10-High Availability Configuration Guide

HomeSupportResource CenterSwitchesS12500X-AF SeriesS12500X-AF SeriesTechnical DocumentsConfigure & DeployConfiguration GuidesH3C S12500X-AF Switch Series Configuration Guides(R3606)-6W10010-High Availability Configuration Guide
11-Track configuration
Title Size Download
11-Track configuration 445.27 KB

Contents

Configuring Track· 1

About Track· 1

Collaboration mechanism·· 1

Supported detection modules· 2

Supported application modules· 2

Restrictions and guidelines: Track configuration· 2

Collaboration application example· 3

Track tasks at a glance· 3

Associating Track with a detection module object 4

Associating Track with NQA· 4

Associating Track with BFD·· 4

Associating Track with CFD·· 5

Associating Track with interface management 5

Associating Track with route management 6

Associating Track with VRRP· 7

Associating Track with a tracked list 7

Associating Track with a Boolean list 7

Associating Track with a percentage threshold list 8

Associating Track with a weight threshold list 9

Associating the Track module with an application module· 9

Prerequisites for associating the Track module with an application module· 9

Associating Track with VRRP· 10

Associating Track with the direct route on a device interface· 11

Associating Track with static routing· 11

Associating Track with PBR· 13

Associating Track with Smart Link· 15

Associating Track with VXLAN· 15

Associating Track with EAA· 16

Associating Track with ERPS· 17

Display and maintenance commands for Track· 17

Track configuration examples· 17

Example: Configuring VRRP-Track-NQA collaboration· 17

Example: Configuring BFD for a VRRP backup to monitor the master 21

Example: Configuring BFD for the VRRP master to monitor the uplink· 24

Example: Configuring static routing-Track-NQA collaboration· 28

Example: Configuring static routing-Track-BFD collaboration· 32

Example: Configuring VRRP-Track-interface management collaboration· 35

Example: Configuring VRRP-Track-route management collaboration· 38

Example: Configuring direct route-Track-VRRP collaboration· 41

 


Configuring Track

About Track

The Track module works between application modules and detection modules. It shields the differences between various detection modules from application modules.

Collaboration mechanism

The Track module collaborates with detection modules and application modules.

As shown in Figure 1, collaboration is enabled when you associate the Track module with a detection module and an application module, and it operates as follows:

1.     The detection module probes specific objects such as interface status, link status, network reachability, and network performance, and informs the Track module of detection results.

2.     The Track module sends the detection results to the application module.

3.     When notified of changes for the tracked object, the application modules can react to avoid communication interruption and network performance degradation.

Figure 1 Collaboration through the Track module

 

Collaboration between the Track module and a detection module

The detection module sends the detection result of the tracked object to the Track module. The Track module changes the status of the track entry as follows:

·     If the tracked object operates correctly, the state of the track entry is Positive. For example, the track entry state is Positive in one of the following conditions:

¡     The target interface is up.

¡     The target network is reachable.

·     If the tracked object does not operate correctly, the state of the track entry is Negative. For example, the track entry state is Negative in one of the following conditions:

¡     The target interface is down.

¡     The target network is unreachable.

·     If the detection result is invalid, the state of the track entry is NotReady. For example, the track entry state is NotReady if its associated NQA operation does not exist.

You can associate a track entry with an object of a detection module, such as the state of an interface or reachability of an IP route. The state of the track entry is determined by the state of the tracked object.

You can also associate a track entry with a list of objects called a tracked list. The state of a tracked list is determined by the states of all objects in the list. The following types of tracked lists are supported:

·     Boolean AND list—The state of a Boolean AND list is determined by the states of the tracked objects using the Boolean AND operation.

·     Boolean OR list—The state of a Boolean OR list is determined by the states of the tracked objects using the Boolean OR operation.

·     Percentage threshold list—The state of a percentage threshold list is determined by comparing the percentage of positive and negative objects in the list with the percentage thresholds configured for the list.

·     Weight threshold list—The state of a weight threshold list is determined by comparing the weight of positive and negative objects in the list with the weight thresholds configured for the list.

Collaboration between the Track module and an application module

The track module reports the track entry status changes to the application module. The application module can then take correct actions to avoid communication interruption and network performance degradation.

Supported detection modules

The following detection modules can be associated with the Track module:

·     NQA.

·     BFD.

·     CFD.

·     Interface management.

·     Route management.

·     VRRP.

Supported application modules

The following application modules can be associated with the Track module:

·     VRRP.

·     Direct route.

·     Static routing.

·     PBR.

·     Smart Link.

·     VXLAN.

·     EAA.

·     ERPS.

Restrictions and guidelines: Track configuration

When configuring a track entry for an application module, you can set a notification delay to avoid immediate notification of status changes.

When the delay is not configured and the route convergence is slower than the link state change notification, communication failures occur. For example, when the master in a VRRP group detects an uplink interface failure through Track, Track immediately notifies the master to decrease its priority. A backup with a higher priority then preempts as the new master. When the failed uplink interface recovers, the Track module immediately notifies the original master to restore its priority. If the uplink route has not recovered, forwarding failure will occur.

Collaboration application example

The following is an example of collaboration between NQA, Track, and static routing.

Configure a static route with next hop 192.168.0.88 on the device. If the next hop is reachable, the static route is valid. If the next hop becomes unreachable, the static route is invalid. For this purpose, configure NQA-Track-static routing collaboration as follows:

1.     Create an NQA operation to monitor the accessibility of IP address 192.168.0.88.

2.     Create a track entry and associate it with the NQA operation.

¡     When next hop 192.168.0.88 is reachable, NQA sends the result to the Track module. The Track module sets the track entry to Positive state.

¡     When the next hop becomes unreachable, NQA sends the result to the Track module. The Track module sets the track entry to Negative state.

3.     Associate the track entry with the static route.

¡     When the track entry is in Positive state, the static routing module considers the static route to be valid.

¡     When the track entry is in Negative state, the static routing module considers the static route to be invalid.

Track tasks at a glance

To implement the collaboration function, establish associations between the Track module and detection modules, and between the Track module and application modules.

To configure the Track module, perform the following tasks:

1.     Associating Track with a detection module object

¡     Associating Track with NQA

¡     Associating Track with BFD

¡     Associating Track with CFD

¡     Associating Track with interface management

¡     Associating Track with route management

¡     Associating Track with VRRP

2.     Associating Track with a tracked list

¡     Associating Track with a Boolean list

¡     Associating Track with a percentage threshold list

¡     Associating Track with a weight threshold list

3.     Associating the Track module with an application module

¡     Associating Track with VRRP

¡     Associating Track with the direct route

¡     Associating Track with static routing

¡     Associating Track with PBR

¡     Associating Track with Smart Link

¡     Associating Track with VXLAN

¡     Associating Track with EAA

¡     Associating Track with ERPS

Associating Track with a detection module object

Associating Track with NQA

About this task

NQA supports multiple operation types to analyze network performance and service quality. For example, an NQA operation can periodically detect whether a destination is reachable, or whether a TCP connection can be established.

An NQA operation operates as follows when it is associated with a track entry:

·     If the consecutive probe failures reach the specified threshold, the NQA module notifies the Track module that the tracked object has malfunctioned. The Track module then sets the track entry to Negative state.

·     If the specified threshold is not reached, the NQA module notifies the Track module that the tracked object is operating correctly. The Track module then sets the track entry to Positive state.

For more information about NQA, see Network Management and Monitoring Configuration Guide.

Restrictions and guidelines

If you associate a track entry with a nonexistent NQA operation or reaction entry, the state of the track entry is NotReady.

Procedure

1.     Enter system view.

system-view

2.     Create a track entry associated with an NQA reaction entry and enter its view.

track track-entry-number nqa entry admin-name operation-tag reaction item-number

3.     (Optional.) Set the delay for notifying the application module of track entry state changes.

delay { negative negative-time | positive positive-time } *

By default, the Track module notifies the application module immediately when the track entry state changes.

Associating Track with BFD

About this task

BFD supports the control packet mode and echo packet mode. A track entry can be associated with an echo-mode BFD session or control-mode static BFD session. For more information about BFD, see "Configuring BFD."

The associated Track and BFD operate as follows:

·     If the BFD detects that the link fails, it informs the Track module of the link failure. The Track module sets the track entry to Negative state.

·     If the BFD detects that the link is operating correctly, the Track module sets the track entry to Positive state.

Restrictions and guidelines

When you associate a track entry with BFD, do not configure the virtual IP address of a VRRP group as the local or remote address of the BFD session.

Prerequisites

Before you associate Track with BFD, configure the source IP address of BFD echo packets. For more information, see "Configuring BFD."

Procedure

1.     Enter system view.

system-view

2.     Create a track entry associated with a BFD session and enter its view.

track track-entry-number bfd { echo interface interface-type interface-number remote ip remote-ip-address local ip local-ip-address | static bfd-session-name }

3.     (Optional.) Set the delay for notifying the application module of track entry state changes.

delay { negative negative-time | positive positive-time } *

By default, the Track module notifies the application module immediately when the track entry state changes.

Associating Track with CFD

About this task

The associated Track and CFD operate as follows:

·     If the CFD detects that the link fails, it informs the Track module of the link failure. The Track module then sets the track entry to Negative state.

·     If the CFD detects that the link is operating correctly, the Track module sets the track entry to Positive state.

For more information about CFD, see "Configuring CFD."

Prerequisites

Before you associate Track with CFD, enable CFD and create a MEP. For more information, see "Configuring CFD."

Procedure

1.     Enter system view.

system-view

2.     Create a track entry associated with CFD and enter its view.

track track-entry-number cfd cc service-instance instance-id mep mep-id

3.     (Optional.) Set the delay for notifying the application module of track entry state changes.

delay { negative negative-time | positive positive-time } *

By default, the Track module notifies the application module immediately when the track entry state changes.

Associating Track with interface management

About this task

The interface management module monitors the link status or network-layer protocol status of interfaces. The associated Track and interface management operate as follows:

·     When the link or network-layer protocol status of the interface changes to up, the interface management module informs the Track module of the change. The Track module sets the track entry to Positive state.

·     When the link or network-layer protocol status of the interface changes to down, the interface management module informs the Track module of the change. The Track module sets the track entry to Negative state.

Procedure

1.     Enter system view.

system-view

2.     Create a track entry associated with an interface and enter its view. Choose the options to configure as needed:

¡     Create a track entry associated with the link status of an interface.

track track-entry-number interface interface-type interface-number

¡     Create a track entry associated with the physical status of an interface.

track track-entry-number interface interface-type interface-number physical

¡     Create a track entry associated with the network layer protocol status of an interface.

track track-entry-number interface interface-type interface-number protocol { ipv4 | ipv6 }

3.     (Optional.) Set the delay for notifying the application module of track entry state changes.

delay { negative negative-time | positive positive-time } *

By default, the Track module notifies the application module immediately when the track entry state changes.

Associating Track with route management

About this task

The route management module monitors route entry changes in the routing table. The associated Track and route management operate as follows:

·     When a monitored route entry is found in the routing table, the route management module informs the Track module. The Track module sets the track entry to Positive state.

·     When a monitored route entry is removed from the routing table, the route management module informs the Track module of the change. The Track module sets the track entry to Negative state.

