Login
- Table of Contents
- Related Documents
-
| Title | Size | Download |
|---|---|---|
| 05-Routing Configuration Examples | 707 KB |
1.1.1 Static Routing and Routing Protocols
1.1.2 Routing Protocols Supported by the H3C Low-End Ethernet Switches
1.2.2 Static Route Configuration
1.2.7 Route Policy Configuration
Chapter 2 Configuration Examples
2.1.1 Static Routing Configuration Example
2.1.2 RIP Configuration Examples
2.1.3 DR Configuration Example
2.1.4 OSPF Virtual Link Configuration Examples
2.1.5 Basic IS-IS Configuration Example
2.1.6 BGP Confederation Configuration Example
2.1.7 BGP Route Reflector Configuration Example
2.1.8 BGP Path Selection Configuration Example
Chapter 3 Comprehensive Configuration Example
3.1.1 Requirement Analysis, Network Diagram and Configuration Plan
3.1.2 Devices Used for Networking
3.1.3 Routing Protocols and Related Parameters on Devices
3.2.3 Basic RIPv2/OSPF/BGP Configuration
3.2.4 RIP, Static Route, and Routing Policy Configuration Example
3.2.5 BGP and IGP Interaction Configuration Example
3.2.6 Route Backup Configuration Example
3.2.7 BGP MED Attribute Configuration Example
3.3 Displaying the Whole Configuration on Devices
3.3.1 Displaying the Whole Configuration on Devices
3.4 Verifying the Configuration
3.4.1 Verifying the Configuration of Routing Policy and Static Routes
3.4.2 Verifying the BGP and IGP Interaction Configuration
3.4.3 Verifying the Route Backup Configuration
3.4.4 Verifying the MED Attribute Configuration
Keywords: Static routing, RIP, OSPF, ISIS, BGP
Abstract: This document describes the IPv4 routing protocols that the H3C S7500 series support and the corresponding network configurations.
Acronyms: RIP (Route Information Protocol), OSPF (Open Shortest Path First), ISIS (Intermediate System-to-Intermediate System intra-domain routing information exchange protocol), BGP (Border Gateway Protocol)
Chapter 1 Routing Overview
1.1 Overview
1.1.1 Static Routing and Routing Protocols
I. Static routing
Static routing features zero overhead, simple configuration, and is applicable to simple and stable networks. But it requires human intervention when the network topology changes.
II. RIP
RIP is easy to configure and is insensitive to CPU and memory, so it is applicable to small and medium sized networks. However, it converges slowly and cannot eliminate route loops completely. In addition, periodic RIP updating multicasts or broadcasts consume many network resources.
III. OSPF
OSPF is complicated to configure and requires high-performance CPU and memory. It is applicable to medium and large sized networks. OSPF converges fast and can eliminate route loops completely. It supports area partition and provides hierarchical route management.
IV. IS-IS
IS-IS is complicated to configure and requires high-performance CPU and memory. It is applicable to medium and large networks. ISIS converges fast and can eliminate route loops completely. It supports area partition and provides hierarchical route management.
V. BGP
BGP runs between ASs. Although complicated to configure, BGP features high reliability, stability, and scalability, has flexible and powerful routing policies and eliminates route loops completely.
1.1.2 Routing Protocols Supported by the H3C Low-End Ethernet Switches
The S7500 series switches support RIP, OSPF, IS-IS and BGP.
1.2 Configuration Guide
& Note:
l This configuration guide takes S7500 series Ethernet switches as an example.
l For configuration precautions, see corresponding operation manuals and command manuals.
1.2.1 Configuration Task List
Table 1-1 Configuration task List
|
Task |
Details |
|
Static route configuration |
|
|
RIP configuration |
|
|
OSPF configuration |
|
|
ISIS Configuration |
|
|
BGP configuration |
|
|
Route Policy Configuration |
1.2.2 Static Route Configuration
Table 1-2 Configure a static route
|
Operation |
Command |
Remarks |
|
Enter system view |
system-view |
— |
|
Configure a static route |
ip route-static ip-address { mask | mask-length } { interface-type interface-number | next-hop } [ preference preference-value ] [ reject | blackhole ] |
Required By default, the system can obtain the route to the subnet directly connected to the router. |
1.2.3 RIP Configuration
Table 1-3 RIP configuration task list
|
Configuration task |
Remarks |
|
|
Configuring basic RIP functions |
Required |
|
|
Optional |
||
|
Optional |
||
|
Configuring RIP route control |
Optional |
|
|
Optional |
||
|
Optional |
||
|
Optional |
||
|
Optional |
||
|
Optional |
||
|
Configuring RIP to redistribute routes from another protocol |
Optional |
|
|
Adjusting and optimizing a RIP network |
Optional |
|
|
Optional |
||
|
Optional |
||
|
Optional |
||
|
Optional |
||
I. Enabling RIP on an Interface
Table 1-4 Enable RIP on an interface
|
Operation |
Command |
Remarks |
|
Enter system view |
system-view |
— |
|
Enable RIP and enter RIP view |
rip |
Required |
|
Enable RIP on the specified interface |
network network-address |
Required Disabled by default. |
II. Setting the RIP operating status on an interface
Table 1-5 Set the RIP operating status on an interface
|
Operation |
Command |
Remarks |
|
Enter system view |
system-view |
— |
|
Enter interface view |
interface interface-type interface-number |
— |
|
Enable the interface to receive RIP update packets |
rip input |
Optional By default, all interfaces are allowed to send and receive RIP update packets. |
|
Enable the interface to send RIP update packets |
rip output |
|
|
Enable the interface to receive and send RIP update packets |
rip work |
III. Specifying the RIP version on an interface
Table 1-6 Specify the RIP version on an interface
|
Operation |
Command |
Remarks |
|
Enter system view |
system-view |
— |
|
Enter interface view |
interface interface-type interface-number |
— |
|
Specify the version of the RIP running on the interface |
rip version { 1 | 2 [ broadcast | multicast ] } |
Optional By default, the version of the RIP running on an interface is RIP-1. |
IV. Setting the additional routing metrics of an interface
Additional metric is the metric added to the original metrics of RIP routes on an interface. It does not directly change the metric value of a RIP route in the routing table of a router, but will be added to incoming or outgoing RIP routes on the interface.
Table 1-7 Set additional routing metric
|
Operation |
Command |
Remarks |
|
Enter system view |
system-view |
— |
|
Enter interface view |
interface interface-type interface-number |
— |
|
Set the additional routing metric to be added for incoming RIP routes on this interface |
rip metricin value |
Optional By default, the additional routing metric added for incoming routes on an interface is 0. |
|
Set the additional routing metric to be added for outgoing RIP routes on this interface |
rip metricout value |
Optional By default, the additional routing metric added for outgoing routes on an interface is 1. |
V. Configuring RIP route summarization
Table 1-8 Configure RIP route summarization
|
Operation |
Command |
Remarks |
|
Enter system view |
system-view |
— |
|
Enter RIP view |
rip |
— |
|
Enable RIP-2 automatic route summarization |
summary |
Required By default, RIP-2 automatic route summarization is enabled. |
VI. Disabling the router from receiving host routes
Table 1-9 Disable the router from receiving host routes
|
Operation |
Command |
Remarks |
|
Enter system view |
system-view |
— |
|
Enter RIP view |
rip |
— |
|
Disable the router from receiving host routes |
undo host-route |
Required By default, the router receives host routes. |
VII. Configuring RIP to filter incoming/outgoing routes
Table 1-10 Configure RIP to filter incoming/outgoing routes
|
Operation |
Command |
Remarks |
|
Enter system view |
system-view |
— |
|
Enter RIP view |
rip |
— |
|
Configure RIP to filter incoming routes |
filter-policy { acl-number | ip-prefix ip-prefix-name [ gateway ip-prefix-name ] | gateway ip-prefix-name } import [ interface interface-type interface-number ] |
Required By default, RIP does not filter any incoming route. The gateway keyword is used to filter the incoming routes advertised from a specified address. |
|
filter-policy gateway ip-prefix-name import |
||
|
Configure RIP to filter outgoing routes |
filter-policy { acl-number | ip-prefix ip-prefix-name } export [ protocol [ process-id ] | interface interface-type interface-number ] |
Required By default, RIP does not filter any outgoing route. |
|
filter-policy route-policy route-policy-name export |
VIII. Setting RIP preference
Table 1-11 Set RIP preference
|
Operation |
Command |
Remarks |
|
Enter system view |
system-view |
— |
|
Enter RIP view |
rip |
— |
|
Set the RIP preference |
preference value |
Required The default RIP preference is 100. |
IX. Enabling load sharing among RIP interfaces
Table 1-12 Enable load sharing among RIP interfaces
|
Operation |
Command |
Remarks |
|
Enter system view |
system-view |
— |
|
Enter RIP view |
rip |
— |
|
Enable load sharing among RIP interfaces |
traffic-share-across-interface |
Required By default, load sharing among RIP interfaces is disabled |
X. Configuring RIP to redistribute routes from another protocol
Table 1-13 Configure RIP to import routes from another protocol
|
Operation |
Command |
Remarks |
|
Enter system view |
system-view |
— |
|
Enter RIP view |
rip |
— |
|
Configure a default cost for an incoming route |
default cost value |
Optional 1 by default. |
|
Configure RIP to redistribute routes from another protocol |
import-route protocol [ process-id | allow-ibgp ] [ cost value | route-policy route-policy-name ]* |
Required By default, RIP does redistribute any route from other protocols. |
XI. Configuring RIP timers
Table 1-14 Configure RIP timers
|
Operation |
Command |
Remarks |
|
Enter system view |
system-view |
— |
|
Enter RIP view |
rip |
— |
|
Set the RIP timers |
timers { update update-timer | timeout timeout-timer } * |
Required By default, the Update timer is set 30 seconds and the Timeout timer to 180 seconds. |
XII. Configuring split horizon
Table 1-15 Configure split horizon
|
Operation |
Command |
Remarks |
|
Enter system view |
system-view |
— |
|
Enter interface view |
interface interface-type interface-number |
— |
|
Enable split horizon |
rip split-horizon |
Required Enabled by default. |
XIII. Configuring RIP-1 packet zero field check
Table 1-16 Configure RIP-1 packet zero field check
|
Operation |
Command |
Remarks |
|
Enter system view |
system-view |
— |
|
Enter RIP view |
rip |
— |
|
Enable the check of the “must be zero” field in RIP-1 packets |
checkzero |
Required Enabled by default. |
XIV. Setting RIP-2 packet authentication mode
Table 1-17 Set RIP-2 packet authentication mode
|
Operation |
Command |
Remarks |
|
Enter system view |
system-view |
— |
|
Enter interface view |
interface interface-type interface-number |
— |
|
Set RIP-2 packet authentication mode |
rip authentication-mode { simple password | md5 { rfc2453 key-string | rfc2082 key-string key-id } } |
Required If you specify to use MD5 authentication, you must specify one of the following MD5 authentication types: l rfc2453 (this type supports the packet format defined in RFC 2453) l rfc2082 (this type supports the packet format defined in RFC 2082) |
XV. Configuring RIP to unicast RIP packets
Table 1-18 Configure RIP to unicast RIP packets
|
Operation |
Command |
Remarks |
|
Enter system view |
system-view |
— |
|
Enter RIP view |
rip |
— |
|
Configure RIP to unicast RIP packets |
peer ip-address |
Required When RIP runs on the link that does not support broadcast or multicast, you must configure RIP to unicast RIP packets. |
1.2.4 OSPF Configuration
Table 1-19 OSPF configuration task list
|
Configuration task |
Remarks |
|
|
Required |
||
|
Optional |
||
|
OSPF Network Types |
Optional |
|
|
Optional |
||
|
OSPF route control |
Optional |
|
|
Optional |
||
|
Optional |
||
|
Optional |
||
|
Optional |
||
|
OSPF network adjustment and optimization |
Optional |
|
|
Optional |
||
|
Optional |
||
|
Optional |
||
|
Optional |
||
|
Optional |
||
|
Optional |
||
I. Basic OSPF configuration
Table 1-20 Basic OSPF configuration
|
Operation |
Command |
Remarks |
|
Enter system view |
system-view |
— |
|
Disable multicast MAC addressing |
undo protocol multicast-mac enable |
Optional |
|
Configure the router ID |
router id router-id |
Optional If multiple OSPF processes run on a router, you are recommended to use the router-id keyword in the ospf command to specify different router IDs for different processes. |
|
Enable OSPF and enter OSPF view |
ospf [ process-id [ router-id router-id ] ] |
Required Enter OSPF view. |
|
Enter OSPF area view |
area area-id |
— |
|
Configure the network segments in the area |
network ip-address wildcard-mask |
Required By default, an interface does not belong to any area. |
II. Configuring OSPF Area Attributes
Table 1-21 Configure OSPF area attributes
|
Operation |
Command |
Remarks |
|
Enter system view |
system-view |
— |
|
Enter OSPF view |
ospf [ process-id [ router-id router-id ] ] |
— |
|
Enter OSPF area view |
area area-id |
— |
|
Configure the current area to be a stub area |
stub [ no-summary ] |
Optional By default, no area is configured as a stub area. |
|
Configure the current area to be an NSSA area |
nssa [ default-route-advertise | no-import-route | no-summary ] * |
Optional By default, no area is configured as an NSSA area. |
|
Configure the cost of the default route transmitted by OSPF to a stub or NSSA area |
default-cost cost |
Optional This can be configured on an ABR only. By default, the cost of the default route to a stub or NSSA area is 1. |
|
Create and configure a virtual link |
vlink-peer router-id [ hello seconds | retransmit seconds | trans-delay seconds | dead seconds | simple password | md5 keyid key ] * |
Optional For a virtual link to take effect, you need to use this command at both ends of the virtual link and ensure consistent configurations of the hello, dead, and other parameters at both ends. |
III. Configuring the Network Type of an OSPF Interface
Table 1-22 Configure the network type of an OSPF interface
|
Operation |
Command |
Remarks |
|
Enter system view |
system-view |
— |
|
Enter interface view |
interface interface-type interface-number |
— |
|
Configure the network type of the OSPF interface |
ospf network-type { broadcast | nbma | p2mp [ unicast ] | p2p } |
Optional By default, the network type of an interface depends on the physical interface. |
IV. Configuring an NBMA/P2MP Neighbor
Table 1-23 Configure NBMA/P2MP neighbor
|
Operation |
Command |
Remarks |
|
Enter system view |
system-view |
— |
|
Enter OSPF view |
ospf [ process-id [ router-id router-id ] ] |
Required |
|
Configure an NBMA/P2MP neighbor |
peer ip-address [ dr-priority dr-priority ] |
Required By default, the priority for the neighbor of an NBMA interface is 1. |
V. Configuring the DR Priority on an OSPF Interface
Table 1-24 Configure the DR priority on an OSPF interface
|
Operation |
Command |
Remarks |
|
Enter system view |
system-view |
— |
|
Enter interface view |
interface interface-type interface-number |
— |
|
Configure the DR priority on the OSPF interface |
ospf dr-priority priority |
Optional The default DR priority is 1. |
VI. Configuring OSPF Route Summarization
Table 1-25 Configure ABR route summarization
|
Operation |
Command |
Remarks |
|
Enter system view |
system-view |
— |
|
Enter OSPF view |
ospf [ process-id [ router-id router-id ] ] |
— |
|
Enter area view |
area area-id |
— |
|
Enable ABR route summarization |
abr-summary ip-address mask [ advertise | not-advertise ] |
Required This command takes effect only when it is configured on an ABR. By default, this function is disabled on an ABR. |
Table 1-26 Configure ASBR route summarization
|
Operation |
Command |
Remarks |
|
Enter system view |
system-view |
— |
|
Enter OSPF view |
ospf [ process-id [ router-id router-id ] ] |
— |
|
Enable ASBR route summarization |
asbr-summary ip-address mask [ not-advertise | tag value ] |
Required This command takes effect only when it is configured on an ASBR. By default, summarization of imported routes is disabled. |
VII. Configuring OSPF to Filter Received Routes
Table 1-27 Configure OSPF to filter received routes
|
Operation |
Command |
Remarks |
|
Enter system view |
system-view |
— |
|
Enter OSPF view |
ospf [ process-id [ router-id router-id ] ] |
— |
|
Configure to filter the received routes |
filter-policy { acl-number | ip-prefix ip-prefix-name | gateway ip-prefix-name } import |
Required By default, OSPF does not filter received routing information. |
VIII. Configuring the OSPF Cost on an Interface
Table 1-28 Configure the OSPF cost on an interface
|
Operation |
Command |
Remarks |
|
Enter system view |
system-view |
— |
|
Enter interface view |
interface interface-type interface-number |
— |
|
Configure the OSPF cost on the interface |
ospf cost value |
Optional By default, the interface calculates the OSPF cost according to the current baud rate on it. For a VLAN interface on the switch, a fixed value of 10 is used. |
IX. Configuring OSPF Route Priority
Table 1-29 Configure OSPF route priority
|
Operation |
Command |
Remarks |
|
Enter system view |
system-view |
— |
|
Enter OSPF view |
ospf [ process-id [ router-id router-id ] ] |
— |
|
Configure OSPF route priority |
preference [ ase ] value |
Optional By default, the OSPF route priority is 10 and the priority of OSPF ASE is 150. |
X. Configuring OSPF to Redistribute Routes
Table 1-30 Configure OSPF to redistribute routes
|
Operation |
Command |
Remarks |
|
Enter system view |
system-view |
— |
|
Enter OSPF view |
ospf [ process-id [ router-id router-id ] ] |
— |
|
Configure OSPF to redistribute routes from another protocol |
import-route protocol [ process-id | allow-ibgp ] [ cost value | type value | tag value | route-policy route-policy-name ]* |
Required By default, OSPF does not import the routing information of other protocols. |
|
Configure OSPF to filter outgoing routes |
