H3C S3600 Series Ethernet Switches Operation Manual-Release 1510(V1.04)

HomeSupportSwitchesH3C S3600 Switch SeriesConfigure & DeployConfiguration GuidesH3C S3600 Series Ethernet Switches Operation Manual-Release 1510(V1.04)
17-Routing Protocol Operation
Title Size Download
17-Routing Protocol Operation 712 KB

Table of Contents

Chapter 1 IP Routing Protocol Overview.. 1-1

1.1 Introduction to IP Route and Routing Table. 1-1

1.1.1 IP Route and Route Segment 1-1

1.1.2 Route Selection through the Routing Table. 1-2

1.2 Routing Management Policy. 1-4

1.2.1 Routing Protocols and Preferences. 1-4

1.2.2 Traffic Sharing and Route Backup. 1-5

1.2.3 Routes Shared Between Routing Protocols. 1-6

Chapter 2 Static Route Configuration. 2-1

2.1 Introduction to Static Route. 2-1

2.1.1 Static Route. 2-1

2.1.2 Default Route. 2-2

2.2 Static Route Configuration. 2-2

2.2.1 Configuration Prerequisites. 2-2

2.2.2 Configuring a Static Route. 2-2

2.3 Displaying the Routing Table. 2-3

2.4 Static Route Configuration Example. 2-4

2.5 Troubleshooting a Static Route. 2-5

Chapter 3 RIP Configuration. 3-1

3.1 RIP Overview. 3-1

3.1.1 Basic Concepts. 3-1

3.1.2 RIP Startup and Operation. 3-2

3.2 RIP Configuration Tasks. 3-3

3.3 Basic RIP Configuration. 3-4

3.3.1 Configuration Prerequisites. 3-4

3.3.2 Configuring Basic RIP Functions. 3-4

3.4 RIP Route Control 3-6

3.4.1 Configuration Prerequisites. 3-6

3.4.2 Configuring RIP Route Control 3-6

3.5 RIP Network Adjustment and Optimization. 3-10

3.5.1 Configuration Prerequisites. 3-10

3.5.2 Configuration Tasks. 3-10

3.6 Displaying and Maintaining RIP Configuration. 3-13

3.7 RIP Configuration Example. 3-13

3.8 Troubleshooting RIP Configuration. 3-14

Chapter 4 OSPF Configuration. 4-1

4.1 OSPF Overview. 4-1

4.1.1 Introduction to OSPF. 4-1

4.1.2 OSPF Route Calculation. 4-2

4.1.3 Basic OSPF Concepts. 4-2

4.1.4 OSPF Network Type. 4-4

4.1.5 OSPF Packets. 4-6

4.1.6 LSA Types. 4-7

4.1.7 OSPF Features. 4-8

4.2 OSPF Configuration Tasks. 4-9

4.3 Basic OSPF Configuration. 4-10

4.3.1 Configuration Prerequisites. 4-10

4.3.2 Basic OSPF Configuration. 4-10

4.4 OSPF Area Attribute Configuration. 4-12

4.4.1 Configuration Prerequisites. 4-12

4.4.2 Configuring OSPF Area Attributes. 4-13

4.5 OSPF Network Type Configuration. 4-13

4.5.1 Configuration Prerequisites. 4-14

4.5.2 Configuring the Network Type of an OSPF Interface. 4-14

4.5.3 Configuring an NBMA Neighbor 4-15

4.5.4 Configuring the DR Priority on an OSPF Interface. 4-15

4.6 OSPF Route Control 4-16

4.6.1 Configuration Prerequisites. 4-16

4.6.2 Configuring OSPF Route Summary. 4-16

4.6.3 Configuring OSPF to Filter Received Routes. 4-17

4.6.4 Configuring the Cost for Sending Packets on an OSPF Interface. 4-18

4.6.5 Configuring OSPF Route Priority. 4-18

4.6.6 Configuring the Maximum Number of OSPF Equal-Cost Routes. 4-18

4.6.7 Configuring OSPF to Import External Routes. 4-19

4.7 OSPF Network Adjustment and Optimization. 4-20

4.7.1 Configuration Prerequisites. 4-20

4.7.2 Configuring OSPF Timers. 4-21

4.7.3 Configuring the LSA transmission delay. 4-22

4.7.4 Configuring the SPF Calculation Interval 4-22

4.7.5 Disabling OSPF Packet Transmission on an Interface. 4-23

4.7.6 Configuring OSPF Authentication. 4-24

4.7.7 Configuring to Fill the MTU Field When an Interface Transmits DD Packets. 4-24

4.7.8 Enabling OSPF Logging. 4-25

4.7.9 Configuring OSPF Network Management System (NMS) 4-25

4.8 Displaying and Maintaining OSPF Configuration. 4-26

4.9 OSPF Configuration Example. 4-28

4.9.1 Configuring DR Election Based on OSPF Priority. 4-28

4.9.2 Configuring OSPF Virtual Link. 4-30

4.10 Troubleshooting OSPF Configuration. 4-31

Chapter 5 IP Routing Policy Configuration. 5-1

5.1 IP Routing Policy Overview. 5-1

5.2 IP Routing Policy Configuration Tasks. 5-2

5.3 Route-Policy Configuration. 5-3

5.3.1 Configuration Prerequisites. 5-3

5.3.2 Defining a Route-Policy. 5-3

5.3.3 Defining if-match Clauses and apply Clauses. 5-4

5.4 ip-prefix Configuration. 5-5

5.4.1 Configuration Prerequisites. 5-6

5.4.2 Configuring an ip-prefix list 5-6

5.5 Displaying IP Routing Policy. 5-7

5.6 IP Routing Policy Configuration Example. 5-7

5.6.1 Configuring to Filter Received Routing Information. 5-7

5.7 Troubleshooting IP Routing Policy. 5-9

Chapter 6 Route Capacity Configuration. 6-1

6.1 Route Capacity Configuration Overview. 6-1

6.1.1 Introduction. 6-1

6.1.2 Route Capacity Limitation on the S3600 Series. 6-1

6.2 Route Capacity Configuration. 6-2

6.2.1 Configuring the Lower Limit and the Safety Value of the Switch Memory. 6-2

6.2.2 Enabling/Disabling Automatic Protocol Recovery. 6-2

6.3 Displaying Route Capacity Configuration. 6-3

 


Chapter 1  IP Routing Protocol Overview

 

&  Note:

When running a routing protocol, the Ethernet switch also functions as a router. The word “router” and the router icons covered in the following text represent routers in common sense and Ethernet switches running a routing protocol.

This manual deals with the S3600-EI series switches. The ospf, ospf-ase, and ospf-nssa commands are supported by the S3600-EI series, but not supported by the S3600-SI series. This will not be mentioned again in this manual.

 

1.1  Introduction to IP Route and Routing Table

1.1.1  IP Route and Route Segment

Routers are used for route selection on the Internet. As a router receives a packet, it selects an appropriate route (through a network) according to the destination address of the packet and forwards the packet to the next router. The last router on the route is responsible for delivering the packet to the destination host.

A route segment is a common physical network interconnecting two nodes, which are deemed adjacent on the Internet. That is, two routers connected to the same physical network are adjacent to each other. The number of route segments between a router and any host on the local network is zero. In the following figure, the bold arrows represent route segments. A router is not concerned about which physical links compose a route segment. As shown in Figure 1-1, a packet sent from Host A to Host C travels through two routers over three route segments (along the broken line).

Figure 1-1 Route segment

The number of route segments on the path between a source and destination can be used to measure the "length" of the path. As the sizes of networks may differ greatly, the actual length of router segments may be different from each other. Therefore, you can put different weights to different route segments (so that, for example, a route segment can be considered as two segments if the weight is two). In this way, the length of the path can be measure by the number of weighted route segments.

If routers in networks are regarded as nodes in networks and route segments in the Internet are regarded as links in the Internet, routing in the Internet is similar to that in a conventional network.

Routing through the shortest route is not always the most ideal way. For example, routing across three high-speed LAN route segments may be much faster than routing across two low-speed WAN route segments.

1.1.2  Route Selection through the Routing Table

The key for a router to forward packets is the routing table. Each router maintains a routing table. Each entry in this table contains an IP address that represents a host/subnet and specifies which physical port on the router should be used to forward the packets destined for the host/subnet. And the router forwards those packets through this port to the next router or directly to the destination host if the host is on a network directly connected to the router.

Each entry in a routing table contains:

l           Destination address: It identifies the address of the destination host or network of an IP packet.

l           Network mask: Along with the destination address, it identifies the address of the network segment where the destination host or router resides. By performing “logical AND” between destination address and network mask, you can get the address of the network segment where the destination host or router resides. For example, if the destination address is 129.102.8.10 and the mask is 255.255.0.0, the address of the network segment where the destination host or router resides is 129.102.0.0. A mask consists of some consecutive 1s, represented either in dotted decimal notation or by the number of the consecutive 1s in the mask.

l           Output interface: It indicates through which interface IP packets should be forwarded to reach the destination.

l           Next hop address: It indicates the next router that IP packets will pass through to reach the destination.

l           Preference of the route added to the IP routing table: There may be multiple routes with different next hops to the same destination. These routes may be discovered by different routing protocols, or be manually configured static routes. The one with the highest preference (the smallest numerical value) will be selected as the current optimal route.

According to different destinations, routes fall into the following categories:

l           Subnet route: The destination is a subnet.

l           Host route: The destination is a host.

In addition, according to whether the network where the destination resides is directly connected to the router, routes fall into the following categories:

l           Direct route: The router is directly connected to the network where the destination resides.

l           Indirect route: The router is not directly connected to the network where the destination resides.

In order to avoid an oversized routing table, you can set a default route. All the packets for which the router fails to find a matching entry in the routing table will be forwarded through this default route.

Figure 1-2 shows a relatively complicated internet environment, the number in each network cloud indicate the network address and "R" represents a router. The router R8 is connected to three networks, and so it has three IP addresses and three physical ports. Its routing table is shown in Figure 1-2.

Figure 1-2 Routing table

The H3C S3600 Series Ethernet Switches (hereinafter referred to as S3600 series) support the configuration of static routes as well as a series of dynamic routing protocols such as RIP and OSPF. Moreover, the switches in operation can automatically obtain some direct routes according to interface status and user configuration.

1.2  Routing Management Policy

On an S3600 Ethernet switch, you can manually configure a static route to a certain destination, or configure a dynamic routing protocol to make the switch interact with other routers in the internetwork and find routes by routing algorithm. On an S3600 Ethernet switch, the static routes configured by the user and the dynamic routes discovered by routing protocols are managed uniformly. The static routes and the routes learned or configured by different routing protocols can also be shared among routing protocols.

1.2.1  Routing Protocols and Preferences

Different routing protocols may discover different routes to the same destination, but only one route among these routes and the static routes is optimal. In fact, at any given moment, only one routing protocol can determine the current route to a specific destination. Routing protocols (including static routing) are endowed with different preferences. When there are multiple routing information sources, the route discovered by the routing protocol with the highest preference will become the current route. Routing protocols and their default route preferences (the smaller the value is, the higher the preference is) are shown in Table 1-1.

In the table, “0” is used for directly connected routes, and “255” is used for routes from untrusted sources.

Table 1-1 Routing protocols and corresponding route preferences

Routing protocol or route type

Preference of the corresponding route

DIRECT

0

OSPF

10

STATIC

60

RIP

100

OSPF ASE

150

OSPF NSSA

150

UNKNOWN

255

 

Except for direct routing, you can manually configure the preferences of various dynamic routing protocols as required. In addition, you can configure different preferences for different static routes.

1.2.2  Traffic Sharing and Route Backup

I. Traffic sharing

The S3600 series support multi-route mode, allowing the configuration of multiple routes that reach the same destination and have the same preference. The same destination can be reached through multiple different routes, whose preferences are equal. When there is no route with a higher preference to the same destination, the multiple routes will be adopted. Then, the packets destined for the same destination will be forwarded through these routes in turn to implement traffic sharing.

II. Route backup

The S3600 series support route backup. When the primary route fails, the system automatically switches to a backup route to improve network reliability.

To achieve route backup, you can configure multiple routes to the same destination according to actual situation. One of the routes has the highest preference and is called primary route. The other routes have descending preferences and are called backup routes. Normally, the router sends data through the primary route. When line failure occurs on the primary route, the primary route will hide itself and the router will choose the one whose preference is the highest among the remaining backup routes as the path to send data. In this way, the switchover from the primary route to a backup route is implemented. When the primary route recovers, the router will restore it and re-select a route. And, as the primary route has the highest preference, the router will choose the primary route to send data. This process is the automatic switchover from the backup route to the primary route.

