00-S12500_IP_FRR_Configuration_Examples
Chapters Download (169.35 KB)
| Title | Size | Download |
|---|---|---|
| 00-S12500_IP_FRR_Configuration_Examples | 169.35 KB |
Contents
General configuration restrictions and guidelines
Example: Configuring static route FRR
Configuration restrictions and guidelines
Configuration restrictions and guidelines
Configuration restrictions and guidelines
This document provides configuration examples for static route FRR, OSPF FRR, and RIP FRR.
IP FRR was introduced to speed up route convergence by providing backup routes. When a switch detects a failure by using BFD, it handles the failure locally by replacing the invalid route with the backup route, instead of flooding the routing information or performing route calculation. Before the route convergence is complete, the backup route is used to forward packets. The network interruption time is minimized, and it approximately equals the time for failure detection plus the time for replacing the invalid route with the backup route.
The following routing protocols implement IP FRR in different ways:
· For static routing, specify a backup output interface and backup next hop when you configure a static route.
· For OSPF and IS-IS, the following methods are available:
? Use a routing policy to designate a backup next hop for packets matching a specific IP prefix.
? Use the fast-reroute auto command to enable OSPF and IS-IS to automatically calculate a backup next hop.
OSPF FRR and IS-IS FRR configurations are similar. This document provides only an example for configuring OSPF FRR.
· For RIP, use a routing policy to designate a backup next hop for packets matching a specific IP prefix.
The configuration examples in this document were created and verified in a lab environment, and all the devices were started with the factory default configuration. When you are working on a live network, make sure you understand the potential impact of every command on your network.
This document assumes that you have basic knowledge of H3C IP FRR.
IP tunnels, such as IPv6 over IPv4 tunnels, do not support IP FRR, because they do not support BFD to detect link failures.
As shown in Figure 1, configure static route FRR to make sure when Link A becomes unidirectional, traffic can be switched to Link B immediately.
To meet the network requirements, you must perform the following tasks:
· For Switch S and Switch D to immediately detect unidirectional failures on Link A, enable BFD on Switch S and Switch D.
· For the backup link (Link B) to take effect immediately when Link A fails, enable FRR on Switch S and Switch D.
This configuration example was created and verified on S12500-CMW710-R7129.
When you configure static route FRR, follow these restrictions and guidelines:
· FRR takes effect only for static routes with both the output interface and next hop specified. When you configure static routes, you must specify both the output interface and next hop for the static routes.
· Do not use static route FRR and static route BFD at the same time.
1. Configure IP addresses and subnet masks for interfaces on the switches, as shown in Figure 1. (Details not shown.)
2. Configure static route FRR:
# On Switch S, configure the source IP address of BFD echo packets. ICMP redirection might be enabled on the peer device. Therefore, H3C recommends configuring an IP address that is not in use as the source IP address of BFD echo packets.
<SwitchS> system-view
[SwitchS] bfd echo-source-ip 10.1.1.1
# On Switch S, configure a static route to Loopback 0 of Switch D, and specify a backup output interface and backup next hop for the static route.
[SwitchS] ip route-static 4.4.4.4 32 Vlan-interface200 13.13.13.2 backup-interface Vlan-interface100 backup-nexthop 12.12.12.2
# On Switch D, configure the source IP address of BFD echo packets. ICMP redirection might be enabled on the peer device. Therefore, H3C recommends configuring an IP address that is not in use as the source IP address of BFD echo packets.
<SwitchD> system-view
[SwitchD] bfd echo-source-ip 40.4.4.4
# On Switch D, configure a static route to Loopback 0 of Switch S. Specify a backup output interface and backup next hop for the static route.
