocol Extensions for BGP-4
· RFC 3392, Capabilities Advertisement with BGP-4
· RFC 2918, Route Refresh Capability for BGP-4
· RFC 2439, BGP Route Flap Damping
· RFC 1997, BGP Communities Attribute
· RFC 2796, BGP Route Reflection
· RFC 3065, Autonomous System Confederations for BGP
· RFC 4271, A Border Gateway Protocol 4 (BGP-4)
· RFC 4724, Graceful Restart Mechanism for BGP
· RFC 4360, BGP Extended Communities Attribute
· RFC 5082, The Generalized TTL Security Mechanism (GTSM)
BGP configuration task list
In a basic BGP network, you only need to perform the following configurations:
· Enable BGP.
· Configure BGP peers or peer groups. If you configure a BGP setting at both the peer group and the peer level, the most recent configuration takes effect on the peer.
· Control BGP route generation.
To control BGP route distribution and path selection, you must perform additional configuration tasks.
To configure BGP, perform the following tasks:
Configuring basic BGP
This section describes the basic settings required for a BGP network to run.
Enabling BGP
A router ID is the unique identifier of a BGP router in an AS.
· To ensure the uniqueness of a router ID and enhance availability, specify in BGP view the IP address of a local loopback interface as the router ID.
· If no router ID is specified in BGP view, the global router ID is used.
· To modify a non-zero router ID of BGP, use the router-id command in BGP view, rather than the router id command in system view.
· If you specify a router ID in BGP view and then remove the interface that owns the router ID, the router does not select a new router ID. To select a new router ID, use the undo router-id command in BGP view.
To enable BGP:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Configure a global router ID. |
router id router-id |
By default, no global router ID is configured, and BGP uses the highest loopback interface IP address—if any—as the router ID. If no loopback interface IP address is available, BGP uses the highest physical interface IP address as the route ID regardless of the interface status. |
|
3. Enable BGP and enter BGP view or BGP-VPN instance view. |
·
Enable BGP and enter BGP view: · Enable BGP and enter BGP-VPN instance view: a. bgp as-number b. ip vpn-instance vpn-instance-name |
By default, BGP is not enabled. A router can reside in only one AS, so the router can run only one BGP process. To enter BGP-VPN instance view, the specified VPN instance must already exist and have the route distinguisher (RD) configured. For more information, see MPLS Configuration Guide. |
|
4. Configure the router ID. |
router-id { router-id | auto-select } |
By default, the global router ID is used. The auto-select keyword is supported only in BGP-VPN instance view. |
Configuring a BGP peer
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter BGP view or BGP-VPN instance view. |
·
Enter BGP view: · Enter BGP-VPN instance view: a. bgp as-number b. ip vpn-instance vpn-instance-name |
N/A |
|
3. Create an IPv4 BGP peer and specify its AS number. |
peer ip-address as-number as-number |
By default, no IPv4 BGP peer is created. |
|
4. (Optional.) Configure a description for a peer. |
peer ip-address description description-text |
By default, no description is configured for a peer. |
|
5. Create and enter BGP IPv4 unicast address family view or BGP-VPN IPv4 unicast address family view. |
address-family ipv4 [ unicast ] |
By default, the BGP IPv4 unicast address family view and BGP-VPN IPv4 unicast address family view are not created. |
|
6. Enable the router to exchange IPv4 unicast routing information with the specified peer. |
peer ip-address enable |
By default, the router cannot exchange IPv4 unicast routing information with the peer. |
Configuring dynamic BGP peers
This feature enables BGP to establish dynamic BGP peer relationships with devices in a network. BGP accepts connection requests from the network but it does not initiate connection requests to the network.
After a device in the network initiates a connection request, BGP establishes a dynamic peer relationship with the device.
If multiple BGP peers reside in the same network, you can use this feature to simplify BGP peer configuration.
To configure dynamic BGP peers:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter BGP view or BGP-VPN instance view. |
·
Enter BGP view: · Enter BGP-VPN instance view: a. bgp as-number b. ip vpn-instance vpn-instance-name |
N/A |
|
3. Specify devices in a network as dynamic BGP peers and specify an AS number for the peers. |
peer ip-address mask-length as-number as-number |
By default, no dynamic BGP peer is specified. |
|
4. (Optional.) Configure a description for dynamic BGP peers. |
peer ip-address mask-length description description-text |
By default, no description is configured for dynamic BGP peers. |
|
5. Create the BGP IPv4 unicast address family or BGP-VPN IPv4 unicast address family and enter its view. |
address-family ipv4 [ unicast ] |
By default, the BGP IPv4 unicast address family or BGP-VPN IPv4 unicast address family is not created. |
|
6. Enable BGP to exchange IPv4 unicast routing information with dynamic BGP peers in the specified network. |
peer ip-address mask-length enable |
By default, BGP cannot exchange IPv4 unicast routing information with dynamic BGP peers. |
Configuring a BGP peer group
The peers in a peer group use the same route selection policy.
In a large-scale network, many peers can use the same route selection policy. You can configure a peer group and add these peers into this group. When you change the policy for the group, the modification also applies to the peers in the group.
A peer group is an IBGP peer group if peers in it belong to the local AS, and is an EBGP peer group if peers in it belong to different ASs.
Configuring an IBGP peer group
After you create an IBGP peer group and then add a peer into it, the system creates the peer in BGP view and specifies the local AS number for the peer.
To configure an IBGP peer group:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter BGP view or BGP-VPN instance view. |
·
Enter BGP view: · Enter BGP-VPN instance view: a. bgp as-number b. ip vpn-instance vpn-instance-name |
N/A |
|
3. Create an IBGP peer group. |
group group-name [ internal ] |
By default, no IBGP peer group is created. |
|
4. Add a peer into the IBGP peer group. |
peer ip-address [ mask-length ] group group-name [ as-number as-number ] |
By default, no peer exists in the peer group. To use the as-number as-number option, you must specify the local AS number. |
|
5. (Optional.) Configure a description for a peer group. |
peer group-name description description-text |
By default, no description is configured for the peer group. |
|
6. Create and enter BGP IPv4 unicast address family view or BGP-VPN IPv4 unicast address family view. |
address-family ipv4 [ unicast ] |
By default, the BGP IPv4 unicast address family view and BGP-VPN IPv4 unicast address family view are not created. |
|
7. Enable the router to exchange IPv4 unicast routing information with peers in the specified peer group. |
peer group-name enable |
By default, the router cannot exchange IPv4 unicast routing information with the peers. |
Configuring an EBGP peer group
If peers in an EBGP group belong to the same external AS, the EBGP peer group is a pure EBGP peer group. If not, it is a mixed EBGP peer group.
Use one of the following methods to configure an EBGP peer group:
· Method 1—Create an EBGP peer group, specify its AS number, and add peers into it. All the added peers have the same AS number. All peers in the peer group have the same AS number as the peer group. You can specify an AS number for a peer before adding it into the peer group. The AS number must be the same as that of the peer group.
· Method 2—Create an EBGP peer group, specify an AS number for a peer, and add the peer into the peer group. Peers added in the group can have different AS numbers.
· Method 3—Create an EBGP peer group and add a peer with an AS number into it. Peers added in the group can have different AS numbers.
To configure an EBGP peer group by using Method 1:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter BGP view or BGP-VPN instance view. |
·
Enter BGP view: · Enter BGP-VPN instance view: a. bgp as-number b. ip vpn-instance vpn-instance-name |
N/A |
|
3. Create an EBGP peer group. |
group group-name external |
By default, no EBGP peer group is created. |
|
4. Specify the AS number for the group. |
peer group-name as-number as-number |
By default, no AS number is specified. If a peer group contains peers, you cannot remove or change its AS number. |
|
5. Add a peer into the EBGP peer group. |
peer ip-address [ mask-length ] group group-name [ as-number as-number ] |
By default, no peer exists in the peer group. The as-number as-number option, if used, must specify the same AS number as the peer group-name as-number as-number command. |
|
6. (Optional.) Configure a description for a peer group. |
peer group-name description description-text |
By default, no description is configured for the peer group. |
|
7. Create and enter BGP IPv4 unicast address family view or BGP-VPN IPv4 unicast address family view. |
address-family ipv4 [ unicast ] |
By default, the BGP IPv4 unicast address family view and BGP-VPN IPv4 unicast address family view are not created. |
|
8. Enable the router to exchange IPv4 unicast routing information with peers in the specified peer group. |
peer group-name enable |
By default, the router cannot exchange IPv4 unicast routing information with the peers. |
To configure an EBGP peer group by using Method 2:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter BGP view or BGP-VPN instance view. |
·
Enter BGP view: · Enter BGP-VPN instance view: a. bgp as-number b. ip vpn-instance vpn-instance-name |
N/A |
|
3. Create an EBGP peer group. |
group group-name external |
By default, no EBGP peer group is created. |
|
4. Create an IPv4 BGP peer and specify its AS number. |
peer ip-address [ mask-length ] as-number as-number |
By default, no IPv4 BGP peer is created. |
|
5. Add the peer into the EBGP peer group. |
peer ip-address [ mask-length ] group group-name [ as-number as-number ] |
By default, no peer exists in the peer group. The as-number as-number option, if used, must specify the same AS number as the peer ip-address as-number as-number command. |
|
6. (Optional.) Configure a description for a peer group. |
peer group-name description description-text |
By default, no description is configured for the peer group. |
|
7. Create and enter BGP IPv4 unicast address family view or BGP-VPN IPv4 unicast address family view. |
address-family ipv4 [ unicast ] |
By default, the BGP IPv4 unicast address family view and BGP-VPN IPv4 unicast address family view are not created. |
|
8. Enable the router to exchange IPv4 unicast routing information with peers in the specified peer group. |
peer group-name enable |
By default, the router cannot exchange IPv4 unicast routing information with the peers. |
To configure an EBGP peer group by using Method 3:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter BGP view or BGP-VPN instance view. |
·
Enter BGP view: · Enter BGP-VPN instance view: a. bgp as-number b. ip vpn-instance vpn-instance-name |
N/A |
|
3. Create an EBGP peer group. |
group group-name external |
By default, no EBGP peer group is created. |
|
4. Add a peer into the EBGP peer group. |
peer ip-address [ mask-length ] group group-name as-number as-number |
By default, no peer exists in the peer group. |
|
5. (Optional.) Configure a description for the peer group. |
peer group-name description description-text |
By default, no description is configured for the peer group. |
|
6. Create and enter BGP IPv4 unicast address family view or BGP-VPN IPv4 unicast address family view. |
address-family ipv4 [ unicast ] |
By default, the BGP IPv4 unicast address family view and BGP-VPN IPv4 unicast address family view are not created. |
|
7. Enable the router to exchange IPv4 unicast routing information with peers in the specified peer group. |
peer group-name enable |
By default, the router cannot exchange IPv4 unicast routing information with the peers. |
Specifying the source address of TCP connections
By default, BGP uses the primary IPv4 address of the output interface in the optimal route to a peer or peer group as the source interface of TCP connections to the peer or peer group. You can change the source address in the following scenarios:
· If the peer's IP address belongs to an interface indirectly connected to the local router, you must specify that interface as the source interface for TCP connections on the peer. For example, interface A on the local end is directly connected to interface B on the peer. If you use the peer x.x.x.x as-number as-number command in which x.x.x.x is not the IP address of interface B on the local end, you must use the peer connect-interface command on the peer to specify the interface whose IP address is x.x.x.x as the source interface for establishing a TCP connection.
· On a BGP router that has multiple links to a peer, if the source interface fails, BGP has to re-establish TCP connections. To avoid this problem, use a loopback interface as the source interface.
· To establish multiple BGP sessions between two routers, specify the source interface for establishing TCP connections to each peer on the local router. Otherwise, the local BGP router might fail to establish a TCP connection to a peer when using the outbound interface of the optimal route to the peer as the source interface.
To specify the source address of TCP connections:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter BGP view or BGP-VPN instance view. |
·
Enter BGP view: · Enter BGP-VPN instance view: a. bgp as-number b. ip vpn-instance vpn-instance-name |
N/A |
|
3. Specify the source address of TCP connections to a peer or peer group. |
peer ipv4-address [ mask-length ] source-address source-ipv4-address peer group-name source-address source-ipv4-address |
By default, BGP uses the primary IPv4 address of the output interface in the optimal route to the peer or peer group as the source interface for TCP connection establishment. The peer source-address command is available in Release 1138P01 and later versions. |
|
4. Specify the source interface of TCP connections to a peer or peer group. |
peer { group-name | ip-address [ mask-length ] } connect-interface interface-type interface-number |
Generating BGP routes
BGP can generate routes in the following ways:
· Advertise local networks.
· Redistribute IGP routes.
Injecting a local network
Perform this task to inject a network in the local routing table to the BGP routing table, so BGP can advertise the network to BGP peers. The ORIGIN attribute of BGP routes advertised in this way is IGP. You can also use a routing policy to control route advertisement.
The specified network must be available and active in the local IP routing table.
To inject a local network:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter BGP view or BGP-VPN instance view. |
·
Enter BGP view: · Enter BGP-VPN instance view: a. bgp as-number b. ip vpn-instance vpn-instance-name |
N/A |
|
3. Enter BGP IPv4 unicast address family view or BGP-VPN IPv4 unicast address family view. |
address-family ipv4 [ unicast ] |
N/A |
|
4. Inject a local network to the BGP routing table. |
network ip-address [ mask | mask-length ] [ route-policy route-policy-name ] |
By default, BGP does not advertise any local network. |
Redistributing IGP routes
Perform this task to configure route redistribution from an IGP to BGP.
By default, BGP does not redistribute default IGP routes. You can use the default-route imported command to redistribute default IGP routes into the BGP routing table.
Only active routes can be redistributed. To view route state information, use the display ip routing-table protocol command.
The ORIGIN attribute of BGP routes redistributed from IGPs is INCOMPLETE.
To configure BGP to redistribute IGP routes:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter BGP view or BGP-VPN instance view. |
·
Enter BGP view: · Enter BGP-VPN instance view: a. bgp as-number b. ip vpn-instance vpn-instance-name |
N/A |
|
3. Enter BGP IPv4 unicast address family view or BGP-VPN IPv4 unicast address family view. |
address-family ipv4 [ unicast ] |
N/A |
|
4. Enable route redistribution from the specified IGP into BGP. |
import-route protocol [ { process-id | all-processes } [ med med-value | route-policy route-policy-name ] * ] |
By default, BGP does not redistribute IGP routes. |
|
5. (Optional.) Enable default route redistribution into BGP. |
default-route imported |
By default, BGP does not redistribute default routes. |
Controlling route distribution and reception
This section describes how to control route distribution and reception.
Configuring BGP route summarization
Route summarization can reduce the number of redistributed routes and the routing table size. IPv4 BGP supports automatic route summarization and manual route summarization. Manual summarization takes precedence over automatic summarization.
The output interface of a BGP summary route is Null 0 on the originating router. Therefore, a summary route must not be an optimal route on the originating router. Otherwise, BGP will fail to forward packets matching the route. If a summarized specific route has the same mask as the summary route, but has a lower priority, the summary route becomes the optimal route. To ensure correct packet forwarding, change the priority of the summary or specific route to make the specific route as the optimal route.
Configuring automatic route summarization
Automatic route summarization enables BGP to summarize IGP subnet routes redistributed by the import-route command so BGP advertises only natural network routes.
To configure automatic route summarization:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter BGP view or BGP-VPN instance view. |
·
Enter BGP view: · Enter BGP-VPN instance view: a. bgp as-number b. ip vpn-instance vpn-instance-name |
N/A |
|
3. Enter BGP IPv4 unicast address family view or BGP-VPN IPv4 unicast address family view. |
address-family ipv4 [ unicast ] |
N/A |
|
4. Configure automatic route summarization. |
summary automatic |
By default, automatic route summarization is not configured. |
Configuring manual route summarization
By configuring manual route summarization, you can summarize both redistributed routes and routes injected using the network command and determine the mask length for a summary route as needed.
To configure BGP manual route summarization:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter BGP view or BGP-VPN instance view. |
·
Enter BGP view: · Enter BGP-VPN instance view: a. bgp as-number b. ip vpn-instance vpn-instance-name |
N/A |
|
3. Enter BGP IPv4 unicast address family view or BGP-VPN IPv4 unicast address family view. |
address-family ipv4 [ unicast ] |
N/A |
|
4. Create a summary route in the BGP routing table. |
aggregate ip-address { mask | mask-length } [ as-set | attribute-policy route-policy-name | detail-suppressed | origin-policy route-policy-name | suppress-policy route-policy-name ] * |
By default, no summary route is configured. |
Advertising optimal routes in the IP routing table
By default, BGP advertises optimal routes in the BGP routing table, which might not be optimal in the IP routing table. This task allows you to advertise BGP routes that are optimal in the IP routing table to all BGP peers.
To enable BGP to advertise optimal routes in the IP routing table:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter BGP view. |
bgp as-number |
N/A |
|
3. Enable BGP to advertise optimal routes in the IP routing table. |
advertise-rib-active |
By default, BGP advertises optimal routes in the BGP routing table. |
Advertising a default route to a peer or peer group
Perform this task to advertise a default BGP route with the next hop being the advertising router to a peer or peer group.
To advertise a default route to a peer or peer group:
|
Command |
Remarks |
|
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter BGP view or BGP-VPN instance view. |
·
Enter BGP view: · Enter BGP-VPN instance view: a. bgp as-number b. ip vpn-instance vpn-instance-name |
N/A |
|
3. Enter BGP IPv4 unicast address family view or BGP-VPN IPv4 unicast address family view. |
address-family ipv4 [ unicast ] |
N/A |
|
4. Advertise a default route to a peer or peer group. |
peer { group-name | ip-address [ mask-length ] } default-route-advertise [ route-policy route-policy-name ] |
By default, no default route is advertised. |
Limiting routes received from a peer or peer group
This feature can prevent attacks that send a large number of BGP routes to the router.
If the number of routes received from a peer or peer group exceeds the upper limit, the router takes one of the following actions based on your configuration:
· Tears down the BGP session to the peer or peer group.
· Continues to receive routes from the peer or peer group and generates a log message.
· Tears down the BGP session to the peer or peer group and, after a specific period of time, re-establishes a BGP session to the peer or peer group.
You can specify a percentage threshold for the router to display an alarm message. When the ratio of the number of received routes to the maximum number reaches the percentage value, the router displays an alarm message.
To limit routes that a router can receive from a peer or peer group:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter BGP view or BGP-VPN instance view. |
·
Enter BGP view: · Enter BGP-VPN instance view: a. bgp as-number b. ip vpn-instance vpn-instance-name |
N/A |
|
3. Enter BGP IPv4 unicast address family view or BGP-VPN IPv4 unicast address family view. |
address-family ipv4 [ unicast ] |
N/A |
|
4. Specify the maximum number of routes that a router can receive from a peer or peer group. |
peer { group-name | ip-address [ mask-length ] } route-limit prefix-number [ { alert-only | discard | reconnect reconnect-time } | percentage-value ] * |
By default, the number of routes that a router can receive from a peer or peer group is not limited. |
Configuring BGP route filtering policies
Configuration prerequisites
Before you configure BGP routing filtering policies, configure the following filters used for route filtering as needed:
· ACL (see ACL and QoS Configuration Guide)
· Prefix list (see "Configuring routing policies")
· Routing policy (see "Configuring routing policies")
· AS path list (see "Configuring routing policies")
Configuring BGP route distribution filtering policies
To configure BGP route distribution filtering policies, use the following methods:
· Use an ACL or prefix list to filter routing information advertised to all peers.
· Use a routing policy, ACL, AS path list, or prefix list to filter routing information advertised to a peer or peer group.
If you configure multiple filtering policies, apply them in the following sequence:
1. filter-policy export
2. peer filter-policy export
3. peer as-path-acl export
4. peer prefix-list export
5. peer route-policy export
Only routes passing all the configured policies can be advertised.
To configure BGP route distribution filtering policies:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter BGP view or BGP-VPN instance view. |
·
Enter BGP view: · Enter BGP-VPN instance view: a. bgp as-number b. ip vpn-instance vpn-instance-name |
N/A |
|
3. Enter BGP IPv4 unicast address family view or BGP-VPN IPv4 unicast address family view. |
address-family ipv4 [ unicast ] |
N/A |
|
4. Configure BGP route distribution filtering policies. |
·
Reference an ACL or IP prefix list to
filter advertised BGP routes: ·
Reference a routing policy to filter BGP routes advertised to a peer or peer
group: ·
Reference an ACL to filter BGP routes advertised to a peer or peer
group: ·
Reference an AS path list to filter BGP
routes advertised to a peer or peer group: ·
Reference an IPv4 prefix list to filter BGP routes
advertised to a peer or peer group: |
Use at least one method. By default, no BGP distribution filtering policy is configured. |
Configuring BGP route reception filtering policies
You can use the following methods to configure BGP route reception filtering policies:
· Use an ACL or prefix list to filter routing information received from all peers.
· Use a routing policy, ACL, AS path list, or prefix list to filter routing information received from a peer or peer group.
If you configure multiple filtering policies, apply them in the following sequence:
1. filter-policy import
2. peer filter-policy import
3. peer as-path-acl import
4. peer prefix-list import
5. peer route-policy import
Only routes passing all the configured policies can be received.
To configure BGP route reception filtering policies:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter BGP view or BGP-VPN instance view. |
·
Enter BGP view: · Enter BGP-VPN instance view: a. bgp as-number b. ip vpn-instance vpn-instance-name |
N/A |
|
3. Enter BGP IPv4 unicast address family view or BGP-VPN IPv4 unicast address family view. |
address-family ipv4 [ unicast ] |
N/A |
|
4. Configure BGP route reception filtering policies. |
·
Reference an ACL or IP prefix list to
filter BGP routes received from all peers: ·
Reference a routing policy to filter BGP routes received from a peer or peer
group: ·
Reference an ACL to filter BGP routes received from a peer or peer
group: ·
Reference an AS path list to filter BGP
routes received from a peer or peer group: ·
Reference an IPv4 prefix list to filter BGP routes received from a peer or peer group: |
Use at least one method. By default, no route reception filtering is configured. |
Configuring BGP update advertisement delay
Perform this task to configure the device to delay sending BGP updates on reboot. After BGP update advertisement delay is configured, BGP redistributes all routes from other neighbors on reboot, and then advertises the optimal route. This configuration reduces traffic loss due to the reboot.
To configure BGP update advertisement delay:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter BGP view. |
bgp as-number |
N/A |
|
3. Configure BGP update advertisement delay. |
bgp update-delay on-startup { seconds | prefix-list prefix-list-name } |
By default, the device immediately sends BGP updates on reboot. |
Configuring BGP route dampening
Route dampening enables BGP to not select unstable routes as optimal routes.
To configure BGP route dampening:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter BGP view or BGP-VPN instance view. |
·
Enter BGP view: · Enter BGP-VPN instance view: a. bgp as-number b. ip vpn-instance vpn-instance-name |
N/A |
|
3. Enter BGP IPv4 unicast address family view or BGP-VPN IPv4 unicast address family view. |
address-family ipv4 [ unicast ] |
N/A |
|
4. Configure BGP route dampening. |
dampening [ half-life-reachable half-life-unreachable reuse suppress ceiling | route-policy route-policy-name ] * |
By default, BGP route dampening is not configured. |
Controlling BGP path selection
By configuring BGP path attributes, you can control BGP path selection.
Specifying a preferred value for routes received
Perform this task to set a preferred value for specific routes to control BGP path selection.
Among multiple routes that have the same destination/mask and are learned from different peers, the one with the greatest preferred value is selected as the optimal route.
To specify a preferred value for routes from a peer or peer group:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter BGP view or BGP-VPN instance view. |
·
Enter BGP view: · Enter BGP-VPN instance view: a. bgp as-number b. ip vpn-instance vpn-instance-name |
N/A |
|
3. Enter BGP IPv4 unicast address family view or BGP-VPN IPv4 unicast address family view. |
address-family ipv4 [ unicast ] |
N/A |
|
4. Specify a preferred value for routes received from a peer or peer group. |
peer { group-name | ip-address [ mask-length ] } preferred-value value |
The default preferred value is 0. |
Configuring preferences for BGP routes
Routing protocols each have a default preference. If they find multiple routes destined for the same network, the route found by the routing protocol with the highest preference is selected as the optimal route.
You can use the preference command to modify preferences for EBGP, IBGP, and local BGP routes, or reference a routing policy to set a preference for matching routes (for routes not matching the routing policy, the default preference applies).
If a device has an EBGP route and a local BGP route to reach the same destination, it does not select the EBGP route because the EBGP route has a lower preference than the local BGP route by default. You can use the network short-cut command to configure the EBGP route as a shortcut route that has the same preference as the local BGP route so that the EBGP route will more likely become the optimal route.
To configure preferences for BGP routes:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter BGP view or BGP-VPN instance view. |
·
Enter BGP view: · Enter BGP-VPN instance view: a. bgp as-number b. ip vpn-instance vpn-instance-name |
N/A |
|
3. Enter BGP IPv4 unicast address family view or BGP-VPN IPv4 unicast address family view. |
address-family ipv4 [ unicast ] |
N/A |
|
4. Configure preferences for EBGP, IBGP, and local BGP routes. |
preference { external-preference internal-preference local-preference | route-policy route-policy-name } |
The default preferences for EBGP, IBGP, and local BGP routes are 255, 255, and 130. |
|
5. Configure an EBGP route as a shortcut route. |
network ip-address [ mask | mask-length ] short-cut |
By default, an EBGP route has a preference of 255. |
Configuring the default local preference
The local preference is used to determine the optimal route for traffic leaving the local AS. When a BGP router obtains from several IBGP peers multiple routes to the same destination, but with different next hops, it considers the route with the highest local preference as the optimal route.
This task allows you to specify the default local preference for routes sent to IBGP peers.
To specify the default local preference:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter BGP view or BGP-VPN instance view. |
·
Enter BGP view: · Enter BGP-VPN instance view: a. bgp as-number b. ip vpn-instance vpn-instance-name |
N/A |
|
3. Enter BGP IPv4 unicast address family view or BGP-VPN IPv4 unicast address family view. |
address-family ipv4 [ unicast ] |
N/A |
|
4. Configure the default local preference. |
default local-preference value |
The default local preference is 100. |
Configuring the MED attribute
BGP uses MED to determine the optimal route for traffic going into an AS. When a BGP router obtains from EBGP peers multiple routes to the same destination but with different next hops, it considers the route with the smallest MED value as the optimal route if other conditions are the same.
Configuring the default MED value
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter BGP view or BGP-VPN instance view. |
·
Enter BGP view: · Enter BGP-VPN instance view: a. bgp as-number b. ip vpn-instance vpn-instance-name |
N/A |
|
3. Enter BGP IPv4 unicast address family view or BGP-VPN IPv4 unicast address family view. |
address-family ipv4 [ unicast ] |
N/A |
|
4. Configure the default MED value. |
default med med-value |
The default MED value is 0. |
Enabling MED comparison for routes from different ASs
This task enables BGP to compare the MEDs of routes from different ASs.
To enable MED comparison for routes from different ASs:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter BGP view or BGP-VPN instance view. |
·
Enter BGP view: · Enter BGP-VPN instance view: a. bgp as-number b. ip vpn-instance vpn-instance-name |
N/A |
|
3. Enter BGP IPv4 unicast address family view or BGP-VPN IPv4 unicast address family view. |
address-family ipv4 [ unicast ] |
N/A |
|
4. Enable MED comparison for routes from different ASs. |
compare-different-as-med |
By default, this feature is disabled. |
Enabling MED comparison for routes on a per-AS basis
This task enables BGP to compare the MEDs of routes from an AS.
Figure 55 Route selection based on MED (in an IPv4 network)
As shown in Figure 55, Router D learns network 10.0.0.0 from both Router A and Router B. Because Router B has a smaller router ID, the route learned from Router B is optimal.
Network NextHop MED LocPrf PrefVal Path/Ogn
*>i 10.0.0.0 2.2.2.2 50 0 300e
* i 3.3.3.3 50 0 200e
When Router D learns network 10.0.0.0 from Router C, it compares the route with the optimal route in its routing table. Because Router C and Router B reside in different ASs, BGP does not compare the MEDs of the two routes. Router C has a smaller router ID than Router B so the route from Router C becomes optimal.
Network NextHop MED LocPrf PrefVal Path/Ogn
*>i 10.0.0.0 1.1.1.1 60 0 200e
* i 10.0.0.0 2.2.2.2 50 0 300e
* i 3.3.3.3 50 0 200e
However, Router C and Router A reside in the same AS, and Router C has a greater MED, so network 10.0.0.0 learned from Router C should not be optimal.
You can configure the bestroute compare-med command to enable MED comparison for routes from the same AS on Router D. After that, Router D puts the routes received from each AS into a group, selects the route with the lowest MED from each group, and compares routes from different groups. This mechanism avoids the above-mentioned problem. The following output shows the BGP routing table on Router D after this feature is enabled. Network 10.0.0.0 learned from Router B is the optimal route.
Network NextHop MED LocPrf PrefVal Path/Ogn
*>i 10.0.0.0 2.2.2.2 50 0 300e
* i 3.3.3.3 50 0 200e
* i 1.1.1.1 60 0 200e
To enable MED comparison for routes on a per-AS basis:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter BGP view or BGP-VPN instance view. |
·
Enter BGP view: · Enter BGP-VPN instance view: a. bgp as-number b. ip vpn-instance vpn-instance-name |
N/A |
|
3. Enter BGP IPv4 unicast address family view or BGP-VPN IPv4 unicast address family view. |
address-family ipv4 [ unicast ] |
N/A |
|
4. Enable MED comparison for routes on a per-AS basis. |
bestroute compare-med |
By default, this feature is disabled. |
Enabling MED comparison for routes from confederation peers
This task enables BGP to compare the MEDs of routes received from confederation peers. However, if a route received from a confederation peer has an AS number that does not belong to the confederation, BGP does not compare the route with other routes. For example, a confederation has three AS numbers 65006, 65007, and 65009. BGP receives three routes from different confederation peers. The AS_PATH attributes of these routes are 65006 65009, 65007 65009, and 65008 65009, and the MED values of them are 2, 3, and 1. Because the third route's AS_PATH attribute contains AS number 65008 that does not belong to the confederation, BGP does not compare it with other routes. As a result, the first route becomes the optimal route.
To enable MED comparison for routes from confederation peers:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter BGP view or BGP-VPN instance view. |
·
Enter BGP view: · Enter BGP-VPN instance view: a. bgp as-number b. ip vpn-instance vpn-instance-name |
N/A |
|
3. Enter BGP IPv4 unicast address family view or BGP-VPN IPv4 unicast address family view. |
address-family ipv4 [ unicast ] |
N/A |
|
4. Enable MED comparison for routes from confederation peers. |
bestroute med-confederation |
By default, this feature is disabled. |
Configuring the NEXT_HOP attribute
By default, a BGP router does not set itself as the next hop for routes advertised to an IBGP peer or peer group. In some cases, however, you must configure the advertising router as the next hop to make sure the BGP peer can find the correct next hop.
For example, as shown in Figure 56, Router A and Router B establish an EBGP neighbor relationship, and Router B and Router C establish an IBGP neighbor relationship. If Router C has no route destined for IP address 1.1.1.1/24, you must configure Router B to set itself 3.1.1.1/24 as the next hop for the network 2.1.1.1/24 advertised to Router C.
Figure 56 NEXT_HOP attribute configuration
If a BGP router has two peers on a broadcast network, it does not set itself as the next hop for routes sent to an EBGP peer by default. As shown in Figure 57, Router A and Router B establish an EBGP neighbor relationship, and Router B and Router C establish an IBGP neighbor relationship. They are on the same broadcast network 1.1.1.0/24. When Router B sends EBGP routes to Router A, it does not set itself as the next hop by default. However, you can configure Router B to set it (1.1.1.2/24) as the next hop for routes sent to Router A by using the peer next-hop-local command as needed.
Figure 57 NEXT_HOP attribute configuration
|
|
IMPORTANT: If you have configured BGP load balancing, the router sets itself as the next hop for routes sent to an IBGP peer or peer group regardless of whether the peer next-hop-local command is configured. |
To configure the NEXT_HOP attribute:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter BGP view or BGP-VPN instance view. |
·
Enter BGP view: · Enter BGP-VPN instance view: a. bgp as-number b. ip vpn-instance vpn-instance-name |
N/A |
|
3. Enter BGP IPv4 unicast address family view or BGP-VPN IPv4 unicast address family view. |
address-family ipv4 [ unicast ] |
N/A |
|
4. Specify the router as the next hop for routes sent to a peer or peer group. |
peer { group-name | ip-address [ mask-length ] } next-hop-local |
By default, the router sets itself as the next hop for routes sent to an EBGP peer or peer group, but does not set itself as the next hop for routes sent to an IBGP peer or peer group. |
Configuring the AS_PATH attribute
Permitting local AS number to appear in routes from a peer or peer group
In general, BGP checks whether the AS_PATH attribute of a route from a peer contains the local AS number. If yes, it discards the route to avoid routing loops.
In certain network environments , however, the AS_PATH attribute of a route from a peer must be allowed to contain the local AS number. Otherwise, the route cannot be advertised correctly.
To permit the local AS number to appear in routes from a peer or peer group and specify the appearance times:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter BGP view or BGP-VPN instance view. |
·
Enter BGP view: · Enter BGP-VPN instance view: a. bgp as-number b. ip vpn-instance vpn-instance-name |
N/A |
|
3. Enter BGP IPv4 unicast address family view or BGP-VPN IPv4 unicast address family view. |
address-family ipv4 [ unicast ] |
N/A |
|
4. Permit the local AS number to appear in routes from a peer or peer group and specify the appearance times. |
peer { group-name | ip-address [ mask-length ] } allow-as-loop [ number ] |
By default, the local AS number is not allowed in routes from a peer or peer group. |
Disabling BGP from considering AS_PATH during optimal route selection
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter BGP view or BGP-VPN instance view. |
·
Enter BGP view: · Enter BGP-VPN instance view: a. bgp as-number b. ip vpn-instance vpn-instance-name |
N/A |
|
3. Enter BGP IPv4 unicast address family view or BGP-VPN IPv4 unicast address family view. |
address-family ipv4 [ unicast ] |
N/A |
|
4. Disable BGP from considering AS_PATH during optimal route selection. |
bestroute as-path-neglect |
By default, BGP considers AS_PATH during optimal route selection. |
Advertising a fake AS number to a peer or peer group
After you move a BGP router from an AS to another AS (from AS 2 to AS 3 for example), you have to modify the AS number of the router on all its EBGP peers. To avoid such modifications, you can configure the router to advertise a fake AS number 2 to its EBGP peers so that the EBGP peers still think that Router A is in AS 2.