Associating a track entry with an IPv4 route entry

1.     Enter system view.

system-view

2.     Create a track entry associated with an IPv4 route and enter its view.

track track-entry-number ip route [ vpn-instance vpn-instance-name ] ip-address { mask-length | mask } reachability

3.     (Optional.) Set the delay for notifying the application module of track entry state changes.

delay { negative negative-time | positive positive-time } *

By default, the Track module notifies the application module immediately when the track entry state changes.

Associating a track entry with an IPv6 route entry

1.     Enter system view.

system-view

2.     Create a track entry associated with an IPv6 route and enter its view.

track track-entry-number ipv6 route [ vpn-instance vpn-instance-name ] ipv6-address prefix-length reachability

3.     (Optional.) Set the delay for notifying the application module of track entry state changes.

delay { negative negative-time | positive positive-time } *

By default, the Track module notifies the application module immediately when the track entry state changes.

Associating Track with VRRP

About this task

You can associate a track entry with a VRRP group on a device interface. The Track-VRRP association operates as follows:

·     When the device becomes the master device in the VRRP group, the Track module sets the track entry to Positive state.

·     When the device transitions to Backup or Initialize state, the Track module sets the track entry to Negative state.

·     When the monitored device transitions to Inactive state or if the VRRP group does not exist, the Track module sets the track entry to NotReady state.

Procedure

1.     Enter system view.

system-view

2.     Create a track entry associated with a VRRP group on an interface and enter track entry view.

track track-entry-number vrrp interface interface-type interface-number vrid virtual-router-id

3.     (Optional.) Set the delay for notifying the application module of track entry state changes.

delay { negative negative-time | positive positive-time } *

By default, the Track module notifies the application module immediately when the track entry state changes.

Associating Track with a tracked list

Associating Track with a Boolean list

About this task

A Boolean list is a list of tracked objects based on a Boolean logic. It can be further divided into the following types:

·     Boolean AND list—A Boolean AND list is set to the Positive state only when all objects are in Positive state. If one or more objects are in Negative state, the tracked list is set to the Negative state.

·     Boolean OR list—A Boolean OR list is set to the Positive state if any object is in Positive state. If all objects are in Negative state, the tracked list is set to the Negative state.

Procedure

1.     Enter system view.

system-view

2.     Create a track entry.

See "Associating Track with a detection module object."

Create a track entry before you add it as a tracked object to a tracked list.

A minimum of one track entry must be created.

3.     Create a Boolean tracked list and enter its view.

track track-entry-number list boolean { and | or }

4.     Add the track entry as an object to the tracked list.

object track-entry-id [ not ]

By default, a tracked list does not contain any objects.

Repeat this step to add all interested objects to the tracked list.

5.     (Optional.) Set the delay for notifying the application module of tracked list state changes.

delay { negative negative-time | positive positive-time } *

By default, the Track module notifies the application module immediately when the tracked list state changes.

Associating Track with a percentage threshold list

About this task

A percentage threshold list uses a percentage threshold to measure the state of the list.

·     If the percentage of positive objects is equal to or above the positive state threshold, the list is set to the Positive state.

·     If the percentage of positive objects is equal to or below the negative state threshold, the list is set to the Negative state.

·     The state of a percentage threshold list remains unchanged if the percentage of positive objects is below the positive state threshold and above the negative state threshold.

Procedure

1.     Enter system view.

system-view

2.     Create a track entry.

See "Associating Track with a detection module object."

Create a track entry before you add it as a tracked object to a tracked list.

A minimum of one track entry must be created.

3.     Create a percentage threshold list and enter its view.

track track-entry-number list threshold percentage

4.     Add the track entry as an object to the tracked list.

object track-entry-id

By default, a tracked list does not contain any objects.

Repeat this step to add all interested objects to the tracked list.

5.     Configure the threshold values used to determine the state of the percentage threshold list.

threshold percentage { negative negative-threshold | positive positive-threshold } *

By default, the negative state threshold is 0% and the positive state threshold is 1%.

6.     (Optional.) Set the delay for notifying the application module of tracked list state changes.

delay { negative negative-time | positive positive-time } *

By default, the Track module notifies the application module immediately when the tracked list state changes.

Associating Track with a weight threshold list

About this task

A weight threshold list uses a weight threshold to measure the state of the list.

·     If the total weight of positive objects is equal to or above the positive state threshold, the list is set to the Positive state.

·     If the total weight of positive objects is equal to or below the negative state threshold, the list is set to the Negative state.

·     The state of a weight threshold list remains unchanged if the total weight of positive objects is below the positive state threshold and above the negative state threshold.

Procedure

1.     Enter system view.

system-view

2.     Create a track entry.

See "Associating Track with a detection module object."

Create a track entry before you add it as a tracked object to a tracked list.

A minimum of one track entry must be created.

3.     Create a weight threshold list and enter its view.

track track-entry-number list threshold weight

By default, no tracked lists exist.

4.     Add the track entry as an object to the tracked list.

object track-entry-number [ weight ]

By default, a tracked list does not contain any objects.

Repeat this step to add all interested objects to the tracked list.

5.     Configure the threshold values used to determine the state of the weight threshold list.

threshold weight { negative negative-threshold | positive positive-threshold } *

By default, the negative state threshold is 0 and the positive state threshold is 1.

6.     (Optional.) Set the delay for notifying the application module of tracked list state changes.

delay { negative negative-time | positive positive-time } *

By default, the Track module notifies the application module immediately when the tracked list state changes.

Associating the Track module with an application module

Prerequisites for associating the Track module with an application module

Create a track entry first before you associate it with an application module.

An application module might obtain incorrect track entry status information if the associated track entry does not exist.

Associating Track with VRRP

 

About this task

When VRRP is operating in standard mode or load balancing mode, associate the Track module with the VRRP group to implement the following actions:

·     Change the priority of a router according to the status of the uplink. If a fault occurs on the uplink of the router, the VRRP group is not aware of the uplink failure. If the router is the master, hosts in the LAN cannot access the external network. To resolve this problem, configure a detection module-Track-VRRP collaboration. The detection module monitors the status of the uplink of the router and notifies the Track module of the detection result.

When the uplink fails, the detection module notifies the Track module to change the status of the monitored track entry to Negative. The priority of the master decreases by a user-specified value. A router with a higher priority in the VRRP group becomes the master.

·     Monitor the master on a backup. If a fault occurs on the master, the backup operating in switchover mode will switch to the master immediately to maintain normal communication.

When VRRP is operating in load balancing mode, associate the Track module with the VRRP VF to implement the following functions:

·     Change the priority of the AVF according to its uplink state. When the uplink of the AVF fails, the track entry changes to Negative state. The weight of the AVF decreases by a user-specified value. The VF with a higher priority becomes the new AVF to forward packets.

·     Monitor the AVF status from the LVF. When the AVF fails, the LVF that is operating in switchover mode becomes the new AVF to ensure continuous forwarding.

For more information about configuring VRRP, see "Configuring VRRP."

Restrictions and guidelines for Track association with VRRP

·     VRRP tracking does not take effect on an IP address owner. The configuration takes effect when the router does not act as the IP address owner.

An IP address owner is the router with its interface IP address used as the virtual IP address of the VRRP group.

·     When the status of the track entry changes from Negative to Positive or NotReady, the associated router or VF restores its priority automatically.

Associating Track with a VRRP group

1.     Enter system view.

system-view

2.     Enter interface view.

interface interface-type interface-number

3.     Associate a track entry with a VRRP group.

vrrp [ ipv6 ] vrid virtual-router-id track track-entry-number { forwarder-switchover member-ip ip-address | priority reduced [ priority-reduced ] switchover | weight reduced [ weight-reduced ] }

By default, no track entry is associated with a VRRP group.

This command is supported when VRRP is operating in both standard mode and load balancing mode.

Associating Track with a VRRP VF

1.     Enter system view.

system-view

2.     Enter interface view.

interface interface-type interface-number

3.     Associate Track with a VRRP VF.

vrrp [ ipv6 ] vrid virtual-router-id track track-entry-number { forwarder-switchover member-ip ip-address | priority reduced [ priority-reduced ] switchover | weight reduced [ weight-reduced ] }

By default, no track entry is associated with a VRRP VF.

This command is configurable when VRRP is operating in standard mode or load balancing mode. However, the configuration takes effect only when VRRP is operating in load balancing mode.

Associating Track with the direct route on a device interface

About this task

On a network where a VRRP group is used as the default gateway, upstream traffic is always forwarded through the master device in the VRRP group. The corresponding downstream traffic might take a different path because the route selection is determined by the configured dynamic routing protocol. The mismatching forwarding paths might cause the traffic to be blocked by firewalls (if configured), and increase the complexity and overhead for traffic monitoring and statistics collection operations.

You can resolve the issue by configuring direct route-Track-VRRP collaboration. The collaboration ensures that the upstream traffic and the corresponding downstream traffic are forwarded through matching paths (both through the master device in the VRRP group).

To configure direct route-Track-VRRP collaboration, perform the following tasks on each member device of the VRRP group:

1.     Create a track entry associated with the VRRP group member device so the track entry state changes according to the status of the device in the VRRP group.

2.     Associate the track entry with the direct route on the interface connected to the downstream device. The cost of the direct route changes to a user-defined value when the track entry is in Negative state.

3.     Enable direct route redistribution for the dynamic routing protocol on the device.

For more information about direct routes, see basic IP routing configuration in Layer 3—IP Routing Configuration Guide.

Procedure

1.     Enter system view.

system-view

2.     Enter Layer 3 interface view.

interface interface-type interface-number

3.     Associate a track entry with the direct route on the interface and change the cost of the route to a user-defined value when the track entry is in Negative state.

route-direct track track-entry-number degrade-cost cost-value

By default, no track entry is associated with the direct route on a device interface..

Associating Track with static routing

About this task

A static route is a manually configured route to route packets. For more information about static route configuration, see Layer 3—IP Routing Configuration Guide.

Static routes cannot adapt to network topology changes. Link failures or network topological changes can make the routes unreachable and cause communication interruption.

To resolve this problem, configure another route to back up the static route. When the static route is reachable, packets are forwarded through the static route. When the static route is unreachable, packets are forwarded through the backup route.

To check the accessibility of a static route in real time, associate the Track module with the static route.

If you specify the next hop but not the output interface when configuring a static route, you can configure the static routing-Track-detection module collaboration. This collaboration enables you to verify the accessibility of the static route based on the track entry state.

·     If the track entry is in Positive state, the following conditions exist:

¡     The next hop of the static route is reachable.

¡     The configured static route is valid.

·     If the track entry is in Negative state, the following conditions exist:

¡     The next hop of the static route is not reachable.

¡     The configured static route is invalid.

·     If the track entry is in NotReady state, the following conditions exist:

¡     The accessibility of the next hop of the static route is unknown.

¡     The static route is valid.

Restrictions and guidelines

·     In static routing-Track-NQA collaboration, you must configure the same VPN instance name for the NQA operation and the next hop of the static route. Otherwise, the accessibility detection cannot operate correctly.

·     If a static route needs route recursion, the associated track entry must monitor the next hop of the recursive route. The next hop of the static route cannot be monitored. Otherwise, a valid route might be considered invalid.

