Huawei S6700 Series Configuration Manual
  1. Manuals
  2. Brands
  3. Huawei Manuals
  4. Switch
  5. S6700 Series
  6. Configuration manual

Huawei S6700 Series Configuration Manual

Ip routing
Hide thumbs Also See for S6700 Series:
1
2
3
4
Table Of Contents
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
Table of Contents

Advertisement

Quick Links

Download this manual
S6700 Series Ethernet Switches
V200R001C00
Configuration Guide - IP Routing
Issue
01
Date
2012-03-15
HUAWEI TECHNOLOGIES CO., LTD.

Advertisement

Table of Contents
loading

Related Manuals for Huawei S6700 Series

Summary of Contents for Huawei S6700 Series

  • Page 1 S6700 Series Ethernet Switches V200R001C00 Configuration Guide - IP Routing Issue Date 2012-03-15 HUAWEI TECHNOLOGIES CO., LTD.
  • Page 2 All other trademarks and trade names mentioned in this document are the property of their respective holders. Notice The purchased products, services and features are stipulated by the contract made between Huawei and the customer. All or part of the products, services and features described in this document may not be within the purchase scope or the usage scope.

  • Page 3: About This Document

    Indicates a tip that may help you solve a problem or save time. Provides additional information to emphasize or supplement NOTE important points of the main text. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 4: Command Conventions

    Change History Updates between document issues are cumulative. Therefore, the latest document issue contains all updates made in previous issues. Changes in Issue 01 (2012-03-15) Initial commercial release. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 5: Table Of Contents

    2.2 RIP Features Supported by the S6700......................26 2.3 Configuring Basic RIP Functions........................26 2.3.1 Establishing the Configuration Task.......................26 2.3.2 Enabling RIP............................26 2.3.3 Enabling RIP on the Specified Network Segment...................27 2.3.4 Configuring RIP Version Number......................28 Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 6 2.10.1 Example for Configuring the RIP Version....................49 2.10.2 Example for Configuring RIP to Import Routes...................53 3 RIPng Configuration........................59 3.1 RIPng Overview...............................60 3.2 RIPng Features Supported by the S6700......................61 Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 7 4.3 Configuring Basic OSPF Functions.........................90 4.3.1 Establishing the Configuration Task.......................90 4.3.2 Enabling OSPF............................91 4.3.3 (Optional) Creating OSPF Virtual Links....................92 4.3.4 (Optional) Configuring a Route Selection Rule on the switch..............93 Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 8 4.10.1 Establishing the Configuration Task....................125 4.10.2 Enabling OSPF GR..........................126 4.10.3 (Optional) Configuring the GR Session Parameters on the Restarter..........127 4.10.4 (Optional) Configuring GR Session Parameters on the Helper............127 Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 9 5.4.4 Configuring the Interval for Retransmitting LSAs to Neighboring Switches........193 5.4.5 Configuring the Delay for Transmitting LSAs on the Interface............194 5.4.6 Checking the Configuration........................194 5.5 Configuring OSPFv3 Areas..........................195 Issue 01 (2012-03-15) Huawei Proprietary and Confidential viii Copyright © Huawei Technologies Co., Ltd.
  • Page 10 5.12.3 Example for Configuring the OSPFv3 Virtual Link................224 5.12.4 Example for Configuring OSPFv3 GR....................228 6 IS-IS Configuration........................233 6.1 Basic Concepts of IS-IS..........................235 6.2 IS-IS Features Supported by the S6700......................236 Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 11 6.11.3 Configuring IPv6 IS-IS Interfaces.......................287 6.11.4 (Optional) Configuring the IPv6 IS-IS Interfaces................288 6.11.5 (Optional) Configuring IPv6 IS-IS Attributes for Interfaces on Different Types of Networks..291 6.11.6 Checking the Configuration.........................294 Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 12 6.18.7 Example for Configuring Dynamic BFD for IS-IS................347 6.18.8 Example for Configuring Basic IS-IS IPv6 Functions................353 7 BGP Configuration........................360 7.1 BGP Overview..............................362 7.2 BGP Features Supported by the S6700......................362 7.3 Configuring Basic BGP Functions.........................368 Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 13 7.9.5 (Optional) Preventing BGP Routes from Being Added into the IP Routing Table.......415 7.9.6 Checking the Configuration........................415 7.10 Configuring a BGP Confederation.......................416 7.11 Configuring BGP Community Attributes.....................417 Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 14 8.2 BGP4+ Features Supported by the S6700......................498 8.3 Configuring Basic BGP4+ Functions......................499 8.3.1 Establishing the Configuration Task.....................499 8.3.2 Starting a BGP Process..........................499 8.3.3 Configuring an IPv6 Peer........................500 Issue 01 (2012-03-15) Huawei Proprietary and Confidential xiii Copyright © Huawei Technologies Co., Ltd.
  • Page 15 8.10.1 Establishing the Configuration Task....................529 8.10.2 Creating an IBGP Peer Group......................530 8.10.3 Creating a Pure EBGP Peer Group......................531 8.10.4 Creating a Mixed EBGP Peer Group....................532 8.10.5 Checking the Configuration.........................533 Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 16 9.4.6 Configuring Update Packets not to Carry Private AS Number.............564 9.4.7 Checking the Configuration........................565 9.5 Configuring the Policy for Exchanging Routes Between MBGP Peers............566 9.5.1 Establishing the Configuration Task.....................566 Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 17 10.4.4 (Optional) Configuring the Apply Clause...................600 10.4.5 Checking the Configuration.........................601 10.5 Applying Filters to Received Routes......................602 10.5.1 Establishing the Configuration Task....................602 10.5.2 Filtering Routes Received by RIP.......................603 Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 18 11.4.4 (Optional) Configuring OSPF Between an MCE and a Site...............634 11.4.5 (Optional) Configuring IS-IS Between an MCE and a Site..............635 11.4.6 (Optional) Configuring BGP Between an MCE and a Site..............635 11.4.7 Checking the Configuration.........................636 Issue 01 (2012-03-15) Huawei Proprietary and Confidential xvii Copyright © Huawei Technologies Co., Ltd.
  • Page 19 11.5.5 (Optional) Configuring IS-IS Between an MCE and a PE..............639 11.5.6 (Optional) Configuring BGP Between an MCE and a PE..............639 11.5.7 Checking the Configuration.........................640 11.6 MCE Configuration Examples........................640 11.6.1 Example for Configuring MCE......................640 Issue 01 (2012-03-15) Huawei Proprietary and Confidential xviii Copyright © Huawei Technologies Co., Ltd.

  • Page 20: Ip Static Route Configuration

    On an IPv4 network, configuring BFD for IPv4 static routes on the public network can speed up route convergence and improve network reliability. 1.6 Configuration Examples This section provides configuration examples of static routes. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 21: Static Route

    Default routes are used only when packets to be forwarded fail to match any entry in the routing table. You can run the display ip routing-table command to check whether the default route is configured. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 22: Configuring An Ipv4 Static Route

    In this manner, it is unnecessary to modify the switch configuration if the remote address changes. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 23: Configuring An Ipv4 Static Route On The Public Network

    } [ preference preference | tag tag ] [ description text ] An IPv4 static route is configured. By default, no IPv4 static route is configured. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 24: Optional) Setting The Default Preference For Ipv4 Static Routes

    Run the display ip routing-table command to check brief information about the IPv4 routing table. Run the display ip routing-table verbose command to check detailed information about the IPv4 routing table. ----End Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 25: Configuring An Ipv6 Static Route

    Context Do as follows on the switch to be configured with static routes: Procedure Step 1 Run: system-view The system view is displayed. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 26: Optional) Setting The Default Preference For Ipv6 Static Routes

    1.4.4 Checking the Configuration After an IPv6 static route is configured, you can check detailed information about the configured route. Prerequisites The configurations of an IPv6 static route are complete. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 27: Configuring Bfd For Ipv4 Static Routes On The Public Network

    Destination address and mask Outbound interface or next-hop IPv4 address IP address of the peer detected by BFD Local discriminator and remote discriminator of a BFD session Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 28: Configuring An Ipv4 Static Route On The Public Network

    BFD sessions are used to quickly detect and monitor the connectivity of links on a network. Background See the S6700 Series Ethernet Switches Configuration Guide - Reliability. 1.5.4 Binding a Static Route to a BFD Session When binding a static route to a BFD session, ensure that the static route resides on the same link as the BFD session.

  • Page 29: Checking The Configuration

    The PCs that belong to different network segments are connected through several switches. IPv4 static routes should be used so that any two PCs in different network segments can communicate with each other. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 30 The next hop address of the default route on Switch A is 1.1.4.2. The destination address of Switch B is 1.1.1.0, and the next hop address of the static route is 1.1.4.1. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 31 --- 1.1.3.1 ping statistics --- 5 packet(s) transmitted 5 packet(s) received 0.00% packet loss round-trip min/avg/max = 62/62/63 ms # Run the tracert command to verify the connectivity. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 32 XGigabitEthernet0/0/3 port link-type access port default vlan 40 ip route-static 1.1.1.0 255.255.255.0 1.1.4.1 ip route-static 1.1.3.0 255.255.255.0 1.1.4.6 return Configuration file of Switch C sysname SwitchC Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 33: Example For Configuring Ipv6 Static Routes

    Switch A XGE0/0/1 VLANIF 20 Generated automatically Switch B XGE0/0/1 VLANIF 20 Generated automatically Switch B XGE0/0/2 VLANIF 40 Generated automatically Switch B XGE0/0/3 VLANIF 30 2::1/64 Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 34 The configurations of Switch B and Switch C are similar to the configuration of Switch A and are not mentioned here. Step 2 Assign IP addresses to the VLANIF interfaces. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 35 Protocol : Direct RelayNextHop : :: TunnelID : 0x0 Interface : Vlanif10 Flags Destination : 1::1 PrefixLength : 128 NextHop : ::1 Preference Cost Protocol : Direct Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 36 20 port hybrid untagged vlan 20 interface XGigabitEthernet0/0/2 port hybrid pvid vlan 10 port hybrid untagged vlan 10 ipv6 route-static :: 0 vlanif20 FE80::218:20FF:FE00:80 return Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 37 40 port hybrid untagged vlan 40 interface XGigabitEthernet0/0/2 port hybrid pvid vlan 50 port hybrid untagged vlan 50 ipv6 route-static :: 0 Vlanif40 FE80::218:20FF:FE00:83 return Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 38: Example For Configuring Bfd For Ipv4 Static Routes

    Static route from Switch A to the NMS Procedure Step 1 Create VLANs and add corresponding interfaces to the VLANs. <Quidway> system-view [Quidway] sysname SwitchA [SwitchA] vlan 10 [SwitchA-vlan10] quit [SwitchA] interface xgigabitethernet 0/0/1 Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 39 # Check the IP routing table on Switch A, and you can find that the static route exists in the routing table. <SwitchA> display ip routing-table Route Flags: R - relay, D - download to fib Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 40 Vlanif10 1.1.1.255/32 Direct 1.1.1.2 Vlanif10 2.2.2.0/24 Static 1.1.1.2 Vlanif10 127.0.0.0/8 Direct 127.0.0.1 InLoopBack0 127.0.0.1/32 Direct 127.0.0.1 InLoopBack0 ----End Configuration Files Configuration file of Switch A sysname SwitchA Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 41 10 interface XGigabitEthernet0/0/2 port hybrid pvid vlan 20 port hybrid untagged vlan 20 bfd bb bind peer-ip 1.1.1.1 discriminator local 20 discriminator remote 10 commit return Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 42: Rip Configuration

    2.9 Configuring the Network Management Function in RIP By binding RIP to MIBs, you can view and configure RIP through the NMS. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 43 S6700 Series Ethernet Switches Configuration Guide - IP Routing 2 RIP Configuration 2.10 Configuration Examples This section provides several configuration examples of RIP. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 44: Overview Of Rip

    Uses multicast routes to send update packets. Only RIPv2 routers can receive protocol packets. This reduces the resource consumption. To enhance the security, Provides two authentication modes to enhance security: plain-text authentication and MD5 authentication. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 45: Rip Features Supported By The S6700

    RIP process ID Network segment in which the RIP interface resides RIP version number 2.3.2 Enabling RIP Creating RIP processes is the prerequisite to performing RIP configurations. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 46: Enabling Rip On The Specified Network Segment

    Do as follows on the switch to be enabled with RIP. Procedure Step 1 Run: system-view The system view is displayed. Step 2 Run: rip [ process-id ] Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 47: Configuring Rip Version Number

    The interface view is displayed. Run: rip version { 1 | 2 [ broadcast | multicast ] } The RIP version number of the packets received by the interface is specified. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 48: Checking The Configuration

    Change the matching order by configuring the RIP preference when multiple routing protocols discover routes to the same destination. Implement load balancing among multiple equal-cost routes. Pre-configuration Tasks Before configuring RIP route attributes, complete the following tasks: Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 49: Configuring Additional Metrics Of An Interface

    The interface view is displayed. The interface must be a VLANIF interface. Step 3 Run: rip metricin value The metric added to an incoming route is set. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 50: Configuring Rip Preference

    By setting the maximum number of equal-cost RIP routes, you can change the number of routes for load balancing. Context Do as follows on the RIP switch: Procedure Step 1 Run: system-view Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 51: Checking The Configuration

    After performing the configuration procedures in this section, you can: Advertise default routes to neighbors. Suppress interfaces from sending RIP Update packets. Import external routes from various routing protocols and filter the routes to be advertised. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 52: Configuring Rip To Advertise Default Routes

    2.5.3 Disabling an Interface from Sending Update Packets Disabling interfaces from sending Update packets is a method of preventing routing loops and can be implemented in two ways. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 53 By running this command, you can specify whether to send RIP Update packets on an interface. The silent-interface command takes precedence over the undo rip output command. By default, an interface is allowed to send RIP Update packets. ----End Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 54: Configuring Rip To Import External Routes

    If the routes of other routing protocols are imported and the tag is used in the routing policy, ensure that the tag value does not exceed 65535. Otherwise, the routing policy becomes invalid or the matching result is incorrect. ----End Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 55: Checking The Configuration

    Configuring IP addresses for interfaces to ensure that neighboring nodes are reachable at the network layer Configuring Basic RIP Functions Data Preparation To control the receiving of RIP routing information, you need the following data. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 56: Disabling An Interface From Receiving Rip Update Packets

    You can configure the switch to refuse to accept host routes by disabling RIP from accepting host routes. By default, host routes are added to the routing table. Do as follows on the RIP switch: Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 57: Configuring Rip To Filter The Received Routes

    Run: filter-policy { acl-number | acl-name acl-name } import The learned routing information is filtered based on an ACL. l Run: filter-policy gateway ip-prefix-name import Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 58: Checking The Configuration

    Deploying a RIP-2 network saves IP addresses. For a network on which the IP addresses of devices are not consecutive, only RIP-2 can be deployed, whereas RIP-1 cannot be deployed. RIP-2 features include: Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 59: Configuring Rip-2 Route Summarization

    Procedure Enabling RIP-2 Automatic Route Summarization Run: system-view The system view is displayed. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 60: Configuring Packet Authentication Of Rip-2

    In simple authentication mode, the unencrypted authentication key is sent in every RIP-2 packet. Therefore, simple authentication does not guarantee security, and cannot meet the requirements for high security. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 61: Checking The Configuration

    Run the display rip process-id database [ verbose ] command to check all activated RIP routes in the database. Run the display rip process-id route command to check all the RIP routes that are learned from other switchs. ----End Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 62: Optimizing A Rip Network

    Number of Update packets that an interface sends each time and interval for sending an Update packet Maximum number of equal-cost routes Packet authentication mode and password IP addresses of RIP neighbors Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 63: Configuring Rip Timers

    RIP has three timers: Update timer, Age timer and Garbage-collect timer. Changing the values of the three timers affects the RIP convergence speed. For details on timers, see corresponding description in the chapter "RIP" in the S6700 Series Ethernet Switches Feature Description - IP Routing.

  • Page 64: Setting The Interval For Sending Packets And The Maximum Number Of The Sent Packets

    Step 1 Run: system-view The system view is displayed. Step 2 Run: interface interface-type interface-number The interface view is displayed. The interface must be a VLANIF interface. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 65: Configuring Rip To Check The Validity Of Update Packets

    Configuring the Source Address Check for RIP Update Packets Run: system-view The system view is displayed. Run: rip [ process-id ] The RIP process is enabled and the RIP view is displayed. Run: verify-source Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 66: Configuring Rip Neighbors

    The configurations of optimizing a RIP network are complete. Procedure Run the display rip [ process-id | vpn-instance vpn-instance-name ] command to check the running status and configuration of RIP. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 67: Configuring The Network Management Function In Rip

    Before binding RIP to MIBs, you need to specify the RIP process ID. Context Do as follows on the RIP switch: Procedure Step 1 Run: system-view The system view is displayed. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 68: Checking The Configuration

    Figure 2-1 Networking diagram for configuring the RIP version Switch C XGE0/0/2 Switch A Switch D XGE0/0/2 XGE0/0/3 XGE0/0/1 XGE0/0/1 XGE0/0/3 Switch B Switch Interface VLANIF interface IP address Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 69 The configurations of Switch B, Switch C, and Switch D are similar to the configuration of Switch A, and are not mentioned here. Step 3 Configure the basic RIP functions. Configure Switch A. [SwitchA] rip [SwitchA-rip-1] network 192.168.1.0 [SwitchA-rip-1] quit Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 70 # Check the RIP routing table of Switch A. [SwitchA] display rip 1 route Route Flags: R - RIP A - Aging, G - Garbage-collect ------------------------------------------------------------------------- Peer 192.168.1.2 on Vlanif10 Destination/Mask Nexthop Cost Flags Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 71 30 port hybrid untagged vlan 30 rip 1 version 2 network 192.168.1.0 network 172.16.0.0 network 10.0.0.0 return Configuration file of Switch C sysname SwitchC Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 72: Example For Configuring Rip To Import Routes

    Figure 2-2 Networking diagram for configuring RIP to import external route XGE0/0/2 XGE0/0/1 XGE0/0/1 XGE0/0/2 XGE0/0/2 XGE0/0/1 XGE0/0/3 SwitchA SwitchB SwitchC switch Interface VLANIF interface IP address Switch A XGigabitEthernet0/0/1 VLANIF 10 192.168.1.1/24 Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 73 [Switch A] vlan 50 [Switch A-Vlan50] quit [Switch A]interface xgigabitethernet 0/0/2 [Switch A-XGigabitEthernet0/0/2] port hybrid pvid vlan 50 [Switch A-XGigabitEthernet0/0/2] port hybrid untagged vlan 50 [Switch A-XGigabitEthernet0/0/2] quit Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 74 # On Switch B, set the default metric of imported routes to 3 and configure the RIP processes to import routes into each other's routing table. [Switch B] rip 100 [Switch B-rip-100] default-cost 3 Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 75 Vlanif10 192.168.1.1/32 Direct 0 127.0.0.1 Vlanif10 192.168.1.255/32 Direct 0 192.168.1.2 Vlanif10 192.168.2.0/24 192.168.1.2 Vlanif10 192.168.3.0/24 192.168.1.2 Vlanif10 127.0.0.0/8 Direct 0 127.0.0.1 InLoopBack0 127.0.0.1/32 Direct 0 127.0.0.1 InLoopBack0 Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 76 20 port hybrid untagged vlan 20 rip 100 default-cost 3 network 192.168.1.0 filter-policy 2000 export import-route rip 200 rip 200 network 192.168.2.0 import-route rip 100 return Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 77 30 port hybrid untagged vlan 30 interface XGigabitEthernet0/0/3 port hybrid pvid vlan 40 port hybrid untagged vlan 40 rip 200 network 192.168.2.0 network 192.168.3.0 network 192.168.4.0 return Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 78: Ripng Configuration