To advertise a fake AS number to a peer or peer group:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter BGP view or BGP-VPN instance view. |
·
Enter BGP view: · Enter BGP-VPN instance view: a. bgp as-number b. ip vpn-instance vpn-instance-name |
N/A |
|
3. Advertise a fake AS number to a peer or peer group. |
peer { group-name | ip-address [ mask-length ] } fake-as as-number |
By default, no fake AS number is advertised to a peer or peer group. This command applies only to EBGP peers or EBGP peer groups. |
Configuring AS number substitution
|
|
IMPORTANT: Do not configure AS number substitution in normal circumstances. Otherwise, routing loops might occur. |
To configure AS number substitution for a peer or peer group:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter BGP view or BGP-VPN instance view. |
·
Enter BGP view: · Enter BGP-VPN instance view: a. bgp as-number b. ip vpn-instance vpn-instance-name |
N/A |
|
3. Configure AS number substitution for a peer or peer group. |
peer { group-name | ip-address [ mask-length ] } substitute-as |
By default, AS number substitution is not configured. |
Removing private AS numbers from updates sent to an EBGP peer or peer group
Private AS numbers are typically used in test networks, and should not be transmitted in public networks. The range of private AS numbers is from 64512 to 65535.
To remove private AS numbers from updates sent to an EBGP peer or peer group:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter BGP view or BGP-VPN instance view. |
·
Enter BGP view: · Enter BGP-VPN instance view: a. bgp as-number b. ip vpn-instance vpn-instance-name |
N/A |
|
3. Enter BGP IPv4 unicast address family view or BGP-VPN IPv4 unicast address family view. |
address-family ipv4 [ unicast ] |
N/A |
|
4. Configure BGP to remove private AS numbers from the AS_PATH attribute of updates sent to an EBGP peer or peer group. |
peer { group-name | ip-address [ mask-length ] } public-as-only |
By default, this feature is not configured. This command is only applicable to EBGP peers or peer groups. |
Ignoring the first AS number of EBGP route updates
By default, BGP checks whether the first AS number in the AS_PATH attribute of a route update received from a peer is the AS number of that peer. If not, BGP discards the route update.
To ignore the first AS number of EBGP route updates:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter BGP view. |
bgp as-number |
N/A |
|
3. Configure BGP to ignore the first AS number of EBGP route updates. |
ignore-first-as |
By default, BGP checks the first AS number of EBGP route updates. |
Tuning and optimizing BGP networks
This section describes how to tune and optimize BGP networks.
Configuring the keepalive interval and hold time
BGP sends keepalive messages at a specific interval to keep the BGP session between two routers.
If a router receives no keepalive or update message from a peer within the hold time, it tears down the session.
You can configure the keepalive interval and hold time globally or for a specific peer or peer group. The individual settings take precedence over the global settings.
The actual keepalive interval and hold time are determined as follows:
· If the hold time settings on the local and peer routers are different, the smaller setting is used. If the hold time is 0, BGP does not send keepalive messages to its peers and never tears down the session.
· If the keepalive interval is 0 and the negotiated hold time is not 0, the actual keepalive interval equals 1/3 of the hold time. If the keepalive interval is not 0, the actual keepalive interval is the smaller one between 1/3 of the hold time and the keepalive interval.
To configure the keepalive interval and hold time:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter BGP view or BGP-VPN instance view. |
·
Enter BGP view: · Enter BGP-VPN instance view: a. bgp as-number b. ip vpn-instance vpn-instance-name |
N/A |
|
3. Configure the keepalive interval and hold time. |
·
Configure the global keepalive interval
and hold time: ·
Configure the keepalive interval and
hold time for a peer or peer group: |
Use either method. By default, the keepalive interval is 60 seconds, and hold time is 180 seconds. The timer command takes effect for new BGP sessions and does not affect existing sessions. If you modify the timers with the peer timer command, BGP immediately closes the existing BGP session and creates a new session to the peer by using the new settings. |
Configuring the interval for sending updates for the same route
A BGP router sends an update message to its peers when a route is changed. If the route changes frequently, the BGP router keeps sending updates for the same route, resulting route flapping. To prevent this situation, perform this task to configure the interval for sending updates for the same route to a peer or peer group.
To configure the interval for sending the same update to a peer or peer group:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter BGP view or BGP-VPN instance view. |
·
Enter BGP view: · Enter BGP-VPN instance view: a. bgp as-number b. ip vpn-instance vpn-instance-name |
N/A |
|
3. Configure the interval for sending updates for the same route to a peer or peer group. |
peer { group-name | ip-address [ mask-length ] } route-update-interval interval |
By default, the interval is 15 seconds for an IBGP peer and 30 seconds for an EBGP peer. |
Enabling BGP to establish an EBGP session over multiple hops
To establish an EBGP connection, two routers must have a direct physical link. If no direct link is available, you must use the peer ebgp-max-hop command to enable BGP to establish an EBGP session over multiple hops and specify the maximum hops.
If direct EBGP peers use indirectly connected interfaces (including loopback interfaces) to establish an EBGP session, you must perform the following tasks:
· Configure a routing protocol to ensure that a route exists between the two interfaces.
· Configure the peer ebgp-max-hop command to establish the session over multiple hops.
To enable BGP to establish an indirect EBGP session:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter BGP view or BGP-VPN instance view. |
·
Enter BGP view: · Enter BGP-VPN instance view: a. bgp as-number b. ip vpn-instance vpn-instance-name |
N/A |
|
3. Enable BGP to establish an EBGP session to an indirectly connected peer or peer group and specify the maximum hop count. |
peer { group-name | ip-address [ mask-length ] } ebgp-max-hop [ hop-count ] |
By default, BGP cannot establish an EBGP session to an indirectly connected peer or peer group. |
Enabling immediate re-establishment of direct EBGP connections upon link failure
When the link to a directly connected EBGP peer goes down, the router does not re-establish a session to the peer until the hold time timer expires. This feature enables BGP to immediately recreate the session in that situation. When this feature is disabled, route flapping does not affect EBGP session state.
To enable immediate re-establishment of direct EBGP connections:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter BGP view. |
bgp as-number |
N/A |
|
3. Enable immediate re-establishment of direct EBGP connections upon link failure. |
ebgp-interface-sensitive |
By default, this feature is enabled. |
Enabling 4-byte AS number suppression
BGP supports 4-byte AS numbers. The 4-byte AS number occupies four bytes, in the range of 1 to 4294967295. By default, a device sends an Open message to the peer device for session establishment. The Open message indicates that the device supports 4-byte AS numbers. If the peer device supports 2-byte AS numbers instead of 4-byte AS numbers, the session cannot be established. To resolve this issue, enable the 4-byte AS number suppression function. The device then sends an Open message to inform the peer that it does not support 4-byte AS numbers, so the BGP session can be established.
If the peer device supports 4-byte AS numbers, do not enable the 4-byte AS number suppression function. Otherwise, the BGP session cannot be established.
To enable 4-byte AS number suppression:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter BGP view or BGP-VPN instance view. |
·
Enter BGP view: · Enter BGP-VPN instance view: a. bgp as-number b. ip vpn-instance vpn-instance-name |
N/A |
|
3. Enable 4-byte AS number suppression. |
peer { group-name | ip-address [ mask-length ] } capability-advertise suppress-4-byte-as |
By default, 4-byte AS number suppression is not enabled. |
Enabling MD5 authentication for BGP peers
MD5 authentication provides the following benefits:
· Peer authentication makes sure that only BGP peers that have the same password can establish TCP connections.
· Integrity check makes sure that BGP packets exchanged between peers are intact.
To enable MD5 authentication for BGP peers:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter BGP view or BGP-VPN instance view. |
·
Enter BGP view: · Enter BGP-VPN instance view: a. bgp as-number b. ip vpn-instance vpn-instance-name |
Use either method. |
|
3. Enable MD5 authentication for a BGP peer group or peer. |
peer { group-name | ip-address [ mask-length ] } password { cipher | simple } password |
By default, MD5 authentication is disabled. |
Configuring BGP load balancing
Perform this task to specify the maximum number of BGP ECMP routes for load balancing.
To specify the maximum number of BGP ECMP routes for load balancing:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter BGP view or BGP-VPN instance view. |
·
Enter BGP view: · Enter BGP-VPN instance view: a. bgp as-number b. ip vpn-instance vpn-instance-name |
N/A |
|
3. Enter BGP IPv4 unicast address family view or BGP-VPN IPv4 unicast address family view. |
address-family ipv4 [ unicast ] |
N/A |
|
4. Specify the maximum number of BGP ECMP routes for load balancing. |
balance [ ebgp | eibgp | ibgp ] number |
By default, load balancing is disabled. |
|
|
NOTE: The balance as-path-neglect command enables BGP to implement load balancing over routes with different AS_PATH attributes. Before using the command, ensure that it does not cause any routing loops. |
Disabling BGP to establish a session to a peer or peer group
This task enables you to temporarily tear down the BGP session to a specific peer or peer group so that you can perform network upgrade and maintenance without needing to delete and reconfigure the peer or peer group. To recover the session, execute the undo peer ignore command.
To disable BGP to establish a session to a peer or peer group:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter BGP view or BGP-VPN instance view. |
·
Enter BGP view: · Enter BGP-VPN instance view: a. bgp as-number b. ip vpn-instance vpn-instance-name |
N/A |
|
3. Disable BGP to establish a session to a peer or peer group. |
peer { group-name | ip-address [ mask-length ] } ignore |
By default, BGP can establish a session to a peer or peer group. |
Configuring GTSM for BGP
|
|
IMPORTANT: · When GTSM is configured, the local device can establish an EBGP session to the peer after both devices pass GTSM check, regardless of whether the maximum number of hops is reached. · To use GTSM, you must configure GTSM on both the local and peer devices. You can specify different hop-count values for them. |
The Generalized TTL Security Mechanism (GTSM) protects a BGP session by comparing the TTL value in the IP header of incoming BGP packets against a valid TTL range. If the TTL value is within the valid TTL range, the packet is accepted. If not, the packet is discarded.
The valid TTL range is from 255 – the configured hop count + 1 to 255.
When GTSM is configured, the BGP packets sent by the device have a TTL of 255.
GTSM provides best protection for directly connected EBGP sessions, but not for multihop EBGP or IBGP sessions because the TTL of packets might be modified by intermediate devices.
To configure GTSM for BGP:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter BGP view or BGP-VPN instance view. |
·
Enter BGP view: · Enter BGP-VPN instance view: a. bgp as-number b. ip vpn-instance vpn-instance-name |
N/A |
|
3. Configure GTSM for the specified BGP peer or peer group. |
peer { group-name | ip-address [ mask-length ] } ttl-security hops hop-count |
By default, GTSM is not configured. |
Configuring BGP soft-reset
After you modify the route selection policy (for example, modify the preferred value), you must reset BGP sessions to apply the new policy. The reset operation tears down and re-establishes BGP sessions.
To avoid tearing down BGP sessions, you can use one of the following soft-reset methods to apply the new policy:
· Enabling route-refresh—The BGP router advertises a route-refresh message to the specified peer, and the peer resends its routing information to the router. After receiving the routing information, the router filters the routing information by using the new policy.
This method requires that both the local router and the peer support route refresh.
· Saving updates—Use the peer keep-all-routes command to save all route updates from the specified peer. After modifying the route selection policy, filter routing information by using the new policy.
This method does not require that the local router and the peer support route refresh but it uses more memory resources to save routes.
· Manual soft-reset—Use the refresh bgp command to enable BGP to send local routing information or advertise a route-refresh message to the specified peer so the peer resends its routing information. After receiving the routing information, the router filters the routing information by using the new policy.
This method requires that both the local router and the peer support route refresh.
Enabling route-refresh
To enable BGP route refresh for a peer or peer group:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter BGP view or BGP-VPN instance view. |
·
Enter BGP view: · Enter BGP-VPN instance view: a. bgp as-number b. ip vpn-instance vpn-instance-name |
N/A |
|
3. Enable BGP route refresh for a peer or peer group. |
·
Enable BGP route refresh for the specified peer or peer group: ·
Enable BGP
route refresh and
multi-protocol extension capability for the specified
peer or peer group: |
Use either method. By default, BGP route refresh is enabled. |
Saving updates
To save all route updates from the specified peer or peer group:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter BGP view or BGP-VPN instance view. |
·
Enter BGP view: · Enter BGP-VPN instance view: a. bgp as-number b. ip vpn-instance vpn-instance-name |
N/A |
|
3. Enter BGP IPv4 unicast address family view or BGP-VPN IPv4 unicast address family view. |
address-family ipv4 [ unicast ] |
N/A |
|
4. Save all route updates from the peer or peer group. |
peer { group-name | ip-address [ mask-length ] } keep-all-routes |
By default, the routes are not saved. This command takes effect only for the routes received after this command is executed. |
Configuring manual soft-reset
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter BGP view or BGP-VPN instance view. |
·
Enter BGP view: · Enter BGP-VPN instance view: a. bgp as-number b. ip vpn-instance vpn-instance-name |
N/A |
|
3. Enable BGP route refresh for a peer or peer group. |
·
Enable BGP route refresh for the specified peer or peer group: ·
Enable BGP
route refresh and
multi-protocol extension
capability for the specified peer
or peer group: |
By default, BGP route refresh is enabled. |
|
4. Return to user view. |
return |
N/A |
|
5. Perform manual soft-reset. |
refresh bgp { ip-address | all | external | group group-name | internal } { export | import } ipv4 [ unicast ] [ vpn-instance vpn-instance-name ] refresh bgp { ip-address [ mask-length ] | all | external | group group-name | internal } { export | import } vpnv4 [ vpn-instance vpn-instance-name ] |
The refresh bgp vpnv4 command is available in Release 1138P01 and later versions. |
Protecting an EBGP peer when memory usage reaches level 2 threshold
Memory usage includes the following threshold levels: normal, level 1, level 2, and level 3. When the level 2 threshold is reached, BGP periodically tears down an EBGP session to release memory resources until the memory usage falls below the level 2 threshold. You can configure this feature to avoid tearing down the EBGP session with a specific EBGP peer when the memory usage reaches the level 2 threshold.
For more information about memory usage thresholds, see Fundamentals Configuration Guide.
To configure BGP to protect an EBGP peer or peer group when the memory usage reaches level 2 threshold:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter BGP view or BGP-VPN instance view. |
·
Enter BGP view: · Enter BGP-VPN instance view: a. bgp as-number b. ip vpn-instance vpn-instance-name |
N/A |
|
3. Configure BGP to protect an EBGP peer or peer group when the memory usage reaches level 2 threshold. |
peer { group-name | ip-address [ mask-length ] } low-memory-exempt |
By default, BGP periodically tears down an EBGP session to release memory resources when level 2 threshold is reached. |
Configuring a large-scale BGP network
In a large network, the number of BGP connections is huge and BGP configuration and maintenance are complicated. To simply BGP configuration, you can use the peer group, community, route reflector, and confederation features as needed. For more information about configuring peer groups, see "Configuring a BGP peer group."
Configuring BGP community
By default, a router does not advertise the COMMUNITY or extended community attribute to its peers or peer groups. When the router receives a route carrying the COMMUNITY or extended community attribute, it removes the attribute before advertising the route to other peers or peer groups.
Perform this task to enable a router to advertise the COMMUNITY or extended community attribute to its peers for route filtering and control. You can also reference a routing policy to add or modify the COMMUNITY or extended community attribute for specific routes. For more information about routing policy, see "Configuring routing policies."
To configure BGP community:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter BGP view or BGP-VPN instance view. |
·
Enter BGP view: · Enter BGP-VPN instance view: a. bgp as-number b. ip vpn-instance vpn-instance-name |
N/A |
|
3. Enter BGP IPv4 unicast address family view or BGP-VPN IPv4 unicast address family view. |
address-family ipv4 [ unicast ] |
N/A |
|
4. Advertise the COMMUNITY or extended community attribute to a peer or peer group. |
·
Advertise the COMMUNITY attribute to a
peer or peer group: ·
Advertise the extended community attribute to
a peer or peer group: |
By default, the COMMUNITY or extended community attribute is not advertised. |
|
5. (Optional.) Apply a routing policy to routes advertised to a peer or peer group. |
peer { group-name | ip-address [ mask-length ] } route-policy route-policy-name export |
By default, no routing policy is applied. |
Configuring BGP route reflection
Configuring a BGP route reflector
Perform this task to configure a BGP route reflector and its clients. The route reflector and its clients automatically form a cluster identified by the router ID of the route reflector. The route reflector forwards route updates among its clients.
To improve availability, you can specify multiple route reflectors for a cluster. The route reflectors in the cluster must have the same cluster ID to avoid routing loops.
To configure a BGP route reflector:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter BGP view or BGP-VPN instance view. |
·
Enter BGP view: · Enter BGP-VPN instance view: a. bgp as-number b. ip vpn-instance vpn-instance-name |
N/A |
|
3. Enter BGP IPv4 unicast address family view or BGP-VPN IPv4 unicast address family view. |
address-family ipv4 [ unicast ] |
N/A |
|
4. Configure the router as a route reflector and specify a peer or peer group as its client. |
peer { group-name | ip-address [ mask-length ] } reflect-client |
By default, no route reflector or client is configured. |
|
5. Enable route reflection between clients. |
reflect between-clients |
By default, route reflection between clients is enabled. |
|
6. (Optional.) Configure the cluster ID of the route reflector. |
reflector cluster-id { cluster-id | ip-address } |
By default, a route reflector uses its own router ID as the cluster ID. |
Ignoring the ORIGINATOR_ID attribute
A router is configured with a router ID. When a router receives a BGP route update, it compares the router ID with the ORIGINATOR_ID attribute in the route update. If they are the same, the router drops the route update to avoid routing loops. However, for some networks (such as firewall networks) to operate correctly, BGP must not drop but accept such route updates. For BGP to accept such route updates, you must configure BGP to ignore the ORIGINATOR_ID attribute in BGP route updates.
To ignore the ORIGINATOR_ID attribute:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter BGP view or BGP-VPN instance view. |
·
Enter BGP view: · Enter BGP-VPN instance view: a. bgp as-number b. ip vpn-instance vpn-instance-name |
N/A |
|
3. Ignore the ORIGINATOR_ID attribute. |
peer { group-name | ip-address [ mask-length ] } ignore-originatorid |
By default, BGP does not ignore the ORIGINATOR_ID attribute. Make sure that this command does not result in a routing loop. After you execute this command, BGP also ignores the CLUSTER_LIST attribute. |
Configuring a BGP confederation
BGP confederation provides another way to reduce IBGP connections in an AS.
A confederation contains sub-ASs. In each sub-AS, IBGP peers are fully meshed. Sub-ASs establish EBGP connections in between.
Configuring a BGP confederation
After you split an AS into multiple sub-ASs, configure a router in a sub-AS as follows:
1. Enable BGP and specify the AS number of the router. For more information, see "Enabling BGP."
2. Specify the confederation ID. From an outsider's perspective, the sub-ASs of the confederation is a single AS, which is identified by the confederation ID.
3. If the router needs to establish EBGP connections to other sub-ASs, you must specify the peering sub-ASs in the confederation.
A confederation can contain a maximum of 32 sub-ASs. The AS number of a sub-AS is effective only in the confederation.
To configure a BGP confederation:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter BGP view. |
bgp as-number |
N/A |
|
3. Configure a confederation ID. |
confederation id as-number |
By default, no confederation ID is configured. |
|
4. Specify peering sub-ASs in the confederation. |
confederation peer-as as-number-list |
By default, no peering sub-AS is specified. |
Configuring confederation compatibility
If any routers in the confederation do not comply with RFC 3065, enable confederation compatibility to allow the router to work with those routers.
To configure confederation compatibility:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter BGP view. |
bgp as-number |
N/A |
|
3. Enable confederation compatibility. |
confederation nonstandard |
By default, confederation compatibility is disabled. |
Configuring BGP GR
GR ensures forwarding continuous when a routing protocol restarts or an active/standby switchover occurs. Two routers are required to complete a GR process. The following are router roles in a GR process:
· GR restarter—Performs GR upon a BGP restart or active/standby switchover.
· GR helper—Helps the GR restarter to complete the GR process.
A device can act as a GR restarter and GR helper at the same time.
BGP GR works as follows:
1. The BGP GR restarter and helper exchange Open messages for GR capability negotiation. If both parties have the GR capability, they establish a GR-capable session. The GR restarter sends the GR timer set by the graceful-restart timer restart command to the GR helper in an Open message.
2. When an active/standby switchover occurs or BGP restarts, the GR restarter does not remove existing BGP routes from Routing Information Base (RIB) and Forwarding Information Base (FIB). It still uses these routes for packet forwarding, and it starts the RIB purge timer set by the graceful-restart timer purge-time command. The GR helper marks all routes learned from the GR restarter as stale instead of deleting them. It continues to use these routes for packet forwarding. During the GR process, packet forwarding is not interrupted.
3. After the active/standby switchover or BGP restart completes, the GR restarter re-establishes a BGP session with the GR helper. If the BGP session fails to be established within the GR timer advertised by the GR restarter, the GR helper removes the stale routes.
4. If the BGP session is established, routing information is exchanged for the GR restarter to retrieve route entries and for the GR helper to recover stale routes.
5. Both the GR restarter and the GR helper start the End-Of-RIB marker waiting timer.
The End-Of-RIB marker waiting timer is set by the graceful-restart timer wait-for-rib command. If routing information exchange is not completed within the time, the GR restarter does not receive new routes. The GR restarter updates the RIB with the BGP routes already learned, and removes the stale routes from the RIB. The GR helper removes the stale routes.
6. The GR restarter quits the GR process if route information exchange is not completed before the RIB purge timer expires. It updates the RIB with the BGP routes already learned, and removes the stale routes.
Follow these guidelines when you configure BGP GR:
· The End-Of-RIB indicates the end of route updates.
· The maximum time to wait for the End-of-RIB marker configured on the local end is not advertised to the peer. It controls the time for the local end to receive updates from the peer.
Perform the following configuration on the GR restarter and GR helper.
To configure BGP GR:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter BGP view. |
bgp as-number |
N/A |
|
3. Enable GR capability for BGP. |
graceful-restart |
By default, GR capability is disabled for BGP. |
|
4. Configure the GR timer. |
graceful-restart timer restart timer |
The default setting is 150 seconds. The time that a peer waits to re-establish a session must be less than the hold time. |
|
5. Configure the maximum time to wait for the End-of-RIB marker. |
graceful-restart timer wait-for-rib timer |
The default setting is 180 seconds. |
|
6. Configure the RIB purge timer. |
graceful-restart timer purge-time timer |
The default setting is 480 seconds. |
Configuring BGP NSR
BGP nonstop routing (NSR) ensures continuous routing by synchronizing BGP state and data information from the active BGP process to the standby BGP process. The standby BGP process can seamlessly take over all services when the active process fails in one of the following situations:
· The active BGP process restarts.
· The MPU that runs the active BGP process fails.
· An ISSU is performed on the MPU that runs the active BGP process.
GR and NSR have the following differences:
· To implement NSR, the device must have at least two MPUs because the active and standby BGP processes run on different MPUs. To implement GR, the device only needs to have one MPU.
· GR requires GR-capable neighbors to help restore routing information. NSR does not need help because the standby process has all the BGP state and data information of the active process.
When both GR and NSR are configured for BGP, NSR has a higher priority than GR. The device will not act as the GR restarter. If the device acts as a GR helper, it cannot help the restarter to complete GR.
To configure BGP NSR:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter BGP view. |
bgp as-number |
N/A |
|
3. Enable BGP NSR. |
non-stop-routing |
By default, BGP NSR is disabled. |
Enabling SNMP notifications for BGP
This feature enables BGP to generate SNMP notifications. The generated SNMP notifications are sent to the SNMP module.
For more information about SNMP notifications, see Network Management and Monitoring Configuration Guide.
To enable SNMP notifications for BGP:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enable SNMP notifications for BGP. |
snmp-agent trap enable bgp |
By default, SNMP notifications for BGP are enabled. |
Enabling logging for session state changes
Perform this task to enable BGP to log BGP session establishment and disconnection events. To view the log information, use the display bgp peer ipv4 unicast log-info command. The logs are sent to the information center. The output rules of the logs (whether to output the logs and where to output) are determined by the information center configuration.
For more information about information center configuration, see Network Management and Monitoring Configuration Guide.
To enable logging for session state changes:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter BGP view. |
bgp as-number |
N/A |
|
3. Enable logging for session state changes globally. |
log-peer-change |
By default, logging for session state changes is enabled globally. |
Enabling logging for BGP route flapping
|
|
IMPORTANT: This feature is available in Release 1138P01 and later versions. |
This feature enables BGP to generate logs for BGP route flappings that trigger log generation. The generated logs are sent to the information center. For the logs to be output correctly, you must also configure information center on the device. For more information about information center, see Network Management and Monitoring Configuration Guide.
To enable logging for BGP route flapping (IPv4 unicast/IPv4 multicast):
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter BGP IPv4 unicast address family view or BGP-VPN IPv4 unicast address family view. |
· Enter BGP IPv4 unicast address family view: a. bgp as-number b. address-family ipv4 [ unicast ] · Enter BGP-VPN IPv4 unicast address family view: c. bgp as-number d. ip vpn-instance vpn-instance-name e. address-family ipv4 [ unicast ] |
N/A |
|
3. Enable logging for BGP route flapping. |
log-route-flap monitor-time monitor-count [ log-count-limit | route-policy route-policy-name ] * |
By default, logging for BGP route flapping is disabled. |
Configuring BFD for BGP
|
|
IMPORTANT: If you have enabled GR, use BFD with caution because BFD might detect a failure before the system performs GR, which will result in GR failure. If you have enabled both BFD and GR for BGP, do not disable BFD during a GR process to avoid GR failure. |
BGP maintains neighbor relationships based on the keepalive timer and hold timer in seconds. It requires that the hold time must be at least three times the keepalive interval. This mechanism makes link failure detection slow. Once a failure occurs on a high-speed link, a large quantity of packets will be dropped before routing convergence completes. BFD for BGP can solve this problem by fast detecting link failures to reduce convergence time.
For more information about BFD, see High Availability Configuration Guide.
Before you can enable BFD for the BGP peer, establish a BGP session between the local router and the peer.
To enable BFD for a BGP peer:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter BGP view or BGP-VPN instance view. |
·
Enter BGP view: · Enter BGP-VPN instance view: a. bgp as-number b. ip vpn-instance vpn-instance-name |
N/A |
|
3. Enable BFD to detect the link to the specified BGP peer. |
peer ip-address [ mask-length ] bfd [ multi-hop | single-hop ] |
By default, BFD is not enabled. |
Configuring BGP FRR
When a link fails, the packets on the link are discarded, and a routing loop might occur until BGP completes routing convergence based on the new network topology.
You can enable BGP fast reroute (FRR) to resolve this issue.
Figure 58 Network diagram for BGP FRR
After you configure FRR on Router B as shown in Figure 58, BGP generates a backup next hop Router C for the primary route. BGP uses echo-mode BFD (for IPv4) to detect the connectivity to Router D. When the link to Router D fails, BGP directs packets to the backup next hop. At the same time, BGP calculates a new optimal route, and forwards packets over the optimal route.
There are two methods to configure BGP FRR:
· Method 1—Execute the pic command in BGP address family view. BGP calculates a backup next hop for each BGP route in the address family if there are two or more unequal-cost routes that reach the destination.
· Method 2—Execute the fast-reroute route-policy command to reference a routing policy in which a backup next hop is specified by using the apply fast-reroute backup-nexthop command. The backup next hop calculated by BGP must be the same as the specified backup next hop. Otherwise, BGP does not generate a backup next hop for the primary route. You can also configure if-match clauses in the routing policy to identify the routes protected by FRR.
If both methods are configured, Method 2 takes precedence over Method 1.
To configure BGP FRR:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Configure the source address of echo packets. |
bfd echo-source-ip ip-address |
By default, no source address is specified for echo packets. Specify a source IP address that does not belong to any local network. For more information about this command, see High Availability Command Reference. |
|
3. Create a routing policy and enter routing policy view. |
route-policy route-policy-name permit node node-number |
By default, no routing policy is created. For more information about this command, see Layer 3—IP Routing Command Reference. |
|
4. Set the backup next hop for FRR. |
apply fast-reroute backup-nexthop ip-address |
By default, no backup next hop is set. For more information about this command, see Layer 3—IP Routing Command Reference. |
|
5. Return to system view. |
quit |
N/A |
|
6. Enter BGP view. |
bgp as-number |
N/A |
|
7. (Optional.) Use echo-mode BFD to detect the connectivity to the next hop of the primary route. |
primary-path-detect bfd echo |
By default, ARP is used to detect the connectivity to the next hop. |
|
8. Enter BGP IPv4 unicast address family view. |
address-family ipv4 [ unicast ] |
N/A |
|
9. Enable BGP FRR. |
pic |
By default, BGP FRR is disabled. Use the pic command with caution because it might cause routing loops in specific scenarios. |
|
10. Reference a routing policy to specify a backup next hop for the address family. |
fast-reroute route-policy route-policy-name |
By default, no routing policy is referenced. The apply fast-reroute backup-nexthop command can take effect in the referenced routing policy. Other apply commands do not take effect. |
Displaying and maintaining BGP
|
|
IMPORTANT: The following commands are available in Release 1138P01 and later versions: · display bgp group vpnv4. · display bgp peer vpnv4 log-info. · display bgp update-group vpnv4. · reset bgp vpnv4. |
Execute display commands in any view and reset commands in user view.
|
Task |
Command |
|
|
Display BGP NSR status information. |
display bgp non-stop-routing status |
|
|
Display BGP peer group information. |
display bgp group ipv4 [ unicast ] [ vpn-instance vpn-instance-name ] [ group-name group-name ] display bgp group vpnv4 [ vpn-instance vpn-instance-name ] [ group-name group-name ] |
|
|
Display BGP peer or peer group information (in standalone mode). |
display bgp peer ipv4 [ unicast ] [ vpn-instance vpn-instance-name ] [ ip-address mask-length | { ip-address | group-name group-name } log-info | [ [ ip-address ] verbose ] [ standby slot slot-number ] ] display bgp peer vpnv4 [ vpn-instance vpn-instance-name ] [ ip-address mask-length | { ip-address | group-name group-name } log-info | [ [ ip-address ] verbose ] [ standby slot slot-number ] ] |
|
|
Display BGP peer or peer group information (in IRF mode). |
display bgp peer ipv4 [ unicast ] [ vpn-instance vpn-instance-name ] [ ip-address mask-length | { ip-address | group-name group-name } log-info | [ [ ip-address ] verbose ] [ standby chassis chassis-number slot slot-number ] ] display bgp peer vpnv4 [ vpn-instance vpn-instance-name ] [ ip-address mask-length | { ip-address | group-name group-name } log-info | [ [ ip-address ] verbose ] [ standby chassis chassis-number slot slot-number ] ] |
|
|
Display BGP IPv4 unicast routing information (in standalone mode). |
display bgp routing-table ipv4 [ unicast ] [ vpn-instance vpn-instance-name ] [ network-address [ { mask | mask-length } [ longest-match ] ] ] [ standby slot slot-number ] |
|
|
Display BGP IPv4 unicast routing information (in IRF mode). |
display bgp routing-table ipv4 [ unicast ] [ vpn-instance vpn-instance-name ] [ network-address [ { mask | mask-length } [ longest-match ] ] ] [ standby chassis chassis-number slot slot-number ] |
|
|
Display BGP IPv4 unicast route advertisement information (in standalone mode). |
display bgp routing-table ipv4 [ unicast ] [ vpn-instance vpn-instance-name ] network-address [ mask | mask-length ] advertise-info [ standby slot slot-number ] |
|
|
Display BGP IPv4 unicast route advertisement information (in IRF mode). |
display bgp routing-table ipv4 [ unicast ] [ vpn-instance vpn-instance-name ] network-address [ mask | mask-length ] advertise-info [ standby chassis chassis-number slot slot-number ] |
|
|
Display BGP IPv4 unicast routing information sent to/received from the specified BGP peer (in standalone mode). |
display bgp routing-table ipv4 [ unicast ] [ vpn-instance vpn-instance-name ] peer ip-address { advertised-routes | received-routes } [ network-address [ mask | mask-length ] | statistic ] [ standby slot slot-number ] |
|
|
Display BGP IPv4 unicast routing information sent to/received from the specified BGP peer (in IRF mode). |
display bgp routing-table ipv4 [ unicast ] [ vpn-instance vpn-instance-name ] peer ip-address { advertised-routes | received-routes } [ network-address [ mask | mask-length ] | statistic ] [ standby chassis chassis-number slot slot-number ] |
|
|
Display BGP IPv4 unicast routing statistics (in standalone mode). |
display bgp routing-table ipv4 [ unicast ] [ vpn-instance vpn-instance-name ] statistic [ standby slot slot-number ] |
|
|
Display BGP IPv4 unicast routing statistics (in IRF mode). |
display bgp routing-table ipv4 [ unicast ] [ vpn-instance vpn-instance-name ] statistic [ standby chassis chassis-number slot slot-number ] |
|
|
Display BGP IPv4 unicast routing information matching the specified AS path list (in standalone mode). |
display bgp routing-table ipv4 [ unicast ] [ vpn-instance vpn-instance-name ] as-path-acl as-path-acl-number [ standby slot slot-number ] |
|
|
Display BGP IPv4 unicast routing information matching the specified AS path list (in IRF mode). |
display bgp routing-table ipv4 [ unicast ] [ vpn-instance vpn-instance-name ] as-path-acl as-path-acl-number [ standby chassis chassis-number slot slot-number ] |
|
|
Display BGP IPv4 unicast routing information matching the specified BGP community list (in standalone mode). |
display bgp routing-table ipv4 [ unicast ] [ vpn-instance vpn-instance-name ] community-list { { basic-community-list-number | comm-list-name } [ whole-match ] | adv-community-list-number } [ standby slot slot-number ] |
|
|
Display BGP IPv4 unicast routing information matching the specified BGP community list (in IRF mode). |
display bgp routing-table ipv4 [ unicast ] [ vpn-instance vpn-instance-name ] community-list { { basic-community-list-number | comm-list-name } [ whole-match ] | adv-community-list-number } [ standby chassis chassis-number slot slot-number ] |
|
|
Display dampened BGP IPv4 unicast routing information. |
display bgp routing-table dampened ipv4 [ unicast ] [ vpn-instance vpn-instance-name ] |
|
|
Display BGP dampening parameter information. |
display bgp dampening parameter ipv4 [ unicast ] [ vpn-instance vpn-instance-name ] |
|
|
Display BGP IPv4 unicast routing flap statistics. |
display bgp routing-table flap-info ipv4 [ unicast ] [ vpn-instance vpn-instance-name ] [ network-address [ { mask | mask-length } [ longest-match ] ] | as-path-acl as-path-acl-number ] |
|
|
Display information about routes advertised by the network command and shortcut routes configured by the network short-cut command. |
display bgp network ipv4 [ unicast ] [ vpn-instance vpn-instance-name ] |
|
|
Display BGP path attribute information. |
display bgp paths [ as-regular-expression ] |
|
|
Display BGP update group information. |
display bgp update-group ipv4 [ unicast ] [ vpn-instance vpn-instance-name ] [ ip-address ] display bgp update-group vpnv4 [ vpn-instance vpn-instance-name ] [ ip-address ] |
|
|
Reset all BGP sessions. |
reset bgp all |
|
|
Reset BGP sessions for the specified address family. |
reset bgp { as-number | ip-address | all | external | group group-name | internal } ipv4 [ unicast ] [ vpn-instance vpn-instance-name ] reset bgp { as-number | ip-address [ mask-length ] | all | external | group group-name | internal } vpnv4 [ vpn-instance vpn-instance-name ] |
|
|
Clear dampened BGP IPv4 unicast routing information and release suppressed routes. |
reset bgp dampening ipv4 [ unicast ] [ vpn-instance vpn-instance-name ] [ network-address [ mask | mask-length ] ] |
|
|
Clear BGP IPv4 unicast route flap information. |
reset bgp flap-info ipv4 [ unicast ] [ vpn-instance vpn-instance-name ] [ network-address [ mask | mask-length ] | as-path-acl as-path-acl-number | peer peer-address ] |
|
BGP configuration examples
Basic BGP configuration example
Network requirements
As shown in Figure 59, all switches run BGP. Run EBGP between Switch A and Switch B, and run IBGP between Switch B and Switch C to allow Switch C to access network 8.1.1.0/24 connected to Switch A.
