Login
- Table of Contents
-
- 13-Layer 3—IP Services Configuration Guide
- 00-Preface
- 01-IP addressing configuration
- 02-IP forwarding basics configuration
- 03-Fast forwarding configuration
- 04-ARP configuration
- 05-IPv6 basics configuration
- 06-IPv6 fast forwarding configuration
- 07-DHCP configuration
- 08-DHCPv6 configuration
- 09-DNS configuration
- 10-IP performance optimization configuration
- 11-Multi-CPU packet distribution configuration
- 12-Adjacency table configuration
- 13-Web caching configuration
- Related Documents
-
| Title | Size | Download |
|---|---|---|
| 02-IP forwarding basics configuration | 76.29 KB |
Contents
Configuring IP forwarding basic settings························································ 1
About FIB table······························································································································· 1
Enabling last hop holding················································································································ 1
Enabling last hop backup················································································································ 2
Display and maintenance commands for FIB table············································································ 3
Configuring load sharing··················································································· 4
About load sharing·························································································································· 4
Configuring load sharing mode········································································································ 4
Enabling local-first load sharing······································································································· 6
Configuring IP forwarding basic settings
About FIB table
A device uses the FIB table to make packet forwarding decisions.
A device selects optimal routes from the routing table, and puts them into the FIB table. Each FIB entry specifies the next hop IP address and output interface for packets destined for a specific subnet or host.
For more information about the routing table, see Layer 3—IP Routing Configuration Guide.
Use the display fib command to display the FIB table. The following example displays the entire FIB table.
<Sysname> display fib
Destination count: 4 FIB entry count: 4
Flag:
U:Useable G:Gateway H:Host B:Blackhole D:Dynamic S:Static
R:Relay F:FRR
Destination/Mask Nexthop Flag OutInterface/Token Label
10.2.0.0/16 10.2.1.1 U GE1/0/1 Null
10.2.1.1/32 127.0.0.1 UH InLoop0 Null
127.0.0.0/8 127.0.0.1 U InLoop0 Null
127.0.0.1/32 127.0.0.1 UH InLoop0 Null
A FIB entry includes the following items:
· Destination—Destination IP address.
· Mask—Network mask. The mask and the destination address identify the destination network. A logical AND operation between the destination address and the network mask yields the address of the destination network. For example, if the destination address is 192.168.1.40 and the mask 255.255.255.0, the address of the destination network is 192.168.1.0. A network mask includes a certain number of consecutive 1s. It can be expressed in dotted decimal format or by the number of the 1s.
· Nexthop—IP address of the next hop.
· Flag—Route flag.
· OutInterface—Output interface.
· Token—MPLS Label Switched Path index number.
· Label—Inner label.
Enabling last hop holding
About this task
Last hop holding implements symmetric routing.
When the interface enabled with this feature receives the first IP packet of a forward flow, this feature implements the following operations:
· Obtains the forward flow information and last hop information of the packet.
· Based on the obtained information, creates a fast forwarding entry for the return flow.
When packets of the return flow arrive at the device, the device forwards those packets according to the entry.
As is shown in Figure 1, when the external server sends a request to the internal server, the packet travels through ISP 1 to Interface A on the device. The last hop holding feature on the device ensures that the reply packet follows the same route as the request packet back to ISP 1. If last hop holding is disabled, the reply packet might be sent out of Interface B or Interface C to the external network.
Figure 1 Last hop holding application
Restrictions and guidelines
This feature relies on fast forwarding entries. If the MAC address of a last hop changes on an Ethernet link, this feature can function correctly only after the fast forwarding entry is updated for the MAC address.
In an IRF fabric, this feature is not supported for those packets that are forwarded between member devices.
This feature is not applicable to asymmetric-path traffic forwarding in an RBM-based hot backup system. For more information about RBM-based hot backup, see high availability group configuration in High Availability Configuration Guide.
On a device that supports deployment of multiple security service modules, this feature does not take effect on the external traffic destined for that device
Procedure
1. Enter system view.
system-view
2. Enter interface view.
interface interface-type { interface-number | interface-number.subnumber }
3. Enable last hop holding.
ip last-hop hold
By default, last hop holding is disabled.
Enabling last hop backup
About this task
This feature enables the system to transmit the forward flow and reverse flow between the local node and a peer node over the same path.
In an IRF fabric enabled with this feature, the IRF master device performs the following operations when receiving the first IP packet of a forward flow on an interface enabled with last hop holding:
1. Saves the last hop information of the packet.
2. Synchronizes the last hop information to subordinate devices in the IRF fabric.
The last hop information can be used for guiding the backward flow when the flow arrives at the master device or is forwarded through a subordinate device.
For this feature to take effect in an IRF fabric, you must also enable session synchronization by using the session synchronization enable command. For more information about the session synchronization enable command, see Security Command Reference.
This feature is also applicable to multi-module devices enabled with service backup. If this feature is enabled on such a device, a device module performs the following operations when receiving the first IP packet of a forward flow on an interface enabled with last hop holding:
1. Saves the last hop information of the packet.
2. Synchronizes the last hop information to other modules in the device.
The last hop information can be used for guiding the backward flow when the flow arrives at one of these modules.
