Table of Contents

Chapter 1 IPv6 Static Routing Configuration. 1-1

1.1 Introduction to IPv6 Static Routing. 1-1

1.1.1 Features of IPv6 Static Routes. 1-1

1.1.2 Default IPv6 Route. 1-1

1.2 Configuring an IPv6 Static Route. 1-1

1.2.1 Configuration prerequisites. 1-1

1.2.2 Configuring an IPv6 Static Route. 1-2

1.3 Displaying and Maintaining IPv6 Static Routes. 1-2

1.4 IPv6 Static Routing Configuration Example. 1-2

Chapter 2 IPv6 RIPng Configuration. 2-1

2.1 Introduction to RIPng. 2-1

2.1.1 RIPng Working Mechanism.. 2-1

2.1.2 RIPng Packet Format 2-2

2.1.3 RIPng Packet Processing Procedure. 2-3

2.1.4 Protocols and Standards. 2-3

2.2 Configuring RIPng Basic Functions. 2-4

2.2.1 Configuration Prerequisites. 2-4

2.2.2 Configuration Procedure. 2-4

2.3 Configuring RIPng Route Control 2-4

2.3.1 Configuring an Additional Routing Metric. 2-5

2.3.2 Configuring RIPng Route Summarization. 2-5

2.3.3 Advertising a Default Route. 2-5

2.3.4 Configuring a RIPng Route Filtering Policy. 2-6

2.3.5 Configuring a Priority for RIPng. 2-6

2.3.6 Configuring RIPng Route Redistribution. 2-7

2.4 Tuning and Optimizing the RIPng Network. 2-7

2.4.1 Configuring RIPng Timers. 2-7

2.4.2 Configuring Split Horizon and Poison Reverse. 2-8

2.4.3 Configuring Zero Field Check on RIPng Packets. 2-9

2.5 Displaying and Maintaining RIPng. 2-10

2.6 RIPng Configuration Example. 2-10

Chapter 3 Routing Policy Configuration. 3-1

3.1 Introduction to Routing Policy. 3-1

3.1.1 Routing Policy. 3-1

3.1.2 Filters. 3-1

3.1.3 Routing Policy Application. 3-2

3.2 Defining Filtering Lists. 3-2

3.2.1 Prerequisites. 3-2

3.2.2 Defining an IPv6 Prefix List 3-2

3.3 Configuring a Routing Policy. 3-3

3.3.1 Prerequisites. 3-3

3.3.2 Creating a Routing Policy. 3-4

3.3.3 Defining if-match Clauses for the Routing Policy. 3-4

3.3.4 Defining apply Clauses for the Routing Policy. 3-5

3.4 Displaying and Maintaining the Routing Policy. 3-6

3.5 Routing Policy Configuration Example. 3-6

3.5.1 Applying Routing Policy When Redistributing IPv6 Routes. 3-6

3.6 Troubleshooting Routing Policy Configuration. 3-8

3.6.1 IPv4 Routing Information Filtering Failure. 3-8

3.6.2 IPv6 Routing Information Filtering Failure. 3-8

 

Chapter 1  IPv6 Static Routing Configuration

 

 

1.1  Introduction to IPv6 Static Routing

Static routes are special routes that are manually configured by network administrators. They work well in simple networks. Configuring and using them properly can improve the performance of networks and guarantee enough bandwidth for important applications.

However, static routes also have shortcomings: any topology changes could result in unavailable routes, requiring the network administrator to manually configure and modify the static routes.

1.1.1  Features of IPv6 Static Routes

Similar to IPv4 static routes, IPv6 static routes work well in simple IPv6 network environments.

Their major difference lies in the destination and next hop addresses. IPv6 static routes use IPv6 addresses whereas IPv4 static routes use IPv4 addresses.

1.1.2  Default IPv6 Route

The IPv6 static route that has the destination address configured as ::/0 (indicating a prefix length of 0) is the default IPv6 route. If the destination address of an IPv6 packet does not match any entry in the routing table, this default route will be used to forward the packet.

1.2  Configuring an IPv6 Static Route

In small IPv6 networks, IPv6 static routes can be used to forward packets. In comparison to dynamic routes, it helps to save network bandwidth.

1.2.1  Configuration prerequisites

l           Enabling IPv6 packet forwarding

l           Ensuring that the neighboring nodes are IPv6 reachable

1.2.2  Configuring an IPv6 Static Route

Follow these steps to configure an IPv6 static route:

To do...	Use the commands…	Remarks
Enter system view	System-view	—
Configure an IPv6 static route	ipv6 route-static ipv6-address prefix-length [ interface-type interface-number ] nexthop-address [ preference preference-value ]	Required The default preference of IPv6 static routes is 60.