Configuration considerations
To prevent route flapping caused by port state changes, this example uses loopback interfaces to establish IBGP connections. Because loopback interfaces are virtual interfaces, use the peer connect-interface command to specify the loopback interface as the source interface for establishing BGP connections. Enable OSPF in AS 65009 to make sure that Switch B can communicate with Switch C through loopback interfaces.
The EBGP peers, Switch A and Switch B (typically belong to different carriers), are located in different ASs. Typically, their loopback interfaces are not reachable to each other, so directly connected interfaces are used for establishing BGP sessions. To enable Switch C to access the network 8.1.1.0/24 connected directly to Switch A, inject network 8.1.1.0/24 to the BGP routing table of Switch A.
Configuration procedure
1. Configure IP addresses for interfaces. (Details not shown.)
2. Configure IBGP:
# Configure Switch B.
<SwitchB> system-view
[SwitchB] bgp 65009
[SwitchB-bgp] router-id 2.2.2.2
[SwitchB-bgp] peer 3.3.3.3 as-number 65009
[SwitchB-bgp] peer 3.3.3.3 connect-interface loopback 0
[SwitchB-bgp] address-family ipv4 unicast
[SwitchB-bgp-ipv4] peer 3.3.3.3 enable
[SwitchB-bgp-ipv4] quit
[SwitchB-bgp] quit
[SwitchB] ospf 1
[SwitchB-ospf-1] area 0
[SwitchB-ospf-1-area-0.0.0.0] network 2.2.2.2 0.0.0.0
[SwitchB-ospf-1-area-0.0.0.0] network 9.1.1.1 0.0.0.255
[SwitchB-ospf-1-area-0.0.0.0] quit
[SwitchB-ospf-1] quit
# Configure Switch C.
<SwitchC> system-view
[SwitchC] bgp 65009
[SwitchC-bgp] router-id 3.3.3.3
[SwitchC-bgp] peer 2.2.2.2 as-number 65009
[SwitchC-bgp] peer 2.2.2.2 connect-interface loopback 0
[SwitchC-bgp] address-family ipv4 unicast
[SwitchC-bgp-ipv4] peer 2.2.2.2 enable
[SwitchC-bgp-ipv4] quit
[SwitchC-bgp] quit
[SwitchC] ospf 1
[SwitchC-ospf-1] area 0
[SwitchC-ospf-1-area-0.0.0.0] network 3.3.3.3 0.0.0.0
[SwitchC-ospf-1-area-0.0.0.0] network 9.1.1.0 0.0.0.255
[SwitchC-ospf-1-area-0.0.0.0] quit
[SwitchC-ospf-1] quit
[SwitchC] display bgp peer ipv4
BGP local router ID : 3.3.3.3
Local AS number : 65009
Total number of peers : 1 Peers in established state : 1
Peer AS MsgRcvd MsgSent OutQ PrefRcv Up/Down State
2.2.2.2 65009 2 2 0 0 00:00:13 Established
The output shows that Switch C has established an IBGP peer relationship with Switch B.
3. Configure EBGP:
# Configure Switch A.
<SwitchA> system-view
[SwitchA] bgp 65008
[SwitchA-bgp] router-id 1.1.1.1
[SwitchA-bgp] peer 3.1.1.1 as-number 65009
[SwitchA-bgp] address-family ipv4 unicast
[SwitchA-bgp-ipv4] peer 3.1.1.1 enable
[SwitchA-bgp-ipv4] network 8.1.1.0 24
[SwitchA-bgp-ipv4] quit
[SwitchA-bgp] quit
# Configure Switch B.
[SwitchB] bgp 65009
[SwitchB-bgp] peer 3.1.1.2 as-number 65008
[SwitchB-bgp] address-family ipv4 unicast
[SwitchB-bgp-ipv4] peer 3.1.1.2 enable
[SwitchB-bgp-ipv4] quit
[SwitchB-bgp] quit
# Display BGP peer information on Switch B.
[SwitchB] display bgp peer ipv4
BGP local router ID : 2.2.2.2
Local AS number : 65009
Total number of peers : 2 Peers in established state : 2
Peer AS MsgRcvd MsgSent OutQ PrefRcv Up/Down State
3.3.3.3 65009 4 4 0 0 00:02:49 Established
3.1.1.2 65008 2 2 0 0 00:00:05 Established
The output shows that Switch B has established an IBGP peer relationship with Switch C and an EBGP peer relationship with Switch A.
# Display the BGP routing table on Switch A.
[SwitchA] display bgp routing-table ipv4
Total number of routes: 1
BGP local router ID is 1.1.1.1
Status codes: * - valid, > - best, d - damped, h - history,
s - suppressed, S - Stale, i - internal, e - external
Origin: i - IGP, e - EGP, ? - incomplete
Network NextHop MED LocPrf PrefVal Path/Ogn
* > 8.1.1.0/24 8.1.1.1 0 0 i
# Display the BGP routing table on Switch B.
[SwitchB] display bgp routing-table ipv4
Total number of routes: 1
BGP local router ID is 2.2.2.2
Status codes: * - valid, > - best, d - damped, h - history,
s - suppressed, S - Stale, i - internal, e - external
Origin: i - IGP, e - EGP, ? - incomplete
Network NextHop MED LocPrf PrefVal Path/Ogn
* >e 8.1.1.0/24 3.1.1.2 0 0 65008i
# Display the BGP routing table on Switch C.
[SwitchC] display bgp routing-table ipv4
Total number of routes: 1
BGP local router ID is 3.3.3.3
Status codes: * - valid, > - best, d - damped, h - history,
s - suppressed, S - Stale, i - internal, e - external
Origin: i - IGP, e - EGP, ? - incomplete
Network NextHop MED LocPrf PrefVal Path/Ogn
i 8.1.1.0/24 3.1.1.2 0 100 0 65008i
The outputs show that Switch A has learned no route to AS 65009, and Switch C has learned network 8.1.1.0, but the next hop 3.1.1.2 is unreachable. As a result, the route is invalid.
4. Redistribute direct routes:
Configure BGP to redistribute direct routes on Switch B, so that Switch A can obtain the route to 9.1.1.0/24, and Switch C can obtain the route to 3.1.1.0/24.
# Configure Switch B.
[SwitchB] bgp 65009
[SwitchB-bgp] address-family ipv4 unicast
[SwitchB-bgp-ipv4] import-route direct
[SwitchB-bgp-ipv4] quit
[SwitchB-bgp] quit
# Display the BGP routing table on Switch A.
[SwitchA] display bgp routing-table ipv4
Total number of routes: 4
BGP local router ID is 1.1.1.1
Status codes: * - valid, > - best, d - damped, h - history,
s - suppressed, S - Stale, i - internal, e - external
Origin: i - IGP, e - EGP, ? - incomplete
Network NextHop MED LocPrf PrefVal Path/Ogn
* >e 2.2.2.2/32 3.1.1.1 0 0 65009?
e 3.1.1.0/24 3.1.1.1 0 0 65009?
* > 8.1.1.0/24 8.1.1.1 0 0 i
* >e 9.1.1.0/24 3.1.1.1 0 0 65009?
Two routes, 2.2.2.2/32 and 9.1.1.0/24, have been added in Switch A's routing table.
# Display the BGP routing table on Switch C.
[SwitchC] display bgp routing-table ipv4
Total number of routes: 4
BGP local router ID is 3.3.3.3
Status codes: * - valid, > - best, d - damped, h - history,
s - suppressed, S - Stale, i - internal, e - external
Origin: i - IGP, e - EGP, ? - incomplete
Network NextHop MED LocPrf PrefVal Path/Ogn
i 2.2.2.2/32 2.2.2.2 0 100 0 ?
* >i 3.1.1.0/24 2.2.2.2 0 100 0 ?
* >i 8.1.1.0/24 3.1.1.2 0 100 0 65008i
* >i 9.1.1.0/24 2.2.2.2 0 100 0 ?
The output shows that the route 8.1.1.0 becomes valid with the next hop as Switch A.
Verifying the configuration
# Ping 8.1.1.1 on Switch C.
[SwitchC] ping 8.1.1.1
Ping 8.1.1.1 (8.1.1.1): 56 data bytes, press CTRL_C to break
56 bytes from 8.1.1.1: icmp_seq=0 ttl=254 time=10.000 ms
56 bytes from 8.1.1.1: icmp_seq=1 ttl=254 time=4.000 ms
56 bytes from 8.1.1.1: icmp_seq=2 ttl=254 time=4.000 ms
56 bytes from 8.1.1.1: icmp_seq=3 ttl=254 time=3.000 ms
56 bytes from 8.1.1.1: icmp_seq=4 ttl=254 time=3.000 ms
--- Ping statistics for 8.1.1.1 ---
5 packet(s) transmitted, 5 packet(s) received, 0.0% packet loss
round-trip min/avg/max/stddev = 3.000/4.800/10.000/2.638 ms
BGP and IGP route redistribution configuration example
Network requirements
As shown in Figure 60, all devices of company A belong to AS 65008, and all devices of company B belong to AS 65009.
Configure BGP and IGP route redistribution to allow Switch A to access network 9.1.2.0/24 in AS 65009, and Switch C can access network 8.1.1.0/24 in AS 65008.
Configuration considerations
Configure BGP to redistribute routes from OSPF on Switch B, so Switch A can obtain the route to 9.1.2.0/24. Configure OSPF to redistribute routes from BGP on Switch B, so Switch C can obtain the route to 8.1.1.0/24.
Configuration procedure
1. Configure IP addresses for interfaces. (Details not shown.)
2. Configure OSPF:
Enable OSPF in AS 65009, so Switch B can obtain the route to 9.1.2.0/24.
# Configure Switch B.
<SwitchB> system-view
[SwitchB] ospf 1
[SwitchB-ospf-1] area 0
[SwitchB-ospf-1-area-0.0.0.0] network 2.2.2.2 0.0.0.0
[SwitchB-ospf-1-area-0.0.0.0] network 9.1.1.0 0.0.0.255
[SwitchB-ospf-1-area-0.0.0.0] quit
[SwitchB-ospf-1] quit
# Configure Switch C.
<SwitchC> system-view
[SwitchC] ospf 1
[SwitchC-ospf-1] import-route direct
[SwitchC-ospf-1] area 0
[SwitchC-ospf-1-area-0.0.0.0] network 9.1.1.0 0.0.0.255
[SwitchC-ospf-1-area-0.0.0.0] quit
[SwitchC-ospf-1] quit
3. Configure the EBGP connection:
Configure the EBGP connection and inject network 8.1.1.0/24 to the BGP routing table of Switch A, so that Switch B can obtain the route to 8.1.1.0/24.
# Configure Switch A.
<SwitchA> system-view
[SwitchA] bgp 65008
[SwitchA-bgp] router-id 1.1.1.1
[SwitchA-bgp] peer 3.1.1.1 as-number 65009
[SwitchA-bgp] address-family ipv4 unicast
[SwitchA-bgp-ipv4] peer 3.1.1.1 enable
[SwitchA-bgp-ipv4] network 8.1.1.0 24
[SwitchA-bgp-ipv4] quit
[SwitchA-bgp] quit
# Configure Switch B.
[SwitchB] bgp 65009
[SwitchB-bgp] router-id 2.2.2.2
[SwitchB-bgp] peer 3.1.1.2 as-number 65008
[SwitchB-bgp] address-family ipv4 unicast
[SwitchB-bgp-ipv4] peer 3.1.1.2 enable
4. Configure BGP and IGP route redistribution:
# Configure route redistribution between BGP and OSPF on Switch B.
[SwitchB-bgp-ipv4] import-route ospf 1
[SwitchB-bgp-ipv4] quit
[SwitchB-bgp] quit
[SwitchB] ospf 1
[SwitchB-ospf-1] import-route bgp
[SwitchB-ospf-1] quit
# Display the BGP routing table on Switch A.
[SwitchA] display bgp routing-table ipv4
Total number of routes: 3
BGP local router ID is 1.1.1.1
Status codes: * - valid, > - best, d - damped, h - history,
s - suppressed, S - Stale, i - internal, e - external
Origin: i - IGP, e - EGP, ? - incomplete
Network NextHop MED LocPrf PrefVal Path/Ogn
* >e 3.3.3.3/32 3.1.1.1 1 0 65009?
* > 8.1.1.0/24 8.1.1.1 0 0 i
* >e 9.1.2.0/24 3.1.1.1 1 0 65009?
# Display the OSPF routing table on Switch C.
[SwitchC] display ospf routing
OSPF Process 1 with Router ID 3.3.3.3
Routing Tables
Routing for Network
Destination Cost Type NextHop AdvRouter Area
9.1.1.0/24 1 Transit 9.1.1.2 3.3.3.3 0.0.0.0
2.2.2.2/32 1 Stub 9.1.1.1 2.2.2.2 0.0.0.0
Routing for ASEs
Destination Cost Type Tag NextHop AdvRouter
8.1.1.0/24 1 Type2 1 9.1.1.1 2.2.2.2
Total Nets: 3
Intra Area: 2 Inter Area: 0 ASE: 1 NSSA: 0
Verifying the configuration
# Use ping for verification.
[SwitchA] ping -a 8.1.1.1 9.1.2.1
Ping 9.1.2.1 (9.1.2.1) from 8.1.1.1: 56 data bytes, press CTRL_C to break
56 bytes from 9.1.2.1: icmp_seq=0 ttl=254 time=10.000 ms
56 bytes from 9.1.2.1: icmp_seq=1 ttl=254 time=12.000 ms
56 bytes from 9.1.2.1: icmp_seq=2 ttl=254 time=2.000 ms
56 bytes from 9.1.2.1: icmp_seq=3 ttl=254 time=7.000 ms
56 bytes from 9.1.2.1: icmp_seq=4 ttl=254 time=9.000 ms
--- Ping statistics for 9.1.2.1 ---
5 packet(s) transmitted, 5 packet(s) received, 0.0% packet loss
round-trip min/avg/max/stddev = 2.000/8.000/12.000/3.406 ms
[SwitchC] ping -a 9.1.2.1 8.1.1.1
Ping 8.1.1.1 (8.1.1.1) from 9.1.2.1: 56 data bytes, press CTRL_C to break
56 bytes from 8.1.1.1: icmp_seq=0 ttl=254 time=9.000 ms
56 bytes from 8.1.1.1: icmp_seq=1 ttl=254 time=4.000 ms
56 bytes from 8.1.1.1: icmp_seq=2 ttl=254 time=3.000 ms
56 bytes from 8.1.1.1: icmp_seq=3 ttl=254 time=3.000 ms
56 bytes from 8.1.1.1: icmp_seq=4 ttl=254 time=3.000 ms
--- Ping statistics for 8.1.1.1 ---
5 packet(s) transmitted, 5 packet(s) received, 0.0% packet loss
round-trip min/avg/max/stddev = 3.000/4.400/9.000/2.332 ms
BGP route summarization configuration example
Network requirements
As shown in Figure 61, run EBGP between Switch C and Switch D, so the internal network and external network can communicate with each other.
In AS 65106, configure static routing between Switch A and Switch B, configure OSPF between Switch B and Switch C, and configure OSPF to redistribute static routes, so the devices in the internal network can communicate with each other.
Configure route summarization on Switch C so BGP advertises a summary route instead of the specific networks 192.168.64.0/24, 192.168.74.0/24, and 192.168.99.0/24 to Switch D.
Configuration procedure
1. Configure IP addresses for interfaces. (Details not shown.)
2. Configure static routing between Switch A and Switch B:
# Configure a default route with the next hop 192.168.212.1 on Switch A.
<SwitchA> system-view
[SwitchA] ip route-static 0.0.0.0 0 192.168.212.1
# Configure static routes to 192.168.64.0/24, 192.168.74.0/24, and 192.168.99.0/24 with the same next hop 192.168.212.161 on Switch B.
<SwitchB> system-view
[SwitchB] ip route-static 192.168.64.0 24 192.168.212.161
[SwitchB] ip route-static 192.168.74.0 24 192.168.212.161
[SwitchB] ip route-static 192.168.99.0 24 192.168.212.161
3. Configure OSPF between Switch B and Switch C and configure OSPF on Switch B to redistribute static routes:
# Configure OSPF to advertise the local network and enable OSPF to redistribute static routes on Switch B.
[SwitchB] ospf
[SwitchB-ospf-1] area 0
[SwitchB-ospf-1-area-0.0.0.0] network 172.17.100.0 0.0.0.255
[SwitchB-ospf-1-area-0.0.0.0] quit
[SwitchB-ospf-1] import-route static
[SwitchB-ospf-1] quit
# Configure OSPF to advertise the local networks on Switch C.
[SwitchC] ospf
[SwitchC-ospf-1] area 0
[SwitchC-ospf-1-area-0.0.0.0] network 172.17.100.0 0.0.0.255
[SwitchC-ospf-1-area-0.0.0.0] network 10.220.2.0 0.0.0.255
[SwitchC-ospf-1-area-0.0.0.0] quit
[SwitchC-ospf-1] quit
# Display the IP routing table on Switch C.
[SwitchC] display ip routing-table protocol ospf
Summary Count : 5
OSPF Routing table Status : <Active>
Summary Count : 3
Destination/Mask Proto Pre Cost NextHop Interface
192.168.64.0/24 OSPF 150 1 172.17.100.1 Vlan100
192.168.74.0/24 OSPF 150 1 172.17.100.1 Vlan100
192.168.99.0/24 OSPF 150 1 172.17.100.1 Vlan100
OSPF Routing table Status : <Inactive>
Summary Count : 2
Destination/Mask Proto Pre Cost NextHop Interface
10.220.2.0/24 OSPF 10 1 10.220.2.16 Vlan200
172.17.100.0/24 OSPF 10 1 172.17.100.2 Vlan100
The output shows that Switch C has learned routes to 192.168.64.0/24, 192.168.99.0/24, and 192.168.64.0/18 through OSPF.
4. Configure BGP between Switch C and Switch D and configure BGP on Switch C to redistribute OSPF routes:
# On Switch C, enable BGP, specify Switch D as an EBGP peer, and configure BGP to redistribute OSPF routes.
[SwitchC] bgp 65106
[SwitchC-bgp] router-id 3.3.3.3
[SwitchC-bgp] peer 10.220.2.217 as-number 64631
[SwitchC-bgp] address-family ipv4 unicast
[SwitchC-bgp-ipv4] peer 10.220.2.217 enable
[SwitchC-bgp-ipv4] import-route ospf
# Enable BGP, and configure Switch C as an EBGP peer on Switch D.
[SwitchD] bgp 64631
[SwitchD-bgp] router-id 4.4.4.4
[SwitchD-bgp] peer 10.220.2.16 as-number 65106
[SwitchD-bgp] address-family ipv4 unicast
[SwitchD-bgp-ipv4] peer 10.220.2.16 enable
[SwitchD-bgp-ipv4] quit
[SwitchD-bgp] quit
# Display the IP routing table on Switch D.
[SwitchD] display ip routing-table protocol bgp
Summary Count : 3
BGP Routing table Status : <Active>
Summary Count : 3
Destination/Mask Proto Pre Cost NextHop Interface
192.168.64.0/24 BGP 255 1 10.220.2.16 Vlan200
192.168.74.0/24 BGP 255 1 10.220.2.16 Vlan200
192.168.99.0/24 BGP 255 1 10.220.2.16 Vlan200
BGP Routing table Status : <Inactive>
Summary Count : 0
The output shows that Switch D has learned routes to 192.168.64.0/24, 192.168.74.0/24, and 192.168.99.0/24 through BGP.
After the above configurations, ping hosts on networks 192.168.74.0/24, 192.168.99.0/24, and 192.168.64.0/18 from Switch D. The ping operations succeed.
5. Configure route summarization on Switch C to summarize 192.168.64.0/24, 192.168.74.0/24, and 192.168.99.0/24 into a single route 192.168.64.0/18 on Switch C, and disable advertisement of specific routes.
[SwitchC-bgp-ipv4] aggregate 192.168.64.0 18 detail-suppressed
[SwitchC-bgp-ipv4] quit
[SwitchC-bgp] quit
Verifying the configuration
# Display IP routing table on Switch C.
[SwitchC] display ip routing-table | include 192.168
192.168.64.0/18 BGP 130 0 127.0.0.1 NULL0
192.168.64.0/24 OSPF 150 1 172.17.100.1 Vlan100
192.168.74.0/24 OSPF 150 1 172.17.100.1 Vlan100
192.168.99.0/24 OSPF 150 1 172.17.100.1 Vlan100
The output shows that Switch C has a summary route 192.168.64.0/18 with the output interface Null0.
# Display IP routing table on Switch D.
[SwitchD] display ip routing-table protocol bgp
Summary Count : 1
BGP Routing table Status : <Active>
Summary Count : 1
Destination/Mask Proto Pre Cost NextHop Interface
192.168.64.0/18 BGP 255 0 10.220.2.16 Vlan200
BGP Routing table Status : <Inactive>
Summary Count : 0
The output shows that Switch D has only one route 192.168.64.0/18 to AS 65106.
After the above configurations, ping the hosts on networks 192.168.64.0/24, 192.168.74.0/24 and 192.168.99.0/24 from Switch D. The ping operations succeed.
BGP load balancing configuration example
Network requirements
As shown in Figure 62, run EBGP between Switch A and Switch B, and between Switch A and Switch C. Run IBGP between Switch B and Switch C. Configure load balancing over the two EBGP links on Switch A.
Configuration considerations
On Switch A, establish EBGP connections with Switch B and Switch C. Configure BGP to advertise network 8.1.1.0/24 to Switch B and Switch C, so that Switch B and Switch C can access the internal network connected to Switch A.
On Switch B, establish an EBGP connection with Switch A and an IBGP connection with Switch C. Configure BGP to advertise network 9.1.1.0/24 to Switch A, so that Switch A can access the intranet through Switch B. Configure a static route to interface loopback 0 on Switch C (or use a routing protocol like OSPF) to establish the IBGP connection.
On Switch C, establish an EBGP connection with Switch A and an IBGP connection with Switch B. Configure BGP to advertise network 9.1.1.0/24 to Switch A, so that Switch A can access the intranet through Switch C. Configure a static route to interface loopback 0 on Switch B (or use another protocol like OSPF) to establish the IBGP connection.
Configure load balancing on Switch A.
Configuration procedure
1. Configure IP addresses for interfaces. (Details not shown.)
2. Configure BGP connections:
# Configure Switch A.
<SwitchA> system-view
[SwitchA] bgp 65008
[SwitchA-bgp] router-id 1.1.1.1
[SwitchA-bgp] peer 3.1.1.1 as-number 65009
[SwitchA-bgp] peer 3.1.2.1 as-number 65009
[SwitchA-bgp] address-family ipv4 unicast
[SwitchA-bgp-ipv4] peer 3.1.1.1 enable
[SwitchA-bgp-ipv4] peer 3.1.2.1 enable
[SwitchA-bgp-ipv4] network 8.1.1.1 24
[SwitchA-bgp-ipv4] quit
[SwitchA-bgp] quit
# Configure Switch B.
<SwitchB> system-view
[SwitchB] bgp 65009
[SwitchB-bgp] router-id 2.2.2.2
[SwitchB-bgp] peer 3.1.1.2 as-number 65008
[SwitchB-bgp] peer 3.3.3.3 as-number 65009
[SwitchB-bgp] peer 3.3.3.3 connect-interface loopback 0
[SwitchB-bgp] address-family ipv4 unicast
[SwitchB-bgp-ipv4] peer 3.1.1.2 enable
[SwitchB-bgp-ipv4] peer 3.3.3.3 enable
[SwitchB-bgp-ipv4] network 9.1.1.0 24
[SwitchB-bgp-ipv4] quit
[SwitchB-bgp] quit
[SwitchB] ip route-static 3.3.3.3 32 9.1.1.2
# Configure Switch C.
<SwitchC> system-view
[SwitchC] bgp 65009
[SwitchC-bgp] router-id 3.3.3.3
[SwitchC-bgp] peer 3.1.2.2 as-number 65008
[SwitchC-bgp] peer 2.2.2.2 as-number 65009
[SwitchC-bgp] peer 2.2.2.2 connect-interface loopback 0
[SwitchC-bgp] address-family ipv4 unicast
[SwitchC-bgp-ipv4] peer 3.1.2.2 enable
[SwitchC-bgp-ipv4] peer 2.2.2.2 enable
[SwitchC-bgp-ipv4] network 9.1.1.0 24
[SwitchC-bgp-ipv4] quit
[SwitchC-bgp] quit
[SwitchC] ip route-static 2.2.2.2 32 9.1.1.1
# Display the BGP routing table on Switch A.
[SwitchA] display bgp routing-table ipv4
Total number of routes: 3
BGP local router ID is 1.1.1.1
Status codes: * - valid, > - best, d - damped, h - history,
s - suppressed, S - Stale, i - internal, e - external
Origin: i - IGP, e - EGP, ? - incomplete
Network NextHop MED LocPrf PrefVal Path/Ogn
* > 8.1.1.0/24 8.1.1.1 0 0 i
* >e 9.1.1.0/24 3.1.1.1 0 0 65009i
* e 3.1.2.1 0 0 65009i
? The output shows two valid routes to destination 9.1.1.0/24. The route with next hop 3.1.1.1 is marked with a greater-than sign (>), indicating it is the optimal route (because the ID of Switch B is smaller). The route with next hop 3.1.2.1 is marked with an asterisk (*), indicating it is a valid route, but not the best.
? By using the display ip routing-table command, you can find only one route to 9.1.1.0/24 with next hop 3.1.1.1 and outbound interface VLAN-interface 200.
3. Configure loading balancing:
Because Switch A has two routes to reach AS 65009, configuring load balancing over the two BGP routes on Switch A can improve link usage.
# Configure Switch A.
[SwitchA] bgp 65008
[SwitchA-bgp] address-family ipv4 unicast
[SwitchA-bgp-ipv4] balance 2
[SwitchA-bgp-ipv4] quit
[SwitchA-bgp] quit
Verifying the configuration
# Display the BGP routing table on Switch A.
[SwitchA] display bgp routing-table ipv4
Total number of routes: 3
BGP local router ID is 1.1.1.1
Status codes: * - valid, > - best, d - damped, h - history,
s - suppressed, S - Stale, i - internal, e - external
Origin: i - IGP, e - EGP, ? - incomplete
Network NextHop MED LocPrf PrefVal Path/Ogn
* > 8.1.1.0/24 8.1.1.1 0 0 i
* >e 9.1.1.0/24 3.1.1.1 0 0 65009i
* >e 3.1.2.1 0 0 65009i
· The route 9.1.1.0/24 has two next hops, 3.1.1.1 and 3.1.2.1, both of which are marked with a greater-than sign (>), indicating they are the optimal routes.
· By using the display ip routing-table command, you can find two routes to 9.1.1.0/24. One has next hop 3.1.1.1 and outbound interface VLAN-interface 200, and the other has next hop 3.1.2.1 and outbound interface VLAN-interface 300.
BGP community configuration example
Network requirements
As shown in Figure 63, Switch B establishes EBGP connections with Switch A and Switch C. Configure NO_EXPORT community attribute on Switch A to make routes from AS 10 not advertised by AS 20 to any other AS.
Configuration procedure
1. Configure IP addresses for interfaces. (Details not shown.)
2. Configure EBGP:
# Configure Switch A.
<SwitchA> system-view
[SwitchA] bgp 10
[SwitchA-bgp] router-id 1.1.1.1
[SwitchA-bgp] peer 200.1.2.2 as-number 20
[SwitchA-bgp] address-family ipv4 unicast
[SwitchA-bgp-ipv4] peer 200.1.2.2 enable
[SwitchA-bgp-ipv4] network 9.1.1.0 255.255.255.0
[SwitchA-bgp] quit
# Configure Switch B.
<SwitchB> system-view
[SwitchB] bgp 20
[SwitchB-bgp] router-id 2.2.2.2
[SwitchB-bgp] peer 200.1.2.1 as-number 10
[SwitchB-bgp] peer 200.1.3.2 as-number 30
[SwitchB-bgp] address-family ipv4 unicast
[SwitchB-bgp-ipv4] peer 200.1.2.1 enable
[SwitchB-bgp-ipv4] peer 200.1.3.2 enable
[SwitchB-bgp-ipv4] quit
[SwitchB-bgp] quit
# Configure Switch C.
<SwitchC> system-view
[SwitchC] bgp 30
[SwitchC-bgp] router-id 3.3.3.3
[SwitchC-bgp] peer 200.1.3.1 as-number 20
[SwitchC-bgp] address-family ipv4 unicast
[SwitchC-bgp-ipv4] peer 200.1.3.1 enable
[SwitchC-bgp-ipv4] quit
[SwitchC-bgp] quit
# Display the BGP routing table on Switch B.
[SwitchB] display bgp routing-table ipv4 9.1.1.0
BGP local router ID: 2.2.2.2
Local AS number: 20
Paths: 1 available, 1 best
BGP routing table information of 9.1.1.0/24:
From : 200.1.2.1 (1.1.1.1)
Relay nexthop : 200.1.2.1
Original nexthop: 200.1.2.1
OutLabel : NULL
AS-path : 10
Origin : igp
Attribute value : pref-val 0
State : valid, external, best,
# Display advertisement information of network 9.1.1.0 on Switch B.
[SwitchB] display bgp routing-table ipv4 9.1.1.0 advertise-info
BGP local router ID: 2.2.2.2
Local AS number: 20
Paths: 1 best
BGP routing table information of 9.1.1.0/24:
Advertised to peers (1 in total):
200.1.3.2
The output shows that Switch B can advertise the route with the destination 9.1.1.0/24 to other ASs through BGP.
# Display the BGP routing table on Switch C.
[SwitchC] display bgp routing-table ipv4
Total number of routes: 1
BGP local router ID is 3.3.3.3
Status codes: * - valid, > - best, d - dampened, h - history,
s - suppressed, S - stale, i - internal, e - external
Origin: i - IGP, e - EGP, ? - incomplete
Network NextHop MED LocPrf PrefVal Path/Ogn
* >e 9.1.1.0/24 200.1.3.1 0 20 10i
The output shows that Switch C has learned route 9.1.1.0/24 from Switch B.
3. Configure BGP community:
# Configure a routing policy.
[SwitchA] route-policy comm_policy permit node 0
[SwitchA-route-policy-comm_policy-0] apply community no-export
[SwitchA-route-policy-comm_policy-0] quit
# Apply the routing policy.
[SwitchA] bgp 10
[SwitchA-bgp] address-family ipv4 unicast
[SwitchA-bgp-ipv4] peer 200.1.2.2 route-policy comm_policy export
[SwitchA-bgp-ipv4] peer 200.1.2.2 advertise-community
Verifying the configuration
# Display the routing table on Switch B.
[SwitchB] display bgp routing-table ipv4 9.1.1.0
BGP local router ID: 2.2.2.2
Local AS number: 20
Paths: 1 available, 1 best
BGP routing table information of 9.1.1.0/24:
From : 200.1.2.1 (1.1.1.1)
Relay nexthop : 200.1.2.1
Original nexthop: 200.1.2.1
OutLabel : NULL
Community : No-Export
AS-path : 10
Origin : igp
Attribute value : pref-val 0
State : valid, external, best,
# Display advertisement information for the route 9.1.1.0 on Switch B.
[SwitchB] display bgp routing-table ipv4 9.1.1.0 advertise-info
BGP local router ID: 2.2.2.2
Local AS number: 20
Paths: 1 best
BGP routing table information of 9.1.1.0/24:
Not advertised to any peers yet
# Display the BGP routing table on Switch C.
[SwitchC] display bgp routing-table ipv4
Total number of routes: 0
You can see the NO_EXPORT community attribute in the output. In this case, Switch B does not advertise the route 9.1.1.0/24 through BGP.
BGP route reflector configuration example
Network requirements
As shown in Figure 64, all switches run BGP. Run EBGP between Switch A and Switch B, and run IBGP between Switch C and Switch B, and between Switch C and Switch D.
Configure Switch C as a route reflector with clients Switch B and Switch D to allow Switch D to learn route 20.0.0.0/8 from Switch C.