[SwitchD] ip route-static 1.1.1.1 32 Vlan-interface200 13.13.13.1 backup-interface Vlan-interface101 backup-nexthop 24.24.24.2
3. On Switch A, configure static routes to Loopback 0 of Switch S and Switch D.
<SwitchA> system-view
[SwitchA] ip route-static 4.4.4.4 32 vlan-interface 101 24.24.24.4
[SwitchA] ip route-static 1.1.1.1 32 vlan-interface 100 12.12.12.1
# Display route 4.4.4.4/32 on Switch S to view the backup next hop information.
<SwitchS> display ip routing-table 4.4.4.4 verbose
Summary Count : 1
Destination: 4.4.4.4/32
Protocol: Static Process ID: 0
SubProtID: 0x0 Age: 00h42m37s
Cost: 0 Preference: 60
Tag: 0 State: Active Adv
OrigTblID: 0x0 OrigVrf: default-vrf
TableID: 0x2 OrigAs: 0
NBRID: 0x11000002 LastAs: 0
AttrID: 0xffffffff Neighbor: 0.0.0.0
Flags: 0x10040 OrigNextHop: 13.13.13.2
Label: NULL RealNextHop: 13.13.13.2
BkLabel: NULL BkNextHop: 12.12.12.2
Tunnel ID: Invalid Interface: Vlan-interface200
BkTunnel ID: Invalid BkInterface: Vlan-interface100
# Display route 1.1.1.1/32 on Switch D to view the backup next hop information.
[SwitchD] display ip routing-table 1.1.1.1 verbose
Summary Count : 1
Destination: 1.1.1.1/32
Protocol: Static Process ID: 0
SubProtID: 0x0 Age: 00h56m00s
Cost: 0 Preference: 60
Tag: 0 State: Active Adv
OrigTblID: 0x0 OrigVrf: default-vrf
TableID: 0x2 OrigAs: 0
NBRID: 0x11000002 LastAs: 0
AttrID: 0xffffffff Neighbor: 0.0.0.0
Flags: 0x10040 OrigNextHop: 13.13.13.1
Label: NULL RealNextHop: 13.13.13.1
BkLabel: NULL BkNextHop: 24.24.24.2
Tunnel ID: Invalid Interface: Vlan-interface200
BkTunnel ID: Invalid BkInterface: Vlan-interface101
· Switch S:
#
version 7.1.034, Release 7129
#
sysname SwitchS
#
bfd echo-source-ip 10.1.1.1
#
vlan 1
#
vlan 100
#
vlan 200
#
interface Vlan-interface100
ip address 12.12.12.1 255.255.255.0
#
interface Vlan-interface200
ip address 13.13.13.1 255.255.255.0
#
interface GigabitEthernet3/0/21
port link-type trunk
port trunk permit vlan 100
undo port trunk permit vlan 1
#
interface GigabitEthernet3/0/22
port link-type trunk
port trunk permit vlan 200
undo port trunk permit vlan 1
#
ip route-static 4.4.4.4 32 Vlan-interface200 13.13.13.2 backup-interface Vlan-interface100 backup-nexthop 12.12.12.2
#
· Switch D:
#
version 7.1.034, Release 7129
#
sysname SwitchD
#
bfd echo-source-ip 40.4.4.4
#
vlan 1
#
vlan 101
#
vlan 200
#
interface Vlan-interface101
ip address 24.24.24.4 255.255.255.0
#
interface Vlan-interface200
ip address 13.13.13.2 255.255.255.0
#
interface GigabitEthernet4/0/47
port link-type trunk
port trunk permit vlan 101
undo port trunk permit vlan 1
#
interface GigabitEthernet4/0/48
port link-type trunk
port trunk permit vlan 200
undo port trunk permit vlan 1
#
ip route-static 1.1.1.1 32 Vlan-interface200 13.13.13.1 backup-interface Vlan-interface101 backup-nexthop 24.24.24.2
#
· Switch A:
#
interface Vlan-interface101
ip address 24.24.24.2 255.255.255.0
#
interface Vlan-interface100
ip address 12.12.12.2 255.255.255.0
#
interface GigabitEthernet2/0/1
port link-type trunk
port trunk permit vlan 100
undo port trunk permit vlan 1
#
interface GigabitEthernet2/0/2
port link-type trunk
port trunk permit vlan 101
undo port trunk permit vlan 1
#
ip route-static 4.4.4.4 32 vlan-interface 101 24.24.24.4
ip route-static 1.1.1.1 32 vlan-interface 100 12.12.12.1
#
As shown in Figure 2, configure OSPF FRR to make sure when Link A becomes unidirectional, traffic can be switched to Link B immediately.
To meet the network requirements, you must perform the following tasks:
· For Switch S and Switch D to immediately detect unidirectional failures on Link A, enable BFD on Switch S and Switch D.
