Table of Contents

Chapter 1 Static Routing Configuration. 1-1

1.1 Introduction. 1-1

1.1.1 Static Route. 1-1

1.1.2 Default Route. 1-1

1.1.3 Application Environment of Static Routing. 1-2

1.2 Configuring a Static Route. 1-2

1.2.1 Configuration Prerequisites. 1-2

1.2.2 Configuration Procedure. 1-2

1.3 Detecting Reachability of the Static Route’s Nexthop. 1-3

1.3.1 Detecting Nexthop Reachability Through Track. 1-3

1.4 Displaying and Maintaining Static Routes. 1-4

1.5 Configuration Example. 1-5

Chapter 2 RIP Configuration. 2-1

2.1 RIP Overview. 2-1

2.1.1 RIP Working Mechanism.. 2-1

2.1.2 Operation of RIP. 2-3

2.1.3 RIP Version. 2-3

2.1.4 RIP Message Format 2-4

2.1.5 Supported RIP Features. 2-5

2.1.6 Protocols and Standards. 2-5

2.2 Configuring RIP Basic Functions. 2-6

2.2.1 Configuration Prerequisites. 2-6

2.2.2 Configuration Procedure. 2-6

2.3 Configuring RIP Route Control 2-8

2.3.1 Configuring an Additional Routing Metric. 2-8

2.3.2 Configuring RIPv2 Route Summarization. 2-9

2.3.3 Disabling Host Route Reception. 2-10

2.3.4 Advertising a Default Route. 2-10

2.3.5 Configuring Inbound/Outbound Route Filtering. 2-11

2.3.6 Configuring a Priority for RIP. 2-11

2.3.7 Configuring RIP Route Redistribution. 2-12

2.4 Configuring RIP Network Optimization. 2-12

2.4.1 Configuring RIP Timers. 2-12

2.4.2 Configuring Split Horizon and Poison Reverse. 2-13

2.4.3 Enabling Zero Field Check on Incoming RIPv1 Messages. 2-14

2.4.4 Enabling Source IP Address Check on Incoming RIP Updates. 2-14

2.4.5 Configuring RIPv2 Message Authentication. 2-15

2.4.6 Specifying a RIP Neighbor 2-15

2.5 Displaying and Maintaining RIP. 2-16

2.6 RIP Configuration Examples. 2-16

2.6.1 Configuring RIP Version. 2-16

2.7 Troubleshooting RIP. 2-18

2.7.1 No RIP Updates Received. 2-18

2.7.2 Route Oscillation Occurred. 2-18

Chapter 3 Routing Policy Configuration. 3-1

3.1 Introduction to Routing Policy. 3-1

3.1.1 Routing Policy. 3-1

3.1.2 Filters. 3-1

3.1.3 Routing Policy Application. 3-2

3.2 Routing Policy Configuration Task List 3-3

3.3 Defining Filtering Lists. 3-3

3.3.1 Prerequisites. 3-3

3.3.2 Defining an IPv4 prefix List 3-3

3.4 Configuring a Routing Policy. 3-4

3.4.1 Prerequisites. 3-4

3.4.2 Creating a Routing Policy. 3-4

3.4.3 Defining if-match Clauses for the Routing Policy. 3-5

3.4.4 Defining apply Clauses for the Routing Policy. 3-6

3.5 Displaying and Maintaining the Routing Policy. 3-7

3.6 Routing Policy Configuration Example. 3-7

3.6.1 Applying Routing Policy When Redistributing IPv4 Routes. 3-7

3.7 Troubleshooting Routing Policy Configuration. 3-9

3.7.1 IPv4 Routing Information Filtering Failure. 3-9

 

Chapter 1  Static Routing Configuration

When configuring a static route, go to these sections for information you are interested in:

l           Introduction

l           Configuring a Static Route

l           Detecting Reachability of the Static Route’s Nexthop

l           Displaying and Maintaining Static Routes

l           Configuration Example

 

 

1.1  Introduction

1.1.1  Static Route

A static route is a special route that is manually configured by the network administrator. If a network’s topology is simple, you only need to configure static routes for the network to work normally. The proper configuration and usage of static routes can improve network performance and ensure bandwidth for important network applications.

The disadvantage of using static routes is that they cannot adapt to network topology changes. If a fault or a topological change occurs in the network, the routes will be unreachable and the network breaks. In this case, the network administrator has to modify the static routes manually.

1.1.2  Default Route

A router selects the default route only when it cannot find any matching entry in the routing table.

If the destination address of a packet fails to match any entry in the routing table, the router selects the default route to forward the packet.

If there is no default route and the destination address of the packet fails to match any entry in the routing table, the packet will be discarded and an ICMP packet will be sent to the source to report that the destination or the network is unreachable.

You can create the default route with both destination and mask being 0.0.0.0, and some dynamic routing protocols, such as OSPF, RIP and IS-IS, can also generate the default route.

1.1.3  Application Environment of Static Routing

Before configuring a static route, you need to know the following concepts:

1)         Destination address and mask

In the ip route-static command, an IPv4 address is in dotted decimal format and a mask can be either in dotted decimal format or in the form of mask length (the digits of consecutive 1s in the mask).

2)         Output interface and next hop address

While configuring a static route, you can specify either the output interface or the next hop address depending on the specific occasion. The next hop address can not be a local interface IP address; otherwise, the route configuration will not take effect.

In fact, all the route entries must have a next hop address. When forwarding a packet, a router first searches the routing table for the route to the destination address of the packet. The system can find the corresponding link layer address and forward the packet only after the next hop address is specified.