Associating an IPv4 static route with a track entry

1.     Enter system view.

system-view

2.     Associate an IPv4 static route with a track entry to check the accessibility of the next hop.

Public network:

ip route-static dest-address { mask-length | mask } { interface-type interface-number [ next-hop-address ] | next-hop-address | vpn-instance d-vpn-instance-name next-hop-address } track track-entry-number [ preference preference ] [ tag tag-value ] [ description text ]

VPN:

ip route-static vpn-instance s-vpn-instance-name dest-address { mask-length | mask } { interface-type interface-number [ next-hop-address ] | next-hop-address [ public ] | vpn-instance d-vpn-instance-name next-hop-address } track track-entry-number [ preference preference ] [ tag tag-value ] [ description text ]

By default, Track is not associated with IPv4 static routes.

Associating an IPv6 static route with a track entry

1.     Enter system view.

system-view

2.     Associate an IPv6 static route with a track entry to check the accessibility of the next hop.

Public network:

ipv6 route-static ipv6-address prefix-length { interface-type interface-number [ next-hop-address ] track track-entry-number | [ vpn-instance d-vpn-instance-name ] next-hop-address track track-entry-number } [ preference preference ] [ tag tag-value ] [ description text ]

VPN:

ipv6 route-static vpn-instance s-vpn-instance-name ipv6-address prefix-length interface-type interface-number [ next-hop-address ] track track-entry-number [ preference preference ] [ tag tag-value ] [ description text ]

ipv6 route-static vpn-instance s-vpn-instance-name ipv6-address prefix-length next-hop-address [ public ] track track-entry-number [ preference preference ] [ tag tag-value ] [ description text ]

ipv6 route-static vpn-instance s-vpn-instance-name ipv6-address prefix-length vpn-instance d-vpn-instance-name next-hop-address track track-entry-number [ preference preference ] [ tag tag-value ] [ description text ]

By default, Track is not associated with IPv6 static routes.

Associating Track with PBR

About this task

PBR uses user-defined policies to route packets. You can specify parameters in a PBR policy to guide the forwarding of the packets that match specific criteria. For more information about PBR, see Layer 3—IP Routing Configuration Guide.

PBR cannot detect the availability of any action taken on packets. When an action is not available, packets processed by the action might be discarded. For example, if the output interface specified for PBR fails, PBR cannot detect the failure, and continues to forward matching packets out of the interface.

To enable PBR to detect topology changes and improve the flexibility of the PBR application, configure Track-PBR-detection module collaboration.

After you associate a track entry with an apply clause, the detection module associated with the track entry sends Track the detection result of the availability of the tracked object.

·     The Positive state of the track entry indicates that the object is available, and the apply clause is valid.

·     The Negative state of the track entry indicates that the object is not available, and the apply clause is invalid.

·     The NotReady state of the track entry indicates that the apply clause is valid.

The following objects can be associated with a track entry:

·     Output interface.

·     Next hop.

·     Default output interface.

·     Default next hop.

Prerequisites for Track association with PBR

Before you associate Track with PBR, create a policy or a policy node, and configure the match criteria.

Associating Track with PBR

1.     Enter system view.

system-view

2.     Create a policy or policy node and enter PBR policy node view.

policy-based-route policy-name [ deny | permit ] node node-number

3.     Define a match criterion.

¡     Define an ACL match criterion.

if-match acl { acl-number | name acl-name }

4.     Associate Track with PBR.

¡     Set the output interface, and associate it with a track entry.

apply output-interface interface-type interface-number [ track track-entry-number ]

By default, no output interface is set.

¡     Set the next hop, and associate it with a track entry.

apply next-hop [ vpn-instance vpn-instance-name ] { ip-address [ direct ] [ track track-entry-number ] }&<1-2>

By default, no next hop is set.

¡     Set the default output interface, and associate it with a track entry.

apply default-output-interface interface-type interface-number [ track track-entry-number ]

By default, no default output interface is set.

¡     Set the default next hop, and associate it with a track entry.

apply default-next-hop [ vpn-instance vpn-instance-name ] { ip-address [ direct ] [ track track-entry-number ] }&<1-2>

By default, no default next hop is set.

Associating Track with IPv6 PBR

1.     Enter system view.

system-view

2.     Create a policy or policy node and enter PBR policy node view.

ipv6 policy-based-route policy-name [ deny | permit ] node node-number

3.     Define a match criterion.

¡     Define an ACL match criterion.

if-match acl { ipv6-acl-number | name ipv6-acl-name }

4.     Associate Track with IPv6 PBR.

¡     Set the output interface, and associate it with a track entry.

apply output-interface interface-type interface-number [ track track-entry-number ]

By default, no output interface is set.

¡     Set the next hop, and associate it with a track entry.

apply next-hop [ vpn-instance vpn-instance-name ] { ipv6-address [ direct ] [ track track-entry-number ] }&<1-2>

By default, no next hop is set.

¡     Set the default output interface, and associate it with a track entry.

apply default-output-interface interface-type interface-number [ track track-entry-number ]

By default, no default output interface is set.

¡     Set the default next hop, and associate it with a track entry.

apply default-next-hop [ vpn-instance vpn-instance-name ] { ipv6-address [ direct ] [ track track-entry-number ] }&<1-2>

By default, no default next hop is set.

Associating Track with Smart Link

About this task

Smart Link cannot detect unidirectional links, misconnected fibers, or packet loss on intermediate devices or network paths of the uplink. It also cannot detect when faults are cleared. To check the link status, Smart Link ports must use link detection protocols. When a fault is detected or cleared, the link detection protocols inform Smart Link to switch over the links.

You can configure the collaboration between Smart Link and Track on a smart link group member port. Smart Link collaborates with the CC feature of CFD through the track entry to detect the link status on the port.

·     When the track entry is in Positive state, the link is in normal state. Smart Link does not perform link switchover for the smart link group.

·     When the track entry is in Negative state, the link has failed. Smart Link determines whether to perform link switchover according to the link preemption mode and port role configured in the smart link group.

·     When the track entry is in NotReady state, the port state does not change.

For more information about Smart Link, see "Configuring Smart Link."

Restrictions and guidelines

The track entry to be used for collaboration with Smart Link must have been associated with the CC feature of CFD.

Procedure

1.     Enter system view.

system-view

2.     Enter Layer 2 Ethernet interface view or Layer 2 aggregate interface view.

interface interface-type interface-number

3.     Configure collaboration between Smart Link and Track on the port.

port smart-link group group-id track track-entry-number

By default, the collaboration between Smart Link and Track is not configured.

Associating Track with VXLAN

About this task

When you associate Track with an AC on a VXLAN network, the AC is up only when one or more of the associated track entries are positive.

The AC can be one of the following types.

·     Layer 3 interface.

·     Ethernet service instance on a Layer 2 Ethernet interface or Layer 2 aggregate interface.

Associating a Layer 3 interface with a track entry

1.     Enter system view.

system-view

2.     Enter Layer 3 interface view.

interface interface-type interface-number

3.     Bind the interface to a VSI and associate it with a track entry.

xconnect vsi vsi-name track track-entry-number&<1-3>

By default, a Layer 3 interface is not bound to any VSI or associated with any track entries.

Associating an Ethernet service instance with a track entry

1.     Enter system view.

system-view

2.     Enter Layer 2 Ethernet interface view or Layer 2 aggregate interface view.

¡     Enter Layer 2 Ethernet interface view.

interface interface-type interface-number

¡     Enter Layer 2 aggregate interface view.

interface bridge-aggregation interface-number

3.     Create an Ethernet service instance and enter its view.

service-instance instance-id

4.     Bind the Ethernet service instance to a VSI and associate it with a track entry.

xconnect vsi vsi-name [ access-mode { ethernet | vlan } ] track track-entry-number&<1-3>

By default, an Ethernet service instance is not bound to any VSI or associated with any track entries.

Associating Track with EAA

About this task

You can configure EAA track event monitor policies to monitor the positive-to-negative or negative-to-positive state changes of track entries.

·     If you specify only one track entry for a policy, EAA triggers the policy when it detects the specified state change on the track entry.

·     If you specify multiple track entries for a policy, EAA triggers the policy when it detects the specified state change on the last monitored track entry. For example, if you configure a policy to monitor the positive-to-negative state change of multiple track entries, EAA triggers the policy when the last positive track entry monitored by the policy is changed to the Negative state.

You can set a suppression time for a track event monitor policy. The timer starts when the policy is triggered. The system does not process messages that report the monitored track event until the timer times out.

For more information about EAA, see Network Management and Monitoring Configuration Guide.

Procedure

1.     Enter system view.

system-view

2.     Create a CLI-defined monitor policy and enter its view, or enter the view of an existing CLI-defined monitor policy.

rtm cli-policy policy-name

3.     Configure a track event.

event track track-entry-number-list state { negative | positive } [ suppress-time suppress-time ]

By default, a monitor policy does not monitor any track event.

Associating Track with ERPS

About this task

To detect and clear link faults typically for a fiber link, use ERPS with CFD and Track. You can associate ERPS ring member ports with the continuity check function of CFD through track entries. CFD reports link events only when the monitored VLAN is the control VLAN of the ERPS instance for the port.

Track changes the track entry state based on the monitoring result of CFD, and notifies the track entry state change to the associated EPRS ring.

·     When the track entry is in Positive state, the link of the monitored ERPS ring member port is in normal state. The ERPS ring does not switch traffic to other links.

·     When the track entry is in Negative state, the link of the monitored ERPS ring member port is faulty. The ERPS ring switches traffic to other links.

·     When the track entry is in NotReady state, the state of the ERPS ring member port does not change.

For more information about ERPS, see "Configuring ERPS."

Restrictions and guidelines

Before you associate a port with a track entry, make sure the port has joined an ERPS instance.

Procedure

1.     Enter system view.

system-view

2.     Enter Layer 2 Ethernet interface view or Layer 2 aggregate interface view.

interface interface-type interface-number

3.     Associate an ERPS ring member port with a track entry.

port erps ring ring-id instance instance-id track track-entry-index

By default, an ERPS ring member port is not associated with any track entries.

Display and maintenance commands for Track

Execute display commands in any view.

 

Task

Command

Display information about track entries.

display track { track-entry-number | all [ negative | positive ] } [ brief ]

 

Track configuration examples

Example: Configuring VRRP-Track-NQA collaboration

Network configuration

As shown in Figure 2:

·     Host A requires access to Host B. The default gateway of Host A is 10.1.1.10/24.

·     Router A and Router B belong to VRRP group 1. The virtual IP address of VRRP group 1 is 10.1.1.10.

Configure VRRP-Track-NQA collaboration to monitor the uplink on the master and meet the following requirements:

·     When Router A operates correctly, it forwards packets from Host A to Host B.

·     When NQA detects a fault on the uplink of Router A, Router B forwards packets from Host A to Host B.

Figure 2 Network diagram

Procedure

IMPORTANT

IMPORTANT:

By default, interfaces on the device are disabled (in ADM or Administratively Down state). To have an interface operate, you must use the undo shutdown command to enable that interface.