    3.8 Maintaining RIPng This section describes how to clear statistics of a specified RIPng process. 3.9 Configuration Examples This section provides a configuration example of RIPng. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 79: Ripng Overview

    16. If the value is 16, it indicates that the destination host or network is unreachable. Timer: indicates the time since a routing entry is last updated. The timer is reset to 0 when a routing entry is updated. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 80: Ripng Features Supported By The S6700

    Configuring IPv6 addresses for interfaces to ensure that neighboring nodes are reachable at the network layer Data Preparation To configure basic RIPng functions, you need the following data. Data RIPng process ID Interface to be enabled with RIPng Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 81: Enabling Ripng And Entering The Ripng View

    To enable the switch to learn routes to the network segment where the interface resides, ensure that the link status of the interface is Up. Step 3 Run: ripng process-id enable Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 82: Checking The Configuration

    Change the matching order of routing protocols by configuring the RIPng preference when multiple routing protocols discover routes to the same destination. Implement load balancing among multiple equal-cost routes. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 83: Configuring The Ripng Preference

    The RIPng preference is set. ----End 3.4.3 Configuring Additional Metrics of an Interface You can set additional metrics for received and sent RIPng routes by using different commands. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 84: Configuring The Maximum Number Of Equal-Cost Routes

    By setting the maximum number of equal-cost RIPng routes, you can change the number of routes for load balancing. Context Do as follows on the RIPng switch: Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 85: Checking The Configuration

    To meet the requirements of complex networks, it is required to accurately control the advertising of RIPng routing information. 3.5.1 Establishing the Configuration Task RIPng routing information can be advertised through route summarization, default routes, and imported external routes. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 86: Configuring Ripng Route Summarization

    Do as follows on the RIPng switch: Procedure Step 1 Run: system-view The system view is displayed. Step 2 Run: interface vlanif interface-number Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 87: Configuring Ripng To Advertise The Default Routes

    If RIPng imports routes from other routing protocols, but no metric is specified, you can set the default metric for imported external routes. Context Do as follows on the RIPng switch: Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 88: Configuring Ripng To Import External Routes

    NOTE Import of IBGP routes in RIPng process can lead to routing loops. Administrator should take care of routing loops before configuring permit-ibgp. Step 5 (Optional) Run: Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 89: Checking The Configuration

    Disable an interface from receiving RIPng Update packets. Filter the received routing information. Import external routes from various routing protocols and filter the imported routes. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 90: Configuring Ripng To Filter The Received Routes

    RIPng routing table. ----End 3.6.3 Checking the Configuration After the function of controlling the receiving of RIPng routing information is successfully configured, you can view RIPng routing information. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 91: Optimizing A Ripng Network

    Configuring IPv6 addresses for interfaces to ensure that neighboring nodes are reachable at the network layer Configuring Basic RIPng Functions Data Preparation To optimize a RIPng network, you need the following data. Data Values of timers Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 92: Configuring Ripng Timers

    RIPng performance. Context Do as follows on the RIPng switch: Procedure Step 1 Run: system-view The system view is displayed. Step 2 Run: interface vlanif interface-number Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 93: Configuring Split Horizon And Poison Reverse

    In a RIPng packet, there are certain fields whose values must be 0. These fields are called zero fields. If the values of these zero fields in some RIPng packets are not 0s, these RIPng packets are ignored. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 94: Checking The Configuration

    Run the display ripng process-id route command to check all the RIPng routes that are learned from other switchs. ----End 3.8 Maintaining RIPng This section describes how to clear statistics of a specified RIPng process. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 95: Clearing Ripng

    Switch C (3::/64). That is, Switch B does not add the routes to its own routing table or advertise the routes to Switch A. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 96 Figure 3-1 RIPng1 enabled on each Switch ACL6 2000 on Switch B, which rejects the routes from network segment 3::/64 Procedure Step 1 Add interfaces to VLANs. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 97 [Switch C-Vlanif30] quit [Switch C] interface vlanif 40 [Switch C-Vlanif40] ripng 1 enable [Switch C-Vlanif40] quit [Switch C] interface vlanif 50 [Switch C-Vlanif50] ripng 1 enable [Switch C-Vlanif50] quit Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 98 # Check the RIPng routing table of Switch A. The RIPng routing table should not contain the routes of network segment 3::/64. [Switch A] display ripng 1 route Route Flags: R - RIPng Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 99 1 enable interface Vlanif30 ipv6 enable ipv6 address auto link-local ripng 1 enable interface XGigabitEthernet0/0/1 port hybrid pvid vlan 20 port hybrid untagged vlan 20 interface XGigabitEthernet0/0/2 Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 100 XGigabitEthernet0/0/2 port hybrid pvid vlan 40 port hybrid untagged vlan 40 interface XGigabitEthernet0/0/3 port hybrid pvid vlan 50 port hybrid untagged vlan 50 ripng 1 return Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 101: Ospf Configuration

    After BFD for OSPF is enabled, when a link fails, the switch rapidly detects the failure, notifies the OSPF process or interface of the fault, and instructs OSPF to recalculate routes. This speeds up OSPF network convergence. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 102 OSPF process, and configure the trap function and log function. 4.13 Maintaining OSPF Maintaining OSPF involves resetting OSPF and clearing OSPF statistics. 4.14 Configuration Examples This section provides several configuration examples of OSPF. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 103: Ospf Overview

    Based on the surrounding network topology, each OSPF device originates a Link State Advertisement (LSA). The switch then transmits Update packets containing the LSAs to other OSPF devices. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 104 OSPF routers are classified into the following types according to their locations in the AS: Internal routers All interfaces of the switchs of this type belong to the same OSPF area. Area border routers (ABRs) Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 105: Ospf Network Types

    Non-Broadcast Multi-Access (NBMA): If the link layer protocol is Frame Relay, ATM, or X.25, OSPF defaults the network type to NBMA. In this type of networks, protocol packets, Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 106: Ospf Features Supported By The S6700

    When the AMB fails, the SMB replaces it to ensure the normal operation of OSPF. OSPF supports two types of HSB: Backing up all OSPF data: After the switchover between the AMB and the SMB, OSPF restores its normal work immediately. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 107 This causes the re-calculation of SPF. If this switch recovers within a few seconds, the neighbor relationship becomes unstable. This results in route flapping. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 108 RM. OSPF then responds to the event and immediately deletes the adjacency relationship on the link. At this time, the status Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 109: Configuring Basic Ospf Functions

    Configuring IP addresses for interfaces to ensure that neighboring switches are reachable at the network layer Data Preparation To configure basic OSPF functions, you need the following data. Data Router ID Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 110: Enabling Ospf

    If a VPN instance is specified, the OSPF process belongs to the VPN instance; if a VPN instance is not specified, the OSPF process belongs to a public network instance. Step 3 Run: Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 111: Optional) Creating Ospf Virtual Links

    Step 1 Run: system-view The system view is displayed. Step 2 Run: ospf [ process-id ] The OSPF process view is displayed. Step 3 Run: area area-id Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 112: Optional) Configuring A Route Selection Rule On The Switch

    The switch is configured to comply with the route selection rule defined in RFC 2328, not RFC 1583. By default, the switch complies with route selection rule defined in RFC 1583. ----End Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 113: Optional) Setting The Ospf Priority

    Hello packets that are used to maintain the OSPF neighbor relationships. As a result, the neighbor relationships are interrupted. After the neighbor relationships are reestablished, more packets are to be exchanged. This intensifies Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 114: Optional) Configuring The Maximum Number Of Packet Retransmission Attempts

    By default, the retransmission mechanism is disabled. Perform the following steps on the switch running OSPF. Procedure Step 1 Run: system-view The system view is displayed. Step 2 Run: Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 115: Optional) Setting An Interval At Which An Lsa Packet Is Retransmitted To The Neighboring Switch

    4.3.9 (Optional) Configuring an Interface to Fill in a DD Packet with the Interface MTU You can configure an interface to fill in the Interface MTU field of a DD packet with the interface MTU. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 116: Checking The Configuration

    Run the display ospf [ process-id ] routing command to check OSPF routing table information. Run the display ospf [ process-id ] lsdb command to check OSPF LSDB information. ----End Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 117: Configuring Ospf On The Nbma Or P2Mp Network

    DD packets, LSR packets, LSU HDLC, or Link Access Procedure packets, and LSAck packets are Balanced (LAPB), OSPF regards multicasted. the network as a P2P network by default. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 118: Configuring Network Types For Ospf Interfaces

    OSPF interface to forcibly change its original network type. Context By default, the physical interface type determines the network type. The network type of an Ethernet interface is Broadcast. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 119: Configuring Nbma Network Attributes

    P2P is recommended. NOTE OSPF cannot be configured on a null interface. ----End 4.4.3 Configuring NBMA Network Attributes To implement OSPF functions, configure NBMA network attributes. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 120: Configuring P2Mp Network Attributes

    The OSPF process view is displayed. Run: peer ip-address [ dr-priority priority ] A neighboring switch is configured. ----End 4.4.4 Configuring P2MP Network Attributes To implement OSPF functions, configure P2MP network attributes. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 121 The local switch is configured to filter the LSA packets to be sent on the P2MP network. By default, the LSA packets to be sent are not filtered. ----End Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 122: Checking The Configuration

    Configure equal-cost routes to implement load balancing. Configure a stub router during the maintenance operations such as upgrade to ensure stable data transmission through key routes. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 123: Setting The Interface Cost

    The OSPF interface cost is set. The switch generally transmits routing information using the link connected to the interface with a smaller cost value. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 124: Configuring Equal-Cost Routes

    The three routes are equal-cost routes for load balancing. Figure 4-4 Networking diagram of equal-cost routes IP Network cost=10 cost=5 IP Network Switch A Switch B IP Network Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 125: Configuring A Stub Router

    After the route cost is set to the maximum value 65535, traffic generally bypasses the switch. This ensures an uninterrupted route on the switch during maintenance operations such as upgrade. Perform the following steps on the switch running OSPF. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 126: Suppressing An Interface From Receiving And Sending Ospf Packets

    [ process-id ] The OSPF process view is displayed. Step 3 Run: silent-interface { all | interface-typeinterface-number } An interface is suppressed from receiving and sending OSPF packets. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 127: Checking The Configuration

    Pre-configuration Tasks Before controlling OSPF routing information, complete the following tasks: Configuring IP addresses for interfaces to ensure that neighboring switches are reachable at the network layer Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 128: Configuring Ospf To Import External Routes

    OSPF provides loop-free intra-area routes and inter-area routes; however, OSPF cannot prevent external routing loops. Therefore, exercise caution when configuring OSPF to import external routes. For details, see "OSPF VPN Extension" in the S6700 Series Ethernet Switches Feature Description - VPN.

  • Page 129: Configuring Ospf To Import A Default Route

    The advertising mode of the default route is determined by the type of the area to which the default route is imported, as shown in Table 4-2. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 130: Configuring Route Summarization

    When a large-scale OSPF network is deployed, you can configure route summarization to reduce routing entries. Otherwise, a large number of routing entries are generated and consume system resources unexpectedly. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 131: Configuring Ospf To Filter Routes Received By Ospf

    4.6.5 Configuring OSPF to Filter Routes Received by OSPF By configuring filtering conditions for the received routes, you can allow only the routes that meet the filtering conditions to be added to the routing table. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 132: Configuring The Switch To Filter Lsas To Be Sent

    { all | { summary [ acl { acl-number | acl-name } ] | ase [ acl { acl-number | acl-name } ] | nssa [ acl { acl-number | acl-name } ] } Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 133: Optional) Configuring Ospf To Filter Lsas In An Area

    The mesh-group function is used to prevent repeated flooding and save system resources. Context When concurrent links exist between two switches, you can enable the mesh-group function to reduce the load on the links. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 134: Setting The Maximum Number Of External Lsas In The Lsdb

    [ process-id ] The OSPF process view is displayed. Step 3 Run: lsdb-overflow-limit number The maximum number of external LSAs in the LSDB is set. ----End Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 135: Checking The Configuration

    An ASBR cannot exist in a stub area. External routes are not transmitted in the stub area. Virtual links cannot exist in the stub area. Pre-configuration Tasks Before configuring a stub area, complete the following tasks: Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 136 To ensure the reachability of AS external routes, the ABR in the stub area generates a default route and advertises the route to the non-ABR switches in the stub area. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 137: Configuring An Nssa

    Before configuring an NSSA, complete the following tasks: Configuring IP addresses for interfaces to ensure that neighboring switches are reachable at the network layer Configuring Basic OSPF Functions Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 138 3600s for Type 5 LSAs so that the invalid Type 5 LSAs from other switches can be deleted in time. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 139 [ process-id ] routing router-id [ router-id ] Run the display ospf [ process-id ] interface [ all | interface-type interface-number ] [ verbose ] command to check OSPF interface information. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 140: Configuring Bfd For Ospf

    Number of the OSPF process to be enabled with BFD for OSPF Type and number of the interface to be enabled with BFD for OSPF (Optional) Values of BFD session parameters NOTE The default parameter values are recommended. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 141: Configuring Bfd For Ospf In A Specified Process

    A short interval at which BFD packets are transmitted can be configured for a link that has a higher requirement for reliability. A long interval at which BFD packets are transmitted can be configured for a link that has a lower requirement for reliability. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 142: Configuring Bfd For Ospf On A Specified Interface

    OSPF to recalculate routes. This speeds up OSPF convergence. When the OSPF neighbor relationship goes Down, the BFD session between OSPF neighbors is dynamically deleted. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 143 A short interval at which BFD packets are transmitted can be configured for a link that has a higher requirement for reliability. A long interval at which BFD packets are transmitted can be configured for a link that has a lower requirement for reliability. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 144: Checking The Configuration

    Before configuring OSPF GR, familiarize yourself with the applicable environment, complete the pre-configuration tasks, and obtain the data required for the configuration. This will help you complete the configuration task quickly and efficiently. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 145: Enabling Ospf Gr

    Procedure Step 1 Run: system-view The system view is displayed. Step 2 Run: ospf [ process-id ] The OSPF view is displayed. Step 3 Run: opaque-capability enable Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 146: Optional) Configuring The Gr Session Parameters On The Restarter

    This part describes how to set GR session parameters (including the filtering policies, checks the LSAs outside the AS, and Planned GR) on the Helper. Procedure Step 1 Run: system-view The system view is displayed. Step 2 Run: Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 147: Checking The Configuration

    In a network demanding high security, you can configure OSPF authentication and adopt the GTSM mechanism to improve the security of the OSPF network. Pre-configuration Tasks Before improving the security of an OSPF network, complete the following tasks: Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 148: Configuring The Ospf Gtsm Functions

    The default action performed on the packets that do not match the GTSM policy is set. By default, the packets that do not match the GTSM policy can pass the filtering. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 149: Configuring The Authentication Mode

    The MD5 authentication is configured for the OSPF area. OSPF supports packet authentication. Only the OSPF packets passing the authentication can be received; otherwise, the neighbor relationship cannot be established normally. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 150 Keychain authentication mode. If the interfaces are in different network segments, the authentication mode and password of the interfaces can be different. ----End Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 151: Checking The Configuration

    Configuring IP addresses for interfaces to make neighboring nodes reachable Configuring Basic OSPF Functions Data Preparation To configuring the network management function of OSPF, you need the following data. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 152: Configuring Ospf Mib Binding

    | ospfnbrstatechange | ospfnssatranslatorstatuschange | ospforiginatelsa | ospfrestartstatuschange | ospftxretransmit | ospfvirtifauthfailure | ospfvirtifconfigerror | ospfvirtifrxbadpacket | ospfvirtifstatechange | ospfvirtiftxretransmit | ospfvirtnbrrestarthelperstatuschange | ospfvirtnbrstatechange } } Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 153: Configuring Ospf Log

    Run the display ospf [ process-id ] brief command to view information about the binding of OSPF MIBs and OSPF processes. Run the display snmp-agent trap feature-name ospf all command to view all trap messages of the OSPF module. ----End Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 154: Maintaining Ospf

    [ router-id ] ] command in the user view to clear OSPF counters. Run the reset ospf [ process-id ] redistribution command in the user view to clear the routes imported by OSPF. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 155: Configuration Examples

    Switch C XGE 0/0/2 VLANIF 40 172.16.1.1/24 Switch D XGE 0/0/1 VLANIF 30 192.168.2.2/24 Switch D XGE 0/0/2 VLANIF 50 172.17.1.1/24 Switch E XGE 0/0/1 VLANIF 40 172.16.1.2/24 Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 156 # Configure Switch A. [SwitchA] router id 1.1.1.1 [SwitchA] ospf [SwitchA-ospf-1] area 0 [SwitchA-ospf-1-area-0.0.0.0] network 192.168.0.0 0.0.0.255 [SwitchA-ospf-1-area-0.0.0.0] quit [SwitchA-ospf-1] area 1 [SwitchA-ospf-1-area-0.0.0.1] network 192.168.1.0 0.0.0.255 [SwitchA-ospf-1-area-0.0.0.1] quit Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 157 Area 0.0.0.1 interface 192.168.1.1(Vlanif20)'s neighbors Router ID: 3.3.3.3 Address: 192.168.1.2 GR State: Normal State: Full Mode:Nbr is Master Priority: 1 DR: 192.168.1.1 BDR: 192.168.1.2 MTU: 0 Dead timer due in 39 Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 158 Inter Area: 3 ASE: 0 NSSA: 0 [SwitchD] ping 172.16.1.1 PING 172.16.1.1: 56 data bytes, press CTRL_C to break Reply from 172.16.1.1: bytes=56 Sequence=1 ttl=253 time=62 ms Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 159 XGigabitEthernet0/0/1 port trunk allow-pass vlan 10 interface XGigabitEthernet0/0/2 port trunk allow-pass vlan 30 ospf 1 area 0.0.0.0 network 192.168.0.0 0.0.0.255 area 0.0.0.2 network 192.168.2.0 0.0.0.255 return Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 160 Configuration file of Switch E sysname SwitchE router id 5.5.5.5 vlan batch 40 interface Vlanif40 ip address 172.16.1.2 255.255.255.0 interface XGigabitEthernet0/0/1 port trunk allow-pass vlan 40 ospf 1 area 0.0.0.1 Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 161: Example For Configuring A Stub Area Of Ospf

    Switch E Switch F S-switch Interface VLANIF Interface IP Address SwitchA XGE 0/0/1 VLANIF 10 192.168.0.1/24 SwitchA XGE 0/0/2 VLANIF 20 192.168.1.1/24 SwitchB XGE 0/0/1 VLANIF 10 192.168.0.2/24 Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 162 Area 2 is 172.17.1.0/24. Configuration Procedure 4.14.1 Example for Configuring Basic OSPF Functions. Configure SwitchD to import static routes. # Import static routes on SwitchD, as follows: Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 163 [SwitchE-ospf-1-area-0.0.0.1] quit [SwitchE-ospf-1] quit # Check the routing table of SwitchC. [SwitchC] display ospf routing OSPF Process 1 with Router ID 3.3.3.3 Routing Tables Routing for Network Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 164 192.168.1.1 255.255.255.0 interface XGigabitEthernet0/0/1 port trunk allow-pass vlan 10 interface XGigabitEthernet0/0/2 port trunk allow-pass vlan 20 ospf 1 area 0.0.0.0 network 192.168.0.0 0.0.0.255 area 0.0.0.1 network 192.168.1.0 0.0.0.255 Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 165 1 area 0.0.0.2 network 192.168.2.0 0.0.0.255 network 172.17.1.0 0.0.0.255 ip route-static 200.0.0.0 255.0.0.0 NULL0 return Configuration file of SwitchE sysname SwitchE router id 5.5.5.5 Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 166: Example For Configuring An Ospf Nssa Area