When specifying the output interface, note that:

l           If the output interface is a NULL 0 interface, there is no need to configure the next hop address.

l           You are not recommended to specify a broadcast interface (such as VLAN interface) as the output interface, because a broadcast interface may have multiple next hops. If you have to do so, you must specify the corresponding next hop for the output interface.

3)         Other attributes

You can configure different preferences for different static routes so that route management policies can be applied more flexibly. For example, specifying the same preference for different routes to the same destination enables load sharing, while specifying different preferences for these routes enables route backup.

1.2  Configuring a Static Route

1.2.1  Configuration Prerequisites

Before configuring a static route, you need to configure the IP addresses for related interfaces.

1.2.2  Configuration Procedure

Follow these steps to configure a static route:

To do…	Use the command…	Remarks
Enter system view	system-view	—
Configure a static route	ip route-static dest-address { mask | mask-length } { next-hop-address | interface-type interface-number [ next-hop-address ] } [ preference preference-value ] [ tag tag-value ] [ description description-text ]	Required By default, preference for static routes is 60, tag is 0, and no description information is configured.
Configure the default preference for static routes	ip route-static default-preference default-preference-value	Optional 60 by default

 

 

1.3  Detecting Reachability of the Static Route’s Nexthop

If a static route fails due to a topology change or a fault, the connection will be interrupted. To improve network stability, the system needs to detect reachability of the static route’s next hop and switch to a backup route once the next hop is unreachable.

1.3.1  Detecting Nexthop Reachability Through Track

If you specify the nexthop but not outgoing interface when configuring a static route, you can associate the static route with a track entry to check the static route validity:

l           When the track entry is positive, the static route's nexthop is reachable and the static route takes effect.

l           When the track entry is negative, the static route's nexthop is unreachable and the static route is invalid. For details about track, refer to Track Configuration.

I. Network requirements

To detect the reachability of a static route's nexthop through a Track entry, you need to create a Track first. For detailed Track configuration procedure, refer to Track Configuration.

II. Configuration procedure

Follow these steps to detect the reachability of a static route's nexthop through Track:

To do…	Use the command…	Remarks
Enter system view	system-view	—
Associate the static route with a track entry	ip route-static dest-address { mask | mask-length } next-hop-address track track-entry-number [ preference preference-value ] [ tag tag-value ] [ description description-text ]	Required Not configured by default

 

 

1.4  Displaying and Maintaining Static Routes

To do…	Use the command…	Remarks
Display the current configuration information	display current-configuration	Available in any view
Display the brief information of the IP routing table	display ip routing-table
Display the detailed information of the IP routing table	display ip routing-table verbose
View information of static routes	display ip routing-table protocol static [ inactive | verbose ]
Delete all the static routes	delete static-routes all	Available In system view

 

1.5  Configuration Example

I. Network requirements

The IP addresses and masks of the switches and hosts are shown in the following figure. Static routes are required for interconnection between any two hosts.

II. Network diagram

Figure 1-1 Network diagram for static route configuration

III. Configuration procedure

1)         Configuring IP addresses for interfaces (omitted)

2)         Configuring static routes

# Configure a default route on Switch A

<SwitchA> system-view

[SwitchA] ip route-static 0.0.0.0 0.0.0.0 1.1.4.2

# Configure two static routes on Switch B

<SwitchB> system-view

[SwitchB] ip route-static 1.1.2.0 255.255.255.0 1.1.4.1

[SwitchB] ip route-static 1.1.3.0 255.255.255.0 1.1.5.6

# Configure a default route on Switch C

<SwitchC> system-view

[SwitchC] ip route-static 0.0.0.0 0.0.0.0 1.1.5.5

3)         Configure the hosts

The default gateways for the three hosts A, B and C are 1.1.2.3, 1.1.6.1 and 1.1.3.1 respectively. The configuration procedure is omitted.

4)         Display the configuration result

# Display the IP routing table of Switch A.

[SwitchA] display ip routing-table

Routing Tables: Public

         Destinations : 7       Routes : 7

 

Destination/Mask    Proto  Pre  Cost         NextHop         Interface

 

0.0.0.0/0           Static 60   0            1.1.4.2         Vlan500

1.1.2.0/24          Direct 0    0            1.1.2.3         Vlan300

1.1.2.3/32          Direct 0    0            127.0.0.1       InLoop0

1.1.4.0/30          Direct 0    0            1.1.4.1         Vlan500

1.1.4.1/32          Direct 0    0            127.0.0.1       InLoop0

127.0.0.0/8         Direct 0    0            127.0.0.1       InLoop0

127.0.0.1/32        Direct 0    0            127.0.0.1       InLoop0

# Display the IP routing table of Switch B.

[SwitchB] display ip routing-table

Routing Tables: Public

         Destinations : 10       Routes : 10

 

Destination/Mask    Proto  Pre  Cost         NextHop         Interface

 

1.1.2.0/24          Static 60   0            1.1.4.1         Vlan500

1.1.3.0/24          Static 60   0            1.1.5.6         Vlan600

1.1.4.0/30          Direct 0    0            1.1.4.2         Vlan500

1.1.4.2/32          Direct 0    0            127.0.0.1       InLoop0

1.1.5.0/30          Direct 0    0            1.1.5.5         Vlan600

1.1.5.5/32          Direct 0    0            127.0.0.1       InLoop0

127.0.0.0/8         Direct 0    0            127.0.0.1       InLoop0

127.0.0.1/32        Direct 0    0            127.0.0.1       InLoop0

1.1.6.0/24          Direct 0    0            1.1.6.1         Vlan100

1.1.6.1/32          Direct 0    0            127.0.0.1       InLoop0     

# From Host A, use the ping command to verify the network layer reachability to Host B and Host C.

 

Chapter 2  RIP Configuration

 

 

When configuring RIP, go to these sections for information you are interested in:

l           RIP Overview

l           Configuring RIP Basic Functions

l           Configuring RIP Route Control

l           Configuring RIP Network Optimization

l           Displaying and Maintaining RIP

l           RIP Configuration Examples

l           Troubleshooting RIP

2.1  RIP Overview

RIP is a simple Interior Gateway Protocol (IGP), mainly used in small-sized networks, such as academic networks and simple LANs. RIP is not applicable to complex networks.

