Login
- Table of Contents
-
- 13-Layer 3—IP Services Configuration Guide
- 00-Preface
- 01-IP addressing configuration
- 02-IP forwarding basics configuration
- 03-Fast forwarding configuration
- 04-ARP configuration
- 05-IPv6 basics configuration
- 06-IPv6 fast forwarding configuration
- 07-DHCP configuration
- 08-DHCPv6 configuration
- 09-DNS configuration
- 10-IP performance optimization configuration
- 11-Multi-CPU packet distribution configuration
- 12-WAAS configuration
- 13-Adjacency table configuration
- Related Documents
-
| Title | Size | Download |
|---|---|---|
| 02-IP forwarding basics configuration | 88.45 KB |
Contents
Configuring IP forwarding basic settings························································ 1
About FIB table······························································································································· 1
Enabling last hop holding················································································································ 1
Enabling last hop backup················································································································ 3
Display and maintenance commands for FIB table············································································ 4
Configuring load sharing··················································································· 5
About load sharing·························································································································· 5
Configuring load sharing mode········································································································ 5
Enabling IPv4 bandwidth-based load sharing···················································································· 6
Enabling local-first load sharing······································································································· 7
Configuring IP forwarding basic settings
About FIB table
A device uses the FIB table to make packet forwarding decisions.
A device selects optimal routes from the routing table, and puts them into the FIB table. Each FIB entry specifies the next hop IP address and output interface for packets destined for a specific subnet or host.
For more information about the routing table, see Layer 3—IP Routing Configuration Guide.
Use the display fib command to display the FIB table. The following example displays the entire FIB table.
<Sysname> display fib
Destination count: 4 FIB entry count: 4
Flag:
U:Useable G:Gateway H:Host B:Blackhole D:Dynamic S:Static
R:Relay F:FRR
Destination/Mask Nexthop Flag OutInterface/Token Label
10.2.0.0/16 10.2.1.1 U GE1/0/1 Null
10.2.1.1/32 127.0.0.1 UH InLoop0 Null
127.0.0.0/8 127.0.0.1 U InLoop0 Null
127.0.0.1/32 127.0.0.1 UH InLoop0 Null
A FIB entry includes the following items:
· Destination—Destination IP address.
· Mask—Network mask. The mask and the destination address identify the destination network. A logical AND operation between the destination address and the network mask yields the address of the destination network. For example, if the destination address is 192.168.1.40 and the mask 255.255.255.0, the address of the destination network is 192.168.1.0. A network mask includes a certain number of consecutive 1s. It can be expressed in dotted decimal format or by the number of the 1s.
· Nexthop—IP address of the next hop.
· Flag—Route flag.
· OutInterface—Output interface.
· Token—MPLS Label Switched Path index number.
· Label—Inner label.
Enabling last hop holding
About this task
Last hop holding implements symmetric routing. It tracks the last hop MAC address for a flow's first incoming IP packet, and sends the return packets to the hop that transmitted the request.
As is shown in Figure 1, when the external server sends a request to the internal server, the packet travels through ISP 1 to Interface A on the device. The last hop holding feature on the device ensures that the reply packet follows the same route as the request packet back to ISP 1. If last hop holding is disabled, the reply packet might be sent out of Interface B or Interface C to the external network.