    VLANIF 10 192.168.0.1/24 SwitchA XGE 0/0/2 VLANIF 20 192.168.1.1/24 SwitchB XGE 0/0/1 VLANIF 10 192.168.0.2/24 SwitchB XGE 0/0/2 VLANIF 30 192.168.2.1/24 SwitchC XGE 0/0/1 VLANIF 20 192.168.1.2/24 Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 167 Functions. Configure SwitchD to import static routes. See 4.14.2 Example for Configuring a Stub Area of OSPF. Configure Area 1 as an NSSA area. # Configure SwitchA. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 168 4.4.4.4 0.0.0.2 Routing for ASEs Destination Cost Type NextHop AdvRouter 100.0.0.0/8 Type2 192.168.2.1 1.1.1.1 Total Nets: 6 Intra Area: 2 Inter Area: 3 ASE: 1 NSSA: 0 Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 169 20 interface XGigabitEthernet0/0/2 port trunk allow-pass vlan 40 ospf 1 import-route static area 0.0.0.1 network 192.168.1.0 0.0.0.255 network 172.16.1.0 0.0.0.255 nssa ip route-static 100.0.0.0 255.0.0.0 NULL0 return Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 170: Example For Configuring Dr Election Of An Ospf Process

    192.168.1.1/24 SwitchB XGE 0/0/1 VLANIF 10 192.168.1.2/24 SwitchC XGE 0/0/1 VLANIF 10 192.168.1.3/24 SwitchD XGE 0/0/1 VLANIF 10 192.168.1.4/24 Configuration Roadmap The configuration roadmap is as follows: Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 171 [SwitchB-ospf-1-area-0.0.0.0] network 192.168.1.0 0.0.0.255 [SwitchB-ospf-1-area-0.0.0.0] quit [SwitchB-ospf-1] quit # Configure Switch C. [SwitchC] router id 3.3.3.3 [SwitchC] ospf [SwitchC-ospf-1] area 0 [SwitchC-ospf-1-area-0.0.0.0] network 192.168.1.0 0.0.0.255 [SwitchC-ospf-1-area-0.0.0.0] quit [SwitchC-ospf-1] quit Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 172 [SwitchB-Vlanif10] quit # Configure Switch C. [SwitchC] interface Vlanif 10 [SwitchC-Vlanif10] ospf dr-priority 2 [SwitchC-Vlanif10] quit # View the DR or BDR status. [SwitchD] display ospf peer Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 173 Dead timer due in 37 Retrans timer interval: 5 Neighbor is up for 00:07:17 Authentication Sequence: [ 0 ] # Check the status of an interface enabled with OSPF. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 174 10 interface Vlanif10 ip address 192.168.1.2 255.255.255.0 ospf dr-priority 0 interface XGigabitEthernet0/0/1 port trunk allow-pass vlan 10 ospf 1 area 0.0.0.0 network 192.168.1.0 0.0.0.255 return Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 175: Example For Configuring Ospf Load Balancing

    SwitchA, SwitchB, SwitchC, and SwitchD belong to Area 0. Load balancing is performed between SwitchB and SwitchC. The traffic of SwitchA is sent to SwitchD by SwitchB and SwitchC. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 176 The IP address of each interface is shown in Figure 4-9. The router ID of each Switch, the OSPF process ID, and the area to which each interface belongs are as follows: Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 177 172.17.1.0 is 10.1.1.2. NOTE In the preceding example, 10.1.1.2 is selected as the optimal next hop. This is because OSPF selects the next hop of the equal-cost route randomly. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 178 Direct 127.0.0.1 InLoopBack0 127.0.0.1/32 Direct 127.0.0.1 InLoopBack0 172.16.1.0/24 Direct 172.16.1.1 Vlanif50 172.16.1.1/32 Direct 127.0.0.1 InLoopBack0 172.17.1.0/24 OSPF 10.1.2.2 Vlanif20 192.168.0.0/24 OSPF 10.1.1.2 Vlanif10 192.168.1.0/24 OSPF 10.1.2.2 Vlanif20 Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 179 30 ospf 1 router-id 2.2.2.2 area 0.0.0.0 network 10.1.1.0 0.0.0.255 network 192.168.0.0 0.0.0.255 return Configuration file of SwitchC sysname SwitchC vlan batch 20 40 interface Vlanif20 Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 180: Example For Configuring Ospf Gr

    4-10, Switch A and Switch B have two main control boards, which work in active/standby mode. Switch A and Switch B belong to Area 0 and are connected through OSPF. They also provide the GR feature. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 181 Step 2 Configure the Opaque LSA function. [SwitchA] ospf [SwitchA-ospf-1] opaque-capability enable # Configure SwitchB. [SwitchB] ospf [SwitchB-ospf-1] opaque-capability enable Step 3 Configure the OSPF GR feature. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 182 Authentication Sequence: [ 0 ] The status of the neighbor is Full. ----End Configuration Files Configuration file of Switch A sysname SwitchA router id 1.1.1.1 vlan batch 10 Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 183: Example For Configuring Ospf-Bgp

    It is required to enable OSPF-BGP linkage on Switch B so that the traffic from Switch A to AS 20 is not interrupted after Switch B restarts. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 184 Establish IBGP full connections between Switch A, Switch B, Switch C, and Switch D (except 10.2.1.1/30). Set the OSPF cost on Switch C. Establish the EBGP connection between Switch D and Switch E. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 185 The configuration details are not mentioned here. Step 4 Configure an IBGP full connection. # Configure Switch A. <SwitchA> system-view [SwitchA] interface LoopBack 0 [SwitchA-LoopBack0] ip address 1.1.1.1 32 [SwitchA-LoopBack0] quit Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 186 Step 5 Configure an EBGP connection. # Configure Switch D. [SwitchD] bgp 10 [SwitchD-bgp] peer 10.2.1.2 as-number 20 [SwitchD-bgp] import-route direct [SwitchD-bgp] import-route ospf 1 [SwitchD-bgp] quit # Configure Switch E. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 187 InLoopBack0 10.1.2.0/30 OSPF 10.1.1.1 Vlanif10 10.1.3.0/30 Direct 0 10.1.3.1 Vlanif40 10.1.3.1/32 Direct 0 127.0.0.1 InLoopBack0 10.1.3.2/32 Direct 0 10.1.3.2 Vlanif40 10.1.4.0/30 OSPF 10.1.3.2 Vlanif40 10.1.4.1/32 10.1.3.2 Vlanif40 Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 188 Destinations : 13 Routes : 13 Destination/Mask Proto Cost Flags NextHop Interface 1.1.1.1/32 OSPF 65536 10.1.1.1 Vlanif10 2.2.2.2/32 Direct 0 127.0.0.1 InLoopBack0 4.4.4.4/32 OSPF 65536 10.1.3.2 Vlanif40 Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 189 1.1.1.1 255.255.255.255 bgp 10 router-id 1.1.1.1 peer 2.2.2.2 as-number 10 peer 2.2.2.2 connect-interface LoopBack 0 peer 3.3.3.3 as-number 10 peer 3.3.3.3 connect-interface LoopBack 0 peer 4.4.4.4 as-number 10 Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 190 SwitchC vlan batch 30 20 router id 3.3.3.3 interface Vlanif30 ip address 10.1.4.1 255.255.255.252 interface Vlanif20 ip address 10.1.2.2 255.255.255.252 interface LoopBack0 ip address 3.3.3.3 255.255.255.255 Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 191 1 peer 2.2.2.2 enable peer 1.1.1.1 enable peer 5.5.5.5 enable peer 3.3.3.3 enable ospf 1 area 0.0.0.0 network 4.4.4.4 0.0.0.0 network 10.1.3.0 0.0.0.3 network 10.1.4.0 0.0.0.3 return Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 192: Example For Configuring Ospf Gtsm

    The valid TTL ranges of the packets sent from Switch B, Switch D, and Switch F to Switch C are [254, 255], [253, 255], and [252, 255] respectively. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 193 Enable GTSM on each switch and specify the valid TTL range of packets. Data Preparation To complete the configuration, you need the following data: OSPF process number of each switch Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 194 # Check whether OSPF neighbors between switches are established normally. Take Switch A as an example. You can view the status of the neighbor relationship is Full, that is, neighbors are established normally. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 195 TTL value is not 255 when the packets reach Switch C. In the GTSM statistics of Switch C, the number of dropped packets also increases. ----End Configuration Files Configuration file of Switch A sysname SwitchA vlan batch 10 20 Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 196 Configuration file of Switch C sysname SwitchC vlan batch 20 40 router id 3.3.3.3 interface Vlanif20 ip address 192.168.1.2 255.255.255.0 interface Vlanif40 ip address 172.16.1.1 255.255.255.0 Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 197 172.16.1.2 255.255.255.0 interface XGigabitEthernet 0/0/2 port hybrid pvid vlan 40 port hybrid untagged vlan 40 ospf 1 area 0.0.0.1 network 172.16.1.0 0.0.0.255 ospf valid-ttl-hops 1 Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 198: Example For Configuring Bfd For Ospf

    Figure 4-13 Networking diagram for configuring BFD for OSPF SwitchA SwitchB XGE0/0/2 XGE0/0/3 XGE0/0/2 GE0/0/1 XGE0/0/1 XGE0/0/1 XGE0/0/1 XGE0/0/2 SwitchC Switch Interface VLANIF interface IP address Switch A XGE0/0/1 VLANIF 10 1.1.1.1/24 Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 199 [SwitchA-XGigabitEthernet0/0/1] port hybrid pvid vlan 10 [SwitchA-XGigabitEthernet0/0/1] port hybrid untagged vlan 10 [SwitchA-XGigabitEthernet0/0/1] quit [SwitchA] interface XGigabitEthernet 0/0/2 [SwitchA-XGigabitEthernet0/0/2] port hybrid pvid vlan 20 [SwitchA-XGigabitEthernet0/0/1] port hybrid untagged vlan 20 [SwitchA-XGigabitEthernet0/0/2] quit Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 200 100 ms, and set the local detection time multiplier to 4. [SwitchA] interface vlanif 20 [SwitchA-Vlanif20] ospf bfd enable [SwitchA-Vlanif20] ospf bfd min-tx-interval 100 min-rx-interval 100 detect- multiplier 4 [SwitchA-Vlanif20] quit Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 201 The next hop address of the route to 172.16.1.0/24 becomes 1.1.1.2. ----End Configuration Files Configuration file of Switch A sysname SwitchA Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 202 XGigabitEthernet0/0/3 port hybrid pvid vlan 40 port hybrid untagged vlan 40 ospf 1 bfd all-interface enable area 0.0.0.0 network 3.3.3.0 0.0.0.255 network 2.2.2.0 0.0.0.255 network 172.16.1.0 0.0.0.255 Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 203 10 interface XGigabitEthernet0/0/2 port hybrid pvid vlan 30 port hybrid untagged vlan 30 ospf 1 bfd all-interface enable area 0.0.0.0 network 1.1.1.0 0.0.0.255 network 2.2.2.0 0.0.0.255 return Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 204: Ospfv3 Configuration

    5.9 Optimizing an OSPFv3 Network By configuring OSPFv3 functions in special network environments, you can adjust and optimize the OSPFv3 network performance. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 205 By configuring OSPFv3 GR, you can avoid inaccurate route calculation and packet loss after an OSPFv3 router restarts. 5.11 Maintaining OSPFv3 Maintaining OSPFv3 and Debugging OSPFv3 involve resetting OSPFv3. 5.12 Configuration Examples This section provides several configuration examples of OSPFv3. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 206: Ospfv3 Overview

    You need to enable OSPFv3 and specify interfaces and area IDs before configuring other functions. Applicable Environment Enable the OSPFv3 process and specify its router ID before configuring OSPFv3; otherwise, other functions cannot take effect. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 207: Enabling Ospfv3

    To ensure the stable running of OSPFv3, you need to allocate router IDs and set them in network planning. Do as follows on the switch that runs OSPFv3. Procedure Step 1 Run: system-view The system view is displayed. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 208: Enabling Ospfv3 On An Interface

    0 is adopted. In this case, the configured network type of an interface mismatches the actual network type of the interface. This step is mandatory in such a case. ----End Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 209: Entering The Ospfv3 Area View

    Run the display ospfv3 interface [ area area-id ] [ interface-type interface-number ] command to check the OSPFv3 interface information. Run the commands as follow to check the LSDB information about OSPFv3: Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 210: Establishing Or Maintaining Ospfv3 Neighbor Relationship

    Speed up the convergence of an OSPFv3 network by adjusting the intervals for updating and receiving LSAs. Pre-configuration Tasks Before establishing or maintaining the OSPFv3 neighbor relationship, complete the following tasks: Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 211: Configuring The Interval For Sending Hello Packets

    5.4.3 Configuring Dead Time of Neighbor Relationship If a router does not receive a Hello packet from its neighbor within the Holddown time, the router considers the neighbor relationship invalid. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 212: Configuring The Interval For Retransmitting Lsas To Neighboring Switches

    The interval for retransmitting LSAs to the adjacent routers is set. The value of seconds must be greater than the time taken to transmit a packet between two switches. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 213: Configuring The Delay For Transmitting Lsas On The Interface

    The configurations for the Establishing or Maintaining OSPFv3 Neighbor Relationship are complete. Procedure Run the display ospfv3 interface [ area area-id ] [ interface-type interface-number ] command to check the OSPFv3 interface information. ----End Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 214: Configuring Ospfv3 Areas

    Context Do as follows on each switch that runs OSPFv3 in the stub area: Procedure Step 1 Run: system-view The system view is displayed. Step 2 Run: Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 215: Configuring Ospfv3 Virtual Links

    A virtual link must be configured at both ends of the link; otherwise, it does not take effect. Do as follows on the switch that runs OSPFv3. Procedure Step 1 Run: system-view The system view is displayed. Step 2 Run: ospfv3 [ process-id ] Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 216: Checking The Configuration

    Type 7 NSSA LSA is introduced. 5.6.1 Establishing the Configuration Task NSSAs are introduced because stub areas cannot import external routes. An NSSA allows the transmission of Type 7 LSAs. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 217: Defining The Current Area To Be An Nssa Area

    [ default-route-advertise [ cost cost | type type | tag tag ] | no-import- route | no-summary | translator-always | translator-interval translator-interval | set-n-bit ] An area is configured as an NSSA. ----End Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 218: Checking The Configuration

    Set the cost on the OSPFv3 interface. Configure load balancing among equal-cost routes. Pre-configuration Tasks Before configuring OSPFv3 route attributes, complete the following tasks: Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 219: Setting The Cost Of The Ospfv3 Interface

    If the destinations and costs of the multiple routes discovered by one routing protocol are the same, load balancing can be performed among these routes. Context Do as follows on the switch that runs OSPFv3: Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 220: Checking The Configuration

    5.8 Controlling OSPFv3 Routing Information This section describes how to control OSPF routing information. Detailed operations include configuring route aggregation, filtering the received routes, and importing external routes. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 221: Establishing The Configuration Task

    No LSA that belongs to the summarization network segment is separately transmitted, thus reducing the LSDB size of other areas. Procedure Configure route summarization on an ABR. Do as follows on the ABR that runs OSPFv3: Run: Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 222: Configuring Ospfv3 To Filter The Received Routes

    Using the filter-policy command, you can only filter the routes calculated by OSPFv3. Routes that do not pass the filtering are neither added to the OSPFv3 routing table nor advertised. ----End Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 223: Configuring Ospfv3 To Import External Routes

    You can configure OSPFv3 to filter a certain type of routing information by specifying the protocol. If protocol is not specified, OSPFv3 filters all the imported routes. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 224: Checking The Configuration

    By adjusting the OSPFv3 timer, you can change the convergence speed of an OSPFv3 network and the network overload caused by protocol packets. On low-speed links, you need to consider Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 225: Configuring The Spf Timer

    Procedure Configure an SPF normal timer. Do as follows on the switch that runs OSPFv3: Run: system-view The system view is displayed. Run: ospfv3 [ process-id ] Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 226: Suppressing An Interface From Sending And Receiving Ospfv3 Packets

    Step 1 Run: system-view The system view is displayed. Step 2 Run: ospfv3 [ process-id ] The OSPFv3 view is displayed. Step 3 Run: silent-interface interface-type interface-number Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 227: Configuring Dr Priority Of An Interface

    Restarting all switches. Running the shutdown and undo shutdown commands on the interface on which the OSPFv3 neighbor relationship is set up. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 228: Configuring Stub Routers

    Do as follows on the switch that runs OSPFv3: Procedure Step 1 Run: system-view The system view is displayed. Step 2 Run: interface vlanif interface-number The interface view is displayed. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 229: Checking The Configuration

    By default, the OSPFv3 GR capability and Helper capability are disabled. Applicable Environment To prevent route flapping and service interruption due to the restart of OSPFv3, you can enable OSPFv3 GR. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 230: Enabling Ospfv3 Gr

    OSPFv3 GR is enabled. By default, OSPFv3 GR is disabled. ack-time is optional. After ack-time is specified, the restarter can discover more neighbors in the time period. ----End Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 231: Enabling The Helper Of Ospfv3 Gr

    5.11 Maintaining OSPFv3 Maintaining OSPFv3 and Debugging OSPFv3 involve resetting OSPFv3. 5.11.1 Resetting OSPFv3 Restarting OSPFv3 can reset OSPFv3. In addition, you can reset OSPFv3 through GR. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 232: Configuration Examples

    Switch B and Switch C serve as ABRs to forward the inter-area routes. You need to configure Area 2 as a stub area. The LSAs advertised to this area can thus be reduced, without affecting the reachability of routes. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 233 Router ID (1.1.1.1) of Switch A and area (Area 1) where Switch A is located Router ID (2.2.2.2) of Switch B and areas (Area 0 and Area 1) where Switch B is located Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 234 [Switch C] interface vlanif 30 [Switch C-Vlanif30] ospfv3 1 area 0 [Switch C-Vlanif30] quit [Switch C] interface vlanif 40 [Switch C-Vlanif40] ospfv3 1 area 2 [Switch C-Vlanif40] quit Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 235 # Configure the stub area of Switch C, and set the cost of the default route advertised to the stub area to 10. [Switch C] ospfv3 [Switch C-ospfv3-1] area 2 [Switch C-ospfv3-1-area-0.0.0.2] stub [Switch C-ospfv3-1-area-0.0.0.2] default-cost 10 [Switch C-ospfv3-1-area-0.0.0.2] quit Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 236 20 interface Vlanif20 ipv6 enable ipv6 address 1001::2/64 ospfv3 1 area 0.0.0.1 interface XGigabitEthernet0/0/1 port hybrid pvid vlan 20 port hybrid untagged vlan 20 Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 237 40 interface XGigabitEthernet0/0/2 port hybrid pvid vlan 30 port hybrid untagged vlan 30 ospfv3 1 router-id 3.3.3.3 area 0.0.0.2 stub no-summary default-cost 10 Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 238: Example For Configuring Dr Election Through Ospfv3

    SwitchC SwitchD Device name Interface VLANIF interface IP address Switch A XGE0/0/1 VLANIF 10 1001::1/64 Switch B XGE0/0/1 VLANIF 10 1001::2/64 Switch C XGE0/0/1 VLANIF 10 1001::3/64 Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 239 # On Switch A, enable OSPFv3 and set the router ID to 1.1.1.1. [Switch A] ospfv3 [Switch A-ospfv3-1] router-id 1.1.1.1 [Switch A-ospfv3-1] quit [Switch A] interface vlanif 10 [Switch A-Vlanif10] ospfv3 1 area 0 [Switch A-Vlanif10] quit Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 240 # Configure the DR priority of Switch A to 100. [Switch A] interface vlanif 10 [Switch A-Vlanif10] ospfv3 dr-priority 100 [Switch A-Vlanif10] quit # Configure the DR priority of Switch B to 0. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 241 Neighbor ID State Dead Time Interface Instance ID 1.1.1.1 Full/DR 00:00:39 Vlanif10 2.2.2.2 2-Way/DROther 00:00:35 Vlanif10 3.3.3.3 Full/Backup 00:00:39 Vlanif10 ----End Configuration Files Configuration file of Switch A Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 242 1 area 0.0.0.0 ospfv3 dr-priority 2 interface XGigabitEthernet0/0/1 port hybrid pvid vlan 10 port hybrid untagged vlan 10 ospfv3 1 router-id 3.3.3.3 return Configuration file of Switch D Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 243: Example For Configuring The Ospfv3 Virtual Link