filter-policy { acl-number | ip-prefix ip-prefix-name } export [ protocol ] |
Optional By default, OSPF does not filter advertised routes. |
|
Enable OSPF to import the default route |
default-route-advertise [ always | cost value | type type-value | route-policy route-policy-name ]* |
Optional By default, OSPF does not import the default route. |
|
Configure the default parameters for redistributed routes, including cost, interval, limit, .tag, and type |
default { cost value | interval seconds | limit routes | tag tag | type type } * |
Optional These parameters respectively default to: l Cost: 1 l Interval: 1 (second) l Limit: 1000 l Tag: 1 l Type: 2 |
XI. Configuring OSPF Timers
Table 1-31 Configure OSPF timers
|
Operation |
Command |
Remarks |
|
Enter system view |
system-view |
— |
|
Enter interface view |
interface interface-type interface-number |
— |
|
Configure the hello interval on the interface |
ospf timer hello seconds |
Optional By default, p2p and broadcast interfaces send Hello packets every 10 seconds; while p2mp and NBMA interfaces send Hello packets every 30 seconds. |
|
Configure the poll interval on the NBMA interface |
ospf timer poll seconds |
Optional By default, poll packets are sent every 40 seconds. |
|
Configure the dead time of the neighboring router on the interface |
ospf timer dead seconds |
Optional By default, the dead time for the OSPF neighboring router on a p2p or broadcast interface is 40 seconds and that for the OSPF neighboring router on a p2mp or NBMA interface is 120 seconds. |
|
Configure the interval for retransmitting an LSA on an interface |
ospf timer retransmit interval |
Optional By default, this interval is five seconds. |
XII. Configure the LSA transmission delay
Table 1-32 Configure the LSA transmission delay
|
Operation |
Command |
Remarks |
|
Enter system view |
system-view |
— |
|
Enter interface view |
interface interface-type interface-number |
— |
|
Configure the LSA transmission delay |
ospf trans-delay seconds |
Optional By default, the LSA transmission delay is one second. |
XIII. Configuring the SPF Calculation Interval
Table 1-33 Configure the SPF calculation interval
|
Operation |
Command |
Remarks |
|
Enter system view |
system-view |
— |
|
Enter OSPF view |
ospf [ process-id [ router-id router-id ] ] |
— |
|
Configure the SPF calculation interval |
spf-schedule-interval interval |
Optional By default, the SPF calculation interval is five seconds. |
XIV. Disabling OSPF Packet Transmission on an Interface
Table 1-34 Disable OSPF packet transmission on an interface
|
Operation |
Command |
Remarks |
|
Enter system view |
system-view |
— |
|
Enter OSPF view |
ospf [ process-id [ router-id router-id ] ] |
— |
|
Disable OSPF packet transmission on a specified interface |
silent-interface silent-interface-type silent-interface-number |
Optional By default, all the interfaces are allowed to transmit OSPF packets. |
XV. Configuring OSPF Authentication
Table 1-35 Configure OSPF authentication
|
Operation |
Command |
Remarks |
|
Enter system view |
system-view |
— |
|
Enter OSPF view |
ospf [ process-id [ router-id router-id ] ] |
— |
|
Enter OSPF area view |
area area-id |
— |
|
Configure the authentication mode of the OSPF area |
authentication-mode { simple | md5 } |
Required By default, no authentication mode is configured for an area. |
|
Return to OSPF view |
quit |
— |
|
Return to system view |
quit |
— |
|
Enter interface view |
interface interface-type interface-number |
— |
|
Configure the authentication mode of the OSPF interface |
ospf authentication-mode { simple password | md5 key-id key } |
Optional By default, OSPF packets are not authenticated on an interface. |
XVI. Configuring the MTU Field in DD Packets
Table 1-36 Configure to fill the MTU field when an interface transmits DD packets
|
Operation |
Command |
Remarks |
|
Enter system view |
system-view |
— |
|
Enter interface view |
interface interface-type interface-number |
Required |
|
Enable the interface to fill in the MTU field when transmitting DD packets |
ospf mtu-enable |
Optional By default, the MTU value is 0 when an interface transmits DD packets. That is, the actual MTU value of the interface is not filled in. |
XVII. Configuring OSPF Network Management
Table 1-37 Configure OSPF network management (NM)
|
Operation |
Command |
Remarks |
|
Enter system view |
system-view |
— |
|
Configure OSPF MIB binding |
ospf mib-binding process-id |
Optional By default, OSPF MIB is bound to the first enabled OSPF process. |
|
Enable OSPF Trap sending |
snmp-agent trap enable ospf [ process-id ] [ ifauthfail | ifcfgerror | ifrxbadpkt | ifstatechange | iftxretransmit | lsdbapproachoverflow | lsdboverflow | maxagelsa | nbrstatechange | originatelsa | vifauthfail | vifcfgerror | virifrxbadpkt | virifstatechange | viriftxretransmit | virnbrstatechange ]* |
Optional You can configure OSPF to send diversified SNMP TRAP messages and specify a certain OSPF process to send SNMP TRAP messages by process ID. |
1.2.5 ISIS Configuration
Table 1-38 IS-IS configuration task list
|
Configuration task |
Remarks |
|
|
IS-IS configuration |
Required |
|
|
Required |
||
|
Required |
||
|
Optional |
||
|
Optional |
||
|
Optional |
||
|
Optional |
||
|
Optional |
||
|
Optional |
||
|
Optional |
||
|
Optional |
||
|
Optional |
||
|
Optional |
||
|
Optional |
||
|
Optional |
||
|
Optional |
||
|
Optional |
||
|
Optional |
||
|
Optional |
||
|
Optional |
||
|
Optional |
||
|
Optional |
||
|
Optional |
||
|
Optional |
||
I. Enabling IS-IS
|
Operation |
Command |
Remarks |
|
Enter system view |
system-view |
— |
|
Enable IS-IS |
isis [ tag ] |
Required Disabled by default |
II. Configuring a Network Entity Title
Table 1-40 Configure a network entity title
|
Operation |
Command |
Remarks |
|
Enter system view |
system-view |
— |
|
Enter IS-IS view |
isis [ tag ] |
— |
|
Specify a network entity title |
network-entity net |
Required |
III. Enabling IS-IS on an Interface
Table 1-41 Enable IS-IS on an interface
|
Operation |
Command |
Remarks |
|
Enter system view |
system-view |
— |
|
Enter interface view |
interface interface-type interface-number |
— |
|
Enable IS-IS on the interface |
isis enable [ tag ] |
Required |
IV. Configuring a DIS Priority for an Interface
Table 1-42 Configure a DIS priority for an interface
|
Operation |
Command |
Remarks |
|
Enter system view |
system-view |
— |
|
Enter interface view |
interface interface-type interface-number |
— |
|
Configure a DIS priority for an interface |
isis dis-priority value [ level-1 | level-2 ] |
Required 64 by default. |
V. Configuring the IS Level
Table 1-43 Configure the IS Level
|
Operation |
Command |
Remarks |
|
Enter system view |
system-view |
— |
|
Enter IS-IS view |
isis [ tag ] |
— |
|
Configure the IS Level |
is-level { level-1 | level-1-2 | level-2 } |
Required level-1-2 by default. |
VI. Configuring an IS-IS Circuit Level for an Interface
Table 1-44 Configure an IS-IS circuit level for an interface
|
Operation |
Command |
Remarks |
|
Enter system view |
system-view |
— |
|
Enter interface view |
interface interface-type interface-number |
— |
|
Configure an IS-IS circuit level for the interface |
isis circuit-level [ level-1 | level-1-2 | level-2 ] |
Required level-1-2 by default. |
VII. Configuring IS-IS Route Redistribution
Table 1-45 Configure IS-IS route redistribution
|
Operation |
Command |
Remarks |
|
Enter system view |
system-view |
— |
|
Enter IS-IS view |
isis [ tag ] |
— |
|
Configuring IS-IS route redistribution from another routing protocol |
import-route protocol [ allow-ibgp ] [ cost value | type { external | internal } | [ level-1 | level-1-2 | level-2 ] | route-policy route-policy-name ]* |
Required No redistribution is configured by default. |
VIII. Configuring IS-IS Route Filtering
Table 1-46 Configure incoming route filtering
|
Operation |
Command |
Remarks |
|
Enter system view |
system-view |
— |
|
Enter IS-IS view |
isis [ tag ] |
— |
|
Configure incoming route filtering |
filter-policy acl-number import |
Required Not configured by default. |
Table 1-47 Configure the filtering of routes redistributed from another routing protocol
|
Operation |
Command |
Remarks |
|
Enter system view |
system-view |
— |
|
Enter IS-IS view |
isis [ tag ] |
— |
|
Configure the filtering of routes redistributed from another routing protocol |
filter-policy acl-number export [ protocol ] |
Required Not configured by default. |
IX. Configuring IS-IS Route Leaking
Table 1-48 Configuring IS-IS route leaking
|
Operation |
Command |
Remarks |
|
Enter system view |
system-view |
— |
|
Enter IS-IS view |
isis [ tag ] |
— |
|
Enable IS-IS route leaking from level-2 to level-1 |
import-route isis level-2 into level-1 [ acl acl-number ] |
Required Disabled by default. |
X. Configuring IS-IS Route Summarization
Table 1-49 Configure IS-IS route summarization
|
Operation |
Command |
Remarks |
|
Enter system view |
system-view |
— |
|
Enter IS-IS view |
isis [ tag ] |
— |
|
Configure a summary IS-IS route |
summary ip-address ip-mask [ level-1 | level-1-2 | level-2 ] |
Required Not configured by default. |
XI. Enabling Default Route Advertisement
Table 1-50 Enable default route advertisement
|
Operation |
Command |
Remarks |
|
Enter system view |
system-view |
— |
|
Enter IS-IS view |
isis [ tag ] |
— |
|
Enable default route advertisement |
default-route-advertise [ route-policy route-policy-name ] |
Required Only the same level routers can accept the default route. |
XII. Configuring a Preference for IS-IS
Table 1-51 Configure a preference for IS-IS
|
Operation |
Command |
Remarks |
|
Enter system view |
system-view |
— |
|
Enter IS-IS view |
isis [ tag ] |
— |
|
Configure a preference for IS-IS |
preference [ value | clns | ip ] |
Required 15 by default. |
XIII. Specifying an IS-IS Cost Style
Table 1-52 Specify an IS-IS cost style
|
Operation |
Command |
Remarks |
|
Enter system view |
System-view |
— |
|
Enter IS-IS view |
isis [ tag ] |
— |
|
Specify an IS-IS cost style |
cost-style { narrow | wide | wide-compatible | { compatible | narrow-compatible } [ relax-spf-limit ] } |
Required narrow by default. |
XIV. Specifying a Cost for an Interface
Table 1-53 Specify a cost for an interface
|
Operation |
Command |
Remarks |
|
Enter system view |
system-view |
— |
|
Enter interface view |
interface interface-type interface-number |
— |
|
Specify a cost for the interface |
isis cost value [ level-1 | level-2 ] |
Required 10 by default. |
XV. Configuring IS-IS Timers
Table 1-54 Configure the hello interval for an interface
|
Operation |
Command |
Remarks |
|
Enter system view |
system-view |
— |
|
Enter interface view |
interface interface-type interface-number |
— |
|
Specify a hello interval in seconds on the interface |
isis timer hello seconds [ level-1 | level-2 ] |
Required 10 seconds by default. |
Table 1-55 Specify the interval for sending CSNPs for an interface
|
Operation |
Command |
Remarks |
|
Enter system view |
system-view |
— |
|
Enter interface view |
interface interface-type interface-number |
— |
|
Specify the interval in seconds for sending CSNPs |
isis timer csnp seconds [ level-1 | level-2 ] |
Required 10 seconds by default. |
Table 1-56 Specify the interval for sending LSPs for an interface
|
Operation |
Command |
Remarks |
|
Enter system view |
system-view |
— |
|
Enter interface view |
interface interface-type interface-number |
— |
|
Specify the interval for sending LSPs |
isis timer lsp time |
Required 33 milliseconds by default. |
Table 1-57 Specify the interval for retransmitting an LSP for an interface
|
Operation |
Command |
Remarks |
|
Enter system view |
system-view |
— |
|
Enter interface view |
interface interface-type interface-number |
— |
|
Specify the interval for retransmitting an LSP on a P2P link |
isis timer retransmit seconds |
Required 5 seconds by default. |
Table 1-58 Specify a hello multiplexer for an interface
|
Operation |
Command |
Remarks |
|
Enter system view |
system-view |
— |
|
Enter interface view |
interface interface-type interface-number |
— |
|
Specify a hello multiplexer for the interface |
isis timer holding-multiplier value [ level-1 | level-2 ] |
Required 3 by default. |
XVI. Configuring IS-IS Authentication
Table 1-59 Configure IS-IS interface authentication
|
Operation |
Command |
Remarks |
|
Enter system view |
system-view |
— |
|
Enter interface view |
interface interface-type interface-number |
— |
|
Configure the IS-IS authentication mode and password on the interface |
isis authentication-mode { simple | md5 } password [ { level-1 | level-2 } [ ip | osi ] ] |
Required Not configured by default. |
Table 1-60 Configure IS-IS area and routing domain authentication
|
Operation |
Command |
Remarks |
|
Enter system view |
system-view |
— |
|
Enter IS-IS view |
isis [ tag ] |
— |
|
Configure the area authentication mode and password |
area-authentication-mode { simple | md5 } password [ ip | osi ] |
Optional Not configured by default. |
|
Configure the routing domain authentication mode and password |
domain-authentication-mode { simple | md5 } password [ ip | osi ] |
Optional Not configured by default. |
Table 1-61 Allow MD5 to be compatible with other vendors
|
Operation |
Command |
Remarks |
|
Enter system view |
system-view |
— |
|
Enter IS-IS view |
isis [ tag ] |
— |
|
Allow MD5 to be compatible with other vendors |
md5-compatible |
Required |
|
Configure IS-IS to use the default MD5 algorithm |
undo md5-compatible |
Optional By default, the private MD5 algorithm is used. |
XVII. Adding an Interface into a Mesh Group
Table 1-62 Add an interface into a mesh group
|
Operation |
Command |
Remarks |
|
Enter system view |
system-view |
— |
|
Enter interface view |
interface interface-type interface-number |
— |
|
Add an interface into a mesh group |
isis mesh-group { mesh-group-number | mesh-blocked } |
Required Not configured by default. |
XVIII. Setting the Overload Bit
Table 1-63 Set the overload bit
|
Operation |
Command |
Remarks |
|
Enter system view |
system-view |
— |
|
Enter IS-IS view |
isis [ tag ] |
— |
|
Set the overload bit |
set-overload |
Required Not set by default. |
XIX. Configuring IS-IS to Discard Checksum Error LSPs
Table 1-64 Configure IS-IS to discard checksum error LSPs
|
Operation |
Command |
Remarks |
|
Enter system view |
system-view |
— |
|
Enter IS-IS view |
isis [ tag ] |
— |
|
Configure IS-IS to discard checksum error LSPs |
ignore-lsp-checksum-error |
Required By default, ISIS ignores checksum error LSPs. |
XX. Enabling Logging of Neighbor State Changes
Table 1-65 Enable logging of neighbor state changes
|
Operation |
Command |
Remarks |
|
Enter system view |
system-view |
— |
|
Enter IS-IS view |
isis [ tag ] |
— |
|
Enable logging of neighbor state changes |
log-peer-change |
Required Disabled by default. |
XXI. Configuring the LSP Refresh Interval
Table 1-66 Configure the LSP refresh interval
|
Operation |
Command |
Remarks |
|
Enter system view |
system-view |
— |
|
Enter IS-IS view |
isis [ tag ] |
— |
|
Configure the LSP refresh interval |
timer lsp-refresh seconds |
Required 900 seconds by default. |
XXII. Configuring the LSP Age
Table 1-67 Configure the LSP age
|
Operation |
Command |
Remarks |
|
Enter system view |
system-view |
— |
|
Enter IS-IS view |
isis [ tag ] |
— |
|
Configure the LSP age |
timer lsp-max-age seconds |
Required 1200 seconds by default. |
XXIII. Configure SPF Parameters
Table 1-68 Specify the SPF calculation interval
|
Operation |
Command |
Remarks |
|
Enter system view |
system-view |
— |
|
Enter IS-IS view |
isis [ tag ] |
— |
|
Specify the SPF calculation interval |
timer spf seconds [ level-1 | level-2 ] |
Required 10 seconds by default. |
Table 1-69 Specify the interval of an SPF slice
|
Operation |
Command |
Remarks |
|
Enter system view |
system-view |
— |
|
Enter IS-IS view |
isis [ tag ] |
— |
|
Specify the interval of an SPF slice |
spf-slice-size seconds |
Required By default, an SPF calculation is not sliced. |
Table 1-70 Configure SPF to release CPU
|
Operation |
Command |
Remarks |
|
Enter system view |
system-view |
— |
|
Enter IS-IS view |
isis [ tag ] |
— |
|
Configure SPF to release the CPU after processing the specified number of routes |
spf-delay-interval number |
Required By default, SPF releases the CPU each time it finishes processing 5000 routes. |
XXIV. Disabling an Interface from Sending ISIS Packets
Table 1-71 Disable an interface from sending ISIS packets
|
Operation |
Command |
Remarks |
|
Enter system view |
system-view |
— |
|
Enter IS-IS view |
isis [ tag ] |
— |
|
Disable an interface from sending ISIS packets |
silent-interface interface-type interface-number |
Required Enabled by default. |
1.2.6 BGP Configuration
Table 1-72 BGP configuration task list
|
Configuration task |
Remarks |
|
|
Required |
||
|
Configuring the way to advertise/receive routing information |
Optional |
|
|
Optional |
||
|
Optional |
||
|
Optional |
||
|
Optional |
||
|
Optional |
||
|
Optional |
||
|
Optional |
||
|
Optional |
||
|
Configure a large-scale BGP network |
Required |
|
|
Required |
||
|
Optional |
||
|
Optional |
||
I. Configuring Basic BGP Functions
Table 1-73 Configure basic BGP functions
|
Operation |
Command |
Description |
|
Enter system view |
system-view |
— |
|
Enable BGP and enter BGP view |
bgp as-number |
Required By default, BGP is disabled. |
|
Specify the AS number for the BGP peers |
peer group-name as-number as-number |
By default, a peer is not assigned an AS number. |
|
Assign a description string for a BGP peer/a BGP peer group |
peer { group-name | ip-address } description description-text |
Optional By default, a peer/a peer group is not assigned a description string. |
|
Activate a specified BGP peer |
peer { group-name | ip-address } enable |
Optional By default, a BGP peer is active. |
|
Specify the source interface for route update packets |
peer { group-name | ip-address } connect-interface interface-type interface-number |
Optional By default, the source interface of the optimal route update packets is used as the source interface. |