· For the backup link (Link B) to take effect immediately when Link A fails, enable FRR on Switch S and Switch D by using routing policies to designate backup next hops.
This configuration example was created and verified on S12500-CMW710-R7129.
When you configure OSPF FRR, follow these restrictions and guidelines:
· Do not use OSPF FRR and OSPF BFD at the same time.
· Do not use the fast-reroute auto command together with the commands vlink-peer, sham-link, enable traffic-adjustment, and enable traffic-adjustment advertise.
1. Configure IP addresses for interfaces and enable OSPF on the switches:
# Configure the IP address and subnet mask for each interface, as shown in Figure 2. (Details not shown.)
# Configure OSPF on the switches to make sure Switch S, Switch A, and Switch D can communicate with each other at the network layer and implement dynamic route update. (Details not shown.)
2. Configure OSPF FRR:
# On Switch S, configure the source IP address of BFD echo packets. ICMP redirection might be enabled on the peer device. Therefore, H3C recommends configuring an IP address that is not in use as the source IP address of BFD echo packets.
<SwitchS> system-view
[SwitchS] bfd echo-source-ip 10.1.1.1
# On Switch S, configure IP prefix list abc to permit packets destined for network 4.4.4.4/32.
[SwitchS] ip prefix-list abc index 10 permit 4.4.4.4 32
# On Switch S, configure routing policy frr to specify the backup output interface as VLAN-interface 100 and backup next hop as 12.12.12.2.
[SwitchS] route-policy frr permit node 10
[SwitchS-route-policy-frr-10] if-match ip address prefix-list abc
[SwitchS-route-policy-frr-10] apply fast-reroute backup-interface vlan-interface 100 backup-nexthop 12.12.12.2
[SwitchS-route-policy-frr-10] quit
# On Switch S, enable OSPF FRR by using routing policy frr.
[SwitchS] ospf 1
[SwitchS-ospf-1] fast-reroute route-policy frr
[SwitchS-ospf-1] quit
# On Switch D, configure the source IP address of BFD echo packets. ICMP redirection might be enabled on the peer device. Therefore, H3C recommends configuring an IP address that is not in use as the source IP address of BFD echo packets.
<SwitchD> system-view
[SwitchD] bfd echo-source-ip 4.4.4.4
# On Switch D, configure IP prefix list abc to permit packets destined for network 1.1.1.1/32.
[SwitchD] ip prefix-list abc index 10 permit 1.1.1.1 32
# On Switch D, configure routing policy frr to specify the backup output interface as VLAN-interface 101 and backup next hop as 24.24.24.2.
[SwitchD] route-policy frr permit node 10
[SwitchD-route-policy-frr-10] if-match ip address prefix-list abc
[SwitchD-route-policy-frr-10] apply fast-reroute backup-interface vlan-interface 101 backup-nexthop 24.24.24.2
[SwitchD-route-policy-frr-10] quit
# On Switch D, enable OSPF FRR by using routing policy frr.
[SwitchD] ospf 1
[SwitchD-ospf-1] fast-reroute route-policy frr
[SwitchD-ospf-1] quit
# Display route 4.4.4.4/32 on Switch S to view the backup next hop information.
[SwitchS] display ip routing-table 4.4.4.4 verbose
Summary Count : 1
Destination: 4.4.4.0/24
Protocol: OSPF Process ID: 1
SubProtID: 0x1 Age: 01h22m08s
Cost: 2 Preference: 10
Tag: 0 State: Active Adv
OrigTblID: 0x0 OrigVrf: default-vrf
TableID: 0x2 OrigAs: 0
NBRID: 0x13000004 LastAs: 0
AttrID: 0xffffffff Neighbor: 0.0.0.0
Flags: 0x10041 OrigNextHop: 13.13.13.2
Label: NULL RealNextHop: 13.13.13.2
BkLabel: NULL BkNextHop: 12.12.12.2
Tunnel ID: Invalid Interface: Vlan-interface200
BkTunnel ID: Invalid BkInterface: Vlan-interface100
When the link between Switch S and Switch D fails, BFD immediately detects the failure, and FRR performs a link switchover. The backup next hop is used to forward packets until OSPF completes route convergence, ensuring service continuity.