    VLANIF 10 1001::1/64 Switch B XGE0/0/2 VLANIF 20 1000::1/64 Switch C XGE0/0/2 VLANIF 20 1000::2/64 Switch C XGE0/0/1 VLANIF 30 1002::1/64 Switch D XGE0/0/2 VLANIF 30 1002::2/64 Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 244 # On Switch B, enable OSPFv3 and set the router ID to 2.2.2.2. [Switch B] ospfv3 [Switch B-ospfv3-1] router-id 2.2.2.2 [Switch B-ospfv3-1] quit [Switch B] interface vlanif 10 Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 245 Codes : E2 - Type 2 External, E1 - Type 1 External, IA - Inter-Area,N - NSSA, U - Uninstalled OSPFv3 Process (1) Destination Metric Next-hop 1000::/64 directly connected, Vlanif20 1000::1/128 Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 246 10 interface XGigabitEthernet0/0/2 port hybrid pvid vlan 20 port hybrid untagged vlan 20 ospfv3 1 router-id 2.2.2.2 area 0.0.0.1 vlink-peer 3.3.3.3 return Configuration file of Switch C Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 247: Example For Configuring Ospfv3 Gr

    When OSPFv3 adjacencies are established between Switch A, Switch C, and Switch B, the three switches can exchange routing information. If the OSPFv3 protocol restarts on Switch A, Switch A synchronizes data with the neighboring switches through GR. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 248 [SwitchA-XGigabitEthernet0/0/1] port hybrid untagged vlan 10 [SwitchA-XGigabitEthernet0/0/1] quit The configurations of Switch B and Switch C are similar to the configuration of Switch A and are not mentioned here. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 249 Flag Interface Vlanif10 Tunnel ID TimeStamp Date- 25:6:2007, Time- 17:31:46 Destination: 2000:: PrefixLength : 64 NextHop FE80::200:1FF:FE00:200 Flag Interface Vlanif10 Tunnel ID TimeStamp Date- 26:6:2007, Time- 14:6:3 Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 250 Vlanif10 ipv6 enable ipv6 address 1000::1/64 ospfv3 100 area 0.0.0.0 interface XGigabitEthernet0/0/1 port hybrid pvid vlan 10 port hybrid untagged vlan 10 ospfv3 100 router-id 1.1.1.1 graceful-restart Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 251 Vlanif20 ipv6 enable ipv6 address 2000::2/64 ospfv3 100 area 0.0.0.0 interface XGigabitEthernet0/0/1 port hybrid pvid vlan 20 port hybrid untagged vlan 20 ospfv3 100 router-id 3.3.3.3 return Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 252: Is-Is Configuration

    If other routing protocols are configured on an IS-IS network, you need to configure IS-IS to interact with these protocols to ensure successful communication between them. 6.8 Configuring the IPv4 IS-IS Route Convergence Speed Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 253 By configuring IS-IS GR, you can enable Switch to restart gracefully and avoid temporary black holes. 6.17 Maintaining IS-IS Maintaining IS-IS involves resetting IS-IS and clearing IS-IS statistics. 6.18 Configuration Examples This section provides examples of IS-IS configuration. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 254: Basic Concepts Of Is-Is

    IS-IS topology. The Level-1-2 routers are used to connect the Level-1 and the Level-2 routers, and are used to establish the backbone network together with Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 255: Is-Is Features Supported By The S6700

    Link State Protocol Data Unit (LSP) fragment extension, dynamic host name exchange, fast convergence, Bidirectional Forwarding Detection (BFD), and three-way handshake. Multi-Instance and Multi-Process IS-IS supports multi-process and multi-instance, facilitating management and improving control efficiency of IS-IS. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 256 To solve this problem, you can enable local MT to create a separate Multicast IGP (MIGP) routing table for multicast packets. NOTE For details about local MT, see the "IS-IS" chapter in the S6700 Series Ethernet Switches Feature Description-IP Routing. IS-IS MT IS-IS MT, a set of independent IP topologies, is an optional mechanism within IS-ISs used today by many ISPs for IGP routing.
  • Page 257 IS-IS has this attribute, IS-IS adds the administrative tag to the reachability TLV in the prefix. In this manner, the tag is advertised throughout the entire IS-IS area. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 258 (DIS) on a broadcast network. Then LSPs of pseudo nodes advertise this association in the form of a dynamic host name TLV. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 259 I-SPF changes, PRC calculates all the leaves on only the changed node; if the SPT calculated using I-SPF does not change, PRC calculates only the changed leaf. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 260 IS-IS neighbors and reports them to IS-IS. Fast convergence of IS- IS is then implemented. NOTE BFD detects only one-hop links between IS-IS neighbors. This is because IS-IS establishes only one-hop neighbors. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 261 IS to recalculate routes to correctly guide packet forwarding. The S6700 supports dynamic IPv4 and IPv6 BFD for IS-IS. NOTE For details about IS-IS GR, see the "IS-IS" chapter in the S6700 Series Ethernet Switches Feature Description-IP Routing. IS-IS Three-Way Handshake A reliable link layer protocol is required when IS-IS runs on a point-to-point (P2P) link.

  • Page 262: Configuring Basic Ipv4 Is-Is Functions

    Before configuring basic IPv4 IS-IS functions, create IPv4 IS-IS processes and then enable IPv4 IS-IS interfaces. Context To create an IPv4 IS-IS process, perform the following operations: Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 263 Level-1 IS-IS neighbor relationships can be established only if area addresses of NETs are the same. (Optional) Configure the level of a device. Run: system-view Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 264 Run: isis [ process-id ] An IS-IS process is created, and the IS-IS view is displayed. Run: log-peer-change The output of the adjacency status is enabled. ----End Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 265: Configuring Ipv4 Is-Is Interfaces

    The system view is displayed. Run: interface interface-type interface-number The interface view is displayed. Run: isis circuit-level [ level-1 | level-1-2 | level-2 ] The level of the interface is configured. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 266: Optional) Configuring The Ipv4 Is-Is Interfaces

    Procedure Configure the IS-IS cost type. Run: system-view The system view is displayed. Run: isis [ process-id ] The IS-IS view is displayed. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 267 The cost of the IS-IS interface is configured. You can use the isis cost command to configure the cost of a specified interface. Configure the global IS-IS cost. Run: system-view Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 268 10 Mbit/s < interface bandwidth ≤ 100 Mbit/ 100 Mbit/s < interface bandwidth ≤ 155 Mbit/ 155 Mbit/s < interface bandwidth ≤ 622 Mbit/ 622 Mbit/s < Interface bandwidth ≤ 2.5 Gbit/ Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 269: Optional) Configuring Ipv4 Is-Is Attributes For Interfaces On Different Types Of Networks

    The interface view is displayed. Run: isis dis-priority priority [ level-1 | level-2 ] The DIS priority is configure on the interface. The greater the value, the higher the priority. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 270 P2P, and then run the isis ppp- negotiation command to set the negotiation mode for the establishment of the neighbor relationship. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 271: Checking The Configuration

    After basic IPv4 IS-IS functions are configured, you can view information about IS-IS neighbors, interfaces, and routes. Prerequisites The configurations of basic IPv4 IS-IS functions are complete. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 272: Establishing Or Maintaining Is-Is Neighbor Relationships Or Adjacencies

    6.3 Configuring Basic IPv4 IS-IS Functions Data Preparation To establish or maintain IS-IS neighbor relationships or adjacencies, you need the following data. Data Parameters of IS-IS timers Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 273: Configuring Is-Is Timers For Packets

    [ level-1 | level-2 ] The invalid number of Hello packets is set. If no level is specified, both the Level-1 timer and Level-2 timer are configured. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 274 LSP packet on the P2P link is 5 seconds. The LSPs sent on a broadcast link do not need any response. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 275: Configuring Lsp Parameters

    LSP is 1200 seconds. When performing configurations, ensure that the LSP refresh interval is 300 seconds shorter than the maximum LSP Keepalive time. In this way, new LSPs can reach all switches in an area before existing LSPs expire. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 276 IS-IS process is reset, the interval is reduced to init-interval. When only max-interval is used, the intelligent timer changes into a normal one-short timer. Configuring the Size of an LSP Run: system-view Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 277 When mesh-blocked is configured on an interface, the interface is blocked and cannot flood LSPs outside. All the interfaces added to a mesh group implement global LSDB synchronization through CSNP and PSNP mechanisms. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 278: Checking The Configuration

    ] – display isis statistics packet [ interface interface-type interface-number ] – display isis process-id statistics [ level-1 | level-2 | level-1-2 | packet ] ----End Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 279: Configuring Ipv4 Is-Is Route Selection

    Configuring Basic IPv4 IS-IS Functions Data Preparation To configure IPv4 IS-IS route selection, you need the following data. Data ACL for filtering routes, IP prefix list, or routing policy Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 280: Configuring Ipv4 Is-Is Route Leaking

    | acl-name acl-name | ip-prefix ip-prefix-name | route-policy route- policy-name } ] Routes in the Level-2 area and other Level-1 areas that meet the specified conditions are leaked into the local Level-1 area. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 281: Configuring Principles For Using Equal-Cost Ipv4 Is-Is Routes

    This configuration facilitates traffic management and improves the network reliability, without the need to change original configurations. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 282: Filtering Ipv4 Is-Is Routes

    IP routing table. IS-IS routes that do not meet the specified conditions cannot be added to the IP routing table and cannot be selected to forward IP packets. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 283: Configuring An Overload Bit For An Ipv4 Is-Is Device

    [ on-startup [ timeout1 | start-from-nbr system-id [ timeout1 [ timeout2 ] ] | wait-for-bgp [ timeout1 ] ] ] [ allow { interlevel | external } The overload bit is configured. ----End Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 284: Checking The Configuration

    [ avoid-feedback | generate_null0_route | tag tag | [ level-1 | level-1-2 | level-2 ] ] The specified IS-IS routes are summarized into one IS-IS route. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 285: Configuring Ipv4 Is-Is To Interact With Other Routing Protocols

    To ensure successful traffic forwarding, configure IS-IS to interact with other routing protocols on a device where external routes are configured, for example, a Level-1-2 IS- IS router. Available methods are as follows: Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 286: Configuring A Preference Value For Ipv4 Is-Is

    To prefer a route discovered by IS-IS, configure a higher preference value for IS-IS. In addition, a routing policy can be configured to increase the preferences of specified IS-IS routes, without affecting route selection. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 287: Configuring Ipv4 Is-Is To Advertise A Default Route

    Only the route 0.0.0.0/0 can be advertised as a default route on a Level-1-2 device. All traffic destined for other areas is first forwarded to the Level-1-2 device. To ensure successful traffic forwarding, external routes must be learned on the Level-1-2 device. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 288: Configuring Ipv4 Is-Is To Import External Routes

    IS-IS areas. Procedure Configure IS-IS to import external routes. Run: system-view The system view is displayed. Run: isis [ process-id ] The IS-IS view is displayed. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 289: Checking The Configuration

    [ verbose | [ level-1 | level-2 ] | ip-address [ mask | mask-length ] ] command to check IS- IS routing information. Run the display ip routing-table ip-prefix ip-prefix-name [ verbose ] command to check the IP routing table. ----End Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 290: Configuring The Ipv4 Is-Is Route Convergence Speed

    To configure the IPv4 IS-IS route convergence speed, you need the following data. Data Interval at which Hello packets are sent and the holding time of neighboring devices Flooding time of CSNPs and LSPs Interval for SPF calculation Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 291: Configuring The Interval For Detecting Is-Is Neighboring Device Failures

    A P2P link can transmit only one type of Hello packets. Therefore, there is no need to specify the level-1 or level-2 parameter if a P2P link is used. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 292: Setting Flooding Parameters Of Snps And Lsps

    Refresh interval of LSPs Maximum lifetime of LSPs Minimum interval at which LSPs are sent LSP fast flooding Interval at which LSPs are retransmitted over a P2P link Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 293 When only max-interval is specified, the intelligent timer functions as an ordinary one-time triggering timer. Set the maximum length for LSPs. Run: system-view Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 294 The larger a network, the greater the deviation between the LSP refresh interval and the maximum LSP lifetime. Set the maximum lifetime for LSPs. Run: system-view The system view is displayed. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 295 If a timer is configured and the configured timer does not expire before the route calculation, the LSPs are flooded immediately when being received; otherwise, the LSPs are sent when the timer expires. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 296: Setting The Spf Calculation Interval

    The delay for the first SPF calculation is determined by init-interval; the delay for the second SPF calculation is determined by incr-interval. From the third time on, the delay in SPF Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 297: Configuring Convergence Priorities For Ipv4 Is-Is Routes

    The convergence priority of a Level-1 IS-IS route is higher than that of a Level-2 IS-IS route. l If the route level is not specified, the configuration of the prefix-priority command takes effect for both Level-1 and Level-2 IS-IS routes. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 298: Checking The Configuration

    Before configuring static IPv4 BFD for IS-IS, complete the following tasks: Assign an IP address to each interface to ensure IP connectivity. Configuring Basic IPv4 IS-IS Functions Configuration Roadmap The configuration roadmap is as follows: Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 299 The local discriminator set using the local discr-value command on a device must be the same as the remote discriminator set using the remote discr-value command on the device of the other end. Run: commit Configurations are committed. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 300: Configuring Dynamic Ipv4 Bfd For Is-Is

    (including source and destination IP addresses). Then a BFD session will be established based on the received neighbor parameters. Dynamic BFD is more flexible than static BFD. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 301 BFD for IS-IS is enabled. After BFD is enabled globally and the neighbor status becomes Up, IS-IS adopts default BFD parameters to establish BFD sessions on all interfaces. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 302 If BFD session parameters are configured for both a process and an interface, the parameters on the interface will be used to establish a dynamic BFD session. ----End Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 303: Configuring Basic Ipv6 Is-Is Functions

    To configure basic IPv6 IS-IS functions, you need the following data. Data IS-IS process ID NTE of an IS-IS process Level of each device and level of each interface Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 304: Creating Ipv6 Is-Is Processes

    1. To associate an IS-IS process with a VPN instance, run the isis [ process-id ] [ vpn-instance vpn-instance-name ] command. Run: network-entity net A NET is configured. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 305 Run: is-name map system-id symbolic-name IS-IS static host name mapping is configured. The system ID of a peer IS-IS device is mapped to the specified host name. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 306: Configuring Ipv6 Is-Is Interfaces

    Configure an IS-IS interface. Run: system-view The system view is displayed. Run: interface interface-type interface-number The interface view is displayed. Run: ipv6 enable The IPv6 of interface is enabled. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 307: Optional) Configuring The Ipv6 Is-Is Interfaces

    ----End 6.11.4 (Optional) Configuring the IPv6 IS-IS Interfaces Configuring the IS-IS interface costs can control IS-IS route selection. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 308 1023. Subsequent routes forwarded by the interface are discarded. – If relax-spf-limit is specified, the cost of a route works as follows: Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 309 The IS-IS view is displayed. Run: ipv6 bandwidth-reference value The reference value of the bandwidth is configured. By default, the bandwidth reference value is 100 Mbit/s. Run: ipv6 auto-cost enable Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 310: Optional) Configuring Ipv6 Is-Is Attributes For Interfaces On Different Types Of Networks

    P2P, you can configure the type of an interface on the local device to P2P so that an IS-IS neighbor relationship can be established between the two devices. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 311 Hello packets that IS-IS fails to receive from a neighbor before the neighbor is declared Down, interval for retransmitting LSPs on a P2P link, various IS-IS authentication modes, DIS priority, and interval for sending CSNPs on a broadcast network. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 312 Configure IS-IS not to check whether the IP addresses of received Hello packets are on the same network segment. Run: system-view The system view is displayed. Run: interface interface-type interface-number Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 313: Checking The Configuration

    Therefore, configure IPv6 IS-IS route selection to implement refined control over route selection. To implement refined control over IPv6 IS-IS route selection, perform the following operations: Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 314: Configuring Ipv6 Is-Is Route Leaking

    Level-1 area. Therefore, a device in a Level-1 area can forward traffic to a Level-2 device only through the nearest Level-1-2 device. The route used may not be the optimal route to the destination. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 315 By default, all routes in a Level-1 area are leaked into the Level-2 area. After this command is run, only routes that meet the specified conditions can be leaked into the Level-2 area. ----End Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 316: Configuring Principles For Using Equal-Cost Ipv6 Is-Is Routes

    IP routing table. IS-IS routes that do not meet the specified conditions cannot be added to the IP routing table and cannot be selected to forward IP packets. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 317: Configuring An Overload Bit For An Ipv6 Is-Is Device

    [ on-startup [ timeout1 | start-from-nbr system-id [ timeout1 [ timeout2 ] ] | wait-for-bgp [ timeout1 ] ] ] [ allow { interlevel | external } The overload bit is configured. ----End Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 318: Checking The Configuration

    [ avoid-feedback | generate_null0_route | tag tag | [ level-1 | level-1-2 | level-2 ] ] The specified IS-IS routes are summarized into one IS-IS route. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 319: Configuring Ipv6 Is-Is To Interact With Other Routing Protocols

    To ensure successful traffic forwarding, configure IS-IS to interact with other routing protocols on a device where external routes are configured, for example, a Level-1-2 IS- IS router. Available methods are as follows: Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 320: Configuring A Preference Value For Ipv6 Is-Is

    To prefer a route discovered by IS-IS, configure a higher preference value for IS-IS. In addition, a routing policy can be configured to increase the preferences of specified IS-IS routes, without affecting route selection. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 321: Configuring Ipv6 Is-Is To Advertise A Default Route

    If multiple Level-1-2 devices are deployed, a routing policy can be configured to allow only the Level-1-2 device that meets the specified conditions to advertise a default route, preventing blackhole routes. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 322: Configuring Ipv6 Is-Is To Import External Routes

    Run: system-view The system view is displayed. Run: isis [ process-id ] The IS-IS view is displayed. Run: ipv6 import-route IS-IS is configured to import external routes. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 323: Checking The Configuration

    IP routing table. ----End 6.15 Configuring the IPv6 IS-IS Route Convergence Speed Accelerating IS-IS route convergence can improve the fault location efficiency and improve the network reliability. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 324: Establishing The Configuration Task

    Interval at which Hello packets are sent and the holding time of neighboring devices Flooding time of CSNPs and LSPs Interval for SPF calculation Route convergence priority Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 325: Configuring The Interval For Detecting Is-Is Neighboring Device Failures

    Set the holding multiplier for neighboring devices. Run: system-view The system view is displayed. Run: interface interface-type interface-number The interface view is displayed. Run: isis timer holding-multiplier number [ level-1 | level-2 ] Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 326: Setting Flooding Parameters Of Snps And Lsps

    [ level-1 | level-2 ] The interval at which CSNPs are sent is set on the specified interface. NOTE Configure Level-1 and Level-2 only when a broadcast interface is specified. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 327 Ensure that the value of max-size for LSPs to be generated must be smaller than or equal to the value of max-size for LSPs to be received. The value of max-size in the lsp-length command must meet the following conditions. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 328 0, the LSP will be deleted from the LSDB 60s later if no more updated LSPs are received. Set the minimum interval at which LSPs are sent. Run: system-view The system view is displayed. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 329 The interface view is displayed. Run: isis timer lsp-retransmit retransmit-interval The interval at which LSPs are retransmitted over a P2P link is set. ----End Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 330: Setting The Spf Calculation Interval