Figure 1 Last hop holding application
Hardware and feature compatibility
|
Hardware |
Feature compatibility |
|
F5010, F5020, F5020-GM, F5030, F5030-6GW, F5040, F5060, F5080, F5000-AI-20, F5000-AI-40, F5000-V30, F5000-C, F5000-S, F5000-M, F5000-A |
Yes |
|
F1000-AI-20, F1000-AI-30, F1000-AI-50, F1000-AI-60, F1000-AI-70, F1000-AI-80, F1000-AI-90 |
Yes |
|
F1003-L, F1005-L, F1010-L |
Yes |
|
F1005, F1010 |
Yes |
|
F1020, F1020-GM, F1030, F1030-GM, F1050, F1060, F1070, F1070-GM, F1070-GM-L, F1080, F1090, F1000-V70 |
Yes |
|
F1000-AK1110, F1000-AK1120, F1000-AK1130, F1000-AK1140 |
Yes |
|
F1000-AK1212, F1000-AK1222, F1000-AK1232, F1000-AK1312, F1000-AK1322, F1000-AK1332 |
Yes |
|
F1000-AK1414, F1000-AK1424, F1000-AK1434, F1000-AK1514, F1000-AK1524, F1000-AK1534, F1000-AK1614 |
Yes |
|
F1000-AK108, F1000-AK109, F1000-AK110, F1000-AK115, F1000-AK120, F1000-AK125, F1000-AK710 |
Yes |
|
F1000-AK130, F1000-AK135, F1000-AK140, F1000-AK145, F1000-AK150, F1000-AK155, F1000-AK160, F1000-AK165, F1000-AK170, F1000-AK175, F1000-AK180, F1000-AK185, F1000-GM-AK370, F1000-GM-AK380, F1000-AK711 |
Yes |
|
LSU3FWCEA0, LSUM1FWCEAB0, LSX1FWCEA1 |
Yes |
|
LSXM1FWDF1, LSUM1FWDEC0, IM-NGFWX-IV, LSQM1FWDSC0, LSWM1FWD0, LSPM6FWD, LSQM2FWDSC0 |
Yes |
|
vFW1000, vFW2000 |
No |
Restrictions and guidelines
This feature is based on fast forwarding entries. If the MAC address of a last hop changes, this feature can function correctly only after the fast forwarding entry is updated for the MAC address.
Procedure
1. Enter system view.
system-view
2. Enter Layer 3 Ethernet interface view or subinterface view.
¡ Enter Layer 3 Ethernet interface view.
interface interface-type interface-number
¡ Enter Layer 3 Ethernet subinterface view.
interface interface-type interface-number.subnumber
3. Enable last hop holding.
ip last-hop hold
By default, last hop holding is disabled.
Enabling last hop backup
About this task
You can use this feature for information backup between IRF member devices. When receiving the first IP packet of a forward flow on an interface with last hop holding and session synchronization enabled, the IRF master device performs the following operations:
1. Saves the last hop information of the packet.
2. Synchronizes the last hop information to subordinate devices in the IRF fabric.
The last hop information can be used for guiding the backward flow when the flow arrives at the master device or is forwarded through a subordinate device.
For more information about session synchronization, see Security Command Reference.
Using this feature might result in Z-shaped traffic, if packets are transparently sent from a subordinate device to the master device.
Hardware and feature compatibility
|
Hardware |
Feature compatibility |
|
F5010, F5020, F5020-GM, F5030, F5030-6GW, F5040, F5060, F5080, F5000-AI-20, F5000-AI-40, F5000-V30, F5000-C, F5000-S, F5000-M, F5000-A |
Yes |
|
F1000-AI-20, F1000-AI-30, F1000-AI-50, F1000-AI-60, F1000-AI-70, F1000-AI-80, F1000-AI-90 |
Yes |
|
F1003-L, F1005-L, F1010-L |
Yes |
|
F1005, F1010 |
Yes |
|
F1020, F1020-GM, F1030, F1030-GM, F1050, F1060, F1070, F1070-GM, F1070-GM-L, F1080, F1090, F1000-V70 |
Yes |
|
F1000-AK1110, F1000-AK1120, F1000-AK1130, F1000-AK1140 |
Yes |
|
F1000-AK1212, F1000-AK1222, F1000-AK1232, F1000-AK1312, F1000-AK1322, F1000-AK1332 |
Yes |
|
F1000-AK1414, F1000-AK1424, F1000-AK1434, F1000-AK1514, F1000-AK1524, F1000-AK1534, F1000-AK1614 |
Yes |
|
F1000-AK108, F1000-AK109, F1000-AK110, F1000-AK115, F1000-AK120, F1000-AK125, F1000-AK710 |
Yes |
|
F1000-AK130, F1000-AK135, F1000-AK140, F1000-AK145, F1000-AK150, F1000-AK155, F1000-AK160, F1000-AK165, F1000-AK170, F1000-AK175, F1000-AK180, F1000-AK185, F1000-GM-AK370, F1000-GM-AK380, F1000-AK711 |
Yes |
|
LSU3FWCEA0, LSUM1FWCEAB0, LSX1FWCEA1 |
Yes |
|
LSXM1FWDF1, LSUM1FWDEC0, IM-NGFWX-IV, LSQM1FWDSC0, LSWM1FWD0, LSPM6FWD, LSQM2FWDSC0 |
Yes |
|
vFW1000, vFW2000 |
No |
Restrictions and guidelines
This feature takes effect only when the session synchronization is enabled by using the session synchronization enable command. For more information about this command, see Security Command Reference.