RIP is still widely used in practical networking due to easier implementation, configuration and maintenance than OSPF and IS-IS.

2.1.1  RIP Working Mechanism

I. Basic concepts

RIP is a distance vector routing protocol, using UDP packets for exchanging information through port 520.

RIP uses a hop count to measure the distance to a destination. The hop count is known as the metric. The hop count from a router to a directly connected network is 0. The hop count from one router to a directly connected router is 1. To limit convergence time, the range of RIP metric value is from 0 to 15. A metric value of 16 (or bigger) is considered infinite, which means the destination network is unreachable. That is why RIP is not suitable for large-scaled networks.

RIP prevents routing loops by implementing the split horizon and poison reverse functions.

II. RIP routing table

A RIP router has a routing table containing routing entries of all reachable destinations, and each routing entry contains:

l           Destination address: IP address of a host or a network.

l           Next hop: IP address of the adjacent router’s interface to reach the destination.

l           Egress interface: Packet outgoing interface.

l           Metric: Cost from the local router to the destination.

l           Route time: Time elapsed since the routing entry was last updated. The time is reset to 0 every time the routing entry is updated.

l           Route tag: Identifies a route, used in a routing policy to flexibly control routes. For information about routing policy, refer to Routing Policy Configuration.

III. RIP timers

RIP employs four timers, update, timeout, suppress, and garbage-collect.

l           The update timer defines the interval between routing updates.

l           The timeout timer defines the route aging time. If no update for a route is received within the aging time, the metric of the route is set to 16 in the routing table.

l           The suppress timer defines how long a RIP route stays in the suppressed state. When the metric of a route is 16, the route enters the suppressed state. In the suppressed state, only routes which come from the same neighbor and whose metric is less than 16 will be received by the router to replace unreachable routes.

l           The garbage-collect timer defines the interval from when the metric of a route becomes 16 to when it is deleted from the routing table. During the garbage-collect timer length, RIP advertises the route with the routing metric set to 16. If no update is announced for that route after the garbage-collect timer expires, the route will be deleted from the routing table.

IV. Routing loops prevention

RIP is a distance vector (D-V) routing protocol. Since a RIP router advertises its own routing table to neighbors, routing loops may occur.

RIP uses the following mechanisms to prevent routing loops.

l           Counting to infinity. The metric value of 16 is defined as unreachable. When a routing loop occurs, the metric value of the route will increment to 16.

l           Split horizon. A router does not send the routing information learned from a neighbor to the neighbor to prevent routing loops and save bandwidth.

l           Poison reverse. A router sets the metric of routes received from a neighbor to 16 and sends back these routes to the neighbor to help delete useless information from the neighbor’s routing table.

l           Triggered updates. A router advertises updates once the metric of a route is changed rather than after the update period expires to speed up network convergence.

2.1.2  Operation of RIP

The following procedure describes how RIP works.

1)         After RIP is enabled, the router sends Request messages to neighboring routers. Neighboring routers return Response messages including information about their routing tables.

2)         After receiving such information, the router updates its local routing table, and sends triggered update messages to its neighbors. All routers on the network do the same to keep the latest routing information.

3)         By default, a RIP router sends its routing table to neighbors every 30 seconds.

4)         RIP ages out routes by adopting an aging mechanism to keep only valid routes.

2.1.3  RIP Version

RIP has two versions, RIPv1 and RIPv2.

RIPv1, a classful routing protocol, supports message advertisement via broadcast only. RIPv1 protocol messages do not carry mask information, which means it can only recognize routing information of natural networks such as Class A, B, C. That is why RIPv1 does not support discontiguous subnets.

RIPv2 is a classless routing protocol. Compared with RIPv1, RIPv2 has the following advantages.

l           Supporting route tags. Route tags are used in routing policies to flexibly control routes.

l           Supporting masks, route summarization and Classless Inter-Domain Routing (CIDR).

l           Supporting designated next hops to select the best next hops on broadcast networks.

l           Supporting multicast routing update to reduce resource consumption.

l           Supporting plain text authentication and MD5 authentication to enhance security.

 

 

2.1.4  RIP Message Format

I. RIPv1 message format

A RIPv1 message consists of a header and up to 25 route entries.

Figure 2-1 shows the format of RIPv1 message.

Figure 2-1 RIPv1 Message Format

l           Command: Type of message. 1 indicates request, and 2 indicates response.

l           Version: Version of RIP, 0x01 for RIPv1.

l           AFI: Address Family Identifier, 2 for IP.

l           IP Address: Destination IP address of the route. It can be a natural network, subnet or a host address.

l           Metric: Cost of the route.

II. RIPv2 message format

The format of RIPv2 message is similar with RIPv1. Figure 2-2 shows it.