    Context By default, the convergence priority of 128-bit host routes is medium, and the convergence priority of the other IS-IS routes is low. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 331: Checking The Configuration

    Run the display isis route [ process-id | vpn-instance vpn-instance-name ] ipv6 [ verbose | [ level-1 | level-2 ] | ipv6-address [ prefix-length ] ] command to check the preference of IS-IS routes. ----End Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 332: Configuring Is-Is Gr

    To configure IS-IS GR, you need the following data. Data ID of an IS-IS process Interval for reestablishing GR sessions Whether to suppress the advertisement of the adjacency when the GR restarter restarts Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 333: Enabling Is-Is Gr

    LSPs, the preceding case can thus be avoided. Do as follows on the switch that runs IS-IS: Procedure Step 1 Run: system-view The system view is displayed. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 334: Checking The Configuration

    Maintaining IS-IS involves resetting IS-IS and clearing IS-IS statistics. 6.17.1 Resetting IS-IS Data Structure By restarting IS-IS, you can reset IS-IS. You can also reset IS-IS in GR mode. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 335: Resetting A Specific Is-Is Neighbor

    Step 1 Run reset isis peer system-id [ process-id | vpn-instance vpn-instance-name ] command to reset a specific IS-IS neighbor. ----End 6.18 Configuration Examples This section provides examples of IS-IS configuration. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 336: Example For Configuring Basic Is-Is Functions

    VLANIF 10 10.1.1.1/24 SwitchC XGE 0/0/2 VLANIF 20 10.1.2.1/24 SwitchC XGE 0/0/3 VLANIF 30 192.168.0.1/24 SwitchD XGE 0/0/1 VLANIF 30 192.168.0.2/24 SwitchD XGE 0/0/2 VLANIF 40 172.16.1.1/24 Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 337 [SwitchD] isis 1 [SwitchD-isis-1] is-level level-2 [SwitchD-isis-1] network-entity 20.0000.0000.0004.00 [SwitchD-isis-1] quit Enable the IS-IS progress on each interface and enable IS-IS small-hello. # Configure SwitchA. [SwitchA] interface vlanif 10 Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 338 0000.0000.0002.01-00* 0x00000002 0xc0c4 0/0/0 Total LSP(s): 5 *(In TLV)-Leaking Route, *(By LSPID)-Self LSP, +-Self LSP(Extended), ATT-Attached, P-Partition, OL-Overload [SwitchC] display isis lsdb Database information for ISIS(1) -------------------------------- Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 339 10.1.2.0/24 NULL Vlanif10 10.1.1.1 A/-/-/- 192.168.0.0/24 NULL Vlanif10 10.1.1.1 A/-/-/- Flags: D-Direct, A-Added to URT, L-Advertised in LSPs, S-IGP Shortcut, U-Up/Down Bit Set [SwitchC] display isis route Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 340 Flags: D-Direct, A-Added to URT, L-Advertised in LSPs, S-IGP Shortcut, U-Up/Down Bit Set Configuration Files Configuration file of SwitchA sysname SwitchA vlan batch 10 isis 1 is-level level-1 network-entity 10.0000.0000.0001.00 Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 341 20 interface XGigabitEthernet0/0/3 port link-type trunk port trunk allow-pass vlan 30 return Configuration file of SwitchD sysname SwitchD vlan batch 30 40 Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 342: Example For Configuring Is-Is Route Aggregation

    SwitchA belongs to Area 20. SwitchB and SwitchC belong to Area 10. SwitchA is a Level-2 Switch. SwitchB is a Level-1-2 Switch. SwitchC is a Level-1 Switch. The addresses in Area 10 can be aggregated as 172.1.0.0/16. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 343 Figure 6-4 System ID, level, and area ID of each Switch – SwitchA: The system ID is 0000.0000.0001; the area ID is 20; the level is Level-2. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 344 Flags ------------------------------------------------------------------------- 172.1.1.0/24 NULL Vlanif50 172.2.1.2 A/-/-/- 172.1.2.0/24 NULL Vlanif50 172.2.1.2 A/-/-/- 172.1.3.0/24 NULL Vlanif50 172.2.1.2 A/-/-/- 172.1.4.0/24 NULL Vlanif50 172.2.1.2 A/-/-/- 172.2.1.0/24 NULL Vlanif50 Direct D/-/ Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 345 Configuration file of SwitchB sysname SwitchB vlan batch 10 50 isis 1 network-entity 10.0000.0000.0002.00 summary 172.1.0.0 255.255.0 level-1-2 interface Vlanif10 ip address 172.1.4.2 255.255.255.0 isis enable 1 Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 346: Example For Configuring The Dis Election Of Is-Is

    XGigabitEthernet0/0/4 port link-type trunk port trunk allow-pass vlan 40 return 6.18.3 Example for Configuring the DIS Election of IS-IS Networking Requirements As shown in Figure 6-5: Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 347 System ID, level, and area ID of each Switch – SwitchA: The system ID is 0000.0000.0001; the area ID is 10; the DIS priority is 100; the level is Level-1. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 348 [SwitchA-isis-1] quit [SwitchA] interface vlanif 10 [SwitchA-Vlanif10] isis enable 1 [SwitchA-Vlanif10] quit # Configure SwitchB. [SwitchB] isis 1 [SwitchB-isis-1] network-entity 10.0000.0000.0002.00 [SwitchB-isis-1] quit [SwitchB] interface vlanif 10 Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 349 # Display information about the IS-IS interfaces on SwitchD. [SwitchD] display isis interface Interface information for ISIS(1) --------------------------------- Interface IPV4.State IPV6.State Type Vlanif10 Down 1497 L1/L2 No/Yes Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 350 Interface information for ISIS(1) --------------------------------- Interface IPV4.State IPV6.State Type Vlanif10 Down 1497 L1/L2 No/No # Display information about the IS-IS neighbors and IS-IS interfaces on SwitchD. [SwitchD] display isis peer Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 351 10 return Configuration file of SwitchC sysname SwitchC vlan batch 10 isis 1 is-level level-1 network-entity 10.0000.0000.0003.00 interface Vlanif10 ip address 10.1.1.3 255.255.255.0 isis enable 1 Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 352: Example For Configuring Is-Is Load Balancing

    Figure 6-6 Networking diagram for configuring IS-IS load balancing Switch B XGE0/0/1 XGE0/0/2 Switch D XGE0/0/1 XGE0/0/1 XGE0/0/3 XGE0/0/3 Area10 XGE0/0/2 XGE0/0/2 Switch A XGE0/0/2 XGE0/0/1 Switch C Switch Interface VLANIF Interface IP Address Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 353 Weight for the preference of the equal-cost routes on Switch C: 1 Configuration Procedure Configure the IDs of the VLANs to which the interfaces belong. The configuration details are not mentioned here. Assign IP addresses to VLANIF interfaces. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 354 ExtCost ExitInterface NextHop Flags ------------------------------------------------------------------------- 192.168.1.0/24 NULL Vlanif20 10.1.2.2 A/-/-/- 10.1.1.0/24 NULL Vlanif10 Direct D/-/ 172.16.1.0/24 NULL Vlanif50 Direct D/-/ 172.17.1.0/24 NULL Vlanif10 10.1.1.2 A/-/-/- Vlanif20 10.1.2.2 Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 355 Thus, IS-IS chooses the next hop 10.1.2.2 as the best route. Configuration Files Configuration file of Switch A sysname SwitchA vlan batch 10 20 50 isis 1 is-level level-2 network-entity 10.0000.0000.0001.00 nexthop 10.1.2.2 weight interface Vlanif10 Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 356 20 40 isis 1 is-level level-2 network-entity 10.0000.0000.0003.00 interface Vlanif20 ip address 10.1.2.2 255.255.255.0 isis enable 1 interface Vlanif40 ip address 192.168.1.1 255.255.255.0 isis enable 1 Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 357: Example For Configuring Is-Is Gr

    After Switch A, Switch B, and Switch C set up IS-IS adjacencies with each other, they start to exchange routing information. When IS-IS is restarted on Switch A, Switch A resends connection requests to neighbors to synchronize the LSDB. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 358 The configurations of Switch B and Switch are similar to the configuration of Switch A, and are not mentioned here. Step 2 Assign an IP address to each VLANIF interface. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 359 As shown in the display, the FIB table on Switch A does not change and the forwarding service is not affected. # Disable IS-IS GR on Switch A. [SwitchA] isis 1 [SwitchA-isis-1] undo graceful-restart [SwitchA-isis-1] quit Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 360 150 is-level level-2 network-entity 10.0000.0000.0002.00 interface Vlanif20 ip address 100.2.1.2 255.255.255.0 isis enable 1 interface XGigabitEthernet0/0/1 port hybrid pvid vlan 20 port hybrid untagged vlan 20 Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 361: Example For Configuring Static Bfd For Is-Is

    100.2.1.1/24 XGE0/0/1 SwitchA SwitchB SwitchC 100.2.1.2/24 Switch Interface VLANIF interface IP address SwitchA XGE0/0/1 VLANIF 10 100.1.1.1/24 SwitchB XGE0/0/1 VLANIF 10 100.1.1.2/24 SwitchB XGE0/0/2 VLANIF 30 100.2.1.1/24 Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 362 The configurations of Switch B and Switch C are similar to the configuration of Switch A, and are not mentioned here. Step 3 Configuration basic IS-IS functions. # Configure Switch A. [SwitchA] isis 1 [SwitchA-isis-1] is-level level-2 [SwitchA-isis-1] network-entity aa.1111.1111.1111.00 [SwitchA-isis-1] quit Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 363 # Enable BFD on Switch B and configure a BFD session. [SwitchB] bfd [SwitchB-bfd] quit [SwitchB] bfd btoa bind peer-ip 100.1.1.1 interface vlanif 10 [SwitchB-bfd-session-btoa] discriminator local 2 [SwitchB-bfd-session-btoa] discriminator remote 1 [SwitchB-bfd-session-btoa] commit Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 364 Run the display isis route command or the display isis peer command on Switch A, no information is displayed. This indicates that the IS-IS neighbor relationship between Switch A and Switch B is deleted. ----End Configuration Files Configuration file of Switch A Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 365 10 interface XGigabitEthernet0/0/2 port hybrid pvid vlan 30 port hybrid untagged vlan 30 return Configuration file of Switch C sysname SwitchC vlan batch 30 Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 366: Example For Configuring Dynamic Bfd For Is-Is

    VLANIF 10 1.1.1.1/24 Switch A XGE0/0/2 VLANIF 20 3.3.3.1/24 Switch B XGE0/0/1 VLANIF 50 2.2.2.2/24 Switch B XGE0/0/2 VLANIF 20 3.3.3.2/24 Switch B XGE0/0/3 VLANIF 40 172.16.1.1/24 Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 367 Step 2 Assign an IP address to each VLANIF interface. [SwitchA] interface vlanif 10 [SwitchA-Vlanif10] ip address 1.1.1.1 24 [SwitchA-Vlanif10] quit [SwitchA] interface vlanif 20 [SwitchA-Vlanif20] ip address 3.3.3.1 24 [SwitchA-Vlanif20] quit Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 368 [SwitchA] display ip routing-table Route Flags: R - relay, D - download to fib ------------------------------------------------------------------------------ Routing Tables: Public Destinations : 8 Routes : 9 Destination/Mask Proto Cost Flags NextHop Interface Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 369 Diag : No diagnostic information Peer System ID : 0000.0000.0003 Interface : Vlanif10 Multiplier : 3 RemDis : 8192 Type : L2 Diag : No diagnostic information Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 370 Direct 0 127.0.0.1 Vlanif10 2.2.2.0/24 ISIS-L2 1.1.1.2 Vlanif10 3.3.3.0/24 Direct 15 D 1.1.1.2 Vlanif10 127.0.0.0/8 Direct 0 127.0.0.1 InLoopBack0 127.0.0.1/32 Direct 0 127.0.0.1 InLoopBack0 172.16.1.0/24 ISIS-L2 1.1.1.2 Vlanif10 Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 371 20 return Configuration file of Switch B sysname SwitchB vlan batch 20 40 50 isis 1 is-level level-2 bfd all-interfaces enable network-entity 10.0000.0000.0002.00 interface Vlanif50 Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 372: Example For Configuring Basic Is-Is Ipv6 Functions

    XGigabitEthernet0/0/2 port hybrid pvid vlan 50 port hybrid untagged vlan 50 return 6.18.8 Example for Configuring Basic IS-IS IPv6 Functions Networking Requirements As shown in Figure 6-10: Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 373 Enable the capability of IPv6 forwarding on each switch. Configure an IPv6 address for each interface. Enable IS-IS on each switch. Configure the level. Specify the network entity. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 374 [SwitchB-Vlanif20] isis ipv6 enable 1 [SwitchB-Vlanif20] quit # Configure Switch C. [SwitchC] isis 1 [SwitchC-isis-1] network-entity 10.0000.0000.0003.00 [SwitchC-isis-1] ipv6 enable [SwitchC-isis-1] quit [SwitchC] interface vlanif 10 [SwitchC-Vlanif10] isis ipv6 enable 1 Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 375 MT IDs supported : 0(UP) Local MT IDs Area Address(es) : 20 Peer IPv6 Address(es): FE80::F81D:0:1E24:2 Uptime : 00:53:18 Adj Protocol : IPV6 Restart Capable : YES Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 376 Topology Standard 0000.0000.0003.00 COST: 10 0000.0000.0005.00 COST: 10 IPV6 30::/64 COST: 10 IPV6 20::/64 COST: 10 Total LSP(s): 2 *(In TLV)-Leaking Route, *(By LSPID)-Self LSP, +-Self LSP(Extended), Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 377 20 port hybrid untagged vlan 20 return Configuration file of Switch C sysname SwitchC vlan batch 10 20 30 ipv6 isis 1 network-entity 10.0000.0000.0003.00 Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 378 XGigabitEthernet 0/0/2 port hybrid pvid vlan 40 port hybrid untagged vlan 40 interface XGigabitEthernet 0/0/1 port hybrid pvid vlan 30 port hybrid untagged vlan 30 return Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 379: Bgp Configuration

    Deploying BGP RRs allows IBGP peers to communicate without establishing full-mesh connections between them. Using BGP RRs simplifies network configurations and improves route advertisement efficiency. 7.10 Configuring a BGP Confederation Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 380 BGP security. 7.19 Maintaining BGP Maintaining BGP involves resetting a BGP connection and clearing BGP statistics. 7.20 Configuration Examples This section provides several configuration examples of BGP. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 381: Bgp Overview

    MP-BGP, BGP Tracking, route dampening, load balancing, BGP next hop delayed response, BFD for BGP and BGP security. Main Route Attributes Origin attribute AS_Path attribute Next_Hop attribute Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 382 Prefers the route with the highest PreVal. PrefVal is a Huawei-specific parameter. It is valid only on the device where it is configured. Prefers the route with the highest Local_Pref. A route without Local_Pref is considered to have had the value set by using the default local-preference command or to have a value of 100 by default.
  • Page 383 The S6700 supports iteration-based BGP load balancing. If load balancing is configured for a dependent route (assume that there are three next-hop addresses), BGP generates the same Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 384 The local AS is not a transit AS. Full-mesh IBGP connections are established between all switchs in the local AS. NOTE In the S6700, the synchronization function is disabled by default. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 385: Peer Group

    Besides well-known communities, you can use a community filter to filter self-defined extended community attributes to control routing policies in a more flexible manner. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 386 For the configuration in the BGP IPv6 address family view, see the chapter "BGP4+ Configuration." For the application of MP-BGP in multicast, see the chapter "MBGP Configuration" in the S6700 Series Ethernet Switches Configuration Guide - IP Multicast.

  • Page 387: Configuring Basic Bgp Functions

    Basic BGP functions must be configured first when you build up a BGP network. Applicable Environment BGP can be configured on a network to implement communication among ASs. This section describes how to configure basic BGP functions. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 388: Starting A Bgp Process

    Do as follows on the switch where a BGP connection needs to be established: Procedure Step 1 Run: system-view The system view is displayed. Step 2 Run: Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 389: Configuring Bgp Peers

    AS. The IP address of the specified peer can be one of the following types: – IP address of an interface on a directly-connected peer Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 390 The source interface and source address are specified for establishing a TCP connection. By default, BGP uses the physical interface that is directly connected to the peer as the local interface of a TCP connection. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 391: Configuring Bgp To Import Routes

    In Network mode, routes with the specified prefix and mask are imported into the BGP routing table. Compared with the Import mode, the Network mode imports more specific routes. Procedure Configure BGP to import routes in Import mode. Run: system-view Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 392 By default, the BGP-IPv4 unicast address family view is displayed. Run: network ipv4-address [ mask | mask-length ] [ route-policy route-policy- name ] BGP is configured to advertise local routes. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 393: Checking The Configuration

    Route attributes are listed as follows: BGP preference Setting the BGP preference can affect route selection between BGP routes and other routing protocols' routes. Preferred values Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 394: Configuring The Bgp Preference

    If different protocols have routes to the same destination, the protocol with the highest preference is selected to forward IP packets. Perform the following steps on a device running BGP. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 395: Configuring Preferred Values For Bgp Routes

    BGP routing table. Procedure Step 1 Run: system-view The system view is displayed. Step 2 Run: bgp as-number The BGP view is displayed. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 396: Configuring A Default Local_Pref Attribute For A Device

    The MED attribute equals a metric used in an IGP, and is used to determine the optimal route for traffic that enters an AS. If a BGP device obtains multiple routes from different EBGP peers Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 397 Configure the method used by BGP to handle the situation where a route has no MED attribute during route selection. Perform the following steps on a BGP device: Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 398: Configuring Next_Hop Attributes For Routes

    Run: bgp as-number The BGP view is displayed. Run: ipv4-family unicast The IPv4 unicast address family view is displayed. Run: peer { ipv4-address | group-name } next-hop-local Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 399: Configuring As_Path Attributes For Routes

    Hub-CE advertises private network routes to the Spoke- CE, to accept the routes in which the local AS number repeats once. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 400 AS number. If AS numbers need to be replaced during network migration, you can run the peer fake-as command to set a fake AS number for a specified peer to ensure smooth network migration. Run: system-view The system view is displayed. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 401 AS numbers are advertised to the Internet, a routing loop may occur. To address this problem, you can run the peer public-as-only command to allow the AS_Path attribute to carry only public AS numbers. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 402: Checking The Configuration

    BGP is used to transmit routing information. BGP advertises only the wanted routes after filtering routes to be advertised, and modifies route attributes to direct network traffic. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 403: Establishing The Configuration Task

    Name and matching mode of a route-policy, and number of the route-policy's node 7.5.2 Configuring BGP Filters BGP filters filter routes to be advertised. Context BGP uses the following types of filters to filter routes: Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 404 ACL rules are used to classify packets. After ACL rules are applied to a device, the device permits or denies packets based on the ACL rules. For details on ACL configurations, see the S6700 Series Ethernet Switches Configuration Guide - IP Services.
  • Page 405 – Metacharacter: defines matching rules. – General character: defines matching objects. Table 7-1 Metacharacters Metacharacter Description Escape character. Matches any single character except "\n", including spaces. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 406 "OR". This means that if a route meets one of the matching rules, the route matches the AS_Path filter. NOTE For details on a regular expression, see the S6700 Series Ethernet Switches Configuration Guide - Basic Configurations. Configure a community filter.
  • Page 407 Perform the following steps on a BGP switch: Run: system-view The system view is displayed. Run: route-policy route-policy-name { permit | deny } node node Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 408 &<1-16> | basic-extcomm-filter-name | advanced-extcomm-filter-name } command. The operations in Step 3 can be performed in any order. A node may have multiple if-match clauses or no if-match clause. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 409: Configuring To Controll The Advertisement Of Bgp Routing Information