|
Allow routers that belong to non-directly connected networks to establish EBGP connections. |
peer group-name ebgp-max-hop [ hop-count ] |
Optional By default, routers that belong to two non-directly connected networks cannot establish EBGP connections. You can configure the maximum hops of EBGP connection by specifying the hop-count argument. |
II. Importing Routes
|
Operation |
Command |
Description |
|
Enter system view |
system-view |
— |
|
Enable BGP, and enter BGP view |
bgp as-number |
— |
|
Import the default route to the BGP routing table |
default-route imported |
Optional By default, BGP does not import default routes to BGP routing table. |
|
Import and advertise routing information generated by other protocols. |
import-route protocol [ process-id ] [ med med-value | route-policy route-policy-name ]* |
Required By default, BGP does not import nor advertise the routing information generated by other protocols. |
|
Advertise network segment routes to BGP routing table |
network network-address [ mask ] [route-policy route-policy-name ] |
Optional By default, BGP does not advertise any network segment routes. |
III. Configuring BGP Route Aggregation
Table 1-75 Configure BGP route aggregation
|
Operation |
Command |
Description |
|
|
Enter system view |
system-view |
— |
|
|
Enable BGP, and enter BGP view |
bgp as-number |
Required By default, BGP is disabled. |
|
|
Configure BGP route aggregation |
Enable automatic route aggregation |
summary |
Required By default, routes are not aggregated. |
|
Enable manual route aggregation |
aggregate ip-address mask [ as-set | attribute-policy route-policy-name | detail-suppressed | origin-policy route-policy-name | suppress-policy route-policy-name ]* |
||
IV. Enabling Default Route Advertising
Table 1-76 Enable default rout advertising
|
Operation |
Command |
Description |
|
Enter system view |
system-view |
— |
|
Enter BGP view |
bgp as-number |
— |
|
Enable default route advertising |
peer group-name default-route-advertise |
Required By default, a BGP router does not send default routes to a specified peer/peer group. |
V. Configuring route reception filtering policies
Table 1-77 Configure route reception filtering policies
|
Operation |
Command |
Description |
|
|
Enter system view |
system-view |
— |
|
|
Enter BGP view |
bgp as-number |
— |
|
|
Configure the global route reception filtering policy |
filter-policy { acl-number | gateway ip-prefix-name | ip-prefix ip-prefix-name [ gateway ip-prefix-name ] } import |
Required By default, the incoming routing information is not filtered. |
|
|
Reference a routing policy to filter routes from a peer/peer group |
peer { group-name | ip-address } route-policy policy-name import |
Required By default, no route filtering policy is specified for a peer/peer group. |
|
|
Filter the routing information from a peer/peer group |
Reference an ACL to filter BGP routes from a peer/peer group |
peer { group-name | ip-address } filter-policy acl-number import |
Required By default, no ACL-based BGP route filtering policy, AS path ACL-based BGP route filtering policy, or IP prefix list-based BGP route filtering policy is configured for a peer/peer group. |
|
Reference an AS path ACL to filter routes from a peer/peer group |
peer { group-name | ip-address } as-path-acl acl-number import |
||
|
Reference an IP prefix list to filter routes from a peer/peer group |
peer { group-name | ip-address } ip-prefix ip-prefix-name import |
||
VI. Configuring route advertisement filtering policies
Table 1-78 Configure route advertisement filtering policies
|
Operation |
Command |
Description |
|
|
Enter system view |
system-view |
— |
|
|
Enter BGP view |
bgp as-number |
— |
|
|
Configure the global route advertisement filtering policy |
filter-policy { acl-number | ip-prefix ip-prefix-name } export [ protocol [ process-id ] ] |
Required By default, advertised routes are not filtered. |
|
|
Reference a routing policy to filter the routes to a peer group |
peer group-name route-policy route-policy-name export |
Required By default, no route advertising policy is specified for the routes advertised to a peer group. |
|
|
Filter the routing information to a peer group |
Reference an ACL to filter BGP routes to a peer group |
peer group-name filter-policy acl-number export |
Required Not configured by default |
|
Reference an AS path ACL to filter BGP routes to a peer group |
peer group-name as-path-acl acl-number export |
||
|
Reference an IP prefix list to filter BGP routes to a peer group |
peer group-name ip-prefix ip-prefix-name export |
||
VII. Disabling BGP-IGP Route Synchronization
Table 1-79 Disable BGP-IGP route synchronization
|
Operation |
Command |
Description |
|
Enter system view |
system-view |
— |
|
Enter BGP view |
bgp as-number |
— |
|
Disable BGP-IGP route synchronization |
undo synchronization |
Required By default, BGP routes and IGP routes are not synchronized. |
VIII. Configuring BGP Load Balancing
Table 1-80 Configure BGP load balancing
|
Operation |
Command |
Description |
|
Enter system view |
system-view |
— |
|
Enter BGP view |
bgp as-number |
— |
|
Configure the maximum number of equal cost BGP routes for load balancing |
balance num |
Required By default, no load balancing is configured. |
IX. Configuring BGP Route Dampening
Table 1-81 Configure BGP route dampening
|
Operation |
Command |
Description |
|
Enter system view |
system-view |
— |
|
Enter BGP view |
bgp as-number |
— |
|
Configure BGP route dampening-related parameters |
dampening [ half-life-reachable half-life-unreachable reuse suppress ceiling ] [ route-policy route-policy-name ] |
Required By default, route dampening is disabled. Other default route dampening-related parameters are as follows. l half-life-reachable: 15 (in minutes) l half-life-unreachable: 15 (in minutes) l reuse: 750 l suppress: 2000 l ceiling: 16,000 |
X. Configuring BGP Route Attributes
Table 1-82 Configure BGP route attributes
|
Operation |
Command |
Description |
||
|
Enter system view |
system-view |
— |
||
|
Enter BGP view |
bgp as-number |
— |
||
|
Configure the management preference of the exterior, interior and local routes |
preference ebgp-value ibgp-value local-value |
Optional By default, the management preference of the exterior, interior and local routes is 256, 256, and 130. |
||
|
Set the default local preference |
default local-preference value |
Optional By default, the local preference defaults to 100. |
||
|
Configure the MED attribute |
Configure the default local MED value |
default med med-value |
Optional By default, the med-value argument is 0. |
|
|
Permit to compare the MED values of the routes coming from the neighbor routers in different ASs. |
compare-different-as-med |
Optional By default, the compare of MED values of the routes coming from the neighbor routers in different ASs is disabled. |
||
|
Configure the local address as the next hop address when a BGP router advertises a route. |
peer group-name next-hop-local |
Required In some network, to ensure an IBGP neighbor locates the correct next hop, you can configure the next hop address of a route to be the local address for a BGP router to advertise route information to IBGP peer groups. |
||
|
Configure the AS_Path attribute |
Configure the number of local AS number occurrences allowed |
peer { group-name | ip-address } allow-as-loop [ number ] |
Optional By default, the number of local AS number occurrences allowed is 1. |
|
|
Assign an AS number for a peer group |
peer group-name as-number as-number |
Optional By default, the local AS number is not assigned to a peer group. |
||
|
Configure that the BGP update packets only carry the pubic AS number in the AS_Path attribute when a peer sends BGP update packets to BGP peers. |
peer group-name public-as-only |
Optional By default, a BGP update packet carries the private AS number. |
||
XI. Adjusting and Optimizing a BGP Network
Table 1-83 Adjust and optimize a BGP network
|
Operation |
Command |
Description |
|
|
Enter system view |
system-view |
— |
|
|
Enter BGP view |
bgp as-number |
— |
|
|
Configure BGP timer |
Configure the Keepalive time and Holdtime of BGP. |
timer keepalive keepalive-interval hold holdtime-interval |
Optional By default, the keepalive time is 60 seconds, and holdtime is 180 seconds. The priority of the timer configured by the timer command is lower than that of the timer configured by the peer time command. |
|
Configure the Keepalive time and holdtime of a specified peer/peer group. |
peer { group-name | ip-address } timer keepalive keepalive-interval hold holdtime-interval |
||
|
Configure the interval at which a peer group sends the same route update packet |
peer group-name route-update-interval seconds |
Optional By default, the interval at which a peer group sends the same route update packet to IBGP peers is 15 seconds, and to EBGP peers is 30 seconds. |
|
|
Perform soft refreshment of BGP connection manually |
return |
— |
|
|
refresh bgp { all | ip-address | group group-name } [ multicast ] { import | export } |
Optional |
||
|
system-view |
Enter BGP view again |
||
|
bgp as-number |
|||
|
Configure BGP to perform MD5 authentication when establishing TCP connection |
peer { group-name | ip-address } password { cipher | simple } password |
Optional By default, BGP dose not perform MD5 authentication when establishing TCP connection. |
|
XII. Configuring BGP Peer Group
Table 1-84 Configure BGP peer group
|
Operation |
Command |
Description |
|
|
Enter system view |
system-view |
— |
|
|
Enter BGP view |
bgp as-number |
— |
|
|
Create an IBGP peer group |
Create an IBGP peer group |
group group-name [ internal ] |
Optional If the command is executed without the internal or external keyword, an IBGP peer group will be created. You can add multiple peers to the group, and the system will automatically create a peer in BGP view, and configure its AS number as the local AS number. |
|
Add a peer to a peer group |
peer ip-address group group-name [ as-number as-number ] |
||
|
Create an EBGP peer group |
Create an EBGP peer group |
group group-name external |
Optional You can add multiple peers to the group. The system automatically creates the peer in BGP view and specifies its AS number as the one of the peer group. |
|
Configure the AS number of a peer group |
peer group-name as-number as-number |
||
|
Add a peer to a peer group |
peer ip-address group group-name [ as-number as-number ] |
||
|
Create a hybrid EBGP peer group |
Create an EBGP peer group |
group group-name external |
Optional You can add multiple peers to the peer group. |
|
Add a peer to a peer group |
peer ip-address group group-name [ as-number as-number ] |
||
|
Finish the session with the specified peer/peer group |
peer { group-name | ip-address } shutdown |
Optional |
|
XIII. Configuring BGP Community
Table 1-85 Configure BGP community
|
Operation |
Command |
Description |
|
Enter system view |
system-view |
— |
|
Enter BGP view |
bgp as-number |
— |
|
Configure the peers to advertise community attribute to each other |
peer group-name advertise-community |
Required By default, no community attribute or extended community attribute is advertised to any peer group. |
|
Specify routing policy for the routes exported to the peer group |
peer group-name route-policy route-policy-name export |
Required By default, no routing policy is specified for the routes exported to the peer group. |
XIV. Configuring BGP RR
Table 1-86 Configure BGP RR
|
Operation |
Command |
Description |
|
Enter system view |
system-view |
— |
|
Enter BGP view |
bgp as-number |
— |
|
Configure the local router as the RR and configure the peer group as the client of the RR |
peer group-name reflect-client |
Required By default, no RR or its client is configured. |
|
Enable route reflection between clients |
reflect between-clients |
Optional By default, route reflection is enabled between clients. |
|
Configure cluster ID of an RR |
reflector cluster-id cluster-id |
Optional By default, an RR uses its own router ID as the cluster ID. |
XV. Configuring BGP Confederation
Table 1-87 Configure BGP confederation
|
Operation |
Command |
Description |
|
|
Enter system view |
system-view |
— |
|
|
Enter BGP view |
bgp as-number |
— |
|
|
Basic BGP confederation configuration |
Configure confederation ID |
confederation id as-number |
Required By default, no confederation ID is configured and no sub-AS is configured for a confederation. |
|
Specify the sub-ASs included in a confederation |
confederation peer-as as-number-list |
||
|
Configure the compatibility of a confederation |
confederation { nonstandard | standard1965 | standard3065 } |
Optional By default, the confederation configured is consistent with the RFC 1965. |
|
1.2.7 Route Policy Configuration
Table 1-88 Route policy configuration task list
|
Configuration task |
Remarks |
|
|
Optional |
||
|
Optional |
||
|
Optional |
||
|
Define a routing policy |
Required |
|
|
Optional |
||
|
Optional |
||
I. Configuring an IP Prefix List
Table 1-89 Configure an IPv4 IP-prefix list
|
Operation |
Command |
Remarks |
|
Enter system view |
system-view |
— |
|
Configure an IPv4 IP-prefix list |
ip ip-prefix ip-prefix-name [ index index-number ] { permit | deny } network len [ greater-equal greater-equal | less-equal less-equal ] |
Required By default, no IP-prefix list is specified. |
II. Configuring an AS Path List
Table 1-90 AS path list configuration
|
Operation |
Command |
Description |
|
Enter system view |
system-view |
— |
|
Configure AS path list |
ip as-path-acl acl-number { permit | deny } as-regular-expression |
Optional By default, no AS path list is defined |
III. Configuring Community Lists
Table 1-91 Community list configuration
|
Operation |
Command |
Description |
|
Enter system view |
system-view |
— |
|
Configure basic community list |
ip community-list basic-comm-list-number { permit | deny } [ aa:nn &<1-12> | internet | no-export-subconfed | no-advertise | no-export ]* |
Optional By default, no BGP community list is defined |
|
Configure advanced community list |
ip community-list adv-comm-list-number { permit | deny } comm-regular-expression |
Optional By default, no BGP community list is defined |
IV. Defining a Routing Policy
Table 1-92 Define a routing policy
|
Operation |
Command |
Remarks |
|
Enter system view |
system-view |
— |
|
Define a routing policy and enter the routing policy view |
route-policy route-policy-name { permit | deny } node node-number |
Required By default, no routing policy is defined. |
V. Define if-match Clauses
Table 1-93 Define if-match clauses
|
Operation |
Command |
Description |
|
Enter system view |
system-view |
— |
|
Enter the route-policy view |
route-policy route-policy-name { permit | deny } node node-number |
Required |
|
Define a rule to match AS path of BGP routing information |
if-match as-path as-path-number |
Optional |
|
Define a rule to match community attributes of BGP routing information |
if-match community { basic-community-number [ whole-match ] | adv-community-number } |
Optional |
|
Define a rule to match the IP address of routing information |
if-match { acl acl-number | ip-prefix ip-prefix-name } |
Optional By default, no matching is performed on the address of routing information. |
|
Define a rule to match the routing cost of routing information |
if-match cost value |
Optional By default, no matching is performed on the routing cost of routing information. |
|
Define a rule to match the next-hop interface of routing information |
if-match interface interface-type interface-number |
Optional By default, no matching is performed on the next-hop interface of routing information. |
|
Define a rule to match the next-hop address of routing information |
if-match ip next-hop { acl acl-number | ip-prefix ip-prefix-name } |
Optional By default, no matching is performed on the next-hop address of routing information. |
|
Define a rule to match the tag field of OSPF routing information |
if-match tag value |
Optional By default, no matching is performed on the tag field of OSPF routing information. |
VI. Define apply Clauses
Table 1-94 Define apply clauses
|
Operation |
Command |
Description |
|
Enter system view |
system-view |
— |
|
Enter the route-policy view |
route-policy route-policy-name { permit | deny } node node-number |
Required |
|
Add the specified AS number list in BGP routing information |
apply as-path as-number-list |
Optional |
|
Configure community attributes for BGP routing information |
apply community { none | [ aa:nn ] &<1-13> [ no-export-subconfed | no-export | no-advertise ]* [ additive ] } |
Optional |
|
Set next hop IP address for routing information |
apply ip next-hop ip-address |
Optional |
|
Import routing information into the specified IS-IS level |
apply isis [ level-1 | level-2 | level-1-2 ] |
Optional |
|
Set the local preference of BGP routing information |
apply local-preference local-preference |
Optional |
|
Define an action to set the cost of routing information |
apply cost value |
Optional By default, no action is defined to set the routing cost of routing information. |
|
Set route cost type for routing information |
apply cost-type [ internal | external ] |
Optional |
|
Set route source of BGP routing information |
apply origin { igp | egp as-number | incomplete } |
Optional |
|
Define an action to set the tag field of routing information |
apply tag value |
Optional By default, no action is defined to set the tag field of OSPF routing information. |
Chapter 2 Configuration Examples
& Note:
The following configuration examples use the S7500 series switches.
2.1 Configuration Examples
2.1.1 Static Routing Configuration Example
I. Network requirements
1) Requirement analysis:
A small company requires any two nodes in its network communicate with each other. The network should be simple and stable. The customer hopes to make the best use of the existing devices that do not support dynamic routing protocols.