Configuration procedure
1. Configure IP addresses for interfaces. (Details not shown.)
2. Configure BGP connections:
# Configure Switch A.
<SwitchA> system-view
[SwitchA] bgp 100
[SwitchA-bgp] router-id 1.1.1.1
[SwitchA-bgp] peer 192.1.1.2 as-number 200
[SwitchA-bgp] address-family ipv4 unicast
[SwitchA-bgp-ipv4] peer 192.1.1.2 enable
# Inject network 20.0.0.0/8 to the BGP routing table.
[SwitchA-bgp-ipv4] network 20.0.0.0
[SwitchA-bgp-ipv4] quit
[SwitchA-bgp] quit
# Configure Switch B.
<SwitchB> system-view
[SwitchB] bgp 200
[SwitchB-bgp] router-id 2.2.2.2
[SwitchB-bgp] peer 192.1.1.1 as-number 100
[SwitchB-bgp] peer 193.1.1.1 as-number 200
[SwitchB-bgp] address-family ipv4 unicast
[SwitchB-bgp-ipv4] peer 192.1.1.1 enable
[SwitchB-bgp-ipv4] peer 193.1.1.1 enable
[SwitchB-bgp-ipv4] peer 193.1.1.1 next-hop-local
[SwitchB-bgp-ipv4] quit
[SwitchB-bgp] quit
# Configure Switch C.
<SwitchC> system-view
[SwitchC] bgp 200
[SwitchC-bgp] router-id 3.3.3.3
[SwitchC-bgp] peer 193.1.1.2 as-number 200
[SwitchC-bgp] peer 194.1.1.2 as-number 200
[SwitchC-bgp] address-family ipv4 unicast
[SwitchC-bgp-ipv4] peer 193.1.1.2 enable
[SwitchC-bgp-ipv4] peer 194.1.1.2 enable
[SwitchC-bgp-ipv4] quit
[SwitchC-bgp] quit
# Configure Switch D.
<SwitchD> system-view
[SwitchD] bgp 200
[SwitchD-bgp] router-id 4.4.4.4
[SwitchD-bgp] peer 194.1.1.1 as-number 200
[SwitchD-bgp] address-family ipv4 unicast
[SwitchD-bgp-ipv4] peer 194.1.1.1 enable
[SwitchD-bgp-ipv4] quit
[SwitchD-bgp] quit
3. Configure Switch C as the route reflector.
[SwitchC] bgp 200
[SwitchC-bgp] address-family ipv4 unicast
[SwitchC-bgp-ipv4] peer 193.1.1.2 reflect-client
[SwitchC-bgp-ipv4] peer 194.1.1.2 reflect-client
[SwitchC-bgp-ipv4] quit
[SwitchC-bgp] quit
Verifying the configuration
# Display the BGP routing table on Switch B.
[SwitchB] display bgp routing-table ipv4
Total number of routes: 1
BGP local router ID is 2.2.2.2
Status codes: * - valid, > - best, d - damped, h - history,
s - suppressed, S - Stale, i - internal, e - external
Origin: i - IGP, e - EGP, ? - incomplete
Network NextHop MED LocPrf PrefVal Path/Ogn
* >e 20.0.0.0 192.1.1.1 0 0 100i
# Display the BGP routing table on Switch D.
[SwitchD] display bgp routing-table ipv4
Total number of routes: 1
BGP local router ID is 4.4.4.4
Status codes: * - valid, > - best, d - damped, h - history,
s - suppressed, S - Stale, i - internal, e - external
Origin: i - IGP, e - EGP, ? - incomplete
Network NextHop MED LocPrf PrefVal Path/Ogn
i 20.0.0.0 193.1.1.2 0 100 0 100i
Switch D has learned route 20.0.0.0/8 from Switch C.
BGP confederation configuration example
Network requirements
As shown in Figure 65, split AS 200 into three sub-ASs (AS65001, AS65002, and AS65003) to reduce IBGP connections. Switches in AS65001 are fully meshed.
Table 12 Interface and IP address assignment
|
Device |
Interface |
IP address |
Device |
Interface |
IP address |
|
Switch A |
Vlan-int100 |
200.1.1.1/24 |
Switch D |
Vlan-int200 |
10.1.5.1/24 |
|
|
Vlan-int200 |
10.1.1.1/24 |
|
Vlan-int400 |
10.1.3.2/24 |
|
|
Vlan-int300 |
10.1.2.1/24 |
Switch E |
Vlan-int200 |
10.1.5.2/24 |
|
|
Vlan-int400 |
10.1.3.1/24 |
|
Vlan-int500 |
10.1.4.2/24 |
|
|
Vlan-int500 |
10.1.4.1/24 |
Switch F |
Vlan-int100 |
200.1.1.2/24 |
|
Switch B |
Vlan-int200 |
10.1.1.2/24 |
|
Vlan-int600 |
9.1.1.1/24 |
|
Switch C |
Vlan-int300 |
10.1.2.2/24 |
|
|
|
Configuration procedure
1. Configure IP addresses for interfaces. (Details not shown.)
2. Configure BGP confederation:
# Configure Switch A.
<SwitchA> system-view
[SwitchA] bgp 65001
[SwitchA-bgp] router-id 1.1.1.1
[SwitchA-bgp] confederation id 200
[SwitchA-bgp] confederation peer-as 65002 65003
[SwitchA-bgp] peer 10.1.1.2 as-number 65002
[SwitchA-bgp] peer 10.1.2.2 as-number 65003
[SwitchA-bgp] address-family ipv4 unicast
[SwitchA-bgp-ipv4] peer 10.1.1.2 enable
[SwitchA-bgp-ipv4] peer 10.1.2.2 enable
[SwitchA-bgp-ipv4] peer 10.1.1.2 next-hop-local
[SwitchA-bgp-ipv4] peer 10.1.2.2 next-hop-local
[SwitchA-bgp-ipv4] quit
[SwitchA-bgp] quit
# Configure Switch B.
<SwitchB> system-view
[SwitchB] bgp 65002
[SwitchB-bgp] router-id 2.2.2.2
[SwitchB-bgp] confederation id 200
[SwitchB-bgp] confederation peer-as 65001 65003
[SwitchB-bgp] peer 10.1.1.1 as-number 65001
[SwitchB-bgp] address-family ipv4 unicast
[SwitchB-bgp-ipv4] peer 10.1.1.1 enable
[SwitchB-bgp-ipv4] quit
[SwitchB-bgp] quit
# Configure Switch C.
<SwitchC> system-view
[SwitchC] bgp 65003
[SwitchC-bgp] router-id 3.3.3.3
[SwitchC-bgp] confederation id 200
[SwitchC-bgp] confederation peer-as 65001 65002
[SwitchC-bgp] peer 10.1.2.1 as-number 65001
[SwitchC-bgp] address-family ipv4 unicast
[SwitchC-bgp-ipv4] peer 10.1.2.1 enable
[SwitchC-bgp-ipv4] quit
[SwitchC-bgp] quit
3. Configure IBGP connections in AS 65001:
# Configure Switch A.
[SwitchA] bgp 65001
[SwitchA-bgp] peer 10.1.3.2 as-number 65001
[SwitchA-bgp] peer 10.1.4.2 as-number 65001
[SwitchA-bgp] address-family ipv4 unicast
[SwitchA-bgp-ipv4] peer 10.1.3.2 enable
[SwitchA-bgp-ipv4] peer 10.1.4.2 enable
[SwitchA-bgp-ipv4] peer 10.1.3.2 next-hop-local
[SwitchA-bgp-ipv4] peer 10.1.4.2 next-hop-local
[SwitchA-bgp-ipv4] quit
[SwitchA-bgp] quit
# Configure Switch D.
<SwitchD> system-view
[SwitchD] bgp 65001
[SwitchD-bgp] router-id 4.4.4.4
[SwitchD-bgp] confederation id 200
[SwitchD-bgp] peer 10.1.3.1 as-number 65001
[SwitchD-bgp] peer 10.1.5.2 as-number 65001
[SwitchD-bgp] address-family ipv4 unicast
[SwitchD-bgp-ipv4] peer 10.1.3.1 enable
[SwitchD-bgp-ipv4] peer 10.1.5.2 enable
[SwitchD-bgp-ipv4] quit
[SwitchD-bgp] quit
# Configure Switch E.
<SwitchE> system-view
[SwitchE] bgp 65001
[SwitchE-bgp] router-id 5.5.5.5
[SwitchE-bgp] confederation id 200
[SwitchE-bgp] peer 10.1.4.1 as-number 65001
[SwitchE-bgp] peer 10.1.5.1 as-number 65001
[SwitchE-bgp] address-family ipv4 unicast
[SwitchE-bgp-ipv4] peer 10.1.4.1 enable
[SwitchE-bgp-ipv4] peer 10.1.5.1 enable
[SwitchE-bgp-ipv4] quit
[SwitchE-bgp] quit
4. Configure the EBGP connection between AS 100 and AS 200:
# Configure Switch A.
[SwitchA] bgp 65001
[SwitchA-bgp] peer 200.1.1.2 as-number 100
[SwitchA-bgp] address-family ipv4 unicast
[SwitchA-bgp-ipv4] peer 200.1.1.2 enable
[SwitchA-bgp-ipv4] quit
[SwitchA-bgp] quit
# Configure Switch F.
<SwitchF> system-view
[SwitchF] bgp 100
[SwitchF-bgp] router-id 6.6.6.6
[SwitchF-bgp] peer 200.1.1.1 as-number 200
[SwitchF-bgp] address-family ipv4 unicast
[SwitchF-bgp-ipv4] peer 200.1.1.1 enable
[SwitchF-bgp-ipv4] network 9.1.1.0 255.255.255.0
[SwitchF-bgp-ipv4] quit
[SwitchF-bgp] quit
Verifying the configuration
# Display the routing table on Switch B, which is similar to that on Switch C.
[SwitchB] display bgp routing-table ipv4
Total number of routes: 1
BGP local router ID is 2.2.2.2
Status codes: * - valid, > - best, d - damped, h - history,
s - suppressed, S - Stale, i - internal, e - external
Origin: i - IGP, e - EGP, ? - incomplete
Network NextHop MED LocPrf PrefVal Path/Ogn
* >i 9.1.1.0/24 10.1.1.1 0 100 0 (65001)
100i
[SwitchB] display bgp routing-table ipv4 9.1.1.0
BGP local router ID: 2.2.2.2
Local AS number: 65002
Paths: 1 available, 1 best
BGP routing table information of 9.1.1.0/24:
From : 10.1.1.1 (1.1.1.1)
Relay nexthop : 10.1.1.1
Original nexthop: 10.1.1.1
OutLabel : NULL
AS-path : (65001) 100
Origin : igp
Attribute value : MED 0, localpref 100, pref-val 0, pre 255
State : valid, external-confed, best,
# Display the BGP routing table on Switch D.
[SwitchD] display bgp routing-table ipv4
Total number of routes: 1
BGP local router ID is 4.4.4.4
Status codes: * - valid, > - best, d - damped, h - history,
s - suppressed, S - Stale, i - internal, e - external
Origin: i - IGP, e - EGP, ? - incomplete
Network NextHop MED LocPrf PrefVal Path/Ogn
* >i 9.1.1.0/24 10.1.3.1 0 100 0 100i
[SwitchD] display bgp routing-table ipv4 9.1.1.0
BGP local router ID: 4.4.4.4
Local AS number: 65001
Paths: 1 available, 1 best
BGP routing table information of 9.1.1.0/24:
From : 10.1.3.1 (1.1.1.1)
Relay nexthop : 10.1.3.1
Original nexthop: 10.1.3.1
OutLabel : NULL
AS-path : 100
Origin : igp
Attribute value : MED 0, localpref 100, pref-val 0, pre 255
State : valid, internal-confed, best,
The output indicates the following:
· Switch F can send route information to Switch B and Switch C through the confederation by establishing only an EBGP connection with Switch A.
· Switch B and Switch D are in the same confederation, but belong to different sub-ASs. They obtain external route information from Switch A and generate identical BGP route entries although they have no direct connection in between.
BGP path selection configuration example
Network requirements
As shown in Figure 66, all switches run BGP. EBGP runs between Switch A and Switch B, and between Switch A and Switch C. IBGP runs between Switch B and Switch D, and between Switch D and Switch C. OSPF is the IGP protocol in AS 200.
Configure routing policies, making Switch D use the route 1.0.0.0/8 from Switch C as the optimal.
Table 13 Interface and IP address assignment
|
Device |
Interface |
IP address |
Device |
Interface |
IP address |
|
Switch A |
Vlan-int101 |
1.0.0.1/8 |
Switch D |
Vlan-int400 |
195.1.1.1/24 |
|
|
Vlan-int100 |
192.1.1.1/24 |
|
Vlan-int300 |
194.1.1.1/24 |
|
|
Vlan-int200 |
193.1.1.1/24 |
Switch C |
Vlan-int400 |
195.1.1.2/24 |
|
Switch B |
Vlan-int100 |
192.1.1.2/24 |
|
Vlan-int200 |
193.1.1.2/24 |
|
|
Vlan-int300 |
194.1.1.2/24 |
|
|
|
Configuration procedure
1. Configure IP addresses for interfaces. (Details not shown.)
2. Configure OSPF on Switch B, Switch C, and Switch D:
# Configure Switch B.
<SwitchB> system-view
[SwitchB] ospf
[SwitchB-ospf] area 0
[SwitchB-ospf-1-area-0.0.0.0] network 192.1.1.0 0.0.0.255
[SwitchB-ospf-1-area-0.0.0.0] network 194.1.1.0 0.0.0.255
[SwitchB-ospf-1-area-0.0.0.0] quit
[SwitchB-ospf-1] quit
# Configure Switch C.
<SwitchC> system-view
[SwitchC] ospf
[SwitchC-ospf] area 0
[SwitchC-ospf-1-area-0.0.0.0] network 193.1.1.0 0.0.0.255
[SwitchC-ospf-1-area-0.0.0.0] network 195.1.1.0 0.0.0.255
[SwitchC-ospf-1-area-0.0.0.0] quit
[SwitchC-ospf-1] quit
# Configure Switch D.
<SwitchD> system-view
[SwitchD] ospf
[SwitchD-ospf] area 0
[SwitchD-ospf-1-area-0.0.0.0] network 194.1.1.0 0.0.0.255
[SwitchD-ospf-1-area-0.0.0.0] network 195.1.1.0 0.0.0.255
[SwitchD-ospf-1-area-0.0.0.0] quit
[SwitchD-ospf-1] quit
3. Configure BGP connections:
# Configure Switch A.
<SwitchA> system-view
[SwitchA] bgp 100
[SwitchA-bgp] peer 192.1.1.2 as-number 200
[SwitchA-bgp] peer 193.1.1.2 as-number 200
[SwitchA-bgp] address-family ipv4 unicast
[SwitchA-bgp-ipv4] peer 192.1.1.2 enable
[SwitchA-bgp-ipv4] peer 193.1.1.2 enable
# Inject network 1.0.0.0/8 to the BGP routing table on Switch A.
[SwitchA-bgp-ipv4] network 1.0.0.0 8
[SwitchA-bgp-ipv4] quit
[SwitchA-bgp] quit
# Configure Switch B.
[SwitchB] bgp 200
[SwitchB-bgp] peer 192.1.1.1 as-number 100
[SwitchB-bgp] peer 194.1.1.1 as-number 200
[SwitchB-bgp] address-family ipv4 unicast
[SwitchB-bgp-ipv4] peer 192.1.1.1 enable
[SwitchB-bgp-ipv4] peer 194.1.1.1 enable
[SwitchB-bgp-ipv4] quit
[SwitchB-bgp] quit
# Configure Switch C.
[SwitchC] bgp 200
[SwitchC-bgp] peer 193.1.1.1 as-number 100
[SwitchC-bgp] peer 195.1.1.1 as-number 200
[SwitchC-bgp] address-family ipv4 unicast
[SwitchC-bgp-ipv4] peer 193.1.1.1 enable
[SwitchC-bgp-ipv4] peer 195.1.1.1 enable
[SwitchC-bgp-ipv4] quit
[SwitchC-bgp] quit
# Configure Switch D.
[SwitchD] bgp 200
[SwitchD-bgp] peer 194.1.1.2 as-number 200
[SwitchD-bgp] peer 195.1.1.2 as-number 200
[SwitchD-bgp] address-family ipv4 unicast
[SwitchD-bgp-ipv4] peer 194.1.1.2 enable
[SwitchD-bgp-ipv4] peer 195.1.1.2 enable
[SwitchD-bgp-ipv4] quit
[SwitchD-bgp] quit
4. Configure attributes for route 1.0.0.0/8, making Switch D give priority to the route learned from Switch C:
? (Method 1.) Configure a higher MED value for the route 1.0.0.0/8 advertised from Switch A to peer 192.1.1.2:
# Define an ACL numbered 2000 to permit route 1.0.0.0/8.
[SwitchA] acl number 2000
[SwitchA-acl-basic-2000] rule permit source 1.0.0.0 0.255.255.255
[SwitchA-acl-basic-2000] quit
# Define two routing policies, apply_med_50, which sets the MED for route 1.0.0.0/8 to 50, and apply_med_100, which sets the MED for route 1.0.0.0/8 to 100.
[SwitchA] route-policy apply_med_50 permit node 10
[SwitchA-route-policy-apply_med_50-10] if-match ip address acl 2000
[SwitchA-route-policy-apply_med_50-10] apply cost 50
[SwitchA-route-policy-apply_med_50-10] quit
[SwitchA] route-policy apply_med_100 permit node 10
[SwitchA-route-policy-apply_med_100-10] if-match ip address acl 2000
[SwitchA-route-policy-apply_med_100-10] apply cost 100
[SwitchA-route-policy-apply_med_100-10] quit
# Apply routing policy apply_med_50 to the route advertised to peer 193.1.1.2 (Switch C), and apply_med_100 to the route advertised to peer 192.1.1.2 (Switch B).
[SwitchA] bgp 100
[SwitchA-bgp] address-family ipv4 unicast
[SwitchA-bgp-ipv4] peer 193.1.1.2 route-policy apply_med_50 export
[SwitchA-bgp-ipv4] peer 192.1.1.2 route-policy apply_med_100 export
[SwitchA-bgp-ipv4] quit
[SwitchA-bgp] quit
# Display the BGP routing table on Switch D.
[SwitchD] display bgp routing-table ipv4
Total number of routes: 2
BGP local router ID is 195.1.1.1
Status codes: * - valid, > - best, d - dampened, h - history,
s - suppressed, S - stale, i - internal, e - external
Origin: i - IGP, e - EGP, ? - incomplete
Network NextHop MED LocPrf PrefVal Path/Ogn
* >i 1.0.0.0 193.1.1.1 50 100 0 100i
* i 192.1.1.1 100 100 0 100i
Route 1.0.0.0/8 is the optimal.
? (Method 2.) Configure different local preferences on Switch B and C for route 1.0.0.0/8, making Switch D give priority to the route from Switch C:
# Define an ACL numbered 2000 on Switch C, permitting route 1.0.0.0/8.
[SwitchC] acl number 2000
[SwitchC-acl-basic-2000] rule permit source 1.0.0.0 0.255.255.255
[SwitchC-acl-basic-2000] quit
# Configure a routing policy named localpref on Switch C, setting the local preference of route 1.0.0.0/8 to 200 (the default is 100).
[SwitchC] route-policy localpref permit node 10
[SwitchC-route-policy-localpref-10] if-match ip address acl 2000
[SwitchC-route-policy-localpref-10] apply local-preference 200
[SwitchC-route-policy-localpref-10] quit
# Apply routing policy localpref to routes from peer 193.1.1.1.
[SwitchC] bgp 200
[SwitchC-bgp] address-family ipv4 unicast
[SwitchC-bgp-ipv4] peer 193.1.1.1 route-policy localpref import
[SwitchC-bgp-ipv4] quit
[SwitchC-bgp] quit
# Display the BGP routing table on Switch D.
[SwitchD] display bgp routing-table ipv4
Total number of routes: 2
BGP local router ID is 195.1.1.1
Status codes: * - valid, > - best, d - dampened, h - history,
s - suppressed, S - stale, i - internal, e - external
Origin: i - IGP, e - EGP, ? - incomplete
Network NextHop MED LocPrf PrefVal Path/Ogn
* >i 1.0.0.0 193.1.1.1 200 0 100i
* i 192.1.1.1 100 0 100i
Route 1.0.0.0/8 learned from Switch C is the optimal.
BGP GR configuration example
Network requirements
As shown in Figure 67, all switches run BGP. EBGP runs between Switch A and Switch B. IBGP runs between Switch B and Switch C. Enable GR capability for BGP so that the communication between Switch A and Switch C is not affected when an active/standby switchover occurs on Switch B.
Configuration procedure
1. Configure Switch A:
# Configure IP addresses for interfaces. (Details not shown.)
# Configure the EBGP connection.
<SwitchA> system-view
[SwitchA] bgp 65008
[SwitchA-bgp] router-id 1.1.1.1
[SwitchA-bgp] peer 200.1.1.1 as-number 65009
# Enable GR capability for BGP.
[SwitchA-bgp] graceful-restart
# Inject network 8.0.0.0/8 to the BGP routing table.
[SwitchA-bgp] address-family ipv4
[SwitchA-bgp-ipv4] network 8.0.0.0
# Enable Switch A to exchange IPv4 unicast routing information with Switch B.
[SwitchA-bgp-ipv4] peer 200.1.1.1 enable
2. Configure Switch B:
# Configure IP addresses for interfaces. (Details not shown.)
# Configure the EBGP connection.
<SwitchB> system-view
[SwitchB] bgp 65009
[SwitchB-bgp] router-id 2.2.2.2
[SwitchB-bgp] peer 200.1.1.2 as-number 65008
# Configure the IBGP connection.
[SwitchB-bgp] peer 9.1.1.2 as-number 65009
# Enable GR capability for BGP.
[SwitchB-bgp] graceful-restart
# Inject networks 200.1.1.0/24 and 9.1.1.0/24 to the BGP routing table.
[SwitchB-bgp] address-family ipv4
[SwitchB-bgp-ipv4] network 200.1.1.0 24
[SwitchB-bgp-ipv4] network 9.1.1.0 24
# Enable Switch B to exchange IPv4 unicast routing information with Switch A and Switch C.
[SwitchB-bgp-ipv4] peer 200.1.1.2 enable
[SwitchB-bgp-ipv4] peer 9.1.1.2 enable
3. Configure Switch C:
# Configure IP addresses for interfaces. (Details not shown.)
# Configure the IBGP connection.
<SwitchC> system-view
[SwitchC] bgp 65009
[SwitchC-bgp] router-id 3.3.3.3
[SwitchC-bgp] peer 9.1.1.1 as-number 65009
# Enable GR capability for BGP.
[SwitchC-bgp] graceful-restart
# Enable Switch C to exchange IPv4 unicast routing information with Switch B.
[SwitchC-bgp-ipv4] peer 9.1.1.1 enable
Verifying the configuration
Ping Switch C on Switch A. Meanwhile, perform an active/standby switchover on Switch B. The ping operation is successful during the whole switchover process. (Details not shown.)
BFD for BGP configuration example
Network requirements
As shown in Figure 68, configure OSPF as the IGP in AS 200.
· Establish two IBGP connections between Switch A and Switch C. When both paths operate correctly, Switch C uses the path Switch A<—>Switch B<—>Switch C to exchange packets with network 1.1.1.0/24.
· Configure BFD over the path. When the path fails, BFD can quickly detect the failure and notify it to BGP. Then, the path Switch A<—>Switch D<—>Switch C takes effect immediately.
Table 14 Interface and IP address assignment
|
Device |
Interface |
IP address |
Device |
Interface |
IP address |
|
Switch A |
Vlan-int100 |
3.0.1.1/24 |
Switch C |
Vlan-int101 |
3.0.2.2/24 |
|
|
Vlan-int200 |
2.0.1.1/24 |
|
Vlan-int201 |
2.0.2.2/24 |
|
Switch B |
Vlan-int100 |
3.0.1.2/24 |
Switch D |
Vlan-int200 |
2.0.1.2/24 |
|
|
Vlan-int101 |
3.0.2.1/24 |
|
Vlan-int201 |
2.0.2.1/24 |
Configuration procedure
1. Configure IP addresses for interfaces. (Details not shown.)
2. Configure OSPF to make sure that Switch A and Switch C are reachable to each other. (Details not shown.)
3. Configure BGP on Switch A:
# Establish two IBGP connections to Switch C.
<SwitchA> system-view
[SwitchA] bgp 200
[SwitchA-bgp] peer 3.0.2.2 as-number 200
[SwitchA-bgp] peer 2.0.2.2 as-number 200
[SwitchA-bgp] address-family ipv4 unicast
[SwitchA-bgp-ipv4] peer 3.0.2.2 enable
[SwitchA-bgp-ipv4] peer 2.0.2.2 enable
[SwitchA-bgp-ipv4] quit
[SwitchA-bgp] quit
# Create ACL 2000 to permit 1.1.1.0/24 to pass.
[SwitchA] acl number 2000
[SwitchA-acl-basic-2000] rule permit source 1.1.1.0 0.0.0.255
[SwitchA-acl-basic-2000] quit
# Create two route policies, apply_med_50 and apply_med_100. Policy apply_med_50 sets the MED for route 1.1.1.0/24 to 50. Policy apply_med_100 sets that to 100.
[SwitchA] route-policy apply_med_50 permit node 10
[SwitchA-route-policy-apply_med_50-10] if-match ip address acl 2000
[SwitchA-route-policy-apply_med_50-10] apply cost 50
[SwitchA-route-policy-apply_med_50-10] quit
[SwitchA] route-policy apply_med_100 permit node 10
[SwitchA-route-policy-apply_med_100-10] if-match ip address acl 2000
[SwitchA-route-policy-apply_med_100-10] apply cost 100
[SwitchA-route-policy-apply_med_100-10] quit
# Apply routing policy apply_med_50 to routes outgoing to peer 3.0.2.2, and apply routing policy apply_med_100 to routes outgoing to peer 2.0.2.2.
[SwitchA] bgp 200
[SwitchA-bgp] address-family ipv4 unicast
[SwitchA-bgp-ipv4] peer 3.0.2.2 route-policy apply_med_50 export
[SwitchA-bgp-ipv4] peer 2.0.2.2 route-policy apply_med_100 export
[SwitchA-bgp-ipv4] quit
# Enable BFD for peer 3.0.2.2.
[SwitchA-bgp] peer 3.0.2.2 bfd
[SwitchA-bgp] quit
4. Configure BGP on Switch C:
# Establish two IBGP connections to Switch A.
<SwitchC> system-view
[SwitchC] bgp 200
[SwitchC-bgp] peer 3.0.1.1 as-number 200
[SwitchC-bgp] peer 2.0.1.1 as-number 200
[SwitchC-bgp] address-family ipv4 unicast
[SwitchC-bgp-ipv4] peer 3.0.1.1 enable
[SwitchC-bgp-ipv4] peer 2.0.1.1 enable
[SwitchC-bgp-ipv4] quit
[SwitchC-bgp] quit
# Enable BFD for peer 3.0.1.1.
[SwitchC-bgp] peer 3.0.1.1 bfd
[SwitchC-bgp] quit
[SwitchC] quit
Verifying the configuration
# Display detailed BFD session information on Switch C.
<SwitchC> display bfd session verbose
Total Session Num: 1 Up Session Num: 1 Init Mode: Active
IPv4 Session Working Under Ctrl Mode:
Local Discr: 513 Remote Discr: 513
Source IP: 3.0.2.2 Destination IP: 3.0.1.1
Session State: Up Interface: N/A
Min Tx Inter: 500ms Act Tx Inter: 500ms
Min Rx Inter: 500ms Detect Inter: 2500ms
Rx Count: 135 Tx Count: 135
Connect Type: Indirect Running Up for: 00:00:58
Hold Time: 2457ms Auth mode: None
Detect Mode: Async Slot: 0
Protocol: BGP
Diag Info: No Diagnostic
The output shows that a BFD session has been established between Switch A and Switch C.
# Display BGP peer information on Switch C.
<SwitchC> display bgp peer ipv4
BGP local router ID: 3.3.3.3
Local AS number: 200
Total number of peers: 2 Peers in established state: 2
Peer AS MsgRcvd MsgSent OutQ PrefRcv Up/Down State
2.0.1.1 200 4 5 0 0 00:01:55 Established
3.0.1.1 200 4 5 0 0 00:01:52 Established
The output shows that Switch C has established two BGP connections with Switch A, and both connections are in Established state.
# Display route 1.1.1.0/24 on Switch C.
<SwitchC> display ip routing-table 1.1.1.0 24 verbose
Summary Count : 1
Destination: 1.1.1.0/24
Protocol: BGP Process ID: 0
SubProtID: 0x1 Age: 00h00m09s
Cost: 50 Preference: 255
Tag: 0 State: Active Adv
OrigTblID: 0x1 OrigVrf: default-vrf
TableID: 0x2 OrigAs: 0
NBRID: 0x15000001 LastAs: 0
AttrID: 0x1 Neighbor: 3.0.1.1
Flags: 0x10060 OrigNextHop: 3.0.1.1
Label: NULL RealNextHop: 3.0.2.1
BkLabel: NULL BkNextHop: N/A
Tunnel ID: Invalid Interface: Vlan-interface101
BkTunnel ID: Invalid BkInterface: N/A
The output shows that Switch C communicates with network 1.1.1.0/24 through the path Switch C<—>Switch B<—>Switch A.
# Break down the path Switch C<—>Switch B<—>Switch A and then display route 1.1.1.0/24 on Switch C.
<SwitchC> display ip routing-table 1.1.1.0 24 verbose
Summary Count : 1
Destination: 1.1.1.0/24
Protocol: BGP Process ID: 0
SubProtID: 0x1 Age: 00h03m08s
Cost: 100 Preference: 255
Tag: 0 State: Active Adv
OrigTblID: 0x1 OrigVrf: default-vrf
TableID: 0x2 OrigAs: 0
NBRID: 0x15000000 LastAs: 0
AttrID: 0x0 Neighbor: 2.0.1.1
Flags: 0x10060 OrigNextHop: 2.0.1.1
Label: NULL RealNextHop: 2.0.2.1
BkLabel: NULL BkNextHop: N/A
Tunnel ID: Invalid Interface: Vlan-interface201
BkTunnel ID: Invalid BkInterface: N/A
The output shows that Switch C communicates with network 1.1.1.0/24 through the path Switch C<—>Switch D<—>Switch A.
BGP FRR configuration example
Network requirements
As shown in Figure 69, configure BGP FRR so that when Link B fails, BGP uses Link A to forward traffic.
Configuration procedure
1. Configure IP addresses for interfaces. (Details not shown.)
2. Configure OSPF in AS 200 to ensure connectivity among Switch B, Switch C, and Switch D. (Details not shown.)
3. Configure BGP connections:
# Configure Switch A to establish EBGP sessions with Switch B and Switch C, and advertise network 1.1.1.1/32.
<SwitchA> system-view
[SwitchA] bgp 100
[SwitchA-bgp] router-id 1.1.1.1
[SwitchA-bgp] peer 10.1.1.2 as-number 200
[SwitchA-bgp] peer 30.1.1.3 as-number 200
[SwitchA-bgp] address-family ipv4 unicast
[SwitchA-bgp-ipv4] peer 10.1.1.2 enable
[SwitchA-bgp-ipv4] peer 30.1.1.3 enable
[SwitchA-bgp-ipv4] network 1.1.1.1 32
# Configure Switch B to establish an EBGP session with Switch A, and an IBGP session with Switch D.
<SwitchB> system-view
[SwitchB] bgp 200
[SwitchB-bgp] router-id 2.2.2.2
[SwitchB-bgp] peer 10.1.1.1 as-number 100
[SwitchB-bgp] peer 4.4.4.4 as-number 200
[SwitchB-bgp] peer 4.4.4.4 connect-interface loopback 0
[SwitchB-bgp] address-family ipv4 unicast
[SwitchB-bgp-ipv4] peer 10.1.1.1 enable
[SwitchB-bgp-ipv4] peer 4.4.4.4 enable
[SwitchB-bgp-ipv4] peer 4.4.4.4 next-hop-local
[SwitchB-bgp-ipv4] quit
[SwitchB-bgp] quit
# Configure Switch C to establish an EBGP session with Switch A, and an IBGP session with Switch D.
<SwitchC> system-view
[SwitchC] bgp 200
[SwitchC-bgp] router-id 3.3.3.3
[SwitchC-bgp] peer 30.1.1.1 as-number 100
[SwitchC-bgp] peer 4.4.4.4 as-number 200
[SwitchC-bgp] peer 4.4.4.4 connect-interface loopback 0
[SwitchC-bgp] address-family ipv4 unicast
[SwitchC-bgp-ipv4] peer 30.1.1.1 enable
[SwitchC-bgp-ipv4] peer 4.4.4.4 enable
[SwitchC-bgp-ipv4] peer 4.4.4.4 next-hop-local
[SwitchC-bgp-ipv4] quit
[SwitchC-bgp] quit
# Configure Switch D to establish IBGP sessions with Switch B and Switch C, and advertise network 4.4.4.4/32.
<SwitchD> system-view
[SwitchD] bgp 200
[SwitchD-bgp] router-id 4.4.4.4
[SwitchD-bgp] peer 2.2.2.2 as-number 200
[SwitchD-bgp] peer 2.2.2.2 connect-interface loopback 0
[SwitchD-bgp] peer 3.3.3.3 as-number 200
[SwitchD-bgp] peer 3.3.3.3 connect-interface loopback 0
[SwitchD-bgp] address-family ipv4 unicast
[SwitchD-bgp-ipv4] peer 2.2.2.2 enable
[SwitchD-bgp-ipv4] peer 3.3.3.3 enable
[SwitchD-bgp-ipv4] network 4.4.4.4 32
4. Configure preferred values so Link B is used to forward traffic between Switch A and Switch D:
# Configure Switch A to set the preferred value to 100 for routes received from Switch B.
[SwitchA-bgp-ipv4] peer 10.1.1.2 preferred-value 100
[SwitchA-bgp-ipv4] quit
[SwitchA-bgp] quit
# Configure Switch D to set the preferred value to 100 for routes received from Switch B.
[SwitchD-bgp-ipv4] peer 2.2.2.2 preferred-value 100
[SwitchD-bgp-ipv4] quit
[SwitchD-bgp] quit
5. Configure BGP FRR:
# On Switch A, configure the source address of BFD echo packets as 11.1.1.1.
[SwitchA] bfd echo-source-ip 11.1.1.1
# Create routing policy frr to set a backup next hop 30.1.1.3 (Switch C) for the route destined for 4.4.4.4/32.
[SwitchA] ip prefix-list abc index 10 permit 4.4.4.4 32
[SwitchA] route-policy frr permit node 10
[SwitchA-route-policy] if-match ip address prefix-list abc
[SwitchA-route-policy] apply fast-reroute backup-nexthop 30.1.1.3
[SwitchA-route-policy] quit
[SwitchA] bgp 100
[SwitchA-bgp] address-family ipv4 unicast
[SwitchA-bgp-ipv4] fast-reroute route-policy frr
[SwitchA-bgp-ipv4] quit
[SwitchA-bgp] quit
# On Switch D, configure the source address of BFD echo packets as 44.1.1.1.
[SwitchD] bfd echo-source-ip 44.1.1.1
# Create routing policy frr to set a backup next hop 3.3.3.3 (Switch C) for the route destined for 1.1.1.1/32.
[SwitchD] ip prefix-list abc index 10 permit 1.1.1.1 32
[SwitchD] route-policy frr permit node 10
[SwitchD-route-policy] if-match ip address prefix-list abc
[SwitchD-route-policy] apply fast-reroute backup-nexthop 3.3.3.3
[SwitchD-route-policy] quit
# Apply the routing policy to BGP FRR for BGP IPv4 unicast address family.
[SwitchD] bgp 200
[SwitchD-bgp] address-family ipv4 unicast
[SwitchD-bgp-ipv4] fast-reroute route-policy frr
[SwitchD-bgp-ipv4] quit
[SwitchD-bgp] quit
Verifying the configuration
# Display detailed information about the route to 4.4.4.4/32 on Switch A. The output shows the backup next hop for the route.
