05-Layer 3-IP Routing Configuration Guide

HomeSupportResource CenterH3C S12500-X & S12500X-AF Switch Series Configuration Guides(R115x)-6W10205-Layer 3-IP Routing Configuration Guide
10-OSPFv3 configuration
Title Size Download
10-OSPFv3 configuration 442.60 KB

Contents

Configuring OSPFv3· 1

Overview·· 1

OSPFv3 packets· 1

OSPFv3 LSA types· 1

Protocols and standards· 2

OSPFv3 configuration task list 2

Enabling OSPFv3· 3

Configuring OSPFv3 area parameters· 4

Configuration prerequisites· 4

Configuring a stub area· 4

Configuring an NSSA area· 4

Configuring an OSPFv3 virtual link· 5

Configuring OSPFv3 network types· 5

Configuration prerequisites· 6

Configuring the OSPFv3 network type for an interface· 6

Configuring an NBMA or P2MP neighbor 6

Configuring OSPFv3 route control 7

Configuration prerequisites· 7

Configuring OSPFv3 route summarization· 7

Configuring OSPFv3 received route filtering· 8

Configuring Inter-Area-Prefix LSA filtering· 8

Configuring an OSPFv3 cost for an interface· 8

Configuring the maximum number of OSPFv3 ECMP routes· 9

Configuring a preference for OSPFv3· 9

Configuring OSPFv3 route redistribution· 10

Tuning and optimizing OSPFv3 networks· 11

Configuration prerequisites· 11

Configuring OSPFv3 timers· 11

Specifying LSA transmission delay· 12

Specifying SPF calculation interval 12

Specifying the LSA generation interval 13

Configuring a DR priority for an interface· 13

Ignoring MTU check for DD packets· 13

Disabling interfaces from receiving and sending OSPFv3 packets· 14

Enabling the logging of neighbor state changes· 14

Configuring OSPFv3 network management 14

Configuring the LSU transmit rate· 15

Configuring stub routers· 16

Configuring prefix suppression· 16

Configuring OSPFv3 GR·· 17

Configuring GR restarter 17

Configuring GR helper 18

Triggering OSPFv3 GR·· 18

Configuring OSPFv3 NSR·· 18

Configuring BFD for OSPFv3· 19

Applying an IPsec profile· 19

Displaying and maintaining OSPFv3· 21

OSPFv3 configuration examples· 22

OSPFv3 stub area configuration example· 22

OSPFv3 NSSA area configuration example· 26

OSPFv3 DR election configuration example· 28

OSPFv3 route redistribution configuration example· 32

OSPFv3 route summarization configuration example· 35

OSPFv3 GR configuration example· 38

OSPFv3 NSR configuration example· 40

BFD for OSPFv3 configuration example· 41

OSPFv3 IPsec profile configuration example· 43

 


Configuring OSPFv3

Overview

This chapter describes how to configure RFC 2740-compliant Open Shortest Path First version 3 (OSPFv3) for an IPv6 network. For more information about OSPFv2, see "Configuring OSPF."

OSPFv3 and OSPFv2 have the following in common:

·          32-bit router ID and area ID.

·          Hello, Database Description (DD), Link State Request (LSR), Link State Update (LSU), Link State Acknowledgment (LSAck).

·          Mechanisms for finding neighbors and establishing adjacencies.

·          Mechanisms for advertising and aging LSAs.

OSPFv3 and OSPFv2 have the following differences:

·          OSPFv3 runs on a per-link basis. OSPFv2 runs on a per-IP-subnet basis.

·          OSPFv3 supports running multiple processes on an interface, but OSPFv2 does not support.

·          OSPFv3 identifies neighbors by router ID. OSPFv2 identifies neighbors by IP address.

OSPFv3 packets

OSPFv3 uses the following packet types:

·          Hello—Periodically sent to find and maintain neighbors, containing timer values, information about the DR, BDR, and known neighbors.

·          DD—Describes the digest of each LSA in the LSDB, exchanged between two routers for data synchronization.

·          LSR—Requests needed LSAs from the neighbor. After exchanging the DD packets, the two routers know which LSAs of the neighbor are missing from their LSDBs. They then send an LSR packet to each other, requesting the missing LSAs. The LSA packet contains the digest of the missing LSAs.

·          LSU—Transmits the requested LSAs to the neighbor.

·          LSAck—Acknowledges received LSU packets.

OSPFv3 LSA types

OSPFv3 sends routing information in LSAs. The following LSAs are commonly used:

·          Router LSA—Type-1 LSA, originated by all routers. This LSA describes the collected states of the router's interfaces to an area, and is flooded throughout a single area only.

·          Network LSA—Type-2 LSA, originated for broadcast and NBMA networks by the DR. This LSA contains the list of routers connected to the network, and is flooded throughout a single area only.

·          Inter-Area-Prefix LSA—Type-3 LSA, originated by ABRs and flooded throughout the LSA's associated area. Each Inter-Area-Prefix LSA describes a route with IPv6 address prefix to a destination outside the area, yet still inside the AS.

·          Inter-Area-Router LSA—Type-4 LSA, originated by ABRs and flooded throughout the LSA's associated area. Each Inter-Area-Router LSA describes a route to ASBR.

·          AS External LSA—Type-5 LSA, originated by ASBRs, and flooded throughout the AS, except stub areas and Not-So-Stubby Areas (NSSAs). Each AS External LSA describes a route to another AS. A default route can be described by an AS External LSA.

·          NSSA LSA—Type-7 LSA, originated by ASBRs in NSSAs and flooded throughout a single NSSA. NSSA LSAs describe routes to other ASs.

·          Link LSA—Type-8 LSA. A router originates a separate Link LSA for each attached link. Link LSAs have link-local flooding scope. Each Link LSA describes the IPv6 address prefix of the link and Link-local address of the router.

·          Intra-Area-Prefix LSA—Type-9 LSA. Each Intra-Area-Prefix LSA contains IPv6 prefix information on a router, stub area, or transit area information, and has area flooding scope. It was introduced because Router LSAs and Network LSAs contain no address information.

·          Grace LSA—Type-11 LSA, generated by a GR restarter at reboot and transmitted on the local link. The GR restarter describes the cause and interval of the reboot in the Grace LSA to notify its neighbors that it performs a GR operation.

Protocols and standards

·          RFC 5340, OSPF for IPv6

·          RFC 2328, OSPF Version 2

·          RFC 3101, OSPF Not-So-Stubby Area (NSSA) Option

·          RFC 5187, OSPFv3 Graceful Restart

OSPFv3 configuration task list

Tasks at a glance

(Required.) Enabling OSPFv3

(Optional.) Configuring OSPFv3 area parameters:

·         Configuring a stub area

·         Configuring an NSSA area

·         Configuring an OSPFv3 virtual link

(Optional.) Configuring OSPFv3 network types:

·         Configuring the OSPFv3 network type for an interface

·         Configuring an NBMA or P2MP neighbor

(Optional.) Configuring OSPFv3 route control:

·         Configuring OSPFv3 route summarization

·         Configuring OSPFv3 received route filtering

·         Configuring Inter-Area-Prefix LSA filtering

·         Configuring an OSPFv3 cost for an interface

·         Configuring the maximum number of OSPFv3 ECMP routes

·         Configuring a preference for OSPFv3

·         Configuring OSPFv3 route redistribution

(Optional.) Tuning and optimizing OSPFv3 networks:

·         Configuring OSPFv3 timers

·         Specifying LSA transmission delay

·         Configuring a DR priority for an interface

·         Specifying SPF calculation interval

·         Specifying the LSA generation interval

·         Ignoring MTU check for DD packets

·         Disabling interfaces from receiving and sending OSPFv3 packets

·         Enabling the logging of neighbor state changes

·         Configuring OSPFv3 network management

·         Configuring the LSU transmit rate

·         Configuring stub routers

·         Configuring prefix suppression

(Optional.) Configuring OSPFv3 GR:

·         Configuring GR restarter

·         Configuring GR helper

·         Triggering OSPFv3 GR

(Optional.) Configuring OSPFv3 NSR

(Optional.) Configuring BFD for OSPFv3

(Optional.) Applying an IPsec profile

 

Enabling OSPFv3

Before you enable OSPFv3, configure IPv6 addresses for interfaces to ensure IPv6 connectivity between neighboring nodes.

To enable an OSPFv3 process on a router:

·          Enable the OSPFv3 process globally.

·          Assign the OSPFv3 process a router ID.

·          Enable the OSPFv3 process on related interfaces.

The router ID uniquely identifies the router within an AS. If a router runs multiple OSPFv3 processes, you must specify a unique router ID for each process.

An OSPFv3 process ID has only local significance. Process 1 on a router can exchange packets with process 2 on another router.

To enable OSPFv3:

 

Step

Command

Remarks

1.       Enter system view.

system-view

N/A

1.       Enable an OSPFv3 process and enter its view.

ospfv3 [ process-id | vpn-instance vpn-instance-name ] *

By default, no OSPFv3 process is enabled.

2.       Specify a router ID.

router-id router-id

By default, no router ID is configured.

3.       Enter interface view.

interface interface-type interface-number

N/A

4.       Enable an OSPFv3 process on the interface.

ospfv3 process-id area area-id [ instance instance-id ]

No OSPFv3 process is enabled on an interface by default.

 

Configuring OSPFv3 area parameters

OSPFv3 has the same stub area, NSSA area, and virtual link features as OSPFv2.

After you split an OSPFv3 AS into multiple areas, the LSA number is reduced and OSPFv3 applications are extended. To further reduce the size of routing tables and the number of LSAs, configure the non-backbone areas at an AS edge as stub areas.

A stub area cannot import external routes, but an NSSA area can import external routes into the OSPFv3 routing domain while retaining other stub area characteristics.

Non-backbone areas exchange routing information through the backbone area, so the backbone and non-backbone areas (including the backbone itself) must be fully meshed. If no connectivity can be achieved, configure virtual links.

Configuration prerequisites

Before you configure OSPFv3 area parameters, enable OSPFv3.

Configuring a stub area

All the routers attached to a stub area must be configured with the stub command. The no-summary keyword is only available on the ABR of the stub area.

If you use the stub command with the no-summary keyword on an ABR, the ABR advertises a default route in an Inter-Area-Prefix LSA into the stub area. No AS External LSA, Inter-Area-Prefix LSA, or other Inter-Area-Router LSA is advertised in the area. The stub area of this kind is called a totally stub area.

To configure an OSPFv3 stub area:

 

Step

Command

Remarks

1.       Enter system view.

system-view

N/A

2.       Enter OSPFv3 view.

ospfv3 [ process-id | vpn-instance vpn-instance-name ] *

N/A

3.       Enter OSPFv3 area view.

area area-id

N/A

4.       Configure the area as a stub area.

stub [ default-route-advertise-always | no-summary ] *

By default, no area is configured as a stub area.

5.       (Optional.) Specify a cost for the default route advertised to the stub area.

default-cost value

The default setting is 1.

 

Configuring an NSSA area

To configure an NSSA area, configure the nssa command on all the routers attached to the area.

To configure a totally NSSA area, configure the nssa no-summary command on the ABR. The ABR of a totally NSSA area does not advertise inter-area routes into the area.

To configure an NSSA area:

 

Step

Command

Remarks

1.       Enter system view.

system-view

N/A

2.       Enter OSPFv3 view.

ospfv3 [ process-id | vpn-instance vpn-instance-name ] *

N/A

3.       Enter OSPFv3 area view.

area area-id

N/A

4.       Configure the area as an NSSA area.

nssa [ default-route-advertise [ cost cost | nssa-only | route-policy route-policy-name | tag tag | type type ] * | no-import-route | no-summary | [ translate-always | translate-never ] | suppress-fa | translator-stability-interval value ] *

By default, no area is configured as an NSSA area.

5.       (Optional.) Specify a cost for the default route advertised to the NSSA area.

default-cost cost

The default setting is 1.

This command takes effect only on the ABR/ASBR of an NSSA or totally NSSA area.

 

Configuring an OSPFv3 virtual link

You can configure a virtual link to maintain connectivity between a non-backbone area and the backbone, or in the backbone itself.

 

IMPORTANT

IMPORTANT:

·      Both ends of a virtual link are ABRs that must be configured with the vlink-peer command.