 

1.3  Displaying and Maintaining IPv6 Static Routes

To do...	Use the command...	Remarks
Display IPv6 static route information	display ipv6 routing-table protocol static [ inactive | verbose ]	Available in any view
Remove all IPv6 static routes	delete ipv6 static-routes all	Available in system view

 

 

1.4  IPv6 Static Routing Configuration Example

I. Network requirements

With IPv6 static routes configured, all hosts and switches can interact with each other.

II. Network diagram

Figure 1-1 Network diagram for static routes

III. Configuration procedure

1)         Configure the IPv6 addresses of all VLAN interfaces (Omitted)

2)         Configure IPv6 static routes.

# Configure the default IPv6 static route on Switch A.

<SwitchA> system-view

[SwitchA] ipv6

[SwitchA] ipv6 route-static :: 0 4::2

# Configure two IPv6 static routes on Switch B.

<SwitchB> system-view

[SwitchB] ipv6

[SwitchB] ipv6 route-static 1:: 64 4::1

[SwitchB] ipv6 route-static 3:: 64 5::1

# Configure the default IPv6 static route on Switch C.

<SwitchC> system-view

[SwitchC] ipv6

[SwitchC] ipv6 route-static :: 0 5::2

3)         Configure the IPv6 addresses of hosts and gateways.

Configure the IPv6 addresses of all the hosts based upon the network diagram, configure the default gateway of Host A as 1::1, that of Host B as 2::1, and that of Host C as 3::1.

4)         Display configuration information

# Display the IPv6 routing table of Switch A.

[SwitchA] display ipv6 routing-table

Routing Table :

         Destinations : 7        Routes : 7

Destination: ::/0                                        Protocol  : Static

NextHop    : 4::2                                        Preference: 60

Interface  : Vlan200                                     Cost      : 0

 

Destination: ::1/128                                     Protocol  : Direct

NextHop    : ::1                                         Preference: 0

Interface  : InLoop0                                     Cost      : 0

 

Destination: 1::/64                                      Protocol  : Direct

NextHop    : 1::1                                        Preference: 0

Interface  : Vlan100                                     Cost      : 0

 

Destination: 1::1/128                                    Protocol  : Direct

NextHop    : ::1                                         Preference: 0

Interface  : InLoop0                                     Cost      : 0

 

Destination: 4::/64                                      Protocol  : Direct

NextHop    : 4::1                                        Preference: 0

Interface  : Vlan200                                     Cost      : 0

 

Destination: 4::1/128                                    Protocol  : Direct

NextHop    : ::1                                         Preference: 0

Interface  : InLoop0                                     Cost      : 0

 

Destination: FE80::/10                                   Protocol  : Direct

NextHop    : ::                                          Preference: 0

Interface  : NULL0                                       Cost      : 0

# Verify the connectivity with the ping command.

[SwitchA] ping ipv6 3::1

  PING 3::1 : 56  data bytes, press CTRL_C to break

    Reply from 3::1

    bytes=56 Sequence=1 hop limit=254  time = 63 ms

    Reply from 3::1

    bytes=56 Sequence=2 hop limit=254  time = 62 ms

    Reply from 3::1

    bytes=56 Sequence=3 hop limit=254  time = 62 ms

    Reply from 3::1

    bytes=56 Sequence=4 hop limit=254  time = 63 ms

    Reply from 3::1

    bytes=56 Sequence=5 hop limit=254  time = 63 ms

 

  --- 3::1 ping statistics ---

    5 packet(s) transmitted

    5 packet(s) received

    0.00% packet loss

    round-trip min/avg/max = 62/62/63 ms

 

Chapter 2  IPv6 RIPng Configuration

 

 

2.1  Introduction to RIPng

RIP next generation (RIPng) is an extension of RIP-2 for IPv4. Most RIP concepts are applicable in RIPng.

RIPng for IPv6 made the following changes to RIP:

l           UDP port number: RIPng uses UDP port 521 for sending and receiving routing information.

l           Multicast address: RIPng uses FF02:9 as the link-local multicast address.

l           Destination Prefix: 128-bit destination address prefix.

l           Next hop: 128-bit IPv6 address.

l           Source address: RIPng uses FE80::/10 as the link-local source address

2.1.1  RIPng Working Mechanism

RIPng is a routing protocol based on the distance vector (D-V) algorithm. RIPng uses UDP packets to exchange routing information through port 521.