# Use the debugging rib urt command to view how the route management module activates the backup route.
%Aug 14 20:55:20:677 2012 mdc1 BFD/5/BFD_CHANGE_FSM: -MDC=1; Sess[13.13.13
.1/13.13.13.2, LD/RD:1026/1026, Interface:Vlan200, SessType:Echo, LinkType:INET]
, Sta: UP->DOWN, Diag: 1
*Aug 14 20:55:21:009 2012 mdc1 RM/7/DEBUG: -MDC=1;
OSPF route 24.24.24.0/24 was deleted in vpn default-vrf.
Flags: 0x0 Process: 1 SubProto: 0 Label: 0
NbrID: 0x13000004 Metric: 0 Pref: 0 (B)Label: 0
AttrID: 0x0 Priority: 3 ModFlag: 0x0
*Aug 14 20:55:21:059 2012 mdc1 RM/7/DEBUG: -MDC=1;
OSPF route 4.4.4.0/24 was added in vpn default-vrf.
Flags: 0x41 Process: 1 SubProto: 1 Label: -1
NbrID: 0x13000005 Metric: 3 Pref: 10 (B)Label: -1
AttrID: 0xffffffff Priority: 3 ModFlag: 0x0
*Aug 14 20:55:21:109 2012 mdc1 RM/7/DEBUG: -MDC=1;
OSPF route 4.4.4.0/24 was deleted in vpn default-vrf.
Flags: 0x41 Process: 1 SubProto: 0 Label: -1
NbrID: 0x13000007 Metric: 0 Pref: 0 (B)Label: -1
AttrID: 0x0 Priority: 3 ModFlag: 0x0
*Aug 14 20:55:21:160 2012 mdc1 RM/7/DEBUG: -MDC=1;
route 24.24.24.0/24 in default-vrf was calculated, ErrCode: 0.
PubFlags: 0x0400(0x12) Priority: LOW IDNtfy: 0x13000005
OldProto: UnSpec ActiveCnt: 1 IDFlush: 0x13000005
*Aug 14 20:55:21:211 2012 mdc1 RM/7/DEBUG: -MDC=1;
route 4.4.4.0/24 in default-vrf was calculated, ErrCode: 0.
PubFlags: 0x0400(0x12) Priority: LOW IDNtfy: 0x13000005
OldProto: UnSpec ActiveCnt: 1 IDFlush: 0x13000005
%Aug 14 20:56:00:084 2012 mdc1 OSPF/5/OSPF_NBR_CHG: -MDC=1; OSPF 1 Neighbo
r 13.13.13.2(Vlan-interface200) from Full to Down.
· Switch S:
#
bfd echo-source-ip 10.1.1.1
#
interface Vlan-interface100
ip address 12.12.12.1 255.255.255.0
#
interface Vlan-interface200
ip address 13.13.13.1 255.255.255.0
#
interface GigabitEthernet3/0/1
port link-type trunk
port trunk permit vlan 100
#
interface GigabitEthernet3/0/2
port link-type trunk
port trunk permit vlan 200
#
ospf 1
fast-reroute route-policy frr
area 0.0.0.0
network 12.12.12.0 0.0.0.255
network 13.13.13.0 0.0.0.255
network 1.1.1.0 0.0.0.255
#
route-policy frr permit node 10
if-match ip address prefix-list abc
apply fast-reroute backup-interface vlan-interface 100 backup-nexthop 12.12.12.2
#
ip prefix-list abc index 10 permit 4.4.4.4 32
#
· Switch D:
#
bfd echo-source-ip 40.4.4.4
#
interface Vlan-interface101
ip address 24.24.24.4 255.255.255.0
#
interface Vlan-interface200
ip address 13.13.13.2 255.255.255.0
#
interface GigabitEthernet4/0/47
port link-type trunk
port trunk permit vlan 101
#
interface GigabitEthernet4/0/48
port link-type trunk
port trunk permit vlan 200
#
ospf 1
fast-reroute route-policy frr
area 0.0.0.0
network 24.24.24.0 0.0.0.255
network 13.13.13.0 0.0.0.255
network 4.4.4.0 0.0.0.255
#
route-policy frr permit node 10
if-match ip address prefix-list abc
apply fast-reroute backup-interface vlan-interface 101 backup-nexthop 24.24.24.2
#
ip prefix-list abc index 10 permit 1.1.1.1 32
#
As shown in Figure 3, configure RIP FRR to make sure when Link A becomes unidirectional, traffic can be switched to Link B immediately.