1.2.3  Routes Shared Between Routing Protocols

As the algorithms of various routing protocols are different, different routing protocols may discover different routes. This brings about the problem of how to share the discovered routes between routing protocols. The S3600 series can import (with the import-route command) the routes discovered by one routing protocol to another routing protocol. Each protocol has its own route redistribution mechanism. For details, see section 3.4.2  VII. "Configuring RIP to import routes” and section 4.6.7  "Configuring OSPF to Import External Routes".

 


Chapter 2  Static Route Configuration

 

&  Note:

When running a routing protocol, the Ethernet switch also functions as a router. The word “router” and the router icons covered in the following text represent routers in common sense and Ethernet switches running a routing protocol.

 

2.1  Introduction to Static Route

2.1.1  Static Route

Static routes are special routes. They are manually configured by the administrator. By configuring static routes, you can build an interconnecting network. The problem for such configuration is when a fault occurs on the network, a static route cannot change automatically to steer away from the fault point without the help of the administrator.

In a relatively simple network, you only need to configure static routes to make routers work normally. Proper configuration and usage of static routes can improve network performance and ensure sufficient bandwidth for important applications.

Static routes are divided into three types:

l           Reachable route: normal route. If a static route to a destination is of this type, the IP packets destined for this destination will be forwarded to the next hop. It is the most common type of static routes.

l           Unreachable route: route with the "reject" attribute. If a static route to a destination has the "reject" attribute, all the IP packets destined for this destination will be discarded, and the source hosts will be informed of the unreachability of the destination.

l           Blackhole route: route with “blackhole” attribute. If a static route destined for a destination has the “blackhole” attribute, the outgoing interface of this route is the Null 0 interface regardless of the next hop address, and all the IP packets addressed to this destination will be dropped without notifying the source hosts.

The attributes "reject" and "blackhole" are usually used to limit the range of the destinations this router can reach, and help troubleshoot the network.

2.1.2  Default Route

A default route is a special route. You can manually configure a default route by using a static route. Some dynamic routing protocols, such as OSPF, can automatically generate a default route.

Simply to say, a default route is a route used only when no matching entry is found in the routing table. That is, the default route is used only when there is no proper route. In a routing table, both the destination address and mask of the default route are 0.0.0.0. You can use the display ip routing-table command to view whether the default route has been set. If the destination address of a packet does not match any entry in the routing table, the router will select the default route for the packet; in this case, if there is no default route, the packet will be discarded, and an Internet control message protocol (ICMP) packet will be returned to inform the source host that the destination host or network is unreachable.

2.2  Static Route Configuration

2.2.1  Configuration Prerequisites

Before configuring a static route, perform the following tasks:

l           Configuring the physical parameters of the related interface

l           Configuring the link layer attributes of the related interface

l           Configuring an IP address for the related interface

2.2.2  Configuring a Static Route

Table 2-1 Configure a static route

Operation

Command

Description

Enter system view

system-view

Add a static route

ip route-static ip-address { mask | mask-length } { interface-type interface-number | next-hop } [ preference value ] [ reject | blackhole ] [ description text | detect-group group number ]*

Required

By default, the system can obtain the route to the subnet directly connected to the router.

Delete all static routes

delete static-routes all

Optional

This command deletes all static routes, including the default route.

 

&  Note:

l      If the destination IP address and the mask of a route are both 0.0.0.0, the route is the default route. Any packet for which the router fails to find a matching entry in the routing table will be forwarded through the default route.

l      Do not configure the next hop address of a static route to the address of an interface on the local switch.

l      Different preferences can be configured to implement flexible route management policy.

 

2.3  Displaying the Routing Table

After the above configuration, use the display command in any view to display and verify the static route configuration.

Table 2-2 Display the routing table

Operation

Command

Description

Display routing table summary

display ip routing-table

You can execute the display command in any view.

 Display routing table details

display ip routing-table verbose

Display the detailed information of a specific route

display ip routing-table ip-address [ mask ] [ longer-match ] [ verbose ]

Display the routes in a specified address range

display ip routing-table ip-address1 mask1 ip-address2 mask2 [ verbose ]

Display the routes discovered by a specified protocol

display ip routing-table protocol protocol [ inactive | verbose ]

Display the tree-structured routing table information

display ip routing-table radix

Display the statistics of the routing table

display ip routing-table statistics

 

2.4  Static Route Configuration Example

I. Network requirements

As shown in Figure 2-1, the masks of all the IP addresses in the figure are 255.255.255.0. It is required that all the hosts/Ethernet switches in the figure can interconnect with each other by configuring static routes.

II. Network diagram

Figure 2-1 Static route configuration

III. Configuration procedure

Perform the following steps on the switch:

# Configure static routes on SwitchA.

[SwitchA] ip route-static 1.1.3.0 255.255.255.0 1.1.2.2

[SwitchA] ip route-static 1.1.4.0 255.255.255.0 1.1.2.2

[SwitchA] ip route-static 1.1.5.0 255.255.255.0 1.1.2.2

# Configure static routes on SwitchB.

[SwitchB] ip route-static 1.1.2.0 255.255.255.0 1.1.3.1

[SwitchB] ip route-static 1.1.5.0 255.255.255.0 1.1.3.1

[SwitchB] ip route-static 1.1.1.0 255.255.255.0 1.1.3.1

# Configure static routes on SwitchC.

[SwitchC] ip route-static 1.1.1.0 255.255.255.0 1.1.2.1

[SwitchC] ip route-static 1.1.4.0 255.255.255.0 1.1.3.2

Perform the following steps on the host:

# Configure the default gateway of Host A to 1.1.5.1. Detailed configuration procedure is omitted.

# Configure the default gateway of Host B to 1.1.4.1. Detailed configuration procedure is omitted.

# Configure the default gateway of Host C to 1.1.1.1. Detailed configuration procedure is omitted.

Now, all the hosts/switches in the figure can interconnect with each other.

2.5  Troubleshooting a Static Route

Symptom: The switch is not configured with a dynamic routing protocol. Both the physical status and the link layer protocol status of an interface are UP, but IP packets cannot be normally forwarded on the interface.

Solution: Perform the following procedure.

Use the display ip routing-table protocol static command to view whether the corresponding static route is correctly configured.

Use the display ip routing-table command to view whether the static route is valid.

 


Chapter 3  RIP Configuration

 

&  Note:

When running a routing protocol, the Ethernet switch also functions as a router. The word “router” and the router icons covered in the following text represent routers in common sense and Ethernet switches running a routing protocol.

 

3.1  RIP Overview

Routing information protocol (RIP) is a simple interior gateway protocol (IGP) suitable for small-sized networks.

3.1.1  Basic Concepts

I. RIP

RIP is a distance-vector (D-V) algorithm-based protocol. It exchanges routing information through UDP packets.

RIP uses hop count (also called routing cost) to measure the distance to a destination address. In RIP, the hop count from a router to its directly connected network is 0, and that to a network which can be reached through another router is 1, and so on. To restrict the time to converge, RIP prescribes that the cost is an integer ranging from 0 and 15. The hop count equal to or exceeding 16 is defined as infinite; that is, the destination network or host is unreachable.

To improve performance and avoid routing loop, RIP supports split horizon. Besides, RIP can import routes from other routing protocols.

II. RIP routing database

Each router running RIP manages a routing database, which contains routing entries to all the reachable destinations in the internetwork. Each routing entry contains the following information:

l           Destination address: IP address of a host or network.

l           Next hop address: IP address of an interface on the adjacent router that IP packets should pass through to reach the destination.

l           Interface: Interface on this router, through which IP packets should be forwarded to reach the destination.

l           Cost: Cost for the router to reach the destination.

l           Routing time: Time elapsed after the routing entry is updated last time. This time is reset to 0 whenever the routing entry is updated.

III. RIP timers

As defined in RFC 1058, RIP is controlled by three timers: Period update, Timeout, and Garbage-collection.

l           Period update timer: This timer is used to periodically trigger routing information update so that the router can send all RIP routes to all the neighbors.

l           Timeout timer: If a RIP route is not updated (that is, the switch does not receive any routing update packet from the neighbor) within the timeout time of this timer, the route is considered unreachable.

l           Garbage-collection timer: An unreachable route will be completely deleted from the routing table if no update packet for the route is received from the neighbor before this timer times out.

3.1.2  RIP Startup and Operation

The whole process of RIP startup and operation is as follows:

l           Once RIP is enabled on a router, the router broadcasts or multicasts a request packet to its neighbors. Upon receiving the packet, each neighbor running RIP answers a response packet containing its routing table information.

l           When this router receives a response packet, it modifies its local routing table and sends an update triggering packet to the neighbor. Upon receiving the update triggering packet, the neighbor sends the packet to all its neighbors. After a series of update triggering processes, each router can get and keep the updated routing information.

l           By default, RIP sends its routing table to its neighbors every 30 seconds. Upon receiving the packets, the neighbors maintain their own routing tables and select optimal routes, and then advertise update information to their respective neighbors so as to make the updated routes known globally. Furthermore, RIP uses the timeout mechanism to handle the timeout routes to ensure real-time and valid routes.

RIP is commonly used by most IP router suppliers. It can be used in most campus networks and the regional networks that are simple and less disperse. For larger and more complicated networks, RIP is not recommended.

3.2  RIP Configuration Tasks

Table 3-1 RIP configuration tasks

Configuration task

Description

Related section

Configuring basic RIP functions

Enabling RIP

Required

Section 3.3.2  I. Enabling RIP globally and on the interface of a specified network segment

Setting the RIP operating status on an interface

Optional

Section 3.3.2  II. Setting the RIP operating status on an interface

Specifying a RIP version

Optional

Section 3.3.2  III. Specifying the RIP version on an interface

Configuring RIP route control

Setting the additional routing metrics of an interface

Optional

Section 3.4.2  I. Setting the additional routing metrics of an interface

Configuring RIP route summary

Optional

Section 3.4.2  II. Configuring RIP route summary

Disabling the receiving of host routes

Optional

Section 3.4.2  III. Disabling the receiving of host routes

Configuring RIP to filter incoming/outgoing routes

Optional

Section 3.4.2  IV. Configuring RIP to filter incoming/outgoing routes

Setting RIP preference

Optional

Section 3.4.2  V. Setting RIP preference

Enabling traffic to be forwarded along multiple equivalent RIP routes

Optional

Section3.4.2  VI. Enabling traffic to be forwarded along multiple equivalent RIP routes

Configuring RIP to import routes from another protocol

Optional

Section 3.4.2  VII. Configuring RIP to import routes from another protocol

Adjusting and optimizing a RIP network

Configuring RIP timers

Optional

Section 3.5.2  I. Configuring RIP timers

Configuring split horizon

Optional

Section 3.5.2  II. Configuring split horizon

Configuring RIP-1 packet zero field check

Optional

Section 3.5.2  III. Configuring RIP-1 packet zero field check

Setting RIP-2 packet authentication mode

Optional

Section 3.5.2  IV. Setting RIP-2 packet authentication mode

Configuring a RIP neighbor

Optional

Section 3.5.2  V. Configuring a RIP neighbor

Displaying and debugging RIP

Optional

Section 3.6  Displaying and Maintaining RIP Configuration

 

3.3  Basic RIP Configuration

3.3.1  Configuration Prerequisites

Before configuring basic RIP functions, perform the following tasks:

l           Configuring the link layer protocol

l           Configuring the network layer addresses of interfaces so that adjacent nodes are reachable to each other at the network layer

3.3.2  Configuring Basic RIP Functions

I. Enabling RIP globally and on the interface of a specified network segment

Table 3-2 Enable RIP globally and on the interface of a specified network segment

Operation

Command

Description

Enter system view

system-view

Enable RIP globally and enter RIP view

rip

Required

Enable RIP on the interface of a specified network segment

network network-address

Required

By default, RIP is disabled on any interface.

 

&  Note:

 

II. Setting the RIP operating status on an interface

Table 3-3 Setting the RIP operating status on an interface

Operation

Command

Description

Enter system view

system-view

Enter interface view

interface interface-type interface-number

Enable the interface to receive RIP update packets

rip input

Optional

By default, all interfaces are allowed to send and receive RIP packets.