[SwitchA] display ip routing-table 4.4.4.4 32 verbose
Summary Count : 1
Destination: 4.4.4.4/32
Protocol: BGP Process ID: 0
SubProtID: 0x2 Age: 00h01m52s
Cost: 0 Preference: 255
IpPre: N/A QosLocalID: N/A
Tag: 0 State: Active Adv
OrigTblID: 0x0 OrigVrf: default-vrf
TableID: 0x2 OrigAs: 200
NibID: 0x15000003 LastAs: 200
AttrID: 0x5 Neighbor: 10.1.1.2
Flags: 0x10060 OrigNextHop: 10.1.1.2
Label: NULL RealNextHop: 10.1.1.2
BkLabel: NULL BkNextHop: 30.1.1.3
Tunnel ID: Invalid Interface: Vlan-interface 100
BkTunnel ID: Invalid BkInterface: Vlan-interface 200
FtnIndex: 0x0
# Display detailed information about the route to 1.1.1.1/32 on Switch D. The output shows the backup next hop for the route.
[SwitchD] display ip routing-table 1.1.1.1 32 verbose
Summary Count : 1
Destination: 1.1.1.1/32
Protocol: BGP Process ID: 0
SubProtID: 0x1 Age: 00h00m36s
Cost: 0 Preference: 255
IpPre: N/A QosLocalID: N/A
Tag: 0 State: Active Adv
OrigTblID: 0x0 OrigVrf: default-vrf
TableID: 0x2 OrigAs: 100
NibID: 0x15000003 LastAs: 100
AttrID: 0x1 Neighbor: 2.2.2.2
Flags: 0x10060 OrigNextHop: 2.2.2.2
Label: NULL RealNextHop: 20.1.1.2
BkLabel: NULL BkNextHop: 40.1.1.3
Tunnel ID: Invalid Interface: Vlan-interface 101
BkTunnel ID: Invalid BkInterface: Vlan-interface 201
FtnIndex: 0x0
Troubleshooting BGP
Symptom
Display BGP peer information by using the display bgp peer ipv4 unicast command. The state of the connection to a peer cannot become established.
Analysis
To become BGP peers, any two routers must establish a TCP connection using port 179 and exchange Open messages successfully.
Solution
1. To resolve the problem:
a. Use the display current-configuration command to verify the current configuration, and verify that the peer's AS number is correct.
b. Use the display bgp peer ipv4 unicast command to verify that the peer's IP address is correct.
c. If a loopback interface is used, verify that the loopback interface is specified with the peer connect-interface command.
d. If the peer is a non-direct EBGP peer, verify that the peer ebgp-max-hop command is configured.
e. Verify that a valid route to the peer is available.
f. Use the ping command to verify the connectivity to the peer.
g. Use the display tcp verbose command to verify the TCP connection.
h. Verify that no ACL rule is applied to disable TCP port 179.
2. If the problem persists, contact H3C Support.
Configuring PBR
Overview
Policy-based routing (PBR) uses user-defined policies to route packets. A policy can specify the next hop and other parameters for packets that match specific criteria such as ACLs.
A device forwards received packets using the following process:
1. The device uses PBR to forward matching packets.
2. If the packets do not match the PBR policy or the PBR-based forwarding fails, the device uses the routing table, excluding the default route, to forward the packets.
3. If the routing table-based forwarding fails, the device uses the default next hop or default output interface defined in PBR to forward packets.
4. If the default next hop or default output interface-based forwarding fails, the device uses the default route to forward packets.
PBR includes the following types:
· Local PBR guides the forwarding of locally generated packets, such as the ICMP packets generated by using the ping command.
· Interface PBR guides the forwarding of packets received on an interface only.
· Egress interface PBR guides the forwarding of outgoing packets through a route when equal-cost routes exist.
Policy
A policy comprises match criteria and actions to be taken on the matching packets. A policy can have one or multiple nodes as follows:
· Each node is identified by a node number. A smaller node number has a higher priority.
· A node comprises if-match and apply clauses. An if-match clause specifies a match criterion, and an apply clause specifies an action.
· A node has a match mode of permit or deny.
A policy matches nodes in priority order against packets. If a packet matches the criteria on a node, it is processed by the action on the node. Otherwise, it goes to the next node for a match. If the packet does not match the criteria on any node, it is forwarded according to the routing table.
if-match clause
PBR supports the following types of clauses:
· if-match acl—Sets the ACL match criterion.
· if-match vxlan-id—Sets the VXLAN match criterion. For more information about VXLAN, see VXLAN Configuration Guide.
apply clause
PBR supports the following types of apply clauses listed in a descending priority order:
· apply next-hop
· apply output-interface NULL 0
· apply default-next-hop
You can specify multiple apply clauses for a node.
Relationship between the match mode and clauses on the node
|
Does a packet match all the if-match clauses on the node? |
Match mode |
|
|
Permit |
Deny |
|
|
Yes. |
· If the node is configured with apply clauses, PBR executes the apply clauses on the node. PBR does not match the packet against the next node. · If the node is configured with no apply clause, the packet is forwarded according to the routing table. |
The packet is forwarded according to the routing table. |
|
No. |
PBR matches the packet against the next node. |
PBR matches the packet against the next node. |
A node that has no if-match clauses matches any packet.
PBR and Track
PBR can work with the Track feature to dynamically adapt the availability status of an apply clause to the link status of a tracked next hop:
· When the track entry associated with an object changes to Negative, the apply clause is invalid.
· When the track entry changes to Positive or NotReady, the apply clause is valid.
For more information about Track-PBR collaboration, see High Availability Configuration Guide.
PBR configuration task list
|
Tasks at a glance |
|
(Required.) Configuring a policy: |
|
(Required.) Configuring PBR: |
|
(Optional.) Enabling VXLAN mode for PBR |
Configuring a policy
Creating a node
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Create a node for a policy, and enter policy node view. |
policy-based-route policy-name [ deny | permit ] node node-number |
By default, no policy node is created. |
Setting match criteria for a node
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter policy node view. |
policy-based-route policy-name [ deny | permit ] node node-number |
N/A |
|
3. Set an ACL match criterion. |
if-match acl acl-number{ acl-number | name acl-name } |
By default, no ACL match criterion is set. |
|
4. Configure a VXLAN match criterion. |
if-match vxlan-id vxlan-id |
This command is available in Release 1138P01 and later versions. By default, no VXLAN match criterion is configured. Use this command only when you configure PBR for a VXLAN network. For interface PBR, configure this criterion to match the VXLAN IDs in packets received on the interface. For egress interface PBR, configure this criterion to match the VXLAN IDs used for replacing the original VXLAN IDs in packets received on the interface. |
|
|
NOTE: If an ACL match criterion is defined, packets are matched against the ACL rules, and the permit or deny action and the time range of the specified ACL are ignored. If the specified ACL does not exist, no packet is matched. |
Configuring actions for a node
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter policy node view. |
policy-based-route policy-name [ deny | permit ] node node-number |
N/A |
|
3. Set next hops. |
apply next-hop [ vpn-instance vpn-instance-name ] { ip-address [ direct ] [ track track-entry-number ] }&<1-n> |
By default, no next hop is specified. You can specify two next hops for backup in one command line or by executing this command twice. You can specify a maximum of two next hops for a node. |
|
4. Set default next hops. |
apply default-next-hop [ vpn-instance vpn-instance-name ] { ip-address [ direct ] [ track track-entry-number ] }&<1-n> |
By default, no default next hop is specified. You can specify two default next hops for backup in one command line or by executing this command twice. You can specify a maximum of two default next hops for a node. |
|
5. Set the output interface to interface Null 0. |
apply output-interface NULL 0 [ track track-entry-number ] |
By default, the output interface is not set to interface Null 0. |
Configuring PBR
Configuring local PBR
Configure PBR by applying a policy locally. PBR uses the policy to guide the forwarding of locally generated packets. The specified policy must already exist. Otherwise, the local PBR configuration fails.
You can apply only one policy locally. Before you apply a new policy, you must first remove the current policy.
Do not configure local PBR unless required.
To configure local PBR:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Apply a policy locally. |
ip local policy-based-route policy-name |
By default, no policy is locally applied. |
Configuring interface PBR
Configure PBR by applying a policy to an interface. PBR uses the policy to guide the forwarding of packets received on the interface. The specified policy must already exist. Otherwise, the interface PBR configuration fails.
You can apply only one policy to an interface. Before you apply a new policy, you must first remove the current policy from the interface.
You can apply a policy to multiple interfaces.
To configure interface PBR:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter interface view. |
interface interface-type interface-number |
N/A |
|
3. Apply a policy to the interface. |
ip policy-based-route policy-name |
By default, no policy is applied to the interface. |
Configuring egress interface PBR
|
|
IMPORTANT: This feature is available in Release 1138P01 and later versions. |
In a VXLAN network, equal-cost routes might exist between two endpoints of a VXLAN tunnel. The device cannot route VXLAN packets to the exact next hop. This feature allows you to configure PBR on a VXLAN tunnel interface to guide the outgoing VXLAN packets.
You can apply only one policy to an egress interface. Before you apply a new policy, you must first remove the existing policy from the interface.
To configure egress interface PBR:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Create a VXLAN tunnel interface and enter tunnel interface view. |
interface tunnel tunnel-number mode vxlan |
By default, no tunnel interfaces exist. The endpoints of a tunnel must use the same tunnel mode to correctly transmit packets. |
|
3. Apply a policy to the egress interface. |
ip policy-based-route policy-name egress |
By default, no policy is applied to the egress interface. |
Enabling VXLAN mode for PBR
|
|
IMPORTANT: This feature is available in Release 1138P01 and later versions. |
The hardware resources provided for VXLAN networks and non-VXLAN networks are different. This feature enables PBR to forward matching IP packets into VXLAN networks. For more information about VXLAN, see VXLAN Configuration Guide.
To enable VXLAN mode for PBR:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enable VXLAN mode for PBR. |
ip policy-based-route vxlan-mode enable |
By default, VXLAN mode for PBR is disabled. |
Displaying and maintaining PBR
Execute display commands in any view and reset commands in user view.
|
Task |
Command |
|
Display PBR policy information. |
display ip policy-based-route [ policy policy-name ] |
|
Display PBR configuration. |
display ip policy-based-route setup |
|
Display local PBR configuration and statistics (in standalone mode). |
display ip policy-based-route local [ slot slot-number ] |
|
Display local PBR configuration and statistics (in IRF mode). |
display ip policy-based-route local [ chassis chassis-number slot slot-number ] |
|
Display interface PBR configuration and statistics (in standalone mode). |
display ip policy-based-route interface interface-type interface-number [ slot slot-number ] |
|
Display interface PBR configuration and statistics (in IRF mode). |
display ip policy-based-route interface interface-type interface-number [ chassis chassis-number slot slot-number ] |
|
Clear PBR statistics. |
reset ip policy-based-route statistics [ policy policy-name ] |
PBR configuration examples
Packet type-based local PBR configuration example
Network requirements
As shown in Figure 70, configure PBR on Switch A to forward all TCP packets to the next hop 1.1.2.2. Switch A forwards other packets according to the routing table.
Configuration procedure
1. Configure Switch A:
# Create VLAN 10 and VLAN 20.
<SwitchA> system-view
[SwitchA] vlan 10
[SwitchA-vlan10] quit
[SwitchA] vlan 20
[SwitchA-vlan20] quit
# Configure the IP addresses of VLAN-interface 10 and VLAN-interface 20.
[SwitchA] interface vlan-interface 10
[SwitchA-Vlan-interface10] ip address 1.1.2.1 24
[SwitchA-Vlan-interface10] quit
[SwitchA] interface vlan-interface 20
[SwitchA-Vlan-interface20] ip address 1.1.3.1 24
[SwitchA-Vlan-interface20] quit
# Configure ACL 3101 to match TCP packets.
[SwitchA] acl number 3101
[SwitchA-acl-adv-3101] rule permit tcp
[SwitchA-acl-adv-3101] quit
# Configure Node 5 for policy aaa to forward TCP packets to next hop 1.1.2.2.
[SwitchA] policy-based-route aaa permit node 5
[SwitchA-pbr-aaa-5] if-match acl 3101
[SwitchA-pbr-aaa-5] apply next-hop 1.1.2.2
[SwitchA-pbr-aaa-5] quit
# Configure local PBR by applying policy aaa to Switch A.
[SwitchA] ip local policy-based-route aaa
2. Configure Switch B:
# Create VLAN 10.
<SwitchB> system-view
[SwitchB] vlan 10
[SwitchB-vlan10] quit
# Configure the IP address of VLAN-interface 10.
[SwitchB] interface vlan-interface 10
[SwitchB-Vlan-interface10] ip address 1.1.2.2 24
3. Configure Switch C:
# Create VLAN 20.
<SwitchC> system-view
[SwitchC] vlan 20
[SwitchC-vlan20] quit
# Configure the IP address of VLAN-interface 20.
[SwitchC] interface vlan-interface 20
[SwitchC-Vlan-interface20] ip address 1.1.3.2 24
Verifying the configuration
# Telnet to Switch B on Switch A. The operation succeeds.
# Telnet to Switch C on Switch A. The operation fails.
# Ping Switch C from Switch A. The operation succeeds.
Telnet uses TCP and ping uses ICMP. The preceding results show that all TCP packets sent from Switch A are forwarded to the next hop 1.1.2.2, and other packets are forwarded through VLAN-interface 20. The local PBR configuration is effective.
Packet type-based interface PBR configuration example
Network requirements
As shown in Figure 71, configure PBR on Switch A to forward all TCP packets received on VLAN-interface 11 to the next hop 1.1.2.2. Switch A forwards other packets according to the routing table.
Configuration procedure
1. Configure Switch A:
# Create VLAN 10 and VLAN 20.
<SwitchA> system-view
[SwitchA] vlan 10
[SwitchA-vlan10] quit
[SwitchA] vlan 20
[SwitchA-vlan20] quit
# Configure the IP addresses of VLAN-interface 10 and VLAN-interface 20.
[SwitchA] interface vlan-interface 10
[SwitchA-Vlan-interface10] ip address 1.1.2.1 24
[SwitchA-Vlan-interface10] quit
[SwitchA] interface vlan-interface 20
[SwitchA-Vlan-interface20] ip address 1.1.3.1 24
[SwitchA-Vlan-interface20] quit
# Configure ACL 3101 to match TCP packets.
[SwitchA] acl number 3101
[SwitchA-acl-adv-3101] rule permit tcp
[SwitchA-acl-adv-3101] quit
# Configure Node 5 for policy aaa to forward TCP packets to next hop 1.1.2.2.
[SwitchA] policy-based-route aaa permit node 5
[SwitchA-pbr-aaa-5] if-match acl 3101
[SwitchA-pbr-aaa-5] apply next-hop 1.1.2.2
[SwitchA-pbr-aaa-5] quit
# Configure interface PBR by applying policy aaa to VLAN-interface 11.
[SwitchA] interface vlan-interface 11
[SwitchA-Vlan-interface11] ip address 10.110.0.10 24
[SwitchA-Vlan-interface11] ip policy-based-route aaa
[SwitchA-Vlan-interface11] quit
2. Configure Switch B:
# Create VLAN 10.
<SwitchB> system-view
[SwitchB] vlan 10
[SwitchB-vlan10] quit
# Configure the IP address of VLAN-interface 10.
[SwitchB] interface vlan-interface 10
[SwitchB-Vlan-interface10] ip address 1.1.2.2 24
[SwitchB-Vlan-interface10] quit
# Configure a static route to subnet 10.110.0.0/24.
[SwitchB] ip route-static 10.110.0.0 24 1.1.2.1
3. Configure Switch C:
# Create VLAN 20.
<SwitchC> system-view
[SwitchC] vlan 20
[SwitchC-vlan20] quit
# Configure the IP address of VLAN-interface 20.
[SwitchC] interface vlan-interface 20
[SwitchC-Vlan-interface20] ip address 1.1.3.2 24
[SwitchC-Vlan-interface20] quit
# Configure a static route to subnet 10.110.0.0/24.
[SwitchC] ip route-static 10.110.0.0 24 1.1.3.1
Verifying the configuration
# Configure the IP address 10.110.0.20/24 for Host A, and specify its gateway address as 10.110.0.10.
# On Host A, Telnet to Switch B that is directly connected to Switch A. The operation succeeds.
# On Host A, Telnet to Switch C that is directly connected to Switch A. The operation fails.
# Ping Switch C from Host A. The operation succeeds.
Telnet uses TCP and ping uses ICMP. The preceding results show that all TCP packets arriving on VLAN-interface 11 of Switch A are forwarded to next hop 1.1.2.2, and other packets are forwarded through VLAN-interface 20. The interface PBR configuration is effective.
Egress interface PBR configuration example
Network requirements
As shown in Figure 72, Switch C and Switch D are Layer 3 switches in the transport network. VXLAN 10 is configured on Switch A and Switch B (as VTEPs) to provide Layer 2 connectivity for VM 1 and VM 2 across the network sites.
· A VXLAN tunnel between the VTEPs is manually established.
· The tunnel is assigned to the VXLAN.
· Remote MAC address learning is enabled.
· The VTEPs flood VXLAN traffic in unicast mode (head-end replication).
Traffic from VM 1 to VM 2 enters the VXLAN tunnel through one of the equal-cost routes (with the next hop 2.1.1.2) between the VXLAN endpoints.
Configure egress interface PBR for Tunnel 1 on Switch A to forward the traffic through the route with the next hop 1.1.1.2.
Configuration procedure
1. Configure IP addresses and unicast routing settings:
# Assign IP address to interfaces, as shown in Figure 72. (Details not shown.)
# Configure OSPF on all switches in the transport network. (Details not shown.)
2. Configure Switch A:
# Enable L2VPN.
<SwitchA> system-view
[SwitchA] l2vpn enable
# Enable Layer 2 forwarding for VXLANs.
[SwitchA] undo vxlan ip-forwarding
# Create the VSI vpna and VXLAN 10.
[SwitchA] vsi vpna
[SwitchA-vsi-vpna] vxlan 10
[SwitchA-vsi-vpna-vxlan-10] quit
[SwitchA-vsi-vpna] quit
# Assign an IP address to Loopback 0. The IP address will be used as the source IP address of the VXLAN tunnel.
[SwitchA] interface loopback 0
[SwitchA-Loopback0] ip address 6.6.6.6 255.255.255.255
[SwitchA-Loopback0] quit
# Create a VXLAN tunnel to Switch B. The tunnel interface is Tunnel 1. The tunnel destination is Loopback 0 at 8.8.8.8 on Switch B.
[SwitchA] interface tunnel 1 mode vxlan
[SwitchA-Tunnel1] source 6.6.6.6
[SwitchA-Tunnel1] destination 8.8.8.8
[SwitchA-Tunnel1] quit
# Assign Tunnel 1 to VXLAN 10.
[SwitchA] vsi vpna
[SwitchA-vsi-vpna] vxlan 10
[SwitchA-vsi-vpna-vxlan-10] tunnel 1
[SwitchA-vsi-vpna-vxlan-10] quit
[SwitchA-vsi-vpna] quit
# Create Ethernet service instance 1000 on GigabitEthernet 1/0/1 to match frames from VLAN 10.
[SwitchA] interface gigabitethernet 1/0/1
[SwitchA-GigabitEthernet1/0/1] service-instance 1000
[SwitchA-GigabitEthernet1/0/1-srv1000] encapsulation s-vid 10
# Map Ethernet service instance 1000 to the VSI vpna.
[SwitchA-GigabitEthernet1/0/1-srv1000] xconnect vsi vpna
[SwitchA-GigabitEthernet1/0/1-srv1000] quit
[SwitchA-GigabitEthernet1/0/1] quit
# Configure node 5 for the policy aaa, and configure a VXLAN match criterion for the policy to forward packets with the VXLAN ID 10 to 1.1.1.2.
[SwitchA] policy-based-route aaa permit node 5
[SwitchA-pbr-aaa-5] if-match vxlan 10
[SwitchA-pbr-aaa-5] apply next-hop 1.1.1.2
[SwitchA-pbr-aaa-5] quit
# Apply the policy to Tunnel 1 to guide the forwarding of outgoing packets.
[SwitchA] interface tunnel 1
[SwitchA-Tunnel1] ip policy-based-route aaa egress
[SwitchA-Tunnel1] quit
3. Configure Switch B:
# Enable L2VPN.
<SwitchB> system-view
[SwitchB] l2vpn enable
# Enable Layer 2 forwarding for VXLANs.
[SwitchB] undo vxlan ip-forwarding
# Create the VSI vpna and VXLAN 10.
[SwitchB] vsi vpna
[SwitchB-vsi-vpna] vxlan 10
[SwitchB-vsi-vpna-vxlan-10] quit
[SwitchB-vsi-vpna] quit
# Assign an IP address to Loopback 0. The IP address will be used as the source IP address of the VXLAN tunnel.
[SwitchB] interface loopback 0
[SwitchB-Loopback0] ip address 8.8.8.8 255.255.255.255
[SwitchB-Loopback0] quit
# Create a VXLAN tunnel to Switch A. The tunnel interface is Tunnel 1. The tunnel destination is Loopback 0 at 6.6.6.6 on Switch A.
[SwitchB] interface tunnel 1 mode vxlan
[SwitchB-Tunnel1] source 8.8.8.8
[SwitchB-Tunnel1] destination 6.6.6.6
[SwitchB-Tunnel1] quit
# Assign Tunnel 1 to VXLAN 10.
[SwitchB] vsi vpna
[SwitchB-vsi-vpna] vxlan 10
[SwitchB-vsi-vpna-vxlan-10] tunnel 1
[SwitchB-vsi-vpna-vxlan-10] quit
[SwitchB-vsi-vpna] quit
# Create Ethernet service instance 1000 on GigabitEthernet 1/0/1 to match frames from VLAN 10.
[SwitchB] interface gigabitethernet 1/0/1
[SwitchB-GigabitEthernet1/0/1] service-instance 1000
[SwitchB-GigabitEthernet1/0/1-srv1000] encapsulation s-vid 10
# Map Ethernet service instance 1000 to the VSI vpna.
[SwitchB-GigabitEthernet1/0/1-srv1000] xconnect vsi vpna
[SwitchB-GigabitEthernet1/0/1-srv1000] quit
[SwitchB-GigabitEthernet1/0/1] quit
Configuring routing policies
Overview
Routing policies can filter advertised, received, and redistributed routes, and modify attributes for specific routes.
To configure a routing policy:
1. Configure filters based on route attributes, such as destination address and the advertising router's address.
2. Create a routing policy and apply filters to the routing policy.
Filters
Routing policies can use the following filters to match routes.
ACL
An ACL can match the destination or next hop of routing information.
For more information about ACLs, see ACL and QoS Configuration Guide.
IP prefix list
An IP prefix list matches the destination address of routing information. You can use the gateway option to receive routing information only from specific routers. For more information about the gateway option, see "Configuring RIP" and "Configuring OSPF."
An IP prefix list, identified by name, can comprise multiple items. Each item, identified by an index number, specifies a prefix range to match. An item with a smaller index number is matched first. A route that matches one item matches the IP prefix list.
AS path list
An AS path list matches the AS_PATH attribute of BGP routing information.
For more information about AS path lists, see "Configuring BGP."
Community list
A community list matches the COMMUNITY attribute of BGP routing information.
For more information about community lists, see "Configuring BGP."
Extended community list
An extended community list matches the extended community attribute of BGP routing information.
Routing policy
A routing policy can comprise multiple nodes, which are in a logical OR relationship. A node with a smaller number is matched first. A route (except the route configured with the continue clauses) that matches one node matches the routing policy.
Each node has a match mode of permit or deny.
· permit—Specifies the permit match mode for a routing policy node. If a route matches all the if-match clauses of the node, it is handled by the apply clauses of the node and does not match against the next node unless the continue clause is configured. If not, it matches against the next node.
· deny—Specifies the deny match mode for a routing policy node. The apply and continue clauses of a deny-mode node are never executed. If a route matches all the if-match clauses of the node, it is discarded and does not match against the next node. If a route does not match all the if-match clauses of the node, it matches against the next node.
A node can comprise a set of if-match, apply, and continue clauses.
· if-match clauses—Configure the match criteria that match the attributes of routing information. The if-match clauses are in a logical AND relationship. A route must match all the if-match clauses to match the node.
· apply clauses—Specify the actions to be taken on permitted routes, such as modifying a route attribute.
· continue clause—Specify the next node. A route that matches the current node (permit-mode node) must match the specified next node in the same routing policy. The continue clause combines the if-match and apply clauses of the two nodes to improve flexibility of the routing policy.
Follow these guidelines when you configure if-match, apply, and continue clauses:
· If you only want to filter routes, do not configure apply clauses.
· If you do not configure any if-match clauses for a permit-mode node, the node will permit all routes.
· Configure a permit-mode node containing no if-match or apply clauses behind multiple deny-mode nodes to allow unmatched routes to pass.
Configuring filters
Configuration prerequisites
Determine the IP prefix list name, matching address range, and community list number.
Configuring an IP prefix list
If all the items are set to deny mode, no routes can pass the IP prefix list. To allow other IP routing information to pass, you must configure the permit 0.0.0.0 0 less-equal 32 item following multiple deny items.
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Configure an IP prefix list. |
ip prefix-list prefix-list-name [ index index-number ] { deny | permit } ip-address mask-length [ greater-equal min-mask-length ] [ less-equal max-mask-length ] |
By default, no IP prefix list is configured. |
Configuring an AS path list
You can configure multiple items for an AS path list that is identified by a number. The relationship between items is logical OR. A route that matches one item matches the AS path list.
To configure an AS path list:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Configure an AS path list. |
ip as-path as-path-number { deny | permit } regular-expression |
By default, no AS path list is configured. |
Configuring a community list
You can configure multiple items for a community list that is identified by number. The relationship between the items is logic OR. A route that matches one item matches the community list.
To configure a community list:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Configure a community list. |
·
Configure a basic community list: ·
Configure an advanced community list: |
Use either method. By default, no community list is configured. |
Configuring an extended community list
You can configure multiple items for an extended community list that is identified by a number. The relationship between items is logic OR. A route that matches one item matches the extended community list.
To configure an extended community list:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Configure an extended community list. |
ip extcommunity-list ext-comm-list-number { deny | permit } { rt route-target }&<1-32> |
By default, no extended community list is configured. |
Configuring a routing policy
Configuration prerequisites
Configure filters and routing protocols, and determine the routing policy name, node numbers, match criteria, and the attributes to be modified.
Creating a routing policy
For a routing policy that has more than one node, configure at least one permit-mode node. A route that does not match any node cannot pass the routing policy. If all the nodes are in deny mode, no routing information can pass the routing policy.
To create a routing policy:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Create a routing policy and a node, and enter routing policy node view. |
route-policy route-policy-name { deny | permit } node node-number |
By default, no routing policy is created. |
Configuring if-match clauses
You can either specify no if-match clauses or multiple if-match clauses for a routing policy node. If no if-match clause is specified for a permit-mode node, all routing information can pass the node. If no if-match clause is specified for a deny-mode node, no routing information can pass the node.
The if-match clauses of a routing policy node have a logical AND relationship. A route must meet all if-match clauses before it can be executed by the apply clauses of the node. If an if-match command exceeds the maximum length, multiple identical if-match clauses are generated. These clauses have a logical OR relationship. A route only needs to match one of them.
To configure if-match clauses:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter routing policy node view. |
route-policy route-policy-name { deny | permit } node node-number |
N/A |
|
3. Match routes whose destination, next hop, or source address matches a specified prefix list. |
if-match ip { address | next-hop | route-source } { acl acl-number | prefix-list prefix-list-name } |
By default, no prefix list match criterion is configured. If the ACL used by an if-match clause does not exist, the clause is always matched. If no rules of the specified ACL are matched or the match rules are inactive, the clause is not matched. |
|
4. Match BGP routes whose AS_PATH attribute matches a specified AS path list. |
if-match as-path as-path-number&<1-32> |
By default, no AS path match criterion is configured. |
|
5. Match BGP routes whose COMMUNITY attribute matches a specified community list. |
if-match community { { basic-community-list-number | name comm-list-name } [ whole-match ] | adv-community-list-number }&<1-32> |
By default, no COMMUNITY match criterion is matched. |
|
6. Match routes having the specified cost. |
if-match cost value |
By default, no cost match criterion is configured. |
|
7. Match BGP routes whose extended community attribute matches a specified extended community list. |
if-match extcommunity ext-comm-list-number&<1-32> |
By default, no extended community list match criterion is configured. |
|
8. Match routes having the specified output interface. |
if-match interface { interface-type interface-number }&<1-16> |
By default, no output interface match criterion is configured. This command is not supported by BGP. |
|
9. Match BGP routes having the specified local preference. |
if-match local-preference preference |
By default, no local preference is configured for BGP routes. |
|
10. Match routes having the specified route type. |
if-match route-type { external-type1 | external-type1or2 | external-type2 | internal | is-is-level-1 | is-is-level-2 | nssa-external-type1 | nssa-external-type1or2 | nssa-external-type2 } * |
By default, no route type match criterion is configured. |
|
11. Match RIP, OSPF, and IS-IS routes having the specified tag value. |
if-match tag value |
By default, no tag match criterion is configured. |
Configuring apply clauses
To configure apply clauses:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter routing policy node view. |
route-policy route-policy-name { deny | permit } node node-number |
N/A |
|
3. Set the AS_PATH attribute for BGP routes. |
By default, no AS_PATH attribute is set for BGP routes. |
|
|
4. Delete the specified COMMUNITY attribute for BGP routes. |
apply comm-list { comm-list-number | comm-list-name } delete |
By default, no COMMUNITY attribute is deleted for BGP routes. |
|
5. Set the specified COMMUNITY attribute for BGP routes. |
apply community { none | additive | { community-number&<1-32> | aa:nn&<1-32> | internet | no-advertise | no-export | no-export-subconfed } * [ additive ] } |
By default, no community attribute is set for BGP routes. |
|
6. Set a cost for routes. |
apply cost [ + | - ] value |
By default, no cost is set for routes. |
|
7. Set a cost type for routes. |
apply cost-type { external | internal | type-1 | type-2 } |
By default, no cost type is set for routes. |
|
8. Set the extended community attribute for BGP routes. |
apply extcommunity { rt route-target }&<1-32> [ additive ] |
By default, no extended community attribute is set for BGP routes. |
|
9. Set the next hop for routes. |
apply ip-address next-hop ip-address [ public | vpn-instance vpn-instance-name ] |
By default, no next hop is set for routes. The apply ip-address next-hop commands does not apply to redistributed routes. |
|
10. Redistribute routes to a specified ISIS level. |
apply isis { level-1 | level-1-2 | level-2 } |
By default, routes are not redistributed into a specified IS-IS level. |
|
11. Set a local preference for BGP routes. |
apply local-preference preference |
By default, no local preference is set for BGP routes. |
|
12. Set the ORIGIN attribute for BGP routes. |
apply origin { egp as-number | igp | incomplete } |
By default, no ORIGIN attribute is set for BGP routes. |
|
13. Set a preference. |
apply preference preference |
By default, no preference is set. |
|
14. Set a preferred value for BGP routes. |
apply preferred-value preferred-value |
By default, no preferred value is set for BGP routes. |
|
15. Set a prefix priority. |
apply prefix-priority { critical | high | medium } |
By default, no prefix priority is set, which means the prefix priority is low. |
|
16. Set a tag value for RIP, OSPF, and IS-IS route. |
apply tag value |
By default, no tag value is set for RIP, OSPF, and IS-IS routes. |
|
17. Set a backup link for fast reroute (FRR). |
apply fast-reroute { backup-interface interface-type interface-number [ backup-nexthop ip-address ] | backup-nexthop ip-address } |
By default, no backup link is set for FRR. |
Configuring a continue clause
Follow these guidelines when you configure a continue clause:
· If you configure the same type of apply clauses that set different values on nodes that are combined by the continue clause, and the apply clauses are not configured with the additive keyword, the apply clause configured on the last matching node takes effect. If the apply clauses are configured with the additive keyword (including the apply as-path clauses without the replace keyword, the apply cost clauses with the + or - keyword, the apply community clauses with the additive keyword, and the apply extcommunity clauses with the additive keyword), all the apply clauses configured on the matching nodes take effect.
· If you configure the apply community clause for multiple nodes that are combined by the continue clause, the apply comm-list delete clause configured on the current node cannot delete the community attributes set by preceding nodes.
To configure a continue clause:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter routing policy node view. |
route-policy route-policy-name { deny | permit } node node-number |
N/A |
|
3. Specify the next node to be matched. |
By default, no continue clause is configured. The specified next node must have a larger number than the current node. |
Displaying and maintaining the routing policy
Execute display commands in any view and reset commands in user view.
|
Task |
Command |
|
Display BGP AS path list information. |
display ip as-path [ as-path-number ] |
|
Display BGP community list information. |
display ip community-list [ basic-community-list-number | adv-community-list-number | name comm-list-name ] |
|
Display BGP extended community list information. |
display ip extcommunity-list [ ext-comm-list-number ] |
|
Display IP prefix list statistics. |
display ip prefix-list [ name prefix-list-name ] |
|
Display routing policy information. |
display route-policy [ name route-policy-name ] |
|
Clear IP prefix list statistics. |
reset ip prefix-list [ prefix-list-name ] |
Applying a routing policy to route redistribution
Network Requirements
As shown in Figure 73, Switch B exchanges routing information with Switch A by using OSPF and with Switch C by using IS-IS.