Figure 2-2 RIPv2 Message Format

The differences from RIPv1 are stated as following.

l           Version: Version of RIP. For RIPv2 the value is 0x02.

l           Route Tag: Route Tag.

l           IP Address: Destination IP address. It could be a natural network address, subnet address or host address.

l           Subnet Mask: Mask of the destination address.

l           Next Hop: If set to 0.0.0.0, it indicates that the originator of the route is the best next hop; otherwise it indicates a next hop better than the originator of the route.

III. RIPv2 authentication

RIPv2 sets the AFI field of the first route entry to 0xFFFF to identify authentication information. See Figure 2-3.

Figure 2-3 RIPv2 Authentication Message

l           Authentication Type: 2 represents plain text authentication, while 3 represents MD5.

l           Authentication: Authentication data, including password information when plain text authentication is adopted or including key ID, MD5 authentication data length and sequence number when MD5 authentication is adopted.

 

 

2.1.5  Supported RIP Features

The current implementation supports RIPv1 and RIPv2

2.1.6  Protocols and Standards

RFC 1058: Routing Information Protocol

RFC 1723: RIP Version 2 - Carrying Additional Information

RFC 1721: RIP Version 2 Protocol Analysis

RFC 1722: RIP Version 2 Protocol Applicability Statement

RFC 1724: RIP Version 2 MIB Extension

RFC 2082: RIPv2 MD5 Authentication

2.2  Configuring RIP Basic Functions

2.2.1  Configuration Prerequisites

Before configuring RIP basic functions, configure IP addresses for interfaces, making all adjacent nodes reachable to each other at the network layer.

2.2.2  Configuration Procedure

I. Enabling RIP and a RIP interface

Follow these steps to enable RIP:

To do…	Use the command…	Remarks
Enter system view	System-view	––
Enable a RIP process and enter RIP view	rip [ process-id ]	Required Not enabled by default
Enable RIP on the interface attached to the specified network	network network-address	Required Disabled by default

 

 

II. Configuring the interface behavior

Follow these steps to configure the interface behavior:

To do…	Use the command…	Remarks
Enter system view	system-view	––
Enter RIP view	rip [ process-id ]	––
Disable an or all interfaces from sending routing updates (the interfaces can still receive updates)	silent-interface { all | interface-type interface-number }	Optional All interfaces can send routing updates by default.
Return to system view	quit	—
Enter interface view	interface interface-type interface-number	—
Enable the interface to receive RIP messages	rip input	Optional Enabled by default
Enable the interface to send RIP messages	rip output	Optional Enabled by default

 

III. Configuring a RIP version

You can configure a RIP version in RIP or interface view.

l           If neither global nor interface RIP version is configured, the interface sends RIPv1 broadcasts and can receive RIPv1 broadcast and unicast packets, and RIPv2 broadcast, multicast, and unicast packets.

l           If an interface has no RIP version configured, it uses the global RIP version; otherwise it uses the RIP version configured on it.

l           With RIPv1 configured, an interface sends RIPv1 broadcasts, and can receive RIPv1 broadcasts and RIPv1 unicasts.

l           With RIPv2 configured, a multicast interface sends RIPv2 multicasts and can receive RIPv2 unicasts, broadcasts and multicasts.

l           With RIPv2 configured, a broadcast interface sends RIPv2 broadcasts and can receive RIPv1 unicasts, and broadcasts, and RIPv2 broadcasts, multicasts and unicasts.

Follow these steps to configure a RIP version:

To do…	Use the command…	Remarks
Enter system view	system-view	––
Enter RIP view	rip [ process-id ]	––
Specify a global RIP version	version { 1 | 2 }	Optional By default, if an interface has a RIP version specified, the version takes precedence over the global one. If no RIP version is specified for an interface, the interface can send RIPv1 broadcasts, and receive RIPv1 broadcasts, unicasts, RIPv2 broadcasts, multicasts and unicasts.
Return to system view	Quit	—
Enter interface view	interface interface-type interface-number	––
Specify a RIP version for the interface	rip version { 1 | 2 [ broadcast | multicast ] }	Optional

 

2.3  Configuring RIP Route Control

In complex networks, you need to configure advanced RIP features.

This section covers the following topics:

l           Configuring an Additional Routing Metric

l           Configuring RIPv2 Route Summarization

l           Disabling Host Route Reception

l           Advertising a Default Route

l           Configuring Inbound/Outbound Route Filtering

l           Configuring a Priority for RIP

l           Configuring RIP Route Redistribution

Before configuring RIP routing feature, complete the following tasks:

l           Configure an IP address for each interface, and make sure all neighboring routers are reachable to each other.

l           Configure RIP basic functions

2.3.1  Configuring an Additional Routing Metric

An additional routing metric can be added to the metric of an inbound or outbound RIP route.

The outbound additional metric is added to the metric of a sent route, the route’s metric in the routing table is not changed.

The inbound additional metric is added to the metric of a received route before the route is added into the routing table, so the route’s metric is changed.

Follow these steps to configure additional routing metrics:

To do…	Use the command…	Remarks
Enter system view	system-view	––
Enter interface view	interface interface-type interface-number	––
Define an inbound additional routing metric	rip metricin [ route-policy route-policy-name ] value	Optional 0 by default
Define an outbound additional routing metric	rip metricout [ route-policy route-policy-name ] value	Optional 1 by default

 

2.3.2  Configuring RIPv2 Route Summarization

Route summarization means that subnets in a natural network are summarized with a natural network that is sent to other networks. This feature can reduce the size of routing tables.

I. Enabling RIPv2 route automatic summarization

You can disable RIPv2 route automatic summarization if you want to advertise all subnet routes.