RIPng uses a hop count to measure the distance to a destination. The hop count is referred to as metric or cost. The hop count from a router to a directly connected network is 0. The hop count between two directly connected routers is 1. When the hop count is greater than or equal to 16, the destination network or host is unreachable.

By default, the routing update is sent every 30 seconds. If the router receives no routing updates from a neighbor after 180 seconds, the routes learned from the neighbor are considered as unreachable. After another 240 seconds, if no routing update is received, the router will remove these routes from the routing table.

RIPng supports Split Horizon and Poison Reverse to prevent routing loops, and route redistribution.

Each RIPng router maintains a routing database, including route entries of all reachable destinations. A route entry contains the following information:

l           Destination address: IPv6 address of a host or a network.

l           Next hop address: IPv6 address of a neighbor along the path to the destination.

l           Egress interface: Outbound interface that forwards IPv6 packets.

l           Metric: Cost from the local router to the destination.

l           Route time: Time that elapsed since a route entry is last changed. Each time a route entry is modified, the routing time is set to 0.

l           Route tag: Identifies the route, used in routing policy to control routing information.

2.1.2  RIPng Packet Format

I. Basic format

A RIPng packet consists of a header and multiple route table entries (RTEs). The maximum number of RTEs in a packet depends on the MTU of the sending interface.

Figure 2-1 shows the packet format of RIPng.

Figure 2-1 RIPng basic packet format

l           Command: Type of message. 0x01 indicates Request, 0x02 indicates Response.

l           Version: Version of RIPng. It can only be 0x01 currently.

l           RTE: Route table entry, 20 bytes for each entry.

II. RTE format

There are two types of RTE in RIPng.

l           Next hop RTE: Defines the IPv6 address of a next hop

l           IPv6 prefix RTE: Describes the destination IPv6 address, route tag, prefix length and metric in the RIPng routing table.

Figure 2-2 shows the format of the next hop RTE:

Figure 2-2 Next hop RTE format

IPv6 next hop address is the IPv6 address of the next hop.

Figure 2-3 shows the format of the IPv6 prefix RTE.

Figure 2-3 IPv6 prefix RTE format

l           IPv6 prefix: Destination IPv6 address prefix.

l           Route tag: Route tag.

l           Prefix len: Length of the IPv6 address prefix.

l           Metric: Cost of a route.

2.1.3  RIPng Packet Processing Procedure

I. Request packet

When a RIPng router first starts or needs to update some entries in its routing table, generally a multicast request packet is sent to ask for needed routes from neighbors.

The receiving RIPng router processes RTEs in the request. If there is only one RTE with the IPv6 prefix and prefix length both being 0, and with a metric value of 16, the RIPng router will respond with the entire routing table information in response messages. If there are multiple RTEs in the request message, the RIPng router will examine each RTE, update its metric, and send the requested routing information to the requesting router in the response packet.

II. Response packet

The response packet containing the local routing table information is generated as:

l           A response to a request

l           An update periodically

l           A trigged update caused by route change

After receiving a response, a router checks the validity of the response before adding the route to its routing table, such as whether the source IPv6 address is the link-local address, whether the port number is correct. The response packet failed the check will be discarded.

2.1.4  Protocols and Standards

l           RFC2080: RIPng for IPv6

l           RFC2081: RIPng Protocol Applicability Statement

l           RFC2453: RIP Version 2

2.2  Configuring RIPng Basic Functions

In this section, you are presented with the information to configure the basic RIPng features.

You need to enable RIPng first before configuring other tasks, but it is not necessary for RIPng related interface configurations, such as assigning an IPv6 address.

2.2.1  Configuration Prerequisites

Before the configuration, accomplish the following tasks first:

l           Enable IPv6 packet forwarding.

l           Configure an IP address for each interface, and make sure all nodes are reachable.

2.2.2  Configuration Procedure

Follow these steps to configure the basic RIPng functions:

To do...	Use the command...	Remarks
Enter system view	system-view	––
Create a RIPng process and enter RIPng view	ripng [ process-id ]	Required Not created by default
Return to system view	quit	—
Enter interface view	interface interface-type interface-number	––
Enable RIPng on the interface	ripng process-id enable	Required Disabled by default

 

 

2.3  Configuring RIPng Route Control

Before the configuration, accomplish the following tasks first:

l           Configure an IPv6 address on each interface, and make sure all nodes are reachable.

l           Configure RIPng basic functions

l           Define an IPv6 ACL before using it for route filtering. Refer to ACL configuration for related information.

l           Define an IPv6 address prefix list before using it for route filtering. Refer to section 3.2.2  "Defining an IPv6 Prefix List" for related information.