To meet the network requirements, you must perform the following tasks:
· For Switch S and Switch D to immediately detect unidirectional failures on Link A, enable BFD on Switch S and Switch D.
· For the backup link (Link B) to take effect immediately when Link A fails, enable FRR on Switch S and Switch D by using routing policies to designate backup next hops.
This configuration example was created and verified on S12500-CMW710-R7129.
When you configure RIP FRR, follow these restrictions and guidelines:
· Do not use RIP FRR and RIP BFD at the same time.
· RIP FRR is effective for only non-recursive RIP routes that are learned from directly connected neighbors.
1. Configure IP addresses for interfaces and enable RIPv2 on the switches:
# Configure the IP address and subnet mask for each interface, as shown in Figure 3. (Details not shown.)
# Configure RIP on the switches to make sure Switch S, Switch A, and Switch D can communicate with each other at the network layer and implement dynamic route update. (Details not shown.)
2. Configure RIP FRR:
# On Switch S, configure the source IP address of BFD echo packets. ICMP redirection might be enabled on the peer device. Therefore, H3C recommends configuring an IP address that is not in use as the source IP address of BFD echo packets.
[SwitchS] bfd echo-source-ip 10.1.1.1
# On Switch S, configure IP prefix list abc to permit packets destined for network 4.4.4.4/32.
[SwitchS] ip ip-prefix abc index 10 permit 4.4.4.4 32
# On Switch S, configure routing policy frr to specify the backup output interface as VLAN-interface 100 and backup next hop as 12.12.12.2.
[SwitchS] route-policy frr permit node 10
[SwitchS-route-policy-frr-10] if-match ip address prefix-list abc
[SwitchS-route-policy-frr-10] apply fast-reroute backup-interface vlan-interface100 backup-nexthop 12.12.12.2
[SwitchS-route-policy-frr-10] quit
# On Switch S, enable RIP FRR by using routing policy frr.
[SwitchS] rip 1
[SwitchS-rip-1] fast-reroute route-policy frr
[SwitchS-rip-1] quit
# On Switch D, configure the source IP address of BFD echo packets. ICMP redirection might be enabled on the peer device. Therefore, H3C recommends configuring an IP address that is not in use as the source IP address of BFD echo packets.
<SwitchD> system-view
[SwitchD] bfd echo-source-ip 4.4.4.4
# On Switch D, configure IP prefix list abc to permit packets destined for network 1.1.1.1/32.
[SwitchD] ip prefix-list abc index 10 permit 1.1.1.1 32
# On Switch D, configure routing policy frr to specify the backup output interface as VLAN-interface 101 and backup next hop as 24.24.24.2.
[SwitchD] route-policy frr permit node 10
[SwitchD-route-policy-frr-10] if-match ip address prefix-list abc
[SwitchD-route-policy-frr-10] apply fast-reroute backup-interface Vlan-interface101 backup-nexthop 24.24.24.2
[SwitchD-route-policy-frr-10] quit
# On Switch D, enable RIP FRR by using routing policy frr.
[SwitchD] rip 1
[SwitchD-rip-1] fast-reroute route-policy frr
[SwitchD-rip-1] quit
# Display route 4.4.4.4/32 on Switch S to view the backup next hop information.
<SwitchS> display ip routing-table 4.4.4.4 32 verbose
Summary Count : 1
Destination: 4.4.4.0/24
Protocol: RIP Process ID: 1
SubProtID: 0x2 Age: 00h15m23s
Cost: 74 Preference: 15
Tag: 0 State: Active Adv
OrigTblID: 0x2 OrigVrf: default-vrf
TableID: 0x2 OrigAs: 0
NBRID: 0x14000002 LastAs: 0
AttrID: 0xffffffff Neighbor: 0.0.0.0
Flags: 0x10041 OrigNextHop: 13.13.13.2
Label: NULL RealNextHop: 13.13.13.2
BkLabel: NULL BkNextHop: 12.12.12.2
Tunnel ID: Invalid Interface: Vlan-interface200
BkTunnel ID: Invalid BkInterface: Vlan-interface100
When the link between Switch S and Switch D fails, BFD immediately detects the failure, and FRR performs a link switchover. The new route is adopted by RIP.