Follow these steps to enable RIPv2 route automatic summarization:

To do…	Use the command…	Remarks
Enter system view	system-view	––
Enter RIP view	rip [ process-id ]	––
Enable RIPv2 automatic route summarization	summary	Optional Enabled by default

 

II. Advertising a summary route

You can configure RIPv2 to advertise a summary route on the specified interface.

To do so, use the following commands:

To do…	Use the command…	Remarks
Enter system view	system-view	––
Enter RIP view	rip [ process-id ]	––
Disable RIPv2 automatic route summarization	undo summary	Required Enabled by default
Return to system view	quit	—
Enter interface view	interface interface-type interface-number	—
Advertise a summary route	rip summary-address ip-address { mask | mask-length }	Required

 

 

2.3.3  Disabling Host Route Reception

Sometimes a router may receive many host routes from the same network, which are not helpful for routing and occupy a large amount of network resources. In this case, you can disable RIP from receiving host routes to save network resources.

Follow these steps to disable RIP from receiving host routes:

To do…	Use the command…	Remarks
Enter system view	system-view	—
Enter RIP view	rip [ process-id ]	—
Disable RIP from receiving host routes	undo host-route	Required Enabled by default

 

 

2.3.4  Advertising a Default Route

You can configure RIP to advertise a default route with A specified metric to RIP neighbors.

Follow these steps to configure RIP to advertise a default route:

To do…	Use the command…	Remarks
Enter system view	system-view	––
Enter RIP view	rip [ process-id ]	––
Enable RIP to advertise a default route	default-route originate cost value	Required Not enabled by default

 

 

2.3.5  Configuring Inbound/Outbound Route Filtering

The device supports route filtering. You can filter routes by configuring the inbound and outbound route filtering policies via referencing an ACL or IP prefix list. You can also configure the router to receive only routes from a specified neighbor.

Follow these steps to configure route filtering:

To do…	Use the command…	Remarks
Enter system view	system-view	––
Enter RIP view	rip [ process-id ]	––
Configure the filtering of incoming routes	filter-policy { acl-number | gateway ip-prefix-name | ip-prefix ip-prefix-name [ gateway ip-prefix-name ] } import [ interface-type interface-number ]	Required Not configured by default
Configure the filtering of outgoing routes	filter-policy { acl-number | ip-prefix ip-prefix-name } export [ protocol [ process-id ] | interface-type interface-number ]	Required Not configured by default

 

 

2.3.6  Configuring a Priority for RIP

Multiple IGP protocols may run in a router. If you want RIP routes to have a higher priority than those learned by other routing protocols, you can assign RIP a smaller priority value to influence optimal route selection.

Follow these steps to configure a priority for RIP:

To do…	Use the command…	Remarks
Enter system view	system-view	––
Enter RIP view	rip [ process-id ]	––
Configure a priority for RIP	preference [ route-policy route-policy-name ] value	Optional 100 by default

 

2.3.7  Configuring RIP Route Redistribution

Follow these steps to configure RIP route redistribution:

To do…	Use the command…	Remarks
Enter system view	system-view	––
Enter RIP view	rip [ process-id ]	––
Configure a default metric for redistributed routes	default-cost value	Optional The default metric of a redistributed route is 0 by default.
Redistribute routes from another protocol	import-route protocol  [ cost cost | route-policy route-policy-name | tag tag ] *	Required No redistribution is configured by default.

 

2.4  Configuring RIP Network Optimization

Complete the following tasks before configuring RIP network optimization:

l           Configure network addresses for interfaces, and make neighboring nodes reachable to each other;

l           Configure RIP basic functions.

2.4.1  Configuring RIP Timers

Follow these steps to configure RIP timers:

To do…	Use the command…	Remarks
Enter system view	system-view	––
Enter RIP view	rip [ process-id ]	––
Configure values for RIP timers	timers { garbage-collect garbage-collect-value | suppress suppress-value | timeout timeout-value | update update-value }*	Optional The default update timer, timeout timer, suppress timer, and garbage-collect timer are 30s, 180s, 120s and 120s respectively.

 

 

2.4.2  Configuring Split Horizon and Poison Reverse

 

 

I. Enabling split horizon

The split horizon function disables an interface from sending routes received from the interface to prevent routing loops between adjacent routers.

Follow these steps to enable split horizon:

To do…	Use the command…	Remarks
Enter system view	system-view	—
Enter interface view	interface interface-type interface-number	—
Enable split horizon	rip split-horizon	Optional Enabled by default

 

 

II. Enabling poison reverse

The poison reverse function allows an interface to advertise the routes received from it, but the metric of these routes is set to 16, making them unreachable.

Follow these steps to enable poison reverse:

To do…	Use the command…	Remarks
Enter system view	system-view	—
Enter interface view	interface interface-type interface-number	—
Enable poison reverse	rip poison-reverse	Required Disabled by default

 

2.4.3  Enabling Zero Field Check on Incoming RIPv1 Messages

Some fields in the RIPv1 message must be zero. These fields are called zero fields. You can enable zero field check on received RIPv1 messages. If such a field contains a non-zero value, the RIPv1 message will not be processed. If you are sure that all messages are trusty, you can disable zero field check to save CPU resources.

Follow these steps to enable zero field check on incoming RIPv1 messages:

To do…	Use the command…	Remarks
Enter system view	system-view	––
Enter RIP view	rip [ process-id ]	––
Enable zero field check on received RIPv1 messages	checkzero	Optional Enabled by default

 

2.4.4  Enabling Source IP Address Check on Incoming RIP Updates

You can enable source IP address check on incoming RIP updates.