2.3.1  Configuring an Additional Routing Metric

An additional routing metric can be added to the metric of an inbound or outbound RIP route, namely, the inbound and outbound additional metric.

The outbound additional metric is added to the metric of a sent route, the route’s metric in the routing table is not changed.

The inbound additional metric is added to the metric of a received route before the route is added into the routing table, so the route’s metric is changed.

Follow these steps to configure an inbound/outbound additional routing metric:

To do...	Use the command...	Remarks
Enter system view	system-view	––
Enter interface view	interface interface-type interface-number	––
Specify an inbound routing additional metric	ripng metricin value	Optional 0 by default
Specify an outbound routing additional metric	ripng metricout value	Optional 1 by default

 

2.3.2  Configuring RIPng Route Summarization

Follow these steps to configure RIPng route summarization:

To do...	Use the command...	Remarks
Enter system view	system-view	––
Enter interface view	interface interface-type interface-number	––
Advertise a summary IPv6 prefix	ripng summary-address ipv6-address prefix-length	Required

 

2.3.3  Advertising a Default Route

Follow these steps to advertise a default route:

To do...	Use the command...	Remarks
Enter system view	system-view	––
Enter interface view	interface interface-type interface-number	––
Advertise a default route	ripng default-route { only | originate } [ cost cost ]	Required Not advertised by default

 

 

2.3.4  Configuring a RIPng Route Filtering Policy

You can reference a configured IPv6 ACL or prefix list to filter received/advertised routing information as needed. For filtering outbound routes, you can also specify a routing protocol from which to filter routing information redistributed.

Follow these steps to configure a RIPng route filtering policy:

To do...	Use the command...	Remarks
Enter system view	system-view	––
Enter RIPng view	ripng [ process-id ]	––
Configure a filter policy to filter incoming routes	filter-policy { acl6-number | ipv6-prefix ipv6-prefix-name } import	Required By default, RIPng does not filter incoming routing information.
Configure a filter policy to filter outgoing routes	filter-policy { acl6-number | ipv6-prefix ipv6-prefix-name } export [ protocol [ process-id ] ]	Required By default, RIPng does not filter outgoing routing information.

 

2.3.5  Configuring a Priority for RIPng

Any routing protocol has its own protocol priority used for optimal route selection. You can set a priority for RIPng manually. The smaller the value is, the higher the priority is.

Follow these steps to configure a RIPng priority:

To do...	Use the command...	Remarks
Enter system view	system-view	—
Enter RIPng view	ripng [ process-id ]	—
Configure a RIPng priority	preference [ route-policy route-policy-name ] preference	Optional By default, the RIPng priority is 100.

 

2.3.6  Configuring RIPng Route Redistribution

Follow these steps to configure RIPng route redistribution:

To do...	Use the command...	Remarks
Enter system view	system-view	––
Enter RIPng view	ripng [ process-id ]	––
Configure a default routing metric for redistributed routes	default cost cost	Optional By default, the default metric of redistributed routes is 0.
Redistribute routes from another routing protocol	import-route protocol [ cost cost | route-policy route-policy-name ] *	Required No route redistribution is configured by default.

 

2.4  Tuning and Optimizing the RIPng Network

This section describes how to tune and optimize the performance of the RIPng network as well as applications under special network environments. Before tuning and optimizing the RIPng network, complete the following tasks:

l           Configure a network layer address for each interface

l           Configure the basic RIPng functions

This section covers the following topics:

l           Configuring RIPng Timers

l           Configuring Split Horizon and Poison Reverse

l           Configuring Zero Field Check on RIPng Packets

2.4.1  Configuring RIPng Timers

You can adjust RIPng timers to optimize the performance of the RIPng network.

Follow these steps to configure RIPng timers:

To do...	Use the command...	Remarks
Enter system view	system-view	—
Enter RIPng view	ripng [ process-id ]	—
Configure RIPng timers	timers { garbage-collect garbage-collect-value | suppress suppress-value | timeout timeout-value | update update-value } *	Optional. The RIPng timers have the following defaults: l      30 seconds for the update timer l      180 seconds for the timeout timer l      120 seconds for the suppress timer l      120 seconds for the garbage-collect timer

 

 

2.4.2  Configuring Split Horizon and Poison Reverse

 

 

I. Configure the split horizon

The split horizon function disables a route learned from an interface from being advertised via the interface to prevent routing loops between neighbors.

