- Table of Contents
-
- 03-Layer 3—IP Services Configuration Guide
- 00-Preface
- 01-ARP configuration
- 02-IP addressing configuration
- 03-DHCP configuration
- 04-DNS configuration
- 05-IP forwarding basics configuration
- 06-Fast forwarding configuration
- 07-Adjacency table configuration
- 08-IRDP configuration
- 09-IP performance optimization configuration
- 10-UDP helper configuration
- 11-IPv6 basics configuration
- 12-DHCPv6 configuration
- 13-IPv6 fast forwarding configuration
- 14-Tunneling configuration
- 15-GRE configuration
- Related Documents
-
Title | Size | Download |
---|---|---|
05-IP forwarding basics configuration | 93.25 KB |
Contents
Configuring IP forwarding basic settings························································ 1
About FIB table······························································································································· 1
Saving the IP forwarding entries to a file··························································································· 1
Keeping the TTL or hop limit unchanged in packets passing through tunnel interfaces and VSI interfaces 2
Forwarding IP packets with TTL 1 and specific destination IP address················································ 2
Forwarding ARP packets to a remote device through a VXLAN tunnel················································ 3
Forwarding ND packets to a remote device through a VXLAN tunnel·················································· 3
Forwarding IPv6 packets with HopLimit 1 and specific destination IP address···································· 3
Display and maintenance commands for FIB table············································································ 4
Configuring load sharing··················································································· 5
About load sharing·························································································································· 5
Configuring per-packet or per-flow load sharing················································································ 5
Enabling bandwidth-based load sharing···························································································· 6
Display and maintenance commands for load sharing······································································· 6
Loading sharing configuration examples··························································································· 7
Example: Configuring load sharing based on source and destination addresses·························· 7
Configuring IP forwarding basic settings
About FIB table
A device uses the FIB table to make packet forwarding decisions.
A device selects optimal routes from the routing table, and puts them into the FIB table. Each FIB entry specifies the next hop IP address and output interface for packets destined for a specific subnet or host.
For more information about the routing table, see Layer 3—IP Routing Configuration Guide.
Use the display fib command to display the FIB table. The following example displays the entire FIB table.
<Sysname> display fib
Route destination count: 4
Directly-connected host count: 0
Flag:
U:Usable G:Gateway H:Host B:Blackhole D:Dynamic S:Static
R:Relay F:FRR
Destination/Mask Nexthop Flag OutInterface/Token Label
10.2.0.0/16 10.2.1.1 U HGE1/0/1 Null
10.2.1.1/32 127.0.0.1 UH InLoop0 Null
127.0.0.0/8 127.0.0.1 U InLoop0 Null
127.0.0.1/32 127.0.0.1 UH InLoop0 Null
A FIB entry includes the following items:
· Destination—Destination IP address.
· Mask—Network mask. The mask and the destination address identify the destination network. A logical AND operation between the destination address and the network mask yields the address of the destination network. For example, if the destination address is 192.168.1.40 and the mask 255.255.255.0, the address of the destination network is 192.168.1.0. A network mask includes a certain number of consecutive 1s. It can be expressed in dotted decimal format or by the number of the 1s.
· Nexthop—IP address of the next hop.
· Flag—Route flag.
· OutInterface—Output interface.
· Token—Label Switched Path index number.
· Label—Inner label.
Saving the IP forwarding entries to a file
Restrictions and guidelines
The feature automatically creates the file if you specify a nonexistent file. If the file already exists, this feature overwrites the file content.
This feature triggers one-time saving of the IP forwarding entries.
To automatically save the IP forwarding entries periodically, configure a schedule for the device to automatically run the ip forwarding-table save command. For information about scheduling a task, see Fundamentals Configuration Guide.
Procedure
To save the IP forwarding entries to a file, execute the following command in any view:
ip forwarding-table save filename filename
Keeping the TTL or hop limit unchanged in packets passing through tunnel interfaces and VSI interfaces
About this task
On a private network using VXLANs or tunnels, the gateway decrements the value in the TTL or Hop Limit field by one in packets passing through VSI interfaces or tunnel interfaces by default. If you do not want the gateway to change the TTL or hop limit in these packets, configure this feature on the gateway.
Procedure
1. Enter system view.
system-view
2. Configure the device not to change the TTL or hop limit in the packets passing through tunnel interfaces and VSI interfaces.
forwarding tunnel-ttl-unvaried
By default, the TTL or hop limit is decremented by one when a packet passes through a tunnel interface or VSI interface.
Forwarding IP packets with TTL 1 and specific destination IP address
About this task
This feature is typically configured on a device that acts as the gateway in the following scenario:
· The device directly connects to an interval server.