This feature is applicable only to IRF fabrics. Z-shaped traffic might be formed if packets are transparently sent from a subordinate device to the master device.
Procedure
1. Enter system view.
system-view
2. Enable last hop backup.
ip last-hop backup enable
By default, last hop backup is disabled.
Display and maintenance commands for FIB table
Execute display commands in any view.
|
Task |
Command |
|
Display FIB entries. |
display fib [ vpn-instance vpn-instance-name ] [ ip-address [ mask | mask-length ] ] |
Configuring load sharing
About load sharing
If a routing protocol finds multiple equal-cost best routes to the same destination, the device forwards packets over the equal-cost routes to implement load sharing.
Configuring load sharing mode
About this task
In the per-flow load sharing mode, the device forwards flows over equal-cost routes. Packets of one flow travel along the same routes. You can configure the device to identify a flow based on the following criteria: source IP address, destination IP address, source port number, destination port number, IP protocol number, and ingress port.
In the per-packet load sharing mode, the device forwards packets over equal-cost routes.
Hardware and feature compatibility
|
Hardware |
Feature compatibility |
|
F5010, F5020, F5020-GM, F5030, F5030-6GW, F5040, F5060, F5080, F5000-AI-20, F5000-AI-40, F5000-V30, F5000-C, F5000-S, F5000-M, F5000-A |
Yes |
|
F1000-AI-20, F1000-AI-30, F1000-AI-50, F1000-AI-60, F1000-AI-70, F1000-AI-80, F1000-AI-90 |
Yes |
|
F1003-L, F1005-L, F1010-L |
No |
|
F1005, F1010 |
No |
|
F1020, F1020-GM, F1030, F1030-GM, F1050, F1060, F1070, F1070-GM, F1070-GM-L, F1080, F1090, F1000-V70 |
Yes |
|
F1000-AK1110, F1000-AK1120, F1000-AK1130, F1000-AK1140 |
No |
|
F1000-AK1212, F1000-AK1222, F1000-AK1232, F1000-AK1312, F1000-AK1322, F1000-AK1332 |
Yes |
|
F1000-AK1414, F1000-AK1424, F1000-AK1434, F1000-AK1514, F1000-AK1524, F1000-AK1534, F1000-AK1614 |
Yes |
|
F1000-AK108, F1000-AK109, F1000-AK110, F1000-AK115, F1000-AK120, F1000-AK125, F1000-AK710 |
No |
|
F1000-AK130, F1000-AK135, F1000-AK140, F1000-AK145, F1000-AK150, F1000-AK155, F1000-AK160, F1000-AK165, F1000-AK170, F1000-AK175, F1000-AK180, F1000-AK185, F1000-GM-AK370, F1000-GM-AK380, F1000-AK711 |