Follow these steps to configure the split horizon:

To do...	Use the command...	Remarks
Enter system view	system-view	––
Enter interface view	interface interface-type interface-number	––
Enable the split horizon function	ripng split-horizon	Optional Enabled by default

 

 

II. Configuring the poison reverse function

The poison reverse function enables a route learned from an interface to be advertised via the interface. However, the metric of the route is set to 16. That is to say, the route is unreachable.

Follow these steps to configure poison reverse:

To do...	Use the command...	Remarks
Enter system view	system-view	––
Enter interface view	interface interface-type interface-number	––
Enable the poison reverse function	ripng poison-reverse	Required Disabled by default

 

2.4.3  Configuring Zero Field Check on RIPng Packets

Some fields in the RIPng packet must be zero. These fields are called zero fields. With zero field check on RIPng packets enabled, if such a field contains a non-zero value, the entire RIPng packet will be discarded. If you are sure that all packets are trusty, you can disable the zero field check to save the CPU processing time.

Follow these steps to configure RIPng zero field check:

To do...	Use the command...	Remarks
Enter system view	system-view	––
Enter RIPng view	ripng [ process-id ]	––
Enable the zero field check	checkzero	Optional Enabled by default

 

2.5  Displaying and Maintaining RIPng

To do...	Use the command...	Remarks
Display configuration information of a RIPng process	display ripng [ process-id ]	Available in any view
Display routes in the RIPng database	display ripng process-id database	Available in any view
Display the routing information of a specified RIPng process	display ripng process-id route	Available in any view
Display RIPng interface information	display ripng process-id interface [ interface-type interface-number ]	Available in any view

 

2.6  RIPng Configuration Example

I. Network requirements

As shown in Figure 2-4, all switches run RIPng. Configure Switch B to filter the route (3::/64) learnt from Switch C, which means the route will not be added to the routing table of Switch B, and Switch B will not forward it to Switch A.

II. Network diagram

Figure 2-4 Network diagram for RIPng configuration

III. Configuration procedure

1)         Configure the IPv6 address for each interface (omitted)

2)         Configure basic RIPng functions

# Configure Switch A.

<SwitchA> system-view

[SwitchA] ipv6

[SwitchA] ripng 1

[SwitchA-ripng-1] quit

[SwitchA] interface vlan-interface 100

[SwitchA-Vlan-interface100] ripng 1 enable

[SwitchA-Vlan-interface100] quit

[SwitchA] interface vlan-interface 400

[SwitchA-Vlan-interface400] ripng 1 enable

[SwitchA-Vlan-interface400] quit

# Configure Switch B.

<SwitchB> system-view

[SwitchB] ipv6

[SwitchB] ripng 1

[SwitchB-ripng-1] quit

[SwitchB] interface vlan-interface 200

[SwitchB-Vlan-interface200] ripng 1 enable

[SwitchB-Vlan-interface200] quit

[SwitchB] interface vlan-interface 100

[SwitchB-Vlan-interface100] ripng 1 enable

[SwitchB-Vlan-interface100] quit

# Configure Switch C.

<SwitchC> system-view

[SwitchC] ipv6

[SwitchC] ripng 1

[SwitchC-ripng-1] quit

[SwitchC] interface vlan-interface 200

[SwitchC-Vlan-interface200] ripng 1 enable

[SwitchC-Vlan-interface200] quit

[SwitchC] interface Vlan-interface 500

[SwitchC-Vlan-interface500] ripng 1 enable

[SwitchC-Vlan-interface500] quit

[SwitchC] interface vlan-interface 600

[SwitchC-Vlan-interface600] ripng 1 enable

[SwitchC-Vlan-interface600] quit

# Display the routing table of Switch B.

[SwitchB] display ripng 1 route

   Route Flags: A - Aging, S - Suppressed, G - Garbage-collect

 ----------------------------------------------------------------

 

 Peer FE80::20F:E2FF:FE23:82F5  on Vlan-interface100

 Dest 1::/64,

     via FE80::20F:E2FF:FE23:82F5, cost  1, tag 0, A, 6 Sec

 Dest 2::/64,

     via FE80::20F:E2FF:FE23:82F5, cost  1, tag 0, A, 6 Sec

 