· The internal devices wish to receive IP packets destined to a specific IP address, but they do not care about the TTL value in the packets.
Upon receiving an IP packet destined to the specified destination IP address, the device forwards the packet with TTL of 1 instead of sending it to the CPU.
Procedure
1. Enter system view.
system-view
2. Enable forwarding IP packet with TTL of 1 if the packets are destined to the specified IP address.
forwarding ttl-exceeded-packet destination [ vpn-instance vpn-instance-name ] ip-address
By default, the device delivers IP packets to CPU.
Forwarding ARP packets to a remote device through a VXLAN tunnel
About this task
In ARP flooding suppression, if a device receives an ARP packet that uses the device's MAC as the destination MAC but another device's IP as the destination IP, the device discards the packet. You can perform this task for the device to forward such packets to a specific VXLAN tunnel.
Make sure the specified tunnel interface is a manual created VXLAN over IPv4 tunnel.
Procedure
1. Enter system view.
system-view
2. Enable forwarding IP packets with a specific destination address to the specified VXLAN tunnel.
forwarding arp-packet destination [ vpn-instance vpn-instance-name ] ip-address interface tunnel number
By default, the device delivers ARP packets to CPU.
Forwarding ND packets to a remote device through a VXLAN tunnel
About this task
In ND flooding suppression, if a device receives a ND packet that uses the device's MAC as the destination MAC but another device's IP as the destination IP, the device discards the packet. You can perform this task for the device to forward such packets to a specific VXLAN tunnel.
Make sure the specified tunnel interface is a manual created VXLAN over IPv4 tunnel.
Procedure
1. Enter system view.
system-view
2. Enable forwarding IP packets with a specific destination address to the specified VXLAN tunnel.
forwarding arp-packet destination [ vpn-instance vpn-instance-name ] ip-address interface tunnel number
By default, the device delivers ARP packets to CPU.
Forwarding IPv6 packets with HopLimit 1 and specific destination IP address
About this task
This feature is typically configured on a device that acts as the gateway in the following scenario:
· The device directly connects to an interval server.
· The internal devices wish to receive IPv6 packets destined to a specific IPv6 address, but they do not care about the HopLimit value in the packets.
Upon receiving an IPv6 packet destined to the specified destination IPv6 address, the device forwards the packet with HopLimit of 1 instead of sending it to the CPU.
Procedure
1. Enter system view.
system-view
2. Enable forwarding IPv6 packet with HopLimit of 1 if the packets are destined to the specified IP address.
forwarding hop-limit-exceeded destination [ vpn-instance vpn-instance-name ] ipv6-address
By default, the device delivers IPv6 packets to CPU.
Display and maintenance commands for FIB table
Execute display commands in any view.
Task |
Command |
Display FIB entries. |
display fib [ vpn-instance vpn-instance-name ] [ ip-address [ mask | mask-length ] ] |
Configuring load sharing
About load sharing
If a routing protocol finds multiple equal-cost best routes to the same destination, the device forwards packets over the equal-cost routes to implement load sharing.
Configuring per-packet or per-flow load sharing
About this task
In the per-flow load sharing mode, the device forwards flows over equal-cost routes. Packets of one flow travel along the same routes. You can configure the device to identify a flow based on the following criteria: source IP address, destination IP address, source port number, destination port number, IP protocol number, and ingress port. You can also configure per-flow load sharing for IP tunnel packets.
In a complex network, when the criteria cannot distinguish flows, you can use the algorithm keyword to specify an algorithm to identify flows.
Restrictions and guidelines
If you use the ip load-sharing mode or link-aggregation global load-sharing mode command multiple times, the most recent configuration takes effect.
When you configure the ip load-sharing mode and link-aggregation global load-sharing mode commands together, make sure their load sharing modes are the same as a best practice. After you save the configuration of these commands and reboot the device, only a random one of these commands can take effect. For more information about the link-aggregation global load-sharing mode command, see Ethernet link aggregation commands Layer—2 LAN Switching Command Reference.
Procedure
1. Enter system view.
system-view
2. Configure load sharing.
ip load-sharing mode per-flow [ algorithm algorithm-number | [ dest-ip | dest-port | ingress-port | ip-pro | src-ip | src-port ] * | tunnel { all | inner | outer } ] { global | slot slot-number }
By default, the device performs per-flow load sharing based on the source IP address, destination IP address, source port, destination port, IP protocol number, and ingress port of the packets.