Enable the interface to send RIP update packets

rip output

Run RIP on the interface

rip work

 

III. Specifying the RIP version on an interface

Table 3-4 Specify the RIP version on an interface

Operation

Command

Description

Enter system view

system-view

Enter interface view

interface interface-type interface-number

Specify RIP version on the interface

rip version { 1 | 2 [ broadcast | multicast ] }

Optional

By default, the interface can receive RIP-1 and RIP-2 broadcast packets but send only RIP-1 packets. When specifying the RIP version on an interface as RIP-2, you can also specify the mode (broadcast or multicast) to send RIP packets.

 

3.4  RIP Route Control

In actual implementation, it may be needed to control RIP routing information more accurately to accommodate complex network environments. By performing the configuration described in the following sections, you can:

l           Control route selection by adjusting additional routing metrics on interfaces running RIP.

l           Reduce the size of the routing table by setting route summary and disabling the receiving of host routes.

l           Filter the received routes.

l           Set the preference of RIP to change the preference order of routing protocols. This order makes sense when more than one route to the same destination is discovered by multiple routing protocols.

l           Import external routes in an environment with multiple routing protocols and filter the advertised routes.

3.4.1  Configuration Prerequisites

Before configuring RIP route control, perform the following tasks:

l           Configuring network layer addresses of interfaces so that adjacent nodes are reachable to each other at the network layer

l           Configuring basic RIP functions

3.4.2  Configuring RIP Route Control

I. Setting the additional routing metrics of an interface

Additional routing metric is the routing metric (hop count) added to the original metrics of RIP routes on an interface. It does not change the metric value of a RIP route in the routing table, but will be added for incoming or outgoing RIP routes on the interface.

Table 3-5 Set additional routing metric

Operation

Command

Description

Enter system view

system-view

Enter interface view

interface interface-type interface-number

Set the additional routing metric to be added for incoming RIP routes on this interface

rip metricin value

Optional

By default, the additional routing metric added for incoming routes on an interface is 0.

Set the additional routing metric to be added for outgoing RIP routes on this interface

rip metricout value

Optional

By default, the additional routing metric added for outgoing routes on an interface is 1.

 

&  Note:

The rip metricout command takes effect only on the RIP routes learnt by the router and the RIP routes generated by the router itself, but the command is invalid for any route imported to RIP from other routing protocols.

 

II. Configuring RIP route summary

Route summary means that different subnet routes in the same natural network segment can be aggregated into one route with a natural mask for transmission to another network segment. This function is used to reduce the routing traffic on the network as well as to reduce the size of the routing table.

Route summary does not work for RIP-1. RIP-2 supports route summary. When it is needed to advertise all subnet routes, you can disable the function for RIP-2.

Table 3-6 Configure RIP route summary

Operation

Command

Description

Enter system view

system-view

Enter RIP view

rip

Enable RIP-2 automatic route summary

summary

Optional

By default, RIP-2 automatic route summary is enabled.

 

III. Disabling the receiving of host routes

In some special cases, the router can receive a lot of host routes from the same segment, and these routes are of little help in route addressing but consume a lot of network resources. After host route receiving is disabled, a router can refuse any incoming host route.

Table 3-7 Disable the receiving of host route

Operation

Command

Description

Enter system view

system-view

Enter RIP view

rip

Disable the receiving of host routes

undo host-route

Optional

By default, the router receives host routes.

 

IV. Configuring RIP to filter incoming/outgoing routes

The route filtering function provided by a router enables you to configure inbound/outbound filter policy by specifying an ACL or address prefix list to make RIP filter incoming/outgoing routes. Besides, you can configure RIP to receive only the RIP packets from a specific neighbor.

Table 3-8 Configure RIP to filter incoming/outgoing routes

Operation

Command

Description

Enter system view

system-view

Enter RIP view

rip

Configure RIP to filter incoming routes

filter-policy { acl-number | ip-prefix ip-prefix-name [ gateway ip-prefix-name ] | route-policy route-policy-name } import

Required

By default, RIP does not filter any incoming route.

The gateway keyword is used to filter the incoming routes advertised from a specified address.

filter-policy gateway ip-prefix-name import

Configure RIP to filter outgoing routes

filter-policy { acl-number | ip-prefix ip-prefix-name } export [ routing-protocol ]

Required

By default, RIP does not filter any outgoing route.

filter-policy route-policy route-policy-name export

 

&  Note:

l      The filter-policy import command filters the RIP routes received from neighbors, and the routes being filtered out will neither be added to the routing table nor be advertised to any neighbors.

l      The filter-policy export command filters all the routes to be advertised, including the routes imported by using the import-route command as well as RIP routes learned from neighbors.

l      The filter-policy export command without the routing-protocol argument filters all the routes to be advertised, including the routes imported by the import-route command.

 

V. Setting RIP preference

Table 3-9 Set RIP preference

Operation

Command

Description

Enter system view

system-view

Enter RIP view

rip

Set the RIP preference

preference value

Optional

The default RIP preference is 100.

 

VI. Enabling traffic to be forwarded along multiple equivalent RIP routes

Table 3-10 Enable traffic to be forwarded along multiple equivalent RIP routes

Operation

Command

Description

Enter system view

system-view

Enter RIP view

rip

Enable traffic forwarded along multiple equivalent RIP routes

traffic-share-across-interface

Optional

By default, traffic-share-across-interface is disabled

 

VII. Configuring RIP to import routes from another protocol

Table 3-11 Configure RIP to import routes from another protocol

Operation

Command

Description

Enter system view

system-view

Enter RIP view

rip

Set the default cost for RIP to import routes from other protocols

default cost value

Optional

When you use the import-route command without specifying the cost of imported routes, the default cost you set here will be used.

Configure RIP to import routes from another protocol

import-route protocol [ process-id ] [ cost value | route-policy route-policy-name ]*

Optional

The process-id parameter is used only for importing OSPF routes

 

3.5  RIP Network Adjustment and Optimization

In some special network environments, some RIP features need to be configured and RIP network performance needs to be adjusted and optimized. By performing the configuration mentioned in this section, the following can be implemented:

l           Changing the convergence speed of RIP network by adjusting RIP timers,

l           Avoiding routing loop by configuring split horizon,

l           Packet validation in network environments with high security requirements, and

l           Configuring RIP feature on an interface or link with special requirements.

3.5.1  Configuration Prerequisites

Before adjusting RIP, perform the following tasks:

l           Configuring the network layer addresses of interfaces so that adjacent nodes are reachable to each other at the network layer

l           Configuring basic RIP functions

3.5.2  Configuration Tasks

I. Configuring RIP timers

Table 3-12 Configure RIP timers

Operation

Command

Description

Enter system view

system-view

Enter RIP view

rip

Set the values of RIP timers

timers { update update-timer | timeout timeout-timer } *

Optional

By default, Update timer value is 30 seconds and Timeout timer value is 180 seconds.

 

&  Note:

When configuring the values of RIP timers, you should take network performance into consideration and perform consistent configuration on all routers running RIP to avoid unnecessary network traffic and network route oscillation.

 

II. Configuring split horizon

Table 3-13 Configure split horizon

Operation

Command

Description

Enter system view

system-view

Enter interface view

interface interface-type interface-number

Enable split horizon

rip split-horizon

Optional

By default, an interface uses split horizon to send RIP packets.

 

Split horizon cannot be disabled on a point-to-point link.

 

III. Configuring RIP-1 packet zero field check

Table 3-14 Configure RIP-1 packet zero field check

Operation

Command

Description

Enter system view

system-view

Enter RIP view

rip

Enable zero field check of RIP-1 packets

checkzero

Optional

By default, zero field check is performed on RIP-1 packets.

 

&  Note:

Some fields in a RIP-1 packet must be 0, and they are known as zero fields. For RIP-1, zero field check is performed on incoming packets, those RIP-1 packets with nonzero value in a zero filed will not be processed further. As a RIP-2 packet has no zero fields, this configuration is invalid for RIP-2.

 

IV. Setting RIP-2 packet authentication mode

RIP-2 supports two authentication modes: simple authentication and MD5 authentication.

Simple authentication cannot provide complete security, because the authentication keys sent along with packets that are not encrypted. Therefore, simple authentication cannot be applied where high security is required.

Table 3-15 Set RIP-2 packet authentication mode

Operation

Command

Description

Enter system view

system-view

Enter interface view

interface interface-type interface-number

Set RIP-2 packet authentication mode

rip authentication-mode { simple password | md5 { rfc2453 key-string | rfc2082 key-string key-id } }

Required

If you specify to use MD5 authentication, you must specify one of the following MD5 authentication types:

rfc2453 (this type supports the packet format defined in RFC 2453)

rfc2082 (this type supports the packet format defined in RFC 2082)

 

V. Configuring a RIP neighbor

Table 3-16 Configure a RIP neighbor

Operation

Command

Description

Enter system view

system-view

Enter RIP view

rip

Configure a RIP neighbor

peer ip-address

Required

To make RIP to work on a link that does not support broadcast/multicast packets, you must manually configure the RIP neighbor.

Normally, RIP uses broadcast or multicast addresses to send packets.

 

3.6  Displaying and Maintaining RIP Configuration

After the above configuration, you can use the display command in any view to display the running status of RIP and verify the RIP configuration. You can use the reset command in RIP view to reset the system configuration related to RIP.

Table 3-17 Display and debug RIP configuration

Operation

Command

Description

Display the current RIP running status and configuration information

display rip

 You can execute the display command in any view.

Display RIP interface information

display rip interface

Display RIP routing information

display rip routing

Reset the system configuration related to RIP

reset

You can use this command in RIP view.

 

3.7  RIP Configuration Example

I. Network requirements

As shown in Figure 3-1, SwitchC is connected to subnet 117.102.0.0 through an Ethernet port. SwitchA and SwitchB are connected to networks 155.10.1.0 and 196.38.165.0 respectively through Ethernet ports. SwitchC, SwitchA and SwitchB are interconnected through Ethernet 110.11.2.0. It is required to configure RIP correctly to ensure the interworking between the networks connected to SwitchC, SwitchA and SwitchB.

II. Network diagram

Figure 3-1 RIP configuration

III. Configuration procedure

 

&  Note:

Only the configuration related to RIP is listed below. Before the following configuration, make sure the Ethernet link layer works normally and the IP addresses of VLAN interfaces are configured correctly.

 

1)         Configure SwitchA:

# Configure RIP.

<SwitchA> system-view

[SwitchA] rip

[SwitchA-rip] network 110.11.2.0

[SwitchA-rip] network 155.10.1.0

2)         Configure SwitchB:

# Configure RIP.

<SwitchB> system-view

[SwitchB] rip

[SwitchB-rip] network 196.38.165.0

[SwitchB-rip] network 110.11.2.0

3)         Configure SwitchC:

# Configure RIP.

<SwitchC> system-view

[SwitchC-rip] network 117.102.0.0

[SwitchC-rip] network 110.11.2.0

3.8  Troubleshooting RIP Configuration

Symptom: The Ethernet switch cannot receive any RIP update packet when the physical connection between the switch and the peer routing device is normal.

Solution: RIP is not enabled on the corresponding interface (for example, the undo rip work command is executed on the interface) or RIP is not enabled by the network command on the interface. The peer routing device is configured to work in the multicast mode (for example, the rip version 2 multicast command is executed) but the multicast mode is not configured on the corresponding interface of this switch.

 


Chapter 4  OSPF Configuration

 

&  Note:

When running a routing protocol, the Ethernet switch also functions as a router. The words “router” and the router icons covered in the following text represent routers in common sense and Ethernet switches running a routing protocol.

Among S3600 series, only S3600-EI series support OSPF protocol.

 

4.1  OSPF Overview

4.1.1  Introduction to OSPF

Open shortest path first (OSPF) is a link state-based interior gateway protocol developed by IETF. At present, OSPF version 2 (RFC 2328) is used, which has the following features:

l           High applicability: OSPF supports networks of various sizes and can support up to several hundred routers.

l           Fast convergence: OSPF can transmit update packets immediately after the network topology changes so that the change can be synchronized in the autonomous system (AS).

l           Loop-free: Since OSPF calculates routes with the shortest path tree algorithm according to the collected link states, it guarantees that no loop routes will be generated from the algorithm basis.

l           Area partition: OSPF allows an autonomous system network to be divided into different areas for convenient management so that routing information transmitted between the areas is abstracted further, thereby reducing network bandwidth consumption.

l           Equivalent route: OSPF supports multiple equivalent routes to the same destination.

l           Routing hierarchy: OSPF has a four-level routing hierarchy. It prioritizes the routes as intra-area, inter-area, external type-1, and external type-2 routes.

l           Authentication: OSPF supports interface-based packet authentication to guarantee the security of route calculation.

l           Multicast transmission: OSPF supports transmitting protocol packets in multicast mode.