On Switch B, enable route redistribution from IS-IS to OSPF, and use a routing policy to set the cost of route 172.17.1.0/24 to 100 and the tag of route 172.17.2.0/24 to 20.
Configuration procedure
1. Specify IP addresses for interfaces. (Details not shown.)
2. Configure IS-IS:
# Configure Switch C.
<SwitchC> system-view
[SwitchC] isis
[SwitchC-isis-1] is-level level-2
[SwitchC-isis-1] network-entity 10.0000.0000.0001.00
[SwitchC-isis-1] quit
[SwitchC] interface vlan-interface 200
[SwitchC-Vlan-interface200] isis enable
[SwitchC-Vlan-interface200] quit
[SwitchC] interface vlan-interface 201
[SwitchC-Vlan-interface201] isis enable
[SwitchC-Vlan-interface201] quit
[SwitchC] interface vlan-interface 202
[SwitchC-Vlan-interface202] isis enable
[SwitchC-Vlan-interface202] quit
[SwitchC] interface vlan-interface 203
[SwitchC-Vlan-interface203] isis enable
[SwitchC-Vlan-interface203] quit
# Configure Switch B.
<SwitchB> system-view
[SwitchB] isis
[SwitchB-isis-1] is-level level-2
[SwitchB-isis-1] network-entity 10.0000.0000.0002.00
[SwitchB-isis-1] quit
[SwitchB] interface vlan-interface 200
[SwitchB-Vlan-interface200] isis enable
[SwitchB-Vlan-interface200] quit
3. Configure OSPF and route redistribution:
# Configure OSPF on Switch A.
<SwitchA> system-view
[SwitchA] ospf
[SwitchA-ospf-1] area 0
[SwitchA-ospf-1-area-0.0.0.0] network 192.168.1.0 0.0.0.255
[SwitchA-ospf-1-area-0.0.0.0] quit
[SwitchA-ospf-1] quit
# On Switch B, configure OSPF and enable route redistribution from IS-IS.
[SwitchB] ospf
[SwitchB-ospf-1] area 0
[SwitchB-ospf-1-area-0.0.0.0] network 192.168.1.0 0.0.0.255
[SwitchB-ospf-1-area-0.0.0.0] quit
[SwitchB-ospf-1] import-route isis 1
[SwitchB-ospf-1] quit
# Display the OSPF routing table on Switch A to view redistributed routes.
[SwitchA] display ospf routing
OSPF Process 1 with Router ID 192.168.1.1
Routing Tables
Routing for Network
Destination Cost Type NextHop AdvRouter Area
192.168.1.0/24 1 Stub 192.168.1.1 192.168.1.1 0.0.0.0
Routing for ASEs
Destination Cost Type Tag NextHop AdvRouter
172.17.1.0/24 1 Type2 1 192.168.1.2 192.168.2.2
172.17.2.0/24 1 Type2 1 192.168.1.2 192.168.2.2
172.17.3.0/24 1 Type2 1 192.168.1.2 192.168.2.2
Total Nets: 4
Intra Area: 1 Inter Area: 0 ASE: 3 NSSA: 0
4. Configure filtering lists:
# Configure ACL 2002 to permit route 172.17.2.0/24.
[SwitchB] acl number 2002
[SwitchB-acl-basic-2002] rule permit source 172.17.2.0 0.0.0.255
[SwitchB-acl-basic-2002] quit
# Configure IP prefix list prefix-a to permit route 172.17.1.0/24.
[SwitchB] ip prefix-list prefix-a index 10 permit 172.17.1.0 24
5. Configure a routing policy.
[SwitchB] route-policy isis2ospf permit node 10
[SwitchB-route-policy-isis2ospf-10] if-match ip address prefix-list prefix-a
[SwitchB-route-policy-isis2ospf-10] apply cost 100
[SwitchB-route-policy-isis2ospf-10] quit
[SwitchB] route-policy isis2ospf permit node 20
[SwitchB-route-policy-isis2ospf-20] if-match ip address acl 2002
[SwitchB-route-policy-isis2ospf-20] apply tag 20
[SwitchB-route-policy-isis2ospf-20] quit
[SwitchB] route-policy isis2ospf permit node 30
[SwitchB-route-policy-isis2ospf-30] quit
6. Apply the routing policy to route redistribution:
# On Switch B, enable route redistribution from IS-IS and apply the routing policy.
[SwitchB] ospf
[SwitchB-ospf-1] import-route isis 1 route-policy isis2ospf
[SwitchB-ospf-1] quit
# Display the OSPF routing table on Switch A.
[SwitchA] display ospf routing
OSPF Process 1 with Router ID 192.168.1.1
Routing Tables
Routing for Network
Destination Cost Type NextHop AdvRouter Area
192.168.1.0/24 1 Transit 192.168.1.1 192.168.1.1 0.0.0.0
Routing for ASEs
Destination Cost Type Tag NextHop AdvRouter
172.17.1.0/24 100 Type2 1 192.168.1.2 192.168.2.2
172.17.2.0/24 1 Type2 20 192.168.1.2 192.168.2.2
172.17.3.0/24 1 Type2 1 192.168.1.2 192.168.2.2
Total Nets: 4
Intra Area: 1 Inter Area: 0 ASE: 3 NSSA: 0
The output shows that the cost of route 172.17.1.0/24 is 100 and the tag of route 172.17.2.0/24 is 20.
Numerics
4-byte
IPv4 BGP AS number suppression, 204
A
ABR
OSPF route summarization, 71
OSPF router type, 60
OSPF summary network discard route, 71
ACL
IP routing policy, 267
action
PBR node, 257
address
IP routing IS-IS area, 120
IP routing IS-IS format, 119
IP routing IS-IS NSAP format, 119
IP routing IS-IS routing method, 120
adjacency
OSPF BDR, 62
OSPF DR, 62
advertisement
BGP update advertisement delay, 192
advertising
BGP COMMUNITY NO_ADVERTISE path attribute, 168
BGP configuration, 168, 178
BGP default route to peer/peer group, 188
BGP optimal route, 188
BGP optimal route advertisement, 188
BGP route advertisement rules, 172
BGP route generation, 185
IP routing IS-IS default route, 130
IP routing RIP default route, 27
IP routing RIP on interface, 24
IP routing RIP summary route advertisement configuration, 43
IP routing RIPv2 summary route, 26
IPv4 BGP basic configuration, 220
IPv4 BGP BFD configuration, 247
IPv4 BGP COMMUNITY configuration, 209, 232
IPv4 BGP confederation configuration, 238
IPv4 BGP configuration, 220
IPv4 BGP fake AS number advertisement, 200
IPv4 BGP GR configuration, 245
IPv4 BGP load balancing configuration, 230
IPv4 BGP path selection configuration, 242
IPv4 BGP route reflector configuration, 235
IPv4 BGP route summarization, 227
IPv4 BGP-IGP route redistribution, 224
OSPF configuration, 57, 63
OSPF host route advertisement, 75
OSPF route summarization configuration, 97
applying
IP routing policy apply clause, 267
IP routing policy apply clause configuration, 271
IP routing policy to route redistribution, 273
PBR apply clause, 255
area
IP routing IS-IS, 121
IP routing IS-IS area address, 120
IP routing IS-IS area authentication, 142
OSPF area, 66
OSPF area configuration (NSSA), 67, 102
OSPF area configuration (stub), 66, 100
OSPF areas, 58
OSPF authentication (area), 80
OSPF backbone, 59
OSPF network type, 68
OSPF NSSA area, 60
OSPF stub area, 59
OSPF totally NSSA area, 60
OSPF totally stub area, 59
OSPF virtual link, 68
AS
BGP confederation, 211
BGP confederation compatibility, 212
BGP configuration, 168, 178
BGP first AS number of EBGP route updates, 201
BGP MED attribute configuration, 195
BGP path AS_PATH attribute, 168
BGP path AS_SEQUENCE attribute, 168
BGP path AS_SET attribute, 168
IP routing IS-IS basic configuration, 126, 147
IP routing IS-IS configuration, 119, 125, 147
IP routing IS-IS DIS election configuration, 151
IP routing policy AS_PATH list, 267
IP routing policy AS_PATH list configuration, 268
IPv4 BGP 4-byte AS number suppression, 204
IPv4 BGP AS number substitution, 200
IPv4 BGP basic configuration, 220
IPv4 BGP BFD configuration, 247
IPv4 BGP COMMUNITY configuration, 232
IPv4 BGP confederation configuration, 238
IPv4 BGP configuration, 220
IPv4 BGP fake AS number advertisement, 200
IPv4 BGP FRR, 250
IPv4 BGP GR configuration, 245
IPv4 BGP load balancing configuration, 230
IPv4 BGP local AS number appearance, 199, 199
IPv4 BGP MED AS route comparison (confederation peers), 197, 197
IPv4 BGP MED AS route comparison (diff ASs), 195, 195
IPv4 BGP MED AS route comparison (per-AS), 196, 196
IPv4 BGP MED default value, 195
IPv4 BGP path selection configuration, 242
IPv4 BGP private AS number removal, 201
IPv4 BGP route reflector configuration, 235
IPv4 BGP route summarization, 227
IPv4 BGP-IGP route redistribution, 224
OSPF areas, 58
OSPF AS External LSA, 57
AS_PATH
BGP attribute configuration, 199
IPv4 BGP optimal route selection, 200
IPv6 BGP optimal route selection, 200
ASBR
OSPF ASBR summary LSA, 57
OSPF redistributed route summarization, 71
OSPF router type, 60
OSPF summary network discard route, 71
attribute
BGP AS_PATH attribute, 199
BGP MED attribute configuration, 195
BGP path AS_PATH, 168
BGP path COMMUNITY, 168
BGP path LOCAL_PREF, 168
BGP path MED, 168
BGP path NEXT_HOP, 168
BGP path ORIGIN, 168
IPv4 BGP AS number substitution, 200
IPv4 BGP AS_PATH optimal route selection, 200
IPv4 BGP COMMUNITY configuration, 209, 232
IPv4 BGP fake AS number advertisement, 200
IPv4 BGP local AS number appearance, 199, 199
IPv4 BGP MED AS route comparison (confederation peers), 197
IPv4 BGP MED AS route comparison (diff ASs), 195
IPv4 BGP MED AS route comparison (per-AS), 196
IPv4 BGP MED default value, 195
IPv4 BGP NEXT_HOP, 198
IPv4 BGP private AS number removal, 201
IPv6 BGP AS_PATH optimal route selection, 200
authenticating
IP routing IS-IS area authentication, 142
IP routing IS-IS authentication, 159
IP routing IS-IS neighbor relationship authentication, 141
IP routing IS-IS network security enhancement, 141
IP routing IS-IS routing domain authentication, 142
IP routing RIPv2 message authentication configuration, 31
IPv4 BGP peer MD5 authentication, 204
OSPF configuration, 80
auto
IP routing IS-IS FRR automatic backup next hop calculation, 144
IPv4 BGP route automatic summarization, 187
automatic
IP routing IS-IS automatic cost calculation, 129
IP routing RIPv2 automatic route summarization enable, 26
B
backbone
OSPF backbone area, 59
OSPF router type, 60
backing up
IP routing route backup, 3
bandwidth
OSPF reference value, 73
BDR
OSPF, 62
IP routing IS-IS BFD configuration, 143, 162
IP routing RIP BFD configuration, 34
IP routing RIP BFD configuration (bidirectional control detection), 35
IP routing RIP BFD configuration (bidirectional detection/control packet mode), 51
IP routing RIP BFD configuration (single-hop echo detection/neighbor), 34
IP routing RIP BFD configuration (single-hop echo detection/specific destination), 34, 48
IP routing RIP BFD single-hop echo detection, 45
IPv4 BGP BFD configuration, 215, 247
IS-IS FRR BFD, 145
OSPF BFD, 88
OSPF BFD configuration, 113
OSPF detection configuration (bidirectional control), 88
OSPF detection configuration (single-hop echo), 89
OSPF FRR configuration, 90
OSPF PIC BFD, 85
static route BFD bidirectional control mode (direct next hop), 8
static route BFD bidirectional control mode (indirect next hop), 8
static route BFD configuration, 8
static route BFD single-hop echo mode, 9
AS_PATH attribute configuration, 199
basic configuration, 179
community, 174
confederation, 174
confederation compatibility, 212
confederation configuration, 211
configuration, 168, 178
configuration views, 176
default route advertisement to peer/peer group, 188, 188
dynamic peer configuration, 181
EBGP direct connections after link failure, 204
enabling, 179
first AS number of EBGP route updates, 201
FRR configuration, 216
GR configuration, 212
GR helper configuration, 212
GR restarter configuration, 212
GTSM configuration, 206
IPv4 EBGP peer protection (low memory exemption), 209
large scale network management, 174
large-scale network configuration, 209
load balancing, 172
MED attribute configuration, 195
message types, 168
network optimization, 202
NSR configuration, 213
optimal route advertisement, 188
path attributes, 168
path selection control, 193
peer, 168
peer configuration, 180
peer group, 174
peer group configuration, 181
protocols and standards, 177
route advertisement, 172
route dampening, 174
route distribution control, 187
route filtering policies, 189
route flapping logging, 215
route generation, 185
route reception control, 187
route recursion, 172
route reflection configuration, 210
route reflector, 174
route selection, 172, 172
route summarization, 174, 187
session state change logging, 214
SNMP notification enable, 214
soft reset configuration, 206
speaker, 168
TCP connection source address, 185
troubleshooting, 254
troubleshooting peer connection state, 254
tuning network, 202
update advertisement delay, 192
bidirectional
forwarding detection. Use BFD
IP routing RIP BFD configuration (bidirectional control detection), 35
IP routing RIP BFD configuration (bidirectional detection/control packet mode), 51
OSPF BFD detection configuration (bidirectional control), 88
static route BFD bidirectional control mode (direct next hop), 8
static route BFD bidirectional control mode (indirect next hop), 8
Border Gateway Protocol. Use BGP
broadcast
IP routing IS-IS network type, 122
OSPF interface network type, 69
OSPF network type, 62, 68
C
calculating
IP routing IS-IS SPF calculation interval, 137
OSPF FRR backup next hop calculation (LFA algorithm), 90
OSPF interface cost, 73
OSPF route calculation, 61
OSPF SPF calculation interval, 77
classless inter-domain routing. Use CIDR
CLV IS-IS PDU, 124
community
BGP, 174
BGP COMMUNITY path attribute, 168
IP routing policy community list configuration, 269
IP routing policy extended community list, 267
IP routing policy extended community list configuration, 269
IP routing policy list, 267
IPv4 BGP COMMUNITY configuration, 209, 232
IPv4 BGP ORIGINATOR_ID attribute, 211
IPv4 BGP route reflector configuration, 210
comparing
IPv4 BGP MED AS route comparison (confederation peers), 197
IPv4 BGP MED AS route comparison (diff ASs), 195
IPv4 BGP MED AS route comparison (per-AS), 196
confederating
BGP confederation, 174, 211
BGP confederation compatibility, 212
IPv4 BGP confederation configuration, 238
IPv4 BGP MED AS route comparison (confederation peers), 197
configuring
BGP, 168, 178
BGP AS_PATH attribute, 199
BGP basics, 179
BGP confederation, 211
BGP confederation compatibility, 212
BGP dynamic peer, 181
BGP GR, 212
BGP GR helper, 212
BGP GR restarter, 212
BGP GTSM, 206
BGP large-scale network, 209
BGP MED attribute, 195
BGP peer, 180
BGP peer group, 181
BGP route filtering policies, 189
BGP route redistribution, 187
BGP route reflection, 210
BGP soft reset, 206
BGP update advertisement delay, 192
egress interface PBR, 259, 263
IP routing, 1
IP routing BGP FRR, 216
IP routing BGP NSR, 213
IP routing FIB route max lifetime, 4
IP routing IS-IS, 119, 125, 147
IP routing IS-IS area authentication, 142
IP routing IS-IS authentication, 159
IP routing IS-IS basics, 126, 147
IP routing IS-IS BFD, 143, 162
IP routing IS-IS circuit level, 127
IP routing IS-IS DIS election, 151
IP routing IS-IS ECMP routes max number, 130
IP routing IS-IS FRR, 144, 165
IP routing IS-IS FRR automatic backup next hop calculation, 144
IP routing IS-IS FRR using routing policy, 145
IP routing IS-IS global cost, 129
IP routing IS-IS GR, 142, 161
IP routing IS-IS interface cost, 129
IP routing IS-IS interface DIS priority, 134
IP routing IS-IS interface P2P network type, 127
IP routing IS-IS IS level, 127
IP routing IS-IS link cost, 128
IP routing IS-IS LSP parameters, 135
IP routing IS-IS LSP timer, 135
IP routing IS-IS LSP-calculated route filtering, 131
IP routing IS-IS neighbor relationship authentication, 141
IP routing IS-IS network management, 140
IP routing IS-IS redistributed route filtering, 132
IP routing IS-IS route control, 128
IP routing IS-IS route convergence priority, 138
IP routing IS-IS route filtering, 131
IP routing IS-IS route leaking, 132
IP routing IS-IS route redistribution, 131, 155
IP routing IS-IS route summarization, 130
IP routing IS-IS routing domain authentication, 142
IP routing IS-IS system ID-host name mapping, 138
IP routing IS-IS system ID-host name mapping (dynamic), 139
IP routing IS-IS system ID-host name mapping (static), 139
IP routing policy, 267, 269
IP routing policy apply clause, 271
IP routing policy AS_PATH list, 268
IP routing policy community list, 269
IP routing policy continue clause, 272
IP routing policy extended community list, 269
IP routing policy filter, 268
IP routing policy if-match clause, 270
IP routing policy IP prefix list, 268
IP routing RIB label max lifetime, 4
IP routing RIB route max lifetime, 4
IP routing RIP, 21, 22, 37
IP routing RIP additional routing metric, 25
IP routing RIP basics, 23, 37
IP routing RIP BFD, 34
IP routing RIP BFD (bidirectional control detection), 35
IP routing RIP BFD (bidirectional detection/control packet mode), 51
IP routing RIP BFD (single-hop echo detection/neighbor), 34
IP routing RIP BFD (single-hop echo detection/specific destination), 34, 48
IP routing RIP BFD single-hop echo detection, 45
IP routing RIP FRR, 35, 54
IP routing RIP GR, 33
IP routing RIP interface additional metric, 41
IP routing RIP max number ECMP routes, 30
IP routing RIP network management, 32
IP routing RIP packet send rate, 32
IP routing RIP poison reverse, 29
IP routing RIP preference, 28
IP routing RIP received/redistributed route filtering, 27
IP routing RIP route control, 25
IP routing RIP route redistribution, 28, 39
IP routing RIP split horizon, 29
IP routing RIP summary route advertisement, 43
IP routing RIP timers, 29
IP routing RIP version, 24
IP routing RIPv2 message authentication, 31
IP routing RIPv2 route summarization, 26
IPv4 BGP, 220
IPv4 BGP AS number substitution, 200
IPv4 BGP basics, 220
IPv4 BGP BFD, 215, 247
IPv4 BGP COMMUNITY, 209, 232
IPv4 BGP confederation, 238
IPv4 BGP default local preference, 194
IPv4 BGP FRR, 250
IPv4 BGP GR, 245
IPv4 BGP holdtime, 202
IPv4 BGP keepalive interval, 202
IPv4 BGP load balancing, 205, 230
IPv4 BGP manual soft reset, 208
IPv4 BGP MED default value, 195
IPv4 BGP NEXT_HOP attribute, 198
IPv4 BGP path selection, 242
IPv4 BGP route automatic summarization, 187
IPv4 BGP route dampening, 193
IPv4 BGP route distribution filtering policies, 190
IPv4 BGP route manual summarization, 187
IPv4 BGP route preference, 194
IPv4 BGP route reception filtering policies, 191
IPv4 BGP route reflector, 210, 235
IPv4 BGP route summarization, 227
IPv4 BGP route update interval, 202
IPv4 BGP-IGP route redistribution, 224
IPv4 EBGP peer group, 182
IPv4 IBGP peer group, 181
IS-IS FRR BFD, 145
OSPF, 57, 63, 92
OSPF area, 66
OSPF area (NSSA), 67, 102
OSPF area (stub), 66, 100
OSPF authentication (area), 80
OSPF authentication (interface), 80
OSPF basics, 92
OSPF BFD, 88, 113
OSPF BFD detection (bidirectional control), 88
OSPF BFD detection (single-hop echo), 89
OSPF DD packet interface MTU, 80
OSPF DR election, 104
OSPF FRR, 89, 115
OSPF FRR backup next hop (routing policy), 90
OSPF FRR backup next hop calculation (LFA algorithm), 90
OSPF FRR BFD, 90
OSPF GR, 86, 110
OSPF GR helper (IETF), 87
OSPF GR helper (non-IETF), 87
OSPF GR restarter (IETF), 86
OSPF GR restarter (non-IETF), 87
OSPF host route advertisement, 75
OSPF interface cost, 73
OSPF interface network type (broadcast), 69
OSPF interface network type (NBMA), 69
OSPF interface network type (P2MP), 70
OSPF interface network type (P2P), 70
OSPF LSU transmit rate, 83
OSPF network management, 82
OSPF network type, 68
OSPF packet DSCP value, 81
OSPF PIC, 85
OSPF PIC BFD, 85
OSPF preference, 74
OSPF prefix priority, 85
OSPF prefix suppression (interface), 84
OSPF prefix suppression (OSPF process), 84
OSPF received route filtering, 72
OSPF redistributed route default parameters, 75
OSPF redistributed route summarization (ASBR), 71
OSPF route control, 70
OSPF route redistribution, 95
OSPF route redistribution (another routing protocol), 74
OSPF route redistribution (default route), 75
OSPF route summarization, 97
OSPF route summarization (ABR), 71
OSPF stub router, 79
OSPF summary network discard route, 71
OSPF Type-3 LSA filtering, 72
OSPF virtual link, 68, 108
PBR, 255, 256, 258, 260
PBR interface (packet type-based), 261
PBR interface, 258
PBR local, 258
PBR local (packet type-based), 260
PBR node action, 257
PBR node match criteria, 257
PBR policy, 256
static route, 7
static route BFD, 8
static route BFD bidirectional control mode (direct next hop), 8
static route BFD bidirectional control mode (indirect next hop), 8
static route BFD single-hop echo mode, 9
static route FRR, 10
static routing, 7, 11
static routing basics, 11
static routing BFD (direct next hop), 13
static routing BFD (indirect next hop), 16
static routing default route, 20
static routing FRR, 10, 18
static routing FRR BFD echo packet mode, 11
VXLAN mode for PBR, 259
connecting
BGP TCP connection source address, 185
EBGP direct connections after link failure, 204
continue clause (IP routing policy), 267
continue clause (routing policy), 272
controlling
BGP path selection, 193
BGP route distribution, 187
BGP route reception, 187
IP routing IS-IS route control, 128
IP routing IS-IS SPF calculation interval, 137
IP routing RIP additional routing metric configuration, 25
IP routing RIP BFD configuration (bidirectional detection/control packet mode), 51
IP routing RIP interface advertisement, 24
IP routing RIP interface reception, 24, 24
IP routing RIP route control configuration, 25
OSPF route control, 70
convergence priority (IS-IS), 138
cost
OSPF interface cost, 73
creating
IP routing policy, 269
PBR node, 256
D
dampening
BGP route dampening, 174
IPv4 BGP route dampening, 193
database
OSPF DD packet, 57
dead packet timer (OSPF), 76
default
BGP default route advertisement to peer/peer group, 188
IP routing IS-IS default route advertisement, 130
IP routing RIP default route advertisement, 27
IPv4 BGP default local preference, 194
IPv4 BGP MED default value, 195
OSPF redistributed route default parameters, 75
static route configuration. See under static routing
detecting
IP routing RIP BFD configuration (bidirectional control detection), 35
IP routing RIP BFD configuration (bidirectional detection/control packet mode), 51
IP routing RIP BFD configuration (single-hop echo detection/neighbor), 34
IP routing RIP BFD configuration (single-hop echo detection/specific destination), 34, 48
IP routing RIP BFD single-hop echo detection, 34, 45
IPv4 BGP BFD configuration, 215
OSPF BFD, 88
OSPF BFD detection configuration (bidirectional control), 88
OSPF BFD detection configuration (single-hop echo), 89
OSPF FRR BFD, 90
device
IP routing RIP BFD configuration (bidirectional detection/control packet mode), 51
IP routing RIP BFD configuration (single-hop echo detection/specific destination), 48
OSPF ABR router type, 60
OSPF area configuration (NSSA), 102
OSPF area configuration (stub), 100
OSPF ASBR router type, 60
OSPF backbone router type, 60
OSPF basic configuration, 92
OSPF BFD configuration, 113
OSPF configuration, 92
OSPF DR election configuration, 104
OSPF FRR configuration, 115
OSPF GR configuration, 110
OSPF internal router type, 60
OSPF route redistribution configuration, 95
OSPF route summarization configuration, 97
OSPF stub router, 79
OSPF virtual link configuration, 108
DIS
IP routing IS-IS DIS election, 122
IP routing IS-IS DIS election configuration, 151
IP routing IS-IS interface DIS priority, 134
disabling
IP routing IS-IS interface packet send/receive, 134
IP routing RIP host route reception, 26
IPv4 BGP AS_PATH optimal route selection, 200
IPv4 BGP session establishment disable, 205
IPv6 BGP AS_PATH optimal route selection, 200
OSPF interface packet send/receive disable, 79
discard route (OSPF), 71
displaying
IP routing IS-IS, 145
IP routing policy, 273
IP routing RIP, 36
IP routing table, 5
IPv4 BGP, 218
OSPF, 91
PBR, 259
static routes, 11
distributing
BGP route distribution control, 187
IP routing extension attribute redistribution, 4
IP routing route redistribution, 3
IPv4 BGP-IGP route redistribution, 224
domain
IP routing IS-IS routing domain, 121
IP routing IS-IS routing domain authentication, 142
DR
OSPF, 62
OSPF DR election configuration, 104
DSCP
OSPF packet DSCP value, 81
DSP (IS-IS area address), 120
dynamic
BGP dynamic peer, 181
IP routing dynamic routing protocols, 2
IP routing IS-IS system ID-host name mapping (dynamic), 139
E
BGP first AS number of route updates, 201
direct connections after link failure, 204
IPv4 BGP multiple hop EBGP session establishment, 203
IPv4 BGP private AS number removal from EBGP peer/peer group update, 201
peer, 168
echo
IP routing RIP BFD configuration (bidirectional detection/control packet mode), 51
IP routing RIP BFD configuration (single-hop echo detection/specific destination), 48
IP routing RIP BFD single-hop echo detection, 34, 45
static route BFD single-hop echo mode, 9
ECMP, 205, See also load balancing
IP routing ECMP enhanced mode, 5
IP routing RIP max number ECMP routes, 30
IPv4 BGP load balancing, 205
ISIS max number ECMP routes, 130
OSPF ECMP routes max, 73
electing
OSPF DR election configuration, 104
enabling
BGP, 179
BGP route flapping logging, 215
BGP session state change logging, 214
BGP SNMP notification, 214
EBGP direct connections after link failure, 204
IP routing ECMP enhanced mode, 5
IP routing IS-IS, 126
IP routing IS-IS automatic cost calculation, 129
IP routing IS-IS interface hello packet send, 134
IP routing IS-IS ISPF, 140
IP routing IS-IS LSP flash flooding, 137
IP routing IS-IS LSP fragment extension, 137
IP routing IS-IS neighbor state change logging, 140
IP routing RIP, 23
IP routing RIP poison reverse, 30
IP routing RIP split horizon, 29
IP routing RIP update source IP address check, 31
IP routing RIPv1 incoming message zero field check, 30
IP routing RIPv2 automatic route summarization, 26
IPv4 BGP 4-byte AS number suppression, 204
IPv4 BGP MED AS route comparison (confederation peers), 197
IPv4 BGP MED AS route comparison (diff ASs), 195
IPv4 BGP MED AS route comparison (per-AS), 196
IPv4 BGP multiple hop EBGP session establishment, 203
IPv4 BGP peer MD5 authentication, 204
IPv4 BGP route refresh, 207
OSPF (on interface), 66
OSPF (on network), 65
OSPF ISPF, 83
OSPF neighbor state change logging, 82
OSPF PIC, 85
OSPF RFC 1583 compatibility, 82
enhancing
IP routing IS-IS network security, 141
establishing
IPv4 BGP multiple hop EBGP session establishment, 203
IPv4 BGP session establishment disable, 205
exit overflow interval (OSPF), 81
extending
IP routing IS-IS LSP fragment extension, 137
Exterior Gateway Protocol. Use EGP
external
OSPF LSDB external LSAs max, 81
external BGP. Use EBGP
F
fast reroute. Use FRR
FIB
IP routing table, 1
filtering
BGP configuration, 168, 178
BGP route filtering policies, 189
IP routing IS-IS LSP-calculated routes, 131
IP routing IS-IS redistributed routes, 132
IP routing IS-IS routes, 131
IP routing policy ACLs, 267
IP routing policy application to route redistribution, 273
IP routing policy apply clause configuration, 271
IP routing policy AS_PATH list, 267
IP routing policy AS_PATH list configuration, 268
IP routing policy community list, 267
IP routing policy community list configuration, 269
IP routing policy configuration, 267, 269
IP routing policy continue clause configuration, 272
IP routing policy creation, 269
IP routing policy extended community list, 267
IP routing policy extended community list configuration, 269
IP routing policy filter configuration, 268
IP routing policy filters, 267
IP routing policy if-match clause configuration, 270
IP routing policy IP prefix list configuration, 268
IP routing policy prefix list, 267
IP routing RIP received/redistributed route filtering, 27
IPv4 BGP basic configuration, 220
IPv4 BGP BFD configuration, 247
IPv4 BGP COMMUNITY configuration, 232
IPv4 BGP confederation configuration, 238
IPv4 BGP configuration, 220
IPv4 BGP FRR, 250
IPv4 BGP GR configuration, 245
IPv4 BGP load balancing configuration, 230
IPv4 BGP path selection configuration, 242
IPv4 BGP route distribution filtering policies, 190
IPv4 BGP route reception filtering policies, 191
IPv4 BGP route reflector configuration, 235
IPv4 BGP route summarization, 227
IPv4 BGP-IGP route redistribution, 224
OSPF received route filtering, 72
OSPF Type-3 LSA filtering, 72
flooding
IP routing IS-IS LSP flash flooding, 137
format
IP routing IS-IS address format, 119
IP routing IS-IS NSAP address format, 119
forwarding
egress interface PBR configuration, 263
enabling VXLAN mode for PBR, 259
OSPF GR, 86
OSPF GR helper, 87
PBR configuration, 255, 256, 258, 260
PBR configuration egress interface, 259
PBR configuration interface, 258
PBR configuration local, 258
PBR interface configuration (packet type-based), 261
PBR local configuration (packet type-based), 260
PBR policy configuration, 256
fragment
IP routing IS-IS LSP fragment extension, 137
IP routing BGP FRR configuration, 216
IP routing IS-IS configuration, 144
IP routing IS-IS FRR automatic backup next hop calculation, 144
IP routing IS-IS FRR configuration, 165
IP routing IS-IS FRR configuration using routing policy, 145
IP routing RIP configuration, 35, 54
IPv4 BGP FRR configuration, 250
IS-IS FRR BFD, 145
OSPF backup next hop (routing policy), 90
OSPF backup next hop calculation (LFA algorithm), 90
OSPF FRR BFD, 90
OSPF FRR configuration, 89, 115
static route FRR configuration, 10
static routing FRR configuration, 18
G
garbage-collect timer (RIP), 29
Generalized TTL Security Mechanism. See GTSM
generating
BGP route, 185
GR helper
IP routing IS-IS GR configuration, 142
IP routing RIP GR helper configuration, 33
GR restarter
IP routing IS-IS GR configuration, 142
IP routing RIP GR restarter configuration, 33
Graceful Restart (GR)
BGP configuration, 212
IP routing IS-IS configuration, 142
IP routing IS-IS GR configuration, 161
IP routing IS-IS GR helper configuration, 142
IP routing IS-IS GR restarter configuration, 142
IP routing RIP configuration, 33
IPv4 BGP GR configuration, 245
OSPF GR configuration, 86, 110
OSPF GR helper configuration, 87
OSPF trigger, 88
group
BGP peer group configuration, 181
BGP configuration, 206
H
hello
IP routing IS-IS hello multiplier, 133
IP routing IS-IS hello packet send interval, 133
IP routing IS-IS interface hello packet send, 134
IP routing IS-IS PDU type, 124
OSPF hello packet, 57
OSPF hello packet timer, 76
HO-DSP (IS-IS area address), 120
holdtime
IPv4 BGP, 202
hop
IP routing RIP BFD configuration (bidirectional control detection), 35
IP routing RIP BFD configuration (single-hop echo detection/neighbor), 34
IP routing RIP BFD configuration (single-hop echo detection/specific destination), 34
OSPF BFD detection configuration (single-hop echo), 89
host
IP routing RIP host route reception disable, 26
OSPF host route advertisement, 75
I
BGP confederation, 211
IPv4 BGP ORIGINATOR_ID attribute, 211
IPv4 BGP route reflector configuration, 210
peer, 168
ICMP
OSPF area configuration (NSSA), 102
OSPF area configuration (stub), 100
OSPF basic configuration, 92
OSPF BFD configuration, 113
OSPF configuration, 57, 63, 92
OSPF DR election configuration, 104
OSPF FRR configuration, 115
OSPF GR configuration, 110
OSPF route redistribution configuration, 95
OSPF route summarization configuration, 97
OSPF virtual link configuration, 108
IDP (IS-IS area address), 120
IETF
OSPF GR, 86
OSPF GR helper, 87
ignoring
BGP first AS number of EBGP route updates, 201
IPv4 BGP ORIGINATOR_ID attribute, 211
IGP
BGP ORIGIN path attribute, 168, 168
IP routing IS-IS basic configuration, 126, 147
IP routing IS-IS configuration, 119, 125, 147
IP routing IS-IS DIS election configuration, 151
IP routing RIP BFD configuration (bidirectional control detection), 35
IP routing RIP BFD configuration (single-hop echo detection/neighbor), 34
IP routing RIP BFD configuration (single-hop echo detection/specific destination), 34
IP routing RIP configuration, 21, 22, 37
IP routing RIP neighbor specification, 31
IPv4 BGP-IGP route redistribution, 224
INCOMPLETE
BGP ORIGIN path attribute, 168
Incremental Shortest Path First. Use ISPF
injecting
IPv4 BGP local network, 185
inter-area
OSPF route type, 61
interface
egress interface PBR configuration, 259, 263
enabling VXLAN mode for PBR, 259
PBR interface configuration, 258
PBR interface configuration (packet type-based), 261
Intermediate System-to-Intermediate System. Use IS-IS
internal
BGP. Use IBGP
OSPF router type, 60
INTERNET
BGP COMMUNITY path attribute, 168
interval
BGP soft reset, 206
IP routing IS-IS CSNP packet send interval, 133
IP routing IS-IS hello multiplier, 133
IP routing IS-IS hello packet send interval, 133
IP routing IS-IS SPF calculation interval, 137
IPv4 BGP keepalive interval, 202
IPv4 BGP route update interval, 202
OSPF exit overflow interval, 81
OSPF LSA arrival interval, 78
OSPF LSA generation interval, 78
OSPF LSU transmit rate, 83
OSPF SPF calculation interval, 77
intra-area
OSPF route type, 61
IP addressing
IP routing RIP configuration, 21
IP routing RIP update source IP address check, 31
RIP configuration, 22, 37
IP protocol identifier (IS-IS N-SEL), 120
IP routing
BGP AS_PATH attribute configuring, 199
BGP community, 174
BGP confederation, 174
BGP confederation compatibility, 212
BGP confederation configuration, 211
BGP configuration, 168, 178
BGP default route advertisement to peer/peer group, 188
BGP dynamic peer, 181
BGP first AS number of EBGP route updates, 201
BGP FRR, 216
BGP GR configuration, 212
BGP GR helper configuration, 212
BGP GR restarter configuration, 212
BGP GTSM configuration, 206
BGP large scale network management, 174
BGP large-scale network configuration, 209
BGP load balancing, 172
BGP MED attribute, 195
BGP network optimization, 202
BGP NSR, 213