·      Do not configure virtual links in the areas of a GR-capable process.

 

To configure a virtual link:

 

Step

Command

Remarks

1.       Enter system view.

system-view

N/A

2.       Enter OSPFv3 view.

ospfv3 [ process-id | vpn-instance vpn-instance-name ] *

N/A

3.       Enter OSPFv3 area view.

area area-id

N/A

4.       Configure a virtual link.

vlink-peer router-id [ dead seconds | hello seconds | instance instance-id | ipsec-profile profile-name | retransmit seconds | trans-delay seconds ] *

By default, no virtual link is configured.

 

Configuring OSPFv3 network types

OSPFv3 classifies networks into the following types by the link layer protocol:

·          BroadcastWhen the link layer protocol is Ethernet or FDDI, OSPFv3 considers the network type as broadcast by default.

·          NBMAWhen the link layer protocol is ATM, Frame Relay, or X.25, OSPFv3 considers the network type as NBMA by default.

·          P2PWhen the link layer protocol is PPP, LAPB, HDLC, or POS, OSPFv3 considers the network type as P2P by default.

Follow these guidelines when you change the network type of an OSPFv3 interface:

·          An NBMA network must be fully connected. Any two routers in the network must be directly reachable to each other through a virtual circuit. If no such direct link is available, you must change the network type through a command.

·          If direct connections are not available between some routers in an NBMA network, the type of interfaces associated must be configured as P2MP, or as P2P for interfaces with only one neighbor.

Configuration prerequisites

Before you configure OSPFv3 network types, enable OSPFv3.

Configuring the OSPFv3 network type for an interface

Step

Command

Remarks

1.       Enter system view.

system-view

N/A

2.       Enter interface view.

interface interface-type interface-number

N/A

3.       Configure a network type for the OSPFv3 interface.

ospfv3 network-type { broadcast | nbma | p2mp [ unicast ] | p2p } [ instance instance-id ]

By default, the network type of an interface depends on the media type of the interface.

 

Configuring an NBMA or P2MP neighbor

For NBMA and P2MP interfaces (only when in unicast mode), you must specify the link-local IP addresses of their neighbors because these interfaces cannot find neighbors through broadcasting hello packets. For NBMA interfaces, you can also specify DR priorities for neighbors.

To configure an NBMA or P2MP (unicast) neighbor and its DR priority:

 

Step

Command

Remarks

1.       Enter system view.

system-view

N/A

2.       Enter interface view.

interface interface-type interface-number

N/A

3.       Specify an NBMA or P2MP (unicast) neighbor and its DR priority.

ospfv3 peer ipv6-address [ cost value | dr-priority dr-priority ] [ instance instance-id ]

By default, no link-local address is specified for the neighbor interface.

 

Configuring OSPFv3 route control

Configuration prerequisites

Before you configure OSPFv3 route control, complete the following tasks:

·          Configure IPv6 addresses for interfaces to ensure IPv6 connectivity between neighboring nodes.

·          Enable OSPFv3.

Configuring OSPFv3 route summarization

Route summarization enables an ABR or ASBR to summarize contiguous networks into a single network and advertise it to other areas.

Configuring route summarization on an ABR

If contiguous network segments exist in an area, you can summarize them into one network segment on the ABR. The ABR will advertise only the summary route. Any LSA on the specified network segment will not be advertised, reducing the LSDB size in other areas.

To configure route summarization:

 

Step

Command

Remarks

1.       Enter system view.

system-view

N/A

2.       Enter OSPFv3 view.

ospfv3 [ process-id | vpn-instance vpn-instance-name ] *

N/A

3.       Enter OSPFv3 area view.

area area-id

N/A

4.       Configure route summarization.

abr-summary ipv6-address prefix-length [ not-advertise ] [ cost value ]

By default, route summarization is not configured on an ABR.

 

Configuring route summarization on an ASBR

Perform this task to enable an ASBR to summarize external routes within the specified address range into a single route.

An ASBR can summarize routes in the following LSAs:

·          Type-5 LSAs.

·          Type-7 LSAs in an NSSA area.

·          Type-5 LSAs translated by the ASBR (also an ABR) from Type-7 LSAs in an NSSA area.

If the ASBR (ABR) is not a translator, it cannot summarize routes in Type-5 LSAs translated from Type-7 LSAs.

To configure route summarization on an ASBR:

 

Step

Command

Remarks

1.       Enter system view.

system-view

N/A

2.       Enter OSPFv3 view.

ospfv3 [ process-id | vpn-instance vpn-instance-name ] *

N/A

3.       Configure route summarization on an ASBR.

asbr-summary ipv6-address prefix-length [ cost cost | not-advertise | nssa-only | tag tag ] *

By default, route summarization is not configured on an ASBR.

 

Configuring OSPFv3 received route filtering

Step

Command

Remarks

1.       Enter system view.

system-view

N/A

2.       Enter OSPFv3 view.

ospfv3 [ process-id | vpn-instance vpn-instance-name ] *

N/A

3.       Configure OSPFv3 to filter routes calculated using received LSAs.

filter-policy { acl6-number [ gateway prefix-list-name ] | prefix-list prefix-list-name [ gateway prefix-list-name ] | gateway prefix-list-name | route-policy route-policy-name } import

By default, OSPFv3 accepts all routes calculated using received LSAs.

This command can only filter routes computed by OSPFv3. Only routes not filtered out can be added into the local routing table.

 

Configuring Inter-Area-Prefix LSA filtering

Step

Command

Remarks

1.       Enter system view.

system-view

N/A

2.       Enter OSPFv3 view.

ospfv3 [ process-id | vpn-instance vpn-instance-name ] *

N/A

3.       Enter OSPFv3 area view.

area area-id

N/A

4.       Configure OSPFv3 to filter Inter-Area-Prefix LSAs.

filter { acl6-number | prefix-list prefix-list-name | route-policy route-policy-name } { export | import }

By default, OSPFv3 accepts all Inter-Area-Prefix LSAs.

This command takes effect only on ABRs.

 

Configuring an OSPFv3 cost for an interface

You can configure an OSPFv3 cost for an interface with one of the following methods:

·          Configure the cost value in interface view.

·          Configure a bandwidth reference value for the interface, and OSPFv3 computes the cost automatically based on the bandwidth reference value by using the following formula:

Interface OSPFv3 cost = Bandwidth reference value (100 Mbps) / Interface bandwidth (Mbps)

¡  If the calculated cost is greater than 65535, the value of 65535 is used.

¡  If the calculated cost is smaller than 1, the value of 1 is used.

·          If no cost is configured for an interface, OSPFv3 automatically computes the cost for the interface.

To configure an OSPFv3 cost for an interface:

 

Step

Command

Remarks

1.       Enter system view.

system-view

N/A

2.       Enter interface view.

interface interface-type interface-number

N/A

3.       Configure an OSPFv3 cost for the interface.

ospfv3 cost value [ instance instance-id ]

By default, the OSPFv3 cost is 1 for a VLAN interface, is 0 for a loopback interface. The OSPFv3 cost is automatically computed according to the interface bandwidth for other interfaces.

 

To configure a bandwidth reference value:

 

Step

Command

Remarks

1.       Enter system view.

system-view

N/A

2.       Enter OSPFv3 view.

ospfv3 [ process-id | vpn-instance vpn-instance-name ] *

N/A

3.       Configure a bandwidth reference value.

bandwidth-reference value

The default setting is 100 Mbps.

 

Configuring the maximum number of OSPFv3 ECMP routes

Perform this task to implement load sharing over ECMP routes.

To configure the maximum number of ECMP routes:

 

Step

Command

Remarks

1.       Enter system view.

system-view

N/A

2.       Enter OSPFv3 view.

ospfv3 [ process-id | vpn-instance vpn-instance-name ] *

N/A

3.       Specify the maximum number of ECMP routes.

maximum load-balancing maximum

By default, the maximum number of OSPFv3 ECMP routes equals the maximum number of ECMP routes supported by the system.

 

Configuring a preference for OSPFv3

A router can run multiple routing protocols. The system assigns a priority for each protocol. When these routing protocols find the same route, the route found by the protocol with the highest priority is selected.

To configure a preference for OSPFv3:

 

Step

Command

Remarks

1.       Enter system view.

system-view

N/A

2.       Enter OSPFv3 view.

ospfv3 [ process-id | vpn-instance vpn-instance-name ] *

N/A

3.       Configure a preference for OSPFv3.

preference [ ase ] [ route-policy route-policy-name ] preference

By default, the preference of OSPFv3 internal routes is 10, and the priority of OSPFv3 external routes is 150.

 

Configuring OSPFv3 route redistribution

Because OSPFv3 is a link state routing protocol, it cannot directly filter LSAs to be advertised. OSPFv3 filters only redistributed routes. Only routes that are not filtered out can be advertised in LSAs.

Redistributing routes from another routing protocol

IMPORTANT

IMPORTANT:

The import-route bgp4+ command redistributes only EBGP routes. Because the import-route bgp4+ allow-ibgp command redistributes both EBGP and IBGP routes, and might cause routing loops, use it with caution.

 

To configure OSPFv3 route redistribution:

 

Step

Command

Remarks

1.       Enter system view.

system-view

N/A

2.       Enter OSPFv3 view.

ospfv3 [ process-id | vpn-instance vpn-instance-name ] *

N/A

3.       Configure OSPFv3 to redistribute routes from other routing protocols.

import-route protocol [ process-id | all-processes | allow-ibgp ] [ cost cost | nssa-only | route-policy route-policy-name | tag tag | type type ] *

By default, route redistribution is disabled.

4.       (Optional.) Configure OSPFv3 to filter redistributed routes.

filter-policy { acl6-number | prefix-list prefix-list-name } export [ protocol [ process-id ] ]

By default, OSPFv3 accepts all redistributed routes.

This command filters only routes redistributed with the import-route command. If the import-route command is not configured, executing this command does not take effect.

 

Redistributing a default route

The import-route command cannot redistribute a default external route. Perform this task to redistribute a default route.

To redistribute a default route:

 

Step

Command

Remarks

1.       Enter system view.

system-view

N/A

2.       Enter OSPFv3 view.

ospfv3 [ process-id | vpn-instance vpn-instance-name ] *

N/A

3.       Redistribute a default route.

default-route-advertise [ [ always | permit-calculate-other ] | cost cost | route-policy route-policy-name | tag tag | type type ] *

By default, no default route is redistributed.

 

Configuring tags for redistributed routes

Perform this task to configure tags for redistributed routes to identify information about protocols. For example, when redistributing IPv6 BGP routes, OSPFv3 uses tags to identify AS IDs.

To configure a tag for redistributed routes:

 

Step

Command

Remarks

1.       Enter system view.

system-view

N/A

2.       Enter OSPFv3 view.

ospfv3 [ process-id | vpn-instance vpn-instance-name ] *

N/A

3.       Configure a tag for redistributed routes.

default tag tag

By default, the tag of redistributed routes is 1.

 

Tuning and optimizing OSPFv3 networks

This section describes configurations of OSPFv3 timers, interface DR priority, and the logging of neighbor state changes.

Configuration prerequisites

Before you tune and optimize OSPFv3 networks, complete the following tasks:

·          Configure IPv6 addresses for interfaces to ensure IPv6 connectivity between neighboring nodes.

·          Enable OSPFv3.

Configuring OSPFv3 timers

Step

Command

Remarks

1.       Enter system view.

system-view

N/A

2.       Enter interface view.

interface interface-type interface-number

N/A

3.       Set the hello interval.

ospfv3 timer hello seconds [ instance instance-id ]

By default, the hello interval on P2P and broadcast interfaces is 10 seconds.

4.       Set the dead interval.

ospfv3 timer dead seconds [ instance instance-id ]

By default, the dead interval on P2P and broadcast interfaces is 40 seconds.

The dead interval set on neighboring interfaces cannot be too short. Otherwise, a neighbor is easily considered down.

5.       Set the poll interval.

ospfv3 timer poll seconds [ instance instance-id ]

By default, the poll interval is 120 seconds.

6.       Set the LSA retransmission interval.

ospfv3 timer retransmit interval [ instance instance-id ]

The default setting is 5 seconds.