For a message received on an Ethernet interface, RIP compares the source IP address of the message with the IP address of the interface. If they are not in the same network segment, RIP discards the message.

For a message received on a serial interface, RIP checks whether the source address of the message is the IP address of the peer interface. If not, RIP discards the message.

Follow these steps to enable source IP address check on incoming RIP updates:

To do…	Use the command…	Remarks
Enter system view	system-view	––
Enter RIP view	rip [ process-id ]	––
Enable source IP address check on incoming RIP messages	validate-source-address	Optional Enabled by default

 

 

2.4.5  Configuring RIPv2 Message Authentication

RIPv2 supports two authentication modes: plain text and MD5.

In plain text authentication, the authentication information is sent with the RIP message, which however cannot meet high security needs.

Follow these steps to configure RIPv2 message authentication:

To do…	Use the command…	Remarks
Enter system view	system-view	––
Enter interface view	interface interface-type interface-number	––
Configure RIPv2 authentication	rip authentication-mode { md5 { rfc2082 key-string key-id | rfc2453 key-string } | simple password }	Required

 

2.4.6  Specifying a RIP Neighbor

Usually, RIP sends messages to broadcast or multicast addresses. On non broadcast or multicast links, you need to manually specify RIP neighbors. If a specified neighbor is not directly connected, you must disable source address check on incoming updates.

Follow these steps to specify a RIP neighbor:

To do…	Use the command…	Remarks
Enter system view	system-view	––
Enter RIP view	rip [ process-id ]	––
Specify a RIP neighbor	peer ip-address	Required By default, RIP sends no updates to any IP address.
Disable source address check on incoming RIP updates	undo validate-source-address	Required Not disabled by default

 

 

2.5  Displaying and Maintaining RIP

To do…	Use the command…	Remarks
Display RIP current status and configuration information	display rip [ process-id ]	Available in any view
Display all active routes in RIP database	display rip process-id database
Display RIP interface information	display rip process-id interface [ interface-type interface-number ]
Display routing information about a specified RIP process	display rip process-id route [ statistics | ip-address { mask | mask-length } | peer ip-address ]
Clear the statistics of a RIP process	reset rip process-id statistics	Available in user view

 

2.6  RIP Configuration Examples

2.6.1  Configuring RIP Version

I. Network requirements

As shown in Figure 2-4, enable RIPv2 on all interfaces on Switch A and Switch B.

II. Network diagram

Figure 2-4 Network diagram for RIP version configuration

III. Configuration procedure

1)         Configure IP addresses for interfaces (omitted).

2)         Configure basic RIP functions

# Configure Switch A.

<SwitchA> system-view

[SwitchA] rip

[SwitchA-rip-1] network 192.168.1.0

[SwitchA-rip-1] network 172.16.0.0

[SwitchA-rip-1] network 172.17.0.0

[SwitchA-rip-1] quit

# Configure Switch B.

<SwitchB> system-view

[SwitchB] rip

[SwitchB-rip-1] network 192.168.1.0

[SwitchB-rip-1] network 10.0.0.0

[SwitchB-rip-1] quit

# Display the RIP routing table of Switch A.

[SwitchA] display rip 1 route

Route Flags: R - RIP, T - TRIP

              P - Permanent, A - Aging, S - Suppressed, G - Garbage-collect

-------------------------------------------------------------------------

 Peer 192.168.1.2  on Vlan-interface100

      Destination/Mask        Nexthop     Cost    Tag   Flags   Sec

         10.0.0.0/8        192.168.1.2      1       0    RA      11

From the routing table, you can find RIPv1 uses natural mask.

3)         Configure RIP version

# Configure RIPv2 on Switch A.

[SwitchA] rip

[SwitchA-rip-1] version 2

[SwitchA-rip-1] undo summary

# Configure RIPv2 on Switch B.

[SwitchB] rip

[SwitchB-rip-1] version 2

[SwitchB-rip-1] undo summary

# Display the RIP routing table on Switch A.

[SwitchA] display rip 1 route

Route Flags: R - RIP, T - TRIP

              P - Permanent, A - Aging, S - Suppressed, G - Garbage-collect

--------------------------------------------------------------------------

 Peer 192.168.1.2  on Vlan-interface100

      Destination/Mask         Nexthop     Cost     Tag   Flags   Sec

         10.2.1.0/24       192.168.1.2        1       0    RA      16

         10.1.1.0/24       192.168.1.2        1       0    RA      16

From the routing table, you can see RIPv2 uses classless subnet masks.

 

 

2.7  Troubleshooting RIP

2.7.1  No RIP Updates Received

Symptom:

No RIP updates are received when the links work well.

Analysis:

After enabling RIP, you must use the network command to enable corresponding interfaces. Make sure no interfaces are disabled from handling RIP messages.

If the peer is configured to send multicast messages, the same should be configured on the local end.

Solution:

l           Use the display current-configuration command to check RIP configuration

l           Use the display rip command to check whether some interface is disabled

2.7.2  Route Oscillation Occurred

Symptom:

When all links work well, route oscillation occurs on the RIP network. After displaying the routing table, you may find some routes appear and disappear in the routing table intermittently.

Analysis:

In the RIP network, make sure all the same timers within the whole network are identical and relationships between timers are reasonable. For example, the timeout timer value should be larger than the update timer value.

Solution:

l           Use the display rip command to check the configuration of RIP timers

l           Use the timers command to adjust timers properly.