    7.5.3 Configuring to Controll the Advertisement of BGP Routing Information After a route advertisement policy is configured on a device, the device advertises only routes matching the policy to its peers. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 410 The IPv4 unicast address family view is displayed. Perform any of the following operations to configure the BGP device to advertise routes to a specific peer or peer group: Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 411: Configuring Bgp Soft Reset

    The system view is displayed. Run: bgp as-number The BGP view is displayed. Run: peer { ipv4-address | group-name } capability-advertise route-refresh Route-refresh is enabled. By default, route-refresh is enabled. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 412 If the peer keep-all-routes command is run on the switch, the sessions between the switch and its peers will not be reestablished but the refresh bgp command does not take effect on the switch. ----End Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 413: Checking The Configuration

    Therefore, the administrator must limit the resources to be consumed based on networking planning and switch capacities, no matter whether too many BGP routes caused by malicious attacks or incorrect configurations. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 414: Configuring Bgp Filters

    ACL rules are used to classify packets. After ACL rules are applied to a device, the device permits or denies packets based on the ACL rules. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 415 Configuration Guide - IP Routing 7 BGP Configuration For details on ACL configurations, see the S6700 Series Ethernet Switches Configuration Guide - IP Services. An ACL can be used as a matching condition of a route-policy or used in the filter- policy { acl-number | acl-name acl-name } import command or the peer { group-name | ipv4-address } filter-policy { acl-number | acl-name acl-name } import command.
  • Page 416 Matches a single character that is not contained within the brackets. [a-z] Matches any character within the specified range. [^a-z] Matches any character out of the specified range. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 417 "OR". This means that if a route meets one of the matching rules, the route matches the AS_Path filter. NOTE For details on a regular expression, see the S6700 Series Ethernet Switches Configuration Guide - Basic Configurations. Configure a community filter.
  • Page 418 When a route-policy is used to filter a route, the route is first matched with the node with the smallest node value. For example, if two nodes are configured using the Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 419 – To replace or add a specified AS number in the AS_Path attribute of a BGP route, run the apply as-path as-number command. – To delete a specified BGP community attribute from a route, run the apply comm- filter comm-filter-number delete command. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 420: Configuring To Controll The Acceptment Of Bgp Routing Information

    BGP switch: Run: system-view The system view is displayed. Run: bgp as-number The BGP view is displayed. Run: ipv4-family unicast The IPv4 unicast address family view is displayed. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 421: Configuring Bgp Soft Reset

    7.6.4 Configuring BGP Soft Reset BGP soft reset allows the system to refresh a BGP routing table dynamically without tearing down any BGP connection if routing policies are changed. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 422 If the device's peers do not support route-refresh, perform the following operations: – Configure the device to store all the routing updates received from its peers or peer groups. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 423: Checking The Configuration

    Run the display bgp routing-table as-path-filter { as-path-filter-number | as-path-filter- name } command to check information about routes matching a specified AS_Path filter. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 424: Configuring Bgp Route Aggregation

    The system view is displayed. Run: bgp as-number The BGP view is displayed. Run: ipv4-family unicast The IPv4 unicast address family view is displayed. Run: summary automatic Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 425 10.1.1.1 16 command is used. When using manual aggregation, you can apply various routing policies and set route attributes. ----End Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 426: Configuring Bgp Peer Groups

    Pre-configuration Tasks Before configuring BGP peer groups, complete the following task: Configuring Basic BGP Functions Data Preparation To configure BGP peer groups, you need the following data. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 427: Creating Ibgp Peer Groups

    If multiple EBGP peers exist in an AS, adding them to an EBGP peer group can simplify the BGP network configuration and management. All the peers in a pure EBGP peer group must have the same AS number. Procedure Step 1 Run: system-view Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 428: Creating Mixed Ebgp Peer Groups

    The system view is displayed. Step 2 Run: bgp as-number The BGP view is displayed. Step 3 Run: group group-name external A mixed EBGP peer group is created. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 429: Checking The Configuration

    7.9 Configuring BGP Route Reflectors Deploying BGP RRs allows IBGP peers to communicate without establishing full-mesh connections between them. Using BGP RRs simplifies network configurations and improves route advertisement efficiency. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 430: Establishing The Configuration Task

    BGP connections do not need to be established between the clients. A BGP device that is neither an RR nor a client is called a non-client. Non-clients and the RR must establish full-mesh connections with each other. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 431: Optional) Disabling Route Reflection Between Clients

    RR. Route reflection can be disabled between clients to reduce the stress on the RR. Perform the following steps on the RR that is running BGP. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 432: Optional) Configuring The Cluster Id For A Route Reflector

    Clients 1, 2, and 3 are their clients. An IBGP peer relationship is set up between RR1 and RR2 so that each RR is the other RR's non-client. Figure 7-1 RR cluster IBGP Cluster IBGP IBGP IBGP Client3 Client1 Client2 AS65000 Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 433 Cluster ID of the client (By default, the client uses its Router ID as the cluster ID). If the Cluster ID is the same as the Cluster ID of the client, the client discards received routes. ----End Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 434: Optional) Preventing Bgp Routes From Being Added Into The Ip Routing Table

    The bgp-rib-only command and the active-route-advertise command are mutually exclusive. ----End 7.9.6 Checking the Configuration After configuring BGP RRs, you can view BGP RR configurations and routing information transmitted by BGP. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 435: Configuring A Bgp Confederation

    The system view is displayed. Run: bgp as-number The BGP view is displayed. Run: confederation id as-number A confederation ID is set. Run: confederation peer-as as-number &<1-32> Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 436: Configuring Bgp Community Attributes

    Before configuring BGP community attributes, familiarize yourself with the applicable environment, complete the pre-configuration tasks, and obtain the data required for the configuration. This will help you complete the configuration task quickly and accurately. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 437: Configuring Community Attribute-Related Routing Policies

    { { community-number | aa:nn } &<1-32> | internet | no- advertise | no-export | no-export-subconfed } [ additive ] Community attributes are configured for BGP routes. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 438: Configuring A Bgp Device To Send Community Attributes To Its Peer

    To configure the BGP device to send an extended community attribute to its peer or peer group, run: peer { ipv4-address | group-name } advertise-ext-community By default, a device advertises no extended community attribute to its peer or peer group. ----End Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 439: Checking The Configuration

    BGP ConnectRetry interval. For example, if the ConnectRetry interval is reduced, BGP will wait less time before retrying to establish a TCP connection when the previous attempt Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 440: Configuring A Bgp Connectretry Timer

    Interval between peer unreachability discovery and connection interruption 7.12.2 Configuring a BGP ConnectRetry Timer You can control the speed at which BGP peer relationships are established by changing the BGP ConnectRetry timer value. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 441 { group-name | ipv4-address } timer connect-retry connect-retry-time A ConnectRetry timer is configured for a specific peer or peer group. By default, the ConnectRetry timer value is 32s. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 442: Configuring Bgp Keepalive And Hold Timers

    Perform the following steps on a BGP switch: Run: system-view The system view is displayed. Run: bgp as-number The BGP view is displayed. Run: timer keepalive keepalive-time hold hold-time Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 443: Configuring A Minrouteadvertisementintervaltimer

    Timers set for a specific peer or peer group takes precedence over timers set for all peers or peer groups. ----End 7.12.4 Configuring a MinRouteAdvertisementIntervalTimer A proper MinRouteAdvertisementIntervalTimer can be configured to suppress frequent route changes, improving BGP network stability. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 444: Disabling Fast Reset Of Ebgp Connections

    If the status of an interface used to establish an EBGP connection changes frequently, the EBGP session will be deleted and reestablished repeatedly, causing network flapping. Rapid EBGP Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 445: Enabling Bgp Tracking

    Perform the following steps on a BGP switch. Procedure Step 1 Run: system-view The system view is displayed. Step 2 Run: bgp as-number Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 446: Checking The Configuration

    The main cause of route instability is route flapping. A route is considered to be flapping when it repeatedly appears and then disappears in the routing table. BGP is generally applied to Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 447 If routes are differentiated based on policies and the dampening command is run to reference a route-policy, BGP can use different route dampening parameters to suppress different routes. ----End Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 448: Configuring A Bgp Device To Send A Default Route To Its Peer

    Switch A, configure Switch B to send a default route to its peer (Switch A) and use a routing policy to prevent all the routes to network segments 20.1.1.0/24, Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 449 ----End Checking the Configuration After a BGP device is configured to send a default route to a peer, you can check whether the configuration is correct. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 450: Configuring Bgp Load Balancing

    Number of EBGP and IBGP routes to be used for load balancing Procedure Set the number of BGP routes to be used for load balancing. Perform the following steps on a BGP switch: Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 451 This configuration is used in a VPN where a CE is dual-homed to two PEs. When the CE and one PE belong to an AS and the CE and the other PE belong to a different AS, you can Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 452: Configuring The Bgp Next Hop Delayed Response

    VPN instance. 7.16 Configuring the BGP Next Hop Delayed Response Configuring the BGP next hop delayed response can minimize traffic loss during route changes. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 453 BGP next hop delayed response may cause heavier traffic loss when the link fails because link switching is impossible. Pre-configuration Tasks Before configuring the BGP next hop delayed response, complete the following task: Configuring Basic BGP Functions Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 454: Configuring Bfd For Bgp

    The detection mechanism, however, takes more than one second. When the data transmission rate reaches the level of Gbit/s, such slow detection will cause a Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 455 By default, a multi-hop BGP session is established between Huawei devices that set up an IBGP peer relationship. A BFD for IGP session and A BFD for IBGP session cannot be both set up between a Huawei device and a non-Huawei device that sets up a single-hop BGP session with its peer by default. In such a situation, setting up only A BFD for IGP session or A BFD for IBGP session between the Huawei and non- Huawei devices is recommended.
  • Page 456 BFD and BGP session flapping caused by link flapping. If a BFD session over a link goes Down, it does not go Up Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 457: Configuring Bgp Security

    BGP peers to reduce the possibility of attacks. To prevent the MD5 password set on a BGP peer from being decrypted, you need to update the MD5 password periodically. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 458: Configuring Md5 Authentication

    In BGP, MD5 authentication sets an MD5 authentication password for a TCP connection, and is performed by TCP. If authentication fails, no TCP connection will be established. Procedure Step 1 Run: system-view The system view is displayed. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 459: Configuring Bgp Gtsm

    1 for an EBGP direct route. This means that the valid TTL of the EBGP direct routes is 255. By default, the hops value is 255. This means that the valid TTL range is [ 1, 255 ]. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 460: Checking The Configuration

    The log records information that GTSM drops packets, which helps locate faults. ----End 7.18.4 Checking the Configuration After configuring BGP security, you can view authentication information about BGP peers. Prerequisites The BGP security configurations are complete. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 461: Maintaining Bgp

    BGP connection with the specified peer-groups. To validate the new configurations, run the reset bgp internal command in the user view to reset all IBGP connections. ----End Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 462: Clearing Bgp Information

    7-4, all Switches run BGP. An EBGP peer relationship is set up between SwitchA and SwitchB. IBGP peer relationships are set up between SwitchB, SwitchC, and SwitchD. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 463 The IP address of each VLANIF interface is shown in Figure 7-4. The router ID of SwitchA is 1.1.1.1 and the number of the AS where it resides is 65008. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 464 You can view that the BGP connections between SwitchB and all the other switches are set up. Configure SwitchA to advertise the route 8.0.0.0/8. Configure SwitchA to advertise routes. [SwitchA] bgp 65008 [SwitchA-bgp] ipv4-family unicast [SwitchA-bgp-af-ipv4] network 8.0.0.0 255.0.0.0 Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 465 Origin : i - IGP, e - EGP, ? - incomplete Total Number of Routes: 4 Network NextHop LocPrf PrefVal Path/Ogn *> 8.0.0.0 0.0.0.0 *> 9.1.1.0/24 200.1.1.1 65009? *> 9.1.3.0/24 200.1.1.1 65009? 200.1.1.0 200.1.1.1 65009? Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 466 50 bgp 65008 router-id 1.1.1.1 peer 200.1.1.1 as-number 65009 ipv4-family unicast undo synchronization network 8.0.0.0 peer 200.1.1.1 enable return Configuration file of SwitchB sysname SwitchB Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 467 40 bgp 65009 router-id 3.3.3.3 peer 9.1.3.1 as-number 65009 peer 9.1.2.2 as-number 65009 ipv4-family unicast undo synchronization peer 9.1.3.1 enable peer 9.1.2.2 enable return Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 468: Example For Configuring As-Path Filter

    C. Configure the AS-Path filter on Switch B. AS 20 thus does not advertises routes of AS 30 to AS 10, or advertise routes of AS 10 to AS 30. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 469 The router ID of Switch C is 3.3.3.3, and the number of its AS is 30. Procedure Step 1 Configure VLANs that interfaces belong to. <Quidway> system-view [Quidway] sysname SwitchA Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 470 - internal, s - suppressed, S - Stale Origin : i - IGP, e - EGP, ? - incomplete Total Number of Routes: 3 Network NextHop LocPrf PrefVal Path/Ogn *> 200.1.2.0 200.1.3.1 Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 471 200.1.3.1 *> 200.1.3.0 200.1.3.1 *> 200.1.4.0 200.1.3.1 20 10? Similarly, the BGP routing table of Switch C does not have the two routes. <SwitchC> display bgp routing-table Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 472 *> 200.1.3.0 200.1.2.2 200.1.4.2 *> 200.1.4.0 0.0.0.0 200.1.4.2 *> 200.1.4.1/32 0.0.0.0 ----End Configuration Files Configuration file of Switch A sysname SwitchA vlan batch 10 20 interface Vlanif20 Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 473 200.1.3.2 as-path-filter 2 export ip as-path-filter 1 deny _30_ ip as-path-filter 1 permit .* ip as-path-filter 2 deny _10_ ip as-path-filter 2 permit .* Return Configuration file of Switch C Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 474: Example For Configuring Bgp To Interact With An Igp

    VLANIF 10 3.1.1.2/24 SwitchA XGE 0/0/2 VLANIF 30 8.1.1.1/24 SwitchB XGE 0/0/1 VLANIF 10 3.1.1.1/24 SwitchB XGE 0/0/2 VLANIF 20 9.1.1.1/24 SwitchC XGE 0/0/1 VLANIF 20 9.1.1.2/24 Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 475 Create an EBGP peer relationship. Configure SwitchA. [SwitchA] bgp 65008 [SwitchA-bgp] router-id 1.1.1.1 [SwitchA-bgp] peer 3.1.1.1 as-number 65009 [SwitchA-bgp] ipv4-family unicast [SwitchA-bgp-af-ipv4] network 8.1.1.0 255.255.255.0 [SwitchA-bgp-af-ipv4] quit [SwitchA-bgp] quit Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 476 - internal, s - suppressed, S - Stale Origin : i - IGP, e - EGP, ? - incomplete Total Number of Routes: 2 Network NextHop LocPrf PrefVal Path/Ogn *> 8.1.1.0/24 0.0.0.0 Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 477 3.1.1.1 255.255.255.0 interface Vlanif20 ip address 9.1.1.1 255.255.255.0 interface XGigabitEthernet0/0/1 port link-type trunk port trunk allow-pass vlan 10 interface XGigabitEthernet0/0/2 port link-type trunk port trunk allow-pass vlan 20 Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 478: Example For Configuring Bgp Load Balancing And The Med

    7-7, all Switches run BGP. SwitchA resides in AS 65008. Both SwitchB and SwitchC reside in AS 65009. EBGP runs among SwitchA, SwitchB, and SwitchC. IBGP runs between SwitchB and SwitchC. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 479 65008, the default MED of SwitchB is 100. Configuration Procedure Create a VLAN to which each interface belongs. The configuration details are not mentioned here. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 480 - internal, s - suppressed, S - Stale Origin : i - IGP, e - EGP, ? - incomplete Total Number of Routes: 2 Network NextHop LocPrf PrefVal Path/Ogn Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 481 20 bgp 65008 router-id 1.1.1.1 peer 200.1.1.1 as-number 65009 peer 200.1.2.1 as-number 65009 ipv4-famlily unicast undo synchronization maximum load-balancing 2 peer 200.1.1.1 enable peer 200.1.2.1 enable return Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 482 30 bgp 65009 router-id 3.3.3.3 peer 9.1.1.1 as-number 65009 peer 200.1.2.2 as-number 65008 ipv4-family unicast undo synchronization network 9.1.1.0 255.255.255.0 peer 9.1.1.1 enable peer 200.1.2.2 enable return Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 483: Example For Configuring The Bgp Community Attribute

    The router ID of Switch A is 1.1.1.1 and its AS number is 10. The router ID of Switch B is 2.2.2.2 and its AS number is 20. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 484 BGP local router ID : 2.2.2.2 Local AS number : 20 Paths: 1 available, 1 best, 1 select BGP routing table entry information of 9.1.1.0/24: From: 200.1.2.1 (1.1.1.1) Route Duration: 00h00m15s Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 485 You can view the configured community attribute in the BGP routing table of Switch B. At this time, there are no routes to the destination 9.1.1.0/24 in the BGP routing table of Switch C. ----End Configuration Files Configuration file of Switch A Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 486 20 router-id 2.2.2.2 peer 200.1.2.1 as-number 10 peer 200.1.3.2 as-number 30 ipv4-family unicast undo synchronization peer 200.1.2.1 enable peer 200.1.3.2 enable return Configuration file of Switch C Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 487: Example For Configuring A Bgp Rr

    XGE0/0/1 XGE0/0/2 SwitchD SwitchG SwitchE SwitchF Switch Interface VLANIF interface IP address SwitchA XGigabitEthernet0/0/1 VLANIF 10 10.1.1.2/24 SwitchA XGigabitEthernet0/0/2 VLANIF 30 10.1.3.2/24 SwitchA XGigabitEthernet0/0/3 VLANIF 100 9.1.1.1/24 Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 488 ID of the cluster where Switch B resides being 1 and ID of the cluster where Switch C resides being 2 Procedure Step 1 Create VLANs and add interfaces to the corresponding VLANs. <Quidway> system-view [Quidway] sysname SwitchA Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 489 [SwitchC-bgp] ipv4-family unicast [SwitchC-bgp-af-ipv4] peer in_rr reflect-client [SwitchC-bgp-af-ipv4] reflector cluster-id 2 [SwitchC-bgp-af-ipv4] quit [SwitchC-bgp] quit # Check the routing table of Switch D. [SwitchD] display bgp routing-table 9.1.1.0 Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 490 9.1.1.0 255.255.255.0 peer 10.1.1.1 enable peer 10.1.3.1 enable return Configuration file of Switch B sysname SwitchB vlan batch 10 20 40 50 interface Vlanif10 Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 491 20 30 70 80 90 interface Vlanif20 ip address 10.1.2.2 255.255.255.0 interface Vlanif30 ip address 10.1.3.1 255.255.255.0 interface Vlanif70 ip address 10.1.7.1 255.255.255.0 interface Vlanif80 ip address 10.1.8.1 255.255.255.0 Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 492 10.1.6.1 255.255.255.0 interface XGigabitEthernet0/0/1 port hybrid pvid vlan 40 port hybrid untagged vlan 40 interface XGigabitEthernet0/0/2 port hybrid pvid vlan 60 port hybrid untagged vlan 60 Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 493: Example For Configuring A Bgp Confederation