The LSA retransmission interval cannot be too short. Otherwise, unnecessary retransmissions will occur.

 

Specifying LSA transmission delay

Each LSA in the LSDB has an age that is incremented by 1 every second, but the age does not change during transmission. Therefore, it is necessary to add a transmission delay into the age time, especially for low-speed links.

To specify the LSA transmission delay on an interface:

 

Step

Command

Remarks

1.       Enter system view.

system-view

N/A

2.       Enter interface view.

interface interface-type interface-number

N/A

3.       Specify the LSA transmission delay.

ospfv3 trans-delay seconds [ instance instance-id ]

By default, the LSA transmission delay is 1 second.

 

Specifying SPF calculation interval

LSDB changes result in SPF calculations. When the topology changes frequently, a large amount of network and router resources are occupied by SPF calculation. You can adjust the SPF calculation interval to reduce the impact.

For a stable network, the minimum interval is used. If network changes become frequent, the SPF calculation interval is incremented by the incremental interval × 2n-2 for each calculation until the maximum interval is reached. The value n is the number of calculation times.

To configure SPF calculation interval:

 

Step

Command

Remarks

1.       Enter system view.

system-view

N/A

2.       Enter OSPFv3 view.

ospfv3 [ process-id | vpn-instance vpn-instance-name ] *

N/A

3.       Specify the SPF calculation interval.

spf-schedule-interval maximum-interval [ minimum-interval [ incremental-interval ] ]

By default:

·         The maximum interval is 5 seconds.

·         The minimum interval is 50 milliseconds.

·         The incremental interval is 200 milliseconds.

 

Specifying the LSA generation interval

You can adjust the LSA generation interval to protect network resources and routers from being over consumed by frequent network changes.

For a stable network, the minimum interval is used. If network changes become frequent, the LSA generation interval is incremented by the incremental interval × 2n-2 for each generation until the maximum interval is reached. The value n is the number of generation times.

To configure the LSA generation interval:

 

Step

Command

Remarks

1.       Enter system view.

system-view

N/A

2.       Enter OSPFv3 view.

ospfv3 [ process-id | vpn-instance vpn-instance-name ] *

N/A

3.       Configure the LSA generation interval.

lsa-generation-interval maximum-interval [ minimum-interval [ incremental-interval ] ]

By default, the maximum interval is 5 seconds, the minimum interval is 0 milliseconds, and the incremental interval is 0 milliseconds.

Configuring a DR priority for an interface

The router priority is used for DR election. Interfaces having the priority 0 cannot become a DR or BDR.

To configure a DR priority for an interface:

 

Step

Command

Remarks

1.       Enter system view.

system-view

N/A

2.       Enter interface view.

interface interface-type interface-number

N/A

3.       Configure a router priority.

ospfv3 dr-priority priority [ instance instance-id ]

The default router priority is 1.

 

Ignoring MTU check for DD packets

When LSAs are few in DD packets, it is unnecessary to check the MTU in DD packets to improve efficiency.

To ignore MTU check for DD packets:

 

Step

Command

Remarks

1.       Enter system view.

system-view

N/A

2.       Enter interface view.

interface interface-type interface-number

N/A

3.       Ignore MTU check for DD packets.

ospfv3 mtu-ignore [ instance instance-id ]

By default, OSPFv3 does not ignore MTU check for DD packets.

 

Disabling interfaces from receiving and sending OSPFv3 packets

After an OSPFv3 interface is set to silent, direct routes of the interface can still be advertised in Intra-Area-Prefix LSAs through other interfaces, but other OSPFv3 packets cannot be advertised. No neighboring relationship can be established on the interface. This feature can enhance the adaptability of OSPFv3 networking.

To disable interfaces from receiving and sending OSPFv3 packets:

 

Step

Command

Remarks

1.       Enter system view.

system-view

N/A

2.       Enter OSPFv3 view.

ospfv3 [ process-id | vpn-instance vpn-instance-name ] *

N/A

3.       Disable interfaces from receiving and sending OSPFv3 packets.

silent-interface { interface-type interface-number | all }

By default, the interfaces are able to receive and send OSPFv3 packets.

This command disables only the interfaces associated with the current process. However, multiple OSPFv3 processes can disable the same interface from receiving and sending OSPFv3 packets.

 

Enabling the logging of neighbor state changes

With this feature enabled, the router delivers logs about neighbor state changes to its information center, which processes logs according to user-defined output rules (whether to output logs and where to output). For more information about the information center, see Network Management and Monitoring Configuration Guide.

To enable the logging of neighbor state changes:

 

Step

Command

Remarks

4.       Enter system view.

system-view

N/A

5.       Enter OSPFv3 view.

ospfv3 [ process-id | vpn-instance vpn-instance-name ] *

N/A

6.       Enable the logging of neighbor state changes.

log-peer-change

By default, this feature is enabled.

 

Configuring OSPFv3 network management

This task involves the following configurations:

·          Bind an OSPFv3 process to MIB so that you can use network management software to manage the specified OSPFv3 process.

·          Enable SNMP notifications for OSPFv3 to report important events.

·          Configure the SNMP notification output interval and the maximum number of SNMP notifications that can be output at each interval.

SNMP notifications are sent to the SNMP module, which outputs SNMP notifications according to the configured output rules. For more information about SNMP notifications, see Network Management and Monitoring Configuration Guide.

The standard OSPFv3 MIB provides only single-instance MIB objects. For SNMP to correctly identify OSPFv3 management information in the standard OSPFv3 MIB, you must configure a unique context name for OSPFv3. If multiple OSPFv3 processes exist, you must assign a unique context to each process.

Context is a method introduced to SNMPv3 for multiple-instance management. For SNMPv1/v2c, you must specify a community name as a context name for protocol identification.

To configure OSPFv3 network management:

 

Step

Command

Remarks

1.       Enter system view.

system-view

N/A

2.       Bind OSPFv3 MIB to an OSPFv3 process.

ospfv3 mib-binding process-id

By default, OSPFv3 MIB is bound to the process with the smallest process ID.

3.       Enable SNMP notifications for OSPFv3.

snmp-agent trap enable ospfv3 [ grrestarter-status-change | grhelper-status-change | if-state-change | if-cfg-error | if-bad-pkt | neighbor-state-change | nssatranslator-status-change | virtif-bad-pkt | virtif-cfg-error | virtif-state-change | virtgrhelper-status-change | virtneighbor-state-change ]*

By default, SNMP notifications for OSPFv3 are enabled.

4.       Enter OSPFv3 view.

ospfv3 [ process-id | vpn-instance vpn-instance-name ] *

N/A

5.       (Optional.) Configure an SNMP context for OSPFv3.

snmp context-name context-name

By default, no SNMP context is configured for OSPFv3.

6.       (Optional.) Configure the SNMP notification output interval and the maximum number of SNMP notifications that can be output at each interval.

snmp trap rate-limit interval trap-interval count trap-number

By default, OSPFv3 outputs a maximum of seven SNMP notifications within 10 seconds.

 

Configuring the LSU transmit rate

Sending large numbers of LSU packets affects router performance and consumes too much network bandwidth. You can configure the router to send LSU packets at a proper interval and limit the maximum number of LSU packets sent out of an OSPFv3 interface each time.

To configure the LSU transmit rate:

 

Step

Command

Remarks

1.       Enter system view.

system-view

N/A

2.       Enter OSPFv3 view.

ospfv3 [ process-id | vpn-instance vpn-instance-name ] *

N/A

3.       Configure the LSU transmit rate.

transmit-pacing interval interval count count

By default, an OSPFv3 interface sends a maximum of three LSU packets every 20 milliseconds.

 

Configuring stub routers

A stub router is used for traffic control. It reports its status as a stub router to neighboring OSPFv3 routers. The neighboring routers can have a route to the stub router, but they do not use the stub router to forward data.

Use either of the following methods to configure a router as a stub router:

·          Clear the R-bit of the Option field in Type-1 LSAs. When the R-bit is clear, the OSPFv3 router can participate in OSPFv3 topology distribution without forwarding traffic.

·          Use the OSPFv3 max-metric router LSA feature. This feature enables OSPFv3 to advertise its locally generated Type-1 LSAs with a maximum cost of 65535. Neighbors do not send packets to the stub router as long as they have a route with a smaller cost.

To configure a router as a stub router:

 

Step

Command

Remarks

1.       Enter system view.

system-view

N/A

2.       Enter OSPFv3 view.

ospfv3 [ process-id | vpn-instance vpn-instance-name ] *

N/A

3.       Configure the router as a stub router.

·         Method 1:
stub-router r-bit [ include-stub | on-startup { seconds | wait-for-bgp [ seconds ] } ] *

·         Method 2:
stub-router max-metric [ external-lsa [ max-metric-value ] | summary-lsa [ max-metric-value ] | include-stub | on-startup { seconds | wait-for-bgp [ seconds ] } ] *

By default, the router is not configured as a stub router.

A stub router is not related to a stub area.

 

Configuring prefix suppression

By default, an OSPFv3 interface advertises all of its prefixes in LSAs. To speed up OSPFv3 convergence, you can suppress interfaces from advertising all of their prefixes. This function helps improve network security by preventing IP routing to the suppressed networks.

When prefix suppression is enabled:

·          OSPFv3 does not advertise the prefixes of suppressed interfaces in Type-8 LSAs.

·          On broadcast and NBMA networks, the DR does not advertise the prefixes of suppressed interfaces in Type-9 LSAs that reference Type-2 LSAs.

·          On P2P and P2MP networks, OSPFv3 does not advertise the prefixes of suppressed interfaces in Type-9 LSAs that reference Type-1 LSAs.

 

IMPORTANT

IMPORTANT:

As a best practice, configure prefix suppression on all OSPFv3 routers if you want to use prefix suppression.

 

Configuring prefix suppression for an OSPFv3 process

Enabling prefix suppression for an OSPFv3 process does not suppress the prefixes of loopback interfaces and passive interfaces.

To configure prefix suppression for an OSPFv3 process:

 

Step

Command

Remarks

1.       Enter system view.

system-view

N/A

2.       Enter OSPFv3 view.

ospfv3 [ process-id | vpn-instance vpn-instance-name ] *

N/A

3.       Enable prefix suppression for the OSPFv3 process.

prefix-suppression

By default, prefix suppression is disabled for an OSPFv3 process.

 

Configuring prefix suppression for an interface

Step

Command

Remarks

1.       Enter system view.

system-view

N/A

2.       Enter interface view.

interface interface-type interface-number

N/A

3.       Enable prefix suppression for the interface.

ospfv3 prefix-suppression [ disable ] [ instance instance-id ]

By default, prefix suppression is disabled on an interface.

 

Configuring OSPFv3 GR

GR ensures forwarding continuity when a routing protocol restarts or an active/standby switchover occurs.

Two routers are required to complete a GR process. The following are router roles in a GR process:

·          GR restarter—Graceful restarting router. It must be Graceful Restart capable.

·          GR helper—The neighbor of the GR restarter. It helps the GR restarter to complete the GR process.

To prevent service interruption after a master/backup switchover, a GR restarter running OSPFv3 must complete the following tasks:

·          Keep the GR restarter forwarding entries stable during reboot.

·          Establish all adjacencies and obtain complete topology information after reboot.

After the active/standby switchover, the GR restarter sends a Grace LSA to tell its neighbors that it performs a GR. Upon receiving the Grace LSA, the neighbors with the GR helper capability enter the helper mode (and are called GR helpers). Then, the GR restarter retrieves its adjacencies and LSDB with the help of the GR helpers.

Configuring GR restarter

You can configure the GR restarter capability on a GR restarter.

 

IMPORTANT

IMPORTANT:

You cannot enable OSPFv3 NSR on a device that acts as GR restarter.

 

To configure GR restarter:

 

Step

Command

Remarks

1.       Enter system view.

system-view

N/A

2.       Enter OSPFv3 view.

ospfv3 [ process-id | vpn-instance vpn-instance-name ] *

N/A

3.       Enable the GR capability.

graceful-restart enable [ global | planned-only ] *

By default, OSPFv3 GR restarter capability is disabled.

4.       (Optional.) Configure the GR interval.

graceful-restart interval interval-value

By default, the GR interval is 120 seconds.