 

Chapter 3  Routing Policy Configuration

 

 

A routing policy is used on a router for route inspection, filtering, attributes modification when routes are received, advertised, or redistributed.

When configuring routing policy, go to these sections for information you are interested in:

l           Introduction to Routing Policy

l           Routing Policy Configuration Task List

l           Defining Filtering Lists

l           Configuring a Routing Policy

l           Displaying and Maintaining the Routing Policy

l           Routing Policy Configuration Example

l           Troubleshooting Routing Policy Configuration

3.1  Introduction to Routing Policy

3.1.1  Routing Policy

A routing policy is used on the router for route inspection, filtering, attributes modifying when routes are received, advertised, or redistributed.

When distributing or receiving routing information, a router can use a routing policy to filter routing information. For example, a router receives or advertises only routing information that matches the criteria of a routing policy; a routing protocol redistributes routes from another protocol only routes matching the criteria of a routing policy and modifies some attributes of these routes to satisfy its needs using the routing policy.

To implement a routing policy, you need to define a set of match criteria according to attributes in routing information, such as destination address, advertising router’s address and so on. The match criteria can be set beforehand and then apply them to a routing policy for route distribution, reception and redistribution.

3.1.2  Filters

Routing protocols can use three filters: ACL, IP prefix list, and routing policy.

I. ACL

ACL involves IPv4 ACL only. When defining an ACL, you can specify IP addresses and prefixes to match destinations or next hops of routing information.

For ACL configuration, refer to ACL configuration.

II. IP prefix list

IP prefix list plays a role similar to ACL, but it is more flexible than ACL and easier to understand. When an IP prefix list is applied to filtering routing information, its matching object is the destination address of routing information. Moreover, you can specify the gateway option to indicate that only routing information advertised by certain routers will be received.

An IP prefix list is identified by name. Each IP prefix list can comprise multiple items, and each item, which is identified by an index number, can specify a matching range in the network prefix format. The index number indicates the matching sequence of items in the IP prefix list.

During matching, the router compares the packet with the items in the ascending order. If one item is matched, the IP prefix list filter is passed, and the packet will not go to the next item.

III. Routing policy

A routing policy is used to match against some attributes in given routing information and modify the attributes of the information if match conditions are satisfied. It can reference the above mentioned filters to define its own match criteria.

A routing policy can comprise multiple nodes, which are in logic OR relationship. Each node is a match unit, and the system compares each node to a packet in the order of node sequence number. Once a node is matched, the routing policy is passed and the packet will not go through the next node.

Each node comprises a set of if-match and apply clauses. The if-match clauses define the match criteria. The matching objects are some attributes of routing information. The different if-match clauses on a node is in logical AND relationship. Only when the matching conditions specified by all the if-match clauses on the node are satisfied, can routing information pass the node. The apply clauses specify the actions to be performed after the node is passed, concerning the attribute settings for routing information.

3.1.3  Routing Policy Application

A routing policy is applied in two ways:

l           When redistributing routes from other routing protocols, a routing protocol accepts only routes passing the routing policy.

l           When receiving or advertising routing information, a routing protocol uses the routing policy to filter routing information.

3.2  Routing Policy Configuration Task List

Complete the following tasks to configure a routing policy:

Task
Defining Filtering Lists	Defining an IPv4 prefix List
Configuring a Routing Policy	Creating a Routing Policy
	Defining if-match Clauses for the Routing Policy
	Defining apply Clauses for the Routing Policy

 

3.3  Defining Filtering Lists

3.3.1  Prerequisites

Before configuring this task, you need to decide on:

l           IP-prefix list name

l           Matching address range

3.3.2  Defining an IPv4 prefix List

Identified by name, each IPv4 prefix list can comprise multiple items. Each item specifies a matching address range in the form of network prefix identified by index number.

During matching, the system compares the route to each item identified by index number in the ascending order. If one item matches, the route passes the IP-prefix list, without needing to match against the next item.

Follow these steps to define an IPv4 prefix list:

To do…	Use the command…	Remarks
Enter system view	system-view	—
Define an IPv4 prefix list	ip ip-prefix ip-prefix-name [ index index-number ] { permit | deny } ip-address mask-length [ greater-equal min-mask-length ] [ less-equal max-mask-length ]	Required Not defined by default

 

 

For example, the following configuration filters routes 10.1.0.0/16, 10.2.0.0/16 and 10.3.0.0/16, but allows other routes to pass.

<Sysname> system-view

[Sysname] ip ip-prefix abc index 10 deny 10.1.0.0 16

[Sysname] ip ip-prefix abc index 20 deny 10.2.0.0 16

[Sysname] ip ip-prefix abc index 30 deny 10.3.0.0 16

[Sysname] ip ip-prefix abc index 40 permit 0.0.0.0 0 less-equal 32

3.4  Configuring a Routing Policy

A routing policy is used to filter routing information according to some attributes, and modify some attributes of the routing information that matches the routing policy. Match criteria can be configured using filters above mentioned.

A routing policy can comprise multiple nodes, each node contains:

l           if-match clauses: Define the match criteria that routing information must satisfy. The matching objects are some attributes of routing information.

l           apply clauses: Specify the actions performed after specified match criteria are satisfied, concerning attribute settings for passed routing information.