    IP address SwitchA XGigabitEthernet0/0/1 VLANIF 10 10.1.1.1/24 SwitchA XGigabitEthernet0/0/2 VLANIF 20 10.1.2.1/24 SwitchA XGigabitEthernet0/0/3 VLANIF 30 10.1.3.1/24 SwitchA XGigabitEthernet0/0/4 VLANIF 40 10.1.4.1/24 SwitchA XGigabitEthernet0/0/5 VLANIF 60 200.1.1.1/24 Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 494 [SwitchA] interface xgigabitethernet 0/0/4 [SwitchA-XGigabitEthernet0/0/4] port hybrid pvid vlan 40 [SwitchA-XGigabitEthernet0/0/4] port hybrid untagged vlan 40 [SwitchA-XGigabitEthernet0/0/4] quit [SwitchA] interface xgigabitethernet 0/0/5 [SwitchA-XGigabitEthernet0/0/5] port hybrid pvid vlan 60 Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 495 Step 4 Establish IBGP connection in AS 65001. # Configure Switch A. [SwitchA] bgp 65001 [SwitchA-bgp] peer 10.1.3.2 as-number 65001 [SwitchA-bgp] peer 10.1.4.2 as-number 65001 [SwitchA-bgp] ipv4-family unicast Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 496 Qos information : 0x0 AS-path (65001) 100, origin igp, MED 0, localpref 100, pref-val 0, valid, exter nal-confed, best,select, active, pre 255 Not advertised to any peers yet Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 497 20 port hybrid untagged vlan 20 interface XGigabitEthernet0/0/3 port hybrid pvid vlan 30 port hybrid untagged vlan 30 interface XGigabitEthernet0/0/4 port hybrid pvid vlan 40 Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 498 SwitchC vlan batch 20 interface Vlanif20 ip address 10.1.2.2 255.255.255.0 interface XGigabitEthernet0/0/1 port hybrid pvid vlan 20 port hybrid untagged vlan 20 bgp 65003 router-id 3.3.3.3 Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 499 50 port hybrid untagged vlan 50 bgp 65001 router-id 5.5.5.5 peer 10.1.4.1 as-number 65001 peer 10.1.5.1 as-number 65001 ipv4-family unicast undo synchronization peer 10.1.4.1 enable Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 500: Example For Configuring Bfd For Bgp

    Use BFD to detect the BGP peer relationship between Switch A and Switch B. When the link between Switch A and Switch B fails, BFD can rapidly detect the fault and notify BGP. Service flows are transmitted on the standby link. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 501 Router IDs and AS numbers of Switch A Switch B, and Switch C Peer IP address detected by BFD Minimum interval for sending BFD control packets, minimum interval for receiving BFD control packets, and local detection multiplier Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 502 [SwitchB-route-policy] apply cost 100 [SwitchB-route-policy] quit [SwitchB] bgp 200 [SwitchB-bgp] peer 200.1.1.1 route-policy 10 export # Configure Switch C. [SwitchC] route-policy 10 permit node 10 [SwitchC-route-policy] apply cost 150 Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 503 # Check the BGP routing table on Switch A. <SwitchA> display bgp routing-table BGP Local router ID is 1.1.1.1 Status codes: * - valid, > - best, d - damped, Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 504 200.1.1.2 enable peer 200.1.2.2 enable return Configuration file of Switch B sysname SwitchB router id 2.2.2.2 vlan batch 20 30 40 interface Vlanif30 ip address 9.1.1.1 255.255.255.0 Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 505 XGigabitEthernet0/0/2 port hybrid pvid vlan 30 port hybrid untagged vlan 30 bgp 200 router-id 3.3.3.3 peer 9.1.1.1 as-number 200 peer 200.1.2.1 as-number 100 ipv4-family unicast undo synchronization Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 506: Example For Configuring Bgp Gtsm

    Set up an EBGP connection between Switch A and Switch B, and set up IBGP connections between Switch B, Switch C, and Switch D through loopback interfaces. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 507 [SwitchC-bgp] peer 2.2.2.9 as-number 20 [SwitchC-bgp] peer 2.2.2.9 connect-interface LoopBack0 [SwitchC-bgp] peer 4.4.4.9 as-number 20 [SwitchC-bgp] peer 4.4.4.9 connect-interface LoopBack0 # Configure Switch D. [SwitchD] bgp 20 [SwitchD-bgp] router-id 4.4.4.9 Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 508 Keepalive Time:60 sec Peer optional capabilities: Peer supports bgp multi-protocol extension Peer supports bgp route refresh capability Peer supports bgp 4-byte-as capability Address family IPv4 Unicast: advertised and received Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 509 Peer supports bgp route refresh capability Peer supports bgp 4-byte-as capability Address family IPv4 Unicast: advertised and received Received: Total 63 messages Update messages Open messages KeepAlive messages Notification messages Refresh messages Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 510 Address family IPv4 Unicast: advertised and received Received: Total 63 messages Update messages Open messages KeepAlive messages Notification messages Refresh messages Sent: Total 63 messages Update messages Open messages KeepAlive messages Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 511 Sent: Total 82 messages Update messages Open messages KeepAlive messages Notification messages Refresh messages Authentication type configured: None Last keepalive received: 2009-02-20 14:01:27+00:00 Minimum route advertisement interval is 15 seconds Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 512 10 port hybrid untagged vlan 10 bgp 10 router-id 1.1.1.9 peer 10.1.1.2 as-number 20 peer 10.1.1.2 valid-ttl-hops 1 ipv4-family unicast undo synchronization peer 10.1.1.2 enable Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 513 20 30 interface Vlanif20 ip address 20.1.1.2 255.255.255.0 interface Vlanif30 ip address 20.1.2.1 255.255.255.0 interface XGigabitEthernet0/0/1 port hybrid pvid vlan 20 port hybrid untagged vlan 20 interface XGigabitEthernet0/0/2 Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 514 3.3.3.9 valid-ttl-hops 1 peer 3.3.3.9 connect-interface LoopBack0 ipv4-family unicast undo synchronization peer 2.2.2.9 enable peer 3.3.3.9 enable ospf 1 area 0.0.0.0 network 20.1.2.0 0.0.0.255 network 4.4.4.9 0.0.0.0 return Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 515: Bgp4+ Configuration

    By configuring BGP4+ route dampening, you can suppress unstable BGP4+ routes. 8.9 Configuring BGP4+ Load Balancing Configuring BGP4+ load balancing better utilizes network resources and reduces network congestion. 8.10 Configuring a BGP4+ Peer Group Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 516 To improve BGP4+ security, you can perform TCP connection authentication. 8.14 Maintaining BGP4+ Maintaining BGP4+ involves resetting a BGP4+ connection and clearing BGP4+ statistics. 8.15 Configuration Examples This section provides several configuration examples of BGP4+. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 517: Bgp4+ Overview

    Most of BGP4+ features supported by the S6700 are similar to those of BGP supported by the S6700. For details, refer to the chapter "BGP Configuration". BGP4+ does not support summary automatic and MP-BGP. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 518: Configuring Basic Bgp4+ Functions

    Context Do as follows on the switch on which the BGP4+ connection needs to be set up: Procedure Step 1 Run: system-view The system view is displayed. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 519: Configuring An Ipv6 Peer

    After this command is used, the existing peer relationship is interrupted. The peer on which this command is used waits for the connection request from its peer to Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 520 2. Otherwise, BGP cannot set up the EBGP connection with the peer. (Optional) Run: peer { ipv6-address | group-name } listen-only Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 521: Optional) Configuring The Local Interfaces Used For Bgp4+ Connections

    To increase the reliability and stability of the BGP4+ connections, configure the local interface used for the BGP4+ connection as the loopback interface. In this way, when there are redundant Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 522: Checking The Configuration

    After the preferred value of BGP4+ routing information is configured, the route with the greatest preferred value is selected when multiple routes to the same destination exist in the BGP4+ routing table. Local_Pref attribute Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 523: Configuring The Bgp4+ Preference

    Setting the BGP4+ preference can affect route selection between BGP4+ and another routing protocol. Context Do as follows on the BGP4+ router: Procedure Step 1 Run: system-view Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 524: Configuring Bgp4+ Preferred Value For Routing Information

    { group-name | ipv4-address | ipv6-address } preferred-value value The preferred value of a peer is configured. By default, the preferred value of the route learned from a neighbor is 0. ----End Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 525: Configuring The Default Local_Pref Attribute Of The Local Router

    Do as follows on the BGP4+ router: Procedure Step 1 Run: system-view The system view is displayed. Step 2 Run: bgp as-number The BGP view is displayed. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 526: Configuring The Next_Hop Attribute

    Modifying the Next Hop When Advertising a Route to an IBGP Peer Do as follows on the IBGP switch: Run: system-view The system view is displayed. Run: bgp as-number Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 527: Configuring The As-Path Attribute

    The AS_Path attribute is used to avoid routing loops and control route selection. Procedure Configuring the AS_Path Attribute in the IPv6 Address Family View Do as follows on the BGP4+ switch: Run: Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 528: Configuring The Bgp4+ Community Attribute

    The community attribute can control the routing policies of multiple BGP4+ switchs. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 529 The BGP IPv6 unicast address family view is displayed. Run: peer { ipv4-address | ipv6-address | group-name } route-policy route- policy-name export The outbound routing policies are configured. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 530: Checking The Configuration

    This can help you complete the configuration task quickly and accurately. Applicable Environment This section describes the following: Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 531: Configuring Bgp4+ To Advertise Local Ipv6 Routes

    Do as follows on the BGP4+ switch: Procedure Step 1 Run: system-view The system view is displayed. Step 2 Run: bgp as-number The BGP view is displayed. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 532: Configuring Bgp4+ Route Aggregation

    9:3::1/64 does not exist in the BGP routing table, BGP4+ does not advertise the aggregated route even after the aggregate 9:3::1 64 command is run to aggregate this route. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 533: Configuring Bgp4+ To Import And Filter External Routes

    BGP4+ peers. If protocol [ process-id ] is specified, the routes of the specific routing protocol are filtered. If protocol [ process-id ] is not specified, all the local Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 534: Configuring Ses To Advertise Default Routes To Peers

    After the policy for advertising routes is configured, only the routes that match the policy can be added to the local BGP4+ routing table and advertised to BGP4+ peers. Context Do as follows on the BGP4+ switch: Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 535: Configuring The Policy For Receiving Bgp4+ Routing Information

    Only the routes that match the policy for receiving routes can be received by BGP4+ peers and added to the routing table. Context Do as follows on the BGP4+ switch: Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 536: Configuring Bgp4+ Soft Resetting

    When routing policies are changed, the system can refresh the BGP4+ routing table dynamically without interrupting BGP4+ connections. Procedure Enabling the Route-refresh Capability Do as follows on the BGP4+ switch: Run: system-view Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 537 | internal } { export | import } A BGP4+ connection is soft reset. A BGP4+ connection must be soft reset in the user view. ----End Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 538: Checking The Configuration

    Hold timer expires is not detected. If the value of the timer changes, the BGP4+ connection is interrupted for a short time as the switch and its peer need negotiate again. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 539: Configuring Bgp4+ Timers

    As the change of the timer (with the peer timer command) tears down the BGP peer relationship between switches. Exercise caution when running this command. Do as follows on the BGP4+ switch: Procedure Step 1 Run: system-view Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 540: Setting The Bgp4+ Connectretry Interval

    Do as follows on the BGP4+ switch: Procedure Set a ConnectRetry interval globally. Do as follows on the BGP4+ switch: Run: system-view The system view is displayed. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 541: Checking The Configuration

    ----End 8.7 Configuring BGP4+ Tracking On a network where BFD is unsuitable to deploy, you can configure BGP4+ tracking to implement the fast convergence of IBGP routes. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 542: Establishing The Configuration Task

    Do as follows on the switch enabled with BGP4+: Procedure Step 1 Run: system-view The system view is displayed. Step 2 Run: bgp as-number The BGP view is displayed. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 543: Checking The Configuration

    Before configuring BGP4+ route dampening, familiarize yourself with the applicable environment, complete the pre-configuration tasks, and obtain the required data. This can help you complete the configuration task quickly and accurately. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 544: Enabling Bgp4+ Route Dampening

    The BGP IPv6 unicast address family view is displayed. Step 4 Run: dampening [ half-life-reach reuse suppress ceiling | route-policy route-policy- name ] The parameters are configured for BGP4+ route dampening. ----End Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 545: Checking The Configuration

    S6700 are the same, and the AS-Path attributes are also the same. Pre-configuration Tasks Before configuring BGP4+ load balancing, complete the following task: Configuring Basic BGP4+ Functions Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 546 IBGP and EBGP routes with the same destination address. (Optional) Run: load-balancing as-path-ignore The switch is configured not to compare the AS-Path attributes of the routes to be used for load balancing. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 547 TunnelID : 0x0 Interface : Pos1/0/0 Flags Destination : 2002:: PrefixLength : 64 NextHop : 2002::1 Preference Cost Protocol : Direct RelayNextHop : :: TunnelID : 0x0 Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 548: Configuring A Bgp4+ Peer Group

    AS. Pre-configuration Tasks Before configuring a BGP4+ peer group, complete the following task: Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 549: Creating An Ibgp Peer Group

    Step 5 Run: peer group-name enable The peer group is enabled. Step 6 Run: peer ipv6-address group group-name The IPv6 peers are added to the peer group. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 550: Creating A Pure Ebgp Peer Group

    BGP view. Besides, the system enables this EBGP peer in the IPv6 address family view. When creating a pure EBGP peer group, you need to specify the AS number of the peer group. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 551: Creating A Mixed Ebgp Peer Group

    When creating a mixed EBGP peer group, you need to create peers separately, and you can configure different AS numbers for them, but cannot configure the AS number for the peer group. ----End Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 552: Checking The Configuration

    Roles of each switch (reflector, client, and non-client) 8.11.2 Configuring a Route Reflector and Specifying Clients A route reflector and clients need to be configured in a specified address family. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 553: Optional) Disabling A Route Reflection Between Clients

    The BGP view is displayed. Step 3 Run: ipv6-family [ unicast ] The BGP IPv6 unicast address family view is displayed. Step 4 Run: undo reflect between-clients Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 554: Optional) Configuring The Cluster Id For A Route Reflector

    After a BGP4+ route reflector is configured, you can check BGP4+ route information and peer group information. Prerequisites The configurations for a BGP4+ route reflector are complete. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 555: Configuring A Bgp4+ Confederation

    Confederation ID and the sub-AS number 8.12.2 Configuring a BGP4+ Confederation Attribute BGP4+ confederations deal with increasing IBGP connections in an AS. Context Do as follows on the BGP4+ switch: Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 556: Checking The Configuration

    ----End 8.12.3 Checking the Configuration After a BGP4+ confederation is configured, you can check BGP4+ route information and detailed peer information. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 557: Configuring Bgp4+ Security

    In MD5 authentication of BGP4+, you only need to set MD5 authentication passwords for TCP connections, and the authentication is performed by TCP. If the authentication fails, TCP connections cannot be established. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 558: Configuring Basic Bgp4+ Gtsm Functions

    The system view is displayed. Run: bgp as-number The BGP view is displayed. peer { group-name | ipv6-address } valid-ttl-hops [ hops ] Basic BGP4+ GTSM functions are configured. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 559: Checking The Configuration

    Run the display bgp ipv6 peer ipv6-address verbose command to check information about BGP4+ GTSM. Run the display bgp group [ group-name ] command to check GTSM of a BGP4+ peer group. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 560: Maintaining Bgp4

    Devices can generate debugging information after the debugging of a module is enabled in the user view. Debugging information shows the contents of the packets sent or received by the debugged module. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 561: Configuration Examples

    Figure 8-1 Networking diagram for configuring basic BGP4+ functions AS 65009 SwitchC VLANIF10 AS 65008 8::1/64 XGE0/0/1 XGE0/0/2 XGE0/0/2 XGE0/0/1 XGE0/0/1 VLANIF40 VLANIF40 VLANIF20 VLANIF20 9:1::1/64 9:1::2/64 10::1/64 SwitchA 10::2/64 SwitchD SwitchB Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 562 [Switch B-bgp-af-ipv6] peer 9:3::2 enable [Switch B-bgp-af-ipv6] network 9:1:: 64 [Switch B-bgp-af-ipv6] network 9:3:: 64 # Configure Switch C. [Switch C] bgp 65009 [Switch C-bgp] router-id 3.3.3.3 Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 563 - internal, s - suppressed, S - Stale Origin : i - IGP, e - EGP, ? - incomplete Total Number of Routes: 6 *> Network : 8:: PrefixLen : 64 Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 564 10 port hybrid untagged vlan 10 interface XGigabitEthernet0/0/2 port hybrid pvid vlan 20 port hybrid untagged vlan 20 bgp 65008 router-id 1.1.1.1 peer 10::1 as-number 65009 Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 565 9:1:: 64 network 9:3:: 64 network 10:: 64 peer 9:1::2 enable peer 9:3::2 enable peer 10::2 enable return Configuration file of Switch C sysname Switch C ipv6 Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 566 50 bgp 65009 router-id 4.4.4.4 peer 9:1::1 as-number 65009 peer 9:2::1 as-number 65009 ipv4-family unicast undo synchronization ipv6-family unicast undo synchronization network 9:1:: 64 Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 567: Example For Configuring Bgp4+ Route Reflectors

    VLANIF 40 102::2/96 Configuration Roadmap The configuration roadmap is as follows: Establish IBGP connections between the clients and the route reflector. Configure Switch C as the route reflector. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 568 [Switch B-bgp] ipv6-family unicast [Switch B-bgp-af-ipv6] peer 100::1 enable [Switch B-bgp-af-ipv6] peer 101::1 enable [Switch B-bgp-af-ipv6] network 100:: 96 [Switch B-bgp-af-ipv6] network 101:: 96 # Configure Switch C. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 569 NextHop : :: LocPrf PrefVal Label Path/Ogn : ? *>i Network : 102:: PrefixLen : 96 NextHop : 101::1 LocPrf : 100 PrefVal Label Path/Ogn : ? Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 570 10 port hybrid untagged vlan 10 interface XGigabitEthernet0/0/2 port hybrid pvid vlan 20 port hybrid untagged vlan 20 bgp 100 router-id 1.1.1.1 peer 100::2 as-number 200 Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 571 Switch C ipv6 vlan batch 30 40 interface Vlanif30 ipv6 enable ipv6 address 101::1/96 interface Vlanif40 ipv6 enable ipv6 address 102::1/96 interface XGigabitEthernet0/0/1 port hybrid pvid vlan 40 Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 572 40 bgp 200 router-id 4.4.4.4 peer 102::1 as-number 200 ipv4-family unicast undo synchronization ipv6-family unicast undo synchronization network 102:: 96 peer 102::1 enable return Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 573: Mbgp Configuration

    Maintaining MBGP involves resetting MBGP connections and clearing MBGP statistics. 9.9 Configuration Examples MBGP configuration examples are provided, including networking requirements and diagram, configuration roadmap, and configuration notes. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 574: Mbgp Overview

    NOTE This chapter describes the configuration of MP-BGP applied to multicast, that is, MBGP configuration. For the details of MP-BGP, refer to the chapter "BGP Configuration" in the S6700 Series Ethernet Switches Configuration Guide - IP Routing. 9.2 MBGP Features Supported by the S6700 You can configure such features as load splitting, route aggregation, route dampening, community attributes, and route reflectors when configuring MBGP.