Yes |
|
LSU3FWCEA0, LSUM1FWCEAB0, LSX1FWCEA1 |
Yes |
|
LSXM1FWDF1, LSUM1FWDEC0, IM-NGFWX-IV, LSQM1FWDSC0, LSWM1FWD0, LSPM6FWD, LSQM2FWDSC0 |
No |
|
vFW1000, vFW2000 |
Yes |
Procedure
1. Enter system view.
system-view
2. Configure load sharing.
ip load-sharing mode { per-flow [ algorithm algorithm-number | [ dest-ip | dest-port | ip-pro | src-ip | src-port ] * ] | per-packet } { global | slot slot-number }
By default, the device performs per-flow load sharing.
Enabling IPv4 bandwidth-based load sharing
About this task
This feature load shares flow traffic among multiple output interfaces based on their load percentages. The device calculates the load percentage for each output interface in terms of the interface expected bandwidth.
Devices that run load sharing protocols implement load sharing based on the ratios defined by these protocols.
Hardware and feature compatibility
|
Hardware |
Feature compatibility |
|
F5010, F5020, F5020-GM, F5030, F5030-6GW, F5040, F5060, F5080, F5000-AI-20, F5000-AI-40, F5000-V30, F5000-C, F5000-S, F5000-M, F5000-A |
No |
|
F1000-AI-20, F1000-AI-30, F1000-AI-50, F1000-AI-60, F1000-AI-70, F1000-AI-80, F1000-AI-90 |
No |
|
F1003-L, F1005-L, F1010-L |
No |
|
F1005, F1010 |
No |
|
F1020, F1020-GM, F1030, F1030-GM, F1050, F1060, F1070, F1070-GM, F1070-GM-L, F1080, F1090, F1000-V70 |
No |
|
F1000-AK1110, F1000-AK1120, F1000-AK1130, F1000-AK1140 |
No |
|
F1000-AK1212, F1000-AK1222, F1000-AK1232, F1000-AK1312, F1000-AK1322, F1000-AK1332 |
No |
|
F1000-AK1414, F1000-AK1424, F1000-AK1434, F1000-AK1514, F1000-AK1524, F1000-AK1534, F1000-AK1614 |
No |
|
F1000-AK108, F1000-AK109, F1000-AK110, F1000-AK115, F1000-AK120, F1000-AK125, F1000-AK710 |
No |
|
F1000-AK130, F1000-AK135, F1000-AK140, F1000-AK145, F1000-AK150, F1000-AK155, F1000-AK160, F1000-AK165, F1000-AK170, F1000-AK175, F1000-AK180, F1000-AK185, F1000-GM-AK370, F1000-GM-AK380, F1000-AK711 |
No |
|
LSU3FWCEA0, LSUM1FWCEAB0, LSX1FWCEA1 |
No |
|
LSXM1FWDF1, LSUM1FWDEC0, IM-NGFWX-IV, LSQM1FWDSC0, LSWM1FWD0, LSPM6FWD, LSQM2FWDSC0 |
No |
|
vFW1000, vFW2000 |
Yes |
Procedure
1. Enter system view.
system-view
2. Enable IPv4 bandwidth-based load sharing.
bandwidth-based-sharing
By default, the IPv4 bandwidth-based load sharing is disabled.
3. (Optional.) Configure the expected bandwidth of the interface.
a. Enter interface view.
interface interface-type interface-number
b. Configure the expected bandwidth of the interface.
bandwidth bandwidth
By default, the expected bandwidth is the physical bandwidth of the interface.
Enabling local-first load sharing
About this task
Local-first load sharing distributes traffic preferentially across the output interfaces on the receiving IRF member device if output interfaces for multiple equal-cost routes are on different members. This feature enhances packets forwarding efficiency.
Procedure
1. Enter system view.
system-view
2. Enable local-first load sharing.
ip load-sharing local-first enable
By default, local-first load sharing is disabled.