Based on the customer requirements and networking environment, configure static routes to realize network interconnection.
2) Network diagram
Figure 2-1 shows the network diagram.
Figure 2-1 Network diagram for static route configuration
II. Configuration procedure
Configure the switches:
# Configure static routes on Switch A.
<SwitchA> system-view
[SwitchA] ip route-static 1.1.3.0 255.255.255.0 1.1.2.2
[SwitchA] ip route-static 1.1.4.0 255.255.255.0 1.1.2.2
[SwitchA] ip route-static 1.1.5.0 255.255.255.0 1.1.2.2
# Configure static routes on Switch B.
<SwitchB> system-view
[SwitchB] ip route-static 1.1.2.0 255.255.255.0 1.1.3.1
[SwitchB] ip route-static 1.1.5.0 255.255.255.0 1.1.3.1
[SwitchB] ip route-static 1.1.1.0 255.255.255.0 1.1.3.1
# Configure static routes on Switch C.
<SwitchC> system-view
[SwitchC] ip route-static 1.1.1.0 255.255.255.0 1.1.2.1
[SwitchC] ip route-static 1.1.4.0 255.255.255.0 1.1.3.2
Configure the hosts:
# Configure the default gateway as 1.1.5.1 on host A (omitted).
# Configure the default gateway as 1.1.4.1 on host B (omitted).
# Configure the default gateway as 1.1.1.1 on host C (omitted).
Now any two hosts or switches can communicate with each other.
2.1.2 RIP Configuration Examples
I. Network requirements
1) Requirement analysis:
A small company requires any two nodes in its network can communicate with each other. The devices can dynamically adjust to network topology changes.
Based on the customer requirements and networking environment, use RIP to realize network interconnection.
2) Network diagram
Figure 2-2 shows the network diagram.
|
Device |
Interface |
IP Address |
Device |
Interface |
IP Address |
|
Switch A |
Vlan-int1 |
110.11.2.1/24 |
Switch B |
Vlan-int1 |
110.11.2.2/24 |
|
|
Vlan-int2 |
155.10.1.1/24 |
|
Vlan-int3 |
196.38.165.1/24 |
|
Switch C |
Vlan-int1 |
110.11.2.3/24 |
|
|
|
|
|
Vlan-int4 |
117.102.0.1/16 |
|
|
|
Figure 2-2 Network diagram for RIP configuration
II. Configuration procedure
& Note:
Only RIP-related configurations are described below. Before performing the following configurations, make sure that the data link layer works normally and the IP addresses of the VLAN interfaces have been configured.
1) Configure Switch A.
# Configure RIP.
<SwitchA> system-view
[SwitchA] rip
[SwitchA-rip] network 110.11.2.0
[SwitchA-rip] network 155.10.1.0
2) Configure Switch B.
# Configure RIP.
<SwitchB> system-view
[SwitchB] rip
[SwitchB-rip] network 196.38.165.0
[SwitchB-rip] network 110.11.2.0
3) Configure Switch C.
# Configure RIP.
<SwitchC> system-view
[SwitchC] rip
[SwitchC-rip] network 117.102.0.0
[SwitchC-rip] network 110.11.2.0
2.1.3 DR Configuration Example
I. Network requirements
1) Requirement analysis
Use OSPF to realize interconnection between devices in a broadcast network. Devices with higher performance should become the DR and BDR to improve network performance. Devices with lower performance are forbidden to take part in DB/BDR election.
Based on the customer requirements and networking environment, assign proper priorities to interfaces.
2) Network diagram
Figure 2-3 shows the network diagram.
|
Device |
Interface |
IP address |
Router ID |
Interface priority |
|
Switch A |
Vlan-int1 |
196.1.1.1/24 |
1.1.1.1 |
100 |
|
Switch B |
Vlan-int1 |
196.1.1.2/24 |
2.2.2.2 |
0 |
|
Switch C |
Vlan-int1 |
196.1.1.3/24 |
3.3.3.3 |
2 |
|
Switch D |
Vlan-int1 |
196.1.1.4/24 |
4.4.4.4 |
1 |
Figure 2-3 Network diagram for OSPF DR selection
II. Configuration procedure
# Configure Switch A.
<SwitchA> system-view
[SwitchA] interface Vlan-interface 1
[SwitchA-Vlan-interface1] ip address 196.1.1.1 255.255.255.0
[SwitchA-Vlan-interface1] ospf dr-priority 100
[SwitchA-Vlan-interface1] quit
[SwitchA] router id 1.1.1.1
[SwitchA] ospf
[SwitchA-ospf-1] area 0
[SwitchA-ospf-1-area-0.0.0.0] network 196.1.1.0 0.0.0.255
# Configure Switch B.
<SwitchB> system-view
[SwitchB] interface Vlan-interface 1
[SwitchB-Vlan-interface1] ip address 196.1.1.2 255.255.255.0
[SwitchB-Vlan-interface1] ospf dr-priority 0
[SwitchB-Vlan-interface1] quit
[SwitchB] router id 2.2.2.2
[SwitchB] ospf
[SwitchB-ospf-1] area 0
[SwitchB-ospf-1-area-0.0.0.0] network 196.1.1.0 0.0.0.255
# Configure Switch C.
<SwitchC> system-view
[SwitchC] interface Vlan-interface 1
[SwitchC-Vlan-interface1] ip address 196.1.1.3 255.255.255.0
[SwitchC-Vlan-interface1] ospf dr-priority 2
[SwitchC-Vlan-interface1] quit
[SwitchC] router id 3.3.3.3
[SwitchC] ospf
[SwitchC-ospf-1] area 0
[SwitchC-ospf-1-area-0.0.0.0] network 196.1.1.0 0.0.0.255
# Configure Switch D.
<SwitchD> system-view
[SwitchD] interface Vlan-interface 1
[SwitchD-Vlan-interface1] ip address 196.1.1.4 255.255.255.0
[SwitchD-Vlan-interface1] quit
[SwitchD] router id 4.4.4.4
[SwitchD] ospf
[SwitchD-ospf-1] area 0
[SwitchD-ospf-1-area-0.0.0.0] network 196.1.1.0 0.0.0.255
Use the display ospf peer command to display OSPF neighbors on Switch A. Note that Switch A has three neighbors.
The state of each neighbor is full. This means that Switch A has formed adjacencies with all neighbors. (Switch A and Switch C can act as the DR and BDR only when they establish adjacencies with all the switches in the network.) Switch A acts as the DR, while Switch C acts as the BDR. Any other neighbor is DRother (neither DR nor BDR).
# Change the priority of Switch B to 200.
<SwitchB> system-view
[SwitchB] interface Vlan-interface 1
[SwitchB-Vlan-interface1] ospf dr-priority 200
Use the display ospf peer command to display OSPF neighbors on Switch A. Note that the priority of Switch B is 200 now, but it is not the DR.
The DR will be reelected only after the current DR fails to work. Shut down Switch A and use the display ospf peer command to display neighbors on Switch D. Note that Switch C that used to be the BDR becomes the DR and Switch B becomes the BDR.
If you shut down and then restart all the switches, Switch B with priority 200 will be elected as the DR and Switch A with priority 100 will be elected as the BDR, because such operation triggers a new round of DR/BDR election.
2.1.4 OSPF Virtual Link Configuration Examples
I. Network requirements
1) Requirement analysis
Devices in the network run OSPF to realize interconnection. The network is split into three areas: one backbone area and two non-backbone areas (Area 1 and Area 2). Area 2 has no direct connection to the backbone, and it has to reach the backbone through Area 1. The customer hopes that Area 2 can interconnect with other two areas.
Based on the customer requirements and networking environment, use a virtual link to connect Area 2 to the backbone area.
2) Network diagram
Figure 2-4 shows the network diagram.
|
Device |
Interface |
IP address |
Router ID |
|
Switch A |
Vlan-int1 |
196.1.1.2/24 |
1.1.1.1 |
|
|
Vlan-int2 |
197.1.1.2/24 |
— |
|
Switch B |
Vlan-int1 |
152.1.1.1/24 |
2.2.2.2 |
|
|
Vlan-int2 |
197.1.1.1/24 |
— |
Figure 2-4 Network diagram for virtual link configuration
II. Configuration procedure
1) Configure OSPF basic functions
# Configure Switch A.
<SwitchA> system-view
[SwitchA] interface vlan-interface 1
[SwitchA-Vlan-interface1] ip address 196.1.1.2 255.255.255.0
[SwitchA-Vlan-interface1] quit
[SwitchA] interface vlan-interface 2
[SwitchA-Vlan-interface2] ip address 197.1.1.2 255.255.255.0
[SwitchA-Vlan-interface2] quit
[SwitchA] router id 1.1.1.1
[SwitchA] ospf
[SwitchA-ospf-1] area 0
[SwitchA-ospf-1-area-0.0.0.0] network 196.1.1.0 0.0.0.255
[SwitchA-ospf-1-area-0.0.0.0] quit
[SwitchA-ospf-1] area 1
[SwitchA-ospf-1-area-0.0.0.1] network 197.1.1.0 0.0.0.255
[SwitchA-ospf-1-area-0.0.0.1] quit
[SwitchA-ospf-1] quit
# Configure Switch B.
<SwitchB> system-view
[SwitchB] interface Vlan-interface 1
[SwitchB-Vlan-interface1] ip address 152.1.1.1 255.255.255.0
[SwitchB-Vlan-interface1] quit
[SwitchB] interface Vlan-interface 2
[SwitchB-Vlan-interface2] ip address 197.1.1.1 255.255.255.0
[SwitchB-Vlan-interface2] quit
[SwitchB] router id 2.2.2.2
[SwitchB] ospf
[SwitchB-ospf-1] area 1
[SwitchB-ospf-1-area-0.0.0.1] network 197.1.1.0 0.0.0.255
[SwitchB-ospf-1-area-0.0.0.1] quit
[SwitchB-ospf-1] area 2
[SwitchB-ospf-1-area-0.0.0.2] network 152.1.1.0 0.0.0.255
[SwitchB-ospf-1-area-0.0.0.2] quit
# Display the OSPF routing table on Switch A
[SwitchA] display ospf routing
OSPF Process 1 with Router ID 1.1.1.1
Routing Tables
Routing for Network
Destination Cost Type NextHop AdvRouter Area
196.1.1.0/24 10 Stub 196.1.1.2 1.1.1.1 0.0.0.0
197.1.1.0/24 10 Net 197.1.1.1 2.2.2.2 0.0.0.1
Total Nets: 2
Intra Area: 2 Inter Area: 0 ASE: 0 NSSA: 0
& Note:
Since Area2 has no direct connection to Area0, the routing table of RouterA has no route to Area2.
2) Configure a virtual link
# Configure Switch A.
[SwitchA] ospf
[SwitchA-ospf-1] area 1
[SwitchA-ospf-1-area-0.0.0.1] vlink-peer 2.2.2.2
[SwitchA-ospf-1-area-0.0.0.1] quit
[SwitchA-ospf-1] quit
# Configure Switch B.
[SwitchB-ospf-1] area 1
[SwitchB-ospf-1-area-0.0.0.1] vlink-peer 1.1.1.1
[SwitchB-ospf-1-area-0.0.0.1] quit
# Display the OSPF routing table on Switch A.
[SwitchA]display ospf routing
OSPF Process 1 with Router ID 1.1.1.1
Routing Tables
Routing for Network
Destination Cost Type NextHop AdvRouter Area
196.1.1.0/24 10 Stub 196.1.1.2 1.1.1.1 0.0.0.0
197.1.1.0/24 10 Net 197.1.1.1 2.2.2.2 0.0.0.1
152.1.1.0/24 20 SNet 197.1.1.1 2.2.2.2 0.0.0.0
Total Nets: 3
Intra Area: 2 Inter Area: 1 ASE: 0 NSSA: 0
Switch A has learned the route 152.1.1.0/24 to Area2.
2.1.5 Basic IS-IS Configuration Example
I. Network requirements
1) Requirement analysis
A small company requires that any two nodes on its network can communicate with each other. The network devices can adapt to topology changes and complete fast route convergence accordingly.
According to the requirements and actual network environment, use IS-IS to enable communication between devices.
2) Network diagram
Figure 2-5 Basic IS-IS configuration network diagram
II. Configuration procedure
# Configure Switch A.
<SwitchA> system-view
[SwitchA] isis
[SwitchA-isis] network-entity 86.0001.0000.0000.0005.00
[SwitchA] interface vlan-interface 100
[SwitchA-Vlan-interface100] ip address 100.10.0.1 255.255.255.0
[SwitchA-Vlan-interface100] isis enable
[SwitchA] interface vlan-interface 101
[SwitchA-Vlan-interface101] ip address 100.0.0.1 255.255.255.0
[SwitchA-Vlan-interface101] isis enable
[SwitchA] interface vlan-interface 102
[SwitchA-Vlan-interface102] ip address 100.20.0.1 255.255.255.0
[SwitchA-Vlan-interface102] isis enable
# Configure Switch B.
[SwitchB] isis
[SwitchB-isis] network-entity 86.0001.0000.0000.0006.00
[SwitchB] interface vlan-interface 101
[SwitchB-Vlan-interface101] ip address 200.10.0.1 255.255.255.0
[SwitchB-Vlan-interface101] isis enable
[SwitchB] interface vlan-interface 102
[SwitchB-Vlan-interface102] ip address 200.0.0.1 255.255.255.0
[SwitchB-Vlan-interface102] isis enable
[SwitchB] interface vlan-interface 100
[SwitchB-Vlan-interface100] ip address 100.10.0.2 255.255.255.0
[SwitchB-Vlan-interface100] isis enable
# Configure Switch C.
[SwitchC] isis
[SwitchC-isis] network-entity 86.0001.0000.0000.0007.00
[SwitchC] interface vlan-interface 101
[SwitchC-Vlan-interface101] ip address 200.10.0.2 255.255.255.0
[SwitchC-Vlan-interface101] isis enable
[SwitchC] interface vlan-interface 100
[SwitchC-Vlan-interface100] ip address 200.20.0.1 255.255.255.0
[SwitchC-Vlan-interface100] isis enable
# Configure Switch D.
[SwitchD] isis
[SwitchD-isis] network-entity 86.0001.0000.0000.0008.00
[SwitchD] interface vlan-interface 102
[SwitchD-Vlan-interface102] ip address 100.20.0.2 255.255.255.0
[SwitchD-Vlan-interface102] isis enable
[SwitchD] interface vlan-interface 100
[SwitchD-Vlan-interface100] ip address 100.30.0.1 255.255.255.0
[SwitchD-Vlan-interface100] isis enable
2.1.6 BGP Confederation Configuration Example
I. Network requirements
1) Requirement analysis
BGP runs in a large AS of a company. As the number of IBGP peers increases rapidly in the AS, more network resources for BGP communication are occupied. The customer hopes to reduce IBGP peers and decrease the CPU and network resources consumption of BGP without affecting device performance.
Based on user requirements, configure a BGP confederation to achieve the goal.
2) Network diagram
Figure 2-6 shows the network diagram.
|
Device |
Interface |
IP address |
AS |
|
Switch A |
Vlan-int 10 |
172.68.10.1/24 |
100 |
|
|
Vlan-int 50 |
10.1.1.1/24 |
|
|
Switch B |
Vlan-int 10 |
172.68.10.2/24 |
|
|
Switch C |
Vlan-int 10 |
172.68.10.3/24 |
|
|
|
Vlan-int 20 |
172.68.1.1/24 |
|
|
|
Vlan-int 30 |
156.10.1.1/24 |
|
|
Switch D |
Vlan-int 20 |
172.68.1.2/24 |
|
|
Switch E |
Vlan-int 30 |
156.10.1.2/24 |
200 |
|
|
Vlan-int 40 |
8.1.1.1/24 |
Figure 2-6 Network diagram for BGP AS confederation configuration
3) Configuration plan
l Split AS 100 into three sub-ASs: AS 1001, AS 1002, and AS 1003.
l Run EBGP between AS 1001, AS1002, and AS 1003.
l AS 1001, AS1002, and AS 1003 are fully meshed within themselves by running IBGP.
l Run EBGP between AS 100 and AS 200.