 Peer FE80::20F:E2FF:FE00:100  on Vlan-interface200

 Dest 3::/64,

     via FE80::20F:E2FF:FE00:100, cost  1, tag 0, A, 11 Sec

 Dest 4::/64,

     via FE80::20F:E2FF:FE00:100, cost  1, tag 0, A, 11 Sec

 Dest 5::/64,

     via FE80::20F:E2FF:FE00:100, cost  1, tag 0, A, 11 Sec

# Display the routing table of Switch A.

[SwitchA] display ripng 1 route

   Route Flags: A - Aging, S - Suppressed, G - Garbage-collect

 ----------------------------------------------------------------

 

 Peer FE80::200:2FF:FE64:8904  on Vlan-interface100

 Dest 1::/64,

     via FE80::200:2FF:FE64:8904, cost  1, tag 0, A, 31 Sec

 Dest 4::/64,

     via FE80::200:2FF:FE64:8904, cost  2, tag 0, A, 31 Sec

 Dest 5::/64,

     via FE80::200:2FF:FE64:8904, cost  2, tag 0, A, 31 Sec

 Dest 3::/64,

     via FE80::200:2FF:FE64:8904, cost  1, tag 0, A, 31 Sec

3)         Configure Switch B to filter incoming and outgoing routes.

[SwitchB] acl ipv6 number 2000

[SwitchB-acl6-basic-2000] rule deny source 3::/64

[SwitchB-acl6-basic-2000] rule permit

[SwitchB-acl6-basic-2000] quit

[SwitchB] ripng 1

[SwitchB-ripng-1] filter-policy 2000 import

[SwitchB-ripng-1] filter-policy 2000 export

[SwitchB-ripng-1] quit

# Display routing tables of Switch B and Switch A.

[SwitchB] display ripng 1 route

   Route Flags: A - Aging, S - Suppressed, G - Garbage-collect

 ----------------------------------------------------------------

 

 Peer FE80::20F:E2FF:FE23:82F5  on Vlan-interface100

 Dest 1::/64,

     via FE80::20F:E2FF:FE23:82F5, cost  1, tag 0, A, 2 Sec

 Dest 2::/64,

     via FE80::20F:E2FF:FE23:82F5, cost  1, tag 0, A, 2 Sec

 

 Peer FE80::20F:E2FF:FE00:100  on Vlan-interface200

 Dest 4::/64,

     via FE80::20F:E2FF:FE00:100, cost  1, tag 0, A, 5 Sec

 Dest 5::/64,

     via FE80::20F:E2FF:FE00:100, cost  1, tag 0, A, 5 Sec

[SwitchA] display ripng 1 route

   Route Flags: A - Aging, S - Suppressed, G - Garbage-collect

 ----------------------------------------------------------------

 

 Peer FE80::20F:E2FF:FE00:1235  on Vlan-interface100

 Dest 1::/64,

     via FE80::20F:E2FF:FE00:1235, cost  1, tag 0, A, 2 Sec

 Dest 4::/64,

     via FE80::20F:E2FF:FE00:1235, cost  2, tag 0, A, 2 Sec

 Dest 5::/64,

     via FE80::20F:E2FF:FE00:1235, cost  2, tag 0, A, 2 Sec   

 

Chapter 3  Routing Policy Configuration

3.1  Introduction to Routing Policy

3.1.1  Routing Policy

A routing policy is used on the router for route inspection, filtering, attributes modifying when routes are received, advertised, or redistributed.

When distributing or receiving routing information, a router can use a routing policy to filter routing information. For example, a router receives or advertises only routing information that matches the criteria of a routing policy; a routing protocol redistributes routes from another protocol only routes matching the criteria of a routing policy and modifies some attributes of these routes to satisfy its needs using the routing policy.

To implement a routing policy, you need to define a set of match criteria according to attributes in routing information, such as destination address, advertising router’s address and so on. The match criteria can be set beforehand and then apply them to a routing policy for route distribution, reception and redistribution.

3.1.2  Filters

Routing protocols can use three filters: ACL, IP prefix list and routing policy.

I. ACL

When defining an ACL, you can specify IP addresses and prefixes to match destinations or next hops of routing information.

For ACL configuration, refer to the part discussing ACL operation.

II. IP prefix list

IP prefix list plays a role similar to ACL, but it is more flexible than ACL and easier to understand. When an IP prefix list is applied to filtering routing information, its matching object is the destination address of routing information.

An IP prefix list is identified by name. Each IP prefix list can comprise multiple items, and each item, which is identified by an index number, can specify a matching range in the network prefix format. The index number indicates the matching sequence of items in the IP prefix list.

During matching, the router compares the packet with the items in the ascending order. If one item is matched, the IP prefix list filter is passed, and the packet will not go to the next item.