 

Configuring GR helper

You can configure the GR helper capability on a GR helper.

To configure GR helper:

 

Step

Command

Remarks

1.       Enter system view.

system-view

N/A

2.       Enter OSPFv3 view.

ospfv3 [ process-id | vpn-instance vpn-instance-name ] *

N/A

3.       Enable the GR helper capability.

graceful-restart helper enable [ planned-only ]

By default, the GR helper capability is enabled.

4.       Enable strict LSA checking.

graceful-restart helper strict-lsa-checking

By default, strict LSA checking is disabled.

 

Triggering OSPFv3 GR

OSPFv3 GR is triggered by an active/standby switchover or when the following command is executed.

To trigger OSPFv3 GR, perform the following command in user view:

 

Task

Command

Trigger OSPFv3 GR.

reset ospfv3 [ process-id ] process graceful-restart

 

Configuring OSPFv3 NSR

Nonstop routing (NSR) backs up OSPFv3 link state information from the active process to the standby process. After an active/standby switchover, NSR can complete link state recovery and route regeneration without tearing down adjacencies or impacting forwarding services.

NSR does not require the cooperation of neighboring devices to recover routing information, and is used more often than GR.

To enable OSPFv3 NSR:

 

Step

Command

Remarks

1.       Enter system view.

system-view

N/A

2.       Enter OSPFv3 view.

ospfv3 [ process-id | vpn-instance vpn-instance-name ] *

N/A

3.       Enable OSPFv3 NSR.

non-stop-routing

By default, OSPFv3 NSR is disabled.

 

Configuring BFD for OSPFv3

Bidirectional forwarding detection (BFD) provides a mechanism to quickly detect the connectivity of links between OSPFv3 neighbors, improving the convergence speed of OSPFv3. For more information about BFD, see High Availability Configuration Guide.

After discovering neighbors by sending hello packets, OSPFv3 notifies BFD of the neighbor addresses, and BFD uses these addresses to establish sessions. Before a BFD session is established, it is in the down state. In this state, BFD control packets are sent at an interval of no less than 1 second to reduce BFD control packet traffic. After the BFD session is established, BFD control packets are sent at the negotiated interval, thereby implementing fast fault detection.

To configure BFD for OSPFv3, you need to configure OSPFv3 first.

To configure BFD for OSPFv3:

 

Step

Command

Remarks

1.       Enter system view.

system-view

N/A

2.       Enter OSPFv3 view.

ospfv3 [ process-id | vpn-instance vpn-instance-name ] *

N/A

3.       Specify a router ID.

router-id router-id

N/A

4.       Quit the OSPFv3 view.

quit

N/A

5.       Enter interface view.

interface interface-type interface-number

N/A

6.       Enable an OSPFv3 process on the interface.

ospfv3 process-id area area-id [ instance instance-id ]

N/A

7.       Enable BFD on the interface.

ospfv3 bfd enable [ instance instance-id ]

By default, BFD on the interface is disabled.

 

Applying an IPsec profile

To protect routing information and prevent attacks, OSPFv3 can authenticate protocol packets by using an IPsec profile. For more information about IPsec profiles, see Security Configuration Guide.

Outbound OSPFv3 packets carry the Security Parameter Index (SPI) defined in the relevant IPsec profile. A device uses the SPI carried in a received packet to match against the configured IPsec profile. If they match, the device accepts the packet. Otherwise, the device discards the packet and will not establish a neighbor relationship with the sending device.

You can configure an IPsec profile for an area, an interface, a virtual link, or a sham link.

·          To implement area-based IPsec protection, configure the same IPsec profile on the routers in the target area.

·          To implement interface-based IPsec protection, configure the same IPsec profile on the interfaces between two neighboring routers.

·          To implement virtual link-based IPsec protection, configure the same IPsec profile on the two routers connected over the virtual link.

·          To implement sham link-based IPsec protection, configure the same IPsec profile on the two routers connected over the sham link. For information about sham link, see MPLS Configuration Guide.

·          If an interface and its area each have an IPsec profile configured, the interface uses its own IPsec profile.

·          If a virtual link and area 0 each have an IPsec profile configured, the virtual link uses its own IPsec profile.

·          If a sham link and its area each have an IPsec profile configured, the sham link uses its own IPsec profile.

To apply an IPsec profile to an area:

 

Step

Command

Remarks

1.       Enter system view.

system-view

N/A

2.       Enter OSPFv3 view.

ospfv3 [ process-id | vpn-instance vpn-instance-name ] *

N/A

3.       Enter OSPFv3 area view.

area area-id

N/A

4.       Apply an IPsec profile to the area.

enable ipsec-profile profile-name

By default, no IPsec profile is applied.

 

To apply an IPsec profile to an interface:

 

Step

Command

Remarks

1.       Enter system view.

system-view

N/A

2.       Enter interface view.

interface interface-type interface-number

N/A

3.       Apply an IPsec profile to the interface.

ospfv3 ipsec-profile profile-name

By default, no IPsec profile is applied.

 

To apply an IPsec profile to a virtual link:

 

Step

Command

Remarks

1.       Enter system view.

system-view

N/A

2.       Enter OSPFv3 view.

ospfv3 [ process-id | vpn-instance vpn-instance-name ] *

N/A

3.       Enter OSPFv3 area view.

area area-id

N/A

4.       Apply an IPsec profile to a virtual link.

vlink-peer router-id [ dead seconds | hello seconds | instance instance-id | retransmit seconds | trans-delay seconds | ipsec-profile profile-name ] *

By default, no IPsec profile is applied.

 

To apply an IPsec profile to a sham link:

 

Step

Command

Remarks

1.       Enter system view.

system-view

N/A

2.       Enter OSPFv3 view.

ospfv3 [ process-id | vpn-instance vpn-instance-name ] *

N/A

3.       Enter OSPFv3 area view.

area area-id

N/A

4.       Apply an IPsec profile to a sham link.

sham-link source-ipv6-address destination-ipv6-address [ cost cost | dead dead-interval | hello hello-interval | instance instance-id | ipsec-profile profile-name | retransmit retrans-interval | trans-delay delay ] *

By default, no IPsec profile is applied.

 

Displaying and maintaining OSPFv3

Execute display commands in any view and reset commands in user view.

 

Purpose

Command

Display information about the routes to OSPFv3 ABR and ASBR.

display ospfv3 [ process-id ] abr-asbr

Display summary route information on the OSPFv3 ABR.

display ospfv3 [ process-id ] [ area area-id ] abr-summary [ ipv6-address prefix-length ] [ verbose ]

Display summary route information on the OSPFv3 ASBR.

display ospfv3 [ process-id ] asbr-summary [ ipv6-address prefix-length ] [ verbose ]

Display OSPFv3 process information.

display ospfv3 [ process-id ] [ verbose ]

Display OSPFv3 GR information.

display ospfv3 [ process-id ] graceful-restart [ verbose ]

Display OSPFv3 interface information.

display ospfv3 [ process-id ] interface [ interface-type interface-number | verbose ]

Display OSPFv3 LSDB information.

display ospfv3 [ process-id ] lsdb [ { external | grace | inter-prefix | inter-router | intra-prefix | link | network | nssa | router | unknown [ type ] } [ link-state-id ] [ originate-router router-id | self-originate ] | statistics | total | verbose ]

Display OSPFv3 next hop information.

display ospfv3 [ process-id ] nexthop

Display OSPFv3 neighbor information.

display ospfv3 [ process-id ] [ area area-id ] peer [ [ interface-type interface-number ] [ verbose ] | peer-router-id | statistics ]

Display OSPFv3 request list information.

display ospfv3 [ process-id ] [ area area-id ] request-queue [ interface-type interface-number ] [ neighbor-id ]

Display OSPFv3 retransmission list information.

display ospfv3 [ process-id ] [ area area-id ] retrans-queue [ interface-type interface-number ] [ neighbor-id ]

Display OSPFv3 routing information.

display ospfv3 [ process-id ] routing [ ipv6-address prefix-length ]

Display OSPFv3 topology information.

display ospfv3 [ process-id ] [ area area-id ] spf-tree [ verbose ]

Display OSPFv3 statistics.

display ospfv3 [ process-id ] statistics [ error ]

Display OSPFv3 virtual link information.

display ospfv3 [ process-id ] vlink

Restart an OSPFv3 process.

reset ospfv3 [ process-id ] process [ graceful-restart ]

Restart OSPFv3 route redistribution.

reset ospfv3 [ process-id ] redistribution

Clear OSPFv3 statistics.

reset ospfv3 [ process-id ] statistics

 

OSPFv3 configuration examples

OSPFv3 stub area configuration example

Network requirements

As shown in Figure 1:

·          Enable OSPFv3 on all switches.

·          Split the AS into three areas.

·          Configure Switch B and Switch C as ABRs to forward routing information between areas.

·          Configure Area 2 as a stub area to reduce LSAs in the area without affecting route reachability.

Figure 1 Network diagram

 

Configuration procedure

1.        Configure IPv6 addresses for interfaces. (Details not shown.)

2.        Configure basic OSPFv3:

# On Switch A, enable OSPFv3 and specify the router ID as 1.1.1.1.

<SwitchA> system-view

[SwitchA] ospfv3

[SwitchA-ospfv3-1] router-id 1.1.1.1

[SwitchA-ospfv3-1] quit

[SwitchA] interface vlan-interface 300

[SwitchA-Vlan-interface300] ospfv3 1 area 1

[SwitchA-Vlan-interface300] quit

[SwitchA] interface vlan-interface 200

[SwitchA-Vlan-interface200] ospfv3 1 area 1

[SwitchA-Vlan-interface200] quit

# On Switch B, enable OSPFv3 and specify the router ID as 2.2.2.2.

<SwitchB> system-view

[SwitchB] ospfv3

[SwitchB-ospfv3-1] router-id 2.2.2.2

[SwitchB-ospfv3-1] quit

[SwitchB] interface vlan-interface 100

[SwitchB-Vlan-interface100] ospfv3 1 area 0

[SwitchB-Vlan-interface100] quit

[SwitchB] interface vlan-interface 200

[SwitchB-Vlan-interface200] ospfv3 1 area 1

[SwitchB-Vlan-interface200] quit

# On Switch C, enable OSPFv3 and specify the router ID as 3.3.3.3.

<SwitchC> system-view

[SwitchC] ospfv3

[SwitchC-ospfv3-1] router-id 3.3.3.3

[SwitchC-ospfv3-1] quit

[SwitchC] interface vlan-interface 100

[SwitchC-Vlan-interface100] ospfv3 1 area 0

[SwitchC-Vlan-interface100] quit

[SwitchC] interface vlan-interface 400

[SwitchC-Vlan-interface400] ospfv3 1 area 2

[SwitchC-Vlan-interface400] quit

# On Switch D, enable OSPFv3 and specify the router ID as 4.4.4.4.

<SwitchD> system-view

[SwitchD] ospfv3

[SwitchD-ospfv3-1] router-id 4.4.4.4

[SwitchD-ospfv3-1] quit

[SwitchD] interface vlan-interface 400

[SwitchD-Vlan-interface400] ospfv3 1 area 2

[SwitchD-Vlan-interface400] quit

# Display OSPFv3 neighbors on Switch B.

[SwitchB] display ospfv3 peer

 

               OSPFv3 Process 1 with Router ID 2.2.2.2

 

 Area: 0.0.0.0

-------------------------------------------------------------------------

 Router ID       Pri State             Dead-Time InstID Interface

 3.3.3.3         1   Full/BDR          00:00:40  0      Vlan100

 

 Area: 0.0.0.1

-------------------------------------------------------------------------

 Router ID       Pri State             Dead-Time InstID Interface

 1.1.1.1         1   Full/DR           00:00:40  0      Vlan200

# Display OSPFv3 neighbors on Switch C.

[SwitchC] display ospfv3 peer

 

               OSPFv3 Process 1 with Router ID 3.3.3.3

 

 Area: 0.0.0.0

-------------------------------------------------------------------------

 Router ID       Pri State             Dead-Time InstID Interface

 2.2.2.2         1   Full/DR           00:00:40  0      Vlan100

 