II. Configuration procedure
# Configure Switch A.
<SwitchA> system-view
[SwitchA] bgp 1001
[SwitchA-bgp] network 10.1.1.0 255.255.255.0
[SwitchA-bgp] confederation id 100
[SwitchA-bgp] confederation peer-as 1002 1003
[SwitchA-bgp] group confed1002 external
[SwitchA-bgp] peer 172.68.10.2 group confed1002 as-number 1002
[SwitchA-bgp] group confed1003 external
[SwitchA-bgp] peer 172.68.10.3 group confed1003 as-number 1003
[SwitchA-bgp] quit
# Configure Switch B.
<SwitchB> system-view
[SwitchB] bgp 1002
[SwitchB-bgp] confederation id 100
[SwitchB-bgp] confederation peer-as 1001 1003
[SwitchB-bgp] group confed1001 external
[SwitchB-bgp] peer 172.68.10.1 group confed1001 as-number 1001
[SwitchB-bgp] group confed1003 external
[SwitchB-bgp] peer 172.68.10.3 group confed1003 as-number 1003
# Configure Switch C.
<SwitchC> system-view
[SwitchC] bgp 1003
[SwitchC-bgp] confederation id 100
[SwitchC-bgp] confederation peer-as 1001 1002
[SwitchC-bgp] group confed1001 external
[SwitchC-bgp] peer 172.68.10.1 group confed1001 as-number 1001
[SwitchC-bgp] group confed1002 external
[SwitchC-bgp] peer 172.68.10.2 group confed1002 as-number 1002
[SwitchC-bgp] group ebgp200 external
[SwitchC-bgp] peer 156.10.1.2 group ebgp200 as-number 200
[SwitchC-bgp] group ibgp1003 internal
[SwitchC-bgp] peer 172.68.1.2 group ibgp1003
# Configure Switch D.
<SwitchD> system-view
[SwitchD] bgp 1003
[SwitchD-bgp] confederation id 100
[SwitchD-bgp] group ibgp1003 internal
[SwitchD-bgp] peer 172.68.1.1 group ibgp1003
# Configure Switch E.
<SwitchE> system-view
[SwitchE] bgp 200
[SwitchE-bgp] network 8.1.1.0 255.255.255.0
[SwitchE-bgp] group ebgp100 external
[SwitchE-bgp] peer 156.10.1.1 group ebgp100 as-number 100
[SwitchE-bgp] quit
# Display the BGP routing table on Switch E.
[SwitchE] display bgp routing
Flags: # - valid ^ - active I - internal
D - damped H - history S - aggregate suppressed
Dest/Mask Next-Hop Med Local-pref Origin Path
--------------------------------------------------------------------------
#^ 8.1.1.0/24 0.0.0.0 0 100 IGP
#^ 10.1.1.0/24 156.10.1.1 0 100 IGP 100
Routes total: 2
# Display the BGP routing table on Switch A.
[SwitchA] display bgp routing
Flags: # - valid ^ - active I - internal
D - damped H - history S - aggregate suppressed
Dest/Mask Next-Hop Med Local-pref Origin Path
--------------------------------------------------------------------------
I 8.1.1.0/24 156.10.1.2 0 100 IGP (1003) 200
#^ 10.1.1.0/24 0.0.0.0 0 100 IGP
Routes total: 2
The above display shows that sub-AS routing information is advertised only within the confederation. A device in an AS outside of the confederation, such as Switch E, cannot learn the sub-AS routing information within the confederation because it treats the confederation as a single AS.
2.1.7 BGP Route Reflector Configuration Example
I. Network requirements
1) Requirement analysis
BGP runs in a large AS of a company. As the number of IBGP peers increases rapidly in the AS, more network resources for BGP communication are occupied. The customer hopes to reduce IBGP peers and decrease CPU and network resources consumption of BGP without affecting device performance. In addition, IBGP peers are partially interconnected in the AS.
Based on the requirements and networking environment, configure a BGP route reflector to achieve the goal.
2) Network diagram
Figure 2-7 shows the network diagram.
|
Device |
Interface |
IP address |
AS |
|
Switch A |
Vlan-int 100 |
1.1.1.1/8 |
100 |
|
|
Vlan-int 2 |
192.1.1.1/24 |
|
|
Switch B |
Vlan-int 2 |
192.1.1.2/24 |
200 |
|
|
Vlan-int 3 |
193.1.1.2/24 |
|
|
Switch C |
Vlan-int 3 |
193.1.1.1/24 |
|
|
|
Vlan-int 4 |
194.1.1.1/24 |
|
|
Switch D |
Vlan-int 4 |
194.1.1.2/24 |
Figure 2-7 Network diagram for BGP route reflector configuration
3) Configuration plan
l Run EBGP between the peers in AS 100 and AS 200. Advertise network 1.0.0.0/8.
l Run IBGP between the peers in AS 200. Configure a star topology for the AS. Specify the central device as a route reflector and other devices as clients.
II. Configuration procedure
1) Configure switch A.
<SwitchA> system-view
[SwitchA] interface Vlan-interface 2
[SwitchA-Vlan-interface2] ip address 192.1.1.1 255.255.255.0
[SwitchA-Vlan-interface2] interface Vlan-interface 100
[SwitchA-Vlan-interface100] ip address 1.1.1.1 255.0.0.0
[SwitchA-Vlan-interface100] quit
[SwitchA] bgp 100
[SwitchA-bgp] group ex external
[SwitchA-bgp] peer 192.1.1.2 group ex as-number 200
[SwitchA-bgp] network 1.0.0.0 255.0.0.0
2) Configure Switch B.
# Configure the VLAN interface IP addresses.
<SwitchB> system-view
[SwitchB] interface Vlan-interface 2
[SwitchB-Vlan-interface2] ip address 192.1.1.2 255.255.255.0
[SwitchB-Vlan-interface2] quit
[SwitchB] interface Vlan-interface 3
[SwitchB-Vlan-interface3] ip address 193.1.1.2 255.255.255.0
[SwitchB-Vlan-interface3] quit
# Configure BGP peers.
[SwitchB] bgp 200
[SwitchB-bgp] group ex external
[SwitchB-bgp] peer 192.1.1.1 group ex as-number 100
[SwitchB-bgp] group in internal
[SwitchB-bgp] peer 193.1.1.1 group in
3) Configure Switch C.
# Configure the VLAN interface IP addresses.
<SwitchC> system-view
[SwitchC] interface Vlan-interface 3
[SwitchC-Vlan-interface3] ip address 193.1.1.1 255.255.255.0
[SwitchC-Vlan-interface3] quit
[SwitchC] interface vlan-Interface 4
[SwitchC-Vlan-interface4] ip address 194.1.1.1 255.255.255.0
[SwitchC-Vlan-interface4] quit
# Configure BGP peers and configure Switch C as the route reflector.
[SwitchC] bgp 200
[SwitchC-bgp] group rr internal
[SwitchC-bgp] peer rr reflect-client
[SwitchC-bgp] peer 193.1.1.2 group rr
[SwitchC-bgp] peer 194.1.1.2 group rr
4) Configure Switch D.
# Configure the VLAN interface IP address.
<SwitchD> system-view
[SwitchD] interface Vlan-interface 4
[SwitchD-Vlan-interface4] ip address 194.1.1.2 255.255.255.0
[SwitchD-Vlan-interface4] quit
# Configure the BGP peer.
[SwitchD] bgp 200
[SwitchD-bgp] group in internal
[SwitchD-bgp] peer 194.1.1.1 group in
Use the display bgp routing command to display the BGP routing table on Switch B. Note that Switch B has learned network 1.0.0.0.
Use the display bgp routing command to display the BGP routing table on Switch D. Note that Switch D has learned network 1.0.0.0.
2.1.8 BGP Path Selection Configuration Example
I. Network requirements
1) Requirement analysis
A network consists of two ASs, which run BGP to communicate with each other. OSPF runs in one of them.
The requirement is to control the data forwarding path from AS 200 to AS 100.
The following give two plans to meet the requirement
l Use the MED attribute to control the forwarding path for packets from AS 200 to AS 100.
l Use the LOCAL_PREF attribute to control the forwarding path for packets from AS 200 to AS 100
2) Network diagram
Figure 2-8 shows the network diagram.
|
Device |
Interface |
IP address |
AS |
|
Switch A |
Vlan-int 101 |
1.1.1.1/8 |
100 |
|
|
Vlan-int 2 |
192.1.1.1/24 |
|
|
|
Vlan-int 3 |
193.1.1.1/24 |
|
|
Switch B |
Vlan-int 2 |
192.1.1.2/24 |
200 |
|
|
Vlan-int 4 |
194.1.1.2/24 |
|
|
Switch C |
Vlan-int 3 |
193.1.1.2/24 |
|
|
|
Vlan-int 5 |
195.1.1.2/24 |
|
|
Switch D |
Vlan-int 4 |
194.1.1.1/24 |
|
|
|
Vlan-int 5 |
195.1.1.1/24 |
Figure 2-8 Network diagram for BGP path selection
3) Configuration plan
l Run EBGP between AS 100 and AS 200. Advertise network 1.0.0.0/8.
l Run OSPF in AS 200 to realize network interconnection.
l Run IBGP between Switch D and Switch B as well as between Switch D and Switch C.
l Apply a routing policy on Switch A to modify the MED attribute of the route to be advertised to AS 200, making the data forwarding path from Switch D to AS 100 as Switch D – Switch C – Switch A.
l Apply a routing policy on Switch C to modify the LOCAL_PREF attribute of the route to be advertised to Switch D, making the data forwarding path from AS 200 to AS 100 as Switch D – Switch C – Switch A.
II. Configuration procedure
1) Configure Switch A.
# Configure the VLAN interface IP addresses.
<SwitchA> system-view
[SwitchA] interface Vlan-interface 2
[SwitchA-Vlan-interface2] ip address 192.1.1.1 255.255.255.0
[SwitchA-Vlan-interface2] quit
[SwitchA] interface Vlan-interface 3
[SwitchA-Vlan-interface3] ip address 193.1.1.1 255.255.255.0
[SwitchA-Vlan-interface3] quit
[SwitchA] interface Vlan-interface 101
[SwitchA-Vlan-interface101] ip address 1.1.1.1 255.0.0.0
[SwitchA-Vlan-interface101] quit
# Enable BGP.
[SwitchA] bgp 100
# Advertise network 1.0.0.0/8.
[SwitchA-bgp] network 1.0.0.0
# Configure BGP peers.
[SwitchA-bgp] group ex192 external
[SwitchA-bgp] peer 192.1.1.2 group ex192 as-number 200
[SwitchA-bgp] group ex193 external
[SwitchA-bgp] peer 193.1.1.2 group ex193 as-number 200
[SwitchA-bgp] quit
# Define ACL 2000 to permit the routes destined for 1.0.0.0/8.
[SwitchA] acl number 2000
[SwitchA-acl-basic-2000] rule permit source 1.0.0.0 0.255.255.255
[SwitchA-acl-basic-2000] rule deny source any
[SwitchA-acl-basic-2000] quit
# Create a routing policy named apply_med_50, and specify node 10 with the permit matching mode for the routing policy. Set the MED value of the route matching ACL 2000 to 50.
[SwitchA] route-policy apply_med_50 permit node 10
[SwitchA-route-policy] if-match acl 2000
[SwitchA-route-policy] apply cost 50
[SwitchA-route-policy] quit
# Create a routing policy named apply_med_100, and specify node 10 with the permit matching mode for the routing policy. Set the MED value of the route matching ACL 2000 to 100.
[SwitchA] route-policy apply_med_100 permit node 10
[SwitchA-route-policy] if-match acl 2000
[SwitchA-route-policy] apply cost 100
[SwitchA-route-policy] quit
# Apply the routing policy apply_med_50 to routing updates to the peer group ex193 (the peer 193.1.1.2) and apply_med_100 to routing updates to the peer group ex192 (the peer 192.1.1.2).
[SwitchA] bgp 100
[SwitchA-bgp] peer ex193 route-policy apply_med_50 export
[SwitchA-bgp] peer ex192 route-policy apply_med_100 export
2) Configure Switch B.
# Configure the VLAN interface IP addresses.
<SwitchB> system-view
[SwitchB] interface vlan 2
[SwitchB-Vlan-interface2] ip address 192.1.1.2 255.255.255.0
[SwitchB-Vlan-interface2] quit
[SwitchB] interface Vlan-interface 4
[SwitchB-Vlan-interface4] ip address 194.1.1.2 255.255.255.0
[SwitchB-Vlan-interface4] quit
# Configure OSPF.
[SwitchB] ospf
[SwitchB-ospf-1] area 0
[SwitchB-ospf-1-area-0.0.0.0] network 194.1.1.0 0.0.0.255
[SwitchB-ospf-1-area-0.0.0.0] network 192.1.1.0 0.0.0.255
[SwitchB-ospf-1-area-0.0.0.0] quit
[SwitchB-ospf-1] quit
# Enable BGP, create a peer group, and add peers to the peer group.
[SwitchB] bgp 200
[SwitchB-bgp] undo synchronization
[SwitchB-bgp] group ex external
[SwitchB-bgp] peer 192.1.1.1 group ex as-number 100
[SwitchB-bgp] group in internal
[SwitchB-bgp] peer 194.1.1.1 group in
[SwitchB-bgp] peer 195.1.1.2 group in
3) Configure Switch C.
# Configure the VLAN interface IP addresses.
<SwitchC> system-view
[SwitchC] interface Vlan-interface 3
[SwitchC-Vlan-interface3] ip address 193.1.1.2 255.255.255.0
[SwitchC-Vlan-interface3] quit
[SwitchC] interface Vlan-interface 5
[SwitchC-Vlan-interface5] ip address 195.1.1.2 255.255.255.0
[SwitchC-Vlan-interface5] quit
# Enable OSPF.
[SwitchC] ospf
[SwitchC-ospf-1] area 0
[SwitchC-ospf-1-area-0.0.0.0] network 193.1.1.0 0.0.0.255
[SwitchC-ospf-1-area-0.0.0.0] network 195.1.1.0 0.0.0.255
[SwitchC-ospf-1-area-0.0.0.0] quit
[SwitchC-ospf-1] quit
# Enable BGP, create a peer group, and add peers to the peer group.
[SwitchC] bgp 200
[SwitchC-bgp] undo synchronization
[SwitchC-bgp] group ex external
[SwitchC-bgp] peer 193.1.1.1 group ex as-number 100
[SwitchC-bgp] group in internal
[SwitchC-bgp] peer 195.1.1.1 group in
[SwitchC-bgp] peer 194.1.1.2 group in
4) Configure Switch D.
# Configure the VLAN interface IP addresses.
<SwitchD> system-view
[SwitchD] interface Vlan-interface 4
[SwitchD-Vlan-interface4] ip address 194.1.1.1 255.255.255.0
[SwitchD-Vlan-interface4] quit
[SwitchD] interface Vlan-interface 5
[SwitchD-Vlan-interface5] ip address 195.1.1.1 255.255.255.0
[SwitchD-Vlan-interface5] quit
# Enable OSPF.
[SwitchD] ospf
[SwitchD-ospf-1] area 0
[SwitchD-ospf-1-area-0.0.0.0] network 194.1.1.0 0.0.0.255
[SwitchD-ospf-1-area-0.0.0.0] network 195.1.1.0 0.0.0.255
[SwitchD-ospf-1-area-0.0.0.0] network 4.0.0.0 0.255.255.255
[SwitchD-ospf-1-area-0.0.0.0] quit
[SwitchD-ospf-1] quit
# Enable BGP, create a peer group, and add peers to the peer group.
[SwitchD] bgp 200
[SwitchD-bgp] undo synchronization
[SwitchD-bgp] group in internal
[SwitchD-bgp] peer 195.1.1.2 group in
[SwitchD-bgp] peer 194.1.1.2 group in
l To validate the configuration, you need to use the reset bgp all command on all the BGP peers.
l Since the MED attribute of route 1.0.0.0 learned by Switch C is smaller than that learned by Switch B, Switch D selects the route 1.0.0.0 from Switch C.
l If you do not configure MED attribute control on Switch A, setting the local preference attribute for route 1.0.0.0 on Switch C is another choice.
# Define ACL 2000 to permit the routes destined for 1.0.0.0/8.
[SwitchC] acl number 2000
[SwitchC-acl-basic-2000] rule permit source 1.0.0.0 0.255.255.255
[SwitchC-acl-basic-2000] rule deny source any
[SwitchC-acl-basic-2000] quit
# Create a routing policy named localpref, and specify node 10 with the permit matching mode for the routing policy. Set the local preference value of the route matching ACL 2000 to 200
[SwitchC] route-policy localpref permit node 10
[SwitchC-route-policy] if-match acl 2000
[SwitchC-route-policy] apply local-preference 200
[SwitchC-route-policy] quit
# Create a routing policy named localpref, and specify node 20 with the permit matching mode for the routing policy. Set the local preference value of the route to 100.
[SwitchC] route-policy localpref permit node 20
[SwitchC-route-policy] apply local-preference 100
[SwitchC-route-policy] quit
# Apply the routing policy localpref to the routing information from the peer 193.1.1.1 (Switch A).
[SwitchC] bgp 200
[SwitchC-bgp] peer 193.1.1.1 route-policy localpref import
Since the local preference (200) of the route learned by Switch C is bigger than that learned by Switch B (100), Switch D prefers the route 1.0.0.0 from Switch C. Note that the local preference is not set for route 1.0.0.0 on Switch B, so the route uses the default value 100.
Chapter 3 Comprehensive Configuration Example
& Note:
l For details about routing protocols, see corresponding operation manuals of products.
l For detailed commands, see corresponding command manuals of products.
l The S3600, S5600 and S7500 series switches are used in the following examples.
3.1 Network Requirements
3.1.1 Requirement Analysis, Network Diagram and Configuration Plan
I. Requirement analysis
An ISP has four ASs: AS 100, AS 200, AS 300, and AS 400. AS 100 is the core layer. It connects AS 200, AS 300, and AS 400 and forwards data between them. AS 200, AS 300, and AS 400 constitutes the distribution layer. They provide access services for users. The specific requirements are as follows:
l Fast convergence is required for AS 200 and AS 400 because their networks are quite large and complicated.
l The network of AS 300 is small and simple. The devices in the network supports only RIP. Their performances are low and the capacities of routing tables are quite limited.
l Access users in AS 200 require a very reliable network.
l Access users in AS 200, AS 300, and AS 400 are accessible to each other.
l S200_10 in AS 200 is connected with Layer 2 devices.
l S300_B in AS 300 is connected with Layer 2 devices.
l The data forwarding path needs to be controlled when users in AS 400 access AS 200 and AS 300.
l An AS 300 access user is interconnected with the ISP through a single link.
II. Network diagram
Figure 3-1 shows the network diagram designed according to the requirements.
III. Configuration plan
l Run BGP in AS 100 to interconnect with AS 200, AS 300, and AS 400. Use the MED attribute to control the forwarding path.
l Run OSPF in AS 200. The device in AS 200 connecting to AS 100 runs both OSPF and BGP. Use static routes as backup routes to implement link redundancy and improve network reliability. Apply a routing policy when redistributing BGP routes for filtering.
l Run OSPF in AS 400. The device in AS 400 connecting to AS 100 runs both OSPF and BGP. Apply a routing policy when redistributing BGP routes for filtering.
l Run RIPv2 in AS 300. The device in AS 300 connecting to AS 100 runs both RIPv2 and BGP. Apply a routing policy when redistributing BGP routes for filtering.
l AS 300 users use the combination of static routes, RIP, and routing policy to access the ISP.