III. Routing policy

A routing policy is used to match against some attributes in given routing information and modify the attributes of the information if match conditions are satisfied. It can reference the above mentioned filters to define its own match criteria.

A routing policy can comprise multiple nodes, which are in logic OR relationship. Each node is a match unit, and the system compares each node to a packet in the order of node sequence number. Once a node is matched, the routing policy is passed and the packet will not go through the next node.

Each node comprises a set of if-match and apply clauses. The if-match clauses define the match criteria. The matching objects are some attributes of routing information. The different if-match clauses on a node is in logical AND relationship. Only when the matching conditions specified by all the if-match clauses on the node are satisfied, can routing information pass the node. The apply clauses specify the actions to be performed after the node is passed, concerning the attribute settings for routing information.

3.1.3  Routing Policy Application

A routing policy is applied in two ways:

l           When redistributing routes from other routing protocols, a routing protocol accepts only routes passing the routing policy.

l           When receiving or advertising routing information, a routing protocol uses the routing policy to filter routing information.

3.2  Defining Filtering Lists

3.2.1  Prerequisites

Before configuring this task, you need to decide on:

l           IP-prefix list name

l           Matching address range

3.2.2  Defining an IPv6 Prefix List

Identified by name, each IPv6 prefix list can comprise multiple items. Each item specifies a matching address range in the form of network prefix, which is identified by index number.

During matching, the system compares the route to each item in the ascending order of index number. If one item is matched, the route passes the IP-prefix list, without needing to match the next item.

Follow these steps to define an IPv6 prefix list:

To do...	Use the command...	Remarks
Enter system view	system-view	—
Define an IPv6 prefix list	ip ipv6-prefix ipv6-prefix-name [ index index-number ] { deny | permit } ipv6-address prefix-length [ greater-equal min-prefix-length ] [ less-equal max-prefix-length ]	Required Not defined by default

 

 

For example, the following configuration filters routes 2000:1::/48, 2000:2::/48 and 2000:3::/48, but allows other routes to pass.

<Sysname> system-view

[Sysname] ip ipv6-prefix abc index 10 deny 2000:1:: 48

[Sysname] ip ipv6-prefix abc index 20 deny 2000:2:: 48

[Sysname] ip ipv6-prefix abc index 30 deny 2000:3:: 48

[Sysname] ip ipv6-prefix abc index 40 permit :: 0 less-equal 128

3.3  Configuring a Routing Policy

A routing policy is used to filter routing information according to some attributes, and modify some attributes of the routing information that matches the routing policy. Match criteria can be configured using filters above mentioned.

A routing policy can comprise multiple nodes, each node contains:

l           if-match clauses: Define the match criteria that routing information must satisfy. The matching objects are some attributes of routing information.

l           apply clauses: Specify the actions performed after specified match criteria are satisfied, concerning attribute settings for passed routing information.

3.3.1  Prerequisites

Before configuring this task, you have completed:

l           Filtering list configuration

l           Routing protocol configuration

You also need to decide on:

l           Name of the routing policy, node sequence numbers

l           Match criteria

l           Attributes to be modified

3.3.2  Creating a Routing Policy

Follow these steps to create a routing policy:

To do...	Use the command...	Remarks
Enter system view	system-view	—
Create a routing policy and enter its view	route-policy route-policy-name { permit | deny } node node-number	Required

 

 

3.3.3  Defining if-match Clauses for the Routing Policy

Follow these steps to define if-match clauses for a route-policy:

To do...	Use the command...	Remarks
Enter system view	system-view	—
Enter routing policy view	route-policy route-policy-name { permit | deny } node node-number	Required
Match IPv6 routes having the next hop or source specified in the ACL or IP prefix list	if-match ipv6 { address | next-hop | route-source } { acl acl-number | prefix-list ipv6-prefix-name }	Optional Not configured by default
Match routes having the specified cost	if-match cost value	Optional Not configured by default
Match routes having specified outbound interface(s)	if-match interface { interface-type interface-number }&<1-16>	Optional Not configured by default
Match the routes having the specified tag value	if-match tag value	Optional Not configured by default

 

 

3.3.4  Defining apply Clauses for the Routing Policy

Follow these steps to define apply clauses for a route-policy:

To do...	Use the command...	Remarks
Enter system view	system-view	—
Create a routing policy and enter its view	route-policy route-policy-name { permit | deny } node node-number	Required Not created by default
Set a cost for routes	apply cost [ + | - ] value	Optional Not set by default
Set a next hop for IPv6 routes	apply ipv6 next-hop ipv6-address	Optional Not set by default
Set a preference for the matched routing protocol	apply preference preference	Optional Not set by default
Set a tag value for the routes	apply tag value	Optional Not set by default