4.1.2  OSPF Route Calculation

Taking no account of area partition, the routing calculation process of the OSPF protocol is as follows:

l           Each OSPF-capable router maintains a link state database (LSDB), which describes the topology of the whole AS. According to the network topology around itself, each router generates a link state advertisement (LSA). Routers on the network exchange LSAs with each other by transmitting protocol packets. Thus, each router receives the LSAs of other routers and all these LSAs form the LSDB of the router.

l           An LSA describes the network topology around a router, whereas an LSDB describes the network topology of the whole network. Routers can easily transform the LSDB to a weighted directed map, which actually reflects the topology of the whole network. Obviously, all routers get exactly the same map.

l           A router uses the shortest path first (SPF) algorithm to calculate the shortest path tree with itself as the root. The tree shows the routes to the nodes in the autonomous system. External routes are leaf nodes, which are marked with the routers from which they are advertised to record information outside the AS. Obviously, the routing tables obtained by different routers are different.

Furthermore, to enable individual routers to broadcast their local status information (such as available interface information and reachable neighbor information) to the whole AS, routers in the AS should establish neighboring relationship among them. In this case, the route changes on any router will result in multiple transmissions, which are unnecessary and waste the precious bandwidth resources. To solve this problem, designated router (DR) and backup designated router (BDR) are defined in OSPF. For details about DR and BDR, see section 4.1.4  III. "DR and BDR".

OSPF supports interface-based packet authentication to guarantee the security of route calculation. In addition, it transmits and receives packets in multicast (224.0.0.5 and 224.0.0.6).

4.1.3  Basic OSPF Concepts

I. Router ID

To run OSPF, a router must have a router ID. A router ID can be configured manually. If no router ID is configured, the system will automatically select an IP address from the IP addresses of the interfaces as the router ID. A router ID is selected in the following way: if loopback interface addresses are configured, the system chooses the latest configured IP address as the router ID; if no loopback interface is configured, the first configured IP address among the IP addresses of other interfaces will be the router ID.

II. Area

If all the routers on an ever-growing huge network run OSPF, the large number of routers will result in an enormous LSDB, which will consume an enormous storage space, complicate the running of SPF algorithm, and increase CPU load. Furthermore, as a network grows larger, it is more potential to have changes in the network topology. Hence, the network will often be in “flapping”, and a great number of OSPF packets will be generated and transmitted in the network. This will lower the network bandwidth utilization. In addition, each change will cause all the routers on the network re-perform route calculation.

OSPF solves the above-mentioned problem by dividing an AS into multiple areas. Areas group routers logically. A router on the border of an area belongs to more than one area. A router connecting the backbone area to a non-backbone area is called an area border router (ABR). An ABR can connect to the backbone area physically or logically.

Area partition in OSPF reduces the number of LSAs in the network and enhances OSPF scalability. To further reduce routing table size and the number of LSAs in some non-backbone areas on the edge of the AS, you can configure these areas as stub areas.

A stub area cannot import any external route. For this reason the concept NSSA area (not-so-stubby area) is introduced. In an NSSA area, type 7 LSAs are allowed to be propagated. A type 7 LSA is generated by an ASBR (autonomous system boundary router) in a NSSA area. A type 7 LSA reaching an ABR in the NSSA area is transformed into an AS-external LSA, which is then advertised to other areas.

III. Backbone area and virtual link

Backbone Area

With OSPF area partition, not all areas are equal. One of the areas is different from any other area. Its area ID is 0 and it is usually called the backbone area.

Virtual link

Since all areas must be connected to the backbone area, the concept virtual link is introduced to maintain logical connectivity between the backbone area and any other area physically separated from the backbone area.

IV. Route summary

After an AS is divided into different areas that are interconnected through OSPF ABRs, The routing information between areas can be reduced through route summary. This reduces the size of routing tables and improves the calculation speed of routers.

After an ABR in an area calculates the intra-area routes in the area, the ABR aggregates multiple OSPF routes into one LSA (based on the summary configuration) and sends the LSA outside the area.

For example, in Figure 4-1, there are three intra-area routes in Area 19: 19.1.1.0/24, 19.1.2.0/24, and 19.1.3.0/24. If route summary is configured, the three routes are aggregated into one route 19.1.0.0/16, and only one corresponding LSA, which describes the route after summary, is generated on RTA.

Figure 4-1 Area partition and route aggregation

4.1.4  OSPF Network Type

I. Four OSPF network types

OSPF divides networks into four types by link layer protocols:

l           Broadcast: If Ethernet or FDDI is adopted, OSPF defaults the network type to broadcast. In a broadcast network, protocol packets are sent in multicast (224.0.0.5 and 224.0.0.6) by default.

l           Non-broadcast multi-access (NBMA): If Frame Relay, ATM, or X.25 is adopted, OSPF defaults the network type to NBMA. In an NBMA network, protocol packets are sent in unicast.

l           Point-to-multipoint (P2MP): OSPF will not default the network type of any link layer protocol to P2MP. A P2MP network must be compulsorily changed from another network type. The common practice is to change an NBMA network into a P2MP network. In a P2MP network, protocol packets are sent in multicast (224.0.0.5).

l           Point-to-point (P2P): If PPP or HDLC is adopted, OSPF defaults the network type to P2P. In a P2P network, protocol packets are sent in multicast (224.0.0.5).

II. Principles for configuring an NBMA network

An NBMA network is a non-broadcast and multi-accessible network. ATM and frame relay networks are typical NBMA networks.

Some special configurations need to be done on an NBMA network. In an NBMA network, an OSPF router cannot discover an adjacent router by broadcasting Hello packets. Therefore, you must manually specify an IP address for the adjacent router and whether the adjacent router has the right to vote for a DR.

An NBMA network must be fully connected. That is, any two routers in the network must be directly reachable to each other through a virtual circuit. If two routers in the network are not directly reachable to each other, you must configure the corresponding interface type to P2MP. If a router in the network has only one peer, you can change the corresponding interface type to P2P.

The differences between NBMA and P2MP are as follows:

l           An NBMA network is fully connected, non-broadcast, and multi-accessible, whereas a P2MP network is not necessarily fully connected.

l           DR and BDR are required to be elected on an NBMA network but not on a P2MP network.

l           NBMA is a default network type. A P2MP network, however, must be compulsorily changed from another network type. The more common practice is to change an NBMA network into a P2MP network.

l           NBMA sends protocol packets in unicast and neighbors should be configured manually, while P2MP sends protocol packets in multicast.

III. DR and BDR

In a broadcast network or an NBMA network, routing information needs to be transmitted between any two routers. If there are n routers in the network, n x (n-1)/2 adjacencies need to be established. In this case, the route changes on any router will result in multiple transmissions, which waste bandwidth. To solve this problem, DR is defined in OSPF so that all routers send information to the DR only and the DR broadcasts the network link states in the network.

If the DR fails, a new DR must be elected and synchronized with the other routers on the network. The process takes quite a long time; in the process, route calculation is incorrect. To shorten the process, BDR is introduced in OSPF.

In fact, a BDR provides backup for a DR. DR and BDR are elected at the same time. Adjacencies are also established between the BDR and all the other routers on the segment, and routing information is also exchanged between them. Once the DR becomes invalid, the BDR becomes a DR. Since no re-election is needed and the adjacencies already exist, the switchover process is very short. Now, a new BDR should be elected. Although this election process will also take quite a long time, route calculation will not be affected.

Neither neighboring relationship is established nor routing information is exchanged between DR Others (routers other than DR and BDR). This reduces the number of adjacencies among routers on the broadcast or NBMA network.

In Figure 4-2, the solid lines represent physical Ethernet connections and the dotted lines represent adjacencies established. The figure shows that, with the DR/BDR mechanism adopted, seven adjacencies suffice among the five routers.

Figure 4-2 DR and BDR

IV. DR/BDR election

Instead of being manually configured, DR and BDR are elected by all the routers on the current network segment. The priority of a router interface determines the qualification of the interface in DR/BDR election. All the routers with DR priorities greater than 0 in the current network segment are eligible "candidates".

Hello packets serve as the "votes" in the election. Each router writes the DR it selects to the Hello packet and sends the packet to each router running OSPF in the network segment. If two routers on the same network segment declare themselves to be the DR, the one with the highest DR priority will be preferred. If their priorities are the same, the one with greater router ID will be preferred. A router whose DR priority is 0 can neither be elected as the DR nor be elected as the BDR.

Note the following points:

l           DR election is required for broadcast or NBMA interfaces but is not required for P2P or P2MP interfaces.

l           DR is based on the router interfaces in a certain segment. A router may be a DR on an interface and a BDR or DR Other on another interface.

l           If a new router is added after DR and BDR election, the router does not become the DR immediately even if it has the highest DR priority.

l           The DR on a network segment is not necessarily the router with the highest priority. Likewise, the BDR is not necessarily the router with the second-highest priority.

4.1.5  OSPF Packets

OSPF uses five types of packets:

I. Hello packet:

Hello packets are most commonly used OSPF packets, which are periodically sent by a router to its neighbors. A Hello packet contains the values of some timers, the DR, the BDR and the known peers.

II. DD packet:

When two routers synchronize their databases, they use database description (DD) packets to describe their own LSDBs, including the digest of each LSA. The digest refers to the HEAD of an LSA which uniquely identifies the LSA. This reduces the size of traffic transmitted between the routers because the HEAD of an LSA only occupies a small portion of the LSA. With the HEAD, the peer router can judge whether it has the LSA or not.

III. LSR packet:

After exchanging DD packets, the two routers know which LSAs of the peer router are lacked in the local LSDB, and send link state request (LSR) packets requesting for the lacked LSAs to the peer. These LSR packets contain the digest of the needed LSAs.

IV. LSU packet:

Link state update (LSU) packets are used to transmit the needed LSAs to the peer router. An LSU packet is a collection of multiple LSAs (complete LSAs, not LSA digest).

V. LSAck packet

Link state acknowledgment (LSAck) packets are used to acknowledge received LSU packets. An LSAck contains the HEAD(s) of LSA(s) to be acknowledged (one LSAck packet can acknowledge multiple LSAs).

4.1.6  LSA Types

I. Five basic LSA types

As described in the preceding sections, LSAs are the primary source for OSPF to calculate and maintain routes. RFC 2328 defines five types of LSAs:

l           Router-LSA: Type-1 LSAs, generated by every router to describe the router's link states and costs and advertised only in the area where the router resides.

l           Network-LSA: Type-2 LSAs, generated by the DRs of broadcast or NBMA network to describe the link states of the current network segment and are advertised only in the area where the DRs reside.

l           Summary-LSA: Type-3 and Type-4 LSAs, generated by ABRs and advertised in the areas associated with the LSAs. Each Summary-LSA describes a route to a destination in another area of the AS (also called inter-area route).Type-3 Summary-LSAs are for routes to networks (that is, their destinations are segments), while Type-4 Summary-LSAs are for routes to ASBRs.

l           AS-external-LSA: Type-5 LSA, also called ASE LSA, generated by ASBRs to describe the routes to other ASs and advertised to the whole AS (excluding stub areas). The default AS route can also be described by AS-external-LSAs.

II. Type-7 LSAs

In RFC 1587 (OSPF NSSA Option), Type-7 LSA, a new LSA type, is added.

As described in RFC 1587, Type-7 LSAs and Type-5 LSAs mainly differ in the following two ways:

l           Type-7 LSAs are generated and advertised in an NSSA, where Type-5 LSAs will not be generated or advertised.

l           Type-7 LSAs can only be advertised in an NSSA area. When Type-7 LSAs reach an ABR, the ABR can convert part of the routing information carried in the Type-7 LSAs into Type-5 LSAs and advertise the Type-5 LSAs. Type-7 LSAs are not directly advertised to other areas (including the backbone area).