3.1.2 Devices Used for Networking
Table 3-1 Device model and device name
|
Model |
Device name |
|
7500 |
S100_1/S100_2 |
|
5600 |
S200/S300/S400 |
|
3600 |
S200_0/S200_10/S300_A/S300_B/ S400_0 |
& Note:
l Either S7500 series Ethernet switches or S5600 series Ethernet switches can serve as S100_1/S100_2/S400/S200/S300.
l You can use other partially layer 3 capable switches as S300_B.
3.1.3 Routing Protocols and Related Parameters on Devices
Table 3-2 Routing protocols supported by devices
|
Device name |
Routing protocol |
Router ID |
AS |
|
S100_1 |
BGP (IBGP&EBGP) |
1.1.1.1 |
100 |
|
S100_2 |
BGP (IBGP&EBGP) |
1.2.1.1 |
|
|
S200 |
BGP (EBGP)/OSPF |
2.1.1.1 |
200 |
|
S200_0 |
OSPF |
— |
|
|
S200_10 |
OSPF/STATIC |
||
|
S300 |
BGP (EBGP)/RIPv2 |
3.1.1.1 |
300 |
|
S300_A |
RIPv2/STATIC |
— |
|
|
S300_B |
RIPv2 |
||
|
S400 |
BGP (EBGP)/OSPF |
4.1.1.1 |
400 |
|
S400_0 |
OSPF |
— |
3.1.4 Software Version
S3600 series Ethernet switches use Release 1510.
S5600 series Ethernet switches use Release 1510.
S7500 series Ethernet switches use Release 3135.
3.2 Configuration Procedure
3.2.1 Configuration Guide
Table 3-3 Configuration guide
|
Configuration task |
Description |
|
Create VLANs and configure IP addresses for VLAN interfaces |
|
|
Basic RIPv2/OSPF/BGP configuration |
|
|
Using a routing policy, configure RIP to advertise route updates but does not receive route updates and use static routing to access the ISP. |
|
|
IGP and BGP share routes. Apply a routing policy for BGP redistribution to IGP as required |
|
|
To improve network reliability, run OSPF on the primary link and run static routing on the backup link to realize interconnection |
|
|
Apply a routing policy to change the MED attribute of routes to control the forwarding path |
3.2.2 Basic Configuration
Creating VLANs and configuring IP addresses for VLAN interfaces are omitted here, refer to Displaying the Whole Configuration on Devices for related information.
3.2.3 Basic RIPv2/OSPF/BGP Configuration
I. Basic RIPv2 configuration
Figure 3-2 shows the relevant network diagram of AS 300.
|
Device |
Interface |
IP address |
|
S300 |
Vlan-int 14 |
206.1.4.2/24 |
|
S300_A |
Vlan-int 14 |
206.1.4.1/24 |
|
|
Vlan-int 662 |
166.1.2.1/24 |
|
|
Vlan-int 665 |
166.1.5.2/24 |
|
S300_B |
Vlan-int 662 |
166.1.2.2/24 |
|
|
Vlan-int 623 |
162.1.3.1/24 |
|
|
Vlan-int 624 |
162.1.4.1/24 |
Figure 3-2 Network diagram for RIPv2 configuration
l Configure S300.
# Run RIP on the interface with the IP address 206.1.4.0.
<S300> system-view
[S300] rip
[S300-rip] network 206.1.4.0
# Disable RIPv2 route summarization.
[S300-rip] undo summary
[S300-rip] quit
# Run RIPv2 on VLAN-interface 14.
[S300] interface vlan-interface 14
[S300-Vlan-interface14] rip version 2
[S300-Vlan-interface14] quit
l Configure S300_A.
# Run RIP on the interfaces on networks 206.1.4.0 and 166.1.0.0.
<S300_A> system-view
[S300_A] rip
[S300_A-rip] network 206.1.4.0
[S300_A-rip] network 166.1.0.0
# Disable RIPv2 route summarization.
[S300_A-rip] undo summary
[S300_A-rip] quit
# Run RIPv2 on VLAN-interface 14 and VLAN-interface 662.
[S300_A] interface vlan-interface 14
[S300_A-Vlan-interface14] rip version 2
[S300_A-Vlan-interface14] quit
[S300_A] interface vlan-interface 662
[S300_A-Vlan-interface662] rip version 2
[S300_A-Vlan-interface662] quit
l Configure S300_B.
# Run RIP on the interfaces connected to networks 162.1.0.0 and 166.1.0.0.
<S300_B> system-view
[S300_B] rip
[S300_B-rip] network 162.1.0.0
[S300_B-rip] network 166.1.0.0
# Disable RIPv2 route summarization.
[S300_B-rip] undo summary
[S300_B-rip] quit
# Run RIPv2 on VLAN-interface 623, VLAN-interface 624, and VLAN-interface 662.
[S300_B] interface vlan-interface 623
[S300_B-Vlan-interface623] rip version 2
[S300_B-Vlan-interface623] quit
[S300_B] interface vlan-interface 624
[S300_B-Vlan-interface624] rip version 2
[S300_B-Vlan-interface624] quit
[S300_B] interface vlan-interface 662
[S300_B-Vlan-interface662] rip version 2
[S300_B-Vlan-interface662] quit
II. Basic OSPF configuration
Figure 3-3 shows the relevant network diagram of AS 200.
|
Device |
Interface |
IP address |
Area |
|
S200 |
Vlan-int 12 |
206.1.2.3/24 |
0 |
|
S200_0 |
Vlan-int 12 |
206.1.2.1/24 |
0 |
|
|
Vlan-int 661 |
166.1.1.1/24 |
10 |
|
S200_10 |
Vlan-int 661 |
166.1.1.2/24 |
10 |
|
|
Vlan-int 621 |
162.1.1.1/24 |
10 |
|
|
Vlan-int 622 |
162.1.2.1/24 |
10 |
Figure 3-3 Network diagram for OSPF configuration
l Configure S200.
# Run OSPF on the interface connected to network 206.1.2.0/24 and specify its area ID as 0.
<S200> system-view
[S200] ospf
[S200-ospf-1] area 0
[S200-ospf-1-area-0.0.0.0] network 206.1.2.0 0.0.0.255
l Configure S200_0.
# Run OSPF on the interface connected to network 206.1.2.0/24 and specify its area ID as 0.
<S200_0> system-view
[S200_0] ospf
[S200_0-ospf-1] area 0
[S200_0-ospf-1-area-0.0.0.0] network 206.1.2.0 0.0.0.255
[S200_0-ospf-1-area-0.0.0.0] quit
# Run OSPF on the interface connected to network 166.1.1.0/24 and specify its area ID as 10.
[S200_0-ospf-1] area 10
[S200_0-ospf-1-area-0.0.0.10] network 166.1.1.0 0.0.0.255
l Configure S200_10.
# Run OSPF on interfaces connected to networks 162.1.1.0/24, 162.1.2.0/24, and 166.1.1.0/24 and specify their area ID as 10.
<S200_10> system-view
[S200_10] ospf
[S200_10-ospf-1] area 10
[S200_10-ospf-1-area-0.0.0.10] network 162.1.1.0 0.0.0.255
[S200_10-ospf-1-area-0.0.0.10] network 162.1.2.0 0.0.0.255
[S200_10-ospf-1-area-0.0.0.10] network 166.1.1.0 0.0.0.255
Figure 3-4 shows the network diagram of AS 400.
|
Device |
Interface |
IP address |
Area |
|
S400 |
Vlan-int 16 |
206.1.6.3/24 |
0 |
|
S400_0 |
Vlan-int 16 |
206.1.6.1/24 |
0 |
|
|
Vlan-int 663 |
166.1.3.1/24 |
0.0.1.44 |
|
|
Vlan-int 664 |
166.1.4.1/24 |
0.0.1.44 |
Figure 3-4 Network diagram for AS 400 configuration
l Configure S400.
# Run OSPF on the interface connected to network 206.1.6.0/24 and specify its area ID as 0.
<S400> system-view
[S400] ospf
[S400-ospf-1] area 0
[S400-ospf-1-area-0.0.0.0] network 206.1.6.0 0.0.0.255
l Configure S400_0.
# Run OSPF on the interface connected to network 206.1.6.0/24 and specify its area ID as 0.
<S400_0> system-view
[S400_0] ospf
[S400_0-ospf-1] area 0
[S400_0-ospf-1-area-0.0.0.0] network 206.1.6.0 0.0.0.255
[S400_0-ospf-1-area-0.0.0.0] quit
# Run OSPF on interfaces connected to networks 166.1.3.0/24 and 166.1.4.0/24 and specify their area ID as 0.0.1.44.
[S400_0-ospf-1] area 0.0.1.44
[S400_0-ospf-1-area-0.0.1.44] network 166.1.3.0 0.0.0.255
[S400_0-ospf-1-area-0.0.1.44] network 166.1.4.0 0.0.0.255
III. Basic BGP configuration
Figure 3-5 shows the relevant network diagram.
|
Device |
Interface |
IP address |
Router ID |
AS |
|
S100_1 |
Vlan-int 11 |
196.1.1.1/24 |
1.1.1.1 |
100 |
|
|
Vlan-int 15 |
196.1.3.1/24 |
|
|
|
|
Vlan-int 31 |
196.3.1.1/24 |
|
|
|
S100_2 |
Vlan-int 22 |
196.2.2.1/24 |
1.2.1.1 |
|
|
|
Vlan-int 23 |
196.2.3.2/24 |
|
|
|
|
Vlan-int 31 |
196.3.1.2/24 |
|
|
|
S200 |
Vlan-int 11 |
196.1.1.3/24 |
2.1.1.1 |
200 |
|
|
Vlan-int 13 |
206.1.3.3/24 |
|
|
|
S300 |
Vlan-int 22 |
196.2.2.2/24 |
3.1.1.1 |
300 |
|
|
Vlan-int 13 |
206.1.3.2/24 |
|
|
|
S400 |
Vlan-int 15 |
196.1.3.3/24 |
4.1.1.1 |
400 |
|
|
Vlan-int 23 |
196.2.3.3/24 |
|
Figure 3-5 Network diagram for BGP configuration
l Configure S100_1.
# Configure the router ID of S100_1 as 1.1.1.1.
<S100_1> system-view
[S100_1] router id 1.1.1.1
# Enable BGP and specify the local AS number as 100.
[S100_1] bgp 100
# Create IBGP peer group 100 and EBGP peer groups 200 and 400.
[S100_1-bgp] group 100 internal
[S100_1-bgp] group 200 external
[S100_1-bgp] group 400 external
# Add peer 196.3.1.2 in AS 100 into peer group 100; Add peer 196.1.1.3 in AS 200 into peer group 200; Add peer 196.1.3.3 in AS 400 into peer group 400.
[S100_1-bgp] peer 196.3.1.2 group 100
[S100_1-bgp] peer 196.1.1.3 group 200 as-number 200
[S100_1-bgp] peer 196.1.3.3 group 400 as-number 400
# Advertise networks 196.1.3.0, 196.3.1.0, and 196.1.1.0.
[S100_1-bgp] network 196.1.3.0
[S100_1-bgp] network 196.3.1.0
[S100_1-bgp] network 196.1.1.0
# Set the preferences of EBGP routes, IBGP routes, and local routes to 200.
[S100_1-bgp] preference 200 200 200
l Configure S100_2.
# Configure the router ID of S200_2 as 1.2.1.1.
<S100_2> system-view
[S100_2] router id 1.2.1.1
# Enable BGP and specify the local AS number as 100.
[S100_2] bgp 100
# Create IBGP peer group 100 and EBGP peer groups 300 and 400.
[S100_2-bgp] group 100 internal
[S100_2-bgp] group 300 external
[S100_2-bgp] group 400 external
# Add peer 196.3.1.1 in AS 100 into peer group 100; Add peer 196.2.2.2 in AS 300 into peer group 300; Add peer 196.2.3.3 in AS 400 into peer group 400.
[S100_2-bgp] peer 196.3.1.1 group 100
[S100_2-bgp] peer 196.2.2.2 group 300 as-number 300
[S100_2-bgp] peer 196.2.3.3 group 400 as-number 400
# Advertise networks 196.2.2.0, 196.2.3.0, and 196.3.1.0.
[S100_2-bgp] network 196.2.2.0
[S100_2-bgp] network 196.2.3.0
[S100_2-bgp] network 196.3.1.0
# Set the preferences of EBGP routes, IBGP routes, and local routes to 200.
[S100_2-bgp] preference 200 200 200
l Configure S200.
# Configure the router ID of S200 as 2.1.1.1.
<S200> system-view
[S200] router id 2.1.1.1
# Enable BGP and specify the local AS number as 200.
[S200] bgp 200
# Create EBGP peer groups 100 and 300.
[S200-bgp] group 100 external
[S200-bgp] group 300 external
# Add peer 196.1.1.1 in AS 100 into peer group 100; Add peer 206.1.3.2 in AS 300 into peer group 300.
[S200-bgp] peer 196.1.1.1 group 100 as-number 100
[S200-bgp] peer 206.1.3.2 group 300 as-number 300
# Advertise networks 192.1.1.0 and 206.1.3.0.
[S200-bgp] network 192.1.1.0
[S200-bgp] network 206.1.3.0
# Set the preferences of EBGP routes, IBGP routes, and local routes to 200.
[S200-bgp] preference 200 200 200
l Configure S300.
# Configure the router ID of S300 as 3.1.1.1.
<S300> system-view
[S300] router id 3.1.1.1
# Enable BGP and specify the local AS number as 300.
[S300] bgp 300
# Create EBGP peer groups 100 and 200.
[S300-bgp] group 100 external
[S300-bgp] group 200 external
# Add peer 196.2.2.1 in AS 100 into peer group 100; Add peer 206.1.3.3 in AS 200 into peer group 200.
[S300-bgp] peer 196.2.2.1 group 100 as-number 100
[S300-bgp] peer 206.1.3.3 group 200 as-number 200
# Advertise networks 206.1.3.0 and 196.2.2.0.
[S300-bgp] network 206.1.3.0
[S300-bgp] network 196.2.2.0
# Set the preferences of EBGP routes, IBGP routes, and local routes to 200.
[S300-bgp] preference 200 200 200
l Configure S400.
# Configure the router ID of S400 as 4.1.1.1.
<S400> system-view
[S400] router id 4.1.1.1
# Enable BGP and specify the local AS number as 400.
[S400] bgp 400
# Create EBGP peer groups 100_1 and 100_2.
[S400-bgp] group 100_1 external
[S400-bgp] group 100_2 external
# Add peer 196.1.3.1 in AS 100 into peer group 100_1; Add peer 196.2.3.2 in AS 100 into peer group 100_2.
[S400-bgp] peer 196.1.3.1 group 100_1 as-number 100
[S400-bgp] peer 196.2.3.2 group 100_2 as-number 100
# Advertise networks 196.1.3.0 and 196.2.3.0.
[S400-bgp] network 196.1.3.0
[S400-bgp] network 196.2.3.0
# Set the preferences of EBGP routes, IBGP routes, and local routes to 200.
[S400-bgp] preference 200 200 200
3.2.4 RIP, Static Route, and Routing Policy Configuration Example
I. Network requirements
As shown in Figure 3-6, RIPv2 runs on S300_A/S300_B. To control the number of routes learned by S300_B through RIP, allow S300_B to advertise routes to S300_A and forbid S300_B to receive routes advertised by S300_A. Packets from S300_B to S300_A are forwarded through the default route.
II. Network diagram
|
Device |
Interface |
IP address |
|
S300_A |
Vlan-int 662 |
166.1.2.1/24 |
|
S300_B |
Vlan-int 662 |
166.1.2.2/24 |
|
|
Vlan-int 623 |
162.1.3.1/24 |
|
|
Vlan-int 624 |
162.1.4.1/24 |
Figure 3-6 Network diagram for RIP, static route, and routing policy configuration
III. Configuration procedure
# Create ACL 2000 and deny all packets.
<S300_B> system-view
[S300_B] acl number 2000
[S300_B-acl-basic-2000] rule deny source any
[S300_B-acl-basic-2000] quit
# Apply ACL 2000 to incoming RIP routes.
[S300_B] rip
[S300_B-rip] filter-policy 2000 import
# Configure a default route and specify the next-hop IP address as 166.1.2.1.
[S300_B] ip route-static 0.0.0.0 0.0.0.0 166.1.2.1 preference 60
3.2.5 BGP and IGP Interaction Configuration Example
I. Network requirements
As shown in Figure 3-7, OSPF and BGP run on S400/S200. RIPv2 and BGP run on S300. To ensure that devices in each AS can learn network topologies of other ASs, configure interaction between IGP and BGP to share routes. When redistributing routes from IGP to BGP, apply a routing policy to redistribute routes with IP prefixes 162.1.1.0/24, 162.1.2.0/24, 162.1.3.0/24, 162.1.4.0/24, 166.1.3.0/24, and 166.1.4.0/24 only.
II. Network diagram
Figure 3-7 Network diagram for BGP and IGP interaction
III. Configuration procedure
l Configure interaction between IGP and BGP on S200.
# Redistribute OSPF routes into BGP.
<S200> system-view
[S200] bgp 200
[S200-bgp] import-route ospf 1
[S200-bgp] quit
# Define a prefix list named ospf_import and permit the routes with IP prefixes 162.1.3.0/24, 162.1.4.0/24, 166.1.3.0/24, or 166.1.4.0/24.