  • Page 575: Configuring A Bgp Peer

    BGP is enabled, the local AS number is set, and the BGP view is displayed. Step 3 (Optional) Run: router-id ipv4-address The ID of a BGP switch is set. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 576: Configuring An Mbgp Peer

    IP address of the original remote BGP peer. ----End 9.3.4 Configuring an MBGP Route Reflector By configuring MBGP route reflectors, you can solve the problem about the full-connection among IBGP peers. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 577: Configuring Mbgp To Import Local Routes

    9.3.5 Configuring MBGP to Import Local Routes MBGP can import routes from other protocols. When a dynamic routing protocol is imported, the process ID need be specified. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 578 MED value assigned to an imported route. l route-policy route-policy-name: specifies the route filtering policy. Only the route that passes the filtering of the policy is imported. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 579: Checking The Configuration

    Based on the actual networking, users can adopt the following policies as required: Whether MBGP changes the next hop when advertising a route to IBGP peers Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 580: Optional) Configuring The Next Hop Of A Route As The Local Address

    The system view is displayed. Step 2 Run: bgp as-number The BGP view is displayed. Step 3 Run: ipv4-family multicast The BGP-IPv4 multicast address family view is displayed. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 581: Optional) Configuring The Aggregation Of Local Mbgp Routes

    { mask | mask-length } [ as-set | attribute-policy route- policy-name1 | detail-suppressed | origin-policy route-policy-name2 | suppress- policy route-policy-name3 ] The local route aggregation is configured. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 582: Optional) Configuring The Local Peer To Advertise Default Routes

    ----End 9.4.5 Configuring the Local Peer to Advertise Community Attribute and Extended Community Attribute Community attributes and extended community attributes can simplify the management of routing policies. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 583: Configuring Update Packets Not To Carry Private As Number

    9.4.6 Configuring Update Packets not to Carry Private AS Number You can configure an MBGP peer to send an Update message without private AS number when advertising routing information. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 584: Checking The Configuration

    ] command to check the routing information of a specified MBGP community. Run the display bgp multicast routing-table community-filter { { community-filter- name | basic-community-filter-number } [ whole-match ] | advanced-community-filter- Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 585: Configuring The Policy For Exchanging Routes Between Mbgp Peers

    Configuring Basic MBGP Functions Data Preparation To configure the route filtering policy between MBGP peers, you need the following data. Data Number of the AS where the peer resides Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 586: Configuring The Route Filtering Policy Globally

    MBGP peer. Only the routes that pass the filtering are received. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 587: Configuring The Route Filtering Policy Based On Route-Policy

    The MBGP routing policy based on route-policy is configured to control the route exchange with a specified remote MBGP peer. The parameters of the command are explained as follows: Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 588: Configuring The Route Filtering Policy Based On Acl

    ACL. l import: filters the routes sent by a specified remote MBGP peer or peer group. Only the routes that pass the filtering are received. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 589: Configuring The Route Filtering Policy Based On As-Path List

    ----End 9.5.6 Configuring the Route Filtering Policy Based on IP Prefix By configuring an IP prefix list, you can filter MBGP routes based on route prefixes. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 590: Configuring The Maximum Number Of Routes Received From Peers

    Do as follows on the switch configured with an MBGP peer: NOTE The configuration is optional. By default, the maximum number of routes received from peers is not configured. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 591: Checking The Configuration

    Run the display bgp multicast routing-table different-origin-as command to check the routes different from the original AS. Run the display bgp multicast routing-table regular-expression as-regular-expression command to check the routing information that matches the AS regular expression. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 592: Configuring Mbgp Route Attributes

    Before configuring the policy for MBGP route selection, complete the task of Configuring Basic MBGP Functions. Data Preparation To configure the policy for MBGP route selection, you need the following data. Data AS number Protocol preference of MBGP Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 593: Setting Preferred Values Of Routes Learned From Peers

    9.6.3 Configuring the Preference of an MBGP Route By configuring the preference of the MBGP protocol, you can control route selection of MBGP and other types protocols. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 594: Configuring The Local-Pref Of An Mbgp Route

    Do as follows on the switch configured with an MBGP peer: NOTE The configuration is optional. By default, the Local_Pref value of the MBGP route is 100. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 595: Configuring The Med Attribute Of An Mbgp Route

    The system view is displayed. Step 2 Run: bgp as-number The BGP view is displayed. Step 3 Run: ipv4-family multicast The BGP-IPv4 multicast address family view is displayed. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 596: Configuring Next_Hop

    The next-hop attribute is used to flexibly control MGBP route selection. Context Do as follows on the switch configured with the MBGP peer: Procedure Step 1 Run: system-view The system view is displayed. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 597: Checking The Configuration

    Configuring MBGP dampening can suppress the unstable routing information. After MBGP dampening is configured, the unstable routing information is not added to the MBGP routing table, or advertised to other MBGP peers. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 598: Enabling Dampening Parameters Of An Mbgp Route

    The dampening parameters of an MBGP route are configured. The parameters of the command are explained as follows: l half-life-reach: specifies the half-life of a reachable route. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 599: Checking The Configuration

    CAUTION The MBGP peer relationship is deleted after you reset MBGP connections with the reset bgp multicast command. So, confirm the action before you use the command. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 600: Clearing Mbgp Statistics

    Debugging information shows the contents of packets sent or received by the debugged module. Context CAUTION Debugging affects the performance of the system. So, after debugging, run the undo debugging all command to disable it immediately. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 601: Configuration Examples

    9 MBGP Configuration When an MBGP fault occurs, run the following debugging commands in the user view to debug MBGP and locate the fault. For more information about debugging commands, refer to the S6700 Series Ethernet Switches Debugging Reference. Procedure Run the debugging bgp all command in the user view to enable all the debugging of MBGP.
  • Page 602 Configure the IP addresses for the interfaces on each Switch to ensure internetworking within the AS in unicast mode. Configure the MBGP peer and set up inter-AS multicast routes. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 603 [SwitchB-bgp-af-multicast] quit [SwitchB-bgp] quit # Configure BGP and the MBGP peer on Switch C. [SwitchC] bgp 200 [SwitchC-bgp] peer 193.1.1.2 as-number 200 [SwitchC-bgp] peer 195.1.1.2 as-number 200 Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 604 # Configure Switch B. [SwitchB] multicast routing-enable [SwitchB] interface Vlanif 100 [SwitchB-Vlanif100] pim sm [SwitchB-Vlanif100] quit [SwitchB] interface Vlanif 200 [SwitchB-Vlanif200] pim sm [SwitchB-Vlanif200] quit [SwitchB] interface Vlanif 300 Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 605 [SwitchA-Vlanif100] pim bsr-boundary [SwitchA-Vlanif100] quit # Configure Switch B. [SwitchB] interface Vlanif 100 [SwitchB-Vlanif100] pim bsr-boundary [SwitchB-Vlanif100] quit Step 7 Configure MSDP peers. # Configure Switch A. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 606 10.10.10.1 255.255.255.0 pim sm interface XGigabitEthernet0/0/1 port hybrid tagged vlan 100 interface XGigabitEthernet0/0/2 port hybrid tagged vlan 101 interface LoopBack0 ip address 1.1.1.1 255.255.255.255 pim sm Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 607 0.0.0.0 network 193.1.1.0 0.0.0.255 network 194.1.1.0 0.0.0.255 network 2.2.2.2 0.0.0.0 bgp 200 peer 192.1.1.1 as-number 100 peer 193.1.1.1 as-number 200 peer 194.1.1.1 as-number 200 ipv4-family unicast Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 608 3.3.3.3 0.0.0.0 bgp 200 peer 193.1.1.2 as-number 200 peer 195.1.1.2 as-number 200 ipv4-family unicast undo synchronization peer 193.1.1.2 enable peer 195.1.1.2 enable ipv4-family multicast undo synchronization import-route direct Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 609 195.1.1.1 as-number 200 ipv4-family unicast undo synchronization peer 194.1.1.2 enable peer 195.1.1.1 enable ipv4-family multicast undo synchronization import-route direct import-route ospf 1 peer 194.1.1.2 enable peer 195.1.1.1 enable return Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 610: Routing Policy Configuration

    Maintaining routing policies involves clearing the statistics of the IP prefix list and debugging routing policies. 10.10 Configuration Examples This section provides several configuration examples of the routing policy. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 611: Overview Of The Routing Policy

    Combines with the routing protocol Needs to be manually configured hop by hop to ensure that the packet is forwarded through the policy. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 612: Routing Policy Features Supported By The S6700

    ACLs. When defining an ACL, you can specify the IP address and subnet range to match the destination network segment address or the next hop address of a route. For details of the ACL configuration, refer to the S6700 Series Ethernet Switches Configuration Guide - IP Services.

  • Page 613: Configuring The Ip-Prefix List

    S6700 Series Ethernet Switches Configuration Guide - IP Routing 10 Routing Policy Configuration For the configuration of the RD attribute filter, refer to the S6700 Series Ethernet Switches Configuration Guide - VPN. Route-Policy The Route-Policy is a complex filter. A Route-Policy is used to match certain route attributes, and to change the route attributes when certain matching rules are met.

  • Page 614: Configuring An Ipv4 Prefix List

    It is recommended that you define a permit 0.0.0.0 0 less-equal 32 entry after multiple entries in deny mode, thus allowing all the other IPv4 routes to pass the IP prefix list. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 615: Configuring An Ipv6 Prefix List

    IPv6 routes to pass the IP prefix list. NOTE If more than one IP-prefix entry is defined, at least one entry should be in the permit mode. ----End Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 616: Checking The Configuration

    Route-Policy. The matching objects refer to some attributes of the route. apply clauses: specify actions, that is, configuration commands used to modify certain attributes. For more information about Route-Policy, refer to the S6700 Series Ethernet Switches Feature Description - IP Routing. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright ©...

  • Page 617: Creating A Route-Policy

    In the S6700, by default, the unmatched routes are denied. If multiple nodes are defined in a Route-Policy, at least one of them should be in permit mode. When the parameter route-policy is used to filter routes, note the following: Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 618: Optional) Configuring The If-Match Clause

    The next hop, the source address or the multicast group address is configured to match the routes. l Run: if-match ip-prefix ip-prefix-name The IP prefix list is configured to match the routes. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 619: Optional) Configuring The Apply Clause

    Procedure Step 1 Run: system-view The system view is displayed. Step 2 Run: route-policy route-policy-name { permit | deny } node node The Route-Policy view is displayed. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 620: Checking The Configuration

    After the Route-Policy is configured, you can check information about the Route-Policy. Prerequisites The configurations for the Route-Policy are complete. Procedure Run the display route-policy [ route-policy-name ] command to check the Route-Policy. ----End Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 621: Applying Filters To Received Routes

    RIP, OSPF, IS-IS, and BGP. For details, refer to related configurations. Pre-configuration Tasks Before applying filters to received routes, complete the following tasks: Configuring the IP-Prefix List Configuring an ACL Configuring the Route-Policy Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 622: Filtering Routes Received By Rip

    If the route-policy is configured repeatedly, the new route-policy will replace the old route-policy. ----End 10.5.3 Filtering Routes Received by OSPF By applying filters, you can control the receiving of OSPF routes. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 623: Filtering Routes Received By Is-Is

    You can configure IS-IS to filter the received routes to be added to the IP routing table. ----End 10.5.5 Filtering Routes Received by BGP By applying filters, you can control the receiving of BGP routes. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 624: Checking The Configuration

    Prerequisites The configurations for applying filters to received routes are complete. Procedure Run the display rip process-id route command to check information about the RIP routing table. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 625: Applying Filters To Advertised Routes

    RIP) from other routing protocols. If the device has not imported any route in Import mode, it will not add LSAs or LSPs corresponding to the imported routes to its Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 626: Filtering Routes Advertised By Rip

    { acl-number | acl-name acl-name | ip-prefix ip-prefix-name } export [ protocol [ process-id ] | interface-type interface-number ] The filtering policy is configured for routes advertised by RIP. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 627: Filtering Routes Advertised By Ospf

    Step 1 Run: system-view The system view is displayed. Step 2 Run: isis [ process-id ] An IS-IS process is enabled and the IS-IS view is displayed. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 628: Filtering Routes Advertised By Bgp

    For the DV protocol, the routes imported and the routes discovered by the protocols are filtered. Filtering Routes Advertised to the Peers Do as follows on the switch that runs BGP: Run: system-view Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 629: Checking The Configuration

    ----End 10.7 Applying Filters to Imported Routes By applying the related filters of routing policies to routing protocols, you can filter imported routes. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 630: Establishing The Configuration Task

    10.7.2 Applying Route-Policy to Routes Imported by RIP By applying filters, you can control the import of RIP routes. Context Do as follows on the switch that runs RIP: Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 631: Applying Route-Policy To Routes Imported By Ospf

    10.7.4 Applying Route-Policy to Routes Imported by IS-IS By applying filters, you can control the import of IS-IS routes. Context Do as follows on the switch that runs IS-IS: Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 632: Applying Route-Policy To Routes Imported By Bgp

    The IPv4 unicast address family view is displayed. Step 4 Run: import-route protocol [ process-id ] [ med med | route-policy route-policy-name ] The external routes are imported. ----End Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 633: Checking The Configuration

    If the valid time of the routing policy is configured, when the commands used to configure the routing policy change, the RM does not notify various protocols of immediately Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 634: Configuring The Delay For Applying The Routing Policy

    Back to the user view. Step 4 (Optional) Run: refresh bgp all { export | import } BGP is configured to apply the new routing policy. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 635: Checking The Configuration

    Run reset ip ipv6-prefix [ ipv6-prefix-name ] command in the user view to clear the IPv6 prefix list statistics. ----End 10.10 Configuration Examples This section provides several configuration examples of the routing policy. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 636: Example For Filtering Received And Advertised Routes

    Configure the policy for advertising routes on Switch-A and check the filtering result on Switch-B. Configure the policy for receiving routes on Switch-C and check the filtering result on Switch-C. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 637 # Check the IP routing table on Switch-B. You view that the five static routes are imported to OSPF. [SwitchB] display ip routing-table Route Flags: R - relay, D - download to fib ------------------------------------------------------------------------------ Routing Tables: Public Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 638 [SwitchC] display ip routing-table Route Flags: R - relay, D - download to fib ------------------------------------------------------------------------------ Routing Tables: Public Destinations : 5 Routes : 5 Destination/Mask Proto Cost Flags NextHop Interface Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 639 10 interface XGigabitEthernet0/0/2 port link-type trunk port trunk allow-pass vlan 20 interface XGigabitEthernet0/0/3 port link-type trunk port trunk allow-pass vlan 30 ospf 1 area 0.0.0.0 Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 640: Example For Applying A Routing Policy To Imported Routes

    Switch-B is required to import IS-IS routes into OSPF and to use the routing policy to set the route attributes. The cost value of the route 172.17.1.0/24 is set to 100, and the tag of the route 172.17.2.0/24 is set to 20. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 641 100 and the tag of the route 172.17.2.0/24 is 20. Configuration Procedure Create a VLAN to which each interface belongs. The configuration details are not mentioned here. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 642 192.168.1.2 192.168.1.2 172.17.1.0/24 Type2 192.168.1.2 192.168.1.2 172.17.2.0/24 Type2 192.168.1.2 192.168.1.2 172.17.3.0/24 Type2 192.168.1.2 192.168.1.2 Total Nets: 5 Intra Area: 1 Inter Area: 0 ASE: 4 NSSA: 0 Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 643 SwitchA vlan batch 10 interface Vlanif10 ip address 192.168.1.1 255.255.255.0 interface XGigabitEthernet0/0/1 port link-type trunk port trunk allow-pass vlan 10 ospf 1 area 0.0.0.0 network 192.168.1.0 0.0.0.255 Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 644 192.168.2.1 255.255.255.0 isis enable 1 interface Vlanif30 ip address 172.17.1.1 255.255.255.0 isis enable 1 interface Vlanif40 ip address 172.17.2.1 255.255.255.0 isis enable 1 interface Vlanif50 Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 645 30 interface XGigabitEthernet0/0/3 port link-type trunk port trunk allow-pass vlan 40 interface XGigabitEthernet0/0/4 port link-type trunk port trunk allow-pass vlan 50 return Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 646: Mce Configuration

    This section describes how to configure static routes, RIP, OSPF, IS-IS, and BGP between an MCE and a PE. 11.6 MCE Configuration Examples This section provides several configuration examples of MCE. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 647: Mce Overview

    VPN. MCE isolates services of different VPNs by binding VLANIF interfaces to VPNs, and creating and maintaining an independent multi-VRF table for each VPN. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 648: Mce Functions Supported By The S6700

    PE, and between an MCE and a site, including static routes, the Routing Information Protocol (RIP), the Open Shortest Path First (OSPF), the Intermediate System-to-Intermediate System (IS-IS), and BGP. NOTE Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 649: Configuring A Vpn Instance

    You need to perform similar configurations on the PE; however, configuration commands and methods may be different because device manufacturers and types are different. For details, refer to manuals of corresponding products. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 650: Binding A Vpn Instance To A Vlanif Interface

    You also need to bind the interface connected to the MCE to a VPN instance on a PE. For details, refer to manuals of corresponding products. Procedure Step 1 Run the system-view command to enter the system view. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 651: Checking The Configuration

    MCE and PE and then configure a route multi-instance between an MCE and a site. Pre-configuration Tasks Before configuring a route multi-instance between an MCE and a site, complete the following task: Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 652: Optional) Configuring A Static Route Between An Mce And A Site

    Step 1 Run the system-view command to enter the system view. Step 2 Run the ip route-static vpn-instance vpn-source-name destination-address { mask | mask- length }{ interface-type interface-number [ gateway-address ] | vpn-instance vpn-destination- Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 653: Optional) Configuring Rip Between An Mce And A Site

    Step 3 (Optional) Run the import-route { limt limt-number | protocol [ process-id ] [ cost cost | route- policy route-policy-name |tag tag | type type ] } command to import routes from other routing protocols. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 654: Optional) Configuring Is-Is Between An Mce And A Site

    11.4.6 (Optional) Configuring BGP Between an MCE and a Site Context Do as follows on the MCE. You need to configure only routing protocols on a device in a site. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 655: Checking The Configuration

    MCE functions. Before configuring MCE functions, you need to perform the task of 11.3 Configuring a VPN Instance on the MCE and PE and then configure a route multi-instance between the MCE and PE. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 656: Optional) Configuring A Static Route Between An Mce And A Pe

    Do as follows on the MCE. You can use a static route on a PE, and can also use RIP, OSPF, IS-IS, or BGP. For details, refer to manuals of corresponding products. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 657: Optional) Configuring Rip Between An Mce And A Pe

    Step 2 Run the ospf [ process-id | router-id router-id | vpn-instance vpn-instance-name ] command to create an OSPF process used by a VPN instance and enter the OSPF view. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 658: Optional) Configuring Is-Is Between An Mce And A Pe

    If another routing protocol is run between an MCE and a site in this VPN, you need to perform this step. ----End 11.5.6 (Optional) Configuring BGP Between an MCE and a PE Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

  • Page 659: Checking The Configuration

    OSPF is run between the MCE and PE2. It is required that route isolation between VPNs be implemented on the MCE and routes of VPNs be advertised to the PE2 through OSPF. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 660 # Create VLANs on the MCE. <Quidway> system-view [Quidway] sysname MCE [MCE] vlan batch 10 20 30 40 # Add interfaces to the VLANs on the MCE. Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 661 [MCE-Vlanif30] ip binding vpn-instance vpnb [MCE-Vlanif30] ip address 172.18.1.2 16 [MCE-Vlanif30] quit [MCE] interface vlanif 40 [MCE-Vlanif40] ip binding vpn-instance vpna [MCE-Vlanif40] ip address 172.19.1.2 16 [MCE-Vlanif40] quit Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 662 Flags NextHop Interface 192.168.1.0/24 Direct 0 192.168.1.1 Vlanif10 192.168.1.1/32 Direct 0 127.0.0.1 Vlanif10 172.18.0.0/16 Direct 0 172.18.1.2 Vlanif30 172.18.1.1/32 Direct 0 172.18.1.1 Vlanif30 172.18.1.2/32 Direct 0 127.0.0.1 Vlanif30 Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 663 Configuration file of PE2 sysname PE2 ip vpn-instance vpna route-distinguisher 100:1 ip vpn-instance vpnb route-distinguisher 100:2 interface GigabitEthernet1/0/1.1 vlan-type dot1q 30 ip binding vpn-instance vpnb ip address 172.18.1.1 255.255.0.0 Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
  • Page 664 10 return Configuration file of CE4 sysname CE4 vlan batch 20 interface XGigabitEthernet0/0/1 port link-type trunk port trunk allow-pass vlan 20 return Issue 01 (2012-03-15) Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

Table of Contents