4.1.7  OSPF Features

S3600 series support the following OSPF features:

l           Stub area: Stub area is defined to reduce the cost for the routers in the area to receive ASE routes.

l           NSSA area: NSSA area is defined to remove the limit on the topology in a stub area.

l           OSPF multi-process: Multiple OSPF processes can be run on a router.

l           Sharing discovered routing information with other dynamic routing protocols: At present, OSPF supports importing the routes of other dynamic routing protocols (such as RIP), and static routes as OSPF external routes into the AS to which the router belongs. In addition, OSPF supports advertising the routing information it discovered to other routing protocols.

l           Authentication key: OSPF supports the authentication of the packets between neighboring routers in the same area by using one of the two methods: plain text authentication key and MD5 authentication key.

l           Flexible configuration of router interface parameters: For a router interface, you can configure the following OSPF parameters: output cost, Hello interval, retransmission interval, interface transmission delay, route priority, dead time for a neighboring router, and packet authentication mode and authentication key.

l           Virtual link: Virtual links can be configured.

4.2  OSPF Configuration Tasks

Table 4-1 OSPF configuration tasks

Configuration task

Description

Related section

Basic OSPF configuration

Required

4.3 

OSPF area attribute configuration

Optional

4.4 

OSPF network type configuration

Configuring the network type of an OSPF interface

Optional

4.5.2 

Configuring an NBMA neighbor

Optional

4.5.3 

Configuring the DR priority on an OSPF interface

Optional

4.5.4 

OSPF route control

Configuring OSPF route summary

Optional

4.6.2 

Configuring OSPF to filter received routes

Optional

4.6.3 

Configuring the cost for sending packets on an OSPF interface

Optional

4.6.4 

Configuring OSPF route priority

Optional

4.6.5 

Configuring the maximum number of OSPF equal-cost routes

Optional

4.6.6 

Configuring OSPF to import external routes

Optional

4.6.7 

OSPF network adjustment and optimization

Configuring OSPF timers

Optional

4.7.2 

Configuring the LSA transmission delay

Optional

4.7.3 

Configuring the SPF calculation interval

Optional

4.7.4 

Disabling OSPF packet transmission on an interface

Optional

4.7.5 

Configuring OSPF authentication

Optional

4.7.6 

Configuring to fill the MTU field when an interface transmits DD packets

Optional

4.7.7 

Enabling OSPF logging

Optional

4.7.8 

Configuring OSPF network management system (NMS)

Optional

4.7.9 

Displaying and maintaining OSPF configuration

4.8 

 

4.3  Basic OSPF Configuration

Before you can configure other OSPF features, you must first enable OSPF and specify the interface and area ID.

4.3.1  Configuration Prerequisites

Before configuring OSPF, perform the following tasks:

l           Configuring the link layer protocol

l           Configuring the network layer addresses of interfaces so that the adjacent nodes are reachable to each other at the network layer

4.3.2  Basic OSPF Configuration

Basic OSPF configuration includes:

l           Configuring router ID

To ensure stable OSPF operation, you should determine the division of router IDs and manually configure them when implementing network planning. When you configure router IDs manually, make sure each router ID is uniquely used by one router in the AS. A common practice is to set the router ID to the IP address of an interface on the router.

l           Enabling OSPF

Comware supports multiple OSPF processes. To enable multiple OSPF processes on a router, you need to specify different process IDs. OSPF process ID is only locally significant; it does not affect the packet exchange between an OSPF process and other routers. Therefore, packets can be exchanged between routers with different OSPF processes IDs.

l           Configuring an area and the network segments in the area. You need to plan areas in an AS before performing the corresponding configurations on each router.

When configuring the routers in the same area, please note that most configurations should be uniformly made based on the area. Wrong configuration may disable information transmission between neighboring routers and even lead to congestion or self-loop of routing information.

Table 4-2 Basic OSPF configuration

Operation

Command

Description

Enter system view

system-view

Configure the router ID

router id router-id

Optional

If multiple OSPF processes run on a router, you are recommended to use the router-id keyword in the ospf command to specify different router IDs for different processes.

Enable OSPF and enter OSPF view

ospf [ process-id [ router-id router-id ] ]

Required

Enter OSPF view.

Enter OSPF area view

area area-id

Required

Configure the network segments in the area

network address wildcard-mask

Required

By default, an interface does not belong to any area.

 

&  Note:

l      In router ID selection, the priorities of the router IDs configured with the ospf [ process-id [ router-id router-id ] ] command, the router id command, and the priorities of the router IDs automatically selected are in a descending order.

l      Router IDs can be re-selected. A re-selected router ID takes effect only after the OSPF process is restarted.

l      The ospf [ process-id [ router-id router-id ] ] command is recommended for configuring router IDs manually.

l      The ID of an OSPF process or OSPF multi-instance is unique. That is, the ID of OSPF multi-instance must be different from any in-use process ID.

l      One segment can belong to only one area and you must specify each OSPF interface to belong to a particular area.

 

4.4  OSPF Area Attribute Configuration

Area partition in OSPF reduces the number of LSAs in the network and enhances OSPF scalability. To further reduce routing table size and the number of LSAs in some non-backbone areas on the edge of the AS, you can configure these areas as stub areas.

A stub area cannot import any external route. For this reason the concept of NSSA area is introduced. Type7 LSAs can be advertised in an NSSA area. Type7 LSAs are generated by ASBRs of the NSSA area, and will be transformed into AS-external LSAs whey reaching ABRs in the NSSA area, which will then be advertised to other areas.

After area partition, the OSPF route updates between non-backbone areas are exchanged by way of the backbone area. Therefore, OSPF requires that all the non-backbone areas should keep connectivity with the backbone area and the backbone area must keep connectivity in itself.

If the physical connectivity cannot be ensured due to various restrictions, you can configure OSPF virtual links to satisfy this requirement.

4.4.1  Configuration Prerequisites

Before configuring OSPF area attributes, perform the following tasks:

l           Configuring the network layer addresses of interfaces so that the adjacent nodes are reachable to each other at the network layer

l           Performing basic OSPF configuration

4.4.2  Configuring OSPF Area Attributes

Table 4-3 Configure OSPF area attributes

Operation

Command

Description

Enter system view

system-view

Enter OSPF view

ospf [ process-id [ router-id router-id ] ]

Enter OSPF area view

area area-id

Configure the current area to be a stub area

stub [ no-summary ]

Optional

By default, no area is configured as a stub area.

Configure the current area to be an NSSA area

nssa [ default-route-advertise | no-import-route | no-summary ]*

Optional

By default, no area is configured as an NSSA area.

Configure the cost of the default route transmitted by OSPF to a stub or NSSA area

default-cost cost

Optional

This can be configured on an ABR only. By default, the cost of the default route to a stub or NSSA area is 1.

Create and configure a virtual link

vlink-peer router-id [ hello seconds | retransmit seconds | trans-delay seconds | dead seconds | simple password | md5 keyid key ]*

Optional

For a virtual link to take effect, you need to use this command at both ends of the virtual link and ensure consistent configurations of the hello, dead, and other parameters at both ends.

 

&  Note:

l      You must use the stub command on all the routers connected to a stub area to configure the area with the stub attribute.

l      You must use the nssa command on all the routers connected to an NSSA area to configure the area with the NSSA attribute.

 

4.5  OSPF Network Type Configuration

OSPF divides networks into four types by link layer protocol. See section 4.1.4  "OSPF Network Type". An NBMA network must be fully connected. That is, any two routers in the network must be directly reachable to each other through a virtual circuit. However, in many cases, this cannot be implemented and you need to use a command to change the network type forcibly.

Configure the interface type as P2MP if not all the routers are directly accessible on an NBMA network. Change the interface type to P2P if the router has only one peer on the NBMA network.

In addition, when configuring a broadcast network or NBMA network, you can also specify DR priority for each interface to control the DR/BDR selection in the network. Thus, the router with higher performance and reliability can be selected as a DR or BDR.

4.5.1  Configuration Prerequisites

Before configuring the network type of an OSPF interface, perform the following tasks:

l           Configuring the network layer address of the interface so that the adjacent node is reachable at network layer

l           Performing basic OSPF configuration

4.5.2  Configuring the Network Type of an OSPF Interface

Table 4-4 Configure the network type of an OSPF interface

Operation

Command

Description

Enter system view

system-view

Enter interface view

interface interface-type interface-number

Configure the network type of the OSPF interface

ospf network-type { broadcast | nbma | p2mp | p2p }

Optional

By default, the network type of an interface depends on the physical interface.

 

&  Note:

l      After an interface has been configured with a new network type, the original network type of the interface is removed automatically.

l      Note that, neighboring relationship can be established between two interfaces configured as broadcast, NBMA, or P2MP only if the interfaces are on the same network segment.

 

4.5.3  Configuring an NBMA Neighbor

Some special configurations need to be done on an NBMA network. Since an NBMA interface cannot discover the adjacent router by broadcasting Hello packets, you must manually specify the IP address of the adjacent router for the interface and whether the adjacent router has the right to vote.

Table 4-5 Configure NBMA neighbor

Operation

Command

Description

Enter system view

system-view

Enter OSPF view

ospf [ process-id [ router-id router-id ] ]

Required

Configure an NBMA neighbor

peer ip-address [ dr-priority dr-priority ]

Required

By default, the priority for the neighbor of an NBMA interface is 1.

 

4.5.4  Configuring the DR Priority on an OSPF Interface

You can control the DR/BDR election on a broadcast or NBMA network by configuring the DR priorities of interfaces.

Table 4-6 Configure the DR priority on an OSPF interface

Operation

Command

Description

Enter system view

system-view

Enter interface view

interface interface-type interface-number

Required

Configure the DR priority on the OSPF interface

ospf dr-priority priority

Optional

The default DR priority is 1.

 

&  Note:

 

4.6  OSPF Route Control

Perform the following configurations to control the advertisement and reception of the routing information discovered by OSPF and import routing information discovered by other protocols.

4.6.1  Configuration Prerequisites

Before configuring OSPF route control, perform the following tasks:

l           Configuring the network layer addresses of interfaces so that the adjacent nodes are reachable to each other at the network layer

l           Completing basic OSPF configuration

l           Configuring filter list to filter routing information

4.6.2  Configuring OSPF Route Summary

The configuration of OSPF route summary includes:

l           Configuring ABR route summary,

l           Configuring ASBR route summary for imported routes.

Table 4-7 Configure ABR route summary

Operation

Command

Description

Enter system view

system-view

Enter OSPF view

ospf [ process-id [ router-id router-id ] ]

Required

Enter area view

area area-id

Required

Enable ABR route summary

abr-summary ip-address mask [ advertise | not-advertise ]

Required

This command takes effect only when it is configured on an ABR. By default, this function is disabled on an ABR.

 

Table 4-8 Configure ASBR route summary

Operation

Command

Description

Enter system view

system-view

Enter OSPF view

ospf [ process-id [ router-id router-id ] ]

Required

Enable ASBR route summary

asbr-summary ip-address mask [ not-advertise | tag value ]

Required

This command takes effect only when it is configured on an ASBR. By default, summary of imported routes is disabled.

 

4.6.3  Configuring OSPF to Filter Received Routes

Table 4-9 Configure OSPF to filter received routes

Operation

Command

Description

Enter system view

system-view

Enter OSPF view

ospf [ process-id [ router-id router-id ] ]

Required

Configure to filter the received routes

filter-policy { acl-number | ip-prefix ip-prefix-name | gateway ip-prefix-name } import

Required

By default, OSPF does not filter received routing information.

 

&  Note:

 

4.6.4  Configuring the Cost for Sending Packets on an OSPF Interface

Table 4-10 Configure the cost for sending packets on an OSPF interface

Operation

Command

Description

Enter system view

system-view

Enter interface view

interface interface-type interface-number

Required

Configure the cost for sending packets on an OSPF interface

ospf cost value

Optional

By default, OSPF calculates the cost for sending packets on an interface according to the current baud rate on the interface. For a VLAN interface on the switch, this value is fixed at 10.

 

4.6.5  Configuring OSPF Route Priority

Since multiple dynamic routing protocols may be running on one router, the problem of route sharing and selection between various routing protocols arises. The system sets a priority for each routing protocol (which you can change manually), and when more than one route to the same destination is discovered by different protocols, the route with the highest priority will take preference over other routes.

Table 4-11 Configure OSPF route priority

Operation

Command

Description

Enter system view

system-view

Enter OSPF view

ospf [ process-id [ router-id router-id ] ]

Required

Configure OSPF route priority

preference [ ase ] value

Optional

By default, the OSPF route priority is 10 and the priority of OSPF ASE is 150.