 Area: 0.0.0.2

-------------------------------------------------------------------------

 Router ID       Pri State             Dead-Time InstID Interface

 4.4.4.4         1   Full/BDR          00:00:40  0      Vlan400

# Display OSPFv3 routing table information on Switch D.

[SwitchD] display ospfv3 routing

 

               OSPFv3 Process 1 with Router ID 4.4.4.4

-------------------------------------------------------------------------

 I  - Intra area route,  E1 - Type 1 external route,  N1 - Type 1 NSSA route

 IA - Inter area route,  E2 - Type 2 external route,  N2 - Type 2 NSSA route

 *  - Selected route

 

 *Destination: 2001::/64

  Type       : IA                                        Cost     : 2

  NextHop    : FE80::F40D:0:93D0:1                       Interface: Vlan400

  AdvRouter  : 3.3.3.3                                   Area     : 0.0.0.2

  Preference : 10

 

 *Destination: 2001:1::/64

  Type       : IA                                        Cost     : 3

  NextHop    : FE80::F40D:0:93D0:1                       Interface: Vlan400

  AdvRouter  : 3.3.3.3                                   Area     : 0.0.0.2

  Preference : 10

 

 *Destination: 2001:2::/64

  Type       : I                                         Cost     : 1

  Nexthop    : ::                                        Interface: Vlan400

  AdvRouter  : 4.4.4.4                                   Area     : 0.0.0.2

  Preference : 10

 

 *Destination: 2001:3::/64

  Type       : IA                                        Cost     : 4

  NextHop    : FE80::F40D:0:93D0:1                       Interface: Vlan400

  AdvRouter  : 3.3.3.3                                   Area     : 0.0.0.2

  Preference : 10

 

 Total: 4

 Intra area: 1         Inter area: 3         ASE: 0         NSSA: 0

3.        Configure Area 2 as a stub area:

# Configure Switch D.

[SwitchD] ospfv3

[SwitchD-ospfv3-1] area 2

[SwitchD-ospfv3-1-area-0.0.0.2] stub

# Configure Switch C, and specify the cost of the default route sent to the stub area as 10.

[SwitchC] ospfv3

[SwitchC-ospfv3-1] area 2

[SwitchC-ospfv3-1-area-0.0.0.2] stub

[SwitchC-ospfv3-1-area-0.0.0.2] default-cost 10

# Display OSPFv3 routing table information on Switch D.

[SwitchD] display ospfv3 routing

 

               OSPFv3 Process 1 with Router ID 4.4.4.4

-------------------------------------------------------------------------

 I  - Intra area route,  E1 - Type 1 external route,  N1 - Type 1 NSSA route

 IA - Inter area route,  E2 - Type 2 external route,  N2 - Type 2 NSSA route

 *  - Selected route

 

 *Destination: ::/0

  Type       : IA                                        Cost     : 11

  NextHop    : FE80::F40D:0:93D0:1                       Interface: Vlan400

  AdvRouter  : 4.4.4.4                                   Area     : 0.0.0.2

  Preference : 10

 

 *Destination: 2001::/64

  Type       : IA                                        Cost     : 2

  NextHop    : FE80::F40D:0:93D0:1                       Interface: Vlan400

  AdvRouter  : 3.3.3.3                                   Area     : 0.0.0.2

  Preference : 10

 

 *Destination: 2001:1::/64

  Type       : IA                                        Cost     : 3

  NextHop    : FE80::F40D:0:93D0:1                       Interface: Vlan400

  AdvRouter  : 3.3.3.3                                   Area     : 0.0.0.2

  Preference : 10

 

 *Destination: 2001:2::/64

  Type       : I                                         Cost     : 1

  Nexthop    : ::                                        Interface: Vlan400

  AdvRouter  : 4.4.4.4                                   Area     : 0.0.0.2

  Preference : 10

 

 *Destination: 2001:3::/64

  Type       : IA                                        Cost     : 4

  NextHop    : FE80::F40D:0:93D0:1                       Interface: Vlan400

  AdvRouter  : 3.3.3.3                                   Area     : 0.0.0.2

  Preference : 10

 

 Total: 5

 Intra area: 1         Inter area: 4         ASE: 0         NSSA: 0

The output shows that a default route is added, and its cost is the cost of a direct route plus the configured cost.

4.        Configure Area 2 as a totally stub area:

# Configure Area 2 as a totally stub area on Switch C.

[SwitchC-ospfv3-1-area-0.0.0.2] stub no-summary

# Display OSPFv3 routing table information on Switch D.

[SwitchD] display ospfv3 routing

 

               OSPFv3 Process 1 with Router ID 4.4.4.4

-------------------------------------------------------------------------

 I  - Intra area route,  E1 - Type 1 external route,  N1 - Type 1 NSSA route

 IA - Inter area route,  E2 - Type 2 external route,  N2 - Type 2 NSSA route

 *  - Selected route

 

 *Destination: ::/0

  Type       : IA                                        Cost     : 11

  NextHop    : FE80::F40D:0:93D0:1                       Interface: Vlan400

  AdvRouter  : 4.4.4.4                                   Area     : 0.0.0.2

  Preference : 10

 

 *Destination: 2001:2::/64

  Type       : I                                         Cost     : 1

  Nexthop    : ::                                        Interface: Vlan400

  AdvRouter  : 4.4.4.4                                   Area     : 0.0.0.2

  Preference : 10

 

 Total: 2

 Intra area: 1         Inter area: 1         ASE: 0         NSSA: 0

The output shows that route entries are reduced. All indirect routes are removed, except the default route.

OSPFv3 NSSA area configuration example

Network requirements

As shown in Figure 2:

·          Configure OSPFv3 on all switches and split the AS into three areas.

·          Configure Switch B and Switch C as ABRs to forward routing information between areas.

·          Configure Area 1 as an NSSA area and configure Switch A as an ASBR to redistribute static routes into the AS.

Figure 2 Network diagram

 

Configuration procedure

1.        Configure IPv6 addresses for interfaces. (Details not shown.)

2.        Configure basic OSPFv3 (see "OSPFv3 stub area configuration example").

3.        Configure Area 1 as an NSSA area:

# Configure Switch A.

[SwitchA] ospfv3

[SwitchA-ospfv3-1] area 1

[SwitchA-ospfv3-1-area-0.0.0.1] nssa

[SwitchA-ospfv3-1-area-0.0.0.1] quit

[SwitchA-ospfv3-1] quit

# Configure Switch B.

[SwitchB] ospfv3

[SwitchB-ospfv3-1] area 1

[SwitchB-ospfv3-1-area-0.0.0.1] nssa

[SwitchB-ospfv3-1-area-0.0.0.1] quit

[SwitchB-ospfv3-1] quit

# Display OSPFv3 routing information on Switch A.

[SwitchA] display ospfv3 1 routing

 

               OSPFv3 Process 1 with Router ID 1.1.1.1

-------------------------------------------------------------------------

 I  - Intra area route,  E1 - Type 1 external route,  N1 - Type 1 NSSA route

 IA - Inter area route,  E2 - Type 2 external route,  N2 - Type 2 NSSA route

 *  - Selected route

 

 *Destination: 2001::/64

  Type       : IA                                        Cost     : 2

  NextHop    : FE80::20C:29FF:FE74:59C6                  Interface: Vlan200

  AdvRouter  : 2.2.2.2                                   Area     : 0.0.0.1

  Preference : 10

 

 *Destination: 2001:1::/64

  Type       : I                                         Cost     : 1

  Nexthop    : ::                                        Interface: Vlan200

  AdvRouter  : 1.1.1.1                                   Area     : 0.0.0.1

  Preference : 10

 

 *Destination: 2001:2::/64

  Type       : IA                                        Cost     : 3

  NextHop    : FE80::20C:29FF:FE74:59C6                  Interface: Vlan200

  AdvRouter  : 2.2.2.2                                   Area     : 0.0.0.1

  Preference : 10

 

 Total: 3

 Intra area: 1         Inter area: 2         ASE: 0         NSSA: 0

4.        Configure route redistribution:

# Configure an IPv6 static route, and configure OSPFv3 to redistribute the static route on Switch A.

[SwitchA] ipv6 route-static 1234:: 64 null 0

[SwitchA] ospfv3 1

[SwitchA-ospfv3-1] import-route static

[SwitchA-ospfv3-1] quit

# Display OSPFv3 routing information on Switch D.

[SwitchD] display ospfv3 1 routing

 

               OSPFv3 Process 1 with Router ID 4.4.4.4

-------------------------------------------------------------------------

 I  - Intra area route,  E1 - Type 1 external route,  N1 - Type 1 NSSA route

 IA - Inter area route,  E2 - Type 2 external route,  N2 - Type 2 NSSA route

 *  - Selected route

 

 *Destination: 2001::/64

  Type       : IA                                        Cost     : 2

  NextHop    : FE80::20C:29FF:FEB9:F2EF                  Interface: Vlan400

  AdvRouter  : 3.3.3.3                                   Area     : 0.0.0.2

  Preference : 10

 

 *Destination: 2001:1::/64

  Type       : IA                                        Cost     : 3

  NextHop    : FE80::20C:29FF:FEB9:F2EF                  Interface: Vlan400

  AdvRouter  : 3.3.3.3                                   Area     : 0.0.0.2

  Preference : 10

 

 *Destination: 2001:2::/64

  Type       : I                                         Cost     : 1

  NextHop    : ::                                        Interface: Vlan400

  AdvRouter  : 4.4.4.4                                   Area     : 0.0.0.2

  Preference : 10

 

 *Destination: 1234::/64

  Type       : E2                                        Cost     : 1

  NextHop    : FE80::20C:29FF:FEB9:F2EF                  Interface: Vlan400

  AdvRouter  : 2.2.2.2                                   Area     : 0.0.0.2

  Preference : 10

 

 Total: 4

 Intra area: 1         Inter area: 2         ASE: 1         NSSA: 0

The output shows an AS external route imported from the NSSA area exists on Switch D.

OSPFv3 DR election configuration example

Network requirements

As shown in Figure 3:

·          Configure router priority 100 for Switch A, the highest priority on the network, so it will become the DR.

·          Configure router priority 2 for Switch C, the second highest priority on the network, so it will become the BDR.

·          Configure router priority 0 for Switch B, so it cannot become a DR or BDR.

·          Switch D uses the default router priority 1.

Figure 3 Network diagram

 

Configuration procedure

1.        Configure IPv6 addresses for interfaces. (Details not shown.)

2.        Configure basic OSPFv3:

# On Switch A, enable OSPFv3 and specify the router ID as 1.1.1.1.

<SwitchA> system-view

[SwitchA] ospfv3

[SwitchA-ospfv3-1] router-id 1.1.1.1

[SwitchA-ospfv3-1] quit

[SwitchA] interface vlan-interface 100

[SwitchA-Vlan-interface100] ospfv3 1 area 0

[SwitchA-Vlan-interface100] quit

# On Switch B, enable OSPFv3 and specify the router ID as 2.2.2.2.

<SwitchB> system-view

[SwitchB] ospfv3

[SwitchB-ospfv3-1] router-id 2.2.2.2

[SwitchB-ospfv3-1] quit

[SwitchB] interface vlan-interface 200

[SwitchB-Vlan-interface200] ospfv3 1 area 0

[SwitchB-Vlan-interface200] quit

# On Switch C, enable OSPFv3 and specify the router ID as 3.3.3.3.

<SwitchC> system-view

[SwitchC] ospfv3

[SwitchC-ospfv3-1] router-id 3.3.3.3

[SwitchC-ospfv3-1] quit

[SwitchC] interface vlan-interface 100

[SwitchC-Vlan-interface100] ospfv3 1 area 0

[SwitchC-Vlan-interface100] quit

# On Switch D, enable OSPFv3 and specify the router ID as 4.4.4.4.

<SwitchD> system-view

[SwitchD] ospfv3

[SwitchD-ospfv3-1] router-id 4.4.4.4

[SwitchD-ospfv3-1] quit

[SwitchD] interface vlan-interface 200

[SwitchD-Vlan-interface200] ospfv3 1 area 0

[SwitchD-Vlan-interface200] quit

# Display neighbor information on Switch A. The switches have the same default DR priority 1, so Switch D (the switch with the highest router ID) is elected as the DR, and Switch C is the BDR.