1.     Configure the IP address of each interface, as shown in Figure 2. (Details not shown.)

2.     Configure an NQA operation on Router A:

# Create an NQA operation with administrator name admin and operation tag test.

<RouterA> system-view

[RouterA] nqa entry admin test

# Specify the ICMP echo operation type.

[RouterA-nqa-admin-test] type icmp-echo

# Specify 10.1.2.2 as the destination address of ICMP echo requests.

[RouterA-nqa-admin-test-icmp-echo] destination ip 10.1.2.2

# Configure the ICMP echo operation to repeat every 100 milliseconds.

[RouterA-nqa-admin-test-icmp-echo] frequency 100

# Create reaction entry 1, specifying that five consecutive probe failures trigger the Track module.

[RouterA-nqa-admin-test-icmp-echo] reaction 1 checked-element probe-fail threshold-type consecutive 5 action-type trigger-only

[RouterA-nqa-admin-test-icmp-echo] quit

# Start the NQA operation.

[RouterA] nqa schedule admin test start-time now lifetime forever

3.     On Router A, configure track entry 1, and associate it with reaction entry 1 of the NQA operation.

[RouterA] track 1 nqa entry admin test reaction 1

4.     Configure VRRP on Router A:

# Specify VRRPv2 to run on HundredGigE 1/0/1.

[RouterA] interface hundredgige 1/0/1

[RouterA-HundredGigE1/0/1] vrrp version 2

# Create VRRP group 1, and configure virtual IP address 10.1.1.10 for the group.

[RouterA-HundredGigE1/0/1] vrrp vrid 1 virtual-ip 10.1.1.10

# Set the priority of Router A to 110 in VRRP group 1.

[RouterA-HundredGigE1/0/1] vrrp vrid 1 priority 110

# Set the authentication mode of VRRP group 1 to simple, and the authentication key to hello.

[RouterA-HundredGigE1/0/1] vrrp vrid 1 authentication-mode simple plain hello

# Configure the master to send VRRP packets every 500 centiseconds.

[RouterA-HundredGigE1/0/1] vrrp vrid 1 timer advertise 500

# Configure Router A to operate in preemptive mode and set the preemption delay to 5000 centiseconds.

[RouterA-HundredGigE1/0/1] vrrp vrid 1 preempt-mode delay 5000

# Associate VRRP group 1 with track entry 1 and decrease the router priority by 30 when the state of track entry 1 changes to negative.

[RouterA-HundredGigE1/0/1] vrrp vrid 1 track 1 priority reduced 30

5.     Configure VRRP on Router B:

# Specify VRRPv2 to run on HundredGigE 1/0/1.

<RouterB> system-view

[RouterB] interface hundredgige 1/0/1

[RouterB-HundredGigE1/0/1] vrrp version 2

# Create VRRP group 1, and configure virtual IP address 10.1.1.10 for the group.

[RouterB-HundredGigE1/0/1] vrrp vrid 1 virtual-ip 10.1.1.10

# Set the authentication mode of VRRP group 1 to simple, and the authentication key to hello.

[RouterB-HundredGigE1/0/1] vrrp vrid 1 authentication-mode simple plain hello

# Configure the master to send VRRP packets every 500 centiseconds.

[RouterB-HundredGigE1/0/1] vrrp vrid 1 timer advertise 500

# Configure Router B to operate in preemptive mode and set the preemption delay to 5000 centiseconds.

[RouterB-HundredGigE1/0/1] vrrp vrid 1 preempt-mode delay 5000

Verifying the configuration

# Ping Host B from Host A to verify that Host B is reachable. (Details not shown.)

# Display detailed information about VRRP group 1 on Router A.

[RouterA-HundredGigE1/0/1] display vrrp verbose

IPv4 virtual router information:

 Running mode      : Standard

 Total number of virtual routers : 1

   Interface HundredGigE1/0/1

     VRID             : 1               Adver timer  : 500 centiseconds

     Admin status     : Up              State        : Master

     Config pri       : 110             Running pri  : 110

     Preempt mode     : Yes             Delay time   : 5000 centiseconds

     Auth type        : Simple          Key          : ******

     Virtual IP       : 10.1.1.10

     Virtual MAC      : 0000-5e00-0101

     Master IP        : 10.1.1.1

     Backup ARP       : Disabled

   VRRP track information:

     Track object   : 1              State : Positive          Pri reduced : 30

# Display detailed information about VRRP group 1 on Router B.

[RouterB-HundredGigE1/0/1] display vrrp verbose

IPv4 virtual router information:

 Running mode      : Standard

Total number of virtual routers : 1

   Interface HundredGigE1/0/1

     VRID             : 1               Adver timer  : 500 centiseconds

     Admin status     : Up              State        : Backup

     Config pri       : 100             Running pri  : 100

     Preempt mode     : Yes             Delay time   : 5000 centiseconds

     Become master    : 2200 milliseconds left

     Auth type        : Simple          Key          : ******

     Virtual IP       : 10.1.1.10

     Master IP        : 10.1.1.1

     Backup ARP       : Disabled

The output shows that in VRRP group 1, Router A is the master and Router B is a backup. Router A forwards packets from Host A to Host B.

# Disconnect the link between Router A and Router C, and verify that Host A can still ping Host B. (Details not shown.)

# Display detailed information about VRRP group 1 on Router A.

[RouterA-HundredGigE1/0/1] display vrrp verbose

IPv4 virtual router information:

 Running mode      : Standard

Total number of virtual routers : 1

   Interface HundredGigE1/0/1

     VRID             : 1               Adver timer  : 500 centiseconds

     Admin status     : Up              State        : Backup

     Config pri       : 110             Running pri  : 80

     Preempt mode     : Yes             Delay time   : 5000 centiseconds

     Become Master    : 2200 milliseconds left

     Auth type        : Simple          Key          : ******

     Virtual IP       : 10.1.1.10

     Master IP        : 10.1.1.2

     Backup ARP       : Disabled

   VRRP track information:

     Track object   : 1              State : Negative          Pri reduced : 30

# Display detailed information about VRRP group 1 on Router B when a fault is on the link between Router A and Router C.

[RouterB-HundredGigE1/0/1] display vrrp verbose

IPv4 virtual router information:

 Running mode      : Standard

Total number of virtual routers : 1

   Interface HundredGigE1/0/1

     VRID             : 1               Adver timer  : 500 centiseconds

     Admin status     : Up              State        : Master

     Config pri       : 100             Running pri  : 100

     Preempt mode     : Yes             Delay time   : 5000 centiseconds

     Auth type        : Simple          Key          : ******

     Virtual IP       : 10.1.1.10

     Virtual MAC      : 0000-5e00-0101

     Master IP        : 10.1.1.2

     Backup ARP       : Disabled

The output shows that Router A becomes the backup, and Router B becomes the master. Router B forwards packets from Host A to Host B.

Example: Configuring BFD for a VRRP backup to monitor the master

Network configuration

As shown in Figure 3:

·     Router A and Router B belong to VRRP group 1. The virtual IP address of VRRP group 1 is 192.168.0.10.

·     The default gateway of the hosts in the LAN is 192.168.0.10.

Configure VRRP-Track-BFD collaboration to monitor the master on the backup and meet the following requirements:

·     When Router A operates correctly, the hosts in the LAN access the Internet through Router A.

·     When Router A fails, the backup (Router B) can detect the state change of the master through BFD and become the new master. The hosts in the LAN access the Internet through Router B.

Figure 3 Network diagram

Procedure

IMPORTANT

IMPORTANT:

By default, interfaces on the device are disabled (in ADM or Administratively Down state). To have an interface operate, you must use the undo shutdown command to enable that interface.

1.     Configure Router A:

# Create VRRP group 1, and configure virtual IP address 192.168.0.10 for the group.

<RouterA> system-view

[RouterA] interface hundredgige 1/0/1

[RouterA-HundredGigE1/0/1] vrrp vrid 1 virtual-ip 192.168.0.10

# Set the priority of Router A to 110 in VRRP group 1.

[RouterA-HundredGigE1/0/1] vrrp vrid 1 priority 110

[RouterA-HundredGigE1/0/1] return

2.     Configure Router B:

# Specify 10.10.10.10 as the source address of BFD echo packets.

<RouterB> system-view

[RouterB] bfd echo-source-ip 10.10.10.10

# Create track entry 1, and associate it with the BFD session to verify the reachability of Router A.

[RouterB] track 1 bfd echo interface hundredgige 1/0/1 remote ip 192.168.0.101 local ip 192.168.0.102

# Create VRRP group 1, and configure virtual IP address 192.168.0.10 for the group.

[RouterB] interface hundredgige 1/0/1

[RouterB-HundredGigE1/0/1] vrrp vrid 1 virtual-ip 192.168.0.10

# Configure VRRP group 1 to monitor the status of track entry 1.

[RouterB-HundredGigE1/0/1] vrrp vrid 1 track 1 switchover

[RouterB-HundredGigE1/0/1] return

Verifying the configuration

# Display detailed information about VRRP group 1 on Router A.

<RouterA> display vrrp verbose

IPv4 virtual router information:

 Running mode      : Standard

 Total number of virtual routers : 1

   Interface HundredGigE1/0/1

     VRID             : 1               Adver timer  : 100 centiseconds

     Admin status     : Up              State        : Master

     Config pri       : 110             Running pri  : 110

     Preempt mode     : Yes             Delay time   : 0 centiseconds

     Auth type        : None

     Virtual IP       : 192.168.0.10

     Virtual MAC      : 0000-5e00-0101

     Master IP        : 192.168.0.101

     Backup ARP       : Disabled

# Display detailed information about VRRP group 1 on Router B.

<RouterB> display vrrp verbose

IPv4 virtual router information:

 Running mode      : Standard

   Interface HundredGigE1/0/1

     VRID             : 1               Adver timer  : 100 centiseconds

     Admin status     : Up              State        : Backup

     Config pri       : 100             Running pri  : 100

     Preempt mode     : Yes             Delay time   : 0 centiseconds

     Become master    : 2200 milliseconds left

     Auth type        : None

     Virtual IP       : 192.168.0.10

     Master IP        : 192.168.0.101

     Backup ARP       : Disabled

   VRRP track information:

     Track object   : 1              State : Positive          Switchover

# Display information about track entry 1 on Router B.

<RouterB> display track 1

Track ID: 1

  State: Positive

  Duration: 0 days 0 hours 0 minutes 32 seconds

  Notification delay: Positive 0, Negative 0 (in seconds)

  Tracked object:

    BFD session mode: Echo

    Outgoing Interface: HundredGigE1/0/1

    VPN instance name: --

    Remote IP: 192.168.0.101

    Local IP: 192.168.0.102

The output shows that when the status of the track entry becomes Positive, Router A is the master, and Router B the backup.

# Enable VRRP state debugging and BFD event notification debugging on Router B.

<RouterB> terminal debugging

<RouterB> terminal monitor

<RouterB> debugging vrrp fsm

<RouterB> debugging bfd ntfy

# When Router A fails, the following output is displayed on Router B.

*Dec 17 14:44:34:142 2019 RouterB BFD/7/DEBUG: Notify application:TRACK State:DOWN

*Dec 17 14:44:34:144 2019 RouterB VRRP4/7/FSM

 IPv4 HundredGigE1/0/1 | Virtual Router 1 : Backup --> Master   reason: The status of the tracked object changed

# Display detailed information about the VRRP group on Router B.

<RouterB> display vrrp verbose

IPv4 virtual router information:

 Running mode      : Standard

 Total number of virtual routers : 1

   Interface HundredGigE1/0/1

     VRID             : 1               Adver timer  : 100 centiseconds

     Admin status     : Up              State        : Master

     Config pri       : 100             Running pri  : 100

     Preempt mode     : Yes             Delay time   : 0 centiseconds

     Auth type        : None

     Virtual IP       : 192.168.0.10

     Virtual MAC      : 0000-5e00-0101

     Master IP        : 192.168.0.102

     Backup ARP       : Disabled

   VRRP track information:

     Track object   : 1              State : Negative          Switchover

The output shows that when BFD detects that Router A fails, the Track module notifies VRRP to change the status of Router B to master. The backup can quickly preempt as the master without waiting for a period three times the advertisement interval plus the Skew_Time.