 

4.6.6  Configuring the Maximum Number of OSPF Equal-Cost Routes

Table 4-12 Configure the maximum number of OSPF equal-cost routes

Operation

Command

Description

Enter system view

system-view

Enter OSPF view

ospf [ process-id [ router-id router-id ] ]

Required

Configure the maximum number of OSPF equal-cost routes

multi-path-number value

Optional

 

4.6.7  Configuring OSPF to Import External Routes

Table 4-13 Configure OSPF to import external routes

Operation

Command

Description

Enter system view

system-view

Enter OSPF view

ospf [ process-id [ router-id router-id ] ]

Required

Enable OSPF to import routes of other protocols

import-route protocol [ cost value | type value | tag value | route-policy route-policy-name ]*

Required

By default, OSPF does not import the routing information of other protocols.

Enable OSPF to filter advertised routes

filter-policy { acl-number | ip-prefix ip-prefix-name } export [ routing-protocol ]

Optional

By default, OSPF does not filter advertised routes.

Enable OSPF to import the default route

default-route-advertise [ always | cost value | type type-value | route-policy route-policy-name ]*

Optional

By default, OSPF does not import the default route.

Configure the default cost for OSPF to import external routes

default cost value

Optional

 By default, the cost for OSPF to import external routes is 1.

Configure the default maximum number of external routes imported by OSPF per unit time.

default limit routes

Optional

By default, a maximum of 1000 routes can be imported.

Configure the default tag for OSPF to import external routes

default tag tag

Optional

The default tag is 1 if it is not set by using this command.

Configure the default type of external routes that OSPF will import

default type { 1 | 2 }

Optional

By default, the type of imported external routes is Type-2.

 

&  Note:

l      The import-route command cannot import the default route. To import the default route, you must use the default-route-advertise command.

l      The filtering of advertised routes by OSPF means that OSPF only converts the external routes meeting the filter criteria into Type-5 or Type-7 LSAs and advertises them.

l      When enabling OSPF to import external routes, you can also configure the defaults of some additional parameters, such as cost, number of routes, tag, and type. A route tag can be used to identify protocol-related information.

 

4.7  OSPF Network Adjustment and Optimization

You can adjust and optimize an OSPF network in the following aspects:

l           By changing the OSPF packet timers, you can adjust the convergence speed of the OSPF network and the network load brought by OSPF packets. On some low-speed links, you need to consider the delay experienced when the interfaces transmit LSAs.

l           By Adjusting SPF calculation interval, you can mitigate resource consumption caused by frequent network changes.

l           In a network with high security requirements, you can enable OSPF authentication to enhance OSPF network security.

l           In addition, OSPF supports network management. You can configure the binding of the OSPF MIB with an OSPF process and configure the Trap message transmission and logging functions.

4.7.1  Configuration Prerequisites

Before adjusting and optimizing an OSPF network, perform the following tasks:

l           Configuring the network layer addresses of interfaces so that the adjacent nodes are reachable to each other at the network layer

l           Configuring basic OSPF functions

4.7.2  Configuring OSPF Timers

The Hello intervals for OSPF neighbors must be consistent. The value of Hello interval is in inverse proportion to route convergence speed and network load.

The dead time on an interface must be at least four times of the Hello interval on the same interface.

After a router sends an LSA to a neighbor, it waits for an acknowledgement packet from the neighbor. If the router receives no acknowledgement packet from the neighbor within the retransmission interval, it retransmits the LSA to the neighbor.

Table 4-14 Configure OSPF timers

Operation

Command

Description

Enter system view

system-view

Enter interface view

interface interface-type interface-number

Required

Configure the hello interval on the interface

ospf timer hello seconds

Optional

By default, p2p and broadcast interfaces send Hello packets every 10 seconds; while p2mp and NBMA interfaces send Hello packets every 30 seconds.

Configure the poll interval on the NBMA interface

ospf timer poll seconds

Optional

By default, poll packets are sent every 40 seconds.

Configure the dead time of the neighboring router on the interface

ospf timer dead seconds

Optional

By default, the dead time for the OSPF neighboring router on a p2p or broadcast interface is 40 seconds and that for the OSPF neighboring router on a p2mp or NBMA interface is 120 seconds.

Configure the interval at which the router retransmits an LSA to the neighboring router on the interface

ospf timer retransmit interval

Optional

By default, this interval is five seconds.

 

&  Note:

l      Default Hello and Dead timer values will be restored once the network type is changed.

l      Do not set an LSA retransmission interval that is too short. Otherwise, unnecessary retransmission will occur. LSA retransmission interval must be greater than the round trip time of a packet between two routers.

 

4.7.3  Configuring the LSA transmission delay

Table 4-15 Configure the LSA transmission delay

Operation

Command

Description

Enter system view

system-view

Enter interface view

interface interface-type interface-number

Required

Configure the LSA transmission delay

ospf trans-delay seconds

Optional

By default, the LSA transmission delay is one second.

 

&  Note:

 

4.7.4  Configuring the SPF Calculation Interval

Whenever the LSDB of OSPF is changed, the shortest paths need to be recalculated. When the network changes frequently, calculating the shortest paths immediately after LSDB changes will consume enormous resources and affect the operation efficiency of the router. By adjusting the minimum SPF calculation interval, you can lighten the negative affection caused by frequent network changes.

Table 4-16 Configure the SPF calculation interval

Operation

Command

Description

Enter system view

system-view

Enter OSPF view

ospf [ process-id [ router-id router-id ] ]

Required

Configure the SPF calculation interval

spf-schedule-interval interval

Optional

By default, the SPF calculation interval is five seconds.

 

4.7.5  Disabling OSPF Packet Transmission on an Interface

To prevent OSPF routing information from being acquired by the routers on a certain network, use the silent-interface command to disable OSPF packet transmission on the corresponding interface.

Table 4-17 Disable OSPF packet transmission through an interface

Operation

Command

Description

Enter system view

system-view

Enter OSPF view

ospf [ process-id [ router-id router-id ] ]

Required

Disable OSPF packet transmission on a specified interface

silent-interface silent-interface-type silent-interface-number

Optional

By default, all the interfaces are allowed to transmit OSPF packets.

 

&  Note:

l      On the same interface, you can disable multiple OSPF processes from transmitting OSPF packets. The silent-interface command, however, only applies to the OSPF interface where the specified process has been enabled, without affecting the interface for any other process.

l      After an OSPF interface is set to be in silent status, the interface can still advertise its direct route. However, the Hello packets from the interface will be blocked, and no neighboring relationship can be established on the interface. This enhances OSPF networking adaptability, thus reducing the consumption of system resources.

 

4.7.6  Configuring OSPF Authentication

Table 4-18 Configure OSPF authentication

Operation

Command

Description

Enter system view

system-view

Enter OSPF view

ospf [ process-id [ router-id router-id ] ]

Required

Enter OSPF area view

area area-id

Required

Configure the authentication mode of the OSPF area

authentication-mode { simple | md5 }

Required

By default, no authentication mode is configured for an area.

Return to OSPF view

quit

Return to system view

quit

Enter interface view

interface interface-type interface-number

Required

Configure the authentication mode of the OSPF interface

ospf authentication-mode { simple password | md5 key-id key }

Optional

By default, OSPF packets are not authenticated on an interface.

 

&  Note:

l      OSPF supports packet authentication and receives only those packets that are successfully authenticated. If packet authentication fails, no neighboring relationship will be established.

l      The authentication modes for all routers in an area must be consistent. The authentication passwords for all routers on a network segment must also be consistent.

 

4.7.7  Configuring to Fill the MTU Field When an Interface Transmits DD Packets

By default, an interface uses value 0 instead of its actual MTU value when transmitting DD packets. After the following configuration, the actual MTU value of the interface is filled in the Interface MTU field of the DD packets.

Table 4-19 Configure to fill the MTU field when an interface transmits DD packets

Operation

Command

Description

Enter system view

system-view

Enter Ethernet interface view

interface interface-type interface-number

Required

Enable the interface to fill in the MTU field when transmitting DD packets

ospf mtu-enable

Optional

By default, the MTU value is 0 when an interface transmits DD packets. That is, the actual MTU value of the interface is not filled in.

 

4.7.8  Enabling OSPF Logging

Table 4-20 Enable OSPF logging

Operation

Command

Description

Enter system view

system-view

Enter OSPF view

ospf [ process-id [ router-id router-id ] ]

Enable the logging of neighbor status changes

log-peer-change

Optional

Log neighbor status changes.

 

4.7.9  Configuring OSPF Network Management System (NMS)

Table 4-21 Configure OSPF MIB binding

Operation

Command

Description

Enter system view

system-view

Configure OSPF MIB binding

ospf mib-binding process-id

Optional

By default, MIB is bound to the first enabled OSPF process. When multiple OSPF processes are enabled, you can configure to which OSPF process the MIB is bound.

Enable OSPF Trap

snmp-agent trap enable ospf [ process-id ] [ ifauthfail | ifcfgerror | ifrxbadpkt | ifstatechange | iftxretransmit | lsdbapproachoverflow | lsdboverflow | maxagelsa | nbrstatechange | originatelsa | vifauthfail | vifcfgerror | virifrxbadpkt | virifstatechange | viriftxretransmit | virnbrstatechange ]*

Optional

You can configure OSPF to send diversified SNMP TRAP messages and specify a certain OSPF process to send SNMP TRAP messages by process ID.

 

4.8  Displaying and Maintaining OSPF Configuration

After the above configuration, you can use the display command in any view to display and verify the OSPF configuration.

You can use the reset command in user view to reset the OSPF counter or connection.

Table 4-22 Display and maintain configuration

Operation

Command

Description

Display brief information about one or all OSPF processes

display ospf [ process-id ] brief

 You can execute the display command in any view.

Display OSPF statistics

display ospf [ process-id ] cumulative

Display OSPF LSDB information

display ospf [ process-id [ area-id ] ] lsdb [ brief | [ [ asbr | ase | network | nssa | router | summary ] [ ip-address ] ] [ originate-router ip-address | self-originate ] ]

Display OSPF peer information

display ospf [ process-id ] peer [ brief | statistics ]

Display OSPF next hop information

display ospf [ process-id ] nexthop

Display OSPF routing table

display ospf [ process-id ] routing

Display OSPF virtual links

display ospf [ process-id ] vlink

Display OSPF request list

display ospf [ process-id ] request-queue

Display OSPF retransmission list

display ospf [ process-id ] retrans-queue

Display the information about OSPF ABR and ASBR

display ospf [ process-id ] abr-asbr

Display OSPF interface information

display ospf [ process-id ] interface interface-type interface-number

Display OSPF errors

display ospf [ process-id ] error

Display OSPF ASBR summary information

display ospf [ process-id ] asbr-summary [ ip-address mask ]

Reset one or all OSPF processes

reset ospf [ statistics ] { all | process-id }

Use the reset command in user view.

 

4.9  OSPF Configuration Example

4.9.1  Configuring DR Election Based on OSPF Priority

I. Network requirements

Four S3600 switches, SwitchA, SwitchB, SwitchC, and SwitchD, which run OSPF, are on the same segment, as shown in Figure 4-3. Perform proper configurations to make SwitchA and SwitchC become DR and BDR respectively. Set the priority of SwitchA to 100 (the highest on the network) so that SwitchA is elected as the DR. Set the priority of SwitchC to 2 (the second highest priority) so that SwitchC is elected as the BDR. Set the priority of SwitchB to 0 so that SwitchB cannot be elected as the DR. No priority is set for SwitchD so it has a default priority of 1.

II. Network diagram

Figure 4-3 DR election based on OSPF priority

III. Configuration procedure

# Configure SwitchA.

<SwitchA> system-view

[SwitchA] interface Vlan-interface 1

[SwitchA-Vlan-interface1] ip address 196.1.1.1 255.255.255.0

[SwitchA-Vlan-interface1] ospf dr-priority 100

[SwitchA-Vlan-interface1] quit

[SwitchA] router id 1.1.1.1

[SwitchA] ospf

[SwitchA-ospf-1] area 0

[SwitchA-ospf-1-area-0.0.0.0] network 196.1.1.0 0.0.0.255

# Configure SwitchB.

<SwitchB> system-view

[SwitchB] interface Vlan-interface 1

[SwitchB-Vlan-interface1] ip address 196.1.1.2 255.255.255.0

[SwitchB-Vlan-interface1] ospf dr-priority 0

[SwitchB-Vlan-interface1] quit

[SwitchB] router id 2.2.2.2

[SwitchB] ospf

[SwitchB-ospf-1] area 0

[SwitchB-ospf-1-area-0.0.0.0] network 196.1.1.0 0.0.0.255

# Configure SwitchC.

<SwitchC> system-view

[SwitchC] interface Vlan-interface 1

[SwitchC-Vlan-interface1] ip address 196.1.1.3 255.255.255.0

[SwitchC-Vlan-interface1] ospf dr-priority 2

[SwitchC-Vlan-interface1] quit

[SwitchC] router id 3.3.3.3

[SwitchC] ospf

[SwitchC-ospf-1] area 0

[SwitchC-ospf-1-area-0.0.0.0] network 196.1.1.0 0.0.0.255

# Configure SwitchD.

<SwitchD> system-view

[SwitchD] interface Vlan-interface 1

[SwitchD-Vlan-interface1] ip address 196.1.1.4 255.255.255.0

[SwitchD-Vlan-interface1] quit

[SwitchD] router id 4.4.4.4

[SwitchD] ospf

[SwitchD-ospf-1] area 0

[SwitchD-ospf-1-area-0.0.0.0] network 196.1.1.0 0.0.0.255

On SwitchA, run the display ospf peer command to display its OSPF peers. Note that SwitchA has three peers.