[S200] ip ip-prefix ospf_import index 10 permit 162.1.3.0 24
[S200] ip ip-prefix ospf_import index 20 permit 162.1.4.0 24
[S200] ip ip-prefix ospf_import index 30 permit 166.1.4.0 24
[S200] ip ip-prefix ospf_import index 40 permit 166.1.3.0 24
# Create a routing policy named ospf_import with the match mode as permit. Define an if-match clause to permit routes whose destination addresses match IP prefix list ospf_import.
[S200] route-policy ospf_import permit node 10
[S200-route-policy] if-match ip-prefix ospf_import
[S200-route-policy] quit
# Redistribute BGP routes into OSPF and apply routing policy ospf_import.
[S200] ospf
[S200-ospf-1] import-route bgp route-policy ospf_import
l Configure interaction between IGP and BGP on S300.
# Redistribute RIP routes into BGP.
<S300> system-view
[S300] bgp 300
[S300-bgp] import-route rip
[S300-bgp] quit
# Define a prefix list named rip_import and permit the routes with IP prefixes 162.1.1.0/24, 162.1.2.0/24, 166.1.3.0/24, and 166.1.4.0/24.
[S300] ip ip-prefix rip_import index 10 permit 162.1.1.0 24
[S300] ip ip-prefix rip_import index 20 permit 162.1.2.0 24
[S300] ip ip-prefix rip_import index 30 permit 166.1.3.0 24
[S300] ip ip-prefix rip_import index 40 permit 166.1.4.0 24
# Create a routing policy named rip_import with the matching mode as permit. Define an if-match clause to permit routes whose destination addresses match IP prefix list rip_import.
[S300] route-policy rip_import permit node 10
[S300-route-policy] if-match ip-prefix rip_import
[S300-route-policy] quit
# Redistribute BGP routes into RIP and apply routing policy rip_import.
[S300] rip
[S300-rip] import-route bgp route-policy rip_import
l Configure interaction between IGP and BGP on S400.
# Redistribute OSPF routes into BGP.
<S400> system-view
[S400] bgp 400
[S400-bgp] import-route ospf 1
[S400-bgp] quit
# Define a prefix list named ospf_import and permit the routes with IP prefixes 162.1.1.0/24, 162.1.2.0/24, 162.1.3.0/24, and 162.1.4.0/24.
[S400] ip ip-prefix ospf_import index 10 permit 162.1.1.0 24
[S400] ip ip-prefix ospf_import index 20 permit 162.1.2.0 24
[S400] ip ip-prefix ospf_import index 30 permit 162.1.3.0 24
[S400] ip ip-prefix ospf_import index 40 permit 162.1.4.0 24
# Create a routing policy named ospf_import with the match mode as permit. Define an if-match clause to permit the routes whose destination addresses match IP prefix list ospf_import.
[S400] route-policy ospf_import permit node 10
[S400-route-policy] if-match ip-prefix ospf_import
[S400-route-policy] quit
# Redistribute BGP routes into OSPF and apply the routing policy named ospf_import.
[S400] ospf
[S400-ospf-1] import-route bgp route-policy ospf_import
3.2.6 Route Backup Configuration Example
I. Network requirements
As shown in Figure 3-8, implement route backup on S200_10. Run OSPF between S200_10 and S200_0. The OSPF route is the primary route. Configure a default route between S200_10 and S300_A. This route is the backup route. When the primary route cannot work, the device switches to the backup route automatically. When the primary route becomes feasible, the device switches to the primary route automatically. To achieve the route backup of S200_10, configure a static route to S200_10 on S300_A and redistribute this route into RIPv2.
II. Network diagram
|
Device |
Interface |
IP address |
AS |
|
S300_A |
Vlan-int 665 |
166.1.5.2/24 |
300 |
|
S200_10 |
Vlan-int 665 |
166.1.5.1/24 |
200 |
|
|
Vlan-int 621 |
162.1.1.1/24 |
|
|
|
Vlan-int 622 |
162.1.2.1/24 |
Figure 3-8 Network diagram for route backup
III. Configuration procedure
# Configure a default route on S200_10 and specify the next-hop IP address as 166.1.5.2. Set the default preference to 200.
<S200_10> system-view
[S200_10] ip route-static 0.0.0.0 0.0.0.0 166.1.5.2 preference 200
# Configure a static route on S300_A and specify the destination IP addresses as 162.1.1.0/24 and 162.1.2.0/24. Specify the next-hop IP address as 166.1.5.1 and the default preference to 200.
<S300_A> system-view
[S300_A] ip route-static 162.1.1.0 255.255.255.0 166.1.5.1 preference 200
[S300_A] ip route-static 162.1.2.0 255.255.255.0 166.1.5.1 preference 200
# Redistribute the static route into RIP.
[S300_A] rip
[S300_A-rip] import-route static
3.2.7 BGP MED Attribute Configuration Example
I. Network requirements
As shown in Figure 3-9, S100_1 forwards packets from S400 to S200_10. S100_2 forwards packets from S400 to S300_B. Modify the MED value to achieve this goal.
II. Network diagram
|
Device |
Interface |
IP address |
AS |
|
S200_10 |
Vlan-int 621 |
162.1.1.1/24 |
200 |
|
|
Vlan-int 622 |
162.1.2.1/24 |
|
|
S300_B |
Vlan-int 623 |
162.1.3.1/24 |
300 |
|
|
Vlan-int 624 |
162.1.4.1/24 |
|
|
S400_0 |
Vlan-int 663 |
166.1.3.1/24 |
400 |
|
|
Vlan-int 664 |
166.1.4.1/24 |
Figure 3-9 Network diagram for MED attribute configuration
III. Configuration procedure
l Configure S100_1.
# Define a prefix list named as200_1 and permit the route with IP prefix 162.1.1.0/24.
<S100_1> system-view
[S100_1] ip ip-prefix as200_1 index 10 permit 162.1.1.0 24
# Define a prefix list named as200_2 and permit the route with IP prefix 162.1.2.0/24.
[S100_1] ip ip-prefix as200_2 index 10 permit 162.1.2.0 24
# Define a prefix list named as300_1 and permit the route with IP prefix 162.1.3.0/24.
[S100_1] ip ip-prefix as300_1 index 10 permit 162.1.3.0 24
# Define a prefix list named as300_2 and permit the route with IP prefix 162.1.4.0/24.
[S100_1] ip ip-prefix as300_2 index 10 permit 162.1.4.0 24
# Define a prefix list named other and permit all the routes.
[S100_1] ip ip-prefix other index 10 permit 0.0.0.0 0 less-equal 32
# Create a routing policy named as200, and specify node 10 with the permit matching mode in the routing policy. Set the MED value of the route matching prefix list as200_1 to 100.
[S100_1] route-policy as200 permit node 10
[S100_1-route-policy] if-match ip-prefix as200_1
[S100_1-route-policy] apply cost 100
[S100_1-route-policy] quit
# Create node 20 with the matching mode as permit in routing policy as200. Set the MED value of the route matching prefix list as200_2 to 100
[S100_1] route-policy as200 permit node 20
[S100_1-route-policy] if-match ip-prefix as200_2
[S100_1-route-policy] apply cost 100
[S100_1-route-policy] quit
# Create node 30 with the permit matching mode in routing policy as200. Set the MED value of the route matching prefix list as300_1 to 200.
[S100_1] route-policy as200 permit node 30
[S100_1-route-policy] if-match ip-prefix as300_1
[S100_1-route-policy] apply cost 200
[S100_1-route-policy] quit
# Create node 40 with the permit matching mode in routing policy as200. Set the MED value of the route matching prefix list as300_2 to 200.
[S100_1] route-policy as200 permit node 40
[S100_1-route-policy] if-match ip-prefix as300_2
[S100_1-route-policy] apply cost 200
[S100_1-route-policy] quit
# Create node 50 with the permit matching mode in routing policy as200. Permit all the routes.
[S100_1] route-policy as200 permit node 50
[S100_1-route-policy] if-match ip-prefix other
[S100_1-route-policy] quit
# Apply the routing policy as200 to the routes outgoing to peer group 400 (the peer 196.1.3.3).
[S100_1] bgp 100
[S100_1-bgp] peer 400 route-policy as200 export
l Configure S100_2.
# Define a prefix list named as200_1 and permit the route with IP prefix 162.1.1.0/24.
<S100_2> system-view
[S100_2] ip ip-prefix as200_1 index 10 permit 162.1.1.0 24
# Define a prefix list named as200_2 and permit the route with IP prefix 162.1.2.0/24.
[S100_2] ip ip-prefix as200_2 index 10 permit 162.1.2.0 24
# Define a prefix list named as300_1 and permit the route with IP prefix 162.1.3.0/24.
[S100_2] ip ip-prefix as300_1 index 10 permit 162.1.3.0 24
# Define a prefix list named as300_2 and permit the route with IP prefix 162.1.4.0/24.
[S100_2] ip ip-prefix as300_2 index 10 permit 162.1.4.0 24
# Define a prefix list named other and permit all the routes.
[S100_2] ip ip-prefix other index 10 permit 0.0.0.0 0 less-equal 32
# Create a routing policy named as300. Configure the node number as 10 and the matching mode as permit. Set the MED value of the route matching prefix list as200_1 to 200.
[S100_2] route-policy as300 permit node 10
[S100_2-route-policy] if-match ip-prefix as200_1
[S100_2-route-policy] apply cost 200
[S100_2-route-policy] quit
# Create node 20 with the permit matching mode in routing policy as300. Set the MED value of the route matching prefix list as200_2 to 200.
[S100_2] route-policy as300 permit node 20
[S100_2-route-policy] if-match ip-prefix as200_2
[S100_2-route-policy] apply cost 200
[S100_2-route-policy] quit
# Create node 30 with the permit matching mode in routing policy as300. Set the MED value of the route matching prefix list as300_1 to 100.
[S100_2] route-policy as300 permit node 30
[S100_2-route-policy] if-match ip-prefix as300_1
[S100_2-route-policy] apply cost 100
[S100_2-route-policy] quit
# Create node 40 with the permit matching mode in routing policy as300. Set the MED value of the route matching prefix list as300_2 to 100.
[S100_2] route-policy as300 permit node 40
[S100_2-route-policy] if-match ip-prefix as300_2
[S100_2-route-policy] apply cost 100
[S100_2-route-policy] quit
# Create node 50 with the permit matching mode in routing policy as300 and permit all routes.
[S100_2] route-policy as300 permit node 50
[S100_2-route-policy] if-match ip-prefix other
[S100_2-route-policy] quit
# Apply routing policy as300 to the routes outgoing to peer group 400 (peer 196.2.3.3).
[S100_2] bgp 100
[S100_2-bgp] peer 400 route-policy as300 export
3.3 Displaying the Whole Configuration on Devices
3.3.1 Displaying the Whole Configuration on Devices
I. S100_1
<S100_1> display current-configuration
#
sysname S100_1
#
router id 1.1.1.1
#
….
#
vlan 11
#
vlan 15
#
vlan 31
#
interface Vlan-interface11
ip address 196.1.1.1 255.255.255.0
#
interface Vlan-interface15
ip address 196.1.3.1 255.255.255.0
#
interface Vlan-interface31
ip address 196.3.1.1 255.255.255.0
#
…
#
bgp 100
network 196.1.3.0
network 196.3.1.0
network 196.1.1.0
undo synchronization
group 100 internal
peer 196.3.1.2 group 100
group 200 external
peer 196.1.1.3 group 200 as-number 200
group 400 external
peer 400 route-policy as200 export
peer 196.1.3.3 group 400 as-number 400
preference 200 200 200
#
route-policy as200 permit node 10
if-match ip-prefix as200_1
apply cost 100
route-policy as200 permit node 20
if-match ip-prefix as200_2
apply cost 100
route-policy as200 permit node 30
if-match ip-prefix as300_1
apply cost 200
route-policy as200 permit node 40
if-match ip-prefix as300_2
apply cost 200
route-policy as200 permit node 50
if-match ip-prefix other
#
ip ip-prefix as200_1 index 10 permit 162.1.1.0 24
ip ip-prefix as200_2 index 10 permit 162.1.2.0 24
ip ip-prefix as300_1 index 10 permit 162.1.3.0 24
ip ip-prefix as300_2 index 10 permit 162.1.4.0 24
ip ip-prefix other index 10 permit 0.0.0.0 0 less-equal 32
#
…
II. S100_2
<S100_2> display current-configuration
#
sysname S100_2
#
router id 1.2.1.1
#
……
#
vlan 22
#
vlan 23
#
vlan 31
#
interface Vlan-interface22
ip address 196.2.2.1 255.255.255.0
#
interface Vlan-interface23
ip address 196.2.3.2 255.255.255.0
#
interface Vlan-interface31
ip address 196.3.1.2 255.255.255.0
#
…
#
bgp 100
network 196.2.2.0
network 196.2.3.0
network 196.3.1.0
undo synchronization
group 100 internal
peer 196.3.1.1 group 100
group 300 external
peer 196.2.2.2 group 300 as-number 300
group 400 external
peer 400 route-policy as300 export
peer 196.2.3.3 group 400 as-number 400
preference 200 200 200
#
route-policy as300 permit node 10
if-match ip-prefix as200_1
apply cost 200
route-policy as300 permit node 20
if-match ip-prefix as200_2
apply cost 200
route-policy as300 permit node 30
if-match ip-prefix as300_1
apply cost 100
route-policy as300 permit node 40
if-match ip-prefix as300_2
apply cost 100
route-policy as300 permit node 50
if-match ip-prefix other
#
ip ip-prefix as200_1 index 10 permit 162.1.1.0 24
ip ip-prefix as200_2 index 10 permit 162.1.2.0 24
ip ip-prefix as300_1 index 10 permit 162.1.3.0 24
ip ip-prefix as300_2 index 10 permit 162.1.4.0 24
ip ip-prefix other index 10 permit 0.0.0.0 0 less-equal 32
#
…..
III. S200
<S200> display current-configuration
#
sysname S200
#
……
#
router id 2.1.1.1
#
………..
#
vlan 11
#
vlan 12
#
vlan 13
#
interface Vlan-interface11
ip address 196.1.1.3 255.255.255.0
#
interface Vlan-interface12
ip address 206.1.2.3 255.255.255.0
#
interface Vlan-interface13
ip address 206.1.3.3 255.255.255.0
#
…….
#
undo fabric-port Cascade1/2/1 enable
undo fabric-port Cascade1/2/2 enable
#
interface NULL0
#
bgp 200
network 192.1.1.0
network 206.1.3.0
import-route ospf 1
undo synchronization
group 100 external
peer 196.1.1.1 group 100 as-number 100
group 300 external
peer 206.1.3.2 group 300 as-number 300
preference 200 200 200
#
ospf 1
import-route bgp route-policy ospf_import
area 0.0.0.0
network 206.1.2.0 0.0.0.255
#
route-policy ospf_import permit node 10
if-match ip-prefix ospf_import
#
ip ip-prefix ospf_import index 10 permit 162.1.3.0 24
ip ip-prefix ospf_import index 20 permit 162.1.4.0 24
ip ip-prefix ospf_import index 30 permit 166.1.4.0 24
ip ip-prefix ospf_import index 40 permit 166.1.3.0 24
#
……
IV. S200_0
<S200_0> display current-configuration
#
sysname S200_0
#
…….
#
vlan 12
#
vlan 661
#
interface Vlan-interface12
ip address 206.1.2.1 255.255.255.0
#
interface Vlan-interface661
ip address 166.1.1.1 255.255.255.0
#
…….
#
ospf 1
area 0.0.0.10
network 166.1.1.0 0.0.0.255
#
area 0.0.0.0
network 206.1.2.0 0.0.0.255
#
……….
V. S200_10
<S200_10> display current-configuration
#
sysname S200_10
#
…….
#
vlan 621 to 622
#
vlan 661
#
vlan 665
#
interface Vlan-interface621
ip address 162.1.1.1 255.255.255.0
#
interface Vlan-interface622
ip address 162.1.2.1 255.255.255.0
#
interface Vlan-interface661
ip address 166.1.1.2 255.255.255.0
#
interface Vlan-interface665
ip address 166.1.5.1 255.255.255.0
#
………
#
ospf 1
area 0.0.0.10
network 162.1.1.0 0.0.0.255
network 162.1.2.0 0.0.0.255
network 166.1.1.0 0.0.0.255
#
ip route-static 0.0.0.0 0.0.0.0 166.1.5.2 preference 200
#
………
VI. S300
<S300> display current-configuration
#
sysname S300
#
router id 3.1.1.1
#
…..