Example: Configuring BFD for the VRRP master to monitor the uplink

Network configuration

As shown in Figure 4:

·     Router A and Router B belong to VRRP group 1. The virtual IP address of VRRP group 1 is 192.168.0.10.

·     The default gateway of the hosts in the LAN is 192.168.0.10.

Configure VRRP-Track-BFD collaboration to monitor the uplink on the master and meet the following requirements:

·     When Router A operates correctly, hosts in the LAN access the Internet through Router A.

·     When Router A detects that the uplink is down through BFD, Router B can preempt as the master. The hosts in the LAN can access the Internet through Router B.

Figure 4 Network diagram

Procedure

IMPORTANT

IMPORTANT:

By default, interfaces on the device are disabled (in ADM or Administratively Down state). To have an interface operate, you must use the undo shutdown command to enable that interface.

1.     Configure Router A:

# Specify 10.10.10.10 as the source address of BFD echo packets.

<RouterA> system-view

[RouterA] bfd echo-source-ip 10.10.10.10

# Create track entry 1 for the BFD session on Router A to verify the reachability of the uplink device (1.1.1.2).

[RouterA] track 1 bfd echo interface hundredgige 1/0/1 remote ip 1.1.1.2 local ip 1.1.1.1

# Create VRRP group 1, and specify 192.168.0.10 as the virtual IP address of the group.

[RouterA] interface hundredgige 1/0/2

[RouterA-HundredGigE1/0/2] vrrp vrid 1 virtual-ip 192.168.0.10

# Set the priority of Router A to 110 in VRRP group 1.

[RouterA-HundredGigE1/0/2] vrrp vrid 1 priority 110

# Associate VRRP group 1 with track entry 1 and decrease the router priority by 20 when the state of track entry 1 changes to negative.

[RouterA-HundredGigE1/0/2] vrrp vrid 1 track 1 priority reduced 20

[RouterA-HundredGigE1/0/2] return

2.     On Router B, create VRRP group 1, and specify 192.168.0.10 as the virtual IP address of the group.

<RouterB> system-view

[RouterB] interface hundredgige 1/0/2

[RouterB-HundredGigE1/0/2] vrrp vrid 1 virtual-ip 192.168.0.10

[RouterB-HundredGigE1/0/2] return

Verifying the configuration

# Display detailed information about the VRRP group on Router A.

<RouterA> display vrrp verbose

IPv4 virtual router information:

 Running mode      : Standard

 Total number of virtual routers : 1

   Interface HundredGigE1/0/2

     VRID             : 1               Adver timer  : 100 centiseconds

     Admin status     : Up              State        : Master

     Config pri       : 110             Running pri  : 110

     Preempt mode     : Yes             Delay time   : 0 centiseconds

     Auth type        : None

     Virtual IP       : 192.168.0.10

     Virtual MAC      : 0000-5e00-0101

     Master IP        : 192.168.0.101

     Backup ARP       : Disabled

   VRRP track information:

     Track object   : 1              State : Positive          Pri reduced : 20

# Display information about track entry 1 on Router A.

<RouterA> display track 1

Track ID: 1

  State: Positive

  Duration: 0 days 0 hours 0 minutes 32 seconds

  Notification delay: Positive 0, Negative 0 (in seconds)

  Tracked object:

    BFD session mode: Echo

    Outgoing interface: HundredGigE1/0/1

    VPN instance name: --

    Remote IP: 1.1.1.2

    Local IP: 1.1.1.1

# Display detailed information about the VRRP group on Router B.

<RouterB> display vrrp verbose

IPv4 virtual router information:

 Running mode      : Standard

 Total number of virtual routers : 1

   Interface HundredGigE1/0/2

     VRID             : 1               Adver timer  : 100 centiseconds

     Admin status     : Up              State        : Backup

     Config pri       : 100             Running pri  : 100

     Preempt mode     : Yes             Delay time   : 0 centiseconds

     Become master    : 2200 milliseconds left

     Auth type        : None

     Virtual IP       : 192.168.0.10

     Master IP        : 192.168.0.101

     Backup ARP       : Disabled

The output shows that when the status of track entry 1 becomes Positive, Router A is the master and Router B the backup.

# Display information about track entry 1 when the uplink of Router A goes down.

<RouterA> display track 1

Track ID: 1

  State: Negative

  Duration: 0 days 0 hours 0 minutes 32 seconds

  Notification delay: Positive 0, Negative 0 (in seconds)

  Tracked object:

    BFD session mode: Echo

    Outgoing interface: HundredGigE1/0/1

    VPN instance name: --

    Remote IP: 1.1.1.2

    Local IP: 1.1.1.1

# Display detailed information about the VRRP group on Router A.

<RouterA> display vrrp verbose

IPv4 virtual router information:

 Running mode      : Standard

 Total number of virtual routers : 1

   Interface HundredGigE1/0/2

     VRID             : 1               Adver timer  : 100 centiseconds

     Admin status     : Up              State        : Backup

     Config pri       : 110             Running pri  : 90

     Preempt mode     : Yes             Delay time   : 0 centiseconds

     Become Master    : 2200 milliseconds left

     Auth type        : None

     Virtual IP       : 192.168.0.10

     Master IP        : 192.168.0.102

     Backup ARP       : Disabled

   VRRP track information:

     Track object   : 1              State : Negative          Pri reduced : 20

# Display detailed information about VRRP group 1 on Router B.

<RouterB> display vrrp verbose

IPv4 virtual router information:

 Running mode      : Standard

 Total number of virtual routers : 1

   Interface HundredGigE1/0/2

     VRID             : 1               Adver timer  : 100 centiseconds

     Admin status     : Up              State        : Master

     Config pri       : 100             Running pri  : 100

     Preempt mode     : Yes             Delay time   : 0 centiseconds

     Auth type        : None

     Virtual IP       : 192.168.0.10

     Virtual MAC      : 0000-5e00-0101

     Master IP        : 192.168.0.102

     Backup ARP       : Disabled

The output shows that when Router A detects that the uplink fails through BFD, it decreases its priority by 20. Router B then preempts as the master.

Example: Configuring static routing-Track-NQA collaboration

Network configuration

As shown in Figure 5:

·     Router A is the default gateway of the hosts in network 20.1.1.0/24.

·     Router D is the default gateway of the hosts in network 30.1.1.0/24.

·     Hosts in the two networks communicate with each other through static routes.

To ensure network availability, configure route backup and static routing-Track-NQA collaboration on Router A and Router D as follows:

·     On Router A, assign a higher priority to the static route to 30.1.1.0/24 with next hop Router B. This route is the master route. The static route to 30.1.1.0/24 with the next hop Router C acts as the backup route. When the master route is unavailable, the backup route takes effect.

·     On Router D, assign a higher priority to the static route to 20.1.1.0/24 with next hop Router B. This route is the master route. The static route to 20.1.1.0/24 with next hop Router C acts as the backup route. When the master route is unavailable, the backup route takes effect.

Figure 5 Network diagram

Procedure

IMPORTANT

IMPORTANT:

By default, interfaces on the device are disabled (in ADM or Administratively Down state). To have an interface operate, you must use the undo shutdown command to enable that interface.

1.     Configure the IP address of each interface, as shown in Figure 5. (Details not shown.)

2.     Configure Router A:

# Configure a static route to 30.1.1.0/24 with next hop 10.1.1.2 and the default priority (60). Associate this static route with track entry 1.

<RouterA> system-view

[RouterA] ip route-static 30.1.1.0 24 10.1.1.2 track 1

# Configure a static route to 30.1.1.0/24 with next hop 10.3.1.3 and priority 80.

[RouterA] ip route-static 30.1.1.0 24 10.3.1.3 preference 80

# Configure a static route to 10.2.1.4 with next hop 10.1.1.2.

[RouterA] ip route-static 10.2.1.4 24 10.1.1.2

# Create an NQA operation with administrator name admin and operation tag test.

[RouterA] nqa entry admin test

# Specify the ICMP echo operation type.

[RouterA-nqa-admin-test] type icmp-echo

# Specify 10.2.1.4 as the destination address of the operation.

[RouterA-nqa-admin-test-icmp-echo] destination ip 10.2.1.4

# Specify 10.1.1.2 as the next hop of the operation.

[RouterA-nqa-admin-test-icmp-echo] next-hop ip 10.1.1.2

# Configure the ICMP echo operation to repeat every 100 milliseconds.

[RouterA-nqa-admin-test-icmp-echo] frequency 100

# Configure reaction entry 1, specifying that five consecutive probe failures trigger the Track module.

[RouterA-nqa-admin-test-icmp-echo] reaction 1 checked-element probe-fail threshold-type consecutive 5 action-type trigger-only

[RouterA-nqa-admin-test-icmp-echo] quit

# Start the NQA operation.

[RouterA] nqa schedule admin test start-time now lifetime forever

# Configure track entry 1, and associate it with reaction entry 1 of the NQA operation.

[RouterA] track 1 nqa entry admin test reaction 1

3.     Configure Router B:

# Configure a static route to 30.1.1.0/24 with next hop 10.2.1.4.

<RouterB> system-view

[RouterB] ip route-static 30.1.1.0 24 10.2.1.4

# Configure a static route to 20.1.1.0/24 with next hop 10.1.1.1.

[RouterB] ip route-static 20.1.1.0 24 10.1.1.1

4.     Configure Router C:

# Configure a static route to 30.1.1.0/24 with next hop 10.4.1.4.

<RouterC> system-view

[RouterC] ip route-static 30.1.1.0 24 10.4.1.4

# Configure a static route to 20.1.1.0/24 with next hop 10.3.1.1.

[RouterC] ip route-static 20.1.1.0 24 10.3.1.1

5.     Configure Router D:

# Configure a static route to 20.1.1.0/24 with next hop 10.2.1.2 and the default priority (60). Associate this static route with track entry 1.

<RouterD> system-view

[RouterD] ip route-static 20.1.1.0 24 10.2.1.2 track 1

# Configure a static route to 20.1.1.0/24 with next hop 10.4.1.3 and default priority 80.

[RouterD] ip route-static 20.1.1.0 24 10.4.1.3 preference 80

# Configure a static route to 10.1.1.1 with next hop 10.2.1.2.

[RouterD] ip route-static 10.1.1.1 24 10.2.1.2

# Create an NQA operation with administrator name admin and operation tag test.

[RouterD] nqa entry admin test

# Specify the ICMP echo operation type.

[RouterD-nqa-admin-test] type icmp-echo

# Specify 10.1.1.1 as the destination address of the operation.

[RouterD-nqa-admin-test-icmp-echo] destination ip 10.1.1.1

# Specify 10.2.1.2 as the next hop of the operation.

[RouterD-nqa-admin-test-icmp-echo] next-hop ip 10.2.1.2

# Configure the ICMP echo operation to repeat every 100 milliseconds.

[RouterD-nqa-admin-test-icmp-echo] frequency 100

# Configure reaction entry 1, specifying that five consecutive probe failures trigger the Track module.

[RouterD-nqa-admin-test-icmp-echo] reaction 1 checked-element probe-fail threshold-type consecutive 5 action-type trigger-only

[RouterD-nqa-admin-test-icmp-echo] quit

# Start the NQA operation.

[RouterD] nqa schedule admin test start-time now lifetime forever

# Configure track entry 1, and associate it with reaction entry 1 of the NQA operation.

[RouterD] track 1 nqa entry admin test reaction 1

Verifying the configuration

# Display information about the track entry on Router A.

[RouterA] display track all

Track ID: 1

  State: Positive

  Duration: 0 days 0 hours 0 minutes 32 seconds

  Notification delay: Positive 0, Negative 0 (in seconds)

  Tracked object:

    NQA entry: admin test

    Reaction: 1

    Remote IP/URL: 10.2.1.4

    Local IP:--

    Interface:--

The output shows that the status of the track entry is Positive, indicating that the NQA operation has succeeded and the master route is available.