[SwitchA] display ospfv3 peer

 

               OSPFv3 Process 1 with Router ID 1.1.1.1

 

 Area: 0.0.0.0

-------------------------------------------------------------------------

 Router ID       Pri State             Dead-Time InstID Interface

 2.2.2.2         1   2-Way/DROther     00:00:36  0      Vlan200

 3.3.3.3         1   Full/BDR          00:00:35  0      Vlan100

 4.4.4.4         1   Full/DR           00:00:33  0      Vlan200

# Display neighbor information on Switch D. The neighbor states are all full.

[SwitchD] display ospfv3 peer

 

               OSPFv3 Process 1 with Router ID 4.4.4.4

 

 Area: 0.0.0.0

-------------------------------------------------------------------------

 Router ID       Pri State             Dead-Time InstID Interface

 1.1.1.1         1   Full/DROther      00:00:30  0      Vlan100

 2.2.2.2         1   Full/DROther      00:00:37  0      Vlan200

 3.3.3.3         1   Full/BDR          00:00:31  0      Vlan100

3.        Configure router priorities for interfaces:

# Set the router priority of VLAN-interface 100 to 100 on Switch A.

[SwitchA] interface Vlan-interface 100

[SwitchA-Vlan-interface100] ospfv3 dr-priority 100

[SwitchA-Vlan-interface100] quit

# Set the router priority of VLAN-interface 200 to 0 on Switch B.

[SwitchB] interface vlan-interface 200

[SwitchB-Vlan-interface200] ospfv3 dr-priority 0

[SwitchB-Vlan-interface200] quit

# Set the router priority of VLAN-interface 100 to 2 on Switch C.

[SwitchC] interface Vlan-interface 100

[SwitchC-Vlan-interface100] ospfv3 dr-priority 2

[SwitchC-Vlan-interface100] quit

# Display neighbor information on Switch A. Router priorities have been updated, but the DR and BDR are not changed.

[SwitchA] display ospfv3 peer

 

               OSPFv3 Process 1 with Router ID 1.1.1.1

 

 Area: 0.0.0.0

-------------------------------------------------------------------------

 Router ID       Pri State             Dead-Time InstID Interface

 2.2.2.2         0   2-Way/DROther     00:00:36  0      Vlan200

 3.3.3.3         2   Full/BDR          00:00:35  0      Vlan200

 4.4.4.4         1   Full/DR           00:00:33  0      Vlan200

# Display neighbor information on Switch D. Switch D is still the DR.

[SwitchD] display ospfv3 peer

 

               OSPFv3 Process 1 with Router ID 4.4.4.4

 

 Area: 0.0.0.0

-------------------------------------------------------------------------

 Router ID       Pri State             Dead-Time InstID Interface

 1.1.1.1         100 Full/DROther      00:00:30  0      Vlan100

 2.2.2.2         0   Full/DROther      00:00:37  0      Vlan200

 3.3.3.3         2   Full/BDR          00:00:31  0      Vlan100

4.        Restart DR and BDR election:

# Use the shutdown and undo shutdown commands on interfaces to restart DR and BDR election. (Details not shown.)

# Display neighbor information on Switch A. The output shows that Switch C becomes the BDR.

[SwitchA] display ospfv3 peer

 

               OSPFv3 Process 1 with Router ID 1.1.1.1

 

 Area: 0.0.0.0

-------------------------------------------------------------------------

 Router ID       Pri State             Dead-Time InstID Interface

 2.2.2.2         0   Full/DROther      00:00:36  0      Vlan200

 3.3.3.3         2   Full/BDR          00:00:35  0      Vlan100

 4.4.4.4         1   Full/DROther      00:00:33  0      Vlan200

# Display neighbor information on Switch D.

[SwitchD] display ospfv3 peer

 

               OSPFv3 Process 1 with Router ID 4.4.4.4

 

 Area: 0.0.0.0

-------------------------------------------------------------------------

 Router ID       Pri State             Dead-Time InstID Interface

 1.1.1.1         100 Full/DR           00:00:30  0      Vlan100

 2.2.2.2         0   2-Way/DROther     00:00:37  0      Vlan200

 3.3.3.3         2   Full/BDR          00:00:31  0      Vlan100

The output shows that Switch A becomes the DR.

OSPFv3 route redistribution configuration example

Network requirements

As shown in Figure 4:

·          Switch A, Switch B, and Switch C are in Area 2.

·          OSPFv3 process 1 and OSPFv3 process 2 run on Switch B. Switch B communicates with Switch A and Switch C through OSPFv3 process 1 and OSPFv3 process 2.

·          Configure OSPFv3 process 2 to redistribute direct routes and the routes from OSPFv3 process 1 on Switch B, and set the default metric for redistributed routes to 3. Switch C can then learn the routes destined for 1::0/64 and 2::0/64, and Switch A cannot learn the routes destined for 3::0/64 or 4::0/64.

Figure 4 Network diagram

 

Configuration procedure

1.        Configure IPv6 addresses for interfaces. (Details not shown.)

2.        Configure basic OSPFv3:

# Enable OSPFv3 process 1 on Switch A.

<SwitchA> system-view

[SwitchA] ospfv3 1

[SwitchA-ospfv3-1] router-id 1.1.1.1

[SwitchA-ospfv3-1] quit

[SwitchA] interface vlan-interface 100

[SwitchA-Vlan-interface100] ospfv3 1 area 2

[SwitchA-Vlan-interface100] quit

[SwitchA] interface vlan-interface 200

[SwitchA-Vlan-interface200] ospfv3 1 area 2

[SwitchA-Vlan-interface200] quit

# Enable OSPFv3 process 1 and OSPFv3 process 2 on Switch B.

<SwitchB> system-view

[SwitchB] ospfv3 1

[SwitchB-ospfv3-1] router-id 2.2.2.2

[SwitchB-ospfv3-1] quit

[SwitchB] interface vlan-interface 100

[SwitchB-Vlan-interface100] ospfv3 1 area 2

[SwitchB-Vlan-interface100] quit

[SwitchB] ospfv3 2

[SwitchB-ospfv3-2] router-id 3.3.3.3

[SwitchB-ospfv3-2] quit

[SwitchB] interface vlan-interface 300

[SwitchB-Vlan-interface300] ospfv3 2 area 2

[SwitchB-Vlan-interface300] quit

# Enable OSPFv3 process 2 on Switch C.

<SwitchC> system-view

[SwitchC] ospfv3 2

[SwitchC-ospfv3-2] router-id 4.4.4.4

[SwitchC-ospfv3-2] quit

[SwitchC] interface vlan-interface 300

[SwitchC-Vlan-interface300] ospfv3 2 area 2

[SwitchC-Vlan-interface300] quit

[SwitchC] interface vlan-interface 400

[SwitchC-Vlan-interface400] ospfv3 2 area 2

[SwitchC-Vlan-interface400] quit

# Display the routing table on Switch C.

[SwitchC] display ipv6 routing-table

 

Destinations : 7 Routes : 7

 

Destination: ::1/128                                     Protocol  : Direct

NextHop    : ::1                                         Preference: 0

Interface  : InLoop0                                     Cost      : 0

 

Destination: 3::/64                                      Protocol  : Direct

NextHop    : 3::2                                        Preference: 0

Interface  : Vlan300                                     Cost      : 0

 

Destination: 3::2/128                                    Protocol  : Direct

NextHop    : ::1                                         Preference: 0

Interface  : InLoop0                                     Cost      : 0

 

Destination: 4::/64                                      Protocol  : Direct

NextHop    : 4::1                                        Preference: 0

Interface  : Vlan400                                     Cost      : 0

 

Destination: 4::1/128                                    Protocol  : Direct

NextHop    : ::1                                         Preference: 0

Interface  : InLoop0                                     Cost      : 0

 

Destination: FE80::/10                                   Protocol  : Direct

NextHop    : ::                                          Preference: 0

Interface  : NULL0                                       Cost      : 0

 

Destination: FF00::/8                                    Protocol  : Direct

NextHop    : ::                                          Preference: 0

Interface  : NULL0

3.        Configure OSPFv3 route redistribution:

# Configure OSPFv3 process 2 to redistribute direct routes and the routes from OSPFv3 process 1 on Switch B.

[SwitchB] ospfv3 2

[SwitchB-ospfv3-2] default cost 3

[SwitchB-ospfv3-2] import-route ospfv3 1

[SwitchB-ospfv3-2] import-route direct

[SwitchB-ospfv3-2] quit

# Display the routing table on Switch C.

[SwitchC] display ipv6 routing-table

 

Destinations : 9 Routes : 9

 

Destination: ::1/128                                     Protocol  : Direct

NextHop    : ::1                                         Preference: 0

Interface  : InLoop0                                     Cost      : 0

 

Destination: 1::/64                                      Protocol  : OSPFv3

NextHop    : FE80::200:CFF:FE01:1C03                     Preference: 150

Interface  : Vlan300                                     Cost      : 3

 

Destination: 2::/64                                      Protocol  : OSPFv3

NextHop    : FE80::200:CFF:FE01:1C03                     Preference: 150

Interface  : Vlan300                                     Cost      : 3

 

Destination: 3::/64                                      Protocol  : Direct

NextHop    : 3::2                                        Preference: 0

Interface  : Vlan300                                     Cost      : 0

 

Destination: 3::2/128                                    Protocol  : Direct

NextHop    : ::1                                         Preference: 0

Interface  : InLoop0                                     Cost      : 0

 

Destination: 4::/64                                      Protocol  : Direct

NextHop    : 4::1                                        Preference: 0

Interface  : Vlan400                                     Cost      : 0

 

Destination: 4::1/128                                    Protocol  : Direct

NextHop    : ::1                                         Preference: 0

Interface  : InLoop0                                     Cost      : 0

 

Destination: FE80::/10                                   Protocol  : Direct

NextHop    : ::                                          Preference: 0

Interface  : NULL0                                       Cost      : 0

 

Destination: FF00::/8                                    Protocol  : Direct

NextHop    : ::                                          Preference: 0

Interface  : NULL0

OSPFv3 route summarization configuration example

Network requirements

As shown in Figure 5:

·          Switch A, Switch B, and Switch C are in Area 2.

·          OSPFv3 process 1 and OSPFv3 process 2 run on Switch B. Switch B communicates with Switch A and Switch C through OSPFv3 process 1 and OSPFv3 process 2, respectively.

·          On Switch A, configure IPv6 addresses 2:1:1::1/64, 2:1:2::1/64, and 2:1:3::1/64 for VLAN-interface 200.

·          On Switch B, configure OSPFv3 process 2 to redistribute direct routes and the routes from OSPFv3 process 1. Switch C can then learn the routes destined for 2::/64, 2:1:1::/64, 2:1:2::/64, and 2:1:3::/64.

·          On Switch B, configure route summarization to advertise only summary route 2::/16 to Switch C.