# Use the debugging rib urt command to view how the route management module activates the backup route.
%Aug 14 20:41:41:913 2012 mdc1 BFD/5/BFD_CHANGE_FSM: -MDC=1; Sess[13.13.13
.1/13.13.13.2, LD/RD:1025/1025, Interface:Vlan200, SessType:Echo, LinkType:INET]
, Sta: UP->DOWN, Diag: 1
*Aug 14 20:41:44:138 2012 mdc1 RM/7/DEBUG: -MDC=1;
RIP route 24.24.24.0/24 was deleted in vpn default-vrf.
Flags: 0x0 Process: 1 SubProto: 0 Label: 0
NbrID: 0x14000001 Metric: 0 Pref: 0 (B)Label: 0
AttrID: 0x0 Priority: 3 ModFlag: 0x0
*Aug 14 20:41:44:189 2012 mdc1 RM/7/DEBUG: -MDC=1;
RIP route 4.4.4.0/24 was added in vpn default-vrf.
Flags: 0x41 Process: 1 SubProto: 2 Label: -1
NbrID: 0x14000000 Metric: 84 Pref: 15 (B)Label: -1
AttrID: 0xffffffff Priority: 3 ModFlag: 0x0
*Aug 14 20:41:44:239 2012 mdc1 RM/7/DEBUG: -MDC=1;
RIP route 4.4.4.0/24 was deleted in vpn default-vrf.
Flags: 0x41 Process: 1 SubProto: 0 Label: -1
NbrID: 0x14000002 Metric: 0 Pref: 0 (B)Label: -1
AttrID: 0x0 Priority: 3 ModFlag: 0x0
*Aug 14 20:41:44:290 2012 mdc1 RM/7/DEBUG: -MDC=1;
route 24.24.24.0/24 in default-vrf was calculated, ErrCode: 0.
PubFlags: 0x0c00(0x12) Priority: LOW IDNtfy: 0x14000000
OldProto: RIP ActiveCnt: 1 IDFlush: 0x14000000
*Aug 14 20:41:44:341 2012 mdc1 RM/7/DEBUG: -MDC=1;
route 4.4.4.0/24 in default-vrf was calculated, ErrCode: 0.
PubFlags: 0x0c00(0x12) Priority: LOW IDNtfy: 0x14000000
OldProto: RIP ActiveCnt: 1 IDFlush: 0x14000000
· Switch S:
#
bfd echo-source-ip 10.1.1.1
#
interface Vlan-interface100
ip address 12.12.12.1 255.255.255.0
#
interface Vlan-interface200
ip address 13.13.13.1 255.255.255.0
#
interface GigabitEthernet3/0/1
port access vlan 100
#
interface GigabitEthernet3/0/2
port access vlan 200
#
rip 1
undo summary
version 2
network 1.0.0.0
network 12.0.0.0
network 13.0.0.0
fast-reroute route-policy frr
#
route-policy frr permit node 10
if-match ip address prefix-list abc
apply fast-reroute backup-interface Vlan-interface100 backup-nexthop 12.12.12.2
#
ip prefix-list abc index 10 permit 4.4.4.4 32
#
· Switch D:
#
bfd echo-source-ip 40.4.4.4
#
interface Vlan-interface101
ip address 24.24.24.4 255.255.255.0
#
interface Vlan-interface200
ip address 13.13.13.2 255.255.255.0
#
interface GigabitEthernet4/0/47
port link-type trunk
port trunk permit vlan 101
#
interface GigabitEthernet4/0/48
port link-type trunk
port trunk permit vlan 200
#
rip 1
undo summary
version 2
network 4.0.0.0
network 13.0.0.0
network 24.0.0.0
fast-reroute route-policy frr
#
route-policy frr permit node 10
if-match ip address prefix-list abc
apply fast-reroute backup-interface vlan-interface 101 backup-nexthop 24.24.24.2
#
ip prefix-list abc index 10 permit 1.1.1.1 32
#
· H3C S12500 Routing Switch Series Layer 3—IP Routing Configuration Guide
· H3C S12500 Routing Switch Series Layer 3—IP Routing Command Reference
· H3C S12500 Routing Switch Series High Availability Configuration Guide
· H3C S12500 Routing Switch Series High Availability Command Reference