# Display the routing table of Router A.

[RouterA] display ip routing-table

 

Destinations : 10       Routes : 10

 

Destination/Mask    Proto  Pre  Cost         NextHop         Interface

10.1.1.0/24         Direct 0    0            10.1.1.1        HGE1/0/1

10.1.1.1/32         Direct 0    0            127.0.0.1       InLoop0

10.2.1.0/24         Static 60   0            10.1.1.2        HGE1/0/1

10.3.1.0/24         Direct 0    0            10.3.1.1        HGE1/0/2

10.3.1.1/32         Direct 0    0            127.0.0.1       InLoop0

20.1.1.0/24         Direct 0    0            20.1.1.1        HGE1/0/3

20.1.1.1/32         Direct 0    0            127.0.0.1       InLoop0

30.1.1.0/24         Static 60   0            10.1.1.2        HGE1/0/1

127.0.0.0/8         Direct 0    0            127.0.0.1       InLoop0

127.0.0.1/32        Direct 0    0            127.0.0.1       InLoop0

The output shows that Router A forwards packets to 30.1.1.0/24 through Router B.

# Remove the IP address of HundredGigE 1/0/1 on Router B.

<RouterB> system-view

[RouterB] interface hundredgige 1/0/1

[RouterB-HundredGigE1/0/1] undo ip address

# Display information about the track entry on Router A.

[RouterA] display track all

Track ID: 1

  State: Negative

  Duration: 0 days 0 hours 0 minutes 32 seconds

  Notification delay: Positive 0, Negative 0 (in seconds)

  Tracked object:

    NQA entry: admin test

    Reaction: 1

    Remote IP/URL: 10.2.1.4

    Local IP:--

    Interface:--

The output shows that the status of the track entry is Negative, indicating that the NQA operation has failed and the master route is unavailable.

# Display the routing table of Router A.

[RouterA] display ip routing-table

 

Destinations : 10       Routes : 10

 

Destination/Mask    Proto  Pre  Cost         NextHop         Interface

10.1.1.0/24         Direct 0    0            10.1.1.1        HGE1/0/1

10.1.1.1/32         Direct 0    0            127.0.0.1       InLoop0

10.2.1.0/24         Static 60   0            10.1.1.2        HGE1/0/1

10.3.1.0/24         Direct 0    0            10.3.1.1        HGE1/0/2

10.3.1.1/32         Direct 0    0            127.0.0.1       InLoop0

20.1.1.0/24         Direct 0    0            20.1.1.1        HGE1/0/3

20.1.1.1/32         Direct 0    0            127.0.0.1       InLoop0

30.1.1.0/24         Static 80   0            10.3.1.3        HGE1/0/2

127.0.0.0/8         Direct 0    0            127.0.0.1       InLoop0

127.0.0.1/32        Direct 0    0            127.0.0.1       InLoop0

The output shows that Router A forwards packets to 30.1.1.0/24 through Router C. The backup static route has taken effect.

# Verify that hosts in 20.1.1.0/24 can communicate with the hosts in 30.1.1.0/24 when the master route fails.

[RouterA] ping -a 20.1.1.1 30.1.1.1

Ping 30.1.1.1: 56  data bytes, press CTRL_C to break

Reply from 30.1.1.1: bytes=56 Sequence=1 ttl=254 time=2 ms

Reply from 30.1.1.1: bytes=56 Sequence=2 ttl=254 time=1 ms

Reply from 30.1.1.1: bytes=56 Sequence=3 ttl=254 time=1 ms

Reply from 30.1.1.1: bytes=56 Sequence=4 ttl=254 time=2 ms

Reply from 30.1.1.1: bytes=56 Sequence=5 ttl=254 time=1 ms

--- Ping statistics for 30.1.1.1 ---

5 packet(s) transmitted, 5 packet(s) received, 0.00% packet loss

round-trip min/avg/max/std-dev = 1/1/2/1 ms

# Verify that the hosts in 30.1.1.0/24 can communicate with the hosts in 20.1.1.0/24 when the master route fails.

[RouterD] ping -a 30.1.1.1 20.1.1.1

Ping 20.1.1.1: 56  data bytes, press CTRL_C to break

Reply from 20.1.1.1: bytes=56 Sequence=1 ttl=254 time=2 ms

Reply from 20.1.1.1: bytes=56 Sequence=2 ttl=254 time=1 ms

Reply from 20.1.1.1: bytes=56 Sequence=3 ttl=254 time=1 ms

Reply from 20.1.1.1: bytes=56 Sequence=4 ttl=254 time=1 ms

Reply from 20.1.1.1: bytes=56 Sequence=5 ttl=254 time=1 ms

 

--- Ping statistics for 20.1.1.1 ---

5 packet(s) transmitted, 5 packet(s) received, 0.00% packet loss

round-trip min/avg/max/std-dev = 1/1/2/1 ms

Example: Configuring static routing-Track-BFD collaboration

Network configuration

As shown in Figure 6:

·     Router A is the default gateway of the hosts in network 20.1.1.0/24.

·     Router B is the default gateway of the hosts in network 30.1.1.0/24.

·     Hosts in the two networks communicate with each other through static routes.

To ensure network availability, configure route backup and static routing-Track-BFD collaboration on Router A and Router B as follows:

·     On Router A, assign a higher priority to the static route to 30.1.1.0/24 with next hop Router B. This route is the master route. The static route to 30.1.1.0/24 with next hop Router C acts as the backup route. When the master route is unavailable, BFD can quickly detect the route failure to make the backup route take effect.

·     On Router B, assign a higher priority to the static route to 20.1.1.0/24 with next hop Router A. This route is the master route. The static route to 20.1.1.0/24 with next hop Router C acts as the backup route. When the master route is unavailable, BFD can quickly detect the route failure to make the backup route take effect.

Figure 6 Network diagram

Procedure

IMPORTANT

IMPORTANT:

By default, interfaces on the device are disabled (in ADM or Administratively Down state). To have an interface operate, you must use the undo shutdown command to enable that interface.

1.     Configure the IP address of each interface, as shown in Figure 6. (Details not shown.)

2.     Configure Router A:

# Configure a static route to 30.1.1.0/24 with next hop 10.2.1.2 and the default priority (60). Associate this static route with track entry 1.

<RouterA> system-view

[RouterA] ip route-static 30.1.1.0 24 10.2.1.2 track 1

# Configure a static route to 30.1.1.0/24 with next hop 10.3.1.3 and priority 80.

[RouterA] ip route-static 30.1.1.0 24 10.3.1.3 preference 80

# Specify 10.10.10.10 as the source address of BFD echo packets.

[RouterA] bfd echo-source-ip 10.10.10.10

# Configure track entry 1, and associate it with the BFD session to verify the connectivity between Router A and Router B.

[RouterA] track 1 bfd echo interface hundredgige 1/0/1 remote ip 10.2.1.2 local ip 10.2.1.1

3.     Configure Router B:

# Configure a static route to 20.1.1.0/24 with next hop 10.2.1.1 and default priority (60). Associate this static route with track entry 1.

<RouterB> system-view

[RouterB] ip route-static 20.1.1.0 24 10.2.1.1 track 1

# Configure a static route to 20.1.1.0/24 with next hop 10.4.1.3 and the priority 80.

[RouterB] ip route-static 20.1.1.0 24 10.4.1.3 preference 80

# Specify 1.1.1.1 as the source address of BFD echo packets.

[RouterB] bfd echo-source-ip 1.1.1.1

# Configure track entry 1, and associate it with the BFD session to verify the connectivity between Router B and Router A.

[RouterB] track 1 bfd echo interface hundredgige 1/0/1 remote ip 10.2.1.1 local ip 10.2.1.2

4.     Configure Router C:

# Configure a static route to 30.1.1.0/24 with next hop 10.4.1.2.

<RouterC> system-view

[RouterC] ip route-static 30.1.1.0 24 10.4.1.2

# Configure a static route to 20.1.1.0/24 with next hop 10.3.1.1.

[RouterB] ip route-static 20.1.1.0 24 10.3.1.1

Verifying the configuration

# Display information about the track entry on Router A.

[RouterA] display track all

Track ID: 1

  State: Positive

  Duration: 0 days 0 hours 0 minutes 32 seconds

  Notification delay: Positive 0, Negative 0 (in seconds)

  Tracked object:

    BFD session mode: Echo

    Outgoing interface: HundredGigE1/0/1

    VPN instance name: --

    Remote IP: 10.2.1.2

    Local IP: 10.2.1.1

The output shows that the status of the track entry is Positive, indicating that next hop 10.2.1.2 is reachable.

# Display the routing table of Router A.

[RouterA] display ip routing-table

 

Destinations : 9        Routes : 9

 

Destination/Mask    Proto  Pre  Cost         NextHop         Interface

10.2.1.0/24         Direct 0    0            10.2.1.1        HGE1/0/1

10.2.1.1/32         Direct 0    0            127.0.0.1       InLoop0

10.3.1.0/24         Direct 0    0            10.3.1.1        HGE1/0/2

10.3.1.1/32         Direct 0    0            127.0.0.1       InLoop0

20.1.1.0/24         Direct 0    0            20.1.1.1        HGE1/0/3

20.1.1.1/32         Direct 0    0            127.0.0.1       InLoop0

30.1.1.0/24         Static 60   0            10.2.1.2        HGE1/0/1

127.0.0.0/8         Direct 0    0            127.0.0.1       InLoop0

127.0.0.1/32        Direct 0    0            127.0.0.1       InLoop0

The output shows that Router A forwards packets to 30.1.1.0/24 through Router B. The master static route has taken effect.

# Remove the IP address of HundredGigE 1/0/1 on Router B.

<RouterB> system-view

[RouterB] interface hundredgige 1/0/1

[RouterB-HundredGigE1/0/1] undo ip address

# Display information about the track entry on Router A.

[RouterA] display track all

Track ID: 1

  State: Negative

  Duration: 0 days 0 hours 0 minutes 32 seconds

  Notification delay: Positive 0, Negative 0 (in seconds)

  Tracked object:

    BFD session mode: Echo

    Outgoing interface: HundredGigE1/0/1

    VPN instance name: --

    Remote IP: 10.2.1.2

    Local IP: 10.2.1.1

The output shows that the status of the track entry is Negative, indicating that next hop 10.2.1.2 is unreachable.