Figure 5 Network diagram

 

Configuration procedure

1.        Configure IPv6 addresses for interfaces. (Details not shown.)

2.        Configure OSPFv3:

# Enable OSPFv3 process 1 on Switch A.

<SwitchA> system-view

[SwitchA] ospfv3 1

[SwitchA-ospfv3-1] router-id 1.1.1.1

[SwitchA-ospfv3-1] quit

[SwitchA] interface vlan-interface 100

[SwitchA-Vlan-interface100] ospfv3 1 area 2

[SwitchA-Vlan-interface100] quit

[SwitchA] interface vlan-interface 200

[SwitchA-Vlan-interface200] ipv6 address 2:1:1::1 64

[SwitchA-Vlan-interface200] ipv6 address 2:1:2::1 64

[SwitchA-Vlan-interface200] ipv6 address 2:1:3::1 64

[SwitchA-Vlan-interface200] ospfv3 1 area 2

[SwitchA-Vlan-interface200] quit

# Enable OSPFv3 process 1 and OSPFv3 process 2 on Switch B.

<SwitchB> system-view

[SwitchB] ospfv3 1

[SwitchB-ospfv3-1] router-id 2.2.2.2

[SwitchB-ospfv3-1] quit

[SwitchB] interface vlan-interface 100

[SwitchB-Vlan-interface100] ospfv3 1 area 2

[SwitchB-Vlan-interface100] quit

[SwitchB] ospfv3 2

[SwitchB-ospfv3-2] router-id 3.3.3.3

[SwitchB-ospfv3-2] quit

[SwitchB] interface vlan-interface 300

[SwitchB-Vlan-interface300] ospfv3 2 area 2

[SwitchB-Vlan-interface300] quit

# Enable OSPFv3 process 2 on Switch C.

<SwitchC> system-view

[SwitchC] ospfv3 2

[SwitchC-ospfv3-2] router-id 4.4.4.4

[SwitchC-ospfv3-2] quit

[SwitchC] interface vlan-interface 300

[SwitchC-Vlan-interface300] ospfv3 2 area 2

[SwitchC-Vlan-interface300] quit

[SwitchC] interface vlan-interface 400

[SwitchC-Vlan-interface400] ospfv3 2 area 2

[SwitchC-Vlan-interface400] quit

3.        Configure OSPFv3 route redistribution:

# Configure OSPFv3 process 2 to redistribute direct routes and the routes from OSPFv3 process 1 on Switch B.

[SwitchB] ospfv3 2

[SwitchB-ospfv3-2] import-route ospfv3 1

[SwitchB-ospfv3-2] import-route direct

[SwitchB-ospfv3-2] quit

# Display the routing table on Switch C.

[SwitchC] display ipv6 routing-table

 

Destinations : 12 Routes : 12

 

Destination: ::1/128                                     Protocol  : Direct

NextHop    : ::1                                         Preference: 0

Interface  : InLoop0                                     Cost      : 0

 

Destination: 1::/64                                      Protocol  : O_ASE2

NextHop    : FE80::200:CFF:FE01:1C03                     Preference: 150

Interface  : Vlan300                                     Cost      : 1

 

Destination: 2::/64                                      Protocol  : O_ASE2

NextHop    : FE80::200:CFF:FE01:1C03                     Preference: 150

Interface  : Vlan300                                     Cost      : 1

 

Destination: 2:1:1::/64                                  Protocol  : O_ASE2

NextHop    : FE80::200:CFF:FE01:1C03                     Preference: 150

Interface  : Vlan300                                     Cost      : 1

 

Destination: 2:1:2::/64                                  Protocol  : O_ASE2

NextHop    : FE80::200:CFF:FE01:1C03                     Preference: 150

Interface  : Vlan300                                     Cost      : 1

 

Destination: 2:1:3::/64                                  Protocol  : O_ASE2

NextHop    : FE80::200:CFF:FE01:1C03                     Preference: 150

Interface  : Vlan300                                     Cost      : 1

 

Destination: 3::/64                                      Protocol  : Direct

NextHop    : 3::2                                        Preference: 0

Interface  : Vlan300                                     Cost      : 0

 

Destination: 3::2/128                                    Protocol  : Direct

NextHop    : ::1                                         Preference: 0

Interface  : InLoop0                                     Cost      : 0

 

Destination: 4::/64                                      Protocol  : Direct

NextHop    : 4::1                                        Preference: 0

Interface  : Vlan400                                     Cost      : 0

 

Destination: 4::1/128                                    Protocol  : Direct

NextHop    : ::1                                         Preference: 0

Interface  : InLoop0                                     Cost      : 0

 

Destination: FE80::/10                                   Protocol  : Direct

NextHop    : ::                                          Preference: 0

Interface  : NULL0                                       Cost      : 0

 

Destination: FF00::/8                                    Protocol  : Direct

NextHop    : ::                                          Preference: 0

Interface  : NULL0

4.        Configure ASBR route summarization:

# On Switch B, configure OSPFv3 process 2 to advertise a single route 2::/16.

[SwitchB] ospfv3 2

[SwitchB-ospfv3-2] asbr-summary 2:: 16

[SwitchB-ospfv3-2] quit

# Display the routing table on Switch C.

[SwitchC] display ipv6 routing-table

 

Destinations : 9 Routes : 9

 

Destination: ::1/128                                     Protocol  : Direct

NextHop    : ::1                                         Preference: 0

Interface  : InLoop0                                     Cost      : 0

 

Destination: 1::/64                                      Protocol  : O_ASE2

NextHop    : FE80::200:CFF:FE01:1C03                     Preference: 150

Interface  : Vlan300                                     Cost      : 1

 

Destination: 2::/16                                      Protocol  : O_ASE2

NextHop    : FE80::200:CFF:FE01:1C03                     Preference: 150

Interface  : Vlan300                                     Cost      : 1

 

Destination: 3::/64                                      Protocol  : Direct

NextHop    : 3::2                                        Preference: 0

Interface  : Vlan300                                     Cost      : 0

 

Destination: 3::2/128                                    Protocol  : Direct

NextHop    : ::1                                         Preference: 0

Interface  : InLoop0                                     Cost      : 0

 

Destination: 4::/64                                      Protocol  : Direct

NextHop    : 4::1                                        Preference: 0

Interface  : Vlan400                                     Cost      : 0

 

Destination: 4::1/128                                    Protocol  : Direct

NextHop    : ::1                                         Preference: 0

Interface  : InLoop0                                     Cost      : 0

 

Destination: FE80::/10                                   Protocol  : Direct

NextHop    : ::                                          Preference: 0

Interface  : NULL0                                       Cost      : 0

 

Destination: FF00::/8                                    Protocol  : Direct

NextHop    : ::                                          Preference: 0

Interface  : NULL0

OSPFv3 GR configuration example

Network requirements

As shown in Figure 6:

·          Switch A, Switch B, and Switch C that reside in the same AS and the same OSPFv3 routing domain are GR capable.

·          Switch A acts as the GR restarter. Switch B and Switch C act as the GR helpers, and synchronize their LSDBs with Switch A through GR.

Figure 6 Network diagram

 

Configuration procedure

1.        Configure IPv6 addresses for interfaces. (Details not shown.)

2.        Configure basic OSPFv3:

# On Switch A, enable OSPFv3 process 1, enable GR, and set the router ID to 1.1.1.1.

<SwitchA> system-view

[SwitchA] ospfv3 1

[SwitchA-ospfv3-1] router-id 1.1.1.1

[SwitchA-ospfv3-1] graceful-restart enable

[SwitchA-ospfv3-1] quit

[SwitchA] interface vlan-interface 100

[SwitchA-Vlan-interface100] ospfv3 1 area 1

[SwitchA-Vlan-interface100] quit

# On Switch B, enable OSPFv3 and set the router ID to 2.2.2.2. (By default, GR helper is enabled on Switch B.)

<SwitchB> system-view

[SwitchB] ospfv3 1

[SwitchB-ospfv3-1] router-id 2.2.2.2

[SwitchB-ospfv3-1] quit

[SwitchB] interface vlan-interface 100

[SwitchB-Vlan-interface100] ospfv3 1 area 1

[SwitchB-Vlan-interface100] quit

# On Switch C, enable OSPFv3 and set the router ID to 3.3.3.3. (By default, GR helper is enabled on Switch C.)

<SwitchC> system-view

[SwitchC] ospfv3 1

[SwitchC-ospfv3-1] router-id 3.3.3.3

[SwitchC-ospfv3-1] quit

[SwitchC] interface vlan-interface 100

[SwitchC-Vlan-interface100] ospfv3 1 area 1

[SwitchC-Vlan-interface100] quit

Verifying the configuration

# Perform a master/backup switchover on Switch A to trigger an OSPFv3 GR operation. (Details not shown.)

# Restart OSPFv3 on Switch A to trigger an OSPFv3 GR operation. (Details not shown.)

OSPFv3 NSR configuration example

Network requirements

As shown in Figure 7, Switch S, Switch A, and Switch B belong to the same AS and OSPFv3 routing domain. Enable OSPFv3 NSR on Switch S to ensure correct routing when an active/standby switchover occurs on Switch S.

Figure 7 Network diagram

 

Configuration procedure

1.        Configure IPv6 addresses for interfaces. (Details not shown.)

2.        Configure OSPFv3:

# On Switch A, enable OSPFv3, and set the router ID to 1.1.1.1.

<SwitchA> system-view

[SwitchA] ospfv3 1

[SwitchA-ospfv3-1] router-id 1.1.1.1

[SwitchA-ospfv3-1] quit

[SwitchA] interface vlan-interface 100

[SwitchA-Vlan-interface100] ospfv3 1 area 1

[SwitchA-Vlan-interface100] quit

# On Switch B, enable OSPFv3, and set the router ID to 2.2.2.2.

<SwitchB> system-view

[SwitchB] ospfv3 1

[SwitchB-ospfv3-1] router-id 2.2.2.2

[SwitchB-ospfv3-1] quit

[SwitchB] interface vlan-interface 200

[SwitchB-Vlan-interface200] ospfv3 1 area 1

[SwitchB-Vlan-interface200] quit

# On Switch S, enable OSPFv3, set the router ID to 3.3.3.3, and enable NSR.

<SwitchS> system-view

[SwitchS] ospfv3 1

[SwitchS-ospfv3-1] router-id 3.3.3.3

[SwitchS-ospfv3-1] non-stop-routing

[SwitchS-ospfv3-1] quit

[SwitchS] interface vlan-interface 100

[SwitchS-Vlan-interface100] ospfv3 1 area 1

[SwitchS-Vlan-interface100] quit

[SwitchS] interface vlan-interface 200

[SwitchS-Vlan-interface200] ospfv3 1 area 1

[SwitchS-Vlan-interface200] quit

Verifying the configuration

# Perform an active/standby switchover on Switch S, and verify that NSR can ensure continuous traffic forwarding between Switch A and Switch B. (Details not shown.)

BFD for OSPFv3 configuration example

Network requirements

As shown in Figure 8:

·          Configure OSPFv3 on Switch A, Switch B and Switch C and configure BFD over the link Switch A<—>L2 Switch<—>Switch B.

·          After the link Switch A<—>L2 Switch<—>Switch B fails, BFD can quickly detect the failure and notify OSPFv3 of the failure. Then Switch A and Switch B communicate through Switch C.

Figure 8 Network diagram

 

Table 1 Interface and IP address assignment

Device

Interface

IPv6 address

Switch A

Vlan-int10

2001::1/64

Switch A

Vlan-int11

2001:2::1/64

Switch B

Vlan-int10

2001::2/64

Switch B

Vlan-int13

2001:3::2/64

Switch C

Vlan-int11

2001:2::2/64

Switch C

Vlan-int13

2001:3::1/64

 

Configuration procedure

1.        Configure IPv6 addresses for the interfaces. (Details not shown.)

2.        Configure basic OSPFv3:

# On Switch A, enable OSPFv3 and specify the router ID as 1.1.1.1.

<SwitchA> system-view

[SwitchA] ospfv3

[SwitchA-ospfv3-1] router-id 1.1.1.1

[SwitchA-ospfv3-1] quit

[SwitchA] interface vlan-interface 10

[SwitchA-Vlan-interface10] ospfv3 1 area 0

[SwitchA-Vlan-interface10] quit

[SwitchA] interface vlan-interface 11

[SwitchA-Vlan-interface11] ospfv3 1 area 0

[SwitchA-Vlan-interface11] quit

# On Switch B, enable OSPFv3 and specify the router ID as 2.2.2.2.

<SwitchB> system-view

[SwitchB] ospfv3

[SwitchB-ospfv3-1] router-id 2.2.2.2

[SwitchB-ospfv3-1] quit

[SwitchB] interface vlan-interface 10

[SwitchB-Vlan-interface10] ospfv3 1 area 0

[SwitchB-Vlan-interface10] quit

[SwitchB] interface vlan-interface 13

[SwitchB-Vlan-interface13] ospfv3 1 area 0

[SwitchB-Vlan-interface13] quit

# On Switch C, enable OSPFv3 and configure the router ID as 3.3.3.3.

<SwitchC> system-view

[SwitchC] ospfv3

[SwitchC-ospfv3-1] router-id 3.3.3.3

[SwitchC-ospfv3-1] quit

[SwitchC] interface vlan-interface 11

[SwitchC-Vlan-interface11] ospfv3 1 area 0

[SwitchC-Vlan-interface11] quit

[SwitchC] interface vlan-interface 13

[SwitchC-Vlan-interface13] ospfv3 1 area 0

[SwitchC-Vlan-interface13] quit

3.        Configure BFD:

# Enable BFD and configure BFD parameters on Switch A.

[SwitchA] bfd session init-mode active

[SwitchA] interface vlan-interface 10

[SwitchA-Vlan-interface10] ospfv3 bfd enable

[SwitchA-Vlan-interface10] bfd min-transmit-interval 500

[SwitchA-Vlan-interface10] bfd min-receive-interval 500

[SwitchA-Vlan-interface10] bfd detect-multiplier 7

[SwitchA-Vlan-interface10] return

# Enable BFD and configure BFD parameters on Switch B.

[SwitchB] bfd session init-mode active

[SwitchB] interface vlan-interface 10

[SwitchB-Vlan-interface10] ospfv3 bfd enable

[SwitchB-Vlan-interface10] bfd min-transmit-interval 500

[SwitchB-Vlan-interface10] bfd min-receive-interval 500

[SwitchB-Vlan-interface10] bfd detect-multiplier 6

Verifying the configuration

# Display the BFD information on Switch A.

<SwitchA> display bfd session

 