BGP optimal route advertisement, 188
BGP path selection, 193
BGP peer configuration, 180
BGP peer group, 174
BGP peer group configuration, 181
BGP route dampening, 174
BGP route distribution, 187
BGP route filtering policies, 189
BGP route flapping logging, 215
BGP route generation, 185
BGP route reception, 187
BGP route recursion, 172
BGP route reflection configuration, 210
BGP route selection, 172, 172
BGP route summarization, 174, 187
BGP session state change logging, 214
BGP SNMP notification enable, 214
BGP soft reset configuration, 206
BGP TCP connection source address, 185
BGP update advertisement delay, 192
configuration, 1
displaying policy, 273
displaying routing table, 5
displaying static routes, 11
dynamic routing protocols, 2
ECMP enhanced mode enable, 5
egress interface PBR configuration, 259
enabling VXLAN mode for PBR, 259
extension attribute redistribution, 4
FIB route max lifetime, 4
IPv4. See IPv4
IS-IS authentication, 159
IS-IS automatic cost calculation enable, 129
IS-IS basic configuration, 126, 147
IS-IS BFD configuration, 143, 162
IS-IS configuration, 119, 125, 147
IS-IS CSNP packet send interval, 133
IS-IS default route advertisement, 130
IS-IS DIS election configuration, 151
IS-IS ECMP routes max number, 130
IS-IS FRR automatic backup next hop calculation, 144
IS-IS FRR configuration, 144, 165
IS-IS FRR configuration using routing policy, 145
IS-IS global cost configuration, 129
IS-IS GR configuration, 142, 161
IS-IS hello multiplier, 133
IS-IS hello packet send interval, 133
IS-IS interface cost configuration, 129
IS-IS interface DIS priority, 134
IS-IS interface hello packet send, 134
IS-IS interface packet send/receive, 134
IS-IS ISPF enable, 140
IS-IS link cost configuration, 128
IS-IS LSDB overload bit, 138
IS-IS LSP flash flooding, 137
IS-IS LSP fragment extension, 137
IS-IS LSP length specification, 136
IS-IS LSP parameters, 135
IS-IS LSP timer, 135
IS-IS LSP-calculated route filtering, 131
IS-IS network management, 140
IS-IS network optimization, 132
IS-IS network tuning, 132
IS-IS PDU CLVs, 124
IS-IS PDU hello type, 124
IS-IS PDU LSP type, 124
IS-IS PDU SNP type, 124
IS-IS PDU types, 123
IS-IS preference specification, 129
IS-IS redistributed route filtering, 132
IS-IS route control configuration, 128
IS-IS route convergence priority, 138
IS-IS route filtering, 131
IS-IS route leaking, 122
IS-IS route leaking configuration, 132
IS-IS route redistribution, 131, 155
IS-IS route summarization, 130
IS-IS routing domain, 121
IS-IS routing domain authentication, 142
IS-IS SPF calculation interval, 137
IS-IS system ID-host name mapping, 138
IS-IS system ID-host name mapping (dynamic), 139
IS-IS system ID-host name mapping (static), 139
load sharing, 3
maintaining policy, 273
maintaining routing table, 5
OSPF area, 66
OSPF area configuration (NSSA), 67, 102
OSPF area configuration (stub), 66, 100
OSPF authentication, 80
OSPF basic configuration, 92
OSPF BDR, 62
OSPF BFD, 88, 88
OSPF BFD configuration, 113
OSPF BFD detection configuration (bidirectional control), 88
OSPF BFD detection configuration (single-hop echo), 89
OSPF configuration, 57, 63, 92
OSPF DD packet interface MTU, 80
OSPF display, 91
OSPF DR, 62
OSPF DR election configuration, 104
OSPF ECMP routes max, 73
OSPF exit overflow interval, 81
OSPF FRR, 89
OSPF FRR BFD, 90
OSPF FRR configuration, 115
OSPF GR, 86
OSPF GR configuration, 110
OSPF GR helper, 87
OSPF host route advertisement, 75
OSPF interface cost, 73
OSPF interface network type (broadcast), 69
OSPF interface network type (NBMA), 69
OSPF interface network type (P2MP), 70
OSPF interface network type (P2P), 70
OSPF interface packet send/receive disable, 79
OSPF ISPF, 83
OSPF log count, 86
OSPF LSA arrival interval, 78
OSPF LSA generation interval, 78
OSPF LSA transmission delay, 77
OSPF LSDB external LSAs max, 81
OSPF LSU transmit rate, 83
OSPF maintain, 91
OSPF neighbor state change, 82
OSPF network management, 82
OSPF network optimization, 76
OSPF network tuning, 76
OSPF network type, 68
OSPF packet DSCP value, 81
OSPF PIC configuration, 85
OSPF preference, 74
OSPF prefix priority, 85
OSPF prefix suppression, 84
OSPF protocols and standards, 63
OSPF received route filtering, 72
OSPF RFC 1583 compatibility, 82
OSPF route control, 70
OSPF route redistribution, 74
OSPF route redistribution configuration, 95
OSPF route summarization, 71
OSPF route summarization configuration, 97
OSPF SPF calculation interval, 77
OSPF stub router, 79
OSPF summary network discard route, 71
OSPF timer set, 76
OSPF Type-3 LSA filtering, 72
OSPF virtual link, 68
OSPF virtual link configuration, 108
PBR interface configuration, 258
PBR local configuration, 258
policy application to route redistribution, 273
policy apply clause configuration, 271
policy AS_PATH list configuration, 268
policy community list configuration, 269
policy configuration, 267, 269
policy continue clause configuration, 272
policy creation, 269
policy extended community list configuration, 269
policy filter configuration, 268
policy filtering, 267
policy filters, 267
policy if-match clause configuration, 270
policy IP prefix list configuration, 268
policy-based routing. Use PBR
RIB label max lifetime, 4
RIB route max lifetime, 4
RIP additional routing metric configuration, 25
RIP basic configuration, 23, 37
RIP BFD configuration, 34
RIP BFD configuration (bidirectional control detection), 35
RIP BFD configuration (bidirectional detection/control packet mode), 51
RIP BFD configuration (single-hop echo detection/neighbor), 34
RIP BFD configuration (single-hop echo detection/specific destination), 34, 48
RIP BFD single-hop echo detection, 45
RIP configuration, 21, 22, 37
RIP default route advertisement, 27
RIP FRR configuration, 35, 54
RIP GR configuration, 33
RIP host route reception disable, 26
RIP interface additional metric configuration, 41
RIP interface advertisement control, 24
RIP interface reception control, 24
RIP max number ECMP routes, 30
RIP neighbor specification, 31
RIP network management configuration, 32
RIP network optimization, 29
RIP network tuning, 29
RIP operation, 21
RIP packet max length, 33
RIP packet send rate configuration, 32
RIP poison reverse configuration, 29
RIP preference configuration, 28
RIP received/redistributed route filtering, 27
RIP route control configuration, 25
RIP route entries, 21
RIP route redistribution configuration, 28, 39
RIP routing loop prevention, 21
RIP split horizon configuration, 29
RIP summary route advertisement configuration, 43
RIP timer configuration, 29
RIP update source IP address check, 31
RIP version configuration, 24
RIP versions, 22
RIPv1 message zero field check, 30
RIPv2 message authentication configuration, 31
RIPv2 route summarization configuration, 26
route backup, 3
route preference, 2
route recursion, 3
route redistribution, 3
routing table, 1
static route BFD bidirectional control mode (direct next hop), 8
static route BFD bidirectional control mode (indirect next hop), 8
static route BFD configuration, 8
static route BFD single-hop echo mode, 9
static route configuration, 7
static route FRR configuration, 10
static routing basic configuration, 11
static routing BFD configuration (direct next hop), 13
static routing BFD configuration (indirect next hop), 16
static routing configuration, 7, 11
static routing default route configuration, 20
static routing FRR configuration, 18
troubleshooting OSPF configuration, 118
troubleshooting OSPF incorrect routing information, 118
troubleshooting OSPF no neighbor relationship established, 118
IP routing IS-IS basic configuration, 126, 147
IP routing IS-IS configuration, 119, 125, 147
IP routing IS-IS DIS election configuration, 151
OSPF area configuration (NSSA), 102
OSPF area configuration (stub), 100
OSPF basic configuration, 92
OSPF BFD configuration, 113
OSPF configuration, 57, 63, 92
OSPF DR election configuration, 104
OSPF FRR configuration, 115
OSPF GR configuration, 110
OSPF route redistribution configuration, 95
OSPF route summarization configuration, 97
OSPF virtual link configuration, 108
IPv4 BGP
4-byte AS number suppression, 204
AS number substitution, 200
AS_PATH optimal route selection, 200
basic configuration, 220
BFD configuration, 215, 247
BGP-IGP route redistribution, 224
COMMUNITY configuration, 209, 232
confederation configuration, 238
configuration, 220
default local preference, 194
displaying, 218
fake AS number advertisement, 200
FRR configuration, 250
GR configuration, 245
holdtime, 202
IGP route redistribution, 186
keepalive interval, 202
load balancing, 205
load balancing configuration, 230
local AS number appearance, 199, 199
local network injection, 185
maintaining, 218
manual soft reset configuration, 208
MED AS route comparison (confederation peers), 197
MED AS route comparison (diff ASs), 195
MED AS route comparison (per-AS), 196
MED default value, 195
multiple hop EBGP session establishment, 203
NEXT_HOP attribute, 198
ORIGINATOR_ID attribute, 211
path selection configuration, 242
peer MD5 authentication, 204
private AS number removal, 201
received route preferred value, 193
route automatic summarization, 187
route dampening, 193
route distribution filtering policies, 190
route manual summarization, 187
route preference configuration, 194
route reception filtering policies, 191
route reflector configuration, 210, 235
route refresh, 207
route summarization, 227
route update interval, 202
route update save, 207
routes received from peer/peer group, 189
session establishment disable, 205
IPv4 EBGP
peer group configuration, 182
peer protection (low memory exemption), 209
IPv4 IBGP
peer group configuration, 181
IPv6 BGP
AS_PATH optimal route selection, 200
address format, 119
area, 121
area address, 120
area authentication, 142
authentication, 159
basic configuration, 126, 147
BFD configuration, 143, 162
broadcast network type, 122
circuit level configuration, 127
configuration, 119, 125, 147
CSNP packet send interval, 133
default route advertisement, 130
DIS election, 122
DIS election configuration, 151
displaying, 145
ECMP routes max number, 130
enabling, 126
enabling automatic cost calculation, 129
FRR automatic backup next hop calculation, 144
FRR BFD configuration, 145
FRR configuration, 144, 165
FRR configuration using routing policy, 145
global cost configuration, 129
GR configuration, 142, 161
hello multiplier, 133
hello packet send interval, 133
interface cost configuration, 129
interface DIS priority, 134
interface hello packet send enable, 134
interface P2P network type configuration, 127
interface packet send/receive disable, 134
IS level configuration, 127
ISPF enable, 140
Level-1 router, 121
Level-1-2 router, 121
Level-2 router, 121
link cost configuration, 128
LSDB overload bit, 138
LSP flash flooding, 137
LSP fragment extension, 137
LSP length specification, 136
LSP parameter configuration, 135
LSP timer configuration, 135
LSP-calculated route filtering, 131
maintaining, 145
neighbor relationship authentication, 141
neighbor state change logging, 140
NET, 120
network management, 140
network optimization, 132
network security enhancement, 141
network tuning, 132
NSAP address format, 119
N-SEL, 120
PDU CLVs, 124
PDU hello type, 124
PDU LSP type, 124
PDU SNP type, 124
PDU types, 123
point-to-point network type, 122
preference specification, 129
protocols and standards, 125
pseudonode, 122
redistributed route filtering, 132
route control configuration, 128
route convergence priority, 138
route filtering, 131
route leaking, 122
route leaking configuration, 132
route redistribution, 131, 155
route summarization, 130
routing domain authentication, 142
routing method, 120
SPF calculation interval, 137
system ID, 120
system ID-host name mapping configuration, 138
system ID-host name mapping dynamic configuration, 139
system ID-host name mapping static configuration, 139
terminology, 119
OSPF ISPF, 83
K
keepalive
IPv4 BGP keepalive interval, 202
IPv4 BGP route update interval, 202
L
label
IP routing RIB label max lifetime, 4
leaking
IP routing IS-IS routes, 132
level
IPv4 EBGP peer protection (level 2 threshold exemption), 209
limiting
IPv4 BGP routes received from peer/peer group, 189
link
EBGP direct connection after link failure, 204
IPv4 BGP BFD configuration, 215
OSPF BFD, 88
OSPF configuration, 57, 63
OSPF FRR, 89
OSPF virtual link, 59, 68
OSPF virtual link configuration, 108
link cost
IP routing IS-IS automatic cost calculation enable, 129
IP routing IS-IS configuration, 128
IP routing IS-IS global cost configuration, 129
IP routing IS-IS interface cost configuration, 129
list
IP routing policy AS_PATH list, 267
IP routing policy AS_PATH list configuration, 268
IP routing policy community list, 267
IP routing policy community list configuration, 269
IP routing policy extended community list, 267
IP routing policy extended community list configuration, 269
IP routing policy IP prefix list configuration, 268
IP routing policy prefix list, 267
load balancing, 172, See also ECMP
BGP, 172
IP routing ECMP enhanced mode, 5
IPv4 BGP, 205
IPv4 BGP load balancing configuration, 230
OSPF ECMP routes max, 73
load sharing
IP routing IS-IS ECMP routes max number, 130
IP routing load sharing, 3
IP routing RIP max number ECMP routes, 30
local
BGP LOCAL_PREF path attribute, 168
IPv4 BGP default local preference, 194
PBR local configuration, 258
PBR local configuration (packet type-based), 260
logging
BGP route flapping logging, 215
BGP session state change logging, 214
IP routing IS-IS neighbor state change, 140
OSPF log count, 86
OSPF neighbor state change, 82
loop
IP routing BGP FRR, 216
IP routing RIP routing loop prevention, 21
LSA
OSPF AS External LSA, 57
OSPF ASBR summary LSA, 57
OSPF exit overflow interval, 81
OSPF LSA arrival interval, 78
OSPF LSA generation interval, 78
OSPF LSA retransmission packet timer, 76
OSPF LSA transmission delay, 77
OSPF LSDB external LSAs max, 81
OSPF network LSA, 57
OSPF network summary LSA, 57
OSPF NSSA LSA, 57
OSPF opaque LSA, 57
OSPF router LSA, 57
OSPF Type-3 LSA filtering, 72
LSAck
OSPF LSAck packet, 57
LSDB
IP routing IS-IS LSDB overload bit, 138
OSPF LSDB external LSAs max, 81
LSP
IP routing IS-IS LSP flash flooding, 137
IP routing IS-IS LSP fragment extension, 137
IP routing IS-IS LSP length specification, 136
IP routing IS-IS LSP parameters, 135
IP routing IS-IS LSP timers, 135
IP routing IS-IS PDU type, 124
IP routing IS-IS route summarization, 130
LSR
OSPF LSR packet, 57
LSU
OSPF LSU packet, 57
OSPF LSU transmit rate, 83
M
maintaining
IP routing IS-IS, 145
IP routing policy, 273
IP routing RIP, 36
IP routing table, 5
IPv4 BGP, 218
OSPF, 91
PBR, 259
managing
BGP large scale network management, 174
manual
IPv4 BGP route manual summarization, 187
mapping
IP routing IS-IS system ID-host name mapping, 138
IP routing IS-IS system ID-host name mapping (dynamic), 139
IP routing IS-IS system ID-host name mapping (static), 139
matching
IP routing policy if-match clause, 267
IP routing policy if-match clause configuration, 270
PBR deny match mode, 255
PBR if-match clause, 255
PBR node match criteria, 257
PBR permit match mode, 255
MD5
IPv4 BGP peer MD5 authentication, 204
MED
BGP MED attribute configuration, 195
BGP path attribute, 168
IPv4 BGP MED AS route comparison (confederation peers), 197
IPv4 BGP MED AS route comparison (diff ASs), 195
IPv4 BGP MED AS route comparison (per-AS), 196
IPv4 BGP MED default value, 195
memory
IPv4 EBGP peer protection (low memory exemption), 209
message
BGP notification, 168
BGP open, 168
BGP route-refresh, 168
BGP update, 168
IP routing RIPv1 message zero field check enable, 30
IP routing RIPv2 message authentication configuration, 31
metric
IP routing RIP additional routing metric configuration, 25
IP routing RIP interface additional metric configuration, 41
MIB
OSPF network management, 82
mode
IP routing ECMP enhanced, 5
IP routing policy deny match, 267
IP routing policy permit match, 267
PBR deny match mode, 255
PBR permit match mode, 255
static route BFD bidirectional control mode (direct next hop), 8
static route BFD bidirectional control mode (indirect next hop), 8
static route BFD single-hop echo mode, 9
BGP configuration, 168, 178
IPv4 BGP basic configuration, 220
IPv4 BGP BFD configuration, 247
IPv4 BGP COMMUNITY configuration, 232
IPv4 BGP confederation configuration, 238
IPv4 BGP configuration, 220
IPv4 BGP FRR, 250
IPv4 BGP GR configuration, 245
IPv4 BGP load balancing configuration, 230
IPv4 BGP path selection configuration, 242
IPv4 BGP route reflector configuration, 235
IPv4 BGP route summarization, 227
IPv4 BGP-IGP route redistribution, 224
protocols and standards, 177
MTU
OSPF DD packet interface MTU, 80
multicast
BGP dynamic peer, 181
OSPF network type, 62
Multiprotocol Extensions for BGP-4. See MP-BGP
N
NBMA
OSPF interface network type, 69
OSPF network type, 62, 68
neighbor
IP routing IS-IS neighbor state change logging, 140
IP routing RIP neighbor specification, 31
IPv4 BGP BFD configuration, 215
OSPF neighbor state change logging, 82
network
BGP AS_PATH attribute, 199
BGP basic configuration, 179
BGP community, 174
BGP confederation, 174, 211
BGP confederation compatibility, 212
BGP default route advertisement to peer/peer group, 188
BGP dynamic peer, 181
BGP GR configuration, 212
BGP GR helper configuration, 212
BGP GR restarter configuration, 212
BGP GTSM configuration, 206
BGP large-scale network configuration, 209
BGP load balancing, 172
BGP MED attribute, 195
BGP optimal route advertisement, 188
BGP optimization, 202
BGP path selection, 193
BGP peer configuration, 180
BGP peer group, 174
BGP peer group configuration, 181
BGP route dampening, 174
BGP route distribution, 187
BGP route filtering policies, 189
BGP route flapping logging, 215
BGP route generation, 185
BGP route reception, 187
BGP route recursion, 172
BGP route reflection configuration, 210
BGP route reflector, 174
BGP route selection, 172, 172
BGP route summarization, 174, 187
BGP session state change logging, 214
BGP SNMP notification enable, 214
BGP soft reset, 206
BGP TCP connection source address, 185
BGP update advertisement delay, 192
entity title. Use NET
IP routing BGP FRR, 216
IP routing BGP NSR, 213
IP routing dynamic routing protocols, 2
IP routing ECMP enhanced mode, 5
IP routing extension attribute redistribution, 4
IP routing FIB route max lifetime, 4
IP routing IS-IS area, 121
IP routing IS-IS area authentication, 142
IP routing IS-IS automatic cost calculation enable, 129
IP routing IS-IS basic configuration, 126
IP routing IS-IS BFD configuration, 143
IP routing IS-IS broadcast type, 122, 122
IP routing IS-IS circuit level configuration, 127
IP routing IS-IS DIS election, 122
IP routing IS-IS FRR automatic backup next hop calculation, 144
IP routing IS-IS FRR configuration, 144
IP routing IS-IS FRR configuration using routing policy, 145
IP routing IS-IS global cost configuration, 129
IP routing IS-IS GR configuration, 142
IP routing IS-IS hello multiplier, 133
IP routing IS-IS hello packet send interval, 133
IP routing IS-IS interface cost configuration, 129
IP routing IS-IS interface DIS priority, 134
IP routing IS-IS interface hello packet send, 134
IP routing IS-IS interface P2P network type configuration, 127
IP routing IS-IS interface packet send/receive, 134
IP routing IS-IS IS level configuration, 127
IP routing IS-IS ISPF enable, 140
IP routing IS-IS link cost configuration, 128
IP routing IS-IS LSDB overload bit, 138
IP routing IS-IS LSP flash flooding, 137
IP routing IS-IS LSP fragment extension, 137
IP routing IS-IS LSP length specification, 136
IP routing IS-IS LSP parameters, 135
IP routing IS-IS LSP timer, 135
IP routing IS-IS neighbor relationship authentication, 141
IP routing IS-IS neighbor state change logging, 140
IP routing IS-IS network management, 140
IP routing IS-IS network optimization, 132
IP routing IS-IS network tuning, 132
IP routing IS-IS point-to-point type, 122
IP routing IS-IS preference specification, 129
IP routing IS-IS pseudonode, 122
IP routing IS-IS route control configuration, 128
IP routing IS-IS route convergence priority, 138
IP routing IS-IS route leaking, 122
IP routing IS-IS routing domain, 121
IP routing IS-IS routing domain authentication, 142
IP routing IS-IS security enhancement, 141
IP routing IS-IS SPF calculation interval, 137
IP routing IS-IS system ID-host name mapping, 138
IP routing IS-IS system ID-host name mapping (dynamic), 139
IP routing IS-IS system ID-host name mapping (static), 139
IP routing load sharing, 3
IP routing policy apply clause configuration, 271
IP routing policy AS_PATH list configuration, 268
IP routing policy community list configuration, 269
IP routing policy configuration, 269
IP routing policy continue clause configuration, 272
IP routing policy creation, 269
IP routing policy extended community list configuration, 269
IP routing policy filter configuration, 268
IP routing policy if-match clause configuration, 270
IP routing policy IP prefix list configuration, 268
IP routing RIB label max lifetime, 4
IP routing RIB route max lifetime, 4
IP routing RIP additional routing metric configuration, 25
IP routing RIP basic configuration, 23, 37
IP routing RIP BFD configuration, 34
IP routing RIP BFD configuration (bidirectional detection/control packet mode), 51
IP routing RIP BFD configuration (single-hop echo detection/specific destination), 48
IP routing RIP BFD single-hop echo detection, 45
IP routing RIP default route advertisement, 27
IP routing RIP FRR configuration, 35, 54
IP routing RIP GR configuration, 33
IP routing RIP host route reception disable, 26
IP routing RIP interface additional metric configuration, 41
IP routing RIP interface advertisement control, 24
IP routing RIP interface reception control, 24
IP routing RIP max number ECMP routes, 30
IP routing RIP network management configuration, 32
IP routing RIP network optimization, 29
IP routing RIP network tuning, 29
IP routing RIP operation, 21
IP routing RIP packet max length, 33
IP routing RIP packet send rate configuration, 32
IP routing RIP poison reverse configuration, 29
IP routing RIP preference configuration, 28
IP routing RIP received/redistributed route filtering, 27
IP routing RIP route control configuration, 25
IP routing RIP route entries, 21
IP routing RIP route redistribution configuration, 28, 39
IP routing RIP routing loop prevention, 21
IP routing RIP split horizon configuration, 29
IP routing RIP summary route advertisement configuration, 43
IP routing RIP timer configuration, 29
IP routing RIP update source IP address check, 31
IP routing RIP version configuration, 24
IP routing RIP versions, 22
IP routing RIPv1 message zero field check, 30
IP routing RIPv2 message authentication configuration, 31
IP routing RIPv2 route summarization configuration, 26
IP routing route backup, 3
IP routing route preference, 2
IP routing route recursion, 3
IP routing route redistribution, 3
IPv4 BGP 4-byte AS number suppression, 204
IPv4 BGP AS number substitution, 200
IPv4 BGP AS_PATH optimal route selection, 200
IPv4 BGP BFD configuration, 215
IPv4 BGP community configuration, 209
IPv4 BGP default local preference, 194
IPv4 BGP fake AS number advertisement, 200
IPv4 BGP holdtime, 202
IPv4 BGP IGP route redistribution, 186
IPv4 BGP keepalive interval, 202
IPv4 BGP load balancing, 205
IPv4 BGP local AS number appearance, 199, 199
IPv4 BGP local network injection, 185
IPv4 BGP manual soft reset, 208
IPv4 BGP multiple hop EBGP session establishment, 203
IPv4 BGP NEXT_HOP attribute, 198
IPv4 BGP ORIGINATOR_ID attribute, 211
IPv4 BGP peer MD5 authentication, 204
IPv4 BGP private AS number removal, 201
IPv4 BGP received route preferred value, 193
IPv4 BGP route dampening, 193
IPv4 BGP route distribution filtering policies, 190
IPv4 BGP route preference, 194
IPv4 BGP route reception filtering policies, 191
IPv4 BGP route reflector configuration, 210
IPv4 BGP route update interval, 202
IPv4 BGP route update save, 207
IPv4 BGP route-refresh, 207
IPv4 BGP routes received from peer/peer group, 189
IPv4 BGP session establishment disable, 205
IPv6 BGP AS_PATH optimal route selection, 200
OSPF area, 66
OSPF area configuration (NSSA), 67, 102
OSPF area configuration (stub), 66, 100
OSPF basic configuration, 92
OSPF BFD, 88
OSPF BFD configuration, 113
OSPF BFD detection configuration (bidirectional control), 88
OSPF BFD detection configuration (single-hop echo), 89
OSPF DD packet interface MTU, 80
OSPF DR election configuration, 104
OSPF ECMP routes max, 73
OSPF enable, 65
OSPF exit overflow interval, 81
OSPF FRR, 89
OSPF FRR configuration, 115
OSPF GR, 86
OSPF GR configuration, 110
OSPF GR helper, 87
OSPF host route advertisement, 75
OSPF interface cost, 73
OSPF interface network type (broadcast), 69
OSPF interface network type (NBMA), 69
OSPF interface network type (P2MP), 70
OSPF interface network type (P2P), 70
OSPF interface packet send/receive disable, 79
OSPF ISPF, 83
OSPF log count, 86
OSPF LSA arrival interval, 78
OSPF LSA generation interval, 78
OSPF LSA transmission delay, 77
OSPF LSDB external LSAs max, 81
OSPF LSU transmit rate, 83
OSPF neighbor state change logging, 82
OSPF network LSA, 57
OSPF network management, 82
OSPF network summary LSA, 57
OSPF network type, 68
OSPF optimization, 76
OSPF packet DSCP value, 81
OSPF PIC configuration, 85
OSPF preference, 74
OSPF prefix priority, 85
OSPF prefix suppression, 84
OSPF received route filtering, 72
OSPF RFC 1583 compatibility, 82
OSPF route calculation, 61
OSPF route control, 70
OSPF route redistribution, 74
OSPF route redistribution configuration, 95
OSPF route summarization, 71
OSPF route summarization configuration, 97
OSPF route types, 61
OSPF SPF calculation interval, 77
OSPF stub router, 79
OSPF summary network discard route, 71
OSPF timer set, 76
OSPF tuning, 76
OSPF Type-3 LSA filtering, 72
OSPF virtual link, 68
OSPF virtual link configuration, 108
PBR node action, 257
PBR node creation, 256
PBR node match criteria, 257
PBR policy, 255
PBR policy configuration, 256
PBR-Track collaboration, 256
static route BFD bidirectional control mode (direct next hop), 8
static route BFD bidirectional control mode (indirect next hop), 8
static route BFD configuration, 8
static route BFD single-hop echo mode, 9
static route configuration, 7
static route FRR configuration, 10
tuning BGP, 202
network management
BGP configuration, 168, 178
BGP large scale networks, 174
egress interface PBR configuration, 263
IP routing configuration, 1
IP routing IS-IS authentication, 159
IP routing IS-IS basic configuration, 147
IP routing IS-IS BFD configuration, 162
IP routing IS-IS configuration, 119, 125, 147
IP routing IS-IS DIS election configuration, 151
IP routing IS-IS FRR configuration, 165
IP routing IS-IS GR configuration, 161
IP routing IS-IS route redistribution, 155
IP routing policy application to route redistribution, 273
IP routing policy configuration, 267
IP routing RIP configuration, 21, 22, 37
IPv4 BGP basic configuration, 220
IPv4 BGP BFD configuration, 247
IPv4 BGP COMMUNITY configuration, 232
IPv4 BGP confederation configuration, 238
IPv4 BGP configuration, 220
IPv4 BGP FRR, 250
IPv4 BGP GR configuration, 245
IPv4 BGP load balancing configuration, 230
IPv4 BGP path selection configuration, 242
IPv4 BGP route reflector configuration, 235
IPv4 BGP route summarization, 227
IPv4 BGP-IGP route redistribution, 224
OSPF configuration, 57, 63, 92
PBR configuration, 255, 256, 258, 260
PBR interface configuration (packet type-based), 261
PBR local configuration (packet type-based), 260
static routing basic configuration, 11
static routing BFD configuration (direct next hop), 13
static routing BFD configuration (indirect next hop), 16
static routing configuration, 7, 11
static routing default route configuration, 20
static routing FRR configuration, 18
NEXT_HOP
BGP path attribute, 168
IPV4 BGP NEXT_HOP attribute configuration, 198
NO_ADVERTISE
BGP COMMUNITY path attribute, 168
NO_EXPORT
BGP COMMUNITY path attribute, 168
NO_EXPORT_SUBCONFED
BGP COMMUNITY path attribute, 168
node
IP routing IS-IS pseudonode, 122
IP routing IS-IS route control configuration, 128
IP routing policy apply clause, 267
IP routing policy apply clause configuration, 271
IP routing policy continue clause, 267
IP routing policy continue clause configuration, 272
IP routing policy if-match clause, 267
IP routing policy if-match clause configuration, 270
PBR apply clause, 255
PBR creation, 256
PBR if-match clause, 255
PBR match criteria, 257
PBR node action, 257
PBR policy, 255
PBR-Track collaboration, 256
non-IETF
OSPF GR, 86
OSPF GR helper, 87
notifying
BGP notification message, 168
OSPF network management, 82
NSAP
IP routing IS-IS address format, 119
NET, 120
N-SEL (IS-IS), 120
NSR
IP routing BGP NSR, 213
NSSA
OSPF area configuration, 67, 102
OSPF NSSA area, 60
OSPF NSSA LSA, 57
OSPF totally NSSA area, 60
number
BGP first AS number of EBGP route updates, 201
IPv4 BGP 4-byte AS number suppression, 204
IPv4 BGP AS number substitution, 200
IPv4 BGP fake AS number advertisement, 200
IPv4 BGP local AS number appearance, 199, 199
IPv4 BGP private AS number removal, 201
O
open
BGP message, 168
Open Shortest Path First. Use OSPF
optimal
BGP route, 188
IP routing FIB table optimal routes, 1
optimizing
BGP network, 202
IP routing IS-IS networks, 132
IP routing RIP networks, 29
OSPF network, 76
ORIGIN
BGP path attribute, 168
area configuration, 66
area configuration (NSSA), 67, 102
area configuration (stub), 66, 100
areas, 58
authentication configuration, 80
backbone area, 59
basic configuration, 92
BDR, 62
BFD configuration, 88, 113
BFD detection configuration (bidirectional control), 88
BFD detection configuration (single-hop echo), 89
BFD FRR configuration, 90
configuration, 57, 63, 92
DD packet interface MTU add, 80
display, 91
DR, 62
DR election configuration, 104
ECMP routes max, 73
enable, 65
exit overflow interval, 81
FRR backup next hop calculation (LFA algorithm), 90
FRR backup next hop specification (routing policy), 90
FRR configuration, 89
FRR configuration configuration, 115
GR configuration, 86, 110
GR helper, 87
GR trigger, 88
host route advertisement, 75
interface cost, 73
interface network type (broadcast), 69
interface network type (NBMA), 69
interface network type (P2MP), 70
interface network type (P2P), 70
interface packet send/receive disable, 79
IP routing IS-IS BFD configuration, 143
IP routing IS-IS DIS election, 122
ISPF enable, 83
log count configuration, 86
LSA arrival interval, 78
LSA generation interval, 78
LSA transmission delay, 77
LSA types, 57
LSDB external LSAs max, 81
LSU transmit rate configuration, 83
maintain, 91
neighbor state change logging, 82
network management configuration, 82
network optimization, 76
network tuning, 76
network type configuration, 68
network types, 62
NSSA area, 60
packet DSCP value configuration, 81
packet types, 57
PIC configuration, 85
PIC enable, 85
preference configuration, 74
prefix priority configuration, 85
prefix suppression, 84
protocols and standards, 63
received route filtering, 72
redistributed route default parameters, 75
redistributed route summarization (ASBR), 71
RFC 1583 compatibility, 82
route calculation, 61
route control configuration, 70
route redistribution, 74
route redistribution configuration, 95
route summarization, 71
route summarization (ABR), 71
route summarization configuration, 97
route types, 61
router types, 60
SPF calculation interval, 77
stub area, 59
stub router configuration, 79
summary network discard route, 71
timer set, 76
totally NSSA area, 60
totally stub area, 59
troubleshoot configuration, 118
troubleshoot incorrect routing information, 118
troubleshoot no neighbor relationship established, 118
Type-3 LSA filtering, 72
virtual link configuration, 68, 108
virtual links, 59
P
P2MP
OSPF interface network type, 70
OSPF network type, 62
P2P
OSPF interface network type, 70
OSPF network type, 62, 68
P2P network type (IS-IS), 127
packet
egress interface PBR configuration, 259, 263
enabling VXLAN mode for PBR, 259
IP routing configuration, 1
IP routing dynamic routing protocols, 2
IP routing extension attribute redistribution, 4
IP routing IS-IS CSNP packet send interval, 133
IP routing IS-IS hello multiplier, 133
IP routing IS-IS hello packet send interval, 133
IP routing IS-IS interface hello packet send, 134
IP routing IS-IS interface packet send/receive, 134
IP routing IS-IS PDU CLVs, 124
IP routing IS-IS PDU hello type, 124
IP routing IS-IS PDU LSP type, 124
IP routing IS-IS PDU SNP type, 124
IP routing IS-IS PDU types, 123
IP routing load sharing, 3