# Display the routing table of Router A.

[RouterA] display ip routing-table

 

Destinations : 9        Routes : 9

 

Destination/Mask    Proto  Pre  Cost         NextHop         Interface

10.2.1.0/24         Direct 0    0            10.2.1.1        HGE1/0/1

10.2.1.1/32         Direct 0    0            127.0.0.1       InLoop0

10.3.1.0/24         Direct 0    0            10.3.1.1        HGE1/0/2

10.3.1.1/32         Direct 0    0            127.0.0.1       InLoop0

20.1.1.0/24         Direct 0    0            20.1.1.1        HGE1/0/3

20.1.1.1/32         Direct 0    0            127.0.0.1       InLoop0

30.1.1.0/24         Static 80   0            10.3.1.3        HGE1/0/2

127.0.0.0/8         Direct 0    0            127.0.0.1       InLoop0

127.0.0.1/32        Direct 0    0            127.0.0.1       InLoop0

The output shows that Router A forwards packets to 30.1.1.0/24 through Router C. The backup static route has taken effect.

# Verify that the hosts in 20.1.1.0/24 can communicate with the hosts in 30.1.1.0/24 when the master route fails.

[RouterA] ping -a 20.1.1.1 30.1.1.1

Ping 30.1.1.1: 56  data bytes, press CTRL_C to break

Reply from 30.1.1.1: bytes=56 Sequence=1 ttl=254 time=2 ms

Reply from 30.1.1.1: bytes=56 Sequence=2 ttl=254 time=1 ms

Reply from 30.1.1.1: bytes=56 Sequence=3 ttl=254 time=1 ms

Reply from 30.1.1.1: bytes=56 Sequence=4 ttl=254 time=2 ms

Reply from 30.1.1.1: bytes=56 Sequence=5 ttl=254 time=1 ms

 

--- Ping statistics for 30.1.1.1 ---

5 packet(s) transmitted, 5 packet(s) received, 0.00% packet loss

round-trip min/avg/max/std-dev = 1/1/2/1 ms

# Verify that the hosts in 30.1.1.0/24 can communicate with the hosts in 20.1.1.0/24 when the master route fails.

[RouterB] ping -a 30.1.1.1 20.1.1.1

Ping 20.1.1.1: 56  data bytes, press CTRL_C to break

Reply from 20.1.1.1: bytes=56 Sequence=1 ttl=254 time=2 ms

Reply from 20.1.1.1: bytes=56 Sequence=2 ttl=254 time=1 ms

Reply from 20.1.1.1: bytes=56 Sequence=3 ttl=254 time=1 ms

Reply from 20.1.1.1: bytes=56 Sequence=4 ttl=254 time=1 ms

Reply from 20.1.1.1: bytes=56 Sequence=5 ttl=254 time=1 ms

 

--- Ping statistics for 20.1.1.1 ---

5 packet(s) transmitted, 5 packet(s) received, 0.00% packet loss

round-trip min/avg/max/std-dev = 1/1/2/1 ms

Example: Configuring VRRP-Track-interface management collaboration

Network configuration

As shown in Figure 7:

·     Host A requires access to Host B. The default gateway of Host A is 10.1.1.10/24.

·     Router A and Router B belong to VRRP group 1. The virtual IP address of VRRP group 1 is 10.1.1.10.

Configure VRRP-Track-interface management collaboration to monitor the uplink interface on the master and meet the following requirements:

·     When Router A operates correctly, Router A forwards packets from Host A to Host B.

·     When VRRP detects a fault on the uplink interface of Router A through the interface management module, Router B forwards packets from Host A to Host B.

Figure 7 Network diagram

Procedure

IMPORTANT

IMPORTANT:

By default, interfaces on the device are disabled (in ADM or Administratively Down state). To have an interface operate, you must use the undo shutdown command to enable that interface.

1.     Configure the IP address of each interface, as shown in Figure 7. (Details not shown.)

2.     Configure Router A:

# Configure track entry 1, and associate it with the link status of the uplink interface HundredGigE 1/0/2.

[RouterA] track 1 interface hundredgige 1/0/2

# Create VRRP group 1, and configure virtual IP address 10.1.1.10 for the group.

[RouterA] interface hundredgige 1/0/1

[RouterA-HundredGigE1/0/1] vrrp vrid 1 virtual-ip 10.1.1.10

# Set the priority of Router A to 110 in VRRP group 1.

[RouterA-HundredGigE1/0/1] vrrp vrid 1 priority 110

# Associate VRRP group 1 with track entry 1 and decrease the router priority by 30 when the state of track entry 1 changes to negative.

[RouterA-HundredGigE1/0/1] vrrp vrid 1 track 1 priority reduced 30

3.     On Router B, create VRRP group 1, and configure virtual IP address 10.1.1.10 for the group.

<RouterB> system-view

[RouterB] interface hundredgige 1/0/1

[RouterB-HundredGigE1/0/1] vrrp vrid 1 virtual-ip 10.1.1.10

Verifying the configuration

# Ping Host B from Host A to verify that Host B is reachable. (Details not shown.)

# Display detailed information about VRRP group 1 on Router A.

[RouterA-HundredGigE1/0/1] display vrrp verbose

IPv4 virtual router information:

 Running mode      : Standard

 Total number of virtual routers : 1

   Interface HundredGigE1/0/1

     VRID             : 1               Adver timer  : 100 centiseconds

     Admin status     : Up              State        : Master

     Config pri       : 110             Running pri  : 110

     Preempt mode     : Yes             Delay time   : 0 centiseconds

     Auth type        : None

     Virtual IP       : 10.1.1.10

     Virtual MAC      : 0000-5e00-0101

     Master IP        : 10.1.1.1

     Backup ARP       : Disabled

   VRRP track information:

     Track object   : 1              State : Positive          Pri reduced : 30

# Display detailed information about VRRP group 1 on Router B.

[RouterB-HundredGigE1/0/1] display vrrp verbose

IPv4 virtual router information:

 Running mode      : Standard

 Total number of virtual routers : 1

   Interface HundredGigE1/0/1

     VRID             : 1               Adver timer  : 100 centiseconds

     Admin status     : Up              State        : Backup

     Config pri       : 100             Running pri  : 100

     Preempt mode     : Yes             Delay time   : 0 centiseconds

     Become master    : 2200 milliseconds left

     Auth type        : None

     Virtual IP       : 10.1.1.10

     Master IP        : 10.1.1.1

     Backup ARP       : Disabled

The output shows that in VRRP group 1, Router A is the master and Router B is a backup. Router A forwards packets from Host A to Host B.

# Shut down the uplink interface HundredGigE 1/0/2 on Router A.

[RouterA-HundredGigE1/0/1] interface hundredgige 1/0/2

[RouterA-HundredGigE1/0/2] shutdown

# Ping Host B from Host A to verify that Host B is reachable. (Details not shown.)

# Display detailed information about VRRP group 1 on Router A.

[RouterA-HundredGigE1/0/2] display vrrp verbose

IPv4 virtual router information:

 Running mode      : Standard

 Total number of virtual routers : 1

   Interface HundredGigE1/0/1

     VRID             : 1               Adver timer  : 100 centiseconds

     Admin status     : Up              State        : Backup

     Config pri       : 110             Running pri  : 80

     Preempt mode     : Yes             Delay time   : 0 centiseconds

     Become master    : 2200 milliseconds left

     Auth type        : None

     Virtual IP       : 10.1.1.10

     Master IP        : 10.1.1.2

     Backup ARP       : Disabled

   VRRP track information:

     Track object   : 1              State : Negative          Pri reduced : 30

# Display detailed information about VRRP group 1 on Router B.

[RouterB-HundredGigE1/0/1] display vrrp verbose

IPv4 virtual router information:

 Running mode      : Standard

 Total number of virtual routers : 1

   Interface HundredGigE1/0/1

     VRID             : 1               Adver timer  : 100 centiseconds

     Admin status     : Up              State        : Master

     Config pri       : 100             Running pri  : 100

     Preempt mode     : Yes             Delay time   : 0 centiseconds

     Auth type        : None

     Virtual IP       : 10.1.1.10

     Virtual MAC      : 0000-5e00-0101

     Master IP        : 10.1.1.2

     Backup ARP       : Disabled

The output shows that Router A becomes the backup, and Router B becomes the master. Router B forwards packets from Host A to Host B.

Example: Configuring VRRP-Track-route management collaboration

Network configuration

As shown in Figure 8:

·     Host A requires access to Host B. The default gateway of Host A is 10.1.1.10/24.

·     Router A and Router B belong to VRRP group 1. The virtual IP address of VRRP group 1 is 10.1.1.10.

·     BGP peer relationships are established between Router A and Router C and between Router B and Router D. Router C and Router D advertise the default route 0.0.0.0/0 to Router A and Router B.

Configure VRRP-Track-route management collaboration to meet the following requirements:

·     When Router A operates correctly, Router A forwards packets from Host A to Host B.

·     When VRRP detects the removal of the default route from the routing table of Router A through route management, Router B forwards packets from Host A to Host B.

Figure 8 Network diagram

Procedure

IMPORTANT

IMPORTANT:

By default, interfaces on the device are disabled (in ADM or Administratively Down state). To have an interface operate, you must use the undo shutdown command to enable that interface.

1.     Configure the IP address of each interface, as shown in Figure 8. (Details not shown.)

2.     Establish an IBGP peer relationship between Router A and Router C, and configure Router C to advertise the default route 0.0.0.0/0 to Router A.

<RouterA> system-view

[RouterA] bgp 100

[RouterA-bgp-default] peer 10.1.2.2 as-number 100

[RouterA-bgp-default] address-family ipv4

[RouterA-bgp-default-ipv4] peer 10.1.2.2 enable

<RouterC> system-view

[RouterC] bgp 100

[RouterC-bgp-default] peer 10.1.2.1 as-number 100

[RouterC-bgp-default] address-family ipv4

[RouterC-bgp-default-ipv4] peer 10.1.2.1 enable

[RouterC-bgp-default-ipv4] peer 10.1.2.1 default-route-advertise

[RouterC-bgp-default-ipv4] quit

3.     Configure Router B and Router D in the same way Router A and Router C are configured. (Details not shown.)

4.     Configure Track and VRRP on Router A:

# Configure track entry 1, and associate it with the default route 0.0.0.0/0.

[RouterA] track 1 ip route 0.0.0.0 0.0.0.0 reachability

# Create VRRP group 1, and configure virtual IP address 10.1.1.10 for the group.

[RouterA] interface hundredgige 1/0/1

[RouterA-HundredGigE1/0/1] vrrp vrid 1 virtual-ip 10.1.1.10

# Set the priority of Router A to 110 in VRRP group 1.

[RouterA-HundredGigE1/0/1] vrrp vrid 1 priority 110

# Associate VRRP group 1 with track entry 1 and decrease the router priority by 30 when the state of track entry 1 changes to negative.