3. Display the load sharing path selected for a flow.
display ip load-sharing path ingress-port interface-type interface-number packet-format { ipv4oe dest-ip ip-address [ src-ip ip-address ] | ipv6oe dest-ipv6 ipv6-address [ src-ipv6 ipv6-address ] } [ dest-port port-id | ip-pro protocol-id | src-port port-id | vpn-instance vpn-instance-name ] *
The options in the command must be the same as those in the configured ip load-sharing mode command. If the options are not consistent, the path displayed by this command might be different from the real path for load sharing.
Enabling bandwidth-based load sharing
About this task
This feature load shares flow traffic among multiple output interfaces based on their load percentages. The device calculates the load percentage for each output interface in terms of the interface expected bandwidth.
Devices that run load sharing protocols, such as Locator/ID Separation Protocol (LISP), implement load sharing based on the ratios defined by these protocols.
Restriction and guidelines
This feature is mutually exclusive with the enhanced ECMP mode configured by the ecmp mode enhanced command.
After you enable this feature, the expected bandwidth set by using the bandwidth command on an interface cannot exceed the actual physical bandwidth of the interface.
Procedure
1. Enter system view.
system-view
2. Enable IPv4 bandwidth-based load sharing.
bandwidth-based-sharing
By default, the IPv4 bandwidth-based load sharing is disabled.
3. (Optional.) Configure the expected bandwidth of the interface.
a. Enter interface view.
interface interface-type interface-number
b. Configure the expected bandwidth of the interface.
bandwidth bandwidth
By default, the expected bandwidth is the physical bandwidth of the interface.
Display and maintenance commands for load sharing
Execute display commands in any view.
Task |
Command |
Display the load sharing mode in use. |
display ip load-sharing mode slot slot-number |
Display the load sharing path selected for a flow. |
display ip load-sharing path ingress-port interface-type interface-number packet-format { ipv4oe dest-ip ip-address [ src-ip ip-address ] | ipv6oe dest-ipv6 ipv6-address [ src-ipv6 ipv6-address ] } [ dest-port port-id | ip-pro protocol-id | src-port port-id | vpn-instance vpn-instance-name ] * |
Loading sharing configuration examples
Example: Configuring load sharing based on source and destination addresses
Network configuration
As shown in Figure 1, Router A has two equal-cost routes to Router B. Configure load sharing on Router A to forward packets through Router B to the destination IP address 1.2.3.4/24.
Procedure
IMPORTANT: By default, interfaces on the device are disabled (in ADM or Administratively Down state). To have an interface operate, you must use the undo shutdown command to enable that interface. |
# On Router A, configure IP addresses for HundredGigE 1/0/1 and HundredGigE 1/0/2.
<RouterA> system-view
[RouterA] interface hundredgige 1/0/1
[RouterA-HundredGigE1/0/1] ip address 10.1.1.1 24
[RouterA-HundredGigE1/0/1] quit
[RouterA] interface hundredgige 1/0/2
[RouterA-HundredGigE1/0/2] ip address 20.1.1.1 24
[RouterA-HundredGigE1/0/2] quit
# On Router B, configure IP addresses for HundredGigE 1/0/1 and HundredGigE 1/0/2.
<RouterB> system-view
[RouterB] interface hundredgige 1/0/1
[RouterB-HundredGigE1/0/1] ip address 10.1.1.2 24
[RouterB-HundredGigE1/0/1] quit
[RouterB] interface hundredgige 1/0/2
[RouterB-HundredGigE1/0/2] ip address 20.1.1.2 24
[RouterB-HundredGigE1/0/2] quit
# On Router A, configure two static routes to the destination IP address.
[RouterA] ip route-static 1.2.3.4 24 10.1.1.2
[RouterA] ip route-static 1.2.3.4 24 20.1.1.2
[RouterA] quit
# On Router A, display FIB entries matching the destination IP address 1.2.3.4.
<RouterA> display fib 1.2.3.4
FIB entry count: 2
Flag:
U:Usable G:Gateway H:Host B:Blackhole D:Dynamic S:Static
R:Relay F:FRR
Destination/Mask Nexthop Flag OutInterface/Token Label
1.2.3.0/24 10.1.1.2 USGR HGE1/0/1 Null
1.2.3.0/24 20.1.1.2 USGR HGE1/0/2 Null
# On Router A, configure per-flow load sharing based on the source IP address and destination IP address.
<RouterA> system-view
[RouterA] ip load-sharing mode per-flow dest-ip src-ip global
[RouterA] quit
Verifying the configuration
# Verify that Router A implements load sharing.
<RouterA> display counters outbound interface GigabitEthernet
Interface Total (pkts) Broadcast (pkts) Multicast (pkts) Err (pkts)
HGE1/0/1 1045 0 0 0
HGE1/0/2 1044 0 0 0