#
vlan 13
#
vlan 14
#
vlan 22
#
interface Vlan-interface13
ip address 206.1.3.2 255.255.255.0
#
interface Vlan-interface14
ip address 206.1.4.2 255.255.255.0
rip version 2 multicast
#
interface Vlan-interface22
ip address 196.2.2.2 255.255.255.0
#
……
#
undo fabric-port Cascade1/2/1 enable
undo fabric-port Cascade1/2/2 enable
#
interface NULL0
#
bgp 300
network 206.1.3.0
network 196.2.2.0
import-route rip
undo synchronization
group 100 external
peer 196.2.2.1 group 100 as-number 100
group 200 external
peer 206.1.3.3 group 200 as-number 200
preference 200 200 200
#
rip
undo summary
network 206.1.4.0
import-route bgp route-policy rip_import
#
route-policy rip_import permit node 10
if-match ip-prefix rip_import
#
ip ip-prefix rip_import index 10 permit 162.1.1.0 24
ip ip-prefix rip_import index 20 permit 162.1.2.0 24
ip ip-prefix rip_import index 30 permit 166.1.3.0 24
ip ip-prefix rip_import index 40 permit 166.1.4.0 24
#
………
VII. S300_A
<S300_A> display current-configuration
#
sysname S300_A
#
……
#
vlan 14
#
vlan 662
#
vlan 665
#
interface Vlan-interface14
ip address 206.1.4.1 255.255.255.0
rip version 2 multicast
#
interface Vlan-interface662
ip address 166.1.2.1 255.255.255.0
rip version 2 multicast
#
interface Vlan-interface665
ip address 166.1.5.2 255.255.255.0
#
……
#
rip
undo summary
network 206.1.4.0
network 166.1.0.0
import-route static
#
ip route-static 162.1.1.0 255.255.255.0 166.1.5.1 preference 200
ip route-static 162.1.2.0 255.255.255.0 166.1.5.1 preference 200
#
………
VIII. S300_B
<S300_B> display current-configuration
#
sysname S300_B
#
……
#
acl number 2000
rule 5 deny
#
……
#
vlan 623
#
vlan 624
#
vlan 662
#
interface Vlan-interface623
ip address 162.1.3.1 255.255.255.0
rip version 2 multicast
#
interface Vlan-interface624
ip address 162.1.4.1 255.255.255.0
rip version 2 multicast
#
interface Vlan-interface662
ip address 166.1.2.2 255.255.255.0
rip version 2 multicast
#
……
#
rip
undo summary
network 166.1.0.0
network 162.1.0.0
filter-policy 2000 import
#
ip route-static 0.0.0.0 0.0.0.0 166.1.2.1 preference 60
#
……
IX. S400
<S400> display current-configuration
#
sysname S400
#
router id 4.1.1.1
#
……
#
vlan 15 to 16
#
vlan 23
#
interface Vlan-interface15
ip address 196.1.3.3 255.255.255.0
#
interface Vlan-interface16
ip address 206.1.6.3 255.255.255.0
#
interface Vlan-interface23
ip address 196.2.3.3 255.255.255.0
#
……
#
undo fabric-port Cascade1/2/1 enable
undo fabric-port Cascade1/2/2 enable
#
interface NULL0
#
bgp 400
network 196.1.3.0
network 196.2.3.0
import-route ospf 1
undo synchronization
group 100_1 external
peer 196.1.3.1 group 100_1 as-number 100
group 100_2 external
peer 196.2.3.2 group 100_2 as-number 100
preference 200 200 200
#
ospf 1
import-route bgp route-policy ospf_import
area 0.0.0.0
network 206.1.6.0 0.0.0.255
#
route-policy ospf_import permit node 10
if-match ip-prefix ospf_import
#
ip as-path-acl 1 permit ^100 200$
ip as-path-acl 2 permit ^100 300$
#
ip ip-prefix ospf_import index 10 permit 162.1.1.0 24
ip ip-prefix ospf_import index 20 permit 162.1.2.0 24
ip ip-prefix ospf_import index 30 permit 162.1.3.0 24
ip ip-prefix ospf_import index 40 permit 162.1.4.0 24
#
…..
X. S400_0
<S400_0> display current-configuration
#
sysname S400_0
#
………
#
vlan 16
#
vlan 663 to 664
#
………
#
interface Vlan-interface16
ip address 206.1.6.1 255.255.255.0
#
interface Vlan-interface663
ip address 166.1.3.1 255.255.255.0
#
interface Vlan-interface664
ip address 166.1.4.1 255.255.255.0
#
………
#
ospf 1
area 0.0.1.44
network 166.1.3.0 0.0.0.255
network 166.1.4.0 0.0.0.255
#
area 0.0.0.0
network 206.1.6.0 0.0.0.255
#
………
3.4 Verifying the Configuration
3.4.1 Verifying the Configuration of Routing Policy and Static Routes
<S300_B> display ip routing-table
Routing Table: public net
Destination/Mask Protocol Pre Cost Nexthop Interface
0.0.0.0/0 STATIC 60 0 166.1.2.1 Vlan-interface662
127.0.0.0/8 DIRECT 0 0 127.0.0.1 InLoopBack0
127.0.0.1/32 DIRECT 0 0 127.0.0.1 InLoopBack0
162.1.3.0/24 DIRECT 0 0 162.1.3.1 Vlan-interface623
162.1.3.1/32 DIRECT 0 0 127.0.0.1 InLoopBack0
162.1.4.0/24 DIRECT 0 0 162.1.4.1 Vlan-interface624
162.1.4.1/32 DIRECT 0 0 127.0.0.1 InLoopBack0
166.1.2.0/24 DIRECT 0 0 166.1.2.2 Vlan-interface662
166.1.2.2/32 DIRECT 0 0 127.0.0.1 InLoopBack0
<S300_B> tracert -a 162.1.3.1 166.1.4.1
traceroute to 166.1.4.1(166.1.4.1) 30 hops max,40 bytes packet
1 166.1.2.1 18 ms 3 ms 3 ms
2 206.1.4.2 9 ms 4 ms 4 ms
3 196.2.2.1 9 ms 9 ms 18 ms
4 196.2.3.3 6 ms 3 ms 4 ms
5 206.1.6.1 14 ms 4 ms 3 ms
3.4.2 Verifying the BGP and IGP Interaction Configuration
<S400_0> display ip routing-table
Routing Table: public net
Destination/Mask Protocol Pre Cost Nexthop Interface
127.0.0.0/8 DIRECT 0 0 127.0.0.1 InLoopBack0
127.0.0.1/32 DIRECT 0 0 127.0.0.1 InLoopBack0
162.1.1.0/24 O_ASE 150 1 206.1.6.3 Vlan-interface16
162.1.2.0/24 O_ASE 150 1 206.1.6.3 Vlan-interface16
162.1.3.0/24 O_ASE 150 1 206.1.6.3 Vlan-interface16
162.1.4.0/24 O_ASE 150 1 206.1.6.3 Vlan-interface16
166.1.3.0/24 DIRECT 0 0 166.1.3.1 Vlan-interface663
166.1.3.1/32 DIRECT 0 0 127.0.0.1 InLoopBack0
166.1.4.0/24 DIRECT 0 0 166.1.4.1 Vlan-interface664
166.1.4.1/32 DIRECT 0 0 127.0.0.1 InLoopBack0
192.168.0.0/24 DIRECT 0 0 192.168.0.30 Vlan-interface1
192.168.0.30/32 DIRECT 0 0 127.0.0.1 InLoopBack0
206.1.6.0/24 DIRECT 0 0 206.1.6.1 Vlan-interface16
206.1.6.1/32 DIRECT 0 0 127.0.0.1 InLoopBack0
<S300_A> display ip routing-table
Routing Table: public net
Destination/Mask Protocol Pre Cost Nexthop Interface
127.0.0.0/8 DIRECT 0 0 127.0.0.1 InLoopBack0
127.0.0.1/32 DIRECT 0 0 127.0.0.1 InLoopBack0
162.1.1.0/24 RIP 100 1 206.1.4.2 Vlan-interface14
162.1.2.0/24 RIP 100 1 206.1.4.2 Vlan-interface14
162.1.3.0/24 RIP 100 1 166.1.2.2 Vlan-interface662
162.1.4.0/24 RIP 100 1 166.1.2.2 Vlan-interface662
166.1.2.0/24 DIRECT 0 0 166.1.2.1 Vlan-interface662
166.1.2.1/32 DIRECT 0 0 127.0.0.1 InLoopBack0
166.1.3.0/24 RIP 100 1 206.1.4.2 Vlan-interface14
166.1.4.0/24 RIP 100 1 206.1.4.2 Vlan-interface14
166.1.5.0/24 DIRECT 0 0 166.1.5.2 Vlan-interface665
166.1.5.2/32 DIRECT 0 0 127.0.0.1 InLoopBack0
206.1.4.0/24 DIRECT 0 0 206.1.4.1 Vlan-interface14
206.1.4.1/32 DIRECT 0 0 127.0.0.1 InLoopBack0
<S200_10> display ip routing-table
Routing Table: public net
Destination/Mask Protocol Pre Cost Nexthop Interface
0.0.0.0/0 STATIC 200 0 166.1.5.2 Vlan-interface665
127.0.0.0/8 DIRECT 0 0 127.0.0.1 InLoopBack0
127.0.0.1/32 DIRECT 0 0 127.0.0.1 InLoopBack0
162.1.1.0/24 DIRECT 0 0 162.1.1.1 Vlan-interface621
162.1.1.1/32 DIRECT 0 0 127.0.0.1 InLoopBack0
162.1.2.0/24 DIRECT 0 0 162.1.2.1 Vlan-interface622
162.1.2.1/32 DIRECT 0 0 127.0.0.1 InLoopBack0
162.1.3.0/24 O_ASE 150 1 166.1.1.1 Vlan-interface661
162.1.4.0/24 O_ASE 150 1 166.1.1.1 Vlan-interface661
166.1.1.0/24 DIRECT 0 0 166.1.1.2 Vlan-interface661
166.1.1.2/32 DIRECT 0 0 127.0.0.1 InLoopBack0
166.1.3.0/24 O_ASE 150 1 166.1.1.1 Vlan-interface661
166.1.4.0/24 O_ASE 150 1 166.1.1.1 Vlan-interface661
166.1.5.0/24 DIRECT 0 0 166.1.5.1 Vlan-interface665
166.1.5.1/32 DIRECT 0 0 127.0.0.1 InLoopBack0
206.1.2.0/24 OSPF 10 20 166.1.1.1 Vlan-interface661
3.4.3 Verifying the Route Backup Configuration
I. Verify the primary route is installed into the routing table
<S200_10> display ip routing-table
Routing Table: public net
Destination/Mask Protocol Pre Cost Nexthop Interface
0.0.0.0/0 STATIC 200 0 166.1.5.2 Vlan-interface665
127.0.0.0/8 DIRECT 0 0 127.0.0.1 InLoopBack0
127.0.0.1/32 DIRECT 0 0 127.0.0.1 InLoopBack0
162.1.1.0/24 DIRECT 0 0 162.1.1.1 Vlan-interface621
162.1.1.1/32 DIRECT 0 0 127.0.0.1 InLoopBack0
162.1.2.0/24 DIRECT 0 0 162.1.2.1 Vlan-interface622
162.1.2.1/32 DIRECT 0 0 127.0.0.1 InLoopBack0
162.1.3.0/24 O_ASE 150 1 166.1.1.1 Vlan-interface661
162.1.4.0/24 O_ASE 150 1 166.1.1.1 Vlan-interface661
166.1.1.0/24 DIRECT 0 0 166.1.1.2 Vlan-interface661
166.1.1.2/32 DIRECT 0 0 127.0.0.1 InLoopBack0
166.1.3.0/24 O_ASE 150 1 166.1.1.1 Vlan-interface661
166.1.4.0/24 O_ASE 150 1 166.1.1.1 Vlan-interface661
166.1.5.0/24 DIRECT 0 0 166.1.5.1 Vlan-interface665
166.1.5.1/32 DIRECT 0 0 127.0.0.1 InLoopBack0
206.1.2.0/24 OSPF 10 20 166.1.1.1 Vlan-interface661
<S200_10> tracert -a 162.1.1.1 166.1.3.1
traceroute to 166.1.3.1(166.1.3.1) 30 hops max,40 bytes packet
1 166.1.1.1 10 ms 3 ms 3 ms
2 206.1.2.3 13 ms 3 ms 5 ms
3 196.1.1.1 9 ms 3 ms 4 ms
4 196.1.3.3 12 ms 3 ms 3 ms
5 206.1.6.1 14 ms 5 ms 3 ms
II. Verify the backup route is installed into the routing table after the primary one fails
<S200_10> display ip routing-table
Routing Table: public net
Destination/Mask Protocol Pre Cost Nexthop Interface
0.0.0.0/0 STATIC 200 0 166.1.5.2 Vlan-interface665
127.0.0.0/8 DIRECT 0 0 127.0.0.1 InLoopBack0
127.0.0.1/32 DIRECT 0 0 127.0.0.1 InLoopBack0
162.1.1.0/24 DIRECT 0 0 162.1.1.1 Vlan-interface621
162.1.1.1/32 DIRECT 0 0 127.0.0.1 InLoopBack0
162.1.2.0/24 DIRECT 0 0 162.1.2.1 Vlan-interface622
162.1.2.1/32 DIRECT 0 0 127.0.0.1 InLoopBack0
166.1.5.0/24 DIRECT 0 0 166.1.5.1 Vlan-interface665
166.1.5.1/32 DIRECT 0 0 127.0.0.1 InLoopBack0
<S200_10> tracert -a 162.1.1.1 166.1.3.1
traceroute to 166.1.3.1(166.1.3.1) 30 hops max,40 bytes packet
1 166.1.5.2 11 ms 3 ms 4 ms
2 206.1.4.2 13 ms 3 ms 4 ms
3 196.2.2.1 13 ms 3 ms 6 ms
4 196.2.3.3 11 ms 3 ms 4 ms
5 206.1.6.1 12 ms 3 ms 4 ms
3.4.4 Verifying the MED Attribute Configuration
I. Trace the packet forwarding path when the default MED is used
<S400_0> tracert -a 166.1.3.1 162.1.1.1
traceroute to 162.1.1.1(162.1.1.1) 30 hops max,40 bytes packet
1 206.1.6.3 11 ms 3 ms 7 ms
2 196.1.3.1 10 ms 3 ms 8 ms
3 196.1.1.3 8 ms 3 ms 3 ms
4 206.1.2.1 13 ms 4 ms 3 ms
5 166.1.1.2 13 ms 4 ms 3 ms
<S400_0> tracert -a 166.1.3.1 162.1.3.1
traceroute to 162.1.3.1(162.1.3.1) 30 hops max,40 bytes packet
1 206.1.6.3 11 ms 3 ms 3 ms
2 196.1.3.1 14 ms 4 ms 5 ms
3 196.3.1.2 10 ms 8 ms 17 ms
4 196.2.2.2 14 ms 3 ms 3 ms
5 206.1.4.1 13 ms 3 ms 3 ms
6 166.1.2.2 13 ms 3 ms 4 ms
II. Trace the packet forwarding path after the MED is modified
# Create AS path ACL 1 and permit the routes whose AS_PATH starts with 100 and ends with 200.
[S400] ip as-path-acl 1 permit ^100 200$
# Display the routes that match AS path ACL 1.
<S400> display bgp routing as-path-acl 1
Flags: # - valid ^ - active I - internal
D - damped H - history S - aggregate suppressed
Dest/Mask Next-Hop Med Local-pref Origin Path ----------------------------------------------------------------------
#^ 162.1.1.0/24 196.1.3.1 100 100 INC 100 200
# 162.1.1.0/24 196.2.3.2 200 100 INC 100 200
#^ 162.1.2.0/24 196.1.3.1 100 100 INC 100 200
# 162.1.2.0/24 196.2.3.2 200 100 INC 100 200
#^ 166.1.1.0/24 196.1.3.1 0 100 INC 100 200
# 166.1.1.0/24 196.2.3.2 0 100 INC 100 200
#^ 206.1.3.0 196.1.3.1 0 100 IGP 100 200
# Create AS path ACL 2 and permit the routes whose AS_PATH starts with 100 and ends with 300.
[S400] ip as-path-acl 2 permit ^100 300$
# Display the routes that match AS path ACL 2.
<S400> display bgp routing as-path-acl 2
Flags: # - valid ^ - active I - internal
D - damped H - history S - aggregate suppressed
Dest/Mask Next-Hop Med Local-pref Origin Path ----------------------------------------------------------------------
#^ 162.1.3.0/24 196.2.3.2 100 100 INC 100 300
# 162.1.3.0/24 196.1.3.1 200 100 INC 100 300
#^ 162.1.4.0/24 196.2.3.2 100 100 INC 100 300
# 162.1.4.0/24 196.1.3.1 200 100 INC 100 300
#^ 166.1.2.0/24 196.1.3.1 0 100 INC 100 300
# 166.1.2.0/24 196.2.3.2 0 100 INC 100 300
#^ 166.1.5.0/24 196.1.3.1 0 100 INC 100 300
# 166.1.5.0/24 196.2.3.2 0 100 INC 100 300
# 206.1.3.0 196.2.3.2 0 100 IGP 100 300
<S400_0> tracert -a 166.1.3.1 162.1.1.1
traceroute to 162.1.1.1(162.1.1.1) 30 hops max,40 bytes packet
1 206.1.6.3 9 ms 4 ms 3 ms
2 196.1.3.1 13 ms 4 ms 3 ms
3 196.1.1.3 14 ms 4 ms 3 ms
4 206.1.2.1 12 ms 3 ms 3 ms
5 166.1.1.2 13 ms 4 ms 3 ms
<S400_0> tracert -a 166.1.3.1 162.1.3.1
traceroute to 162.1.3.1(162.1.3.1) 30 hops max,40 bytes packet
1 206.1.6.3 10 ms 4 ms 3 ms
2 196.2.3.2 13 ms 3 ms 5 ms
3 196.2.2.2 12 ms 5 ms 3 ms
4 206.1.4.1 12 ms 4 ms 3 ms
5 166.1.2.2 14 ms 3 ms 5 ms
3.5 Precautions
In the configuration and verification process, pay attention to the following points:
l Disable the Fabric function before enabling BGP on Fabric-capable devices.
l To achieve the configuration goal, you are recommended to set the BGP preference to 200. For devices with static routes configured, set a preference for the static routes as required.
l On S300_A, the backup route (static route) cannot be switched to the primary RIP route automatically, so you need to delete the backup route manually and then add it again.
l Since the routing policy is applied when BGP routes are redistributed into IGP, some route entries may not be redistributed, so you are recommended to use the tracert –a /ping –a command to verify the configuration in the source address mode.