The state of each peer is full, which means that adjacency is established between SwitchA and each peer. SwitchA and SwitchC must establish adjacencies with all the switches on the network so that they can serve as the DR and BDR respectively on the network. SwitchA is DR, while SwitchC is BDR on the network. All the other neighbors are DR others (This means that they are neither DRs nor BDRs).

# Change the priority of SwitchB to 200.

<SwitchB> system-view

[SwitchB] interface Vlan-interface 1

[SwitchB-Vlan-interface1] ospf dr-priority 200

On SwitchA, run the display ospf peer command to display its OSPF peers. Note that the priority of SwitchB has been changed to 200, but it is still not the DR.

The DR is changed only when the current DR turn offline. Shut down SwitchA, and run the display ospf peer command on SwitchD to display its peers. Note that the original BDR (SwitchC) becomes the DR and SwitchB becomes BDR now.

If all Ethernet Switches on the network are removed from and then added to the network again, SwitchB will be elected as the DR (with a priority of 200), and SwitchA will be the BDR (with a priority of 100). Shutting down and restarting all of the switches will bring about a new round of DR/BDR selection.

4.9.2  Configuring OSPF Virtual Link

I. Network requirements

As shown in Figure 4-4, Area 2 and Area 0 are not directly interconnected. It is required to use Area 1 as a transition area for interconnecting Area 2 and Area 0. Correctly configure a virtual link between SwitchB and SwitchC in Area 1.

II. Network diagram

Figure 4-4 OSPF virtual link configuration

III. Configuration procedure

# Configure SwitchA.

<SwitchA> system-view

[SwitchA] interface Vlan-interface 1

[SwitchA-Vlan-interface1] ip address 196.1.1.1 255.255.255.0

[SwitchA-Vlan-interface1] quit

[SwitchA] router id 1.1.1.1

[SwitchA] ospf

[SwitchA-ospf-1] area 0

[SwitchA-ospf-1-area-0.0.0.0] network 196.1.1.0 0.0.0.255

# Configure SwitchB.

<SwitchB> system-view

[SwitchB] interface vlan-interface 1

[SwitchB-Vlan-interface1] ip address 196.1.1.2 255.255.255.0

[SwitchB-Vlan-interface1] quit

[SwitchB] interface vlan-interface 2

[SwitchB-Vlan-interface2] ip address 197.1.1.2 255.255.255.0

[SwitchB-Vlan-interface2] quit

[SwitchB] router id 2.2.2.2

[SwitchB] ospf

[SwitchB-ospf-1] area 0

[SwitchB-ospf-1-area-0.0.0.0] network 196.1.1.0 0.0.0.255

[SwitchB-ospf-1-area-0.0.0.0] quit

[SwitchB-ospf-1] area 1

[SwitchB-ospf-1-area-0.0.0.1] network 197.1.1.0 0.0.0.255

[SwitchB-ospf-1-area-0.0.0.1] vlink-peer 3.3.3.3

# Configure SwitchC.

<SwitchC> system-view

[SwitchC] interface Vlan-interface 1

[SwitchC-Vlan-interface1] ip address 152.1.1.1 255.255.255.0

[SwitchC-Vlan-interface1] quit

[SwitchC] interface Vlan-interface 2

[SwitchC-Vlan-interface2] ip address 197.1.1.1 255.255.255.0

[SwitchC-Vlan-interface2] quit

[SwitchC] router id 3.3.3.3

[SwitchC] ospf

[SwitchC-ospf-1] area 1

[SwitchC-ospf-1-area-0.0.0.1] network 197.1.1.0 0.0.0.255

[SwitchC-ospf-1-area-0.0.0.1] vlink-peer 2.2.2.2

[SwitchC-ospf-1-area-0.0.0.1] quit

[SwitchC-ospf-1] area 2

[SwitchC-ospf-1-area-0.0.0.2] network 152.1.1.0 0.0.0.255

4.10  Troubleshooting OSPF Configuration

Symptom 1: OSPF has been configured in accordance with the above-mentioned steps, but OSPF does not run normally on the switch.

Solution: Perform the following procedure.

Local fault removal: Firstly, check whether the protocol works normally between two directly connected routers. The normal sign is that the peer state machine between the two routers reaches the FULL state. Note: On a broadcast or NBMA network, if the interfaces between two routers are in DROther state, the peer state machine between the two routers are in 2-way state, instead of FULL state. The peer state machine between DR/BDR and all the other routers is in FULL state.

l           Use the display ospf peer command to view peers.

l           Use the display ospf interface command to view the OSPF information on an interface.

l           Check whether the physical connection is correct and the lower layer protocol operates normally. You can use the ping command to test. If the local router cannot ping through the peer router, it indicates that faults exist on the physical link and the lower level protocol.

l           If the physical connection and the lower layer protocol are normal, check the OSPF parameters configured on the interface. Verify that these parameter configurations are consistent with those on the peer interface. The area IDs must be the same, and the network segments and the masks must also be consistent (p2p or virtually linked segments can have different segments and masks).

l           Ensure that the dead timer value is at least four times of the hello timer value on the same interface.

l           If the network type is NBMA, you must use the peer ip-address command to manually specify a peer.

l           If the network type is broadcast or NBMA, ensure that there is at least one interface with a priority greater than zero.

l           If an area is set to a stub area, ensure that the area is set to a stub area for all the routers connected to this area.

l           Ensure that the interface types of two neighboring routers are consistent.

l           If two or more areas are configured, ensure that at least one area is configured as the backbone area; that is, the area ID of an area is 0.

l           Ensure that the backbone area is connected to all the other areas.

l           Ensure that no virtual link passes through a stub area.

Global fault removal: If OSPF still cannot discover the remote routes after the above procedure is performed, check the following configurations:

l           If two or more areas are configured on a router, at least one area should be configured to be connected to the backbone area.

As shown in Figure 4-5, RTA and RTD are configured to belong to only one area, whereas RTB (Area 0 and Area 1) and RTC (Area 1 and Area 2) are configured to belong to two areas. RTB also belongs to area 0, which meets the requirement. However, none of the areas of RTC is Area 0. Therefore, a virtual link should be set up between RTC and RTB. Ensure that Area 2 and Area 0 (backbone area) are interconnected.

Figure 4-5 OSPF area

l           A virtual link cannot pass through a stub area. The backbone area (Area 0) cannot be configured as a stub area. So, if a virtual link has been set up between RTB and RTC, neither Area 1 nor Area 0 can be configured as a stub area. In Figure 4-5, only Area 2 can be configured as a stub area.

l           A router in a stub area cannot receive external routes.

The backbone area must guarantee the connectivity between various nodes.

 


Chapter 5  IP Routing Policy Configuration

 

&  Note:

When running a routing protocol, the Ethernet switch also functions as a router. The words “router” and the router icons covered in the following text represent routers in common sense and Ethernet switches running a routing protocol.

 

5.1  IP Routing Policy Overview

When a router distributes or receives routing information, it may need to implement some policies to filter the routing information, so as to receive or distribute only the routing information meeting given conditions. A routing protocol (RIP, for example) may need to import the routing information discovered by other protocols to enrich its routing knowledge. While importing routing information from another protocol, it possibly only needs to import the routes meeting given conditions and set some attributes of the imported routes to make the routes meet the requirements of this protocol.

For the implementation of a routing policy, you need to define a set of matching rules by specifying the characteristics of the routing information to be filtered. You can set the rules based on such attributes as destination address and source address of the information. The matching rules can be set in advance and then used in the routing policies to advertise, receive, and import routes.

The S3600 series provide three kinds of filters (Route-policy, ACL, and ip-prefix), which can be referenced by routing protocols. The following sections introduce these filters.

I. Route-policy

A route policy is used to match some attributes with given routing information and the attributes of the information will be set if the conditions are satisfied.

A route policy can comprise multiple nodes. Each node is a unit for matching test, and the nodes will be matched in the order of their node numbers. Each node comprises a set of if-match and apply clauses. The if-match clauses define the matching rules. The matching objects are some attributes of routing information. The relationship among the if-match clauses for a node is “AND”. As a result, a matching test against a node is successful only when all the matching conditions specified by the if-match clauses in the node are satisfied. The apply clauses specify the actions performed after a matching test against the node is successful, and the actions can be the attribute settings of routing information.

The relationships among different nodes in a route-policy are “OR”. As a result, the system examines the nodes in the route-policy in sequence, and once the route passes a node in the route-policy, it will pass the matching test of the route-policy without entering the test of the next node.

II. ACL

The S3600 series support four types of ACLs: advanced, basic, user-defined, and layer 2 ACLs.

Normally, a basic ACL is used to filter routing information. You can specify a range of IP addresses or subnets when defining a basic ACL so as to match the destination network segment addresses or next-hop addresses of routing information. If an advanced ACL is used, the specified range of source addresses will be used for matching.

For ACL configuration, see the QoS/ACL configuration section of this manual.

III. ip-prefix

ip-prefix plays a role similar to ACL. But it is more flexible than ACL and easier to understand. When ip-prefix is applied to filtering routing information, its matching object is the destination address information field of routing information. Moreover, with ip-prefix, you can use the gateway option to specify that only routing information advertised by certain routers will be received.

An ip-prefix is identified by its ip-prefix name. Each ip-prefix can include multiple items, and each item, identified by an index-number, can independently specify the match range in network prefix form. An index-number specifies the matching sequence in the ip-prefix.

During the matching, the router checks items identified by index-number in ascending order. Once an item is met, the ip-prefix filtering is passed and no other item will be checked.

5.2  IP Routing Policy Configuration Tasks

Table 5-1 IP routing policy configuration tasks

Configuration task

Description

Related section

Route-policy configuration

Defining a route-policy

Required

5.3.2 

Defining if-match clauses and apply clauses

5.3.3 

ip-prefix configuration

5.4 

Displaying IP routing policy

5.5 

 

5.3  Route-Policy Configuration

A route-policy is used to match given routing information or some attributes of routing information and change the attributes of the routing information if the conditions are met. The above-mentioned filtering lists can serve as the match conditions:

A route-policy can comprise multiple nodes and each node comprises:

l           if-match clause: Defines matching rules; that is, the filtering conditions that the routing information should satisfy for passing the current route-policy. The matching objects are some attributes of the routing information.

l           apply clause: Specifies actions, which are the configuration commands executed after a route satisfies the filtering conditions specified by the if-match clause. Thereby, some attributes of the route can be modified.

5.3.1  Configuration Prerequisites

Before configuring a route-policy, perform the following tasks:

l           Configuring a filtering list,

l           Configuring a routing protocol

Prepare the following data before the configuration:

l           Route-policy name and node number

l           Match conditions

l           Route attributes to be changed

5.3.2  Defining a Route-Policy

Table 5-2 Define a route-policy

Operation

Command

Description

Enter system view

system-view

Define a route-policy and enter the route-policy view

route-policy route-policy-name { permit | deny } node node-number

Required

By default, no route-policy is defined.

 

&  Note:

l      The permit argument specifies the matching mode for a defined node in the route-policy to be in permit mode. If a route matches the rules for the node, the apply clauses for the node will be executed and the test of the next node will not be taken. If not, however, the route takes the test of the next node.

l      The deny argument specifies the matching mode for a defined node in the route-policy to be in deny mode. In this mode, no apply clause is executed. If a route satisfies all the if-match clauses of the node, no apply clause for the node will be executed and the test of the next node will not be taken. If not, however, the route takes the test of the next node.

l      If multiple nodes are defined in a route-policy, at least one of them should be in permit mode. When a route-policy is applied to filtering routing information, if a piece of routing information does not match any node, the routing information will be denied by the route-policy. If all the nodes in the route-policy are in deny mode, all routing information will be denied by the route-policy.