IP routing RIP BFD configuration (bidirectional control detection), 35
IP routing RIP BFD configuration (single-hop echo detection/neighbor), 34
IP routing RIP BFD configuration (single-hop echo detection/specific destination), 34
IP routing RIP network management configuration, 32
IP routing RIP packet max length, 33
IP routing RIP packet send rate configuration, 32
IP routing route backup, 3
IP routing route preference, 2
IP routing route recursion, 3
IP routing route redistribution, 3
OSPF BFD, 88
OSPF configuration, 57, 63
OSPF DD, 57
OSPF DD packet interface MTU, 80
OSPF exit overflow interval, 81
OSPF FRR, 89
OSPF GR, 86
OSPF GR helper, 87
OSPF hello, 57
OSPF interface packet send/receive disable, 79
OSPF ISPF, 83
OSPF LSAck, 57
OSPF LSDB external LSAs max, 81
OSPF LSR, 57
OSPF LSU, 57
OSPF LSU transmit rate, 83
OSPF packet DSCP value, 81
OSPF RFC 1583 compatibility, 82
OSPF stub router, 79
PBR configuration, 255, 256, 258, 260
PBR interface configuration, 258
PBR interface configuration (packet type-based), 261
PBR local configuration, 258
PBR local configuration (packet type-based), 260
PBR policy configuration, 256
parameter
IP routing IS-IS LSDB overload bit, 138
IP routing IS-IS LSP parameters, 135
IP routing IS-IS route convergence priority, 138
IP routing IS-IS SPF calculation interval, 137
OSPF redistributed route default parameters, 75
path
BGP MED attribute configuration, 195
BGP path attributes, 168
BGP path selection, 193
IPv4 BGP COMMUNITY configuration, 232
IPv4 BGP MED AS route comparison (confederation peers), 197
IPv4 BGP MED AS route comparison (diff ASs), 195
IPv4 BGP MED AS route comparison (per-AS), 196
IPv4 BGP MED default value, 195
IPv4 BGP NEXT_HOP attribute, 198
IPv4 BGP path selection configuration, 242
OSPF configuration, 57
configuration, 255, 256, 258, 260
displaying, 259
egress interface configuration, 259, 263
enabling VXLAN mode configuration, 259
interface configuration, 258
interface configuration (packet type-based), 261
interface PBR, 255
local configuration, 258
local configuration (packet type-based), 260
local PBR, 255
maintaining, 259
node action configuration, 257
node creation, 256
node match criteria, 257
policy, 255
policy configuration, 256
relationship between match mode/clauses, 256
Track collaboration, 256
PDU
IP routing IS-IS CLVs, 124
IP routing IS-IS hello type, 124
IP routing IS-IS LSP type, 124
IP routing IS-IS SNP type, 124
IP routing IS-IS types, 123
peer
BGP, 168
BGP configuration, 180
BGP default route advertisement to peer/peer group, 188
BGP dynamic peer, 181
BGP peer group, 174
BGP peer group configuration, 181
EBGP, 168
IBGP, 168
IPv4 BGP MED AS route comparison (confederation peers), 197
IPv4 BGP peer MD5 authentication, 204
IPv4 BGP session establishment disable, 205
IPv4 EBGP peer group configuration, 182
IPv4 EBGP peer protection (low memory exemption), 209
IPv4 IBGP peer group configuration, 181
permitting
IPv4 BGP local AS number appearance, 199, 199
PIC
OSPF BFD, 85
OSPF configuration, 85
OSPF PIC enable, 85
point-to-point IS-IS network type, 122
poison reverse, 29, 30
policy
BGP route filtering policy, 189
egress interface PBR configuration, 259, 263
enabling VXLAN mode for PBR, 259
IP routing IS-IS FRR configuration using routing policy, 145
IP routing policy application to route redistribution, 273
IP routing policy apply clause configuration, 271
IP routing policy AS_PATH list configuration, 268
IP routing policy community list configuration, 269
IP routing policy configuration, 267, 269
IP routing policy continue clause configuration, 272
IP routing policy creation, 269
IP routing policy extended community list configuration, 269
IP routing policy filter configuration, 268
IP routing policy filtering, 267
IP routing policy if-match clause configuration, 270
IP routing policy IP prefix list configuration, 268
IPv4 BGP route distribution filtering policy, 190
IPv4 BGP route reception filtering policy, 191
OSPF FRR backup next hop (routing policy), 90
PBR, 255
PBR configuration, 255, 256, 256, 258, 260
PBR interface configuration, 258
PBR interface configuration (packet type-based), 261
PBR local configuration, 258
PBR local configuration (packet type-based), 260
PBR node action, 257
PBR node creation, 256
PBR node match criteria, 257
policy-based routing. Use PBR
poll packet timer (OSPF), 76
preference
IP routing RIP configuration, 28
IP routing route preference, 2
OSPF route redistribution, 74
preference specification (IS-IS), 129
preferred value
BGP received route, 193
preferring
OSPF protocol preference, 74
prefix
IP routing policy IP prefix list configuration, 268
IP routing policy prefix list, 267
OSPF PIC configuration, 85
OSPF prefix priority, 85
OSPF prefix suppression, 84
priority
IP routing IS-IS interface DIS priority, 134
IP routing IS-IS route convergence priority, 138
OSPF prefix priority configuration, 85
OSPF route level priority, 61
procedure
advertising BGP default route to peer/peer group, 188
advertising BGP optimal route, 188
advertising IP routing IS-IS default route, 130
advertising IP routing RIP default route, 27
advertising IP routing RIPv2 summary route, 26
advertising IPv4 BGP fake AS number, 200
applying IP routing policy to route redistribution, 273
configuring BGP, 178
configuring BGP AS_PATH attribute, 199
configuring BGP basics, 179
configuring BGP confederation, 211
configuring BGP confederation compatibility, 212
configuring BGP dynamic peer, 181
configuring BGP GR, 212
configuring BGP GR helper, 212
configuring BGP GR restarter, 212
configuring BGP GTSM, 206
configuring BGP large-scale network, 209
configuring BGP MED attribute, 195
configuring BGP peer, 180
configuring BGP peer group, 181
configuring BGP route filtering policies, 189
configuring BGP route reflection, 210
configuring BGP route summarization, 187
configuring BGP soft reset, 206
configuring BGP update advertisement delay, 192
configuring egress interface PBR, 259, 263
configuring IP routing basic IS-IS, 126
configuring IP routing BGP FRR, 216
configuring IP routing BGP NSR, 213
configuring IP routing FIB route max lifetime, 4
configuring IP routing IS-IS, 125, 147
configuring IP routing IS-IS area authentication, 142
configuring IP routing IS-IS authentication, 159
configuring IP routing IS-IS basics, 147
configuring IP routing IS-IS BFD, 143, 162
configuring IP routing IS-IS circuit level, 127
configuring IP routing IS-IS DIS election, 151
configuring IP routing IS-IS ECMP routes max number, 130
configuring IP routing IS-IS FRR, 144, 165
configuring IP routing IS-IS FRR automatic backup next hop calculation, 144
configuring IP routing IS-IS FRR configuration using routing policy, 145
configuring IP routing IS-IS global cost, 129
configuring IP routing IS-IS GR, 142, 161
configuring IP routing IS-IS interface cost, 129
configuring IP routing IS-IS interface DIS priority, 134
configuring IP routing IS-IS interface P2P network type, 127
configuring IP routing IS-IS IS level, 127
configuring IP routing IS-IS link cost, 128
configuring IP routing IS-IS LSP parameters, 135
configuring IP routing IS-IS LSP timer, 135
configuring IP routing IS-IS LSP-calculated route filtering, 131
configuring IP routing IS-IS neighbor relationship authentication, 141
configuring IP routing IS-IS network management, 140
configuring IP routing IS-IS redistributed route filtering, 132
configuring IP routing IS-IS route control, 128
configuring IP routing IS-IS route convergence priority, 138
configuring IP routing IS-IS route filtering, 131
configuring IP routing IS-IS route leaking, 132
configuring IP routing IS-IS route redistribution, 131, 155
configuring IP routing IS-IS route summarization, 130
configuring IP routing IS-IS routing domain authentication, 142
configuring IP routing IS-IS system ID-host name mapping, 138
configuring IP routing IS-IS system ID-host name mapping (dynamic), 139
configuring IP routing IS-IS system ID-host name mapping (static), 139
configuring IP routing policy, 269
configuring IP routing policy apply clause, 271
configuring IP routing policy AS_PATH list, 268
configuring IP routing policy community list, 269
configuring IP routing policy continue clause, 272
configuring IP routing policy extended community list, 269
configuring IP routing policy filter, 268
configuring IP routing policy if-match clause, 270
configuring IP routing policy IP prefix list, 268
configuring IP routing RIB label max lifetime, 4
configuring IP routing RIB route max lifetime, 4
configuring IP routing RIP, 22, 37
configuring IP routing RIP additional routing metric, 25
configuring IP routing RIP basics, 23, 37
configuring IP routing RIP BFD, 34
configuring IP routing RIP BFD (bidirectional control detection), 35
configuring IP routing RIP BFD (bidirectional detection/control packet mode), 51
configuring IP routing RIP BFD (single-hop echo detection/neighbor), 34
configuring IP routing RIP BFD (single-hop echo detection/specific destination), 34, 48
configuring IP routing RIP BFD single-hop echo detection, 45
configuring IP routing RIP FRR, 35, 54
configuring IP routing RIP GR, 33
configuring IP routing RIP interface additional metric, 41
configuring IP routing RIP max number ECMP routes, 30
configuring IP routing RIP network management, 32
configuring IP routing RIP packet send rate, 32
configuring IP routing RIP poison reverse, 29
configuring IP routing RIP preference, 28
configuring IP routing RIP received/redistributed route filtering, 27
configuring IP routing RIP route control, 25
configuring IP routing RIP route redistribution, 28, 39
configuring IP routing RIP split horizon, 29
configuring IP routing RIP summary route advertisement, 43
configuring IP routing RIP timers, 29
configuring IP routing RIP version, 24
configuring IP routing RIPv2 message authentication, 31
configuring IP routing RIPv2 route summarization, 26
configuring IPv4 BGP, 220
configuring IPv4 BGP AS number substitution, 200
configuring IPv4 BGP basics, 220
configuring IPv4 BGP BFD, 215, 247
configuring IPv4 BGP COMMUNITY, 209, 232
configuring IPv4 BGP confederation, 238
configuring IPv4 BGP default local preference, 194
configuring IPv4 BGP FRR, 250
configuring IPv4 BGP GR, 245
configuring IPv4 BGP holdtime, 202
configuring IPv4 BGP keepalive interval, 202
configuring IPv4 BGP load balancing, 230
configuring IPv4 BGP MED default value, 195
configuring IPv4 BGP NEXT_HOP attribute, 198
configuring IPv4 BGP path selection, 242
configuring IPv4 BGP route automatic summarization, 187
configuring IPv4 BGP route dampening, 193
configuring IPv4 BGP route distribution filtering policies, 190
configuring IPv4 BGP route manual summarization, 187
configuring IPv4 BGP route preference, 194
configuring IPv4 BGP route reception filtering policies, 191
configuring IPv4 BGP route reflector, 210, 235
configuring IPv4 BGP route summarization, 227
configuring IPv4 BGP route update interval, 202
configuring IPv4 BGP soft reset manually, 208
configuring IPv4 BGP-IGP route redistribution, 224
configuring IPv4 EBGP peer group, 182
configuring IPv4 IBGP peer group, 181
configuring IS-IS FRR BFD, 145
configuring OSPF, 63
configuring OSPF area, 66
configuring OSPF area (NSSA), 67, 102
configuring OSPF area (stub), 66, 100
configuring OSPF authentication (area), 80
configuring OSPF authentication (interface), 80
configuring OSPF basics, 92
configuring OSPF BFD, 88, 113
configuring OSPF BFD detection (bidirectional control), 88
configuring OSPF BFD detection (single-hop echo), 89
configuring OSPF DD packet interface MTU, 80
configuring OSPF DR election, 104
configuring OSPF FRR, 89, 115
configuring OSPF FRR backup next hop (routing policy), 90
configuring OSPF FRR backup next hop calculation (LFA algorithm), 90
configuring OSPF FRR BFD, 90
configuring OSPF GR, 86, 110
configuring OSPF GR helper (IETF), 87
configuring OSPF GR helper (non-IETF), 87
configuring OSPF GR restarter (IETF), 86
configuring OSPF GR restarter (non-IETF), 87
configuring OSPF host route advertisement, 75
configuring OSPF interface cost, 73
configuring OSPF interface network type (broadcast), 69
configuring OSPF interface network type (NBMA), 69
configuring OSPF interface network type (P2MP), 70
configuring OSPF interface network type (P2P), 70
configuring OSPF LSU transmit rate, 83
configuring OSPF network management, 82
configuring OSPF network type, 68
configuring OSPF packet DSCP value, 81
configuring OSPF PIC, 85
configuring OSPF PIC BFD, 85
configuring OSPF preference, 74
configuring OSPF prefix priority, 85
configuring OSPF prefix suppression (interface), 84
configuring OSPF prefix suppression (OSPF process), 84
configuring OSPF received route filtering, 72
configuring OSPF redistributed route default parameters, 75
configuring OSPF redistributed route summarization (ASBR), 71
configuring OSPF route control, 70
configuring OSPF route redistribution, 95
configuring OSPF route redistribution (another routing protocol), 74
configuring OSPF route redistribution (default route), 75
configuring OSPF route summarization, 97
configuring OSPF route summarization (ABR), 71
configuring OSPF stub router, 79
configuring OSPF summary network discard route, 71
configuring OSPF Type-3 LSA filtering, 72
configuring OSPF virtual link, 68, 108
configuring PBR, 256, 258, 260
configuring PBR interface, 258
configuring PBR interface (packet type-based), 261
configuring PBR local, 258
configuring PBR local (packet type-based), 260
configuring PBR node action, 257
configuring PBR node match criteria, 257
configuring PBR policy, 256
configuring static route, 7
configuring static route BFD, 8
configuring static route BFD bidirectional control mode (direct next hop), 8
configuring static route BFD bidirectional control mode (indirect next hop), 8
configuring static route BFD single-hop echo mode, 9
configuring static route FRR, 10
configuring static routing, 11
configuring static routing basics, 11
configuring static routing BFD (direct next hop), 13
configuring static routing BFD (indirect next hop), 16
configuring static routing default route, 20
configuring static routing FRR, 10, 18
controlling BGP path selection, 193
controlling BGP route distribution, 187
controlling BGP route reception, 187
controlling IP routing IS-IS SPF calculation interval, 137
controlling IP routing RIP interface advertisement, 24
controlling IP routing RIP interface reception, 24
creating IP routing policy, 269
creating PBR node, 256
disabling IP routing IS-IS interface packet send/receive, 134
disabling IP routing RIP host route reception, 26
disabling IPv4 BGP AS_PATH optimal route selection, 200
disabling IPv4 BGP session establishment, 205
disabling IPv6 BGP AS_PATH optimal route selection, 200
disabling OSPF interface packet send/receive, 79
displaying IP routing IS-IS, 145
displaying IP routing policy, 273
displaying IP routing RIP, 36
displaying IP routing table, 5
displaying IPv4 BGP, 218
displaying OSPF, 91
displaying PBR, 259
displaying static routing, 11
enabling BGP, 179
enabling BGP route flapping logging, 215
enabling BGP session state change logging, 214
enabling BGP SNMP notification, 214
enabling EBGP direct connections upon link failure, 204
enabling IP routing ECMP enhanced mode, 5
enabling IP routing IS-IS, 126
enabling IP routing IS-IS automatic cost calculation, 129
enabling IP routing IS-IS interface hello packet send, 134
enabling IP routing IS-IS ISPF, 140
enabling IP routing IS-IS LSP flash flooding, 137
enabling IP routing IS-IS LSP fragment extension, 137
enabling IP routing IS-IS neighbor state change logging, 140
enabling IP routing RIP, 23
enabling IP routing RIP poison reverse, 30
enabling IP routing RIP split horizon, 29
enabling IP routing RIP update source IP address check, 31
enabling IP routing RIPv1 message zero field check, 30
enabling IP routing RIPv2 automatic route summarization, 26
enabling IPv4 BGP 4-byte AS number suppression, 204
enabling IPv4 BGP load balancing, 205
enabling IPv4 BGP MED AS route comparison (confederation peers), 197
enabling IPv4 BGP MED AS route comparison (diff ASs), 195
enabling IPv4 BGP MED AS route comparison (per-AS), 196
enabling IPv4 BGP multiple hop EBGP session establishment, 203
enabling IPv4 BGP peer MD5 authentication, 204
enabling IPv4 BGP route-refresh, 207
enabling OSPF (on interface), 66
enabling OSPF (on network), 65
enabling OSPF ISPF, 83
enabling OSPF neighbor state change logging, 82
enabling OSPF PIC, 85
enabling OSPF RFC 1583 compatibility, 82
enabling static routing FRR BFD echo packet mode, 11
enabling VXLAN mode for PBR, 259
enhancing IP routing IS-IS network security, 141
generating BGP route, 185
ignoring BGP first AS number of EBGP route updates, 201
ignoring IPv4 BGP ORIGINATOR_ID attribute, 211
injecting IPv4 BGP local network, 185
limiting IPv4 BGP routes received from peer/peer group, 189, 189
maintaining IP routing IS-IS, 145
maintaining IP routing policy, 273
maintaining IP routing RIP, 36
maintaining IP routing table, 5
maintaining IPv4 BGP, 218
maintaining OSPF, 91
maintaining PBR, 259
optimizing BGP network, 202
optimizing IP routing IS-IS networks, 132
optimizing IP routing RIP networks, 29
optimizing OSPF network, 76
permitting IPv4 BGP local AS number appearance, 199, 199
protecting IPv4 EBGP peer (low memory exemption), 209
redistributing IPv4 BGP IGP routes, 186
removing IPv4 BGP private AS number from EBGP peer/peer group update, 201
saving IPv4 BGP route update, 207
setting IP routing IS-IS LSDB overload bit, 138
setting IP routing RIP packet max length, 33
setting OSPF ECMP routes max, 73
setting OSPF exit overflow interval, 81
setting OSPF log count, 86
setting OSPF LSA transmission delay, 77
setting OSPF LSDB external LSAs max, 81
setting OSPF timer, 76
specifying BGP TCP connection source address, 185
specifying IP routing IS-IS CSNP packet send interval, 133
specifying IP routing IS-IS hello multiplier, 133
specifying IP routing IS-IS hello packet send interval, 133
specifying IP routing IS-IS LSP length, 136
specifying IP routing IS-IS preference, 129
specifying IP routing RIP neighbor, 31
specifying IPv4 BGP received route preferred value, 193
specifying OSPF LSA arrival interval, 78
specifying OSPF LSA generation interval, 78
specifying OSPF SPF calculation interval, 77
triggering OSPF GR, 88
troubleshooting BGP peer connection state, 254
troubleshooting OSPF incorrect routing information, 118
troubleshooting OSPF no neighbor relationship established, 118
tuning BGP network, 202
tuning IP routing IS-IS network, 132
tuning IP routing OSPF network, 76
tuning IP routing RIP networks, 29
protecting
IPv4 EBGP peer (low memory exemption), 209
protocols and standards
BGP, 177
IP routing dynamic routing protocols, 2
IP routing IS-IS, 125
IP routing RIP, 22
MP-BGP, 177
OSPF, 63
OSPF preference, 74
OSPF RFC 1583 compatibility, 82
R
receiving
IPv4 BGP routes received from peer/peer group, 189
OSPF interface packet send/receive disable, 79
OSPF received route filtering, 72
recursion
BGP route recursion, 172, 172
IP routing route recursion, 3
redistributing
BGP route generation, 185
BGP route summarization, 187
IP routing extension attribute redistribution, 4
IP routing IS-IS route redistribution, 131, 155
IP routing RIP received/redistributed route filtering, 27
IP routing RIP route redistribution, 39
IP routing RIP routes, 28
IP routing route redistribution, 3
IPv4 BGP IGP routes, 186
IPv4 BGP-IGP route redistribution, 224
OSPF redistributed route default parameters, 75
OSPF route redistribution, 74
OSPF route redistribution configuration, 95
reflecting
BGP route reflector, 174
removing
IPv4 BGP private AS number removal, 201
restrictions
IP routing RIP configuration, 35
RFC 1583 compatibility (OSPF), 82
RIB
IP routing FIB route max lifetime, 4
IP routing RIB label max lifetime, 4
IP routing RIB route max lifetime, 4
additional routing metric configuration, 25
basic configuration, 23, 37
BFD configuration, 34
BFD configuration (bidirectional control detection), 35
BFD configuration (bidirectional detection/control packet mode), 51
BFD configuration (single-hop echo detection/neighbor), 34
BFD configuration (single-hop echo detection/specific destination), 34, 48
BFD single-hop echo detection, 45
configuration, 21, 22, 37
configuration restrictions, 35
default route advertisement, 27
displaying, 36
enabling, 23
FRR configuration, 35, 54
GR configuration, 33
GR helper configuration, 33
GR restarter configuration, 33
host route reception disable, 26
interface additional metric configuration, 41
interface advertisement control, 24
interface reception control, 24
maintaining, 36
max number ECMP routes, 30
neighbor specification, 31
network management configuration, 32
network optimization, 29
network tuning, 29
operation, 21
packet max length, 33
packet send rate configuration, 32
poison reverse configuration, 29
poison reverse enable, 30
preference configuration, 28
protocols and standards, 22
received/redistributed route filtering, 27
RIPv1 message zero field check enable, 30
RIPv2 message authentication configuration, 31
RIPv2 route summarization configuration, 26
route control configuration, 25
route entries, 21
route redistribution configuration, 28, 39
routing loop prevention, 21
split horizon configuration, 29
split horizon enable, 29
summary route advertisement configuration, 43
timer configuration, 29
update source IP address check, 31
version configuration, 24
versions, 22
RIPv1
message zero field check enable, 30
protocols and standards, 22
RIP basic configuration, 23
RIP configuration, 21, 22, 37
RIP versions, 22
version configuration, 24
RIPv2
automatic route summarization enable, 26
message authentication configuration, 31
protocols and standards, 22
RIP basic configuration, 23
RIP configuration, 21, 22, 37
RIP versions, 22
route summarization configuration, 26
summary route advertisement, 26
version configuration, 24
route
BGP default route advertisement to peer/peer group, 188
BGP optimal route advertisement rules, 188
BGP route advertisement rules, 172
BGP route dampening, 174
BGP route filtering policies, 189
BGP route generation, 185
BGP route recursion, 172
BGP route reflection configuration, 210
BGP route reflector, 174
BGP route selection, 172, 172
BGP route summarization, 174
BGP route-refresh message, 168
BGP update advertisement delay, 192
IP routing FIB route max lifetime, 4
IP routing FIB table optimal routes, 1
IP routing IS-IS default route advertisement, 130
IP routing IS-IS ECMP routes max number, 130
IP routing IS-IS LSP-calculated route filtering, 131
IP routing IS-IS redistributed route filtering, 132
IP routing IS-IS route control configuration, 128
IP routing IS-IS route filtering, 131
IP routing IS-IS route leaking configuration, 132, 132
IP routing IS-IS route redistribution, 131, 155
IP routing IS-IS route summarization, 130
IP routing load sharing, 3
IP routing policy filters, 267
IP routing RIB label max lifetime, 4
IP routing RIB route max lifetime, 4
IP routing RIP default route advertisement, 27
IP routing RIP host route reception disable, 26
IP routing RIP max number ECMP routes, 30
IP routing RIP poison reverse configuration, 29
IP routing RIP preference configuration, 28
IP routing RIP received/redistributed route filtering, 27
IP routing RIP route control configuration, 25
IP routing RIP route entries, 21
IP routing RIP route redistribution configuration, 28, 39
IP routing RIP split horizon configuration, 29
IP routing RIP update source IP address check, 31
IP routing RIPv1 message zero field check, 30
IP routing RIPv2 summary route advertisement, 26
IP routing route backup, 3
IP routing route preference, 2
IP routing route recursion, 3
IP routing route redistribution, 3
IPv4 BGP IGP route redistribution, 186
IPv4 BGP MED AS route comparison (confederation peers), 197
IPv4 BGP MED AS route comparison (diff ASs), 195
IPv4 BGP MED AS route comparison (per-AS), 196
IPv4 BGP ORIGINATOR_ID attribute, 211
IPv4 BGP route dampening, 193
IPv4 BGP route distribution filtering policies, 190
IPv4 BGP route reception filtering policies, 191
IPv4 BGP route reflector configuration, 210, 235
IPv4 BGP route refresh, 207
IPv4 BGP route summarization, 227
IPv4 BGP route update interval, 202
IPv4 BGP route update save, 207
IPv4 BGP routes received from peer/peer group, 189
IPv4 BGP-IGP route redistribution, 224
OSPF area configuration (NSSA), 102
OSPF area configuration (stub), 100
OSPF ECMP routes max, 73
OSPF host route advertisement, 75
OSPF preference, 74
OSPF received route filtering, 72
OSPF redistributed route default parameters, 75
OSPF redistributed route summarization (ASBR), 71
OSPF route calculation, 61
OSPF route control, 70
OSPF route level priority, 61
OSPF route redistribution, 74
OSPF route redistribution configuration, 95
OSPF route summarization, 71
OSPF route summarization (ABR), 71
OSPF route summarization configuration, 97
OSPF summary network discard route, 71
static route BFD configuration, 8
static route configuration, 7
static route FRR configuration, 10
static routing basic configuration, 11
static routing BFD configuration (direct next hop), 13
static routing BFD configuration (indirect next hop), 16
static routing configuration, 7, 11
static routing default route configuration, 20
static routing FRR configuration, 18
router
BGP peer, 168
BGP speaker, 168
EBGP peer, 168
IBGP peer, 168
IP routing IS-IS circuit level configuration, 127
IP routing IS-IS interface P2P network type configuration, 127
IP routing IS-IS IS level configuration, 127
IP routing IS-IS Level-1 router, 121
IP routing IS-IS Level-1-2 router, 121
IP routing IS-IS Level-2 router, 121
IP routing IS-IS route leaking, 122
IP routing IS-IS routing method, 120
IP routing IS-IS system ID, 120
OSPF ABR type, 60
OSPF ASBR type, 60
OSPF backbone type, 60
OSPF internal type, 60
OSPF router LSA, 57
OSPF stub router, 79
routing
displaying IP routing policy, 273
IP routing policy application to route redistribution, 273
IP routing policy apply clause configuration, 271
IP routing policy AS_PATH list configuration, 268
IP routing policy community list configuration, 269
IP routing policy configuration, 267, 269
IP routing policy continue clause configuration, 272
IP routing policy creation, 269
IP routing policy extended community list configuration, 269
IP routing policy filter configuration, 268
IP routing policy filtering, 267
IP routing policy filters, 267
IP routing policy if-match clause configuration, 270
IP routing policy prefix list configuration, 268
IPv4 BGP load balancing, 205
maintaining IP routing policy, 273
policy-based routing. Use PBR
tuning BGP network, 202
Routing Information Protocol. Use RIP
rule
BGP route advertisement rules, 172
S
saving
IPv4 BGP route update, 207
security
BGP GTSM configuration, 206
IP routing IS-IS area authentication, 142
IP routing IS-IS authentication, 159
IP routing IS-IS neighbor relationship authentication, 141
IP routing IS-IS network security enhancement, 141
IP routing IS-IS routing domain authentication, 142
OSPF authentication (area), 80
OSPF authentication (interface), 80
OSPF prefix priority, 85
OSPF prefix suppression, 84
SEL
IP routing IS-IS N-SEL, 120
NET, 120
selecting
BGP path selection, 193
BGP route, 172
BGP route selection, 172
IPv4 BGP path selection configuration, 242
sending
OSPF interface packet send/receive disable, 79
session
BGP session state change logging, 214
IPv4 BGP multiple hop EBGP session establishment, 203
IPv4 BGP session establishment disable, 205
setting
IP routing IS-IS LSDB overload bit, 138
IP routing RIP packet max length, 33
OSPF ECMP routes max, 73
OSPF exit overflow interval, 81
OSPF log count, 86
OSPF LSA transmission delay, 77
OSPF LSDB external LSAs max, 81
OSPF timer, 76
SNMP
OSPF network management, 82
SNP IS-IS PDU type, 124
soft reset
BGP configuration, 206
IPv4 BGP manual configuration, 208
source
IP routing RIP source IP address check, 31
speaker
BGP, 168
specifying
BGP TCP connection source address, 185
IP routing IS-IS CSNP packet send interval, 133
IP routing IS-IS hello multiplier, 133
IP routing IS-IS hello packet send interval, 133
IP routing IS-IS LSP length, 136
IP routing IS-IS preference, 129
IP routing RIP neighbor, 31
IPv4 BGP received route preferred value, 193
OSPF LSA arrival interval, 78
OSPF LSA generation interval, 78
OSPF SPF calculation interval, 77
SPF
IP routing IS-IS calculation interval, 137
OSPF SPF calculation interval, 77
split horizon, 29, 29
state
BGP session state change logging, 214
OSPF neighbor state change logging, 82
static
IP routing IS-IS system ID-host name mapping (static), 139
routing. See static routing
basic configuration, 11
BFD configuration (direct next hop), 13
BFD configuration (indirect next hop), 16
configuration, 7, 11
default route configuration, 20
displaying, 11
FRR configuration, 18
route configuration, 7
static route BFD bidirectional control mode (direct next hop), 8
static route BFD bidirectional control mode (indirect next hop), 8
static route BFD configuration, 8
static route BFD single-hop echo mode, 9
static route FRR configuration, 10
stub
OSPF area configuration, 100
OSPF area configuration (stub), 66
OSPF stub area, 59
OSPF stub router, 79
OSPF totally stub area, 59
substituting
IPv4 BGP AS number substitution, 200
summarizing
BGP route summarization, 174, 187
IP routing IS-IS route summarization, 130
IP routing RIPv2 automatic route summarization enable, 26
IP routing RIPv2 route summarization configuration, 26
IP routing RIPv2 summary route advertisement, 26
IPv4 BGP route automatic summarization, 187
IPv4 BGP route manual summarization, 187
IPv4 BGP route summarization, 227
OSPF redistributed route summarization (ASBR), 71
OSPF route summarization, 71
OSPF route summarization (ABR), 71
OSPF route summarization configuration, 97
OSPF summary network discard route, 71
suppress timer (RIP), 29
suppressing
IPv4 BGP 4-byte AS number suppression, 204
OSPF prefix suppression, 84
switch
IP routing RIP BFD configuration (bidirectional detection/control packet mode), 51
IP routing RIP BFD configuration (single-hop echo detection/specific destination), 48
switchover
IP routing BGP NSR, 213
system
IP routing IS-IS system ID-host name mapping, 138
IP routing IS-IS system ID-host name mapping (dynamic), 139
IP routing IS-IS system ID-host name mapping (static), 139
system ID
IP routing IS-IS, 120
T
table
IP routing, 1
TCP
BGP configuration, 168, 178
BGP TCP connection source address, 185
IPv4 BGP BFD configuration, 247
IPv4 BGP COMMUNITY configuration, 232
IPv4 BGP confederation configuration, 238
IPv4 BGP configuration, 220, 220
IPv4 BGP FRR, 250
IPv4 BGP GR configuration, 245
IPv4 BGP load balancing configuration, 230
IPv4 BGP path selection configuration, 242
IPv4 BGP route reflector configuration, 235
IPv4 BGP route summarization, 227
IPv4 BGP-IGP route redistribution, 224
threshold
IPv4 EBGP peer protection (level 2 threshold exemption), 209
time
IPv4 BGP holdtime, 202
timeout timer (RIP), 29
timer
IP routing IS-IS LSP timers, 135
IP routing RIP garbage-collect timer, 29
IP routing RIP suppress timer, 29
IP routing RIP timeout timer, 29
IP routing RIP update timer, 29
OSPF dead packet, 76
OSPF hello packet, 76
OSPF LSA retransmission packet, 76
OSPF packet, 76
OSPF poll packet, 76
topology
IP routing IS-IS ISPF, 140
track
static route configuration, 7
Track
PBR collaboration, 256
trapping
BGP SNMP notification enable, 214
IP routing IS-IS network management, 140
OSPF network management, 82, 82
triggering
OSPF GR, 88
troubleshooting
BGP, 254
BGP peer connection state, 254
OSPF configuration, 118
OSPF incorrect routing information, 118
OSPF no neighbor relationship established, 118
TTL
BGP GTSM configuration, 206
tuning
BGP network, 202
IP routing IS-IS network, 132
IP routing RIP networks, 29
OSPF network, 76
Type 1 external
OSPF route type, 61
Type 2 external
OSPF route type, 61
U
UDP
IP routing RIP configuration, 21, 22, 37
unicast
BGP dynamic peer, 181
IP routing configuration, 1
IP routing dynamic routing protocols, 2
IP routing extension attribute redistribution, 4
IP routing load sharing, 3
IP routing route backup, 3
IP routing route preference, 2
IP routing route recursion, 3
IP routing route redistribution, 3
OSPF network type, 62
update timer (RIP), 29
updating
BGP update message, 168
IPv4 BGP route update, 207
IPv4 BGP route update interval, 202
V
value
BGP received route preferred value, 193
IPv4 BGP MED default value, 195
virtual
OSPF virtual link, 59, 68
OSPF virtual link configuration, 108
Z
zero field check (RIPv1), 30