3.4.1  Prerequisites

Before configuring this task, you have completed:

l           Filtering list configuration

l           Routing protocol configuration

You also need to decide on:

l           Name of the routing policy, node sequence numbers

l           Match criteria

l           Attributes to be modified

3.4.2  Creating a Routing Policy

Follow these steps to create a routing policy:

To do…	Use the command…	Remarks
Enter system view	system-view	—
Create a routing policy and enter its view	route-policy route-policy-name { permit | deny } node node-number	Required

 

 

3.4.3  Defining if-match Clauses for the Routing Policy

Follow these steps to define if-match clauses for a route-policy:

To do…		Use the command…	Remarks
Enter system view		system-view	—
Enter routing policy view		route-policy route-policy-name { permit | deny } node node-number	—
Define match criteria for IPv4 routes	Match IPv4 routes having destinations specified in the ACL	if-match acl acl-number	Optional Not configured by default
	Match IPv4 routes having destinations specified in the IP prefix list	if-match ip-prefix ip-prefix-name
	Match IPv4 routes having next hops or sources specified in the ACL or IP prefix list	if-match ip { next-hop | route-source } { acl acl-number | ip-prefix ip-prefix-name }	Optional Not configured by default
Match routes having the specified cost		if-match cost value	Optional Not configured by default
Match routes having specified outbound interface(s)		if-match interface { interface-type interface-number }&<1-16>	Optional Not configured by default
Match rip routes having the specified tag value		if-match tag value	Optional Not configured by default

 

 

3.4.4  Defining apply Clauses for the Routing Policy

Follow these steps to define apply clauses for a route-policy:

To do…	Use the command…	Remarks
Enter system view	system-view	—
Create a routing policy and enter its view	route-policy route-policy-name { permit | deny } node node-number	Required Not created by default
Set a cost for routes	apply cost [ + | - ] value	Optional Not set by default
Set a next hop for IPv4 routes	apply ip-address next-hop ip-address	Optional Not set by default
Set a preference for the matched routing protocol	apply preference preference	Optional Not set by default
Set a tag value for routes	apply tag value	Optional Not set by default

 

 

3.5  Displaying and Maintaining the Routing Policy

To do…	Use the command…	Remarks
Display IPv4 prefix list statistics	display ip ip-prefix [ ip-prefix-name ]	Available in any view
Display routing policy information	display route-policy [ route-policy-name ]
Clear IPv4 prefix list statistics	reset ip ip-prefix [ ip-prefix-name ]	Available in user view

 

3.6  Routing Policy Configuration Example

3.6.1  Applying Routing Policy When Redistributing IPv4 Routes

I. Network Requirements

As shown in the following figure, Switch A and Switch B communicate with each other at the network layer through RIPv2. Switch A has static routes to networks 20.0.0.0/8, 30.0.0.0/8, and 40.0.0.0/8. Switch B needs to access these networks through Switch A, while Switch A allows Switch B to access networks 20.0.0.0/8 and 40.0.0.0/8, but not 30.0.0.0/8.

II. Network diagram

Figure 3-1 Network diagram for routing policy application on IPv4 route redistribution

III. Configuration procedure

1)         Configure Switch A.

# Configure IP addresses of the interfaces (omitted).

# Configure RIP basic functions.

<SwitchA> system-view

[SwitchA] rip

[SwitchA-rip-1] version 2

[SwitchA-rip-1] undo summary

[SwitchA-rip-1] network 192.168.1.0

[SwitchA-rip-1] quit

# Configure three static routes.

[SwitchA] ip route-static 20.0.0.0 255.0.0.0 172.17.1.2

[SwitchA] ip route-static 30.0.0.0 255.0.0.0 172.17.1.2

[SwitchA] ip route-static 40.0.0.0 255.0.0.0 172.17.1.2

# Configure an ACL.

[SwitchA] acl number 2000

[SwitchA-acl-basic-2000] rule deny source 30.0.0.0 0.255.255.255

[SwitchA-acl-basic-2000] rule permit source any

[SwitchA-acl-basic-2000] quit

# Redistribute static routes.

[SwitchA] rip

[SwitchA-rip-1] import-route static

# Apply ACL 2000 to filter the routing information to be advertised to Switch B.

[SwitchA-rip-1] filter-policy 2000 export vlan-interface 100

[SwitchA-rip-1] quit

2)         Configure Switch B.

# Configure IP addresses of the interfaces (omitted).

# Configure RIP basic functions.

<SwitchB> system-view

[SwitchB] rip

[SwitchB-rip-1] version 2

[SwitchB-rip-1] undo summary

[SwitchB-rip-1] network 192.168.1.0

[SwitchB-rip-1] network 10.0.0.0

[SwitchB-rip-1] quit

3)         Display the RIP routing table of Switch B and verify the configuration.

[SwitchB] display rip 1 route

 Route Flags: R - RIP, T - TRIP

              P - Permanent, A - Aging, S - Suppressed, G - Garbage-collect ----------------------------------------------------------------------

 Peer 192.168.1.3  on Vlan-interface100

      Destination/Mask        Nexthop     Cost    Tag   Flags   Sec

         20.0.0.0/8       192.168.1.3         1       0    RA      14

         40.0.0.0/8       192.168.1.3         1       0    RA      14

The display shows that Switch B has only the routing information permitted by ACL 2000. Therefore, the configurations above can meet the configuration requirements.

3.7  Troubleshooting Routing Policy Configuration

3.7.1  IPv4 Routing Information Filtering Failure

I. Symptom

Filtering routing information failed, while routing protocol runs normally.

II. Analysis

At least one item of the IP prefix list should be configured as permit mode, and at least one node in the Route-policy should be configured as permit mode.

III. Processing procedure

1)         Use the display ip ip-prefix command to display IP prefix list information.

2)         Use the display route-policy command to display routing policy information.