[RouterA-HundredGigE1/0/1] vrrp vrid 1 track 1 priority reduced 30

[RouterA-HundredGigE1/0/1] quit

5.     On Router B, create VRRP group 1, and configure virtual IP address 10.1.1.10 for the group.

<RouterB> system-view

[RouterB] interface hundredgige 1/0/1

[RouterB-HundredGigE1/0/1] vrrp vrid 1 virtual-ip 10.1.1.10

[RouterB-HundredGigE1/0/1] quit

Verifying the configuration

# Ping Host B from Host A to verify that Host B is reachable. (Details not shown.)

# Display detailed information about VRRP group 1 on Router A.

[RouterA] display vrrp verbose

IPv4 virtual router information:

 Running mode       : Standard

 Total number of virtual routers : 1

   Interface HundredGigE1/0/1

     VRID             : 1               Adver timer  : 100 centiseconds

     Admin status     : Up              State        : Master

     Config pri       : 110             Running pri  : 110

     Preempt mode     : Yes             Delay time   : 0 centiseconds

     Auth type        : None

     Virtual IP       : 10.1.1.10

     Virtual MAC      : 0000-5e00-0101

     Master IP        : 10.1.1.1

     Backup ARP       : Disabled

   VRRP track information:

     Track object   : 1              State : Positive          Pri reduced : 30

# Display detailed information about VRRP group 1 on Router B.

[RouterB] display vrrp verbose

IPv4 virtual router information:

 Running mode       : Standard

 Total number of virtual routers : 1

   Interface HundredGigE1/0/1

     VRID             : 1               Adver timer  : 100 centiseconds

     Admin status     : Up              State        : Backup

     Config pri       : 100             Running pri  : 100

     Preempt mode     : Yes             Delay time   : 0 centiseconds

     Become master    : 2200 milliseconds left

     Auth type        : None

     Virtual IP       : 10.1.1.10

     Master IP        : 10.1.1.1

     Backup ARP       : Disabled

The output shows that in VRRP group 1, Router A is the master and Router B is a backup. Router A forwards packets from Host A to Host B.

# Disable Router C from exchanging routing information with Router A so that the default route 0.0.0.0/0 is removed from Router A.

[RouterC-bgp-default-ipv4] undo peer 10.1.2.1 enable

# Ping Host B from Host A to verify that Host B is reachable. (Details not shown.)

# Display detailed information about VRRP group 1 on Router A.

[RouterA] display vrrp verbose

IPv4 virtual router information:

 Running mode      : Standard

 Total number of virtual routers : 1

   Interface HundredGigE1/0/1

     VRID             : 1               Adver timer  : 100 centiseconds

     Admin status     : Up              State        : Backup

     Config pri       : 110             Running pri  : 80

     Preempt mode     : Yes             Delay time   : 0 centiseconds

     Become master    : 2200 milliseconds left

     Auth type        : None

     Virtual IP       : 10.1.1.10

     Master IP        : 10.1.1.2

     Backup ARP       : Disabled

   VRRP track information:

     Track object   : 1              State : Negative          Pri reduced : 30

# Display detailed information about VRRP group 1 on Router B.

[RouterB] display vrrp verbose

IPv4 virtual router information:

 Running mode      : Standard

 Total number of virtual routers : 1

   Interface HundredGigE1/0/1

     VRID             : 1               Adver timer  : 100 centiseconds

     Admin status     : Up              State        : Master

     Config pri       : 100             Running pri  : 100

     Preempt mode     : Yes             Delay time   : 0 centiseconds

     Auth type        : None

     Virtual IP       : 10.1.1.10

     Virtual MAC      : 0000-5e00-0101

     Master IP        : 10.1.1.2

     Backup ARP       : Disabled

The output shows that Router A becomes the backup, and Router B becomes the master. Router B forwards packets from Host A to Host B.

Example: Configuring direct route-Track-VRRP collaboration

Network configuration

As shown in Figure 9:

·     Host A requires access to Host B. The default gateway of Host A is 10.1.1.10/24.

·     Router A and Router B belong to VRRP group 1. The virtual IP address of VRRP group 1 is 10.1.1.10.

·     BGP peer relationships are established between Router A and Router C and between Router B and Router C. Router C can learn the direct routes to Router A and Router B.

Configure direct route-Track-VRRP collaboration so that traffic from Host A to Host B and from Host B to Host A are forwarded through the same router (the master router in the VRRP group).

Figure 9 Network diagram

Procedure

IMPORTANT

IMPORTANT:

By default, interfaces on the device are disabled (in ADM or Administratively Down state). To have an interface operate, you must use the undo shutdown command to enable that interface.

1.     Configure the IP address of each interface, as shown in Figure 9. (Details not shown.)

2.     Configure Router A:

# Create VRRP group 1 on HundredGigE 1/0/1 and set its virtual IP address to 10.1.1.10.

<RouterA> system-view

[RouterA] interface hundredgige 1/0/1

[RouterA-HundredGigE1/0/1] vrrp vrid 1 virtual-ip 10.1.1.10

# Set the priority of Router A to 110 in VRRP group 1.

[RouterA-HundredGigE1/0/1] vrrp vrid 1 priority 110

[RouterA-HundredGigE1/0/1] quit

# Create track entry 1 and associate it with VRRP group 1.

[RouterA] track 1 vrrp interface hundredgige 1/0/1 vrid 1

# On HundredGigE 1/0/1, associate the direct route with track entry 1 and apply the cost 200 to the direct route when the state of track entry 1 changes to Negative.

[RouterA] interface hundredgige 1/0/1

[RouterA-HundredGigE1/0/1] route-direct track 1 degrade-cost 200

[RouterA-HundredGigE1/0/1] quit

# Specify Router C as the BGP peer and set the AS number to 100.

[RouterA] bgp 100

[RouterA-bgp-default] peer 10.1.2.2 as-number 100

[RouterA-bgp-default] address-family ipv4 unicast

[RouterA-bgp-default-ipv4] peer 10.1.2.2 enable

# Configure BGP to redistribute direct routes on Router A.

[RouterA-bgp-default-ipv4] import-route direct

[RouterA-bgp-default-ipv4] quit

[RouterA-bgp-default] quit

3.     Configure Router B:

# Create VRRP group 1 on HundredGigE 1/0/1 and set its virtual IP address to 10.1.1.10.

<RouterB> system-view

[RouterB] interface hundredgige 1/0/1

[RouterB-HundredGigE1/0/1] vrrp vrid 1 virtual-ip 10.1.1.10

[RouterB-HundredGigE1/0/1] quit

# Create track entry 1 and associate it with VRRP group 1.

[RouterB] track 1 vrrp interface hundredgige 1/0/1 vrid 1

# On HundredGigE 1/0/1, associate the direct route with track entry 1 and apply the cost 200 to the direct route when the state of track entry 1 changes to Negative.

[RouterB] interface hundredgige 1/0/1

[RouterB-HundredGigE1/0/1] route-direct track 1 degrade-cost 200

[RouterB-HundredGigE1/0/1] quit

# Specify Router C as the BGP peer and set the AS number to 100.

[RouterB] bgp 100

[RouterB-bgp-default] peer 10.1.3.2 as-number 100

[RouterB-bgp-default] address-family ipv4 unicast

[RouterB-bgp-default-ipv4] peer 10.1.3.2 enable

# Configure BGP to redistribute direct routes on Router B.

[RouterB-bgp-default-ipv4] import-route direct

[RouterB-bgp-default-ipv4] quit

[RouterB-bgp-default] quit

4.     On Router C, specify Router A and Router B as BGP peers and set the AS number to 100.

[RouterC] bgp 100

[RouterC-bgp-default] peer 10.1.2.1 as-number 100

[RouterC-bgp-default] peer 10.1.3.1 as-number 100

[RouterC-bgp-default] address-family ipv4 unicast

[RouterC-bgp-default-ipv4] peer 10.1.2.1 enable

[RouterC-bgp-default-ipv4] peer 10.1.3.1 enable

[RouterC-bgp-default-ipv4] quit

[RouterC-bgp-default] quit

Verifying the configuration

# Display detailed information about VRRP group 1 on Router A.

[RouterA] display vrrp verbose

IPv4 virtual router information:

 Running mode      : Standard

 Total number of virtual routers : 1

   Interface HundredGigE1/0/1

     VRID             : 1               Adver timer  : 100 centiseconds

     Admin status     : Up              State        : Master

     Config pri       : 110             Running pri  : 110

     Preempt mode     : Yes             Delay time   : 0 centiseconds

     Auth type        : None

     Virtual IP       : 10.1.1.10

     Virtual MAC      : 0000-5e00-0101

     Master IP        : 10.1.1.1

     Backup ARP       : Disabled

# Display detailed information about VRRP group 1 on Router B.

[RouterB] display vrrp verbose

IPv4 virtual router information:

 Running mode      : Standard

 Total number of virtual routers : 1

   Interface HundredGigE1/0/1

     VRID             : 1               Adver timer  : 100 centiseconds

     Admin status     : Up              State        : Master

     Config pri       : 100             Running pri  : 100

     Preempt mode     : Yes             Delay time   : 0 centiseconds

     Auth type        : None

     Virtual IP       : 10.1.1.10

     Virtual MAC      : 0000-5e00-0101

     Master IP        : 10.1.1.2

     Backup ARP       : Disabled

# Display information about track entry 1 on Router A.

[RouterA] display track 1

Track ID: 1

  State: Positive

  Duration: 0 days 0 hours 0 minutes 32 seconds

  Tracked object type: VRRP

  Notification delay: Positive 0, Negative 0 (in seconds)

  Tracked object:

    Interface: HundredGigE1/0/1

    VRID: 1

# Display information about track entry 1 on Router B.

[RouterB] display track 1

Track ID: 1

  State: Negative

  Duration: 0 days 0 hours 0 minutes 32 seconds

  Tracked object type: VRRP

  Notification delay: Positive 0, Negative 0 (in seconds)

  Tracked object:

    Interface: HundredGigE1/0/1

    VRID: 1

The output shows that:

·     In VRRP group 1, Router A is the master and Router B is a backup.

·     Track entry 1 on Router A is in Positive state and track entry 1 on Router B is in Negative state.

# Display the BGP routing table on Router C.

[RouterC] display bgp routing-table ipv4

 Total number of routes: 6

 BGP local router ID is 192.168.56.4

 Status codes: * - valid, > - best, d - dampened, h - history

               s - suppressed, S - stale, i - internal, e - external

               a - additional-path

       Origin: i - IGP, e - EGP, ? - incomplete

 

     Network            NextHop         MED        LocPrf     PrefVal Path/Ogn

 

* >i 10.1.1.0/24        10.1.2.1        0          100        0       ?

*  i                    10.1.3.1        200        100        0       ?

* >i 10.1.2.0/24        10.1.2.1        0          100        0       ?

* >i 10.1.3.0/24        10.1.3.1        0          100        0       ?

* >i 192.168.56.0       10.1.2.1        0          100        0       ?

*  i                    10.1.3.1        0          100        0       ?

The output shows that:

·     The cost is 0 for the route to network 10.1.1.0/24 with Router A (the master in the VRRP group) as the next hop.

·     The cost is 200 for the route to network 10.1.1.0/24 with Router B (the backup in the VRRP group) as the next hop.

·     Traffic from Host B to Host A is forwarded through Router A.

 

  • Cloud & AI
  • InterConnect
  • Intelligent Computing
  • Security
  • SMB Products
  • Intelligent Terminal Products
  • Product Support Services
  • Technical Service Solutions
All Services
  • Resource Center
  • Policy
  • Online Help
All Support
  • Become a Partner
  • Partner Resources
  • Partner Business Management
All Partners
  • Profile
  • News & Events
  • Online Exhibition Center
  • Contact Us
All About Us
新华三官网