 Total Session Num: 1            Init Mode: Active

 

 IPv6 Session Working Under Ctrl Mode:

 

     Local Discr: 1441                Remote Discr: 1450

       Source IP: FE80::20F:FF:FE00:1202 (link-local address of VLAN-interface 10 on Switch A)

  Destination IP: FE80::20F:FF:FE00:1200 (link-local address of VLAN-interface 10 on Switch B)

   Session State: Up                     Interface: Vlan10

       Hold Time: 2319ms

# Display routes destined for 2001:4::0/64 on Switch A.

<SwitchA> display ipv6 routing-table 2001:4::0 64

 

Summary Count : 1

 

Destination: 2001:4::/64                                 Protocol  : O_INTRA

NextHop    : FE80::20F:FF:FE00:1200                      Preference: 10

Interface  : Vlan10                                      Cost      : 1

The output information shows that Switch A communicates with Switch B through VLAN-interface 10. The link over VLAN-interface 10 fails.

# Display routes to 2001:4::0/64 on Switch A.

<SwitchA> display ipv6 routing-table 2001:4::0 64

 

Summary Count : 1

 

Destination: 2001:4::/64                                 Protocol  : O_INTRA

NextHop    : FE80::BAAF:67FF:FE27:DCD0                   Preference: 10

Interface  : Vlan11                                      Cost      : 2

The output shows that Switch A communicates with Switch B through VLAN-interface 11.

OSPFv3 IPsec profile configuration example

Network requirements

As shown in Figure 9, all switches run OSPFv3, and the AS is divided into two areas.

Configure IPsec profiles on the switches to authenticate and encrypt protocol packets.

Figure 9 Network diagram

 

Configuration procedure

1.        Configure IPv6 addresses for interfaces. (Details not shown.)

2.        Configure OSPFv3 basic functions:

# On Switch A, enable OSPFv3 and specify the router ID as 1.1.1.1.

<SwitchA> system-view

[SwitchA] ospfv3 1

[SwitchA-ospfv3-1] router-id 1.1.1.1

[SwitchA-ospfv3-1] quit

[SwitchA] interface vlan-interface 200

[SwitchA-Vlan-interface200] ospfv3 1 area 1

[SwitchA-Vlan-interface200] quit

# On Switch B, enable OSPFv3 and specify the router ID as 2.2.2.2.

<SwitchB> system-view

[SwitchB] ospfv3 1

[SwitchB-ospfv3-1] router-id 2.2.2.2

[SwitchB-ospfv3-1] quit

[SwitchB] interface vlan-interface 100

[SwitchB-Vlan-interface100] ospfv3 1 area 0

[SwitchB-Vlan-interface100] quit

[SwitchB] interface vlan-interface 200

[SwitchB-Vlan-interface200] ospfv3 1 area 1

[SwitchB-Vlan-interface200] quit

# On Switch C, enable OSPFv3 and specify the router ID as 3.3.3.3.

<SwitchC> system-view

[SwitchC] ospfv3 1

[SwitchC-ospfv3-1] router-id 3.3.3.3

[SwitchC-ospfv3-1] quit

[SwitchC] interface vlan-interface 100

[SwitchC-Vlan-interface100] ospfv3 1 area 0

[SwitchC-Vlan-interface100] quit

3.        Configure OSPFv3 IPsec profiles:

¡  On Switch A:

# Create an IPsec transform set named trans.

[SwitchA] ipsec transform-set trans

# Specify the encapsulation mode as transport.

[SwitchA-ipsec-transform-set-trans] encapsulation-mode transport

# Specify the ESP encryption and authentication algorithms.

[SwitchA-ipsec-transform-set-trans] esp encryption-algorithm 3des-cbc

[SwitchA-ipsec-transform-set-trans] esp authentication-algorithm md5

# Specify the AH authentication algorithm.

[SwitchA-ipsec-transform-set-trans] ah authentication-algorithm md5

[SwitchA-ipsec-transform-set-trans] quit

# Create a manual IPsec profile named profile001.

[SwitchA] ipsec profile profile001 manual

# Reference IPsec transform set trans.

[SwitchA-ipsec-profile-profile001-manual] transform-set trans

# Configure the inbound and outbound SPIs for AH.

[SwitchA-ipsec-profile-profile001-manual] sa spi inbound ah 111111111

[SwitchA-ipsec-profile-profile001-manual] sa spi outbound ah 111111111

# Configure the inbound and outbound SPIs for ESP.

[SwitchA-ipsec-profile-profile001-manual] sa spi inbound esp 200000

[SwitchA-ipsec-profile-profile001-manual] sa spi outbound esp 200000

# Configure the inbound and outbound SA keys for AH.

[SwitchA-ipsec-profile-profile001-manual] sa string-key inbound ah simple abc

[SwitchA-ipsec-profile-profile001-manual] sa string-key outbound ah simple abc

# Configure the inbound and outbound SA keys for ESP.

[SwitchA-ipsec-profile-profile001-manual] sa string-key inbound esp simple 123

[SwitchA-ipsec-profile-profile001-manual] sa string-key outbound esp simple 123

[SwitchA-ipsec-profile-profile001-manual] quit

¡  On Switch B:

# Create an IPsec transform set named trans.

[SwitchB] ipsec transform-set trans

# Specify the encapsulation mode as transport.

[SwitchB-ipsec-transform-set-trans] encapsulation-mode transport

# Specify the ESP encryption and authentication algorithms.

[SwitchB-ipsec-transform-set-trans] esp encryption-algorithm 3des-cbc

[SwitchB-ipsec-transform-set-trans] esp authentication-algorithm md5

# Specify the AH authentication algorithm.

[SwitchB-ipsec-transform-set-trans] ah authentication-algorithm md5

[SwitchB-ipsec-transform-set-trans] quit

# Create a manual IPsec profile named profile001.

[SwitchB] ipsec profile profile001 manual

# Reference IPsec transform set trans.

[SwitchB-ipsec-profile-profile001-manual] transform-set trans

# Configure the inbound and outbound SPIs for AH.

[SwitchB-ipsec-profile-profile001-manual] sa spi inbound ah 111111111

[SwitchB-ipsec-profile-profile001-manual] sa spi outbound ah 111111111

# Configure the inbound and outbound SPIs for ESP.

[SwitchB-ipsec-profile-profile001-manual] sa spi inbound esp 200000

[SwitchB-ipsec-profile-profile001-manual] sa spi outbound esp 200000

# Configure the inbound and outbound SA keys for AH.

[SwitchB-ipsec-profile-profile001-manual] sa string-key inbound ah simple abc

[SwitchB-ipsec-profile-profile001-manual] sa string-key outbound ah simple abc

# Configure the inbound and outbound SA keys for ESP.

[SwitchB-ipsec-profile-profile001-manual] sa string-key inbound esp simple 123

[SwitchB-ipsec-profile-profile001-manual] sa string-key outbound esp simple 123

[SwitchB-ipsec-profile-profile001-manual] quit

# Create a manual IPsec profile named profile002.

[SwitchB] ipsec profile profile002 manual

# Reference IPsec transform set trans.

[SwitchB-ipsec-profile-profile002-manual] transform-set trans

# Configure the inbound and outbound SPIs for AH.

[SwitchB-ipsec-profile-profile002-manual] sa spi inbound ah 4294967295

[SwitchB-ipsec-profile-profile002-manual] sa spi outbound ah 4294967295

# Configure the inbound and outbound SPIs for ESP.

[SwitchB-ipsec-profile-profile002-manual] sa spi inbound esp 256

[SwitchB-ipsec-profile-profile002-manual] sa spi outbound esp 256

# Configure the inbound and outbound SA keys for AH.

[SwitchB-ipsec-profile-profile002-manual] sa string-key inbound ah simple hello

[SwitchB-ipsec-profile-profile002-manual] sa string-key outbound ah simple hello

# Configure the inbound and outbound SA keys for ESP.

[SwitchB-ipsec-profile-profile002-manual] sa string-key inbound esp simple byebye

[SwitchB-ipsec-profile-profile002-manual] sa string-key outbound esp simple byebye

[SwitchB-ipsec-profile-profile002-manual] quit

¡  On Switch C:

# Create an IPsec transform set named trans.

[SwitchC] ipsec transform-set trans

# Specify the encapsulation mode as transport.

[SwitchC-ipsec-transform-set-trans] encapsulation-mode transport

# Specify the ESP encryption and authentication algorithms.

[SwitchC-ipsec-transform-set-trans] esp encryption-algorithm 3des-cbc

# Specify the AH authentication algorithm.

[SwitchC-ipsec-transform-set-trans] esp authentication-algorithm md5

[SwitchC-ipsec-transform-set-trans] ah authentication-algorithm md5

[SwitchC-ipsec-transform-set-trans] quit

# Create a manual IPsec profile named profile002.

[SwitchC] ipsec profile profile002 manual

# Reference IPsec transform set trans.

[SwitchC-ipsec-profile-profile002-manual] transform-set trans

# Configure the inbound and outbound SPIs for AH.

[SwitchC-ipsec-profile-profile002-manual] sa spi inbound ah 4294967295

[SwitchC-ipsec-profile-profile002-manual] sa spi outbound ah 4294967295

# Configure the inbound and outbound SPIs for ESP.

[SwitchC-ipsec-profile-profile002-manual] sa spi inbound esp 256

[SwitchC-ipsec-profile-profile002-manual] sa spi outbound esp 256

# Configure the inbound and outbound SA keys for AH.

[SwitchC-ipsec-profile-profile002-manual] sa string-key inbound ah simple hello

[SwitchC-ipsec-profile-profile002-manual] sa string-key outbound ah simple hello

# Configure the inbound and outbound SA keys for ESP.

[SwitchC-ipsec-profile-profile002-manual] sa string-key inbound esp simple byebye

[SwitchC-ipsec-profile-profile002-manual] sa string-key outbound esp simple byebye

[SwitchC-ipsec-profile-profile002-manual] quit

4.        Apply the IPsec profiles to areas:

# Configure Switch A.

[SwitchA] ospfv3 1

[SwitchA-ospfv3-1] area 1

[SwitchA-ospfv3-1-area-0.0.0.1] enable ipsec-profile profile001

[SwitchA-ospfv3-1-area-0.0.0.1] quit

[SwitchA-ospfv3-1] quit

# Configure Switch B.

[SwitchB] ospfv3 1

[SwitchB-ospfv3-1] area 0

[SwitchB-ospfv3-1-area-0.0.0.0] enable ipsec-profile profile002

[SwitchB-ospfv3-1-area-0.0.0.0] quit

[SwitchB-ospfv3-1] area 1

[SwitchB-ospfv3-1-area-0.0.0.1] enable ipsec-profile profile001

[SwitchB-ospfv3-1-area-0.0.0.1] quit

[SwitchB-ospfv3-1] quit

# Configure Switch C.

[SwitchC] ospfv3 1

[SwitchC-ospfv3-1] area 0

[SwitchC-ospfv3-1-area-0.0.0.0] enable ipsec-profile profile002

[SwitchC-ospfv3-1-area-0.0.0.0] quit

[SwitchC-ospfv3-1] quit

Verifying the configuration

# Verify that OSPFv3 packets between Switches A, B, and C are protected by IPsec. (Details not shown.)