 

 

3.4  Displaying and Maintaining the Routing Policy

To do...	Use the command...	Remarks
Display IPv6 prefix list statistics	display ip ipv6-prefix [ ipv6-prefix-name ]	Available in any view
Display routing policy information	display route-policy [ route-policy-name ]
Clear IPv6 prefix statistics	reset ip ipv6-prefix [ ipv6-prefix-name ]

 

3.5  Routing Policy Configuration Example

3.5.1  Applying Routing Policy When Redistributing IPv6 Routes

I. Network requirements

l           Enable RIPng on Switch A and Switch B.

l           Configure three static routes on Switch A and apply a routing policy when redistributing static routes, making routes 20::0/32 and 40::0/32 pass, routes in 30::0/32 filtered out.

l           Display RIPng routing table information on Switch B to verify the configuration.

II. Network diagram

Figure 3-1 Network diagram for routing policy application to route redistribution

III. Configuration procedure

1)         Configure Switch A

# Configure IPv6 addresses for VLAN-interface 100 and VLAN-interface 200.

<SwitchA> system-view

[SwitchA] ipv6

[SwitchA] interface vlan-interface 100

[SwitchA-Vlan-interface100] ipv6 address 10::1 32

[SwitchA-Vlan-interface100] quit

[SwitchA] interface vlan-interface 200

[SwitchA-Vlan-interface200] ipv6 address 11::1 32

[SwitchA-Vlan-interface200] quit

# Enable RIPng on VLAN-interface 100.

[SwitchA] interface vlan-interface 100

[SwitchA-Vlan-interface100] ripng 1 enable

[SwitchA-Vlan-interface100] quit

# Configure three static routes.

[SwitchA] ipv6 route-static 20:: 32 11::2

[SwitchA] ipv6 route-static 30:: 32 11::2

[SwitchA] ipv6 route-static 40:: 32 11::2

# Configure routing policy.

[SwitchA] ip ipv6-prefix a index 10 permit 30:: 32

[SwitchA] route-policy static2ripng deny node 0

[SwitchA-route-policy] if-match ipv6 address prefix-list a

[SwitchA-route-policy] quit

[SwitchA] route-policy static2ripng permit node 10

[SwitchA-route-policy] quit

# Enable RIPng and redistribute static routes.

[SwitchA] ripng

[SwitchA-ripng-1] import-route static route-policy static2ripng

2)         Configure Switch B.

# Configure the IPv6 address for VLAN-interface 100.

[SwitchB] ipv6

[SwitchB] interface vlan-interface 100

[SwitchB-Vlan-interface100] ipv6 address 10::2 32

# Enable RIPng on VLAN-interface 100.

[SwitchB-Vlan-interface100] ripng 1 enable

[SwitchB-Vlan-interface100] quit

# Enable RIPng.

[SwitchB] ripng

# Display RIPng routing table information.

[SwitchB-ripng-1] display ripng 1 route

   Route Flags: A - Aging, S - Suppressed, G - Garbage-collect

 ----------------------------------------------------------------

 

 Peer FE80::7D58:0:CA03:1  on Vlan-interface 100

 Dest 10::/32,

     via FE80::7D58:0:CA03:1, cost  1, tag 0, A, 18 Sec

 Dest 20::/32,

     via FE80::7D58:0:CA03:1, cost  1, tag 0, A, 8 Sec

 Dest 40::/32,

     via FE80::7D58:0:CA03:1, cost  1, tag 0, A, 3 Sec 

3.6  Troubleshooting Routing Policy Configuration

3.6.1  IPv4 Routing Information Filtering Failure

I. Symptom

Filtering routing information failed, while routing protocol runs normally.

II. Analysis

At least one item of the IP prefix list should be configured as permit mode, and at least one node in the Route-policy should be configured as permit mode.

III. Processing procedure

1)         Use the display ip ip-prefix command to display IP prefix list information.

2)         Use the display route-policy command to display routing policy information.

3.6.2  IPv6 Routing Information Filtering Failure

I. Symptom

Filtering routing information failed, while routing protocol runs normally.

II. Analysis

At least one item of the IPv6 prefix list should be configured as permit mode, and at least one node of the Route-policy should be configured as permit mode.

III. Processing procedure

1)         Use the display ip ipv6-prefix command to display IP prefix list information.

2)         Use the display route-policy command to display routing policy information.