For this feature to take effect on a multi-module device, you must also enable session flow redirection by using the session flow-redirect enable command. For more information about the session flow-redirect enable command, see Security Command Reference.
Procedure
1. Enter system view.
system-view
2. Enable last hop backup.
last-hop backup enable
By default, last hop backup is enabled.
Display and maintenance commands for FIB table
Execute display commands in any view.
|
Task |
Command |
|
Display FIB entries. |
display fib [ vpn-instance vpn-instance-name ] [ ip-address [ mask | mask-length ] ] |
Configuring load sharing
About load sharing
If a routing protocol finds multiple equal-cost best routes to the same destination, the device forwards packets over the equal-cost routes to implement load sharing.
Configuring load sharing mode
About this task
In the per-flow load sharing mode, the device forwards flows over equal-cost routes. Packets of one flow travel along the same routes. You can configure the device to identify a flow based on the following criteria: source IP address, destination IP address, source port number, destination port number, and IP protocol number.
In the per-packet load sharing mode, the device forwards packets over equal-cost routes.
Hardware and feature compatibility
|
F1000 series |
Models |
Command compatibility |
|
F1000-X-G5 series |
F1000-A-G5, F1000-C-G5, F1000-C-G5-LI, F1000-E-G5, F1000-H-G5, F1000-S-G5 |
Yes |
|
F1000-X-G3 series |
F1000-A-G3, F1000-C-G3, F1000-E-G3, F1000-S-G3 |
Yes |
|
F1000-X-G2 series |
F1000-A-G2, F1000-C-G2, F1000-E-G2, F1000-S-G2 |
Yes |
|
F1000-9X0-AI series |
F1000-9390-AI, F1000-9385-AI, F1000-9380-AI, F1000-9370-AI, F1000-9360-AI, F1000-9350-AI, F1000-990-AI, F1000-980-AI, F1000-970-AI, F1000-960-AI, F1000-950-AI, F1000-930-AI, F1000-920-AI, F1000-910-AI, F1000-905-AI |
Yes |
|
F1000-9330-AI, F1000-9320-AI |
No |
|
|
F1000-C83X0 series |
F1000-C8395, F1000-C8390, F1000-C8385, F1000-C8380, F1000-C8370, F1000-C8360, F1000-C8350 |
Yes |
|
F1000-C8330 |
No |
|
|
F1000-C81X0 series |
F1000-C8180, F1000-C8170, F1000-C8160, F1000-C8150, F1000-C8130, F1000-C8120, F1000-C8110 |
Yes |
|
F1000-7X0-HI series |
F1000-770-HI, F1000-750-HI, F1000-740-HI, F1000-720-HI, F1000-710-HI |
Yes |
|
F1000-730-HI |
No |
|
|
F1000-C-X series |
F1000-C-EI, F1000-C-HI, F1000-C-XI, F1000-E-XI |
Yes |
|
F1000-V series |
F1000-E-VG, F1000-S-VG |
Yes |
|
SecBlade IV series |
LSPM6FWD8, LSQM2FWDSC8 |
Yes |
|
F100 series |
Models |
Command compatibility |
|
F100-X-G5 series |
F100-A-G5 |
No |
|
F100-E-G5, F100-C-G5, F100-M-G5, F100-S-G5 |
Yes |
|
|
F100-X-G3 series |
F100-A-G3, F100-E-G3, F100-C-G3, F100-M-G3, F100-S-G3 |
Yes |
|
F100-X-G2 series |
F100-A-G2, F100-E-G2, F100-C-G2, F100-M-G2, F100-S-G2 |
Yes |
|
F100-WiNet series |
F100-A80-WiNet, F100-A91-WiNet, F100-C80-WiNet, F100-C60-WiNet, F100-C50-WiNet, F100-S80-WiNet |
Yes |
|
F100-A81-WiNet |
No |
|
|
F100-C-A series |
F100-C-A6, F100-C-A5, F100-C-A3, F100-C-A2, F100-C-A1, F100-C-A6-WL, F100-C-A5-W, F100-C-A3-W |
Yes |
|
F100-X-XI series |
F100-A-EI, F100-A-HI, F100-A-SI, F100-E-EI, F100-C-EI, F100-S-XI, F100-C-XI, F100-C-HI, F100-S-HI |
Yes |
Restrictions and guidelines
Per-packet load sharing does not take effect on packets that are fast forwarded. It takes effect only on those packets that are delivered to the CPU. For more information about configuring load balancing for fast forwarding, see fast forwarding configuration in Layer 3—IP Services Configuration Guide.
Procedure
1. Enter system view.
system-view
2. Configure load sharing.
ip load-sharing mode { per-flow [ dest-ip | dest-port | ip-pro | src-ip | src-port ] * | per-packet } { global | slot slot-number }
By default, the device performs per-flow load sharing.
Enabling local-first load sharing
About this task
Local-first load sharing distributes traffic preferentially across the output interfaces on the receiving IRF member device if output interfaces for multiple equal-cost routes are on different members. This feature enhances packets forwarding efficiency.
Procedure
1. Enter system view.
system-view
2. Enable local-first load sharing.
ip load-sharing local-first enable
By default, local-first load sharing is disabled.