 

5.3.3  Defining if-match Clauses and apply Clauses

Table 5-3 Define if-match clauses and apply clauses

Operation

Command

Description

Enter system view

system-view

Enter the route-policy view

route-policy route-policy-name { permit | deny } node node-number

Required

Define a rule to match the IP address of routing information

if-match { acl acl-number | ip-prefix ip-prefix-name }

Optional

By default, no matching is performed on the address of routing information.

Define a rule to match the routing cost of routing information

if-match cost value

Optional

By default, no matching is performed on the routing cost of routing information.

Define a rule to match the next-hop interface of routing information

if-match interface interface-type interface-number

Optional

By default, no matching is performed on the next-hop interface of routing information.

Define a rule to match the next-hop address of routing information

if-match ip next-hop { acl acl-number | ip-prefix ip-prefix-name }

Optional

By default, no matching is performed on the next-hop address of routing information.

Define a rule to match the tag field of OSPF routing information

if-match tag value

Optional

By default, no matching is performed on the tag field of OSPF routing information.

Define an action to set the cost of routing information

apply cost value

Optional

By default, no action is defined to set the routing cost of routing information.

Define an action to set the tag field of routing information

apply tag value

Optional

By default, no action is defined to set the tag field of OSPF routing information.

 

&  Note:

l      A route-policy comprises multiple nodes. The relationship among the nodes in a route-policy is “OR”. As a result, the system examines the nodes in sequence, and once the route passes a node in the route-policy, it will pass the matching test of the route-policy without entering the test of the next node.

l      During the matching, the relationship among the if-match clauses for a route-policy node is “AND”. That is, a matching test against a node is successful only when all the matching conditions specified by the if-match clauses in the node are satisfied.

l      If no if-match clauses are specified, all the routes will filter through the node.

l      A node can comprise no if-match clause or multiple if-match clauses.

l      Each node comprises a set of if-match and apply clauses. if-match clauses define matching rules. apply clauses specify the actions performed after a matching test against the node is successful, and the actions can be the attribute settings of routing information.

 

5.4  ip-prefix Configuration

ip-prefix plays a role similar to ACL and but is more flexible and easier to understand. When ip-prefix is applied to filtering routing information, its matching object is the destination address information field of routing information.

5.4.1  Configuration Prerequisites

Before configuring a filter list, prepare the following data:

l           ip-prefix name

l           Range of addresses to be matched

l           Extended community attribute list number

5.4.2  Configuring an ip-prefix list

An ip-prefix list is identified by its ip-prefix list name. Each ip-prefix list can comprise multiple items. Each item can independently specify a match range in the form of network prefix and is identified by an index-number. For example, the following is an ip-prefix list named abcd:

l           ip ip-prefix abcd index 10 permit 1.0.0.0 8

l           ip ip-prefix abcd index 20 permit 2.0.0.0 8

During the matching of a route, the router checks the items in the ascending order of index-number. Once the route match an item, the route passes the filtering of the ip-prefix list and no other item will be matched.

Table 5-4 Configure an IPv4 ip-prefix list

Operation

Command

Description

Enter system view

system-view

Configure an IPv4 ip-prefix list

ip ip-prefix ip-prefix-name [ index index-number ] { permit | deny } network len [ greater-equal greater-equal | less-equal less-equal ]

Required

By default, no ip-prefix list is specified. If all the list items are in deny mode, all routing information will be denied by the filter list. You are recommended to define the item permit 0.0.0.0 0 greater-equal 0 less-equal 32 after multiple items in the deny mode so as to permit all other IPv4 routes.

 

&  Note:

 

5.5  Displaying IP Routing Policy

After the above configuration, execute the display command in any view to display and verify the routing policy configuration.

Table 5-5 Display a route policy

Operation

Command

Description

Display route-policy information

display route-policy [ route-policy-name ]

You can execute the display command in any view.

Display address prefix list information

display ip ip-prefix [ ip-prefix-name ]

 

5.6  IP Routing Policy Configuration Example

5.6.1  Configuring to Filter Received Routing Information

I. Network requirements

SwitchA communicates with SwitchB. OSPF protocol is enabled on both switches. The router ID of SwitchA is 1.1.1.1 and that of SwitchB is 2.2.2.2.

Configure three static routes and enable OSPF on SwitchA.

By configuring route filtering rules on SwitchA make the three received static routes partially visible and partially shielded: the routes of network segments 20.0.0.0 and 40.0.0.0 are visible, and the route of network segment 30.0.0.0 is shielded.

View the OSPF routing table to check the routing policy takes effect.

II. Network diagram

Figure 5-1 Filtering received routing information

III. Configuration procedure

l           Configure SwitchA:

# Configure the IP addresses of the interfaces.

<SwitchA> system-view

[SwitchA] interface vlan-interface 100

[SwitchA-Vlan-interface100] ip address 10.0.0.1 255.0.0.0

[SwitchA-Vlan-interface100] quit

[SwitchA] interface vlan-interface 200

[SwitchA-Vlan-interface200] ip address 12.0.0.1 255.0.0.0

[SwitchA-Vlan-interface200] quit

# Configure three static routes.

[SwitchA] ip route-static 20.0.0.1 255.0.0.0 12.0.0.2

[SwitchA] ip route-static 30.0.0.1 255.0.0.0 12.0.0.2

[SwitchA] ip route-static 40.0.0.1 255.0.0.0 12.0.0.2

# Enable the OSPF protocol and specify the ID of the area to which the interface 10.0.0.1 belongs.

<SwitchA> system-view

[SwitchA] router id 1.1.1.1

[SwitchA] ospf

[SwitchA-ospf-1] area 0

[SwitchA-ospf-1-area-0.0.0.0] network 10.0.0.0 0.255.255.255

[SwitchA-ospf-1-area-0.0.0.0] quit

[SwitchA-ospf-1]quit

# Configure an ACL.

[SwitchA] acl number 2000

[SwitchA-acl-basic-2000] rule deny source 30.0.0.0 0.255.255.255

[SwitchA-acl-basic-2000] rule permit source any

[SwitchA-acl-basic-2000] quit

# Configure a route-policy.

[SwitchA] route-policy ospf permit node 10

[SwitchA-route-policy] if-match acl 2000

[SwitchA-route-policy] quit

# Apply route policy when the static routes are imported.

[SwitchA] ospf

[SwitchA-ospf-1] import-route static route-policy ospf

l           Configure SwitchB:

# Configure the IP address of the interface.

<SwitchB> system-view

[SwitchB] interface vlan-interface 100

[SwitchB-Vlan-interface100] ip address 10.0.0.2 255.0.0.0

[SwitchB-Vlan-interface100] quit

# Enable the OSPF protocol and specify the ID of the area to which the interface belongs.

[SwitchB] router id 2.2.2.2

[SwitchB] ospf

[SwitchB-ospf-1] area 0

[SwitchB-ospf-1-area-0.0.0.0] network 10.0.0.0 0.255.255.255

[SwitchB-ospf-1-area-0.0.0.0] quit

[SwitchB-ospf-1] quit

# Display the OSPF routing table on SwitchB and check if route policy takes effect.

<SwitchB> display ospf routing

 

          OSPF Process 1 with Router ID 2.2.2.2

                   Routing Tables

 

 Routing for Network

 Destination        Cost  Type       NextHop         AdvRouter       Area

 10.0.0.0/8         1     Transit    10.0.0.2        1.1.1.1         0.0.0.0

 

 Routing for ASEs

 Destination        Cost      Type       Tag         NextHop         AdvRouter

 20.0.0.0/8         1         Type2      1           10.0.0.1        1.1.1.1

 40.0.0.0/8         1         Type2      1           10.0.0.1        1.1.1.1

 

 Total Nets: 3

 Intra Area: 1  Inter Area: 0  ASE: 2  NSSA: 0

5.7  Troubleshooting IP Routing Policy

Symptom: Routing information cannot be filtered when the routing protocol runs normally.

Solution: Check to see the following requirements are satisfied.

At least one node in a route-policy should be in permit mode. When a route-policy is used to filter routing information, if a piece of routing information filters through no node in the route-policy, it means that the route information does not pass the filtering of the route-policy. Therefore, when all the nodes in the route-policy are in the deny mode, no routing information will pass the filtering of the route-policy.

At least one item in an ip-prefix list should be in permit mode. The items in deny mode can be defined first to rapidly filter out the routing information not meeting the condition. However, if all the items are in the deny mode, no route will pass the ip-prefix filtering. You can define the item “permit 0.0.0.0 0 less-equal 32” after multiple items in the deny mode for all other routes to pass the filtering (if less-equal 32 is not specified, only the default route will be matched).

 


Chapter 6  Route Capacity Configuration

 

&  Note:

When running a routing protocol, the Ethernet switch also functions as a router. The words “router” and the router icons covered in the following text represent routers in common sense and Ethernet switches running a routing protocol.

Among S3600 series, only S3600-EI series switches support route capacity configuration.

 

6.1  Route Capacity Configuration Overview

6.1.1  Introduction

In practical networking applications, there are a large number of routes, especially OSPF routes, in the routing table. Normally, routing information is stored in the memory of the switch. While the size of the routing table increases, the total memory of the switch remains unchanged unless the hardware is upgraded. However, upgrading may not always solve the problem.

To solve this problem, the S3600 series provide a mechanism to control the size of the routing table; that is, monitoring the free memory in the system to determine whether to add new routes to the routing table and whether to keep the connection of a routing protocol.

 

  Caution:

Note that, normally, the default system configuration meets the requirements. To avoid decreasing system stability and availability due to improper configuration, it is not recommended to modify the configuration yourself.

 

6.1.2  Route Capacity Limitation on the S3600 Series

Huge routing tables are usually caused by OSPF routes. Therefore, the route capacity limitation implemented by an S3600 Ethernet switch applies to OSPF routes only but not to static and RIP routes.

When the free memory of the switch is equal to or lower than the lower limit, OSPF connection will be disconnected and OSPF routes will be removed from the routing table.

If automatic protocol connection recovery is enabled, when the free memory of the switch restores to a value larger than the safety value, the switch automatically re-establishes the OSPF connection. If the automatic protocol connection recovery function is disabled, the switch will not reestablish the disconnected OSPF connection even when the free memory restores to a value larger than the safety value.

6.2  Route Capacity Configuration

Route capacity configuration includes:

l           Configuring the lower limit and the safety value of switch memory,

l           Enabling/disabling the switch to recover the disconnected routing protocol automatically.

6.2.1  Configuring the Lower Limit and the Safety Value of the Switch Memory

Table 6-1 Set the lower limit and the safety value of switch memory

Operation

Command

Description

Enter system view

system-view

Set the lower limit and the safety value of switch memory

memory { safety safety-value | limit limit-value }*

Optional

By default, the default values are used.

 

&  Note:

The safety-value must be greater than the limit-value.

 

6.2.2  Enabling/Disabling Automatic Protocol Recovery

Table 6-2 Enable automatic protocol recovery

Operation

Command

Description

Enter system view

system-view

Enable automatic protocol recovery

memory auto-establish enable

Optional

By default, automatic protocol recovery is enabled.

 

Table 6-3 Disable automatic protocol recovery

Operation

Command

Description

Enter system view

system-view

Disable automatic protocol recovery

memory auto-establish disable

Optional

By default, automatic protocol recovery is enabled.

 

&  Note:

If automatic protocol recovery is disabled, the OSPF connection will not recover even when the free memory exceeds the safety value. Therefore, take cautions when disabling the function.

 

6.3  Displaying Route Capacity Configuration

After the above configuration, you can use the display command in any view to display and verify the route capacity configuration.

Table 6-4 Display route capacity configuration

Operation

Command

Description

Display memory occupancy of a switch

display memory [ unit unit-id ]

You can execute the display command in any view.

Display the route capacity related memory setting and state information

display memory limit

 

  • Cloud & AI
  • InterConnect
  • Intelligent Computing
  • Security
  • SMB Products
  • Intelligent Terminal Products
  • Product Support Services
  • Technical Service Solutions
All Services
  • Resource Center
  • Policy
  • Online Help
All Support
  • Become a Partner
  • Partner Resources
  • Partner Business Management
All Partners
  • Profile
  • News & Events
  • Online Exhibition Center
  • Contact Us
All About Us
新华三官网